- Kernel - mailweb.openeuler.org

[openeuler:OLK-6.6 2562/2562] include/linux/userfaultfd_k.h:66:45: sparse: sparse: restricted uffd_flags_t degrades to integer
by kernel test robot 22 Jul '25

22 Jul '25

tree: https://gitee.com/openeuler/kernel.git OLK-6.6 head: 7fdbd961485c204422c001cf39400983c5ee9265 commit: 0214feb8f616acf62f9a6a2a131f0a1479b2b8af [2562/2562] mm/userswap: introduce UFFDIO_COPY_MODE_DIRECT_MAP config: x86_64-randconfig-123-20250721 (https://download.01.org/0day-ci/archive/20250722/202507220023.Kuq6r4En-lkp@…) compiler: gcc-12 (Debian 12.2.0-14+deb12u1) 12.2.0 reproduce (this is a W=1 build): (https://download.01.org/0day-ci/archive/20250722/202507220023.Kuq6r4En-lkp@…) If you fix the issue in a separate patch/commit (i.e. not just a new version of the same patch/commit), kindly add following tags | Reported-by: kernel test robot <lkp(a)intel.com> | Closes: https://lore.kernel.org/oe-kbuild-all/202507220023.Kuq6r4En-lkp@intel.com/ sparse warnings: (new ones prefixed by >>) mm/userfaultfd.c: note: in included file (through include/linux/rbtree.h, include/linux/mm_types.h, include/linux/mmzone.h, ...): include/linux/rcupdate.h:780:9: sparse: sparse: context imbalance in 'mfill_atomic_install_pte' - unexpected unlock include/linux/rcupdate.h:780:9: sparse: sparse: context imbalance in 'mfill_atomic_pte_zeropage' - unexpected unlock include/linux/rcupdate.h:780:9: sparse: sparse: context imbalance in 'mfill_atomic_pte_poison' - unexpected unlock mm/userfaultfd.c: note: in included file: >> include/linux/userfaultfd_k.h:66:45: sparse: sparse: restricted uffd_flags_t degrades to integer >> include/linux/userfaultfd_k.h:67:32: sparse: sparse: incorrect type in argument 1 (different base types) @@ expected restricted uffd_flags_t [usertype] flags @@ got unsigned int enum mfill_atomic_mode mode @@ include/linux/userfaultfd_k.h:67:32: sparse: expected restricted uffd_flags_t [usertype] flags include/linux/userfaultfd_k.h:67:32: sparse: got unsigned int enum mfill_atomic_mode mode >> include/linux/userfaultfd_k.h:66:45: sparse: sparse: restricted uffd_flags_t degrades to integer >> include/linux/userfaultfd_k.h:67:32: sparse: sparse: incorrect type in argument 1 (different base types) @@ expected restricted uffd_flags_t [usertype] flags @@ got unsigned int enum mfill_atomic_mode mode @@ include/linux/userfaultfd_k.h:67:32: sparse: expected restricted uffd_flags_t [usertype] flags include/linux/userfaultfd_k.h:67:32: sparse: got unsigned int enum mfill_atomic_mode mode >> include/linux/userfaultfd_k.h:66:45: sparse: sparse: restricted uffd_flags_t degrades to integer >> include/linux/userfaultfd_k.h:67:32: sparse: sparse: incorrect type in argument 1 (different base types) @@ expected restricted uffd_flags_t [usertype] flags @@ got unsigned int enum mfill_atomic_mode mode @@ include/linux/userfaultfd_k.h:67:32: sparse: expected restricted uffd_flags_t [usertype] flags include/linux/userfaultfd_k.h:67:32: sparse: got unsigned int enum mfill_atomic_mode mode >> include/linux/userfaultfd_k.h:66:45: sparse: sparse: restricted uffd_flags_t degrades to integer >> include/linux/userfaultfd_k.h:67:32: sparse: sparse: incorrect type in argument 1 (different base types) @@ expected restricted uffd_flags_t [usertype] flags @@ got unsigned int enum mfill_atomic_mode mode @@ include/linux/userfaultfd_k.h:67:32: sparse: expected restricted uffd_flags_t [usertype] flags include/linux/userfaultfd_k.h:67:32: sparse: got unsigned int enum mfill_atomic_mode mode vim +66 include/linux/userfaultfd_k.h 63 64 static inline uffd_flags_t uffd_flags_set_mode(uffd_flags_t flags, enum mfill_atomic_mode mode) 65 { > 66 if (IS_ENABLED(CONFIG_USERSWAP) && (flags & MFILL_ATOMIC_DIRECT_MAP) && > 67 uffd_flags_mode_is(mode, MFILL_ATOMIC_COPY)) 68 mode = MFILL_ATOMIC_DIRECT_MAP; 69 70 flags &= ~MFILL_ATOMIC_MODE_MASK; 71 return flags | ((__force uffd_flags_t) mode); 72 } 73 -- 0-DAY CI Kernel Test Service https://github.com/intel/lkp-tests/wiki

1 0

[PATCH 01/10] arm64: Support AT_HWCAP3
by Qi Xi 21 Jul '25

21 Jul '25

From: Mark Brown <broonie(a)kernel.org> commit ddadbcdaaed5c3c44cc6c36093f6bf02d942d71d upstream. We have filled all 64 bits of AT_HWCAP2 so in order to support discovery of further features provide the framework to use the already defined AT_HWCAP3 for further CPU features. Signed-off-by: Mark Brown <broonie(a)kernel.org> Reviewed-by: Anshuman Khandual <anshuman.khandual(a)arm.com> Link: https://lore.kernel.org/r/20241004-arm64-elf-hwcap3-v2-2-799d1daad8b0@kerne… Signed-off-by: Catalin Marinas <catalin.marinas(a)arm.com> [conflicts with e218c611e32c8d4315a6d64790b9a86f3d4fa4dc] Signed-off-by: Hongye Lin <linhongye(a)h-partners.com> Signed-off-by: Qi Xi <xiqi2(a)huawei.com> --- Documentation/arch/arm64/elf_hwcaps.rst | 6 +++--- arch/arm64/include/asm/cpufeature.h | 3 ++- arch/arm64/include/asm/hwcap.h | 5 ++++- arch/arm64/include/uapi/asm/hwcap.h | 4 ++++ arch/arm64/kernel/cpufeature.c | 6 ++++++ 5 files changed, 19 insertions(+), 5 deletions(-) diff --git a/Documentation/arch/arm64/elf_hwcaps.rst b/Documentation/arch/arm64/elf_hwcaps.rst index 76ff9d7398fd..f01ce14bca65 100644 --- a/Documentation/arch/arm64/elf_hwcaps.rst +++ b/Documentation/arch/arm64/elf_hwcaps.rst @@ -16,9 +16,9 @@ architected discovery mechanism available to userspace code at EL0. The kernel exposes the presence of these features to userspace through a set of flags called hwcaps, exposed in the auxiliary vector. -Userspace software can test for features by acquiring the AT_HWCAP or -AT_HWCAP2 entry of the auxiliary vector, and testing whether the relevant -flags are set, e.g.:: +Userspace software can test for features by acquiring the AT_HWCAP, +AT_HWCAP2 or AT_HWCAP3 entry of the auxiliary vector, and testing +whether the relevant flags are set, e.g.:: bool floating_point_is_present(void) { diff --git a/arch/arm64/include/asm/cpufeature.h b/arch/arm64/include/asm/cpufeature.h index 5a7f5f3e052d..102bd1194d06 100644 --- a/arch/arm64/include/asm/cpufeature.h +++ b/arch/arm64/include/asm/cpufeature.h @@ -12,7 +12,7 @@ #include <asm/hwcap.h> #include <asm/sysreg.h> -#define MAX_CPU_FEATURES 128 +#define MAX_CPU_FEATURES 192 #define cpu_feature(x) KERNEL_HWCAP_ ## x #define ARM64_SW_FEATURE_OVERRIDE_NOKASLR 0 @@ -434,6 +434,7 @@ void cpu_set_feature(unsigned int num); bool cpu_have_feature(unsigned int num); unsigned long cpu_get_elf_hwcap(void); unsigned long cpu_get_elf_hwcap2(void); +unsigned long cpu_get_elf_hwcap3(void); #define cpu_set_named_feature(name) cpu_set_feature(cpu_feature(name)) #define cpu_have_named_feature(name) cpu_have_feature(cpu_feature(name)) diff --git a/arch/arm64/include/asm/hwcap.h b/arch/arm64/include/asm/hwcap.h index 521267478d18..6f044e5873a9 100644 --- a/arch/arm64/include/asm/hwcap.h +++ b/arch/arm64/include/asm/hwcap.h @@ -140,17 +140,20 @@ #define KERNEL_HWCAP_MOPS __khwcap2_feature(MOPS) #define KERNEL_HWCAP_HBC __khwcap2_feature(HBC) +#define __khwcap3_feature(x) (const_ilog2(HWCAP3_ ## x) + 128) + /* * This yields a mask that user programs can use to figure out what * instruction set this cpu supports. */ #define ELF_HWCAP cpu_get_elf_hwcap() #define ELF_HWCAP2 cpu_get_elf_hwcap2() +#define ELF_HWCAP3 cpu_get_elf_hwcap3() #ifdef CONFIG_COMPAT #define COMPAT_ELF_HWCAP (compat_elf_hwcap) #define COMPAT_ELF_HWCAP2 (compat_elf_hwcap2) -extern unsigned int compat_elf_hwcap, compat_elf_hwcap2; +extern unsigned int compat_elf_hwcap, compat_elf_hwcap2, compat_elf_hwcap3; #endif enum { diff --git a/arch/arm64/include/uapi/asm/hwcap.h b/arch/arm64/include/uapi/asm/hwcap.h index 53026f45a509..a86fca74fdcf 100644 --- a/arch/arm64/include/uapi/asm/hwcap.h +++ b/arch/arm64/include/uapi/asm/hwcap.h @@ -105,4 +105,8 @@ #define HWCAP2_MOPS (1UL << 43) #define HWCAP2_HBC (1UL << 44) +/* + * HWCAP3 flags - for AT_HWCAP3 + */ + #endif /* _UAPI__ASM_HWCAP_H */ diff --git a/arch/arm64/kernel/cpufeature.c b/arch/arm64/kernel/cpufeature.c index 48750a38e455..4cd925bfc513 100644 --- a/arch/arm64/kernel/cpufeature.c +++ b/arch/arm64/kernel/cpufeature.c @@ -104,6 +104,7 @@ static DECLARE_BITMAP(elf_hwcap, MAX_CPU_FEATURES) __read_mostly; COMPAT_HWCAP_LPAE) unsigned int compat_elf_hwcap __read_mostly = COMPAT_ELF_HWCAP_DEFAULT; unsigned int compat_elf_hwcap2 __read_mostly; +unsigned int compat_elf_hwcap3 __read_mostly; #endif DECLARE_BITMAP(system_cpucaps, ARM64_NCAPS); @@ -3507,6 +3508,11 @@ unsigned long cpu_get_elf_hwcap2(void) return elf_hwcap[1]; } +unsigned long cpu_get_elf_hwcap3(void) +{ + return elf_hwcap[2]; +} + void __init setup_system_features(void) { /* -- 2.33.0

1 9

[PATCH OLK-6.6 v2] net: Fix kabi breakage for defer_free_list in struct net
by Dong Chenchen 21 Jul '25

21 Jul '25

hulk inclusion category: bugfix bugzilla: https://gitee.com/src-openeuler/kernel/issues/IBEAMS CVE: CVE-2024-56658 -------------------------------- Fix kabi breakage in struct net. Fixes: 0f6ede9fbc74 ("net: defer final 'struct net' free in netns dismantle") Fixes: da47796c8d1b ("net: Fix kabi breakage in struct net") Signed-off-by: Dong Chenchen <dongchenchen2(a)huawei.com> --- include/net/net_namespace.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/net/net_namespace.h b/include/net/net_namespace.h index f687951d6d34..9f1bb06ebb99 100644 --- a/include/net/net_namespace.h +++ b/include/net/net_namespace.h @@ -75,7 +75,6 @@ struct net { spinlock_t nsid_lock; atomic_t fnhe_genid; - KABI_FILL_HOLE(struct llist_node defer_free_list) struct list_head list; /* list of network namespaces */ struct list_head exit_list; /* To linked to call pernet exit * methods on dead net ( @@ -161,6 +160,7 @@ struct net { /* Used to store attached BPF programs */ struct netns_bpf bpf; + KABI_FILL_HOLE(struct llist_node defer_free_list) /* Note : following structs are cache line aligned */ #ifdef CONFIG_XFRM -- 2.25.1

2 1

[openeuler:OLK-6.6 2564/2564] drivers/net/ethernet/nebula-matrix/nbl/nbl_core/nbl_dev_user.c:1260:7: warning: variable 'mdev' is used uninitialized whenever 'if' condition is true
by kernel test robot 21 Jul '25

21 Jul '25

tree: https://gitee.com/openeuler/kernel.git OLK-6.6 head: 53a788b898e925f28e495dbd4e4a7ffd349b42ba commit: 69181c3c9413ccaa4dab458057d13efda520cb60 [2564/2564] Net: nebula_matrix: fix ci build warning config: arm64-randconfig-004-20250721 (https://download.01.org/0day-ci/archive/20250721/202507212015.E4IEaBTY-lkp@…) compiler: clang version 22.0.0git (https://github.com/llvm/llvm-project 853c343b45b3e83cc5eeef5a52fc8cc9d8a09252) reproduce (this is a W=1 build): (https://download.01.org/0day-ci/archive/20250721/202507212015.E4IEaBTY-lkp@…) If you fix the issue in a separate patch/commit (i.e. not just a new version of the same patch/commit), kindly add following tags | Reported-by: kernel test robot <lkp(a)intel.com> | Closes: https://lore.kernel.org/oe-kbuild-all/202507212015.E4IEaBTY-lkp@intel.com/ All warnings (new ones prefixed by >>): In file included from drivers/net/ethernet/nebula-matrix/nbl/nbl_core/nbl_dev_user.c:6: In file included from drivers/net/ethernet/nebula-matrix/nbl/nbl_core/nbl_dev.h:10: In file included from drivers/net/ethernet/nebula-matrix/nbl/nbl_core.h:10: In file included from drivers/net/ethernet/nebula-matrix/nbl/nbl_include/nbl_product_base.h:10: In file included from drivers/net/ethernet/nebula-matrix/nbl/nbl_include/nbl_include.h:12: In file included from include/linux/pci.h:1669: In file included from include/linux/dmapool.h:14: In file included from include/linux/scatterlist.h:8: In file included from include/linux/mm.h:2247: include/linux/vmstat.h:508:43: warning: arithmetic between different enumeration types ('enum zone_stat_item' and 'enum numa_stat_item') [-Wenum-enum-conversion] 508 | return vmstat_text[NR_VM_ZONE_STAT_ITEMS + | ~~~~~~~~~~~~~~~~~~~~~ ^ 509 | item]; | ~~~~ include/linux/vmstat.h:515:43: warning: arithmetic between different enumeration types ('enum zone_stat_item' and 'enum numa_stat_item') [-Wenum-enum-conversion] 515 | return vmstat_text[NR_VM_ZONE_STAT_ITEMS + | ~~~~~~~~~~~~~~~~~~~~~ ^ 516 | NR_VM_NUMA_EVENT_ITEMS + | ~~~~~~~~~~~~~~~~~~~~~~ include/linux/vmstat.h:522:36: warning: arithmetic between different enumeration types ('enum node_stat_item' and 'enum lru_list') [-Wenum-enum-conversion] 522 | return node_stat_name(NR_LRU_BASE + lru) + 3; // skip "nr_" | ~~~~~~~~~~~ ^ ~~~ include/linux/vmstat.h:527:43: warning: arithmetic between different enumeration types ('enum zone_stat_item' and 'enum numa_stat_item') [-Wenum-enum-conversion] 527 | return vmstat_text[NR_VM_ZONE_STAT_ITEMS + | ~~~~~~~~~~~~~~~~~~~~~ ^ 528 | NR_VM_NUMA_EVENT_ITEMS + | ~~~~~~~~~~~~~~~~~~~~~~ include/linux/vmstat.h:536:43: warning: arithmetic between different enumeration types ('enum zone_stat_item' and 'enum numa_stat_item') [-Wenum-enum-conversion] 536 | return vmstat_text[NR_VM_ZONE_STAT_ITEMS + | ~~~~~~~~~~~~~~~~~~~~~ ^ 537 | NR_VM_NUMA_EVENT_ITEMS + | ~~~~~~~~~~~~~~~~~~~~~~ drivers/net/ethernet/nebula-matrix/nbl/nbl_core/nbl_dev_user.c:475:14: warning: variable 'hw_addr' set but not used [-Wunused-but-set-variable] 475 | u8 __iomem *hw_addr; | ^ drivers/net/ethernet/nebula-matrix/nbl/nbl_core/nbl_dev_user.c:676:23: warning: variable 'vfn' set but not used [-Wunused-but-set-variable] 676 | unsigned long vaddr, vfn; | ^ >> drivers/net/ethernet/nebula-matrix/nbl/nbl_core/nbl_dev_user.c:1260:7: warning: variable 'mdev' is used uninitialized whenever 'if' condition is true [-Wsometimes-uninitialized] 1260 | if (IS_ERR(cdev)) { | ^~~~~~~~~~~~ drivers/net/ethernet/nebula-matrix/nbl/nbl_core/nbl_dev_user.c:1283:18: note: uninitialized use occurs here 1283 | devm_kfree(dev, mdev); | ^~~~ drivers/net/ethernet/nebula-matrix/nbl/nbl_core/nbl_dev_user.c:1260:3: note: remove the 'if' if its condition is always false 1260 | if (IS_ERR(cdev)) { | ^~~~~~~~~~~~~~~~~~~ 1261 | dev_err(dev, "device create failed\n"); | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 1262 | idr_remove(&nbl_userdev.cidr, minor); | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 1263 | mutex_unlock(&nbl_userdev.clock); | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 1264 | goto free_dev; | ~~~~~~~~~~~~~~ 1265 | } | ~ drivers/net/ethernet/nebula-matrix/nbl/nbl_core/nbl_dev_user.c:1252:7: warning: variable 'mdev' is used uninitialized whenever 'if' condition is true [-Wsometimes-uninitialized] 1252 | if (minor < 0) { | ^~~~~~~~~ drivers/net/ethernet/nebula-matrix/nbl/nbl_core/nbl_dev_user.c:1283:18: note: uninitialized use occurs here 1283 | devm_kfree(dev, mdev); | ^~~~ drivers/net/ethernet/nebula-matrix/nbl/nbl_core/nbl_dev_user.c:1252:3: note: remove the 'if' if its condition is always false 1252 | if (minor < 0) { | ^~~~~~~~~~~~~~~~ 1253 | dev_err(dev, "alloc userdev dev minor failed\n"); | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 1254 | mutex_unlock(&nbl_userdev.clock); | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 1255 | goto free_dev; | ~~~~~~~~~~~~~~ 1256 | } | ~ drivers/net/ethernet/nebula-matrix/nbl/nbl_core/nbl_dev_user.c:1168:35: note: initialize the variable 'mdev' to silence this warning 1168 | struct device *cdev = NULL, *mdev; | ^ | = NULL 9 warnings generated. vim +1260 drivers/net/ethernet/nebula-matrix/nbl/nbl_core/nbl_dev_user.c bad535d287c9c1 Bennie Yan 2024-09-24 1162 bad535d287c9c1 Bennie Yan 2024-09-24 1163 void nbl_dev_start_user_dev(struct nbl_adapter *adapter) bad535d287c9c1 Bennie Yan 2024-09-24 1164 { bad535d287c9c1 Bennie Yan 2024-09-24 1165 struct nbl_dev_mgt *dev_mgt = (struct nbl_dev_mgt *)NBL_ADAPTER_TO_DEV_MGT(adapter); bad535d287c9c1 Bennie Yan 2024-09-24 1166 struct nbl_common_info *common = NBL_ADAPTER_TO_COMMON(adapter); bad535d287c9c1 Bennie Yan 2024-09-24 1167 struct device *dev = NBL_COMMON_TO_DEV(common); bad535d287c9c1 Bennie Yan 2024-09-24 1168 struct device *cdev = NULL, *mdev; bad535d287c9c1 Bennie Yan 2024-09-24 1169 struct pci_dev *pdev = NBL_COMMON_TO_PDEV(common); bad535d287c9c1 Bennie Yan 2024-09-24 1170 struct nbl_dev_user *user; bad535d287c9c1 Bennie Yan 2024-09-24 1171 void *shm_msg_ring; bad535d287c9c1 Bennie Yan 2024-09-24 1172 bool iommu_status = 0, remap_status = 0; bad535d287c9c1 Bennie Yan 2024-09-24 1173 int minor = 0, ret; bad535d287c9c1 Bennie Yan 2024-09-24 1174 bad535d287c9c1 Bennie Yan 2024-09-24 1175 if (!nbl_userdev.success) bad535d287c9c1 Bennie Yan 2024-09-24 1176 return; bad535d287c9c1 Bennie Yan 2024-09-24 1177 bad535d287c9c1 Bennie Yan 2024-09-24 1178 if (!dev_is_dma_coherent(dev)) bad535d287c9c1 Bennie Yan 2024-09-24 1179 return; bad535d287c9c1 Bennie Yan 2024-09-24 1180 bad535d287c9c1 Bennie Yan 2024-09-24 1181 if (dma_get_mask(dev) != DMA_BIT_MASK(64)) bad535d287c9c1 Bennie Yan 2024-09-24 1182 return; bad535d287c9c1 Bennie Yan 2024-09-24 1183 bad535d287c9c1 Bennie Yan 2024-09-24 1184 iommu_status = nbl_dma_iommu_status(pdev); bad535d287c9c1 Bennie Yan 2024-09-24 1185 remap_status = nbl_dma_remap_status(pdev); bad535d287c9c1 Bennie Yan 2024-09-24 1186 bad535d287c9c1 Bennie Yan 2024-09-24 1187 /* iommu passthrough */ bad535d287c9c1 Bennie Yan 2024-09-24 1188 if (iommu_status && !remap_status) { bad535d287c9c1 Bennie Yan 2024-09-24 1189 if (common->dma_dev == common->dev) bad535d287c9c1 Bennie Yan 2024-09-24 1190 return; bad535d287c9c1 Bennie Yan 2024-09-24 1191 remap_status = 1; bad535d287c9c1 Bennie Yan 2024-09-24 1192 } bad535d287c9c1 Bennie Yan 2024-09-24 1193 bad535d287c9c1 Bennie Yan 2024-09-24 1194 shm_msg_ring = kzalloc(NBL_USER_DEV_SHMMSGRING_SIZE, GFP_KERNEL); bad535d287c9c1 Bennie Yan 2024-09-24 1195 if (!shm_msg_ring) bad535d287c9c1 Bennie Yan 2024-09-24 1196 return; bad535d287c9c1 Bennie Yan 2024-09-24 1197 bad535d287c9c1 Bennie Yan 2024-09-24 1198 user = devm_kzalloc(dev, sizeof(struct nbl_dev_user), GFP_KERNEL); bad535d287c9c1 Bennie Yan 2024-09-24 1199 if (!user) { bad535d287c9c1 Bennie Yan 2024-09-24 1200 kfree(shm_msg_ring); bad535d287c9c1 Bennie Yan 2024-09-24 1201 return; bad535d287c9c1 Bennie Yan 2024-09-24 1202 } bad535d287c9c1 Bennie Yan 2024-09-24 1203 bad535d287c9c1 Bennie Yan 2024-09-24 1204 if (remap_status) { bad535d287c9c1 Bennie Yan 2024-09-24 1205 /* mdev init */ bad535d287c9c1 Bennie Yan 2024-09-24 1206 mdev = devm_kzalloc(dev, sizeof(struct device), GFP_KERNEL); bad535d287c9c1 Bennie Yan 2024-09-24 1207 if (!mdev) { bad535d287c9c1 Bennie Yan 2024-09-24 1208 kfree(shm_msg_ring); bad535d287c9c1 Bennie Yan 2024-09-24 1209 return; bad535d287c9c1 Bennie Yan 2024-09-24 1210 } bad535d287c9c1 Bennie Yan 2024-09-24 1211 bad535d287c9c1 Bennie Yan 2024-09-24 1212 device_initialize(mdev); bad535d287c9c1 Bennie Yan 2024-09-24 1213 mdev->parent = dev; bad535d287c9c1 Bennie Yan 2024-09-24 1214 bad535d287c9c1 Bennie Yan 2024-09-24 1215 mdev->bus = &nbl_bus_type; bad535d287c9c1 Bennie Yan 2024-09-24 1216 bad535d287c9c1 Bennie Yan 2024-09-24 1217 mdev->release = nbl_mdev_device_release; bad535d287c9c1 Bennie Yan 2024-09-24 1218 bad535d287c9c1 Bennie Yan 2024-09-24 1219 ret = dev_set_name(mdev, pci_name(pdev)); bad535d287c9c1 Bennie Yan 2024-09-24 1220 if (ret) { bad535d287c9c1 Bennie Yan 2024-09-24 1221 dev_info(dev, "mdev set name failed\n"); bad535d287c9c1 Bennie Yan 2024-09-24 1222 goto free_dev; bad535d287c9c1 Bennie Yan 2024-09-24 1223 } bad535d287c9c1 Bennie Yan 2024-09-24 1224 bad535d287c9c1 Bennie Yan 2024-09-24 1225 ret = device_add(mdev); bad535d287c9c1 Bennie Yan 2024-09-24 1226 if (ret) { bad535d287c9c1 Bennie Yan 2024-09-24 1227 dev_err(dev, "mdev add failed\n"); bad535d287c9c1 Bennie Yan 2024-09-24 1228 goto free_dev; bad535d287c9c1 Bennie Yan 2024-09-24 1229 } bad535d287c9c1 Bennie Yan 2024-09-24 1230 dev_info(dev, "MDEV: created\n"); bad535d287c9c1 Bennie Yan 2024-09-24 1231 bad535d287c9c1 Bennie Yan 2024-09-24 1232 devm_kfree(dev, user); bad535d287c9c1 Bennie Yan 2024-09-24 1233 bad535d287c9c1 Bennie Yan 2024-09-24 1234 user = vfio_alloc_device(nbl_dev_user, vdev, mdev, &nbl_vfio_dev_ops); bad535d287c9c1 Bennie Yan 2024-09-24 1235 if (IS_ERR(user)) { bad535d287c9c1 Bennie Yan 2024-09-24 1236 device_del(mdev); bad535d287c9c1 Bennie Yan 2024-09-24 1237 goto free_dev; bad535d287c9c1 Bennie Yan 2024-09-24 1238 } bad535d287c9c1 Bennie Yan 2024-09-24 1239 bad535d287c9c1 Bennie Yan 2024-09-24 1240 ret = vfio_register_emulated_iommu_dev(&user->vdev); bad535d287c9c1 Bennie Yan 2024-09-24 1241 if (ret) { bad535d287c9c1 Bennie Yan 2024-09-24 1242 vfio_put_device(&user->vdev); bad535d287c9c1 Bennie Yan 2024-09-24 1243 device_del(mdev); bad535d287c9c1 Bennie Yan 2024-09-24 1244 goto free_dev; bad535d287c9c1 Bennie Yan 2024-09-24 1245 } bad535d287c9c1 Bennie Yan 2024-09-24 1246 bad535d287c9c1 Bennie Yan 2024-09-24 1247 user->mdev = mdev; bad535d287c9c1 Bennie Yan 2024-09-24 1248 mdev->driver = &nbl_mdev_driver.driver; bad535d287c9c1 Bennie Yan 2024-09-24 1249 } else { bad535d287c9c1 Bennie Yan 2024-09-24 1250 mutex_lock(&nbl_userdev.clock); bad535d287c9c1 Bennie Yan 2024-09-24 1251 minor = idr_alloc(&nbl_userdev.cidr, adapter, 1, MINORMASK + 1, GFP_KERNEL); bad535d287c9c1 Bennie Yan 2024-09-24 1252 if (minor < 0) { bad535d287c9c1 Bennie Yan 2024-09-24 1253 dev_err(dev, "alloc userdev dev minor failed\n"); bad535d287c9c1 Bennie Yan 2024-09-24 1254 mutex_unlock(&nbl_userdev.clock); bad535d287c9c1 Bennie Yan 2024-09-24 1255 goto free_dev; bad535d287c9c1 Bennie Yan 2024-09-24 1256 } bad535d287c9c1 Bennie Yan 2024-09-24 1257 bad535d287c9c1 Bennie Yan 2024-09-24 1258 cdev = device_create(nbl_userdev.cls, NULL, MKDEV(MAJOR(nbl_userdev.cdevt), minor), bad535d287c9c1 Bennie Yan 2024-09-24 1259 NULL, pci_name(pdev)); bad535d287c9c1 Bennie Yan 2024-09-24 @1260 if (IS_ERR(cdev)) { bad535d287c9c1 Bennie Yan 2024-09-24 1261 dev_err(dev, "device create failed\n"); bad535d287c9c1 Bennie Yan 2024-09-24 1262 idr_remove(&nbl_userdev.cidr, minor); bad535d287c9c1 Bennie Yan 2024-09-24 1263 mutex_unlock(&nbl_userdev.clock); bad535d287c9c1 Bennie Yan 2024-09-24 1264 goto free_dev; bad535d287c9c1 Bennie Yan 2024-09-24 1265 } bad535d287c9c1 Bennie Yan 2024-09-24 1266 mutex_unlock(&nbl_userdev.clock); bad535d287c9c1 Bennie Yan 2024-09-24 1267 user->dev = cdev; bad535d287c9c1 Bennie Yan 2024-09-24 1268 user->minor = minor; bad535d287c9c1 Bennie Yan 2024-09-24 1269 } bad535d287c9c1 Bennie Yan 2024-09-24 1270 bad535d287c9c1 Bennie Yan 2024-09-24 1271 user->shm_msg_ring = shm_msg_ring; bad535d287c9c1 Bennie Yan 2024-09-24 1272 user->adapter = adapter; bad535d287c9c1 Bennie Yan 2024-09-24 1273 user->iommu_status = iommu_status; bad535d287c9c1 Bennie Yan 2024-09-24 1274 user->remap_status = remap_status; bad535d287c9c1 Bennie Yan 2024-09-24 1275 atomic_set(&user->open_cnt, 0); bad535d287c9c1 Bennie Yan 2024-09-24 1276 user->network_type = NBL_KERNEL_NETWORK; bad535d287c9c1 Bennie Yan 2024-09-24 1277 bad535d287c9c1 Bennie Yan 2024-09-24 1278 NBL_DEV_MGT_TO_USER_DEV(dev_mgt) = user; bad535d287c9c1 Bennie Yan 2024-09-24 1279 bad535d287c9c1 Bennie Yan 2024-09-24 1280 return; bad535d287c9c1 Bennie Yan 2024-09-24 1281 bad535d287c9c1 Bennie Yan 2024-09-24 1282 free_dev: bad535d287c9c1 Bennie Yan 2024-09-24 1283 devm_kfree(dev, mdev); bad535d287c9c1 Bennie Yan 2024-09-24 1284 kfree(shm_msg_ring); bad535d287c9c1 Bennie Yan 2024-09-24 1285 } bad535d287c9c1 Bennie Yan 2024-09-24 1286 :::::: The code at line 1260 was first introduced by commit :::::: bad535d287c9c1056d99de3666be7da84de4a8fc Net:nbl_core: Add nbl_core-driver for nebula-matrix S1055AS series smart NIC. :::::: TO: Bennie Yan <bennie.yan(a)nebula-matrix.com> :::::: CC: Bennie Yan <bennie.yan(a)nebula-matrix.com> -- 0-DAY CI Kernel Test Service https://github.com/intel/lkp-tests/wiki

1 0

[PATCH OLK-6.6] drm: phytium: fix NULL dereference issue in drm_gem_object_free
by Li Chen 21 Jul '25

21 Jul '25

From: Li Chen <chenl311(a)chinatelecom.cn> driver inclusion category: bugfix bugzilla: https://gitee.com/openeuler/kernel/issues/ICGG2A ---------------------------------------------------------------------- Syzkaller crashed kernel in drm path. The root cause is that phytium_drm_gem_object_funcs is not assigned before phytium_gem_create_object enters the failed_dma_alloc label. Let's fix this issue by assigning the function earlier. Below is the crash log: ``` [ 9042.703078] [drm:phytium_gem_create_object [phytium_dc_drm]] *ERROR* fail to allocate vram buffer with size 3de4000 [ 9042.717862] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000000 [ 9042.727173] fuse: Unknown parameter '0xffffffffffffffff<r00000000000000000000' [ 9042.730383] Mem abort info: [ 9042.745443] ESR = 0x0000000096000006 [ 9042.745446] EC = 0x25: DABT (current EL), IL = 32 bits [ 9042.745448] SET = 0, FnV = 0 [ 9042.745450] EA = 0, S1PTW = 0 [ 9042.745451] FSC = 0x06: level 2 translation fault [ 9042.745453] Data abort info: [ 9042.745455] ISV = 0, ISS = 0x00000006, ISS2 = 0x00000000 [ 9042.745457] CM = 0, WnR = 0, TnD = 0, TagAccess = 0 [ 9042.745459] GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0 [ 9042.745462] user pgtable: 4k pages, 48-bit VAs, pgdp=00003000894ca000 [ 9042.745464] [0000000000000000] pgd=08003000894cb403, p4d=08003000894cb403, pud=0800300085320403, pmd=0000000000000000 [ 9042.830042] Internal error: Oops: 0000000096000006 [#1] SMP [ 9042.838310] Modules linked in: cramfs camellia_generic serpent_generic blowfish_generic blowfish_common cast5_generic cast_common des_generic libdes rmd160 tcp_bic unix_diag ansi_cprng tcp_dctcp ppp_synctty ip_set_hash_ip n_hdlc cmac pps_ldisc n_gsm nfnetlink_log slcan tcp_diag nfnetlink_cthelper atm nfsd auth_rpcgss nfs_acl twofish_generic twofish_common ccm md4 ppp_async msdos nfs lockd grace fscache crc32_generic netfs smc_diag tcp_westwood smc nfnetlink_osf vfio_iommu_type1 vfio vhost_vsock iommufd squashfs ib_core gfs2 snd_timer snd soundcore uhid nfnetlink_cttimeout pppoe ip_vs cuse can_bcm loop can_raw can vsock_loopback inet_diag vmw_vsock_virtio_transport_common vhost_net vhost ieee802154_socket vsock cfg80211 uinput ieee802154 vhost_iotlb pptp crypto_user l2tp_ppp pppox sctp ppp_generic slhc af_key ip6_vti ip_vti ipip sit geneve macvtap tap ipvlan macvlan hsr xfrm_interface xfrm6_tunnel tunnel4 wireguard libchacha20poly1305 chacha_neon poly1305_neon libcurve25519_generic libchacha nlmon team vcan can_dev tun [ 9042.838608] xt_conntrack nft_chain_nat xt_MASQUERADE nf_nat nf_conntrack_netlink nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 xt_addrtype nft_compat nf_tables overlay nfnetlink_queue authenc echainiv cls_matchall esp6 l2tp_ip6 l2tp_eth l2tp_ip l2tp_netlink l2tp_core br_netfilter sch_etf sch_fq dccp_ipv6 dccp_ipv4 dccp sch_ingress act_mirred cls_basic veth bonding tls esp4_offload esp4 psample macsec vxlan ip6_udp_tunnel udp_tunnel vrf 8021q garp mrp ip6_gre ip6_tunnel tunnel6 ip_gre ip_tunnel gre cls_u32 sch_htb dummy binfmt_misc bridge stp llc rfkill ip_set libcrc32c sunrpc vfat fat ipmi_si ipmi_devintf phytium_dc_drm ses enclosure ipmi_msghandler drm_display_helper scsi_transport_sas cec drm_kms_helper cppc_cpufreq sg drm fuse nfnetlink ext4 mbcache jbd2 sd_mod t10_pi crc64_rocksoft_generic crc64_rocksoft crc64 crct10dif_ce ghash_ce sm4_ce_gcm sm4_ce_ccm sm4_ce sm4_ce_cipher sm4 sm3_ce sha3_ce sha512_ce ahci sha512_arm64 sha2_ce libahci sha256_arm64 ice sha1_ce igb sbsa_gwdt libata megaraid_sas i2c_algo_bit i2c_core [ 9042.958095] dm_mirror dm_region_hash dm_log dm_multipath dm_mod aes_neon_bs aes_neon_blk aes_ce_blk aes_ce_cipher [last unloaded: nf_tables] [ 9043.094331] CPU: 39 PID: 127275 Comm: syz-executor.3 Kdump: loaded Not tainted 6.6.0-0001.rc3.ctl4.aarch64 #1 [ 9043.108430] Hardware name: vclusters VSFT5000 B/VSFT5000 B, BIOS KL4.2A.RC.D.170.240314.D.DX 03/14/2024 18:01:48 [ 9043.122832] pstate: 60400009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 9043.132983] pc : drm_gem_object_free+0xc/0x40 [drm] [ 9043.140480] lr : phytium_gem_create_object+0x2ac/0x338 [phytium_dc_drm] [ 9043.150238] sp : ffff80009cd83bd0 [ 9043.155639] x29: ffff80009cd83bd0 x28: 00000000000000b2 x27: ffff80009cd83ce8 [ 9043.166023] x26: 0000000000000020 x25: 0000000000000020 x24: ffff80007b4b2d78 [ 9043.176292] x23: ffff00ff8de5b000 x22: 0000000003de4000 x21: 0000000000000000 [ 9043.186548] x20: ffff00ff8df94c80 x19: fffffffffffffff4 x18: ffffffffffffffff [ 9043.196768] x17: 6f74206c69616620 x16: 2a524f5252452a20 x15: 5d5d6d72645f6364 [ 9043.207193] x14: 5f6d756974796870 x13: 205d353732373231 x12: 545b5d3837303330 [ 9043.217647] x11: 00000000ffff7fff x10: ffff80008223b900 x9 : ffff80007b5cdcb4 [ 9043.228070] x8 : 00000000000bffe8 x7 : c0000000ffff7fff x6 : 00000000002bffa8 [ 9043.238522] x5 : ffff80008345bd08 x4 : 0000000000000000 x3 : 0000000000000000 [ 9043.248718] x2 : 0000000000000000 x1 : 0000000000000000 x0 : ffff200014f5b800 [ 9043.258874] Call trace: [ 9043.263132] drm_gem_object_free+0xc/0x40 [drm] [ 9043.270239] phytium_gem_dumb_create+0x60/0x160 [phytium_dc_drm] [ 9043.279194] drm_mode_create_dumb_ioctl+0x98/0xc0 [drm] [ 9043.287188] drm_ioctl_kernel+0xdc/0x188 [drm] [ 9043.294188] drm_ioctl+0x274/0x540 [drm] [ 9043.300456] __arm64_sys_ioctl+0xb4/0x100 [ 9043.306777] invoke_syscall+0x50/0x128 [ 9043.312774] el0_svc_common.constprop.0+0xc8/0xf0 [ 9043.319953] do_el0_svc+0x24/0x38 [ 9043.325324] el0_svc+0x44/0x1b8 [ 9043.330517] el0t_64_sync_handler+0x100/0x130 [ 9043.337369] el0t_64_sync+0x188/0x190 [ 9043.343315] Code: ffff00ff aa1e03e9 952fe875 f940a001 (f9400021) [ 9043.352351] SMP: stopping secondary CPUs [ 9043.412513] Starting crashdump kernel... [ 9044.001381] Bye! ``` Disassembler drm_gem_object_free: ``` 0xffff80007b437398 <drm_gem_object_free>: mov x9, x30 0xffff80007b43739c <drm_gem_object_free+4>: bl 0xffff800080031570 <ftrace_caller> 0xffff80007b4373a0 <drm_gem_object_free+8>: ldr x1, [x0, #320] 0xffff80007b4373a4 <drm_gem_object_free+12>: ldr x1, [x1] 0xffff80007b4373a8 <drm_gem_object_free+16>: cbz x1, 0xffff80007b4373c8 <drm_gem_object_free+48> 0xffff80007b4373ac <drm_gem_object_free+20>: paciasp 0xffff80007b4373b0 <drm_gem_object_free+24>: stp x29, x30, [sp, #-16]! 0xffff80007b4373b4 <drm_gem_object_free+28>: mov x29, sp 0xffff80007b4373b8 <drm_gem_object_free+32>: blr x1 0xffff80007b4373bc <drm_gem_object_free+36>: ldp x29, x30, [sp], #16 0xffff80007b4373c0 <drm_gem_object_free+40>: autiasp 0xffff80007b4373c4 <drm_gem_object_free+44>: ret 0xffff80007b4373c8 <drm_gem_object_free+48>: brk #0x800 0xffff80007b4373cc <drm_gem_object_free+52>: ret 0xffff80007b4373d0 <drm_gem_object_free+56>: .inst 0x865baea8 ; undefined 0xffff80007b4373d4 <drm_gem_object_free+60>: .inst 0xffff00ff ; undefined ``` ldr x1, [x1] <-- trapping instruction Signed-off-by: Li Chen <chenl311(a)chinatelecom.cn> Reviewed-by: Bin Lai <laib2(a)chinatelecom.cn> Reviewed-by: Shuo Li <lishuo(a)phytium.com.cn> --- drivers/gpu/drm/phytium/phytium_gem.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/drivers/gpu/drm/phytium/phytium_gem.c b/drivers/gpu/drm/phytium/phytium_gem.c index 2cbbcd9fbd112..95b6b0360c065 100644 --- a/drivers/gpu/drm/phytium/phytium_gem.c +++ b/drivers/gpu/drm/phytium/phytium_gem.c @@ -432,6 +432,8 @@ struct phytium_gem_object *phytium_gem_create_object(struct drm_device *dev, uns goto failed_object_init; } + phytium_gem_obj->base.funcs = &phytium_drm_gem_object_funcs; + if (priv->support_memory_type & (MEMORY_TYPE_VRAM_WC | MEMORY_TYPE_VRAM_DEVICE)) { ret = phytium_memory_pool_alloc(priv, &phytium_gem_obj->vaddr, &phytium_gem_obj->phys_addr, size); @@ -475,8 +477,6 @@ struct phytium_gem_object *phytium_gem_create_object(struct drm_device *dev, uns goto failed_dma_alloc; } - phytium_gem_obj->base.funcs = &phytium_drm_gem_object_funcs; - phytium_gem_obj->size = size; list_add_tail(&phytium_gem_obj->list, &priv->gem_list_head); DRM_DEBUG_KMS("phytium_gem_obj iova:0x%pa size:0x%lx\n", -- 2.49.0

1 0

[PATCH OLK-6.6] net: Fix kabi breakage for defer_free_list in struct net
by Dong Chenchen 21 Jul '25

21 Jul '25

hulk inclusion category: bugfix bugzilla: https://gitee.com/src-openeuler/kernel/issues/IBEAMS CVE: CVE-2024-56658 -------------------------------- Fix kabi breakage in struct net. Fixes: 0f6ede9fbc74 ("net: defer final 'struct net' free in netns dismantle") Fixes: f935fb1fa568 ("[Huawei] net: Fix kabi breakage in struct net") Signed-off-by: Dong Chenchen <dongchenchen2(a)huawei.com> --- include/net/net_namespace.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/net/net_namespace.h b/include/net/net_namespace.h index f687951d6d34..9f1bb06ebb99 100644 --- a/include/net/net_namespace.h +++ b/include/net/net_namespace.h @@ -75,7 +75,6 @@ struct net { spinlock_t nsid_lock; atomic_t fnhe_genid; - KABI_FILL_HOLE(struct llist_node defer_free_list) struct list_head list; /* list of network namespaces */ struct list_head exit_list; /* To linked to call pernet exit * methods on dead net ( @@ -161,6 +160,7 @@ struct net { /* Used to store attached BPF programs */ struct netns_bpf bpf; + KABI_FILL_HOLE(struct llist_node defer_free_list) /* Note : following structs are cache line aligned */ #ifdef CONFIG_XFRM -- 2.25.1

2 1

[PATCH OLK-5.10] hugeltb: Fix null ptr exception during drain movable pcp
by Wupeng Ma 21 Jul '25

21 Jul '25

hulk inclusion category: bugfix bugzilla: https://gitee.com/openeuler/kernel/issues/ICLL1L -------------------------------- During our test, with movable_node enabled, null ptr exception will happen with the following command: echo 10 > /proc/sys/vm/nr_hugepages Which will lead to kernel panic with the following log: Unable to handle kernel paging request at virtual address 00000000000013f0 pc : set_max_huge_pages+0x52c/0x5fc lr : set_max_huge_pages+0x514/0x5fc Call trace: set_max_huge_pages+0x52c/0x5fc hugetlb_sysctl_handler+0xe4/0x10c proc_sys_call_handler+0x13c/0x260 proc_sys_write+0x18/0x3c new_sync_write+0xec/0x1a0 vfs_write+0x208/0x2b0 ksys_write+0x70/0x110 __arm64_sys_write+0x20/0x40 el0_sync+0x168/0x180 To fix this, stop drian pcp if nid is not valid. Fixes: 539370f5231b ("hugetlb: drain pcp for movable zone before alloc") Signed-off-by: Wupeng Ma <mawupeng1(a)huawei.com> --- mm/hugetlb.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/mm/hugetlb.c b/mm/hugetlb.c index eff60dc4135d9..5307e9c2b0538 100644 --- a/mm/hugetlb.c +++ b/mm/hugetlb.c @@ -3113,7 +3113,8 @@ static int set_max_huge_pages(struct hstate *h, unsigned long count, int nid, * drain pcp for movable zone to increase the success rate for * hugetlb memory allocation if movable_node enabled */ - if (movable_node_is_enabled() && count > persistent_huge_pages(h)) + if ((nid != NUMA_NO_NODE) && movable_node_is_enabled() && + count > persistent_huge_pages(h)) hugetlb_drain_movable_pcp(h, nid); while (count > persistent_huge_pages(h)) { -- 2.43.0

2 1

[PATCH 01/10] arm64: Support AT_HWCAP3
by Qi Xi 21 Jul '25

21 Jul '25

From: Mark Brown <broonie(a)kernel.org> We have filled all 64 bits of AT_HWCAP2 so in order to support discovery of further features provide the framework to use the already defined AT_HWCAP3 for further CPU features. Signed-off-by: Mark Brown <broonie(a)kernel.org> Reviewed-by: Anshuman Khandual <anshuman.khandual(a)arm.com> Link: https://lore.kernel.org/r/20241004-arm64-elf-hwcap3-v2-2-799d1daad8b0@kerne… Signed-off-by: Catalin Marinas <catalin.marinas(a)arm.com> [conflicts with e218c611e32c8d4315a6d64790b9a86f3d4fa4dc] Signed-off-by: Hongye Lin <linhongye(a)h-partners.com> Signed-off-by: Qi Xi <xiqi2(a)huawei.com> --- Documentation/arch/arm64/elf_hwcaps.rst | 6 +++--- arch/arm64/include/asm/cpufeature.h | 3 ++- arch/arm64/include/asm/hwcap.h | 5 ++++- arch/arm64/include/uapi/asm/hwcap.h | 4 ++++ arch/arm64/kernel/cpufeature.c | 6 ++++++ 5 files changed, 19 insertions(+), 5 deletions(-) diff --git a/Documentation/arch/arm64/elf_hwcaps.rst b/Documentation/arch/arm64/elf_hwcaps.rst index 76ff9d7398fd..f01ce14bca65 100644 --- a/Documentation/arch/arm64/elf_hwcaps.rst +++ b/Documentation/arch/arm64/elf_hwcaps.rst @@ -16,9 +16,9 @@ architected discovery mechanism available to userspace code at EL0. The kernel exposes the presence of these features to userspace through a set of flags called hwcaps, exposed in the auxiliary vector. -Userspace software can test for features by acquiring the AT_HWCAP or -AT_HWCAP2 entry of the auxiliary vector, and testing whether the relevant -flags are set, e.g.:: +Userspace software can test for features by acquiring the AT_HWCAP, +AT_HWCAP2 or AT_HWCAP3 entry of the auxiliary vector, and testing +whether the relevant flags are set, e.g.:: bool floating_point_is_present(void) { diff --git a/arch/arm64/include/asm/cpufeature.h b/arch/arm64/include/asm/cpufeature.h index 5a7f5f3e052d..102bd1194d06 100644 --- a/arch/arm64/include/asm/cpufeature.h +++ b/arch/arm64/include/asm/cpufeature.h @@ -12,7 +12,7 @@ #include <asm/hwcap.h> #include <asm/sysreg.h> -#define MAX_CPU_FEATURES 128 +#define MAX_CPU_FEATURES 192 #define cpu_feature(x) KERNEL_HWCAP_ ## x #define ARM64_SW_FEATURE_OVERRIDE_NOKASLR 0 @@ -434,6 +434,7 @@ void cpu_set_feature(unsigned int num); bool cpu_have_feature(unsigned int num); unsigned long cpu_get_elf_hwcap(void); unsigned long cpu_get_elf_hwcap2(void); +unsigned long cpu_get_elf_hwcap3(void); #define cpu_set_named_feature(name) cpu_set_feature(cpu_feature(name)) #define cpu_have_named_feature(name) cpu_have_feature(cpu_feature(name)) diff --git a/arch/arm64/include/asm/hwcap.h b/arch/arm64/include/asm/hwcap.h index 521267478d18..6f044e5873a9 100644 --- a/arch/arm64/include/asm/hwcap.h +++ b/arch/arm64/include/asm/hwcap.h @@ -140,17 +140,20 @@ #define KERNEL_HWCAP_MOPS __khwcap2_feature(MOPS) #define KERNEL_HWCAP_HBC __khwcap2_feature(HBC) +#define __khwcap3_feature(x) (const_ilog2(HWCAP3_ ## x) + 128) + /* * This yields a mask that user programs can use to figure out what * instruction set this cpu supports. */ #define ELF_HWCAP cpu_get_elf_hwcap() #define ELF_HWCAP2 cpu_get_elf_hwcap2() +#define ELF_HWCAP3 cpu_get_elf_hwcap3() #ifdef CONFIG_COMPAT #define COMPAT_ELF_HWCAP (compat_elf_hwcap) #define COMPAT_ELF_HWCAP2 (compat_elf_hwcap2) -extern unsigned int compat_elf_hwcap, compat_elf_hwcap2; +extern unsigned int compat_elf_hwcap, compat_elf_hwcap2, compat_elf_hwcap3; #endif enum { diff --git a/arch/arm64/include/uapi/asm/hwcap.h b/arch/arm64/include/uapi/asm/hwcap.h index 53026f45a509..a86fca74fdcf 100644 --- a/arch/arm64/include/uapi/asm/hwcap.h +++ b/arch/arm64/include/uapi/asm/hwcap.h @@ -105,4 +105,8 @@ #define HWCAP2_MOPS (1UL << 43) #define HWCAP2_HBC (1UL << 44) +/* + * HWCAP3 flags - for AT_HWCAP3 + */ + #endif /* _UAPI__ASM_HWCAP_H */ diff --git a/arch/arm64/kernel/cpufeature.c b/arch/arm64/kernel/cpufeature.c index 48750a38e455..4cd925bfc513 100644 --- a/arch/arm64/kernel/cpufeature.c +++ b/arch/arm64/kernel/cpufeature.c @@ -104,6 +104,7 @@ static DECLARE_BITMAP(elf_hwcap, MAX_CPU_FEATURES) __read_mostly; COMPAT_HWCAP_LPAE) unsigned int compat_elf_hwcap __read_mostly = COMPAT_ELF_HWCAP_DEFAULT; unsigned int compat_elf_hwcap2 __read_mostly; +unsigned int compat_elf_hwcap3 __read_mostly; #endif DECLARE_BITMAP(system_cpucaps, ARM64_NCAPS); @@ -3507,6 +3508,11 @@ unsigned long cpu_get_elf_hwcap2(void) return elf_hwcap[1]; } +unsigned long cpu_get_elf_hwcap3(void) +{ + return elf_hwcap[2]; +} + void __init setup_system_features(void) { /* -- 2.33.0

1 9

[PATCH OLK-5.10] hugeltb: Fix null ptr exception during drain movable pcp
by Wupeng Ma 21 Jul '25

21 Jul '25

hulk inclusion category: bugfix bugzilla: https://gitee.com/openeuler/kernel/issues/ICLL1L -------------------------------- During our test, with movable_node enabled, null ptr exception will happen with the following command: echo 10 > /proc/sys/vm/nr_hugepages Which will lead to kernel panic with the following log: Unable to handle kernel paging request at virtual address 00000000000013f0 pc : set_max_huge_pages+0x52c/0x5fc lr : set_max_huge_pages+0x514/0x5fc Call trace: set_max_huge_pages+0x52c/0x5fc hugetlb_sysctl_handler+0xe4/0x10c proc_sys_call_handler+0x13c/0x260 proc_sys_write+0x18/0x3c new_sync_write+0xec/0x1a0 vfs_write+0x208/0x2b0 ksys_write+0x70/0x110 __arm64_sys_write+0x20/0x40 el0_sync+0x168/0x180 To fix this, stop drian pcp if nid is not valid. Signed-off-by: Wupeng Ma <mawupeng1(a)huawei.com> --- mm/hugetlb.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/mm/hugetlb.c b/mm/hugetlb.c index eff60dc4135d9..5307e9c2b0538 100644 --- a/mm/hugetlb.c +++ b/mm/hugetlb.c @@ -3113,7 +3113,8 @@ static int set_max_huge_pages(struct hstate *h, unsigned long count, int nid, * drain pcp for movable zone to increase the success rate for * hugetlb memory allocation if movable_node enabled */ - if (movable_node_is_enabled() && count > persistent_huge_pages(h)) + if ((nid != NUMA_NO_NODE) && movable_node_is_enabled() && + count > persistent_huge_pages(h)) hugetlb_drain_movable_pcp(h, nid); while (count > persistent_huge_pages(h)) { -- 2.43.0

2 1

[PATCH OLK-5.10] hugeltb: Fix null ptr exception during drain movable pcp
by Wupeng Ma 21 Jul '25

21 Jul '25

hulk inclusion category: bugfix bugzilla: https://gitee.com/openeuler/kernel/issues/ICLL1L -------------------------------- During our test, with movable_node enabled, null ptr exception will happen with the following command: echo 10 > /proc/sys/vm/nr_hugepages Which will lead to kernel panic with the following log: Unable to handle kernel paging request at virtual address 00000000000013f0 pc : set_max_huge_pages+0x52c/0x5fc lr : set_max_huge_pages+0x514/0x5fc Call trace: set_max_huge_pages+0x52c/0x5fc hugetlb_sysctl_handler+0xe4/0x10c proc_sys_call_handler+0x13c/0x260 proc_sys_write+0x18/0x3c new_sync_write+0xec/0x1a0 vfs_write+0x208/0x2b0 ksys_write+0x70/0x110 __arm64_sys_write+0x20/0x40 el0_sync+0x168/0x180 To fix this, stop drian pcp if nid is not valid. Signed-off-by: Wupeng Ma <mawupeng1(a)huawei.com> --- mm/hugetlb.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/mm/hugetlb.c b/mm/hugetlb.c index eff60dc4135d9..5307e9c2b0538 100644 --- a/mm/hugetlb.c +++ b/mm/hugetlb.c @@ -3113,7 +3113,8 @@ static int set_max_huge_pages(struct hstate *h, unsigned long count, int nid, * drain pcp for movable zone to increase the success rate for * hugetlb memory allocation if movable_node enabled */ - if (movable_node_is_enabled() && count > persistent_huge_pages(h)) + if ((nid != NUMA_NO_NODE) && movable_node_is_enabled() && + count > persistent_huge_pages(h)) hugetlb_drain_movable_pcp(h, nid); while (count > persistent_huge_pages(h)) { -- 2.43.0

2 1