--- /dev/null
+From jannh@google.com Fri Sep 16 11:29:18 2022
+From: Jann Horn <jannh@google.com>
+Date: Thu, 15 Sep 2022 16:25:19 +0200
+Subject: mm: Fix TLB flush for not-first PFNMAP mappings in unmap_region()
+To: stable@vger.kernel.org, Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+Cc: Hugh Dickins <hughd@google.com>, Peter Zijlstra <peterz@infradead.org>
+Message-ID: <20220915142519.2941949-1-jannh@google.com>
+
+From: Jann Horn <jannh@google.com>
+
+This is a stable-specific patch.
+I botched the stable-specific rewrite of
+commit b67fbebd4cf98 ("mmu_gather: Force tlb-flush VM_PFNMAP vmas"):
+As Hugh pointed out, unmap_region() actually operates on a list of VMAs,
+and the variable "vma" merely points to the first VMA in that list.
+So if we want to check whether any of the VMAs we're operating on is
+PFNMAP or MIXEDMAP, we have to iterate through the list and check each VMA.
+
+Signed-off-by: Jann Horn <jannh@google.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ mm/mmap.c | 9 +++++++--
+ 1 file changed, 7 insertions(+), 2 deletions(-)
+
+--- a/mm/mmap.c
++++ b/mm/mmap.c
+@@ -2524,6 +2524,7 @@ static void unmap_region(struct mm_struc
+ {
+ struct vm_area_struct *next = prev ? prev->vm_next : mm->mmap;
+ struct mmu_gather tlb;
++ struct vm_area_struct *cur_vma;
+
+ lru_add_drain();
+ tlb_gather_mmu(&tlb, mm, start, end);
+@@ -2538,8 +2539,12 @@ static void unmap_region(struct mm_struc
+ * concurrent flush in this region has to be coming through the rmap,
+ * and we synchronize against that using the rmap lock.
+ */
+- if ((vma->vm_flags & (VM_PFNMAP|VM_MIXEDMAP)) != 0)
+- tlb_flush_mmu(&tlb);
++ for (cur_vma = vma; cur_vma; cur_vma = cur_vma->vm_next) {
++ if ((cur_vma->vm_flags & (VM_PFNMAP|VM_MIXEDMAP)) != 0) {
++ tlb_flush_mmu(&tlb);
++ break;
++ }
++ }
+
+ free_pgtables(&tlb, vma, prev ? prev->vm_end : FIRST_USER_ADDRESS,
+ next ? next->vm_start : USER_PGTABLES_CEILING);
--- /dev/null
+From 47311db8e8f33011d90dee76b39c8886120cdda4 Mon Sep 17 00:00:00 2001
+From: Brian Norris <briannorris@chromium.org>
+Date: Fri, 26 Aug 2022 17:44:17 -0700
+Subject: tracefs: Only clobber mode/uid/gid on remount if asked
+
+From: Brian Norris <briannorris@chromium.org>
+
+commit 47311db8e8f33011d90dee76b39c8886120cdda4 upstream.
+
+Users may have explicitly configured their tracefs permissions; we
+shouldn't overwrite those just because a second mount appeared.
+
+Only clobber if the options were provided at mount time.
+
+Note: the previous behavior was especially surprising in the presence of
+automounted /sys/kernel/debug/tracing/.
+
+Existing behavior:
+
+ ## Pre-existing status: tracefs is 0755.
+ # stat -c '%A' /sys/kernel/tracing/
+ drwxr-xr-x
+
+ ## (Re)trigger the automount.
+ # umount /sys/kernel/debug/tracing
+ # stat -c '%A' /sys/kernel/debug/tracing/.
+ drwx------
+
+ ## Unexpected: the automount changed mode for other mount instances.
+ # stat -c '%A' /sys/kernel/tracing/
+ drwx------
+
+New behavior (after this change):
+
+ ## Pre-existing status: tracefs is 0755.
+ # stat -c '%A' /sys/kernel/tracing/
+ drwxr-xr-x
+
+ ## (Re)trigger the automount.
+ # umount /sys/kernel/debug/tracing
+ # stat -c '%A' /sys/kernel/debug/tracing/.
+ drwxr-xr-x
+
+ ## Expected: the automount does not change other mount instances.
+ # stat -c '%A' /sys/kernel/tracing/
+ drwxr-xr-x
+
+Link: https://lkml.kernel.org/r/20220826174353.2.Iab6e5ea57963d6deca5311b27fb7226790d44406@changeid
+
+Cc: stable@vger.kernel.org
+Fixes: 4282d60689d4f ("tracefs: Add new tracefs file system")
+Signed-off-by: Brian Norris <briannorris@chromium.org>
+Signed-off-by: Steven Rostedt (Google) <rostedt@goodmis.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ fs/tracefs/inode.c | 31 +++++++++++++++++++++++--------
+ 1 file changed, 23 insertions(+), 8 deletions(-)
+
+--- a/fs/tracefs/inode.c
++++ b/fs/tracefs/inode.c
+@@ -142,6 +142,8 @@ struct tracefs_mount_opts {
+ kuid_t uid;
+ kgid_t gid;
+ umode_t mode;
++ /* Opt_* bitfield. */
++ unsigned int opts;
+ };
+
+ enum {
+@@ -242,6 +244,7 @@ static int tracefs_parse_options(char *d
+ kgid_t gid;
+ char *p;
+
++ opts->opts = 0;
+ opts->mode = TRACEFS_DEFAULT_MODE;
+
+ while ((p = strsep(&data, ",")) != NULL) {
+@@ -276,24 +279,36 @@ static int tracefs_parse_options(char *d
+ * but traditionally tracefs has ignored all mount options
+ */
+ }
++
++ opts->opts |= BIT(token);
+ }
+
+ return 0;
+ }
+
+-static int tracefs_apply_options(struct super_block *sb)
++static int tracefs_apply_options(struct super_block *sb, bool remount)
+ {
+ struct tracefs_fs_info *fsi = sb->s_fs_info;
+ struct inode *inode = sb->s_root->d_inode;
+ struct tracefs_mount_opts *opts = &fsi->mount_opts;
+
+- inode->i_mode &= ~S_IALLUGO;
+- inode->i_mode |= opts->mode;
++ /*
++ * On remount, only reset mode/uid/gid if they were provided as mount
++ * options.
++ */
++
++ if (!remount || opts->opts & BIT(Opt_mode)) {
++ inode->i_mode &= ~S_IALLUGO;
++ inode->i_mode |= opts->mode;
++ }
+
+- inode->i_uid = opts->uid;
++ if (!remount || opts->opts & BIT(Opt_uid))
++ inode->i_uid = opts->uid;
+
+- /* Set all the group ids to the mount option */
+- set_gid(sb->s_root, opts->gid);
++ if (!remount || opts->opts & BIT(Opt_gid)) {
++ /* Set all the group ids to the mount option */
++ set_gid(sb->s_root, opts->gid);
++ }
+
+ return 0;
+ }
+@@ -308,7 +323,7 @@ static int tracefs_remount(struct super_
+ if (err)
+ goto fail;
+
+- tracefs_apply_options(sb);
++ tracefs_apply_options(sb, true);
+
+ fail:
+ return err;
+@@ -362,7 +377,7 @@ static int trace_fill_super(struct super
+
+ sb->s_op = &tracefs_super_operations;
+
+- tracefs_apply_options(sb);
++ tracefs_apply_options(sb, false);
+
+ return 0;
+
projects / thirdparty / kernel / stable-queue.git / commitdiff
