diff options
author | Sebastian Andrzej Siewior <bigeasy@linutronix.de> | 2020-04-16 18:20:58 +0200 |
---|---|---|
committer | Sebastian Andrzej Siewior <bigeasy@linutronix.de> | 2020-04-16 18:20:58 +0200 |
commit | 711ad85581a8ec1168c338f8aa681e1d2cf2cbd3 (patch) | |
tree | c135cc3c2fe1a6110fcea576387b9fb5f1d6fff2 | |
parent | df20ab0b229bbd18d11709245b9c9958b69e5aeb (diff) | |
download | linux-rt-711ad85581a8ec1168c338f8aa681e1d2cf2cbd3.tar.gz |
[ANNOUNCE] v5.6.4-rt3v5.6.4-rt3-patches
Dear RT folks!
I'm pleased to announce the v5.6.4-rt3 patch set.
Changes since v5.6.4-rt2:
- The printk thread could schedule where it is not appropriate.
Affects only PREEMPT_VOLUNTARY. Reported by kernel test robot,
patched by John Ogness.
- The initialization of nohz_full_kick_work triggered a warning.
Reported by kbuild test robot.
- Patch by patch compilation could fail to compile in the fs/proc due
to a missing header file. Reported by kbuild test robot.
- The cached signal struct could lead to a double free of another data
structure. Reported by Daniel Wagner, patch by Matt Fleming.
Known issues
- It has been pointed out that due to changes to the printk code the
internal buffer representation changed. This is only an issue if tools
like `crash' are used to extract the printk buffer from a kernel memory
image.
The delta patch against v5.6.4-rt2 is appended below and can be found here:
https://cdn.kernel.org/pub/linux/kernel/projects/rt/5.6/incr/patch-5.6.4-rt2-rt3.patch.xz
You can get this release via the git tree at:
git://git.kernel.org/pub/scm/linux/kernel/git/rt/linux-rt-devel.git v5.6.4-rt3
The RT patch against v5.6.4 can be found here:
https://cdn.kernel.org/pub/linux/kernel/projects/rt/5.6/older/patch-5.6.4-rt3.patch.xz
The split quilt queue is available at:
https://cdn.kernel.org/pub/linux/kernel/projects/rt/5.6/older/patches-5.6.4-rt3.tar.xz
Sebastian
Signed-off-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de>
19 files changed, 169 insertions, 29 deletions
diff --git a/patches/0011-printk_safe-remove-printk-safe-code.patch b/patches/0011-printk_safe-remove-printk-safe-code.patch index c44fea4c387d..dfc9c076bd1d 100644 --- a/patches/0011-printk_safe-remove-printk-safe-code.patch +++ b/patches/0011-printk_safe-remove-printk-safe-code.patch @@ -240,7 +240,7 @@ Signed-off-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de> asmlinkage int vprintk(const char *fmt, va_list args) { return vprintk_func(fmt, args); -@@ -3211,5 +3209,4 @@ void kmsg_dump_rewind(struct kmsg_dumper +@@ -3212,5 +3210,4 @@ void kmsg_dump_rewind(struct kmsg_dumper logbuf_unlock_irqrestore(flags); } EXPORT_SYMBOL_GPL(kmsg_dump_rewind); diff --git a/patches/0013-printk-track-seq-per-console.patch b/patches/0013-printk-track-seq-per-console.patch index 7c81d6d21271..8e203fa0f3a9 100644 --- a/patches/0013-printk-track-seq-per-console.patch +++ b/patches/0013-printk-track-seq-per-console.patch @@ -79,10 +79,10 @@ Signed-off-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de> const char *text, size_t len) {} static size_t msg_print_text(const struct printk_log *msg, bool syslog, bool time, char *buf, size_t size) { return 0; } -@@ -2550,8 +2573,9 @@ static int printk_kthread_func(void *dat - &len, printk_time); +@@ -2551,8 +2574,9 @@ static int printk_kthread_func(void *dat console_lock(); + console_may_schedule = 0; + call_console_drivers(master_seq, ext_text, + ext_len, text, len); if (len > 0 || ext_len > 0) { diff --git a/patches/0014-printk-do-boot_delay_msec-inside-printk_delay.patch b/patches/0014-printk-do-boot_delay_msec-inside-printk_delay.patch index 0a12b5135740..fd5d1b9f7086 100644 --- a/patches/0014-printk-do-boot_delay_msec-inside-printk_delay.patch +++ b/patches/0014-printk-do-boot_delay_msec-inside-printk_delay.patch @@ -56,8 +56,8 @@ Signed-off-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de> static inline u32 printk_caller_id(void) { return in_task() ? task_pid_nr(current) : -@@ -2575,10 +2576,8 @@ static int printk_kthread_func(void *dat - console_lock(); +@@ -2576,10 +2577,8 @@ static int printk_kthread_func(void *dat + console_may_schedule = 0; call_console_drivers(master_seq, ext_text, ext_len, text, len); - if (len > 0 || ext_len > 0) { diff --git a/patches/0018-console-add-write_atomic-interface.patch b/patches/0018-console-add-write_atomic-interface.patch index 9f8343500b8a..c4c6a2b2f077 100644 --- a/patches/0018-console-add-write_atomic-interface.patch +++ b/patches/0018-console-add-write_atomic-interface.patch @@ -46,7 +46,7 @@ Signed-off-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de> #endif /* _LINUX_CONSOLE_H */ --- a/kernel/printk/printk.c +++ b/kernel/printk/printk.c -@@ -3044,3 +3044,15 @@ void kmsg_dump_rewind(struct kmsg_dumper +@@ -3045,3 +3045,15 @@ void kmsg_dump_rewind(struct kmsg_dumper } EXPORT_SYMBOL_GPL(kmsg_dump_rewind); #endif diff --git a/patches/0019-printk-introduce-emergency-messages.patch b/patches/0019-printk-introduce-emergency-messages.patch index 21e12d3a7fec..603037a620d9 100644 --- a/patches/0019-printk-introduce-emergency-messages.patch +++ b/patches/0019-printk-introduce-emergency-messages.patch @@ -158,16 +158,16 @@ Signed-off-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de> static size_t msg_print_text(const struct printk_log *msg, bool syslog, bool time, char *buf, size_t size) { return 0; } static bool suppress_message_printing(int level) { return false; } -@@ -2639,7 +2668,7 @@ static int printk_kthread_func(void *dat - +@@ -2640,7 +2669,7 @@ static int printk_kthread_func(void *dat console_lock(); + console_may_schedule = 0; call_console_drivers(master_seq, ext_text, - ext_len, text, len); + ext_len, text, len, msg->level); if (len > 0 || ext_len > 0) printk_delay(msg->level); console_unlock(); -@@ -3043,6 +3072,76 @@ void kmsg_dump_rewind(struct kmsg_dumper +@@ -3044,6 +3073,76 @@ void kmsg_dump_rewind(struct kmsg_dumper logbuf_unlock_irqrestore(flags); } EXPORT_SYMBOL_GPL(kmsg_dump_rewind); diff --git a/patches/0024-printk-implement-kmsg_dump.patch b/patches/0024-printk-implement-kmsg_dump.patch index 4de0076408f1..1255d288a70c 100644 --- a/patches/0024-printk-implement-kmsg_dump.patch +++ b/patches/0024-printk-implement-kmsg_dump.patch @@ -94,7 +94,7 @@ Signed-off-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de> static char *log_text(const struct printk_log *msg) { return NULL; } static char *log_dict(const struct printk_log *msg) { return NULL; } static struct printk_log *log_from_idx(u32 idx) { return NULL; } -@@ -3032,7 +2998,6 @@ module_param_named(always_kmsg_dump, alw +@@ -3033,7 +2999,6 @@ module_param_named(always_kmsg_dump, alw void kmsg_dump(enum kmsg_dump_reason reason) { struct kmsg_dumper *dumper; @@ -102,7 +102,7 @@ Signed-off-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de> if ((reason > KMSG_DUMP_OOPS) && !always_kmsg_dump) return; -@@ -3045,12 +3010,7 @@ void kmsg_dump(enum kmsg_dump_reason rea +@@ -3046,12 +3011,7 @@ void kmsg_dump(enum kmsg_dump_reason rea /* initialize iterator with data about the stored records */ dumper->active = true; @@ -116,7 +116,7 @@ Signed-off-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de> /* invoke dumper which will iterate over records */ dumper->dump(dumper, reason); -@@ -3083,33 +3043,67 @@ void kmsg_dump(enum kmsg_dump_reason rea +@@ -3084,33 +3044,67 @@ void kmsg_dump(enum kmsg_dump_reason rea bool kmsg_dump_get_line_nolock(struct kmsg_dumper *dumper, bool syslog, char *line, size_t size, size_t *len) { @@ -199,7 +199,7 @@ Signed-off-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de> } /** -@@ -3132,12 +3126,11 @@ bool kmsg_dump_get_line_nolock(struct km +@@ -3133,12 +3127,11 @@ bool kmsg_dump_get_line_nolock(struct km bool kmsg_dump_get_line(struct kmsg_dumper *dumper, bool syslog, char *line, size_t size, size_t *len) { @@ -214,7 +214,7 @@ Signed-off-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de> return ret; } -@@ -3165,74 +3158,101 @@ EXPORT_SYMBOL_GPL(kmsg_dump_get_line); +@@ -3166,74 +3159,101 @@ EXPORT_SYMBOL_GPL(kmsg_dump_get_line); bool kmsg_dump_get_buffer(struct kmsg_dumper *dumper, bool syslog, char *buf, size_t size, size_t *len) { @@ -368,7 +368,7 @@ Signed-off-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de> } EXPORT_SYMBOL_GPL(kmsg_dump_get_buffer); -@@ -3248,10 +3268,8 @@ EXPORT_SYMBOL_GPL(kmsg_dump_get_buffer); +@@ -3249,10 +3269,8 @@ EXPORT_SYMBOL_GPL(kmsg_dump_get_buffer); */ void kmsg_dump_rewind_nolock(struct kmsg_dumper *dumper) { @@ -381,7 +381,7 @@ Signed-off-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de> } /** -@@ -3264,11 +3282,9 @@ void kmsg_dump_rewind_nolock(struct kmsg +@@ -3265,11 +3283,9 @@ void kmsg_dump_rewind_nolock(struct kmsg */ void kmsg_dump_rewind(struct kmsg_dumper *dumper) { diff --git a/patches/0025-printk-remove-unused-code.patch b/patches/0025-printk-remove-unused-code.patch index 82946296179f..0fe3538e8348 100644 --- a/patches/0025-printk-remove-unused-code.patch +++ b/patches/0025-printk-remove-unused-code.patch @@ -308,7 +308,7 @@ Signed-off-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de> static int printk_kthread_func(void *data) { struct prb_iterator iter; -@@ -2860,22 +2742,9 @@ static int __init init_printk_kthread(vo +@@ -2861,22 +2743,9 @@ static int __init init_printk_kthread(vo } late_initcall(init_printk_kthread); diff --git a/patches/fs-dcache-Include-swait.h-header.patch b/patches/fs-dcache-Include-swait.h-header.patch new file mode 100644 index 000000000000..c219a8e3e254 --- /dev/null +++ b/patches/fs-dcache-Include-swait.h-header.patch @@ -0,0 +1,23 @@ +From: Sebastian Andrzej Siewior <bigeasy@linutronix.de> +Date: Thu, 16 Apr 2020 12:42:15 +0200 +Subject: [PATCH] fs/dcache: Include swait.h header + +Include the swait.h header so it compiles even if not all patches are +applied. + +Reported-by: kbuild test robot <lkp@intel.com> +Signed-off-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de> +--- + fs/proc/base.c | 1 + + 1 file changed, 1 insertion(+) + +--- a/fs/proc/base.c ++++ b/fs/proc/base.c +@@ -96,6 +96,7 @@ + #include <linux/posix-timers.h> + #include <linux/time_namespace.h> + #include <linux/resctrl.h> ++#include <linux/swait.h> + #include <trace/events/oom.h> + #include "internal.h" + #include "fd.h" diff --git a/patches/fs-dcache-use-swait_queue-instead-of-waitqueue.patch b/patches/fs-dcache-use-swait_queue-instead-of-waitqueue.patch index 5a8437006e7c..444aa0ecc54b 100644 --- a/patches/fs-dcache-use-swait_queue-instead-of-waitqueue.patch +++ b/patches/fs-dcache-use-swait_queue-instead-of-waitqueue.patch @@ -163,7 +163,7 @@ Signed-off-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de> spin_lock(&dentry->d_lock); --- a/fs/proc/base.c +++ b/fs/proc/base.c -@@ -1982,7 +1982,7 @@ bool proc_fill_cache(struct file *file, +@@ -1983,7 +1983,7 @@ bool proc_fill_cache(struct file *file, child = d_hash_and_lookup(dir, &qname); if (!child) { diff --git a/patches/localversion.patch b/patches/localversion.patch index 279489a1d145..e36eb4b6666a 100644 --- a/patches/localversion.patch +++ b/patches/localversion.patch @@ -10,4 +10,4 @@ Signed-off-by: Thomas Gleixner <tglx@linutronix.de> --- /dev/null +++ b/localversion-rt @@ -0,0 +1 @@ -+-rt2 ++-rt3 diff --git a/patches/printk-console-must-not-schedule-for-drivers.patch b/patches/printk-console-must-not-schedule-for-drivers.patch new file mode 100644 index 000000000000..5b49f04a9439 --- /dev/null +++ b/patches/printk-console-must-not-schedule-for-drivers.patch @@ -0,0 +1,44 @@ +From: John Ogness <john.ogness@linutronix.de> +Date: Mon, 6 Apr 2020 23:22:17 +0200 +Subject: [PATCH] printk: console must not schedule for drivers + +Even though the printk kthread is always preemptible, it is still not +allowed to call cond_resched() from within console drivers. The +task may become non-preemptible in the console driver call chain. For +example, vt_console_print() takes a spinlock and then can call into +fbcon_redraw(), which can conditionally invoke cond_resched(): + +|BUG: sleeping function called from invalid context at kernel/printk/printk.c:2322 +|in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 177, name: printk +|CPU: 0 PID: 177 Comm: printk Not tainted 5.6.2-00011-ga536059557f1d9 #1 +|Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 +|Call Trace: +| dump_stack+0x66/0x8b +| ___might_sleep+0x102/0x120 +| console_conditional_schedule+0x24/0x30 +| fbcon_redraw+0x96/0x1c0 +| fbcon_scroll+0x556/0xd70 +| con_scroll+0x147/0x1e0 +| lf+0x9e/0xb0 +| vt_console_print+0x253/0x3d0 +| printk_kthread_func+0x1d5/0x3b0 + +Disable cond_resched() for the call into the console drivers. + +Reported-by: kernel test robot <rong.a.chen@intel.com> +Signed-off-by: John Ogness <john.ogness@linutronix.de> +Signed-off-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de> +--- + kernel/printk/printk.c | 1 + + 1 file changed, 1 insertion(+) + +--- a/kernel/printk/printk.c ++++ b/kernel/printk/printk.c +@@ -3028,6 +3028,7 @@ static int printk_kthread_func(void *dat + &len, printk_time); + + console_lock(); ++ console_may_schedule = 0; + if (len > 0 || ext_len > 0) { + call_console_drivers(ext_text, ext_len, text, len); + boot_delay_msec(msg->level); diff --git a/patches/printk-hack-out-emergency-loglevel-usage.patch b/patches/printk-hack-out-emergency-loglevel-usage.patch index 71cd11d5d722..4c4940f55df4 100644 --- a/patches/printk-hack-out-emergency-loglevel-usage.patch +++ b/patches/printk-hack-out-emergency-loglevel-usage.patch @@ -32,7 +32,7 @@ Signed-off-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de> if (con->printk_seq < seq) con->printk_seq = seq; continue; -@@ -3171,7 +3164,7 @@ static bool console_can_emergency(int le +@@ -3172,7 +3165,7 @@ static bool console_can_emergency(int le for_each_console(con) { if (!(con->flags & CON_ENABLED)) continue; @@ -41,7 +41,7 @@ Signed-off-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de> return true; if (con->write && (con->flags & CON_BOOT)) return true; -@@ -3187,7 +3180,7 @@ static void call_emergency_console_drive +@@ -3188,7 +3181,7 @@ static void call_emergency_console_drive for_each_console(con) { if (!(con->flags & CON_ENABLED)) continue; diff --git a/patches/printk-handle-iterating-while-buffer-changing.patch b/patches/printk-handle-iterating-while-buffer-changing.patch index 1ce4ccb6b6a3..02296a85a8c0 100644 --- a/patches/printk-handle-iterating-while-buffer-changing.patch +++ b/patches/printk-handle-iterating-while-buffer-changing.patch @@ -32,7 +32,7 @@ Signed-off-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de> if (copy_to_user(buf + len, text, textlen)) len = -EFAULT; else -@@ -3085,7 +3088,7 @@ bool kmsg_dump_get_buffer(struct kmsg_du +@@ -3086,7 +3089,7 @@ bool kmsg_dump_get_buffer(struct kmsg_du ret = prb_iter_next(&iter, msgbuf, PRINTK_RECORD_MAX, &seq); if (ret == 0) { break; diff --git a/patches/printk-kmsg_dump-remove-mutex-usage.patch b/patches/printk-kmsg_dump-remove-mutex-usage.patch index 6fa6ca680de9..5527315069e3 100644 --- a/patches/printk-kmsg_dump-remove-mutex-usage.patch +++ b/patches/printk-kmsg_dump-remove-mutex-usage.patch @@ -28,7 +28,7 @@ Signed-off-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de> /* the next printk record to read after the last 'clear' command */ static u64 clear_seq; -@@ -2877,6 +2875,7 @@ module_param_named(always_kmsg_dump, alw +@@ -2878,6 +2876,7 @@ module_param_named(always_kmsg_dump, alw */ void kmsg_dump(enum kmsg_dump_reason reason) { @@ -36,7 +36,7 @@ Signed-off-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de> struct kmsg_dumper *dumper; if ((reason > KMSG_DUMP_OOPS) && !always_kmsg_dump) -@@ -2887,16 +2886,18 @@ void kmsg_dump(enum kmsg_dump_reason rea +@@ -2888,16 +2887,18 @@ void kmsg_dump(enum kmsg_dump_reason rea if (dumper->max_reason && reason > dumper->max_reason) continue; @@ -62,7 +62,7 @@ Signed-off-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de> } rcu_read_unlock(); } -@@ -3008,9 +3009,7 @@ bool kmsg_dump_get_line(struct kmsg_dump +@@ -3009,9 +3010,7 @@ bool kmsg_dump_get_line(struct kmsg_dump { bool ret; @@ -72,7 +72,7 @@ Signed-off-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de> return ret; } -@@ -3162,9 +3161,7 @@ void kmsg_dump_rewind_nolock(struct kmsg +@@ -3163,9 +3162,7 @@ void kmsg_dump_rewind_nolock(struct kmsg */ void kmsg_dump_rewind(struct kmsg_dumper *dumper) { diff --git a/patches/printk-only-allow-kernel-to-emergency-message.patch b/patches/printk-only-allow-kernel-to-emergency-message.patch index 396335cd4945..87e355ff2d93 100644 --- a/patches/printk-only-allow-kernel-to-emergency-message.patch +++ b/patches/printk-only-allow-kernel-to-emergency-message.patch @@ -54,10 +54,10 @@ Signed-off-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de> if ((lflags & LOG_CONT) || !(lflags & LOG_NEWLINE)) { cont_add(ctx, cpu, caller_id, facility, level, lflags, text, text_len); -@@ -2715,8 +2720,8 @@ static int printk_kthread_func(void *dat - &len, printk_time); +@@ -2716,8 +2721,8 @@ static int printk_kthread_func(void *dat console_lock(); + console_may_schedule = 0; - call_console_drivers(master_seq, ext_text, - ext_len, text, len, msg->level); + call_console_drivers(master_seq, ext_text, ext_len, text, len, diff --git a/patches/printk-set-deferred-to-default-loglevel-enforce-mask.patch b/patches/printk-set-deferred-to-default-loglevel-enforce-mask.patch index 5942464ff319..9d6b7840de6a 100644 --- a/patches/printk-set-deferred-to-default-loglevel-enforce-mask.patch +++ b/patches/printk-set-deferred-to-default-loglevel-enforce-mask.patch @@ -27,7 +27,7 @@ Signed-off-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de> if ((lflags & LOG_CONT) || !(lflags & LOG_NEWLINE)) { cont_add(ctx, cpu, caller_id, facility, level, lflags, text, text_len); -@@ -2744,7 +2744,7 @@ late_initcall(init_printk_kthread); +@@ -2745,7 +2745,7 @@ late_initcall(init_printk_kthread); static int vprintk_deferred(const char *fmt, va_list args) { diff --git a/patches/series b/patches/series index 7dc62ce3232f..3ea0bb029820 100644 --- a/patches/series +++ b/patches/series @@ -26,6 +26,7 @@ time-sched_clock-Expire-timer-in-hardirq-context.patch 0007-printk-rb-add-functionality-required-by-printk.patch 0008-printk-add-ring-buffer-and-kthread.patch 0009-printk-remove-exclusive-console-hack.patch +printk-console-must-not-schedule-for-drivers.patch 0010-printk-redirect-emit-store-to-new-ringbuffer.patch 0011-printk_safe-remove-printk-safe-code.patch 0012-printk-minimize-console-locking-implementation.patch @@ -198,6 +199,7 @@ list_bl.h-make-list-head-locking-RT-safe.patch # Check .... (these are needed due to the previous list_bl change) fscache-initialize-cookie-hash-table-raw-spinlocks.patch fs-dcache-bring-back-explicit-INIT_HLIST_BL_HEAD-in.patch +fs-dcache-Include-swait.h-header.patch fs-dcache-use-swait_queue-instead-of-waitqueue.patch ############################################################ @@ -392,6 +394,7 @@ net-dev-always-take-qdisc-s-busylock-in-__dev_xmit_s.patch # irqwork # Revisit irqwork-push_most_work_into_softirq_context.patch +time-Properly-initialize-nohz_full_kick_work.patch # crypto drivers # Revisit @@ -503,6 +506,7 @@ tpm_tis-fix-stall-after-iowrite-s.patch # Postpone signals-allow-rt-tasks-to-cache-one-sigqueue-struct.patch +signal-Prevent-double-free-of-user-struct.patch genirq-disable-irqpoll-on-rt.patch # SYSFS - RT indicator diff --git a/patches/signal-Prevent-double-free-of-user-struct.patch b/patches/signal-Prevent-double-free-of-user-struct.patch new file mode 100644 index 000000000000..a2fe81c873d9 --- /dev/null +++ b/patches/signal-Prevent-double-free-of-user-struct.patch @@ -0,0 +1,45 @@ +From: Matt Fleming <matt@codeblueprint.co.uk> +Date: Tue, 7 Apr 2020 10:54:13 +0100 +Subject: [PATCH] signal: Prevent double-free of user struct + +The way user struct reference counting works changed significantly with, + + fda31c50292a ("signal: avoid double atomic counter increments for user accounting") + +Now user structs are only freed once the last pending signal is +dequeued. Make sigqueue_free_current() follow this new convention to +avoid freeing the user struct multiple times and triggering this +warning: + + refcount_t: underflow; use-after-free. + WARNING: CPU: 0 PID: 6794 at lib/refcount.c:288 refcount_dec_not_one+0x45/0x50 + Call Trace: + refcount_dec_and_lock_irqsave+0x16/0x60 + free_uid+0x31/0xa0 + __dequeue_signal+0x17c/0x190 + dequeue_signal+0x5a/0x1b0 + do_sigtimedwait+0x208/0x250 + __x64_sys_rt_sigtimedwait+0x6f/0xd0 + do_syscall_64+0x72/0x200 + entry_SYSCALL_64_after_hwframe+0x49/0xbe + +Signed-off-by: Matt Fleming <matt@codeblueprint.co.uk> +Reported-by: Daniel Wagner <wagi@monom.org> +Signed-off-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de> +--- + kernel/signal.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +--- a/kernel/signal.c ++++ b/kernel/signal.c +@@ -494,8 +494,8 @@ static void sigqueue_free_current(struct + + up = q->user; + if (rt_prio(current->normal_prio) && !put_task_cache(current, q)) { +- atomic_dec(&up->sigpending); +- free_uid(up); ++ if (atomic_dec_and_test(&up->sigpending)) ++ free_uid(up); + } else + __sigqueue_free(q); + } diff --git a/patches/time-Properly-initialize-nohz_full_kick_work.patch b/patches/time-Properly-initialize-nohz_full_kick_work.patch new file mode 100644 index 000000000000..60e34fc5ae58 --- /dev/null +++ b/patches/time-Properly-initialize-nohz_full_kick_work.patch @@ -0,0 +1,24 @@ +From: Sebastian Andrzej Siewior <bigeasy@linutronix.de> +Date: Thu, 16 Apr 2020 11:37:51 +0200 +Subject: [PATCH] time: Properly initialize nohz_full_kick_work + +The ->flags member is of atomic_t type, use the proper initialisation +method. + +Reported-by: kbuild test robot <lkp@intel.com> +Signed-off-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de> +--- + kernel/time/tick-sched.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/kernel/time/tick-sched.c ++++ b/kernel/time/tick-sched.c +@@ -245,7 +245,7 @@ static void nohz_full_kick_func(struct i + + static DEFINE_PER_CPU(struct irq_work, nohz_full_kick_work) = { + .func = nohz_full_kick_func, +- .flags = IRQ_WORK_HARD_IRQ, ++ .flags = ATOMIC_INIT(IRQ_WORK_HARD_IRQ), + }; + + /* |