From: Greg Kroah-Hartman Date: Thu, 27 Feb 2020 09:23:09 +0000 (+0100) Subject: 4.14-stable patches X-Git-Tag: v4.4.215~38 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=634e9c5feebeeb9e95a7760f73e288d0ecd052c9;p=thirdparty%2Fkernel%2Fstable-queue.git 4.14-stable patches added patches: btrfs-do-not-check-delayed-items-are-empty-for-single-transaction-cleanup.patch btrfs-fix-btrfs_wait_ordered_range-so-that-it-waits-for-all-ordered-extents.patch btrfs-fix-bytes_may_use-underflow-in-prealloc-error-condtition.patch kvm-apic-avoid-calculating-pending-eoi-from-an-uninitialized-val.patch kvm-nvmx-handle-nested-posted-interrupts-when-apicv-is-disabled-for-l1.patch --- diff --git a/queue-4.14/btrfs-do-not-check-delayed-items-are-empty-for-single-transaction-cleanup.patch b/queue-4.14/btrfs-do-not-check-delayed-items-are-empty-for-single-transaction-cleanup.patch new file mode 100644 index 00000000000..55210bcae0e --- /dev/null +++ b/queue-4.14/btrfs-do-not-check-delayed-items-are-empty-for-single-transaction-cleanup.patch @@ -0,0 +1,41 @@ +From 1e90315149f3fe148e114a5de86f0196d1c21fa5 Mon Sep 17 00:00:00 2001 +From: Josef Bacik +Date: Thu, 13 Feb 2020 10:47:29 -0500 +Subject: btrfs: do not check delayed items are empty for single transaction cleanup + +From: Josef Bacik + +commit 1e90315149f3fe148e114a5de86f0196d1c21fa5 upstream. + +btrfs_assert_delayed_root_empty() will check if the delayed root is +completely empty, but this is a filesystem-wide check. On cleanup we +may have allowed other transactions to begin, for whatever reason, and +thus the delayed root is not empty. + +So remove this check from cleanup_one_transation(). This however can +stay in btrfs_cleanup_transaction(), because it checks only after all of +the transactions have been properly cleaned up, and thus is valid. + +CC: stable@vger.kernel.org # 4.4+ +Reviewed-by: Johannes Thumshirn +Reviewed-by: Nikolay Borisov +Reviewed-by: Qu Wenruo +Signed-off-by: Josef Bacik +Reviewed-by: David Sterba +Signed-off-by: David Sterba +Signed-off-by: Greg Kroah-Hartman + +--- + fs/btrfs/disk-io.c | 1 - + 1 file changed, 1 deletion(-) + +--- a/fs/btrfs/disk-io.c ++++ b/fs/btrfs/disk-io.c +@@ -4394,7 +4394,6 @@ void btrfs_cleanup_one_transaction(struc + wake_up(&fs_info->transaction_wait); + + btrfs_destroy_delayed_inodes(fs_info); +- btrfs_assert_delayed_root_empty(fs_info); + + btrfs_destroy_marked_extents(fs_info, &cur_trans->dirty_pages, + EXTENT_DIRTY); diff --git a/queue-4.14/btrfs-fix-btrfs_wait_ordered_range-so-that-it-waits-for-all-ordered-extents.patch b/queue-4.14/btrfs-fix-btrfs_wait_ordered_range-so-that-it-waits-for-all-ordered-extents.patch new file mode 100644 index 00000000000..d778a8a32ca --- /dev/null +++ b/queue-4.14/btrfs-fix-btrfs_wait_ordered_range-so-that-it-waits-for-all-ordered-extents.patch @@ -0,0 +1,59 @@ +From e75fd33b3f744f644061a4f9662bd63f5434f806 Mon Sep 17 00:00:00 2001 +From: Filipe Manana +Date: Thu, 13 Feb 2020 12:29:50 +0000 +Subject: Btrfs: fix btrfs_wait_ordered_range() so that it waits for all ordered extents + +From: Filipe Manana + +commit e75fd33b3f744f644061a4f9662bd63f5434f806 upstream. + +In btrfs_wait_ordered_range() once we find an ordered extent that has +finished with an error we exit the loop and don't wait for any other +ordered extents that might be still in progress. + +All the users of btrfs_wait_ordered_range() expect that there are no more +ordered extents in progress after that function returns. So past fixes +such like the ones from the two following commits: + + ff612ba7849964 ("btrfs: fix panic during relocation after ENOSPC before + writeback happens") + + 28aeeac1dd3080 ("Btrfs: fix panic when starting bg cache writeout after + IO error") + +don't work when there are multiple ordered extents in the range. + +Fix that by making btrfs_wait_ordered_range() wait for all ordered extents +even after it finds one that had an error. + +Link: https://github.com/kdave/btrfs-progs/issues/228#issuecomment-569777554 +CC: stable@vger.kernel.org # 4.4+ +Reviewed-by: Qu Wenruo +Reviewed-by: Josef Bacik +Signed-off-by: Filipe Manana +Signed-off-by: David Sterba +Signed-off-by: Greg Kroah-Hartman + +--- + fs/btrfs/ordered-data.c | 7 ++++++- + 1 file changed, 6 insertions(+), 1 deletion(-) + +--- a/fs/btrfs/ordered-data.c ++++ b/fs/btrfs/ordered-data.c +@@ -838,10 +838,15 @@ int btrfs_wait_ordered_range(struct inod + } + btrfs_start_ordered_extent(inode, ordered, 1); + end = ordered->file_offset; ++ /* ++ * If the ordered extent had an error save the error but don't ++ * exit without waiting first for all other ordered extents in ++ * the range to complete. ++ */ + if (test_bit(BTRFS_ORDERED_IOERR, &ordered->flags)) + ret = -EIO; + btrfs_put_ordered_extent(ordered); +- if (ret || end == 0 || end == start) ++ if (end == 0 || end == start) + break; + end--; + } diff --git a/queue-4.14/btrfs-fix-bytes_may_use-underflow-in-prealloc-error-condtition.patch b/queue-4.14/btrfs-fix-bytes_may_use-underflow-in-prealloc-error-condtition.patch new file mode 100644 index 00000000000..e246b902470 --- /dev/null +++ b/queue-4.14/btrfs-fix-bytes_may_use-underflow-in-prealloc-error-condtition.patch @@ -0,0 +1,96 @@ +From b778cf962d71a0e737923d55d0432f3bd287258e Mon Sep 17 00:00:00 2001 +From: Josef Bacik +Date: Thu, 13 Feb 2020 10:47:31 -0500 +Subject: btrfs: fix bytes_may_use underflow in prealloc error condtition + +From: Josef Bacik + +commit b778cf962d71a0e737923d55d0432f3bd287258e upstream. + +I hit the following warning while running my error injection stress +testing: + + WARNING: CPU: 3 PID: 1453 at fs/btrfs/space-info.h:108 btrfs_free_reserved_data_space_noquota+0xfd/0x160 [btrfs] + RIP: 0010:btrfs_free_reserved_data_space_noquota+0xfd/0x160 [btrfs] + Call Trace: + btrfs_free_reserved_data_space+0x4f/0x70 [btrfs] + __btrfs_prealloc_file_range+0x378/0x470 [btrfs] + elfcorehdr_read+0x40/0x40 + ? elfcorehdr_read+0x40/0x40 + ? btrfs_commit_transaction+0xca/0xa50 [btrfs] + ? dput+0xb4/0x2a0 + ? btrfs_log_dentry_safe+0x55/0x70 [btrfs] + ? btrfs_sync_file+0x30e/0x420 [btrfs] + ? do_fsync+0x38/0x70 + ? __x64_sys_fdatasync+0x13/0x20 + ? do_syscall_64+0x5b/0x1b0 + ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 + +This happens if we fail to insert our reserved file extent. At this +point we've already converted our reservation from ->bytes_may_use to +->bytes_reserved. However once we break we will attempt to free +everything from [cur_offset, end] from ->bytes_may_use, but our extent +reservation will overlap part of this. + +Fix this problem by adding ins.offset (our extent allocation size) to +cur_offset so we remove the actual remaining part from ->bytes_may_use. + +I validated this fix using my inject-error.py script + +python inject-error.py -o should_fail_bio -t cache_save_setup -t \ + __btrfs_prealloc_file_range \ + -t insert_reserved_file_extent.constprop.0 \ + -r "-5" ./run-fsstress.sh + +where run-fsstress.sh simply mounts and runs fsstress on a disk. + +CC: stable@vger.kernel.org # 4.4+ +Reviewed-by: Qu Wenruo +Signed-off-by: Josef Bacik +Reviewed-by: David Sterba +Signed-off-by: David Sterba +Signed-off-by: Greg Kroah-Hartman + +--- + fs/btrfs/inode.c | 16 +++++++++++++--- + 1 file changed, 13 insertions(+), 3 deletions(-) + +--- a/fs/btrfs/inode.c ++++ b/fs/btrfs/inode.c +@@ -10639,6 +10639,7 @@ static int __btrfs_prealloc_file_range(s + struct btrfs_root *root = BTRFS_I(inode)->root; + struct btrfs_key ins; + u64 cur_offset = start; ++ u64 clear_offset = start; + u64 i_size; + u64 cur_bytes; + u64 last_alloc = (u64)-1; +@@ -10673,6 +10674,15 @@ static int __btrfs_prealloc_file_range(s + btrfs_end_transaction(trans); + break; + } ++ ++ /* ++ * We've reserved this space, and thus converted it from ++ * ->bytes_may_use to ->bytes_reserved. Any error that happens ++ * from here on out we will only need to clear our reservation ++ * for the remaining unreserved area, so advance our ++ * clear_offset by our extent size. ++ */ ++ clear_offset += ins.offset; + btrfs_dec_block_group_reservations(fs_info, ins.objectid); + + last_alloc = ins.offset; +@@ -10753,9 +10763,9 @@ next: + if (own_trans) + btrfs_end_transaction(trans); + } +- if (cur_offset < end) +- btrfs_free_reserved_data_space(inode, NULL, cur_offset, +- end - cur_offset + 1); ++ if (clear_offset < end) ++ btrfs_free_reserved_data_space(inode, NULL, clear_offset, ++ end - clear_offset + 1); + return ret; + } + diff --git a/queue-4.14/kvm-apic-avoid-calculating-pending-eoi-from-an-uninitialized-val.patch b/queue-4.14/kvm-apic-avoid-calculating-pending-eoi-from-an-uninitialized-val.patch new file mode 100644 index 00000000000..2dc391f2a13 --- /dev/null +++ b/queue-4.14/kvm-apic-avoid-calculating-pending-eoi-from-an-uninitialized-val.patch @@ -0,0 +1,38 @@ +From 23520b2def95205f132e167cf5b25c609975e959 Mon Sep 17 00:00:00 2001 +From: Miaohe Lin +Date: Fri, 21 Feb 2020 22:04:46 +0800 +Subject: KVM: apic: avoid calculating pending eoi from an uninitialized val + +From: Miaohe Lin + +commit 23520b2def95205f132e167cf5b25c609975e959 upstream. + +When pv_eoi_get_user() fails, 'val' may remain uninitialized and the return +value of pv_eoi_get_pending() becomes random. Fix the issue by initializing +the variable. + +Reviewed-by: Vitaly Kuznetsov +Signed-off-by: Miaohe Lin +Cc: stable@vger.kernel.org +Signed-off-by: Paolo Bonzini +Signed-off-by: Greg Kroah-Hartman + +--- + arch/x86/kvm/lapic.c | 4 +++- + 1 file changed, 3 insertions(+), 1 deletion(-) + +--- a/arch/x86/kvm/lapic.c ++++ b/arch/x86/kvm/lapic.c +@@ -566,9 +566,11 @@ static inline bool pv_eoi_enabled(struct + static bool pv_eoi_get_pending(struct kvm_vcpu *vcpu) + { + u8 val; +- if (pv_eoi_get_user(vcpu, &val) < 0) ++ if (pv_eoi_get_user(vcpu, &val) < 0) { + apic_debug("Can't read EOI MSR value: 0x%llx\n", + (unsigned long long)vcpu->arch.pv_eoi.msr_val); ++ return false; ++ } + return val & 0x1; + } + diff --git a/queue-4.14/kvm-nvmx-handle-nested-posted-interrupts-when-apicv-is-disabled-for-l1.patch b/queue-4.14/kvm-nvmx-handle-nested-posted-interrupts-when-apicv-is-disabled-for-l1.patch new file mode 100644 index 00000000000..e3c75bada47 --- /dev/null +++ b/queue-4.14/kvm-nvmx-handle-nested-posted-interrupts-when-apicv-is-disabled-for-l1.patch @@ -0,0 +1,113 @@ +From 91a5f413af596ad01097e59bf487eb07cb3f1331 Mon Sep 17 00:00:00 2001 +From: Vitaly Kuznetsov +Date: Thu, 20 Feb 2020 18:22:05 +0100 +Subject: KVM: nVMX: handle nested posted interrupts when apicv is disabled for L1 + +From: Vitaly Kuznetsov + +commit 91a5f413af596ad01097e59bf487eb07cb3f1331 upstream. + +Even when APICv is disabled for L1 it can (and, actually, is) still +available for L2, this means we need to always call +vmx_deliver_nested_posted_interrupt() when attempting an interrupt +delivery. + +Suggested-by: Paolo Bonzini +Signed-off-by: Vitaly Kuznetsov +Cc: stable@vger.kernel.org +Signed-off-by: Paolo Bonzini +Signed-off-by: Greg Kroah-Hartman + +--- + arch/x86/include/asm/kvm_host.h | 2 +- + arch/x86/kvm/lapic.c | 5 +---- + arch/x86/kvm/svm.c | 7 ++++++- + arch/x86/kvm/vmx.c | 13 +++++++++---- + 4 files changed, 17 insertions(+), 10 deletions(-) + +--- a/arch/x86/include/asm/kvm_host.h ++++ b/arch/x86/include/asm/kvm_host.h +@@ -1006,7 +1006,7 @@ struct kvm_x86_ops { + void (*load_eoi_exitmap)(struct kvm_vcpu *vcpu, u64 *eoi_exit_bitmap); + void (*set_virtual_apic_mode)(struct kvm_vcpu *vcpu); + void (*set_apic_access_page_addr)(struct kvm_vcpu *vcpu, hpa_t hpa); +- void (*deliver_posted_interrupt)(struct kvm_vcpu *vcpu, int vector); ++ int (*deliver_posted_interrupt)(struct kvm_vcpu *vcpu, int vector); + int (*sync_pir_to_irr)(struct kvm_vcpu *vcpu); + int (*set_tss_addr)(struct kvm *kvm, unsigned int addr); + int (*get_tdp_level)(struct kvm_vcpu *vcpu); +--- a/arch/x86/kvm/lapic.c ++++ b/arch/x86/kvm/lapic.c +@@ -993,11 +993,8 @@ static int __apic_accept_irq(struct kvm_ + apic_clear_vector(vector, apic->regs + APIC_TMR); + } + +- if (vcpu->arch.apicv_active) +- kvm_x86_ops->deliver_posted_interrupt(vcpu, vector); +- else { ++ if (kvm_x86_ops->deliver_posted_interrupt(vcpu, vector)) { + kvm_lapic_set_irr(vector, apic); +- + kvm_make_request(KVM_REQ_EVENT, vcpu); + kvm_vcpu_kick(vcpu); + } +--- a/arch/x86/kvm/svm.c ++++ b/arch/x86/kvm/svm.c +@@ -4631,8 +4631,11 @@ static void svm_load_eoi_exitmap(struct + return; + } + +-static void svm_deliver_avic_intr(struct kvm_vcpu *vcpu, int vec) ++static int svm_deliver_avic_intr(struct kvm_vcpu *vcpu, int vec) + { ++ if (!vcpu->arch.apicv_active) ++ return -1; ++ + kvm_lapic_set_irr(vec, vcpu->arch.apic); + smp_mb__after_atomic(); + +@@ -4641,6 +4644,8 @@ static void svm_deliver_avic_intr(struct + kvm_cpu_get_apicid(vcpu->cpu)); + else + kvm_vcpu_wake_up(vcpu); ++ ++ return 0; + } + + static bool svm_dy_apicv_has_pending_interrupt(struct kvm_vcpu *vcpu) +--- a/arch/x86/kvm/vmx.c ++++ b/arch/x86/kvm/vmx.c +@@ -5541,24 +5541,29 @@ static int vmx_deliver_nested_posted_int + * 2. If target vcpu isn't running(root mode), kick it to pick up the + * interrupt from PIR in next vmentry. + */ +-static void vmx_deliver_posted_interrupt(struct kvm_vcpu *vcpu, int vector) ++static int vmx_deliver_posted_interrupt(struct kvm_vcpu *vcpu, int vector) + { + struct vcpu_vmx *vmx = to_vmx(vcpu); + int r; + + r = vmx_deliver_nested_posted_interrupt(vcpu, vector); + if (!r) +- return; ++ return 0; ++ ++ if (!vcpu->arch.apicv_active) ++ return -1; + + if (pi_test_and_set_pir(vector, &vmx->pi_desc)) +- return; ++ return 0; + + /* If a previous notification has sent the IPI, nothing to do. */ + if (pi_test_and_set_on(&vmx->pi_desc)) +- return; ++ return 0; + + if (!kvm_vcpu_trigger_posted_interrupt(vcpu, false)) + kvm_vcpu_kick(vcpu); ++ ++ return 0; + } + + /* diff --git a/queue-4.14/series b/queue-4.14/series index da8f164f82f..163edf18344 100644 --- a/queue-4.14/series +++ b/queue-4.14/series @@ -215,3 +215,8 @@ ext4-rename-s_journal_flag_rwsem-to-s_writepages_rwsem.patch ext4-fix-race-between-writepages-and-enabling-ext4_extents_fl.patch kvm-nvmx-refactor-io-bitmap-checks-into-helper-function.patch kvm-nvmx-check-io-instruction-vm-exit-conditions.patch +kvm-nvmx-handle-nested-posted-interrupts-when-apicv-is-disabled-for-l1.patch +kvm-apic-avoid-calculating-pending-eoi-from-an-uninitialized-val.patch +btrfs-fix-bytes_may_use-underflow-in-prealloc-error-condtition.patch +btrfs-do-not-check-delayed-items-are-empty-for-single-transaction-cleanup.patch +btrfs-fix-btrfs_wait_ordered_range-so-that-it-waits-for-all-ordered-extents.patch