| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
I'm working on improving the __assign_str() and __string() macros to be
more efficient, and removed some unneeded semicolons. This triggered a bug
in the build as some of the __assign_str() macros in intel_display_trace
was missing a terminating semicolon.
Link: https://lore.kernel.org/linux-trace-kernel/[email protected]
Cc: Daniel Vetter <[email protected]>
Cc: David Airlie <[email protected]>
Cc: [email protected]
Fixes: 2ceea5d88048b ("drm/i915: Print plane name in fbc tracepoints")
Reviewed-by: Ville Syrjälä <[email protected]>
Acked-by: Rodrigo Vivi <[email protected]>
Signed-off-by: Steven Rostedt (Google) <[email protected]>
|
|
I'm working on restructuring the __string* macros so that it doesn't need
to recalculate the string twice. That is, it will save it off when
processing __string() and the __assign_str() will not need to do the work
again as it currently does.
Currently __string_len(item, src, len) doesn't actually use "src", but my
changes will require src to be correct as that is where the __assign_str()
will get its value from.
The event class nfsd_clid_class has:
__string_len(name, name, clp->cl_name.len)
But the second "name" does not exist and causes my changes to fail to
build. That second parameter should be: clp->cl_name.data.
Link: https://lore.kernel.org/linux-trace-kernel/[email protected]
Cc: Neil Brown <[email protected]>
Cc: Olga Kornievskaia <[email protected]>
Cc: Dai Ngo <[email protected]>
Cc: Tom Talpey <[email protected]>
Cc: [email protected]
Fixes: d27b74a8675ca ("NFSD: Use new __string_len C macros for nfsd_clid_class")
Acked-by: Chuck Lever <[email protected]>
Acked-by: Jeff Layton <[email protected]>
Signed-off-by: Steven Rostedt (Google) <[email protected]>
|
|
Instead of using UTS_RELEASE, use init_utsname()->release, which means that
we don't need to rebuild the code just for the git head commit changing.
Link: https://lore.kernel.org/linux-trace-kernel/[email protected]
Signed-off-by: John Garry <[email protected]>
Signed-off-by: Steven Rostedt (Google) <[email protected]>
|
|
User programs can now ask user_events to handle the synchronization of
multiple different formats for an event with the same name via the new
USER_EVENT_REG_MULTI_FORMAT flag.
Add a section for USER_EVENT_REG_MULTI_FORMAT that explains the intended
purpose and caveats of using it. Explain how deletion works in these
cases and how to use /sys/kernel/tracing/dynamic_events for per-version
deletion.
Link: https://lore.kernel.org/linux-trace-kernel/[email protected]
Signed-off-by: Beau Belgrave <[email protected]>
Signed-off-by: Steven Rostedt (Google) <[email protected]>
|
|
User_events now has multi-format events which allow for the same
register name, but with different formats. When this occurs, different
tracepoints are created with unique names.
Add a new test that ensures the same name can be used for two different
formats. Ensure they are isolated from each other and that name and arg
matching still works if yet another register comes in with the same
format as one of the two.
Link: https://lore.kernel.org/linux-trace-kernel/[email protected]
Signed-off-by: Beau Belgrave <[email protected]>
Signed-off-by: Steven Rostedt (Google) <[email protected]>
|
|
Currently user_events supports 1 event with the same name and must have
the exact same format when referenced by multiple programs. This opens
an opportunity for malicious or poorly thought through programs to
create events that others use with different formats. Another scenario
is user programs wishing to use the same event name but add more fields
later when the software updates. Various versions of a program may be
running side-by-side, which is prevented by the current single format
requirement.
Add a new register flag (USER_EVENT_REG_MULTI_FORMAT) which indicates
the user program wishes to use the same user_event name, but may have
several different formats of the event. When this flag is used, create
the underlying tracepoint backing the user_event with a unique name
per-version of the format. It's important that existing ABI users do
not get this logic automatically, even if one of the multi format
events matches the format. This ensures existing programs that create
events and assume the tracepoint name will match exactly continue to
work as expected. Add logic to only check multi-format events with
other multi-format events and single-format events to only check
single-format events during find.
Change system name of the multi-format event tracepoint to ensure that
multi-format events are isolated completely from single-format events.
This prevents single-format names from conflicting with multi-format
events if they end with the same suffix as the multi-format events.
Add a register_name (reg_name) to the user_event struct which allows for
split naming of events. We now have the name that was used to register
within user_events as well as the unique name for the tracepoint. Upon
registering events ensure matches based on first the reg_name, followed
by the fields and format of the event. This allows for multiple events
with the same registered name to have different formats. The underlying
tracepoint will have a unique name in the format of {reg_name}.{unique_id}.
For example, if both "test u32 value" and "test u64 value" are used with
the USER_EVENT_REG_MULTI_FORMAT the system would have 2 unique
tracepoints. The dynamic_events file would then show the following:
u:test u64 count
u:test u32 count
The actual tracepoint names look like this:
test.0
test.1
Both would be under the new user_events_multi system name to prevent the
older ABI from being used to squat on multi-formatted events and block
their use.
Deleting events via "!u:test u64 count" would only delete the first
tracepoint that matched that format. When the delete ABI is used all
events with the same name will be attempted to be deleted. If
per-version deletion is required, user programs should either not use
persistent events or delete them via dynamic_events.
Link: https://lore.kernel.org/linux-trace-kernel/[email protected]
Signed-off-by: Beau Belgrave <[email protected]>
Signed-off-by: Steven Rostedt (Google) <[email protected]>
|
|
The current code for finding and deleting events assumes that there will
never be cases when user_events are registered with the same name, but
different formats. Scenarios exist where programs want to use the same
name but have different formats. An example is multiple versions of a
program running side-by-side using the same event name, but with updated
formats in each version.
This change does not yet allow for multi-format events. If user_events
are registered with the same name but different arguments the programs
see the same return values as before. This change simply makes it
possible to easily accommodate for this.
Update find_user_event() to take in argument parameters and register
flags to accommodate future multi-format event scenarios. Have find
validate argument matching and return error pointers to cover when
an existing event has the same name but different format. Update
callers to handle error pointer logic.
Move delete_user_event() to use hash walking directly now that
find_user_event() has changed. Delete all events found that match the
register name, stop if an error occurs and report back to the user.
Update user_fields_match() to cover list_empty() scenarios now that
find_user_event() uses it directly. This makes the logic consistent
across several callsites.
Link: https://lore.kernel.org/linux-trace-kernel/[email protected]
Signed-off-by: Beau Belgrave <[email protected]>
Signed-off-by: Steven Rostedt (Google) <[email protected]>
|
|
When a ring-buffer is memory mapped by user-space, no trace or
ring-buffer swap is possible. This means the snapshot feature is
mutually exclusive with the memory mapping. Having a refcount on
snapshot users will help to know if a mapping is possible or not.
Instead of relying on the global trace_types_lock, a new spinlock is
introduced to serialize accesses to trace_array->snapshot. This intends
to allow access to that variable in a context where the mmap lock is
already held.
Link: https://lore.kernel.org/linux-trace-kernel/[email protected]
Signed-off-by: Vincent Donnefort <[email protected]>
Signed-off-by: Steven Rostedt (Google) <[email protected]>
|
|
The default behavior of ring_buffer_wait() when passed a NULL "cond"
parameter is to exit the function the first time it is woken up. The
current implementation uses a counter that starts at zero and when it is
greater than one it exits the wait_event_interruptible().
But this relies on the internal working of wait_event_interruptible() as
that code basically has:
if (cond)
return;
prepare_to_wait();
if (!cond)
schedule();
finish_wait();
That is, cond is called twice before it sleeps. The default cond of
ring_buffer_wait() needs to account for that and wait for its counter to
increment twice before exiting.
Instead, use the seq/atomic_inc logic that is used by the tracing code
that calls this function. Add an atomic_t seq to rb_irq_work and when cond
is NULL, have the default callback take a descriptor as its data that
holds the rbwork and the value of the seq when it started.
The wakeups will now increment the rbwork->seq and the cond callback will
simply check if that number is different, and no longer have to rely on
the implementation of wait_event_interruptible().
Link: https://lore.kernel.org/linux-trace-kernel/[email protected]
Cc: Masami Hiramatsu <[email protected]>
Cc: Mathieu Desnoyers <[email protected]>
Fixes: 7af9ded0c2ca ("ring-buffer: Use wait_event_interruptible() in ring_buffer_wait()")
Signed-off-by: Steven Rostedt (Google) <[email protected]>
|
|
Remove a unnecessary level of indenting in some areas of the reference
section. No text changes.
Signed-off-by: Thorsten Leemhuis <[email protected]>
Signed-off-by: Jonathan Corbet <[email protected]>
Message-ID: <01f1a407e92b92d9f8614bd34882956694bab123.1710750972.git.linux@leemhuis.info>
|
|
A bunch of minor fixes and improvements and two other things:
- Explain the 'v' version prefix when it's first used, but drop it
everywhere in the text for consistency. Also drop single quotes around
a few version numbers.
- Point out that testing a stable/longterm kernel only makes sense if
the series is still supported.
Signed-off-by: Thorsten Leemhuis <[email protected]>
Signed-off-by: Jonathan Corbet <[email protected]>
Message-ID: <f13d203d5975419608996300992eaa2e4fcc2dc1.1710750972.git.linux@leemhuis.info>
|
|
Instruct readers to check the taint flag, as the reason why it's set
might directly or indirectly cause the bug or interfere with testing.
Signed-off-by: Thorsten Leemhuis <[email protected]>
Signed-off-by: Jonathan Corbet <[email protected]>
Message-ID: <8fcaffa8e85f36d51178d61061355c3c8bc85a0f.1710750972.git.linux@leemhuis.info>
|
|
These changes among others ensure modules will be installed when
/sbin/installkernel is missing. Furthermore describe better what tasks
the script ideally performs so that users can more easily check if those
have been taken care of. In addition to that point to the distro's
documentation for further details on installing kernels manually.
Signed-off-by: Thorsten Leemhuis <[email protected]>
Signed-off-by: Jonathan Corbet <[email protected]>
Message-ID: <e392bd5eb12654bed635f32b24304a712b0c67d1.1710750972.git.linux@leemhuis.info>
|
|
On the reference documentation for regzbot, the fixed-by command has
been renamed to fix. Update the kernel documentation accordingly.
Link: https://gitlab.com/knurd42/regzbot/-/blob/main/docs/reference.md
Link: https://gitlab.com/knurd42/regzbot/-/commit/6d8d30f6bda84e1b711121bb98a07a464d3f089a
Reviewed-by: Thorsten Leemhuis <[email protected]>
Signed-off-by: "Nícolas F. R. A. Prado" <[email protected]>
Signed-off-by: Jonathan Corbet <[email protected]>
Message-ID: <[email protected]>
|
|
Use colon as command terminator everywhere for consistency, even though
it's not strictly necessary. That way it will also match regzbot's
reference documentation.
Link: https://gitlab.com/knurd42/regzbot/-/blob/main/docs/reference.md
Reviewed-by: Thorsten Leemhuis <[email protected]>
Signed-off-by: "Nícolas F. R. A. Prado" <[email protected]>
Signed-off-by: Jonathan Corbet <[email protected]>
Message-ID: <[email protected]>
|
|
This patch corrects a spelling error specifically
the word "supports" was misspelled "suppors".
No functional changes are made by this patch; it
only improves the accuracy and readability of the
documentation.
Signed-off-by: Kendra Moore <[email protected]>
Reviewed-by: "Matthew Wilcox (Oracle)" <[email protected]>
Signed-off-by: Jonathan Corbet <[email protected]>
Message-ID: <[email protected]>
|
|
- ReStructured Text should be exactly reStructuredText
- "reStructuredText" is ONE word, not two! according to https://docutils.sourceforge.io/rst.html
Signed-off-by: Maki Hatano <[email protected]>
Signed-off-by: Jonathan Corbet <[email protected]>
Message-ID: <[email protected]>
|
|
Fix fscache_begin_operation() to clear cres->cache_priv on error, otherwise
fscache_resources_valid() will report it as being valid.
Signed-off-by: David Howells <[email protected]>
Link: https://lore.kernel.org/r/[email protected]
Reviewed-by: Jeff Layton <[email protected]>
Reported-by: Marc Dionne <[email protected]>
cc: Jeff Layton <[email protected]>
cc: [email protected]
cc: [email protected]
Signed-off-by: Christian Brauner <[email protected]>
|
|
Now that we open block devices as files we need to deal with the
realities that closing is a deferred operation. An operation on the
block device such as e.g., freeze, thaw, or removal that runs
concurrently with umount, tries to acquire a stable reference on the
holder. The holder might already be gone though. Make that reliable by
grabbing a passive reference to the holder during bdev_open() and
releasing it during bdev_release().
Fixes: f3a608827d1f ("bdev: open block device as files") # mainline only
Reported-by: Christoph Hellwig <[email protected]>
Link: https://lore.kernel.org/r/[email protected]
Reviewed-by: Jan Kara <[email protected]>
Reviewed-by: Christoph Hellwig <[email protected]>
Tested-by: Yi Zhang <[email protected]>
Reported-by: https://lore.kernel.org/r/CAHj4cs8tbDwKRwfS1=DmooP73ysM__xAb2PQc6XsAmWR+VuYmg@mail.gmail.com
Link: https://lore.kernel.org/r/20240315-freibad-annehmbar-ca68c375af91@brauner
Signed-off-by: Christian Brauner <[email protected]>
|
|
Signed-off-by: Kent Overstreet <[email protected]>
|
|
check_topology() doesn't actually require alloc info - and running it
first means other passes don't have to catch btree read errors.
Signed-off-by: Kent Overstreet <[email protected]>
|
|
error messages should always include __func__
Signed-off-by: Kent Overstreet <[email protected]>
|
|
Signed-off-by: Kent Overstreet <[email protected]>
|
|
Signed-off-by: Kent Overstreet <[email protected]>
|
|
Signed-off-by: Kent Overstreet <[email protected]>
|
|
this fixes an assertion pop in
bch2_check_snapshot_trees() ->
check_snapshot_tree() ->
bch2_snapshot_tree_master_subvol() ->
bch2_snapshot_is_ancestor()
Signed-off-by: Kent Overstreet <[email protected]>
|
|
Nested transaction restart handling is typically best avoided; when the
inner context handles a transaction restart it invalidates the outer
transaction context, so we need to make sure to return a
transaction_restart_nested error.
This code wasn't doing that, and hit the assertion in
for_each_btree_key() that checks for that via trans->restart_count.
Signed-off-by: Kent Overstreet <[email protected]>
|
|
Print out the function that launched the btree update.
Signed-off-by: Kent Overstreet <[email protected]>
|
|
This fixes a deadlock due to using btree_interior_update_worker for non
interior updates - async btree node rewrites were blocking, and then
blocking other interior updates.
Signed-off-by: Kent Overstreet <[email protected]>
|
|
Signed-off-by: Kent Overstreet <[email protected]>
|
|
After keys have passed bkey_ops.key_invalid we should never see invalid
extent entry types - but .key_invalid itself needs to cope with them.
Signed-off-by: Kent Overstreet <[email protected]>
|
|
We only need to return transaction_restart_nested when we're inside a
context that's handling transaction restarts.
Also, add a missing check_subdir_count() call.
Signed-off-by: Kent Overstreet <[email protected]>
|
|
Signed-off-by: Kent Overstreet <[email protected]>
|
|
This doesn't need to be a BUG_ON(); the actual serious "things break"
condition is if the whole journal write overruns the available space,
and that has a fatal error, not a BUG_ON(). This check indicates we
screwed something up, but it should be a warning.
Signed-off-by: Kent Overstreet <[email protected]>
|
|
git://git.kernel.org/pub/scm/linux/kernel/git/i3c/linux
Pull i3c updates from Alexandre Belloni:
"Not much this cycle with only three patches.
Core:
- i3c_bus_type is now const
Drivers:
- dw: disabling IBI is only allowed when hot join and SIR are disabled"
* tag 'i3c/for-6.9' of git://git.kernel.org/pub/scm/linux/kernel/git/i3c/linux:
i3c: Make i3c_bus_type const
i3c: dw: Disable IBI IRQ depends on hot-join and SIR enabling
dt-bindings: i3c: drop "master" node name suffix
|
|
git://git.kernel.org/pub/scm/linux/kernel/git/efi/efi
Pull EFI fix from Ard Biesheuvel:
"This fixes an oversight on my part in the recent EFI stub rework for
x86, which is needed to get Linux/x86 distro builds signed again for
secure boot by Microsoft. For this reason, most of this work is being
backported to v6.1, which is therefore also affected by this
regression.
- Explicitly wipe BSS in the native EFI entrypoint, so that globals
shared with the legacy decompressor are zero-initialized correctly"
* tag 'efi-fixes-for-v6.9-1' of git://git.kernel.org/pub/scm/linux/kernel/git/efi/efi:
x86/efistub: Clear decompressor BSS in native EFI entrypoint
|
|
git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
Pull timer fix from Ingo Molnar:
"Fix timer migration bug that can result in long bootup delays and
other oddities"
* tag 'timers-urgent-2024-03-17' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
timer/migration: Remove buggy early return on deactivation
|
|
git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
Pull x86 perf event fixes from Ingo Molnar:
- Work around AMD erratum to filter out bogus LBR stack entries
- Fix incorrect PMU reset that can result in warnings (or worse)
during suspend/hibernation
* tag 'perf-urgent-2024-03-17' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
perf/x86/amd/core: Avoid register reset when CPU is dead
perf/x86/amd/lbr: Discard erroneous branch entries
|
|
git://www.linux-watchdog.org/linux-watchdog
Pull watchdog updates from Wim Van Sebroeck:
- Remove usage of the deprecated ida_simple_xx() API
- Add kernel-doc for wdt_set_timeout()
- Add support for R-Car V4M, StarFive's JH8100 and sam9x7-wdt
- Fixes and small improvements
* tag 'linux-watchdog-6.9-rc1' of git://www.linux-watchdog.org/linux-watchdog:
watchdog: intel-mid_wdt: Get platform data via dev_get_platdata()
watchdog: intel-mid_wdt: Don't use "proxy" headers
watchdog: intel-mid_wdt: Remove unused intel-mid.h
dt-bindings: watchdog: sama5d4-wdt: add compatible for sam9x7-wdt
dt-bindings: watchdog: sprd,sp9860-wdt: convert to YAML
dt-bindings: watchdog: starfive,jh7100-wdt: Add compatible for JH8100
watchdog: stm32_iwdg: initialize default timeout
dt-bindings: watchdog: arm,sp805: document the reset signal
watchdog: sp805_wdt: deassert the reset if available
watchdog/hpwdt: Support Suspend and Resume
dt-bindings: watchdog: renesas-wdt: Add support for R-Car V4M
watchdog: starfive: check watchdog status before enabling in system resume
watchdog: starfive: Check pm_runtime_enabled() before decrementing usage counter
watchdog: qcom: fine tune the max timeout value calculation
watchdog: Add kernel-doc for wdt_set_timeout()
watchdog: core: Remove usage of the deprecated ida_simple_xx() API
|
|
git://git.kernel.org/pub/scm/linux/kernel/git/brodo/linux
Pull PCMCIA updates from Dominik Brodowski:
"Mark some structs 'const' now that the driver core supports it
(Ricardo B Marliere)"
* tag 'pcmcia-6.9-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/brodo/linux:
pcmcia: cs: make pcmcia_socket_class constant
pcmcia: ds: make pcmcia_bus_type const
|
|
git://git.kernel.org/pub/scm/linux/kernel/git/dtor/input
Pull input updates from Dmitry Torokhov:
- a new driver for Goodix Berlin I2C and SPI touch controllers
- support for IQS7222D v1.1 and v1.2 in iqs7222 driver
- support for IST3032C and IST3038B parts in Imagis touchscreen driver
- support for touch keys for Imagis touchscreen controllers
- support for Snakebyte GAMEPADs in xpad driver
- various cleanups and conversions to yaml for device tree bindings
- assorted fixes and cleanups
- old Synaptics navpoint driver has been removed since the only board
that used it (HP iPAQ hx4700) was removed a while ago.
* tag 'input-for-v6.9-rc0' of git://git.kernel.org/pub/scm/linux/kernel/git/dtor/input: (37 commits)
Input: xpad - add support for Snakebyte GAMEPADs
dt-bindings: input: samsung,s3c6410-keypad: convert to DT Schema
Input: imagis - add touch key support
dt-bindings: input: imagis: Document touch keys
Input: imagis - use FIELD_GET where applicable
Input: make input_class constant
dt-bindings: input: atmel,captouch: convert bindings to YAML
Input: iqs7222 - add support for IQS7222D v1.1 and v1.2
dt-bindings: input: allwinner,sun4i-a10-lrad: drop redundant type from label
Input: serio - make serio_bus const
Input: synaptics-rmi4 - make rmi_bus_type const
Input: xilinx_ps2 - fix kernel-doc for xps2_of_probe function
input/touchscreen: imagis: add support for IST3032C
dt-bindings: input/touchscreen: imagis: add compatible for IST3032C
input/touchscreen: imagis: Add support for Imagis IST3038B
dt-bindings: input/touchscreen: Add compatible for IST3038B
input/touchscreen: imagis: Correct the maximum touch area value
Input: leds - change config symbol dependency for audio mute trigger
Input: ti_am335x_tsc - remove redundant assignment to variable config
Input: xpad - sort xpad_device by vendor and product ID
...
|
|
With the current implementation, there are some cornercases where
a host fault would be treated as a guest fault, for example
when the sie instruction causes a program check. Therefore store
the gmap asce in ptregs, and use that to compare the primary asce
from the fault instead of matching instruction addresses.
Suggested-by: Heiko Carstens <[email protected]>
Signed-off-by: Sven Schnelle <[email protected]>
Signed-off-by: Heiko Carstens <[email protected]>
|
|
With only one OUTSIDE user left, remove the macro and move the code
directly to the machine check handler. This has the advantage that
it is much easier to determine which registers are used.
Signed-off-by: Sven Schnelle <[email protected]>
Reviewed-by: Heiko Carstens <[email protected]>
Signed-off-by: Heiko Carstens <[email protected]>
|
|
When a program check, interrupt or machine check is triggered, the
PSW address is compared to a certain range of the sie64a() function
to figure out whether SIE was interrupted and a cleanup of SIE is
needed.
This doesn't work with kprobes: If kprobes probes an instruction, it
copies the instruction to the kprobes instruction page and overwrites the
original instruction with an undefind instruction (Opcode 00). When this
instruction is hit later, kprobes single-steps the instruction on the
kprobes_instruction page.
However, if this instruction is a relative branch instruction it will now
point to a different location in memory due to being moved to the kprobes
instruction page. If the new branch target points into sie64a() the kernel
assumes it interrupted SIE when processing the breakpoint and will crash
trying to access the SIE control block.
Instead of comparing the address, introduce a new CIF_SIE flag which
indicates whether SIE was interrupted.
Signed-off-by: Sven Schnelle <[email protected]>
Suggested-by: Heiko Carstens <[email protected]>
Reviewed-by: Heiko Carstens <[email protected]>
Signed-off-by: Heiko Carstens <[email protected]>
|
|
Use more natural while (i--) pattern to clean up allocated resources.
Signed-off-by: Andy Shevchenko <[email protected]>
Acked-by: Vineeth Vijayan <[email protected]>
Link: https://lore.kernel.org/r/[email protected]
Signed-off-by: Heiko Carstens <[email protected]>
|
|
In bind_evtchn_to_irq_chip() don't increment the refcnt of the event
channel blindly. In case the event channel is NOT refcounted, issue a
warning instead.
Add an additional safety net by doing the refcnt increment only if the
caller has specified IRQF_SHARED in the irqflags parameter.
Fixes: 9e90e58c11b7 ("xen: evtchn: Allow shared registration of IRQ handers")
Signed-off-by: Juergen Gross <[email protected]>
Reviewed-by: Oleksandr Tyshchenko <[email protected]>
Link: https://lore.kernel.org/r/[email protected]
Signed-off-by: Juergen Gross <[email protected]>
|
|
When unbinding a user event channel, the related handler might be
called a last time in case the kernel was built with
CONFIG_DEBUG_SHIRQ. This might cause a WARN() in the handler.
Avoid that by adding an "unbinding" flag to struct user_event which
will short circuit the handler.
Fixes: 9e90e58c11b7 ("xen: evtchn: Allow shared registration of IRQ handers")
Reported-by: Demi Marie Obenour <[email protected]>
Tested-by: Demi Marie Obenour <[email protected]>
Signed-off-by: Juergen Gross <[email protected]>
Reviewed-by: Oleksandr Tyshchenko <[email protected]>
Link: https://lore.kernel.org/r/[email protected]
Signed-off-by: Juergen Gross <[email protected]>
|
|
If ->NameOffset of smb2_create_req is smaller than Buffer offset of
smb2_create_req, slab-out-of-bounds read can happen from smb2_open.
This patch set the minimum value of the name offset to the buffer offset
to validate name length of smb2_create_req().
Cc: [email protected]
Reported-by: Xuanzhe Yu <[email protected]>
Signed-off-by: Namjae Jeon <[email protected]>
Signed-off-by: Steve French <[email protected]>
|
|
syzbot hit an assertion in copy up data loop which looks like it is
the result of a lower file whose size is being changed underneath
overlayfs.
This type of use case is documented to cause undefined behavior, so
returning EIO error for the copy up makes sense, but it should not be
causing a WARN_ON assertion.
Reported-and-tested-by: [email protected]
Fixes: ca7ab482401c ("ovl: add permission hooks outside of do_splice_direct()")
Signed-off-by: Amir Goldstein <[email protected]>
|
|
environment
In function ring_buffer_iter_empty(), cpu_buffer->commit_page is read
while other threads may change it. It may cause the time_stamp that read
in the next line come from a different page. Use READ_ONCE() to avoid
having to reason about compiler optimizations now and in future.
Link: https://lore.kernel.org/linux-trace-kernel/[email protected]
Cc: Masami Hiramatsu <[email protected]>
Cc: Mathieu Desnoyers <[email protected]>
Signed-off-by: linke li <[email protected]>
Signed-off-by: Steven Rostedt (Google) <[email protected]>
|