Linux kernel mirror (for testing)
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel
os
linux
Merge branch 'akpm' (patches from Andrew)
Merge misc fixes from Andrew Morton:
"15 patches.
Subsystems affected by this patch series: ipc, hexagon, mm (swap,
slab-generic, kmemleak, hugetlb, kasan, damon, and highmem), and proc"
* emailed patches from Andrew Morton <akpm@linux-foundation.org>:
proc/vmcore: fix clearing user buffer by properly using clear_user()
kmap_local: don't assume kmap PTEs are linear arrays in memory
mm/damon/dbgfs: fix missed use of damon_dbgfs_lock
mm/damon/dbgfs: use '__GFP_NOWARN' for user-specified size buffer allocation
kasan: test: silence intentional read overflow warnings
hugetlb, userfaultfd: fix reservation restore on userfaultfd error
hugetlb: fix hugetlb cgroup refcounting during mremap
mm: kmemleak: slob: respect SLAB_NOLEAKTRACE flag
hexagon: ignore vmlinux.lds
hexagon: clean up timer-regs.h
hexagon: export raw I/O routines for modules
mm: emit the "free" trace report before freeing memory in kmem_cache_free()
shm: extend forced shm destroy to support objects from several IPC nses
ipc: WARN if trying to remove ipc object which is absent
mm/swap.c:put_pages_list(): reinitialise the page list
+258
-120
+1
arch/arm/Kconfig
+1
arch/arm/Kconfig
-26
arch/hexagon/include/asm/timer-regs.h
-26
arch/hexagon/include/asm/timer-regs.h
···
1
-
/* SPDX-License-Identifier: GPL-2.0-only */
2
-
/*
3
-
* Timer support for Hexagon
4
-
*
5
-
* Copyright (c) 2010-2011, The Linux Foundation. All rights reserved.
6
-
*/
7
-
8
-
#ifndef _ASM_TIMER_REGS_H
9
-
#define _ASM_TIMER_REGS_H
10
-
11
-
/* This stuff should go into a platform specific file */
12
-
#define TCX0_CLK_RATE 19200
13
-
#define TIMER_ENABLE 0
14
-
#define TIMER_CLR_ON_MATCH 1
15
-
16
-
/*
17
-
* 8x50 HDD Specs 5-8. Simulator co-sim not fixed until
18
-
* release 1.1, and then it's "adjustable" and probably not defaulted.
19
-
*/
20
-
#define RTOS_TIMER_INT 3
21
-
#ifdef CONFIG_HEXAGON_COMET
22
-
#define RTOS_TIMER_REGS_ADDR 0xAB000000UL
23
-
#endif
24
-
#define SLEEP_CLK_RATE 32000
25
-
26
-
#endif
+1
-2
arch/hexagon/include/asm/timex.h
+1
-2
arch/hexagon/include/asm/timex.h
···
7
7
#define _ASM_TIMEX_H
8
8
9
9
#include <asm-generic/timex.h>
10
-
#include <asm/timer-regs.h>
11
10
#include <asm/hexagon_vm.h>
12
11
13
12
/* Using TCX0 as our clock. CLOCK_TICK_RATE scheduled to be removed. */
14
-
#define CLOCK_TICK_RATE TCX0_CLK_RATE
13
+
#define CLOCK_TICK_RATE 19200
15
14
16
15
#define ARCH_HAS_READ_CURRENT_TIMER
17
16
+1
arch/hexagon/kernel/.gitignore
+1
arch/hexagon/kernel/.gitignore
···
1
+
vmlinux.lds
+10
-2
arch/hexagon/kernel/time.c
+10
-2
arch/hexagon/kernel/time.c
···
17
17
#include <linux/of_irq.h>
18
18
#include <linux/module.h>
19
19
20
-
#include <asm/timer-regs.h>
21
20
#include <asm/hexagon_vm.h>
21
+
22
+
#define TIMER_ENABLE BIT(0)
22
23
23
24
/*
24
25
* For the clocksource we need:
···
33
32
cycles_t pcycle_freq_mhz;
34
33
cycles_t thread_freq_mhz;
35
34
cycles_t sleep_clk_freq;
35
+
36
+
/*
37
+
* 8x50 HDD Specs 5-8. Simulator co-sim not fixed until
38
+
* release 1.1, and then it's "adjustable" and probably not defaulted.
39
+
*/
40
+
#define RTOS_TIMER_INT 3
41
+
#define RTOS_TIMER_REGS_ADDR 0xAB000000UL
36
42
37
43
static struct resource rtos_timer_resources[] = {
38
44
{
···
88
80
iowrite32(0, &rtos_timer->clear);
89
81
90
82
iowrite32(delta, &rtos_timer->match);
91
-
iowrite32(1 << TIMER_ENABLE, &rtos_timer->enable);
83
+
iowrite32(TIMER_ENABLE, &rtos_timer->enable);
92
84
return 0;
93
85
}
94
86
+4
arch/hexagon/lib/io.c
+4
arch/hexagon/lib/io.c
···
27
27
*dst++ = *src;
28
28
29
29
}
30
+
EXPORT_SYMBOL(__raw_readsw);
30
31
31
32
/*
32
33
* __raw_writesw - read words a short at a time
···
48
47
49
48
50
49
}
50
+
EXPORT_SYMBOL(__raw_writesw);
51
51
52
52
/* Pretty sure len is pre-adjusted for the length of the access already */
53
53
void __raw_readsl(const void __iomem *addr, void *data, int len)
···
64
62
65
63
66
64
}
65
+
EXPORT_SYMBOL(__raw_readsl);
67
66
68
67
void __raw_writesl(void __iomem *addr, const void *data, int len)
69
68
{
···
79
76
80
77
81
78
}
79
+
EXPORT_SYMBOL(__raw_writesl);
+12
-8
fs/proc/vmcore.c
+12
-8
fs/proc/vmcore.c
···
154
154
nr_bytes = count;
155
155
156
156
/* If pfn is not ram, return zeros for sparse dump files */
157
-
if (!pfn_is_ram(pfn))
158
-
memset(buf, 0, nr_bytes);
159
-
else {
157
+
if (!pfn_is_ram(pfn)) {
158
+
tmp = 0;
159
+
if (!userbuf)
160
+
memset(buf, 0, nr_bytes);
161
+
else if (clear_user(buf, nr_bytes))
162
+
tmp = -EFAULT;
163
+
} else {
160
164
if (encrypted)
161
165
tmp = copy_oldmem_page_encrypted(pfn, buf,
162
166
nr_bytes,
···
169
165
else
170
166
tmp = copy_oldmem_page(pfn, buf, nr_bytes,
171
167
offset, userbuf);
172
-
173
-
if (tmp < 0) {
174
-
up_read(&vmcore_cb_rwsem);
175
-
return tmp;
176
-
}
177
168
}
169
+
if (tmp < 0) {
170
+
up_read(&vmcore_cb_rwsem);
171
+
return tmp;
172
+
}
173
+
178
174
*ppos += nr_bytes;
179
175
count -= nr_bytes;
180
176
buf += nr_bytes;
+12
include/linux/hugetlb_cgroup.h
+12
include/linux/hugetlb_cgroup.h
···
128
128
css_get(resv_map->css);
129
129
}
130
130
131
+
static inline void resv_map_put_hugetlb_cgroup_uncharge_info(
132
+
struct resv_map *resv_map)
133
+
{
134
+
if (resv_map->css)
135
+
css_put(resv_map->css);
136
+
}
137
+
131
138
extern int hugetlb_cgroup_charge_cgroup(int idx, unsigned long nr_pages,
132
139
struct hugetlb_cgroup **ptr);
133
140
extern int hugetlb_cgroup_charge_cgroup_rsvd(int idx, unsigned long nr_pages,
···
214
207
}
215
208
216
209
static inline void resv_map_dup_hugetlb_cgroup_uncharge_info(
210
+
struct resv_map *resv_map)
211
+
{
212
+
}
213
+
214
+
static inline void resv_map_put_hugetlb_cgroup_uncharge_info(
217
215
struct resv_map *resv_map)
218
216
{
219
217
}
+15
include/linux/ipc_namespace.h
+15
include/linux/ipc_namespace.h
···
131
131
return ns;
132
132
}
133
133
134
+
static inline struct ipc_namespace *get_ipc_ns_not_zero(struct ipc_namespace *ns)
135
+
{
136
+
if (ns) {
137
+
if (refcount_inc_not_zero(&ns->ns.count))
138
+
return ns;
139
+
}
140
+
141
+
return NULL;
142
+
}
143
+
134
144
extern void put_ipc_ns(struct ipc_namespace *ns);
135
145
#else
136
146
static inline struct ipc_namespace *copy_ipcs(unsigned long flags,
···
153
143
}
154
144
155
145
static inline struct ipc_namespace *get_ipc_ns(struct ipc_namespace *ns)
146
+
{
147
+
return ns;
148
+
}
149
+
150
+
static inline struct ipc_namespace *get_ipc_ns_not_zero(struct ipc_namespace *ns)
156
151
{
157
152
return ns;
158
153
}
+1
-1
include/linux/sched/task.h
+1
-1
include/linux/sched/task.h
···
158
158
* Protects ->fs, ->files, ->mm, ->group_info, ->comm, keyring
159
159
* subscriptions and synchronises with wait4(). Also used in procfs. Also
160
160
* pins the final release of task.io_context. Also protects ->cpuset and
161
-
* ->cgroup.subsys[]. And ->vfork_done.
161
+
* ->cgroup.subsys[]. And ->vfork_done. And ->sysvshm.shm_clist.
162
162
*
163
163
* Nests both inside and outside of read_lock(&tasklist_lock).
164
164
* It must not be nested with write_lock_irq(&tasklist_lock),
+147
-50
ipc/shm.c
+147
-50
ipc/shm.c
···
62
62
struct pid *shm_lprid;
63
63
struct ucounts *mlock_ucounts;
64
64
65
-
/* The task created the shm object. NULL if the task is dead. */
65
+
/*
66
+
* The task created the shm object, for
67
+
* task_lock(shp->shm_creator)
68
+
*/
66
69
struct task_struct *shm_creator;
67
-
struct list_head shm_clist; /* list by creator */
70
+
71
+
/*
72
+
* List by creator. task_lock(->shm_creator) required for read/write.
73
+
* If list_empty(), then the creator is dead already.
74
+
*/
75
+
struct list_head shm_clist;
76
+
struct ipc_namespace *ns;
68
77
} __randomize_layout;
69
78
70
79
/* shm_mode upper byte flags */
···
124
115
struct shmid_kernel *shp;
125
116
126
117
shp = container_of(ipcp, struct shmid_kernel, shm_perm);
118
+
WARN_ON(ns != shp->ns);
127
119
128
120
if (shp->shm_nattch) {
129
121
shp->shm_perm.mode |= SHM_DEST;
···
235
225
kfree(shp);
236
226
}
237
227
238
-
static inline void shm_rmid(struct ipc_namespace *ns, struct shmid_kernel *s)
228
+
/*
229
+
* It has to be called with shp locked.
230
+
* It must be called before ipc_rmid()
231
+
*/
232
+
static inline void shm_clist_rm(struct shmid_kernel *shp)
239
233
{
240
-
list_del(&s->shm_clist);
241
-
ipc_rmid(&shm_ids(ns), &s->shm_perm);
234
+
struct task_struct *creator;
235
+
236
+
/* ensure that shm_creator does not disappear */
237
+
rcu_read_lock();
238
+
239
+
/*
240
+
* A concurrent exit_shm may do a list_del_init() as well.
241
+
* Just do nothing if exit_shm already did the work
242
+
*/
243
+
if (!list_empty(&shp->shm_clist)) {
244
+
/*
245
+
* shp->shm_creator is guaranteed to be valid *only*
246
+
* if shp->shm_clist is not empty.
247
+
*/
248
+
creator = shp->shm_creator;
249
+
250
+
task_lock(creator);
251
+
/*
252
+
* list_del_init() is a nop if the entry was already removed
253
+
* from the list.
254
+
*/
255
+
list_del_init(&shp->shm_clist);
256
+
task_unlock(creator);
257
+
}
258
+
rcu_read_unlock();
259
+
}
260
+
261
+
static inline void shm_rmid(struct shmid_kernel *s)
262
+
{
263
+
shm_clist_rm(s);
264
+
ipc_rmid(&shm_ids(s->ns), &s->shm_perm);
242
265
}
243
266
244
267
···
326
283
shm_file = shp->shm_file;
327
284
shp->shm_file = NULL;
328
285
ns->shm_tot -= (shp->shm_segsz + PAGE_SIZE - 1) >> PAGE_SHIFT;
329
-
shm_rmid(ns, shp);
286
+
shm_rmid(shp);
330
287
shm_unlock(shp);
331
288
if (!is_file_hugepages(shm_file))
332
289
shmem_lock(shm_file, 0, shp->mlock_ucounts);
···
346
303
*
347
304
* 2) sysctl kernel.shm_rmid_forced is set to 1.
348
305
*/
349
-
static bool shm_may_destroy(struct ipc_namespace *ns, struct shmid_kernel *shp)
306
+
static bool shm_may_destroy(struct shmid_kernel *shp)
350
307
{
351
308
return (shp->shm_nattch == 0) &&
352
-
(ns->shm_rmid_forced ||
309
+
(shp->ns->shm_rmid_forced ||
353
310
(shp->shm_perm.mode & SHM_DEST));
354
311
}
355
312
···
380
337
ipc_update_pid(&shp->shm_lprid, task_tgid(current));
381
338
shp->shm_dtim = ktime_get_real_seconds();
382
339
shp->shm_nattch--;
383
-
if (shm_may_destroy(ns, shp))
340
+
if (shm_may_destroy(shp))
384
341
shm_destroy(ns, shp);
385
342
else
386
343
shm_unlock(shp);
···
401
358
*
402
359
* As shp->* are changed under rwsem, it's safe to skip shp locking.
403
360
*/
404
-
if (shp->shm_creator != NULL)
361
+
if (!list_empty(&shp->shm_clist))
405
362
return 0;
406
363
407
-
if (shm_may_destroy(ns, shp)) {
364
+
if (shm_may_destroy(shp)) {
408
365
shm_lock_by_ptr(shp);
409
366
shm_destroy(ns, shp);
410
367
}
···
422
379
/* Locking assumes this will only be called with task == current */
423
380
void exit_shm(struct task_struct *task)
424
381
{
425
-
struct ipc_namespace *ns = task->nsproxy->ipc_ns;
426
-
struct shmid_kernel *shp, *n;
382
+
for (;;) {
383
+
struct shmid_kernel *shp;
384
+
struct ipc_namespace *ns;
427
385
428
-
if (list_empty(&task->sysvshm.shm_clist))
429
-
return;
386
+
task_lock(task);
430
387
431
-
/*
432
-
* If kernel.shm_rmid_forced is not set then only keep track of
433
-
* which shmids are orphaned, so that a later set of the sysctl
434
-
* can clean them up.
435
-
*/
436
-
if (!ns->shm_rmid_forced) {
437
-
down_read(&shm_ids(ns).rwsem);
438
-
list_for_each_entry(shp, &task->sysvshm.shm_clist, shm_clist)
439
-
shp->shm_creator = NULL;
440
-
/*
441
-
* Only under read lock but we are only called on current
442
-
* so no entry on the list will be shared.
443
-
*/
444
-
list_del(&task->sysvshm.shm_clist);
445
-
up_read(&shm_ids(ns).rwsem);
446
-
return;
447
-
}
448
-
449
-
/*
450
-
* Destroy all already created segments, that were not yet mapped,
451
-
* and mark any mapped as orphan to cover the sysctl toggling.
452
-
* Destroy is skipped if shm_may_destroy() returns false.
453
-
*/
454
-
down_write(&shm_ids(ns).rwsem);
455
-
list_for_each_entry_safe(shp, n, &task->sysvshm.shm_clist, shm_clist) {
456
-
shp->shm_creator = NULL;
457
-
458
-
if (shm_may_destroy(ns, shp)) {
459
-
shm_lock_by_ptr(shp);
460
-
shm_destroy(ns, shp);
388
+
if (list_empty(&task->sysvshm.shm_clist)) {
389
+
task_unlock(task);
390
+
break;
461
391
}
462
-
}
463
392
464
-
/* Remove the list head from any segments still attached. */
465
-
list_del(&task->sysvshm.shm_clist);
466
-
up_write(&shm_ids(ns).rwsem);
393
+
shp = list_first_entry(&task->sysvshm.shm_clist, struct shmid_kernel,
394
+
shm_clist);
395
+
396
+
/*
397
+
* 1) Get pointer to the ipc namespace. It is worth to say
398
+
* that this pointer is guaranteed to be valid because
399
+
* shp lifetime is always shorter than namespace lifetime
400
+
* in which shp lives.
401
+
* We taken task_lock it means that shp won't be freed.
402
+
*/
403
+
ns = shp->ns;
404
+
405
+
/*
406
+
* 2) If kernel.shm_rmid_forced is not set then only keep track of
407
+
* which shmids are orphaned, so that a later set of the sysctl
408
+
* can clean them up.
409
+
*/
410
+
if (!ns->shm_rmid_forced)
411
+
goto unlink_continue;
412
+
413
+
/*
414
+
* 3) get a reference to the namespace.
415
+
* The refcount could be already 0. If it is 0, then
416
+
* the shm objects will be free by free_ipc_work().
417
+
*/
418
+
ns = get_ipc_ns_not_zero(ns);
419
+
if (!ns) {
420
+
unlink_continue:
421
+
list_del_init(&shp->shm_clist);
422
+
task_unlock(task);
423
+
continue;
424
+
}
425
+
426
+
/*
427
+
* 4) get a reference to shp.
428
+
* This cannot fail: shm_clist_rm() is called before
429
+
* ipc_rmid(), thus the refcount cannot be 0.
430
+
*/
431
+
WARN_ON(!ipc_rcu_getref(&shp->shm_perm));
432
+
433
+
/*
434
+
* 5) unlink the shm segment from the list of segments
435
+
* created by current.
436
+
* This must be done last. After unlinking,
437
+
* only the refcounts obtained above prevent IPC_RMID
438
+
* from destroying the segment or the namespace.
439
+
*/
440
+
list_del_init(&shp->shm_clist);
441
+
442
+
task_unlock(task);
443
+
444
+
/*
445
+
* 6) we have all references
446
+
* Thus lock & if needed destroy shp.
447
+
*/
448
+
down_write(&shm_ids(ns).rwsem);
449
+
shm_lock_by_ptr(shp);
450
+
/*
451
+
* rcu_read_lock was implicitly taken in shm_lock_by_ptr, it's
452
+
* safe to call ipc_rcu_putref here
453
+
*/
454
+
ipc_rcu_putref(&shp->shm_perm, shm_rcu_free);
455
+
456
+
if (ipc_valid_object(&shp->shm_perm)) {
457
+
if (shm_may_destroy(shp))
458
+
shm_destroy(ns, shp);
459
+
else
460
+
shm_unlock(shp);
461
+
} else {
462
+
/*
463
+
* Someone else deleted the shp from namespace
464
+
* idr/kht while we have waited.
465
+
* Just unlock and continue.
466
+
*/
467
+
shm_unlock(shp);
468
+
}
469
+
470
+
up_write(&shm_ids(ns).rwsem);
471
+
put_ipc_ns(ns); /* paired with get_ipc_ns_not_zero */
472
+
}
467
473
}
468
474
469
475
static vm_fault_t shm_fault(struct vm_fault *vmf)
···
768
676
if (error < 0)
769
677
goto no_id;
770
678
679
+
shp->ns = ns;
680
+
681
+
task_lock(current);
771
682
list_add(&shp->shm_clist, ¤t->sysvshm.shm_clist);
683
+
task_unlock(current);
772
684
773
685
/*
774
686
* shmid gets reported as "inode#" in /proc/pid/maps.
···
1663
1567
down_write(&shm_ids(ns).rwsem);
1664
1568
shp = shm_lock(ns, shmid);
1665
1569
shp->shm_nattch--;
1666
-
if (shm_may_destroy(ns, shp))
1570
+
1571
+
if (shm_may_destroy(shp))
1667
1572
shm_destroy(ns, shp);
1668
1573
else
1669
1574
shm_unlock(shp);
+3
-3
ipc/util.c
+3
-3
ipc/util.c
···
447
447
static void ipc_kht_remove(struct ipc_ids *ids, struct kern_ipc_perm *ipcp)
448
448
{
449
449
if (ipcp->key != IPC_PRIVATE)
450
-
rhashtable_remove_fast(&ids->key_ht, &ipcp->khtnode,
451
-
ipc_kht_params);
450
+
WARN_ON_ONCE(rhashtable_remove_fast(&ids->key_ht, &ipcp->khtnode,
451
+
ipc_kht_params));
452
452
}
453
453
454
454
/**
···
498
498
{
499
499
int idx = ipcid_to_idx(ipcp->id);
500
500
501
-
idr_remove(&ids->ipcs_idr, idx);
501
+
WARN_ON_ONCE(idr_remove(&ids->ipcs_idr, idx) != ipcp);
502
502
ipc_kht_remove(ids, ipcp);
503
503
ids->in_use--;
504
504
ipcp->deleted = true;
+2
lib/test_kasan.c
+2
lib/test_kasan.c
···
869
869
ptr = kmalloc(size, GFP_KERNEL | __GFP_ZERO);
870
870
KUNIT_ASSERT_NOT_ERR_OR_NULL(test, ptr);
871
871
872
+
OPTIMIZER_HIDE_VAR(size);
872
873
KUNIT_EXPECT_KASAN_FAIL(test,
873
874
kasan_ptr_result = memchr(ptr, '1', size + 1));
874
875
···
895
894
KUNIT_ASSERT_NOT_ERR_OR_NULL(test, ptr);
896
895
memset(arr, 0, sizeof(arr));
897
896
897
+
OPTIMIZER_HIDE_VAR(size);
898
898
KUNIT_EXPECT_KASAN_FAIL(test,
899
899
kasan_int_result = memcmp(ptr, arr, size+1));
900
900
kfree(ptr);
+3
mm/Kconfig
+3
mm/Kconfig
+13
-7
mm/damon/dbgfs.c
+13
-7
mm/damon/dbgfs.c
···
32
32
if (*ppos)
33
33
return ERR_PTR(-EINVAL);
34
34
35
-
kbuf = kmalloc(count + 1, GFP_KERNEL);
35
+
kbuf = kmalloc(count + 1, GFP_KERNEL | __GFP_NOWARN);
36
36
if (!kbuf)
37
37
return ERR_PTR(-ENOMEM);
38
38
···
133
133
char *kbuf;
134
134
ssize_t len;
135
135
136
-
kbuf = kmalloc(count, GFP_KERNEL);
136
+
kbuf = kmalloc(count, GFP_KERNEL | __GFP_NOWARN);
137
137
if (!kbuf)
138
138
return -ENOMEM;
139
139
···
452
452
char *kbuf;
453
453
ssize_t len;
454
454
455
-
kbuf = kmalloc(count, GFP_KERNEL);
455
+
kbuf = kmalloc(count, GFP_KERNEL | __GFP_NOWARN);
456
456
if (!kbuf)
457
457
return -ENOMEM;
458
458
···
578
578
char *kbuf;
579
579
ssize_t len;
580
580
581
-
kbuf = kmalloc(count, GFP_KERNEL);
581
+
kbuf = kmalloc(count, GFP_KERNEL | __GFP_NOWARN);
582
582
if (!kbuf)
583
583
return -ENOMEM;
584
584
···
877
877
return -EINVAL;
878
878
}
879
879
880
+
mutex_lock(&damon_dbgfs_lock);
880
881
if (!strncmp(kbuf, "on", count)) {
881
882
int i;
882
883
883
884
for (i = 0; i < dbgfs_nr_ctxs; i++) {
884
885
if (damon_targets_empty(dbgfs_ctxs[i])) {
885
886
kfree(kbuf);
887
+
mutex_unlock(&damon_dbgfs_lock);
886
888
return -EINVAL;
887
889
}
888
890
}
···
894
892
} else {
895
893
ret = -EINVAL;
896
894
}
895
+
mutex_unlock(&damon_dbgfs_lock);
897
896
898
897
if (!ret)
899
898
ret = count;
···
947
944
948
945
static int __init damon_dbgfs_init(void)
949
946
{
950
-
int rc;
947
+
int rc = -ENOMEM;
951
948
949
+
mutex_lock(&damon_dbgfs_lock);
952
950
dbgfs_ctxs = kmalloc(sizeof(*dbgfs_ctxs), GFP_KERNEL);
953
951
if (!dbgfs_ctxs)
954
-
return -ENOMEM;
952
+
goto out;
955
953
dbgfs_ctxs[0] = dbgfs_new_ctx();
956
954
if (!dbgfs_ctxs[0]) {
957
955
kfree(dbgfs_ctxs);
958
-
return -ENOMEM;
956
+
goto out;
959
957
}
960
958
dbgfs_nr_ctxs = 1;
961
959
···
967
963
pr_err("%s: dbgfs init failed\n", __func__);
968
964
}
969
965
966
+
out:
967
+
mutex_unlock(&damon_dbgfs_lock);
970
968
return rc;
971
969
}
972
970
+21
-11
mm/highmem.c
+21
-11
mm/highmem.c
···
503
503
504
504
static pte_t *__kmap_pte;
505
505
506
-
static pte_t *kmap_get_pte(void)
506
+
static pte_t *kmap_get_pte(unsigned long vaddr, int idx)
507
507
{
508
+
if (IS_ENABLED(CONFIG_KMAP_LOCAL_NON_LINEAR_PTE_ARRAY))
509
+
/*
510
+
* Set by the arch if __kmap_pte[-idx] does not produce
511
+
* the correct entry.
512
+
*/
513
+
return virt_to_kpte(vaddr);
508
514
if (!__kmap_pte)
509
515
__kmap_pte = virt_to_kpte(__fix_to_virt(FIX_KMAP_BEGIN));
510
-
return __kmap_pte;
516
+
return &__kmap_pte[-idx];
511
517
}
512
518
513
519
void *__kmap_local_pfn_prot(unsigned long pfn, pgprot_t prot)
514
520
{
515
-
pte_t pteval, *kmap_pte = kmap_get_pte();
521
+
pte_t pteval, *kmap_pte;
516
522
unsigned long vaddr;
517
523
int idx;
518
524
···
530
524
preempt_disable();
531
525
idx = arch_kmap_local_map_idx(kmap_local_idx_push(), pfn);
532
526
vaddr = __fix_to_virt(FIX_KMAP_BEGIN + idx);
533
-
BUG_ON(!pte_none(*(kmap_pte - idx)));
527
+
kmap_pte = kmap_get_pte(vaddr, idx);
528
+
BUG_ON(!pte_none(*kmap_pte));
534
529
pteval = pfn_pte(pfn, prot);
535
-
arch_kmap_local_set_pte(&init_mm, vaddr, kmap_pte - idx, pteval);
530
+
arch_kmap_local_set_pte(&init_mm, vaddr, kmap_pte, pteval);
536
531
arch_kmap_local_post_map(vaddr, pteval);
537
532
current->kmap_ctrl.pteval[kmap_local_idx()] = pteval;
538
533
preempt_enable();
···
566
559
void kunmap_local_indexed(void *vaddr)
567
560
{
568
561
unsigned long addr = (unsigned long) vaddr & PAGE_MASK;
569
-
pte_t *kmap_pte = kmap_get_pte();
562
+
pte_t *kmap_pte;
570
563
int idx;
571
564
572
565
if (addr < __fix_to_virt(FIX_KMAP_END) ||
···
591
584
idx = arch_kmap_local_unmap_idx(kmap_local_idx(), addr);
592
585
WARN_ON_ONCE(addr != __fix_to_virt(FIX_KMAP_BEGIN + idx));
593
586
587
+
kmap_pte = kmap_get_pte(addr, idx);
594
588
arch_kmap_local_pre_unmap(addr);
595
-
pte_clear(&init_mm, addr, kmap_pte - idx);
589
+
pte_clear(&init_mm, addr, kmap_pte);
596
590
arch_kmap_local_post_unmap(addr);
597
591
current->kmap_ctrl.pteval[kmap_local_idx()] = __pte(0);
598
592
kmap_local_idx_pop();
···
615
607
void __kmap_local_sched_out(void)
616
608
{
617
609
struct task_struct *tsk = current;
618
-
pte_t *kmap_pte = kmap_get_pte();
610
+
pte_t *kmap_pte;
619
611
int i;
620
612
621
613
/* Clear kmaps */
···
642
634
idx = arch_kmap_local_map_idx(i, pte_pfn(pteval));
643
635
644
636
addr = __fix_to_virt(FIX_KMAP_BEGIN + idx);
637
+
kmap_pte = kmap_get_pte(addr, idx);
645
638
arch_kmap_local_pre_unmap(addr);
646
-
pte_clear(&init_mm, addr, kmap_pte - idx);
639
+
pte_clear(&init_mm, addr, kmap_pte);
647
640
arch_kmap_local_post_unmap(addr);
648
641
}
649
642
}
···
652
643
void __kmap_local_sched_in(void)
653
644
{
654
645
struct task_struct *tsk = current;
655
-
pte_t *kmap_pte = kmap_get_pte();
646
+
pte_t *kmap_pte;
656
647
int i;
657
648
658
649
/* Restore kmaps */
···
672
663
/* See comment in __kmap_local_sched_out() */
673
664
idx = arch_kmap_local_map_idx(i, pte_pfn(pteval));
674
665
addr = __fix_to_virt(FIX_KMAP_BEGIN + idx);
675
-
set_pte_at(&init_mm, addr, kmap_pte - idx, pteval);
666
+
kmap_pte = kmap_get_pte(addr, idx);
667
+
set_pte_at(&init_mm, addr, kmap_pte, pteval);
676
668
arch_kmap_local_post_map(addr, pteval);
677
669
}
678
670
}
+7
-4
mm/hugetlb.c
+7
-4
mm/hugetlb.c
···
1037
1037
*/
1038
1038
struct resv_map *reservations = vma_resv_map(vma);
1039
1039
1040
-
if (reservations && is_vma_resv_set(vma, HPAGE_RESV_OWNER))
1040
+
if (reservations && is_vma_resv_set(vma, HPAGE_RESV_OWNER)) {
1041
+
resv_map_put_hugetlb_cgroup_uncharge_info(reservations);
1041
1042
kref_put(&reservations->refs, resv_map_release);
1043
+
}
1042
1044
1043
1045
reset_vma_resv_huge_pages(vma);
1044
1046
}
···
5736
5734
int ret = -ENOMEM;
5737
5735
struct page *page;
5738
5736
int writable;
5739
-
bool new_pagecache_page = false;
5737
+
bool page_in_pagecache = false;
5740
5738
5741
5739
if (is_continue) {
5742
5740
ret = -EFAULT;
5743
5741
page = find_lock_page(mapping, idx);
5744
5742
if (!page)
5745
5743
goto out;
5744
+
page_in_pagecache = true;
5746
5745
} else if (!*pagep) {
5747
5746
/* If a page already exists, then it's UFFDIO_COPY for
5748
5747
* a non-missing case. Return -EEXIST.
···
5831
5828
ret = huge_add_to_page_cache(page, mapping, idx);
5832
5829
if (ret)
5833
5830
goto out_release_nounlock;
5834
-
new_pagecache_page = true;
5831
+
page_in_pagecache = true;
5835
5832
}
5836
5833
5837
5834
ptl = huge_pte_lockptr(h, dst_mm, dst_pte);
···
5895
5892
if (vm_shared || is_continue)
5896
5893
unlock_page(page);
5897
5894
out_release_nounlock:
5898
-
if (!new_pagecache_page)
5895
+
if (!page_in_pagecache)
5899
5896
restore_reserve_on_error(h, dst_vma, dst_addr, page);
5900
5897
put_page(page);
5901
5898
goto out;
+1
-2
mm/slab.c
+1
-2
mm/slab.c
···
3733
3733
if (!cachep)
3734
3734
return;
3735
3735
3736
+
trace_kmem_cache_free(_RET_IP_, objp, cachep->name);
3736
3737
local_irq_save(flags);
3737
3738
debug_check_no_locks_freed(objp, cachep->object_size);
3738
3739
if (!(cachep->flags & SLAB_DEBUG_OBJECTS))
3739
3740
debug_check_no_obj_freed(objp, cachep->object_size);
3740
3741
__cache_free(cachep, objp, _RET_IP_);
3741
3742
local_irq_restore(flags);
3742
-
3743
-
trace_kmem_cache_free(_RET_IP_, objp, cachep->name);
3744
3743
}
3745
3744
EXPORT_SYMBOL(kmem_cache_free);
3746
3745
+1
-1
mm/slab.h
+1
-1
mm/slab.h
···
147
147
#define SLAB_CACHE_FLAGS (SLAB_NOLEAKTRACE | SLAB_RECLAIM_ACCOUNT | \
148
148
SLAB_TEMPORARY | SLAB_ACCOUNT)
149
149
#else
150
-
#define SLAB_CACHE_FLAGS (0)
150
+
#define SLAB_CACHE_FLAGS (SLAB_NOLEAKTRACE)
151
151
#endif
152
152
153
153
/* Common flags available with current configuration */
+1
-2
mm/slob.c
+1
-2
mm/slob.c
···
666
666
void kmem_cache_free(struct kmem_cache *c, void *b)
667
667
{
668
668
kmemleak_free_recursive(b, c->flags);
669
+
trace_kmem_cache_free(_RET_IP_, b, c->name);
669
670
if (unlikely(c->flags & SLAB_TYPESAFE_BY_RCU)) {
670
671
struct slob_rcu *slob_rcu;
671
672
slob_rcu = b + (c->size - sizeof(struct slob_rcu));
···
675
674
} else {
676
675
__kmem_cache_free(b, c->size);
677
676
}
678
-
679
-
trace_kmem_cache_free(_RET_IP_, b, c->name);
680
677
}
681
678
EXPORT_SYMBOL(kmem_cache_free);
682
679
+1
-1
mm/slub.c
+1
-1
mm/slub.c
···
3526
3526
s = cache_from_obj(s, x);
3527
3527
if (!s)
3528
3528
return;
3529
-
slab_free(s, virt_to_head_page(x), x, NULL, 1, _RET_IP_);
3530
3529
trace_kmem_cache_free(_RET_IP_, x, s->name);
3530
+
slab_free(s, virt_to_head_page(x), x, NULL, 1, _RET_IP_);
3531
3531
}
3532
3532
EXPORT_SYMBOL(kmem_cache_free);
3533
3533