From: Wang Yufen wangyufen@huawei.com

hulk inclusion category: feature bugzilla: https://gitee.com/openeuler/kernel/issues/I4PNEK CVE: NA

-------------------------------------------------

Open configs for tcp compression

Signed-off-by: Wang Yufen wangyufen@huawei.com Signed-off-by: Yang Yingliang yangyingliang@huawei.com Signed-off-by: Lu Wei luwei32@huawei.com Reviewed-by: Wei Yongjun weiyongjun1@huawei.com Signed-off-by: Zheng Zengkai zhengzengkai@huawei.com --- arch/arm64/configs/openeuler_defconfig | 5 +++-- arch/x86/configs/openeuler_defconfig | 5 ++++- 2 files changed, 7 insertions(+), 3 deletions(-)

diff --git a/arch/arm64/configs/openeuler_defconfig b/arch/arm64/configs/openeuler_defconfig index 771eb45cb362..d8eda75eb784 100644 --- a/arch/arm64/configs/openeuler_defconfig +++ b/arch/arm64/configs/openeuler_defconfig @@ -1153,6 +1153,7 @@ CONFIG_DEFAULT_CUBIC=y # CONFIG_DEFAULT_RENO is not set CONFIG_DEFAULT_TCP_CONG="cubic" CONFIG_TCP_MD5SIG=y +CONFIG_TCP_COMP=y CONFIG_IPV6=y CONFIG_IPV6_ROUTER_PREF=y CONFIG_IPV6_ROUTE_INFO=y @@ -6636,7 +6637,7 @@ CONFIG_CRYPTO_LZO=y # CONFIG_CRYPTO_842 is not set CONFIG_CRYPTO_LZ4=m CONFIG_CRYPTO_LZ4HC=m -CONFIG_CRYPTO_ZSTD=m +CONFIG_CRYPTO_ZSTD=y

# # Random Number Generation @@ -6775,7 +6776,7 @@ CONFIG_LZO_DECOMPRESS=y CONFIG_LZ4_COMPRESS=m CONFIG_LZ4HC_COMPRESS=m CONFIG_LZ4_DECOMPRESS=y -CONFIG_ZSTD_COMPRESS=m +CONFIG_ZSTD_COMPRESS=y CONFIG_ZSTD_DECOMPRESS=y CONFIG_XZ_DEC=y CONFIG_XZ_DEC_X86=y diff --git a/arch/x86/configs/openeuler_defconfig b/arch/x86/configs/openeuler_defconfig index fc7be06e8054..443299650f6a 100644 --- a/arch/x86/configs/openeuler_defconfig +++ b/arch/x86/configs/openeuler_defconfig @@ -1121,6 +1121,7 @@ CONFIG_DEFAULT_CUBIC=y # CONFIG_DEFAULT_RENO is not set CONFIG_DEFAULT_TCP_CONG="cubic" CONFIG_TCP_MD5SIG=y +CONFIG_TCP_COMP=y CONFIG_IPV6=y CONFIG_IPV6_ROUTER_PREF=y CONFIG_IPV6_ROUTE_INFO=y @@ -8019,7 +8020,7 @@ CONFIG_CRYPTO_LZO=y # CONFIG_CRYPTO_842 is not set # CONFIG_CRYPTO_LZ4 is not set # CONFIG_CRYPTO_LZ4HC is not set -# CONFIG_CRYPTO_ZSTD is not set +CONFIG_CRYPTO_ZSTD=y

# # Random Number Generation @@ -8152,6 +8153,8 @@ CONFIG_ZLIB_DEFLATE=y CONFIG_LZO_COMPRESS=y CONFIG_LZO_DECOMPRESS=y CONFIG_LZ4_DECOMPRESS=y +CONFIG_ZSTD_COMPRESS=y +CONFIG_ZSTD_DECOMPRESS=y CONFIG_ZSTD_DECOMPRESS=y CONFIG_XZ_DEC=y CONFIG_XZ_DEC_X86=y

From: Wang Yufen wangyufen@huawei.com

hulk inclusion category: bugfix bugzilla: https://gitee.com/openeuler/kernel/issues/I47SV5?from=project-issue CVE: NA

-------------------------------------------------

In comp_read_size rxm->offset should be subtracted from skb->len. And use strp_done to release resoureces when destroy sock.

Signed-off-by: Wang Yufen wangyufen@huawei.com Signed-off-by: Yang Yingliang yangyingliang@huawei.com Signed-off-by: Lu Wei luwei32@huawei.com Reviewed-by: Wei Yongjun weiyongjun1@huawei.com Reviewed-by: Wei Yongjun weiyongjun1@huawei.com Signed-off-by: Zheng Zengkai zhengzengkai@huawei.com --- net/ipv4/tcp_comp.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/net/ipv4/tcp_comp.c b/net/ipv4/tcp_comp.c index 6d6b248d02b5..7d40c2f3981b 100644 --- a/net/ipv4/tcp_comp.c +++ b/net/ipv4/tcp_comp.c @@ -765,7 +765,7 @@ static int comp_read_size(struct strparser *strp, struct sk_buff *skb) if (rxm->offset > skb->len) return 0;

- return skb->len; + return skb->len - rxm->offset; }

void comp_setup_strp(struct sock *sk, struct tcp_comp_context *ctx) @@ -872,6 +872,7 @@ static void tcp_comp_context_free(struct rcu_head *head)

tcp_comp_context_tx_free(ctx); tcp_comp_context_rx_free(ctx); + strp_done(&ctx->rx.strp); kfree(ctx); }

@@ -887,6 +888,7 @@ void tcp_cleanup_compression(struct sock *sk) kfree_skb(ctx->rx.pkt); ctx->rx.pkt = NULL; } + strp_stop(&ctx->rx.strp);

rcu_assign_pointer(icsk->icsk_ulp_data, NULL); call_rcu(&ctx->rcu, tcp_comp_context_free);

From: Wang Yufen wangyufen@huawei.com

hulk inclusion category: bugfix bugzilla: https://gitee.com/openeuler/kernel/issues/I48H9Z?from=project-issue CVE: NA

-------------------------------------------------

In order to separate the compressed data and decompressed data, this patch adds dpkt to tcp_comp_context_rx, dpkt is used to save decompressed skb.

Signed-off-by: Wang Yufen wangyufen@huawei.com Signed-off-by: Yang Yingliang yangyingliang@huawei.com Signed-off-by: Lu Wei luwei32@huawei.com Reviewed-by: Wei Yongjun weiyongjun1@huawei.com Signed-off-by: Zheng Zengkai zhengzengkai@huawei.com --- net/ipv4/tcp_comp.c | 94 ++++++++++++++++++++++++++++++--------------- 1 file changed, 64 insertions(+), 30 deletions(-)

diff --git a/net/ipv4/tcp_comp.c b/net/ipv4/tcp_comp.c index 1a907d9a51e0..67b09c1b4669 100644 --- a/net/ipv4/tcp_comp.c +++ b/net/ipv4/tcp_comp.c @@ -45,7 +45,7 @@ struct tcp_comp_context_rx { struct strparser strp; void (*saved_data_ready)(struct sock *sk); struct sk_buff *pkt; - bool decompressed; + struct sk_buff *dpkt; };

struct tcp_comp_context { @@ -510,6 +510,24 @@ static bool comp_advance_skb(struct sock *sk, struct sk_buff *skb, return true; }

+static bool comp_advance_dskb(struct sock *sk, struct sk_buff *skb, + unsigned int len) +{ + struct tcp_comp_context *ctx = comp_get_ctx(sk); + struct strp_msg *rxm = strp_msg(skb); + + if (len < rxm->full_len) { + rxm->offset += len; + rxm->full_len -= len; + return false; + } + + /* Finished with message */ + ctx->rx.dpkt = NULL; + kfree_skb(skb); + return true; +} + static int tcp_comp_rx_context_init(struct tcp_comp_context *ctx) { int dsize; @@ -566,13 +584,14 @@ static void *tcp_comp_get_rx_stream(struct sock *sk) return ctx->rx.plaintext_data; }

-static int tcp_comp_decompress(struct sock *sk, struct sk_buff *skb) +static int tcp_comp_decompress(struct sock *sk, struct sk_buff *skb, int flags) { struct tcp_comp_context *ctx = comp_get_ctx(sk); struct strp_msg *rxm = strp_msg(skb); const int plen = skb->len; ZSTD_outBuffer outbuf; ZSTD_inBuffer inbuf; + struct sk_buff *nskb; int len; void *to;

@@ -586,6 +605,10 @@ static int tcp_comp_decompress(struct sock *sk, struct sk_buff *skb) if (plen + ctx->rx.data_offset > TCP_COMP_MAX_CSIZE) return -ENOMEM;

+ nskb = skb_copy(skb, GFP_KERNEL); + if (!nskb) + return -ENOMEM; + if (ctx->rx.data_offset) memcpy(ctx->rx.compressed_data, ctx->rx.remaining_data, ctx->rx.data_offset); @@ -607,34 +630,38 @@ static int tcp_comp_decompress(struct sock *sk, struct sk_buff *skb)

to = outbuf.dst; ret = ZSTD_decompressStream(ctx->rx.dstream, &outbuf, &inbuf); - if (ZSTD_isError(ret)) + if (ZSTD_isError(ret)) { + kfree_skb(nskb); return -EIO; + }

len = outbuf.pos - plen; - if (len > skb_tailroom(skb)) - len = skb_tailroom(skb); + if (len > skb_tailroom(nskb)) + len = skb_tailroom(nskb);

- __skb_put(skb, len); - rxm->full_len += (len + rxm->offset); - rxm->offset = 0; + __skb_put(nskb, len);

len += plen; - skb_copy_to_linear_data(skb, to, len); + skb_copy_to_linear_data(nskb, to, len);

while ((to += len, outbuf.pos -= len) > 0) { struct page *pages; skb_frag_t *frag;

- if (WARN_ON(skb_shinfo(skb)->nr_frags >= MAX_SKB_FRAGS)) + if (WARN_ON(skb_shinfo(nskb)->nr_frags >= MAX_SKB_FRAGS)) { + kfree_skb(nskb); return -EMSGSIZE; + }

- frag = skb_shinfo(skb)->frags + - skb_shinfo(skb)->nr_frags; + frag = skb_shinfo(nskb)->frags + + skb_shinfo(nskb)->nr_frags; pages = alloc_pages(__GFP_NOWARN | GFP_KERNEL | __GFP_COMP, TCP_COMP_ALLOC_ORDER);

- if (!pages) + if (!pages) { + kfree_skb(nskb); return -ENOMEM; + }

__skb_frag_set_page(frag, pages); len = PAGE_SIZE << TCP_COMP_ALLOC_ORDER; @@ -645,11 +672,10 @@ static int tcp_comp_decompress(struct sock *sk, struct sk_buff *skb) skb_frag_size_set(frag, len); memcpy(skb_frag_address(frag), to, len);

- skb->truesize += len; - skb->data_len += len; - skb->len += len; - rxm->full_len += len; - skb_shinfo(skb)->nr_frags++; + nskb->truesize += len; + nskb->data_len += len; + nskb->len += len; + skb_shinfo(nskb)->nr_frags++; }

if (ret == 0) @@ -665,6 +691,13 @@ static int tcp_comp_decompress(struct sock *sk, struct sk_buff *skb) break; } } + + ctx->rx.dpkt = nskb; + rxm = strp_msg(nskb); + rxm->full_len = nskb->len; + rxm->offset = 0; + comp_advance_skb(sk, skb, plen - rxm->offset); + return 0; }

@@ -691,21 +724,19 @@ static int tcp_comp_recvmsg(struct sock *sk, struct msghdr *msg, size_t len, do { int chunk = 0;

- skb = comp_wait_data(sk, flags, timeo, &err); - if (!skb) - goto recv_end; + if (!ctx->rx.dpkt) { + skb = comp_wait_data(sk, flags, timeo, &err); + if (!skb) + goto recv_end;

- if (!ctx->rx.decompressed) { - err = tcp_comp_decompress(sk, skb); + err = tcp_comp_decompress(sk, skb, flags); if (err < 0) { goto recv_end; } - ctx->rx.decompressed = true; } + skb = ctx->rx.dpkt; rxm = strp_msg(skb); - chunk = min_t(unsigned int, rxm->full_len, len); - err = skb_copy_datagram_msg(skb, rxm->offset, msg, chunk); if (err < 0) @@ -714,11 +745,11 @@ static int tcp_comp_recvmsg(struct sock *sk, struct msghdr *msg, size_t len, copied += chunk; len -= chunk; if (likely(!(flags & MSG_PEEK))) - comp_advance_skb(sk, skb, chunk); + comp_advance_dskb(sk, skb, chunk); else break;

- if (copied >= target && !ctx->rx.pkt) + if (copied >= target && !ctx->rx.dpkt) break; } while (len > 0);

@@ -734,7 +765,7 @@ bool comp_stream_read(const struct sock *sk) if (!ctx) return false;

- if (ctx->rx.pkt) + if (ctx->rx.pkt || ctx->rx.dpkt) return true;

return false; @@ -751,7 +782,6 @@ static void comp_queue(struct strparser *strp, struct sk_buff *skb) { struct tcp_comp_context *ctx = comp_get_ctx(strp->sk);

- ctx->rx.decompressed = false; ctx->rx.pkt = skb; strp_pause(strp); ctx->rx.saved_data_ready(strp->sk); @@ -887,6 +917,10 @@ void tcp_cleanup_compression(struct sock *sk) kfree_skb(ctx->rx.pkt); ctx->rx.pkt = NULL; } + if (ctx->rx.dpkt) { + kfree_skb(ctx->rx.dpkt); + ctx->rx.dpkt = NULL; + } strp_stop(&ctx->rx.strp);

rcu_assign_pointer(icsk->icsk_ulp_data, NULL);

From: Wei Li liwei391@huawei.com

hulk inclusion category: bugfix bugzilla: 173968, https://gitee.com/openeuler/kernel/issues/I3J87Y CVE: NA

-------------------------------------------------

In '6ab918569ad4 ("watchdog: Fix check_preemption_disabled() error")', we tried to fix check_preemption_disabled() error by disabling preemption in hardlockup_detector_perf_init(), but missed that function perf_event_create_kernel_counter() may sleep.

To fix the issue fully, reimplement hardlockup_detector_perf_init() through smp_call_on_cpu() instead of disabling preemption.

Fixes: 6ab918569ad4 ("watchdog: Fix check_preemption_disabled() error") Signed-off-by: Wei Li liwei391@huawei.com Reviewed-by: Cheng Jian cj.chengjian@huawei.com Reviewed-by: Xiongfeng Wang wangxiongfeng2@huawei.com Signed-off-by: Zheng Zengkai zhengzengkai@huawei.com --- kernel/watchdog_hld.c | 19 +++++++++++-------- 1 file changed, 11 insertions(+), 8 deletions(-)

diff --git a/kernel/watchdog_hld.c b/kernel/watchdog_hld.c index f535ddd76315..b8a2d3b2cd9c 100644 --- a/kernel/watchdog_hld.c +++ b/kernel/watchdog_hld.c @@ -499,22 +499,25 @@ void __init hardlockup_detector_perf_restart(void) } }

-/** - * hardlockup_detector_perf_init - Probe whether NMI event is available at all - */ -int __init hardlockup_detector_perf_init(void) +int __init __hardlockup_detector_perf_init(void *not_used) { - int ret; + int ret = hardlockup_detector_event_create();

- preempt_disable(); - ret = hardlockup_detector_event_create(); if (ret) { pr_info("Perf NMI watchdog permanently disabled\n"); } else { perf_event_release_kernel(this_cpu_read(watchdog_ev)); this_cpu_write(watchdog_ev, NULL); } - preempt_enable(); return ret; } + +/** + * hardlockup_detector_perf_init - Probe whether NMI event is available at all + */ +int __init hardlockup_detector_perf_init(void) +{ + return smp_call_on_cpu(get_boot_cpu_id(), + __hardlockup_detector_perf_init, NULL, false); +} #endif /* CONFIG_HARDLOCKUP_DETECTOR_PERF */

From: Zhen Lei thunder.leizhen@huawei.com

hulk inclusion category: bugfix bugzilla: https://e.gitee.com/open_euler/issues/list?issue=I4QSVV CVE: NA

-------------------------------------------------------------------------

The commit 587e6c10a7ce ("iommu/arm-smmu-v3: Add and use static helper function arm_smmu_cmdq_issue_cmd_with_sync()") is backported from RFC version. Some minor changes are made to the patch when it is merged into the mainline, see the following link: Link: https://www.spinics.net/lists/arm-kernel/msg914548.html

In addition, there are two patches based on earlier mainline that still incorrectly use arm_smmu_cmdq_issue_sync(), fix them.

Fixes: 3e63033675c9 ("iommu/arm-smmu-v3: Seize private ASID") Fixes: 04039cc97a88 ("iommu/smmuv3: Implement cache_invalidate") Signed-off-by: Zhen Lei thunder.leizhen@huawei.com Reviewed-by: Hanjun Guo guohanjun@huawei.com Signed-off-by: Zheng Zengkai zhengzengkai@huawei.com --- drivers/iommu/arm/arm-smmu-v3/arm-smmu-v3.c | 28 ++++++++------------- 1 file changed, 10 insertions(+), 18 deletions(-)

diff --git a/drivers/iommu/arm/arm-smmu-v3/arm-smmu-v3.c b/drivers/iommu/arm/arm-smmu-v3/arm-smmu-v3.c index 0702408997c9..f6868511ad01 100644 --- a/drivers/iommu/arm/arm-smmu-v3/arm-smmu-v3.c +++ b/drivers/iommu/arm/arm-smmu-v3/arm-smmu-v3.c @@ -1030,8 +1030,9 @@ static int arm_smmu_cmdq_issue_cmdlist(struct arm_smmu_device *smmu, return ret; }

-static int arm_smmu_cmdq_issue_cmd(struct arm_smmu_device *smmu, - struct arm_smmu_cmdq_ent *ent) +static int __arm_smmu_cmdq_issue_cmd(struct arm_smmu_device *smmu, + struct arm_smmu_cmdq_ent *ent, + bool sync) { u64 cmd[CMDQ_ENT_DWORDS];

@@ -1041,26 +1042,19 @@ static int arm_smmu_cmdq_issue_cmd(struct arm_smmu_device *smmu, return -EINVAL; }

- return arm_smmu_cmdq_issue_cmdlist(smmu, cmd, 1, false); + return arm_smmu_cmdq_issue_cmdlist(smmu, cmd, 1, sync); }

-static int __maybe_unused arm_smmu_cmdq_issue_sync(struct arm_smmu_device *smmu) +static int arm_smmu_cmdq_issue_cmd(struct arm_smmu_device *smmu, + struct arm_smmu_cmdq_ent *ent) { - return arm_smmu_cmdq_issue_cmdlist(smmu, NULL, 0, true); + return __arm_smmu_cmdq_issue_cmd(smmu, ent, false); }

static int arm_smmu_cmdq_issue_cmd_with_sync(struct arm_smmu_device *smmu, struct arm_smmu_cmdq_ent *ent) { - u64 cmd[CMDQ_ENT_DWORDS]; - - if (arm_smmu_cmdq_build_cmd(cmd, ent)) { - dev_warn(smmu->dev, "ignoring unknown CMDQ opcode 0x%x\n", - ent->opcode); - return -EINVAL; - } - - return arm_smmu_cmdq_issue_cmdlist(smmu, cmd, 1, true); + return __arm_smmu_cmdq_issue_cmd(smmu, ent, true); }

static void arm_smmu_cmdq_batch_add(struct arm_smmu_device *smmu, @@ -2255,8 +2249,7 @@ static void __arm_smmu_tlb_inv_context(struct arm_smmu_domain *smmu_domain, cmd.opcode = CMDQ_OP_TLBI_NH_ASID; cmd.tlbi.asid = ext_asid; cmd.tlbi.vmid = smmu_domain->s2_cfg.vmid; - arm_smmu_cmdq_issue_cmd(smmu, &cmd); - arm_smmu_cmdq_issue_sync(smmu); + arm_smmu_cmdq_issue_cmd_with_sync(smmu, &cmd); } else if (smmu_domain->stage == ARM_SMMU_DOMAIN_S1) { arm_smmu_tlb_inv_asid(smmu, smmu_domain->s1_cfg.cd.asid); } else { @@ -3853,8 +3846,7 @@ arm_smmu_cache_invalidate(struct iommu_domain *domain, struct device *dev,

/* Global S1 invalidation */ cmd.tlbi.vmid = smmu_domain->s2_cfg.vmid; - arm_smmu_cmdq_issue_cmd(smmu, &cmd); - arm_smmu_cmdq_issue_sync(smmu); + arm_smmu_cmdq_issue_cmd_with_sync(smmu, &cmd); return 0; }

From: Jingxian He hejingxian@huawei.com

euleros inclusion category: feature bugzilla: https://gitee.com/openeuler/kernel/issues/I4REE5 CVE: NA

------------ 1.Refactor pin memory mem reserve: Move the memory reserve functions to pin_mem.c, and avoid using unnecessary macros.

2.Refactor pid reserve code: In oder to avoid using unnecessary compile macros in pid.c, add stub functions for free_reserved_pid and reserve_pids.

Signed-off-by: Jingxian He hejingxian@huawei.com Reviewed-by: Kefeng Wangwangkefeng.wang@huawei.com Signed-off-by: Zheng Zengkai zhengzengkai@huawei.com --- arch/arm64/kernel/setup.c | 8 +-- arch/arm64/mm/init.c | 53 +----------------- include/linux/pin_mem.h | 34 +++++++++--- kernel/pid.c | 12 ++--- mm/pin_mem.c | 110 ++++++++++++++++++++++++++++++-------- 5 files changed, 119 insertions(+), 98 deletions(-)

diff --git a/arch/arm64/kernel/setup.c b/arch/arm64/kernel/setup.c index 92d75e381bb1..58d69e2e7538 100644 --- a/arch/arm64/kernel/setup.c +++ b/arch/arm64/kernel/setup.c @@ -30,9 +30,7 @@ #include <linux/psci.h> #include <linux/sched/task.h> #include <linux/mm.h> -#ifdef CONFIG_PIN_MEMORY #include <linux/pin_mem.h> -#endif

#include <asm/acpi.h> #include <asm/fixmap.h> @@ -297,11 +295,7 @@ static void __init request_standard_resources(void) request_resource(res, &quick_kexec_res); #endif

-#ifdef CONFIG_PIN_MEMORY - if (pin_memory_resource.end && pin_memory_resource.start >= res->start && - pin_memory_resource.end <= res->end) - request_resource(res, &pin_memory_resource); -#endif + request_pin_mem_res(res); } }

diff --git a/arch/arm64/mm/init.c b/arch/arm64/mm/init.c index 6ebfabde16f3..1364d52cbaa8 100644 --- a/arch/arm64/mm/init.c +++ b/arch/arm64/mm/init.c @@ -30,9 +30,7 @@ #include <linux/crash_dump.h> #include <linux/hugetlb.h> #include <linux/acpi_iort.h> -#ifdef CONFIG_PIN_MEMORY #include <linux/pin_mem.h> -#endif

#include <asm/boot.h> #include <asm/fixmap.h> @@ -56,52 +54,6 @@ s64 memstart_addr __ro_after_init = -1; EXPORT_SYMBOL(memstart_addr);

-#ifdef CONFIG_PIN_MEMORY -struct resource pin_memory_resource = { - .name = "Pin memory", - .start = 0, - .end = 0, - .flags = IORESOURCE_MEM, - .desc = IORES_DESC_RESERVED -}; - -static void __init reserve_pin_memory_res(void) -{ - unsigned long long mem_start, mem_len; - int ret; - - ret = parse_pin_memory(boot_command_line, memblock_phys_mem_size(), - &mem_len, &mem_start); - if (ret || !mem_len) - return; - - mem_len = PAGE_ALIGN(mem_len); - - if (!memblock_is_region_memory(mem_start, mem_len)) { - pr_warn("cannot reserve for pin memory: region is not memory!\n"); - return; - } - - if (memblock_is_region_reserved(mem_start, mem_len)) { - pr_warn("cannot reserve for pin memory: region overlaps reserved memory!\n"); - return; - } - - if (!IS_ALIGNED(mem_start, SZ_2M)) { - pr_warn("cannot reserve for pin memory: base address is not 2MB aligned\n"); - return; - } - - memblock_reserve(mem_start, mem_len); - pin_memory_resource.start = mem_start; - pin_memory_resource.end = mem_start + mem_len - 1; -} -#else -static void __init reserve_pin_memory_res(void) -{ -} -#endif /* CONFIG_PIN_MEMORY */ - /* * If the corresponding config options are enabled, we create both ZONE_DMA * and ZONE_DMA32. By default ZONE_DMA covers the 32-bit addressable memory @@ -729,11 +681,8 @@ void __init mem_init(void) /* this will put all unused low memory onto the freelists */ memblock_free_all();

-#ifdef CONFIG_PIN_MEMORY /* pre alloc the pages for pin memory */ - init_reserve_page_map((unsigned long)pin_memory_resource.start, - (unsigned long)(pin_memory_resource.end - pin_memory_resource.start)); -#endif + init_reserve_page_map();

mem_init_print_info(NULL);

diff --git a/include/linux/pin_mem.h b/include/linux/pin_mem.h index 6c54482a42a1..24e64efe4e51 100644 --- a/include/linux/pin_mem.h +++ b/include/linux/pin_mem.h @@ -83,17 +83,35 @@ extern int pagemap_get(struct mm_struct *mm, void *mem_walk, unsigned long *pte_entry, unsigned int *count);

extern int init_pagemap_read(void); -/* reserve space for pin memory*/ -#ifdef CONFIG_ARM64 -extern struct resource pin_memory_resource; -#endif -extern void init_reserve_page_map(unsigned long map_addr, unsigned long map_size); + +extern void __init reserve_pin_memory_res(void); + +extern void request_pin_mem_res(struct resource *res); + +extern void init_reserve_page_map(void); + +#else + +static inline void __init reserve_pin_memory_res(void) {} + +static inline void request_pin_mem_res(struct resource *res) {} + +static inline void init_reserve_page_map(void) {} + +#endif /* CONFIG_PIN_MEMORY */

#ifdef CONFIG_PID_RESERVE -extern bool is_need_reserve_pids(void); + extern void free_reserved_pid(struct idr *idr, int pid); + extern void reserve_pids(struct idr *idr, int pid_max); -#endif

-#endif /* CONFIG_PIN_MEMORY */ +#else + +static inline void free_reserved_pid(struct idr *idr, int pid) {} + +static inline void reserve_pids(struct idr *idr, int pid_max) {} + +#endif /* CONFIG_PID_RESERVE */ + #endif /* _LINUX_PIN_MEMORY_H */ diff --git a/kernel/pid.c b/kernel/pid.c index 28fdf3dc1005..3f9490082180 100644 --- a/kernel/pid.c +++ b/kernel/pid.c @@ -45,9 +45,7 @@ #include <net/sock.h> #include <linux/kmemleak.h> #include <uapi/linux/pidfd.h> -#ifdef CONFIG_PID_RESERVE #include <linux/pin_mem.h> -#endif

struct pid init_struct_pid = { .count = REFCOUNT_INIT(1), @@ -212,9 +210,8 @@ struct pid *alloc_pid(struct pid_namespace *ns, pid_t *set_tid, spin_lock_irq(&pidmap_lock);

if (tid) { -#ifdef CONFIG_PID_RESERVE free_reserved_pid(&tmp->idr, tid); -#endif + nr = idr_alloc(&tmp->idr, NULL, tid, tid + 1, GFP_ATOMIC); /* @@ -659,10 +656,9 @@ void __init pid_idr_init(void)

init_pid_ns.pid_cachep = KMEM_CACHE(pid, SLAB_HWCACHE_ALIGN | SLAB_PANIC | SLAB_ACCOUNT); -#ifdef CONFIG_PID_RESERVE - if (is_need_reserve_pids()) - reserve_pids(&init_pid_ns.idr, pid_max); -#endif + + reserve_pids(&init_pid_ns.idr, pid_max); + hdr = register_sysctl_paths(pid_kern_path, pid_ctl_table); kmemleak_not_leak(hdr); } diff --git a/mm/pin_mem.c b/mm/pin_mem.c index ff6ddd3a47f9..c158b7768d67 100644 --- a/mm/pin_mem.c +++ b/mm/pin_mem.c @@ -17,6 +17,7 @@ #include <linux/ctype.h> #include <linux/highmem.h> #include <crypto/sha2.h> +#include <linux/memblock.h>

#define MAX_PIN_PID_NUM 128 #define DEFAULT_REDIRECT_SPACE_SIZE 0x100000 @@ -1023,22 +1024,6 @@ vm_fault_t do_mem_remap(int pid, struct mm_struct *mm) } EXPORT_SYMBOL_GPL(do_mem_remap);

-#if defined(CONFIG_ARM64) -void init_reserve_page_map(unsigned long map_addr, unsigned long map_size) -{ - void *addr; - - if (!map_addr || !map_size) - return; - addr = phys_to_virt(map_addr); - init_page_map_info((struct pin_mem_dump_info *)addr, map_size); -} -#else -void init_reserve_page_map(unsigned long map_addr, unsigned long map_size) -{ -} -#endif - static void free_all_reserved_pages(void) { unsigned int i, j, index, order; @@ -1088,14 +1073,92 @@ void clear_pin_memory_record(void) } EXPORT_SYMBOL_GPL(clear_pin_memory_record);

-#ifdef CONFIG_PID_RESERVE -struct idr *reserve_idr; +static struct resource pin_memory_resource = { + .name = "Pin memory", + .start = 0, + .end = 0, + .flags = IORESOURCE_MEM, + .desc = IORES_DESC_RESERVED +}; + +static unsigned long long pin_mem_start; +static unsigned long long pin_mem_len;

-/* test if there exist pin memory tasks */ -bool is_need_reserve_pids(void) +static int __init parse_pin_memory(char *cmdline) { - return (pin_pid_num > 0); + char *cur = cmdline; + + pin_mem_len = memparse(cmdline, &cur); + if (cmdline == cur) { + pr_warn("crashkernel: memory value expected\n"); + return -EINVAL; + } + + if (*cur == '@') + pin_mem_start = memparse(cur+1, &cur); + else if (*cur != ' ' && *cur != '\0') { + pr_warn("pinmem: unrecognized char: %c\n", *cur); + return -EINVAL; + } + + return 0; } +early_param("pinmemory", parse_pin_memory); + +void __init reserve_pin_memory_res(void) +{ + unsigned long long mem_start = pin_mem_start; + unsigned long long mem_len = pin_mem_len; + + if (!pin_mem_len) + return; + + mem_len = PAGE_ALIGN(mem_len); + + if (!memblock_is_region_memory(mem_start, mem_len)) { + pr_warn("cannot reserve for pin memory: region is not memory!\n"); + return; + } + + if (memblock_is_region_reserved(mem_start, mem_len)) { + pr_warn("cannot reserve for pin memory: region overlaps reserved memory!\n"); + return; + } + + memblock_reserve(mem_start, mem_len); + pr_debug("pin memory resource reserved: 0x%016llx - 0x%016llx (%lld MB)\n", + mem_start, mem_start + mem_len, mem_len >> 20); + + pin_memory_resource.start = mem_start; + pin_memory_resource.end = mem_start + mem_len - 1; +} + +void request_pin_mem_res(struct resource *res) +{ + if (pin_memory_resource.end && + pin_memory_resource.start >= res->start && + pin_memory_resource.end <= res->end) + request_resource(res, &pin_memory_resource); +} + +void init_reserve_page_map(void) +{ + void *addr; + unsigned long map_addr, map_size; + + map_addr = (unsigned long)pin_memory_resource.start; + map_size = (unsigned long)(pin_memory_resource.end - pin_memory_resource.start + 1); + if (!map_addr || !map_size) + return; + + addr = phys_to_virt(map_addr); + init_page_map_info((struct pin_mem_dump_info *)addr, map_size); +} + +#endif /* CONFIG_PIN_MEMORY */ + +#ifdef CONFIG_PID_RESERVE +struct idr *reserve_idr;

void free_reserved_pid(struct idr *idr, int pid) { @@ -1121,8 +1184,9 @@ void reserve_pids(struct idr *idr, int pid_max) unsigned int index; struct page_map_info *pmi;

- if (!max_pin_pid_num) + if (!pin_pid_num || !max_pin_pid_num) return; + reserve_idr = idr; for (index = 0; index < pin_pid_num; index++) { pmi = &(user_space_reserve_start[index]); @@ -1137,6 +1201,6 @@ void reserve_pids(struct idr *idr, int pid_max) } } } + #endif /* CONFIG_PID_RESERVE */

-#endif /* CONFIG_PIN_MEMORY */

From: Jingxian He hejingxian@huawei.com

euleros inclusion category: feature bugzilla: https://gitee.com/openeuler/kernel/issues/I4QPBH CVE: NA

------------

1. Improve pin mem pages rmap: Add Hotreplace flag for pin mem pages to avoid spilting. When the Hotreplace flag is set, the page will not be added to deferred_split page list during rmap. If the pin mem pages added to the deferred_split page list, deferred_split_scan ops will spilt the pages which has been pinned. If the pin mem page is spilted, we can't remap the page to the recover process with the recorded pin mem mapping rule. Moreover, the deferred_split page list node can be corrupted while the deferred_split_scan function and pin pages remapping executing at the same time.

2. Improve free method for pin mem pages: Use the put_page method instead of free_pages directly.

Signed-off-by: Jingxian He hejingxian@huawei.com Reviewed-by: Kefeng Wangwangkefeng.wang@huawei.com Signed-off-by: Zheng Zengkai zhengzengkai@huawei.com --- mm/pin_mem.c | 20 ++++++++++++-------- mm/rmap.c | 12 ++++++++---- 2 files changed, 20 insertions(+), 12 deletions(-)

diff --git a/mm/pin_mem.c b/mm/pin_mem.c index c158b7768d67..34fe373c5fcc 100644 --- a/mm/pin_mem.c +++ b/mm/pin_mem.c @@ -531,6 +531,7 @@ int collect_pmd_huge_pages(struct task_struct *task, if (IS_PTE_PRESENT(pte_entry[0])) { temp_page = pfn_to_page(pte_entry[0] & PM_PFRAME_MASK); if (PageHead(temp_page)) { + SetPageHotreplace(temp_page); atomic_inc(&((temp_page)->_refcount)); start += HPAGE_PMD_SIZE; pme->phy_addr_array[index] = page_to_phys(temp_page); @@ -611,6 +612,7 @@ int collect_normal_pages(struct task_struct *task, continue; } tmp_page = pfn_to_page(pte_entry[i] & PM_PFRAME_MASK); + SetPageHotreplace(tmp_page); atomic_inc(&(tmp_page->_refcount)); phy_addr_array[i] = ((pte_entry[i] & PM_PFRAME_MASK) << PAGE_SHIFT); } @@ -839,14 +841,16 @@ vm_fault_t remap_normal_pages(struct mm_struct *mm, struct vm_area_struct *vma, ret = do_anon_page_remap(vma, address, pmd, page); if (ret) goto free; + ClearPageHotreplace(page); } return 0;

free: + ClearPageHotreplace(page); for (i = j; i < pme->nr_pages; i++) { phy_addr = pme->phy_addr_array[i]; if (phy_addr) { - __free_page(phys_to_page(phy_addr)); + put_page(phys_to_page(phy_addr)); pme->phy_addr_array[i] = 0; } } @@ -927,16 +931,18 @@ vm_fault_t remap_huge_pmd_pages(struct mm_struct *mm, struct vm_area_struct *vma ret = do_anon_huge_page_remap(vma, address, pmd, page); if (ret) goto free; + ClearPageHotreplace(page); } return 0;

free: + ClearPageHotreplace(page); for (i = j; i < pme->nr_pages; i++) { phy_addr = pme->phy_addr_array[i]; if (phy_addr) { page = phys_to_page(phy_addr); if (!(page->flags & PAGE_FLAGS_CHECK_RESERVED)) { - __free_pages(page, HPAGE_PMD_ORDER); + put_page(page); pme->phy_addr_array[i] = 0; } } @@ -950,7 +956,6 @@ static void free_unmap_pages(struct page_map_info *pmi, { unsigned int i, j; unsigned long phy_addr; - unsigned int order; struct page *page;

pme = (struct page_map_entry *)(next_pme(pme)); @@ -959,9 +964,8 @@ static void free_unmap_pages(struct page_map_info *pmi, phy_addr = pme->phy_addr_array[i]; if (phy_addr) { page = phys_to_page(phy_addr); - order = pme->is_huge_page ? HPAGE_PMD_ORDER : 0; if (!(page->flags & PAGE_FLAGS_CHECK_RESERVED)) { - __free_pages(page, order); + put_page(page); pme->phy_addr_array[i] = 0; } } @@ -1026,7 +1030,7 @@ EXPORT_SYMBOL_GPL(do_mem_remap);

static void free_all_reserved_pages(void) { - unsigned int i, j, index, order; + unsigned int i, j, index; struct page_map_info *pmi; struct page_map_entry *pme; struct page *page; @@ -1042,12 +1046,12 @@ static void free_all_reserved_pages(void) pme = pmi->pme; for (i = 0; i < pmi->entry_num; i++) { for (j = 0; j < pme->nr_pages; j++) { - order = pme->is_huge_page ? HPAGE_PMD_ORDER : 0; phy_addr = pme->phy_addr_array[j]; if (phy_addr) { page = phys_to_page(phy_addr); + ClearPageHotreplace(page); if (!(page->flags & PAGE_FLAGS_CHECK_RESERVED)) { - __free_pages(page, order); + put_page(page); pme->phy_addr_array[j] = 0; } } diff --git a/mm/rmap.c b/mm/rmap.c index e894efb94650..a780862cd226 100644 --- a/mm/rmap.c +++ b/mm/rmap.c @@ -1313,8 +1313,10 @@ static void page_remove_anon_compound_rmap(struct page *page) * page of the compound page is unmapped, but at least one * small page is still mapped. */ - if (nr && nr < thp_nr_pages(page)) - deferred_split_huge_page(page); + if (nr && nr < thp_nr_pages(page)) { + if (!PageHotreplace(page)) + deferred_split_huge_page(page); + } } else { nr = thp_nr_pages(page); } @@ -1361,8 +1363,10 @@ void page_remove_rmap(struct page *page, bool compound) if (unlikely(PageMlocked(page))) clear_page_mlock(page);

- if (PageTransCompound(page)) - deferred_split_huge_page(compound_head(page)); + if (PageTransCompound(page)) { + if (!PageHotreplace(compound_head(page))) + deferred_split_huge_page(compound_head(page)); + }

/* * It would be tidy to reset the PageAnon mapping here,

From: Axel Rasmussen axelrasmussen@google.com

mainline inclusion from mainline-5.11-rc1 commit 2b5067a8143e34aa3fa57a20fb8a3c40d905f942 category: feature bugzilla: https://gitee.com/openeuler/kernel/issues/I4RL0T CVE: NA

Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?i...

-------------------------------------------------

The goal of these tracepoints is to be able to debug lock contention issues. This lock is acquired on most (all?) mmap / munmap / page fault operations, so a multi-threaded process which does a lot of these can experience significant contention.

We trace just before we start acquisition, when the acquisition returns (whether it succeeded or not), and when the lock is released (or downgraded). The events are broken out by lock type (read / write).

The events are also broken out by memcg path. For container-based workloads, users often think of several processes in a memcg as a single logical "task", so collecting statistics at this level is useful.

The end goal is to get latency information. This isn't directly included in the trace events. Instead, users are expected to compute the time between "start locking" and "acquire returned", using e.g. synthetic events or BPF. The benefit we get from this is simpler code.

Because we use tracepoint_enabled() to decide whether or not to trace, this patch has effectively no overhead unless tracepoints are enabled at runtime. If tracepoints are enabled, there is a performance impact, but how much depends on exactly what e.g. the BPF program does.

[axelrasmussen@google.com: fix use-after-free race and css ref leak in tracepoints] Link: https://lkml.kernel.org/r/20201130233504.3725241-1-axelrasmussen@google.com [axelrasmussen@google.com: v3] Link: https://lkml.kernel.org/r/20201207213358.573750-1-axelrasmussen@google.com [rostedt@goodmis.org: in-depth examples of tracepoint_enabled() usage, and per-cpu-per-context buffer design]

Link: https://lkml.kernel.org/r/20201105211739.568279-2-axelrasmussen@google.com Signed-off-by: Axel Rasmussen axelrasmussen@google.com Acked-by: Vlastimil Babka vbabka@suse.cz Cc: Steven Rostedt rostedt@goodmis.org Cc: Ingo Molnar mingo@redhat.com Cc: Michel Lespinasse walken@google.com Cc: Daniel Jordan daniel.m.jordan@oracle.com Cc: Jann Horn jannh@google.com Cc: Chinwen Chang chinwen.chang@mediatek.com Cc: Davidlohr Bueso dbueso@suse.de Cc: David Rientjes rientjes@google.com Cc: Laurent Dufour ldufour@linux.ibm.com Cc: Yafang Shao laoar.shao@gmail.com Signed-off-by: Andrew Morton akpm@linux-foundation.org Signed-off-by: Linus Torvalds torvalds@linux-foundation.org (cherry picked from commit 2b5067a8143e34aa3fa57a20fb8a3c40d905f942) Signed-off-by: Yongqiang Liu liuyongqiang13@huawei.com Reviewed-by: Kefeng Wangwangkefeng.wang@huawei.com Signed-off-by: Zheng Zengkai zhengzengkai@huawei.com --- include/linux/mmap_lock.h | 94 ++++++++++++- include/trace/events/mmap_lock.h | 107 ++++++++++++++ mm/Makefile | 2 +- mm/mmap_lock.c | 230 +++++++++++++++++++++++++++++++ 4 files changed, 427 insertions(+), 6 deletions(-) create mode 100644 include/trace/events/mmap_lock.h create mode 100644 mm/mmap_lock.c

diff --git a/include/linux/mmap_lock.h b/include/linux/mmap_lock.h index 18e7eae9b5ba..0540f0156f58 100644 --- a/include/linux/mmap_lock.h +++ b/include/linux/mmap_lock.h @@ -1,11 +1,65 @@ #ifndef _LINUX_MMAP_LOCK_H #define _LINUX_MMAP_LOCK_H

+#include <linux/lockdep.h> +#include <linux/mm_types.h> #include <linux/mmdebug.h> +#include <linux/rwsem.h> +#include <linux/tracepoint-defs.h> +#include <linux/types.h>

#define MMAP_LOCK_INITIALIZER(name) \ .mmap_lock = __RWSEM_INITIALIZER((name).mmap_lock),

+DECLARE_TRACEPOINT(mmap_lock_start_locking); +DECLARE_TRACEPOINT(mmap_lock_acquire_returned); +DECLARE_TRACEPOINT(mmap_lock_released); + +#ifdef CONFIG_TRACING + +void __mmap_lock_do_trace_start_locking(struct mm_struct *mm, bool write); +void __mmap_lock_do_trace_acquire_returned(struct mm_struct *mm, bool write, + bool success); +void __mmap_lock_do_trace_released(struct mm_struct *mm, bool write); + +static inline void __mmap_lock_trace_start_locking(struct mm_struct *mm, + bool write) +{ + if (tracepoint_enabled(mmap_lock_start_locking)) + __mmap_lock_do_trace_start_locking(mm, write); +} + +static inline void __mmap_lock_trace_acquire_returned(struct mm_struct *mm, + bool write, bool success) +{ + if (tracepoint_enabled(mmap_lock_acquire_returned)) + __mmap_lock_do_trace_acquire_returned(mm, write, success); +} + +static inline void __mmap_lock_trace_released(struct mm_struct *mm, bool write) +{ + if (tracepoint_enabled(mmap_lock_released)) + __mmap_lock_do_trace_released(mm, write); +} + +#else /* !CONFIG_TRACING */ + +static inline void __mmap_lock_trace_start_locking(struct mm_struct *mm, + bool write) +{ +} + +static inline void __mmap_lock_trace_acquire_returned(struct mm_struct *mm, + bool write, bool success) +{ +} + +static inline void __mmap_lock_trace_released(struct mm_struct *mm, bool write) +{ +} + +#endif /* CONFIG_TRACING */ + static inline void mmap_init_lock(struct mm_struct *mm) { init_rwsem(&mm->mmap_lock); @@ -13,57 +67,86 @@ static inline void mmap_init_lock(struct mm_struct *mm)

static inline void mmap_write_lock(struct mm_struct *mm) { + __mmap_lock_trace_start_locking(mm, true); down_write(&mm->mmap_lock); + __mmap_lock_trace_acquire_returned(mm, true, true); }

static inline void mmap_write_lock_nested(struct mm_struct *mm, int subclass) { + __mmap_lock_trace_start_locking(mm, true); down_write_nested(&mm->mmap_lock, subclass); + __mmap_lock_trace_acquire_returned(mm, true, true); }

static inline int mmap_write_lock_killable(struct mm_struct *mm) { - return down_write_killable(&mm->mmap_lock); + int ret; + + __mmap_lock_trace_start_locking(mm, true); + ret = down_write_killable(&mm->mmap_lock); + __mmap_lock_trace_acquire_returned(mm, true, ret == 0); + return ret; }

static inline bool mmap_write_trylock(struct mm_struct *mm) { - return down_write_trylock(&mm->mmap_lock) != 0; + bool ret; + + __mmap_lock_trace_start_locking(mm, true); + ret = down_write_trylock(&mm->mmap_lock) != 0; + __mmap_lock_trace_acquire_returned(mm, true, ret); + return ret; }

static inline void mmap_write_unlock(struct mm_struct *mm) { up_write(&mm->mmap_lock); + __mmap_lock_trace_released(mm, true); }

static inline void mmap_write_downgrade(struct mm_struct *mm) { downgrade_write(&mm->mmap_lock); + __mmap_lock_trace_acquire_returned(mm, false, true); }

static inline void mmap_read_lock(struct mm_struct *mm) { + __mmap_lock_trace_start_locking(mm, false); down_read(&mm->mmap_lock); + __mmap_lock_trace_acquire_returned(mm, false, true); }

static inline int mmap_read_lock_killable(struct mm_struct *mm) { - return down_read_killable(&mm->mmap_lock); + int ret; + + __mmap_lock_trace_start_locking(mm, false); + ret = down_read_killable(&mm->mmap_lock); + __mmap_lock_trace_acquire_returned(mm, false, ret == 0); + return ret; }

static inline bool mmap_read_trylock(struct mm_struct *mm) { - return down_read_trylock(&mm->mmap_lock) != 0; + bool ret; + + __mmap_lock_trace_start_locking(mm, false); + ret = down_read_trylock(&mm->mmap_lock) != 0; + __mmap_lock_trace_acquire_returned(mm, false, ret); + return ret; }

static inline void mmap_read_unlock(struct mm_struct *mm) { up_read(&mm->mmap_lock); + __mmap_lock_trace_released(mm, false); }

static inline bool mmap_read_trylock_non_owner(struct mm_struct *mm) { - if (down_read_trylock(&mm->mmap_lock)) { + if (mmap_read_trylock(mm)) { rwsem_release(&mm->mmap_lock.dep_map, _RET_IP_); return true; } @@ -73,6 +156,7 @@ static inline bool mmap_read_trylock_non_owner(struct mm_struct *mm) static inline void mmap_read_unlock_non_owner(struct mm_struct *mm) { up_read_non_owner(&mm->mmap_lock); + __mmap_lock_trace_released(mm, false); }

static inline void mmap_assert_locked(struct mm_struct *mm) diff --git a/include/trace/events/mmap_lock.h b/include/trace/events/mmap_lock.h new file mode 100644 index 000000000000..0abff67b96f0 --- /dev/null +++ b/include/trace/events/mmap_lock.h @@ -0,0 +1,107 @@ +/* SPDX-License-Identifier: GPL-2.0 */ +#undef TRACE_SYSTEM +#define TRACE_SYSTEM mmap_lock + +#if !defined(_TRACE_MMAP_LOCK_H) || defined(TRACE_HEADER_MULTI_READ) +#define _TRACE_MMAP_LOCK_H + +#include <linux/tracepoint.h> +#include <linux/types.h> + +struct mm_struct; + +extern int trace_mmap_lock_reg(void); +extern void trace_mmap_lock_unreg(void); + +TRACE_EVENT_FN(mmap_lock_start_locking, + + TP_PROTO(struct mm_struct *mm, const char *memcg_path, bool write), + + TP_ARGS(mm, memcg_path, write), + + TP_STRUCT__entry( + __field(struct mm_struct *, mm) + __string(memcg_path, memcg_path) + __field(bool, write) + ), + + TP_fast_assign( + __entry->mm = mm; + __assign_str(memcg_path, memcg_path); + __entry->write = write; + ), + + TP_printk( + "mm=%p memcg_path=%s write=%s\n", + __entry->mm, + __get_str(memcg_path), + __entry->write ? "true" : "false" + ), + + trace_mmap_lock_reg, trace_mmap_lock_unreg +); + +TRACE_EVENT_FN(mmap_lock_acquire_returned, + + TP_PROTO(struct mm_struct *mm, const char *memcg_path, bool write, + bool success), + + TP_ARGS(mm, memcg_path, write, success), + + TP_STRUCT__entry( + __field(struct mm_struct *, mm) + __string(memcg_path, memcg_path) + __field(bool, write) + __field(bool, success) + ), + + TP_fast_assign( + __entry->mm = mm; + __assign_str(memcg_path, memcg_path); + __entry->write = write; + __entry->success = success; + ), + + TP_printk( + "mm=%p memcg_path=%s write=%s success=%s\n", + __entry->mm, + __get_str(memcg_path), + __entry->write ? "true" : "false", + __entry->success ? "true" : "false" + ), + + trace_mmap_lock_reg, trace_mmap_lock_unreg +); + +TRACE_EVENT_FN(mmap_lock_released, + + TP_PROTO(struct mm_struct *mm, const char *memcg_path, bool write), + + TP_ARGS(mm, memcg_path, write), + + TP_STRUCT__entry( + __field(struct mm_struct *, mm) + __string(memcg_path, memcg_path) + __field(bool, write) + ), + + TP_fast_assign( + __entry->mm = mm; + __assign_str(memcg_path, memcg_path); + __entry->write = write; + ), + + TP_printk( + "mm=%p memcg_path=%s write=%s\n", + __entry->mm, + __get_str(memcg_path), + __entry->write ? "true" : "false" + ), + + trace_mmap_lock_reg, trace_mmap_lock_unreg +); + +#endif /* _TRACE_MMAP_LOCK_H */ + +/* This part must be outside protection */ +#include <trace/define_trace.h> diff --git a/mm/Makefile b/mm/Makefile index f3dce99ee62f..4b0b5e7af40f 100644 --- a/mm/Makefile +++ b/mm/Makefile @@ -52,7 +52,7 @@ obj-y := filemap.o mempool.o oom_kill.o fadvise.o \ mm_init.o percpu.o slab_common.o \ compaction.o vmacache.o \ interval_tree.o list_lru.o workingset.o \ - debug.o gup.o $(mmu-y) + debug.o gup.o mmap_lock.o $(mmu-y)

# Give 'page_alloc' its own module-parameter namespace page-alloc-y := page_alloc.o diff --git a/mm/mmap_lock.c b/mm/mmap_lock.c new file mode 100644 index 000000000000..dcdde4f722a4 --- /dev/null +++ b/mm/mmap_lock.c @@ -0,0 +1,230 @@ +// SPDX-License-Identifier: GPL-2.0 +#define CREATE_TRACE_POINTS +#include <trace/events/mmap_lock.h> + +#include <linux/mm.h> +#include <linux/cgroup.h> +#include <linux/memcontrol.h> +#include <linux/mmap_lock.h> +#include <linux/mutex.h> +#include <linux/percpu.h> +#include <linux/rcupdate.h> +#include <linux/smp.h> +#include <linux/trace_events.h> + +EXPORT_TRACEPOINT_SYMBOL(mmap_lock_start_locking); +EXPORT_TRACEPOINT_SYMBOL(mmap_lock_acquire_returned); +EXPORT_TRACEPOINT_SYMBOL(mmap_lock_released); + +#ifdef CONFIG_MEMCG + +/* + * Our various events all share the same buffer (because we don't want or need + * to allocate a set of buffers *per event type*), so we need to protect against + * concurrent _reg() and _unreg() calls, and count how many _reg() calls have + * been made. + */ +static DEFINE_MUTEX(reg_lock); +static int reg_refcount; /* Protected by reg_lock. */ + +/* + * Size of the buffer for memcg path names. Ignoring stack trace support, + * trace_events_hist.c uses MAX_FILTER_STR_VAL for this, so we also use it. + */ +#define MEMCG_PATH_BUF_SIZE MAX_FILTER_STR_VAL + +/* + * How many contexts our trace events might be called in: normal, softirq, irq, + * and NMI. + */ +#define CONTEXT_COUNT 4 + +static DEFINE_PER_CPU(char __rcu *, memcg_path_buf); +static char **tmp_bufs; +static DEFINE_PER_CPU(int, memcg_path_buf_idx); + +/* Called with reg_lock held. */ +static void free_memcg_path_bufs(void) +{ + int cpu; + char **old = tmp_bufs; + + for_each_possible_cpu(cpu) { + *(old++) = rcu_dereference_protected( + per_cpu(memcg_path_buf, cpu), + lockdep_is_held(&reg_lock)); + rcu_assign_pointer(per_cpu(memcg_path_buf, cpu), NULL); + } + + /* Wait for inflight memcg_path_buf users to finish. */ + synchronize_rcu(); + + old = tmp_bufs; + for_each_possible_cpu(cpu) { + kfree(*(old++)); + } + + kfree(tmp_bufs); + tmp_bufs = NULL; +} + +int trace_mmap_lock_reg(void) +{ + int cpu; + char *new; + + mutex_lock(&reg_lock); + + /* If the refcount is going 0->1, proceed with allocating buffers. */ + if (reg_refcount++) + goto out; + + tmp_bufs = kmalloc_array(num_possible_cpus(), sizeof(*tmp_bufs), + GFP_KERNEL); + if (tmp_bufs == NULL) + goto out_fail; + + for_each_possible_cpu(cpu) { + new = kmalloc(MEMCG_PATH_BUF_SIZE * CONTEXT_COUNT, GFP_KERNEL); + if (new == NULL) + goto out_fail_free; + rcu_assign_pointer(per_cpu(memcg_path_buf, cpu), new); + /* Don't need to wait for inflights, they'd have gotten NULL. */ + } + +out: + mutex_unlock(&reg_lock); + return 0; + +out_fail_free: + free_memcg_path_bufs(); +out_fail: + /* Since we failed, undo the earlier ref increment. */ + --reg_refcount; + + mutex_unlock(&reg_lock); + return -ENOMEM; +} + +void trace_mmap_lock_unreg(void) +{ + mutex_lock(&reg_lock); + + /* If the refcount is going 1->0, proceed with freeing buffers. */ + if (--reg_refcount) + goto out; + + free_memcg_path_bufs(); + +out: + mutex_unlock(&reg_lock); +} + +static inline char *get_memcg_path_buf(void) +{ + char *buf; + int idx; + + rcu_read_lock(); + buf = rcu_dereference(*this_cpu_ptr(&memcg_path_buf)); + if (buf == NULL) { + rcu_read_unlock(); + return NULL; + } + idx = this_cpu_add_return(memcg_path_buf_idx, MEMCG_PATH_BUF_SIZE) - + MEMCG_PATH_BUF_SIZE; + return &buf[idx]; +} + +static inline void put_memcg_path_buf(void) +{ + this_cpu_sub(memcg_path_buf_idx, MEMCG_PATH_BUF_SIZE); + rcu_read_unlock(); +} + +/* + * Write the given mm_struct's memcg path to a percpu buffer, and return a + * pointer to it. If the path cannot be determined, or no buffer was available + * (because the trace event is being unregistered), NULL is returned. + * + * Note: buffers are allocated per-cpu to avoid locking, so preemption must be + * disabled by the caller before calling us, and re-enabled only after the + * caller is done with the pointer. + * + * The caller must call put_memcg_path_buf() once the buffer is no longer + * needed. This must be done while preemption is still disabled. + */ +static const char *get_mm_memcg_path(struct mm_struct *mm) +{ + char *buf = NULL; + struct mem_cgroup *memcg = get_mem_cgroup_from_mm(mm); + + if (memcg == NULL) + goto out; + if (unlikely(memcg->css.cgroup == NULL)) + goto out_put; + + buf = get_memcg_path_buf(); + if (buf == NULL) + goto out_put; + + cgroup_path(memcg->css.cgroup, buf, MEMCG_PATH_BUF_SIZE); + +out_put: + css_put(&memcg->css); +out: + return buf; +} + +#define TRACE_MMAP_LOCK_EVENT(type, mm, ...) \ + do { \ + const char *memcg_path; \ + preempt_disable(); \ + memcg_path = get_mm_memcg_path(mm); \ + trace_mmap_lock_##type(mm, \ + memcg_path != NULL ? memcg_path : "", \ + ##__VA_ARGS__); \ + if (likely(memcg_path != NULL)) \ + put_memcg_path_buf(); \ + preempt_enable(); \ + } while (0) + +#else /* !CONFIG_MEMCG */ + +int trace_mmap_lock_reg(void) +{ + return 0; +} + +void trace_mmap_lock_unreg(void) +{ +} + +#define TRACE_MMAP_LOCK_EVENT(type, mm, ...) \ + trace_mmap_lock_##type(mm, "", ##__VA_ARGS__) + +#endif /* CONFIG_MEMCG */ + +/* + * Trace calls must be in a separate file, as otherwise there's a circular + * dependency between linux/mmap_lock.h and trace/events/mmap_lock.h. + */ + +void __mmap_lock_do_trace_start_locking(struct mm_struct *mm, bool write) +{ + TRACE_MMAP_LOCK_EVENT(start_locking, mm, write); +} +EXPORT_SYMBOL(__mmap_lock_do_trace_start_locking); + +void __mmap_lock_do_trace_acquire_returned(struct mm_struct *mm, bool write, + bool success) +{ + TRACE_MMAP_LOCK_EVENT(acquire_returned, mm, write, success); +} +EXPORT_SYMBOL(__mmap_lock_do_trace_acquire_returned); + +void __mmap_lock_do_trace_released(struct mm_struct *mm, bool write) +{ + TRACE_MMAP_LOCK_EVENT(released, mm, write); +} +EXPORT_SYMBOL(__mmap_lock_do_trace_released);

From: Mel Gorman mgorman@techsingularity.net

mainline inclusion from mainline-5.14-rc1 commit d01079f3d0c0a9e306ffbdb2694c5281bd9e065e category: feature bugzilla: https://gitee.com/openeuler/kernel/issues/I4RL0T CVE: NA

Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?i...

-------------------------------------------------

make W=1 generates the following warning in mmap_lock.c for allnoconfig

mm/mmap_lock.c:213:6: warning: no previous prototype for `__mmap_lock_do_trace_start_locking' [-Wmissing-prototypes] void __mmap_lock_do_trace_start_locking(struct mm_struct *mm, bool write) ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ mm/mmap_lock.c:219:6: warning: no previous prototype for `__mmap_lock_do_trace_acquire_returned' [-Wmissing-prototypes] void __mmap_lock_do_trace_acquire_returned(struct mm_struct *mm, bool write, ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ mm/mmap_lock.c:226:6: warning: no previous prototype for `__mmap_lock_do_trace_released' [-Wmissing-prototypes] void __mmap_lock_do_trace_released(struct mm_struct *mm, bool write)

On !CONFIG_TRACING configurations, the code is dead so put it behind an #ifdef.

[cuibixuan@huawei.com: fix warning when CONFIG_TRACING is not defined] Link: https://lkml.kernel.org/r/20210531033426.74031-1-cuibixuan@huawei.com

Link: https://lkml.kernel.org/r/20210520084809.8576-13-mgorman@techsingularity.net Signed-off-by: Mel Gorman mgorman@techsingularity.net Signed-off-by: Bixuan Cui cuibixuan@huawei.com Reviewed-by: Yang Shi shy828301@gmail.com Acked-by: Vlastimil Babka vbabka@suse.cz Cc: Dan Streetman ddstreet@ieee.org Cc: David Hildenbrand david@redhat.com Cc: Michal Hocko mhocko@kernel.org Signed-off-by: Andrew Morton akpm@linux-foundation.org Signed-off-by: Linus Torvalds torvalds@linux-foundation.org (cherry picked from commit d01079f3d0c0a9e306ffbdb2694c5281bd9e065e) Signed-off-by: Yongqiang Liu liuyongqiang13@huawei.com Reviewed-by: Kefeng Wangwangkefeng.wang@huawei.com Signed-off-by: Zheng Zengkai zhengzengkai@huawei.com --- mm/mmap_lock.c | 59 +++++++++++++++++++++++++++----------------------- 1 file changed, 32 insertions(+), 27 deletions(-)

diff --git a/mm/mmap_lock.c b/mm/mmap_lock.c index 2ae3f33b85b1..f5852a058ce0 100644 --- a/mm/mmap_lock.c +++ b/mm/mmap_lock.c @@ -153,6 +153,37 @@ static inline void put_memcg_path_buf(void) rcu_read_unlock(); }

+#define TRACE_MMAP_LOCK_EVENT(type, mm, ...) \ + do { \ + const char *memcg_path; \ + preempt_disable(); \ + memcg_path = get_mm_memcg_path(mm); \ + trace_mmap_lock_##type(mm, \ + memcg_path != NULL ? memcg_path : "", \ + ##__VA_ARGS__); \ + if (likely(memcg_path != NULL)) \ + put_memcg_path_buf(); \ + preempt_enable(); \ + } while (0) + +#else /* !CONFIG_MEMCG */ + +int trace_mmap_lock_reg(void) +{ + return 0; +} + +void trace_mmap_lock_unreg(void) +{ +} + +#define TRACE_MMAP_LOCK_EVENT(type, mm, ...) \ + trace_mmap_lock_##type(mm, "", ##__VA_ARGS__) + +#endif /* CONFIG_MEMCG */ + +#ifdef CONFIG_TRACING +#ifdef CONFIG_MEMCG /* * Write the given mm_struct's memcg path to a percpu buffer, and return a * pointer to it. If the path cannot be determined, or no buffer was available @@ -187,33 +218,6 @@ static const char *get_mm_memcg_path(struct mm_struct *mm) return buf; }

-#define TRACE_MMAP_LOCK_EVENT(type, mm, ...) \ - do { \ - const char *memcg_path; \ - local_lock(&memcg_paths.lock); \ - memcg_path = get_mm_memcg_path(mm); \ - trace_mmap_lock_##type(mm, \ - memcg_path != NULL ? memcg_path : "", \ - ##__VA_ARGS__); \ - if (likely(memcg_path != NULL)) \ - put_memcg_path_buf(); \ - local_unlock(&memcg_paths.lock); \ - } while (0) - -#else /* !CONFIG_MEMCG */ - -int trace_mmap_lock_reg(void) -{ - return 0; -} - -void trace_mmap_lock_unreg(void) -{ -} - -#define TRACE_MMAP_LOCK_EVENT(type, mm, ...) \ - trace_mmap_lock_##type(mm, "", ##__VA_ARGS__) - #endif /* CONFIG_MEMCG */

/* @@ -239,3 +243,4 @@ void __mmap_lock_do_trace_released(struct mm_struct *mm, bool write) TRACE_MMAP_LOCK_EVENT(released, mm, write); } EXPORT_SYMBOL(__mmap_lock_do_trace_released); +#endif /* CONFIG_TRACING */

From: Liam Howlett liam.howlett@oracle.com

mainline inclusion from mainline-5.15-rc1 commit 10994316089c9682f2fbe0be0b1e82bcaf5f4e8c category: feature bugzilla: https://gitee.com/openeuler/kernel/issues/I4RL0T CVE: NA

Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?i...

-------------------------------------------------

Print to the trace log before releasing the lock to avoid racing with other trace log printers of the same lock type.

Link: https://lkml.kernel.org/r/20210903022041.1843024-1-Liam.Howlett@oracle.com Signed-off-by: Liam R. Howlett Liam.Howlett@oracle.com Suggested-by: Steven Rostedt (VMware) rostedt@goodmis.org Reviewed-by: Matthew Wilcox (Oracle) willy@infradead.org Cc: Michel Lespinasse walken.cr@gmail.com Cc: Vlastimil Babka vbabka@suse.cz Signed-off-by: Andrew Morton akpm@linux-foundation.org Signed-off-by: Linus Torvalds torvalds@linux-foundation.org (cherry picked from commit 10994316089c9682f2fbe0be0b1e82bcaf5f4e8c) Signed-off-by: Yongqiang Liu liuyongqiang13@huawei.com Reviewed-by: Kefeng Wangwangkefeng.wang@huawei.com Signed-off-by: Zheng Zengkai zhengzengkai@huawei.com --- include/linux/mmap_lock.h | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/include/linux/mmap_lock.h b/include/linux/mmap_lock.h index 0540f0156f58..b179f1e3541a 100644 --- a/include/linux/mmap_lock.h +++ b/include/linux/mmap_lock.h @@ -101,14 +101,14 @@ static inline bool mmap_write_trylock(struct mm_struct *mm)

static inline void mmap_write_unlock(struct mm_struct *mm) { - up_write(&mm->mmap_lock); __mmap_lock_trace_released(mm, true); + up_write(&mm->mmap_lock); }

static inline void mmap_write_downgrade(struct mm_struct *mm) { - downgrade_write(&mm->mmap_lock); __mmap_lock_trace_acquire_returned(mm, false, true); + downgrade_write(&mm->mmap_lock); }

static inline void mmap_read_lock(struct mm_struct *mm) @@ -140,8 +140,8 @@ static inline bool mmap_read_trylock(struct mm_struct *mm)

static inline void mmap_read_unlock(struct mm_struct *mm) { - up_read(&mm->mmap_lock); __mmap_lock_trace_released(mm, false); + up_read(&mm->mmap_lock); }

static inline bool mmap_read_trylock_non_owner(struct mm_struct *mm) @@ -155,8 +155,8 @@ static inline bool mmap_read_trylock_non_owner(struct mm_struct *mm)

static inline void mmap_read_unlock_non_owner(struct mm_struct *mm) { - up_read_non_owner(&mm->mmap_lock); __mmap_lock_trace_released(mm, false); + up_read_non_owner(&mm->mmap_lock); }

static inline void mmap_assert_locked(struct mm_struct *mm)

From: Ye Bin yebin10@huawei.com

mainline inclusion from mainline-v5.17-rc1 commit 298b5c521746d69c07beb2757292fb5ccc1b0f85 category: bugfix bugzilla: https://gitee.com/openeuler/kernel/issues/I4RPAD?from=project-issue CVE: NA

--------------------------------

We got issue as follows when run syzkaller test: [ 1901.130043] EXT4-fs error (device vda): ext4_remount:5624: comm syz-executor.5: Abort forced by user [ 1901.130901] Aborting journal on device vda-8. [ 1901.131437] EXT4-fs error (device vda): ext4_journal_check_start:61: comm syz-executor.16: Detected aborted journal [ 1901.131566] EXT4-fs error (device vda): ext4_journal_check_start:61: comm syz-executor.11: Detected aborted journal [ 1901.132586] EXT4-fs error (device vda): ext4_journal_check_start:61: comm syz-executor.18: Detected aborted journal [ 1901.132751] EXT4-fs error (device vda): ext4_journal_check_start:61: comm syz-executor.9: Detected aborted journal [ 1901.136149] EXT4-fs error (device vda) in ext4_reserve_inode_write:6035: Journal has aborted [ 1901.136837] EXT4-fs error (device vda): ext4_journal_check_start:61: comm syz-fuzzer: Detected aborted journal [ 1901.136915] ================================================================== [ 1901.138175] BUG: KASAN: null-ptr-deref in __ext4_journal_ensure_credits+0x74/0x140 [ext4] [ 1901.138343] EXT4-fs error (device vda): ext4_journal_check_start:61: comm syz-executor.13: Detected aborted journal [ 1901.138398] EXT4-fs error (device vda): ext4_journal_check_start:61: comm syz-executor.1: Detected aborted journal [ 1901.138808] Read of size 8 at addr 0000000000000000 by task syz-executor.17/968 [ 1901.138817] [ 1901.138852] EXT4-fs error (device vda): ext4_journal_check_start:61: comm syz-executor.30: Detected aborted journal [ 1901.144779] CPU: 1 PID: 968 Comm: syz-executor.17 Not tainted 4.19.90-vhulk2111.1.0.h893.eulerosv2r10.aarch64+ #1 [ 1901.146479] Hardware name: linux,dummy-virt (DT) [ 1901.147317] Call trace: [ 1901.147552] dump_backtrace+0x0/0x2d8 [ 1901.147898] show_stack+0x28/0x38 [ 1901.148215] dump_stack+0xec/0x15c [ 1901.148746] kasan_report+0x108/0x338 [ 1901.149207] __asan_load8+0x58/0xb0 [ 1901.149753] __ext4_journal_ensure_credits+0x74/0x140 [ext4] [ 1901.150579] ext4_xattr_delete_inode+0xe4/0x700 [ext4] [ 1901.151316] ext4_evict_inode+0x524/0xba8 [ext4] [ 1901.151985] evict+0x1a4/0x378 [ 1901.152353] iput+0x310/0x428 [ 1901.152733] do_unlinkat+0x260/0x428 [ 1901.153056] __arm64_sys_unlinkat+0x6c/0xc0 [ 1901.153455] el0_svc_common+0xc8/0x320 [ 1901.153799] el0_svc_handler+0xf8/0x160 [ 1901.154265] el0_svc+0x10/0x218 [ 1901.154682] ==================================================================

This issue may happens like this: Process1 Process2 ext4_evict_inode ext4_journal_start ext4_truncate ext4_ind_truncate ext4_free_branches ext4_ind_truncate_ensure_credits ext4_journal_ensure_credits_fn ext4_journal_restart handle->h_transaction = NULL; mount -o remount,abort /mnt -> trigger JBD abort start_this_handle -> will return failed ext4_xattr_delete_inode ext4_journal_ensure_credits ext4_journal_ensure_credits_fn __ext4_journal_ensure_credits jbd2_handle_buffer_credits journal = handle->h_transaction->t_journal; ->null-ptr-deref

Now, indirect truncate process didn't handle error. To solve this issue maybe simply add check handle is abort in '__ext4_journal_ensure_credits' is enough, and i also think this is necessary.

Cc: stable@kernel.org Signed-off-by: Ye Bin yebin10@huawei.com Link: https://lore.kernel.org/r/20211224100341.3299128-1-yebin10@huawei.com Signed-off-by: Theodore Ts'o tytso@mit.edu Signed-off-by: Ye Bin yebin10@huawei.com Reviewed-by: Zhang Yi yi.zhang@huawei.com Signed-off-by: Zheng Zengkai zhengzengkai@huawei.com --- fs/ext4/ext4_jbd2.c | 2 ++ 1 file changed, 2 insertions(+)

diff --git a/fs/ext4/ext4_jbd2.c b/fs/ext4/ext4_jbd2.c index b96ecba91899..b53e1d0b13fc 100644 --- a/fs/ext4/ext4_jbd2.c +++ b/fs/ext4/ext4_jbd2.c @@ -162,6 +162,8 @@ int __ext4_journal_ensure_credits(handle_t *handle, int check_cred, { if (!ext4_handle_valid(handle)) return 0; + if (is_handle_aborted(handle)) + return -EROFS; if (jbd2_handle_buffer_credits(handle) >= check_cred && handle->h_revoke_credits >= revoke_cred) return 0;

From: Liu Shixin liushixin2@huawei.com

hulk inclusion category: feature bugzilla: 46904, https://gitee.com/openeuler/kernel/issues/I4RO84 CVE: NA

--------------------------------

Export PG_pool page flag in /proc/kpageflags.

27. KPF_POOL page is allocated from hpool.

By using this tool, we can easily count the number of pages allocated from dynamic hugetlb pool by a process or a file.

Signed-off-by: Liu Shixin liushixin2@huawei.com Reviewed-by: Kefeng Wang wangkefeng.wang@huawei.com Reviewed-by: Kefeng Wang wangkefeng.wang@huawei.com Signed-off-by: Zheng Zengkai zhengzengkai@huawei.com --- fs/proc/page.c | 1 + include/uapi/linux/kernel-page-flags.h | 1 + tools/vm/page-types.c | 1 + 3 files changed, 3 insertions(+)

diff --git a/fs/proc/page.c b/fs/proc/page.c index 9f1077d94cde..d00c23d543fe 100644 --- a/fs/proc/page.c +++ b/fs/proc/page.c @@ -220,6 +220,7 @@ u64 stable_page_flags(struct page *page) #ifdef CONFIG_64BIT u |= kpf_copy_bit(k, KPF_ARCH_2, PG_arch_2); #endif + u |= kpf_copy_bit(k, KPF_POOL, PG_pool);

return u; }; diff --git a/include/uapi/linux/kernel-page-flags.h b/include/uapi/linux/kernel-page-flags.h index 6f2f2720f3ac..f8297cb68bdd 100644 --- a/include/uapi/linux/kernel-page-flags.h +++ b/include/uapi/linux/kernel-page-flags.h @@ -36,5 +36,6 @@ #define KPF_ZERO_PAGE 24 #define KPF_IDLE 25 #define KPF_PGTABLE 26 +#define KPF_POOL 27

#endif /* _UAPILINUX_KERNEL_PAGE_FLAGS_H */ diff --git a/tools/vm/page-types.c b/tools/vm/page-types.c index f62f10c988db..6034477926d6 100644 --- a/tools/vm/page-types.c +++ b/tools/vm/page-types.c @@ -126,6 +126,7 @@ static const char * const page_flag_names[] = { [KPF_PGTABLE] = "g:pgtable", [KPF_ZERO_PAGE] = "z:zero_page", [KPF_IDLE] = "i:idle_page", + [KPF_POOL] = "h:hpool",

[KPF_RESERVED] = "r:reserved", [KPF_MLOCKED] = "m:mlocked",

From: Todd Kjos tkjos@google.com

aosp inclusion category: feature bugzilla: https://gitee.com/openeuler/kernel/issues/I4RCS8 CVE: NA

Reference: https://android.googlesource.com/kernel/common/+/e706f27c765b

---------------------------

Because of the multi-inclusion oddities of tracepoints, the multi-inclusion protection in vendor_hooks.h caused issues if more than 1 vendor hook header file with restricted vendor hooks defined were included with "CREATE_TRACE_POINTS" defined (redefinition of symbol errors).

The problem is fixed by removing the multiple-inclusion protection as is done for regular tracepoints.

Fixes: 7f62740112ef ("ANDROID: add support for vendor hooks") Bug: 163076069 Signed-off-by: Todd Kjos tkjos@google.com Change-Id: Ic177db1693a6a2db58f08917e9115c7e6c2971b6 Signed-off-by: Jialin Zhang zhangjialin11@huawei.com Reviewed-by: Wei Li liwei391@huawei.com Reviewed-by: Xie XiuQi xiexiuqi@huawei.com Signed-off-by: Zheng Zengkai zhengzengkai@huawei.com --- include/trace/hooks/vendor_hooks.h | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-)

diff --git a/include/trace/hooks/vendor_hooks.h b/include/trace/hooks/vendor_hooks.h index 9d9ae21895dd..8a3fdb9222e5 100644 --- a/include/trace/hooks/vendor_hooks.h +++ b/include/trace/hooks/vendor_hooks.h @@ -1,7 +1,11 @@ /* SPDX-License-Identifier: GPL-2.0 */

-#if !defined(_TRACE_VENDOR_HOOKS_H) || defined(TRACE_HEADER_MULTI_READ) -#define _TRACE_VENDOR_HOOKS_H +/* + * Note: we intentionally omit include file ifdef protection + * This is due to the way trace events work. If a file includes two + * trace event headers under one "CREATE_TRACE_POINTS" the first include + * will override the DECLARE_RESTRICTED_HOOK and break the second include. + */

#include <linux/tracepoint.h>

@@ -13,6 +17,7 @@ #define DECLARE_RESTRICTED_HOOK(name, proto, args, cond) \ DEFINE_TRACE(name)

+ /* prevent additional recursion */ #undef TRACE_HEADER_MULTI_READ #else /* TRACE_HEADER_MULTI_READ */ @@ -61,6 +66,7 @@ } \ /* vendor hooks cannot be unregistered */ \

+#undef DECLARE_RESTRICTED_HOOK #define DECLARE_RESTRICTED_HOOK(name, proto, args, cond) \ __DECLARE_HOOK(name, PARAMS(proto), PARAMS(args), \ cond, \ @@ -68,5 +74,3 @@ PARAMS(__data, args))

#endif /* TRACE_HEADER_MULTI_READ */ - -#endif /* _TRACE_VENDOR_HOOKS_H */

From: Nick Desaulniers ndesaulniers@google.com

aosp inclusion category: feature bugzilla: https://gitee.com/openeuler/kernel/issues/I4RCS8 CVE: NA

Reference: https://android.googlesource.com/kernel/common/+/4cc2f83c77aa

---------------------------

After upstream 33def8498fdd ("treewide: Convert macro and uses of __section(foo) to __section("foo")"), the preprocessor macro __section now requires the section name to be double quoted.

This patch resolves breakage that results from merging down from mainline in this out of tree header.

Fixes: 33def8498fdd ("treewide: Convert macro and uses of __section(foo) to __section("foo")") Signed-off-by: Nick Desaulniers ndesaulniers@google.com Signed-off-by: Greg Kroah-Hartman gregkh@google.com Change-Id: Ie6a701251e6420e63187a466b43ec2c834e0ec2e Signed-off-by: Jialin Zhang zhangjialin11@huawei.com Reviewed-by: Wei Li liwei391@huawei.com Reviewed-by: Xie XiuQi xiexiuqi@huawei.com Signed-off-by: Zheng Zengkai zhengzengkai@huawei.com --- include/trace/hooks/vendor_hooks.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/include/trace/hooks/vendor_hooks.h b/include/trace/hooks/vendor_hooks.h index 8a7acb983c67..e6cabd366eeb 100644 --- a/include/trace/hooks/vendor_hooks.h +++ b/include/trace/hooks/vendor_hooks.h @@ -15,11 +15,11 @@

#define DEFINE_HOOK_FN(_name, _reg, _unreg, proto, args) \ static const char __tpstrtab_##_name[] \ - __section(__tracepoints_strings) = #_name; \ + __section("__tracepoints_strings") = #_name; \ extern struct static_call_key STATIC_CALL_KEY(tp_func_##_name); \ int __traceiter_##_name(void *__data, proto); \ struct tracepoint __tracepoint_##_name __used \ - __section(__tracepoints) = { \ + __section("__tracepoints") = { \ .name = __tpstrtab_##_name, \ .key = STATIC_KEY_INIT_FALSE, \ .static_call_key = &STATIC_CALL_KEY(tp_func_##_name), \

From: "Steven Rostedt (VMware)" rostedt@goodmis.org

mainline inclusion from mainline-v5.12-rc1 commit 1746fd4416ed5510fe9fdd6a93e49a436187b680 category: bugfix bugzilla: https://gitee.com/openeuler/kernel/issues/I4RCS8 CVE: NA

---------------------------

While working on a clean up that would restructure the difference between architectures that have static calls vs those that do not, I was stumbling over the "data_args" parameter that includes "__data" in the arguments. The issue was that one version didn't even need it, while the other one did. Instead of injecting a "__data = NULL;" into the macro for the unneeded version, just remove it completely.

The original idea behind data_args is that there may be a case of a tracepoint with no arguments. But this is considered bad practice, and all tracepoints should pass something to that location (that's what tracepoints were created for).

Link: https://lkml.kernel.org/r/20210208201050.768074128@goodmis.org

Acked-by: Peter Zijlstra (Intel) peterz@infradead.org Signed-off-by: Steven Rostedt (VMware) rostedt@goodmis.org Signed-off-by: Jialin Zhang zhangjialin11@huawei.com Reviewed-by: Wei Li liwei391@huawei.com Reviewed-by: Xie XiuQi xiexiuqi@huawei.com Signed-off-by: Zheng Zengkai zhengzengkai@huawei.com --- include/linux/tracepoint.h | 31 +++++++++++-------------------- 1 file changed, 11 insertions(+), 20 deletions(-)

diff --git a/include/linux/tracepoint.h b/include/linux/tracepoint.h index e4c5df71f0e7..b4b2cc56be8d 100644 --- a/include/linux/tracepoint.h +++ b/include/linux/tracepoint.h @@ -170,13 +170,8 @@ static inline struct tracepoint *tracepoint_ptr_deref(tracepoint_ptr_t *p) /* * it_func[0] is never NULL because there is at least one element in the array * when the array itself is non NULL. - * - * Note, the proto and args passed in includes "__data" as the first parameter. - * The reason for this is to handle the "void" prototype. If a tracepoint - * has a "void" prototype, then it is invalid to declare a function - * as "(void *, void)". */ -#define __DO_TRACE(name, proto, args, cond, rcuidle) \ +#define __DO_TRACE(name, args, cond, rcuidle) \ do { \ struct tracepoint_func *it_func_ptr; \ int __maybe_unused __idx = 0; \ @@ -204,7 +199,7 @@ static inline struct tracepoint *tracepoint_ptr_deref(tracepoint_ptr_t *p) rcu_dereference_raw((&__tracepoint_##name)->funcs); \ if (it_func_ptr) { \ __data = (it_func_ptr)->data; \ - __DO_TRACE_CALL(name)(args); \ + __DO_TRACE_CALL(name)(__data, args); \ } \ \ if (rcuidle) { \ @@ -216,17 +211,16 @@ static inline struct tracepoint *tracepoint_ptr_deref(tracepoint_ptr_t *p) } while (0)

#ifndef MODULE -#define __DECLARE_TRACE_RCU(name, proto, args, cond, data_proto, data_args) \ +#define __DECLARE_TRACE_RCU(name, proto, args, cond) \ static inline void trace_##name##_rcuidle(proto) \ { \ if (static_key_false(&__tracepoint_##name.key)) \ __DO_TRACE(name, \ - TP_PROTO(data_proto), \ - TP_ARGS(data_args), \ + TP_ARGS(args), \ TP_CONDITION(cond), 1); \ } #else -#define __DECLARE_TRACE_RCU(name, proto, args, cond, data_proto, data_args) +#define __DECLARE_TRACE_RCU(name, proto, args, cond) #endif

/* @@ -241,7 +235,7 @@ static inline struct tracepoint *tracepoint_ptr_deref(tracepoint_ptr_t *p) * even when this tracepoint is off. This code has no purpose other than * poking RCU a bit. */ -#define __DECLARE_TRACE(name, proto, args, cond, data_proto, data_args) \ +#define __DECLARE_TRACE(name, proto, args, cond, data_proto) \ extern int __traceiter_##name(data_proto); \ DECLARE_STATIC_CALL(tp_func_##name, __traceiter_##name); \ extern struct tracepoint __tracepoint_##name; \ @@ -249,8 +243,7 @@ static inline struct tracepoint *tracepoint_ptr_deref(tracepoint_ptr_t *p) { \ if (static_key_false(&__tracepoint_##name.key)) \ __DO_TRACE(name, \ - TP_PROTO(data_proto), \ - TP_ARGS(data_args), \ + TP_ARGS(args), \ TP_CONDITION(cond), 0); \ if (IS_ENABLED(CONFIG_LOCKDEP) && (cond)) { \ rcu_read_lock_sched_notrace(); \ @@ -259,7 +252,7 @@ static inline struct tracepoint *tracepoint_ptr_deref(tracepoint_ptr_t *p) } \ } \ __DECLARE_TRACE_RCU(name, PARAMS(proto), PARAMS(args), \ - PARAMS(cond), PARAMS(data_proto), PARAMS(data_args)) \ + PARAMS(cond)) \ static inline int \ register_trace_##name(void (*probe)(data_proto), void *data) \ { \ @@ -342,7 +335,7 @@ static inline struct tracepoint *tracepoint_ptr_deref(tracepoint_ptr_t *p)

#else /* !TRACEPOINTS_ENABLED */ -#define __DECLARE_TRACE(name, proto, args, cond, data_proto, data_args) \ +#define __DECLARE_TRACE(name, proto, args, cond, data_proto) \ static inline void trace_##name(proto) \ { } \ static inline void trace_##name##_rcuidle(proto) \ @@ -422,14 +415,12 @@ static inline struct tracepoint *tracepoint_ptr_deref(tracepoint_ptr_t *p) #define DECLARE_TRACE(name, proto, args) \ __DECLARE_TRACE(name, PARAMS(proto), PARAMS(args), \ cpu_online(raw_smp_processor_id()), \ - PARAMS(void *__data, proto), \ - PARAMS(__data, args)) + PARAMS(void *__data, proto))

#define DECLARE_TRACE_CONDITION(name, proto, args, cond) \ __DECLARE_TRACE(name, PARAMS(proto), PARAMS(args), \ cpu_online(raw_smp_processor_id()) && (PARAMS(cond)), \ - PARAMS(void *__data, proto), \ - PARAMS(__data, args)) + PARAMS(void *__data, proto))

#define TRACE_EVENT_FLAGS(event, flag)

From: Todd Kjos tkjos@google.com

aosp inclusion category: feature bugzilla: https://gitee.com/openeuler/kernel/issues/I4RCS8 CVE: NA

Reference: https://android.googlesource.com/kernel/common/+/51681321c0ef

---------------------------

In upstream commit d9a1be1be331 ("tracepoints: Do not punish non static call users"), tracepoint macros were refactored to optimize for static_call() cases. Since the Android-specific restricted vendor hook mechanism leverages tracehooks, this required equivalent refactoring in include/trace/hooks/vendor_hooks.h

Fixes: d9a1be1be331 ("tracepoints: Do not punish non static call users") Signed-off-by: Todd Kjos tkjos@google.com Change-Id: I2e01b34606e6ff0e577b76b57c47f601c32f626b Signed-off-by: Greg Kroah-Hartman gregkh@google.com Signed-off-by: Jialin Zhang zhangjialin11@huawei.com Reviewed-by: Wei Li liwei391@huawei.com Reviewed-by: Xie XiuQi xiexiuqi@huawei.com Signed-off-by: Zheng Zengkai zhengzengkai@huawei.com --- include/trace/hooks/vendor_hooks.h | 34 ++++++++++++++++++------------ 1 file changed, 20 insertions(+), 14 deletions(-)

diff --git a/include/trace/hooks/vendor_hooks.h b/include/trace/hooks/vendor_hooks.h index ef8c95aaebf0..3661e5056519 100644 --- a/include/trace/hooks/vendor_hooks.h +++ b/include/trace/hooks/vendor_hooks.h @@ -53,32 +53,39 @@ #undef TRACE_HEADER_MULTI_READ #else /* TRACE_HEADER_MULTI_READ */

-#define DO_HOOK(name, proto, args, cond) \ +#ifdef CONFIG_HAVE_STATIC_CALL +#define __DO_RESTRICTED_HOOK_CALL(name, args) \ do { \ struct tracepoint_func *it_func_ptr; \ void *__data; \ - \ - if (!(cond)) \ - return; \ - \ it_func_ptr = (&__tracepoint_##name)->funcs; \ if (it_func_ptr) { \ __data = (it_func_ptr)->data; \ - __DO_TRACE_CALL(name)(args); \ + static_call(tp_func_##name)(__data, args); \ } \ } while (0) +#else +#define __DO_RESTRICTED_HOOK_CALL(name, args) __traceiter_##name(NULL, args) +#endif + +#define DO_RESTRICTED_HOOK(name, args, cond) \ + do { \ + if (!(cond)) \ + return; \ + \ + __DO_RESTRICTED_HOOK_CALL(name, TP_ARGS(args)); \ + } while (0)

-#define __DECLARE_HOOK(name, proto, args, cond, data_proto, data_args) \ +#define __DECLARE_RESTRICTED_HOOK(name, proto, args, cond, data_proto) \ extern int __traceiter_##name(data_proto); \ DECLARE_STATIC_CALL(tp_func_##name, __traceiter_##name); \ extern struct tracepoint __tracepoint_##name; \ static inline void trace_##name(proto) \ { \ if (static_key_false(&__tracepoint_##name.key)) \ - DO_HOOK(name, \ - TP_PROTO(data_proto), \ - TP_ARGS(data_args), \ - TP_CONDITION(cond)); \ + DO_RESTRICTED_HOOK(name, \ + TP_ARGS(args), \ + TP_CONDITION(cond)); \ } \ static inline bool \ trace_##name##_enabled(void) \ @@ -98,10 +105,9 @@

#undef DECLARE_RESTRICTED_HOOK #define DECLARE_RESTRICTED_HOOK(name, proto, args, cond) \ - __DECLARE_HOOK(name, PARAMS(proto), PARAMS(args), \ + __DECLARE_RESTRICTED_HOOK(name, PARAMS(proto), PARAMS(args), \ cond, \ - PARAMS(void *__data, proto), \ - PARAMS(__data, args)) + PARAMS(void *__data, proto))

#endif /* TRACE_HEADER_MULTI_READ */

From: Jialin Zhang zhangjialin11@huawei.com

hulk inclusion category: feature bugzilla: https://gitee.com/openeuler/kernel/issues/I4RCS8 CVE: NA

---------------------------

Enable CONFIG_VENDOR_HOOKS for x86 and arm64 by default.

Signed-off-by: Jialin Zhang zhangjialin11@huawei.com Reviewed-by: Wei Li liwei391@huawei.com Reviewed-by: Xie XiuQi xiexiuqi@huawei.com Signed-off-by: Zheng Zengkai zhengzengkai@huawei.com --- arch/arm64/configs/openeuler_defconfig | 6 ++++++ arch/x86/configs/openeuler_defconfig | 6 ++++++ 2 files changed, 12 insertions(+)

diff --git a/arch/arm64/configs/openeuler_defconfig b/arch/arm64/configs/openeuler_defconfig index d8eda75eb784..7ae6b2c053be 100644 --- a/arch/arm64/configs/openeuler_defconfig +++ b/arch/arm64/configs/openeuler_defconfig @@ -6027,6 +6027,12 @@ CONFIG_USB4=m # CONFIG_ANDROID is not set # end of Android

+# +# Vendor Hooks +# +CONFIG_VENDOR_HOOKS=y +# end of Vendor Hooks + CONFIG_LIBNVDIMM=m CONFIG_BLK_DEV_PMEM=m CONFIG_ND_BLK=m diff --git a/arch/x86/configs/openeuler_defconfig b/arch/x86/configs/openeuler_defconfig index 443299650f6a..dd41eb690608 100644 --- a/arch/x86/configs/openeuler_defconfig +++ b/arch/x86/configs/openeuler_defconfig @@ -7373,6 +7373,12 @@ CONFIG_RAS=y # CONFIG_ANDROID is not set # end of Android

+# +# Vendor Hooks +# +CONFIG_VENDOR_HOOKS=y +# end of Vendor Hooks + CONFIG_LIBNVDIMM=m CONFIG_BLK_DEV_PMEM=m CONFIG_ND_BLK=m

From: Zhuling zhuling8@huawei.com

hulk inclusion category: feature bugzilla: https://gitee.com/openeuler/kernel/issues/I4O31I

----------------------------

This patch is to support persistent memory(legacy) register on arm64.

Firstly, support memory region marked as protected memory, which removed from memblock, the ranges for persistent memory are described by the 'memmap=nn[KMG]!ss[KMG]' kernel parameter", then they will be passed to the 'pmem' driver so they can be used for persistent storage. For now, the maximum memory regions supported is 8.

Secondly, add ARM64_PMEM_LEGACY Kconfig to select PMEM_LEGACY and PMEM_LEGACY_DEVICE to reuse the nvdimm resource discovery and pmem device registering mechanism provided by pmem_legacy.c and e820.c.

Note, the functions in those file should not only used by x86, but the file and function naming is x86 specific, will update after this feature upstreamed.

Here are steps to show how to use this feature on arm64, 1. setup the memmap kernel parameter, memmap=nn[KMG]!ss[KMG], eg, memmap=100K!0x1a0000000. 2. load nd_e820.ko driver, modprobe nd_e820. 3. check pmem device in /dev, eg, /dev/pmem0

Signed-off-by: Zhuling zhuling8@huawei.com Reviewed-by: Kefeng Wang wangkefeng.wang@huawei.com Signed-off-by: Zheng Zengkai zhengzengkai@huawei.com --- .../admin-guide/kernel-parameters.txt | 7 +- arch/arm64/Kconfig | 18 +++++ arch/arm64/kernel/setup.c | 4 ++ arch/arm64/mm/Makefile | 2 + arch/arm64/mm/init.c | 7 ++ arch/arm64/mm/pmem_reserve.c | 66 +++++++++++++++++++ arch/arm64/mm/pmem_reserve.h | 13 ++++ 7 files changed, 115 insertions(+), 2 deletions(-) create mode 100644 arch/arm64/mm/pmem_reserve.c create mode 100644 arch/arm64/mm/pmem_reserve.h

diff --git a/Documentation/admin-guide/kernel-parameters.txt b/Documentation/admin-guide/kernel-parameters.txt index 5a0a68b35bb1..4b38e33741e4 100644 --- a/Documentation/admin-guide/kernel-parameters.txt +++ b/Documentation/admin-guide/kernel-parameters.txt @@ -2831,10 +2831,13 @@ will be eaten.

memmap=nn[KMG]!ss[KMG] - [KNL,X86] Mark specific memory as protected. + [KNL,X86,ARM64] Mark specific memory as protected. Region of memory to be used, from ss to ss+nn. - The memory region may be marked as e820 type 12 (0xc) + [X86] The memory region may be marked as e820 type 12 (0xc) and is NVDIMM or ADR memory. + [ARM64] The maximum memory regions supported is 8. + Example: + memmap=100K!0x1a0000000

memmap=<size>%<offset>-<oldtype>+<newtype> [KNL,ACPI] Convert memory within the specified region diff --git a/arch/arm64/Kconfig b/arch/arm64/Kconfig index 2cab963563d9..e0c2f9a1a256 100644 --- a/arch/arm64/Kconfig +++ b/arch/arm64/Kconfig @@ -1325,6 +1325,24 @@ config RODATA_FULL_DEFAULT_ENABLED This requires the linear region to be mapped down to pages, which may adversely affect performance in some cases.

+config ARM64_PMEM_RESERVE + bool + +config ARM64_PMEM_LEGACY + tristate "Support Persistent Memory (legacy) register via protected memory" + depends on BLK_DEV + select ARM64_PMEM_RESERVE + select PMEM_LEGACY + select PMEM_LEGACY_DEVICE + select LIBNVDIMM + help + Protected memory ranges for persistent memory are described by the + 'memmap=nn[KMG]!ss[KMG]' kernel parameter". + The kernel will offer those memory regions to the 'pmem' driver so + they can be used for persistent storage. + + Say Y if unsure. + config ARM64_SW_TTBR0_PAN bool "Emulate Privileged Access Never using TTBR0_EL1 switching" help diff --git a/arch/arm64/kernel/setup.c b/arch/arm64/kernel/setup.c index 58d69e2e7538..5e0713f5120e 100644 --- a/arch/arm64/kernel/setup.c +++ b/arch/arm64/kernel/setup.c @@ -52,6 +52,8 @@ #include <asm/xen/hypervisor.h> #include <asm/mmu_context.h>

+#include "../mm/pmem_reserve.h" + static int num_standard_resources; static struct resource *standard_resources;

@@ -297,6 +299,8 @@ static void __init request_standard_resources(void)

request_pin_mem_res(res); } + + request_pmem_res_resource(); }

static int __init reserve_memblock_reserved_regions(void) diff --git a/arch/arm64/mm/Makefile b/arch/arm64/mm/Makefile index 5ead3c3de3b6..42e107d6da4f 100644 --- a/arch/arm64/mm/Makefile +++ b/arch/arm64/mm/Makefile @@ -13,3 +13,5 @@ KASAN_SANITIZE_physaddr.o += n

obj-$(CONFIG_KASAN) += kasan_init.o KASAN_SANITIZE_kasan_init.o := n + +obj-$(CONFIG_ARM64_PMEM_RESERVE) += pmem_reserve.o diff --git a/arch/arm64/mm/init.c b/arch/arm64/mm/init.c index 1364d52cbaa8..5ab9dd7d55d9 100644 --- a/arch/arm64/mm/init.c +++ b/arch/arm64/mm/init.c @@ -45,6 +45,8 @@ #include <asm/tlb.h> #include <asm/alternative.h>

+#include "pmem_reserve.h" + /* * We need to be able to catch inadvertent references to memstart_addr * that occur (potentially in generic code) before arm64_memblock_init() @@ -394,6 +396,9 @@ static int __init parse_memmap_one(char *p) start_at = memparse(p + 1, &p); memblock_reserve(start_at, mem_size); memblock_mark_memmap(start_at, mem_size); + } else if (*p == '!') { + start_at = memparse(p + 1, &p); + setup_reserve_pmem(start_at, mem_size); } else pr_info("Unrecognized memmap option, please check the parameter.\n");

@@ -590,6 +595,8 @@ void __init bootmem_init(void) reserve_quick_kexec(); #endif

+ reserve_pmem(); + reserve_pin_memory_res();

memblock_dump_all(); diff --git a/arch/arm64/mm/pmem_reserve.c b/arch/arm64/mm/pmem_reserve.c new file mode 100644 index 000000000000..70fec28409ad --- /dev/null +++ b/arch/arm64/mm/pmem_reserve.c @@ -0,0 +1,66 @@ +// SPDX-License-Identifier: GPL-2.0-only + +#define pr_fmt(fmt) "pmem_reserve: " fmt + +#include <linux/memblock.h> +#include <linux/ioport.h> +#include <linux/types.h> + +#define MAX_REGIONS 8 +static int pmem_res_cnt; +struct resource pmem_res[MAX_REGIONS]; + +void __init setup_reserve_pmem(u64 start, u64 size) +{ + if (pmem_res_cnt >= MAX_REGIONS) { + pr_err("protected memory regions above upper limit %d\n", MAX_REGIONS); + return; + } + + pmem_res[pmem_res_cnt].start = start; + pmem_res[pmem_res_cnt].end = start + size - 1; + pmem_res_cnt++; +} + +void __init request_pmem_res_resource(void) +{ + struct resource *res; + int i; + + for (i = 0; i < pmem_res_cnt; i++) { + res = &pmem_res[i]; + res->name = "Persistent Memory (legacy)"; + res->flags = IORESOURCE_MEM; + res->desc = IORES_DESC_PERSISTENT_MEMORY_LEGACY; + if (res->start && res->end) + request_resource(&iomem_resource, res); + } +} + +void __init reserve_pmem(void) +{ + struct resource *res; + phys_addr_t size; + int i; + + for (i = 0; i < pmem_res_cnt; i++) { + res = &pmem_res[i]; + size = res->end - res->start; + if (!memblock_is_region_memory(res->start, size)) { + pr_warn("region[%pa-%pa] is not in memory\n", + &res->start, &res->end); + res->start = res->end = 0; + continue; + } + + if (memblock_is_region_reserved(res->start, size)) { + pr_warn("region[%pa-%pa] overlaps reserved memory\n", + &res->start, &res->end); + res->start = res->end = 0; + continue; + } + + memblock_remove(res->start, size); + pr_info("region %d: [%pa-%pa] (%lluMB)\n", i, &res->start, &res->end, size >> 20); + } +} diff --git a/arch/arm64/mm/pmem_reserve.h b/arch/arm64/mm/pmem_reserve.h new file mode 100644 index 000000000000..d143198c9696 --- /dev/null +++ b/arch/arm64/mm/pmem_reserve.h @@ -0,0 +1,13 @@ +/* SPDX-License-Identifier: GPL-2.0 */ + +#include <linux/types.h> + +#ifdef CONFIG_ARM64_PMEM_RESERVE +void __init setup_reserve_pmem(u64 start, u64 size); +void __init reserve_pmem(void); +void __init request_pmem_res_resource(void); +#else +static inline void __init setup_reserve_pmem(u64 start, u64 size) {} +static inline void __init reserve_pmem(void) {} +static inline void __init request_pmem_res_resource(void) {} +#endif