]> git.ipfire.org Git - thirdparty/kernel/stable-queue.git/commitdiff
projects / thirdparty / kernel / stable-queue.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 30be7aa)
Fixes for 4.14
authorSasha Levin <sashal@kernel.org>
Sat, 26 Aug 2023 13:50:19 +0000 (09:50 -0400)
committerSasha Levin <sashal@kernel.org>
Sat, 26 Aug 2023 13:50:19 +0000 (09:50 -0400)
Signed-off-by: Sasha Levin <sashal@kernel.org>
queue-4.14/igb-avoid-starting-unnecessary-workqueues.patch [new file with mode: 0644] patch | blob
queue-4.14/series patch | blob | blame | history
queue-4.14/sock-annotate-data-races-around-prot-memory_pressure.patch [new file with mode: 0644] patch | blob
queue-4.14/tracing-fix-memleak-due-to-race-between-current_trac.patch [new file with mode: 0644] patch | blob

diff --git a/queue-4.14/igb-avoid-starting-unnecessary-workqueues.patch b/queue-4.14/igb-avoid-starting-unnecessary-workqueues.patch
new file mode 100644 (file)
index 0000000..6f34b86
--- /dev/null
+++ b/queue-4.14/igb-avoid-starting-unnecessary-workqueues.patch
@@ -0,0 +1,91 @@
+From a4444b62b6e03516f334232a522ce4e08e8451aa Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Mon, 21 Aug 2023 10:19:27 -0700
+Subject: igb: Avoid starting unnecessary workqueues
+
+From: Alessio Igor Bogani <alessio.bogani@elettra.eu>
+
+[ Upstream commit b888c510f7b3d64ca75fc0f43b4a4bd1a611312f ]
+
+If ptp_clock_register() fails or CONFIG_PTP isn't enabled, avoid starting
+PTP related workqueues.
+
+In this way we can fix this:
+ BUG: unable to handle page fault for address: ffffc9000440b6f8
+ #PF: supervisor read access in kernel mode
+ #PF: error_code(0x0000) - not-present page
+ PGD 100000067 P4D 100000067 PUD 1001e0067 PMD 107dc5067 PTE 0
+ Oops: 0000 [#1] PREEMPT SMP
+ [...]
+ Workqueue: events igb_ptp_overflow_check
+ RIP: 0010:igb_rd32+0x1f/0x60
+ [...]
+ Call Trace:
+  igb_ptp_read_82580+0x20/0x50
+  timecounter_read+0x15/0x60
+  igb_ptp_overflow_check+0x1a/0x50
+  process_one_work+0x1cb/0x3c0
+  worker_thread+0x53/0x3f0
+  ? rescuer_thread+0x370/0x370
+  kthread+0x142/0x160
+  ? kthread_associate_blkcg+0xc0/0xc0
+  ret_from_fork+0x1f/0x30
+
+Fixes: 1f6e8178d685 ("igb: Prevent dropped Tx timestamps via work items and interrupts.")
+Fixes: d339b1331616 ("igb: add PTP Hardware Clock code")
+Signed-off-by: Alessio Igor Bogani <alessio.bogani@elettra.eu>
+Tested-by: Arpana Arland <arpanax.arland@intel.com> (A Contingent worker at Intel)
+Signed-off-by: Tony Nguyen <anthony.l.nguyen@intel.com>
+Reviewed-by: Simon Horman <horms@kernel.org>
+Link: https://lore.kernel.org/r/20230821171927.2203644-1-anthony.l.nguyen@intel.com
+Signed-off-by: Jakub Kicinski <kuba@kernel.org>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ drivers/net/ethernet/intel/igb/igb_ptp.c | 24 ++++++++++++------------
+ 1 file changed, 12 insertions(+), 12 deletions(-)
+
+diff --git a/drivers/net/ethernet/intel/igb/igb_ptp.c b/drivers/net/ethernet/intel/igb/igb_ptp.c
+index 295d27f331042..179e1d74661d4 100644
+--- a/drivers/net/ethernet/intel/igb/igb_ptp.c
++++ b/drivers/net/ethernet/intel/igb/igb_ptp.c
+@@ -1195,18 +1195,6 @@ void igb_ptp_init(struct igb_adapter *adapter)
+               return;
+       }
+-      spin_lock_init(&adapter->tmreg_lock);
+-      INIT_WORK(&adapter->ptp_tx_work, igb_ptp_tx_work);
+-
+-      if (adapter->ptp_flags & IGB_PTP_OVERFLOW_CHECK)
+-              INIT_DELAYED_WORK(&adapter->ptp_overflow_work,
+-                                igb_ptp_overflow_check);
+-
+-      adapter->tstamp_config.rx_filter = HWTSTAMP_FILTER_NONE;
+-      adapter->tstamp_config.tx_type = HWTSTAMP_TX_OFF;
+-
+-      igb_ptp_reset(adapter);
+-
+       adapter->ptp_clock = ptp_clock_register(&adapter->ptp_caps,
+                                               &adapter->pdev->dev);
+       if (IS_ERR(adapter->ptp_clock)) {
+@@ -1216,6 +1204,18 @@ void igb_ptp_init(struct igb_adapter *adapter)
+               dev_info(&adapter->pdev->dev, "added PHC on %s\n",
+                        adapter->netdev->name);
+               adapter->ptp_flags |= IGB_PTP_ENABLED;
++
++              spin_lock_init(&adapter->tmreg_lock);
++              INIT_WORK(&adapter->ptp_tx_work, igb_ptp_tx_work);
++
++              if (adapter->ptp_flags & IGB_PTP_OVERFLOW_CHECK)
++                      INIT_DELAYED_WORK(&adapter->ptp_overflow_work,
++                                        igb_ptp_overflow_check);
++
++              adapter->tstamp_config.rx_filter = HWTSTAMP_FILTER_NONE;
++              adapter->tstamp_config.tx_type = HWTSTAMP_TX_OFF;
++
++              igb_ptp_reset(adapter);
+       }
+ }
+-- 
+2.40.1
+
diff --git a/queue-4.14/series b/queue-4.14/series
index 94a94ae4785719133a5a844b2a21c46053570fd7..7931e178510687d53cacd522a90f26c1a7c26bc3 100644 (file)
--- a/queue-4.14/series
+++ b/queue-4.14/series
@@ -38,3 +38,6 @@ af_unix-fix-null-ptr-deref-in-unix_stream_sendpage.patch
 net-fix-the-rto-timer-retransmitting-skb-every-1ms-if-linear-option-is-enabled.patch
 net-xfrm-amend-xfrma_sec_ctx-nla_policy-structure.patch
 net-phy-broadcom-stub-c45-read-write-for-54810.patch
+tracing-fix-memleak-due-to-race-between-current_trac.patch
+sock-annotate-data-races-around-prot-memory_pressure.patch
+igb-avoid-starting-unnecessary-workqueues.patch
diff --git a/queue-4.14/sock-annotate-data-races-around-prot-memory_pressure.patch b/queue-4.14/sock-annotate-data-races-around-prot-memory_pressure.patch
new file mode 100644 (file)
index 0000000..0008c64
--- /dev/null
+++ b/queue-4.14/sock-annotate-data-races-around-prot-memory_pressure.patch
@@ -0,0 +1,82 @@
+From 3efd1e7b8cee513cedb9be461641dfc25ff16d01 Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Fri, 18 Aug 2023 01:51:32 +0000
+Subject: sock: annotate data-races around prot->memory_pressure
+
+From: Eric Dumazet <edumazet@google.com>
+
+[ Upstream commit 76f33296d2e09f63118db78125c95ef56df438e9 ]
+
+*prot->memory_pressure is read/writen locklessly, we need
+to add proper annotations.
+
+A recent commit added a new race, it is time to audit all accesses.
+
+Fixes: 2d0c88e84e48 ("sock: Fix misuse of sk_under_memory_pressure()")
+Fixes: 4d93df0abd50 ("[SCTP]: Rewrite of sctp buffer management code")
+Signed-off-by: Eric Dumazet <edumazet@google.com>
+Cc: Abel Wu <wuyun.abel@bytedance.com>
+Reviewed-by: Shakeel Butt <shakeelb@google.com>
+Link: https://lore.kernel.org/r/20230818015132.2699348-1-edumazet@google.com
+Signed-off-by: Jakub Kicinski <kuba@kernel.org>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ include/net/sock.h | 7 ++++---
+ net/sctp/socket.c  | 2 +-
+ 2 files changed, 5 insertions(+), 4 deletions(-)
+
+diff --git a/include/net/sock.h b/include/net/sock.h
+index 1937deba0849b..7b42ddca4decb 100644
+--- a/include/net/sock.h
++++ b/include/net/sock.h
+@@ -1115,6 +1115,7 @@ struct proto {
+       /*
+        * Pressure flag: try to collapse.
+        * Technical note: it is used by multiple contexts non atomically.
++       * Make sure to use READ_ONCE()/WRITE_ONCE() for all reads/writes.
+        * All the __sk_mem_schedule() is of this nature: accounting
+        * is strict, actions are advisory and have some latency.
+        */
+@@ -1214,7 +1215,7 @@ static inline bool sk_has_memory_pressure(const struct sock *sk)
+ static inline bool sk_under_global_memory_pressure(const struct sock *sk)
+ {
+       return sk->sk_prot->memory_pressure &&
+-              !!*sk->sk_prot->memory_pressure;
++              !!READ_ONCE(*sk->sk_prot->memory_pressure);
+ }
+ static inline bool sk_under_memory_pressure(const struct sock *sk)
+@@ -1226,7 +1227,7 @@ static inline bool sk_under_memory_pressure(const struct sock *sk)
+           mem_cgroup_under_socket_pressure(sk->sk_memcg))
+               return true;
+-      return !!*sk->sk_prot->memory_pressure;
++      return !!READ_ONCE(*sk->sk_prot->memory_pressure);
+ }
+ static inline long
+@@ -1280,7 +1281,7 @@ proto_memory_pressure(struct proto *prot)
+ {
+       if (!prot->memory_pressure)
+               return false;
+-      return !!*prot->memory_pressure;
++      return !!READ_ONCE(*prot->memory_pressure);
+ }
+diff --git a/net/sctp/socket.c b/net/sctp/socket.c
+index 9414dcb376d26..e5c3c37108e4e 100644
+--- a/net/sctp/socket.c
++++ b/net/sctp/socket.c
+@@ -110,7 +110,7 @@ struct percpu_counter sctp_sockets_allocated;
+ static void sctp_enter_memory_pressure(struct sock *sk)
+ {
+-      sctp_memory_pressure = 1;
++      WRITE_ONCE(sctp_memory_pressure, 1);
+ }
+-- 
+2.40.1
+
diff --git a/queue-4.14/tracing-fix-memleak-due-to-race-between-current_trac.patch b/queue-4.14/tracing-fix-memleak-due-to-race-between-current_trac.patch
new file mode 100644 (file)
index 0000000..26cb59e
--- /dev/null
+++ b/queue-4.14/tracing-fix-memleak-due-to-race-between-current_trac.patch
@@ -0,0 +1,122 @@
+From c3ec9f1a3a403530342b432ed7862cc260f5a665 Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Thu, 17 Aug 2023 20:55:39 +0800
+Subject: tracing: Fix memleak due to race between current_tracer and trace
+
+From: Zheng Yejian <zhengyejian1@huawei.com>
+
+[ Upstream commit eecb91b9f98d6427d4af5fdb8f108f52572a39e7 ]
+
+Kmemleak report a leak in graph_trace_open():
+
+  unreferenced object 0xffff0040b95f4a00 (size 128):
+    comm "cat", pid 204981, jiffies 4301155872 (age 99771.964s)
+    hex dump (first 32 bytes):
+      e0 05 e7 b4 ab 7d 00 00 0b 00 01 00 00 00 00 00 .....}..........
+      f4 00 01 10 00 a0 ff ff 00 00 00 00 65 00 10 00 ............e...
+    backtrace:
+      [<000000005db27c8b>] kmem_cache_alloc_trace+0x348/0x5f0
+      [<000000007df90faa>] graph_trace_open+0xb0/0x344
+      [<00000000737524cd>] __tracing_open+0x450/0xb10
+      [<0000000098043327>] tracing_open+0x1a0/0x2a0
+      [<00000000291c3876>] do_dentry_open+0x3c0/0xdc0
+      [<000000004015bcd6>] vfs_open+0x98/0xd0
+      [<000000002b5f60c9>] do_open+0x520/0x8d0
+      [<00000000376c7820>] path_openat+0x1c0/0x3e0
+      [<00000000336a54b5>] do_filp_open+0x14c/0x324
+      [<000000002802df13>] do_sys_openat2+0x2c4/0x530
+      [<0000000094eea458>] __arm64_sys_openat+0x130/0x1c4
+      [<00000000a71d7881>] el0_svc_common.constprop.0+0xfc/0x394
+      [<00000000313647bf>] do_el0_svc+0xac/0xec
+      [<000000002ef1c651>] el0_svc+0x20/0x30
+      [<000000002fd4692a>] el0_sync_handler+0xb0/0xb4
+      [<000000000c309c35>] el0_sync+0x160/0x180
+
+The root cause is descripted as follows:
+
+  __tracing_open() {  // 1. File 'trace' is being opened;
+    ...
+    *iter->trace = *tr->current_trace;  // 2. Tracer 'function_graph' is
+                                        //    currently set;
+    ...
+    iter->trace->open(iter);  // 3. Call graph_trace_open() here,
+                              //    and memory are allocated in it;
+    ...
+  }
+
+  s_start() {  // 4. The opened file is being read;
+    ...
+    *iter->trace = *tr->current_trace;  // 5. If tracer is switched to
+                                        //    'nop' or others, then memory
+                                        //    in step 3 are leaked!!!
+    ...
+  }
+
+To fix it, in s_start(), close tracer before switching then reopen the
+new tracer after switching. And some tracers like 'wakeup' may not update
+'iter->private' in some cases when reopen, then it should be cleared
+to avoid being mistakenly closed again.
+
+Link: https://lore.kernel.org/linux-trace-kernel/20230817125539.1646321-1-zhengyejian1@huawei.com
+
+Fixes: d7350c3f4569 ("tracing/core: make the read callbacks reentrants")
+Signed-off-by: Zheng Yejian <zhengyejian1@huawei.com>
+Signed-off-by: Steven Rostedt (Google) <rostedt@goodmis.org>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ kernel/trace/trace.c              | 9 ++++++++-
+ kernel/trace/trace_irqsoff.c      | 3 ++-
+ kernel/trace/trace_sched_wakeup.c | 2 ++
+ 3 files changed, 12 insertions(+), 2 deletions(-)
+
+diff --git a/kernel/trace/trace.c b/kernel/trace/trace.c
+index f5d084b88228c..c851b6fe45b27 100644
+--- a/kernel/trace/trace.c
++++ b/kernel/trace/trace.c
+@@ -3275,8 +3275,15 @@ static void *s_start(struct seq_file *m, loff_t *pos)
+        * will point to the same string as current_trace->name.
+        */
+       mutex_lock(&trace_types_lock);
+-      if (unlikely(tr->current_trace && iter->trace->name != tr->current_trace->name))
++      if (unlikely(tr->current_trace && iter->trace->name != tr->current_trace->name)) {
++              /* Close iter->trace before switching to the new current tracer */
++              if (iter->trace->close)
++                      iter->trace->close(iter);
+               *iter->trace = *tr->current_trace;
++              /* Reopen the new current tracer */
++              if (iter->trace->open)
++                      iter->trace->open(iter);
++      }
+       mutex_unlock(&trace_types_lock);
+ #ifdef CONFIG_TRACER_MAX_TRACE
+diff --git a/kernel/trace/trace_irqsoff.c b/kernel/trace/trace_irqsoff.c
+index 2d9e12380dc3b..2e67aeb6aed37 100644
+--- a/kernel/trace/trace_irqsoff.c
++++ b/kernel/trace/trace_irqsoff.c
+@@ -218,7 +218,8 @@ static void irqsoff_trace_open(struct trace_iterator *iter)
+ {
+       if (is_graph(iter->tr))
+               graph_trace_open(iter);
+-
++      else
++              iter->private = NULL;
+ }
+ static void irqsoff_trace_close(struct trace_iterator *iter)
+diff --git a/kernel/trace/trace_sched_wakeup.c b/kernel/trace/trace_sched_wakeup.c
+index a5a4b56631630..ad458724bf960 100644
+--- a/kernel/trace/trace_sched_wakeup.c
++++ b/kernel/trace/trace_sched_wakeup.c
+@@ -287,6 +287,8 @@ static void wakeup_trace_open(struct trace_iterator *iter)
+ {
+       if (is_graph(iter->tr))
+               graph_trace_open(iter);
++      else
++              iter->private = NULL;
+ }
+ static void wakeup_trace_close(struct trace_iterator *iter)
+-- 
+2.40.1
+
Mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/stable-queue.git