Age | Commit message (Collapse) | Author | Files | Lines |
|
The dmabuf fd can be shared between processes via unix domain
socket. The file of dmabuf fd is came from anon_inode. The inode
has no set and get xattr operations, so it can not be shared
between processes with smack. This patch fixes just to ignore
private inode including anon_inode for smack_file_receive.
Change-Id: I2dca19baed08d1061e637160f653a86419a7ba6d
Signed-off-by: Seung-Woo Kim <sw0312.kim@samsung.com>
Acked-by: Casey Schaufler <casey@schaufler-ca.com>
|
|
This patch enables uinput config to support userland input driver.
Change-Id: I6937ba3db8b3d9f26f289b45f33f8abb80d053d1
Signed-off-by: Seung-Woo Kim <sw0312.kim@samsung.com>
|
|
This patch enables uinput config to support userland input driver.
Change-Id: I69ad7db654d94e882fcc911eef8b8c5d94ef7e36
Signed-off-by: Seung-Woo Kim <sw0312.kim@samsung.com>
|
|
This patch sets display clock correctly.
If Display clock isn't set correctly then you would find below messages
and Display controller doesn't work correctly since a patch[1]
exynos-drm: No connectors reported connected with modes
[drm] Cannot find any crtc or sizes - going 1024x768
[1] commit abc0b1447d49 ("drm: Perform basic sanity checks on probed modes")
Change-Id: I603afb80a27e4ca7cb8c8bb38b968c82309e1559
Signed-off-by: Inki Dae <inki.dae@samsung.com>
|
|
Signed-off-by: Marek Szyprowski <m.szyprowski@samsung.com>
Change-Id: I92a8db74b9bcfcd55ae8d005f91ed52c844cf833
|
|
control codec_clk32k
This patch add 32khz clock property in sound node to control codec_clk32k.
Change-Id: Id6c2fdb13433e2c431f530aa48445913c30f6609
Signed-off-by: Inha Song <ideal.song@samsung.com>
|
|
This patch add 32khz clock control logic for codec's master clock 2(MCLK2).
WM1811 codec can use MCLK1 and MCLK2 as FLL's source clocks.
Change-Id: Ifc57ae1772db9a905b0d1c101442ccf649d53c6b
Signed-off-by: Inha Song <ideal.song@samsung.com>
|
|
This is required by systemd. Other configurations has this already
enabled.
Related: https://git.tizen.org/cgit/platform/upstream/systemd.git/commit/?h=upstream&id=b52a4a3b05a2a0d69868d57fd54f6e4b8fa0e7ca
Change-Id: Ib8e4744c4cea1e0b6fe86ecb9e09cfa49be683be
Signed-off-by: Maciej Wereski <m.wereski@partner.samsung.com>
|
|
Use mali r4p0 instead of r3p2.
Change-Id: Ie777bf67c1887df0ca5180a42ac6c6a5d0753bd6
Signed-off-by: Joonyoung Shim <jy0922.shim@samsung.com>
|
|
Use mali r4p0 instead of r3p2.
Change-Id: I911044ee55e7830f56e93eeeb56adfc1fcfe2b0e
Signed-off-by: Joonyoung Shim <jy0922.shim@samsung.com>
|
|
Use mali r4p0 instead of r3p2.
Change-Id: I9a40493ea1d1dce95576c8d0f17af0a34fa13f28
Signed-off-by: Joonyoung Shim <jy0922.shim@samsung.com>
|
|
Buffer sequence selection is broken and must be fixed. For the time being
always queue buffers for hw id 0, because hardware always operates on the
first src and dst buffer. This fixes IOMMU faults and makes the driver
usable from userspace.
Suggested-by: Andrzej Hajda <a.hajda@samsung.com>
Signed-off-by: Marek Szyprowski <m.szyprowski@samsung.com>
Change-Id: I46f43a5ad8b714a78bad7383bc5e532bf5015ecd
|
|
As for now there is no validation of incoming buffer
enqueue request as far as the gem buffers are being
concerned. This might lead to some undesired cases
when the driver tries to operate on invalid buffers
(wiht no valid gem object handle i.e.).
Add some basic checks to rule out those potential issues.
Change-Id: I117b5c566169d33fd46646068f835f48b333da73
Signed-off-by: Beata Michalska <b.michalska@samsung.com>
|
|
This patch enables audit options to print log for security smack
from tizen_odroid_defconfig.
Change-Id: I5b6d034accdffce08c6320424960a1576ad03bca
Signed-off-by: Seung-Woo Kim <sw0312.kim@samsung.com>
|
|
Set the boot_from_rom module parameter by default to 1 so the internal
sensors's firmware from ROM is used. The external firmware will be
loaded only if the module parameter is explicitly set to 0 by the user.
This prevents camera stream on failures for some S5C73M3 revisions.
Change-Id: I8c8c936c982df0db6f570e33b55596cce11b0b16
Signed-off-by: Sylwester Nawrocki <s.nawrocki@samsung.com>
|
|
The 10-bit and 12-bit Bayer output formats supported by FIMC-LITE
actually use 16 bits where the extra bits are padded with zeros.
The patch corrects buffer allocation for these two formats by
modifying the depth field. This prevents memory corruption by the
output DMA due to insufficient buffer size.
Signed-off-by: Arun Kumar K <arun.kk@samsung.com>
Signed-off-by: Sylwester Nawrocki <s.nawrocki@samsung.com>
Signed-off-by: Mauro Carvalho Chehab <m.chehab@samsung.com>
Cc: stable@vger.kernel.org
Change-Id: Id0e3f13ce13de51218aa0b99f86311fcf411e4ec
|
|
Reset CMU-ISP prior to entering low-power mode.
Change-Id: I2caf9ecbee728f07480ee8b18ff1d5558db77bad
Signed-off-by: Beata Michalska <b.michalska@samsung.com>
|
|
The memps requires gem_info with gem_names to analyze graphics(video)
shared memory, so adds gem_info node with debugfs interface.
Change-Id: Ia923aa53c1508174e874d36001f53b0c42daac21
Signed-off-by: YoungJun Cho <yj44.cho@samsung.com>
|
|
Note that this is slightly tricky since both drivers store their
native objects in dma_buf->priv. But both also embed the base
drm_gem_object at the first position, so the implicit cast is ok.
To use the release helper we need to export it, too.
Change-Id: I37e9ffec79c90304d444ae9b6c47346f125feb49
Cc: Inki Dae <inki.dae@samsung.com>
Cc: Intel Graphics Development <intel-gfx@lists.freedesktop.org>
Signed-off-by: Daniel Vetter <daniel.vetter@ffwll.ch>
Signed-off-by: Dave Airlie <airlied@redhat.com>
[This patch is necessary for commit 7f663e197afa drm/prime: proper locking+refcounting for obj->dma_buf link]
Signed-off-by: Seung-Woo Kim <sw0312.kim@samsung.com>
|
|
"%{variant}-linux-kernel" is provided instead of "linux-kernel".
Change-Id: Iad93b6e0fb53a5ead25842cd1de800b5af1b630b
Signed-off-by: Chanho Park <chanho61.park@samsung.com>
|
|
This patch fixes a return value of g2d_map_cmdlist_gem. Since applied
dmabuf_sync, the return value was changed to ret when success return.
This is wrong value when everything is successful.
Change-Id: I0ddb735b8f894ec065ee90865d0a8b45bf892b8e
Reported-by: Voloshynov Sergii <s.voloshynov@samsung.com>
Signed-off-by: Voloshynov Sergii <s.voloshynov@samsung.com>
Signed-off-by: Chanho Park <chanho61.park@samsung.com>
|
|
e6c784eded7b3 ("mmc: dw_mmc: exynos: move the exynos private init") was
wrongly assigning ddr_timing value to sdr_timing. This patch fixes this
by reverting the sdr_timing assignment statement to the earlier location.
Change-Id: I00d74956f2ce166063446b388b92c166d8b524dc
Signed-off-by: Yuvaraj Kumar C D <yuvaraj.cd@samsung.com>
Acked-by: Seungwon Jeon <tgih.jun@samsung.com>
Signed-off-by: Chris Ball <cjb@laptop.org>
|
|
Change-Id: Iff1664f694da27ba209bf7c3febf2f3662c8b5cc
Signed-off-by: Stephane Desneux <stephane.desneux@open.eurogiciel.org>
|
|
This reverts commit c25aae8a02c0e3132df581d1d12be1d6738a08d6.
I think we need to investigate this patch more and more.
Change-Id: Idb69b33334f53ddd414123f6e9ac432840b99857
Signed-off-by: Chanho Park <chanho61.park@samsung.com>
|
|
Setting smack label on file (e.g. 'attr -S -s SMACK64 -V "test" test')
triggered following spew on the kernel with KASan applied:
==================================================================
BUG: AddressSanitizer: out of bounds access in strncpy+0x28/0x60 at addr ffff8800059ad064
=============================================================================
BUG kmalloc-8 (Not tainted): kasan error
-----------------------------------------------------------------------------
Disabling lock debugging due to kernel taint
INFO: Slab 0xffffea0000166b40 objects=128 used=7 fp=0xffff8800059ad080 flags=0x4000000000000080
INFO: Object 0xffff8800059ad060 @offset=96 fp=0xffff8800059ad080
Bytes b4 ffff8800059ad050: a0 df 9a 05 00 88 ff ff 5a 5a 5a 5a 5a 5a 5a 5a ........ZZZZZZZZ
Object ffff8800059ad060: 74 65 73 74 6b 6b 6b a5 testkkk.
Redzone ffff8800059ad068: cc cc cc cc cc cc cc cc ........
Padding ffff8800059ad078: 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZ
CPU: 0 PID: 528 Comm: attr Tainted: G B 3.18.0-rc1-mm1+ #5
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Bochs 01/01/2011
0000000000000000 ffff8800059ad064 ffffffff81534cf2 ffff880005a5bc40
ffffffff8112fe1a 0000000100800006 0000000f059ad060 ffff880006000f90
0000000000000296 ffffea0000166b40 ffffffff8107ca97 ffff880005891060
Call Trace:
? dump_stack (lib/dump_stack.c:52)
? kasan_report_error (mm/kasan/report.c:102 mm/kasan/report.c:178)
? preempt_count_sub (kernel/sched/core.c:2651)
? __asan_load1 (mm/kasan/kasan.h:50 mm/kasan/kasan.c:248 mm/kasan/kasan.c:358)
? strncpy (lib/string.c:121)
? strncpy (lib/string.c:121)
? smk_parse_smack (security/smack/smack_access.c:457)
? setxattr (fs/xattr.c:343)
? smk_import_entry (security/smack/smack_access.c:514)
? smack_inode_setxattr (security/smack/smack_lsm.c:1093 (discriminator 1))
? security_inode_setxattr (security/security.c:602)
? vfs_setxattr (fs/xattr.c:134)
? setxattr (fs/xattr.c:343)
? setxattr (fs/xattr.c:360)
? get_parent_ip (kernel/sched/core.c:2606)
? preempt_count_sub (kernel/sched/core.c:2651)
? __percpu_counter_add (arch/x86/include/asm/preempt.h:98 lib/percpu_counter.c:90)
? get_parent_ip (kernel/sched/core.c:2606)
? preempt_count_sub (kernel/sched/core.c:2651)
? __mnt_want_write (arch/x86/include/asm/preempt.h:98 fs/namespace.c:359)
? path_setxattr (fs/xattr.c:380)
? SyS_lsetxattr (fs/xattr.c:397)
? system_call_fastpath (arch/x86/kernel/entry_64.S:423)
Read of size 1 by task attr:
Memory state around the buggy address:
ffff8800059ace80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
ffff8800059acf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
ffff8800059acf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
>ffff8800059ad000: 00 fc fc fc 00 fc fc fc 05 fc fc fc 04 fc fc fc
^
ffff8800059ad080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
ffff8800059ad100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
ffff8800059ad180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
==================================================================
strncpy() copies one byte more than the source string has.
Fix this by passing the correct length to strncpy().
Now we can remove initialization of the last byte in 'smack' string
because kzalloc() already did this for us.
Signed-off-by: Andrey Ryabinin <a.ryabinin@samsung.com>
Change-Id: I7bb84eed3c348711312434d98d6cc13cbe8f5d76
Signed-off-by: Seung-Woo Kim <sw0312.kim@samsung.com>
|
|
I'm working on address sanitizer project for kernel. Recently we
started experiments with stack instrumentation, to detect out-of-bounds
read/write bugs on stack.
Just after booting I've hit out-of-bounds read on stack in idr_for_each
(and in __idr_remove_all as well):
struct idr_layer **paa = &pa[0];
while (id >= 0 && id <= max) {
...
while (n < fls(id)) {
n += IDR_BITS;
p = *--paa; <--- here we are reading pa[-1] value.
}
}
Despite the fact that after this dereference we are exiting out of loop
and never use p, such behaviour is undefined and should be avoided.
Fix this by moving pointer derference to the beggining of the loop,
right before we will use it.
Signed-off-by: Andrey Ryabinin <a.ryabinin@samsung.com>
Reviewed-by: Lai Jiangshan <laijs@cn.fujitsu.com>
Cc: Tejun Heo <tj@kernel.org>
Cc: Alexey Preobrazhensky <preobr@google.com>
Cc: Dmitry Vyukov <dvyukov@google.com>
Cc: Konstantin Khlebnikov <koct9i@gmail.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Change-Id: Id151fc7e874e3cff64da43eb3359f022de7e6cae
Signed-off-by: Seung-Woo Kim <sw0312.kim@samsung.com>
|
|
When there are unconsumed pending events, the events are
destroyed by calling destroy callback, but the events list
are remained, because there is no list_del().
It is possible that the page flip request is handled after
drm_events_release() is called and before drm_fb_release().
In this case a drm_pending_event is remained not freed.
So exynos driver checks again to remove it in its post
close routine. But the file_priv->event_list contains
undeleted ones, this can make oops for accessing invalid
memory.
Signed-off-by: YoungJun Cho <yj44.cho@samsung.com>
Signed-off-by: Kyungmin Park <kyungmin.park@samsung.com>
Signed-off-by: Dave Airlie <airlied@redhat.com>
Change-Id: I25a471f4f4929150542eb6273c7673b9f44936b6
[back-ported from mainline to fix use after free issue]
Signed-off-by: Seung-Woo Kim <sw0312.kim@samsung.com>
|
|
task_cgroup_path_from_hierarchy() was added for the planned new users
and none of the currently planned users wants to know about multiple
hierarchies. This patch drops the multiple hierarchy part and makes
it always return the path in the first non-dummy hierarchy.
As unified hierarchy will always have id 1, this is guaranteed to
return the path for the unified hierarchy if mounted; otherwise, it
will return the path from the hierarchy which happens to occupy the
lowest hierarchy id, which will usually be the first hierarchy mounted
after boot.
Signed-off-by: Tejun Heo <tj@kernel.org>
Acked-by: Li Zefan <lizefan@huawei.com>
Cc: Lennart Poettering <lennart@poettering.net>
Cc: Kay Sievers <kay.sievers@vrfy.org>
Cc: Jan Kaluža <jkaluza@redhat.com>
Change-Id: Iaa199f7332f01a03f791def776b5403f6fa459b3
Origin: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=913ffdb54366f94eec65c656cae8c6e00e1ab1b0
Backported-by: Maciej Wereski <m.wereski@partner.samsung.com>
Signed-off-by: Maciej Wereski <m.wereski@partner.samsung.com>
|
|
kdbus folks want a sane way to determine the cgroup path that a given
task belongs to on a given hierarchy, which is a reasonble thing to
expect from cgroup core.
Implement task_cgroup_path_from_hierarchy().
v2: Dropped unnecessary NULL check on the return value of
task_cgroup_from_root() as suggested by Li Zefan.
Signed-off-by: Tejun Heo <tj@kernel.org>
Acked-by: Greg Kroah-Hartman <greg@kroah.com>
Acked-by: Li Zefan <lizefan@huawei.com>
Cc: Kay Sievers <kay@vrfy.org>
Cc: Lennart Poettering <lennart@poettering.net>
Cc: Daniel Mack <daniel@zonque.org>
Change-Id: Ifd630e09163b8272627c2ef8be1866c5e9dc05f9
Origin: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=857a2beb09ab83e9a8185821ae16db7dfbe8b837
Backported-by: Maciej Wereski <m.wereski@partner.samsung.com>
Signed-off-by: Maciej Wereski <m.wereski@partner.samsung.com>
|
|
We want to be able to lookup a hierarchy from its id and cyclic
allocation is a whole lot simpler with idr. Convert to idr and use
idr_alloc_cyclc().
Signed-off-by: Tejun Heo <tj@kernel.org>
Acked-by: Li Zefan <lizefan@huawei.com>
Change-Id: Ibd20ebe71ddb452178302cf86a22572b18cd82df
Origin: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=1a574231669f8c3065c83974e9557fcbbd94b8a6
Backported-by: Maciej Wereski <m.wereski@partner.samsung.com>
Signed-off-by: Maciej Wereski <m.wereski@partner.samsung.com>
|
|
Now that hierarchy_id alloc / free are protected by the cgroup
mutexes, there's no need for this separate lock. Drop it.
Signed-off-by: Tejun Heo <tj@kernel.org>
Acked-by: Li Zefan <lizefan@huawei.com>
Change-Id: I03fbc8bba08a785c6082a9b5bb1087c53c506c60
Origin: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=54e7b4eb15fc4354d5ada5469e3db4a220ddb3ed
Backported-by: Maciej Wereski <m.wereski@partner.samsung.com>
Signed-off-by: Maciej Wereski <m.wereski@partner.samsung.com>
|
|
We're planning to converting hierarchy_ida to an idr and use it to
look up hierarchy from its id. As we want the mapping to happen
atomically with cgroupfs_root registration, this patch refactors
hierarchy_id init / exit so that ida operations happen inside
cgroup_[root_]mutex.
* s/init_root_id()/cgroup_init_root_id()/ and make it return 0 or
-errno like a normal function.
* Move hierarchy_id initialization from cgroup_root_from_opts() into
cgroup_mount() block where the root is confirmed to be used and
being registered while holding both mutexes.
* Split cgroup_drop_id() into cgroup_exit_root_id() and
cgroup_free_root(), so that ID release can happen before dropping
the mutexes in cgroup_kill_sb(). The latter expects hierarchy_id to
be exited before being invoked.
Signed-off-by: Tejun Heo <tj@kernel.org>
Acked-by: Li Zefan <lizefan@huawei.com>
Change-Id: Ie1433632bcde96c359fd1d488a81cc3255ee92e6
Origin: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=fa3ca07e96185aa1496b405472399a2a2a336a17
Backported-by: Maciej Wereski <m.wereski@partner.samsung.com>
Signed-off-by: Maciej Wereski <m.wereski@partner.samsung.com>
|
|
Files created with __shmem_file_stup() appear to have somewhat fake
dentries which make them look like root directories and not get
the label the current process or ("*") star meant for tmpfs files.
Change-Id: If0e2e3ceddeff55d5121e76e85dbea60414b786a
Signed-off-by: Łukasz Stelmach <l.stelmach@samsung.com>
|
|
Remove the dependence on x86 to run the memfd test. Verfied on 32-bit powerpc.
Signed-off-by: Pranith Kumar <bobby.prani@gmail.com>
Reviewed-by: David Herrmann <dh.herrmann@gmail.com>
Signed-off-by: Shuah Khan <shuahkh@osg.samsung.com>
Change-Id: I4e3a0d311842f5d0327abdb6bb8ce3ba1460f902
Origin: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ce6a144a0d01c6628496e4c0d18fbf3a0362cc67
Backported-by: Maciej Wereski <m.wereski@partner.samsung.com>
Signed-off-by: Maciej Wereski <m.wereski@partner.samsung.com>
|
|
The new header file memfd.h from commit 9183df25fe7b ("shm: add
memfd_create() syscall") should be exported.
Signed-off-by: David Drysdale <drysdale@google.com>
Reviewed-by: David Herrmann <dh.herrmann@gmail.com>
Cc: Hugh Dickins <hughd@google.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Change-Id: Ibcd915aad320ddedcfcca0b7a098e03cc883fd88
Origin: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b01d072065b6f36550f486fe77f05b092225ba1b
Backported-by: Maciej Wereski <m.wereski@partner.samsung.com>
Signed-off-by: Maciej Wereski <m.wereski@partner.samsung.com>
|
|
Add a missing path argument buf to printf()
Signed-off-by: Pranith Kumar <bobby.prani@gmail.com>
Reviewed-by: David Herrmann <dh.herrmann@gmail.com>
Signed-off-by: Shuah Khan <shuahkh@osg.samsung.com>
Change-Id: Ie4d1f23fc07a397971ee94c0fdd164fb7145771d
Origin: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2ed36928373cc3dfb20a4d17042e9a6e05538e41
Backported-by: Maciej Wereski <m.wereski@partner.samsung.com>
Signed-off-by: Maciej Wereski <m.wereski@partner.samsung.com>
|
|
This test currently fails on 32-bit systems since we use u64 type to pass the
flags to fcntl.
This commit changes this to use 'unsigned int' type for flags to fcntl making it
work on 32-bit systems.
Signed-off-by: Pranith Kumar <bobby.prani@gmail.com>
Reviewed-by: David Herrmann <dh.herrmann@gmail.com>
Signed-off-by: Shuah Khan <shuahkh@osg.samsung.com>
Change-Id: I80190741a7cfaf9517cf220a58bcc36177139993
Origin: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=57e67900d4c7949ad646a5f43a8ca5180170d2a0
Backported-by: Maciej Wereski <m.wereski@partner.samsung.com>
Signed-off-by: Maciej Wereski <m.wereski@partner.samsung.com>
|
|
Commit 9183df25fe7b ("shm: add memfd_create() syscall") added a new
system call (memfd_create) but didn't update the asm-generic unistd
header.
This patch adds the new system call to the asm-generic version of
unistd.h so that it can be used by architectures such as arm64.
Cc: Arnd Bergmann <arnd@arndb.de>
Reviewed-by: David Herrmann <dh.herrmann@gmail.com>
Signed-off-by: Will Deacon <will.deacon@arm.com>
Change-Id: I7fff684716a86ad9f10e19755480c32ce9eeb861
Origin: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=503e6636b6f96056210062be703356f4253b6db9
Backported-by: Maciej Wereski <m.wereski@partner.samsung.com>
Signed-off-by: Maciej Wereski <m.wereski@partner.samsung.com>
|
|
arch/arm/ just grew support for the new memfd_create and getrandom
syscalls, so add them to our compat layer too.
Signed-off-by: Will Deacon <will.deacon@arm.com>
Origin: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a97a42c47608d0bb6f2dfc2e162cc84a27beb43a
Backported-by: Maciej Wereski <m.wereski@partner.samsung.com>
getrandom isn't wired.
Change-Id: I0bfb09e924d839ede0f998a73a4b9a395359a1b6
Signed-off-by: Maciej Wereski <m.wereski@partner.samsung.com>
|
|
Add the memfd_create syscall to ARM.
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
Origin: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e57e41931134e09fc6c03c8d4eb19d516cc6e59b
Backported-by: Maciej Wereski <m.wereski@partner.samsung.com>
Adjusted __NR_syscalls as in commit
eb6452537b280652eee66801ec97cc369e27e5d8.
Signed-off-by: Maciej Wereski <m.wereski@partner.samsung.com>
Change-Id: I8bcbec0d5fb6241cbb5c13f142552dbfe5307c9e
|
|
If we set SEAL_WRITE on a file, we must make sure there cannot be any
ongoing write-operations on the file. For write() calls, we simply lock
the inode mutex, for mmap() we simply verify there're no writable
mappings. However, there might be pages pinned by AIO, Direct-IO and
similar operations via GUP. We must make sure those do not write to the
memfd file after we set SEAL_WRITE.
As there is no way to notify GUP users to drop pages or to wait for them
to be done, we implement the wait ourself: When setting SEAL_WRITE, we
check all pages for their ref-count. If it's bigger than 1, we know
there's some user of the page. We then mark the page and wait for up to
150ms for those ref-counts to be dropped. If the ref-counts are not
dropped in time, we refuse the seal operation.
Signed-off-by: David Herrmann <dh.herrmann@gmail.com>
Acked-by: Hugh Dickins <hughd@google.com>
Cc: Michael Kerrisk <mtk.manpages@gmail.com>
Cc: Ryan Lortie <desrt@desrt.ca>
Cc: Lennart Poettering <lennart@poettering.net>
Cc: Daniel Mack <zonque@gmail.com>
Cc: Andy Lutomirski <luto@amacapital.net>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Change-Id: I952289df3c4261be68ab4dc590890fe20b0906a4
Origin: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=05f65b5c70909ef686f865f0a85406d74d75f70f
Backported-by: Maciej Wereski <m.wereski@partner.samsung.com>
Signed-off-by: Maciej Wereski <m.wereski@partner.samsung.com>
|
|
Setting SEAL_WRITE is not possible if there're pending GUP users. This
commit adds selftests for memfd+sealing that use FUSE to create pending
page-references. FUSE is very helpful here in that it allows us to delay
direct-IO operations for an arbitrary amount of time. This way, we can
force the kernel to pin pages and then run our normal selftests.
Signed-off-by: David Herrmann <dh.herrmann@gmail.com>
Acked-by: Hugh Dickins <hughd@google.com>
Cc: Michael Kerrisk <mtk.manpages@gmail.com>
Cc: Ryan Lortie <desrt@desrt.ca>
Cc: Lennart Poettering <lennart@poettering.net>
Cc: Daniel Mack <zonque@gmail.com>
Cc: Andy Lutomirski <luto@amacapital.net>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Change-Id: Ideaf47a24b3522183cbe5ae10c320f7d38e31931
Origin: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=87b2d44026e0e315a7401551e95b189ac4b28217
Backported-by: Maciej Wereski <m.wereski@partner.samsung.com>
Signed-off-by: Maciej Wereski <m.wereski@partner.samsung.com>
|
|
Some basic tests to verify sealing on memfds works as expected and
guarantees the advertised semantics.
Signed-off-by: David Herrmann <dh.herrmann@gmail.com>
Acked-by: Hugh Dickins <hughd@google.com>
Cc: Michael Kerrisk <mtk.manpages@gmail.com>
Cc: Ryan Lortie <desrt@desrt.ca>
Cc: Lennart Poettering <lennart@poettering.net>
Cc: Daniel Mack <zonque@gmail.com>
Cc: Andy Lutomirski <luto@amacapital.net>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Change-Id: I9a6bfd2205aa868f327fdb04788a1f6bae23eb17
Origin: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4f5ce5e8d7e2da3c714df8a7fa42edb9f992fc52
Backported-by: Maciej Wereski <m.wereski@partner.samsung.com>
Signed-off-by: Maciej Wereski <m.wereski@partner.samsung.com>
|
|
memfd_create() is similar to mmap(MAP_ANON), but returns a file-descriptor
that you can pass to mmap(). It can support sealing and avoids any
connection to user-visible mount-points. Thus, it's not subject to quotas
on mounted file-systems, but can be used like malloc()'ed memory, but with
a file-descriptor to it.
memfd_create() returns the raw shmem file, so calls like ftruncate() can
be used to modify the underlying inode. Also calls like fstat() will
return proper information and mark the file as regular file. If you want
sealing, you can specify MFD_ALLOW_SEALING. Otherwise, sealing is not
supported (like on all other regular files).
Compared to O_TMPFILE, it does not require a tmpfs mount-point and is not
subject to a filesystem size limit. It is still properly accounted to
memcg limits, though, and to the same overcommit or no-overcommit
accounting as all user memory.
Signed-off-by: David Herrmann <dh.herrmann@gmail.com>
Acked-by: Hugh Dickins <hughd@google.com>
Cc: Michael Kerrisk <mtk.manpages@gmail.com>
Cc: Ryan Lortie <desrt@desrt.ca>
Cc: Lennart Poettering <lennart@poettering.net>
Cc: Daniel Mack <zonque@gmail.com>
Cc: Andy Lutomirski <luto@amacapital.net>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Change-Id: I2ac7e2b47a1d68d4b83680f4527e5ed2aa9a420c
Origin: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9183df25fe7b194563db3fec6dc3202a5855839c
Backported-by: Maciej Wereski <m.wereski@partner.samsung.com>
Signed-off-by: Maciej Wereski <m.wereski@partner.samsung.com>
|
|
If two processes share a common memory region, they usually want some
guarantees to allow safe access. This often includes:
- one side cannot overwrite data while the other reads it
- one side cannot shrink the buffer while the other accesses it
- one side cannot grow the buffer beyond previously set boundaries
If there is a trust-relationship between both parties, there is no need
for policy enforcement. However, if there's no trust relationship (eg.,
for general-purpose IPC) sharing memory-regions is highly fragile and
often not possible without local copies. Look at the following two
use-cases:
1) A graphics client wants to share its rendering-buffer with a
graphics-server. The memory-region is allocated by the client for
read/write access and a second FD is passed to the server. While
scanning out from the memory region, the server has no guarantee that
the client doesn't shrink the buffer at any time, requiring rather
cumbersome SIGBUS handling.
2) A process wants to perform an RPC on another process. To avoid huge
bandwidth consumption, zero-copy is preferred. After a message is
assembled in-memory and a FD is passed to the remote side, both sides
want to be sure that neither modifies this shared copy, anymore. The
source may have put sensible data into the message without a separate
copy and the target may want to parse the message inline, to avoid a
local copy.
While SIGBUS handling, POSIX mandatory locking and MAP_DENYWRITE provide
ways to achieve most of this, the first one is unproportionally ugly to
use in libraries and the latter two are broken/racy or even disabled due
to denial of service attacks.
This patch introduces the concept of SEALING. If you seal a file, a
specific set of operations is blocked on that file forever. Unlike locks,
seals can only be set, never removed. Hence, once you verified a specific
set of seals is set, you're guaranteed that no-one can perform the blocked
operations on this file, anymore.
An initial set of SEALS is introduced by this patch:
- SHRINK: If SEAL_SHRINK is set, the file in question cannot be reduced
in size. This affects ftruncate() and open(O_TRUNC).
- GROW: If SEAL_GROW is set, the file in question cannot be increased
in size. This affects ftruncate(), fallocate() and write().
- WRITE: If SEAL_WRITE is set, no write operations (besides resizing)
are possible. This affects fallocate(PUNCH_HOLE), mmap() and
write().
- SEAL: If SEAL_SEAL is set, no further seals can be added to a file.
This basically prevents the F_ADD_SEAL operation on a file and
can be set to prevent others from adding further seals that you
don't want.
The described use-cases can easily use these seals to provide safe use
without any trust-relationship:
1) The graphics server can verify that a passed file-descriptor has
SEAL_SHRINK set. This allows safe scanout, while the client is
allowed to increase buffer size for window-resizing on-the-fly.
Concurrent writes are explicitly allowed.
2) For general-purpose IPC, both processes can verify that SEAL_SHRINK,
SEAL_GROW and SEAL_WRITE are set. This guarantees that neither
process can modify the data while the other side parses it.
Furthermore, it guarantees that even with writable FDs passed to the
peer, it cannot increase the size to hit memory-limits of the source
process (in case the file-storage is accounted to the source).
The new API is an extension to fcntl(), adding two new commands:
F_GET_SEALS: Return a bitset describing the seals on the file. This
can be called on any FD if the underlying file supports
sealing.
F_ADD_SEALS: Change the seals of a given file. This requires WRITE
access to the file and F_SEAL_SEAL may not already be set.
Furthermore, the underlying file must support sealing and
there may not be any existing shared mapping of that file.
Otherwise, EBADF/EPERM is returned.
The given seals are _added_ to the existing set of seals
on the file. You cannot remove seals again.
The fcntl() handler is currently specific to shmem and disabled on all
files. A file needs to explicitly support sealing for this interface to
work. A separate syscall is added in a follow-up, which creates files that
support sealing. There is no intention to support this on other
file-systems. Semantics are unclear for non-volatile files and we lack any
use-case right now. Therefore, the implementation is specific to shmem.
Signed-off-by: David Herrmann <dh.herrmann@gmail.com>
Acked-by: Hugh Dickins <hughd@google.com>
Cc: Michael Kerrisk <mtk.manpages@gmail.com>
Cc: Ryan Lortie <desrt@desrt.ca>
Cc: Lennart Poettering <lennart@poettering.net>
Cc: Daniel Mack <zonque@gmail.com>
Cc: Andy Lutomirski <luto@amacapital.net>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Change-Id: I58642ae2db7fef5d952b22beada3525526dd3a20
Origin: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=40e041a2c858b3caefc757e26cb85bfceae5062b
Backported-by: Maciej Wereski <m.wereski@partner.samsung.com>
Signed-off-by: Maciej Wereski <m.wereski@partner.samsung.com>
|
|
This patch (of 6):
The i_mmap_writable field counts existing writable mappings of an
address_space. To allow drivers to prevent new writable mappings, make
this counter signed and prevent new writable mappings if it is negative.
This is modelled after i_writecount and DENYWRITE.
This will be required by the shmem-sealing infrastructure to prevent any
new writable mappings after the WRITE seal has been set. In case there
exists a writable mapping, this operation will fail with EBUSY.
Note that we rely on the fact that iff you already own a writable mapping,
you can increase the counter without using the helpers. This is the same
that we do for i_writecount.
Signed-off-by: David Herrmann <dh.herrmann@gmail.com>
Acked-by: Hugh Dickins <hughd@google.com>
Cc: Michael Kerrisk <mtk.manpages@gmail.com>
Cc: Ryan Lortie <desrt@desrt.ca>
Cc: Lennart Poettering <lennart@poettering.net>
Cc: Daniel Mack <zonque@gmail.com>
Cc: Andy Lutomirski <luto@amacapital.net>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Change-Id: If33fdcedbcf202ab177c4e21afc7eec261088a8b
Origin: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4bb5f5d9395bc112d93a134d8f5b05611eddc9c0
Backported-by: Maciej Wereski <m.wereski@partner.samsung.com>
Signed-off-by: Maciej Wereski <m.wereski@partner.samsung.com>
|
|
correct_wcount and inode in mmap_region() just complicate the code. This
boolean was needed previously, when deny_write_access() was called before
vma_merge(), now we can simply check VM_DENYWRITE and do
allow_write_access() if it is set.
allow_write_access() checks file != NULL, so this is safe even if it was
possible to use VM_DENYWRITE && !file. Just we need to ensure we use the
same file which was deny_write_access()'ed, so the patch also moves "file
= vma->vm_file" down after allow_write_access().
Signed-off-by: Oleg Nesterov <oleg@redhat.com>
Cc: Hugh Dickins <hughd@google.com>
Cc: Al Viro <viro@zeniv.linux.org.uk>
Cc: Colin Cross <ccross@android.com>
Cc: David Rientjes <rientjes@google.com>
Cc: KOSAKI Motohiro <kosaki.motohiro@jp.fujitsu.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Change-Id: I05df8842b7c4b7e3e29b35d914f297ce37af1685
Origin: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e86867720e617774b560dfbc169b7f3d0d490950
Backported-by: Maciej Wereski <m.wereski@partner.samsung.com>
Signed-off-by: Maciej Wereski <m.wereski@partner.samsung.com>
|
|
This is intended for use in loops which read data protected by RCU and may
have a large number of iterations. Such an example is dumping the list of
connections known to IPVS: ip_vs_conn_array() and ip_vs_conn_seq_next().
The benefits are for CONFIG_PREEMPT_RCU=y where we save CPU cycles
by moving rcu_read_lock and rcu_read_unlock out of large loops
but still allowing the current task to be preempted after every
loop iteration for the CONFIG_PREEMPT_RCU=n case.
The call to cond_resched() is not needed when CONFIG_PREEMPT_RCU=y.
Thanks to Paul E. McKenney for explaining this and for the
final version that checks the context with CONFIG_DEBUG_ATOMIC_SLEEP=y
for all possible configurations.
The function can be empty in the CONFIG_PREEMPT_RCU case,
rcu_read_lock and rcu_read_unlock are not needed in this case
because the task can be preempted on indication from scheduler.
Thanks to Peter Zijlstra for catching this and for his help
in trying a solution that changes __might_sleep.
Initial cond_resched_rcu_lock() function suggested by Eric Dumazet.
Tested-by: Julian Anastasov <ja@ssi.bg>
Signed-off-by: Julian Anastasov <ja@ssi.bg>
Signed-off-by: Simon Horman <horms@verge.net.au>
Acked-by: Peter Zijlstra <peterz@infradead.org>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Change-Id: I5f36f86484198f9064725d424c3d91d5fac8e1d4
Origin: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f6f3c437d09e2f62533034e67bfb4385191e992c
Backported-by: Maciej Wereski <m.wereski@partner.samsung.com>
Signed-off-by: Maciej Wereski <m.wereski@partner.samsung.com>
|
|
Use chipid[27:20] bits to identify the EXYNOS family while setting
up the serial port during the uncompression setup. This uses four
additional bits of chipid to identify the EXYNOS family since this
is required for identifying EXYNOS5420 SoC.
Change-Id: Ic7cc14e68d16ae3da2a7d2177b40e40b0295d9a8
Signed-off-by: Chander Kashyap <chander.kashyap@linaro.org>
Signed-off-by: Thomas Abraham <thomas.abraham@linaro.org>
Reviewed-by: Tomasz Figa <t.figa@samsung.com>
Signed-off-by: Kukjin Kim <kgene.kim@samsung.com>
|
|
This patch adds support secondary core bootup in big.LITTLE processor
for platsmp. Just core id cannot be used for identification, because
there is a pair of the cores which have same core id. Cluster id have
to be included for their identification. This patch makes cpu index
using cluster id and core id for the calculation of their register
address and the identification. But there is a problem to use cluster id
for core index creation. That is, cluster id does not start from 0 in
old processors which do not have more than one cluster. For example,
Exynos4412's cluster id for its 4 core is 0xa. So I makes all cluster id
to 0 when they are bigger than 1. Normally big.LITTLE processor does not
use platsmp. But at this moment, just for the minimal functionality of
big.LITTLE, this patch adds support for it. This patch can be reverted
after another CPU management method is adopted.
Change-Id: Ifa2d62545dd4174998f962c9608fd6d9b6034c16
Signed-off-by: Hyungwon Hwang <human.hwang@samsung.com>
|