)]}' { "log": [ { "commit": "53b4f1f0348a4e335fe05906c13591c340d81a4e", "tree": "9142eaf20cc68108f3da6672774ccdf0b3f1b2ea", "parents": [ "12cc41c1fae385eb8ceaff6964a155595c98a815" ], "author": { "name": "Willy Tarreau", "email": "w@1wt.eu", "time": "Mon Jan 18 16:36:09 2016 +0100" }, "committer": { "name": "Nick Reuter", "email": "nreuter85@gmail.com", "time": "Fri Aug 05 02:07:58 2016 -0500" }, "message": "pipe: limit the per-user amount of pages allocated in pipes\n\nOn no-so-small systems, it is possible for a single process to cause an\nOOM condition by filling large pipes with data that are never read. A\ntypical process filling 4000 pipes with 1 MB of data will use 4 GB of\nmemory. On small systems it may be tricky to set the pipe max size to\nprevent this from happening.\n\nThis patch makes it possible to enforce a per-user soft limit above\nwhich new pipes will be limited to a single page, effectively limiting\nthem to 4 kB each, as well as a hard limit above which no new pipes may\nbe created for this user. This has the effect of protecting the system\nagainst memory abuse without hurting other users, and still allowing\npipes to work correctly though with less data at once.\n\nThe limit are controlled by two new sysctls : pipe-user-pages-soft, and\npipe-user-pages-hard. Both may be disabled by setting them to zero. The\ndefault soft limit allows the default number of FDs per process (1024)\nto create pipes of the default size (64kB), thus reaching a limit of 64MB\nbefore starting to create only smaller pipes. With 256 processes limited\nto 1024 FDs each, this results in 1024*64kB + (256*1024 - 1024) * 4kB \u003d\n1084 MB of memory allocated for a user. The hard limit is disabled by\ndefault to avoid breaking existing applications that make intensive use\nof pipes (eg: for splicing).\n\nReported-by: socketpair@gmail.com\nReported-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nMitigates: CVE-2013-4312 (Linux 2.0+)\nSuggested-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\nSigned-off-by: Willy Tarreau \u003cw@1wt.eu\u003e\nSigned-off-by: Al Viro \u003cviro@zeniv.linux.org.uk\u003e\n\nConflicts:\n\tDocumentation/sysctl/fs.txt\n\tfs/pipe.c\n\tinclude/linux/sched.h\n\nChange-Id: Ic7c678af18129943e16715fdaa64a97a7f0854be\nSigned-off-by: SteadyQuad \u003cSteadyQuad@gmail.com\u003e\n" }, { "commit": "c731a27c67d5200f71ba78613b2e7ad87284d1e7", "tree": "dfd4e5af6eaa62f7878f60fcefa5ec845023694f", "parents": [ "dbc29455e7c6c0cfd8f15d4586ef67acfd3e55ca" ], "author": { "name": "Felix Fietkau", "email": "nbd@openwrt.org", "time": "Fri May 04 21:08:33 2012 -0700" }, "committer": { "name": "William Bellavance", "email": "flintman@flintmancomputers.com", "time": "Wed Jul 13 07:02:28 2016 -0400" }, "message": "timer: optimize apply_slack()\n\n__fls(mask) is equivalent to find_last_bit(\u0026mask, BITS_PER_LONG), but cheaper.\nfind_last_bit was showing up high on the list when I was profiling for stalls\non icache misses on a system with very small cache size (MIPS).\n\nSigned-off-by: Felix Fietkau \u003cnbd@openwrt.org\u003e\nSigned-off-by: edoko \u003cr_data@naver.com\u003e\n\nChange-Id: I8a5021a2fb2936c00ffd456663a76cb1b23e3100\n" }, { "commit": "4cb0dcdcf19bb2a1928675b042a85cb91cc293b5", "tree": "0c3c993240191799272be738fe2594a399eab3d8", "parents": [ "582bdf5b0c1ab084e9fc3b0ee9a42da92a242039", "4a3ed04b969fb3e062ab11a4ce0856744be1203b" ], "author": { "name": "Nick Reuter", "email": "nreuter85@gmail.com", "time": "Thu May 19 13:12:59 2016 -0500" }, "committer": { "name": "Nick Reuter", "email": "nreuter85@gmail.com", "time": "Thu May 19 13:13:07 2016 -0500" }, "message": "Merge remote-tracking branch \u0027caf/LA.AF.1.1_rb1.18\u0027 into HEAD\n\nChange-Id: I5ff7ee6a8875318a6bd8e9a7e3828f629c6a3d1c\n" }, { "commit": "766ce4e5a952510f9f27511cbfecc884bf5147cd", "tree": "93ad1970e254fc3b1fb0650a4dc449d86ad5114e", "parents": [ "3bc527393379fcd740cc66c700da808abdbf5a5d" ], "author": { "name": "Ivan Grinko", "email": "iivanich@gmail.com", "time": "Thu Apr 28 22:06:41 2016 +0300" }, "committer": { "name": "William Bellavance", "email": "flintman@flintmancomputers.com", "time": "Tue May 17 08:03:16 2016 -0400" }, "message": "Linux 3.4.112\n\nhttps://cdn.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.112\n\nChange-Id: Ic146bc84c10ebcfe256eb6bffa8ffef44c9a1d38\n" }, { "commit": "0cf007169665bc6c8eeca0e9089ef0e805c2ac42", "tree": "82a470f9ef259808f9d063d24c860bfab5da3809", "parents": [ "25bec49c55f487637b2f9550b6e04ffb51c5863f" ], "author": { "name": "Ivan Grinko", "email": "iivanich@gmail.com", "time": "Thu Mar 24 09:39:37 2016 +0200" }, "committer": { "name": "William Bellavance", "email": "flintman@flintmancomputers.com", "time": "Tue May 17 07:52:15 2016 -0400" }, "message": "Linux 3.4.111\n" }, { "commit": "60489ce5993943a898684e790de90f2f684a50b0", "tree": "92d7e37d43a6f22ac211d1d4d3f97802099dfbf5", "parents": [ "981442090d47101c6cc4f1146021c827ff13a4b4" ], "author": { "name": "Paul Reioux", "email": "reioux@gmail.com", "time": "Mon Jan 04 23:31:47 2016 -0600" }, "committer": { "name": "William Bellavance", "email": "flintman@flintmancomputers.com", "time": "Tue May 17 07:50:24 2016 -0400" }, "message": "Add IntelliPlug hotplug 3.8\n\nintelli_plug: intelligent hotplug cpu driver with eco mode\n\nChange-Id: Ic598c947232f98779cfe129f63bee24d2c8514ac\nSigned-off-by: Paul Reioux \u003creioux@gmail.com\u003e\n\nintelli_plug: tweak for faster wakeup from suspend\n\nbump version to 1.1\n\nSigned-off-by: faux123 \u003creioux@gmail.com\u003e\n\nintelli_plug: increase cores on persistence\n\nalso replace hardcoded values with Macros for ease of updating later\n\nSigned-off-by: faux123 \u003creioux@gmail.com\u003e\n\nintelli_plug: make it gcc-4.6.x eabi compatible :p\n\nSigned-off-by: faux123 \u003creioux@gmail.com\u003e\n\nintelli_plug: use rq_stats to help detect artificial or constant loads\n\nbenchmarks often create fake / artificial loads at a constant rate. These\ntype of loads are not detected corectly by run average algorithms. Use\nthe run queue stats to help detect these cases and bring up the cores in\ncorrespondence.\n\nbump version to 1.2\n\nSigned-off-by: faux123 \u003creioux@gmail.com\u003e\n\nintelli_plug: use mp_decision() algorithm for core 3 and 4\n\nThis replaces the simplistic check for run queue thresholds with a more\nsophisticate algorithm with time awareness\n\nbump version to 1.3\n\nSigned-off-by: faux123 \u003creioux@gmail.com\u003e\n\nintelli_plug: tweak mp_decsion parameters and remove unused logic\n\nSigned-off-by: faux123 \u003creioux@gmail.com\u003e\n\nintelli_plug: bump threshold slightly for better response\n\nSigned-off-by: faux123 \u003creioux@gmail.com\u003e\n\nwip: intelli_plug: change logic for better benchmark performance\n\nSigned-off-by: faux123 \u003creioux@gmail.com\u003e\n\nintelli_plug: use mp_decision to reduce online persistence count for cores\n\nthis should bring down the cores faster when run queue is low\nalso optimized code a bit using local vars\n\nSigned-off-by: faux123 \u003creioux@gmail.com\u003e\n\nintelli_plug: disable by default\n\nlet the user enable via sysfs so it won\u0027t clash with mpdecision which is\nenabled by default for qualcomm phones\n\nSigned-off-by: faux123 \u003creioux@gmail.com\u003e\n\nintelli_plug: slow down hotplug activity from 50ms to 200ms\n\nthis will reduce the hotplug chaos which may in turn save more power\n\nSigned-off-by: faux123 \u003creioux@gmail.com\u003e\n\nConflicts:\n\tarch/arm/mach-msm/intelli_plug.c\n\nintelli_plug: code clean up and minor bug fixes\n\nbump to version 1.6\n\nSigned-off-by: Paul Reioux \u003creioux@gmail.com\u003e\n\nintelliplug: replaced deprecated early_suspend driver with userspace interface\n\nearly_suspend has been deprecated, so move original functionality to sysfs\ninterfae and have userspace app to replicate the early_suspend functionality\n\nbump version to 1.7\n\nSigned-off-by: Paul Reioux \u003creioux@gmail.com\u003e\n\nintelli_plug: add dynamic load sampling rate logic\n\nAdd dynamic sampling logic based on load. If load is high and required more\nthan 2 cores, increase the sampling rate for a duration of 3 seconds to help\nmanage the load better during this time. Once duration expires, revert back\nto lazier sampling rate for better batter performance.\n\nSigned-off-by: Paul Reioux \u003creioux@gmail.com\u003e\n\nintelli_plug: add new power_suspend PM driver\n\nbump version to 1.9\n\nSigned-off-by: Paul Reioux \u003creioux@gmail.com\u003e\n\nintelli_plug: add touch input logic\n\nchanged intelli_plug sampling rates and bump to version 2.0\n\nSigned-off-by: Paul Reioux \u003creioux@gmail.com\u003e\n\nintelli_plug: use a context safe function call instead\n\nSigned-off-by: Paul Reioux \u003creioux@gmail.com\u003e\n\nintelli_plug: performance tune-up continued...\n\nSigned-off-by: Paul Reioux \u003creioux@gmail.com\u003e\n\nintelli_plug: switch to use dedicated high priority workqueue\n\nfrom the shared global workqueue. This should prevent hang ups while the\nglobal workqueue is busy and cleaned up some logic issues.\n\ngive input boost its own workqueue\n\nbump to version 2.2\n\nSigned-off-by: Paul Reioux \u003creioux@gmail.com\u003e\n\nintelli_plug: code review clean up\n\nset def sampling rate to something sane rather than zero (instantaneous\nrescheduling is not good if intelli_plug is disabled)\n\nmake touch input more generic rather than tied to a touchscreen driver\n\nremove unused code\n\nthanks to @dorimanx for the code reviews and suggestions\n\nbump to version 2.3\n\nSigned-off-by: Paul Reioux \u003creioux@gmail.com\u003e\n\nIntelli_plug: add wakeup cpufreq boost for quicker wakeup\n\nbump version to 2.4\n\nSigned-off-by: Paul Reioux \u003creioux@gmail.com\u003e\n\nintelli_plug: add screen off max controls\n\nbump to version 2.5\n\nSigned-off-by: Paul Reioux \u003creioux@gmail.com\u003e\n\nintelli_plug: add parameter to control touch boost on/off\n\nbump version to 2.6\n\nSigned-off-by: Paul Reioux \u003creioux@gmail.com\u003e\n\nintelli_plug: refactor stats calculation code to be less intrusive\n\nthis is done for those kernels which do not have 100% source code available\nand must use existing closed source modules such as wifi drivers\n\nSigned-off-by: Paul Reioux \u003creioux@gmail.com\u003e\n\nIntelli_plug: kernel sched/core: add per cpu nr_running stats\n\nSigned-off-by: Paul Reioux \u003creioux@gmail.com\u003e\n\nintelli_plug: add profiles support and misc code optimization\n\nbump to version 3.0\n\nSigned-off-by: Paul Reioux \u003creioux@gmail.com\u003e\n\nintelli_plug: use per cpu nr_runnings stats for unplugging cores\n\nbump version to 3.1\n\nSigned-off-by: Paul Reioux \u003creioux@gmail.com\u003e\n\nintelli_plug: allow cpu_nr_running_threshold to be user adjustable\n\nbump version to 3.2\n\nSigned-off-by: Paul Reioux \u003creioux@gmail.com\u003e\n\nintelli_plug: tweak cpu_nr_running threshold\n\nand fix minor logic issues\n\nSigned-off-by: Paul Reioux \u003creioux@gmail.com\u003e\n\nintelli_plug: remove legacy msm_rq based code\n\njust use the original algorithm based on nr_running_stats\n\nbump version to 3.3\n\nSigned-off-by: Paul Reioux \u003creioux@gmail.com\u003e\n\nintelli_plug: add nr_running_thresholds based on thread capacity of SOC type\n\ninstead of hard coded nr_running_thresholds, perform compile time calculation\nof thresholds based on thread capacity of SOC types.\n\nbump version to 3.4\n\nSigned-off-by: Paul Reioux \u003creioux@gmail.com\u003e\n\nintelli_plug: misc minor code fixup post 3.4 update\n\nSigned-off-by: Paul Reioux \u003creioux@gmail.com\u003e\n\nintelli_plug: add automatic dual-core initializations\n\nSigned-off-by: Paul Reioux \u003creioux@gmail.com\u003e\n\nintelli_plug: deprecate eco mode. replaced by built-in profile\n\nbump version to 3.5\n\nSigned-off-by: Paul Reioux \u003creioux@gmail.com\u003e\n\nintelli_plug: post 3.5 tweaks and code clean up\n\nbump to version 3.6\n\nSigned-off-by: Paul Reioux \u003creioux@gmail.com\u003e\n\nintelli_plug: move to its own directory. It\u0027s been cross platform for a while\n\nintelli_plug driver has been working on OMAP44xx, TEGRA 3, Exynos and\nMSM Krait/Cortex multi-core SOCs. So it doesn\u0027t make sense to patch on a per\nSOC basis, move it to its own ARM platform independent folder so patches can\napply to all supported ARM platforms\n\nChange-Id: Icf778959cbaa59c73fefa2d27f682efa6d8adf93\nSigned-off-by: Paul Reioux \u003creioux@gmail.com\u003e\n\nintelli_plug: unify powersuspend and earlysuspend drivers\n\nalso minor clean up on the persist logic\n\nbump to version 3.7\n\nSigned-off-by: Paul Reioux \u003creioux@gmail.com\u003e\n\nintelli_plug: adjust thread capacity for Cortex A7 SOCs\n\nCortex A7 is much weaker than Krait processors\n\nSigned-off-by: Paul Reioux \u003creioux@gmail.com\u003e\n\nintelli_plug: fix thread capacity threshold calculation\n\nSigned-off-by: Paul Reioux \u003creioux@gmail.com\u003e\n\nintelli_plug: fix logic error for eco mode profiles\n\nSigned-off-by: Paul Reioux \u003creioux@gmail.com\u003e\n\nintelli_plug: only apply suspend/resume logic if active\n\nSigned-off-by: Paul Reioux \u003creioux@gmail.com\u003e\n\nintelli_plug: fix incorrect cpufreq API usage\n\nThis resolves the wakeup kick and screen off max issues\n\nSigned-off-by: Paul Reioux \u003creioux@gmail.com\u003e\n\nintelli_plug: initialize ip_info struct element during driver init\n\nthis will eliminate race issues\n\nSigned-off-by: Paul Reioux \u003creioux@gmail.com\u003e\n\nintelli_plug: use primary CPU\u0027s info data for non-boot cpu\u0027s settings\n\nAsync CPU design has caused quite a bit of grief for controlling cpu\nfrequencies\n\nbump to version 3.8\n\nSigned-off-by: Paul Reioux \u003creioux@gmail.com\u003e\n\nintelli_plug: older Qualcomm kernel compatibility fixup\n\nARGH... really angry at CAF code.\n\nsome cpufreq driver APIs are incredibly unstable with some of the older\nMSM kernels. The correct way is the fix the cpufreq drivers, but there are\ntons of variations out there, so rather than depending on a fix, make\nintelli_plug more universal by avoiding the troubling APIs altogether\n\nSigned-off-by: Paul Reioux \u003creioux@gmail.com\u003e\n\nChange-Id: Ia530ec03b2b678fdb538b94b272599e96309133f\n" }, { "commit": "5fa350ef605bd6a1b64540cad929a0d6d1ce3607", "tree": "eb019d8edd08c03b982d8fbcbefaf52ff75150d3", "parents": [ "15c4ecb2b060da80621b36fa1dd27cc031de0d0c" ], "author": { "name": "Nick Reuter", "email": "nreuter85@gmail.com", "time": "Thu Feb 25 21:35:15 2016 -0600" }, "committer": { "name": "William Bellavance", "email": "flintman@flintmancomputers.com", "time": "Fri Feb 26 05:08:24 2016 -0500" }, "message": "kernel/hz.bc: ignore.\n\nChange-Id: I96e5465162eec64287b715b5e0df726a2636194d\nSigned-off-by: Rusty Russell \u003crusty@rustcorp.com.au\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "17b94bef87f4797675ce9716725c70d4828a3db8", "tree": "856de91bf03b73a12e878a470abc8324f46e9c43", "parents": [ "9cc712efc708bf2d25b6a6c013c66c42f2cfccd0" ], "author": { "name": "shumash", "email": "shumashgeely@gmail.com", "time": "Sun Jan 10 16:44:51 2016 -0700" }, "committer": { "name": "William Bellavance", "email": "flintman@flintmancomputers.com", "time": "Thu Feb 11 10:33:08 2016 -0500" }, "message": "port 3.0 kernel power source in pieces\n source.c\n main.c\n\nChange-Id: Ifa25fab256d8bff11bede4e35236da5857e39d78\n" }, { "commit": "9cc712efc708bf2d25b6a6c013c66c42f2cfccd0", "tree": "f4b7b9d2354b77f6a63eacded1c5b32282c18abc", "parents": [ "64c363146fe8b4b26285d36fad0fc01b9c8c1285" ], "author": { "name": "José Adolfo Galdámez", "email": "josegalre@pac-rom.com", "time": "Wed Oct 21 21:52:13 2015 -0600" }, "committer": { "name": "William Bellavance", "email": "flintman@flintmancomputers.com", "time": "Wed Feb 10 20:04:59 2016 -0500" }, "message": "Merge tag \u0027v3.4.110\u0027 into mm-6.0\n\nChange-Id: I0afc69bce474139d1b70e062d72c0b8054529833\nSigned-off-by: José Adolfo Galdámez \u003cjosegalre@pac-rom.com\u003e\n" }, { "commit": "64c363146fe8b4b26285d36fad0fc01b9c8c1285", "tree": "f4597aeccc6d37aadbf3a719dfefc62632e4ee10", "parents": [ "900469d0b0c337db19908f77d172f4b17f4573ba" ], "author": { "name": "José Adolfo Galdámez", "email": "josegalre@pac-rom.com", "time": "Mon Sep 21 22:00:27 2015 -0600" }, "committer": { "name": "William Bellavance", "email": "flintman@flintmancomputers.com", "time": "Wed Feb 10 20:03:50 2016 -0500" }, "message": "Merge tag \u0027v3.4.109\u0027 into mm-6.0\n\nChange-Id: I93b29443377e338fc5d3b031b130da720f788879\nSigned-off-by: José Adolfo Galdámez \u003cjosegalre@pac-rom.com\u003e\n" }, { "commit": "900469d0b0c337db19908f77d172f4b17f4573ba", "tree": "e7c8e6e70ad09ecc74c7385269f9a7a908489b88", "parents": [ "3591a444f6b8cb82a9b88a49a4e67d8f4b61a6de" ], "author": { "name": "José Adolfo Galdámez", "email": "josegalre@pac-rom.com", "time": "Sat Jun 20 23:45:36 2015 -0600" }, "committer": { "name": "William Bellavance", "email": "flintman@flintmancomputers.com", "time": "Wed Feb 10 20:02:51 2016 -0500" }, "message": "Merge tag \u0027v3.4.108\u0027 into mm-6.0\n\nChange-Id: I5ee718e5c87c9647c6edf0926a887679e065a649\nSigned-off-by: José Adolfo Galdámez \u003cjosegalre@pac-rom.com\u003e\n" }, { "commit": "698785c12d3c6da117152dc520e2fb9a46fa31f8", "tree": "c17d2e3eb1f6c587c4744835e526a403ca6da57a", "parents": [ "22acfde0a291977c02b5f4461487dd81dd901da7" ], "author": { "name": "John Stultz", "email": "john.stultz@linaro.org", "time": "Mon Feb 09 23:30:36 2015 -0800" }, "committer": { "name": "William Bellavance", "email": "flintman@flintmancomputers.com", "time": "Wed Feb 10 20:02:13 2016 -0500" }, "message": "ntp: Fixup adjtimex freq validation on 32-bit systems\n\ncommit 29183a70b0b828500816bd794b3fe192fce89f73 upstream.\n\nAdditional validation of adjtimex freq values to avoid\npotential multiplication overflows were added in commit\n5e5aeb4367b (time: adjtimex: Validate the ADJ_FREQUENCY values)\n\nUnfortunately the patch used LONG_MAX/MIN instead of\nLLONG_MAX/MIN, which was fine on 64-bit systems, but being\nmuch smaller on 32-bit systems caused false positives\nresulting in most direct frequency adjustments to fail w/\nEINVAL.\n\nntpd only does direct frequency adjustments at startup, so\nthe issue was not as easily observed there, but other time\nsync applications like ptpd and chrony were more effected by\nthe bug.\n\nSee bugs:\n\n https://bugzilla.kernel.org/show_bug.cgi?id\u003d92481\n https://bugzilla.redhat.com/show_bug.cgi?id\u003d1188074\n\nThis patch changes the checks to use LLONG_MAX for\nclarity, and additionally the checks are disabled\non 32-bit systems since LLONG_MAX/PPM_SCALE is always\nlarger then the 32-bit long freq value, so multiplication\noverflows aren\u0027t possible there.\n\nReported-by: Josh Boyer \u003cjwboyer@fedoraproject.org\u003e\nReported-by: George Joseph \u003cgeorge.joseph@fairview5.com\u003e\nTested-by: George Joseph \u003cgeorge.joseph@fairview5.com\u003e\nSigned-off-by: John Stultz \u003cjohn.stultz@linaro.org\u003e\nSigned-off-by: Peter Zijlstra (Intel) \u003cpeterz@infradead.org\u003e\nCc: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\nCc: Sasha Levin \u003csasha.levin@oracle.com\u003e\nLink: http://lkml.kernel.org/r/1423553436-29747-1-git-send-email-john.stultz@linaro.org\n[ Prettified the changelog and the comments a bit. ]\nSigned-off-by: Ingo Molnar \u003cmingo@kernel.org\u003e\nSigned-off-by: Zefan Li \u003clizefan@huawei.com\u003e\n" }, { "commit": "f39f5a4177f0aadec47f4c3b0c4958913ff2d279", "tree": "1f7a7399f750084756567c2cb64f762e5b170955", "parents": [ "180e131b326585b5bc7661e1c7b477a2761b5642" ], "author": { "name": "Tim Chen", "email": "tim.c.chen@linux.intel.com", "time": "Fri Dec 12 15:38:12 2014 -0800" }, "committer": { "name": "William Bellavance", "email": "flintman@flintmancomputers.com", "time": "Wed Feb 10 20:02:08 2016 -0500" }, "message": "sched/rt: Reduce rq lock contention by eliminating locking of non-feasible target\n\ncommit 80e3d87b2c5582db0ab5e39610ce3707d97ba409 upstream.\n\nThis patch adds checks that prevens futile attempts to move rt tasks\nto a CPU with active tasks of equal or higher priority.\n\nThis reduces run queue lock contention and improves the performance of\na well known OLTP benchmark by 0.7%.\n\nSigned-off-by: Tim Chen \u003ctim.c.chen@linux.intel.com\u003e\nSigned-off-by: Peter Zijlstra (Intel) \u003cpeterz@infradead.org\u003e\nCc: Shawn Bohrer \u003csbohrer@rgmadvisors.com\u003e\nCc: Suruchi Kadu \u003csuruchi.a.kadu@intel.com\u003e\nCc: Doug Nelson\u003cdoug.nelson@intel.com\u003e\nCc: Steven Rostedt \u003crostedt@goodmis.org\u003e\nCc: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\nLink: http://lkml.kernel.org/r/1421430374.2399.27.camel@schen9-desk2.jf.intel.com\nSigned-off-by: Ingo Molnar \u003cmingo@kernel.org\u003e\nSigned-off-by: Zefan Li \u003clizefan@huawei.com\u003e\n" }, { "commit": "a49e6ce46b2174e740908332b4ec1796af9e029a", "tree": "abef367c23b20577a299f363a7d76154fd1e7c21", "parents": [ "5aaf989a3f7a116df4a0dd9a6c537f13cb0e32d2" ], "author": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Sun Oct 26 19:19:16 2014 -0400" }, "committer": { "name": "William Bellavance", "email": "flintman@flintmancomputers.com", "time": "Wed Feb 10 20:01:44 2016 -0500" }, "message": "move d_rcu from overlapping d_child to overlapping d_alias\n\ncommit 946e51f2bf37f1656916eb75bd0742ba33983c28 upstream.\n\nSigned-off-by: Al Viro \u003cviro@zeniv.linux.org.uk\u003e\n[bwh: Backported to 3.2:\n - Apply name changes in all the different places we use d_alias and d_child\n - Move the WARN_ON() in __d_free() to d_free() as we don\u0027t have dentry_free()]\nSigned-off-by: Ben Hutchings \u003cben@decadent.org.uk\u003e\n[lizf: Backported to 3.4:\n - adjust context\n - need one more name change in debugfs]\n" }, { "commit": "eae81ccc389ac4ce8e6c8925aafecd49e44a5af4", "tree": "846f11277d55b986419ad6ad23c8f554dc40270c", "parents": [ "70da5b358e7e43293fac0f78317c339d1eff96fa" ], "author": { "name": "Sasha Levin", "email": "sasha.levin@oracle.com", "time": "Wed Dec 03 19:25:05 2014 -0500" }, "committer": { "name": "William Bellavance", "email": "flintman@flintmancomputers.com", "time": "Wed Feb 10 20:00:36 2016 -0500" }, "message": "time: adjtimex: Validate the ADJ_FREQUENCY values\n\ncommit 5e5aeb4367b450a28f447f6d5ab57d8f2ab16a5f upstream.\n\nVerify that the frequency value from userspace is valid and makes sense.\n\nUnverified values can cause overflows later on.\n\nCc: Thomas Gleixner \u003ctglx@linutronix.de\u003e\nCc: Ingo Molnar \u003cmingo@kernel.org\u003e\nSigned-off-by: Sasha Levin \u003csasha.levin@oracle.com\u003e\n[jstultz: Fix up bug for negative values and drop redunent cap check]\nSigned-off-by: John Stultz \u003cjohn.stultz@linaro.org\u003e\n[lizf: Backported to 3.4: adjust context]\nSigned-off-by: Zefan Li \u003clizefan@huawei.com\u003e\n" }, { "commit": "70da5b358e7e43293fac0f78317c339d1eff96fa", "tree": "b078039b8f0cf6296f2f348f8569289a5361acf6", "parents": [ "631e8a57ea957b730f271a50049959b4afa6472b" ], "author": { "name": "Sasha Levin", "email": "sasha.levin@oracle.com", "time": "Wed Dec 03 19:22:48 2014 -0500" }, "committer": { "name": "William Bellavance", "email": "flintman@flintmancomputers.com", "time": "Wed Feb 10 20:00:35 2016 -0500" }, "message": "time: settimeofday: Validate the values of tv from user\n\ncommit 6ada1fc0e1c4775de0e043e1bd3ae9d065491aa5 upstream.\n\nAn unvalidated user input is multiplied by a constant, which can result in\nan undefined behaviour for large values. While this is validated later,\nwe should avoid triggering undefined behaviour.\n\nCc: Thomas Gleixner \u003ctglx@linutronix.de\u003e\nCc: Ingo Molnar \u003cmingo@kernel.org\u003e\nSigned-off-by: Sasha Levin \u003csasha.levin@oracle.com\u003e\n[jstultz: include trivial milisecond-\u003emicrosecond correction noticed\nby Andy]\nSigned-off-by: John Stultz \u003cjohn.stultz@linaro.org\u003e\n[lizf: Backported to 3.4: adjust filename]\nSigned-off-by: Zefan Li \u003clizefan@huawei.com\u003e\n" }, { "commit": "20ddfdd45db0dfc1193c8c81cb20196befbf0743", "tree": "9b3336a9142e118971e302a83cf2b6ca7d42f55f", "parents": [ "306afdf4e512bf760994face0363fc054ce05dc8" ], "author": { "name": "Thomas Gleixner", "email": "tglx@linutronix.de", "time": "Thu Dec 11 23:01:41 2014 +0100" }, "committer": { "name": "William Bellavance", "email": "flintman@flintmancomputers.com", "time": "Wed Feb 10 20:00:11 2016 -0500" }, "message": "genirq: Prevent proc race against freeing of irq descriptors\n\ncommit c291ee622165cb2c8d4e7af63fffd499354a23be upstream.\n\nSince the rework of the sparse interrupt code to actually free the\nunused interrupt descriptors there exists a race between the /proc\ninterfaces to the irq subsystem and the code which frees the interrupt\ndescriptor.\n\nCPU0\t\t\t\tCPU1\n\t\t\t\tshow_interrupts()\n\t\t\t\t desc \u003d irq_to_desc(X);\nfree_desc(desc)\n remove_from_radix_tree();\n kfree(desc);\n\t\t\t\t raw_spinlock_irq(\u0026desc-\u003elock);\n\n/proc/interrupts is the only interface which can actively corrupt\nkernel memory via the lock access. /proc/stat can only read from freed\nmemory. Extremly hard to trigger, but possible.\n\nThe interfaces in /proc/irq/N/ are not affected by this because the\nremoval of the proc file is serialized in procfs against concurrent\nreaders/writers. The removal happens before the descriptor is freed.\n\nFor architectures which have CONFIG_SPARSE_IRQ\u003dn this is a non issue\nas the descriptor is never freed. It\u0027s merely cleared out with the irq\ndescriptor lock held. So any concurrent proc access will either see\nthe old correct value or the cleared out ones.\n\nProtect the lookup and access to the irq descriptor in\nshow_interrupts() with the sparse_irq_lock.\n\nProvide kstat_irqs_usr() which is protecting the lookup and access\nwith sparse_irq_lock and switch /proc/stat to use it.\n\nDocument the existing kstat_irqs interfaces so it\u0027s clear that the\ncaller needs to take care about protection. The users of these\ninterfaces are either not affected due to SPARSE_IRQ\u003dn or already\nprotected against removal.\n\nFixes: 1f5a5b87f78f \"genirq: Implement a sane sparse_irq allocator\"\nSigned-off-by: Thomas Gleixner \u003ctglx@linutronix.de\u003e\n[lizf: Backported to 3.4:\n - define kstat_irqs() for CONFIG_GENERIC_HARDIRQS\n - add ifdef/endif CONFIG_SPARSE_IRQ]\nSigned-off-by: Zefan Li \u003clizefan@huawei.com\u003e\n" }, { "commit": "7f490b21c8edbd5f47320015c05c3086909d51a4", "tree": "36eb43eead2da446c7d4c1f5564585d75eaef071", "parents": [ "157ecab851fd1f788fd6d3c7d76dc30dbc6278aa" ], "author": { "name": "shumash", "email": "shumashgeely@gmail.com", "time": "Tue Oct 06 09:49:52 2015 -0600" }, "committer": { "name": "William Bellavance", "email": "flintman@flintmancomputers.com", "time": "Wed Feb 10 19:57:40 2016 -0500" }, "message": "workqueues: add missing header file\n" }, { "commit": "157ecab851fd1f788fd6d3c7d76dc30dbc6278aa", "tree": "c4d04c04ddc8195e8ddd1e3a596f65f81e95b41f", "parents": [ "b2f60dfc8a5f68d24936f9cead661b8f7856567d" ], "author": { "name": "shumash", "email": "shumashgeely@gmail.com", "time": "Sat Jul 18 09:12:19 2015 -0600" }, "committer": { "name": "William Bellavance", "email": "flintman@flintmancomputers.com", "time": "Wed Feb 10 19:57:39 2016 -0500" }, "message": "workqueue: Add system wide power_efficient workqueues\n\nThis patch adds system wide workqueues aligned towards power saving. This is\ndone by allocating them with WQ_UNBOUND flag if \u0027wq_power_efficient\u0027 is set to\n\u0027true\u0027.\n\ntj: updated comments a bit.\n\nSigned-off-by: Viresh Kumar \u003cviresh.kumar@linaro.org\u003e\nSigned-off-by: Tejun Heo \u003ctj@kernel.org\u003e\n(cherry picked from commit 0668106ca3865ba945e155097fb042bf66d364d3)\nSigned-off-by: Mark Brown \u003cbroonie@linaro.org\u003e\n\nChange-Id: Id0614a3d7f96937fa0c396d2197e3580b8b8de80\n" }, { "commit": "b2f60dfc8a5f68d24936f9cead661b8f7856567d", "tree": "501db0eaab2dfcbeac9fbe38b3ce03ad86660c29", "parents": [ "e1210196448b3a6c20d21944e3016627b14acdb7" ], "author": { "name": "shumash", "email": "shumashgeely@gmail.com", "time": "Sat Jul 18 09:03:08 2015 -0600" }, "committer": { "name": "William Bellavance", "email": "flintman@flintmancomputers.com", "time": "Wed Feb 10 19:57:38 2016 -0500" }, "message": "workqueues: Introduce new flag WQ_POWER_EFFICIENT for power oriented workqueues\n\nWorkqueues can be performance or power-oriented. Currently, most workqueues are\nbound to the CPU they were created on. This gives good performance (due to cache\neffects) at the cost of potentially waking up otherwise idle cores (Idle from\nscheduler\u0027s perspective. Which may or may not be physically idle) just to\nprocess some work. To save power, we can allow the work to be rescheduled on a\ncore that is already awake.\n\nWorkqueues created with the WQ_UNBOUND flag will allow some power savings.\nHowever, we don\u0027t change the default behaviour of the system. To enable\npower-saving behaviour, a new config option CONFIG_WQ_POWER_EFFICIENT needs to\nbe turned on. This option can also be overridden by the\nworkqueue.power_efficient boot parameter.\n\ntj: Updated config description and comments. Renamed\n CONFIG_WQ_POWER_EFFICIENT to CONFIG_WQ_POWER_EFFICIENT_DEFAULT.\n\nSigned-off-by: Viresh Kumar \u003cviresh.kumar@linaro.org\u003e\nReviewed-by: Amit Kucheria \u003camit.kucheria@linaro.org\u003e\nSigned-off-by: Tejun Heo \u003ctj@kernel.org\u003e\n(cherry picked from commit cee22a15052faa817e3ec8985a28154d3fabc7aa)\nSigned-off-by: Mark Brown \u003cbroonie@linaro.org\u003e\n\nChange-Id: I5c2f656aaa266deba2dd0887dace9928540910ae\n" }, { "commit": "bc591bdc20ee5c4cf94391b5e30c56bedc17e47e", "tree": "6ab0e1274bd695b2bdcc4f596f6ccb8466833074", "parents": [ "c9ec5028049b974988c98f11f953c9fb5ef540ac" ], "author": { "name": "Mark Grondona", "email": "mgrondona@llnl.gov", "time": "Wed Sep 11 14:24:31 2013 -0700" }, "committer": { "name": "flintman", "email": "flintman@flintmancomputers.com", "time": "Thu Dec 10 05:21:44 2015 -0500" }, "message": "__ptrace_may_access() should not deny sub-threads\n\ncommit 73af963f9f3036dffed55c3a2898598186db1045 upstream.\n\n__ptrace_may_access() checks get_dumpable/ptrace_has_cap/etc if task !\u003d\ncurrent, this can can lead to surprising results.\n\nFor example, a sub-thread can\u0027t readlink(\"/proc/self/exe\") if the\nexecutable is not readable. setup_new_exec()-\u003ewould_dump() notices that\ninode_permission(MAY_READ) fails and then it does\nset_dumpable(suid_dumpable). After that get_dumpable() fails.\n\n(It is not clear why proc_pid_readlink() checks get_dumpable(), perhaps we\ncould add PTRACE_MODE_NODUMPABLE)\n\nChange __ptrace_may_access() to use same_thread_group() instead of \"task\n\u003d\u003d current\". Any security check is pointless when the tasks share the\nsame -\u003emm.\n\nChange-Id: I0b871cf8e7c82a6042831f479c17f427fce66bc5\nSigned-off-by: Mark Grondona \u003cmgrondona@llnl.gov\u003e\nSigned-off-by: Ben Woodard \u003cwoodard@redhat.com\u003e\nSigned-off-by: Oleg Nesterov \u003coleg@redhat.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\nSigned-off-by: Greg Kroah-Hartman \u003cgregkh@linuxfoundation.org\u003e\n" }, { "commit": "75d9a22306c18844879cddcbf940e22a03918561", "tree": "f1cb1be07f5deee75c1f515b60caac68080b1b68", "parents": [ "ba12817ba1b77ce1d8141b7f0f68419aa1ac42eb" ], "author": { "name": "Eric W. Biederman", "email": "ebiederm@xmission.com", "time": "Wed Jun 15 10:21:48 2011 -0700" }, "committer": { "name": "flintman", "email": "flintman@flintmancomputers.com", "time": "Wed Oct 14 06:40:30 2015 -0400" }, "message": "proc: Usable inode numbers for the namespace file descriptors.\n\nAssign a unique proc inode to each namespace, and use that\ninode number to ensure we only allocate at most one proc\ninode for every namespace in proc.\n\nA single proc inode per namespace allows userspace to test\nto see if two processes are in the same namespace.\n\nThis has been a long requested feature and only blocked because\na naive implementation would put the id in a global space and\nwould ultimately require having a namespace for the names of\nnamespaces, making migration and certain virtualization tricks\nimpossible.\n\nWe still don\u0027t have per superblock inode numbers for proc, which\nappears necessary for application unaware checkpoint/restart and\nmigrations (if the application is using namespace file descriptors)\nbut that is now allowd by the design if it becomes important.\n\nI have preallocated the ipc and uts initial proc inode numbers so\ntheir structures can be statically initialized.\n\nSigned-off-by: Eric W. Biederman \u003cebiederm@xmission.com\u003e\n(cherry picked from commit 98f842e675f96ffac96e6c50315790912b2812be)\n" }, { "commit": "df3e15428d98ba3d5dde429e71c499da2c74f089", "tree": "8af558189fe5d5c00a99529436b88dfa2f114a6d", "parents": [ "ab012bbe936b097f43af565ab2b5076be7022c83" ], "author": { "name": "Eric W. Biederman", "email": "ebiederm@xmission.com", "time": "Thu Jul 26 21:08:32 2012 -0700" }, "committer": { "name": "flintman", "email": "flintman@flintmancomputers.com", "time": "Wed Oct 14 06:40:23 2015 -0400" }, "message": "vfs: Add a user namespace reference from struct mnt_namespace\n\nThis will allow for support for unprivileged mounts in a new user namespace.\n\nAcked-by: \"Serge E. Hallyn\" \u003cserge@hallyn.com\u003e\nSigned-off-by: \"Eric W. Biederman\" \u003cebiederm@xmission.com\u003e\n(cherry picked from commit 771b1371686e0a63e938ada28de020b9a0040f55)\n" }, { "commit": "210cff15b0ecfea14195b71ae5fc97f4191a11d0", "tree": "56a8fe1cab5feff4b1a2b7904b21d1e78ef04d68", "parents": [ "0bcf8f91545bb3930fa24840dc9a96a94f7ae979" ], "author": { "name": "David Howells", "email": "dhowells@redhat.com", "time": "Mon Jun 25 12:55:18 2012 +0100" }, "committer": { "name": "flintman", "email": "flintman@flintmancomputers.com", "time": "Wed Oct 14 06:38:13 2015 -0400" }, "message": "VFS: Make clone_mnt()/copy_tree()/collect_mounts() return errors\n\ncopy_tree() can theoretically fail in a case other than ENOMEM, but always\nreturns NULL which is interpreted by callers as -ENOMEM. Change it to return\nan explicit error.\n\nAlso change clone_mnt() for consistency and because union mounts will add new\nerror cases.\n\nThanks to Andreas Gruenbacher \u003cagruen@suse.de\u003e for a bug fix.\n[AV: folded braino fix by Dan Carpenter]\n\nOriginal-author: Valerie Aurora \u003cvaurora@redhat.com\u003e\nSigned-off-by: David Howells \u003cdhowells@redhat.com\u003e\nCc: Valerie Aurora \u003cvalerie.aurora@gmail.com\u003e\nCc: Andreas Gruenbacher \u003cagruen@suse.de\u003e\nSigned-off-by: Al Viro \u003cviro@zeniv.linux.org.uk\u003e\n(cherry picked from commit be34d1a3bc4b6f357a49acb55ae870c81337e4f0)\n" }, { "commit": "9011bf7ee179e887dbe2ad2c9e81f1f465fe146b", "tree": "97d41fecda289d903c7ac4215704144f368396d4", "parents": [ "bbd581b5bcc4f3651f636cf56eac2f419a933583" ], "author": { "name": "Andi Kleen", "email": "ak@linux.intel.com", "time": "Tue May 08 13:32:24 2012 +0930" }, "committer": { "name": "flintman", "email": "flintman@flintmancomputers.com", "time": "Wed Oct 14 06:37:58 2015 -0400" }, "message": "brlocks/lglocks: turn into functions\n\nlglocks and brlocks are currently generated with some complicated macros\nin lglock.h. But there\u0027s no reason to not just use common utility\nfunctions and put all the data into a common data structure.\n\nSince there are at least two users it makes sense to share this code in a\nlibrary. This is also easier maintainable than a macro forest.\n\nThis will also make it later possible to dynamically allocate lglocks and\nalso use them in modules (this would both still need some additional, but\nnow straightforward, code)\n\n[akpm@linux-foundation.org: checkpatch fixes]\nSigned-off-by: Andi Kleen \u003cak@linux.intel.com\u003e\nCc: Al Viro \u003cviro@zeniv.linux.org.uk\u003e\nCc: Rusty Russell \u003crusty@rustcorp.com.au\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Rusty Russell \u003crusty@rustcorp.com.au\u003e\nSigned-off-by: Al Viro \u003cviro@zeniv.linux.org.uk\u003e\n\n(cherry picked from commit eea62f831b8030b0eeea8314eed73b6132d1de26)\n" }, { "commit": "efbfa26cd86a6c305f039510df852e2cb7bb2674", "tree": "5b15e876ccf4bfa5d89269b30e04cee995f09ef4", "parents": [ "853844c4c59e75183389c12471db5babc184e7d6" ], "author": { "name": "H. Peter Anvin", "email": "hpa@zytor.com", "time": "Thu Feb 14 15:13:55 2013 -0800" }, "committer": { "name": "flintman", "email": "flintman@flintmancomputers.com", "time": "Thu Sep 17 16:52:06 2015 -0400" }, "message": "kernel: Replace timeconst.pl with a bc script\n\nbc is the standard tool for multi-precision arithmetic. We switched\nto Perl because akpm reported a hard-to-reproduce build hang, which\nwas very odd because affected and unaffected machines were all running\nthe same version of GNU bc.\n\nUnfortunately switching to Perl required a really ugly \"canning\"\nmechanism to support Perl \u003c 5.8 installations lacking the Math::BigInt\nmodule.\n\nIt was recently pointed out to me that some very old versions of GNU\nmake had problems with pipes in subshells, which was indeed the\nconstruct used in the Makefile rules in that version of the patch;\nPerl didn\u0027t need it so switching to Perl fixed the problem for\nunrelated reasons. With the problem (hopefully) root-caused, we can\nswitch back to bc and do the arbitrary-precision arithmetic naturally.\n\nChange-Id: I048a7fb947f2fbd7b454e85b122c0e3601c02136\nSigned-off-by: H. Peter Anvin \u003chpa@zytor.com\u003e\nCc: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nAcked-by: Sam Ravnborg \u003csam@ravnborg.org\u003e\nSigned-off-by: Michal Marek \u003cmmarek@suse.cz\u003e\n" }, { "commit": "7e56f7d5e001c27ff63505cb558ca1bfc9a4d765", "tree": "24b4b1fda27612730abdd8587c6565e91a48ead2", "parents": [ "bbfd65dbf0305fdea6414280e5c3998930fd381b" ], "author": { "name": "Steve Muckle", "email": "smuckle@codeaurora.org", "time": "Mon Mar 11 16:33:42 2013 -0700" }, "committer": { "name": "flintman", "email": "flintman@flintmancomputers.com", "time": "Mon Apr 27 08:05:07 2015 -0400" }, "message": "sched: provide per cpu-cgroup option to notify on migrations\n\nOn systems where CPUs may run asynchronously, task migrations\nbetween CPUs running at grossly different speeds can cause\nproblems.\n\nThis change provides a mechanism to notify a subsystem\nin the kernel if a task in a particular cgroup migrates to a\ndifferent CPU. Other subsystems (such as cpufreq) may then\nregister for this notifier to take appropriate action when\nsuch a task is migrated.\n\nThe cgroup attribute to set for this behavior is\n\"notify_on_migrate\" .\n\nChange-Id: Ie1868249e53ef901b89c837fdc33b0ad0c0a4590\nSigned-off-by: Steve Muckle \u003csmuckle@codeaurora.org\u003e\n" }, { "commit": "f8b074bfda9d5a6eb136c60950a3319de5e14933", "tree": "8deca0200cd359b0f265dd1d8ebc30a20dd6bd6b", "parents": [ "d32af365698237c84e6afb44d9e88d3b7bf56913" ], "author": { "name": "Robert Sesek", "email": "rsesek@google.com", "time": "Mon Aug 18 19:14:51 2014 -0400" }, "committer": { "name": "flintman", "email": "flintman@flintmancomputers.com", "time": "Mon Apr 27 08:05:00 2015 -0400" }, "message": "seccomp: Use atomic operations that are present in kernel 3.4.\n\nSigned-off-by: Robert Sesek \u003crsesek@google.com\u003e\n" }, { "commit": "d32af365698237c84e6afb44d9e88d3b7bf56913", "tree": "b73970cd95a8808a1853232fe18f505e897c79c6", "parents": [ "38daf679216fe5edfc43f975db963be883accae8" ], "author": { "name": "Kees Cook", "email": "keescook@chromium.org", "time": "Thu Jun 05 00:23:17 2014 -0700" }, "committer": { "name": "flintman", "email": "flintman@flintmancomputers.com", "time": "Mon Apr 27 08:04:59 2015 -0400" }, "message": "seccomp: implement SECCOMP_FILTER_FLAG_TSYNC\n\nApplying restrictive seccomp filter programs to large or diverse\ncodebases often requires handling threads which may be started early in\nthe process lifetime (e.g., by code that is linked in). While it is\npossible to apply permissive programs prior to process start up, it is\ndifficult to further restrict the kernel ABI to those threads after that\npoint.\n\nThis change adds a new seccomp syscall flag to SECCOMP_SET_MODE_FILTER for\nsynchronizing thread group seccomp filters at filter installation time.\n\nWhen calling seccomp(SECCOMP_SET_MODE_FILTER, SECCOMP_FILTER_FLAG_TSYNC,\nfilter) an attempt will be made to synchronize all threads in current\u0027s\nthreadgroup to its new seccomp filter program. This is possible iff all\nthreads are using a filter that is an ancestor to the filter current is\nattempting to synchronize to. NULL filters (where the task is running as\nSECCOMP_MODE_NONE) are also treated as ancestors allowing threads to be\ntransitioned into SECCOMP_MODE_FILTER. If prctrl(PR_SET_NO_NEW_PRIVS,\n...) has been set on the calling thread, no_new_privs will be set for\nall synchronized threads too. On success, 0 is returned. On failure,\nthe pid of one of the failing threads will be returned and no filters\nwill have been applied.\n\nThe race conditions against another thread are:\n- requesting TSYNC (already handled by sighand lock)\n- performing a clone (already handled by sighand lock)\n- changing its filter (already handled by sighand lock)\n- calling exec (handled by cred_guard_mutex)\nThe clone case is assisted by the fact that new threads will have their\nseccomp state duplicated from their parent before appearing on the tasklist.\n\nHolding cred_guard_mutex means that seccomp filters cannot be assigned\nwhile in the middle of another thread\u0027s exec (potentially bypassing\nno_new_privs or similar). The call to de_thread() may kill threads waiting\nfor the mutex.\n\nChanges across threads to the filter pointer includes a barrier.\n\nBased on patches by Will Drewry.\n\nSuggested-by: Julien Tinnes \u003cjln@chromium.org\u003e\nSigned-off-by: Kees Cook \u003ckeescook@chromium.org\u003e\nReviewed-by: Oleg Nesterov \u003coleg@redhat.com\u003e\nReviewed-by: Andy Lutomirski \u003cluto@amacapital.net\u003e\n\nConflicts:\n\tinclude/linux/seccomp.h\n\tinclude/uapi/linux/seccomp.h\n" }, { "commit": "38daf679216fe5edfc43f975db963be883accae8", "tree": "d28c1ee16e5f00d28e829745d2b45eb66c008b8a", "parents": [ "880e1ab5d6ef6e806dfa8e9ba08c3ff03488837d" ], "author": { "name": "Kees Cook", "email": "keescook@chromium.org", "time": "Fri Jun 27 15:01:35 2014 -0700" }, "committer": { "name": "flintman", "email": "flintman@flintmancomputers.com", "time": "Mon Apr 27 08:04:58 2015 -0400" }, "message": "seccomp: allow mode setting across threads\n\nThis changes the mode setting helper to allow threads to change the\nseccomp mode from another thread. We must maintain barriers to keep\nTIF_SECCOMP synchronized with the rest of the seccomp state.\n\nSigned-off-by: Kees Cook \u003ckeescook@chromium.org\u003e\nReviewed-by: Oleg Nesterov \u003coleg@redhat.com\u003e\nReviewed-by: Andy Lutomirski \u003cluto@amacapital.net\u003e\n\nConflicts:\n\tkernel/seccomp.c\n" }, { "commit": "880e1ab5d6ef6e806dfa8e9ba08c3ff03488837d", "tree": "df8042281f019e5750d08093e13041b7b3337a0e", "parents": [ "42835bc18120d0e5921ff07d2c2d8afd9783161a" ], "author": { "name": "Kees Cook", "email": "keescook@chromium.org", "time": "Fri Jun 27 15:18:48 2014 -0700" }, "committer": { "name": "flintman", "email": "flintman@flintmancomputers.com", "time": "Mon Apr 27 08:04:57 2015 -0400" }, "message": "seccomp: introduce writer locking\n\nNormally, task_struct.seccomp.filter is only ever read or modified by\nthe task that owns it (current). This property aids in fast access\nduring system call filtering as read access is lockless.\n\nUpdating the pointer from another task, however, opens up race\nconditions. To allow cross-thread filter pointer updates, writes to the\nseccomp fields are now protected by the sighand spinlock (which is shared\nby all threads in the thread group). Read access remains lockless because\npointer updates themselves are atomic. However, writes (or cloning)\noften entail additional checking (like maximum instruction counts)\nwhich require locking to perform safely.\n\nIn the case of cloning threads, the child is invisible to the system\nuntil it enters the task list. To make sure a child can\u0027t be cloned from\na thread and left in a prior state, seccomp duplication is additionally\nmoved under the sighand lock. Then parent and child are certain have\nthe same seccomp state when they exit the lock.\n\nBased on patches by Will Drewry and David Drysdale.\n\nSigned-off-by: Kees Cook \u003ckeescook@chromium.org\u003e\nReviewed-by: Oleg Nesterov \u003coleg@redhat.com\u003e\nReviewed-by: Andy Lutomirski \u003cluto@amacapital.net\u003e\n\nConflicts:\n\tkernel/fork.c\n" }, { "commit": "42835bc18120d0e5921ff07d2c2d8afd9783161a", "tree": "10ca7b612fae4221a7557fbfa269752e9c9a6b0d", "parents": [ "aa064093b32bc5a386de8d441dabe262b78506c7" ], "author": { "name": "Kees Cook", "email": "keescook@chromium.org", "time": "Fri Jun 27 15:16:33 2014 -0700" }, "committer": { "name": "flintman", "email": "flintman@flintmancomputers.com", "time": "Mon Apr 27 08:04:56 2015 -0400" }, "message": "seccomp: split filter prep from check and apply\n\nIn preparation for adding seccomp locking, move filter creation away\nfrom where it is checked and applied. This will allow for locking where\nno memory allocation is happening. The validation, filter attachment,\nand seccomp mode setting can all happen under the future locks.\n\nFor extreme defensiveness, I\u0027ve added a BUG_ON check for the calculated\nsize of the buffer allocation in case BPF_MAXINSN ever changes, which\nshouldn\u0027t ever happen. The compiler should actually optimize out this\ncheck since the test above it makes it impossible.\n\nSigned-off-by: Kees Cook \u003ckeescook@chromium.org\u003e\nReviewed-by: Oleg Nesterov \u003coleg@redhat.com\u003e\nReviewed-by: Andy Lutomirski \u003cluto@amacapital.net\u003e\n\nConflicts:\n\tkernel/seccomp.c\n" }, { "commit": "5eab130238adb0adc6100dbba713082c19794dbf", "tree": "e4c0af7539ca574904595f40c2344602116b2160", "parents": [ "d7a4f76933fc2be05f2837f46045039c9d187d45" ], "author": { "name": "Kees Cook", "email": "keescook@chromium.org", "time": "Wed May 21 15:23:46 2014 -0700" }, "committer": { "name": "flintman", "email": "flintman@flintmancomputers.com", "time": "Mon Apr 27 08:04:54 2015 -0400" }, "message": "sched: move no_new_privs into new atomic flags\n\nSince seccomp transitions between threads requires updates to the\nno_new_privs flag to be atomic, the flag must be part of an atomic flag\nset. This moves the nnp flag into a separate task field, and introduces\naccessors.\n\nChange-Id: I4e764b1b1eb5296a3f7e498a89cfdd6624796c87\nSigned-off-by: Kees Cook \u003ckeescook@chromium.org\u003e\nReviewed-by: Oleg Nesterov \u003coleg@redhat.com\u003e\nReviewed-by: Andy Lutomirski \u003cluto@amacapital.net\u003e\n" }, { "commit": "95de3e500c6502922b9e66385f9f0aad23f21128", "tree": "dee1daf3c5ecbad2440cd684fcc4292660dbe6c3", "parents": [ "bc4bd0fe1fb5326ed223684cd7da2143238ecdae" ], "author": { "name": "Kees Cook", "email": "keescook@chromium.org", "time": "Wed Jun 25 16:08:24 2014 -0700" }, "committer": { "name": "flintman", "email": "flintman@flintmancomputers.com", "time": "Mon Apr 27 08:04:52 2015 -0400" }, "message": "seccomp: add \"seccomp\" syscall\n\nThis adds the new \"seccomp\" syscall with both an \"operation\" and \"flags\"\nparameter for future expansion. The third argument is a pointer value,\nused with the SECCOMP_SET_MODE_FILTER operation. Currently, flags must\nbe 0. This is functionally equivalent to prctl(PR_SET_SECCOMP, ...).\n\nIn addition to the TSYNC flag later in this patch series, there is a\nnon-zero chance that this syscall could be used for configuring a fixed\nargument area for seccomp-tracer-aware processes to pass syscall arguments\nin the future. Hence, the use of \"seccomp\" not simply \"seccomp_add_filter\"\nfor this syscall. Additionally, this syscall uses operation, flags,\nand user pointer for arguments because strictly passing arguments via\na user pointer would mean seccomp itself would be unable to trivially\nfilter the seccomp syscall itself.\n\nSigned-off-by: Kees Cook \u003ckeescook@chromium.org\u003e\nReviewed-by: Oleg Nesterov \u003coleg@redhat.com\u003e\nReviewed-by: Andy Lutomirski \u003cluto@amacapital.net\u003e\n\nConflicts:\n\tarch/x86/syscalls/syscall_32.tbl\n\tarch/x86/syscalls/syscall_64.tbl\n\tinclude/linux/syscalls.h\n\tinclude/uapi/asm-generic/unistd.h\n\tinclude/uapi/linux/seccomp.h\n\tkernel/seccomp.c\n\tkernel/sys_ni.c\n" }, { "commit": "bc4bd0fe1fb5326ed223684cd7da2143238ecdae", "tree": "04c2051d771e1e608d25b292bf162a39dc463010", "parents": [ "c5c2ce744846c3d39e6a7566c2667a15eeb96914" ], "author": { "name": "Kees Cook", "email": "keescook@chromium.org", "time": "Wed Jun 25 15:55:25 2014 -0700" }, "committer": { "name": "flintman", "email": "flintman@flintmancomputers.com", "time": "Mon Apr 27 08:04:51 2015 -0400" }, "message": "seccomp: split mode setting routines\n\nSeparates the two mode setting paths to make things more readable with\nfewer #ifdefs within function bodies.\n\nSigned-off-by: Kees Cook \u003ckeescook@chromium.org\u003e\nReviewed-by: Oleg Nesterov \u003coleg@redhat.com\u003e\nReviewed-by: Andy Lutomirski \u003cluto@amacapital.net\u003e\n" }, { "commit": "c5c2ce744846c3d39e6a7566c2667a15eeb96914", "tree": "c98a24b53982b8b46fdfa409ee1c7f9f446701b6", "parents": [ "2d5f6983058ce215c4ca2bea1cc487cfe9263dda" ], "author": { "name": "Kees Cook", "email": "keescook@chromium.org", "time": "Wed Jun 25 15:38:02 2014 -0700" }, "committer": { "name": "flintman", "email": "flintman@flintmancomputers.com", "time": "Mon Apr 27 08:04:50 2015 -0400" }, "message": "seccomp: extract check/assign mode helpers\n\nTo support splitting mode 1 from mode 2, extract the mode checking and\nassignment logic into common functions.\n\nSigned-off-by: Kees Cook \u003ckeescook@chromium.org\u003e\nReviewed-by: Oleg Nesterov \u003coleg@redhat.com\u003e\nReviewed-by: Andy Lutomirski \u003cluto@amacapital.net\u003e\n" }, { "commit": "2d5f6983058ce215c4ca2bea1cc487cfe9263dda", "tree": "51ce8257a1536edb522693380e19d80d5f729012", "parents": [ "befe287761279005609dee31b13be05151d764ed" ], "author": { "name": "Kees Cook", "email": "keescook@chromium.org", "time": "Wed May 21 15:02:11 2014 -0700" }, "committer": { "name": "flintman", "email": "flintman@flintmancomputers.com", "time": "Mon Apr 27 08:04:49 2015 -0400" }, "message": "seccomp: create internal mode-setting function\n\nIn preparation for having other callers of the seccomp mode setting\nlogic, split the prctl entry point away from the core logic that performs\nseccomp mode setting.\n\nSigned-off-by: Kees Cook \u003ckeescook@chromium.org\u003e\nReviewed-by: Oleg Nesterov \u003coleg@redhat.com\u003e\nReviewed-by: Andy Lutomirski \u003cluto@amacapital.net\u003e\n" }, { "commit": "befe287761279005609dee31b13be05151d764ed", "tree": "e0952c1adb3596cddacf5a923ca7bee04c186dd8", "parents": [ "171ba895e1eed4c4758e37ca96a1869fabb25cec" ], "author": { "name": "Will Drewry", "email": "wad@chromium.org", "time": "Fri Apr 27 11:25:30 2012 -0500" }, "committer": { "name": "flintman", "email": "flintman@flintmancomputers.com", "time": "Mon Apr 27 08:04:48 2015 -0400" }, "message": "CHROMIUM: seccomp: set -ENOSYS if there is no tracer\n\n[Will attempt to add to -next, but this may need to wait\n until there is a motivating usecase, like ARM, since x86\n does the right thing already.]\n\nOn some arches, -ENOSYS is not set as the default system call\nreturn value. This means that a skipped or invalid system call\ndoes not yield this response. That behavior is not inline with\nthe stated ABI of seccomp filter. To that end, we ensure we set\nthat value here to avoid arch idiosyncrasies.\n\nSigned-off-by: Will Drewry \u003cwad@chromium.org\u003e\nTEST\u003dtegra2_kaen; boot, strace works, seccomp testsuite trace tests pass\nBUG\u003dchromium-os:27878\n\nChange-Id: I03a5e633d2fbb5d3d3cc33c067b2887068364c17\nReviewed-on: https://gerrit.chromium.org/gerrit/21337\nReviewed-by: Kees Cook \u003ckeescook@chromium.org\u003e\nReviewed-by: Will Drewry \u003cwad@chromium.org\u003e\nTested-by: Will Drewry \u003cwad@chromium.org\u003e\nSigned-off-by: Sasha Levitskiy \u003csanek@google.com\u003e\n" }, { "commit": "171ba895e1eed4c4758e37ca96a1869fabb25cec", "tree": "ff9b5c36d1c8625ac31fc1d4438e02ffc010644b", "parents": [ "4ca6e672b116c412a4a6a39bc9610ffe2e4d0f9b" ], "author": { "name": "Will Drewry", "email": "wad@chromium.org", "time": "Tue Apr 17 14:48:58 2012 -0500" }, "committer": { "name": "flintman", "email": "flintman@flintmancomputers.com", "time": "Mon Apr 27 08:04:47 2015 -0400" }, "message": "seccomp: fix build warnings when there is no CONFIG_SECCOMP_FILTER\n\nIf both audit and seccomp filter support are disabled, \u0027ret\u0027 is marked\nas unused.\n\nIf just seccomp filter support is disabled, data and skip are considered\nunused.\n\nThis change fixes those build warnings.\n\nReported-by: Stephen Rothwell \u003csfr@canb.auug.org.au\u003e\nSigned-off-by: Will Drewry \u003cwad@chromium.org\u003e\nAcked-by: Kees Cook \u003ckeescook@chromium.org\u003e\nSigned-off-by: James Morris \u003cjames.l.morris@oracle.com\u003e\n" }, { "commit": "4ca6e672b116c412a4a6a39bc9610ffe2e4d0f9b", "tree": "a3074771f4abc14aef6baeb2a942615a32cc8773", "parents": [ "695370290bc18dbd678f1c06f372c8351a6333f2" ], "author": { "name": "Will Drewry", "email": "wad@chromium.org", "time": "Thu Feb 09 12:08:39 2012 -0600" }, "committer": { "name": "flintman", "email": "flintman@flintmancomputers.com", "time": "Mon Apr 27 08:04:46 2015 -0400" }, "message": "ptrace,seccomp: Add PTRACE_SECCOMP support\n\nThis change adds support for a new ptrace option, PTRACE_O_TRACESECCOMP,\nand a new return value for seccomp BPF programs, SECCOMP_RET_TRACE.\n\nWhen a tracer specifies the PTRACE_O_TRACESECCOMP ptrace option, the\ntracer will be notified, via PTRACE_EVENT_SECCOMP, for any syscall that\nresults in a BPF program returning SECCOMP_RET_TRACE. The 16-bit\nSECCOMP_RET_DATA mask of the BPF program return value will be passed as\nthe ptrace_message and may be retrieved using PTRACE_GETEVENTMSG.\n\nIf the subordinate process is not using seccomp filter, then no\nsystem call notifications will occur even if the option is specified.\n\nIf there is no tracer with PTRACE_O_TRACESECCOMP when SECCOMP_RET_TRACE\nis returned, the system call will not be executed and an -ENOSYS errno\nwill be returned to userspace.\n\nThis change adds a dependency on the system call slow path. Any future\nefforts to use the system call fast path for seccomp filter will need to\naddress this restriction.\n\nSigned-off-by: Will Drewry \u003cwad@chromium.org\u003e\nAcked-by: Eric Paris \u003ceparis@redhat.com\u003e\n\nv18: - rebase\n - comment fatal_signal check\n - acked-by\n - drop secure_computing_int comment\nv17: - ...\nv16: - update PT_TRACE_MASK to 0xbf4 so that STOP isn\u0027t clear on SETOPTIONS call (indan@nul.nu)\n [note PT_TRACE_MASK disappears in linux-next]\nv15: - add audit support for non-zero return codes\n - clean up style (indan@nul.nu)\nv14: - rebase/nochanges\nv13: - rebase on to 88ebdda6159ffc15699f204c33feb3e431bf9bdc\n (Brings back a change to ptrace.c and the masks.)\nv12: - rebase to linux-next\n - use ptrace_event and update arch/Kconfig to mention slow-path dependency\n - drop all tracehook changes and inclusion (oleg@redhat.com)\nv11: - invert the logic to just make it a PTRACE_SYSCALL accelerator\n (indan@nul.nu)\nv10: - moved to PTRACE_O_SECCOMP / PT_TRACE_SECCOMP\nv9: - n/a\nv8: - guarded PTRACE_SECCOMP use with an ifdef\nv7: - introduced\n" }, { "commit": "695370290bc18dbd678f1c06f372c8351a6333f2", "tree": "97bdeb658f81b1d6562fc9b9347608e5d478e4bb", "parents": [ "15f81b8475370ab2a9642e1980ca0934c32c0e6a" ], "author": { "name": "Will Drewry", "email": "wad@chromium.org", "time": "Thu Feb 09 12:01:37 2012 -0600" }, "committer": { "name": "flintman", "email": "flintman@flintmancomputers.com", "time": "Mon Apr 27 08:04:45 2015 -0400" }, "message": "seccomp: Add SECCOMP_RET_TRAP\n\nAdds a new return value to seccomp filters that triggers a SIGSYS to be\ndelivered with the new SYS_SECCOMP si_code.\n\nThis allows in-process system call emulation, including just specifying\nan errno or cleanly dumping core, rather than just dying.\n\nSuggested-by: Markus Gutschke \u003cmarkus@chromium.org\u003e\nSuggested-by: Julien Tinnes \u003cjln@chromium.org\u003e\nSigned-off-by: Will Drewry \u003cwad@chromium.org\u003e\nAcked-by: Eric Paris \u003ceparis@redhat.com\u003e\n\nv18: - acked-by, rebase\n - don\u0027t mention secure_computing_int() anymore\nv15: - use audit_seccomp/skip\n - pad out error spacing; clean up switch (indan@nul.nu)\nv14: - n/a\nv13: - rebase on to 88ebdda6159ffc15699f204c33feb3e431bf9bdc\nv12: - rebase on to linux-next\nv11: - clarify the comment (indan@nul.nu)\n - s/sigtrap/sigsys\nv10: - use SIGSYS, syscall_get_arch, updates arch/Kconfig\n note suggested-by (though original suggestion had other behaviors)\nv9: - changes to SIGILL\nv8: - clean up based on changes to dependent patches\nv7: - introduction\n" }, { "commit": "15f81b8475370ab2a9642e1980ca0934c32c0e6a", "tree": "da466cf96a9be687fd64a4166f357a4787feb1fc", "parents": [ "43ec8251ea13acdeffe1fdb6313cf9cde9818d48" ], "author": { "name": "Will Drewry", "email": "wad@chromium.org", "time": "Fri Feb 17 11:50:27 2012 -0600" }, "committer": { "name": "flintman", "email": "flintman@flintmancomputers.com", "time": "Mon Apr 27 08:04:45 2015 -0400" }, "message": "signal, x86: add SIGSYS info and make it synchronous.\n\nThis change enables SIGSYS, defines _sigfields._sigsys, and adds\nx86 (compat) arch support. _sigsys defines fields which allow\na signal handler to receive the triggering system call number,\nthe relevant AUDIT_ARCH_* value for that number, and the address\nof the callsite.\n\nSIGSYS is added to the SYNCHRONOUS_MASK because it is desirable for it\nto have setup_frame() called for it. The goal is to ensure that\nucontext_t reflects the machine state from the time-of-syscall and not\nfrom another signal handler.\n\nThe first consumer of SIGSYS would be seccomp filter. In particular,\na filter program could specify a new return value, SECCOMP_RET_TRAP,\nwhich would result in the system call being denied and the calling\nthread signaled. This also means that implementing arch-specific\nsupport can be dependent upon HAVE_ARCH_SECCOMP_FILTER.\n\nSuggested-by: H. Peter Anvin \u003chpa@zytor.com\u003e\nSigned-off-by: Will Drewry \u003cwad@chromium.org\u003e\nAcked-by: Serge Hallyn \u003cserge.hallyn@canonical.com\u003e\nReviewed-by: H. Peter Anvin \u003chpa@zytor.com\u003e\nAcked-by: Eric Paris \u003ceparis@redhat.com\u003e\n\nv18: - added acked by, rebase\nv17: - rebase and reviewed-by addition\nv14: - rebase/nochanges\nv13: - rebase on to 88ebdda6159ffc15699f204c33feb3e431bf9bdc\nv12: - reworded changelog (oleg@redhat.com)\nv11: - fix dropped words in the change description\n - added fallback copy_siginfo support.\n - added __ARCH_SIGSYS define to allow stepped arch support.\nv10: - first version based on suggestion\n" }, { "commit": "43ec8251ea13acdeffe1fdb6313cf9cde9818d48", "tree": "b08cae45ad682048a6b597a68b5b24307be824d7", "parents": [ "88b54e7859e88c3377510daa86a31802cda4f574" ], "author": { "name": "Will Drewry", "email": "wad@chromium.org", "time": "Wed Feb 15 20:45:54 2012 -0600" }, "committer": { "name": "flintman", "email": "flintman@flintmancomputers.com", "time": "Mon Apr 27 08:04:44 2015 -0400" }, "message": "seccomp: add SECCOMP_RET_ERRNO\n\nThis change adds the SECCOMP_RET_ERRNO as a valid return value from a\nseccomp filter. Additionally, it makes the first use of the lower\n16-bits for storing a filter-supplied errno. 16-bits is more than\nenough for the errno-base.h calls.\n\nReturning errors instead of immediately terminating processes that\nviolate seccomp policy allow for broader use of this functionality\nfor kernel attack surface reduction. For example, a linux container\ncould maintain a whitelist of pre-existing system calls but drop\nall new ones with errnos. This would keep a logically static attack\nsurface while providing errnos that may allow for graceful failure\nwithout the downside of do_exit() on a bad call.\n\nThis change also changes the signature of __secure_computing. It\nappears the only direct caller is the arm entry code and it clobbers\nany possible return value (register) immediately.\n\nSigned-off-by: Will Drewry \u003cwad@chromium.org\u003e\nAcked-by: Serge Hallyn \u003cserge.hallyn@canonical.com\u003e\nReviewed-by: Kees Cook \u003ckeescook@chromium.org\u003e\nAcked-by: Eric Paris \u003ceparis@redhat.com\u003e\n\nv18: - fix up comments and rebase\n - fix bad var name which was fixed in later revs\n - remove _int() and just change the __secure_computing signature\nv16-v17: ...\nv15: - use audit_seccomp and add a skip label. (eparis@redhat.com)\n - clean up and pad out return codes (indan@nul.nu)\nv14: - no change/rebase\nv13: - rebase on to 88ebdda6159ffc15699f204c33feb3e431bf9bdc\nv12: - move to WARN_ON if filter is NULL\n (oleg@redhat.com, luto@mit.edu, keescook@chromium.org)\n - return immediately for filter\u003d\u003dNULL (keescook@chromium.org)\n - change evaluation to only compare the ACTION so that layered\n errnos don\u0027t result in the lowest one being returned.\n (keeschook@chromium.org)\nv11: - check for NULL filter (keescook@chromium.org)\nv10: - change loaders to fn\n v9: - n/a\n v8: - update Kconfig to note new need for syscall_set_return_value.\n - reordered such that TRAP behavior follows on later.\n - made the for loop a little less indent-y\n v7: - introduced\n" }, { "commit": "88b54e7859e88c3377510daa86a31802cda4f574", "tree": "b4152eae2d69189c54d5fd9b9db687c4bbbc8933", "parents": [ "980e920cbbb90c83e50f9287bd4dba5bd31f189a" ], "author": { "name": "Kees Cook", "email": "keescook@chromium.org", "time": "Sun Feb 26 11:56:12 2012 -0800" }, "committer": { "name": "flintman", "email": "flintman@flintmancomputers.com", "time": "Mon Apr 27 08:04:43 2015 -0400" }, "message": "seccomp: remove duplicated failure logging\n\nThis consolidates the seccomp filter error logging path and adds more\ndetails to the audit log.\n\nSigned-off-by: Will Drewry \u003cwad@chromium.org\u003e\nSigned-off-by: Kees Cook \u003ckeescook@chromium.org\u003e\nAcked-by: Eric Paris \u003ceparis@redhat.com\u003e\n\nv18: make compat\u003d permanent in the record\nv15: added a return code to the audit_seccomp path by wad@chromium.org\n (suggested by eparis@redhat.com)\nv*: original by keescook@chromium.org\n" }, { "commit": "980e920cbbb90c83e50f9287bd4dba5bd31f189a", "tree": "fed0f3a9f7c0c6c9ea50823325cdbd51a7ade592", "parents": [ "807936ec50ca1e4daab2daab94db3d5b2e02da9c" ], "author": { "name": "Will Drewry", "email": "wad@chromium.org", "time": "Thu Feb 09 11:50:58 2012 -0600" }, "committer": { "name": "flintman", "email": "flintman@flintmancomputers.com", "time": "Mon Apr 27 08:04:42 2015 -0400" }, "message": "seccomp: add system call filtering using BPF\n\n[This patch depends on luto@mit.edu\u0027s no_new_privs patch:\n https://lkml.org/lkml/2012/1/30/264\n The whole series including Andrew\u0027s patches can be found here:\n https://github.com/redpig/linux/tree/seccomp\n Complete diff here:\n https://github.com/redpig/linux/compare/1dc65fed...seccomp\n]\n\nThis patch adds support for seccomp mode 2. Mode 2 introduces the\nability for unprivileged processes to install system call filtering\npolicy expressed in terms of a Berkeley Packet Filter (BPF) program.\nThis program will be evaluated in the kernel for each system call\nthe task makes and computes a result based on data in the format\nof struct seccomp_data.\n\nA filter program may be installed by calling:\n struct sock_fprog fprog \u003d { ... };\n ...\n prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, \u0026fprog);\n\nThe return value of the filter program determines if the system call is\nallowed to proceed or denied. If the first filter program installed\nallows prctl(2) calls, then the above call may be made repeatedly\nby a task to further reduce its access to the kernel. All attached\nprograms must be evaluated before a system call will be allowed to\nproceed.\n\nFilter programs will be inherited across fork/clone and execve.\nHowever, if the task attaching the filter is unprivileged\n(!CAP_SYS_ADMIN) the no_new_privs bit will be set on the task. This\nensures that unprivileged tasks cannot attach filters that affect\nprivileged tasks (e.g., setuid binary).\n\nThere are a number of benefits to this approach. A few of which are\nas follows:\n- BPF has been exposed to userland for a long time\n- BPF optimization (and JIT\u0027ing) are well understood\n- Userland already knows its ABI: system call numbers and desired\n arguments\n- No time-of-check-time-of-use vulnerable data accesses are possible.\n- system call arguments are loaded on access only to minimize copying\n required for system call policy decisions.\n\nMode 2 support is restricted to architectures that enable\nHAVE_ARCH_SECCOMP_FILTER. In this patch, the primary dependency is on\nsyscall_get_arguments(). The full desired scope of this feature will\nadd a few minor additional requirements expressed later in this series.\nBased on discussion, SECCOMP_RET_ERRNO and SECCOMP_RET_TRACE seem to be\nthe desired additional functionality.\n\nNo architectures are enabled in this patch.\n\nSigned-off-by: Will Drewry \u003cwad@chromium.org\u003e\nAcked-by: Serge Hallyn \u003cserge.hallyn@canonical.com\u003e\nReviewed-by: Indan Zupancic \u003cindan@nul.nu\u003e\nAcked-by: Eric Paris \u003ceparis@redhat.com\u003e\n\nv18: - rebase to v3.4-rc2\n - s/chk/check/ (akpm@linux-foundation.org,jmorris@namei.org)\n - allocate with GFP_KERNEL|__GFP_NOWARN (indan@nul.nu)\n - add a comment for get_u32 regarding endianness (akpm@)\n - fix other typos, style mistakes (akpm@)\n - added acked-by\nv17: - properly guard seccomp filter needed headers (leann@ubuntu.com)\n - tighten return mask to 0x7fff0000\nv16: - no change\nv15: - add a 4 instr penalty when counting a path to account for seccomp_filter\n size (indan@nul.nu)\n - drop the max insns to 256KB (indan@nul.nu)\n - return ENOMEM if the max insns limit has been hit (indan@nul.nu)\n - move IP checks after args (indan@nul.nu)\n - drop !user_filter check (indan@nul.nu)\n - only allow explicit bpf codes (indan@nul.nu)\n - exit_code -\u003e exit_sig\nv14: - put/get_seccomp_filter takes struct task_struct\n (indan@nul.nu,keescook@chromium.org)\n - adds seccomp_chk_filter and drops general bpf_run/chk_filter user\n - add seccomp_bpf_load for use by net/core/filter.c\n - lower max per-process/per-hierarchy: 1MB\n - moved nnp/capability check prior to allocation\n (all of the above: indan@nul.nu)\nv13: - rebase on to 88ebdda6159ffc15699f204c33feb3e431bf9bdc\nv12: - added a maximum instruction count per path (indan@nul.nu,oleg@redhat.com)\n - removed copy_seccomp (keescook@chromium.org,indan@nul.nu)\n - reworded the prctl_set_seccomp comment (indan@nul.nu)\nv11: - reorder struct seccomp_data to allow future args expansion (hpa@zytor.com)\n - style clean up, @compat dropped, compat_sock_fprog32 (indan@nul.nu)\n - do_exit(SIGSYS) (keescook@chromium.org, luto@mit.edu)\n - pare down Kconfig doc reference.\n - extra comment clean up\nv10: - seccomp_data has changed again to be more aesthetically pleasing\n (hpa@zytor.com)\n - calling convention is noted in a new u32 field using syscall_get_arch.\n This allows for cross-calling convention tasks to use seccomp filters.\n (hpa@zytor.com)\n - lots of clean up (thanks, Indan!)\n v9: - n/a\n v8: - use bpf_chk_filter, bpf_run_filter. update load_fns\n - Lots of fixes courtesy of indan@nul.nu:\n -- fix up load behavior, compat fixups, and merge alloc code,\n -- renamed pc and dropped __packed, use bool compat.\n -- Added a hidden CONFIG_SECCOMP_FILTER to synthesize non-arch\n dependencies\n v7: (massive overhaul thanks to Indan, others)\n - added CONFIG_HAVE_ARCH_SECCOMP_FILTER\n - merged into seccomp.c\n - minimal seccomp_filter.h\n - no config option (part of seccomp)\n - no new prctl\n - doesn\u0027t break seccomp on systems without asm/syscall.h\n (works but arg access always fails)\n - dropped seccomp_init_task, extra free functions, ...\n - dropped the no-asm/syscall.h code paths\n - merges with network sk_run_filter and sk_chk_filter\n v6: - fix memory leak on attach compat check failure\n - require no_new_privs || CAP_SYS_ADMIN prior to filter\n installation. (luto@mit.edu)\n - s/seccomp_struct_/seccomp_/ for macros/functions (amwang@redhat.com)\n - cleaned up Kconfig (amwang@redhat.com)\n - on block, note if the call was compat (so the # means something)\n v5: - uses syscall_get_arguments\n (indan@nul.nu,oleg@redhat.com, mcgrathr@chromium.org)\n - uses union-based arg storage with hi/lo struct to\n handle endianness. Compromises between the two alternate\n proposals to minimize extra arg shuffling and account for\n endianness assuming userspace uses offsetof().\n (mcgrathr@chromium.org, indan@nul.nu)\n - update Kconfig description\n - add include/seccomp_filter.h and add its installation\n - (naive) on-demand syscall argument loading\n - drop seccomp_t (eparis@redhat.com)\n v4: - adjusted prctl to make room for PR_[SG]ET_NO_NEW_PRIVS\n - now uses current-\u003eno_new_privs\n (luto@mit.edu,torvalds@linux-foundation.com)\n - assign names to seccomp modes (rdunlap@xenotime.net)\n - fix style issues (rdunlap@xenotime.net)\n - reworded Kconfig entry (rdunlap@xenotime.net)\n v3: - macros to inline (oleg@redhat.com)\n - init_task behavior fixed (oleg@redhat.com)\n - drop creator entry and extra NULL check (oleg@redhat.com)\n - alloc returns -EINVAL on bad sizing (serge.hallyn@canonical.com)\n - adds tentative use of \"always_unprivileged\" as per\n torvalds@linux-foundation.org and luto@mit.edu\n v2: - (patch 2 only)\n" }, { "commit": "e13c80fd04b8d598c9847fb2f0df45f83285b117", "tree": "ae81e9488d9d1f67a3941ba05ce0cc027205b46d", "parents": [ "647baad3f0d3b0748eebd04025e79080a327d6ea" ], "author": { "name": "Rik van Riel", "email": "riel@redhat.com", "time": "Thu Sep 01 15:26:50 2011 -0400" }, "committer": { "name": "flintman", "email": "flintman@flintmancomputers.com", "time": "Mon Apr 27 08:04:11 2015 -0400" }, "message": "add extra free kbytes tunable\n\nAdd a userspace visible knob to tell the VM to keep an extra amount\nof memory free, by increasing the gap between each zone\u0027s min and\nlow watermarks.\n\nThis is useful for realtime applications that call system\ncalls and have a bound on the number of allocations that happen\nin any short time period. In this application, extra_free_kbytes\nwould be left at an amount equal to or larger than than the\nmaximum number of allocations that happen in any burst.\n\nIt may also be useful to reduce the memory use of virtual\nmachines (temporarily?), in a way that does not cause memory\nfragmentation like ballooning does.\n\n[ccross]\nRevived for use on old kernels where no other solution exists.\nThe tunable will be removed on kernels that do better at avoiding\ndirect reclaim.\n\nChange-Id: I765a42be8e964bfd3e2886d1ca85a29d60c3bb3e\nSigned-off-by: Rik van Riel\u003criel@redhat.com\u003e\nSigned-off-by: Colin Cross \u003cccross@android.com\u003e\n" }, { "commit": "818d20461434187c4417f4084410cd1e8cbb8d84", "tree": "e3171b5564500cda754f49cab00bd4cd9432c640", "parents": [ "499e5b80731dd92cb3e3f02cfa5c96f08cf25ade" ], "author": { "name": "Miklos Szeredi", "email": "mszeredi@suse.cz", "time": "Tue Nov 04 11:27:12 2014 +0100" }, "committer": { "name": "flintman", "email": "flintman@flintmancomputers.com", "time": "Mon Apr 27 08:02:58 2015 -0400" }, "message": "audit: keep inode pinned\n\ncommit 799b601451b21ebe7af0e6e8f6e2ccd4683c5064 upstream.\n\nAudit rules disappear when an inode they watch is evicted from the cache.\nThis is likely not what we want.\n\nThe guilty commit is \"fsnotify: allow marks to not pin inodes in core\",\nwhich didn\u0027t take into account that audit_tree adds watches with a zero\nmask.\n\nAdding any mask should fix this.\n\nFixes: 90b1e7a57880 (\"fsnotify: allow marks to not pin inodes in core\")\nSigned-off-by: Miklos Szeredi \u003cmszeredi@suse.cz\u003e\nSigned-off-by: Paul Moore \u003cpmoore@redhat.com\u003e\nSigned-off-by: Zefan Li \u003clizefan@huawei.com\u003e\n" }, { "commit": "e00f144c6a3d2ec291de866295d1256476ce0e50", "tree": "8b97af7300da242332be92c3021931a88536cd8b", "parents": [ "b20cb7eca2de47fabff3b77c4a4df8cbd20ccba3" ], "author": { "name": "Imre Deak", "email": "imre.deak@intel.com", "time": "Fri Oct 24 20:29:10 2014 +0300" }, "committer": { "name": "flintman", "email": "flintman@flintmancomputers.com", "time": "Mon Apr 27 08:02:08 2015 -0400" }, "message": "PM / Sleep: fix recovery during resuming from hibernation\n\ncommit 94fb823fcb4892614f57e59601bb9d4920f24711 upstream.\n\nIf a device\u0027s dev_pm_ops::freeze callback fails during the QUIESCE\nphase, we don\u0027t rollback things correctly calling the thaw and complete\ncallbacks. This could leave some devices in a suspended state in case of\nan error during resuming from hibernation.\n\nSigned-off-by: Imre Deak \u003cimre.deak@intel.com\u003e\nSigned-off-by: Rafael J. Wysocki \u003crafael.j.wysocki@intel.com\u003e\nSigned-off-by: Zefan Li \u003clizefan@huawei.com\u003e\n" }, { "commit": "b20cb7eca2de47fabff3b77c4a4df8cbd20ccba3", "tree": "462d53a60c3a4e63f3c644cab2b2b1a2a380eac3", "parents": [ "cabcd14c5d7ed7bd02ba1beccc940917e1ab411b" ], "author": { "name": "Brian Silverman", "email": "bsilver16384@gmail.com", "time": "Sat Oct 25 20:20:37 2014 -0400" }, "committer": { "name": "flintman", "email": "flintman@flintmancomputers.com", "time": "Mon Apr 27 08:02:07 2015 -0400" }, "message": "futex: Fix a race condition between REQUEUE_PI and task death\n\ncommit 30a6b8031fe14031ab27c1fa3483cb9780e7f63c upstream.\n\nfree_pi_state and exit_pi_state_list both clean up futex_pi_state\u0027s.\nexit_pi_state_list takes the hb lock first, and most callers of\nfree_pi_state do too. requeue_pi doesn\u0027t, which means free_pi_state\ncan free the pi_state out from under exit_pi_state_list. For example:\n\ntask A | task B\nexit_pi_state_list |\n pi_state \u003d |\n curr-\u003epi_state_list-\u003enext |\n | futex_requeue(requeue_pi\u003d1)\n | // pi_state is the same as\n | // the one in task A\n | free_pi_state(pi_state)\n | list_del_init(\u0026pi_state-\u003elist)\n | kfree(pi_state)\n list_del_init(\u0026pi_state-\u003elist) |\n\nMove the free_pi_state calls in requeue_pi to before it drops the hb\nlocks which it\u0027s already holding.\n\n[ tglx: Removed a pointless free_pi_state() call and the hb-\u003elock held\n \tdebugging. The latter comes via a seperate patch ]\n\nSigned-off-by: Brian Silverman \u003cbsilver16384@gmail.com\u003e\nCc: austin.linux@gmail.com\nCc: darren@dvhart.com\nCc: peterz@infradead.org\nLink: http://lkml.kernel.org/r/1414282837-23092-1-git-send-email-bsilver16384@gmail.com\nSigned-off-by: Thomas Gleixner \u003ctglx@linutronix.de\u003e\n[lizf: Backported to 3.4: adjust context]\nSigned-off-by: Zefan Li \u003clizefan@huawei.com\u003e\n" }, { "commit": "cabcd14c5d7ed7bd02ba1beccc940917e1ab411b", "tree": "993110fd2e1bd9a197a3cb88b5cd529cc3a9cb41", "parents": [ "7595599b74402915ee7bb9af9e4aaad7a22d87d7" ], "author": { "name": "Mathias Krause", "email": "minipli@googlemail.com", "time": "Sat Oct 04 23:06:39 2014 +0200" }, "committer": { "name": "flintman", "email": "flintman@flintmancomputers.com", "time": "Mon Apr 27 08:02:06 2015 -0400" }, "message": "posix-timers: Fix stack info leak in timer_create()\n\ncommit 6891c4509c792209c44ced55a60f13954cb50ef4 upstream.\n\nIf userland creates a timer without specifying a sigevent info, we\u0027ll\ncreate one ourself, using a stack local variable. Particularly will we\nuse the timer ID as sival_int. But as sigev_value is a union containing\na pointer and an int, that assignment will only partially initialize\nsigev_value on systems where the size of a pointer is bigger than the\nsize of an int. On such systems we\u0027ll copy the uninitialized stack bytes\nfrom the timer_create() call to userland when the timer actually fires\nand we\u0027re going to deliver the signal.\n\nInitialize sigev_value with 0 to plug the stack info leak.\n\nFound in the PaX patch, written by the PaX Team.\n\nFixes: 5a9fa7307285 (\"posix-timers: kill -\u003eit_sigev_signo and...\")\nSigned-off-by: Mathias Krause \u003cminipli@googlemail.com\u003e\nCc: Oleg Nesterov \u003coleg@redhat.com\u003e\nCc: Brad Spengler \u003cspender@grsecurity.net\u003e\nCc: PaX Team \u003cpageexec@freemail.hu\u003e\nLink: http://lkml.kernel.org/r/1412456799-32339-1-git-send-email-minipli@googlemail.com\nSigned-off-by: Thomas Gleixner \u003ctglx@linutronix.de\u003e\n[lizf: Backported to 3.4: adjust filename]\nSigned-off-by: Zefan Li \u003clizefan@huawei.com\u003e\n" }, { "commit": "ba0a7f5371dcd9dad0fccf31a47bcd0224307581", "tree": "447d1a1062ed46ec3be1dfd6cf9b3ab6ccb1dea1", "parents": [ "e6cb10b981a73a5063da9fe85f722c181c4cecaa" ], "author": { "name": "Michal Hocko", "email": "mhocko@suse.cz", "time": "Mon Oct 20 18:12:32 2014 +0200" }, "committer": { "name": "flintman", "email": "flintman@flintmancomputers.com", "time": "Mon Apr 27 08:01:36 2015 -0400" }, "message": "OOM, PM: OOM killed task shouldn\u0027t escape PM suspend\n\ncommit 5695be142e203167e3cb515ef86a88424f3524eb upstream.\n\nPM freezer relies on having all tasks frozen by the time devices are\ngetting frozen so that no task will touch them while they are getting\nfrozen. But OOM killer is allowed to kill an already frozen task in\norder to handle OOM situtation. In order to protect from late wake ups\nOOM killer is disabled after all tasks are frozen. This, however, still\nkeeps a window open when a killed task didn\u0027t manage to die by the time\nfreeze_processes finishes.\n\nReduce the race window by checking all tasks after OOM killer has been\ndisabled. This is still not race free completely unfortunately because\noom_killer_disable cannot stop an already ongoing OOM killer so a task\nmight still wake up from the fridge and get killed without\nfreeze_processes noticing. Full synchronization of OOM and freezer is,\nhowever, too heavy weight for this highly unlikely case.\n\nIntroduce and check oom_kills counter which gets incremented early when\nthe allocator enters __alloc_pages_may_oom path and only check all the\ntasks if the counter changes during the freezing attempt. The counter\nis updated so early to reduce the race window since allocator checked\noom_killer_disabled which is set by PM-freezing code. A false positive\nwill push the PM-freezer into a slow path but that is not a big deal.\n\nChanges since v1\n- push the re-check loop out of freeze_processes into\n check_frozen_processes and invert the condition to make the code more\n readable as per Rafael\n\nFixes: f660daac474c6f (oom: thaw threads if oom killed thread is frozen before deferring)\nSigned-off-by: Michal Hocko \u003cmhocko@suse.cz\u003e\nSigned-off-by: Rafael J. Wysocki \u003crafael.j.wysocki@intel.com\u003e\nSigned-off-by: Zefan Li \u003clizefan@huawei.com\u003e\n" }, { "commit": "e6cb10b981a73a5063da9fe85f722c181c4cecaa", "tree": "d6098fbf52bb07655e41fc5d824b150b2617f5ce", "parents": [ "119a6fdb9028a373bebde1a069957944fa142535" ], "author": { "name": "Oleg Nesterov", "email": "oleg@redhat.com", "time": "Tue Jan 21 15:49:56 2014 -0800" }, "committer": { "name": "flintman", "email": "flintman@flintmancomputers.com", "time": "Mon Apr 27 08:01:35 2015 -0400" }, "message": "introduce for_each_thread() to replace the buggy while_each_thread()\n\ncommit 0c740d0afc3bff0a097ad03a1c8df92757516f5c upstream.\n\nwhile_each_thread() and next_thread() should die, almost every lockless\nusage is wrong.\n\n1. Unless g \u003d\u003d current, the lockless while_each_thread() is not safe.\n\n while_each_thread(g, t) can loop forever if g exits, next_thread()\n can\u0027t reach the unhashed thread in this case. Note that this can\n happen even if g is the group leader, it can exec.\n\n2. Even if while_each_thread() itself was correct, people often use\n it wrongly.\n\n It was never safe to just take rcu_read_lock() and loop unless\n you verify that pid_alive(g) \u003d\u003d T, even the first next_thread()\n can point to the already freed/reused memory.\n\nThis patch adds signal_struct-\u003ethread_head and task-\u003ethread_node to\ncreate the normal rcu-safe list with the stable head. The new\nfor_each_thread(g, t) helper is always safe under rcu_read_lock() as\nlong as this task_struct can\u0027t go away.\n\nNote: of course it is ugly to have both task_struct-\u003ethread_node and the\nold task_struct-\u003ethread_group, we will kill it later, after we change\nthe users of while_each_thread() to use for_each_thread().\n\nPerhaps we can kill it even before we convert all users, we can\nreimplement next_thread(t) using the new thread_head/thread_node. But\nwe can\u0027t do this right now because this will lead to subtle behavioural\nchanges. For example, do/while_each_thread() always sees at least one\ntask, while for_each_thread() can do nothing if the whole thread group\nhas died. Or thread_group_empty(), currently its semantics is not clear\nunless thread_group_leader(p) and we need to audit the callers before we\ncan change it.\n\nSo this patch adds the new interface which has to coexist with the old\none for some time, hopefully the next changes will be more or less\nstraightforward and the old one will go away soon.\n\nSigned-off-by: Oleg Nesterov \u003coleg@redhat.com\u003e\nReviewed-by: Sergey Dyasly \u003cdserrg@gmail.com\u003e\nTested-by: Sergey Dyasly \u003cdserrg@gmail.com\u003e\nReviewed-by: Sameer Nanda \u003csnanda@chromium.org\u003e\nAcked-by: David Rientjes \u003crientjes@google.com\u003e\nCc: \"Eric W. Biederman\" \u003cebiederm@xmission.com\u003e\nCc: Frederic Weisbecker \u003cfweisbec@gmail.com\u003e\nCc: Mandeep Singh Baines \u003cmsb@chromium.org\u003e\nCc: \"Ma, Xindong\" \u003cxindong.ma@intel.com\u003e\nCc: Michal Hocko \u003cmhocko@suse.cz\u003e\nCc: \"Tu, Xiaobing\" \u003cxiaobing.tu@intel.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\nSigned-off-by: Zefan Li \u003clizefan@huawei.com\u003e\n" }, { "commit": "119a6fdb9028a373bebde1a069957944fa142535", "tree": "ae47a00d91b42c11535b8431669b8c21145e0f81", "parents": [ "6ea00e83be8463e0e9dfbf163a0383298d29b31c" ], "author": { "name": "Oleg Nesterov", "email": "oleg@redhat.com", "time": "Wed Jul 03 15:08:30 2013 -0700" }, "committer": { "name": "flintman", "email": "flintman@flintmancomputers.com", "time": "Mon Apr 27 08:01:34 2015 -0400" }, "message": "kernel/fork.c:copy_process(): unify CLONE_THREAD-or-thread_group_leader code\n\ncommit 80628ca06c5d42929de6bc22c0a41589a834d151 upstream.\n\nCleanup and preparation for the next changes.\n\nMove the \"if (clone_flags \u0026 CLONE_THREAD)\" code down under \"if\n(likely(p-\u003epid))\" and turn it into into the \"else\" branch. This makes the\nprocess/thread initialization more symmetrical and removes one check.\n\nSigned-off-by: Oleg Nesterov \u003coleg@redhat.com\u003e\nCc: \"Eric W. Biederman\" \u003cebiederm@xmission.com\u003e\nCc: Michal Hocko \u003cmhocko@suse.cz\u003e\nCc: Pavel Emelyanov \u003cxemul@parallels.com\u003e\nCc: Sergey Dyasly \u003cdserrg@gmail.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\nSigned-off-by: Zefan Li \u003clizefan@huawei.com\u003e\n" }, { "commit": "6ea00e83be8463e0e9dfbf163a0383298d29b31c", "tree": "b944d7bc830a313c13436e75622b223c0021df86", "parents": [ "5faeb0e6ad5decfb01e5800a493db1eb15c79be3" ], "author": { "name": "Cong Wang", "email": "xiyou.wangcong@gmail.com", "time": "Tue Oct 21 09:27:12 2014 +0200" }, "committer": { "name": "flintman", "email": "flintman@flintmancomputers.com", "time": "Mon Apr 27 08:01:33 2015 -0400" }, "message": "freezer: Do not freeze tasks killed by OOM killer\n\ncommit 51fae6da640edf9d266c94f36bc806c63c301991 upstream.\n\nSince f660daac474c6f (oom: thaw threads if oom killed thread is frozen\nbefore deferring) OOM killer relies on being able to thaw a frozen task\nto handle OOM situation but a3201227f803 (freezer: make freezing() test\nfreeze conditions in effect instead of TIF_FREEZE) has reorganized the\ncode and stopped clearing freeze flag in __thaw_task. This means that\nthe target task only wakes up and goes into the fridge again because the\nfreezing condition hasn\u0027t changed for it. This reintroduces the bug\nfixed by f660daac474c6f.\n\nFix the issue by checking for TIF_MEMDIE thread flag in\nfreezing_slow_path and exclude the task from freezing completely. If a\ntask was already frozen it would get woken by __thaw_task from OOM killer\nand get out of freezer after rechecking freezing().\n\nChanges since v1\n- put TIF_MEMDIE check into freezing_slowpath rather than in __refrigerator\n as per Oleg\n- return __thaw_task into oom_scan_process_thread because\n oom_kill_process will not wake task in the fridge because it is\n sleeping uninterruptible\n\n[mhocko@suse.cz: rewrote the changelog]\nFixes: a3201227f803 (freezer: make freezing() test freeze conditions in effect instead of TIF_FREEZE)\nSigned-off-by: Cong Wang \u003cxiyou.wangcong@gmail.com\u003e\nSigned-off-by: Michal Hocko \u003cmhocko@suse.cz\u003e\nAcked-by: Oleg Nesterov \u003coleg@redhat.com\u003e\nSigned-off-by: Rafael J. Wysocki \u003crafael.j.wysocki@intel.com\u003e\nSigned-off-by: Zefan Li \u003clizefan@huawei.com\u003e\n" }, { "commit": "97e5fd7684cbf63dccf9909fd0602bfa9537e9f0", "tree": "b661614077eb391ff58730188d6a30a56c3cbe2f", "parents": [ "61dedfa6a0d04c4efd7f67920bcfb48f2094a3fd" ], "author": { "name": "Catalin Marinas", "email": "catalin.marinas@arm.com", "time": "Fri Oct 17 17:38:49 2014 +0100" }, "committer": { "name": "flintman", "email": "flintman@flintmancomputers.com", "time": "Mon Apr 27 08:01:22 2015 -0400" }, "message": "futex: Ensure get_futex_key_refs() always implies a barrier\n\ncommit 76835b0ebf8a7fe85beb03c75121419a7dec52f0 upstream.\n\nCommit b0c29f79ecea (futexes: Avoid taking the hb-\u003elock if there\u0027s\nnothing to wake up) changes the futex code to avoid taking a lock when\nthere are no waiters. This code has been subsequently fixed in commit\n11d4616bd07f (futex: revert back to the explicit waiter counting code).\nBoth the original commit and the fix-up rely on get_futex_key_refs() to\nalways imply a barrier.\n\nHowever, for private futexes, none of the cases in the switch statement\nof get_futex_key_refs() would be hit and the function completes without\na memory barrier as required before checking the \"waiters\" in\nfutex_wake() -\u003e hb_waiters_pending(). The consequence is a race with a\nthread waiting on a futex on another CPU, allowing the waker thread to\nread \"waiters \u003d\u003d 0\" while the waiter thread to have read \"futex_val \u003d\u003d\nlocked\" (in kernel).\n\nWithout this fix, the problem (user space deadlocks) can be seen with\nAndroid bionic\u0027s mutex implementation on an arm64 multi-cluster system.\n\nSigned-off-by: Catalin Marinas \u003ccatalin.marinas@arm.com\u003e\nReported-by: Matteo Franchin \u003cMatteo.Franchin@arm.com\u003e\nFixes: b0c29f79ecea (futexes: Avoid taking the hb-\u003elock if there\u0027s nothing to wake up)\nAcked-by: Davidlohr Bueso \u003cdave@stgolabs.net\u003e\nTested-by: Mike Galbraith \u003cumgwanakikbuti@gmail.com\u003e\nCc: Darren Hart \u003cdvhart@linux.intel.com\u003e\nCc: Thomas Gleixner \u003ctglx@linutronix.de\u003e\nCc: Peter Zijlstra \u003cpeterz@infradead.org\u003e\nCc: Ingo Molnar \u003cmingo@kernel.org\u003e\nCc: Paul E. McKenney \u003cpaulmck@linux.vnet.ibm.com\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\nSigned-off-by: Zefan Li \u003clizefan@huawei.com\u003e\n" }, { "commit": "2fd850335c7e8e988ea935691590346ad2d7009e", "tree": "aaceae19915c5e23b769bde5ec29296f7dbb3fb3", "parents": [ "84c25087058c0dd06a0637091661ad4eda611b26" ], "author": { "name": "Biswajit Paul", "email": "biswajitpaul@codeaurora.org", "time": "Mon Feb 09 15:21:12 2015 -0800" }, "committer": { "name": "Gerrit - the friendly Code Review server", "email": "code-review@localhost", "time": "Wed Apr 08 22:36:02 2015 -0700" }, "message": "kernel: Restrict permissions of /proc/iomem.\n\nThe permissions of /proc/iomem currently are -r--r--r--. Everyone can\nsee its content. As iomem contains information about the physical memory\ncontent of the device, restrict the information only to root.\n\nChange-Id: If0be35c3fac5274151bea87b738a48e6ec0ae891\nCRs-Fixed: 786116\nSigned-off-by: Biswajit Paul \u003cbiswajitpaul@codeaurora.org\u003e\nSigned-off-by: Avijit Kanti Das \u003cavijitnsec@codeaurora.org\u003e\n" }, { "commit": "243729f3e390bffb1aa2df1aaa5bb75f4068b511", "tree": "1229e8490b3711ba00836c9771189e2092a192ed", "parents": [ "35fba952d771f175f86411c410d0dd1168d65058", "a8fa520aef7044c3366dc8eaa860624a3140a721" ], "author": { "name": "flintman", "email": "flintman@flintmancomputers.com", "time": "Wed Apr 01 07:02:12 2015 -0400" }, "committer": { "name": "flintman", "email": "flintman@flintmancomputers.com", "time": "Wed Apr 01 07:02:12 2015 -0400" }, "message": "Merge remote-tracking branch \u0027caf/LA.AF.1.1_rb1.16\u0027 into HEAD\n\nChange-Id: Ie75c99c9d2a4b007c4be935baaebb6b94a8a2ad2\n" }, { "commit": "1299461b625e97177d1f43fc536dfb2dfc9050fd", "tree": "25e34744ba621ca0ee9429f36a8ed5d4686adcfa", "parents": [ "10d4fe3d5d9c7fb96cef375b29bfd39fb636d624", "8f6a9070cd4f5b4b4947cbc4024dbd695394385d" ], "author": { "name": "flintman", "email": "flintman@flintmancomputers.com", "time": "Wed Mar 04 13:52:59 2015 -0500" }, "committer": { "name": "flintman", "email": "flintman@flintmancomputers.com", "time": "Wed Mar 04 13:52:59 2015 -0500" }, "message": "Merge remote-tracking branch \u0027cm/cm-12.0\u0027 into lollipop\n" }, { "commit": "b0e1b91999e3c60b1adf93f7e9c34db980b3e812", "tree": "c542ec66a91e69da4abb626bff38184322c67727", "parents": [ "1e83f6864febc1027394ed38e7a24af87a912528", "b4d27f2f2e68afea0fc828ba42f41b3efa231e42" ], "author": { "name": "Nick Reuter", "email": "nreuter85@gmail.com", "time": "Mon Mar 02 21:12:39 2015 -0600" }, "committer": { "name": "Nick Reuter", "email": "nreuter85@gmail.com", "time": "Mon Mar 02 21:13:53 2015 -0600" }, "message": "Merge remote-tracking branch \u0027cm/cm-12.0\u0027 into HEAD\n\nChange-Id: Ibcea3bd8608b82692494e87b5ff256a254807520\n" }, { "commit": "ca0555be8382799538e9b0be5fe30b40f748a25a", "tree": "6aab3924f42deefd1aaca8c95a47a0aaf1614c40", "parents": [ "4ddfcbdc464045e8cc317b2d2c1db3e396165b3a", "43d096c30db415f1b498757d25301d36c095c23f" ], "author": { "name": "Nick Reuter", "email": "nreuter85@gmail.com", "time": "Sat Feb 28 01:36:14 2015 -0600" }, "committer": { "name": "Nick Reuter", "email": "nreuter85@gmail.com", "time": "Sun Mar 01 17:26:09 2015 -0600" }, "message": "Merge remote-tracking branch \u0027caf/LA.AF.1.1_rb1.12\u0027 into HEAD\n\nChange-Id: I49228476e27022fc78d593550f3481c05e18ecca\n" }, { "commit": "600cbf8b9c94d32a465191dd0a3f07d5fa0d6d18", "tree": "b9e4ee6546deae1a03d83d54b9ced35d0ebce117", "parents": [ "16942c11bf89a29479a1539b463b69eb4a760319" ], "author": { "name": "Swetha Chikkaboraiah", "email": "schikk@codeaurora.org", "time": "Wed Sep 17 17:28:13 2014 +0530" }, "committer": { "name": "Gerrit - the friendly Code Review server", "email": "code-review@localhost", "time": "Tue Feb 10 01:59:54 2015 -0800" }, "message": "kernel: cgroup: protecting css_set object\n\nAccessing the css_set object should be protected with css_set_lock.\nNULL check is required before accesing object.\n\nCRs-fixed: 723762\nChange-Id: Ia3a0314a04419889d5002a8f2bf2c1fe9dfa3671\nSigned-off-by: Swetha Chikkaboraiah \u003cschikk@codeaurora.org\u003e\n" }, { "commit": "f91fb4efc70055073c75320b744f673057a3f135", "tree": "c2681fdc571917111f93c5463cc3f3f6017e4769", "parents": [ "b20ea6d3cf4ae8b8b146c7543dafed83aa262805" ], "author": { "name": "Gu Zheng", "email": "guz.fnst@cn.fujitsu.com", "time": "Wed Jun 25 09:57:18 2014 +0800" }, "committer": { "name": "flintman", "email": "flintman@flintmancomputers.com", "time": "Sat Jan 24 14:17:08 2015 -0500" }, "message": "cpuset,mempolicy: fix sleeping function called from invalid context\n\ncommit 391acf970d21219a2a5446282d3b20eace0c0d7a upstream.\n\nWhen runing with the kernel(3.15-rc7+), the follow bug occurs:\n[ 9969.258987] BUG: sleeping function called from invalid context at kernel/locking/mutex.c:586\n[ 9969.359906] in_atomic(): 1, irqs_disabled(): 0, pid: 160655, name: python\n[ 9969.441175] INFO: lockdep is turned off.\n[ 9969.488184] CPU: 26 PID: 160655 Comm: python Tainted: G A 3.15.0-rc7+ #85\n[ 9969.581032] Hardware name: FUJITSU-SV PRIMEQUEST 1800E/SB, BIOS PRIMEQUEST 1000 Series BIOS Version 1.39 11/16/2012\n[ 9969.706052] ffffffff81a20e60 ffff8803e941fbd0 ffffffff8162f523 ffff8803e941fd18\n[ 9969.795323] ffff8803e941fbe0 ffffffff8109995a ffff8803e941fc58 ffffffff81633e6c\n[ 9969.884710] ffffffff811ba5dc ffff880405c6b480 ffff88041fdd90a0 0000000000002000\n[ 9969.974071] Call Trace:\n[ 9970.003403] [\u003cffffffff8162f523\u003e] dump_stack+0x4d/0x66\n[ 9970.065074] [\u003cffffffff8109995a\u003e] __might_sleep+0xfa/0x130\n[ 9970.130743] [\u003cffffffff81633e6c\u003e] mutex_lock_nested+0x3c/0x4f0\n[ 9970.200638] [\u003cffffffff811ba5dc\u003e] ? kmem_cache_alloc+0x1bc/0x210\n[ 9970.272610] [\u003cffffffff81105807\u003e] cpuset_mems_allowed+0x27/0x140\n[ 9970.344584] [\u003cffffffff811b1303\u003e] ? __mpol_dup+0x63/0x150\n[ 9970.409282] [\u003cffffffff811b1385\u003e] __mpol_dup+0xe5/0x150\n[ 9970.471897] [\u003cffffffff811b1303\u003e] ? __mpol_dup+0x63/0x150\n[ 9970.536585] [\u003cffffffff81068c86\u003e] ? copy_process.part.23+0x606/0x1d40\n[ 9970.613763] [\u003cffffffff810bf28d\u003e] ? trace_hardirqs_on+0xd/0x10\n[ 9970.683660] [\u003cffffffff810ddddf\u003e] ? monotonic_to_bootbased+0x2f/0x50\n[ 9970.759795] [\u003cffffffff81068cf0\u003e] copy_process.part.23+0x670/0x1d40\n[ 9970.834885] [\u003cffffffff8106a598\u003e] do_fork+0xd8/0x380\n[ 9970.894375] [\u003cffffffff81110e4c\u003e] ? __audit_syscall_entry+0x9c/0xf0\n[ 9970.969470] [\u003cffffffff8106a8c6\u003e] SyS_clone+0x16/0x20\n[ 9971.030011] [\u003cffffffff81642009\u003e] stub_clone+0x69/0x90\n[ 9971.091573] [\u003cffffffff81641c29\u003e] ? system_call_fastpath+0x16/0x1b\n\nThe cause is that cpuset_mems_allowed() try to take\nmutex_lock(\u0026callback_mutex) under the rcu_read_lock(which was hold in\n__mpol_dup()). And in cpuset_mems_allowed(), the access to cpuset is\nunder rcu_read_lock, so in __mpol_dup, we can reduce the rcu_read_lock\nprotection region to protect the access to cpuset only in\ncurrent_cpuset_is_being_rebound(). So that we can avoid this bug.\n\nThis patch is a temporary solution that just addresses the bug\nmentioned above, can not fix the long-standing issue about cpuset.mems\nrebinding on fork():\n\n\"When the forker\u0027s task_struct is duplicated (which includes\n -\u003emems_allowed) and it races with an update to cpuset_being_rebound\n in update_tasks_nodemask() then the task\u0027s mems_allowed doesn\u0027t get\n updated. And the child task\u0027s mems_allowed can be wrong if the\n cpuset\u0027s nodemask changes before the child has been added to the\n cgroup\u0027s tasklist.\"\n\nSigned-off-by: Gu Zheng \u003cguz.fnst@cn.fujitsu.com\u003e\nAcked-by: Li Zefan \u003clizefan@huawei.com\u003e\nSigned-off-by: Tejun Heo \u003ctj@kernel.org\u003e\nSigned-off-by: Greg Kroah-Hartman \u003cgregkh@linuxfoundation.org\u003e\n" }, { "commit": "1097d78180e1a2916c2bcdb15cb90ba131af9cd8", "tree": "5910f8fc0dcb85c71011ccccee18895769699390", "parents": [ "3ded4adc97887ddde3c1855f29f062e015d19425", "7fd7a446b1c2b96252e4389746e5419eae04faef" ], "author": { "name": "Paul", "email": "javelinanddart@gmail.com", "time": "Sun Jan 11 17:15:40 2015 -0800" }, "committer": { "name": "Ethan Chen", "email": "intervigil@gmail.com", "time": "Sun Jan 11 17:20:45 2015 -0800" }, "message": "Merge tag \u0027v3.4.105\u0027 into cm-12.0\n\nThis is the 3.4.105 stable release\n\nConflicts:\n\tarch/arm/mm/proc-v7.S\n\tdrivers/bluetooth/hci_ldisc.c\n\tdrivers/media/dvb/dvb-core/dmxdev.c\n\tdrivers/usb/core/driver.c\n\tdrivers/usb/dwc3/core.c\n\tdrivers/usb/host/xhci-hub.c\n\tdrivers/usb/host/xhci.c\n\tdrivers/usb/serial/qcserial.c\n\tdrivers/usb/serial/usb_wwan.c\n\tkernel/events/core.c\n\tkernel/time/tick-sched.ck\n\tkernel/futex.c\n\tmm/memory_hotplug.c\n\tmm/vmscan.c\n\tnet/bluetooth/hci_conn.c\n\tnet/bluetooth/hci_event.c\n\tnet/bluetooth/l2cap_core.c\n\tnet/ipv4/ping.c\n\tnet/wireless/nl80211.c\n\tsound/soc/soc-core.c\n\nChange-Id: Id09da84afb427ba1a32ff26e74f2bb86458d4a2e\n" }, { "commit": "9bf75dffc07ea6b5e19251880b8dcf0debdbbccc", "tree": "329bb5327b7e523ed2812dc6679b035f594f69f5", "parents": [ "74cfe2dcc0f4b17f9abbabf349e33c39a260987e" ], "author": { "name": "Andy Lutomirski", "email": "luto@amacapital.net", "time": "Thu Apr 12 16:47:50 2012 -0500" }, "committer": { "name": "Ethan Chen", "email": "intervigil@gmail.com", "time": "Tue Dec 16 13:18:02 2014 -0800" }, "message": "Add PR_{GET,SET}_NO_NEW_PRIVS to prevent execve from granting privs\n\nWith this change, calling\n prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0)\ndisables privilege granting operations at execve-time. For example, a\nprocess will not be able to execute a setuid binary to change their uid\nor gid if this bit is set. The same is true for file capabilities.\n\nAdditionally, LSM_UNSAFE_NO_NEW_PRIVS is defined to ensure that\nLSMs respect the requested behavior.\n\nTo determine if the NO_NEW_PRIVS bit is set, a task may call\n prctl(PR_GET_NO_NEW_PRIVS, 0, 0, 0, 0);\nIt returns 1 if set and 0 if it is not set. If any of the arguments are\nnon-zero, it will return -1 and set errno to -EINVAL.\n(PR_SET_NO_NEW_PRIVS behaves similarly.)\n\nThis functionality is desired for the proposed seccomp filter patch\nseries. By using PR_SET_NO_NEW_PRIVS, it allows a task to modify the\nsystem call behavior for itself and its child tasks without being\nable to impact the behavior of a more privileged task.\n\nAnother potential use is making certain privileged operations\nunprivileged. For example, chroot may be considered \"safe\" if it cannot\naffect privileged tasks.\n\nNote, this patch causes execve to fail when PR_SET_NO_NEW_PRIVS is\nset and AppArmor is in use. It is fixed in a subsequent patch.\n\nSigned-off-by: Andy Lutomirski \u003cluto@amacapital.net\u003e\nSigned-off-by: Will Drewry \u003cwad@chromium.org\u003e\nAcked-by: Eric Paris \u003ceparis@redhat.com\u003e\nAcked-by: Kees Cook \u003ckeescook@chromium.org\u003e\n\nChange-Id: I2159006d20daefe6add5adc47c22bdbcd7d79e3a\nv18: updated change desc\nv17: using new define values as per 3.4\nSigned-off-by: James Morris \u003cjames.l.morris@oracle.com\u003e\n" }, { "commit": "2f1eef27008bd0abf9879e51a74fb9d0418634e8", "tree": "363bbc5f67cd1ec1305010bd0a32e7f7093b8746", "parents": [ "69724a603fc759242348f931068b97c6634e40f9" ], "author": { "name": "Pawel Moll", "email": "pawel.moll@arm.com", "time": "Fri Jun 13 16:03:32 2014 +0100" }, "committer": { "name": "Zefan Li", "email": "lizefan@huawei.com", "time": "Mon Dec 01 18:02:42 2014 +0800" }, "message": "perf: Handle compat ioctl\n\ncommit b3f207855f57b9c8f43a547a801340bb5cbc59e5 upstream.\n\nWhen running a 32-bit userspace on a 64-bit kernel (eg. i386\napplication on x86_64 kernel or 32-bit arm userspace on arm64\nkernel) some of the perf ioctls must be treated with special\ncare, as they have a pointer size encoded in the command.\n\nFor example, PERF_EVENT_IOC_ID in 32-bit world will be encoded\nas 0x80042407, but 64-bit kernel will expect 0x80082407. In\nresult the ioctl will fail returning -ENOTTY.\n\nThis patch solves the problem by adding code fixing up the\nsize as compat_ioctl file operation.\n\nReported-by: Drew Richardson \u003cdrew.richardson@arm.com\u003e\nSigned-off-by: Pawel Moll \u003cpawel.moll@arm.com\u003e\nSigned-off-by: Peter Zijlstra \u003cpeterz@infradead.org\u003e\nCc: Arnaldo Carvalho de Melo \u003cacme@kernel.org\u003e\nCc: Jiri Olsa \u003cjolsa@redhat.com\u003e\nLink: http://lkml.kernel.org/r/1402671812-9078-1-git-send-email-pawel.moll@arm.com\nSigned-off-by: Ingo Molnar \u003cmingo@kernel.org\u003e\nCc: David Ahern \u003cdsahern@gmail.com\u003e\n[lizf: Backported to 3.4 by David Ahern]\nSigned-off-by: Zefan Li \u003clizefan@huawei.com\u003e\n" }, { "commit": "232beb6ef710cf53def84d01276f59766b62756e", "tree": "25de72e5898ba09f9a0ad97743e1aa47f8f3df18", "parents": [ "ea38cd4170bdf0aa767d04df8363d08d5cc45dd2" ], "author": { "name": "Peter Zijlstra", "email": "peterz@infradead.org", "time": "Thu Oct 02 16:17:02 2014 -0700" }, "committer": { "name": "Zefan Li", "email": "lizefan@huawei.com", "time": "Mon Dec 01 18:02:40 2014 +0800" }, "message": "perf: fix perf bug in fork()\n\ncommit 6c72e3501d0d62fc064d3680e5234f3463ec5a86 upstream.\n\nOleg noticed that a cleanup by Sylvain actually uncovered a bug; by\ncalling perf_event_free_task() when failing sched_fork() we will not yet\nhave done the memset() on -\u003eperf_event_ctxp[] and will therefore try and\n\u0027free\u0027 the inherited contexts, which are still in use by the parent\nprocess. This is bad..\n\nSuggested-by: Oleg Nesterov \u003coleg@redhat.com\u003e\nReported-by: Oleg Nesterov \u003coleg@redhat.com\u003e\nReported-by: Sylvain \u0027ythier\u0027 Hitier \u003csylvain.hitier@gmail.com\u003e\nSigned-off-by: Peter Zijlstra (Intel) \u003cpeterz@infradead.org\u003e\nCc: Ingo Molnar \u003cmingo@kernel.org\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\nSigned-off-by: Zefan Li \u003clizefan@huawei.com\u003e\n" }, { "commit": "4fae6ccac642aa30d189dea30ef14306aad4d2d2", "tree": "f4277880c2438c5ef039b4a88d818555150799f9", "parents": [ "699c06b386d592bede77d5a28ed1637c80ab99c0" ], "author": { "name": "Zefan Li", "email": "lizefan@huawei.com", "time": "Thu Sep 25 09:41:02 2014 +0800" }, "committer": { "name": "Zefan Li", "email": "lizefan@huawei.com", "time": "Mon Dec 01 18:02:38 2014 +0800" }, "message": "cpuset: PF_SPREAD_PAGE and PF_SPREAD_SLAB should be atomic flags\n\ncommit 2ad654bc5e2b211e92f66da1d819e47d79a866f0 upstream.\n\nWhen we change cpuset.memory_spread_{page,slab}, cpuset will flip\nPF_SPREAD_{PAGE,SLAB} bit of tsk-\u003eflags for each task in that cpuset.\nThis should be done using atomic bitops, but currently we don\u0027t,\nwhich is broken.\n\nTetsuo reported a hard-to-reproduce kernel crash on RHEL6, which happened\nwhen one thread tried to clear PF_USED_MATH while at the same time another\nthread tried to flip PF_SPREAD_PAGE/PF_SPREAD_SLAB. They both operate on\nthe same task.\n\nHere\u0027s the full report:\nhttps://lkml.org/lkml/2014/9/19/230\n\nTo fix this, we make PF_SPREAD_PAGE and PF_SPREAD_SLAB atomic flags.\n\nv4:\n- updated mm/slab.c. (Fengguang Wu)\n- updated Documentation.\n\nCc: Peter Zijlstra \u003cpeterz@infradead.org\u003e\nCc: Ingo Molnar \u003cmingo@kernel.org\u003e\nCc: Miao Xie \u003cmiaox@cn.fujitsu.com\u003e\nCc: Kees Cook \u003ckeescook@chromium.org\u003e\nFixes: 950592f7b991 (\"cpusets: update tasks\u0027 page/slab spread flags in time\")\nReported-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: Zefan Li \u003clizefan@huawei.com\u003e\nSigned-off-by: Tejun Heo \u003ctj@kernel.org\u003e\n[lizf: Backported to 3.4:\n - adjust context\n - check current-\u003eflags \u0026 PF_MEMPOLICY rather than current-\u003emempolicy]\n" }, { "commit": "1f8f277312d81d9412ec94bec8ab1ba0dce0bf05", "tree": "8e03c5bb56e719859f858c5c00387e20491daf97", "parents": [ "cf33e82d6b78b8ada9ee06809440a62adcb16021" ], "author": { "name": "Cong Wang", "email": "cwang@twopensource.com", "time": "Tue Sep 02 15:27:20 2014 -0700" }, "committer": { "name": "Zefan Li", "email": "lizefan@huawei.com", "time": "Mon Dec 01 18:02:32 2014 +0800" }, "message": "perf: Fix a race condition in perf_remove_from_context()\n\ncommit 3577af70a2ce4853d58e57d832e687d739281479 upstream.\n\nWe saw a kernel soft lockup in perf_remove_from_context(),\nit looks like the `perf` process, when exiting, could not go\nout of the retry loop. Meanwhile, the target process was forking\na child. So either the target process should execute the smp\nfunction call to deactive the event (if it was running) or it should\ndo a context switch which deactives the event.\n\nIt seems we optimize out a context switch in perf_event_context_sched_out(),\nand what\u0027s more important, we still test an obsolete task pointer when\nretrying, so no one actually would deactive that event in this situation.\nFix it directly by reloading the task pointer in perf_remove_from_context().\n\nThis should cure the above soft lockup.\n\nSigned-off-by: Cong Wang \u003ccwang@twopensource.com\u003e\nSigned-off-by: Cong Wang \u003cxiyou.wangcong@gmail.com\u003e\nSigned-off-by: Peter Zijlstra \u003cpeterz@infradead.org\u003e\nCc: Paul Mackerras \u003cpaulus@samba.org\u003e\nCc: Arnaldo Carvalho de Melo \u003cacme@kernel.org\u003e\nCc: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\nLink: http://lkml.kernel.org/r/1409696840-843-1-git-send-email-xiyou.wangcong@gmail.com\nSigned-off-by: Ingo Molnar \u003cmingo@kernel.org\u003e\nSigned-off-by: Zefan Li \u003clizefan@huawei.com\u003e\n" }, { "commit": "49d4f0197912461fb2939ca51521b47655b04b11", "tree": "c9fbeb1f40c7e05498e157a4d6a2846d68750306", "parents": [ "a90ec2a8bbd22a90dfdb5ca1b294c900226b7ff8" ], "author": { "name": "Andrew Hunter", "email": "ahh@google.com", "time": "Thu Sep 04 14:17:16 2014 -0700" }, "committer": { "name": "Zefan Li", "email": "lizefan@huawei.com", "time": "Mon Dec 01 18:02:32 2014 +0800" }, "message": "jiffies: Fix timeval conversion to jiffies\n\ncommit d78c9300c51d6ceed9f6d078d4e9366f259de28c upstream.\n\ntimeval_to_jiffies tried to round a timeval up to an integral number\nof jiffies, but the logic for doing so was incorrect: intervals\ncorresponding to exactly N jiffies would become N+1. This manifested\nitself particularly repeatedly stopping/starting an itimer:\n\nsetitimer(ITIMER_PROF, \u0026val, NULL);\nsetitimer(ITIMER_PROF, NULL, \u0026val);\n\nwould add a full tick to val, _even if it was exactly representable in\nterms of jiffies_ (say, the result of a previous rounding.) Doing\nthis repeatedly would cause unbounded growth in val. So fix the math.\n\nHere\u0027s what was wrong with the conversion: we essentially computed\n(eliding seconds)\n\njiffies \u003d usec * (NSEC_PER_USEC/TICK_NSEC)\n\nby using scaling arithmetic, which took the best approximation of\nNSEC_PER_USEC/TICK_NSEC with denominator of 2^USEC_JIFFIE_SC \u003d\nx/(2^USEC_JIFFIE_SC), and computed:\n\njiffies \u003d (usec * x) \u003e\u003e USEC_JIFFIE_SC\n\nand rounded this calculation up in the intermediate form (since we\ncan\u0027t necessarily exactly represent TICK_NSEC in usec.) But the\nscaling arithmetic is a (very slight) *over*approximation of the true\nvalue; that is, instead of dividing by (1 usec/ 1 jiffie), we\neffectively divided by (1 usec/1 jiffie)-epsilon (rounding\ndown). This would normally be fine, but we want to round timeouts up,\nand we did so by adding 2^USEC_JIFFIE_SC - 1 before the shift; this\nwould be fine if our division was exact, but dividing this by the\nslightly smaller factor was equivalent to adding just _over_ 1 to the\nfinal result (instead of just _under_ 1, as desired.)\n\nIn particular, with HZ\u003d1000, we consistently computed that 10000 usec\nwas 11 jiffies; the same was true for any exact multiple of\nTICK_NSEC.\n\nWe could possibly still round in the intermediate form, adding\nsomething less than 2^USEC_JIFFIE_SC - 1, but easier still is to\nconvert usec-\u003ensec, round in nanoseconds, and then convert using\ntime*spec*_to_jiffies. This adds one constant multiplication, and is\nnot observably slower in microbenchmarks on recent x86 hardware.\n\nTested: the following program:\n\nint main() {\n struct itimerval zero \u003d {{0, 0}, {0, 0}};\n /* Initially set to 10 ms. */\n struct itimerval initial \u003d zero;\n initial.it_interval.tv_usec \u003d 10000;\n setitimer(ITIMER_PROF, \u0026initial, NULL);\n /* Save and restore several times. */\n for (size_t i \u003d 0; i \u003c 10; ++i) {\n struct itimerval prev;\n setitimer(ITIMER_PROF, \u0026zero, \u0026prev);\n /* on old kernels, this goes up by TICK_USEC every iteration */\n printf(\"previous value: %ld %ld %ld %ld\\n\",\n prev.it_interval.tv_sec, prev.it_interval.tv_usec,\n prev.it_value.tv_sec, prev.it_value.tv_usec);\n setitimer(ITIMER_PROF, \u0026prev, NULL);\n }\n return 0;\n}\n\nCc: Thomas Gleixner \u003ctglx@linutronix.de\u003e\nCc: Ingo Molnar \u003cmingo@redhat.com\u003e\nCc: Paul Turner \u003cpjt@google.com\u003e\nCc: Richard Cochran \u003crichardcochran@gmail.com\u003e\nCc: Prarit Bhargava \u003cprarit@redhat.com\u003e\nReviewed-by: Paul Turner \u003cpjt@google.com\u003e\nReported-by: Aaron Jacobs \u003cjacobsa@google.com\u003e\nSigned-off-by: Andrew Hunter \u003cahh@google.com\u003e\n[jstultz: Tweaked to apply to 3.17-rc]\nSigned-off-by: John Stultz \u003cjohn.stultz@linaro.org\u003e\n[lizf: Backported to 3.4: adjust filename]\nSigned-off-by: Zefan Li \u003clizefan@huawei.com\u003e\n" }, { "commit": "e06503426ebc296f1ae67bfd4733afadb69076cb", "tree": "f2830b94df6dca8837d91a538787dc6120d07c51", "parents": [ "b114657d1e55a0484bcfdb3f3b946f96bb2f80e7" ], "author": { "name": "Richard Larocque", "email": "rlarocque@google.com", "time": "Tue Sep 09 18:31:05 2014 -0700" }, "committer": { "name": "Zefan Li", "email": "lizefan@huawei.com", "time": "Mon Dec 01 18:02:31 2014 +0800" }, "message": "alarmtimer: Lock k_itimer during timer callback\n\ncommit 474e941bed9262f5fa2394f9a4a67e24499e5926 upstream.\n\nLocks the k_itimer\u0027s it_lock member when handling the alarm timer\u0027s\nexpiry callback.\n\nThe regular posix timers defined in posix-timers.c have this lock held\nduring timout processing because their callbacks are routed through\nposix_timer_fn(). The alarm timers follow a different path, so they\nought to grab the lock somewhere else.\n\nCc: Thomas Gleixner \u003ctglx@linutronix.de\u003e\nCc: Ingo Molnar \u003cmingo@kernel.org\u003e\nCc: Richard Cochran \u003crichardcochran@gmail.com\u003e\nCc: Prarit Bhargava \u003cprarit@redhat.com\u003e\nCc: Sharvil Nanavati \u003csharvil@google.com\u003e\nSigned-off-by: Richard Larocque \u003crlarocque@google.com\u003e\nSigned-off-by: John Stultz \u003cjohn.stultz@linaro.org\u003e\nSigned-off-by: Zefan Li \u003clizefan@huawei.com\u003e\n" }, { "commit": "b114657d1e55a0484bcfdb3f3b946f96bb2f80e7", "tree": "b2e1e5035bb4dd5ecf74f3513241c2478a36df87", "parents": [ "7ccf24be49f1020e408ee27a3714d41590009422" ], "author": { "name": "Richard Larocque", "email": "rlarocque@google.com", "time": "Tue Sep 09 18:31:04 2014 -0700" }, "committer": { "name": "Zefan Li", "email": "lizefan@huawei.com", "time": "Mon Dec 01 18:02:31 2014 +0800" }, "message": "alarmtimer: Do not signal SIGEV_NONE timers\n\ncommit 265b81d23a46c39df0a735a3af4238954b41a4c2 upstream.\n\nAvoids sending a signal to alarm timers created with sigev_notify set to\nSIGEV_NONE by checking for that special case in the timeout callback.\n\nThe regular posix timers avoid sending signals to SIGEV_NONE timers by\nnot scheduling any callbacks for them in the first place. Although it\nwould be possible to do something similar for alarm timers, it\u0027s simpler\nto handle this as a special case in the timeout.\n\nPrior to this patch, the alarm timer would ignore the sigev_notify value\nand try to deliver signals to the process anyway. Even worse, the\nsanity check for the value of sigev_signo is skipped when SIGEV_NONE was\nspecified, so the signal number could be bogus. If sigev_signo was an\nunitialized value (as it often would be if SIGEV_NONE is used), then\nit\u0027s hard to predict which signal will be sent.\n\nCc: Thomas Gleixner \u003ctglx@linutronix.de\u003e\nCc: Ingo Molnar \u003cmingo@kernel.org\u003e\nCc: Richard Cochran \u003crichardcochran@gmail.com\u003e\nCc: Prarit Bhargava \u003cprarit@redhat.com\u003e\nCc: Sharvil Nanavati \u003csharvil@google.com\u003e\nSigned-off-by: Richard Larocque \u003crlarocque@google.com\u003e\nSigned-off-by: John Stultz \u003cjohn.stultz@linaro.org\u003e\nSigned-off-by: Zefan Li \u003clizefan@huawei.com\u003e\n" }, { "commit": "7ccf24be49f1020e408ee27a3714d41590009422", "tree": "c16f56adfb93c06a50e0b45a3bc77b60d9473d20", "parents": [ "40ee8d0faf83eb55d4829796a28dacf48519caec" ], "author": { "name": "Richard Larocque", "email": "rlarocque@google.com", "time": "Tue Sep 09 18:31:03 2014 -0700" }, "committer": { "name": "Zefan Li", "email": "lizefan@huawei.com", "time": "Mon Dec 01 18:02:31 2014 +0800" }, "message": "alarmtimer: Return relative times in timer_gettime\n\ncommit e86fea764991e00a03ff1e56409ec9cacdbda4c9 upstream.\n\nReturns the time remaining for an alarm timer, rather than the time at\nwhich it is scheduled to expire. If the timer has already expired or it\nis not currently scheduled, the it_value\u0027s members are set to zero.\n\nThis new behavior matches that of the other posix-timers and the POSIX\nspecifications.\n\nThis is a change in user-visible behavior, and may break existing\napplications. Hopefully, few users rely on the old incorrect behavior.\n\nCc: Thomas Gleixner \u003ctglx@linutronix.de\u003e\nCc: Ingo Molnar \u003cmingo@kernel.org\u003e\nCc: Richard Cochran \u003crichardcochran@gmail.com\u003e\nCc: Prarit Bhargava \u003cprarit@redhat.com\u003e\nCc: Sharvil Nanavati \u003csharvil@google.com\u003e\nSigned-off-by: Richard Larocque \u003crlarocque@google.com\u003e\n[jstultz: minor style tweak]\nSigned-off-by: John Stultz \u003cjohn.stultz@linaro.org\u003e\n[lizf: Backported to 3.4:\n - add alarm_expires_remaining() introduced by commit 6cffe00f7d4e]\nSigned-off-by: Zefan Li \u003clizefan@huawei.com\u003e\n" }, { "commit": "40ee8d0faf83eb55d4829796a28dacf48519caec", "tree": "0395a72bf583d469f1a2552716faf0dc7841b0dc", "parents": [ "e393942b1628770467481935738fd214566fe7bb" ], "author": { "name": "Thomas Gleixner", "email": "tglx@linutronix.de", "time": "Thu Sep 11 23:44:35 2014 +0200" }, "committer": { "name": "Zefan Li", "email": "lizefan@huawei.com", "time": "Mon Dec 01 18:02:30 2014 +0800" }, "message": "futex: Unlock hb-\u003elock in futex_wait_requeue_pi() error path\n\ncommit 13c42c2f43b19aab3195f2d357db00d1e885eaa8 upstream.\n\nfutex_wait_requeue_pi() calls futex_wait_setup(). If\nfutex_wait_setup() succeeds it returns with hb-\u003elock held and\npreemption disabled. Now the sanity check after this does:\n\n if (match_futex(\u0026q.key, \u0026key2)) {\n\t \tret \u003d -EINVAL;\n\t\tgoto out_put_keys;\n\t}\n\nwhich releases the keys but does not release hb-\u003elock.\n\nSo we happily return to user space with hb-\u003elock held and therefor\npreemption disabled.\n\nUnlock hb-\u003elock before taking the exit route.\n\nReported-by: Dave \"Trinity\" Jones \u003cdavej@redhat.com\u003e\nSigned-off-by: Thomas Gleixner \u003ctglx@linutronix.de\u003e\nReviewed-by: Darren Hart \u003cdvhart@linux.intel.com\u003e\nReviewed-by: Davidlohr Bueso \u003cdave@stgolabs.net\u003e\nCc: Peter Zijlstra \u003ca.p.zijlstra@chello.nl\u003e\nLink: http://lkml.kernel.org/r/alpine.DEB.2.10.1409112318500.4178@nanos\nSigned-off-by: Thomas Gleixner \u003ctglx@linutronix.de\u003e\n[lizf: Backported to 3.4: queue_unlock() takes two parameters]\nSigned-off-by: Zefan Li \u003clizefan@huawei.com\u003e\n" }, { "commit": "a48fec2f276f8003fb8098df892ea3acb5d7149a", "tree": "f9215afbe8d73833a7c5eaba2f6dc54ed4b8f96c", "parents": [ "c16060dfda1c8418a9e638b79f5d2101b482e89f" ], "author": { "name": "Alban Crequy", "email": "alban.crequy@collabora.co.uk", "time": "Mon Aug 18 12:20:20 2014 +0100" }, "committer": { "name": "Zefan Li", "email": "lizefan@huawei.com", "time": "Mon Dec 01 18:02:23 2014 +0800" }, "message": "cgroup: reject cgroup names with \u0027 \u0027\n\ncommit 71b1fb5c4473a5b1e601d41b109bdfe001ec82e0 upstream.\n\n/proc/\u003cpid\u003e/cgroup contains one cgroup path on each line. If cgroup names are\nallowed to contain \"\\n\", applications cannot parse /proc/\u003cpid\u003e/cgroup safely.\n\nSigned-off-by: Alban Crequy \u003calban.crequy@collabora.co.uk\u003e\nSigned-off-by: Tejun Heo \u003ctj@kernel.org\u003e\n[lizf: Backported to 3.4:\n - adjust context\n - s/name/dentry-\u003ed_name.name/]\nSigned-off-by: Zefan Li \u003clizefan@huawei.com\u003e\n" }, { "commit": "fbd233a6c87f5d9bb283478368acef4eed640dfe", "tree": "7f48342c2eb554d6808c1a578738921f11c07c83", "parents": [ "3f4e8ec4e77f658b86f2bc395ca50c5febb3e823" ], "author": { "name": "Rabin Vincent", "email": "rabin@rab.in", "time": "Wed Oct 29 23:06:58 2014 +0100" }, "committer": { "name": "flintman", "email": "flintman@flintmancomputers.com", "time": "Wed Nov 12 17:50:20 2014 -0500" }, "message": "tracing/syscalls: Ignore numbers outside NR_syscalls\u0027 range\n\nARM has some private syscalls (for example, set_tls(2)) which lie\noutside the range of NR_syscalls. If any of these are called while\nsyscall tracing is being performed, out-of-bounds array access will\noccur in the ftrace and perf sys_{enter,exit} handlers.\n\n # trace-cmd record -e raw_syscalls:* true \u0026\u0026 trace-cmd report\n ...\n true-653 [000] 384.675777: sys_enter: NR 192 (0, 1000, 3, 4000022, ffffffff, 0)\n true-653 [000] 384.675812: sys_exit: NR 192 \u003d 1995915264\n true-653 [000] 384.675971: sys_enter: NR 983045 (76f74480, 76f74000, 76f74b28, 76f74480, 76f76f74, 1)\n true-653 [000] 384.675988: sys_exit: NR 983045 \u003d 0\n ...\n\n # trace-cmd record -e syscalls:* true\n [ 17.289329] Unable to handle kernel paging request at virtual address aaaaaace\n [ 17.289590] pgd \u003d 9e71c000\n [ 17.289696] [aaaaaace] *pgd\u003d00000000\n [ 17.289985] Internal error: Oops: 5 [#1] PREEMPT SMP ARM\n [ 17.290169] Modules linked in:\n [ 17.290391] CPU: 0 PID: 704 Comm: true Not tainted 3.18.0-rc2+ #21\n [ 17.290585] task: 9f4dab00 ti: 9e710000 task.ti: 9e710000\n [ 17.290747] PC is at ftrace_syscall_enter+0x48/0x1f8\n [ 17.290866] LR is at syscall_trace_enter+0x124/0x184\n\nFix this by ignoring out-of-NR_syscalls-bounds syscall numbers.\n\nCommit cd0980fc8add \"tracing: Check invalid syscall nr while tracing syscalls\"\nadded the check for less than zero, but it should have also checked\nfor greater than NR_syscalls.\n\nLink: http://lkml.kernel.org/p/1414620418-29472-1-git-send-email-rabin@rab.in\n\nChange-Id: Ic7ab546938e4655d73791d4cf371ffd9244c3e4d\nFixes: cd0980fc8add \"tracing: Check invalid syscall nr while tracing syscalls\"\nCc: stable@vger.kernel.org # 2.6.33+\nSigned-off-by: Rabin Vincent \u003crabin@rab.in\u003e\nSigned-off-by: Steven Rostedt \u003crostedt@goodmis.org\u003e\n" }, { "commit": "3f4e8ec4e77f658b86f2bc395ca50c5febb3e823", "tree": "cf1bfa1691aac0bc3dae315d021eba69a3996ffa", "parents": [ "2a319332e2b7ee32e2ce86632ae6cc542ff833ff" ], "author": { "name": "Will Deacon", "email": "will.deacon@arm.com", "time": "Thu Aug 16 18:14:14 2012 +0100" }, "committer": { "name": "flintman", "email": "flintman@flintmancomputers.com", "time": "Wed Nov 12 17:50:11 2014 -0500" }, "message": "tracing/syscalls: Fix perf syscall tracing when syscall_nr \u003d\u003d -1\n\nsyscall_get_nr can return -1 in the case that the task is not executing\na system call.\n\nThis patch fixes perf_syscall_{enter,exit} to check that the syscall\nnumber is valid before using it as an index into a bitmap.\n\nLink: http://lkml.kernel.org/r/1345137254-7377-1-git-send-email-will.deacon@arm.com\n\nChange-Id: I12f99dea41390b9631f98f925dc1d572aa4fc22d\nCc: Jason Baron \u003cjbaron@redhat.com\u003e\nCc: Wade Farnsworth \u003cwade_farnsworth@mentor.com\u003e\nCc: Frederic Weisbecker \u003cfweisbec@gmail.com\u003e\nSigned-off-by: Will Deacon \u003cwill.deacon@arm.com\u003e\nSigned-off-by: Steven Rostedt \u003crostedt@goodmis.org\u003e\n" }, { "commit": "a4273088648f2dc90c3a15060090285397ef8b09", "tree": "5b2c38cfb60973169713db30208a72500ee10c8b", "parents": [ "7533da47fb87aabf1d79020e62c74723ec001421" ], "author": { "name": "Rabin Vincent", "email": "rabin@rab.in", "time": "Wed Oct 29 23:06:58 2014 +0100" }, "committer": { "name": "Matt Mower", "email": "mowerm@gmail.com", "time": "Thu Nov 06 18:12:02 2014 -0600" }, "message": "tracing/syscalls: Ignore numbers outside NR_syscalls\u0027 range\n\nARM has some private syscalls (for example, set_tls(2)) which lie\noutside the range of NR_syscalls. If any of these are called while\nsyscall tracing is being performed, out-of-bounds array access will\noccur in the ftrace and perf sys_{enter,exit} handlers.\n\n # trace-cmd record -e raw_syscalls:* true \u0026\u0026 trace-cmd report\n ...\n true-653 [000] 384.675777: sys_enter: NR 192 (0, 1000, 3, 4000022, ffffffff, 0)\n true-653 [000] 384.675812: sys_exit: NR 192 \u003d 1995915264\n true-653 [000] 384.675971: sys_enter: NR 983045 (76f74480, 76f74000, 76f74b28, 76f74480, 76f76f74, 1)\n true-653 [000] 384.675988: sys_exit: NR 983045 \u003d 0\n ...\n\n # trace-cmd record -e syscalls:* true\n [ 17.289329] Unable to handle kernel paging request at virtual address aaaaaace\n [ 17.289590] pgd \u003d 9e71c000\n [ 17.289696] [aaaaaace] *pgd\u003d00000000\n [ 17.289985] Internal error: Oops: 5 [#1] PREEMPT SMP ARM\n [ 17.290169] Modules linked in:\n [ 17.290391] CPU: 0 PID: 704 Comm: true Not tainted 3.18.0-rc2+ #21\n [ 17.290585] task: 9f4dab00 ti: 9e710000 task.ti: 9e710000\n [ 17.290747] PC is at ftrace_syscall_enter+0x48/0x1f8\n [ 17.290866] LR is at syscall_trace_enter+0x124/0x184\n\nFix this by ignoring out-of-NR_syscalls-bounds syscall numbers.\n\nCommit cd0980fc8add \"tracing: Check invalid syscall nr while tracing syscalls\"\nadded the check for less than zero, but it should have also checked\nfor greater than NR_syscalls.\n\nLink: http://lkml.kernel.org/p/1414620418-29472-1-git-send-email-rabin@rab.in\n\nChange-Id: Ic7ab546938e4655d73791d4cf371ffd9244c3e4d\nFixes: cd0980fc8add \"tracing: Check invalid syscall nr while tracing syscalls\"\nCc: stable@vger.kernel.org # 2.6.33+\nSigned-off-by: Rabin Vincent \u003crabin@rab.in\u003e\nSigned-off-by: Steven Rostedt \u003crostedt@goodmis.org\u003e\n" }, { "commit": "7533da47fb87aabf1d79020e62c74723ec001421", "tree": "ca9905d3a8ce7bc00f72345e0da44d136d3fc36e", "parents": [ "af51a04ba1c5f2f52672458d97ac8e0e5627b889" ], "author": { "name": "Will Deacon", "email": "will.deacon@arm.com", "time": "Thu Aug 16 18:14:14 2012 +0100" }, "committer": { "name": "Matt Mower", "email": "mowerm@gmail.com", "time": "Thu Nov 06 18:11:50 2014 -0600" }, "message": "tracing/syscalls: Fix perf syscall tracing when syscall_nr \u003d\u003d -1\n\nsyscall_get_nr can return -1 in the case that the task is not executing\na system call.\n\nThis patch fixes perf_syscall_{enter,exit} to check that the syscall\nnumber is valid before using it as an index into a bitmap.\n\nLink: http://lkml.kernel.org/r/1345137254-7377-1-git-send-email-will.deacon@arm.com\n\nChange-Id: I12f99dea41390b9631f98f925dc1d572aa4fc22d\nCc: Jason Baron \u003cjbaron@redhat.com\u003e\nCc: Wade Farnsworth \u003cwade_farnsworth@mentor.com\u003e\nCc: Frederic Weisbecker \u003cfweisbec@gmail.com\u003e\nSigned-off-by: Will Deacon \u003cwill.deacon@arm.com\u003e\nSigned-off-by: Steven Rostedt \u003crostedt@goodmis.org\u003e\n" }, { "commit": "fbbb7208969e8bfbd07782bbec069878a29d3267", "tree": "b0b5110b20ae77407f43801d002e26dd12764c09", "parents": [ "f73ff697833654ee578b606ea746d15dc1220aab" ], "author": { "name": "Jan Kara", "email": "jack@suse.cz", "time": "Fri Aug 01 12:20:02 2014 +0200" }, "committer": { "name": "Greg Kroah-Hartman", "email": "gregkh@linuxfoundation.org", "time": "Thu Aug 07 12:00:10 2014 -0700" }, "message": "timer: Fix lock inversion between hrtimer_bases.lock and scheduler locks\n\ncommit 504d58745c9ca28d33572e2d8a9990b43e06075d upstream.\n\nclockevents_increase_min_delta() calls printk() from under\nhrtimer_bases.lock. That causes lock inversion on scheduler locks because\nprintk() can call into the scheduler. Lockdep puts it as:\n\n\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\n[ INFO: possible circular locking dependency detected ]\n3.15.0-rc8-06195-g939f04b #2 Not tainted\n-------------------------------------------------------\ntrinity-main/74 is trying to acquire lock:\n (\u0026port_lock_key){-.....}, at: [\u003c811c60be\u003e] serial8250_console_write+0x8c/0x10c\n\nbut task is already holding lock:\n (hrtimer_bases.lock){-.-...}, at: [\u003c8103caeb\u003e] hrtimer_try_to_cancel+0x13/0x66\n\nwhich lock already depends on the new lock.\n\nthe existing dependency chain (in reverse order) is:\n\n-\u003e #5 (hrtimer_bases.lock){-.-...}:\n [\u003c8104a942\u003e] lock_acquire+0x92/0x101\n [\u003c8142f11d\u003e] _raw_spin_lock_irqsave+0x2e/0x3e\n [\u003c8103c918\u003e] __hrtimer_start_range_ns+0x1c/0x197\n [\u003c8107ec20\u003e] perf_swevent_start_hrtimer.part.41+0x7a/0x85\n [\u003c81080792\u003e] task_clock_event_start+0x3a/0x3f\n [\u003c810807a4\u003e] task_clock_event_add+0xd/0x14\n [\u003c8108259a\u003e] event_sched_in+0xb6/0x17a\n [\u003c810826a2\u003e] group_sched_in+0x44/0x122\n [\u003c81082885\u003e] ctx_sched_in.isra.67+0x105/0x11f\n [\u003c810828e6\u003e] perf_event_sched_in.isra.70+0x47/0x4b\n [\u003c81082bf6\u003e] __perf_install_in_context+0x8b/0xa3\n [\u003c8107eb8e\u003e] remote_function+0x12/0x2a\n [\u003c8105f5af\u003e] smp_call_function_single+0x2d/0x53\n [\u003c8107e17d\u003e] task_function_call+0x30/0x36\n [\u003c8107fb82\u003e] perf_install_in_context+0x87/0xbb\n [\u003c810852c9\u003e] SYSC_perf_event_open+0x5c6/0x701\n [\u003c810856f9\u003e] SyS_perf_event_open+0x17/0x19\n [\u003c8142f8ee\u003e] syscall_call+0x7/0xb\n\n-\u003e #4 (\u0026ctx-\u003elock){......}:\n [\u003c8104a942\u003e] lock_acquire+0x92/0x101\n [\u003c8142f04c\u003e] _raw_spin_lock+0x21/0x30\n [\u003c81081df3\u003e] __perf_event_task_sched_out+0x1dc/0x34f\n [\u003c8142cacc\u003e] __schedule+0x4c6/0x4cb\n [\u003c8142cae0\u003e] schedule+0xf/0x11\n [\u003c8142f9a6\u003e] work_resched+0x5/0x30\n\n-\u003e #3 (\u0026rq-\u003elock){-.-.-.}:\n [\u003c8104a942\u003e] lock_acquire+0x92/0x101\n [\u003c8142f04c\u003e] _raw_spin_lock+0x21/0x30\n [\u003c81040873\u003e] __task_rq_lock+0x33/0x3a\n [\u003c8104184c\u003e] wake_up_new_task+0x25/0xc2\n [\u003c8102474b\u003e] do_fork+0x15c/0x2a0\n [\u003c810248a9\u003e] kernel_thread+0x1a/0x1f\n [\u003c814232a2\u003e] rest_init+0x1a/0x10e\n [\u003c817af949\u003e] start_kernel+0x303/0x308\n [\u003c817af2ab\u003e] i386_start_kernel+0x79/0x7d\n\n-\u003e #2 (\u0026p-\u003epi_lock){-.-...}:\n [\u003c8104a942\u003e] lock_acquire+0x92/0x101\n [\u003c8142f11d\u003e] _raw_spin_lock_irqsave+0x2e/0x3e\n [\u003c810413dd\u003e] try_to_wake_up+0x1d/0xd6\n [\u003c810414cd\u003e] default_wake_function+0xb/0xd\n [\u003c810461f3\u003e] __wake_up_common+0x39/0x59\n [\u003c81046346\u003e] __wake_up+0x29/0x3b\n [\u003c811b8733\u003e] tty_wakeup+0x49/0x51\n [\u003c811c3568\u003e] uart_write_wakeup+0x17/0x19\n [\u003c811c5dc1\u003e] serial8250_tx_chars+0xbc/0xfb\n [\u003c811c5f28\u003e] serial8250_handle_irq+0x54/0x6a\n [\u003c811c5f57\u003e] serial8250_default_handle_irq+0x19/0x1c\n [\u003c811c56d8\u003e] serial8250_interrupt+0x38/0x9e\n [\u003c810510e7\u003e] handle_irq_event_percpu+0x5f/0x1e2\n [\u003c81051296\u003e] handle_irq_event+0x2c/0x43\n [\u003c81052cee\u003e] handle_level_irq+0x57/0x80\n [\u003c81002a72\u003e] handle_irq+0x46/0x5c\n [\u003c810027df\u003e] do_IRQ+0x32/0x89\n [\u003c8143036e\u003e] common_interrupt+0x2e/0x33\n [\u003c8142f23c\u003e] _raw_spin_unlock_irqrestore+0x3f/0x49\n [\u003c811c25a4\u003e] uart_start+0x2d/0x32\n [\u003c811c2c04\u003e] uart_write+0xc7/0xd6\n [\u003c811bc6f6\u003e] n_tty_write+0xb8/0x35e\n [\u003c811b9beb\u003e] tty_write+0x163/0x1e4\n [\u003c811b9cd9\u003e] redirected_tty_write+0x6d/0x75\n [\u003c810b6ed6\u003e] vfs_write+0x75/0xb0\n [\u003c810b7265\u003e] SyS_write+0x44/0x77\n [\u003c8142f8ee\u003e] syscall_call+0x7/0xb\n\n-\u003e #1 (\u0026tty-\u003ewrite_wait){-.....}:\n [\u003c8104a942\u003e] lock_acquire+0x92/0x101\n [\u003c8142f11d\u003e] _raw_spin_lock_irqsave+0x2e/0x3e\n [\u003c81046332\u003e] __wake_up+0x15/0x3b\n [\u003c811b8733\u003e] tty_wakeup+0x49/0x51\n [\u003c811c3568\u003e] uart_write_wakeup+0x17/0x19\n [\u003c811c5dc1\u003e] serial8250_tx_chars+0xbc/0xfb\n [\u003c811c5f28\u003e] serial8250_handle_irq+0x54/0x6a\n [\u003c811c5f57\u003e] serial8250_default_handle_irq+0x19/0x1c\n [\u003c811c56d8\u003e] serial8250_interrupt+0x38/0x9e\n [\u003c810510e7\u003e] handle_irq_event_percpu+0x5f/0x1e2\n [\u003c81051296\u003e] handle_irq_event+0x2c/0x43\n [\u003c81052cee\u003e] handle_level_irq+0x57/0x80\n [\u003c81002a72\u003e] handle_irq+0x46/0x5c\n [\u003c810027df\u003e] do_IRQ+0x32/0x89\n [\u003c8143036e\u003e] common_interrupt+0x2e/0x33\n [\u003c8142f23c\u003e] _raw_spin_unlock_irqrestore+0x3f/0x49\n [\u003c811c25a4\u003e] uart_start+0x2d/0x32\n [\u003c811c2c04\u003e] uart_write+0xc7/0xd6\n [\u003c811bc6f6\u003e] n_tty_write+0xb8/0x35e\n [\u003c811b9beb\u003e] tty_write+0x163/0x1e4\n [\u003c811b9cd9\u003e] redirected_tty_write+0x6d/0x75\n [\u003c810b6ed6\u003e] vfs_write+0x75/0xb0\n [\u003c810b7265\u003e] SyS_write+0x44/0x77\n [\u003c8142f8ee\u003e] syscall_call+0x7/0xb\n\n-\u003e #0 (\u0026port_lock_key){-.....}:\n [\u003c8104a62d\u003e] __lock_acquire+0x9ea/0xc6d\n [\u003c8104a942\u003e] lock_acquire+0x92/0x101\n [\u003c8142f11d\u003e] _raw_spin_lock_irqsave+0x2e/0x3e\n [\u003c811c60be\u003e] serial8250_console_write+0x8c/0x10c\n [\u003c8104e402\u003e] call_console_drivers.constprop.31+0x87/0x118\n [\u003c8104f5d5\u003e] console_unlock+0x1d7/0x398\n [\u003c8104fb70\u003e] vprintk_emit+0x3da/0x3e4\n [\u003c81425f76\u003e] printk+0x17/0x19\n [\u003c8105bfa0\u003e] clockevents_program_min_delta+0x104/0x116\n [\u003c8105c548\u003e] clockevents_program_event+0xe7/0xf3\n [\u003c8105cc1c\u003e] tick_program_event+0x1e/0x23\n [\u003c8103c43c\u003e] hrtimer_force_reprogram+0x88/0x8f\n [\u003c8103c49e\u003e] __remove_hrtimer+0x5b/0x79\n [\u003c8103cb21\u003e] hrtimer_try_to_cancel+0x49/0x66\n [\u003c8103cb4b\u003e] hrtimer_cancel+0xd/0x18\n [\u003c8107f102\u003e] perf_swevent_cancel_hrtimer.part.60+0x2b/0x30\n [\u003c81080705\u003e] task_clock_event_stop+0x20/0x64\n [\u003c81080756\u003e] task_clock_event_del+0xd/0xf\n [\u003c81081350\u003e] event_sched_out+0xab/0x11e\n [\u003c810813e0\u003e] group_sched_out+0x1d/0x66\n [\u003c81081682\u003e] ctx_sched_out+0xaf/0xbf\n [\u003c81081e04\u003e] __perf_event_task_sched_out+0x1ed/0x34f\n [\u003c8142cacc\u003e] __schedule+0x4c6/0x4cb\n [\u003c8142cae0\u003e] schedule+0xf/0x11\n [\u003c8142f9a6\u003e] work_resched+0x5/0x30\n\nother info that might help us debug this:\n\nChain exists of:\n \u0026port_lock_key --\u003e \u0026ctx-\u003elock --\u003e hrtimer_bases.lock\n\n Possible unsafe locking scenario:\n\n CPU0 CPU1\n ---- ----\n lock(hrtimer_bases.lock);\n lock(\u0026ctx-\u003elock);\n lock(hrtimer_bases.lock);\n lock(\u0026port_lock_key);\n\n *** DEADLOCK ***\n\n4 locks held by trinity-main/74:\n #0: (\u0026rq-\u003elock){-.-.-.}, at: [\u003c8142c6f3\u003e] __schedule+0xed/0x4cb\n #1: (\u0026ctx-\u003elock){......}, at: [\u003c81081df3\u003e] __perf_event_task_sched_out+0x1dc/0x34f\n #2: (hrtimer_bases.lock){-.-...}, at: [\u003c8103caeb\u003e] hrtimer_try_to_cancel+0x13/0x66\n #3: (console_lock){+.+...}, at: [\u003c8104fb5d\u003e] vprintk_emit+0x3c7/0x3e4\n\nstack backtrace:\nCPU: 0 PID: 74 Comm: trinity-main Not tainted 3.15.0-rc8-06195-g939f04b #2\n 00000000 81c3a310 8b995c14 81426f69 8b995c44 81425a99 8161f671 8161f570\n 8161f538 8161f559 8161f538 8b995c78 8b142bb0 00000004 8b142fdc 8b142bb0\n 8b995ca8 8104a62d 8b142fac 000016f2 81c3a310 00000001 00000001 00000003\nCall Trace:\n [\u003c81426f69\u003e] dump_stack+0x16/0x18\n [\u003c81425a99\u003e] print_circular_bug+0x18f/0x19c\n [\u003c8104a62d\u003e] __lock_acquire+0x9ea/0xc6d\n [\u003c8104a942\u003e] lock_acquire+0x92/0x101\n [\u003c811c60be\u003e] ? serial8250_console_write+0x8c/0x10c\n [\u003c811c6032\u003e] ? wait_for_xmitr+0x76/0x76\n [\u003c8142f11d\u003e] _raw_spin_lock_irqsave+0x2e/0x3e\n [\u003c811c60be\u003e] ? serial8250_console_write+0x8c/0x10c\n [\u003c811c60be\u003e] serial8250_console_write+0x8c/0x10c\n [\u003c8104af87\u003e] ? lock_release+0x191/0x223\n [\u003c811c6032\u003e] ? wait_for_xmitr+0x76/0x76\n [\u003c8104e402\u003e] call_console_drivers.constprop.31+0x87/0x118\n [\u003c8104f5d5\u003e] console_unlock+0x1d7/0x398\n [\u003c8104fb70\u003e] vprintk_emit+0x3da/0x3e4\n [\u003c81425f76\u003e] printk+0x17/0x19\n [\u003c8105bfa0\u003e] clockevents_program_min_delta+0x104/0x116\n [\u003c8105cc1c\u003e] tick_program_event+0x1e/0x23\n [\u003c8103c43c\u003e] hrtimer_force_reprogram+0x88/0x8f\n [\u003c8103c49e\u003e] __remove_hrtimer+0x5b/0x79\n [\u003c8103cb21\u003e] hrtimer_try_to_cancel+0x49/0x66\n [\u003c8103cb4b\u003e] hrtimer_cancel+0xd/0x18\n [\u003c8107f102\u003e] perf_swevent_cancel_hrtimer.part.60+0x2b/0x30\n [\u003c81080705\u003e] task_clock_event_stop+0x20/0x64\n [\u003c81080756\u003e] task_clock_event_del+0xd/0xf\n [\u003c81081350\u003e] event_sched_out+0xab/0x11e\n [\u003c810813e0\u003e] group_sched_out+0x1d/0x66\n [\u003c81081682\u003e] ctx_sched_out+0xaf/0xbf\n [\u003c81081e04\u003e] __perf_event_task_sched_out+0x1ed/0x34f\n [\u003c8104416d\u003e] ? __dequeue_entity+0x23/0x27\n [\u003c81044505\u003e] ? pick_next_task_fair+0xb1/0x120\n [\u003c8142cacc\u003e] __schedule+0x4c6/0x4cb\n [\u003c81047574\u003e] ? trace_hardirqs_off_caller+0xd7/0x108\n [\u003c810475b0\u003e] ? trace_hardirqs_off+0xb/0xd\n [\u003c81056346\u003e] ? rcu_irq_exit+0x64/0x77\n\nFix the problem by using printk_deferred() which does not call into the\nscheduler.\n\nReported-by: Fengguang Wu \u003cfengguang.wu@intel.com\u003e\nSigned-off-by: Jan Kara \u003cjack@suse.cz\u003e\nSigned-off-by: Thomas Gleixner \u003ctglx@linutronix.de\u003e\nSigned-off-by: Greg Kroah-Hartman \u003cgregkh@linuxfoundation.org\u003e\n\n" }, { "commit": "f73ff697833654ee578b606ea746d15dc1220aab", "tree": "5fba9efb577e61579fc9dba897f500b200fd6985", "parents": [ "7f6c1deb02e6ac110645c87fd2446594803a8a72" ], "author": { "name": "John Stultz", "email": "john.stultz@linaro.org", "time": "Wed Jun 04 16:11:40 2014 -0700" }, "committer": { "name": "Greg Kroah-Hartman", "email": "gregkh@linuxfoundation.org", "time": "Thu Aug 07 12:00:10 2014 -0700" }, "message": "printk: rename printk_sched to printk_deferred\n\ncommit aac74dc495456412c4130a1167ce4beb6c1f0b38 upstream.\n\nAfter learning we\u0027ll need some sort of deferred printk functionality in\nthe timekeeping core, Peter suggested we rename the printk_sched function\nso it can be reused by needed subsystems.\n\nThis only changes the function name. No logic changes.\n\nSigned-off-by: John Stultz \u003cjohn.stultz@linaro.org\u003e\nReviewed-by: Steven Rostedt \u003crostedt@goodmis.org\u003e\nCc: Jan Kara \u003cjack@suse.cz\u003e\nCc: Peter Zijlstra \u003cpeterz@infradead.org\u003e\nCc: Jiri Bohac \u003cjbohac@suse.cz\u003e\nCc: Thomas Gleixner \u003ctglx@linutronix.de\u003e\nCc: Ingo Molnar \u003cmingo@redhat.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\nSigned-off-by: Greg Kroah-Hartman \u003cgregkh@linuxfoundation.org\u003e\n\n" }, { "commit": "db610f7571f287db43c153ce26dd20dbd44d5173", "tree": "2b972c70901065346d4dea9365a5319f788e2814", "parents": [ "5ffeb0ef32669ed7b5905a60961d9b4bbd2b4d6d", "5bfc8718998bedfeea1997d83838ffd1981cbf12" ], "author": { "name": "Matt Mower", "email": "mowerm@gmail.com", "time": "Fri Aug 01 14:53:55 2014 -0700" }, "committer": { "name": "Ethan Chen", "email": "intervigil@gmail.com", "time": "Fri Aug 01 14:53:55 2014 -0700" }, "message": "Merge remote-tracking branch \u0027codeaurora/caf/kk_2.7_rb1.41\u0027 into cm-11.0\n\nConflicts:\n\tkernel/events/core.c\n\nChange-Id: I52dfe8b56924fb2d86bf1487eed6114342621603\n" }, { "commit": "5dc1c8851364ffb79cb9403f72c712ee83cce755", "tree": "b327092a6e3ddd4f5b89de8809c80f691c74c018", "parents": [ "299e667e26e9e3382fa471370121b117fa8ae987" ], "author": { "name": "Takashi Iwai", "email": "tiwai@suse.de", "time": "Tue Jul 15 08:51:27 2014 +0200" }, "committer": { "name": "Greg Kroah-Hartman", "email": "gregkh@linuxfoundation.org", "time": "Mon Jul 28 07:06:46 2014 -0700" }, "message": "PM / sleep: Fix request_firmware() error at resume\n\ncommit 4320f6b1d9db4ca912c5eb6ecb328b2e090e1586 upstream.\n\nThe commit [247bc037: PM / Sleep: Mitigate race between the freezer\nand request_firmware()] introduced the finer state control, but it\nalso leads to a new bug; for example, a bug report regarding the\nfirmware loading of intel BT device at suspend/resume:\n https://bugzilla.novell.com/show_bug.cgi?id\u003d873790\n\nThe root cause seems to be a small window between the process resume\nand the clear of usermodehelper lock. The request_firmware() function\nchecks the UMH lock and gives up when it\u0027s in UMH_DISABLE state. This\nis for avoiding the invalid f/w loading during suspend/resume phase.\nThe problem is, however, that usermodehelper_enable() is called at the\nend of thaw_processes(). Thus, a thawed process in between can kick\noff the f/w loader code path (in this case, via btusb_setup_intel())\neven before the call of usermodehelper_enable(). Then\nusermodehelper_read_trylock() returns an error and request_firmware()\nspews WARN_ON() in the end.\n\nThis oneliner patch fixes the issue just by setting to UMH_FREEZING\nstate again before restarting tasks, so that the call of\nrequest_firmware() will be blocked until the end of this function\ninstead of returning an error.\n\nFixes: 247bc0374254 (PM / Sleep: Mitigate race between the freezer and request_firmware())\nLink: https://bugzilla.novell.com/show_bug.cgi?id\u003d873790\nSigned-off-by: Takashi Iwai \u003ctiwai@suse.de\u003e\nSigned-off-by: Rafael J. Wysocki \u003crafael.j.wysocki@intel.com\u003e\nSigned-off-by: Greg Kroah-Hartman \u003cgregkh@linuxfoundation.org\u003e\n\n" }, { "commit": "299e667e26e9e3382fa471370121b117fa8ae987", "tree": "cb7dc72c583b7c561369c7ed28f6cfa3ad8874e8", "parents": [ "b63dd4c81b9eccf95c1d08775bb7f2d05d70c8f1" ], "author": { "name": "John Stultz", "email": "john.stultz@linaro.org", "time": "Mon Jul 07 14:06:11 2014 -0700" }, "committer": { "name": "Greg Kroah-Hartman", "email": "gregkh@linuxfoundation.org", "time": "Mon Jul 28 07:06:46 2014 -0700" }, "message": "alarmtimer: Fix bug where relative alarm timers were treated as absolute\n\ncommit 16927776ae757d0d132bdbfabbfe2c498342bd59 upstream.\n\nSharvil noticed with the posix timer_settime interface, using the\nCLOCK_REALTIME_ALARM or CLOCK_BOOTTIME_ALARM clockid, if the users\ntried to specify a relative time timer, it would incorrectly be\ntreated as absolute regardless of the state of the flags argument.\n\nThis patch corrects this, properly checking the absolute/relative flag,\nas well as adds further error checking that no invalid flag bits are set.\n\nReported-by: Sharvil Nanavati \u003csharvil@google.com\u003e\nSigned-off-by: John Stultz \u003cjohn.stultz@linaro.org\u003e\nCc: Thomas Gleixner \u003ctglx@linutronix.de\u003e\nCc: Ingo Molnar \u003cmingo@kernel.org\u003e\nCc: Prarit Bhargava \u003cprarit@redhat.com\u003e\nCc: Sharvil Nanavati \u003csharvil@google.com\u003e\nLink: http://lkml.kernel.org/r/1404767171-6902-1-git-send-email-john.stultz@linaro.org\nSigned-off-by: Thomas Gleixner \u003ctglx@linutronix.de\u003e\nSigned-off-by: Greg Kroah-Hartman \u003cgregkh@linuxfoundation.org\u003e\n\n" }, { "commit": "2a77794da631ec2b2d2243b83fa6793676cdf411", "tree": "00290e2eca39d1b204d7a518b749b1ae68b18c0f", "parents": [ "ea018da95368adfb700689bd9842714f7c3db665" ], "author": { "name": "Thomas Gleixner", "email": "tglx@linutronix.de", "time": "Wed Jun 11 18:44:04 2014 +0000" }, "committer": { "name": "Greg Kroah-Hartman", "email": "gregkh@linuxfoundation.org", "time": "Thu Jul 17 15:39:50 2014 -0700" }, "message": "rtmutex: Plug slow unlock race\n\ncommit 27e35715df54cbc4f2d044f681802ae30479e7fb upstream.\n\nWhen the rtmutex fast path is enabled the slow unlock function can\ncreate the following situation:\n\nspin_lock(foo-\u003em-\u003ewait_lock);\nfoo-\u003em-\u003eowner \u003d NULL;\n\t \t\t\trt_mutex_lock(foo-\u003em); \u003c-- fast path\n\t\t\t\tfree \u003d atomic_dec_and_test(foo-\u003erefcnt);\n\t\t\t\trt_mutex_unlock(foo-\u003em); \u003c-- fast path\n\t\t\t\tif (free)\n\t\t\t\t kfree(foo);\n\nspin_unlock(foo-\u003em-\u003ewait_lock); \u003c--- Use after free.\n\nPlug the race by changing the slow unlock to the following scheme:\n\n while (!rt_mutex_has_waiters(m)) {\n \t /* Clear the waiters bit in m-\u003eowner */\n\t clear_rt_mutex_waiters(m);\n \t owner \u003d rt_mutex_owner(m);\n \t spin_unlock(m-\u003ewait_lock);\n \t if (cmpxchg(m-\u003eowner, owner, 0) \u003d\u003d owner)\n \t return;\n \t spin_lock(m-\u003ewait_lock);\n }\n\nSo in case of a new waiter incoming while the owner tries the slow\npath unlock we have two situations:\n\n unlock(wait_lock);\n\t\t\t\t\tlock(wait_lock);\n cmpxchg(p, owner, 0) \u003d\u003d owner\n \t \t \t\t\tmark_rt_mutex_waiters(lock);\n\t \t\t\t\tacquire(lock);\n\nOr:\n\n unlock(wait_lock);\n\t\t\t\t\tlock(wait_lock);\n\t \t\t\t\tmark_rt_mutex_waiters(lock);\n cmpxchg(p, owner, 0) !\u003d owner\n\t\t\t\t\tenqueue_waiter();\n\t\t\t\t\tunlock(wait_lock);\n lock(wait_lock);\n wakeup_next waiter();\n unlock(wait_lock);\n\t\t\t\t\tlock(wait_lock);\n\t\t\t\t\tacquire(lock);\n\nIf the fast path is disabled, then the simple\n\n m-\u003eowner \u003d NULL;\n unlock(m-\u003ewait_lock);\n\nis sufficient as all access to m-\u003eowner is serialized via\nm-\u003ewait_lock;\n\nAlso document and clarify the wakeup_next_waiter function as suggested\nby Oleg Nesterov.\n\nReported-by: Steven Rostedt \u003crostedt@goodmis.org\u003e\nSigned-off-by: Thomas Gleixner \u003ctglx@linutronix.de\u003e\nReviewed-by: Steven Rostedt \u003crostedt@goodmis.org\u003e\nCc: Peter Zijlstra \u003cpeterz@infradead.org\u003e\nLink: http://lkml.kernel.org/r/20140611183852.937945560@linutronix.de\nSigned-off-by: Thomas Gleixner \u003ctglx@linutronix.de\u003e\nSigned-off-by: Mike Galbraith \u003cumgwanakikbuti@gmail.com\u003e\nSigned-off-by: Greg Kroah-Hartman \u003cgregkh@linuxfoundation.org\u003e\n\n" }, { "commit": "ea018da95368adfb700689bd9842714f7c3db665", "tree": "1292bd16701c41189f489d5950b074772b5cb2fc", "parents": [ "307e2e09be9993d7fe403a7310b28ab2d8e2f6ce" ], "author": { "name": "Thomas Gleixner", "email": "tglx@linutronix.de", "time": "Thu Jun 05 12:34:23 2014 +0200" }, "committer": { "name": "Greg Kroah-Hartman", "email": "gregkh@linuxfoundation.org", "time": "Thu Jul 17 15:39:50 2014 -0700" }, "message": "rtmutex: Handle deadlock detection smarter\n\ncommit 3d5c9340d1949733eb37616abd15db36aef9a57c upstream.\n\nEven in the case when deadlock detection is not requested by the\ncaller, we can detect deadlocks. Right now the code stops the lock\nchain walk and keeps the waiter enqueued, even on itself. Silly not to\nyell when such a scenario is detected and to keep the waiter enqueued.\n\nReturn -EDEADLK unconditionally and handle it at the call sites.\n\nThe futex calls return -EDEADLK. The non futex ones dequeue the\nwaiter, throw a warning and put the task into a schedule loop.\n\nTagged for stable as it makes the code more robust.\n\nSigned-off-by: Thomas Gleixner \u003ctglx@linutronix.de\u003e\nCc: Steven Rostedt \u003crostedt@goodmis.org\u003e\nCc: Peter Zijlstra \u003cpeterz@infradead.org\u003e\nCc: Brad Mouring \u003cbmouring@ni.com\u003e\nLink: http://lkml.kernel.org/r/20140605152801.836501969@linutronix.de\nSigned-off-by: Thomas Gleixner \u003ctglx@linutronix.de\u003e\nSigned-off-by: Mike Galbraith \u003cumgwanakikbuti@gmail.com\u003e\nSigned-off-by: Greg Kroah-Hartman \u003cgregkh@linuxfoundation.org\u003e\n\n" }, { "commit": "307e2e09be9993d7fe403a7310b28ab2d8e2f6ce", "tree": "63c91c95088bebcce1bf4df486b17aa5312c95d0", "parents": [ "90b421b52720b30644e104da002505f08a77c07a" ], "author": { "name": "Thomas Gleixner", "email": "tglx@linutronix.de", "time": "Thu Jun 05 11:16:12 2014 +0200" }, "committer": { "name": "Greg Kroah-Hartman", "email": "gregkh@linuxfoundation.org", "time": "Thu Jul 17 15:39:50 2014 -0700" }, "message": "rtmutex: Detect changes in the pi lock chain\n\ncommit 82084984383babe728e6e3c9a8e5c46278091315 upstream.\n\nWhen we walk the lock chain, we drop all locks after each step. So the\nlock chain can change under us before we reacquire the locks. That\u0027s\nharmless in principle as we just follow the wrong lock path. But it\ncan lead to a false positive in the dead lock detection logic:\n\nT0 holds L0\nT0 blocks on L1 held by T1\nT1 blocks on L2 held by T2\nT2 blocks on L3 held by T3\nT4 blocks on L4 held by T4\n\nNow we walk the chain\n\nlock T1 -\u003e lock L2 -\u003e adjust L2 -\u003e unlock T1 -\u003e\n lock T2 -\u003e adjust T2 -\u003e drop locks\n\nT2 times out and blocks on L0\n\nNow we continue:\n\nlock T2 -\u003e lock L0 -\u003e deadlock detected, but it\u0027s not a deadlock at all.\n\nBrad tried to work around that in the deadlock detection logic itself,\nbut the more I looked at it the less I liked it, because it\u0027s crystal\nball magic after the fact.\n\nWe actually can detect a chain change very simple:\n\nlock T1 -\u003e lock L2 -\u003e adjust L2 -\u003e unlock T1 -\u003e lock T2 -\u003e adjust T2 -\u003e\n\n next_lock \u003d T2-\u003epi_blocked_on-\u003elock;\n\ndrop locks\n\nT2 times out and blocks on L0\n\nNow we continue:\n\nlock T2 -\u003e\n\n if (next_lock !\u003d T2-\u003epi_blocked_on-\u003elock)\n \t return;\n\nSo if we detect that T2 is now blocked on a different lock we stop the\nchain walk. That\u0027s also correct in the following scenario:\n\nlock T1 -\u003e lock L2 -\u003e adjust L2 -\u003e unlock T1 -\u003e lock T2 -\u003e adjust T2 -\u003e\n\n next_lock \u003d T2-\u003epi_blocked_on-\u003elock;\n\ndrop locks\n\nT3 times out and drops L3\nT2 acquires L3 and blocks on L4 now\n\nNow we continue:\n\nlock T2 -\u003e\n\n if (next_lock !\u003d T2-\u003epi_blocked_on-\u003elock)\n \t return;\n\nWe don\u0027t have to follow up the chain at that point, because T2\npropagated our priority up to T4 already.\n\n[ Folded a cleanup patch from peterz ]\n\nSigned-off-by: Thomas Gleixner \u003ctglx@linutronix.de\u003e\nReported-by: Brad Mouring \u003cbmouring@ni.com\u003e\nCc: Steven Rostedt \u003crostedt@goodmis.org\u003e\nCc: Peter Zijlstra \u003cpeterz@infradead.org\u003e\nLink: http://lkml.kernel.org/r/20140605152801.930031935@linutronix.de\nSigned-off-by: Mike Galbraith \u003cumgwanakikbuti@gmail.com\u003e\nSigned-off-by: Greg Kroah-Hartman \u003cgregkh@linuxfoundation.org\u003e\n\n" }, { "commit": "90b421b52720b30644e104da002505f08a77c07a", "tree": "6e267789da89c5601db4ad1f376b549215f7afdc", "parents": [ "bf09db97205d46b3e083582eb2799aedddd9953b" ], "author": { "name": "Thomas Gleixner", "email": "tglx@linutronix.de", "time": "Thu May 22 03:25:39 2014 +0000" }, "committer": { "name": "Greg Kroah-Hartman", "email": "gregkh@linuxfoundation.org", "time": "Thu Jul 17 15:39:50 2014 -0700" }, "message": "rtmutex: Fix deadlock detector for real\n\ncommit 397335f004f41e5fcf7a795e94eb3ab83411a17c upstream.\n\nThe current deadlock detection logic does not work reliably due to the\nfollowing early exit path:\n\n\t/*\n\t * Drop out, when the task has no waiters. Note,\n\t * top_waiter can be NULL, when we are in the deboosting\n\t * mode!\n\t */\n\tif (top_waiter \u0026\u0026 (!task_has_pi_waiters(task) ||\n\t\t\t top_waiter !\u003d task_top_pi_waiter(task)))\n\t\tgoto out_unlock_pi;\n\nSo this not only exits when the task has no waiters, it also exits\nunconditionally when the current waiter is not the top priority waiter\nof the task.\n\nSo in a nested locking scenario, it might abort the lock chain walk\nand therefor miss a potential deadlock.\n\nSimple fix: Continue the chain walk, when deadlock detection is\nenabled.\n\nWe also avoid the whole enqueue, if we detect the deadlock right away\n(A-A). It\u0027s an optimization, but also prevents that another waiter who\ncomes in after the detection and before the task has undone the damage\nobserves the situation and detects the deadlock and returns\n-EDEADLOCK, which is wrong as the other task is not in a deadlock\nsituation.\n\nSigned-off-by: Thomas Gleixner \u003ctglx@linutronix.de\u003e\nCc: Peter Zijlstra \u003cpeterz@infradead.org\u003e\nReviewed-by: Steven Rostedt \u003crostedt@goodmis.org\u003e\nCc: Lai Jiangshan \u003claijs@cn.fujitsu.com\u003e\nLink: http://lkml.kernel.org/r/20140522031949.725272460@linutronix.de\nSigned-off-by: Thomas Gleixner \u003ctglx@linutronix.de\u003e\nSigned-off-by: Mike Galbraith \u003cumgwanakikbuti@gmail.com\u003e\nSigned-off-by: Greg Kroah-Hartman \u003cgregkh@linuxfoundation.org\u003e\n\n" }, { "commit": "bf09db97205d46b3e083582eb2799aedddd9953b", "tree": "a56ddb942afc72096dc4b53c725f603d841d2ccb", "parents": [ "fa1bd9b16b3432bce7937a5a4b5d75ab2f5b634c" ], "author": { "name": "Steven Rostedt (Red Hat)", "email": "rostedt@goodmis.org", "time": "Tue Jun 24 23:50:09 2014 -0400" }, "committer": { "name": "Greg Kroah-Hartman", "email": "gregkh@linuxfoundation.org", "time": "Thu Jul 17 15:39:50 2014 -0700" }, "message": "tracing: Remove ftrace_stop/start() from reading the trace file\n\ncommit 099ed151675cd1d2dbeae1dac697975f6a68716d upstream.\n\nDisabling reading and writing to the trace file should not be able to\ndisable all function tracing callbacks. There\u0027s other users today\n(like kprobes and perf). Reading a trace file should not stop those\nfrom happening.\n\nReviewed-by: Masami Hiramatsu \u003cmasami.hiramatsu.pt@hitachi.com\u003e\nSigned-off-by: Steven Rostedt \u003crostedt@goodmis.org\u003e\nSigned-off-by: Greg Kroah-Hartman \u003cgregkh@linuxfoundation.org\u003e\n\n" }, { "commit": "f54e04114e99817aae34261901fa5b54e6e2c336", "tree": "50371f4b87102e0b22d4c5e0b40428348941b2d0", "parents": [ "d06191b3d67e11142db2d601a8393535e58de5e3" ], "author": { "name": "Gu Zheng", "email": "guz.fnst@cn.fujitsu.com", "time": "Wed Jun 25 09:57:18 2014 +0800" }, "committer": { "name": "Greg Kroah-Hartman", "email": "gregkh@linuxfoundation.org", "time": "Thu Jul 17 15:39:49 2014 -0700" }, "message": "cpuset,mempolicy: fix sleeping function called from invalid context\n\ncommit 391acf970d21219a2a5446282d3b20eace0c0d7a upstream.\n\nWhen runing with the kernel(3.15-rc7+), the follow bug occurs:\n[ 9969.258987] BUG: sleeping function called from invalid context at kernel/locking/mutex.c:586\n[ 9969.359906] in_atomic(): 1, irqs_disabled(): 0, pid: 160655, name: python\n[ 9969.441175] INFO: lockdep is turned off.\n[ 9969.488184] CPU: 26 PID: 160655 Comm: python Tainted: G A 3.15.0-rc7+ #85\n[ 9969.581032] Hardware name: FUJITSU-SV PRIMEQUEST 1800E/SB, BIOS PRIMEQUEST 1000 Series BIOS Version 1.39 11/16/2012\n[ 9969.706052] ffffffff81a20e60 ffff8803e941fbd0 ffffffff8162f523 ffff8803e941fd18\n[ 9969.795323] ffff8803e941fbe0 ffffffff8109995a ffff8803e941fc58 ffffffff81633e6c\n[ 9969.884710] ffffffff811ba5dc ffff880405c6b480 ffff88041fdd90a0 0000000000002000\n[ 9969.974071] Call Trace:\n[ 9970.003403] [\u003cffffffff8162f523\u003e] dump_stack+0x4d/0x66\n[ 9970.065074] [\u003cffffffff8109995a\u003e] __might_sleep+0xfa/0x130\n[ 9970.130743] [\u003cffffffff81633e6c\u003e] mutex_lock_nested+0x3c/0x4f0\n[ 9970.200638] [\u003cffffffff811ba5dc\u003e] ? kmem_cache_alloc+0x1bc/0x210\n[ 9970.272610] [\u003cffffffff81105807\u003e] cpuset_mems_allowed+0x27/0x140\n[ 9970.344584] [\u003cffffffff811b1303\u003e] ? __mpol_dup+0x63/0x150\n[ 9970.409282] [\u003cffffffff811b1385\u003e] __mpol_dup+0xe5/0x150\n[ 9970.471897] [\u003cffffffff811b1303\u003e] ? __mpol_dup+0x63/0x150\n[ 9970.536585] [\u003cffffffff81068c86\u003e] ? copy_process.part.23+0x606/0x1d40\n[ 9970.613763] [\u003cffffffff810bf28d\u003e] ? trace_hardirqs_on+0xd/0x10\n[ 9970.683660] [\u003cffffffff810ddddf\u003e] ? monotonic_to_bootbased+0x2f/0x50\n[ 9970.759795] [\u003cffffffff81068cf0\u003e] copy_process.part.23+0x670/0x1d40\n[ 9970.834885] [\u003cffffffff8106a598\u003e] do_fork+0xd8/0x380\n[ 9970.894375] [\u003cffffffff81110e4c\u003e] ? __audit_syscall_entry+0x9c/0xf0\n[ 9970.969470] [\u003cffffffff8106a8c6\u003e] SyS_clone+0x16/0x20\n[ 9971.030011] [\u003cffffffff81642009\u003e] stub_clone+0x69/0x90\n[ 9971.091573] [\u003cffffffff81641c29\u003e] ? system_call_fastpath+0x16/0x1b\n\nThe cause is that cpuset_mems_allowed() try to take\nmutex_lock(\u0026callback_mutex) under the rcu_read_lock(which was hold in\n__mpol_dup()). And in cpuset_mems_allowed(), the access to cpuset is\nunder rcu_read_lock, so in __mpol_dup, we can reduce the rcu_read_lock\nprotection region to protect the access to cpuset only in\ncurrent_cpuset_is_being_rebound(). So that we can avoid this bug.\n\nThis patch is a temporary solution that just addresses the bug\nmentioned above, can not fix the long-standing issue about cpuset.mems\nrebinding on fork():\n\n\"When the forker\u0027s task_struct is duplicated (which includes\n -\u003emems_allowed) and it races with an update to cpuset_being_rebound\n in update_tasks_nodemask() then the task\u0027s mems_allowed doesn\u0027t get\n updated. And the child task\u0027s mems_allowed can be wrong if the\n cpuset\u0027s nodemask changes before the child has been added to the\n cgroup\u0027s tasklist.\"\n\nSigned-off-by: Gu Zheng \u003cguz.fnst@cn.fujitsu.com\u003e\nAcked-by: Li Zefan \u003clizefan@huawei.com\u003e\nSigned-off-by: Tejun Heo \u003ctj@kernel.org\u003e\nSigned-off-by: Greg Kroah-Hartman \u003cgregkh@linuxfoundation.org\u003e\n\n" }, { "commit": "ecab17be93f5c130f7ea19e860dce7472d297b0d", "tree": "3b9210fc5eaaadb406d89209eb0543d45d36ae7d", "parents": [ "407525a370b9d0b5d27520eaa83a2fd6ae681f48" ], "author": { "name": "Thomas Gleixner", "email": "tglx@linutronix.de", "time": "Tue Jun 03 12:27:06 2014 +0000" }, "committer": { "name": "Gerrit - the friendly Code Review server", "email": "code-review@localhost", "time": "Tue Jul 08 06:26:58 2014 -0700" }, "message": "futex-prevent-requeue-pi-on-same-futex.patch futex: Forbid uaddr \u003d\u003d uaddr2 in futex_requeue(..., requeue_pi\u003d1)\n\nIf uaddr \u003d\u003d uaddr2, then we have broken the rule of only requeueing from\na non-pi futex to a pi futex with this call. If we attempt this, then\ndangling pointers may be left for rt_waiter resulting in an exploitable\ncondition.\n\nThis change brings futex_requeue() in line with futex_wait_requeue_pi()\nwhich performs the same check as per commit 6f7b0a2a5c0f (\"futex: Forbid\nuaddr \u003d\u003d uaddr2 in futex_wait_requeue_pi()\")\n\n[ tglx: Compare the resulting keys as well, as uaddrs might be\n \tdifferent depending on the mapping ]\n\nFixes CVE-2014-3153.\n\nReported-by: Pinkie Pie\nSigned-off-by: Will Drewry \u003cwad@chromium.org\u003e\nSigned-off-by: Kees Cook \u003ckeescook@chromium.org\u003e\nCc: stable@vger.kernel.org\nSigned-off-by: Thomas Gleixner \u003ctglx@linutronix.de\u003e\nReviewed-by: Darren Hart \u003cdvhart@linux.intel.com\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\nChange-Id: I9ee5c8a87cc43c7b1e1dc2796949e7c20c74ddf4\nGit-commit: e9c243a5a6de0be8e584c604d353412584b592f8\nGit-repo: git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git\nSigned-off-by: Divya Sharma \u003cc_shard@codeaurora.org\u003e\n" }, { "commit": "0c3351a0a4815ea566d3febf82033b6c55ed4a2d", "tree": "6aaeb576ba3bda684481e2ca0d4b185b7b0ff6a6", "parents": [ "e3293b8639a90b7227be9c273af0a45015c499bb" ], "author": { "name": "Oleg Nesterov", "email": "oleg@redhat.com", "time": "Sun Apr 13 20:58:54 2014 +0200" }, "committer": { "name": "Greg Kroah-Hartman", "email": "gregkh@linuxfoundation.org", "time": "Sun Jul 06 18:49:20 2014 -0700" }, "message": "tracing: Fix syscall_*regfunc() vs copy_process() race\n\ncommit 4af4206be2bd1933cae20c2b6fb2058dbc887f7c upstream.\n\nsyscall_regfunc() and syscall_unregfunc() should set/clear\nTIF_SYSCALL_TRACEPOINT system-wide, but do_each_thread() can race\nwith copy_process() and miss the new child which was not added to\nthe process/thread lists yet.\n\nChange copy_process() to update the child\u0027s TIF_SYSCALL_TRACEPOINT\nunder tasklist.\n\nLink: http://lkml.kernel.org/p/20140413185854.GB20668@redhat.com\n\nFixes: a871bd33a6c0 \"tracing: Add syscall tracepoints\"\nAcked-by: Frederic Weisbecker \u003cfweisbec@gmail.com\u003e\nAcked-by: Paul E. McKenney \u003cpaulmck@linux.vnet.ibm.com\u003e\nSigned-off-by: Oleg Nesterov \u003coleg@redhat.com\u003e\nSigned-off-by: Steven Rostedt \u003crostedt@goodmis.org\u003e\nSigned-off-by: Greg Kroah-Hartman \u003cgregkh@linuxfoundation.org\u003e\n\n" }, { "commit": "a97df3f22b83742deb9191d53928641ec3befb6e", "tree": "c34f984ed3c4f844aeb3b2076148d2f334e5b134", "parents": [ "1d48df4863c4a4d40809575efa1f101b1e8090b5" ], "author": { "name": "Thomas Gleixner", "email": "tglx@linutronix.de", "time": "Thu Mar 07 14:53:45 2013 +0100" }, "committer": { "name": "Greg Kroah-Hartman", "email": "gregkh@linuxfoundation.org", "time": "Mon Jun 30 20:01:33 2014 -0700" }, "message": "genirq: Sanitize spurious interrupt detection of threaded irqs\n\ncommit 1e77d0a1ed7417d2a5a52a7b8d32aea1833faa6c upstream.\n\nTill reported that the spurious interrupt detection of threaded\ninterrupts is broken in two ways:\n\n- note_interrupt() is called for each action thread of a shared\n interrupt line. That\u0027s wrong as we are only interested whether none\n of the device drivers felt responsible for the interrupt, but by\n calling multiple times for a single interrupt line we account\n IRQ_NONE even if one of the drivers felt responsible.\n\n- note_interrupt() when called from the thread handler is not\n serialized. That leaves the members of irq_desc which are used for\n the spurious detection unprotected.\n\nTo solve this we need to defer the spurious detection of a threaded\ninterrupt to the next hardware interrupt context where we have\nimplicit serialization.\n\nIf note_interrupt is called with action_ret \u003d\u003d IRQ_WAKE_THREAD, we\ncheck whether the previous interrupt requested a deferred check. If\nnot, we request a deferred check for the next hardware interrupt and\nreturn.\n\nIf set, we check whether one of the interrupt threads signaled\nsuccess. Depending on this information we feed the result into the\nspurious detector.\n\nIf one primary handler of a shared interrupt returns IRQ_HANDLED we\ndisable the deferred check of irq threads on the same line, as we have\nfound at least one device driver who cared.\n\nReported-by: Till Straumann \u003cstrauman@slac.stanford.edu\u003e\nSigned-off-by: Thomas Gleixner \u003ctglx@linutronix.de\u003e\nTested-by: Austin Schuh \u003caustin@peloton-tech.com\u003e\nCc: Oliver Hartkopp \u003csocketcan@hartkopp.net\u003e\nCc: Wolfgang Grandegger \u003cwg@grandegger.com\u003e\nCc: Pavel Pisa \u003cpisa@cmp.felk.cvut.cz\u003e\nCc: Marc Kleine-Budde \u003cmkl@pengutronix.de\u003e\nCc: linux-can@vger.kernel.org\nLink: http://lkml.kernel.org/r/alpine.LFD.2.02.1303071450130.22263@ionos\nSigned-off-by: Greg Kroah-Hartman \u003cgregkh@linuxfoundation.org\u003e\n\n" }, { "commit": "3f8f4ae48f4023e1c53722b1dc1a7ab897cbca14", "tree": "2677e4c998e385b214a5a04f09343133b2ebc8be", "parents": [ "7be9d6cd4b57ebd5b344e4a006c0aa6e7a08aba3" ], "author": { "name": "Thomas Gleixner", "email": "tglx@linutronix.de", "time": "Fri Nov 29 12:18:13 2013 +0100" }, "committer": { "name": "Greg Kroah-Hartman", "email": "gregkh@linuxfoundation.org", "time": "Thu Jun 26 15:10:29 2014 -0400" }, "message": "nohz: Fix another inconsistency between CONFIG_NO_HZ\u003dn and nohz\u003doff\n\ncommit 0e576acbc1d9600cf2d9b4a141a2554639959d50 upstream.\n\nIf CONFIG_NO_HZ\u003dn tick_nohz_get_sleep_length() returns NSEC_PER_SEC/HZ.\n\nIf CONFIG_NO_HZ\u003dy and the nohz functionality is disabled via the\ncommand line option \"nohz\u003doff\" or not enabled due to missing hardware\nsupport, then tick_nohz_get_sleep_length() returns 0. That happens\nbecause ts-\u003esleep_length is never set in that case.\n\nSet it to NSEC_PER_SEC/HZ when the NOHZ mode is inactive.\n\nReported-by: Michal Hocko \u003cmhocko@suse.cz\u003e\nReported-by: Borislav Petkov \u003cbp@alien8.de\u003e\nSigned-off-by: Thomas Gleixner \u003ctglx@linutronix.de\u003e\nCc: Rui Xiang \u003crui.xiang@huawei.com\u003e\nSigned-off-by: Greg Kroah-Hartman \u003cgregkh@linuxfoundation.org\u003e\n\n" }, { "commit": "1996c132e6e6524d2ecb386b8d96b8c32343ca67", "tree": "a411dfe837067b8595dd9cf0ce4c0a7b38ce49cd", "parents": [ "bae16898d62fa7b608c17ab1f987d319af28b3e7", "15d8f1ef6b18f4c96cc5f95fc3acc204deeb2469" ], "author": { "name": "Linux Build Service Account", "email": "lnxbuild@localhost", "time": "Tue Jun 17 07:26:27 2014 -0700" }, "committer": { "name": "Gerrit - the friendly Code Review server", "email": "code-review@localhost", "time": "Tue Jun 17 07:26:27 2014 -0700" }, "message": "Merge \"msm: perf: clean up duplicate constraint events\"" }, { "commit": "f37d83a8a407737a83f5149948ecd3cd557f4193", "tree": "ee693c2083bc03d5072e7d151503d7af00f61cc6", "parents": [ "1aea5c99f4ee468b167b14f55998ee020c7f6b84", "13f898ac02a320773d70d2998a4803f07c58734d" ], "author": { "name": "Linux Build Service Account", "email": "lnxbuild@localhost", "time": "Tue Jun 17 07:26:26 2014 -0700" }, "committer": { "name": "Gerrit - the friendly Code Review server", "email": "code-review@localhost", "time": "Tue Jun 17 07:26:26 2014 -0700" }, "message": "Merge \"Perf: Support sw events across hotplug\"" }, { "commit": "c261a5ae9e573d6178bee078bca21064aae24d71", "tree": "a2cd70bec61c699137160c163a882ac282487884", "parents": [ "44796beb5ea98011490905a47d3a9b5a2f2bddee", "8165d84a0d90b1976ea6bb370a36df1b0cc14c63" ], "author": { "name": "Linux Build Service Account", "email": "lnxbuild@localhost", "time": "Tue Jun 17 07:26:24 2014 -0700" }, "committer": { "name": "Gerrit - the friendly Code Review server", "email": "code-review@localhost", "time": "Tue Jun 17 07:26:24 2014 -0700" }, "message": "Merge \"Perf: keep events across hotplug\"" }, { "commit": "39da9a416814e556060bab8569293b8f3d889765", "tree": "47e6e9dc9b64c873e31bd67dfe4d9ecdfb81ea98", "parents": [ "35a2bae84d5bc0a6609134b51053f78d235940c2" ], "author": { "name": "Andy Lutomirski", "email": "luto@amacapital.net", "time": "Wed May 28 23:09:58 2014 -0400" }, "committer": { "name": "Greg Kroah-Hartman", "email": "gregkh@linuxfoundation.org", "time": "Mon Jun 16 13:45:46 2014 -0700" }, "message": "auditsc: audit_krule mask accesses need bounds checking\n\ncommit a3c54931199565930d6d84f4c3456f6440aefd41 upstream.\n\nFixes an easy DoS and possible information disclosure.\n\nThis does nothing about the broken state of x32 auditing.\n\neparis: If the admin has enabled auditd and has specifically loaded\naudit rules. This bug has been around since before git. Wow...\n\nSigned-off-by: Andy Lutomirski \u003cluto@amacapital.net\u003e\nSigned-off-by: Eric Paris \u003ceparis@redhat.com\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\nSigned-off-by: Greg Kroah-Hartman \u003cgregkh@linuxfoundation.org\u003e\n\n" }, { "commit": "d6e81d4f7b4e8cea2817c7568e3756798cd29aae", "tree": "0f9ff9d27bcba2a3278122bb4834a33a4da02266", "parents": [ "ee40d72c3e6fc7e6cd5241eb84fa104b61dc8ec3" ], "author": { "name": "Lai Jiangshan", "email": "laijs@cn.fujitsu.com", "time": "Fri May 16 11:50:42 2014 +0800" }, "committer": { "name": "Greg Kroah-Hartman", "email": "gregkh@linuxfoundation.org", "time": "Wed Jun 11 12:04:11 2014 -0700" }, "message": "sched: Fix hotplug vs. set_cpus_allowed_ptr()\n\ncommit 6acbfb96976fc3350e30d964acb1dbbdf876d55e upstream.\n\nLai found that:\n\n WARNING: CPU: 1 PID: 13 at arch/x86/kernel/smp.c:124 native_smp_send_reschedule+0x2d/0x4b()\n ...\n migration_cpu_stop+0x1d/0x22\n\nwas caused by set_cpus_allowed_ptr() assuming that cpu_active_mask is\nalways a sub-set of cpu_online_mask.\n\nThis isn\u0027t true since 5fbd036b552f (\"sched: Cleanup cpu_active madness\").\n\nSo set active and online at the same time to avoid this particular\nproblem.\n\nFixes: 5fbd036b552f (\"sched: Cleanup cpu_active madness\")\nSigned-off-by: Lai Jiangshan \u003claijs@cn.fujitsu.com\u003e\nSigned-off-by: Peter Zijlstra \u003cpeterz@infradead.org\u003e\nCc: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nCc: Gautham R. Shenoy \u003cego@linux.vnet.ibm.com\u003e\nCc: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\nCc: Michael wang \u003cwangyun@linux.vnet.ibm.com\u003e\nCc: Paul Gortmaker \u003cpaul.gortmaker@windriver.com\u003e\nCc: Rafael J. Wysocki \u003crafael.j.wysocki@intel.com\u003e\nCc: Srivatsa S. Bhat \u003csrivatsa.bhat@linux.vnet.ibm.com\u003e\nCc: Toshi Kani \u003ctoshi.kani@hp.com\u003e\nLink: http://lkml.kernel.org/r/53758B12.8060609@cn.fujitsu.com\nSigned-off-by: Ingo Molnar \u003cmingo@kernel.org\u003e\nSigned-off-by: Greg Kroah-Hartman \u003cgregkh@linuxfoundation.org\u003e\n\n" }, { "commit": "4b2cfc9508d9e509708f85748548e03db696dbcd", "tree": "1c3f251ef8073234984c334c59993e7b4c3b26db", "parents": [ "183f99ecb6a484c142ae2fc99df3ef5cdadc3985" ], "author": { "name": "Peter Zijlstra", "email": "peterz@infradead.org", "time": "Fri May 02 16:56:01 2014 +0200" }, "committer": { "name": "Greg Kroah-Hartman", "email": "gregkh@linuxfoundation.org", "time": "Wed Jun 11 12:04:11 2014 -0700" }, "message": "perf: Fix race in removing an event\n\ncommit 46ce0fe97a6be7532ce6126bb26ce89fed81528c upstream.\n\nWhen removing a (sibling) event we do:\n\n\traw_spin_lock_irq(\u0026ctx-\u003elock);\n\tperf_group_detach(event);\n\traw_spin_unlock_irq(\u0026ctx-\u003elock);\n\n\t\u003chole\u003e\n\n\tperf_remove_from_context(event);\n\t\traw_spin_lock_irq(\u0026ctx-\u003elock);\n\t\t...\n\t\traw_spin_unlock_irq(\u0026ctx-\u003elock);\n\nNow, assuming the event is a sibling, it will be \u0027unreachable\u0027 for\nthings like ctx_sched_out() because that iterates the\ngroups-\u003esiblings, and we just unhooked the sibling.\n\nSo, if during \u003chole\u003e we get ctx_sched_out(), it will miss the event\nand not call event_sched_out() on it, leaving it programmed on the\nPMU.\n\nThe subsequent perf_remove_from_context() call will find the ctx is\ninactive and only call list_del_event() to remove the event from all\nother lists.\n\nHereafter we can proceed to free the event; while still programmed!\n\nClose this hole by moving perf_group_detach() inside the same\nctx-\u003elock region(s) perf_remove_from_context() has.\n\nThe condition on inherited events only in __perf_event_exit_task() is\nlikely complete crap because non-inherited events are part of groups\ntoo and we\u0027re tearing down just the same. But leave that for another\npatch.\n\nMost-likely-Fixes: e03a9a55b4e (\"perf: Change close() semantics for group events\")\nReported-by: Vince Weaver \u003cvincent.weaver@maine.edu\u003e\nTested-by: Vince Weaver \u003cvincent.weaver@maine.edu\u003e\nMuch-staring-at-traces-by: Vince Weaver \u003cvincent.weaver@maine.edu\u003e\nMuch-staring-at-traces-by: Thomas Gleixner \u003ctglx@linutronix.de\u003e\nCc: Arnaldo Carvalho de Melo \u003cacme@kernel.org\u003e\nCc: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\nSigned-off-by: Peter Zijlstra \u003cpeterz@infradead.org\u003e\nLink: http://lkml.kernel.org/r/20140505093124.GN17778@laptop.programming.kicks-ass.net\nSigned-off-by: Ingo Molnar \u003cmingo@kernel.org\u003e\nSigned-off-by: Greg Kroah-Hartman \u003cgregkh@linuxfoundation.org\u003e\n\n" }, { "commit": "183f99ecb6a484c142ae2fc99df3ef5cdadc3985", "tree": "3058cc15bf054797ee4e2b64390b85563a627072", "parents": [ "0d41f6026aa0c15d60e75f8f71f1408c32fe1ba4" ], "author": { "name": "Peter Zijlstra", "email": "peterz@infradead.org", "time": "Thu May 15 20:23:48 2014 +0200" }, "committer": { "name": "Greg Kroah-Hartman", "email": "gregkh@linuxfoundation.org", "time": "Wed Jun 11 12:04:11 2014 -0700" }, "message": "perf: Limit perf_event_attr::sample_period to 63 bits\n\ncommit 0819b2e30ccb93edf04876237b6205eef84ec8d2 upstream.\n\nVince reported that using a large sample_period (one with bit 63 set)\nresults in wreckage since while the sample_period is fundamentally\nunsigned (negative periods don\u0027t make sense) the way we implement\nthings very much rely on signed logic.\n\nSo limit sample_period to 63 bits to avoid tripping over this.\n\nReported-by: Vince Weaver \u003cvincent.weaver@maine.edu\u003e\nSigned-off-by: Peter Zijlstra \u003cpeterz@infradead.org\u003e\nLink: http://lkml.kernel.org/n/tip-p25fhunibl4y3qi0zuqmyf4b@git.kernel.org\nSigned-off-by: Thomas Gleixner \u003ctglx@linutronix.de\u003e\nSigned-off-by: Greg Kroah-Hartman \u003cgregkh@linuxfoundation.org\u003e\n\n" } ], "next": "0d41f6026aa0c15d60e75f8f71f1408c32fe1ba4" }