- Kernel - mailweb.openeuler.org

[PATCH OLK-6.6] nfsd: handle get_client_locked() failure in nfsd4_setclientid_confirm()
by Li Lingfeng 06 Sep '25

06 Sep '25

From: Jeff Layton <jlayton(a)kernel.org> mainline inclusion from mainline-v6.17-rc1 commit 908e4ead7f757504d8b345452730636e298cbf68 category: bugfix bugzilla: https://gitee.com/src-openeuler/kernel/issues/ICWGI5 CVE: CVE-2025-38724 Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?… -------------------------------- Lei Lu recently reported that nfsd4_setclientid_confirm() did not check the return value from get_client_locked(). a SETCLIENTID_CONFIRM could race with a confirmed client expiring and fail to get a reference. That could later lead to a UAF. Fix this by getting a reference early in the case where there is an extant confirmed client. If that fails then treat it as if there were no confirmed client found at all. In the case where the unconfirmed client is expiring, just fail and return the result from get_client_locked(). Reported-by: lei lu <llfamsec(a)gmail.com> Closes: https://lore.kernel.org/linux-nfs/CAEBF3_b=UvqzNKdnfD_52L05Mqrqui9vZ2eFamgA… Fixes: d20c11d86d8f ("nfsd: Protect session creation and client confirm using client_lock") Cc: stable(a)vger.kernel.org Signed-off-by: Jeff Layton <jlayton(a)kernel.org> Signed-off-by: Chuck Lever <chuck.lever(a)oracle.com> Signed-off-by: Li Lingfeng <lilingfeng3(a)huawei.com> --- fs/nfsd/nfs4state.c | 20 +++++++++++++++----- 1 file changed, 15 insertions(+), 5 deletions(-) diff --git a/fs/nfsd/nfs4state.c b/fs/nfsd/nfs4state.c index dfa2aa91fcac..35ff565ed9a7 100644 --- a/fs/nfsd/nfs4state.c +++ b/fs/nfsd/nfs4state.c @@ -4274,10 +4274,16 @@ nfsd4_setclientid_confirm(struct svc_rqst *rqstp, } status = nfs_ok; if (conf) { - old = unconf; - unhash_client_locked(old); - nfsd4_change_callback(conf, &unconf->cl_cb_conn); - } else { + if (get_client_locked(conf) == nfs_ok) { + old = unconf; + unhash_client_locked(old); + nfsd4_change_callback(conf, &unconf->cl_cb_conn); + } else { + conf = NULL; + } + } + + if (!conf) { old = find_confirmed_client_by_name(&unconf->cl_name, nn); if (old) { status = nfserr_clid_inuse; @@ -4294,10 +4300,14 @@ nfsd4_setclientid_confirm(struct svc_rqst *rqstp, } trace_nfsd_clid_replaced(&old->cl_clientid); } + status = get_client_locked(unconf); + if (status != nfs_ok) { + old = NULL; + goto out; + } move_to_confirmed(unconf); conf = unconf; } - get_client_locked(conf); spin_unlock(&nn->client_lock); if (conf == unconf) fsnotify_dentry(conf->cl_nfsd_info_dentry, FS_MODIFY); -- 2.46.1

2 1

[openeuler:openEuler-1.0-LTS 1740/1740] mm/page_alloc.c:3684:54: sparse: sparse: incorrect type in argument 1 (different base types)
by kernel test robot 05 Sep '25

05 Sep '25

tree: https://gitee.com/openeuler/kernel.git openEuler-1.0-LTS head: e0480ba0432569e9691f36270fde74a39a59fb0c commit: 9b6c51cd780588813c5d327e2a6d677d010a2b6f [1740/1740] mm: fix zoneref mapping problem in memory reliable config: arm64-randconfig-r121-20250729 (https://download.01.org/0day-ci/archive/20250905/202509052100.LAoxUFGM-lkp@…) compiler: aarch64-linux-gcc (GCC) 15.1.0 reproduce: (https://download.01.org/0day-ci/archive/20250905/202509052100.LAoxUFGM-lkp@…) If you fix the issue in a separate patch/commit (i.e. not just a new version of the same patch/commit), kindly add following tags | Reported-by: kernel test robot <lkp(a)intel.com> | Closes: https://lore.kernel.org/oe-kbuild-all/202509052100.LAoxUFGM-lkp@intel.com/ sparse warnings: (new ones prefixed by >>) mm/page_alloc.c:140:1: sparse: sparse: symbol 'pcpu_drain_mutex' was not declared. Should it be static? mm/page_alloc.c: note: in included file (through include/linux/mm.h): include/linux/mem_reliable.h:68:15: sparse: sparse: restricted gfp_t degrades to integer mm/page_alloc.c:4656:13: sparse: sparse: restricted gfp_t degrades to integer mm/page_alloc.c:4661:35: sparse: sparse: invalid assignment: |= mm/page_alloc.c:4661:35: sparse: left side has type restricted gfp_t mm/page_alloc.c:4661:35: sparse: right side has type unsigned int mm/page_alloc.c:4677:35: sparse: sparse: invalid assignment: |= mm/page_alloc.c:4677:35: sparse: left side has type restricted gfp_t mm/page_alloc.c:4677:35: sparse: right side has type unsigned int mm/page_alloc.c:4683:35: sparse: sparse: invalid assignment: |= mm/page_alloc.c:4683:35: sparse: left side has type restricted gfp_t mm/page_alloc.c:4683:35: sparse: right side has type unsigned int mm/page_alloc.c:4698:35: sparse: sparse: invalid assignment: |= mm/page_alloc.c:4698:35: sparse: left side has type restricted gfp_t mm/page_alloc.c:4698:35: sparse: right side has type unsigned int mm/page_alloc.c: note: in included file (through include/linux/mm.h): include/linux/gfp.h:457:34: sparse: sparse: restricted gfp_t degrades to integer include/linux/gfp.h:324:27: sparse: sparse: restricted gfp_t degrades to integer include/linux/gfp.h:324:27: sparse: sparse: restricted gfp_t degrades to integer mm/page_alloc.c:3683:14: sparse: sparse: restricted gfp_t degrades to integer mm/page_alloc.c:3684:45: sparse: sparse: restricted gfp_t degrades to integer >> mm/page_alloc.c:3684:54: sparse: sparse: incorrect type in argument 1 (different base types) @@ expected restricted gfp_t [usertype] flags @@ got unsigned int @@ mm/page_alloc.c:3684:54: sparse: expected restricted gfp_t [usertype] flags mm/page_alloc.c:3684:54: sparse: got unsigned int include/linux/gfp.h:457:34: sparse: sparse: restricted gfp_t degrades to integer mm/page_alloc.c:3701:14: sparse: sparse: restricted gfp_t degrades to integer include/linux/gfp.h:457:34: sparse: sparse: restricted gfp_t degrades to integer include/linux/gfp.h:457:34: sparse: sparse: restricted gfp_t degrades to integer mm/page_alloc.c: In function 'mem_init_print_info': mm/page_alloc.c:7512:27: warning: comparison between two arrays [-Warray-compare] 7512 | if (start <= pos && pos < end && size > adj) 36- | ^~ mm/page_alloc.c:7516:9: note: in expansion of macro 'adj_init_size' 7516 | adj_init_size(__init_begin, __init_end, init_data_size, | ^~~~~~~~~~~~~ mm/page_alloc.c:7512:27: note: use '&__init_begin[0] <= &_sinittext[0]' to compare the addresses 7512 | if (start <= pos && pos < end && size > adj) 42- | ^~ mm/page_alloc.c:7516:9: note: in expansion of macro 'adj_init_size' 7516 | adj_init_size(__init_begin, __init_end, init_data_size, | ^~~~~~~~~~~~~ mm/page_alloc.c:7512:41: warning: comparison between two arrays [-Warray-compare] 7512 | if (start <= pos && pos < end && size > adj) 48- | ^ mm/page_alloc.c:7516:9: note: in expansion of macro 'adj_init_size' 7516 | adj_init_size(__init_begin, __init_end, init_data_size, | ^~~~~~~~~~~~~ mm/page_alloc.c:7512:41: note: use '&_sinittext[0] < &__init_end[0]' to compare the addresses 7512 | if (start <= pos && pos < end && size > adj) 54- | ^ mm/page_alloc.c:7516:9: note: in expansion of macro 'adj_init_size' 7516 | adj_init_size(__init_begin, __init_end, init_data_size, | ^~~~~~~~~~~~~ mm/page_alloc.c:7512:27: warning: comparison between two arrays [-Warray-compare] 7512 | if (start <= pos && pos < end && size > adj) 60- | ^~ mm/page_alloc.c:7518:9: note: in expansion of macro 'adj_init_size' 7518 | adj_init_size(_stext, _etext, codesize, _sinittext, init_code_size); | ^~~~~~~~~~~~~ mm/page_alloc.c:7512:27: note: use '&_stext[0] <= &_sinittext[0]' to compare the addresses 7512 | if (start <= pos && pos < end && size > adj) 66- | ^~ mm/page_alloc.c:7518:9: note: in expansion of macro 'adj_init_size' 7518 | adj_init_size(_stext, _etext, codesize, _sinittext, init_code_size); | ^~~~~~~~~~~~~ mm/page_alloc.c:7512:41: warning: comparison between two arrays [-Warray-compare] 7512 | if (start <= pos && pos < end && size > adj) 72- | ^ mm/page_alloc.c:7518:9: note: in expansion of macro 'adj_init_size' 7518 | adj_init_size(_stext, _etext, codesize, _sinittext, init_code_size); | ^~~~~~~~~~~~~ mm/page_alloc.c:7512:41: note: use '&_sinittext[0] < &_etext[0]' to compare the addresses 7512 | if (start <= pos && pos < end && size > adj) 78- | ^ mm/page_alloc.c:7518:9: note: in expansion of macro 'adj_init_size' 7518 | adj_init_size(_stext, _etext, codesize, _sinittext, init_code_size); | ^~~~~~~~~~~~~ mm/page_alloc.c:7512:27: warning: comparison between two arrays [-Warray-compare] 7512 | if (start <= pos && pos < end && size > adj) 84- | ^~ mm/page_alloc.c:7519:9: note: in expansion of macro 'adj_init_size' 7519 | adj_init_size(_sdata, _edata, datasize, __init_begin, init_data_size); | ^~~~~~~~~~~~~ mm/page_alloc.c:7512:27: note: use '&_sdata[0] <= &__init_begin[0]' to compare the addresses 7512 | if (start <= pos && pos < end && size > adj) 90- | ^~ mm/page_alloc.c:7519:9: note: in expansion of macro 'adj_init_size' 7519 | adj_init_size(_sdata, _edata, datasize, __init_begin, init_data_size); | ^~~~~~~~~~~~~ mm/page_alloc.c:7512:41: warning: comparison between two arrays [-Warray-compare] 7512 | if (start <= pos && pos < end && size > adj) 96- | ^ mm/page_alloc.c:7519:9: note: in expansion of macro 'adj_init_size' 7519 | adj_init_size(_sdata, _edata, datasize, __init_begin, init_data_size); | ^~~~~~~~~~~~~ mm/page_alloc.c:7512:41: note: use '&__init_begin[0] < &_edata[0]' to compare the addresses 7512 | if (start <= pos && pos < end && size > adj) 102- | ^ mm/page_alloc.c:7519:9: note: in expansion of macro 'adj_init_size' 7519 | adj_init_size(_sdata, _edata, datasize, __init_begin, init_data_size); | ^~~~~~~~~~~~~ mm/page_alloc.c:7512:27: warning: comparison between two arrays [-Warray-compare] 7512 | if (start <= pos && pos < end && size > adj) 108- | ^~ mm/page_alloc.c:7520:9: note: in expansion of macro 'adj_init_size' 7520 | adj_init_size(_stext, _etext, codesize, __start_rodata, rosize); | ^~~~~~~~~~~~~ mm/page_alloc.c:7512:27: note: use '&_stext[0] <= &__start_rodata[0]' to compare the addresses 7512 | if (start <= pos && pos < end && size > adj) 114- | ^~ mm/page_alloc.c:7520:9: note: in expansion of macro 'adj_init_size' 7520 | adj_init_size(_stext, _etext, codesize, __start_rodata, rosize); | ^~~~~~~~~~~~~ mm/page_alloc.c:7512:41: warning: comparison between two arrays [-Warray-compare] 7512 | if (start <= pos && pos < end && size > adj) 120- | ^ mm/page_alloc.c:7520:9: note: in expansion of macro 'adj_init_size' 7520 | adj_init_size(_stext, _etext, codesize, __start_rodata, rosize); | ^~~~~~~~~~~~~ mm/page_alloc.c:7512:41: note: use '&__start_rodata[0] < &_etext[0]' to compare the addresses 7512 | if (start <= pos && pos < end && size > adj) 126- | ^ vim +3684 mm/page_alloc.c 3673 3674 #ifdef CONFIG_MEMORY_RELIABLE 3675 static inline void reliable_fb_find_zone(gfp_t gfp_mask, 3676 struct alloc_context *ac) 3677 { 3678 if (!reliable_allow_fb_enabled()) 3679 return; 3680 3681 /* dst node don't have zone we want, fallback here */ 3682 if ((gfp_mask & __GFP_THISNODE) && (ac->high_zoneidx == ZONE_NORMAL) && 3683 (gfp_mask & ___GFP_RELIABILITY)) { > 3684 ac->high_zoneidx = gfp_zone(gfp_mask & ~___GFP_RELIABILITY); 3685 ac->preferred_zoneref = first_zones_zonelist( 3686 ac->zonelist, ac->high_zoneidx, ac->nodemask); 3687 } 3688 3689 return; 3690 } 3691 -- 0-DAY CI Kernel Test Service https://github.com/intel/lkp-tests/wiki

1 0

[openeuler:openEuler-1.0-LTS 1740/1740] mm/mem_reliable.c:401:5: sparse: sparse: symbol 'reliable_pagecache_max_bytes_write' was not declared. Should it be static?
by kernel test robot 05 Sep '25

05 Sep '25

tree: https://gitee.com/openeuler/kernel.git openEuler-1.0-LTS head: 1668dbce6652e9dda648454d3f23d43f913bc9b4 commit: 6943b93b464351cbc35aa002e86bac48e08b1c3f [1740/1740] mm: add support for limiting the usage of reliable memory in pagecache config: arm64-randconfig-r121-20250729 (https://download.01.org/0day-ci/archive/20250905/202509051719.RKG4X8Zq-lkp@…) compiler: aarch64-linux-gcc (GCC) 15.1.0 reproduce: (https://download.01.org/0day-ci/archive/20250905/202509051719.RKG4X8Zq-lkp@…) If you fix the issue in a separate patch/commit (i.e. not just a new version of the same patch/commit), kindly add following tags | Reported-by: kernel test robot <lkp(a)intel.com> | Closes: https://lore.kernel.org/oe-kbuild-all/202509051719.RKG4X8Zq-lkp@intel.com/ sparse warnings: (new ones prefixed by >>) mm/mem_reliable.c:39:1: sparse: sparse: symbol 'pagecache_reliable_pages' was not declared. Should it be static? mm/mem_reliable.c:67:14: sparse: sparse: restricted gfp_t degrades to integer mm/mem_reliable.c:250:5: sparse: sparse: symbol 'reliable_limit_handler' was not declared. Should it be static? mm/mem_reliable.c:323:5: sparse: sparse: symbol 'reliable_debug_handler' was not declared. Should it be static? mm/mem_reliable.c:356:5: sparse: sparse: symbol 'reliable_reserve_size_handler' was not declared. Should it be static? >> mm/mem_reliable.c:401:5: sparse: sparse: symbol 'reliable_pagecache_max_bytes_write' was not declared. Should it be static? >> mm/mem_reliable.c:487:14: sparse: sparse: invalid assignment: |= mm/mem_reliable.c:487:14: sparse: left side has type restricted gfp_t mm/mem_reliable.c:487:14: sparse: right side has type unsigned int mm/mem_reliable.c:491:14: sparse: sparse: invalid assignment: &= mm/mem_reliable.c:491:14: sparse: left side has type restricted gfp_t mm/mem_reliable.c:491:14: sparse: right side has type unsigned int mm/mem_reliable.c:250:5: warning: no previous prototype for 'reliable_limit_handler' [-Wmissing-prototypes] 250 | int reliable_limit_handler(struct ctl_table *table, int write, | ^~~~~~~~~~~~~~~~~~~~~~ mm/mem_reliable.c:323:5: warning: no previous prototype for 'reliable_debug_handler' [-Wmissing-prototypes] 323 | int reliable_debug_handler(struct ctl_table *table, int write, | ^~~~~~~~~~~~~~~~~~~~~~ mm/mem_reliable.c:356:5: warning: no previous prototype for 'reliable_reserve_size_handler' [-Wmissing-prototypes] 356 | int reliable_reserve_size_handler(struct ctl_table *table, int write, | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~ mm/mem_reliable.c:401:5: warning: no previous prototype for 'reliable_pagecache_max_bytes_write' [-Wmissing-prototypes] 401 | int reliable_pagecache_max_bytes_write(struct ctl_table *table, int write, | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ vim +/reliable_pagecache_max_bytes_write +401 mm/mem_reliable.c 400 > 401 int reliable_pagecache_max_bytes_write(struct ctl_table *table, int write, 402 void __user *buffer, size_t *length, loff_t *ppos) 403 { 404 unsigned long old_value = reliable_pagecache_max_bytes; 405 int ret; 406 407 ret = proc_doulongvec_minmax(table, write, buffer, length, ppos); 408 if (!ret && write) { 409 if (reliable_pagecache_max_bytes > total_reliable_mem_sz()) { 410 reliable_pagecache_max_bytes = old_value; 411 return -EINVAL; 412 } 413 } 414 415 return ret; 416 } 417 418 static struct ctl_table reliable_ctl_table[] = { 419 { 420 .procname = "task_reliable_limit", 421 .data = &task_reliable_limit, 422 .maxlen = sizeof(task_reliable_limit), 423 .mode = 0644, 424 .proc_handler = reliable_limit_handler, 425 }, 426 { 427 .procname = "reliable_debug", 428 .data = &mem_reliable_ctrl_bits, 429 .maxlen = sizeof(mem_reliable_ctrl_bits), 430 .mode = 0600, 431 .proc_handler = reliable_debug_handler, 432 }, 433 { 434 .procname = "reliable_reserve_size", 435 .data = &sysctl_reliable_reserve_size, 436 .maxlen = sizeof(sysctl_reliable_reserve_size), 437 .mode = 0644, 438 .proc_handler = reliable_reserve_size_handler, 439 }, 440 #ifdef CONFIG_SHMEM 441 { 442 .procname = "shmem_reliable_bytes_limit", 443 .data = &sysctl_shmem_reliable_bytes_limit, 444 .maxlen = sizeof(sysctl_shmem_reliable_bytes_limit), 445 .mode = 0644, 446 .proc_handler = reliable_shmem_bytes_limit_handler, 447 }, 448 #endif 449 { 450 .procname = "reliable_pagecache_max_bytes", 451 .data = &reliable_pagecache_max_bytes, 452 .maxlen = sizeof(reliable_pagecache_max_bytes), 453 .mode = 0644, 454 .proc_handler = reliable_pagecache_max_bytes_write, 455 .extra1 = &zero, 456 }, 457 {} 458 }; 459 460 static struct ctl_table reliable_dir_table[] = { 461 { 462 .procname = "vm", 463 .maxlen = 0, 464 .mode = 0555, 465 .child = reliable_ctl_table, 466 }, 467 {} 468 }; 469 470 void page_cache_prepare_alloc(gfp_t *gfp) 471 { 472 long nr_reliable = 0; 473 int cpu; 474 475 if (!mem_reliable_is_enabled()) 476 return; 477 478 for_each_possible_cpu(cpu) 479 nr_reliable += this_cpu_read(pagecache_reliable_pages); 480 481 if (nr_reliable < 0) 482 goto no_reliable; 483 484 if (nr_reliable > reliable_pagecache_max_bytes >> PAGE_SHIFT) 485 goto no_reliable; 486 > 487 *gfp |= ___GFP_RELIABILITY; 488 return; 489 490 no_reliable: 491 *gfp &= ~___GFP_RELIABILITY; 492 } 493 -- 0-DAY CI Kernel Test Service https://github.com/intel/lkp-tests/wiki

1 0

[PATCH OLK-5.10] memcg: introduce memcg early oom feature
by zhaoxuedong 05 Sep '25

05 Sep '25

From: Zhao Xuedong <zhaoxuedong(a)meituan.com> meituan inclusion category: feature bugzilla: https://gitee.com/openeuler/kernel/issues/ICTXDJ CVE: NA -------------------------------- Introduce memcg early oom feature to trigger OOM killer earlier; this feature is disabled by default. Signed-off-by: Zhao Xuedong <zhaoxuedong(a)meituan.com> --- mm/Kconfig | 14 ++++++++++ mm/vmscan.c | 75 +++++++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 89 insertions(+) diff --git a/mm/Kconfig b/mm/Kconfig index cc43f5124cb3..89bcb73b6a5b 100644 --- a/mm/Kconfig +++ b/mm/Kconfig @@ -521,6 +521,20 @@ config MEMCG_SWAP_QOS memcg swap control include memory force swapin, swapfile control and swap limit. +config MEMCG_EARLY_OOM + bool "Enable aggressive memcg OOM killing under memory pressure" + depends on MEMCG + depends on X86 || ARM64 + default n + help + MEMCG_EARLY_OOM makes memory cgroups trigger OOM killer earlier + and more aggressively when under memory pressure, rather than + attempting to reclaim very small amounts of file pages through + prolonged reclaim attempts. + + Say "y" if you prefer fast OOM kills over prolonged reclaim + attempts. + config ETMEM_SCAN tristate "module: etmem page scan for etmem support" depends on ETMEM diff --git a/mm/vmscan.c b/mm/vmscan.c index e82d7995b548..4b1d8dbc5e3c 100644 --- a/mm/vmscan.c +++ b/mm/vmscan.c @@ -2470,11 +2470,62 @@ static bool inactive_is_low(struct lruvec *lruvec, enum lru_list inactive_lru) return inactive * inactive_ratio < active; } +#ifdef CONFIG_MEMCG_EARLY_OOM +/* Check if swap usage is over the limit for cgroupv1. */ +static bool is_swap_over_limit(struct mem_cgroup *memcg) +{ + unsigned long mem_limit = READ_ONCE(memcg->memory.max); + unsigned long memsw_limit = READ_ONCE(memcg->memsw.max); + + if (memsw_limit <= mem_limit) + return false; + + return (page_counter_read(&memcg->memsw) - + page_counter_read(&memcg->memory)) > + (memsw_limit - mem_limit); +} + +/* + * Check if file cache is too small to reclaim and anonymous pages are reclaimable. + * Returns true if: + * 1. File cache (+ free space) is below the minimum threshold (pages_min), AND + * 2. Anonymous pages are allowed to be deactivated, AND + * 3. Anonymous pages are abundant relative to reclaim priority + */ +static bool memcg_should_skip_file_reclaim(struct mem_cgroup *memcg, + struct scan_control *sc, + struct lruvec *lruvec) +{ + unsigned long file, anon, free; + unsigned long mem_limit, memsw_usage, mem_high; + unsigned long pages_min; + + if (!cgroup_reclaim(sc)) + return false; + + file = lruvec_lru_size(lruvec, LRU_INACTIVE_FILE, sc->reclaim_idx) + + lruvec_lru_size(lruvec, LRU_ACTIVE_FILE, sc->reclaim_idx); + mem_limit = READ_ONCE(memcg->memory.max); + memsw_usage = page_counter_read(&memcg->memsw); + mem_high = READ_ONCE(memcg->memory.high); + anon = lruvec_lru_size(lruvec, LRU_INACTIVE_ANON, sc->reclaim_idx); + free = mem_limit > memsw_usage ? mem_limit - memsw_usage : 0; + pages_min = mem_limit > mem_high ? (mem_limit - mem_high) >> 2 : 0; + + return (file + free <= pages_min) && + !(sc->may_deactivate & DEACTIVATE_ANON) && + (anon >> sc->priority); +} +#endif + enum scan_balance { SCAN_EQUAL, SCAN_FRACT, SCAN_ANON, SCAN_FILE, +#ifdef CONFIG_MEMCG_EARLY_OOM + SCAN_NONE, +#endif }; /* @@ -2498,6 +2549,20 @@ static void get_scan_count(struct lruvec *lruvec, struct scan_control *sc, unsigned long ap, fp; enum lru_list lru; +#ifdef CONFIG_MEMCG_EARLY_OOM + /* + * if both file and anon pages are deemed non-reclaimable, + * we deliberately stop reclaiming early to trigger OOM killer + * faster. + */ + if (cgroup_reclaim(sc) && + is_swap_over_limit(memcg) && + memcg_should_skip_file_reclaim(memcg, sc, lruvec)) { + scan_balance = SCAN_NONE; + goto out; + } +#endif + if (sc->not_file) { scan_balance = SCAN_ANON; goto out; @@ -2543,7 +2608,12 @@ static void get_scan_count(struct lruvec *lruvec, struct scan_control *sc, /* * If the system is almost out of file pages, force-scan anon. */ +#ifdef CONFIG_MEMCG_EARLY_OOM + if (sc->file_is_tiny || + memcg_should_skip_file_reclaim(memcg, sc, lruvec)) { +#else if (sc->file_is_tiny) { +#endif scan_balance = SCAN_ANON; goto out; } @@ -2687,6 +2757,11 @@ static void get_scan_count(struct lruvec *lruvec, struct scan_control *sc, if ((scan_balance == SCAN_FILE) != file) scan = 0; break; +#ifdef CONFIG_MEMCG_EARLY_OOM + case SCAN_NONE: + scan = 0; + break; +#endif default: /* Look ma, no brain */ BUG(); -- 2.33.0

2 1

Re: [PATCH OLK-5.10] memcg: introduce memcg early oom feature
by 赵学栋 05 Sep '25

05 Sep '25

On 2025/9/4 15:52, wangkefeng.wang wrote: >> meituan inclusion >> category: feature >> bugzilla: https://gitee.com/openeuler/kernel/issues/ICTXDJ >> CVE: NA >> >> -------------------------------- >> >> Introduce memcg early oom feature to trigger OOM killer earlier; >> this feature is disabled by default. > > >Could we add a mechanism like file_is_tiny for cgroup ？ > >> >> Signed-off-by: Zhao Xuedong <zhaoxuedong(a)meituan.com> >> --- >> mm/Kconfig | 14 ++++++++++ >> mm/vmscan.c | 73 +++++++++++++++++++++++++++++++++++++++++++++++++++++ >> 2 files changed, 87 insertions(+) >> >> diff --git a/mm/Kconfig b/mm/Kconfig >> index cc43f5124cb3..89bcb73b6a5b 100644 >> --- a/mm/Kconfig >> +++ b/mm/Kconfig >> @@ -521,6 +521,20 @@ config MEMCG_SWAP_QOS >> memcg swap control include memory force swapin, swapfile control >> and swap limit. >> >> +config MEMCG_EARLY_OOM >> + bool "Enable aggressive memcg OOM killing under memory pressure" >> + depends on MEMCG >> + depends on X86 || ARM64 >> + default n >> + help >> + MEMCG_EARLY_OOM makes memory cgroups trigger OOM killer earlier >> + and more aggressively when under memory pressure, rather than >> + attempting to reclaim very small amounts of file pages through >> + prolonged reclaim attempts. >> + >> + Say "y" if you prefer fast OOM kills over prolonged reclaim >> + attempts. >> + >> config ETMEM_SCAN >> tristate "module: etmem page scan for etmem support" >> depends on ETMEM >> diff --git a/mm/vmscan.c b/mm/vmscan.c >> index e82d7995b548..622122473f06 100644 >> --- a/mm/vmscan.c >> +++ b/mm/vmscan.c >> @@ -2470,11 +2470,62 @@ static bool inactive_is_low(struct lruvec *lruvec, enum lru_list inactive_lru) >> return inactive * inactive_ratio < active; >> } >> >> +#ifdef CONFIG_MEMCG_EARLY_OOM >> +/* Check if swap usage is over the limit for cgroupv1. */ >> +static bool is_swap_over_limit(struct mem_cgroup *memcg) >> +{ >> + unsigned long mem_limit = READ_ONCE(memcg->memory.max); >> + unsigned long memsw_limit = READ_ONCE(memcg->memsw.max); >> + >> + if (memsw_limit <= mem_limit) >> + return false; >> + >> + return (page_counter_read(&memcg->memsw) - >> + page_counter_read(&memcg->memory)) > >> + (memsw_limit - mem_limit); >> +} >> + >> +/* >> + * Check if file cache is too small to reclaim and anonymous pages are reclaimable. >> + * Returns true if: >> + * 1. File cache (+ free space) is below the minimum threshold (pages_min), AND >> + * 2. Anonymous pages are allowed to be deactivated, AND >> + * 3. Anonymous pages are abundant relative to reclaim priority >> + */ >> +static bool memcg_should_skip_file_reclaim(struct mem_cgroup *memcg, >> + struct scan_control *sc, >> + struct lruvec *lruvec) >> +{ >> + unsigned long file, anon, free; >> + unsigned long mem_limit, memsw_usage, mem_high; >> + unsigned long pages_min; >> + >> + if (!cgroup_reclaim(sc)) >> + return false; >> + >> + file = lruvec_lru_size(lruvec, LRU_INACTIVE_FILE, sc->reclaim_idx) + >> + lruvec_lru_size(lruvec, LRU_ACTIVE_FILE, sc->reclaim_idx); >> + mem_limit = READ_ONCE(memcg->memory.max); >> + memsw_usage = page_counter_read(&memcg->memsw); >> + mem_high = READ_ONCE(memcg->memory.high); >> + anon = lruvec_lru_size(lruvec, LRU_INACTIVE_ANON, sc->reclaim_idx); >> + free = mem_limit > memsw_usage ? mem_limit - memsw_usage : 0; >> + pages_min = mem_limit > mem_high ? (mem_limit - mem_high) >> 2 : 0; >> + >> + return (file + free <= pages_min) && >> + !(sc->may_deactivate & DEACTIVATE_ANON) && >> + (anon >> sc->priority); >> +} >> +#endif >> + >> enum scan_balance { >> SCAN_EQUAL, >> SCAN_FRACT, >> SCAN_ANON, >> SCAN_FILE, >> +#ifdef CONFIG_MEMCG_EARLY_OOM >> + SCAN_NONE, >> +#endif >> }; >> >> /* >> @@ -2498,6 +2549,20 @@ static void get_scan_count(struct lruvec *lruvec, struct scan_control *sc, >> unsigned long ap, fp; >> enum lru_list lru; >> >> +#ifdef CONFIG_MEMCG_EARLY_OOM >> + /* >> + * if both file and anon pages are deemed non-reclaimable, >> + * we deliberately stop reclaiming early to trigger OOM killer >> + * faster. >> + */ >> + if (cgroup_reclaim(sc) && >> + is_swap_over_limit(memcg) && >> + memcg_should_skip_file_reclaim(memcg, sc, lruvec)) { >> + scan_balance = SCAN_NONE; >> + goto out; >> + } >> +#endif >> + > >Maybe check file in prepare_scan_count() like global reclaim ? > > if (!cgroup_reclaim(sc)) { > sc->file_is_tiny = global file check >} else { > sc->file_is_tniy = cgroup file check >} > > This patch appears inspired by the file_is_tiny approach, there are two considerations regarding its application to memcg reclaim: 1.Is placing file_is_tiny in scan_control (sc) appropriate for memcg reclaim? Since sc represents the reclaim policy that propagates to both target memcg and all its children, this might be too broad. 2.Where should we actually set file_is_tiny? If we keep it in sc and set it during prepare_scan_count, it would enforce the same policy across both target memcg and its descendants - even when some of them actually maintain sufficient file pages. This seems suboptimal. > > >> if (sc->not_file) { >> scan_balance = SCAN_ANON; >> goto out; >> @@ -2543,7 +2608,12 @@ static void get_scan_count(struct lruvec *lruvec, struct scan_control *sc, >> /* >> * If the system is almost out of file pages, force-scan anon. >> */ >> +#ifdef CONFIG_MEMCG_EARLY_OOM >> + if (sc->file_is_tiny || >> + memcg_should_skip_file_reclaim(memcg, sc, lruvec)) { >> +#else >> if (sc->file_is_tiny) { >> +#endif >> scan_balance = SCAN_ANON; >> goto out; >> } >> @@ -2687,6 +2757,9 @@ static void get_scan_count(struct lruvec *lruvec, struct scan_control *sc, >> if ((scan_balance == SCAN_FILE) != file) >> scan = 0; >> break; >> + case SCAN_NONE: >> + scan = 0; >> + break; >> default: >> /* Look ma, no brain */ >> BUG();

1 0

[PATCH openEuler-1.0-LTS] x86/smp: ignore reboot IPI when stopping_cpu contains value
by Lin Yujun 05 Sep '25

05 Sep '25

From: Yipeng Zou <zouyipeng(a)huawei.com> hulk inclusion category: bugfix bugzilla: 190750 CVE: NA ------------------------ Recently, A issue has been reported that CPU hang in x86 VM. The CPU halted during Kdump likely due to IPI issues when one CPU was rebooting and another was in Kdump: CPU0 CPU2 ======================== ====================== reboot Panic machine shutdown Kdump machine shutdown stop other cpus kdump_nmi_shootdown_cpus ... ... local_irq_disable local_irq_disable send_IPIs(REBOOT) [critical regions] [critical regions] 1) send_IPIs(REBOOT) wait timeout 2) send_IPIs(NMI); Halt,NMI context 3) lapic_shutdown [IPI is pending] ... second kernel start 4) init_bsp_APIC [IPI is pending] ... local irq enable Halt, IPI context In simple terms, when the Kdump jump to the second kernel, the IPI that was pending in the first kernel remains and is responded to by the second kernel. As the reboot IPI can only be sent after acquiring @stopping_cpu by storing the CPU number, this case can be detected when @stopping_cpu contains the bootup value -1. Just return and ignore it. Fixes: 9c7af565c58e (“centos 8.1: import linux-4.18.0-147.5.1.el8_1”) Signed-off-by: Yipeng Zou <zouyipeng(a)huawei.com> Signed-off-by: Lin Yujun <linyujun809(a)h-partners.com> --- arch/x86/kernel/smp.c | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) diff --git a/arch/x86/kernel/smp.c b/arch/x86/kernel/smp.c index b2b87b91f336..07ccda0ad531 100644 --- a/arch/x86/kernel/smp.c +++ b/arch/x86/kernel/smp.c @@ -176,6 +176,29 @@ static int smp_stop_nmi_callback(unsigned int val, struct pt_regs *regs) asmlinkage __visible void smp_reboot_interrupt(void) { ipi_entering_ack_irq(); + + /* + * Handle the case where a reboot IPI is stale in the IRR. This + * happens when: + * + * a CPU crashes with interrupts disabled before handling the + * reboot IPI and jumps into a crash kernel. The reboot IPI + * vector is kept set in the APIC IRR across the APIC soft + * disabled phase and as there is no way to clear a pending IRR + * bit, it is delivered to the crash kernel immediately when + * interrupts are enabled. + * + * As the reboot IPI can only be sent after acquiring @stopping_cpu + * by storing the CPU number, this case can be detected when + * @stopping_cpu contains the bootup value -1. Just return and + * ignore it. + */ + if (atomic_read(&stopping_cpu) == -1) { + pr_info("Ignoring stale reboot IPI\n"); + irq_exit(); + return; + } + cpu_emergency_vmxoff(); stop_this_cpu(NULL); irq_exit(); -- 2.34.1

2 1

[openeuler:openEuler-1.0-LTS] BUILD REGRESSION 1668dbce6652e9dda648454d3f23d43f913bc9b4
by kernel test robot 05 Sep '25

05 Sep '25

tree/branch: https://gitee.com/openeuler/kernel.git openEuler-1.0-LTS branch HEAD: 1668dbce6652e9dda648454d3f23d43f913bc9b4 !17891 wifi: mac80211: reject TDLS operations when station is not associated Error/Warning (recently discovered and may have been fixed): https://lore.kernel.org/oe-kbuild-all/202508070154.VYnxHXi4-lkp@intel.com https://lore.kernel.org/oe-kbuild-all/202508070349.2ODYAkPf-lkp@intel.com https://lore.kernel.org/oe-kbuild-all/202508070424.1zkCZb3G-lkp@intel.com https://lore.kernel.org/oe-kbuild-all/202508301637.4sfu6N2M-lkp@intel.com https://lore.kernel.org/oe-kbuild-all/202509020546.DO94LENh-lkp@intel.com https://lore.kernel.org/oe-kbuild-all/202509020919.PwhZw5yj-lkp@intel.com block/bio-integrity.c:41:6: warning: no previous prototype for function '__bio_integrity_free' [-Wmissing-prototypes] block/blk-cgroup.c:1851: warning: Function parameter or member 'q' not described in 'blkcg_schedule_throttle' block/blk-cgroup.c:1851: warning: Function parameter or member 'use_memdelay' not described in 'blkcg_schedule_throttle' block/blk-cgroup.c:1876: warning: Function parameter or member 'blkg' not described in 'blkcg_add_delay' block/blk-cgroup.c:1876: warning: Function parameter or member 'delta' not described in 'blkcg_add_delay' block/blk-cgroup.c:1876: warning: Function parameter or member 'now' not described in 'blkcg_add_delay' block/blk-mq-sched.c:220:5: warning: no previous prototype for function '__blk_mq_sched_dispatch_requests' [-Wmissing-prototypes] block/genhd.c:642:5: warning: no previous prototype for function 'disk_scan_partitions' [-Wmissing-prototypes] crypto/sm4_generic.o: warning: objtool: missing symbol for section .text mm/.tmp_ioremap.o: warning: objtool: missing symbol for section .text mm/ioremap.o: warning: objtool: missing symbol for section .text mm/khugepaged.c:1387: warning: Function parameter or member 'reliable' not described in 'collapse_shmem' mm/maccess.c:85:6: warning: no previous prototype for function '__probe_user_read' [-Wmissing-prototypes] Error/Warning ids grouped by kconfigs: recent_errors |-- arm64-allmodconfig | |-- block-blk-cgroup.c:warning:Function-parameter-or-member-blkg-not-described-in-blkcg_add_delay | |-- block-blk-cgroup.c:warning:Function-parameter-or-member-delta-not-described-in-blkcg_add_delay | |-- block-blk-cgroup.c:warning:Function-parameter-or-member-now-not-described-in-blkcg_add_delay | |-- block-blk-cgroup.c:warning:Function-parameter-or-member-q-not-described-in-blkcg_schedule_throttle | |-- block-blk-cgroup.c:warning:Function-parameter-or-member-use_memdelay-not-described-in-blkcg_schedule_throttle | |-- block-blk-io-hierarchy-iodump.c:warning:no-previous-prototype-for-__bio_stage_hierarchy_start | |-- drivers-net-ethernet-3snic-sssnic-hw-sss_hwdev_init.c:error:no-previous-prototype-for-sss_deinit_hwdev | |-- drivers-net-ethernet-3snic-sssnic-hw-sss_hwdev_init.c:error:no-previous-prototype-for-sss_hwdev_detach | |-- drivers-net-ethernet-3snic-sssnic-hw-sss_hwdev_init.c:error:no-previous-prototype-for-sss_hwdev_shutdown | |-- drivers-net-ethernet-3snic-sssnic-hw-sss_hwdev_init.c:error:no-previous-prototype-for-sss_hwdev_stop | |-- drivers-net-ethernet-3snic-sssnic-hw-sss_hwdev_init.c:error:no-previous-prototype-for-sss_init_hwdev | |-- drivers-net-ethernet-3snic-sssnic-hw-sss_hwdev_init.c:error:variable-fault_level-set-but-not-used | |-- drivers-net-ethernet-3snic-sssnic-hw-sss_hwdev_init.c:error:variable-pcie_src-set-but-not-used | |-- drivers-net-ethernet-3snic-sssnic-hw-sss_hwdev_io_flush.c:error:no-previous-prototype-for-sss_hwdev_flush_io | |-- drivers-net-ethernet-3snic-sssnic-hw-sss_hwdev_mgmt_info.c:error:no-previous-prototype-for-sss_deinit_mgmt_info | |-- drivers-net-ethernet-3snic-sssnic-hw-sss_hwdev_mgmt_info.c:error:no-previous-prototype-for-sss_init_mgmt_info | |-- drivers-net-ethernet-3snic-sssnic-hw-sss_hwif_adm.c:error:no-previous-prototype-for-sss_sync_send_adm_msg | |-- drivers-net-ethernet-3snic-sssnic-hw-sss_hwif_adm_init.c:error:no-previous-prototype-for-sss_complete_adm_event | |-- drivers-net-ethernet-3snic-sssnic-hw-sss_hwif_adm_init.c:error:no-previous-prototype-for-sss_hwif_deinit_adm | |-- drivers-net-ethernet-3snic-sssnic-hw-sss_hwif_adm_init.c:error:no-previous-prototype-for-sss_hwif_init_adm | |-- drivers-net-ethernet-3snic-sssnic-hw-sss_hwif_ceq.c:error:no-previous-prototype-for-sss_ceq_intr_handle | |-- drivers-net-ethernet-3snic-sssnic-hw-sss_hwif_ceq.c:error:no-previous-prototype-for-sss_init_ceqe_desc | |-- drivers-net-ethernet-3snic-sssnic-hw-sss_hwif_ctrlq_init.c:error:no-previous-prototype-for-sss_ctrlq_flush_sync_cmd | |-- drivers-net-ethernet-3snic-sssnic-hw-sss_hwif_ctrlq_init.c:error:no-previous-prototype-for-sss_deinit_ctrlq | |-- drivers-net-ethernet-3snic-sssnic-hw-sss_hwif_ctrlq_init.c:error:no-previous-prototype-for-sss_deinit_ctrlq_channel | |-- drivers-net-ethernet-3snic-sssnic-hw-sss_hwif_ctrlq_init.c:error:no-previous-prototype-for-sss_init_ctrlq_channel | |-- drivers-net-ethernet-3snic-sssnic-hw-sss_hwif_ctrlq_init.c:error:no-previous-prototype-for-sss_reinit_ctrlq_ctx | |-- drivers-net-ethernet-3snic-sssnic-hw-sss_hwif_ctrlq_init.c:error:no-previous-prototype-for-sss_wait_ctrlq_stop | |-- drivers-net-ethernet-3snic-sssnic-hw-sss_hwif_export.c:error:no-previous-prototype-for-sss_alloc_db_addr | |-- drivers-net-ethernet-3snic-sssnic-hw-sss_hwif_export.c:error:no-previous-prototype-for-sss_chip_set_msix_auto_mask | |-- drivers-net-ethernet-3snic-sssnic-hw-sss_hwif_export.c:error:no-previous-prototype-for-sss_chip_set_msix_state | |-- drivers-net-ethernet-3snic-sssnic-hw-sss_hwif_export.c:error:no-previous-prototype-for-sss_free_db_addr | |-- drivers-net-ethernet-3snic-sssnic-hw-sss_hwif_export.c:error:no-previous-prototype-for-sss_get_func_type | |-- drivers-net-ethernet-3snic-sssnic-hw-sss_hwif_export.c:error:no-previous-prototype-for-sss_get_glb_pf_vf_offset | |-- drivers-net-ethernet-3snic-sssnic-hw-sss_hwif_export.c:error:no-previous-prototype-for-sss_get_global_func_id | |-- drivers-net-ethernet-3snic-sssnic-hw-sss_hwif_export.c:error:no-previous-prototype-for-sss_get_pcie_itf_id | |-- drivers-net-ethernet-3snic-sssnic-hw-sss_hwif_export.c:error:no-previous-prototype-for-sss_get_pf_id_of_vf | |-- drivers-net-ethernet-3snic-sssnic-hw-sss_hwif_export.c:error:no-previous-prototype-for-sss_get_ppf_id | |-- drivers-net-ethernet-3snic-sssnic-hw-sss_hwif_irq.c:error:no-previous-prototype-for-sss_deinit_irq_info | |-- drivers-net-ethernet-3snic-sssnic-hw-sss_hwif_irq.c:error:no-previous-prototype-for-sss_init_irq_info | |-- drivers-net-ethernet-3snic-sssnic-hw-sss_hwif_mbx_init.c:error:no-previous-prototype-for-sss_hwif_deinit_mbx | |-- drivers-net-ethernet-3snic-sssnic-hw-sss_hwif_mbx_init.c:error:no-previous-prototype-for-sss_hwif_init_mbx | |-- drivers-net-ethernet-3snic-sssnic-hw-sss_hwif_mbx_init.c:error:no-previous-prototype-for-sss_init_func_mbx_msg | |-- drivers-net-ethernet-3snic-sssnic-hw-sss_hwif_mbx_init.c:error:no-previous-prototype-for-sss_recv_mbx_aeq_handler | |-- drivers-net-ethernet-3snic-sssnic-hw-sss_hwif_mgmt_init.c:error:no-previous-prototype-for-sss_flush_mgmt_workq | |-- drivers-net-ethernet-3snic-sssnic-hw-sss_hwif_mgmt_init.c:error:no-previous-prototype-for-sss_force_complete_all | |-- drivers-net-ethernet-3snic-sssnic-hw-sss_hwif_mgmt_init.c:error:no-previous-prototype-for-sss_mgmt_msg_aeqe_handler | |-- drivers-net-ethernet-3snic-sssnic-hw-sss_pci_error.c:error:no-previous-prototype-for-sss_detect_pci_error | |-- drivers-net-ethernet-3snic-sssnic-hw-sss_pci_global.c:error:no-previous-prototype-for-sss_attach_is_enable | |-- drivers-net-ethernet-3snic-sssnic-hw-sss_pci_global.c:error:no-previous-prototype-for-sss_get_uld_info | |-- drivers-net-ethernet-3snic-sssnic-hw-sss_pci_global.c:error:no-previous-prototype-for-sss_get_uld_names | |-- drivers-net-ethernet-3snic-sssnic-hw-sss_pci_global.c:error:no-previous-prototype-for-sss_init_uld_lock | |-- drivers-net-ethernet-3snic-sssnic-hw-sss_pci_global.c:error:no-previous-prototype-for-sss_lock_uld | |-- drivers-net-ethernet-3snic-sssnic-hw-sss_pci_global.c:error:no-previous-prototype-for-sss_unlock_uld | |-- drivers-net-ethernet-3snic-sssnic-hw-sss_pci_probe.c:error:no-previous-prototype-for-sss_attach_uld_driver | |-- drivers-net-ethernet-3snic-sssnic-hw-sss_pci_probe.c:error:no-previous-prototype-for-sss_pci_probe | |-- drivers-net-ethernet-3snic-sssnic-hw-sss_pci_remove.c:error:no-previous-prototype-for-sss_deinit_adapter | |-- drivers-net-ethernet-3snic-sssnic-hw-sss_pci_remove.c:error:no-previous-prototype-for-sss_deinit_function | |-- drivers-net-ethernet-3snic-sssnic-hw-sss_pci_remove.c:error:no-previous-prototype-for-sss_deinit_pci_dev | |-- drivers-net-ethernet-3snic-sssnic-hw-sss_pci_remove.c:error:no-previous-prototype-for-sss_detach_all_uld_driver | |-- drivers-net-ethernet-3snic-sssnic-hw-sss_pci_remove.c:error:no-previous-prototype-for-sss_detach_uld_driver | |-- drivers-net-ethernet-3snic-sssnic-hw-sss_pci_remove.c:error:no-previous-prototype-for-sss_dettach_uld_dev | |-- drivers-net-ethernet-3snic-sssnic-hw-sss_pci_remove.c:error:no-previous-prototype-for-sss_pci_remove | |-- drivers-net-ethernet-3snic-sssnic-hw-sss_pci_remove.c:error:no-previous-prototype-for-sss_unmap_pci_bar | |-- drivers-net-ethernet-3snic-sssnic-hw-sss_pci_shutdown.c:error:no-previous-prototype-for-sss_pci_shutdown | |-- drivers-net-ethernet-3snic-sssnic-nic-sss_nic_ethtool.c:error:no-previous-prototype-for-sss_nic_set_ethtool_ops | |-- drivers-net-ethernet-3snic-sssnic-nic-sss_nic_ethtool_stats.c:error:no-previous-prototype-for-sss_nic_get_strings | |-- drivers-net-ethernet-3snic-sssnic-nic-sss_nic_filter.c:error:no-previous-prototype-for-sss_nic_set_rx_mode_work | |-- drivers-net-ethernet-3snic-sssnic-nic-sss_nic_irq.c:error:no-previous-prototype-for-sss_nic_release_qp_irq | |-- drivers-net-ethernet-3snic-sssnic-nic-sss_nic_irq.c:error:no-previous-prototype-for-sss_nic_request_qp_irq | |-- drivers-net-ethernet-3snic-sssnic-nic-sss_nic_main.c:error:no-previous-prototype-for-get_nic_uld_info | |-- drivers-net-ethernet-3snic-sssnic-nic-sss_nic_main.c:error:no-previous-prototype-for-sss_nic_port_module_link_err | |-- drivers-net-ethernet-3snic-sssnic-nic-sss_nic_netdev_ops.c:error:no-previous-prototype-for-sss_nic_set_netdev_ops | |-- drivers-net-ethernet-3snic-sssnic-nic-sss_nic_ntuple.c:error:no-previous-prototype-for-sss_nic_ethtool_delete_flow | |-- drivers-net-ethernet-3snic-sssnic-nic-sss_nic_ntuple.c:error:no-previous-prototype-for-sss_nic_ethtool_get_flow | |-- drivers-net-ethernet-3snic-sssnic-nic-sss_nic_ntuple.c:error:no-previous-prototype-for-sss_nic_ethtool_update_flow | |-- drivers-net-ethernet-3snic-sssnic-nic-sss_nic_ntuple.c:error:no-previous-prototype-for-sss_nic_flush_rx_flow_rule | |-- drivers-net-ethernet-3snic-sssnic-nic-sss_nic_ntuple.c:error:no-previous-prototype-for-sss_nic_flush_tcam | |-- drivers-net-ethernet-3snic-sssnic-nic-sss_nic_ntuple.c:error:no-previous-prototype-for-sss_nic_flush_tcam_list | |-- drivers-net-ethernet-3snic-sssnic-nic-sss_nic_rx_init.c:error:no-previous-prototype-for-sss_nic_alloc_rq_res_group | |-- drivers-net-ethernet-3snic-sssnic-nic-sss_nic_rx_init.c:error:no-previous-prototype-for-sss_nic_free_rq_desc_group | |-- drivers-net-ethernet-3snic-sssnic-nic-sss_nic_rx_init.c:error:no-previous-prototype-for-sss_nic_free_rq_res_group | |-- drivers-net-ethernet-3snic-sssnic-nic-sss_nic_rx_init.c:error:no-previous-prototype-for-sss_nic_init_rq_desc_group | |-- drivers-net-ethernet-3snic-sssnic-nic-sss_nic_rx_init.c:error:no-previous-prototype-for-sss_nic_reset_rx_rss | |-- drivers-net-ethernet-3snic-sssnic-nic-sss_nic_rx_init.c:error:no-previous-prototype-for-sss_nic_update_rx_rss | |-- drivers-net-ethernet-3snic-sssnic-nic-sss_nic_tx_init.c:error:no-previous-prototype-for-sss_nic_alloc_sq_resource | |-- drivers-net-ethernet-3snic-sssnic-nic-sss_nic_tx_init.c:error:no-previous-prototype-for-sss_nic_flush_all_sq | |-- drivers-net-ethernet-3snic-sssnic-nic-sss_nic_tx_init.c:error:no-previous-prototype-for-sss_nic_free_sq_desc_group | |-- drivers-net-ethernet-3snic-sssnic-nic-sss_nic_tx_init.c:error:no-previous-prototype-for-sss_nic_free_sq_resource | |-- drivers-net-ethernet-3snic-sssnic-nic-sss_nic_tx_init.c:error:no-previous-prototype-for-sss_nic_init_all_sq | |-- drivers-pinctrl-core.c:error:Cannot-parse-struct-or-union | |-- include-linux-printk.h:warning:this-statement-may-fall-through | |-- include-linux-signal.h:warning:this-statement-may-fall-through | |-- init-calibrate.c:warning:no-previous-prototype-for-calibration_delay_done | |-- mm-khugepaged.c:warning:Function-parameter-or-member-reliable-not-described-in-collapse_shmem | |-- mm-memcontrol.c:warning:bad-line:otherwise. | `-- mm-rodata_test.c:warning:no-previous-prototype-for-rodata_test |-- arm64-allnoconfig | |-- include-linux-list.h:warning:storing-the-address-of-local-variable-wait-in-((struct-list_head-)x)-.prev | |-- include-linux-list.h:warning:storing-the-address-of-local-variable-waiter-in-(struct-list_head-)((char-)sem-).prev | |-- include-linux-mempolicy.h:warning:__do_mbind-defined-but-not-used | |-- include-linux-printk.h:warning:this-statement-may-fall-through | |-- include-linux-signal.h:warning:this-statement-may-fall-through | |-- init-calibrate.c:warning:no-previous-prototype-for-calibration_delay_done | |-- mm-memory.c:error:implicit-declaration-of-function-hugetlb_insert_hugepage_pte_by_pa | |-- mm-rmap.c:warning:no-previous-prototype-for-is_vma_temporary_stack | |-- mm-rmap.c:warning:variable-cstart-set-but-not-used | `-- mm-vmscan.c:error:implicit-declaration-of-function-kernel_swap_enabled |-- arm64-randconfig-001-20250904 | |-- drivers-pinctrl-core.c:error:Cannot-parse-struct-or-union | |-- include-linux-printk.h:warning:this-statement-may-fall-through | |-- include-linux-signal.h:warning:this-statement-may-fall-through | |-- init-calibrate.c:warning:no-previous-prototype-for-calibration_delay_done | |-- mm-memcontrol.c:warning:bad-line:otherwise. | |-- mm-rmap.c:warning:no-previous-prototype-for-is_vma_temporary_stack | |-- mm-rmap.c:warning:variable-cstart-set-but-not-used | `-- mm-rodata_test.c:warning:no-previous-prototype-for-rodata_test |-- arm64-randconfig-002-20250904 | |-- block-blk-cgroup.c:warning:Function-parameter-or-member-blkg-not-described-in-blkcg_add_delay | |-- block-blk-cgroup.c:warning:Function-parameter-or-member-delta-not-described-in-blkcg_add_delay | |-- block-blk-cgroup.c:warning:Function-parameter-or-member-now-not-described-in-blkcg_add_delay | |-- block-blk-cgroup.c:warning:Function-parameter-or-member-q-not-described-in-blkcg_schedule_throttle | |-- block-blk-cgroup.c:warning:Function-parameter-or-member-use_memdelay-not-described-in-blkcg_schedule_throttle | |-- drivers-pinctrl-core.c:error:Cannot-parse-struct-or-union | |-- include-linux-mempolicy.h:warning:__do_mbind-defined-but-not-used | |-- include-linux-printk.h:warning:this-statement-may-fall-through | |-- include-linux-signal.h:warning:this-statement-may-fall-through | |-- init-calibrate.c:warning:no-previous-prototype-for-calibration_delay_done | |-- mm-khugepaged.c:warning:Function-parameter-or-member-reliable-not-described-in-collapse_shmem | `-- mm-rodata_test.c:warning:no-previous-prototype-for-rodata_test |-- arm64-randconfig-003-20250904 | |-- drivers-pinctrl-core.c:error:Cannot-parse-struct-or-union | |-- include-linux-mempolicy.h:warning:__do_mbind-defined-but-not-used | |-- include-linux-printk.h:warning:this-statement-may-fall-through | |-- include-linux-signal.h:warning:this-statement-may-fall-through | |-- init-calibrate.c:warning:no-previous-prototype-for-calibration_delay_done | |-- mm-memory.c:error:implicit-declaration-of-function-hugetlb_insert_hugepage_pte_by_pa | |-- mm-rmap.c:warning:no-previous-prototype-for-is_vma_temporary_stack | |-- mm-rmap.c:warning:variable-cstart-set-but-not-used | `-- mm-vmscan.c:error:implicit-declaration-of-function-kernel_swap_enabled |-- arm64-randconfig-r121-20250729 | |-- include-linux-mem_reliable.h:sparse:sparse:restricted-gfp_t-degrades-to-integer | `-- mm-mem_reliable.c:sparse:sparse:symbol-reliable_limit_handler-was-not-declared.-Should-it-be-static |-- x86_64-allnoconfig | |-- mm-ioremap.o:warning:objtool:missing-symbol-for-section-.text | |-- mm-maccess.c:warning:no-previous-prototype-for-function-__probe_user_read | |-- mm-rmap.c:warning:variable-cstart-set-but-not-used | `-- mm-vmscan.c:error:implicit-declaration-of-function-kernel_swap_enabled-Werror-Wimplicit-function-declaration |-- x86_64-allyesconfig | |-- block-bio-integrity.c:warning:no-previous-prototype-for-function-__bio_integrity_free | |-- block-blk-cgroup.c:warning:Function-parameter-or-member-blkg-not-described-in-blkcg_add_delay | |-- block-blk-cgroup.c:warning:Function-parameter-or-member-delta-not-described-in-blkcg_add_delay | |-- block-blk-cgroup.c:warning:Function-parameter-or-member-now-not-described-in-blkcg_add_delay | |-- block-blk-cgroup.c:warning:Function-parameter-or-member-q-not-described-in-blkcg_schedule_throttle | |-- block-blk-cgroup.c:warning:Function-parameter-or-member-use_memdelay-not-described-in-blkcg_schedule_throttle | |-- block-blk-mq-sched.c:warning:no-previous-prototype-for-function-__blk_mq_sched_dispatch_requests | |-- block-blk-wbt.c:warning:no-previous-prototype-for-function-wbt_issue | |-- block-blk-wbt.c:warning:no-previous-prototype-for-function-wbt_requeue | |-- block-genhd.c:warning:no-previous-prototype-for-function-disk_scan_partitions | |-- drivers-pinctrl-core.c:error:Cannot-parse-struct-or-union | |-- mm-.tmp_ioremap.o:warning:objtool:missing-symbol-for-section-.text | |-- mm-khugepaged.c:warning:Function-parameter-or-member-reliable-not-described-in-collapse_shmem | |-- mm-maccess.c:warning:no-previous-prototype-for-function-__probe_user_read | |-- mm-memcontrol.c:warning:bad-line:otherwise. | `-- mm-rmap.c:warning:variable-cstart-set-but-not-used |-- x86_64-buildonly-randconfig-002-20250904 | |-- block-blk-cgroup.c:warning:Function-parameter-or-member-blkg-not-described-in-blkcg_add_delay | |-- block-blk-cgroup.c:warning:Function-parameter-or-member-delta-not-described-in-blkcg_add_delay | |-- block-blk-cgroup.c:warning:Function-parameter-or-member-now-not-described-in-blkcg_add_delay | |-- block-blk-cgroup.c:warning:Function-parameter-or-member-q-not-described-in-blkcg_schedule_throttle | |-- block-blk-cgroup.c:warning:Function-parameter-or-member-use_memdelay-not-described-in-blkcg_schedule_throttle | |-- block-blk-mq-sched.c:warning:no-previous-prototype-for-function-__blk_mq_sched_dispatch_requests | |-- block-blk-wbt.c:warning:no-previous-prototype-for-function-wbt_issue | |-- block-blk-wbt.c:warning:no-previous-prototype-for-function-wbt_requeue | |-- block-genhd.c:warning:no-previous-prototype-for-function-disk_scan_partitions | |-- drivers-pinctrl-core.c:error:Cannot-parse-struct-or-union | |-- mm-hugetlb.c:warning:no-previous-prototype-for-function-free_huge_page_to_dhugetlb_pool | |-- mm-khugepaged.c:warning:Function-parameter-or-member-reliable-not-described-in-collapse_shmem | |-- mm-maccess.c:warning:no-previous-prototype-for-function-__probe_user_read | |-- mm-memcontrol.c:warning:bad-line:otherwise. | `-- mm-rmap.c:warning:variable-cstart-set-but-not-used |-- x86_64-buildonly-randconfig-006-20250904 | |-- crypto-sm4_generic.o:warning:objtool:missing-symbol-for-section-.text | |-- drivers-net-ethernet-netronome-nfp-abm-ctrl.o:warning:objtool:missing-symbol-for-section-.text | |-- drivers-net-ethernet-netronome-nfp-nfp_app.o:warning:objtool:missing-symbol-for-section-.text | |-- drivers-net-wireless-ath-ath6kl-hif.o:warning:objtool:missing-symbol-for-section-.text | |-- drivers-net-wireless-ath-ath6kl-init.o:warning:objtool:missing-symbol-for-section-.text | |-- drivers-pinctrl-core.c:error:Cannot-parse-struct-or-union | |-- mm-debug.o:warning:objtool:missing-symbol-for-section-.text.unlikely. | |-- mm-ioremap.o:warning:objtool:missing-symbol-for-section-.text | |-- mm-maccess.c:warning:no-previous-prototype-for-function-__probe_user_read | |-- mm-page_ext.o:warning:objtool:missing-symbol-for-section-.init.text | |-- mm-page_owner.o:warning:objtool:missing-symbol-for-section-.text.unlikely. | |-- mm-rmap.c:warning:variable-cstart-set-but-not-used | |-- mm-rodata_test.o:warning:objtool:missing-symbol-for-section-.text | `-- mm-vmscan.c:error:implicit-declaration-of-function-kernel_swap_enabled-Werror-Wimplicit-function-declaration `-- x86_64-rhel-9.4-rust |-- block-bio-integrity.c:warning:no-previous-prototype-for-function-__bio_integrity_free |-- block-blk-cgroup.c:warning:Function-parameter-or-member-blkg-not-described-in-blkcg_add_delay |-- block-blk-cgroup.c:warning:Function-parameter-or-member-delta-not-described-in-blkcg_add_delay |-- block-blk-cgroup.c:warning:Function-parameter-or-member-now-not-described-in-blkcg_add_delay |-- block-blk-cgroup.c:warning:Function-parameter-or-member-q-not-described-in-blkcg_schedule_throttle |-- block-blk-cgroup.c:warning:Function-parameter-or-member-use_memdelay-not-described-in-blkcg_schedule_throttle |-- block-blk-mq-sched.c:warning:no-previous-prototype-for-function-__blk_mq_sched_dispatch_requests |-- block-blk-wbt.c:warning:no-previous-prototype-for-function-wbt_issue |-- block-blk-wbt.c:warning:no-previous-prototype-for-function-wbt_requeue |-- block-genhd.c:warning:no-previous-prototype-for-function-disk_scan_partitions |-- drivers-pinctrl-core.c:error:Cannot-parse-struct-or-union |-- mm-hugetlb.c:warning:no-previous-prototype-for-function-free_huge_page_to_dhugetlb_pool |-- mm-khugepaged.c:warning:Function-parameter-or-member-reliable-not-described-in-collapse_shmem |-- mm-maccess.c:warning:no-previous-prototype-for-function-__probe_user_read |-- mm-memcontrol.c:warning:bad-line:otherwise. `-- mm-rmap.c:warning:variable-cstart-set-but-not-used elapsed time: 1158m configs tested: 16 configs skipped: 115 tested configs: arm64 allmodconfig gcc-15.1.0 arm64 allnoconfig gcc-15.1.0 arm64 randconfig-001-20250904 gcc-8.5.0 arm64 randconfig-002-20250904 gcc-8.5.0 arm64 randconfig-003-20250904 gcc-12.5.0 arm64 randconfig-004-20250904 gcc-6.5.0 x86_64 allnoconfig clang-20 x86_64 allyesconfig clang-20 x86_64 buildonly-randconfig-001-20250904 gcc-12 x86_64 buildonly-randconfig-002-20250904 clang-20 x86_64 buildonly-randconfig-003-20250904 gcc-13 x86_64 buildonly-randconfig-004-20250904 gcc-13 x86_64 buildonly-randconfig-005-20250904 gcc-13 x86_64 buildonly-randconfig-006-20250904 clang-20 x86_64 defconfig gcc-11 x86_64 rhel-9.4-rust clang-22 -- 0-DAY CI Kernel Test Service https://github.com/intel/lkp-tests/wiki

1 0

[PATCH OLK-6.6] arm64/mpam: Half the number of RMIDs for all resources under CDP mode
by Zeng Heng 05 Sep '25

05 Sep '25

hulk inclusion category: bugfix bugzilla: https://gitee.com/openeuler/kernel/issues/ICVT5V -------------------------------- Under the ARM64 MPAM architecture, once CDP mode is enabled, the number of RMIDs for all MSC resources is halved indeed, not just those belonging to L2 and L3 MSCs. Fixes: ae6bcabac715 ("arm64/mpam: Fix num_rmids information") Signed-off-by: Zeng Heng <zengheng4(a)huawei.com> --- drivers/platform/mpam/mpam_resctrl.c | 16 ++++++++++------ include/linux/arm_mpam.h | 2 +- 2 files changed, 11 insertions(+), 7 deletions(-) diff --git a/drivers/platform/mpam/mpam_resctrl.c b/drivers/platform/mpam/mpam_resctrl.c index bb350d672836..e77622ec29bf 100644 --- a/drivers/platform/mpam/mpam_resctrl.c +++ b/drivers/platform/mpam/mpam_resctrl.c @@ -101,16 +101,20 @@ bool resctrl_arch_get_cdp_enabled(enum resctrl_res_level rid) } } -int resctrl_arch_set_cdp_enabled(enum resctrl_res_level rid, bool enable) +int resctrl_arch_set_cdp_enabled(enum resctrl_res_level ignored, bool enable) { u64 regval; struct rdt_resource *r; - u32 partid, partid_i, partid_d; + u32 i, partid, partid_i, partid_d; - r = resctrl_arch_get_resource(rid); - r->num_rmid = resctrl_arch_system_num_rmid_idx(); - if (enable) - r->num_rmid >>= 1; + for (i = 0; i < RDT_NUM_RESOURCES; i++) { + r = resctrl_arch_get_resource(i); + if (r->mon_capable) { + r->num_rmid = resctrl_arch_system_num_rmid_idx(); + if (enable) + r->num_rmid >>= 1; + } + } cdp_enabled = enable; diff --git a/include/linux/arm_mpam.h b/include/linux/arm_mpam.h index 0c14f62a0e8f..3a06a8afad7c 100644 --- a/include/linux/arm_mpam.h +++ b/include/linux/arm_mpam.h @@ -74,7 +74,7 @@ bool resctrl_arch_would_mbm_overflow(void); void resctrl_arch_reset_resources(void); bool resctrl_arch_get_cdp_enabled(enum resctrl_res_level ignored); -int resctrl_arch_set_cdp_enabled(enum resctrl_res_level rid, bool enable); +int resctrl_arch_set_cdp_enabled(enum resctrl_res_level ignored, bool enable); bool resctrl_arch_hide_cdp(enum resctrl_res_level rid); bool resctrl_arch_match_closid(struct task_struct *tsk, u32 closid); bool resctrl_arch_match_rmid(struct task_struct *tsk, u32 closid, u32 rmid); -- 2.25.1

2 1

[PATCH OLK-6.6] Bluetooth: hci_sync: fix double free in 'hci_discovery_filter_clear()'
by Fanhua Li 05 Sep '25

05 Sep '25

From: Arseniy Krasnov <avkrasnov(a)salutedevices.com> mainline inclusion from mainline-v6.17-rc1 commit 2935e556850e9c94d7a00adf14d3cd7fe406ac03 category: bugfix bugzilla: https://gitee.com/src-openeuler/kernel/issues/ICU7FZ CVE: CVE-2025-38593 Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id… -------------------------------- Function 'hci_discovery_filter_clear()' frees 'uuids' array and then sets it to NULL. There is a tiny chance of the following race: 'hci_cmd_sync_work()' 'update_passive_scan_sync()' 'hci_update_passive_scan_sync()' 'hci_discovery_filter_clear()' kfree(uuids); <-------------------------preempted--------------------------------> 'start_service_discovery()' 'hci_discovery_filter_clear()' kfree(uuids); // DOUBLE FREE <-------------------------preempted--------------------------------> uuids = NULL; To fix it let's add locking around 'kfree()' call and NULL pointer assignment. Otherwise the following backtrace fires: [ ] ------------[ cut here ]------------ [ ] kernel BUG at mm/slub.c:547! [ ] Internal error: Oops - BUG: 00000000f2000800 [#1] PREEMPT SMP [ ] CPU: 3 UID: 0 PID: 246 Comm: bluetoothd Tainted: G O 6.12.19-kernel #1 [ ] Tainted: [O]=OOT_MODULE [ ] pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ ] pc : __slab_free+0xf8/0x348 [ ] lr : __slab_free+0x48/0x348 ... [ ] Call trace: [ ] __slab_free+0xf8/0x348 [ ] kfree+0x164/0x27c [ ] start_service_discovery+0x1d0/0x2c0 [ ] hci_sock_sendmsg+0x518/0x924 [ ] __sock_sendmsg+0x54/0x60 [ ] sock_write_iter+0x98/0xf8 [ ] do_iter_readv_writev+0xe4/0x1c8 [ ] vfs_writev+0x128/0x2b0 [ ] do_writev+0xfc/0x118 [ ] __arm64_sys_writev+0x20/0x2c [ ] invoke_syscall+0x68/0xf0 [ ] el0_svc_common.constprop.0+0x40/0xe0 [ ] do_el0_svc+0x1c/0x28 [ ] el0_svc+0x30/0xd0 [ ] el0t_64_sync_handler+0x100/0x12c [ ] el0t_64_sync+0x194/0x198 [ ] Code: 8b0002e6 eb17031f 54fffbe1 d503201f (d4210000) [ ] ---[ end trace 0000000000000000 ]--- Fixes: ad383c2c65a5 ("Bluetooth: hci_sync: Enable advertising when LL privacy is enabled") Signed-off-by: Arseniy Krasnov <avkrasnov(a)salutedevices.com> Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz(a)intel.com> Conflicts: include/net/bluetooth/hci_core.h [Fanhua Li: context conflict] Signed-off-by: Fanhua Li <lifanhua5(a)huawei.com> --- include/net/bluetooth/hci_core.h | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/include/net/bluetooth/hci_core.h b/include/net/bluetooth/hci_core.h index 85fbc65f350f..6f875c2b5117 100644 --- a/include/net/bluetooth/hci_core.h +++ b/include/net/bluetooth/hci_core.h @@ -29,6 +29,8 @@ #include <linux/idr.h> #include <linux/leds.h> #include <linux/rculist.h> +#include <linux/spinlock.h> +#include <linux/srcu.h> #include <net/bluetooth/hci.h> #include <net/bluetooth/hci_sync.h> @@ -94,6 +96,7 @@ struct discovery_state { unsigned long scan_start; unsigned long scan_duration; unsigned long name_resolve_timeout; + spinlock_t lock; }; #define SUSPEND_NOTIFIER_TIMEOUT msecs_to_jiffies(2000) /* 2 seconds */ @@ -867,6 +870,7 @@ static inline void iso_recv(struct hci_conn *hcon, struct sk_buff *skb, static inline void discovery_init(struct hci_dev *hdev) { + spin_lock_init(&hdev->discovery.lock); hdev->discovery.state = DISCOVERY_STOPPED; INIT_LIST_HEAD(&hdev->discovery.all); INIT_LIST_HEAD(&hdev->discovery.unknown); @@ -881,10 +885,13 @@ static inline void hci_discovery_filter_clear(struct hci_dev *hdev) hdev->discovery.report_invalid_rssi = true; hdev->discovery.rssi = HCI_RSSI_INVALID; hdev->discovery.uuid_count = 0; + + spin_lock(&hdev->discovery.lock); kfree(hdev->discovery.uuids); hdev->discovery.uuids = NULL; hdev->discovery.scan_start = 0; hdev->discovery.scan_duration = 0; + spin_unlock(&hdev->discovery.lock); } bool hci_discovery_active(struct hci_dev *hdev); -- 2.34.1

2 1

[PATCH OLK-5.10] net/mlx5: Check device memory pointer before usage
by Fanhua Li 05 Sep '25

05 Sep '25

From: Stav Aviram <saviram(a)nvidia.com> mainline inclusion from mainline-v6.17-rc1 commit 70f238c902b8c0461ae6fbb8d1a0bbddc4350eea category: bugfix bugzilla: https://gitee.com/src-openeuler/kernel/issues/ICUC9M CVE: CVE-2025-38645 Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id… -------------------------------- Add a NULL check before accessing device memory to prevent a crash if dev->dm allocation in mlx5_init_once() fails. Fixes: c9b9dcb430b3 ("net/mlx5: Move device memory management to mlx5_core") Signed-off-by: Stav Aviram <saviram(a)nvidia.com> Link: https://patch.msgid.link/c88711327f4d74d5cebc730dc629607e989ca187.175137003… Signed-off-by: Leon Romanovsky <leon(a)kernel.org> Conflicts: drivers/infiniband/hw/mlx5/dm.c drivers/net/ethernet/mellanox/mlx5/core/lib/dm.c drivers/net/ethernet/mellanox/mlx5/core/main.c drivers/infiniband/hw/mlx5/main.c [Fanhua Li: avoid NULL pointer deref when dev->dm is not initialized] Signed-off-by: Fanhua Li <lifanhua5(a)huawei.com> --- drivers/infiniband/hw/mlx5/main.c | 3 +++ drivers/net/ethernet/mellanox/mlx5/core/lib/dm.c | 4 ++-- drivers/net/ethernet/mellanox/mlx5/core/main.c | 3 --- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/drivers/infiniband/hw/mlx5/main.c b/drivers/infiniband/hw/mlx5/main.c index 982be8a8bba8..6baab01526d1 100644 --- a/drivers/infiniband/hw/mlx5/main.c +++ b/drivers/infiniband/hw/mlx5/main.c @@ -2384,6 +2384,9 @@ static int handle_alloc_dm_memic(struct ib_ucontext *ctx, dm->size = roundup(attr->length, MLX5_MEMIC_BASE_SIZE); + if (!dm_db) + return -EOPNOTSUPP; + err = mlx5_cmd_alloc_memic(dm_db, &dm->dev_addr, dm->size, attr->alignment); if (err) diff --git a/drivers/net/ethernet/mellanox/mlx5/core/lib/dm.c b/drivers/net/ethernet/mellanox/mlx5/core/lib/dm.c index 3d5e57ff558c..15ee84a2a470 100644 --- a/drivers/net/ethernet/mellanox/mlx5/core/lib/dm.c +++ b/drivers/net/ethernet/mellanox/mlx5/core/lib/dm.c @@ -25,7 +25,7 @@ struct mlx5_dm *mlx5_dm_create(struct mlx5_core_dev *dev) dm = kzalloc(sizeof(*dm), GFP_KERNEL); if (!dm) - return ERR_PTR(-ENOMEM); + return NULL; spin_lock_init(&dm->lock); @@ -61,7 +61,7 @@ struct mlx5_dm *mlx5_dm_create(struct mlx5_core_dev *dev) err_steering: kfree(dm); - return ERR_PTR(-ENOMEM); + return NULL; } void mlx5_dm_cleanup(struct mlx5_core_dev *dev) diff --git a/drivers/net/ethernet/mellanox/mlx5/core/main.c b/drivers/net/ethernet/mellanox/mlx5/core/main.c index d4712fbc7856..392dfba3d281 100644 --- a/drivers/net/ethernet/mellanox/mlx5/core/main.c +++ b/drivers/net/ethernet/mellanox/mlx5/core/main.c @@ -884,9 +884,6 @@ static int mlx5_init_once(struct mlx5_core_dev *dev) } dev->dm = mlx5_dm_create(dev); - if (IS_ERR(dev->dm)) - mlx5_core_warn(dev, "Failed to init device memory %ld\n", PTR_ERR(dev->dm)); - dev->tracer = mlx5_fw_tracer_create(dev); dev->hv_vhca = mlx5_hv_vhca_create(dev); dev->rsc_dump = mlx5_rsc_dump_create(dev); -- 2.34.1

2 1