From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Date: Mon, 6 Jan 2020 12:46:26 +0000 (+0100)
Subject: 4.9-stable patches
X-Git-Tag: v4.14.163~47
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=a06c3885efd4be9d84984ddee84d53dfb99a7a84;p=thirdparty%2Fkernel%2Fstable-queue.git

4.9-stable patches

added patches:
	compat_ioctl-block-handle-persistent-reservations.patch
	dmaengine-fix-access-to-uninitialized-dma_slave_caps.patch
	locks-print-unsigned-ino-in-proc-locks.patch
	memcg-account-security-cred-as-well-to-kmemcg.patch
	mm-zsmalloc.c-fix-the-migrated-zspage-statistics.patch
---

diff --git a/queue-4.9/compat_ioctl-block-handle-persistent-reservations.patch b/queue-4.9/compat_ioctl-block-handle-persistent-reservations.patch
new file mode 100644
index 00000000000..ffa858003bf
--- /dev/null
+++ b/queue-4.9/compat_ioctl-block-handle-persistent-reservations.patch
@@ -0,0 +1,50 @@
+From b2c0fcd28772f99236d261509bcd242135677965 Mon Sep 17 00:00:00 2001
+From: Arnd Bergmann <arnd@arndb.de>
+Date: Fri, 29 Nov 2019 11:28:22 +0100
+Subject: compat_ioctl: block: handle Persistent Reservations
+
+From: Arnd Bergmann <arnd@arndb.de>
+
+commit b2c0fcd28772f99236d261509bcd242135677965 upstream.
+
+These were added to blkdev_ioctl() in linux-5.5 but not
+blkdev_compat_ioctl, so add them now.
+
+Cc: <stable@vger.kernel.org> # v4.4+
+Fixes: bbd3e064362e ("block: add an API for Persistent Reservations")
+Signed-off-by: Arnd Bergmann <arnd@arndb.de>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+Fold in followup patch from Arnd with missing pr.h header include.
+
+Signed-off-by: Jens Axboe <axboe@kernel.dk>
+
+---
+ block/compat_ioctl.c |    9 +++++++++
+ 1 file changed, 9 insertions(+)
+
+--- a/block/compat_ioctl.c
++++ b/block/compat_ioctl.c
+@@ -5,6 +5,7 @@
+ #include <linux/compat.h>
+ #include <linux/elevator.h>
+ #include <linux/hdreg.h>
++#include <linux/pr.h>
+ #include <linux/slab.h>
+ #include <linux/syscalls.h>
+ #include <linux/types.h>
+@@ -406,6 +407,14 @@ long compat_blkdev_ioctl(struct file *fi
+ 	case BLKTRACETEARDOWN: /* compatible */
+ 		ret = blk_trace_ioctl(bdev, cmd, compat_ptr(arg));
+ 		return ret;
++	case IOC_PR_REGISTER:
++	case IOC_PR_RESERVE:
++	case IOC_PR_RELEASE:
++	case IOC_PR_PREEMPT:
++	case IOC_PR_PREEMPT_ABORT:
++	case IOC_PR_CLEAR:
++		return blkdev_ioctl(bdev, mode, cmd,
++				(unsigned long)compat_ptr(arg));
+ 	default:
+ 		if (disk->fops->compat_ioctl)
+ 			ret = disk->fops->compat_ioctl(bdev, mode, cmd, arg);
diff --git a/queue-4.9/dmaengine-fix-access-to-uninitialized-dma_slave_caps.patch b/queue-4.9/dmaengine-fix-access-to-uninitialized-dma_slave_caps.patch
new file mode 100644
index 00000000000..29e109ae9d0
--- /dev/null
+++ b/queue-4.9/dmaengine-fix-access-to-uninitialized-dma_slave_caps.patch
@@ -0,0 +1,57 @@
+From 53a256a9b925b47c7e67fc1f16ca41561a7b877c Mon Sep 17 00:00:00 2001
+From: Lukas Wunner <lukas@wunner.de>
+Date: Thu, 5 Dec 2019 12:54:49 +0100
+Subject: dmaengine: Fix access to uninitialized dma_slave_caps
+
+From: Lukas Wunner <lukas@wunner.de>
+
+commit 53a256a9b925b47c7e67fc1f16ca41561a7b877c upstream.
+
+dmaengine_desc_set_reuse() allocates a struct dma_slave_caps on the
+stack, populates it using dma_get_slave_caps() and then accesses one
+of its members.
+
+However dma_get_slave_caps() may fail and this isn't accounted for,
+leading to a legitimate warning of gcc-4.9 (but not newer versions):
+
+   In file included from drivers/spi/spi-bcm2835.c:19:0:
+   drivers/spi/spi-bcm2835.c: In function 'dmaengine_desc_set_reuse':
+>> include/linux/dmaengine.h:1370:10: warning: 'caps.descriptor_reuse' is used uninitialized in this function [-Wuninitialized]
+     if (caps.descriptor_reuse) {
+
+Fix it, thereby also silencing the gcc-4.9 warning.
+
+The issue has been present for 4 years but surfaces only now that
+the first caller of dmaengine_desc_set_reuse() has been added in
+spi-bcm2835.c. Another user of reusable DMA descriptors has existed
+for a while in pxa_camera.c, but it sets the DMA_CTRL_REUSE flag
+directly instead of calling dmaengine_desc_set_reuse(). Nevertheless,
+tag this commit for stable in case there are out-of-tree users.
+
+Fixes: 272420214d26 ("dmaengine: Add DMA_CTRL_REUSE")
+Reported-by: kbuild test robot <lkp@intel.com>
+Signed-off-by: Lukas Wunner <lukas@wunner.de>
+Cc: stable@vger.kernel.org # v4.3+
+Link: https://lore.kernel.org/r/ca92998ccc054b4f2bfd60ef3adbab2913171eac.1575546234.git.lukas@wunner.de
+Signed-off-by: Vinod Koul <vkoul@kernel.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ include/linux/dmaengine.h |    5 ++++-
+ 1 file changed, 4 insertions(+), 1 deletion(-)
+
+--- a/include/linux/dmaengine.h
++++ b/include/linux/dmaengine.h
+@@ -1358,8 +1358,11 @@ static inline int dma_get_slave_caps(str
+ static inline int dmaengine_desc_set_reuse(struct dma_async_tx_descriptor *tx)
+ {
+ 	struct dma_slave_caps caps;
++	int ret;
+ 
+-	dma_get_slave_caps(tx->chan, &caps);
++	ret = dma_get_slave_caps(tx->chan, &caps);
++	if (ret)
++		return ret;
+ 
+ 	if (caps.descriptor_reuse) {
+ 		tx->flags |= DMA_CTRL_REUSE;
diff --git a/queue-4.9/locks-print-unsigned-ino-in-proc-locks.patch b/queue-4.9/locks-print-unsigned-ino-in-proc-locks.patch
new file mode 100644
index 00000000000..8ce9876413c
--- /dev/null
+++ b/queue-4.9/locks-print-unsigned-ino-in-proc-locks.patch
@@ -0,0 +1,31 @@
+From 98ca480a8f22fdbd768e3dad07024c8d4856576c Mon Sep 17 00:00:00 2001
+From: Amir Goldstein <amir73il@gmail.com>
+Date: Sun, 22 Dec 2019 20:45:28 +0200
+Subject: locks: print unsigned ino in /proc/locks
+
+From: Amir Goldstein <amir73il@gmail.com>
+
+commit 98ca480a8f22fdbd768e3dad07024c8d4856576c upstream.
+
+An ino is unsigned, so display it as such in /proc/locks.
+
+Cc: stable@vger.kernel.org
+Signed-off-by: Amir Goldstein <amir73il@gmail.com>
+Signed-off-by: Jeff Layton <jlayton@kernel.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ fs/locks.c |    2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/fs/locks.c
++++ b/fs/locks.c
+@@ -2681,7 +2681,7 @@ static void lock_get_status(struct seq_f
+ 	}
+ 	if (inode) {
+ 		/* userspace relies on this representation of dev_t */
+-		seq_printf(f, "%d %02x:%02x:%ld ", fl_pid,
++		seq_printf(f, "%d %02x:%02x:%lu ", fl_pid,
+ 				MAJOR(inode->i_sb->s_dev),
+ 				MINOR(inode->i_sb->s_dev), inode->i_ino);
+ 	} else {
diff --git a/queue-4.9/memcg-account-security-cred-as-well-to-kmemcg.patch b/queue-4.9/memcg-account-security-cred-as-well-to-kmemcg.patch
new file mode 100644
index 00000000000..56141f21507
--- /dev/null
+++ b/queue-4.9/memcg-account-security-cred-as-well-to-kmemcg.patch
@@ -0,0 +1,66 @@
+From 84029fd04c201a4c7e0b07ba262664900f47c6f5 Mon Sep 17 00:00:00 2001
+From: Shakeel Butt <shakeelb@google.com>
+Date: Sat, 4 Jan 2020 12:59:43 -0800
+Subject: memcg: account security cred as well to kmemcg
+
+From: Shakeel Butt <shakeelb@google.com>
+
+commit 84029fd04c201a4c7e0b07ba262664900f47c6f5 upstream.
+
+The cred_jar kmem_cache is already memcg accounted in the current kernel
+but cred->security is not.  Account cred->security to kmemcg.
+
+Recently we saw high root slab usage on our production and on further
+inspection, we found a buggy application leaking processes.  Though that
+buggy application was contained within its memcg but we observe much
+more system memory overhead, couple of GiBs, during that period.  This
+overhead can adversely impact the isolation on the system.
+
+One source of high overhead we found was cred->security objects, which
+have a lifetime of at least the life of the process which allocated
+them.
+
+Link: http://lkml.kernel.org/r/20191205223721.40034-1-shakeelb@google.com
+Signed-off-by: Shakeel Butt <shakeelb@google.com>
+Acked-by: Chris Down <chris@chrisdown.name>
+Reviewed-by: Roman Gushchin <guro@fb.com>
+Acked-by: Michal Hocko <mhocko@suse.com>
+Cc: Johannes Weiner <hannes@cmpxchg.org>
+Cc: <stable@vger.kernel.org>
+Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
+Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ kernel/cred.c |    6 +++---
+ 1 file changed, 3 insertions(+), 3 deletions(-)
+
+--- a/kernel/cred.c
++++ b/kernel/cred.c
+@@ -219,7 +219,7 @@ struct cred *cred_alloc_blank(void)
+ 	new->magic = CRED_MAGIC;
+ #endif
+ 
+-	if (security_cred_alloc_blank(new, GFP_KERNEL) < 0)
++	if (security_cred_alloc_blank(new, GFP_KERNEL_ACCOUNT) < 0)
+ 		goto error;
+ 
+ 	return new;
+@@ -278,7 +278,7 @@ struct cred *prepare_creds(void)
+ 	new->security = NULL;
+ #endif
+ 
+-	if (security_prepare_creds(new, old, GFP_KERNEL) < 0)
++	if (security_prepare_creds(new, old, GFP_KERNEL_ACCOUNT) < 0)
+ 		goto error;
+ 	validate_creds(new);
+ 	return new;
+@@ -653,7 +653,7 @@ struct cred *prepare_kernel_cred(struct
+ #ifdef CONFIG_SECURITY
+ 	new->security = NULL;
+ #endif
+-	if (security_prepare_creds(new, old, GFP_KERNEL) < 0)
++	if (security_prepare_creds(new, old, GFP_KERNEL_ACCOUNT) < 0)
+ 		goto error;
+ 
+ 	put_cred(old);
diff --git a/queue-4.9/mm-zsmalloc.c-fix-the-migrated-zspage-statistics.patch b/queue-4.9/mm-zsmalloc.c-fix-the-migrated-zspage-statistics.patch
new file mode 100644
index 00000000000..238c15bd934
--- /dev/null
+++ b/queue-4.9/mm-zsmalloc.c-fix-the-migrated-zspage-statistics.patch
@@ -0,0 +1,42 @@
+From ac8f05da5174c560de122c499ce5dfb5d0dfbee5 Mon Sep 17 00:00:00 2001
+From: Chanho Min <chanho.min@lge.com>
+Date: Sat, 4 Jan 2020 12:59:36 -0800
+Subject: mm/zsmalloc.c: fix the migrated zspage statistics.
+
+From: Chanho Min <chanho.min@lge.com>
+
+commit ac8f05da5174c560de122c499ce5dfb5d0dfbee5 upstream.
+
+When zspage is migrated to the other zone, the zone page state should be
+updated as well, otherwise the NR_ZSPAGE for each zone shows wrong
+counts including proc/zoneinfo in practice.
+
+Link: http://lkml.kernel.org/r/1575434841-48009-1-git-send-email-chanho.min@lge.com
+Fixes: 91537fee0013 ("mm: add NR_ZSMALLOC to vmstat")
+Signed-off-by: Chanho Min <chanho.min@lge.com>
+Signed-off-by: Jinsuk Choi <jjinsuk.choi@lge.com>
+Reviewed-by: Sergey Senozhatsky <sergey.senozhatsky@gmail.com>
+Acked-by: Minchan Kim <minchan@kernel.org>
+Cc: <stable@vger.kernel.org>        [4.9+]
+Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
+Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ mm/zsmalloc.c |    5 +++++
+ 1 file changed, 5 insertions(+)
+
+--- a/mm/zsmalloc.c
++++ b/mm/zsmalloc.c
+@@ -2138,6 +2138,11 @@ int zs_page_migrate(struct address_space
+ 		zs_pool_dec_isolated(pool);
+ 	}
+ 
++	if (page_zone(newpage) != page_zone(page)) {
++		dec_zone_page_state(page, NR_ZSPAGES);
++		inc_zone_page_state(newpage, NR_ZSPAGES);
++	}
++
+ 	reset_page(page);
+ 	put_page(page);
+ 	page = newpage;
diff --git a/queue-4.9/series b/queue-4.9/series
index 318bdcd7e03..262d6bca53e 100644
--- a/queue-4.9/series
+++ b/queue-4.9/series
@@ -18,3 +18,8 @@ drm-limit-to-int_max-in-create_blob-ioctl.patch
 revert-perf-report-add-warning-when-libunwind-not-co.patch
 alsa-ice1724-fix-sleep-in-atomic-in-infrasonic-quartet-support-code.patch
 mips-avoid-vdso-abi-breakage-due-to-global-register-variable.patch
+mm-zsmalloc.c-fix-the-migrated-zspage-statistics.patch
+memcg-account-security-cred-as-well-to-kmemcg.patch
+locks-print-unsigned-ino-in-proc-locks.patch
+dmaengine-fix-access-to-uninitialized-dma_slave_caps.patch
+compat_ioctl-block-handle-persistent-reservations.patch