Commit Graph

824698 Commits

Author SHA1 Message Date
Linus Torvalds
e8a71a3866 Fixes for switchtec debugability and mapping table entries, NTB
transport improvements, and a reworking of the peer_db_addr to all for
 better abstraction
 -----BEGIN PGP SIGNATURE-----
 
 iQIcBAABAgAGBQJci/y4AAoJEG5mS6x6i9IjyPkQAJvUPQwQ8r4MD/+rD+mNDe/E
 uZDh10x8upLnO0OvD0hPy6mMm+lcwYnCNpTyBhuQr1Lnp/y3pucSa3tRAzCeuYfx
 cEvftE9AJ1CfA54YR5VCJTR90EhKQ4oJziD3zvuZpQvnm+0JW7C6lWBIGoBx5gtk
 uhdIeN5QyfGPfZcmXjGoSNaYNpqq+6maJkcgV3eATWZdtIZX1Ts6qrJP/RhdH/qy
 LrF+rwFU5Diz206jkw6p3AHqU4jT2uzvEAxNV4WIOQ6iuZMKqEHcDBmBtYNoouyw
 4+1G4e6mgrl5xd83lRNwtiUTPD6cN+RrGfGPFOyvM8luJheL6Zq/tDdRbDPFXO+M
 rlpcRhUtih7x8ev3V/3buRsf/gSmDY+TlYwQ/OPx0U9zjfYAzc+SIEmTjRX+axvZ
 /LEi9z+PXLJP6BMS7CjmEfuwlZtx1tV93gtlaDLGhdtbw0dK6qJScV7Fudl7CG4Q
 HOl9qDQOoK2oDd8fSb4vm8N0augLNm42ynRwfLKceJpL9Uv2FSlkET9Gt45zmtqz
 LLW9N4gvMIW148/i1S2+66rJKdJdvW3v3yqpBab4TigMLEBoIr9QMua5Dd84qGYx
 YqPKBKqVAVtSIslQGPrKEZJEg6d8DJcj1XDbdaLCxtEiJw2rvn3TURg7FTeo47FE
 FnIuFsui+wHrLHC97XSz
 =7EC8
 -----END PGP SIGNATURE-----

Merge tag 'ntb-5.1' of git://github.com/jonmason/ntb

Pull NTB updates from Jon Mason:

 - fixes for switchtec debugability and mapping table entries

 - NTB transport improvements

 - a reworking of the peer_db_addr for better abstraction

* tag 'ntb-5.1' of git://github.com/jonmason/ntb:
  NTB: add new parameter to peer_db_addr() db_bit and db_data
  NTB: ntb_transport: Ensure the destination buffer is mapped for TX DMA
  NTB: ntb_transport: Free MWs in ntb_transport_link_cleanup()
  ntb_hw_switchtec: Added support of >=4G memory windows
  ntb_hw_switchtec: NT req id mapping table register entry number should be 512
  ntb_hw_switchtec: debug print 64bit aligned crosslink BAR Numbers
2019-03-15 14:32:59 -07:00
Linus Torvalds
2b9c272cf5 fbdev changes for v5.1:
- fix memory access if logo is bigger than the screen (Manfred
   Schlaegl)
 
 - silence fbcon logo on 'quiet' boots (Prarit Bhargava)
 
 - use kvmalloc() for scrollback buffer in fbcon (Konstantin Khorenko)
 
 - misc fixes (Colin Ian King, YueHaibing, Matteo Croce, Mathieu
   Malaterre, Anders Roxell, Arnd Bergmann)
 
 - misc cleanups (Rob Herring, Lubomir Rintel, Greg Kroah-Hartman,
   Jani Nikula, Michal Vokáč)
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIcBAABCAAGBQJci4YTAAoJEH4ztj+gR8IL8jkP/0BkuxHS1ZCP/JAbah/yM838
 yuULNSxsO5FqmoH7n7AqDZ8j0NttMEQirzxN7vv5QkZi6QxWVHIFMaxqQSB4DfMg
 lLF9LFAL/tzKBc5f3dVnD2YzJpNpg715ncfY55Jz0o/as2RE9OLlmwxYGF1VRLIG
 EsBjYm4b0iVCOSu2YxecNCfPoy2LhwdqM8dxXdVgyuDRqxwoD2giC5pNDQVUMvQ3
 037S256DblvedGNdj7g0QmmdvOmsd8jjhE/hJmjrvIp43pHDuFSH9mRZufKTVF3l
 kXIlrJahH35w/Fv2rdWM4PlmuAKBIm49NVaZFfCodjCLIBidPSWNctKQnhY71Skf
 oJSqftgiApVIGweKXYQnFpw964LVe5q85xeVRj3zLr9LCuo4EhiP8ue58eFnwWud
 FTLEgiWSlomrd98t2C6HEnEUMv6XlulI2mAMmqBTZmmV/Vm1hiwHkL6sMFLfuB1A
 Ee1m6LIqMombGsUwkUmRRGqWNeunX1TETVDCXuPb9EyyigSaA1PDtANF9UzXWMNf
 ZKU9Vz0Lq3TFuhr5PolLjiAvXgxf9YLk36VgCu9CoGh/GFpMqRGoDPQkGOxy81E9
 FpXTk7A7XmtUiwX4Tfxy6RrRBBtZWwvuBP79/yyEpl+IVbES/nS6R8TekQp5jbZj
 r/1Z8shbwO4hltu6z14X
 =+ZFI
 -----END PGP SIGNATURE-----

Merge tag 'fbdev-v5.1' of git://github.com/bzolnier/linux

Pull fbdev updates from Bartlomiej Zolnierkiewicz:
 "Just a couple of small fixes and cleanups:

   - fix memory access if logo is bigger than the screen (Manfred
     Schlaegl)

   - silence fbcon logo on 'quiet' boots (Prarit Bhargava)

   - use kvmalloc() for scrollback buffer in fbcon (Konstantin Khorenko)

   - misc fixes (Colin Ian King, YueHaibing, Matteo Croce, Mathieu
     Malaterre, Anders Roxell, Arnd Bergmann)

   - misc cleanups (Rob Herring, Lubomir Rintel, Greg Kroah-Hartman,
     Jani Nikula, Michal Vokáč)"

* tag 'fbdev-v5.1' of git://github.com/bzolnier/linux:
  fbdev: mbx: fix a misspelled variable name
  fbdev: omap2: fix warnings in dss core
  video: fbdev: Fix potential NULL pointer dereference
  fbcon: Silence fbcon logo on 'quiet' boots
  printk: Export console_printk
  ARM: dts: imx28-cfa10036: Fix the reset gpio signal polarity
  video: ssd1307fb: Do not hard code active-low reset sequence
  dt-bindings: display: ssd1307fb: Remove reset-active-low from examples
  fbdev: fbmem: fix memory access if logo is bigger than the screen
  video/fbdev: refactor video= cmdline parsing
  fbdev: mbx: fix up debugfs file creation
  fbdev: omap2: no need to check return value of debugfs_create functions
  video: fbdev: geode: remove ifdef OLPC noise
  video: offb: annotate implicit fall throughs
  omapfb: fix typo
  fbdev: Use of_node_name_eq for node name comparisons
  fbcon: use kvmalloc() for scrollback buffer
  fbdev: chipsfb: remove set but not used variable 'size'
  fbdev/via: fix spelling mistake "Expandsion" -> "Expansion"
2019-03-15 14:22:59 -07:00
Linus Torvalds
51b1ac0fa2 Merge branch 'i2c/for-current-fixed' of git://git.kernel.org/pub/scm/linux/kernel/git/wsa/linux
Pull i2c fixes from Wolfram Sang:
 "A set of driver bugfixes and an improvement for a core helper"

* 'i2c/for-current-fixed' of git://git.kernel.org/pub/scm/linux/kernel/git/wsa/linux:
  i2c: i2c-designware-platdrv: Always use a dynamic adapter number
  i2c: i2c-designware-platdrv: Cleanup setting of the adapter number
  i2c: add extra check to safe DMA buffer helper
  i2c: i2c-stm32f7: Fix SDADEL minimum formula
  i2c: rcar: explain the lockless design
  i2c: rcar: fix concurrency issue related to ICDMAER
  i2c: sis630: correct format strings
  i2c: mediatek: modify threshold passed to i2c_get_dma_safe_msg_buf()
2019-03-15 14:16:28 -07:00
Linus Torvalds
2dbb0e6c19 sound fixes for 5.1-rc1
Some gleaning after the first batch; mostly about HD-audio quirks but
 also some NULL dereference fixes in corner cases and a random build
 error fix, too.
 -----BEGIN PGP SIGNATURE-----
 
 iQJCBAABCAAsFiEEIXTw5fNLNI7mMiVaLtJE4w1nLE8FAlyLaFQOHHRpd2FpQHN1
 c2UuZGUACgkQLtJE4w1nLE/uEBAAkbxovGK+AdyAuIeByavDJjMUgyF+RCUhh2Lh
 tINcberr1YIAPnyZO0cBsa3FlYg0IIGqsgEBQlNsusB5mev8tMg2WjuCLyp2WRvT
 DbhA9uQ9sI3O1irOf+uICwB5gwji6JaAO9csYM9dq0f4YcMklNqowlCIYWwF4arL
 X0Upm52UPRd0DU/LrL1DkjNij+GSRRGBbjbgwJ5zA1aqHf8YYl7tpdEmAiSabJAV
 fhPbBrl8BOtk4WPscjygvdiUsoDivLSGvzBvG40DaJDDHNtY5e3Ie0nEwHSbC4Pf
 VV+RgA7kDPBwxdD2jYQu8rfVgjjKGyojQkB90nyfNqvcgoeJOXTo0sIIoUzgKG/l
 BYm4bmZwv27l592WQvnXpfbpMlPshqoi9TdDJ/o2gV5+O+NIzfkExHOtTFvct4jl
 5wWfEPOgQW2ugxPX9nI6GozHMVhIxrog1IOqmiHC9O8chQ3mmhHntV03g/3BW5bo
 LDCbfeogUifyJeA+G3U2ObPBGjhrrxPZt+6nNh9jJZPLgPQyuw1nkj22v0d9UbUk
 SmRFDyifvMZHetbJl+FPpDjdBKwdRAdT2EKTy3BXNduabwuT1Ho8LxAkZSGQKclg
 e4SdOtARpVNwjaEihS9Cz9YFbSldtO8yAUk3QxNuwuHJbvp9X/hw8Ye7kGEpXrPb
 Gpc8pyo=
 =F1m3
 -----END PGP SIGNATURE-----

Merge tag 'sound-fix-5.1-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound

Pull sound fixes from Takashi Iwai:
 "Some cleaning after the first batch; mostly about HD-audio quirks but
  also some NULL dereference fixes in corner cases and a random build
  error fix, too"

* tag 'sound-fix-5.1-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound:
  ALSA: hda/realtek - Add support headset mode for New DELL WYSE NB
  ALSA: hda/realtek - Add support headset mode for DELL WYSE AIO
  ALSA: hda/realtek: merge alc_fixup_headset_jack to alc295_fixup_chromebook
  ALSA: pcm: Fix function name in kernel-doc comment
  ALSA: hda: hdmi - add Icelake support
  ALSA: hda - add more quirks for HP Z2 G4 and HP Z240
  ALSA: hda/realtek - Fixed Headset Mic JD not stable
  ALSA: hda/realtek: Enable headset MIC of Acer TravelMate X514-51T with ALC255
  ALSA: hda/tegra: avoid build error without CONFIG_PM
  ALSA: usx2y: Fix potential NULL pointer dereference
  ALSA: hda: Avoid NULL pointer dereference at snd_hdac_stream_start()
2019-03-15 14:05:00 -07:00
Linus Torvalds
8264fd046a drm i915, amdgpu, qxl and etnaviv fixes
-----BEGIN PGP SIGNATURE-----
 
 iQIcBAABAgAGBQJcivCBAAoJEAx081l5xIa+5OcQAKh/k6N1o83OIlw4OjWXZN/z
 YIyj/E/RjDwtXweXWC9cbv41hqWxYrUWQ6JrFgH19vF4grbOlpBpvlr2tQXyGS2c
 Gl87+w/VUBYXHe+SqFNsMq8SQQCAKfxb1hIXOScmpBHrCYK21NT8ulw6CY32d3Da
 QF+VhA3P4MOdecrrINA+GbxM0Pf/E3qjLA8U2jbZsW7vIYC5AyLuwTXFTC9vVR5S
 JfMfjU6T2m8eX0x79S8scinMqfkMsrdwBgG53FkRTi0DJb65ab97/cCtHVABrS/4
 xoF52Gb1uSin1S4KliWyB7Z+UcieYPhsLdo/983Vp56oZta2Rgi5R3L+cPLNgKGj
 +kFJBGT25zgtl+va5XqZ9CYkb/zW08nif7USWt+B6XGJ2ppyyyLX+jLoQHZK8ywn
 1CC/IYMKs+vRA+2N7MfZHgx2LAIGtpxCL6xYuyfJuWOCb/TNR+ijpnmbBRClDdfF
 mvL4sPCLT84ntpgFXOnbtWx+uRNTLWdtJaL3M3ovtlESLT3xdXSJnXHs0pc3+ygi
 rVTLPl3yjGCqGPf9Rv33g3c4dSIWkwSbRgWjTYhRQukd9rqZNxywC8AbgyAAHadS
 JefVt3G7dJgKOrb+5nyBWQYaq8I+Q/DjRJv3o36qCBsmGExeDR5IawTAQtjGmoZl
 LXA2uyuLoGGFHKUcdYU5
 =vzKe
 -----END PGP SIGNATURE-----

Merge tag 'drm-next-2019-03-15' of git://anongit.freedesktop.org/drm/drm

Pull drm fixes and updates from Dave Airlie:
 "A few various fixes pulls and one late etnaviv pull but it was nearly
  all fixes anyways.

  etnaviv:
   - late next pull
   - mmu mapping fix
   - build non-ARM arches
   - misc fixes

  i915:
   - HDCP state handling fix
   - shrinker interaction fix
   - atomic state leak fix

  qxl:
   - kick out framebuffers early fix

  amdgpu:
   - Powerplay fixes
   - DC fixes
   - BACO turned off for now on vega20
   - Locking fix
   - KFD MQD fix
   - gfx9 golden register updates"

* tag 'drm-next-2019-03-15' of git://anongit.freedesktop.org/drm/drm: (43 commits)
  drm/amdgpu: Update gc golden setting for vega family
  drm/amd/powerplay: correct power reading on fiji
  drm/amd/powerplay: set max fan target temperature as 105C
  drm/i915: Relax mmap VMA check
  drm/i915: Fix atomic state leak when resetting HDMI link
  drm/i915: Acquire breadcrumb ref before cancelling
  drm/i915/selftests: Always free spinner on __sseu_prepare error
  drm/i915: Reacquire priolist cache after dropping the engine lock
  drm/i915: Protect i915_active iterators from the shrinker
  drm/i915: HDCP state handling in ddi_update_pipe
  drm/qxl: remove conflicting framebuffers earlier
  drm/fb-helper: call vga_remove_vgacon automatically.
  drm: move i915_kick_out_vgacon to vgaarb
  drm/amd/display: don't call dm_pp_ function from an fpu block
  drm: add __user attribute to ptr_to_compat()
  drm/amdgpu: clear PDs/PTs only after initializing them
  drm/amd/display: Pass app_tf by value rather than by reference
  Revert "drm/amdgpu: use BACO reset on vega20 if platform support"
  drm/amd/powerplay: show the right override pcie parameters
  drm/amd/powerplay: honor the OD settings
  ...
2019-03-15 13:58:35 -07:00
Linus Torvalds
de578188ed Changes since last update:
- Fix some clang/smatch/sparse warnings about uninitialized variables.
 - Clean up some typedef usage.
 -----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCgAdFiEEUzaAxoMeQq6m2jMV+H93GTRKtOsFAlyH+rEACgkQ+H93GTRK
 tOsoYA/+MBjGB3rbDAZfY7/tlTnQS4Yc7XsBz9C0SvLul0/CbcTPM1w8CO0clH3d
 OxemwdqpoxZkcet3Sv1m2/sr6PVM+7r6f2vn0j19iPOI5soF0hX4XLnvkNhFZbm0
 cl25rO9GuXcG7U7iLXdjyGrXNc+8Hy5kmZJzx3MA7DPTjkEQGgWrB4XIgvNnv0k9
 cIfJtuC9FKFO1/+6oTWid1v+HCPea7m8ORosWgh0q6S9noPAE63vDbesrxHpI3i4
 TLu5L3r6IXHzLRuCcDcB7aPu98L9eLhrBSBqEuiFlkf03ASJqAO4jMarV73WSdvO
 YR1CcWaOGO1W6VRp67N9iLw5WZxplG9n0NaecM1w70g84wSimNmmtBnzHNnfIa8P
 ZopsLJgflQV18qcmjWTnzeNF5RvAu7tQRLLmzJkLiZjQzmk9mr+t41MeIybho9eZ
 zDs8ePN56pUJ6xqaLFTx4MdUkJ8LlllOqsKa7tILu1w76ClGEtSGo48Y/eog+aAu
 MIOAjFY9esUNdVlMu8fsa83DWg31AlwTPYQ5nlrRQ1Xk1GGPAr8lzfQTOG+NI1qo
 eWM8NRqaFDYI/1Ruy3keOsAfuNQkOiNrLz8ge3xH9Y10+meMejoaOLgWMdnyDlYZ
 WxmhlYkmVycpZXmm9lR9Dt7qKLg+6texQccbkNUjPwrA8bTs5Ek=
 =YIiT
 -----END PGP SIGNATURE-----

Merge tag 'xfs-5.1-merge-5' of git://git.kernel.org/pub/scm/fs/xfs/xfs-linux

Pull xfs cleanups from Darrick Wong:
 "Here's a few more cleanups that trickled in for the merge window.

  It's all fixes for static checker complaints and slowly unwinding
  typedef usage. The four patches here have gone through a few days
  worth of fstest runs with no new problems observed.

  Summary:

   - Fix some clang/smatch/sparse warnings about uninitialized
     variables.

   - Clean up some typedef usage"

* tag 'xfs-5.1-merge-5' of git://git.kernel.org/pub/scm/fs/xfs/xfs-linux:
  xfs: clean up xfs_dir2_leaf_addname
  xfs: zero initialize highstale and lowstale in xfs_dir2_leaf_addname
  xfs: clean up xfs_dir2_leafn_add
  xfs: Zero initialize highstale and lowstale in xfs_dir2_leafn_add
2019-03-15 13:55:30 -07:00
Linus Torvalds
5160bcce5c f2fs-for-5.1-rc1
We've continued mainly to fix bugs in this round, as f2fs has been shipped
 in more devices. Especially, we've focused on stabilizing checkpoint=disable
 feature, and provided some interfaces for QA.
 
 Enhancement:
  - expose FS_NOCOW_FL for pin_file
  - run discard jobs at unmount time with timeout
  - tune discarding thread to avoid idling which consumes power
  - some checking codes to address vulnerabilities
  - give random value to i_generation
  - shutdown with more flags for QA
 
 Bug fix:
  - clean up stale objects when mount is failed along with checkpoint=disable
  - fix system being stuck due to wrong count by atomic writes
  - handle some corrupted disk cases
  - fix a deadlock in f2fs_read_inline_dir
 
 We've also added some minor build errors and clean-up patches.
 -----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCAAdFiEE00UqedjCtOrGVvQiQBSofoJIUNIFAlyKk4YACgkQQBSofoJI
 UNIMVw//Rb3nmbQkMW/86DxtHDxuS8GEJmle0DiHeFMHgwy0ET0uZs9/AEfmuejC
 95cXnF44QfVaFwkOXCK6aKXJXwN0+ZS0YvV/gPE8lgU6sdQhJBox5DC+rx+OwFq5
 rZiF8qvE8iyM9Xt+RfMBGufzUb+LKBz0ozQFZpKJiNTBBf5vpeqMYASEEfxiEmZz
 GvvUNSBRw39OB5zTl5l2hnoNqkoFu6XHnf4f9+DnraVi8SuQzj6hdqsx0nYTHfLi
 Rax8kA4HUwoVgjhaLLXFbbhWIQ83bcZ0cj6wq7Lr7NbbIi7bKYP6sxtKjbe2Fuql
 m9Chm2LIvD1BfJnjdTk2krqY7Z4bX/4gmXukno/8X/cjWkpBV6HFWS73iTgrJjU2
 d8kBFXwlIn+JlATSjsTtdfvKkTwxUhaGw1bBA96Am4c5tLQyOqyYWcfQA/tam/v4
 dM9EQX5ZeRb6NXDeIxkXNfTSpDRnqlhJsTV5aK8qporyF1RkKVbyCpSt1P4q3KO5
 UwsGZLFAVMzFaUVfyIS7dR5QVczQUTCH4g0yFNpBMvF8epOA4+jbYxQeGZfqFK3H
 mTC/Ba+VWWdYW2pZRNc9TnBsHg/xadMJq7EQb/ykGBe6JZJfB0wREj4LSr1lGK9a
 cU8JFGyqg1Rt/uRP0bb5IIec1YVton3Lq8ND9VZPNcV/mS5Gehg=
 =9BoH
 -----END PGP SIGNATURE-----

Merge tag 'f2fs-for-5.1' of git://git.kernel.org/pub/scm/linux/kernel/git/jaegeuk/f2fs

Pull f2fs updates from Jaegeuk Kim:
 "We've continued mainly to fix bugs in this round, as f2fs has been
  shipped in more devices. Especially, we've focused on stabilizing
  checkpoint=disable feature, and provided some interfaces for QA.

  Enhancements:
   - expose FS_NOCOW_FL for pin_file
   - run discard jobs at unmount time with timeout
   - tune discarding thread to avoid idling which consumes power
   - some checking codes to address vulnerabilities
   - give random value to i_generation
   - shutdown with more flags for QA

  Bug fixes:
   - clean up stale objects when mount is failed along with
     checkpoint=disable
   - fix system being stuck due to wrong count by atomic writes
   - handle some corrupted disk cases
   - fix a deadlock in f2fs_read_inline_dir

  We've also added some minor build error fixes and clean-up patches"

* tag 'f2fs-for-5.1' of git://git.kernel.org/pub/scm/linux/kernel/git/jaegeuk/f2fs: (53 commits)
  f2fs: set pin_file under CAP_SYS_ADMIN
  f2fs: fix to avoid deadlock in f2fs_read_inline_dir()
  f2fs: fix to adapt small inline xattr space in __find_inline_xattr()
  f2fs: fix to do sanity check with inode.i_inline_xattr_size
  f2fs: give some messages for inline_xattr_size
  f2fs: don't trigger read IO for beyond EOF page
  f2fs: fix to add refcount once page is tagged PG_private
  f2fs: remove wrong comment in f2fs_invalidate_page()
  f2fs: fix to use kvfree instead of kzfree
  f2fs: print more parameters in trace_f2fs_map_blocks
  f2fs: trace f2fs_ioc_shutdown
  f2fs: fix to avoid deadlock of atomic file operations
  f2fs: fix to dirty inode for i_mode recovery
  f2fs: give random value to i_generation
  f2fs: no need to take page lock in readdir
  f2fs: fix to update iostat correctly in IPU path
  f2fs: fix encrypted page memory leak
  f2fs: make fault injection covering __submit_flush_wait()
  f2fs: fix to retry fill_super only if recovery failed
  f2fs: silence VM_WARN_ON_ONCE in mempool_alloc
  ...
2019-03-15 13:42:53 -07:00
Linus Torvalds
f91f2ee54a Merge branch 'akpm' (rest of patches from Andrew)
Merge the left-over patches from Andrew Morton.

This merges the remaining two patches from Andrew's pile of "little bit
more MM".  I mulled it over, and we emailed back and forth with Josef,
and he pointed out where I was wrong.

Rule #51 of kernel maintenance: when somebody makes it clear that they
know the code better than you did, stop arguing and just apply the damn
patch.

Add a third patch by me to add a comment for the case that I had thought
was buggy and Josef corrected me on.

* emailed patches from Andrew Morton <akpm@linux-foundation.org>:
  filemap: add a comment about FAULT_FLAG_RETRY_NOWAIT behavior
  filemap: drop the mmap_sem for all blocking operations
  filemap: kill page_cache_read usage in filemap_fault
2019-03-15 12:00:45 -07:00
Linus Torvalds
8b0f9fa2e0 filemap: add a comment about FAULT_FLAG_RETRY_NOWAIT behavior
I thought Josef Bacik's patch to drop the mmap_sem was buggy, because
when looking at the error cases, there was one case where we returned
VM_FAULT_RETRY without actually dropping the mmap_sem.

Josef had to explain to me (using small words) that yes, that's actually
what we're supposed to do, and his patch was correct.  Which not only
convinced me he knew what he was doing and I should stop arguing with
him, but also that I should add a comment to the case I was confused
about.

Patiently-pointed-out-by: Josef Bacik <josef@toxicpanda.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2019-03-15 11:26:07 -07:00
Paolo Bonzini
4a605bc08e kvm: vmx: fix formatting of a comment
Eliminate a gratuitous conflict with 5.0.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2019-03-15 19:24:34 +01:00
Sean Christopherson
eca6be566d KVM: doc: Document the life cycle of a VM and its resources
The series to add memcg accounting to KVM allocations[1] states:

  There are many KVM kernel memory allocations which are tied to the
  life of the VM process and should be charged to the VM process's
  cgroup.

While it is correct to account KVM kernel allocations to the cgroup of
the process that created the VM, it's technically incorrect to state
that the KVM kernel memory allocations are tied to the life of the VM
process.  This is because the VM itself, i.e. struct kvm, is not tied to
the life of the process which created it, rather it is tied to the life
of its associated file descriptor.  In other words, kvm_destroy_vm() is
not invoked until fput() decrements its associated file's refcount to
zero.  A simple example is to fork() in Qemu and have the child sleep
indefinitely; kvm_destroy_vm() isn't called until Qemu closes its file
descriptor *and* the rogue child is killed.

The allocations are guaranteed to be *accounted* to the process which
created the VM, but only because KVM's per-{VM,vCPU} ioctls reject the
ioctl() with -EIO if kvm->mm != current->mm.  I.e. the child can keep
the VM "alive" but can't do anything useful with its reference.

Note that because 'struct kvm' also holds a reference to the mm_struct
of its owner, the above behavior also applies to userspace allocations.

Given that mucking with a VM's file descriptor can lead to subtle and
undesirable behavior, e.g. memcg charges persisting after a VM is shut
down, explicitly document a VM's lifecycle and its impact on the VM's
resources.

Alternatively, KVM could aggressively free resources when the creating
process exits, e.g. via mmu_notifier->release().  However, mmu_notifier
isn't guaranteed to be available, and freeing resources when the creator
exits is likely to be error prone and fragile as KVM would need to
ensure that it only freed resources that are truly out of reach. In
practice, the existing behavior shouldn't be problematic as a properly
configured system will prevent a child process from being moved out of
the appropriate cgroup hierarchy, i.e. prevent hiding the process from
the OOM killer, and will prevent an unprivileged user from being able to
to hold a reference to struct kvm via another method, e.g. debugfs.

[1]https://patchwork.kernel.org/patch/10806707/

Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2019-03-15 19:24:33 +01:00
Josef Bacik
6b4c9f4469 filemap: drop the mmap_sem for all blocking operations
Currently we only drop the mmap_sem if there is contention on the page
lock.  The idea is that we issue readahead and then go to lock the page
while it is under IO and we want to not hold the mmap_sem during the IO.

The problem with this is the assumption that the readahead does anything.
In the case that the box is under extreme memory or IO pressure we may end
up not reading anything at all for readahead, which means we will end up
reading in the page under the mmap_sem.

Even if the readahead does something, it could get throttled because of io
pressure on the system and the process is in a lower priority cgroup.

Holding the mmap_sem while doing IO is problematic because it can cause
system-wide priority inversions.  Consider some large company that does a
lot of web traffic.  This large company has load balancing logic in it's
core web server, cause some engineer thought this was a brilliant plan.
This load balancing logic gets statistics from /proc about the system,
which trip over processes mmap_sem for various reasons.  Now the web
server application is in a protected cgroup, but these other processes may
not be, and if they are being throttled while their mmap_sem is held we'll
stall, and cause this nice death spiral.

Instead rework filemap fault path to drop the mmap sem at any point that
we may do IO or block for an extended period of time.  This includes while
issuing readahead, locking the page, or needing to call ->readpage because
readahead did not occur.  Then once we have a fully uptodate page we can
return with VM_FAULT_RETRY and come back again to find our nicely in-cache
page that was gotten outside of the mmap_sem.

This patch also adds a new helper for locking the page with the mmap_sem
dropped.  This doesn't make sense currently as generally speaking if the
page is already locked it'll have been read in (unless there was an error)
before it was unlocked.  However a forthcoming patchset will change this
with the ability to abort read-ahead bio's if necessary, making it more
likely that we could contend for a page lock and still have a not uptodate
page.  This allows us to deal with this case by grabbing the lock and
issuing the IO without the mmap_sem held, and then returning
VM_FAULT_RETRY to come back around.

[josef@toxicpanda.com: v6]
  Link: http://lkml.kernel.org/r/20181212152757.10017-1-josef@toxicpanda.com
[kirill@shutemov.name: fix race in filemap_fault()]
  Link: http://lkml.kernel.org/r/20181228235106.okk3oastsnpxusxs@kshutemo-mobl1
[akpm@linux-foundation.org: coding style fixes]
Link: http://lkml.kernel.org/r/20181211173801.29535-4-josef@toxicpanda.com
Signed-off-by: Josef Bacik <josef@toxicpanda.com>
Acked-by: Johannes Weiner <hannes@cmpxchg.org>
Reviewed-by: Andrew Morton <akpm@linux-foundation.org>
Reviewed-by: Jan Kara <jack@suse.cz>
Tested-by: syzbot+b437b5a429d680cf2217@syzkaller.appspotmail.com
Cc: Dave Chinner <david@fromorbit.com>
Cc: Rik van Riel <riel@redhat.com>
Cc: Tejun Heo <tj@kernel.org>
Cc: "Kirill A. Shutemov" <kirill@shutemov.name>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2019-03-15 11:21:25 -07:00
Josef Bacik
a75d4c3337 filemap: kill page_cache_read usage in filemap_fault
Patch series "drop the mmap_sem when doing IO in the fault path", v6.

Now that we have proper isolation in place with cgroups2 we have started
going through and fixing the various priority inversions.  Most are all
gone now, but this one is sort of weird since it's not necessarily a
priority inversion that happens within the kernel, but rather because of
something userspace does.

We have giant applications that we want to protect, and parts of these
giant applications do things like watch the system state to determine how
healthy the box is for load balancing and such.  This involves running
'ps' or other such utilities.  These utilities will often walk
/proc/<pid>/whatever, and these files can sometimes need to
down_read(&task->mmap_sem).  Not usually a big deal, but we noticed when
we are stress testing that sometimes our protected application has latency
spikes trying to get the mmap_sem for tasks that are in lower priority
cgroups.

This is because any down_write() on a semaphore essentially turns it into
a mutex, so even if we currently have it held for reading, any new readers
will not be allowed on to keep from starving the writer.  This is fine,
except a lower priority task could be stuck doing IO because it has been
throttled to the point that its IO is taking much longer than normal.  But
because a higher priority group depends on this completing it is now stuck
behind lower priority work.

In order to avoid this particular priority inversion we want to use the
existing retry mechanism to stop from holding the mmap_sem at all if we
are going to do IO.  This already exists in the read case sort of, but
needed to be extended for more than just grabbing the page lock.  With
io.latency we throttle at submit_bio() time, so the readahead stuff can
block and even page_cache_read can block, so all these paths need to have
the mmap_sem dropped.

The other big thing is ->page_mkwrite.  btrfs is particularly shitty here
because we have to reserve space for the dirty page, which can be a very
expensive operation.  We use the same retry method as the read path, and
simply cache the page and verify the page is still setup properly the next
pass through ->page_mkwrite().

I've tested these patches with xfstests and there are no regressions.

This patch (of 3):

If we do not have a page at filemap_fault time we'll do this weird forced
page_cache_read thing to populate the page, and then drop it again and
loop around and find it.  This makes for 2 ways we can read a page in
filemap_fault, and it's not really needed.  Instead add a FGP_FOR_MMAP
flag so that pagecache_get_page() will return a unlocked page that's in
pagecache.  Then use the normal page locking and readpage logic already in
filemap_fault.  This simplifies the no page in page cache case
significantly.

[akpm@linux-foundation.org: fix comment text]
[josef@toxicpanda.com: don't unlock null page in FGP_FOR_MMAP case]
  Link: http://lkml.kernel.org/r/20190312201742.22935-1-josef@toxicpanda.com
Link: http://lkml.kernel.org/r/20181211173801.29535-2-josef@toxicpanda.com
Signed-off-by: Josef Bacik <josef@toxicpanda.com>
Acked-by: Johannes Weiner <hannes@cmpxchg.org>
Reviewed-by: Jan Kara <jack@suse.cz>
Reviewed-by: Andrew Morton <akpm@linux-foundation.org>
Cc: Tejun Heo <tj@kernel.org>
Cc: Dave Chinner <david@fromorbit.com>
Cc: Rik van Riel <riel@redhat.com>
Cc: "Kirill A. Shutemov" <kirill@shutemov.name>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2019-03-15 11:21:25 -07:00
Paolo Bonzini
c7a0e83cb6 Third PPC KVM update for 5.1
- Tell userspace about whether a particular hardware workaround for
   one of the Spectre vulnerabilities is available, so that userspace
   can inform the guest.
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2
 
 iQEcBAABCAAGBQJceLfNAAoJEJ2a6ncsY3GfWnMH/1H4BQOcWnyBMkGX/IIVYmYP
 Fxr9QdYdp+sRDmIgtKugARiW/cNdmrcTlW9qsOSD/sNpCtEjQ0t3R717f51DvSvC
 J+RAnBD6dOP5qplvsUTPoU5xnkqBhxkyTJnEbG6zWGyvQNqLQlJEe3xI91c5r6RB
 PiurQMtE7Mw/YyPpkthTQcm+JSgZX5QDd+KNkzL1rcfAV/4HlSXblAklwYgdsbch
 m/X1HmnZVG/Seh9hH3q8hvp/YaPFvHOvoPWXaifwrZ3xNQ/tgCyGNJp+wupoay6K
 RYHfsYmfoW0AbLnJqLH0Zbm9xDwkoZYjLbdWht4N/B5G0P0vkpQ86bdauabxCXI=
 =mkez
 -----END PGP SIGNATURE-----

Merge tag 'kvm-ppc-next-5.1-3' of git://git.kernel.org/pub/scm/linux/kernel/git/paulus/powerpc into HEAD

Third PPC KVM update for 5.1

- Tell userspace about whether a particular hardware workaround for
  one of the Spectre vulnerabilities is available, so that userspace
  can inform the guest.
2019-03-15 19:16:51 +01:00
Sean Christopherson
4633323648 MAINTAINERS: Add KVM selftests to existing KVM entry
It's safe to assume Paolo and Radim are maintaining the KVM selftests
given that the vast majority of commits have their SOBs.  Play nice
with get_maintainers and make it official.

Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2019-03-15 19:16:48 +01:00
Ben Gardon
92da008fa2 Revert "KVM/MMU: Flush tlb directly in the kvm_zap_gfn_range()"
This reverts commit 71883a62fc.

The above commit contains an optimization to kvm_zap_gfn_range which
uses gfn-limited TLB flushes, if enabled. If using these limited flushes,
kvm_zap_gfn_range passes lock_flush_tlb=false to slot_handle_level_range
which creates a race when the function unlocks to call cond_resched.
See an example of this race below:

CPU 0                   CPU 1                           CPU 3
// zap_direct_gfn_range
mmu_lock()
// *ptep == pte_1
*ptep = 0
if (lock_flush_tlb)
        flush_tlbs()
mmu_unlock()
                        // In invalidate range
                        // MMU notifier
                        mmu_lock()
                        if (pte != 0)
                                *ptep = 0
                                flush = true
                        if (flush)
                                flush_remote_tlbs()
                        mmu_unlock()
                        return
                        // Host MM reallocates
                        // page previously
                        // backing guest memory.
                                                        // Guest accesses
                                                        // invalid page
                                                        // through pte_1
                                                        // in its TLB!!

Tested: Ran all kvm-unit-tests on a Intel Haswell machine with and
	without this patch. The patch introduced no new failures.

Signed-off-by: Ben Gardon <bgardon@google.com>
Cc: stable@vger.kernel.org
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2019-03-15 19:16:45 +01:00
Hannes Reinecke
52eaa798f4 scsi: ia64: simscsi: use request tag instead of serial_number
Use the request tag for logging instead of the scsi command serial
number.

Signed-off-by: Hannes Reinecke <hare@suse.com>
Reviewed-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
[jejb: fix commit oneliner]
Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com>
2019-03-15 10:53:41 -07:00
Trond Myklebust
5e3863fd59 SUNRPC: Remove redundant check for the reply length in call_decode()
Now that we're using the xdr_stream functions to decode the header,
the test for the minimum reply length is redundant.

Signed-off-by: Trond Myklebust <trond.myklebust@hammerspace.com>
2019-03-15 13:11:36 -04:00
Trond Myklebust
928d42f7d8 SUNRPC: Handle the SYSTEM_ERR rpc error
Handle the SYSTEM_ERR rpc error by retrying the RPC call as if it
were a garbage argument.

Signed-off-by: Trond Myklebust <trond.myklebust@hammerspace.com>
2019-03-15 13:11:02 -04:00
Trond Myklebust
eb90a16e90 SUNRPC: rpc_decode_header() must always return a non-zero value on error
Ensure that when the "garbage args" case falls through, we do set
an error of EIO.

Fixes: a0584ee9ae ("SUNRPC: Use struct xdr_stream when decoding...")
Signed-off-by: Trond Myklebust <trond.myklebust@hammerspace.com>
2019-03-15 13:08:59 -04:00
Trond Myklebust
27adc78592 SUNRPC: Use the ENOTCONN error on socket disconnect
When the socket is closed, we currently send an EAGAIN error to all
pending requests in order to ask them to retransmit. Use ENOTCONN
instead, to ensure that they try to reconnect before attempting to
transmit.
This also helps SOFTCONN tasks to behave correctly in this
situation.

Signed-off-by: Trond Myklebust <trond.myklebust@hammerspace.com>
2019-03-15 13:08:20 -04:00
Trond Myklebust
513149607d SUNRPC: Fix the minimal size for reply buffer allocation
We must at minimum allocate enough memory to be able to see any auth
errors in the reply from the server.

Fixes: 2c94b8eca1 ("SUNRPC: Use au_rslack when computing reply...")
Signed-off-by: Trond Myklebust <trond.myklebust@hammerspace.com>
2019-03-15 13:06:35 -04:00
Trond Myklebust
9734ad57b0 SUNRPC: Fix a client regression when handling oversized replies
If the server sends a reply that is larger than the pre-allocated
buffer, then the current code may fail to register how much of
the stream that it has finished reading. This again can lead to
hangs.

Fixes: e92053a52e ("SUNRPC: Handle zero length fragments correctly")
Signed-off-by: Trond Myklebust <trond.myklebust@hammerspace.com>
2019-03-15 13:06:21 -04:00
Aaron Ma
bb6bccba39 iommu/amd: Fix NULL dereference bug in match_hid_uid
Add a non-NULL check to fix potential NULL pointer dereference
Cleanup code to call function once.

Signed-off-by: Aaron Ma <aaron.ma@canonical.com>
Fixes: 2bf9a0a127 ('iommu/amd: Add iommu support for ACPI HID devices')
Signed-off-by: Joerg Roedel <jroedel@suse.de>
2019-03-15 16:22:05 +01:00
Russell King
4c2741ac5e Merge branches 'fixes', 'misc' and 'smp-hotplug' into for-next 2019-03-15 15:12:56 +00:00
David Hildenbrand
0266def913 xen/balloon: Fix mapping PG_offline pages to user space
The XEN balloon driver - in contrast to other balloon drivers - allows
to map some inflated pages to user space. Such pages are allocated via
alloc_xenballooned_pages() and freed via free_xenballooned_pages().
The pfn space of these allocated pages is used to map other things
by the hypervisor using hypercalls.

Pages marked with PG_offline must never be mapped to user space (as
this page type uses the mapcount field of struct pages).

So what we can do is, clear/set PG_offline when allocating/freeing an
inflated pages. This way, most inflated pages can be excluded by
dumping tools and the "reused for other purpose" balloon pages are
correctly not marked as PG_offline.

Fixes: 77c4adf6a6 (xen/balloon: mark inflated pages PG_offline)
Reported-by: Julien Grall <julien.grall@arm.com>
Tested-by: Julien Grall <julien.grall@arm.com>
Signed-off-by: David Hildenbrand <david@redhat.com>
Reviewed-by: Juergen Gross <jgross@suse.com>
Signed-off-by: Juergen Gross <jgross@suse.com>
2019-03-15 15:35:35 +01:00
Peter Zijlstra
f764c58b7f perf/x86: Fixup typo in stub functions
Guenter reported a build warning for CONFIG_CPU_SUP_INTEL=n:

  > With allmodconfig-CONFIG_CPU_SUP_INTEL, this patch results in:
  >
  > In file included from arch/x86/events/amd/core.c:8:0:
  > arch/x86/events/amd/../perf_event.h:1036:45: warning: ‘struct cpu_hw_event’ declared inside parameter list will not be visible outside of this definition or declaration
  >  static inline int intel_cpuc_prepare(struct cpu_hw_event *cpuc, int cpu)

While harmless (an unsed pointer is an unused pointer, no matter the type)
it needs fixing.

Reported-by: Guenter Roeck <linux@roeck-us.net>
Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: stable@vger.kernel.org
Fixes: d01b1f96a8 ("perf/x86/intel: Make cpuc allocations consistent")
Link: http://lkml.kernel.org/r/20190315081410.GR5996@hirez.programming.kicks-ass.net
Signed-off-by: Ingo Molnar <mingo@kernel.org>
2019-03-15 13:12:42 +01:00
Peter Zijlstra
ede271b059 perf/x86/intel: Fix memory corruption
Through:

  validate_event()
    x86_pmu.get_event_constraints(.idx=-1)
      tfa_get_event_constraints()
        dyn_constraint()

cpuc->constraint_list[-1] is used, which is an obvious out-of-bound access.

In this case, simply skip the TFA constraint code, there is no event
constraint with just PMC3, therefore the code will never result in the
empty set.

Fixes: 400816f60c ("perf/x86/intel: Implement support for TSX Force Abort")
Reported-by: Tony Jones <tonyj@suse.com>
Reported-by: "DSouza, Nelson" <nelson.dsouza@intel.com>
Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Tested-by: Tony Jones <tonyj@suse.com>
Tested-by: "DSouza, Nelson" <nelson.dsouza@intel.com>
Cc: eranian@google.com
Cc: jolsa@redhat.com
Cc: stable@kernel.org
Link: https://lkml.kernel.org/r/20190314130705.441549378@infradead.org
2019-03-15 12:22:51 +01:00
Aurelien Aptel
bc31d0cdcf CIFS: fix POSIX lock leak and invalid ptr deref
We have a customer reporting crashes in lock_get_status() with many
"Leaked POSIX lock" messages preceeding the crash.

 Leaked POSIX lock on dev=0x0:0x56 ...
 Leaked POSIX lock on dev=0x0:0x56 ...
 Leaked POSIX lock on dev=0x0:0x56 ...
 Leaked POSIX lock on dev=0x0:0x53 ...
 Leaked POSIX lock on dev=0x0:0x53 ...
 Leaked POSIX lock on dev=0x0:0x53 ...
 Leaked POSIX lock on dev=0x0:0x53 ...
 POSIX: fl_owner=ffff8900e7b79380 fl_flags=0x1 fl_type=0x1 fl_pid=20709
 Leaked POSIX lock on dev=0x0:0x4b ino...
 Leaked locks on dev=0x0:0x4b ino=0xf911400000029:
 POSIX: fl_owner=ffff89f41c870e00 fl_flags=0x1 fl_type=0x1 fl_pid=19592
 stack segment: 0000 [#1] SMP
 Modules linked in: binfmt_misc msr tcp_diag udp_diag inet_diag unix_diag af_packet_diag netlink_diag rpcsec_gss_krb5 arc4 ecb auth_rpcgss nfsv4 md4 nfs nls_utf8 lockd grace cifs sunrpc ccm dns_resolver fscache af_packet iscsi_ibft iscsi_boot_sysfs vmw_vsock_vmci_transport vsock xfs libcrc32c sb_edac edac_core crct10dif_pclmul crc32_pclmul ghash_clmulni_intel drbg ansi_cprng vmw_balloon aesni_intel aes_x86_64 lrw gf128mul glue_helper ablk_helper cryptd joydev pcspkr vmxnet3 i2c_piix4 vmw_vmci shpchp fjes processor button ac btrfs xor raid6_pq sr_mod cdrom ata_generic sd_mod ata_piix vmwgfx crc32c_intel drm_kms_helper syscopyarea sysfillrect sysimgblt fb_sys_fops ttm serio_raw ahci libahci drm libata vmw_pvscsi sg dm_multipath dm_mod scsi_dh_rdac scsi_dh_emc scsi_dh_alua scsi_mod autofs4

 Supported: Yes
 CPU: 6 PID: 28250 Comm: lsof Not tainted 4.4.156-94.64-default #1
 Hardware name: VMware, Inc. VMware Virtual Platform/440BX Desktop Reference Platform, BIOS 6.00 04/05/2016
 task: ffff88a345f28740 ti: ffff88c74005c000 task.ti: ffff88c74005c000
 RIP: 0010:[<ffffffff8125dcab>]  [<ffffffff8125dcab>] lock_get_status+0x9b/0x3b0
 RSP: 0018:ffff88c74005fd90  EFLAGS: 00010202
 RAX: ffff89bde83e20ae RBX: ffff89e870003d18 RCX: 0000000049534f50
 RDX: ffffffff81a3541f RSI: ffffffff81a3544e RDI: ffff89bde83e20ae
 RBP: 0026252423222120 R08: 0000000020584953 R09: 000000000000ffff
 R10: 0000000000000000 R11: ffff88c74005fc70 R12: ffff89e5ca7b1340
 R13: 00000000000050e5 R14: ffff89e870003d30 R15: ffff89e5ca7b1340
 FS:  00007fafd64be800(0000) GS:ffff89f41fd00000(0000) knlGS:0000000000000000
 CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
 CR2: 0000000001c80018 CR3: 000000a522048000 CR4: 0000000000360670
 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
 Stack:
  0000000000000208 ffffffff81a3d6b6 ffff89e870003d30 ffff89e870003d18
  ffff89e5ca7b1340 ffff89f41738d7c0 ffff89e870003d30 ffff89e5ca7b1340
  ffffffff8125e08f 0000000000000000 ffff89bc22b67d00 ffff88c74005ff28
 Call Trace:
  [<ffffffff8125e08f>] locks_show+0x2f/0x70
  [<ffffffff81230ad1>] seq_read+0x251/0x3a0
  [<ffffffff81275bbc>] proc_reg_read+0x3c/0x70
  [<ffffffff8120e456>] __vfs_read+0x26/0x140
  [<ffffffff8120e9da>] vfs_read+0x7a/0x120
  [<ffffffff8120faf2>] SyS_read+0x42/0xa0
  [<ffffffff8161cbc3>] entry_SYSCALL_64_fastpath+0x1e/0xb7

When Linux closes a FD (close(), close-on-exec, dup2(), ...) it calls
filp_close() which also removes all posix locks.

The lock struct is initialized like so in filp_close() and passed
down to cifs

	...
        lock.fl_type = F_UNLCK;
        lock.fl_flags = FL_POSIX | FL_CLOSE;
        lock.fl_start = 0;
        lock.fl_end = OFFSET_MAX;
	...

Note the FL_CLOSE flag, which hints the VFS code that this unlocking
is done for closing the fd.

filp_close()
  locks_remove_posix(filp, id);
    vfs_lock_file(filp, F_SETLK, &lock, NULL);
      return filp->f_op->lock(filp, cmd, fl) => cifs_lock()
        rc = cifs_setlk(file, flock, type, wait_flag, posix_lck, lock, unlock, xid);
          rc = server->ops->mand_unlock_range(cfile, flock, xid);
          if (flock->fl_flags & FL_POSIX && !rc)
                  rc = locks_lock_file_wait(file, flock)

Notice how we don't call locks_lock_file_wait() which does the
generic VFS lock/unlock/wait work on the inode if rc != 0.

If we are closing the handle, the SMB server is supposed to remove any
locks associated with it. Similarly, cifs.ko frees and wakes up any
lock and lock waiter when closing the file:

cifs_close()
  cifsFileInfo_put(file->private_data)
	/*
	 * Delete any outstanding lock records. We'll lose them when the file
	 * is closed anyway.
	 */
	down_write(&cifsi->lock_sem);
	list_for_each_entry_safe(li, tmp, &cifs_file->llist->locks, llist) {
		list_del(&li->llist);
		cifs_del_lock_waiters(li);
		kfree(li);
	}
	list_del(&cifs_file->llist->llist);
	kfree(cifs_file->llist);
	up_write(&cifsi->lock_sem);

So we can safely ignore unlocking failures in cifs_lock() if they
happen with the FL_CLOSE flag hint set as both the server and the
client take care of it during the actual closing.

This is not a proper fix for the unlocking failure but it's safe and
it seems to prevent the lock leakages and crashes the customer
experiences.

Signed-off-by: Aurelien Aptel <aaptel@suse.com>
Signed-off-by: NeilBrown <neil@brown.name>
Signed-off-by: Steve French <stfrench@microsoft.com>
Acked-by: Pavel Shilovsky <pshilov@microsoft.com>
2019-03-14 19:32:36 -05:00
Ronnie Sahlberg
f5778c3987 SMB3: Allow SMB3 FSCTL queries to be sent to server from tools
For debugging purposes we often have to be able to query
additional information only available via SMB3 FSCTL
from the server from user space tools (e.g. like
cifs-utils's smbinfo).  See MS-FSCC and MS-SMB2 protocol
specifications for more details.

Signed-off-by: Ronnie Sahlberg <lsahlber@redhat.com>
Signed-off-by: Steve French <stfrench@microsoft.com>
2019-03-14 19:32:36 -05:00
Ronnie Sahlberg
f16994797e cifs: fix incorrect handling of smb2_set_sparse() return in smb3_simple_falloc
smb2_set_sparse does not return -errno, it returns a boolean where
true means success.
Change this to just ignore the return value just like the other callsites.

Additionally add code to handle the case where we must set the file sparse
and possibly also extending it.

Fixes xfstests: generic/236 generic/350 generic/420

Signed-off-by: Ronnie Sahlberg <lsahlber@redhat.com>
Signed-off-by: Steve French <stfrench@microsoft.com>
2019-03-14 19:32:36 -05:00
Steve French
dd0ac2d24b smb2: fix typo in definition of a few error flags
As Sergey Senozhatsky pointed out __constant_cpu_to_le32()
is misspelled in a few definitions in the list of status
codes smb2status.h as __constanst_cpu_to_le32()

Signed-off-by: Steve French <stfrench@microsoft.com>
CC: Sergey Senozhatsky <sergey.senozhatsky@gmail.com>
2019-03-14 19:32:36 -05:00
Aurelien Aptel
c847dccfbd CIFS: make mknod() an smb_version_op
This cleanup removes cifs specific code from SMB2/SMB3 code paths
which is cleaner and easier to maintain as the code to handle
special files is improved.  Below is an example creating special files
using 'sfu' mount option over SMB3 to Windows (with this patch)
(Note that to Samba server, support for saving dos attributes
has to be enabled for the SFU mount option to work).

In the future this will also make implementation of creating
special files as reparse points easier (as Windows NFS server does
for example).

   root@smf-Thinkpad-P51:~# stat -c "%F" /mnt2/char
   character special file

   root@smf-Thinkpad-P51:~# stat -c "%F" /mnt2/block
   block special file

Signed-off-by: Aurelien Aptel <aaptel@suse.com>
Signed-off-by: Steve French <stfrench@microsoft.com>
Reviewed-by: Ronnie Sahlberg <lsahlber@redhat.com>
2019-03-14 19:32:36 -05:00
Steve French
6552580286 cifs: minor documentation updates
Also updated a comment describing use of the GlobalMid_Lock

Signed-off-by: Steve French <stfrench@microsoft.com>
2019-03-14 19:32:36 -05:00
Steve French
d44d13723b cifs: remove unused value pointed out by Coverity
Detected by CoverityScan CID#1438719 ("Unused Value")

buf is reset again before being used so these two lines of code
are useless.

Signed-off-by: Steve French <stfrench@microsoft.com>
Reviewed-by: Ronnie Sahlberg <lsahlber@redhat.com>
2019-03-14 19:32:36 -05:00
Steve French
31ba4331d5 SMB3: passthru query info doesn't check for SMB3 FSCTL passthru
The passthrough queries from user space tools like smbinfo can be either
SMB3 QUERY_INFO or SMB3 FSCTL, but we are not checking for the latter.
Temporarily we return EOPNOTSUPP for SMB3 FSCTL passthrough requests
but once compounding fsctls is fixed can enable.

Signed-off-by: Steve French <stfrench@microsoft.com>
Reviewed-by: Ronnie Sahlberg <lsahlber@redhat.com>
2019-03-14 19:32:36 -05:00
Steve French
779ede040d smb3: add dynamic tracepoints for simple fallocate and zero range
Can be helpful in debugging various xfstests that are currently
skipped or failing due to missing features in our current
implementation of fallocate.

Signed-off-by: Steve French <stfrench@microsoft.com>
Reviewed-by: Ronnie Sahlberg <lsahlber@redhat.com>
2019-03-14 19:32:35 -05:00
Ronnie Sahlberg
72c419d9b0 cifs: fix smb3_zero_range so it can expand the file-size when required
This allows fallocate -z to work against a Windows2016 share.

This is due to the SMB3 ZERO_RANGE command does not modify the filesize.
To address this we will now append a compounded SET-INFO to update the
end-of-file information.

This brings xfstests generic/469 closer to working against a windows share.

Signed-off-by: Ronnie Sahlberg <lsahlber@redhat.com>
Signed-off-by: Steve French <stfrench@microsoft.com>
2019-03-14 19:32:35 -05:00
Ronnie Sahlberg
ccdc77a305 cifs: add SMB2_ioctl_init/free helpers to be used with compounding
Define an _init() and a _free() function for SMB2_init so that we will
be able to use it with compounds.

Signed-off-by: Ronnie Sahlberg <lsahlber@redhat.com>
Signed-off-by: Steve French <stfrench@microsoft.com>
2019-03-14 19:32:35 -05:00
Steve French
8191576a12 smb3: Add dynamic trace points for various compounded smb3 ops
Adds trace points for enter and exit (done vs. error) for:

	compounded query and setinfo, hardlink, rename,
	mkdir, rmdir, set_eof, delete (unlink)

Signed-off-by: Steve French <stfrench@microsoft.com>
Reviewed-by: Ronnie Sahlberg <lsahlber@redhat.com>
2019-03-14 19:32:35 -05:00
Ronnie Sahlberg
b0f6df737a cifs: cache FILE_ALL_INFO for the shared root handle
When we open the shared root handle also ask for FILE_ALL_INFORMATION since
we can do this at zero cost as part of a compound.
Cache this information as long as the lease is held and return and serve any
future requests from cache.

This allows us to serve "stat /<mountpoint>" directly from cache and avoid
a network roundtrip.  Since clients often want to do this quite a lot
this improve performance slightly.

As an example: xfstest generic/533 performs 43 stat operations on the root
of the share while it is run. Which are eliminated with this patch.

Signed-off-by: Ronnie Sahlberg <lsahlber@redhat.com>
Signed-off-by: Steve French <stfrench@microsoft.com>
Reviewed-by: Pavel Shilovsky <pshilov@microsoft.com>
2019-03-14 19:32:35 -05:00
Steve French
ab7b10cf4f smb3: display volume serial number for shares in /proc/fs/cifs/DebugData
It can be helpful for debugging.  According to MS-FSCC:

"A 32-bit unsigned integer that contains the serial number of the
volume. The serial number is an opaque value generated by the file
system at format time"

Signed-off-by: Steve French <stfrench@microsoft.com>
Acked-by: Pavel Shilovsky <pshilov@microsoft.com>
2019-03-14 19:32:35 -05:00
Ronnie Sahlberg
257b78099b cifs: simplify how we handle credits in compound_send_recv()
Since we can now wait for multiple requests atomically in
wait_for_free_request() we can now greatly simplify the handling
of the credits in this function.

This fixes a potential deadlock where many concurrent compound requests
could each have reserved 1 or 2 credits each but are all blocked
waiting for the final credits they need to be able to issue the requests
to the server.

Set a default timeout of 60 seconds for compounded requests.

Signed-off-by: Ronnie Sahlberg <lsahlber@redhat.com>
Signed-off-by: Steve French <stfrench@microsoft.com>
Reviewed-by: Pavel Shilovsky <pshilov@microsoft.com>
2019-03-14 19:32:35 -05:00
Steve French
7937ca961c smb3: add dynamic tracepoint for timeout waiting for credits
To help debug credit starvation problems where we timeout
waiting for server to grant the client credits.

Signed-off-by: Steve French <stfrench@microsoft.com>
Reviewed-by: Ronnie Sahlberg <lsahlber@redhat.com>
Reviewed-by: Pavel Shilovsky <pshilov@microsoft.com>
2019-03-14 19:32:35 -05:00
Steve French
ffd1ef1e50 smb3: display security information in /proc/fs/cifs/DebugData more accurately
When the server required encryption (but we didn't connect to it with the
"seal" mount option) we weren't displaying in /proc/fs/cifs/DebugData that
the tcon for that share was encrypted. Similarly we were not displaying
that signing was required when ses->sign was enabled (we only
checked ses->server->sign).  This makes it easier to debug when in
fact the connection is signed (or sealed), whether for performance
or security questions.

Signed-off-by: Steve French <stfrench@microsoft.com>
Reviewed-by: Ronnie Sahlberg <lsahlber@redhat.com>
2019-03-14 19:32:35 -05:00
Ronnie Sahlberg
2b53b929fa cifs: add a timeout argument to wait_for_free_credits
A negative timeout is the same as the current behaviour, i.e. no timeout.

Signed-off-by: Ronnie Sahlberg <lsahlber@redhat.com>
Signed-off-by: Steve French <stfrench@microsoft.com>
Reviewed-by: Pavel Shilovsky <pshilov@microsoft.com>
2019-03-14 19:32:35 -05:00
Ronnie Sahlberg
16b34aa44b cifs: prevent starvation in wait_for_free_credits for multi-credit requests
Reserve the last MAX_COMPOUND credits for any request asking for >1 credit.
This is to prevent future compound requests from becoming starved while waiting
for potentially many requests is there is a large number of concurrent
singe-credit requests.

However, we need to protect from servers that are very slow to hand out
new credits on new sessions so we only do this IFF there are 2*MAX_COMPOUND
(arbitrary) credits already in flight.

Signed-off-by: Ronnie Sahlberg <lsahlber@redhat.com>
Signed-off-by: Steve French <stfrench@microsoft.com>
Reviewed-by: Pavel Shilovsky <pshilov@microsoft.com>
2019-03-14 19:32:35 -05:00
Ronnie Sahlberg
b227d215de cifs: wait_for_free_credits() make it possible to wait for >=1 credits
Change wait_for_free_credits() to allow waiting for >=1 credits instead of just
a single credit.

Signed-off-by: Ronnie Sahlberg <lsahlber@redhat.com>
Signed-off-by: Steve French <stfrench@microsoft.com>
Reviewed-by: Pavel Shilovsky <pshilov@microsoft.com>
2019-03-14 19:32:35 -05:00
Ronnie Sahlberg
4230cff8c0 cifs: pass flags down into wait_for_free_credits()
Signed-off-by: Ronnie Sahlberg <lsahlber@redhat.com>
Signed-off-by: Steve French <stfrench@microsoft.com>
Reviewed-by: Pavel Shilovsky <pshilov@microsoft.com>
2019-03-14 19:32:35 -05:00
Ronnie Sahlberg
480b1cb9da cifs: change wait_for_free_request() to take flags as argument
and compute timeout and optyp from it.

Signed-off-by: Ronnie Sahlberg <lsahlber@redhat.com>
Signed-off-by: Steve French <stfrench@microsoft.com>
Reviewed-by: Pavel Shilovsky <pshilov@microsoft.com>
2019-03-14 19:32:35 -05:00