1. 20 Dec, 2023 4 commits
    • Baokun Li's avatar
      mm/filemap: avoid buffered read/write race to read inconsistent data · e2c27b80
      Baokun Li authored
      The following concurrency may cause the data read to be inconsistent with
      the data on disk:
      
                   cpu1                           cpu2
      ------------------------------|------------------------------
                                     // Buffered write 2048 from 0
                                     ext4_buffered_write_iter
                                      generic_perform_write
                                       copy_page_from_iter_atomic
                                       ext4_da_write_end
                                        ext4_da_do_write_end
                                         block_write_end
                                          __block_commit_write
                                           folio_mark_uptodate
      // Buffered read 4096 from 0          smp_wmb()
      ext4_file_read_iter                   set_bit(PG_uptodate, folio_flags)
       generic_file_read_iter            i_size_write // 2048
        filemap_read                     unlock_page(page)
         filemap_get_pages
          filemap_get_read_batch
          folio_test_uptodate(folio)
           ret = test_bit(PG_uptodate, folio_flags)
           if (ret)
            smp_rmb();
            // Ensure that the data in page 0-2048 is up-to-date.
      
                                     // New buffered write 2048 from 2048
                                     ext4_buffered_write_iter
                                      generic_perform_write
                                       copy_page_from_iter_atomic
                                       ext4_da_write_end
                                        ext4_da_do_write_end
                                         block_write_end
                                          __block_commit_write
                                           folio_mark_uptodate
                                            smp_wmb()
                                            set_bit(PG_uptodate, folio_flags)
                                         i_size_write // 4096
                                         unlock_page(page)
      
         isize = i_size_read(inode) // 4096
         // Read the latest isize 4096, but without smp_rmb(), there may be
         // Load-Load disorder resulting in the data in the 2048-4096 range
         // in the page is not up-to-date.
         copy_page_to_iter
         // copyout 4096
      
      In the concurrency above, we read the updated i_size, but there is no read
      barrier to ensure that the data in the page is the same as the i_size at
      this point, so we may copy the unsynchronized page out.  Hence adding the
      missing read memory barrier to fix this.
      
      This is a Load-Load reordering issue, which only occurs on some weak
      mem-ordering architectures (e.g.  ARM64, ALPHA), but not on strong
      mem-ordering architectures (e.g.  X86).  And theoretically the problem
      doesn't only happen on ext4, filesystems that call filemap_read() but
      don't hold inode lock (e.g.  btrfs, f2fs, ubifs ...) will have this
      problem, while filesystems with inode lock (e.g.  xfs, nfs) won't have
      this problem.
      
      Link: https://lkml.kernel.org/r/20231213062324.739009-1-libaokun1@huawei.comSigned-off-by: default avatarBaokun Li <libaokun1@huawei.com>
      Reviewed-by: default avatarJan Kara <jack@suse.cz>
      Cc: Andreas Dilger <adilger.kernel@dilger.ca>
      Cc: Christoph Hellwig <hch@infradead.org>
      Cc: Dave Chinner <david@fromorbit.com>
      Cc: Matthew Wilcox (Oracle) <willy@infradead.org>
      Cc: Ritesh Harjani (IBM) <ritesh.list@gmail.com>
      Cc: Theodore Ts'o <tytso@mit.edu>
      Cc: yangerkun <yangerkun@huawei.com>
      Cc: Yu Kuai <yukuai3@huawei.com>
      Cc: Zhang Yi <yi.zhang@huawei.com>
      Cc: <stable@vger.kernel.org>
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      e2c27b80
    • Nico Pache's avatar
      kunit: kasan_test: disable fortify string checker on kmalloc_oob_memset · b2325bf8
      Nico Pache authored
      Similar to commit 09c6304e ("kasan: test: fix compatibility with
      FORTIFY_SOURCE") the kernel is panicing in kmalloc_oob_memset_*.
      
      This is due to the `ptr` not being hidden from the optimizer which would
      disable the runtime fortify string checker.
      
      kernel BUG at lib/string_helpers.c:1048!
      Call Trace:
      [<00000000272502e2>] fortify_panic+0x2a/0x30
      ([<00000000272502de>] fortify_panic+0x26/0x30)
      [<001bffff817045c4>] kmalloc_oob_memset_2+0x22c/0x230 [kasan_test]
      
      Hide the `ptr` variable from the optimizer to fix the kernel panic.  Also
      define a memset_size variable and hide that as well.  This cleans up the
      code and follows the same convention as other tests.
      
      [npache@redhat.com: address review comments from Andrey]
        Link: https://lkml.kernel.org/r/20231214164423.6202-1-npache@redhat.com
      Link: https://lkml.kernel.org/r/20231212232659.18839-1-npache@redhat.comSigned-off-by: default avatarNico Pache <npache@redhat.com>
      Reviewed-by: default avatarAndrey Konovalov <andreyknvl@gmail.com>
      Cc: Alexander Potapenko <glider@google.com>
      Cc: Andrey Konovalov <andreyknvl@gmail.com>
      Cc: Andrey Ryabinin <ryabinin.a.a@gmail.com>
      Cc: Dmitry Vyukov <dvyukov@google.com>
      Cc: Vincenzo Frascino <vincenzo.frascino@arm.com>
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      b2325bf8
    • Arnd Bergmann's avatar
      kexec: select CRYPTO from KEXEC_FILE instead of depending on it · e63bde3d
      Arnd Bergmann authored
      All other users of crypto code use 'select' instead of 'depends on', so do
      the same thing with KEXEC_FILE for consistency.
      
      In practice this makes very little difference as kernels with kexec
      support are very likely to also include some other feature that already
      selects both crypto and crypto_sha256, but being consistent here helps for
      usability as well as to avoid potential circular dependencies.
      
      This reverts the dependency back to what it was originally before commit
      74ca317c ("kexec: create a new config option CONFIG_KEXEC_FILE for
      new syscall"), which changed changed it with the comment "This should be
      safer as "select" is not recursive", but that appears to have been done in
      error, as "select" is indeed recursive, and there are no other
      dependencies that prevent CRYPTO_SHA256 from being selected here.
      
      Link: https://lkml.kernel.org/r/20231023110308.1202042-2-arnd@kernel.org
      Fixes: 74ca317c ("kexec: create a new config option CONFIG_KEXEC_FILE for new syscall")
      Signed-off-by: default avatarArnd Bergmann <arnd@arndb.de>
      Reviewed-by: default avatarEric DeVolder <eric_devolder@yahoo.com>
      Tested-by: default avatarEric DeVolder <eric_devolder@yahoo.com>
      Acked-by: default avatarBaoquan He <bhe@redhat.com>
      Cc: Herbert Xu <herbert@gondor.apana.org.au>
      Cc: "David S. Miller" <davem@davemloft.net>
      Cc: Albert Ou <aou@eecs.berkeley.edu>
      Cc: Alexander Gordeev <agordeev@linux.ibm.com>
      Cc: Ard Biesheuvel <ardb@kernel.org>
      Cc: Borislav Petkov <bp@alien8.de>
      Cc: Christian Borntraeger <borntraeger@linux.ibm.com>
      Cc: Christophe Leroy <christophe.leroy@csgroup.eu>
      Cc: Conor Dooley <conor@kernel.org>
      Cc: Dave Hansen <dave.hansen@linux.intel.com>
      Cc: Heiko Carstens <hca@linux.ibm.com>
      Cc: "H. Peter Anvin" <hpa@zytor.com>
      Cc: Ingo Molnar <mingo@redhat.com>
      Cc: Nicholas Piggin <npiggin@gmail.com>
      Cc: Palmer Dabbelt <palmer@dabbelt.com>
      Cc: Paul Walmsley <paul.walmsley@sifive.com>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: Sven Schnelle <svens@linux.ibm.com>
      Cc: Thomas Gleixner <tglx@linutronix.de>
      Cc: Vasily Gorbik <gor@linux.ibm.com>
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      e63bde3d
    • Arnd Bergmann's avatar
      kexec: fix KEXEC_FILE dependencies · c1ad12ee
      Arnd Bergmann authored
      The cleanup for the CONFIG_KEXEC Kconfig logic accidentally changed the
      'depends on CRYPTO=y' dependency to a plain 'depends on CRYPTO', which
      causes a link failure when all the crypto support is in a loadable module
      and kexec_file support is built-in:
      
      x86_64-linux-ld: vmlinux.o: in function `__x64_sys_kexec_file_load':
      (.text+0x32e30a): undefined reference to `crypto_alloc_shash'
      x86_64-linux-ld: (.text+0x32e58e): undefined reference to `crypto_shash_update'
      x86_64-linux-ld: (.text+0x32e6ee): undefined reference to `crypto_shash_final'
      
      Both s390 and x86 have this problem, while ppc64 and riscv have the
      correct dependency already.  On riscv, the dependency is only used for the
      purgatory, not for the kexec_file code itself, which may be a bit
      surprising as it means that with CONFIG_CRYPTO=m, it is possible to enable
      KEXEC_FILE but then the purgatory code is silently left out.
      
      Move this into the common Kconfig.kexec file in a way that is correct
      everywhere, using the dependency on CRYPTO_SHA256=y only when the
      purgatory code is available.  This requires reversing the dependency
      between ARCH_SUPPORTS_KEXEC_PURGATORY and KEXEC_FILE, but the effect
      remains the same, other than making riscv behave like the other ones.
      
      On s390, there is an additional dependency on CRYPTO_SHA256_S390, which
      should technically not be required but gives better performance.  Remove
      this dependency here, noting that it was not present in the initial
      Kconfig code but was brought in without an explanation in commit
      71406883 ("s390/kexec_file: Add kexec_file_load system call").
      
      [arnd@arndb.de: fix riscv build]
        Link: https://lkml.kernel.org/r/67ddd260-d424-4229-a815-e3fcfb864a77@app.fastmail.com
      Link: https://lkml.kernel.org/r/20231023110308.1202042-1-arnd@kernel.org
      Fixes: 6af51380 ("x86/kexec: refactor for kernel/Kconfig.kexec")
      Signed-off-by: default avatarArnd Bergmann <arnd@arndb.de>
      Reviewed-by: default avatarEric DeVolder <eric_devolder@yahoo.com>
      Tested-by: default avatarEric DeVolder <eric_devolder@yahoo.com>
      Cc: Albert Ou <aou@eecs.berkeley.edu>
      Cc: Alexander Gordeev <agordeev@linux.ibm.com>
      Cc: Ard Biesheuvel <ardb@kernel.org>
      Cc: Borislav Petkov <bp@alien8.de>
      Cc: Christian Borntraeger <borntraeger@linux.ibm.com>
      Cc: Christophe Leroy <christophe.leroy@csgroup.eu>
      Cc: Conor Dooley <conor@kernel.org>
      Cc: Dave Hansen <dave.hansen@linux.intel.com>
      Cc: David S. Miller <davem@davemloft.net>
      Cc: Heiko Carstens <hca@linux.ibm.com>
      Cc: Herbert Xu <herbert@gondor.apana.org.au>
      Cc: "H. Peter Anvin" <hpa@zytor.com>
      Cc: Ingo Molnar <mingo@redhat.com>
      Cc: Nicholas Piggin <npiggin@gmail.com>
      Cc: Palmer Dabbelt <palmer@dabbelt.com>
      Cc: Paul Walmsley <paul.walmsley@sifive.com>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: Sven Schnelle <svens@linux.ibm.com>
      Cc: Thomas Gleixner <tglx@linutronix.de>
      Cc: Vasily Gorbik <gor@linux.ibm.com>
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      c1ad12ee
  2. 13 Dec, 2023 17 commits
    • Yu Zhao's avatar
      mm/mglru: reclaim offlined memcgs harder · 4376807b
      Yu Zhao authored
      In the effort to reduce zombie memcgs [1], it was discovered that the
      memcg LRU doesn't apply enough pressure on offlined memcgs.  Specifically,
      instead of rotating them to the tail of the current generation
      (MEMCG_LRU_TAIL) for a second attempt, it moves them to the next
      generation (MEMCG_LRU_YOUNG) after the first attempt.
      
      Not applying enough pressure on offlined memcgs can cause them to build
      up, and this can be particularly harmful to memory-constrained systems.
      
      On Pixel 8 Pro, launching apps for 50 cycles:
                       Before  After  Change
        Zombie memcgs  45      35     -22%
      
      [1] https://lore.kernel.org/CABdmKX2M6koq4Q0Cmp_-=wbP0Qa190HdEGGaHfxNS05gAkUtPA@mail.gmail.com/
      
      Link: https://lkml.kernel.org/r/20231208061407.2125867-4-yuzhao@google.com
      Fixes: e4dde56c ("mm: multi-gen LRU: per-node lru_gen_folio lists")
      Signed-off-by: default avatarYu Zhao <yuzhao@google.com>
      Reported-by: default avatarT.J. Mercier <tjmercier@google.com>
      Tested-by: default avatarT.J. Mercier <tjmercier@google.com>
      Cc: Charan Teja Kalla <quic_charante@quicinc.com>
      Cc: Hillf Danton <hdanton@sina.com>
      Cc: Jaroslav Pulchart <jaroslav.pulchart@gooddata.com>
      Cc: Kairui Song <ryncsn@gmail.com>
      Cc: Kalesh Singh <kaleshsingh@google.com>
      Cc: <stable@vger.kernel.org>
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      4376807b
    • Yu Zhao's avatar
      mm/mglru: respect min_ttl_ms with memcgs · 8aa42061
      Yu Zhao authored
      While investigating kswapd "consuming 100% CPU" [1] (also see "mm/mglru:
      try to stop at high watermarks"), it was discovered that the memcg LRU can
      breach the thrashing protection imposed by min_ttl_ms.
      
      Before the memcg LRU:
        kswapd()
          shrink_node_memcgs()
            mem_cgroup_iter()
              inc_max_seq()  // always hit a different memcg
          lru_gen_age_node()
            mem_cgroup_iter()
              check the timestamp of the oldest generation
      
      After the memcg LRU:
        kswapd()
          shrink_many()
            restart:
              iterate the memcg LRU:
                inc_max_seq()  // occasionally hit the same memcg
                if raced with lru_gen_rotate_memcg():
                  goto restart
          lru_gen_age_node()
            mem_cgroup_iter()
              check the timestamp of the oldest generation
      
      Specifically, when the restart happens in shrink_many(), it needs to stick
      with the (memcg LRU) generation it began with.  In other words, it should
      neither re-read memcg_lru->seq nor age an lruvec of a different
      generation.  Otherwise it can hit the same memcg multiple times without
      giving lru_gen_age_node() a chance to check the timestamp of that memcg's
      oldest generation (against min_ttl_ms).
      
      [1] https://lore.kernel.org/CAK8fFZ4DY+GtBA40Pm7Nn5xCHy+51w3sfxPqkqpqakSXYyX+Wg@mail.gmail.com/
      
      Link: https://lkml.kernel.org/r/20231208061407.2125867-3-yuzhao@google.com
      Fixes: e4dde56c ("mm: multi-gen LRU: per-node lru_gen_folio lists")
      Signed-off-by: default avatarYu Zhao <yuzhao@google.com>
      Tested-by: default avatarT.J. Mercier <tjmercier@google.com>
      Cc: Charan Teja Kalla <quic_charante@quicinc.com>
      Cc: Hillf Danton <hdanton@sina.com>
      Cc: Jaroslav Pulchart <jaroslav.pulchart@gooddata.com>
      Cc: Kairui Song <ryncsn@gmail.com>
      Cc: Kalesh Singh <kaleshsingh@google.com>
      Cc: <stable@vger.kernel.org>
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      8aa42061
    • Yu Zhao's avatar
      mm/mglru: try to stop at high watermarks · 5095a2b2
      Yu Zhao authored
      The initial MGLRU patchset didn't include the memcg LRU support, and it
      relied on should_abort_scan(), added by commit f76c8337 ("mm:
      multi-gen LRU: optimize multiple memcgs"), to "backoff to avoid
      overshooting their aggregate reclaim target by too much".
      
      Later on when the memcg LRU was added, should_abort_scan() was deemed
      unnecessary, and the test results [1] showed no side effects after it was
      removed by commit a579086c ("mm: multi-gen LRU: remove eviction
      fairness safeguard").
      
      However, that test used memory.reclaim, which sets nr_to_reclaim to
      SWAP_CLUSTER_MAX.  So it can overshoot only by SWAP_CLUSTER_MAX-1 pages,
      i.e., from nr_reclaimed=nr_to_reclaim-1 to
      nr_reclaimed=nr_to_reclaim+SWAP_CLUSTER_MAX-1.  Compared with the batch
      size kswapd sets to nr_to_reclaim, SWAP_CLUSTER_MAX is tiny.  Therefore
      that test isn't able to reproduce the worst case scenario, i.e., kswapd
      overshooting GBs on large systems and "consuming 100% CPU" (see the Closes
      tag).
      
      Bring back a simplified version of should_abort_scan() on top of the memcg
      LRU, so that kswapd stops when all eligible zones are above their
      respective high watermarks plus a small delta to lower the chance of
      KSWAPD_HIGH_WMARK_HIT_QUICKLY.  Note that this only applies to order-0
      reclaim, meaning compaction-induced reclaim can still run wild (which is a
      different problem).
      
      On Android, launching 55 apps sequentially:
                 Before     After      Change
        pgpgin   838377172  802955040  -4%
        pgpgout  38037080   34336300   -10%
      
      [1] https://lore.kernel.org/20221222041905.2431096-1-yuzhao@google.com/
      
      Link: https://lkml.kernel.org/r/20231208061407.2125867-2-yuzhao@google.com
      Fixes: a579086c ("mm: multi-gen LRU: remove eviction fairness safeguard")
      Signed-off-by: default avatarYu Zhao <yuzhao@google.com>
      Reported-by: default avatarCharan Teja Kalla <quic_charante@quicinc.com>
      Reported-by: default avatarJaroslav Pulchart <jaroslav.pulchart@gooddata.com>
      Closes: https://lore.kernel.org/CAK8fFZ4DY+GtBA40Pm7Nn5xCHy+51w3sfxPqkqpqakSXYyX+Wg@mail.gmail.com/Tested-by: default avatarJaroslav Pulchart <jaroslav.pulchart@gooddata.com>
      Tested-by: default avatarKalesh Singh <kaleshsingh@google.com>
      Cc: Hillf Danton <hdanton@sina.com>
      Cc: Kairui Song <ryncsn@gmail.com>
      Cc: T.J. Mercier <tjmercier@google.com>
      Cc: <stable@vger.kernel.org>
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      5095a2b2
    • Yu Zhao's avatar
      mm/mglru: fix underprotected page cache · 08148805
      Yu Zhao authored
      Unmapped folios accessed through file descriptors can be underprotected. 
      Those folios are added to the oldest generation based on:
      
      1. The fact that they are less costly to reclaim (no need to walk the
         rmap and flush the TLB) and have less impact on performance (don't
         cause major PFs and can be non-blocking if needed again).
      2. The observation that they are likely to be single-use. E.g., for
         client use cases like Android, its apps parse configuration files
         and store the data in heap (anon); for server use cases like MySQL,
         it reads from InnoDB files and holds the cached data for tables in
         buffer pools (anon).
      
      However, the oldest generation can be very short lived, and if so, it
      doesn't provide the PID controller with enough time to respond to a surge
      of refaults.  (Note that the PID controller uses weighted refaults and
      those from evicted generations only take a half of the whole weight.) In
      other words, for a short lived generation, the moving average smooths out
      the spike quickly.
      
      To fix the problem:
      1. For folios that are already on LRU, if they can be beyond the
         tracking range of tiers, i.e., five accesses through file
         descriptors, move them to the second oldest generation to give them
         more time to age. (Note that tiers are used by the PID controller
         to statistically determine whether folios accessed multiple times
         through file descriptors are worth protecting.)
      2. When adding unmapped folios to LRU, adjust the placement of them so
         that they are not too close to the tail. The effect of this is
         similar to the above.
      
      On Android, launching 55 apps sequentially:
                                 Before     After      Change
        workingset_refault_anon  25641024   25598972   0%
        workingset_refault_file  115016834  106178438  -8%
      
      Link: https://lkml.kernel.org/r/20231208061407.2125867-1-yuzhao@google.com
      Fixes: ac35a490 ("mm: multi-gen LRU: minimal implementation")
      Signed-off-by: default avatarYu Zhao <yuzhao@google.com>
      Reported-by: default avatarCharan Teja Kalla <quic_charante@quicinc.com>
      Tested-by: default avatarKalesh Singh <kaleshsingh@google.com>
      Cc: T.J. Mercier <tjmercier@google.com>
      Cc: Kairui Song <ryncsn@gmail.com>
      Cc: Hillf Danton <hdanton@sina.com>
      Cc: Jaroslav Pulchart <jaroslav.pulchart@gooddata.com>
      Cc: <stable@vger.kernel.org>
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      08148805
    • David Stevens's avatar
      mm/shmem: fix race in shmem_undo_range w/THP · 55ac8bbe
      David Stevens authored
      Split folios during the second loop of shmem_undo_range.  It's not
      sufficient to only split folios when dealing with partial pages, since
      it's possible for a THP to be faulted in after that point.  Calling
      truncate_inode_folio in that situation can result in throwing away data
      outside of the range being targeted.
      
      [akpm@linux-foundation.org: tidy up comment layout]
      Link: https://lkml.kernel.org/r/20230418084031.3439795-1-stevensd@google.com
      Fixes: b9a8a419 ("truncate,shmem: Handle truncates that split large folios")
      Signed-off-by: default avatarDavid Stevens <stevensd@chromium.org>
      Cc: Matthew Wilcox (Oracle) <willy@infradead.org>
      Cc: Suleiman Souhlal <suleiman@google.com>
      Cc: <stable@vger.kernel.org>
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      55ac8bbe
    • John Hubbard's avatar
      Revert "selftests: error out if kernel header files are not yet built" · 43e8832f
      John Hubbard authored
      This reverts commit 9fc96c7c ("selftests: error out if kernel header
      files are not yet built").
      
      It turns out that requiring the kernel headers to be built as a
      prerequisite to building selftests, does not work in many cases. For
      example, Peter Zijlstra writes:
      
      "My biggest beef with the whole thing is that I simply do not want to use
      'make headers', it doesn't work for me.
      
      I have a ton of output directories and I don't care to build tools into
      the output dirs, in fact some of them flat out refuse to work that way
      (bpf comes to mind)." [1]
      
      Therefore, stop erroring out on the selftests build. Additional patches
      will be required in order to change over to not requiring the kernel
      headers.
      
      [1] https://lore.kernel.org/20231208221007.GO28727@noisy.programming.kicks-ass.net
      
      Link: https://lkml.kernel.org/r/20231209020144.244759-1-jhubbard@nvidia.com
      Fixes: 9fc96c7c ("selftests: error out if kernel header files are not yet built")
      Signed-off-by: default avatarJohn Hubbard <jhubbard@nvidia.com>
      Cc: Anders Roxell <anders.roxell@linaro.org>
      Cc: Muhammad Usama Anjum <usama.anjum@collabora.com>
      Cc: David Hildenbrand <david@redhat.com>
      Cc: Peter Xu <peterx@redhat.com>
      Cc: Jonathan Corbet <corbet@lwn.net>
      Cc: Nathan Chancellor <nathan@kernel.org>
      Cc: Shuah Khan <shuah@kernel.org>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: Marcos Paulo de Souza <mpdesouza@suse.com>
      Cc: <stable@vger.kernel.org>
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      43e8832f
    • Yuntao Wang's avatar
      crash_core: fix the check for whether crashkernel is from high memory · 1dd11e97
      Yuntao Wang authored
      If crash_base is equal to CRASH_ADDR_LOW_MAX, it also indicates that
      the crashkernel memory is allocated from high memory. However, the
      current check only considers the case where crash_base is greater than
      CRASH_ADDR_LOW_MAX. Fix it.
      
      The runtime effects is that crashkernel high memory is successfully
      reserved, whereas the crashkernel low memory is bypassed in this case,
      then kdump kernel bootup will fail because of no low memory under 4G.
      
      This patch also includes some minor cleanups.
      
      Link: https://lkml.kernel.org/r/20231209141438.77233-1-ytcoode@gmail.com
      Fixes: 0ab97169 ("crash_core: add generic function to do reservation")
      Signed-off-by: default avatarYuntao Wang <ytcoode@gmail.com>
      Cc: Baoquan He <bhe@redhat.com>
      Cc: Dave Young <dyoung@redhat.com>
      Cc: Vivek Goyal <vgoyal@redhat.com>
      Cc: Zhen Lei <thunder.leizhen@huawei.com>
      Cc: "Eric W. Biederman" <ebiederm@xmission.com>
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      1dd11e97
    • Baoquan He's avatar
      x86, kexec: fix the wrong ifdeffery CONFIG_KEXEC · 69f8ca8d
      Baoquan He authored
      With the current ifdeffery CONFIG_KEXEC, get_cmdline_acpi_rsdp() is only
      available when kexec_load interface is taken, while kexec_file_load
      interface can't make use of it.
      
      Now change it to CONFIG_KEXEC_CORE.
      
      Link: https://lkml.kernel.org/r/20231208073036.7884-6-bhe@redhat.comSigned-off-by: default avatarBaoquan He <bhe@redhat.com>
      Cc: Eric DeVolder <eric_devolder@yahoo.com>
      Cc: Ignat Korchagin <ignat@cloudflare.com>
      Cc: kernel test robot <lkp@intel.com>
      Cc: Stephen Rothwell <sfr@canb.auug.org.au>
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      69f8ca8d
    • Baoquan He's avatar
      sh, kexec: fix the incorrect ifdeffery and dependency of CONFIG_KEXEC · d70c27b7
      Baoquan He authored
      The select of KEXEC for CRASH_DUMP in kernel/Kconfig.kexec will be
      dropped, then compiling errors will be triggered if below config
      items are set:
      
      ===
      CONFIG_CRASH_CORE=y
      CONFIG_KEXEC_CORE=y
      CONFIG_CRASH_DUMP=y
      ===
      
      Here, change the dependency of building kexec_core related object files,
      and the ifdeffery on SuperH from CONFIG_KEXEC to CONFIG_KEXEC_CORE.
      
      Link: https://lkml.kernel.org/r/20231208073036.7884-5-bhe@redhat.comSigned-off-by: default avatarBaoquan He <bhe@redhat.com>
      Cc: Eric DeVolder <eric_devolder@yahoo.com>
      Cc: Ignat Korchagin <ignat@cloudflare.com>
      Cc: kernel test robot <lkp@intel.com>
      Cc: Stephen Rothwell <sfr@canb.auug.org.au>
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      d70c27b7
    • Baoquan He's avatar
      mips, kexec: fix the incorrect ifdeffery and dependency of CONFIG_KEXEC · 8cd2accb
      Baoquan He authored
      The select of KEXEC for CRASH_DUMP in kernel/Kconfig.kexec will be
      dropped, then compiling errors will be triggered if below config items are
      set:
      
      ===
      CONFIG_CRASH_CORE=y
      CONFIG_KEXEC_CORE=y
      CONFIG_CRASH_DUMP=y
      ===
      
      --------------------------------------------------------------------
      mipsel-linux-ld: kernel/kexec_core.o: in function `kimage_free':
      kernel/kexec_core.c:(.text+0x2200): undefined reference to `machine_kexec_cleanup'
      mipsel-linux-ld: kernel/kexec_core.o: in function `__crash_kexec':
      kernel/kexec_core.c:(.text+0x2480): undefined reference to `machine_crash_shutdown'
      mipsel-linux-ld: kernel/kexec_core.c:(.text+0x2488): undefined reference to `machine_kexec'
      mipsel-linux-ld: kernel/kexec_core.o: in function `kernel_kexec':
      kernel/kexec_core.c:(.text+0x29b8): undefined reference to `machine_shutdown'
      mipsel-linux-ld: kernel/kexec_core.c:(.text+0x29c0): undefined reference to `machine_kexec'
      --------------------------------------------------------------------
      
      Here, change the dependency of building kexec_core related object files,
      and the ifdeffery in mips from CONFIG_KEXEC to CONFIG_KEXEC_CORE.
      
      Link: https://lkml.kernel.org/r/20231208073036.7884-4-bhe@redhat.comSigned-off-by: default avatarBaoquan He <bhe@redhat.com>
      Reported-by: default avatarkernel test robot <lkp@intel.com>
      Closes: https://lore.kernel.org/oe-kbuild-all/202311302042.sn8cDPIX-lkp@intel.com/
      Cc: Eric DeVolder <eric_devolder@yahoo.com>
      Cc: Ignat Korchagin <ignat@cloudflare.com>
      Cc: Stephen Rothwell <sfr@canb.auug.org.au>
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      8cd2accb
    • Baoquan He's avatar
      m68k, kexec: fix the incorrect ifdeffery and build dependency of CONFIG_KEXEC · 9bad6b75
      Baoquan He authored
      The select of KEXEC for CRASH_DUMP in kernel/Kconfig.kexec will be
      dropped, then compiling errors will be triggered if below config items are
      set:
      
      ===
      CONFIG_CRASH_CORE=y
      CONFIG_KEXEC_CORE=y
      CONFIG_CRASH_DUMP=y
      ===
      
      Here, change the dependency of buinding machine_kexec.o relocate_kernel.o
      and the ifdeffery in asm/kexe.h to CONFIG_KEXEC_CORE.
      
      Link: https://lkml.kernel.org/r/20231208073036.7884-3-bhe@redhat.comSigned-off-by: default avatarBaoquan He <bhe@redhat.com>
      Cc: Eric DeVolder <eric_devolder@yahoo.com>
      Cc: Ignat Korchagin <ignat@cloudflare.com>
      Cc: kernel test robot <lkp@intel.com>
      Cc: Stephen Rothwell <sfr@canb.auug.org.au>
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      9bad6b75
    • Baoquan He's avatar
      loongarch, kexec: change dependency of object files · 655fc6cd
      Baoquan He authored
      Patch series "kexec: fix the incorrect ifdeffery and dependency of
      CONFIG_KEXEC".
      
      The select of KEXEC for CRASH_DUMP in kernel/Kconfig.kexec will be
      dropped, then compiling errors will be triggered if below config items are
      set:
      
      ===
      CONFIG_CRASH_CORE=y
      CONFIG_KEXEC_CORE=y
      CONFIG_CRASH_DUMP=y
      ===
      
      E.g on mips, below link error are seen:
      --------------------------------------------------------------------
      mipsel-linux-ld: kernel/kexec_core.o: in function `kimage_free':
      kernel/kexec_core.c:(.text+0x2200): undefined reference to `machine_kexec_cleanup'
      mipsel-linux-ld: kernel/kexec_core.o: in function `__crash_kexec':
      kernel/kexec_core.c:(.text+0x2480): undefined reference to `machine_crash_shutdown'
      mipsel-linux-ld: kernel/kexec_core.c:(.text+0x2488): undefined reference to `machine_kexec'
      mipsel-linux-ld: kernel/kexec_core.o: in function `kernel_kexec':
      kernel/kexec_core.c:(.text+0x29b8): undefined reference to `machine_shutdown'
      mipsel-linux-ld: kernel/kexec_core.c:(.text+0x29c0): undefined reference to `machine_kexec'
      --------------------------------------------------------------------
      
      Here, change the incorrect dependency of building kexec_core related
      object files, and the ifdeffery on architectures from CONFIG_KEXEC to
      CONFIG_KEXEC_CORE.
      
      Testing:
      ========
      Passed on mips and loognarch with the LKP reproducer.
      
      
      This patch (of 5):
      
      Currently, in arch/loongarch/kernel/Makefile, building machine_kexec.o
      relocate_kernel.o depends on CONFIG_KEXEC.
      
      Whereas, since we will drop the select of KEXEC for CRASH_DUMP in
      kernel/Kconfig.kexec, compiling error will be triggered if below config
      items are set:
      
      ===
      CONFIG_CRASH_CORE=y
      CONFIG_KEXEC_CORE=y
      CONFIG_CRASH_DUMP=y
      ===
      
      ---------------------------------------------------------------
      loongarch64-linux-ld: kernel/kexec_core.o: in function `.L209':
      >> kexec_core.c:(.text+0x1660): undefined reference to `machine_kexec_cleanup'
         loongarch64-linux-ld: kernel/kexec_core.o: in function `.L287':
      >> kexec_core.c:(.text+0x1c5c): undefined reference to `machine_crash_shutdown'
      >> loongarch64-linux-ld: kexec_core.c:(.text+0x1c64): undefined reference to `machine_kexec'
         loongarch64-linux-ld: kernel/kexec_core.o: in function `.L2^B5':
      >> kexec_core.c:(.text+0x2090): undefined reference to `machine_shutdown'
         loongarch64-linux-ld: kexec_core.c:(.text+0x20a0): undefined reference to `machine_kexec'
      ---------------------------------------------------------------
      
      Here, change the dependency of machine_kexec.o relocate_kernel.o to
      CONFIG_KEXEC_CORE can fix above building error.
      
      Link: https://lkml.kernel.org/r/20231208073036.7884-1-bhe@redhat.com
      Link: https://lkml.kernel.org/r/20231208073036.7884-2-bhe@redhat.comSigned-off-by: default avatarBaoquan He <bhe@redhat.com>
      Reported-by: default avatarkernel test robot <lkp@intel.com>
      Closes: https://lore.kernel.org/oe-kbuild-all/202311300946.kHE9Iu71-lkp@intel.com/
      Cc: Eric DeVolder <eric_devolder@yahoo.com>
      Cc: Ignat Korchagin <ignat@cloudflare.com>
      Cc: Stephen Rothwell <sfr@canb.auug.org.au>
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      655fc6cd
    • SeongJae Park's avatar
      mm/damon/core: make damon_start() waits until kdamond_fn() starts · 6376a824
      SeongJae Park authored
      The cleanup tasks of kdamond threads including reset of corresponding
      DAMON context's ->kdamond field and decrease of global nr_running_ctxs
      counter is supposed to be executed by kdamond_fn().  However, commit
      0f91d133 ("mm/damon: simplify stop mechanism") made neither
      damon_start() nor damon_stop() ensure the corresponding kdamond has
      started the execution of kdamond_fn().
      
      As a result, the cleanup can be skipped if damon_stop() is called fast
      enough after the previous damon_start().  Especially the skipped reset
      of ->kdamond could cause a use-after-free.
      
      Fix it by waiting for start of kdamond_fn() execution from
      damon_start().
      
      Link: https://lkml.kernel.org/r/20231208175018.63880-1-sj@kernel.org
      Fixes: 0f91d133 ("mm/damon: simplify stop mechanism")
      Signed-off-by: default avatarSeongJae Park <sj@kernel.org>
      Reported-by: default avatarJakub Acs <acsjakub@amazon.de>
      Cc: Changbin Du <changbin.du@intel.com>
      Cc: Jakub Acs <acsjakub@amazon.de>
      Cc: <stable@vger.kernel.org> # 5.15.x
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      6376a824
    • David Hildenbrand's avatar
      selftests/mm: cow: print ksft header before printing anything else · a6fcd57c
      David Hildenbrand authored
      Doing a ksft_print_msg() before the ksft_print_header() seems to confuse
      the ksft framework in a strange way: running the test on the cmdline
      results in the expected output.
      
      But piping the output somewhere else, results in some odd output,
      whereby we repeatedly get the same info printed:
      	# [INFO] detected THP size: 2048 KiB
      	# [INFO] detected hugetlb page size: 2048 KiB
      	# [INFO] detected hugetlb page size: 1048576 KiB
      	# [INFO] huge zeropage is enabled
      	TAP version 13
      	1..190
      	# [INFO] Anonymous memory tests in private mappings
      	# [RUN] Basic COW after fork() ... with base page
      	# [INFO] detected THP size: 2048 KiB
      	# [INFO] detected hugetlb page size: 2048 KiB
      	# [INFO] detected hugetlb page size: 1048576 KiB
      	# [INFO] huge zeropage is enabled
      	TAP version 13
      	1..190
      	# [INFO] Anonymous memory tests in private mappings
      	# [RUN] Basic COW after fork() ... with base page
      	ok 1 No leak from parent into child
      	# [RUN] Basic COW after fork() ... with swapped out base page
      	# [INFO] detected THP size: 2048 KiB
      	# [INFO] detected hugetlb page size: 2048 KiB
      	# [INFO] detected hugetlb page size: 1048576 KiB
      	# [INFO] huge zeropage is enabled
      
      Doing the ksft_print_header() first seems to resolve that and gives us
      the output we expect:
      	TAP version 13
      	# [INFO] detected THP size: 2048 KiB
      	# [INFO] detected hugetlb page size: 2048 KiB
      	# [INFO] detected hugetlb page size: 1048576 KiB
      	# [INFO] huge zeropage is enabled
      	1..190
      	# [INFO] Anonymous memory tests in private mappings
      	# [RUN] Basic COW after fork() ... with base page
      	ok 1 No leak from parent into child
      	# [RUN] Basic COW after fork() ... with swapped out base page
      	ok 2 No leak from parent into child
      	# [RUN] Basic COW after fork() ... with THP
      	ok 3 No leak from parent into child
      	# [RUN] Basic COW after fork() ... with swapped-out THP
      	ok 4 No leak from parent into child
      	# [RUN] Basic COW after fork() ... with PTE-mapped THP
      	ok 5 No leak from parent into child
      
      Link: https://lkml.kernel.org/r/20231206103558.38040-1-david@redhat.com
      Fixes: f4b5fd69 ("selftests/vm: anon_cow: THP tests")
      Signed-off-by: default avatarDavid Hildenbrand <david@redhat.com>
      Reported-by: default avatarNico Pache <npache@redhat.com>
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      a6fcd57c
    • Kefeng Wang's avatar
      mm: fix VMA heap bounds checking · d3bb89ea
      Kefeng Wang authored
      After converting selinux to VMA heap check helper, the gcl triggers an
      execheap SELinux denial, which is caused by a changed logic check.
      
      Previously selinux only checked that the VMA range was within the VMA heap
      range, and the implementation checks the intersection between the two
      ranges, but the corner case (vm_end=start_brk, brk=vm_start) isn't handled
      correctly.
      
      Since commit 11250fd1 ("mm: factor out VMA stack and heap checks") was
      only a function extraction, it seems that the issue was introduced by
      commit 0db0c01b ("procfs: fix /proc/<pid>/maps heap check").  Let's
      fix above corner cases, meanwhile, correct the wrong indentation of the
      stack and heap check helpers.
      
      Fixes: 11250fd1 ("mm: factor out VMA stack and heap checks")
      Signed-off-by: default avatarKefeng Wang <wangkefeng.wang@huawei.com>
      Reported-by: default avatarOndrej Mosnacek <omosnace@redhat.com>
      Closes: https://lore.kernel.org/selinux/CAFqZXNv0SVT0fkOK6neP9AXbj3nxJ61JAY4+zJzvxqJaeuhbFw@mail.gmail.com/Tested-by: default avatarOndrej Mosnacek <omosnace@redhat.com>
      Link: https://lkml.kernel.org/r/20231207152525.2607420-1-wangkefeng.wang@huawei.com
      Cc: David Hildenbrand <david@redhat.com>
      Cc: Paul Moore <paul@paul-moore.com>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: Stephen Smalley <stephen.smalley.work@gmail.com>
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      d3bb89ea
    • Baoquan He's avatar
      riscv: fix VMALLOC_START definition · ac88ff6b
      Baoquan He authored
      When below config items are set, compiler complained:
      
      --------------------
      CONFIG_CRASH_CORE=y
      CONFIG_KEXEC_CORE=y
      CONFIG_CRASH_DUMP=y
      ......
      -----------------------
      
      -------------------------------------------------------------------
      arch/riscv/kernel/crash_core.c: In function 'arch_crash_save_vmcoreinfo':
      arch/riscv/kernel/crash_core.c:11:58: warning: format '%lx' expects argument of type 'long unsigned int', but argument 2 has type 'int' [-Wformat=]
      11 |         vmcoreinfo_append_str("NUMBER(VMALLOC_START)=0x%lx\n", VMALLOC_START);
         |                                                        ~~^
         |                                                          |
         |                                                          long unsigned int
         |                                                        %x
      ----------------------------------------------------------------------
      
      This is because on riscv macro VMALLOC_START has different type when
      CONFIG_MMU is set or unset.
      
      arch/riscv/include/asm/pgtable.h:
      --------------------------------------------------
      
      Changing it to _AC(0, UL) in case CONFIG_MMU=n can fix the warning.
      
      Link: https://lkml.kernel.org/r/ZW7OsX4zQRA3mO4+@MiWiFi-R3L-srvSigned-off-by: default avatarBaoquan He <bhe@redhat.com>
      Reported-by: default avatarRandy Dunlap <rdunlap@infradead.org>
      Acked-by: default avatarRandy Dunlap <rdunlap@infradead.org>
      Tested-by: Randy Dunlap <rdunlap@infradead.org>	# build-tested
      Cc: Eric DeVolder <eric_devolder@yahoo.com>
      Cc: Ignat Korchagin <ignat@cloudflare.com>
      Cc: Stephen Rothwell <sfr@canb.auug.org.au>
      Cc: Paul Walmsley <paul.walmsley@sifive.com>
      Cc: Palmer Dabbelt <palmer@dabbelt.com>
      Cc: Albert Ou <aou@eecs.berkeley.edu>
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      ac88ff6b
    • Ignat Korchagin's avatar
      kexec: drop dependency on ARCH_SUPPORTS_KEXEC from CRASH_DUMP · c41bd251
      Ignat Korchagin authored
      In commit f8ff23429c62 ("kernel/Kconfig.kexec: drop select of KEXEC for
      CRASH_DUMP") we tried to fix a config regression, where CONFIG_CRASH_DUMP
      required CONFIG_KEXEC.
      
      However, it was not enough at least for arm64 platforms.  While further
      testing the patch with our arm64 config I noticed that CONFIG_CRASH_DUMP
      is unavailable in menuconfig.  This is because CONFIG_CRASH_DUMP still
      depends on the new CONFIG_ARCH_SUPPORTS_KEXEC introduced in commit
      91506f7e ("arm64/kexec: refactor for kernel/Kconfig.kexec") and on
      arm64 CONFIG_ARCH_SUPPORTS_KEXEC requires CONFIG_PM_SLEEP_SMP=y, which in
      turn requires either CONFIG_SUSPEND=y or CONFIG_HIBERNATION=y neither of
      which are set in our config.
      
      Given that we already established that CONFIG_KEXEC (which is a switch for
      kexec system call itself) is not required for CONFIG_CRASH_DUMP drop
      CONFIG_ARCH_SUPPORTS_KEXEC dependency as well.  The arm64 kernel builds
      just fine with CONFIG_CRASH_DUMP=y and with both CONFIG_KEXEC=n and
      CONFIG_KEXEC_FILE=n after f8ff23429c62 ("kernel/Kconfig.kexec: drop select
      of KEXEC for CRASH_DUMP") and this patch are applied given that the
      necessary shared bits are included via CONFIG_KEXEC_CORE dependency.
      
      [bhe@redhat.com: don't export some symbols when CONFIG_MMU=n]
        Link: https://lkml.kernel.org/r/ZW03ODUKGGhP1ZGU@MiWiFi-R3L-srv
      [bhe@redhat.com: riscv, kexec: fix dependency of two items]
        Link: https://lkml.kernel.org/r/ZW04G/SKnhbE5mnX@MiWiFi-R3L-srv
      Link: https://lkml.kernel.org/r/20231129220409.55006-1-ignat@cloudflare.com
      Fixes: 91506f7e ("arm64/kexec: refactor for kernel/Kconfig.kexec")
      Signed-off-by: default avatarIgnat Korchagin <ignat@cloudflare.com>
      Signed-off-by: default avatarBaoquan He <bhe@redhat.com>
      Acked-by: default avatarBaoquan He <bhe@redhat.com>
      Cc: Alexander Gordeev <agordeev@linux.ibm.com>
      Cc: <stable@vger.kernel.org> # 6.6+: f8ff234: kernel/Kconfig.kexec: drop select of KEXEC for CRASH_DUMP
      Cc: <stable@vger.kernel.org> # 6.6+
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      c41bd251
  3. 07 Dec, 2023 19 commits