1. 09 Oct, 2020 2 commits
  2. 24 Sep, 2020 8 commits
  3. 07 Sep, 2020 1 commit
  4. 26 Aug, 2020 12 commits
    • Nathan Huckleberry's avatar
      Makefile: Add clang-tidy and static analyzer support to makefile · 6ad7cbc0
      Nathan Huckleberry authored
      This patch adds clang-tidy and the clang static-analyzer as make
      targets. The goal of this patch is to make static analysis tools
      usable and extendable by any developer or researcher who is familiar
      with basic c++.
      
      The current static analysis tools require intimate knowledge of the
      internal workings of the static analysis. Clang-tidy and the clang
      static analyzers expose an easy to use api and allow users unfamiliar
      with clang to write new checks with relative ease.
      
      ===Clang-tidy===
      
      Clang-tidy is an easily extendable 'linter' that runs on the AST.
      Clang-tidy checks are easy to write and understand. A check consists of
      two parts, a matcher and a checker. The matcher is created using a
      domain specific language that acts on the AST
      (https://clang.llvm.org/docs/LibASTMatchersReference.html).  When AST
      nodes are found by the matcher a callback is made to the checker. The
      checker can then execute additional checks and issue warnings.
      
      Here is an example clang-tidy check to report functions that have calls
      to local_irq_disable without calls to local_irq_enable and vice-versa.
      Functions flagged with __attribute((annotation("ignore_irq_balancing")))
      are ignored for analysis. (https://reviews.llvm.org/D65828)
      
      ===Clang static analyzer===
      
      The clang static analyzer is a more powerful static analysis tool that
      uses symbolic execution to find bugs. Currently there is a check that
      looks for potential security bugs from invalid uses of kmalloc and
      kfree. There are several more general purpose checks that are useful for
      the kernel.
      
      The clang static analyzer is well documented and designed to be
      extensible.
      (https://clang-analyzer.llvm.org/checker_dev_manual.html)
      (https://github.com/haoNoQ/clang-analyzer-guide/releases/download/v0.1/clang-analyzer-guide-v0.1.pdf)
      
      The main draw of the clang tools is how accessible they are. The clang
      documentation is very nice and these tools are built specifically to be
      easily extendable by any developer. They provide an accessible method of
      bug-finding and research to people who are not overly familiar with the
      kernel codebase.
      Signed-off-by: default avatarNathan Huckleberry <nhuck@google.com>
      Reviewed-by: default avatarNick Desaulniers <ndesaulniers@google.com>
      Tested-by: default avatarNick Desaulniers <ndesaulniers@google.com>
      Tested-by: default avatarLukas Bulwahn <lukas.bulwahn@gmail.com>
      Signed-off-by: default avatarMasahiro Yamada <masahiroy@kernel.org>
      6ad7cbc0
    • Masahiro Yamada's avatar
      gen_compile_commands: remove the warning about too few .cmd files · 8b61f748
      Masahiro Yamada authored
      This warning was useful when users previously needed to manually
      build the kernel and run this script.
      
      Now you can simply do 'make compile_commands.json', which updates
      all the necessary build artifacts and automatically creates the
      compilation database. There is no more worry for a mistake like
      "Oh, I forgot to build the kernel".
      
      Now, this warning is rather annoying.
      
      You can create compile_commands.json for an external module:
      
        $ make M=/path/to/your/external/module compile_commands.json
      
      Then, this warning is displayed since there are usually less than
      300 files in a single module.
      Signed-off-by: default avatarMasahiro Yamada <masahiroy@kernel.org>
      Reviewed-by: default avatarNick Desaulniers <ndesaulniers@google.com>
      8b61f748
    • Masahiro Yamada's avatar
      kbuild: wire up the build rule of compile_commands.json to Makefile · 3d32285f
      Masahiro Yamada authored
      Currently, you need to manually run scripts/gen_compile_commands.py
      to create compile_commands.json. It parses all the .*.cmd files found
      under the specified directory.
      
      If you rebuild the kernel over again without 'make clean',
      .*.cmd files from older builds will create stale entries in
      compile_commands.json.
      
      This commit wires up the compile_commands.json rule to Makefile, and
      makes it parse only the .*.cmd files involved in the current build.
      
      Pass $(KBUILD_VMLINUX_OBJS), $(KBUILD_VMLINUX_LIBS), and modules.order
      to the script. The objects or archives linked to vmlinux are listed in
      $(KBUILD_VMLINUX_OBJS) or $(KBUILD_VMLINUX_LIBS). All the modules are
      listed in modules.order.
      
      You can create compile_commands.json from Make:
      
        $ make -j$(nproc) CC=clang compile_commands.json
      
      You can also build vmlinux, modules, and compile_commands.json all
      together in a single command:
      
        $ make -j$(nproc) CC=clang all compile_commands.json
      
      It works for M= builds as well. In this case, compile_commands.json
      is created in the top directory of the external module.
      
      This is convenient, but it has a drawback; the coverage of the
      compile_commands.json is reduced because only the objects linked to
      vmlinux or modules are handled. For example, the following C files are
      not included in the compile_commands.json:
      
       - Decompressor source files (arch/*/boot/)
       - VDSO source files
       - C files used to generate intermediates (e.g. kernel/bounds.c)
       - Standalone host programs
      
      I think it is fine for most developers because our main interest is
      the kernel-space code.
      
      If you want to cover all the compiled C files, please build the kernel,
      then run the script manually as you did before:
      
        $ make clean    # if you want to remove stale .cmd files [optional]
        $ make -j$(nproc) CC=clang
        $ scripts/gen_compile_commands.py
      
      Here is a note for out-of-tree builds. 'make compile_commands.json'
      works with O= option, but please notice compile_commands.json is
      created in the object tree instead of the source tree.
      
      Some people may want to have compile_commands.json in the source tree
      because Clang Tools searches for it through all parent paths of the
      first input source file.
      
      However, you cannot do this for O= builds. Kbuild should never generate
      any build artifact in the source tree when O= is given because the
      source tree might be read-only. Any write attempt to the source tree
      is monitored and the violation may be reported. See the commit log of
      8ef14c2c.
      
      So, the only possible way is to create compile_commands.json in the
      object tree, then specify '-p <build-path>' when you use clang-check,
      clang-tidy, etc.
      Signed-off-by: default avatarMasahiro Yamada <masahiroy@kernel.org>
      Acked-by: default avatarNick Desaulniers <ndesaulniers@google.com>
      3d32285f
    • Masahiro Yamada's avatar
      gen_compile_commands: support *.o, *.a, modules.order in positional argument · ecca4fea
      Masahiro Yamada authored
      This script currently searches the specified directory for .cmd files.
      One drawback is it may contain stale .cmd files after you rebuild the
      kernel several times without 'make clean'.
      
      This commit supports *.o, *.a, and modules.order as positional
      parameters. If such files are given, they are parsed to collect
      associated .cmd files. I added a generator helper for each of them.
      
      This feature is useful to get the list of active .cmd files from the
      last build, and will be used by the next commit to wire up the
      compile_commands.json rule to the Makefile.
      Signed-off-by: default avatarMasahiro Yamada <masahiroy@kernel.org>
      Reviewed-by: default avatarNick Desaulniers <ndesaulniers@google.com>
      ecca4fea
    • Masahiro Yamada's avatar
      gen_compile_commands: move directory walk to a generator function · fc2cb22e
      Masahiro Yamada authored
      Currently, this script walks under the specified directory (default to
      the current directory), then parses all .cmd files found.
      
      Split it into a separate helper function because the next commit will
      add more helpers to pick up .cmd files associated with given file(s).
      
      There is no point to build and return a huge list at once. I used a
      generator so it works in the for-loop with less memory.
      Signed-off-by: default avatarMasahiro Yamada <masahiroy@kernel.org>
      Reviewed-by: default avatarNick Desaulniers <ndesaulniers@google.com>
      fc2cb22e
    • Masahiro Yamada's avatar
      gen_compile_commands: make -o option independent of -d option · 6fca36f1
      Masahiro Yamada authored
      Change the -o option independent of the -d option, which is I think
      clearer behavior. Some people may like to use -d to specify a separate
      output directory, but still output the compile_commands.py in the
      source directory (unless the source tree is read-only) because it is
      the default location Clang Tools search for the compilation database.
      
      Also, move the default parameter to the default= argument of the
      .add_argument().
      Signed-off-by: default avatarMasahiro Yamada <masahiroy@kernel.org>
      Reviewed-by: default avatarNick Desaulniers <ndesaulniers@google.com>
      6fca36f1
    • Masahiro Yamada's avatar
      gen_compile_commands: reword the help message of -d option · 0a7d376d
      Masahiro Yamada authored
      I think the help message of the -d option is somewhat misleading.
      
        Path to the kernel source directory to search (defaults to the working directory)
      
      The part "kernel source directory" is the source of the confusion.
      Some people misunderstand as if this script did not support separate
      output directories.
      
      Actually, this script also works for out-of-tree builds. You can
      use the -d option to point to the object output directory, not to
      the source directory. It should match to the O= option used in the
      previous kernel build, and then appears in the "directory" field of
      compile_commands.json.
      
      Reword the help message.
      Signed-off-by: default avatarMasahiro Yamada <masahiroy@kernel.org>
      Reviewed-by: default avatarNick Desaulniers <ndesaulniers@google.com>
      0a7d376d
    • Masahiro Yamada's avatar
      gen_compile_commands: do not support .cmd files under tools/ directory · 6ca4c6d2
      Masahiro Yamada authored
      The tools/ directory uses a different build system, and the format of
      .cmd files is different because the tools builds run in a different
      work directory.
      
      Supporting two formats compilicates the script.
      
      The only loss by this change is objtool.
      
      Also, rename the confusing variable 'relative_path' because it is
      not necessarily a relative path. When the output directory is not
      the direct child of the source tree (e.g. O=foo/bar), it is an
      absolute path. Rename it to 'file_path'.
      
      os.path.join(root_directory, file_path) works whether the file_path
      is relative or not. If file_path is already absolute, it returns it
      as-is.
      
      I used os.path.abspath() to normalize file paths. If you run this
      script against the kernel built with O=foo option, the file_path
      contains '../' patterns. os.path.abspath() fixes up 'foo/bar/../baz'
      into 'foo/baz', and produces a cleaner commands_database.json.
      Signed-off-by: default avatarMasahiro Yamada <masahiroy@kernel.org>
      Reviewed-by: default avatarNick Desaulniers <ndesaulniers@google.com>
      6ca4c6d2
    • Masahiro Yamada's avatar
      gen_compile_commands: use choices for --log_levels option · ea6cedc5
      Masahiro Yamada authored
      Use 'choices' to check if the given parameter is valid.
      
      I also simplified the help message because, with 'choices', --help
      shows the list of valid parameters:
      
        --log_level {DEBUG,INFO,WARNING,ERROR,CRITICAL}
      
      I started the help message with a lower case, "the level of log ..."
      in order to be consistent with the -h option:
      
        -h, --help            show this help message and exit
      
      The message "show this help ..." comes from the ArgumentParser library
      code, and I do not know how to change it. So, I changed our code.
      Signed-off-by: default avatarMasahiro Yamada <masahiroy@kernel.org>
      Reviewed-by: default avatarNick Desaulniers <ndesaulniers@google.com>
      ea6cedc5
    • Masahiro Yamada's avatar
      gen_compile_commands: parse only the first line of .*.cmd files · 8a685db3
      Masahiro Yamada authored
      After the allmodconfig build, this script takes about 5 sec on my
      machine. Most of the run-time is consumed for needless regex matching.
      
      We know the format of .*.cmd file; the first line is the build command.
      There is no need to parse the rest.
      
      With this optimization, now it runs 4 times faster.
      Signed-off-by: default avatarMasahiro Yamada <masahiroy@kernel.org>
      Reviewed-by: default avatarNick Desaulniers <ndesaulniers@google.com>
      Tested-by: default avatarNick Desaulniers <ndesaulniers@google.com>
      8a685db3
    • Masahiro Yamada's avatar
      kbuild: hide commands to run Kconfig, and show short log for syncconfig · 23cd88c9
      Masahiro Yamada authored
      Some targets (localyesconfig, localmodconfig, defconfig) hide the
      command running, but the others do not.
      
      Users know which Kconfig flavor they are running, so it is OK to hide
      the command. Add $(Q) to all commands consistently. If you want to see
      the full command running, pass V=1 from the command line.
      
      syncconfig is the exceptional case, which occurs without explicit
      command invocation by the user. Display the Kbuild-style log for it.
      The ugly bare log will go away.
      
      [Before]
      
      scripts/kconfig/conf  --syncconfig Kconfig
      
      [After]
      
        SYNC    include/config/auto.conf
      Signed-off-by: default avatarMasahiro Yamada <masahiroy@kernel.org>
      23cd88c9
    • Sedat Dilek's avatar
      kbuild: Simplify DEBUG_INFO Kconfig handling · 695afd3d
      Sedat Dilek authored
      While playing with [1] I saw that the handling
      of CONFIG_DEBUG_INFO can be simplified.
      
      [1] https://patchwork.kernel.org/patch/11716107/Signed-off-by: default avatarSedat Dilek <sedat.dilek@gmail.com>
      Signed-off-by: default avatarMasahiro Yamada <masahiroy@kernel.org>
      695afd3d
  5. 23 Aug, 2020 9 commits
    • Linus Torvalds's avatar
      Linux 5.9-rc2 · d012a719
      Linus Torvalds authored
      d012a719
    • Linus Torvalds's avatar
      Merge tag 'powerpc-5.9-3' of git://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux · cb957121
      Linus Torvalds authored
      Pull powerpc fixes from Michael Ellerman:
      
       - Add perf support for emitting extended registers for power10.
      
       - A fix for CPU hotplug on pseries, where on large/loaded systems we
         may not wait long enough for the CPU to be offlined, leading to
         crashes.
      
       - Addition of a raw cputable entry for Power10, which is not required
         to boot, but is required to make our PMU setup work correctly in
         guests.
      
       - Three fixes for the recent changes on 32-bit Book3S to move modules
         into their own segment for strict RWX.
      
       - A fix for a recent change in our powernv PCI code that could lead to
         crashes.
      
       - A change to our perf interrupt accounting to avoid soft lockups when
         using some events, found by syzkaller.
      
       - A change in the way we handle power loss events from the hypervisor
         on pseries. We no longer immediately shut down if we're told we're
         running on a UPS.
      
       - A few other minor fixes.
      
      Thanks to Alexey Kardashevskiy, Andreas Schwab, Aneesh Kumar K.V, Anju T
      Sudhakar, Athira Rajeev, Christophe Leroy, Frederic Barrat, Greg Kurz,
      Kajol Jain, Madhavan Srinivasan, Michael Neuling, Michael Roth,
      Nageswara R Sastry, Oliver O'Halloran, Thiago Jung Bauermann,
      Vaidyanathan Srinivasan, Vasant Hegde.
      
      * tag 'powerpc-5.9-3' of git://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux:
        powerpc/perf/hv-24x7: Move cpumask file to top folder of hv-24x7 driver
        powerpc/32s: Fix module loading failure when VMALLOC_END is over 0xf0000000
        powerpc/pseries: Do not initiate shutdown when system is running on UPS
        powerpc/perf: Fix soft lockups due to missed interrupt accounting
        powerpc/powernv/pci: Fix possible crash when releasing DMA resources
        powerpc/pseries/hotplug-cpu: wait indefinitely for vCPU death
        powerpc/32s: Fix is_module_segment() when MODULES_VADDR is defined
        powerpc/kasan: Fix KASAN_SHADOW_START on BOOK3S_32
        powerpc/fixmap: Fix the size of the early debug area
        powerpc/pkeys: Fix build error with PPC_MEM_KEYS disabled
        powerpc/kernel: Cleanup machine check function declarations
        powerpc: Add POWER10 raw mode cputable entry
        powerpc/perf: Add extended regs support for power10 platform
        powerpc/perf: Add support for outputting extended regs in perf intr_regs
        powerpc: Fix P10 PVR revision in /proc/cpuinfo for SMT4 cores
      cb957121
    • Linus Torvalds's avatar
      Merge tag 'x86-urgent-2020-08-23' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip · 550c2129
      Linus Torvalds authored
      Pull x86 fix from Thomas Gleixner:
       "A single fix for x86 which removes the RDPID usage from the paranoid
        entry path and unconditionally uses LSL to retrieve the CPU number.
      
        RDPID depends on MSR_TSX_AUX. KVM has an optmization to avoid
        expensive MRS read/writes on VMENTER/EXIT. It caches the MSR values
        and restores them either when leaving the run loop, on preemption or
        when going out to user space. MSR_TSX_AUX is part of that lazy MSR
        set, so after writing the guest value and before the lazy restore any
        exception using the paranoid entry will read the guest value and use
        it as CPU number to retrieve the GSBASE value for the current CPU when
        FSGSBASE is enabled. As RDPID is only used in that particular entry
        path, there is no reason to burden VMENTER/EXIT with two extra MSR
        writes. Remove the RDPID optimization, which is not even backed by
        numbers from the paranoid entry path instead"
      
      * tag 'x86-urgent-2020-08-23' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
        x86/entry/64: Do not use RDPID in paranoid entry to accomodate KVM
      550c2129
    • Linus Torvalds's avatar
      Merge tag 'perf-urgent-2020-08-23' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip · cea05c19
      Linus Torvalds authored
      Pull x86 perf fix from Thomas Gleixner:
       "A single update for perf on x86 which has support for the broken down
        bandwith counters"
      
      * tag 'perf-urgent-2020-08-23' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
        perf/x86/intel/uncore: Add BW counters for GT, IA and IO breakdown
      cea05c19
    • Linus Torvalds's avatar
      Merge tag 'efi-urgent-2020-08-23' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip · 10c091b6
      Linus Torvalds authored
      Pull EFI fixes from Thomas Gleixner:
      
       - Enforce NX on RO data in mixed EFI mode
      
       - Destroy workqueue in an error handling path to prevent UAF
      
       - Stop argument parser at '--' which is the delimiter for init
      
       - Treat a NULL command line pointer as empty instead of dereferncing it
         unconditionally.
      
       - Handle an unterminated command line correctly
      
       - Cleanup the 32bit code leftovers and remove obsolete documentation
      
      * tag 'efi-urgent-2020-08-23' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
        Documentation: efi: remove description of efi=old_map
        efi/x86: Move 32-bit code into efi_32.c
        efi/libstub: Handle unterminated cmdline
        efi/libstub: Handle NULL cmdline
        efi/libstub: Stop parsing arguments at "--"
        efi: add missed destroy_workqueue when efisubsys_init fails
        efi/x86: Mark kernel rodata non-executable for mixed mode
      10c091b6
    • Linus Torvalds's avatar
      Merge tag 'core-urgent-2020-08-23' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip · e99b2507
      Linus Torvalds authored
      Pull entry fix from Thomas Gleixner:
       "A single bug fix for the common entry code.
      
        The transcription of the x86 version messed up the reload of the
        syscall number from pt_regs after ptrace and seccomp which breaks
        syscall number rewriting"
      
      * tag 'core-urgent-2020-08-23' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
        core/entry: Respect syscall number rewrites
      e99b2507
    • Linus Torvalds's avatar
      Merge tag 'edac_urgent_for_v5.9_rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/ras/ras · d9232cb7
      Linus Torvalds authored
      Pull EDAC fix from Borislav Petkov:
       "A single fix correcting a reversed error severity determination check
        which lead to a recoverable error getting marked as fatal, by Tony
        Luck"
      
      * tag 'edac_urgent_for_v5.9_rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/ras/ras:
        EDAC/{i7core,sb,pnd2,skx}: Fix error event severity
      d9232cb7
    • Linus Torvalds's avatar
      Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net · 9d045ed1
      Linus Torvalds authored
      Pull networking fixes from David Miller:
       "Nothing earth shattering here, lots of small fixes (f.e. missing RCU
        protection, bad ref counting, missing memset(), etc.) all over the
        place:
      
         1) Use get_file_rcu() in task_file iterator, from Yonghong Song.
      
         2) There are two ways to set remote source MAC addresses in macvlan
            driver, but only one of which validates things properly. Fix this.
            From Alvin Šipraga.
      
         3) Missing of_node_put() in gianfar probing, from Sumera
            Priyadarsini.
      
         4) Preserve device wanted feature bits across multiple netlink
            ethtool requests, from Maxim Mikityanskiy.
      
         5) Fix rcu_sched stall in task and task_file bpf iterators, from
            Yonghong Song.
      
         6) Avoid reset after device destroy in ena driver, from Shay
            Agroskin.
      
         7) Missing memset() in netlink policy export reallocation path, from
            Johannes Berg.
      
         8) Fix info leak in __smc_diag_dump(), from Peilin Ye.
      
         9) Decapsulate ECN properly for ipv6 in ipv4 tunnels, from Mark
            Tomlinson.
      
        10) Fix number of data stream negotiation in SCTP, from David Laight.
      
        11) Fix double free in connection tracker action module, from Alaa
            Hleihel.
      
        12) Don't allow empty NHA_GROUP attributes, from Nikolay Aleksandrov"
      
      * git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net: (46 commits)
        net: nexthop: don't allow empty NHA_GROUP
        bpf: Fix two typos in uapi/linux/bpf.h
        net: dsa: b53: check for timeout
        tipc: call rcu_read_lock() in tipc_aead_encrypt_done()
        net/sched: act_ct: Fix skb double-free in tcf_ct_handle_fragments() error flow
        net: sctp: Fix negotiation of the number of data streams.
        dt-bindings: net: renesas, ether: Improve schema validation
        gre6: Fix reception with IP6_TNL_F_RCV_DSCP_COPY
        hv_netvsc: Fix the queue_mapping in netvsc_vf_xmit()
        hv_netvsc: Remove "unlikely" from netvsc_select_queue
        bpf: selftests: global_funcs: Check err_str before strstr
        bpf: xdp: Fix XDP mode when no mode flags specified
        selftests/bpf: Remove test_align leftovers
        tools/resolve_btfids: Fix sections with wrong alignment
        net/smc: Prevent kernel-infoleak in __smc_diag_dump()
        sfc: fix build warnings on 32-bit
        net: phy: mscc: Fix a couple of spelling mistakes "spcified" -> "specified"
        libbpf: Fix map index used in error message
        net: gemini: Fix missing free_netdev() in error path of gemini_ethernet_port_probe()
        net: atlantic: Use readx_poll_timeout() for large timeout
        ...
      9d045ed1
    • Linus Torvalds's avatar
      Merge branch 'work.epoll' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs · f320ac6e
      Linus Torvalds authored
      Pull epoll fixes from Al Viro:
       "Fix reference counting and clean up exit paths"
      
      * 'work.epoll' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs:
        do_epoll_ctl(): clean the failure exits up a bit
        epoll: Keep a reference on files added to the check list
      f320ac6e
  6. 22 Aug, 2020 8 commits
    • Al Viro's avatar
      52c47969
    • Marc Zyngier's avatar
      epoll: Keep a reference on files added to the check list · a9ed4a65
      Marc Zyngier authored
      When adding a new fd to an epoll, and that this new fd is an
      epoll fd itself, we recursively scan the fds attached to it
      to detect cycles, and add non-epool files to a "check list"
      that gets subsequently parsed.
      
      However, this check list isn't completely safe when deletions
      can happen concurrently. To sidestep the issue, make sure that
      a struct file placed on the check list sees its f_count increased,
      ensuring that a concurrent deletion won't result in the file
      disapearing from under our feet.
      
      Cc: stable@vger.kernel.org
      Signed-off-by: default avatarMarc Zyngier <maz@kernel.org>
      Signed-off-by: default avatarAl Viro <viro@zeniv.linux.org.uk>
      a9ed4a65
    • Nikolay Aleksandrov's avatar
      net: nexthop: don't allow empty NHA_GROUP · eeaac363
      Nikolay Aleksandrov authored
      Currently the nexthop code will use an empty NHA_GROUP attribute, but it
      requires at least 1 entry in order to function properly. Otherwise we
      end up derefencing null or random pointers all over the place due to not
      having any nh_grp_entry members allocated, nexthop code relies on having at
      least the first member present. Empty NHA_GROUP doesn't make any sense so
      just disallow it.
      Also add a WARN_ON for any future users of nexthop_create_group().
      
       BUG: kernel NULL pointer dereference, address: 0000000000000080
       #PF: supervisor read access in kernel mode
       #PF: error_code(0x0000) - not-present page
       PGD 0 P4D 0
       Oops: 0000 [#1] SMP
       CPU: 0 PID: 558 Comm: ip Not tainted 5.9.0-rc1+ #93
       Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.13.0-2.fc32 04/01/2014
       RIP: 0010:fib_check_nexthop+0x4a/0xaa
       Code: 0f 84 83 00 00 00 48 c7 02 80 03 f7 81 c3 40 80 fe fe 75 12 b8 ea ff ff ff 48 85 d2 74 6b 48 c7 02 40 03 f7 81 c3 48 8b 40 10 <48> 8b 80 80 00 00 00 eb 36 80 78 1a 00 74 12 b8 ea ff ff ff 48 85
       RSP: 0018:ffff88807983ba00 EFLAGS: 00010213
       RAX: 0000000000000000 RBX: ffff88807983bc00 RCX: 0000000000000000
       RDX: ffff88807983bc00 RSI: 0000000000000000 RDI: ffff88807bdd0a80
       RBP: ffff88807983baf8 R08: 0000000000000dc0 R09: 000000000000040a
       R10: 0000000000000000 R11: ffff88807bdd0ae8 R12: 0000000000000000
       R13: 0000000000000000 R14: ffff88807bea3100 R15: 0000000000000001
       FS:  00007f10db393700(0000) GS:ffff88807dc00000(0000) knlGS:0000000000000000
       CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
       CR2: 0000000000000080 CR3: 000000007bd0f004 CR4: 00000000003706f0
       Call Trace:
        fib_create_info+0x64d/0xaf7
        fib_table_insert+0xf6/0x581
        ? __vma_adjust+0x3b6/0x4d4
        inet_rtm_newroute+0x56/0x70
        rtnetlink_rcv_msg+0x1e3/0x20d
        ? rtnl_calcit.isra.0+0xb8/0xb8
        netlink_rcv_skb+0x5b/0xac
        netlink_unicast+0xfa/0x17b
        netlink_sendmsg+0x334/0x353
        sock_sendmsg_nosec+0xf/0x3f
        ____sys_sendmsg+0x1a0/0x1fc
        ? copy_msghdr_from_user+0x4c/0x61
        ___sys_sendmsg+0x63/0x84
        ? handle_mm_fault+0xa39/0x11b5
        ? sockfd_lookup_light+0x72/0x9a
        __sys_sendmsg+0x50/0x6e
        do_syscall_64+0x54/0xbe
        entry_SYSCALL_64_after_hwframe+0x44/0xa9
       RIP: 0033:0x7f10dacc0bb7
       Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb cd 66 0f 1f 44 00 00 8b 05 9a 4b 2b 00 85 c0 75 2e 48 63 ff 48 63 d2 b8 2e 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 8b 15 b1 f2 2a 00 f7 d8 64 89 02 48
       RSP: 002b:00007ffcbe628bf8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
       RAX: ffffffffffffffda RBX: 00007ffcbe628f80 RCX: 00007f10dacc0bb7
       RDX: 0000000000000000 RSI: 00007ffcbe628c60 RDI: 0000000000000003
       RBP: 000000005f41099c R08: 0000000000000001 R09: 0000000000000008
       R10: 00000000000005e9 R11: 0000000000000246 R12: 0000000000000000
       R13: 0000000000000000 R14: 00007ffcbe628d70 R15: 0000563a86c6e440
       Modules linked in:
       CR2: 0000000000000080
      
      CC: David Ahern <dsahern@gmail.com>
      Fixes: 430a0491 ("nexthop: Add support for nexthop groups")
      Reported-by: syzbot+a61aa19b0c14c8770bd9@syzkaller.appspotmail.com
      Signed-off-by: default avatarNikolay Aleksandrov <nikolay@cumulusnetworks.com>
      Reviewed-by: default avatarDavid Ahern <dsahern@gmail.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      eeaac363
    • Linus Torvalds's avatar
      Merge tag 'kbuild-fixes-v5.9' of... · c3d8f220
      Linus Torvalds authored
      Merge tag 'kbuild-fixes-v5.9' of git://git.kernel.org/pub/scm/linux/kernel/git/masahiroy/linux-kbuild
      
      Pull Kbuild fixes from Masahiro Yamada:
      
       - move -Wsign-compare warning from W=2 to W=3
      
       - fix the keyword _restrict to __restrict in genksyms
      
       - fix more bugs in qconf
      
      * tag 'kbuild-fixes-v5.9' of git://git.kernel.org/pub/scm/linux/kernel/git/masahiroy/linux-kbuild:
        kconfig: qconf: replace deprecated QString::sprintf() with QTextStream
        kconfig: qconf: remove redundant help in the info view
        kconfig: qconf: remove qInfo() to get back Qt4 support
        kconfig: qconf: remove unused colNr
        kconfig: qconf: fix the popup menu in the ConfigInfoView window
        kconfig: qconf: fix signal connection to invalid slots
        genksyms: keywords: Use __restrict not _restrict
        kbuild: remove redundant patterns in filter/filter-out
        extract-cert: add static to local data
        Makefile.extrawarn: Move sign-compare from W=2 to W=3
      c3d8f220
    • Linus Torvalds's avatar
      Merge tag 'arm64-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux · dd105d64
      Linus Torvalds authored
      Pull arm64 fixes from Catalin Marinas:
      
       - Allow booting of late secondary CPUs affected by erratum 1418040
         (currently they are parked if none of the early CPUs are affected by
         this erratum).
      
       - Add the 32-bit vdso Makefile to the vdso_install rule so that 'make
         vdso_install' installs the 32-bit compat vdso when it is compiled.
      
       - Print a warning that untrusted guests without a CPU erratum
         workaround (Cortex-A57 832075) may deadlock the affected system.
      
      * tag 'arm64-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux:
        ARM64: vdso32: Install vdso32 from vdso_install
        KVM: arm64: Print warning when cpu erratum can cause guests to deadlock
        arm64: Allow booting of late CPUs affected by erratum 1418040
        arm64: Move handling of erratum 1418040 into C code
      dd105d64
    • Linus Torvalds's avatar
      Merge tag 's390-5.9-3' of git://git.kernel.org/pub/scm/linux/kernel/git/s390/linux · d57ce840
      Linus Torvalds authored
      Pull s390 fixes from Vasily Gorbik:
      
       - a couple of fixes for storage key handling relevant for debugging
      
       - add cond_resched into potentially slow subchannels scanning loop
      
       - fixes for PF/VF linking and to ignore stale PCI configuration request
         events
      
      * tag 's390-5.9-3' of git://git.kernel.org/pub/scm/linux/kernel/git/s390/linux:
        s390/pci: fix PF/VF linking on hot plug
        s390/pci: re-introduce zpci_remove_device()
        s390/pci: fix zpci_bus_link_virtfn()
        s390/ptrace: fix storage key handling
        s390/runtime_instrumentation: fix storage key handling
        s390/pci: ignore stale configuration request event
        s390/cio: add cond_resched() in the slow_eval_known_fn() loop
      d57ce840
    • Linus Torvalds's avatar
      Merge tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm · b2d9e996
      Linus Torvalds authored
      Pull kvm fixes from Paolo Bonzini:
      
       - PAE and PKU bugfixes for x86
      
       - selftests fix for new binutils
      
       - MMU notifier fix for arm64
      
      * tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm:
        KVM: arm64: Only reschedule if MMU_NOTIFIER_RANGE_BLOCKABLE is not set
        KVM: Pass MMU notifier range flags to kvm_unmap_hva_range()
        kvm: x86: Toggling CR4.PKE does not load PDPTEs in PAE mode
        kvm: x86: Toggling CR4.SMAP does not load PDPTEs in PAE mode
        KVM: x86: fix access code passed to gva_to_gpa
        selftests: kvm: Use a shorter encoding to clear RAX
      b2d9e996
    • Linus Torvalds's avatar
      Merge tag 'scsi-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi · 9e574b74
      Linus Torvalds authored
      Pull SCSI fixes from James Bottomley:
       "23 fixes in 5 drivers (qla2xxx, ufs, scsi_debug, fcoe, zfcp). The bulk
        of the changes are in qla2xxx and ufs and all are mostly small and
        definitely don't impact the core"
      
      * tag 'scsi-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi: (23 commits)
        Revert "scsi: qla2xxx: Disable T10-DIF feature with FC-NVMe during probe"
        Revert "scsi: qla2xxx: Fix crash on qla2x00_mailbox_command"
        scsi: qla2xxx: Fix null pointer access during disconnect from subsystem
        scsi: qla2xxx: Check if FW supports MQ before enabling
        scsi: qla2xxx: Fix WARN_ON in qla_nvme_register_hba
        scsi: qla2xxx: Allow ql2xextended_error_logging special value 1 to be set anytime
        scsi: qla2xxx: Reduce noisy debug message
        scsi: qla2xxx: Fix login timeout
        scsi: qla2xxx: Indicate correct supported speeds for Mezz card
        scsi: qla2xxx: Flush I/O on zone disable
        scsi: qla2xxx: Flush all sessions on zone disable
        scsi: qla2xxx: Use MBX_TOV_SECONDS for mailbox command timeout values
        scsi: scsi_debug: Fix scp is NULL errors
        scsi: zfcp: Fix use-after-free in request timeout handlers
        scsi: ufs: No need to send Abort Task if the task in DB was cleared
        scsi: ufs: Clean up completed request without interrupt notification
        scsi: ufs: Improve interrupt handling for shared interrupts
        scsi: ufs: Fix interrupt error message for shared interrupts
        scsi: ufs-pci: Add quirk for broken auto-hibernate for Intel EHL
        scsi: ufs-mediatek: Fix incorrect time to wait link status
        ...
      9e574b74