1. 23 Jun, 2021 5 commits
  2. 26 May, 2021 5 commits
  3. 14 May, 2021 12 commits
    • Chao Yu's avatar
      f2fs: compress: clean up parameter of __f2fs_cluster_blocks() · 91f0fb69
      Chao Yu authored
      Previously, in order to reuse __f2fs_cluster_blocks(),
      f2fs_is_compressed_cluster() assigned a compress_ctx type variable,
      which is used to pass few parameters (cc.inode, cc.cluster_size,
      cc.cluster_idx), it's wasteful to allocate such large space in stack.
      
      Let's clean up parameters of __f2fs_cluster_blocks() to avoid that.
      Signed-off-by: default avatarChao Yu <yuchao0@huawei.com>
      Signed-off-by: default avatarJaegeuk Kim <jaegeuk@kernel.org>
      91f0fb69
    • Chao Yu's avatar
      f2fs: compress: remove unneeded f2fs_put_dnode() · fbec3b96
      Chao Yu authored
      If we don't initialize dn.inode_page for f2fs_get_block(),
      f2fs_get_block() will call f2fs_put_dnode() itself, so let's
      remove unneeded f2fs_put_dnode() in f2fs_vm_page_mkwrite().
      Signed-off-by: default avatarChao Yu <yuchao0@huawei.com>
      Signed-off-by: default avatarJaegeuk Kim <jaegeuk@kernel.org>
      fbec3b96
    • Chao Yu's avatar
      f2fs: atgc: fix to set default age threshold · 89e53ff1
      Chao Yu authored
      Default age threshold value is missed to set, fix it.
      
      Fixes: 093749e2 ("f2fs: support age threshold based garbage collection")
      Reported-by: default avatarSahitya Tummala <stummala@codeaurora.org>
      Signed-off-by: default avatarChao Yu <yuchao0@huawei.com>
      Signed-off-by: default avatarJaegeuk Kim <jaegeuk@kernel.org>
      89e53ff1
    • Shin'ichiro Kawasaki's avatar
      f2fs: Prevent swap file in LFS mode · d927ccfc
      Shin'ichiro Kawasaki authored
      The kernel writes to swap files on f2fs directly without the assistance
      of the filesystem. This direct write by kernel can be non-sequential
      even when the f2fs is in LFS mode. Such non-sequential write conflicts
      with the LFS semantics. Especially when f2fs is set up on zoned block
      devices, the non-sequential write causes unaligned write command errors.
      
      To avoid the non-sequential writes to swap files, prevent swap file
      activation when the filesystem is in LFS mode.
      
      Fixes: 4969c06a ("f2fs: support swap file w/ DIO")
      Signed-off-by: default avatarShin'ichiro Kawasaki <shinichiro.kawasaki@wdc.com>
      Cc: stable@vger.kernel.org # v5.10+
      Reviewed-by: default avatarChao Yu <yuchao0@huawei.com>
      Signed-off-by: default avatarJaegeuk Kim <jaegeuk@kernel.org>
      d927ccfc
    • Chao Yu's avatar
      f2fs: fix to avoid racing on fsync_entry_slab by multi filesystem instances · cad83c96
      Chao Yu authored
      As syzbot reported, there is an use-after-free issue during f2fs recovery:
      
      Use-after-free write at 0xffff88823bc16040 (in kfence-#10):
       kmem_cache_destroy+0x1f/0x120 mm/slab_common.c:486
       f2fs_recover_fsync_data+0x75b0/0x8380 fs/f2fs/recovery.c:869
       f2fs_fill_super+0x9393/0xa420 fs/f2fs/super.c:3945
       mount_bdev+0x26c/0x3a0 fs/super.c:1367
       legacy_get_tree+0xea/0x180 fs/fs_context.c:592
       vfs_get_tree+0x86/0x270 fs/super.c:1497
       do_new_mount fs/namespace.c:2905 [inline]
       path_mount+0x196f/0x2be0 fs/namespace.c:3235
       do_mount fs/namespace.c:3248 [inline]
       __do_sys_mount fs/namespace.c:3456 [inline]
       __se_sys_mount+0x2f9/0x3b0 fs/namespace.c:3433
       do_syscall_64+0x3f/0xb0 arch/x86/entry/common.c:47
       entry_SYSCALL_64_after_hwframe+0x44/0xae
      
      The root cause is multi f2fs filesystem instances can race on accessing
      global fsync_entry_slab pointer, result in use-after-free issue of slab
      cache, fixes to init/destroy this slab cache only once during module
      init/destroy procedure to avoid this issue.
      
      Reported-by: syzbot+9d90dad32dd9727ed084@syzkaller.appspotmail.com
      Signed-off-by: default avatarChao Yu <yuchao0@huawei.com>
      Signed-off-by: default avatarJaegeuk Kim <jaegeuk@kernel.org>
      cad83c96
    • Chao Yu's avatar
      f2fs: restructure f2fs page.private layout · b763f3be
      Chao Yu authored
      Restruct f2fs page private layout for below reasons:
      
      There are some cases that f2fs wants to set a flag in a page to
      indicate a specified status of page:
      a) page is in transaction list for atomic write
      b) page contains dummy data for aligned write
      c) page is migrating for GC
      d) page contains inline data for inline inode flush
      e) page belongs to merkle tree, and is verified for fsverity
      f) page is dirty and has filesystem/inode reference count for writeback
      g) page is temporary and has decompress io context reference for compression
      
      There are existed places in page structure we can use to store
      f2fs private status/data:
      - page.flags: PG_checked, PG_private
      - page.private
      
      However it was a mess when we using them, which may cause potential
      confliction:
      		page.private	PG_private	PG_checked	page._refcount (+1 at most)
      a)		-1		set				+1
      b)		-2		set
      c), d), e)					set
      f)		0		set				+1
      g)		pointer		set
      
      The other problem is page.flags has no free slot, if we can avoid set
      zero to page.private and set PG_private flag, then we use non-zero value
      to indicate PG_private status, so that we may have chance to reclaim
      PG_private slot for other usage. [1]
      
      The other concern is f2fs has bad scalability in aspect of indicating
      more page status.
      
      So in this patch, let's restructure f2fs' page.private as below to
      solve above issues:
      
      Layout A: lowest bit should be 1
      | bit0 = 1 | bit1 | bit2 | ... | bit MAX | private data .... |
       bit 0	PAGE_PRIVATE_NOT_POINTER
       bit 1	PAGE_PRIVATE_ATOMIC_WRITE
       bit 2	PAGE_PRIVATE_DUMMY_WRITE
       bit 3	PAGE_PRIVATE_ONGOING_MIGRATION
       bit 4	PAGE_PRIVATE_INLINE_INODE
       bit 5	PAGE_PRIVATE_REF_RESOURCE
       bit 6-	f2fs private data
      
      Layout B: lowest bit should be 0
       page.private is a wrapped pointer.
      
      After the change:
      		page.private	PG_private	PG_checked	page._refcount (+1 at most)
      a)		11		set				+1
      b)		101		set				+1
      c)		1001		set				+1
      d)		10001		set				+1
      e)						set
      f)		100001		set				+1
      g)		pointer		set				+1
      
      [1] https://lore.kernel.org/linux-f2fs-devel/20210422154705.GO3596236@casper.infradead.org/T/#u
      
      Cc: Matthew Wilcox <willy@infradead.org>
      Signed-off-by: default avatarChao Yu <yuchao0@huawei.com>
      Signed-off-by: default avatarJaegeuk Kim <jaegeuk@kernel.org>
      b763f3be
    • Chao Yu's avatar
      f2fs: add cp_error check in f2fs_write_compressed_pages · ee68d271
      Chao Yu authored
      This patch adds cp_error check in f2fs_write_compressed_pages() like we did
      in f2fs_write_single_data_page()
      Signed-off-by: default avatarChao Yu <yuchao0@huawei.com>
      Signed-off-by: default avatarJaegeuk Kim <jaegeuk@kernel.org>
      ee68d271
    • Chao Yu's avatar
      f2fs: compress: rename __cluster_may_compress · 5db479f0
      Chao Yu authored
      This patch renames __cluster_may_compress() to cluster_has_invalid_data() for
      better readability.
      Signed-off-by: default avatarChao Yu <yuchao0@huawei.com>
      Signed-off-by: default avatarJaegeuk Kim <jaegeuk@kernel.org>
      5db479f0
    • Linus Torvalds's avatar
      Merge tag 'arm64-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux · bd3c9cdb
      Linus Torvalds authored
      Pull arm64 fixes from Catalin Marinas:
       "Fixes and cpucaps.h automatic generation:
      
         - Generate cpucaps.h at build time rather than carrying lots of
           #defines. Merged at -rc1 to avoid some conflicts during the merge
           window.
      
         - Initialise RGSR_EL1.SEED in __cpu_setup() as it may be left as 0
           out of reset and the IRG instruction would not function as expected
           if only the architected pseudorandom number generator is
           implemented.
      
         - Fix potential race condition in __sync_icache_dcache() where the
           PG_dcache_clean page flag is set before the actual cache
           maintenance.
      
         - Fix header include in BTI kselftests"
      
      * tag 'arm64-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux:
        arm64: Fix race condition on PG_dcache_clean in __sync_icache_dcache()
        arm64: tools: Add __ASM_CPUCAPS_H to the endif in cpucaps.h
        arm64: mte: initialize RGSR_EL1.SEED in __cpu_setup
        kselftest/arm64: Add missing stddef.h include to BTI tests
        arm64: Generate cpucaps.h
      bd3c9cdb
    • Linus Torvalds's avatar
      Merge tag 'f2fs-5.13-rc1-fix' of git://git.kernel.org/pub/scm/linux/kernel/git/jaegeuk/f2fs · ac524ece
      Linus Torvalds authored
      Pull f2fs fixes from Jaegeuk Kim:
       "This fixes some critical bugs such as memory leak in compression
        flows, kernel panic when handling errors, and swapon failure due to
        newly added condition check"
      
      * tag 'f2fs-5.13-rc1-fix' of git://git.kernel.org/pub/scm/linux/kernel/git/jaegeuk/f2fs:
        f2fs: return EINVAL for hole cases in swap file
        f2fs: avoid swapon failure by giving a warning first
        f2fs: compress: fix to assign cc.cluster_idx correctly
        f2fs: compress: fix race condition of overwrite vs truncate
        f2fs: compress: fix to free compress page correctly
        f2fs: support iflag change given the mask
        f2fs: avoid null pointer access when handling IPU error
      ac524ece
    • Linus Torvalds's avatar
      Merge tag 'drm-fixes-2021-05-14' of git://anongit.freedesktop.org/drm/drm · b5304a4f
      Linus Torvalds authored
      Pull drm fixes from Dave Airlie:
       "Not much here, mostly amdgpu fixes, with a couple of radeon, and a
        cosmetic vc4.
      
        Two MAINTAINERS file updates also.
      
        amdgpu:
         - Fixes for flexible array conversions
         - Fix sysfs attribute init
         - Harvesting fixes
         - VCN CG/PG fixes for Picasso
      
        radeon:
         - Fixes for flexible array conversions
         - Fix for flickering on Oland with multiple 4K displays
      
        vc4:
         - drop unused function"
      
      * tag 'drm-fixes-2021-05-14' of git://anongit.freedesktop.org/drm/drm:
        drm/amdgpu: update vcn1.0 Non-DPG suspend sequence
        drm/amdgpu: set vcn mgcg flag for picasso
        drm/radeon/dpm: Disable sclk switching on Oland when two 4K 60Hz monitors are connected
        drm/amdgpu: update the method for harvest IP for specific SKU
        drm/amdgpu: add judgement when add ip blocks (v2)
        drm/amd/display: Initialize attribute for hdcp_srm sysfs file
        drm/amd/pm: Fix out-of-bounds bug
        drm/radeon/si_dpm: Fix SMU power state load
        drm/radeon/ni_dpm: Fix booting bug
        MAINTAINERS: Update address for Emma Anholt
        MAINTAINERS: Update my e-mail
        drm/vc4: remove unused function
        drm/ttm: Do not add non-system domain BO into swap list
      b5304a4f
    • Catalin Marinas's avatar
      arm64: Fix race condition on PG_dcache_clean in __sync_icache_dcache() · 588a513d
      Catalin Marinas authored
      To ensure that instructions are observable in a new mapping, the arm64
      set_pte_at() implementation cleans the D-cache and invalidates the
      I-cache to the PoU. As an optimisation, this is only done on executable
      mappings and the PG_dcache_clean page flag is set to avoid future cache
      maintenance on the same page.
      
      When two different processes map the same page (e.g. private executable
      file or shared mapping) there's a potential race on checking and setting
      PG_dcache_clean via set_pte_at() -> __sync_icache_dcache(). While on the
      fault paths the page is locked (PG_locked), mprotect() does not take the
      page lock. The result is that one process may see the PG_dcache_clean
      flag set but the I/D cache maintenance not yet performed.
      
      Avoid test_and_set_bit(PG_dcache_clean) in favour of separate test_bit()
      and set_bit(). In the rare event of a race, the cache maintenance is
      done twice.
      Signed-off-by: default avatarCatalin Marinas <catalin.marinas@arm.com>
      Cc: <stable@vger.kernel.org>
      Cc: Will Deacon <will@kernel.org>
      Cc: Steven Price <steven.price@arm.com>
      Reviewed-by: default avatarSteven Price <steven.price@arm.com>
      Acked-by: default avatarWill Deacon <will@kernel.org>
      Link: https://lore.kernel.org/r/20210514095001.13236-1-catalin.marinas@arm.comSigned-off-by: default avatarCatalin Marinas <catalin.marinas@arm.com>
      588a513d
  4. 13 May, 2021 18 commits