mirror of
https://github.com/hardkernel/linux.git
synced 2026-06-05 10:31:46 +09:00
9572c01cc652a564ec52007bbc92cdca4fa2df02
1074884 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
Eric Biggers
|
9572c01cc6 |
ANDROID: fips140: remove unnecessary no_sanitize(cfi)
gcc segfaults when compiling fips140-module.c because it doesn't like
__attribute__((__no_sanitize__("cfi"))) on fips140_init(). This
attribute is needed for clang. However this attribute is already
included in __init when the compiler is clang. Therefore, remove this
redundant attribute. (Later kernel branches have also switched to kcfi,
which doesn't need to be disabled here anyway.)
For futureproofing also use initcall_t from <linux/init.h>.
Bug: 349612732
Change-Id: Ic5cfaef177b58abf21f1737579d75b4df4d0d09c
Signed-off-by: Eric Biggers <ebiggers@google.com>
|
||
|
Hsiu-Chang Chen
|
51cc4ca498 |
ANDROID: Update the ABI symbol list
wlan vendor propose a feature to check the refcnt of netdev when interface register/unregister. Add `netdev_refcnt_read` into symbol list. Adding the following symbols: - netdev_refcnt_read Bug: 340118509 Change-Id: I6a2ad4bbfa13d01011729b764dfe92f4945a829e Signed-off-by: Hsiu-Chang Chen <hsiuchangchen@google.com> |
||
|
qinglin.li
|
6584213dfc |
ANDROID: GKI: Update symbol list for Amlogic
2 function symbol(s) added 'int __hid_register_driver(struct hid_driver*, struct module*, const char*)' 'void hid_unregister_driver(struct hid_driver*)' Bug: 349014537 Change-Id: I502c5796bb54943aa05f3b92340d59547f427638 Signed-off-by: Qinglin Li <qinglin.li@amlogic.com> |
||
|
qinglin.li
|
bff9ae6505 |
ANDROID: GKI: Update symbol list for Amlogic
1 function symbol(s) added 'int __traceiter_mm_page_free(void*, struct page*, unsigned int)' 1 variable symbol(s) added 'struct tracepoint __tracepoint_mm_page_free' Bug: 348514795 Change-Id: I72b8d931e9843f29296a0d11ef5a0f279d4003e1 Signed-off-by: Qinglin Li <qinglin.li@amlogic.com> |
||
|
qinglin.li
|
ce340041be |
ANDROID: mm: allow hooks into free_pages_prepare()
Allow drivers to register mm_page_free hooks when free pages. This helps to get page info when free pages exit. Bug: 348514795 Change-Id: I1f2e1844aa24836367da65e8bfe11f79e22713d4 Signed-off-by: Qinglin Li <qinglin.li@amlogic.com> |
||
|
qinglin.li
|
07782903f0 |
ANDROID: GKI: Update symbol list for Amlogic
1 function symbol(s) added 'int __traceiter_android_vh_look_around_migrate_page(void*, struct page*, struct page*)' 1 variable symbol(s) added 'struct tracepoint __tracepoint_android_vh_look_around_migrate_page' Bug: 348532035 Change-Id: I974d80843e4cdaf5ff80a9c1515cde1e3b5aad31 Signed-off-by: Qinglin Li <qinglin.li@amlogic.com> |
||
|
qinglin.li
|
a1a623f6fc |
ANDROID: vendor_hooks: Add hooks in migrate_page
Add hooks for support lookaround in migrate_page. When migrating pages, we need hook functions to get the page information. - android_vh_look_around_migrate_page Bug: 348532035 Change-Id: I7a48d7b1c7a0f42ea39e8ec4c6bb0ae1eeb44443 Signed-off-by: Qinglin Li <qinglin.li@amlogic.com> |
||
|
qinglin.li
|
770d491907 |
ANDROID: GKI: Update symbol list for Amlogic
24 function symbol(s) added 'int LZ4_decompress_safe(const char*, char*, int, int)' 'int LZ4_decompress_safe_partial(const char*, char*, int, int, int)' 'void* __xa_cmpxchg(struct xarray*, unsigned long, void*, void*, gfp_t)' 'int add_to_page_cache_lru(struct page*, struct address_space*, unsigned long, gfp_t)' 'u32 crc32c(u32, const void*, unsigned int)' 'ssize_t filemap_read(struct kiocb*, struct iov_iter*, ssize_t)' 'unsigned char fs_ftype_to_dtype(unsigned int)' 'int fs_param_is_enum(struct p_log*, const struct fs_parameter_spec*, struct fs_parameter*, struct fs_parse_result*)' 'int generic_file_readonly_mmap(struct file*, struct vm_area_struct*)' 'sector_t iomap_bmap(struct address_space*, sector_t, const struct iomap_ops*)' 'ssize_t iomap_dio_rw(struct kiocb*, struct iov_iter*, const struct iomap_ops*, const struct iomap_dio_ops*, unsigned int, size_t)' 'int iomap_fiemap(struct inode*, struct fiemap_extent_info*, u64, u64, const struct iomap_ops*)' 'void iomap_readahead(struct readahead_control*, const struct iomap_ops*)' 'int iomap_readpage(struct page*, const struct iomap_ops*)' 'int kset_register(struct kset*)' 'struct kthread_worker* kthread_create_worker_on_cpu(int, unsigned int, const char*, ...)' 'ssize_t noop_direct_IO(struct kiocb*, struct iov_iter*)' 'int out_of_line_wait_on_bit_lock(void*, int, wait_bit_action_f*, unsigned int)' 'const char* page_get_link(struct dentry*, struct inode*, struct delayed_call*)' 's32 phy_get_internal_delay(struct phy_device*, struct device*, const int*, int, bool)' 'struct posix_acl* posix_acl_from_xattr(struct user_namespace*, const void*, size_t)' 'struct page* read_cache_page_gfp(struct address_space*, unsigned long, gfp_t)' 'void readahead_expand(struct readahead_control*, loff_t, size_t)' 'const char* simple_get_link(struct dentry*, struct inode*, struct delayed_call*)' 5 variable symbol(s) added 'const struct file_operations generic_ro_fops' 'unsigned long phy_basic_features[2]' 'unsigned long phy_gbit_features[2]' 'const struct xattr_handler posix_acl_access_xattr_handler' 'const struct xattr_handler posix_acl_default_xattr_handler' Bug: 346510357 Change-Id: Id459e209c663df3a9533eaacfdf1ddbaf8d101aa Signed-off-by: Qinglin Li <qinglin.li@amlogic.com> |
||
|
Kuniyuki Iwashima
|
685a016cde |
UPSTREAM: af_unix: Update unix_sk(sk)->oob_skb under sk_receive_queue lock.
[ Upstream commit 9841991a446c87f90f66f4b9fee6fe934c1336a2 ] Billy Jheng Bing-Jhong reported a race between __unix_gc() and queue_oob(). __unix_gc() tries to garbage-collect close()d inflight sockets, and then if the socket has MSG_OOB in unix_sk(sk)->oob_skb, GC will drop the reference and set NULL to it locklessly. However, the peer socket still can send MSG_OOB message and queue_oob() can update unix_sk(sk)->oob_skb concurrently, leading NULL pointer dereference. [0] To fix the issue, let's update unix_sk(sk)->oob_skb under the sk_receive_queue's lock and take it everywhere we touch oob_skb. Note that we defer kfree_skb() in manage_oob() to silence lockdep false-positive (See [1]). [0]: BUG: kernel NULL pointer dereference, address: 0000000000000008 PF: supervisor write access in kernel mode PF: error_code(0x0002) - not-present page PGD 8000000009f5e067 P4D 8000000009f5e067 PUD 9f5d067 PMD 0 Oops: 0002 [#1] PREEMPT SMP PTI CPU: 3 PID: 50 Comm: kworker/3:1 Not tainted 6.9.0-rc5-00191-gd091e579b864 #110 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 Workqueue: events delayed_fput RIP: 0010:skb_dequeue (./include/linux/skbuff.h:2386 ./include/linux/skbuff.h:2402 net/core/skbuff.c:3847) Code: 39 e3 74 3e 8b 43 10 48 89 ef 83 e8 01 89 43 10 49 8b 44 24 08 49 c7 44 24 08 00 00 00 00 49 8b 14 24 49 c7 04 24 00 00 00 00 <48> 89 42 08 48 89 10 e8 e7 c5 42 00 4c 89 e0 5b 5d 41 5c c3 cc cc RSP: 0018:ffffc900001bfd48 EFLAGS: 00000002 RAX: 0000000000000000 RBX: ffff8880088f5ae8 RCX: 00000000361289f9 RDX: 0000000000000000 RSI: 0000000000000206 RDI: ffff8880088f5b00 RBP: ffff8880088f5b00 R08: 0000000000080000 R09: 0000000000000001 R10: 0000000000000003 R11: 0000000000000001 R12: ffff8880056b6a00 R13: ffff8880088f5280 R14: 0000000000000001 R15: ffff8880088f5a80 FS: 0000000000000000(0000) GS:ffff88807dd80000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000000000008 CR3: 0000000006314000 CR4: 00000000007506f0 PKRU: 55555554 Call Trace: <TASK> unix_release_sock (net/unix/af_unix.c:654) unix_release (net/unix/af_unix.c:1050) __sock_release (net/socket.c:660) sock_close (net/socket.c:1423) __fput (fs/file_table.c:423) delayed_fput (fs/file_table.c:444 (discriminator 3)) process_one_work (kernel/workqueue.c:3259) worker_thread (kernel/workqueue.c:3329 kernel/workqueue.c:3416) kthread (kernel/kthread.c:388) ret_from_fork (arch/x86/kernel/process.c:153) ret_from_fork_asm (arch/x86/entry/entry_64.S:257) </TASK> Modules linked in: CR2: 0000000000000008 Bug: 342490466 Link: https://lore.kernel.org/netdev/a00d3993-c461-43f2-be6d-07259c98509a@rbox.co/ [1] Fixes: 1279f9d9dec2 ("af_unix: Call kfree_skb() for dead unix_(sk)->oob_skb in GC.") Reported-by: Billy Jheng Bing-Jhong <billy@starlabs.sg> Signed-off-by: Kuniyuki Iwashima <kuniyu@amazon.com> Link: https://lore.kernel.org/r/20240516134835.8332-1-kuniyu@amazon.com Signed-off-by: Paolo Abeni <pabeni@redhat.com> Signed-off-by: Sasha Levin <sashal@kernel.org> (cherry picked from commit 518a994aa0b87d96f1bc6678a7035df5d1fcd7a1) Signed-off-by: Lee Jones <joneslee@google.com> Change-Id: Ibf78b113496b5388a63207e7e582f77ddda8dec5 |
||
|
Kuniyuki Iwashima
|
5c86c33a36 |
UPSTREAM: af_unix: Don't peek OOB data without MSG_OOB.
[ Upstream commit 22dd70eb2c3d754862964377a75abafd3167346b ]
Currently, we can read OOB data without MSG_OOB by using MSG_PEEK
when OOB data is sitting on the front row, which is apparently
wrong.
>>> from socket import *
>>> c1, c2 = socketpair(AF_UNIX, SOCK_STREAM)
>>> c1.send(b'a', MSG_OOB)
1
>>> c2.recv(1, MSG_PEEK | MSG_DONTWAIT)
b'a'
If manage_oob() is called when no data has been copied, we only
check if the socket enables SO_OOBINLINE or MSG_PEEK is not used.
Otherwise, the skb is returned as is.
However, here we should return NULL if MSG_PEEK is set and no data
has been copied.
Also, in such a case, we should not jump to the redo label because
we will be caught in the loop and hog the CPU until normal data
comes in.
Then, we need to handle skb == NULL case with the if-clause below
the manage_oob() block.
With this patch:
>>> from socket import *
>>> c1, c2 = socketpair(AF_UNIX, SOCK_STREAM)
>>> c1.send(b'a', MSG_OOB)
1
>>> c2.recv(1, MSG_PEEK | MSG_DONTWAIT)
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
BlockingIOError: [Errno 11] Resource temporarily unavailable
Bug: 342490466
Fixes:
|
||
|
Kuniyuki Iwashima
|
3169d3641a |
UPSTREAM: af_unix: Clear stale u->oob_skb.
[ Upstream commit b46f4eaa4f0ec38909fb0072eea3aeddb32f954e ]
syzkaller started to report deadlock of unix_gc_lock after commit
4090fa373f0e ("af_unix: Replace garbage collection algorithm."), but
it just uncovers the bug that has been there since commit
|
||
|
Jaegeuk Kim
|
96ed674e54 |
Revert "f2fs: fix to tag gcing flag on page during block migration"
This reverts commit
|
||
|
Yifan Hong
|
e7eba5a1a1 |
ANDROID: Delete obsolete 16k_gki.fragment.
The correct fragment is the one in build/kernel, enabled by --page_size or kernel_build.page_size. This fragment: - Does not correctly enable incremental FS - Does not correctly clear LOCALVERSION that has 4k for the 4k build. Bug: 347036722 Bug: 340631213 Bug: 338659380 Change-Id: I31cb004ca639d8ec3dd6201112391c7214971eba Signed-off-by: Yifan Hong <elsk@google.com> |
||
|
Jaegeuk Kim
|
1491b90287 |
BACKPORT: f2fs: clear writeback when compression failed
Let's stop issuing compressed writes and clear their writeback flags. Bug: 345273844 Reviewed-by: Daeho Jeong <daehojeong@google.com> Reviewed-by: Chao Yu <chao@kernel.org> Change-Id: I69835bbcf0ac993cc03b11bcd7bdcfa2ff2bbd4a Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org> (cherry picked from commit 2174035a7f1148a52f5a3f371f04224168b5b00a) |
||
|
Kalesh Singh
|
2f956cbb31 |
ANDROID: 16K: Only check basename of linker context
Depending on the platform binary being executed, the linker
(interpreter) requested can be one of:
1) /system/bin/bootstrap/linker64
2) /system/bin/linker64
3) /apex/com.android.runtime/bin/linker64
Relax the check to the basename (linker64), instead of the path.
Bug: 330767927
Bug: 335584973
Change-Id: I4a1f95b7cecd126f85ad8cefd9ff10d272947f9e
Signed-off-by: Kalesh Singh <kaleshsingh@google.com>
|
||
|
Giuliano Procida
|
d6164e38a3 |
ANDROID: arm64: vdso32: support user-supplied flags
This introduces a new environment variable, KCPPFLAGS_COMPAT. One use-case is to ensure -ffile-prefix-map is passed to the arm32 compiler to normalise compilation directory and make the ELF build ID reproducible. Bug: 345452375 Change-Id: I6ae1df58172f4dadeac1dbbee2e3241b704a9256 Signed-off-by: Giuliano Procida <gprocida@google.com> |
||
|
Mikko Rapeli
|
7869fec72d |
UPSTREAM: mmc: core: Avoid negative index with array access
Commit 4d0c8d0aef63 ("mmc: core: Use mrq.sbc in close-ended ffu") assigns
prev_idata = idatas[i - 1], but doesn't check that the iterator i is
greater than zero. Let's fix this by adding a check.
Fixes: 4d0c8d0aef63 ("mmc: core: Use mrq.sbc in close-ended ffu")
Link: https://lore.kernel.org/all/20231129092535.3278-1-avri.altman@wdc.com/
Cc: stable@vger.kernel.org
Change-Id: I52c750e0a5c182e71b973a2c7e6b027c3da4fbb1
Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org>
Reviewed-by: Avri Altman <avri.altman@wdc.com>
Tested-by: Francesco Dolcini <francesco.dolcini@toradex.com>
Link: https://lore.kernel.org/r/20240313133744.2405325-2-mikko.rapeli@linaro.org
Signed-off-by: Ulf Hansson <ulf.hansson@linaro.org>
Signed-off-by: yenchia.chen <yenchia.chen@mediatek.com>
(cherry picked from commit cf55a7acd1ed38afe43bba1c8a0935b51d1dc014)
Bug: 345591090
|
||
|
Mikko Rapeli
|
417f08dfa0 |
UPSTREAM: mmc: core: Initialize mmc_blk_ioc_data
Commit 4d0c8d0aef63 ("mmc: core: Use mrq.sbc in close-ended ffu") adds
flags uint to struct mmc_blk_ioc_data, but it does not get initialized for
RPMB ioctls which now fails.
Let's fix this by always initializing the struct and flags to zero.
Fixes: 4d0c8d0aef63 ("mmc: core: Use mrq.sbc in close-ended ffu")
Closes: https://bugzilla.kernel.org/show_bug.cgi?id=218587
Link: https://lore.kernel.org/all/20231129092535.3278-1-avri.altman@wdc.com/
Cc: stable@vger.kernel.org
Change-Id: I48918f076bb718bc93e5e2fbb9a70851df515a37
Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org>
Reviewed-by: Avri Altman <avri.altman@wdc.com>
Acked-by: Adrian Hunter <adrian.hunter@intel.com>
Tested-by: Francesco Dolcini <francesco.dolcini@toradex.com>
Link: https://lore.kernel.org/r/20240313133744.2405325-1-mikko.rapeli@linaro.org
Signed-off-by: Ulf Hansson <ulf.hansson@linaro.org>
Signed-off-by: yenchia.chen <yenchia.chen@mediatek.com>
(cherry picked from commit 0cdfe5b0bf295c0dee97436a8ed13336933a0211)
Bug: 345591090
|
||
|
Robin Hsu
|
d86f55a38e |
ANDROID: Pixel: Add missing symbol to symbol list
Pixel MM Metrics:
add the missing symbol 'seq_put_decimal_ll' and re-do update list
Bug: 299190787
Test: local build
Change-Id: I005ccfa15cee8252bc51242460bbab9b7d0eb2ab
Signed-off-by: Robin Hsu <robinhsu@google.com>
|
||
|
yenchia.chen
|
699d87745a |
ANDROID: GKI: update mtktv symbol
11 function symbol(s) added 'void usbnet_cdc_unbind(struct usbnet*, struct usb_interface*)' 'void usbnet_disconnect(struct usb_interface*)' 'int usbnet_generic_cdc_bind(struct usbnet*, struct usb_interface*)' 'int usbnet_open(struct net_device*)' 'int usbnet_probe(struct usb_interface*, const struct usb_device_id*)' 'int usbnet_resume(struct usb_interface*)' 'void usbnet_skb_return(struct usbnet*, struct sk_buff*)' 'netdev_tx_t usbnet_start_xmit(struct sk_buff*, struct net_device*)' 'int usbnet_stop(struct net_device*)' 'int usbnet_suspend(struct usb_interface*, pm_message_t)' 'void usbnet_tx_timeout(struct net_device*, unsigned int)' Bug: 344792547 Change-Id: I5954a9e53e2a4687ac39d51378d4e519c74e9685 Signed-off-by: yenchia.chen <yenchia.chen@mediatek.com> |
||
|
Yifan Hong
|
7f18f2a32a |
ANDROID: set rewrite_absolute_paths_in_config for GKI aarch64.
For GKI targets with kmi_symbol_list set,
also set rewrite_absolute_paths_in_config to True
so that CONFIG_UNUSED_KSYMS_WHITELIST is not an
absolute path any more, increasing reproducibility
on different machines.
This is made possible with
|
||
|
Roy Luo
|
0f96f3a53c |
BACKPORT: USB: gadget: core: create sysfs link between udc and gadget
udc device and gadget device are tightly coupled, yet there's no good way to corelate the two. Add a sysfs link in udc that points to the corresponding gadget device. An example use case: userspace configures a f_midi configfs driver and bind the udc device, then it tries to locate the corresponding midi device, which is a child device of the gadget device. The gadget device that's associated to the udc device has to be identified in order to index the midi device. Having a sysfs link would make things much easier. Signed-off-by: Roy Luo <royluo@google.com> Link: https://lore.kernel.org/r/20240307030922.3573161-1-royluo@google.com Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> Bug: 333778731 Change-Id: I9e3f782543eba5e026a65031aaae754daafb69ab (cherry picked from commit 0ef40f399aa2be8c04aee9b7430705612c104ce5) [royluo: Resolved conflict in drivers/usb/gadget/udc/core.c ] Signed-off-by: Roy Luo <royluo@google.com> |
||
|
Auditya Bhattaram
|
eef06c5488 |
ANDROID: Add __nocfi return for swsusp_arch_resume
Resolve the CFI failure problem encountered during the restoration of the hibernation snapshot image. Bug: 340049585 Signed-off-by: Mukesh Pilaniya <quic_mpilaniy@quicinc.com> Signed-off-by: Auditya Bhattaram <quic_audityab@quicinc.com> Signed-off-by: Kamati Srinivas <quic_kamasrin@quicinc.com> (cherry picked from https://android-review.googlesource.com/q/commit:93f0348ea15b65656e1c2f909de3dd3bbf26599f) Merged-In: I1f8f2c38e9d02a177c0cadb066419bf7edd66085 Change-Id: I1f8f2c38e9d02a177c0cadb066419bf7edd66085 |
||
|
Greg Kroah-Hartman
|
9a84d60e35 |
ANDROID: ABI fixup for abi break in struct dst_ops
In commit 92f1655aa2b2 ("net: fix __dst_negative_advice() race") the
struct dst_ops callback negative_advice is callback changes function
parameters. But as this pointer is part of a structure that is tracked
in the ABI checker, the tool triggers when this is changed.
However, the callback pointer is internal to the networking stack, so
changing the function type is safe, so needing to preserve this is not
required. To do so, switch the function pointer type back to the old
one so that the checking tools pass, AND then do a hard cast of the
function pointer to the new type when assigning and calling the
function.
Bug: 343727534
Fixes: 92f1655aa2b2 ("net: fix __dst_negative_advice() race")
Change-Id: I48d4ab4bbd29f8edc8fbd7923828b7f78a23e12e
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
|
||
|
Eric Dumazet
|
9b0dadc811 |
BACKPORT: net: fix __dst_negative_advice() race
__dst_negative_advice() does not enforce proper RCU rules when
sk->dst_cache must be cleared, leading to possible UAF.
RCU rules are that we must first clear sk->sk_dst_cache,
then call dst_release(old_dst).
Note that sk_dst_reset(sk) is implementing this protocol correctly,
while __dst_negative_advice() uses the wrong order.
Given that ip6_negative_advice() has special logic
against RTF_CACHE, this means each of the three ->negative_advice()
existing methods must perform the sk_dst_reset() themselves.
Note the check against NULL dst is centralized in
__dst_negative_advice(), there is no need to duplicate
it in various callbacks.
Many thanks to Clement Lecigne for tracking this issue.
This old bug became visible after the blamed commit, using UDP sockets.
Bug: 343727534
Fixes:
|
||
|
Andrei Ciubotariu
|
42528b83af |
ANDROID: GKI: Update symbol list for Pixel Watch
Bug: 332548598 Change-Id: I0843ed59b917daeb04b179e5ed26be52fbe52909 Signed-off-by: Andrei Ciubotariu <aciubotariu@google.com> |
||
|
Yifan Hong
|
d94e16579b |
Revert^2 "BACKPORT: FROMGIT: module: allow UNUSED_KSYMS_WHITELIST ..."
This reverts commit
|
||
|
Greg Kroah-Hartman
|
81d41dd61b |
Merge tag 'android14-5.15.149_r00' into branch android14-5.15
This catches the android14-5.15 branch up to date with the 5.15.149 LTS release. Included in here are the following commits: * |
||
|
John Stultz
|
73bef21507 |
UPSTREAM: selftests: timers: Fix valid-adjtimex signed left-shift undefined behavior
[ Upstream commit 076361362122a6d8a4c45f172ced5576b2d4a50d ]
The struct adjtimex freq field takes a signed value who's units are in
shifted (<<16) parts-per-million.
Unfortunately for negative adjustments, the straightforward use of:
freq = ppm << 16 trips undefined behavior warnings with clang:
valid-adjtimex.c:66:6: warning: shifting a negative signed value is undefined [-Wshift-negative-value]
-499<<16,
~~~~^
valid-adjtimex.c:67:6: warning: shifting a negative signed value is undefined [-Wshift-negative-value]
-450<<16,
~~~~^
..
Fix it by using a multiply by (1 << 16) instead of shifting negative values
in the valid-adjtimex test case. Align the values for better readability.
Bug: 339526723
Reported-by: Lee Jones <joneslee@google.com>
Reported-by: Muhammad Usama Anjum <usama.anjum@collabora.com>
Change-Id: Ied611c13a802acf9c7a2427f0a61eb358b571a3d
Signed-off-by: John Stultz <jstultz@google.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Reviewed-by: Muhammad Usama Anjum <usama.anjum@collabora.com>
Link: https://lore.kernel.org/r/20240409202222.2830476-1-jstultz@google.com
Link: https://lore.kernel.org/lkml/0c6d4f0d-2064-4444-986b-1d1ed782135f@collabora.com/
Signed-off-by: Sasha Levin <sashal@kernel.org>
(cherry picked from commit
|
||
|
Eric Dumazet
|
58719dc95f |
UPSTREAM: netlink: hold nlk->cb_mutex longer in __netlink_dump_start()
__netlink_dump_start() releases nlk->cb_mutex right before calling netlink_dump() which grabs it again. This seems dangerous, even if KASAN did not bother yet. Add a @lock_taken parameter to netlink_dump() to let it grab the mutex if called from netlink_recvmsg() only. Signed-off-by: Eric Dumazet <edumazet@google.com> Reviewed-by: Jiri Pirko <jiri@nvidia.com> Signed-off-by: David S. Miller <davem@davemloft.net> (cherry picked from commit b5590270068c4324dac4a2b5a4a156e02e21339f) Bug: 339546075 Change-Id: I29a711ea804794b556674011cbd23c5bf9a03ab6 Signed-off-by: yenchia.chen <yenchia.chen@mediatek.com> Signed-off-by: Carlos Llamas <cmllamas@google.com> |
||
|
Eric Dumazet
|
e94d70c73a |
UPSTREAM: netlink: annotate data-races around sk->sk_err
commit |
||
|
Eric Dumazet
|
c0e59dab58 |
UPSTREAM: netlink: annotate lockless accesses to nlk->max_recvmsg_len
commit |
||
|
Paul Lawrence
|
8d122b23ed |
ANDROID: incremental-fs: Make work with 16k pages
Bug: 260919895 Test: incfs_test passes Signed-off-by: Paul Lawrence <paullawrence@google.com> Change-Id: Ia4fbb6011930b085bc00a36851e9b0e8559d3dc5 (cherry picked from commit 5ac10739bcf2dae9220a7a39392aa41235bc64c2) |
||
|
Yifan Hong
|
b7d4cf60e7 |
Revert "BACKPORT: FROMGIT: module: allow UNUSED_KSYMS_WHITELIST ..."
Revert submission 3101887-android14-ksyms-wl Reason for revert: Restore green in release builds Reverted changes: /q/submissionid:3101887-android14-ksyms-wl Change-Id: Ia6c694be720c7a07abdfee6a4720a4518ea59141 |
||
|
Yifan Hong
|
acacba8bfa |
BACKPORT: FROMGIT: module: allow UNUSED_KSYMS_WHITELIST to be relative against objtree.
If UNUSED_KSYMS_WHITELIST is a file generated before Kbuild runs, and the source tree is in a read-only filesystem, the developer must put the file somewhere and specify an absolute path to UNUSED_KSYMS_WHITELIST. This worked, but if IKCONFIG=y, an absolute path is embedded into .config and eventually into vmlinux, causing the build to be less reproducible when building on a different machine. This patch makes the handling of UNUSED_KSYMS_WHITELIST to be similar to MODULE_SIG_KEY. First, check if UNUSED_KSYMS_WHITELIST is an absolute path, just as before this patch. If so, use the path as is. If it is a relative path, use wildcard to check the existence of the file below objtree first. If it does not exist, fall back to the original behavior of adding $(srctree)/ before the value. After this patch, the developer can put the generated file in objtree, then use a relative path against objtree in .config, eradicating any absolute paths that may be evaluated differently on different machines. Signed-off-by: Yifan Hong <elsk@google.com> Reviewed-by: Elliot Berman <quic_eberman@quicinc.com> Signed-off-by: Luis Chamberlain <mcgrof@kernel.org> (cherry picked from commit a2e3c811938b4902725e259c03b2d6c539613992 https://git.kernel.org/pub/scm/linux/kernel/git/mcgrof/linux.git modules-next) Bug: 333769605 Change-Id: I0696ac8f686329795034ada5a4587af4ecbb774f [elsk: apply change to gen_autoksyms.sh instead because CONFIG_UNUSED_KSYMS_WHITELIST is parsed there. Revert change to Makefile.modpost. Edit init/Kconfig instead of kernel/module/Kconfig because UNUSED_KSYMS_WHITELIST is defined there.] Bug: 342390208 Signed-off-by: Yifan Hong <elsk@google.com> |
||
|
Robin Hsu
|
d19f3c553a |
ANDROID: export one function for mm metrics
export function for sysfs node formating Bug: 299190787 Change-Id: I71e6a0815efa8df99d036bf457b8a0081999f3de Signed-off-by: Robin Hsu <robinhsu@google.com> |
||
|
Kyle Tso
|
de30e28ba8 |
FROMLIST: usb: typec: tcpm: Ignore received Hard Reset in TOGGLING state
Similar to what fixed in Commit a6fe37f428c1 ("usb: typec: tcpm: Skip
hard reset when in error recovery"), the handling of the received Hard
Reset has to be skipped during TOGGLING state.
[ 4086.021288] VBUS off
[ 4086.021295] pending state change SNK_READY -> SNK_UNATTACHED @ 650 ms [rev2 NONE_AMS]
[ 4086.022113] VBUS VSAFE0V
[ 4086.022117] state change SNK_READY -> SNK_UNATTACHED [rev2 NONE_AMS]
[ 4086.022447] VBUS off
[ 4086.022450] state change SNK_UNATTACHED -> SNK_UNATTACHED [rev2 NONE_AMS]
[ 4086.023060] VBUS VSAFE0V
[ 4086.023064] state change SNK_UNATTACHED -> SNK_UNATTACHED [rev2 NONE_AMS]
[ 4086.023070] disable BIST MODE TESTDATA
[ 4086.023766] disable vbus discharge ret:0
[ 4086.023911] Setting usb_comm capable false
[ 4086.028874] Setting voltage/current limit 0 mV 0 mA
[ 4086.028888] polarity 0
[ 4086.030305] Requesting mux state 0, usb-role 0, orientation 0
[ 4086.033539] Start toggling
[ 4086.038496] state change SNK_UNATTACHED -> TOGGLING [rev2 NONE_AMS]
// This Hard Reset is unexpected
[ 4086.038499] Received hard reset
[ 4086.038501] state change TOGGLING -> HARD_RESET_START [rev2 HARD_RESET]
Fixes:
|
||
|
Carlos Llamas
|
fb512eac3c |
ANDROID: binder: fix ptrdiff_t printk-format issue
The correct printk format specifier when calculating buffer offsets
should be "%tx" as it is a pointer difference (a.k.a ptrdiff_t). This
fixes some W=1 build warnings reported by the kernel test robot.
Bug: 329799092
Fixes:
|
||
|
hulianqin
|
2526c59f3f |
ANDROID: usb: Optimize the problem of slow transfer rate in USB accessory mode
The data transfer rate using Google Restore in USB3.2 mode is slower,
only about 140MB/s at 5Gbps.
The bMaxBurst is not set, and num_fifos in
dwc3_gadget_resize_tx_fifosis 1, which results
in only 131btye of dwc3 ram space being allocated to ep.
Modify bMaxBurst to 6.
The 5Gbps rate increases from 140MB/s to 350MB/s.
The 10Gbps rate is increased from 220MB/s to 500MB/s.
Bug: 340049583
BUG: 341178033
Change-Id: I5710af32c72d0b57afaecc00c4f0909af4b9a299
Signed-off-by: Lianqin Hu <hulianqin@vivo.corp-partner.google.com>
Signed-off-by: Lianqin Hu <hulianqin@vivo.com>
(cherry picked from commit
|
||
|
RD Babiera
|
5981994114 |
UPSTREAM: usb: typec: tcpm: clear pd_event queue in PORT_RESET
When a Fast Role Swap control message attempt results in a transition
to ERROR_RECOVERY, the TCPC can still queue a TCPM_SOURCING_VBUS event.
If the event is queued but processed after the tcpm_reset_port() call
in the PORT_RESET state, then the following occurs:
1. tcpm_reset_port() calls tcpm_init_vbus() to reset the vbus sourcing and
sinking state
2. tcpm_pd_event_handler() turns VBUS on before the port is in the default
state.
3. The port resolves as a sink. In the SNK_DISCOVERY state,
tcpm_set_charge() cannot set vbus to charge.
Clear pd events within PORT_RESET to get rid of non-applicable events.
Fixes:
|
||
|
RD Babiera
|
1167a6a15c |
BACKPORT: usb: typec: tcpm: enforce ready state when queueing alt mode vdm
Before sending Enter Mode for an Alt Mode, there is a gap between Discover
Modes and the Alt Mode driver queueing the Enter Mode VDM for the port
partner to send a message to the port.
If this message results in unregistering Alt Modes such as in a DR_SWAP,
then the following deadlock can occur with respect to the DisplayPort Alt
Mode driver:
1. The DR_SWAP state holds port->lock. Unregistering the Alt Mode driver
results in a cancel_work_sync() that waits for the current dp_altmode_work
to finish.
2. dp_altmode_work makes a call to tcpm_altmode_enter. The deadlock occurs
because tcpm_queue_vdm_unlock attempts to hold port->lock.
Before attempting to grab the lock, ensure that the port is in a state
vdm_run_state_machine can run in. Alt Mode unregistration will not occur
in these states.
Fixes:
|
||
|
Chao Yu
|
ab87c12aa2 |
BACKPORT: f2fs: sysfs: support discard_io_aware
It gives a way to enable/disable IO aware feature for background discard, so that we can tune background discard more precisely based on undiscard condition. e.g. force to disable IO aware if there are large number of discard extents, and discard IO may always be interrupted by frequent common IO. Bug:340148900 Signed-off-by: Chao Yu <chao@kernel.org> Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org> (cherry picked from commit d346fa09abff46988de9267b67b6900d9913d5a2) Change-Id: Icff98ecc1f9e3a294afa08cfe2e8ba4e9f7fdaf3 |
||
|
qinglin.li
|
1f9a0ccd86 |
ANDROID: GKI: Update symbol list for Amlogic
1 function symbol(s) added 'int thermal_zone_bind_cooling_device(struct thermal_zone_device*, int, struct thermal_cooling_device*, unsigned long, unsigned long, unsigned int)' Bug: 339356479 Change-Id: Ic83d54a0be3156194b4bebf78ca4cfcc2ef30290 Signed-off-by: Qinglin Li <qinglin.li@amlogic.com> |
||
|
Vincent Donnefort
|
62000bb037 |
ANDROID: KVM: arm64: wait_for_initramfs for pKVM module loading procfs
Of course, the initramfs needs to be ready before procfs can be mounted... in the initramfs. While at it, only mount if a pKVM module must be loaded and only print a warning in case of failure. Bug: 278749606 Bug: 301483379 Bug: 331152809 Change-Id: Ie56bd26d4575f69cb1f06ba6317a098649f6da44 Reported-by: Mankyum Kim <mankyum.kim@samsung-slsi.corp-partner.google.com> Signed-off-by: Vincent Donnefort <vdonnefort@google.com> (cherry picked from commit 7d5843b59548672c23c977b4666c3779d31695fb) |
||
|
Badhri Jagan Sridharan
|
d5eef65564 |
BACKPORT: FROMGIT: usb: typec: tcpm: Check for port partner validity before consuming it
typec_register_partner() does not guarantee partner registration
to always succeed. In the event of failure, port->partner is set
to the error value or NULL. Given that port->partner validity is
not checked, this results in the following crash:
Unable to handle kernel NULL pointer dereference at virtual address 00000000000003c0
pc : run_state_machine+0x1bc8/0x1c08
lr : run_state_machine+0x1b90/0x1c08
..
Call trace:
run_state_machine+0x1bc8/0x1c08
tcpm_state_machine_work+0x94/0xe4
kthread_worker_fn+0x118/0x328
kthread+0x1d0/0x23c
ret_from_fork+0x10/0x20
To prevent the crash, check for port->partner validity before
derefencing it in all the call sites.
Cc: stable@vger.kernel.org
Fixes:
|
||
|
Nathan Chancellor
|
4dd58977f2 |
BACKPORT: FROMGIT: kbuild: Remove support for Clang's ThinLTO caching
There is an issue in clang's ThinLTO caching (enabled for the kernel via
'--thinlto-cache-dir') with .incbin, which the kernel occasionally uses
to include data within the kernel, such as the .config file for
/proc/config.gz. For example, when changing the .config and rebuilding
vmlinux, the copy of .config in vmlinux does not match the copy of
.config in the build folder:
$ echo 'CONFIG_LTO_NONE=n
CONFIG_LTO_CLANG_THIN=y
CONFIG_IKCONFIG=y
CONFIG_HEADERS_INSTALL=y' >kernel/configs/repro.config
$ make -skj"$(nproc)" ARCH=x86_64 LLVM=1 clean defconfig repro.config vmlinux
...
$ grep CONFIG_HEADERS_INSTALL .config
CONFIG_HEADERS_INSTALL=y
$ scripts/extract-ikconfig vmlinux | grep CONFIG_HEADERS_INSTALL
CONFIG_HEADERS_INSTALL=y
$ scripts/config -d HEADERS_INSTALL
$ make -kj"$(nproc)" ARCH=x86_64 LLVM=1 vmlinux
...
UPD kernel/config_data
GZIP kernel/config_data.gz
CC kernel/configs.o
...
LD vmlinux
...
$ grep CONFIG_HEADERS_INSTALL .config
# CONFIG_HEADERS_INSTALL is not set
$ scripts/extract-ikconfig vmlinux | grep CONFIG_HEADERS_INSTALL
CONFIG_HEADERS_INSTALL=y
Without '--thinlto-cache-dir' or when using full LTO, this issue does
not occur.
Benchmarking incremental builds on a few different machines with and
without the cache shows a 20% increase in incremental build time without
the cache when measured by touching init/main.c and running 'make all'.
ARCH=arm64 defconfig + CONFIG_LTO_CLANG_THIN=y on an arm64 host:
Benchmark 1: With ThinLTO cache
Time (mean ± σ): 56.347 s ± 0.163 s [User: 83.768 s, System: 24.661 s]
Range (min … max): 56.109 s … 56.594 s 10 runs
Benchmark 2: Without ThinLTO cache
Time (mean ± σ): 67.740 s ± 0.479 s [User: 718.458 s, System: 31.797 s]
Range (min … max): 67.059 s … 68.556 s 10 runs
Summary
With ThinLTO cache ran
1.20 ± 0.01 times faster than Without ThinLTO cache
ARCH=x86_64 defconfig + CONFIG_LTO_CLANG_THIN=y on an x86_64 host:
Benchmark 1: With ThinLTO cache
Time (mean ± σ): 85.772 s ± 0.252 s [User: 91.505 s, System: 8.408 s]
Range (min … max): 85.447 s … 86.244 s 10 runs
Benchmark 2: Without ThinLTO cache
Time (mean ± σ): 103.833 s ± 0.288 s [User: 232.058 s, System: 8.569 s]
Range (min … max): 103.286 s … 104.124 s 10 runs
Summary
With ThinLTO cache ran
1.21 ± 0.00 times faster than Without ThinLTO cache
While it is unfortunate to take this performance improvement off the
table, correctness is more important. If/when this is fixed in LLVM, it
can potentially be brought back in a conditional manner. Alternatively,
a developer can just disable LTO if doing incremental compiles quickly
is important, as a full compile cycle can still take over a minute even
with the cache and it is unlikely that LTO will result in functional
differences for a kernel change.
Cc: stable@vger.kernel.org
Fixes:
|
||
|
Kalesh Singh
|
2a64b7fe17 |
ANDROID: 16K: Fix call to show_pad_maps_fn()
The call should be for printing maps not smaps; fix this. Bug: 330117029 Bug: 327600007 Bug: 330767927 Bug: 328266487 Bug: 329803029 Change-Id: I8356b9e93fa2a300cb8bcd66fed857d42e8bfdca Signed-off-by: Kalesh Singh <kaleshsingh@google.com> |
||
|
Kalesh Singh
|
596b6507c3 |
ANDROID: 16K: Fix show maps CFI failure
If the kernel is built CONFIG_CFI_CLANG=y, reading smaps may cause a panic. This is due to a failed CFI check; which is triggered becuase the signature of the function pointer for printing smaps padding VMAs does not match exactly with that for show_smap(). Fix this by casting the function pointer to the expected type based on whether printing maps or smaps padding. Bug: 330117029 Bug: 327600007 Bug: 330767927 Bug: 328266487 Bug: 329803029 Change-Id: I65564a547dacbc4131f8557344c8c96e51f90cd5 Signed-off-by: Kalesh Singh <kaleshsingh@google.com> |
||
|
Kalesh Singh
|
d83231efe4 |
ANDROID: 16K: Handle pad VMA splits and merges
In some cases a VMA with padding representation may be split, and
therefore the padding flags must be updated accordingly.
There are 3 cases to handle:
Given:
| DDDDPPPP |
where:
- D represents 1 page of data;
- P represents 1 page of padding;
- | represents the boundaries (start/end) of the VMA
1) Split exactly at the padding boundary
| DDDDPPPP | --> | DDDD | PPPP |
- Remove padding flags from the first VMA.
- The second VMA is all padding
2) Split within the padding area
| DDDDPPPP | --> | DDDDPP | PP |
- Subtract the length of the second VMA from the first VMA's
padding.
- The second VMA is all padding, adjust its padding length (flags)
3) Split within the data area
| DDDDPPPP | --> | DD | DDPPPP |
- Remove padding flags from the first VMA.
- The second VMA is has the same padding as from before the split.
To simplify the semantics merging of padding VMAs is not allowed.
If a split produces a VMA that is entirely padding, show_[s]maps()
only outputs the padding VMA entry (as the data entry is of length 0).
Bug: 330117029
Bug: 327600007
Bug: 330767927
Bug: 328266487
Bug: 329803029
Change-Id: Ie2628ced5512e2c7f8af25fabae1f38730c8bb1a
Signed-off-by: Kalesh Singh <kaleshsingh@google.com>
|
||
|
Kalesh Singh
|
19d6e7eb47 |
ANDROID: 16K: madvise_vma_pad_pages: Remove filemap_fault check
Some file systems like F2FS use a custom filemap_fault ops. Remove this check, as checking vm_file is sufficient. Bug: 330117029 Bug: 327600007 Bug: 330767927 Bug: 328266487 Bug: 329803029 Change-Id: Id6a584d934f06650c0a95afd1823669fc77ba2c2 Signed-off-by: Kalesh Singh <kaleshsingh@google.com> |