1. 08 Oct, 2023 1 commit
  2. 07 Oct, 2023 10 commits
  3. 06 Oct, 2023 22 commits
  4. 05 Oct, 2023 7 commits
    • Jeff Moyer's avatar
      io-wq: fully initialize wqe before calling cpuhp_state_add_instance_nocalls() · 0f8baa3c
      Jeff Moyer authored
      I received a bug report with the following signature:
      
      [ 1759.937637] BUG: unable to handle page fault for address: ffffffffffffffe8
      [ 1759.944564] #PF: supervisor read access in kernel mode
      [ 1759.949732] #PF: error_code(0x0000) - not-present page
      [ 1759.954901] PGD 7ab615067 P4D 7ab615067 PUD 7ab617067 PMD 0
      [ 1759.960596] Oops: 0000 1 PREEMPT SMP PTI
      [ 1759.964804] CPU: 15 PID: 109 Comm: cpuhp/15 Kdump: loaded Tainted: G X ------- — 5.14.0-362.3.1.el9_3.x86_64 #1
      [ 1759.976609] Hardware name: HPE ProLiant DL380 Gen10/ProLiant DL380 Gen10, BIOS U30 06/20/2018
      [ 1759.985181] RIP: 0010:io_wq_for_each_worker.isra.0+0x24/0xa0
      [ 1759.990877] Code: 90 90 90 90 90 90 0f 1f 44 00 00 41 56 41 55 41 54 55 48 8d 6f 78 53 48 8b 47 78 48 39 c5 74 4f 49 89 f5 49 89 d4 48 8d 58 e8 <8b> 13 85 d2 74 32 8d 4a 01 89 d0 f0 0f b1 0b 75 5c 09 ca 78 3d 48
      [ 1760.009758] RSP: 0000:ffffb6f403603e20 EFLAGS: 00010286
      [ 1760.015013] RAX: 0000000000000000 RBX: ffffffffffffffe8 RCX: 0000000000000000
      [ 1760.022188] RDX: ffffb6f403603e50 RSI: ffffffffb11e95b0 RDI: ffff9f73b09e9400
      [ 1760.029362] RBP: ffff9f73b09e9478 R08: 000000000000000f R09: 0000000000000000
      [ 1760.036536] R10: ffffffffffffff00 R11: ffffb6f403603d80 R12: ffffb6f403603e50
      [ 1760.043712] R13: ffffffffb11e95b0 R14: ffffffffb28531e8 R15: ffff9f7a6fbdf548
      [ 1760.050887] FS: 0000000000000000(0000) GS:ffff9f7a6fbc0000(0000) knlGS:0000000000000000
      [ 1760.059025] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
      [ 1760.064801] CR2: ffffffffffffffe8 CR3: 00000007ab610002 CR4: 00000000007706e0
      [ 1760.071976] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
      [ 1760.079150] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
      [ 1760.086325] PKRU: 55555554
      [ 1760.089044] Call Trace:
      [ 1760.091501] <TASK>
      [ 1760.093612] ? show_trace_log_lvl+0x1c4/0x2df
      [ 1760.097995] ? show_trace_log_lvl+0x1c4/0x2df
      [ 1760.102377] ? __io_wq_cpu_online+0x54/0xb0
      [ 1760.106584] ? __die_body.cold+0x8/0xd
      [ 1760.110356] ? page_fault_oops+0x134/0x170
      [ 1760.114479] ? kernelmode_fixup_or_oops+0x84/0x110
      [ 1760.119298] ? exc_page_fault+0xa8/0x150
      [ 1760.123247] ? asm_exc_page_fault+0x22/0x30
      [ 1760.127458] ? __pfx_io_wq_worker_affinity+0x10/0x10
      [ 1760.132453] ? __pfx_io_wq_worker_affinity+0x10/0x10
      [ 1760.137446] ? io_wq_for_each_worker.isra.0+0x24/0xa0
      [ 1760.142527] __io_wq_cpu_online+0x54/0xb0
      [ 1760.146558] cpuhp_invoke_callback+0x109/0x460
      [ 1760.151029] ? __pfx_io_wq_cpu_offline+0x10/0x10
      [ 1760.155673] ? __pfx_smpboot_thread_fn+0x10/0x10
      [ 1760.160320] cpuhp_thread_fun+0x8d/0x140
      [ 1760.164266] smpboot_thread_fn+0xd3/0x1a0
      [ 1760.168297] kthread+0xdd/0x100
      [ 1760.171457] ? __pfx_kthread+0x10/0x10
      [ 1760.175225] ret_from_fork+0x29/0x50
      [ 1760.178826] </TASK>
      [ 1760.181022] Modules linked in: rpcsec_gss_krb5 auth_rpcgss nfsv4 dns_resolver nfs lockd grace fscache netfs rfkill sunrpc vfat fat dm_multipath intel_rapl_msr intel_rapl_common isst_if_common ipmi_ssif nfit libnvdimm mgag200 i2c_algo_bit ioatdma drm_shmem_helper drm_kms_helper acpi_ipmi syscopyarea x86_pkg_temp_thermal sysfillrect ipmi_si intel_powerclamp sysimgblt ipmi_devintf coretemp acpi_power_meter ipmi_msghandler rapl pcspkr dca intel_pch_thermal intel_cstate ses lpc_ich intel_uncore enclosure hpilo mei_me mei acpi_tad fuse drm xfs sd_mod sg bnx2x nvme nvme_core crct10dif_pclmul crc32_pclmul nvme_common ghash_clmulni_intel smartpqi tg3 t10_pi mdio uas libcrc32c crc32c_intel scsi_transport_sas usb_storage hpwdt wmi dm_mirror dm_region_hash dm_log dm_mod
      [ 1760.248623] CR2: ffffffffffffffe8
      
      A cpu hotplug callback was issued before wq->all_list was initialized.
      This results in a null pointer dereference.  The fix is to fully setup
      the io_wq before calling cpuhp_state_add_instance_nocalls().
      Signed-off-by: default avatarJeff Moyer <jmoyer@redhat.com>
      Link: https://lore.kernel.org/r/x49y1ghnecs.fsf@segfault.boston.devel.redhat.comSigned-off-by: default avatarJens Axboe <axboe@kernel.dk>
      0f8baa3c
    • Renan Guilherme Lebre Ramos's avatar
    • Linus Torvalds's avatar
      Merge tag 'net-6.6-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net · f291209e
      Linus Torvalds authored
      Pull networking fixes from Jakub Kicinski:
       "Including fixes from Bluetooth, netfilter, BPF and WiFi.
      
        I didn't collect precise data but feels like we've got a lot of 6.5
        fixes here. WiFi fixes are most user-awaited.
      
        Current release - regressions:
      
         - Bluetooth: fix hci_link_tx_to RCU lock usage
      
        Current release - new code bugs:
      
         - bpf: mprog: fix maximum program check on mprog attachment
      
         - eth: ti: icssg-prueth: fix signedness bug in prueth_init_tx_chns()
      
        Previous releases - regressions:
      
         - ipv6: tcp: add a missing nf_reset_ct() in 3WHS handling
      
         - vringh: don't use vringh_kiov_advance() in vringh_iov_xfer(), it
           doesn't handle zero length like we expected
      
         - wifi:
            - cfg80211: fix cqm_config access race, fix crashes with brcmfmac
            - iwlwifi: mvm: handle PS changes in vif_cfg_changed
            - mac80211: fix mesh id corruption on 32 bit systems
            - mt76: mt76x02: fix MT76x0 external LNA gain handling
      
         - Bluetooth: fix handling of HCI_QUIRK_STRICT_DUPLICATE_FILTER
      
         - l2tp: fix handling of transhdrlen in __ip{,6}_append_data()
      
         - dsa: mv88e6xxx: avoid EEPROM timeout when EEPROM is absent
      
         - eth: stmmac: fix the incorrect parameter after refactoring
      
        Previous releases - always broken:
      
         - net: replace calls to sock->ops->connect() with kernel_connect(),
           prevent address rewrite in kernel_bind(); otherwise BPF hooks may
           modify arguments, unexpectedly to the caller
      
         - tcp: fix delayed ACKs when reads and writes align with MSS
      
         - bpf:
            - verifier: unconditionally reset backtrack_state masks on global
              func exit
            - s390: let arch_prepare_bpf_trampoline return program size, fix
              struct_ops offsets
            - sockmap: fix accounting of available bytes in presence of PEEKs
            - sockmap: reject sk_msg egress redirects to non-TCP sockets
      
         - ipv4/fib: send netlink notify when delete source address routes
      
         - ethtool: plca: fix width of reads when parsing netlink commands
      
         - netfilter: nft_payload: rebuild vlan header on h_proto access
      
         - Bluetooth: hci_codec: fix leaking memory of local_codecs
      
         - eth: intel: ice: always add legacy 32byte RXDID in supported_rxdids
      
         - eth: stmmac:
           - dwmac-stm32: fix resume on STM32 MCU
           - remove buggy and unneeded stmmac_poll_controller, depend on NAPI
      
         - ibmveth: always recompute TCP pseudo-header checksum, fix use of
           the driver with Open vSwitch
      
         - wifi:
            - rtw88: rtw8723d: fix MAC address offset in EEPROM
            - mt76: fix lock dependency problem for wed_lock
            - mwifiex: sanity check data reported by the device
            - iwlwifi: ensure ack flag is properly cleared
            - iwlwifi: mvm: fix a memory corruption due to bad pointer arithm
            - iwlwifi: mvm: fix incorrect usage of scan API
      
        Misc:
      
         - wifi: mac80211: work around Cisco AP 9115 VHT MPDU length"
      
      * tag 'net-6.6-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net: (99 commits)
        MAINTAINERS: update Matthieu's email address
        mptcp: userspace pm allow creating id 0 subflow
        mptcp: fix delegated action races
        net: stmmac: remove unneeded stmmac_poll_controller
        net: lan743x: also select PHYLIB
        net: ethernet: mediatek: disable irq before schedule napi
        net: mana: Fix oversized sge0 for GSO packets
        net: mana: Fix the tso_bytes calculation
        net: mana: Fix TX CQE error handling
        netlink: annotate data-races around sk->sk_err
        sctp: update hb timer immediately after users change hb_interval
        sctp: update transport state when processing a dupcook packet
        tcp: fix delayed ACKs for MSS boundary condition
        tcp: fix quick-ack counting to count actual ACKs of new data
        page_pool: fix documentation typos
        tipc: fix a potential deadlock on &tx->lock
        net: stmmac: dwmac-stm32: fix resume on STM32 MCU
        ipv4: Set offload_failed flag in fibmatch results
        netfilter: nf_tables: nft_set_rbtree: fix spurious insertion failure
        netfilter: nf_tables: Deduplicate nft_register_obj audit logs
        ...
      f291209e
    • Linus Torvalds's avatar
      Merge tag 'integrity-v6.6-fix' of... · cb84fb87
      Linus Torvalds authored
      Merge tag 'integrity-v6.6-fix' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity
      
      Pull integrity fixes from Mimi Zohar:
       "Two additional patches to fix the removal of the deprecated
        IMA_TRUSTED_KEYRING Kconfig"
      
      * tag 'integrity-v6.6-fix' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity:
        ima: rework CONFIG_IMA dependency block
        ima: Finish deprecation of IMA_TRUSTED_KEYRING Kconfig
      cb84fb87
    • Linus Torvalds's avatar
      Merge tag 'leds-fixes-6.6' of git://git.kernel.org/pub/scm/linux/kernel/git/lee/leds · e90822d7
      Linus Torvalds authored
      Pull LED fix from Lee Jones:
       "Just the one bug-fix:
      
         - Fix regression affecting LED_COLOR_ID_MULTI users"
      
      * tag 'leds-fixes-6.6' of git://git.kernel.org/pub/scm/linux/kernel/git/lee/leds:
        leds: Drop BUG_ON check for LED_COLOR_ID_MULTI
      e90822d7
    • Linus Torvalds's avatar
      Merge tag 'mfd-fixes-6.6' of git://git.kernel.org/pub/scm/linux/kernel/git/lee/mfd · bc622f16
      Linus Torvalds authored
      Pull MFD fixes from Lee Jones:
       "A couple of small fixes:
      
         - Potential build failure in CS42L43
      
         - Device Tree bindings clean-up for a superseded patch"
      
      * tag 'mfd-fixes-6.6' of git://git.kernel.org/pub/scm/linux/kernel/git/lee/mfd:
        dt-bindings: mfd: Revert "dt-bindings: mfd: maxim,max77693: Add USB connector"
        mfd: cs42l43: Fix MFD_CS42L43 dependency on REGMAP_IRQ
      bc622f16
    • Linus Torvalds's avatar
      Merge tag 'ovl-fixes-6.6-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/overlayfs/vfs · 403688e0
      Linus Torvalds authored
      Pull overlayfs fixes from Amir Goldstein:
      
       - Fix for file reference leak regression
      
       - Fix for NULL pointer deref regression
      
       - Fixes for RCU-walk race regressions:
      
         Two of the fixes were taken from Al's RCU pathwalk race fixes series
         with his consent [1].
      
         Note that unlike most of Al's series, these two patches are not about
         racing with ->kill_sb() and they are also very recent regressions
         from v6.5, so I think it's worth getting them into v6.5.y.
      
         There is also a fix for an RCU pathwalk race with ->kill_sb(), which
         may have been solved in vfs generic code as you suggested, but it
         also rids overlayfs from a nasty hack, so I think it's worth anyway.
      
      Link: https://lore.kernel.org/linux-fsdevel/20231003204749.GA800259@ZenIV/ [1]
      
      * tag 'ovl-fixes-6.6-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/overlayfs/vfs:
        ovl: fix NULL pointer defer when encoding non-decodable lower fid
        ovl: make use of ->layers safe in rcu pathwalk
        ovl: fetch inode once in ovl_dentry_revalidate_common()
        ovl: move freeing ovl_entry past rcu delay
        ovl: fix file reference leak when submitting aio
      403688e0