openwrt/staging/blogic.git
6 years agobtrfs: mark btrfs_dev_replace_start as static
Anand Jain [Sun, 11 Nov 2018 14:22:16 +0000 (22:22 +0800)]
btrfs: mark btrfs_dev_replace_start as static

There isn't any other consumer other than in its own file dev-replace.c.

Signed-off-by: Anand Jain <anand.jain@oracle.com>
Reviewed-by: Nikolay Borisov <nborisov@suse.com>
Signed-off-by: David Sterba <dsterba@suse.com>
6 years agobtrfs: harden agaist duplicate fsid on scanned devices
Anand Jain [Mon, 15 Oct 2018 02:45:17 +0000 (10:45 +0800)]
btrfs: harden agaist duplicate fsid on scanned devices

It's not that impossible to imagine that a device OR a btrfs image is
copied just by using the dd or the cp command. Which in case both the
copies of the btrfs will have the same fsid. If on the system with
automount enabled, the copied FS gets scanned.

We have a known bug in btrfs, that we let the device path be changed
after the device has been mounted. So using this loop hole the new
copied device would appears as if its mounted immediately after it's
been copied.

For example:

Initially.. /dev/mmcblk0p4 is mounted as /

  $ lsblk
  NAME        MAJ:MIN RM  SIZE RO TYPE MOUNTPOINT
  mmcblk0     179:0    0 29.2G  0 disk
  |-mmcblk0p4 179:4    0    4G  0 part /
  |-mmcblk0p2 179:2    0  500M  0 part /boot
  |-mmcblk0p3 179:3    0  256M  0 part [SWAP]
  `-mmcblk0p1 179:1    0  256M  0 part /boot/efi

  $ btrfs fi show
     Label: none  uuid: 07892354-ddaa-4443-90ea-f76a06accaba
     Total devices 1 FS bytes used 1.40GiB
     devid    1 size 4.00GiB used 3.00GiB path /dev/mmcblk0p4

Copy mmcblk0 to sda

  $ dd if=/dev/mmcblk0 of=/dev/sda

And immediately after the copy completes the change in the device
superblock is notified which the automount scans using btrfs device scan
and the new device sda becomes the mounted root device.

  $ lsblk
  NAME        MAJ:MIN RM  SIZE RO TYPE MOUNTPOINT
  sda           8:0    1 14.9G  0 disk
  |-sda4        8:4    1    4G  0 part /
  |-sda2        8:2    1  500M  0 part
  |-sda3        8:3    1  256M  0 part
  `-sda1        8:1    1  256M  0 part
  mmcblk0     179:0    0 29.2G  0 disk
  |-mmcblk0p4 179:4    0    4G  0 part
  |-mmcblk0p2 179:2    0  500M  0 part /boot
  |-mmcblk0p3 179:3    0  256M  0 part [SWAP]
  `-mmcblk0p1 179:1    0  256M  0 part /boot/efi

  $ btrfs fi show /
    Label: none  uuid: 07892354-ddaa-4443-90ea-f76a06accaba
    Total devices 1 FS bytes used 1.40GiB
    devid    1 size 4.00GiB used 3.00GiB path /dev/sda4

The bug is quite nasty that you can't either unmount /dev/sda4 or
/dev/mmcblk0p4. And the problem does not get solved until you take sda
out of the system on to another system to change its fsid using the
'btrfstune -u' command.

Signed-off-by: Anand Jain <anand.jain@oracle.com>
Reviewed-by: David Sterba <dsterba@suse.com>
Signed-off-by: David Sterba <dsterba@suse.com>
6 years agobtrfs: introduce nparity raid_attr
Hans van Kranenburg [Thu, 4 Oct 2018 21:24:42 +0000 (23:24 +0200)]
btrfs: introduce nparity raid_attr

Instead of hardcoding exceptions for RAID5 and RAID6 in the code, use an
nparity field in raid_attr.

Signed-off-by: Hans van Kranenburg <hans.van.kranenburg@mendix.com>
Signed-off-by: David Sterba <dsterba@suse.com>
6 years agobtrfs: fix ncopies raid_attr for RAID56
Hans van Kranenburg [Thu, 4 Oct 2018 21:24:41 +0000 (23:24 +0200)]
btrfs: fix ncopies raid_attr for RAID56

RAID5 and RAID6 profile store one copy of the data, not 2 or 3. These
values are not yet used anywhere so there's no change.

Reviewed-by: Nikolay Borisov <nborisov@suse.com>
Signed-off-by: Hans van Kranenburg <hans.van.kranenburg@mendix.com>
Signed-off-by: David Sterba <dsterba@suse.com>
6 years agobtrfs: alloc_chunk: fix more DUP stripe size handling
Hans van Kranenburg [Thu, 4 Oct 2018 21:24:40 +0000 (23:24 +0200)]
btrfs: alloc_chunk: fix more DUP stripe size handling

Commit 92e222df7b "btrfs: alloc_chunk: fix DUP stripe size handling"
fixed calculating the stripe_size for a new DUP chunk.

However, the same calculation reappears a bit later, and that one was
not changed yet. The resulting bug that is exposed is that the newly
allocated device extents ('stripes') can have a few MiB overlap with the
next thing stored after them, which is another device extent or the end
of the disk.

The scenario in which this can happen is:
* The block device for the filesystem is less than 10GiB in size.
* The amount of contiguous free unallocated disk space chosen to use for
  chunk allocation is 20% of the total device size, or a few MiB more or
  less.

An example:
- The filesystem device is 7880MiB (max_chunk_size gets set to 788MiB)
- There's 1578MiB unallocated raw disk space left in one contiguous
  piece.

In this case stripe_size is first calculated as 789MiB, (half of
1578MiB).

Since 789MiB (stripe_size * data_stripes) > 788MiB (max_chunk_size), we
enter the if block. Now stripe_size value is immediately overwritten
while calculating an adjusted value based on max_chunk_size, which ends
up as 788MiB.

Next, the value is rounded up to a 16MiB boundary, 800MiB, which is
actually more than the value we had before. However, the last comparison
fails to detect this, because it's comparing the value with the total
amount of free space, which is about twice the size of stripe_size.

In the example above, this means that the resulting raw disk space being
allocated is 1600MiB, while only a gap of 1578MiB has been found. The
second device extent object for this DUP chunk will overlap for 22MiB
with whatever comes next.

The underlying problem here is that the stripe_size is reused all the
time for different things. So, when entering the code in the if block,
stripe_size is immediately overwritten with something else. If later we
decide we want to have the previous value back, then the logic to
compute it was copy pasted in again.

With this change, the value in stripe_size is not unnecessarily
destroyed, so the duplicated calculation is not needed any more.

Signed-off-by: Hans van Kranenburg <hans.van.kranenburg@mendix.com>
Signed-off-by: David Sterba <dsterba@suse.com>
6 years agobtrfs: alloc_chunk: improve chunk size variable name
Hans van Kranenburg [Thu, 4 Oct 2018 21:24:39 +0000 (23:24 +0200)]
btrfs: alloc_chunk: improve chunk size variable name

The variable num_bytes is really a way too generic name for a variable
in this function. There are a dozen other variables that hold a number
of bytes as value.

Give it a name that actually describes what it does, which is holding
the size of the chunk that we're allocating.

Reviewed-by: David Sterba <dsterba@suse.com>
Signed-off-by: Hans van Kranenburg <hans.van.kranenburg@mendix.com>
Signed-off-by: David Sterba <dsterba@suse.com>
6 years agobtrfs: alloc_chunk: do not refurbish num_bytes
Hans van Kranenburg [Thu, 4 Oct 2018 21:24:38 +0000 (23:24 +0200)]
btrfs: alloc_chunk: do not refurbish num_bytes

The variable num_bytes is used to store the chunk length of the chunk
that we're allocating. Do not reuse it for something really different in
the same function.

Reviewed-by: Nikolay Borisov <nborisov@suse.com>
Signed-off-by: Hans van Kranenburg <hans.van.kranenburg@mendix.com>
Signed-off-by: David Sterba <dsterba@suse.com>
6 years agobtrfs: use tagged writepage to mitigate livelock of snapshot
Ethan Lien [Thu, 1 Nov 2018 06:49:03 +0000 (14:49 +0800)]
btrfs: use tagged writepage to mitigate livelock of snapshot

Snapshot is expected to be fast. But if there are writers steadily
creating dirty pages in our subvolume, the snapshot may take a very long
time to complete. To fix the problem, we use tagged writepage for
snapshot flusher as we do in the generic write_cache_pages(), so we can
omit pages dirtied after the snapshot command.

This does not change the semantics regarding which data get to the
snapshot, if there are pages being dirtied during the snapshotting
operation.  There's a sync called before snapshot is taken in old/new
case, any IO in flight just after that may be in the snapshot but this
depends on other system effects that might still sync the IO.

We do a simple snapshot speed test on a Intel D-1531 box:

fio --ioengine=libaio --iodepth=32 --bs=4k --rw=write --size=64G
--direct=0 --thread=1 --numjobs=1 --time_based --runtime=120
--filename=/mnt/sub/testfile --name=job1 --group_reporting & sleep 5;
time btrfs sub snap -r /mnt/sub /mnt/snap; killall fio

original: 1m58sec
patched:  6.54sec

This is the best case for this patch since for a sequential write case,
we omit nearly all pages dirtied after the snapshot command.

For a multi writers, random write test:

fio --ioengine=libaio --iodepth=32 --bs=4k --rw=randwrite --size=64G
--direct=0 --thread=1 --numjobs=4 --time_based --runtime=120
--filename=/mnt/sub/testfile --name=job1 --group_reporting & sleep 5;
time btrfs sub snap -r /mnt/sub /mnt/snap; killall fio

original: 15.83sec
patched:  10.35sec

The improvement is smaller compared to the sequential write case,
since we omit only half of the pages dirtied after snapshot command.

Reviewed-by: Nikolay Borisov <nborisov@suse.com>
Signed-off-by: Ethan Lien <ethanlien@synology.com>
Reviewed-by: David Sterba <dsterba@suse.com>
Signed-off-by: David Sterba <dsterba@suse.com>
6 years agobtrfs: Remove unused extent_state argument from btrfs_writepage_endio_finish_ordered
Nikolay Borisov [Thu, 8 Nov 2018 08:18:08 +0000 (10:18 +0200)]
btrfs: Remove unused extent_state argument from btrfs_writepage_endio_finish_ordered

This parameter was never used, yet was part of the interface of the
function ever since its introduction as extent_io_ops::writepage_end_io_hook
in e6dcd2dc9c48 ("Btrfs: New data=ordered implementation"). Now that
NULL is passed everywhere as a value for this parameter let's remove it
for good. No functional changes.

Signed-off-by: Nikolay Borisov <nborisov@suse.com>
Reviewed-by: David Sterba <dsterba@suse.com>
Signed-off-by: David Sterba <dsterba@suse.com>
6 years agobtrfs: Remove extent_page_data argument from writepage_delalloc
Nikolay Borisov [Thu, 8 Nov 2018 08:18:07 +0000 (10:18 +0200)]
btrfs: Remove extent_page_data argument from writepage_delalloc

The only remaining use of the 'epd' argument in writepage_delalloc is
to reference the extent_io_tree which was set in extent_writepages. Since
it is guaranteed that page->mapping of any page passed to
writepage_delalloc (and __extent_writepage as the sole caller) to be
equal to that passed in extent_writepages we can directly get the
io_tree via the already passed inode (which is also taken from
page->mapping->host). No functional changes.

Signed-off-by: Nikolay Borisov <nborisov@suse.com>
Reviewed-by: David Sterba <dsterba@suse.com>
Signed-off-by: David Sterba <dsterba@suse.com>
6 years agobtrfs: Move epd::extent_locked check to writepage_delalloc's caller
Nikolay Borisov [Thu, 8 Nov 2018 08:18:06 +0000 (10:18 +0200)]
btrfs: Move epd::extent_locked check to writepage_delalloc's caller

If epd::extent_locked is set then writepage_delalloc terminates. Make
this a bit more apparent in the caller by simply bubbling the check up.
This enables to remove epd as an argument to writepage_delalloc in a
future patch. No functional change.

Signed-off-by: Nikolay Borisov <nborisov@suse.com>
Reviewed-by: David Sterba <dsterba@suse.com>
Signed-off-by: David Sterba <dsterba@suse.com>
6 years agobtrfs: Check for missing device before bio submission in btrfs_map_bio
Nikolay Borisov [Thu, 8 Nov 2018 14:16:38 +0000 (16:16 +0200)]
btrfs: Check for missing device before bio submission in btrfs_map_bio

Before btrfs_map_bio submits all stripe bios it does a number of checks
to ensure the device for every stripe is present. However, it doesn't do
a DEV_STATE_MISSING check, instead this is relegated to the lower level
btrfs_schedule_bio (in the async submission case, sync submission
doesn't check DEV_STATE_MISSING at all). Additionally
btrfs_schedule_bios does the duplicate device->bdev check which has
already been performed in btrfs_map_bio.

This patch moves the DEV_STATE_MISSING check in btrfs_map_bio and
removes the duplicate device->bdev check. Doing so ensures that no bio
cloning/submission happens for both async/sync requests in the face of
missing device. This makes the async io submission path slightly shorter
in terms of instruction count. No functional changes.

Reviewed-by: Josef Bacik <josef@toxicpanda.com>
Reviewed-by: Anand Jain <anand.jain@oracle.com>
Signed-off-by: Nikolay Borisov <nborisov@suse.com>
Reviewed-by: David Sterba <dsterba@suse.com>
Signed-off-by: David Sterba <dsterba@suse.com>
6 years agobtrfs: remove redundant replace_state init
Anand Jain [Mon, 12 Nov 2018 05:05:15 +0000 (13:05 +0800)]
btrfs: remove redundant replace_state init

dev_replace::replace_state has been set to
BTRFS_DEV_REPLACE_ITEM_STATE_NEVER_STARTED (0) in the same function,
So delete the line which sets replace_state = 0;

Reviewed-by: Nikolay Borisov <nborisov@suse.com>
Signed-off-by: Anand Jain <anand.jain@oracle.com>
Signed-off-by: David Sterba <dsterba@suse.com>
6 years agoBtrfs: remove no longer used io_err from btrfs_log_ctx
Filipe Manana [Mon, 12 Nov 2018 10:24:30 +0000 (10:24 +0000)]
Btrfs: remove no longer used io_err from btrfs_log_ctx

The io_err field of struct btrfs_log_ctx is no longer used after the
recent simplification of the fast fsync path, where we now wait for
ordered extents to complete before logging the inode. We did this in
commit b5e6c3e170b7 ("btrfs: always wait on ordered extents at fsync
time") and commit a2120a473a80 ("btrfs: clean up the left over
logged_list usage") removed its last use.

Reviewed-by: Nikolay Borisov <nborisov@suse.com>
Reviewed-by: Josef Bacik <josef@toxicpanda.com>
Signed-off-by: Filipe Manana <fdmanana@suse.com>
Signed-off-by: David Sterba <dsterba@suse.com>
6 years agoBtrfs: simpler and more efficient cleanup of a log tree's extent io tree
Filipe Manana [Fri, 9 Nov 2018 10:43:08 +0000 (10:43 +0000)]
Btrfs: simpler and more efficient cleanup of a log tree's extent io tree

We currently are in a loop finding each range (corresponding to a btree
node/leaf) in a log root's extent io tree and then clean it up. This is a
waste of time since we are traversing the extent io tree's rb_tree more
times then needed (one for a range lookup and another for cleaning it up)
without any good reason.

We free the log trees when we are in the critical section of a transaction
commit (the transaction state is set to TRANS_STATE_COMMIT_DOING), so it's
of great convenience to do everything as fast as possible in order to
reduce the time we block other tasks from starting a new transaction.

So fix this by traversing the extent io tree once and cleaning up all its
records in one go while traversing it.

Reviewed-by: Nikolay Borisov <nborisov@suse.com>
Reviewed-by: Josef Bacik <josef@toxicpanda.com>
Signed-off-by: Filipe Manana <fdmanana@suse.com>
Signed-off-by: David Sterba <dsterba@suse.com>
6 years agobtrfs: Adjust loop in free_extent_buffer
Nikolay Borisov [Mon, 15 Oct 2018 14:04:01 +0000 (17:04 +0300)]
btrfs: Adjust loop in free_extent_buffer

The loop construct in free_extent_buffer was added in
242e18c7c1a8 ("Btrfs: reduce lock contention on extent buffer locks")
as means of reducing the times the eb lock is taken, the non-last ref
count is decremented and lock is released. As the special handling
of UNMAPPED extent buffers was removed now there is only one decrement
op which is happening for EXTENT_BUFFER_UNMAPPED case.

This commit modifies the loop condition so that in case of UNMAPPED
buffers the eb's lock is taken only if we are 100% sure the eb is going
to be freed by the current executor of the code. Additionally, remove
superfluous ref count ops in btrfs test.

Signed-off-by: Nikolay Borisov <nborisov@suse.com>
Reviewed-by: David Sterba <dsterba@suse.com>
Signed-off-by: David Sterba <dsterba@suse.com>
6 years agobtrfs: Remove special handling of EXTENT_BUFFER_UNMAPPED while freeing
Nikolay Borisov [Wed, 15 Aug 2018 15:26:57 +0000 (18:26 +0300)]
btrfs: Remove special handling of EXTENT_BUFFER_UNMAPPED while freeing

Now that the whole of btrfs code has been audited for eb reference count
management it's time to remove the hunk in free_extent_buffer that
essentially considered the condition

  "eb->ref == 2 && EXTENT_BUFFER_DUMMY"

to equal "eb->ref = 1". Also remove the last location
which takes an extra reference count in alloc_test_extent_buffer.

Signed-off-by: Nikolay Borisov <nborisov@suse.com>
Reviewed-by: David Sterba <dsterba@suse.com>
Signed-off-by: David Sterba <dsterba@suse.com>
6 years agobtrfs: Remove unnecessary tree locking code in qgroup_rescan_leaf
Nikolay Borisov [Wed, 15 Aug 2018 15:26:56 +0000 (18:26 +0300)]
btrfs: Remove unnecessary tree locking code in qgroup_rescan_leaf

In qgroup_rescan_leaf a copy is made of the target leaf by calling
btrfs_clone_extent_buffer. The latter allocates a new buffer and
attaches a new set of pages and copies the content of the source buffer.
The new scratch buffer is only used to iterate it's items, it's not
published anywhere and cannot be accessed by a third party.

Hence, it's not necessary to perform any locking on it whatsoever.
Furthermore, remove the extra extent_buffer_get call since the new
buffer is always allocated with a reference count of 1 which is
sufficient here.  No functional changes.

Signed-off-by: Nikolay Borisov <nborisov@suse.com>
Reviewed-by: David Sterba <dsterba@suse.com>
Signed-off-by: David Sterba <dsterba@suse.com>
6 years agobtrfs: Remove extra reference count bumps in btrfs_compare_trees
Nikolay Borisov [Wed, 15 Aug 2018 15:26:55 +0000 (18:26 +0300)]
btrfs: Remove extra reference count bumps in btrfs_compare_trees

When the 2 comparison trees roots are initialised they are private to
the function and already have reference counts of 1 each. There is no
need to further increment the reference count since the cloned buffers
are already accessed via struct btrfs_path. Eventually the 2 paths used
for comparison are going to be released, effectively disposing of the
cloned buffers.

Signed-off-by: Nikolay Borisov <nborisov@suse.com>
Reviewed-by: David Sterba <dsterba@suse.com>
Signed-off-by: David Sterba <dsterba@suse.com>
6 years agobtrfs: Remove extraneous extent_buffer_get from tree_mod_log_rewind
Nikolay Borisov [Wed, 15 Aug 2018 15:26:54 +0000 (18:26 +0300)]
btrfs: Remove extraneous extent_buffer_get from tree_mod_log_rewind

When a rewound buffer is created it already has a ref count of 1 and the
dummy flag set. Then another ref is taken bumping the count to 2.
Finally when this buffer is released from btrfs_release_path the extra
reference is decremented by the special handling code in
free_extent_buffer.

However, this special code is in fact redundant sinca ref count of 1 is
still correct since the buffer is only accessed via btrfs_path struct.
This paves the way forward of removing the special handling in
free_extent_buffer.

Signed-off-by: Nikolay Borisov <nborisov@suse.com>
Reviewed-by: David Sterba <dsterba@suse.com>
Signed-off-by: David Sterba <dsterba@suse.com>
6 years agobtrfs: Remove redundant extent_buffer_get in get_old_root
Nikolay Borisov [Wed, 15 Aug 2018 15:26:53 +0000 (18:26 +0300)]
btrfs: Remove redundant extent_buffer_get in get_old_root

get_old_root used used only by btrfs_search_old_slot to initialise the
path structure. The old root is always a cloned buffer (either via alloc
dummy or via btrfs_clone_extent_buffer) and its reference count is 2: 1
from allocation, 1 from extent_buffer_get call in get_old_root.

This latter explicit ref count acquire operation is in fact unnecessary
since the semantic is such that the newly allocated buffer is handed
over to the btrfs_path for lifetime management. Considering this just
remove the extra extent_buffer_get in get_old_root.

Signed-off-by: Nikolay Borisov <nborisov@suse.com>
Reviewed-by: David Sterba <dsterba@suse.com>
Signed-off-by: David Sterba <dsterba@suse.com>
6 years agobtrfs: Remove needless tree locking in iterate_inode_extrefs
Nikolay Borisov [Wed, 15 Aug 2018 15:26:52 +0000 (18:26 +0300)]
btrfs: Remove needless tree locking in iterate_inode_extrefs

In iterate_inode_exrefs the eb is cloned via btrfs_clone_extent_buffer
which creates a private extent buffer with the dummy flag set and ref
count of 1. Then this buffer is locked for reading and its ref count is
incremented by 1. Finally it's fed to the passed iterate_irefs_t
function. The actual iterate call back is inode_to_path (coming from
paths_from_inode) which feeds the eb to btrfs_ref_to_path. In this final
function the passed eb is only read by first assigning it to the local
eb variable. This variable is only modified in the case another eb was
referenced from the passed path that is eb != eb_in check triggers.

Considering this there is no point in locking the cloned eb in
iterate_inode_refs since it's never being modified and is not published
anywhere. Furthermore the cloned eb is completely fine having its ref
count be 1.

Signed-off-by: Nikolay Borisov <nborisov@suse.com>
Reviewed-by: David Sterba <dsterba@suse.com>
Signed-off-by: David Sterba <dsterba@suse.com>
6 years agobtrfs: Remove needless tree locking in iterate_inode_refs
Nikolay Borisov [Wed, 15 Aug 2018 15:26:51 +0000 (18:26 +0300)]
btrfs: Remove needless tree locking in iterate_inode_refs

In iterate_inode_refs the eb is cloned via btrfs_clone_extent_buffer
which creates a private extent buffer with the dummy flag set and ref
count of 1. Then this buffer is locked for reading and its ref count is
incremented by 1. Finally it's fed to the passed iterate_irefs_t
function. The actual iterate call back is inode_to_path (coming from
paths_from_inode) which feeds the eb to btrfs_ref_to_path. In this final
function the passed eb is only read by first assigning it to the local
eb variable. This variable is only modified in the case another eb was
referenced from the passed path that is eb != eb_in check triggers.

Considering this there is no point in locking the cloned eb in
iterate_inode_refs since it's never being modified and is not published
anywhere. Furthermore the cloned eb is completely fine having its ref
count be 1.

Signed-off-by: Nikolay Borisov <nborisov@suse.com>
Reviewed-by: David Sterba <dsterba@suse.com>
Signed-off-by: David Sterba <dsterba@suse.com>
6 years agobtrfs: tests: Use BTRFS_MAX_EXTENT_SIZE to replace the intermediate number
Qu Wenruo [Sat, 3 Nov 2018 09:24:52 +0000 (17:24 +0800)]
btrfs: tests: Use BTRFS_MAX_EXTENT_SIZE to replace the intermediate number

In extent-io self test, we need 2 ordered extents at its maximum size to
do the test.

Instead of using the intermediate numbers, use BTRFS_MAX_EXTENT_SIZE for
@max_bytes, and twice @max_bytes for @total_dirty.  This should explain
why we need all these magic numbers and prevent people to modify them by
accident.

Reviewed-by: Nikolay Borisov <nborisov@suse.com>
Signed-off-by: Qu Wenruo <wqu@suse.com>
Signed-off-by: David Sterba <dsterba@suse.com>
6 years agoBtrfs: support swap files
Omar Sandoval [Thu, 3 Nov 2016 17:28:14 +0000 (10:28 -0700)]
Btrfs: support swap files

Btrfs has not allowed swap files since commit 35054394c4b3 ("Btrfs: stop
providing a bmap operation to avoid swapfile corruptions"). However, now
that the proper restrictions are in place, Btrfs can support swap files
through the swap file a_ops, similar to iomap in commit 67482129cdab
("iomap: add a swapfile activation function").

For Btrfs, activation needs to make sure that the file can be used as a
swap file, which currently means that it must be fully allocated as
NOCOW with no compression on one device. It must also do the proper
tracking so that ioctls will not interfere with the swap file.
Deactivation clears this tracking.

Signed-off-by: Omar Sandoval <osandov@fb.com>
Reviewed-by: David Sterba <dsterba@suse.com>
Signed-off-by: David Sterba <dsterba@suse.com>
6 years agoBtrfs: rename and export get_chunk_map
Omar Sandoval [Wed, 16 May 2018 23:34:31 +0000 (16:34 -0700)]
Btrfs: rename and export get_chunk_map

The Btrfs swap code is going to need it, so give it a btrfs_ prefix and
make it non-static.

Reviewed-by: Nikolay Borisov <nborisov@suse.com>
Signed-off-by: Omar Sandoval <osandov@fb.com>
Reviewed-by: David Sterba <dsterba@suse.com>
Signed-off-by: David Sterba <dsterba@suse.com>
6 years agoBtrfs: prevent ioctls from interfering with a swap file
Omar Sandoval [Thu, 3 Nov 2016 17:28:12 +0000 (10:28 -0700)]
Btrfs: prevent ioctls from interfering with a swap file

A later patch will implement swap file support for Btrfs, but before we
do that, we need to make sure that the various Btrfs ioctls cannot
change a swap file.

When a swap file is active, we must make sure that the extents of the
file are not moved and that they don't become shared. That means that
the following are not safe:

- chattr +c (enable compression)
- reflink
- dedupe
- snapshot
- defrag

Don't allow those to happen on an active swap file.

Additionally, balance, resize, device remove, and device replace are
also unsafe if they affect an active swapfile. Add a red-black tree of
block groups and devices which contain an active swapfile. Relocation
checks each block group against this tree and skips it or errors out for
balance or resize, respectively. Device remove and device replace check
the tree for the device they will operate on.

Note that we don't have to worry about chattr -C (disable nocow), which
we ignore for non-empty files, because an active swapfile must be
non-empty and can't be truncated. We also don't have to worry about
autodefrag because it's only done on COW files. Truncate and fallocate
are already taken care of by the generic code. Device add doesn't do
relocation so it's not an issue, either.

Signed-off-by: Omar Sandoval <osandov@fb.com>
Reviewed-by: David Sterba <dsterba@suse.com>
Signed-off-by: David Sterba <dsterba@suse.com>
6 years agobtrfs: Remove extent_io_ops::split_extent_hook callback
Nikolay Borisov [Thu, 1 Nov 2018 12:09:53 +0000 (14:09 +0200)]
btrfs: Remove extent_io_ops::split_extent_hook callback

This is the counterpart to merge_extent_hook, similarly, it's used only
for data/freespace inodes so let's remove it, rename it and call it
directly where necessary. No functional changes.

Reviewed-by: Josef Bacik <josef@toxicpanda.com>
Signed-off-by: Nikolay Borisov <nborisov@suse.com>
Reviewed-by: David Sterba <dsterba@suse.com>
Signed-off-by: David Sterba <dsterba@suse.com>
6 years agobtrfs: Remove extent_io_ops::merge_extent_hook callback
Nikolay Borisov [Thu, 1 Nov 2018 12:09:52 +0000 (14:09 +0200)]
btrfs: Remove extent_io_ops::merge_extent_hook callback

This callback is used only for data and free space inodes. Such inodes
are guaranteed to have their extent_io_tree::private_data set to the
inode struct. Exploit this fact to directly call the function. Also give
it a more descriptive name. No functional changes.

Reviewed-by: Josef Bacik <josef@toxicpanda.com>
Signed-off-by: Nikolay Borisov <nborisov@suse.com>
Reviewed-by: David Sterba <dsterba@suse.com>
Signed-off-by: David Sterba <dsterba@suse.com>
6 years agobtrfs: Remove extent_io_ops::clear_bit_hook callback
Nikolay Borisov [Thu, 1 Nov 2018 12:09:51 +0000 (14:09 +0200)]
btrfs: Remove extent_io_ops::clear_bit_hook callback

This is the counterpart to ex-set_bit_hook (now btrfs_set_delalloc_extent),
similar to what was done before remove clear_bit_hook and rename the
function. No functional changes.

Reviewed-by: Josef Bacik <josef@toxicpanda.com>
Signed-off-by: Nikolay Borisov <nborisov@suse.com>
Reviewed-by: David Sterba <dsterba@suse.com>
Signed-off-by: David Sterba <dsterba@suse.com>
6 years agobtrfs: Remove extent_io_ops::set_bit_hook extent_io callback
Nikolay Borisov [Thu, 1 Nov 2018 12:09:50 +0000 (14:09 +0200)]
btrfs: Remove extent_io_ops::set_bit_hook extent_io callback

This callback is used to properly account delalloc extents for data
inodes (ordinary file inodes and freespace v1 inodes). Those can be
easily identified since they have their extent_io trees ->private_data
member point to the inode. Let's exploit this fact to remove the
needless indirection through extent_io_hooks and directly call the
function. Also give the function a name which reflects its purpose -
btrfs_set_delalloc_extent.

This patch also modified test_find_delalloc so that the extent_io_tree
used for testing doesn't have its ->private_data set which would have
caused a crash in btrfs_set_delalloc_extent due to the btrfs_inode->root
member not being initialised. The old version of the code also didn't
call set_bit_hook since the extent_io ops weren't set for the inode.  No
functional changes.

Reviewed-by: Josef Bacik <josef@toxicpanda.com>
Signed-off-by: Nikolay Borisov <nborisov@suse.com>
Reviewed-by: David Sterba <dsterba@suse.com>
Signed-off-by: David Sterba <dsterba@suse.com>
6 years agobtrfs: Remove extent_io_ops::check_extent_io_range callback
Nikolay Borisov [Thu, 1 Nov 2018 12:09:49 +0000 (14:09 +0200)]
btrfs: Remove extent_io_ops::check_extent_io_range callback

This callback was only used in debug builds by btrfs_leak_debug_check.
A better approach is to move its implementation in
btrfs_leak_debug_check and ensure the latter is only executed for extent
tree which have ->private_data set i.e. relate to a data node and not
the btree one. No functional changes.

Reviewed-by: Josef Bacik <josef@toxicpanda.com>
Signed-off-by: Nikolay Borisov <nborisov@suse.com>
Reviewed-by: David Sterba <dsterba@suse.com>
Signed-off-by: David Sterba <dsterba@suse.com>
6 years agobtrfs: Remove extent_io_ops::writepage_end_io_hook
Nikolay Borisov [Thu, 1 Nov 2018 12:09:48 +0000 (14:09 +0200)]
btrfs: Remove extent_io_ops::writepage_end_io_hook

This callback is ony ever called for data page writeout so there is no
need to actually abstract it via extent_io_ops. Lets just export it,
remove the definition of the callback and call it directly in the
functions that invoke the callback. Also rename the function to
btrfs_writepage_endio_finish_ordered since what it really does is
account finished io in the ordered extent data structures.  No
functional changes.

Reviewed-by: Josef Bacik <josef@toxicpanda.com>
Signed-off-by: Nikolay Borisov <nborisov@suse.com>
Reviewed-by: David Sterba <dsterba@suse.com>
Signed-off-by: David Sterba <dsterba@suse.com>
6 years agobtrfs: Remove extent_io_ops::writepage_start_hook
Nikolay Borisov [Thu, 1 Nov 2018 12:09:47 +0000 (14:09 +0200)]
btrfs: Remove extent_io_ops::writepage_start_hook

This hook is called only from __extent_writepage_io which is already
called only from the data page writeout path. So there is no need to
make an indirect call via extent_io_ops. This patch just removes the
callback definition, exports the callback function and calls it directly
at the only call site. Also give the function a more descriptive name.
No functional changes.

Reviewed-by: Josef Bacik <josef@toxicpanda.com>
Signed-off-by: Nikolay Borisov <nborisov@suse.com>
Reviewed-by: David Sterba <dsterba@suse.com>
Signed-off-by: David Sterba <dsterba@suse.com>
6 years agobtrfs: Remove extent_io_ops::fill_delalloc
Nikolay Borisov [Thu, 1 Nov 2018 12:09:46 +0000 (14:09 +0200)]
btrfs: Remove extent_io_ops::fill_delalloc

This callback is called only from writepage_delalloc which in turn is
guaranteed to be called from the data page writeout path. In the end
there is no reason to have the call to this function to be indrected via
the extent_io_ops structure. This patch removes the callback definition,
exports the function and calls it directly. No functional changes.

Reviewed-by: Josef Bacik <josef@toxicpanda.com>
Signed-off-by: Nikolay Borisov <nborisov@suse.com>
Reviewed-by: David Sterba <dsterba@suse.com>
[ rename to btrfs_run_delalloc_range ]
Signed-off-by: David Sterba <dsterba@suse.com>
6 years agobtrfs: Add function to distinguish between data and btree inode
Nikolay Borisov [Fri, 9 Nov 2018 14:08:30 +0000 (16:08 +0200)]
btrfs: Add function to distinguish between data and btree inode

This will be used in future patches that remove the optional
extent_io_ops callbacks.

Signed-off-by: Nikolay Borisov <nborisov@suse.com>
Reviewed-by: David Sterba <dsterba@suse.com>
Signed-off-by: David Sterba <dsterba@suse.com>
6 years agobtrfs: volumes: Make sure no dev extent is beyond device boundary
Qu Wenruo [Fri, 5 Oct 2018 09:45:55 +0000 (17:45 +0800)]
btrfs: volumes: Make sure no dev extent is beyond device boundary

Add extra dev extent end check against device boundary.

Signed-off-by: Qu Wenruo <wqu@suse.com>
Reviewed-by: David Sterba <dsterba@suse.com>
Signed-off-by: David Sterba <dsterba@suse.com>
6 years agobtrfs: volumes: Make sure there is no overlap of dev extents at mount time
Qu Wenruo [Fri, 5 Oct 2018 09:45:54 +0000 (17:45 +0800)]
btrfs: volumes: Make sure there is no overlap of dev extents at mount time

Enhance btrfs_verify_dev_extents() to remember previous checked dev
extents, so it can verify no dev extents can overlap.

Analysis from Hans:

"Imagine allocating a DATA|DUP chunk.

 In the chunk allocator, we first set...
   max_stripe_size = SZ_1G;
   max_chunk_size = BTRFS_MAX_DATA_CHUNK_SIZE
 ... which is 10GiB.

 Then...
   /* we don't want a chunk larger than 10% of writeable space */
   max_chunk_size = min(div_factor(fs_devices->total_rw_bytes, 1),
         max_chunk_size);

 Imagine we only have one 7880MiB block device in this filesystem. Now
 max_chunk_size is down to 788MiB.

 The next step in the code is to search for max_stripe_size * dev_stripes
 amount of free space on the device, which is in our example 1GiB * 2 =
 2GiB. Imagine the device has exactly 1578MiB free in one contiguous
 piece. This amount of bytes will be put in devices_info[ndevs - 1].max_avail

 Next we recalculate the stripe_size (which is actually the device extent
 length), based on the actual maximum amount of available raw disk space:
   stripe_size = div_u64(devices_info[ndevs - 1].max_avail, dev_stripes);

 stripe_size is now 789MiB

 Next we do...
   data_stripes = num_stripes / ncopies
 ...where data_stripes ends up as 1, because num_stripes is 2 (the amount
 of device extents we're going to have), and DUP has ncopies 2.

 Next there's a check...
   if (stripe_size * data_stripes > max_chunk_size)
 ...which matches because 789MiB * 1 > 788MiB.

 We go into the if code, and next is...
   stripe_size = div_u64(max_chunk_size, data_stripes);
 ...which resets stripe_size to max_chunk_size: 788MiB

 Next is a fun one...
   /* bump the answer up to a 16MB boundary */
   stripe_size = round_up(stripe_size, SZ_16M);
 ...which changes stripe_size from 788MiB to 800MiB.

 We're not done changing stripe_size yet...
   /* But don't go higher than the limits we found while searching
    * for free extents
    */
   stripe_size = min(devices_info[ndevs - 1].max_avail,
              stripe_size);

 This is bad. max_avail is twice the stripe_size (we need to fit 2 device
 extents on the same device for DUP).

 The result here is that 800MiB < 1578MiB, so it's unchanged. However,
 the resulting DUP chunk will need 1600MiB disk space, which isn't there,
 and the second dev_extent might extend into the next thing (next
 dev_extent? end of device?) for 22MiB.

 The last shown line of code relies on a situation where there's twice
 the value of stripe_size present as value for the variable stripe_size
 when it's DUP. This was actually the case before commit 92e222df7b
 "btrfs: alloc_chunk: fix DUP stripe size handling", from which I quote:
   "[...] in the meantime there's a check to see if the stripe_size does
 not exceed max_chunk_size. Since during this check stripe_size is twice
 the amount as intended, the check will reduce the stripe_size to
 max_chunk_size if the actual correct to be used stripe_size is more than
 half the amount of max_chunk_size."

 In the previous version of the code, the 16MiB alignment (why is this
 done, by the way?) would result in a 50% chance that it would actually
 do an 8MiB alignment for the individual dev_extents, since it was
 operating on double the size. Does this matter?

 Does it matter that stripe_size can be set to anything which is not
 16MiB aligned because of the amount of remaining available disk space
 which is just taken?

 What is the main purpose of this round_up?

 The most straightforward thing to do seems something like...
   stripe_size = min(
       div_u64(devices_info[ndevs - 1].max_avail, dev_stripes),
       stripe_size
   )
 ..just putting half of the max_avail into stripe_size."

Link: https://lore.kernel.org/linux-btrfs/b3461a38-e5f8-f41d-c67c-2efac8129054@mendix.com/
Reported-by: Hans van Kranenburg <hans.van.kranenburg@mendix.com>
Signed-off-by: Qu Wenruo <wqu@suse.com>
[ add analysis from report ]
Signed-off-by: David Sterba <dsterba@suse.com>
6 years agobtrfs: Refactor find_free_extent loops update into find_free_extent_update_loop
Qu Wenruo [Fri, 2 Nov 2018 01:39:50 +0000 (09:39 +0800)]
btrfs: Refactor find_free_extent loops update into find_free_extent_update_loop

We have a complex loop design for find_free_extent(), that has different
behavior for each loop, some even includes new chunk allocation.

Instead of putting such a long code into find_free_extent() and makes it
harder to read, just extract them into find_free_extent_update_loop().

With all the cleanups, the main find_free_extent() should be pretty
barebone:

find_free_extent()
|- Iterate through all block groups
|  |- Get a valid block group
|  |- Try to do clustered allocation in that block group
|  |- Try to do unclustered allocation in that block group
|  |- Check if the result is valid
|  |  |- If valid, then exit
|  |- Jump to next block group
|
|- Push harder to find free extents
   |- If not found, re-iterate all block groups

Signed-off-by: Qu Wenruo <wqu@suse.com>
Reviewed-by: Su Yue <suy.fnst@cn.fujitsu.com>
[ copy callchain from changelog to function comment ]
Signed-off-by: David Sterba <dsterba@suse.com>
6 years agobtrfs: Refactor unclustered extent allocation into find_free_extent_unclustered()
Qu Wenruo [Fri, 2 Nov 2018 01:39:49 +0000 (09:39 +0800)]
btrfs: Refactor unclustered extent allocation into find_free_extent_unclustered()

This patch will extract unclsutered extent allocation code into
find_free_extent_unclustered().

And this helper function will use return value to indicate what to do
next.

This should make find_free_extent() a little easier to read.

Signed-off-by: Qu Wenruo <wqu@suse.com>
Reviewed-by: Su Yue <suy.fnst@cn.fujitsu.com>
Reviewed-by: Josef Bacik <josef@toxicpanda.com>
[Update merge conflict with fb5c39d7a887 ("btrfs: don't use ctl->free_space for max_extent_size")]
Reviewed-by: David Sterba <dsterba@suse.com>
Signed-off-by: David Sterba <dsterba@suse.com>
6 years agobtrfs: Refactor clustered extent allocation into find_free_extent_clustered
Qu Wenruo [Fri, 2 Nov 2018 01:39:48 +0000 (09:39 +0800)]
btrfs: Refactor clustered extent allocation into find_free_extent_clustered

We have two main methods to find free extents inside a block group:

1) clustered allocation
2) unclustered allocation

This patch will extract the clustered allocation into
find_free_extent_clustered() to make it a little easier to read.

Instead of jumping between different labels in find_free_extent(), the
helper function will use return value to indicate different behavior.

Signed-off-by: Qu Wenruo <wqu@suse.com>
Reviewed-by: Su Yue <suy.fnst@cn.fujitsu.com>
Reviewed-by: Josef Bacik <josef@toxicpanda.com>
Signed-off-by: David Sterba <dsterba@suse.com>
6 years agobtrfs: Introduce find_free_extent_ctl structure for later rework
Qu Wenruo [Fri, 2 Nov 2018 01:39:47 +0000 (09:39 +0800)]
btrfs: Introduce find_free_extent_ctl structure for later rework

Instead of tons of different local variables in find_free_extent(),
extract them into find_free_extent_ctl structure, and add better
explanation for them.

Some modification may looks redundant, but will later greatly simplify
function parameter list during find_free_extent() refactor.

Also add two comments to co-operate with fb5c39d7a887 ("btrfs: don't use
ctl->free_space for max_extent_size"), to make ffe_ctl->max_extent_size
update more reader-friendly.

Signed-off-by: Qu Wenruo <wqu@suse.com>
Reviewed-by: Su Yue <suy.fnst@cn.fujitsu.com>
Reviewed-by: Josef Bacik <josef@toxicpanda.com>
Reviewed-by: David Sterba <dsterba@suse.com>
Signed-off-by: David Sterba <dsterba@suse.com>
6 years agobtrfs: extent-tree: Detect bytes_pinned underflow earlier
Lu Fengqi [Wed, 24 Oct 2018 12:24:02 +0000 (20:24 +0800)]
btrfs: extent-tree: Detect bytes_pinned underflow earlier

Introduce a new wrapper update_bytes_pinned to replace open coded
bytes_pinned modifiers. Now the underflows of space_info::bytes_pinned
get detected and reported.

Reviewed-by: Josef Bacik <josef@toxicpanda.com>
Signed-off-by: Lu Fengqi <lufq.fnst@cn.fujitsu.com>
Signed-off-by: David Sterba <dsterba@suse.com>
6 years agobtrfs: extent-tree: Detect bytes_may_use underflow earlier
Qu Wenruo [Wed, 24 Oct 2018 12:24:01 +0000 (20:24 +0800)]
btrfs: extent-tree: Detect bytes_may_use underflow earlier

Although we have space_info::bytes_may_use underflow detection in
btrfs_free_reserved_data_space_noquota(), we have more callers who are
subtracting number from space_info::bytes_may_use.

So instead of doing underflow detection for every caller, introduce a
new wrapper update_bytes_may_use() to replace open coded bytes_may_use
modifiers.

This also introduce a macro to declare more wrappers, but currently
space_info::bytes_may_use is the mostly interesting one.

Reviewed-by: Josef Bacik <josef@toxicpanda.com>
Signed-off-by: Qu Wenruo <wqu@suse.com>
Signed-off-by: Lu Fengqi <lufq.fnst@cn.fujitsu.com>
Signed-off-by: David Sterba <dsterba@suse.com>
6 years agoBtrfs: remove no longer used stuff for tracking pending ordered extents
Filipe Manana [Fri, 26 Oct 2018 16:15:21 +0000 (17:15 +0100)]
Btrfs: remove no longer used stuff for tracking pending ordered extents

Tracking pending ordered extents per transaction was introduced in commit
50d9aa99bd35 ("Btrfs: make sure logged extents complete in the current
transaction V3") and later updated in commit 161c3549b45a ("Btrfs: change
how we wait for pending ordered extents").

However now that on fsync we always wait for ordered extents to complete
before logging, done in commit 5636cf7d6dc8 ("btrfs: remove the logged
extents infrastructure"), we no longer need the stuff to track for pending
ordered extents, which was not completely removed in the mentioned commit.
So remove the remaining of the pending ordered extents infrastructure.

Reviewed-by: Liu Bo <bo.liu@linux.alibaba.com>
Signed-off-by: Filipe Manana <fdmanana@suse.com>
Signed-off-by: David Sterba <dsterba@suse.com>
6 years agoBtrfs: remove no longer used logged range variables when logging extents
Filipe Manana [Fri, 26 Oct 2018 20:26:40 +0000 (21:26 +0100)]
Btrfs: remove no longer used logged range variables when logging extents

The logged_start and logged_end variables, at btrfs_log_changed_extents,
were added in commit 8c6c592831a0 ("btrfs: log csums for all modified
extents"). However since the recent simplification for fsync, which makes
us wait for all ordered extents to complete before logging extents, we
no longer need those variables. Commit a2120a473a80 ("btrfs: clean up the
left over logged_list usage") forgot to remove them.

Reviewed-by: Nikolay Borisov <nborisov@suse.com>
Signed-off-by: Filipe Manana <fdmanana@suse.com>
Signed-off-by: David Sterba <dsterba@suse.com>
6 years agoLinux 4.20-rc7
Linus Torvalds [Sun, 16 Dec 2018 23:46:55 +0000 (15:46 -0800)]
Linux 4.20-rc7

6 years agoMerge branch 'akpm' (patches from Andrew)
Linus Torvalds [Fri, 14 Dec 2018 23:35:30 +0000 (15:35 -0800)]
Merge branch 'akpm' (patches from Andrew)

Merge misc fixes from Andrew Morton:
 "11 fixes"

* emailed patches from Andrew Morton <akpm@linux-foundation.org>:
  scripts/spdxcheck.py: always open files in binary mode
  checkstack.pl: fix for aarch64
  userfaultfd: check VM_MAYWRITE was set after verifying the uffd is registered
  fs/iomap.c: get/put the page in iomap_page_create/release()
  hugetlbfs: call VM_BUG_ON_PAGE earlier in free_huge_page()
  memblock: annotate memblock_is_reserved() with __init_memblock
  psi: fix reference to kernel commandline enable
  arch/sh/include/asm/io.h: provide prototypes for PCI I/O mapping in asm/io.h
  mm/sparse: add common helper to mark all memblocks present
  mm: introduce common STRUCT_PAGE_MAX_SHIFT define
  alpha: fix hang caused by the bootmem removal

6 years agoscripts/spdxcheck.py: always open files in binary mode
Thierry Reding [Fri, 14 Dec 2018 22:17:24 +0000 (14:17 -0800)]
scripts/spdxcheck.py: always open files in binary mode

The spdxcheck script currently falls over when confronted with a binary
file (such as Documentation/logo.gif).  To avoid that, always open files
in binary mode and decode line-by-line, ignoring encoding errors.

One tricky case is when piping data into the script and reading it from
standard input.  By default, standard input will be opened in text mode,
so we need to reopen it in binary mode.

The breakage only happens with python3 and results in a
UnicodeDecodeError (according to Uwe).

Link: http://lkml.kernel.org/r/20181212131210.28024-1-thierry.reding@gmail.com
Fixes: 6f4d29df66ac ("scripts/spdxcheck.py: make python3 compliant")
Signed-off-by: Thierry Reding <treding@nvidia.com>
Reviewed-by: Jeremy Cline <jcline@redhat.com>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Jonathan Corbet <corbet@lwn.net>
Cc: Joe Perches <joe@perches.com>
Cc: Uwe Kleine-König <u.kleine-koenig@pengutronix.de>
Cc: <stable@vger.kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
6 years agocheckstack.pl: fix for aarch64
Qian Cai [Fri, 14 Dec 2018 22:17:20 +0000 (14:17 -0800)]
checkstack.pl: fix for aarch64

There is actually a space after "sp," like this,

    ffff2000080813c8:       a9bb7bfd        stp     x29, x30, [sp, #-80]!

Right now, checkstack.pl isn't able to print anything on aarch64,
because it won't be able to match the stating objdump line of a function
due to this missing space.  Hence, it displays every stack as zero-size.

After this patch, checkpatch.pl is able to match the start of a
function's objdump, and is then able to calculate each function's stack
correctly.

Link: http://lkml.kernel.org/r/20181207195843.38528-1-cai@lca.pw
Signed-off-by: Qian Cai <cai@lca.pw>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
6 years agouserfaultfd: check VM_MAYWRITE was set after verifying the uffd is registered
Andrea Arcangeli [Fri, 14 Dec 2018 22:17:17 +0000 (14:17 -0800)]
userfaultfd: check VM_MAYWRITE was set after verifying the uffd is registered

Calling UFFDIO_UNREGISTER on virtual ranges not yet registered in uffd
could trigger an harmless false positive WARN_ON.  Check the vma is
already registered before checking VM_MAYWRITE to shut off the false
positive warning.

Link: http://lkml.kernel.org/r/20181206212028.18726-2-aarcange@redhat.com
Cc: <stable@vger.kernel.org>
Fixes: 29ec90660d68 ("userfaultfd: shmem/hugetlbfs: only allow to register VM_MAYWRITE vmas")
Signed-off-by: Andrea Arcangeli <aarcange@redhat.com>
Reported-by: syzbot+06c7092e7d71218a2c16@syzkaller.appspotmail.com
Acked-by: Mike Rapoport <rppt@linux.ibm.com>
Acked-by: Hugh Dickins <hughd@google.com>
Acked-by: Peter Xu <peterx@redhat.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
6 years agofs/iomap.c: get/put the page in iomap_page_create/release()
Piotr Jaroszynski [Fri, 14 Dec 2018 22:17:14 +0000 (14:17 -0800)]
fs/iomap.c: get/put the page in iomap_page_create/release()

migrate_page_move_mapping() expects pages with private data set to have
a page_count elevated by 1.  This is what used to happen for xfs through
the buffer_heads code before the switch to iomap in commit 82cb14175e7d
("xfs: add support for sub-pagesize writeback without buffer_heads").
Not having the count elevated causes move_pages() to fail on memory
mapped files coming from xfs.

Make iomap compatible with the migrate_page_move_mapping() assumption by
elevating the page count as part of iomap_page_create() and lowering it
in iomap_page_release().

It causes the move_pages() syscall to misbehave on memory mapped files
from xfs.  It does not not move any pages, which I suppose is "just" a
perf issue, but it also ends up returning a positive number which is out
of spec for the syscall.  Talking to Michal Hocko, it sounds like
returning positive numbers might be a necessary update to move_pages()
anyway though
(https://lkml.kernel.org/r/20181116114955.GJ14706@dhcp22.suse.cz).

I only hit this in tests that verify that move_pages() actually moved
the pages.  The test also got confused by the positive return from
move_pages() (it got treated as a success as positive numbers were not
expected and not handled) making it a bit harder to track down what's
going on.

Link: http://lkml.kernel.org/r/20181115184140.1388751-1-pjaroszynski@nvidia.com
Fixes: 82cb14175e7d ("xfs: add support for sub-pagesize writeback without buffer_heads")
Signed-off-by: Piotr Jaroszynski <pjaroszynski@nvidia.com>
Reviewed-by: Christoph Hellwig <hch@lst.de>
Cc: William Kucharski <william.kucharski@oracle.com>
Cc: Darrick J. Wong <darrick.wong@oracle.com>
Cc: Brian Foster <bfoster@redhat.com>
Cc: <stable@vger.kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
6 years agohugetlbfs: call VM_BUG_ON_PAGE earlier in free_huge_page()
Yongkai Wu [Fri, 14 Dec 2018 22:17:10 +0000 (14:17 -0800)]
hugetlbfs: call VM_BUG_ON_PAGE earlier in free_huge_page()

A stack trace was triggered by VM_BUG_ON_PAGE(page_mapcount(page), page)
in free_huge_page().  Unfortunately, the page->mapping field was set to
NULL before this test.  This made it more difficult to determine the
root cause of the problem.

Move the VM_BUG_ON_PAGE tests earlier in the function so that if they do
trigger more information is present in the page struct.

Link: http://lkml.kernel.org/r/1543491843-23438-1-git-send-email-nic_w@163.com
Signed-off-by: Yongkai Wu <nic_w@163.com>
Acked-by: Michal Hocko <mhocko@suse.com>
Acked-by: Mike Kravetz <mike.kravetz@oracle.com>
Reviewed-by: William Kucharski <william.kucharski@oracle.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
6 years agomemblock: annotate memblock_is_reserved() with __init_memblock
Yueyi Li [Fri, 14 Dec 2018 22:17:06 +0000 (14:17 -0800)]
memblock: annotate memblock_is_reserved() with __init_memblock

Found warning:

  WARNING: EXPORT symbol "gsi_write_channel_scratch" [vmlinux] version generation failed, symbol will not be versioned.
  WARNING: vmlinux.o(.text+0x1e0a0): Section mismatch in reference from the function valid_phys_addr_range() to the function .init.text:memblock_is_reserved()
  The function valid_phys_addr_range() references
  the function __init memblock_is_reserved().
  This is often because valid_phys_addr_range lacks a __init
  annotation or the annotation of memblock_is_reserved is wrong.

Use __init_memblock instead of __init.

Link: http://lkml.kernel.org/r/BLUPR13MB02893411BF12EACB61888E80DFAE0@BLUPR13MB0289.namprd13.prod.outlook.com
Signed-off-by: Yueyi Li <liyueyi@live.com>
Acked-by: Michal Hocko <mhocko@suse.com>
Reviewed-by: David Hildenbrand <david@redhat.com>
Acked-by: Mike Rapoport <rppt@linux.ibm.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
6 years agopsi: fix reference to kernel commandline enable
Baruch Siach [Fri, 14 Dec 2018 22:17:03 +0000 (14:17 -0800)]
psi: fix reference to kernel commandline enable

The kernel commandline parameter named in CONFIG_PSI_DEFAULT_DISABLED
help text contradicts the documentation in kernel-parameters.txt, and
the code.  Fix that.

Link: http://lkml.kernel.org/r/20181203213416.GA12627@cmpxchg.org
Fixes: e0c274472d ("psi: make disabling/enabling easier for vendor kernels")
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Acked-by: Johannes Weiner <hannes@cmpxchg.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
6 years agoarch/sh/include/asm/io.h: provide prototypes for PCI I/O mapping in asm/io.h
Mark Brown [Fri, 14 Dec 2018 22:17:00 +0000 (14:17 -0800)]
arch/sh/include/asm/io.h: provide prototypes for PCI I/O mapping in asm/io.h

Most architectures provide prototypes for the PCI I/O mapping operations
when asm/io.h is included but SH doesn't currently do that, leading to
for example warnings in sound/pci/hda/patch_ca0132.c when pci_iomap() is
used on current -next.  Make SH more consistent with other architectures
by including asm-generic/pci_iomap.h in asm/io.h.

Link: http://lkml.kernel.org/r/20181106175142.27988-1-broonie@kernel.org
Signed-off-by: Mark Brown <broonie@kernel.org>
Reported-by: kbuild test robot <lkp@intel.com>
Cc: Geert Uytterhoeven <geert@linux-m68k.org>
Cc: Yoshinori Sato <ysato@users.sourceforge.jp>
Cc: Rich Felker <dalias@libc.org>
Cc: Arnd Bergmann <arnd@arndb.de>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
6 years agomm/sparse: add common helper to mark all memblocks present
Logan Gunthorpe [Fri, 14 Dec 2018 22:16:57 +0000 (14:16 -0800)]
mm/sparse: add common helper to mark all memblocks present

Presently the arches arm64, arm and sh have a function which loops
through each memblock and calls memory present.  riscv will require a
similar function.

Introduce a common memblocks_present() function that can be used by all
the arches.  Subsequent patches will cleanup the arches that make use of
this.

Link: http://lkml.kernel.org/r/20181107205433.3875-3-logang@deltatee.com
Signed-off-by: Logan Gunthorpe <logang@deltatee.com>
Acked-by: Andrew Morton <akpm@linux-foundation.org>
Cc: Michal Hocko <mhocko@suse.com>
Cc: Vlastimil Babka <vbabka@suse.cz>
Cc: Oscar Salvador <osalvador@suse.de>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
6 years agomm: introduce common STRUCT_PAGE_MAX_SHIFT define
Logan Gunthorpe [Fri, 14 Dec 2018 22:16:53 +0000 (14:16 -0800)]
mm: introduce common STRUCT_PAGE_MAX_SHIFT define

This define is used by arm64 to calculate the size of the vmemmap
region.  It is defined as the log2 of the upper bound on the size of a
struct page.

We move it into mm_types.h so it can be defined properly instead of set
and checked with a build bug.  This also allows us to use the same
define for riscv.

Link: http://lkml.kernel.org/r/20181107205433.3875-2-logang@deltatee.com
Signed-off-by: Logan Gunthorpe <logang@deltatee.com>
Acked-by: Will Deacon <will.deacon@arm.com>
Acked-by: Andrew Morton <akpm@linux-foundation.org>
Acked-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Acked-by: Catalin Marinas <catalin.marinas@arm.com>
Cc: Arnd Bergmann <arnd@arndb.de>
Cc: Christoph Hellwig <hch@lst.de>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
6 years agoalpha: fix hang caused by the bootmem removal
Mike Rapoport [Fri, 14 Dec 2018 22:16:50 +0000 (14:16 -0800)]
alpha: fix hang caused by the bootmem removal

The conversion of alpha to memblock as the early memory manager caused
boot to hang as described at [1].

The issue is caused because for CONFIG_DISCTONTIGMEM=y case,
memblock_add() is called using memory start PFN that had been rounded
down to the nearest 8Mb and it caused memblock to see more memory that
is actually present in the system.

Besides, memblock allocates memory from high addresses while bootmem was
using low memory, which broke the assumption that early allocations are
always accessible by the hardware.

This patch ensures that memblock_add() is using the correct PFN for the
memory start and forces memblock to use bottom-up allocations.

[1] https://lkml.org/lkml/2018/11/22/1032

Link: http://lkml.kernel.org/r/1543233216-25833-1-git-send-email-rppt@linux.ibm.com
Reported-by: Meelis Roos <mroos@linux.ee>
Signed-off-by: Mike Rapoport <rppt@linux.ibm.com>
Tested-by: Meelis Roos <mroos@linux.ee>
Cc: Richard Henderson <rth@twiddle.net>
Cc: Ivan Kokshaysky <ink@jurassic.park.msu.ru>
Cc: Matt Turner <mattst88@gmail.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
6 years agoMerge tag 'for-linus-20181214' of git://git.kernel.dk/linux-block
Linus Torvalds [Fri, 14 Dec 2018 20:18:30 +0000 (12:18 -0800)]
Merge tag 'for-linus-20181214' of git://git.kernel.dk/linux-block

Pull block fixes from Jens Axboe:
 "Three small fixes for this week. contains:

   - spectre indexing fix for aio (Jeff)

   - fix for the previous zeroing bio fix, we don't need it for user
     mapped pages, and in fact it breaks some applications if we do
     (Keith)

   - allocation failure fix for null_blk with zoned (Shin'ichiro)"

* tag 'for-linus-20181214' of git://git.kernel.dk/linux-block:
  block: Fix null_blk_zoned creation failure with small number of zones
  aio: fix spectre gadget in lookup_ioctx
  block/bio: Do not zero user pages

6 years agoMerge tag 'clk-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git...
Linus Torvalds [Fri, 14 Dec 2018 20:14:41 +0000 (12:14 -0800)]
Merge tag 'clk-fixes-for-linus' of git://git./linux/kernel/git/clk/linux

Pull clk fix from Stephen Boyd:
 "One fix for the qcom QCS404 clk driver that was merged for this
  release.

  It specified the wrong parent for a PLL so a part of the clk tree
  wasn't rooted correctly. This fixes it by using the right name"

* tag 'clk-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/clk/linux:
  clk: qcom: qcs404: Fix gpll0_out_main parent

6 years agoMerge tag 'arm64-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux
Linus Torvalds [Fri, 14 Dec 2018 17:36:41 +0000 (09:36 -0800)]
Merge tag 'arm64-fixes' of git://git./linux/kernel/git/arm64/linux

Pull arm64 fix from Catalin Marinas:
 "Invalidate the caches before clearing the DMA buffer via the
  non-cacheable alias in the FORCE_CONTIGUOUS case"

* tag 'arm64-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux:
  arm64: dma-mapping: Fix FORCE_CONTIGUOUS buffer clearing

6 years agoMerge tag 'powerpc-4.20-4' of git://git.kernel.org/pub/scm/linux/kernel/git/powerpc...
Linus Torvalds [Fri, 14 Dec 2018 17:33:34 +0000 (09:33 -0800)]
Merge tag 'powerpc-4.20-4' of git://git./linux/kernel/git/powerpc/linux

Pull powerpc fixes from Michael Ellerman:
 "One notable fix for our change to split pt_regs between user/kernel,
  we forgot to update BPF to use the user-visible type which was an ABI
  break for BPF programs.

  A slightly ugly but minimal fix to do_syscall_trace_enter() so that we
  use tracehook_report_syscall_entry() properly. We'll rework the code
  in next to avoid the empty if body.

  Seven commits fixing bugs in the new papr_scm (Storage Class Memory)
  driver. The driver was finally able to be tested on the other
  hypervisor which exposed several bugs. The fixes are all fairly
  minimal at least.

  Fix a crash in our MSI code if an MSI-capable device is plugged into a
  non-MSI capable PHB, only seen on older hardware (MPC8378).

  Fix our legacy serial code to look for "stdout-path" since the device
  trees were updated to use that instead of "linux,stdout-path".

  A change to the COFF zImage code to fix booting old powermacs.

  A couple of minor build fixes.

  Thanks to: Benjamin Herrenschmidt, Daniel Axtens, Dmitry V. Levin,
  Elvira Khabirova, Oliver O'Halloran, Paul Mackerras, Radu Rendec, Rob
  Herring, Sandipan Das"

* tag 'powerpc-4.20-4' of git://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux:
  powerpc/ptrace: replace ptrace_report_syscall() with a tracehook call
  powerpc/mm: Fallback to RAM if the altmap is unusable
  powerpc/papr_scm: Use ibm,unit-guid as the iset cookie
  powerpc/papr_scm: Fix DIMM device registration race
  powerpc/papr_scm: Remove endian conversions
  powerpc/papr_scm: Update DT properties
  powerpc/papr_scm: Fix resource end address
  powerpc/papr_scm: Use depend instead of select
  powerpc/bpf: Fix broken uapi for BPF_PROG_TYPE_PERF_EVENT
  powerpc/boot: Fix build failures with -j 1
  powerpc: Look for "stdout-path" when setting up legacy consoles
  powerpc/msi: Fix NULL pointer access in teardown code
  powerpc/mm: Fix linux page tables build with some configs
  powerpc: Fix COFF zImage booting on old powermacs

6 years agoMerge tag 'ceph-for-4.20-rc7' of https://github.com/ceph/ceph-client
Linus Torvalds [Fri, 14 Dec 2018 17:22:14 +0000 (09:22 -0800)]
Merge tag 'ceph-for-4.20-rc7' of https://github.com/ceph/ceph-client

Pull ceph fix from Ilya Dryomov:
 "Luis discovered a problem with the new copyfrom offload on the server
  side. Disable it for now"

* tag 'ceph-for-4.20-rc7' of https://github.com/ceph/ceph-client:
  ceph: make 'nocopyfrom' a default mount option

6 years agoMerge tag 'pinctrl-v4.20-3' of git://git.kernel.org/pub/scm/linux/kernel/git/linusw...
Linus Torvalds [Fri, 14 Dec 2018 17:17:17 +0000 (09:17 -0800)]
Merge tag 'pinctrl-v4.20-3' of git://git./linux/kernel/git/linusw/linux-pinctrl

Pull pin control fixes from Linus Walleij:
 "Three pin control fixes for the v4.20 series. Just odd drivers, so
  nothing particularly interesting:

   - Set the tile property on Qualcomm SDM60.

   - Fix up enable register calculation for the Meson

   - Fix an IRQ offset on the Sunxi (Allwinner)"

* tag 'pinctrl-v4.20-3' of git://git.kernel.org/pub/scm/linux/kernel/git/linusw/linux-pinctrl:
  pinctrl: sunxi: a83t: Fix IRQ offset typo for PH11
  pinctrl: meson: fix pull enable register calculation
  pinctrl: sdm660: Set tile property for pingroups

6 years agoMerge tag 'drm-fixes-2018-12-14' of git://anongit.freedesktop.org/drm/drm
Linus Torvalds [Fri, 14 Dec 2018 17:12:02 +0000 (09:12 -0800)]
Merge tag 'drm-fixes-2018-12-14' of git://anongit.freedesktop.org/drm/drm

Pull drm fixes from Dave Airlie:
 "While I hoped things would calm down, the world hasn't joined with me,
  but it's a few things scattered over a wide area. The i915 workarounds
  regression fix is probably the largest, the rest are more usual sized.
  We also get some new AMD PCI IDs.

  There is also a patch in here to MAINTAINERS to added Daniel as an
  official DRM toplevel co-maintainer, he's decided he wants to step up
  and share the glory, and he'll likely process next weeks fixes while
  I'm away on holidays.

  Summary:

  amdgpu:

   - some new PCI IDs

   - fixed firmware image updates

   - power management fixes

   - locking warning fix

  nouveau:

   - framebuffer flushing fix

   - memory leak fix

   - tegra device init regression fix

  vmwgfx:

   - OOM kernel memory fix

   - excess return in function fix

  i915:

   - the biggest fix is a regression fix where workarounds weren't
     getting reapplied after a gpu hang causing further crashing, this
     fixes the workaround application to make it happen again

   - GPU hang fixes for Braswell and some GEN3 GPUs

   - GVT fix for broadwell tiling

  rockchip:

   - revert to fix a regression causing a WARN on shutdown

  mediatek:

   - avoid crash attaching to non-existant bridges"

* tag 'drm-fixes-2018-12-14' of git://anongit.freedesktop.org/drm/drm: (23 commits)
  drm/vmwgfx: Protect from excessive execbuf kernel memory allocations v3
  MAINTAINERS: Daniel for drm co-maintainer
  drm/amdgpu: drop fclk/gfxclk ratio setting
  drm/vmwgfx: remove redundant return ret statement
  drm/i915: Flush GPU relocs harder for gen3
  drm/i915: Allocate a common scratch page
  drm/i915/execlists: Apply a full mb before execution for Braswell
  drm/nouveau/kms: Fix memory leak in nv50_mstm_del()
  drm/nouveau/kms/nv50-: also flush fb writes when rewinding push buffer
  drm/amdgpu: Fix DEBUG_LOCKS_WARN_ON(depth <= 0) in amdgpu_ctx.lock
  Revert "drm/rockchip: Allow driver to be shutdown on reboot/kexec"
  drm/nouveau/drm/nouveau: tegra: Call nouveau_drm_device_init()
  drm/amdgpu/powerplay: Apply avfs cks-off voltages on VI
  drm/amdgpu: update SMC firmware image for polaris10 variants
  drm/amdkfd: add new vega20 pci id
  drm/amdkfd: add new vega10 pci ids
  drm/amdgpu: add some additional vega20 pci ids
  drm/amdgpu: add some additional vega10 pci ids
  drm/amdgpu: update smu firmware images for VI variants (v2)
  drm/i915: Introduce per-engine workarounds
  ...

6 years agoMerge tag 'xarray-4.20-rc7' of git://git.infradead.org/users/willy/linux-dax
Linus Torvalds [Fri, 14 Dec 2018 00:35:58 +0000 (16:35 -0800)]
Merge tag 'xarray-4.20-rc7' of git://git.infradead.org/users/willy/linux-dax

Pull XArray fixes from Matthew Wilcox:
 "Two bugfixes, each with test-suite updates, two improvements to the
  test-suite without associated bugs, and one patch adding a missing
  API"

* tag 'xarray-4.20-rc7' of git://git.infradead.org/users/willy/linux-dax:
  XArray: Fix xa_alloc when id exceeds max
  XArray tests: Check iterating over multiorder entries
  XArray tests: Handle larger indices more elegantly
  XArray: Add xa_cmpxchg_irq and xa_cmpxchg_bh
  radix tree: Don't return retry entries from lookup

6 years agoMerge tag 'linux-kselftest-4.20-rc7' of git://git.kernel.org/pub/scm/linux/kernel...
Linus Torvalds [Thu, 13 Dec 2018 20:57:21 +0000 (12:57 -0800)]
Merge tag 'linux-kselftest-4.20-rc7' of git://git./linux/kernel/git/shuah/linux-kselftest

Pull Kselftest fix from Shuah Khan:
 "A single fix for a seccomp test from Kees Cook."

* tag 'linux-kselftest-4.20-rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/shuah/linux-kselftest:
  selftests/seccomp: Remove SIGSTOP si_pid check

6 years agoMerge branch 'fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/evalenti/linux...
Linus Torvalds [Thu, 13 Dec 2018 20:02:41 +0000 (12:02 -0800)]
Merge branch 'fixes' of git://git./linux/kernel/git/evalenti/linux-soc-thermal

Pull thermal fixes from Eduardo Valentin:
 "Fixes for STM and HISI thermal drivers"

* 'fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/evalenti/linux-soc-thermal:
  thermal: stm32: Fix stm_thermal_read_factory_settings
  thermal: stm32: read factory settings inside stm_thermal_prepare
  thermal/drivers/hisi: Fix number of sensors on hi3660
  thermal/drivers/hisi: Fix wrong platform_get_irq_byname()

6 years agoMerge branch 'vmwgfx-fixes-4.20' of git://people.freedesktop.org/~thomash/linux into...
Dave Airlie [Thu, 13 Dec 2018 19:19:25 +0000 (05:19 +1000)]
Merge branch 'vmwgfx-fixes-4.20' of git://people.freedesktop.org/~thomash/linux into drm-fixes

One regression fix for avoiding kernel OOM, one cleanup return fix.

Signed-off-by: Dave Airlie <airlied@redhat.com>
From: Thomas Hellstrom <thellstrom@vmware.com>
Link: https://patchwork.freedesktop.org/patch/msgid/20181213122815.10581-1-thellstrom@vmware.com
6 years agoXArray: Fix xa_alloc when id exceeds max
Matthew Wilcox [Thu, 13 Dec 2018 18:57:42 +0000 (13:57 -0500)]
XArray: Fix xa_alloc when id exceeds max

Specifying a starting ID greater than the maximum ID isn't something
attempted very often, but it should fail.  It was succeeding due to
xas_find_marked() returning the wrong error state, so add tests for
both xa_alloc() and xas_find_marked().

Fixes: b803b42823d0 ("xarray: Add XArray iterators")
Signed-off-by: Matthew Wilcox <willy@infradead.org>
6 years agoMerge tag 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/rdma/rdma
Linus Torvalds [Thu, 13 Dec 2018 19:02:23 +0000 (11:02 -0800)]
Merge tag 'for-linus' of git://git./linux/kernel/git/rdma/rdma

Pull rdma fixes from Doug Ledford:
 "We have 5 small fixes for this pull request. One is a performance
  regression, so not necessarily strictly a fix, but it was small and
  reasonable and claimed to avoid thrashing in the scheduler, so I took
  it. The remaining are all legitimate fixes that match the "we take
  fixes any time" criteria.

  Summary:

   - One performance regression for hfi1

   - One kasan fix for hfi1

   - A couple mlx5 fixes

   - A core oops fix"

* tag 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/rdma/rdma:
  IB/core: Fix oops in netdev_next_upper_dev_rcu()
  IB/mlx5: Block DEVX umem from the non applicable cases
  IB/mlx5: Fix implicit ODP interrupted page fault
  IB/hfi1: Fix an out-of-bounds access in get_hw_stats
  IB/hfi1: Fix a latency issue for small messages

6 years agoMerge tag 'mmc-v4.20-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/ulfh/mmc
Linus Torvalds [Thu, 13 Dec 2018 18:59:02 +0000 (10:59 -0800)]
Merge tag 'mmc-v4.20-rc5' of git://git./linux/kernel/git/ulfh/mmc

Pull mmc fixes from Ulf Hansson:
 "MMC core:
   - Fixup RPMB requests to use mrq->sbc when sending CMD23

  MMC host:
   - omap: Fix broken MMC/SD on OMAP15XX/OMAP5910/OMAP310

   - sdhci-omap: Fix DCRC error handling during tuning

   - sdhci: Fixup the timeout check window for clock and reset"

* tag 'mmc-v4.20-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/ulfh/mmc:
  mmc: sdhci: fix the timeout check window for clock and reset
  mmc: sdhci-omap: Fix DCRC error handling during tuning
  MMC: OMAP: fix broken MMC on OMAP15XX/OMAP5910/OMAP310
  mmc: core: use mrq->sbc when sending CMD23 for RPMB

6 years agoMerge tag 'sound-4.20-rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai...
Linus Torvalds [Thu, 13 Dec 2018 18:54:13 +0000 (10:54 -0800)]
Merge tag 'sound-4.20-rc7' of git://git./linux/kernel/git/tiwai/sound

Pull sound fixes from Takashi Iwai:
 "Only usual suspects here: a few more fixups for Realtek HD-audio on
  various PCs, including a regression fix in the previous fix for Lenovo
  X1 Carbon, as well as a typo fix in the recent Fireface patch"

* tag 'sound-4.20-rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound:
  ALSA: hda/realtek: Enable audio jacks of ASUS UX433FN/UX333FA with ALC294
  ALSA: hda/realtek: Enable audio jacks of ASUS UX533FD with ALC294
  ALSA: hda/realtek: ALC294 mic and headset-mode fixups for ASUS X542UN
  ALSA: fireface: fix reference to wrong register for clock configuration
  ALSA: hda/realtek - Fix the mute LED regresion on Lenovo X1 Carbon
  ALSA: hda/realtek - Fixed headphone issue for ALC700

6 years agodrm/vmwgfx: Protect from excessive execbuf kernel memory allocations v3
Thomas Hellstrom [Wed, 12 Dec 2018 10:52:08 +0000 (11:52 +0100)]
drm/vmwgfx: Protect from excessive execbuf kernel memory allocations v3

With the new validation code, a malicious user-space app could
potentially submit command streams with enough buffer-object and resource
references in them to have the resulting allocated validion nodes and
relocations make the kernel run out of GFP_KERNEL memory.

Protect from this by having the validation code reserve TTM graphics
memory when allocating.

Signed-off-by: Thomas Hellstrom <thellstrom@vmware.com>
Reviewed-by: Deepak Rawat <drawat@vmware.com>
---
v2: Removed leftover debug printouts

6 years agoMerge tag 'for-4.20/dm-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/device...
Linus Torvalds [Thu, 13 Dec 2018 02:29:24 +0000 (18:29 -0800)]
Merge tag 'for-4.20/dm-fixes' of git://git./linux/kernel/git/device-mapper/linux-dm

Pull device mapper fixes from Mike Snitzer:

 - Fix DM cache metadata to verify that a cache has block before trying
   to continue with operation that requires them.

 - Fix bio-based DM core's dm_make_request() to properly impose device
   limits on individual bios by making use of blk_queue_split().

 - Fix long-standing race with how DM thinp notified userspace of
   thin-pool mode state changes before they were actually made.

 - Fix the zoned target's bio completion handling; this is a fairly
   invassive fix at this stage but it is localized to the zoned target.
   Any zoned target users will benefit from this fix.

* tag 'for-4.20/dm-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/device-mapper/linux-dm:
  dm thin: bump target version
  dm thin: send event about thin-pool state change _after_ making it
  dm zoned: Fix target BIO completion handling
  dm: call blk_queue_split() to impose device limits on bios
  dm cache metadata: verify cache has blocks in blocks_are_clean_separate_dirty()

6 years agoMerge tag 'media/v4.20-5' of git://git.kernel.org/pub/scm/linux/kernel/git/mchehab...
Linus Torvalds [Thu, 13 Dec 2018 02:24:32 +0000 (18:24 -0800)]
Merge tag 'media/v4.20-5' of git://git./linux/kernel/git/mchehab/linux-media

Pull media fixes from Mauro Carvalho Chehab:

 - one regression at vsp1 driver

 - some last time changes for the upcoming request API logic and for
   stateless codec support. As the stateless codec "cedrus" driver is at
   staging, don't apply the MPEG controls as part of the main V4L2 API,
   as those may not be ready for production yet.

* tag 'media/v4.20-5' of git://git.kernel.org/pub/scm/linux/kernel/git/mchehab/linux-media:
  media: Add a Kconfig option for the Request API
  media: extended-controls.rst: add note to the MPEG2 state controls
  media: mpeg2-ctrls.h: move MPEG2 state controls to non-public header
  media: vicodec: set state resolution from raw format
  media: vivid: drop v4l2_ctrl_request_complete() from start_streaming
  media: vb2: don't unbind/put the object when going to state QUEUED
  media: vb2: keep a reference to the request until dqbuf
  media: vb2: skip request checks for VIDIOC_PREPARE_BUF
  media: vb2: don't call __vb2_queue_cancel if vb2_start_streaming failed
  media: cedrus: Fix a NULL vs IS_ERR() check
  media: vsp1: Fix LIF buffer thresholds

6 years agoMerge tag 'ovl-fixes-4.20-rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/mszer...
Linus Torvalds [Thu, 13 Dec 2018 02:19:44 +0000 (18:19 -0800)]
Merge tag 'ovl-fixes-4.20-rc7' of git://git./linux/kernel/git/mszeredi/vfs

Pull overlayfs fixes from Miklos Szeredi:
 "Needed to revert a patch, because it possibly introduces a security
  hole. Since the patch is basically a conceptual cleanup, not a bug
  fix, it's safe to revert. I'm not giving up on this, and discussions
  seemed to have reached an agreement over how to move forward, but that
  can wait 'till the next release.

  The other two patches are fixes for bugs introduced in recent
  releases"

* tag 'ovl-fixes-4.20-rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/mszeredi/vfs:
  Revert "ovl: relax permission checking on underlying layers"
  ovl: fix decode of dir file handle with multi lower layers
  ovl: fix missing override creds in link of a metacopy upper

6 years agoMerge tag 'fuse-fixes-4.20-rc7' of git://git.kernel.org/pub/scm/linux/kernel/git...
Linus Torvalds [Thu, 13 Dec 2018 02:17:35 +0000 (18:17 -0800)]
Merge tag 'fuse-fixes-4.20-rc7' of git://git./linux/kernel/git/mszeredi/fuse

Pull fuse fixes from Miklos Szeredi:
 "There's one patch fixing a minor but long lived bug, the others are
  fixing regressions introduced in this cycle"

* tag 'fuse-fixes-4.20-rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/mszeredi/fuse:
  fuse: continue to send FUSE_RELEASEDIR when FUSE_OPEN returns ENOSYS
  fuse: Fix memory leak in fuse_dev_free()
  fuse: fix revalidation of attributes for permission check
  fuse: fix fsync on directory
  fuse: Add bad inode check in fuse_destroy_inode()

6 years agoMerge tag 'trace-v4.20-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/rostedt...
Linus Torvalds [Thu, 13 Dec 2018 02:15:29 +0000 (18:15 -0800)]
Merge tag 'trace-v4.20-rc6' of git://git./linux/kernel/git/rostedt/linux-trace

Pull tracing fixes from Steven Rostedt:
 "While running various ftrace tests on new development code, the
  kmemleak detector found some allocations that were not freed
  correctly.

  This fixes a couple of leaks in the event trigger code as well as in
  adding function trace filters in trace instances"

* tag 'trace-v4.20-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/rostedt/linux-trace:
  tracing: Fix memory leak of instance function hash filters
  tracing: Fix memory leak in set_trigger_filter()
  tracing: Fix memory leak in create_filter()

6 years agoMerge branch 'mediatek-drm-fixes-4.20' of https://github.com/ckhu-mediatek/linux...
Dave Airlie [Wed, 12 Dec 2018 23:55:05 +0000 (09:55 +1000)]
Merge branch 'mediatek-drm-fixes-4.20' of https://github.com/ckhu-mediatek/linux.git-tags into drm-fixes

Single bridge attachment fix.

Signed-off-by: Dave Airlie <airlied@redhat.com>
From: CK Hu <ck.hu@mediatek.com>
Link: https://patchwork.freedesktop.org/patch/msgid/1544407975.18825.3.camel@mtksdaap41
6 years agoMAINTAINERS: Daniel for drm co-maintainer
Daniel Vetter [Mon, 10 Dec 2018 10:30:01 +0000 (11:30 +0100)]
MAINTAINERS: Daniel for drm co-maintainer

lkml and Linus gained a CoC, and it's serious this time. Which means
my no 1 reason for declining to officially step up as drm maintainer
is gone, and I didn't find any new good excuse.

I chatted with a few people in private already, and the biggest
concern is that I mislay my community hat and start running around
with my intel hat only. Or some other convenient abuse of trust.

That's why this patch doesn't just need a lot of acks that mean "yeah
seems fine to me", but a lot of acks that mean "yeah we'll tell you
when you're over the line and usurp you from that comfy chair if you
don't get it". Which I think we've been done a fairly good job here at
dri-devel in general, but better to be clear.

Rough idea is that I'll do this for maybe 2-3 years, helping Dave
figure out a group model for drm overall. And getting the tooling and
infrastructure for that off the ground. Then step down again because
some other shiny thing that needs chasing. Of course as plans tend to
do, this one will probably pan out a bit different in reality.

Cc: David Airlie <airlied@linux.ie>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Daniel Vetter <daniel.vetter@intel.com>
Acked-by: Christian König <christian.koenig@amd.com>
Acked-by: Rodrigo Vivi <rodrigo.vivi@intel.com>
Acked-by: Alex Deucher <alexander.deucher@amd.com>
Acked-by: Eric Anholt <eric@anholt.net>
Acked-by: Gerd Hoffmann <kraxel@redhat.com>
Acked-by: Daniel Stone <daniels@collabora.com>
Signed-off-by: Daniel Vetter <daniel@ffwll.ch>
Acked-by: Neil Armstrong <narmstrong@baylibre.com>
Acked-by: Thierry Reding <treding@nvidia.com>
Acked-by: Thomas Hellstrom <thellstrom@vmware.com>
Acked-by: Sean Paul <sean@poorly.run>
Signed-off-by: Dave Airlie <airlied@redhat.com>
Link: https://patchwork.freedesktop.org/patch/msgid/20181210103001.30549-1-daniel.vetter@ffwll.ch
6 years agoMerge branch 'linux-4.20' of git://github.com/skeggsb/linux into drm-fixes
Dave Airlie [Wed, 12 Dec 2018 23:32:41 +0000 (09:32 +1000)]
Merge branch 'linux-4.20' of git://github.com/skeggsb/linux into drm-fixes

Three fixes:
tegra regression fix
display flushing fix
mst cleanup fix.

Signed-off-by: Dave Airlie <airlied@redhat.com>
From: Ben Skeggs <skeggsb@gmail.com>
Link: https://patchwork.freedesktop.org/patch/msgid/CACAvsv7WCPzjQZonk+eS1FgEUKirz-4LOrVpMUVMM=D-GjbVpg@mail.gmail.com
6 years agoMerge branch 'drm-fixes-4.20' of git://people.freedesktop.org/~agd5f/linux into drm...
Dave Airlie [Wed, 12 Dec 2018 23:24:18 +0000 (09:24 +1000)]
Merge branch 'drm-fixes-4.20' of git://people.freedesktop.org/~agd5f/linux into drm-fixes

Fixes for 4.20:
- Stability fixes for new polaris variants (e.g., RX590)
- New vega pci ids
- Vega20 smu fix
- Ctx locking fix

Signed-off-by: Dave Airlie <airlied@redhat.com>
From: Alex Deucher <alexdeucher@gmail.com>
Link: https://patchwork.freedesktop.org/patch/msgid/20181212203022.3054-1-alexander.deucher@amd.com
6 years agoMerge tag 'drm-misc-fixes-2018-12-12' of git://anongit.freedesktop.org/drm/drm-misc...
Dave Airlie [Wed, 12 Dec 2018 21:25:00 +0000 (07:25 +1000)]
Merge tag 'drm-misc-fixes-2018-12-12' of git://anongit.freedesktop.org/drm/drm-misc into drm-fixes

- rockchip: Revert change causing WARN on shutdown (Brian)

Cc: Brian Norris <briannorris@chromium.org>
Signed-off-by: Dave Airlie <airlied@redhat.com>
From: Sean Paul <sean@poorly.run>
Link: https://patchwork.freedesktop.org/patch/msgid/20181212204309.GA150523@art_vandelay
6 years agoMerge tag 'drm-intel-fixes-2018-12-12-1' of git://anongit.freedesktop.org/drm/drm...
Dave Airlie [Wed, 12 Dec 2018 21:22:47 +0000 (07:22 +1000)]
Merge tag 'drm-intel-fixes-2018-12-12-1' of git://anongit.freedesktop.org/drm/drm-intel into drm-fixes

- Two fixes to avoid GPU hangs (on Braswell and Gen3)

Signed-off-by: Dave Airlie <airlied@redhat.com>
From: Joonas Lahtinen <joonas.lahtinen@linux.intel.com>
Link: https://patchwork.freedesktop.org/patch/msgid/20181212134010.GA18900@jlahtine-desk.ger.corp.intel.com
6 years agoMerge tag 'drm-intel-fixes-2018-12-07' of git://anongit.freedesktop.org/drm/drm-intel...
Dave Airlie [Wed, 12 Dec 2018 21:21:29 +0000 (07:21 +1000)]
Merge tag 'drm-intel-fixes-2018-12-07' of git://anongit.freedesktop.org/drm/drm-intel into drm-fixes

- Fix for system crash after GPU hang (Bugzilla #107945)
- GVT fix for guest graphics corruption (https://github.com/intel/gvt-linux/issues/61)

Signed-off-by: Dave Airlie <airlied@redhat.com>
From: Joonas Lahtinen <joonas.lahtinen@linux.intel.com>
Link: https://patchwork.freedesktop.org/patch/msgid/20181207104352.GA18214@jlahtine-desk.ger.corp.intel.com
6 years agodrm/amdgpu: drop fclk/gfxclk ratio setting
Evan Quan [Wed, 12 Dec 2018 06:56:14 +0000 (14:56 +0800)]
drm/amdgpu: drop fclk/gfxclk ratio setting

Since this is not needed any more on the latest SMC firmware.

Signed-off-by: Evan Quan <evan.quan@amd.com>
Acked-by: Feifei Xu <Feifei.Xu@amd.com>
Signed-off-by: Alex Deucher <alexander.deucher@amd.com>
6 years agoIB/core: Fix oops in netdev_next_upper_dev_rcu()
Mark Zhang [Wed, 5 Dec 2018 13:50:49 +0000 (15:50 +0200)]
IB/core: Fix oops in netdev_next_upper_dev_rcu()

When support for bonding of RoCE devices was added, there was
necessarily a link between the RoCE device and the paired netdevice that
was part of the bond.  If you remove the mlx4_en module, that paired
association is broken (the RoCE device is still present but the paired
netdevice has been released).  We need to account for this in
is_upper_ndev_bond_master_filter() and filter out those links with a
broken pairing or else we later oops in netdev_next_upper_dev_rcu().

Fixes: 408f1242d940 ("IB/core: Delete lower netdevice default GID entries in bonding scenario")
Signed-off-by: Mark Zhang <markz@mellanox.com>
Reviewed-by: Parav Pandit <parav@mellanox.com>
Signed-off-by: Leon Romanovsky <leonro@mellanox.com>
Signed-off-by: Doug Ledford <dledford@redhat.com>
6 years agodm thin: bump target version
Mike Snitzer [Wed, 12 Dec 2018 14:39:54 +0000 (09:39 -0500)]
dm thin: bump target version

Decoupled version bump from commit f6c367585d0 ("dm thin: send event
about thin-pool state change _after_ making it") because version bumps
just create conflicts when backporting to the stable trees.

Signed-off-by: Mike Snitzer <snitzer@redhat.com>
6 years agodrm/vmwgfx: remove redundant return ret statement
Colin Ian King [Thu, 4 Oct 2018 17:49:53 +0000 (18:49 +0100)]
drm/vmwgfx: remove redundant return ret statement

The return statement is redundant as there is a return statement
immediately before it so we have dead code that can be removed.
Also remove the unused declaration of ret.

Detected by CoverityScan, CID#1473793 ("Structurally dead code")

Signed-off-by: Colin Ian King <colin.king@canonical.com>
Reviewed-by: Thomas Hellstrom <thellstrom@vmware.com>
Signed-off-by: Thomas Hellstrom <thellstrom@vmware.com>
6 years agodrm/i915: Flush GPU relocs harder for gen3
Chris Wilson [Fri, 7 Dec 2018 13:40:37 +0000 (13:40 +0000)]
drm/i915: Flush GPU relocs harder for gen3

Adding an extra MI_STORE_DWORD_IMM to the gpu relocation path for gen3
was good, but still not good enough. To survive 24+ hours under test we
needed to perform not one, not two but three extra store-dw. Doing so
for each GPU relocation was a little unsightly and since we need to
worry about userspace hitting the same issues, we should apply the dummy
store-dw into the EMIT_FLUSH.

Fixes: 7dd4f6729f92 ("drm/i915: Async GPU relocation processing")
References: 7fa28e146994 ("drm/i915: Write GPU relocs harder with gen3")
Testcase: igt/gem_tiled_fence_blits # blb/pnv
Signed-off-by: Chris Wilson <chris@chris-wilson.co.uk>
Cc: Joonas Lahtinen <joonas.lahtinen@linux.intel.com>
Reviewed-by: Joonas Lahtinen <joonas.lahtinen@linux.intel.com>
Link: https://patchwork.freedesktop.org/patch/msgid/20181207134037.11848-1-chris@chris-wilson.co.uk
(cherry picked from commit a889580c087a9cf91fddb3832ece284174214183)
Signed-off-by: Joonas Lahtinen <joonas.lahtinen@linux.intel.com>
6 years agodrm/i915: Allocate a common scratch page
Chris Wilson [Tue, 4 Dec 2018 14:15:16 +0000 (14:15 +0000)]
drm/i915: Allocate a common scratch page

Currently we allocate a scratch page for each engine, but since we only
ever write into it for post-sync operations, it is not exposed to
userspace nor do we care for coherency. As we then do not care about its
contents, we can use one page for all, reducing our allocations and
avoid complications by not assuming per-engine isolation.

For later use, it simplifies engine initialisation (by removing the
allocation that required struct_mutex!) and means that we can always rely
on there being a scratch page.

v2: Check that we allocated a large enough scratch for I830 w/a

Fixes: 06e562e7f515 ("drm/i915/ringbuffer: Delay after EMIT_INVALIDATE for gen4/gen5") # v4.18.20
Bugzilla: https://bugs.freedesktop.org/show_bug.cgi?id=108850
Signed-off-by: Chris Wilson <chris@chris-wilson.co.uk>
Cc: Tvrtko Ursulin <tvrtko.ursulin@intel.com>
Cc: Mika Kuoppala <mika.kuoppala@linux.intel.com>
Reviewed-by: Mika Kuoppala <mika.kuoppala@linux.intel.com>
Link: https://patchwork.freedesktop.org/patch/msgid/20181204141522.13640-1-chris@chris-wilson.co.uk
Cc: Joonas Lahtinen <joonas.lahtinen@linux.intel.com>
Cc: <stable@vger.kernel.org> # v4.18.20+
(cherry picked from commit 5179749925933575a67f9d8f16d0cc204f98a29f)
[Joonas: Use new function in gen9_init_indirectctx_bb too]
Signed-off-by: Joonas Lahtinen <joonas.lahtinen@linux.intel.com>
6 years agodrm/i915/execlists: Apply a full mb before execution for Braswell
Chris Wilson [Thu, 6 Dec 2018 08:44:31 +0000 (08:44 +0000)]
drm/i915/execlists: Apply a full mb before execution for Braswell

Braswell is really picky about having our writes posted to memory before
we execute or else the GPU may see stale values. A wmb() is insufficient
as it only ensures the writes are visible to other cores, we need a full
mb() to ensure the writes are in memory and visible to the GPU.

The most frequent failure in flushing before execution is that we see
stale PTE values and execute the wrong pages.

References: 987abd5c62f9 ("drm/i915/execlists: Force write serialisation into context image vs execution")
Signed-off-by: Chris Wilson <chris@chris-wilson.co.uk>
Cc: Mika Kuoppala <mika.kuoppala@linux.intel.com>
Cc: Tvrtko Ursulin <tvrtko.ursulin@intel.com>
Cc: Joonas Lahtinen <joonas.lahtinen@linux.intel.com>
Cc: stable@vger.kernel.org
Reviewed-by: Tvrtko Ursulin <tvrtko.ursulin@intel.com>
Link: https://patchwork.freedesktop.org/patch/msgid/20181206084431.9805-3-chris@chris-wilson.co.uk
(cherry picked from commit 490b8c65b9db45896769e1095e78725775f47b3e)
Signed-off-by: Joonas Lahtinen <joonas.lahtinen@linux.intel.com>
6 years agodrm/nouveau/kms: Fix memory leak in nv50_mstm_del()
Lyude Paul [Tue, 11 Dec 2018 23:56:20 +0000 (18:56 -0500)]
drm/nouveau/kms: Fix memory leak in nv50_mstm_del()

Noticed this while working on redoing the reference counting scheme in
the DP MST helpers. Nouveau doesn't attempt to call
drm_dp_mst_topology_mgr_destroy() at all, which leaves it leaking all of
the resources for drm_dp_mst_topology_mgr and it's children mstbs+ports.

Fixes: f479c0ba4a17 ("drm/nouveau/kms/nv50: initial support for DP 1.2 multi-stream")
Signed-off-by: Lyude Paul <lyude@redhat.com>
Cc: <stable@vger.kernel.org> # v4.10+
Signed-off-by: Ben Skeggs <bskeggs@redhat.com>
6 years agodrm/nouveau/kms/nv50-: also flush fb writes when rewinding push buffer
Ben Skeggs [Wed, 12 Dec 2018 06:51:17 +0000 (16:51 +1000)]
drm/nouveau/kms/nv50-: also flush fb writes when rewinding push buffer

Should hopefully fix a regression some people have been seeing since EVO
push buffers were moved to VRAM by default on Pascal GPUs.

Fixes: d00ddd9da ("drm/nouveau/kms/nv50-: allocate push buffers in vidmem on pascal")
Signed-off-by: Ben Skeggs <bskeggs@redhat.com>
Cc: <stable@vger.kernel.org> # 4.19+
6 years agoselftests/seccomp: Remove SIGSTOP si_pid check
Kees Cook [Thu, 6 Dec 2018 23:50:38 +0000 (15:50 -0800)]
selftests/seccomp: Remove SIGSTOP si_pid check

Commit f149b3155744 ("signal: Never allocate siginfo for SIGKILL or SIGSTOP")
means that the seccomp selftest cannot check si_pid under SIGSTOP anymore.
Since it's believed[1] there are no other userspace things depending on the
old behavior, this removes the behavioral check in the selftest, since it's
more a "extra" sanity check (which turns out, maybe, not to have been
useful to test).

[1] https://lkml.kernel.org/r/CAGXu5jJaZAOzP1qFz66tYrtbuywqb+UN2SOA1VLHpCCOiYvYeg@mail.gmail.com

Reported-by: Tycho Andersen <tycho@tycho.ws>
Suggested-by: Eric W. Biederman <ebiederm@xmission.com>
Signed-off-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Shuah Khan <shuah@kernel.org>
6 years agoblock: Fix null_blk_zoned creation failure with small number of zones
Shin'ichiro Kawasaki [Tue, 11 Dec 2018 12:08:26 +0000 (21:08 +0900)]
block: Fix null_blk_zoned creation failure with small number of zones

null_blk_zoned creation fails if the number of zones specified is equal to or is
smaller than 64 due to a memory allocation failure in blk_alloc_zones(). With
such a small number of zones, the required memory size for all zones descriptors
fits in a single page, and the page order for alloc_pages_node() is zero. Allow
this value in blk_alloc_zones() for the allocation to succeed.

Fixes: bf5054569653 "block: Introduce blk_revalidate_disk_zones()"
Reviewed-by: Damien Le Moal <damien.lemoal@wdc.com>
Signed-off-by: Shin'ichiro Kawasaki <shinichiro.kawasaki@wdc.com>
Signed-off-by: Jens Axboe <axboe@kernel.dk>
6 years agofuse: continue to send FUSE_RELEASEDIR when FUSE_OPEN returns ENOSYS
Chad Austin [Mon, 10 Dec 2018 18:54:52 +0000 (10:54 -0800)]
fuse: continue to send FUSE_RELEASEDIR when FUSE_OPEN returns ENOSYS

When FUSE_OPEN returns ENOSYS, the no_open bit is set on the connection.

Because the FUSE_RELEASE and FUSE_RELEASEDIR paths share code, this
incorrectly caused the FUSE_RELEASEDIR request to be dropped and never sent
to userspace.

Pass an isdir bool to distinguish between FUSE_RELEASE and FUSE_RELEASEDIR
inside of fuse_file_put.

Fixes: 7678ac50615d ("fuse: support clients that don't implement 'open'")
Cc: <stable@vger.kernel.org> # v3.14
Signed-off-by: Chad Austin <chadaustin@fb.com>
Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
6 years agodm thin: send event about thin-pool state change _after_ making it
Mike Snitzer [Tue, 11 Dec 2018 18:31:40 +0000 (13:31 -0500)]
dm thin: send event about thin-pool state change _after_ making it

Sending a DM event before a thin-pool state change is about to happen is
a bug.  It wasn't realized until it became clear that userspace response
to the event raced with the actual state change that the event was
meant to notify about.

Fix this by first updating internal thin-pool state to reflect what the
DM event is being issued about.  This fixes a long-standing racey/buggy
userspace device-mapper-test-suite 'resize_io' test that would get an
event but not find the state it was looking for -- so it would just go
on to hang because no other events caused the test to reevaluate the
thin-pool's state.

Cc: stable@vger.kernel.org
Signed-off-by: Mike Snitzer <snitzer@redhat.com>