There can be a case when current task's audit context
may be NULL or even if it is not NULL, it can have
invalid non-zero value of dummy variable and also
we should audit the signal only if we have non-zero
value of audit_signals.
Issue has been seen during power on/off tests.
So, better to add explicit check on these variables.
Change-Id: I2f3e17d933fca8e3b8f4013f44f942f11c68f440
Signed-off-by: Chetan C R <cravin@codeaurora.org>
cpu3 stuck in printk more time in spin lock low_water_lock cause cpu0
get spin lock fail and system crashed.
CRs-Fixed: 969097
Change-Id: I75356a4b4171ae2888ce6cce792f569b5ca8cdcf
Signed-off-by: Tingting Yang <tingting@codeaurora.org>
Signed-off-by: Prasad Sodagudi <psodagud@codeaurora.org>
Signed-off-by: Minming Qi <mqi@codeaurora.org>
sched_use_walt_cpu_{task_}util sysctl knobs are used to control
runtime whether to use WALT signals (cumulative_runnable_avg/
ravg.demand) or PELT signal (util_avg) for task and cpu utilization
for task placement and frequency guidance.
But there is a subtle impact with these tunables when we frequently
toggle them. When sched_use_walt_cpu_util set to 0, and hotplugging
the cpu makes sg_cpu() members reset to 0, which sets sg_cpu.walt_load
to 0, but the sg_policy->last_ws never reset to zero. When the knob is
set back to 1 exactly after load is queried but before sugov_calc_avg_cap()
is called, which would compare walt_load->ws (= 0) against the stale
value of sg_policy->last_ws and hits BUG_ON().
When walt is enabled, we always use walt signals for task placement and
frequency guidance. So kill these sysctl knobs.
Change-Id: Id7eea8aa36fcfc33539aa3887c512a70a2414fc0
Signed-off-by: Lingutla Chandrasekhar <clingutla@codeaurora.org>
Convert all calls to the now obsolete debugfs_use_file_start()
and debugfs_use_file_finish() from ipc_logging to the new
debugfs_file_get() and debugfs_file_put() API.
Change-Id: I83781f97cd5ee5d441a915afb1d235427c206003
Signed-off-by: Tingwei Zhang <tingwei@codeaurora.org>
Since all cores in a cluster are in isolation, PMQoS latency constraint
set by clock driver to switch PLL is ignored. So, Cluster enter to L2PC
and SPM is trying to disable the PLL and at same time clock driver
trying to switch the PLL from other cluster which leads to the
synchronization issues.
Fix is although all cores are in isolation, honor PMQoS request
for cluster LPMs.
Change-Id: I4296e16ef4e9046d1fbe3b7378e9f61a2f11c74d
Signed-off-by: Raghavendra Kakarla <rkakarla@codeaurora.org>
When CPUs are limited via max_cpus tunable, core_ctl first try
to isolate the non busy CPUs. During this, not_preferred CPUs are
skipped. If more CPUs have to be isolated, CPUs are isolated
in the sequential order without checking not_preferred hint.
So we may end up keeping not_preferred CPUs active after this
step. Add another step to isolate the not_preferred CPUs first
during max_cpus limiting.
Change-Id: If2c5c9d9c69718c1e586cd81c1af0ed0b5d13075
Signed-off-by: Pavankumar Kondeti <pkondeti@codeaurora.org>
The cpupri_find() returns the candidate CPUs which are running
lower priority than the waking RT task in the lowest_mask. This
contains isolated CPUs as well. Since the energy aware CPU selection
skips isolated CPUs, no target CPU may be found if all unisolated CPUs
are running higher priority RT tasks. In which case, we fallback to
the default CPU selection algorithm and returns an isolated CPU. This
decision is reversed by select_task_rq() and returns an unisolated
CPU that is busy with other RT tasks. This RT task packing is desired
behavior. However, RT push mechanism pushes the packed RT task to
an isolated CPU. This can be avoided by excluding isolated CPUs from
the lowest_mask returned by cpupri_find().
Change-Id: I75486b3935caf496a638d0333565beffc47fe249
Signed-off-by: Pavankumar Kondeti <pkondeti@codeaurora.org>
* refs/heads/tmp-9c3041c:
Linux 4.9.102
x86/bugs: Rename SSBD_NO to SSB_NO
KVM: SVM: Implement VIRT_SPEC_CTRL support for SSBD
x86/speculation, KVM: Implement support for VIRT_SPEC_CTRL/LS_CFG
x86/bugs: Rework spec_ctrl base and mask logic
x86/bugs: Remove x86_spec_ctrl_set()
x86/bugs: Expose x86_spec_ctrl_base directly
x86/bugs: Unify x86_spec_ctrl_{set_guest,restore_host}
x86/speculation: Rework speculative_store_bypass_update()
x86/speculation: Add virtualized speculative store bypass disable support
x86/bugs, KVM: Extend speculation control for VIRT_SPEC_CTRL
x86/speculation: Handle HT correctly on AMD
x86/cpufeatures: Add FEATURE_ZEN
x86/cpu/AMD: Fix erratum 1076 (CPB bit)
x86/cpufeatures: Disentangle SSBD enumeration
x86/cpufeatures: Disentangle MSR_SPEC_CTRL enumeration from IBRS
x86/speculation: Use synthetic bits for IBRS/IBPB/STIBP
KVM: SVM: Move spec control call after restore of GS
x86/cpu: Make alternative_msr_write work for 32-bit code
x86/bugs: Fix the parameters alignment and missing void
x86/bugs: Make cpu_show_common() static
x86/bugs: Fix __ssb_select_mitigation() return type
Documentation/spec_ctrl: Do some minor cleanups
proc: Use underscores for SSBD in 'status'
x86/bugs: Rename _RDS to _SSBD
x86/speculation: Make "seccomp" the default mode for Speculative Store Bypass
seccomp: Move speculation migitation control to arch code
seccomp: Add filter flag to opt-out of SSB mitigation
seccomp: Use PR_SPEC_FORCE_DISABLE
prctl: Add force disable speculation
x86/bugs: Make boot modes __ro_after_init
seccomp: Enable speculation flaw mitigations
proc: Provide details on speculation flaw mitigations
nospec: Allow getting/setting on non-current task
x86/speculation: Add prctl for Speculative Store Bypass mitigation
x86/process: Allow runtime control of Speculative Store Bypass
x86/process: Optimize TIF_NOTSC switch
x86/process: Correct and optimize TIF_BLOCKSTEP switch
x86/process: Optimize TIF checks in __switch_to_xtra()
prctl: Add speculation control prctls
x86/speculation: Create spec-ctrl.h to avoid include hell
x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest
x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested
x86/bugs: Whitelist allowed SPEC_CTRL MSR values
x86/bugs/intel: Set proper CPU features and setup RDS
x86/bugs: Provide boot parameters for the spec_store_bypass_disable mitigation
x86/cpufeatures: Add X86_FEATURE_RDS
x86/bugs: Expose /sys/../spec_store_bypass
x86/bugs, KVM: Support the combination of guest and host IBRS
x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits
x86/bugs: Concentrate bug reporting into a separate function
x86/bugs: Concentrate bug detection into a separate function
x86/nospec: Simplify alternative_msr_write()
btrfs: fix reading stale metadata blocks after degraded raid1 mounts
x86/amd: don't set X86_BUG_SYSRET_SS_ATTRS when running under Xen
btrfs: fix crash when trying to resume balance without the resume flag
Btrfs: fix xattr loss after power failure
ARM: 8772/1: kprobes: Prohibit kprobes on get_user functions
ARM: 8770/1: kprobes: Prohibit probing on optimized_callback
ARM: 8769/1: kprobes: Fix to use get_kprobe_ctlblk after irq-disabed
tick/broadcast: Use for_each_cpu() specially on UP kernels
ARM: 8771/1: kprobes: Prohibit kprobes on do_undefinstr
efi: Avoid potential crashes, fix the 'struct efi_pci_io_protocol_32' definition for mixed mode
x86/pkeys: Do not special case protection key 0
x86/pkeys: Override pkey when moving away from PROT_EXEC
s390: remove indirect branch from do_softirq_own_stack
s390/qdio: don't release memory in qdio_setup_irq()
s390/cpum_sf: ensure sample frequency of perf event attributes is non-zero
s390/qdio: fix access to uninitialized qdio_q fields
mm: don't allow deferred pages with NEED_PER_CPU_KM
powerpc/powernv: Fix NVRAM sleep in invalid context when crashing
i2c: designware: fix poll-after-enable regression
netfilter: nf_tables: can't fail after linking rule into active rule list
tracing/x86/xen: Remove zero data size trace events trace_xen_mmu_flush_tlb{_all}
signals: avoid unnecessary taking of sighand->siglock
powerpc: Don't preempt_disable() in show_cpuinfo()
KVM: arm/arm64: VGIC/ITS: protect kvm_read_guest() calls with SRCU lock
spi: bcm-qspi: Always read and set BSPI_MAST_N_BOOT_CTRL
spi: bcm-qspi: Avoid setting MSPI_CDRAM_PCS for spi-nor master
spi: pxa2xx: Allow 64-bit DMA
ALSA: control: fix a redundant-copy issue
ALSA: hda: Add Lenovo C50 All in one to the power_save blacklist
ALSA: usb: mixer: volume quirk for CM102-A+/102S+
usbip: usbip_host: fix bad unlock balance during stub_probe()
usbip: usbip_host: fix NULL-ptr deref and use-after-free errors
usbip: usbip_host: run rebind from exit when module is removed
usbip: usbip_host: delete device from busid_table after rebind
usbip: usbip_host: refine probe and disconnect debug msgs to be useful
UPSTREAM: dm bufio: avoid sleeping while holding the dm_bufio lock
Conflicts:
include/uapi/linux/prctl.h
Change-Id: I881a3f8da1b46ed7293b25d859b39bbb0efdad5c
Signed-off-by: Blagovest Kolenichev <bkolenichev@codeaurora.org>
* refs/heads/tmp-aef17a58:
Linux 4.9.101
kernel/exit.c: avoid undefined behaviour when calling wait4()
futex: futex_wake_op, fix sign_extend32 sign bits
proc: do not access cmdline nor environ from file-backed areas
nfp: TX time stamp packets before HW doorbell is rung
l2tp: revert "l2tp: fix missing print session offset info"
Revert "ARM: dts: imx6qdl-wandboard: Fix audio channel swap"
lockd: lost rollback of set_grace_period() in lockd_down_net()
xfrm: fix xfrm_do_migrate() with AEAD e.g(AES-GCM)
futex: Remove duplicated code and fix undefined behaviour
serial: sccnxp: Fix error handling in sccnxp_probe()
sctp: delay the authentication for the duplicated cookie-echo chunk
sctp: fix the issue that the cookie-ack with auth can't get processed
tcp: ignore Fast Open on repair mode
bonding: send learning packets for vlans on slave
net/mlx5: Avoid cleaning flow steering table twice during error flow
bonding: do not allow rlb updates to invalid mac
tg3: Fix vunmap() BUG_ON() triggered from tg3_free_consistent().
tcp_bbr: fix to zero idle_restart only upon S/ACKed data
sctp: use the old asoc when making the cookie-ack chunk in dupcook_d
sctp: remove sctp_chunk_put from fail_mark err path in sctp_ulpevent_make_rcvmsg
sctp: handle two v4 addrs comparison in sctp_inet6_cmp_addr
r8169: fix powering up RTL8168h
qmi_wwan: do not steal interfaces from class drivers
openvswitch: Don't swap table in nlattr_set() after OVS_ATTR_NESTED is found
net: support compat 64-bit time in {s,g}etsockopt
net_sched: fq: take care of throttled flows before reuse
net/mlx5: E-Switch, Include VF RDMA stats in vport statistics
net/mlx4_en: Verify coalescing parameters are in range
net: ethernet: ti: cpsw: fix packet leaking in dual_mac mode
net: ethernet: sun: niu set correct packet size in skb
llc: better deal with too small mtu
ipv4: fix memory leaks in udp_sendmsg, ping_v4_sendmsg
dccp: fix tasklet usage
bridge: check iface upper dev when setting master via ioctl
8139too: Use disable_irq_nosync() in rtl8139_poll_controller()
ANDROID: sdcardfs: Don't d_drop in d_revalidate
FROMLIST: brcmfmac: fix initialization of struct cfg80211_inform_bss variable
FROMLIST: brcmfmac: reports boottime_ns while informing bss
Change-Id: Idfe62af1b38254bed44364aa6ef001c38a5ad285
Signed-off-by: Blagovest Kolenichev <bkolenichev@codeaurora.org>
* refs/heads/tmp-39c8566:
Linux 4.9.100
perf/x86: Fix possible Spectre-v1 indexing for x86_pmu::event_map()
perf/core: Fix possible Spectre-v1 indexing for ->aux_pages[]
perf/x86/msr: Fix possible Spectre-v1 indexing in the MSR driver
perf/x86/cstate: Fix possible Spectre-v1 indexing for pkg_msr
perf/x86: Fix possible Spectre-v1 indexing for hw_perf_event cache_*
tracing/uprobe_event: Fix strncpy corner case
thermal: exynos: Propagate error value from tmu_read()
thermal: exynos: Reading temperature makes sense only when TMU is turned on
Revert "Bluetooth: btusb: Fix quirk for Atheros 1525/QCA6174"
atm: zatm: Fix potential Spectre v1
net: atm: Fix potential Spectre v1
drm/i915: Fix drm:intel_enable_lvds ERROR message in kernel log
drm/vc4: Fix scaling of uni-planar formats
can: kvaser_usb: Increase correct stats counter in kvaser_usb_rx_can_msg()
tracing: Fix regex_match_front() to not over compare the test string
libata: Apply NOLPM quirk for SanDisk SD7UB3Q*G1001 SSDs
rfkill: gpio: fix memory leak in probe error path
gpio: fix error path in lineevent_create
gpio: fix aspeed_gpio unmask irq
gpioib: do not free unrequested descriptors
arm64: Add work around for Arm Cortex-A55 Erratum 1024718
f2fs: fix a dead loop in f2fs_fiemap()
KVM: PPC: Book3S HV: Fix trap number return from __kvmppc_vcore_entry
bdi: Fix oops in wb_workfn()
tcp: fix TCP_REPAIR_QUEUE bound checking
perf: Remove superfluous allocation error check
soreuseport: initialise timewait reuseport field
dccp: initialize ireq->ir_mark
net: fix uninit-value in __hw_addr_add_ex()
net: initialize skb->peeked when cloning
net: fix rtnh_ok()
netlink: fix uninit-value in netlink_sendmsg
crypto: af_alg - fix possible uninit-value in alg_bind()
kcm: Call strp_stop before strp_done in kcm_attach
IB/device: Convert ib-comp-wq to be CPU-bound
ipvs: fix rtnl_lock lockups caused by start_sync_thread
BACKPORT: dma-buf/sync_file: Allow multiple sync_files to wrap a single dma-fence
ANDROID: ftrace: fix function type mismatches
UPSTREAM: ANDROID: binder: prevent transactions into own process.
Conflicts:
arch/arm64/include/asm/cputype.h
arch/arm64/mm/proc.S
drivers/dma-buf/sync_file.c
Change-Id: Ic5b1496659327a34150a192033ce7e1efa8b5fea
Signed-off-by: Blagovest Kolenichev <bkolenichev@codeaurora.org>
With commit '45121eb2cdb ("sched/walt: Fix stale window start marker
passed to the schedutil")', sched reports 'walt_irq_work_lastq_ws'
time as window start for schedutil. With that there is a possiblilty
of sending staled value as window start, as it is not protect by common
lock but only atomically updated by any cpu.
Here is one possible scenario, CPU1 reporting the load at the window
boundary and preempted by secure world and on window rollover other cpu
reports load with new window_start.
CPU1 CPU2
try_to_wake_up()
update_task_ravg()
wallclock=779987000
rq_lock(cpu1)
cpufreq_update_util() try_to_wake_up()
cpu_util_freq() update_task_ravg()
walt_irq_work_lastq_ws=760000000 wallclock=780080182
curr_ws = 760000000 run_walt_irq_work()
<preempted by secure world> walt_irq_work_lastq_ws=780000000
rq_lock(cpu2)
cpufreq_update_util()
cpu_util_freq()
curr_ws = 780000000
< return back > lock(sg_policy->update_lock)
< waiting update_lock > sg_policy->last_ws= 780000000
unlock(sg_policy->update_lock)
lock(sg_policy->update_lock)
BUG(curr_ws < last_ws)
760000000 < 780000000
Fix this by updating the load reporting window start variable when all rq
locks held at walt irq work.
Change-Id: Id8c767420845ce003bee96d006bd2551321a9923
Signed-off-by: Lingutla Chandrasekhar <clingutla@codeaurora.org>
It's possible size of given idle cost index is smaller than CPU's
possible idle index size. Ceil the CPU's idle index to prevent out
of bound accessing.
Change-Id: Idecb4f68758dd0183886ea74d0e9da3d236b0062
Signed-off-by: Joonwoo Park <joonwoop@codeaurora.org>
Signed-off-by: Lingutla Chandrasekhar <clingutla@codeaurora.org>
group_idle_state() can return INT_MAX + 1 which is undefined behaviour
when there is no CPUs in sched_group. Prevent such by error correctly.
Change-Id: If9796c829c091e461231569dc38c5e5456f58037
Signed-off-by: Joonwoo Park <joonwoop@codeaurora.org>
Signed-off-by: Satya Durga Srinivasu Prabhala <satyap@codeaurora.org>
[clingutla@codeaurora.org: Fixed trivial merge conflicts and squashed
msm-4.14 change]
Signed-off-by: Lingutla Chandrasekhar <clingutla@codeaurora.org>
At present __cpu_overutilized() determines whether CPU is overutilized
or not by using capacity_of(). CPU's capacity can be reduced by RT tasks
load and using capacity_of() may lead to undesired behavior. So, use
capacity_orig_of() instead of capacity_of() to find CPU is overutilized
or not.
While at it, remove double accounting of cpu utilization for RT tasks.
Change-Id: I55b1a782f5b4ad859ee88cd43d5236b8187db2ea
Signed-off-by: Satya Durga Srinivasu Prabhala <satyap@codeaurora.org>
Changes in 4.9.102
usbip: usbip_host: refine probe and disconnect debug msgs to be useful
usbip: usbip_host: delete device from busid_table after rebind
usbip: usbip_host: run rebind from exit when module is removed
usbip: usbip_host: fix NULL-ptr deref and use-after-free errors
usbip: usbip_host: fix bad unlock balance during stub_probe()
ALSA: usb: mixer: volume quirk for CM102-A+/102S+
ALSA: hda: Add Lenovo C50 All in one to the power_save blacklist
ALSA: control: fix a redundant-copy issue
spi: pxa2xx: Allow 64-bit DMA
spi: bcm-qspi: Avoid setting MSPI_CDRAM_PCS for spi-nor master
spi: bcm-qspi: Always read and set BSPI_MAST_N_BOOT_CTRL
KVM: arm/arm64: VGIC/ITS: protect kvm_read_guest() calls with SRCU lock
powerpc: Don't preempt_disable() in show_cpuinfo()
signals: avoid unnecessary taking of sighand->siglock
tracing/x86/xen: Remove zero data size trace events trace_xen_mmu_flush_tlb{_all}
netfilter: nf_tables: can't fail after linking rule into active rule list
i2c: designware: fix poll-after-enable regression
powerpc/powernv: Fix NVRAM sleep in invalid context when crashing
mm: don't allow deferred pages with NEED_PER_CPU_KM
s390/qdio: fix access to uninitialized qdio_q fields
s390/cpum_sf: ensure sample frequency of perf event attributes is non-zero
s390/qdio: don't release memory in qdio_setup_irq()
s390: remove indirect branch from do_softirq_own_stack
x86/pkeys: Override pkey when moving away from PROT_EXEC
x86/pkeys: Do not special case protection key 0
efi: Avoid potential crashes, fix the 'struct efi_pci_io_protocol_32' definition for mixed mode
ARM: 8771/1: kprobes: Prohibit kprobes on do_undefinstr
tick/broadcast: Use for_each_cpu() specially on UP kernels
ARM: 8769/1: kprobes: Fix to use get_kprobe_ctlblk after irq-disabed
ARM: 8770/1: kprobes: Prohibit probing on optimized_callback
ARM: 8772/1: kprobes: Prohibit kprobes on get_user functions
Btrfs: fix xattr loss after power failure
btrfs: fix crash when trying to resume balance without the resume flag
x86/amd: don't set X86_BUG_SYSRET_SS_ATTRS when running under Xen
btrfs: fix reading stale metadata blocks after degraded raid1 mounts
x86/nospec: Simplify alternative_msr_write()
x86/bugs: Concentrate bug detection into a separate function
x86/bugs: Concentrate bug reporting into a separate function
x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits
x86/bugs, KVM: Support the combination of guest and host IBRS
x86/bugs: Expose /sys/../spec_store_bypass
x86/cpufeatures: Add X86_FEATURE_RDS
x86/bugs: Provide boot parameters for the spec_store_bypass_disable mitigation
x86/bugs/intel: Set proper CPU features and setup RDS
x86/bugs: Whitelist allowed SPEC_CTRL MSR values
x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested
x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest
x86/speculation: Create spec-ctrl.h to avoid include hell
prctl: Add speculation control prctls
x86/process: Optimize TIF checks in __switch_to_xtra()
x86/process: Correct and optimize TIF_BLOCKSTEP switch
x86/process: Optimize TIF_NOTSC switch
x86/process: Allow runtime control of Speculative Store Bypass
x86/speculation: Add prctl for Speculative Store Bypass mitigation
nospec: Allow getting/setting on non-current task
proc: Provide details on speculation flaw mitigations
seccomp: Enable speculation flaw mitigations
x86/bugs: Make boot modes __ro_after_init
prctl: Add force disable speculation
seccomp: Use PR_SPEC_FORCE_DISABLE
seccomp: Add filter flag to opt-out of SSB mitigation
seccomp: Move speculation migitation control to arch code
x86/speculation: Make "seccomp" the default mode for Speculative Store Bypass
x86/bugs: Rename _RDS to _SSBD
proc: Use underscores for SSBD in 'status'
Documentation/spec_ctrl: Do some minor cleanups
x86/bugs: Fix __ssb_select_mitigation() return type
x86/bugs: Make cpu_show_common() static
x86/bugs: Fix the parameters alignment and missing void
x86/cpu: Make alternative_msr_write work for 32-bit code
KVM: SVM: Move spec control call after restore of GS
x86/speculation: Use synthetic bits for IBRS/IBPB/STIBP
x86/cpufeatures: Disentangle MSR_SPEC_CTRL enumeration from IBRS
x86/cpufeatures: Disentangle SSBD enumeration
x86/cpu/AMD: Fix erratum 1076 (CPB bit)
x86/cpufeatures: Add FEATURE_ZEN
x86/speculation: Handle HT correctly on AMD
x86/bugs, KVM: Extend speculation control for VIRT_SPEC_CTRL
x86/speculation: Add virtualized speculative store bypass disable support
x86/speculation: Rework speculative_store_bypass_update()
x86/bugs: Unify x86_spec_ctrl_{set_guest,restore_host}
x86/bugs: Expose x86_spec_ctrl_base directly
x86/bugs: Remove x86_spec_ctrl_set()
x86/bugs: Rework spec_ctrl base and mask logic
x86/speculation, KVM: Implement support for VIRT_SPEC_CTRL/LS_CFG
KVM: SVM: Implement VIRT_SPEC_CTRL support for SSBD
x86/bugs: Rename SSBD_NO to SSB_NO
Linux 4.9.102
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
commit 8bf37d8c067bb7eb8e7c381bdadf9bd89182b6bc upstream
The migitation control is simpler to implement in architecture code as it
avoids the extra function call to check the mode. Aside of that having an
explicit seccomp enabled mode in the architecture mitigations would require
even more workarounds.
Move it into architecture code and provide a weak function in the seccomp
code. Remove the 'which' argument as this allows the architecture to decide
which mitigations are relevant for seccomp.
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: David Woodhouse <dwmw@amazon.co.uk>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
commit 00a02d0c502a06d15e07b857f8ff921e3e402675 upstream
If a seccomp user is not interested in Speculative Store Bypass mitigation
by default, it can set the new SECCOMP_FILTER_FLAG_SPEC_ALLOW flag when
adding filters.
Signed-off-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: David Woodhouse <dwmw@amazon.co.uk>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
commit b849a812f7eb92e96d1c8239b06581b2cfd8b275 upstream
Use PR_SPEC_FORCE_DISABLE in seccomp() because seccomp does not allow to
widen restrictions.
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: David Woodhouse <dwmw@amazon.co.uk>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
commit 5c3070890d06ff82eecb808d02d2ca39169533ef upstream
When speculation flaw mitigations are opt-in (via prctl), using seccomp
will automatically opt-in to these protections, since using seccomp
indicates at least some level of sandboxing is desired.
Signed-off-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: David Woodhouse <dwmw@amazon.co.uk>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
commit 7bbf1373e228840bb0295a2ca26d548ef37f448e upstream
Adjust arch_prctl_get/set_spec_ctrl() to operate on tasks other than
current.
This is needed both for /proc/$pid/status queries and for seccomp (since
thread-syncing can trigger seccomp in non-current threads).
Signed-off-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: David Woodhouse <dwmw@amazon.co.uk>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
commit b617cfc858161140d69cc0b5cc211996b557a1c7 upstream
Add two new prctls to control aspects of speculation related vulnerabilites
and their mitigations to provide finer grained control over performance
impacting mitigations.
PR_GET_SPECULATION_CTRL returns the state of the speculation misfeature
which is selected with arg2 of prctl(2). The return value uses bit 0-2 with
the following meaning:
Bit Define Description
0 PR_SPEC_PRCTL Mitigation can be controlled per task by
PR_SET_SPECULATION_CTRL
1 PR_SPEC_ENABLE The speculation feature is enabled, mitigation is
disabled
2 PR_SPEC_DISABLE The speculation feature is disabled, mitigation is
enabled
If all bits are 0 the CPU is not affected by the speculation misfeature.
If PR_SPEC_PRCTL is set, then the per task control of the mitigation is
available. If not set, prctl(PR_SET_SPECULATION_CTRL) for the speculation
misfeature will fail.
PR_SET_SPECULATION_CTRL allows to control the speculation misfeature, which
is selected by arg2 of prctl(2) per task. arg3 is used to hand in the
control value, i.e. either PR_SPEC_ENABLE or PR_SPEC_DISABLE.
The common return values are:
EINVAL prctl is not implemented by the architecture or the unused prctl()
arguments are not 0
ENODEV arg2 is selecting a not supported speculation misfeature
PR_SET_SPECULATION_CTRL has these additional return values:
ERANGE arg3 is incorrect, i.e. it's not either PR_SPEC_ENABLE or PR_SPEC_DISABLE
ENXIO prctl control of the selected speculation misfeature is disabled
The first supported controlable speculation misfeature is
PR_SPEC_STORE_BYPASS. Add the define so this can be shared between
architectures.
Based on an initial patch from Tim Chen and mostly rewritten.
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Reviewed-by: Ingo Molnar <mingo@kernel.org>
Reviewed-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Signed-off-by: David Woodhouse <dwmw@amazon.co.uk>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
commit c7be96af89d4b53211862d8599b2430e8900ed92 upstream.
When running certain database workload on a high-end system with many
CPUs, it was found that spinlock contention in the sigprocmask syscalls
became a significant portion of the overall CPU cycles as shown below.
9.30% 9.30% 905387 dataserver /proc/kcore 0x7fff8163f4d2
[k] _raw_spin_lock_irq
|
---_raw_spin_lock_irq
|
|--99.34%-- __set_current_blocked
| sigprocmask
| sys_rt_sigprocmask
| system_call_fastpath
| |
| |--50.63%-- __swapcontext
| | |
| | |--99.91%-- upsleepgeneric
| |
| |--49.36%-- __setcontext
| | ktskRun
Looking further into the swapcontext function in glibc, it was found that
the function always call sigprocmask() without checking if there are
changes in the signal mask.
A check was added to the __set_current_blocked() function to avoid taking
the sighand->siglock spinlock if there is no change in the signal mask.
This will prevent unneeded spinlock contention when many threads are
trying to call sigprocmask().
With this patch applied, the spinlock contention in sigprocmask() was
gone.
Link: http://lkml.kernel.org/r/1474979209-11867-1-git-send-email-Waiman.Long@hpe.com
Signed-off-by: Waiman Long <Waiman.Long@hpe.com>
Acked-by: Oleg Nesterov <oleg@redhat.com>
Cc: Ingo Molnar <mingo@kernel.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Stas Sergeev <stsp@list.ru>
Cc: Scott J Norton <scott.norton@hpe.com>
Cc: Douglas Hatch <doug.hatch@hpe.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Mel Gorman <mgorman@suse.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
* refs/heads/tmp-c462abb:
Linux 4.9.99
s390/facilites: use stfle_fac_list array size for MAX_FACILITY_BIT
platform/x86: asus-wireless: Fix NULL pointer dereference
usb: musb: trace: fix NULL pointer dereference in musb_g_tx()
usb: musb: host: fix potential NULL pointer dereference
USB: serial: option: adding support for ublox R410M
USB: serial: option: reimplement interface masking
USB: Accept bulk endpoints with 1024-byte maxpacket
USB: serial: visor: handle potential invalid device configuration
test_firmware: fix setting old custom fw path back on exit, second try
drm/bridge: vga-dac: Fix edid memory leak
drm/vmwgfx: Fix a buffer object leak
IB/hfi1: Fix NULL pointer dereference when invalid num_vls is used
IB/mlx5: Use unlimited rate when static rate is not supported
NET: usb: qmi_wwan: add support for ublox R410M PID 0x90b2
RDMA/mlx5: Protect from shift operand overflow
RDMA/ucma: Allow resolving address w/o specifying source address
RDMA/cxgb4: release hw resources on device removal
xfs: prevent creating negative-sized file via INSERT_RANGE
Input: atmel_mxt_ts - add touchpad button mapping for Samsung Chromebook Pro
Input: leds - fix out of bound access
tracepoint: Do not warn on ENOMEM
ALSA: aloop: Add missing cable lock to ctl API callbacks
ALSA: aloop: Mark paused device as inactive
ALSA: seq: Fix races at MIDI encoding in snd_virmidi_output_trigger()
ALSA: pcm: Check PCM state at xfern compat ioctl
USB: serial: option: Add support for Quectel EP06
serial: imx: ensure UCR3 and UFCR are setup correctly
crypto: talitos - fix IPsec cipher in length
arm/arm64: KVM: Add PSCI version selection API
bpf: map_get_next_key to return first key on NULL
percpu: include linux/sched.h for cond_resched()
perf/core: Fix the perf_cpu_time_max_percent check
UPSTREAM: f2fs: clear PageError on writepage - part 2
UPSTREAM: f2fs: avoid fsync() failure caused by EAGAIN in writepage()
ANDROID: build.config: enforce trace_printk check
ANDROID: x86_64_cuttlefish_defconfig: Disable KPTI
UPSTREAM: sysfs: remove signedness from sysfs_get_dirent
UPSTREAM: tracing: Use cpumask_available() to check if cpumask variable may be used
BACKPORT: clocksource: Use GENMASK_ULL in definition of CLOCKSOURCE_MASK
UPSTREAM: netpoll: Fix device name check in netpoll_setup()
UPSTREAM: arm64: uaccess: suppress spurious clang warning
FROMLIST: staging: Fix sparse warnings in vsoc driver.
FROMLIST: staging: vsoc: Fix a i386-randconfig warning.
FROMLIST: staging: vsoc: Create wc kernel mapping for region shm.
Change-Id: Icacd9f396bc5d0db97541e5f532c496bd9589728
Signed-off-by: Blagovest Kolenichev <bkolenichev@codeaurora.org>
* refs/heads/tmp-f679e4d:
Linux 4.9.98
powerpc/eeh: Fix race with driver un/bind
x86/microcode/intel: Save microcode patch unconditionally
x86/smpboot: Don't use mwait_play_dead() on AMD systems
x86/ipc: Fix x32 version of shmid64_ds and msqid64_ds
tools/lib/subcmd/pager.c: do not alias select() params
objtool, perf: Fix GCC 8 -Wrestrict error
drm/amdgpu: set COMPUTE_PGM_RSRC1 for SGPR/VGPR clearing shaders
rtc: opal: Fix OPAL RTC driver OPAL_BUSY loops
cpufreq: powernv: Fix hardlockup due to synchronous smp_call in timer interrupt
earlycon: Use a pointer table to fix __earlycon_table stride
libceph: validate con->state at the top of try_write()
libceph: reschedule a tick in finish_hunting()
libceph: un-backoff on tick when we have a authenticated session
ASoC: fsl_esai: Fix divisor calculation failure at lower ratio
crypto: drbg - set freed buffers to NULL
ARM: amba: Don't read past the end of sysfs "driver_override" buffer
ARM: amba: Fix race condition with driver_override
ARM: amba: Make driver_override output consistent with other buses
PCI: aardvark: Fix PCIe Max Read Request Size setting
PCI: aardvark: Set PIO_ADDR_LS correctly in advk_pcie_rd_conf()
PCI: aardvark: Fix logic in advk_pcie_{rd,wr}_conf()
scsi: sd: Defer spinning up drive while SANITIZE is in progress
kobject: don't use WARN for registration failures
mtd: cfi: cmdset_0002: Do not allow read/write to suspend erase block.
mtd: cfi: cmdset_0001: Workaround Micron Erase suspend bug.
mtd: cfi: cmdset_0001: Do not allow read/write to suspend erase block.
ALSA: hda/realtek - Add some fixes for ALC233
ALSA: hda: Hardening for potential Spectre v1
ALSA: seq: oss: Hardening for potential Spectre v1
ALSA: seq: oss: Fix unbalanced use lock for synth MIDI device
ALSA: core: Report audio_tstamp in snd_pcm_sync_ptr
ALSA: control: Hardening for potential Spectre v1
ALSA: rme9652: Hardening for potential Spectre v1
ALSA: hdspm: Hardening for potential Spectre v1
ALSA: asihpi: Hardening for potential Spectre v1
ALSA: opl3: Hardening for potential Spectre v1
ALSA: dice: fix error path to destroy initialized stream data
ALSA: dice: fix OUI for TC group
tty: Use __GFP_NOFAIL for tty_ldisc_get()
tty: n_gsm: Fix DLCI handling for ADM mode if debug & 2 is not set
tty: n_gsm: Fix long delays with control frame timeouts in ADM mode
tty: Don't call panic() at tty_ldisc_init()
drm/virtio: fix vq wait_event condition
virtio_console: free buffers after reset
virtio: add ability to iterate over vqs
ALSA: usb-audio: Skip broken EU on Dell dock USB-audio
USB: Increment wakeup count on remote wakeup.
usb: core: Add quirk for HP v222w 16GB Mini
USB: serial: cp210x: add ID for NI USB serial console
USB: serial: ftdi_sio: use jtag quirk for Arrow USB Blaster
USB: serial: simple: add libtransistor console
usbip: vhci_hcd: Fix usb device and sockfd leaks
usbip: usbip_host: fix to hold parent lock for device_attach() calls
usbip: usbip_event: fix to not print kernel pointer address
random: rate limit unseeded randomness warnings
random: fix possible sleeping allocation from irq context
random: set up the NUMA crng instances after the CRNG is fully initialized
ext4: fix bitmap position validation
ext4: add validity checks for bitmap block numbers
ext4: set h_journal if there is a failure starting a reserved handle
ext4: prevent right-shifting extents beyond EXT_MAX_BLOCKS
cfi: print target address on failure
BACKPORT: ARM: cpuidle: Correct driver unregistration if init fails
BACKPORT: ARM: cpuidle: Avoid memleak if init fail
BACKPORT: ARM: cpuidle: Support asymmetric idle definition
Change-Id: Ie291572945a83300a1cd5303862691e18d882fa9
Signed-off-by: Blagovest Kolenichev <bkolenichev@codeaurora.org>
* refs/heads/tmp-2bcbbd5:
Linux 4.9.97
ACPI / video: Only default only_lcd to true on Win8-ready _desktops_
s390/uprobes: implement arch_uretprobe_is_alive()
s390/dasd: fix IO error for newly defined devices
s390/cio: update chpid descriptor after resource accessibility event
cdrom: information leak in cdrom_ioctl_media_changed()
scsi: mptsas: Disable WRITE SAME
strparser: Fix incorrect strp->need_bytes value.
ipv6: add RTA_TABLE and RTA_PREFSRC to rtm_ipv6_policy
net: af_packet: fix race in PACKET_{R|T}X_RING
tcp: md5: reject TCP_MD5SIG or TCP_MD5SIG_EXT on established sockets
net: fix deadlock while clearing neighbor proxy table
net: ethernet: ti: cpsw: fix tx vlan priority mapping
llc: fix NULL pointer deref for SOCK_ZAPPED
llc: hold llc_sap before release_sock()
net: sched: ife: signal not finding metaid
sctp: do not check port in sctp_inet6_cmp_addr
vlan: Fix reading memory beyond skb->tail in skb_vlan_tagged_multi
pppoe: check sockaddr length in pppoe_connect()
tipc: add policy for TIPC_NLA_NET_ADDR
packet: fix bitfield update race
team: fix netconsole setup over team
team: avoid adding twice the same option to the event list
tcp: don't read out-of-bounds opsize
llc: delete timers synchronously in llc_sk_free()
net: validate attribute sizes in neigh_dump_table()
l2tp: check sockaddr length in pppol2tp_connect()
KEYS: DNS: limit the length of option strings
bonding: do not set slave_dev npinfo before slave_enable_netpoll in bond_enslave
s390: correct module section names for expoline code revert
s390: correct nospec auto detection init order
s390: add sysfs attributes for spectre
s390: report spectre mitigation via syslog
s390: add automatic detection of the spectre defense
s390: move nobp parameter functions to nospec-branch.c
s390/entry.S: fix spurious zeroing of r0
s390: do not bypass BPENTER for interrupt system calls
s390: Replace IS_ENABLED(EXPOLINE_*) with IS_ENABLED(CONFIG_EXPOLINE_*)
KVM: s390: force bp isolation for VSIE
s390: introduce execute-trampolines for branches
s390: run user space and KVM guests with modified branch prediction
s390: add options to change branch prediction behaviour for the kernel
s390/alternative: use a copy of the facility bit mask
s390: add optimized array_index_mask_nospec
s390: scrub registers on kernel entry and KVM exit
KVM: s390: wire up bpb feature
s390: enable CPU alternatives unconditionally
s390: introduce CPU alternatives
PCI: Wait up to 60 seconds for device to become ready after FLR
Revert "ath10k: send (re)assoc peer command when NSS changed"
Revert "pinctrl: intel: Initialize GPIO properly when used through irqchip"
r8152: add Linksys USB3GIGV1 id
mac80211_hwsim: fix use-after-free bug in hwsim_exit_net
drm/i915/bxt, glk: Increase PCODE timeouts during CDCLK freq changing
RDMA/mlx5: Fix NULL dereference while accessing XRC_TGT QPs
perf: Return proper values for user stack errors
perf: Fix sample_max_stack maximum check
Revert "perf tools: Decompress kernel module when reading DSO data"
jbd2: fix use after free in kjournald2()
ath9k_hw: check if the chip failed to wake up
OF: Prevent unaligned access in of_alias_scan()
stk-webcam: fix an endian bug in stk_camera_read_reg()
power: supply: bq2415x: check for NULL acpi_id to avoid null pointer dereference
Input: drv260x - fix initializing overdrive voltage
MIPS: Generic: Fix big endian CPUs on generic machine
usb: musb: Fix external abort in musb_remove on omap2430
usb: musb: call pm_runtime_{get,put}_sync before reading vbus registers
usb: musb: fix enumeration after resume
i2c: i801: Restore configuration at shutdown
i2c: i801: Save register SMBSLVCMD value only once
i2c: i801: store and restore the SLVCMD register at load and unload
drm/i915: Fix LSPCON TMDS output buffer enabling from low-power state
drm/vc4: Fix memory leak during BO teardown
x86/tsc: Prevent 32bit truncation in calc_hpet_ref()
cifs: do not allow creating sockets except with SMB1 posix exensions
UPSTREAM: tracing: always define trace_{irq,preempt}_{enable_disable}
ANDROID: staging: ion: Obey kptr_restrict
ANDROID: sdcardfs: Set s_root to NULL after putting
ANDROID: sdcardfs: d_make_root calls iput
ANDROID: sdcardfs: Check for private data earlier
UPSTREAM: arm64: restore get_current() optimisation
Revert "ANDROID: arm64: temporarily mark ARM64_SW_TTBR0_PAN as BROKEN"
ANDROID: arm64: fix ARM64_SW_TTBR0_PAN backport
BACKPORT: arm64: split thread_info from task stack
UPSTREAM: arm64: assembler: introduce ldr_this_cpu
UPSTREAM: arm64: smp: Prevent raw_smp_processor_id() recursion
UPSTREAM: arm64: make cpu number a percpu variable
UPSTREAM: arm64: smp: prepare for smp_processor_id() rework
UPSTREAM: arm64: move sp_el0 and tpidr_el1 into cpu_suspend_ctx
UPSTREAM: arm64: prep stack walkers for THREAD_INFO_IN_TASK
UPSTREAM: arm64: unexport walk_stackframe
UPSTREAM: arm64: traps: simplify die() and __die()
UPSTREAM: arm64: factor out current_stack_pointer
BACKPORT: arm64: asm-offsets: remove unused definitions
UPSTREAM: arm64: thread_info remove stale items
ANDROID: arm64: temporarily mark ARM64_SW_TTBR0_PAN as BROKEN
UPSTREAM: thread_info: include <current.h> for THREAD_INFO_IN_TASK
UPSTREAM: thread_info: factor out restart_block
Conflicts:
arch/arm64/include/asm/thread_info.h
arch/arm64/kernel/smp.c
arch/arm64/kernel/stacktrace.c
arch/arm64/kernel/traps.c
drivers/staging/android/ion/ion.c
drivers/staging/android/ion/ion_cma_heap.c
Change-Id: I061294a8cf11b1a77edbcf54b64802cba387d41e
Signed-off-by: Blagovest Kolenichev <bkolenichev@codeaurora.org>
Changes in 4.9.101
8139too: Use disable_irq_nosync() in rtl8139_poll_controller()
bridge: check iface upper dev when setting master via ioctl
dccp: fix tasklet usage
ipv4: fix memory leaks in udp_sendmsg, ping_v4_sendmsg
llc: better deal with too small mtu
net: ethernet: sun: niu set correct packet size in skb
net: ethernet: ti: cpsw: fix packet leaking in dual_mac mode
net/mlx4_en: Verify coalescing parameters are in range
net/mlx5: E-Switch, Include VF RDMA stats in vport statistics
net_sched: fq: take care of throttled flows before reuse
net: support compat 64-bit time in {s,g}etsockopt
openvswitch: Don't swap table in nlattr_set() after OVS_ATTR_NESTED is found
qmi_wwan: do not steal interfaces from class drivers
r8169: fix powering up RTL8168h
sctp: handle two v4 addrs comparison in sctp_inet6_cmp_addr
sctp: remove sctp_chunk_put from fail_mark err path in sctp_ulpevent_make_rcvmsg
sctp: use the old asoc when making the cookie-ack chunk in dupcook_d
tcp_bbr: fix to zero idle_restart only upon S/ACKed data
tg3: Fix vunmap() BUG_ON() triggered from tg3_free_consistent().
bonding: do not allow rlb updates to invalid mac
net/mlx5: Avoid cleaning flow steering table twice during error flow
bonding: send learning packets for vlans on slave
tcp: ignore Fast Open on repair mode
sctp: fix the issue that the cookie-ack with auth can't get processed
sctp: delay the authentication for the duplicated cookie-echo chunk
serial: sccnxp: Fix error handling in sccnxp_probe()
futex: Remove duplicated code and fix undefined behaviour
xfrm: fix xfrm_do_migrate() with AEAD e.g(AES-GCM)
lockd: lost rollback of set_grace_period() in lockd_down_net()
Revert "ARM: dts: imx6qdl-wandboard: Fix audio channel swap"
l2tp: revert "l2tp: fix missing print session offset info"
nfp: TX time stamp packets before HW doorbell is rung
proc: do not access cmdline nor environ from file-backed areas
futex: futex_wake_op, fix sign_extend32 sign bits
kernel/exit.c: avoid undefined behaviour when calling wait4()
Linux 4.9.101
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
commit d70ef22892ed6c066e51e118b225923c9b74af34 upstream.
sign_extend32 counts the sign bit parameter from 0, not from 1. So we
have to use "11" for 12th bit, not "12".
This mistake means we have not allowed negative op and cmp args since
commit 30d6e0a4190d ("futex: Remove duplicated code and fix undefined
behaviour") till now.
Fixes: 30d6e0a4190d ("futex: Remove duplicated code and fix undefined behaviour")
Signed-off-by: Jiri Slaby <jslaby@suse.cz>
Cc: Ingo Molnar <mingo@redhat.com>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Darren Hart <dvhart@infradead.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Some filesystem devices may have hw support for integrity checks.
Repeating the check in software is unnecessary.
Change-Id: I3a487e1714aecd57124f9b032751ee71d6d6dc37
Signed-off-by: Patrick Daly <pdaly@codeaurora.org>
