| Age | Commit message (Collapse) | Author |
|---|
|
This is the 5.15.161 stable release
# -----BEGIN PGP SIGNATURE-----
#
# iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAmZuzxsACgkQONu9yGCS
# aT5CsA/+Mg/+90PCIhz6IEG2Mg37TVNHlnYkHUGugnxt2KoV3LEdkfLFC22HVb+v
# QaBE+/+jU/1mNh4+LQAk5cMBdYfBbunr3e9nDPTtkbVmqsyg/wxgXhRByrL+7FWX
# g+UphmMj8QmL9pWxpTLx9p//J3yptCX/2vSABpd64WEJkET1JSHnmCy8WBWUKVZm
# iIOlA1HfIIQH9RFzHpDD02YzCjWmmTL9dLveqETVKSoGp0dHRk74WValz4yBwutV
# 602JAXGnICg7MEse9E4Y7Ikp1rx9Qxk2fdaKA2yZF0yRIpcEXYQPhGGcLaMyDYS4
# /SshWh0yshIaMAUPZ89dV902V69K8AlOe4FGjlOMGfhsKXMP2w01jVAiMsUlIFhV
# fN3bsQNKHi1sO1CVxZp6JBqZwFmGJRheQd69VthCy1R5rgdqy8x/xI5Le4GVDGBz
# b6Fp+EIYnplJheLGTAGdM5cCMa6s0ogItDwDdtCSQlsnvehCODfUyuEY4jRVN8Vb
# XjNUegb8i7fGeQIMpO+v66WpnwG0mXSpM9X7Dmija8F9YuNPs/YU1VghnnZ3clM0
# kvVo9As1LFnq8/+s0t9hUa2X7RF1VweJVA8ckfkHBr92Y4Ulspo+NEhxGmHJyWAy
# 1CyRMw0cnuarmjxVmHUhUrsld7vzctYfOrkyUwTgWOoxwbc6x0A=
# =ma+c
# -----END PGP SIGNATURE-----
# gpg: Signature made Sun 16 Jun 2024 07:40:11 AM EDT
# gpg: using RSA key 647F28654894E3BD457199BE38DBBDC86092693E
# gpg: Can't check signature: No public key
|
|
[ Upstream commit 9e6727f824edcdb8fdd3e6e8a0862eb49546e1cd ]
No functional changes intended.
Fixes: f2298c0403b0 ("null_blk: multi queue aware block test driver")
Signed-off-by: Zhu Yanjun <yanjun.zhu@linux.dev>
Reviewed-by: Chaitanya Kulkarni <kch@nvidia.com>
Link: https://lore.kernel.org/r/20240506075538.6064-1-yanjun.zhu@linux.dev
Signed-off-by: Jens Axboe <axboe@kernel.dk>
Signed-off-by: Sasha Levin <sashal@kernel.org>
|
|
[ Upstream commit 07d1b99825f40f9c0d93e6b99d79a08d0717bac1 ]
When a mutex lock is not used any more, the function mutex_destroy
should be called to mark the mutex lock uninitialized.
Fixes: f2298c0403b0 ("null_blk: multi queue aware block test driver")
Signed-off-by: Zhu Yanjun <yanjun.zhu@linux.dev>
Link: https://lore.kernel.org/r/20240425171635.4227-1-yanjun.zhu@linux.dev
Signed-off-by: Jens Axboe <axboe@kernel.dk>
Signed-off-by: Sasha Levin <sashal@kernel.org>
|
|
Linux 5.15.153
# -----BEGIN PGP SIGNATURE-----
#
# iQIzBAABCgAdFiEE4n5dijQDou9mhzu83qZv95d3LNwFAmYDTp4ACgkQ3qZv95d3
# LNytng/+LA5JjTwpYPtEJVEdEo2RIAZHC8BXmgSVclP7nskYDQL+P70G3FdDvJQT
# DS90xLpuyrJsYVbro9dhJ7+nkc5c62043t46fZdOfSh4jqq1oj7TQ8HLLqnOzaqu
# 5/C5YSDDxqoiUsG8IgUg9qlBQATpKlD2/gEY7Vl6JL1xsatviCX5Slnrlm2MC6rZ
# Ojv3ROKOk9OHfdwRi9RYUvH+Q05Wh/bkv4ZGJwhlGb3YbuKeYHqiS1Bpvo9BVpG7
# 7kZPOFhhcJ2RZ2zdcCpwTMWgiTEZV4CtL8to0pHoDs2/wswv8arDMyE+LXr8iQIj
# XYyyLuDParb9lJzr5PgvN8CFlF2EktrycsaT0Jk4ekiUQsdq4bvyKpBkbv1HtPm1
# MpkH58xQf590A7k+wki0WQI8Q4oLmWCbzkdw2LIbojISa5Tza9ivq6pcMBaugRTY
# DXpphQuw9ScT35yrXdaPLnjc/PpNIjxqCcSvcewfOggfaU13kghfmaANiBvjLSJs
# R91tHo26P3I1li3YvI4dc5rq8AIJhFwvcqsQ6Uv7pkc1pR6H1viIBJMb68swRFL4
# 4imFR5gCLuoks8lIVcDLNNebnbmzu7Fhdh42asQMRajSDY/TqlSO7g+QiAd/nK/x
# GVV+RFxAvadYO2yQqdpKL68EOnhSl/b+t0T2EpKsPDSdEATsFdo=
# =KytE
# -----END PGP SIGNATURE-----
# gpg: Signature made Tue 26 Mar 2024 06:39:26 PM EDT
# gpg: using RSA key E27E5D8A3403A2EF66873BBCDEA66FF797772CDC
# gpg: Can't check signature: No public key
|
|
[ Upstream commit f98364e926626c678fb4b9004b75cacf92ff0662 ]
This patch is against CVE-2023-6270. The description of cve is:
A flaw was found in the ATA over Ethernet (AoE) driver in the Linux
kernel. The aoecmd_cfg_pkts() function improperly updates the refcnt on
`struct net_device`, and a use-after-free can be triggered by racing
between the free on the struct and the access through the `skbtxq`
global queue. This could lead to a denial of service condition or
potential code execution.
In aoecmd_cfg_pkts(), it always calls dev_put(ifp) when skb initial
code is finished. But the net_device ifp will still be used in
later tx()->dev_queue_xmit() in kthread. Which means that the
dev_put(ifp) should NOT be called in the success path of skb
initial code in aoecmd_cfg_pkts(). Otherwise tx() may run into
use-after-free because the net_device is freed.
This patch removed the dev_put(ifp) in the success path in
aoecmd_cfg_pkts(), and added dev_put() after skb xmit in tx().
Link: https://nvd.nist.gov/vuln/detail/CVE-2023-6270
Fixes: 7562f876cd93 ("[NET]: Rework dev_base via list_head (v3)")
Signed-off-by: Chun-Yi Lee <jlee@suse.com>
Link: https://lore.kernel.org/r/20240305082048.25526-1-jlee@suse.com
Signed-off-by: Jens Axboe <axboe@kernel.dk>
Signed-off-by: Sasha Levin <sashal@kernel.org>
|
|
[ Upstream commit 31edf4bbe0ba27fd03ac7d87eb2ee3d2a231af6d ]
nla_nest_start() may fail and return NULL. Insert a check and set errno
based on other call sites within the same source code.
Signed-off-by: Navid Emamdoost <navid.emamdoost@gmail.com>
Reviewed-by: Michal Kubecek <mkubecek@suse.cz>
Fixes: 47d902b90a32 ("nbd: add a status netlink command")
Signed-off-by: Kees Cook <keescook@chromium.org>
Link: https://lore.kernel.org/r/20240218042534.it.206-kees@kernel.org
Signed-off-by: Jens Axboe <axboe@kernel.dk>
Signed-off-by: Sasha Levin <sashal@kernel.org>
|
|
Historically we did distinguish between a flag that surpressed partition
scanning, and a combinations of the minors variable and another flag if
any partitions were supported. This was generally confusing and doesn't
make much sense, but some corner case uses of the loop driver actually
do want to support manually added partitions on a device that does not
actively scan for partitions. To make things worsee the loop driver
also wants to dynamically toggle the scanning for partitions on a live
gendisk, which makes the disk->flags updates non-atomic.
Introduce a new GD_SUPPRESS_PART_SCAN bit in disk->state that disables
just scanning for partitions, and toggle that instead of GENHD_FL_NO_PART
in the loop driver.
[bva: Notes for this backport:
- drop return code in disk_scan_partitions for GD_SUPPRESS_PART_SCAN.
The check doesn't strictly need ot be in this routine in 5.15, but
this faciliates future changes in this area, since there are
other checks in the same function.
- GD_SUPPRESS_PART_SCAN could go to genh.c, but genhd.c includes
blkdev.h, so we leave the new GD_SUPPRESS_PART_SCAN definition
in the same places as where it was introduced upstream to keep
the changes to a minimum
- upstream commit e16e506ccd673 merges blkdev_reread_part into
disk_scan_partitions. Backporting that change is more churn
than we need, so we also add the check for GD_SUPPRESS_PART_SCAN
into that routine to have the check hit in a 5.15 context.
]
Upstream-Status: Backport [commit b9684a71fca79]
Fixes: 1ebe2e5f9d68 ("block: remove GENHD_FL_EXT_DEVT")
Reported-by: Ming Lei <ming.lei@redhat.com>
Signed-off-by: Christoph Hellwig <hch@lst.de>
Reviewed-by: Ming Lei <ming.lei@redhat.com>
Link: https://lore.kernel.org/r/20220527055806.1972352-1-hch@lst.de
Signed-off-by: Jens Axboe <axboe@kernel.dk>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
This is the 5.15.150 stable release
# -----BEGIN PGP SIGNATURE-----
#
# iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAmXhyIMACgkQONu9yGCS
# aT5h3hAAjwfrpfkyZCFnYb5KWR06B1quaY2u0Tw5wKoLvtIhbnxBeNW0w+YuXr2p
# GV6Dlozx4RnRdnJFIs0R98APPgw7SY8QRfPTsr2xoMr96FUg6VFuZFv4HyRBbDac
# NqKOVQvWXGgC/56uGnw1IcewUcZtmT/QfwthEtfjfBzKdqJC0HnGhSGPDUeimw9k
# h9jghsdWYZB4ykMSz22VngsztJJ60t5EAlwEMueBQsQeRPODcvGE1va9Jlpgjw66
# D4e6+ZGosQP/f9lezvYiESV1dzSRUTpgyl8wky3hSoYQmSBMi6BHq2v6ECn9t2LK
# bVMVRzY+OK1AHXzkxHsb/QhHJfS4YNbHmFzpHVenf6I/VsFsxwtKeoT23PCeAMqh
# 72v2RnJNDCSdydb3iYKx8s7hpkWumPS4LS0EOEh64+gFo/+TfMyWqIeSJfGmyhx8
# 60DX4FLWjqymP96OU7UjbvnlBhGlL2OmoDzgxGaQ9jFH3Kfmx30yMY3RtIb3Qhic
# OiATTmRmRwICUYNskXn3e1jFVW/2a/aEEanCqEi2xBCzGMSzqeAw4hv9EIZOgVcE
# FC3a09HpR4G4xP57ZYcz4Dry9xs8HoJJrAQwUUJ6X7SqHZWaiSt92ZblebLeaAbH
# uo+PFmG7m9HSv/s66JB5+fW7H6RRnM+ozJ91Iy5N3T356n03N2o=
# =hhwy
# -----END PGP SIGNATURE-----
# gpg: Signature made Fri 01 Mar 2024 07:22:27 AM EST
# gpg: using RSA key 647F28654894E3BD457199BE38DBBDC86092693E
# gpg: Can't check signature: No public key
|
|
[ Upstream commit f12bc113ce904777fd6ca003b473b427782b3dde ]
If the index allocated by idr_alloc greater than MINORMASK >> part_shift,
the device number will overflow, resulting in failure to create a block
device.
Fix it by imiting the size of the max allocation.
Signed-off-by: Zhong Jinghua <zhongjinghua@huawei.com>
Reviewed-by: Christoph Hellwig <hch@lst.de>
Link: https://lore.kernel.org/r/20230605122159.2134384-1-zhongjinghua@huaweicloud.com
Signed-off-by: Jens Axboe <axboe@kernel.dk>
Signed-off-by: Sasha Levin <sashal@kernel.org>
|
|
[ Upstream commit 4ce6e2db00de8103a0687fb0f65fd17124a51aaa ]
Ensure no remaining requests in virtqueues before resetting vdev and
deleting virtqueues. Otherwise these requests will never be completed.
It may cause the system to become unresponsive.
Function blk_mq_quiesce_queue() can ensure that requests have become
in_flight status, but it cannot guarantee that requests have been
processed by the device. Virtqueues should never be deleted before
all requests become complete status.
Function blk_mq_freeze_queue() ensure that all requests in virtqueues
become complete status. And no requests can enter in virtqueues.
Signed-off-by: Yi Sun <yi.sun@unisoc.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Link: https://lore.kernel.org/r/20240129085250.1550594-1-yi.sun@unisoc.com
Signed-off-by: Jens Axboe <axboe@kernel.dk>
Signed-off-by: Sasha Levin <sashal@kernel.org>
|
|
This is the 5.15.149 stable release
# -----BEGIN PGP SIGNATURE-----
#
# iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAmXYT2wACgkQONu9yGCS
# aT6i6w//WPR54VwLS08xIhUBZlaUbSxtQW4IASxE87RklBpl60NvxGQjYpmRTuim
# 428ek+PI6qLJnQpESN4s4zf2/q2+VUmbp98Bib4Yi2AtO0GRlk9kg10CA+Rda32l
# qddiOpjIZfW2PkxegZ2tE29plgDQT3GWWjaDVSuZMvTVJmftvw6j4A0T9QiXeXOo
# jGWzzQSOhbebKxXeSnecNg9CFGmzt9YeiJOPO05f67c8MK9JurF6WxkCVZ9VxF2b
# INF21WUqKRB7gNdsJQb8sbaf0sjnVMOpP1lTjcU/IFEKmriVyT/ImyX9KPS3p7cj
# 3ZAIZzmCVSM/ATYJm52p31QhytGHe45qf6knr2GQ/FJOhQxsGHKtj47zao9lo2Hi
# /JpvyVnh1dWmcv2LtrDPjmRf/QnixVX3Kp/mn4zamp9n7/DqsJ14DSwf4plo/d7d
# jN41GBb69e8kI+9rB8uK6pD8ua+gmXaIJW6DF4SySzovG4WYKE88xecrsmegSlOH
# AOlr3JWzRE0PW3JHkk9Jc0ZPJrHivp1jv7RPS8i0A1JT+/dFx/B/BdDwhNLX3P/w
# ysLaxaF9BAB4+5O6CsW6U0y9CFEZgbBKsVJu5ZY6rvZA8YDPgcfoUB5bZKRnWYcz
# Menq1D7tr8hZbQWXbOgu/XyNJJXMl3C2b/j2V2GpNybVm/uXQrs=
# =HI6Z
# -----END PGP SIGNATURE-----
# gpg: Signature made Fri 23 Feb 2024 02:55:24 AM EST
# gpg: using RSA key 647F28654894E3BD457199BE38DBBDC86092693E
# gpg: Can't check signature: No public key
|
|
[ Upstream commit 9e4bf6a08d1e127bcc4bd72557f2dfafc6bc7f41 ]
Since "dev_search_path" can technically be as large as PATH_MAX,
there was a risk of truncation when copying it and a second string
into "full_path" since it was also PATH_MAX sized. The W=1 builds were
reporting this warning:
drivers/block/rnbd/rnbd-srv.c: In function 'process_msg_open.isra':
drivers/block/rnbd/rnbd-srv.c:616:51: warning: '%s' directive output may be truncated writing up to 254 bytes into a region of size between 0 and 4095 [-Wformat-truncation=]
616 | snprintf(full_path, PATH_MAX, "%s/%s",
| ^~
In function 'rnbd_srv_get_full_path',
inlined from 'process_msg_open.isra' at drivers/block/rnbd/rnbd-srv.c:721:14: drivers/block/rnbd/rnbd-srv.c:616:17: note: 'snprintf' output between 2 and 4351 bytes into a destination of size 4096
616 | snprintf(full_path, PATH_MAX, "%s/%s",
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
617 | dev_search_path, dev_name);
| ~~~~~~~~~~~~~~~~~~~~~~~~~~
To fix this, unconditionally check for truncation (as was already done
for the case where "%SESSNAME%" was present).
Reported-by: kernel test robot <lkp@intel.com>
Closes: https://lore.kernel.org/oe-kbuild-all/202312100355.lHoJPgKy-lkp@intel.com/
Cc: Md. Haris Iqbal <haris.iqbal@ionos.com>
Cc: Jack Wang <jinpu.wang@ionos.com>
Cc: Jens Axboe <axboe@kernel.dk>
Cc: <linux-block@vger.kernel.org>
Signed-off-by: Kees Cook <keescook@chromium.org>
Acked-by: Guoqing Jiang <guoqing.jiang@linux.dev>
Acked-by: Jack Wang <jinpu.wang@ionos.com>
Link: https://lore.kernel.org/r/20231212214738.work.169-kees@kernel.org
Signed-off-by: Jens Axboe <axboe@kernel.dk>
Signed-off-by: Sasha Levin <sashal@kernel.org>
|
|
commit ded080c86b3f99683774af0441a58fc2e3d60cae upstream.
The running list is supposed to contain requests that are pinning the
exclusive lock, i.e. those that must be flushed before exclusive lock
is released. When wake_lock_waiters() is called to handle an error,
requests on the acquiring list are failed with that error and no
flushing takes place. Briefly moving them to the running list is not
only pointless but also harmful: if exclusive lock gets acquired
before all of their state machines are scheduled and go through
rbd_lock_del_request(), we trigger
rbd_assert(list_empty(&rbd_dev->running_list));
in rbd_try_acquire_lock().
Cc: stable@vger.kernel.org
Fixes: 637cd060537d ("rbd: new exclusive lock wait/wake code")
Signed-off-by: Ilya Dryomov <idryomov@gmail.com>
Reviewed-by: Dongsheng Yang <dongsheng.yang@easystack.cn>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
|
This is the 5.15.148 stable release
# -----BEGIN PGP SIGNATURE-----
#
# iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAmWy5lAACgkQONu9yGCS
# aT7qwRAAl0pWI9Dwywt2Yn7Rd350Vz974RsctlTWtheBztaZ/589Vdj4xO6do3A1
# FWjG0bWBibs1TnfazplWNSApxHy+eYnxwiWUzxPDhJnRJGp4I0NBsnCkRjNCVRqN
# xlXvzc6vwdnNs9enX/NSTUvA3+AkHRURJbPO5MJypmFL6+eR6SibTBWRwsLZGtTR
# KB9OZZM8UFwH5DPO0VYEVqyfBeehXCM3FukQ5M/2QjRTPpu8PyX1hNOu3rGak/jr
# bnL4AdHG3RcdbKc6r3nMSzW3ep0nJ3pgi2eZlH6QsV+fBxiuw6vdzk9LwUhc1ggR
# DaFlPbczM6hSkLW06zI2Z8cmkLlWfR3zINin+Y4CM0Tl5CSjW9gImj9XqP97Oenc
# H5P72ErFx0U9sNmkmr2KR3MiRP1ESLxgc2dwJc5AAJHT75WZO6fZiEXnKVH9sf6M
# pXNu7GiGcW+2kwnVInUxce3CaoTYtCFjrYmVJ7c+GSseMpgKneXSTARr6Kd3HtBS
# F7R6Uwqy/I6m0JtXYpLbc9TGXypzVygLMTZBbxAU9KOfaaWhbyVWw73dmP5EZQGr
# GSHysnBGTX0liUxbEVisS/0ClFsb2ws1BSSiJ9TaaOVyg7f9xC0R/17C9jUSaQOS
# QCwIPdQuKsLs4zM3IuWGi7vlSFYkEz4VljC4abe3OfkptjoozdI=
# =hc5X
# -----END PGP SIGNATURE-----
# gpg: Signature made Thu 25 Jan 2024 05:53:04 PM EST
# gpg: using RSA key 647F28654894E3BD457199BE38DBBDC86092693E
# gpg: Can't check signature: No public key
|
|
[ Upstream commit 9a9525de865410047fa962867b4fcd33943b206f ]
null_blk has some rather odd capping of the max_hw_sectors value to
BLK_DEF_MAX_SECTORS, which doesn't make sense - max_hw_sector is the
hardware limit, and BLK_DEF_MAX_SECTORS despite the confusing name is the
default cap for the max_sectors field used for normal file system I/O.
Remove all the capping, and simply leave it to the block layer or
user to take up or not all of that for file system I/O.
Fixes: ea17fd354ca8 ("null_blk: Allow controlling max_hw_sectors limit")
Signed-off-by: Christoph Hellwig <hch@lst.de>
Link: https://lore.kernel.org/r/20231227092305.279567-2-hch@lst.de
Signed-off-by: Jens Axboe <axboe@kernel.dk>
Signed-off-by: Sasha Levin <sashal@kernel.org>
|
|
[ Upstream commit 0a26f327e46c203229e72c823dfec71a2b405ec5 ]
This is used as an unsigned value, so define it that way to avoid
having to cast it.
Suggested-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Keith Busch <kbusch@kernel.org>
Reviewed-by: Christoph Hellwig <hch@lst.de>
Reviewed-by: Bart Van Assche <bvanassche@acm.org>
Reviewed-by: Martin K. Petersen <martin.petersen@oracle.com>
Link: https://lore.kernel.org/r/20230105205146.3610282-2-kbusch@meta.com
Signed-off-by: Jens Axboe <axboe@kernel.dk>
Stable-dep-of: 9a9525de8654 ("null_blk: don't cap max_hw_sectors to BLK_DEF_MAX_SECTORS")
Signed-off-by: Sasha Levin <sashal@kernel.org>
|
|
This is the 5.15.140 stable release
# -----BEGIN PGP SIGNATURE-----
#
# iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAmVmG8gACgkQONu9yGCS
# aT5fDhAAoHORFj/dBspCjhYkR33cx05klPRq5KA3FUWeVozoEKp/EAGYK/VRFYaX
# lHf3jIAvZw8X7dirAo6ep6c8sj45IFoNiAVa4vJzhpqGG/sgMGXscTGOXGXH7PdG
# 8C0Df/EoxBg0qX/Tmc18xODAz2nuC8OAd64IBbesEq0yTGqA5IYqvtAHxIh1vaUs
# UNj0ZuY338JBDnJLDpT8IX6PiGXKRVAQmyznVbElDXX5D4C3BfUkfiRKZB+rCDB2
# C1STU5wPm8I3b+Fl2B/2R38DylkxjwOVKsAxunLSK0GaS+Bd5WEtQUmAR4SZHTnk
# uxDavW2Tx3xoExdifY4l2bxHWEhLMhUQ0N8pwTjFG7IvUymeZE26HvTc6fsiq0B9
# j+gEuSpAc2WtUtpJRV6ejJuzSruU8YGZjOxw70Esd70ozn8/qJ6ogce5sTayTPJH
# bjgvM2B+VJfLLWmQtJqLmEIzTJpuKaz/RREacL7xQrmfo3eOi3oooUL7YA51QNBY
# zBChqmPbMI9YU2NQxMzy14mpnc9l3QOVL7NtGkQ+JZeRG1h3oKRbLc5rCtL876Oe
# 1ptLbVYnoPEEtp88zGzjrtonEKFhn8E/TdKDYqd2whJd4vs7xT3qejjfBt+1yJvz
# pJsQKGjkjjBgTl/ddbJdOacpNqvbDeX/0O/jYF64zDuqBbG+AxM=
# =mE5l
# -----END PGP SIGNATURE-----
# gpg: Signature made Tue 28 Nov 2023 11:56:40 AM EST
# gpg: using RSA key 647F28654894E3BD457199BE38DBBDC86092693E
# gpg: Can't check signature: No public key
|
|
[ Upstream commit fafb51a67fb883eb2dde352539df939a251851be ]
The following codes have an implicit conversion from size_t to u32:
(u32)max_size = (size_t)virtio_max_dma_size(vdev);
This may lead overflow, Ex (size_t)4G -> (u32)0. Once
virtio_max_dma_size() has a larger size than U32_MAX, use U32_MAX
instead.
Signed-off-by: zhenwei pi <pizhenwei@bytedance.com>
Message-Id: <20230904061045.510460-1-pizhenwei@bytedance.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
|
|
This is the 5.15.135 stable release
# -----BEGIN PGP SIGNATURE-----
#
# iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAmUlrTUACgkQONu9yGCS
# aT6eChAAu8RfPBp7PdSotO0NBPFLNoj0t1wtypNuCWzy0s86UknRwWVtZTNAYp1A
# 69IeTOGQei/cumtyOM+CV6cTut9IiO74VtCbw3KTXjzbkUzn/saMoAyAYypAw0KF
# SeO6fgmsEhPXGMhKjHNNlDs2ka1tJs5GN0n6EFI5h0T1XIekFoZx96+yKH8iS7zw
# Ep6ZqUS6RqN6Y36wUOvNtk8wy39tFhCy8chkvh82mMiOjh7aiajhvRU4uKQbo/J5
# HNYIb58UY+DMeimzOO+ei7nmmBUjCxAL3j0MDdC6mYMCeaA+wOAXHC35YfNgZ9Y2
# 5uMFEl1j0wfVeCcz1XAF430hXnZyBnSN39Bix/WseWPoT13NgKZECrMwQHv4lZCw
# hEAiELp2Be8qvb3BNYrnt0Owfi5XSd0rzYzRHTCaqo3rv96w/WdXaJ8fTbxgzu9B
# 8KFjD6oArnjhTim5HtRiXxjovlngQyzQFtXV3jb8ffNnLrJ1fQ7e9Ai6lAIPwu3N
# NoZfQLZ1BadPyNj5JLhAFoNgasIeStrOfBqSfnycM5DM34NqD5UpRituRO+PFQZQ
# Mm4A9aQEBoFhrs/R66ArB0yV7d/KHFwo5w2rNRpDqRw9yVxnW54WVqgzIySKS+eb
# JFQ3PmgrEkVwjet/hTLts/9BpLNqw0CKBQCLP/5mRlVarAjLv7U=
# =K5gs
# -----END PGP SIGNATURE-----
# gpg: Signature made Tue 10 Oct 2023 03:59:49 PM EDT
# gpg: using RSA key 647F28654894E3BD457199BE38DBBDC86092693E
# gpg: Can't check signature: No public key
|
|
commit 0b207d02bd9ab8dcc31b262ca9f60dbc1822500d upstream.
rbd_dev_refresh() has been holding header_rwsem across header and
parent info read-in unnecessarily for ages. With commit 870611e4877e
("rbd: get snapshot context after exclusive lock is ensured to be
held"), the potential for deadlocks became much more real owning to
a) header_rwsem now nesting inside lock_rwsem and b) rw_semaphores
not allowing new readers after a writer is registered.
For example, assuming that I/O request 1, I/O request 2 and header
read-in request all target the same OSD:
1. I/O request 1 comes in and gets submitted
2. watch error occurs
3. rbd_watch_errcb() takes lock_rwsem for write, clears owner_cid and
releases lock_rwsem
4. after reestablishing the watch, rbd_reregister_watch() calls
rbd_dev_refresh() which takes header_rwsem for write and submits
a header read-in request
5. I/O request 2 comes in: after taking lock_rwsem for read in
__rbd_img_handle_request(), it blocks trying to take header_rwsem
for read in rbd_img_object_requests()
6. another watch error occurs
7. rbd_watch_errcb() blocks trying to take lock_rwsem for write
8. I/O request 1 completion is received by the messenger but can't be
processed because lock_rwsem won't be granted anymore
9. header read-in request completion can't be received, let alone
processed, because the messenger is stranded
Change rbd_dev_refresh() to take header_rwsem only for actually
updating rbd_dev->header. Header and parent info read-in don't need
any locking.
Cc: stable@vger.kernel.org # 0b035401c570: rbd: move rbd_dev_refresh() definition
Cc: stable@vger.kernel.org # 510a7330c82a: rbd: decouple header read-in from updating rbd_dev->header
Cc: stable@vger.kernel.org # c10311776f0a: rbd: decouple parent info read-in from updating rbd_dev
Cc: stable@vger.kernel.org
Fixes: 870611e4877e ("rbd: get snapshot context after exclusive lock is ensured to be held")
Signed-off-by: Ilya Dryomov <idryomov@gmail.com>
Reviewed-by: Dongsheng Yang <dongsheng.yang@easystack.cn>
Signed-off-by: Sasha Levin <sashal@kernel.org>
|
|
commit c10311776f0a8ddea2276df96e255625b07045a8 upstream.
Unlike header read-in, parent info read-in is already decoupled in
get_parent_info(), but it's buried in rbd_dev_v2_parent_info() along
with the processing logic.
Separate the initial read-in and update read-in logic into
rbd_dev_setup_parent() and rbd_dev_update_parent() respectively and
have rbd_dev_v2_parent_info() just populate struct parent_image_info
(i.e. what get_parent_info() did). Some existing QoI issues, like
flatten of a standalone clone being disregarded on refresh, remain.
Signed-off-by: Ilya Dryomov <idryomov@gmail.com>
Reviewed-by: Dongsheng Yang <dongsheng.yang@easystack.cn>
Signed-off-by: Sasha Levin <sashal@kernel.org>
|
|
commit 510a7330c82a7754d5df0117a8589e8a539067c7 upstream.
Make rbd_dev_header_info() populate a passed struct rbd_image_header
instead of rbd_dev->header and introduce rbd_dev_update_header() for
updating mutable fields in rbd_dev->header upon refresh. The initial
read-in of both mutable and immutable fields in rbd_dev_image_probe()
passes in rbd_dev->header so no update step is required there.
rbd_init_layout() is now called directly from rbd_dev_image_probe()
instead of individually in format 1 and format 2 implementations.
Signed-off-by: Ilya Dryomov <idryomov@gmail.com>
Reviewed-by: Dongsheng Yang <dongsheng.yang@easystack.cn>
Signed-off-by: Sasha Levin <sashal@kernel.org>
|
|
commit 0b035401c57021fc6c300272cbb1c5a889d4fe45 upstream.
Move rbd_dev_refresh() definition further down to avoid having to
move struct parent_image_info definition in the next commit. This
spares some forward declarations too.
Signed-off-by: Ilya Dryomov <idryomov@gmail.com>
Reviewed-by: Dongsheng Yang <dongsheng.yang@easystack.cn>
[idryomov@gmail.com: backport to 5.10-6.1: context]
Signed-off-by: Sasha Levin <sashal@kernel.org>
|
|
This is the 5.15.132 stable release
# -----BEGIN PGP SIGNATURE-----
#
# iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAmUJdpAACgkQONu9yGCS
# aT7LKA//TbjfOj1RRRPE916bAbXiUwXoDDOFaAnUj8+QRLAxDB6g8U2uAMRdPwrE
# ChCFkRfma3u1hUloRp4w+IVxDNpyeTYDkK7VK5P0GSX+CUJj8ZtVCGMIYcyzdK18
# UHff2rCQVhkfzfXPxUVYws2JEtFqxeO1VsNJEVFLhMJ1NHePLyrMFyAQNLrLlk8K
# mxHjjpNdImSdgh8agAgioUaq+RvrWt2X0CTL8NC3HAU4PwMuDjTiB2YFD3PcQloS
# Pszqw1oenTQG9PwuwtnWJyn2U0RkD+IkEXj99ED/ocs73aHOmQ31jjcDXcz3gNJ5
# dZVktqD7y1tAQlivvsiwgumeJWxBQ9u5bEf1i8bAYfjelT6TyNuhk+JDWGRBYetd
# fOddhoNHw7KFvB8RKNSW/R+gt6RaeQZB8JN+9qF6vlit/uSP3wC0klKV56gKhXY9
# DMQ9j/FCLHrxOo5vgvMu5LTXJOyn/hgdQ9kYVT7Yz4Y2JDuFR6pE4xzuVsxIhnyX
# TIzp8ywsAKDl2d2OZCzp5S9YXxkVDBj0xJIxFSjyq9JPW9iVh18AEsIgkvwBjh/P
# 5okd3AIw+zU45dHDDsnePslFxl90La5cACuwEJzGsGuDYomdiUeqSCkB/5zcAWTn
# nra2BuxEI/DVHOifygJ4rZA9IBxIUoPrAbIPHR1Knjll+lfSVGY=
# =blAW
# -----END PGP SIGNATURE-----
# gpg: Signature made Tue 19 Sep 2023 06:23:12 AM EDT
# gpg: using RSA key 647F28654894E3BD457199BE38DBBDC86092693E
# gpg: Can't check signature: No public key
|
|
commit d0ac7a30e41174c794fbfa53ea986d9555e5b9f4 upstream.
Return -ENODEV on these error paths instead of returning success.
Fixes: af761f277b7f ("pcd: cleanup initialization")
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Link: https://lore.kernel.org/r/20211001122623.GA2283@kili
Signed-off-by: Jens Axboe <axboe@kernel.dk>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
|
[ Upstream commit 46e7eac647b34ed4106a8262f8bedbb90801fadd ]
The GENHD_FL_NO_PART_SCAN controls more than just partitions canning,
so rename it to GENHD_FL_NO_PART.
Signed-off-by: Christoph Hellwig <hch@lst.de>
Acked-by: Ulf Hansson <ulf.hansson@linaro.org>
Link: https://lore.kernel.org/r/20211122130625.1136848-7-hch@lst.de
Signed-off-by: Jens Axboe <axboe@kernel.dk>
Stable-dep-of: 1a721de8489f ("block: don't add or resize partition on the disk with GENHD_FL_NO_PART")
Signed-off-by: Sasha Levin <sashal@kernel.org>
|
|
[ Upstream commit 1545e0b419ba1d9b9bee4061d4826340afe6b0aa ]
GENHD_FL_BLOCK_EVENTS_ON_EXCL_WRITE is all about the event reporting
mechanism, so move it to the event_flags field.
Signed-off-by: Christoph Hellwig <hch@lst.de>
Link: https://lore.kernel.org/r/20211122130625.1136848-3-hch@lst.de
Signed-off-by: Jens Axboe <axboe@kernel.dk>
Stable-dep-of: 1a721de8489f ("block: don't add or resize partition on the disk with GENHD_FL_NO_PART")
Signed-off-by: Sasha Levin <sashal@kernel.org>
|
|
[ Upstream commit af761f277b7fd896c27cb1100b25f11567987822 ]
Refactor the pcd initialization to have a dedicated helper to initialize
a single disk.
Signed-off-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Jens Axboe <axboe@kernel.dk>
Stable-dep-of: 1a721de8489f ("block: don't add or resize partition on the disk with GENHD_FL_NO_PART")
Signed-off-by: Sasha Levin <sashal@kernel.org>
|
|
[ Upstream commit 7d8b72aaddd3ec5f350d3e9988d6735a7b9b18e9 ]
No need to pass it through a bunch of functions.
Signed-off-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Jens Axboe <axboe@kernel.dk>
Stable-dep-of: 1a721de8489f ("block: don't add or resize partition on the disk with GENHD_FL_NO_PART")
Signed-off-by: Sasha Levin <sashal@kernel.org>
|
|
This is the 5.15.126 stable release
# -----BEGIN PGP SIGNATURE-----
#
# iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAmTWRIsACgkQONu9yGCS
# aT4H8w//dG/Wgxtk8Z80PCsPceeGpYyejMqSdy4lAkfdj4nqSHeVLfkJSpDR4Y59
# bk+zFKuAjP1Oe3UxmCdXFawe36EnLRCgH29pkL9Kyub8p+WbcwG7YYwCBxhiYq9V
# Y9laUTlPHOkpjSkHElI9tDfZ8VmPtW7+fC92LzwxlX6TXdpqjNumG+vU58iyJ31B
# SZBGmnJcB9tjHPE85n81PN4kOIURvMp4KxUsCE0dGGFlo3i0T8X6jkimvCZLJMLI
# r9EFNeC5uPtCgIpqSCQ5LzCaI9/o2WhYzY0HEXA73MZTbNFJt2vNUv7f8nky28oy
# piweMTkmBedMUPuA8o2XnPKP3LUved+sxvBulUWI6i6YOTr/tVBBuX9+cWd59lxX
# R3mW2vOkN267PcfD7UBo0k6i3TTvXi/boRO5IplIrgHkgtd/zt2rkeugGNxKC4n9
# 5seP+XqHIqxGiP0ptAqlR2E+h6g5Eyt6mmj1Qe6wp97vo4pfBxDe8FRWrFWAZP6n
# /UtK5mJ1yrGF8+m9J58905qIvtQ5ty7dVIqMHYThcM/7SPyqlMRXU7QnhmeqaV9n
# 1P7fqOZkUOu5bB1ma/gsOj8HQiJMiohnHUJfVyGocJOcGoUSxqUCRy/iwIwrcrlY
# 7sxznDE9xd4eTa/MHeU36wf4m+LntnEklmjyLHlUBgXfF2aROdo=
# =wwTt
# -----END PGP SIGNATURE-----
# gpg: Signature made Fri 11 Aug 2023 10:24:11 AM EDT
# gpg: using RSA key 647F28654894E3BD457199BE38DBBDC86092693E
# gpg: Can't check signature: No public key
|
|
commit 9d01e07fd1bfb4daae156ab528aa196f5ac2b2bc upstream.
Due to rbd_try_acquire_lock() effectively swallowing all but
EBLOCKLISTED error from rbd_try_lock() ("request lock anyway") and
rbd_request_lock() returning ETIMEDOUT error not only for an actual
notify timeout but also when the lock owner doesn't respond, a busy
loop inside of rbd_acquire_lock() between rbd_try_acquire_lock() and
rbd_request_lock() is possible.
Requesting the lock on EBUSY error (returned by get_lock_owner_info()
if an incompatible lock or invalid lock owner is detected) makes very
little sense. The same goes for ETIMEDOUT error (might pop up pretty
much anywhere if osd_request_timeout option is set) and many others.
Just fail I/O requests on rbd_dev->acquiring_list immediately on any
error from rbd_try_lock().
Cc: stable@vger.kernel.org # 588159009d5b: rbd: retrieve and check lock owner twice before blocklisting
Cc: stable@vger.kernel.org
Signed-off-by: Ilya Dryomov <idryomov@gmail.com>
Reviewed-by: Dongsheng Yang <dongsheng.yang@easystack.cn>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
|
This is the 5.15.124 stable release
# -----BEGIN PGP SIGNATURE-----
#
# iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAmTLY98ACgkQONu9yGCS
# aT5o6RAAr85HEJKt1Edvq8QyZ1qF0E5E+uPsBTWaf+AcHpP1BB59/8G1poiQHmqB
# aUTzZVEOzHBjFHwNHOSzV7dfHyngAtamOBkS+khLCz2x6o5Csqoeutwlhl4sQ3Ya
# 4ng+uu8FyjQrwzJk5ixEE0VnsWGfGTslUXE2mo+7B5yjwUhIG5QxTkVPfldzfTi4
# vlHzcELJPW6xr+L+/TuBauESSNzyHloHVBbvPBYQqCjGXoymPKZXjSsOQp4ck3tZ
# Hp/9pfxA73+3AgaMNO7qFCwMQrpsvU/qb0n7mNQHlcMXyJiOOTKerhsBrePBc2TQ
# 67UYyLMy1D3pIKjkk/t2Kx5CM3yA1M7YY8mOlxuHH9EQYvgzdgN8xQlBDu7faOiT
# OGfvJLtJqAP0hepMj48rLUp7+NHfHYJyK0UGLVXInsbq5Ovm68pvMHULzizc2bx/
# H6qedzwOF40hmcgPGs97nxehn1eq63dkztY8wZ+4PKGMRh8y2cQyXOmWbn5liqkh
# Zt4gAv4MfGOcchEaUZoPDvAnlzd5KdWz7oaR6urlGZ6ZxyJplnhBwKCM9PTsNgaq
# uHSvdVrBLoB6H210O3RnRiOhFw4gLIBsK8P+b0z033eXdod+qpWb9cf4T5kLH1T6
# jiWF7CLYyANx3FFJNZJRo87TtJgmp2RUXnUHGaCyECgbNRncr7Y=
# =jkw9
# -----END PGP SIGNATURE-----
# gpg: Signature made Thu 03 Aug 2023 04:22:55 AM EDT
# gpg: using RSA key 647F28654894E3BD457199BE38DBBDC86092693E
# gpg: Can't check signature: No public key
|
|
commit 588159009d5b7a09c3e5904cffddbe4a4e170301 upstream.
An attempt to acquire exclusive lock can race with the current lock
owner closing the image:
1. lock is held by client123, rbd_lock() returns -EBUSY
2. get_lock_owner_info() returns client123 instance details
3. client123 closes the image, lock is released
4. find_watcher() returns 0 as there is no matching watcher anymore
5. client123 instance gets erroneously blocklisted
Particularly impacted is mirror snapshot scheduler in snapshot-based
mirroring since it happens to open and close images a lot (images are
opened only for as long as it takes to take the next mirror snapshot,
the same client instance is used for all images).
To reduce the potential for erroneous blocklisting, retrieve the lock
owner again after find_watcher() returns 0. If it's still there, make
sure it matches the previously detected lock owner.
Cc: stable@vger.kernel.org # f38cb9d9c204: rbd: make get_lock_owner_info() return a single locker or NULL
Cc: stable@vger.kernel.org # 8ff2c64c9765: rbd: harden get_lock_owner_info() a bit
Cc: stable@vger.kernel.org
Signed-off-by: Ilya Dryomov <idryomov@gmail.com>
Reviewed-by: Dongsheng Yang <dongsheng.yang@easystack.cn>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
|
commit 8ff2c64c9765446c3cef804fb99da04916603e27 upstream.
- we want the exclusive lock type, so test for it directly
- use sscanf() to actually parse the lock cookie and avoid admitting
invalid handles
- bail if locker has a blank address
Signed-off-by: Ilya Dryomov <idryomov@gmail.com>
Reviewed-by: Dongsheng Yang <dongsheng.yang@easystack.cn>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
|
commit f38cb9d9c2045dad16eead4a2e1aedfddd94603b upstream.
Make the "num_lockers can be only 0 or 1" assumption explicit and
simplify the API by getting rid of output parameters in preparation
for calling get_lock_owner_info() twice before blocklisting.
Signed-off-by: Ilya Dryomov <idryomov@gmail.com>
Reviewed-by: Dongsheng Yang <dongsheng.yang@easystack.cn>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
|
This is the 5.15.118 stable release
# -----BEGIN PGP SIGNATURE-----
#
# iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAmSTAmsACgkQONu9yGCS
# aT6MyA/9FRXd3ydG7b2o+n75Zolt/qzyz8p7YRljp7zF2py6/9NxKKKf0RtMifn0
# KDneJN9HSmkFDrFsZEX1PONHS4346lQpX33yE/6l19zsm/5PygqF7opTF2Amabkc
# 1FiQRb5EemctR902VNalYlSEHVMph0b+8pwMZzz9WjIkkQkOC2Bu+DIovmwk+wwQ
# IwBwq0Qouhp/MZAji+vcvRcvT1cKe8yWo5XEbPDCexJ8CkR3KHmXrWGzmLWKL/LB
# RDOUl71IoEEtepd8lMRMQN6WsYpun+yHE0DummXhNh/Xt8s0VRP73K15SIyIDaim
# TGZ2syUwq6/VWZRh3z5ERek4euaCp7JqYIv/+dnWoKxQvaXDLd4udSGin4AbMjd/
# vwxMsARWXM3i89tKByCryajUmYk6CUdxtf0VF4pJifq3+jbhTMb439tfzv5ja0kl
# umlappmgfc5+1keuHvONZsxMsbb0lhICbvBwXQEvRg0whNS6jMmWoFTc8mzQ1M/m
# qVDjKVWWDdmhTAnhn0MK9Z5HQ1Dnw0uwyObQM7ZHh5PK6PTf4vlY6RVU1NrhqOjK
# xHlEgYJ+GDXvooP8TLGv60K1T8p1YPi80mhYW0Gm8MytnRRlrDVTORgvyOUvlbu/
# BxxvDuOr/LiSn/cgQBC03WKxGbF4LjQsbesnt6xqIbG9aWybax4=
# =H93I
# -----END PGP SIGNATURE-----
# gpg: Signature made Wed 21 Jun 2023 10:00:11 AM EDT
# gpg: using RSA key 647F28654894E3BD457199BE38DBBDC86092693E
# gpg: Can't check signature: No public key
|
|
[ Upstream commit b6ebaa8100090092aa602530d7e8316816d0c98d ]
The existing code silently converts read operations with the
REQ_FUA bit set into write-barrier operations. This results in data
loss as the backend scribbles zeroes over the data instead of returning
it.
While the REQ_FUA bit doesn't make sense on a read operation, at least
one well-known out-of-tree kernel module does set it and since it
results in data loss, let's be safe here and only look at REQ_FUA for
writes.
Signed-off-by: Ross Lagerwall <ross.lagerwall@citrix.com>
Acked-by: Juergen Gross <jgross@suse.com>
Link: https://lore.kernel.org/r/20230426164005.2213139-1-ross.lagerwall@citrix.com
Signed-off-by: Juergen Gross <jgross@suse.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
|
|
This is the 5.15.117 stable release
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
# -----BEGIN PGP SIGNATURE-----
#
# iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAmSJhK8ACgkQONu9yGCS
# aT5AHQ/9EyhxkEAY0n0khZaeekTHSaL14GL5H1XscTs3DxRxub6E5I93tn5KVj+J
# Mec783ZaFEPlEXKymbRcA3z3GqxxPZ97ECisM43VkhaTNIDtwIZhEm2iYXRc5MbZ
# tErBkUidtebTR56HAZ4XLfkaDC0K6g3jlKMu54NRdBLlSQZJKJdZxCXgkKDfFz6e
# jeFb6SIQqR44ycX13EGNO+BXI3wWqDRikBF2V3UMHKECvaBeJBcHhWLdKh3eCOLU
# yzjWrjOIS1xJB2XpB1Oxw9DwX0pARlTu1aJ47By4agXFtsnwI0TaURYeTeemcStX
# 045F2om78cl2lJdXoIlfpEfPNa4aOM9EyiaUPW4NDxVo8V6in07qFaN3/C680o6p
# QA7tg6jJQfrvxdaO3De1i20WA2Wn1+bHjyZ4aVpVuIpZKa5OJQGAkKKMTZndfJ25
# aotbGdcgWoGocGTg4+E5Ib61S/DLIXjbGLqIGzzE6K24VLdEASVKQVCsPt/QdG8d
# J9julwTemujIhMF9gDhhnCBRu+oziupvZaxQOgsYABEkOHJ51pFTNJvG6EbgXGD3
# BM+nZYres6Mm/6+Uj9StYyOcmdII025ky4A4mjJ82dno7I9qRQshGDUSEtOv9DDS
# xPNoncigoDVh+iX5kan126+8Of2Ne5WajqWIjw8v4yq3AdTT3kg=
# =evAJ
# -----END PGP SIGNATURE-----
# gpg: Signature made Wed 14 Jun 2023 05:13:19 AM EDT
# gpg: using RSA key 647F28654894E3BD457199BE38DBBDC86092693E
# gpg: Can't check signature: No public key
# Conflicts:
# drivers/ata/ahci.h
|
|
commit 870611e4877eff1e8413c3fb92a585e45d5291f6 upstream.
Move capturing the snapshot context into the image request state
machine, after exclusive lock is ensured to be held for the duration of
dealing with the image request. This is needed to ensure correctness
of fast-diff states (OBJECT_EXISTS vs OBJECT_EXISTS_CLEAN) and object
deltas computed based off of them. Otherwise the object map that is
forked for the snapshot isn't guaranteed to accurately reflect the
contents of the snapshot when the snapshot is taken under I/O. This
breaks differential backup and snapshot-based mirroring use cases with
fast-diff enabled: since some object deltas may be incomplete, the
destination image may get corrupted.
Cc: stable@vger.kernel.org
Link: https://tracker.ceph.com/issues/61472
Signed-off-by: Ilya Dryomov <idryomov@gmail.com>
Reviewed-by: Dongsheng Yang <dongsheng.yang@easystack.cn>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
|
commit 09fe05c57b5aaf23e2c35036c98ea9f282b19a77 upstream.
Move RBD_OBJ_FLAG_COPYUP_ENABLED flag setting into the object request
state machine to allow for the snapshot context to be captured in the
image request state machine rather than in rbd_queue_workfn().
Cc: stable@vger.kernel.org
Signed-off-by: Ilya Dryomov <idryomov@gmail.com>
Reviewed-by: Dongsheng Yang <dongsheng.yang@easystack.cn>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
|
commit d13bc4d84a8e91060d3797fc95c1a0202bfd1499 upstream.
This driver is for fairly obscure hardware, and has only seen random
drive-by changes after the maintainer stopped working on it in 2005
(about a year and a half after it was introduced). It has some
"interesting" block layer interactions, so let's just drop it unless
anyone complains.
Signed-off-by: Christoph Hellwig <hch@lst.de>
Link: https://lore.kernel.org/r/20220721064102.1715460-1-hch@lst.de
[axboe: fix date typo, it was in 2005, not 2015]
Signed-off-by: Jens Axboe <axboe@kernel.dk>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
|
This is the 5.15.116 stable release
# -----BEGIN PGP SIGNATURE-----
#
# iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAmSC464ACgkQONu9yGCS
# aT61dQ//bgt3MdF3nEo07Stb94D+bLOwau0kcEfnoz7goLHeQI5mmqmNlCdtmQDq
# gvY/Ut6LItUXbOctCMJGAvHWt+MOzy2lACCd5qI7NyfaSkJgNNBb4xVaG/XjfeB2
# acQ3RXBGa7xOMW677jREc76Yed4pxW6/YC6/C9/jdxoWaW6dRCV4Hju3iUf/oKBo
# iz7LWd0qeOaLIZfC9OS2v+GIZWT2z2bidmJhsjGd1cPm+ip3+YftGiwuzphv/NeY
# hzfVU7Teg874JWocsHixPjyIXZA1I4/VRKkEr4xtI7ooaTulbo1ImrhDm6imdxYp
# 5KJPr39Xm5Y6piUNn72PZ1Wc906XrBIIfP2sgjaMPnqrHOi5B0imnHg1QlRN0+Qk
# Ni9EpQb9GcKlDj5OhXPZ88xntKPtU7+q7TgoUto5DH7cSxelk2BGyrHqEXLQT2YZ
# HP5NvspUjPeAPO9W1CFeTCXrUySAjJayjrd0V7+/N6ii205+aWVsU5HkJ/OFrd6L
# 22wZKk76Fni9FDx8j6wSU0NbZMIrP3/yIth2q7LzR2JPS7IvDsohBz/VLI9wUUkU
# MEKNhQSnldRvhG7hZ6XFG6n/LsnbXWXR2LNI9Vapud4QUYFmTf5cBtjSmSET7Vpd
# Sq9NxL10cVNR4qHmTkMzeNdEAVm1XgKKoot0rvMj7qQNEIoiscc=
# =WxoZ
# -----END PGP SIGNATURE-----
# gpg: Signature made Fri 09 Jun 2023 04:32:46 AM EDT
# gpg: using RSA key 647F28654894E3BD457199BE38DBBDC86092693E
# gpg: Can't check signature: No public key
|
|
[ Upstream commit 5e6e08087a4acb4ee3574cea32dbff0f63c7f608 ]
Since flush bios are implemented as writes with no data and
the preflush flag per Christoph's comment [1].
And we need to change it in rnbd accordingly. Otherwise, I
got splatting when create fs from rnbd client.
[ 464.028545] ------------[ cut here ]------------
[ 464.028553] WARNING: CPU: 0 PID: 65 at block/blk-core.c:751 submit_bio_noacct+0x32c/0x5d0
[ ... ]
[ 464.028668] CPU: 0 PID: 65 Comm: kworker/0:1H Tainted: G OE 6.4.0-rc1 #9
[ 464.028671] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.15.0-0-g2dd4b9b-rebuilt.opensuse.org 04/01/2014
[ 464.028673] Workqueue: ib-comp-wq ib_cq_poll_work [ib_core]
[ 464.028717] RIP: 0010:submit_bio_noacct+0x32c/0x5d0
[ 464.028720] Code: 03 0f 85 51 fe ff ff 48 8b 43 18 8b 88 04 03 00 00 85 c9 0f 85 3f fe ff ff e9 be fd ff ff 0f b6 d0 3c 0d 74 26 83 fa 01 74 21 <0f> 0b b8 0a 00 00 00 e9 56 fd ff ff 4c 89 e7 e8 70 a1 03 00 84 c0
[ 464.028722] RSP: 0018:ffffaf3680b57c68 EFLAGS: 00010202
[ 464.028724] RAX: 0000000000060802 RBX: ffffa09dcc18bf00 RCX: 0000000000000000
[ 464.028726] RDX: 0000000000000002 RSI: 0000000000000000 RDI: ffffa09dde081d00
[ 464.028727] RBP: ffffaf3680b57c98 R08: ffffa09dde081d00 R09: ffffa09e38327200
[ 464.028729] R10: 0000000000000000 R11: 0000000000000000 R12: ffffa09dde081d00
[ 464.028730] R13: ffffa09dcb06e1e8 R14: 0000000000000000 R15: 0000000000200000
[ 464.028733] FS: 0000000000000000(0000) GS:ffffa09e3bc00000(0000) knlGS:0000000000000000
[ 464.028735] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 464.028736] CR2: 000055a4e8206c40 CR3: 0000000119f06000 CR4: 00000000003506f0
[ 464.028738] Call Trace:
[ 464.028740] <TASK>
[ 464.028746] submit_bio+0x1b/0x80
[ 464.028748] rnbd_srv_rdma_ev+0x50d/0x10c0 [rnbd_server]
[ 464.028754] ? percpu_ref_get_many.constprop.0+0x55/0x140 [rtrs_server]
[ 464.028760] ? __this_cpu_preempt_check+0x13/0x20
[ 464.028769] process_io_req+0x1dc/0x450 [rtrs_server]
[ 464.028775] rtrs_srv_inv_rkey_done+0x67/0xb0 [rtrs_server]
[ 464.028780] __ib_process_cq+0xbc/0x1f0 [ib_core]
[ 464.028793] ib_cq_poll_work+0x2b/0xa0 [ib_core]
[ 464.028804] process_one_work+0x2a9/0x580
[1]. https://lore.kernel.org/all/ZFHgefWofVt24tRl@infradead.org/
Signed-off-by: Guoqing Jiang <guoqing.jiang@linux.dev>
Reviewed-by: Christoph Hellwig <hch@lst.de>
Reviewed-by: Chaitanya Kulkarni <kch@nvidia.com>
Link: https://lore.kernel.org/r/20230512034631.28686-1-guoqing.jiang@linux.dev
Signed-off-by: Jens Axboe <axboe@kernel.dk>
Signed-off-by: Sasha Levin <sashal@kernel.org>
|
|
[ Upstream commit 4913cfcf014c95f0437db2df1734472fd3e15098 ]
The debugfs_create_dir function returns ERR_PTR in case of error, and the
only correct way to check if an error occurred is 'IS_ERR' inline function.
This patch will replace the null-comparison with IS_ERR.
Signed-off-by: Ivan Orlov <ivan.orlov0322@gmail.com>
Link: https://lore.kernel.org/r/20230512130533.98709-1-ivan.orlov0322@gmail.com
Signed-off-by: Jens Axboe <axboe@kernel.dk>
Signed-off-by: Sasha Levin <sashal@kernel.org>
|
|
This is the 5.15.113 stable release
# -----BEGIN PGP SIGNATURE-----
#
# iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAmRuPSwACgkQONu9yGCS
# aT6/7RAAmy/HYiWHwpje9jcycRZpR31xe8JY/I0zfHGu9f4jDQzT8BOcN7StKydq
# MNTua+PdvksOL0/f2RV+yYbGU2EXB15qPX2vgUj1U+7mSiNNtw5Gox11GCm2qpwg
# 27+gw1kF3OTvxdgIa5x4cPZySOb8W2fZVTBdO5HMxJ7YW3FSHokyn0lWLCvBTQhr
# 2Xp9Dyr1kQ9w0lkfgZ2knqLA6pJ5NT3qfdffuJbQBKHvqMqJy285nVtIcz8qCQXC
# RVaHXqIDphGhjWd3pi55bKmF1afITXuKbDQv/fuH3bmV9+SwuWLzmpE3pdsazF0E
# yRLmWHdM7OkNuxsJ1L8F5Zf+fQMleyEQGL1UFzEtFSmEWoY/TuhfhP6oBAN9IANm
# 1jo9KqnR7hTfGNGMupFDzI/A4WR91/YjmSrU9+SE6oNCdDee7yeB4pg8GzKo2tJY
# wAY3SB0Bynw/apbjt0xkX//tYZuh7DhkD8aPQEcYr4a7KUROpelfmUqGYKmhru2h
# XeZTwryPHlejWsY0Nx95/gVfGpCYXOMvRfsmP2DRtXiZBkoCxUGQ3fUFEPgfvJQC
# mlI+j25OYjxb4NAZokdXXxMsKLYjwxFil3czTi/kVG+0NGIikzIKDBmiyTAKvsa8
# KOTFneccT024Oxr5bzuKh/0hKs4V3fy+0+FVwbp77OKa4+MKu48=
# =dC7R
# -----END PGP SIGNATURE-----
# gpg: Signature made Wed 24 May 2023 12:37:00 PM EDT
# gpg: using RSA key 647F28654894E3BD457199BE38DBBDC86092693E
# gpg: Can't check signature: No public key
|
|
[ Upstream commit 55793ea54d77719a071b1ccc05a05056e3b5e009 ]
We tested and found an alarm caused by nbd_ioctl arg without verification.
The UBSAN warning calltrace like below:
UBSAN: Undefined behaviour in fs/buffer.c:1709:35
signed integer overflow:
-9223372036854775808 - 1 cannot be represented in type 'long long int'
CPU: 3 PID: 2523 Comm: syz-executor.0 Not tainted 4.19.90 #1
Hardware name: linux,dummy-virt (DT)
Call trace:
dump_backtrace+0x0/0x3f0 arch/arm64/kernel/time.c:78
show_stack+0x28/0x38 arch/arm64/kernel/traps.c:158
__dump_stack lib/dump_stack.c:77 [inline]
dump_stack+0x170/0x1dc lib/dump_stack.c:118
ubsan_epilogue+0x18/0xb4 lib/ubsan.c:161
handle_overflow+0x188/0x1dc lib/ubsan.c:192
__ubsan_handle_sub_overflow+0x34/0x44 lib/ubsan.c:206
__block_write_full_page+0x94c/0xa20 fs/buffer.c:1709
block_write_full_page+0x1f0/0x280 fs/buffer.c:2934
blkdev_writepage+0x34/0x40 fs/block_dev.c:607
__writepage+0x68/0xe8 mm/page-writeback.c:2305
write_cache_pages+0x44c/0xc70 mm/page-writeback.c:2240
generic_writepages+0xdc/0x148 mm/page-writeback.c:2329
blkdev_writepages+0x2c/0x38 fs/block_dev.c:2114
do_writepages+0xd4/0x250 mm/page-writeback.c:2344
The reason for triggering this warning is __block_write_full_page()
-> i_size_read(inode) - 1 overflow.
inode->i_size is assigned in __nbd_ioctl() -> nbd_set_size() -> bytesize.
We think it is necessary to limit the size of arg to prevent errors.
Moreover, __nbd_ioctl() -> nbd_add_socket(), arg will be cast to int.
Assuming the value of arg is 0x80000000000000001) (on a 64-bit machine),
it will become 1 after the coercion, which will return unexpected results.
Fix it by adding checks to prevent passing in too large numbers.
Signed-off-by: Zhong Jinghua <zhongjinghua@huawei.com>
Reviewed-by: Yu Kuai <yukuai3@huawei.com>
Reviewed-by: Josef Bacik <josef@toxicpanda.com>
Link: https://lore.kernel.org/r/20230206145805.2645671-1-zhongjinghua@huawei.com
Signed-off-by: Jens Axboe <axboe@kernel.dk>
Signed-off-by: Sasha Levin <sashal@kernel.org>
|
|
[ Upstream commit 63f8793ee60513a09f110ea460a6ff2c33811cdb ]
Make sure to check device queue mode in the null_validate_conf() and
return error for NULL_Q_RQ as we don't allow legacy I/O path, without
this patch we get OOPs when queue mode is set to 1 from configfs,
following are repro steps :-
modprobe null_blk nr_devices=0
mkdir config/nullb/nullb0
echo 1 > config/nullb/nullb0/memory_backed
echo 4096 > config/nullb/nullb0/blocksize
echo 20480 > config/nullb/nullb0/size
echo 1 > config/nullb/nullb0/queue_mode
echo 1 > config/nullb/nullb0/power
Entering kdb (current=0xffff88810acdd080, pid 2372) on processor 42 Oops: (null)
due to oops @ 0xffffffffc041c329
CPU: 42 PID: 2372 Comm: sh Tainted: G O N 6.3.0-rc5lblk+ #5
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
RIP: 0010:null_add_dev.part.0+0xd9/0x720 [null_blk]
Code: 01 00 00 85 d2 0f 85 a1 03 00 00 48 83 bb 08 01 00 00 00 0f 85 f7 03 00 00 80 bb 62 01 00 00 00 48 8b 75 20 0f 85 6d 02 00 00 <48> 89 6e 60 48 8b 75 20 bf 06 00 00 00 e8 f5 37 2c c1 48 8b 75 20
RSP: 0018:ffffc900052cbde0 EFLAGS: 00010246
RAX: 0000000000000001 RBX: ffff88811084d800 RCX: 0000000000000001
RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff888100042e00
RBP: ffff8881053d8200 R08: ffffc900052cbd68 R09: ffff888105db2000
R10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000002
R13: ffff888104765200 R14: ffff88810eec1748 R15: ffff88810eec1740
FS: 00007fd445fd1740(0000) GS:ffff8897dfc80000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000000000060 CR3: 0000000166a00000 CR4: 0000000000350ee0
DR0: ffffffff8437a488 DR1: ffffffff8437a489 DR2: ffffffff8437a48a
DR3: ffffffff8437a48b DR6: 00000000ffff0ff0 DR7: 0000000000000400
Call Trace:
<TASK>
nullb_device_power_store+0xd1/0x120 [null_blk]
configfs_write_iter+0xb4/0x120
vfs_write+0x2ba/0x3c0
ksys_write+0x5f/0xe0
do_syscall_64+0x3b/0x90
entry_SYSCALL_64_after_hwframe+0x72/0xdc
RIP: 0033:0x7fd4460c57a7
Code: 0d 00 f7 d8 64 89 02 48 c7 c0 ff ff ff ff eb b7 0f 1f 00 f3 0f 1e fa 64 8b 04 25 18 00 00 00 85 c0 75 10 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 51 c3 48 83 ec 28 48 89 54 24 18 48 89 74 24
RSP: 002b:00007ffd3792a4a8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007fd4460c57a7
RDX: 0000000000000002 RSI: 000055b43c02e4c0 RDI: 0000000000000001
RBP: 000055b43c02e4c0 R08: 000000000000000a R09: 00007fd44615b4e0
R10: 00007fd44615b3e0 R11: 0000000000000246 R12: 0000000000000002
R13: 00007fd446198520 R14: 0000000000000002 R15: 00007fd446198700
</TASK>
Signed-off-by: Chaitanya Kulkarni <kch@nvidia.com>
Reviewed-by: Damien Le Moal <dlemoal@kernel.org>
Reviewed-by: Ming Lei <ming.lei@redhat.com>
Reviewed-by: Nitesh Shetty <nj.shetty@samsung.com>
Link: https://lore.kernel.org/r/20230416220339.43845-1-kch@nvidia.com
Signed-off-by: Jens Axboe <axboe@kernel.dk>
Signed-off-by: Sasha Levin <sashal@kernel.org>
|
|
This is the 5.15.112 stable release
# -----BEGIN PGP SIGNATURE-----
#
# iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAmRko9oACgkQONu9yGCS
# aT5neg//UG0ODb4jF2GlJpV0a6aWibqEUMC8j/u8y1T8rwbUgWI/uSryKHjmF7wI
# SNiS027coajg/gQdpBFy7DjXYyZjb/ywvdbymAN2wgn4d2UFHvWlcV6b/RdnOUxz
# bFTDgGL5kJlm2RM73o3elkm/WTuG/McTyW8pWuh1EDgkhZN8Gq/hPWQ5qiv/yK77
# YVt6vMDNWMkDfiJm81an9eFklOXuMyzhjrOi/8CcLcJDuhytKxBd7EKNjIC51CfC
# ixtNnufj4UdYceHFznolEGO6WndYRUyZpVJLHT4xG9LtMiQLfSbBxFEvClP7Cegi
# I+oqAgd57ZZR6Kz+2THyG+xKc3NH/wS2GtDTPpGo9QRaxhVCp8RU6vYzz9H4p/wR
# qt+7PE4RYnWoUdZLj9iecA1XyDMZNuXYcYnNWuWdkWRJtzqhgyAzPxyF5fDJNKYa
# 7okEBxMUKPgpW3RUD52syr2J0n4gRLWBYW7FTeM+x+IU2qJt8hvIJe6iiRjvrVvV
# npzfCZLrS46zLhijzjXc3HyAAQ1oeDJnlEzidyLPrtcpbvgwv2hsk459t9766B1K
# WoHnMmEh0ZSjNVyZx4jqsJZdaLaQq7Bl09FVps/adzIhg1zv7Cl9LA/+oBakn0sj
# 8J+1xSHLmdJG/wk0SRZ7ciQhauvdaDh4EaXBx5aei4ic7VxlSa4=
# =MkDo
# -----END PGP SIGNATURE-----
# gpg: Signature made Wed 17 May 2023 05:52:26 AM EDT
# gpg: using RSA key 647F28654894E3BD457199BE38DBBDC86092693E
# gpg: Can't check signature: No public key
|
|
commit 3899d94e3831ee07ea6821c032dc297aec80586a upstream.
When we receive a flush command (or "barrier" in DRBD), we currently use
a REQ_OP_FLUSH with the REQ_PREFLUSH flag set.
The correct way to submit a flush bio is by using a REQ_OP_WRITE without
any data, and set the REQ_PREFLUSH flag.
Since commit b4a6bb3a67aa ("block: add a sanity check for non-write
flush/fua bios"), this triggers a warning in the block layer, but this
has been broken for quite some time before that.
So use the correct set of flags to actually make the flush happen.
Cc: Christoph Hellwig <hch@infradead.org>
Cc: stable@vger.kernel.org
Fixes: f9ff0da56437 ("drbd: allow parallel flushes for multi-volume resources")
Reported-by: Thomas Voegtle <tv@lio96.de>
Signed-off-by: Christoph Böhmwalder <christoph.boehmwalder@linbit.com>
Reviewed-by: Christoph Hellwig <hch@lst.de>
Link: https://lore.kernel.org/r/20230503121937.17232-1-christoph.boehmwalder@linbit.com
Signed-off-by: Jens Axboe <axboe@kernel.dk>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
|
This is the 5.15.106 stable release
# -----BEGIN PGP SIGNATURE-----
#
# iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAmQtPnQACgkQONu9yGCS
# aT7Qzw/9EAIy/ZZ10znJJlb7Xtq/BsP/nKrzTXDD0MN1LHbJerBjpdWz/DGkz+nA
# Aqp5EF/ntiJ2+kMq0fzufkVdAI08zX7Utn3KJ9cqyptGd5d3NqigecFvTG0k5bNy
# NYn2aMKT84ieiwyMTX89N5sy53iXQnugE8x0bFqlLKiVf/IVl43KpPSUzHJhwtxT
# vFPMRRirzJfkHc7F7T7bh1D/oenPgwbzTMOyZwBpqOmXlb1IIdIGOuG4N/81BL52
# vwF3HR+lN1UKmwHt8d5hKxXG/eldzoEGPVH4sK2K+b88UB39CPMMk/mgFtMAyXOf
# XVYfcb9g7LBzCOcUB26bbOZ7/h6nhUe47Zxceaot1ksAtNJecPLhk8urIxPJSngx
# AdmYEKklt+XrmRtKPxpkW+FWXAPalGylgvjp4dwgJIK6z/Ik0OzUxaLaBGDtCKIF
# Xxbj4JkiA3wNxjCxdNLm6PanG2hupa8w64YC7cBFgnu+FKOO9lnODHnBjdMpsYan
# nhN3rpvAb8JEiZVbQ1+GebSVmrM7dypMTq4ISzASf9qJFLltzHaVEWj+6voASbv/
# 1PWNeHnb5FE/CYXX8H8PiFK+kz7CzUIjdiZrKhGteQo3uAzyRiV+Fp6ZhideiYeh
# HCSWW0yNfMtYU5p1hgPOyHflgjN6XM4a+sAwTk6FkFivQFC368o=
# =MyxX
# -----END PGP SIGNATURE-----
# gpg: Signature made Wed 05 Apr 2023 05:25:08 AM EDT
# gpg: using RSA key 647F28654894E3BD457199BE38DBBDC86092693E
# gpg: Can't check signature: No public key
|
Bruce Ashfield
Zhu Yanjun
Chun-Yi Lee
Navid Emamdoost
Christoph Hellwig
Zhong Jinghua
Yi Sun
Kees Cook
Ilya Dryomov
Keith Busch
zhenwei pi
Dan Carpenter
Ross Lagerwall
Guoqing Jiang
Ivan Orlov
Chaitanya Kulkarni
Christoph Böhmwalder