October 2024 - Kernel - mailweb.openeuler.org

[openeuler:openEuler-1.0-LTS 2662/23859] arch/arm64/include/asm/irqflags.h:88:9: warning: 'flags' may be used uninitialized
by kernel test robot 26 Oct '24

26 Oct '24

Hi Geert, FYI, the error/warning still remains. tree: https://gitee.com/openeuler/kernel.git openEuler-1.0-LTS head: d2a40c79ddef4b96b8a7a396bd7273121b1b4a5c commit: 9dae7e237a64858407b7626260bad53aa13c9198 [2662/23859] serial: sh-sci: Fix locking in sci_submit_rx() config: arm64-randconfig-002-20241026 (https://download.01.org/0day-ci/archive/20241026/202410260911.Qmhlx5mF-lkp@…) compiler: aarch64-linux-gcc (GCC) 14.1.0 reproduce (this is a W=1 build): (https://download.01.org/0day-ci/archive/20241026/202410260911.Qmhlx5mF-lkp@…) If you fix the issue in a separate patch/commit (i.e. not just a new version of the same patch/commit), kindly add following tags | Reported-by: kernel test robot <lkp(a)intel.com> | Closes: https://lore.kernel.org/oe-kbuild-all/202410260911.Qmhlx5mF-lkp@intel.com/ Note: it may well be a FALSE warning. FWIW you are at least aware of it now. http://gcc.gnu.org/wiki/Better_Uninitialized_Warnings All warnings (new ones prefixed by >>): In file included from include/linux/irqflags.h:16, from include/linux/spinlock.h:54, from include/linux/rwsem.h:16, from include/linux/notifier.h:15, from include/linux/clk.h:17, from drivers/tty/serial/sh-sci.c:24: In function 'arch_local_irq_restore', inlined from '__raw_spin_unlock_irqrestore' at include/linux/spinlock_api_smp.h:160:2, inlined from 'spin_unlock_irqrestore' at include/linux/spinlock.h:384:2, inlined from 'sci_submit_rx' at drivers/tty/serial/sh-sci.c:1376:3: >> arch/arm64/include/asm/irqflags.h:88:9: warning: 'flags' may be used uninitialized [-Wmaybe-uninitialized] 88 | asm volatile( | ^~~ drivers/tty/serial/sh-sci.c: In function 'sci_submit_rx': drivers/tty/serial/sh-sci.c:1338:23: note: 'flags' was declared here 1338 | unsigned long flags; | ^~~~~ In file included from drivers/tty/serial/sh-sci.c:53: In function 'tty_insert_flip_char', inlined from 'sci_handle_errors' at drivers/tty/serial/sh-sci.c:940:7: include/linux/tty_flip.h:27:53: warning: writing 1 byte into a region of size 0 [-Wstringop-overflow=] 27 | *flag_buf_ptr(tb, tb->used) = flag; | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~^~~~~~ In file included from include/linux/serial_core.h:29, from include/linux/serial_sci.h:6, from drivers/tty/serial/sh-sci.c:46: include/linux/tty.h: In function 'sci_handle_errors': include/linux/tty.h:69:23: note: destination object 'data' of size 0 69 | unsigned long data[0]; | ^~~~ In function 'tty_insert_flip_char', inlined from 'sci_handle_errors' at drivers/tty/serial/sh-sci.c:940:7: include/linux/tty_flip.h:28:47: warning: writing 1 byte into a region of size 0 [-Wstringop-overflow=] 28 | *char_buf_ptr(tb, tb->used++) = ch; | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~^~~~ include/linux/tty.h: In function 'sci_handle_errors': include/linux/tty.h:69:23: note: destination object 'data' of size 0 69 | unsigned long data[0]; | ^~~~ In function 'tty_insert_flip_char', inlined from 'sci_handle_errors' at drivers/tty/serial/sh-sci.c:950:7: include/linux/tty_flip.h:27:53: warning: writing 1 byte into a region of size 0 [-Wstringop-overflow=] 27 | *flag_buf_ptr(tb, tb->used) = flag; | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~^~~~~~ include/linux/tty.h: In function 'sci_handle_errors': include/linux/tty.h:69:23: note: destination object 'data' of size 0 69 | unsigned long data[0]; | ^~~~ In function 'tty_insert_flip_char', inlined from 'sci_handle_errors' at drivers/tty/serial/sh-sci.c:950:7: include/linux/tty_flip.h:28:47: warning: writing 1 byte into a region of size 0 [-Wstringop-overflow=] 28 | *char_buf_ptr(tb, tb->used++) = ch; | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~^~~~ include/linux/tty.h: In function 'sci_handle_errors': include/linux/tty.h:69:23: note: destination object 'data' of size 0 69 | unsigned long data[0]; | ^~~~ In function 'tty_insert_flip_char', inlined from 'sci_handle_errors' at drivers/tty/serial/sh-sci.c:960:7: include/linux/tty_flip.h:27:53: warning: writing 1 byte into a region of size 0 [-Wstringop-overflow=] 27 | *flag_buf_ptr(tb, tb->used) = flag; | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~^~~~~~ include/linux/tty.h: In function 'sci_handle_errors': include/linux/tty.h:69:23: note: destination object 'data' of size 0 69 | unsigned long data[0]; | ^~~~ In function 'tty_insert_flip_char', inlined from 'sci_handle_errors' at drivers/tty/serial/sh-sci.c:960:7: include/linux/tty_flip.h:28:47: warning: writing 1 byte into a region of size 0 [-Wstringop-overflow=] 28 | *char_buf_ptr(tb, tb->used++) = ch; | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~^~~~ include/linux/tty.h: In function 'sci_handle_errors': include/linux/tty.h:69:23: note: destination object 'data' of size 0 69 | unsigned long data[0]; | ^~~~ In function 'tty_insert_flip_char', inlined from 'sci_receive_chars' at drivers/tty/serial/sh-sci.c:906:5: include/linux/tty_flip.h:27:53: warning: writing 1 byte into a region of size 0 [-Wstringop-overflow=] 27 | *flag_buf_ptr(tb, tb->used) = flag; | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~^~~~~~ include/linux/tty.h: In function 'sci_receive_chars': include/linux/tty.h:69:23: note: destination object 'data' of size 0 69 | unsigned long data[0]; | ^~~~ In function 'tty_insert_flip_char', inlined from 'sci_receive_chars' at drivers/tty/serial/sh-sci.c:906:5: include/linux/tty_flip.h:28:47: warning: writing 1 byte into a region of size 0 [-Wstringop-overflow=] 28 | *char_buf_ptr(tb, tb->used++) = ch; | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~^~~~ include/linux/tty.h: In function 'sci_receive_chars': include/linux/tty.h:69:23: note: destination object 'data' of size 0 69 | unsigned long data[0]; | ^~~~ In function 'tty_insert_flip_char', inlined from 'sci_receive_chars' at drivers/tty/serial/sh-sci.c:883:5: include/linux/tty_flip.h:27:53: warning: writing 1 byte into a region of size 0 [-Wstringop-overflow=] 27 | *flag_buf_ptr(tb, tb->used) = flag; | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~^~~~~~ include/linux/tty.h: In function 'sci_receive_chars': include/linux/tty.h:69:23: note: destination object 'data' of size 0 69 | unsigned long data[0]; | ^~~~ In function 'tty_insert_flip_char', inlined from 'sci_receive_chars' at drivers/tty/serial/sh-sci.c:883:5: include/linux/tty_flip.h:28:47: warning: writing 1 byte into a region of size 0 [-Wstringop-overflow=] 28 | *char_buf_ptr(tb, tb->used++) = ch; | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~^~~~ include/linux/tty.h: In function 'sci_receive_chars': include/linux/tty.h:69:23: note: destination object 'data' of size 0 69 | unsigned long data[0]; | ^~~~ vim +/flags +88 arch/arm64/include/asm/irqflags.h fb9bd7d6df81dd Marc Zyngier 2012-03-05 82 fb9bd7d6df81dd Marc Zyngier 2012-03-05 83 /* fb9bd7d6df81dd Marc Zyngier 2012-03-05 84 * restore saved IRQ state fb9bd7d6df81dd Marc Zyngier 2012-03-05 85 */ fb9bd7d6df81dd Marc Zyngier 2012-03-05 86 static inline void arch_local_irq_restore(unsigned long flags) fb9bd7d6df81dd Marc Zyngier 2012-03-05 87 { fb9bd7d6df81dd Marc Zyngier 2012-03-05 @88 asm volatile( fb9bd7d6df81dd Marc Zyngier 2012-03-05 89 "msr daif, %0 // arch_local_irq_restore" fb9bd7d6df81dd Marc Zyngier 2012-03-05 90 : fb9bd7d6df81dd Marc Zyngier 2012-03-05 91 : "r" (flags) fb9bd7d6df81dd Marc Zyngier 2012-03-05 92 : "memory"); fb9bd7d6df81dd Marc Zyngier 2012-03-05 93 } fb9bd7d6df81dd Marc Zyngier 2012-03-05 94 :::::: The code at line 88 was first introduced by commit :::::: fb9bd7d6df81ddf1e7ab6648ac89ddbe0625b26b arm64: IRQ handling :::::: TO: Marc Zyngier <marc.zyngier(a)arm.com> :::::: CC: Catalin Marinas <catalin.marinas(a)arm.com> -- 0-DAY CI Kernel Test Service https://github.com/intel/lkp-tests/wiki

1 0

[PATCH openEuler-1.0-LTS] nbd: fix race between timeout and normal completion
by Zheng Qixing 26 Oct '24

26 Oct '24

From: Ming Lei <ming.lei(a)redhat.com> mainline inclusion from mainline-v6.12-rc1 commit c9ea57c91f03bcad415e1a20113bdb2077bcf990 category: bugfix bugzilla: https://gitee.com/src-openeuler/kernel/issues/IAYQRD CVE: CVE-2024-49855 Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?… -------------------------------- If request timetout is handled by nbd_requeue_cmd(), normal completion has to be stopped for avoiding to complete this requeued request, other use-after-free can be triggered. Fix the race by clearing NBD_CMD_INFLIGHT in nbd_requeue_cmd(), meantime make sure that cmd->lock is grabbed for clearing the flag and the requeue. Cc: Josef Bacik <josef(a)toxicpanda.com> Cc: Yu Kuai <yukuai3(a)huawei.com> Fixes: 2895f1831e91 ("nbd: don't clear 'NBD_CMD_INFLIGHT' flag if request is not completed") Signed-off-by: Ming Lei <ming.lei(a)redhat.com> Reviewed-by: Yu Kuai <yukuai3(a)huawei.com> Link: https://lore.kernel.org/r/20240830034145.1827742-1-ming.lei@redhat.com Signed-off-by: Jens Axboe <axboe(a)kernel.dk> Signed-off-by: Zheng Qixing <zhengqixing(a)huawei.com> --- drivers/block/nbd.c | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/drivers/block/nbd.c b/drivers/block/nbd.c index fae0846d9409..9d413c4fd64c 100644 --- a/drivers/block/nbd.c +++ b/drivers/block/nbd.c @@ -169,6 +169,17 @@ static void nbd_requeue_cmd(struct nbd_cmd *cmd) { struct request *req = blk_mq_rq_from_pdu(cmd); + lockdep_assert_held(&cmd->lock); + + /* + * Clear INFLIGHT flag so that this cmd won't be completed in + * normal completion path + * + * INFLIGHT flag will be set when the cmd is queued to nbd next + * time. + */ + __clear_bit(NBD_CMD_INFLIGHT, &cmd->flags); + if (!test_and_set_bit(NBD_CMD_REQUEUED, &cmd->flags)) blk_mq_requeue_request(req, true); } @@ -434,8 +445,8 @@ static enum blk_eh_timer_return nbd_xmit_timeout(struct request *req, nbd_mark_nsock_dead(nbd, nsock, 1); mutex_unlock(&nsock->tx_lock); } - mutex_unlock(&cmd->lock); nbd_requeue_cmd(cmd); + mutex_unlock(&cmd->lock); nbd_config_put(nbd); return BLK_EH_DONE; } -- 2.39.2

2 1

[PATCH openEuler-22.03-LTS-SP1] nbd: fix race between timeout and normal completion
by Zheng Qixing 26 Oct '24

26 Oct '24

From: Ming Lei <ming.lei(a)redhat.com> mainline inclusion from mainline-v6.12-rc1 commit c9ea57c91f03bcad415e1a20113bdb2077bcf990 category: bugfix bugzilla: https://gitee.com/src-openeuler/kernel/issues/IAYQRD CVE: CVE-2024-49855 Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?… -------------------------------- If request timetout is handled by nbd_requeue_cmd(), normal completion has to be stopped for avoiding to complete this requeued request, other use-after-free can be triggered. Fix the race by clearing NBD_CMD_INFLIGHT in nbd_requeue_cmd(), meantime make sure that cmd->lock is grabbed for clearing the flag and the requeue. Cc: Josef Bacik <josef(a)toxicpanda.com> Cc: Yu Kuai <yukuai3(a)huawei.com> Fixes: 2895f1831e91 ("nbd: don't clear 'NBD_CMD_INFLIGHT' flag if request is not completed") Signed-off-by: Ming Lei <ming.lei(a)redhat.com> Reviewed-by: Yu Kuai <yukuai3(a)huawei.com> Link: https://lore.kernel.org/r/20240830034145.1827742-1-ming.lei@redhat.com Signed-off-by: Jens Axboe <axboe(a)kernel.dk> Signed-off-by: Zheng Qixing <zhengqixing(a)huawei.com> --- drivers/block/nbd.c | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/drivers/block/nbd.c b/drivers/block/nbd.c index 6a9e8fd84f03..9dbd7cb3df13 100644 --- a/drivers/block/nbd.c +++ b/drivers/block/nbd.c @@ -172,6 +172,17 @@ static void nbd_requeue_cmd(struct nbd_cmd *cmd) { struct request *req = blk_mq_rq_from_pdu(cmd); + lockdep_assert_held(&cmd->lock); + + /* + * Clear INFLIGHT flag so that this cmd won't be completed in + * normal completion path + * + * INFLIGHT flag will be set when the cmd is queued to nbd next + * time. + */ + __clear_bit(NBD_CMD_INFLIGHT, &cmd->flags); + if (!test_and_set_bit(NBD_CMD_REQUEUED, &cmd->flags)) blk_mq_requeue_request(req, true); } @@ -453,8 +464,8 @@ static enum blk_eh_timer_return nbd_xmit_timeout(struct request *req, nbd_mark_nsock_dead(nbd, nsock, 1); mutex_unlock(&nsock->tx_lock); } - mutex_unlock(&cmd->lock); nbd_requeue_cmd(cmd); + mutex_unlock(&cmd->lock); nbd_config_put(nbd); return BLK_EH_DONE; } -- 2.39.2

2 1

[PATCH OLK-5.10] nbd: fix race between timeout and normal completion
by Zheng Qixing 26 Oct '24

26 Oct '24

From: Ming Lei <ming.lei(a)redhat.com> mainline inclusion from mainline-v6.12-rc1 commit c9ea57c91f03bcad415e1a20113bdb2077bcf990 category: bugfix bugzilla: https://gitee.com/src-openeuler/kernel/issues/IAYQRD CVE: CVE-2024-49855 Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?… -------------------------------- If request timetout is handled by nbd_requeue_cmd(), normal completion has to be stopped for avoiding to complete this requeued request, other use-after-free can be triggered. Fix the race by clearing NBD_CMD_INFLIGHT in nbd_requeue_cmd(), meantime make sure that cmd->lock is grabbed for clearing the flag and the requeue. Cc: Josef Bacik <josef(a)toxicpanda.com> Cc: Yu Kuai <yukuai3(a)huawei.com> Fixes: 2895f1831e91 ("nbd: don't clear 'NBD_CMD_INFLIGHT' flag if request is not completed") Signed-off-by: Ming Lei <ming.lei(a)redhat.com> Reviewed-by: Yu Kuai <yukuai3(a)huawei.com> Link: https://lore.kernel.org/r/20240830034145.1827742-1-ming.lei@redhat.com Signed-off-by: Jens Axboe <axboe(a)kernel.dk> Signed-off-by: Zheng Qixing <zhengqixing(a)huawei.com> --- drivers/block/nbd.c | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/drivers/block/nbd.c b/drivers/block/nbd.c index 6a9e8fd84f03..9dbd7cb3df13 100644 --- a/drivers/block/nbd.c +++ b/drivers/block/nbd.c @@ -172,6 +172,17 @@ static void nbd_requeue_cmd(struct nbd_cmd *cmd) { struct request *req = blk_mq_rq_from_pdu(cmd); + lockdep_assert_held(&cmd->lock); + + /* + * Clear INFLIGHT flag so that this cmd won't be completed in + * normal completion path + * + * INFLIGHT flag will be set when the cmd is queued to nbd next + * time. + */ + __clear_bit(NBD_CMD_INFLIGHT, &cmd->flags); + if (!test_and_set_bit(NBD_CMD_REQUEUED, &cmd->flags)) blk_mq_requeue_request(req, true); } @@ -453,8 +464,8 @@ static enum blk_eh_timer_return nbd_xmit_timeout(struct request *req, nbd_mark_nsock_dead(nbd, nsock, 1); mutex_unlock(&nsock->tx_lock); } - mutex_unlock(&cmd->lock); nbd_requeue_cmd(cmd); + mutex_unlock(&cmd->lock); nbd_config_put(nbd); return BLK_EH_DONE; } -- 2.39.2

2 1

[PATCH OLK-6.6] nbd: fix race between timeout and normal completion
by Zheng Qixing 26 Oct '24

26 Oct '24

From: Ming Lei <ming.lei(a)redhat.com> stable inclusion from stable-v6.6.54 commit 6e73b946a379a1dfbb62626af93843bdfb53753d category: bugfix bugzilla: https://gitee.com/src-openeuler/kernel/issues/IAYQRD CVE: CVE-2024-49855 Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id… -------------------------------- [ Upstream commit c9ea57c91f03bcad415e1a20113bdb2077bcf990 ] If request timetout is handled by nbd_requeue_cmd(), normal completion has to be stopped for avoiding to complete this requeued request, other use-after-free can be triggered. Fix the race by clearing NBD_CMD_INFLIGHT in nbd_requeue_cmd(), meantime make sure that cmd->lock is grabbed for clearing the flag and the requeue. Cc: Josef Bacik <josef(a)toxicpanda.com> Cc: Yu Kuai <yukuai3(a)huawei.com> Fixes: 2895f1831e91 ("nbd: don't clear 'NBD_CMD_INFLIGHT' flag if request is not completed") Signed-off-by: Ming Lei <ming.lei(a)redhat.com> Reviewed-by: Yu Kuai <yukuai3(a)huawei.com> Link: https://lore.kernel.org/r/20240830034145.1827742-1-ming.lei@redhat.com Signed-off-by: Jens Axboe <axboe(a)kernel.dk> Signed-off-by: Sasha Levin <sashal(a)kernel.org> Signed-off-by: ZhangPeng <zhangpeng362(a)huawei.com> Signed-off-by: Zheng Qixing <zhengqixing(a)huawei.com> --- drivers/block/nbd.c | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/drivers/block/nbd.c b/drivers/block/nbd.c index 8bb5972284b5..74d1f9c26ecc 100644 --- a/drivers/block/nbd.c +++ b/drivers/block/nbd.c @@ -181,6 +181,17 @@ static void nbd_requeue_cmd(struct nbd_cmd *cmd) { struct request *req = blk_mq_rq_from_pdu(cmd); + lockdep_assert_held(&cmd->lock); + + /* + * Clear INFLIGHT flag so that this cmd won't be completed in + * normal completion path + * + * INFLIGHT flag will be set when the cmd is queued to nbd next + * time. + */ + __clear_bit(NBD_CMD_INFLIGHT, &cmd->flags); + if (!test_and_set_bit(NBD_CMD_REQUEUED, &cmd->flags)) blk_mq_requeue_request(req, true); } @@ -461,8 +472,8 @@ static enum blk_eh_timer_return nbd_xmit_timeout(struct request *req) nbd_mark_nsock_dead(nbd, nsock, 1); mutex_unlock(&nsock->tx_lock); } - mutex_unlock(&cmd->lock); nbd_requeue_cmd(cmd); + mutex_unlock(&cmd->lock); nbd_config_put(nbd); return BLK_EH_DONE; } -- 2.39.2

2 1

[openeuler:openEuler-1.0-LTS 14594/23859] arch/arm64/kvm/../../../virt/kvm/arm/arm.c:411:36: error: 'struct sched_info' has no member named 'run_delay'
by kernel test robot 26 Oct '24

26 Oct '24

Hi chenjiajun, FYI, the error/warning still remains. tree: https://gitee.com/openeuler/kernel.git openEuler-1.0-LTS head: d2a40c79ddef4b96b8a7a396bd7273121b1b4a5c commit: b94fc31d4e16ff65dc2141f0a1a3af6a3aac5bb2 [14594/23859] kvm: debugfs: aarch64 export cpu time related items to debugfs config: arm64-randconfig-003-20241026 (https://download.01.org/0day-ci/archive/20241026/202410260758.Qe33nEsp-lkp@…) compiler: aarch64-linux-gcc (GCC) 14.1.0 reproduce (this is a W=1 build): (https://download.01.org/0day-ci/archive/20241026/202410260758.Qe33nEsp-lkp@…) If you fix the issue in a separate patch/commit (i.e. not just a new version of the same patch/commit), kindly add following tags | Reported-by: kernel test robot <lkp(a)intel.com> | Closes: https://lore.kernel.org/oe-kbuild-all/202410260758.Qe33nEsp-lkp@intel.com/ All errors (new ones prefixed by >>): arch/arm64/kvm/../../../virt/kvm/arm/arm.c: In function 'update_steal_time': >> arch/arm64/kvm/../../../virt/kvm/arm/arm.c:411:36: error: 'struct sched_info' has no member named 'run_delay' 411 | delta = current->sched_info.run_delay - vcpu->stat.steal; | ^ arch/arm64/kvm/../../../virt/kvm/arm/arm.c:412:47: error: 'struct sched_info' has no member named 'run_delay' 412 | vcpu->stat.steal = current->sched_info.run_delay; | ^ vim +411 arch/arm64/kvm/../../../virt/kvm/arm/arm.c 406 407 static void update_steal_time(struct kvm_vcpu *vcpu) 408 { 409 u64 delta; 410 > 411 delta = current->sched_info.run_delay - vcpu->stat.steal; 412 vcpu->stat.steal = current->sched_info.run_delay; 413 vcpu->stat.st_max = max(vcpu->stat.st_max, delta); 414 } 415 -- 0-DAY CI Kernel Test Service https://github.com/intel/lkp-tests/wiki

1 0

[openeuler:openEuler-1.0-LTS] BUILD REGRESSION d2a40c79ddef4b96b8a7a396bd7273121b1b4a5c
by kernel test robot 26 Oct '24

26 Oct '24

tree/branch: https://gitee.com/openeuler/kernel.git openEuler-1.0-LTS branch HEAD: d2a40c79ddef4b96b8a7a396bd7273121b1b4a5c !12378 cgroup: Protect css->cgroup write under css_set_lock Error/Warning (recently discovered and may have been fixed): https://lore.kernel.org/oe-kbuild-all/202410251513.0TgJ5Ukq-lkp@intel.com https://lore.kernel.org/oe-kbuild-all/202410251924.cmJOufCW-lkp@intel.com ld.lld: error: undefined symbol: __alloc_skb ld.lld: error: undefined symbol: __netlink_kernel_create ld.lld: error: undefined symbol: __nlmsg_put ld.lld: error: undefined symbol: init_net ld.lld: error: undefined symbol: kfree_skb ld.lld: error: undefined symbol: netlink_broadcast ld.lld: error: undefined symbol: netlink_kernel_release Error/Warning ids grouped by kconfigs: recent_errors |-- arm64-allnoconfig | `-- kernel-sched-core.c:error:implicit-declaration-of-function-tg_update_affinity_domains |-- arm64-randconfig-001-20241026 | |-- drivers-clocksource-arm_arch_timer.c:error:hisi_161010101_read_cntvct_el0-undeclared-(first-use-in-this-function) | `-- drivers-tty-tty_buffer.c:error:implicit-declaration-of-function-printk_safe_exit |-- arm64-randconfig-002-20241026 | |-- drivers-crypto-hisilicon-qm.c:warning:Excess-function-parameter-ce-description-in-qm_hw_error_init | |-- drivers-crypto-hisilicon-qm.c:warning:Excess-function-parameter-fe-description-in-qm_hw_error_init | |-- drivers-crypto-hisilicon-qm.c:warning:Excess-function-parameter-msi-description-in-qm_hw_error_init | `-- drivers-crypto-hisilicon-qm.c:warning:Excess-function-parameter-nfe-description-in-qm_hw_error_init |-- arm64-randconfig-003-20241026 | `-- kernel-sched-core.c:error:implicit-declaration-of-function-tg_update_affinity_domains |-- arm64-randconfig-004-20241026 | `-- kernel-sched-core.c:error:implicit-declaration-of-function-tg_update_affinity_domains |-- x86_64-allyesconfig | `-- drivers-net-ethernet-stmicro-stmmac-dwmac-phytium.c:error:incompatible-pointer-to-integer-conversion-returning-void-from-a-function-with-result-type-int |-- x86_64-buildonly-randconfig-004-20241025 | |-- ld.lld:error:undefined-symbol:__alloc_skb | |-- ld.lld:error:undefined-symbol:__netlink_kernel_create | |-- ld.lld:error:undefined-symbol:__nlmsg_put | |-- ld.lld:error:undefined-symbol:init_net | |-- ld.lld:error:undefined-symbol:kfree_skb | |-- ld.lld:error:undefined-symbol:netlink_broadcast | `-- ld.lld:error:undefined-symbol:netlink_kernel_release |-- x86_64-buildonly-randconfig-004-20241026 | |-- arch-x86-kernel-cpu-mce-apei.o:warning:objtool:missing-symbol-for-section-.text | |-- arch-x86-kernel-cpu-mce-therm_throt.o:warning:objtool:missing-symbol-for-section-.irqentry.text | |-- drivers-net-ethernet-hisilicon-hns3-hns3_cae-hns3_cae_checksum.o:warning:objtool:missing-symbol-for-section-.text | |-- drivers-net-ethernet-hisilicon-hns3-hns3_cae-hns3_cae_cmd.o:warning:objtool:missing-symbol-for-section-.text | |-- drivers-net-ethernet-hisilicon-hns3-hns3_cae-hns3_cae_dcqcn.o:warning:objtool:missing-symbol-for-section-.text | |-- drivers-net-ethernet-hisilicon-hns3-hns3_cae-hns3_cae_dfx.o:warning:objtool:missing-symbol-for-section-.text | |-- drivers-net-ethernet-hisilicon-hns3-hns3_cae-hns3_cae_fd.o:warning:objtool:missing-symbol-for-section-.text | |-- drivers-net-ethernet-hisilicon-hns3-hns3_cae-hns3_cae_gro.o:warning:objtool:missing-symbol-for-section-.text | |-- drivers-net-ethernet-hisilicon-hns3-hns3_cae-hns3_cae_hilink_param.o:warning:objtool:missing-symbol-for-section-.text | |-- drivers-net-ethernet-hisilicon-hns3-hns3_cae-hns3_cae_irq.o:warning:objtool:missing-symbol-for-section-.text | |-- drivers-net-ethernet-hisilicon-hns3-hns3_cae-hns3_cae_led.o:warning:objtool:missing-symbol-for-section-.text | |-- drivers-net-ethernet-hisilicon-hns3-hns3_cae-hns3_cae_lib.o:warning:objtool:missing-symbol-for-section-.text | |-- drivers-net-ethernet-hisilicon-hns3-hns3_cae-hns3_cae_mac.o:warning:objtool:missing-symbol-for-section-.text | |-- drivers-net-ethernet-hisilicon-hns3-hns3_cae-hns3_cae_pfc_storm.o:warning:objtool:missing-symbol-for-section-.text | |-- drivers-net-ethernet-hisilicon-hns3-hns3_cae-hns3_cae_port.o:warning:objtool:missing-symbol-for-section-.text | |-- drivers-net-ethernet-hisilicon-hns3-hns3_cae-hns3_cae_promisc.o:warning:objtool:missing-symbol-for-section-.text | |-- drivers-net-ethernet-hisilicon-hns3-hns3_cae-hns3_cae_qinfo.o:warning:objtool:missing-symbol-for-section-.text | |-- drivers-net-ethernet-hisilicon-hns3-hns3_cae-hns3_cae_qos.o:warning:objtool:missing-symbol-for-section-.text | |-- drivers-net-ethernet-hisilicon-hns3-hns3_cae-hns3_cae_qres.o:warning:objtool:missing-symbol-for-section-.text | |-- drivers-net-ethernet-hisilicon-hns3-hns3_cae-hns3_cae_rss.o:warning:objtool:missing-symbol-for-section-.text | |-- drivers-net-ethernet-hisilicon-hns3-hns3_cae-hns3_cae_stat.o:warning:objtool:missing-symbol-for-section-.text | |-- drivers-net-ethernet-hisilicon-hns3-hns3_cae-hns3_cae_tm.o:warning:objtool:missing-symbol-for-section-.text | |-- drivers-net-ethernet-hisilicon-hns3-hns3_cae-hns3_cae_version.o:warning:objtool:missing-symbol-for-section-.text | |-- drivers-net-ethernet-hisilicon-hns3-hns3_cae-hns3_cae_vlan.o:warning:objtool:missing-symbol-for-section-.text | `-- drivers-net-ethernet-hisilicon-hns3-hns3_extension-hns3_enet_it.o:warning:objtool:missing-symbol-for-section-.text |-- x86_64-buildonly-randconfig-005-20241026 | |-- kernel-sched-core.c:error:implicit-declaration-of-function-init_auto_affinity-Werror-Wimplicit-function-declaration | |-- kernel-sched-core.c:error:implicit-declaration-of-function-tg_update_affinity_domains-Werror-Wimplicit-function-declaration | `-- kernel-sched-core.c:error:use-of-undeclared-identifier-root_task_group |-- x86_64-buildonly-randconfig-006-20241026 | `-- kernel-sched-core.c:error:implicit-declaration-of-function-tg_update_affinity_domains |-- x86_64-randconfig-003-20241026 | `-- kernel-sched-core.c:error:implicit-declaration-of-function-tg_update_affinity_domains `-- x86_64-randconfig-004-20241025 |-- drivers-gpu-drm-amd-amdgpu-amdgpu_ids.o:warning:objtool:amdgpu_vmid_grab:unreachable-instruction `-- fs-debugfs-file.o:warning:objtool:full_proxy_open:unreachable-instruction elapsed time: 1170m configs tested: 22 configs skipped: 126 tested configs: arm64 allmodconfig gcc-14.1.0 arm64 allnoconfig gcc-14.1.0 arm64 randconfig-001-20241026 gcc-14.1.0 arm64 randconfig-002-20241026 gcc-14.1.0 arm64 randconfig-003-20241026 gcc-14.1.0 arm64 randconfig-004-20241026 gcc-14.1.0 x86_64 allnoconfig clang-19 x86_64 allyesconfig clang-19 x86_64 buildonly-randconfig-001-20241026 clang-19 x86_64 buildonly-randconfig-002-20241026 clang-19 x86_64 buildonly-randconfig-003-20241026 gcc-12 x86_64 buildonly-randconfig-004-20241026 clang-19 x86_64 buildonly-randconfig-005-20241026 clang-19 x86_64 buildonly-randconfig-006-20241026 gcc-12 x86_64 defconfig gcc-11 x86_64 kexec clang-19 x86_64 randconfig-001-20241026 clang-19 x86_64 randconfig-002-20241026 gcc-12 x86_64 randconfig-003-20241026 gcc-12 x86_64 rhel-8.3 gcc-12 x86_64 rhel-8.3-func gcc-12 x86_64 rhel-8.3-kselftests gcc-12 -- 0-DAY CI Kernel Test Service https://github.com/intel/lkp-tests/wiki

1 0

[PATCH] sched: Fix compile warning about variable 'uclamp_mutex'
by Qi Xi 26 Oct '24

26 Oct '24

When build with CONFIG_UCLAMP_TASK && !CONFIG_UCLAMP_TASK_GROUP, the variable 'uclamp_mutex' is defined but not used: kernel/sched/core.c:1361:21: warning: 'uclamp_mutex' defined but not used [-Wunused-variable] 1361 | static DEFINE_MUTEX(uclamp_mutex); Fix this by only defining the variable uclamp_mutex when the CONFIG_UCLAMP_TASK_GROUP is enabled. Fixes: 2480c093130f ("sched/uclamp: Extend CPU's cgroup controller") Reported-by: kernel test robot <lkp(a)intel.com> Closes: https://lore.kernel.org/lkml/202410250459.EJe6PJI5-lkp@intel.com/ Signed-off-by: Qi Xi <xiqi2(a)huawei.com> --- kernel/sched/core.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/kernel/sched/core.c b/kernel/sched/core.c index f3951e4a55e5..9109fed6f022 100644 --- a/kernel/sched/core.c +++ b/kernel/sched/core.c @@ -1348,6 +1348,7 @@ void set_load_weight(struct task_struct *p, bool update_load) } #ifdef CONFIG_UCLAMP_TASK +#ifdef CONFIG_UCLAMP_TASK_GROUP /* * Serializes updates of utilization clamp values * @@ -1359,6 +1360,7 @@ void set_load_weight(struct task_struct *p, bool update_load) * updates or API abuses. */ static DEFINE_MUTEX(uclamp_mutex); +#endif /* CONFIG_UCLAMP_TASK_GROUP */ /* Max allowed minimum utilization */ static unsigned int __maybe_unused sysctl_sched_uclamp_util_min = SCHED_CAPACITY_SCALE; -- 2.33.0

2 2

[openeuler:OLK-5.10 3485/30000] drivers/scsi/sd.c:2200 sd_spinup_disk() warn: unsigned 'the_result' is never less than zero.
by kernel test robot 26 Oct '24

26 Oct '24

tree: https://gitee.com/openeuler/kernel.git OLK-5.10 head: 4cebfb91d97a164fb6f6411b9bfea81ca3b6fc45 commit: be9f642e83e44150c1e0b43e6abf884d07d6fe14 [3485/30000] scsi: core: Stop using DRIVER_ERROR config: x86_64-randconfig-161-20241023 (https://download.01.org/0day-ci/archive/20241026/202410260016.LNtj6mUK-lkp@…) compiler: clang version 18.1.8 (https://github.com/llvm/llvm-project 3b5b5c1ec4a3095ab096dd780e84d7ab81f3d7ff) If you fix the issue in a separate patch/commit (i.e. not just a new version of the same patch/commit), kindly add following tags | Reported-by: kernel test robot <lkp(a)intel.com> | Closes: https://lore.kernel.org/oe-kbuild-all/202410260016.LNtj6mUK-lkp@intel.com/ New smatch warnings: drivers/scsi/sd.c:2200 sd_spinup_disk() warn: unsigned 'the_result' is never less than zero. Old smatch warnings: drivers/scsi/sd.c:712 sd_sec_submit() warn: sizeof(NUMBER)? drivers/scsi/sd.c:1728 sd_sync_cache() warn: sizeof(NUMBER)? include/scsi/scsi_device.h:477 scsi_execute_req() warn: sizeof(NUMBER)? drivers/scsi/sd.c:3616 sd_start_stop_device() warn: sizeof(NUMBER)? vim +/the_result +2200 drivers/scsi/sd.c 2154 2155 /* 2156 * spinup disk - called only in sd_revalidate_disk() 2157 */ 2158 static void 2159 sd_spinup_disk(struct scsi_disk *sdkp) 2160 { 2161 unsigned char cmd[10]; 2162 unsigned long spintime_expire = 0; 2163 int retries, spintime; 2164 unsigned int the_result; 2165 struct scsi_sense_hdr sshdr; 2166 int sense_valid = 0; 2167 2168 spintime = 0; 2169 2170 /* Spin up drives, as required. Only do this at boot time */ 2171 /* Spinup needs to be done for module loads too. */ 2172 do { 2173 retries = 0; 2174 2175 do { 2176 cmd[0] = TEST_UNIT_READY; 2177 memset((void *) &cmd[1], 0, 9); 2178 2179 the_result = scsi_execute_req(sdkp->device, cmd, 2180 DMA_NONE, NULL, 0, 2181 &sshdr, SD_TIMEOUT, 2182 sdkp->max_retries, NULL); 2183 2184 /* 2185 * If the drive has indicated to us that it 2186 * doesn't have any media in it, don't bother 2187 * with any more polling. 2188 */ 2189 if (media_not_present(sdkp, &sshdr)) 2190 return; 2191 2192 if (the_result) 2193 sense_valid = scsi_sense_valid(&sshdr); 2194 retries++; 2195 } while (retries < 3 && 2196 (!scsi_status_is_good(the_result) || 2197 ((driver_byte(the_result) == DRIVER_SENSE) && 2198 sense_valid && sshdr.sense_key == UNIT_ATTENTION))); 2199 > 2200 if (the_result < 0 || driver_byte(the_result) != DRIVER_SENSE) { 2201 /* no sense, TUR either succeeded or failed 2202 * with a status error */ 2203 if(!spintime && !scsi_status_is_good(the_result)) { 2204 sd_print_result(sdkp, "Test Unit Ready failed", 2205 the_result); 2206 } 2207 break; 2208 } 2209 2210 /* 2211 * The device does not want the automatic start to be issued. 2212 */ 2213 if (sdkp->device->no_start_on_add) 2214 break; 2215 2216 if (sense_valid && sshdr.sense_key == NOT_READY) { 2217 if (sshdr.asc == 4 && sshdr.ascq == 3) 2218 break; /* manual intervention required */ 2219 if (sshdr.asc == 4 && sshdr.ascq == 0xb) 2220 break; /* standby */ 2221 if (sshdr.asc == 4 && sshdr.ascq == 0xc) 2222 break; /* unavailable */ 2223 if (sshdr.asc == 4 && sshdr.ascq == 0x1b) 2224 break; /* sanitize in progress */ 2225 /* 2226 * Issue command to spin up drive when not ready 2227 */ 2228 if (!spintime) { 2229 sd_printk(KERN_NOTICE, sdkp, "Spinning up disk..."); 2230 cmd[0] = START_STOP; 2231 cmd[1] = 1; /* Return immediately */ 2232 memset((void *) &cmd[2], 0, 8); 2233 cmd[4] = 1; /* Start spin cycle */ 2234 if (sdkp->device->start_stop_pwr_cond) 2235 cmd[4] |= 1 << 4; 2236 scsi_execute_req(sdkp->device, cmd, DMA_NONE, 2237 NULL, 0, &sshdr, 2238 SD_TIMEOUT, sdkp->max_retries, 2239 NULL); 2240 spintime_expire = jiffies + 100 * HZ; 2241 spintime = 1; 2242 } 2243 /* Wait 1 second for next try */ 2244 msleep(1000); 2245 printk(KERN_CONT "."); 2246 2247 /* 2248 * Wait for USB flash devices with slow firmware. 2249 * Yes, this sense key/ASC combination shouldn't 2250 * occur here. It's characteristic of these devices. 2251 */ 2252 } else if (sense_valid && 2253 sshdr.sense_key == UNIT_ATTENTION && 2254 sshdr.asc == 0x28) { 2255 if (!spintime) { 2256 spintime_expire = jiffies + 5 * HZ; 2257 spintime = 1; 2258 } 2259 /* Wait 1 second for next try */ 2260 msleep(1000); 2261 } else { 2262 /* we don't understand the sense code, so it's 2263 * probably pointless to loop */ 2264 if(!spintime) { 2265 sd_printk(KERN_NOTICE, sdkp, "Unit Not Ready\n"); 2266 sd_print_sense_hdr(sdkp, &sshdr); 2267 } 2268 break; 2269 } 2270 2271 } while (spintime && time_before_eq(jiffies, spintime_expire)); 2272 2273 if (spintime) { 2274 if (scsi_status_is_good(the_result)) 2275 printk(KERN_CONT "ready\n"); 2276 else 2277 printk(KERN_CONT "not responding...\n"); 2278 } 2279 } 2280 -- 0-DAY CI Kernel Test Service https://github.com/intel/lkp-tests/wiki

1 0

[PATCH OLK-6.6] drm/stm: Avoid use-after-free issues with crtc and plane
by Zhang Kunbo 25 Oct '24

25 Oct '24

From: Katya Orlova <e.orlova(a)ispras.ru> stable inclusion from stable-v6.6.55 commit 0a1741d10da29aa84955ef89ae9a03c4b6038657 category: bugfix bugzilla: https://gitee.com/src-openeuler/kernel/issues/IAYRAF CVE: CVE-2024-49992 Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id… -------------------------------- [ Upstream commit 19dd9780b7ac673be95bf6fd6892a184c9db611f ] ltdc_load() calls functions drm_crtc_init_with_planes(), drm_universal_plane_init() and drm_encoder_init(). These functions should not be called with parameters allocated with devm_kzalloc() to avoid use-after-free issues [1]. Use allocations managed by the DRM framework. Found by Linux Verification Center (linuxtesting.org). [1] https://lore.kernel.org/lkml/u366i76e3qhh3ra5oxrtngjtm2u5lterkekcz6y2jkndhu… Signed-off-by: Katya Orlova <e.orlova(a)ispras.ru> Acked-by: Raphaël Gallais-Pou <raphael.gallais-pou(a)foss.st.com> Link: https://patchwork.freedesktop.org/patch/msgid/20240216125040.8968-1-e.orlov… Signed-off-by: Raphael Gallais-Pou <raphael.gallais-pou(a)foss.st.com> Signed-off-by: Sasha Levin <sashal(a)kernel.org> Signed-off-by: Zhang Kunbo <zhangkunbo(a)huawei.com> --- drivers/gpu/drm/stm/drv.c | 3 +- drivers/gpu/drm/stm/ltdc.c | 73 ++++++++++---------------------------- 2 files changed, 20 insertions(+), 56 deletions(-) diff --git a/drivers/gpu/drm/stm/drv.c b/drivers/gpu/drm/stm/drv.c index e8523abef27a..152bec2c0238 100644 --- a/drivers/gpu/drm/stm/drv.c +++ b/drivers/gpu/drm/stm/drv.c @@ -25,6 +25,7 @@ #include <drm/drm_module.h> #include <drm/drm_probe_helper.h> #include <drm/drm_vblank.h> +#include <drm/drm_managed.h> #include "ltdc.h" @@ -75,7 +76,7 @@ static int drv_load(struct drm_device *ddev) DRM_DEBUG("%s\n", __func__); - ldev = devm_kzalloc(ddev->dev, sizeof(*ldev), GFP_KERNEL); + ldev = drmm_kzalloc(ddev, sizeof(*ldev), GFP_KERNEL); if (!ldev) return -ENOMEM; diff --git a/drivers/gpu/drm/stm/ltdc.c b/drivers/gpu/drm/stm/ltdc.c index 5576fdae4962..eeaabb4e10d3 100644 --- a/drivers/gpu/drm/stm/ltdc.c +++ b/drivers/gpu/drm/stm/ltdc.c @@ -36,6 +36,7 @@ #include <drm/drm_probe_helper.h> #include <drm/drm_simple_kms_helper.h> #include <drm/drm_vblank.h> +#include <drm/drm_managed.h> #include <video/videomode.h> @@ -1199,7 +1200,6 @@ static void ltdc_crtc_atomic_print_state(struct drm_printer *p, } static const struct drm_crtc_funcs ltdc_crtc_funcs = { - .destroy = drm_crtc_cleanup, .set_config = drm_atomic_helper_set_config, .page_flip = drm_atomic_helper_page_flip, .reset = drm_atomic_helper_crtc_reset, @@ -1212,7 +1212,6 @@ static const struct drm_crtc_funcs ltdc_crtc_funcs = { }; static const struct drm_crtc_funcs ltdc_crtc_with_crc_support_funcs = { - .destroy = drm_crtc_cleanup, .set_config = drm_atomic_helper_set_config, .page_flip = drm_atomic_helper_page_flip, .reset = drm_atomic_helper_crtc_reset, @@ -1545,7 +1544,6 @@ static void ltdc_plane_atomic_print_state(struct drm_printer *p, static const struct drm_plane_funcs ltdc_plane_funcs = { .update_plane = drm_atomic_helper_update_plane, .disable_plane = drm_atomic_helper_disable_plane, - .destroy = drm_plane_cleanup, .reset = drm_atomic_helper_plane_reset, .atomic_duplicate_state = drm_atomic_helper_plane_duplicate_state, .atomic_destroy_state = drm_atomic_helper_plane_destroy_state, @@ -1572,7 +1570,6 @@ static struct drm_plane *ltdc_plane_create(struct drm_device *ddev, const u64 *modifiers = ltdc_format_modifiers; u32 lofs = index * LAY_OFS; u32 val; - int ret; /* Allocate the biggest size according to supported color formats */ formats = devm_kzalloc(dev, (ldev->caps.pix_fmt_nb + @@ -1613,14 +1610,10 @@ static struct drm_plane *ltdc_plane_create(struct drm_device *ddev, } } - plane = devm_kzalloc(dev, sizeof(*plane), GFP_KERNEL); - if (!plane) - return NULL; - - ret = drm_universal_plane_init(ddev, plane, possible_crtcs, - &ltdc_plane_funcs, formats, nb_fmt, - modifiers, type, NULL); - if (ret < 0) + plane = drmm_universal_plane_alloc(ddev, struct drm_plane, dev, + possible_crtcs, &ltdc_plane_funcs, formats, + nb_fmt, modifiers, type, NULL); + if (IS_ERR(plane)) return NULL; if (ldev->caps.ycbcr_input) { @@ -1643,15 +1636,6 @@ static struct drm_plane *ltdc_plane_create(struct drm_device *ddev, return plane; } -static void ltdc_plane_destroy_all(struct drm_device *ddev) -{ - struct drm_plane *plane, *plane_temp; - - list_for_each_entry_safe(plane, plane_temp, - &ddev->mode_config.plane_list, head) - drm_plane_cleanup(plane); -} - static int ltdc_crtc_init(struct drm_device *ddev, struct drm_crtc *crtc) { struct ltdc_device *ldev = ddev->dev_private; @@ -1677,14 +1661,14 @@ static int ltdc_crtc_init(struct drm_device *ddev, struct drm_crtc *crtc) /* Init CRTC according to its hardware features */ if (ldev->caps.crc) - ret = drm_crtc_init_with_planes(ddev, crtc, primary, NULL, - &ltdc_crtc_with_crc_support_funcs, NULL); + ret = drmm_crtc_init_with_planes(ddev, crtc, primary, NULL, + &ltdc_crtc_with_crc_support_funcs, NULL); else - ret = drm_crtc_init_with_planes(ddev, crtc, primary, NULL, - &ltdc_crtc_funcs, NULL); + ret = drmm_crtc_init_with_planes(ddev, crtc, primary, NULL, + &ltdc_crtc_funcs, NULL); if (ret) { DRM_ERROR("Can not initialize CRTC\n"); - goto cleanup; + return ret; } drm_crtc_helper_add(crtc, &ltdc_crtc_helper_funcs); @@ -1698,9 +1682,8 @@ static int ltdc_crtc_init(struct drm_device *ddev, struct drm_crtc *crtc) for (i = 1; i < ldev->caps.nb_layers; i++) { overlay = ltdc_plane_create(ddev, DRM_PLANE_TYPE_OVERLAY, i); if (!overlay) { - ret = -ENOMEM; DRM_ERROR("Can not create overlay plane %d\n", i); - goto cleanup; + return -ENOMEM; } if (ldev->caps.dynamic_zorder) drm_plane_create_zpos_property(overlay, i, 0, ldev->caps.nb_layers - 1); @@ -1713,10 +1696,6 @@ static int ltdc_crtc_init(struct drm_device *ddev, struct drm_crtc *crtc) } return 0; - -cleanup: - ltdc_plane_destroy_all(ddev); - return ret; } static void ltdc_encoder_disable(struct drm_encoder *encoder) @@ -1776,23 +1755,19 @@ static int ltdc_encoder_init(struct drm_device *ddev, struct drm_bridge *bridge) struct drm_encoder *encoder; int ret; - encoder = devm_kzalloc(ddev->dev, sizeof(*encoder), GFP_KERNEL); - if (!encoder) - return -ENOMEM; + encoder = drmm_simple_encoder_alloc(ddev, struct drm_encoder, dev, + DRM_MODE_ENCODER_DPI); + if (IS_ERR(encoder)) + return PTR_ERR(encoder); encoder->possible_crtcs = CRTC_MASK; encoder->possible_clones = 0; /* No cloning support */ - drm_simple_encoder_init(ddev, encoder, DRM_MODE_ENCODER_DPI); - drm_encoder_helper_add(encoder, &ltdc_encoder_helper_funcs); ret = drm_bridge_attach(encoder, bridge, NULL, 0); - if (ret) { - if (ret != -EPROBE_DEFER) - drm_encoder_cleanup(encoder); + if (ret) return ret; - } DRM_DEBUG_DRIVER("Bridge encoder:%d created\n", encoder->base.id); @@ -1962,8 +1937,7 @@ int ltdc_load(struct drm_device *ddev) goto err; if (panel) { - bridge = drm_panel_bridge_add_typed(panel, - DRM_MODE_CONNECTOR_DPI); + bridge = drmm_panel_bridge_add(ddev, panel); if (IS_ERR(bridge)) { DRM_ERROR("panel-bridge endpoint %d\n", i); ret = PTR_ERR(bridge); @@ -2045,7 +2019,7 @@ int ltdc_load(struct drm_device *ddev) } } - crtc = devm_kzalloc(dev, sizeof(*crtc), GFP_KERNEL); + crtc = drmm_kzalloc(ddev, sizeof(*crtc), GFP_KERNEL); if (!crtc) { DRM_ERROR("Failed to allocate crtc\n"); ret = -ENOMEM; @@ -2072,9 +2046,6 @@ int ltdc_load(struct drm_device *ddev) return 0; err: - for (i = 0; i < nb_endpoints; i++) - drm_of_panel_bridge_remove(ddev->dev->of_node, 0, i); - clk_disable_unprepare(ldev->pixel_clk); return ret; @@ -2082,16 +2053,8 @@ int ltdc_load(struct drm_device *ddev) void ltdc_unload(struct drm_device *ddev) { - struct device *dev = ddev->dev; - int nb_endpoints, i; - DRM_DEBUG_DRIVER("\n"); - nb_endpoints = of_graph_get_endpoint_count(dev->of_node); - - for (i = 0; i < nb_endpoints; i++) - drm_of_panel_bridge_remove(ddev->dev->of_node, 0, i); - pm_runtime_disable(ddev->dev); } -- 2.34.1

2 1

2024

2023

2022

2021

2020

2019

Kernel October 2024