Release linux (4.9.30-1).
-----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEErCspvTSmr92z9o8157/I7JWGEQkFAlkz7vwACgkQ57/I7JWG EQmWdQ//ctWbgUQezu+yi96QR/algQVpsRH/x1oUVnPIYi96FYOabS9pKaK0aAz1 gvTzEBz+ej2lj+ju51UWGsWHXG9CuBO9i+lRqxf74YdpmDPVco+sDWULBJzEnXqC rYJsvnwLneDdUOeLd+r9nS/a38PezOqXd0eQApzwzvj4GStrj23aSQeLH7pXqXrr KI/dORIXEujHoNeWzSzW3XXzOYlg9yAJuLyFmS8FGg7fBaEpnlRA+z2gXtmX7Bdn SBJxYNttrVbucpHsIwFQysaVU+G0EXnbwgsB/AQBycCrDDIYmhmWLdqlIG+q6lsm AGLmmX47xxrDpBPhr8iHWJkcmTBBNsSADghLvTru5PSWWTd70P/f2XWGYrfJ5bvU OrQaV4BFG+zw6RC7Jlzx+byaXyWq15aorRAJSXKaFdebHBZXFzsbKTq4HNTRKV06 3DpoH47C0Jr4YXSbcNvgZiDZnF7OmYw/vsbJk+X4IC+igpriz3dV93QTnL2vf4iO LaS2KT1MkGInS329DRpjCy14+q1LZM2nti6/mPji2Uqwl6ACvGYgL5y0FJLfEThH XN+a2So6+u8MvWxrUoNrHIj8aYok96oONpDDbPIueS/PT7TwHBbq2ui1zlE8Uahg zR3+U/V5VoBEct5n/nm0c8SRhkqsfOk8l42Dj5ibkQAuDzzt39g= =MA6Q -----END PGP SIGNATURE----- Merge tag 'debian/4.9.30-1' Drop ABI reference files and ABI maintenance patch.
This commit is contained in:
commit
5174845342
|
@ -117,6 +117,464 @@ linux (4.10~rc6-1~exp1) experimental; urgency=medium
|
|||
|
||||
-- Ben Hutchings <ben@decadent.org.uk> Tue, 31 Jan 2017 15:33:20 +0000
|
||||
|
||||
linux (4.9.30-1) unstable; urgency=medium
|
||||
|
||||
* New upstream stable update:
|
||||
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.26
|
||||
- [arm64] Revert "mmc: sdhci-msm: Enable few quirks"
|
||||
- ping: implement proper locking
|
||||
- [sparc64] kern_addr_valid regression
|
||||
- [sparc64] Fix kernel panic due to erroneous #ifdef surrounding
|
||||
pmd_write()
|
||||
- net: neigh: guard against NULL solicit() method
|
||||
- net: phy: handle state correctly in phy_stop_machine
|
||||
- bpf: improve verifier packet range checks
|
||||
- net/mlx5: Avoid dereferencing uninitialized pointer
|
||||
- l2tp: hold tunnel socket when handling control frames in l2tp_ip
|
||||
and l2tp_ip6
|
||||
- l2tp: purge socket queues in the .destruct() callback
|
||||
- net/packet: fix overflow in check for tp_frame_nr
|
||||
- net/packet: fix overflow in check for tp_reserve
|
||||
- l2tp: take reference on sessions being dumped
|
||||
- l2tp: fix PPP pseudo-wire auto-loading
|
||||
- net: ipv4: fix multipath RTM_GETROUTE behavior when iif is given
|
||||
- sctp: listen on the sock only when it's state is listening or
|
||||
closed
|
||||
- tcp: clear saved_syn in tcp_disconnect()
|
||||
- ipv6: Fix idev->addr_list corruption
|
||||
- net-timestamp: avoid use-after-free in ip_recv_error
|
||||
- net: vrf: Fix setting NLM_F_EXCL flag when adding l3mdev rule
|
||||
- dp83640: don't recieve time stamps twice
|
||||
- gso: Validate assumption of frag_list segementation
|
||||
- net: ipv6: RTF_PCPU should not be settable from userspace
|
||||
- netpoll: Check for skb->queue_mapping
|
||||
- ip6mr: fix notification device destruction
|
||||
- net/mlx5: Fix driver load bad flow when having fw
|
||||
initializing timeout
|
||||
- net/mlx5e: Fix small packet threshold
|
||||
- net/mlx5e: Fix ETHTOOL_GRXCLSRLALL handling
|
||||
- macvlan: Fix device ref leak when purging bc_queue
|
||||
- net: ipv6: regenerate host route if moved to gc list
|
||||
- net: phy: fix auto-negotiation stall due to unavailable interrupt
|
||||
- ipv6: check skb->protocol before lookup for nexthop
|
||||
- tcp: memset ca_priv data to 0 properly
|
||||
- ipv6: check raw payload size correctly in ioctl
|
||||
- ALSA: oxfw: fix regression to handle Stanton SCS.1m/1d
|
||||
- ALSA: firewire-lib: fix inappropriate assignment between
|
||||
signed/unsigned type
|
||||
- ALSA: seq: Don't break snd_use_lock_sync() loop by timeout
|
||||
- [mips*] KGDB: Use kernel context for sleeping threads
|
||||
- [mips*] Avoid BUG warning in arch_check_elf
|
||||
- p9_client_readdir() fix
|
||||
- [x86] ASoC: intel: Fix PM and non-atomic crash in bytcr drivers
|
||||
- Input: i8042 - add Clevo P650RS to the i8042 reset list
|
||||
- nfsd: check for oversized NFSv2/v3 arguments
|
||||
- nfsd4: minor NFSv2/v3 write decoding cleanup
|
||||
- nfsd: stricter decoding of write-like NFSv2/v3 ops
|
||||
- ceph: fix recursion between ceph_set_acl() and __ceph_setattr()
|
||||
- macsec: avoid heap overflow in skb_to_sgvec
|
||||
- net: can: usb: gs_usb: Fix buffer on stack
|
||||
- [x86] ftrace: Fix triple fault with graph tracing and suspend-to-ram
|
||||
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.27
|
||||
- timerfd: Protect the might cancel mechanism proper
|
||||
- Handle mismatched open calls
|
||||
- [x86] tpm_tis: use default timeout value if chip reports it as zero
|
||||
- scsi: storvsc: Workaround for virtual DVD SCSI version
|
||||
- [powerpc, x86] hwmon: (it87) Avoid registering the same chip on both SIO
|
||||
addresses
|
||||
- 8250_pci: Fix potential use-after-free in error path
|
||||
- ceph: try getting buffer capability for readahead/fadvise
|
||||
- cpu/hotplug: Serialize callback invocations proper
|
||||
- dm ioctl: prevent stack leak in dm ioctl call
|
||||
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.28
|
||||
- 9p: fix a potential acl leak
|
||||
- hwmon: (it87) Fix pwm4 detection for IT8620 and IT8628
|
||||
- [x86] tpm: fix RC value check in tpm2_seal_trusted
|
||||
- [x86] tmp: use pdev for parent device in tpm_chip_alloc
|
||||
- cpupower: Fix turbo frequency reporting for pre-Sandy Bridge cores
|
||||
- [powerpc*] mm: Fixup wrong LPCR_VRMASD value
|
||||
- [powerpc*] powernv: Fix opal_exit tracepoint opcode
|
||||
- [powerpc*] Correctly disable latent entropy GCC plugin on
|
||||
prom_init.o
|
||||
- [x86] perf/x86/intel/pt: Add format strings for PTWRITE and power
|
||||
event tracing
|
||||
- [arm64] dts: r8a7795: Mark EthernetAVB device node disabled
|
||||
- [arm64] dts: qcom: Fix ipq board clock rates
|
||||
- [arm64] Improve detection of user/non-user mappings in
|
||||
set_pte(_at)
|
||||
- [armhf] OMAP5 / DRA7: Fix HYP mode boot for thumb2 build
|
||||
- [armhf] dts: sun7i: lamobo-r1: Fix CPU port RGMII settings
|
||||
- mwifiex: debugfs: Fix (sometimes) off-by-1 SSID print
|
||||
- mwifiex: remove redundant dma padding in AMSDU
|
||||
- mwifiex: Avoid skipping WEP key deletion for AP
|
||||
- iwlwifi: fix MODULE_FIRMWARE for 6030
|
||||
- iwlwifi: mvm: don't restart HW if suspend fails with unified image
|
||||
- iwlwifi: mvm: overwrite skb info later
|
||||
- iwlwifi: pcie: don't increment / decrement a bool
|
||||
- iwlwifi: pcie: trans: Remove unused 'shift_param'
|
||||
- iwlwifi: pcie: fix the set of DMA memory mask
|
||||
- iwlwifi: mvm: fix reorder timer re-arming
|
||||
- iwlwifi: mvm: Use aux queue for offchannel frames in dqa
|
||||
- iwlwifi: mvm/pcie: adjust A-MSDU tx_cmd length in PCIe
|
||||
- iwlwifi: mvm: fix pending frame counter calculation
|
||||
- iwlwifi: mvm: fix references to first_agg_queue in DQA mode
|
||||
- iwlwifi: mvm: synchronize firmware DMA paging memory
|
||||
- iwlwifi: mvm: writing zero bytes to debugfs causes a crash
|
||||
- [x86] ioapic: Restore IO-APIC irq_chip retrigger callback
|
||||
- [amd64] x86/pci-calgary: Fix iommu_free() comparison of unsigned
|
||||
expression >= 0
|
||||
- [x86] kprobes/x86: Fix kernel panic when certain exception-
|
||||
handling addresses are probed
|
||||
- [x86] platform/intel-mid: Correct MSI IRQ line for watchdog device
|
||||
- [x86] KVM: nVMX: initialize PML fields in vmcs02
|
||||
- [x86] KVM: nVMX: do not leak PML full vmexit to L1
|
||||
- [arm64, armhf] usb: dwc2: host: use msleep() for long delay
|
||||
- [armhf] usb: host: ehci-exynos: Decrese node refcount on
|
||||
exynos_ehci_get_phy() error paths
|
||||
- [armhf] usb: host: ohci-exynos: Decrese node refcount on
|
||||
exynos_ehci_get_phy() error paths
|
||||
- [arm64, armhf] usb: chipidea: Only read/write OTGSC from one place
|
||||
- [arm64, armhf] usb: chipidea: Handle extcon events properly
|
||||
- USB: serial: keyspan_pda: fix receive sanity checks
|
||||
- USB: serial: digi_acceleport: fix incomplete rx sanity check
|
||||
- USB: serial: ssu100: fix control-message error handling
|
||||
- USB: serial: io_edgeport: fix epic-descriptor handling
|
||||
- USB: serial: ti_usb_3410_5052: fix control-message error handling
|
||||
- USB: serial: ark3116: fix open error handling
|
||||
- USB: serial: ftdi_sio: fix latency-timer error handling
|
||||
- USB: serial: quatech2: fix control-message error handling
|
||||
- USB: serial: mct_u232: fix modem-status error handling
|
||||
- USB: serial: io_edgeport: fix descriptor error handling
|
||||
- [armhf] clk: rockchip: add "," to
|
||||
mux_pll_src_apll_dpll_gpll_usb480m_p on rk3036
|
||||
- phy: qcom-usb-hs: Add depends on EXTCON
|
||||
- scsi: qla2xxx: Fix crash in qla2xxx_eh_abort on bad ptr
|
||||
- scsi: mac_scsi: Fix MAC_SCSI=m option when SCSI=m
|
||||
- scsi: smartpqi: fix time handling
|
||||
- [mips*] R2-on-R6 MULTU/MADDU/MSUBU emulation bugfix
|
||||
- brcmfmac: Ensure pointer correctly set if skb data location
|
||||
changes
|
||||
- brcmfmac: Make skb header writable before use
|
||||
- [x86] staging/lustre/llite: move root_squash from sysfs to debugfs
|
||||
- [x86] staging: wlan-ng: add missing byte order conversion
|
||||
- ALSA: hda - Fix deadlock of controller device lock at unbinding
|
||||
- [sparc64] fix fault handling in NGbzero.S and GENbzero.S
|
||||
- macsec: dynamically allocate space for sglist
|
||||
- tcp: do not underestimate skb->truesize in tcp_trim_head()
|
||||
- bpf: enhance verifier to understand stack pointer arithmetic
|
||||
- [arm64] bpf: fix jit branch offset related to ldimm64
|
||||
- tcp: fix wraparound issue in tcp_lp
|
||||
- net: ipv6: Do not duplicate DAD on link up
|
||||
- net: usb: qmi_wwan: add Telit ME910 support
|
||||
- tcp: do not inherit fastopen_req from parent
|
||||
- ipv4, ipv6: ensure raw socket message is big enough to hold
|
||||
an IP header
|
||||
- rtnetlink: NUL-terminate IFLA_PHYS_PORT_NAME string
|
||||
- ipv6: initialize route null entry in addrconf_init()
|
||||
- ipv6: reorder ip6_route_dev_notifier after ipv6_dev_notf
|
||||
- bnxt_en: allocate enough space for ->ntp_fltr_bmap
|
||||
- bpf: don't let ldimm64 leak map addresses on unprivileged
|
||||
(CVE-2017-9150)
|
||||
- f2fs: sanity check segment count
|
||||
- xen: Revert commits da72ff5bfcb0 and 72a9b186292d
|
||||
- [arm64, armhf] wlcore: Pass win_size taken from
|
||||
ieee80211_sta to FW
|
||||
- [arm64, armhf] wlcore: Add RX_BA_WIN_SIZE_CHANGE_EVENT event
|
||||
- drm/ttm: fix use-after-free races in vm fault handling
|
||||
- block: get rid of blk_integrity_revalidate()
|
||||
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.29
|
||||
- [x86] xen: adjust early dom0 p2m handling to xen hypervisor behavior
|
||||
- target: Fix compare_and_write_callback handling for non GOOD status
|
||||
- target/fileio: Fix zero-length READ and WRITE handling
|
||||
- iscsi-target: Set session_fall_back_to_erl0 when forcing reinstatement
|
||||
- usb: xhci: bInterval quirk for TI TUSB73x0
|
||||
- usb: host: xhci: print correct command ring address
|
||||
- USB: Proper handling of Race Condition when two USB class drivers try to
|
||||
call init_usb_class simultaneously
|
||||
- USB: Revert "cdc-wdm: fix "out-of-sync" due to missing notifications"
|
||||
- [x86] staging: vt6656: use off stack for in buffer USB transfers.
|
||||
- [x86] staging: vt6656: use off stack for out buffer USB transfers.
|
||||
- [x86] staging: comedi: jr3_pci: fix possible null pointer dereference
|
||||
- [x86] staging: comedi: jr3_pci: cope with jiffies wraparound
|
||||
- usb: misc: add missing continue in switch
|
||||
- usb: gadget: legacy gadgets are optional
|
||||
- usb: Make sure usb/phy/of gets built-in
|
||||
- usb: hub: Fix error loop seen after hub communication errors
|
||||
- usb: hub: Do not attempt to autosuspend disconnected devices
|
||||
- [x86] boot: Fix BSS corruption/overwrite bug in early x86 kernel startup
|
||||
- [amd64] pmem: Fix cache flushing for iovec write < 8 bytes
|
||||
- [x86] perf: Fix Broadwell-EP DRAM RAPL events
|
||||
- [x86] KVM: fix user triggerable warning in kvm_apic_accept_events()
|
||||
- [armhf,arm64] KVM: fix races in kvm_psci_vcpu_on
|
||||
- [arm64] KVM: Fix decoding of Rt/Rt2 when trapping AArch32 CP accesses
|
||||
- block: fix blk_integrity_register to use template's interval_exp if not 0
|
||||
- crypto: algif_aead - Require setkey before accept(2)
|
||||
- [x86] crypto: ccp - Use only the relevant interrupt bits
|
||||
- [x86] crypto: ccp - Disable interrupts early on unload
|
||||
- [x86] crypto: ccp - Change ISR handler method for a v3 CCP
|
||||
- [x86] crypto: ccp - Change ISR handler method for a v5 CCP
|
||||
- dm era: save spacemap metadata root after the pre-commit
|
||||
- dm rq: check blk_mq_register_dev() return value in
|
||||
dm_mq_init_request_queue()
|
||||
- dm thin: fix a memory leak when passing discard bio down
|
||||
- vfio/type1: Remove locked page accounting workqueue
|
||||
- iov_iter: don't revert iov buffer if csum error
|
||||
- IB/core: Fix sysfs registration error flow
|
||||
- IB/core: For multicast functions, verify that LIDs are multicast LIDs
|
||||
- IB/IPoIB: ibX: failed to create mcg debug file
|
||||
- IB/mlx4: Fix ib device initialization error flow
|
||||
- IB/mlx4: Reduce SRIOV multicast cleanup warning message to debug level
|
||||
- IB/hfi1: Prevent kernel QP post send hard lockups
|
||||
- perf auxtrace: Fix no_size logic in addr_filter__resolve_kernel_syms()
|
||||
- ext4: evict inline data when writing to memory map
|
||||
- fs/xattr.c: zero out memory copied to userspace in getxattr
|
||||
- ceph: fix memory leak in __ceph_setxattr()
|
||||
- fs/block_dev: always invalidate cleancache in invalidate_bdev()
|
||||
- mm: prevent potential recursive reclaim due to clearing PF_MEMALLOC
|
||||
- Fix match_prepath()
|
||||
- Set unicode flag on cifs echo request to avoid Mac error
|
||||
- SMB3: Work around mount failure when using SMB3 dialect to Macs
|
||||
- CIFS: fix mapping of SFM_SPACE and SFM_PERIOD
|
||||
- cifs: fix leak in FSCTL_ENUM_SNAPS response handling
|
||||
- cifs: fix CIFS_ENUMERATE_SNAPSHOTS oops
|
||||
- CIFS: fix oplock break deadlocks
|
||||
- cifs: fix CIFS_IOC_GET_MNT_INFO oops
|
||||
- CIFS: add misssing SFM mapping for doublequote
|
||||
- padata: free correct variable
|
||||
- device-dax: fix cdev leak
|
||||
- fscrypt: fix context consistency check when key(s) unavailable
|
||||
- [armhf] serial: samsung: Use right device for DMA-mapping calls
|
||||
- [armhf] serial: omap: fix runtime-pm handling on unbind
|
||||
- [armhf] serial: omap: suspend device on probe errors
|
||||
- tty: pty: Fix ldisc flush after userspace become aware of the data already
|
||||
- Bluetooth: Fix user channel for 32bit userspace on 64bit kernel
|
||||
- Bluetooth: hci_bcm: add missing tty-device sanity check
|
||||
- Bluetooth: hci_intel: add missing tty-device sanity check
|
||||
- ipmi: Fix kernel panic at ipmi_ssif_thread()
|
||||
- libnvdimm, region: fix flush hint detection crash
|
||||
- libnvdimm, pmem: fix a NULL pointer BUG in nd_pmem_notify
|
||||
- libnvdimm, pfn: fix 'npfns' vs section alignment
|
||||
- [powerpc*/*64*] pstore: Fix flags to enable dumps on powerpc
|
||||
- pstore: Shut down worker when unregistering
|
||||
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.30
|
||||
- usb: misc: legousbtower: Fix buffers on stack
|
||||
- usb: misc: legousbtower: Fix memory leak
|
||||
- USB: ene_usb6250: fix DMA to the stack
|
||||
- watchdog: pcwd_usb: fix NULL-deref at probe
|
||||
- char: lp: fix possible integer overflow in lp_setup() (CVE-2017-1000363)
|
||||
- USB: core: replace %p with %pK
|
||||
- tpm_tis_core: Choose appropriate timeout for reading burstcount
|
||||
- ALSA: hda: Fix cpu lockup when stopping the cmd dmas
|
||||
- [armhf] tegra: paz00: Mark panel regulator as enabled on boot
|
||||
- fanotify: don't expose EOPENSTALE to userspace
|
||||
- tpm_tis_spi: Use single function to transfer data
|
||||
- tpm_tis_spi: Abort transfer when too many wait states are signaled
|
||||
- tpm_tis_spi: Check correct byte for wait state indicator
|
||||
- tpm_tis_spi: Remove limitation of transfers to MAX_SPI_FRAMESIZE bytes
|
||||
- tpm_tis_spi: Add small delay after last transfer
|
||||
- tpm: msleep() delays - replace with usleep_range() in i2c nuvoton driver
|
||||
- tpm: add sleep only for retry in i2c_nuvoton_write_status()
|
||||
- tpm_crb: check for bad response size
|
||||
- mlx5: Fix mlx5_ib_map_mr_sg mr length
|
||||
- infiniband: call ipv6 route lookup via the stub interface
|
||||
- dm btree: fix for dm_btree_find_lowest_key()
|
||||
- dm raid: select the Kconfig option CONFIG_MD_RAID0
|
||||
- dm bufio: avoid a possible ABBA deadlock
|
||||
- dm bufio: check new buffer allocation watermark every 30 seconds
|
||||
- dm mpath: split and rename activate_path() to prepare for its expanded use
|
||||
- dm cache metadata: fail operations if fail_io mode has been established
|
||||
- dm bufio: make the parameter "retain_bytes" unsigned long
|
||||
- dm thin metadata: call precommit before saving the roots
|
||||
- dm space map disk: fix some book keeping in the disk space map
|
||||
- md: update slab_cache before releasing new stripes when stripes resizing
|
||||
- md: MD_CLOSING needs to be cleared after called md_set_readonly or
|
||||
do_md_stop
|
||||
- rtlwifi: rtl8821ae: setup 8812ae RFE according to device type
|
||||
- mwifiex: MAC randomization should not be persistent
|
||||
- mwifiex: pcie: fix cmd_buf use-after-free in remove/reset
|
||||
- ima: accept previously set IMA_NEW_FILE
|
||||
- [x86] KVM: Fix load damaged SSEx MXCSR register
|
||||
- [x86] KVM: Fix potential preemption when get the current kvmclock
|
||||
timestamp
|
||||
- [x86] KVM: Fix read out-of-bounds vulnerability in kvm pio emulation
|
||||
- [i386] fix 32-bit case of __get_user_asm_u64()
|
||||
- [armhf] regulator: rk808: Fix RK818 LDO2
|
||||
- [s390x] kdump: Add final note
|
||||
- [s390x] cputime: fix incorrect system time
|
||||
- ath9k_htc: Add support of AirTies 1eda:2315 AR9271 device
|
||||
- ath9k_htc: fix NULL-deref at probe
|
||||
- [x86] drm/amdgpu: Make display watermark calculations more accurate
|
||||
- [x86] drm/amdgpu: Avoid overflows/divide-by-zero in latency_watermark
|
||||
calculations.
|
||||
- [x86] drm/amdgpu: Add missing lb_vblank_lead_lines setup to DCE-6 path.
|
||||
- drm/nouveau/therm: remove ineffective workarounds for alarm bugs
|
||||
- drm/nouveau/tmr: ack interrupt before processing alarms
|
||||
- drm/nouveau/tmr: fix corruption of the pending list when rescheduling an
|
||||
alarm
|
||||
- drm/nouveau/tmr: avoid processing completed alarms when adding a new one
|
||||
- drm/nouveau/tmr: handle races with hw when updating the next alarm time
|
||||
- [armhf] gpio: omap: return error if requested debounce time is not
|
||||
possible
|
||||
- cdc-acm: fix possible invalid access when processing notification
|
||||
- ohci-pci: add qemu quirk
|
||||
- [powerpc*] cxl: Force context lock during EEH flow
|
||||
- [powerpc*] cxl: Route eeh events to all drivers in
|
||||
cxl_pci_error_detected()
|
||||
- proc: Fix unbalanced hard link numbers
|
||||
- of: fix sparse warning in of_pci_range_parser_one
|
||||
- of: fix "/cpus" reference leak in of_numa_parse_cpu_nodes()
|
||||
- of: fdt: add missing allocation-failure check
|
||||
- [powerpc*/*64*] ibmvscsis: Do not send aborted task response
|
||||
- [x86] IIO: bmp280-core.c: fix error in humidity calculation
|
||||
- IB/hfi1: Return an error on memory allocation failure
|
||||
- IB/hfi1: Fix a subcontext memory leak
|
||||
- pid_ns: Sleep in TASK_INTERRUPTIBLE in zap_pid_ns_processes
|
||||
- pid_ns: Fix race between setns'ed fork() and zap_pid_ns_processes()
|
||||
- USB: serial: ftdi_sio: fix setting latency for unprivileged users
|
||||
- USB: serial: ftdi_sio: add Olimex ARM-USB-TINY(H) PIDs
|
||||
- USB: chaoskey: fix Alea quirk on big-endian hosts
|
||||
- f2fs: check entire encrypted bigname when finding a dentry
|
||||
- fscrypt: avoid collisions when presenting long encrypted filenames
|
||||
- libnvdimm: fix clear length of nvdimm_forget_poison()
|
||||
- xhci: remove GFP_DMA flag from allocation
|
||||
- usb: host: xhci-plat: propagate return value of platform_get_irq()
|
||||
- xhci: apply PME_STUCK_QUIRK and MISSING_CAS quirk for Denverton
|
||||
- usb: host: xhci-mem: allocate zeroed Scratchpad Buffer
|
||||
- net: irda: irda-usb: fix firmware name on big-endian hosts
|
||||
- usbvision: fix NULL-deref at probe
|
||||
- mceusb: fix NULL-deref at probe
|
||||
- ttusb2: limit messages to buffer size
|
||||
- [armhf,arm64] usb: dwc3: gadget: Prevent losing events in event cache
|
||||
- [armhf] usb: musb: tusb6010_omap: Do not reset the other direction's
|
||||
packet size
|
||||
- [armhf] usb: musb: Fix trying to suspend while active for OTG
|
||||
configurations
|
||||
- USB: iowarrior: fix info ioctl on big-endian hosts
|
||||
- usb: serial: option: add Telit ME910 support
|
||||
- USB: serial: qcserial: add more Lenovo EM74xx device IDs
|
||||
- USB: serial: mct_u232: fix big-endian baud-rate handling
|
||||
- USB: serial: io_ti: fix div-by-zero in set_termios
|
||||
- USB: hub: fix SS hub-descriptor handling
|
||||
- USB: hub: fix non-SS hub-descriptor handling
|
||||
- ipx: call ipxitf_put() in ioctl error path (CVE-2017-7487)
|
||||
- iio: hid-sensor: Store restore poll and hysteresis on S3
|
||||
- gspca: konica: add missing endpoint sanity check
|
||||
- dib0700: fix NULL-deref at probe
|
||||
- zr364xx: enforce minimum size when reading header
|
||||
- dvb-frontends/cxd2841er: define symbol_rate_min/max in T/C fe-ops
|
||||
- digitv: limit messages to buffer size
|
||||
- dw2102: limit messages to buffer size
|
||||
- cx231xx-audio: fix init error path
|
||||
- cx231xx-audio: fix NULL-deref at probe
|
||||
- cx231xx-cards: fix NULL-deref at probe
|
||||
- [powerpc*] mm: Ensure IRQs are off in switch_mm()
|
||||
- [powerpc*] eeh: Avoid use after free in eeh_handle_special_event()
|
||||
- [powerpc*] book3s/mce: Move add_taint() later in virtual mode
|
||||
- [powerpc*] pseries: Fix of_node_put() underflow during DLPAR remove
|
||||
- [powerpc*] iommu: Do not call PageTransHuge() on tail pages
|
||||
- [powerpc*] tm: Fix FP and VMX register corruption
|
||||
- [arm64] KVM: Do not use stack-protector to compile EL2 code
|
||||
- [armhf] KVM: Do not use stack-protector to compile HYP code
|
||||
- [armhf] KVM: plug potential guest hardware debug leakage
|
||||
- [armel,armhf] 8662/1: module: split core and init PLT sections
|
||||
- [armhf] dts: imx6sx-sdb: Remove OPP override
|
||||
- [arm64] dts: hi6220: Reset the mmc hosts
|
||||
- [arm64] xchg: hazard against entire exchange variable
|
||||
- [arm64] ensure extension of smp_store_release value
|
||||
- [arm64] armv8_deprecated: ensure extension of addr
|
||||
- [arm64] uaccess: ensure extension of access_ok() addr
|
||||
- [arm64] documentation: document tagged pointer stack constraints
|
||||
- [x86] staging: rtl8192e: rtl92e_fill_tx_desc fix write to mapped out
|
||||
memory.
|
||||
- [x86] staging: rtl8192e: fix 2 byte alignment of register BSSIDR.
|
||||
- [x86] staging: rtl8192e: rtl92e_get_eeprom_size Fix read size of
|
||||
EPROM_CMD.
|
||||
- [x86] staging: rtl8192e: GetTs Fix invalid TID 7 warning.
|
||||
- [x86] iommu/vt-d: Flush the IOTLB to get rid of the initial kdump mappings
|
||||
- stackprotector: Increase the per-task stack canary's random range from 32
|
||||
bits to 64 bits on 64-bit platforms
|
||||
- uwb: fix device quirk on big-endian hosts
|
||||
- genirq: Fix chained interrupt data ordering
|
||||
- nvme: unmap CMB and remove sysfs file in reset path
|
||||
- [alpha] osf_wait4(): fix infoleak
|
||||
- tracing/kprobes: Enforce kprobes teardown after testing
|
||||
- [x86] PCI: hv: Allocate interrupt descriptors with GFP_ATOMIC
|
||||
- [x86] PCI: hv: Specify CPU_AFFINITY_ALL for MSI affinity when >= 32 CPUs
|
||||
- PCI: Fix pci_mmap_fits() for HAVE_PCI_RESOURCE_TO_USER platforms
|
||||
- PCI: Fix another sanity check bug in /proc/pci mmap
|
||||
- PCI: Only allow WC mmap on prefetchable resources
|
||||
- PCI: Freeze PME scan before suspending devices
|
||||
- [armel,armhf] mtd: nand: orion: fix clk handling
|
||||
- [armhf] mtd: nand: omap2: Fix partition creation via cmdline mtdparts
|
||||
- mtd: nand: add ooblayout for old hamming layout
|
||||
- [x86] drm/edid: Add 10 bpc quirk for LGD 764 panel in HP zBook 17 G2
|
||||
- NFSv4: Fix a hang in OPEN related to server reboot
|
||||
- NFS: Fix use after free in write error path
|
||||
- NFS: Use GFP_NOIO for two allocations in writeback
|
||||
- nfsd: fix undefined behavior in nfsd4_layout_verify
|
||||
- nfsd: encoders mustn't use unitialized values in error cases
|
||||
- drivers: char: mem: Check for address space wraparound with mmap()
|
||||
- [x86] drm/i915/gvt: Disable access to stolen memory as a guest
|
||||
|
||||
[ Aurelien Jarno ]
|
||||
* [mips*/*-malta] Enable POWER_RESET and POWER_RESET_SYSCON.
|
||||
|
||||
[ Uwe Kleine-König ]
|
||||
* [arm64] Enable DRM modules (Closes: #863344)
|
||||
* Ignore ABI changes in chipidea driver
|
||||
|
||||
[ Ben Hutchings ]
|
||||
* Ignore ABI changes in ccp and hid-sensors
|
||||
* [mips*el/loongson-3] Revert "MIPS: Loongson-3: Select
|
||||
MIPS_L1_CACHE_SHIFT_6" to avoid ABI change
|
||||
* SUNRPC: Refactor svc_set_num_threads()
|
||||
* NFSv4: Fix callback server shutdown (CVE-2017-9059) (Closes: #862357)
|
||||
* uapi: fix linux/if.h userspace compilation errors (see #822393, #824442)
|
||||
* debian/control: Fix compiler build-dependencies for cross-building
|
||||
(Closes: #863907)
|
||||
* Add Debian package version to "hung task" log messages
|
||||
* btrfs: warn about RAID5/6 being experimental at mount time (Closes: #863290)
|
||||
* [x86] pinctrl: cherryview: Add a quirk to make Acer Chromebook keyboard
|
||||
work again (Closes: #862723)
|
||||
* [arm64] serial: pl011: add console matching function (Closes: #861898)
|
||||
* [rt] Add new GPG subkeys for Sebastian Andrzej Siewior
|
||||
* [rt] Update to 4.9.30-rt20:
|
||||
- rtmutex: Deboost before waking up the top waiter
|
||||
- sched/rtmutex/deadline: Fix a PI crash for deadline tasks
|
||||
- sched/deadline/rtmutex: Dont miss the dl_runtime/dl_period update
|
||||
- rtmutex: Clean up
|
||||
- sched/rtmutex: Refactor rt_mutex_setprio()
|
||||
- sched,tracing: Update trace_sched_pi_setprio()
|
||||
- rtmutex: Fix PI chain order integrity
|
||||
- rtmutex: Fix more prio comparisons
|
||||
- rtmutex: Plug preempt count leak in rt_mutex_futex_unlock()
|
||||
- futex: Avoid freeing an active timer
|
||||
- futex: Fix small (and harmless looking) inconsistencies
|
||||
- futex,rt_mutex: Fix rt_mutex_cleanup_proxy_lock()
|
||||
- Revert "timers: Don't wake ktimersoftd on every tick"
|
||||
- futex/rtmutex: Cure RT double blocking issue
|
||||
- random: avoid preempt_disable()ed section
|
||||
|
||||
[ Salvatore Bonaccorso ]
|
||||
* tracing: Use strlcpy() instead of strcpy() in __trace_find_cmdline()
|
||||
(CVE-2017-0605)
|
||||
* dccp/tcp: do not inherit mc_list from parent (CVE-2017-8890)
|
||||
* ipv6: Prevent overrun when parsing v6 header options (CVE-2017-9074)
|
||||
* sctp: do not inherit ipv6_{mc|ac|fl}_list from parent (CVE-2017-9075)
|
||||
* ipv6/dccp: do not inherit ipv6_mc_list from parent (CVE-2017-9076,
|
||||
CVE-2017-9077)
|
||||
* crypto: skcipher - Add missing API setkey checks (CVE-2017-9211)
|
||||
* ipv6: fix out of bound writes in __ip6_append_data() (CVE-2017-9242)
|
||||
|
||||
[ Cyril Brulebois ]
|
||||
* udeb: Add efivarfs to efi-modules, which can be needed to retrieve
|
||||
firmware or configuration bits from d-i. (Closes: #862555)
|
||||
|
||||
[ John Paul Adrian Glaubitz ]
|
||||
* [m68k] udeb: Build loop-modules package (Closes: #862813)
|
||||
|
||||
-- Ben Hutchings <ben@decadent.org.uk> Sun, 04 Jun 2017 03:03:01 +0100
|
||||
|
||||
linux (4.9.25-1) unstable; urgency=medium
|
||||
|
||||
* New upstream stable update:
|
||||
|
|
|
@ -186,6 +186,14 @@ CONFIG_GPIO_MAX77620=y
|
|||
## file: drivers/gpu/drm/Kconfig
|
||||
##
|
||||
CONFIG_DRM=m
|
||||
CONFIG_DRM_RADEON=m
|
||||
CONFIG_DRM_AMDGPU=m
|
||||
|
||||
##
|
||||
## file: drivers/gpu/drm/arm/Kconfig
|
||||
##
|
||||
CONFIG_DRM_HDLCD=m
|
||||
CONFIG_DRM_MALI_DISPLAY=m
|
||||
|
||||
##
|
||||
## file: drivers/gpu/drm/ast/Kconfig
|
||||
|
|
|
@ -8,7 +8,9 @@ ignore-changes:
|
|||
register_cxl_calls
|
||||
unregister_cxl_calls
|
||||
module:arch/x86/kvm/*
|
||||
module:drivers/crypto/ccp/*
|
||||
module:drivers/hv/*
|
||||
module:drivers/iio/common/hid-sensors/*
|
||||
module:drivers/iio/common/st_sensors/**
|
||||
module:drivers/net/wireless/**
|
||||
module:drivers/nvdimm/*
|
||||
|
@ -18,9 +20,12 @@ ignore-changes:
|
|||
module:drivers/scsi/qla2xxx/qla2xxx
|
||||
module:drivers/scsi/ufs/*
|
||||
module:drivers/target/**
|
||||
module:drivers/usb/chipidea/**
|
||||
module:drivers/usb/host/**
|
||||
module:drivers/usb/musb/**
|
||||
module:net/ceph/libceph
|
||||
module:net/l2tp/l2tp_core
|
||||
module:sound/firewire/snd-firewire-lib
|
||||
# btree library is only selected by few drivers so not useful OOT
|
||||
btree_*
|
||||
visitor*
|
||||
|
|
|
@ -1,9 +1,27 @@
|
|||
# CONFIG_PREEMPT_VOLUNTARY is not set
|
||||
CONFIG_PREEMPT_RT_FULL=y
|
||||
CONFIG_SCHED_TRACER=y
|
||||
CONFIG_MISSED_TIMER_OFFSETS_HIST=y
|
||||
CONFIG_WAKEUP_LATENCY_HIST=y
|
||||
CONFIG_RCU_EXPERT=y
|
||||
##
|
||||
## file: certs/Kconfig
|
||||
##
|
||||
#. Certificate paths are resolved relative to debian/build/source_rt
|
||||
CONFIG_SYSTEM_TRUSTED_KEYS="../../certs/benh@debian.org.cert.pem"
|
||||
|
||||
##
|
||||
## file: init/Kconfig
|
||||
##
|
||||
CONFIG_RCU_EXPERT=y
|
||||
|
||||
##
|
||||
## file: kernel/Kconfig.preempt
|
||||
##
|
||||
## choice: Preemption Model
|
||||
# CONFIG_PREEMPT_VOLUNTARY is not set
|
||||
CONFIG_PREEMPT_RT_FULL=y
|
||||
## end choice
|
||||
|
||||
##
|
||||
## file: kernel/trace/Kconfig
|
||||
##
|
||||
CONFIG_SCHED_TRACER=y
|
||||
CONFIG_HWLAT_TRACER=y
|
||||
CONFIG_WAKEUP_LATENCY_HIST=y
|
||||
CONFIG_MISSED_TIMER_OFFSETS_HIST=y
|
||||
|
||||
|
|
|
@ -26,6 +26,12 @@ CONFIG_ATA=y
|
|||
##
|
||||
# CONFIG_NIU is not set
|
||||
|
||||
##
|
||||
## file: drivers/power/reset/Kconfig
|
||||
##
|
||||
CONFIG_POWER_RESET=y
|
||||
CONFIG_POWER_RESET_SYSCON=y
|
||||
|
||||
##
|
||||
## file: drivers/scsi/Kconfig
|
||||
##
|
||||
|
|
|
@ -0,0 +1 @@
|
|||
#include <loop-modules>
|
|
@ -1 +1,2 @@
|
|||
efivars
|
||||
efivarfs
|
||||
|
|
73
debian/patches/bugfix/all/crypto-skcipher-Add-missing-api-setkey-checks.patch
vendored
Normal file
73
debian/patches/bugfix/all/crypto-skcipher-Add-missing-api-setkey-checks.patch
vendored
Normal file
|
@ -0,0 +1,73 @@
|
|||
From: Herbert Xu <herbert@gondor.apana.org.au>
|
||||
Date: Wed, 10 May 2017 03:48:23 +0800
|
||||
Subject: crypto: skcipher - Add missing API setkey checks
|
||||
Origin: https://git.kernel.org/linus/9933e113c2e87a9f46a40fde8dafbf801dca1ab9
|
||||
Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2017-9211
|
||||
|
||||
The API setkey checks for key sizes and alignment went AWOL during the
|
||||
skcipher conversion. This patch restores them.
|
||||
|
||||
Cc: <stable@vger.kernel.org>
|
||||
Fixes: 4e6c3df4d729 ("crypto: skcipher - Add low-level skcipher...")
|
||||
Reported-by: Baozeng <sploving1@gmail.com>
|
||||
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
||||
---
|
||||
crypto/skcipher.c | 40 +++++++++++++++++++++++++++++++++++++++-
|
||||
1 file changed, 39 insertions(+), 1 deletion(-)
|
||||
|
||||
--- a/crypto/skcipher.c
|
||||
+++ b/crypto/skcipher.c
|
||||
@@ -221,6 +221,44 @@ static int crypto_init_skcipher_ops_ablk
|
||||
return 0;
|
||||
}
|
||||
|
||||
+static int skcipher_setkey_unaligned(struct crypto_skcipher *tfm,
|
||||
+ const u8 *key, unsigned int keylen)
|
||||
+{
|
||||
+ unsigned long alignmask = crypto_skcipher_alignmask(tfm);
|
||||
+ struct skcipher_alg *cipher = crypto_skcipher_alg(tfm);
|
||||
+ u8 *buffer, *alignbuffer;
|
||||
+ unsigned long absize;
|
||||
+ int ret;
|
||||
+
|
||||
+ absize = keylen + alignmask;
|
||||
+ buffer = kmalloc(absize, GFP_ATOMIC);
|
||||
+ if (!buffer)
|
||||
+ return -ENOMEM;
|
||||
+
|
||||
+ alignbuffer = (u8 *)ALIGN((unsigned long)buffer, alignmask + 1);
|
||||
+ memcpy(alignbuffer, key, keylen);
|
||||
+ ret = cipher->setkey(tfm, alignbuffer, keylen);
|
||||
+ kzfree(buffer);
|
||||
+ return ret;
|
||||
+}
|
||||
+
|
||||
+static int skcipher_setkey(struct crypto_skcipher *tfm, const u8 *key,
|
||||
+ unsigned int keylen)
|
||||
+{
|
||||
+ struct skcipher_alg *cipher = crypto_skcipher_alg(tfm);
|
||||
+ unsigned long alignmask = crypto_skcipher_alignmask(tfm);
|
||||
+
|
||||
+ if (keylen < cipher->min_keysize || keylen > cipher->max_keysize) {
|
||||
+ crypto_skcipher_set_flags(tfm, CRYPTO_TFM_RES_BAD_KEY_LEN);
|
||||
+ return -EINVAL;
|
||||
+ }
|
||||
+
|
||||
+ if ((unsigned long)key & alignmask)
|
||||
+ return skcipher_setkey_unaligned(tfm, key, keylen);
|
||||
+
|
||||
+ return cipher->setkey(tfm, key, keylen);
|
||||
+}
|
||||
+
|
||||
static void crypto_skcipher_exit_tfm(struct crypto_tfm *tfm)
|
||||
{
|
||||
struct crypto_skcipher *skcipher = __crypto_skcipher_cast(tfm);
|
||||
@@ -241,7 +279,7 @@ static int crypto_skcipher_init_tfm(stru
|
||||
tfm->__crt_alg->cra_type == &crypto_givcipher_type)
|
||||
return crypto_init_skcipher_ops_ablkcipher(tfm);
|
||||
|
||||
- skcipher->setkey = alg->setkey;
|
||||
+ skcipher->setkey = skcipher_setkey;
|
||||
skcipher->encrypt = alg->encrypt;
|
||||
skcipher->decrypt = alg->decrypt;
|
||||
skcipher->ivsize = alg->ivsize;
|
|
@ -0,0 +1,37 @@
|
|||
From: Eric Dumazet <edumazet@google.com>
|
||||
Date: Tue, 9 May 2017 06:29:19 -0700
|
||||
Subject: dccp/tcp: do not inherit mc_list from parent
|
||||
Origin: https://git.kernel.org/linus/657831ffc38e30092a2d5f03d385d710eb88b09a
|
||||
Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2017-8890
|
||||
|
||||
syzkaller found a way to trigger double frees from ip_mc_drop_socket()
|
||||
|
||||
It turns out that leave a copy of parent mc_list at accept() time,
|
||||
which is very bad.
|
||||
|
||||
Very similar to commit 8b485ce69876 ("tcp: do not inherit
|
||||
fastopen_req from parent")
|
||||
|
||||
Initial report from Pray3r, completed by Andrey one.
|
||||
Thanks a lot to them !
|
||||
|
||||
Signed-off-by: Eric Dumazet <edumazet@google.com>
|
||||
Reported-by: Pray3r <pray3r.z@gmail.com>
|
||||
Reported-by: Andrey Konovalov <andreyknvl@google.com>
|
||||
Tested-by: Andrey Konovalov <andreyknvl@google.com>
|
||||
Signed-off-by: David S. Miller <davem@davemloft.net>
|
||||
---
|
||||
net/ipv4/inet_connection_sock.c | 2 ++
|
||||
1 file changed, 2 insertions(+)
|
||||
|
||||
--- a/net/ipv4/inet_connection_sock.c
|
||||
+++ b/net/ipv4/inet_connection_sock.c
|
||||
@@ -665,6 +665,8 @@ struct sock *inet_csk_clone_lock(const s
|
||||
/* listeners have SOCK_RCU_FREE, not the children */
|
||||
sock_reset_flag(newsk, SOCK_RCU_FREE);
|
||||
|
||||
+ inet_sk(newsk)->mc_list = NULL;
|
||||
+
|
||||
newsk->sk_mark = inet_rsk(req)->ir_mark;
|
||||
atomic64_set(&newsk->sk_cookie,
|
||||
atomic64_read(&inet_rsk(req)->ir_cookie));
|
59
debian/patches/bugfix/all/ipv6-dccp-do-not-inherit-ipv6_mc_list-from-parent.patch
vendored
Normal file
59
debian/patches/bugfix/all/ipv6-dccp-do-not-inherit-ipv6_mc_list-from-parent.patch
vendored
Normal file
|
@ -0,0 +1,59 @@
|
|||
From: WANG Cong <xiyou.wangcong@gmail.com>
|
||||
Date: Tue, 9 May 2017 16:59:54 -0700
|
||||
Subject: ipv6/dccp: do not inherit ipv6_mc_list from parent
|
||||
Origin: https://git.kernel.org/linus/83eaddab4378db256d00d295bda6ca997cd13a52
|
||||
Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2017-9076
|
||||
Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2017-9077
|
||||
|
||||
Like commit 657831ffc38e ("dccp/tcp: do not inherit mc_list from parent")
|
||||
we should clear ipv6_mc_list etc. for IPv6 sockets too.
|
||||
|
||||
Cc: Eric Dumazet <edumazet@google.com>
|
||||
Signed-off-by: Cong Wang <xiyou.wangcong@gmail.com>
|
||||
Acked-by: Eric Dumazet <edumazet@google.com>
|
||||
Signed-off-by: David S. Miller <davem@davemloft.net>
|
||||
---
|
||||
net/dccp/ipv6.c | 6 ++++++
|
||||
net/ipv6/tcp_ipv6.c | 2 ++
|
||||
2 files changed, 8 insertions(+)
|
||||
|
||||
--- a/net/dccp/ipv6.c
|
||||
+++ b/net/dccp/ipv6.c
|
||||
@@ -426,6 +426,9 @@ static struct sock *dccp_v6_request_recv
|
||||
newsk->sk_backlog_rcv = dccp_v4_do_rcv;
|
||||
newnp->pktoptions = NULL;
|
||||
newnp->opt = NULL;
|
||||
+ newnp->ipv6_mc_list = NULL;
|
||||
+ newnp->ipv6_ac_list = NULL;
|
||||
+ newnp->ipv6_fl_list = NULL;
|
||||
newnp->mcast_oif = inet6_iif(skb);
|
||||
newnp->mcast_hops = ipv6_hdr(skb)->hop_limit;
|
||||
|
||||
@@ -490,6 +493,9 @@ static struct sock *dccp_v6_request_recv
|
||||
/* Clone RX bits */
|
||||
newnp->rxopt.all = np->rxopt.all;
|
||||
|
||||
+ newnp->ipv6_mc_list = NULL;
|
||||
+ newnp->ipv6_ac_list = NULL;
|
||||
+ newnp->ipv6_fl_list = NULL;
|
||||
newnp->pktoptions = NULL;
|
||||
newnp->opt = NULL;
|
||||
newnp->mcast_oif = inet6_iif(skb);
|
||||
--- a/net/ipv6/tcp_ipv6.c
|
||||
+++ b/net/ipv6/tcp_ipv6.c
|
||||
@@ -1046,6 +1046,7 @@ static struct sock *tcp_v6_syn_recv_sock
|
||||
newtp->af_specific = &tcp_sock_ipv6_mapped_specific;
|
||||
#endif
|
||||
|
||||
+ newnp->ipv6_mc_list = NULL;
|
||||
newnp->ipv6_ac_list = NULL;
|
||||
newnp->ipv6_fl_list = NULL;
|
||||
newnp->pktoptions = NULL;
|
||||
@@ -1115,6 +1116,7 @@ static struct sock *tcp_v6_syn_recv_sock
|
||||
First: no IPv4 options.
|
||||
*/
|
||||
newinet->inet_opt = NULL;
|
||||
+ newnp->ipv6_mc_list = NULL;
|
||||
newnp->ipv6_ac_list = NULL;
|
||||
newnp->ipv6_fl_list = NULL;
|
||||
|
62
debian/patches/bugfix/all/ipv6-fix-out-of-bound-writes-in-__ip6_append_data.patch
vendored
Normal file
62
debian/patches/bugfix/all/ipv6-fix-out-of-bound-writes-in-__ip6_append_data.patch
vendored
Normal file
|
@ -0,0 +1,62 @@
|
|||
From: Eric Dumazet <edumazet@google.com>
|
||||
Date: Fri, 19 May 2017 14:17:48 -0700
|
||||
Subject: ipv6: fix out of bound writes in __ip6_append_data()
|
||||
Origin: https://git.kernel.org/linus/232cd35d0804cc241eb887bb8d4d9b3b9881c64a
|
||||
Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2017-9242
|
||||
|
||||
Andrey Konovalov and idaifish@gmail.com reported crashes caused by
|
||||
one skb shared_info being overwritten from __ip6_append_data()
|
||||
|
||||
Andrey program lead to following state :
|
||||
|
||||
copy -4200 datalen 2000 fraglen 2040
|
||||
maxfraglen 2040 alloclen 2048 transhdrlen 0 offset 0 fraggap 6200
|
||||
|
||||
The skb_copy_and_csum_bits(skb_prev, maxfraglen, data + transhdrlen,
|
||||
fraggap, 0); is overwriting skb->head and skb_shared_info
|
||||
|
||||
Since we apparently detect this rare condition too late, move the
|
||||
code earlier to even avoid allocating skb and risking crashes.
|
||||
|
||||
Once again, many thanks to Andrey and syzkaller team.
|
||||
|
||||
Signed-off-by: Eric Dumazet <edumazet@google.com>
|
||||
Reported-by: Andrey Konovalov <andreyknvl@google.com>
|
||||
Tested-by: Andrey Konovalov <andreyknvl@google.com>
|
||||
Reported-by: <idaifish@gmail.com>
|
||||
Signed-off-by: David S. Miller <davem@davemloft.net>
|
||||
---
|
||||
net/ipv6/ip6_output.c | 15 ++++++++-------
|
||||
1 file changed, 8 insertions(+), 7 deletions(-)
|
||||
|
||||
--- a/net/ipv6/ip6_output.c
|
||||
+++ b/net/ipv6/ip6_output.c
|
||||
@@ -1448,6 +1448,11 @@ alloc_new_skb:
|
||||
*/
|
||||
alloclen += sizeof(struct frag_hdr);
|
||||
|
||||
+ copy = datalen - transhdrlen - fraggap;
|
||||
+ if (copy < 0) {
|
||||
+ err = -EINVAL;
|
||||
+ goto error;
|
||||
+ }
|
||||
if (transhdrlen) {
|
||||
skb = sock_alloc_send_skb(sk,
|
||||
alloclen + hh_len,
|
||||
@@ -1497,13 +1502,9 @@ alloc_new_skb:
|
||||
data += fraggap;
|
||||
pskb_trim_unique(skb_prev, maxfraglen);
|
||||
}
|
||||
- copy = datalen - transhdrlen - fraggap;
|
||||
-
|
||||
- if (copy < 0) {
|
||||
- err = -EINVAL;
|
||||
- kfree_skb(skb);
|
||||
- goto error;
|
||||
- } else if (copy > 0 && getfrag(from, data + transhdrlen, offset, copy, fraggap, skb) < 0) {
|
||||
+ if (copy > 0 &&
|
||||
+ getfrag(from, data + transhdrlen, offset,
|
||||
+ copy, fraggap, skb) < 0) {
|
||||
err = -EFAULT;
|
||||
kfree_skb(skb);
|
||||
goto error;
|
221
debian/patches/bugfix/all/ipv6-prevent-overrun-when-parsing-v6-header-options.patch
vendored
Normal file
221
debian/patches/bugfix/all/ipv6-prevent-overrun-when-parsing-v6-header-options.patch
vendored
Normal file
|
@ -0,0 +1,221 @@
|
|||
From: Craig Gallek <kraig@google.com>
|
||||
Date: Tue, 16 May 2017 14:36:23 -0400
|
||||
Subject: ipv6: Prevent overrun when parsing v6 header options
|
||||
Origin: https://git.kernel.org/linus/2423496af35d94a87156b063ea5cedffc10a70a1
|
||||
Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2017-9074
|
||||
|
||||
The KASAN warning repoted below was discovered with a syzkaller
|
||||
program. The reproducer is basically:
|
||||
int s = socket(AF_INET6, SOCK_RAW, NEXTHDR_HOP);
|
||||
send(s, &one_byte_of_data, 1, MSG_MORE);
|
||||
send(s, &more_than_mtu_bytes_data, 2000, 0);
|
||||
|
||||
The socket() call sets the nexthdr field of the v6 header to
|
||||
NEXTHDR_HOP, the first send call primes the payload with a non zero
|
||||
byte of data, and the second send call triggers the fragmentation path.
|
||||
|
||||
The fragmentation code tries to parse the header options in order
|
||||
to figure out where to insert the fragment option. Since nexthdr points
|
||||
to an invalid option, the calculation of the size of the network header
|
||||
can made to be much larger than the linear section of the skb and data
|
||||
is read outside of it.
|
||||
|
||||
This fix makes ip6_find_1stfrag return an error if it detects
|
||||
running out-of-bounds.
|
||||
|
||||
[ 42.361487] ==================================================================
|
||||
[ 42.364412] BUG: KASAN: slab-out-of-bounds in ip6_fragment+0x11c8/0x3730
|
||||
[ 42.365471] Read of size 840 at addr ffff88000969e798 by task ip6_fragment-oo/3789
|
||||
[ 42.366469]
|
||||
[ 42.366696] CPU: 1 PID: 3789 Comm: ip6_fragment-oo Not tainted 4.11.0+ #41
|
||||
[ 42.367628] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.10.1-1ubuntu1 04/01/2014
|
||||
[ 42.368824] Call Trace:
|
||||
[ 42.369183] dump_stack+0xb3/0x10b
|
||||
[ 42.369664] print_address_description+0x73/0x290
|
||||
[ 42.370325] kasan_report+0x252/0x370
|
||||
[ 42.370839] ? ip6_fragment+0x11c8/0x3730
|
||||
[ 42.371396] check_memory_region+0x13c/0x1a0
|
||||
[ 42.371978] memcpy+0x23/0x50
|
||||
[ 42.372395] ip6_fragment+0x11c8/0x3730
|
||||
[ 42.372920] ? nf_ct_expect_unregister_notifier+0x110/0x110
|
||||
[ 42.373681] ? ip6_copy_metadata+0x7f0/0x7f0
|
||||
[ 42.374263] ? ip6_forward+0x2e30/0x2e30
|
||||
[ 42.374803] ip6_finish_output+0x584/0x990
|
||||
[ 42.375350] ip6_output+0x1b7/0x690
|
||||
[ 42.375836] ? ip6_finish_output+0x990/0x990
|
||||
[ 42.376411] ? ip6_fragment+0x3730/0x3730
|
||||
[ 42.376968] ip6_local_out+0x95/0x160
|
||||
[ 42.377471] ip6_send_skb+0xa1/0x330
|
||||
[ 42.377969] ip6_push_pending_frames+0xb3/0xe0
|
||||
[ 42.378589] rawv6_sendmsg+0x2051/0x2db0
|
||||
[ 42.379129] ? rawv6_bind+0x8b0/0x8b0
|
||||
[ 42.379633] ? _copy_from_user+0x84/0xe0
|
||||
[ 42.380193] ? debug_check_no_locks_freed+0x290/0x290
|
||||
[ 42.380878] ? ___sys_sendmsg+0x162/0x930
|
||||
[ 42.381427] ? rcu_read_lock_sched_held+0xa3/0x120
|
||||
[ 42.382074] ? sock_has_perm+0x1f6/0x290
|
||||
[ 42.382614] ? ___sys_sendmsg+0x167/0x930
|
||||
[ 42.383173] ? lock_downgrade+0x660/0x660
|
||||
[ 42.383727] inet_sendmsg+0x123/0x500
|
||||
[ 42.384226] ? inet_sendmsg+0x123/0x500
|
||||
[ 42.384748] ? inet_recvmsg+0x540/0x540
|
||||
[ 42.385263] sock_sendmsg+0xca/0x110
|
||||
[ 42.385758] SYSC_sendto+0x217/0x380
|
||||
[ 42.386249] ? SYSC_connect+0x310/0x310
|
||||
[ 42.386783] ? __might_fault+0x110/0x1d0
|
||||
[ 42.387324] ? lock_downgrade+0x660/0x660
|
||||
[ 42.387880] ? __fget_light+0xa1/0x1f0
|
||||
[ 42.388403] ? __fdget+0x18/0x20
|
||||
[ 42.388851] ? sock_common_setsockopt+0x95/0xd0
|
||||
[ 42.389472] ? SyS_setsockopt+0x17f/0x260
|
||||
[ 42.390021] ? entry_SYSCALL_64_fastpath+0x5/0xbe
|
||||
[ 42.390650] SyS_sendto+0x40/0x50
|
||||
[ 42.391103] entry_SYSCALL_64_fastpath+0x1f/0xbe
|
||||
[ 42.391731] RIP: 0033:0x7fbbb711e383
|
||||
[ 42.392217] RSP: 002b:00007ffff4d34f28 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
|
||||
[ 42.393235] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fbbb711e383
|
||||
[ 42.394195] RDX: 0000000000001000 RSI: 00007ffff4d34f60 RDI: 0000000000000003
|
||||
[ 42.395145] RBP: 0000000000000046 R08: 00007ffff4d34f40 R09: 0000000000000018
|
||||
[ 42.396056] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000400aad
|
||||
[ 42.396598] R13: 0000000000000066 R14: 00007ffff4d34ee0 R15: 00007fbbb717af00
|
||||
[ 42.397257]
|
||||
[ 42.397411] Allocated by task 3789:
|
||||
[ 42.397702] save_stack_trace+0x16/0x20
|
||||
[ 42.398005] save_stack+0x46/0xd0
|
||||
[ 42.398267] kasan_kmalloc+0xad/0xe0
|
||||
[ 42.398548] kasan_slab_alloc+0x12/0x20
|
||||
[ 42.398848] __kmalloc_node_track_caller+0xcb/0x380
|
||||
[ 42.399224] __kmalloc_reserve.isra.32+0x41/0xe0
|
||||
[ 42.399654] __alloc_skb+0xf8/0x580
|
||||
[ 42.400003] sock_wmalloc+0xab/0xf0
|
||||
[ 42.400346] __ip6_append_data.isra.41+0x2472/0x33d0
|
||||
[ 42.400813] ip6_append_data+0x1a8/0x2f0
|
||||
[ 42.401122] rawv6_sendmsg+0x11ee/0x2db0
|
||||
[ 42.401505] inet_sendmsg+0x123/0x500
|
||||
[ 42.401860] sock_sendmsg+0xca/0x110
|
||||
[ 42.402209] ___sys_sendmsg+0x7cb/0x930
|
||||
[ 42.402582] __sys_sendmsg+0xd9/0x190
|
||||
[ 42.402941] SyS_sendmsg+0x2d/0x50
|
||||
[ 42.403273] entry_SYSCALL_64_fastpath+0x1f/0xbe
|
||||
[ 42.403718]
|
||||
[ 42.403871] Freed by task 1794:
|
||||
[ 42.404146] save_stack_trace+0x16/0x20
|
||||
[ 42.404515] save_stack+0x46/0xd0
|
||||
[ 42.404827] kasan_slab_free+0x72/0xc0
|
||||
[ 42.405167] kfree+0xe8/0x2b0
|
||||
[ 42.405462] skb_free_head+0x74/0xb0
|
||||
[ 42.405806] skb_release_data+0x30e/0x3a0
|
||||
[ 42.406198] skb_release_all+0x4a/0x60
|
||||
[ 42.406563] consume_skb+0x113/0x2e0
|
||||
[ 42.406910] skb_free_datagram+0x1a/0xe0
|
||||
[ 42.407288] netlink_recvmsg+0x60d/0xe40
|
||||
[ 42.407667] sock_recvmsg+0xd7/0x110
|
||||
[ 42.408022] ___sys_recvmsg+0x25c/0x580
|
||||
[ 42.408395] __sys_recvmsg+0xd6/0x190
|
||||
[ 42.408753] SyS_recvmsg+0x2d/0x50
|
||||
[ 42.409086] entry_SYSCALL_64_fastpath+0x1f/0xbe
|
||||
[ 42.409513]
|
||||
[ 42.409665] The buggy address belongs to the object at ffff88000969e780
|
||||
[ 42.409665] which belongs to the cache kmalloc-512 of size 512
|
||||
[ 42.410846] The buggy address is located 24 bytes inside of
|
||||
[ 42.410846] 512-byte region [ffff88000969e780, ffff88000969e980)
|
||||
[ 42.411941] The buggy address belongs to the page:
|
||||
[ 42.412405] page:ffffea000025a780 count:1 mapcount:0 mapping: (null) index:0x0 compound_mapcount: 0
|
||||
[ 42.413298] flags: 0x100000000008100(slab|head)
|
||||
[ 42.413729] raw: 0100000000008100 0000000000000000 0000000000000000 00000001800c000c
|
||||
[ 42.414387] raw: ffffea00002a9500 0000000900000007 ffff88000c401280 0000000000000000
|
||||
[ 42.415074] page dumped because: kasan: bad access detected
|
||||
[ 42.415604]
|
||||
[ 42.415757] Memory state around the buggy address:
|
||||
[ 42.416222] ffff88000969e880: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
|
||||
[ 42.416904] ffff88000969e900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
|
||||
[ 42.417591] >ffff88000969e980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
|
||||
[ 42.418273] ^
|
||||
[ 42.418588] ffff88000969ea00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
|
||||
[ 42.419273] ffff88000969ea80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
|
||||
[ 42.419882] ==================================================================
|
||||
|
||||
Reported-by: Andrey Konovalov <andreyknvl@google.com>
|
||||
Signed-off-by: Craig Gallek <kraig@google.com>
|
||||
Signed-off-by: David S. Miller <davem@davemloft.net>
|
||||
---
|
||||
net/ipv6/ip6_offload.c | 2 ++
|
||||
net/ipv6/ip6_output.c | 4 ++++
|
||||
net/ipv6/output_core.c | 14 ++++++++------
|
||||
net/ipv6/udp_offload.c | 2 ++
|
||||
4 files changed, 16 insertions(+), 6 deletions(-)
|
||||
|
||||
--- a/net/ipv6/ip6_offload.c
|
||||
+++ b/net/ipv6/ip6_offload.c
|
||||
@@ -117,6 +117,8 @@ static struct sk_buff *ipv6_gso_segment(
|
||||
|
||||
if (udpfrag) {
|
||||
unfrag_ip6hlen = ip6_find_1stfragopt(skb, &prevhdr);
|
||||
+ if (unfrag_ip6hlen < 0)
|
||||
+ return ERR_PTR(unfrag_ip6hlen);
|
||||
fptr = (struct frag_hdr *)((u8 *)ipv6h + unfrag_ip6hlen);
|
||||
fptr->frag_off = htons(offset);
|
||||
if (skb->next)
|
||||
--- a/net/ipv6/ip6_output.c
|
||||
+++ b/net/ipv6/ip6_output.c
|
||||
@@ -587,6 +587,10 @@ int ip6_fragment(struct net *net, struct
|
||||
u8 *prevhdr, nexthdr = 0;
|
||||
|
||||
hlen = ip6_find_1stfragopt(skb, &prevhdr);
|
||||
+ if (hlen < 0) {
|
||||
+ err = hlen;
|
||||
+ goto fail;
|
||||
+ }
|
||||
nexthdr = *prevhdr;
|
||||
|
||||
mtu = ip6_skb_dst_mtu(skb);
|
||||
--- a/net/ipv6/output_core.c
|
||||
+++ b/net/ipv6/output_core.c
|
||||
@@ -79,14 +79,13 @@ EXPORT_SYMBOL(ipv6_select_ident);
|
||||
int ip6_find_1stfragopt(struct sk_buff *skb, u8 **nexthdr)
|
||||
{
|
||||
u16 offset = sizeof(struct ipv6hdr);
|
||||
- struct ipv6_opt_hdr *exthdr =
|
||||
- (struct ipv6_opt_hdr *)(ipv6_hdr(skb) + 1);
|
||||
unsigned int packet_len = skb_tail_pointer(skb) -
|
||||
skb_network_header(skb);
|
||||
int found_rhdr = 0;
|
||||
*nexthdr = &ipv6_hdr(skb)->nexthdr;
|
||||
|
||||
- while (offset + 1 <= packet_len) {
|
||||
+ while (offset <= packet_len) {
|
||||
+ struct ipv6_opt_hdr *exthdr;
|
||||
|
||||
switch (**nexthdr) {
|
||||
|
||||
@@ -107,13 +106,16 @@ int ip6_find_1stfragopt(struct sk_buff *
|
||||
return offset;
|
||||
}
|
||||
|
||||
- offset += ipv6_optlen(exthdr);
|
||||
- *nexthdr = &exthdr->nexthdr;
|
||||
+ if (offset + sizeof(struct ipv6_opt_hdr) > packet_len)
|
||||
+ return -EINVAL;
|
||||
+
|
||||
exthdr = (struct ipv6_opt_hdr *)(skb_network_header(skb) +
|
||||
offset);
|
||||
+ offset += ipv6_optlen(exthdr);
|
||||
+ *nexthdr = &exthdr->nexthdr;
|
||||
}
|
||||
|
||||
- return offset;
|
||||
+ return -EINVAL;
|
||||
}
|
||||
EXPORT_SYMBOL(ip6_find_1stfragopt);
|
||||
|
||||
--- a/net/ipv6/udp_offload.c
|
||||
+++ b/net/ipv6/udp_offload.c
|
||||
@@ -91,6 +91,8 @@ static struct sk_buff *udp6_ufo_fragment
|
||||
* bytes to insert fragment header.
|
||||
*/
|
||||
unfrag_ip6hlen = ip6_find_1stfragopt(skb, &prevhdr);
|
||||
+ if (unfrag_ip6hlen < 0)
|
||||
+ return ERR_PTR(unfrag_ip6hlen);
|
||||
nexthdr = *prevhdr;
|
||||
*prevhdr = NEXTHDR_FRAGMENT;
|
||||
unfrag_len = (skb_network_header(skb) - skb_mac_header(skb)) +
|
|
@ -0,0 +1,147 @@
|
|||
From: Trond Myklebust <trond.myklebust@primarydata.com>
|
||||
Date: Wed, 26 Apr 2017 11:55:27 -0400
|
||||
Subject: [2/2] NFSv4: Fix callback server shutdown
|
||||
Origin: https://git.kernel.org/linus/ed6473ddc704a2005b9900ca08e236ebb2d8540a
|
||||
Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2017-9059
|
||||
|
||||
We want to use kthread_stop() in order to ensure the threads are
|
||||
shut down before we tear down the nfs_callback_info in nfs_callback_down.
|
||||
|
||||
Tested-and-reviewed-by: Kinglong Mee <kinglongmee@gmail.com>
|
||||
Reported-by: Kinglong Mee <kinglongmee@gmail.com>
|
||||
Fixes: bb6aeba736ba9 ("NFSv4.x: Switch to using svc_set_num_threads()...")
|
||||
Signed-off-by: Trond Myklebust <trond.myklebust@primarydata.com>
|
||||
Signed-off-by: J. Bruce Fields <bfields@redhat.com>
|
||||
---
|
||||
fs/nfs/callback.c | 24 ++++++++++++++++--------
|
||||
include/linux/sunrpc/svc.h | 1 +
|
||||
net/sunrpc/svc.c | 38 ++++++++++++++++++++++++++++++++++++++
|
||||
3 files changed, 55 insertions(+), 8 deletions(-)
|
||||
|
||||
--- a/fs/nfs/callback.c
|
||||
+++ b/fs/nfs/callback.c
|
||||
@@ -75,7 +75,10 @@ nfs4_callback_svc(void *vrqstp)
|
||||
|
||||
set_freezable();
|
||||
|
||||
- while (!kthread_should_stop()) {
|
||||
+ while (!kthread_freezable_should_stop(NULL)) {
|
||||
+
|
||||
+ if (signal_pending(current))
|
||||
+ flush_signals(current);
|
||||
/*
|
||||
* Listen for a request on the socket
|
||||
*/
|
||||
@@ -84,6 +87,8 @@ nfs4_callback_svc(void *vrqstp)
|
||||
continue;
|
||||
svc_process(rqstp);
|
||||
}
|
||||
+ svc_exit_thread(rqstp);
|
||||
+ module_put_and_exit(0);
|
||||
return 0;
|
||||
}
|
||||
|
||||
@@ -102,9 +107,10 @@ nfs41_callback_svc(void *vrqstp)
|
||||
|
||||
set_freezable();
|
||||
|
||||
- while (!kthread_should_stop()) {
|
||||
- if (try_to_freeze())
|
||||
- continue;
|
||||
+ while (!kthread_freezable_should_stop(NULL)) {
|
||||
+
|
||||
+ if (signal_pending(current))
|
||||
+ flush_signals(current);
|
||||
|
||||
prepare_to_wait(&serv->sv_cb_waitq, &wq, TASK_INTERRUPTIBLE);
|
||||
spin_lock_bh(&serv->sv_cb_lock);
|
||||
@@ -120,11 +126,13 @@ nfs41_callback_svc(void *vrqstp)
|
||||
error);
|
||||
} else {
|
||||
spin_unlock_bh(&serv->sv_cb_lock);
|
||||
- schedule();
|
||||
+ if (!kthread_should_stop())
|
||||
+ schedule();
|
||||
finish_wait(&serv->sv_cb_waitq, &wq);
|
||||
}
|
||||
- flush_signals(current);
|
||||
}
|
||||
+ svc_exit_thread(rqstp);
|
||||
+ module_put_and_exit(0);
|
||||
return 0;
|
||||
}
|
||||
|
||||
@@ -220,14 +228,14 @@ err_bind:
|
||||
static struct svc_serv_ops nfs40_cb_sv_ops = {
|
||||
.svo_function = nfs4_callback_svc,
|
||||
.svo_enqueue_xprt = svc_xprt_do_enqueue,
|
||||
- .svo_setup = svc_set_num_threads,
|
||||
+ .svo_setup = svc_set_num_threads_sync,
|
||||
.svo_module = THIS_MODULE,
|
||||
};
|
||||
#if defined(CONFIG_NFS_V4_1)
|
||||
static struct svc_serv_ops nfs41_cb_sv_ops = {
|
||||
.svo_function = nfs41_callback_svc,
|
||||
.svo_enqueue_xprt = svc_xprt_do_enqueue,
|
||||
- .svo_setup = svc_set_num_threads,
|
||||
+ .svo_setup = svc_set_num_threads_sync,
|
||||
.svo_module = THIS_MODULE,
|
||||
};
|
||||
|
||||
--- a/include/linux/sunrpc/svc.h
|
||||
+++ b/include/linux/sunrpc/svc.h
|
||||
@@ -470,6 +470,7 @@ void svc_pool_map_put(void);
|
||||
struct svc_serv * svc_create_pooled(struct svc_program *, unsigned int,
|
||||
struct svc_serv_ops *);
|
||||
int svc_set_num_threads(struct svc_serv *, struct svc_pool *, int);
|
||||
+int svc_set_num_threads_sync(struct svc_serv *, struct svc_pool *, int);
|
||||
int svc_pool_stats_open(struct svc_serv *serv, struct file *file);
|
||||
void svc_destroy(struct svc_serv *);
|
||||
void svc_shutdown_net(struct svc_serv *, struct net *);
|
||||
--- a/net/sunrpc/svc.c
|
||||
+++ b/net/sunrpc/svc.c
|
||||
@@ -795,6 +795,44 @@ svc_set_num_threads(struct svc_serv *ser
|
||||
}
|
||||
EXPORT_SYMBOL_GPL(svc_set_num_threads);
|
||||
|
||||
+/* destroy old threads */
|
||||
+static int
|
||||
+svc_stop_kthreads(struct svc_serv *serv, struct svc_pool *pool, int nrservs)
|
||||
+{
|
||||
+ struct task_struct *task;
|
||||
+ unsigned int state = serv->sv_nrthreads-1;
|
||||
+
|
||||
+ /* destroy old threads */
|
||||
+ do {
|
||||
+ task = choose_victim(serv, pool, &state);
|
||||
+ if (task == NULL)
|
||||
+ break;
|
||||
+ kthread_stop(task);
|
||||
+ nrservs++;
|
||||
+ } while (nrservs < 0);
|
||||
+ return 0;
|
||||
+}
|
||||
+
|
||||
+int
|
||||
+svc_set_num_threads_sync(struct svc_serv *serv, struct svc_pool *pool, int nrservs)
|
||||
+{
|
||||
+ if (pool == NULL) {
|
||||
+ /* The -1 assumes caller has done a svc_get() */
|
||||
+ nrservs -= (serv->sv_nrthreads-1);
|
||||
+ } else {
|
||||
+ spin_lock_bh(&pool->sp_lock);
|
||||
+ nrservs -= pool->sp_nrthreads;
|
||||
+ spin_unlock_bh(&pool->sp_lock);
|
||||
+ }
|
||||
+
|
||||
+ if (nrservs > 0)
|
||||
+ return svc_start_kthreads(serv, pool, nrservs);
|
||||
+ if (nrservs < 0)
|
||||
+ return svc_stop_kthreads(serv, pool, nrservs);
|
||||
+ return 0;
|
||||
+}
|
||||
+EXPORT_SYMBOL_GPL(svc_set_num_threads_sync);
|
||||
+
|
||||
/*
|
||||
* Called from a server thread as it's exiting. Caller must hold the "service
|
||||
* mutex" for the service.
|
29
debian/patches/bugfix/all/sctp-do-not-inherit-ipv6_-mc-ac-fl-_list-from-parent.patch
vendored
Normal file
29
debian/patches/bugfix/all/sctp-do-not-inherit-ipv6_-mc-ac-fl-_list-from-parent.patch
vendored
Normal file
|
@ -0,0 +1,29 @@
|
|||
From: Eric Dumazet <edumazet@google.com>
|
||||
Date: Wed, 17 May 2017 07:16:40 -0700
|
||||
Subject: sctp: do not inherit ipv6_{mc|ac|fl}_list from parent
|
||||
Origin: https://git.kernel.org/linus/fdcee2cbb8438702ea1b328fb6e0ac5e9a40c7f8
|
||||
Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2017-9075
|
||||
|
||||
SCTP needs fixes similar to 83eaddab4378 ("ipv6/dccp: do not inherit
|
||||
ipv6_mc_list from parent"), otherwise bad things can happen.
|
||||
|
||||
Signed-off-by: Eric Dumazet <edumazet@google.com>
|
||||
Reported-by: Andrey Konovalov <andreyknvl@google.com>
|
||||
Tested-by: Andrey Konovalov <andreyknvl@google.com>
|
||||
Signed-off-by: David S. Miller <davem@davemloft.net>
|
||||
---
|
||||
net/sctp/ipv6.c | 3 +++
|
||||
1 file changed, 3 insertions(+)
|
||||
|
||||
--- a/net/sctp/ipv6.c
|
||||
+++ b/net/sctp/ipv6.c
|
||||
@@ -666,6 +666,9 @@ static struct sock *sctp_v6_create_accep
|
||||
newnp = inet6_sk(newsk);
|
||||
|
||||
memcpy(newnp, np, sizeof(struct ipv6_pinfo));
|
||||
+ newnp->ipv6_mc_list = NULL;
|
||||
+ newnp->ipv6_ac_list = NULL;
|
||||
+ newnp->ipv6_fl_list = NULL;
|
||||
|
||||
rcu_read_lock();
|
||||
opt = rcu_dereference(np->opt);
|
|
@ -0,0 +1,154 @@
|
|||
From: Trond Myklebust <trond.myklebust@primarydata.com>
|
||||
Date: Wed, 26 Apr 2017 11:55:26 -0400
|
||||
Subject: [1/2] SUNRPC: Refactor svc_set_num_threads()
|
||||
Origin: https://git.kernel.org/linus/9e0d87680d689f1758185851c3da6eafb16e71e1
|
||||
Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2017-9059
|
||||
|
||||
Refactor to separate out the functions of starting and stopping threads
|
||||
so that they can be used in other helpers.
|
||||
|
||||
Signed-off-by: Trond Myklebust <trond.myklebust@primarydata.com>
|
||||
Tested-and-reviewed-by: Kinglong Mee <kinglongmee@gmail.com>
|
||||
Signed-off-by: J. Bruce Fields <bfields@redhat.com>
|
||||
---
|
||||
net/sunrpc/svc.c | 96 ++++++++++++++++++++++++++++++++++----------------------
|
||||
1 file changed, 58 insertions(+), 38 deletions(-)
|
||||
|
||||
diff --git a/net/sunrpc/svc.c b/net/sunrpc/svc.c
|
||||
index a08aeb56b8e4..98dc33ae738b 100644
|
||||
--- a/net/sunrpc/svc.c
|
||||
+++ b/net/sunrpc/svc.c
|
||||
@@ -702,59 +702,32 @@ choose_victim(struct svc_serv *serv, struct svc_pool *pool, unsigned int *state)
|
||||
return task;
|
||||
}
|
||||
|
||||
-/*
|
||||
- * Create or destroy enough new threads to make the number
|
||||
- * of threads the given number. If `pool' is non-NULL, applies
|
||||
- * only to threads in that pool, otherwise round-robins between
|
||||
- * all pools. Caller must ensure that mutual exclusion between this and
|
||||
- * server startup or shutdown.
|
||||
- *
|
||||
- * Destroying threads relies on the service threads filling in
|
||||
- * rqstp->rq_task, which only the nfs ones do. Assumes the serv
|
||||
- * has been created using svc_create_pooled().
|
||||
- *
|
||||
- * Based on code that used to be in nfsd_svc() but tweaked
|
||||
- * to be pool-aware.
|
||||
- */
|
||||
-int
|
||||
-svc_set_num_threads(struct svc_serv *serv, struct svc_pool *pool, int nrservs)
|
||||
+/* create new threads */
|
||||
+static int
|
||||
+svc_start_kthreads(struct svc_serv *serv, struct svc_pool *pool, int nrservs)
|
||||
{
|
||||
struct svc_rqst *rqstp;
|
||||
struct task_struct *task;
|
||||
struct svc_pool *chosen_pool;
|
||||
- int error = 0;
|
||||
unsigned int state = serv->sv_nrthreads-1;
|
||||
int node;
|
||||
|
||||
- if (pool == NULL) {
|
||||
- /* The -1 assumes caller has done a svc_get() */
|
||||
- nrservs -= (serv->sv_nrthreads-1);
|
||||
- } else {
|
||||
- spin_lock_bh(&pool->sp_lock);
|
||||
- nrservs -= pool->sp_nrthreads;
|
||||
- spin_unlock_bh(&pool->sp_lock);
|
||||
- }
|
||||
-
|
||||
- /* create new threads */
|
||||
- while (nrservs > 0) {
|
||||
+ do {
|
||||
nrservs--;
|
||||
chosen_pool = choose_pool(serv, pool, &state);
|
||||
|
||||
node = svc_pool_map_get_node(chosen_pool->sp_id);
|
||||
rqstp = svc_prepare_thread(serv, chosen_pool, node);
|
||||
- if (IS_ERR(rqstp)) {
|
||||
- error = PTR_ERR(rqstp);
|
||||
- break;
|
||||
- }
|
||||
+ if (IS_ERR(rqstp))
|
||||
+ return PTR_ERR(rqstp);
|
||||
|
||||
__module_get(serv->sv_ops->svo_module);
|
||||
task = kthread_create_on_node(serv->sv_ops->svo_function, rqstp,
|
||||
node, "%s", serv->sv_name);
|
||||
if (IS_ERR(task)) {
|
||||
- error = PTR_ERR(task);
|
||||
module_put(serv->sv_ops->svo_module);
|
||||
svc_exit_thread(rqstp);
|
||||
- break;
|
||||
+ return PTR_ERR(task);
|
||||
}
|
||||
|
||||
rqstp->rq_task = task;
|
||||
@@ -763,15 +736,62 @@ svc_set_num_threads(struct svc_serv *serv, struct svc_pool *pool, int nrservs)
|
||||
|
||||
svc_sock_update_bufs(serv);
|
||||
wake_up_process(task);
|
||||
- }
|
||||
+ } while (nrservs > 0);
|
||||
+
|
||||
+ return 0;
|
||||
+}
|
||||
+
|
||||
+
|
||||
+/* destroy old threads */
|
||||
+static int
|
||||
+svc_signal_kthreads(struct svc_serv *serv, struct svc_pool *pool, int nrservs)
|
||||
+{
|
||||
+ struct task_struct *task;
|
||||
+ unsigned int state = serv->sv_nrthreads-1;
|
||||
+
|
||||
/* destroy old threads */
|
||||
- while (nrservs < 0 &&
|
||||
- (task = choose_victim(serv, pool, &state)) != NULL) {
|
||||
+ do {
|
||||
+ task = choose_victim(serv, pool, &state);
|
||||
+ if (task == NULL)
|
||||
+ break;
|
||||
send_sig(SIGINT, task, 1);
|
||||
nrservs++;
|
||||
+ } while (nrservs < 0);
|
||||
+
|
||||
+ return 0;
|
||||
+}
|
||||
+
|
||||
+/*
|
||||
+ * Create or destroy enough new threads to make the number
|
||||
+ * of threads the given number. If `pool' is non-NULL, applies
|
||||
+ * only to threads in that pool, otherwise round-robins between
|
||||
+ * all pools. Caller must ensure that mutual exclusion between this and
|
||||
+ * server startup or shutdown.
|
||||
+ *
|
||||
+ * Destroying threads relies on the service threads filling in
|
||||
+ * rqstp->rq_task, which only the nfs ones do. Assumes the serv
|
||||
+ * has been created using svc_create_pooled().
|
||||
+ *
|
||||
+ * Based on code that used to be in nfsd_svc() but tweaked
|
||||
+ * to be pool-aware.
|
||||
+ */
|
||||
+int
|
||||
+svc_set_num_threads(struct svc_serv *serv, struct svc_pool *pool, int nrservs)
|
||||
+{
|
||||
+ if (pool == NULL) {
|
||||
+ /* The -1 assumes caller has done a svc_get() */
|
||||
+ nrservs -= (serv->sv_nrthreads-1);
|
||||
+ } else {
|
||||
+ spin_lock_bh(&pool->sp_lock);
|
||||
+ nrservs -= pool->sp_nrthreads;
|
||||
+ spin_unlock_bh(&pool->sp_lock);
|
||||
}
|
||||
|
||||
- return error;
|
||||
+ if (nrservs > 0)
|
||||
+ return svc_start_kthreads(serv, pool, nrservs);
|
||||
+ if (nrservs < 0)
|
||||
+ return svc_signal_kthreads(serv, pool, nrservs);
|
||||
+ return 0;
|
||||
}
|
||||
EXPORT_SYMBOL_GPL(svc_set_num_threads);
|
||||
|
34
debian/patches/bugfix/all/tracing-Use-strlcpy-instead-of-strcpy-in-__trace_fin.patch
vendored
Normal file
34
debian/patches/bugfix/all/tracing-Use-strlcpy-instead-of-strcpy-in-__trace_fin.patch
vendored
Normal file
|
@ -0,0 +1,34 @@
|
|||
From: Amey Telawane <ameyt@codeaurora.org>
|
||||
Date: Wed, 3 May 2017 15:41:14 +0530
|
||||
Subject: tracing: Use strlcpy() instead of strcpy() in __trace_find_cmdline()
|
||||
Origin: https://git.kernel.org/linus/e09e28671cda63e6308b31798b997639120e2a21
|
||||
Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2017-0605
|
||||
|
||||
Strcpy is inherently not safe, and strlcpy() should be used instead.
|
||||
__trace_find_cmdline() uses strcpy() because the comms saved must have a
|
||||
terminating nul character, but it doesn't hurt to add the extra protection
|
||||
of using strlcpy() instead of strcpy().
|
||||
|
||||
Link: http://lkml.kernel.org/r/1493806274-13936-1-git-send-email-amit.pundir@linaro.org
|
||||
|
||||
Signed-off-by: Amey Telawane <ameyt@codeaurora.org>
|
||||
[AmitP: Cherry-picked this commit from CodeAurora kernel/msm-3.10
|
||||
https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=2161ae9a70b12cf18ac8e5952a20161ffbccb477]
|
||||
Signed-off-by: Amit Pundir <amit.pundir@linaro.org>
|
||||
[ Updated change log and removed the "- 1" from len parameter ]
|
||||
Signed-off-by: Steven Rostedt (VMware) <rostedt@goodmis.org>
|
||||
---
|
||||
kernel/trace/trace.c | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
--- a/kernel/trace/trace.c
|
||||
+++ b/kernel/trace/trace.c
|
||||
@@ -1862,7 +1862,7 @@ static void __trace_find_cmdline(int pid
|
||||
|
||||
map = savedcmd->map_pid_to_cmdline[pid];
|
||||
if (map != NO_CMDLINE_MAP)
|
||||
- strcpy(comm, get_saved_cmdlines(map));
|
||||
+ strlcpy(comm, get_saved_cmdlines(map), TASK_COMM_LEN);
|
||||
else
|
||||
strcpy(comm, "<...>");
|
||||
}
|
35
debian/patches/debian/btrfs-warn-about-raid5-6-being-experimental-at-mount.patch
vendored
Normal file
35
debian/patches/debian/btrfs-warn-about-raid5-6-being-experimental-at-mount.patch
vendored
Normal file
|
@ -0,0 +1,35 @@
|
|||
From: Adam Borowski <kilobyte@angband.pl>
|
||||
Date: Tue, 28 Mar 2017 16:55:05 +0200
|
||||
Subject: btrfs: warn about RAID5/6 being experimental at mount time
|
||||
Bug-Debian: https://bugs.debian.org/863290
|
||||
Origin: https://bugs.debian.org/863290#5
|
||||
|
||||
Too many people come complaining about losing their data -- and indeed,
|
||||
there's no warning outside a wiki and the mailing list tribal knowledge.
|
||||
Message severity chosen for consistency with XFS -- "alert" makes dmesg
|
||||
produce nice red background which should get the point across.
|
||||
|
||||
Signed-off-by: Adam Borowski <kilobyte@angband.pl>
|
||||
[bwh: Also add_taint() so this is flagged in bug reports]
|
||||
---
|
||||
fs/btrfs/disk-io.c | 8 ++++++++
|
||||
1 file changed, 8 insertions(+)
|
||||
|
||||
--- a/fs/btrfs/disk-io.c
|
||||
+++ b/fs/btrfs/disk-io.c
|
||||
@@ -3098,6 +3098,15 @@ retry_root_backup:
|
||||
btrfs_set_opt(fs_info->mount_opt, SSD);
|
||||
}
|
||||
|
||||
+ if ((fs_info->avail_data_alloc_bits |
|
||||
+ fs_info->avail_metadata_alloc_bits |
|
||||
+ fs_info->avail_system_alloc_bits) &
|
||||
+ BTRFS_BLOCK_GROUP_RAID56_MASK) {
|
||||
+ btrfs_alert(fs_info,
|
||||
+ "btrfs RAID5/6 is EXPERIMENTAL and has known data-loss bugs");
|
||||
+ add_taint(TAINT_USER, LOCKDEP_STILL_OK);
|
||||
+ }
|
||||
+
|
||||
/*
|
||||
* Mount does not set all options immediately, we can do it now and do
|
||||
* not have to wait for transaction commit
|
|
@ -9,7 +9,7 @@ are set.
|
|||
|
||||
--- a/Makefile
|
||||
+++ b/Makefile
|
||||
@@ -1024,7 +1024,7 @@ endif
|
||||
@@ -1038,7 +1038,7 @@ endif
|
||||
prepare2: prepare3 prepare-compiler-check outputmakefile asm-generic
|
||||
|
||||
prepare1: prepare2 $(version_h) include/generated/utsrelease.h \
|
||||
|
@ -18,7 +18,7 @@ are set.
|
|||
$(cmd_crmodverdir)
|
||||
|
||||
archprepare: archheaders archscripts prepare1 scripts_basic
|
||||
@@ -1097,6 +1097,16 @@ define filechk_version.h
|
||||
@@ -1099,6 +1099,16 @@ define filechk_version.h
|
||||
echo '#define KERNEL_VERSION(a,b,c) (((a) << 16) + ((b) << 8) + (c))';)
|
||||
endef
|
||||
|
||||
|
@ -35,7 +35,7 @@ are set.
|
|||
$(version_h): $(srctree)/Makefile FORCE
|
||||
$(call filechk,version.h)
|
||||
$(Q)rm -f $(old_version_h)
|
||||
@@ -1104,6 +1114,9 @@ $(version_h): $(srctree)/Makefile FORCE
|
||||
@@ -1106,6 +1116,9 @@ $(version_h): $(srctree)/Makefile FORCE
|
||||
include/generated/utsrelease.h: include/config/kernel.release FORCE
|
||||
$(call filechk,utsrelease.h)
|
||||
|
||||
|
@ -47,7 +47,7 @@ are set.
|
|||
$(Q)find $(srctree)/include/ -name '*.h' | xargs --max-args 1 \
|
||||
--- a/arch/x86/um/sysrq_64.c
|
||||
+++ b/arch/x86/um/sysrq_64.c
|
||||
@@ -8,6 +8,7 @@
|
||||
@@ -9,6 +9,7 @@
|
||||
#include <linux/sched.h>
|
||||
#include <linux/sched/debug.h>
|
||||
#include <linux/utsname.h>
|
||||
|
@ -55,7 +55,7 @@ are set.
|
|||
#include <asm/current.h>
|
||||
#include <asm/ptrace.h>
|
||||
#include <asm/sysrq.h>
|
||||
@@ -16,8 +17,9 @@ void show_regs(struct pt_regs *regs)
|
||||
@@ -17,8 +18,9 @@ void show_regs(struct pt_regs *regs)
|
||||
{
|
||||
printk("\n");
|
||||
print_modules();
|
||||
|
@ -69,7 +69,7 @@ are set.
|
|||
printk(KERN_INFO "RSP: %016lx EFLAGS: %08lx\n", PT_REGS_SP(regs),
|
||||
--- a/arch/ia64/kernel/process.c
|
||||
+++ b/arch/ia64/kernel/process.c
|
||||
@@ -30,6 +30,7 @@
|
||||
@@ -34,6 +34,7 @@
|
||||
#include <linux/utsname.h>
|
||||
#include <linux/tracehook.h>
|
||||
#include <linux/rcupdate.h>
|
||||
|
@ -77,7 +77,7 @@ are set.
|
|||
|
||||
#include <asm/cpu.h>
|
||||
#include <asm/delay.h>
|
||||
@@ -103,9 +104,9 @@ show_regs (struct pt_regs *regs)
|
||||
@@ -107,9 +108,9 @@ show_regs (struct pt_regs *regs)
|
||||
print_modules();
|
||||
printk("\n");
|
||||
show_regs_print_info(KERN_DEFAULT);
|
||||
|
@ -91,7 +91,7 @@ are set.
|
|||
regs->ar_unat, regs->ar_pfs, regs->ar_rsc);
|
||||
--- a/arch/powerpc/kernel/process.c
|
||||
+++ b/arch/powerpc/kernel/process.c
|
||||
@@ -39,6 +39,7 @@
|
||||
@@ -42,6 +42,7 @@
|
||||
#include <linux/hw_breakpoint.h>
|
||||
#include <linux/uaccess.h>
|
||||
#include <linux/elf-randomize.h>
|
||||
|
@ -99,7 +99,7 @@ are set.
|
|||
|
||||
#include <asm/pgtable.h>
|
||||
#include <asm/io.h>
|
||||
@@ -1328,8 +1329,9 @@ void show_regs(struct pt_regs * regs)
|
||||
@@ -1366,8 +1367,9 @@ void show_regs(struct pt_regs * regs)
|
||||
|
||||
printk("NIP: "REG" LR: "REG" CTR: "REG"\n",
|
||||
regs->nip, regs->link, regs->ctr);
|
||||
|
@ -111,9 +111,33 @@ are set.
|
|||
printk("MSR: "REG" ", regs->msr);
|
||||
print_msr_bits(regs->msr);
|
||||
printk(" CR: %08lx XER: %08lx\n", regs->ccr, regs->xer);
|
||||
--- a/kernel/hung_task.c
|
||||
+++ b/kernel/hung_task.c
|
||||
@@ -20,6 +20,7 @@
|
||||
#include <linux/sched/debug.h>
|
||||
|
||||
#include <trace/events/sched.h>
|
||||
+#include <generated/package.h>
|
||||
|
||||
/*
|
||||
* The number of tasks checked:
|
||||
@@ -113,10 +114,11 @@ static void check_hung_task(struct task_
|
||||
sysctl_hung_task_warnings--;
|
||||
pr_err("INFO: task %s:%d blocked for more than %ld seconds.\n",
|
||||
t->comm, t->pid, timeout);
|
||||
- pr_err(" %s %s %.*s\n",
|
||||
+ pr_err(" %s %s %.*s%s\n",
|
||||
print_tainted(), init_utsname()->release,
|
||||
(int)strcspn(init_utsname()->version, " "),
|
||||
- init_utsname()->version);
|
||||
+ init_utsname()->version,
|
||||
+ LINUX_PACKAGE_ID);
|
||||
pr_err("\"echo 0 > /proc/sys/kernel/hung_task_timeout_secs\""
|
||||
" disables this message.\n");
|
||||
sched_show_task(t);
|
||||
--- a/kernel/printk/printk.c
|
||||
+++ b/kernel/printk/printk.c
|
||||
@@ -45,6 +45,7 @@
|
||||
@@ -48,6 +48,7 @@
|
||||
#include <linux/sched/clock.h>
|
||||
#include <linux/sched/debug.h>
|
||||
#include <linux/sched/task_stack.h>
|
||||
|
@ -121,7 +145,7 @@ are set.
|
|||
|
||||
#include <linux/uaccess.h>
|
||||
#include <asm/sections.h>
|
||||
@@ -3117,11 +3118,12 @@ void __init dump_stack_set_arch_desc(con
|
||||
@@ -3086,11 +3087,12 @@ void __init dump_stack_set_arch_desc(con
|
||||
*/
|
||||
void dump_stack_print_info(const char *log_lvl)
|
||||
{
|
||||
|
|
53
debian/patches/features/all/rt/0001-futex-Avoid-freeing-an-active-timer.patch
vendored
Normal file
53
debian/patches/features/all/rt/0001-futex-Avoid-freeing-an-active-timer.patch
vendored
Normal file
|
@ -0,0 +1,53 @@
|
|||
From: Thomas Gleixner <tglx@linutronix.de>
|
||||
Date: Mon, 10 Apr 2017 18:03:36 +0200
|
||||
Subject: [PATCH] futex: Avoid freeing an active timer
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.30-rt20.tar.xz
|
||||
|
||||
Upstream commit 97181f9bd57405b879403763284537e27d46963d
|
||||
|
||||
Alexander reported a hrtimer debug_object splat:
|
||||
|
||||
ODEBUG: free active (active state 0) object type: hrtimer hint: hrtimer_wakeup (kernel/time/hrtimer.c:1423)
|
||||
|
||||
debug_object_free (lib/debugobjects.c:603)
|
||||
destroy_hrtimer_on_stack (kernel/time/hrtimer.c:427)
|
||||
futex_lock_pi (kernel/futex.c:2740)
|
||||
do_futex (kernel/futex.c:3399)
|
||||
SyS_futex (kernel/futex.c:3447 kernel/futex.c:3415)
|
||||
do_syscall_64 (arch/x86/entry/common.c:284)
|
||||
entry_SYSCALL64_slow_path (arch/x86/entry/entry_64.S:249)
|
||||
|
||||
Which was caused by commit:
|
||||
|
||||
cfafcd117da0 ("futex: Rework futex_lock_pi() to use rt_mutex_*_proxy_lock()")
|
||||
|
||||
... losing the hrtimer_cancel() in the shuffle. Where previously the
|
||||
hrtimer_cancel() was done by rt_mutex_slowlock() we now need to do it
|
||||
manually.
|
||||
|
||||
Reported-by: Alexander Levin <alexander.levin@verizon.com>
|
||||
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
|
||||
Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
|
||||
Cc: Linus Torvalds <torvalds@linux-foundation.org>
|
||||
Cc: Peter Zijlstra <peterz@infradead.org>
|
||||
Fixes: cfafcd117da0 ("futex: Rework futex_lock_pi() to use rt_mutex_*_proxy_lock()")
|
||||
Link: http://lkml.kernel.org/r/alpine.DEB.2.20.1704101802370.2906@nanos
|
||||
Signed-off-by: Ingo Molnar <mingo@kernel.org>
|
||||
---
|
||||
kernel/futex.c | 4 +++-
|
||||
1 file changed, 3 insertions(+), 1 deletion(-)
|
||||
|
||||
--- a/kernel/futex.c
|
||||
+++ b/kernel/futex.c
|
||||
@@ -2734,8 +2734,10 @@ static int futex_lock_pi(u32 __user *uad
|
||||
out_put_key:
|
||||
put_futex_key(&q.key);
|
||||
out:
|
||||
- if (to)
|
||||
+ if (to) {
|
||||
+ hrtimer_cancel(&to->timer);
|
||||
destroy_hrtimer_on_stack(&to->timer);
|
||||
+ }
|
||||
return ret != -EINTR ? ret : -ERESTARTNOINTR;
|
||||
|
||||
uaddr_faulted:
|
|
@ -1,7 +1,7 @@
|
|||
From: Peter Zijlstra <peterz@infradead.org>
|
||||
Date: Wed, 22 Mar 2017 11:35:48 +0100
|
||||
Subject: [PATCH] futex: Cleanup variable names for futex_top_waiter()
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.20-rt16.tar.xz
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.30-rt20.tar.xz
|
||||
|
||||
Upstream commit 499f5aca2cdd5e958b27e2655e7e7f82524f46b1
|
||||
|
||||
|
|
180
debian/patches/features/all/rt/0001-rtmutex-Deboost-before-waking-up-the-top-waiter.patch
vendored
Normal file
180
debian/patches/features/all/rt/0001-rtmutex-Deboost-before-waking-up-the-top-waiter.patch
vendored
Normal file
|
@ -0,0 +1,180 @@
|
|||
From: Xunlei Pang <xlpang@redhat.com>
|
||||
Date: Thu, 23 Mar 2017 15:56:07 +0100
|
||||
Subject: [PATCH] rtmutex: Deboost before waking up the top waiter
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.30-rt20.tar.xz
|
||||
|
||||
Upstream commit 2a1c6029940675abb2217b590512dbf691867ec4
|
||||
|
||||
We should deboost before waking the high-priority task, such that we
|
||||
don't run two tasks with the same "state" (priority, deadline,
|
||||
sched_class, etc).
|
||||
|
||||
In order to make sure the boosting task doesn't start running between
|
||||
unlock and deboost (due to 'spurious' wakeup), we move the deboost
|
||||
under the wait_lock, that way its serialized against the wait loop in
|
||||
__rt_mutex_slowlock().
|
||||
|
||||
Doing the deboost early can however lead to priority-inversion if
|
||||
current would get preempted after the deboost but before waking our
|
||||
high-prio task, hence we disable preemption before doing deboost, and
|
||||
enabling it after the wake up is over.
|
||||
|
||||
This gets us the right semantic order, but most importantly however;
|
||||
this change ensures pointer stability for the next patch, where we
|
||||
have rt_mutex_setprio() cache a pointer to the top-most waiter task.
|
||||
If we, as before this change, do the wakeup first and then deboost,
|
||||
this pointer might point into thin air.
|
||||
|
||||
[peterz: Changelog + patch munging]
|
||||
Suggested-by: Peter Zijlstra <peterz@infradead.org>
|
||||
Signed-off-by: Xunlei Pang <xlpang@redhat.com>
|
||||
Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
|
||||
Acked-by: Steven Rostedt <rostedt@goodmis.org>
|
||||
Cc: juri.lelli@arm.com
|
||||
Cc: bigeasy@linutronix.de
|
||||
Cc: mathieu.desnoyers@efficios.com
|
||||
Cc: jdesfossez@efficios.com
|
||||
Cc: bristot@redhat.com
|
||||
Link: http://lkml.kernel.org/r/20170323150216.110065320@infradead.org
|
||||
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
|
||||
---
|
||||
kernel/futex.c | 5 ---
|
||||
kernel/locking/rtmutex.c | 59 +++++++++++++++++++++-------------------
|
||||
kernel/locking/rtmutex_common.h | 2 -
|
||||
3 files changed, 34 insertions(+), 32 deletions(-)
|
||||
|
||||
--- a/kernel/futex.c
|
||||
+++ b/kernel/futex.c
|
||||
@@ -1458,10 +1458,7 @@ static int wake_futex_pi(u32 __user *uad
|
||||
out_unlock:
|
||||
raw_spin_unlock_irq(&pi_state->pi_mutex.wait_lock);
|
||||
|
||||
- if (deboost) {
|
||||
- wake_up_q(&wake_q);
|
||||
- rt_mutex_adjust_prio(current);
|
||||
- }
|
||||
+ rt_mutex_postunlock(&wake_q, deboost);
|
||||
|
||||
return ret;
|
||||
}
|
||||
--- a/kernel/locking/rtmutex.c
|
||||
+++ b/kernel/locking/rtmutex.c
|
||||
@@ -371,24 +371,6 @@ static void __rt_mutex_adjust_prio(struc
|
||||
}
|
||||
|
||||
/*
|
||||
- * Adjust task priority (undo boosting). Called from the exit path of
|
||||
- * rt_mutex_slowunlock() and rt_mutex_slowlock().
|
||||
- *
|
||||
- * (Note: We do this outside of the protection of lock->wait_lock to
|
||||
- * allow the lock to be taken while or before we readjust the priority
|
||||
- * of task. We do not use the spin_xx_mutex() variants here as we are
|
||||
- * outside of the debug path.)
|
||||
- */
|
||||
-void rt_mutex_adjust_prio(struct task_struct *task)
|
||||
-{
|
||||
- unsigned long flags;
|
||||
-
|
||||
- raw_spin_lock_irqsave(&task->pi_lock, flags);
|
||||
- __rt_mutex_adjust_prio(task);
|
||||
- raw_spin_unlock_irqrestore(&task->pi_lock, flags);
|
||||
-}
|
||||
-
|
||||
-/*
|
||||
* Deadlock detection is conditional:
|
||||
*
|
||||
* If CONFIG_DEBUG_RT_MUTEXES=n, deadlock detection is only conducted
|
||||
@@ -1049,6 +1031,7 @@ static void mark_wakeup_next_waiter(stru
|
||||
* lock->wait_lock.
|
||||
*/
|
||||
rt_mutex_dequeue_pi(current, waiter);
|
||||
+ __rt_mutex_adjust_prio(current);
|
||||
|
||||
/*
|
||||
* As we are waking up the top waiter, and the waiter stays
|
||||
@@ -1391,6 +1374,16 @@ static bool __sched rt_mutex_slowunlock(
|
||||
*/
|
||||
mark_wakeup_next_waiter(wake_q, lock);
|
||||
|
||||
+ /*
|
||||
+ * We should deboost before waking the top waiter task such that
|
||||
+ * we don't run two tasks with the 'same' priority. This however
|
||||
+ * can lead to prio-inversion if we would get preempted after
|
||||
+ * the deboost but before waking our high-prio task, hence the
|
||||
+ * preempt_disable before unlock. Pairs with preempt_enable() in
|
||||
+ * rt_mutex_postunlock();
|
||||
+ */
|
||||
+ preempt_disable();
|
||||
+
|
||||
raw_spin_unlock_irqrestore(&lock->wait_lock, flags);
|
||||
|
||||
/* check PI boosting */
|
||||
@@ -1440,6 +1433,18 @@ rt_mutex_fasttrylock(struct rt_mutex *lo
|
||||
return slowfn(lock);
|
||||
}
|
||||
|
||||
+/*
|
||||
+ * Undo pi boosting (if necessary) and wake top waiter.
|
||||
+ */
|
||||
+void rt_mutex_postunlock(struct wake_q_head *wake_q, bool deboost)
|
||||
+{
|
||||
+ wake_up_q(wake_q);
|
||||
+
|
||||
+ /* Pairs with preempt_disable() in rt_mutex_slowunlock() */
|
||||
+ if (deboost)
|
||||
+ preempt_enable();
|
||||
+}
|
||||
+
|
||||
static inline void
|
||||
rt_mutex_fastunlock(struct rt_mutex *lock,
|
||||
bool (*slowfn)(struct rt_mutex *lock,
|
||||
@@ -1453,11 +1458,7 @@ rt_mutex_fastunlock(struct rt_mutex *loc
|
||||
|
||||
deboost = slowfn(lock, &wake_q);
|
||||
|
||||
- wake_up_q(&wake_q);
|
||||
-
|
||||
- /* Undo pi boosting if necessary: */
|
||||
- if (deboost)
|
||||
- rt_mutex_adjust_prio(current);
|
||||
+ rt_mutex_postunlock(&wake_q, deboost);
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -1570,6 +1571,13 @@ bool __sched __rt_mutex_futex_unlock(str
|
||||
}
|
||||
|
||||
mark_wakeup_next_waiter(wake_q, lock);
|
||||
+ /*
|
||||
+ * We've already deboosted, retain preempt_disabled when dropping
|
||||
+ * the wait_lock to avoid inversion until the wakeup. Matched
|
||||
+ * by rt_mutex_postunlock();
|
||||
+ */
|
||||
+ preempt_disable();
|
||||
+
|
||||
return true; /* deboost and wakeups */
|
||||
}
|
||||
|
||||
@@ -1582,10 +1590,7 @@ void __sched rt_mutex_futex_unlock(struc
|
||||
deboost = __rt_mutex_futex_unlock(lock, &wake_q);
|
||||
raw_spin_unlock_irq(&lock->wait_lock);
|
||||
|
||||
- if (deboost) {
|
||||
- wake_up_q(&wake_q);
|
||||
- rt_mutex_adjust_prio(current);
|
||||
- }
|
||||
+ rt_mutex_postunlock(&wake_q, deboost);
|
||||
}
|
||||
|
||||
/**
|
||||
--- a/kernel/locking/rtmutex_common.h
|
||||
+++ b/kernel/locking/rtmutex_common.h
|
||||
@@ -122,7 +122,7 @@ extern void rt_mutex_futex_unlock(struct
|
||||
extern bool __rt_mutex_futex_unlock(struct rt_mutex *lock,
|
||||
struct wake_q_head *wqh);
|
||||
|
||||
-extern void rt_mutex_adjust_prio(struct task_struct *task);
|
||||
+extern void rt_mutex_postunlock(struct wake_q_head *wake_q, bool deboost);
|
||||
|
||||
#ifdef CONFIG_DEBUG_RT_MUTEXES
|
||||
# include "rtmutex-debug.h"
|
57
debian/patches/features/all/rt/0002-futex-Fix-small-and-harmless-looking-inconsistencies.patch
vendored
Normal file
57
debian/patches/features/all/rt/0002-futex-Fix-small-and-harmless-looking-inconsistencies.patch
vendored
Normal file
|
@ -0,0 +1,57 @@
|
|||
From: Peter Zijlstra <peterz@infradead.org>
|
||||
Date: Fri, 7 Apr 2017 09:04:07 +0200
|
||||
Subject: [PATCH] futex: Fix small (and harmless looking) inconsistencies
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.30-rt20.tar.xz
|
||||
|
||||
Upstream commit 94ffac5d847cfd790bb37b7cef1cad803743985e
|
||||
|
||||
During (post-commit) review Darren spotted a few minor things. One
|
||||
(harmless AFAICT) type inconsistency and a comment that wasn't as
|
||||
clear as hoped.
|
||||
|
||||
Reported-by: Darren Hart (VMWare) <dvhart@infradead.org>
|
||||
Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
|
||||
Reviewed-by: Darren Hart (VMware) <dvhart@infradead.org>
|
||||
Cc: Linus Torvalds <torvalds@linux-foundation.org>
|
||||
Cc: Peter Zijlstra <peterz@infradead.org>
|
||||
Cc: Thomas Gleixner <tglx@linutronix.de>
|
||||
Cc: linux-kernel@vger.kernel.org
|
||||
Signed-off-by: Ingo Molnar <mingo@kernel.org>
|
||||
---
|
||||
kernel/futex.c | 11 +++++++----
|
||||
1 file changed, 7 insertions(+), 4 deletions(-)
|
||||
|
||||
--- a/kernel/futex.c
|
||||
+++ b/kernel/futex.c
|
||||
@@ -1023,7 +1023,8 @@ static int attach_to_pi_state(u32 __user
|
||||
struct futex_pi_state **ps)
|
||||
{
|
||||
pid_t pid = uval & FUTEX_TID_MASK;
|
||||
- int ret, uval2;
|
||||
+ u32 uval2;
|
||||
+ int ret;
|
||||
|
||||
/*
|
||||
* Userspace might have messed up non-PI and PI futexes [3]
|
||||
@@ -1439,6 +1440,11 @@ static int wake_futex_pi(u32 __user *uad
|
||||
if (ret)
|
||||
goto out_unlock;
|
||||
|
||||
+ /*
|
||||
+ * This is a point of no return; once we modify the uval there is no
|
||||
+ * going back and subsequent operations must not fail.
|
||||
+ */
|
||||
+
|
||||
raw_spin_lock(&pi_state->owner->pi_lock);
|
||||
WARN_ON(list_empty(&pi_state->list));
|
||||
list_del_init(&pi_state->list);
|
||||
@@ -1450,9 +1456,6 @@ static int wake_futex_pi(u32 __user *uad
|
||||
pi_state->owner = new_owner;
|
||||
raw_spin_unlock(&new_owner->pi_lock);
|
||||
|
||||
- /*
|
||||
- * We've updated the uservalue, this unlock cannot fail.
|
||||
- */
|
||||
postunlock = __rt_mutex_futex_unlock(&pi_state->pi_mutex, &wake_q);
|
||||
|
||||
out_unlock:
|
|
@ -1,7 +1,7 @@
|
|||
From: Peter Zijlstra <peterz@infradead.org>
|
||||
Date: Wed, 22 Mar 2017 11:35:49 +0100
|
||||
Subject: [PATCH] futex: Use smp_store_release() in mark_wake_futex()
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.20-rt16.tar.xz
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.30-rt20.tar.xz
|
||||
|
||||
Upstream commit 1b367ece0d7e696cab1c8501bab282cc6a538b3f
|
||||
|
||||
|
|
169
debian/patches/features/all/rt/0002-sched-rtmutex-deadline-Fix-a-PI-crash-for-deadline-t.patch
vendored
Normal file
169
debian/patches/features/all/rt/0002-sched-rtmutex-deadline-Fix-a-PI-crash-for-deadline-t.patch
vendored
Normal file
|
@ -0,0 +1,169 @@
|
|||
From: Xunlei Pang <xlpang@redhat.com>
|
||||
Date: Thu, 23 Mar 2017 15:56:08 +0100
|
||||
Subject: [PATCH] sched/rtmutex/deadline: Fix a PI crash for deadline tasks
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.30-rt20.tar.xz
|
||||
|
||||
Upstream commit e96a7705e7d3fef96aec9b590c63b2f6f7d2ba22
|
||||
|
||||
A crash happened while I was playing with deadline PI rtmutex.
|
||||
|
||||
BUG: unable to handle kernel NULL pointer dereference at 0000000000000018
|
||||
IP: [<ffffffff810eeb8f>] rt_mutex_get_top_task+0x1f/0x30
|
||||
PGD 232a75067 PUD 230947067 PMD 0
|
||||
Oops: 0000 [#1] SMP
|
||||
CPU: 1 PID: 10994 Comm: a.out Not tainted
|
||||
|
||||
Call Trace:
|
||||
[<ffffffff810b658c>] enqueue_task+0x2c/0x80
|
||||
[<ffffffff810ba763>] activate_task+0x23/0x30
|
||||
[<ffffffff810d0ab5>] pull_dl_task+0x1d5/0x260
|
||||
[<ffffffff810d0be6>] pre_schedule_dl+0x16/0x20
|
||||
[<ffffffff8164e783>] __schedule+0xd3/0x900
|
||||
[<ffffffff8164efd9>] schedule+0x29/0x70
|
||||
[<ffffffff8165035b>] __rt_mutex_slowlock+0x4b/0xc0
|
||||
[<ffffffff81650501>] rt_mutex_slowlock+0xd1/0x190
|
||||
[<ffffffff810eeb33>] rt_mutex_timed_lock+0x53/0x60
|
||||
[<ffffffff810ecbfc>] futex_lock_pi.isra.18+0x28c/0x390
|
||||
[<ffffffff810ed8b0>] do_futex+0x190/0x5b0
|
||||
[<ffffffff810edd50>] SyS_futex+0x80/0x180
|
||||
|
||||
This is because rt_mutex_enqueue_pi() and rt_mutex_dequeue_pi()
|
||||
are only protected by pi_lock when operating pi waiters, while
|
||||
rt_mutex_get_top_task(), will access them with rq lock held but
|
||||
not holding pi_lock.
|
||||
|
||||
In order to tackle it, we introduce new "pi_top_task" pointer
|
||||
cached in task_struct, and add new rt_mutex_update_top_task()
|
||||
to update its value, it can be called by rt_mutex_setprio()
|
||||
which held both owner's pi_lock and rq lock. Thus "pi_top_task"
|
||||
can be safely accessed by enqueue_task_dl() under rq lock.
|
||||
|
||||
Originally-From: Peter Zijlstra <peterz@infradead.org>
|
||||
Signed-off-by: Xunlei Pang <xlpang@redhat.com>
|
||||
Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
|
||||
Acked-by: Steven Rostedt <rostedt@goodmis.org>
|
||||
Reviewed-by: Thomas Gleixner <tglx@linutronix.de>
|
||||
Cc: juri.lelli@arm.com
|
||||
Cc: bigeasy@linutronix.de
|
||||
Cc: mathieu.desnoyers@efficios.com
|
||||
Cc: jdesfossez@efficios.com
|
||||
Cc: bristot@redhat.com
|
||||
Link: http://lkml.kernel.org/r/20170323150216.157682758@infradead.org
|
||||
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
|
||||
---
|
||||
include/linux/init_task.h | 1 +
|
||||
include/linux/sched.h | 2 ++
|
||||
include/linux/sched/rt.h | 1 +
|
||||
kernel/fork.c | 1 +
|
||||
kernel/locking/rtmutex.c | 29 +++++++++++++++++++++--------
|
||||
kernel/sched/core.c | 2 ++
|
||||
6 files changed, 28 insertions(+), 8 deletions(-)
|
||||
|
||||
--- a/include/linux/init_task.h
|
||||
+++ b/include/linux/init_task.h
|
||||
@@ -164,6 +164,7 @@ extern struct task_group root_task_group
|
||||
#ifdef CONFIG_RT_MUTEXES
|
||||
# define INIT_RT_MUTEXES(tsk) \
|
||||
.pi_waiters = RB_ROOT, \
|
||||
+ .pi_top_task = NULL, \
|
||||
.pi_waiters_leftmost = NULL,
|
||||
#else
|
||||
# define INIT_RT_MUTEXES(tsk)
|
||||
--- a/include/linux/sched.h
|
||||
+++ b/include/linux/sched.h
|
||||
@@ -1723,6 +1723,8 @@ struct task_struct {
|
||||
/* PI waiters blocked on a rt_mutex held by this task */
|
||||
struct rb_root pi_waiters;
|
||||
struct rb_node *pi_waiters_leftmost;
|
||||
+ /* Updated under owner's pi_lock and rq lock */
|
||||
+ struct task_struct *pi_top_task;
|
||||
/* Deadlock detection and priority inheritance handling */
|
||||
struct rt_mutex_waiter *pi_blocked_on;
|
||||
#endif
|
||||
--- a/include/linux/sched/rt.h
|
||||
+++ b/include/linux/sched/rt.h
|
||||
@@ -19,6 +19,7 @@ static inline int rt_task(struct task_st
|
||||
extern int rt_mutex_getprio(struct task_struct *p);
|
||||
extern void rt_mutex_setprio(struct task_struct *p, int prio);
|
||||
extern int rt_mutex_get_effective_prio(struct task_struct *task, int newprio);
|
||||
+extern void rt_mutex_update_top_task(struct task_struct *p);
|
||||
extern struct task_struct *rt_mutex_get_top_task(struct task_struct *task);
|
||||
extern void rt_mutex_adjust_pi(struct task_struct *p);
|
||||
static inline bool tsk_is_pi_blocked(struct task_struct *tsk)
|
||||
--- a/kernel/fork.c
|
||||
+++ b/kernel/fork.c
|
||||
@@ -1417,6 +1417,7 @@ static void rt_mutex_init_task(struct ta
|
||||
#ifdef CONFIG_RT_MUTEXES
|
||||
p->pi_waiters = RB_ROOT;
|
||||
p->pi_waiters_leftmost = NULL;
|
||||
+ p->pi_top_task = NULL;
|
||||
p->pi_blocked_on = NULL;
|
||||
#endif
|
||||
}
|
||||
--- a/kernel/locking/rtmutex.c
|
||||
+++ b/kernel/locking/rtmutex.c
|
||||
@@ -321,6 +321,19 @@ rt_mutex_dequeue_pi(struct task_struct *
|
||||
}
|
||||
|
||||
/*
|
||||
+ * Must hold both p->pi_lock and task_rq(p)->lock.
|
||||
+ */
|
||||
+void rt_mutex_update_top_task(struct task_struct *p)
|
||||
+{
|
||||
+ if (!task_has_pi_waiters(p)) {
|
||||
+ p->pi_top_task = NULL;
|
||||
+ return;
|
||||
+ }
|
||||
+
|
||||
+ p->pi_top_task = task_top_pi_waiter(p)->task;
|
||||
+}
|
||||
+
|
||||
+/*
|
||||
* Calculate task priority from the waiter tree priority
|
||||
*
|
||||
* Return task->normal_prio when the waiter tree is empty or when
|
||||
@@ -335,12 +348,12 @@ int rt_mutex_getprio(struct task_struct
|
||||
task->normal_prio);
|
||||
}
|
||||
|
||||
+/*
|
||||
+ * Must hold either p->pi_lock or task_rq(p)->lock.
|
||||
+ */
|
||||
struct task_struct *rt_mutex_get_top_task(struct task_struct *task)
|
||||
{
|
||||
- if (likely(!task_has_pi_waiters(task)))
|
||||
- return NULL;
|
||||
-
|
||||
- return task_top_pi_waiter(task)->task;
|
||||
+ return task->pi_top_task;
|
||||
}
|
||||
|
||||
/*
|
||||
@@ -349,12 +362,12 @@ struct task_struct *rt_mutex_get_top_tas
|
||||
*/
|
||||
int rt_mutex_get_effective_prio(struct task_struct *task, int newprio)
|
||||
{
|
||||
- if (!task_has_pi_waiters(task))
|
||||
+ struct task_struct *top_task = rt_mutex_get_top_task(task);
|
||||
+
|
||||
+ if (!top_task)
|
||||
return newprio;
|
||||
|
||||
- if (task_top_pi_waiter(task)->task->prio <= newprio)
|
||||
- return task_top_pi_waiter(task)->task->prio;
|
||||
- return newprio;
|
||||
+ return min(top_task->prio, newprio);
|
||||
}
|
||||
|
||||
/*
|
||||
--- a/kernel/sched/core.c
|
||||
+++ b/kernel/sched/core.c
|
||||
@@ -3669,6 +3669,8 @@ void rt_mutex_setprio(struct task_struct
|
||||
goto out_unlock;
|
||||
}
|
||||
|
||||
+ rt_mutex_update_top_task(p);
|
||||
+
|
||||
trace_sched_pi_setprio(p, prio);
|
||||
oldprio = p->prio;
|
||||
|
38
debian/patches/features/all/rt/0003-futex-Clarify-mark_wake_futex-memory-barrier-usage.patch
vendored
Normal file
38
debian/patches/features/all/rt/0003-futex-Clarify-mark_wake_futex-memory-barrier-usage.patch
vendored
Normal file
|
@ -0,0 +1,38 @@
|
|||
From: "Darren Hart (VMware)" <dvhart@infradead.org>
|
||||
Date: Fri, 14 Apr 2017 15:31:38 -0700
|
||||
Subject: [PATCH] futex: Clarify mark_wake_futex memory barrier usage
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.30-rt20.tar.xz
|
||||
|
||||
Upstream commit 38fcd06e9b7f6855db1f3ebac5e18b8fdb467ffd
|
||||
|
||||
Clarify the scenario described in mark_wake_futex requiring the
|
||||
smp_store_release(). Update the comment to explicitly refer to the
|
||||
plist_del now under __unqueue_futex() (previously plist_del was in the
|
||||
same function as the comment).
|
||||
|
||||
Signed-off-by: Darren Hart (VMware) <dvhart@infradead.org>
|
||||
Cc: Peter Zijlstra <peterz@infradead.org>
|
||||
Link: http://lkml.kernel.org/r/20170414223138.GA4222@fury
|
||||
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
|
||||
---
|
||||
kernel/futex.c | 9 +++++----
|
||||
1 file changed, 5 insertions(+), 4 deletions(-)
|
||||
|
||||
--- a/kernel/futex.c
|
||||
+++ b/kernel/futex.c
|
||||
@@ -1378,10 +1378,11 @@ static void mark_wake_futex(struct wake_
|
||||
wake_q_add(wake_q, p);
|
||||
__unqueue_futex(q);
|
||||
/*
|
||||
- * The waiting task can free the futex_q as soon as
|
||||
- * q->lock_ptr = NULL is written, without taking any locks. A
|
||||
- * memory barrier is required here to prevent the following
|
||||
- * store to lock_ptr from getting ahead of the plist_del.
|
||||
+ * The waiting task can free the futex_q as soon as q->lock_ptr = NULL
|
||||
+ * is written, without taking any locks. This is possible in the event
|
||||
+ * of a spurious wakeup, for example. A memory barrier is required here
|
||||
+ * to prevent the following store to lock_ptr from getting ahead of the
|
||||
+ * plist_del in __unqueue_futex().
|
||||
*/
|
||||
smp_store_release(&q->lock_ptr, NULL);
|
||||
}
|
|
@ -1,7 +1,7 @@
|
|||
From: Peter Zijlstra <peterz@infradead.org>
|
||||
Date: Wed, 22 Mar 2017 11:35:50 +0100
|
||||
Subject: [PATCH] futex: Remove rt_mutex_deadlock_account_*()
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.20-rt16.tar.xz
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.30-rt20.tar.xz
|
||||
|
||||
Upstream commit fffa954fb528963c2fb7b0c0084eb77e2be7ab52
|
||||
|
||||
|
|
54
debian/patches/features/all/rt/0003-sched-deadline-rtmutex-Dont-miss-the-dl_runtime-dl_p.patch
vendored
Normal file
54
debian/patches/features/all/rt/0003-sched-deadline-rtmutex-Dont-miss-the-dl_runtime-dl_p.patch
vendored
Normal file
|
@ -0,0 +1,54 @@
|
|||
From: Xunlei Pang <xlpang@redhat.com>
|
||||
Date: Thu, 23 Mar 2017 15:56:09 +0100
|
||||
Subject: [PATCH] sched/deadline/rtmutex: Dont miss the
|
||||
dl_runtime/dl_period update
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.30-rt20.tar.xz
|
||||
|
||||
Upstream commit 85e2d4f992868ad78dc8bb2c077b652fcfb3661a
|
||||
|
||||
Currently dl tasks will actually return at the very beginning
|
||||
of rt_mutex_adjust_prio_chain() in !detect_deadlock cases:
|
||||
|
||||
if (waiter->prio == task->prio) {
|
||||
if (!detect_deadlock)
|
||||
goto out_unlock_pi; // out here
|
||||
else
|
||||
requeue = false;
|
||||
}
|
||||
|
||||
As the deadline value of blocked deadline tasks(waiters) without
|
||||
changing their sched_class(thus prio doesn't change) never changes,
|
||||
this seems reasonable, but it actually misses the chance of updating
|
||||
rt_mutex_waiter's "dl_runtime(period)_copy" if a waiter updates its
|
||||
deadline parameters(dl_runtime, dl_period) or boosted waiter changes
|
||||
to !deadline class.
|
||||
|
||||
Thus, force deadline task not out by adding the !dl_prio() condition.
|
||||
|
||||
Signed-off-by: Xunlei Pang <xlpang@redhat.com>
|
||||
Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
|
||||
Acked-by: Steven Rostedt <rostedt@goodmis.org>
|
||||
Reviewed-by: Thomas Gleixner <tglx@linutronix.de>
|
||||
Cc: juri.lelli@arm.com
|
||||
Cc: bigeasy@linutronix.de
|
||||
Cc: mathieu.desnoyers@efficios.com
|
||||
Cc: jdesfossez@efficios.com
|
||||
Cc: bristot@redhat.com
|
||||
Link: http://lkml.kernel.org/r/1460633827-345-7-git-send-email-xlpang@redhat.com
|
||||
Link: http://lkml.kernel.org/r/20170323150216.206577901@infradead.org
|
||||
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
|
||||
---
|
||||
kernel/locking/rtmutex.c | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
--- a/kernel/locking/rtmutex.c
|
||||
+++ b/kernel/locking/rtmutex.c
|
||||
@@ -603,7 +603,7 @@ static int rt_mutex_adjust_prio_chain(st
|
||||
* enabled we continue, but stop the requeueing in the chain
|
||||
* walk.
|
||||
*/
|
||||
- if (waiter->prio == task->prio) {
|
||||
+ if (waiter->prio == task->prio && !dl_task(task)) {
|
||||
if (!detect_deadlock)
|
||||
goto out_unlock_pi;
|
||||
else
|
|
@ -0,0 +1,50 @@
|
|||
From: "Darren Hart (VMware)" <dvhart@infradead.org>
|
||||
Date: Fri, 14 Apr 2017 15:46:08 -0700
|
||||
Subject: [PATCH] MAINTAINERS: Add FUTEX SUBSYSTEM
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.30-rt20.tar.xz
|
||||
|
||||
Upstream commit 59cd42c29618c45cd3c56da43402b14f611888dd
|
||||
|
||||
Add a MAINTAINERS block for the FUTEX SUBSYSTEM which includes the core
|
||||
kernel code, include headers, testing code, and Documentation. Excludes
|
||||
arch files, and higher level test code.
|
||||
|
||||
I added tglx and mingo as M as they have made the tip commits and peterz
|
||||
and myself as R.
|
||||
|
||||
Signed-off-by: Darren Hart (VMware) <dvhart@infradead.org>
|
||||
Cc: Peter Zijlstra <peterz@infradead.org>
|
||||
Cc: Shuah Khan <shuah@kernel.org>
|
||||
Cc: Arnaldo Carvalho de Melo <acme@kernel.org>
|
||||
Link: http://lkml.kernel.org/r/20170414224608.GA5180@fury
|
||||
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
|
||||
---
|
||||
MAINTAINERS | 17 +++++++++++++++++
|
||||
1 file changed, 17 insertions(+)
|
||||
|
||||
--- a/MAINTAINERS
|
||||
+++ b/MAINTAINERS
|
||||
@@ -5196,6 +5196,23 @@ F: fs/fuse/
|
||||
F: include/uapi/linux/fuse.h
|
||||
F: Documentation/filesystems/fuse.txt
|
||||
|
||||
+FUTEX SUBSYSTEM
|
||||
+M: Thomas Gleixner <tglx@linutronix.de>
|
||||
+M: Ingo Molnar <mingo@redhat.com>
|
||||
+R: Peter Zijlstra <peterz@infradead.org>
|
||||
+R: Darren Hart <dvhart@infradead.org>
|
||||
+L: linux-kernel@vger.kernel.org
|
||||
+T: git git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git locking/core
|
||||
+S: Maintained
|
||||
+F: kernel/futex.c
|
||||
+F: kernel/futex_compat.c
|
||||
+F: include/asm-generic/futex.h
|
||||
+F: include/linux/futex.h
|
||||
+F: include/uapi/linux/futex.h
|
||||
+F: tools/testing/selftests/futex/
|
||||
+F: tools/perf/bench/futex*
|
||||
+F: Documentation/*futex*
|
||||
+
|
||||
FUTURE DOMAIN TMC-16x0 SCSI DRIVER (16-bit)
|
||||
M: Rik Faith <faith@cs.unc.edu>
|
||||
L: linux-scsi@vger.kernel.org
|
|
@ -1,7 +1,7 @@
|
|||
From: Peter Zijlstra <peterz@infradead.org>
|
||||
Date: Wed, 22 Mar 2017 11:35:51 +0100
|
||||
Subject: [PATCH] futex,rt_mutex: Provide futex specific rt_mutex API
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.20-rt16.tar.xz
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.30-rt20.tar.xz
|
||||
|
||||
Upstream commit 5293c2efda37775346885c7e924d4ef7018ea60b
|
||||
|
||||
|
|
|
@ -0,0 +1,147 @@
|
|||
From: Peter Zijlstra <peterz@infradead.org>
|
||||
Date: Thu, 23 Mar 2017 15:56:10 +0100
|
||||
Subject: [PATCH] rtmutex: Clean up
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.30-rt20.tar.xz
|
||||
|
||||
Upstream commit aa2bfe55366552cb7e93e8709d66e698d79ccc47
|
||||
|
||||
Previous patches changed the meaning of the return value of
|
||||
rt_mutex_slowunlock(); update comments and code to reflect this.
|
||||
|
||||
Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
|
||||
Cc: juri.lelli@arm.com
|
||||
Cc: bigeasy@linutronix.de
|
||||
Cc: xlpang@redhat.com
|
||||
Cc: rostedt@goodmis.org
|
||||
Cc: mathieu.desnoyers@efficios.com
|
||||
Cc: jdesfossez@efficios.com
|
||||
Cc: bristot@redhat.com
|
||||
Link: http://lkml.kernel.org/r/20170323150216.255058238@infradead.org
|
||||
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
|
||||
---
|
||||
kernel/futex.c | 7 ++++---
|
||||
kernel/locking/rtmutex.c | 28 +++++++++++++---------------
|
||||
kernel/locking/rtmutex_common.h | 2 +-
|
||||
3 files changed, 18 insertions(+), 19 deletions(-)
|
||||
|
||||
--- a/kernel/futex.c
|
||||
+++ b/kernel/futex.c
|
||||
@@ -1392,7 +1392,7 @@ static int wake_futex_pi(u32 __user *uad
|
||||
{
|
||||
u32 uninitialized_var(curval), newval;
|
||||
struct task_struct *new_owner;
|
||||
- bool deboost = false;
|
||||
+ bool postunlock = false;
|
||||
WAKE_Q(wake_q);
|
||||
int ret = 0;
|
||||
|
||||
@@ -1453,12 +1453,13 @@ static int wake_futex_pi(u32 __user *uad
|
||||
/*
|
||||
* We've updated the uservalue, this unlock cannot fail.
|
||||
*/
|
||||
- deboost = __rt_mutex_futex_unlock(&pi_state->pi_mutex, &wake_q);
|
||||
+ postunlock = __rt_mutex_futex_unlock(&pi_state->pi_mutex, &wake_q);
|
||||
|
||||
out_unlock:
|
||||
raw_spin_unlock_irq(&pi_state->pi_mutex.wait_lock);
|
||||
|
||||
- rt_mutex_postunlock(&wake_q, deboost);
|
||||
+ if (postunlock)
|
||||
+ rt_mutex_postunlock(&wake_q);
|
||||
|
||||
return ret;
|
||||
}
|
||||
--- a/kernel/locking/rtmutex.c
|
||||
+++ b/kernel/locking/rtmutex.c
|
||||
@@ -1328,7 +1328,8 @@ static inline int rt_mutex_slowtrylock(s
|
||||
|
||||
/*
|
||||
* Slow path to release a rt-mutex.
|
||||
- * Return whether the current task needs to undo a potential priority boosting.
|
||||
+ *
|
||||
+ * Return whether the current task needs to call rt_mutex_postunlock().
|
||||
*/
|
||||
static bool __sched rt_mutex_slowunlock(struct rt_mutex *lock,
|
||||
struct wake_q_head *wake_q)
|
||||
@@ -1399,8 +1400,7 @@ static bool __sched rt_mutex_slowunlock(
|
||||
|
||||
raw_spin_unlock_irqrestore(&lock->wait_lock, flags);
|
||||
|
||||
- /* check PI boosting */
|
||||
- return true;
|
||||
+ return true; /* call rt_mutex_postunlock() */
|
||||
}
|
||||
|
||||
/*
|
||||
@@ -1447,15 +1447,14 @@ rt_mutex_fasttrylock(struct rt_mutex *lo
|
||||
}
|
||||
|
||||
/*
|
||||
- * Undo pi boosting (if necessary) and wake top waiter.
|
||||
+ * Performs the wakeup of the the top-waiter and re-enables preemption.
|
||||
*/
|
||||
-void rt_mutex_postunlock(struct wake_q_head *wake_q, bool deboost)
|
||||
+void rt_mutex_postunlock(struct wake_q_head *wake_q)
|
||||
{
|
||||
wake_up_q(wake_q);
|
||||
|
||||
/* Pairs with preempt_disable() in rt_mutex_slowunlock() */
|
||||
- if (deboost)
|
||||
- preempt_enable();
|
||||
+ preempt_enable();
|
||||
}
|
||||
|
||||
static inline void
|
||||
@@ -1464,14 +1463,12 @@ rt_mutex_fastunlock(struct rt_mutex *loc
|
||||
struct wake_q_head *wqh))
|
||||
{
|
||||
WAKE_Q(wake_q);
|
||||
- bool deboost;
|
||||
|
||||
if (likely(rt_mutex_cmpxchg_release(lock, current, NULL)))
|
||||
return;
|
||||
|
||||
- deboost = slowfn(lock, &wake_q);
|
||||
-
|
||||
- rt_mutex_postunlock(&wake_q, deboost);
|
||||
+ if (slowfn(lock, &wake_q))
|
||||
+ rt_mutex_postunlock(&wake_q);
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -1591,19 +1588,20 @@ bool __sched __rt_mutex_futex_unlock(str
|
||||
*/
|
||||
preempt_disable();
|
||||
|
||||
- return true; /* deboost and wakeups */
|
||||
+ return true; /* call postunlock() */
|
||||
}
|
||||
|
||||
void __sched rt_mutex_futex_unlock(struct rt_mutex *lock)
|
||||
{
|
||||
WAKE_Q(wake_q);
|
||||
- bool deboost;
|
||||
+ bool postunlock;
|
||||
|
||||
raw_spin_lock_irq(&lock->wait_lock);
|
||||
- deboost = __rt_mutex_futex_unlock(lock, &wake_q);
|
||||
+ postunlock = __rt_mutex_futex_unlock(lock, &wake_q);
|
||||
raw_spin_unlock_irq(&lock->wait_lock);
|
||||
|
||||
- rt_mutex_postunlock(&wake_q, deboost);
|
||||
+ if (postunlock)
|
||||
+ rt_mutex_postunlock(&wake_q);
|
||||
}
|
||||
|
||||
/**
|
||||
--- a/kernel/locking/rtmutex_common.h
|
||||
+++ b/kernel/locking/rtmutex_common.h
|
||||
@@ -122,7 +122,7 @@ extern void rt_mutex_futex_unlock(struct
|
||||
extern bool __rt_mutex_futex_unlock(struct rt_mutex *lock,
|
||||
struct wake_q_head *wqh);
|
||||
|
||||
-extern void rt_mutex_postunlock(struct wake_q_head *wake_q, bool deboost);
|
||||
+extern void rt_mutex_postunlock(struct wake_q_head *wake_q);
|
||||
|
||||
#ifdef CONFIG_DEBUG_RT_MUTEXES
|
||||
# include "rtmutex-debug.h"
|
|
@ -1,7 +1,7 @@
|
|||
From: Peter Zijlstra <peterz@infradead.org>
|
||||
Date: Wed, 22 Mar 2017 11:35:52 +0100
|
||||
Subject: [PATCH] futex: Change locking rules
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.20-rt16.tar.xz
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.30-rt20.tar.xz
|
||||
|
||||
Upstream commit 734009e96d1983ad739e5b656e03430b3660c913
|
||||
|
||||
|
|
393
debian/patches/features/all/rt/0005-sched-rtmutex-Refactor-rt_mutex_setprio.patch
vendored
Normal file
393
debian/patches/features/all/rt/0005-sched-rtmutex-Refactor-rt_mutex_setprio.patch
vendored
Normal file
|
@ -0,0 +1,393 @@
|
|||
From: Peter Zijlstra <peterz@infradead.org>
|
||||
Date: Thu, 23 Mar 2017 15:56:11 +0100
|
||||
Subject: [PATCH] sched/rtmutex: Refactor rt_mutex_setprio()
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.30-rt20.tar.xz
|
||||
|
||||
Upstream commit acd58620e415aee4a43a808d7d2fd87259ee0001
|
||||
|
||||
With the introduction of SCHED_DEADLINE the whole notion that priority
|
||||
is a single number is gone, therefore the @prio argument to
|
||||
rt_mutex_setprio() doesn't make sense anymore.
|
||||
|
||||
So rework the code to pass a pi_task instead.
|
||||
|
||||
Note this also fixes a problem with pi_top_task caching; previously we
|
||||
would not set the pointer (call rt_mutex_update_top_task) if the
|
||||
priority didn't change, this could lead to a stale pointer.
|
||||
|
||||
As for the XXX, I think its fine to use pi_task->prio, because if it
|
||||
differs from waiter->prio, a PI chain update is immenent.
|
||||
|
||||
Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
|
||||
Cc: juri.lelli@arm.com
|
||||
Cc: bigeasy@linutronix.de
|
||||
Cc: xlpang@redhat.com
|
||||
Cc: rostedt@goodmis.org
|
||||
Cc: mathieu.desnoyers@efficios.com
|
||||
Cc: jdesfossez@efficios.com
|
||||
Cc: bristot@redhat.com
|
||||
Link: http://lkml.kernel.org/r/20170323150216.303827095@infradead.org
|
||||
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
|
||||
---
|
||||
include/linux/sched/rt.h | 24 +++-------
|
||||
kernel/locking/rtmutex.c | 112 ++++++++++++-----------------------------------
|
||||
kernel/sched/core.c | 66 ++++++++++++++++++++++-----
|
||||
3 files changed, 91 insertions(+), 111 deletions(-)
|
||||
|
||||
--- a/include/linux/sched/rt.h
|
||||
+++ b/include/linux/sched/rt.h
|
||||
@@ -16,28 +16,20 @@ static inline int rt_task(struct task_st
|
||||
}
|
||||
|
||||
#ifdef CONFIG_RT_MUTEXES
|
||||
-extern int rt_mutex_getprio(struct task_struct *p);
|
||||
-extern void rt_mutex_setprio(struct task_struct *p, int prio);
|
||||
-extern int rt_mutex_get_effective_prio(struct task_struct *task, int newprio);
|
||||
-extern void rt_mutex_update_top_task(struct task_struct *p);
|
||||
-extern struct task_struct *rt_mutex_get_top_task(struct task_struct *task);
|
||||
+/*
|
||||
+ * Must hold either p->pi_lock or task_rq(p)->lock.
|
||||
+ */
|
||||
+static inline struct task_struct *rt_mutex_get_top_task(struct task_struct *p)
|
||||
+{
|
||||
+ return p->pi_top_task;
|
||||
+}
|
||||
+extern void rt_mutex_setprio(struct task_struct *p, struct task_struct *pi_task);
|
||||
extern void rt_mutex_adjust_pi(struct task_struct *p);
|
||||
static inline bool tsk_is_pi_blocked(struct task_struct *tsk)
|
||||
{
|
||||
return tsk->pi_blocked_on != NULL;
|
||||
}
|
||||
#else
|
||||
-static inline int rt_mutex_getprio(struct task_struct *p)
|
||||
-{
|
||||
- return p->normal_prio;
|
||||
-}
|
||||
-
|
||||
-static inline int rt_mutex_get_effective_prio(struct task_struct *task,
|
||||
- int newprio)
|
||||
-{
|
||||
- return newprio;
|
||||
-}
|
||||
-
|
||||
static inline struct task_struct *rt_mutex_get_top_task(struct task_struct *task)
|
||||
{
|
||||
return NULL;
|
||||
--- a/kernel/locking/rtmutex.c
|
||||
+++ b/kernel/locking/rtmutex.c
|
||||
@@ -320,67 +320,16 @@ rt_mutex_dequeue_pi(struct task_struct *
|
||||
RB_CLEAR_NODE(&waiter->pi_tree_entry);
|
||||
}
|
||||
|
||||
-/*
|
||||
- * Must hold both p->pi_lock and task_rq(p)->lock.
|
||||
- */
|
||||
-void rt_mutex_update_top_task(struct task_struct *p)
|
||||
-{
|
||||
- if (!task_has_pi_waiters(p)) {
|
||||
- p->pi_top_task = NULL;
|
||||
- return;
|
||||
- }
|
||||
-
|
||||
- p->pi_top_task = task_top_pi_waiter(p)->task;
|
||||
-}
|
||||
-
|
||||
-/*
|
||||
- * Calculate task priority from the waiter tree priority
|
||||
- *
|
||||
- * Return task->normal_prio when the waiter tree is empty or when
|
||||
- * the waiter is not allowed to do priority boosting
|
||||
- */
|
||||
-int rt_mutex_getprio(struct task_struct *task)
|
||||
-{
|
||||
- if (likely(!task_has_pi_waiters(task)))
|
||||
- return task->normal_prio;
|
||||
-
|
||||
- return min(task_top_pi_waiter(task)->prio,
|
||||
- task->normal_prio);
|
||||
-}
|
||||
-
|
||||
-/*
|
||||
- * Must hold either p->pi_lock or task_rq(p)->lock.
|
||||
- */
|
||||
-struct task_struct *rt_mutex_get_top_task(struct task_struct *task)
|
||||
-{
|
||||
- return task->pi_top_task;
|
||||
-}
|
||||
-
|
||||
-/*
|
||||
- * Called by sched_setscheduler() to get the priority which will be
|
||||
- * effective after the change.
|
||||
- */
|
||||
-int rt_mutex_get_effective_prio(struct task_struct *task, int newprio)
|
||||
+static void rt_mutex_adjust_prio(struct task_struct *p)
|
||||
{
|
||||
- struct task_struct *top_task = rt_mutex_get_top_task(task);
|
||||
+ struct task_struct *pi_task = NULL;
|
||||
|
||||
- if (!top_task)
|
||||
- return newprio;
|
||||
+ lockdep_assert_held(&p->pi_lock);
|
||||
|
||||
- return min(top_task->prio, newprio);
|
||||
-}
|
||||
+ if (task_has_pi_waiters(p))
|
||||
+ pi_task = task_top_pi_waiter(p)->task;
|
||||
|
||||
-/*
|
||||
- * Adjust the priority of a task, after its pi_waiters got modified.
|
||||
- *
|
||||
- * This can be both boosting and unboosting. task->pi_lock must be held.
|
||||
- */
|
||||
-static void __rt_mutex_adjust_prio(struct task_struct *task)
|
||||
-{
|
||||
- int prio = rt_mutex_getprio(task);
|
||||
-
|
||||
- if (task->prio != prio || dl_prio(prio))
|
||||
- rt_mutex_setprio(task, prio);
|
||||
+ rt_mutex_setprio(p, pi_task);
|
||||
}
|
||||
|
||||
/*
|
||||
@@ -740,7 +689,7 @@ static int rt_mutex_adjust_prio_chain(st
|
||||
*/
|
||||
rt_mutex_dequeue_pi(task, prerequeue_top_waiter);
|
||||
rt_mutex_enqueue_pi(task, waiter);
|
||||
- __rt_mutex_adjust_prio(task);
|
||||
+ rt_mutex_adjust_prio(task);
|
||||
|
||||
} else if (prerequeue_top_waiter == waiter) {
|
||||
/*
|
||||
@@ -756,7 +705,7 @@ static int rt_mutex_adjust_prio_chain(st
|
||||
rt_mutex_dequeue_pi(task, waiter);
|
||||
waiter = rt_mutex_top_waiter(lock);
|
||||
rt_mutex_enqueue_pi(task, waiter);
|
||||
- __rt_mutex_adjust_prio(task);
|
||||
+ rt_mutex_adjust_prio(task);
|
||||
} else {
|
||||
/*
|
||||
* Nothing changed. No need to do any priority
|
||||
@@ -964,7 +913,7 @@ static int task_blocks_on_rt_mutex(struc
|
||||
return -EDEADLK;
|
||||
|
||||
raw_spin_lock(&task->pi_lock);
|
||||
- __rt_mutex_adjust_prio(task);
|
||||
+ rt_mutex_adjust_prio(task);
|
||||
waiter->task = task;
|
||||
waiter->lock = lock;
|
||||
waiter->prio = task->prio;
|
||||
@@ -986,7 +935,7 @@ static int task_blocks_on_rt_mutex(struc
|
||||
rt_mutex_dequeue_pi(owner, top_waiter);
|
||||
rt_mutex_enqueue_pi(owner, waiter);
|
||||
|
||||
- __rt_mutex_adjust_prio(owner);
|
||||
+ rt_mutex_adjust_prio(owner);
|
||||
if (owner->pi_blocked_on)
|
||||
chain_walk = 1;
|
||||
} else if (rt_mutex_cond_detect_deadlock(waiter, chwalk)) {
|
||||
@@ -1038,13 +987,14 @@ static void mark_wakeup_next_waiter(stru
|
||||
waiter = rt_mutex_top_waiter(lock);
|
||||
|
||||
/*
|
||||
- * Remove it from current->pi_waiters. We do not adjust a
|
||||
- * possible priority boost right now. We execute wakeup in the
|
||||
- * boosted mode and go back to normal after releasing
|
||||
- * lock->wait_lock.
|
||||
+ * Remove it from current->pi_waiters and deboost.
|
||||
+ *
|
||||
+ * We must in fact deboost here in order to ensure we call
|
||||
+ * rt_mutex_setprio() to update p->pi_top_task before the
|
||||
+ * task unblocks.
|
||||
*/
|
||||
rt_mutex_dequeue_pi(current, waiter);
|
||||
- __rt_mutex_adjust_prio(current);
|
||||
+ rt_mutex_adjust_prio(current);
|
||||
|
||||
/*
|
||||
* As we are waking up the top waiter, and the waiter stays
|
||||
@@ -1056,9 +1006,19 @@ static void mark_wakeup_next_waiter(stru
|
||||
*/
|
||||
lock->owner = (void *) RT_MUTEX_HAS_WAITERS;
|
||||
|
||||
- raw_spin_unlock(¤t->pi_lock);
|
||||
-
|
||||
+ /*
|
||||
+ * We deboosted before waking the top waiter task such that we don't
|
||||
+ * run two tasks with the 'same' priority (and ensure the
|
||||
+ * p->pi_top_task pointer points to a blocked task). This however can
|
||||
+ * lead to priority inversion if we would get preempted after the
|
||||
+ * deboost but before waking our donor task, hence the preempt_disable()
|
||||
+ * before unlock.
|
||||
+ *
|
||||
+ * Pairs with preempt_enable() in rt_mutex_postunlock();
|
||||
+ */
|
||||
+ preempt_disable();
|
||||
wake_q_add(wake_q, waiter->task);
|
||||
+ raw_spin_unlock(¤t->pi_lock);
|
||||
}
|
||||
|
||||
/*
|
||||
@@ -1093,7 +1053,7 @@ static void remove_waiter(struct rt_mute
|
||||
if (rt_mutex_has_waiters(lock))
|
||||
rt_mutex_enqueue_pi(owner, rt_mutex_top_waiter(lock));
|
||||
|
||||
- __rt_mutex_adjust_prio(owner);
|
||||
+ rt_mutex_adjust_prio(owner);
|
||||
|
||||
/* Store the lock on which owner is blocked or NULL */
|
||||
next_lock = task_blocked_on_lock(owner);
|
||||
@@ -1132,8 +1092,7 @@ void rt_mutex_adjust_pi(struct task_stru
|
||||
raw_spin_lock_irqsave(&task->pi_lock, flags);
|
||||
|
||||
waiter = task->pi_blocked_on;
|
||||
- if (!waiter || (waiter->prio == task->prio &&
|
||||
- !dl_prio(task->prio))) {
|
||||
+ if (!waiter || (waiter->prio == task->prio && !dl_prio(task->prio))) {
|
||||
raw_spin_unlock_irqrestore(&task->pi_lock, flags);
|
||||
return;
|
||||
}
|
||||
@@ -1387,17 +1346,6 @@ static bool __sched rt_mutex_slowunlock(
|
||||
* Queue the next waiter for wakeup once we release the wait_lock.
|
||||
*/
|
||||
mark_wakeup_next_waiter(wake_q, lock);
|
||||
-
|
||||
- /*
|
||||
- * We should deboost before waking the top waiter task such that
|
||||
- * we don't run two tasks with the 'same' priority. This however
|
||||
- * can lead to prio-inversion if we would get preempted after
|
||||
- * the deboost but before waking our high-prio task, hence the
|
||||
- * preempt_disable before unlock. Pairs with preempt_enable() in
|
||||
- * rt_mutex_postunlock();
|
||||
- */
|
||||
- preempt_disable();
|
||||
-
|
||||
raw_spin_unlock_irqrestore(&lock->wait_lock, flags);
|
||||
|
||||
return true; /* call rt_mutex_postunlock() */
|
||||
--- a/kernel/sched/core.c
|
||||
+++ b/kernel/sched/core.c
|
||||
@@ -3629,10 +3629,25 @@ EXPORT_SYMBOL(default_wake_function);
|
||||
|
||||
#ifdef CONFIG_RT_MUTEXES
|
||||
|
||||
+static inline int __rt_effective_prio(struct task_struct *pi_task, int prio)
|
||||
+{
|
||||
+ if (pi_task)
|
||||
+ prio = min(prio, pi_task->prio);
|
||||
+
|
||||
+ return prio;
|
||||
+}
|
||||
+
|
||||
+static inline int rt_effective_prio(struct task_struct *p, int prio)
|
||||
+{
|
||||
+ struct task_struct *pi_task = rt_mutex_get_top_task(p);
|
||||
+
|
||||
+ return __rt_effective_prio(pi_task, prio);
|
||||
+}
|
||||
+
|
||||
/*
|
||||
* rt_mutex_setprio - set the current priority of a task
|
||||
- * @p: task
|
||||
- * @prio: prio value (kernel-internal form)
|
||||
+ * @p: task to boost
|
||||
+ * @pi_task: donor task
|
||||
*
|
||||
* This function changes the 'effective' priority of a task. It does
|
||||
* not touch ->normal_prio like __setscheduler().
|
||||
@@ -3640,16 +3655,40 @@ EXPORT_SYMBOL(default_wake_function);
|
||||
* Used by the rt_mutex code to implement priority inheritance
|
||||
* logic. Call site only calls if the priority of the task changed.
|
||||
*/
|
||||
-void rt_mutex_setprio(struct task_struct *p, int prio)
|
||||
+void rt_mutex_setprio(struct task_struct *p, struct task_struct *pi_task)
|
||||
{
|
||||
- int oldprio, queued, running, queue_flag = DEQUEUE_SAVE | DEQUEUE_MOVE;
|
||||
+ int prio, oldprio, queued, running, queue_flag = DEQUEUE_SAVE | DEQUEUE_MOVE;
|
||||
const struct sched_class *prev_class;
|
||||
struct rq_flags rf;
|
||||
struct rq *rq;
|
||||
|
||||
- BUG_ON(prio > MAX_PRIO);
|
||||
+ /* XXX used to be waiter->prio, not waiter->task->prio */
|
||||
+ prio = __rt_effective_prio(pi_task, p->normal_prio);
|
||||
+
|
||||
+ /*
|
||||
+ * If nothing changed; bail early.
|
||||
+ */
|
||||
+ if (p->pi_top_task == pi_task && prio == p->prio && !dl_prio(prio))
|
||||
+ return;
|
||||
|
||||
rq = __task_rq_lock(p, &rf);
|
||||
+ /*
|
||||
+ * Set under pi_lock && rq->lock, such that the value can be used under
|
||||
+ * either lock.
|
||||
+ *
|
||||
+ * Note that there is loads of tricky to make this pointer cache work
|
||||
+ * right. rt_mutex_slowunlock()+rt_mutex_postunlock() work together to
|
||||
+ * ensure a task is de-boosted (pi_task is set to NULL) before the
|
||||
+ * task is allowed to run again (and can exit). This ensures the pointer
|
||||
+ * points to a blocked task -- which guaratees the task is present.
|
||||
+ */
|
||||
+ p->pi_top_task = pi_task;
|
||||
+
|
||||
+ /*
|
||||
+ * For FIFO/RR we only need to set prio, if that matches we're done.
|
||||
+ */
|
||||
+ if (prio == p->prio && !dl_prio(prio))
|
||||
+ goto out_unlock;
|
||||
|
||||
/*
|
||||
* Idle task boosting is a nono in general. There is one
|
||||
@@ -3669,9 +3708,7 @@ void rt_mutex_setprio(struct task_struct
|
||||
goto out_unlock;
|
||||
}
|
||||
|
||||
- rt_mutex_update_top_task(p);
|
||||
-
|
||||
- trace_sched_pi_setprio(p, prio);
|
||||
+ trace_sched_pi_setprio(p, prio); /* broken */
|
||||
oldprio = p->prio;
|
||||
|
||||
if (oldprio == prio)
|
||||
@@ -3695,7 +3732,6 @@ void rt_mutex_setprio(struct task_struct
|
||||
* running task
|
||||
*/
|
||||
if (dl_prio(prio)) {
|
||||
- struct task_struct *pi_task = rt_mutex_get_top_task(p);
|
||||
if (!dl_prio(p->normal_prio) ||
|
||||
(pi_task && dl_entity_preempt(&pi_task->dl, &p->dl))) {
|
||||
p->dl.dl_boosted = 1;
|
||||
@@ -3732,6 +3768,11 @@ void rt_mutex_setprio(struct task_struct
|
||||
balance_callback(rq);
|
||||
preempt_enable();
|
||||
}
|
||||
+#else
|
||||
+static inline int rt_effective_prio(struct task_struct *p, int prio)
|
||||
+{
|
||||
+ return prio;
|
||||
+}
|
||||
#endif
|
||||
|
||||
void set_user_nice(struct task_struct *p, long nice)
|
||||
@@ -3976,10 +4017,9 @@ static void __setscheduler(struct rq *rq
|
||||
* Keep a potential priority boosting if called from
|
||||
* sched_setscheduler().
|
||||
*/
|
||||
+ p->prio = normal_prio(p);
|
||||
if (keep_boost)
|
||||
- p->prio = rt_mutex_get_effective_prio(p, normal_prio(p));
|
||||
- else
|
||||
- p->prio = normal_prio(p);
|
||||
+ p->prio = rt_effective_prio(p, p->prio);
|
||||
|
||||
if (dl_prio(p->prio))
|
||||
p->sched_class = &dl_sched_class;
|
||||
@@ -4266,7 +4306,7 @@ static int __sched_setscheduler(struct t
|
||||
* the runqueue. This will be done when the task deboost
|
||||
* itself.
|
||||
*/
|
||||
- new_effective_prio = rt_mutex_get_effective_prio(p, newprio);
|
||||
+ new_effective_prio = rt_effective_prio(p, newprio);
|
||||
if (new_effective_prio == oldprio)
|
||||
queue_flags &= ~DEQUEUE_MOVE;
|
||||
}
|
|
@ -1,7 +1,7 @@
|
|||
From: Peter Zijlstra <peterz@infradead.org>
|
||||
Date: Wed, 22 Mar 2017 11:35:53 +0100
|
||||
Subject: [PATCH] futex: Cleanup refcounting
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.20-rt16.tar.xz
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.30-rt20.tar.xz
|
||||
|
||||
Upstream commit bf92cf3a5100f5a0d5f9834787b130159397cb22
|
||||
|
||||
|
|
109
debian/patches/features/all/rt/0006-sched-tracing-Update-trace_sched_pi_setprio.patch
vendored
Normal file
109
debian/patches/features/all/rt/0006-sched-tracing-Update-trace_sched_pi_setprio.patch
vendored
Normal file
|
@ -0,0 +1,109 @@
|
|||
From: Peter Zijlstra <peterz@infradead.org>
|
||||
Date: Thu, 23 Mar 2017 15:56:12 +0100
|
||||
Subject: [PATCH] sched,tracing: Update trace_sched_pi_setprio()
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.30-rt20.tar.xz
|
||||
|
||||
Upstream commit b91473ff6e979c0028f02f90e40c844959c736d8
|
||||
|
||||
Pass the PI donor task, instead of a numerical priority.
|
||||
|
||||
Numerical priorities are not sufficient to describe state ever since
|
||||
SCHED_DEADLINE.
|
||||
|
||||
Annotate all sched tracepoints that are currently broken; fixing them
|
||||
will bork userspace. *hate*.
|
||||
|
||||
Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
|
||||
Reviewed-by: Steven Rostedt <rostedt@goodmis.org>
|
||||
Cc: juri.lelli@arm.com
|
||||
Cc: bigeasy@linutronix.de
|
||||
Cc: xlpang@redhat.com
|
||||
Cc: mathieu.desnoyers@efficios.com
|
||||
Cc: jdesfossez@efficios.com
|
||||
Cc: bristot@redhat.com
|
||||
Link: http://lkml.kernel.org/r/20170323150216.353599881@infradead.org
|
||||
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
|
||||
---
|
||||
include/trace/events/sched.h | 16 +++++++++-------
|
||||
kernel/sched/core.c | 2 +-
|
||||
2 files changed, 10 insertions(+), 8 deletions(-)
|
||||
|
||||
--- a/include/trace/events/sched.h
|
||||
+++ b/include/trace/events/sched.h
|
||||
@@ -70,7 +70,7 @@ DECLARE_EVENT_CLASS(sched_wakeup_templat
|
||||
TP_fast_assign(
|
||||
memcpy(__entry->comm, p->comm, TASK_COMM_LEN);
|
||||
__entry->pid = p->pid;
|
||||
- __entry->prio = p->prio;
|
||||
+ __entry->prio = p->prio; /* XXX SCHED_DEADLINE */
|
||||
__entry->success = 1; /* rudiment, kill when possible */
|
||||
__entry->target_cpu = task_cpu(p);
|
||||
),
|
||||
@@ -147,6 +147,7 @@ TRACE_EVENT(sched_switch,
|
||||
memcpy(__entry->prev_comm, prev->comm, TASK_COMM_LEN);
|
||||
__entry->next_pid = next->pid;
|
||||
__entry->next_prio = next->prio;
|
||||
+ /* XXX SCHED_DEADLINE */
|
||||
),
|
||||
|
||||
TP_printk("prev_comm=%s prev_pid=%d prev_prio=%d prev_state=%s%s ==> next_comm=%s next_pid=%d next_prio=%d",
|
||||
@@ -181,7 +182,7 @@ TRACE_EVENT(sched_migrate_task,
|
||||
TP_fast_assign(
|
||||
memcpy(__entry->comm, p->comm, TASK_COMM_LEN);
|
||||
__entry->pid = p->pid;
|
||||
- __entry->prio = p->prio;
|
||||
+ __entry->prio = p->prio; /* XXX SCHED_DEADLINE */
|
||||
__entry->orig_cpu = task_cpu(p);
|
||||
__entry->dest_cpu = dest_cpu;
|
||||
),
|
||||
@@ -206,7 +207,7 @@ DECLARE_EVENT_CLASS(sched_process_templa
|
||||
TP_fast_assign(
|
||||
memcpy(__entry->comm, p->comm, TASK_COMM_LEN);
|
||||
__entry->pid = p->pid;
|
||||
- __entry->prio = p->prio;
|
||||
+ __entry->prio = p->prio; /* XXX SCHED_DEADLINE */
|
||||
),
|
||||
|
||||
TP_printk("comm=%s pid=%d prio=%d",
|
||||
@@ -253,7 +254,7 @@ TRACE_EVENT(sched_process_wait,
|
||||
TP_fast_assign(
|
||||
memcpy(__entry->comm, current->comm, TASK_COMM_LEN);
|
||||
__entry->pid = pid_nr(pid);
|
||||
- __entry->prio = current->prio;
|
||||
+ __entry->prio = current->prio; /* XXX SCHED_DEADLINE */
|
||||
),
|
||||
|
||||
TP_printk("comm=%s pid=%d prio=%d",
|
||||
@@ -413,9 +414,9 @@ DEFINE_EVENT(sched_stat_runtime, sched_s
|
||||
*/
|
||||
TRACE_EVENT(sched_pi_setprio,
|
||||
|
||||
- TP_PROTO(struct task_struct *tsk, int newprio),
|
||||
+ TP_PROTO(struct task_struct *tsk, struct task_struct *pi_task),
|
||||
|
||||
- TP_ARGS(tsk, newprio),
|
||||
+ TP_ARGS(tsk, pi_task),
|
||||
|
||||
TP_STRUCT__entry(
|
||||
__array( char, comm, TASK_COMM_LEN )
|
||||
@@ -428,7 +429,8 @@ TRACE_EVENT(sched_pi_setprio,
|
||||
memcpy(__entry->comm, tsk->comm, TASK_COMM_LEN);
|
||||
__entry->pid = tsk->pid;
|
||||
__entry->oldprio = tsk->prio;
|
||||
- __entry->newprio = newprio;
|
||||
+ __entry->newprio = pi_task ? pi_task->prio : tsk->prio;
|
||||
+ /* XXX SCHED_DEADLINE bits missing */
|
||||
),
|
||||
|
||||
TP_printk("comm=%s pid=%d oldprio=%d newprio=%d",
|
||||
--- a/kernel/sched/core.c
|
||||
+++ b/kernel/sched/core.c
|
||||
@@ -3708,7 +3708,7 @@ void rt_mutex_setprio(struct task_struct
|
||||
goto out_unlock;
|
||||
}
|
||||
|
||||
- trace_sched_pi_setprio(p, prio); /* broken */
|
||||
+ trace_sched_pi_setprio(p, pi_task);
|
||||
oldprio = p->prio;
|
||||
|
||||
if (oldprio == prio)
|
|
@ -1,7 +1,7 @@
|
|||
From: Peter Zijlstra <peterz@infradead.org>
|
||||
Date: Wed, 22 Mar 2017 11:35:54 +0100
|
||||
Subject: [PATCH] futex: Rework inconsistent rt_mutex/futex_q state
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.20-rt16.tar.xz
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.30-rt20.tar.xz
|
||||
|
||||
Upstream commit 73d786bd043ebc855f349c81ea805f6b11cbf2aa
|
||||
|
||||
|
|
122
debian/patches/features/all/rt/0007-rtmutex-Fix-PI-chain-order-integrity.patch
vendored
Normal file
122
debian/patches/features/all/rt/0007-rtmutex-Fix-PI-chain-order-integrity.patch
vendored
Normal file
|
@ -0,0 +1,122 @@
|
|||
From: Peter Zijlstra <peterz@infradead.org>
|
||||
Date: Thu, 23 Mar 2017 15:56:13 +0100
|
||||
Subject: [PATCH] rtmutex: Fix PI chain order integrity
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.30-rt20.tar.xz
|
||||
|
||||
Upstream commit e0aad5b44ff5d28ac1d6ae70cdf84ca228e889dc
|
||||
|
||||
rt_mutex_waiter::prio is a copy of task_struct::prio which is updated
|
||||
during the PI chain walk, such that the PI chain order isn't messed up
|
||||
by (asynchronous) task state updates.
|
||||
|
||||
Currently rt_mutex_waiter_less() uses task state for deadline tasks;
|
||||
this is broken, since the task state can, as said above, change
|
||||
asynchronously, causing the RB tree order to change without actual
|
||||
tree update -> FAIL.
|
||||
|
||||
Fix this by also copying the deadline into the rt_mutex_waiter state
|
||||
and updating it along with its prio field.
|
||||
|
||||
Ideally we would also force PI chain updates whenever DL tasks update
|
||||
their deadline parameter, but for first approximation this is less
|
||||
broken than it was.
|
||||
|
||||
Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
|
||||
Cc: juri.lelli@arm.com
|
||||
Cc: bigeasy@linutronix.de
|
||||
Cc: xlpang@redhat.com
|
||||
Cc: rostedt@goodmis.org
|
||||
Cc: mathieu.desnoyers@efficios.com
|
||||
Cc: jdesfossez@efficios.com
|
||||
Cc: bristot@redhat.com
|
||||
Link: http://lkml.kernel.org/r/20170323150216.403992539@infradead.org
|
||||
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
|
||||
---
|
||||
kernel/locking/rtmutex.c | 29 +++++++++++++++++++++++++++--
|
||||
kernel/locking/rtmutex_common.h | 1 +
|
||||
2 files changed, 28 insertions(+), 2 deletions(-)
|
||||
|
||||
--- a/kernel/locking/rtmutex.c
|
||||
+++ b/kernel/locking/rtmutex.c
|
||||
@@ -236,8 +236,7 @@ rt_mutex_waiter_less(struct rt_mutex_wai
|
||||
* then right waiter has a dl_prio() too.
|
||||
*/
|
||||
if (dl_prio(left->prio))
|
||||
- return dl_time_before(left->task->dl.deadline,
|
||||
- right->task->dl.deadline);
|
||||
+ return dl_time_before(left->deadline, right->deadline);
|
||||
|
||||
return 0;
|
||||
}
|
||||
@@ -648,7 +647,26 @@ static int rt_mutex_adjust_prio_chain(st
|
||||
|
||||
/* [7] Requeue the waiter in the lock waiter tree. */
|
||||
rt_mutex_dequeue(lock, waiter);
|
||||
+
|
||||
+ /*
|
||||
+ * Update the waiter prio fields now that we're dequeued.
|
||||
+ *
|
||||
+ * These values can have changed through either:
|
||||
+ *
|
||||
+ * sys_sched_set_scheduler() / sys_sched_setattr()
|
||||
+ *
|
||||
+ * or
|
||||
+ *
|
||||
+ * DL CBS enforcement advancing the effective deadline.
|
||||
+ *
|
||||
+ * Even though pi_waiters also uses these fields, and that tree is only
|
||||
+ * updated in [11], we can do this here, since we hold [L], which
|
||||
+ * serializes all pi_waiters access and rb_erase() does not care about
|
||||
+ * the values of the node being removed.
|
||||
+ */
|
||||
waiter->prio = task->prio;
|
||||
+ waiter->deadline = task->dl.deadline;
|
||||
+
|
||||
rt_mutex_enqueue(lock, waiter);
|
||||
|
||||
/* [8] Release the task */
|
||||
@@ -775,6 +793,8 @@ static int rt_mutex_adjust_prio_chain(st
|
||||
static int try_to_take_rt_mutex(struct rt_mutex *lock, struct task_struct *task,
|
||||
struct rt_mutex_waiter *waiter)
|
||||
{
|
||||
+ lockdep_assert_held(&lock->wait_lock);
|
||||
+
|
||||
/*
|
||||
* Before testing whether we can acquire @lock, we set the
|
||||
* RT_MUTEX_HAS_WAITERS bit in @lock->owner. This forces all
|
||||
@@ -900,6 +920,8 @@ static int task_blocks_on_rt_mutex(struc
|
||||
struct rt_mutex *next_lock;
|
||||
int chain_walk = 0, res;
|
||||
|
||||
+ lockdep_assert_held(&lock->wait_lock);
|
||||
+
|
||||
/*
|
||||
* Early deadlock detection. We really don't want the task to
|
||||
* enqueue on itself just to untangle the mess later. It's not
|
||||
@@ -917,6 +939,7 @@ static int task_blocks_on_rt_mutex(struc
|
||||
waiter->task = task;
|
||||
waiter->lock = lock;
|
||||
waiter->prio = task->prio;
|
||||
+ waiter->deadline = task->dl.deadline;
|
||||
|
||||
/* Get the top priority waiter on the lock */
|
||||
if (rt_mutex_has_waiters(lock))
|
||||
@@ -1034,6 +1057,8 @@ static void remove_waiter(struct rt_mute
|
||||
struct task_struct *owner = rt_mutex_owner(lock);
|
||||
struct rt_mutex *next_lock;
|
||||
|
||||
+ lockdep_assert_held(&lock->wait_lock);
|
||||
+
|
||||
raw_spin_lock(¤t->pi_lock);
|
||||
rt_mutex_dequeue(lock, waiter);
|
||||
current->pi_blocked_on = NULL;
|
||||
--- a/kernel/locking/rtmutex_common.h
|
||||
+++ b/kernel/locking/rtmutex_common.h
|
||||
@@ -33,6 +33,7 @@ struct rt_mutex_waiter {
|
||||
struct rt_mutex *deadlock_lock;
|
||||
#endif
|
||||
int prio;
|
||||
+ u64 deadline;
|
||||
};
|
||||
|
||||
/*
|
|
@ -1,7 +1,7 @@
|
|||
From: Peter Zijlstra <peterz@infradead.org>
|
||||
Date: Wed, 22 Mar 2017 11:35:55 +0100
|
||||
Subject: [PATCH] futex: Pull rt_mutex_futex_unlock() out from under hb->lock
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.20-rt16.tar.xz
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.30-rt20.tar.xz
|
||||
|
||||
Upstream commit 16ffa12d742534d4ff73e8b3a4e81c1de39196f0
|
||||
|
||||
|
|
102
debian/patches/features/all/rt/0008-rtmutex-Fix-more-prio-comparisons.patch
vendored
Normal file
102
debian/patches/features/all/rt/0008-rtmutex-Fix-more-prio-comparisons.patch
vendored
Normal file
|
@ -0,0 +1,102 @@
|
|||
From: Peter Zijlstra <peterz@infradead.org>
|
||||
Date: Thu, 23 Mar 2017 15:56:14 +0100
|
||||
Subject: [PATCH] rtmutex: Fix more prio comparisons
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.30-rt20.tar.xz
|
||||
|
||||
Upstream commit 19830e55247cddb3f46f1bf60b8e245593491bea
|
||||
|
||||
There was a pure ->prio comparison left in try_to_wake_rt_mutex(),
|
||||
convert it to use rt_mutex_waiter_less(), noting that greater-or-equal
|
||||
is not-less (both in kernel priority view).
|
||||
|
||||
This necessitated the introduction of cmp_task() which creates a
|
||||
pointer to an unnamed stack variable of struct rt_mutex_waiter type to
|
||||
compare against tasks.
|
||||
|
||||
With this, we can now also create and employ rt_mutex_waiter_equal().
|
||||
|
||||
Reviewed-and-tested-by: Juri Lelli <juri.lelli@arm.com>
|
||||
Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
|
||||
Reviewed-by: Thomas Gleixner <tglx@linutronix.de>
|
||||
Cc: juri.lelli@arm.com
|
||||
Cc: bigeasy@linutronix.de
|
||||
Cc: xlpang@redhat.com
|
||||
Cc: rostedt@goodmis.org
|
||||
Cc: mathieu.desnoyers@efficios.com
|
||||
Cc: jdesfossez@efficios.com
|
||||
Cc: bristot@redhat.com
|
||||
Link: http://lkml.kernel.org/r/20170323150216.455584638@infradead.org
|
||||
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
|
||||
---
|
||||
kernel/locking/rtmutex.c | 32 +++++++++++++++++++++++++++++---
|
||||
1 file changed, 29 insertions(+), 3 deletions(-)
|
||||
|
||||
--- a/kernel/locking/rtmutex.c
|
||||
+++ b/kernel/locking/rtmutex.c
|
||||
@@ -222,6 +222,12 @@ static inline bool unlock_rt_mutex_safe(
|
||||
}
|
||||
#endif
|
||||
|
||||
+/*
|
||||
+ * Only use with rt_mutex_waiter_{less,equal}()
|
||||
+ */
|
||||
+#define task_to_waiter(p) \
|
||||
+ &(struct rt_mutex_waiter){ .prio = (p)->prio, .deadline = (p)->dl.deadline }
|
||||
+
|
||||
static inline int
|
||||
rt_mutex_waiter_less(struct rt_mutex_waiter *left,
|
||||
struct rt_mutex_waiter *right)
|
||||
@@ -241,6 +247,25 @@ rt_mutex_waiter_less(struct rt_mutex_wai
|
||||
return 0;
|
||||
}
|
||||
|
||||
+static inline int
|
||||
+rt_mutex_waiter_equal(struct rt_mutex_waiter *left,
|
||||
+ struct rt_mutex_waiter *right)
|
||||
+{
|
||||
+ if (left->prio != right->prio)
|
||||
+ return 0;
|
||||
+
|
||||
+ /*
|
||||
+ * If both waiters have dl_prio(), we check the deadlines of the
|
||||
+ * associated tasks.
|
||||
+ * If left waiter has a dl_prio(), and we didn't return 0 above,
|
||||
+ * then right waiter has a dl_prio() too.
|
||||
+ */
|
||||
+ if (dl_prio(left->prio))
|
||||
+ return left->deadline == right->deadline;
|
||||
+
|
||||
+ return 1;
|
||||
+}
|
||||
+
|
||||
static void
|
||||
rt_mutex_enqueue(struct rt_mutex *lock, struct rt_mutex_waiter *waiter)
|
||||
{
|
||||
@@ -551,7 +576,7 @@ static int rt_mutex_adjust_prio_chain(st
|
||||
* enabled we continue, but stop the requeueing in the chain
|
||||
* walk.
|
||||
*/
|
||||
- if (waiter->prio == task->prio && !dl_task(task)) {
|
||||
+ if (rt_mutex_waiter_equal(waiter, task_to_waiter(task))) {
|
||||
if (!detect_deadlock)
|
||||
goto out_unlock_pi;
|
||||
else
|
||||
@@ -854,7 +879,8 @@ static int try_to_take_rt_mutex(struct r
|
||||
* the top waiter priority (kernel view),
|
||||
* @task lost.
|
||||
*/
|
||||
- if (task->prio >= rt_mutex_top_waiter(lock)->prio)
|
||||
+ if (!rt_mutex_waiter_less(task_to_waiter(task),
|
||||
+ rt_mutex_top_waiter(lock)))
|
||||
return 0;
|
||||
|
||||
/*
|
||||
@@ -1117,7 +1143,7 @@ void rt_mutex_adjust_pi(struct task_stru
|
||||
raw_spin_lock_irqsave(&task->pi_lock, flags);
|
||||
|
||||
waiter = task->pi_blocked_on;
|
||||
- if (!waiter || (waiter->prio == task->prio && !dl_prio(task->prio))) {
|
||||
+ if (!waiter || rt_mutex_waiter_equal(waiter, task_to_waiter(task))) {
|
||||
raw_spin_unlock_irqrestore(&task->pi_lock, flags);
|
||||
return;
|
||||
}
|
|
@ -1,7 +1,7 @@
|
|||
From: Peter Zijlstra <peterz@infradead.org>
|
||||
Date: Wed, 22 Mar 2017 11:35:56 +0100
|
||||
Subject: [PATCH] futex,rt_mutex: Introduce rt_mutex_init_waiter()
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.20-rt16.tar.xz
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.30-rt20.tar.xz
|
||||
|
||||
Upstream commit 50809358dd7199aa7ce232f6877dd09ec30ef374
|
||||
|
||||
|
|
43
debian/patches/features/all/rt/0009-rtmutex-Plug-preempt-count-leak-in-rt_mutex_futex_un.patch
vendored
Normal file
43
debian/patches/features/all/rt/0009-rtmutex-Plug-preempt-count-leak-in-rt_mutex_futex_un.patch
vendored
Normal file
|
@ -0,0 +1,43 @@
|
|||
From: Mike Galbraith <efault@gmx.de>
|
||||
Date: Wed, 5 Apr 2017 10:08:27 +0200
|
||||
Subject: [PATCH] rtmutex: Plug preempt count leak in
|
||||
rt_mutex_futex_unlock()
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.30-rt20.tar.xz
|
||||
|
||||
Upstream commit def34eaae5ce04b324e48e1bfac873091d945213
|
||||
|
||||
mark_wakeup_next_waiter() already disables preemption, doing so again
|
||||
leaves us with an unpaired preempt_disable().
|
||||
|
||||
Fixes: 2a1c60299406 ("rtmutex: Deboost before waking up the top waiter")
|
||||
Signed-off-by: Mike Galbraith <efault@gmx.de>
|
||||
Cc: Peter Zijlstra <peterz@infradead.org>
|
||||
Cc: xlpang@redhat.com
|
||||
Cc: rostedt@goodmis.org
|
||||
Link: http://lkml.kernel.org/r/1491379707.6538.2.camel@gmx.de
|
||||
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
|
||||
---
|
||||
kernel/locking/rtmutex.c | 10 +++++-----
|
||||
1 file changed, 5 insertions(+), 5 deletions(-)
|
||||
|
||||
--- a/kernel/locking/rtmutex.c
|
||||
+++ b/kernel/locking/rtmutex.c
|
||||
@@ -1579,13 +1579,13 @@ bool __sched __rt_mutex_futex_unlock(str
|
||||
return false; /* done */
|
||||
}
|
||||
|
||||
- mark_wakeup_next_waiter(wake_q, lock);
|
||||
/*
|
||||
- * We've already deboosted, retain preempt_disabled when dropping
|
||||
- * the wait_lock to avoid inversion until the wakeup. Matched
|
||||
- * by rt_mutex_postunlock();
|
||||
+ * We've already deboosted, mark_wakeup_next_waiter() will
|
||||
+ * retain preempt_disabled when we drop the wait_lock, to
|
||||
+ * avoid inversion prior to the wakeup. preempt_disable()
|
||||
+ * therein pairs with rt_mutex_postunlock().
|
||||
*/
|
||||
- preempt_disable();
|
||||
+ mark_wakeup_next_waiter(wake_q, lock);
|
||||
|
||||
return true; /* call postunlock() */
|
||||
}
|
|
@ -1,7 +1,7 @@
|
|||
From: Peter Zijlstra <peterz@infradead.org>
|
||||
Date: Wed, 22 Mar 2017 11:35:57 +0100
|
||||
Subject: [PATCH] futex,rt_mutex: Restructure rt_mutex_finish_proxy_lock()
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.20-rt16.tar.xz
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.30-rt20.tar.xz
|
||||
|
||||
Upstream commit 38d589f2fd08f1296aea3ce62bebd185125c6d81
|
||||
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
From: Peter Zijlstra <peterz@infradead.org>
|
||||
Date: Wed, 22 Mar 2017 11:35:58 +0100
|
||||
Subject: [PATCH] futex: Rework futex_lock_pi() to use rt_mutex_*_proxy_lock()
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.20-rt16.tar.xz
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.30-rt20.tar.xz
|
||||
|
||||
Upstream commit cfafcd117da0216520568c195cb2f6cd1980c4bb
|
||||
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
From: Peter Zijlstra <peterz@infradead.org>
|
||||
Date: Wed, 22 Mar 2017 11:35:59 +0100
|
||||
Subject: [PATCH] futex: Futex_unlock_pi() determinism
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.20-rt16.tar.xz
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.30-rt20.tar.xz
|
||||
|
||||
Upstream commit bebe5b514345f09be2c15e414d076b02ecb9cce8
|
||||
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
From: Peter Zijlstra <peterz@infradead.org>
|
||||
Date: Wed, 22 Mar 2017 11:36:00 +0100
|
||||
Subject: [PATCH] futex: Drop hb->lock before enqueueing on the rtmutex
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.20-rt16.tar.xz
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.30-rt20.tar.xz
|
||||
|
||||
Upstream commit 56222b212e8edb1cf51f5dd73ff645809b082b40
|
||||
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
From: "Yadi.hu" <yadi.hu@windriver.com>
|
||||
Date: Wed, 10 Dec 2014 10:32:09 +0800
|
||||
Subject: ARM: enable irq in translation/section permission fault handlers
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.20-rt16.tar.xz
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.30-rt20.tar.xz
|
||||
|
||||
Probably happens on all ARM, with
|
||||
CONFIG_PREEMPT_RT_FULL
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
From: Sebastian Andrzej Siewior <bigeasy@linutronix.de>
|
||||
Date: Thu, 21 Mar 2013 19:01:05 +0100
|
||||
Subject: printk: Drop the logbuf_lock more often
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.20-rt16.tar.xz
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.30-rt20.tar.xz
|
||||
|
||||
The lock is hold with irgs off. The latency drops 500us+ on my arm bugs
|
||||
with a "full" buffer after executing "dmesg" on the shell.
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
From: Josh Cartwright <joshc@ni.com>
|
||||
Date: Thu, 11 Feb 2016 11:54:01 -0600
|
||||
Subject: KVM: arm/arm64: downgrade preempt_disable()d region to migrate_disable()
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.20-rt16.tar.xz
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.30-rt20.tar.xz
|
||||
|
||||
kvm_arch_vcpu_ioctl_run() disables the use of preemption when updating
|
||||
the vgic and timer states to prevent the calling task from migrating to
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
From: Marcelo Tosatti <mtosatti@redhat.com>
|
||||
Date: Wed, 8 Apr 2015 20:33:25 -0300
|
||||
Subject: KVM: lapic: mark LAPIC timer handler as irqsafe
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.20-rt16.tar.xz
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.30-rt20.tar.xz
|
||||
|
||||
Since lapic timer handler only wakes up a simple waitqueue,
|
||||
it can be executed from hardirq context.
|
||||
|
|
|
@ -5,7 +5,7 @@ Cc: Anna Schumaker <anna.schumaker@netapp.com>,
|
|||
linux-nfs@vger.kernel.org, linux-kernel@vger.kernel.org,
|
||||
tglx@linutronix.de
|
||||
Subject: NFSv4: replace seqcount_t with a seqlock_t
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.20-rt16.tar.xz
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.30-rt20.tar.xz
|
||||
|
||||
The raw_write_seqcount_begin() in nfs4_reclaim_open_state() bugs me
|
||||
because it maps to preempt_disable() in -RT which I can't have at this
|
||||
|
@ -58,7 +58,7 @@ Signed-off-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de>
|
|||
|
||||
--- a/fs/nfs/nfs4proc.c
|
||||
+++ b/fs/nfs/nfs4proc.c
|
||||
@@ -2698,7 +2698,7 @@ static int _nfs4_open_and_get_state(stru
|
||||
@@ -2697,7 +2697,7 @@ static int _nfs4_open_and_get_state(stru
|
||||
unsigned int seq;
|
||||
int ret;
|
||||
|
||||
|
@ -67,7 +67,7 @@ Signed-off-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de>
|
|||
|
||||
ret = _nfs4_proc_open(opendata);
|
||||
if (ret != 0)
|
||||
@@ -2736,7 +2736,7 @@ static int _nfs4_open_and_get_state(stru
|
||||
@@ -2735,7 +2735,7 @@ static int _nfs4_open_and_get_state(stru
|
||||
|
||||
if (d_inode(dentry) == state->inode) {
|
||||
nfs_inode_attach_open_context(ctx);
|
||||
|
|
218
debian/patches/features/all/rt/Revert-timers-Don-t-wake-ktimersoftd-on-every-tick.patch
vendored
Normal file
218
debian/patches/features/all/rt/Revert-timers-Don-t-wake-ktimersoftd-on-every-tick.patch
vendored
Normal file
|
@ -0,0 +1,218 @@
|
|||
From 16145f9c01a2e671aceb731050de9fbf977d31d0 Mon Sep 17 00:00:00 2001
|
||||
From: Anna-Maria Gleixner <anna-maria@linutronix.de>
|
||||
Date: Fri, 26 May 2017 19:16:07 +0200
|
||||
Subject: [PATCH] Revert "timers: Don't wake ktimersoftd on every tick"
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.30-rt20.tar.xz
|
||||
|
||||
This reverts commit 032f93cae150a ("timers: Don't wake ktimersoftd on
|
||||
every tick").
|
||||
|
||||
The problem is that the look ahead optimization from the tick timer
|
||||
interrupt context can race with the softirq thread expiring timer. As
|
||||
a consequence the temporary hlist heads which hold the to expire
|
||||
timers are overwritten and the timers which are already removed from
|
||||
the wheel bucket for expiry are now dangling w/o a list head.
|
||||
|
||||
That means those timers never get expired. If one of those timers is
|
||||
canceled the removal operation will result in a hlist corruption.
|
||||
|
||||
Signed-off-by: Anna-Maria Gleixner <anna-maria@linutronix.de>
|
||||
Signed-off-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de>
|
||||
---
|
||||
kernel/time/timer.c | 96 +++++++++++++++-------------------------------------
|
||||
1 file changed, 29 insertions(+), 67 deletions(-)
|
||||
|
||||
--- a/kernel/time/timer.c
|
||||
+++ b/kernel/time/timer.c
|
||||
@@ -206,8 +206,6 @@ struct timer_base {
|
||||
bool is_idle;
|
||||
DECLARE_BITMAP(pending_map, WHEEL_SIZE);
|
||||
struct hlist_head vectors[WHEEL_SIZE];
|
||||
- struct hlist_head expired_lists[LVL_DEPTH];
|
||||
- int expired_count;
|
||||
} ____cacheline_aligned;
|
||||
|
||||
static DEFINE_PER_CPU(struct timer_base, timer_bases[NR_BASES]);
|
||||
@@ -1355,8 +1353,7 @@ static void call_timer_fn(struct timer_l
|
||||
}
|
||||
}
|
||||
|
||||
-static inline void __expire_timers(struct timer_base *base,
|
||||
- struct hlist_head *head)
|
||||
+static void expire_timers(struct timer_base *base, struct hlist_head *head)
|
||||
{
|
||||
while (!hlist_empty(head)) {
|
||||
struct timer_list *timer;
|
||||
@@ -1387,38 +1384,21 @@ static inline void __expire_timers(struc
|
||||
}
|
||||
}
|
||||
|
||||
-static void expire_timers(struct timer_base *base)
|
||||
-{
|
||||
- struct hlist_head *head;
|
||||
-
|
||||
- while (base->expired_count--) {
|
||||
- head = base->expired_lists + base->expired_count;
|
||||
- __expire_timers(base, head);
|
||||
- }
|
||||
- base->expired_count = 0;
|
||||
-}
|
||||
-
|
||||
-static void __collect_expired_timers(struct timer_base *base)
|
||||
+static int __collect_expired_timers(struct timer_base *base,
|
||||
+ struct hlist_head *heads)
|
||||
{
|
||||
unsigned long clk = base->clk;
|
||||
struct hlist_head *vec;
|
||||
- int i;
|
||||
+ int i, levels = 0;
|
||||
unsigned int idx;
|
||||
|
||||
- /*
|
||||
- * expire_timers() must be called at least once before we can
|
||||
- * collect more timers
|
||||
- */
|
||||
- if (WARN_ON(base->expired_count))
|
||||
- return;
|
||||
-
|
||||
for (i = 0; i < LVL_DEPTH; i++) {
|
||||
idx = (clk & LVL_MASK) + i * LVL_SIZE;
|
||||
|
||||
if (__test_and_clear_bit(idx, base->pending_map)) {
|
||||
vec = base->vectors + idx;
|
||||
- hlist_move_list(vec,
|
||||
- &base->expired_lists[base->expired_count++]);
|
||||
+ hlist_move_list(vec, heads++);
|
||||
+ levels++;
|
||||
}
|
||||
/* Is it time to look at the next level? */
|
||||
if (clk & LVL_CLK_MASK)
|
||||
@@ -1426,6 +1406,7 @@ static void __collect_expired_timers(str
|
||||
/* Shift clock for the next level granularity */
|
||||
clk >>= LVL_CLK_SHIFT;
|
||||
}
|
||||
+ return levels;
|
||||
}
|
||||
|
||||
#ifdef CONFIG_NO_HZ_COMMON
|
||||
@@ -1618,7 +1599,8 @@ void timer_clear_idle(void)
|
||||
base->is_idle = false;
|
||||
}
|
||||
|
||||
-static void collect_expired_timers(struct timer_base *base)
|
||||
+static int collect_expired_timers(struct timer_base *base,
|
||||
+ struct hlist_head *heads)
|
||||
{
|
||||
/*
|
||||
* NOHZ optimization. After a long idle sleep we need to forward the
|
||||
@@ -1635,49 +1617,20 @@ static void collect_expired_timers(struc
|
||||
if (time_after(next, jiffies)) {
|
||||
/* The call site will increment clock! */
|
||||
base->clk = jiffies - 1;
|
||||
- return;
|
||||
+ return 0;
|
||||
}
|
||||
base->clk = next;
|
||||
}
|
||||
- __collect_expired_timers(base);
|
||||
+ return __collect_expired_timers(base, heads);
|
||||
}
|
||||
#else
|
||||
-static inline void collect_expired_timers(struct timer_base *base)
|
||||
+static inline int collect_expired_timers(struct timer_base *base,
|
||||
+ struct hlist_head *heads)
|
||||
{
|
||||
- __collect_expired_timers(base);
|
||||
+ return __collect_expired_timers(base, heads);
|
||||
}
|
||||
#endif
|
||||
|
||||
-static int find_expired_timers(struct timer_base *base)
|
||||
-{
|
||||
- const unsigned long int end_clk = jiffies;
|
||||
-
|
||||
- while (!base->expired_count && time_after_eq(end_clk, base->clk)) {
|
||||
- collect_expired_timers(base);
|
||||
- base->clk++;
|
||||
- }
|
||||
-
|
||||
- return base->expired_count;
|
||||
-}
|
||||
-
|
||||
-/* Called from CPU tick routine to quickly collect expired timers */
|
||||
-static int tick_find_expired(struct timer_base *base)
|
||||
-{
|
||||
- int count;
|
||||
-
|
||||
- raw_spin_lock(&base->lock);
|
||||
-
|
||||
- if (unlikely(time_after(jiffies, base->clk + HZ))) {
|
||||
- /* defer to ktimersoftd; don't spend too long in irq context */
|
||||
- count = -1;
|
||||
- } else
|
||||
- count = find_expired_timers(base);
|
||||
-
|
||||
- raw_spin_unlock(&base->lock);
|
||||
-
|
||||
- return count;
|
||||
-}
|
||||
-
|
||||
/*
|
||||
* Called from the timer interrupt handler to charge one tick to the current
|
||||
* process. user_tick is 1 if the tick is user time, 0 for system.
|
||||
@@ -1704,11 +1657,22 @@ void update_process_times(int user_tick)
|
||||
*/
|
||||
static inline void __run_timers(struct timer_base *base)
|
||||
{
|
||||
+ struct hlist_head heads[LVL_DEPTH];
|
||||
+ int levels;
|
||||
+
|
||||
+ if (!time_after_eq(jiffies, base->clk))
|
||||
+ return;
|
||||
+
|
||||
raw_spin_lock_irq(&base->lock);
|
||||
|
||||
- while (find_expired_timers(base))
|
||||
- expire_timers(base);
|
||||
+ while (time_after_eq(jiffies, base->clk)) {
|
||||
+
|
||||
+ levels = collect_expired_timers(base, heads);
|
||||
+ base->clk++;
|
||||
|
||||
+ while (levels--)
|
||||
+ expire_timers(base, heads + levels);
|
||||
+ }
|
||||
raw_spin_unlock_irq(&base->lock);
|
||||
wakeup_timer_waiters(base);
|
||||
}
|
||||
@@ -1734,12 +1698,12 @@ void run_local_timers(void)
|
||||
|
||||
hrtimer_run_queues();
|
||||
/* Raise the softirq only if required. */
|
||||
- if (time_before(jiffies, base->clk) || !tick_find_expired(base)) {
|
||||
+ if (time_before(jiffies, base->clk)) {
|
||||
if (!IS_ENABLED(CONFIG_NO_HZ_COMMON) || !base->nohz_active)
|
||||
return;
|
||||
/* CPU is awake, so check the deferrable base. */
|
||||
base++;
|
||||
- if (time_before(jiffies, base->clk) || !tick_find_expired(base))
|
||||
+ if (time_before(jiffies, base->clk))
|
||||
return;
|
||||
}
|
||||
raise_softirq(TIMER_SOFTIRQ);
|
||||
@@ -1909,7 +1873,6 @@ int timers_dead_cpu(unsigned int cpu)
|
||||
raw_spin_lock_nested(&old_base->lock, SINGLE_DEPTH_NESTING);
|
||||
|
||||
BUG_ON(old_base->running_timer);
|
||||
- BUG_ON(old_base->expired_count);
|
||||
|
||||
for (i = 0; i < WHEEL_SIZE; i++)
|
||||
migrate_timer_list(new_base, old_base->vectors + i);
|
||||
@@ -1936,7 +1899,6 @@ static void __init init_timer_cpu(int cp
|
||||
#ifdef CONFIG_PREEMPT_RT_FULL
|
||||
init_swait_queue_head(&base->wait_for_running_timer);
|
||||
#endif
|
||||
- base->expired_count = 0;
|
||||
}
|
||||
}
|
||||
|
|
@ -1,7 +1,7 @@
|
|||
From: Steven Rostedt <rostedt@goodmis.org>
|
||||
Date: Wed, 13 Feb 2013 09:26:05 -0500
|
||||
Subject: acpi/rt: Convert acpi_gbl_hardware lock back to a raw_spinlock_t
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.20-rt16.tar.xz
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.30-rt20.tar.xz
|
||||
|
||||
We hit the following bug with 3.6-rt:
|
||||
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
From: Anders Roxell <anders.roxell@linaro.org>
|
||||
Date: Thu, 14 May 2015 17:52:17 +0200
|
||||
Subject: arch/arm64: Add lazy preempt support
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.20-rt16.tar.xz
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.30-rt20.tar.xz
|
||||
|
||||
arm64 is missing support for PREEMPT_RT. The main feature which is
|
||||
lacking is support for lazy preemption. The arch-specific entry code,
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
From: Benedikt Spranger <b.spranger@linutronix.de>
|
||||
Date: Sat, 6 Mar 2010 17:47:10 +0100
|
||||
Subject: ARM: AT91: PIT: Remove irq handler when clock event is unused
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.20-rt16.tar.xz
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.30-rt20.tar.xz
|
||||
|
||||
Setup and remove the interrupt handler in clock event mode selection.
|
||||
This avoids calling the (shared) interrupt handler when the device is
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
From: Thomas Gleixner <tglx@linutronix.de>
|
||||
Date: Sat, 1 May 2010 18:29:35 +0200
|
||||
Subject: ARM: at91: tclib: Default to tclib timer for RT
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.20-rt16.tar.xz
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.30-rt20.tar.xz
|
||||
|
||||
RT is not too happy about the shared timer interrupt in AT91
|
||||
devices. Default to tclib timer for RT.
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
From: Frank Rowand <frank.rowand@am.sony.com>
|
||||
Date: Mon, 19 Sep 2011 14:51:14 -0700
|
||||
Subject: arm: Convert arm boot_lock to raw
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.20-rt16.tar.xz
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.30-rt20.tar.xz
|
||||
|
||||
The arm boot_lock is used by the secondary processor startup code. The locking
|
||||
task is the idle thread, which has idle->sched_class == &idle_sched_class.
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
Subject: arm: Enable highmem for rt
|
||||
From: Thomas Gleixner <tglx@linutronix.de>
|
||||
Date: Wed, 13 Feb 2013 11:03:11 +0100
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.20-rt16.tar.xz
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.30-rt20.tar.xz
|
||||
|
||||
fixup highmem for ARM.
|
||||
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
From: Sebastian Andrzej Siewior <bigeasy@linutronix.de>
|
||||
Date: Mon, 11 Mar 2013 21:37:27 +0100
|
||||
Subject: arm/highmem: Flush tlb on unmap
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.20-rt16.tar.xz
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.30-rt20.tar.xz
|
||||
|
||||
The tlb should be flushed on unmap and thus make the mapping entry
|
||||
invalid. This is only done in the non-debug case which does not look
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
From: Sebastian Andrzej Siewior <bigeasy@linutronix.de>
|
||||
Date: Thu, 22 Dec 2016 17:28:33 +0100
|
||||
Subject: [PATCH] arm: include definition for cpumask_t
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.20-rt16.tar.xz
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.30-rt20.tar.xz
|
||||
|
||||
This definition gets pulled in by other files. With the (later) split of
|
||||
RCU and spinlock.h it won't compile anymore.
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
From: Yang Shi <yang.shi@linaro.org>
|
||||
Date: Thu, 10 Nov 2016 16:17:55 -0800
|
||||
Subject: [PATCH] arm: kprobe: replace patch_lock to raw lock
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.20-rt16.tar.xz
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.30-rt20.tar.xz
|
||||
|
||||
When running kprobe on -rt kernel, the below bug is caught:
|
||||
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
Subject: arm: Add support for lazy preemption
|
||||
From: Thomas Gleixner <tglx@linutronix.de>
|
||||
Date: Wed, 31 Oct 2012 12:04:11 +0100
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.20-rt16.tar.xz
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.30-rt20.tar.xz
|
||||
|
||||
Implement the arm pieces for lazy preempt.
|
||||
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
From: Sebastian Andrzej Siewior <bigeasy@linutronix.de>
|
||||
Date: Fri, 20 Sep 2013 14:31:54 +0200
|
||||
Subject: arm/unwind: use a raw_spin_lock
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.20-rt16.tar.xz
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.30-rt20.tar.xz
|
||||
|
||||
Mostly unwind is done with irqs enabled however SLUB may call it with
|
||||
irqs disabled while creating a new SLUB cache.
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
Subject: arm64/xen: Make XEN depend on !RT
|
||||
From: Thomas Gleixner <tglx@linutronix.de>
|
||||
Date: Mon, 12 Oct 2015 11:18:40 +0200
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.20-rt16.tar.xz
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.30-rt20.tar.xz
|
||||
|
||||
It's not ready and probably never will be, unless xen folks have a
|
||||
look at it.
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
From: Sebastian Andrzej Siewior <bigeasy@linutronix.de>
|
||||
Date: Wed, 09 Mar 2016 10:51:06 +0100
|
||||
Subject: arm: at91: do not disable/enable clocks in a row
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.20-rt16.tar.xz
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.30-rt20.tar.xz
|
||||
|
||||
Currently the driver will disable the clock and enable it one line later
|
||||
if it is switching from periodic mode into one shot.
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
From: Steven Rostedt <srostedt@redhat.com>
|
||||
Date: Fri, 3 Jul 2009 08:44:29 -0500
|
||||
Subject: ata: Do not disable interrupts in ide code for preempt-rt
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.20-rt16.tar.xz
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.30-rt20.tar.xz
|
||||
|
||||
Use the local_irq_*_nort variants.
|
||||
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
From: Sebastian Andrzej Siewior <bigeasy@linutronix.de>
|
||||
Date: Fri, 13 Feb 2015 11:01:26 +0100
|
||||
Subject: block: blk-mq: Use swait
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.20-rt16.tar.xz
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.30-rt20.tar.xz
|
||||
|
||||
| BUG: sleeping function called from invalid context at kernel/locking/rtmutex.c:914
|
||||
| in_atomic(): 1, irqs_disabled(): 0, pid: 255, name: kworker/u257:6
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
From: Sebastian Andrzej Siewior <bigeasy@linutronix.de>
|
||||
Date: Thu, 29 Jan 2015 15:10:08 +0100
|
||||
Subject: block/mq: don't complete requests via IPI
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.20-rt16.tar.xz
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.30-rt20.tar.xz
|
||||
|
||||
The IPI runs in hardirq context and there are sleeping locks. This patch
|
||||
moves the completion into a workqueue.
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
From: Sebastian Andrzej Siewior <bigeasy@linutronix.de>
|
||||
Date: Tue, 14 Jul 2015 14:26:34 +0200
|
||||
Subject: block/mq: do not invoke preempt_disable()
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.20-rt16.tar.xz
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.30-rt20.tar.xz
|
||||
|
||||
preempt_disable() and get_cpu() don't play well together with the sleeping
|
||||
locks it tries to allocate later.
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
From: Sebastian Andrzej Siewior <bigeasy@linutronix.de>
|
||||
Date: Wed, 9 Apr 2014 10:37:23 +0200
|
||||
Subject: block: mq: use cpu_light()
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.20-rt16.tar.xz
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.30-rt20.tar.xz
|
||||
|
||||
there is a might sleep splat because get_cpu() disables preemption and
|
||||
later we grab a lock. As a workaround for this we use get_cpu_light().
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
Subject: block: Shorten interrupt disabled regions
|
||||
From: Thomas Gleixner <tglx@linutronix.de>
|
||||
Date: Wed, 22 Jun 2011 19:47:02 +0200
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.20-rt16.tar.xz
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.30-rt20.tar.xz
|
||||
|
||||
Moving the blk_sched_flush_plug() call out of the interrupt/preempt
|
||||
disabled region in the scheduler allows us to replace
|
||||
|
@ -48,7 +48,7 @@ Link: http://lkml.kernel.org/r/20110622174919.025446432@linutronix.de
|
|||
|
||||
--- a/block/blk-core.c
|
||||
+++ b/block/blk-core.c
|
||||
@@ -3177,7 +3177,7 @@ static void queue_unplugged(struct reque
|
||||
@@ -3200,7 +3200,7 @@ static void queue_unplugged(struct reque
|
||||
blk_run_queue_async(q);
|
||||
else
|
||||
__blk_run_queue(q);
|
||||
|
@ -57,7 +57,7 @@ Link: http://lkml.kernel.org/r/20110622174919.025446432@linutronix.de
|
|||
}
|
||||
|
||||
static void flush_plug_callbacks(struct blk_plug *plug, bool from_schedule)
|
||||
@@ -3225,7 +3225,6 @@ EXPORT_SYMBOL(blk_check_plugged);
|
||||
@@ -3248,7 +3248,6 @@ EXPORT_SYMBOL(blk_check_plugged);
|
||||
void blk_flush_plug_list(struct blk_plug *plug, bool from_schedule)
|
||||
{
|
||||
struct request_queue *q;
|
||||
|
@ -65,7 +65,7 @@ Link: http://lkml.kernel.org/r/20110622174919.025446432@linutronix.de
|
|||
struct request *rq;
|
||||
LIST_HEAD(list);
|
||||
unsigned int depth;
|
||||
@@ -3245,11 +3244,6 @@ void blk_flush_plug_list(struct blk_plug
|
||||
@@ -3268,11 +3267,6 @@ void blk_flush_plug_list(struct blk_plug
|
||||
q = NULL;
|
||||
depth = 0;
|
||||
|
||||
|
@ -77,7 +77,7 @@ Link: http://lkml.kernel.org/r/20110622174919.025446432@linutronix.de
|
|||
while (!list_empty(&list)) {
|
||||
rq = list_entry_rq(list.next);
|
||||
list_del_init(&rq->queuelist);
|
||||
@@ -3262,7 +3256,7 @@ void blk_flush_plug_list(struct blk_plug
|
||||
@@ -3285,7 +3279,7 @@ void blk_flush_plug_list(struct blk_plug
|
||||
queue_unplugged(q, depth, from_schedule);
|
||||
q = rq->q;
|
||||
depth = 0;
|
||||
|
@ -86,7 +86,7 @@ Link: http://lkml.kernel.org/r/20110622174919.025446432@linutronix.de
|
|||
}
|
||||
|
||||
/*
|
||||
@@ -3289,8 +3283,6 @@ void blk_flush_plug_list(struct blk_plug
|
||||
@@ -3312,8 +3306,6 @@ void blk_flush_plug_list(struct blk_plug
|
||||
*/
|
||||
if (q)
|
||||
queue_unplugged(q, depth, from_schedule);
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
Subject: block: Use cpu_chill() for retry loops
|
||||
From: Thomas Gleixner <tglx@linutronix.de>
|
||||
Date: Thu, 20 Dec 2012 18:28:26 +0100
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.20-rt16.tar.xz
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.30-rt20.tar.xz
|
||||
|
||||
Retry loops on RT might loop forever when the modifying side was
|
||||
preempted. Steven also observed a live lock when there was a
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
From: Ingo Molnar <mingo@elte.hu>
|
||||
Date: Fri, 3 Jul 2009 08:29:58 -0500
|
||||
Subject: bug: BUG_ON/WARN_ON variants dependend on RT/!RT
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.20-rt16.tar.xz
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.30-rt20.tar.xz
|
||||
|
||||
Introduce RT/NON-RT WARN/BUG statements to avoid ifdefs in the code.
|
||||
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
From: Mike Galbraith <umgwanakikbuti@gmail.com>
|
||||
Date: Sat, 21 Jun 2014 10:09:48 +0200
|
||||
Subject: memcontrol: Prevent scheduling while atomic in cgroup code
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.20-rt16.tar.xz
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.30-rt20.tar.xz
|
||||
|
||||
mm, memcg: make refill_stock() use get_cpu_light()
|
||||
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
From: Sebastian Andrzej Siewior <bigeasy@linutronix.de>
|
||||
Date: Fri, 13 Feb 2015 15:52:24 +0100
|
||||
Subject: cgroups: use simple wait in css_release()
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.20-rt16.tar.xz
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.30-rt20.tar.xz
|
||||
|
||||
To avoid:
|
||||
|BUG: sleeping function called from invalid context at kernel/locking/rtmutex.c:914
|
||||
|
@ -53,7 +53,7 @@ Signed-off-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de>
|
|||
/*
|
||||
--- a/kernel/cgroup.c
|
||||
+++ b/kernel/cgroup.c
|
||||
@@ -5040,10 +5040,10 @@ static void css_free_rcu_fn(struct rcu_h
|
||||
@@ -5041,10 +5041,10 @@ static void css_free_rcu_fn(struct rcu_h
|
||||
queue_work(cgroup_destroy_wq, &css->destroy_work);
|
||||
}
|
||||
|
||||
|
@ -66,7 +66,7 @@ Signed-off-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de>
|
|||
struct cgroup_subsys *ss = css->ss;
|
||||
struct cgroup *cgrp = css->cgroup;
|
||||
|
||||
@@ -5086,8 +5086,8 @@ static void css_release(struct percpu_re
|
||||
@@ -5087,8 +5087,8 @@ static void css_release(struct percpu_re
|
||||
struct cgroup_subsys_state *css =
|
||||
container_of(ref, struct cgroup_subsys_state, refcnt);
|
||||
|
||||
|
@ -77,7 +77,7 @@ Signed-off-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de>
|
|||
}
|
||||
|
||||
static void init_and_link_css(struct cgroup_subsys_state *css,
|
||||
@@ -5739,6 +5739,7 @@ static int __init cgroup_wq_init(void)
|
||||
@@ -5740,6 +5740,7 @@ static int __init cgroup_wq_init(void)
|
||||
*/
|
||||
cgroup_destroy_wq = alloc_workqueue("cgroup_destroy", 0, 1);
|
||||
BUG_ON(!cgroup_destroy_wq);
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
From: Alexandre Belloni <alexandre.belloni@free-electrons.com>
|
||||
Date: Thu, 17 Mar 2016 21:09:43 +0100
|
||||
Subject: [PATCH] clockevents/drivers/timer-atmel-pit: fix double free_irq
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.20-rt16.tar.xz
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.30-rt20.tar.xz
|
||||
|
||||
clockevents_exchange_device() changes the state from detached to shutdown
|
||||
and so at that point the IRQ has not yet been requested.
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
From: Benedikt Spranger <b.spranger@linutronix.de>
|
||||
Date: Mon, 8 Mar 2010 18:57:04 +0100
|
||||
Subject: clocksource: TCLIB: Allow higher clock rates for clock events
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.20-rt16.tar.xz
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.30-rt20.tar.xz
|
||||
|
||||
As default the TCLIB uses the 32KiHz base clock rate for clock events.
|
||||
Add a compile time selection to allow higher clock resulution.
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
Subject: completion: Use simple wait queues
|
||||
From: Thomas Gleixner <tglx@linutronix.de>
|
||||
Date: Fri, 11 Jan 2013 11:23:51 +0100
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.20-rt16.tar.xz
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.30-rt20.tar.xz
|
||||
|
||||
Completions have no long lasting callbacks and therefor do not need
|
||||
the complex waitqueue variant. Use simple waitqueues which reduces the
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
Subject: sched: Use the proper LOCK_OFFSET for cond_resched()
|
||||
From: Thomas Gleixner <tglx@linutronix.de>
|
||||
Date: Sun, 17 Jul 2011 22:51:33 +0200
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.20-rt16.tar.xz
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.30-rt20.tar.xz
|
||||
|
||||
RT does not increment preempt count when a 'sleeping' spinlock is
|
||||
locked. Update PREEMPT_LOCK_OFFSET for that case.
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
Subject: sched: Take RT softirq semantics into account in cond_resched()
|
||||
From: Thomas Gleixner <tglx@linutronix.de>
|
||||
Date: Thu, 14 Jul 2011 09:56:44 +0200
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.20-rt16.tar.xz
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.30-rt20.tar.xz
|
||||
|
||||
The softirq semantics work different on -RT. There is no SOFTIRQ_MASK in
|
||||
the preemption counter which leads to the BUG_ON() statement in
|
||||
|
@ -16,7 +16,7 @@ Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
|
|||
|
||||
--- a/include/linux/sched.h
|
||||
+++ b/include/linux/sched.h
|
||||
@@ -3367,12 +3367,16 @@ extern int __cond_resched_lock(spinlock_
|
||||
@@ -3373,12 +3373,16 @@ extern int __cond_resched_lock(spinlock_
|
||||
__cond_resched_lock(lock); \
|
||||
})
|
||||
|
||||
|
@ -35,7 +35,7 @@ Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
|
|||
{
|
||||
--- a/kernel/sched/core.c
|
||||
+++ b/kernel/sched/core.c
|
||||
@@ -5050,6 +5050,7 @@ int __cond_resched_lock(spinlock_t *lock
|
||||
@@ -5092,6 +5092,7 @@ int __cond_resched_lock(spinlock_t *lock
|
||||
}
|
||||
EXPORT_SYMBOL(__cond_resched_lock);
|
||||
|
||||
|
@ -43,7 +43,7 @@ Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
|
|||
int __sched __cond_resched_softirq(void)
|
||||
{
|
||||
BUG_ON(!in_softirq());
|
||||
@@ -5063,6 +5064,7 @@ int __sched __cond_resched_softirq(void)
|
||||
@@ -5105,6 +5106,7 @@ int __sched __cond_resched_softirq(void)
|
||||
return 0;
|
||||
}
|
||||
EXPORT_SYMBOL(__cond_resched_softirq);
|
||||
|
|
|
@ -2,7 +2,7 @@ From: Mike Galbraith <umgwanakikbuti@gmail.com>
|
|||
Date: Sun, 16 Oct 2016 05:11:54 +0200
|
||||
Subject: [PATCH] connector/cn_proc: Protect send_msg() with a local lock
|
||||
on RT
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.20-rt16.tar.xz
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.30-rt20.tar.xz
|
||||
|
||||
|BUG: sleeping function called from invalid context at kernel/locking/rtmutex.c:931
|
||||
|in_atomic(): 1, irqs_disabled(): 0, pid: 31807, name: sleep
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
From: Steven Rostedt <rostedt@goodmis.org>
|
||||
Date: Thu, 5 Dec 2013 09:16:52 -0500
|
||||
Subject: cpu hotplug: Document why PREEMPT_RT uses a spinlock
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.20-rt16.tar.xz
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.30-rt20.tar.xz
|
||||
|
||||
The patch:
|
||||
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
Subject: cpu: Make hotplug.lock a "sleeping" spinlock on RT
|
||||
From: Steven Rostedt <rostedt@goodmis.org>
|
||||
Date: Fri, 02 Mar 2012 10:36:57 -0500
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.20-rt16.tar.xz
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.30-rt20.tar.xz
|
||||
|
||||
Tasks can block on hotplug.lock in pin_current_cpu(), but their state
|
||||
might be != RUNNING. So the mutex wakeup will set the state
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
From: Steven Rostedt <srostedt@redhat.com>
|
||||
Date: Mon, 16 Jul 2012 08:07:43 +0000
|
||||
Subject: cpu/rt: Rework cpu down for PREEMPT_RT
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.20-rt16.tar.xz
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.30-rt20.tar.xz
|
||||
|
||||
Bringing a CPU down is a pain with the PREEMPT_RT kernel because
|
||||
tasks can be preempted in many more places than in non-RT. In
|
||||
|
@ -57,7 +57,7 @@ Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
|
|||
|
||||
--- a/include/linux/sched.h
|
||||
+++ b/include/linux/sched.h
|
||||
@@ -2474,6 +2474,10 @@ extern void do_set_cpus_allowed(struct t
|
||||
@@ -2480,6 +2480,10 @@ extern void do_set_cpus_allowed(struct t
|
||||
|
||||
extern int set_cpus_allowed_ptr(struct task_struct *p,
|
||||
const struct cpumask *new_mask);
|
||||
|
@ -68,7 +68,7 @@ Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
|
|||
#else
|
||||
static inline void do_set_cpus_allowed(struct task_struct *p,
|
||||
const struct cpumask *new_mask)
|
||||
@@ -2486,6 +2490,9 @@ static inline int set_cpus_allowed_ptr(s
|
||||
@@ -2492,6 +2496,9 @@ static inline int set_cpus_allowed_ptr(s
|
||||
return -EINVAL;
|
||||
return 0;
|
||||
}
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
From: Steven Rostedt <rostedt@goodmis.org>
|
||||
Date: Tue, 4 Mar 2014 12:28:32 -0500
|
||||
Subject: cpu_chill: Add a UNINTERRUPTIBLE hrtimer_nanosleep
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.20-rt16.tar.xz
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.30-rt20.tar.xz
|
||||
|
||||
We hit another bug that was caused by switching cpu_chill() from
|
||||
msleep() to hrtimer_nanosleep().
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
From: Tiejun Chen <tiejun.chen@windriver.com>
|
||||
Subject: cpu_down: move migrate_enable() back
|
||||
Date: Thu, 7 Nov 2013 10:06:07 +0800
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.20-rt16.tar.xz
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.30-rt20.tar.xz
|
||||
|
||||
Commit 08c1ab68, "hotplug-use-migrate-disable.patch", intends to
|
||||
use migrate_enable()/migrate_disable() to replace that combination
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
From: Sebastian Andrzej Siewior <bigeasy@linutronix.de>
|
||||
Date: Thu, 9 Apr 2015 15:23:01 +0200
|
||||
Subject: cpufreq: drop K8's driver from beeing selected
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.20-rt16.tar.xz
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.30-rt20.tar.xz
|
||||
|
||||
Ralf posted a picture of a backtrace from
|
||||
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
Subject: cpumask: Disable CONFIG_CPUMASK_OFFSTACK for RT
|
||||
From: Thomas Gleixner <tglx@linutronix.de>
|
||||
Date: Wed, 14 Dec 2011 01:03:49 +0100
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.20-rt16.tar.xz
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.30-rt20.tar.xz
|
||||
|
||||
There are "valid" GFP_ATOMIC allocations such as
|
||||
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
From: Mike Galbraith <efault@gmx.de>
|
||||
Date: Sun, 8 Jan 2017 09:32:25 +0100
|
||||
Subject: [PATCH] cpuset: Convert callback_lock to raw_spinlock_t
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.20-rt16.tar.xz
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.30-rt20.tar.xz
|
||||
|
||||
The two commits below add up to a cpuset might_sleep() splat for RT:
|
||||
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
From: Sebastian Andrzej Siewior <bigeasy@linutronix.de>
|
||||
Date: Fri, 21 Feb 2014 17:24:04 +0100
|
||||
Subject: crypto: Reduce preempt disabled regions, more algos
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.20-rt16.tar.xz
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.30-rt20.tar.xz
|
||||
|
||||
Don Estabrook reported
|
||||
| kernel: WARNING: CPU: 2 PID: 858 at kernel/sched/core.c:2428 migrate_disable+0xed/0x100()
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
Subject: debugobjects: Make RT aware
|
||||
From: Thomas Gleixner <tglx@linutronix.de>
|
||||
Date: Sun, 17 Jul 2011 21:41:35 +0200
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.20-rt16.tar.xz
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.30-rt20.tar.xz
|
||||
|
||||
Avoid filling the pool / allocating memory with irqs off().
|
||||
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
Subject: dm: Make rt aware
|
||||
From: Thomas Gleixner <tglx@linutronix.de>
|
||||
Date: Mon, 14 Nov 2011 23:06:09 +0100
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.20-rt16.tar.xz
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.30-rt20.tar.xz
|
||||
|
||||
Use the BUG_ON_NORT variant for the irq_disabled() checks. RT has
|
||||
interrupts legitimately enabled here as we cant deadlock against the
|
||||
|
|
|
@ -2,14 +2,13 @@ From: Mike Galbraith <umgwanakikbuti@gmail.com>
|
|||
Date: Thu, 31 Mar 2016 04:08:28 +0200
|
||||
Subject: [PATCH] drivers/block/zram: Replace bit spinlocks with rtmutex
|
||||
for -rt
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.20-rt16.tar.xz
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.30-rt20.tar.xz
|
||||
|
||||
They're nondeterministic, and lead to ___might_sleep() splats in -rt.
|
||||
OTOH, they're a lot less wasteful than an rtmutex per page.
|
||||
|
||||
Signed-off-by: Mike Galbraith <umgwanakikbuti@gmail.com>
|
||||
Signed-off-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de>
|
||||
[bwh: Adjust context for 4.9.24]
|
||||
---
|
||||
drivers/block/zram/zram_drv.c | 30 ++++++++++++++++--------------
|
||||
drivers/block/zram/zram_drv.h | 41 +++++++++++++++++++++++++++++++++++++++++
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
From: Ingo Molnar <mingo@elte.hu>
|
||||
Date: Fri, 3 Jul 2009 08:29:24 -0500
|
||||
Subject: drivers/net: Use disable_irq_nosync() in 8139too
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.20-rt16.tar.xz
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.30-rt20.tar.xz
|
||||
|
||||
Use disable_irq_nosync() instead of disable_irq() as this might be
|
||||
called in atomic context with netpoll.
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
From: Steven Rostedt <rostedt@goodmis.org>
|
||||
Date: Fri, 3 Jul 2009 08:30:00 -0500
|
||||
Subject: drivers/net: vortex fix locking issues
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.20-rt16.tar.xz
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.30-rt20.tar.xz
|
||||
|
||||
Argh, cut and paste wasn't enough...
|
||||
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
From: Ingo Molnar <mingo@elte.hu>
|
||||
Date: Fri, 3 Jul 2009 08:29:30 -0500
|
||||
Subject: drivers: random: Reduce preempt disabled region
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.20-rt16.tar.xz
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.30-rt20.tar.xz
|
||||
|
||||
No need to keep preemption disabled across the whole function.
|
||||
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
Subject: tty/serial/omap: Make the locking RT aware
|
||||
From: Thomas Gleixner <tglx@linutronix.de>
|
||||
Date: Thu, 28 Jul 2011 13:32:57 +0200
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.20-rt16.tar.xz
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.30-rt20.tar.xz
|
||||
|
||||
The lock is a sleeping lock and local_irq_save() is not the
|
||||
optimsation we are looking for. Redo it to make it work on -RT and
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
Subject: tty/serial/pl011: Make the locking work on RT
|
||||
From: Thomas Gleixner <tglx@linutronix.de>
|
||||
Date: Tue, 08 Jan 2013 21:36:51 +0100
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.20-rt16.tar.xz
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.30-rt20.tar.xz
|
||||
|
||||
The lock is a sleeping lock and local_irq_save() is not the optimsation
|
||||
we are looking for. Redo it to make it work on -RT and non-RT.
|
||||
|
|
|
@ -2,7 +2,7 @@ From: Mike Galbraith <umgwanakikbuti@gmail.com>
|
|||
Date: Thu, 20 Oct 2016 11:15:22 +0200
|
||||
Subject: [PATCH] drivers/zram: Don't disable preemption in
|
||||
zcomp_stream_get/put()
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.20-rt16.tar.xz
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.30-rt20.tar.xz
|
||||
|
||||
In v4.7, the driver switched to percpu compression streams, disabling
|
||||
preemption via get/put_cpu_ptr(). Use a per-zcomp_strm lock here. We
|
||||
|
@ -13,7 +13,6 @@ zram_bvec_write().
|
|||
Signed-off-by: Mike Galbraith <umgwanakikbuti@gmail.com>
|
||||
[bigeasy: get_locked_var() -> per zcomp_strm lock]
|
||||
Signed-off-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de>
|
||||
[bwh: Adjust context for 4.9.24]
|
||||
---
|
||||
drivers/block/zram/zcomp.c | 12 ++++++++++--
|
||||
drivers/block/zram/zcomp.h | 1 +
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
From: Sebastian Andrzej Siewior <bigeasy@linutronix.de>
|
||||
Date: Thu, 25 Apr 2013 18:12:52 +0200
|
||||
Subject: drm/i915: drop trace_i915_gem_ring_dispatch on rt
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.20-rt16.tar.xz
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.30-rt20.tar.xz
|
||||
|
||||
This tracepoint is responsible for:
|
||||
|
||||
|
@ -47,7 +47,7 @@ Signed-off-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de>
|
|||
|
||||
--- a/drivers/gpu/drm/i915/i915_gem_execbuffer.c
|
||||
+++ b/drivers/gpu/drm/i915/i915_gem_execbuffer.c
|
||||
@@ -1537,7 +1537,9 @@ execbuf_submit(struct i915_execbuffer_pa
|
||||
@@ -1489,7 +1489,9 @@ execbuf_submit(struct i915_execbuffer_pa
|
||||
if (ret)
|
||||
return ret;
|
||||
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
Subject: drm,i915: Use local_lock/unlock_irq() in intel_pipe_update_start/end()
|
||||
From: Mike Galbraith <umgwanakikbuti@gmail.com>
|
||||
Date: Sat, 27 Feb 2016 09:01:42 +0100
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.20-rt16.tar.xz
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.30-rt20.tar.xz
|
||||
|
||||
|
||||
[ 8.014039] BUG: sleeping function called from invalid context at kernel/locking/rtmutex.c:918
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
Subject: drm,radeon,i915: Use preempt_disable/enable_rt() where recommended
|
||||
From: Mike Galbraith <umgwanakikbuti@gmail.com>
|
||||
Date: Sat, 27 Feb 2016 08:09:11 +0100
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.20-rt16.tar.xz
|
||||
Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.9/older/patches-4.9.30-rt20.tar.xz
|
||||
|
||||
DRM folks identified the spots, so use them.
|
||||
|
||||
|
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue