From: Greg Kroah-Hartman Date: Fri, 7 Jul 2017 09:10:25 +0000 (+0200) Subject: 4.4-stable patches X-Git-Tag: v4.9.37~36 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=6ba3fec62d3eaf25080a361273b5b9d1d3e6ec31;p=thirdparty%2Fkernel%2Fstable-queue.git 4.4-stable patches added patches: bgmac-reset-enable-ethernet-core-before-using-it.patch mm-fix-classzone_idx-underflow-in-shrink_zones.patch tracing-kprobes-allow-to-create-probe-with-a-module-name-starting-with-a-digit.patch --- diff --git a/queue-4.4/bgmac-reset-enable-ethernet-core-before-using-it.patch b/queue-4.4/bgmac-reset-enable-ethernet-core-before-using-it.patch new file mode 100644 index 00000000000..766b33ffc45 --- /dev/null +++ b/queue-4.4/bgmac-reset-enable-ethernet-core-before-using-it.patch @@ -0,0 +1,40 @@ +From b4dfd8e92956b396d3438212bc9a0be6267b8b34 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Rafa=C5=82=20Mi=C5=82ecki?= +Date: Tue, 12 Apr 2016 13:30:45 +0200 +Subject: bgmac: reset & enable Ethernet core before using it +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +From: Rafał Miłecki + +commit b4dfd8e92956b396d3438212bc9a0be6267b8b34 upstream. + +This fixes Ethernet on D-Link DIR-885L with BCM47094 SoC. Felix reported +similar fix was needed for his BCM4709 device (Buffalo WXR-1900DHP?). +I tested this for regressions on BCM4706, BCM4708A0 and BCM47081A0. + +Cc: Felix Fietkau +Signed-off-by: Rafał Miłecki +Signed-off-by: David S. Miller +Signed-off-by: Amit Pundir +Signed-off-by: Greg Kroah-Hartman + +--- + drivers/net/ethernet/broadcom/bgmac.c | 5 +++++ + 1 file changed, 5 insertions(+) + +--- a/drivers/net/ethernet/broadcom/bgmac.c ++++ b/drivers/net/ethernet/broadcom/bgmac.c +@@ -1583,6 +1583,11 @@ static int bgmac_probe(struct bcma_devic + dev_warn(&core->dev, "Using random MAC: %pM\n", mac); + } + ++ /* This (reset &) enable is not preset in specs or reference driver but ++ * Broadcom does it in arch PCI code when enabling fake PCI device. ++ */ ++ bcma_core_enable(core, 0); ++ + /* Allocation and references */ + net_dev = alloc_etherdev(sizeof(*bgmac)); + if (!net_dev) diff --git a/queue-4.4/mm-fix-classzone_idx-underflow-in-shrink_zones.patch b/queue-4.4/mm-fix-classzone_idx-underflow-in-shrink_zones.patch new file mode 100644 index 00000000000..ed623f19d20 --- /dev/null +++ b/queue-4.4/mm-fix-classzone_idx-underflow-in-shrink_zones.patch @@ -0,0 +1,117 @@ +From vbabka@suse.cz Fri Jul 7 11:06:31 2017 +From: Vlastimil Babka +Date: Tue, 4 Jul 2017 10:45:43 +0200 +Subject: mm: fix classzone_idx underflow in shrink_zones() +To: stable +Cc: Johannes Weiner , Minchan Kim , Michal Hocko , linux-mm , LKML , Mel Gorman +Message-ID: + +From: Vlastimil Babka + +[Not upstream as that would take 34+ patches] + +We've got reported a BUG in do_try_to_free_pages(): + +BUG: unable to handle kernel paging request at ffff8ffffff28990 +IP: [] do_try_to_free_pages+0x140/0x490 +PGD 0 +Oops: 0000 [#1] SMP +megaraid_sas sg scsi_mod efivarfs autofs4 +Supported: No, Unsupported modules are loaded +Workqueue: kacpi_hotplug acpi_hotplug_work_fn +task: ffff88ffd0d4c540 ti: ffff88ffd0e48000 task.ti: ffff88ffd0e48000 +RIP: 0010:[] [] do_try_to_free_pages+0x140/0x490 +RSP: 0018:ffff88ffd0e4ba60 EFLAGS: 00010206 +RAX: 000006fffffff900 RBX: 00000000ffffffff RCX: ffff88fffff29000 +RDX: 000000ffffffff00 RSI: 0000000000000003 RDI: 00000000024200c8 +RBP: 0000000001320122 R08: 0000000000000000 R09: ffff88ffd0e4bbac +R10: 0000000000000000 R11: 0000000000000000 R12: ffff88ffd0e4bae0 +R13: 0000000000000e00 R14: ffff88fffff2a500 R15: ffff88fffff2b300 +FS: 0000000000000000(0000) GS:ffff88ffe6440000(0000) knlGS:0000000000000000 +CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 +CR2: ffff8ffffff28990 CR3: 0000000001c0a000 CR4: 00000000003406e0 +DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 +DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 +Stack: + 00000002db570a80 024200c80000001e ffff88fffff2b300 0000000000000000 + ffff88fffffd5700 ffff88ffd0d4c540 ffff88ffd0d4c540 ffffffff0000000c + 0000000000000000 0000000000000040 00000000024200c8 ffff88ffd0e4bae0 +Call Trace: + [] try_to_free_pages+0xba/0x170 + [] __alloc_pages_nodemask+0x53f/0xb20 + [] alloc_pages_current+0x7f/0x100 + [] migrate_pages+0x202/0x710 + [] __offline_pages.constprop.23+0x4ba/0x790 + [] memory_subsys_offline+0x43/0x70 + [] device_offline+0x7d/0xa0 + [] acpi_bus_offline+0xa5/0xef + [] acpi_device_hotplug+0x21b/0x41f + [] acpi_hotplug_work_fn+0x1a/0x23 + [] process_one_work+0x14e/0x410 + [] worker_thread+0x116/0x490 + [] kthread+0xbd/0xe0 + [] ret_from_fork+0x3f/0x70 + +This translates to the loop in shrink_zone(): + +classzone_idx = requested_highidx; +while (!populated_zone(zone->zone_pgdat->node_zones + + classzone_idx)) + classzone_idx--; + +where no zone is populated, so classzone_idx becomes -1 (in RBX). + +Added debugging output reveals that we enter the function with +sc->gfp_mask == GFP_NOFS|__GFP_NOFAIL|__GFP_HARDWALL|__GFP_MOVABLE +requested_highidx = gfp_zone(sc->gfp_mask) == 2 (ZONE_NORMAL) + +Inside the for loop, however: +gfp_zone(sc->gfp_mask) == 3 (ZONE_MOVABLE) + +This means we have gone through this branch: + +if (buffer_heads_over_limit) + sc->gfp_mask |= __GFP_HIGHMEM; + +This changes the gfp_zone() result, but requested_highidx remains unchanged. +On nodes where the only populated zone is movable, the inner while loop will +check only lower zones, which are not populated, and underflow classzone_idx. + +To sum up, the bug occurs in configurations with ZONE_MOVABLE (such as when +booted with the movable_node parameter) and only in situations when +buffer_heads_over_limit is true, and there's an allocation with __GFP_MOVABLE +and without __GFP_HIGHMEM performing direct reclaim. + +This patch makes sure that classzone_idx starts with the correct zone. + +Mainline has been affected in versions 4.6 and 4.7, but the culprit commit has +been also included in stable trees. +In mainline, this has been fixed accidentally as part of 34-patch series (plus +follow-up fixes) "Move LRU page reclaim from zones to nodes", which makes the +mainline commit unsuitable for stable backport, unfortunately. + +Fixes: 7bf52fb891b6 ("mm: vmscan: reclaim highmem zone if buffer_heads is over limit") +Obsoleted-by: b2e18757f2c9 ("mm, vmscan: begin reclaiming pages on a per-node basis") +Debugged-by: Michal Hocko +Signed-off-by: Vlastimil Babka +Cc: Minchan Kim +Cc: Johannes Weiner +Acked-by: Mel Gorman +Acked-by: Michal Hocko +Signed-off-by: Greg Kroah-Hartman + +--- + mm/vmscan.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/mm/vmscan.c ++++ b/mm/vmscan.c +@@ -2529,7 +2529,7 @@ static bool shrink_zones(struct zonelist + if (!populated_zone(zone)) + continue; + +- classzone_idx = requested_highidx; ++ classzone_idx = gfp_zone(sc->gfp_mask); + while (!populated_zone(zone->zone_pgdat->node_zones + + classzone_idx)) + classzone_idx--; diff --git a/queue-4.4/series b/queue-4.4/series index df8b01e298e..6f2379f46bb 100644 --- a/queue-4.4/series +++ b/queue-4.4/series @@ -1,3 +1,6 @@ fs-add-a-valid_open_flags.patch fs-completely-ignore-unknown-open-flags.patch driver-core-platform-fix-race-condition-with-driver_override.patch +bgmac-reset-enable-ethernet-core-before-using-it.patch +mm-fix-classzone_idx-underflow-in-shrink_zones.patch +tracing-kprobes-allow-to-create-probe-with-a-module-name-starting-with-a-digit.patch diff --git a/queue-4.4/tracing-kprobes-allow-to-create-probe-with-a-module-name-starting-with-a-digit.patch b/queue-4.4/tracing-kprobes-allow-to-create-probe-with-a-module-name-starting-with-a-digit.patch new file mode 100644 index 00000000000..055054b9d37 --- /dev/null +++ b/queue-4.4/tracing-kprobes-allow-to-create-probe-with-a-module-name-starting-with-a-digit.patch @@ -0,0 +1,74 @@ +From 9e52b32567126fe146f198971364f68d3bc5233f Mon Sep 17 00:00:00 2001 +From: Sabrina Dubroca +Date: Thu, 22 Jun 2017 11:24:42 +0200 +Subject: tracing/kprobes: Allow to create probe with a module name starting with a digit + +From: Sabrina Dubroca + +commit 9e52b32567126fe146f198971364f68d3bc5233f upstream. + +Always try to parse an address, since kstrtoul() will safely fail when +given a symbol as input. If that fails (which will be the case for a +symbol), try to parse a symbol instead. + +This allows creating a probe such as: + + p:probe/vlan_gro_receive 8021q:vlan_gro_receive+0 + +Which is necessary for this command to work: + + perf probe -m 8021q -a vlan_gro_receive + +Link: http://lkml.kernel.org/r/fd72d666f45b114e2c5b9cf7e27b91de1ec966f1.1498122881.git.sd@queasysnail.net + +Fixes: 413d37d1e ("tracing: Add kprobe-based event tracer") +Acked-by: Masami Hiramatsu +Signed-off-by: Sabrina Dubroca +Signed-off-by: Steven Rostedt (VMware) +Signed-off-by: Greg Kroah-Hartman + +--- + kernel/trace/trace_kprobe.c | 21 ++++++++------------- + 1 file changed, 8 insertions(+), 13 deletions(-) + +--- a/kernel/trace/trace_kprobe.c ++++ b/kernel/trace/trace_kprobe.c +@@ -659,30 +659,25 @@ static int create_trace_kprobe(int argc, + pr_info("Probe point is not specified.\n"); + return -EINVAL; + } +- if (isdigit(argv[1][0])) { +- if (is_return) { +- pr_info("Return probe point must be a symbol.\n"); +- return -EINVAL; +- } +- /* an address specified */ +- ret = kstrtoul(&argv[1][0], 0, (unsigned long *)&addr); +- if (ret) { +- pr_info("Failed to parse address.\n"); +- return ret; +- } +- } else { ++ ++ /* try to parse an address. if that fails, try to read the ++ * input as a symbol. */ ++ if (kstrtoul(argv[1], 0, (unsigned long *)&addr)) { + /* a symbol specified */ + symbol = argv[1]; + /* TODO: support .init module functions */ + ret = traceprobe_split_symbol_offset(symbol, &offset); + if (ret) { +- pr_info("Failed to parse symbol.\n"); ++ pr_info("Failed to parse either an address or a symbol.\n"); + return ret; + } + if (offset && is_return) { + pr_info("Return probe must be used without offset.\n"); + return -EINVAL; + } ++ } else if (is_return) { ++ pr_info("Return probe point must be a symbol.\n"); ++ return -EINVAL; + } + argc -= 2; argv += 2; +