Get task info about scheduling delay, iowait, and block time.
Bug: 189415303
Change-Id: Ib6b548f8a78de5b26d555e9a89e3cc79ea2d1024
Signed-off-by: Liujie Xie <xieliujie@oppo.com>
We want to record the cputime of each running process by adding
hooks for cpufreq_acct_update_power.
Bug: 186604985
Signed-off-by: zhengding chen <chenzhengding@oppo.com>
Change-Id: I35e38be4680781df3338b4a01041922294aecaa0
There are two tracepoints in usb_gadget_connect() and
usb_gadget_disconnect(). This patch will export the tracepoints so that
vendor modules can use them.
Bug: 189130101
Change-Id: I73ace6ad7a29a835431879162cb5e5ff3d6b2239
Signed-off-by: fengmingli <mingli.feng@vivo.com>
To use the tracepoint in kernel module, add EXPORT_TRACE_SYMBOL_GPL to
export the dwc3_ctrl_req tracepoint
Bug: 189130101
Change-Id: Ie3245474fbd0cc18c6d41036dcf17c7bbe460814
Signed-off-by: fengmingli <mingli.feng@vivo.com>
To use the tracepoint in kernel module, add EXPORT_TRACE_SYMBOL_GPL to
export the dwc3_event tracepoint.
Bug: 189130101
Change-Id: I3a917af82c9d8c19a085c5fc1a30c1b9af4b6885
Signed-off-by: fengmingli <mingli.feng@vivo.com>
With commit f8425c9396 ("fuse: 32-bit user space ioctl compat for fuse
device") the matching constraints for the FUSE_DEV_IOC_CLONE ioctl command
are relaxed, limited to the testing of command type and number. As Arnd
noticed, this is wrong as it wouldn't ensure the correctness of the data
size or direction for the received FUSE device ioctl.
Fix by bringing back the comparison of the ioctl received by the FUSE
device to the originally generated FUSE_DEV_IOC_CLONE.
Fixes: f8425c9396 ("fuse: 32-bit user space ioctl compat for fuse device")
Reported-by: Arnd Bergmann <arnd@kernel.org>
Signed-off-by: Alessio Balsini <balsini@android.com>
Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
Signed-off-by: Lee Jones <lee.jones@linaro.org>
Signed-off-by: Alessio Balsini <balsini@android.com>
Change-Id: I372d8399db6d603ba20ef50528acf6645e4d3c66
(cherry picked from commit 6076f5f341)
The initial FUSE passthrough interface has the issue of introducing an
ioctl which receives as a parameter a data structure containing a
pointer. What happens is that, depending on the architecture, the size
of this struct might change, and especially for 32-bit userspace running
on 64-bit kernel, the size mismatch results into different a single
ioctl the behavior of which depends on the data that is passed (e.g.,
with an enum). This is just a poor ioctl design as mentioned by Arnd
Bergmann [1].
Introduce the new FUSE_PASSTHROUGH_OPEN ioctl which only gets the fd of
the lower file system, which is a fixed-size __u32, dropping the
confusing fuse_passthrough_out data structure.
[1] https://lore.kernel.org/lkml/CAK8P3a2K2FzPvqBYL9W=Yut58SFXyetXwU4Fz50G5O3TsS0pPQ@mail.gmail.com/
Bug: 175195837
Signed-off-by: Alessio Balsini <balsini@google.com>
Change-Id: I486d71cbe20f3c0c87544fa75da4e2704fe57c7c
It's possible that the interrupt handler for the UCSI driver signals a
connector changes after the handler clears the PENDING bit, but before
it has sent the acknowledge request. The result is that the handler is
invoked yet again, to ack the same connector change.
At least some versions of the Qualcomm UCSI firmware will not handle the
second - "spurious" - acknowledgment gracefully. So make sure to not
clear the pending flag until the change is acknowledged.
Any connector changes coming in after the acknowledgment, that would
have the pending flag incorrectly cleared, would afaict be covered by
the subsequent connector status check.
Fixes: 217504a055 ("usb: typec: ucsi: Work around PPM losing change information")
Cc: stable <stable@vger.kernel.org>
Reviewed-by: Heikki Krogerus <heikki.krogerus@linux.intel.com>
Acked-By: Benjamin Berg <bberg@redhat.com>
Signed-off-by: Bjorn Andersson <bjorn.andersson@linaro.org>
Link: https://lore.kernel.org/r/20210516040953.622409-1-bjorn.andersson@linaro.org
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
(cherry picked from commit 8c9b3caab3)
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I142eb812234d8c0960a69c683cb5cec9033acdc9
Changes in 5.10.41
bpf: Wrap aux data inside bpf_sanitize_info container
bpf: Fix mask direction swap upon off reg sign change
bpf: No need to simulate speculative domain for immediates
context_tracking: Move guest exit context tracking to separate helpers
context_tracking: Move guest exit vtime accounting to separate helpers
KVM: x86: Defer vtime accounting 'til after IRQ handling
perf unwind: Fix separate debug info files when using elfutils' libdw's unwinder
perf unwind: Set userdata for all __report_module() paths
NFC: nci: fix memory leak in nci_allocate_device
Linux 5.10.41
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: Ie9f14d4b9960fb923eb01303517012fe6274d5ef
commit a703619127 upstream.
In 801c6058d1 ("bpf: Fix leakage of uninitialized bpf stack under
speculation") we replaced masking logic with direct loads of immediates
if the register is a known constant. Given in this case we do not apply
any masking, there is also no reason for the operation to be truncated
under the speculative domain.
Therefore, there is also zero reason for the verifier to branch-off and
simulate this case, it only needs to do it for unknown but bounded scalars.
As a side-effect, this also enables few test cases that were previously
rejected due to simulation under zero truncation.
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Reviewed-by: Piotr Krysiuk <piotras@gmail.com>
Acked-by: Alexei Starovoitov <ast@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
commit bb01a1bba5 upstream.
Masking direction as indicated via mask_to_left is considered to be
calculated once and then used to derive pointer limits. Thus, this
needs to be placed into bpf_sanitize_info instead so we can pass it
to sanitize_ptr_alu() call after the pointer move. Piotr noticed a
corner case where the off reg causes masking direction change which
then results in an incorrect final aux->alu_limit.
Fixes: 7fedb63a83 ("bpf: Tighten speculative pointer arithmetic mask")
Reported-by: Piotr Krysiuk <piotras@gmail.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Reviewed-by: Piotr Krysiuk <piotras@gmail.com>
Acked-by: Alexei Starovoitov <ast@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
commit 3d0220f686 upstream.
Add a container structure struct bpf_sanitize_info which holds
the current aux info, and update call-sites to sanitize_ptr_alu()
to pass it in. This is needed for passing in additional state
later on.
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Reviewed-by: Piotr Krysiuk <piotras@gmail.com>
Acked-by: Alexei Starovoitov <ast@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Add a hook to tag task by its comm.
Easy way to identity a task by its tag.
Bug: 189352151
Signed-off-by: ted.lin <ted.lin@oneplus.com>
Change-Id: I32f2f7cec6643f4bd48312b9cffa770c902cebf3
Changes in 5.10.40
firmware: arm_scpi: Prevent the ternary sign expansion bug
openrisc: Fix a memory leak
tee: amdtee: unload TA only when its refcount becomes 0
RDMA/siw: Properly check send and receive CQ pointers
RDMA/siw: Release xarray entry
RDMA/core: Prevent divide-by-zero error triggered by the user
RDMA/rxe: Clear all QP fields if creation failed
scsi: ufs: core: Increase the usable queue depth
scsi: qedf: Add pointer checks in qedf_update_link_speed()
scsi: qla2xxx: Fix error return code in qla82xx_write_flash_dword()
RDMA/mlx5: Recover from fatal event in dual port mode
RDMA/core: Don't access cm_id after its destruction
nvmet: remove unused ctrl->cqs
nvmet: fix memory leak in nvmet_alloc_ctrl()
nvme-loop: fix memory leak in nvme_loop_create_ctrl()
nvme-tcp: rerun io_work if req_list is not empty
nvme-fc: clear q_live at beginning of association teardown
platform/mellanox: mlxbf-tmfifo: Fix a memory barrier issue
platform/x86: intel_int0002_vgpio: Only call enable_irq_wake() when using s2idle
platform/x86: dell-smbios-wmi: Fix oops on rmmod dell_smbios
RDMA/mlx5: Fix query DCT via DEVX
RDMA/uverbs: Fix a NULL vs IS_ERR() bug
tools/testing/selftests/exec: fix link error
powerpc/pseries: Fix hcall tracing recursion in pv queued spinlocks
ptrace: make ptrace() fail if the tracee changed its pid unexpectedly
nvmet: seset ns->file when open fails
perf/x86: Avoid touching LBR_TOS MSR for Arch LBR
locking/lockdep: Correct calling tracepoints
locking/mutex: clear MUTEX_FLAGS if wait_list is empty due to signal
powerpc: Fix early setup to make early_ioremap() work
btrfs: avoid RCU stalls while running delayed iputs
cifs: fix memory leak in smb2_copychunk_range
misc: eeprom: at24: check suspend status before disable regulator
ALSA: dice: fix stream format for TC Electronic Konnekt Live at high sampling transfer frequency
ALSA: intel8x0: Don't update period unless prepared
ALSA: firewire-lib: fix amdtp_packet tracepoints event for packet_index field
ALSA: line6: Fix racy initialization of LINE6 MIDI
ALSA: dice: fix stream format at middle sampling rate for Alesis iO 26
ALSA: firewire-lib: fix calculation for size of IR context payload
ALSA: usb-audio: Validate MS endpoint descriptors
ALSA: bebob/oxfw: fix Kconfig entry for Mackie d.2 Pro
ALSA: hda: fixup headset for ASUS GU502 laptop
Revert "ALSA: sb8: add a check for request_region"
ALSA: firewire-lib: fix check for the size of isochronous packet payload
ALSA: hda/realtek: reset eapd coeff to default value for alc287
ALSA: hda/realtek: Add some CLOVE SSIDs of ALC293
ALSA: hda/realtek: Fix silent headphone output on ASUS UX430UA
ALSA: hda/realtek: Add fixup for HP OMEN laptop
ALSA: hda/realtek: Add fixup for HP Spectre x360 15-df0xxx
uio_hv_generic: Fix a memory leak in error handling paths
Revert "rapidio: fix a NULL pointer dereference when create_workqueue() fails"
rapidio: handle create_workqueue() failure
Revert "serial: mvebu-uart: Fix to avoid a potential NULL pointer dereference"
nvme-tcp: fix possible use-after-completion
x86/sev-es: Move sev_es_put_ghcb() in prep for follow on patch
x86/sev-es: Invalidate the GHCB after completing VMGEXIT
x86/sev-es: Don't return NULL from sev_es_get_ghcb()
x86/sev-es: Use __put_user()/__get_user() for data accesses
x86/sev-es: Forward page-faults which happen during emulation
drm/amdgpu: Fix GPU TLB update error when PAGE_SIZE > AMDGPU_PAGE_SIZE
drm/amdgpu: disable 3DCGCG on picasso/raven1 to avoid compute hang
drm/amdgpu: update gc golden setting for Navi12
drm/amdgpu: update sdma golden setting for Navi12
powerpc/64s/syscall: Use pt_regs.trap to distinguish syscall ABI difference between sc and scv syscalls
powerpc/64s/syscall: Fix ptrace syscall info with scv syscalls
mmc: sdhci-pci-gli: increase 1.8V regulator wait
xen-pciback: redo VF placement in the virtual topology
xen-pciback: reconfigure also from backend watch handler
ipc/mqueue, msg, sem: avoid relying on a stack reference past its expiry
dm snapshot: fix crash with transient storage and zero chunk size
kcsan: Fix debugfs initcall return type
Revert "video: hgafb: fix potential NULL pointer dereference"
Revert "net: stmicro: fix a missing check of clk_prepare"
Revert "leds: lp5523: fix a missing check of return value of lp55xx_read"
Revert "hwmon: (lm80) fix a missing check of bus read in lm80 probe"
Revert "video: imsttfb: fix potential NULL pointer dereferences"
Revert "ecryptfs: replace BUG_ON with error handling code"
Revert "scsi: ufs: fix a missing check of devm_reset_control_get"
Revert "gdrom: fix a memory leak bug"
cdrom: gdrom: deallocate struct gdrom_unit fields in remove_gdrom
cdrom: gdrom: initialize global variable at init time
Revert "media: rcar_drif: fix a memory disclosure"
Revert "rtlwifi: fix a potential NULL pointer dereference"
Revert "qlcnic: Avoid potential NULL pointer dereference"
Revert "niu: fix missing checks of niu_pci_eeprom_read"
ethernet: sun: niu: fix missing checks of niu_pci_eeprom_read()
net: stmicro: handle clk_prepare() failure during init
scsi: ufs: handle cleanup correctly on devm_reset_control_get error
net: rtlwifi: properly check for alloc_workqueue() failure
ics932s401: fix broken handling of errors when word reading fails
leds: lp5523: check return value of lp5xx_read and jump to cleanup code
qlcnic: Add null check after calling netdev_alloc_skb
video: hgafb: fix potential NULL pointer dereference
vgacon: Record video mode changes with VT_RESIZEX
vt_ioctl: Revert VT_RESIZEX parameter handling removal
vt: Fix character height handling with VT_RESIZEX
tty: vt: always invoke vc->vc_sw->con_resize callback
drm/i915/gt: Disable HiZ Raw Stall Optimization on broken gen7
openrisc: mm/init.c: remove unused memblock_region variable in map_ram()
x86/Xen: swap NX determination and GDT setup on BSP
nvme-multipath: fix double initialization of ANA state
rtc: pcf85063: fallback to parent of_node
x86/boot/compressed/64: Check SEV encryption in the 32-bit boot-path
nvmet: use new ana_log_size instead the old one
video: hgafb: correctly handle card detect failure during probe
Bluetooth: SMP: Fail if remote and local public keys are identical
Linux 5.10.40
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I4523cf43d1da6bea507e4027bd83bc491a574f41
Update symbol list generated for the virtual platform
Bug: 189175929
Test: BUILD_CONFIG=common-modules/virtual-device/build.config.virtual_device.aarch64 \
build/build_abi.sh --update-symbol-list
Change-Id: Icb02c4ccc6b680c88b7da85bec8685393daca747
Signed-off-by: Howard Chen <howardsoc@google.com>
Fix kernelci build warnings for 'allmodconfig' builds.
In file included from ../include/linux/printk.h:7,
from ../include/linux/kernel.h:16,
from ../include/linux/list.h:9,
from ../include/linux/wait.h:7,
from ../include/linux/wait_bit.h:8,
from ../include/linux/fs.h:6,
from ../include/linux/highmem.h:5,
from ../include/linux/bio.h:8,
from ../include/linux/device-mapper.h:11,
from ../drivers/md/dm-user.c:7:
../drivers/md/dm-user.c: In function ‘process_delayed_work’:
../include/linux/kern_levels.h:5:18: warning: format ‘%d’ expects argument of type ‘int’, but argument 2 has type ‘sector_t’ {aka ‘long long unsigned int’} [-Wformat=]
#define KERN_SOH "\001" /* ASCII Start Of Header */
^~~~~~
../include/linux/kern_levels.h:11:18: note: in expansion of macro ‘KERN_SOH’
#define KERN_ERR KERN_SOH "3" /* error conditions */
^~~~~~~~
../include/linux/printk.h:348:9: note: in expansion of macro ‘KERN_ERR’
printk(KERN_ERR pr_fmt(fmt), ##__VA_ARGS__)
^~~~~~~~
../drivers/md/dm-user.c:222:2: note: in expansion of macro ‘pr_err’
pr_err("IO error: sector %d: no user-space daemon for %s target\n",
^~~~~~
../drivers/md/dm-user.c:222:28: note: format string is defined here
pr_err("IO error: sector %d: no user-space daemon for %s target\n",
~^
%lld
Bug: 188362117
Test: Build
Reported-by: tkjos@google.com
Fixes: 9d80dbe0a3 ("ANDROID: dm-user: Fail the IO if there is no daemon")
Signed-off-by: Akilesh Kailash <akailash@google.com>
Change-Id: Ia9fbac76616a8f8c743e16f0fc8ba0cd3e498b9e
When this was uploaded, it was mistakenly made executable. Fix that.
Fixes: 78a9cd650a ("ANDROID: add initial symbol list for mtk")
Signed-off-by: J. Avila <elavila@google.com>
Change-Id: I24be8828e25a8262b513857b11e997f40a0a6a68
The addr is not initialized, we may access a random value.
Fixes: dc5241048f ("ANDROID: vendor_hooks: Add hooks for reducing virtual address fragmentation")
Bug: 187259935
Signed-off-by: Liujie Xie <xieliujie@oppo.com>
Change-Id: I770bf5e69e6fcd4e1ccd3987b4891156892de758
commit 5e1f689913 upstream.
nvme_init_identify and thus nvme_mpath_init can be called multiple
times and thus must not overwrite potentially initialized or in-use
fields. Split out a helper for the basic initialization when the
controller is initialized and make sure the init_identify path does
not blindly change in-use data structures.
Fixes: 0d0b660f21 ("nvme: add ANA support")
Reported-by: Martin Wilck <mwilck@suse.com>
Signed-off-by: Christoph Hellwig <hch@lst.de>
Reviewed-by: Keith Busch <kbusch@kernel.org>
Reviewed-by: Sagi Grimberg <sagi@grimberg.me>
Reviewed-by: Hannes Reinecke <hare@suse.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
commit ae897fda4f upstream.
xen_setup_gdt(), via xen_load_gdt_boot(), wants to adjust page tables.
For this to work when NX is not available, x86_configure_nx() needs to
be called first.
[jgross] Note that this is a revert of 36104cb901 ("x86/xen:
Delay get_cpu_cap until stack canary is established"), which is possible
now that we no longer support running as PV guest in 32-bit mode.
Cc: <stable.vger.kernel.org> # 5.9
Fixes: 36104cb901 ("x86/xen: Delay get_cpu_cap until stack canary is established")
Reported-by: Olaf Hering <olaf@aepfle.de>
Signed-off-by: Jan Beulich <jbeulich@suse.com>
Reviewed-by: Juergen Gross <jgross@suse.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Link: https://lore.kernel.org/r/12a866b0-9e89-59f7-ebeb-a2a6cec0987a@suse.com
Signed-off-by: Juergen Gross <jgross@suse.com>
commit 4eff124347 upstream.
Kernel test robot reports:
cppcheck possible warnings: (new ones prefixed by >>, may not real problems)
>> arch/openrisc/mm/init.c:125:10: warning: Uninitialized variable: region [uninitvar]
region->base, region->base + region->size);
^
Replace usage of memblock_region fields with 'start' and 'end' variables
that are initialized in for_each_mem_range() and remove the declaration of
region.
Fixes: b10d6bca87 ("arch, drivers: replace for_each_membock() with for_each_mem_range()")
Reported-by: kernel test robot <lkp@intel.com>
Signed-off-by: Mike Rapoport <rppt@linux.ibm.com>
Signed-off-by: Stafford Horne <shorne@gmail.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
commit 860dafa902 upstream.
Restore the original intent of the VT_RESIZEX ioctl's `v_clin' parameter
which is the number of pixel rows per character (cell) rather than the
height of the font used.
For framebuffer devices the two values are always the same, because the
former is inferred from the latter one. For VGA used as a true text
mode device these two parameters are independent from each other: the
number of pixel rows per character is set in the CRT controller, while
font height is in fact hardwired to 32 pixel rows and fonts of heights
below that value are handled by padding their data with blanks when
loaded to hardware for use by the character generator. One can change
the setting in the CRT controller and it will update the screen contents
accordingly regardless of the font loaded.
The `v_clin' parameter is used by the `vgacon' driver to set the height
of the character cell and then the cursor position within. Make the
parameter explicit then, by defining a new `vc_cell_height' struct
member of `vc_data', set it instead of `vc_font.height' from `v_clin' in
the VT_RESIZEX ioctl, and then use it throughout the `vgacon' driver
except where actual font data is accessed which as noted above is
independent from the CRTC setting.
This way the framebuffer console driver is free to ignore the `v_clin'
parameter as irrelevant, as it always should have, avoiding any issues
attempts to give the parameter a meaning there could have caused, such
as one that has led to commit 988d076336 ("vt_ioctl: make VT_RESIZEX
behave like VT_RESIZE"):
"syzbot is reporting UAF/OOB read at bit_putcs()/soft_cursor() [1][2],
for vt_resizex() from ioctl(VT_RESIZEX) allows setting font height
larger than actual font height calculated by con_font_set() from
ioctl(PIO_FONT). Since fbcon_set_font() from con_font_set() allocates
minimal amount of memory based on actual font height calculated by
con_font_set(), use of vt_resizex() can cause UAF/OOB read for font
data."
The problem first appeared around Linux 2.5.66 which predates our repo
history, but the origin could be identified with the old MIPS/Linux repo
also at: <git://git.kernel.org/pub/scm/linux/kernel/git/ralf/linux.git>
as commit 9736a3546de7 ("Merge with Linux 2.5.66."), where VT_RESIZEX
code in `vt_ioctl' was updated as follows:
if (clin)
- video_font_height = clin;
+ vc->vc_font.height = clin;
making the parameter apply to framebuffer devices as well, perhaps due
to the use of "font" in the name of the original `video_font_height'
variable. Use "cell" in the new struct member then to avoid ambiguity.
References:
[1] https://syzkaller.appspot.com/bug?id=32577e96d88447ded2d3b76d71254fb855245837
[2] https://syzkaller.appspot.com/bug?id=6b8355d27b2b94fb5cedf4655e3a59162d9e48e3
Signed-off-by: Maciej W. Rozycki <macro@orcam.me.uk>
Fixes: 1da177e4c3 ("Linux-2.6.12-rc2")
Cc: stable@vger.kernel.org # v2.6.12+
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
commit a90c275eb1 upstream.
Revert the removal of code handling extra VT_RESIZEX ioctl's parameters
beyond those that VT_RESIZE supports, fixing a functional regression
causing `svgatextmode' not to resize the VT anymore.
As a consequence of the reverted change when the video adapter is
reprogrammed from the original say 80x25 text mode using a 9x16
character cell (720x400 pixel resolution) to say 80x37 text mode and the
same character cell (720x592 pixel resolution), the VT geometry does not
get updated and only upper two thirds of the screen are used for the VT,
and the lower part remains blank. The proportions change according to
text mode geometries chosen.
Revert the change verbatim then, bringing back previous VT resizing.
Signed-off-by: Maciej W. Rozycki <macro@orcam.me.uk>
Fixes: 988d076336 ("vt_ioctl: make VT_RESIZEX behave like VT_RESIZE")
Cc: stable@vger.kernel.org # v5.10+
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
