- Kernel - mailweb.openeuler.org

[openeuler:OLK-6.6 3415/3415] drivers/iommu/hisilicon/ummu_main.c:267:2: warning: unannotated fall-through between switch labels
by kernel test robot 02 Dec '25

02 Dec '25

tree: https://gitee.com/openeuler/kernel.git OLK-6.6 head: 118b4e18ae4e19cd4e1245306fe243d21aee3d82 commit: 0db2fc397b9d432df0233d7bed29df427df74aac [3415/3415] iommu/ummu: Support UMMU device config: arm64-allmodconfig (https://download.01.org/0day-ci/archive/20251202/202512020558.hXS2BgSg-lkp@…) compiler: clang version 19.1.7 (https://github.com/llvm/llvm-project cd708029e0b2869e80abe31ddb175f7c35361f90) reproduce (this is a W=1 build): (https://download.01.org/0day-ci/archive/20251202/202512020558.hXS2BgSg-lkp@…) If you fix the issue in a separate patch/commit (i.e. not just a new version of the same patch/commit), kindly add following tags | Reported-by: kernel test robot <lkp(a)intel.com> | Closes: https://lore.kernel.org/oe-kbuild-all/202512020558.hXS2BgSg-lkp@intel.com/ All warnings (new ones prefixed by >>): >> drivers/iommu/hisilicon/ummu_main.c:267:2: warning: unannotated fall-through between switch labels [-Wimplicit-fallthrough] 267 | default: | ^ drivers/iommu/hisilicon/ummu_main.c:267:2: note: insert 'break;' to avoid fall-through 267 | default: | ^ | break; drivers/iommu/hisilicon/ummu_main.c:280:2: warning: unannotated fall-through between switch labels [-Wimplicit-fallthrough] 280 | default: | ^ drivers/iommu/hisilicon/ummu_main.c:280:2: note: insert 'break;' to avoid fall-through 280 | default: | ^ | break; 2 warnings generated. vim +267 drivers/iommu/hisilicon/ummu_main.c 258 259 static void ummu_device_get_stall_model(struct ummu_device *ummu, u32 reg) 260 { 261 switch (FIELD_GET(CAP3_STALL_MODEL_MASK, reg)) { 262 case CAP3_STALL_MODE_FORCE: 263 ummu->cap.features |= UMMU_FEAT_STALL_FORCE; 264 fallthrough; 265 case CAP3_STALL_MODE: 266 ummu->cap.features |= UMMU_FEAT_STALLS; > 267 default: 268 break; 269 } 270 } 271 -- 0-DAY CI Kernel Test Service https://github.com/intel/lkp-tests/wiki

1 0

[PATCH OLK-6.6 0/3] Fixes and cleanup of page cache limit
by Zhang Qilong 01 Dec '25

01 Dec '25

Zhang Qilong (3): mm: Replace deferrable timer with delay timer for shrink worker mm: Move vm_cache_limit_mbytes check to page_cache_over_limit() mm: Add page cache limit check before queueing shrink worker mm/page_cache_limit.c | 26 ++++++++++---------------- 1 file changed, 10 insertions(+), 16 deletions(-) -- 2.43.0

2 4

[PATCH v3 OLK-6.6] xsched: add xsched_{set,get}attr syscall
by Liu Kai 01 Dec '25

01 Dec '25

hulk inclusion category: bugfix bugzilla: https://gitee.com/openeuler/kernel/issues/ID9IFI ----------------------------------------- If CONFIG_CGROUP_XCU is not enabled, the xsched defaults to the RT scheduling class, and there is no interface available to configure the RT priority. Therefore, two new syscalls are added to set and get the configuration of the RT scheduling class. The default priority for RT is 4 (the lowest priority) in the kernel. In contrast, user-configured values work the opposity way: the smaller the value, the lower the priority. The child process inherits the priority configuration of the parent process during fork. If pid=0, it indicates that the configuration is applied to the current process. Additionally, an interface is reserved for configuring the xsched scheduling class, which will be used to support CFS in the future. Currently, these system calls are only available for ARM64 and x86_64 architectures. Fixes: 832ec54e11a0 ("xsched: Add xsched RT class") Signed-off-by: Liu Kai <liukai284(a)huawei.com> --- arch/arm/tools/syscall.tbl | 4 +- arch/powerpc/kernel/syscalls/syscall.tbl | 4 +- arch/x86/entry/syscalls/syscall_32.tbl | 4 +- arch/x86/entry/syscalls/syscall_64.tbl | 4 +- include/linux/sched.h | 8 ++ include/linux/syscalls.h | 3 + include/linux/xsched.h | 19 +--- include/linux/xsched_types.h | 27 ++++++ include/uapi/asm-generic/unistd.h | 8 +- init/init_task.c | 6 ++ kernel/fork.c | 3 + kernel/xsched/core.c | 79 +++++++++++++++ kernel/xsched/rt.c | 96 ++----------------- .../arch/powerpc/entry/syscalls/syscall.tbl | 4 +- .../arch/x86/entry/syscalls/syscall_64.tbl | 4 +- 15 files changed, 152 insertions(+), 121 deletions(-) create mode 100644 include/linux/xsched_types.h diff --git a/arch/arm/tools/syscall.tbl b/arch/arm/tools/syscall.tbl index 5127af69471c..c707bea6232b 100644 --- a/arch/arm/tools/syscall.tbl +++ b/arch/arm/tools/syscall.tbl @@ -480,5 +480,5 @@ 464 common kabi_reserved464 sys_ni_syscall 465 common kabi_reserved465 sys_ni_syscall 466 common kabi_reserved466 sys_ni_syscall -467 common kabi_reserved467 sys_ni_syscall -468 common kabi_reserved468 sys_ni_syscall +467 common xsched_setattr sys_ni_syscall +468 common xsched_getattr sys_ni_syscall diff --git a/arch/powerpc/kernel/syscalls/syscall.tbl b/arch/powerpc/kernel/syscalls/syscall.tbl index 3378482bcf6f..822e08438e2d 100644 --- a/arch/powerpc/kernel/syscalls/syscall.tbl +++ b/arch/powerpc/kernel/syscalls/syscall.tbl @@ -557,5 +557,5 @@ 464 common kabi_reserved464 sys_ni_syscall 465 common kabi_reserved465 sys_ni_syscall 466 common kabi_reserved466 sys_ni_syscall -467 common kabi_reserved467 sys_ni_syscall -468 common kabi_reserved468 sys_ni_syscall +467 common xsched_setattr sys_ni_syscall +468 common xsched_getattr sys_ni_syscall diff --git a/arch/x86/entry/syscalls/syscall_32.tbl b/arch/x86/entry/syscalls/syscall_32.tbl index e14ce1f6b1ec..d97a7da65e49 100644 --- a/arch/x86/entry/syscalls/syscall_32.tbl +++ b/arch/x86/entry/syscalls/syscall_32.tbl @@ -471,5 +471,5 @@ 464 i386 kabi_reserved464 sys_ni_syscall 465 i386 kabi_reserved465 sys_ni_syscall 466 i386 kabi_reserved466 sys_ni_syscall -467 i386 kabi_reserved467 sys_ni_syscall -468 i386 kabi_reserved468 sys_ni_syscall +467 i386 xsched_setattr sys_ni_syscall +468 i386 xsched_getattr sys_ni_syscall diff --git a/arch/x86/entry/syscalls/syscall_64.tbl b/arch/x86/entry/syscalls/syscall_64.tbl index 162517343cb1..a538ce360e7d 100644 --- a/arch/x86/entry/syscalls/syscall_64.tbl +++ b/arch/x86/entry/syscalls/syscall_64.tbl @@ -388,8 +388,8 @@ 464 common kabi_reserved464 sys_ni_syscall 465 common kabi_reserved465 sys_ni_syscall 466 common kabi_reserved466 sys_ni_syscall -467 common kabi_reserved467 sys_ni_syscall -468 common kabi_reserved468 sys_ni_syscall +467 common xsched_setattr sys_xsched_setattr +468 common xsched_getattr sys_xsched_getattr # # Due to a historical design error, certain syscalls are numbered differently diff --git a/include/linux/sched.h b/include/linux/sched.h index e0afdc2dad2c..bb23790fd2d3 100644 --- a/include/linux/sched.h +++ b/include/linux/sched.h @@ -41,6 +41,10 @@ #include <linux/thread_bits.h> #include <linux/kabi.h> +#ifdef CONFIG_XCU_SCHEDULER +#include <linux/xsched_types.h> +#endif + /* task_struct member predeclarations (sorted alphabetically): */ struct audit_context; struct bio_list; @@ -776,6 +780,10 @@ struct kmap_ctrl { struct task_struct_resvd { /* pointer back to the main task_struct */ struct task_struct *task; + +#ifdef CONFIG_XCU_SCHEDULER + struct xsched_attr xse_attr; +#endif }; struct task_struct { diff --git a/include/linux/syscalls.h b/include/linux/syscalls.h index 119aabc72a2d..2e7b2c57c8c0 100644 --- a/include/linux/syscalls.h +++ b/include/linux/syscalls.h @@ -950,6 +950,9 @@ asmlinkage long sys_cachestat(unsigned int fd, asmlinkage long sys_map_shadow_stack(unsigned long addr, unsigned long size, unsigned int flags); asmlinkage long sys_vstream_manage(struct vstream_args __user *arg, int cmd); + +asmlinkage long sys_xsched_setattr(pid_t pid, struct xsched_attr __user *arg); +asmlinkage long sys_xsched_getattr(pid_t pid, struct xsched_attr __user *arg); /* * Architecture-specific system calls */ diff --git a/include/linux/xsched.h b/include/linux/xsched.h index 38db18c0d570..60cb43b4631f 100644 --- a/include/linux/xsched.h +++ b/include/linux/xsched.h @@ -6,6 +6,7 @@ #include <linux/kref.h> #include <linux/vstream.h> #include <linux/xcu_group.h> +#include <linux/xsched_types.h> #ifndef pr_fmt #define pr_fmt(fmt) fmt @@ -53,20 +54,6 @@ extern struct xsched_cu *xsched_cu_mgr[XSCHED_NR_CUS]; -enum xcu_sched_type { - XSCHED_TYPE_RT = 0, - XSCHED_TYPE_CFS = 1, - XSCHED_TYPE_NUM, - XSCHED_TYPE_DFLT = XSCHED_TYPE_RT -}; - -enum xse_prio { - XSE_PRIO_HIGH = 0, - XSE_PRIO_LOW = 4, - NR_XSE_PRIO, - XSE_PRIO_DFLT = XSE_PRIO_LOW -}; - extern struct xsched_class rt_xsched_class; extern struct xsched_class fair_xsched_class; @@ -406,7 +393,7 @@ static inline u64 gcd(u64 a, u64 b) } struct xsched_class { - enum xcu_sched_type class_id; + enum xcu_sched_class class_id; size_t kick_slice; struct list_head node; @@ -456,7 +443,7 @@ int xsched_init_entity(struct xsched_context *ctx, struct vstream_info *vs); int ctx_bind_to_xcu(vstream_info_t *vstream_info, struct xsched_context *ctx); int xsched_vsm_add_tail(struct vstream_info *vs, vstream_args_t *arg); struct vstream_metadata *xsched_vsm_fetch_first(struct vstream_info *vs); -int xsched_rt_prio_set(pid_t tgid, unsigned int prio); +void xsched_rt_prio_set(pid_t tgid, unsigned int prio); void enqueue_ctx(struct xsched_entity *xse, struct xsched_cu *xcu); void dequeue_ctx(struct xsched_entity *xse, struct xsched_cu *xcu); int delete_ctx(struct xsched_context *ctx); diff --git a/include/linux/xsched_types.h b/include/linux/xsched_types.h new file mode 100644 index 000000000000..f52fe32d5198 --- /dev/null +++ b/include/linux/xsched_types.h @@ -0,0 +1,27 @@ +/* SPDX-License-Identifier: GPL-2.0 */ +#ifndef _XSCHED_TYPE_H +#define _XSCHED_TYPE_H + +struct xsched_attr { + /* Scheduling class type, from enum xcu_sched_class */ + unsigned int xsched_class; + + /* RT scheduling priority, from enum xse_prio */ + unsigned int xsched_priority; +}; + +enum xcu_sched_class { + XSCHED_TYPE_RT = 0, + XSCHED_TYPE_CFS = 1, + XSCHED_TYPE_NUM, + XSCHED_TYPE_DFLT = XSCHED_TYPE_RT +}; + +enum xse_prio { + XSE_PRIO_HIGH = 0, + XSE_PRIO_LOW = 4, + NR_XSE_PRIO, + XSE_PRIO_DFLT = XSE_PRIO_LOW +}; + +#endif /* ! _XSCHED_TYPE_H */ diff --git a/include/uapi/asm-generic/unistd.h b/include/uapi/asm-generic/unistd.h index f015a3987255..154e0ecc946c 100644 --- a/include/uapi/asm-generic/unistd.h +++ b/include/uapi/asm-generic/unistd.h @@ -853,10 +853,10 @@ __SYSCALL(__NR_kabi_reserved464, sys_ni_syscall) __SYSCALL(__NR_kabi_reserved465, sys_ni_syscall) #define __NR_kabi_reserved466 466 __SYSCALL(__NR_kabi_reserved466, sys_ni_syscall) -#define __NR_kabi_reserved467 467 -__SYSCALL(__NR_kabi_reserved467, sys_ni_syscall) -#define __NR_kabi_reserved468 468 -__SYSCALL(__NR_kabi_reserved468, sys_ni_syscall) +#define __NR_xsched_setattr 467 +__SYSCALL(__NR_xsched_setattr, sys_xsched_setattr) +#define __NR_xsched_getattr 468 +__SYSCALL(__NR_xsched_getattr, sys_xsched_getattr) #undef __NR_syscalls #define __NR_syscalls 469 diff --git a/init/init_task.c b/init/init_task.c index 1adc17149558..61a6345708c8 100644 --- a/init/init_task.c +++ b/init/init_task.c @@ -14,6 +14,9 @@ #include <linux/scs.h> #include <linux/uaccess.h> +#ifdef CONFIG_XCU_SCHEDULER +#include <linux/xsched_types.h> +#endif static struct signal_struct init_signals = { .nr_threads = 1, @@ -59,6 +62,9 @@ unsigned long init_shadow_call_stack[SCS_SIZE / sizeof(long)] static struct task_struct_resvd init_task_struct_resvd = { .task = &init_task, +#ifdef CONFIG_XCU_SCHEDULER + .xse_attr = { .xsched_priority = XSE_PRIO_DFLT }, +#endif }; /* diff --git a/kernel/fork.c b/kernel/fork.c index 328bbf6a36d2..f3c663602345 100644 --- a/kernel/fork.c +++ b/kernel/fork.c @@ -1165,6 +1165,9 @@ static bool dup_resvd_task_struct(struct task_struct *dst, return false; dst->_resvd->task = dst; +#ifdef CONFIG_XCU_SCHEDULER + dst->_resvd->xse_attr = orig->_resvd->xse_attr; +#endif return true; } diff --git a/kernel/xsched/core.c b/kernel/xsched/core.c index 69f1a442f985..b23f2ca7820b 100644 --- a/kernel/xsched/core.c +++ b/kernel/xsched/core.c @@ -20,6 +20,7 @@ #include <linux/kthread.h> #include <linux/slab.h> #include <linux/spinlock_types.h> +#include <linux/syscalls.h> #include <linux/types.h> #include <linux/xsched.h> @@ -533,3 +534,81 @@ __init int xsched_sched_init(void) } late_initcall(xsched_sched_init); +static int xsched_setattr(struct task_struct *p, const struct xsched_attr *attr) +{ + struct xsched_attr *old_attr = &p->_resvd->xse_attr; + + if (old_attr->xsched_class == attr->xsched_class && + old_attr->xsched_priority == attr->xsched_priority) + return 0; + + old_attr->xsched_class = attr->xsched_class; + old_attr->xsched_priority = attr->xsched_priority; + xsched_rt_prio_set(p->pid, old_attr->xsched_priority); + + return 0; +} + +SYSCALL_DEFINE2(xsched_setattr, pid_t, pid, struct xsched_attr __user *, arg) +{ + struct xsched_attr kattr; + struct task_struct *p; + int rt_prio, retval; + + if (pid < 0 || !arg) + return -EINVAL; + + if (copy_from_user(&kattr, arg, sizeof(*arg))) { + XSCHED_ERR("Fail to copy_from_user @ %s\n", __func__); + return -EFAULT; + } + + rt_prio = NR_XSE_PRIO - kattr.xsched_priority; + /* Only support RT */ + if (rt_prio < XSE_PRIO_HIGH || rt_prio > XSE_PRIO_LOW || + kattr.xsched_class != XSCHED_TYPE_RT) + return -EINVAL; + + kattr.xsched_priority = rt_prio; + + rcu_read_lock(); + retval = -ESRCH; + p = pid ? find_task_by_vpid(pid) : current; + if (likely(p)) + get_task_struct(p); + rcu_read_unlock(); + + if (likely(p)) { + retval = xsched_setattr(p, &kattr); + put_task_struct(p); + } + + return retval; +} + +SYSCALL_DEFINE2(xsched_getattr, pid_t, pid, struct xsched_attr __user *, arg) +{ + struct xsched_attr kattr = { }; + struct task_struct *p; + + if (pid < 0 || !arg) + return -EINVAL; + + rcu_read_lock(); + p = pid ? find_task_by_vpid(pid) : current; + if (!p) { + rcu_read_unlock(); + return -ESRCH; + } + kattr = p->_resvd->xse_attr; + rcu_read_unlock(); + + kattr.xsched_priority = NR_XSE_PRIO - kattr.xsched_priority; + + if (copy_to_user(arg, &kattr, sizeof(kattr))) { + XSCHED_ERR("Fail to copy_to_user @ %s\n", __func__); + return -EFAULT; + } + + return 0; +} diff --git a/kernel/xsched/rt.c b/kernel/xsched/rt.c index 41b60e341679..e2ce1ebb8a7a 100644 --- a/kernel/xsched/rt.c +++ b/kernel/xsched/rt.c @@ -25,76 +25,6 @@ #define XSCHED_RT_TIMESLICE (10 * NSEC_PER_MSEC) -#define TGID_HASH_BITS 8 - -/* Mapping between tgid and context */ -struct tgid_prio { - pid_t tgid; - int32_t prio; - struct hlist_node hnode; -}; - -static DEFINE_HASHTABLE(tgid_prio_map, TGID_HASH_BITS); -static DEFINE_SPINLOCK(tgid_prio_lock); - -static int tgid_prio_insert(pid_t tgid, int32_t prio) -{ - struct tgid_prio *new_map; - unsigned int hash_key; - - if (prio >= NR_XSE_PRIO) - return -EINVAL; - - new_map = kzalloc(sizeof(struct tgid_prio), GFP_KERNEL); - if (!new_map) { - XSCHED_ERR("Fail to alloc mapping (tgid=%d) @ %s\n", - tgid, __func__); - return -ENOMEM; - } - - new_map->tgid = tgid; - new_map->prio = prio; - - hash_key = hash_32(tgid, TGID_HASH_BITS); - - spin_lock(&tgid_prio_lock); - hash_add_rcu(tgid_prio_map, &new_map->hnode, hash_key); - spin_unlock(&tgid_prio_lock); - - return 0; -} - -static struct tgid_prio *tgid_prio_find(pid_t tgid) -{ - struct tgid_prio *map = NULL; - unsigned int hash_key = hash_32(tgid, TGID_HASH_BITS); - - rcu_read_lock(); - hash_for_each_possible_rcu(tgid_prio_map, map, hnode, hash_key) { - if (map->tgid == tgid) - break; - } - rcu_read_unlock(); - return map; -} - -static void tgid_prio_delete(pid_t tgid) -{ - struct tgid_prio *map; - unsigned int hash_key = hash_32(tgid, TGID_HASH_BITS); - - spin_lock(&tgid_prio_lock); - hash_for_each_possible(tgid_prio_map, map, hnode, hash_key) { - if (map->tgid == tgid) { - hash_del_rcu(&map->hnode); - spin_unlock(&tgid_prio_lock); - kfree(map); - return; - } - } - spin_unlock(&tgid_prio_lock); -} - static inline void xse_rt_add(struct xsched_entity *xse, struct xsched_cu *xcu) { @@ -115,7 +45,7 @@ static inline void xse_rt_move_tail(struct xsched_entity *xse) /* Increase RT runqueue total and per prio nr_running stat. */ static inline void xrq_inc_nr_running(struct xsched_entity *xse, - struct xsched_cu *xcu) + struct xsched_cu *xcu) { xcu->xrq.rt.nr_running++; } @@ -143,7 +73,7 @@ static void enqueue_ctx_rt(struct xsched_entity *xse, struct xsched_cu *xcu) } static inline struct xsched_entity *xrq_next_xse(struct xsched_cu *xcu, - int prio) + int prio) { return list_first_entry(&xcu->xrq.rt.rq[prio], struct xsched_entity, rt.list_node); @@ -217,23 +147,16 @@ void rq_init_rt(struct xsched_cu *xcu) void xse_init_rt(struct xsched_entity *xse) { - struct tgid_prio *map = tgid_prio_find(xse->tgid); + struct task_struct *p; - xse->rt.prio = (map) ? map->prio : XSE_PRIO_DFLT; + p = find_task_by_vpid(xse->tgid); + xse->rt.prio = p->_resvd->xse_attr.xsched_priority; XSCHED_DEBUG("Xse init: set priority=%d.\n", xse->rt.prio); xse->rt.timeslice = XSCHED_RT_TIMESLICE; INIT_LIST_HEAD(&xse->rt.list_node); } -void xse_deinit_rt(struct xsched_entity *xse) -{ - struct tgid_prio *map = tgid_prio_find(xse->tgid); - - if (map) { - tgid_prio_delete(xse->tgid); - XSCHED_DEBUG("Map deleted: tgid=%d\n", xse->tgid); - } -} +void xse_deinit_rt(struct xsched_entity *xse) { } struct xsched_class rt_xsched_class = { .class_id = XSCHED_TYPE_RT, @@ -248,16 +171,13 @@ struct xsched_class rt_xsched_class = { .check_preempt = check_preempt_ctx_rt }; -int xsched_rt_prio_set(pid_t tgid, unsigned int prio) +void xsched_rt_prio_set(pid_t tgid, unsigned int prio) { unsigned int id; struct xsched_cu *xcu; struct xsched_context *ctx; struct xsched_entity *xse; - tgid_prio_delete(tgid); - tgid_prio_insert(tgid, prio); - for_each_active_xcu(xcu, id) { mutex_lock(&xcu->ctx_list_lock); mutex_lock(&xcu->xcu_lock); @@ -275,7 +195,5 @@ int xsched_rt_prio_set(pid_t tgid, unsigned int prio) mutex_unlock(&xcu->xcu_lock); mutex_unlock(&xcu->ctx_list_lock); } - - return 0; } diff --git a/tools/perf/arch/powerpc/entry/syscalls/syscall.tbl b/tools/perf/arch/powerpc/entry/syscalls/syscall.tbl index 4d76d8970013..8ed79b4b20e3 100644 --- a/tools/perf/arch/powerpc/entry/syscalls/syscall.tbl +++ b/tools/perf/arch/powerpc/entry/syscalls/syscall.tbl @@ -553,5 +553,5 @@ 464 common kabi_reserved464 sys_ni_syscall 465 common kabi_reserved465 sys_ni_syscall 466 common kabi_reserved466 sys_ni_syscall -467 common kabi_reserved467 sys_ni_syscall -468 common kabi_reserved468 sys_ni_syscall +467 common xsched_setattr sys_ni_syscall +468 common xsched_getattr sys_ni_syscall diff --git a/tools/perf/arch/x86/entry/syscalls/syscall_64.tbl b/tools/perf/arch/x86/entry/syscalls/syscall_64.tbl index 65004179e548..9cc0623ee8e5 100644 --- a/tools/perf/arch/x86/entry/syscalls/syscall_64.tbl +++ b/tools/perf/arch/x86/entry/syscalls/syscall_64.tbl @@ -388,8 +388,8 @@ 464 common kabi_reserved464 sys_ni_syscall 465 common kabi_reserved465 sys_ni_syscall 466 common kabi_reserved466 sys_ni_syscall -467 common kabi_reserved467 sys_ni_syscall -468 common kabi_reserved468 sys_ni_syscall +467 common xsched_setattr sys_ni_syscall +468 common xsched_getattr sys_ni_syscall # # Due to a historical design error, certain syscalls are numbered differently -- 2.34.1

2 1

[PATCH v2 0/2] syscall: Cleanup and improve syscall_get_arguments()
by Jinjie Ruan 01 Dec '25

01 Dec '25

Remove unused SYSCALL_MAX_ARGS and avoid memcpy() for syscall_get_arguments() for arm64. Jinjie Ruan (2): syscall.h: Remove unused SYSCALL_MAX_ARGS arm64: Avoid memcpy() for syscall_get_arguments() arch/arm/include/asm/syscall.h | 2 -- arch/arm64/include/asm/syscall.h | 18 ++++++++++++------ arch/xtensa/include/asm/syscall.h | 1 - 3 files changed, 12 insertions(+), 9 deletions(-) -- 2.34.1

1 2

[PATCH OLK-6.6] x86/mm: Check return value from memblock_phys_alloc_range()
by Ze Zuo 01 Dec '25

01 Dec '25

From: Philip Redkin <me(a)rarity.fan> stable inclusion from stable-v6.6.93 commit bffd5f2815c5234d609725cd0dc2f4bc5de2fc67 category: bugfix bugzilla: https://gitee.com/src-openeuler/kernel/issues/ICG782 CVE: CVE-2025-38071 Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id… -------------------------------- [ Upstream commit 631ca8909fd5c62b9fda9edda93924311a78a9c4 ] At least with CONFIG_PHYSICAL_START=0x100000, if there is < 4 MiB of contiguous free memory available at this point, the kernel will crash and burn because memblock_phys_alloc_range() returns 0 on failure, which leads memblock_phys_free() to throw the first 4 MiB of physical memory to the wolves. At a minimum it should fail gracefully with a meaningful diagnostic, but in fact everything seems to work fine without the weird reserve allocation. Signed-off-by: Philip Redkin <me(a)rarity.fan> Signed-off-by: Ingo Molnar <mingo(a)kernel.org> Cc: Dave Hansen <dave.hansen(a)linux.intel.com> Cc: Rik van Riel <riel(a)surriel.com> Cc: "H. Peter Anvin" <hpa(a)zytor.com> Link: https://lore.kernel.org/r/94b3e98f-96a7-3560-1f76-349eb95ccf7f@rarity.fan Signed-off-by: Sasha Levin <sashal(a)kernel.org> Signed-off-by: Ze Zuo <zuoze1(a)huawei.com> --- arch/x86/mm/init.c | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/arch/x86/mm/init.c b/arch/x86/mm/init.c index 71d29dd7ad76..6cbb5974e4f9 100644 --- a/arch/x86/mm/init.c +++ b/arch/x86/mm/init.c @@ -644,8 +644,13 @@ static void __init memory_map_top_down(unsigned long map_start, */ addr = memblock_phys_alloc_range(PMD_SIZE, PMD_SIZE, map_start, map_end); - memblock_phys_free(addr, PMD_SIZE); - real_end = addr + PMD_SIZE; + if (!addr) { + pr_warn("Failed to release memory for alloc_low_pages()"); + real_end = max(map_start, ALIGN_DOWN(map_end, PMD_SIZE)); + } else { + memblock_phys_free(addr, PMD_SIZE); + real_end = addr + PMD_SIZE; + } /* step_size need to be small so pgt_buf from BRK could cover it */ step_size = PMD_SIZE; -- 2.33.0

2 1

[PATCH v2 OLK-6.6] xsched: add xsched_{set,get}attr syscall
by Liu Kai 01 Dec '25

01 Dec '25

hulk inclusion category: bugfix bugzilla: https://gitee.com/openeuler/kernel/issues/ID9IFI ----------------------------------------- If CONFIG_XCU_CGROUP is not enabled, the xsched kernel defaults to only the RT scheduling class, and there is no interface available to configure the RT priority. Therefore, two new syscalls are added to set and get the configuration of the RT scheduling class. The default priority for RT is 4 (the lowest priority) in the kernel. In contrast, user-configured values work the opposity way: the smaller the value, the lower the priority. The child process inherits the priority configuration of the parent process during fork. If pid=0, it indicates that the configuration is applied to the current process. Additionally, an interface is reserved for configuring the xsched scheduling class, which will be used to support CFS in the future. Currently, these system calls are only available for ARM64 and x86_64 architectures. Fixes: 832ec54e11a0 ("xsched: Add xsched RT class") Signed-off-by: Liu Kai <liukai284(a)huawei.com> --- arch/arm/tools/syscall.tbl | 4 +- arch/powerpc/kernel/syscalls/syscall.tbl | 4 +- arch/x86/entry/syscalls/syscall_32.tbl | 4 +- arch/x86/entry/syscalls/syscall_64.tbl | 4 +- include/linux/sched.h | 8 ++ include/linux/syscalls.h | 3 + include/linux/xsched.h | 19 +--- include/linux/xsched_types.h | 27 ++++++ include/uapi/asm-generic/unistd.h | 8 +- init/init_task.c | 6 ++ kernel/fork.c | 3 + kernel/xsched/core.c | 74 ++++++++++++++ kernel/xsched/rt.c | 96 ++----------------- .../arch/powerpc/entry/syscalls/syscall.tbl | 4 +- .../arch/x86/entry/syscalls/syscall_64.tbl | 4 +- 15 files changed, 147 insertions(+), 121 deletions(-) create mode 100644 include/linux/xsched_types.h diff --git a/arch/arm/tools/syscall.tbl b/arch/arm/tools/syscall.tbl index 5127af69471c..c707bea6232b 100644 --- a/arch/arm/tools/syscall.tbl +++ b/arch/arm/tools/syscall.tbl @@ -480,5 +480,5 @@ 464 common kabi_reserved464 sys_ni_syscall 465 common kabi_reserved465 sys_ni_syscall 466 common kabi_reserved466 sys_ni_syscall -467 common kabi_reserved467 sys_ni_syscall -468 common kabi_reserved468 sys_ni_syscall +467 common xsched_setattr sys_ni_syscall +468 common xsched_getattr sys_ni_syscall diff --git a/arch/powerpc/kernel/syscalls/syscall.tbl b/arch/powerpc/kernel/syscalls/syscall.tbl index 3378482bcf6f..822e08438e2d 100644 --- a/arch/powerpc/kernel/syscalls/syscall.tbl +++ b/arch/powerpc/kernel/syscalls/syscall.tbl @@ -557,5 +557,5 @@ 464 common kabi_reserved464 sys_ni_syscall 465 common kabi_reserved465 sys_ni_syscall 466 common kabi_reserved466 sys_ni_syscall -467 common kabi_reserved467 sys_ni_syscall -468 common kabi_reserved468 sys_ni_syscall +467 common xsched_setattr sys_ni_syscall +468 common xsched_getattr sys_ni_syscall diff --git a/arch/x86/entry/syscalls/syscall_32.tbl b/arch/x86/entry/syscalls/syscall_32.tbl index e14ce1f6b1ec..d97a7da65e49 100644 --- a/arch/x86/entry/syscalls/syscall_32.tbl +++ b/arch/x86/entry/syscalls/syscall_32.tbl @@ -471,5 +471,5 @@ 464 i386 kabi_reserved464 sys_ni_syscall 465 i386 kabi_reserved465 sys_ni_syscall 466 i386 kabi_reserved466 sys_ni_syscall -467 i386 kabi_reserved467 sys_ni_syscall -468 i386 kabi_reserved468 sys_ni_syscall +467 i386 xsched_setattr sys_ni_syscall +468 i386 xsched_getattr sys_ni_syscall diff --git a/arch/x86/entry/syscalls/syscall_64.tbl b/arch/x86/entry/syscalls/syscall_64.tbl index 162517343cb1..a538ce360e7d 100644 --- a/arch/x86/entry/syscalls/syscall_64.tbl +++ b/arch/x86/entry/syscalls/syscall_64.tbl @@ -388,8 +388,8 @@ 464 common kabi_reserved464 sys_ni_syscall 465 common kabi_reserved465 sys_ni_syscall 466 common kabi_reserved466 sys_ni_syscall -467 common kabi_reserved467 sys_ni_syscall -468 common kabi_reserved468 sys_ni_syscall +467 common xsched_setattr sys_xsched_setattr +468 common xsched_getattr sys_xsched_getattr # # Due to a historical design error, certain syscalls are numbered differently diff --git a/include/linux/sched.h b/include/linux/sched.h index e0afdc2dad2c..bb23790fd2d3 100644 --- a/include/linux/sched.h +++ b/include/linux/sched.h @@ -41,6 +41,10 @@ #include <linux/thread_bits.h> #include <linux/kabi.h> +#ifdef CONFIG_XCU_SCHEDULER +#include <linux/xsched_types.h> +#endif + /* task_struct member predeclarations (sorted alphabetically): */ struct audit_context; struct bio_list; @@ -776,6 +780,10 @@ struct kmap_ctrl { struct task_struct_resvd { /* pointer back to the main task_struct */ struct task_struct *task; + +#ifdef CONFIG_XCU_SCHEDULER + struct xsched_attr xse_attr; +#endif }; struct task_struct { diff --git a/include/linux/syscalls.h b/include/linux/syscalls.h index 119aabc72a2d..2e7b2c57c8c0 100644 --- a/include/linux/syscalls.h +++ b/include/linux/syscalls.h @@ -950,6 +950,9 @@ asmlinkage long sys_cachestat(unsigned int fd, asmlinkage long sys_map_shadow_stack(unsigned long addr, unsigned long size, unsigned int flags); asmlinkage long sys_vstream_manage(struct vstream_args __user *arg, int cmd); + +asmlinkage long sys_xsched_setattr(pid_t pid, struct xsched_attr __user *arg); +asmlinkage long sys_xsched_getattr(pid_t pid, struct xsched_attr __user *arg); /* * Architecture-specific system calls */ diff --git a/include/linux/xsched.h b/include/linux/xsched.h index 38db18c0d570..60cb43b4631f 100644 --- a/include/linux/xsched.h +++ b/include/linux/xsched.h @@ -6,6 +6,7 @@ #include <linux/kref.h> #include <linux/vstream.h> #include <linux/xcu_group.h> +#include <linux/xsched_types.h> #ifndef pr_fmt #define pr_fmt(fmt) fmt @@ -53,20 +54,6 @@ extern struct xsched_cu *xsched_cu_mgr[XSCHED_NR_CUS]; -enum xcu_sched_type { - XSCHED_TYPE_RT = 0, - XSCHED_TYPE_CFS = 1, - XSCHED_TYPE_NUM, - XSCHED_TYPE_DFLT = XSCHED_TYPE_RT -}; - -enum xse_prio { - XSE_PRIO_HIGH = 0, - XSE_PRIO_LOW = 4, - NR_XSE_PRIO, - XSE_PRIO_DFLT = XSE_PRIO_LOW -}; - extern struct xsched_class rt_xsched_class; extern struct xsched_class fair_xsched_class; @@ -406,7 +393,7 @@ static inline u64 gcd(u64 a, u64 b) } struct xsched_class { - enum xcu_sched_type class_id; + enum xcu_sched_class class_id; size_t kick_slice; struct list_head node; @@ -456,7 +443,7 @@ int xsched_init_entity(struct xsched_context *ctx, struct vstream_info *vs); int ctx_bind_to_xcu(vstream_info_t *vstream_info, struct xsched_context *ctx); int xsched_vsm_add_tail(struct vstream_info *vs, vstream_args_t *arg); struct vstream_metadata *xsched_vsm_fetch_first(struct vstream_info *vs); -int xsched_rt_prio_set(pid_t tgid, unsigned int prio); +void xsched_rt_prio_set(pid_t tgid, unsigned int prio); void enqueue_ctx(struct xsched_entity *xse, struct xsched_cu *xcu); void dequeue_ctx(struct xsched_entity *xse, struct xsched_cu *xcu); int delete_ctx(struct xsched_context *ctx); diff --git a/include/linux/xsched_types.h b/include/linux/xsched_types.h new file mode 100644 index 000000000000..f52fe32d5198 --- /dev/null +++ b/include/linux/xsched_types.h @@ -0,0 +1,27 @@ +/* SPDX-License-Identifier: GPL-2.0 */ +#ifndef _XSCHED_TYPE_H +#define _XSCHED_TYPE_H + +struct xsched_attr { + /* Scheduling class type, from enum xcu_sched_class */ + unsigned int xsched_class; + + /* RT scheduling priority, from enum xse_prio */ + unsigned int xsched_priority; +}; + +enum xcu_sched_class { + XSCHED_TYPE_RT = 0, + XSCHED_TYPE_CFS = 1, + XSCHED_TYPE_NUM, + XSCHED_TYPE_DFLT = XSCHED_TYPE_RT +}; + +enum xse_prio { + XSE_PRIO_HIGH = 0, + XSE_PRIO_LOW = 4, + NR_XSE_PRIO, + XSE_PRIO_DFLT = XSE_PRIO_LOW +}; + +#endif /* ! _XSCHED_TYPE_H */ diff --git a/include/uapi/asm-generic/unistd.h b/include/uapi/asm-generic/unistd.h index f015a3987255..154e0ecc946c 100644 --- a/include/uapi/asm-generic/unistd.h +++ b/include/uapi/asm-generic/unistd.h @@ -853,10 +853,10 @@ __SYSCALL(__NR_kabi_reserved464, sys_ni_syscall) __SYSCALL(__NR_kabi_reserved465, sys_ni_syscall) #define __NR_kabi_reserved466 466 __SYSCALL(__NR_kabi_reserved466, sys_ni_syscall) -#define __NR_kabi_reserved467 467 -__SYSCALL(__NR_kabi_reserved467, sys_ni_syscall) -#define __NR_kabi_reserved468 468 -__SYSCALL(__NR_kabi_reserved468, sys_ni_syscall) +#define __NR_xsched_setattr 467 +__SYSCALL(__NR_xsched_setattr, sys_xsched_setattr) +#define __NR_xsched_getattr 468 +__SYSCALL(__NR_xsched_getattr, sys_xsched_getattr) #undef __NR_syscalls #define __NR_syscalls 469 diff --git a/init/init_task.c b/init/init_task.c index 1adc17149558..61a6345708c8 100644 --- a/init/init_task.c +++ b/init/init_task.c @@ -14,6 +14,9 @@ #include <linux/scs.h> #include <linux/uaccess.h> +#ifdef CONFIG_XCU_SCHEDULER +#include <linux/xsched_types.h> +#endif static struct signal_struct init_signals = { .nr_threads = 1, @@ -59,6 +62,9 @@ unsigned long init_shadow_call_stack[SCS_SIZE / sizeof(long)] static struct task_struct_resvd init_task_struct_resvd = { .task = &init_task, +#ifdef CONFIG_XCU_SCHEDULER + .xse_attr = { .xsched_priority = XSE_PRIO_DFLT }, +#endif }; /* diff --git a/kernel/fork.c b/kernel/fork.c index 328bbf6a36d2..f3c663602345 100644 --- a/kernel/fork.c +++ b/kernel/fork.c @@ -1165,6 +1165,9 @@ static bool dup_resvd_task_struct(struct task_struct *dst, return false; dst->_resvd->task = dst; +#ifdef CONFIG_XCU_SCHEDULER + dst->_resvd->xse_attr = orig->_resvd->xse_attr; +#endif return true; } diff --git a/kernel/xsched/core.c b/kernel/xsched/core.c index 69f1a442f985..5638b254b9ce 100644 --- a/kernel/xsched/core.c +++ b/kernel/xsched/core.c @@ -20,6 +20,7 @@ #include <linux/kthread.h> #include <linux/slab.h> #include <linux/spinlock_types.h> +#include <linux/syscalls.h> #include <linux/types.h> #include <linux/xsched.h> @@ -533,3 +534,76 @@ __init int xsched_sched_init(void) } late_initcall(xsched_sched_init); +static int xsched_setattr(struct task_struct *p, const struct xsched_attr *attr) +{ + struct xsched_attr *old_attr = &p->_resvd->xse_attr; + + if (old_attr->xsched_class == attr->xsched_class && + old_attr->xsched_priority == attr->xsched_priority) + return 0; + + old_attr->xsched_class = attr->xsched_class; + old_attr->xsched_priority = attr->xsched_priority; + xsched_rt_prio_set(p->pid, old_attr->xsched_priority); + + return 0; +} + +SYSCALL_DEFINE2(xsched_setattr, pid_t, pid, struct xsched_attr __user *, arg) +{ + struct xsched_attr kattr; + struct task_struct *p; + int rt_prio, retval = 0; + + if (pid < 0 || !arg) + return -EINVAL; + + if (copy_from_user(&kattr, arg, sizeof(*arg))) { + XSCHED_ERR("Fail to copy_from_user @ %s\n", __func__); + return -EFAULT; + } + + rt_prio = NR_XSE_PRIO - kattr.xsched_priority; + /* Only support RT */ + if (rt_prio < XSE_PRIO_HIGH || rt_prio > XSE_PRIO_LOW || + kattr.xsched_class != XSCHED_TYPE_RT) + return -EINVAL; + + kattr.xsched_priority = rt_prio; + + rcu_read_lock(); + p = pid ? find_task_by_vpid(pid) : current; + if (likely(p)) + get_task_struct(p); + rcu_read_unlock(); + + if (likely(p)) { + retval = xsched_setattr(p, &kattr); + put_task_struct(p); + } + + return retval; +} + +SYSCALL_DEFINE2(xsched_getattr, pid_t, pid, struct xsched_attr __user *, arg) +{ + struct xsched_attr kattr = { }; + struct task_struct *p; + + if (pid < 0 || !arg) + return -EINVAL; + + rcu_read_lock(); + p = pid ? find_task_by_vpid(pid) : current; + kattr = p->_resvd->xse_attr; + rcu_read_unlock(); + + kattr.xsched_priority = NR_XSE_PRIO - kattr.xsched_priority; + + if (copy_to_user(arg, &kattr, sizeof(kattr))) { + XSCHED_ERR("Fail to copy_to_user @ %s\n", __func__); + return -EFAULT; + } + + return 0; +} diff --git a/kernel/xsched/rt.c b/kernel/xsched/rt.c index 41b60e341679..e2ce1ebb8a7a 100644 --- a/kernel/xsched/rt.c +++ b/kernel/xsched/rt.c @@ -25,76 +25,6 @@ #define XSCHED_RT_TIMESLICE (10 * NSEC_PER_MSEC) -#define TGID_HASH_BITS 8 - -/* Mapping between tgid and context */ -struct tgid_prio { - pid_t tgid; - int32_t prio; - struct hlist_node hnode; -}; - -static DEFINE_HASHTABLE(tgid_prio_map, TGID_HASH_BITS); -static DEFINE_SPINLOCK(tgid_prio_lock); - -static int tgid_prio_insert(pid_t tgid, int32_t prio) -{ - struct tgid_prio *new_map; - unsigned int hash_key; - - if (prio >= NR_XSE_PRIO) - return -EINVAL; - - new_map = kzalloc(sizeof(struct tgid_prio), GFP_KERNEL); - if (!new_map) { - XSCHED_ERR("Fail to alloc mapping (tgid=%d) @ %s\n", - tgid, __func__); - return -ENOMEM; - } - - new_map->tgid = tgid; - new_map->prio = prio; - - hash_key = hash_32(tgid, TGID_HASH_BITS); - - spin_lock(&tgid_prio_lock); - hash_add_rcu(tgid_prio_map, &new_map->hnode, hash_key); - spin_unlock(&tgid_prio_lock); - - return 0; -} - -static struct tgid_prio *tgid_prio_find(pid_t tgid) -{ - struct tgid_prio *map = NULL; - unsigned int hash_key = hash_32(tgid, TGID_HASH_BITS); - - rcu_read_lock(); - hash_for_each_possible_rcu(tgid_prio_map, map, hnode, hash_key) { - if (map->tgid == tgid) - break; - } - rcu_read_unlock(); - return map; -} - -static void tgid_prio_delete(pid_t tgid) -{ - struct tgid_prio *map; - unsigned int hash_key = hash_32(tgid, TGID_HASH_BITS); - - spin_lock(&tgid_prio_lock); - hash_for_each_possible(tgid_prio_map, map, hnode, hash_key) { - if (map->tgid == tgid) { - hash_del_rcu(&map->hnode); - spin_unlock(&tgid_prio_lock); - kfree(map); - return; - } - } - spin_unlock(&tgid_prio_lock); -} - static inline void xse_rt_add(struct xsched_entity *xse, struct xsched_cu *xcu) { @@ -115,7 +45,7 @@ static inline void xse_rt_move_tail(struct xsched_entity *xse) /* Increase RT runqueue total and per prio nr_running stat. */ static inline void xrq_inc_nr_running(struct xsched_entity *xse, - struct xsched_cu *xcu) + struct xsched_cu *xcu) { xcu->xrq.rt.nr_running++; } @@ -143,7 +73,7 @@ static void enqueue_ctx_rt(struct xsched_entity *xse, struct xsched_cu *xcu) } static inline struct xsched_entity *xrq_next_xse(struct xsched_cu *xcu, - int prio) + int prio) { return list_first_entry(&xcu->xrq.rt.rq[prio], struct xsched_entity, rt.list_node); @@ -217,23 +147,16 @@ void rq_init_rt(struct xsched_cu *xcu) void xse_init_rt(struct xsched_entity *xse) { - struct tgid_prio *map = tgid_prio_find(xse->tgid); + struct task_struct *p; - xse->rt.prio = (map) ? map->prio : XSE_PRIO_DFLT; + p = find_task_by_vpid(xse->tgid); + xse->rt.prio = p->_resvd->xse_attr.xsched_priority; XSCHED_DEBUG("Xse init: set priority=%d.\n", xse->rt.prio); xse->rt.timeslice = XSCHED_RT_TIMESLICE; INIT_LIST_HEAD(&xse->rt.list_node); } -void xse_deinit_rt(struct xsched_entity *xse) -{ - struct tgid_prio *map = tgid_prio_find(xse->tgid); - - if (map) { - tgid_prio_delete(xse->tgid); - XSCHED_DEBUG("Map deleted: tgid=%d\n", xse->tgid); - } -} +void xse_deinit_rt(struct xsched_entity *xse) { } struct xsched_class rt_xsched_class = { .class_id = XSCHED_TYPE_RT, @@ -248,16 +171,13 @@ struct xsched_class rt_xsched_class = { .check_preempt = check_preempt_ctx_rt }; -int xsched_rt_prio_set(pid_t tgid, unsigned int prio) +void xsched_rt_prio_set(pid_t tgid, unsigned int prio) { unsigned int id; struct xsched_cu *xcu; struct xsched_context *ctx; struct xsched_entity *xse; - tgid_prio_delete(tgid); - tgid_prio_insert(tgid, prio); - for_each_active_xcu(xcu, id) { mutex_lock(&xcu->ctx_list_lock); mutex_lock(&xcu->xcu_lock); @@ -275,7 +195,5 @@ int xsched_rt_prio_set(pid_t tgid, unsigned int prio) mutex_unlock(&xcu->xcu_lock); mutex_unlock(&xcu->ctx_list_lock); } - - return 0; } diff --git a/tools/perf/arch/powerpc/entry/syscalls/syscall.tbl b/tools/perf/arch/powerpc/entry/syscalls/syscall.tbl index 4d76d8970013..8ed79b4b20e3 100644 --- a/tools/perf/arch/powerpc/entry/syscalls/syscall.tbl +++ b/tools/perf/arch/powerpc/entry/syscalls/syscall.tbl @@ -553,5 +553,5 @@ 464 common kabi_reserved464 sys_ni_syscall 465 common kabi_reserved465 sys_ni_syscall 466 common kabi_reserved466 sys_ni_syscall -467 common kabi_reserved467 sys_ni_syscall -468 common kabi_reserved468 sys_ni_syscall +467 common xsched_setattr sys_ni_syscall +468 common xsched_getattr sys_ni_syscall diff --git a/tools/perf/arch/x86/entry/syscalls/syscall_64.tbl b/tools/perf/arch/x86/entry/syscalls/syscall_64.tbl index 65004179e548..9cc0623ee8e5 100644 --- a/tools/perf/arch/x86/entry/syscalls/syscall_64.tbl +++ b/tools/perf/arch/x86/entry/syscalls/syscall_64.tbl @@ -388,8 +388,8 @@ 464 common kabi_reserved464 sys_ni_syscall 465 common kabi_reserved465 sys_ni_syscall 466 common kabi_reserved466 sys_ni_syscall -467 common kabi_reserved467 sys_ni_syscall -468 common kabi_reserved468 sys_ni_syscall +467 common xsched_setattr sys_ni_syscall +468 common xsched_getattr sys_ni_syscall # # Due to a historical design error, certain syscalls are numbered differently -- 2.34.1

2 1

[PATCH openEuler-1.0-LTS] net/sched: Abort __tc_modify_qdisc if parent is a clsact/ingress qdisc
by Wang Liang 01 Dec '25

01 Dec '25

From: Victor Nogueira <victor(a)mojatatu.com> mainline inclusion from mainline-v6.18-rc6 commit e781122d76f018ad17752ab1018b3ffbf7fad84e category: bugfix bugzilla: https://gitee.com/openeuler/kernel/issues/ID64WJ Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?… -------------------------------- Wang reported an illegal configuration [1] where the user attempts to add a child qdisc to the ingress qdisc as follows: tc qdisc add dev eth0 handle ffff:0 ingress tc qdisc add dev eth0 handle ffe0:0 parent ffff:a fq To solve this, we reject any configuration attempt to add a child qdisc to ingress or clsact. [1] https://lore.kernel.org/netdev/20251105022213.1981982-1-wangliang74@huawei.… Fixes: 5e50da01d0ce ("[NET_SCHED]: Fix endless loops (part 2): "simple" qdiscs") Reported-by: Wang Liang <wangliang74(a)huawei.com> Closes: https://lore.kernel.org/netdev/20251105022213.1981982-1-wangliang74@huawei.… Reviewed-by: Pedro Tammela <pctammela(a)mojatatu.ai> Acked-by: Jamal Hadi Salim <jhs(a)mojatatu.com> Signed-off-by: Victor Nogueira <victor(a)mojatatu.com> Reviewed-by: Cong Wang <cwang(a)multikernel.io> Link: https://patch.msgid.link/20251106205621.3307639-1-victor@mojatatu.com Signed-off-by: Jakub Kicinski <kuba(a)kernel.org> Signed-off-by: Wang Liang <wangliang74(a)huawei.com> --- net/sched/sch_api.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/net/sched/sch_api.c b/net/sched/sch_api.c index 05bed30b0a6a..2ea9e7753cb0 100644 --- a/net/sched/sch_api.c +++ b/net/sched/sch_api.c @@ -1492,6 +1492,11 @@ static int tc_modify_qdisc(struct sk_buff *skb, struct nlmsghdr *n, NL_SET_ERR_MSG(extack, "Failed to find specified qdisc"); return -ENOENT; } + if (p->flags & TCQ_F_INGRESS) { + NL_SET_ERR_MSG(extack, + "Cannot add children to ingress/clsact qdisc"); + return -EOPNOTSUPP; + } q = qdisc_leaf(p, clid, extack); if (IS_ERR(q)) return PTR_ERR(q); -- 2.34.1

2 1

[PATCH OLK-5.10] mmc: core: use sysfs_emit() instead of sprintf()
by Cui GaoSheng 01 Dec '25

01 Dec '25

From: Sergey Shtylyov <s.shtylyov(a)omp.ru> mainline inclusion from mainline-v5.18-rc1 commit f5d8a5fe77ce933f53eb8f2e22bb7a1a2019ea11 category: bugfix bugzilla: https://gitee.com/src-openeuler/kernel/issues/IBP448 CVE: CVE-2022-49267 Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?… -------------------------------- sprintf() (still used in the MMC core for the sysfs output) is vulnerable to the buffer overflow. Use the new-fangled sysfs_emit() instead. Found by Linux Verification Center (linuxtesting.org) with the SVACE static analysis tool. Signed-off-by: Sergey Shtylyov <s.shtylyov(a)omp.ru> Cc: stable(a)vger.kernel.org Link: https://lore.kernel.org/r/717729b2-d65b-c72e-9fac-471d28d00b5a@omp.ru Signed-off-by: Ulf Hansson <ulf.hansson(a)linaro.org> Conflicts: drivers/mmc/core/sd.c [commit 24b83deb29b7f ("block: move struct request to blk-mq.h") was not commit] Signed-off-by: Cui GaoSheng <cuigaosheng1(a)huawei.com> --- drivers/mmc/core/bus.c | 9 +++++---- drivers/mmc/core/bus.h | 3 ++- drivers/mmc/core/mmc.c | 16 ++++++++-------- drivers/mmc/core/sd.c | 25 ++++++++++++------------- drivers/mmc/core/sdio.c | 5 +++-- drivers/mmc/core/sdio_bus.c | 7 ++++--- 6 files changed, 34 insertions(+), 31 deletions(-) diff --git a/drivers/mmc/core/bus.c b/drivers/mmc/core/bus.c index 4383c262b3f5..ca54f1c81d1c 100644 --- a/drivers/mmc/core/bus.c +++ b/drivers/mmc/core/bus.c @@ -15,6 +15,7 @@ #include <linux/stat.h> #include <linux/of.h> #include <linux/pm_runtime.h> +#include <linux/sysfs.h> #include <linux/mmc/card.h> #include <linux/mmc/host.h> @@ -34,13 +35,13 @@ static ssize_t type_show(struct device *dev, switch (card->type) { case MMC_TYPE_MMC: - return sprintf(buf, "MMC\n"); + return sysfs_emit(buf, "MMC\n"); case MMC_TYPE_SD: - return sprintf(buf, "SD\n"); + return sysfs_emit(buf, "SD\n"); case MMC_TYPE_SDIO: - return sprintf(buf, "SDIO\n"); + return sysfs_emit(buf, "SDIO\n"); case MMC_TYPE_SD_COMBO: - return sprintf(buf, "SDcombo\n"); + return sysfs_emit(buf, "SDcombo\n"); default: return -EFAULT; } diff --git a/drivers/mmc/core/bus.h b/drivers/mmc/core/bus.h index 8105852c4b62..3996b191b68d 100644 --- a/drivers/mmc/core/bus.h +++ b/drivers/mmc/core/bus.h @@ -9,6 +9,7 @@ #define _MMC_CORE_BUS_H #include <linux/device.h> +#include <linux/sysfs.h> struct mmc_host; struct mmc_card; @@ -17,7 +18,7 @@ struct mmc_card; static ssize_t mmc_##name##_show (struct device *dev, struct device_attribute *attr, char *buf) \ { \ struct mmc_card *card = mmc_dev_to_card(dev); \ - return sprintf(buf, fmt, args); \ + return sysfs_emit(buf, fmt, args); \ } \ static DEVICE_ATTR(name, S_IRUGO, mmc_##name##_show, NULL) diff --git a/drivers/mmc/core/mmc.c b/drivers/mmc/core/mmc.c index 2059cd226cbd..81abbc212ea5 100644 --- a/drivers/mmc/core/mmc.c +++ b/drivers/mmc/core/mmc.c @@ -12,6 +12,7 @@ #include <linux/slab.h> #include <linux/stat.h> #include <linux/pm_runtime.h> +#include <linux/sysfs.h> #include <linux/mmc/host.h> #include <linux/mmc/card.h> @@ -809,12 +810,11 @@ static ssize_t mmc_fwrev_show(struct device *dev, { struct mmc_card *card = mmc_dev_to_card(dev); - if (card->ext_csd.rev < 7) { - return sprintf(buf, "0x%x\n", card->cid.fwrev); - } else { - return sprintf(buf, "0x%*phN\n", MMC_FIRMWARE_LEN, - card->ext_csd.fwrev); - } + if (card->ext_csd.rev < 7) + return sysfs_emit(buf, "0x%x\n", card->cid.fwrev); + else + return sysfs_emit(buf, "0x%*phN\n", MMC_FIRMWARE_LEN, + card->ext_csd.fwrev); } static DEVICE_ATTR(fwrev, S_IRUGO, mmc_fwrev_show, NULL); @@ -827,10 +827,10 @@ static ssize_t mmc_dsr_show(struct device *dev, struct mmc_host *host = card->host; if (card->csd.dsr_imp && host->dsr_req) - return sprintf(buf, "0x%x\n", host->dsr); + return sysfs_emit(buf, "0x%x\n", host->dsr); else /* return default DSR value */ - return sprintf(buf, "0x%x\n", 0x404); + return sysfs_emit(buf, "0x%x\n", 0x404); } static DEVICE_ATTR(dsr, S_IRUGO, mmc_dsr_show, NULL); diff --git a/drivers/mmc/core/sd.c b/drivers/mmc/core/sd.c index 868b121ce4f3..f0d65cab58c6 100644 --- a/drivers/mmc/core/sd.c +++ b/drivers/mmc/core/sd.c @@ -12,6 +12,7 @@ #include <linux/slab.h> #include <linux/stat.h> #include <linux/pm_runtime.h> +#include <linux/sysfs.h> #include <linux/mmc/host.h> #include <linux/mmc/card.h> @@ -697,18 +698,16 @@ MMC_DEV_ATTR(ocr, "0x%08x\n", card->ocr); MMC_DEV_ATTR(rca, "0x%04x\n", card->rca); -static ssize_t mmc_dsr_show(struct device *dev, - struct device_attribute *attr, - char *buf) +static ssize_t mmc_dsr_show(struct device *dev, struct device_attribute *attr, + char *buf) { - struct mmc_card *card = mmc_dev_to_card(dev); - struct mmc_host *host = card->host; - - if (card->csd.dsr_imp && host->dsr_req) - return sprintf(buf, "0x%x\n", host->dsr); - else - /* return default DSR value */ - return sprintf(buf, "0x%x\n", 0x404); + struct mmc_card *card = mmc_dev_to_card(dev); + struct mmc_host *host = card->host; + + if (card->csd.dsr_imp && host->dsr_req) + return sysfs_emit(buf, "0x%x\n", host->dsr); + /* return default DSR value */ + return sysfs_emit(buf, "0x%x\n", 0x404); } static DEVICE_ATTR(dsr, S_IRUGO, mmc_dsr_show, NULL); @@ -724,9 +723,9 @@ static ssize_t info##num##_show(struct device *dev, struct device_attribute *att \ if (num > card->num_info) \ return -ENODATA; \ - if (!card->info[num-1][0]) \ + if (!card->info[num - 1][0]) \ return 0; \ - return sprintf(buf, "%s\n", card->info[num-1]); \ + return sysfs_emit(buf, "%s\n", card->info[num - 1]); \ } \ static DEVICE_ATTR_RO(info##num) diff --git a/drivers/mmc/core/sdio.c b/drivers/mmc/core/sdio.c index 85c2947ed45e..0088ff6381b7 100644 --- a/drivers/mmc/core/sdio.c +++ b/drivers/mmc/core/sdio.c @@ -7,6 +7,7 @@ #include <linux/err.h> #include <linux/pm_runtime.h> +#include <linux/sysfs.h> #include <linux/mmc/host.h> #include <linux/mmc/card.h> @@ -40,9 +41,9 @@ static ssize_t info##num##_show(struct device *dev, struct device_attribute *att \ if (num > card->num_info) \ return -ENODATA; \ - if (!card->info[num-1][0]) \ + if (!card->info[num - 1][0]) \ return 0; \ - return sprintf(buf, "%s\n", card->info[num-1]); \ + return sysfs_emit(buf, "%s\n", card->info[num - 1]); \ } \ static DEVICE_ATTR_RO(info##num) diff --git a/drivers/mmc/core/sdio_bus.c b/drivers/mmc/core/sdio_bus.c index 89dd49260080..74670db18b0d 100644 --- a/drivers/mmc/core/sdio_bus.c +++ b/drivers/mmc/core/sdio_bus.c @@ -14,6 +14,7 @@ #include <linux/pm_runtime.h> #include <linux/pm_domain.h> #include <linux/acpi.h> +#include <linux/sysfs.h> #include <linux/mmc/card.h> #include <linux/mmc/host.h> @@ -35,7 +36,7 @@ field##_show(struct device *dev, struct device_attribute *attr, char *buf) \ struct sdio_func *func; \ \ func = dev_to_sdio_func (dev); \ - return sprintf(buf, format_string, args); \ + return sysfs_emit(buf, format_string, args); \ } \ static DEVICE_ATTR_RO(field) @@ -52,9 +53,9 @@ static ssize_t info##num##_show(struct device *dev, struct device_attribute *att \ if (num > func->num_info) \ return -ENODATA; \ - if (!func->info[num-1][0]) \ + if (!func->info[num - 1][0]) \ return 0; \ - return sprintf(buf, "%s\n", func->info[num-1]); \ + return sysfs_emit(buf, "%s\n", func->info[num - 1]); \ } \ static DEVICE_ATTR_RO(info##num) -- 2.34.1

2 1

[PATCH OLK-5.10 00/10] libsas bugfix for OLK-5.10
by Li Lingfeng 01 Dec '25

01 Dec '25

Jason Yan (7): scsi: libsas: reset the negotiated_linkrate when phy is down scsi: libsas: optimize the debug print of the revalidate process scsi: libsas: split the replacement of sas disks in two steps scsi: libsas: check if the same device when flutter scsi: libsas: reset the phy address if discover failed scsi: libsas: fix issue of swapping two sas disks scsi: libsas: do not add end deivces to wide port Luo Jiaxing (1): scsi: libsas: move abnormal scenario handle of flutter before linkrate change check Xiang Chen (2): scsi: libsas: recover attached_sas_addr and phy_change_count after update empty PHY info scsi: libsas: delete sas port out of the disco mutex drivers/ata/libata-core.c | 3 +- drivers/scsi/libsas/sas_ata.c | 18 ++ drivers/scsi/libsas/sas_discover.c | 27 ++- drivers/scsi/libsas/sas_expander.c | 293 ++++++++++++++++++++++------- drivers/scsi/libsas/sas_internal.h | 6 + include/linux/libata.h | 2 + include/scsi/libsas.h | 6 +- 7 files changed, 277 insertions(+), 78 deletions(-) -- 2.46.1

2 11

[PATCH OLK-6.6 0/3] bugfix for xcall2.0
by Xinyu Zheng 01 Dec '25

01 Dec '25

Xinyu Zheng (3): xcall2.0: prefetch: get prefetch_mm_data once in get_pfi() xcall2.0: prefetch: fix access NULL ptr in __do_sys_epoll_pwait() xcall2.0: fix panic while detaching xcall found in DT case arch/arm64/kernel/xcall/core.c | 4 +++- drivers/staging/xcall/prefetch.c | 6 +++--- 2 files changed, 6 insertions(+), 4 deletions(-) -- 2.34.1

2 4