1. 12 Mar, 2018 1 commit
  2. 11 Feb, 2018 9 commits
    • Linus Torvalds's avatar
      Linux 4.16-rc1 · 7928b2cb
      Linus Torvalds authored
      7928b2cb
    • Al Viro's avatar
      unify {de,}mangle_poll(), get rid of kernel-side POLL... · 7a163b21
      Al Viro authored
      
      
      except, again, POLLFREE and POLL_BUSY_LOOP.
      
      With this, we finally get to the promised end result:
      
       - POLL{IN,OUT,...} are plain integers and *not* in __poll_t, so any
         stray instances of ->poll() still using those will be caught by
         sparse.
      
       - eventpoll.c and select.c warning-free wrt __poll_t
      
       - no more kernel-side definitions of POLL... - userland ones are
         visible through the entire kernel (and used pretty much only for
         mangle/demangle)
      
       - same behavior as after the first series (i.e. sparc et.al. epoll(2)
         working correctly).
      Signed-off-by: default avatarAl Viro <viro@zeniv.linux.org.uk>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      7a163b21
    • Linus Torvalds's avatar
      vfs: do bulk POLL* -> EPOLL* replacement · a9a08845
      Linus Torvalds authored
      
      
      This is the mindless scripted replacement of kernel use of POLL*
      variables as described by Al, done by this script:
      
          for V in IN OUT PRI ERR RDNORM RDBAND WRNORM WRBAND HUP RDHUP NVAL MSG; do
              L=`git grep -l -w POLL$V | grep -v '^t' | grep -v /um/ | grep -v '^sa' | grep -v '/poll.h$'|grep -v '^D'`
              for f in $L; do sed -i "-es/^\([^\"]*\)\(\<POLL$V\>\)/\\1E\\2/" $f; done
          done
      
      with de-mangling cleanups yet to come.
      
      NOTE! On almost all architectures, the EPOLL* constants have the same
      values as the POLL* constants do.  But they keyword here is "almost".
      For various bad reasons they aren't the same, and epoll() doesn't
      actually work quite correctly in some cases due to this on Sparc et al.
      
      The next patch from Al will sort out the final differences, and we
      should be all done.
      Scripted-by: default avatarAl Viro <viro@zeniv.linux.org.uk>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      a9a08845
    • Linus Torvalds's avatar
      Merge branch 'work.poll2' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs · ee5daa13
      Linus Torvalds authored
      Pull more poll annotation updates from Al Viro:
       "This is preparation to solving the problems you've mentioned in the
        original poll series.
      
        After this series, the kernel is ready for running
      
            for V in IN OUT PRI ERR RDNORM RDBAND WRNORM WRBAND HUP RDHUP NVAL MSG; do
                  L=`git grep -l -w POLL$V | grep -v '^t' | grep -v /um/ | grep -v '^sa' | grep -v '/poll.h$'|grep -v '^D'`
                  for f in $L; do sed -i "-es/^\([^\"]*\)\(\<POLL$V\>\)/\\1E\\2/" $f; done
            done
      
        as a for bulk search-and-replace.
      
        After that, the kernel is ready to apply the patch to unify
        {de,}mangle_poll(), and then get rid of kernel-side POLL... uses
        entirely, and we should be all done with that stuff.
      
        Basically, that's what you suggested wrt KPOLL..., except that we can
        use EPOLL... instead - they already are arch-independent (and equal to
        what is currently kernel-side POLL...).
      
        After the preparations (in this series) switch to returning EPOLL...
        from ->poll() instances is completely mechanical and kernel-side
        POLL... can go away. The last step (killing kernel-side POLL... and
        unifying {de,}mangle_poll() has to be done after the
        search-and-replace job, since we need userland-side POLL... for
        unified {de,}mangle_poll(), thus the cherry-pick at the last step.
      
        After that we will have:
      
         - POLL{IN,OUT,...} *not* in __poll_t, so any stray instances of
           ->poll() still using those will be caught by sparse.
      
         - eventpoll.c and select.c warning-free wrt __poll_t
      
         - no more kernel-side definitions of POLL... - userland ones are
           visible through the entire kernel (and used pretty much only for
           mangle/demangle)
      
         - same behavior as after the first series (i.e. sparc et.al. epoll(2)
           working correctly)"
      
      * 'work.poll2' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs:
        annotate ep_scan_ready_list()
        ep_send_events_proc(): return result via esed->res
        preparation to switching ->poll() to returning EPOLL...
        add EPOLLNVAL, annotate EPOLL... and event_poll->event
        use linux/poll.h instead of asm/poll.h
        xen: fix poll misannotation
        smc: missing poll annotations
      ee5daa13
    • Linus Torvalds's avatar
      Merge tag 'xtensa-20180211' of git://github.com/jcmvbkbc/linux-xtensa · 3fc928dc
      Linus Torvalds authored
      Pull xtense fix from Max Filippov:
       "Build fix for xtensa architecture with KASAN enabled"
      
      * tag 'xtensa-20180211' of git://github.com/jcmvbkbc/linux-xtensa:
        xtensa: fix build with KASAN
      3fc928dc
    • Linus Torvalds's avatar
      Merge tag 'nios2-v4.16-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/lftan/nios2 · 60d7a21a
      Linus Torvalds authored
      Pull nios2 update from Ley Foon Tan:
      
       - clean up old Kconfig options from defconfig
      
       - remove leading 0x and 0s from bindings notation in dts files
      
      * tag 'nios2-v4.16-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/lftan/nios2:
        nios2: defconfig: Cleanup from old Kconfig options
        nios2: dts: Remove leading 0x and 0s from bindings notation
      60d7a21a
    • Max Filippov's avatar
      xtensa: fix build with KASAN · f8d0cbf2
      Max Filippov authored
      The commit 917538e2 ("kasan: clean up KASAN_SHADOW_SCALE_SHIFT
      usage") removed KASAN_SHADOW_SCALE_SHIFT definition from
      include/linux/kasan.h and added it to architecture-specific headers,
      except for xtensa. This broke the xtensa build with KASAN enabled.
      Define KASAN_SHADOW_SCALE_SHIFT in arch/xtensa/include/asm/kasan.h
      
      Reported by: kbuild test robot <fengguang.wu@intel.com>
      Fixes: 917538e2
      
       ("kasan: clean up KASAN_SHADOW_SCALE_SHIFT usage")
      Acked-by: default avatarAndrey Konovalov <andreyknvl@google.com>
      Signed-off-by: default avatarMax Filippov <jcmvbkbc@gmail.com>
      f8d0cbf2
    • Krzysztof Kozlowski's avatar
      nios2: defconfig: Cleanup from old Kconfig options · e0691ebb
      Krzysztof Kozlowski authored
      Remove old, dead Kconfig option INET_LRO. It is gone since
      commit 7bbf3cae
      
       ("ipv4: Remove inet_lro library").
      Signed-off-by: default avatarKrzysztof Kozlowski <krzk@kernel.org>
      Acked-by: default avatarLey Foon Tan <ley.foon.tan@intel.com>
      e0691ebb
    • Mathieu Malaterre's avatar
      nios2: dts: Remove leading 0x and 0s from bindings notation · 5d13c731
      Mathieu Malaterre authored
      Improve the DTS files by removing all the leading "0x" and zeros to fix the
      following dtc warnings:
      
      Warning (unit_address_format): Node /XXX unit name should not have leading "0x"
      
      and
      
      Warning (unit_address_format): Node /XXX unit name should not have leading 0s
      
      Converted using the following command:
      
      find . -type f \( -iname *.dts -o -iname *.dtsi \) -exec sed -E -i -e "s/@0x([0-9a-fA-F\.]+)\s?\{/@\L\1 \{/g" -e "s/@0+([0-9a-fA-F\.]+)\s?\{/@\L\1 \{/g" {} +
      
      For simplicity, two sed expressions were used to solve each warnings separately.
      
      To make the regex expression more robust a few other issues were resolved,
      namely setting unit-address to lower case, and adding a whitespace before the
      the opening curly brace:
      
      https://elinux.org/Device_Tree_Linux#Linux_conventions
      
      This is a follow up to commit 4c9847b7
      
       ("dt-bindings: Remove leading 0x from bindings notation")
      Reported-by: default avatarDavid Daney <ddaney@caviumnetworks.com>
      Suggested-by: default avatarRob Herring <robh@kernel.org>
      Signed-off-by: default avatarMathieu Malaterre <malat@debian.org>
      Acked-by: default avatarLey Foon Tan <ley.foon.tan@intel.com>
      5d13c731
  3. 10 Feb, 2018 14 commits
  4. 09 Feb, 2018 16 commits
    • Linus Torvalds's avatar
      Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net · c839682c
      Linus Torvalds authored
      Pull networking fixes from David Miller:
      
       1) Make allocations less aggressive in x_tables, from Minchal Hocko.
      
       2) Fix netfilter flowtable Kconfig deps, from Pablo Neira Ayuso.
      
       3) Fix connection loss problems in rtlwifi, from Larry Finger.
      
       4) Correct DRAM dump length for some chips in ath10k driver, from Yu
          Wang.
      
       5) Fix ABORT handling in rxrpc, from David Howells.
      
       6) Add SPDX tags to Sun networking drivers, from Shannon Nelson.
      
       7) Some ipv6 onlink handling fixes, from David Ahern.
      
       8) Netem packet scheduler interval calcualtion fix from Md. Islam.
      
       9) Don't put crypto buffers on-stack in rxrpc, from David Howells.
      
      10) Fix handling of error non-delivery status in netlink multicast
          delivery over multiple namespaces, from Nicolas Dichtel.
      
      11) Missing xdp flush in tuntap driver, from Jason Wang.
      
      12) Synchonize RDS protocol netns/module teardown with rds object
          management, from Sowini Varadhan.
      
      13) Add nospec annotation...
      c839682c
    • Linus Torvalds's avatar
      Merge tag 'nfs-for-4.16-2' of git://git.linux-nfs.org/projects/trondmy/linux-nfs · 82f0a41e
      Linus Torvalds authored
      Pull more NFS client updates from Trond Myklebust:
       "A few bugfixes and some small sunrpc latency/performance improvements
        before the merge window closes:
      
        Stable fixes:
      
         - fix an incorrect calculation of the RDMA send scatter gather
           element limit
      
         - fix an Oops when attempting to free resources after RDMA device
           removal
      
        Bugfixes:
      
         - SUNRPC: Ensure we always release the TCP socket in a timely fashion
           when the connection is shut down.
      
         - SUNRPC: Don't call __UDPX_INC_STATS() from a preemptible context
      
        Latency/Performance:
      
         - SUNRPC: Queue latency sensitive socket tasks to the less contended
           xprtiod queue
      
         - SUNRPC: Make the xprtiod workqueue unbounded.
      
         - SUNRPC: Make the rpciod workqueue unbounded"
      
      * tag 'nfs-for-4.16-2' of git://git.linux-nfs.org/projects/trondmy/linux-nfs:
        SUNRPC: Don't call __UDPX_INC_STATS() from a preemptible context
        fix parallelism for rpc tasks
        Make the xprtiod workqueue unbounded.
        SUNRPC: Queue latency-sensitive socket tasks to xprtiod
        SUNRPC: Ensure we always close the socket after a connection shuts down
        xprtrdma: Fix BUG after a device removal
        xprtrdma: Fix calculation of ri_max_send_sges
      82f0a41e
    • Linus Torvalds's avatar
      Merge branch 'for-next' of git://git.kernel.org/pub/scm/linux/kernel/git/nab/target-pending · 858f45bf
      Linus Torvalds authored
      Pull SCSI target updates from Nicholas Bellinger:
       "The highlights include:
      
         - numerous target-core-user improvements related to queue full and
           timeout handling. (MNC)
      
         - prevent target-core-user corruption when invalid data page is
           requested. (MNC)
      
         - add target-core device action configfs attributes to allow
           user-space to trigger events separate from existing attributes
           exposed to end-users. (MNC)
      
         - fix iscsi-target NULL pointer dereference 4.6+ regression in CHAP
           error path. (David Disseldorp)
      
         - avoid target-core backend UNMAP callbacks if range is zero. (Andrei
           Vagin)
      
         - fix a iscsi-target 4.14+ regression related multiple PDU logins,
           that was exposed due to removal of TCP prequeue support. (Florian
           Westphal + MNC)
      
        Also, there is a iser-target bug still being worked on for post -rc1
        code to address a long standing issue resulting in persistent
        ib_post_send() failures, for RNICs with small max_send_sge"
      
      * 'for-next' of git://git.kernel.org/pub/scm/linux/kernel/git/nab/target-pending: (36 commits)
        iscsi-target: make sure to wake up sleeping login worker
        tcmu: Fix trailing semicolon
        tcmu: fix cmd user after free
        target: fix destroy device in target_configure_device
        tcmu: allow userspace to reset ring
        target core: add device action configfs files
        tcmu: fix error return code in tcmu_configure_device()
        target_core_user: add cmd id to broken ring message
        target: add SAM_STAT_BUSY sense reason
        tcmu: prevent corruption when invalid data page requested
        target: don't call an unmap callback if a range length is zero
        target/iscsi: avoid NULL dereference in CHAP auth error path
        cxgbit: call neigh_event_send() to update MAC address
        target: tcm_loop: Use seq_puts() in tcm_loop_show_info()
        target: tcm_loop: Delete an unnecessary return statement in tcm_loop_submission_work()
        target: tcm_loop: Delete two unnecessary variable initialisations in tcm_loop_issue_tmr()
        target: tcm_loop: Combine substrings for 26 messages
        target: tcm_loop: Improve a size determination in two functions
        target: tcm_loop: Delete an error message for a failed memory allocation in four functions
        sbp-target: Delete an error message for a failed memory allocation in three functions
        ...
      858f45bf
    • Linus Torvalds's avatar
      Merge tag 'trace-v4.16-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/rostedt/linux-trace · 8158c2ff
      Linus Torvalds authored
      Pull tracing fixes from Steven Rostedt:
       "Al Viro discovered some breakage with the parsing of the
        set_ftrace_filter as well as the removing of function probes.
      
        This fixes the code with Al's suggestions. I also added a few
        selftests to test the broken cases such that they wont happen
        again"
      
      * tag 'trace-v4.16-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/rostedt/linux-trace:
        selftests/ftrace: Add more tests for removing of function probes
        selftests/ftrace: Add some missing glob checks
        selftests/ftrace: Have reset_ftrace_filter handle multiple instances
        selftests/ftrace: Have reset_ftrace_filter handle modules
        tracing: Fix parsing of globs with a wildcard at the beginning
        ftrace: Remove incorrect setting of glob search field
      8158c2ff
    • Linus Torvalds's avatar
      Merge tag '4.16-minor-rc-SMB3-fixes' of git://git.samba.org/sfrench/cifs-2.6 · a2834832
      Linus Torvalds authored
      Pull cifs fixes from Steve French:
       "There are a couple additional security fixes that are still being
        tested that are not in this set."
      
      * tag '4.16-minor-rc-SMB3-fixes' of git://git.samba.org/sfrench/cifs-2.6:
        Add missing structs and defines from recent SMB3.1.1 documentation
        address lock imbalance warnings in smbdirect.c
        cifs: silence compiler warnings showing up with gcc-8.0.0
        Add some missing debug fields in server and tcon structs
      a2834832
    • Linus Torvalds's avatar
      Merge tag 'fbdev-v4.16-fix' of git://github.com/bzolnier/linux · 58fcba61
      Linus Torvalds authored
      Pull fbdev fix from Bartlomiej Zolnierkiewicz:
       "Fix building of the omapfb driver (Tomi Valkeinen)"
      
      * tag 'fbdev-v4.16-fix' of git://github.com/bzolnier/linux:
        video: omapfb: fix missing #includes
      58fcba61
    • Radim Krčmář's avatar
      Merge tag 'kvm-ppc-next-4.16-2' of git://git.kernel.org/pub/scm/linux/kernel/git/paulus/powerpc · 1ab03c07
      Radim Krčmář authored
      Second PPC KVM update for 4.16
      
      Seven fixes that are either trivial or that address bugs that people
      are actually hitting.  The main ones are:
      
      - Drop spinlocks before reading guest memory
      
      - Fix a bug causing corruption of VCPU state in PR KVM with preemption
        enabled
      
      - Make HPT resizing work on POWER9
      
      - Add MMIO emulation for vector loads and stores, because guests now
        use these instructions in memcpy and similar routines.
      1ab03c07
    • Radim Krčmář's avatar
      Merge branch 'msr-bitmaps' of git://git.kernel.org/pub/scm/virt/kvm/kvm · 80132f4c
      Radim Krčmář authored
      This topic branch allocates separate MSR bitmaps for each VCPU.
      This is required for the IBRS enablement to choose, on a per-VM
      basis, whether to intercept the SPEC_CTRL and PRED_CMD MSRs;
      the IBRS enablement comes in through the tip tree.
      80132f4c
    • John Allen's avatar
      ibmvnic: Remove skb->protocol checks in ibmvnic_xmit · 2fa56a49
      John Allen authored
      
      
      Having these checks in ibmvnic_xmit causes problems with VLAN
      tagging and balance-alb/tlb bonding modes. The restriction they
      imposed can be removed.
      Signed-off-by: default avatarJohn Allen <jallen@linux.vnet.ibm.com>
      Signed-off-by: default avatarNathan Fontenot <nfont@linux.vnet.ibm.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      2fa56a49
    • Daniel Borkmann's avatar
      bpf: fix rlimit in reuseport net selftest · 941ff6f1
      Daniel Borkmann authored
      
      
      Fix two issues in the reuseport_bpf selftests that were
      reported by Linaro CI:
      
        [...]
        + ./reuseport_bpf
        ---- IPv4 UDP ----
        Testing EBPF mod 10...
        Reprograming, testing mod 5...
        ./reuseport_bpf: ebpf error. log:
        0: (bf) r6 = r1
        1: (20) r0 = *(u32 *)skb[0]
        2: (97) r0 %= 10
        3: (95) exit
        processed 4 insns
        : Operation not permitted
        + echo FAIL
        [...]
        ---- IPv4 TCP ----
        Testing EBPF mod 10...
        ./reuseport_bpf: failed to bind send socket: Address already in use
        + echo FAIL
        [...]
      
      For the former adjust rlimit since this was the cause of
      failure for loading the BPF prog, and for the latter add
      SO_REUSEADDR.
      Reported-by: default avatarNaresh Kamboju <naresh.kamboju@linaro.org>
      Link: https://bugs.linaro.org/show_bug.cgi?id=3502
      
      Signed-off-by: default avatarDaniel Borkmann <daniel@iogearbox.net>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      941ff6f1
    • Alexey Kodanev's avatar
      sctp: verify size of a new chunk in _sctp_make_chunk() · 07f2c7ab
      Alexey Kodanev authored
      
      
      When SCTP makes INIT or INIT_ACK packet the total chunk length
      can exceed SCTP_MAX_CHUNK_LEN which leads to kernel panic when
      transmitting these packets, e.g. the crash on sending INIT_ACK:
      
      [  597.804948] skbuff: skb_over_panic: text:00000000ffae06e4 len:120168
                     put:120156 head:000000007aa47635 data:00000000d991c2de
                     tail:0x1d640 end:0xfec0 dev:<NULL>
      ...
      [  597.976970] ------------[ cut here ]------------
      [  598.033408] kernel BUG at net/core/skbuff.c:104!
      [  600.314841] Call Trace:
      [  600.345829]  <IRQ>
      [  600.371639]  ? sctp_packet_transmit+0x2095/0x26d0 [sctp]
      [  600.436934]  skb_put+0x16c/0x200
      [  600.477295]  sctp_packet_transmit+0x2095/0x26d0 [sctp]
      [  600.540630]  ? sctp_packet_config+0x890/0x890 [sctp]
      [  600.601781]  ? __sctp_packet_append_chunk+0x3b4/0xd00 [sctp]
      [  600.671356]  ? sctp_cmp_addr_exact+0x3f/0x90 [sctp]
      [  600.731482]  sctp_outq_flush+0x663/0x30d0 [sctp]
      [  600.788565]  ? sctp_make_init+0xbf0/0xbf0 [sctp]
      [  600.845555]  ? sctp_check_transmitted+0x18f0/0x18f0 [sctp]
      [  600.912945]  ? sctp_outq_tail+0x631/0x9d0 [sctp]
      [  600.969936]  sctp_cmd_interpreter.isra.22+0x3be1/0x5cb0 [sctp]
      [  601.041593]  ? sctp_sf_do_5_1B_init+0x85f/0xc30 [sctp]
      [  601.104837]  ? sctp_generate_t1_cookie_event+0x20/0x20 [sctp]
      [  601.175436]  ? sctp_eat_data+0x1710/0x1710 [sctp]
      [  601.233575]  sctp_do_sm+0x182/0x560 [sctp]
      [  601.284328]  ? sctp_has_association+0x70/0x70 [sctp]
      [  601.345586]  ? sctp_rcv+0xef4/0x32f0 [sctp]
      [  601.397478]  ? sctp6_rcv+0xa/0x20 [sctp]
      ...
      
      Here the chunk size for INIT_ACK packet becomes too big, mostly
      because of the state cookie (INIT packet has large size with
      many address parameters), plus additional server parameters.
      
      Later this chunk causes the panic in skb_put_data():
      
        skb_packet_transmit()
            sctp_packet_pack()
                skb_put_data(nskb, chunk->skb->data, chunk->skb->len);
      
      'nskb' (head skb) was previously allocated with packet->size
      from u16 'chunk->chunk_hdr->length'.
      
      As suggested by Marcelo we should check the chunk's length in
      _sctp_make_chunk() before trying to allocate skb for it and
      discard a chunk if its size bigger than SCTP_MAX_CHUNK_LEN.
      Signed-off-by: default avatarAlexey Kodanev <alexey.kodanev@oracle.com>
      Acked-by: default avatarMarcelo Ricardo Leitner <marcelo.leinter@gmail.com>
      Acked-by: default avatarNeil Horman <nhorman@tuxdriver.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      07f2c7ab
    • David S. Miller's avatar
      Merge branch 's390-qeth-fixes' · 7b30d51a
      David S. Miller authored
      
      
      Julian Wiedmann says:
      
      ====================
      s390/qeth: fixes 2018-02-09
      
      please apply the following two qeth patches for 4.16 and stable.
      
      One restricts a command quirk to the intended commandd type,
      while the other fixes an off-by-one during data transmission
      that can cause qeth to build malformed buffer descriptors.
      ====================
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      7b30d51a
    • Julian Wiedmann's avatar
      s390/qeth: fix SETIP command handling · 1c5b2216
      Julian Wiedmann authored
      send_control_data() applies some special handling to SETIP v4 IPA
      commands. But current code parses *all* command types for the SETIP
      command code. Limit the command code check to IPA commands.
      
      Fixes: 5b54e16f
      
       ("qeth: do not spin for SETIP ip assist command")
      Signed-off-by: default avatarJulian Wiedmann <jwi@linux.vnet.ibm.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      1c5b2216
    • Ursula Braun's avatar
      s390/qeth: fix underestimated count of buffer elements · 89271c65
      Ursula Braun authored
      For a memory range/skb where the last byte falls onto a page boundary
      (ie. 'end' is of the form xxx...xxx001), the PFN_UP() part of the
      calculation currently doesn't round up to the next PFN due to an
      off-by-one error.
      Thus qeth believes that the skb occupies one page less than it
      actually does, and may select a IO buffer that doesn't have enough spare
      buffer elements to fit all of the skb's data.
      HW detects this as a malformed buffer descriptor, and raises an
      exception which then triggers device recovery.
      
      Fixes: 2863c613
      
       ("qeth: refactor calculation of SBALE count")
      Signed-off-by: default avatarUrsula Braun <ubraun@linux.vnet.ibm.com>
      Signed-off-by: default avatarJulian Wiedmann <jwi@linux.vnet.ibm.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      89271c65
    • Jason Wang's avatar
      ptr_ring: try vmalloc() when kmalloc() fails · 0bf7800f
      Jason Wang authored
      This patch switch to use kvmalloc_array() for using a vmalloc()
      fallback to help in case kmalloc() fails.
      
      Reported-by: syzbot+e4d4f9ddd4295539735d@syzkaller.appspotmail.com
      Fixes: 2e0ab8ca
      
       ("ptr_ring: array based FIFO for pointers")
      Signed-off-by: default avatarJason Wang <jasowang@redhat.com>
      Acked-by: default avatarMichael S. Tsirkin <mst@redhat.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      0bf7800f
    • Jason Wang's avatar
      ptr_ring: fail early if queue occupies more than KMALLOC_MAX_SIZE · 6e6e41c3
      Jason Wang authored
      To avoid slab to warn about exceeded size, fail early if queue
      occupies more than KMALLOC_MAX_SIZE.
      
      Reported-by: syzbot+e4d4f9ddd4295539735d@syzkaller.appspotmail.com
      Fixes: 2e0ab8ca
      
       ("ptr_ring: array based FIFO for pointers")
      Signed-off-by: default avatarJason Wang <jasowang@redhat.com>
      Acked-by: default avatarMichael S. Tsirkin <mst@redhat.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      6e6e41c3