From: Greg Kroah-Hartman Date: Mon, 15 Jul 2024 09:39:08 +0000 (+0200) Subject: 6.6-stable patches X-Git-Tag: v4.19.318~59 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=2bc0159569e0408aaa06b4cc9c16815e294c7e3c;p=thirdparty%2Fkernel%2Fstable-queue.git 6.6-stable patches added patches: ksmbd-discard-write-access-to-the-directory-open.patch mm-filemap-make-max_pagecache_order-acceptable-to-xarray.patch mm-filemap-skip-to-create-pmd-sized-page-cache-if-needed.patch mm-vmalloc-check-if-a-hash-index-is-in-cpu_possible_mask.patch s390-mm-add-null-pointer-check-to-crst_table_free-base_crst_free.patch --- diff --git a/queue-6.6/ksmbd-discard-write-access-to-the-directory-open.patch b/queue-6.6/ksmbd-discard-write-access-to-the-directory-open.patch new file mode 100644 index 00000000000..b9f20751e5a --- /dev/null +++ b/queue-6.6/ksmbd-discard-write-access-to-the-directory-open.patch @@ -0,0 +1,80 @@ +From e2e33caa5dc2eae7bddf88b22ce11ec3d760e5cd Mon Sep 17 00:00:00 2001 +From: Hobin Woo +Date: Fri, 5 Jul 2024 12:27:25 +0900 +Subject: ksmbd: discard write access to the directory open + +From: Hobin Woo + +commit e2e33caa5dc2eae7bddf88b22ce11ec3d760e5cd upstream. + +may_open() does not allow a directory to be opened with the write access. +However, some writing flags set by client result in adding write access +on server, making ksmbd incompatible with FUSE file system. Simply, let's +discard the write access when opening a directory. + +list_add corruption. next is NULL. +------------[ cut here ]------------ +kernel BUG at lib/list_debug.c:26! +pc : __list_add_valid+0x88/0xbc +lr : __list_add_valid+0x88/0xbc +Call trace: +__list_add_valid+0x88/0xbc +fuse_finish_open+0x11c/0x170 +fuse_open_common+0x284/0x5e8 +fuse_dir_open+0x14/0x24 +do_dentry_open+0x2a4/0x4e0 +dentry_open+0x50/0x80 +smb2_open+0xbe4/0x15a4 +handle_ksmbd_work+0x478/0x5ec +process_one_work+0x1b4/0x448 +worker_thread+0x25c/0x430 +kthread+0x104/0x1d4 +ret_from_fork+0x10/0x20 + +Cc: stable@vger.kernel.org +Signed-off-by: Yoonho Shin +Signed-off-by: Hobin Woo +Acked-by: Namjae Jeon +Signed-off-by: Steve French +Signed-off-by: Greg Kroah-Hartman +--- + fs/smb/server/smb2pdu.c | 13 +++++++++++-- + 1 file changed, 11 insertions(+), 2 deletions(-) + +--- a/fs/smb/server/smb2pdu.c ++++ b/fs/smb/server/smb2pdu.c +@@ -2051,15 +2051,22 @@ out_err1: + * @access: file access flags + * @disposition: file disposition flags + * @may_flags: set with MAY_ flags ++ * @is_dir: is creating open flags for directory + * + * Return: file open flags + */ + static int smb2_create_open_flags(bool file_present, __le32 access, + __le32 disposition, +- int *may_flags) ++ int *may_flags, ++ bool is_dir) + { + int oflags = O_NONBLOCK | O_LARGEFILE; + ++ if (is_dir) { ++ access &= ~FILE_WRITE_DESIRE_ACCESS_LE; ++ ksmbd_debug(SMB, "Discard write access to a directory\n"); ++ } ++ + if (access & FILE_READ_DESIRED_ACCESS_LE && + access & FILE_WRITE_DESIRE_ACCESS_LE) { + oflags |= O_RDWR; +@@ -3167,7 +3174,9 @@ int smb2_open(struct ksmbd_work *work) + + open_flags = smb2_create_open_flags(file_present, daccess, + req->CreateDisposition, +- &may_flags); ++ &may_flags, ++ req->CreateOptions & FILE_DIRECTORY_FILE_LE || ++ (file_present && S_ISDIR(d_inode(path.dentry)->i_mode))); + + if (!test_tree_conn_flag(tcon, KSMBD_TREE_CONN_FLAG_WRITABLE)) { + if (open_flags & (O_CREAT | O_TRUNC)) { diff --git a/queue-6.6/mm-filemap-make-max_pagecache_order-acceptable-to-xarray.patch b/queue-6.6/mm-filemap-make-max_pagecache_order-acceptable-to-xarray.patch new file mode 100644 index 00000000000..6409b1ac2ef --- /dev/null +++ b/queue-6.6/mm-filemap-make-max_pagecache_order-acceptable-to-xarray.patch @@ -0,0 +1,261 @@ +From 099d90642a711caae377f53309abfe27e8724a8b Mon Sep 17 00:00:00 2001 +From: Gavin Shan +Date: Thu, 27 Jun 2024 10:39:49 +1000 +Subject: mm/filemap: make MAX_PAGECACHE_ORDER acceptable to xarray + +From: Gavin Shan + +commit 099d90642a711caae377f53309abfe27e8724a8b upstream. + +Patch series "mm/filemap: Limit page cache size to that supported by +xarray", v2. + +Currently, xarray can't support arbitrary page cache size. More details +can be found from the WARN_ON() statement in xas_split_alloc(). In our +test whose code is attached below, we hit the WARN_ON() on ARM64 system +where the base page size is 64KB and huge page size is 512MB. The issue +was reported long time ago and some discussions on it can be found here +[1]. + +[1] https://www.spinics.net/lists/linux-xfs/msg75404.html + +In order to fix the issue, we need to adjust MAX_PAGECACHE_ORDER to one +supported by xarray and avoid PMD-sized page cache if needed. The code +changes are suggested by David Hildenbrand. + +PATCH[1] adjusts MAX_PAGECACHE_ORDER to that supported by xarray +PATCH[2-3] avoids PMD-sized page cache in the synchronous readahead path +PATCH[4] avoids PMD-sized page cache for shmem files if needed + +Test program +============ +# cat test.c +#define _GNU_SOURCE +#include +#include +#include +#include +#include +#include +#include +#include + +#define TEST_XFS_FILENAME "/tmp/data" +#define TEST_SHMEM_FILENAME "/dev/shm/data" +#define TEST_MEM_SIZE 0x20000000 + +int main(int argc, char **argv) +{ + const char *filename; + int fd = 0; + void *buf = (void *)-1, *p; + int pgsize = getpagesize(); + int ret; + + if (pgsize != 0x10000) { + fprintf(stderr, "64KB base page size is required\n"); + return -EPERM; + } + + system("echo force > /sys/kernel/mm/transparent_hugepage/shmem_enabled"); + system("rm -fr /tmp/data"); + system("rm -fr /dev/shm/data"); + system("echo 1 > /proc/sys/vm/drop_caches"); + + /* Open xfs or shmem file */ + filename = TEST_XFS_FILENAME; + if (argc > 1 && !strcmp(argv[1], "shmem")) + filename = TEST_SHMEM_FILENAME; + + fd = open(filename, O_CREAT | O_RDWR | O_TRUNC); + if (fd < 0) { + fprintf(stderr, "Unable to open <%s>\n", filename); + return -EIO; + } + + /* Extend file size */ + ret = ftruncate(fd, TEST_MEM_SIZE); + if (ret) { + fprintf(stderr, "Error %d to ftruncate()\n", ret); + goto cleanup; + } + + /* Create VMA */ + buf = mmap(NULL, TEST_MEM_SIZE, + PROT_READ | PROT_WRITE, MAP_SHARED, fd, 0); + if (buf == (void *)-1) { + fprintf(stderr, "Unable to mmap <%s>\n", filename); + goto cleanup; + } + + fprintf(stdout, "mapped buffer at 0x%p\n", buf); + ret = madvise(buf, TEST_MEM_SIZE, MADV_HUGEPAGE); + if (ret) { + fprintf(stderr, "Unable to madvise(MADV_HUGEPAGE)\n"); + goto cleanup; + } + + /* Populate VMA */ + ret = madvise(buf, TEST_MEM_SIZE, MADV_POPULATE_WRITE); + if (ret) { + fprintf(stderr, "Error %d to madvise(MADV_POPULATE_WRITE)\n", ret); + goto cleanup; + } + + /* Punch the file to enforce xarray split */ + ret = fallocate(fd, FALLOC_FL_KEEP_SIZE | FALLOC_FL_PUNCH_HOLE, + TEST_MEM_SIZE - pgsize, pgsize); + if (ret) + fprintf(stderr, "Error %d to fallocate()\n", ret); + +cleanup: + if (buf != (void *)-1) + munmap(buf, TEST_MEM_SIZE); + if (fd > 0) + close(fd); + + return 0; +} + +# gcc test.c -o test +# cat /proc/1/smaps | grep KernelPageSize | head -n 1 +KernelPageSize: 64 kB +# ./test shmem + : +------------[ cut here ]------------ +WARNING: CPU: 17 PID: 5253 at lib/xarray.c:1025 xas_split_alloc+0xf8/0x128 +Modules linked in: nft_fib_inet nft_fib_ipv4 nft_fib_ipv6 nft_fib \ +nft_reject_inet nf_reject_ipv4 nf_reject_ipv6 nft_reject nft_ct \ +nft_chain_nat nf_nat nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 \ +ip_set nf_tables rfkill nfnetlink vfat fat virtio_balloon \ +drm fuse xfs libcrc32c crct10dif_ce ghash_ce sha2_ce sha256_arm64 \ +virtio_net sha1_ce net_failover failover virtio_console virtio_blk \ +dimlib virtio_mmio +CPU: 17 PID: 5253 Comm: test Kdump: loaded Tainted: G W 6.10.0-rc5-gavin+ #12 +Hardware name: QEMU KVM Virtual Machine, BIOS edk2-20240524-1.el9 05/24/2024 +pstate: 83400005 (Nzcv daif +PAN -UAO +TCO +DIT -SSBS BTYPE=--) +pc : xas_split_alloc+0xf8/0x128 +lr : split_huge_page_to_list_to_order+0x1c4/0x720 +sp : ffff80008a92f5b0 +x29: ffff80008a92f5b0 x28: ffff80008a92f610 x27: ffff80008a92f728 +x26: 0000000000000cc0 x25: 000000000000000d x24: ffff0000cf00c858 +x23: ffff80008a92f610 x22: ffffffdfc0600000 x21: 0000000000000000 +x20: 0000000000000000 x19: ffffffdfc0600000 x18: 0000000000000000 +x17: 0000000000000000 x16: 0000018000000000 x15: 3374004000000000 +x14: 0000e00000000000 x13: 0000000000002000 x12: 0000000000000020 +x11: 3374000000000000 x10: 3374e1c0ffff6000 x9 : ffffb463a84c681c +x8 : 0000000000000003 x7 : 0000000000000000 x6 : ffff00011c976ce0 +x5 : ffffb463aa47e378 x4 : 0000000000000000 x3 : 0000000000000cc0 +x2 : 000000000000000d x1 : 000000000000000c x0 : 0000000000000000 +Call trace: + xas_split_alloc+0xf8/0x128 + split_huge_page_to_list_to_order+0x1c4/0x720 + truncate_inode_partial_folio+0xdc/0x160 + shmem_undo_range+0x2bc/0x6a8 + shmem_fallocate+0x134/0x430 + vfs_fallocate+0x124/0x2e8 + ksys_fallocate+0x4c/0xa0 + __arm64_sys_fallocate+0x24/0x38 + invoke_syscall.constprop.0+0x7c/0xd8 + do_el0_svc+0xb4/0xd0 + el0_svc+0x44/0x1d8 + el0t_64_sync_handler+0x134/0x150 + el0t_64_sync+0x17c/0x180 + + +This patch (of 4): + +The largest page cache order can be HPAGE_PMD_ORDER (13) on ARM64 with +64KB base page size. The xarray entry with this order can't be split as +the following error messages indicate. + +------------[ cut here ]------------ +WARNING: CPU: 35 PID: 7484 at lib/xarray.c:1025 xas_split_alloc+0xf8/0x128 +Modules linked in: nft_fib_inet nft_fib_ipv4 nft_fib_ipv6 nft_fib \ +nft_reject_inet nf_reject_ipv4 nf_reject_ipv6 nft_reject nft_ct \ +nft_chain_nat nf_nat nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 \ +ip_set rfkill nf_tables nfnetlink vfat fat virtio_balloon drm \ +fuse xfs libcrc32c crct10dif_ce ghash_ce sha2_ce sha256_arm64 \ +sha1_ce virtio_net net_failover virtio_console virtio_blk failover \ +dimlib virtio_mmio +CPU: 35 PID: 7484 Comm: test Kdump: loaded Tainted: G W 6.10.0-rc5-gavin+ #9 +Hardware name: QEMU KVM Virtual Machine, BIOS edk2-20240524-1.el9 05/24/2024 +pstate: 83400005 (Nzcv daif +PAN -UAO +TCO +DIT -SSBS BTYPE=--) +pc : xas_split_alloc+0xf8/0x128 +lr : split_huge_page_to_list_to_order+0x1c4/0x720 +sp : ffff800087a4f6c0 +x29: ffff800087a4f6c0 x28: ffff800087a4f720 x27: 000000001fffffff +x26: 0000000000000c40 x25: 000000000000000d x24: ffff00010625b858 +x23: ffff800087a4f720 x22: ffffffdfc0780000 x21: 0000000000000000 +x20: 0000000000000000 x19: ffffffdfc0780000 x18: 000000001ff40000 +x17: 00000000ffffffff x16: 0000018000000000 x15: 51ec004000000000 +x14: 0000e00000000000 x13: 0000000000002000 x12: 0000000000000020 +x11: 51ec000000000000 x10: 51ece1c0ffff8000 x9 : ffffbeb961a44d28 +x8 : 0000000000000003 x7 : ffffffdfc0456420 x6 : ffff0000e1aa6eb8 +x5 : 20bf08b4fe778fca x4 : ffffffdfc0456420 x3 : 0000000000000c40 +x2 : 000000000000000d x1 : 000000000000000c x0 : 0000000000000000 +Call trace: + xas_split_alloc+0xf8/0x128 + split_huge_page_to_list_to_order+0x1c4/0x720 + truncate_inode_partial_folio+0xdc/0x160 + truncate_inode_pages_range+0x1b4/0x4a8 + truncate_pagecache_range+0x84/0xa0 + xfs_flush_unmap_range+0x70/0x90 [xfs] + xfs_file_fallocate+0xfc/0x4d8 [xfs] + vfs_fallocate+0x124/0x2e8 + ksys_fallocate+0x4c/0xa0 + __arm64_sys_fallocate+0x24/0x38 + invoke_syscall.constprop.0+0x7c/0xd8 + do_el0_svc+0xb4/0xd0 + el0_svc+0x44/0x1d8 + el0t_64_sync_handler+0x134/0x150 + el0t_64_sync+0x17c/0x180 + +Fix it by decreasing MAX_PAGECACHE_ORDER to the largest supported order +by xarray. For this specific case, MAX_PAGECACHE_ORDER is dropped from +13 to 11 when CONFIG_BASE_SMALL is disabled. + +Link: https://lkml.kernel.org/r/20240627003953.1262512-1-gshan@redhat.com +Link: https://lkml.kernel.org/r/20240627003953.1262512-2-gshan@redhat.com +Fixes: 793917d997df ("mm/readahead: Add large folio readahead") +Signed-off-by: Gavin Shan +Suggested-by: David Hildenbrand +Acked-by: David Hildenbrand +Cc: Darrick J. Wong +Cc: Don Dutile +Cc: Hugh Dickins +Cc: Linus Torvalds +Cc: Matthew Wilcox (Oracle) +Cc: Ryan Roberts +Cc: William Kucharski +Cc: Zhenyu Zhang +Cc: [5.18+] +Signed-off-by: Andrew Morton +Signed-off-by: Greg Kroah-Hartman +--- + include/linux/pagemap.h | 11 +++++++++-- + 1 file changed, 9 insertions(+), 2 deletions(-) + +--- a/include/linux/pagemap.h ++++ b/include/linux/pagemap.h +@@ -335,11 +335,18 @@ static inline void mapping_set_gfp_mask( + * a good order (that's 1MB if you're using 4kB pages) + */ + #ifdef CONFIG_TRANSPARENT_HUGEPAGE +-#define MAX_PAGECACHE_ORDER HPAGE_PMD_ORDER ++#define PREFERRED_MAX_PAGECACHE_ORDER HPAGE_PMD_ORDER + #else +-#define MAX_PAGECACHE_ORDER 8 ++#define PREFERRED_MAX_PAGECACHE_ORDER 8 + #endif + ++/* ++ * xas_split_alloc() does not support arbitrary orders. This implies no ++ * 512MB THP on ARM64 with 64KB base page size. ++ */ ++#define MAX_XAS_ORDER (XA_CHUNK_SHIFT * 2 - 1) ++#define MAX_PAGECACHE_ORDER min(MAX_XAS_ORDER, PREFERRED_MAX_PAGECACHE_ORDER) ++ + /** + * mapping_set_large_folios() - Indicate the file supports large folios. + * @mapping: The file. diff --git a/queue-6.6/mm-filemap-skip-to-create-pmd-sized-page-cache-if-needed.patch b/queue-6.6/mm-filemap-skip-to-create-pmd-sized-page-cache-if-needed.patch new file mode 100644 index 00000000000..bfbabdbaa6a --- /dev/null +++ b/queue-6.6/mm-filemap-skip-to-create-pmd-sized-page-cache-if-needed.patch @@ -0,0 +1,91 @@ +From 3390916aca7af1893ed2ebcdfee1d6fdb65bb058 Mon Sep 17 00:00:00 2001 +From: Gavin Shan +Date: Thu, 27 Jun 2024 10:39:51 +1000 +Subject: mm/filemap: skip to create PMD-sized page cache if needed + +From: Gavin Shan + +commit 3390916aca7af1893ed2ebcdfee1d6fdb65bb058 upstream. + +On ARM64, HPAGE_PMD_ORDER is 13 when the base page size is 64KB. The +PMD-sized page cache can't be supported by xarray as the following error +messages indicate. + +------------[ cut here ]------------ +WARNING: CPU: 35 PID: 7484 at lib/xarray.c:1025 xas_split_alloc+0xf8/0x128 +Modules linked in: nft_fib_inet nft_fib_ipv4 nft_fib_ipv6 nft_fib \ +nft_reject_inet nf_reject_ipv4 nf_reject_ipv6 nft_reject nft_ct \ +nft_chain_nat nf_nat nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 \ +ip_set rfkill nf_tables nfnetlink vfat fat virtio_balloon drm \ +fuse xfs libcrc32c crct10dif_ce ghash_ce sha2_ce sha256_arm64 \ +sha1_ce virtio_net net_failover virtio_console virtio_blk failover \ +dimlib virtio_mmio +CPU: 35 PID: 7484 Comm: test Kdump: loaded Tainted: G W 6.10.0-rc5-gavin+ #9 +Hardware name: QEMU KVM Virtual Machine, BIOS edk2-20240524-1.el9 05/24/2024 +pstate: 83400005 (Nzcv daif +PAN -UAO +TCO +DIT -SSBS BTYPE=--) +pc : xas_split_alloc+0xf8/0x128 +lr : split_huge_page_to_list_to_order+0x1c4/0x720 +sp : ffff800087a4f6c0 +x29: ffff800087a4f6c0 x28: ffff800087a4f720 x27: 000000001fffffff +x26: 0000000000000c40 x25: 000000000000000d x24: ffff00010625b858 +x23: ffff800087a4f720 x22: ffffffdfc0780000 x21: 0000000000000000 +x20: 0000000000000000 x19: ffffffdfc0780000 x18: 000000001ff40000 +x17: 00000000ffffffff x16: 0000018000000000 x15: 51ec004000000000 +x14: 0000e00000000000 x13: 0000000000002000 x12: 0000000000000020 +x11: 51ec000000000000 x10: 51ece1c0ffff8000 x9 : ffffbeb961a44d28 +x8 : 0000000000000003 x7 : ffffffdfc0456420 x6 : ffff0000e1aa6eb8 +x5 : 20bf08b4fe778fca x4 : ffffffdfc0456420 x3 : 0000000000000c40 +x2 : 000000000000000d x1 : 000000000000000c x0 : 0000000000000000 +Call trace: + xas_split_alloc+0xf8/0x128 + split_huge_page_to_list_to_order+0x1c4/0x720 + truncate_inode_partial_folio+0xdc/0x160 + truncate_inode_pages_range+0x1b4/0x4a8 + truncate_pagecache_range+0x84/0xa0 + xfs_flush_unmap_range+0x70/0x90 [xfs] + xfs_file_fallocate+0xfc/0x4d8 [xfs] + vfs_fallocate+0x124/0x2e8 + ksys_fallocate+0x4c/0xa0 + __arm64_sys_fallocate+0x24/0x38 + invoke_syscall.constprop.0+0x7c/0xd8 + do_el0_svc+0xb4/0xd0 + el0_svc+0x44/0x1d8 + el0t_64_sync_handler+0x134/0x150 + el0t_64_sync+0x17c/0x180 + +Fix it by skipping to allocate PMD-sized page cache when its size is +larger than MAX_PAGECACHE_ORDER. For this specific case, we will fall to +regular path where the readahead window is determined by BDI's sysfs file +(read_ahead_kb). + +Link: https://lkml.kernel.org/r/20240627003953.1262512-4-gshan@redhat.com +Fixes: 4687fdbb805a ("mm/filemap: Support VM_HUGEPAGE for file mappings") +Signed-off-by: Gavin Shan +Suggested-by: David Hildenbrand +Acked-by: David Hildenbrand +Cc: Darrick J. Wong +Cc: Don Dutile +Cc: Hugh Dickins +Cc: Linus Torvalds +Cc: Matthew Wilcox (Oracle) +Cc: Ryan Roberts +Cc: William Kucharski +Cc: Zhenyu Zhang +Cc: [5.18+] +Signed-off-by: Andrew Morton +Signed-off-by: Greg Kroah-Hartman +--- + mm/filemap.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/mm/filemap.c ++++ b/mm/filemap.c +@@ -3157,7 +3157,7 @@ static struct file *do_sync_mmap_readahe + + #ifdef CONFIG_TRANSPARENT_HUGEPAGE + /* Use the readahead code, even if readahead is disabled */ +- if (vm_flags & VM_HUGEPAGE) { ++ if ((vm_flags & VM_HUGEPAGE) && HPAGE_PMD_ORDER <= MAX_PAGECACHE_ORDER) { + fpin = maybe_unlock_mmap_for_io(vmf, fpin); + ractl._index &= ~((unsigned long)HPAGE_PMD_NR - 1); + ra->size = HPAGE_PMD_NR; diff --git a/queue-6.6/mm-vmalloc-check-if-a-hash-index-is-in-cpu_possible_mask.patch b/queue-6.6/mm-vmalloc-check-if-a-hash-index-is-in-cpu_possible_mask.patch new file mode 100644 index 00000000000..ebc2e762dfd --- /dev/null +++ b/queue-6.6/mm-vmalloc-check-if-a-hash-index-is-in-cpu_possible_mask.patch @@ -0,0 +1,53 @@ +From a34acf30b19bc4ee3ba2f1082756ea2604c19138 Mon Sep 17 00:00:00 2001 +From: "Uladzislau Rezki (Sony)" +Date: Wed, 26 Jun 2024 16:03:30 +0200 +Subject: mm: vmalloc: check if a hash-index is in cpu_possible_mask + +From: Uladzislau Rezki (Sony) + +commit a34acf30b19bc4ee3ba2f1082756ea2604c19138 upstream. + +The problem is that there are systems where cpu_possible_mask has gaps +between set CPUs, for example SPARC. In this scenario addr_to_vb_xa() +hash function can return an index which accesses to not-possible and not +setup CPU area using per_cpu() macro. This results in an oops on SPARC. + +A per-cpu vmap_block_queue is also used as hash table, incorrectly +assuming the cpu_possible_mask has no gaps. Fix it by adjusting an index +to a next possible CPU. + +Link: https://lkml.kernel.org/r/20240626140330.89836-1-urezki@gmail.com +Fixes: 062eacf57ad9 ("mm: vmalloc: remove a global vmap_blocks xarray") +Reported-by: Nick Bowler +Closes: https://lore.kernel.org/linux-kernel/ZntjIE6msJbF8zTa@MiWiFi-R3L-srv/T/ +Signed-off-by: Uladzislau Rezki (Sony) +Reviewed-by: Baoquan He +Cc: Christoph Hellwig +Cc: Hailong.Liu +Cc: Oleksiy Avramchenko +Cc: +Signed-off-by: Andrew Morton +Signed-off-by: Greg Kroah-Hartman +--- + mm/vmalloc.c | 10 +++++++++- + 1 file changed, 9 insertions(+), 1 deletion(-) + +--- a/mm/vmalloc.c ++++ b/mm/vmalloc.c +@@ -1984,7 +1984,15 @@ static DEFINE_PER_CPU(struct vmap_block_ + static struct xarray * + addr_to_vb_xa(unsigned long addr) + { +- int index = (addr / VMAP_BLOCK_SIZE) % num_possible_cpus(); ++ int index = (addr / VMAP_BLOCK_SIZE) % nr_cpu_ids; ++ ++ /* ++ * Please note, nr_cpu_ids points on a highest set ++ * possible bit, i.e. we never invoke cpumask_next() ++ * if an index points on it which is nr_cpu_ids - 1. ++ */ ++ if (!cpu_possible(index)) ++ index = cpumask_next(index, cpu_possible_mask); + + return &per_cpu(vmap_block_queue, index).vmap_blocks; + } diff --git a/queue-6.6/s390-mm-add-null-pointer-check-to-crst_table_free-base_crst_free.patch b/queue-6.6/s390-mm-add-null-pointer-check-to-crst_table_free-base_crst_free.patch new file mode 100644 index 00000000000..10053ba84e9 --- /dev/null +++ b/queue-6.6/s390-mm-add-null-pointer-check-to-crst_table_free-base_crst_free.patch @@ -0,0 +1,49 @@ +From b5efb63acf7bddaf20eacfcac654c25c446eabe8 Mon Sep 17 00:00:00 2001 +From: Heiko Carstens +Date: Tue, 9 Jul 2024 08:50:56 +0200 +Subject: s390/mm: Add NULL pointer check to crst_table_free() base_crst_free() + +From: Heiko Carstens + +commit b5efb63acf7bddaf20eacfcac654c25c446eabe8 upstream. + +crst_table_free() used to work with NULL pointers before the conversion +to ptdescs. Since crst_table_free() can be called with a NULL pointer +(error handling in crst_table_upgrade() add an explicit check. + +Also add the same check to base_crst_free() for consistency reasons. + +In real life this should not happen, since order two GFP_KERNEL +allocations will not fail, unless FAIL_PAGE_ALLOC is enabled and used. + +Reported-by: Yunseong Kim +Fixes: 6326c26c1514 ("s390: convert various pgalloc functions to use ptdescs") +Signed-off-by: Heiko Carstens +Acked-by: Alexander Gordeev +Cc: stable@kernel.org +Signed-off-by: Linus Torvalds +Signed-off-by: Greg Kroah-Hartman +--- + arch/s390/mm/pgalloc.c | 4 ++++ + 1 file changed, 4 insertions(+) + +--- a/arch/s390/mm/pgalloc.c ++++ b/arch/s390/mm/pgalloc.c +@@ -53,6 +53,8 @@ unsigned long *crst_table_alloc(struct m + + void crst_table_free(struct mm_struct *mm, unsigned long *table) + { ++ if (!table) ++ return; + pagetable_free(virt_to_ptdesc(table)); + } + +@@ -500,6 +502,8 @@ static unsigned long *base_crst_alloc(un + + static void base_crst_free(unsigned long *table) + { ++ if (!table) ++ return; + pagetable_free(virt_to_ptdesc(table)); + } + diff --git a/queue-6.6/series b/queue-6.6/series index e7af157542e..8922a532891 100644 --- a/queue-6.6/series +++ b/queue-6.6/series @@ -68,3 +68,8 @@ usb-core-fix-duplicate-endpoint-bug-by-clearing-reserved-bits-in-the-descriptor. misc-microchip-pci1xxxx-fix-return-value-of-nvmem-callbacks.patch hpet-support-32-bit-userspace.patch xhci-always-resume-roothubs-if-xhc-was-reset-during-resume.patch +s390-mm-add-null-pointer-check-to-crst_table_free-base_crst_free.patch +mm-vmalloc-check-if-a-hash-index-is-in-cpu_possible_mask.patch +mm-filemap-skip-to-create-pmd-sized-page-cache-if-needed.patch +mm-filemap-make-max_pagecache_order-acceptable-to-xarray.patch +ksmbd-discard-write-access-to-the-directory-open.patch