Linux/linux e60b5f7arch/powerpc/platforms/powernv pci-ioda.c pci.c

Merge tag 'powerpc-5.0-6' of git://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux

Pull powerpc fix from Michael Ellerman:
 "One fix for an oops when using SRIOV, introduced by the recent changes
  to support compound IOMMU groups.

  Thanks to Alexey Kardashevskiy"

* tag 'powerpc-5.0-6' of git://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux:
  powerpc/powernv/sriov: Register IOMMU groups for VFs

Linux/linux 6089a91drivers/scsi sd_zbc.c libiscsi.c, drivers/scsi/libsas sas_expander.c

Merge tag 'scsi-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi

Pull SCSI fixes from James Bottomley:
 "Four small fixes: three in drivers and one in the core.

  The core fix is also minor in scope since the bug it fixes is only
  known to affect systems using SCSI reservations. Of the driver bugs,
  the libsas one is the most major because it can lead to multiple disks
  on the same expander not being exposed"

* tag 'scsi-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi:
  scsi: core: reset host byte in DID_NEXUS_FAILURE case
  scsi: libsas: Fix rphy phy_identifier for PHYs with end devices attached
  scsi: sd_zbc: Fix sd_zbc_report_zones() buffer allocation
  scsi: libiscsi: Fix race between iscsi_xmit_task and iscsi_complete_task

Linux/linux cb268d8include/keys user-type.h, security/keys keyring.c proc.c

Merge branch 'fixes-v5.0-rc7' of 
git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security

Pull keys fixes from James Morris:
 "Two fixes from Eric Biggers"

* 'fixes-v5.0-rc7' of 
git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security:
  KEYS: always initialize keyring_index_key::desc_len
  KEYS: user: Align the payload buffer

Linux/linux ef4edb3drivers/base/power runtime.c, drivers/cpufreq scmi-cpufreq.c

Merge tag 'pm-5.0' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm

Pull power management fixes from Rafael Wysocki:
 "These fix a regression in the PM-runtime framework introduced by the
  recent switch-over of it to using hrtimers and a use-after-free
  introduced by one of the recent changes in the scmi-cpufreq driver.

  Specifics:

   - Use hrtimer_try_to_cancel() instead of hrtimer_cancel() in the
     PM-runtime framework to avoid a possible timer-related deadlock
     introduced recently (Vincent Guittot).

   - Reorder the scmi-cpufreq driver code to avoid accessing memory that
     has just been freed (Yangtao Li)"

* tag 'pm-5.0' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm:
  PM-runtime: Fix deadlock when canceling hrtimer
  cpufreq: scmi: Fix use-after-free in scmi_cpufreq_exit()

Linux/linux 9053d2darch/arm/boot/dts armada-xp-lenovo-ix4-300d.dts armada-xp-db.dts

Merge tag 'armsoc-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/soc/soc

Pull ARM SoC fixes from Arnd Bergmann:
 "Only a handful of device tree fixes, all simple enough:

  NVIDIA Tegra:
   - Fix a regression for booting on chromebooks

  TI OMAP:
   - Two fixes PHY mode on am335x reference boards

  Marvell mvebu:
   - A regression fix for Armada XP NAND flash controllers
   - An incorrect reset signal on the clearfog board"

* tag 'armsoc-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/soc/soc:
  ARM: tegra: Restore DT ABI on Tegra124 Chromebooks
  ARM: dts: am335x-evm: Fix PHY mode for ethernet
  ARM: dts: am335x-evmsk: Fix PHY mode for ethernet
  arm64: dts: clearfog-gt-8k: fix SGMII PHY reset signal
  ARM: dts: armada-xp: fix Armada XP boards NAND description

Linux/linux 2cc63b3arch/arc Kconfig, arch/arc/include/asm entry-arcv2.h cache.h

Merge tag 'arc-5.0-final' of git://git.kernel.org/pub/scm/linux/kernel/git/vgupta/arc

Pull ARC fixes from Vineet Gupta:
 "Fixes for ARC for 5.0, bunch of those are stable fodder anyways so
  sooner the better.

   - Fix memcpy to prevent prefetchw beyond end of buffer [Eugeniy]

   - Enable unaligned access early to prevent exceptions given newer gcc
     code gen [Eugeniy]

   - Tighten up uboot arg checking to prevent false negatives and also
     allow both jtag and bootloading to coexist w/o config option as
     needed by kernelCi folks [Eugeniy]

   - Set slab alignment to 8 for ARC to avoid the atomic64_t unalign
     [Alexey]

   - Disable regfile auto save on interrupts on HSDK platform due to a
     silicon issue [Vineet]

   - Avoid HS38x boot printing crash by not reading HS48x only reg
     [Vineet]"

* tag 'arc-5.0-final' of git://git.kernel.org/pub/scm/linux/kernel/git/vgupta/arc:

    [9 lines not shown]

Linux/linux 8456e98. CREDITS MAINTAINERS, arch/parisc/kernel ptrace.c

Merge branch 'parisc-5.0-1' of 
git://git.kernel.org/pub/scm/linux/kernel/git/deller/parisc-linux

Pull parisc fixes from Helge Deller:
 "Fix ptrace syscall number modification which has been broken since
  kernel v4.5 and provide alternative email addresses for the remaining
  users of the retired parisc-linux.org email domain"

* 'parisc-5.0-1' of git://git.kernel.org/pub/scm/linux/kernel/git/deller/parisc-linux:
  CREDITS/MAINTAINERS: Retire parisc-linux.org email domain
  parisc: Fix ptrace syscall number modification

Linux/linux 77dc118arch/sh/boot/dts Makefile, scripts kallsyms.c

Merge tag 'kbuild-fixes-v5.0-2' of 
git://git.kernel.org/pub/scm/linux/kernel/git/masahiroy/linux-kbuild

Pull more Kbuild fixes from Masahiro Yamada:

 - fix scripts/kallsyms.c to correctly check too long symbol names

 - fix sh build error for the combination of CONFIG_OF_EARLY_FLATTREE=y
   and CONFIG_USE_BUILTIN_DTB=n

* tag 'kbuild-fixes-v5.0-2' of 
git://git.kernel.org/pub/scm/linux/kernel/git/masahiroy/linux-kbuild:
  sh: fix build error for invisible CONFIG_BUILTIN_DTB_SOURCE
  kallsyms: Handle too long symbols in kallsyms.c

Linux/linux 6ee2846drivers/gpu/drm/amd/amdgpu sdma_v4_0.c, drivers/gpu/drm/amd/display/amdgpu_dm amdgpu_dm.c

Merge tag 'drm-fixes-2019-02-22' of git://anongit.freedesktop.org/drm/drm

Pull drm fixes from Dave Airlie:
 "This contains a single i915 tiled display fix, and a set of
  amdgpu/radeon fixes.

  i915:

   - tiled display fix

  amdgpu/radeon:

   - runtime PM fix

   - bulk moves disable (fix is too large for 5.0)

   - a set of display fixes that are all cc'ed stable so we didn't want
     to leave them until -next"

* tag 'drm-fixes-2019-02-22' of git://anongit.freedesktop.org/drm/drm:
  drm/amdgpu: disable bulk moves for now
  drm/amd/display: set clocks to 0 on suspend on dce80
  drm/amd/display: fix optimize_bandwidth func pointer for dce80
  drm/amd/display: Fix negative cursor pos programming
  drm/i915/fbdev: Actually configure untiled displays

    [5 lines not shown]

Linux/linux 168bd29drivers/infiniband/hw/cxgb4 device.c, drivers/infiniband/ulp/srp ib_srp.c

Merge tag 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/rdma/rdma

Pull rdma fixes from Jason Gunthorpe:
 "Small set of three regression fixing patches, things are looking
  pretty good here.

   - Fix cxgb4 to work again with non-4k page sizes

   - NULL pointer oops in SRP during sg_reset"

* tag 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/rdma/rdma:
  iw_cxgb4: cq/qp mask depends on bar2 pages in a host page
  cxgb4: Export sge_host_page_size to ulds
  RDMA/srp: Rework SCSI device reset handling

Linux/linux ede0fa9security/keys keyring.c proc.c

KEYS: always initialize keyring_index_key::desc_len

syzbot hit the 'BUG_ON(index_key->desc_len == 0);' in __key_link_begin()
called from construct_alloc_key() during sys_request_key(), because the
length of the key description was never calculated.

The problem is that we rely on ->desc_len being initialized by
search_process_keyrings(), specifically by search_nested_keyrings().
But, if the process isn't subscribed to any keyrings that never happens.

Fix it by always initializing keyring_index_key::desc_len as soon as the
description is set, like we already do in some places.

The following program reproduces the BUG_ON() when it's run as root and
no session keyring has been installed.  If it doesn't work, try removing
pam_keyinit.so from /etc/pam.d/login and rebooting.

    #include <stdlib.h>
    #include <unistd.h>
    #include <keyutils.h>

    int main(void)
    {
            int id = add_key("keyring", "syz", NULL, 0, KEY_SPEC_USER_KEYRING);


    [11 lines not shown]

Linux/linux cc1780finclude/keys user-type.h

KEYS: user: Align the payload buffer

Align the payload of "user" and "logon" keys so that users of the
keyrings service can access it as a struct that requires more than
2-byte alignment.  fscrypt currently does this which results in the read
of fscrypt_key::size being misaligned as it needs 4-byte alignment.

Align to __alignof__(u64) rather than __alignof__(long) since in the
future it's conceivable that people would use structs beginning with
u64, which on some platforms would require more than 'long' alignment.

Reported-by: Aaro Koskinen <aaro.koskinen at iki.fi>
Fixes: 2aa349f6e37c ("[PATCH] Keys: Export user-defined keyring operations")
Fixes: 88bd6ccdcdd6 ("ext4 crypto: add encryption key management facilities")
Cc: stable at vger.kernel.org
Signed-off-by: Eric Biggers <ebiggers at google.com>
Tested-by: Aaro Koskinen <aaro.koskinen at iki.fi>
Signed-off-by: David Howells <dhowells at redhat.com>
Signed-off-by: James Morris <james.morris at microsoft.com>

Linux/linux a3504f7drivers/clk/at91 at91sam9x5.c sama5d2.c, drivers/clk/sunxi-ng ccu-sun6i-a31.c ccu-sun8i-v3s.c

Merge tag 'clk-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/clk/linux

Pull clk fixes from Stephen Boyd:
 "A few more fixes for clk drivers causing regressions this release.

  Two Allwinner index fixes for A31 and V3 and two Microchip AT91 fixes
  for an incorrect clk parent linkage and a miscalculated number of
  clks"

* tag 'clk-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/clk/linux:
  clk: at91: fix masterck name
  clk: at91: fix at91sam9x5 peripheral clock number
  clk: sunxi: A31: Fix wrong AHB gate number
  clk: sunxi-ng: v3s: Fix TCON reset de-assert bit

Linux/linux 2f8b1cearch/arm/boot/dts armada-xp-lenovo-ix4-300d.dts armada-xp-db.dts, arch/arm64/boot/dts/marvell armada-8040-clearfog-gt-8k.dts

Merge tag 'mvebu-fixes-5.0-2' of git://git.infradead.org/linux-mvebu into arm/fixes

mvebu fixes for 5.0 (part 2)

Fix PHY reset signal on clearfog gt 8K (Armada 8040 based)
Fix NAND description on Armada XP boards which was broken since a few
release

* tag 'mvebu-fixes-5.0-2' of git://git.infradead.org/linux-mvebu:
  arm64: dts: clearfog-gt-8k: fix SGMII PHY reset signal
  ARM: dts: armada-xp: fix Armada XP boards NAND description

Signed-off-by: Arnd Bergmann <arnd at arndb.de>

Linux/linux 3858bfcarch/arm/boot/dts am335x-evmsk.dts am335x-evm.dts

Merge tag 'omap-for-v5.0/fixes-rc7-signed' of 
git://git.kernel.org/pub/scm/linux/kernel/git/tmlind/linux-omap into arm/fixes

Two am335x ethernet phy mode fixes for v5.0-rc cycle

Recent changes with commit cd28d1d6e52e: ("net: phy: at803x: Disable phy
delay for RGMII mode") broke Ethernet on am335x-evmsk, and turns out some
device driver fixes are needed.

Even without the driver fixes, am335x needs to run in rgmii-id mode instead
rgmii-txid mode. Things have been working based on luck as the broken driver
has been configuring rgmii-id mode. Let's fix that as that way things work
as they're supposed to work from hardware wiring point of view.

* tag 'omap-for-v5.0/fixes-rc7-signed' of 
git://git.kernel.org/pub/scm/linux/kernel/git/tmlind/linux-omap:
  ARM: dts: am335x-evm: Fix PHY mode for ethernet
  ARM: dts: am335x-evmsk: Fix PHY mode for ethernet

Signed-off-by: Arnd Bergmann <arnd at arndb.de>

Linux/linux 5b317cbdrivers/cpufreq scmi-cpufreq.c

Merge branch 'pm-cpufreq-fixes'

* pm-cpufreq-fixes:
  cpufreq: scmi: Fix use-after-free in scmi_cpufreq_exit()

Linux/linux 019276edrivers/gpu/drm/amd/amdgpu sdma_v4_0.c, drivers/gpu/drm/amd/display/amdgpu_dm amdgpu_dm.c

Merge branch 'drm-fixes-5.0' of git://people.freedesktop.org/~agd5f/linux into drm-fixes

A bit bigger than normal for this week due to fixes for some long
standing display issues that are bound for stable.  These changes would
be going to stable anyway, so I figured it was better via 5.0 than 5.1.
- Several display fixes
- Fix PX systems due to core changes in runtime pm
- Disable bulk moves.  They are fixed in 5.1, but fix is too invasive for 5.0

Signed-off-by: Dave Airlie <airlied at redhat.com>
From: Alex Deucher <alexdeucher at gmail.com>
Link: 
https://patchwork.freedesktop.org/patch/msgid/20190220225715.3240-1-alexander.deucher at amd.com

Linux/linux 7b2e932arch/arc/include/asm arcregs.h, arch/arc/kernel setup.c

ARCv2: don't assume core 0x54 has dual issue

The first release of core4 (0x54) was dual issue only (HS4x).
Newer releases allow hardware to be configured as single issue (HS3x)
or dual issue.

Prevent accessing a HS4x only aux register in HS3x, which otherwise
leads to illegal instruction exceptions

Signed-off-by: Vineet Gupta <vgupta at synopsys.com>

Linux/linux 71d73a0. CREDITS MAINTAINERS

CREDITS/MAINTAINERS: Retire parisc-linux.org email domain

Retire the parisc-linux.org email domain and provide alternative email
addresses for the remaining users, as agreed upon with them.

Signed-off-by: Helge Deller <deller at gmx.de>
DeltaFile
+9-11CREDITS
+2-3MAINTAINERS
+11-142 files

Linux/linux b7dc5a0arch/parisc/kernel ptrace.c

parisc: Fix ptrace syscall number modification

Commit 910cd32e552e ("parisc: Fix and enable seccomp filter support")
introduced a regression in ptrace-based syscall tampering: when tracer
changes syscall number to -1, the kernel fails to initialize %r28 with
-ENOSYS and subsequently fails to return the error code of the failed
syscall to userspace.

This erroneous behaviour could be observed with a simple strace syscall
fault injection command which is expected to print something like this:

$ strace -a0 -ewrite -einject=write:error=enospc echo hello
write(1, "hello\n", 6) = -1 ENOSPC (No space left on device) (INJECTED)
write(2, "echo: ", 6) = -1 ENOSPC (No space left on device) (INJECTED)
write(2, "write error", 11) = -1 ENOSPC (No space left on device) (INJECTED)
write(2, "\n", 1) = -1 ENOSPC (No space left on device) (INJECTED)
+++ exited with 1 +++

After commit 910cd32e552ea09caa89cdbe328e468979b030dd it loops printing
something like this instead:

write(1, "hello\n", 6../strace: Failed to tamper with process 12345: unexpectedly got no 
error (return value 0, error 0)
) = 0 (INJECTED)


    [7 lines not shown]

Linux/linux b6835eaarch/arc/include/asm cache.h

ARC: define ARCH_SLAB_MINALIGN = 8

The default value of ARCH_SLAB_MINALIGN in "include/linux/slab.h" is
"__alignof__(unsigned long long)" which for ARC unexpectedly turns out
to be 4. This is not a compiler bug, but as defined by ARC ABI [1]

Thus slab allocator would allocate a struct which is 32-bit aligned,
which is generally OK even if struct has long long members.
There was however potetial problem when it had any atomic64_t which
use LLOCKD/SCONDD instructions which are required by ISA to take
64-bit addresses. This is the problem we ran into

[    4.015732] EXT4-fs (mmcblk0p2): re-mounted. Opts: (null)
[    4.167881] Misaligned Access
[    4.172356] Path: /bin/busybox.nosuid
[    4.176004] CPU: 2 PID: 171 Comm: rm Not tainted 4.19.14-yocto-standard #1
[    4.182851]
[    4.182851] [ECR   ]: 0x000d0000 => Check Programmer's Manual
[    4.190061] [EFA   ]: 0xbeaec3fc
[    4.190061] [BLINK ]: ext4_delete_entry+0x210/0x234
[    4.190061] [ERET  ]: ext4_delete_entry+0x13e/0x234
[    4.202985] [STAT32]: 0x80080002 : IE K
[    4.207236] BTA: 0x9009329c   SP: 0xbe5b1ec4  FP: 0x00000000
[    4.212790] LPS: 0x9074b118  LPE: 0x9074b120 LPC: 0x00000000
[    4.218348] r00: 0x00000040  r01: 0x00000021 r02: 0x00000001

    [24 lines not shown]

Linux/linux 493a2f8arch/arc Kconfig, arch/arc/configs vdk_hs38_smp_defconfig vdk_hs38_defconfig

ARC: enable uboot support unconditionally

After reworking U-boot args handling code and adding paranoid
arguments check we can eliminate CONFIG_ARC_UBOOT_SUPPORT and
enable uboot support unconditionally.

For JTAG case we can assume that core registers will come up
reset value of 0 or in worst case we rely on user passing
'-on=clear_regs' to Metaware debugger.

Cc: stable at vger.kernel.org
Tested-by: Corentin LABBE <clabbe at baylibre.com>
Signed-off-by: Eugeniy Paltsev <Eugeniy.Paltsev at synopsys.com>
Signed-off-by: Vineet Gupta <vgupta at synopsys.com>

Linux/linux a66f2e5arch/arc/kernel setup.c head.S

ARC: U-boot: check arguments paranoidly

Handle U-boot arguments paranoidly:
 * don't allow to pass unknown tag.
 * try to use external device tree blob only if corresponding tag
   (TAG_DTB) is set.
 * don't check uboot_tag if kernel build with no ARC_UBOOT_SUPPORT.

NOTE:
If U-boot args are invalid we skip them and try to use embedded device
tree blob. We can't panic on invalid U-boot args as we really pass
invalid args due to bug in U-boot code.
This happens if we don't provide external DTB to U-boot and
don't set 'bootargs' U-boot environment variable (which is default
case at least for HSDK board) In that case we will pass
{r0 = 1 (bootargs in r2); r1 = 0; r2 = 0;} to linux which is invalid.

While I'm at it refactor U-boot arguments handling code.

Cc: stable at vger.kernel.org
Tested-by: Corentin LABBE <clabbe at baylibre.com>
Signed-off-by: Eugeniy Paltsev <Eugeniy.Paltsev at synopsys.com>
Signed-off-by: Vineet Gupta <vgupta at synopsys.com>

Linux/linux e494239arch/arc Kconfig, arch/arc/include/asm entry-arcv2.h

ARCv2: support manual regfile save on interrupts

There's a hardware bug which affects the HSDK platform, triggered by
micro-ops for auto-saving regfile on taken interrupt. The workaround is
to inhibit autosave.

Signed-off-by: Vineet Gupta <vgupta at synopsys.com>

Linux/linux d5e3c55arch/arc/include/asm uaccess.h

ARC: uacces: remove lp_start, lp_end from clobber list

Newer ARC gcc handles lp_start, lp_end in a different way and doesn't
like them in the clobber list.

Signed-off-by: Vineet Gupta <vgupta at synopsys.com>

Linux/linux cdf9296arch/arc/kernel setup.c

ARC: fix actionpoints configuration detection

Fix reversed logic while actionpoints configuration (full/min)
detection.

Fixies: 7dd380c338f1e ("ARC: boot log: print Action point details")
Signed-off-by: Eugeniy Paltsev <Eugeniy.Paltsev at synopsys.com>
Signed-off-by: Vineet Gupta <vgupta at synopsys.com>

Linux/linux f8a15f9arch/arc/lib memcpy-archs.S

ARCv2: lib: memcpy: fix doing prefetchw outside of buffer

ARCv2 optimized memcpy uses PREFETCHW instruction for prefetching the
next cache line but doesn't ensure that the line is not past the end of
the buffer. PRETECHW changes the line ownership and marks it dirty,
which can cause data corruption if this area is used for DMA IO.

Fix the issue by avoiding the PREFETCHW. This leads to performance
degradation but it is OK as we'll introduce new memcpy implementation
optimized for unaligned memory access using.

We also cut off all PREFETCH instructions at they are quite useless
here:
 * we call PREFETCH right before LOAD instruction call.
 * we copy 16 or 32 bytes of data (depending on CONFIG_ARC_HAS_LL64)
   in a main logical loop. so we call PREFETCH 4 times (or 2 times)
   for each L1 cache line (in case of 64B L1 cache Line which is
   default case). Obviously this is not optimal.

Signed-off-by: Eugeniy Paltsev <Eugeniy.Paltsev at synopsys.com>
Signed-off-by: Vineet Gupta <vgupta at synopsys.com>

Linux/linux 252f6e8arch/arc/kernel head.S

ARCv2: Enable unaligned access in early ASM code

It is currently done in arc_init_IRQ() which might be too late
considering gcc 7.3.1 onwards (GNU 2018.03) generates unaligned
memory accesses by default

Cc: stable at vger.kernel.org #4.4+
Signed-off-by: Eugeniy Paltsev <Eugeniy.Paltsev at synopsys.com>
Signed-off-by: Vineet Gupta <vgupta at synopsys.com>
[vgupta: rewrote changelog]

Linux/linux 8a61716fs/ceph snap.c, net/ceph messenger.c

Merge tag 'ceph-for-5.0-rc8' of git://github.com/ceph/ceph-client

Pull ceph fixes from Ilya Dryomov:
 "Two bug fixes for old issues, both marked for stable"

* tag 'ceph-for-5.0-rc8' of git://github.com/ceph/ceph-client:
  ceph: avoid repeatedly adding inode to mdsc->snap_flush_list
  libceph: handle an empty authorize reply

Linux/linux d6622d9arch/arm64/include/asm neon-intrinsics.h, arch/arm64/kernel ptrace.c head.S

Merge tag 'arm64-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux

Pull late arm64 fixes from Will Deacon:
 "Three small arm64 fixes for 5.0.

  They fix a build breakage with clang introduced in 4.20, an oversight
  in our sigframe restoration relating to the SSBS bit and a boot fix
  for systems with newer revisions of our interrupt controller.

  Summary:

   - Fix handling of PSTATE.SSBS bit in sigreturn()

   - Fix version checking of the GIC during early boot

   - Fix clang builds failing due to use of NEON in the crypto code"

* tag 'arm64-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux:
  arm64: Relax GIC version check during early boot
  arm64/neon: Disable -Wincompatible-pointer-types when building with Clang
  arm64: fix SSBS sanitization

Linux/linux 7c90325mm slub.c memory_hotplug.c, mm/kasan common.c

Merge branch 'akpm' (patches from Andrew)

Merge misc fixes from Andrew Morton:
 "23 fixes"

* emailed patches from Andrew Morton <akpm at linux-foundation.org>: (23 commits)
  mm, memory_hotplug: fix off-by-one in is_pageblock_removable
  mm: don't let userspace spam allocations warnings
  slub: fix a crash with SLUB_DEBUG + KASAN_SW_TAGS
  kasan, slab: remove redundant kasan_slab_alloc hooks
  kasan, slab: make freelist stored without tags
  kasan, slab: fix conflicts with CONFIG_HARDENED_USERCOPY
  kasan: prevent tracing of tags.c
  kasan: fix random seed generation for tag-based mode
  tmpfs: fix link accounting when a tmpfile is linked in
  psi: avoid divide-by-zero crash inside virtual machines
  mm: handle lru_add_drain_all for UP properly
  mm, page_alloc: fix a division by zero error when boosting watermarks v2
  mm/debug.c: fix __dump_page() for poisoned pages
  proc, oom: do not report alien mms when setting oom_score_adj
  slub: fix SLAB_CONSISTENCY_CHECKS + KASAN_SW_TAGS
  kasan, slub: fix more conflicts with CONFIG_SLAB_FREELIST_HARDENED
  kasan, slub: fix conflicts with CONFIG_SLAB_FREELIST_HARDENED
  kasan, slub: move kasan_poison_slab hook before page_address
  kmemleak: account for tagged pointers when calculating pointer range

    [2 lines not shown]

Linux/linux 6c8fcc0mm util.c

mm: don't let userspace spam allocations warnings

memdump_user usually gets fed unchecked userspace input.  Blasting a
full backtrace into dmesg every time is a bit excessive - I'm not sure
on the kernel rule in general, but at least in drm we're trying not to
let unpriviledge userspace spam the logs freely.  Definitely not entire
warning backtraces.

It also means more filtering for our CI, because our testsuite exercises
these corner cases and so hits these a lot.

Link: http://lkml.kernel.org/r/20190220204058.11676-1-daniel.vetter at ffwll.ch
Signed-off-by: Daniel Vetter <daniel.vetter at intel.com>
Reviewed-by: Andrew Morton <akpm at linux-foundation.org>
Acked-by: Michal Hocko <mhocko at suse.com>
Reviewed-by: Kees Cook <keescook at chromium.org>
Cc: Mike Rapoport <rppt at linux.vnet.ibm.com>
Cc: Roman Gushchin <guro at fb.com>
Cc: Vlastimil Babka <vbabka at suse.cz>
Cc: Jan Stancek <jstancek at redhat.com>
Cc: Andrey Ryabinin <aryabinin at virtuozzo.com>
Cc: "Michael S. Tsirkin" <mst at redhat.com>
Cc: Huang Ying <ying.huang at intel.com>
Cc: Bartosz Golaszewski <brgl at bgdev.pl>
Signed-off-by: Andrew Morton <akpm at linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds at linux-foundation.org>
DeltaFile
+1-1mm/util.c
+1-11 files

Linux/linux 891cb2amm memory_hotplug.c

mm, memory_hotplug: fix off-by-one in is_pageblock_removable

Rong Chen has reported the following boot crash:

    PGD 0 P4D 0
    Oops: 0000 [#1] PREEMPT SMP PTI
    CPU: 1 PID: 239 Comm: udevd Not tainted 5.0.0-rc4-00149-gefad4e4 #1
    Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.10.2-1 04/01/2014
    RIP: 0010:page_mapping+0x12/0x80
    Code: 5d c3 48 89 df e8 0e ad 02 00 85 c0 75 da 89 e8 5b 5d c3 0f 1f 44 00 00 53 48 89 
fb 48 8b 43 08 48 8d 50 ff a8 01 48 0f 45 da <48> 8b 53 08 48 8d 42 ff 83 e2 01 48 0f 44 
c3 48 83 38 ff 74 2f 48
    RSP: 0018:ffff88801fa87cd8 EFLAGS: 00010202
    RAX: ffffffffffffffff RBX: fffffffffffffffe RCX: 000000000000000a
    RDX: fffffffffffffffe RSI: ffffffff820b9a20 RDI: ffff88801e5c0000
    RBP: 6db6db6db6db6db7 R08: ffff88801e8bb000 R09: 0000000001b64d13
    R10: ffff88801fa87cf8 R11: 0000000000000001 R12: ffff88801e640000
    R13: ffffffff820b9a20 R14: ffff88801f145258 R15: 0000000000000001
    FS:  00007fb2079817c0(0000) GS:ffff88801dd00000(0000) knlGS:0000000000000000
    CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
    CR2: 0000000000000006 CR3: 000000001fa82000 CR4: 00000000000006a0
    Call Trace:
     __dump_page+0x14/0x2c0
     is_mem_section_removable+0x24c/0x2c0
     removable_show+0x87/0xa0

    [41 lines not shown]
DeltaFile
+15-12mm/memory_hotplug.c
+15-121 files

Linux/linux 311ade0mm debug.c

mm/debug.c: fix __dump_page() for poisoned pages

Evaluating page_mapping() on a poisoned page ends up dereferencing junk
and making PF_POISONED_CHECK() considerably crashier than intended:

    Unable to handle kernel NULL pointer dereference at virtual address 0000000000000006
    Mem abort info:
      ESR = 0x96000005
      Exception class = DABT (current EL), IL = 32 bits
      SET = 0, FnV = 0
      EA = 0, S1PTW = 0
    Data abort info:
      ISV = 0, ISS = 0x00000005
      CM = 0, WnR = 0
    user pgtable: 4k pages, 39-bit VAs, pgdp = 00000000c2f6ac38
    [0000000000000006] pgd=0000000000000000, pud=0000000000000000
    Internal error: Oops: 96000005 [#1] PREEMPT SMP
    Modules linked in:
    CPU: 2 PID: 491 Comm: bash Not tainted 5.0.0-rc1+ #1
    Hardware name: ARM LTD ARM Juno Development Platform/ARM Juno Development Platform, 
BIOS EDK II Dec 17 2018
    pstate: 00000005 (nzcv daif -PAN -UAO)
    pc : page_mapping+0x18/0x118
    lr : __dump_page+0x1c/0x398
    Process bash (pid: 491, stack limit = 0x000000004ebd4ecd)

    [45 lines not shown]
DeltaFile
+3-1mm/debug.c
+3-11 files

Linux/linux 6373dcamm slub.c

slub: fix a crash with SLUB_DEBUG + KASAN_SW_TAGS

In process_slab(), "p = get_freepointer()" could return a tagged
pointer, but "addr = page_address()" always return a native pointer.  As
the result, slab_index() is messed up here,

    return (p - addr) / s->size;

All other callers of slab_index() have the same situation where "addr"
is from page_address(), so just need to untag "p".

    # cat /sys/kernel/slab/hugetlbfs_inode_cache/alloc_calls

    Unable to handle kernel paging request at virtual address 2bff808aa4856d48
    Mem abort info:
      ESR = 0x96000007
      Exception class = DABT (current EL), IL = 32 bits
      SET = 0, FnV = 0
      EA = 0, S1PTW = 0
    Data abort info:
      ISV = 0, ISS = 0x00000007
      CM = 0, WnR = 0
    swapper pgtable: 64k pages, 48-bit VAs, pgdp = 0000000002498338
    [2bff808aa4856d48] pgd=00000097fcfd0003, pud=00000097fcfd0003, pmd=00000097fca30003, 
pte=00e8008b24850712

    [55 lines not shown]
DeltaFile
+1-1mm/slub.c
+1-11 files

Linux/linux 6ea183dmm swap.c

mm: handle lru_add_drain_all for UP properly

Since for_each_cpu(cpu, mask) added by commit 2d3854a37e8b767a
("cpumask: introduce new API, without changing anything") did not
evaluate the mask argument if NR_CPUS == 1 due to CONFIG_SMP=n,
lru_add_drain_all() is hitting WARN_ON() at __flush_work() added by
commit 4d43d395fed12463 ("workqueue: Try to catch flush_work() without
INIT_WORK().") by unconditionally calling flush_work() [1].

Workaround this issue by using CONFIG_SMP=n specific lru_add_drain_all
implementation.  There is no real need to defer the implementation to
the workqueue as the draining is going to happen on the local cpu.  So
alias lru_add_drain_all to lru_add_drain which does all the necessary
work.

[akpm at linux-foundation.org: fix various build warnings]
[1] https://lkml.kernel.org/r/18a30387-6aa5-6123-e67c-57579ecc3f38 at roeck-us.net
Link: http://lkml.kernel.org/r/20190213124334.GH4525 at dhcp22.suse.cz
Signed-off-by: Michal Hocko <mhocko at suse.com>
Reported-by: Guenter Roeck <linux at roeck-us.net>
Debugged-by: Tetsuo Handa <penguin-kernel at I-love.SAKURA.ne.jp>
Cc: Tejun Heo <tj at kernel.org>
Signed-off-by: Andrew Morton <akpm at linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds at linux-foundation.org>
DeltaFile
+10-7mm/swap.c
+10-71 files

Linux/linux 219667cmm slab.c

kasan, slab: fix conflicts with CONFIG_HARDENED_USERCOPY

Similarly to commit 96fedce27e13 ("kasan: make tag based mode work with
CONFIG_HARDENED_USERCOPY"), we need to reset pointer tags in
__check_heap_object() in mm/slab.c before doing any pointer math.

Link: 
http://lkml.kernel.org/r/9a5c0f958db10e69df5ff9f2b997866b56b7effc.1550602886.git.andreyknvl at google.com
Signed-off-by: Andrey Konovalov <andreyknvl at google.com>
Tested-by: Qian Cai <cai at lca.pw>
Cc: Alexander Potapenko <glider at google.com>
Cc: Andrey Ryabinin <aryabinin at virtuozzo.com>
Cc: Catalin Marinas <catalin.marinas at arm.com>
Cc: Dmitry Vyukov <dvyukov at google.com>
Cc: Evgeniy Stepanov <eugenis at google.com>
Cc: Kostya Serebryany <kcc at google.com>
Cc: Vincenzo Frascino <vincenzo.frascino at arm.com>
Signed-off-by: Andrew Morton <akpm at linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds at linux-foundation.org>
DeltaFile
+2-0mm/slab.c
+2-01 files

Linux/linux 1062af9mm shmem.c

tmpfs: fix link accounting when a tmpfile is linked in

tmpfs has a peculiarity of accounting hard links as if they were
separate inodes: so that when the number of inodes is limited, as it is
by default, a user cannot soak up an unlimited amount of unreclaimable
dcache memory just by repeatedly linking a file.

But when v3.11 added O_TMPFILE, and the ability to use linkat() on the
fd, we missed accommodating this new case in tmpfs: "df -i" shows that
an extra "inode" remains accounted after the file is unlinked and the fd
closed and the actual inode evicted.  If a user repeatedly links
tmpfiles into a tmpfs, the limit will be hit (ENOSPC) even after they
are deleted.

Just skip the extra reservation from shmem_link() in this case: there's
a sense in which this first link of a tmpfile is then cheaper than a
hard link of another file, but the accounting works out, and there's
still good limiting, so no need to do anything more complicated.

Link: http://lkml.kernel.org/r/alpine.LSU.2.11.1902182134370.7035 at eggly.anvils
Fixes: f4e0c30c191 ("allow the temp files created by open() to be linked to")
Signed-off-by: Darrick J. Wong <darrick.wong at oracle.com>
Signed-off-by: Hugh Dickins <hughd at google.com>
Reported-by: Matej Kupljen <matej.kupljen at gmail.com>
Acked-by: Al Viro <viro at zeniv.linux.org.uk>

    [2 lines not shown]
DeltaFile
+7-3mm/shmem.c
+7-31 files

Linux/linux 94b3334mm page_alloc.c

mm, page_alloc: fix a division by zero error when boosting watermarks v2

Yury Norov reported that an arm64 KVM instance could not boot since
after v5.0-rc1 and could addressed by reverting the patches

  1c30844d2dfe272d58c ("mm: reclaim small amounts of memory when an external
  73444bc4d8f92e46a20 ("mm, page_alloc: do not wake kswapd with zone lock held")

The problem is that a division by zero error is possible if boosting
occurs very early in boot if the system has very little memory.  This
patch avoids the division by zero error.

Link: http://lkml.kernel.org/r/20190213143012.GT9565 at techsingularity.net
Fixes: 1c30844d2dfe ("mm: reclaim small amounts of memory when an external fragmentation 
event occurs")
Signed-off-by: Mel Gorman <mgorman at techsingularity.net>
Reported-by: Yury Norov <yury.norov at gmail.com>
Tested-by: Yury Norov <yury.norov at gmail.com>
Tested-by: Will Deacon <will.deacon at arm.com>
Acked-by: Vlastimil Babka <vbabka at suse.cz>
Cc: Andrea Arcangeli <aarcange at redhat.com>
Cc: David Rientjes <rientjes at google.com>
Cc: Michal Hocko <mhocko at kernel.org>
Cc: Catalin Marinas <catalin.marinas at arm.com>
Signed-off-by: Andrew Morton <akpm at linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds at linux-foundation.org>
DeltaFile
+12-0mm/page_alloc.c
+12-01 files

Linux/linux dc15a8amm/kasan Makefile

kasan: prevent tracing of tags.c

Similarly to commit 0d0c8de8788b ("kasan: mark file common so ftrace
doesn't trace it") add the -pg flag to mm/kasan/tags.c to prevent
conflicts with tracing.

Link: 
http://lkml.kernel.org/r/9c4c3ce5ccfb894c7fe66d91de7c1da2787b4da4.1550602886.git.andreyknvl at google.com
Signed-off-by: Andrey Konovalov <andreyknvl at google.com>
Reported-by: Qian Cai <cai at lca.pw>
Tested-by: Qian Cai <cai at lca.pw>
Cc: Andrey Ryabinin <aryabinin at virtuozzo.com>
Cc: Alexander Potapenko <glider at google.com>
Cc: Dmitry Vyukov <dvyukov at google.com>
Cc: Catalin Marinas <catalin.marinas at arm.com>
Cc: Vincenzo Frascino <vincenzo.frascino at arm.com>
Cc: Kostya Serebryany <kcc at google.com>
Cc: Evgeniy Stepanov <eugenis at google.com>
Signed-off-by: Andrew Morton <akpm at linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds at linux-foundation.org>
DeltaFile
+2-0mm/kasan/Makefile
+2-01 files

Linux/linux 3f41b60arch/arm64/kernel setup.c, arch/arm64/mm kasan_init.c

kasan: fix random seed generation for tag-based mode

There are two issues with assigning random percpu seeds right now:

1. We use for_each_possible_cpu() to iterate over cpus, but cpumask is
   not set up yet at the moment of kasan_init(), and thus we only set
   the seed for cpu #0.

2. A call to get_random_u32() always returns the same number and produces
   a message in dmesg, since the random subsystem is not yet initialized.

Fix 1 by calling kasan_init_tags() after cpumask is set up.

Fix 2 by using get_cycles() instead of get_random_u32(). This gives us
lower quality random numbers, but it's good enough, as KASAN is meant to
be used as a debugging tool and not a mitigation.

Link: 
http://lkml.kernel.org/r/1f815cc914b61f3516ed4cc9bfd9eeca9bd5d9de.1550677973.git.andreyknvl at google.com
Signed-off-by: Andrey Konovalov <andreyknvl at google.com>
Cc: Catalin Marinas <catalin.marinas at arm.com>
Cc: Will Deacon <will.deacon at arm.com>
Cc: Andrey Ryabinin <aryabinin at virtuozzo.com>
Cc: Alexander Potapenko <glider at google.com>
Cc: Dmitry Vyukov <dvyukov at google.com>

    [2 lines not shown]

Linux/linux 338cfaamm slub.c

slub: fix SLAB_CONSISTENCY_CHECKS + KASAN_SW_TAGS

Enabling SLUB_DEBUG's SLAB_CONSISTENCY_CHECKS with KASAN_SW_TAGS
triggers endless false positives during boot below due to
check_valid_pointer() checks tagged pointers which have no addresses
that is valid within slab pages:

  BUG radix_tree_node (Tainted: G    B            ): Freelist Pointer check fails
  -----------------------------------------------------------------------------

  INFO: Slab objects=69 used=69 fp=0x          (null) flags=0x7ffffffc000200
  INFO: Object @offset=15060037153926966016 fp=0x

  Redzone: bb bb bb bb bb bb bb bb bb bb bb bb bb bb bb bb  ................
  Object : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  Object : 00 00 00 00 00 00 00 00 18 6b 06 00 08 80 ff d0  .........k......
  Object : 18 6b 06 00 08 80 ff d0 00 00 00 00 00 00 00 00  .k..............
  Object : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  Object : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  Object : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  Object : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  Object : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  Object : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  Object : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  Object : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................

    [56 lines not shown]
DeltaFile
+1-0mm/slub.c
+1-01 files

Linux/linux 18e5066mm slub.c

kasan, slub: fix conflicts with CONFIG_SLAB_FREELIST_HARDENED

CONFIG_SLAB_FREELIST_HARDENED hashes freelist pointer with the address of
the object where the pointer gets stored.  With tag based KASAN we don't
account for that when building freelist, as we call set_freepointer() with
the first argument untagged.  This patch changes the code to properly
propagate tags throughout the loop.

Link: 
http://lkml.kernel.org/r/3df171559c52201376f246bf7ce3184fe21c1dc7.1549921721.git.andreyknvl at google.com
Signed-off-by: Andrey Konovalov <andreyknvl at google.com>
Reported-by: Qian Cai <cai at lca.pw>
Cc: Andrey Ryabinin <aryabinin at virtuozzo.com>
Cc: Alexander Potapenko <glider at google.com>
Cc: Dmitry Vyukov <dvyukov at google.com>
Cc: Catalin Marinas <catalin.marinas at arm.com>
Cc: Christoph Lameter <cl at linux.com>
Cc: Pekka Enberg <penberg at kernel.org>
Cc: David Rientjes <rientjes at google.com>
Cc: Joonsoo Kim <iamjoonsoo.kim at lge.com>
Cc: Vincenzo Frascino <vincenzo.frascino at arm.com>
Cc: Kostya Serebryany <kcc at google.com>
Cc: Evgeniy Stepanov <eugenis at google.com>
Signed-off-by: Andrew Morton <akpm at linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds at linux-foundation.org>
DeltaFile
+7-13mm/slub.c
+7-131 files

Linux/linux a710122mm slub.c

kasan, slub: move kasan_poison_slab hook before page_address

With tag based KASAN page_address() looks at the page flags to see whether
the resulting pointer needs to have a tag set.  Since we don't want to set
a tag when page_address() is called on SLAB pages, we call
page_kasan_tag_reset() in kasan_poison_slab().  However in allocate_slab()
page_address() is called before kasan_poison_slab().  Fix it by changing
the order.

[andreyknvl at google.com: fix compilation error when CONFIG_SLUB_DEBUG=n]
  Link: 
http://lkml.kernel.org/r/ac27cc0bbaeb414ed77bcd6671a877cf3546d56e.1550066133.git.andreyknvl at google.com
Link: 
http://lkml.kernel.org/r/cd895d627465a3f1c712647072d17f10883be2a1.1549921721.git.andreyknvl at google.com
Signed-off-by: Andrey Konovalov <andreyknvl at google.com>
Cc: Alexander Potapenko <glider at google.com>
Cc: Andrey Ryabinin <aryabinin at virtuozzo.com>
Cc: Catalin Marinas <catalin.marinas at arm.com>
Cc: Christoph Lameter <cl at linux.com>
Cc: David Rientjes <rientjes at google.com>
Cc: Dmitry Vyukov <dvyukov at google.com>
Cc: Evgeniy Stepanov <eugenis at google.com>
Cc: Joonsoo Kim <iamjoonsoo.kim at lge.com>
Cc: Kostya Serebryany <kcc at google.com>
Cc: Pekka Enberg <penberg at kernel.org>

    [4 lines not shown]
DeltaFile
+15-4mm/slub.c
+15-41 files

Linux/linux 51dedadmm slab.c

kasan, slab: make freelist stored without tags

Similarly to "kasan, slub: move kasan_poison_slab hook before
page_address", move kasan_poison_slab() before alloc_slabmgmt(), which
calls page_address(), to make page_address() return value to be
non-tagged.  This, combined with calling kasan_reset_tag() for off-slab
slab management object, leads to freelist being stored non-tagged.

Link: 
http://lkml.kernel.org/r/dfb53b44a4d00de3879a05a9f04c1f55e584f7a1.1550602886.git.andreyknvl at google.com
Signed-off-by: Andrey Konovalov <andreyknvl at google.com>
Tested-by: Qian Cai <cai at lca.pw>
Cc: Alexander Potapenko <glider at google.com>
Cc: Andrey Ryabinin <aryabinin at virtuozzo.com>
Cc: Catalin Marinas <catalin.marinas at arm.com>
Cc: Dmitry Vyukov <dvyukov at google.com>
Cc: Evgeniy Stepanov <eugenis at google.com>
Cc: Kostya Serebryany <kcc at google.com>
Cc: Vincenzo Frascino <vincenzo.frascino at arm.com>
Signed-off-by: Andrew Morton <akpm at linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds at linux-foundation.org>
DeltaFile
+9-2mm/slab.c
+9-21 files

Linux/linux d36a63amm slub.c

kasan, slub: fix more conflicts with CONFIG_SLAB_FREELIST_HARDENED

When CONFIG_KASAN_SW_TAGS is enabled, ptr_addr might be tagged.  Normally,
this doesn't cause any issues, as both set_freepointer() and
get_freepointer() are called with a pointer with the same tag.  However,
there are some issues with CONFIG_SLUB_DEBUG code.  For example, when
__free_slub() iterates over objects in a cache, it passes untagged
pointers to check_object().  check_object() in turns calls
get_freepointer() with an untagged pointer, which causes the freepointer
to be restored incorrectly.

Add kasan_reset_tag to freelist_ptr(). Also add a detailed comment.

Link: 
http://lkml.kernel.org/r/bf858f26ef32eb7bd24c665755b3aee4bc58d0e4.1550103861.git.andreyknvl at google.com
Signed-off-by: Andrey Konovalov <andreyknvl at google.com>
Reported-by: Qian Cai <cai at lca.pw>
Tested-by: Qian Cai <cai at lca.pw>
Cc: Andrey Ryabinin <aryabinin at virtuozzo.com>
Cc: Alexander Potapenko <glider at google.com>
Cc: Dmitry Vyukov <dvyukov at google.com>
Signed-off-by: Andrew Morton <akpm at linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds at linux-foundation.org>
DeltaFile
+12-1mm/slub.c
+12-11 files

Linux/linux 4e37504kernel/sched psi.c

psi: avoid divide-by-zero crash inside virtual machines

We've been seeing hard-to-trigger psi crashes when running inside VM
instances:

    divide error: 0000 [#1] SMP PTI
    Modules linked in: [...]
    CPU: 0 PID: 212 Comm: kworker/0:2 Not tainted 4.16.18-119_fbk9_3817_gfe944c98d695 #119
    Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 0.0.0 02/06/2015
    Workqueue: events psi_clock
    RIP: 0010:psi_update_stats+0x270/0x490
    RSP: 0018:ffffc90001117e10 EFLAGS: 00010246
    RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffff8800a35a13f8
    RDX: 0000000000000000 RSI: ffff8800a35a1340 RDI: 0000000000000000
    RBP: 0000000000000658 R08: ffff8800a35a1470 R09: 0000000000000000
    R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
    R13: 0000000000000000 R14: 0000000000000000 R15: 00000000000f8502
    FS:  0000000000000000(0000) GS:ffff88023fc00000(0000) knlGS:0000000000000000
    CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
    CR2: 00007fbe370fa000 CR3: 00000000b1e3a000 CR4: 00000000000006f0
    DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
    DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
    Call Trace:
     psi_clock+0x12/0x50
     process_one_work+0x1e0/0x390

    [47 lines not shown]
DeltaFile
+1-1kernel/sched/psi.c
+1-11 files

Linux/linux b2b4699fs/proc base.c

proc, oom: do not report alien mms when setting oom_score_adj

Tetsuo has reported that creating a thousands of processes sharing MM
without SIGHAND (aka alien threads) and setting
/proc/<pid>/oom_score_adj will swamp the kernel log and takes ages [1]
to finish.  This is especially worrisome that all that printing is done
under RCU lock and this can potentially trigger RCU stall or softlockup
detector.

The primary reason for the printk was to catch potential users who might
depend on the behavior prior to 44a70adec910 ("mm, oom_adj: make sure
processes sharing mm have same view of oom_score_adj") but after more
than 2 years without a single report I guess it is safe to simply remove
the printk altogether.

The next step should be moving oom_score_adj over to the mm struct and
remove all the tasks crawling as suggested by [2]

[1] http://lkml.kernel.org/r/97fce864-6f75-bca5-14bc-12c9f890e740 at i-love.sakura.ne.jp
[2] http://lkml.kernel.org/r/20190117155159.GA4087 at dhcp22.suse.cz

Link: http://lkml.kernel.org/r/20190212102129.26288-1-mhocko at kernel.org
Signed-off-by: Michal Hocko <mhocko at suse.com>
Reported-by: Tetsuo Handa <penguin-kernel at i-love.sakura.ne.jp>
Acked-by: Johannes Weiner <hannes at cmpxchg.org>

    [5 lines not shown]
DeltaFile
+0-4fs/proc/base.c
+0-41 files

Linux/linux a2f7757mm kmemleak.c slub.c

kmemleak: account for tagged pointers when calculating pointer range

kmemleak keeps two global variables, min_addr and max_addr, which store
the range of valid (encountered by kmemleak) pointer values, which it
later uses to speed up pointer lookup when scanning blocks.

With tagged pointers this range will get bigger than it needs to be.  This
patch makes kmemleak untag pointers before saving them to min_addr and
max_addr and when performing a lookup.

Link: 
http://lkml.kernel.org/r/16e887d442986ab87fe87a755815ad92fa431a5f.1550066133.git.andreyknvl at google.com
Signed-off-by: Andrey Konovalov <andreyknvl at google.com>
Tested-by: Qian Cai <cai at lca.pw>
Acked-by: Catalin Marinas <catalin.marinas at arm.com>
Cc: Alexander Potapenko <glider at google.com>
Cc: Andrey Ryabinin <aryabinin at virtuozzo.com>
Cc: Christoph Lameter <cl at linux.com>
Cc: David Rientjes <rientjes at google.com>
Cc: Dmitry Vyukov <dvyukov at google.com>
Cc: Evgeniy Stepanov <eugenis at google.com>
Cc: Joonsoo Kim <iamjoonsoo.kim at lge.com>
Cc: Kostya Serebryany <kcc at google.com>
Cc: Pekka Enberg <penberg at kernel.org>
Cc: Vincenzo Frascino <vincenzo.frascino at arm.com>

    [2 lines not shown]

Linux/linux e1db95bmm/kasan common.c

kasan: fix assigning tags twice

When an object is kmalloc()'ed, two hooks are called: kasan_slab_alloc()
and kasan_kmalloc().  Right now we assign a tag twice, once in each of the
hooks.  Fix it by assigning a tag only in the former hook.

Link: 
http://lkml.kernel.org/r/ce8c6431da735aa7ec051fd6497153df690eb021.1549921721.git.andreyknvl at google.com
Signed-off-by: Andrey Konovalov <andreyknvl at google.com>
Cc: Alexander Potapenko <glider at google.com>
Cc: Andrey Ryabinin <aryabinin at virtuozzo.com>
Cc: Catalin Marinas <catalin.marinas at arm.com>
Cc: Christoph Lameter <cl at linux.com>
Cc: David Rientjes <rientjes at google.com>
Cc: Dmitry Vyukov <dvyukov at google.com>
Cc: Evgeniy Stepanov <eugenis at google.com>
Cc: Joonsoo Kim <iamjoonsoo.kim at lge.com>
Cc: Kostya Serebryany <kcc at google.com>
Cc: Pekka Enberg <penberg at kernel.org>
Cc: Qian Cai <cai at lca.pw>
Cc: Vincenzo Frascino <vincenzo.frascino at arm.com>
Signed-off-by: Andrew Morton <akpm at linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds at linux-foundation.org>
DeltaFile
+17-12mm/kasan/common.c
+17-121 files