Skip to content
Snippets Groups Projects
  1. Nov 29, 2021
    • Alexandre Courbot's avatar
      media: mtk-vpu: Ensure alignment of 8 for DTCM buffer · 13d0588b
      Alexandre Courbot authored and Dafna Hirschfeld's avatar Dafna Hirschfeld committed
      
      When running memcpy_toio:
      memcpy_toio(send_obj->share_buf, buf, len);
      it was found that errors appear if len is not a multiple of 8:
      
      [58.350841] mtk-mdp 14001000.rdma: processing failed: -22
      
      This is because in ARM64, memcpy_toio does byte-size access
      when the length is not a multiple of 8 while access to the
      vpu iomem must be 4 aligned.
      
      This patch ensures the copy of a multiple of 8 size by calling
      round_up(len, 8) when copying
      
      Fixes: e6599adf ("media: mtk-vpu: avoid unaligned access to DTCM buffer.")
      Signed-off-by: default avatarAlexandre Courbot <acourbot@chromium.org>
      Signed-off-by: default avatarEnric Balletbo i Serra <enric.balletbo@collabora.com>
      Signed-off-by: default avatarDafna Hirschfeld <dafna.hirschfeld@collabora.com>
      Reviewed-by: default avatarHoulong Wei <houlong.wei@mediatek.com>
      13d0588b
    • Dafna Hirschfeld's avatar
      allow irq all the time · 83021a9a
      Dafna Hirschfeld authored
      83021a9a
    • Dafna Hirschfeld's avatar
      meida: mtk-vcodec: remove unused func parameter · ff92cc18
      Dafna Hirschfeld authored
      
      The prarameter bs_size to function vpu_enc_encode
      is not used. Remove it.
      
      Signed-off-by: default avatarDafna Hirschfeld <dafna.hirschfeld@collabora.com>
      ff92cc18
    • Dafna Hirschfeld's avatar
      media: mtk-vcodec: don't check return val of mtk_venc_get_q_data · e81efd15
      Dafna Hirschfeld authored
      
      The function mtk_venc_get_q_data always returns a reference
      so there is no need to check if the return value is null.
      In addition move the q_data initialization to the declaration
      
      Signed-off-by: default avatarDafna Hirschfeld <dafna.hirschfeld@collabora.com>
      e81efd15
    • Dafna Hirschfeld's avatar
      media: mtk-vcodec: replace func vidioc_try_fmt with two funcs for out/cap · 3131ac25
      Dafna Hirschfeld authored
      
      The function vidioc_try_fmt has a big 'if-else' for
      the capture and output cases. There is hardly any code
      outside of that condition. It is therefore better to split
      that functions into to different functions, one for each case.
      
      Signed-off-by: default avatarDafna Hirschfeld <dafna.hirschfeld@collabora.com>
      3131ac25
    • Dafna Hirschfeld's avatar
      media: mtk-vcodec: fix debugging defines · 4ba43c17
      Dafna Hirschfeld authored
      
      The mtk-vcodec uses some internal defined debug formats for
      printing. This patch fixes some things in those defines:
      
      1. use the 'pr_fmt' define to print function name and line.
      
      2. remove 'if(DEBUG) condition for the defines. This condition
      prevents the debugs from being shown in case of dynamic debugs.
      Instead replace 'pr_info' with 'pr_debug'
      
      3. remove module parameters that enable/disable debug and set
      the debug level.
      There is no reason for the driver to have those params. Having
      those params require the user to explicitly set them when user
      wants to see debug prints instead using the global debugs setting
      as usually expected by drivers to conform.
      
      Signed-off-by: default avatarDafna Hirschfeld <dafna.hirschfeld@collabora.com>
      4ba43c17
    • Dafna Hirschfeld's avatar
      media: mtk-vcodec: enc: use "stream_started" flag for "stop/start_streaming" · 710b80f0
      Dafna Hirschfeld authored
      
      Currently the mtk-vcodec encoder does runtime pm resume
      upon "start_streaming" cb when both queues are streaming
      and does runtime pm 'put' upon "stop_streaming" when both
      queues are not streaming.
      This is wrong since the same queue might be started and
      then stopped causing the driver to turn off the hardware
      without turning it on. This cause for example unbalanced
      calls to pm_runtime_*
      
      Fixes: 4e855a6e ("[media] vcodec: mediatek: Add Mediatek V4L2 Video Encoder Driver")
      Signed-off-by: default avatarDafna Hirschfeld <dafna.hirschfeld@collabora.com>
      710b80f0
    • Dafna Hirschfeld's avatar
      media: mtk-vcodec: call v4l2_m2m_ctx_release first when file is released · 2200c8f4
      Dafna Hirschfeld authored
      
      The func v4l2_m2m_ctx_release waits for currently running jobs
      to finish and then stop streaming both queues and frees the buffers.
      All this should be done before the call to mtk_vcodec_enc_release
      which frees the encoder handler. This fixes use-after-free bug:
      
      [gst-master] root@debian:~/gst-build# [  638.019193] Unable to handle kernel NULL pointer dereference at virtual address 00000000000001a0
      [  638.028076] Mem abort info:
      [  638.030932]   ESR = 0x96000004
      [  638.033978]   EC = 0x25: DABT (current EL), IL = 32 bits
      [  638.039293]   SET = 0, FnV = 0
      [  638.042338]   EA = 0, S1PTW = 0
      [  638.045474]   FSC = 0x04: level 0 translation fault
      [  638.050349] Data abort info:
      [  638.053224]   ISV = 0, ISS = 0x00000004
      [  638.057055]   CM = 0, WnR = 0
      [  638.060018] user pgtable: 4k pages, 48-bit VAs, pgdp=000000012b6db000
      [  638.066485] [00000000000001a0] pgd=0000000000000000, p4d=0000000000000000
      [  638.073277] Internal error: Oops: 96000004 [#1] SMP
      [  638.078145] Modules linked in: rfkill mtk_vcodec_dec mtk_vcodec_enc uvcvideo mtk_mdp mtk_vcodec_common videobuf2_dma_contig v4l2_h264 cdc_ether v4l2_mem2mem videobuf2_vmalloc usbnet videobuf2_memops videobuf2_v4l2 r8152 videobuf2_common videodev cros_ec_sensors cros_ec_sensors_core industrialio_triggered_buffer kfifo_buf elan_i2c elants_i2c sbs_battery mc cros_usbpd_charger cros_ec_chardev cros_usbpd_logger crct10dif_ce mtk_vpu fuse ip_tables x_tables ipv6
      [  638.118583] CPU: 0 PID: 212 Comm: kworker/u8:5 Not tainted 5.15.0-06427-g58a1d4dcfc74-dirty #109
      [  638.127357] Hardware name: Google Elm (DT)
      [  638.131444] Workqueue: mtk-vcodec-enc mtk_venc_worker [mtk_vcodec_enc]
      [  638.137974] pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)
      [  638.144925] pc : vp8_enc_encode+0x34/0x2b0 [mtk_vcodec_enc]
      [  638.150493] lr : venc_if_encode+0xac/0x1b0 [mtk_vcodec_enc]
      [  638.156060] sp : ffff8000124d3c40
      [  638.159364] x29: ffff8000124d3c40 x28: 0000000000000000 x27: 0000000000000000
      [  638.166493] x26: 0000000000000000 x25: ffff0000e7f252d0 x24: ffff8000124d3d58
      [  638.173621] x23: ffff8000124d3d58 x22: ffff8000124d3d60 x21: 0000000000000001
      [  638.180750] x20: ffff80001137e000 x19: 0000000000000000 x18: 0000000000000001
      [  638.187878] x17: 000000040044ffff x16: 00400032b5503510 x15: 0000000000000000
      [  638.195006] x14: ffff8000118536c0 x13: ffff8000ee1da000 x12: 0000000030d4d91d
      [  638.202134] x11: 0000000000000000 x10: 0000000000000980 x9 : ffff8000124d3b20
      [  638.209262] x8 : ffff0000c18d4ea0 x7 : ffff0000c18d44c0 x6 : ffff0000c18d44c0
      [  638.216391] x5 : ffff80000904a3b0 x4 : ffff8000124d3d58 x3 : ffff8000124d3d60
      [  638.223519] x2 : ffff8000124d3d78 x1 : 0000000000000001 x0 : ffff80001137efb8
      [  638.230648] Call trace:
      [  638.233084]  vp8_enc_encode+0x34/0x2b0 [mtk_vcodec_enc]
      [  638.238304]  venc_if_encode+0xac/0x1b0 [mtk_vcodec_enc]
      [  638.243525]  mtk_venc_worker+0x110/0x250 [mtk_vcodec_enc]
      [  638.248918]  process_one_work+0x1f8/0x498
      [  638.252923]  worker_thread+0x140/0x538
      [  638.256664]  kthread+0x148/0x158
      [  638.259884]  ret_from_fork+0x10/0x20
      [  638.263455] Code: f90023f9 2a0103f5 aa0303f6 aa0403f8 (f940d277)
      [  638.269538] ---[ end trace e374fc10f8e181f5 ]---
      
      Fixes: 4e855a6e ("[media] vcodec: mediatek: Add Mediatek V4L2 Video Encoder Driver")
      Signed-off-by: default avatarDafna Hirschfeld <dafna.hirschfeld@collabora.com>
      2200c8f4
    • Dafna Hirschfeld's avatar
      media: mtk-vcodec: enc: add vp8 profile ctrl · 47a8519b
      Dafna Hirschfeld authored
      
      In order for the encoder to work with gstreamer
      it needs to have the V4L2_CID_MPEG_VIDEO_VP8_PROFILE
      ctrl. This patch adds that ctrl with only profile 0
      supported.
      
      Signed-off-by: default avatarDafna Hirschfeld <dafna.hirschfeld@collabora.com>
      47a8519b
    • Yong Wu's avatar
      FROMLIST: iommu/mediatek: device_link consumer larb · cdd82b56
      Yong Wu authored and Dafna Hirschfeld's avatar Dafna Hirschfeld committed
      iommu/mediatek: Add probe_defer for smi-larb
      
      Prepare for adding device_link.
      
      The iommu consumer should use device_link to connect with the
      smi-larb(supplier). then the smi-larb should run before the iommu
      consumer. Here we delay the iommu driver until the smi driver is ready,
      then all the iommu consumers always are after the smi driver.
      
      When there is no this patch, if some consumer drivers run before
      smi-larb, the supplier link_status is DL_DEV_NO_DRIVER(0) in the
      device_link_add, then device_links_driver_bound will use WARN_ON
      to complain that the link_status of supplier is not right.
      
      device_is_bound may be more elegant here. but it is not allowed to
      EXPORT from https://lore.kernel.org/patchwork/patch/1334670/
      
      .
      
      Signed-off-by: default avatarYong Wu <yong.wu@mediatek.com>
      Tested-by: Frank Wunderlich <frank-w@public-files.de> # BPI-R2/MT7623
      
      MediaTek IOMMU-SMI diagram is like below. all the consumer connect with
      smi-larb, then connect with smi-common.
      
              M4U
               |
          smi-common
               |
        -------------
        |         |    ...
        |         |
      larb1     larb2
        |         |
      vdec       venc
      
      When the consumer works, it should enable the smi-larb's power which
      also need enable the smi-common's power firstly.
      
      Thus, First of all, use the device link connect the consumer and the
      smi-larbs. then add device link between the smi-larb and smi-common.
      
      This patch adds device_link between the consumer and the larbs.
      
      When device_link_add, I add the flag DL_FLAG_STATELESS to avoid calling
      pm_runtime_xx to keep the original status of clocks. It can avoid two
      issues:
      1) Display HW show fastlogo abnormally reported in [1]. At the beggining,
      all the clocks are enabled before entering kernel, but the clocks for
      display HW(always in larb0) will be gated after clk_enable and clk_disable
      called from device_link_add(->pm_runtime_resume) and rpm_idle. The clock
      operation happened before display driver probe. At that time, the display
      HW will be abnormal.
      
      2) A deadlock issue reported in [2]. Use DL_FLAG_STATELESS to skip
      pm_runtime_xx to avoid the deadlock.
      
      Corresponding, DL_FLAG_AUTOREMOVE_CONSUMER can't be added, then
      device_link_removed should be added explicitly.
      
      [1] https://lore.kernel.org/linux-mediatek/1564213888.22908.4.camel@mhfsdcap03/
      [2] https://lore.kernel.org/patchwork/patch/1086569/
      
      
      
      Suggested-by: default avatarTomasz Figa <tfiga@chromium.org>
      Signed-off-by: default avatarYong Wu <yong.wu@mediatek.com>
      
      (am from https://patchwork.kernel.org/project/linux-mediatek/patch/20210410091128.31823-4-yong.wu@mediatek.com/
      
      )
      
      BUG=b:126008328
      TEST=boot krane
      
      Signed-off-by: default avatarHsin-Yi Wang <hsinyi@chromium.org>
      Change-Id: Ie97b4775516f468f011da08d8e3a143ca9f52ac7
      Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/third_party/kernel/+/2866750
      
      
      Reviewed-by: default avatarSean Paul <seanpaul@chromium.org>
      Reviewed-by: default avatarNicolas Boichat <drinkcat@chromium.org>
      
      media: mtk-jpeg: Get rid of mtk_smi_larb_get/put
      
      MediaTek IOMMU has already added device_link between the consumer
      and smi-larb device. If the jpg device call the pm_runtime_get_sync,
      the smi-larb's pm_runtime_get_sync also be called automatically.
      
      After removing the larb_get operations, then mtk_jpeg_clk_init is
      also unnecessary. Remove it too.
      
      CC: Rick Chang <rick.chang@mediatek.com>
      CC: Xia Jiang <xia.jiang@mediatek.com>
      Signed-off-by: default avatarYong Wu <yong.wu@mediatek.com>
      Reviewed-by: default avatarEvan Green <evgreen@chromium.org>
      Acked-by: default avatarRick Chang <rick.chang@mediatek.com>
      Reviewed-by: default avatarDafna Hirschfeld <dafna.hirschfeld@collabora.com>
      Tested-by: Frank Wunderlich <frank-w@public-files.de> # BPI-R2/MT7623
      
      media: mtk-mdp: Get rid of mtk_smi_larb_get/put
      
      MediaTek IOMMU has already added the device_link between the consumer
      and smi-larb device. If the mdp device call the pm_runtime_get_sync,
      the smi-larb's pm_runtime_get_sync also be called automatically.
      
      CC: Minghsiu Tsai <minghsiu.tsai@mediatek.com>
      CC: Houlong Wei <houlong.wei@mediatek.com>
      Signed-off-by: default avatarYong Wu <yong.wu@mediatek.com>
      Reviewed-by: default avatarEvan Green <evgreen@chromium.org>
      Reviewed-by: default avatarHoulong Wei <houlong.wei@mediatek.com>
      Reviewed-by: default avatarDafna Hirschfeld <dafna.hirschfeld@collabora.com>
      
      drm/mediatek: Add pm runtime support for ovl and rdma
      
      Prepare for smi cleaning up "mediatek,larb".
      
      Display use the dispsys device to call pm_rumtime_get_sync before.
      This patch add pm_runtime_xx with ovl and rdma device whose nodes has
      "iommus" property, then display could help pm_runtime_get for smi via
      ovl or rdma device.
      
      CC: CK Hu <ck.hu@mediatek.com>
      Signed-off-by: default avatarYongqiang Niu <yongqiang.niu@mediatek.com>
      Signed-off-by: default avatarYong Wu <yong.wu@mediatek.com>
      (Yong: Use pm_runtime_resume_and_get instead of pm_runtime_get_sync)
      Acked-by: default avatarChun-Kuang Hu <chunkuang.hu@kernel.org>
      Tested-by: Frank Wunderlich <frank-w@public-files.de> # BPI-R2/MT7623
      
      drm/mediatek: Get rid of mtk_smi_larb_get/put
      
      MediaTek IOMMU has already added the device_link between the consumer
      and smi-larb device. If the drm device call the pm_runtime_get_sync,
      the smi-larb's pm_runtime_get_sync also be called automatically.
      
      CC: CK Hu <ck.hu@mediatek.com>
      CC: Philipp Zabel <p.zabel@pengutronix.de>
      Signed-off-by: default avatarYong Wu <yong.wu@mediatek.com>
      Reviewed-by: default avatarEvan Green <evgreen@chromium.org>
      Acked-by: default avatarChun-Kuang Hu <chunkuang.hu@kernel.org>
      Reviewed-by: default avatarDafna Hirschfeld <dafna.hirschfeld@collabora.com>
      Tested-by: Frank Wunderlich <frank-w@public-files.de> # BPI-R2/MT7623
      
      media: mtk-vcodec: Get rid of mtk_smi_larb_get/put
      
      MediaTek IOMMU has already added the device_link between the consumer
      and smi-larb device. If the vcodec device call the pm_runtime_get_sync,
      the smi-larb's pm_runtime_get_sync also be called automatically.
      
      CC: Tiffany Lin <tiffany.lin@mediatek.com>
      CC: Irui Wang <irui.wang@mediatek.com>
      Signed-off-by: default avatarYong Wu <yong.wu@mediatek.com>
      Reviewed-by: default avatarEvan Green <evgreen@chromium.org>
      Acked-by: default avatarTiffany Lin <tiffany.lin@mediatek.com>
      Reviewed-by: default avatarDafna Hirschfeld <dafna.hirschfeld@collabora.com>
      
      memory: mtk-smi: Get rid of mtk_smi_larb_get/put
      
      After adding device_link between the iommu consumer and smi-larb,
      the pm_runtime_get(_sync) of smi-larb and smi-common will be called
      automatically. we can get rid of mtk_smi_larb_get/put.
      
      CC: Matthias Brugger <matthias.bgg@gmail.com>
      Signed-off-by: default avatarYong Wu <yong.wu@mediatek.com>
      Reviewed-by: default avatarEvan Green <evgreen@chromium.org>
      Acked-by: default avatarKrzysztof Kozlowski <krzysztof.kozlowski@canonical.com>
      Acked-by: default avatarMatthias Brugger <matthias.bgg@gmail.com>
      Reviewed-by: default avatarDafna Hirschfeld <dafna.hirschfeld@collabora.com>
      Tested-by: Frank Wunderlich <frank-w@public-files.de> # BPI-R2/MT7623
      
      arm: dts: mediatek: Get rid of mediatek,larb for MM nodes
      
      After adding device_link between the IOMMU consumer and smi, the
      mediatek,larb is unnecessary now.
      
      CC: Matthias Brugger <matthias.bgg@gmail.com>
      Signed-off-by: default avatarYong Wu <yong.wu@mediatek.com>
      Reviewed-by: default avatarEvan Green <evgreen@chromium.org>
      Tested-by: Frank Wunderlich <frank-w@public-files.de> # BPI-R2/MT7623
      
      tuli-get-rid-of-larbs-mt8173.dtsi
      cdd82b56
    • Sebastian Reichel's avatar
      iommu/mediatek: always check runtime PM status in tlb flush range callback · 1e2cfa50
      Sebastian Reichel authored and Dafna Hirschfeld's avatar Dafna Hirschfeld committed
      
      In case of v4l2_reqbufs() it is possible, that a TLB flush is done
      without runtime PM being enabled. In that case the "Partial TLB flush
      timed out, falling back to full flush" warning is printed.
      
      Commit c0b57581 ("iommu/mediatek: Add power-domain operation")
      introduced has_pm as optimization to avoid checking runtime PM
      when there is no power domain attached. But without the PM domain
      there is still the device driver's runtime PM suspend handler, which
      disables the clock. Thus flushing should also be avoided when there
      is no PM domain involved.
      
      Signed-off-by: default avatarSebastian Reichel <sebastian.reichel@collabora.com>
      Reviewed-by: default avatarDafna Hirschfeld <dafna.hirschfeld@collabora.com>
      1e2cfa50
    • Yong Wu's avatar
      iommu/mediatek: Always tlb_flush_all when each PM resume · b1e0bfd0
      Yong Wu authored and Dafna Hirschfeld's avatar Dafna Hirschfeld committed
      
      Prepare for 2 HWs that sharing pgtable in different power-domains.
      
      When there are 2 M4U HWs, it may has problem in the flush_range in which
      we get the pm_status via the m4u dev, BUT that function don't reflect the
      real power-domain status of the HW since there may be other HW also use
      that power-domain.
      
      The function dma_alloc_attrs help allocate the iommu buffer which
      need the corresponding power domain since tlb flush is needed when
      preparing iova. BUT this function only is for allocating buffer,
      we have no good reason to request the user always call pm_runtime_get
      before calling dma_alloc_xxx. Therefore, we add a tlb_flush_all
      in the pm_runtime_resume to make sure the tlb always is clean.
      
      Another solution is always call pm_runtime_get in the tlb_flush_range.
      This will trigger pm runtime resume/backup so often when the iommu
      power is not active at some time(means user don't call pm_runtime_get
      before calling dma_alloc_xxx), This may cause the performance drop.
      thus we don't use this.
      
      In other case, the iommu's power should always be active via device
      link with smi.
      
      The previous SoC don't have PM except mt8192. the mt8192 IOMMU is display's
      power-domain which nearly always is enabled. thus no need fix tags here.
      Prepare for mt8195.
      
      Signed-off-by: default avatarYong Wu <yong.wu@mediatek.com>
      [imporvie inline doc]
      Signed-off-by: default avatarDafna Hirschfeld <dafna.hirschfeld@collabora.com>
      b1e0bfd0
  2. Nov 28, 2021
  3. Nov 27, 2021
    • Linus Torvalds's avatar
      Merge tag '5.16-rc2-ksmbd-fixes' of git://git.samba.org/ksmbd · 3498e7f2
      Linus Torvalds authored
      Pull ksmbd fixes from Steve French:
       "Five ksmbd server fixes, four of them for stable:
      
         - memleak fix
      
         - fix for default data stream on filesystems that don't support xattr
      
         - error logging fix
      
         - session setup fix
      
         - minor doc cleanup"
      
      * tag '5.16-rc2-ksmbd-fixes' of git://git.samba.org/ksmbd:
        ksmbd: fix memleak in get_file_stream_info()
        ksmbd: contain default data stream even if xattr is empty
        ksmbd: downgrade addition info error msg to debug in smb2_get_info_sec()
        docs: filesystem: cifs: ksmbd: Fix small layout issues
        ksmbd: Fix an error handling path in 'smb2_sess_setup()'
      3498e7f2
    • Guenter Roeck's avatar
      vmxnet3: Use generic Kconfig option for page size limit · 00169a92
      Guenter Roeck authored
      
      Use the architecture independent Kconfig option PAGE_SIZE_LESS_THAN_64KB
      to indicate that VMXNET3 requires a page size smaller than 64kB.
      
      Signed-off-by: default avatarGuenter Roeck <linux@roeck-us.net>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      00169a92
    • Guenter Roeck's avatar
      fs: ntfs: Limit NTFS_RW to page sizes smaller than 64k · 4eec7faf
      Guenter Roeck authored
      
      NTFS_RW code allocates page size dependent arrays on the stack. This
      results in build failures if the page size is 64k or larger.
      
        fs/ntfs/aops.c: In function 'ntfs_write_mst_block':
        fs/ntfs/aops.c:1311:1: error:
      	the frame size of 2240 bytes is larger than 2048 bytes
      
      Since commit f22969a6 ("powerpc/64s: Default to 64K pages for 64 bit
      book3s") this affects ppc:allmodconfig builds, but other architectures
      supporting page sizes of 64k or larger are also affected.
      
      Increasing the maximum frame size for affected architectures just to
      silence this error does not really help.  The frame size would have to
      be set to a really large value for 256k pages.  Also, a large frame size
      could potentially result in stack overruns in this code and elsewhere
      and is therefore not desirable.  Make NTFS_RW dependent on page sizes
      smaller than 64k instead.
      
      Signed-off-by: default avatarGuenter Roeck <linux@roeck-us.net>
      Cc: Anton Altaparmakov <anton@tuxera.com>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      4eec7faf
    • Guenter Roeck's avatar
      arch: Add generic Kconfig option indicating page size smaller than 64k · 1f0e290c
      Guenter Roeck authored
      
      NTFS_RW and VMXNET3 require a page size smaller than 64kB.  Add generic
      Kconfig option for use outside architecture code to avoid architecture
      specific Kconfig options in that code.
      
      Suggested-by: default avatarMichael Ellerman <mpe@ellerman.id.au>
      Signed-off-by: default avatarGuenter Roeck <linux@roeck-us.net>
      Cc: Anton Altaparmakov <anton@tuxera.com>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      1f0e290c
    • Steven Rostedt (VMware)'s avatar
      tracing: Test the 'Do not trace this pid' case in create event · 27ff768f
      Steven Rostedt (VMware) authored
      When creating a new event (via a module, kprobe, eprobe, etc), the
      descriptors that are created must add flags for pid filtering if an
      instance has pid filtering enabled, as the flags are used at the time the
      event is executed to know if pid filtering should be done or not.
      
      The "Only trace this pid" case was added, but a cut and paste error made
      that case checked twice, instead of checking the "Trace all but this pid"
      case.
      
      Link: https://lore.kernel.org/all/202111280401.qC0z99JB-lkp@intel.com/
      
      
      
      Fixes: 6cb20650 ("tracing: Check pid filtering when creating events")
      Reported-by: default avatarkernel test robot <lkp@intel.com>
      Signed-off-by: default avatarSteven Rostedt (VMware) <rostedt@goodmis.org>
      27ff768f
    • Linus Torvalds's avatar
      Merge tag 'xfs-5.16-fixes-1' of git://git.kernel.org/pub/scm/fs/xfs/xfs-linux · 4f0dda35
      Linus Torvalds authored
      Pull xfs fixes from Darrick Wong:
       "Fixes for a resource leak and a build robot complaint about totally
        dead code:
      
         - Fix buffer resource leak that could lead to livelock on corrupt fs.
      
         - Remove unused function xfs_inew_wait to shut up the build robots"
      
      * tag 'xfs-5.16-fixes-1' of git://git.kernel.org/pub/scm/fs/xfs/xfs-linux:
        xfs: remove xfs_inew_wait
        xfs: Fix the free logic of state in xfs_attr_node_hasname
      4f0dda35
    • Linus Torvalds's avatar
      Merge tag 'iomap-5.16-fixes-1' of git://git.kernel.org/pub/scm/fs/xfs/xfs-linux · adfb743a
      Linus Torvalds authored
      Pull iomap fixes from Darrick Wong:
       "A single iomap bug fix and a cleanup for 5.16-rc2.
      
        The bug fix changes how iomap deals with reading from an inline data
        region -- whereas the current code (incorrectly) lets the iomap read
        iter try for more bytes after reading the inline region (which zeroes
        the rest of the page!) and hopes the next iteration terminates, we
        surveyed the inlinedata implementations and realized that all
        inlinedata implementations also require that the inlinedata region end
        at EOF, so we can simply terminate the read.
      
        The second patch documents these assumptions in the code so that
        they're not subtle implications anymore, and cleans up some of the
        grosser parts of that function.
      
        Summary:
      
         - Fix an accounting problem where unaligned inline data reads can run
           off the end of the read iomap iterator. iomap has historically
           required that inline data mappings only exist at the end of a file,
           though this wasn't documented anywhere.
      
         - Document iomap_read_inline_data and change its return type to be
           appropriate for the information that it's actually returning"
      
      * tag 'iomap-5.16-fixes-1' of git://git.kernel.org/pub/scm/fs/xfs/xfs-linux:
        iomap: iomap_read_inline_data cleanup
        iomap: Fix inline extent handling in iomap_readpage
      adfb743a
    • Linus Torvalds's avatar
      Merge tag 'trace-v5.16-rc2-2' of git://git.kernel.org/pub/scm/linux/kernel/git/rostedt/linux-trace · 86155d6b
      Linus Torvalds authored
      Pull tracing fixes from Steven Rostedt:
       "Two fixes to event pid filtering:
      
         - Make sure newly created events reflect the current state of pid
           filtering
      
         - Take pid filtering into account when recording trigger events.
           (Also clean up the if statement to be cleaner)"
      
      * tag 'trace-v5.16-rc2-2' of git://git.kernel.org/pub/scm/linux/kernel/git/rostedt/linux-trace:
        tracing: Fix pid filtering when triggers are attached
        tracing: Check pid filtering when creating events
      86155d6b
    • Linus Torvalds's avatar
      Merge tag 'io_uring-5.16-2021-11-27' of git://git.kernel.dk/linux-block · 86799cdf
      Linus Torvalds authored
      Pull more io_uring fixes from Jens Axboe:
       "The locking fixup that was applied earlier this rc has both a deadlock
        and IRQ safety issue, let's get that ironed out before -rc3. This
        contains:
      
         - Link traversal locking fix (Pavel)
      
         - Cancelation fix (Pavel)
      
         - Relocate cond_resched() for huge buffer chain freeing, avoiding a
           softlockup warning (Ye)
      
         - Fix timespec validation (Ye)"
      
      * tag 'io_uring-5.16-2021-11-27' of git://git.kernel.dk/linux-block:
        io_uring: Fix undefined-behaviour in io_issue_sqe
        io_uring: fix soft lockup when call __io_remove_buffers
        io_uring: fix link traversal locking
        io_uring: fail cancellation for EXITING tasks
      86799cdf
    • Linus Torvalds's avatar
      Merge tag 'block-5.16-2021-11-27' of git://git.kernel.dk/linux-block · 650c8edf
      Linus Torvalds authored
      Pull more block fixes from Jens Axboe:
       "Turns out that the flushing out of pending fixes before the
        Thanksgiving break didn't quite work out in terms of timing, so here's
        a followup set of fixes:
      
         - rq_qos_done() should be called regardless of whether or not we're
           the final put of the request, it's not related to the freeing of
           the state. This fixes an IO stall with wbt that a few users have
           reported, a regression in this release.
      
         - Only define zram_wb_devops if it's used, fixing a compilation
           warning for some compilers"
      
      * tag 'block-5.16-2021-11-27' of git://git.kernel.dk/linux-block:
        zram: only make zram_wb_devops for CONFIG_ZRAM_WRITEBACK
        block: call rq_qos_done() before ref check in batch completions
      650c8edf
    • Linus Torvalds's avatar
      Merge tag 'scsi-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi · 9e9fbe44
      Linus Torvalds authored
      Pull SCSI fixes from James Bottomley:
       "Twelve fixes, eleven in drivers (target, qla2xx, scsi_debug, mpt3sas,
        ufs). The core fix is a minor correction to the previous state update
        fix for the iscsi daemons"
      
      * tag 'scsi-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi:
        scsi: scsi_debug: Zero clear zones at reset write pointer
        scsi: core: sysfs: Fix setting device state to SDEV_RUNNING
        scsi: scsi_debug: Sanity check block descriptor length in resp_mode_select()
        scsi: target: configfs: Delete unnecessary checks for NULL
        scsi: target: core: Use RCU helpers for INQUIRY t10_alua_tg_pt_gp
        scsi: mpt3sas: Fix incorrect system timestamp
        scsi: mpt3sas: Fix system going into read-only mode
        scsi: mpt3sas: Fix kernel panic during drive powercycle test
        scsi: ufs: ufs-mediatek: Add put_device() after of_find_device_by_node()
        scsi: scsi_debug: Fix type in min_t to avoid stack OOB
        scsi: qla2xxx: edif: Fix off by one bug in qla_edif_app_getfcinfo()
        scsi: ufs: ufshpb: Fix warning in ufshpb_set_hpb_read_to_upiu()
      9e9fbe44
    • Linus Torvalds's avatar
      Merge tag 'nfs-for-5.16-2' of git://git.linux-nfs.org/projects/trondmy/linux-nfs · 74139277
      Linus Torvalds authored
      Pull NFS client fixes from Trond Myklebust:
       "Highlights include:
      
        Stable fixes:
      
         - NFSv42: Fix pagecache invalidation after COPY/CLONE
      
        Bugfixes:
      
         - NFSv42: Don't fail clone() just because the server failed to return
           post-op attributes
      
         - SUNRPC: use different lockdep keys for INET6 and LOCAL
      
         - NFSv4.1: handle NFS4ERR_NOSPC from CREATE_SESSION
      
         - SUNRPC: fix header include guard in trace header"
      
      * tag 'nfs-for-5.16-2' of git://git.linux-nfs.org/projects/trondmy/linux-nfs:
        SUNRPC: use different lock keys for INET6 and LOCAL
        sunrpc: fix header include guard in trace header
        NFSv4.1: handle NFS4ERR_NOSPC by CREATE_SESSION
        NFSv42: Fix pagecache invalidation after COPY/CLONE
        NFS: Add a tracepoint to show the results of nfs_set_cache_invalid()
        NFSv42: Don't fail clone() unless the OP_CLONE operation failed
      74139277
    • Linus Torvalds's avatar
      Merge tag 'erofs-for-5.16-rc3-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/xiang/erofs · 52dc4c64
      Linus Torvalds authored
      Pull erofs fix from Gao Xiang:
       "Fix an ABBA deadlock introduced by XArray conversion"
      
      * tag 'erofs-for-5.16-rc3-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/xiang/erofs:
        erofs: fix deadlock when shrink erofs slab
      52dc4c64
    • Linus Torvalds's avatar
      Merge tag 'powerpc-5.16-3' of git://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux · 7b65b798
      Linus Torvalds authored
      Pull powerpc fixes from Michael Ellerman:
       "Fix KVM using a Power9 instruction on earlier CPUs, which could lead
        to the host SLB being incorrectly invalidated and a subsequent host
        crash.
      
        Fix kernel hardlockup on vmap stack overflow on 32-bit.
      
        Thanks to Christophe Leroy, Nicholas Piggin, and Fabiano Rosas"
      
      * tag 'powerpc-5.16-3' of git://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux:
        powerpc/32: Fix hardlockup on vmap stack overflow
        KVM: PPC: Book3S HV: Prevent POWER7/8 TLB flush flushing SLB
      7b65b798
    • Linus Torvalds's avatar
      Merge tag 'mips-fixes_5.16_2' of git://git.kernel.org/pub/scm/linux/kernel/git/mips/linux · 6be08803
      Linus Torvalds authored
      Pull MIPS fixes from Thomas Bogendoerfer:
      
       - build fix for ZSTD enabled configs
      
       - fix for preempt warning
      
       - fix for loongson FTLB detection
      
       - fix for page table level selection
      
      * tag 'mips-fixes_5.16_2' of git://git.kernel.org/pub/scm/linux/kernel/git/mips/linux:
        MIPS: use 3-level pgtable for 64KB page size on MIPS_VA_BITS_48
        MIPS: loongson64: fix FTLB configuration
        MIPS: Fix using smp_processor_id() in preemptible in show_cpuinfo()
        MIPS: boot/compressed/: add __ashldi3 to target for ZSTD compression
      6be08803
    • Ye Bin's avatar
      io_uring: Fix undefined-behaviour in io_issue_sqe · f6223ff7
      Ye Bin authored
      
      We got issue as follows:
      ================================================================================
      UBSAN: Undefined behaviour in ./include/linux/ktime.h:42:14
      signed integer overflow:
      -4966321760114568020 * 1000000000 cannot be represented in type 'long long int'
      CPU: 1 PID: 2186 Comm: syz-executor.2 Not tainted 4.19.90+ #12
      Hardware name: linux,dummy-virt (DT)
      Call trace:
       dump_backtrace+0x0/0x3f0 arch/arm64/kernel/time.c:78
       show_stack+0x28/0x38 arch/arm64/kernel/traps.c:158
       __dump_stack lib/dump_stack.c:77 [inline]
       dump_stack+0x170/0x1dc lib/dump_stack.c:118
       ubsan_epilogue+0x18/0xb4 lib/ubsan.c:161
       handle_overflow+0x188/0x1dc lib/ubsan.c:192
       __ubsan_handle_mul_overflow+0x34/0x44 lib/ubsan.c:213
       ktime_set include/linux/ktime.h:42 [inline]
       timespec64_to_ktime include/linux/ktime.h:78 [inline]
       io_timeout fs/io_uring.c:5153 [inline]
       io_issue_sqe+0x42c8/0x4550 fs/io_uring.c:5599
       __io_queue_sqe+0x1b0/0xbc0 fs/io_uring.c:5988
       io_queue_sqe+0x1ac/0x248 fs/io_uring.c:6067
       io_submit_sqe fs/io_uring.c:6137 [inline]
       io_submit_sqes+0xed8/0x1c88 fs/io_uring.c:6331
       __do_sys_io_uring_enter fs/io_uring.c:8170 [inline]
       __se_sys_io_uring_enter fs/io_uring.c:8129 [inline]
       __arm64_sys_io_uring_enter+0x490/0x980 fs/io_uring.c:8129
       invoke_syscall arch/arm64/kernel/syscall.c:53 [inline]
       el0_svc_common+0x374/0x570 arch/arm64/kernel/syscall.c:121
       el0_svc_handler+0x190/0x260 arch/arm64/kernel/syscall.c:190
       el0_svc+0x10/0x218 arch/arm64/kernel/entry.S:1017
      ================================================================================
      
      As ktime_set only judge 'secs' if big than KTIME_SEC_MAX, but if we pass
      negative value maybe lead to overflow.
      To address this issue, we must check if 'sec' is negative.
      
      Signed-off-by: default avatarYe Bin <yebin10@huawei.com>
      Link: https://lore.kernel.org/r/20211118015907.844807-1-yebin10@huawei.com
      
      
      Signed-off-by: default avatarJens Axboe <axboe@kernel.dk>
      f6223ff7
    • Ye Bin's avatar
      io_uring: fix soft lockup when call __io_remove_buffers · 1d0254e6
      Ye Bin authored
      
      I got issue as follows:
      [ 567.094140] __io_remove_buffers: [1]start ctx=0xffff8881067bf000 bgid=65533 buf=0xffff8881fefe1680
      [  594.360799] watchdog: BUG: soft lockup - CPU#2 stuck for 26s! [kworker/u32:5:108]
      [  594.364987] Modules linked in:
      [  594.365405] irq event stamp: 604180238
      [  594.365906] hardirqs last  enabled at (604180237): [<ffffffff93fec9bd>] _raw_spin_unlock_irqrestore+0x2d/0x50
      [  594.367181] hardirqs last disabled at (604180238): [<ffffffff93fbbadb>] sysvec_apic_timer_interrupt+0xb/0xc0
      [  594.368420] softirqs last  enabled at (569080666): [<ffffffff94200654>] __do_softirq+0x654/0xa9e
      [  594.369551] softirqs last disabled at (569080575): [<ffffffff913e1d6a>] irq_exit_rcu+0x1ca/0x250
      [  594.370692] CPU: 2 PID: 108 Comm: kworker/u32:5 Tainted: G            L    5.15.0-next-20211112+ #88
      [  594.371891] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS ?-20190727_073836-buildvm-ppc64le-16.ppc.fedoraproject.org-3.fc31 04/01/2014
      [  594.373604] Workqueue: events_unbound io_ring_exit_work
      [  594.374303] RIP: 0010:_raw_spin_unlock_irqrestore+0x33/0x50
      [  594.375037] Code: 48 83 c7 18 53 48 89 f3 48 8b 74 24 10 e8 55 f5 55 fd 48 89 ef e8 ed a7 56 fd 80 e7 02 74 06 e8 43 13 7b fd fb bf 01 00 00 00 <e8> f8 78 474
      [  594.377433] RSP: 0018:ffff888101587a70 EFLAGS: 00000202
      [  594.378120] RAX: 0000000024030f0d RBX: 0000000000000246 RCX: 1ffffffff2f09106
      [  594.379053] RDX: 0000000000000000 RSI: ffffffff9449f0e0 RDI: 0000000000000001
      [  594.379991] RBP: ffffffff9586cdc0 R08: 0000000000000001 R09: fffffbfff2effcab
      [  594.380923] R10: ffffffff977fe557 R11: fffffbfff2effcaa R12: ffff8881b8f3def0
      [  594.381858] R13: 0000000000000246 R14: ffff888153a8b070 R15: 0000000000000000
      [  594.382787] FS:  0000000000000000(0000) GS:ffff888399c00000(0000) knlGS:0000000000000000
      [  594.383851] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
      [  594.384602] CR2: 00007fcbe71d2000 CR3: 00000000b4216000 CR4: 00000000000006e0
      [  594.385540] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
      [  594.386474] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
      [  594.387403] Call Trace:
      [  594.387738]  <TASK>
      [  594.388042]  find_and_remove_object+0x118/0x160
      [  594.389321]  delete_object_full+0xc/0x20
      [  594.389852]  kfree+0x193/0x470
      [  594.390275]  __io_remove_buffers.part.0+0xed/0x147
      [  594.390931]  io_ring_ctx_free+0x342/0x6a2
      [  594.392159]  io_ring_exit_work+0x41e/0x486
      [  594.396419]  process_one_work+0x906/0x15a0
      [  594.399185]  worker_thread+0x8b/0xd80
      [  594.400259]  kthread+0x3bf/0x4a0
      [  594.401847]  ret_from_fork+0x22/0x30
      [  594.402343]  </TASK>
      
      Message from syslogd@localhost at Nov 13 09:09:54 ...
      kernel:watchdog: BUG: soft lockup - CPU#2 stuck for 26s! [kworker/u32:5:108]
      [  596.793660] __io_remove_buffers: [2099199]start ctx=0xffff8881067bf000 bgid=65533 buf=0xffff8881fefe1680
      
      We can reproduce this issue by follow syzkaller log:
      r0 = syz_io_uring_setup(0x401, &(0x7f0000000300), &(0x7f0000003000/0x2000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000000280)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
      sendmsg$ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, &(0x7f0000003080)={0x0, 0x0, &(0x7f0000003040)={&(0x7f0000000040)=ANY=[], 0x18}}, 0x0)
      syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x5, 0x0, 0x401, 0x1, 0x0, 0x100, 0x0, 0x1, {0xfffd}}, 0x0)
      io_uring_enter(r0, 0x3a2d, 0x0, 0x0, 0x0, 0x0)
      
      The reason above issue  is 'buf->list' has 2,100,000 nodes, occupied cpu lead
      to soft lockup.
      To solve this issue, we need add schedule point when do while loop in
      '__io_remove_buffers'.
      After add  schedule point we do regression, get follow data.
      [  240.141864] __io_remove_buffers: [1]start ctx=0xffff888170603000 bgid=65533 buf=0xffff8881116fcb00
      [  268.408260] __io_remove_buffers: [1]start ctx=0xffff8881b92d2000 bgid=65533 buf=0xffff888130c83180
      [  275.899234] __io_remove_buffers: [2099199]start ctx=0xffff888170603000 bgid=65533 buf=0xffff8881116fcb00
      [  296.741404] __io_remove_buffers: [1]start ctx=0xffff8881b659c000 bgid=65533 buf=0xffff8881010fe380
      [  305.090059] __io_remove_buffers: [2099199]start ctx=0xffff8881b92d2000 bgid=65533 buf=0xffff888130c83180
      [  325.415746] __io_remove_buffers: [1]start ctx=0xffff8881b92d1000 bgid=65533 buf=0xffff8881a17d8f00
      [  333.160318] __io_remove_buffers: [2099199]start ctx=0xffff8881b659c000 bgid=65533 buf=0xffff8881010fe380
      ...
      
      Fixes:8bab4c09("io_uring: allow conditional reschedule for intensive iterators")
      Signed-off-by: default avatarYe Bin <yebin10@huawei.com>
      Link: https://lore.kernel.org/r/20211122024737.2198530-1-yebin10@huawei.com
      
      
      Signed-off-by: default avatarJens Axboe <axboe@kernel.dk>
      1d0254e6
  4. Nov 26, 2021
Loading