James Clark [Thu, 26 Nov 2020 14:13:18 +0000 (16:13 +0200)]
perf cpumap: Use existing allocator to avoid using malloc
Use the existing allocator for perf_cpu_map to avoid use of raw malloc.
This could cause an issue in later commits where the size of
perf_cpu_map is changed.
Tiezhu Yang [Wed, 23 Dec 2020 16:13:16 +0000 (13:13 -0300)]
perf tools: Update powerpc's syscall.tbl copy from the kernel sources
This silences the following tools/perf/ build warning:
Warning: Kernel ABI header at 'tools/perf/arch/powerpc/entry/syscalls/syscall.tbl' differs from latest version at 'arch/powerpc/kernel/syscalls/syscall.tbl'
Tiezhu Yang [Fri, 18 Dec 2020 07:59:22 +0000 (15:59 +0800)]
perf s390: Move syscall.tbl check into check-headers.sh
It is better to check syscall.tbl for s390 in check-headers.sh, it is
similar with commit c9b51a017065 ("perf tools: Move syscall_64.tbl check
into check-headers.sh").
Tiezhu Yang [Fri, 18 Dec 2020 07:59:21 +0000 (15:59 +0800)]
perf powerpc: Move syscall.tbl check to check-headers.sh
It is better to check syscall.tbl for powerpc in check-headers.sh, it is
similar with commit c9b51a017065 ("perf tools: Move syscall_64.tbl check
into check-headers.sh").
tools headers UAPI: Synch KVM's svm.h header with the kernel
To pick up the changes from:
d1949b93c60504b3 ("KVM: SVM: Add support for CR8 write traps for an SEV-ES guest") 5b51cb13160ae0ba ("KVM: SVM: Add support for CR4 write traps for an SEV-ES guest") f27ad38aac23263c ("KVM: SVM: Add support for CR0 write traps for an SEV-ES guest") 2985afbcdbb1957a ("KVM: SVM: Add support for EFER write traps for an SEV-ES guest") 291bd20d5d88814a ("KVM: SVM: Add initial support for a VMGEXIT VMEXIT")
Warning: Kernel ABI header at 'tools/arch/x86/include/uapi/asm/svm.h' differs from latest version at 'arch/x86/include/uapi/asm/svm.h'
diff -u tools/arch/x86/include/uapi/asm/svm.h arch/x86/include/uapi/asm/svm.h
tools kvm headers: Update KVM headers from the kernel sources
To pick the changes from:
8d14797b53f044fd ("KVM: arm64: Move 'struct kvm_arch_memory_slot' out of uapi/")
That don't causes any changes in tooling, only addresses this perf build
warning:
Warning: Kernel ABI header at 'tools/arch/arm64/include/uapi/asm/kvm.h' differs from latest version at 'arch/arm64/include/uapi/asm/kvm.h'
diff -u tools/arch/arm64/include/uapi/asm/kvm.h arch/arm64/include/uapi/asm/kvm.h
tools headers UAPI: Sync KVM's vmx.h header with the kernel sources
To pick the changes in:
bf0cd88ce363a2de ("KVM: x86: emulate wait-for-SIPI and SIPI-VMExit")
That makes 'perf kvm-stat' aware of this new SIPI_SIGNAL exit reason,
thus addressing the following perf build warning:
Warning: Kernel ABI header at 'tools/arch/x86/include/uapi/asm/vmx.h' differs from latest version at 'arch/x86/include/uapi/asm/vmx.h'
diff -u tools/arch/x86/include/uapi/asm/vmx.h arch/x86/include/uapi/asm/vmx.h
$ tools/perf/trace/beauty/kvm_ioctl.sh > before
$ cp include/uapi/linux/kvm.h tools/include/uapi/linux/kvm.h
$ cp arch/x86/include/uapi/asm/kvm.h tools/arch/x86/include/uapi/asm/kvm.h
$ tools/perf/trace/beauty/kvm_ioctl.sh > after
$ diff -u before after
--- before 2020-12-21 11:55:45.229737066 -0300
+++ after 2020-12-21 11:55:56.379983393 -0300
@@ -90,6 +90,7 @@
[0xc0] = "CLEAR_DIRTY_LOG",
[0xc1] = "GET_SUPPORTED_HV_CPUID",
[0xc6] = "X86_SET_MSR_FILTER",
+ [0xc7] = "RESET_DIRTY_RINGS",
[0xe0] = "CREATE_DEVICE",
[0xe1] = "SET_DEVICE_ATTR",
[0xe2] = "GET_DEVICE_ATTR",
$
Now one can use that string in filters when tracing ioctls, etc.
And silences this perf build warning:
Warning: Kernel ABI header at 'tools/include/uapi/linux/kvm.h' differs from latest version at 'include/uapi/linux/kvm.h'
diff -u tools/include/uapi/linux/kvm.h include/uapi/linux/kvm.h
Warning: Kernel ABI header at 'tools/arch/x86/include/uapi/asm/kvm.h' differs from latest version at 'arch/x86/include/uapi/asm/kvm.h'
diff -u tools/arch/x86/include/uapi/asm/kvm.h arch/x86/include/uapi/asm/kvm.h
The new MSR has a pattern that wasn't matched to avoid a clash with
IA32_UCODE_REV, change the regex to prefer the more relevant AMD_
prefixed ones to catch this new AMD64_VM_PAGE_FLUSH MSR.
Which causes these parts of tools/perf/ to be rebuilt:
CC /tmp/build/perf/trace/beauty/tracepoints/x86_msr.o
LD /tmp/build/perf/trace/beauty/tracepoints/perf-in.o
LD /tmp/build/perf/trace/beauty/perf-in.o
LD /tmp/build/perf/perf-in.o
LINK /tmp/build/perf/perf
This addresses this perf tools build warning:
diff -u tools/arch/x86/include/asm/msr-index.h arch/x86/include/asm/msr-index.h
Warning: Kernel ABI header at 'tools/arch/x86/include/asm/msr-index.h' differs from latest version at 'arch/x86/include/asm/msr-index.h'
tools headers cpufeatures: Sync with the kernel sources
To pick the changes in:
69372cf01290b958 ("x86/cpu: Add VM page flush MSR availablility as a CPUID feature") e1b35da5e624f8b0 ("x86: Enumerate AVX512 FP16 CPUID feature flag")
That causes only these 'perf bench' objects to rebuild:
CC /tmp/build/perf/bench/mem-memcpy-x86-64-asm.o
CC /tmp/build/perf/bench/mem-memset-x86-64-asm.o
And addresses these perf build warnings:
Warning: Kernel ABI header at 'tools/arch/x86/include/asm/cpufeatures.h' differs from latest version at 'arch/x86/include/asm/cpufeatures.h'
diff -u tools/arch/x86/include/asm/cpufeatures.h arch/x86/include/asm/cpufeatures.h
Warning: Kernel ABI header at 'tools/include/uapi/asm-generic/unistd.h' differs from latest version at 'include/uapi/asm-generic/unistd.h'
diff -u tools/include/uapi/asm-generic/unistd.h include/uapi/asm-generic/unistd.h
Warning: Kernel ABI header at 'tools/perf/arch/x86/entry/syscalls/syscall_64.tbl' differs from latest version at 'arch/x86/entry/syscalls/syscall_64.tbl'
diff -u tools/perf/arch/x86/entry/syscalls/syscall_64.tbl arch/x86/entry/syscalls/syscall_64.tbl
scripts: coccicheck: Correct usage of make coccicheck
The command "make coccicheck C=1 CHECK=scripts/coccicheck" results in the
error:
./scripts/coccicheck: line 65: -1: shift count out of range
This happens because every time the C variable is specified,
the shell arguments need to be "shifted" in order to take only
the last argument, which is the C file to test. These shell arguments
mostly comprise flags that have been set in the Makefile. However,
when coccicheck is specified in the make command as a rule, the
number of shell arguments is zero, thus passing the invalid value -1
to the shift command, resulting in an error.
Modify coccicheck to print correct usage of make coccicheck so as to
avoid the error.
Dave Airlie [Thu, 24 Dec 2020 00:08:10 +0000 (10:08 +1000)]
Merge tag 'drm-misc-next-fixes-2020-12-22' of git://anongit.freedesktop.org/drm/drm-misc into drm-next
Short summary of fixes pull:
* dma-buf: Include <linux/vmalloc.h> for building on MIPS
* komeda: Fix order of operation in commit tail; Fix NULL-pointer and
out-of-bounds access; Cleanups
* ttm: Fix an unused-function warning
Linus Torvalds [Wed, 23 Dec 2020 23:11:08 +0000 (15:11 -0800)]
Merge tag 'sound-fix-5.11-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound
Pull sound fixes from Takashi Iwai:
"A collection of small fixes that came up recently for 5.11.
The majority of fixes are usual HD-audio and USB-audio quirks, with a
few PCM core fixes for addressing the information leak and yet more
UBSAN fixes in the core side"
* tag 'sound-fix-5.11-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound:
ALSA/hda: apply jack fixup for the Acer Veriton N4640G/N6640G/N2510G
ALSA: hda/realtek: Apply jack fixup for Quanta NL3
ALSA: usb-audio: Add implicit feeback support for the BOSS GT-1
ALSA: usb-audio: Add alias entry for ASUS PRIME TRX40 PRO-S
ALSA: core: Remove redundant comments
ALSA: hda/realtek: Add quirk for MSI-GP73
ALSA: pcm: oss: Fix a few more UBSAN fixes
ALSA: pcm: Clear the full allocated memory at hw_params
ALSA: memalloc: Align buffer allocations in page size
ALSA: usb-audio: Disable sample read check if firmware doesn't give back
ALSA: pcm: Remove snd_pcm_lib_preallocate_dma_free()
ALSA: usb-audio: Add VID to support native DSD reproduction on FiiO devices
ALSA: core: memalloc: add page alignment for iram
ALSA: hda/realtek - Supported Dell fixed type headset
ALSA: hda/realtek: Remove dummy lineout on Acer TravelMate P648/P658
Linus Torvalds [Wed, 23 Dec 2020 23:01:49 +0000 (15:01 -0800)]
Merge tag 'linux-watchdog-5.11-rc1' of git://www.linux-watchdog.org/linux-watchdog
Pull watchdog updates from Wim Van Sebroeck:
- Removal of the pnx83xx driver
- Add a binding for A100's watchdog controller
- Add Rockchip compatibles to snps,dw-wdt.yaml
- hpwdt: Disable NMI in Crash Kernel
- Fix potential dereferencing of null pointer in watchdog_core
- Several other small fixes and improvements
* tag 'linux-watchdog-5.11-rc1' of git://www.linux-watchdog.org/linux-watchdog: (23 commits)
watchdog: convert comma to semicolon
watchdog: iTCO_wdt: use dev_*() instead of pr_*() for logging
dt-binding: watchdog: add Rockchip compatibles to snps,dw-wdt.yaml
watchdog: coh901327: add COMMON_CLK dependency
dt-bindings: watchdog: sun4i: Add A100 compatible
watchdog: qcom: Avoid context switch in restart handler
watchdog: iTCO_wdt: use module_platform_device() macro
watchdog: Fix potential dereferencing of null pointer
watchdog: wdat_wdt: Fix missing kerneldoc reported by W=1
watchdog/hpwdt: Reflect changes
watchdog/hpwdt: Disable NMI in Crash Kernel
wdt: sp805: add watchdog_stop on reboot
watchdog: sbc_fitpc2_wdt: add __user annotations
watchdog: geodewdt: remove unneeded break
watchdog: rti-wdt: fix reference leak in rti_wdt_probe
watchdog: qcom_wdt: set WDOG_HW_RUNNING bit when appropriate
watchdog: remove pnx83xx driver
watchdog: stm32_iwdg: don't print an error on probe deferral
watchdog: sprd: change to use usleep_range() instead of busy loop
watchdog: sprd: check busy bit before new loading rather than after that
...
Stylon Wang [Tue, 10 Nov 2020 07:40:06 +0000 (15:40 +0800)]
drm/amd/display: Fix memory leaks in S3 resume
EDID parsing in S3 resume pushes new display modes
to probed_modes list but doesn't consolidate to actual
mode list. This creates a race condition when
amdgpu_dm_connector_ddc_get_modes() re-initializes the
list head without walking the list and results in memory leak.
Alex Deucher [Thu, 17 Dec 2020 17:11:36 +0000 (12:11 -0500)]
drm/amdgpu: only set DP subconnector type on DP and eDP connectors
Fixes a crash in drm_object_property_set_value() because the property
is not set for internal DP ports that connect to a bridge chips
(e.g., DP to VGA or DP to LVDS).
Bug: https://bugzilla.kernel.org/show_bug.cgi?id=210739 Fixes: 65bf2cf95d3ade ("drm/amdgpu: utilize subconnector property for DP through atombios") Tested-By: Kris Karas <[email protected]> Cc: Oleg Vasilev <[email protected]> Signed-off-by: Alex Deucher <[email protected]> Cc: [email protected] # 5.10.x
Jake Wang [Fri, 11 Dec 2020 21:53:57 +0000 (16:53 -0500)]
drm/amd/display: always program DPPDTO unless not safe to lower
[Why]
We defer clock updates to after pipes have been programmed. In
some instances we use DPPCLK that have been previously set to be
"unused". This results in a brief window of time where underflow
could occur.
[How]
During prepare bandwidth allow rn_update_clocks_update_dpp_dto
to check each instance and compare previous clock to new clock.
If new clock is higher than previous clock, program DPPDTO.
Yongqiang Sun [Fri, 11 Dec 2020 20:34:30 +0000 (15:34 -0500)]
drm/amd/display: [FW Promotion] Release 0.0.47
- restore lvtma_pwrseq_delay2 from vbios integrated info table
- restore MVID/NVID after power up.
- Enable timer wake up mask when enable timer interrupt.
Sung Lee [Wed, 9 Dec 2020 19:58:59 +0000 (14:58 -0500)]
drm/amd/display: Acquire DSC during split stream for ODM only if top_pipe
[WHY]
DSC should only be acquired per OPP. Therefore, DSC should only
be acquired for the top_pipe when ODM is enabled.
Not doing this check may lead to acquiring more DSC's than needed
when doing MPO + ODM Combine.
Yongqiang Sun [Wed, 9 Dec 2020 21:56:51 +0000 (16:56 -0500)]
drm/amd/display: change SMU repsonse timeout to 2s.
[Why]
there is some garbage showing up during reboot test.
Reason:
SMU might handle display driver msg defered and driver will send
next msg to SMU after 10ms timeout, once SMU FW handle previous msg,
parameters are changed to next one, which result in a wrong value be programmed.
[How]
Extend timeout to 2s so SMU will have enough time to handle driver msg.
Martin Tsai [Thu, 3 Dec 2020 02:47:11 +0000 (10:47 +0800)]
drm/amd/display: Modify the hdcp device count check condition
[why]
Some MST display may not report the internal panel to DEVICE_COUNT,
that makes the check condition always failed.
[how]
To update this condition with the reported device count + 1
(because the immediate repeater's internal panel is possibly
not included in DEVICE_COUNT)
Wesley Chalmers [Mon, 7 Dec 2020 16:46:08 +0000 (11:46 -0500)]
drm/amd/display: Interfaces for hubp blank and soft reset
[WHY]
HUBP blanking sequence on DCN30 requires us to check if HUBP is in blank
and also toggle HUBP_DISABLE, which should instead be called
HUBP_SOFT_RESET for what it does in HW.
Qingqing Zhuo [Fri, 4 Dec 2020 15:55:13 +0000 (10:55 -0500)]
drm/amd/display: handler not correctly checked at remove_irq_handler
[why]
handler is supposedly passed in as a function pointer;
however, the entire struct amdgpu_dm_irq_handler_data
gets from the list is used to check match.
[how]
use the interrupt_handler within amdgpu_dm_irq_handler_data
for checking match.
Hawking Zhang [Sat, 21 Nov 2020 13:01:47 +0000 (21:01 +0800)]
drm/amdgpu: check number of gfx ring before init cp gfx
Check number of gfx ring, rather than asic type,
before cp gfx engine initialization so driver just
need to make sure number of gfx ring is initialized
correctly in gfx early_init phase. No need to add
additional asic type check everywhere when there is
new asic with gfx pipe removed.
Yi Li [Wed, 23 Dec 2020 15:04:21 +0000 (23:04 +0800)]
bcache:remove a superfluous check in register_bcache
There have no reassign the bdev after check It is IS_ERR.
the double check !IS_ERR(bdev) is superfluous.
After commit 4e7b5671c6a8 ("block: remove i_bdev"),
"Switch the block device lookup interfaces to directly work with a dev_t
so that struct block_device references are only acquired by the
blkdev_get variants (and the blk-cgroup special case). This means that
we now don't need an extra reference in the inode and can generally
simplify handling of struct block_device to keep the lookups contained
in the core block layer code."
so after lookup_bdev call, there no need to do bdput.
remove a superfluous check the bdev & don't call bdput after lookup_bdev.
crypto: keembay - CRYPTO_DEV_KEEMBAY_OCS_AES_SM4 should depend on ARCH_KEEMBAY
The Intel Keem Bay Offload and Crypto Subsystem (OCS) is only present on
Intel Keem Bay SoCs. Hence add a dependency on ARCH_KEEMBAY, to prevent
asking the user about this driver when configuring a kernel without
Intel Keem Bay platform support.
While at it, fix a misspelling of "cipher".
Fixes: 88574332451380f4 ("crypto: keembay - Add support for Keem Bay OCS AES/SM4") Signed-off-by: Geert Uytterhoeven <[email protected]> Acked-by: Daniele Alessandrelli <[email protected]> Signed-off-by: Herbert Xu <[email protected]>
Xiaoguang Wang [Mon, 14 Dec 2020 15:49:41 +0000 (23:49 +0800)]
io_uring: hold uring_lock while completing failed polled io in io_wq_submit_work()
io_iopoll_complete() does not hold completion_lock to complete polled io,
so in io_wq_submit_work(), we can not call io_req_complete() directly, to
complete polled io, otherwise there maybe concurrent access to cqring,
defer_list, etc, which is not safe. Commit dad1b1242fd5 ("io_uring: always
let io_iopoll_complete() complete polled io") has fixed this issue, but
Pavel reported that IOPOLL apart from rw can do buf reg/unreg requests(
IORING_OP_PROVIDE_BUFFERS or IORING_OP_REMOVE_BUFFERS), so the fix is not
good.
Given that io_iopoll_complete() is always called under uring_lock, so here
for polled io, we can also get uring_lock to fix this issue.
Fixes: dad1b1242fd5 ("io_uring: always let io_iopoll_complete() complete polled io") Cc: <[email protected]> # 5.5+ Signed-off-by: Xiaoguang Wang <[email protected]> Reviewed-by: Pavel Begunkov <[email protected]>
[axboe: don't deref 'req' after completing it'] Signed-off-by: Jens Axboe <[email protected]>
Casey Schaufler [Tue, 22 Dec 2020 23:34:24 +0000 (15:34 -0800)]
Smack: Handle io_uring kernel thread privileges
Smack assumes that kernel threads are privileged for smackfs
operations. This was necessary because the credential of the
kernel thread was not related to a user operation. With io_uring
the credential does reflect a user's rights and can be used.
Linus Torvalds [Tue, 22 Dec 2020 22:19:21 +0000 (14:19 -0800)]
Merge tag 'acpi-5.11-rc1-2' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm
Pull more ACPI updates from Rafael Wysocki:
"These make the ACPI enumeration of devices take _DEP information into
account more aggressively, fix device IDs matching in the ACPI part of
the PNP devices framework and update the ACPI code related to
suspend-to-idle to take systems based on AMD hardware into account
properly.
Specifics:
- Modify the ACPI device enumeration code to defer the enumeration of
devices with an _HID whose lists of operation region dependencies
returned by _DEP are not empty after eliminating the entries
representing known-benign dependencies from them (Rafael Wysocki,
Hans de Goede).
- Make the ACPI PNP code mathing device IDs also take the length of
the given ID string into account (Hui Wang).
- Add AMD systems support to the ACPI code handling suspend-to-idle
via the PNP0D80 (System Power Management Controller) device _DSM
interface (Shyam Sundar).
- Move the suspend-to-idle handling code related to the PNP0D80
device _DSM interface, which is x86-specific, to a separate file in
the x86/ subdirectory (Rafael Wysocki)"
* tag 'acpi-5.11-rc1-2' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm:
ACPI: PM: s2idle: Move x86-specific code to the x86 directory
ACPI: scan: Add Intel Baytrail Mailbox Device to acpi_ignore_dep_ids
ACPI: scan: Avoid unnecessary second pass in acpi_bus_scan()
ACPI: scan: Defer enumeration of devices with _DEP lists
ACPI: scan: Evaluate _DEP before adding the device
ACPI: PM: s2idle: Add AMD support to handle _DSM
ACPI: PNP: compare the string length in the matching_id()
Linus Torvalds [Tue, 22 Dec 2020 22:12:10 +0000 (14:12 -0800)]
Merge tag 'pm-5.11-rc1-2' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm
Pull more power management updates from Rafael Wysocki:
"These update the CPPC cpufreq driver and intel_pstate (which involves
updating the cpufreq core and the schedutil governor) and make
janitorial changes in the ACPI code handling processor objects.
Specifics:
- Rework the passive-mode "fast switch" path in the intel_pstate
driver to allow it receive the minimum (required) and target
(desired) performance information from the schedutil governor so as
to avoid running some workloads too fast (Rafael Wysocki).
- Make the intel_pstate driver allow the policy max limit to be
increased after the guaranteed performance value for the given CPU
has increased (Rafael Wysocki).
- Clean up the handling of CPU coordination types in the CPPC cpufreq
driver and make it export frequency domains information to user
space via sysfs (Ionela Voinescu).
- Fix the ACPI code handling processor objects to use a correct
coordination type when it fails to map frequency domains and drop a
redundant CPU map initialization from it (Ionela Voinescu, Punit
Agrawal)"
* tag 'pm-5.11-rc1-2' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm:
cpufreq: intel_pstate: Use most recent guaranteed performance values
cpufreq: intel_pstate: Implement the ->adjust_perf() callback
cpufreq: Add special-purpose fast-switching callback for drivers
cpufreq: schedutil: Add util to struct sg_cpu
cppc_cpufreq: replace per-cpu data array with a list
cppc_cpufreq: expose information on frequency domains
cppc_cpufreq: clarify support for coordination types
cppc_cpufreq: use policy->cpu as driver of frequency setting
ACPI: processor: fix NONE coordination for domain mapping failure
Linus Torvalds [Tue, 22 Dec 2020 22:04:25 +0000 (14:04 -0800)]
Merge tag 'kconfig-v5.11' of git://git.kernel.org/pub/scm/linux/kernel/git/masahiroy/linux-kbuild
Pull Kconfig updates from Masahiro Yamada:
- Support only Qt5 for qconf
- Validate signal/slot connection at compile time of qconf
- Sanitize header includes
* tag 'kconfig-v5.11' of git://git.kernel.org/pub/scm/linux/kernel/git/masahiroy/linux-kbuild:
kconfig: doc: fix $(fileno) to $(filename)
kconfig: fix return value of do_error_if()
kconfig: clean up header inclusion
kconfig: qconf: show Qt version in the About dialog
kconfig: make lkc.h self-sufficient #include-wise
kconfig: qconf: convert to Qt5 new signal/slot connection syntax
kconfig: qconf: use a variable to pass packages to pkg-config
kconfig: qconf: drop Qt4 support
Linus Torvalds [Tue, 22 Dec 2020 21:38:17 +0000 (13:38 -0800)]
Merge branch 'akpm' (patches from Andrew)
Merge KASAN updates from Andrew Morton.
This adds a new hardware tag-based mode to KASAN. The new mode is
similar to the existing software tag-based KASAN, but relies on arm64
Memory Tagging Extension (MTE) to perform memory and pointer tagging
(instead of shadow memory and compiler instrumentation).
By Andrey Konovalov and Vincenzo Frascino.
* emailed patches from Andrew Morton <[email protected]>: (60 commits)
kasan: update documentation
kasan, mm: allow cache merging with no metadata
kasan: sanitize objects when metadata doesn't fit
kasan: clarify comment in __kasan_kfree_large
kasan: simplify assign_tag and set_tag calls
kasan: don't round_up too much
kasan, mm: rename kasan_poison_kfree
kasan, mm: check kasan_enabled in annotations
kasan: add and integrate kasan boot parameters
kasan: inline (un)poison_range and check_invalid_free
kasan: open-code kasan_unpoison_slab
kasan: inline random_tag for HW_TAGS
kasan: inline kasan_reset_tag for tag-based modes
kasan: remove __kasan_unpoison_stack
kasan: allow VMAP_STACK for HW_TAGS mode
kasan, arm64: unpoison stack only with CONFIG_KASAN_STACK
kasan: introduce set_alloc_info
kasan: rename get_alloc/free_info
kasan: simplify quarantine_put call site
kselftest/arm64: check GCR_EL1 after context switch
...
Linus Torvalds [Tue, 22 Dec 2020 21:34:27 +0000 (13:34 -0800)]
Merge tag 'for-linus' of git://git.armlinux.org.uk/~rmk/linux
Pull ARM updates from Russell King:
- Rework phys/virt translation
- Add KASan support
- Move DT out of linear map region
- Use more PC-relative addressing in assembly
- Remove FP emulation handling while in kernel mode
- Link with '-z norelro'
- remove old check for GCC <= 4.2 in ARM unwinder code
- disable big endian if using clang's linker
* tag 'for-linus' of git://git.armlinux.org.uk/~rmk/linux-arm: (46 commits)
ARM: 9027/1: head.S: explicitly map DT even if it lives in the first physical section
ARM: 9038/1: Link with '-z norelro'
ARM: 9037/1: uncompress: Add OF_DT_MAGIC macro
ARM: 9036/1: uncompress: Fix dbgadtb size parameter name
ARM: 9035/1: uncompress: Add be32tocpu macro
ARM: 9033/1: arm/smp: Drop the macro S(x,s)
ARM: 9032/1: arm/mm: Convert PUD level pgtable helper macros into functions
ARM: 9031/1: hyp-stub: remove unused .L__boot_cpu_mode_offset symbol
ARM: 9044/1: vfp: use undef hook for VFP support detection
ARM: 9034/1: __div64_32(): straighten up inline asm constraints
ARM: 9030/1: entry: omit FP emulation for UND exceptions taken in kernel mode
ARM: 9029/1: Make iwmmxt.S support Clang's integrated assembler
ARM: 9028/1: disable KASAN in call stack capturing routines
ARM: 9026/1: unwind: remove old check for GCC <= 4.2
ARM: 9025/1: Kconfig: CPU_BIG_ENDIAN depends on !LD_IS_LLD
ARM: 9024/1: Drop useless cast of "u64" to "long long"
ARM: 9023/1: Spelling s/mmeory/memory/
ARM: 9022/1: Change arch/arm/lib/mem*.S to use WEAK instead of .weak
ARM: kvm: replace open coded VA->PA calculations with adr_l call
ARM: head.S: use PC relative insn sequence to calculate PHYS_OFFSET
...
Linus Torvalds [Tue, 22 Dec 2020 21:27:21 +0000 (13:27 -0800)]
Merge tag 'for-5.11/dm-changes' of git://git.kernel.org/pub/scm/linux/kernel/git/device-mapper/linux-dm
Pull device mapper updates from Mike Snitzer:
- Add DM verity support for signature verification with 2nd keyring
- Fix DM verity to skip verity work if IO completes with error while
system is shutting down
- Add new DM multipath "IO affinity" path selector that maps IO
destined to a given path to a specific CPU based on user provided
mapping
- Rename DM multipath path selector source files to have "dm-ps" prefix
- Add REQ_NOWAIT support to some other simple DM targets that don't
block in more elaborate ways waiting for IO
- Export DM crypt's kcryptd workqueue via sysfs (WQ_SYSFS)
- Fix error return code in DM's target_message() if empty message is
received
- A handful of other small cleanups
* tag 'for-5.11/dm-changes' of git://git.kernel.org/pub/scm/linux/kernel/git/device-mapper/linux-dm:
dm cache: simplify the return expression of load_mapping()
dm ebs: avoid double unlikely() notation when using IS_ERR()
dm verity: skip verity work if I/O error when system is shutting down
dm crypt: export sysfs of kcryptd workqueue
dm ioctl: fix error return code in target_message
dm crypt: Constify static crypt_iv_operations
dm: add support for REQ_NOWAIT to various targets
dm: rename multipath path selector source files to have "dm-ps" prefix
dm mpath: add IO affinity path selector
dm verity: Add support for signature verification with 2nd keyring
dm: remove unnecessary current->bio_list check when submitting split bio
Linus Torvalds [Tue, 22 Dec 2020 21:24:33 +0000 (13:24 -0800)]
Merge tag 'hwmon-for-v5.11-take2' of git://git.kernel.org/pub/scm/linux/kernel/git/groeck/linux-staging
Pull another hwmon update from Guenter Roeck:
"The only patch in this series is removal of voltage and current
reporting for AMD Zen CPUs.
Turns out that was not worth the trouble, because it's all
undocumented and not maintainable"
* tag 'hwmon-for-v5.11-take2' of git://git.kernel.org/pub/scm/linux/kernel/git/groeck/linux-staging:
hwmon: (k10temp) Remove support for displaying voltage and current on Zen CPUs
Linus Torvalds [Tue, 22 Dec 2020 21:19:43 +0000 (13:19 -0800)]
Merge tag 'dma-mapping-5.11' of git://git.infradead.org/users/hch/dma-mapping
Pull dma-mapping updates from Christoph Hellwig:
- support for a partial IOMMU bypass (Alexey Kardashevskiy)
- add a DMA API benchmark (Barry Song)
- misc fixes (Tiezhu Yang, tangjianqiang)
* tag 'dma-mapping-5.11' of git://git.infradead.org/users/hch/dma-mapping:
selftests/dma: add test application for DMA_MAP_BENCHMARK
dma-mapping: add benchmark support for streaming DMA APIs
dma-contiguous: fix a typo error in a comment
dma-pool: no need to check return value of debugfs_create functions
powerpc/dma: Fallback to dma_ops when persistent memory present
dma-mapping: Allow mixing bypass and mapped DMA operation
Andi Kleen [Tue, 22 Dec 2020 17:40:10 +0000 (09:40 -0800)]
x86/split-lock: Avoid returning with interrupts enabled
When a split lock is detected always make sure to disable interrupts
before returning from the trap handler.
The kernel exit code assumes that all exits run with interrupts
disabled, otherwise the SWAPGS sequence can race against interrupts and
cause recursing page faults and later panics.
The problem will only happen on CPUs with split lock disable
functionality, so Icelake Server, Tiger Lake, Snow Ridge, Jacobsville.
Fixes: ca4c6a9858c2 ("x86/traps: Make interrupt enable/disable symmetric in C code") Fixes: bce9b042ec73 ("x86/traps: Disable interrupts in exc_aligment_check()") # v5.8+ Signed-off-by: Andi Kleen <[email protected]> Cc: Peter Zijlstra <[email protected]> Cc: Fenghua Yu <[email protected]> Cc: Tony Luck <[email protected]> Reviewed-by: Thomas Gleixner <[email protected]> Signed-off-by: Linus Torvalds <[email protected]>
Andrey Konovalov [Tue, 22 Dec 2020 20:03:35 +0000 (12:03 -0800)]
kasan: update documentation
This change updates KASAN documentation to reflect the addition of boot
parameters and also reworks and clarifies some of the existing sections,
in particular: defines what a memory granule is, mentions quarantine,
makes Kunit section more readable.
Andrey Konovalov [Tue, 22 Dec 2020 20:03:31 +0000 (12:03 -0800)]
kasan, mm: allow cache merging with no metadata
The reason cache merging is disabled with KASAN is because KASAN puts its
metadata right after the allocated object. When the merged caches have
slightly different sizes, the metadata ends up in different places, which
KASAN doesn't support.
It might be possible to adjust the metadata allocation algorithm and make
it friendly to the cache merging code. Instead this change takes a simpler
approach and allows merging caches when no metadata is present. Which is
the case for hardware tag-based KASAN with kasan.mode=prod.
Andrey Konovalov [Tue, 22 Dec 2020 20:03:28 +0000 (12:03 -0800)]
kasan: sanitize objects when metadata doesn't fit
KASAN marks caches that are sanitized with the SLAB_KASAN cache flag.
Currently if the metadata that is appended after the object (stores e.g.
stack trace ids) doesn't fit into KMALLOC_MAX_SIZE (can only happen with
SLAB, see the comment in the patch), KASAN turns off sanitization
completely.
With this change sanitization of the object data is always enabled.
However the metadata is only stored when it fits. Instead of checking for
SLAB_KASAN flag accross the code to find out whether the metadata is
there, use cache->kasan_info.alloc/free_meta_offset. As 0 can be a valid
value for free_meta_offset, introduce KASAN_NO_FREE_META as an indicator
that the free metadata is missing.
Without this change all sanitized KASAN objects would be put into
quarantine with generic KASAN. With this change, only the objects that
have metadata (i.e. when it fits) are put into quarantine, the rest is
freed right away.
Along the way rework __kasan_cache_create() and add claryfying comments.
Andrey Konovalov [Tue, 22 Dec 2020 20:03:20 +0000 (12:03 -0800)]
kasan: simplify assign_tag and set_tag calls
set_tag() already ignores the tag for the generic mode, so just call it
as is. Add a check for the generic mode to assign_tag(), and simplify its
call in ____kasan_kmalloc().
Andrey Konovalov [Tue, 22 Dec 2020 20:03:17 +0000 (12:03 -0800)]
kasan: don't round_up too much
For hardware tag-based mode kasan_poison_memory() already rounds up the
size. Do the same for software modes and remove round_up() from the common
code.
Andrey Konovalov [Tue, 22 Dec 2020 20:03:13 +0000 (12:03 -0800)]
kasan, mm: rename kasan_poison_kfree
Rename kasan_poison_kfree() to kasan_slab_free_mempool() as it better
reflects what this annotation does. Also add a comment that explains the
PageSlab() check.
Andrey Konovalov [Tue, 22 Dec 2020 20:03:10 +0000 (12:03 -0800)]
kasan, mm: check kasan_enabled in annotations
Declare the kasan_enabled static key in include/linux/kasan.h and in
include/linux/mm.h and check it in all kasan annotations. This allows to
avoid any slowdown caused by function calls when kasan_enabled is
disabled.
Andrey Konovalov [Tue, 22 Dec 2020 20:03:06 +0000 (12:03 -0800)]
kasan: add and integrate kasan boot parameters
Hardware tag-based KASAN mode is intended to eventually be used in
production as a security mitigation. Therefore there's a need for finer
control over KASAN features and for an existence of a kill switch.
This change adds a few boot parameters for hardware tag-based KASAN that
allow to disable or otherwise control particular KASAN features.
The features that can be controlled are:
1. Whether KASAN is enabled at all.
2. Whether KASAN collects and saves alloc/free stacks.
3. Whether KASAN panics on a detected bug or not.
With this change a new boot parameter kasan.mode allows to choose one of
three main modes:
- kasan.mode=off - KASAN is disabled, no tag checks are performed
- kasan.mode=prod - only essential production features are enabled
- kasan.mode=full - all KASAN features are enabled
The chosen mode provides default control values for the features mentioned
above. However it's also possible to override the default values by
providing:
- kasan.stacktrace=off/on - enable alloc/free stack collection
(default: on for mode=full, otherwise off)
- kasan.fault=report/panic - only report tag fault or also panic
(default: report)
If kasan.mode parameter is not provided, it defaults to full when
CONFIG_DEBUG_KERNEL is enabled, and to prod otherwise.
It is essential that switching between these modes doesn't require
rebuilding the kernel with different configs, as this is required by
the Android GKI (Generic Kernel Image) initiative [1].
Andrey Konovalov [Tue, 22 Dec 2020 20:03:03 +0000 (12:03 -0800)]
kasan: inline (un)poison_range and check_invalid_free
Using (un)poison_range() or check_invalid_free() currently results in
function calls. Move their definitions to mm/kasan/kasan.h and turn them
into static inline functions for hardware tag-based mode to avoid
unneeded function calls.
Andrey Konovalov [Tue, 22 Dec 2020 20:02:59 +0000 (12:02 -0800)]
kasan: open-code kasan_unpoison_slab
There's the external annotation kasan_unpoison_slab() that is currently
defined as static inline and uses kasan_unpoison_range(). Open-code this
function in mempool.c. Otherwise with an upcoming change this function
will result in an unnecessary function call.
Andrey Konovalov [Tue, 22 Dec 2020 20:02:56 +0000 (12:02 -0800)]
kasan: inline random_tag for HW_TAGS
Using random_tag() currently results in a function call. Move its
definition to mm/kasan/kasan.h and turn it into a static inline function
for hardware tag-based mode to avoid uneeded function calls.
Andrey Konovalov [Tue, 22 Dec 2020 20:02:52 +0000 (12:02 -0800)]
kasan: inline kasan_reset_tag for tag-based modes
Using kasan_reset_tag() currently results in a function call. As it's
called quite often from the allocator code, this leads to a noticeable
slowdown. Move it to include/linux/kasan.h and turn it into a static
inline function. Also remove the now unneeded reset_tag() internal KASAN
macro and use kasan_reset_tag() instead.
Andrey Konovalov [Tue, 22 Dec 2020 20:02:45 +0000 (12:02 -0800)]
kasan: allow VMAP_STACK for HW_TAGS mode
Even though hardware tag-based mode currently doesn't support checking
vmalloc allocations, it doesn't use shadow memory and works with
VMAP_STACK as is. Change VMAP_STACK definition accordingly.
Andrey Konovalov [Tue, 22 Dec 2020 20:02:42 +0000 (12:02 -0800)]
kasan, arm64: unpoison stack only with CONFIG_KASAN_STACK
There's a config option CONFIG_KASAN_STACK that has to be enabled for
KASAN to use stack instrumentation and perform validity checks for
stack variables.
There's no need to unpoison stack when CONFIG_KASAN_STACK is not enabled.
Only call kasan_unpoison_task_stack[_below]() when CONFIG_KASAN_STACK is
enabled.
Note, that CONFIG_KASAN_STACK is an option that is currently always
defined when CONFIG_KASAN is enabled, and therefore has to be tested
with #if instead of #ifdef.
Andrey Konovalov [Tue, 22 Dec 2020 20:02:34 +0000 (12:02 -0800)]
kasan: rename get_alloc/free_info
Rename get_alloc_info() and get_free_info() to kasan_get_alloc_meta() and
kasan_get_free_meta() to better reflect what those do and avoid confusion
with kasan_set_free_info().
Andrey Konovalov [Tue, 22 Dec 2020 20:02:31 +0000 (12:02 -0800)]
kasan: simplify quarantine_put call site
Patch series "kasan: boot parameters for hardware tag-based mode", v4.
=== Overview
Hardware tag-based KASAN mode [1] is intended to eventually be used in
production as a security mitigation. Therefore there's a need for finer
control over KASAN features and for an existence of a kill switch.
This patchset adds a few boot parameters for hardware tag-based KASAN that
allow to disable or otherwise control particular KASAN features, as well
as provides some initial optimizations for running KASAN in production.
There's another planned patchset what will further optimize hardware
tag-based KASAN, provide proper benchmarking and tests, and will fully
enable tag-based KASAN for production use.
Hardware tag-based KASAN relies on arm64 Memory Tagging Extension (MTE)
[2] to perform memory and pointer tagging. Please see [3] and [4] for
detailed analysis of how MTE helps to fight memory safety problems.
The features that can be controlled are:
1. Whether KASAN is enabled at all.
2. Whether KASAN collects and saves alloc/free stacks.
3. Whether KASAN panics on a detected bug or not.
The patch titled "kasan: add and integrate kasan boot parameters" of this
series adds a few new boot parameters.
kasan.mode allows to choose one of three main modes:
- kasan.mode=off - KASAN is disabled, no tag checks are performed
- kasan.mode=prod - only essential production features are enabled
- kasan.mode=full - all KASAN features are enabled
The chosen mode provides default control values for the features mentioned
above. However it's also possible to override the default values by
providing:
- kasan.stacktrace=off/on - enable stacks collection
(default: on for mode=full, otherwise off)
- kasan.fault=report/panic - only report tag fault or also panic
(default: report)
If kasan.mode parameter is not provided, it defaults to full when
CONFIG_DEBUG_KERNEL is enabled, and to prod otherwise.
It is essential that switching between these modes doesn't require
rebuilding the kernel with different configs, as this is required by
the Android GKI (Generic Kernel Image) initiative.
=== Benchmarks
For now I've only performed a few simple benchmarks such as measuring
kernel boot time and slab memory usage after boot. There's an upcoming
patchset which will optimize KASAN further and include more detailed
benchmarking results.
The benchmarks were performed in QEMU and the results below exclude the
slowdown caused by QEMU memory tagging emulation (as it's different from
the slowdown that will be introduced by hardware and is therefore
irrelevant).
KASAN_HW_TAGS=y + kasan.mode=off introduces no performance or memory
impact compared to KASAN_HW_TAGS=n.
kasan.mode=prod (manually excluding tagging) introduces 3% of performance
and no memory impact (except memory used by hardware to store tags)
compared to kasan.mode=off.
kasan.mode=full has about 40% performance and 30% memory impact over
kasan.mode=prod. Both come from alloc/free stack collection.
kselftest/arm64: check GCR_EL1 after context switch
This test is specific to MTE and verifies that the GCR_EL1 register is
context switched correctly.
It spawns 1024 processes and each process spawns 5 threads. Each thread
writes a random setting of GCR_EL1 through the prctl() system call and
reads it back verifying that it is the same. If the values are not the
same it reports a failure.
Note: The test has been extended to verify that even SYNC and ASYNC mode
setting is preserved correctly over context switching.
Andrey Konovalov [Tue, 22 Dec 2020 20:02:17 +0000 (12:02 -0800)]
kasan, mm: reset tags when accessing metadata
Kernel allocator code accesses metadata for slab objects, that may lie
out-of-bounds of the object itself, or be accessed when an object is
freed. Such accesses trigger tag faults and lead to false-positive
reports with hardware tag-based KASAN.
Software KASAN modes disable instrumentation for allocator code via
KASAN_SANITIZE Makefile macro, and rely on kasan_enable/disable_current()
annotations which are used to ignore KASAN reports.
With hardware tag-based KASAN neither of those options are available, as
it doesn't use compiler instrumetation, no tag faults are ignored, and MTE
is disabled after the first one.
Instead, reset tags when accessing metadata (currently only for SLUB).
Andrey Konovalov [Tue, 22 Dec 2020 20:02:13 +0000 (12:02 -0800)]
kasan, arm64: print report from tag fault handler
Add error reporting for hardware tag-based KASAN. When
CONFIG_KASAN_HW_TAGS is enabled, print KASAN report from the arm64 tag
fault handler.
SAS bits aren't set in ESR for all faults reported in EL1, so it's
impossible to find out the size of the access the caused the fault. Adapt
KASAN reporting code to handle this case.
Andrey Konovalov [Tue, 22 Dec 2020 20:02:10 +0000 (12:02 -0800)]
kasan, arm64: implement HW_TAGS runtime
Provide implementation of KASAN functions required for the hardware
tag-based mode. Those include core functions for memory and pointer
tagging (tags_hw.c) and bug reporting (report_tags_hw.c). Also adapt
common KASAN code to support the new mode.
Andrey Konovalov [Tue, 22 Dec 2020 20:02:06 +0000 (12:02 -0800)]
kasan, arm64: expand CONFIG_KASAN checks
Some #ifdef CONFIG_KASAN checks are only relevant for software KASAN modes
(either related to shadow memory or compiler instrumentation). Expand
those into CONFIG_KASAN_GENERIC || CONFIG_KASAN_SW_TAGS.
Andrey Konovalov [Tue, 22 Dec 2020 20:01:56 +0000 (12:01 -0800)]
arm64: kasan: add arch layer for memory tagging helpers
This patch add a set of arch_*() memory tagging helpers currently only
defined for arm64 when hardware tag-based KASAN is enabled. These helpers
will be used by KASAN runtime to implement the hardware tag-based mode.
The arch-level indirection level is introduced to simplify adding hardware
tag-based KASAN support for other architectures in the future by defining
the appropriate arch_*() macros.
Andrey Konovalov [Tue, 22 Dec 2020 20:01:52 +0000 (12:01 -0800)]
arm64: kasan: align allocations for HW_TAGS
Hardware tag-based KASAN uses the memory tagging approach, which requires
all allocations to be aligned to the memory granule size. Align the
allocations to MTE_GRANULE_SIZE via ARCH_SLAB_MINALIGN when
CONFIG_KASAN_HW_TAGS is enabled.
kasan, mm: untag page address in free_reserved_area
free_reserved_area() memsets the pages belonging to a given memory area.
As that memory hasn't been allocated via page_alloc, the KASAN tags that
those pages have are 0x00. As the result the memset might result in a tag
mismatch.
arm64: mte: switch GCR_EL1 in kernel entry and exit
When MTE is present, the GCR_EL1 register contains the tags mask that
allows to exclude tags from the random generation via the IRG instruction.
With the introduction of the new Tag-Based KASAN API that provides a
mechanism to reserve tags for special reasons, the MTE implementation has
to make sure that the GCR_EL1 setting for the kernel does not affect the
userspace processes and viceversa.
Save and restore the kernel/user mask in GCR_EL1 in kernel entry and exit.
projects / linux.git / log