--- /dev/null
+From foo@baz Tue Dec 1 09:32:41 AM CET 2020
+From: Filipe Manana <fdmanana@suse.com>
+Date: Mon, 23 Nov 2020 14:28:44 +0000
+Subject: btrfs: fix lockdep splat when reading qgroup config on mount
+
+From: Filipe Manana <fdmanana@suse.com>
+
+commit 3d05cad3c357a2b749912914356072b38435edfa upstream
+
+Lockdep reported the following splat when running test btrfs/190 from
+fstests:
+
+ [ 9482.126098] ======================================================
+ [ 9482.126184] WARNING: possible circular locking dependency detected
+ [ 9482.126281] 5.10.0-rc4-btrfs-next-73 #1 Not tainted
+ [ 9482.126365] ------------------------------------------------------
+ [ 9482.126456] mount/24187 is trying to acquire lock:
+ [ 9482.126534] ffffa0c869a7dac0 (&fs_info->qgroup_rescan_lock){+.+.}-{3:3}, at: qgroup_rescan_init+0x43/0xf0 [btrfs]
+ [ 9482.126647]
+ but task is already holding lock:
+ [ 9482.126777] ffffa0c892ebd3a0 (btrfs-quota-00){++++}-{3:3}, at: __btrfs_tree_read_lock+0x27/0x120 [btrfs]
+ [ 9482.126886]
+ which lock already depends on the new lock.
+
+ [ 9482.127078]
+ the existing dependency chain (in reverse order) is:
+ [ 9482.127213]
+ -> #1 (btrfs-quota-00){++++}-{3:3}:
+ [ 9482.127366] lock_acquire+0xd8/0x490
+ [ 9482.127436] down_read_nested+0x45/0x220
+ [ 9482.127528] __btrfs_tree_read_lock+0x27/0x120 [btrfs]
+ [ 9482.127613] btrfs_read_lock_root_node+0x41/0x130 [btrfs]
+ [ 9482.127702] btrfs_search_slot+0x514/0xc30 [btrfs]
+ [ 9482.127788] update_qgroup_status_item+0x72/0x140 [btrfs]
+ [ 9482.127877] btrfs_qgroup_rescan_worker+0xde/0x680 [btrfs]
+ [ 9482.127964] btrfs_work_helper+0xf1/0x600 [btrfs]
+ [ 9482.128039] process_one_work+0x24e/0x5e0
+ [ 9482.128110] worker_thread+0x50/0x3b0
+ [ 9482.128181] kthread+0x153/0x170
+ [ 9482.128256] ret_from_fork+0x22/0x30
+ [ 9482.128327]
+ -> #0 (&fs_info->qgroup_rescan_lock){+.+.}-{3:3}:
+ [ 9482.128464] check_prev_add+0x91/0xc60
+ [ 9482.128551] __lock_acquire+0x1740/0x3110
+ [ 9482.128623] lock_acquire+0xd8/0x490
+ [ 9482.130029] __mutex_lock+0xa3/0xb30
+ [ 9482.130590] qgroup_rescan_init+0x43/0xf0 [btrfs]
+ [ 9482.131577] btrfs_read_qgroup_config+0x43a/0x550 [btrfs]
+ [ 9482.132175] open_ctree+0x1228/0x18a0 [btrfs]
+ [ 9482.132756] btrfs_mount_root.cold+0x13/0xed [btrfs]
+ [ 9482.133325] legacy_get_tree+0x30/0x60
+ [ 9482.133866] vfs_get_tree+0x28/0xe0
+ [ 9482.134392] fc_mount+0xe/0x40
+ [ 9482.134908] vfs_kern_mount.part.0+0x71/0x90
+ [ 9482.135428] btrfs_mount+0x13b/0x3e0 [btrfs]
+ [ 9482.135942] legacy_get_tree+0x30/0x60
+ [ 9482.136444] vfs_get_tree+0x28/0xe0
+ [ 9482.136949] path_mount+0x2d7/0xa70
+ [ 9482.137438] do_mount+0x75/0x90
+ [ 9482.137923] __x64_sys_mount+0x8e/0xd0
+ [ 9482.138400] do_syscall_64+0x33/0x80
+ [ 9482.138873] entry_SYSCALL_64_after_hwframe+0x44/0xa9
+ [ 9482.139346]
+ other info that might help us debug this:
+
+ [ 9482.140735] Possible unsafe locking scenario:
+
+ [ 9482.141594] CPU0 CPU1
+ [ 9482.142011] ---- ----
+ [ 9482.142411] lock(btrfs-quota-00);
+ [ 9482.142806] lock(&fs_info->qgroup_rescan_lock);
+ [ 9482.143216] lock(btrfs-quota-00);
+ [ 9482.143629] lock(&fs_info->qgroup_rescan_lock);
+ [ 9482.144056]
+ *** DEADLOCK ***
+
+ [ 9482.145242] 2 locks held by mount/24187:
+ [ 9482.145637] #0: ffffa0c8411c40e8 (&type->s_umount_key#44/1){+.+.}-{3:3}, at: alloc_super+0xb9/0x400
+ [ 9482.146061] #1: ffffa0c892ebd3a0 (btrfs-quota-00){++++}-{3:3}, at: __btrfs_tree_read_lock+0x27/0x120 [btrfs]
+ [ 9482.146509]
+ stack backtrace:
+ [ 9482.147350] CPU: 1 PID: 24187 Comm: mount Not tainted 5.10.0-rc4-btrfs-next-73 #1
+ [ 9482.147788] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014
+ [ 9482.148709] Call Trace:
+ [ 9482.149169] dump_stack+0x8d/0xb5
+ [ 9482.149628] check_noncircular+0xff/0x110
+ [ 9482.150090] check_prev_add+0x91/0xc60
+ [ 9482.150561] ? kvm_clock_read+0x14/0x30
+ [ 9482.151017] ? kvm_sched_clock_read+0x5/0x10
+ [ 9482.151470] __lock_acquire+0x1740/0x3110
+ [ 9482.151941] ? __btrfs_tree_read_lock+0x27/0x120 [btrfs]
+ [ 9482.152402] lock_acquire+0xd8/0x490
+ [ 9482.152887] ? qgroup_rescan_init+0x43/0xf0 [btrfs]
+ [ 9482.153354] __mutex_lock+0xa3/0xb30
+ [ 9482.153826] ? qgroup_rescan_init+0x43/0xf0 [btrfs]
+ [ 9482.154301] ? qgroup_rescan_init+0x43/0xf0 [btrfs]
+ [ 9482.154768] ? qgroup_rescan_init+0x43/0xf0 [btrfs]
+ [ 9482.155226] qgroup_rescan_init+0x43/0xf0 [btrfs]
+ [ 9482.155690] btrfs_read_qgroup_config+0x43a/0x550 [btrfs]
+ [ 9482.156160] open_ctree+0x1228/0x18a0 [btrfs]
+ [ 9482.156643] btrfs_mount_root.cold+0x13/0xed [btrfs]
+ [ 9482.157108] ? rcu_read_lock_sched_held+0x5d/0x90
+ [ 9482.157567] ? kfree+0x31f/0x3e0
+ [ 9482.158030] legacy_get_tree+0x30/0x60
+ [ 9482.158489] vfs_get_tree+0x28/0xe0
+ [ 9482.158947] fc_mount+0xe/0x40
+ [ 9482.159403] vfs_kern_mount.part.0+0x71/0x90
+ [ 9482.159875] btrfs_mount+0x13b/0x3e0 [btrfs]
+ [ 9482.160335] ? rcu_read_lock_sched_held+0x5d/0x90
+ [ 9482.160805] ? kfree+0x31f/0x3e0
+ [ 9482.161260] ? legacy_get_tree+0x30/0x60
+ [ 9482.161714] legacy_get_tree+0x30/0x60
+ [ 9482.162166] vfs_get_tree+0x28/0xe0
+ [ 9482.162616] path_mount+0x2d7/0xa70
+ [ 9482.163070] do_mount+0x75/0x90
+ [ 9482.163525] __x64_sys_mount+0x8e/0xd0
+ [ 9482.163986] do_syscall_64+0x33/0x80
+ [ 9482.164437] entry_SYSCALL_64_after_hwframe+0x44/0xa9
+ [ 9482.164902] RIP: 0033:0x7f51e907caaa
+
+This happens because at btrfs_read_qgroup_config() we can call
+qgroup_rescan_init() while holding a read lock on a quota btree leaf,
+acquired by the previous call to btrfs_search_slot_for_read(), and
+qgroup_rescan_init() acquires the mutex qgroup_rescan_lock.
+
+A qgroup rescan worker does the opposite: it acquires the mutex
+qgroup_rescan_lock, at btrfs_qgroup_rescan_worker(), and then tries to
+update the qgroup status item in the quota btree through the call to
+update_qgroup_status_item(). This inversion of locking order
+between the qgroup_rescan_lock mutex and quota btree locks causes the
+splat.
+
+Fix this simply by releasing and freeing the path before calling
+qgroup_rescan_init() at btrfs_read_qgroup_config().
+
+CC: stable@vger.kernel.org # 4.4+
+Signed-off-by: Filipe Manana <fdmanana@suse.com>
+Reviewed-by: David Sterba <dsterba@suse.com>
+Signed-off-by: David Sterba <dsterba@suse.com>
+[sudip: adjust context]
+Signed-off-by: Sudip Mukherjee <sudipm.mukherjee@gmail.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ fs/btrfs/qgroup.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/fs/btrfs/qgroup.c
++++ b/fs/btrfs/qgroup.c
+@@ -462,6 +462,7 @@ next2:
+ break;
+ }
+ out:
++ btrfs_free_path(path);
+ fs_info->qgroup_flags |= flags;
+ if (!(fs_info->qgroup_flags & BTRFS_QGROUP_STATUS_FLAG_ON)) {
+ fs_info->quota_enabled = 0;
+@@ -470,7 +471,6 @@ out:
+ ret >= 0) {
+ ret = qgroup_rescan_init(fs_info, rescan_progress, 0);
+ }
+- btrfs_free_path(path);
+
+ if (ret < 0) {
+ ulist_free(fs_info->qgroup_ulist);
perf-probe-fix-to-die_entrypc-returns-error-correctl.patch
usb-core-change-pk-for-__user-pointers-to-px.patch
x86-speculation-fix-prctl-when-spectre_v2_user-seccomp-prctl-ibpb.patch
+usb-core-add-endpoint-blacklist-quirk.patch
+usb-core-fix-regression-in-hercules-audio-card.patch
+btrfs-fix-lockdep-splat-when-reading-qgroup-config-on-mount.patch
--- /dev/null
+From foo@baz Tue Dec 1 09:31:33 AM CET 2020
+From: Johan Hovold <johan@kernel.org>
+Date: Mon, 3 Feb 2020 16:38:28 +0100
+Subject: USB: core: add endpoint-blacklist quirk
+
+From: Johan Hovold <johan@kernel.org>
+
+commit 73f8bda9b5dc1c69df2bc55c0cbb24461a6391a9 upstream
+
+Add a new device quirk that can be used to blacklist endpoints.
+
+Since commit 3e4f8e21c4f2 ("USB: core: fix check for duplicate
+endpoints") USB core ignores any duplicate endpoints found during
+descriptor parsing.
+
+In order to handle devices where the first interfaces with duplicate
+endpoints are the ones that should have their endpoints ignored, we need
+to add a blacklist.
+
+Tested-by: edes <edes@gmx.net>
+Cc: stable <stable@vger.kernel.org>
+Signed-off-by: Johan Hovold <johan@kernel.org>
+Link: https://lore.kernel.org/r/20200203153830.26394-2-johan@kernel.org
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+[sudip: adjust context]
+Signed-off-by: Sudip Mukherjee <sudipm.mukherjee@gmail.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ drivers/usb/core/config.c | 11 +++++++++++
+ drivers/usb/core/quirks.c | 32 ++++++++++++++++++++++++++++++++
+ drivers/usb/core/usb.h | 3 +++
+ include/linux/usb/quirks.h | 3 +++
+ 4 files changed, 49 insertions(+)
+
+--- a/drivers/usb/core/config.c
++++ b/drivers/usb/core/config.c
+@@ -222,6 +222,7 @@ static int usb_parse_endpoint(struct dev
+ struct usb_host_interface *ifp, int num_ep,
+ unsigned char *buffer, int size)
+ {
++ struct usb_device *udev = to_usb_device(ddev);
+ unsigned char *buffer0 = buffer;
+ struct usb_endpoint_descriptor *d;
+ struct usb_host_endpoint *endpoint;
+@@ -263,6 +264,16 @@ static int usb_parse_endpoint(struct dev
+ goto skip_to_next_endpoint_or_interface_descriptor;
+ }
+
++ /* Ignore blacklisted endpoints */
++ if (udev->quirks & USB_QUIRK_ENDPOINT_BLACKLIST) {
++ if (usb_endpoint_is_blacklisted(udev, ifp, d)) {
++ dev_warn(ddev, "config %d interface %d altsetting %d has a blacklisted endpoint with address 0x%X, skipping\n",
++ cfgno, inum, asnum,
++ d->bEndpointAddress);
++ goto skip_to_next_endpoint_or_interface_descriptor;
++ }
++ }
++
+ endpoint = &ifp->endpoint[ifp->desc.bNumEndpoints];
+ ++ifp->desc.bNumEndpoints;
+
+--- a/drivers/usb/core/quirks.c
++++ b/drivers/usb/core/quirks.c
+@@ -344,6 +344,38 @@ static const struct usb_device_id usb_am
+ { } /* terminating entry must be last */
+ };
+
++/*
++ * Entries for blacklisted endpoints that should be ignored when parsing
++ * configuration descriptors.
++ *
++ * Matched for devices with USB_QUIRK_ENDPOINT_BLACKLIST.
++ */
++static const struct usb_device_id usb_endpoint_blacklist[] = {
++ { }
++};
++
++bool usb_endpoint_is_blacklisted(struct usb_device *udev,
++ struct usb_host_interface *intf,
++ struct usb_endpoint_descriptor *epd)
++{
++ const struct usb_device_id *id;
++ unsigned int address;
++
++ for (id = usb_endpoint_blacklist; id->match_flags; ++id) {
++ if (!usb_match_device(udev, id))
++ continue;
++
++ if (!usb_match_one_id_intf(udev, intf, id))
++ continue;
++
++ address = id->driver_info;
++ if (address == epd->bEndpointAddress)
++ return true;
++ }
++
++ return false;
++}
++
+ static bool usb_match_any_interface(struct usb_device *udev,
+ const struct usb_device_id *id)
+ {
+--- a/drivers/usb/core/usb.h
++++ b/drivers/usb/core/usb.h
+@@ -31,6 +31,9 @@ extern void usb_deauthorize_interface(st
+ extern void usb_authorize_interface(struct usb_interface *);
+ extern void usb_detect_quirks(struct usb_device *udev);
+ extern void usb_detect_interface_quirks(struct usb_device *udev);
++extern bool usb_endpoint_is_blacklisted(struct usb_device *udev,
++ struct usb_host_interface *intf,
++ struct usb_endpoint_descriptor *epd);
+ extern int usb_remove_device(struct usb_device *udev);
+
+ extern int usb_get_device_descriptor(struct usb_device *dev,
+--- a/include/linux/usb/quirks.h
++++ b/include/linux/usb/quirks.h
+@@ -59,4 +59,7 @@
+ /* Device needs a pause after every control message. */
+ #define USB_QUIRK_DELAY_CTRL_MSG BIT(13)
+
++/* device has blacklisted endpoints */
++#define USB_QUIRK_ENDPOINT_BLACKLIST BIT(15)
++
+ #endif /* __LINUX_USB_QUIRKS_H */
--- /dev/null
+From foo@baz Tue Dec 1 09:31:33 AM CET 2020
+From: Alan Stern <stern@rowland.harvard.edu>
+Date: Thu, 19 Nov 2020 12:00:40 -0500
+Subject: USB: core: Fix regression in Hercules audio card
+
+From: Alan Stern <stern@rowland.harvard.edu>
+
+commit 184eead057cc7e803558269babc1f2cfb9113ad1 upstream
+
+Commit 3e4f8e21c4f2 ("USB: core: fix check for duplicate endpoints")
+aimed to make the USB stack more reliable by detecting and skipping
+over endpoints that are duplicated between interfaces. This caused a
+regression for a Hercules audio card (reported as Bugzilla #208357),
+which contains such non-compliant duplications. Although the
+duplications are harmless, skipping the valid endpoints prevented the
+device from working.
+
+This patch fixes the regression by adding ENDPOINT_IGNORE quirks for
+the Hercules card, telling the kernel to ignore the invalid duplicate
+endpoints and thereby allowing the valid endpoints to be used as
+intended.
+
+Fixes: 3e4f8e21c4f2 ("USB: core: fix check for duplicate endpoints")
+CC: <stable@vger.kernel.org>
+Reported-by: Alexander Chalikiopoulos <bugzilla.kernel.org@mrtoasted.com>
+Signed-off-by: Alan Stern <stern@rowland.harvard.edu>
+Link: https://lore.kernel.org/r/20201119170040.GA576844@rowland.harvard.edu
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+[sudip: use usb_endpoint_blacklist and USB_QUIRK_ENDPOINT_BLACKLIST]
+Signed-off-by: Sudip Mukherjee <sudipm.mukherjee@gmail.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ drivers/usb/core/quirks.c | 6 ++++++
+ 1 file changed, 6 insertions(+)
+
+--- a/drivers/usb/core/quirks.c
++++ b/drivers/usb/core/quirks.c
+@@ -195,6 +195,10 @@ static const struct usb_device_id usb_qu
+ /* Guillemot Webcam Hercules Dualpix Exchange*/
+ { USB_DEVICE(0x06f8, 0x3005), .driver_info = USB_QUIRK_RESET_RESUME },
+
++ /* Guillemot Hercules DJ Console audio card (BZ 208357) */
++ { USB_DEVICE(0x06f8, 0xb000), .driver_info =
++ USB_QUIRK_ENDPOINT_BLACKLIST },
++
+ /* Midiman M-Audio Keystation 88es */
+ { USB_DEVICE(0x0763, 0x0192), .driver_info = USB_QUIRK_RESET_RESUME },
+
+@@ -351,6 +355,8 @@ static const struct usb_device_id usb_am
+ * Matched for devices with USB_QUIRK_ENDPOINT_BLACKLIST.
+ */
+ static const struct usb_device_id usb_endpoint_blacklist[] = {
++ { USB_DEVICE_INTERFACE_NUMBER(0x06f8, 0xb000, 5), .driver_info = 0x01 },
++ { USB_DEVICE_INTERFACE_NUMBER(0x06f8, 0xb000, 5), .driver_info = 0x81 },
+ { }
+ };
+
projects / thirdparty / kernel / stable-queue.git / commitdiff
