From: Greg Kroah-Hartman Date: Tue, 15 Oct 2019 04:28:45 +0000 (+0200) Subject: 4.9-stable patches X-Git-Tag: v4.4.197~34 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=c1438b2929ea8ffb25e86f6f46daf6eab040df2b;p=thirdparty%2Fkernel%2Fstable-queue.git 4.9-stable patches added patches: cifs-force-reval-dentry-if-lookup_reval-flag-is-set.patch cifs-force-revalidate-inode-when-dentry-is-stale.patch cifs-gracefully-handle-queryinfo-errors-during-open.patch efivar-ssdt-don-t-iterate-over-efi-vars-if-no-ssdt-override-was-specified.patch iio-light-opt3001-fix-mutex-unlock-race.patch kernel-sysctl.c-do-not-override-max_threads-provided-by-userspace.patch perf-inject-jit-fix-jit_code_move-filename.patch perf-llvm-don-t-access-out-of-scope-array.patch --- diff --git a/queue-4.9/cifs-force-reval-dentry-if-lookup_reval-flag-is-set.patch b/queue-4.9/cifs-force-reval-dentry-if-lookup_reval-flag-is-set.patch new file mode 100644 index 00000000000..d345c2766eb --- /dev/null +++ b/queue-4.9/cifs-force-reval-dentry-if-lookup_reval-flag-is-set.patch @@ -0,0 +1,53 @@ +From 0b3d0ef9840f7be202393ca9116b857f6f793715 Mon Sep 17 00:00:00 2001 +From: Pavel Shilovsky +Date: Mon, 30 Sep 2019 10:06:20 -0700 +Subject: CIFS: Force reval dentry if LOOKUP_REVAL flag is set + +From: Pavel Shilovsky + +commit 0b3d0ef9840f7be202393ca9116b857f6f793715 upstream. + +Mark inode for force revalidation if LOOKUP_REVAL flag is set. +This tells the client to actually send a QueryInfo request to +the server to obtain the latest metadata in case a directory +or a file were changed remotely. Only do that if the client +doesn't have a lease for the file to avoid unneeded round +trips to the server. + +Cc: +Signed-off-by: Pavel Shilovsky +Signed-off-by: Steve French +Signed-off-by: Greg Kroah-Hartman + +--- + fs/cifs/dir.c | 8 +++++++- + 1 file changed, 7 insertions(+), 1 deletion(-) + +--- a/fs/cifs/dir.c ++++ b/fs/cifs/dir.c +@@ -830,10 +830,16 @@ lookup_out: + static int + cifs_d_revalidate(struct dentry *direntry, unsigned int flags) + { ++ struct inode *inode; ++ + if (flags & LOOKUP_RCU) + return -ECHILD; + + if (d_really_is_positive(direntry)) { ++ inode = d_inode(direntry); ++ if ((flags & LOOKUP_REVAL) && !CIFS_CACHE_READ(CIFS_I(inode))) ++ CIFS_I(inode)->time = 0; /* force reval */ ++ + if (cifs_revalidate_dentry(direntry)) + return 0; + else { +@@ -844,7 +850,7 @@ cifs_d_revalidate(struct dentry *direntr + * attributes will have been updated by + * cifs_revalidate_dentry(). + */ +- if (IS_AUTOMOUNT(d_inode(direntry)) && ++ if (IS_AUTOMOUNT(inode) && + !(direntry->d_flags & DCACHE_NEED_AUTOMOUNT)) { + spin_lock(&direntry->d_lock); + direntry->d_flags |= DCACHE_NEED_AUTOMOUNT; diff --git a/queue-4.9/cifs-force-revalidate-inode-when-dentry-is-stale.patch b/queue-4.9/cifs-force-revalidate-inode-when-dentry-is-stale.patch new file mode 100644 index 00000000000..ed8caa1b6f0 --- /dev/null +++ b/queue-4.9/cifs-force-revalidate-inode-when-dentry-is-stale.patch @@ -0,0 +1,61 @@ +From c82e5ac7fe3570a269c0929bf7899f62048e7dbc Mon Sep 17 00:00:00 2001 +From: Pavel Shilovsky +Date: Mon, 30 Sep 2019 10:06:19 -0700 +Subject: CIFS: Force revalidate inode when dentry is stale + +From: Pavel Shilovsky + +commit c82e5ac7fe3570a269c0929bf7899f62048e7dbc upstream. + +Currently the client indicates that a dentry is stale when inode +numbers or type types between a local inode and a remote file +don't match. If this is the case attributes is not being copied +from remote to local, so, it is already known that the local copy +has stale metadata. That's why the inode needs to be marked for +revalidation in order to tell the VFS to lookup the dentry again +before openning a file. This prevents unexpected stale errors +to be returned to the user space when openning a file. + +Cc: +Signed-off-by: Pavel Shilovsky +Signed-off-by: Steve French +Signed-off-by: Greg Kroah-Hartman + +--- + fs/cifs/inode.c | 4 ++++ + 1 file changed, 4 insertions(+) + +--- a/fs/cifs/inode.c ++++ b/fs/cifs/inode.c +@@ -405,6 +405,7 @@ int cifs_get_inode_info_unix(struct inod + /* if uniqueid is different, return error */ + if (unlikely(cifs_sb->mnt_cifs_flags & CIFS_MOUNT_SERVER_INUM && + CIFS_I(*pinode)->uniqueid != fattr.cf_uniqueid)) { ++ CIFS_I(*pinode)->time = 0; /* force reval */ + rc = -ESTALE; + goto cgiiu_exit; + } +@@ -412,6 +413,7 @@ int cifs_get_inode_info_unix(struct inod + /* if filetype is different, return error */ + if (unlikely(((*pinode)->i_mode & S_IFMT) != + (fattr.cf_mode & S_IFMT))) { ++ CIFS_I(*pinode)->time = 0; /* force reval */ + rc = -ESTALE; + goto cgiiu_exit; + } +@@ -917,6 +919,7 @@ cifs_get_inode_info(struct inode **inode + /* if uniqueid is different, return error */ + if (unlikely(cifs_sb->mnt_cifs_flags & CIFS_MOUNT_SERVER_INUM && + CIFS_I(*inode)->uniqueid != fattr.cf_uniqueid)) { ++ CIFS_I(*inode)->time = 0; /* force reval */ + rc = -ESTALE; + goto cgii_exit; + } +@@ -924,6 +927,7 @@ cifs_get_inode_info(struct inode **inode + /* if filetype is different, return error */ + if (unlikely(((*inode)->i_mode & S_IFMT) != + (fattr.cf_mode & S_IFMT))) { ++ CIFS_I(*inode)->time = 0; /* force reval */ + rc = -ESTALE; + goto cgii_exit; + } diff --git a/queue-4.9/cifs-gracefully-handle-queryinfo-errors-during-open.patch b/queue-4.9/cifs-gracefully-handle-queryinfo-errors-during-open.patch new file mode 100644 index 00000000000..3e1432ee837 --- /dev/null +++ b/queue-4.9/cifs-gracefully-handle-queryinfo-errors-during-open.patch @@ -0,0 +1,45 @@ +From 30573a82fb179420b8aac30a3a3595aa96a93156 Mon Sep 17 00:00:00 2001 +From: Pavel Shilovsky +Date: Mon, 30 Sep 2019 10:06:18 -0700 +Subject: CIFS: Gracefully handle QueryInfo errors during open + +From: Pavel Shilovsky + +commit 30573a82fb179420b8aac30a3a3595aa96a93156 upstream. + +Currently if the client identifies problems when processing +metadata returned in CREATE response, the open handle is being +leaked. This causes multiple problems like a file missing a lease +break by that client which causes high latencies to other clients +accessing the file. Another side-effect of this is that the file +can't be deleted. + +Fix this by closing the file after the client hits an error after +the file was opened and the open descriptor wasn't returned to +the user space. Also convert -ESTALE to -EOPENSTALE to allow +the VFS to revalidate a dentry and retry the open. + +Cc: +Signed-off-by: Pavel Shilovsky +Signed-off-by: Steve French +Signed-off-by: Greg Kroah-Hartman + +--- + fs/cifs/file.c | 6 ++++++ + 1 file changed, 6 insertions(+) + +--- a/fs/cifs/file.c ++++ b/fs/cifs/file.c +@@ -252,6 +252,12 @@ cifs_nt_open(char *full_path, struct ino + rc = cifs_get_inode_info(&inode, full_path, buf, inode->i_sb, + xid, fid); + ++ if (rc) { ++ server->ops->close(xid, tcon, fid); ++ if (rc == -ESTALE) ++ rc = -EOPENSTALE; ++ } ++ + out: + kfree(buf); + return rc; diff --git a/queue-4.9/efivar-ssdt-don-t-iterate-over-efi-vars-if-no-ssdt-override-was-specified.patch b/queue-4.9/efivar-ssdt-don-t-iterate-over-efi-vars-if-no-ssdt-override-was-specified.patch new file mode 100644 index 00000000000..6b245beabd3 --- /dev/null +++ b/queue-4.9/efivar-ssdt-don-t-iterate-over-efi-vars-if-no-ssdt-override-was-specified.patch @@ -0,0 +1,59 @@ +From c05f8f92b701576b615f30aac31fabdc0648649b Mon Sep 17 00:00:00 2001 +From: Ard Biesheuvel +Date: Wed, 2 Oct 2019 18:58:59 +0200 +Subject: efivar/ssdt: Don't iterate over EFI vars if no SSDT override was specified + +From: Ard Biesheuvel + +commit c05f8f92b701576b615f30aac31fabdc0648649b upstream. + +The kernel command line option efivar_ssdt= allows the name to be +specified of an EFI variable containing an ACPI SSDT table that should +be loaded into memory by the OS, and treated as if it was provided by +the firmware. + +Currently, that code will always iterate over the EFI variables and +compare each name with the provided name, even if the command line +option wasn't set to begin with. + +So bail early when no variable name was provided. This works around a +boot regression on the 2012 Mac Pro, as reported by Scott. + +Tested-by: Scott Talbert +Signed-off-by: Ard Biesheuvel +Cc: # v4.9+ +Cc: Ben Dooks +Cc: Dave Young +Cc: Jarkko Sakkinen +Cc: Jerry Snitselaar +Cc: Linus Torvalds +Cc: Lukas Wunner +Cc: Lyude Paul +Cc: Matthew Garrett +Cc: Octavian Purdila +Cc: Peter Jones +Cc: Peter Zijlstra +Cc: Thomas Gleixner +Cc: linux-efi@vger.kernel.org +Cc: linux-integrity@vger.kernel.org +Fixes: 475fb4e8b2f4 ("efi / ACPI: load SSTDs from EFI variables") +Link: https://lkml.kernel.org/r/20191002165904.8819-3-ard.biesheuvel@linaro.org +Signed-off-by: Ingo Molnar +Signed-off-by: Greg Kroah-Hartman + +--- + drivers/firmware/efi/efi.c | 3 +++ + 1 file changed, 3 insertions(+) + +--- a/drivers/firmware/efi/efi.c ++++ b/drivers/firmware/efi/efi.c +@@ -243,6 +243,9 @@ static __init int efivar_ssdt_load(void) + void *data; + int ret; + ++ if (!efivar_ssdt[0]) ++ return 0; ++ + ret = efivar_init(efivar_ssdt_iter, &entries, true, &entries); + + list_for_each_entry_safe(entry, aux, &entries, list) { diff --git a/queue-4.9/iio-light-opt3001-fix-mutex-unlock-race.patch b/queue-4.9/iio-light-opt3001-fix-mutex-unlock-race.patch new file mode 100644 index 00000000000..1c3d29d4364 --- /dev/null +++ b/queue-4.9/iio-light-opt3001-fix-mutex-unlock-race.patch @@ -0,0 +1,56 @@ +From 82f3015635249a8c8c45bac303fd84905066f04f Mon Sep 17 00:00:00 2001 +From: David Frey +Date: Thu, 19 Sep 2019 15:54:18 -0700 +Subject: iio: light: opt3001: fix mutex unlock race + +From: David Frey + +commit 82f3015635249a8c8c45bac303fd84905066f04f upstream. + +When an end-of-conversion interrupt is received after performing a +single-shot reading of the light sensor, the driver was waking up the +result ready queue before checking opt->ok_to_ignore_lock to determine +if it should unlock the mutex. The problem occurred in the case where +the other thread woke up and changed the value of opt->ok_to_ignore_lock +to false prior to the interrupt thread performing its read of the +variable. In this case, the mutex would be unlocked twice. + +Signed-off-by: David Frey +Reviewed-by: Andreas Dannenberg +Fixes: 94a9b7b1809f ("iio: light: add support for TI's opt3001 light sensor") +Cc: +Signed-off-by: Jonathan Cameron +Signed-off-by: Greg Kroah-Hartman + +--- + drivers/iio/light/opt3001.c | 6 +++++- + 1 file changed, 5 insertions(+), 1 deletion(-) + +--- a/drivers/iio/light/opt3001.c ++++ b/drivers/iio/light/opt3001.c +@@ -695,6 +695,7 @@ static irqreturn_t opt3001_irq(int irq, + struct iio_dev *iio = _iio; + struct opt3001 *opt = iio_priv(iio); + int ret; ++ bool wake_result_ready_queue = false; + + if (!opt->ok_to_ignore_lock) + mutex_lock(&opt->lock); +@@ -729,13 +730,16 @@ static irqreturn_t opt3001_irq(int irq, + } + opt->result = ret; + opt->result_ready = true; +- wake_up(&opt->result_ready_queue); ++ wake_result_ready_queue = true; + } + + out: + if (!opt->ok_to_ignore_lock) + mutex_unlock(&opt->lock); + ++ if (wake_result_ready_queue) ++ wake_up(&opt->result_ready_queue); ++ + return IRQ_HANDLED; + } + diff --git a/queue-4.9/kernel-sysctl.c-do-not-override-max_threads-provided-by-userspace.patch b/queue-4.9/kernel-sysctl.c-do-not-override-max_threads-provided-by-userspace.patch new file mode 100644 index 00000000000..88b37adc093 --- /dev/null +++ b/queue-4.9/kernel-sysctl.c-do-not-override-max_threads-provided-by-userspace.patch @@ -0,0 +1,83 @@ +From b0f53dbc4bc4c371f38b14c391095a3bb8a0bb40 Mon Sep 17 00:00:00 2001 +From: Michal Hocko +Date: Sun, 6 Oct 2019 17:58:19 -0700 +Subject: kernel/sysctl.c: do not override max_threads provided by userspace + +From: Michal Hocko + +commit b0f53dbc4bc4c371f38b14c391095a3bb8a0bb40 upstream. + +Partially revert 16db3d3f1170 ("kernel/sysctl.c: threads-max observe +limits") because the patch is causing a regression to any workload which +needs to override the auto-tuning of the limit provided by kernel. + +set_max_threads is implementing a boot time guesstimate to provide a +sensible limit of the concurrently running threads so that runaways will +not deplete all the memory. This is a good thing in general but there +are workloads which might need to increase this limit for an application +to run (reportedly WebSpher MQ is affected) and that is simply not +possible after the mentioned change. It is also very dubious to +override an admin decision by an estimation that doesn't have any direct +relation to correctness of the kernel operation. + +Fix this by dropping set_max_threads from sysctl_max_threads so any +value is accepted as long as it fits into MAX_THREADS which is important +to check because allowing more threads could break internal robust futex +restriction. While at it, do not use MIN_THREADS as the lower boundary +because it is also only a heuristic for automatic estimation and admin +might have a good reason to stop new threads to be created even when +below this limit. + +This became more severe when we switched x86 from 4k to 8k kernel +stacks. Starting since 6538b8ea886e ("x86_64: expand kernel stack to +16K") (3.16) we use THREAD_SIZE_ORDER = 2 and that halved the auto-tuned +value. + +In the particular case + + 3.12 + kernel.threads-max = 515561 + + 4.4 + kernel.threads-max = 200000 + +Neither of the two values is really insane on 32GB machine. + +I am not sure we want/need to tune the max_thread value further. If +anything the tuning should be removed altogether if proven not useful in +general. But we definitely need a way to override this auto-tuning. + +Link: http://lkml.kernel.org/r/20190922065801.GB18814@dhcp22.suse.cz +Fixes: 16db3d3f1170 ("kernel/sysctl.c: threads-max observe limits") +Signed-off-by: Michal Hocko +Reviewed-by: "Eric W. Biederman" +Cc: Heinrich Schuchardt +Cc: +Signed-off-by: Andrew Morton +Signed-off-by: Linus Torvalds +Signed-off-by: Greg Kroah-Hartman + +--- + kernel/fork.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +--- a/kernel/fork.c ++++ b/kernel/fork.c +@@ -2356,7 +2356,7 @@ int sysctl_max_threads(struct ctl_table + struct ctl_table t; + int ret; + int threads = max_threads; +- int min = MIN_THREADS; ++ int min = 1; + int max = MAX_THREADS; + + t = *table; +@@ -2368,7 +2368,7 @@ int sysctl_max_threads(struct ctl_table + if (ret || !write) + return ret; + +- set_max_threads(threads); ++ max_threads = threads; + + return 0; + } diff --git a/queue-4.9/perf-inject-jit-fix-jit_code_move-filename.patch b/queue-4.9/perf-inject-jit-fix-jit_code_move-filename.patch new file mode 100644 index 00000000000..fa5b8c57947 --- /dev/null +++ b/queue-4.9/perf-inject-jit-fix-jit_code_move-filename.patch @@ -0,0 +1,73 @@ +From b59711e9b0d22fd47abfa00602fd8c365cdd3ab7 Mon Sep 17 00:00:00 2001 +From: Steve MacLean +Date: Sat, 28 Sep 2019 01:41:18 +0000 +Subject: perf inject jit: Fix JIT_CODE_MOVE filename + +From: Steve MacLean + +commit b59711e9b0d22fd47abfa00602fd8c365cdd3ab7 upstream. + +During perf inject --jit, JIT_CODE_MOVE records were injecting MMAP records +with an incorrect filename. Specifically it was missing the ".so" suffix. + +Further the JIT_CODE_LOAD record were silently truncating the +jr->load.code_index field to 32 bits before generating the filename. + +Make both records emit the same filename based on the full 64 bit +code_index field. + +Fixes: 9b07e27f88b9 ("perf inject: Add jitdump mmap injection support") +Cc: stable@vger.kernel.org # v4.6+ +Signed-off-by: Steve MacLean +Acked-by: Jiri Olsa +Cc: Alexander Shishkin +Cc: Andi Kleen +Cc: Brian Robbins +Cc: Davidlohr Bueso +Cc: Eric Saint-Etienne +Cc: John Keeping +Cc: John Salem +Cc: Leo Yan +Cc: Mark Rutland +Cc: Namhyung Kim +Cc: Peter Zijlstra +Cc: Song Liu +Cc: Stephane Eranian +Cc: Tom McDonald +Link: http://lore.kernel.org/lkml/BN8PR21MB1362FF8F127B31DBF4121528F7800@BN8PR21MB1362.namprd21.prod.outlook.com +Signed-off-by: Arnaldo Carvalho de Melo +Signed-off-by: Greg Kroah-Hartman + +--- + tools/perf/util/jitdump.c | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +--- a/tools/perf/util/jitdump.c ++++ b/tools/perf/util/jitdump.c +@@ -369,7 +369,7 @@ static int jit_repipe_code_load(struct j + size_t size; + u16 idr_size; + const char *sym; +- uint32_t count; ++ uint64_t count; + int ret, csize; + pid_t pid, tid; + struct { +@@ -391,7 +391,7 @@ static int jit_repipe_code_load(struct j + return -1; + + filename = event->mmap2.filename; +- size = snprintf(filename, PATH_MAX, "%s/jitted-%d-%u.so", ++ size = snprintf(filename, PATH_MAX, "%s/jitted-%d-%" PRIu64 ".so", + jd->dir, + pid, + count); +@@ -493,7 +493,7 @@ static int jit_repipe_code_move(struct j + return -1; + + filename = event->mmap2.filename; +- size = snprintf(filename, PATH_MAX, "%s/jitted-%d-%"PRIu64, ++ size = snprintf(filename, PATH_MAX, "%s/jitted-%d-%" PRIu64 ".so", + jd->dir, + pid, + jr->move.code_index); diff --git a/queue-4.9/perf-llvm-don-t-access-out-of-scope-array.patch b/queue-4.9/perf-llvm-don-t-access-out-of-scope-array.patch new file mode 100644 index 00000000000..212914ec65b --- /dev/null +++ b/queue-4.9/perf-llvm-don-t-access-out-of-scope-array.patch @@ -0,0 +1,55 @@ +From 7d4c85b7035eb2f9ab217ce649dcd1bfaf0cacd3 Mon Sep 17 00:00:00 2001 +From: Ian Rogers +Date: Thu, 26 Sep 2019 15:00:18 -0700 +Subject: perf llvm: Don't access out-of-scope array + +From: Ian Rogers + +commit 7d4c85b7035eb2f9ab217ce649dcd1bfaf0cacd3 upstream. + +The 'test_dir' variable is assigned to the 'release' array which is +out-of-scope 3 lines later. + +Extend the scope of the 'release' array so that an out-of-scope array +isn't accessed. + +Bug detected by clang's address sanitizer. + +Fixes: 07bc5c699a3d ("perf tools: Make fetch_kernel_version() publicly available") +Cc: stable@vger.kernel.org # v4.4+ +Signed-off-by: Ian Rogers +Cc: Alexander Shishkin +Cc: Andi Kleen +Cc: Jiri Olsa +Cc: Namhyung Kim +Cc: Peter Zijlstra +Cc: Stephane Eranian +Cc: Wang Nan +Link: http://lore.kernel.org/lkml/20190926220018.25402-1-irogers@google.com +Signed-off-by: Arnaldo Carvalho de Melo +Signed-off-by: Greg Kroah-Hartman + +--- + tools/perf/util/llvm-utils.c | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +--- a/tools/perf/util/llvm-utils.c ++++ b/tools/perf/util/llvm-utils.c +@@ -220,14 +220,14 @@ static int detect_kbuild_dir(char **kbui + const char *prefix_dir = ""; + const char *suffix_dir = ""; + ++ /* _UTSNAME_LENGTH is 65 */ ++ char release[128]; ++ + char *autoconf_path; + + int err; + + if (!test_dir) { +- /* _UTSNAME_LENGTH is 65 */ +- char release[128]; +- + err = fetch_kernel_version(NULL, release, + sizeof(release)); + if (err) diff --git a/queue-4.9/series b/queue-4.9/series index f40f58fd020..6ce15418314 100644 --- a/queue-4.9/series +++ b/queue-4.9/series @@ -73,3 +73,11 @@ usb-legousbtower-fix-open-after-failed-reset-request.patch usb-legousbtower-fix-use-after-free-on-release.patch staging-vt6655-fix-memory-leak-in-vt6655_probe.patch iio-adc-ad799x-fix-probe-error-handling.patch +iio-light-opt3001-fix-mutex-unlock-race.patch +efivar-ssdt-don-t-iterate-over-efi-vars-if-no-ssdt-override-was-specified.patch +perf-llvm-don-t-access-out-of-scope-array.patch +perf-inject-jit-fix-jit_code_move-filename.patch +cifs-gracefully-handle-queryinfo-errors-during-open.patch +cifs-force-revalidate-inode-when-dentry-is-stale.patch +cifs-force-reval-dentry-if-lookup_reval-flag-is-set.patch +kernel-sysctl.c-do-not-override-max_threads-provided-by-userspace.patch