--- /dev/null
+From 6b22489911b726eebbf169caee52fea52013fbdd Mon Sep 17 00:00:00 2001
+From: "zhangyi (F)" <yi.zhang@huawei.com>
+Date: Fri, 5 Mar 2021 20:05:08 +0800
+Subject: ext4: do not try to set xattr into ea_inode if value is empty
+
+From: zhangyi (F) <yi.zhang@huawei.com>
+
+commit 6b22489911b726eebbf169caee52fea52013fbdd upstream.
+
+Syzbot report a warning that ext4 may create an empty ea_inode if set
+an empty extent attribute to a file on the file system which is no free
+blocks left.
+
+ WARNING: CPU: 6 PID: 10667 at fs/ext4/xattr.c:1640 ext4_xattr_set_entry+0x10f8/0x1114 fs/ext4/xattr.c:1640
+ ...
+ Call trace:
+ ext4_xattr_set_entry+0x10f8/0x1114 fs/ext4/xattr.c:1640
+ ext4_xattr_block_set+0x1d0/0x1b1c fs/ext4/xattr.c:1942
+ ext4_xattr_set_handle+0x8a0/0xf1c fs/ext4/xattr.c:2390
+ ext4_xattr_set+0x120/0x1f0 fs/ext4/xattr.c:2491
+ ext4_xattr_trusted_set+0x48/0x5c fs/ext4/xattr_trusted.c:37
+ __vfs_setxattr+0x208/0x23c fs/xattr.c:177
+ ...
+
+Now, ext4 try to store extent attribute into an external inode if
+ext4_xattr_block_set() return -ENOSPC, but for the case of store an
+empty extent attribute, store the extent entry into the extent
+attribute block is enough. A simple reproduce below.
+
+ fallocate test.img -l 1M
+ mkfs.ext4 -F -b 2048 -O ea_inode test.img
+ mount test.img /mnt
+ dd if=/dev/zero of=/mnt/foo bs=2048 count=500
+ setfattr -n "user.test" /mnt/foo
+
+Reported-by: syzbot+98b881fdd8ebf45ab4ae@syzkaller.appspotmail.com
+Fixes: 9c6e7853c531 ("ext4: reserve space for xattr entries/names")
+Cc: stable@kernel.org
+Signed-off-by: zhangyi (F) <yi.zhang@huawei.com>
+Link: https://lore.kernel.org/r/20210305120508.298465-1-yi.zhang@huawei.com
+Signed-off-by: Theodore Ts'o <tytso@mit.edu>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ fs/ext4/xattr.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/fs/ext4/xattr.c
++++ b/fs/ext4/xattr.c
+@@ -2419,7 +2419,7 @@ retry_inode:
+ * external inode if possible.
+ */
+ if (ext4_has_feature_ea_inode(inode->i_sb) &&
+- !i.in_inode) {
++ i.value_len && !i.in_inode) {
+ i.in_inode = 1;
+ goto retry_inode;
+ }
--- /dev/null
+From b7ff91fd030dc9d72ed91b1aab36e445a003af4f Mon Sep 17 00:00:00 2001
+From: "zhangyi (F)" <yi.zhang@huawei.com>
+Date: Wed, 3 Mar 2021 21:17:02 +0800
+Subject: ext4: find old entry again if failed to rename whiteout
+
+From: zhangyi (F) <yi.zhang@huawei.com>
+
+commit b7ff91fd030dc9d72ed91b1aab36e445a003af4f upstream.
+
+If we failed to add new entry on rename whiteout, we cannot reset the
+old->de entry directly, because the old->de could have moved from under
+us during make indexed dir. So find the old entry again before reset is
+needed, otherwise it may corrupt the filesystem as below.
+
+ /dev/sda: Entry '00000001' in ??? (12) has deleted/unused inode 15. CLEARED.
+ /dev/sda: Unattached inode 75
+ /dev/sda: UNEXPECTED INCONSISTENCY; RUN fsck MANUALLY.
+
+Fixes: 6b4b8e6b4ad ("ext4: fix bug for rename with RENAME_WHITEOUT")
+Cc: stable@vger.kernel.org
+Signed-off-by: zhangyi (F) <yi.zhang@huawei.com>
+Link: https://lore.kernel.org/r/20210303131703.330415-1-yi.zhang@huawei.com
+Signed-off-by: Theodore Ts'o <tytso@mit.edu>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ fs/ext4/namei.c | 29 +++++++++++++++++++++++++++--
+ 1 file changed, 27 insertions(+), 2 deletions(-)
+
+--- a/fs/ext4/namei.c
++++ b/fs/ext4/namei.c
+@@ -3440,6 +3440,31 @@ static int ext4_setent(handle_t *handle,
+ return 0;
+ }
+
++static void ext4_resetent(handle_t *handle, struct ext4_renament *ent,
++ unsigned ino, unsigned file_type)
++{
++ struct ext4_renament old = *ent;
++ int retval = 0;
++
++ /*
++ * old->de could have moved from under us during make indexed dir,
++ * so the old->de may no longer valid and need to find it again
++ * before reset old inode info.
++ */
++ old.bh = ext4_find_entry(old.dir, &old.dentry->d_name, &old.de, NULL);
++ if (IS_ERR(old.bh))
++ retval = PTR_ERR(old.bh);
++ if (!old.bh)
++ retval = -ENOENT;
++ if (retval) {
++ ext4_std_error(old.dir->i_sb, retval);
++ return;
++ }
++
++ ext4_setent(handle, &old, ino, file_type);
++ brelse(old.bh);
++}
++
+ static int ext4_find_delete_entry(handle_t *handle, struct inode *dir,
+ const struct qstr *d_name)
+ {
+@@ -3736,8 +3761,8 @@ static int ext4_rename(struct inode *old
+ end_rename:
+ if (whiteout) {
+ if (retval) {
+- ext4_setent(handle, &old,
+- old.inode->i_ino, old_file_type);
++ ext4_resetent(handle, &old,
++ old.inode->i_ino, old_file_type);
+ drop_nlink(whiteout);
+ }
+ unlock_new_inode(whiteout);
--- /dev/null
+From 7d8bd3c76da1d94b85e6c9b7007e20e980bfcfe6 Mon Sep 17 00:00:00 2001
+From: Shijie Luo <luoshijie1@huawei.com>
+Date: Fri, 12 Mar 2021 01:50:51 -0500
+Subject: ext4: fix potential error in ext4_do_update_inode
+
+From: Shijie Luo <luoshijie1@huawei.com>
+
+commit 7d8bd3c76da1d94b85e6c9b7007e20e980bfcfe6 upstream.
+
+If set_large_file = 1 and errors occur in ext4_handle_dirty_metadata(),
+the error code will be overridden, go to out_brelse to avoid this
+situation.
+
+Signed-off-by: Shijie Luo <luoshijie1@huawei.com>
+Link: https://lore.kernel.org/r/20210312065051.36314-1-luoshijie1@huawei.com
+Cc: stable@kernel.org
+Reviewed-by: Jan Kara <jack@suse.cz>
+Signed-off-by: Theodore Ts'o <tytso@mit.edu>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ fs/ext4/inode.c | 8 ++++----
+ 1 file changed, 4 insertions(+), 4 deletions(-)
+
+--- a/fs/ext4/inode.c
++++ b/fs/ext4/inode.c
+@@ -5266,7 +5266,7 @@ static int ext4_do_update_inode(handle_t
+ struct ext4_inode_info *ei = EXT4_I(inode);
+ struct buffer_head *bh = iloc->bh;
+ struct super_block *sb = inode->i_sb;
+- int err = 0, rc, block;
++ int err = 0, block;
+ int need_datasync = 0, set_large_file = 0;
+ uid_t i_uid;
+ gid_t i_gid;
+@@ -5378,9 +5378,9 @@ static int ext4_do_update_inode(handle_t
+ bh->b_data);
+
+ BUFFER_TRACE(bh, "call ext4_handle_dirty_metadata");
+- rc = ext4_handle_dirty_metadata(handle, NULL, bh);
+- if (!err)
+- err = rc;
++ err = ext4_handle_dirty_metadata(handle, NULL, bh);
++ if (err)
++ goto out_brelse;
+ ext4_clear_inode_state(inode, EXT4_STATE_NEW);
+ if (set_large_file) {
+ BUFFER_TRACE(EXT4_SB(sb)->s_sbh, "get write access");
--- /dev/null
+From 81e2073c175b887398e5bca6c004efa89983f58d Mon Sep 17 00:00:00 2001
+From: Thomas Gleixner <tglx@linutronix.de>
+Date: Wed, 17 Mar 2021 15:38:52 +0100
+Subject: genirq: Disable interrupts for force threaded handlers
+
+From: Thomas Gleixner <tglx@linutronix.de>
+
+commit 81e2073c175b887398e5bca6c004efa89983f58d upstream.
+
+With interrupt force threading all device interrupt handlers are invoked
+from kernel threads. Contrary to hard interrupt context the invocation only
+disables bottom halfs, but not interrupts. This was an oversight back then
+because any code like this will have an issue:
+
+thread(irq_A)
+ irq_handler(A)
+ spin_lock(&foo->lock);
+
+interrupt(irq_B)
+ irq_handler(B)
+ spin_lock(&foo->lock);
+
+This has been triggered with networking (NAPI vs. hrtimers) and console
+drivers where printk() happens from an interrupt which interrupted the
+force threaded handler.
+
+Now people noticed and started to change the spin_lock() in the handler to
+spin_lock_irqsave() which affects performance or add IRQF_NOTHREAD to the
+interrupt request which in turn breaks RT.
+
+Fix the root cause and not the symptom and disable interrupts before
+invoking the force threaded handler which preserves the regular semantics
+and the usefulness of the interrupt force threading as a general debugging
+tool.
+
+For not RT this is not changing much, except that during the execution of
+the threaded handler interrupts are delayed until the handler
+returns. Vs. scheduling and softirq processing there is no difference.
+
+For RT kernels there is no issue.
+
+Fixes: 8d32a307e4fa ("genirq: Provide forced interrupt threading")
+Reported-by: Johan Hovold <johan@kernel.org>
+Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
+Reviewed-by: Johan Hovold <johan@kernel.org>
+Acked-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de>
+Link: https://lore.kernel.org/r/20210317143859.513307808@linutronix.de
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ kernel/irq/manage.c | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+--- a/kernel/irq/manage.c
++++ b/kernel/irq/manage.c
+@@ -987,11 +987,15 @@ irq_forced_thread_fn(struct irq_desc *de
+ irqreturn_t ret;
+
+ local_bh_disable();
++ if (!IS_ENABLED(CONFIG_PREEMPT_RT))
++ local_irq_disable();
+ ret = action->thread_fn(action->irq, action->dev_id);
+ if (ret == IRQ_HANDLED)
+ atomic_inc(&desc->threads_handled);
+
+ irq_finalize_oneshot(desc, action);
++ if (!IS_ENABLED(CONFIG_PREEMPT_RT))
++ local_irq_enable();
+ local_bh_enable();
+ return ret;
+ }
kernel-fs-introduce-and-use-set_restart_fn-and-arch_set_restart_data.patch
x86-move-ts_compat-back-to-asm-thread_info.h.patch
x86-introduce-ts_compat_restart-to-fix-get_nr_restart_syscall.patch
+ext4-find-old-entry-again-if-failed-to-rename-whiteout.patch
+ext4-do-not-try-to-set-xattr-into-ea_inode-if-value-is-empty.patch
+ext4-fix-potential-error-in-ext4_do_update_inode.patch
+genirq-disable-interrupts-for-force-threaded-handlers.patch
+x86-apic-of-fix-cpu-devicetree-node-lookups.patch
--- /dev/null
+From dd926880da8dbbe409e709c1d3c1620729a94732 Mon Sep 17 00:00:00 2001
+From: Johan Hovold <johan@kernel.org>
+Date: Fri, 12 Mar 2021 10:20:33 +0100
+Subject: x86/apic/of: Fix CPU devicetree-node lookups
+
+From: Johan Hovold <johan@kernel.org>
+
+commit dd926880da8dbbe409e709c1d3c1620729a94732 upstream.
+
+Architectures that describe the CPU topology in devicetree and do not have
+an identity mapping between physical and logical CPU ids must override the
+default implementation of arch_match_cpu_phys_id().
+
+Failing to do so breaks CPU devicetree-node lookups using of_get_cpu_node()
+and of_cpu_device_node_get() which several drivers rely on. It also causes
+the CPU struct devices exported through sysfs to point to the wrong
+devicetree nodes.
+
+On x86, CPUs are described in devicetree using their APIC ids and those
+do not generally coincide with the logical ids, even if CPU0 typically
+uses APIC id 0.
+
+Add the missing implementation of arch_match_cpu_phys_id() so that CPU-node
+lookups work also with SMP.
+
+Apart from fixing the broken sysfs devicetree-node links this likely does
+not affect current users of mainline kernels on x86.
+
+Fixes: 4e07db9c8db8 ("x86/devicetree: Use CPU description from Device Tree")
+Signed-off-by: Johan Hovold <johan@kernel.org>
+Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
+Link: https://lore.kernel.org/r/20210312092033.26317-1-johan@kernel.org
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ arch/x86/kernel/apic/apic.c | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+--- a/arch/x86/kernel/apic/apic.c
++++ b/arch/x86/kernel/apic/apic.c
+@@ -2279,6 +2279,11 @@ static int cpuid_to_apicid[] = {
+ [0 ... NR_CPUS - 1] = -1,
+ };
+
++bool arch_match_cpu_phys_id(int cpu, u64 phys_id)
++{
++ return phys_id == cpuid_to_apicid[cpu];
++}
++
+ #ifdef CONFIG_SMP
+ /**
+ * apic_id_is_primary_thread - Check whether APIC ID belongs to a primary thread
projects / thirdparty / kernel / stable-queue.git / commitdiff
