From: Greg Kroah-Hartman Date: Mon, 6 Jan 2020 12:46:44 +0000 (+0100) Subject: 4.14-stable patches X-Git-Tag: v4.14.163~46 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=73e0239c985dd6256bb76a59351c2508504b453b;p=thirdparty%2Fkernel%2Fstable-queue.git 4.14-stable patches added patches: compat_ioctl-block-handle-blkreportzone-blkresetzone.patch compat_ioctl-block-handle-persistent-reservations.patch dmaengine-fix-access-to-uninitialized-dma_slave_caps.patch locks-print-unsigned-ino-in-proc-locks.patch memcg-account-security-cred-as-well-to-kmemcg.patch mm-zsmalloc.c-fix-the-migrated-zspage-statistics.patch pstore-ram-write-new-dumps-to-start-of-recycled-zones.patch --- diff --git a/queue-4.14/compat_ioctl-block-handle-blkreportzone-blkresetzone.patch b/queue-4.14/compat_ioctl-block-handle-blkreportzone-blkresetzone.patch new file mode 100644 index 00000000000..653712f78d9 --- /dev/null +++ b/queue-4.14/compat_ioctl-block-handle-blkreportzone-blkresetzone.patch @@ -0,0 +1,34 @@ +From 673bdf8ce0a387ef585c13b69a2676096c6edfe9 Mon Sep 17 00:00:00 2001 +From: Arnd Bergmann +Date: Fri, 29 Nov 2019 11:28:22 +0100 +Subject: compat_ioctl: block: handle BLKREPORTZONE/BLKRESETZONE + +From: Arnd Bergmann + +commit 673bdf8ce0a387ef585c13b69a2676096c6edfe9 upstream. + +These were added to blkdev_ioctl() but not blkdev_compat_ioctl, +so add them now. + +Cc: # v4.10+ +Fixes: 3ed05a987e0f ("blk-zoned: implement ioctls") +Reviewed-by: Damien Le Moal +Signed-off-by: Arnd Bergmann +Signed-off-by: Jens Axboe +Signed-off-by: Greg Kroah-Hartman + +--- + block/compat_ioctl.c | 2 ++ + 1 file changed, 2 insertions(+) + +--- a/block/compat_ioctl.c ++++ b/block/compat_ioctl.c +@@ -355,6 +355,8 @@ long compat_blkdev_ioctl(struct file *fi + * but we call blkdev_ioctl, which gets the lock for us + */ + case BLKRRPART: ++ case BLKREPORTZONE: ++ case BLKRESETZONE: + return blkdev_ioctl(bdev, mode, cmd, + (unsigned long)compat_ptr(arg)); + case BLKBSZSET_32: diff --git a/queue-4.14/compat_ioctl-block-handle-persistent-reservations.patch b/queue-4.14/compat_ioctl-block-handle-persistent-reservations.patch new file mode 100644 index 00000000000..a749dbd3418 --- /dev/null +++ b/queue-4.14/compat_ioctl-block-handle-persistent-reservations.patch @@ -0,0 +1,50 @@ +From b2c0fcd28772f99236d261509bcd242135677965 Mon Sep 17 00:00:00 2001 +From: Arnd Bergmann +Date: Fri, 29 Nov 2019 11:28:22 +0100 +Subject: compat_ioctl: block: handle Persistent Reservations + +From: Arnd Bergmann + +commit b2c0fcd28772f99236d261509bcd242135677965 upstream. + +These were added to blkdev_ioctl() in linux-5.5 but not +blkdev_compat_ioctl, so add them now. + +Cc: # v4.4+ +Fixes: bbd3e064362e ("block: add an API for Persistent Reservations") +Signed-off-by: Arnd Bergmann +Signed-off-by: Greg Kroah-Hartman + +Fold in followup patch from Arnd with missing pr.h header include. + +Signed-off-by: Jens Axboe + +--- + block/compat_ioctl.c | 9 +++++++++ + 1 file changed, 9 insertions(+) + +--- a/block/compat_ioctl.c ++++ b/block/compat_ioctl.c +@@ -6,6 +6,7 @@ + #include + #include + #include ++#include + #include + #include + #include +@@ -401,6 +402,14 @@ long compat_blkdev_ioctl(struct file *fi + case BLKTRACETEARDOWN: /* compatible */ + ret = blk_trace_ioctl(bdev, cmd, compat_ptr(arg)); + return ret; ++ case IOC_PR_REGISTER: ++ case IOC_PR_RESERVE: ++ case IOC_PR_RELEASE: ++ case IOC_PR_PREEMPT: ++ case IOC_PR_PREEMPT_ABORT: ++ case IOC_PR_CLEAR: ++ return blkdev_ioctl(bdev, mode, cmd, ++ (unsigned long)compat_ptr(arg)); + default: + if (disk->fops->compat_ioctl) + ret = disk->fops->compat_ioctl(bdev, mode, cmd, arg); diff --git a/queue-4.14/dmaengine-fix-access-to-uninitialized-dma_slave_caps.patch b/queue-4.14/dmaengine-fix-access-to-uninitialized-dma_slave_caps.patch new file mode 100644 index 00000000000..c4a74cd0882 --- /dev/null +++ b/queue-4.14/dmaengine-fix-access-to-uninitialized-dma_slave_caps.patch @@ -0,0 +1,57 @@ +From 53a256a9b925b47c7e67fc1f16ca41561a7b877c Mon Sep 17 00:00:00 2001 +From: Lukas Wunner +Date: Thu, 5 Dec 2019 12:54:49 +0100 +Subject: dmaengine: Fix access to uninitialized dma_slave_caps + +From: Lukas Wunner + +commit 53a256a9b925b47c7e67fc1f16ca41561a7b877c upstream. + +dmaengine_desc_set_reuse() allocates a struct dma_slave_caps on the +stack, populates it using dma_get_slave_caps() and then accesses one +of its members. + +However dma_get_slave_caps() may fail and this isn't accounted for, +leading to a legitimate warning of gcc-4.9 (but not newer versions): + + In file included from drivers/spi/spi-bcm2835.c:19:0: + drivers/spi/spi-bcm2835.c: In function 'dmaengine_desc_set_reuse': +>> include/linux/dmaengine.h:1370:10: warning: 'caps.descriptor_reuse' is used uninitialized in this function [-Wuninitialized] + if (caps.descriptor_reuse) { + +Fix it, thereby also silencing the gcc-4.9 warning. + +The issue has been present for 4 years but surfaces only now that +the first caller of dmaengine_desc_set_reuse() has been added in +spi-bcm2835.c. Another user of reusable DMA descriptors has existed +for a while in pxa_camera.c, but it sets the DMA_CTRL_REUSE flag +directly instead of calling dmaengine_desc_set_reuse(). Nevertheless, +tag this commit for stable in case there are out-of-tree users. + +Fixes: 272420214d26 ("dmaengine: Add DMA_CTRL_REUSE") +Reported-by: kbuild test robot +Signed-off-by: Lukas Wunner +Cc: stable@vger.kernel.org # v4.3+ +Link: https://lore.kernel.org/r/ca92998ccc054b4f2bfd60ef3adbab2913171eac.1575546234.git.lukas@wunner.de +Signed-off-by: Vinod Koul +Signed-off-by: Greg Kroah-Hartman + +--- + include/linux/dmaengine.h | 5 ++++- + 1 file changed, 4 insertions(+), 1 deletion(-) + +--- a/include/linux/dmaengine.h ++++ b/include/linux/dmaengine.h +@@ -1362,8 +1362,11 @@ static inline int dma_get_slave_caps(str + static inline int dmaengine_desc_set_reuse(struct dma_async_tx_descriptor *tx) + { + struct dma_slave_caps caps; ++ int ret; + +- dma_get_slave_caps(tx->chan, &caps); ++ ret = dma_get_slave_caps(tx->chan, &caps); ++ if (ret) ++ return ret; + + if (caps.descriptor_reuse) { + tx->flags |= DMA_CTRL_REUSE; diff --git a/queue-4.14/locks-print-unsigned-ino-in-proc-locks.patch b/queue-4.14/locks-print-unsigned-ino-in-proc-locks.patch new file mode 100644 index 00000000000..8ceb156ff82 --- /dev/null +++ b/queue-4.14/locks-print-unsigned-ino-in-proc-locks.patch @@ -0,0 +1,31 @@ +From 98ca480a8f22fdbd768e3dad07024c8d4856576c Mon Sep 17 00:00:00 2001 +From: Amir Goldstein +Date: Sun, 22 Dec 2019 20:45:28 +0200 +Subject: locks: print unsigned ino in /proc/locks + +From: Amir Goldstein + +commit 98ca480a8f22fdbd768e3dad07024c8d4856576c upstream. + +An ino is unsigned, so display it as such in /proc/locks. + +Cc: stable@vger.kernel.org +Signed-off-by: Amir Goldstein +Signed-off-by: Jeff Layton +Signed-off-by: Greg Kroah-Hartman + +--- + fs/locks.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/fs/locks.c ++++ b/fs/locks.c +@@ -2691,7 +2691,7 @@ static void lock_get_status(struct seq_f + } + if (inode) { + /* userspace relies on this representation of dev_t */ +- seq_printf(f, "%d %02x:%02x:%ld ", fl_pid, ++ seq_printf(f, "%d %02x:%02x:%lu ", fl_pid, + MAJOR(inode->i_sb->s_dev), + MINOR(inode->i_sb->s_dev), inode->i_ino); + } else { diff --git a/queue-4.14/memcg-account-security-cred-as-well-to-kmemcg.patch b/queue-4.14/memcg-account-security-cred-as-well-to-kmemcg.patch new file mode 100644 index 00000000000..278b3ee095b --- /dev/null +++ b/queue-4.14/memcg-account-security-cred-as-well-to-kmemcg.patch @@ -0,0 +1,66 @@ +From 84029fd04c201a4c7e0b07ba262664900f47c6f5 Mon Sep 17 00:00:00 2001 +From: Shakeel Butt +Date: Sat, 4 Jan 2020 12:59:43 -0800 +Subject: memcg: account security cred as well to kmemcg + +From: Shakeel Butt + +commit 84029fd04c201a4c7e0b07ba262664900f47c6f5 upstream. + +The cred_jar kmem_cache is already memcg accounted in the current kernel +but cred->security is not. Account cred->security to kmemcg. + +Recently we saw high root slab usage on our production and on further +inspection, we found a buggy application leaking processes. Though that +buggy application was contained within its memcg but we observe much +more system memory overhead, couple of GiBs, during that period. This +overhead can adversely impact the isolation on the system. + +One source of high overhead we found was cred->security objects, which +have a lifetime of at least the life of the process which allocated +them. + +Link: http://lkml.kernel.org/r/20191205223721.40034-1-shakeelb@google.com +Signed-off-by: Shakeel Butt +Acked-by: Chris Down +Reviewed-by: Roman Gushchin +Acked-by: Michal Hocko +Cc: Johannes Weiner +Cc: +Signed-off-by: Andrew Morton +Signed-off-by: Linus Torvalds +Signed-off-by: Greg Kroah-Hartman + +--- + kernel/cred.c | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +--- a/kernel/cred.c ++++ b/kernel/cred.c +@@ -220,7 +220,7 @@ struct cred *cred_alloc_blank(void) + new->magic = CRED_MAGIC; + #endif + +- if (security_cred_alloc_blank(new, GFP_KERNEL) < 0) ++ if (security_cred_alloc_blank(new, GFP_KERNEL_ACCOUNT) < 0) + goto error; + + return new; +@@ -279,7 +279,7 @@ struct cred *prepare_creds(void) + new->security = NULL; + #endif + +- if (security_prepare_creds(new, old, GFP_KERNEL) < 0) ++ if (security_prepare_creds(new, old, GFP_KERNEL_ACCOUNT) < 0) + goto error; + validate_creds(new); + return new; +@@ -654,7 +654,7 @@ struct cred *prepare_kernel_cred(struct + #ifdef CONFIG_SECURITY + new->security = NULL; + #endif +- if (security_prepare_creds(new, old, GFP_KERNEL) < 0) ++ if (security_prepare_creds(new, old, GFP_KERNEL_ACCOUNT) < 0) + goto error; + + put_cred(old); diff --git a/queue-4.14/mm-zsmalloc.c-fix-the-migrated-zspage-statistics.patch b/queue-4.14/mm-zsmalloc.c-fix-the-migrated-zspage-statistics.patch new file mode 100644 index 00000000000..402178ffec8 --- /dev/null +++ b/queue-4.14/mm-zsmalloc.c-fix-the-migrated-zspage-statistics.patch @@ -0,0 +1,42 @@ +From ac8f05da5174c560de122c499ce5dfb5d0dfbee5 Mon Sep 17 00:00:00 2001 +From: Chanho Min +Date: Sat, 4 Jan 2020 12:59:36 -0800 +Subject: mm/zsmalloc.c: fix the migrated zspage statistics. + +From: Chanho Min + +commit ac8f05da5174c560de122c499ce5dfb5d0dfbee5 upstream. + +When zspage is migrated to the other zone, the zone page state should be +updated as well, otherwise the NR_ZSPAGE for each zone shows wrong +counts including proc/zoneinfo in practice. + +Link: http://lkml.kernel.org/r/1575434841-48009-1-git-send-email-chanho.min@lge.com +Fixes: 91537fee0013 ("mm: add NR_ZSMALLOC to vmstat") +Signed-off-by: Chanho Min +Signed-off-by: Jinsuk Choi +Reviewed-by: Sergey Senozhatsky +Acked-by: Minchan Kim +Cc: [4.9+] +Signed-off-by: Andrew Morton +Signed-off-by: Linus Torvalds +Signed-off-by: Greg Kroah-Hartman + +--- + mm/zsmalloc.c | 5 +++++ + 1 file changed, 5 insertions(+) + +--- a/mm/zsmalloc.c ++++ b/mm/zsmalloc.c +@@ -2088,6 +2088,11 @@ int zs_page_migrate(struct address_space + zs_pool_dec_isolated(pool); + } + ++ if (page_zone(newpage) != page_zone(page)) { ++ dec_zone_page_state(page, NR_ZSPAGES); ++ inc_zone_page_state(newpage, NR_ZSPAGES); ++ } ++ + reset_page(page); + put_page(page); + page = newpage; diff --git a/queue-4.14/pstore-ram-write-new-dumps-to-start-of-recycled-zones.patch b/queue-4.14/pstore-ram-write-new-dumps-to-start-of-recycled-zones.patch new file mode 100644 index 00000000000..4ca0fe6b201 --- /dev/null +++ b/queue-4.14/pstore-ram-write-new-dumps-to-start-of-recycled-zones.patch @@ -0,0 +1,49 @@ +From 9e5f1c19800b808a37fb9815a26d382132c26c3d Mon Sep 17 00:00:00 2001 +From: Aleksandr Yashkin +Date: Mon, 23 Dec 2019 18:38:16 +0500 +Subject: pstore/ram: Write new dumps to start of recycled zones + +From: Aleksandr Yashkin + +commit 9e5f1c19800b808a37fb9815a26d382132c26c3d upstream. + +The ram_core.c routines treat przs as circular buffers. When writing a +new crash dump, the old buffer needs to be cleared so that the new dump +doesn't end up in the wrong place (i.e. at the end). + +The solution to this problem is to reset the circular buffer state before +writing a new Oops dump. + +Signed-off-by: Aleksandr Yashkin +Signed-off-by: Nikolay Merinov +Signed-off-by: Ariel Gilman +Link: https://lore.kernel.org/r/20191223133816.28155-1-n.merinov@inango-systems.com +Fixes: 896fc1f0c4c6 ("pstore/ram: Switch to persistent_ram routines") +Cc: stable@vger.kernel.org +Signed-off-by: Kees Cook +Signed-off-by: Greg Kroah-Hartman + +--- + fs/pstore/ram.c | 11 +++++++++++ + 1 file changed, 11 insertions(+) + +--- a/fs/pstore/ram.c ++++ b/fs/pstore/ram.c +@@ -433,6 +433,17 @@ static int notrace ramoops_pstore_write( + + prz = cxt->dprzs[cxt->dump_write_cnt]; + ++ /* ++ * Since this is a new crash dump, we need to reset the buffer in ++ * case it still has an old dump present. Without this, the new dump ++ * will get appended, which would seriously confuse anything trying ++ * to check dump file contents. Specifically, ramoops_read_kmsg_hdr() ++ * expects to find a dump header in the beginning of buffer data, so ++ * we must to reset the buffer values, in order to ensure that the ++ * header will be written to the beginning of the buffer. ++ */ ++ persistent_ram_zap(prz); ++ + /* Build header and append record contents. */ + hlen = ramoops_write_kmsg_hdr(prz, record); + size = record->size; diff --git a/queue-4.14/series b/queue-4.14/series index e4fabc3b075..b7402b5e7a8 100644 --- a/queue-4.14/series +++ b/queue-4.14/series @@ -26,3 +26,10 @@ mips-avoid-vdso-abi-breakage-due-to-global-register-variable.patch media-pulse8-cec-fix-lost-cec_transmit_attempt_done-call.patch media-cec-cec-2.0-only-bcast-messages-were-ignored.patch media-cec-avoid-decrementing-transmit_queue_sz-if-it-is-0.patch +mm-zsmalloc.c-fix-the-migrated-zspage-statistics.patch +memcg-account-security-cred-as-well-to-kmemcg.patch +pstore-ram-write-new-dumps-to-start-of-recycled-zones.patch +locks-print-unsigned-ino-in-proc-locks.patch +dmaengine-fix-access-to-uninitialized-dma_slave_caps.patch +compat_ioctl-block-handle-persistent-reservations.patch +compat_ioctl-block-handle-blkreportzone-blkresetzone.patch