(Upstream commit 988036f9d3).
Add a "sinks" directory entry so that users can see all the sinks
available in the system in a single place. Individual sink are added
as they are registered with the coresight bus.
Signed-off-by: Mathieu Poirier <mathieu.poirier@linaro.org>
Acked-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Reviewed-by: Suzuki K Poulose <suzuki.poulose@arm.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Bug: 140266694
Change-Id: I11a0cdefd7cb71ca7463d11e8ed7d792d90cee65
Signed-off-by: Yabin Cui <yabinc@google.com>
(Upstream commit acaf5a06b9).
Following in the footstep of what was done for other CoreSight devices,
add CLAIM tag support to ETB10 in order to synchronise access to the
HW between the kernel and an external agent.
Signed-off-by: Mathieu Poirier <mathieu.poirier@linaro.org>
Reviewed-by: Suzuki K Poulose <suzuki.poulose@arm.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Bug: 140266694
Change-Id: I35e83a66af545abbc7ea5fa303c2086f687a1f76
Signed-off-by: Yabin Cui <yabinc@google.com>
(Upstream commit 2478a6ae4a).
Coresight architecture defines CLAIM tags for a device to negotiate
control of the components (external agent vs self-hosted). Each device
has a pair of registers (CLAIMSET & CLAIMCLR) for managing the CLAIM
tags. However, the protocol for the CLAIM tags is IMPLEMENTATION DEFINED.
PSCI has recommendations for the use of the CLAIM tags to negotiate
controls for external agent vs self-hosted use. This patch implements
the recommended protocol by PSCI.
The claim/disclaim operations are performed from the device specific
drivers. The disadvantage is that the calls are sprinkled in each driver,
but this makes the operation much simpler.
Cc: Mathieu Poirier <mathieu.poirier@linaro.org>
Signed-off-by: Suzuki K Poulose <suzuki.poulose@arm.com>
Signed-off-by: Mathieu Poirier <mathieu.poirier@linaro.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Bug: 140266694
Change-Id: I1956110ec9822cfd9ac279a0dcddcaf8b90b7f37
Signed-off-by: Yabin Cui <yabinc@google.com>
(Upstream commit 30af4fb619).
When a replicator port is enabled, we block the traffic
on the other port and route all traffic to the new enabled
port. If there are two active trace sessions each targeting
the two different paths from the replicator, the second session
will disable the first session and route all the data to the
second path.
ETR
/
e.g, replicator
\
ETB
If CPU0 is operated in sysfs mode to ETR and CPU1 is operated
in perf mode to ETB, depending on the order in which the
replicator is enabled one device is blocked.
Ideally we need trace-id for the session to make the
right choice. That implies we need a trace-id allocation
logic for the coresight subsystem and use that to route
the traffic. The short term solution is to only manage
the "target port" and leave the other port untouched.
That leaves both the paths unaffected, except that some
unwanted traffic may be pushed to the paths (if the Trace-IDs
are not far enough), which is still fine and can be filtered
out while processing rather than silently blocking the data.
Cc: Mathieu Poirier <mathieu.poirier@linaro.org>
Signed-off-by: Suzuki K Poulose <suzuki.poulose@arm.com>
Signed-off-by: Mathieu Poirier <mathieu.poirier@linaro.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Bug: 140266694
Change-Id: I3804e95a76ad9b0d9d28ab0f0f36f090670d0da7
Signed-off-by: Yabin Cui <yabinc@google.com>
(Upstream commit e006d89abe).
Add support for handling errors in enabling the component.
The ETM is enabled via cross call to owner CPU. Make
necessary changes to report the error back from the cross
call.
Cc: Mathieu Poirier <mathieu.poirier@linaro.org>
Signed-off-by: Suzuki K Poulose <suzuki.poulose@arm.com>
Signed-off-by: Mathieu Poirier <mathieu.poirier@linaro.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Bug: 140266694
Change-Id: I8a54186df77720d2d4d573e269ed961695593a4f
Signed-off-by: Yabin Cui <yabinc@google.com>
(Upstream commit 1c7995e11c).
Make sure we honor the errors in CATU device and abort the operation.
While at it, delay setting the etr_buf for the session until we are
sure that we are indeed enabling the ETR.
Cc: Mathieu Poirier <mathieu.poirier@linaro.org>
Signed-off-by: Suzuki K Poulose <suzuki.poulose@arm.com>
Signed-off-by: Mathieu Poirier <mathieu.poirier@linaro.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Bug: 140266694
Change-Id: I8115bff427d9d4b5755a0d7e84ab53de76bdc83a
Signed-off-by: Yabin Cui <yabinc@google.com>
(Upstream commit 6276f9cba5).
Refactor the tmc-etr enable operation to make it easier to
handle errors in enabling the hardware. We need to make
sure that the buffer is compatible with the ETR. This
patch re-arranges to make the error handling easier, by
deferring the hardware enablement until all the errors
are checked. This also avoids turning the CATU on/off
during a sysfs read session.
Cc: Mathieu Poirier <mathieu.poirier@linaro.org>
Signed-off-by: Suzuki K Poulose <suzuki.poulose@arm.com>
Signed-off-by: Mathieu Poirier <mathieu.poirier@linaro.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Bug: 140266694
Change-Id: If37267ec025df465507bf9e592a512058579914d
Signed-off-by: Yabin Cui <yabinc@google.com>
(Upstream commit b9866bb168).
coresight_enable_path() enables the components in a trace
path from a given source to a sink, excluding the source.
The operation is performed in the reverse order; the sink
first and then backwards in the list. However, if we encounter
an error in enabling any of the component, we simply disable
all the components in the given path irrespective of whether
we enabled some of the components in the enable iteration.
This could interfere with another trace session if one of the
link devices is turned off (e.g, TMC-ETF). So, we need to
make sure that we only disable those components which were
actually enabled from the iteration.
This patch achieves the same by refactoring the coresight_disable_path
to accept a "node" to start from in the forward order, which can
then be used from the error path of coresight_enable_path().
With this change, we don't issue a disable call back for a component
which didn't get enabled. This change of behavior triggers
a bug in coresight_enable_link(), where we leave the refcount
on the device and will prevent the device from being enabled
forever. So, we also drop the refcount in the coresight_enable_link()
if the operation failed.
Also, with the refactoring, we always start after the first node (which
is the "SOURCE" device) for disabling the entire path. This implies,
we must not find a "SOURCE" in the middle of the path. Hence, added
a WARN_ON() to make sure the paths we get are sane, rather than
simply ignoring them.
Cc: Mathieu Poirier <mathieu.poirier@linaro.org>
Signed-off-by: Suzuki K Poulose <suzuki.poulose@arm.com>
Signed-off-by: Mathieu Poirier <mathieu.poirier@linaro.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Bug: 140266694
Change-Id: I09b76e9890d01b763df14ce701dd6f4a60d06b40
Signed-off-by: Yabin Cui <yabinc@google.com>
(Upstream commit e7753f3937).
>From the comment in the code, it claims the requirement for byte-address
alignment for RRP register: 'for 32-bit, 64-bit and 128-bit wide trace
memory, the four LSBs must be 0s. For 256-bit wide trace memory, the
five LSBs must be 0s'. This isn't consistent with the program, the
program sets five LSBs as zeros for 32/64/128-bit wide trace memory and
set six LSBs zeros for 256-bit wide trace memory.
After checking with the CoreSight Trace Memory Controller technical
reference manual (ARM DDI 0461B, section 3.3.4 RAM Read Pointer
Register), it proves the comment is right and the program does wrong
setting.
This patch fixes byte-address alignment for RRP by following correct
definition in the technical reference manual.
Cc: Mathieu Poirier <mathieu.poirier@linaro.org>
Cc: Mike Leach <mike.leach@linaro.org>
Signed-off-by: Leo Yan <leo.yan@linaro.org>
Signed-off-by: Mathieu Poirier <mathieu.poirier@linaro.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Bug: 140266694
Change-Id: I57465984b4558721df1e3eed0268698f518e1938
Signed-off-by: Yabin Cui <yabinc@google.com>
(Upstream commit b860801e32).
For non-VHE systems host kernel runs at EL1 and jumps to EL2 whenever
hypervisor code should be executed. In this case ETM4x driver must
restrict configuration to EL1 when it setups kernel tracing.
However, there is no separate hypervisor privilege level when VHE
is enabled, the host kernel runs at EL2.
This patch fixes configuration of TRCACATRn register for VHE systems
so that ETM_EXLEVEL_NS_HYP bit is used instead of ETM_EXLEVEL_NS_OS
to on/off kernel tracing. At the same time, it moves common code
to new helper.
Signed-off-by: Tomasz Nowicki <tnowicki@caviumnetworks.com>
Signed-off-by: Mathieu Poirier <mathieu.poirier@linaro.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Bug: 140266694
Change-Id: Id058f827c83e767e2b859a4bf55b3245c3b2f197
Signed-off-by: Yabin Cui <yabinc@google.com>
(Upstream commit d4989fe886).
Up until now the relative simplicity of enabling the ETB made it
possible to accommodate processing for both sysFS and perf methods.
But work on claimtags and CPU-wide trace scenarios is adding some
complexity, making the current code messy and hard to maintain.
As such follow what has been done for ETF and ETR components and split
function etb_enable() so that processing for both API can be done
cleanly.
Signed-off-by: Mathieu Poirier <mathieu.poirier@linaro.org>
Reviewed-by: Suzuki K Poulose <suzuki.poulose@arm.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Bug: 140266694
Change-Id: Ib4676804e79d034d29fe8623944bc58e0c5db4a7
Signed-off-by: Yabin Cui <yabinc@google.com>
(Upstream commit d43b8ec599).
This patch moves the etb_drvdata::mode from a locat_t to a simple u32,
as it is for the ETF and ETR drivers. This streamlines the code and adds
commonality with the other drivers when dealing with similar operations.
Signed-off-by: Mathieu Poirier <mathieu.poirier@linaro.org>
Reviewed-by: Suzuki K Poulose <suzuki.poulose@arm.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Bug: 140266694
Change-Id: I0f38579a632919a0eef37b9825a6cdf23a39b7cd
Signed-off-by: Yabin Cui <yabinc@google.com>
(Upstream commit 22f429f19c).
Add support for using TMC-ETR as backend for ETM perf tracing.
We use software double buffering at the moment. i.e, the TMC-ETR
uses a separate buffer than the perf ring buffer. The data is
copied to the perf ring buffer once a session completes.
The TMC-ETR would try to match the larger of perf ring buffer
or the ETR buffer size configured via sysfs, scaling down to
a minimum limit of 1MB.
Cc: Mathieu Poirier <mathieu.poirier@linaro.org>
Signed-off-by: Suzuki K Poulose <suzuki.poulose@arm.com>
Signed-off-by: Mathieu Poirier <mathieu.poirier@linaro.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Bug: 140266694
Change-Id: Iaac97ed6528768233bf66a82da9b3976571e4791
Signed-off-by: Yabin Cui <yabinc@google.com>
(Upstream commit 3d6e893575).
In coresight perf mode, we need to prepare the sink before
starting a session, which is done via set_buffer call back.
We then proceed to enable the tracing. If we fail to start
the session successfully, we leave the sink configuration
unchanged. In order to make the operation atomic and to
avoid yet another call back to clear the buffer, we get
rid of the "set_buffer" call back and pass the buffer details
via enable() call back to the sink.
Cc: Mathieu Poirier <mathieu.poirier@linaro.org>
Signed-off-by: Suzuki K Poulose <suzuki.poulose@arm.com>
Signed-off-by: Mathieu Poirier <mathieu.poirier@linaro.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Bug: 140266694
Change-Id: I2a858def1342d0f06c5643f638cb6d5c49d70ccf
Signed-off-by: Yabin Cui <yabinc@google.com>
(Upstream commit d25054ee8d).
We can always find the sink configuration for a given perf_output_handle.
Add a helper to retrieve the sink configuration for a given
perf_output_handle. This will be used to get rid of the set_buffer()
call back.
Cc: Mathieu Poirier <mathieu.poirier@linaro.org>
Signed-off-by: Suzuki K Poulose <suzuki.poulose@arm.com>
Signed-off-by: Mathieu Poirier <mathieu.poirier@linaro.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Bug: 140266694
Change-Id: I0a9d8d9d8370fea5e4245697dca1e510d3f9438c
Signed-off-by: Yabin Cui <yabinc@google.com>
(Upstream commit 7ec786ad19).
Right now we issue an update_buffer() and reset_buffer() call backs
in succession when we stop tracing an event. The update_buffer is
supposed to check the status of the buffer and make sure the ring buffer
is updated with the trace data. And we store information about the
size of the data collected only to be consumed by the reset_buffer
callback which always follows the update_buffer. This was originally
designed for handling future IPs which could trigger a buffer overflow
interrupt. This patch gets rid of the reset_buffer callback altogether
and performs the actions in update_buffer, making it return the size
collected. We can always add the support for handling the overflow
interrupt case later.
This removes some not-so pretty hack (storing the new head in the
size field for snapshot mode) and cleans it up a little bit.
Cc: Mathieu Poirier <mathieu.poirier@linaro.org>
Signed-off-by: Suzuki K Poulose <suzuki.poulose@arm.com>
Signed-off-by: Mathieu Poirier <mathieu.poirier@linaro.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Bug: 140266694
Change-Id: I5264db2e453909473b6ab5cb9ea0cba10091ff6e
Signed-off-by: Yabin Cui <yabinc@google.com>
(Upstream commit 41a75cdde7).
Convert component enable/disable messages from dev_info to dev_dbg.
When used with perf, the components in the paths are enabled/disabled
during each schedule of the run, which can flood the dmesg with these
messages. Moreover, they are only useful for debug purposes. So,
convert such messages to dev_dbg() which can be turned on as
needed.
Cc: Mathieu Poirier <mathieu.poirier@linaro.org>
Signed-off-by: Suzuki K Poulose <suzuki.poulose@arm.com>
Signed-off-by: Mathieu Poirier <mathieu.poirier@linaro.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Bug: 140266694
Change-Id: I44698c3c29b1d8cee3f2813a11dd5be1606e9ca3
Signed-off-by: Yabin Cui <yabinc@google.com>
(Upstream commit cad5f8d399).
Since the ETR now uses mode specific buffers, we can reliably
provide the trace data captured in sysfs mode, even when the ETR
is operating in PERF mode.
Cc: Mathieu Poirier <mathieu.poirier@linaro.org>
Signed-off-by: Suzuki K Poulose <suzuki.poulose@arm.com>
Signed-off-by: Mathieu Poirier <mathieu.poirier@linaro.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Bug: 140266694
Change-Id: I2c4849f9664de698cba483c5ba897bce1f34e54b
Signed-off-by: Yabin Cui <yabinc@google.com>
(Upstream commit 96a7f64400).
Since the ETR could be driven either by SYSFS or by perf, it
becomes complicated how we deal with the buffers used for each
of these modes. The ETR driver cannot simply free the current
attached buffer without knowing the provider (i.e, sysfs vs perf).
To solve this issue, we provide:
1) the driver-mode specific etr buffer to be retained in the drvdata
2) the etr_buf for a session should be passed on when enabling the
hardware, which will be stored in drvdata->etr_buf. This will be
replaced (not free'd) as soon as the hardware is disabled, after
necessary sync operation.
The advantages of this are :
1) The common code path doesn't need to worry about how to dispose
an existing buffer, if it is about to start a new session with a
different buffer, possibly in a different mode.
2) The driver mode can control its buffers and can get access to the
saved session even when the hardware is operating in a different
mode. (e.g, we can still access a trace buffer from a sysfs mode
even if the etr is now used in perf mode, without disrupting the
current session.)
Towards this, we introduce a sysfs specific data which will hold the
etr_buf used for sysfs mode of operation, controlled solely by the
sysfs mode handling code.
Cc: Mathieu Poirier <mathieu.poirier@linaro.org>
Signed-off-by: Suzuki K Poulose <suzuki.poulose@arm.com>
Signed-off-by: Mathieu Poirier <mathieu.poirier@linaro.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Bug: 140266694
Change-Id: I8a85ab42cbf077ca803c633b3c35375117a35f85
Signed-off-by: Yabin Cui <yabinc@google.com>
(Upstream commit 4f8ef21007).
We enable the trace path, before activating the source.
If we fail to enable the source, we must disable the path
to make sure it is available for another session.
Cc: Mathieu Poirier <mathieu.poirier@linaro.org>
Signed-off-by: Suzuki K Poulose <suzuki.poulose@arm.com>
Signed-off-by: Mathieu Poirier <mathieu.poirier@linaro.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Bug: 140266694
Change-Id: I20b672edfcaca5d3851284ec4fbe20ffaebbe5f4
Signed-off-by: Yabin Cui <yabinc@google.com>
(Upstream commit f9d81a657b).
At the moment, if there is no CPU specified for a given
event, we use cpu_online_mask and try to build path for
each of the CPUs in the mask. This could prevent any CPU
that is turned online later to be used for the tracing.
This patch changes to use the cpu_present_mask and tries
to build path for as much CPUs as possible ignoring the
failures in building path for some of the CPUs. If ever
we try to trace on those CPUs, we fail the operation.
Based on a patch from Mathieu Poirier.
Cc: Mathieu Poirier <mathieu.poirier@linaro.org>
Signed-off-by: Suzuki K Poulose <suzuki.poulose@arm.com>
Signed-off-by: Mathieu Poirier <mathieu.poirier@linaro.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Bug: 140266694
Change-Id: I5771870e7eee8fc9af8478f96a0a30e32e456e28
Signed-off-by: Yabin Cui <yabinc@google.com>
(Upstream commit 5ecabe4a76).
We create a coresight trace path for each online CPU when
we start the event. We rely on the number of online CPUs
and then go on to allocate an array matching the "number of
online CPUs" for holding the path and then uses normal
CPU id as the index to the array. This is problematic as
we could have some offline CPUs causing us to access beyond
the actual array size (e.g, on a dual SMP system, if CPU0 is
offline, CPU1 could be really accessing beyond the array).
The solution is to switch to per-cpu array for holding the path.
Cc: Mathieu Poirier <mathieu.poirier@linaro.org>
Signed-off-by: Suzuki K Poulose <suzuki.poulose@arm.com>
Signed-off-by: Mathieu Poirier <mathieu.poirier@linaro.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Bug: 140266694
Change-Id: I8b54ae229c296465bed9a62f0cd9648327fd0dc5
Signed-off-by: Yabin Cui <yabinc@google.com>
(Upstream commit c71369de02).
The coresight components could be operated either in sysfs mode or in perf
mode. For some of the components, the mode of operation doesn't matter as
they simply relay the data to the next component in the trace path. But for
sinks, they need to be able to provide the trace data back to the user.
Thus we need to make sure that "mode" is handled appropriately. e.g,
the sysfs mode could have multiple sources driving the trace data, while
perf mode doesn't allow sharing the sink.
The coresight_enable_sink() however doesn't really allow this check to
trigger as it skips the "enable_sink" callback if the component is
already enabled, irrespective of the mode. This could cause mixing
of data from different modes or even same mode (in perf), if the
sources are different. Also, if we fail to enable the sink while
enabling a path (where sink is the first component enabled),
we could end up in disabling the components in the "entire"
path which were not enabled in this trial, causing disruptions
in the existing trace paths.
Cc: Mathieu Poirier <mathieu.poirier@linaro.org>
Signed-off-by: Suzuki K Poulose <suzuki.poulose@arm.com>
Signed-off-by: Mathieu Poirier <mathieu.poirier@linaro.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Bug: 140266694
Change-Id: I3c3d6b38456a435a008f38359deac85dfdbd5b72
Signed-off-by: Yabin Cui <yabinc@google.com>
(Upstream commit bbd35ba6fa).
Use ERR_CAT inlined function to replace the ERR_PTR(PTR_ERR). It
make the code more concise.
Signed-off-by: zhong jiang <zhongjiang@huawei.com>
Signed-off-by: Mathieu Poirier <mathieu.poirier@linaro.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Bug: 140266694
Change-Id: I9eea8c7fdf388164d5863facc9cb66ba9ceb525b
Signed-off-by: Yabin Cui <yabinc@google.com>
(Upstream commit 96330407f8).
When parsing the remote endpoint of an output port, we do :
rport = of_graph_get_remote_port(ep);
rparent = of_graph_get_remote_port_parent(ep);
and then parse the "remote_port" as if it was the remote endpoint,
which is wrong. The code worked fine because we used endpoint number
as the port number. Let us fix it and optimise a bit as:
remote_ep = of_graph_get_remote_endpoint(ep);
if (remote_ep)
remote_parent = of_graph_get_port_parent(remote_ep);
and then, parse the remote_ep for the port/endpoint details.
Signed-off-by: Suzuki K Poulose <suzuki.poulose@arm.com>
Signed-off-by: Mathieu Poirier <mathieu.poirier@linaro.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Bug: 140266694
Change-Id: I7e14250f73f78e39aa979bf71d2cbc6314de3b39
Signed-off-by: Yabin Cui <yabinc@google.com>
(Upstream commit fac253e52f).
commit 6403587a930c ("coresight: use put_device() instead of kfree()")
fixes the double freeing of resources and ensures that the device
refcount is dropped properly. Add a comment to explain this to
help the readers and prevent people trying to "unfix" it again.
While at it, rename the labels for better readability.
Cc: Mathieu Poirier <mathieu.poirier@linaro.org>
Cc: Arvind Yadav <arvind.yadav.cs@gmail.com>
Signed-off-by: Suzuki K Poulose <suzuki.poulose@arm.com>
Signed-off-by: Mathieu Poirier <mathieu.poirier@linaro.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Bug: 140266694
Change-Id: Ie4f5a46348fe4a02d2b6ced743a64b680ee9f21f
Signed-off-by: Yabin Cui <yabinc@google.com>
Solve a regression introduced by
commit 272fcd1ca7
("ANDROID: overlayfs: override_creds=off option bypass creator_cred")
where a crash is observed a crash in ovl_create_or_link() when a
simple re-direction command in vendor directory.
/vendor/bin/<Any test> > /vendor/bin/test_log.txt 2>&1&
After further debugging we see that if the output is redirected to a
file which doesn’t exist we see this stack:
[ 377.382745] ovl_create_or_link+0xac/0x710
[ 377.382745] ovl_create_object+0xb8/0x110
[ 377.382745] ovl_create+0x34/0x40
[ 377.382745] path_openat+0xd44/0x15a8
[ 377.382745] do_filp_open+0x80/0x128
[ 377.382745] do_sys_open+0x140/0x250
[ 377.382745] __arm64_sys_openat+0x2c/0x38
ovl_override_creds returns NULL because the override_cred flag is set
to false. This causes ovl_revert_creds also to fail.
There is another call to check override_cred in override_cred call
which overrides the creds permanently as there no revert_creds
associated. So whenever next commit_cred is called we see the crash
as the credentials are permanently overridden.
Signed-off-by: Mark Salyzyn <salyzyn@google.com>
Tested-by: Rishabh/Jeevan <jshriram@qualcomm.corp-partner.google.com>
Bug: 140816499
Change-Id: Icd0d9be82fc57af5ead1eeab99f79adf3adf62ef
Check impure, opaque, origin & meta xattr with no sepolicy audit
(using __vfs_getxattr) since these operations are internal to
overlayfs operations and do not disclose any data. This became
an issue for credential override off since sys_admin would have
been required by the caller; whereas would have been inherently
present for the creator since it performed the mount.
This is a change in operations since we do not check in the new
ovl_vfs_getxattr function if the credential override is off or
not. Reasoning is that the sepolicy check is unnecessary overhead,
especially since the check can be expensive.
Signed-off-by: Mark Salyzyn <salyzyn@google.com>
Bug: 133515582
Bug: 136124883
Bug: 129319403
Change-Id: I34d99cc46e9e87a79efc8d05f85980bbc137f7eb
Because of the overlayfs getxattr recursion, the incoming inode fails
to update the selinux sid resulting in avc denials being reported
against a target context of u:object_r:unlabeled:s0.
Solution is to add a _get xattr method that calls the __vfs_getxattr
handler so that the context can be read in, rather than being denied
with an -EACCES when vfs_getxattr handler is called.
Signed-off-by: Mark Salyzyn <salyzyn@google.com>
Bug: 133515582
Bug: 136124883
Bug: 129319403
Change-Id: Ia39543c5ce617976f14d790fb88e471d575ffd65
Add an optional __get xattr method that would be called, if set, only
in __vfs_getxattr instead of the regular get xattr method.
Signed-off-by: Mark Salyzyn <salyzyn@google.com>
Bug: 133515582
Bug: 136124883
Bug: 129319403
Change-Id: If9f6cf3e0d964e77af769244bb1e8f6aee4f4445
Changes in 4.19.82
zram: fix race between backing_dev_show and backing_dev_store
dm snapshot: introduce account_start_copy() and account_end_copy()
dm snapshot: rework COW throttling to fix deadlock
Btrfs: fix inode cache block reserve leak on failure to allocate data space
Btrfs: fix memory leak due to concurrent append writes with fiemap
btrfs: qgroup: Always free PREALLOC META reserve in btrfs_delalloc_release_extents()
btrfs: tracepoints: Fix wrong parameter order for qgroup events
wil6210: fix freeing of rx buffers in EDMA mode
f2fs: flush quota blocks after turnning it off
scsi: lpfc: Fix a duplicate 0711 log message number.
sc16is7xx: Fix for "Unexpected interrupt: 8"
powerpc/powernv: hold device_hotplug_lock when calling memtrace_offline_pages()
f2fs: fix to recover inode's i_gc_failures during POR
f2fs: fix to recover inode->i_flags of inode block during POR
HID: i2c-hid: add Direkt-Tek DTLAPY133-1 to descriptor override
usb: dwc2: fix unbalanced use of external vbus-supply
tools/power turbostat: fix goldmont C-state limit decoding
x86/cpu: Add Atom Tremont (Jacobsville)
drm/msm/dpu: handle failures while initializing displays
bcache: fix input overflow to writeback_rate_minimum
PCI: Fix Switchtec DMA aliasing quirk dmesg noise
Btrfs: fix deadlock on tree root leaf when finding free extent
netfilter: ipset: Make invalid MAC address checks consistent
HID: i2c-hid: Disable runtime PM for LG touchscreen
HID: i2c-hid: Ignore input report if there's no data present on Elan touchpanels
HID: i2c-hid: Add Odys Winbook 13 to descriptor override
platform/x86: Add the VLV ISP PCI ID to atomisp2_pm
platform/x86: Fix config space access for intel_atomisp2_pm
ath10k: assign 'n_cipher_suites = 11' for WCN3990 to enable WPA3
clk: boston: unregister clks on failure in clk_boston_setup()
scripts/setlocalversion: Improve -dirty check with git-status --no-optional-locks
staging: mt7621-pinctrl: use pinconf-generic for 'dt_node_to_map' and 'dt_free_map'
HID: Add ASUS T100CHI keyboard dock battery quirks
NFSv4: Ensure that the state manager exits the loop on SIGKILL
HID: steam: fix boot loop with bluetooth firmware
HID: steam: fix deadlock with input devices.
samples: bpf: fix: seg fault with NULL pointer arg
usb: dwc3: gadget: early giveback if End Transfer already completed
usb: dwc3: gadget: clear DWC3_EP_TRANSFER_STARTED on cmd complete
ALSA: usb-audio: Cleanup DSD whitelist
usb: handle warm-reset port requests on hub resume
rtc: pcf8523: set xtal load capacitance from DT
arm64: Add MIDR encoding for HiSilicon Taishan CPUs
arm64: kpti: Whitelist HiSilicon Taishan v110 CPUs
mlxsw: spectrum: Set LAG port collector only when active
scsi: lpfc: Correct localport timeout duration error
CIFS: Respect SMB2 hdr preamble size in read responses
cifs: add credits from unmatched responses/messages
ALSA: hda/realtek - Apply ALC294 hp init also for S4 resume
media: vimc: Remove unused but set variables
ext4: disallow files with EXT4_JOURNAL_DATA_FL from EXT4_IOC_SWAP_BOOT
exec: load_script: Do not exec truncated interpreter path
net: dsa: mv88e6xxx: Release lock while requesting IRQ
PCI/PME: Fix possible use-after-free on remove
drm/amd/display: fix odm combine pipe reset
power: supply: max14656: fix potential use-after-free
iio: adc: meson_saradc: Fix memory allocation order
iio: fix center temperature of bmc150-accel-core
libsubcmd: Make _FORTIFY_SOURCE defines dependent on the feature
perf tests: Avoid raising SEGV using an obvious NULL dereference
perf map: Fix overlapped map handling
perf script brstackinsn: Fix recovery from LBR/binary mismatch
perf jevents: Fix period for Intel fixed counters
perf tools: Propagate get_cpuid() error
perf annotate: Propagate perf_env__arch() error
perf annotate: Fix the signedness of failure returns
perf annotate: Propagate the symbol__annotate() error return
perf annotate: Return appropriate error code for allocation failures
staging: rtl8188eu: fix null dereference when kzalloc fails
RDMA/hfi1: Prevent memory leak in sdma_init
RDMA/iwcm: Fix a lock inversion issue
HID: hyperv: Use in-place iterator API in the channel callback
nfs: Fix nfsi->nrequests count error on nfs_inode_remove_request
arm64: ftrace: Ensure synchronisation in PLT setup for Neoverse-N1 #1542419
tty: serial: owl: Fix the link time qualifier of 'owl_uart_exit()'
tty: n_hdlc: fix build on SPARC
gpio: max77620: Use correct unit for debounce times
fs: cifs: mute -Wunused-const-variable message
serial: mctrl_gpio: Check for NULL pointer
efi/cper: Fix endianness of PCIe class code
efi/x86: Do not clean dummy variable in kexec path
MIPS: include: Mark __cmpxchg as __always_inline
x86/xen: Return from panic notifier
ocfs2: clear zero in unaligned direct IO
fs: ocfs2: fix possible null-pointer dereferences in ocfs2_xa_prepare_entry()
fs: ocfs2: fix a possible null-pointer dereference in ocfs2_write_end_nolock()
fs: ocfs2: fix a possible null-pointer dereference in ocfs2_info_scan_inode_alloc()
arm64: armv8_deprecated: Checking return value for memory allocation
x86/cpu: Add Comet Lake to the Intel CPU models header
sched/vtime: Fix guest/system mis-accounting on task switch
perf/x86/amd: Change/fix NMI latency mitigation to use a timestamp
drm/amdgpu: fix memory leak
iio: imu: adis16400: release allocated memory on failure
MIPS: include: Mark __xchg as __always_inline
MIPS: fw: sni: Fix out of bounds init of o32 stack
virt: vbox: fix memory leak in hgcm_call_preprocess_linaddr
nbd: fix possible sysfs duplicate warning
NFSv4: Fix leak of clp->cl_acceptor string
s390/uaccess: avoid (false positive) compiler warnings
tracing: Initialize iter->seq after zeroing in tracing_read_pipe()
ARM: 8914/1: NOMMU: Fix exc_ret for XIP
ALSA: hda/realtek: Reduce the Headphone static noise on XPS 9350/9360
iwlwifi: exclude GEO SAR support for 3168
nbd: verify socket is supported during setup
USB: legousbtower: fix a signedness bug in tower_probe()
thunderbolt: Use 32-bit writes when writing ring producer/consumer
ath6kl: fix a NULL-ptr-deref bug in ath6kl_usb_alloc_urb_from_pipe()
fuse: flush dirty data/metadata before non-truncate setattr
fuse: truncate pending writes on O_TRUNC
ALSA: bebob: Fix prototype of helper function to return negative value
ALSA: hda/realtek - Fix 2 front mics of codec 0x623
ALSA: hda/realtek - Add support for ALC623
UAS: Revert commit 3ae62a4209 ("UAS: fix alignment of scatter/gather segments")
USB: gadget: Reject endpoints with 0 maxpacket value
usb-storage: Revert commit 747668dbc0 ("usb-storage: Set virt_boundary_mask to avoid SG overflows")
USB: ldusb: fix ring-buffer locking
USB: ldusb: fix control-message timeout
usb: xhci: fix __le32/__le64 accessors in debugfs code
USB: serial: whiteheat: fix potential slab corruption
USB: serial: whiteheat: fix line-speed endianness
scsi: target: cxgbit: Fix cxgbit_fw4_ack()
HID: i2c-hid: add Trekstor Primebook C11B to descriptor override
HID: Fix assumption that devices have inputs
HID: fix error message in hid_open_report()
nl80211: fix validation of mesh path nexthop
s390/cmm: fix information leak in cmm_timeout_handler()
s390/idle: fix cpu idle time calculation
arm64: Ensure VM_WRITE|VM_SHARED ptes are clean by default
rtlwifi: Fix potential overflow on P2P code
dmaengine: qcom: bam_dma: Fix resource leak
dmaengine: cppi41: Fix cppi41_dma_prep_slave_sg() when idle
drm/amdgpu/powerplay/vega10: allow undervolting in p7
NFS: Fix an RCU lock leak in nfs4_refresh_delegation_stateid()
batman-adv: Avoid free/alloc race when handling OGM buffer
llc: fix sk_buff leak in llc_sap_state_process()
llc: fix sk_buff leak in llc_conn_service()
rxrpc: Fix call ref leak
rxrpc: rxrpc_peer needs to hold a ref on the rxrpc_local record
rxrpc: Fix trace-after-put looking at the put peer record
NFC: pn533: fix use-after-free and memleaks
bonding: fix potential NULL deref in bond_update_slave_arr
net: usb: sr9800: fix uninitialized local variable
sch_netem: fix rcu splat in netem_enqueue()
ALSA: timer: Simplify error path in snd_timer_open()
ALSA: timer: Fix mutex deadlock at releasing card
ALSA: usb-audio: DSD auto-detection for Playback Designs
ALSA: usb-audio: Update DSD support quirks for Oppo and Rotel
ALSA: usb-audio: Add DSD support for Gustard U16/X26 USB Interface
powerpc/powernv: Fix CPU idle to be called with IRQs disabled
Revert "ALSA: hda: Flush interrupts on disabling"
Linux 4.19.82
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I79ced3dcffed0086af7d8a77116e8061915677a1
[ Upstream commit 7d6475051f ]
Commit e78a7614f3 ("idle: Prevent late-arriving interrupts from
disrupting offline") changes arch_cpu_idle_dead to be called with
interrupts disabled, which triggers the WARN in pnv_smp_cpu_kill_self.
Fix this by fixing up irq_happened after hard disabling, rather than
requiring there are no pending interrupts, similarly to what was done
done until commit 2525db04d1 ("powerpc/powernv: Simplify lazy IRQ
handling in CPU offline").
Fixes: e78a7614f3 ("idle: Prevent late-arriving interrupts from disrupting offline")
Reported-by: Paul Mackerras <paulus@samba.org>
Signed-off-by: Nicholas Piggin <npiggin@gmail.com>
[mpe: Add unexpected_mask rather than checking for known bad values,
change the WARN_ON() to a WARN_ON_ONCE()]
Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
Link: https://lore.kernel.org/r/20191022115814.22456-1-npiggin@gmail.com
Signed-off-by: Sasha Levin <sashal@kernel.org>
[ Upstream commit 0067e154b1 ]
Oppo has issued firmware updates that change alt setting used for DSD
support. However, these devices seem to support auto-detection, so
support is moved from explicit whitelisting to auto-detection.
Also Rotel devices have USB interfaces that support DSD with
auto-detection.
Signed-off-by: Jussi Laako <jussi@sonarnerd.net>
Signed-off-by: Takashi Iwai <tiwai@suse.de>
Signed-off-by: Sasha Levin <sashal@kernel.org>
[ Upstream commit eb7505d52a ]
Add DSD support auto-detection for newer Playback Designs devices. Older
device generations have a different USB interface implementation.
Keep the auto-detection VID whitelist sorted.
Signed-off-by: Jussi Laako <jussi@sonarnerd.net>
Signed-off-by: Takashi Iwai <tiwai@suse.de>
Signed-off-by: Sasha Levin <sashal@kernel.org>
[ Upstream commit a393318673 ]
When a card is disconnected while in use, the system waits until all
opened files are closed then releases the card. This is done via
put_device() of the card device in each device release code.
The recently reported mutex deadlock bug happens in this code path;
snd_timer_close() for the timer device deals with the global
register_mutex and it calls put_device() there. When this timer
device is the last one, the card gets freed and it eventually calls
snd_timer_free(), which has again the protection with the global
register_mutex -- boom.
Basically put_device() call itself is race-free, so a relative simple
workaround is to move this put_device() call out of the mutex. For
achieving that, in this patch, snd_timer_close_locked() got a new
argument to store the card device pointer in return, and each caller
invokes put_device() with the returned object after the mutex unlock.
Reported-and-tested-by: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
Cc: <stable@vger.kernel.org>
Signed-off-by: Takashi Iwai <tiwai@suse.de>
Signed-off-by: Sasha Levin <sashal@kernel.org>
[ Upstream commit 41672c0c24 ]
Just a minor refactoring to use the standard goto for error paths in
snd_timer_open() instead of open code. The first mutex_lock() is
moved to the beginning of the function to make the code clearer.
Signed-off-by: Takashi Iwai <tiwai@suse.de>
Signed-off-by: Sasha Levin <sashal@kernel.org>
