1 |
commit: af04b07db818faf519780e2e77f637a6419c5ab6 |
2 |
Author: Alice Ferrazzi <alicef <AT> gentoo <DOT> org> |
3 |
AuthorDate: Sat Jul 31 10:33:59 2021 +0000 |
4 |
Commit: Alice Ferrazzi <alicef <AT> gentoo <DOT> org> |
5 |
CommitDate: Sat Jul 31 10:34:09 2021 +0000 |
6 |
URL: https://gitweb.gentoo.org/proj/linux-patches.git/commit/?id=af04b07d |
7 |
|
8 |
Linux patch 4.19.200 |
9 |
|
10 |
Signed-off-by: Alice Ferrazzi <alicef <AT> gentoo.org> |
11 |
|
12 |
0000_README | 4 + |
13 |
1199_linux-4.19.200.patch | 893 ++++++++++++++++++++++++++++++++++++++++++++++ |
14 |
2 files changed, 897 insertions(+) |
15 |
|
16 |
diff --git a/0000_README b/0000_README |
17 |
index f1619e0..58e7859 100644 |
18 |
--- a/0000_README |
19 |
+++ b/0000_README |
20 |
@@ -835,6 +835,10 @@ Patch: 1198_linux-4.19.199.patch |
21 |
From: https://www.kernel.org |
22 |
Desc: Linux 4.19.199 |
23 |
|
24 |
+Patch: 1199_linux-4.19.200.patch |
25 |
+From: https://www.kernel.org |
26 |
+Desc: Linux 4.19.200 |
27 |
+ |
28 |
Patch: 1500_XATTR_USER_PREFIX.patch |
29 |
From: https://bugs.gentoo.org/show_bug.cgi?id=470644 |
30 |
Desc: Support for namespace user.pax.* on tmpfs. |
31 |
|
32 |
diff --git a/1199_linux-4.19.200.patch b/1199_linux-4.19.200.patch |
33 |
new file mode 100644 |
34 |
index 0000000..da6c8c4 |
35 |
--- /dev/null |
36 |
+++ b/1199_linux-4.19.200.patch |
37 |
@@ -0,0 +1,893 @@ |
38 |
+diff --git a/Makefile b/Makefile |
39 |
+index f3ad63a089a18..a4ea351c4e5d6 100644 |
40 |
+--- a/Makefile |
41 |
++++ b/Makefile |
42 |
+@@ -1,7 +1,7 @@ |
43 |
+ # SPDX-License-Identifier: GPL-2.0 |
44 |
+ VERSION = 4 |
45 |
+ PATCHLEVEL = 19 |
46 |
+-SUBLEVEL = 199 |
47 |
++SUBLEVEL = 200 |
48 |
+ EXTRAVERSION = |
49 |
+ NAME = "People's Front" |
50 |
+ |
51 |
+diff --git a/arch/arm/boot/dts/versatile-ab.dts b/arch/arm/boot/dts/versatile-ab.dts |
52 |
+index 6f4f60ba5429c..990b7ef1800e4 100644 |
53 |
+--- a/arch/arm/boot/dts/versatile-ab.dts |
54 |
++++ b/arch/arm/boot/dts/versatile-ab.dts |
55 |
+@@ -192,16 +192,15 @@ |
56 |
+ #size-cells = <1>; |
57 |
+ ranges; |
58 |
+ |
59 |
+- vic: intc@10140000 { |
60 |
++ vic: interrupt-controller@10140000 { |
61 |
+ compatible = "arm,versatile-vic"; |
62 |
+ interrupt-controller; |
63 |
+ #interrupt-cells = <1>; |
64 |
+ reg = <0x10140000 0x1000>; |
65 |
+- clear-mask = <0xffffffff>; |
66 |
+ valid-mask = <0xffffffff>; |
67 |
+ }; |
68 |
+ |
69 |
+- sic: intc@10003000 { |
70 |
++ sic: interrupt-controller@10003000 { |
71 |
+ compatible = "arm,versatile-sic"; |
72 |
+ interrupt-controller; |
73 |
+ #interrupt-cells = <1>; |
74 |
+diff --git a/arch/arm/boot/dts/versatile-pb.dts b/arch/arm/boot/dts/versatile-pb.dts |
75 |
+index 06a0fdf24026c..e7e751a858d81 100644 |
76 |
+--- a/arch/arm/boot/dts/versatile-pb.dts |
77 |
++++ b/arch/arm/boot/dts/versatile-pb.dts |
78 |
+@@ -7,7 +7,7 @@ |
79 |
+ |
80 |
+ amba { |
81 |
+ /* The Versatile PB is using more SIC IRQ lines than the AB */ |
82 |
+- sic: intc@10003000 { |
83 |
++ sic: interrupt-controller@10003000 { |
84 |
+ clear-mask = <0xffffffff>; |
85 |
+ /* |
86 |
+ * Valid interrupt lines mask according to |
87 |
+diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c |
88 |
+index 43fb4e296d8de..9cfc669b4a243 100644 |
89 |
+--- a/arch/x86/kvm/x86.c |
90 |
++++ b/arch/x86/kvm/x86.c |
91 |
+@@ -416,8 +416,6 @@ static void kvm_multiple_exception(struct kvm_vcpu *vcpu, |
92 |
+ |
93 |
+ if (!vcpu->arch.exception.pending && !vcpu->arch.exception.injected) { |
94 |
+ queue: |
95 |
+- if (has_error && !is_protmode(vcpu)) |
96 |
+- has_error = false; |
97 |
+ if (reinject) { |
98 |
+ /* |
99 |
+ * On vmentry, vcpu->arch.exception.pending is only |
100 |
+@@ -7114,6 +7112,13 @@ static void update_cr8_intercept(struct kvm_vcpu *vcpu) |
101 |
+ kvm_x86_ops->update_cr8_intercept(vcpu, tpr, max_irr); |
102 |
+ } |
103 |
+ |
104 |
++static void kvm_inject_exception(struct kvm_vcpu *vcpu) |
105 |
++{ |
106 |
++ if (vcpu->arch.exception.error_code && !is_protmode(vcpu)) |
107 |
++ vcpu->arch.exception.error_code = false; |
108 |
++ kvm_x86_ops->queue_exception(vcpu); |
109 |
++} |
110 |
++ |
111 |
+ static int inject_pending_event(struct kvm_vcpu *vcpu) |
112 |
+ { |
113 |
+ int r; |
114 |
+@@ -7121,7 +7126,7 @@ static int inject_pending_event(struct kvm_vcpu *vcpu) |
115 |
+ /* try to reinject previous events if any */ |
116 |
+ |
117 |
+ if (vcpu->arch.exception.injected) |
118 |
+- kvm_x86_ops->queue_exception(vcpu); |
119 |
++ kvm_inject_exception(vcpu); |
120 |
+ /* |
121 |
+ * Do not inject an NMI or interrupt if there is a pending |
122 |
+ * exception. Exceptions and interrupts are recognized at |
123 |
+@@ -7175,7 +7180,7 @@ static int inject_pending_event(struct kvm_vcpu *vcpu) |
124 |
+ kvm_update_dr7(vcpu); |
125 |
+ } |
126 |
+ |
127 |
+- kvm_x86_ops->queue_exception(vcpu); |
128 |
++ kvm_inject_exception(vcpu); |
129 |
+ } |
130 |
+ |
131 |
+ /* Don't consider new event if we re-injected an event */ |
132 |
+diff --git a/drivers/firmware/arm_scmi/driver.c b/drivers/firmware/arm_scmi/driver.c |
133 |
+index effc4c17e0fb9..af5139eb96b5d 100644 |
134 |
+--- a/drivers/firmware/arm_scmi/driver.c |
135 |
++++ b/drivers/firmware/arm_scmi/driver.c |
136 |
+@@ -48,7 +48,6 @@ enum scmi_error_codes { |
137 |
+ SCMI_ERR_GENERIC = -8, /* Generic Error */ |
138 |
+ SCMI_ERR_HARDWARE = -9, /* Hardware Error */ |
139 |
+ SCMI_ERR_PROTOCOL = -10,/* Protocol Error */ |
140 |
+- SCMI_ERR_MAX |
141 |
+ }; |
142 |
+ |
143 |
+ /* List of all SCMI devices active in system */ |
144 |
+@@ -168,8 +167,10 @@ static const int scmi_linux_errmap[] = { |
145 |
+ |
146 |
+ static inline int scmi_to_linux_errno(int errno) |
147 |
+ { |
148 |
+- if (errno < SCMI_SUCCESS && errno > SCMI_ERR_MAX) |
149 |
+- return scmi_linux_errmap[-errno]; |
150 |
++ int err_idx = -errno; |
151 |
++ |
152 |
++ if (err_idx >= SCMI_SUCCESS && err_idx < ARRAY_SIZE(scmi_linux_errmap)) |
153 |
++ return scmi_linux_errmap[err_idx]; |
154 |
+ return -EIO; |
155 |
+ } |
156 |
+ |
157 |
+@@ -628,8 +629,9 @@ static int scmi_xfer_info_init(struct scmi_info *sinfo) |
158 |
+ struct scmi_xfers_info *info = &sinfo->minfo; |
159 |
+ |
160 |
+ /* Pre-allocated messages, no more than what hdr.seq can support */ |
161 |
+- if (WARN_ON(desc->max_msg >= MSG_TOKEN_MAX)) { |
162 |
+- dev_err(dev, "Maximum message of %d exceeds supported %ld\n", |
163 |
++ if (WARN_ON(!desc->max_msg || desc->max_msg > MSG_TOKEN_MAX)) { |
164 |
++ dev_err(dev, |
165 |
++ "Invalid maximum messages %d, not in range [1 - %lu]\n", |
166 |
+ desc->max_msg, MSG_TOKEN_MAX); |
167 |
+ return -EINVAL; |
168 |
+ } |
169 |
+diff --git a/drivers/iio/dac/ds4424.c b/drivers/iio/dac/ds4424.c |
170 |
+index 714a97f913199..ae9be792693bf 100644 |
171 |
+--- a/drivers/iio/dac/ds4424.c |
172 |
++++ b/drivers/iio/dac/ds4424.c |
173 |
+@@ -236,12 +236,6 @@ static int ds4424_probe(struct i2c_client *client, |
174 |
+ indio_dev->dev.of_node = client->dev.of_node; |
175 |
+ indio_dev->dev.parent = &client->dev; |
176 |
+ |
177 |
+- if (!client->dev.of_node) { |
178 |
+- dev_err(&client->dev, |
179 |
+- "Not found DT.\n"); |
180 |
+- return -ENODEV; |
181 |
+- } |
182 |
+- |
183 |
+ data->vcc_reg = devm_regulator_get(&client->dev, "vcc"); |
184 |
+ if (IS_ERR(data->vcc_reg)) { |
185 |
+ dev_err(&client->dev, |
186 |
+diff --git a/fs/cifs/smb2ops.c b/fs/cifs/smb2ops.c |
187 |
+index 5a14f518cd979..61955a7c838b4 100644 |
188 |
+--- a/fs/cifs/smb2ops.c |
189 |
++++ b/fs/cifs/smb2ops.c |
190 |
+@@ -386,8 +386,8 @@ parse_server_interfaces(struct network_interface_info_ioctl_rsp *buf, |
191 |
+ p = buf; |
192 |
+ while (bytes_left >= sizeof(*p)) { |
193 |
+ info->speed = le64_to_cpu(p->LinkSpeed); |
194 |
+- info->rdma_capable = le32_to_cpu(p->Capability & RDMA_CAPABLE); |
195 |
+- info->rss_capable = le32_to_cpu(p->Capability & RSS_CAPABLE); |
196 |
++ info->rdma_capable = le32_to_cpu(p->Capability & RDMA_CAPABLE) ? 1 : 0; |
197 |
++ info->rss_capable = le32_to_cpu(p->Capability & RSS_CAPABLE) ? 1 : 0; |
198 |
+ |
199 |
+ cifs_dbg(FYI, "%s: adding iface %zu\n", __func__, *iface_count); |
200 |
+ cifs_dbg(FYI, "%s: speed %zu bps\n", __func__, info->speed); |
201 |
+diff --git a/fs/hfs/bfind.c b/fs/hfs/bfind.c |
202 |
+index 4af318fbda774..ef9498a6e88ac 100644 |
203 |
+--- a/fs/hfs/bfind.c |
204 |
++++ b/fs/hfs/bfind.c |
205 |
+@@ -25,7 +25,19 @@ int hfs_find_init(struct hfs_btree *tree, struct hfs_find_data *fd) |
206 |
+ fd->key = ptr + tree->max_key_len + 2; |
207 |
+ hfs_dbg(BNODE_REFS, "find_init: %d (%p)\n", |
208 |
+ tree->cnid, __builtin_return_address(0)); |
209 |
+- mutex_lock(&tree->tree_lock); |
210 |
++ switch (tree->cnid) { |
211 |
++ case HFS_CAT_CNID: |
212 |
++ mutex_lock_nested(&tree->tree_lock, CATALOG_BTREE_MUTEX); |
213 |
++ break; |
214 |
++ case HFS_EXT_CNID: |
215 |
++ mutex_lock_nested(&tree->tree_lock, EXTENTS_BTREE_MUTEX); |
216 |
++ break; |
217 |
++ case HFS_ATTR_CNID: |
218 |
++ mutex_lock_nested(&tree->tree_lock, ATTR_BTREE_MUTEX); |
219 |
++ break; |
220 |
++ default: |
221 |
++ return -EINVAL; |
222 |
++ } |
223 |
+ return 0; |
224 |
+ } |
225 |
+ |
226 |
+diff --git a/fs/hfs/bnode.c b/fs/hfs/bnode.c |
227 |
+index b63a4df7327b6..c0a73a6ffb28b 100644 |
228 |
+--- a/fs/hfs/bnode.c |
229 |
++++ b/fs/hfs/bnode.c |
230 |
+@@ -15,16 +15,31 @@ |
231 |
+ |
232 |
+ #include "btree.h" |
233 |
+ |
234 |
+-void hfs_bnode_read(struct hfs_bnode *node, void *buf, |
235 |
+- int off, int len) |
236 |
++void hfs_bnode_read(struct hfs_bnode *node, void *buf, int off, int len) |
237 |
+ { |
238 |
+ struct page *page; |
239 |
++ int pagenum; |
240 |
++ int bytes_read; |
241 |
++ int bytes_to_read; |
242 |
++ void *vaddr; |
243 |
+ |
244 |
+ off += node->page_offset; |
245 |
+- page = node->page[0]; |
246 |
++ pagenum = off >> PAGE_SHIFT; |
247 |
++ off &= ~PAGE_MASK; /* compute page offset for the first page */ |
248 |
+ |
249 |
+- memcpy(buf, kmap(page) + off, len); |
250 |
+- kunmap(page); |
251 |
++ for (bytes_read = 0; bytes_read < len; bytes_read += bytes_to_read) { |
252 |
++ if (pagenum >= node->tree->pages_per_bnode) |
253 |
++ break; |
254 |
++ page = node->page[pagenum]; |
255 |
++ bytes_to_read = min_t(int, len - bytes_read, PAGE_SIZE - off); |
256 |
++ |
257 |
++ vaddr = kmap_atomic(page); |
258 |
++ memcpy(buf + bytes_read, vaddr + off, bytes_to_read); |
259 |
++ kunmap_atomic(vaddr); |
260 |
++ |
261 |
++ pagenum++; |
262 |
++ off = 0; /* page offset only applies to the first page */ |
263 |
++ } |
264 |
+ } |
265 |
+ |
266 |
+ u16 hfs_bnode_read_u16(struct hfs_bnode *node, int off) |
267 |
+diff --git a/fs/hfs/btree.h b/fs/hfs/btree.h |
268 |
+index dcc2aab1b2c43..25ac9a8bb57a7 100644 |
269 |
+--- a/fs/hfs/btree.h |
270 |
++++ b/fs/hfs/btree.h |
271 |
+@@ -13,6 +13,13 @@ typedef int (*btree_keycmp)(const btree_key *, const btree_key *); |
272 |
+ |
273 |
+ #define NODE_HASH_SIZE 256 |
274 |
+ |
275 |
++/* B-tree mutex nested subclasses */ |
276 |
++enum hfs_btree_mutex_classes { |
277 |
++ CATALOG_BTREE_MUTEX, |
278 |
++ EXTENTS_BTREE_MUTEX, |
279 |
++ ATTR_BTREE_MUTEX, |
280 |
++}; |
281 |
++ |
282 |
+ /* A HFS BTree held in memory */ |
283 |
+ struct hfs_btree { |
284 |
+ struct super_block *sb; |
285 |
+diff --git a/fs/hfs/super.c b/fs/hfs/super.c |
286 |
+index 173876782f73f..77b6f35a4aa93 100644 |
287 |
+--- a/fs/hfs/super.c |
288 |
++++ b/fs/hfs/super.c |
289 |
+@@ -427,14 +427,12 @@ static int hfs_fill_super(struct super_block *sb, void *data, int silent) |
290 |
+ if (!res) { |
291 |
+ if (fd.entrylength > sizeof(rec) || fd.entrylength < 0) { |
292 |
+ res = -EIO; |
293 |
+- goto bail; |
294 |
++ goto bail_hfs_find; |
295 |
+ } |
296 |
+ hfs_bnode_read(fd.bnode, &rec, fd.entryoffset, fd.entrylength); |
297 |
+ } |
298 |
+- if (res) { |
299 |
+- hfs_find_exit(&fd); |
300 |
+- goto bail_no_root; |
301 |
+- } |
302 |
++ if (res) |
303 |
++ goto bail_hfs_find; |
304 |
+ res = -EINVAL; |
305 |
+ root_inode = hfs_iget(sb, &fd.search_key->cat, &rec); |
306 |
+ hfs_find_exit(&fd); |
307 |
+@@ -450,6 +448,8 @@ static int hfs_fill_super(struct super_block *sb, void *data, int silent) |
308 |
+ /* everything's okay */ |
309 |
+ return 0; |
310 |
+ |
311 |
++bail_hfs_find: |
312 |
++ hfs_find_exit(&fd); |
313 |
+ bail_no_root: |
314 |
+ pr_err("get root inode failed\n"); |
315 |
+ bail: |
316 |
+diff --git a/include/net/af_unix.h b/include/net/af_unix.h |
317 |
+index a5ba41b3b8673..7ec1cdb66be8d 100644 |
318 |
+--- a/include/net/af_unix.h |
319 |
++++ b/include/net/af_unix.h |
320 |
+@@ -10,6 +10,7 @@ |
321 |
+ |
322 |
+ void unix_inflight(struct user_struct *user, struct file *fp); |
323 |
+ void unix_notinflight(struct user_struct *user, struct file *fp); |
324 |
++void unix_destruct_scm(struct sk_buff *skb); |
325 |
+ void unix_gc(void); |
326 |
+ void wait_for_unix_gc(void); |
327 |
+ struct sock *unix_get_socket(struct file *filp); |
328 |
+diff --git a/include/net/busy_poll.h b/include/net/busy_poll.h |
329 |
+index cf8f792743ec2..c76a5e9894dac 100644 |
330 |
+--- a/include/net/busy_poll.h |
331 |
++++ b/include/net/busy_poll.h |
332 |
+@@ -48,7 +48,7 @@ static inline bool net_busy_loop_on(void) |
333 |
+ |
334 |
+ static inline bool sk_can_busy_loop(const struct sock *sk) |
335 |
+ { |
336 |
+- return sk->sk_ll_usec && !signal_pending(current); |
337 |
++ return READ_ONCE(sk->sk_ll_usec) && !signal_pending(current); |
338 |
+ } |
339 |
+ |
340 |
+ bool sk_busy_loop_end(void *p, unsigned long start_time); |
341 |
+diff --git a/include/net/sctp/constants.h b/include/net/sctp/constants.h |
342 |
+index 48d74674d5e95..bc22e44ffcdf7 100644 |
343 |
+--- a/include/net/sctp/constants.h |
344 |
++++ b/include/net/sctp/constants.h |
345 |
+@@ -348,8 +348,7 @@ enum { |
346 |
+ #define SCTP_SCOPE_POLICY_MAX SCTP_SCOPE_POLICY_LINK |
347 |
+ |
348 |
+ /* Based on IPv4 scoping <draft-stewart-tsvwg-sctp-ipv4-00.txt>, |
349 |
+- * SCTP IPv4 unusable addresses: 0.0.0.0/8, 224.0.0.0/4, 198.18.0.0/24, |
350 |
+- * 192.88.99.0/24. |
351 |
++ * SCTP IPv4 unusable addresses: 0.0.0.0/8, 224.0.0.0/4, 192.88.99.0/24. |
352 |
+ * Also, RFC 8.4, non-unicast addresses are not considered valid SCTP |
353 |
+ * addresses. |
354 |
+ */ |
355 |
+@@ -357,7 +356,6 @@ enum { |
356 |
+ ((htonl(INADDR_BROADCAST) == a) || \ |
357 |
+ ipv4_is_multicast(a) || \ |
358 |
+ ipv4_is_zeronet(a) || \ |
359 |
+- ipv4_is_test_198(a) || \ |
360 |
+ ipv4_is_anycast_6to4(a)) |
361 |
+ |
362 |
+ /* Flags used for the bind address copy functions. */ |
363 |
+diff --git a/kernel/workqueue.c b/kernel/workqueue.c |
364 |
+index f278e2f584fd2..1573d1bf63007 100644 |
365 |
+--- a/kernel/workqueue.c |
366 |
++++ b/kernel/workqueue.c |
367 |
+@@ -3498,15 +3498,21 @@ static void pwq_unbound_release_workfn(struct work_struct *work) |
368 |
+ unbound_release_work); |
369 |
+ struct workqueue_struct *wq = pwq->wq; |
370 |
+ struct worker_pool *pool = pwq->pool; |
371 |
+- bool is_last; |
372 |
++ bool is_last = false; |
373 |
+ |
374 |
+- if (WARN_ON_ONCE(!(wq->flags & WQ_UNBOUND))) |
375 |
+- return; |
376 |
++ /* |
377 |
++ * when @pwq is not linked, it doesn't hold any reference to the |
378 |
++ * @wq, and @wq is invalid to access. |
379 |
++ */ |
380 |
++ if (!list_empty(&pwq->pwqs_node)) { |
381 |
++ if (WARN_ON_ONCE(!(wq->flags & WQ_UNBOUND))) |
382 |
++ return; |
383 |
+ |
384 |
+- mutex_lock(&wq->mutex); |
385 |
+- list_del_rcu(&pwq->pwqs_node); |
386 |
+- is_last = list_empty(&wq->pwqs); |
387 |
+- mutex_unlock(&wq->mutex); |
388 |
++ mutex_lock(&wq->mutex); |
389 |
++ list_del_rcu(&pwq->pwqs_node); |
390 |
++ is_last = list_empty(&wq->pwqs); |
391 |
++ mutex_unlock(&wq->mutex); |
392 |
++ } |
393 |
+ |
394 |
+ mutex_lock(&wq_pool_mutex); |
395 |
+ put_unbound_pool(pool); |
396 |
+diff --git a/net/802/garp.c b/net/802/garp.c |
397 |
+index 7f50d47470bd4..8e19f51833d6f 100644 |
398 |
+--- a/net/802/garp.c |
399 |
++++ b/net/802/garp.c |
400 |
+@@ -206,6 +206,19 @@ static void garp_attr_destroy(struct garp_applicant *app, struct garp_attr *attr |
401 |
+ kfree(attr); |
402 |
+ } |
403 |
+ |
404 |
++static void garp_attr_destroy_all(struct garp_applicant *app) |
405 |
++{ |
406 |
++ struct rb_node *node, *next; |
407 |
++ struct garp_attr *attr; |
408 |
++ |
409 |
++ for (node = rb_first(&app->gid); |
410 |
++ next = node ? rb_next(node) : NULL, node != NULL; |
411 |
++ node = next) { |
412 |
++ attr = rb_entry(node, struct garp_attr, node); |
413 |
++ garp_attr_destroy(app, attr); |
414 |
++ } |
415 |
++} |
416 |
++ |
417 |
+ static int garp_pdu_init(struct garp_applicant *app) |
418 |
+ { |
419 |
+ struct sk_buff *skb; |
420 |
+@@ -612,6 +625,7 @@ void garp_uninit_applicant(struct net_device *dev, struct garp_application *appl |
421 |
+ |
422 |
+ spin_lock_bh(&app->lock); |
423 |
+ garp_gid_event(app, GARP_EVENT_TRANSMIT_PDU); |
424 |
++ garp_attr_destroy_all(app); |
425 |
+ garp_pdu_queue(app); |
426 |
+ spin_unlock_bh(&app->lock); |
427 |
+ |
428 |
+diff --git a/net/802/mrp.c b/net/802/mrp.c |
429 |
+index a808dd5bbb27a..32f87d458f054 100644 |
430 |
+--- a/net/802/mrp.c |
431 |
++++ b/net/802/mrp.c |
432 |
+@@ -295,6 +295,19 @@ static void mrp_attr_destroy(struct mrp_applicant *app, struct mrp_attr *attr) |
433 |
+ kfree(attr); |
434 |
+ } |
435 |
+ |
436 |
++static void mrp_attr_destroy_all(struct mrp_applicant *app) |
437 |
++{ |
438 |
++ struct rb_node *node, *next; |
439 |
++ struct mrp_attr *attr; |
440 |
++ |
441 |
++ for (node = rb_first(&app->mad); |
442 |
++ next = node ? rb_next(node) : NULL, node != NULL; |
443 |
++ node = next) { |
444 |
++ attr = rb_entry(node, struct mrp_attr, node); |
445 |
++ mrp_attr_destroy(app, attr); |
446 |
++ } |
447 |
++} |
448 |
++ |
449 |
+ static int mrp_pdu_init(struct mrp_applicant *app) |
450 |
+ { |
451 |
+ struct sk_buff *skb; |
452 |
+@@ -898,6 +911,7 @@ void mrp_uninit_applicant(struct net_device *dev, struct mrp_application *appl) |
453 |
+ |
454 |
+ spin_lock_bh(&app->lock); |
455 |
+ mrp_mad_event(app, MRP_EVENT_TX); |
456 |
++ mrp_attr_destroy_all(app); |
457 |
+ mrp_pdu_queue(app); |
458 |
+ spin_unlock_bh(&app->lock); |
459 |
+ |
460 |
+diff --git a/net/Makefile b/net/Makefile |
461 |
+index bdaf53925acd5..449fc0b221f83 100644 |
462 |
+--- a/net/Makefile |
463 |
++++ b/net/Makefile |
464 |
+@@ -18,7 +18,7 @@ obj-$(CONFIG_NETFILTER) += netfilter/ |
465 |
+ obj-$(CONFIG_INET) += ipv4/ |
466 |
+ obj-$(CONFIG_TLS) += tls/ |
467 |
+ obj-$(CONFIG_XFRM) += xfrm/ |
468 |
+-obj-$(CONFIG_UNIX) += unix/ |
469 |
++obj-$(CONFIG_UNIX_SCM) += unix/ |
470 |
+ obj-$(CONFIG_NET) += ipv6/ |
471 |
+ obj-$(CONFIG_BPFILTER) += bpfilter/ |
472 |
+ obj-$(CONFIG_PACKET) += packet/ |
473 |
+diff --git a/net/core/sock.c b/net/core/sock.c |
474 |
+index e6cbe137cb6fc..956af38aa0d6e 100644 |
475 |
+--- a/net/core/sock.c |
476 |
++++ b/net/core/sock.c |
477 |
+@@ -989,7 +989,7 @@ set_rcvbuf: |
478 |
+ if (val < 0) |
479 |
+ ret = -EINVAL; |
480 |
+ else |
481 |
+- sk->sk_ll_usec = val; |
482 |
++ WRITE_ONCE(sk->sk_ll_usec, val); |
483 |
+ } |
484 |
+ break; |
485 |
+ #endif |
486 |
+diff --git a/net/sctp/protocol.c b/net/sctp/protocol.c |
487 |
+index dd51256582556..7207a9769f1a9 100644 |
488 |
+--- a/net/sctp/protocol.c |
489 |
++++ b/net/sctp/protocol.c |
490 |
+@@ -412,7 +412,8 @@ static enum sctp_scope sctp_v4_scope(union sctp_addr *addr) |
491 |
+ retval = SCTP_SCOPE_LINK; |
492 |
+ } else if (ipv4_is_private_10(addr->v4.sin_addr.s_addr) || |
493 |
+ ipv4_is_private_172(addr->v4.sin_addr.s_addr) || |
494 |
+- ipv4_is_private_192(addr->v4.sin_addr.s_addr)) { |
495 |
++ ipv4_is_private_192(addr->v4.sin_addr.s_addr) || |
496 |
++ ipv4_is_test_198(addr->v4.sin_addr.s_addr)) { |
497 |
+ retval = SCTP_SCOPE_PRIVATE; |
498 |
+ } else { |
499 |
+ retval = SCTP_SCOPE_GLOBAL; |
500 |
+diff --git a/net/unix/Kconfig b/net/unix/Kconfig |
501 |
+index 8b31ab85d050f..3b9e450656a4d 100644 |
502 |
+--- a/net/unix/Kconfig |
503 |
++++ b/net/unix/Kconfig |
504 |
+@@ -19,6 +19,11 @@ config UNIX |
505 |
+ |
506 |
+ Say Y unless you know what you are doing. |
507 |
+ |
508 |
++config UNIX_SCM |
509 |
++ bool |
510 |
++ depends on UNIX |
511 |
++ default y |
512 |
++ |
513 |
+ config UNIX_DIAG |
514 |
+ tristate "UNIX: socket monitoring interface" |
515 |
+ depends on UNIX |
516 |
+diff --git a/net/unix/Makefile b/net/unix/Makefile |
517 |
+index ffd0a275c3a79..54e58cc4f9450 100644 |
518 |
+--- a/net/unix/Makefile |
519 |
++++ b/net/unix/Makefile |
520 |
+@@ -10,3 +10,5 @@ unix-$(CONFIG_SYSCTL) += sysctl_net_unix.o |
521 |
+ |
522 |
+ obj-$(CONFIG_UNIX_DIAG) += unix_diag.o |
523 |
+ unix_diag-y := diag.o |
524 |
++ |
525 |
++obj-$(CONFIG_UNIX_SCM) += scm.o |
526 |
+diff --git a/net/unix/af_unix.c b/net/unix/af_unix.c |
527 |
+index 53fe5ada5a83a..98c253afa0db2 100644 |
528 |
+--- a/net/unix/af_unix.c |
529 |
++++ b/net/unix/af_unix.c |
530 |
+@@ -119,6 +119,8 @@ |
531 |
+ #include <linux/freezer.h> |
532 |
+ #include <linux/file.h> |
533 |
+ |
534 |
++#include "scm.h" |
535 |
++ |
536 |
+ struct hlist_head unix_socket_table[2 * UNIX_HASH_SIZE]; |
537 |
+ EXPORT_SYMBOL_GPL(unix_socket_table); |
538 |
+ DEFINE_SPINLOCK(unix_table_lock); |
539 |
+@@ -1515,65 +1517,51 @@ out: |
540 |
+ return err; |
541 |
+ } |
542 |
+ |
543 |
+-static void unix_detach_fds(struct scm_cookie *scm, struct sk_buff *skb) |
544 |
+-{ |
545 |
+- int i; |
546 |
+- |
547 |
+- scm->fp = UNIXCB(skb).fp; |
548 |
+- UNIXCB(skb).fp = NULL; |
549 |
+- |
550 |
+- for (i = scm->fp->count-1; i >= 0; i--) |
551 |
+- unix_notinflight(scm->fp->user, scm->fp->fp[i]); |
552 |
+-} |
553 |
+- |
554 |
+-static void unix_destruct_scm(struct sk_buff *skb) |
555 |
+-{ |
556 |
+- struct scm_cookie scm; |
557 |
+- memset(&scm, 0, sizeof(scm)); |
558 |
+- scm.pid = UNIXCB(skb).pid; |
559 |
+- if (UNIXCB(skb).fp) |
560 |
+- unix_detach_fds(&scm, skb); |
561 |
+- |
562 |
+- /* Alas, it calls VFS */ |
563 |
+- /* So fscking what? fput() had been SMP-safe since the last Summer */ |
564 |
+- scm_destroy(&scm); |
565 |
+- sock_wfree(skb); |
566 |
+-} |
567 |
+- |
568 |
+-/* |
569 |
+- * The "user->unix_inflight" variable is protected by the garbage |
570 |
+- * collection lock, and we just read it locklessly here. If you go |
571 |
+- * over the limit, there might be a tiny race in actually noticing |
572 |
+- * it across threads. Tough. |
573 |
+- */ |
574 |
+-static inline bool too_many_unix_fds(struct task_struct *p) |
575 |
+-{ |
576 |
+- struct user_struct *user = current_user(); |
577 |
+- |
578 |
+- if (unlikely(user->unix_inflight > task_rlimit(p, RLIMIT_NOFILE))) |
579 |
+- return !capable(CAP_SYS_RESOURCE) && !capable(CAP_SYS_ADMIN); |
580 |
+- return false; |
581 |
+-} |
582 |
+- |
583 |
+-static int unix_attach_fds(struct scm_cookie *scm, struct sk_buff *skb) |
584 |
++static void unix_peek_fds(struct scm_cookie *scm, struct sk_buff *skb) |
585 |
+ { |
586 |
+- int i; |
587 |
+- |
588 |
+- if (too_many_unix_fds(current)) |
589 |
+- return -ETOOMANYREFS; |
590 |
++ scm->fp = scm_fp_dup(UNIXCB(skb).fp); |
591 |
+ |
592 |
+ /* |
593 |
+- * Need to duplicate file references for the sake of garbage |
594 |
+- * collection. Otherwise a socket in the fps might become a |
595 |
+- * candidate for GC while the skb is not yet queued. |
596 |
++ * Garbage collection of unix sockets starts by selecting a set of |
597 |
++ * candidate sockets which have reference only from being in flight |
598 |
++ * (total_refs == inflight_refs). This condition is checked once during |
599 |
++ * the candidate collection phase, and candidates are marked as such, so |
600 |
++ * that non-candidates can later be ignored. While inflight_refs is |
601 |
++ * protected by unix_gc_lock, total_refs (file count) is not, hence this |
602 |
++ * is an instantaneous decision. |
603 |
++ * |
604 |
++ * Once a candidate, however, the socket must not be reinstalled into a |
605 |
++ * file descriptor while the garbage collection is in progress. |
606 |
++ * |
607 |
++ * If the above conditions are met, then the directed graph of |
608 |
++ * candidates (*) does not change while unix_gc_lock is held. |
609 |
++ * |
610 |
++ * Any operations that changes the file count through file descriptors |
611 |
++ * (dup, close, sendmsg) does not change the graph since candidates are |
612 |
++ * not installed in fds. |
613 |
++ * |
614 |
++ * Dequeing a candidate via recvmsg would install it into an fd, but |
615 |
++ * that takes unix_gc_lock to decrement the inflight count, so it's |
616 |
++ * serialized with garbage collection. |
617 |
++ * |
618 |
++ * MSG_PEEK is special in that it does not change the inflight count, |
619 |
++ * yet does install the socket into an fd. The following lock/unlock |
620 |
++ * pair is to ensure serialization with garbage collection. It must be |
621 |
++ * done between incrementing the file count and installing the file into |
622 |
++ * an fd. |
623 |
++ * |
624 |
++ * If garbage collection starts after the barrier provided by the |
625 |
++ * lock/unlock, then it will see the elevated refcount and not mark this |
626 |
++ * as a candidate. If a garbage collection is already in progress |
627 |
++ * before the file count was incremented, then the lock/unlock pair will |
628 |
++ * ensure that garbage collection is finished before progressing to |
629 |
++ * installing the fd. |
630 |
++ * |
631 |
++ * (*) A -> B where B is on the queue of A or B is on the queue of C |
632 |
++ * which is on the queue of listening socket A. |
633 |
+ */ |
634 |
+- UNIXCB(skb).fp = scm_fp_dup(scm->fp); |
635 |
+- if (!UNIXCB(skb).fp) |
636 |
+- return -ENOMEM; |
637 |
+- |
638 |
+- for (i = scm->fp->count - 1; i >= 0; i--) |
639 |
+- unix_inflight(scm->fp->user, scm->fp->fp[i]); |
640 |
+- return 0; |
641 |
++ spin_lock(&unix_gc_lock); |
642 |
++ spin_unlock(&unix_gc_lock); |
643 |
+ } |
644 |
+ |
645 |
+ static int unix_scm_to_skb(struct scm_cookie *scm, struct sk_buff *skb, bool send_fds) |
646 |
+@@ -2201,7 +2189,7 @@ static int unix_dgram_recvmsg(struct socket *sock, struct msghdr *msg, |
647 |
+ sk_peek_offset_fwd(sk, size); |
648 |
+ |
649 |
+ if (UNIXCB(skb).fp) |
650 |
+- scm.fp = scm_fp_dup(UNIXCB(skb).fp); |
651 |
++ unix_peek_fds(&scm, skb); |
652 |
+ } |
653 |
+ err = (flags & MSG_TRUNC) ? skb->len - skip : size; |
654 |
+ |
655 |
+@@ -2442,7 +2430,7 @@ unlock: |
656 |
+ /* It is questionable, see note in unix_dgram_recvmsg. |
657 |
+ */ |
658 |
+ if (UNIXCB(skb).fp) |
659 |
+- scm.fp = scm_fp_dup(UNIXCB(skb).fp); |
660 |
++ unix_peek_fds(&scm, skb); |
661 |
+ |
662 |
+ sk_peek_offset_fwd(sk, chunk); |
663 |
+ |
664 |
+diff --git a/net/unix/garbage.c b/net/unix/garbage.c |
665 |
+index c36757e728442..8bbe1b8e4ff7f 100644 |
666 |
+--- a/net/unix/garbage.c |
667 |
++++ b/net/unix/garbage.c |
668 |
+@@ -86,77 +86,13 @@ |
669 |
+ #include <net/scm.h> |
670 |
+ #include <net/tcp_states.h> |
671 |
+ |
672 |
++#include "scm.h" |
673 |
++ |
674 |
+ /* Internal data structures and random procedures: */ |
675 |
+ |
676 |
+-static LIST_HEAD(gc_inflight_list); |
677 |
+ static LIST_HEAD(gc_candidates); |
678 |
+-static DEFINE_SPINLOCK(unix_gc_lock); |
679 |
+ static DECLARE_WAIT_QUEUE_HEAD(unix_gc_wait); |
680 |
+ |
681 |
+-unsigned int unix_tot_inflight; |
682 |
+- |
683 |
+-struct sock *unix_get_socket(struct file *filp) |
684 |
+-{ |
685 |
+- struct sock *u_sock = NULL; |
686 |
+- struct inode *inode = file_inode(filp); |
687 |
+- |
688 |
+- /* Socket ? */ |
689 |
+- if (S_ISSOCK(inode->i_mode) && !(filp->f_mode & FMODE_PATH)) { |
690 |
+- struct socket *sock = SOCKET_I(inode); |
691 |
+- struct sock *s = sock->sk; |
692 |
+- |
693 |
+- /* PF_UNIX ? */ |
694 |
+- if (s && sock->ops && sock->ops->family == PF_UNIX) |
695 |
+- u_sock = s; |
696 |
+- } |
697 |
+- return u_sock; |
698 |
+-} |
699 |
+- |
700 |
+-/* Keep the number of times in flight count for the file |
701 |
+- * descriptor if it is for an AF_UNIX socket. |
702 |
+- */ |
703 |
+- |
704 |
+-void unix_inflight(struct user_struct *user, struct file *fp) |
705 |
+-{ |
706 |
+- struct sock *s = unix_get_socket(fp); |
707 |
+- |
708 |
+- spin_lock(&unix_gc_lock); |
709 |
+- |
710 |
+- if (s) { |
711 |
+- struct unix_sock *u = unix_sk(s); |
712 |
+- |
713 |
+- if (atomic_long_inc_return(&u->inflight) == 1) { |
714 |
+- BUG_ON(!list_empty(&u->link)); |
715 |
+- list_add_tail(&u->link, &gc_inflight_list); |
716 |
+- } else { |
717 |
+- BUG_ON(list_empty(&u->link)); |
718 |
+- } |
719 |
+- unix_tot_inflight++; |
720 |
+- } |
721 |
+- user->unix_inflight++; |
722 |
+- spin_unlock(&unix_gc_lock); |
723 |
+-} |
724 |
+- |
725 |
+-void unix_notinflight(struct user_struct *user, struct file *fp) |
726 |
+-{ |
727 |
+- struct sock *s = unix_get_socket(fp); |
728 |
+- |
729 |
+- spin_lock(&unix_gc_lock); |
730 |
+- |
731 |
+- if (s) { |
732 |
+- struct unix_sock *u = unix_sk(s); |
733 |
+- |
734 |
+- BUG_ON(!atomic_long_read(&u->inflight)); |
735 |
+- BUG_ON(list_empty(&u->link)); |
736 |
+- |
737 |
+- if (atomic_long_dec_and_test(&u->inflight)) |
738 |
+- list_del_init(&u->link); |
739 |
+- unix_tot_inflight--; |
740 |
+- } |
741 |
+- user->unix_inflight--; |
742 |
+- spin_unlock(&unix_gc_lock); |
743 |
+-} |
744 |
+- |
745 |
+ static void scan_inflight(struct sock *x, void (*func)(struct unix_sock *), |
746 |
+ struct sk_buff_head *hitlist) |
747 |
+ { |
748 |
+diff --git a/net/unix/scm.c b/net/unix/scm.c |
749 |
+new file mode 100644 |
750 |
+index 0000000000000..83413ade79838 |
751 |
+--- /dev/null |
752 |
++++ b/net/unix/scm.c |
753 |
+@@ -0,0 +1,148 @@ |
754 |
++// SPDX-License-Identifier: GPL-2.0 |
755 |
++#include <linux/module.h> |
756 |
++#include <linux/kernel.h> |
757 |
++#include <linux/string.h> |
758 |
++#include <linux/socket.h> |
759 |
++#include <linux/net.h> |
760 |
++#include <linux/fs.h> |
761 |
++#include <net/af_unix.h> |
762 |
++#include <net/scm.h> |
763 |
++#include <linux/init.h> |
764 |
++ |
765 |
++#include "scm.h" |
766 |
++ |
767 |
++unsigned int unix_tot_inflight; |
768 |
++EXPORT_SYMBOL(unix_tot_inflight); |
769 |
++ |
770 |
++LIST_HEAD(gc_inflight_list); |
771 |
++EXPORT_SYMBOL(gc_inflight_list); |
772 |
++ |
773 |
++DEFINE_SPINLOCK(unix_gc_lock); |
774 |
++EXPORT_SYMBOL(unix_gc_lock); |
775 |
++ |
776 |
++struct sock *unix_get_socket(struct file *filp) |
777 |
++{ |
778 |
++ struct sock *u_sock = NULL; |
779 |
++ struct inode *inode = file_inode(filp); |
780 |
++ |
781 |
++ /* Socket ? */ |
782 |
++ if (S_ISSOCK(inode->i_mode) && !(filp->f_mode & FMODE_PATH)) { |
783 |
++ struct socket *sock = SOCKET_I(inode); |
784 |
++ struct sock *s = sock->sk; |
785 |
++ |
786 |
++ /* PF_UNIX ? */ |
787 |
++ if (s && sock->ops && sock->ops->family == PF_UNIX) |
788 |
++ u_sock = s; |
789 |
++ } |
790 |
++ return u_sock; |
791 |
++} |
792 |
++EXPORT_SYMBOL(unix_get_socket); |
793 |
++ |
794 |
++/* Keep the number of times in flight count for the file |
795 |
++ * descriptor if it is for an AF_UNIX socket. |
796 |
++ */ |
797 |
++void unix_inflight(struct user_struct *user, struct file *fp) |
798 |
++{ |
799 |
++ struct sock *s = unix_get_socket(fp); |
800 |
++ |
801 |
++ spin_lock(&unix_gc_lock); |
802 |
++ |
803 |
++ if (s) { |
804 |
++ struct unix_sock *u = unix_sk(s); |
805 |
++ |
806 |
++ if (atomic_long_inc_return(&u->inflight) == 1) { |
807 |
++ BUG_ON(!list_empty(&u->link)); |
808 |
++ list_add_tail(&u->link, &gc_inflight_list); |
809 |
++ } else { |
810 |
++ BUG_ON(list_empty(&u->link)); |
811 |
++ } |
812 |
++ unix_tot_inflight++; |
813 |
++ } |
814 |
++ user->unix_inflight++; |
815 |
++ spin_unlock(&unix_gc_lock); |
816 |
++} |
817 |
++ |
818 |
++void unix_notinflight(struct user_struct *user, struct file *fp) |
819 |
++{ |
820 |
++ struct sock *s = unix_get_socket(fp); |
821 |
++ |
822 |
++ spin_lock(&unix_gc_lock); |
823 |
++ |
824 |
++ if (s) { |
825 |
++ struct unix_sock *u = unix_sk(s); |
826 |
++ |
827 |
++ BUG_ON(!atomic_long_read(&u->inflight)); |
828 |
++ BUG_ON(list_empty(&u->link)); |
829 |
++ |
830 |
++ if (atomic_long_dec_and_test(&u->inflight)) |
831 |
++ list_del_init(&u->link); |
832 |
++ unix_tot_inflight--; |
833 |
++ } |
834 |
++ user->unix_inflight--; |
835 |
++ spin_unlock(&unix_gc_lock); |
836 |
++} |
837 |
++ |
838 |
++/* |
839 |
++ * The "user->unix_inflight" variable is protected by the garbage |
840 |
++ * collection lock, and we just read it locklessly here. If you go |
841 |
++ * over the limit, there might be a tiny race in actually noticing |
842 |
++ * it across threads. Tough. |
843 |
++ */ |
844 |
++static inline bool too_many_unix_fds(struct task_struct *p) |
845 |
++{ |
846 |
++ struct user_struct *user = current_user(); |
847 |
++ |
848 |
++ if (unlikely(user->unix_inflight > task_rlimit(p, RLIMIT_NOFILE))) |
849 |
++ return !capable(CAP_SYS_RESOURCE) && !capable(CAP_SYS_ADMIN); |
850 |
++ return false; |
851 |
++} |
852 |
++ |
853 |
++int unix_attach_fds(struct scm_cookie *scm, struct sk_buff *skb) |
854 |
++{ |
855 |
++ int i; |
856 |
++ |
857 |
++ if (too_many_unix_fds(current)) |
858 |
++ return -ETOOMANYREFS; |
859 |
++ |
860 |
++ /* |
861 |
++ * Need to duplicate file references for the sake of garbage |
862 |
++ * collection. Otherwise a socket in the fps might become a |
863 |
++ * candidate for GC while the skb is not yet queued. |
864 |
++ */ |
865 |
++ UNIXCB(skb).fp = scm_fp_dup(scm->fp); |
866 |
++ if (!UNIXCB(skb).fp) |
867 |
++ return -ENOMEM; |
868 |
++ |
869 |
++ for (i = scm->fp->count - 1; i >= 0; i--) |
870 |
++ unix_inflight(scm->fp->user, scm->fp->fp[i]); |
871 |
++ return 0; |
872 |
++} |
873 |
++EXPORT_SYMBOL(unix_attach_fds); |
874 |
++ |
875 |
++void unix_detach_fds(struct scm_cookie *scm, struct sk_buff *skb) |
876 |
++{ |
877 |
++ int i; |
878 |
++ |
879 |
++ scm->fp = UNIXCB(skb).fp; |
880 |
++ UNIXCB(skb).fp = NULL; |
881 |
++ |
882 |
++ for (i = scm->fp->count-1; i >= 0; i--) |
883 |
++ unix_notinflight(scm->fp->user, scm->fp->fp[i]); |
884 |
++} |
885 |
++EXPORT_SYMBOL(unix_detach_fds); |
886 |
++ |
887 |
++void unix_destruct_scm(struct sk_buff *skb) |
888 |
++{ |
889 |
++ struct scm_cookie scm; |
890 |
++ |
891 |
++ memset(&scm, 0, sizeof(scm)); |
892 |
++ scm.pid = UNIXCB(skb).pid; |
893 |
++ if (UNIXCB(skb).fp) |
894 |
++ unix_detach_fds(&scm, skb); |
895 |
++ |
896 |
++ /* Alas, it calls VFS */ |
897 |
++ /* So fscking what? fput() had been SMP-safe since the last Summer */ |
898 |
++ scm_destroy(&scm); |
899 |
++ sock_wfree(skb); |
900 |
++} |
901 |
++EXPORT_SYMBOL(unix_destruct_scm); |
902 |
+diff --git a/net/unix/scm.h b/net/unix/scm.h |
903 |
+new file mode 100644 |
904 |
+index 0000000000000..5a255a477f160 |
905 |
+--- /dev/null |
906 |
++++ b/net/unix/scm.h |
907 |
+@@ -0,0 +1,10 @@ |
908 |
++#ifndef NET_UNIX_SCM_H |
909 |
++#define NET_UNIX_SCM_H |
910 |
++ |
911 |
++extern struct list_head gc_inflight_list; |
912 |
++extern spinlock_t unix_gc_lock; |
913 |
++ |
914 |
++int unix_attach_fds(struct scm_cookie *scm, struct sk_buff *skb); |
915 |
++void unix_detach_fds(struct scm_cookie *scm, struct sk_buff *skb); |
916 |
++ |
917 |
++#endif |
918 |
+diff --git a/tools/testing/selftests/vm/userfaultfd.c b/tools/testing/selftests/vm/userfaultfd.c |
919 |
+index 16d42b2de424e..1963440f67251 100644 |
920 |
+--- a/tools/testing/selftests/vm/userfaultfd.c |
921 |
++++ b/tools/testing/selftests/vm/userfaultfd.c |
922 |
+@@ -131,7 +131,7 @@ static void anon_allocate_area(void **alloc_area) |
923 |
+ { |
924 |
+ *alloc_area = mmap(NULL, nr_pages * page_size, PROT_READ | PROT_WRITE, |
925 |
+ MAP_ANONYMOUS | MAP_PRIVATE, -1, 0); |
926 |
+- if (*alloc_area == MAP_FAILED) |
927 |
++ if (*alloc_area == MAP_FAILED) { |
928 |
+ fprintf(stderr, "mmap of anonymous memory failed"); |
929 |
+ *alloc_area = NULL; |
930 |
+ } |