| 1 |
commit: 980f3d981da6d8a142740ba34507ce505a337d56 |
| 2 |
Author: Mike Pagano <mpagano <AT> gentoo <DOT> org> |
| 3 |
AuthorDate: Mon May 8 10:43:26 2017 +0000 |
| 4 |
Commit: Mike Pagano <mpagano <AT> gentoo <DOT> org> |
| 5 |
CommitDate: Mon May 8 10:43:26 2017 +0000 |
| 6 |
URL: https://gitweb.gentoo.org/proj/linux-patches.git/commit/?id=980f3d98 |
| 7 |
|
| 8 |
Linux patch 4.9.27 |
| 9 |
|
| 10 |
0000_README | 4 + |
| 11 |
1026_linux-4.9.27.patch | 904 ++++++++++++++++++++++++++++++++++++++++++++++++ |
| 12 |
2 files changed, 908 insertions(+) |
| 13 |
|
| 14 |
diff --git a/0000_README b/0000_README |
| 15 |
index 64923fd..cc0a9c7 100644 |
| 16 |
--- a/0000_README |
| 17 |
+++ b/0000_README |
| 18 |
@@ -147,6 +147,10 @@ Patch: 1025_linux-4.9.26.patch |
| 19 |
From: http://www.kernel.org |
| 20 |
Desc: Linux 4.9.26 |
| 21 |
|
| 22 |
+Patch: 1026_linux-4.9.27.patch |
| 23 |
+From: http://www.kernel.org |
| 24 |
+Desc: Linux 4.9.27 |
| 25 |
+ |
| 26 |
Patch: 1500_XATTR_USER_PREFIX.patch |
| 27 |
From: https://bugs.gentoo.org/show_bug.cgi?id=470644 |
| 28 |
Desc: Support for namespace user.pax.* on tmpfs. |
| 29 |
|
| 30 |
diff --git a/1026_linux-4.9.27.patch b/1026_linux-4.9.27.patch |
| 31 |
new file mode 100644 |
| 32 |
index 0000000..8127b52 |
| 33 |
--- /dev/null |
| 34 |
+++ b/1026_linux-4.9.27.patch |
| 35 |
@@ -0,0 +1,904 @@ |
| 36 |
+diff --git a/Makefile b/Makefile |
| 37 |
+index c09679c1a70d..35d6b4e76264 100644 |
| 38 |
+--- a/Makefile |
| 39 |
++++ b/Makefile |
| 40 |
+@@ -1,6 +1,6 @@ |
| 41 |
+ VERSION = 4 |
| 42 |
+ PATCHLEVEL = 9 |
| 43 |
+-SUBLEVEL = 26 |
| 44 |
++SUBLEVEL = 27 |
| 45 |
+ EXTRAVERSION = |
| 46 |
+ NAME = Roaring Lionus |
| 47 |
+ |
| 48 |
+diff --git a/drivers/char/tpm/tpm-interface.c b/drivers/char/tpm/tpm-interface.c |
| 49 |
+index 3a9149cf0110..d0ac2d56520f 100644 |
| 50 |
+--- a/drivers/char/tpm/tpm-interface.c |
| 51 |
++++ b/drivers/char/tpm/tpm-interface.c |
| 52 |
+@@ -489,8 +489,7 @@ static int tpm_startup(struct tpm_chip *chip, __be16 startup_type) |
| 53 |
+ int tpm_get_timeouts(struct tpm_chip *chip) |
| 54 |
+ { |
| 55 |
+ struct tpm_cmd_t tpm_cmd; |
| 56 |
+- unsigned long new_timeout[4]; |
| 57 |
+- unsigned long old_timeout[4]; |
| 58 |
++ unsigned long timeout_old[4], timeout_chip[4], timeout_eff[4]; |
| 59 |
+ struct duration_t *duration_cap; |
| 60 |
+ ssize_t rc; |
| 61 |
+ |
| 62 |
+@@ -542,11 +541,15 @@ int tpm_get_timeouts(struct tpm_chip *chip) |
| 63 |
+ != sizeof(tpm_cmd.header.out) + sizeof(u32) + 4 * sizeof(u32)) |
| 64 |
+ return -EINVAL; |
| 65 |
+ |
| 66 |
+- old_timeout[0] = be32_to_cpu(tpm_cmd.params.getcap_out.cap.timeout.a); |
| 67 |
+- old_timeout[1] = be32_to_cpu(tpm_cmd.params.getcap_out.cap.timeout.b); |
| 68 |
+- old_timeout[2] = be32_to_cpu(tpm_cmd.params.getcap_out.cap.timeout.c); |
| 69 |
+- old_timeout[3] = be32_to_cpu(tpm_cmd.params.getcap_out.cap.timeout.d); |
| 70 |
+- memcpy(new_timeout, old_timeout, sizeof(new_timeout)); |
| 71 |
++ timeout_old[0] = jiffies_to_usecs(chip->timeout_a); |
| 72 |
++ timeout_old[1] = jiffies_to_usecs(chip->timeout_b); |
| 73 |
++ timeout_old[2] = jiffies_to_usecs(chip->timeout_c); |
| 74 |
++ timeout_old[3] = jiffies_to_usecs(chip->timeout_d); |
| 75 |
++ timeout_chip[0] = be32_to_cpu(tpm_cmd.params.getcap_out.cap.timeout.a); |
| 76 |
++ timeout_chip[1] = be32_to_cpu(tpm_cmd.params.getcap_out.cap.timeout.b); |
| 77 |
++ timeout_chip[2] = be32_to_cpu(tpm_cmd.params.getcap_out.cap.timeout.c); |
| 78 |
++ timeout_chip[3] = be32_to_cpu(tpm_cmd.params.getcap_out.cap.timeout.d); |
| 79 |
++ memcpy(timeout_eff, timeout_chip, sizeof(timeout_eff)); |
| 80 |
+ |
| 81 |
+ /* |
| 82 |
+ * Provide ability for vendor overrides of timeout values in case |
| 83 |
+@@ -554,16 +557,24 @@ int tpm_get_timeouts(struct tpm_chip *chip) |
| 84 |
+ */ |
| 85 |
+ if (chip->ops->update_timeouts != NULL) |
| 86 |
+ chip->timeout_adjusted = |
| 87 |
+- chip->ops->update_timeouts(chip, new_timeout); |
| 88 |
++ chip->ops->update_timeouts(chip, timeout_eff); |
| 89 |
+ |
| 90 |
+ if (!chip->timeout_adjusted) { |
| 91 |
+- /* Don't overwrite default if value is 0 */ |
| 92 |
+- if (new_timeout[0] != 0 && new_timeout[0] < 1000) { |
| 93 |
+- int i; |
| 94 |
++ /* Restore default if chip reported 0 */ |
| 95 |
++ int i; |
| 96 |
+ |
| 97 |
++ for (i = 0; i < ARRAY_SIZE(timeout_eff); i++) { |
| 98 |
++ if (timeout_eff[i]) |
| 99 |
++ continue; |
| 100 |
++ |
| 101 |
++ timeout_eff[i] = timeout_old[i]; |
| 102 |
++ chip->timeout_adjusted = true; |
| 103 |
++ } |
| 104 |
++ |
| 105 |
++ if (timeout_eff[0] != 0 && timeout_eff[0] < 1000) { |
| 106 |
+ /* timeouts in msec rather usec */ |
| 107 |
+- for (i = 0; i != ARRAY_SIZE(new_timeout); i++) |
| 108 |
+- new_timeout[i] *= 1000; |
| 109 |
++ for (i = 0; i != ARRAY_SIZE(timeout_eff); i++) |
| 110 |
++ timeout_eff[i] *= 1000; |
| 111 |
+ chip->timeout_adjusted = true; |
| 112 |
+ } |
| 113 |
+ } |
| 114 |
+@@ -572,16 +583,16 @@ int tpm_get_timeouts(struct tpm_chip *chip) |
| 115 |
+ if (chip->timeout_adjusted) { |
| 116 |
+ dev_info(&chip->dev, |
| 117 |
+ HW_ERR "Adjusting reported timeouts: A %lu->%luus B %lu->%luus C %lu->%luus D %lu->%luus\n", |
| 118 |
+- old_timeout[0], new_timeout[0], |
| 119 |
+- old_timeout[1], new_timeout[1], |
| 120 |
+- old_timeout[2], new_timeout[2], |
| 121 |
+- old_timeout[3], new_timeout[3]); |
| 122 |
++ timeout_chip[0], timeout_eff[0], |
| 123 |
++ timeout_chip[1], timeout_eff[1], |
| 124 |
++ timeout_chip[2], timeout_eff[2], |
| 125 |
++ timeout_chip[3], timeout_eff[3]); |
| 126 |
+ } |
| 127 |
+ |
| 128 |
+- chip->timeout_a = usecs_to_jiffies(new_timeout[0]); |
| 129 |
+- chip->timeout_b = usecs_to_jiffies(new_timeout[1]); |
| 130 |
+- chip->timeout_c = usecs_to_jiffies(new_timeout[2]); |
| 131 |
+- chip->timeout_d = usecs_to_jiffies(new_timeout[3]); |
| 132 |
++ chip->timeout_a = usecs_to_jiffies(timeout_eff[0]); |
| 133 |
++ chip->timeout_b = usecs_to_jiffies(timeout_eff[1]); |
| 134 |
++ chip->timeout_c = usecs_to_jiffies(timeout_eff[2]); |
| 135 |
++ chip->timeout_d = usecs_to_jiffies(timeout_eff[3]); |
| 136 |
+ |
| 137 |
+ duration: |
| 138 |
+ tpm_cmd.header.in = tpm_getcap_header; |
| 139 |
+diff --git a/drivers/hwmon/it87.c b/drivers/hwmon/it87.c |
| 140 |
+index 43146162c122..b99c1df48156 100644 |
| 141 |
+--- a/drivers/hwmon/it87.c |
| 142 |
++++ b/drivers/hwmon/it87.c |
| 143 |
+@@ -3115,7 +3115,7 @@ static int __init sm_it87_init(void) |
| 144 |
+ { |
| 145 |
+ int sioaddr[2] = { REG_2E, REG_4E }; |
| 146 |
+ struct it87_sio_data sio_data; |
| 147 |
+- unsigned short isa_address; |
| 148 |
++ unsigned short isa_address[2]; |
| 149 |
+ bool found = false; |
| 150 |
+ int i, err; |
| 151 |
+ |
| 152 |
+@@ -3125,15 +3125,29 @@ static int __init sm_it87_init(void) |
| 153 |
+ |
| 154 |
+ for (i = 0; i < ARRAY_SIZE(sioaddr); i++) { |
| 155 |
+ memset(&sio_data, 0, sizeof(struct it87_sio_data)); |
| 156 |
+- isa_address = 0; |
| 157 |
+- err = it87_find(sioaddr[i], &isa_address, &sio_data); |
| 158 |
+- if (err || isa_address == 0) |
| 159 |
++ isa_address[i] = 0; |
| 160 |
++ err = it87_find(sioaddr[i], &isa_address[i], &sio_data); |
| 161 |
++ if (err || isa_address[i] == 0) |
| 162 |
+ continue; |
| 163 |
++ /* |
| 164 |
++ * Don't register second chip if its ISA address matches |
| 165 |
++ * the first chip's ISA address. |
| 166 |
++ */ |
| 167 |
++ if (i && isa_address[i] == isa_address[0]) |
| 168 |
++ break; |
| 169 |
+ |
| 170 |
+- err = it87_device_add(i, isa_address, &sio_data); |
| 171 |
++ err = it87_device_add(i, isa_address[i], &sio_data); |
| 172 |
+ if (err) |
| 173 |
+ goto exit_dev_unregister; |
| 174 |
++ |
| 175 |
+ found = true; |
| 176 |
++ |
| 177 |
++ /* |
| 178 |
++ * IT8705F may respond on both SIO addresses. |
| 179 |
++ * Stop probing after finding one. |
| 180 |
++ */ |
| 181 |
++ if (sio_data.type == it87) |
| 182 |
++ break; |
| 183 |
+ } |
| 184 |
+ |
| 185 |
+ if (!found) { |
| 186 |
+diff --git a/drivers/md/dm-ioctl.c b/drivers/md/dm-ioctl.c |
| 187 |
+index 966eb4b61aed..a68c650aad11 100644 |
| 188 |
+--- a/drivers/md/dm-ioctl.c |
| 189 |
++++ b/drivers/md/dm-ioctl.c |
| 190 |
+@@ -1847,7 +1847,7 @@ static int ctl_ioctl(uint command, struct dm_ioctl __user *user) |
| 191 |
+ if (r) |
| 192 |
+ goto out; |
| 193 |
+ |
| 194 |
+- param->data_size = sizeof(*param); |
| 195 |
++ param->data_size = offsetof(struct dm_ioctl, data); |
| 196 |
+ r = fn(param, input_param_size); |
| 197 |
+ |
| 198 |
+ if (unlikely(param->flags & DM_BUFFER_FULL_FLAG) && |
| 199 |
+diff --git a/drivers/scsi/storvsc_drv.c b/drivers/scsi/storvsc_drv.c |
| 200 |
+index 3f218f5cf29b..c5ab1b0037fc 100644 |
| 201 |
+--- a/drivers/scsi/storvsc_drv.c |
| 202 |
++++ b/drivers/scsi/storvsc_drv.c |
| 203 |
+@@ -400,8 +400,6 @@ MODULE_PARM_DESC(storvsc_vcpus_per_sub_channel, "Ratio of VCPUs to subchannels") |
| 204 |
+ */ |
| 205 |
+ static int storvsc_timeout = 180; |
| 206 |
+ |
| 207 |
+-static int msft_blist_flags = BLIST_TRY_VPD_PAGES; |
| 208 |
+- |
| 209 |
+ #if IS_ENABLED(CONFIG_SCSI_FC_ATTRS) |
| 210 |
+ static struct scsi_transport_template *fc_transport_template; |
| 211 |
+ #endif |
| 212 |
+@@ -1283,6 +1281,22 @@ static int storvsc_do_io(struct hv_device *device, |
| 213 |
+ return ret; |
| 214 |
+ } |
| 215 |
+ |
| 216 |
++static int storvsc_device_alloc(struct scsi_device *sdevice) |
| 217 |
++{ |
| 218 |
++ /* |
| 219 |
++ * Set blist flag to permit the reading of the VPD pages even when |
| 220 |
++ * the target may claim SPC-2 compliance. MSFT targets currently |
| 221 |
++ * claim SPC-2 compliance while they implement post SPC-2 features. |
| 222 |
++ * With this flag we can correctly handle WRITE_SAME_16 issues. |
| 223 |
++ * |
| 224 |
++ * Hypervisor reports SCSI_UNKNOWN type for DVD ROM device but |
| 225 |
++ * still supports REPORT LUN. |
| 226 |
++ */ |
| 227 |
++ sdevice->sdev_bflags = BLIST_REPORTLUN2 | BLIST_TRY_VPD_PAGES; |
| 228 |
++ |
| 229 |
++ return 0; |
| 230 |
++} |
| 231 |
++ |
| 232 |
+ static int storvsc_device_configure(struct scsi_device *sdevice) |
| 233 |
+ { |
| 234 |
+ |
| 235 |
+@@ -1298,14 +1312,6 @@ static int storvsc_device_configure(struct scsi_device *sdevice) |
| 236 |
+ sdevice->no_write_same = 1; |
| 237 |
+ |
| 238 |
+ /* |
| 239 |
+- * Add blist flags to permit the reading of the VPD pages even when |
| 240 |
+- * the target may claim SPC-2 compliance. MSFT targets currently |
| 241 |
+- * claim SPC-2 compliance while they implement post SPC-2 features. |
| 242 |
+- * With this patch we can correctly handle WRITE_SAME_16 issues. |
| 243 |
+- */ |
| 244 |
+- sdevice->sdev_bflags |= msft_blist_flags; |
| 245 |
+- |
| 246 |
+- /* |
| 247 |
+ * If the host is WIN8 or WIN8 R2, claim conformance to SPC-3 |
| 248 |
+ * if the device is a MSFT virtual device. If the host is |
| 249 |
+ * WIN10 or newer, allow write_same. |
| 250 |
+@@ -1569,6 +1575,7 @@ static struct scsi_host_template scsi_driver = { |
| 251 |
+ .eh_host_reset_handler = storvsc_host_reset_handler, |
| 252 |
+ .proc_name = "storvsc_host", |
| 253 |
+ .eh_timed_out = storvsc_eh_timed_out, |
| 254 |
++ .slave_alloc = storvsc_device_alloc, |
| 255 |
+ .slave_configure = storvsc_device_configure, |
| 256 |
+ .cmd_per_lun = 255, |
| 257 |
+ .this_id = -1, |
| 258 |
+diff --git a/drivers/tty/serial/8250/8250_pci.c b/drivers/tty/serial/8250/8250_pci.c |
| 259 |
+index 6e3e63675e56..22d32d295c5b 100644 |
| 260 |
+--- a/drivers/tty/serial/8250/8250_pci.c |
| 261 |
++++ b/drivers/tty/serial/8250/8250_pci.c |
| 262 |
+@@ -5621,17 +5621,15 @@ static pci_ers_result_t serial8250_io_slot_reset(struct pci_dev *dev) |
| 263 |
+ static void serial8250_io_resume(struct pci_dev *dev) |
| 264 |
+ { |
| 265 |
+ struct serial_private *priv = pci_get_drvdata(dev); |
| 266 |
+- const struct pciserial_board *board; |
| 267 |
++ struct serial_private *new; |
| 268 |
+ |
| 269 |
+ if (!priv) |
| 270 |
+ return; |
| 271 |
+ |
| 272 |
+- board = priv->board; |
| 273 |
+- kfree(priv); |
| 274 |
+- priv = pciserial_init_ports(dev, board); |
| 275 |
+- |
| 276 |
+- if (!IS_ERR(priv)) { |
| 277 |
+- pci_set_drvdata(dev, priv); |
| 278 |
++ new = pciserial_init_ports(dev, priv->board); |
| 279 |
++ if (!IS_ERR(new)) { |
| 280 |
++ pci_set_drvdata(dev, new); |
| 281 |
++ kfree(priv); |
| 282 |
+ } |
| 283 |
+ } |
| 284 |
+ |
| 285 |
+diff --git a/fs/ceph/addr.c b/fs/ceph/addr.c |
| 286 |
+index 1e643c718917..18dc18f8af2c 100644 |
| 287 |
+--- a/fs/ceph/addr.c |
| 288 |
++++ b/fs/ceph/addr.c |
| 289 |
+@@ -315,7 +315,32 @@ static int start_read(struct inode *inode, struct list_head *page_list, int max) |
| 290 |
+ struct page **pages; |
| 291 |
+ pgoff_t next_index; |
| 292 |
+ int nr_pages = 0; |
| 293 |
+- int ret; |
| 294 |
++ int got = 0; |
| 295 |
++ int ret = 0; |
| 296 |
++ |
| 297 |
++ if (!current->journal_info) { |
| 298 |
++ /* caller of readpages does not hold buffer and read caps |
| 299 |
++ * (fadvise, madvise and readahead cases) */ |
| 300 |
++ int want = CEPH_CAP_FILE_CACHE; |
| 301 |
++ ret = ceph_try_get_caps(ci, CEPH_CAP_FILE_RD, want, &got); |
| 302 |
++ if (ret < 0) { |
| 303 |
++ dout("start_read %p, error getting cap\n", inode); |
| 304 |
++ } else if (!(got & want)) { |
| 305 |
++ dout("start_read %p, no cache cap\n", inode); |
| 306 |
++ ret = 0; |
| 307 |
++ } |
| 308 |
++ if (ret <= 0) { |
| 309 |
++ if (got) |
| 310 |
++ ceph_put_cap_refs(ci, got); |
| 311 |
++ while (!list_empty(page_list)) { |
| 312 |
++ page = list_entry(page_list->prev, |
| 313 |
++ struct page, lru); |
| 314 |
++ list_del(&page->lru); |
| 315 |
++ put_page(page); |
| 316 |
++ } |
| 317 |
++ return ret; |
| 318 |
++ } |
| 319 |
++ } |
| 320 |
+ |
| 321 |
+ off = (u64) page_offset(page); |
| 322 |
+ |
| 323 |
+@@ -338,15 +363,18 @@ static int start_read(struct inode *inode, struct list_head *page_list, int max) |
| 324 |
+ CEPH_OSD_FLAG_READ, NULL, |
| 325 |
+ ci->i_truncate_seq, ci->i_truncate_size, |
| 326 |
+ false); |
| 327 |
+- if (IS_ERR(req)) |
| 328 |
+- return PTR_ERR(req); |
| 329 |
++ if (IS_ERR(req)) { |
| 330 |
++ ret = PTR_ERR(req); |
| 331 |
++ goto out; |
| 332 |
++ } |
| 333 |
+ |
| 334 |
+ /* build page vector */ |
| 335 |
+ nr_pages = calc_pages_for(0, len); |
| 336 |
+ pages = kmalloc(sizeof(*pages) * nr_pages, GFP_KERNEL); |
| 337 |
+- ret = -ENOMEM; |
| 338 |
+- if (!pages) |
| 339 |
+- goto out; |
| 340 |
++ if (!pages) { |
| 341 |
++ ret = -ENOMEM; |
| 342 |
++ goto out_put; |
| 343 |
++ } |
| 344 |
+ for (i = 0; i < nr_pages; ++i) { |
| 345 |
+ page = list_entry(page_list->prev, struct page, lru); |
| 346 |
+ BUG_ON(PageLocked(page)); |
| 347 |
+@@ -379,6 +407,12 @@ static int start_read(struct inode *inode, struct list_head *page_list, int max) |
| 348 |
+ if (ret < 0) |
| 349 |
+ goto out_pages; |
| 350 |
+ ceph_osdc_put_request(req); |
| 351 |
++ |
| 352 |
++ /* After adding locked pages to page cache, the inode holds cache cap. |
| 353 |
++ * So we can drop our cap refs. */ |
| 354 |
++ if (got) |
| 355 |
++ ceph_put_cap_refs(ci, got); |
| 356 |
++ |
| 357 |
+ return nr_pages; |
| 358 |
+ |
| 359 |
+ out_pages: |
| 360 |
+@@ -387,8 +421,11 @@ static int start_read(struct inode *inode, struct list_head *page_list, int max) |
| 361 |
+ unlock_page(pages[i]); |
| 362 |
+ } |
| 363 |
+ ceph_put_page_vector(pages, nr_pages, false); |
| 364 |
+-out: |
| 365 |
++out_put: |
| 366 |
+ ceph_osdc_put_request(req); |
| 367 |
++out: |
| 368 |
++ if (got) |
| 369 |
++ ceph_put_cap_refs(ci, got); |
| 370 |
+ return ret; |
| 371 |
+ } |
| 372 |
+ |
| 373 |
+@@ -425,7 +462,6 @@ static int ceph_readpages(struct file *file, struct address_space *mapping, |
| 374 |
+ rc = start_read(inode, page_list, max); |
| 375 |
+ if (rc < 0) |
| 376 |
+ goto out; |
| 377 |
+- BUG_ON(rc == 0); |
| 378 |
+ } |
| 379 |
+ out: |
| 380 |
+ ceph_fscache_readpages_cancel(inode, page_list); |
| 381 |
+@@ -1372,9 +1408,11 @@ static int ceph_filemap_fault(struct vm_area_struct *vma, struct vm_fault *vmf) |
| 382 |
+ inode, off, (size_t)PAGE_SIZE, ceph_cap_string(got)); |
| 383 |
+ |
| 384 |
+ if ((got & (CEPH_CAP_FILE_CACHE | CEPH_CAP_FILE_LAZYIO)) || |
| 385 |
+- ci->i_inline_version == CEPH_INLINE_NONE) |
| 386 |
++ ci->i_inline_version == CEPH_INLINE_NONE) { |
| 387 |
++ current->journal_info = vma->vm_file; |
| 388 |
+ ret = filemap_fault(vma, vmf); |
| 389 |
+- else |
| 390 |
++ current->journal_info = NULL; |
| 391 |
++ } else |
| 392 |
+ ret = -EAGAIN; |
| 393 |
+ |
| 394 |
+ dout("filemap_fault %p %llu~%zd dropping cap refs on %s ret %d\n", |
| 395 |
+diff --git a/fs/ceph/caps.c b/fs/ceph/caps.c |
| 396 |
+index f3f21105b860..03951f90ecf7 100644 |
| 397 |
+--- a/fs/ceph/caps.c |
| 398 |
++++ b/fs/ceph/caps.c |
| 399 |
+@@ -2479,6 +2479,27 @@ static void check_max_size(struct inode *inode, loff_t endoff) |
| 400 |
+ ceph_check_caps(ci, CHECK_CAPS_AUTHONLY, NULL); |
| 401 |
+ } |
| 402 |
+ |
| 403 |
++int ceph_try_get_caps(struct ceph_inode_info *ci, int need, int want, int *got) |
| 404 |
++{ |
| 405 |
++ int ret, err = 0; |
| 406 |
++ |
| 407 |
++ BUG_ON(need & ~CEPH_CAP_FILE_RD); |
| 408 |
++ BUG_ON(want & ~(CEPH_CAP_FILE_CACHE|CEPH_CAP_FILE_LAZYIO)); |
| 409 |
++ ret = ceph_pool_perm_check(ci, need); |
| 410 |
++ if (ret < 0) |
| 411 |
++ return ret; |
| 412 |
++ |
| 413 |
++ ret = try_get_cap_refs(ci, need, want, 0, true, got, &err); |
| 414 |
++ if (ret) { |
| 415 |
++ if (err == -EAGAIN) { |
| 416 |
++ ret = 0; |
| 417 |
++ } else if (err < 0) { |
| 418 |
++ ret = err; |
| 419 |
++ } |
| 420 |
++ } |
| 421 |
++ return ret; |
| 422 |
++} |
| 423 |
++ |
| 424 |
+ /* |
| 425 |
+ * Wait for caps, and take cap references. If we can't get a WR cap |
| 426 |
+ * due to a small max_size, make sure we check_max_size (and possibly |
| 427 |
+diff --git a/fs/ceph/file.c b/fs/ceph/file.c |
| 428 |
+index f995e3528a33..ca3f630db90f 100644 |
| 429 |
+--- a/fs/ceph/file.c |
| 430 |
++++ b/fs/ceph/file.c |
| 431 |
+@@ -1249,8 +1249,9 @@ static ssize_t ceph_read_iter(struct kiocb *iocb, struct iov_iter *to) |
| 432 |
+ dout("aio_read %p %llx.%llx %llu~%u got cap refs on %s\n", |
| 433 |
+ inode, ceph_vinop(inode), iocb->ki_pos, (unsigned)len, |
| 434 |
+ ceph_cap_string(got)); |
| 435 |
+- |
| 436 |
++ current->journal_info = filp; |
| 437 |
+ ret = generic_file_read_iter(iocb, to); |
| 438 |
++ current->journal_info = NULL; |
| 439 |
+ } |
| 440 |
+ dout("aio_read %p %llx.%llx dropping cap refs on %s = %d\n", |
| 441 |
+ inode, ceph_vinop(inode), ceph_cap_string(got), (int)ret); |
| 442 |
+diff --git a/fs/ceph/super.h b/fs/ceph/super.h |
| 443 |
+index 3e3fa9163059..622d5dd9f616 100644 |
| 444 |
+--- a/fs/ceph/super.h |
| 445 |
++++ b/fs/ceph/super.h |
| 446 |
+@@ -905,6 +905,8 @@ extern int ceph_encode_dentry_release(void **p, struct dentry *dn, |
| 447 |
+ |
| 448 |
+ extern int ceph_get_caps(struct ceph_inode_info *ci, int need, int want, |
| 449 |
+ loff_t endoff, int *got, struct page **pinned_page); |
| 450 |
++extern int ceph_try_get_caps(struct ceph_inode_info *ci, |
| 451 |
++ int need, int want, int *got); |
| 452 |
+ |
| 453 |
+ /* for counting open files by mode */ |
| 454 |
+ extern void __ceph_get_fmode(struct ceph_inode_info *ci, int mode); |
| 455 |
+diff --git a/fs/cifs/cifsglob.h b/fs/cifs/cifsglob.h |
| 456 |
+index 94661cf77ae8..b3830f7ab260 100644 |
| 457 |
+--- a/fs/cifs/cifsglob.h |
| 458 |
++++ b/fs/cifs/cifsglob.h |
| 459 |
+@@ -241,6 +241,7 @@ struct smb_version_operations { |
| 460 |
+ /* verify the message */ |
| 461 |
+ int (*check_message)(char *, unsigned int, struct TCP_Server_Info *); |
| 462 |
+ bool (*is_oplock_break)(char *, struct TCP_Server_Info *); |
| 463 |
++ int (*handle_cancelled_mid)(char *, struct TCP_Server_Info *); |
| 464 |
+ void (*downgrade_oplock)(struct TCP_Server_Info *, |
| 465 |
+ struct cifsInodeInfo *, bool); |
| 466 |
+ /* process transaction2 response */ |
| 467 |
+@@ -1314,12 +1315,19 @@ struct mid_q_entry { |
| 468 |
+ void *callback_data; /* general purpose pointer for callback */ |
| 469 |
+ void *resp_buf; /* pointer to received SMB header */ |
| 470 |
+ int mid_state; /* wish this were enum but can not pass to wait_event */ |
| 471 |
++ unsigned int mid_flags; |
| 472 |
+ __le16 command; /* smb command code */ |
| 473 |
+ bool large_buf:1; /* if valid response, is pointer to large buf */ |
| 474 |
+ bool multiRsp:1; /* multiple trans2 responses for one request */ |
| 475 |
+ bool multiEnd:1; /* both received */ |
| 476 |
+ }; |
| 477 |
+ |
| 478 |
++struct close_cancelled_open { |
| 479 |
++ struct cifs_fid fid; |
| 480 |
++ struct cifs_tcon *tcon; |
| 481 |
++ struct work_struct work; |
| 482 |
++}; |
| 483 |
++ |
| 484 |
+ /* Make code in transport.c a little cleaner by moving |
| 485 |
+ update of optional stats into function below */ |
| 486 |
+ #ifdef CONFIG_CIFS_STATS2 |
| 487 |
+@@ -1451,6 +1459,9 @@ static inline void free_dfs_info_array(struct dfs_info3_param *param, |
| 488 |
+ #define MID_RESPONSE_MALFORMED 0x10 |
| 489 |
+ #define MID_SHUTDOWN 0x20 |
| 490 |
+ |
| 491 |
++/* Flags */ |
| 492 |
++#define MID_WAIT_CANCELLED 1 /* Cancelled while waiting for response */ |
| 493 |
++ |
| 494 |
+ /* Types of response buffer returned from SendReceive2 */ |
| 495 |
+ #define CIFS_NO_BUFFER 0 /* Response buffer not returned */ |
| 496 |
+ #define CIFS_SMALL_BUFFER 1 |
| 497 |
+diff --git a/fs/cifs/cifssmb.c b/fs/cifs/cifssmb.c |
| 498 |
+index e3fed9249a04..586fdac05ec2 100644 |
| 499 |
+--- a/fs/cifs/cifssmb.c |
| 500 |
++++ b/fs/cifs/cifssmb.c |
| 501 |
+@@ -1423,6 +1423,8 @@ cifs_readv_discard(struct TCP_Server_Info *server, struct mid_q_entry *mid) |
| 502 |
+ |
| 503 |
+ length = discard_remaining_data(server); |
| 504 |
+ dequeue_mid(mid, rdata->result); |
| 505 |
++ mid->resp_buf = server->smallbuf; |
| 506 |
++ server->smallbuf = NULL; |
| 507 |
+ return length; |
| 508 |
+ } |
| 509 |
+ |
| 510 |
+@@ -1534,6 +1536,8 @@ cifs_readv_receive(struct TCP_Server_Info *server, struct mid_q_entry *mid) |
| 511 |
+ return cifs_readv_discard(server, mid); |
| 512 |
+ |
| 513 |
+ dequeue_mid(mid, false); |
| 514 |
++ mid->resp_buf = server->smallbuf; |
| 515 |
++ server->smallbuf = NULL; |
| 516 |
+ return length; |
| 517 |
+ } |
| 518 |
+ |
| 519 |
+diff --git a/fs/cifs/connect.c b/fs/cifs/connect.c |
| 520 |
+index 893be0722643..b8015de88e8c 100644 |
| 521 |
+--- a/fs/cifs/connect.c |
| 522 |
++++ b/fs/cifs/connect.c |
| 523 |
+@@ -882,10 +882,19 @@ cifs_demultiplex_thread(void *p) |
| 524 |
+ |
| 525 |
+ server->lstrp = jiffies; |
| 526 |
+ if (mid_entry != NULL) { |
| 527 |
++ if ((mid_entry->mid_flags & MID_WAIT_CANCELLED) && |
| 528 |
++ mid_entry->mid_state == MID_RESPONSE_RECEIVED && |
| 529 |
++ server->ops->handle_cancelled_mid) |
| 530 |
++ server->ops->handle_cancelled_mid( |
| 531 |
++ mid_entry->resp_buf, |
| 532 |
++ server); |
| 533 |
++ |
| 534 |
+ if (!mid_entry->multiRsp || mid_entry->multiEnd) |
| 535 |
+ mid_entry->callback(mid_entry); |
| 536 |
+- } else if (!server->ops->is_oplock_break || |
| 537 |
+- !server->ops->is_oplock_break(buf, server)) { |
| 538 |
++ } else if (server->ops->is_oplock_break && |
| 539 |
++ server->ops->is_oplock_break(buf, server)) { |
| 540 |
++ cifs_dbg(FYI, "Received oplock break\n"); |
| 541 |
++ } else { |
| 542 |
+ cifs_dbg(VFS, "No task to wake, unknown frame received! NumMids %d\n", |
| 543 |
+ atomic_read(&midCount)); |
| 544 |
+ cifs_dump_mem("Received Data is: ", buf, |
| 545 |
+diff --git a/fs/cifs/smb2misc.c b/fs/cifs/smb2misc.c |
| 546 |
+index 3d383489b9cf..97307808ae42 100644 |
| 547 |
+--- a/fs/cifs/smb2misc.c |
| 548 |
++++ b/fs/cifs/smb2misc.c |
| 549 |
+@@ -654,3 +654,47 @@ smb2_is_valid_oplock_break(char *buffer, struct TCP_Server_Info *server) |
| 550 |
+ cifs_dbg(FYI, "Can not process oplock break for non-existent connection\n"); |
| 551 |
+ return false; |
| 552 |
+ } |
| 553 |
++ |
| 554 |
++void |
| 555 |
++smb2_cancelled_close_fid(struct work_struct *work) |
| 556 |
++{ |
| 557 |
++ struct close_cancelled_open *cancelled = container_of(work, |
| 558 |
++ struct close_cancelled_open, work); |
| 559 |
++ |
| 560 |
++ cifs_dbg(VFS, "Close unmatched open\n"); |
| 561 |
++ |
| 562 |
++ SMB2_close(0, cancelled->tcon, cancelled->fid.persistent_fid, |
| 563 |
++ cancelled->fid.volatile_fid); |
| 564 |
++ cifs_put_tcon(cancelled->tcon); |
| 565 |
++ kfree(cancelled); |
| 566 |
++} |
| 567 |
++ |
| 568 |
++int |
| 569 |
++smb2_handle_cancelled_mid(char *buffer, struct TCP_Server_Info *server) |
| 570 |
++{ |
| 571 |
++ struct smb2_hdr *hdr = (struct smb2_hdr *)buffer; |
| 572 |
++ struct smb2_create_rsp *rsp = (struct smb2_create_rsp *)buffer; |
| 573 |
++ struct cifs_tcon *tcon; |
| 574 |
++ struct close_cancelled_open *cancelled; |
| 575 |
++ |
| 576 |
++ if (hdr->Command != SMB2_CREATE || hdr->Status != STATUS_SUCCESS) |
| 577 |
++ return 0; |
| 578 |
++ |
| 579 |
++ cancelled = kzalloc(sizeof(*cancelled), GFP_KERNEL); |
| 580 |
++ if (!cancelled) |
| 581 |
++ return -ENOMEM; |
| 582 |
++ |
| 583 |
++ tcon = smb2_find_smb_tcon(server, hdr->SessionId, hdr->TreeId); |
| 584 |
++ if (!tcon) { |
| 585 |
++ kfree(cancelled); |
| 586 |
++ return -ENOENT; |
| 587 |
++ } |
| 588 |
++ |
| 589 |
++ cancelled->fid.persistent_fid = rsp->PersistentFileId; |
| 590 |
++ cancelled->fid.volatile_fid = rsp->VolatileFileId; |
| 591 |
++ cancelled->tcon = tcon; |
| 592 |
++ INIT_WORK(&cancelled->work, smb2_cancelled_close_fid); |
| 593 |
++ queue_work(cifsiod_wq, &cancelled->work); |
| 594 |
++ |
| 595 |
++ return 0; |
| 596 |
++} |
| 597 |
+diff --git a/fs/cifs/smb2ops.c b/fs/cifs/smb2ops.c |
| 598 |
+index 5d456ebb3813..007abf7195af 100644 |
| 599 |
+--- a/fs/cifs/smb2ops.c |
| 600 |
++++ b/fs/cifs/smb2ops.c |
| 601 |
+@@ -1565,6 +1565,7 @@ struct smb_version_operations smb20_operations = { |
| 602 |
+ .clear_stats = smb2_clear_stats, |
| 603 |
+ .print_stats = smb2_print_stats, |
| 604 |
+ .is_oplock_break = smb2_is_valid_oplock_break, |
| 605 |
++ .handle_cancelled_mid = smb2_handle_cancelled_mid, |
| 606 |
+ .downgrade_oplock = smb2_downgrade_oplock, |
| 607 |
+ .need_neg = smb2_need_neg, |
| 608 |
+ .negotiate = smb2_negotiate, |
| 609 |
+@@ -1645,6 +1646,7 @@ struct smb_version_operations smb21_operations = { |
| 610 |
+ .clear_stats = smb2_clear_stats, |
| 611 |
+ .print_stats = smb2_print_stats, |
| 612 |
+ .is_oplock_break = smb2_is_valid_oplock_break, |
| 613 |
++ .handle_cancelled_mid = smb2_handle_cancelled_mid, |
| 614 |
+ .downgrade_oplock = smb2_downgrade_oplock, |
| 615 |
+ .need_neg = smb2_need_neg, |
| 616 |
+ .negotiate = smb2_negotiate, |
| 617 |
+@@ -1727,6 +1729,7 @@ struct smb_version_operations smb30_operations = { |
| 618 |
+ .print_stats = smb2_print_stats, |
| 619 |
+ .dump_share_caps = smb2_dump_share_caps, |
| 620 |
+ .is_oplock_break = smb2_is_valid_oplock_break, |
| 621 |
++ .handle_cancelled_mid = smb2_handle_cancelled_mid, |
| 622 |
+ .downgrade_oplock = smb2_downgrade_oplock, |
| 623 |
+ .need_neg = smb2_need_neg, |
| 624 |
+ .negotiate = smb2_negotiate, |
| 625 |
+@@ -1815,6 +1818,7 @@ struct smb_version_operations smb311_operations = { |
| 626 |
+ .print_stats = smb2_print_stats, |
| 627 |
+ .dump_share_caps = smb2_dump_share_caps, |
| 628 |
+ .is_oplock_break = smb2_is_valid_oplock_break, |
| 629 |
++ .handle_cancelled_mid = smb2_handle_cancelled_mid, |
| 630 |
+ .downgrade_oplock = smb2_downgrade_oplock, |
| 631 |
+ .need_neg = smb2_need_neg, |
| 632 |
+ .negotiate = smb2_negotiate, |
| 633 |
+diff --git a/fs/cifs/smb2proto.h b/fs/cifs/smb2proto.h |
| 634 |
+index f2d511a6971b..04ef6e914597 100644 |
| 635 |
+--- a/fs/cifs/smb2proto.h |
| 636 |
++++ b/fs/cifs/smb2proto.h |
| 637 |
+@@ -48,6 +48,10 @@ extern struct mid_q_entry *smb2_setup_request(struct cifs_ses *ses, |
| 638 |
+ struct smb_rqst *rqst); |
| 639 |
+ extern struct mid_q_entry *smb2_setup_async_request( |
| 640 |
+ struct TCP_Server_Info *server, struct smb_rqst *rqst); |
| 641 |
++extern struct cifs_ses *smb2_find_smb_ses(struct TCP_Server_Info *server, |
| 642 |
++ __u64 ses_id); |
| 643 |
++extern struct cifs_tcon *smb2_find_smb_tcon(struct TCP_Server_Info *server, |
| 644 |
++ __u64 ses_id, __u32 tid); |
| 645 |
+ extern int smb2_calc_signature(struct smb_rqst *rqst, |
| 646 |
+ struct TCP_Server_Info *server); |
| 647 |
+ extern int smb3_calc_signature(struct smb_rqst *rqst, |
| 648 |
+@@ -158,6 +162,9 @@ extern int SMB2_set_compression(const unsigned int xid, struct cifs_tcon *tcon, |
| 649 |
+ extern int SMB2_oplock_break(const unsigned int xid, struct cifs_tcon *tcon, |
| 650 |
+ const u64 persistent_fid, const u64 volatile_fid, |
| 651 |
+ const __u8 oplock_level); |
| 652 |
++extern int smb2_handle_cancelled_mid(char *buffer, |
| 653 |
++ struct TCP_Server_Info *server); |
| 654 |
++void smb2_cancelled_close_fid(struct work_struct *work); |
| 655 |
+ extern int SMB2_QFS_info(const unsigned int xid, struct cifs_tcon *tcon, |
| 656 |
+ u64 persistent_file_id, u64 volatile_file_id, |
| 657 |
+ struct kstatfs *FSData); |
| 658 |
+diff --git a/fs/cifs/smb2transport.c b/fs/cifs/smb2transport.c |
| 659 |
+index bc9a7b634643..390b0d0198f8 100644 |
| 660 |
+--- a/fs/cifs/smb2transport.c |
| 661 |
++++ b/fs/cifs/smb2transport.c |
| 662 |
+@@ -115,22 +115,68 @@ smb3_crypto_shash_allocate(struct TCP_Server_Info *server) |
| 663 |
+ } |
| 664 |
+ |
| 665 |
+ static struct cifs_ses * |
| 666 |
+-smb2_find_smb_ses(struct smb2_hdr *smb2hdr, struct TCP_Server_Info *server) |
| 667 |
++smb2_find_smb_ses_unlocked(struct TCP_Server_Info *server, __u64 ses_id) |
| 668 |
+ { |
| 669 |
+ struct cifs_ses *ses; |
| 670 |
+ |
| 671 |
+- spin_lock(&cifs_tcp_ses_lock); |
| 672 |
+ list_for_each_entry(ses, &server->smb_ses_list, smb_ses_list) { |
| 673 |
+- if (ses->Suid != smb2hdr->SessionId) |
| 674 |
++ if (ses->Suid != ses_id) |
| 675 |
+ continue; |
| 676 |
+- spin_unlock(&cifs_tcp_ses_lock); |
| 677 |
+ return ses; |
| 678 |
+ } |
| 679 |
++ |
| 680 |
++ return NULL; |
| 681 |
++} |
| 682 |
++ |
| 683 |
++struct cifs_ses * |
| 684 |
++smb2_find_smb_ses(struct TCP_Server_Info *server, __u64 ses_id) |
| 685 |
++{ |
| 686 |
++ struct cifs_ses *ses; |
| 687 |
++ |
| 688 |
++ spin_lock(&cifs_tcp_ses_lock); |
| 689 |
++ ses = smb2_find_smb_ses_unlocked(server, ses_id); |
| 690 |
+ spin_unlock(&cifs_tcp_ses_lock); |
| 691 |
+ |
| 692 |
++ return ses; |
| 693 |
++} |
| 694 |
++ |
| 695 |
++static struct cifs_tcon * |
| 696 |
++smb2_find_smb_sess_tcon_unlocked(struct cifs_ses *ses, __u32 tid) |
| 697 |
++{ |
| 698 |
++ struct cifs_tcon *tcon; |
| 699 |
++ |
| 700 |
++ list_for_each_entry(tcon, &ses->tcon_list, tcon_list) { |
| 701 |
++ if (tcon->tid != tid) |
| 702 |
++ continue; |
| 703 |
++ ++tcon->tc_count; |
| 704 |
++ return tcon; |
| 705 |
++ } |
| 706 |
++ |
| 707 |
+ return NULL; |
| 708 |
+ } |
| 709 |
+ |
| 710 |
++/* |
| 711 |
++ * Obtain tcon corresponding to the tid in the given |
| 712 |
++ * cifs_ses |
| 713 |
++ */ |
| 714 |
++ |
| 715 |
++struct cifs_tcon * |
| 716 |
++smb2_find_smb_tcon(struct TCP_Server_Info *server, __u64 ses_id, __u32 tid) |
| 717 |
++{ |
| 718 |
++ struct cifs_ses *ses; |
| 719 |
++ struct cifs_tcon *tcon; |
| 720 |
++ |
| 721 |
++ spin_lock(&cifs_tcp_ses_lock); |
| 722 |
++ ses = smb2_find_smb_ses_unlocked(server, ses_id); |
| 723 |
++ if (!ses) { |
| 724 |
++ spin_unlock(&cifs_tcp_ses_lock); |
| 725 |
++ return NULL; |
| 726 |
++ } |
| 727 |
++ tcon = smb2_find_smb_sess_tcon_unlocked(ses, tid); |
| 728 |
++ spin_unlock(&cifs_tcp_ses_lock); |
| 729 |
++ |
| 730 |
++ return tcon; |
| 731 |
++} |
| 732 |
+ |
| 733 |
+ int |
| 734 |
+ smb2_calc_signature(struct smb_rqst *rqst, struct TCP_Server_Info *server) |
| 735 |
+@@ -142,7 +188,7 @@ smb2_calc_signature(struct smb_rqst *rqst, struct TCP_Server_Info *server) |
| 736 |
+ struct smb2_hdr *smb2_pdu = (struct smb2_hdr *)iov[0].iov_base; |
| 737 |
+ struct cifs_ses *ses; |
| 738 |
+ |
| 739 |
+- ses = smb2_find_smb_ses(smb2_pdu, server); |
| 740 |
++ ses = smb2_find_smb_ses(server, smb2_pdu->SessionId); |
| 741 |
+ if (!ses) { |
| 742 |
+ cifs_dbg(VFS, "%s: Could not find session\n", __func__); |
| 743 |
+ return 0; |
| 744 |
+@@ -359,7 +405,7 @@ smb3_calc_signature(struct smb_rqst *rqst, struct TCP_Server_Info *server) |
| 745 |
+ struct smb2_hdr *smb2_pdu = (struct smb2_hdr *)iov[0].iov_base; |
| 746 |
+ struct cifs_ses *ses; |
| 747 |
+ |
| 748 |
+- ses = smb2_find_smb_ses(smb2_pdu, server); |
| 749 |
++ ses = smb2_find_smb_ses(server, smb2_pdu->SessionId); |
| 750 |
+ if (!ses) { |
| 751 |
+ cifs_dbg(VFS, "%s: Could not find session\n", __func__); |
| 752 |
+ return 0; |
| 753 |
+diff --git a/fs/cifs/transport.c b/fs/cifs/transport.c |
| 754 |
+index 206a597b2293..cc26d4138d70 100644 |
| 755 |
+--- a/fs/cifs/transport.c |
| 756 |
++++ b/fs/cifs/transport.c |
| 757 |
+@@ -727,9 +727,11 @@ SendReceive2(const unsigned int xid, struct cifs_ses *ses, |
| 758 |
+ |
| 759 |
+ rc = wait_for_response(ses->server, midQ); |
| 760 |
+ if (rc != 0) { |
| 761 |
++ cifs_dbg(FYI, "Cancelling wait for mid %llu\n", midQ->mid); |
| 762 |
+ send_cancel(ses->server, buf, midQ); |
| 763 |
+ spin_lock(&GlobalMid_Lock); |
| 764 |
+ if (midQ->mid_state == MID_REQUEST_SUBMITTED) { |
| 765 |
++ midQ->mid_flags |= MID_WAIT_CANCELLED; |
| 766 |
+ midQ->callback = DeleteMidQEntry; |
| 767 |
+ spin_unlock(&GlobalMid_Lock); |
| 768 |
+ cifs_small_buf_release(buf); |
| 769 |
+diff --git a/fs/timerfd.c b/fs/timerfd.c |
| 770 |
+index 9ae4abb4110b..ab8dd1538381 100644 |
| 771 |
+--- a/fs/timerfd.c |
| 772 |
++++ b/fs/timerfd.c |
| 773 |
+@@ -40,6 +40,7 @@ struct timerfd_ctx { |
| 774 |
+ short unsigned settime_flags; /* to show in fdinfo */ |
| 775 |
+ struct rcu_head rcu; |
| 776 |
+ struct list_head clist; |
| 777 |
++ spinlock_t cancel_lock; |
| 778 |
+ bool might_cancel; |
| 779 |
+ }; |
| 780 |
+ |
| 781 |
+@@ -112,7 +113,7 @@ void timerfd_clock_was_set(void) |
| 782 |
+ rcu_read_unlock(); |
| 783 |
+ } |
| 784 |
+ |
| 785 |
+-static void timerfd_remove_cancel(struct timerfd_ctx *ctx) |
| 786 |
++static void __timerfd_remove_cancel(struct timerfd_ctx *ctx) |
| 787 |
+ { |
| 788 |
+ if (ctx->might_cancel) { |
| 789 |
+ ctx->might_cancel = false; |
| 790 |
+@@ -122,6 +123,13 @@ static void timerfd_remove_cancel(struct timerfd_ctx *ctx) |
| 791 |
+ } |
| 792 |
+ } |
| 793 |
+ |
| 794 |
++static void timerfd_remove_cancel(struct timerfd_ctx *ctx) |
| 795 |
++{ |
| 796 |
++ spin_lock(&ctx->cancel_lock); |
| 797 |
++ __timerfd_remove_cancel(ctx); |
| 798 |
++ spin_unlock(&ctx->cancel_lock); |
| 799 |
++} |
| 800 |
++ |
| 801 |
+ static bool timerfd_canceled(struct timerfd_ctx *ctx) |
| 802 |
+ { |
| 803 |
+ if (!ctx->might_cancel || ctx->moffs.tv64 != KTIME_MAX) |
| 804 |
+@@ -132,6 +140,7 @@ static bool timerfd_canceled(struct timerfd_ctx *ctx) |
| 805 |
+ |
| 806 |
+ static void timerfd_setup_cancel(struct timerfd_ctx *ctx, int flags) |
| 807 |
+ { |
| 808 |
++ spin_lock(&ctx->cancel_lock); |
| 809 |
+ if ((ctx->clockid == CLOCK_REALTIME || |
| 810 |
+ ctx->clockid == CLOCK_REALTIME_ALARM) && |
| 811 |
+ (flags & TFD_TIMER_ABSTIME) && (flags & TFD_TIMER_CANCEL_ON_SET)) { |
| 812 |
+@@ -141,9 +150,10 @@ static void timerfd_setup_cancel(struct timerfd_ctx *ctx, int flags) |
| 813 |
+ list_add_rcu(&ctx->clist, &cancel_list); |
| 814 |
+ spin_unlock(&cancel_lock); |
| 815 |
+ } |
| 816 |
+- } else if (ctx->might_cancel) { |
| 817 |
+- timerfd_remove_cancel(ctx); |
| 818 |
++ } else { |
| 819 |
++ __timerfd_remove_cancel(ctx); |
| 820 |
+ } |
| 821 |
++ spin_unlock(&ctx->cancel_lock); |
| 822 |
+ } |
| 823 |
+ |
| 824 |
+ static ktime_t timerfd_get_remaining(struct timerfd_ctx *ctx) |
| 825 |
+@@ -400,6 +410,7 @@ SYSCALL_DEFINE2(timerfd_create, int, clockid, int, flags) |
| 826 |
+ return -ENOMEM; |
| 827 |
+ |
| 828 |
+ init_waitqueue_head(&ctx->wqh); |
| 829 |
++ spin_lock_init(&ctx->cancel_lock); |
| 830 |
+ ctx->clockid = clockid; |
| 831 |
+ |
| 832 |
+ if (isalarm(ctx)) |
| 833 |
+diff --git a/kernel/cpu.c b/kernel/cpu.c |
| 834 |
+index 217fd2e7f435..99c6c568bc55 100644 |
| 835 |
+--- a/kernel/cpu.c |
| 836 |
++++ b/kernel/cpu.c |
| 837 |
+@@ -1441,14 +1441,12 @@ static void cpuhp_store_callbacks(enum cpuhp_state state, |
| 838 |
+ /* (Un)Install the callbacks for further cpu hotplug operations */ |
| 839 |
+ struct cpuhp_step *sp; |
| 840 |
+ |
| 841 |
+- mutex_lock(&cpuhp_state_mutex); |
| 842 |
+ sp = cpuhp_get_step(state); |
| 843 |
+ sp->startup.single = startup; |
| 844 |
+ sp->teardown.single = teardown; |
| 845 |
+ sp->name = name; |
| 846 |
+ sp->multi_instance = multi_instance; |
| 847 |
+ INIT_HLIST_HEAD(&sp->list); |
| 848 |
+- mutex_unlock(&cpuhp_state_mutex); |
| 849 |
+ } |
| 850 |
+ |
| 851 |
+ static void *cpuhp_get_teardown_cb(enum cpuhp_state state) |
| 852 |
+@@ -1518,16 +1516,13 @@ static int cpuhp_reserve_state(enum cpuhp_state state) |
| 853 |
+ { |
| 854 |
+ enum cpuhp_state i; |
| 855 |
+ |
| 856 |
+- mutex_lock(&cpuhp_state_mutex); |
| 857 |
+ for (i = CPUHP_AP_ONLINE_DYN; i <= CPUHP_AP_ONLINE_DYN_END; i++) { |
| 858 |
+ if (cpuhp_ap_states[i].name) |
| 859 |
+ continue; |
| 860 |
+ |
| 861 |
+ cpuhp_ap_states[i].name = "Reserved"; |
| 862 |
+- mutex_unlock(&cpuhp_state_mutex); |
| 863 |
+ return i; |
| 864 |
+ } |
| 865 |
+- mutex_unlock(&cpuhp_state_mutex); |
| 866 |
+ WARN(1, "No more dynamic states available for CPU hotplug\n"); |
| 867 |
+ return -ENOSPC; |
| 868 |
+ } |
| 869 |
+@@ -1544,6 +1539,7 @@ int __cpuhp_state_add_instance(enum cpuhp_state state, struct hlist_node *node, |
| 870 |
+ return -EINVAL; |
| 871 |
+ |
| 872 |
+ get_online_cpus(); |
| 873 |
++ mutex_lock(&cpuhp_state_mutex); |
| 874 |
+ |
| 875 |
+ if (!invoke || !sp->startup.multi) |
| 876 |
+ goto add_node; |
| 877 |
+@@ -1568,11 +1564,10 @@ int __cpuhp_state_add_instance(enum cpuhp_state state, struct hlist_node *node, |
| 878 |
+ } |
| 879 |
+ add_node: |
| 880 |
+ ret = 0; |
| 881 |
+- mutex_lock(&cpuhp_state_mutex); |
| 882 |
+ hlist_add_head(node, &sp->list); |
| 883 |
+- mutex_unlock(&cpuhp_state_mutex); |
| 884 |
+ |
| 885 |
+ err: |
| 886 |
++ mutex_unlock(&cpuhp_state_mutex); |
| 887 |
+ put_online_cpus(); |
| 888 |
+ return ret; |
| 889 |
+ } |
| 890 |
+@@ -1601,6 +1596,7 @@ int __cpuhp_setup_state(enum cpuhp_state state, |
| 891 |
+ return -EINVAL; |
| 892 |
+ |
| 893 |
+ get_online_cpus(); |
| 894 |
++ mutex_lock(&cpuhp_state_mutex); |
| 895 |
+ |
| 896 |
+ /* currently assignments for the ONLINE state are possible */ |
| 897 |
+ if (state == CPUHP_AP_ONLINE_DYN) { |
| 898 |
+@@ -1636,6 +1632,8 @@ int __cpuhp_setup_state(enum cpuhp_state state, |
| 899 |
+ } |
| 900 |
+ } |
| 901 |
+ out: |
| 902 |
++ mutex_unlock(&cpuhp_state_mutex); |
| 903 |
++ |
| 904 |
+ put_online_cpus(); |
| 905 |
+ if (!ret && dyn_state) |
| 906 |
+ return state; |
| 907 |
+@@ -1655,6 +1653,8 @@ int __cpuhp_state_remove_instance(enum cpuhp_state state, |
| 908 |
+ return -EINVAL; |
| 909 |
+ |
| 910 |
+ get_online_cpus(); |
| 911 |
++ mutex_lock(&cpuhp_state_mutex); |
| 912 |
++ |
| 913 |
+ if (!invoke || !cpuhp_get_teardown_cb(state)) |
| 914 |
+ goto remove; |
| 915 |
+ /* |
| 916 |
+@@ -1671,7 +1671,6 @@ int __cpuhp_state_remove_instance(enum cpuhp_state state, |
| 917 |
+ } |
| 918 |
+ |
| 919 |
+ remove: |
| 920 |
+- mutex_lock(&cpuhp_state_mutex); |
| 921 |
+ hlist_del(node); |
| 922 |
+ mutex_unlock(&cpuhp_state_mutex); |
| 923 |
+ put_online_cpus(); |
| 924 |
+@@ -1696,6 +1695,7 @@ void __cpuhp_remove_state(enum cpuhp_state state, bool invoke) |
| 925 |
+ BUG_ON(cpuhp_cb_check(state)); |
| 926 |
+ |
| 927 |
+ get_online_cpus(); |
| 928 |
++ mutex_lock(&cpuhp_state_mutex); |
| 929 |
+ |
| 930 |
+ if (sp->multi_instance) { |
| 931 |
+ WARN(!hlist_empty(&sp->list), |
| 932 |
+@@ -1721,6 +1721,7 @@ void __cpuhp_remove_state(enum cpuhp_state state, bool invoke) |
| 933 |
+ } |
| 934 |
+ remove: |
| 935 |
+ cpuhp_store_callbacks(state, NULL, NULL, NULL, false); |
| 936 |
++ mutex_unlock(&cpuhp_state_mutex); |
| 937 |
+ put_online_cpus(); |
| 938 |
+ } |
| 939 |
+ EXPORT_SYMBOL(__cpuhp_remove_state); |
Archives