The DisplayPort driver's sysfs nodes may be present to the userspace before
typec_altmode_set_drvdata() completes in dp_altmode_probe. This means that
a sysfs read can trigger a NULL pointer error by deferencing dp->hpd in
hpd_show or dp->lock in pin_assignment_show, as dev_get_drvdata() returns
NULL in those cases.
Remove manual sysfs node creation in favor of adding attribute group as
default for devices bound to the driver. The ATTRIBUTE_GROUPS() macro is
not used here otherwise the path to the sysfs nodes is no longer compliant
with the ABI.
Fixes: 0e3bb7d689 ("usb: typec: Add driver for DisplayPort alternate mode")
Cc: stable@vger.kernel.org
Signed-off-by: RD Babiera <rdbabiera@google.com>
Link: https://lore.kernel.org/r/20240229001101.3889432-2-rdbabiera@google.com
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Bug: 313517804
(cherry picked from commit 165376f6b23e9a779850e750fb2eb06622e5a531)
Change-Id: I13aaa956ff2b37e29eb0d90bbac0b7e1ac969b80
Signed-off-by: RD Babiera <rdbabiera@google.com>
'commit b6115e14010 ("ANDROID: uid_sys_stat: split the global
lock uid_lock to the fine-grained locks for each hlist in hash_table.")'
The above patch split the global lock to per-uid lock to reduce lock
competition. But result in data-error from uid_cputime_show and uid_io_show in
some cases.
E.g, if thread1 and thread2 read /proc/uid_cputime/show_uid_stat at the same time,
thread2 maybe operate in partA and zero active_stime and active_utime of uid_entry
when thread1 is between partB and partC, which would cause thread1 show the error data.
static int uid_cputime_show(struct seq_file *m, void *v)
{
...
/*partA*/
for (bkt = 0, uid_entry = NULL; uid_entry == NULL &&
bkt < HASH_SIZE(hash_table); bkt++) {
lock_uid_by_bkt(bkt);
hlist_for_each_entry(uid_entry, &hash_table[bkt], hash) {
uid_entry->active_stime = 0;
uid_entry->active_utime = 0;
}
unlock_uid_by_bkt(bkt);
}
rcu_read_lock();
/* partB */
do_each_thread(temp, task) {
...
lock_uid(uid);
if (!(task->flags & PF_EXITING)) {
task_cputime_adjusted(task, &utime, &stime);
uid_entry->active_utime += utime;
uid_entry->active_stime += stime;
}
unlock_uid(uid);
} while_each_thread(temp, task);
rcu_read_unlock();
for (bkt = 0, uid_entry = NULL; uid_entry == NULL &&
bkt < HASH_SIZE(hash_table); bkt++) {
lock_uid_by_bkt(bkt);
hlist_for_each_entry(uid_entry, &hash_table[bkt], hash) {
u64 total_utime = uid_entry->utime +
uid_entry->active_utime;
u64 total_stime = uid_entry->stime +
uid_entry->active_stime;
/* partC */
seq_printf(m, "%d: %llu %llu\n", uid_entry->uid,
ktime_to_us(total_utime), ktime_to_us(total_stime));
}
unlock_uid_by_bkt(bkt);
}
The patch ensures that the calculation and seq_printf of each uid_entry is within
the uid_lock range, in order to accurate data.
Bug: 278138377
Change-Id: Iaa2ccd95c4b4b333f04b2ba18d7699d94017394e
Signed-off-by: lipeifeng <lipeifeng@oppo.com>
(cherry picked from commit ea35d2bd073214e84be242287a2e91741c6588ed)
usb: typec: class: fix typec_altmode_put_partner to put plugs
When typec_altmode_put_partner is called by a plug altmode upon release,
the port altmode the plug belongs to will not remove its reference to the
plug. The check to see if the altmode being released is a plug evaluates
against the released altmode's partner instead of the calling altmode, so
change adev in typec_altmode_put_partner to properly refer to the altmode
being released.
Because typec_altmode_set_partner calls get_device() on the port altmode,
add partner_adev that points to the port altmode in typec_put_partner to
call put_device() on. typec_altmode_set_partner is not called for port
altmodes, so add a check in typec_altmode_release to prevent
typec_altmode_put_partner() calls on port altmode release.
Fixes: 8a37d87d72 ("usb: typec: Bus type for alternate modes")
Cc: <stable@vger.kernel.org>
Co-developed-by: Christian A. Ehrhardt <lk@c--e.de>
Signed-off-by: Christian A. Ehrhardt <lk@c--e.de>
Signed-off-by: RD Babiera <rdbabiera@google.com>
Tested-by: Christian A. Ehrhardt <lk@c--e.de>
Acked-by: Heikki Krogerus <heikki.krogerus@linux.intel.com>
Link: https://lore.kernel.org/r/20240103181754.2492492-2-rdbabiera@google.com
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Bug: 324496488
(cherry picked from commit 5962ded777d689cd8bf04454273e32228d7fb71f)
Signed-off-by: RD Babiera <rdbabiera@google.com>
(cherry picked from https://android-review.googlesource.com/q/commit:fe6e5059f610845f3373a734d228148a660ca44e)
Merged-In: I688a333753b2e8069c0437a6d9dea30bf029c92c
Change-Id: I688a333753b2e8069c0437a6d9dea30bf029c92c
The struct is not public so shouldn't cause real ABI breakage.
Bug: 320478828
Bug: 324640390
Change-Id: I724ca4c00bae09bc311d6495383cfd3a77592d7a
Signed-off-by: Lokesh Gidra <lokeshgidra@google.com>
Currently we bail out of speculative page fault when we detect that the
fault address is in a userfaultfd registered vma. However, if userfaultfd
is being used with UFFD_FEATURE_SIGBUS feature, then handle_userfault()
doesn't do much and is easiest to handle with SPF. This patch lets
MISSING userfaultfs on private anonymous mappings be allowed with SPF if
UFFD_FEATURE_SIGBUS is used.
With this patch we get >99% success rate for userfaults caused during
userfaultfd GC's compaction phase. This translates into eliminating
uninterruptible sleep time in do_page_fault() due to userfaults.
ABI breakage note: 'userfaultfd_ctx' struct, which has been modified in
this CL, is private and hence cannot cause real breakage.
Bug: 324640390
Bug: 320478828
Signed-off-by: Lokesh Gidra <lokeshgidra@google.com>
Change-Id: Ic7fde0fde03602b35179bc0cf891ddbbc434190f
Don't check the "LTO" variable in build.config.gki.aarch64.fips140,
since fips140.ko no longer depends on LTO. Also, Kleaf doesn't set the
"LTO" variable anyway; it was specific to build.sh.
Bug: 188620248
Change-Id: I213faa4c8c1a23898c08da121b0a5dc602b7218a
Signed-off-by: Eric Biggers <ebiggers@google.com>
This reverts commit 9be2957f01 which is
commit af42269c35 upstream.
It is reported to cause crashes, so revert it for now.
Bug: 326555421
Change-Id: I2fb3626c306e0444f4e0eb42a95488e688942ba9
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
This reverts commit e3a29b80e9 which is
commit 1361917030 upstream.
It is reported to cause crashes, so revert it for now.
Bug: 326555421
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I3dd7744a9b706a959cbed3a793be668147dfcb9a
Existing runtime PM ftrace events (`rpm_suspend`, `rpm_resume`,
`rpm_return_int`) offer limited visibility into the exact timing of device
runtime power state transitions, particularly when asynchronous operations
are involved. When the `rpm_suspend` or `rpm_resume` functions are invoked
with the `RPM_ASYNC` flag, a return value of 0 i.e., success merely
indicates that the device power state request has been queued, not that
the device has yet transitioned.
A new ftrace event, `rpm_status`, is introduced. This event directly logs
the `power.runtime_status` value of a device whenever it changes providing
granular tracking of runtime power state transitions regardless of
synchronous or asynchronous `rpm_suspend` / `rpm_resume` usage.
Signed-off-by: Vilas Bhat <vilasbhat@google.com>
Signed-off-by: Rafael J. Wysocki <rafael.j.wysocki@intel.com>
Bug: 325508361
(cherry picked from commit 015abee404760249a5c968b9ce29216b94b8ced1
https://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm.git
linux-next)
[vilasbhat: Removed reference to RPM_INVALID from patch as it does not exist
in 5.15]
Change-Id: Iad7cae74c41b23b430331379c180b5e59bc32c40
Signed-off-by: Vilas Bhat <vilasbhat@google.com>
commit 60c0c230c6f046da536d3df8b39a20b9a9fd6af0 upstream.
rbtree lazy gc on insert might collect an end interval element that has
been just added in this transactions, skip end interval elements that
are not yet active.
Bug: 325477234
Fixes: f718863aca ("netfilter: nft_set_rbtree: fix overlap expiration walk")
Cc: stable@vger.kernel.org
Reported-by: lonial con <kongln9170@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
(cherry picked from commit 1296c110c5)
Signed-off-by: Lee Jones <joneslee@google.com>
Change-Id: I42f7bca418d47948292b15ace9f371b81ccd7fe8
In dw_pcie_host_init() regardless of whether the link has been
started or not, the code waits for the link to come up. Even in
cases where start_link() is not defined the code ends up spinning
in a loop for 1 second. Since in some systems dw_pcie_host_init()
gets called during probe, this one second loop for each pcie
interface instance ends up extending the boot time.
Wait for the link up in only if the start_link() is defined.
The patch submitted to the upstream kernel (see link below) was not
accepted due to no upstream user.
The change here is a simplified version of that patch, which will wait
for a link only if start_link ops has been defined.
Also, this patch was already applied before in
https://r.android.com/2548250 but the functionality was lost after
https://lore.kernel.org/all/20220624143428.8334-14-Sergey.Semin@baikalelectronics.ru/
was pulled in from the LTS merge.
This patch restores the functionality (of removing the delay) which was
lost during the LTS merge.
Bug: 315052790
Link: https://lore.kernel.org/all/20240112093006.2832105-1-ajayagarwal@google.com/
Change-Id: I4e8d00f6195062728417e41ddd51072880676920
Signed-off-by: Sajid Dalvi <sdalvi@google.com>
Add support for configuring the maximum segment size.
Add support for segments smaller than the page size.
This patch enables testing segments smaller than the page size with a
driver that does not call blk_rq_map_sg().
Bug: 308663717
Bug: 319125789
Change-Id: I74165d83e71201116378c4598c2f9a2ff8c8b623
Signed-off-by: Bart Van Assche <bvanassche@acm.org>
Signed-off-by: Juan Yescas <jyescas@google.com>
Add a kernel module parameter for configuring the maximum segment size.
This patch enables testing SCSI support for segments smaller than the
page size.
Bug: 308663717
Bug: 319125789
Change-Id: Ib645dead4e10d4aaf5a1dfc1d064038153737bc1
Signed-off-by: Bart Van Assche <bvanassche@acm.org>
Signed-off-by: Juan Yescas <jyescas@google.com>
This new debugfs attribute makes it easier to verify the code that tracks
how many queues require limits below the page size.
Bug: 308663717
Bug: 319125789
Change-Id: I855113cd3898f9641c7c3f1b4732bf4990fc7d3d
Signed-off-by: Bart Van Assche <bvanassche@acm.org>
[jyescas@google.com: Wrap #include "blk-mq-debugfs.h" with
#ifndef __GENKSYSM__ to avoid ABI CRC
changes.]
Signed-off-by: Juan Yescas <jyescas@google.com>
Add support in the bio splitting code and also in the bio submission code
for bios with segments smaller than the page size.
Bug: 308663717
Bug: 319125789
Change-Id: Iea511675ad96b0c8255c2b87811ad33c3a02c8fa
Signed-off-by: Bart Van Assche <bvanassche@acm.org>
[jyescas@google.com: the function bio_may_exceed_limits() does not
exists in the 5.15 kernel, so the sub page limit
code in block/blk.h was moved to the function
__blk_queue_split() in block/blk-merge.c]
Signed-off-by: Juan Yescas <jyescas@google.com>
If the segment size is smaller than the page size there may be multiple
segments per bvec even if a bvec only contains a single page. Hence this
patch.
Bug: 308663717
Bug: 319125789
Change-Id: I446aab83a2c519cb3c42d5d8ffd814dcc34274d2
Signed-off-by: Bart Van Assche <bvanassche@acm.org>
Signed-off-by: Juan Yescas <jyescas@google.com>
Allow block drivers to configure the following:
* Maximum number of hardware sectors values smaller than
PAGE_SIZE >> SECTOR_SHIFT. For PAGE_SIZE = 4096 this means that values
below 8 become supported.
* A maximum segment size below the page size. This is most useful
for page sizes above 4096 bytes.
The blk_sub_page_segments static branch will be used in later patches to
prevent that performance of block drivers that support segments >=
PAGE_SIZE and max_hw_sectors >= PAGE_SIZE >> SECTOR_SHIFT would be affected.
This patch may change the behavior of existing block drivers from not
working into working. If a block driver calls
blk_queue_max_hw_sectors() or blk_queue_max_segment_size(), this is
usually done to configure the maximum supported limits. An attempt to
configure a limit below what is supported by the block layer causes the
block layer to select a larger value. If that value is not supported by
the block driver, this may cause other data to be transferred than
requested, a kernel crash or other undesirable behavior.
Keeps the ABI stable by taking advantage of a hole in the structure!
Bug: 308663717
Bug: 319125789
Bug: 324152549
Change-Id: I4a7b605f0f0d82dde0b4703496c7314064f48acb
Signed-off-by: Bart Van Assche <bvanassche@acm.org>
[jyescas@google.com: disable subpage limits in block/blk-sysfs.c
instead block/blk-core.c because the function
blk_free_queue() is not defined in 5.15 kernel]
Signed-off-by: Juan Yescas <jyescas@google.com>
Introduce variables that represent the lower configuration bounds. This
patch does not change any functionality.
Bug: 308663717
Bug: 319125789
Change-Id: Ia39fbe29a0711caba841a7b44d462608216841ec
Signed-off-by: Bart Van Assche <bvanassche@acm.org>
Signed-off-by: Juan Yescas <jyescas@google.com>
Switch to the modern style of printing kernel messages. Use %u instead
of %d to print unsigned integers.
The pr_fmt() format is added on top of the file to include __func__
in the pr_info() calls.
Bug: 308663717
Bug: 319125789
Change-Id: Iea0a19c8221fe1a2fcd3f26c5ffd0c3b69935eec
Signed-off-by: Bart Van Assche <bvanassche@acm.org>
[jyescas@google.com: define pr_fmt(fmt) to include __func__ in the output]
Signed-off-by: Juan Yescas <jyescas@google.com>
Since SPF is an out-of-tree feature, the risks of changing its behavior
are higher. Add a vendor hook to enable speculative swap pagefaults. By
default it's disabled and should not cause troubles for current users.
Bug: 322762567
Change-Id: I3df7c545aa27d2707ee51ea42368f785c5faa735
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
Speculative page handling was disabled in do_swap_page() because it was
unsafe to call migration_entry_wait(). Another calls which are not safe
without taking mmap_lock are ksm_might_need_to_copy() because it relies
on the VMA being stable and readahead. However if we avoid these cases,
the rest seems to be safe. Relax the check to avoid only these unsafe
cases and allow speculation otherwise.
Bug: 322762567
Change-Id: Ic1fda0a5549088d5f37004dbacf3193116a5f868
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
The following list of commits, which are in the 5.15.136 release, add a
new field in struct ipv6_devconf and this breaks the abi. Fix this by
using one of the reserved slots for upstream changes and update the stg
file to preserve the build.
5e13e69ddf ("net: release reference to inet6_dev pointer")
aade10d51d ("net: change accept_ra_min_rtr_lft to affect all RA lifetimes")
8f12d2d66c ("net: add sysctl accept_ra_min_rtr_lft")
type 'struct ipv6_devconf' changed
member 'union { struct { __s32 accept_ra_min_lft; u32 padding; }; struct { u64 android_kabi_reserved1; }; union { }; }' was added
member 'u64 android_kabi_reserved1' was removed
Bug: 320243175
Change-Id: Icddcad574f3c29f6d3e63b10f8c7e51bdf46fe7f
Signed-off-by: Carlos Llamas <cmllamas@google.com>
The android_kabi.h header file uses the __stringify() macro without
explicitly including its definition via linux/stringify.h. This can
result in build breaking when using the ANDROID_KABI_USE macro:
common/include/linux/ipv6.h:83:2: error: expected ')'
ANDROID_KABI_USE(1, struct { __s32 accept_ra_min_lft; u32 padding; });
^
[...]
common/include/linux/android_kabi.h:44:24: note: expanded from macro '__ANDROID_KABI_CHECK_SIZE_ALIGN'
__FILE__ ":" __stringify(__LINE__) ": " \
^
To fix this let android_kabi.h include stringify.h explicitly instead of
relying on includes of previous unrelated header files.
Bug: 324437514
Change-Id: I16cced44e723871b2e1a92b312e60f38e41fea70
Signed-off-by: Carlos Llamas <cmllamas@google.com>
Commit d7c1a9a0ed ("wifi: nl80211: validate and configure puncturing
bitmap") and commit 9b89495e47 ("wifi: nl80211: Allow authentication
frames and set keys on NAN interface") added two entries to the
nl80211_ext_feature_index enum, which caused the CRC value for the
wireless_send_event() symbol to change.
Fix this by hiding the new enum entries during the CRC generation phase.
While the values of NUM_NL80211_EXT_FEATURES and
MAX_NL80211_EXT_FEATURES have changed, it shouldn't be a problem in this
case, since MAX_NL80211_EXT_FEATURES is not used in the kernel source,
and the one usage of NUM_NL80211_EXT_FEATURES remains unchanged.
Bug: 272227555
Bug: 324871355
Change-Id: I8b5be4c39b1ab72f0f2b3c9ff10f15a981a431db
Signed-off-by: Isaac J. Manjarres <isaacmanjarres@google.com>
Wi-Fi Aware R4 specification defines NAN Pairing which uses PASN handshake
to authenticate the peer and generate keys. Hence allow to register and transmit
the PASN authentication frames on NAN interface and set the keys to driver or
underlying modules on NAN interface.
The driver needs to configure the feature flag NL80211_EXT_FEATURE_SECURE_NAN,
which also helps userspace modules to know if the driver supports secure NAN.
Signed-off-by: Vinay Gannevaram <quic_vganneva@quicinc.com>
Link: https://lore.kernel.org/r/1675519179-24174-1-git-send-email-quic_vganneva@quicinc.com
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Bug: 272227555
Change-Id: Ib8e15683772cf9696b51fb5360642813ca0a078b
(cherry picked from commit 9b89495e47)
[shivbara: replace reserved UAPI attribute with corresponding upstream
attribute]
Signed-off-by: Shivani Baranwal <quic_shivbara@quicinc.com>
Signed-off-by: Veerendranath Jakkam <quic_vjakkam@quicinc.com>
(cherry picked from commit 092199e995efc58b29d568614581b3f63a05ca8c)
Signed-off-by: Lee Jones <joneslee@google.com>
Currently action frames TX only with ML address as A3(BSSID) are
allowed in an ML AP, but TX for a non-ML Station can happen in any
link of an ML BSS with link BSS address as A3.
In case of an MLD, if User-space has provided a valid link_id in
action frame TX request, allow transmission of the frame in that link.
Signed-off-by: Rameshkumar Sundaram <quic_ramess@quicinc.com>
Link: https://lore.kernel.org/r/20230201061602.3918-1-quic_ramess@quicinc.com
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Bug: 272227555
Change-Id: Iceb00b0713d9123f040e10e06cbfc412ee6a0375
(cherry picked from commit 19085ef39f)
Signed-off-by: Shivani Baranwal <quic_shivbara@quicinc.com>
Signed-off-by: Veerendranath Jakkam <quic_vjakkam@quicinc.com>
(cherry picked from commit 05164a8564bacb11ed74b2826b27f8bded606a12)
Signed-off-by: Lee Jones <joneslee@google.com>
- New feature flag, NL80211_EXT_FEATURE_PUNCT, to advertise
driver support for preamble puncturing in AP mode.
- New attribute, NL80211_ATTR_PUNCT_BITMAP, to receive a puncturing
bitmap from the userspace during AP bring up (NL80211_CMD_START_AP)
and channel switch (NL80211_CMD_CHANNEL_SWITCH) operations. Each bit
corresponds to a 20 MHz channel in the operating bandwidth, lowest
bit for the lowest channel. Bit set to 1 indicates that the channel
is punctured. Higher 16 bits are reserved.
- New members added to structures cfg80211_ap_settings and
cfg80211_csa_settings to propagate the bitmap to the driver after
validation.
Signed-off-by: Aloka Dixit <quic_alokad@quicinc.com>
Signed-off-by: Muna Sinada <quic_msinada@quicinc.com>
Link: https://lore.kernel.org/r/20230131001227.25014-3-quic_alokad@quicinc.com
[move validation against 0xffff into policy]
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Bug: 272227555
Change-Id: I2d9a90cba8812bfe81d0168133ef2239dcc536ac
(cherry picked from commit d7c1a9a0ed)
[shivbara: replace reserved UAPI attributes with corresponding
upstream attributes]
Signed-off-by: Shivani Baranwal <quic_shivbara@quicinc.com>
(cherry picked from commit e8a4772f4d125216fe5ea362d48e7f1a7051111a)
Signed-off-by: Lee Jones <joneslee@google.com>
- Move ieee80211_valid_disable_subchannel_bitmap() from mlme.c to
chan.c, rename it as cfg80211_valid_disable_subchannel_bitmap()
and export it.
- Modify the prototype to include struct cfg80211_chan_def instead
of only bandwidth to support a check which returns false if the
primary channel is punctured.
Signed-off-by: Aloka Dixit <quic_alokad@quicinc.com>
Link: https://lore.kernel.org/r/20230131001227.25014-2-quic_alokad@quicinc.com
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Bug: 272227555
Change-Id: I0b5d7829982afc0ae18b105ddd3ad9df7d3dd7ed
(cherry picked from commit b25413fed3)
[shivbara: Skipped changes in net/mac80211 due to missing
dependency changes]
Signed-off-by: Shivani Baranwal <quic_shivbara@quicinc.com>
(cherry picked from commit 5761541a4eb5b73572602cddeca2f732052b96e2)
Signed-off-by: Lee Jones <joneslee@google.com>
nl80211_send_ap_stopped() can be called multiple times on the same
netdev for each link when using Multi-Link Operation. Add the
MLO_LINK_ID attribute to the event to allow userspace to distinguish
which link the event is for.
Signed-off-by: Alvin Šipraga <alsi@bang-olufsen.dk>
Link: https://lore.kernel.org/r/20230128125844.2407135-2-alvin@pqrs.dk
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Bug: 272227555
Change-Id: I02104259eda61893f5f40bcd18a5e89bf6871ae6
(cherry picked from commit cba7217a92)
Signed-off-by: Shivani Baranwal <quic_shivbara@quicinc.com>
(cherry picked from commit 267de69e07c3246ec07eec621689d17bef1bb377)
Signed-off-by: Lee Jones <joneslee@google.com>
Merge commit c51de219f5 ("Merge tag 'android14-5.15.131_r00' into
android-14-5.15") brought in upstream commit 7963d4d710 ("usb: typec:
tcpci: move tcpci.h to include/linux/usb/"). However, the reference
to the drivers/usb/typec/tcpm/tcpci.h headers was not removed from
the all_headers_unsafe ddk_headers target.
This causes build failures when building with --allow_ddk_unsafe_headers
as the file cannot be found, so remove it.
Bug: 324422915
Fixes: c51de219f5 ("Merge tag 'android14-5.15.131_r00' into android-14-5.15")
Change-Id: Id65881dd87df6edb3fe9f935e8bb45faa6af2374
Signed-off-by: Isaac J. Manjarres <isaacmanjarres@google.com>
Blocks are tracked by u32, so the max permitted filesize is
(U32_MAX + 1) * BLOCK_SIZE. Additionally, in order to support crypto
data unit sizes of 4K with a 16K block with IV_INO_LBLK_{32,64}, we must
further restrict max filesize to (U32_MAX + 1) * 4096. This does not
affect 4K blocksize f2fs as the natural limit for files are well below
that.
Fixes: ac5dd4e5de6a ("BACKPORT: Support Block Size == Page Size")
Signed-off-by: Daniel Rosenberg <drosen@google.com>
Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org>
(cherry picked from commit a6a010f5def544af3efcfe21683905a712b60536)
Change-Id: I8697e37841e1882a3f613e9aab1857ad7e4c3f2f
Bug: 248132568
This allows f2fs to support cases where the block size = page size for
both 4K and 16K block sizes. Other sizes should work as well, should the
need arise. This does not currently support 4K Block size filesystems if
the page size is 16K.
Change-Id: Ifab03cddeec1389a6a3fb64174063ffccbb93072
Signed-off-by: Daniel Rosenberg <drosen@google.com>
Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org>
Bug: 248132568
(cherry picked from commit 8b8e202be3264fc33464f8dc319e0c1563ac89d8)
(fixed minor conflict in fs/f2fs/inode.c)
Full LTO takes the '-mbranch-protection=none' passed to the compiler
when generating the dynamic shadow call stack patching code as a hint to
stop emitting PAC instructions altogether. (Thin LTO appears unaffected
by this)
Work around this by disabling LTO for the compilation unit, which
appears to convince the linker that it should still use PAC in the rest
of the kernel..
Fixes: 3b619e22c4 ("arm64: implement dynamic shadow call stack for Clang")
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
Reviewed-by: Kees Cook <keescook@chromium.org>
Reviewed-by: Sami Tolvanen <samitolvanen@google.com>
Tested-by: Sami Tolvanen <samitolvanen@google.com>
Link: https://lore.kernel.org/r/20240123133052.1417449-6-ardb+git@google.com
Signed-off-by: Will Deacon <will@kernel.org>
(cherry picked from commit d104a6fef3fec137d8d44961224ab76edbd6cbc7)
Bug: 317883735
Change-Id: Ic4bdb0a6e527f8cb2745282b81945aa7b7231502
Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
commit b1db244ffd041a49ecc9618e8feb6b5c1afcdaa7 upstream.
When deactivating the catch-all set element, check the state in the next
generation that represents this transaction.
This bug uncovered after the recent removal of the element busy mark
a2dd0233cb ("netfilter: nf_tables: remove busy mark and gc batch API").
Bug: 323034444
Fixes: aaa31047a6 ("netfilter: nftables: add catch-all set element support")
Cc: stable@vger.kernel.org
Reported-by: lonial con <kongln9170@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
(cherry picked from commit a372f1d01b)
Signed-off-by: Lee Jones <joneslee@google.com>
Change-Id: I40ac92a33db48a2709079d27d7d529946ba297c7
[ Upstream commit af73483f4e8b6f5c68c9aa63257bdd929a9c194a ]
The IDA usually detects double-frees, but that detection failed to
consider the case when there are no nearby IDs allocated and so we have a
NULL bitmap rather than simply having a clear bit. Add some tests to the
test-suite to be sure we don't inadvertently reintroduce this problem.
Unfortunately they're quite noisy so include a message to disregard
the warnings.
Bug: 321878978
Reported-by: Zhenghan Wang <wzhmmmmm@gmail.com>
Signed-off-by: Matthew Wilcox (Oracle) <willy@infradead.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
(cherry picked from commit 5dbcdaf4db)
Signed-off-by: Lee Jones <joneslee@google.com>
Change-Id: I4919e5c64af12f86fe1a91e1e9224a58eedbf345
commit f1082dd31f upstream.
An nftables family is merely a hollow container, its family just a
number and such not reliant on compile-time options other than nftables
support itself. Add an artificial check so attempts at using a family
the kernel can't support fail as early as possible. This helps user
space detect kernels which lack e.g. NFPROTO_INET.
Bug: 321815738
Signed-off-by: Phil Sutter <phil@nwl.cc>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
(cherry picked from commit ab3a3aadb3)
Signed-off-by: Lee Jones <joneslee@google.com>
Change-Id: I7123795885791a62089d5f7d1e5ff5a3f90e4abd
Adding kernfs_rwsem in kernfs_root breaks the ABI unfortunately
since it changes the size of kernfs_root structure.
To fix the issue, this patch introduces new data structure
kernfs_root_ext which includes kernfs_root with kernfs_rwsem to
avoid increasing kernfs_root'size. It also introduces kernfs_rwsem
wrapper function to reach kernfs_rwsem from kernfs_root to minimize
change.
Bug: 320903885
Bug: 219424218
Bug: 206126556
Signed-off-by: Minchan Kim <minchan@google.com>
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
Change-Id: Iabaad9623e9a101210073db3106c93f06847a8b3
Marek reported the warning below.
=========================
WARNING: held lock freed!
5.16.0-rc2+ #10984 Not tainted
-------------------------
kworker/1:0/18 is freeing memory ffff00004034e200-ffff00004034e3ff,
with a lock still held there!
ffff00004034e348 (&root->kernfs_rwsem){++++}-{3:3}, at:
__kernfs_remove+0x310/0x37c
3 locks held by kworker/1:0/18:
#0: ffff000040107938 ((wq_completion)cgroup_destroy){+.+.}-{0:0}, at:
process_one_work+0x1f0/0x6f0
#1: ffff80000b55bdc0
((work_completion)(&(&css->destroy_rwork)->work)){+.+.}-{0:0}, at:
process_one_work+0x1f0/0x6f0
#2: ffff00004034e348 (&root->kernfs_rwsem){++++}-{3:3}, at:
__kernfs_remove+0x310/0x37c
stack backtrace:
CPU: 1 PID: 18 Comm: kworker/1:0 Not tainted 5.16.0-rc2+ #10984
Hardware name: Raspberry Pi 4 Model B (DT)
Workqueue: cgroup_destroy css_free_rwork_fn
Call trace:
dump_backtrace+0x0/0x1ac
show_stack+0x18/0x24
dump_stack_lvl+0x8c/0xb8
dump_stack+0x18/0x34
debug_check_no_locks_freed+0x124/0x140
kfree+0xf0/0x3a4
kernfs_put+0x1f8/0x224
__kernfs_remove+0x1b8/0x37c
kernfs_destroy_root+0x38/0x50
css_free_rwork_fn+0x288/0x3d4
process_one_work+0x288/0x6f0
worker_thread+0x74/0x470
kthread+0x188/0x194
ret_from_fork+0x10/0x20
Since kernfs moves the kernfs_rwsem lock into root, it couldn't hold
the lock when the root node is tearing down. Thus, get the refcount
of root node.
Fixes: 393c371408 ("kernfs: switch global kernfs_rwsem lock to per-fs lock")
Reported-by: Marek Szyprowski <m.szyprowski@samsung.com>
Tested-by: Marek Szyprowski <m.szyprowski@samsung.com>
Acked-by: Tejun Heo <tj@kernel.org>
Signed-off-by: Minchan Kim <minchan@kernel.org>
Link: https://lore.kernel.org/r/20211201231648.1027165-1-minchan@kernel.org
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
(cherry picked from commit 555a0ce455)
Bug: 320903885
Change-Id: If96f85b88b662e88430c9c8d1efb436e9a80ddcf
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
