apfs/linux-apfs
0
0
Fork 0
mirror of https://github.com/linux-apfs/linux-apfs.git synced 2026-05-01 15:00:59 -07:00
Code Issues Packages Projects Releases Wiki Activity
647,209 Commits 2 Branches 0 Tags
1bbb05f52055c8b2fc1cbb2ac272b011593172f9
Commit Graph

647209 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Linus Torvalds 1bbb05f520 Merge branch 'x86-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 
Pull x86 fixes and cleanups from Thomas Gleixner:
 "This set of updates contains:

   - Robustification for the logical package managment. Cures the AMD
     and virtualization issues.

   - Put the correct start_cpu() return address on the stack of the idle
     task.

   - Fixups for the fallout of the nodeid <-> cpuid persistent mapping
     modifciations

   - Move the x86/MPX specific mm_struct member to the arch specific
     mm_context where it belongs

   - Cleanups for C89 struct initializers and useless function
     arguments"

* 'x86-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
  x86/floppy: Use designated initializers
  x86/mpx: Move bd_addr to mm_context_t
  x86/mm: Drop unused argument 'removed' from sync_global_pgds()
  ACPI/NUMA: Do not map pxm to node when NUMA is turned off
  x86/acpi: Use proper macro for invalid node
  x86/smpboot: Prevent false positive out of bounds cpumask access warning
  x86/boot/64: Push correct start_cpu() return address
  x86/boot/64: Use 'push' instead of 'call' in start_cpu()
  x86/smpboot: Make logical package management more robust
 2016-12-18 11:12:53 -08:00
Linus Torvalds 451bb1a6b2 Merge branch 'timers-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 
Pull timer fix from Thomas Gleixner:
 "Prevent NULL pointer dereferencing in the tick broadcast code. Old
  bug, which got unearthed by the hotplug ordering problem"

* 'timers-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
  tick/broadcast: Prevent NULL pointer dereference
 2016-12-18 11:11:01 -08:00
Linus Torvalds 98da295b35 Merge branch 'smp-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 
Pull SMP hotplug fixes from Thomas Gleixner:
 "Two fixlets for cpu hotplug:

   - Fix a subtle ordering problem with the dummy timer. This happened
     to work before the conversion by chance due to initcall ordering.

   - Fix the function comment for __cpuhp_setup_state()"

* 'smp-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
  cpu/hotplug: Clarify description of __cpuhp_setup_state() return value
  clocksource/dummy_timer: Move hotplug callback after the real timers
 2016-12-18 11:06:05 -08:00
Linus Torvalds eb3a3c0746 Merge branch 'irq-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 
Pull irq fix from Thomas Gleixner:
 "A fix for the irq affinity spread algorithm so it handles non linear
  node numbering nicely"

* 'irq-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
  genirq/affinity: Fix node generation from cpumask
 2016-12-18 11:00:56 -08:00
Kees Cook ffc7dc8d83 x86/floppy: Use designated initializers 
Prepare to mark sensitive kernel structures for randomization by making
sure they're using designated initializers. These were identified during
allyesconfig builds of x86, arm, and arm64, with most initializer fixes
extracted from grsecurity.

Signed-off-by: Kees Cook <keescook@chromium.org>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Link: http://lkml.kernel.org/r/20161217213705.GA1248@beast
Signed-off-by: Ingo Molnar <mingo@kernel.org>
 2016-12-18 09:25:38 +01:00
Linus Torvalds 52f40e9d65 Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 
Pull networking fixes and cleanups from David Miller:

 1) Revert bogus nla_ok() change, from Alexey Dobriyan.

 2) Various bpf validator fixes from Daniel Borkmann.

 3) Add some necessary SET_NETDEV_DEV() calls to hsis_femac and hip04
    drivers, from Dongpo Li.

 4) Several ethtool ksettings conversions from Philippe Reynes.

 5) Fix bugs in inet port management wrt. soreuseport, from Tom Herbert.

 6) XDP support for virtio_net, from John Fastabend.

 7) Fix NAT handling within a vrf, from David Ahern.

 8) Endianness fixes in dpaa_eth driver, from Claudiu Manoil

* git://git.kernel.org/pub/scm/linux/kernel/git/davem/net: (63 commits)
  net: mv643xx_eth: fix build failure
  isdn: Constify some function parameters
  mlxsw: spectrum: Mark split ports as such
  cgroup: Fix CGROUP_BPF config
  qed: fix old-style function definition
  net: ipv6: check route protocol when deleting routes
  r6040: move spinlock in r6040_close as SOFTIRQ-unsafe lock order detected
  irda: w83977af_ir: cleanup an indent issue
  net: sfc: use new api ethtool_{get|set}_link_ksettings
  net: davicom: dm9000: use new api ethtool_{get|set}_link_ksettings
  net: cirrus: ep93xx: use new api ethtool_{get|set}_link_ksettings
  net: chelsio: cxgb3: use new api ethtool_{get|set}_link_ksettings
  net: chelsio: cxgb2: use new api ethtool_{get|set}_link_ksettings
  bpf: fix mark_reg_unknown_value for spilled regs on map value marking
  bpf: fix overflow in prog accounting
  bpf: dynamically allocate digest scratch buffer
  gtp: Fix initialization of Flags octet in GTPv1 header
  gtp: gtp_check_src_ms_ipv4() always return success
  net/x25: use designated initializers
  isdn: use designated initializers
  ...
 2016-12-17 20:17:04 -08:00
Linus Torvalds 231753ef78 Merge uncontroversial parts of branch 'readlink' of git://git.kernel.org/pub/scm/linux/kernel/git/mszeredi/vfs 
Pull partial readlink cleanups from Miklos Szeredi.

This is the uncontroversial part of the readlink cleanup patch-set that
simplifies the default readlink handling.

Miklos and Al are still discussing the rest of the series.

* git://git.kernel.org/pub/scm/linux/kernel/git/mszeredi/vfs:
  vfs: make generic_readlink() static
  vfs: remove ".readlink = generic_readlink" assignments
  vfs: default to generic_readlink()
  vfs: replace calling i_op->readlink with vfs_readlink()
  proc/self: use generic_readlink
  ecryptfs: use vfs_get_link()
  bad_inode: add missing i_op initializers
 2016-12-17 19:16:12 -08:00
Sudip Mukherjee 3e3397e7b1 net: mv643xx_eth: fix build failure 
The build of sparc allmodconfig fails with the error:
"of_irq_to_resource" [drivers/net/ethernet/marvell/mv643xx_eth.ko]
	undefined!

of_irq_to_resource() is defined when CONFIG_OF_IRQ is defined. And also
CONFIG_OF_IRQ can only be defined if CONFIG_IRQ is defined. So we can
safely use #if defined(CONFIG_OF_IRQ) in the code.

Signed-off-by: Sudip Mukherjee <sudip.mukherjee@codethink.co.uk>
Signed-off-by: David S. Miller <davem@davemloft.net>
 2016-12-17 21:47:26 -05:00
Emese Revfy a6b3c48312 isdn: Constify some function parameters 
The coming initify gcc plugin expects const pointer types, and caught
some __printf arguments that weren't const yet. This fixes those.

Signed-off-by: Emese Revfy <re.emese@gmail.com>
[kees: expanded commit message]
Signed-off-by: Kees Cook <keescook@chromium.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
 2016-12-17 21:46:35 -05:00
Ido Schimmel 9a60c90722 mlxsw: spectrum: Mark split ports as such 
When a port is split we should mark it as such, as otherwise the split
ports aren't renamed correctly (e.g. sw1p3 -> sw1p3s1) and the unsplit
operation fails:

$ devlink port split sw1p3 count 4
$ devlink port unsplit eth0
devlink answers: Invalid argument
[  598.565307] mlxsw_spectrum 0000:03:00.0 eth0: Port wasn't split

Fixes: 67963a33b4 ("mlxsw: Make devlink port instances independent of spectrum/switchx2 port instances")
Signed-off-by: Ido Schimmel <idosch@mellanox.com>
Reported-by: Tamir Winetroub <tamirw@mellanox.com>
Reviewed-by: Elad Raz <eladr@mellanox.com>
Tested-by: Tamir Winetroub <tamirw@mellanox.com>
Signed-off-by: Jiri Pirko <jiri@mellanox.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
 2016-12-17 21:44:51 -05:00
Linus Torvalds 0110c350c8 Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 
Pull more vfs updates from Al Viro:
 "In this pile:

   - autofs-namespace series
   - dedupe stuff
   - more struct path constification"

* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs: (40 commits)
  ocfs2: implement the VFS clone_range, copy_range, and dedupe_range features
  ocfs2: charge quota for reflinked blocks
  ocfs2: fix bad pointer cast
  ocfs2: always unlock when completing dio writes
  ocfs2: don't eat io errors during _dio_end_io_write
  ocfs2: budget for extent tree splits when adding refcount flag
  ocfs2: prohibit refcounted swapfiles
  ocfs2: add newlines to some error messages
  ocfs2: convert inode refcount test to a helper
  simple_write_end(): don't zero in short copy into uptodate
  exofs: don't mess with simple_write_{begin,end}
  9p: saner ->write_end() on failing copy into non-uptodate page
  fix gfs2_stuffed_write_end() on short copies
  fix ceph_write_end()
  nfs_write_end(): fix handling of short copies
  vfs: refactor clone/dedupe_file_range common functions
  fs: try to clone files first in vfs_copy_file_range
  vfs: misc struct path constification
  namespace.c: constify struct path passed to a bunch of primitives
  quota: constify struct path in quota_on
  ...
 2016-12-17 18:44:00 -08:00
Andy Lutomirski 483c4933ea cgroup: Fix CGROUP_BPF config 
CGROUP_BPF depended on SOCK_CGROUP_DATA which can't be manually
enabled, making it rather challenging to turn CGROUP_BPF on.

Signed-off-by: Andy Lutomirski <luto@kernel.org>
Acked-by: Alexei Starovoitov <ast@kernel.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
 2016-12-17 21:42:45 -05:00
David S. Miller 67a72a5891 Merge tag 'mac80211-for-davem-2016-12-16' of git://git.kernel.org/pub/scm/linux/kernel/git/jberg/mac80211 
Johannes Berg says:

====================
Three fixes:
 * avoid a WARN_ON() when trying to use WEP with AP_VLANs
 * ensure enough headroom on mesh forwarding packets
 * don't report unknown/invalid rates to userspace
====================

Signed-off-by: David S. Miller <davem@davemloft.net>
 2016-12-17 21:41:33 -05:00
Arnd Bergmann 7729bad4fd qed: fix old-style function definition 
The newly added file causes a harmless warning, with "make W=1":

drivers/net/ethernet/qlogic/qed/qed_iscsi.c: In function 'qed_get_iscsi_ops':
drivers/net/ethernet/qlogic/qed/qed_iscsi.c:1268:29: warning: old-style function definition [-Wold-style-definition]

This makes it a proper prototype.

Fixes: fc831825f9 ("qed: Add support for hardware offloaded iSCSI.")
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Reviewed-by: Johannes Thumshirn <jthumshirn@suse.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
 2016-12-17 21:37:41 -05:00
Mantas M c2ed1880fd net: ipv6: check route protocol when deleting routes 
The protocol field is checked when deleting IPv4 routes, but ignored for
IPv6, which causes problems with routing daemons accidentally deleting
externally set routes (observed by multiple bird6 users).

This can be verified using `ip -6 route del <prefix> proto something`.

Signed-off-by: Mantas MikulÄ—nas <grawity@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
 2016-12-17 21:37:06 -05:00
Manuel Bessler c762eaa777 r6040: move spinlock in r6040_close as SOFTIRQ-unsafe lock order detected 
'ifconfig eth0 down' makes r6040_close() trigger:
 INFO: HARDIRQ-safe -> HARDIRQ-unsafe lock order detected

Fixed by moving calls to phy_stop(), napi_disable(), netif_stop_queue()
to outside of the module's private spin_lock_irq block.

Found on a Versalogic Tomcat SBC with a Vortex86 SoC

s1660e_5150:~# sudo ifconfig eth0 down
[   61.306415] ======================================================
[   61.306415] [ INFO: SOFTIRQ-safe -> SOFTIRQ-unsafe lock order detected ]
[   61.306415] 4.9.0-gb898d2d-manuel #1 Not tainted
[   61.306415] ------------------------------------------------------
[   61.306415] ifconfig/449 [HC0[0]:SC0[0]:HE0:SE1] is trying to acquire:
[   61.306415]  (&dev->lock){+.+...}, at: [<c1336276>] phy_stop+0x16/0x80

[   61.306415] and this task is already holding:
[   61.306415]  (&(&lp->lock)->rlock){+.-...}, at: [<d0934c84>] r6040_close+0x24/0x230 [r6040]
which would create a new lock dependency:
[   61.306415]  (&(&lp->lock)->rlock){+.-...} -> (&dev->lock){+.+...}

[   61.306415] but this new dependency connects a SOFTIRQ-irq-safe lock:
[   61.306415]  (&(&lp->lock)->rlock){+.-...}
[   61.306415] ... which became SOFTIRQ-irq-safe at:
[   61.306415]   [   61.306415] [<c1075bc5>] __lock_acquire+0x555/0x1770
[   61.306415]   [   61.306415] [<c107717c>] lock_acquire+0x7c/0x150
[   61.306415]   [   61.306415] [<c14bb334>] _raw_spin_lock_irqsave+0x24/0x40
[   61.306415]   [   61.306415] [<d0934ac0>] r6040_start_xmit+0x30/0x1d0 [r6040]
[   61.306415]   [   61.306415] [<c13a7d4d>] dev_hard_start_xmit+0x9d/0x2d0
[   61.306415]   [   61.306415] [<c13c8a38>] sch_direct_xmit+0xa8/0x140
[   61.306415]   [   61.306415] [<c13a8436>] __dev_queue_xmit+0x416/0x780
[   61.306415]   [   61.306415] [<c13a87aa>] dev_queue_xmit+0xa/0x10
[   61.306415]   [   61.306415] [<c13b4837>] neigh_resolve_output+0x147/0x220
[   61.306415]   [   61.306415] [<c144541b>] ip6_finish_output2+0x2fb/0x910
[   61.306415]   [   61.306415] [<c14494e6>] ip6_finish_output+0xa6/0x1a0
[   61.306415]   [   61.306415] [<c1449635>] ip6_output+0x55/0x320
[   61.306415]   [   61.306415] [<c146f4d2>] mld_sendpack+0x352/0x560
[   61.306415]   [   61.306415] [<c146fe55>] mld_ifc_timer_expire+0x155/0x280
[   61.306415]   [   61.306415] [<c108b081>] call_timer_fn+0x81/0x270
[   61.306415]   [   61.306415] [<c108b331>] expire_timers+0xc1/0x180
[   61.306415]   [   61.306415] [<c108b4f7>] run_timer_softirq+0x77/0x150
[   61.306415]   [   61.306415] [<c1043d04>] __do_softirq+0xb4/0x3d0
[   61.306415]   [   61.306415] [<c101a15c>] do_softirq_own_stack+0x1c/0x30
[   61.306415]   [   61.306415] [<c104416e>] irq_exit+0x8e/0xa0
[   61.306415]   [   61.306415] [<c1019d31>] do_IRQ+0x51/0x100
[   61.306415]   [   61.306415] [<c14bc176>] common_interrupt+0x36/0x40
[   61.306415]   [   61.306415] [<c1134928>] set_root+0x68/0xf0
[   61.306415]   [   61.306415] [<c1136120>] path_init+0x400/0x640
[   61.306415]   [   61.306415] [<c11386bf>] path_lookupat+0xf/0xe0
[   61.306415]   [   61.306415] [<c1139ebc>] filename_lookup+0x6c/0x100
[   61.306415]   [   61.306415] [<c1139fd5>] user_path_at_empty+0x25/0x30
[   61.306415]   [   61.306415] [<c11298c6>] SyS_faccessat+0x86/0x1e0
[   61.306415]   [   61.306415] [<c1129a30>] SyS_access+0x10/0x20
[   61.306415]   [   61.306415] [<c100179f>] do_int80_syscall_32+0x3f/0x110
[   61.306415]   [   61.306415] [<c14bba3f>] restore_all+0x0/0x61
[   61.306415]
[   61.306415] to a SOFTIRQ-irq-unsafe lock:
[   61.306415]  (&dev->lock){+.+...}
[   61.306415] ... which became SOFTIRQ-irq-unsafe at:
[   61.306415] ...[   61.306415]
[   61.306415] [<c1075c0c>] __lock_acquire+0x59c/0x1770
[   61.306415]   [   61.306415] [<c107717c>] lock_acquire+0x7c/0x150
[   61.306415]   [   61.306415] [<c14b7add>] mutex_lock_nested+0x2d/0x4a0
[   61.306415]   [   61.306415] [<c133747d>] phy_probe+0x4d/0xc0
[   61.306415]   [   61.306415] [<c1338afe>] phy_attach_direct+0xbe/0x190
[   61.306415]   [   61.306415] [<c1338ca7>] phy_connect_direct+0x17/0x60
[   61.306415]   [   61.306415] [<c1338d23>] phy_connect+0x33/0x70
[   61.306415]   [   61.306415] [<d09357a0>] r6040_init_one+0x3a0/0x500 [r6040]
[   61.306415]   [   61.306415] [<c12a78c7>] pci_device_probe+0x77/0xd0
[   61.306415]   [   61.306415] [<c12f5e15>] driver_probe_device+0x145/0x280
[   61.306415]   [   61.306415] [<c12f5fd9>] __driver_attach+0x89/0x90
[   61.306415]   [   61.306415] [<c12f43ef>] bus_for_each_dev+0x4f/0x80
[   61.306415]   [   61.306415] [<c12f5954>] driver_attach+0x14/0x20
[   61.306415]   [   61.306415] [<c12f55b7>] bus_add_driver+0x197/0x210
[   61.306415]   [   61.306415] [<c12f6a21>] driver_register+0x51/0xd0
[   61.306415]   [   61.306415] [<c12a6955>] __pci_register_driver+0x45/0x50
[   61.306415]   [   61.306415] [<d0938017>] 0xd0938017
[   61.306415]   [   61.306415] [<c100043f>] do_one_initcall+0x2f/0x140
[   61.306415]   [   61.306415] [<c10e48c0>] do_init_module+0x4a/0x19b
[   61.306415]   [   61.306415] [<c10a680e>] load_module+0x1b2e/0x2070
[   61.306415]   [   61.306415] [<c10a6eb9>] SyS_finit_module+0x69/0x80
[   61.306415]   [   61.306415] [<c100179f>] do_int80_syscall_32+0x3f/0x110
[   61.306415]   [   61.306415] [<c14bba3f>] restore_all+0x0/0x61
[   61.306415]
[   61.306415] other info that might help us debug this:
[   61.306415]
[   61.306415]  Possible interrupt unsafe locking scenario:
[   61.306415]
[   61.306415]        CPU0                    CPU1
[   61.306415]        ----                    ----
[   61.306415]   lock(&dev->lock);
[   61.306415]                                local_irq_disable();
[   61.306415]                                lock(&(&lp->lock)->rlock);
[   61.306415]                                lock(&dev->lock);
[   61.306415]   <Interrupt>
[   61.306415]     lock(&(&lp->lock)->rlock);
[   61.306415]
[   61.306415]  *** DEADLOCK ***
[   61.306415]
[   61.306415] 2 locks held by ifconfig/449:
[   61.306415]  #0:  (rtnl_mutex){+.+.+.}, at: [<c13b68ef>] rtnl_lock+0xf/0x20
[   61.306415]  #1:  (&(&lp->lock)->rlock){+.-...}, at: [<d0934c84>] r6040_close+0x24/0x230 [r6040]
[   61.306415]
[   61.306415] the dependencies between SOFTIRQ-irq-safe lock and the holding lock:
[   61.306415] -> (&(&lp->lock)->rlock){+.-...} ops: 3049 {
[   61.306415]    HARDIRQ-ON-W at:
[   61.306415]                     [   61.306415] [<c1075be7>] __lock_acquire+0x577/0x1770
[   61.306415]                     [   61.306415] [<c107717c>] lock_acquire+0x7c/0x150
[   61.306415]                     [   61.306415] [<c14bb21b>] _raw_spin_lock+0x1b/0x30
[   61.306415]                     [   61.306415] [<d09343cc>] r6040_poll+0x2c/0x330 [r6040]
[   61.306415]                     [   61.306415] [<c13a5577>] net_rx_action+0x197/0x340
[   61.306415]                     [   61.306415] [<c1043d04>] __do_softirq+0xb4/0x3d0
[   61.306415]                     [   61.306415] [<c1044037>] run_ksoftirqd+0x17/0x40
[   61.306415]                     [   61.306415] [<c105fe91>] smpboot_thread_fn+0x141/0x180
[   61.306415]                     [   61.306415] [<c105c84e>] kthread+0xde/0x110
[   61.306415]                     [   61.306415] [<c14bb949>] ret_from_fork+0x19/0x30
[   61.306415]    IN-SOFTIRQ-W at:
[   61.306415]                     [   61.306415] [<c1075bc5>] __lock_acquire+0x555/0x1770
[   61.306415]                     [   61.306415] [<c107717c>] lock_acquire+0x7c/0x150
[   61.306415]                     [   61.306415] [<c14bb334>] _raw_spin_lock_irqsave+0x24/0x40
[   61.306415]                     [   61.306415] [<d0934ac0>] r6040_start_xmit+0x30/0x1d0 [r6040]
[   61.306415]                     [   61.306415] [<c13a7d4d>] dev_hard_start_xmit+0x9d/0x2d0
[   61.306415]                     [   61.306415] [<c13c8a38>] sch_direct_xmit+0xa8/0x140
[   61.306415]                     [   61.306415] [<c13a8436>] __dev_queue_xmit+0x416/0x780
[   61.306415]                     [   61.306415] [<c13a87aa>] dev_queue_xmit+0xa/0x10
[   61.306415]                     [   61.306415] [<c13b4837>] neigh_resolve_output+0x147/0x220
[   61.306415]                     [   61.306415] [<c144541b>] ip6_finish_output2+0x2fb/0x910
[   61.306415]                     [   61.306415] [<c14494e6>] ip6_finish_output+0xa6/0x1a0
[   61.306415]                     [   61.306415] [<c1449635>] ip6_output+0x55/0x320
[   61.306415]                     [   61.306415] [<c146f4d2>] mld_sendpack+0x352/0x560
[   61.306415]                     [   61.306415] [<c146fe55>] mld_ifc_timer_expire+0x155/0x280
[   61.306415]                     [   61.306415] [<c108b081>] call_timer_fn+0x81/0x270
[   61.306415]                     [   61.306415] [<c108b331>] expire_timers+0xc1/0x180
[   61.306415]                     [   61.306415] [<c108b4f7>] run_timer_softirq+0x77/0x150
[   61.306415]                     [   61.306415] [<c1043d04>] __do_softirq+0xb4/0x3d0
[   61.306415]                     [   61.306415] [<c101a15c>] do_softirq_own_stack+0x1c/0x30
[   61.306415]                     [   61.306415] [<c104416e>] irq_exit+0x8e/0xa0
[   61.306415]                     [   61.306415] [<c1019d31>] do_IRQ+0x51/0x100
[   61.306415]                     [   61.306415] [<c14bc176>] common_interrupt+0x36/0x40
[   61.306415]                     [   61.306415] [<c1134928>] set_root+0x68/0xf0
[   61.306415]                     [   61.306415] [<c1136120>] path_init+0x400/0x640
[   61.306415]                     [   61.306415] [<c11386bf>] path_lookupat+0xf/0xe0
[   61.306415]                     [   61.306415] [<c1139ebc>] filename_lookup+0x6c/0x100
[   61.306415]                     [   61.306415] [<c1139fd5>] user_path_at_empty+0x25/0x30
[   61.306415]                     [   61.306415] [<c11298c6>] SyS_faccessat+0x86/0x1e0
[   61.306415]                     [   61.306415] [<c1129a30>] SyS_access+0x10/0x20
[   61.306415]                     [   61.306415] [<c100179f>] do_int80_syscall_32+0x3f/0x110
[   61.306415]                     [   61.306415] [<c14bba3f>] restore_all+0x0/0x61
[   61.306415]    INITIAL USE at:
[   61.306415]                    [   61.306415] [<c107586e>] __lock_acquire+0x1fe/0x1770
[   61.306415]                    [   61.306415] [<c107717c>] lock_acquire+0x7c/0x150
[   61.306415]                    [   61.306415] [<c14bb334>] _raw_spin_lock_irqsave+0x24/0x40
[   61.306415]                    [   61.306415] [<d093474e>] r6040_get_stats+0x1e/0x60 [r6040]
[   61.306415]                    [   61.306415] [<c139fb16>] dev_get_stats+0x96/0xc0
[   61.306415]                    [   61.306415] [<c14b416e>] rtnl_fill_stats+0x36/0xfd
[   61.306415]                    [   61.306415] [<c13b7b3c>] rtnl_fill_ifinfo+0x47c/0xce0
[   61.306415]                    [   61.306415] [<c13bc08e>] rtmsg_ifinfo_build_skb+0x4e/0xd0
[   61.306415]                    [   61.306415] [<c13bc120>] rtmsg_ifinfo.part.20+0x10/0x40
[   61.306415]                    [   61.306415] [<c13bc16b>] rtmsg_ifinfo+0x1b/0x20
[   61.306415]                    [   61.306415] [<c13a9d19>] register_netdevice+0x409/0x550
[   61.306415]                    [   61.306415] [<c13a9e72>] register_netdev+0x12/0x20
[   61.306415]                    [   61.306415] [<d09357e8>] r6040_init_one+0x3e8/0x500 [r6040]
[   61.306415]                    [   61.306415] [<c12a78c7>] pci_device_probe+0x77/0xd0
[   61.306415]                    [   61.306415] [<c12f5e15>] driver_probe_device+0x145/0x280
[   61.306415]                    [   61.306415] [<c12f5fd9>] __driver_attach+0x89/0x90
[   61.306415]                    [   61.306415] [<c12f43ef>] bus_for_each_dev+0x4f/0x80
[   61.306415]                    [   61.306415] [<c12f5954>] driver_attach+0x14/0x20
[   61.306415]                    [   61.306415] [<c12f55b7>] bus_add_driver+0x197/0x210
[   61.306415]                    [   61.306415] [<c12f6a21>] driver_register+0x51/0xd0
[   61.306415]                    [   61.306415] [<c12a6955>] __pci_register_driver+0x45/0x50
[   61.306415]                    [   61.306415] [<d0938017>] 0xd0938017
[   61.306415]                    [   61.306415] [<c100043f>] do_one_initcall+0x2f/0x140
[   61.306415]                    [   61.306415] [<c10e48c0>] do_init_module+0x4a/0x19b
[   61.306415]                    [   61.306415] [<c10a680e>] load_module+0x1b2e/0x2070
[   61.306415]                    [   61.306415] [<c10a6eb9>] SyS_finit_module+0x69/0x80
[   61.306415]                    [   61.306415] [<c100179f>] do_int80_syscall_32+0x3f/0x110
[   61.306415]                    [   61.306415] [<c14bba3f>] restore_all+0x0/0x61
[   61.306415]  }
[   61.306415]  ... key      at: [<d0936280>] __key.45893+0x0/0xfffff739 [r6040]
[   61.306415]  ... acquired at:
[   61.306415]    [   61.306415] [<c1074a32>] check_irq_usage+0x42/0xb0
[   61.306415]    [   61.306415] [<c107677c>] __lock_acquire+0x110c/0x1770
[   61.306415]    [   61.306415] [<c107717c>] lock_acquire+0x7c/0x150
[   61.306415]    [   61.306415] [<c14b7add>] mutex_lock_nested+0x2d/0x4a0
[   61.306415]    [   61.306415] [<c1336276>] phy_stop+0x16/0x80
[   61.306415]    [   61.306415] [<d0934ce9>] r6040_close+0x89/0x230 [r6040]
[   61.306415]    [   61.306415] [<c13a0a91>] __dev_close_many+0x61/0xa0
[   61.306415]    [   61.306415] [<c13a0bbf>] __dev_close+0x1f/0x30
[   61.306415]    [   61.306415] [<c13a9127>] __dev_change_flags+0x87/0x150
[   61.306415]    [   61.306415] [<c13a9213>] dev_change_flags+0x23/0x60
[   61.306415]    [   61.306415] [<c1416238>] devinet_ioctl+0x5f8/0x6f0
[   61.306415]    [   61.306415] [<c1417f75>] inet_ioctl+0x65/0x90
[   61.306415]    [   61.306415] [<c1389b54>] sock_ioctl+0x124/0x2b0
[   61.306415]    [   61.306415] [<c113cf7c>] do_vfs_ioctl+0x7c/0x790
[   61.306415]    [   61.306415] [<c113d6b8>] SyS_ioctl+0x28/0x50
[   61.306415]    [   61.306415] [<c100179f>] do_int80_syscall_32+0x3f/0x110
[   61.306415]    [   61.306415] [<c14bba3f>] restore_all+0x0/0x61
[   61.306415]
[   61.306415]
the dependencies between the lock to be acquired[   61.306415]  and SOFTIRQ-irq-unsafe lock:
[   61.306415] -> (&dev->lock){+.+...} ops: 56 {
[   61.306415]    HARDIRQ-ON-W at:
[   61.306415]                     [   61.306415] [<c1075be7>] __lock_acquire+0x577/0x1770
[   61.306415]                     [   61.306415] [<c107717c>] lock_acquire+0x7c/0x150
[   61.306415]                     [   61.306415] [<c14b7add>] mutex_lock_nested+0x2d/0x4a0
[   61.306415]                     [   61.306415] [<c133747d>] phy_probe+0x4d/0xc0
[   61.306415]                     [   61.306415] [<c1338afe>] phy_attach_direct+0xbe/0x190
[   61.306415]                     [   61.306415] [<c1338ca7>] phy_connect_direct+0x17/0x60
[   61.306415]                     [   61.306415] [<c1338d23>] phy_connect+0x33/0x70
[   61.306415]                     [   61.306415] [<d09357a0>] r6040_init_one+0x3a0/0x500 [r6040]
[   61.306415]                     [   61.306415] [<c12a78c7>] pci_device_probe+0x77/0xd0
[   61.306415]                     [   61.306415] [<c12f5e15>] driver_probe_device+0x145/0x280
[   61.306415]                     [   61.306415] [<c12f5fd9>] __driver_attach+0x89/0x90
[   61.306415]                     [   61.306415] [<c12f43ef>] bus_for_each_dev+0x4f/0x80
[   61.306415]                     [   61.306415] [<c12f5954>] driver_attach+0x14/0x20
[   61.306415]                     [   61.306415] [<c12f55b7>] bus_add_driver+0x197/0x210
[   61.306415]                     [   61.306415] [<c12f6a21>] driver_register+0x51/0xd0
[   61.306415]                     [   61.306415] [<c12a6955>] __pci_register_driver+0x45/0x50
[   61.306415]                     [   61.306415] [<d0938017>] 0xd0938017
[   61.306415]                     [   61.306415] [<c100043f>] do_one_initcall+0x2f/0x140
[   61.306415]                     [   61.306415] [<c10e48c0>] do_init_module+0x4a/0x19b
[   61.306415]                     [   61.306415] [<c10a680e>] load_module+0x1b2e/0x2070
[   61.306415]                     [   61.306415] [<c10a6eb9>] SyS_finit_module+0x69/0x80
[   61.306415]                     [   61.306415] [<c100179f>] do_int80_syscall_32+0x3f/0x110
[   61.306415]                     [   61.306415] [<c14bba3f>] restore_all+0x0/0x61
[   61.306415]    SOFTIRQ-ON-W at:
[   61.306415]                     [   61.306415] [<c1075c0c>] __lock_acquire+0x59c/0x1770
[   61.306415]                     [   61.306415] [<c107717c>] lock_acquire+0x7c/0x150
[   61.306415]                     [   61.306415] [<c14b7add>] mutex_lock_nested+0x2d/0x4a0
[   61.306415]                     [   61.306415] [<c133747d>] phy_probe+0x4d/0xc0
[   61.306415]                     [   61.306415] [<c1338afe>] phy_attach_direct+0xbe/0x190
[   61.306415]                     [   61.306415] [<c1338ca7>] phy_connect_direct+0x17/0x60
[   61.306415]                     [   61.306415] [<c1338d23>] phy_connect+0x33/0x70
[   61.306415]                     [   61.306415] [<d09357a0>] r6040_init_one+0x3a0/0x500 [r6040]
[   61.306415]                     [   61.306415] [<c12a78c7>] pci_device_probe+0x77/0xd0
[   61.306415]                     [   61.306415] [<c12f5e15>] driver_probe_device+0x145/0x280
[   61.306415]                     [   61.306415] [<c12f5fd9>] __driver_attach+0x89/0x90
[   61.306415]                     [   61.306415] [<c12f43ef>] bus_for_each_dev+0x4f/0x80
[   61.306415]                     [   61.306415] [<c12f5954>] driver_attach+0x14/0x20
[   61.306415]                     [   61.306415] [<c12f55b7>] bus_add_driver+0x197/0x210
[   61.306415]                     [   61.306415] [<c12f6a21>] driver_register+0x51/0xd0
[   61.306415]                     [   61.306415] [<c12a6955>] __pci_register_driver+0x45/0x50
[   61.306415]                     [   61.306415] [<d0938017>] 0xd0938017
[   61.306415]                     [   61.306415] [<c100043f>] do_one_initcall+0x2f/0x140
[   61.306415]                     [   61.306415] [<c10e48c0>] do_init_module+0x4a/0x19b
[   61.306415]                     [   61.306415] [<c10a680e>] load_module+0x1b2e/0x2070
[   61.306415]                     [   61.306415] [<c10a6eb9>] SyS_finit_module+0x69/0x80
[   61.306415]                     [   61.306415] [<c100179f>] do_int80_syscall_32+0x3f/0x110
[   61.306415]                     [   61.306415] [<c14bba3f>] restore_all+0x0/0x61
[   61.306415]    INITIAL USE at:
[   61.306415]                    [   61.306415] [<c107586e>] __lock_acquire+0x1fe/0x1770
[   61.306415]                    [   61.306415] [<c107717c>] lock_acquire+0x7c/0x150
[   61.306415]                    [   61.306415] [<c14b7add>] mutex_lock_nested+0x2d/0x4a0
[   61.306415]                    [   61.306415] [<c133747d>] phy_probe+0x4d/0xc0
[   61.306415]                    [   61.306415] [<c1338afe>] phy_attach_direct+0xbe/0x190
[   61.306415]                    [   61.306415] [<c1338ca7>] phy_connect_direct+0x17/0x60
[   61.306415]                    [   61.306415] [<c1338d23>] phy_connect+0x33/0x70
[   61.306415]                    [   61.306415] [<d09357a0>] r6040_init_one+0x3a0/0x500 [r6040]
[   61.306415]                    [   61.306415] [<c12a78c7>] pci_device_probe+0x77/0xd0
[   61.306415]                    [   61.306415] [<c12f5e15>] driver_probe_device+0x145/0x280
[   61.306415]                    [   61.306415] [<c12f5fd9>] __driver_attach+0x89/0x90
[   61.306415]                    [   61.306415] [<c12f43ef>] bus_for_each_dev+0x4f/0x80
[   61.306415]                    [   61.306415] [<c12f5954>] driver_attach+0x14/0x20
[   61.306415]                    [   61.306415] [<c12f55b7>] bus_add_driver+0x197/0x210
[   61.306415]                    [   61.306415] [<c12f6a21>] driver_register+0x51/0xd0
[   61.306415]                    [   61.306415] [<c12a6955>] __pci_register_driver+0x45/0x50
[   61.306415]                    [   61.306415] [<d0938017>] 0xd0938017
[   61.306415]                    [   61.306415] [<c100043f>] do_one_initcall+0x2f/0x140
[   61.306415]                    [   61.306415] [<c10e48c0>] do_init_module+0x4a/0x19b
[   61.306415]                    [   61.306415] [<c10a680e>] load_module+0x1b2e/0x2070
[   61.306415]                    [   61.306415] [<c10a6eb9>] SyS_finit_module+0x69/0x80
[   61.306415]                    [   61.306415] [<c100179f>] do_int80_syscall_32+0x3f/0x110
[   61.306415]                    [   61.306415] [<c14bba3f>] restore_all+0x0/0x61
[   61.306415]  }
[   61.306415]  ... key      at: [<c1f28f39>] __key.43998+0x0/0x8
[   61.306415]  ... acquired at:
[   61.306415]    [   61.306415] [<c1074a32>] check_irq_usage+0x42/0xb0
[   61.306415]    [   61.306415] [<c107677c>] __lock_acquire+0x110c/0x1770
[   61.306415]    [   61.306415] [<c107717c>] lock_acquire+0x7c/0x150
[   61.306415]    [   61.306415] [<c14b7add>] mutex_lock_nested+0x2d/0x4a0
[   61.306415]    [   61.306415] [<c1336276>] phy_stop+0x16/0x80
[   61.306415]    [   61.306415] [<d0934ce9>] r6040_close+0x89/0x230 [r6040]
[   61.306415]    [   61.306415] [<c13a0a91>] __dev_close_many+0x61/0xa0
[   61.306415]    [   61.306415] [<c13a0bbf>] __dev_close+0x1f/0x30
[   61.306415]    [   61.306415] [<c13a9127>] __dev_change_flags+0x87/0x150
[   61.306415]    [   61.306415] [<c13a9213>] dev_change_flags+0x23/0x60
[   61.306415]    [   61.306415] [<c1416238>] devinet_ioctl+0x5f8/0x6f0
[   61.306415]    [   61.306415] [<c1417f75>] inet_ioctl+0x65/0x90
[   61.306415]    [   61.306415] [<c1389b54>] sock_ioctl+0x124/0x2b0
[   61.306415]    [   61.306415] [<c113cf7c>] do_vfs_ioctl+0x7c/0x790
[   61.306415]    [   61.306415] [<c113d6b8>] SyS_ioctl+0x28/0x50
[   61.306415]    [   61.306415] [<c100179f>] do_int80_syscall_32+0x3f/0x110
[   61.306415]    [   61.306415] [<c14bba3f>] restore_all+0x0/0x61
[   61.306415]
[   61.306415]
[   61.306415] stack backtrace:
[   61.306415] CPU: 0 PID: 449 Comm: ifconfig Not tainted 4.9.0-gb898d2d-manuel #1
[   61.306415] Call Trace:
[   61.306415]  dump_stack+0x16/0x19
[   61.306415]  check_usage+0x3f6/0x550
[   61.306415]  ? check_usage+0x4d/0x550
[   61.306415]  check_irq_usage+0x42/0xb0
[   61.306415]  __lock_acquire+0x110c/0x1770
[   61.306415]  lock_acquire+0x7c/0x150
[   61.306415]  ? phy_stop+0x16/0x80
[   61.306415]  mutex_lock_nested+0x2d/0x4a0
[   61.306415]  ? phy_stop+0x16/0x80
[   61.306415]  ? r6040_close+0x24/0x230 [r6040]
[   61.306415]  ? __delay+0x9/0x10
[   61.306415]  phy_stop+0x16/0x80
[   61.306415]  r6040_close+0x89/0x230 [r6040]
[   61.306415]  __dev_close_many+0x61/0xa0
[   61.306415]  __dev_close+0x1f/0x30
[   61.306415]  __dev_change_flags+0x87/0x150
[   61.306415]  dev_change_flags+0x23/0x60
[   61.306415]  devinet_ioctl+0x5f8/0x6f0
[   61.306415]  inet_ioctl+0x65/0x90
[   61.306415]  sock_ioctl+0x124/0x2b0
[   61.306415]  ? dlci_ioctl_set+0x30/0x30
[   61.306415]  do_vfs_ioctl+0x7c/0x790
[   61.306415]  ? trace_hardirqs_on+0xb/0x10
[   61.306415]  ? call_rcu_sched+0xd/0x10
[   61.306415]  ? __put_cred+0x32/0x50
[   61.306415]  ? SyS_faccessat+0x178/0x1e0
[   61.306415]  SyS_ioctl+0x28/0x50
[   61.306415]  do_int80_syscall_32+0x3f/0x110
[   61.306415]  entry_INT80_32+0x2f/0x2f
[   61.306415] EIP: 0xb764d364
[   61.306415] EFLAGS: 00000286 CPU: 0
[   61.306415] EAX: ffffffda EBX: 00000004 ECX: 00008914 EDX: bfa99d7c
[   61.306415] ESI: bfa99e4c EDI: fffffffe EBP: 00000004 ESP: bfa99d58
[   61.306415]  DS: 007b ES: 007b FS: 0000 GS: 0033 SS: 007b
[   63.836607] r6040 0000:00:08.0 eth0: Link is Down

Signed-off-by: Manuel Bessler <manuel.bessler@sensus.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
 2016-12-17 21:35:12 -05:00
Dan Carpenter 3a7f0762a6 irda: w83977af_ir: cleanup an indent issue 
In commit 99d8d2159d ("irda: w83977af_ir: Neaten logging"), we
accidentally added an extra tab to these lines.

Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
 2016-12-17 21:32:58 -05:00
Philippe Reynes 7cafe8f824 net: sfc: use new api ethtool_{get|set}_link_ksettings 
The ethtool api {get|set}_settings is deprecated.
We move this driver to new api {get|set}_link_ksettings.

Signed-off-by: Philippe Reynes <tremyfr@gmail.com>
Tested-by: Bert Kenward <bkenward@solarflare.com>
Acked-by: Bert Kenward <bkenward@solarflare.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
 2016-12-17 21:31:41 -05:00
Philippe Reynes 99bff5ee44 net: davicom: dm9000: use new api ethtool_{get|set}_link_ksettings 
The ethtool api {get|set}_settings is deprecated.
We move this driver to new api {get|set}_link_ksettings.

Signed-off-by: Philippe Reynes <tremyfr@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
 2016-12-17 21:31:41 -05:00
Philippe Reynes 93dfe6c290 net: cirrus: ep93xx: use new api ethtool_{get|set}_link_ksettings 
The ethtool api {get|set}_settings is deprecated.
We move this driver to new api {get|set}_link_ksettings.

Signed-off-by: Philippe Reynes <tremyfr@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
 2016-12-17 21:31:41 -05:00
Philippe Reynes b7b44fd23e net: chelsio: cxgb3: use new api ethtool_{get|set}_link_ksettings 
The ethtool api {get|set}_settings is deprecated.
We move this driver to new api {get|set}_link_ksettings.

Signed-off-by: Philippe Reynes <tremyfr@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
 2016-12-17 21:31:41 -05:00
Philippe Reynes 49cad93909 net: chelsio: cxgb2: use new api ethtool_{get|set}_link_ksettings 
The ethtool api {get|set}_settings is deprecated.
We move this driver to new api {get|set}_link_ksettings.

Signed-off-by: Philippe Reynes <tremyfr@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
 2016-12-17 21:31:41 -05:00
David S. Miller 6219d05506 Merge branch 'bpf-fixes' 
Daniel Borkmann says:

====================
Couple of BPF fixes

This set contains three BPF fixes for net, one that addresses the
complaint from Geert wrt static allocations, and the other is a fix
wrt mem accounting that I found recently during testing and there's
still one more fix on the map value marking.

Thanks!

v1 -> v2:
  - Patch 1 as is.
  - Fixed kbuild bot issue by letting charging helpers stay in the
    syscall.c, since there locked_vm is valid and only export the
    ones needed by bpf_prog_realloc(). Add empty stubs in case the
    bpf syscall is not enabled.
  - Added patch 3 that addresses one more issue in map val marking.
====================

Signed-off-by: David S. Miller <davem@davemloft.net>
 2016-12-17 21:27:45 -05:00
Daniel Borkmann 6760bf2ddd bpf: fix mark_reg_unknown_value for spilled regs on map value marking 
Martin reported a verifier issue that hit the BUG_ON() for his
test case in the mark_reg_unknown_value() function:

  [  202.861380] kernel BUG at kernel/bpf/verifier.c:467!
  [...]
  [  203.291109] Call Trace:
  [  203.296501]  [<ffffffff811364d5>] mark_map_reg+0x45/0x50
  [  203.308225]  [<ffffffff81136558>] mark_map_regs+0x78/0x90
  [  203.320140]  [<ffffffff8113938d>] do_check+0x226d/0x2c90
  [  203.331865]  [<ffffffff8113a6ab>] bpf_check+0x48b/0x780
  [  203.343403]  [<ffffffff81134c8e>] bpf_prog_load+0x27e/0x440
  [  203.355705]  [<ffffffff8118a38f>] ? handle_mm_fault+0x11af/0x1230
  [  203.369158]  [<ffffffff812d8188>] ? security_capable+0x48/0x60
  [  203.382035]  [<ffffffff811351a4>] SyS_bpf+0x124/0x960
  [  203.393185]  [<ffffffff810515f6>] ? __do_page_fault+0x276/0x490
  [  203.406258]  [<ffffffff816db320>] entry_SYSCALL_64_fastpath+0x13/0x94

This issue got uncovered after the fix in a08dd0da53 ("bpf: fix
regression on verifier pruning wrt map lookups"). The reason why it
wasn't noticed before was, because as mentioned in a08dd0da53,
mark_map_regs() was doing the id matching incorrectly based on the
uncached regs[regno].id. So, in the first loop, we walked all regs
and as soon as we found regno == i, then this reg's id was cleared
when calling mark_reg_unknown_value() thus that every subsequent
register was probed against id of 0 (which, in combination with the
PTR_TO_MAP_VALUE_OR_NULL type is an invalid condition that no other
register state can hold), and therefore wasn't type transitioned such
as in the spilled register case for the second loop.

Now since that got fixed, it turned out that 57a09bf0a4 ("bpf:
Detect identical PTR_TO_MAP_VALUE_OR_NULL registers") used
mark_reg_unknown_value() incorrectly for the spilled regs, and thus
hitting the BUG_ON() in some cases due to regno >= MAX_BPF_REG.

Although spilled regs have the same type as the non-spilled regs
for the verifier state, that is, struct bpf_reg_state, they are
semantically different from the non-spilled regs. In other words,
there can be up to 64 (MAX_BPF_STACK / BPF_REG_SIZE) spilled regs
in the stack, for example, register R<x> could have been spilled by
the program to stack location X, Y, Z, and in mark_map_regs() we
need to scan these stack slots of type STACK_SPILL for potential
registers that we have to transition from PTR_TO_MAP_VALUE_OR_NULL.
Therefore, depending on the location, the spilled_regs regno can
be a lot higher than just MAX_BPF_REG's value since we operate on
stack instead. The reset in mark_reg_unknown_value() itself is
just fine, only that the BUG_ON() was inappropriate for this. Fix
it by making a __mark_reg_unknown_value() version that can be
called from mark_map_reg() generically; we know for the non-spilled
case that the regno is always < MAX_BPF_REG anyway.

Fixes: 57a09bf0a4 ("bpf: Detect identical PTR_TO_MAP_VALUE_OR_NULL registers")
Reported-by: Martin KaFai Lau <kafai@fb.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Acked-by: Alexei Starovoitov <ast@kernel.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
 2016-12-17 21:27:44 -05:00
Daniel Borkmann 5ccb071e97 bpf: fix overflow in prog accounting 
Commit aaac3ba95e ("bpf: charge user for creation of BPF maps and
programs") made a wrong assumption of charging against prog->pages.
Unlike map->pages, prog->pages are still subject to change when we
need to expand the program through bpf_prog_realloc().

This can for example happen during verification stage when we need to
expand and rewrite parts of the program. Should the required space
cross a page boundary, then prog->pages is not the same anymore as
its original value that we used to bpf_prog_charge_memlock() on. Thus,
we'll hit a wrap-around during bpf_prog_uncharge_memlock() when prog
is freed eventually. I noticed this that despite having unlimited
memlock, programs suddenly refused to load with EPERM error due to
insufficient memlock.

There are two ways to fix this issue. One would be to add a cached
variable to struct bpf_prog that takes a snapshot of prog->pages at the
time of charging. The other approach is to also account for resizes. I
chose to go with the latter for a couple of reasons: i) We want accounting
rather to be more accurate instead of further fooling limits, ii) adding
yet another page counter on struct bpf_prog would also be a waste just
for this purpose. We also do want to charge as early as possible to
avoid going into the verifier just to find out later on that we crossed
limits. The only place that needs to be fixed is bpf_prog_realloc(),
since only here we expand the program, so we try to account for the
needed delta and should we fail, call-sites check for outcome anyway.
On cBPF to eBPF migrations, we don't grab a reference to the user as
they are charged differently. With that in place, my test case worked
fine.

Fixes: aaac3ba95e ("bpf: charge user for creation of BPF maps and programs")
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Acked-by: Alexei Starovoitov <ast@kernel.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
 2016-12-17 21:27:44 -05:00