Skip to content
  1. Feb 05, 2020
    • Christian Brauner's avatar
      selftests/cgroup: add tests for cloning into cgroups · 27eaaaf3
      Christian Brauner authored
      
      
      Expand the cgroup test-suite to include tests for CLONE_INTO_CGROUP.
      This adds the following tests:
      - CLONE_INTO_CGROUP manages to clone a process directly into a correctly
        delegated cgroup
      - CLONE_INTO_CGROUP fails to clone a process into a cgroup that has been
        removed after we've opened an fd to it
      - CLONE_INTO_CGROUP fails to clone a process into an invalid domain
        cgroup
      - CLONE_INTO_CGROUP adheres to the no internal process constraint
      - CLONE_INTO_CGROUP works with the freezer feature
      
      Cc: Tejun Heo <tj@kernel.org>
      Cc: Shuah Khan <shuah@kernel.org>
      Cc: cgroups@vger.kernel.org
      Cc: linux-kselftest@vger.kernel.org
      Acked-by: default avatarRoman Gushchin <guro@fb.com>
      Signed-off-by: default avatarChristian Brauner <christian.brauner@ubuntu.com>
      ---
      /* v1 */
      Link: https://lore.kernel.org/r/20191218173516.7875-4-christian.brauner@ubuntu.com
      
      /* v2 */
      Link: https://lore.kernel.org/r/20191223061504.28716-4-christian.brauner@ubuntu.com
      unchanged
      
      /* v3 */
      Link: https://lore.kernel.org/r/20200117002143.15559-6-christian.brauner@ubuntu.com
      unchanged
      
      /* v4 */
      Link: https://lore.kernel.org/r/20200117181219.14542-7-christian.brauner@ubuntu.com
      unchanged
      
      /* v5 */
      Link: https://lore.kernel.org/r/20200121154844.411-7-christian.brauner@ubuntu.com
      
      
      unchanged
      - Christian Brauner <christian.brauner@ubuntu.com>:
      - add Acked-by: default avatarRoman Gushchin <guro@fb.com>
      
      /* v6 */
      unchanged
    • Christian Brauner's avatar
      clone3: allow spawning processes into cgroups · 643a7e3d
      Christian Brauner authored
      
      
      This adds support for creating a process in a different cgroup than its
      parent. Callers can limit and account processes and threads right from
      the moment they are spawned:
      - A service manager can directly spawn new services into dedicated
        cgroups.
      - A process can be directly created in a frozen cgroup and will be
        frozen as well.
      - The initial accounting jitter experienced by process supervisors and
        daemons is eliminated with this.
      - Threaded applications or even thread implementations can choose to
        create a specific cgroup layout where each thread is spawned
        directly into a dedicated cgroup.
      
      This feature is limited to the unified hierarchy. Callers need to pass
      a directory file descriptor for the target cgroup. The caller can
      choose to pass an O_PATH file descriptor. All usual migration
      restrictions apply, i.e. there can be no processes in inner nodes. In
      general, creating a process directly in a target cgroup adheres to all
      migration restrictions.
      
      One of the biggest advantages of this feature is that CLONE_INTO_GROUP does
      not need to grab the write side of the cgroup cgroup_threadgroup_rwsem.
      This global lock makes moving tasks/threads around super expensive. With
      clone3() this lock is avoided.
      
      Cc: Tejun Heo <tj@kernel.org>
      Cc: Ingo Molnar <mingo@redhat.com>
      Cc: Oleg Nesterov <oleg@redhat.com>
      Cc: Johannes Weiner <hannes@cmpxchg.org>
      Cc: Li Zefan <lizefan@huawei.com>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: cgroups@vger.kernel.org
      Signed-off-by: default avatarChristian Brauner <christian.brauner@ubuntu.com>
      ---
      /* v1 */
      Link: https://lore.kernel.org/r/20191218173516.7875-3-christian.brauner@ubuntu.com
      
      /* v2 */
      Link: https://lore.kernel.org/r/20191223061504.28716-3-christian.brauner@ubuntu.com
      - Oleg Nesterov <oleg@redhat.com>:
        - prevent deadlock from wrong locking order
      - Christian Brauner <christian.brauner@ubuntu.com>:
        - Rework locking. In the previous patch version we would have already
          acquired the cgroup_threadgroup_rwsem before we grabbed cgroup mutex
          we need to hold when CLONE_INTO_CGROUP is specified. This meant we
          could deadlock with other codepaths that all require it to be done
          the other way around. Fix this by first grabbing cgroup mutex when
          CLONE_INTO_CGROUP is specified and then grabbing
          cgroup_threadgroup_rwsem unconditionally after. This way we don't
          require the cgroup mutex be held in codepaths that don't need it.
        - Switch from mutex_lock() to mutex_lock_killable().
      
      /* v3 */
      Link: https://lore.kernel.org/r/20200117002143.15559-5-christian.brauner@ubuntu.com
      - Tejun Heo <tj@kernel.org>:
        - s/mutex_lock_killable()/mutex_lock()/ because it should only ever
          be held for a short time:
          diff --git a/kernel/cgroup/cgroup.c b/kernel/cgroup/cgroup.c
          index a9fedcfeae4b..d68d3fb6af1d 100644
          --- a/kernel/cgroup/cgroup.c
          +++ b/kernel/cgroup/cgroup.c
          @@ -5927,11 +5927,8 @@ static int cgroup_css_set_fork(struct task_struct *parent,
                  struct super_block *sb;
                  struct file *f;
      
          -       if (kargs->flags & CLONE_INTO_CGROUP) {
          -               ret = mutex_lock_killable(&cgroup_mutex);
          -               if (ret)
          -                       return ret;
          -       }
          +       if (kargs->flags & CLONE_INTO_CGROUP)
          +               mutex_lock(&cgroup_mutex);
      
                  cgroup_threadgroup_change_begin(parent);
        - s/task_cgroup_from_root/cset->dfl_cgrp/:
          diff --git a/kernel/cgroup/cgroup.c b/kernel/cgroup/cgroup.c
          index d68d3fb6af1d..3ceef006d144 100644
          --- a/kernel/cgroup/cgroup.c
          +++ b/kernel/cgroup/cgroup.c
          @@ -5922,7 +5922,7 @@ static int cgroup_css_set_fork(struct task_struct *parent,
                  __acquires(&cgroup_mutex) __acquires(&cgroup_threadgroup_rwsem)
           {
                  int ret;
          -       struct cgroup *dst_cgrp = NULL, *src_cgrp;
          +       struct cgroup *dst_cgrp = NULL;
                  struct css_set *cset;
                  struct super_block *sb;
                  struct file *f;
          @@ -5956,11 +5956,7 @@ static int cgroup_css_set_fork(struct task_struct *parent,
                          goto err;
                  }
      
          -       spin_lock_irq(&css_set_lock);
          -       src_cgrp = task_cgroup_from_root(parent, &cgrp_dfl_cgrp);
          -       spin_unlock_irq(&css_set_lock);
          -
          -       ret = cgroup_attach_permissions(src_cgrp, dst_cgrp, sb,
          +       ret = cgroup_attach_permissions(cset->dfl_cgrp, dst_cgrp, sb,
                                                  !!(kargs->flags & CLONE_THREAD));
                  if (ret)
                          goto err;
        - pass struct css_set instead of struct kernel_clone_args into cgroup
          fork subsystem callbacks:
          diff --git a/include/linux/cgroup-defs.h b/include/linux/cgroup-defs.h
          index cd848c6bac4a..058bb16d073f 100644
          --- a/include/linux/cgroup-defs.h
          +++ b/include/linux/cgroup-defs.h
          @@ -630,9 +630,8 @@ struct cgroup_subsys {
           	void (*attach)(struct cgroup_taskset *tset);
           	void (*post_attach)(void);
           	int (*can_fork)(struct task_struct *parent, struct task_struct *child,
          -			struct kernel_clone_args *kargs);
          -	void (*cancel_fork)(struct task_struct *child,
          -			    struct kernel_clone_args *kargs);
          +			struct css_set *cset);
          +	void (*cancel_fork)(struct task_struct *child, struct css_set *cset);
           	void (*fork)(struct task_struct *task);
           	void (*exit)(struct task_struct *task);
           	void (*release)(struct task_struct *task);
          diff --git a/kernel/cgroup/cgroup.c b/kernel/cgroup/cgroup.c
          index 3ceef006d144..2ac1c37a3fcb 100644
          --- a/kernel/cgroup/cgroup.c
          +++ b/kernel/cgroup/cgroup.c
          @@ -6044,7 +6044,7 @@ int cgroup_can_fork(struct task_struct *parent, struct task_struct *child,
           		return ret;
      
           	do_each_subsys_mask(ss, i, have_canfork_callback) {
          -		ret = ss->can_fork(parent, child, kargs);
          +		ret = ss->can_fork(parent, child, kargs->cset);
           		if (ret)
           			goto out_revert;
           	} while_each_subsys_mask();
          @@ -6056,7 +6056,7 @@ int cgroup_can_fork(struct task_struct *parent, struct task_struct *child,
           		if (j >= i)
           			break;
           		if (ss->cancel_fork)
          -			ss->cancel_fork(child, kargs);
          +			ss->cancel_fork(child, kargs->cset);
           	}
      
           	cgroup_css_set_put_fork(parent, kargs);
          @@ -6082,7 +6082,7 @@ void cgroup_cancel_fork(struct task_struct *parent, struct task_struct *child,
      
           	for_each_subsys(ss, i)
           		if (ss->cancel_fork)
          -			ss->cancel_fork(child, kargs);
          +			ss->cancel_fork(child, kargs->cset);
      
           	cgroup_css_set_put_fork(parent, kargs);
           }
          diff --git a/kernel/cgroup/pids.c b/kernel/cgroup/pids.c
          index e5955bc1fb00..4e7c8819c8df 100644
          --- a/kernel/cgroup/pids.c
          +++ b/kernel/cgroup/pids.c
          @@ -216,20 +216,16 @@ static void pids_cancel_attach(struct cgroup_taskset *tset)
            * on cgroup_threadgroup_change_begin() held by the copy_process().
            */
           static int pids_can_fork(struct task_struct *parent, struct task_struct *child,
          -			 struct kernel_clone_args *args)
          +			 struct css_set *cset)
           {
          -	struct css_set *new_cset = NULL;
           	struct cgroup_subsys_state *css;
           	struct pids_cgroup *pids;
           	int err;
      
          -	if (args)
          -		new_cset = args->cset;
          -
          -	if (!new_cset)
          -		css = task_css_check(current, pids_cgrp_id, true);
          +	if (cset)
          +		css = cset->subsys[pids_cgrp_id];
           	else
          -		css = new_cset->subsys[pids_cgrp_id];
          +		css = task_css_check(current, pids_cgrp_id, true);
           	pids = css_pids(css);
           	err = pids_try_charge(pids, 1);
           	if (err) {
          @@ -244,20 +240,15 @@ static int pids_can_fork(struct task_struct *parent, struct task_struct *child,
           	return err;
           }
      
          -static void pids_cancel_fork(struct task_struct *task,
          -			     struct kernel_clone_args *args)
          +static void pids_cancel_fork(struct task_struct *task, struct css_set *cset)
           {
          -	struct css_set *new_cset = NULL;
           	struct cgroup_subsys_state *css;
           	struct pids_cgroup *pids;
      
          -	if (args)
          -		new_cset = args->cset;
          -
          -	if (!new_cset)
          -		css = task_css_check(current, pids_cgrp_id, true);
          +	if (cset)
          +		css = cset->subsys[pids_cgrp_id];
           	else
          -		css = new_cset->subsys[pids_cgrp_id];
          +		css = task_css_check(current, pids_cgrp_id, true);
           	pids = css_pids(css);
           	pids_uncharge(pids, 1);
           }
      - Michal Koutný <mkoutny@suse.com>:
        - update comment for cgroup_fork()
        - if CLONE_NEWCGROUP and CLONE_INTO_CGROUP is requested, set the
          root_cset of the new cgroup namespace to the child's cset
      
      /* v4 */
      Link: https://lore.kernel.org/r/20200117181219.14542-6-christian.brauner@ubuntu.com
      - Tejun Heo <tj@kernel.org>:
        - verify that we can write to the target cgroup since we're not going through
          the vfs layer which would do it for us
          diff --git a/kernel/cgroup/cgroup.c b/kernel/cgroup/cgroup.c
          index 61d1a6cd0059..6b38b2545667 100644
          --- a/kernel/cgroup/cgroup.c
          +++ b/kernel/cgroup/cgroup.c
          @@ -5966,6 +5966,15 @@ static int cgroup_css_set_fork(struct task_struct *parent,
                          goto err;
                  }
      
          +       /*
          +        * Verify that we can the target cgroup is writable for us. This is
          +        * usally done by the vfs layer but since we're not going through the
          +        * vfs layer here we need to do it.
          +        */
          +       ret = cgroup_may_write(dst_cgrp, sb);
          +       if (ret)
          +               goto err;
          +
                  ret = cgroup_attach_permissions(cset->dfl_cgrp, dst_cgrp, sb,
                                                  !!(kargs->flags & CLONE_THREAD));
                  if (ret)
      /* v5 */
      Link: https://lore.kernel.org/r/20200121154844.411-6-christian.brauner@ubuntu.com
      - Oleg Nesterov <oleg@redhat.com>:
        - remove struct task_struct *parent argument from clone helpers in favor of
          using current directly
        - remove cgroup_same_domain_helper()
          diff --git a/kernel/cgroup/cgroup.c b/kernel/cgroup/cgroup.c
          index f4379401327a..4d36255ef25f 100644
          --- a/kernel/cgroup/cgroup.c
          +++ b/kernel/cgroup/cgroup.c
          @@ -4696,12 +4696,6 @@ static int cgroup_procs_write_permission(struct cgroup *src_cgrp,
                  return 0;
           }
      
          -static inline bool cgroup_same_domain(const struct cgroup *src_cgrp,
          -                                     const struct cgroup *dst_cgrp)
          -{
          -       return src_cgrp->dom_cgrp == dst_cgrp->dom_cgrp;
          -}
          -
           static int cgroup_attach_permissions(struct cgroup *src_cgrp,
                                               struct cgroup *dst_cgrp,
                                               struct super_block *sb, bool thread)
          @@ -4716,8 +4710,7 @@ static int cgroup_attach_permissions(struct cgroup *src_cgrp,
                  if (ret)
                          return ret;
      
          -       if (thread &&
          -           !cgroup_same_domain(src_cgrp->dom_cgrp, dst_cgrp->dom_cgrp))
          +       if (thread && (src_cgrp->dom_cgrp != dst_cgrp->dom_cgrp))
                          ret = -EOPNOTSUPP;
      
                  return ret;
        - put kargs->cset on failure
          diff --git a/kernel/cgroup/cgroup.c b/kernel/cgroup/cgroup.c
          index 4d36255ef25f..482055d1e64a 100644
          --- a/kernel/cgroup/cgroup.c
          +++ b/kernel/cgroup/cgroup.c
          @@ -5994,6 +5994,8 @@ static int cgroup_css_set_fork(struct kernel_clone_args *kargs)
                  if (dst_cgrp)
                          cgroup_put(dst_cgrp);
                  put_css_set(cset);
          +       if (kargs->cset)
          +               put_css_set(kargs->cset);
                  return ret;
           }
      
      /* v6 */
      - Michal Koutný <mkoutny@suse.com>:
        - Move check whether cgroup is still alive right after getting it from the
          passed-in file descriptor:
          diff --git a/kernel/cgroup/cgroup.c b/kernel/cgroup/cgroup.c
          index 30a24ab3d74f..99bd4c1cea52 100644
          --- a/kernel/cgroup/cgroup.c
          +++ b/kernel/cgroup/cgroup.c
          @@ -5956,6 +5956,11 @@ static int cgroup_css_set_fork(struct kernel_clone_args *kargs)
           		goto err;
           	}
      
          +	if (cgroup_is_dead(dst_cgrp)) {
          +		ret = -ENODEV;
          +		goto err;
          +	}
          +
           	/*
           	 * Verify that we the target cgroup is writable for us. This is
           	 * usually done by the vfs layer but since we're not going through
          @@ -5976,11 +5981,6 @@ static int cgroup_css_set_fork(struct kernel_clone_args *kargs)
           		goto err;
           	}
      
          -	if (cgroup_is_dead(dst_cgrp)) {
          -		ret = -ENODEV;
          -		goto err;
          -	}
          -
           	put_css_set(cset);
           	fput(f);
           	kargs->cgrp = dst_cgrp;
          - put old root cset and get new root cset:
            diff --git a/kernel/cgroup/cgroup.c b/kernel/cgroup/cgroup.c
            index 99bd4c1cea52..2cb93b11ebf5 100644
            --- a/kernel/cgroup/cgroup.c
            +++ b/kernel/cgroup/cgroup.c
            @@ -6153,8 +6153,14 @@ void cgroup_post_fork(struct task_struct *child,
                    }
      
                    /* Make the new cset the root_cset of the new cgroup namespace. */
            -       if (kargs->flags & CLONE_NEWCGROUP)
            +
            +       if (kargs->flags & CLONE_NEWCGROUP) {
            +               struct css_set *rcset = child->nsproxy->cgroup_ns->root_cset;
            +
            +               get_css_set(cset);
                            child->nsproxy->cgroup_ns->root_cset = cset;
            +               put_css_set(rcset);
            +       }
             }
          - use cgroup_css_set_put_fork() in cgroup_post_fork() too:
            diff --git a/kernel/cgroup/cgroup.c b/kernel/cgroup/cgroup.c
            index 2cb93b11ebf5..9b11e7f44686 100644
            --- a/kernel/cgroup/cgroup.c
            +++ b/kernel/cgroup/cgroup.c
            @@ -6104,9 +6104,12 @@ void cgroup_post_fork(struct task_struct *child,
             	__releases(&cgroup_threadgroup_rwsem) __releases(&cgroup_mutex)
             {
             	struct cgroup_subsys *ss;
            -	struct css_set *cset = kargs->cset;
            +	struct css_set *cset;
             	int i;
      
            +	cset = kargs->cset;
            +	kargs->cset = NULL;
            +
             	spin_lock_irq(&css_set_lock);
      
             	WARN_ON_ONCE(!list_empty(&child->cg_list));
            @@ -6143,15 +6146,6 @@ void cgroup_post_fork(struct task_struct *child,
             		ss->fork(child);
             	} while_each_subsys_mask();
      
            -	cgroup_threadgroup_change_end(current);
            -
            -	if (kargs->flags & CLONE_INTO_CGROUP) {
            -		mutex_unlock(&cgroup_mutex);
            -
            -		cgroup_put(kargs->cgrp);
            -		kargs->cgrp = NULL;
            -	}
            -
             	/* Make the new cset the root_cset of the new cgroup namespace. */
      
             	if (kargs->flags & CLONE_NEWCGROUP) {
            @@ -6161,6 +6155,8 @@ void cgroup_post_fork(struct task_struct *child,
             		child->nsproxy->cgroup_ns->root_cset = cset;
             		put_css_set(rcset);
             	}
            +
            +	cgroup_css_set_put_fork(kargs);
             }
      - Christian Brauner <christian.brauner@ubuntu.com>:
        - remove struct kernel_clone_args forward declaration from cgroup-defs.h
          header. This was needed in a previous version of the series but isn't
          needed anymore.
          diff --git a/include/linux/cgroup-defs.h b/include/linux/cgroup-defs.h
          index 89d627abcbd6..68c391f451d1 100644
          --- a/include/linux/cgroup-defs.h
          +++ b/include/linux/cgroup-defs.h
          @@ -33,7 +33,6 @@ struct kernfs_ops;
           struct kernfs_open_file;
           struct seq_file;
           struct poll_table_struct;
          -struct kernel_clone_args;
      
           #define MAX_CGROUP_TYPE_NAMELEN 32
           #define MAX_CGROUP_ROOT_NAMELEN 64
      643a7e3d
  2. Feb 02, 2020
  3. Jan 27, 2020
  4. Jan 26, 2020
  5. Jan 25, 2020
    • Linus Torvalds's avatar
      Merge tag 'for-linus' of git://git.armlinux.org.uk/~rmk/linux-arm · 2821e26f
      Linus Torvalds authored
      Pull ARM fixes from Russell King:
      
       - fix ftrace relocation type filtering
      
       - relax arch timer version check
      
      * tag 'for-linus' of git://git.armlinux.org.uk/~rmk/linux-arm:
        ARM: 8955/1: virt: Relax arch timer version check during early boot
        ARM: 8950/1: ftrace/recordmcount: filter relocation types
      2821e26f
    • Linus Torvalds's avatar
      Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net · 84809aaf
      Linus Torvalds authored
      Pull networking fixes from David Miller:
      
       1) Off by one in mt76 airtime calculation, from Dan Carpenter.
      
       2) Fix TLV fragment allocation loop condition in iwlwifi, from Luca
          Coelho.
      
       3) Don't confirm neigh entries when doing ipsec pmtu updates, from Xu
          Wang.
      
       4) More checks to make sure we only send TSO packets to lan78xx chips
          that they can actually handle. From James Hughes.
      
       5) Fix ip_tunnel namespace move, from William Dauchy.
      
       6) Fix unintended packet reordering due to cooperation between
          listification done by GRO and non-GRO paths. From Maxim
          Mikityanskiy.
      
       7) Add Jakub Kicincki formally as networking co-maintainer.
      
       8) Info leak in airo ioctls, from Michael Ellerman.
      
       9) IFLA_MTU attribute needs validation during rtnl_create_link(), from
          Eric Dumazet.
      
      10) Use after free during reload in mlxsw, from Ido Schimmel.
      
      11) Dangling pointers are possible in tp->highest_sack, fix from Eric
          Dumazet.
      
      12) Missing *pos++ in various networking seq_next handlers, from Vasily
          Averin.
      
      13) CHELSIO_GET_MEM operation neds CAP_NET_ADMIN check, from Michael
          Ellerman.
      
      * git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net: (109 commits)
        firestream: fix memory leaks
        net: cxgb3_main: Add CAP_NET_ADMIN check to CHELSIO_GET_MEM
        net: bcmgenet: Use netif_tx_napi_add() for TX NAPI
        tipc: change maintainer email address
        net: stmmac: platform: fix probe for ACPI devices
        net/mlx5e: kTLS, Do not send decrypted-marked SKBs via non-accel path
        net/mlx5e: kTLS, Remove redundant posts in TX resync flow
        net/mlx5e: kTLS, Fix corner-case checks in TX resync flow
        net/mlx5e: Clear VF config when switching modes
        net/mlx5: DR, use non preemptible call to get the current cpu number
        net/mlx5: E-Switch, Prevent ingress rate configuration of uplink rep
        net/mlx5: DR, Enable counter on non-fwd-dest objects
        net/mlx5: Update the list of the PCI supported devices
        net/mlx5: Fix lowest FDB pool size
        net: Fix skb->csum update in inet_proto_csum_replace16().
        netfilter: nf_tables: autoload modules from the abort path
        netfilter: nf_tables: add __nft_chain_type_get()
        netfilter: nf_tables_offload: fix check the chain offload flag
        netfilter: conntrack: sctp: use distinct states for new SCTP connections
        ipv6_route_seq_next should increase position index
        ...
      84809aaf
    • Linus Torvalds's avatar
      Merge tag 'armsoc-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/soc/soc · f041eada
      Linus Torvalds authored
      Pull ARM SoC fixes from Olof Johansson:
       "A couple of fixes have come in that would be good to include in this
        release:
      
         - A fix for amount of memory on Beaglebone Black. Surfaced now since
           GRUB2 doesn't update memory size in the booted kernel.
      
         - A fix to make SPI interfaces work on am43x-epos-evm.
      
         - Small Kconfig fix for OPTEE (adds a depend on MMU) to avoid build
           failures"
      
      * tag 'armsoc-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/soc/soc:
        ARM: dts: am43x-epos-evm: set data pin directions for spi0 and spi1
        tee: optee: Fix compilation issue with nommu
        ARM: dts: am335x-boneblack-common: fix memory size
      f041eada
    • Wenwen Wang's avatar
      firestream: fix memory leaks · fa865ba1
      Wenwen Wang authored
      
      
      In fs_open(), 'vcc' is allocated through kmalloc() and assigned to
      'atm_vcc->dev_data.' In the following execution, if an error occurs, e.g.,
      there is no more free channel, an error code EBUSY or ENOMEM will be
      returned. However, 'vcc' is not deallocated, leading to memory leaks. Note
      that, in normal cases where fs_open() returns 0, 'vcc' will be deallocated
      in fs_close(). But, if fs_open() fails, there is no guarantee that
      fs_close() will be invoked.
      
      To fix this issue, deallocate 'vcc' before the error code is returned.
      
      Signed-off-by: default avatarWenwen Wang <wenwen@cs.uga.edu>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      fa865ba1
    • David S. Miller's avatar
      Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf · 6badad1c
      David S. Miller authored
      
      
      Pablo Neira Ayuso says:
      
      ====================
      Netfilter fixes for net
      
      The following patchset contains Netfilter fixes for net:
      
      1) Missing netlink attribute sanity check for NFTA_OSF_DREG,
         from Florian Westphal.
      
      2) Use bitmap infrastructure in ipset to fix KASAN slab-out-of-bounds
         reads, from Jozsef Kadlecsik.
      
      3) Missing initial CLOSED state in new sctp connection through
         ctnetlink events, from Jiri Wiesner.
      
      4) Missing check for NFT_CHAIN_HW_OFFLOAD in nf_tables offload
         indirect block infrastructure, from wenxu.
      
      5) Add __nft_chain_type_get() to sanity check family and chain type.
      
      6) Autoload modules from the nf_tables abort path to fix races
         reported by syzbot.
      
      7) Remove unnecessary skb->csum update on inet_proto_csum_replace16(),
         from Praveen Chaudhary.
      ====================
      
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      6badad1c
    • Linus Torvalds's avatar
      Merge tag 'for-5.5-rc8-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/kdave/linux · a075f23d
      Linus Torvalds authored
      Pull btrfs fix from David Sterba:
       "Here's a last minute fix for a regression introduced in this
        development cycle.
      
        There's a small chance of a silent corruption when device replace and
        NOCOW data writes happen at the same time in one block group. Metadata
        or COW data writes are unaffected.
      
        The extra fixup patch is there to silence an unnecessary warning"
      
      * tag 'for-5.5-rc8-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/kdave/linux:
        btrfs: dev-replace: remove warning for unknown return codes when finished
        btrfs: scrub: Require mandatory block group RO for dev-replace
      a075f23d
    • Linus Torvalds's avatar
      Merge tag 'pinctrl-v5.5-5' of git://git.kernel.org/pub/scm/linux/kernel/git/linusw/linux-pinctrl · 93d1a05e
      Linus Torvalds authored
      Pull pin control fix from Linus Walleij:
       "A single fix for the Intel Sunrisepoint pin controller that makes the
        interrupts work properly on it"
      
      * tag 'pinctrl-v5.5-5' of git://git.kernel.org/pub/scm/linux/kernel/git/linusw/linux-pinctrl:
        pinctrl: sunrisepoint: Add missing Interrupt Status register offset
      93d1a05e
    • David S. Miller's avatar
      Merge tag 'mlx5-fixes-2020-01-24' of git://git.kernel.org/pub/scm/linux/kernel/git/saeed/linux · 722943a5
      David S. Miller authored
      
      
      Saeed Mahameed says:
      
      ====================
      Mellanox, mlx5 fixes 2020-01-24
      
      This series introduces some fixes to mlx5 driver.
      
      Please pull and let me know if there is any problem.
      
      Merge conflict: once merge with net-next, a contextual conflict will
      appear in drivers/net/ethernet/mellanox/mlx5/core/eswitch_offloads.c
      since the code moved in net-next.
      To resolve, just delete ALL of the conflicting hunk from net.
      So sorry for the small mess ..
      
      For -stable v5.4:
       ('net/mlx5: Update the list of the PCI supported devices')
       ('net/mlx5: Fix lowest FDB pool size')
       ('net/mlx5e: kTLS, Fix corner-case checks in TX resync flow')
       ('net/mlx5e: kTLS, Do not send decrypted-marked SKBs via non-accel path')
       ('net/mlx5: Eswitch, Prevent ingress rate configuration of uplink rep')
       ('net/mlx5e: kTLS, Remove redundant posts in TX resync flow')
       ('net/mlx5: DR, Enable counter on non-fwd-dest objects')
       ('net/mlx5: DR, use non preemptible call to get the current cpu number')
      ====================
      
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      722943a5
    • David Sterba's avatar
      btrfs: dev-replace: remove warning for unknown return codes when finished · 4cea9037
      David Sterba authored
      
      
      The fstests btrfs/011 triggered a warning at the end of device replace,
      
        [ 1891.998975] BTRFS warning (device vdd): failed setting block group ro: -28
        [ 1892.038338] BTRFS error (device vdd): btrfs_scrub_dev(/dev/vdd, 1, /dev/vdb) failed -28
        [ 1892.059993] ------------[ cut here ]------------
        [ 1892.063032] WARNING: CPU: 2 PID: 2244 at fs/btrfs/dev-replace.c:506 btrfs_dev_replace_start.cold+0xf9/0x140 [btrfs]
        [ 1892.074346] CPU: 2 PID: 2244 Comm: btrfs Not tainted 5.5.0-rc7-default+ #942
        [ 1892.079956] RIP: 0010:btrfs_dev_replace_start.cold+0xf9/0x140 [btrfs]
      
        [ 1892.096576] RSP: 0018:ffffbb58c7b3fd10 EFLAGS: 00010286
        [ 1892.098311] RAX: 00000000ffffffe4 RBX: 0000000000000001 RCX: 8888888888888889
        [ 1892.100342] RDX: 0000000000000001 RSI: ffff9e889645f5d8 RDI: ffffffff92821080
        [ 1892.102291] RBP: ffff9e889645c000 R08: 000001b8878fe1f6 R09: 0000000000000000
        [ 1892.104239] R10: ffffbb58c7b3fd08 R11: 0000000000000000 R12: ffff9e88a0017000
        [ 1892.106434] R13: ffff9e889645f608 R14: ffff9e88794e1000 R15: ffff9e88a07b5200
        [ 1892.108642] FS:  00007fcaed3f18c0(0000) GS:ffff9e88bda00000(0000) knlGS:0000000000000000
        [ 1892.111558] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
        [ 1892.113492] CR2: 00007f52509ff420 CR3: 00000000603dd002 CR4: 0000000000160ee0
      
        [ 1892.115814] Call Trace:
        [ 1892.116896]  btrfs_dev_replace_by_ioctl+0x35/0x60 [btrfs]
        [ 1892.118962]  btrfs_ioctl+0x1d62/0x2550 [btrfs]
      
      caused by the previous patch ("btrfs: scrub: Require mandatory block
      group RO for dev-replace"). Hitting ENOSPC is possible and could happen
      when the block group is set read-only, preventing NOCOW writes to the
      area that's being accessed by dev-replace.
      
      This has happend with scratch devices of size 12G but not with 5G and
      20G, so this is depends on timing and other activity on the filesystem.
      The whole replace operation is restartable, the space state should be
      examined by the user in any case.
      
      The error code is propagated back to the ioctl caller so the kernel
      warning is causing false alerts.
      
      Signed-off-by: default avatarDavid Sterba <dsterba@suse.com>
      4cea9037
    • Michael Ellerman's avatar
      net: cxgb3_main: Add CAP_NET_ADMIN check to CHELSIO_GET_MEM · 3546d8f1
      Michael Ellerman authored
      
      
      The cxgb3 driver for "Chelsio T3-based gigabit and 10Gb Ethernet
      adapters" implements a custom ioctl as SIOCCHIOCTL/SIOCDEVPRIVATE in
      cxgb_extension_ioctl().
      
      One of the subcommands of the ioctl is CHELSIO_GET_MEM, which appears
      to read memory directly out of the adapter and return it to userspace.
      It's not entirely clear what the contents of the adapter memory
      contains, but the assumption is that it shouldn't be accessible to all
      users.
      
      So add a CAP_NET_ADMIN check to the CHELSIO_GET_MEM case. Put it after
      the is_offload() check, which matches two of the other subcommands in
      the same function which also check for is_offload() and CAP_NET_ADMIN.
      
      Found by Ilja by code inspection, not tested as I don't have the
      required hardware.
      
      Reported-by: default avatarIlja Van Sprundel <ivansprundel@ioactive.com>
      Signed-off-by: default avatarMichael Ellerman <mpe@ellerman.id.au>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      3546d8f1
    • Florian Fainelli's avatar
      net: bcmgenet: Use netif_tx_napi_add() for TX NAPI · 148965df
      Florian Fainelli authored
      
      
      Before commit 7587935c ("net: bcmgenet: move NAPI initialization to
      ring initialization") moved the code, this used to be
      netif_tx_napi_add(), but we lost that small semantic change in the
      process, restore that.
      
      Fixes: 7587935c ("net: bcmgenet: move NAPI initialization to ring initialization")
      Signed-off-by: default avatarFlorian Fainelli <f.fainelli@gmail.com>
      Acked-by: default avatarDoug Berger <opendmb@gmail.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      148965df
    • Jon Maloy's avatar
      tipc: change maintainer email address · 61b1f2af
      Jon Maloy authored
      
      
      Reflecting new realities.
      
      Signed-off-by: Jon Maloy's avatarJon Maloy <jmaloy@redhat.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      61b1f2af
    • Ajay Gupta's avatar
      net: stmmac: platform: fix probe for ACPI devices · b9f0b2f6
      Ajay Gupta authored
      
      
      Use generic device API to get phy mode to fix probe failure
      with ACPI based devices.
      
      Signed-off-by: default avatarAjay Gupta <ajayg@nvidia.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      b9f0b2f6
    • Linus Torvalds's avatar
      Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/dtor/input · d5d359b0
      Linus Torvalds authored
      Pull input fixes from Dmitry Torokhov:
      
       - add sanity checks to USB endpoints in various dirvers
      
       - max77650-onkey was missing an OF table which was preventing module
         autoloading
      
       - a revert and a different fix for F54 handling in Synaptics dirver
      
       - a fixup for handling register in pm8xxx vibrator driver
      
      * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/dtor/input:
        Input: pm8xxx-vib - fix handling of separate enable register
        Input: keyspan-remote - fix control-message timeouts
        Input: max77650-onkey - add of_match table
        Input: rmi_f54 - read from FIFO in 32 byte blocks
        Revert "Input: synaptics-rmi4 - don't increment rmiaddr for SMBus transfers"
        Input: sur40 - fix interface sanity checks
        Input: gtco - drop redundant variable reinit
        Input: gtco - fix extra-descriptor debug message
        Input: gtco - fix endpoint sanity check
        Input: aiptek - use descriptors of current altsetting
        Input: aiptek - fix endpoint sanity check
        Input: pegasus_notetaker - fix endpoint sanity check
        Input: sun4i-ts - add a check for devm_thermal_zone_of_sensor_register
        Input: evdev - convert kzalloc()/vzalloc() to kvzalloc()
      d5d359b0
  6. Jan 24, 2020
Loading