From: Greg Kroah-Hartman Date: Wed, 24 Apr 2019 13:53:57 +0000 (+0200) Subject: 5.0-stable patches X-Git-Tag: v3.18.139~21 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=8c9c9088a54c0f2b13363dcf8b9c1b72cb6cac1f;p=thirdparty%2Fkernel%2Fstable-queue.git 5.0-stable patches added patches: alsa-info-fix-racy-addition-deletion-of-nodes.patch device_cgroup-fix-rcu-imbalance-in-error-case.patch mm-memory_hotplug-do-not-unlock-after-failing-to-take-the-device_hotplug_lock.patch mm-vmstat.c-fix-proc-vmstat-format-for-config_debug_tlbflush-y-config_smp-n.patch mt76x02-avoid-status_list.lock-and-sta-rate_ctrl_lock-dependency.patch percpu-stop-printing-kernel-addresses.patch perf-ring_buffer-fix-aux-record-suppression.patch --- diff --git a/queue-5.0/alsa-info-fix-racy-addition-deletion-of-nodes.patch b/queue-5.0/alsa-info-fix-racy-addition-deletion-of-nodes.patch new file mode 100644 index 00000000000..984d97d731c --- /dev/null +++ b/queue-5.0/alsa-info-fix-racy-addition-deletion-of-nodes.patch @@ -0,0 +1,59 @@ +From 8c2f870890fd28e023b0fcf49dcee333f2c8bad7 Mon Sep 17 00:00:00 2001 +From: Takashi Iwai +Date: Tue, 16 Apr 2019 15:25:00 +0200 +Subject: ALSA: info: Fix racy addition/deletion of nodes + +From: Takashi Iwai + +commit 8c2f870890fd28e023b0fcf49dcee333f2c8bad7 upstream. + +The ALSA proc helper manages the child nodes in a linked list, but its +addition and deletion is done without any lock. This leads to a +corruption if they are operated concurrently. Usually this isn't a +problem because the proc entries are added sequentially in the driver +probe procedure itself. But the card registrations are done often +asynchronously, and the crash could be actually reproduced with +syzkaller. + +This patch papers over it by protecting the link addition and deletion +with the parent's mutex. There is "access" mutex that is used for the +file access, and this can be reused for this purpose as well. + +Reported-by: syzbot+48df349490c36f9f54ab@syzkaller.appspotmail.com +Cc: +Signed-off-by: Takashi Iwai +Signed-off-by: Greg Kroah-Hartman + +--- + sound/core/info.c | 12 ++++++++++-- + 1 file changed, 10 insertions(+), 2 deletions(-) + +--- a/sound/core/info.c ++++ b/sound/core/info.c +@@ -722,8 +722,11 @@ snd_info_create_entry(const char *name, + INIT_LIST_HEAD(&entry->children); + INIT_LIST_HEAD(&entry->list); + entry->parent = parent; +- if (parent) ++ if (parent) { ++ mutex_lock(&parent->access); + list_add_tail(&entry->list, &parent->children); ++ mutex_unlock(&parent->access); ++ } + return entry; + } + +@@ -805,7 +808,12 @@ void snd_info_free_entry(struct snd_info + list_for_each_entry_safe(p, n, &entry->children, list) + snd_info_free_entry(p); + +- list_del(&entry->list); ++ p = entry->parent; ++ if (p) { ++ mutex_lock(&p->access); ++ list_del(&entry->list); ++ mutex_unlock(&p->access); ++ } + kfree(entry->name); + if (entry->private_free) + entry->private_free(entry); diff --git a/queue-5.0/device_cgroup-fix-rcu-imbalance-in-error-case.patch b/queue-5.0/device_cgroup-fix-rcu-imbalance-in-error-case.patch new file mode 100644 index 00000000000..593340ed35c --- /dev/null +++ b/queue-5.0/device_cgroup-fix-rcu-imbalance-in-error-case.patch @@ -0,0 +1,42 @@ +From 0fcc4c8c044e117ac126ab6df4138ea9a67fa2a9 Mon Sep 17 00:00:00 2001 +From: Jann Horn +Date: Tue, 19 Mar 2019 02:36:59 +0100 +Subject: device_cgroup: fix RCU imbalance in error case + +From: Jann Horn + +commit 0fcc4c8c044e117ac126ab6df4138ea9a67fa2a9 upstream. + +When dev_exception_add() returns an error (due to a failed memory +allocation), make sure that we move the RCU preemption count back to where +it was before we were called. We dropped the RCU read lock inside the loop +body, so we can't just "break". + +sparse complains about this, too: + +$ make -s C=2 security/device_cgroup.o +./include/linux/rcupdate.h:647:9: warning: context imbalance in +'propagate_exception' - unexpected unlock + +Fixes: d591fb56618f ("device_cgroup: simplify cgroup tree walk in propagate_exception()") +Cc: stable@vger.kernel.org +Signed-off-by: Jann Horn +Acked-by: Michal Hocko +Signed-off-by: Tejun Heo +Signed-off-by: Greg Kroah-Hartman + +--- + security/device_cgroup.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/security/device_cgroup.c ++++ b/security/device_cgroup.c +@@ -560,7 +560,7 @@ static int propagate_exception(struct de + devcg->behavior == DEVCG_DEFAULT_ALLOW) { + rc = dev_exception_add(devcg, ex); + if (rc) +- break; ++ return rc; + } else { + /* + * in the other possible cases: diff --git a/queue-5.0/mm-memory_hotplug-do-not-unlock-after-failing-to-take-the-device_hotplug_lock.patch b/queue-5.0/mm-memory_hotplug-do-not-unlock-after-failing-to-take-the-device_hotplug_lock.patch new file mode 100644 index 00000000000..e8918caa590 --- /dev/null +++ b/queue-5.0/mm-memory_hotplug-do-not-unlock-after-failing-to-take-the-device_hotplug_lock.patch @@ -0,0 +1,45 @@ +From 37803841c92d7b327147e0b1be3436423189e1cf Mon Sep 17 00:00:00 2001 +From: zhong jiang +Date: Thu, 18 Apr 2019 17:50:16 -0700 +Subject: mm/memory_hotplug: do not unlock after failing to take the device_hotplug_lock + +From: zhong jiang + +commit 37803841c92d7b327147e0b1be3436423189e1cf upstream. + +When adding memory by probing a memory block in the sysfs interface, +there is an obvious issue where we will unlock the device_hotplug_lock +when we failed to takes it. + +That issue was introduced in 8df1d0e4a265 ("mm/memory_hotplug: make +add_memory() take the device_hotplug_lock"). + +We should drop out in time when failing to take the device_hotplug_lock. + +Link: http://lkml.kernel.org/r/1554696437-9593-1-git-send-email-zhongjiang@huawei.com +Fixes: 8df1d0e4a265 ("mm/memory_hotplug: make add_memory() take the device_hotplug_lock") +Signed-off-by: zhong jiang +Reported-by: Yang yingliang +Acked-by: Michal Hocko +Reviewed-by: David Hildenbrand +Reviewed-by: Oscar Salvador +Cc: +Signed-off-by: Andrew Morton +Signed-off-by: Linus Torvalds +Signed-off-by: Greg Kroah-Hartman + +--- + drivers/base/memory.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/drivers/base/memory.c ++++ b/drivers/base/memory.c +@@ -505,7 +505,7 @@ static ssize_t probe_store(struct device + + ret = lock_device_hotplug_sysfs(); + if (ret) +- goto out; ++ return ret; + + nid = memory_add_physaddr_to_nid(phys_addr); + ret = __add_memory(nid, phys_addr, diff --git a/queue-5.0/mm-vmstat.c-fix-proc-vmstat-format-for-config_debug_tlbflush-y-config_smp-n.patch b/queue-5.0/mm-vmstat.c-fix-proc-vmstat-format-for-config_debug_tlbflush-y-config_smp-n.patch new file mode 100644 index 00000000000..face91ed31e --- /dev/null +++ b/queue-5.0/mm-vmstat.c-fix-proc-vmstat-format-for-config_debug_tlbflush-y-config_smp-n.patch @@ -0,0 +1,50 @@ +From e8277b3b52240ec1caad8e6df278863e4bf42eac Mon Sep 17 00:00:00 2001 +From: Konstantin Khlebnikov +Date: Thu, 18 Apr 2019 17:50:20 -0700 +Subject: mm/vmstat.c: fix /proc/vmstat format for CONFIG_DEBUG_TLBFLUSH=y CONFIG_SMP=n + +From: Konstantin Khlebnikov + +commit e8277b3b52240ec1caad8e6df278863e4bf42eac upstream. + +Commit 58bc4c34d249 ("mm/vmstat.c: skip NR_TLB_REMOTE_FLUSH* properly") +depends on skipping vmstat entries with empty name introduced in +7aaf77272358 ("mm: don't show nr_indirectly_reclaimable in +/proc/vmstat") but reverted in b29940c1abd7 ("mm: rename and change +semantics of nr_indirectly_reclaimable_bytes"). + +So skipping no longer works and /proc/vmstat has misformatted lines " 0". + +This patch simply shows debug counters "nr_tlb_remote_*" for UP. + +Link: http://lkml.kernel.org/r/155481488468.467.4295519102880913454.stgit@buzz +Fixes: 58bc4c34d249 ("mm/vmstat.c: skip NR_TLB_REMOTE_FLUSH* properly") +Signed-off-by: Konstantin Khlebnikov +Acked-by: Vlastimil Babka +Cc: Roman Gushchin +Cc: Jann Horn +Cc: +Signed-off-by: Andrew Morton +Signed-off-by: Linus Torvalds +Signed-off-by: Greg Kroah-Hartman + +--- + mm/vmstat.c | 5 ----- + 1 file changed, 5 deletions(-) + +--- a/mm/vmstat.c ++++ b/mm/vmstat.c +@@ -1274,13 +1274,8 @@ const char * const vmstat_text[] = { + #endif + #endif /* CONFIG_MEMORY_BALLOON */ + #ifdef CONFIG_DEBUG_TLBFLUSH +-#ifdef CONFIG_SMP + "nr_tlb_remote_flush", + "nr_tlb_remote_flush_received", +-#else +- "", /* nr_tlb_remote_flush */ +- "", /* nr_tlb_remote_flush_received */ +-#endif /* CONFIG_SMP */ + "nr_tlb_local_flush_all", + "nr_tlb_local_flush_one", + #endif /* CONFIG_DEBUG_TLBFLUSH */ diff --git a/queue-5.0/mt76x02-avoid-status_list.lock-and-sta-rate_ctrl_lock-dependency.patch b/queue-5.0/mt76x02-avoid-status_list.lock-and-sta-rate_ctrl_lock-dependency.patch new file mode 100644 index 00000000000..6e53128f4d1 --- /dev/null +++ b/queue-5.0/mt76x02-avoid-status_list.lock-and-sta-rate_ctrl_lock-dependency.patch @@ -0,0 +1,212 @@ +From bafdf85dfa59374f927ff597bc8c259193afda30 Mon Sep 17 00:00:00 2001 +From: Stanislaw Gruszka +Date: Fri, 5 Apr 2019 13:42:56 +0200 +Subject: mt76x02: avoid status_list.lock and sta->rate_ctrl_lock dependency + +From: Stanislaw Gruszka + +commit bafdf85dfa59374f927ff597bc8c259193afda30 upstream. + +Move ieee80211_tx_status_ext() outside of status_list lock section +in order to avoid locking dependency and possible deadlock reposed by +LOCKDEP in below warning. + +Also do mt76_tx_status_lock() just before it's needed. + +[ 440.224832] WARNING: possible circular locking dependency detected +[ 440.224833] 5.1.0-rc2+ #22 Not tainted +[ 440.224834] ------------------------------------------------------ +[ 440.224835] kworker/u16:28/2362 is trying to acquire lock: +[ 440.224836] 0000000089b8cacf (&(&q->lock)->rlock#2){+.-.}, at: mt76_wake_tx_queue+0x4c/0xb0 [mt76] +[ 440.224842] + but task is already holding lock: +[ 440.224842] 000000002cfedc59 (&(&sta->lock)->rlock){+.-.}, at: ieee80211_stop_tx_ba_cb+0x32/0x1f0 [mac80211] +[ 440.224863] + which lock already depends on the new lock. + +[ 440.224863] + the existing dependency chain (in reverse order) is: +[ 440.224864] + -> #3 (&(&sta->lock)->rlock){+.-.}: +[ 440.224869] _raw_spin_lock_bh+0x34/0x40 +[ 440.224880] ieee80211_start_tx_ba_session+0xe4/0x3d0 [mac80211] +[ 440.224894] minstrel_ht_get_rate+0x45c/0x510 [mac80211] +[ 440.224906] rate_control_get_rate+0xc1/0x140 [mac80211] +[ 440.224918] ieee80211_tx_h_rate_ctrl+0x195/0x3c0 [mac80211] +[ 440.224930] ieee80211_xmit_fast+0x26d/0xa50 [mac80211] +[ 440.224942] __ieee80211_subif_start_xmit+0xfc/0x310 [mac80211] +[ 440.224954] ieee80211_subif_start_xmit+0x38/0x390 [mac80211] +[ 440.224956] dev_hard_start_xmit+0xb8/0x300 +[ 440.224957] __dev_queue_xmit+0x7d4/0xbb0 +[ 440.224968] ip6_finish_output2+0x246/0x860 [ipv6] +[ 440.224978] mld_sendpack+0x1bd/0x360 [ipv6] +[ 440.224987] mld_ifc_timer_expire+0x1a4/0x2f0 [ipv6] +[ 440.224989] call_timer_fn+0x89/0x2a0 +[ 440.224990] run_timer_softirq+0x1bd/0x4d0 +[ 440.224992] __do_softirq+0xdb/0x47c +[ 440.224994] irq_exit+0xfa/0x100 +[ 440.224996] smp_apic_timer_interrupt+0x9a/0x220 +[ 440.224997] apic_timer_interrupt+0xf/0x20 +[ 440.224999] cpuidle_enter_state+0xc1/0x470 +[ 440.225000] do_idle+0x21a/0x260 +[ 440.225001] cpu_startup_entry+0x19/0x20 +[ 440.225004] start_secondary+0x135/0x170 +[ 440.225006] secondary_startup_64+0xa4/0xb0 +[ 440.225007] + -> #2 (&(&sta->rate_ctrl_lock)->rlock){+.-.}: +[ 440.225009] _raw_spin_lock_bh+0x34/0x40 +[ 440.225022] rate_control_tx_status+0x4f/0xb0 [mac80211] +[ 440.225031] ieee80211_tx_status_ext+0x142/0x1a0 [mac80211] +[ 440.225035] mt76x02_send_tx_status+0x2e4/0x340 [mt76x02_lib] +[ 440.225037] mt76x02_tx_status_data+0x31/0x40 [mt76x02_lib] +[ 440.225040] mt76u_tx_status_data+0x51/0xa0 [mt76_usb] +[ 440.225042] process_one_work+0x237/0x5d0 +[ 440.225043] worker_thread+0x3c/0x390 +[ 440.225045] kthread+0x11d/0x140 +[ 440.225046] ret_from_fork+0x3a/0x50 +[ 440.225047] + -> #1 (&(&list->lock)->rlock#8){+.-.}: +[ 440.225049] _raw_spin_lock_bh+0x34/0x40 +[ 440.225052] mt76_tx_status_skb_add+0x51/0x100 [mt76] +[ 440.225054] mt76x02u_tx_prepare_skb+0xbd/0x116 [mt76x02_usb] +[ 440.225056] mt76u_tx_queue_skb+0x5f/0x180 [mt76_usb] +[ 440.225058] mt76_tx+0x93/0x190 [mt76] +[ 440.225070] ieee80211_tx_frags+0x148/0x210 [mac80211] +[ 440.225081] __ieee80211_tx+0x75/0x1b0 [mac80211] +[ 440.225092] ieee80211_tx+0xde/0x110 [mac80211] +[ 440.225105] __ieee80211_tx_skb_tid_band+0x72/0x90 [mac80211] +[ 440.225122] ieee80211_send_auth+0x1f3/0x360 [mac80211] +[ 440.225141] ieee80211_auth.cold.40+0x6c/0x100 [mac80211] +[ 440.225156] ieee80211_mgd_auth.cold.50+0x132/0x15f [mac80211] +[ 440.225171] cfg80211_mlme_auth+0x149/0x360 [cfg80211] +[ 440.225181] nl80211_authenticate+0x273/0x2e0 [cfg80211] +[ 440.225183] genl_family_rcv_msg+0x196/0x3a0 +[ 440.225184] genl_rcv_msg+0x47/0x8e +[ 440.225185] netlink_rcv_skb+0x3a/0xf0 +[ 440.225187] genl_rcv+0x24/0x40 +[ 440.225188] netlink_unicast+0x16d/0x210 +[ 440.225189] netlink_sendmsg+0x204/0x3b0 +[ 440.225191] sock_sendmsg+0x36/0x40 +[ 440.225193] ___sys_sendmsg+0x259/0x2b0 +[ 440.225194] __sys_sendmsg+0x47/0x80 +[ 440.225196] do_syscall_64+0x60/0x1f0 +[ 440.225197] entry_SYSCALL_64_after_hwframe+0x49/0xbe +[ 440.225198] + -> #0 (&(&q->lock)->rlock#2){+.-.}: +[ 440.225200] lock_acquire+0xb9/0x1a0 +[ 440.225202] _raw_spin_lock_bh+0x34/0x40 +[ 440.225204] mt76_wake_tx_queue+0x4c/0xb0 [mt76] +[ 440.225215] ieee80211_agg_start_txq+0xe8/0x2b0 [mac80211] +[ 440.225225] ieee80211_stop_tx_ba_cb+0xb8/0x1f0 [mac80211] +[ 440.225235] ieee80211_ba_session_work+0x1c1/0x2f0 [mac80211] +[ 440.225236] process_one_work+0x237/0x5d0 +[ 440.225237] worker_thread+0x3c/0x390 +[ 440.225239] kthread+0x11d/0x140 +[ 440.225240] ret_from_fork+0x3a/0x50 +[ 440.225240] + other info that might help us debug this: + +[ 440.225241] Chain exists of: + &(&q->lock)->rlock#2 --> &(&sta->rate_ctrl_lock)->rlock --> &(&sta->lock)->rlock + +[ 440.225243] Possible unsafe locking scenario: + +[ 440.225244] CPU0 CPU1 +[ 440.225244] ---- ---- +[ 440.225245] lock(&(&sta->lock)->rlock); +[ 440.225245] lock(&(&sta->rate_ctrl_lock)->rlock); +[ 440.225246] lock(&(&sta->lock)->rlock); +[ 440.225247] lock(&(&q->lock)->rlock#2); +[ 440.225248] + *** DEADLOCK *** + +[ 440.225249] 5 locks held by kworker/u16:28/2362: +[ 440.225250] #0: 0000000048fcd291 ((wq_completion)phy0){+.+.}, at: process_one_work+0x1b5/0x5d0 +[ 440.225252] #1: 00000000f1c6828f ((work_completion)(&sta->ampdu_mlme.work)){+.+.}, at: process_one_work+0x1b5/0x5d0 +[ 440.225254] #2: 00000000433d2b2c (&sta->ampdu_mlme.mtx){+.+.}, at: ieee80211_ba_session_work+0x5c/0x2f0 [mac80211] +[ 440.225265] #3: 000000002cfedc59 (&(&sta->lock)->rlock){+.-.}, at: ieee80211_stop_tx_ba_cb+0x32/0x1f0 [mac80211] +[ 440.225276] #4: 000000009d7b9a44 (rcu_read_lock){....}, at: ieee80211_agg_start_txq+0x33/0x2b0 [mac80211] +[ 440.225286] + stack backtrace: +[ 440.225288] CPU: 2 PID: 2362 Comm: kworker/u16:28 Not tainted 5.1.0-rc2+ #22 +[ 440.225289] Hardware name: LENOVO 20KGS23S0P/20KGS23S0P, BIOS N23ET55W (1.30 ) 08/31/2018 +[ 440.225300] Workqueue: phy0 ieee80211_ba_session_work [mac80211] +[ 440.225301] Call Trace: +[ 440.225304] dump_stack+0x85/0xc0 +[ 440.225306] print_circular_bug.isra.38.cold.58+0x15c/0x195 +[ 440.225307] check_prev_add.constprop.48+0x5f0/0xc00 +[ 440.225309] ? check_prev_add.constprop.48+0x39d/0xc00 +[ 440.225311] ? __lock_acquire+0x41d/0x1100 +[ 440.225312] __lock_acquire+0xd98/0x1100 +[ 440.225313] ? __lock_acquire+0x41d/0x1100 +[ 440.225315] lock_acquire+0xb9/0x1a0 +[ 440.225317] ? mt76_wake_tx_queue+0x4c/0xb0 [mt76] +[ 440.225319] _raw_spin_lock_bh+0x34/0x40 +[ 440.225321] ? mt76_wake_tx_queue+0x4c/0xb0 [mt76] +[ 440.225323] mt76_wake_tx_queue+0x4c/0xb0 [mt76] +[ 440.225334] ieee80211_agg_start_txq+0xe8/0x2b0 [mac80211] +[ 440.225344] ieee80211_stop_tx_ba_cb+0xb8/0x1f0 [mac80211] +[ 440.225354] ieee80211_ba_session_work+0x1c1/0x2f0 [mac80211] +[ 440.225356] process_one_work+0x237/0x5d0 +[ 440.225358] worker_thread+0x3c/0x390 +[ 440.225359] ? wq_calc_node_cpumask+0x70/0x70 +[ 440.225360] kthread+0x11d/0x140 +[ 440.225362] ? kthread_create_on_node+0x40/0x40 +[ 440.225363] ret_from_fork+0x3a/0x50 + +Cc: stable@vger.kernel.org +Fixes: 88046b2c9f6d ("mt76: add support for reporting tx status with skb") +Signed-off-by: Stanislaw Gruszka +Acked-by: Felix Fietkau +Signed-off-by: Kalle Valo +Signed-off-by: Greg Kroah-Hartman + +--- + drivers/net/wireless/mediatek/mt76/mt76x02_mac.c | 14 ++++++++------ + 1 file changed, 8 insertions(+), 6 deletions(-) + +--- a/drivers/net/wireless/mediatek/mt76/mt76x02_mac.c ++++ b/drivers/net/wireless/mediatek/mt76/mt76x02_mac.c +@@ -421,7 +421,6 @@ void mt76x02_send_tx_status(struct mt76x + return; + + rcu_read_lock(); +- mt76_tx_status_lock(mdev, &list); + + if (stat->wcid < ARRAY_SIZE(dev->mt76.wcid)) + wcid = rcu_dereference(dev->mt76.wcid[stat->wcid]); +@@ -434,6 +433,8 @@ void mt76x02_send_tx_status(struct mt76x + drv_priv); + } + ++ mt76_tx_status_lock(mdev, &list); ++ + if (wcid) { + if (stat->pktid) + status.skb = mt76_tx_status_skb_get(mdev, wcid, +@@ -453,7 +454,9 @@ void mt76x02_send_tx_status(struct mt76x + if (*update == 0 && stat_val == stat_cache && + stat->wcid == msta->status.wcid && msta->n_frames < 32) { + msta->n_frames++; +- goto out; ++ mt76_tx_status_unlock(mdev, &list); ++ rcu_read_unlock(); ++ return; + } + + mt76x02_mac_fill_tx_status(dev, status.info, &msta->status, +@@ -469,11 +472,10 @@ void mt76x02_send_tx_status(struct mt76x + + if (status.skb) + mt76_tx_status_skb_done(mdev, status.skb, &list); +- else +- ieee80211_tx_status_ext(mt76_hw(dev), &status); +- +-out: + mt76_tx_status_unlock(mdev, &list); ++ ++ if (!status.skb) ++ ieee80211_tx_status_ext(mt76_hw(dev), &status); + rcu_read_unlock(); + } + diff --git a/queue-5.0/percpu-stop-printing-kernel-addresses.patch b/queue-5.0/percpu-stop-printing-kernel-addresses.patch new file mode 100644 index 00000000000..a4a08700582 --- /dev/null +++ b/queue-5.0/percpu-stop-printing-kernel-addresses.patch @@ -0,0 +1,50 @@ +From 00206a69ee32f03e6f40837684dcbe475ea02266 Mon Sep 17 00:00:00 2001 +From: Matteo Croce +Date: Mon, 18 Mar 2019 02:32:36 +0100 +Subject: percpu: stop printing kernel addresses + +From: Matteo Croce + +commit 00206a69ee32f03e6f40837684dcbe475ea02266 upstream. + +Since commit ad67b74d2469d9b8 ("printk: hash addresses printed with %p"), +at boot "____ptrval____" is printed instead of actual addresses: + + percpu: Embedded 38 pages/cpu @(____ptrval____) s124376 r0 d31272 u524288 + +Instead of changing the print to "%px", and leaking kernel addresses, +just remove the print completely, cfr. e.g. commit 071929dbdd865f77 +("arm64: Stop printing the virtual memory layout"). + +Signed-off-by: Matteo Croce +Signed-off-by: Dennis Zhou +Signed-off-by: Greg Kroah-Hartman + +--- + mm/percpu.c | 8 ++++---- + 1 file changed, 4 insertions(+), 4 deletions(-) + +--- a/mm/percpu.c ++++ b/mm/percpu.c +@@ -2531,8 +2531,8 @@ int __init pcpu_embed_first_chunk(size_t + ai->groups[group].base_offset = areas[group] - base; + } + +- pr_info("Embedded %zu pages/cpu @%p s%zu r%zu d%zu u%zu\n", +- PFN_DOWN(size_sum), base, ai->static_size, ai->reserved_size, ++ pr_info("Embedded %zu pages/cpu s%zu r%zu d%zu u%zu\n", ++ PFN_DOWN(size_sum), ai->static_size, ai->reserved_size, + ai->dyn_size, ai->unit_size); + + rc = pcpu_setup_first_chunk(ai, base); +@@ -2653,8 +2653,8 @@ int __init pcpu_page_first_chunk(size_t + } + + /* we're ready, commit */ +- pr_info("%d %s pages/cpu @%p s%zu r%zu d%zu\n", +- unit_pages, psize_str, vm.addr, ai->static_size, ++ pr_info("%d %s pages/cpu s%zu r%zu d%zu\n", ++ unit_pages, psize_str, ai->static_size, + ai->reserved_size, ai->dyn_size); + + rc = pcpu_setup_first_chunk(ai, vm.addr); diff --git a/queue-5.0/perf-ring_buffer-fix-aux-record-suppression.patch b/queue-5.0/perf-ring_buffer-fix-aux-record-suppression.patch new file mode 100644 index 00000000000..688d43f37ae --- /dev/null +++ b/queue-5.0/perf-ring_buffer-fix-aux-record-suppression.patch @@ -0,0 +1,82 @@ +From 339bc4183596e1f68c2c98a03b87aa124107c317 Mon Sep 17 00:00:00 2001 +From: Alexander Shishkin +Date: Fri, 29 Mar 2019 11:13:38 +0200 +Subject: perf/ring_buffer: Fix AUX record suppression + +From: Alexander Shishkin + +commit 339bc4183596e1f68c2c98a03b87aa124107c317 upstream. + +The following commit: + + 1627314fb54a33e ("perf: Suppress AUX/OVERWRITE records") + +has an unintended side-effect of also suppressing all AUX records with no flags +and non-zero size, so all the regular records in the full trace mode. +This breaks some use cases for people. + +Fix this by restoring "regular" AUX records. + +Reported-by: Ben Gainey +Tested-by: Ben Gainey +Signed-off-by: Alexander Shishkin +Signed-off-by: Peter Zijlstra (Intel) +Cc: +Cc: Arnaldo Carvalho de Melo +Cc: Jiri Olsa +Cc: Linus Torvalds +Cc: Peter Zijlstra +Cc: Stephane Eranian +Cc: Thomas Gleixner +Cc: Vince Weaver +Fixes: 1627314fb54a33e ("perf: Suppress AUX/OVERWRITE records") +Link: https://lkml.kernel.org/r/20190329091338.29999-1-alexander.shishkin@linux.intel.com +Signed-off-by: Ingo Molnar +Signed-off-by: Greg Kroah-Hartman + +--- + kernel/events/ring_buffer.c | 33 +++++++++++++++------------------ + 1 file changed, 15 insertions(+), 18 deletions(-) + +--- a/kernel/events/ring_buffer.c ++++ b/kernel/events/ring_buffer.c +@@ -456,24 +456,21 @@ void perf_aux_output_end(struct perf_out + rb->aux_head += size; + } + +- if (size || handle->aux_flags) { +- /* +- * Only send RECORD_AUX if we have something useful to communicate +- * +- * Note: the OVERWRITE records by themselves are not considered +- * useful, as they don't communicate any *new* information, +- * aside from the short-lived offset, that becomes history at +- * the next event sched-in and therefore isn't useful. +- * The userspace that needs to copy out AUX data in overwrite +- * mode should know to use user_page::aux_head for the actual +- * offset. So, from now on we don't output AUX records that +- * have *only* OVERWRITE flag set. +- */ +- +- if (handle->aux_flags & ~(u64)PERF_AUX_FLAG_OVERWRITE) +- perf_event_aux_event(handle->event, aux_head, size, +- handle->aux_flags); +- } ++ /* ++ * Only send RECORD_AUX if we have something useful to communicate ++ * ++ * Note: the OVERWRITE records by themselves are not considered ++ * useful, as they don't communicate any *new* information, ++ * aside from the short-lived offset, that becomes history at ++ * the next event sched-in and therefore isn't useful. ++ * The userspace that needs to copy out AUX data in overwrite ++ * mode should know to use user_page::aux_head for the actual ++ * offset. So, from now on we don't output AUX records that ++ * have *only* OVERWRITE flag set. ++ */ ++ if (size || (handle->aux_flags & ~(u64)PERF_AUX_FLAG_OVERWRITE)) ++ perf_event_aux_event(handle->event, aux_head, size, ++ handle->aux_flags); + + rb->user_page->aux_head = rb->aux_head; + if (rb_need_aux_wakeup(rb)) diff --git a/queue-5.0/series b/queue-5.0/series index dbba7563925..099fce5db49 100644 --- a/queue-5.0/series +++ b/queue-5.0/series @@ -106,3 +106,10 @@ tpm-fix-the-type-of-the-return-value-in-calc_tpm2_ev.patch revert-kbuild-use-oz-instead-of-os-when-using-clang.patch sched-fair-limit-sched_cfs_period_timer-loop-to-avoi.patch tpm-fix-an-invalid-condition-in-tpm_common_poll.patch +mt76x02-avoid-status_list.lock-and-sta-rate_ctrl_lock-dependency.patch +device_cgroup-fix-rcu-imbalance-in-error-case.patch +perf-ring_buffer-fix-aux-record-suppression.patch +mm-memory_hotplug-do-not-unlock-after-failing-to-take-the-device_hotplug_lock.patch +mm-vmstat.c-fix-proc-vmstat-format-for-config_debug_tlbflush-y-config_smp-n.patch +alsa-info-fix-racy-addition-deletion-of-nodes.patch +percpu-stop-printing-kernel-addresses.patch