diff --git a/blacklist.conf b/blacklist.conf index 1c36f1e..7949e16 100644 --- a/blacklist.conf +++ b/blacklist.conf @@ -148,3 +148,7 @@ de89212ddb3dc87152dd6f2b88a20d5176156777 # Duplicate of 5b3ec8134f5f9fa1ed0a5384 c9dfadeee89d4c5d335969356c4e63e9b279d038 # duplicate of b049e03ca57f238e74a79e44ffc85904db465e72 3c29ba8e7c78dee1a8a59cadf235d6b93489a3b4 # wrong commit ID in patch, DTS not present in our tree 1bfe610491082f2eeaa74f5fbc4136cb8302831b # wrong commit ID in patch, DTS not present in our tree +311ae9e159d81a1ec1cf645daf40b39ae5a0bd84 # Fixes 32960613b7c33 merged in 5.4-rc1 +e39e773ad100ac94f8358d862f20101e802ae54c # kernel-doc comment fix +44d282796f81eb1debc1d7cb53245b4cb3214cb5 # Got reverted in 73e08e711d9c1 +d9e9866803f7b6c3fdd35d345e97fb0b2908bbbc # Whitespace fix diff --git a/config/ppc64le/default b/config/ppc64le/default index 5cd04f6..79ce197 100644 --- a/config/ppc64le/default +++ b/config/ppc64le/default @@ -597,6 +597,7 @@ CONFIG_HAVE_ARCH_MMAP_RND_BITS=y CONFIG_ARCH_MMAP_RND_BITS=14 CONFIG_HAVE_ARCH_MMAP_RND_COMPAT_BITS=y CONFIG_ARCH_MMAP_RND_COMPAT_BITS=7 +CONFIG_HAVE_COPY_THREAD_TLS=y CONFIG_HAVE_RELIABLE_STACKTRACE=y # CONFIG_HAVE_ARCH_HASH is not set CONFIG_HAVE_ARCH_NVRAM_OPS=y diff --git a/patches.suse/aio-prevent-potential-eventfd-recursion-on-poll.patch b/patches.suse/aio-prevent-potential-eventfd-recursion-on-poll.patch new file mode 100644 index 0000000..9537bfd --- /dev/null +++ b/patches.suse/aio-prevent-potential-eventfd-recursion-on-poll.patch @@ -0,0 +1,74 @@ +From 01d7a356872eec22ef34a33a5f9cfa917d145468 Mon Sep 17 00:00:00 2001 +From: Jens Axboe +Date: Mon, 3 Feb 2020 10:33:42 -0700 +Subject: [PATCH] aio: prevent potential eventfd recursion on poll +Git-commit: 01d7a356872eec22ef34a33a5f9cfa917d145468 +Patch-mainline: v5.6-rc1 +References: bsc#1163918 + +If we have nested or circular eventfd wakeups, then we can deadlock if +we run them inline from our poll waitqueue wakeup handler. It's also +possible to have very long chains of notifications, to the extent where +we could risk blowing the stack. + +Check the eventfd recursion count before calling eventfd_signal(). If +it's non-zero, then punt the signaling to async context. This is always +safe, as it takes us out-of-line in terms of stack and locking context. + +Cc: stable@vger.kernel.org # 4.19+ +Reviewed-by: Jeff Moyer +Signed-off-by: Jens Axboe +Acked-by: Jan Kara + +--- + fs/aio.c | 20 ++++++++++++++++++-- + 1 file changed, 18 insertions(+), 2 deletions(-) + +diff --git a/fs/aio.c b/fs/aio.c +index a9fbad2ce5e6..5f3d3d814928 100644 +--- a/fs/aio.c ++++ b/fs/aio.c +@@ -1610,6 +1610,14 @@ static int aio_fsync(struct fsync_iocb *req, const struct iocb *iocb, + return 0; + } + ++static void aio_poll_put_work(struct work_struct *work) ++{ ++ struct poll_iocb *req = container_of(work, struct poll_iocb, work); ++ struct aio_kiocb *iocb = container_of(req, struct aio_kiocb, poll); ++ ++ iocb_put(iocb); ++} ++ + static void aio_poll_complete_work(struct work_struct *work) + { + struct poll_iocb *req = container_of(work, struct poll_iocb, work); +@@ -1674,6 +1682,8 @@ static int aio_poll_wake(struct wait_queue_entry *wait, unsigned mode, int sync, + list_del_init(&req->wait.entry); + + if (mask && spin_trylock_irqsave(&iocb->ki_ctx->ctx_lock, flags)) { ++ struct kioctx *ctx = iocb->ki_ctx; ++ + /* + * Try to complete the iocb inline if we can. Use + * irqsave/irqrestore because not all filesystems (e.g. fuse) +@@ -1683,8 +1693,14 @@ static int aio_poll_wake(struct wait_queue_entry *wait, unsigned mode, int sync, + list_del(&iocb->ki_list); + iocb->ki_res.res = mangle_poll(mask); + req->done = true; +- spin_unlock_irqrestore(&iocb->ki_ctx->ctx_lock, flags); +- iocb_put(iocb); ++ if (iocb->ki_eventfd && eventfd_signal_count()) { ++ iocb = NULL; ++ INIT_WORK(&req->work, aio_poll_put_work); ++ schedule_work(&req->work); ++ } ++ spin_unlock_irqrestore(&ctx->ctx_lock, flags); ++ if (iocb) ++ iocb_put(iocb); + } else { + schedule_work(&req->work); + } +-- +2.16.4 + diff --git a/patches.suse/arm64-Ensure-VM_WRITE-VM_SHARED-ptes-are-clean-by-de.patch b/patches.suse/arm64-Ensure-VM_WRITE-VM_SHARED-ptes-are-clean-by-de.patch index c18a6af..044d3f9 100644 --- a/patches.suse/arm64-Ensure-VM_WRITE-VM_SHARED-ptes-are-clean-by-de.patch +++ b/patches.suse/arm64-Ensure-VM_WRITE-VM_SHARED-ptes-are-clean-by-de.patch @@ -55,7 +55,7 @@ Signed-off-by: Jiri Slaby #define PROT_SECT_DEVICE_nGnRE (PROT_SECT_DEFAULT | PMD_SECT_PXN | PMD_SECT_UXN | PMD_ATTRINDX(MT_DEVICE_nGnRE)) #define PROT_SECT_NORMAL (PROT_SECT_DEFAULT | PMD_SECT_PXN | PMD_SECT_UXN | PMD_ATTRINDX(MT_NORMAL)) @@ -80,8 +80,9 @@ - #define PAGE_S2_DEVICE __pgprot(_PROT_DEFAULT | PAGE_S2_MEMATTR(DEVICE_nGnRE) | PTE_S2_RDONLY | PAGE_S2_XN) + #define PAGE_S2_DEVICE __pgprot(_PROT_DEFAULT | PAGE_S2_MEMATTR(DEVICE_nGnRE) | PTE_S2_RDONLY | PTE_S2_XN) #define PAGE_NONE __pgprot(((_PAGE_DEFAULT) & ~PTE_VALID) | PTE_PROT_NONE | PTE_RDONLY | PTE_NG | PTE_PXN | PTE_UXN) -#define PAGE_SHARED __pgprot(_PAGE_DEFAULT | PTE_USER | PTE_NG | PTE_PXN | PTE_UXN | PTE_WRITE) diff --git a/patches.suse/arm64-KVM-Device-mappings-should-be-execute-never.patch b/patches.suse/arm64-KVM-Device-mappings-should-be-execute-never.patch new file mode 100644 index 0000000..effd825 --- /dev/null +++ b/patches.suse/arm64-KVM-Device-mappings-should-be-execute-never.patch @@ -0,0 +1,44 @@ +From: James Morse +Date: Tue, 27 Aug 2019 18:06:46 +0100 +Subject: arm64: KVM: Device mappings should be execute-never +Git-commit: e8688ba3874915b7d1661a57adf15a9c9e877df7 +Patch-mainline: v5.4-rc1 +References: bsc#1164268 + +Since commit 2f6ea23f63cca ("arm64: KVM: Avoid marking pages as XN in +Stage-2 if CTR_EL0.DIC is set"), KVM has stopped marking normal memory +as execute-never at stage2 when the system supports D->I Coherency at +the PoU. This avoids KVM taking a trap when the page is first executed, +in order to clean it to PoU. + +The patch that added this change also wrapped PAGE_S2_DEVICE mappings +up in this too. The upshot is, if your CPU caches support DIC ... +you can execute devices. + +Revert the PAGE_S2_DEVICE change so PTE_S2_XN is always used +directly. + +Fixes: 2f6ea23f63cca ("arm64: KVM: Avoid marking pages as XN in Stage-2 if CTR_EL0.DIC is set") +Signed-off-by: James Morse +Signed-off-by: Marc Zyngier +Signed-off-by: Matthias Brugger +--- + arch/arm64/include/asm/pgtable-prot.h | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/arch/arm64/include/asm/pgtable-prot.h b/arch/arm64/include/asm/pgtable-prot.h +index 92d2e9f28f28..9a21b84536f2 100644 +--- a/arch/arm64/include/asm/pgtable-prot.h ++++ b/arch/arm64/include/asm/pgtable-prot.h +@@ -77,7 +77,7 @@ + }) + + #define PAGE_S2 __pgprot(_PROT_DEFAULT | PAGE_S2_MEMATTR(NORMAL) | PTE_S2_RDONLY | PAGE_S2_XN) +-#define PAGE_S2_DEVICE __pgprot(_PROT_DEFAULT | PAGE_S2_MEMATTR(DEVICE_nGnRE) | PTE_S2_RDONLY | PAGE_S2_XN) ++#define PAGE_S2_DEVICE __pgprot(_PROT_DEFAULT | PAGE_S2_MEMATTR(DEVICE_nGnRE) | PTE_S2_RDONLY | PTE_S2_XN) + + #define PAGE_NONE __pgprot(((_PAGE_DEFAULT) & ~PTE_VALID) | PTE_PROT_NONE | PTE_RDONLY | PTE_NG | PTE_PXN | PTE_UXN) + #define PAGE_SHARED __pgprot(_PAGE_DEFAULT | PTE_USER | PTE_NG | PTE_PXN | PTE_UXN | PTE_WRITE) +-- +2.25.0 + diff --git a/patches.suse/arm64-dts-agilex-stratix10-fix-pmu-interrupt-numbers.patch b/patches.suse/arm64-dts-agilex-stratix10-fix-pmu-interrupt-numbers.patch new file mode 100644 index 0000000..fb436c5 --- /dev/null +++ b/patches.suse/arm64-dts-agilex-stratix10-fix-pmu-interrupt-numbers.patch @@ -0,0 +1,61 @@ +From: Dinh Nguyen +Date: Wed, 20 Nov 2019 09:15:17 -0600 +Subject: arm64: dts: agilex/stratix10: fix pmu interrupt numbers +Git-commit: 210de0e996aee8e360ccc9e173fe7f0a7ed2f695 +Patch-mainline: v5.5-rc7 +References: bsc#1164272 + +Fix up the correct interrupt numbers for the PMU unit on Agilex +and Stratix10. + +Fixes: 78cd6a9d8e15 ("arm64: dts: Add base stratix 10 dtsi") +Cc: linux-stable +Reported-by: Meng Li +Signed-off-by: Dinh Nguyen +Signed-off-by: Matthias Brugger +--- + arch/arm64/boot/dts/altera/socfpga_stratix10.dtsi | 8 ++++---- + arch/arm64/boot/dts/intel/socfpga_agilex.dtsi | 8 ++++---- + 2 files changed, 8 insertions(+), 8 deletions(-) + +diff --git a/arch/arm64/boot/dts/altera/socfpga_stratix10.dtsi b/arch/arm64/boot/dts/altera/socfpga_stratix10.dtsi +index 144a2c19ac02..d1fc9c2055f4 100644 +--- a/arch/arm64/boot/dts/altera/socfpga_stratix10.dtsi ++++ b/arch/arm64/boot/dts/altera/socfpga_stratix10.dtsi +@@ -61,10 +61,10 @@ cpu3: cpu@3 { + + pmu { + compatible = "arm,armv8-pmuv3"; +- interrupts = <0 120 8>, +- <0 121 8>, +- <0 122 8>, +- <0 123 8>; ++ interrupts = <0 170 4>, ++ <0 171 4>, ++ <0 172 4>, ++ <0 173 4>; + interrupt-affinity = <&cpu0>, + <&cpu1>, + <&cpu2>, +diff --git a/arch/arm64/boot/dts/intel/socfpga_agilex.dtsi b/arch/arm64/boot/dts/intel/socfpga_agilex.dtsi +index 94090c6fb946..d43e1299c8ef 100644 +--- a/arch/arm64/boot/dts/intel/socfpga_agilex.dtsi ++++ b/arch/arm64/boot/dts/intel/socfpga_agilex.dtsi +@@ -60,10 +60,10 @@ cpu3: cpu@3 { + + pmu { + compatible = "arm,armv8-pmuv3"; +- interrupts = <0 120 8>, +- <0 121 8>, +- <0 122 8>, +- <0 123 8>; ++ interrupts = <0 170 4>, ++ <0 171 4>, ++ <0 172 4>, ++ <0 173 4>; + interrupt-affinity = <&cpu0>, + <&cpu1>, + <&cpu2>, +-- +2.25.0 + diff --git a/patches.suse/bdev-Factor-out-bdev-revalidation-into-a-common-help.patch b/patches.suse/bdev-Factor-out-bdev-revalidation-into-a-common-help.patch new file mode 100644 index 0000000..875b6e2 --- /dev/null +++ b/patches.suse/bdev-Factor-out-bdev-revalidation-into-a-common-help.patch @@ -0,0 +1,73 @@ +From 731dc4868311ee097757b8746eaa1b4f8b2b4f1c Mon Sep 17 00:00:00 2001 +From: Jan Kara +Date: Mon, 21 Oct 2019 10:37:59 +0200 +Subject: [PATCH] bdev: Factor out bdev revalidation into a common helper +Git-commit: 731dc4868311ee097757b8746eaa1b4f8b2b4f1c +Patch-mainline: v5.5-rc1 +References: bsc#1163920 + +Factor out code handling revalidation of bdev on disk change into a +common helper. + +Signed-off-by: Jan Kara +Signed-off-by: Jens Axboe +Acked-by: Jan Kara + +--- + fs/block_dev.c | 26 ++++++++++++++------------ + 1 file changed, 14 insertions(+), 12 deletions(-) + +diff --git a/fs/block_dev.c b/fs/block_dev.c +index 9c073dbdc1b0..88c6d35ec71d 100644 +--- a/fs/block_dev.c ++++ b/fs/block_dev.c +@@ -1512,6 +1512,14 @@ EXPORT_SYMBOL(bd_set_size); + + static void __blkdev_put(struct block_device *bdev, fmode_t mode, int for_part); + ++static void bdev_disk_changed(struct block_device *bdev, bool invalidate) ++{ ++ if (invalidate) ++ invalidate_partitions(bdev->bd_disk, bdev); ++ else ++ rescan_partitions(bdev->bd_disk, bdev); ++} ++ + /* + * bd_mutex locking: + * +@@ -1594,12 +1602,9 @@ static int __blkdev_get(struct block_device *bdev, fmode_t mode, int for_part) + * The latter is necessary to prevent ghost + * partitions on a removed medium. + */ +- if (bdev->bd_invalidated) { +- if (!ret) +- rescan_partitions(disk, bdev); +- else if (ret == -ENOMEDIUM) +- invalidate_partitions(disk, bdev); +- } ++ if (bdev->bd_invalidated && ++ (!ret || ret == -ENOMEDIUM)) ++ bdev_disk_changed(bdev, ret == -ENOMEDIUM); + + if (ret) + goto out_clear; +@@ -1632,12 +1637,9 @@ static int __blkdev_get(struct block_device *bdev, fmode_t mode, int for_part) + if (bdev->bd_disk->fops->open) + ret = bdev->bd_disk->fops->open(bdev, mode); + /* the same as first opener case, read comment there */ +- if (bdev->bd_invalidated) { +- if (!ret) +- rescan_partitions(bdev->bd_disk, bdev); +- else if (ret == -ENOMEDIUM) +- invalidate_partitions(bdev->bd_disk, bdev); +- } ++ if (bdev->bd_invalidated && ++ (!ret || ret == -ENOMEDIUM)) ++ bdev_disk_changed(bdev, ret == -ENOMEDIUM); + if (ret) + goto out_unlock_bdev; + } +-- +2.16.4 + diff --git a/patches.suse/bdev-Refresh-bdev-size-for-disks-without-partitionin.patch b/patches.suse/bdev-Refresh-bdev-size-for-disks-without-partitionin.patch new file mode 100644 index 0000000..6da5b5f --- /dev/null +++ b/patches.suse/bdev-Refresh-bdev-size-for-disks-without-partitionin.patch @@ -0,0 +1,66 @@ +From cba22d86e0a10b7070d2e6a7379dbea51aa0883c Mon Sep 17 00:00:00 2001 +From: Jan Kara +Date: Mon, 21 Oct 2019 10:38:00 +0200 +Subject: [PATCH] bdev: Refresh bdev size for disks without partitioning +Git-commit: cba22d86e0a10b7070d2e6a7379dbea51aa0883c +Patch-mainline: v5.5-rc1 +References: bsc#1163921 + +Currently, block device size in not updated on second and further open +for block devices where partition scan is disabled. This is particularly +annoying for example for DVD drives as that means block device size does +not get updated once the media is inserted into a drive if the device is +already open when inserting the media. This is actually always the case +for example when pktcdvd is in use. + +Fix the problem by revalidating block device size on every open even for +devices with partition scan disabled. + +Signed-off-by: Jan Kara +Signed-off-by: Jens Axboe +Acked-by: Jan Kara + +--- + fs/block_dev.c | 19 ++++++++++--------- + 1 file changed, 10 insertions(+), 9 deletions(-) + +diff --git a/fs/block_dev.c b/fs/block_dev.c +index 88c6d35ec71d..d612468ee66b 100644 +--- a/fs/block_dev.c ++++ b/fs/block_dev.c +@@ -1403,11 +1403,7 @@ static void flush_disk(struct block_device *bdev, bool kill_dirty) + "resized disk %s\n", + bdev->bd_disk ? bdev->bd_disk->disk_name : ""); + } +- +- if (!bdev->bd_disk) +- return; +- if (disk_part_scan_enabled(bdev->bd_disk)) +- bdev->bd_invalidated = 1; ++ bdev->bd_invalidated = 1; + } + + /** +@@ -1514,10 +1510,15 @@ static void __blkdev_put(struct block_device *bdev, fmode_t mode, int for_part); + + static void bdev_disk_changed(struct block_device *bdev, bool invalidate) + { +- if (invalidate) +- invalidate_partitions(bdev->bd_disk, bdev); +- else +- rescan_partitions(bdev->bd_disk, bdev); ++ if (disk_part_scan_enabled(bdev->bd_disk)) { ++ if (invalidate) ++ invalidate_partitions(bdev->bd_disk, bdev); ++ else ++ rescan_partitions(bdev->bd_disk, bdev); ++ } else { ++ check_disk_size_change(bdev->bd_disk, bdev, !invalidate); ++ bdev->bd_invalidated = 0; ++ } + } + + /* +-- +2.16.4 + diff --git a/patches.suse/bdev-add-open_finish.patch b/patches.suse/bdev-add-open_finish.patch index c7dbc24..606a745 100644 --- a/patches.suse/bdev-add-open_finish.patch +++ b/patches.suse/bdev-add-open_finish.patch @@ -35,15 +35,13 @@ v4: - reset first_open on looping to avoid reference leak - initialize capacity and partitions after open_finish --- - fs/block_dev.c | 22 ++++++++++++++++++---- - include/linux/blkdev.h | 1 + - 3 files changed, 21 insertions(+), 4 deletions(-) + fs/block_dev.c | 36 ++++++++++++++++++++++++++++++++---- + include/linux/blkdev.h | 1 + + 2 files changed, 33 insertions(+), 4 deletions(-) -diff --git a/fs/block_dev.c b/fs/block_dev.c -index 9c073dbdc1b0..c46d79918ba5 100644 --- a/fs/block_dev.c +++ b/fs/block_dev.c -@@ -1526,6 +1526,7 @@ static int __blkdev_get(struct block_device *bdev, fmode_t mode, int for_part) +@@ -1535,6 +1535,7 @@ static int __blkdev_get(struct block_dev int partno; int perm = 0; bool first_open = false; @@ -51,7 +49,7 @@ index 9c073dbdc1b0..c46d79918ba5 100644 if (mode & FMODE_READ) perm |= MAY_READ; -@@ -1545,6 +1546,7 @@ static int __blkdev_get(struct block_device *bdev, fmode_t mode, int for_part) +@@ -1554,6 +1555,7 @@ static int __blkdev_get(struct block_dev restart: ret = -ENXIO; @@ -59,7 +57,7 @@ index 9c073dbdc1b0..c46d79918ba5 100644 disk = bdev_get_gendisk(bdev, &partno); if (!disk) goto out; -@@ -1581,6 +1583,9 @@ static int __blkdev_get(struct block_device *bdev, fmode_t mode, int for_part) +@@ -1590,6 +1592,9 @@ static int __blkdev_get(struct block_dev put_disk_and_module(disk); goto restart; } @@ -69,16 +67,16 @@ index 9c073dbdc1b0..c46d79918ba5 100644 } if (!ret) { -@@ -1601,7 +1606,7 @@ static int __blkdev_get(struct block_device *bdev, fmode_t mode, int for_part) - invalidate_partitions(disk, bdev); - } +@@ -1607,7 +1612,7 @@ static int __blkdev_get(struct block_dev + (!ret || ret == -ENOMEDIUM)) + bdev_disk_changed(bdev, ret == -ENOMEDIUM); - if (ret) + if (ret && !need_finish) goto out_clear; } else { struct block_device *whole; -@@ -1627,10 +1632,14 @@ static int __blkdev_get(struct block_device *bdev, fmode_t mode, int for_part) +@@ -1633,15 +1638,19 @@ static int __blkdev_get(struct block_dev if (bdev->bd_bdi == &noop_backing_dev_info) bdev->bd_bdi = bdi_get(disk->queue->backing_dev_info); } else { @@ -93,18 +91,15 @@ index 9c073dbdc1b0..c46d79918ba5 100644 + need_finish = true; + } /* the same as first opener case, read comment there */ - if (bdev->bd_invalidated) { - if (!ret) -@@ -1638,7 +1647,7 @@ static int __blkdev_get(struct block_device *bdev, fmode_t mode, int for_part) - else if (ret == -ENOMEDIUM) - invalidate_partitions(bdev->bd_disk, bdev); - } + if (bdev->bd_invalidated && + (!ret || ret == -ENOMEDIUM)) + bdev_disk_changed(bdev, ret == -ENOMEDIUM); - if (ret) + if (ret && !need_finish) goto out_unlock_bdev; } } -@@ -1650,6 +1659,25 @@ static int __blkdev_get(struct block_device *bdev, fmode_t mode, int for_part) +@@ -1653,6 +1662,25 @@ static int __blkdev_get(struct block_dev /* only one opener holds refs to the module and disk */ if (!first_open) put_disk_and_module(disk); @@ -130,11 +125,9 @@ index 9c073dbdc1b0..c46d79918ba5 100644 return 0; out_clear: -diff --git a/include/linux/blkdev.h b/include/linux/blkdev.h -index f3ea78b0c91c..b67e93c6afb7 100644 --- a/include/linux/blkdev.h +++ b/include/linux/blkdev.h -@@ -1695,6 +1695,7 @@ static inline struct bio_vec *rq_integrity_vec(struct request *rq) +@@ -1695,6 +1695,7 @@ static inline struct bio_vec *rq_integri struct block_device_operations { int (*open) (struct block_device *, fmode_t); @@ -142,6 +135,3 @@ index f3ea78b0c91c..b67e93c6afb7 100644 void (*release) (struct gendisk *, fmode_t); int (*rw_page)(struct block_device *, sector_t, struct page *, unsigned int); int (*ioctl) (struct block_device *, fmode_t, unsigned, unsigned long); --- -2.23.0 - diff --git a/patches.suse/block-bfq-do-not-plug-I-O-for-bfq_queues-with-no-pro.patch b/patches.suse/block-bfq-do-not-plug-I-O-for-bfq_queues-with-no-pro.patch new file mode 100644 index 0000000..6ca9066 --- /dev/null +++ b/patches.suse/block-bfq-do-not-plug-I-O-for-bfq_queues-with-no-pro.patch @@ -0,0 +1,76 @@ +From f718b093277df582fbf8775548a4f163e664d282 Mon Sep 17 00:00:00 2001 +From: Paolo Valente +Date: Mon, 3 Feb 2020 11:40:54 +0100 +Subject: [PATCH] block, bfq: do not plug I/O for bfq_queues with no proc refs +Git-commit: f718b093277df582fbf8775548a4f163e664d282 +Patch-mainline: v5.6-rc1 +References: bsc#1163894 + +Commit 478de3380c1c ("block, bfq: deschedule empty bfq_queues not +referred by any process") fixed commit 3726112ec731 ("block, bfq: +re-schedule empty queues if they deserve I/O plugging") by +descheduling an empty bfq_queue when it remains with not process +reference. Yet, this still left a case uncovered: an empty bfq_queue +with not process reference that remains in service. This happens for +an in-service sync bfq_queue that is deemed to deserve I/O-dispatch +plugging when it remains empty. Yet no new requests will arrive for +such a bfq_queue if no process sends requests to it any longer. Even +worse, the bfq_queue may happen to be prematurely freed while still in +service (because there may remain no reference to it any longer). + +This commit solves this problem by preventing I/O dispatch from being +plugged for the in-service bfq_queue, if the latter has no process +reference (the bfq_queue is then prevented from remaining in service). + +Fixes: 3726112ec731 ("block, bfq: re-schedule empty queues if they deserve I/O plugging") +Tested-by: Oleksandr Natalenko +Reported-by: Patrick Dung +Tested-by: Patrick Dung +Signed-off-by: Paolo Valente +Signed-off-by: Jens Axboe +Acked-by: Jan Kara + +--- + block/bfq-iosched.c | 12 ++++++++++++ + 1 file changed, 12 insertions(+) + +diff --git a/block/bfq-iosched.c b/block/bfq-iosched.c +index 4686b68b48b4..55d4328e7c12 100644 +--- a/block/bfq-iosched.c ++++ b/block/bfq-iosched.c +@@ -3443,6 +3443,10 @@ static void bfq_dispatch_remove(struct request_queue *q, struct request *rq) + static bool idling_needed_for_service_guarantees(struct bfq_data *bfqd, + struct bfq_queue *bfqq) + { ++ /* No point in idling for bfqq if it won't get requests any longer */ ++ if (unlikely(!bfqq_process_refs(bfqq))) ++ return false; ++ + return (bfqq->wr_coeff > 1 && + (bfqd->wr_busy_queues < + bfq_tot_busy_queues(bfqd) || +@@ -4076,6 +4080,10 @@ static bool idling_boosts_thr_without_issues(struct bfq_data *bfqd, + bfqq_sequential_and_IO_bound, + idling_boosts_thr; + ++ /* No point in idling for bfqq if it won't get requests any longer */ ++ if (unlikely(!bfqq_process_refs(bfqq))) ++ return false; ++ + bfqq_sequential_and_IO_bound = !BFQQ_SEEKY(bfqq) && + bfq_bfqq_IO_bound(bfqq) && bfq_bfqq_has_short_ttime(bfqq); + +@@ -4169,6 +4177,10 @@ static bool bfq_better_to_idle(struct bfq_queue *bfqq) + struct bfq_data *bfqd = bfqq->bfqd; + bool idling_boosts_thr_with_no_issue, idling_needed_for_service_guar; + ++ /* No point in idling for bfqq if it won't get requests any longer */ ++ if (unlikely(!bfqq_process_refs(bfqq))) ++ return false; ++ + if (unlikely(bfqd->strict_guarantees)) + return true; + +-- +2.16.4 + diff --git a/patches.suse/block-fix-get_max_segment_size-overflow-on-32bit-arc.patch b/patches.suse/block-fix-get_max_segment_size-overflow-on-32bit-arc.patch new file mode 100644 index 0000000..95ccb08 --- /dev/null +++ b/patches.suse/block-fix-get_max_segment_size-overflow-on-32bit-arc.patch @@ -0,0 +1,53 @@ +From 4a2f704eb2d831a2d73d7f4cdd54f45c49c3c353 Mon Sep 17 00:00:00 2001 +From: Ming Lei +Date: Sat, 11 Jan 2020 20:57:43 +0800 +Subject: [PATCH] block: fix get_max_segment_size() overflow on 32bit arch +Git-commit: 4a2f704eb2d831a2d73d7f4cdd54f45c49c3c353 +Patch-mainline: v5.5-rc7 +References: bsc#1164285 + +Commit 429120f3df2d starts to take account of segment's start dma address +when computing max segment size, and data type of 'unsigned long' +is used to do that. However, the segment mask may be 0xffffffff, so +the figured out segment size may be overflowed in case of zero physical +address on 32bit arch. + +Fix the issue by returning queue_max_segment_size() directly when that +happens. + +Fixes: 429120f3df2d ("block: fix splitting segments on boundary masks") +Reported-by: Guenter Roeck +Tested-by: Guenter Roeck +Cc: Christoph Hellwig +Tested-by: Steven Rostedt (VMware) +Signed-off-by: Ming Lei +Signed-off-by: Jens Axboe +Acked-by: Jan Kara + +--- + block/blk-merge.c | 9 +++++++-- + 1 file changed, 7 insertions(+), 2 deletions(-) + +diff --git a/block/blk-merge.c b/block/blk-merge.c +index 347782a24a35..1534ed736363 100644 +--- a/block/blk-merge.c ++++ b/block/blk-merge.c +@@ -164,8 +164,13 @@ static inline unsigned get_max_segment_size(const struct request_queue *q, + unsigned long mask = queue_segment_boundary(q); + + offset = mask & (page_to_phys(start_page) + offset); +- return min_t(unsigned long, mask - offset + 1, +- queue_max_segment_size(q)); ++ ++ /* ++ * overflow may be triggered in case of zero page physical address ++ * on 32bit arch, use queue's max segment size when that happens. ++ */ ++ return min_not_zero(mask - offset + 1, ++ (unsigned long)queue_max_segment_size(q)); + } + + /** +-- +2.16.4 + diff --git a/patches.suse/block-fix-splitting-segments-on-boundary-masks.patch b/patches.suse/block-fix-splitting-segments-on-boundary-masks.patch new file mode 100644 index 0000000..d7f9b3b --- /dev/null +++ b/patches.suse/block-fix-splitting-segments-on-boundary-masks.patch @@ -0,0 +1,92 @@ +From 429120f3df2dba2bf3a4a19f4212a53ecefc7102 Mon Sep 17 00:00:00 2001 +From: Ming Lei +Date: Sun, 29 Dec 2019 10:32:30 +0800 +Subject: [PATCH] block: fix splitting segments on boundary masks +Git-commit: 429120f3df2dba2bf3a4a19f4212a53ecefc7102 +Patch-mainline: v5.5-rc5 +References: bsc#1163893 + +We ran into a problem with a mpt3sas based controller, where we would +see random (and hard to reproduce) file corruption). The issue seemed +specific to this controller, but wasn't specific to the file system. +After a lot of debugging, we find out that it's caused by segments +spanning a 4G memory boundary. This shouldn't happen, as the default +setting for segment boundary masks is 4G. + +Turns out there are two issues in get_max_segment_size(): + +1) The default segment boundary mask is bypassed + +2) The segment start address isn't taken into account when checking + segment boundary limit + +Fix these two issues by removing the bypass of the segment boundary +check even if the mask is set to the default value, and taking into +account the actual start address of the request when checking if a +segment needs splitting. + +Cc: stable@vger.kernel.org # v5.1+ +Reviewed-by: Chris Mason +Tested-by: Chris Mason +Fixes: dcebd755926b ("block: use bio_for_each_bvec() to compute multi-page bvec count") +Signed-off-by: Ming Lei + +Dropped const on the page pointer, ppc page_to_phys() doesn't mark the +page as const... + +Signed-off-by: Jens Axboe +Acked-by: Jan Kara + +--- + block/blk-merge.c | 18 +++++++++--------- + 1 file changed, 9 insertions(+), 9 deletions(-) + +diff --git a/block/blk-merge.c b/block/blk-merge.c +index d783bdc4559b..347782a24a35 100644 +--- a/block/blk-merge.c ++++ b/block/blk-merge.c +@@ -157,16 +157,14 @@ static inline unsigned get_max_io_size(struct request_queue *q, + return sectors & (lbs - 1); + } + +-static unsigned get_max_segment_size(const struct request_queue *q, +- unsigned offset) ++static inline unsigned get_max_segment_size(const struct request_queue *q, ++ struct page *start_page, ++ unsigned long offset) + { + unsigned long mask = queue_segment_boundary(q); + +- /* default segment boundary mask means no boundary limit */ +- if (mask == BLK_SEG_BOUNDARY_MASK) +- return queue_max_segment_size(q); +- +- return min_t(unsigned long, mask - (mask & offset) + 1, ++ offset = mask & (page_to_phys(start_page) + offset); ++ return min_t(unsigned long, mask - offset + 1, + queue_max_segment_size(q)); + } + +@@ -201,7 +199,8 @@ static bool bvec_split_segs(const struct request_queue *q, + unsigned seg_size = 0; + + while (len && *nsegs < max_segs) { +- seg_size = get_max_segment_size(q, bv->bv_offset + total_len); ++ seg_size = get_max_segment_size(q, bv->bv_page, ++ bv->bv_offset + total_len); + seg_size = min(seg_size, len); + + (*nsegs)++; +@@ -419,7 +418,8 @@ static unsigned blk_bvec_map_sg(struct request_queue *q, + + while (nbytes > 0) { + unsigned offset = bvec->bv_offset + total; +- unsigned len = min(get_max_segment_size(q, offset), nbytes); ++ unsigned len = min(get_max_segment_size(q, bvec->bv_page, ++ offset), nbytes); + struct page *page = bvec->bv_page; + + /* +-- +2.16.4 + diff --git a/patches.suse/clone3-ensure-copy_thread_tls-is-implemented.patch b/patches.suse/clone3-ensure-copy_thread_tls-is-implemented.patch new file mode 100644 index 0000000..b04e9b6 --- /dev/null +++ b/patches.suse/clone3-ensure-copy_thread_tls-is-implemented.patch @@ -0,0 +1,41 @@ +From: Amanieu d'Antras +Date: Thu, 2 Jan 2020 18:24:13 +0100 +Subject: clone3: ensure copy_thread_tls is implemented +Git-commit: dd499f7a7e34270208350a849ef103c0b3ae477f +Patch-mainline: v5.5-rc6 +References: bsc#1163988 + +copy_thread implementations handle CLONE_SETTLS by reading the TLS +value from the registers containing the syscall arguments for +clone. This doesn't work with clone3 since the TLS value is passed +in clone_args instead. + +Signed-off-by: Amanieu d'Antras +Cc: # 5.3.x +Link: https://lore.kernel.org/r/20200102172413.654385-8-amanieu@gmail.com +Signed-off-by: Christian Brauner +Acked-by: Michal Koutný +--- + kernel/fork.c | 10 ++++++++++ + 1 file changed, 10 insertions(+) + +--- a/kernel/fork.c ++++ b/kernel/fork.c +@@ -2520,6 +2520,16 @@ SYSCALL_DEFINE5(clone, unsigned long, cl + #endif + + #ifdef __ARCH_WANT_SYS_CLONE3 ++ ++/* ++ * copy_thread implementations handle CLONE_SETTLS by reading the TLS value from ++ * the registers containing the syscall arguments for clone. This doesn't work ++ * with clone3 since the TLS value is passed in clone_args instead. ++ */ ++#ifndef CONFIG_HAVE_COPY_THREAD_TLS ++#error clone3 requires copy_thread_tls support in arch ++#endif ++ + noinline static int copy_clone_args_from_user(struct kernel_clone_args *kargs, + struct clone_args __user *uargs, + size_t size) + diff --git a/patches.suse/compat_ioctl-block-handle-BLKGETZONESZ-BLKGETNRZONES.patch b/patches.suse/compat_ioctl-block-handle-BLKGETZONESZ-BLKGETNRZONES.patch new file mode 100644 index 0000000..baac95f --- /dev/null +++ b/patches.suse/compat_ioctl-block-handle-BLKGETZONESZ-BLKGETNRZONES.patch @@ -0,0 +1,39 @@ +From 21d37340912d74b1222d43c11aa9dd0687162573 Mon Sep 17 00:00:00 2001 +From: Arnd Bergmann +Date: Fri, 29 Nov 2019 11:28:22 +0100 +Subject: [PATCH] compat_ioctl: block: handle BLKGETZONESZ/BLKGETNRZONES +Git-commit: 21d37340912d74b1222d43c11aa9dd0687162573 +Patch-mainline: v5.5-rc4 +References: bsc#1163892 + +These were added to blkdev_ioctl() in v4.20 but not blkdev_compat_ioctl, +so add them now. + +Cc: # v4.20+ +Fixes: 72cd87576d1d ("block: Introduce BLKGETZONESZ ioctl") +Fixes: 65e4e3eee83d ("block: Introduce BLKGETNRZONES ioctl") +Reviewed-by: Damien Le Moal +Signed-off-by: Arnd Bergmann +Signed-off-by: Jens Axboe +Acked-by: Jan Kara + +--- + block/compat_ioctl.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/block/compat_ioctl.c b/block/compat_ioctl.c +index 830f91e05fe3..f5c1140b8624 100644 +--- a/block/compat_ioctl.c ++++ b/block/compat_ioctl.c +@@ -356,6 +356,8 @@ long compat_blkdev_ioctl(struct file *file, unsigned cmd, unsigned long arg) + case BLKRRPART: + case BLKREPORTZONE: + case BLKRESETZONE: ++ case BLKGETZONESZ: ++ case BLKGETNRZONES: + return blkdev_ioctl(bdev, mode, cmd, + (unsigned long)compat_ptr(arg)); + case BLKBSZSET_32: +-- +2.16.4 + diff --git a/patches.suse/compat_ioctl-block-handle-BLKREPORTZONE-BLKRESETZONE.patch b/patches.suse/compat_ioctl-block-handle-BLKREPORTZONE-BLKRESETZONE.patch new file mode 100644 index 0000000..61df582 --- /dev/null +++ b/patches.suse/compat_ioctl-block-handle-BLKREPORTZONE-BLKRESETZONE.patch @@ -0,0 +1,38 @@ +From 673bdf8ce0a387ef585c13b69a2676096c6edfe9 Mon Sep 17 00:00:00 2001 +From: Arnd Bergmann +Date: Fri, 29 Nov 2019 11:28:22 +0100 +Subject: [PATCH] compat_ioctl: block: handle BLKREPORTZONE/BLKRESETZONE +Git-commit: 673bdf8ce0a387ef585c13b69a2676096c6edfe9 +Patch-mainline: v5.5-rc4 +References: bsc#1163891 + +These were added to blkdev_ioctl() but not blkdev_compat_ioctl, +so add them now. + +Cc: # v4.10+ +Fixes: 3ed05a987e0f ("blk-zoned: implement ioctls") +Reviewed-by: Damien Le Moal +Signed-off-by: Arnd Bergmann +Signed-off-by: Jens Axboe +Acked-by: Jan Kara + +--- + block/compat_ioctl.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/block/compat_ioctl.c b/block/compat_ioctl.c +index 6ca015f92766..830f91e05fe3 100644 +--- a/block/compat_ioctl.c ++++ b/block/compat_ioctl.c +@@ -354,6 +354,8 @@ long compat_blkdev_ioctl(struct file *file, unsigned cmd, unsigned long arg) + * but we call blkdev_ioctl, which gets the lock for us + */ + case BLKRRPART: ++ case BLKREPORTZONE: ++ case BLKRESETZONE: + return blkdev_ioctl(bdev, mode, cmd, + (unsigned long)compat_ptr(arg)); + case BLKBSZSET_32: +-- +2.16.4 + diff --git a/patches.suse/erofs-fix-out-of-bound-read-for-shifted-uncompressed.patch b/patches.suse/erofs-fix-out-of-bound-read-for-shifted-uncompressed.patch new file mode 100644 index 0000000..16c6ca2 --- /dev/null +++ b/patches.suse/erofs-fix-out-of-bound-read-for-shifted-uncompressed.patch @@ -0,0 +1,65 @@ +From 4d2024370d877f9ac8b98694bcff666da6a5d333 Mon Sep 17 00:00:00 2001 +From: Gao Xiang +Date: Tue, 7 Jan 2020 10:25:46 +0800 +Subject: [PATCH] erofs: fix out-of-bound read for shifted uncompressed block +Git-commit: 4d2024370d877f9ac8b98694bcff666da6a5d333 +Patch-mainline: v5.6-rc1 +References: bsc#1163909 + +rq->out[1] should be valid before accessing. Otherwise, +in very rare cases, out-of-bound dirty onstack rq->out[1] +can equal to *in and lead to unintended memmove behavior. + +Link: https://lore.kernel.org/r/20200107022546.19432-1-gaoxiang25@huawei.com +Fixes: 7fc45dbc938a ("staging: erofs: introduce generic decompression backend") +Cc: # 5.3+ +Reviewed-by: Chao Yu +Signed-off-by: Gao Xiang +Acked-by: Jan Kara + +--- + drivers/staging/erofs/decompressor.c | 22 ++++++++++------------ + 1 file changed, 10 insertions(+), 12 deletions(-) + +diff --git a/drivers/staging/erofs/decompressor.c b/drivers/staging/erofs/decompressor.c +index 2890a67a1ded..5779a15c2cd6 100644 +--- a/drivers/staging/erofs/decompressor.c ++++ b/drivers/staging/erofs/decompressor.c +@@ -306,24 +306,22 @@ static int z_erofs_shifted_transform(const struct z_erofs_decompress_req *rq, + } + + src = kmap_atomic(*rq->in); +- if (!rq->out[0]) { +- dst = NULL; +- } else { ++ if (rq->out[0]) { + dst = kmap_atomic(rq->out[0]); + memcpy(dst + rq->pageofs_out, src, righthalf); ++ kunmap_atomic(dst); + } + +- if (rq->out[1] == *rq->in) { +- memmove(src, src + righthalf, rq->pageofs_out); +- } else if (nrpages_out == 2) { +- if (dst) +- kunmap_atomic(dst); ++ if (nrpages_out == 2) { + DBG_BUGON(!rq->out[1]); +- dst = kmap_atomic(rq->out[1]); +- memcpy(dst, src + righthalf, rq->pageofs_out); ++ if (rq->out[1] == *rq->in) { ++ memmove(src, src + righthalf, rq->pageofs_out); ++ } else { ++ dst = kmap_atomic(rq->out[1]); ++ memcpy(dst, src + righthalf, rq->pageofs_out); ++ kunmap_atomic(dst); ++ } + } +- if (dst) +- kunmap_atomic(dst); + kunmap_atomic(src); + return 0; + } +-- +2.16.4 + diff --git a/patches.suse/eventfd-track-eventfd_signal-recursion-depth.patch b/patches.suse/eventfd-track-eventfd_signal-recursion-depth.patch new file mode 100644 index 0000000..9a7d435 --- /dev/null +++ b/patches.suse/eventfd-track-eventfd_signal-recursion-depth.patch @@ -0,0 +1,108 @@ +From b5e683d5cab8cd433b06ae178621f083cabd4f63 Mon Sep 17 00:00:00 2001 +From: Jens Axboe +Date: Sun, 2 Feb 2020 08:23:03 -0700 +Subject: [PATCH] eventfd: track eventfd_signal() recursion depth +Git-commit: b5e683d5cab8cd433b06ae178621f083cabd4f63 +Patch-mainline: v5.6-rc1 +References: bsc#1163917 + +eventfd use cases from aio and io_uring can deadlock due to circular +or resursive calling, when eventfd_signal() tries to grab the waitqueue +lock. On top of that, it's also possible to construct notification +chains that are deep enough that we could blow the stack. + +Add a percpu counter that tracks the percpu recursion depth, warn if we +exceed it. The counter is also exposed so that users of eventfd_signal() +can do the right thing if it's non-zero in the context where it is +called. + +Cc: stable@vger.kernel.org # 4.19+ +Signed-off-by: Jens Axboe +Acked-by: Jan Kara + +--- + fs/eventfd.c | 15 +++++++++++++++ + include/linux/eventfd.h | 14 ++++++++++++++ + 2 files changed, 29 insertions(+) + +diff --git a/fs/eventfd.c b/fs/eventfd.c +index 8aa0ea8c55e8..78e41c7c3d05 100644 +--- a/fs/eventfd.c ++++ b/fs/eventfd.c +@@ -24,6 +24,8 @@ + #include + #include + ++DEFINE_PER_CPU(int, eventfd_wake_count); ++ + static DEFINE_IDA(eventfd_ida); + + struct eventfd_ctx { +@@ -60,12 +62,25 @@ __u64 eventfd_signal(struct eventfd_ctx *ctx, __u64 n) + { + unsigned long flags; + ++ /* ++ * Deadlock or stack overflow issues can happen if we recurse here ++ * through waitqueue wakeup handlers. If the caller users potentially ++ * nested waitqueues with custom wakeup handlers, then it should ++ * check eventfd_signal_count() before calling this function. If ++ * it returns true, the eventfd_signal() call should be deferred to a ++ * safe context. ++ */ ++ if (WARN_ON_ONCE(this_cpu_read(eventfd_wake_count))) ++ return 0; ++ + spin_lock_irqsave(&ctx->wqh.lock, flags); ++ this_cpu_inc(eventfd_wake_count); + if (ULLONG_MAX - ctx->count < n) + n = ULLONG_MAX - ctx->count; + ctx->count += n; + if (waitqueue_active(&ctx->wqh)) + wake_up_locked_poll(&ctx->wqh, EPOLLIN); ++ this_cpu_dec(eventfd_wake_count); + spin_unlock_irqrestore(&ctx->wqh.lock, flags); + + return n; +diff --git a/include/linux/eventfd.h b/include/linux/eventfd.h +index ffcc7724ca21..dc4fd8a6644d 100644 +--- a/include/linux/eventfd.h ++++ b/include/linux/eventfd.h +@@ -12,6 +12,8 @@ + #include + #include + #include ++#include ++#include + + /* + * CAREFUL: Check include/uapi/asm-generic/fcntl.h when defining +@@ -40,6 +42,13 @@ __u64 eventfd_signal(struct eventfd_ctx *ctx, __u64 n); + int eventfd_ctx_remove_wait_queue(struct eventfd_ctx *ctx, wait_queue_entry_t *wait, + __u64 *cnt); + ++DECLARE_PER_CPU(int, eventfd_wake_count); ++ ++static inline bool eventfd_signal_count(void) ++{ ++ return this_cpu_read(eventfd_wake_count); ++} ++ + #else /* CONFIG_EVENTFD */ + + /* +@@ -68,6 +77,11 @@ static inline int eventfd_ctx_remove_wait_queue(struct eventfd_ctx *ctx, + return -ENOSYS; + } + ++static inline bool eventfd_signal_count(void) ++{ ++ return false; ++} ++ + #endif + + #endif /* _LINUX_EVENTFD_H */ +-- +2.16.4 + diff --git a/patches.suse/ext4-add-cond_resched-to-ext4_protect_reserved_inode.patch b/patches.suse/ext4-add-cond_resched-to-ext4_protect_reserved_inode.patch new file mode 100644 index 0000000..2dd8b05 --- /dev/null +++ b/patches.suse/ext4-add-cond_resched-to-ext4_protect_reserved_inode.patch @@ -0,0 +1,68 @@ +From af133ade9a40794a37104ecbcc2827c0ea373a3c Mon Sep 17 00:00:00 2001 +From: Shijie Luo +Date: Mon, 10 Feb 2020 20:17:52 -0500 +Subject: [PATCH] ext4: add cond_resched() to ext4_protect_reserved_inode +Git-commit: af133ade9a40794a37104ecbcc2827c0ea373a3c +Patch-mainline: v5.6-rc2 +References: bsc#1164069 CVE-2020-8992 + +When journal size is set too big by "mkfs.ext4 -J size=", or when +we mount a crafted image to make journal inode->i_size too big, +the loop, "while (i < num)", holds cpu too long. This could cause +soft lockup. + +[ 529.357541] Call trace: +[ 529.357551] dump_backtrace+0x0/0x198 +[ 529.357555] show_stack+0x24/0x30 +[ 529.357562] dump_stack+0xa4/0xcc +[ 529.357568] watchdog_timer_fn+0x300/0x3e8 +[ 529.357574] __hrtimer_run_queues+0x114/0x358 +[ 529.357576] hrtimer_interrupt+0x104/0x2d8 +[ 529.357580] arch_timer_handler_virt+0x38/0x58 +[ 529.357584] handle_percpu_devid_irq+0x90/0x248 +[ 529.357588] generic_handle_irq+0x34/0x50 +[ 529.357590] __handle_domain_irq+0x68/0xc0 +[ 529.357593] gic_handle_irq+0x6c/0x150 +[ 529.357595] el1_irq+0xb8/0x140 +[ 529.357599] __ll_sc_atomic_add_return_acquire+0x14/0x20 +[ 529.357668] ext4_map_blocks+0x64/0x5c0 [ext4] +[ 529.357693] ext4_setup_system_zone+0x330/0x458 [ext4] +[ 529.357717] ext4_fill_super+0x2170/0x2ba8 [ext4] +[ 529.357722] mount_bdev+0x1a8/0x1e8 +[ 529.357746] ext4_mount+0x44/0x58 [ext4] +[ 529.357748] mount_fs+0x50/0x170 +[ 529.357752] vfs_kern_mount.part.9+0x54/0x188 +[ 529.357755] do_mount+0x5ac/0xd78 +[ 529.357758] ksys_mount+0x9c/0x118 +[ 529.357760] __arm64_sys_mount+0x28/0x38 +[ 529.357764] el0_svc_common+0x78/0x130 +[ 529.357766] el0_svc_handler+0x38/0x78 +[ 529.357769] el0_svc+0x8/0xc +[ 541.356516] watchdog: BUG: soft lockup - CPU#0 stuck for 23s! [mount:18674] + +Link: https://lore.kernel.org/r/20200211011752.29242-1-luoshijie1@huawei.com +Reviewed-by: Jan Kara +Signed-off-by: Shijie Luo +Signed-off-by: Theodore Ts'o +Cc: stable@kernel.org +Acked-by: Jan Kara + +--- + fs/ext4/block_validity.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/fs/ext4/block_validity.c b/fs/ext4/block_validity.c +index 1ee04e76bbe0..0a734ffb4310 100644 +--- a/fs/ext4/block_validity.c ++++ b/fs/ext4/block_validity.c +@@ -207,6 +207,7 @@ static int ext4_protect_reserved_inode(struct super_block *sb, + return PTR_ERR(inode); + num = (inode->i_size + sb->s_blocksize - 1) >> sb->s_blocksize_bits; + while (i < num) { ++ cond_resched(); + map.m_lblk = i; + map.m_len = num - i; + n = ext4_map_blocks(NULL, inode, &map, 0); +-- +2.16.4 + diff --git a/patches.suse/ext4-fix-checksum-errors-with-indexed-dirs.patch b/patches.suse/ext4-fix-checksum-errors-with-indexed-dirs.patch new file mode 100644 index 0000000..23dd1ec --- /dev/null +++ b/patches.suse/ext4-fix-checksum-errors-with-indexed-dirs.patch @@ -0,0 +1,135 @@ +From 48a34311953d921235f4d7bbd2111690d2e469cf Mon Sep 17 00:00:00 2001 +From: Jan Kara +Date: Mon, 10 Feb 2020 15:43:16 +0100 +Subject: [PATCH] ext4: fix checksum errors with indexed dirs +Git-commit: 48a34311953d921235f4d7bbd2111690d2e469cf +Patch-mainline: v5.6-rc2 +References: bsc#1160979 + +DIR_INDEX has been introduced as a compat ext4 feature. That means that +even kernels / tools that don't understand the feature may modify the +filesystem. This works because for kernels not understanding indexed dir +format, internal htree nodes appear just as empty directory entries. +Index dir aware kernels then check the htree structure is still +consistent before using the data. This all worked reasonably well until +metadata checksums were introduced. The problem is that these +effectively made DIR_INDEX only ro-compatible because internal htree +nodes store checksums in a different place than normal directory blocks. +Thus any modification ignorant to DIR_INDEX (or just clearing +EXT4_INDEX_FL from the inode) will effectively cause checksum mismatch +and trigger kernel errors. So we have to be more careful when dealing +with indexed directories on filesystems with checksumming enabled. + +1) We just disallow loading any directory inodes with EXT4_INDEX_FL when +DIR_INDEX is not enabled. This is harsh but it should be very rare (it +means someone disabled DIR_INDEX on existing filesystem and didn't run +e2fsck), e2fsck can fix the problem, and we don't want to answer the +difficult question: "Should we rather corrupt the directory more or +should we ignore that DIR_INDEX feature is not set?" + +2) When we find out htree structure is corrupted (but the filesystem and +the directory should in support htrees), we continue just ignoring htree +information for reading but we refuse to add new entries to the +directory to avoid corrupting it more. + +Link: https://lore.kernel.org/r/20200210144316.22081-1-jack@suse.cz +Fixes: dbe89444042a ("ext4: Calculate and verify checksums for htree nodes") +Reviewed-by: Andreas Dilger +Signed-off-by: Jan Kara +Signed-off-by: Theodore Ts'o +Cc: stable@kernel.org +Acked-by: Jan Kara + +--- + fs/ext4/dir.c | 14 ++++++++------ + fs/ext4/ext4.h | 5 ++++- + fs/ext4/inode.c | 12 ++++++++++++ + fs/ext4/namei.c | 7 +++++++ + 4 files changed, 31 insertions(+), 7 deletions(-) + +diff --git a/fs/ext4/dir.c b/fs/ext4/dir.c +index 1f340743c9a8..9aa1f75409b0 100644 +--- a/fs/ext4/dir.c ++++ b/fs/ext4/dir.c +@@ -129,12 +129,14 @@ static int ext4_readdir(struct file *file, struct dir_context *ctx) + if (err != ERR_BAD_DX_DIR) { + return err; + } +- /* +- * We don't set the inode dirty flag since it's not +- * critical that it get flushed back to the disk. +- */ +- ext4_clear_inode_flag(file_inode(file), +- EXT4_INODE_INDEX); ++ /* Can we just clear INDEX flag to ignore htree information? */ ++ if (!ext4_has_metadata_csum(sb)) { ++ /* ++ * We don't set the inode dirty flag since it's not ++ * critical that it gets flushed back to the disk. ++ */ ++ ext4_clear_inode_flag(inode, EXT4_INODE_INDEX); ++ } + } + + if (ext4_has_inline_data(inode)) { +diff --git a/fs/ext4/ext4.h b/fs/ext4/ext4.h +index 9a2ee2428ecc..4441331d06cc 100644 +--- a/fs/ext4/ext4.h ++++ b/fs/ext4/ext4.h +@@ -2544,8 +2544,11 @@ void ext4_insert_dentry(struct inode *inode, + struct ext4_filename *fname); + static inline void ext4_update_dx_flag(struct inode *inode) + { +- if (!ext4_has_feature_dir_index(inode->i_sb)) ++ if (!ext4_has_feature_dir_index(inode->i_sb)) { ++ /* ext4_iget() should have caught this... */ ++ WARN_ON_ONCE(ext4_has_feature_metadata_csum(inode->i_sb)); + ext4_clear_inode_flag(inode, EXT4_INODE_INDEX); ++ } + } + static const unsigned char ext4_filetype_table[] = { + DT_UNKNOWN, DT_REG, DT_DIR, DT_CHR, DT_BLK, DT_FIFO, DT_SOCK, DT_LNK +diff --git a/fs/ext4/inode.c b/fs/ext4/inode.c +index 3313168b680f..c04a15fc8b6a 100644 +--- a/fs/ext4/inode.c ++++ b/fs/ext4/inode.c +@@ -4644,6 +4644,18 @@ struct inode *__ext4_iget(struct super_block *sb, unsigned long ino, + ret = -EFSCORRUPTED; + goto bad_inode; + } ++ /* ++ * If dir_index is not enabled but there's dir with INDEX flag set, ++ * we'd normally treat htree data as empty space. But with metadata ++ * checksumming that corrupts checksums so forbid that. ++ */ ++ if (!ext4_has_feature_dir_index(sb) && ext4_has_metadata_csum(sb) && ++ ext4_test_inode_flag(inode, EXT4_INODE_INDEX)) { ++ ext4_error_inode(inode, function, line, 0, ++ "iget: Dir with htree data on filesystem without dir_index feature."); ++ ret = -EFSCORRUPTED; ++ goto bad_inode; ++ } + ei->i_disksize = inode->i_size; + #ifdef CONFIG_QUOTA + ei->i_reserved_quota = 0; +diff --git a/fs/ext4/namei.c b/fs/ext4/namei.c +index 129d2ebae00d..ceff4b4b1877 100644 +--- a/fs/ext4/namei.c ++++ b/fs/ext4/namei.c +@@ -2213,6 +2213,13 @@ static int ext4_add_entry(handle_t *handle, struct dentry *dentry, + retval = ext4_dx_add_entry(handle, &fname, dir, inode); + if (!retval || (retval != ERR_BAD_DX_DIR)) + goto out; ++ /* Can we just ignore htree data? */ ++ if (ext4_has_metadata_csum(sb)) { ++ EXT4_ERROR_INODE(dir, ++ "Directory has corrupted htree index."); ++ retval = -EFSCORRUPTED; ++ goto out; ++ } + ext4_clear_inode_flag(dir, EXT4_INODE_INDEX); + dx_fallback++; + ext4_mark_inode_dirty(handle, dir); +-- +2.16.4 + diff --git a/patches.suse/ext4-fix-deadlock-allocating-crypto-bounce-page-from.patch b/patches.suse/ext4-fix-deadlock-allocating-crypto-bounce-page-from.patch new file mode 100644 index 0000000..9043400 --- /dev/null +++ b/patches.suse/ext4-fix-deadlock-allocating-crypto-bounce-page-from.patch @@ -0,0 +1,76 @@ +From 547c556f4db7c09447ecf5f833ab6aaae0c5ab58 Mon Sep 17 00:00:00 2001 +From: Eric Biggers +Date: Tue, 31 Dec 2019 12:11:49 -0600 +Subject: [PATCH] ext4: fix deadlock allocating crypto bounce page from mempool +Git-commit: 547c556f4db7c09447ecf5f833ab6aaae0c5ab58 +Patch-mainline: v5.6-rc1 +References: bsc#1163898 + +ext4_writepages() on an encrypted file has to encrypt the data, but it +can't modify the pagecache pages in-place, so it encrypts the data into +bounce pages and writes those instead. All bounce pages are allocated +from a mempool using GFP_NOFS. + +This is not correct use of a mempool, and it can deadlock. This is +because GFP_NOFS includes __GFP_DIRECT_RECLAIM, which enables the "never +fail" mode for mempool_alloc() where a failed allocation will fall back +to waiting for one of the preallocated elements in the pool. + +But since this mode is used for all a bio's pages and not just the +first, it can deadlock waiting for pages already in the bio to be freed. + +This deadlock can be reproduced by patching mempool_alloc() to pretend +that pool->alloc() always fails (so that it always falls back to the +preallocations), and then creating an encrypted file of size > 128 KiB. + +Fix it by only using GFP_NOFS for the first page in the bio. For +subsequent pages just use GFP_NOWAIT, and if any of those fail, just +submit the bio and start a new one. + +This will need to be fixed in f2fs too, but that's less straightforward. + +Fixes: c9af28fdd449 ("ext4 crypto: don't let data integrity writebacks fail with ENOMEM") +Cc: stable@vger.kernel.org +Signed-off-by: Eric Biggers +Link: https://lore.kernel.org/r/20191231181149.47619-1-ebiggers@kernel.org +Signed-off-by: Theodore Ts'o +Acked-by: Jan Kara + +--- + fs/ext4/page-io.c | 19 ++++++++++++++----- + 1 file changed, 14 insertions(+), 5 deletions(-) + +--- a/fs/ext4/page-io.c ++++ b/fs/ext4/page-io.c +@@ -478,17 +478,26 @@ int ext4_bio_write_page(struct ext4_io_s + gfp_t gfp_flags = GFP_NOFS; + unsigned int enc_bytes = round_up(len, i_blocksize(inode)); + ++ /* ++ * Since bounce page allocation uses a mempool, we can only use ++ * a waiting mask (i.e. request guaranteed allocation) on the ++ * first page of the bio. Otherwise it can deadlock. ++ */ ++ if (io->io_bio) ++ gfp_flags = GFP_NOWAIT | __GFP_NOWARN; + retry_encrypt: + bounce_page = fscrypt_encrypt_pagecache_blocks(page, enc_bytes, + 0, gfp_flags); + if (IS_ERR(bounce_page)) { + ret = PTR_ERR(bounce_page); +- if (ret == -ENOMEM && wbc->sync_mode == WB_SYNC_ALL) { +- if (io->io_bio) { ++ if (ret == -ENOMEM && ++ (io->io_bio || wbc->sync_mode == WB_SYNC_ALL)) { ++ gfp_flags = GFP_NOFS; ++ if (io->io_bio) + ext4_io_submit(io); +- congestion_wait(BLK_RW_ASYNC, HZ/50); +- } +- gfp_flags |= __GFP_NOFAIL; ++ else ++ gfp_flags |= __GFP_NOFAIL; ++ congestion_wait(BLK_RW_ASYNC, HZ/50); + goto retry_encrypt; + } + bounce_page = NULL; diff --git a/patches.suse/ext4-fix-kernel-oops-caused-by-spurious-casefold-fla.patch b/patches.suse/ext4-fix-kernel-oops-caused-by-spurious-casefold-fla.patch new file mode 100644 index 0000000..ae3b1f9 --- /dev/null +++ b/patches.suse/ext4-fix-kernel-oops-caused-by-spurious-casefold-fla.patch @@ -0,0 +1,108 @@ +From 6456ca6520ab6c9aec589b4640169cd6da378c68 Mon Sep 17 00:00:00 2001 +From: Theodore Ts'o +Date: Tue, 3 Sep 2019 01:43:17 -0400 +Subject: [PATCH] ext4: fix kernel oops caused by spurious casefold flag +Git-commit: 6456ca6520ab6c9aec589b4640169cd6da378c68 +Patch-mainline: v5.4-rc1 +References: bsc#1163984 + +If an directory has the a casefold flag set without the casefold +feature set, s_encoding will not be initialized, and this will cause +the kernel to dereference a NULL pointer. In addition to adding +checks to avoid these kernel oops, attempts to load inodes with the +casefold flag when the casefold feature is not enable will cause the +file system to be declared corrupted. + +Signed-off-by: Theodore Ts'o +Acked-by: Jan Kara + +--- + fs/ext4/dir.c | 7 ++++--- + fs/ext4/hash.c | 2 +- + fs/ext4/inode.c | 3 +++ + fs/ext4/namei.c | 4 ++-- + 4 files changed, 10 insertions(+), 6 deletions(-) + +diff --git a/fs/ext4/dir.c b/fs/ext4/dir.c +index 86054f31fe4d..9fdd2b269d61 100644 +--- a/fs/ext4/dir.c ++++ b/fs/ext4/dir.c +@@ -668,14 +668,15 @@ static int ext4_d_compare(const struct dentry *dentry, unsigned int len, + const char *str, const struct qstr *name) + { + struct qstr qstr = {.name = str, .len = len }; ++ struct inode *inode = dentry->d_parent->d_inode; + +- if (!IS_CASEFOLDED(dentry->d_parent->d_inode)) { ++ if (!IS_CASEFOLDED(inode) || !EXT4_SB(inode->i_sb)->s_encoding) { + if (len != name->len) + return -1; + return memcmp(str, name->name, len); + } + +- return ext4_ci_compare(dentry->d_parent->d_inode, name, &qstr, false); ++ return ext4_ci_compare(inode, name, &qstr, false); + } + + static int ext4_d_hash(const struct dentry *dentry, struct qstr *str) +@@ -685,7 +686,7 @@ static int ext4_d_hash(const struct dentry *dentry, struct qstr *str) + unsigned char *norm; + int len, ret = 0; + +- if (!IS_CASEFOLDED(dentry->d_inode)) ++ if (!IS_CASEFOLDED(dentry->d_inode) || !um) + return 0; + + norm = kmalloc(PATH_MAX, GFP_ATOMIC); +diff --git a/fs/ext4/hash.c b/fs/ext4/hash.c +index d358bfcb6b3f..3e133793a5a3 100644 +--- a/fs/ext4/hash.c ++++ b/fs/ext4/hash.c +@@ -280,7 +280,7 @@ int ext4fs_dirhash(const struct inode *dir, const char *name, int len, + unsigned char *buff; + struct qstr qstr = {.name = name, .len = len }; + +- if (len && IS_CASEFOLDED(dir)) { ++ if (len && IS_CASEFOLDED(dir) && um) { + buff = kzalloc(sizeof(char) * PATH_MAX, GFP_KERNEL); + if (!buff) + return -ENOMEM; +diff --git a/fs/ext4/inode.c b/fs/ext4/inode.c +index e567f0229d4e..4e271b509af1 100644 +--- a/fs/ext4/inode.c ++++ b/fs/ext4/inode.c +@@ -5067,6 +5067,9 @@ struct inode *__ext4_iget(struct super_block *sb, unsigned long ino, + "iget: bogus i_mode (%o)", inode->i_mode); + goto bad_inode; + } ++ if (IS_CASEFOLDED(inode) && !ext4_has_feature_casefold(inode->i_sb)) ++ ext4_error_inode(inode, function, line, 0, ++ "casefold flag without casefold feature"); + brelse(iloc.bh); + + unlock_new_inode(inode); +diff --git a/fs/ext4/namei.c b/fs/ext4/namei.c +index 129029534075..a427d2031a8d 100644 +--- a/fs/ext4/namei.c ++++ b/fs/ext4/namei.c +@@ -1312,7 +1312,7 @@ void ext4_fname_setup_ci_filename(struct inode *dir, const struct qstr *iname, + { + int len; + +- if (!IS_CASEFOLDED(dir)) { ++ if (!IS_CASEFOLDED(dir) || !EXT4_SB(dir->i_sb)->s_encoding) { + cf_name->name = NULL; + return; + } +@@ -2183,7 +2183,7 @@ static int ext4_add_entry(handle_t *handle, struct dentry *dentry, + + #ifdef CONFIG_UNICODE + if (ext4_has_strict_mode(sbi) && IS_CASEFOLDED(dir) && +- utf8_validate(sbi->s_encoding, &dentry->d_name)) ++ sbi->s_encoding && utf8_validate(sbi->s_encoding, &dentry->d_name)) + return -EINVAL; + #endif + +-- +2.16.4 + diff --git a/patches.suse/ext4-fix-race-conditions-in-d_compare-and-d_hash.patch b/patches.suse/ext4-fix-race-conditions-in-d_compare-and-d_hash.patch new file mode 100644 index 0000000..7cfad20 --- /dev/null +++ b/patches.suse/ext4-fix-race-conditions-in-d_compare-and-d_hash.patch @@ -0,0 +1,83 @@ +From ec772f01307a2c06ebf6cdd221e6b518a71ddae7 Mon Sep 17 00:00:00 2001 +From: Eric Biggers +Date: Thu, 23 Jan 2020 20:12:34 -0800 +Subject: [PATCH] ext4: fix race conditions in ->d_compare() and ->d_hash() +Git-commit: ec772f01307a2c06ebf6cdd221e6b518a71ddae7 +Patch-mainline: v5.6-rc1 +References: bsc#1163899 + +Since ->d_compare() and ->d_hash() can be called in RCU-walk mode, +->d_parent and ->d_inode can be concurrently modified, and in +particular, ->d_inode may be changed to NULL. For ext4_d_hash() this +resulted in a reproducible NULL dereference if a lookup is done in a +directory being deleted, e.g. with: + + int main() + { + if (fork()) { + for (;;) { + mkdir("subdir", 0700); + rmdir("subdir"); + } + } else { + for (;;) + access("subdir/file", 0); + } + } + +... or by running the 't_encrypted_d_revalidate' program from xfstests. +Both repros work in any directory on a filesystem with the encoding +feature, even if the directory doesn't actually have the casefold flag. + +I couldn't reproduce a crash in ext4_d_compare(), but it appears that a +similar crash is possible there. + +Fix these bugs by reading ->d_parent and ->d_inode using READ_ONCE() and +falling back to the case sensitive behavior if the inode is NULL. + +Reported-by: Al Viro +Fixes: b886ee3e778e ("ext4: Support case-insensitive file name lookups") +Cc: # v5.2+ +Signed-off-by: Eric Biggers +Link: https://lore.kernel.org/r/20200124041234.159740-1-ebiggers@kernel.org +Signed-off-by: Theodore Ts'o +Acked-by: Jan Kara + +--- + fs/ext4/dir.c | 9 ++++++--- + 1 file changed, 6 insertions(+), 3 deletions(-) + +diff --git a/fs/ext4/dir.c b/fs/ext4/dir.c +index 8964778aabef..0129d1462988 100644 +--- a/fs/ext4/dir.c ++++ b/fs/ext4/dir.c +@@ -671,9 +671,11 @@ static int ext4_d_compare(const struct dentry *dentry, unsigned int len, + const char *str, const struct qstr *name) + { + struct qstr qstr = {.name = str, .len = len }; +- struct inode *inode = dentry->d_parent->d_inode; ++ const struct dentry *parent = READ_ONCE(dentry->d_parent); ++ const struct inode *inode = READ_ONCE(parent->d_inode); + +- if (!IS_CASEFOLDED(inode) || !EXT4_SB(inode->i_sb)->s_encoding) { ++ if (!inode || !IS_CASEFOLDED(inode) || ++ !EXT4_SB(inode->i_sb)->s_encoding) { + if (len != name->len) + return -1; + return memcmp(str, name->name, len); +@@ -686,10 +688,11 @@ static int ext4_d_hash(const struct dentry *dentry, struct qstr *str) + { + const struct ext4_sb_info *sbi = EXT4_SB(dentry->d_sb); + const struct unicode_map *um = sbi->s_encoding; ++ const struct inode *inode = READ_ONCE(dentry->d_inode); + unsigned char *norm; + int len, ret = 0; + +- if (!IS_CASEFOLDED(dentry->d_inode) || !um) ++ if (!inode || !IS_CASEFOLDED(inode) || !um) + return 0; + + norm = kmalloc(PATH_MAX, GFP_ATOMIC); +-- +2.16.4 + diff --git a/patches.suse/ext4-fix-support-for-inode-sizes-1024-bytes.patch b/patches.suse/ext4-fix-support-for-inode-sizes-1024-bytes.patch new file mode 100644 index 0000000..341008e --- /dev/null +++ b/patches.suse/ext4-fix-support-for-inode-sizes-1024-bytes.patch @@ -0,0 +1,71 @@ +From 4f97a68192bd33b9963b400759cef0ca5963af00 Mon Sep 17 00:00:00 2001 +From: Theodore Ts'o +Date: Thu, 6 Feb 2020 17:35:01 -0500 +Subject: [PATCH] ext4: fix support for inode sizes > 1024 bytes +Git-commit: 4f97a68192bd33b9963b400759cef0ca5963af00 +Patch-mainline: v5.6-rc2 +References: bsc#1164284 + +A recent commit, 9803387c55f7 ("ext4: validate the +debug_want_extra_isize mount option at parse time"), moved mount-time +checks around. One of those changes moved the inode size check before +the blocksize variable was set to the blocksize of the file system. +After 9803387c55f7 was set to the minimum allowable blocksize, which +in practice on most systems would be 1024 bytes. This cuased file +systems with inode sizes larger than 1024 bytes to be rejected with a +Message: + +EXT4-fs (sdXX): unsupported inode size: 4096 + +Fixes: 9803387c55f7 ("ext4: validate the debug_want_extra_isize mount option at parse time") +Link: https://lore.kernel.org/r/20200206225252.GA3673@mit.edu +Reported-by: Herbert Poetzl +Signed-off-by: Theodore Ts'o +Cc: stable@kernel.org +Acked-by: Jan Kara + +--- + fs/ext4/super.c | 18 ++++++++++-------- + 1 file changed, 10 insertions(+), 8 deletions(-) + +--- a/fs/ext4/super.c ++++ b/fs/ext4/super.c +@@ -3754,6 +3754,15 @@ static int ext4_fill_super(struct super_ + */ + sbi->s_li_wait_mult = EXT4_DEF_LI_WAIT_MULT; + ++ blocksize = BLOCK_SIZE << le32_to_cpu(es->s_log_block_size); ++ if (blocksize < EXT4_MIN_BLOCK_SIZE || ++ blocksize > EXT4_MAX_BLOCK_SIZE) { ++ ext4_msg(sb, KERN_ERR, ++ "Unsupported filesystem blocksize %d (%d log_block_size)", ++ blocksize, le32_to_cpu(es->s_log_block_size)); ++ goto failed_mount; ++ } ++ + if (le32_to_cpu(es->s_rev_level) == EXT4_GOOD_OLD_REV) { + sbi->s_inode_size = EXT4_GOOD_OLD_INODE_SIZE; + sbi->s_first_ino = EXT4_GOOD_OLD_FIRST_INO; +@@ -3771,6 +3780,7 @@ static int ext4_fill_super(struct super_ + ext4_msg(sb, KERN_ERR, + "unsupported inode size: %d", + sbi->s_inode_size); ++ ext4_msg(sb, KERN_ERR, "blocksize: %d", blocksize); + goto failed_mount; + } + if (sbi->s_inode_size > EXT4_GOOD_OLD_INODE_SIZE) +@@ -3961,14 +3971,6 @@ static int ext4_fill_super(struct super_ + if (!ext4_feature_set_ok(sb, (sb_rdonly(sb)))) + goto failed_mount; + +- blocksize = BLOCK_SIZE << le32_to_cpu(es->s_log_block_size); +- if (blocksize < EXT4_MIN_BLOCK_SIZE || +- blocksize > EXT4_MAX_BLOCK_SIZE) { +- ext4_msg(sb, KERN_ERR, +- "Unsupported filesystem blocksize %d (%d log_block_size)", +- blocksize, le32_to_cpu(es->s_log_block_size)); +- goto failed_mount; +- } + if (le32_to_cpu(es->s_log_block_size) > + (EXT4_MAX_BLOCK_LOG_SIZE - EXT4_MIN_BLOCK_LOG_SIZE)) { + ext4_msg(sb, KERN_ERR, diff --git a/patches.suse/ext4-improve-explanation-of-a-mount-failure-caused-b.patch b/patches.suse/ext4-improve-explanation-of-a-mount-failure-caused-b.patch new file mode 100644 index 0000000..e29ad35 --- /dev/null +++ b/patches.suse/ext4-improve-explanation-of-a-mount-failure-caused-b.patch @@ -0,0 +1,60 @@ +From d65d87a07476aa17df2dcb3ad18c22c154315bec Mon Sep 17 00:00:00 2001 +From: Theodore Ts'o +Date: Fri, 14 Feb 2020 18:11:19 -0500 +Subject: [PATCH] ext4: improve explanation of a mount failure caused by a + misconfigured kernel +Git-commit: d65d87a07476aa17df2dcb3ad18c22c154315bec +Patch-mainline: v5.6-rc2 +References: bsc#1163843 + +If CONFIG_QFMT_V2 is not enabled, but CONFIG_QUOTA is enabled, when a +user tries to mount a file system with the quota or project quota +enabled, the kernel will emit a very confusing messsage: + + EXT4-fs warning (device vdc): ext4_enable_quotas:5914: Failed to enable quota tracking (type=0, err=-3). Please run e2fsck to fix. + EXT4-fs (vdc): mount failed + +We will now report an explanatory message indicating which kernel +configuration options have to be enabled, to avoid customer/sysadmin +confusion. + +Link: https://lore.kernel.org/r/20200215012738.565735-1-tytso@mit.edu +Google-bug-id: 149093531 +Fixes: 7c319d328505b778 ("ext4: make quota as first class supported feature") +Signed-off-by: Theodore Ts'o +Cc: stable@kernel.org +Acked-by: Jan Kara + +--- + fs/ext4/super.c | 14 ++++---------- + 1 file changed, 4 insertions(+), 10 deletions(-) + +diff --git a/fs/ext4/super.c b/fs/ext4/super.c +index b0b9150c9773..f131eaa52f22 100644 +--- a/fs/ext4/super.c ++++ b/fs/ext4/super.c +@@ -3009,17 +3009,11 @@ static int ext4_feature_set_ok(struct super_block *sb, int readonly) + return 0; + } + +-#ifndef CONFIG_QUOTA +- if (ext4_has_feature_quota(sb) && !readonly) { ++#if !defined(CONFIG_QUOTA) || !defined(CONFIG_QFMT_V2) ++ if (!readonly && (ext4_has_feature_quota(sb) || ++ ext4_has_feature_project(sb))) { + ext4_msg(sb, KERN_ERR, +- "Filesystem with quota feature cannot be mounted RDWR " +- "without CONFIG_QUOTA"); +- return 0; +- } +- if (ext4_has_feature_project(sb) && !readonly) { +- ext4_msg(sb, KERN_ERR, +- "Filesystem with project quota feature cannot be mounted RDWR " +- "without CONFIG_QUOTA"); ++ "The kernel was not built with CONFIG_QUOTA and CONFIG_QFMT_V2"); + return 0; + } + #endif /* CONFIG_QUOTA */ +-- +2.16.4 + diff --git a/patches.suse/ext4-jbd2-ensure-panic-when-aborting-with-zero-errno.patch b/patches.suse/ext4-jbd2-ensure-panic-when-aborting-with-zero-errno.patch new file mode 100644 index 0000000..b02c58a --- /dev/null +++ b/patches.suse/ext4-jbd2-ensure-panic-when-aborting-with-zero-errno.patch @@ -0,0 +1,76 @@ +From 51f57b01e4a3c7d7bdceffd84de35144e8c538e7 Mon Sep 17 00:00:00 2001 +From: "zhangyi (F)" +Date: Wed, 4 Dec 2019 20:46:12 +0800 +Subject: [PATCH] ext4, jbd2: ensure panic when aborting with zero errno +Git-commit: 51f57b01e4a3c7d7bdceffd84de35144e8c538e7 +Patch-mainline: v5.6-rc1 +References: bsc#1163853 + +JBD2_REC_ERR flag used to indicate the errno has been updated when jbd2 +aborted, and then __ext4_abort() and ext4_handle_error() can invoke +panic if ERRORS_PANIC is specified. But if the journal has been aborted +with zero errno, jbd2_journal_abort() didn't set this flag so we can +no longer panic. Fix this by always record the proper errno in the +journal superblock. + +Fixes: 4327ba52afd03 ("ext4, jbd2: ensure entering into panic after recording an error in superblock") +Signed-off-by: zhangyi (F) +Reviewed-by: Jan Kara +Link: https://lore.kernel.org/r/20191204124614.45424-3-yi.zhang@huawei.com +Signed-off-by: Theodore Ts'o +Acked-by: Jan Kara + +--- + fs/jbd2/checkpoint.c | 2 +- + fs/jbd2/journal.c | 15 ++++----------- + 2 files changed, 5 insertions(+), 12 deletions(-) + +diff --git a/fs/jbd2/checkpoint.c b/fs/jbd2/checkpoint.c +index 8fff6677a5da..96bf33986d03 100644 +--- a/fs/jbd2/checkpoint.c ++++ b/fs/jbd2/checkpoint.c +@@ -164,7 +164,7 @@ void __jbd2_log_wait_for_space(journal_t *journal) + "journal space in %s\n", __func__, + journal->j_devname); + WARN_ON(1); +- jbd2_journal_abort(journal, 0); ++ jbd2_journal_abort(journal, -EIO); + } + write_lock(&journal->j_state_lock); + } else { +diff --git a/fs/jbd2/journal.c b/fs/jbd2/journal.c +index 5f9edb12f11a..9e9275540071 100644 +--- a/fs/jbd2/journal.c ++++ b/fs/jbd2/journal.c +@@ -2156,12 +2156,10 @@ static void __journal_abort_soft (journal_t *journal, int errno) + + __jbd2_journal_abort_hard(journal); + +- if (errno) { +- jbd2_journal_update_sb_errno(journal); +- write_lock(&journal->j_state_lock); +- journal->j_flags |= JBD2_REC_ERR; +- write_unlock(&journal->j_state_lock); +- } ++ jbd2_journal_update_sb_errno(journal); ++ write_lock(&journal->j_state_lock); ++ journal->j_flags |= JBD2_REC_ERR; ++ write_unlock(&journal->j_state_lock); + } + + /** +@@ -2203,11 +2201,6 @@ static void __journal_abort_soft (journal_t *journal, int errno) + * failure to disk. ext3_error, for example, now uses this + * functionality. + * +- * Errors which originate from within the journaling layer will NOT +- * supply an errno; a null errno implies that absolutely no further +- * writes are done to the journal (unless there are any already in +- * progress). +- * + */ + + void jbd2_journal_abort(journal_t *journal, int errno) +-- +2.16.4 + diff --git a/patches.suse/ext4-unlock-on-error-in-ext4_expand_extra_isize.patch b/patches.suse/ext4-unlock-on-error-in-ext4_expand_extra_isize.patch new file mode 100644 index 0000000..505cf10 --- /dev/null +++ b/patches.suse/ext4-unlock-on-error-in-ext4_expand_extra_isize.patch @@ -0,0 +1,47 @@ +From 7f420d64a08c1dcd65b27be82a27cf2bdb2e7847 Mon Sep 17 00:00:00 2001 +From: Dan Carpenter +Date: Fri, 13 Dec 2019 21:50:11 +0300 +Subject: [PATCH] ext4: unlock on error in ext4_expand_extra_isize() +Git-commit: 7f420d64a08c1dcd65b27be82a27cf2bdb2e7847 +Patch-mainline: v5.5-rc3 +References: bsc#1163896 + +We need to unlock the xattr before returning on this error path. + +Cc: stable@kernel.org # 4.13 +Fixes: c03b45b853f5 ("ext4, project: expand inode extra size if possible") +Signed-off-by: Dan Carpenter +Link: https://lore.kernel.org/r/20191213185010.6k7yl2tck3wlsdkt@kili.mountain +Signed-off-by: Theodore Ts'o +Acked-by: Jan Kara + +--- + fs/ext4/inode.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/fs/ext4/inode.c b/fs/ext4/inode.c +index 310e4abd9aca..16e72621e995 100644 +--- a/fs/ext4/inode.c ++++ b/fs/ext4/inode.c +@@ -5689,7 +5689,7 @@ int ext4_expand_extra_isize(struct inode *inode, + error = ext4_journal_get_write_access(handle, iloc->bh); + if (error) { + brelse(iloc->bh); +- goto out_stop; ++ goto out_unlock; + } + + error = __ext4_expand_extra_isize(inode, new_extra_isize, iloc, +@@ -5699,8 +5699,8 @@ int ext4_expand_extra_isize(struct inode *inode, + if (!error) + error = rc; + ++out_unlock: + ext4_write_unlock_xattr(inode, &no_expand); +-out_stop: + ext4_journal_stop(handle); + return error; + } +-- +2.16.4 + diff --git a/patches.suse/ext4-unsupported-features.patch b/patches.suse/ext4-unsupported-features.patch index d7590ac..d0b57ba 100644 --- a/patches.suse/ext4-unsupported-features.patch +++ b/patches.suse/ext4-unsupported-features.patch @@ -31,7 +31,7 @@ Signed-off-by: Jan Kara #include -@@ -3339,4 +3341,5 @@ extern const struct iomap_ops ext4_iomap +@@ -3350,4 +3352,5 @@ extern const struct iomap_ops ext4_iomap #define EFSBADCRC EBADMSG /* Bad CRC detected */ #define EFSCORRUPTED EUCLEAN /* Filesystem is corrupted */ @@ -48,7 +48,7 @@ Signed-off-by: Jan Kara #define CREATE_TRACE_POINTS #include -@@ -2891,6 +2893,21 @@ static unsigned long ext4_get_stripe_siz +@@ -2898,6 +2900,21 @@ static unsigned long ext4_get_stripe_siz return ret; } @@ -70,7 +70,7 @@ Signed-off-by: Jan Kara /* * Check whether this filesystem can be mounted based on * the features present and the RDONLY/RDWR mount requested. -@@ -2941,6 +2958,10 @@ static int ext4_feature_set_ok(struct su +@@ -2948,6 +2965,10 @@ static int ext4_feature_set_ok(struct su return 0; } @@ -78,6 +78,6 @@ Signed-off-by: Jan Kara + ext4_check_unsupported_ro(sb, true, readonly, "BIGALLOC")) + return 0; + - #ifndef CONFIG_QUOTA - if (ext4_has_feature_quota(sb) && !readonly) { - ext4_msg(sb, KERN_ERR, + #if !defined(CONFIG_QUOTA) || !defined(CONFIG_QFMT_V2) + if (!readonly && (ext4_has_feature_quota(sb) || + ext4_has_feature_project(sb))) { diff --git a/patches.suse/ext4-validate-the-debug_want_extra_isize-mount-optio.patch b/patches.suse/ext4-validate-the-debug_want_extra_isize-mount-optio.patch new file mode 100644 index 0000000..f8e412a --- /dev/null +++ b/patches.suse/ext4-validate-the-debug_want_extra_isize-mount-optio.patch @@ -0,0 +1,184 @@ +From 9803387c55f7d2ce69aa64340c5fdc6b3027dbc8 Mon Sep 17 00:00:00 2001 +From: Theodore Ts'o +Date: Sun, 15 Dec 2019 01:09:03 -0500 +Subject: [PATCH] ext4: validate the debug_want_extra_isize mount option at + parse time +Git-commit: 9803387c55f7d2ce69aa64340c5fdc6b3027dbc8 +Patch-mainline: v5.5-rc3 +References: bsc#1163897 + +Instead of setting s_want_extra_size and then making sure that it is a +valid value afterwards, validate the field before we set it. This +avoids races and other problems when remounting the file system. + +Link: https://lore.kernel.org/r/20191215063020.GA11512@mit.edu +Cc: stable@kernel.org +Signed-off-by: Theodore Ts'o +Reported-and-tested-by: syzbot+4a39a025912b265cacef@syzkaller.appspotmail.com +Acked-by: Jan Kara + +--- + fs/ext4/super.c | 117 ++++++++++++++++++++++++++------------------------------ + 1 file changed, 56 insertions(+), 61 deletions(-) + +--- a/fs/ext4/super.c ++++ b/fs/ext4/super.c +@@ -1876,6 +1876,13 @@ static int handle_mount_opt(struct super + arg = JBD2_DEFAULT_MAX_COMMIT_AGE; + sbi->s_commit_interval = HZ * arg; + } else if (token == Opt_debug_want_extra_isize) { ++ if ((arg & 1) || ++ (arg < 4) || ++ (arg > (sbi->s_inode_size - EXT4_GOOD_OLD_INODE_SIZE))) { ++ ext4_msg(sb, KERN_ERR, ++ "Invalid want_extra_isize %d", arg); ++ return -1; ++ } + sbi->s_want_extra_isize = arg; + } else if (token == Opt_max_batch_time) { + sbi->s_max_batch_time = arg; +@@ -3540,40 +3547,6 @@ int ext4_calculate_overhead(struct super + return 0; + } + +-static void ext4_clamp_want_extra_isize(struct super_block *sb) +-{ +- struct ext4_sb_info *sbi = EXT4_SB(sb); +- struct ext4_super_block *es = sbi->s_es; +- unsigned def_extra_isize = sizeof(struct ext4_inode) - +- EXT4_GOOD_OLD_INODE_SIZE; +- +- if (sbi->s_inode_size == EXT4_GOOD_OLD_INODE_SIZE) { +- sbi->s_want_extra_isize = 0; +- return; +- } +- if (sbi->s_want_extra_isize < 4) { +- sbi->s_want_extra_isize = def_extra_isize; +- if (ext4_has_feature_extra_isize(sb)) { +- if (sbi->s_want_extra_isize < +- le16_to_cpu(es->s_want_extra_isize)) +- sbi->s_want_extra_isize = +- le16_to_cpu(es->s_want_extra_isize); +- if (sbi->s_want_extra_isize < +- le16_to_cpu(es->s_min_extra_isize)) +- sbi->s_want_extra_isize = +- le16_to_cpu(es->s_min_extra_isize); +- } +- } +- /* Check if enough inode space is available */ +- if ((sbi->s_want_extra_isize > sbi->s_inode_size) || +- (EXT4_GOOD_OLD_INODE_SIZE + sbi->s_want_extra_isize > +- sbi->s_inode_size)) { +- sbi->s_want_extra_isize = def_extra_isize; +- ext4_msg(sb, KERN_INFO, +- "required extra inode space not available"); +- } +-} +- + static void ext4_set_resv_clusters(struct super_block *sb) + { + ext4_fsblk_t resv_clusters; +@@ -3781,6 +3754,55 @@ static int ext4_fill_super(struct super_ + */ + sbi->s_li_wait_mult = EXT4_DEF_LI_WAIT_MULT; + ++ if (le32_to_cpu(es->s_rev_level) == EXT4_GOOD_OLD_REV) { ++ sbi->s_inode_size = EXT4_GOOD_OLD_INODE_SIZE; ++ sbi->s_first_ino = EXT4_GOOD_OLD_FIRST_INO; ++ } else { ++ sbi->s_inode_size = le16_to_cpu(es->s_inode_size); ++ sbi->s_first_ino = le32_to_cpu(es->s_first_ino); ++ if (sbi->s_first_ino < EXT4_GOOD_OLD_FIRST_INO) { ++ ext4_msg(sb, KERN_ERR, "invalid first ino: %u", ++ sbi->s_first_ino); ++ goto failed_mount; ++ } ++ if ((sbi->s_inode_size < EXT4_GOOD_OLD_INODE_SIZE) || ++ (!is_power_of_2(sbi->s_inode_size)) || ++ (sbi->s_inode_size > blocksize)) { ++ ext4_msg(sb, KERN_ERR, ++ "unsupported inode size: %d", ++ sbi->s_inode_size); ++ goto failed_mount; ++ } ++ if (sbi->s_inode_size > EXT4_GOOD_OLD_INODE_SIZE) ++ sb->s_time_gran = 1 << (EXT4_EPOCH_BITS - 2); ++ } ++ if (sbi->s_inode_size > EXT4_GOOD_OLD_INODE_SIZE) { ++ sbi->s_want_extra_isize = sizeof(struct ext4_inode) - ++ EXT4_GOOD_OLD_INODE_SIZE; ++ if (ext4_has_feature_extra_isize(sb)) { ++ unsigned v, max = (sbi->s_inode_size - ++ EXT4_GOOD_OLD_INODE_SIZE); ++ ++ v = le16_to_cpu(es->s_want_extra_isize); ++ if (v > max) { ++ ext4_msg(sb, KERN_ERR, ++ "bad s_want_extra_isize: %d", v); ++ goto failed_mount; ++ } ++ if (sbi->s_want_extra_isize < v) ++ sbi->s_want_extra_isize = v; ++ ++ v = le16_to_cpu(es->s_min_extra_isize); ++ if (v > max) { ++ ext4_msg(sb, KERN_ERR, ++ "bad s_min_extra_isize: %d", v); ++ goto failed_mount; ++ } ++ if (sbi->s_want_extra_isize < v) ++ sbi->s_want_extra_isize = v; ++ } ++ } ++ + if (sbi->s_es->s_mount_opts[0]) { + char *s_mount_opts = kstrndup(sbi->s_es->s_mount_opts, + sizeof(sbi->s_es->s_mount_opts), +@@ -4019,29 +4041,6 @@ static int ext4_fill_super(struct super_ + has_huge_files); + sb->s_maxbytes = ext4_max_size(sb->s_blocksize_bits, has_huge_files); + +- if (le32_to_cpu(es->s_rev_level) == EXT4_GOOD_OLD_REV) { +- sbi->s_inode_size = EXT4_GOOD_OLD_INODE_SIZE; +- sbi->s_first_ino = EXT4_GOOD_OLD_FIRST_INO; +- } else { +- sbi->s_inode_size = le16_to_cpu(es->s_inode_size); +- sbi->s_first_ino = le32_to_cpu(es->s_first_ino); +- if (sbi->s_first_ino < EXT4_GOOD_OLD_FIRST_INO) { +- ext4_msg(sb, KERN_ERR, "invalid first ino: %u", +- sbi->s_first_ino); +- goto failed_mount; +- } +- if ((sbi->s_inode_size < EXT4_GOOD_OLD_INODE_SIZE) || +- (!is_power_of_2(sbi->s_inode_size)) || +- (sbi->s_inode_size > blocksize)) { +- ext4_msg(sb, KERN_ERR, +- "unsupported inode size: %d", +- sbi->s_inode_size); +- goto failed_mount; +- } +- if (sbi->s_inode_size > EXT4_GOOD_OLD_INODE_SIZE) +- sb->s_time_gran = 1 << (EXT4_EPOCH_BITS - 2); +- } +- + sbi->s_desc_size = le16_to_cpu(es->s_desc_size); + if (ext4_has_feature_64bit(sb)) { + if (sbi->s_desc_size < EXT4_MIN_DESC_SIZE_64BIT || +@@ -4489,8 +4488,6 @@ no_journal: + } else if (ret) + goto failed_mount4a; + +- ext4_clamp_want_extra_isize(sb); +- + ext4_set_resv_clusters(sb); + + err = ext4_setup_system_zone(sb); +@@ -5278,8 +5275,6 @@ static int ext4_remount(struct super_blo + goto restore_opts; + } + +- ext4_clamp_want_extra_isize(sb); +- + if ((old_opts.s_mount_opt & EXT4_MOUNT_JOURNAL_CHECKSUM) ^ + test_opt(sb, JOURNAL_CHECKSUM)) { + ext4_msg(sb, KERN_ERR, "changing journal_checksum " diff --git a/patches.suse/fcntl-fix-typo-in-RWH_WRITE_LIFE_NOT_SET-r-w-hint-na.patch b/patches.suse/fcntl-fix-typo-in-RWH_WRITE_LIFE_NOT_SET-r-w-hint-na.patch new file mode 100644 index 0000000..fe40d1e --- /dev/null +++ b/patches.suse/fcntl-fix-typo-in-RWH_WRITE_LIFE_NOT_SET-r-w-hint-na.patch @@ -0,0 +1,100 @@ +From 9a7f12edf8848a9b355a86fc0183d7be932ef11e Mon Sep 17 00:00:00 2001 +From: Eugene Syromiatnikov +Date: Fri, 20 Sep 2019 17:58:21 +0200 +Subject: [PATCH] fcntl: fix typo in RWH_WRITE_LIFE_NOT_SET r/w hint name +Git-commit: 9a7f12edf8848a9b355a86fc0183d7be932ef11e +Patch-mainline: v5.5-rc1 +References: bsc#1163843 + +According to commit message in the original commit c75b1d9421f8 ("fs: +add fcntl() interface for setting/getting write life time hints"), +as well as userspace library[1] and man page update[2], R/W hint constants +are intended to have RWH_* prefix. However, RWF_WRITE_LIFE_NOT_SET retained +"RWF_*" prefix used in the early versions of the proposed patch set[3]. +Rename it and provide the old name as a synonym for the new one +for backward compatibility. + +[1] https://github.com/axboe/fio/commit/bd553af6c849 +[2] https://github.com/mkerrisk/man-pages/commit/580082a186fd +[3] https://www.mail-archive.com/linux-block@vger.kernel.org/msg09638.html + +Fixes: c75b1d9421f8 ("fs: add fcntl() interface for setting/getting write life time hints") +Acked-by: Song Liu +Signed-off-by: Eugene Syromiatnikov +Signed-off-by: Jens Axboe +Acked-by: Jan Kara + +--- + fs/fcntl.c | 2 +- + include/uapi/linux/fcntl.h | 9 ++++++++- + tools/include/uapi/linux/fcntl.h | 9 ++++++++- + 3 files changed, 17 insertions(+), 3 deletions(-) + +diff --git a/fs/fcntl.c b/fs/fcntl.c +index 3d40771e8e7c..41b6438bd2d9 100644 +--- a/fs/fcntl.c ++++ b/fs/fcntl.c +@@ -261,7 +261,7 @@ static int f_getowner_uids(struct file *filp, unsigned long arg) + static bool rw_hint_valid(enum rw_hint hint) + { + switch (hint) { +- case RWF_WRITE_LIFE_NOT_SET: ++ case RWH_WRITE_LIFE_NOT_SET: + case RWH_WRITE_LIFE_NONE: + case RWH_WRITE_LIFE_SHORT: + case RWH_WRITE_LIFE_MEDIUM: +diff --git a/include/uapi/linux/fcntl.h b/include/uapi/linux/fcntl.h +index 1d338357df8a..1f97b33c840e 100644 +--- a/include/uapi/linux/fcntl.h ++++ b/include/uapi/linux/fcntl.h +@@ -58,13 +58,20 @@ + * Valid hint values for F_{GET,SET}_RW_HINT. 0 is "not set", or can be + * used to clear any hints previously set. + */ +-#define RWF_WRITE_LIFE_NOT_SET 0 ++#define RWH_WRITE_LIFE_NOT_SET 0 + #define RWH_WRITE_LIFE_NONE 1 + #define RWH_WRITE_LIFE_SHORT 2 + #define RWH_WRITE_LIFE_MEDIUM 3 + #define RWH_WRITE_LIFE_LONG 4 + #define RWH_WRITE_LIFE_EXTREME 5 + ++/* ++ * The originally introduced spelling is remained from the first ++ * versions of the patch set that introduced the feature, see commit ++ * v4.13-rc1~212^2~51. ++ */ ++#define RWF_WRITE_LIFE_NOT_SET RWH_WRITE_LIFE_NOT_SET ++ + /* + * Types of directory notifications that may be requested. + */ +diff --git a/tools/include/uapi/linux/fcntl.h b/tools/include/uapi/linux/fcntl.h +index 1d338357df8a..1f97b33c840e 100644 +--- a/tools/include/uapi/linux/fcntl.h ++++ b/tools/include/uapi/linux/fcntl.h +@@ -58,13 +58,20 @@ + * Valid hint values for F_{GET,SET}_RW_HINT. 0 is "not set", or can be + * used to clear any hints previously set. + */ +-#define RWF_WRITE_LIFE_NOT_SET 0 ++#define RWH_WRITE_LIFE_NOT_SET 0 + #define RWH_WRITE_LIFE_NONE 1 + #define RWH_WRITE_LIFE_SHORT 2 + #define RWH_WRITE_LIFE_MEDIUM 3 + #define RWH_WRITE_LIFE_LONG 4 + #define RWH_WRITE_LIFE_EXTREME 5 + ++/* ++ * The originally introduced spelling is remained from the first ++ * versions of the patch set that introduced the feature, see commit ++ * v4.13-rc1~212^2~51. ++ */ ++#define RWF_WRITE_LIFE_NOT_SET RWH_WRITE_LIFE_NOT_SET ++ + /* + * Types of directory notifications that may be requested. + */ +-- +2.16.4 + diff --git a/patches.suse/iomap-fix-sub-page-uptodate-handling.patch b/patches.suse/iomap-fix-sub-page-uptodate-handling.patch new file mode 100644 index 0000000..627da16 --- /dev/null +++ b/patches.suse/iomap-fix-sub-page-uptodate-handling.patch @@ -0,0 +1,93 @@ +From 1cea335d1db1ce6ab71b3d2f94a807112b738a0f Mon Sep 17 00:00:00 2001 +From: Christoph Hellwig +Date: Wed, 4 Dec 2019 09:33:52 -0800 +Subject: [PATCH] iomap: fix sub-page uptodate handling +Git-commit: 1cea335d1db1ce6ab71b3d2f94a807112b738a0f +Patch-mainline: v5.5-rc1 +References: bsc#1163904 + +bio completions can race when a page spans more than one file system +block. Add a spinlock to synchronize marking the page uptodate. + +Fixes: 9dc55f1389f9 ("iomap: add support for sub-pagesize buffered I/O without buffer heads") +Reported-by: Jan Stancek +Signed-off-by: Christoph Hellwig +Reviewed-by: Dave Chinner +Reviewed-by: Darrick J. Wong +Signed-off-by: Darrick J. Wong +Acked-by: Jan Kara + +--- + fs/iomap/buffered-io.c | 34 ++++++++++++++++++++++++---------- + include/linux/iomap.h | 1 + + 2 files changed, 25 insertions(+), 10 deletions(-) + +--- a/fs/iomap/buffered-io.c ++++ b/fs/iomap/buffered-io.c +@@ -30,6 +30,7 @@ iomap_page_create(struct inode *inode, s + iop = kmalloc(sizeof(*iop), GFP_NOFS | __GFP_NOFAIL); + atomic_set(&iop->read_count, 0); + atomic_set(&iop->write_count, 0); ++ spin_lock_init(&iop->uptodate_lock); + bitmap_zero(iop->uptodate, PAGE_SIZE / SECTOR_SIZE); + + /* +@@ -118,25 +119,38 @@ iomap_adjust_read_range(struct inode *in + } + + static void +-iomap_set_range_uptodate(struct page *page, unsigned off, unsigned len) ++iomap_iop_set_range_uptodate(struct page *page, unsigned off, unsigned len) + { + struct iomap_page *iop = to_iomap_page(page); + struct inode *inode = page->mapping->host; + unsigned first = off >> inode->i_blkbits; + unsigned last = (off + len - 1) >> inode->i_blkbits; +- unsigned int i; + bool uptodate = true; ++ unsigned long flags; ++ unsigned int i; + +- if (iop) { +- for (i = 0; i < PAGE_SIZE / i_blocksize(inode); i++) { +- if (i >= first && i <= last) +- set_bit(i, iop->uptodate); +- else if (!test_bit(i, iop->uptodate)) +- uptodate = false; +- } ++ spin_lock_irqsave(&iop->uptodate_lock, flags); ++ for (i = 0; i < PAGE_SIZE / i_blocksize(inode); i++) { ++ if (i >= first && i <= last) ++ set_bit(i, iop->uptodate); ++ else if (!test_bit(i, iop->uptodate)) ++ uptodate = false; + } + +- if (uptodate && !PageError(page)) ++ if (uptodate) ++ SetPageUptodate(page); ++ spin_unlock_irqrestore(&iop->uptodate_lock, flags); ++} ++ ++static void ++iomap_set_range_uptodate(struct page *page, unsigned off, unsigned len) ++{ ++ if (PageError(page)) ++ return; ++ ++ if (page_has_private(page)) ++ iomap_iop_set_range_uptodate(page, off, len); ++ else + SetPageUptodate(page); + } + +--- a/include/linux/iomap.h ++++ b/include/linux/iomap.h +@@ -141,6 +141,7 @@ loff_t iomap_apply(struct inode *inode, + struct iomap_page { + atomic_t read_count; + atomic_t write_count; ++ spinlock_t uptodate_lock; + DECLARE_BITMAP(uptodate, PAGE_SIZE / 512); + }; + diff --git a/patches.suse/jbd2-clear-JBD2_ABORT-flag-before-journal_reset-to-u.patch b/patches.suse/jbd2-clear-JBD2_ABORT-flag-before-journal_reset-to-u.patch new file mode 100644 index 0000000..3130a2e --- /dev/null +++ b/patches.suse/jbd2-clear-JBD2_ABORT-flag-before-journal_reset-to-u.patch @@ -0,0 +1,56 @@ +From a09decff5c32060639a685581c380f51b14e1fc2 Mon Sep 17 00:00:00 2001 +From: Kai Li +Date: Sat, 11 Jan 2020 10:25:42 +0800 +Subject: [PATCH] jbd2: clear JBD2_ABORT flag before journal_reset to update + log tail info when load journal +Git-commit: a09decff5c32060639a685581c380f51b14e1fc2 +Patch-mainline: v5.6-rc1 +References: bsc#1163910 + +If the journal is dirty when the filesystem is mounted, jbd2 will replay +the journal but the journal superblock will not be updated by +journal_reset() because JBD2_ABORT flag is still set (it was set in +journal_init_common()). This is problematic because when a new transaction +is then committed, it will be recorded in block 1 (journal->j_tail was set +to 1 in journal_reset()). If unclean shutdown happens again before the +journal superblock is updated, the new recorded transaction will not be +replayed during the next mount (because of stale sb->s_start and +sb->s_sequence values) which can lead to filesystem corruption. + +Fixes: 85e0c4e89c1b ("jbd2: if the journal is aborted then don't allow update of the log tail") +Signed-off-by: Kai Li +Link: https://lore.kernel.org/r/20200111022542.5008-1-li.kai4@h3c.com +Signed-off-by: Theodore Ts'o +Acked-by: Jan Kara + +--- + fs/jbd2/journal.c | 6 +++++- + 1 file changed, 5 insertions(+), 1 deletion(-) + +diff --git a/fs/jbd2/journal.c b/fs/jbd2/journal.c +index 5e408ee24a1a..069b22eba795 100644 +--- a/fs/jbd2/journal.c ++++ b/fs/jbd2/journal.c +@@ -1710,6 +1710,11 @@ int jbd2_journal_load(journal_t *journal) + journal->j_devname); + return -EFSCORRUPTED; + } ++ /* ++ * clear JBD2_ABORT flag initialized in journal_init_common ++ * here to update log tail information with the newest seq. ++ */ ++ journal->j_flags &= ~JBD2_ABORT; + + /* OK, we've finished with the dynamic journal bits: + * reinitialise the dynamic contents of the superblock in memory +@@ -1717,7 +1722,6 @@ int jbd2_journal_load(journal_t *journal) + if (journal_reset(journal)) + goto recovery_error; + +- journal->j_flags &= ~JBD2_ABORT; + journal->j_flags |= JBD2_LOADED; + return 0; + +-- +2.16.4 + diff --git a/patches.suse/jbd2-do-not-clear-the-BH_Mapped-flag-when-forgetting.patch b/patches.suse/jbd2-do-not-clear-the-BH_Mapped-flag-when-forgetting.patch new file mode 100644 index 0000000..c535cc9 --- /dev/null +++ b/patches.suse/jbd2-do-not-clear-the-BH_Mapped-flag-when-forgetting.patch @@ -0,0 +1,95 @@ +From c96dceeabf765d0b1b1f29c3bf50a5c01315b820 Mon Sep 17 00:00:00 2001 +From: "zhangyi (F)" +Date: Thu, 13 Feb 2020 14:38:21 +0800 +Subject: [PATCH] jbd2: do not clear the BH_Mapped flag when forgetting a + metadata buffer +Git-commit: c96dceeabf765d0b1b1f29c3bf50a5c01315b820 +Patch-mainline: v5.6-rc2 +References: bsc#1163836 + +Commit 904cdbd41d74 ("jbd2: clear dirty flag when revoking a buffer from +an older transaction") set the BH_Freed flag when forgetting a metadata +buffer which belongs to the committing transaction, it indicate the +committing process clear dirty bits when it is done with the buffer. But +it also clear the BH_Mapped flag at the same time, which may trigger +below NULL pointer oops when block_size < PAGE_SIZE. + +rmdir 1 kjournald2 mkdir 2 + jbd2_journal_commit_transaction + commit transaction N +jbd2_journal_forget +set_buffer_freed(bh1) + jbd2_journal_commit_transaction + commit transaction N+1 + ... + clear_buffer_mapped(bh1) + ext4_getblk(bh2 ummapped) + ... + grow_dev_page + init_page_buffers + bh1->b_private=NULL + bh2->b_private=NULL + jbd2_journal_put_journal_head(jh1) + __journal_remove_journal_head(hb1) + jh1 is NULL and trigger oops + +*) Dir entry block bh1 and bh2 belongs to one page, and the bh2 has + already been unmapped. + +For the metadata buffer we forgetting, we should always keep the mapped +flag and clear the dirty flags is enough, so this patch pick out the +these buffers and keep their BH_Mapped flag. + +Link: https://lore.kernel.org/r/20200213063821.30455-3-yi.zhang@huawei.com +Fixes: 904cdbd41d74 ("jbd2: clear dirty flag when revoking a buffer from an older transaction") +Reviewed-by: Jan Kara +Signed-off-by: zhangyi (F) +Signed-off-by: Theodore Ts'o +Cc: stable@kernel.org +Acked-by: Jan Kara + +--- + fs/jbd2/commit.c | 25 +++++++++++++++++++++---- + 1 file changed, 21 insertions(+), 4 deletions(-) + +diff --git a/fs/jbd2/commit.c b/fs/jbd2/commit.c +index 6396fe70085b..27373f5792a4 100644 +--- a/fs/jbd2/commit.c ++++ b/fs/jbd2/commit.c +@@ -985,12 +985,29 @@ void jbd2_journal_commit_transaction(journal_t *journal) + * pagesize and it is attached to the last partial page. + */ + if (buffer_freed(bh) && !jh->b_next_transaction) { ++ struct address_space *mapping; ++ + clear_buffer_freed(bh); + clear_buffer_jbddirty(bh); +- clear_buffer_mapped(bh); +- clear_buffer_new(bh); +- clear_buffer_req(bh); +- bh->b_bdev = NULL; ++ ++ /* ++ * Block device buffers need to stay mapped all the ++ * time, so it is enough to clear buffer_jbddirty and ++ * buffer_freed bits. For the file mapping buffers (i.e. ++ * journalled data) we need to unmap buffer and clear ++ * more bits. We also need to be careful about the check ++ * because the data page mapping can get cleared under ++ * out hands, which alse need not to clear more bits ++ * because the page and buffers will be freed and can ++ * never be reused once we are done with them. ++ */ ++ mapping = READ_ONCE(bh->b_page->mapping); ++ if (mapping && !sb_is_blkdev_sb(mapping->host->i_sb)) { ++ clear_buffer_mapped(bh); ++ clear_buffer_new(bh); ++ clear_buffer_req(bh); ++ bh->b_bdev = NULL; ++ } + } + + if (buffer_jbddirty(bh)) { +-- +2.16.4 + diff --git a/patches.suse/jbd2-make-sure-ESHUTDOWN-to-be-recorded-in-the-journ.patch b/patches.suse/jbd2-make-sure-ESHUTDOWN-to-be-recorded-in-the-journ.patch new file mode 100644 index 0000000..493205e --- /dev/null +++ b/patches.suse/jbd2-make-sure-ESHUTDOWN-to-be-recorded-in-the-journ.patch @@ -0,0 +1,44 @@ +From 0e98c084a21177ef136149c6a293b3d1eb33ff92 Mon Sep 17 00:00:00 2001 +From: "zhangyi (F)" +Date: Wed, 4 Dec 2019 20:46:13 +0800 +Subject: [PATCH] jbd2: make sure ESHUTDOWN to be recorded in the journal + superblock +Git-commit: 0e98c084a21177ef136149c6a293b3d1eb33ff92 +Patch-mainline: v5.6-rc1 +References: bsc#1163912 + +Commit fb7c02445c49 ("ext4: pass -ESHUTDOWN code to jbd2 layer") want +to allow jbd2 layer to distinguish shutdown journal abort from other +error cases. So the ESHUTDOWN should be taken precedence over any other +errno which has already been recoded after EXT4_FLAGS_SHUTDOWN is set, +but it only update errno in the journal suoerblock now if the old errno +is 0. + +Fixes: fb7c02445c49 ("ext4: pass -ESHUTDOWN code to jbd2 layer") +Signed-off-by: zhangyi (F) +Reviewed-by: Jan Kara +Link: https://lore.kernel.org/r/20191204124614.45424-4-yi.zhang@huawei.com +Signed-off-by: Theodore Ts'o +Acked-by: Jan Kara + +--- + fs/jbd2/journal.c | 3 +-- + 1 file changed, 1 insertion(+), 2 deletions(-) + +diff --git a/fs/jbd2/journal.c b/fs/jbd2/journal.c +index 9e9275540071..a821c469cab6 100644 +--- a/fs/jbd2/journal.c ++++ b/fs/jbd2/journal.c +@@ -2147,8 +2147,7 @@ static void __journal_abort_soft (journal_t *journal, int errno) + + if (journal->j_flags & JBD2_ABORT) { + write_unlock(&journal->j_state_lock); +- if (!old_errno && old_errno != -ESHUTDOWN && +- errno == -ESHUTDOWN) ++ if (old_errno != -ESHUTDOWN && errno == -ESHUTDOWN) + jbd2_journal_update_sb_errno(journal); + return; + } +-- +2.16.4 + diff --git a/patches.suse/jbd2-move-the-clearing-of-b_modified-flag-to-the-jou.patch b/patches.suse/jbd2-move-the-clearing-of-b_modified-flag-to-the-jou.patch new file mode 100644 index 0000000..e258532 --- /dev/null +++ b/patches.suse/jbd2-move-the-clearing-of-b_modified-flag-to-the-jou.patch @@ -0,0 +1,107 @@ +From 6a66a7ded12baa6ebbb2e3e82f8cb91382814839 Mon Sep 17 00:00:00 2001 +From: "zhangyi (F)" +Date: Thu, 13 Feb 2020 14:38:20 +0800 +Subject: [PATCH] jbd2: move the clearing of b_modified flag to the + journal_unmap_buffer() +Git-commit: 6a66a7ded12baa6ebbb2e3e82f8cb91382814839 +Patch-mainline: v5.6-rc2 +References: bsc#1163880 + +There is no need to delay the clearing of b_modified flag to the +transaction committing time when unmapping the journalled buffer, so +just move it to the journal_unmap_buffer(). + +Link: https://lore.kernel.org/r/20200213063821.30455-2-yi.zhang@huawei.com +Reviewed-by: Jan Kara +Signed-off-by: zhangyi (F) +Signed-off-by: Theodore Ts'o +Cc: stable@kernel.org +Acked-by: Jan Kara + +--- + fs/jbd2/commit.c | 43 +++++++++++++++---------------------------- + fs/jbd2/transaction.c | 10 ++++++---- + 2 files changed, 21 insertions(+), 32 deletions(-) + +diff --git a/fs/jbd2/commit.c b/fs/jbd2/commit.c +index 2494095e0340..6396fe70085b 100644 +--- a/fs/jbd2/commit.c ++++ b/fs/jbd2/commit.c +@@ -976,34 +976,21 @@ void jbd2_journal_commit_transaction(journal_t *journal) + * it. */ + + /* +- * A buffer which has been freed while still being journaled by +- * a previous transaction. +- */ +- if (buffer_freed(bh)) { +- /* +- * If the running transaction is the one containing +- * "add to orphan" operation (b_next_transaction != +- * NULL), we have to wait for that transaction to +- * commit before we can really get rid of the buffer. +- * So just clear b_modified to not confuse transaction +- * credit accounting and refile the buffer to +- * BJ_Forget of the running transaction. If the just +- * committed transaction contains "add to orphan" +- * operation, we can completely invalidate the buffer +- * now. We are rather through in that since the +- * buffer may be still accessible when blocksize < +- * pagesize and it is attached to the last partial +- * page. +- */ +- jh->b_modified = 0; +- if (!jh->b_next_transaction) { +- clear_buffer_freed(bh); +- clear_buffer_jbddirty(bh); +- clear_buffer_mapped(bh); +- clear_buffer_new(bh); +- clear_buffer_req(bh); +- bh->b_bdev = NULL; +- } ++ * A buffer which has been freed while still being journaled ++ * by a previous transaction, refile the buffer to BJ_Forget of ++ * the running transaction. If the just committed transaction ++ * contains "add to orphan" operation, we can completely ++ * invalidate the buffer now. We are rather through in that ++ * since the buffer may be still accessible when blocksize < ++ * pagesize and it is attached to the last partial page. ++ */ ++ if (buffer_freed(bh) && !jh->b_next_transaction) { ++ clear_buffer_freed(bh); ++ clear_buffer_jbddirty(bh); ++ clear_buffer_mapped(bh); ++ clear_buffer_new(bh); ++ clear_buffer_req(bh); ++ bh->b_bdev = NULL; + } + + if (buffer_jbddirty(bh)) { +diff --git a/fs/jbd2/transaction.c b/fs/jbd2/transaction.c +index e77a5a0b4e46..2dd848a743ed 100644 +--- a/fs/jbd2/transaction.c ++++ b/fs/jbd2/transaction.c +@@ -2329,14 +2329,16 @@ static int journal_unmap_buffer(journal_t *journal, struct buffer_head *bh, + return -EBUSY; + } + /* +- * OK, buffer won't be reachable after truncate. We just set +- * j_next_transaction to the running transaction (if there is +- * one) and mark buffer as freed so that commit code knows it +- * should clear dirty bits when it is done with the buffer. ++ * OK, buffer won't be reachable after truncate. We just clear ++ * b_modified to not confuse transaction credit accounting, and ++ * set j_next_transaction to the running transaction (if there ++ * is one) and mark buffer as freed so that commit code knows ++ * it should clear dirty bits when it is done with the buffer. + */ + set_buffer_freed(bh); + if (journal->j_running_transaction && buffer_jbddirty(bh)) + jh->b_next_transaction = journal->j_running_transaction; ++ jh->b_modified = 0; + spin_unlock(&journal->j_list_lock); + spin_unlock(&jh->b_state_lock); + write_unlock(&journal->j_state_lock); +-- +2.16.4 + diff --git a/patches.suse/jbd2-switch-to-use-jbd2_journal_abort-when-failed-to.patch b/patches.suse/jbd2-switch-to-use-jbd2_journal_abort-when-failed-to.patch new file mode 100644 index 0000000..91762ac --- /dev/null +++ b/patches.suse/jbd2-switch-to-use-jbd2_journal_abort-when-failed-to.patch @@ -0,0 +1,51 @@ +From d0a186e0d3e7ac05cc77da7c157dae5aa59f95d9 Mon Sep 17 00:00:00 2001 +From: "zhangyi (F)" +Date: Wed, 4 Dec 2019 20:46:11 +0800 +Subject: [PATCH] jbd2: switch to use jbd2_journal_abort() when failed to + submit the commit record +Git-commit: d0a186e0d3e7ac05cc77da7c157dae5aa59f95d9 +Patch-mainline: v5.6-rc1 +References: bsc#1163852 + +We invoke jbd2_journal_abort() to abort the journal and record errno +in the jbd2 superblock when committing journal transaction besides the +failure on submitting the commit record. But there is no need for the +case and we can also invoke jbd2_journal_abort() instead of +__jbd2_journal_abort_hard(). + +Fixes: 818d276ceb83a ("ext4: Add the journal checksum feature") +Signed-off-by: zhangyi (F) +Reviewed-by: Jan Kara +Link: https://lore.kernel.org/r/20191204124614.45424-2-yi.zhang@huawei.com +Signed-off-by: Theodore Ts'o +Acked-by: Jan Kara + +--- + fs/jbd2/commit.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/fs/jbd2/commit.c b/fs/jbd2/commit.c +index 7f0b362b3842..2494095e0340 100644 +--- a/fs/jbd2/commit.c ++++ b/fs/jbd2/commit.c +@@ -782,7 +782,7 @@ void jbd2_journal_commit_transaction(journal_t *journal) + err = journal_submit_commit_record(journal, commit_transaction, + &cbh, crc32_sum); + if (err) +- __jbd2_journal_abort_hard(journal); ++ jbd2_journal_abort(journal, err); + } + + blk_finish_plug(&plug); +@@ -875,7 +875,7 @@ void jbd2_journal_commit_transaction(journal_t *journal) + err = journal_submit_commit_record(journal, commit_transaction, + &cbh, crc32_sum); + if (err) +- __jbd2_journal_abort_hard(journal); ++ jbd2_journal_abort(journal, err); + } + if (cbh) + err = journal_wait_on_commit_record(journal, cbh); +-- +2.16.4 + diff --git a/patches.suse/jbd2_seq_info_next-should-increase-position-index.patch b/patches.suse/jbd2_seq_info_next-should-increase-position-index.patch new file mode 100644 index 0000000..886390b --- /dev/null +++ b/patches.suse/jbd2_seq_info_next-should-increase-position-index.patch @@ -0,0 +1,43 @@ +From 1a8e9cf40c9a6a2e40b1e924b13ed303aeea4418 Mon Sep 17 00:00:00 2001 +From: Vasily Averin +Date: Thu, 23 Jan 2020 12:05:10 +0300 +Subject: [PATCH] jbd2_seq_info_next should increase position index +Git-commit: 1a8e9cf40c9a6a2e40b1e924b13ed303aeea4418 +Patch-mainline: v5.6-rc1 +References: bsc#1163911 + +if seq_file .next fuction does not change position index, +read after some lseek can generate unexpected output. + +Script below generates endless output + $ q=;while read -r r;do echo "$((++q)) $r";done +Reviewed-by: Jan Kara +Link: https://lore.kernel.org/r/d13805e5-695e-8ac3-b678-26ca2313629f@virtuozzo.com +Signed-off-by: Theodore Ts'o +Acked-by: Jan Kara + +--- + fs/jbd2/journal.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/fs/jbd2/journal.c b/fs/jbd2/journal.c +index 1c61491fd86f..5f9edb12f11a 100644 +--- a/fs/jbd2/journal.c ++++ b/fs/jbd2/journal.c +@@ -982,6 +982,7 @@ static void *jbd2_seq_info_start(struct seq_file *seq, loff_t *pos) + + static void *jbd2_seq_info_next(struct seq_file *seq, void *v, loff_t *pos) + { ++ (*pos)++; + return NULL; + } + +-- +2.16.4 + diff --git a/patches.suse/locks-print-unsigned-ino-in-proc-locks.patch b/patches.suse/locks-print-unsigned-ino-in-proc-locks.patch new file mode 100644 index 0000000..c197113 --- /dev/null +++ b/patches.suse/locks-print-unsigned-ino-in-proc-locks.patch @@ -0,0 +1,35 @@ +From 98ca480a8f22fdbd768e3dad07024c8d4856576c Mon Sep 17 00:00:00 2001 +From: Amir Goldstein +Date: Sun, 22 Dec 2019 20:45:28 +0200 +Subject: [PATCH] locks: print unsigned ino in /proc/locks +Git-commit: 98ca480a8f22fdbd768e3dad07024c8d4856576c +Patch-mainline: v5.5-rc4 +References: bsc#1163905 + +An ino is unsigned, so display it as such in /proc/locks. + +Cc: stable@vger.kernel.org +Signed-off-by: Amir Goldstein +Signed-off-by: Jeff Layton +Acked-by: Jan Kara + +--- + fs/locks.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/fs/locks.c b/fs/locks.c +index 6970f55daf54..44b6da032842 100644 +--- a/fs/locks.c ++++ b/fs/locks.c +@@ -2853,7 +2853,7 @@ static void lock_get_status(struct seq_file *f, struct file_lock *fl, + } + if (inode) { + /* userspace relies on this representation of dev_t */ +- seq_printf(f, "%d %02x:%02x:%ld ", fl_pid, ++ seq_printf(f, "%d %02x:%02x:%lu ", fl_pid, + MAJOR(inode->i_sb->s_dev), + MINOR(inode->i_sb->s_dev), inode->i_ino); + } else { +-- +2.16.4 + diff --git a/patches.suse/memcg-fix-a-crash-in-wb_workfn-when-a-device-disappe.patch b/patches.suse/memcg-fix-a-crash-in-wb_workfn-when-a-device-disappe.patch new file mode 100644 index 0000000..98024d0 --- /dev/null +++ b/patches.suse/memcg-fix-a-crash-in-wb_workfn-when-a-device-disappe.patch @@ -0,0 +1,225 @@ +From 68f23b89067fdf187763e75a56087550624fdbee Mon Sep 17 00:00:00 2001 +From: Theodore Ts'o +Date: Thu, 30 Jan 2020 22:11:04 -0800 +Subject: [PATCH] memcg: fix a crash in wb_workfn when a device disappears +Git-commit: 68f23b89067fdf187763e75a56087550624fdbee +Patch-mainline: v5.6-rc1 +References: bsc#1164276 + +Without memcg, there is a one-to-one mapping between the bdi and +bdi_writeback structures. In this world, things are fairly +straightforward; the first thing bdi_unregister() does is to shutdown +the bdi_writeback structure (or wb), and part of that writeback ensures +that no other work queued against the wb, and that the wb is fully +drained. + +With memcg, however, there is a one-to-many relationship between the bdi +and bdi_writeback structures; that is, there are multiple wb objects +which can all point to a single bdi. There is a refcount which prevents +the bdi object from being released (and hence, unregistered). So in +theory, the bdi_unregister() *should* only get called once its refcount +goes to zero (bdi_put will drop the refcount, and when it is zero, +release_bdi gets called, which calls bdi_unregister). + +Unfortunately, del_gendisk() in block/gen_hd.c never got the memo about +the Brave New memcg World, and calls bdi_unregister directly. It does +this without informing the file system, or the memcg code, or anything +else. This causes the root wb associated with the bdi to be +unregistered, but none of the memcg-specific wb's are shutdown. So when +one of these wb's are woken up to do delayed work, they try to +dereference their wb->bdi->dev to fetch the device name, but +unfortunately bdi->dev is now NULL, thanks to the bdi_unregister() +called by del_gendisk(). As a result, *boom*. + +Fortunately, it looks like the rest of the writeback path is perfectly +happy with bdi->dev and bdi->owner being NULL, so the simplest fix is to +create a bdi_dev_name() function which can handle bdi->dev being NULL. +This also allows us to bulletproof the writeback tracepoints to prevent +them from dereferencing a NULL pointer and crashing the kernel if one is +tracing with memcg's enabled, and an iSCSI device dies or a USB storage +stick is pulled. + +The most common way of triggering this will be hotremoval of a device +while writeback with memcg enabled is going on. It was triggering +several times a day in a heavily loaded production environment. + +Google Bug Id: 145475544 + +Link: https://lore.kernel.org/r/20191227194829.150110-1-tytso@mit.edu +Link: http://lkml.kernel.org/r/20191228005211.163952-1-tytso@mit.edu +Signed-off-by: Theodore Ts'o +Cc: Chris Mason +Cc: Tejun Heo +Cc: Jens Axboe +Cc: +Signed-off-by: Andrew Morton +Signed-off-by: Linus Torvalds +Acked-by: Jan Kara + +--- + fs/fs-writeback.c | 2 +- + include/linux/backing-dev.h | 10 ++++++++++ + include/trace/events/writeback.h | 29 +++++++++++++---------------- + mm/backing-dev.c | 1 + + 4 files changed, 25 insertions(+), 17 deletions(-) + +--- a/fs/fs-writeback.c ++++ b/fs/fs-writeback.c +@@ -2047,7 +2047,7 @@ void wb_workfn(struct work_struct *work) + struct bdi_writeback, dwork); + long pages_written; + +- set_worker_desc("flush-%s", dev_name(wb->bdi->dev)); ++ set_worker_desc("flush-%s", bdi_dev_name(wb->bdi)); + current->flags |= PF_SWAPWRITE; + + if (likely(!current_is_workqueue_rescuer() || +--- a/include/linux/backing-dev.h ++++ b/include/linux/backing-dev.h +@@ -13,6 +13,7 @@ + #include + #include + #include ++#include + #include + #include + #include +@@ -504,4 +505,13 @@ static inline int bdi_rw_congested(struc + (1 << WB_async_congested)); + } + ++extern const char *bdi_unknown_name; ++ ++static inline const char *bdi_dev_name(struct backing_dev_info *bdi) ++{ ++ if (!bdi || !bdi->dev) ++ return bdi_unknown_name; ++ return dev_name(bdi->dev); ++} ++ + #endif /* _LINUX_BACKING_DEV_H */ +--- a/include/trace/events/writeback.h ++++ b/include/trace/events/writeback.h +@@ -67,8 +67,8 @@ DECLARE_EVENT_CLASS(writeback_page_templ + + TP_fast_assign( + strscpy_pad(__entry->name, +- mapping ? dev_name(inode_to_bdi(mapping->host)->dev) : "(unknown)", +- 32); ++ bdi_dev_name(mapping ? inode_to_bdi(mapping->host) : ++ NULL), 32); + __entry->ino = mapping ? mapping->host->i_ino : 0; + __entry->index = page->index; + ), +@@ -111,8 +111,7 @@ DECLARE_EVENT_CLASS(writeback_dirty_inod + struct backing_dev_info *bdi = inode_to_bdi(inode); + + /* may be called for files on pseudo FSes w/ unregistered bdi */ +- strscpy_pad(__entry->name, +- bdi->dev ? dev_name(bdi->dev) : "(unknown)", 32); ++ strscpy_pad(__entry->name, bdi_dev_name(bdi), 32); + __entry->ino = inode->i_ino; + __entry->state = inode->i_state; + __entry->flags = flags; +@@ -192,7 +191,7 @@ DECLARE_EVENT_CLASS(writeback_write_inod + + TP_fast_assign( + strscpy_pad(__entry->name, +- dev_name(inode_to_bdi(inode)->dev), 32); ++ bdi_dev_name(inode_to_bdi(inode)), 32); + __entry->ino = inode->i_ino; + __entry->sync_mode = wbc->sync_mode; + __entry->cgroup_ino = __trace_wbc_assign_cgroup(wbc); +@@ -235,9 +234,7 @@ DECLARE_EVENT_CLASS(writeback_work_class + __field(unsigned int, cgroup_ino) + ), + TP_fast_assign( +- strscpy_pad(__entry->name, +- wb->bdi->dev ? dev_name(wb->bdi->dev) : +- "(unknown)", 32); ++ strscpy_pad(__entry->name, bdi_dev_name(wb->bdi), 32); + __entry->nr_pages = work->nr_pages; + __entry->sb_dev = work->sb ? work->sb->s_dev : 0; + __entry->sync_mode = work->sync_mode; +@@ -290,7 +287,7 @@ DECLARE_EVENT_CLASS(writeback_class, + __field(unsigned int, cgroup_ino) + ), + TP_fast_assign( +- strscpy_pad(__entry->name, dev_name(wb->bdi->dev), 32); ++ strscpy_pad(__entry->name, bdi_dev_name(wb->bdi), 32); + __entry->cgroup_ino = __trace_wb_assign_cgroup(wb); + ), + TP_printk("bdi %s: cgroup_ino=%u", +@@ -312,7 +309,7 @@ TRACE_EVENT(writeback_bdi_register, + __array(char, name, 32) + ), + TP_fast_assign( +- strscpy_pad(__entry->name, dev_name(bdi->dev), 32); ++ strscpy_pad(__entry->name, bdi_dev_name(bdi), 32); + ), + TP_printk("bdi %s", + __entry->name +@@ -337,7 +334,7 @@ DECLARE_EVENT_CLASS(wbc_class, + ), + + TP_fast_assign( +- strscpy_pad(__entry->name, dev_name(bdi->dev), 32); ++ strscpy_pad(__entry->name, bdi_dev_name(bdi), 32); + __entry->nr_to_write = wbc->nr_to_write; + __entry->pages_skipped = wbc->pages_skipped; + __entry->sync_mode = wbc->sync_mode; +@@ -388,7 +385,7 @@ TRACE_EVENT(writeback_queue_io, + ), + TP_fast_assign( + unsigned long *older_than_this = work->older_than_this; +- strscpy_pad(__entry->name, dev_name(wb->bdi->dev), 32); ++ strscpy_pad(__entry->name, bdi_dev_name(wb->bdi), 32); + __entry->older = older_than_this ? *older_than_this : 0; + __entry->age = older_than_this ? + (jiffies - *older_than_this) * 1000 / HZ : -1; +@@ -474,7 +471,7 @@ TRACE_EVENT(bdi_dirty_ratelimit, + ), + + TP_fast_assign( +- strscpy_pad(__entry->bdi, dev_name(wb->bdi->dev), 32); ++ strscpy_pad(__entry->bdi, bdi_dev_name(wb->bdi), 32); + __entry->write_bw = KBps(wb->write_bandwidth); + __entry->avg_write_bw = KBps(wb->avg_write_bandwidth); + __entry->dirty_rate = KBps(dirty_rate); +@@ -539,7 +536,7 @@ TRACE_EVENT(balance_dirty_pages, + + TP_fast_assign( + unsigned long freerun = (thresh + bg_thresh) / 2; +- strscpy_pad(__entry->bdi, dev_name(wb->bdi->dev), 32); ++ strscpy_pad(__entry->bdi, bdi_dev_name(wb->bdi), 32); + + __entry->limit = global_wb_domain.dirty_limit; + __entry->setpoint = (global_wb_domain.dirty_limit + +@@ -600,7 +597,7 @@ TRACE_EVENT(writeback_sb_inodes_requeue, + + TP_fast_assign( + strscpy_pad(__entry->name, +- dev_name(inode_to_bdi(inode)->dev), 32); ++ bdi_dev_name(inode_to_bdi(inode)), 32); + __entry->ino = inode->i_ino; + __entry->state = inode->i_state; + __entry->dirtied_when = inode->dirtied_when; +@@ -674,7 +671,7 @@ DECLARE_EVENT_CLASS(writeback_single_ino + + TP_fast_assign( + strscpy_pad(__entry->name, +- dev_name(inode_to_bdi(inode)->dev), 32); ++ bdi_dev_name(inode_to_bdi(inode)), 32); + __entry->ino = inode->i_ino; + __entry->state = inode->i_state; + __entry->dirtied_when = inode->dirtied_when; +--- a/mm/backing-dev.c ++++ b/mm/backing-dev.c +@@ -21,6 +21,7 @@ struct backing_dev_info noop_backing_dev + EXPORT_SYMBOL_GPL(noop_backing_dev_info); + + static struct class *bdi_class; ++const char *bdi_unknown_name = "(unknown)"; + + /* + * bdi_lock protects bdi_tree and updates to bdi_list. bdi_list has RCU diff --git a/patches.suse/powerpc-convert-to-copy_thread_tls.patch b/patches.suse/powerpc-convert-to-copy_thread_tls.patch new file mode 100644 index 0000000..1d85d2d --- /dev/null +++ b/patches.suse/powerpc-convert-to-copy_thread_tls.patch @@ -0,0 +1,64 @@ +From: Nicholas Piggin +Date: Tue, 27 Aug 2019 13:30:06 +1000 +Subject: powerpc: convert to copy_thread_tls +Git-commit: facd04a904ff6cdc6ee85d6e85d500f478a1bec4 +Patch-mainline: v5.4-rc1 +References: bsc#1163988 + +Commit 3033f14ab78c3 ("clone: support passing tls argument via C rather +than pt_regs magic") introduced the HAVE_COPY_THREAD_TLS option. Use it +to avoid a subtle assumption about the argument ordering of clone type +syscalls. + +Signed-off-by: Nicholas Piggin +Signed-off-by: Michael Ellerman +Link: https://lore.kernel.org/r/20190827033010.28090-2-npiggin@gmail.com + +Acked-by: Michal Koutný +--- + arch/powerpc/Kconfig | 1 + + arch/powerpc/kernel/process.c | 9 +++++---- + 2 files changed, 6 insertions(+), 4 deletions(-) + +diff --git a/arch/powerpc/Kconfig b/arch/powerpc/Kconfig +index 3d65084f4066..cfb21856559b 100644 +--- a/arch/powerpc/Kconfig ++++ b/arch/powerpc/Kconfig +@@ -184,6 +184,7 @@ config PPC + select HAVE_STACKPROTECTOR if PPC64 && $(cc-option,-mstack-protector-guard=tls -mstack-protector-guard-reg=r13) + select HAVE_STACKPROTECTOR if PPC32 && $(cc-option,-mstack-protector-guard=tls -mstack-protector-guard-reg=r2) + select HAVE_CONTEXT_TRACKING if PPC64 ++ select HAVE_COPY_THREAD_TLS + select HAVE_DEBUG_KMEMLEAK + select HAVE_DEBUG_STACKOVERFLOW + select HAVE_DYNAMIC_FTRACE +diff --git a/arch/powerpc/kernel/process.c b/arch/powerpc/kernel/process.c +index 8fc4de0d22b4..24621e7e5033 100644 +--- a/arch/powerpc/kernel/process.c ++++ b/arch/powerpc/kernel/process.c +@@ -1600,8 +1600,9 @@ static void setup_ksp_vsid(struct task_struct *p, unsigned long sp) + /* + * Copy architecture-specific thread state + */ +-int copy_thread(unsigned long clone_flags, unsigned long usp, +- unsigned long kthread_arg, struct task_struct *p) ++int copy_thread_tls(unsigned long clone_flags, unsigned long usp, ++ unsigned long kthread_arg, struct task_struct *p, ++ unsigned long tls) + { + struct pt_regs *childregs, *kregs; + extern void ret_from_fork(void); +@@ -1642,10 +1643,10 @@ int copy_thread(unsigned long clone_flags, unsigned long usp, + if (clone_flags & CLONE_SETTLS) { + #ifdef CONFIG_PPC64 + if (!is_32bit_task()) +- childregs->gpr[13] = childregs->gpr[6]; ++ childregs->gpr[13] = tls; + else + #endif +- childregs->gpr[2] = childregs->gpr[6]; ++ childregs->gpr[2] = tls; + } + + f = ret_from_fork; + diff --git a/patches.suse/readdir-be-more-conservative-with-directory-entry-na.patch b/patches.suse/readdir-be-more-conservative-with-directory-entry-na.patch new file mode 100644 index 0000000..a205529 --- /dev/null +++ b/patches.suse/readdir-be-more-conservative-with-directory-entry-na.patch @@ -0,0 +1,62 @@ +From 2c6b7bcd747201441923a0d3062577a8d1fbd8f8 Mon Sep 17 00:00:00 2001 +From: Linus Torvalds +Date: Thu, 23 Jan 2020 10:05:05 -0800 +Subject: [PATCH] readdir: be more conservative with directory entry names +Git-commit: 2c6b7bcd747201441923a0d3062577a8d1fbd8f8 +Patch-mainline: v5.5 +References: bsc#1163907 + +Commit 8a23eb804ca4 ("Make filldir[64]() verify the directory entry +filename is valid") added some minimal validity checks on the directory +entries passed to filldir[64](). But they really were pretty minimal. + +This fleshes out at least the name length check: we used to disallow +zero-length names, but really, negative lengths or oevr-long names +aren't ok either. Both could happen if there is some filesystem +corruption going on. + +Now, most filesystems tend to use just an "unsigned char" or similar for +the length of a directory entry name, so even with a corrupt filesystem +you should never see anything odd like that. But since we then use the +name length to create the directory entry record length, let's make sure +it actually is half-way sensible. + +Note how POSIX states that the size of a path component is limited by +NAME_MAX, but we actually use PATH_MAX for the check here. That's +because while NAME_MAX is generally the correct maximum name length +(it's 255, for the same old "name length is usually just a byte on +disk"), there's nothing in the VFS layer that really cares. + +So the real limitation at a VFS layer is the total pathname length you +can pass as a filename: PATH_MAX. + +Signed-off-by: Linus Torvalds +Acked-by: Jan Kara + +--- + fs/readdir.c | 6 +++++- + 1 file changed, 5 insertions(+), 1 deletion(-) + +diff --git a/fs/readdir.c b/fs/readdir.c +index d26d5ea4de7b..03eedaf36134 100644 +--- a/fs/readdir.c ++++ b/fs/readdir.c +@@ -102,10 +102,14 @@ EXPORT_SYMBOL(iterate_dir); + * filename length, and the above "soft error" worry means + * that it's probably better left alone until we have that + * issue clarified. ++ * ++ * Note the PATH_MAX check - it's arbitrary but the real ++ * kernel limit on a possible path component, not NAME_MAX, ++ * which is the technical standard limit. + */ + static int verify_dirent_name(const char *name, int len) + { +- if (!len) ++ if (len <= 0 || len >= PATH_MAX) + return -EIO; + if (memchr(name, '/', len)) + return -EIO; +-- +2.16.4 + diff --git a/patches.suse/reiserfs-Fix-memory-leak-of-journal-device-string.patch b/patches.suse/reiserfs-Fix-memory-leak-of-journal-device-string.patch new file mode 100644 index 0000000..ce03cf6 --- /dev/null +++ b/patches.suse/reiserfs-Fix-memory-leak-of-journal-device-string.patch @@ -0,0 +1,45 @@ +From 5474ca7da6f34fa95e82edc747d5faa19cbdfb5c Mon Sep 17 00:00:00 2001 +From: Jan Kara +Date: Thu, 12 Dec 2019 11:30:03 +0100 +Subject: [PATCH] reiserfs: Fix memory leak of journal device string +Git-commit: 5474ca7da6f34fa95e82edc747d5faa19cbdfb5c +Patch-mainline: v5.6-rc1 +References: bsc#1163867 + +When a filesystem is mounted with jdev mount option, we store the +journal device name in an allocated string in superblock. However we +fail to ever free that string. Fix it. + +Reported-by: syzbot+1c6756baf4b16b94d2a6@syzkaller.appspotmail.com +Fixes: c3aa077648e1 ("reiserfs: Properly display mount options in /proc/mounts") +Cc: stable@vger.kernel.org +Signed-off-by: Jan Kara +Acked-by: Jan Kara + +--- + fs/reiserfs/super.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/fs/reiserfs/super.c b/fs/reiserfs/super.c +index 3244037b1286..d127af64283e 100644 +--- a/fs/reiserfs/super.c ++++ b/fs/reiserfs/super.c +@@ -629,6 +629,7 @@ static void reiserfs_put_super(struct super_block *s) + reiserfs_write_unlock(s); + mutex_destroy(&REISERFS_SB(s)->lock); + destroy_workqueue(REISERFS_SB(s)->commit_wq); ++ kfree(REISERFS_SB(s)->s_jdev); + kfree(s->s_fs_info); + s->s_fs_info = NULL; + } +@@ -2240,6 +2241,7 @@ static int reiserfs_fill_super(struct super_block *s, void *data, int silent) + kfree(qf_names[j]); + } + #endif ++ kfree(sbi->s_jdev); + kfree(sbi); + + s->s_fs_info = NULL; +-- +2.16.4 + diff --git a/patches.suse/reiserfs-Fix-spurious-unlock-in-reiserfs_fill_super-.patch b/patches.suse/reiserfs-Fix-spurious-unlock-in-reiserfs_fill_super-.patch new file mode 100644 index 0000000..9eb3444 --- /dev/null +++ b/patches.suse/reiserfs-Fix-spurious-unlock-in-reiserfs_fill_super-.patch @@ -0,0 +1,37 @@ +From 4d5c1adaf893b8aa52525d2b81995e949bcb3239 Mon Sep 17 00:00:00 2001 +From: Jan Kara +Date: Thu, 12 Dec 2019 11:35:58 +0100 +Subject: [PATCH] reiserfs: Fix spurious unlock in reiserfs_fill_super() error + handling +Git-commit: 4d5c1adaf893b8aa52525d2b81995e949bcb3239 +Patch-mainline: v5.6-rc1 +References: bsc#1163869 + +When we fail to allocate string for journal device name we jump to +'error' label which tries to unlock reiserfs write lock which is not +held. Jump to 'error_unlocked' instead. + +Fixes: f32485be8397 ("reiserfs: delay reiserfs lock until journal initialization") +Signed-off-by: Jan Kara +Acked-by: Jan Kara + +--- + fs/reiserfs/super.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/fs/reiserfs/super.c b/fs/reiserfs/super.c +index d127af64283e..a6bce5b1fb1d 100644 +--- a/fs/reiserfs/super.c ++++ b/fs/reiserfs/super.c +@@ -1948,7 +1948,7 @@ static int reiserfs_fill_super(struct super_block *s, void *data, int silent) + if (!sbi->s_jdev) { + SWARN(silent, s, "", "Cannot allocate memory for " + "journal device name"); +- goto error; ++ goto error_unlocked; + } + } + #ifdef CONFIG_QUOTA +-- +2.16.4 + diff --git a/patches.suse/ubifs-Fix-FS_IOC_SETFLAGS-unexpectedly-clearing-encr.patch b/patches.suse/ubifs-Fix-FS_IOC_SETFLAGS-unexpectedly-clearing-encr.patch new file mode 100644 index 0000000..ffe6186 --- /dev/null +++ b/patches.suse/ubifs-Fix-FS_IOC_SETFLAGS-unexpectedly-clearing-encr.patch @@ -0,0 +1,61 @@ +From 2b57067a7778484c10892fa191997bfda29fea13 Mon Sep 17 00:00:00 2001 +From: Eric Biggers +Date: Mon, 9 Dec 2019 14:23:24 -0800 +Subject: [PATCH] ubifs: Fix FS_IOC_SETFLAGS unexpectedly clearing encrypt flag +Git-commit: 2b57067a7778484c10892fa191997bfda29fea13 +Patch-mainline: v5.6-rc1 +References: bsc#1163855 + +UBIFS's implementation of FS_IOC_SETFLAGS fails to preserve existing +inode flags that aren't settable by FS_IOC_SETFLAGS, namely the encrypt +flag. This causes the encrypt flag to be unexpectedly cleared. + +Fix it by preserving existing unsettable flags, like ext4 and f2fs do. + +Test case with kvm-xfstests shell: + + FSTYP=ubifs KEYCTL_PROG=keyctl + . fs/ubifs/config + . ~/xfstests/common/encrypt + dev=$(__blkdev_to_ubi_volume /dev/vdc) + ubiupdatevol -t $dev + mount $dev /mnt -t ubifs + k=$(_generate_session_encryption_key) + mkdir /mnt/edir + xfs_io -c "set_encpolicy $k" /mnt/edir + echo contents > /mnt/edir/file + chattr +i /mnt/edir/file + chattr -i /mnt/edir/file + +With the bug, the following errors occur on the last command: + + [ 18.081559] fscrypt (ubifs, inode 67): Inconsistent encryption context (parent directory: 65) + chattr: Operation not permitted while reading flags on /mnt/edir/file + +Fixes: d475a507457b ("ubifs: Add skeleton for fscrypto") +Cc: # v4.10+ +Signed-off-by: Eric Biggers +Signed-off-by: Richard Weinberger +Acked-by: Jan Kara + +--- + fs/ubifs/ioctl.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/fs/ubifs/ioctl.c b/fs/ubifs/ioctl.c +index 5dc5abca11c7..eeb1be259888 100644 +--- a/fs/ubifs/ioctl.c ++++ b/fs/ubifs/ioctl.c +@@ -113,7 +113,8 @@ static int setflags(struct inode *inode, int flags) + if (err) + goto out_unlock; + +- ui->flags = ioctl2ubifs(flags); ++ ui->flags &= ~ioctl2ubifs(UBIFS_SUPPORTED_IOCTL_FLAGS); ++ ui->flags |= ioctl2ubifs(flags); + ubifs_set_inode_flags(inode); + inode->i_ctime = current_time(inode); + release = ui->dirty; +-- +2.16.4 + diff --git a/patches.suse/ubifs-Fix-deadlock-in-concurrent-bulk-read-and-write.patch b/patches.suse/ubifs-Fix-deadlock-in-concurrent-bulk-read-and-write.patch new file mode 100644 index 0000000..12cf7aa --- /dev/null +++ b/patches.suse/ubifs-Fix-deadlock-in-concurrent-bulk-read-and-write.patch @@ -0,0 +1,63 @@ +From f5de5b83303e61b1f3fb09bd77ce3ac2d7a475f2 Mon Sep 17 00:00:00 2001 +From: Zhihao Cheng +Date: Sat, 11 Jan 2020 17:50:36 +0800 +Subject: [PATCH] ubifs: Fix deadlock in concurrent bulk-read and writepage +Mime-version: 1.0 +Content-type: text/plain; charset=UTF-8 +Content-transfer-encoding: 8bit +Git-commit: f5de5b83303e61b1f3fb09bd77ce3ac2d7a475f2 +Patch-mainline: v5.6-rc1 +References: bsc#1163856 + +In ubifs, concurrent execution of writepage and bulk read on the same file +may cause ABBA deadlock, for example (Reproduce method see Link): + +Process A(Bulk-read starts from page4) Process B(write page4 back) + vfs_read wb_workfn or fsync + ... ... + generic_file_buffered_read write_cache_pages + ubifs_readpage LOCK(page4) + + ubifs_bulk_read ubifs_writepage + LOCK(ui->ui_mutex) ubifs_write_inode + + ubifs_do_bulk_read LOCK(ui->ui_mutex) + find_or_create_page(alloc page4) ↑ + LOCK(page4) <-- ABBA deadlock occurs! + +In order to ensure the serialization execution of bulk read, we can't +remove the big lock 'ui->ui_mutex' in ubifs_bulk_read(). Instead, we +allow ubifs_do_bulk_read() to lock page failed by replacing +find_or_create_page(FGP_LOCK) with +pagecache_get_page(FGP_LOCK | FGP_NOWAIT). + +Signed-off-by: Zhihao Cheng +Suggested-by: zhangyi (F) +Cc: +Fixes: 4793e7c5e1c ("UBIFS: add bulk-read facility") +Link: https://bugzilla.kernel.org/show_bug.cgi?id=206153 +Signed-off-by: Richard Weinberger +Acked-by: Jan Kara + +--- + fs/ubifs/file.c | 4 +++- + 1 file changed, 3 insertions(+), 1 deletion(-) + +diff --git a/fs/ubifs/file.c b/fs/ubifs/file.c +index cd52585c8f4f..c649048fcc81 100644 +--- a/fs/ubifs/file.c ++++ b/fs/ubifs/file.c +@@ -786,7 +786,9 @@ static int ubifs_do_bulk_read(struct ubifs_info *c, struct bu_info *bu, + + if (page_offset > end_index) + break; +- page = find_or_create_page(mapping, page_offset, ra_gfp_mask); ++ page = pagecache_get_page(mapping, page_offset, ++ FGP_LOCK|FGP_ACCESSED|FGP_CREAT|FGP_NOWAIT, ++ ra_gfp_mask); + if (!page) + break; + if (!PageUptodate(page)) +-- +2.16.4 + diff --git a/patches.suse/ubifs-Fix-ino_t-format-warnings-in-orphan_delete.patch b/patches.suse/ubifs-Fix-ino_t-format-warnings-in-orphan_delete.patch new file mode 100644 index 0000000..3bd168a --- /dev/null +++ b/patches.suse/ubifs-Fix-ino_t-format-warnings-in-orphan_delete.patch @@ -0,0 +1,61 @@ +From 155fc6ba488a8bdfd1d3be3d7ba98c9cec2b2429 Mon Sep 17 00:00:00 2001 +From: Geert Uytterhoeven +Date: Mon, 13 Jan 2020 11:51:56 +0100 +Subject: [PATCH] ubifs: Fix ino_t format warnings in orphan_delete() +Mime-version: 1.0 +Content-type: text/plain; charset=UTF-8 +Content-transfer-encoding: 8bit +Git-commit: 155fc6ba488a8bdfd1d3be3d7ba98c9cec2b2429 +Patch-mainline: v5.6-rc1 +References: bsc#1163915 + +On alpha and s390x: + + fs/ubifs/debug.h:158:11: warning: format ‘%lu’ expects argument of type ‘long unsigned int’, but argument 4 has type ‘ino_t {aka unsigned int}’ [-Wformat=] + ... + fs/ubifs/orphan.c:132:3: note: in expansion of macro ‘dbg_gen’ + dbg_gen("deleted twice ino %lu", orph->inum); + ... + fs/ubifs/orphan.c:140:3: note: in expansion of macro ‘dbg_gen’ + dbg_gen("delete later ino %lu", orph->inum); + +__kernel_ino_t is "unsigned long" on most architectures, but not on +alpha and s390x, where it is "unsigned int". Hence when printing an +ino_t, it should always be cast to "unsigned long" first. + +Fix this by re-adding the recently removed casts. + +Fixes: 8009ce956c3d2802 ("ubifs: Don't leak orphans on memory during commit") +Signed-off-by: Geert Uytterhoeven +Signed-off-by: Richard Weinberger +Acked-by: Jan Kara + +--- + fs/ubifs/orphan.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/fs/ubifs/orphan.c b/fs/ubifs/orphan.c +index 54d6db61106f..edf43ddd7dce 100644 +--- a/fs/ubifs/orphan.c ++++ b/fs/ubifs/orphan.c +@@ -129,7 +129,7 @@ static void __orphan_drop(struct ubifs_info *c, struct ubifs_orphan *o) + static void orphan_delete(struct ubifs_info *c, struct ubifs_orphan *orph) + { + if (orph->del) { +- dbg_gen("deleted twice ino %lu", orph->inum); ++ dbg_gen("deleted twice ino %lu", (unsigned long)orph->inum); + return; + } + +@@ -137,7 +137,7 @@ static void orphan_delete(struct ubifs_info *c, struct ubifs_orphan *orph) + orph->del = 1; + orph->dnext = c->orph_dnext; + c->orph_dnext = orph; +- dbg_gen("delete later ino %lu", orph->inum); ++ dbg_gen("delete later ino %lu", (unsigned long)orph->inum); + return; + } + +-- +2.16.4 + diff --git a/patches.suse/ubifs-Fix-memory-leak-from-c-sup_node.patch b/patches.suse/ubifs-Fix-memory-leak-from-c-sup_node.patch new file mode 100644 index 0000000..8887170 --- /dev/null +++ b/patches.suse/ubifs-Fix-memory-leak-from-c-sup_node.patch @@ -0,0 +1,60 @@ +From ff90bdfb206e49c8b418811efbdd0c77380fa8c2 Mon Sep 17 00:00:00 2001 +From: Quanyang Wang +Date: Tue, 14 Jan 2020 13:43:11 +0800 +Subject: [PATCH] ubifs: Fix memory leak from c->sup_node +Git-commit: ff90bdfb206e49c8b418811efbdd0c77380fa8c2 +Patch-mainline: v5.6-rc1 +References: bsc#1163916 + +The c->sup_node is allocated in function ubifs_read_sb_node but +is not freed. This will cause memory leak as below: + +unreferenced object 0xbc9ce000 (size 4096): + comm "mount", pid 500, jiffies 4294952946 (age 315.820s) + hex dump (first 32 bytes): + 31 18 10 06 06 7b f1 11 02 00 00 00 00 00 00 00 1....{.......... + 00 10 00 00 06 00 00 00 00 00 00 00 08 00 00 00 ................ + backtrace: + [] ubifs_read_superblock+0x48/0xebc + [] ubifs_mount+0x974/0x1420 + [<8589ecc3>] legacy_get_tree+0x2c/0x50 + [<5f1fb889>] vfs_get_tree+0x28/0xfc + [] do_mount+0x4f8/0x748 + [<4151f538>] ksys_mount+0x78/0xa0 + [] ret_fast_syscall+0x0/0x54 + [<1cc40005>] 0x7ea02790 + +Free it in ubifs_umount and in the error path of mount_ubifs. + +Fixes: fd6150051bec ("ubifs: Store read superblock node") +Signed-off-by: Quanyang Wang +Signed-off-by: Richard Weinberger +Acked-by: Jan Kara + +--- + fs/ubifs/super.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/fs/ubifs/super.c b/fs/ubifs/super.c +index 5e1e8ec0589e..7fc2f3f07c16 100644 +--- a/fs/ubifs/super.c ++++ b/fs/ubifs/super.c +@@ -1599,6 +1599,7 @@ static int mount_ubifs(struct ubifs_info *c) + vfree(c->ileb_buf); + vfree(c->sbuf); + kfree(c->bottom_up_buf); ++ kfree(c->sup_node); + ubifs_debugging_exit(c); + return err; + } +@@ -1641,6 +1642,7 @@ static void ubifs_umount(struct ubifs_info *c) + vfree(c->ileb_buf); + vfree(c->sbuf); + kfree(c->bottom_up_buf); ++ kfree(c->sup_node); + ubifs_debugging_exit(c); + } + +-- +2.16.4 + diff --git a/patches.suse/ubifs-Fix-wrong-memory-allocation.patch b/patches.suse/ubifs-Fix-wrong-memory-allocation.patch new file mode 100644 index 0000000..259a10c --- /dev/null +++ b/patches.suse/ubifs-Fix-wrong-memory-allocation.patch @@ -0,0 +1,40 @@ +From edec51374bce779f37fc209a228139c55d90ec8d Mon Sep 17 00:00:00 2001 +From: Sascha Hauer +Date: Wed, 4 Dec 2019 11:09:58 +0100 +Subject: [PATCH] ubifs: Fix wrong memory allocation +Git-commit: edec51374bce779f37fc209a228139c55d90ec8d +Patch-mainline: v5.6-rc1 +References: bsc#1163913 + +In create_default_filesystem() when we allocate the idx node we must use +the idx_node_size we calculated just one line before, not tmp, which +contains completely other data. + +Fixes: c4de6d7e4319 ("ubifs: Refactor create_default_filesystem()") +Cc: stable@vger.kernel.org # v4.20+ +Reported-by: Naga Sureshkumar Relli +Tested-by: Naga Sureshkumar Relli +Signed-off-by: Sascha Hauer +Signed-off-by: Richard Weinberger +Acked-by: Jan Kara + +--- + fs/ubifs/sb.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/fs/ubifs/sb.c b/fs/ubifs/sb.c +index 2b7c04bf8983..17c90dff7266 100644 +--- a/fs/ubifs/sb.c ++++ b/fs/ubifs/sb.c +@@ -161,7 +161,7 @@ static int create_default_filesystem(struct ubifs_info *c) + sup = kzalloc(ALIGN(UBIFS_SB_NODE_SZ, c->min_io_size), GFP_KERNEL); + mst = kzalloc(c->mst_node_alsz, GFP_KERNEL); + idx_node_size = ubifs_idx_node_sz(c, 1); +- idx = kzalloc(ALIGN(tmp, c->min_io_size), GFP_KERNEL); ++ idx = kzalloc(ALIGN(idx_node_size, c->min_io_size), GFP_KERNEL); + ino = kzalloc(ALIGN(UBIFS_INO_NODE_SZ, c->min_io_size), GFP_KERNEL); + cs = kzalloc(ALIGN(UBIFS_CS_NODE_SZ, c->min_io_size), GFP_KERNEL); + +-- +2.16.4 + diff --git a/patches.suse/ubifs-Fixed-missed-le64_to_cpu-in-journal.patch b/patches.suse/ubifs-Fixed-missed-le64_to_cpu-in-journal.patch new file mode 100644 index 0000000..eb89481 --- /dev/null +++ b/patches.suse/ubifs-Fixed-missed-le64_to_cpu-in-journal.patch @@ -0,0 +1,44 @@ +From df22b5b3ecc6233e33bd27f67f14c0cd1b5a5897 Mon Sep 17 00:00:00 2001 +From: "Ben Dooks (Codethink)" +Date: Wed, 16 Oct 2019 11:08:03 +0100 +Subject: [PATCH] ubifs: Fixed missed le64_to_cpu() in journal +Git-commit: df22b5b3ecc6233e33bd27f67f14c0cd1b5a5897 +Patch-mainline: v5.5-rc1 +References: bsc#1163901 + +In the ubifs_jnl_write_inode() functon, it calls ubifs_iget() +with xent->inum. The xent->inum is __le64, but the ubifs_iget() +takes native cpu endian. + +I think that this should be changed to passing le64_to_cpu(xent->inum) +to fix the following sparse warning: + +fs/ubifs/journal.c:902:58: warning: incorrect type in argument 2 (different base types) +fs/ubifs/journal.c:902:58: expected unsigned long inum +fs/ubifs/journal.c:902:58: got restricted __le64 [usertype] inum + +Fixes: 7959cf3a7506 ("ubifs: journal: Handle xattrs like files") +Signed-off-by: Ben Dooks +Signed-off-by: Richard Weinberger +Acked-by: Jan Kara + +--- + fs/ubifs/journal.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/fs/ubifs/journal.c b/fs/ubifs/journal.c +index d6136f7c1cfc..388fe8f5dc51 100644 +--- a/fs/ubifs/journal.c ++++ b/fs/ubifs/journal.c +@@ -899,7 +899,7 @@ int ubifs_jnl_write_inode(struct ubifs_info *c, const struct inode *inode) + fname_name(&nm) = xent->name; + fname_len(&nm) = le16_to_cpu(xent->nlen); + +- xino = ubifs_iget(c->vfs_sb, xent->inum); ++ xino = ubifs_iget(c->vfs_sb, le64_to_cpu(xent->inum)); + if (IS_ERR(xino)) { + err = PTR_ERR(xino); + ubifs_err(c, "dead directory entry '%s', error %d", +-- +2.16.4 + diff --git a/patches.suse/ubifs-do_kill_orphans-Fix-a-memory-leak-bug.patch b/patches.suse/ubifs-do_kill_orphans-Fix-a-memory-leak-bug.patch new file mode 100644 index 0000000..195cb38 --- /dev/null +++ b/patches.suse/ubifs-do_kill_orphans-Fix-a-memory-leak-bug.patch @@ -0,0 +1,73 @@ +From 10256f000932f12596dc043cf880ecf488a32510 Mon Sep 17 00:00:00 2001 +From: Zhihao Cheng +Date: Tue, 29 Oct 2019 20:58:23 +0800 +Subject: [PATCH] ubifs: do_kill_orphans: Fix a memory leak bug +Git-commit: 10256f000932f12596dc043cf880ecf488a32510 +Patch-mainline: v5.5-rc1 +References: bsc#1163902 + +If there are more than one valid snod on the sleb->nodes list, +do_kill_orphans will malloc ino more than once without releasing +previous ino's memory. Finally, it will trigger memory leak. + +Fixes: ee1438ce5dc4 ("ubifs: Check link count of inodes when...") +Signed-off-by: Zhihao Cheng +Signed-off-by: zhangyi (F) +Signed-off-by: Richard Weinberger +Acked-by: Jan Kara + +--- + fs/ubifs/orphan.c | 17 ++++++++++------- + 1 file changed, 10 insertions(+), 7 deletions(-) + +diff --git a/fs/ubifs/orphan.c b/fs/ubifs/orphan.c +index 3b4b4114f208..54d6db61106f 100644 +--- a/fs/ubifs/orphan.c ++++ b/fs/ubifs/orphan.c +@@ -631,12 +631,17 @@ static int do_kill_orphans(struct ubifs_info *c, struct ubifs_scan_leb *sleb, + ino_t inum; + int i, n, err, first = 1; + ++ ino = kmalloc(UBIFS_MAX_INO_NODE_SZ, GFP_NOFS); ++ if (!ino) ++ return -ENOMEM; ++ + list_for_each_entry(snod, &sleb->nodes, list) { + if (snod->type != UBIFS_ORPH_NODE) { + ubifs_err(c, "invalid node type %d in orphan area at %d:%d", + snod->type, sleb->lnum, snod->offs); + ubifs_dump_node(c, snod->node); +- return -EINVAL; ++ err = -EINVAL; ++ goto out_free; + } + + orph = snod->node; +@@ -663,20 +668,18 @@ static int do_kill_orphans(struct ubifs_info *c, struct ubifs_scan_leb *sleb, + ubifs_err(c, "out of order commit number %llu in orphan node at %d:%d", + cmt_no, sleb->lnum, snod->offs); + ubifs_dump_node(c, snod->node); +- return -EINVAL; ++ err = -EINVAL; ++ goto out_free; + } + dbg_rcvry("out of date LEB %d", sleb->lnum); + *outofdate = 1; +- return 0; ++ err = 0; ++ goto out_free; + } + + if (first) + first = 0; + +- ino = kmalloc(UBIFS_MAX_INO_NODE_SZ, GFP_NOFS); +- if (!ino) +- return -ENOMEM; +- + n = (le32_to_cpu(orph->ch.len) - UBIFS_ORPH_NODE_SZ) >> 3; + for (i = 0; i < n; i++) { + union ubifs_key key1, key2; +-- +2.16.4 + diff --git a/patches.suse/ubifs-don-t-trigger-assertion-on-invalid-no-key-file.patch b/patches.suse/ubifs-don-t-trigger-assertion-on-invalid-no-key-file.patch new file mode 100644 index 0000000..a00e789 --- /dev/null +++ b/patches.suse/ubifs-don-t-trigger-assertion-on-invalid-no-key-file.patch @@ -0,0 +1,53 @@ +From f0d07a98a070bb5e443df19c3aa55693cbca9341 Mon Sep 17 00:00:00 2001 +From: Eric Biggers +Date: Mon, 20 Jan 2020 14:31:59 -0800 +Subject: [PATCH] ubifs: don't trigger assertion on invalid no-key filename +Git-commit: f0d07a98a070bb5e443df19c3aa55693cbca9341 +Patch-mainline: v5.6-rc1 +References: bsc#1163850 + +If userspace provides an invalid fscrypt no-key filename which encodes a +hash value with any of the UBIFS node type bits set (i.e. the high 3 +bits), gracefully report ENOENT rather than triggering ubifs_assert(). + +Test case with kvm-xfstests shell: + + . fs/ubifs/config + . ~/xfstests/common/encrypt + dev=$(__blkdev_to_ubi_volume /dev/vdc) + ubiupdatevol $dev -t + mount $dev /mnt -t ubifs + mkdir /mnt/edir + xfs_io -c set_encpolicy /mnt/edir + rm /mnt/edir/_,,,,,DAAAAAAAAAAAAAAAAAAAAAAAAAA + +With the bug, the following assertion fails on the 'rm' command: + + [ 19.066048] UBIFS error (ubi0:0 pid 379): ubifs_assert_failed: UBIFS assert failed: !(hash & ~UBIFS_S_KEY_HASH_MASK), in fs/ubifs/key.h:170 + +Fixes: f4f61d2cc6d8 ("ubifs: Implement encrypted filenames") +Cc: # v4.10+ +Link: https://lore.kernel.org/r/20200120223201.241390-5-ebiggers@kernel.org +Signed-off-by: Eric Biggers +Acked-by: Jan Kara + +--- + fs/ubifs/dir.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/fs/ubifs/dir.c b/fs/ubifs/dir.c +index 636c3222c230..5f937226976a 100644 +--- a/fs/ubifs/dir.c ++++ b/fs/ubifs/dir.c +@@ -228,6 +228,8 @@ static struct dentry *ubifs_lookup(struct inode *dir, struct dentry *dentry, + if (nm.hash) { + ubifs_assert(c, fname_len(&nm) == 0); + ubifs_assert(c, fname_name(&nm) == NULL); ++ if (nm.hash & ~UBIFS_S_KEY_HASH_MASK) ++ goto done; /* ENOENT */ + dent_key_init_hash(c, &key, dir->i_ino, nm.hash); + err = ubifs_tnc_lookup_dh(c, &key, dent, nm.minor_hash); + } else { +-- +2.16.4 + diff --git a/patches.suse/udf-Allow-writing-to-Rewritable-partitions.patch b/patches.suse/udf-Allow-writing-to-Rewritable-partitions.patch new file mode 100644 index 0000000..33987c5 --- /dev/null +++ b/patches.suse/udf-Allow-writing-to-Rewritable-partitions.patch @@ -0,0 +1,60 @@ +From 15fb05fd286ac57a0802d71624daeb5c1c2d5b07 Mon Sep 17 00:00:00 2001 +From: Jan Kara +Date: Fri, 17 Jan 2020 12:11:14 +0100 +Subject: [PATCH] udf: Allow writing to 'Rewritable' partitions +Mime-version: 1.0 +Content-type: text/plain; charset=UTF-8 +Content-transfer-encoding: 8bit +Git-commit: 15fb05fd286ac57a0802d71624daeb5c1c2d5b07 +Patch-mainline: v5.6-rc1 +References: bsc#1163919 + +UDF 2.60 standard states in section 2.2.14.2: + + A partition with Access Type 3 (rewritable) shall define a Freed + Space Bitmap or a Freed Space Table, see 2.3.3. All other partitions + shall not define a Freed Space Bitmap or a Freed Space Table. + + Rewritable partitions are used on media that require some form of + preprocessing before re-writing data (for example legacy MO). Such + partitions shall use Access Type 3. + + Overwritable partitions are used on media that do not require + preprocessing before overwriting data (for example: CD-RW, DVD-RW, + DVD+RW, DVD-RAM, BD-RE, HD DVD-Rewritable). Such partitions shall + use Access Type 4. + +however older versions of the standard didn't have this wording and +there are tools out there that create UDF filesystems with rewritable +partitions but that don't contain a Freed Space Bitmap or a Freed Space +Table on media that does not require pre-processing before overwriting a +block. So instead of forcing media with rewritable partition read-only, +base this decision on presence of a Freed Space Bitmap or a Freed Space +Table. + +Reported-by: Pali Rohár +Reviewed-by: Pali Rohár +Fixes: b085fbe2ef7f ("udf: Fix crash during mount") +Link: https://lore.kernel.org/linux-fsdevel/20200112144735.hj2emsoy4uwsouxz@pali +Signed-off-by: Jan Kara +Acked-by: Jan Kara + +--- + fs/udf/super.c | 1 - + 1 file changed, 1 deletion(-) + +diff --git a/fs/udf/super.c b/fs/udf/super.c +index 96d001a4a844..fd96d7bfc0e4 100644 +--- a/fs/udf/super.c ++++ b/fs/udf/super.c +@@ -1035,7 +1035,6 @@ static int check_partition_desc(struct super_block *sb, + switch (le32_to_cpu(p->accessType)) { + case PD_ACCESS_TYPE_READ_ONLY: + case PD_ACCESS_TYPE_WRITE_ONCE: +- case PD_ACCESS_TYPE_REWRITABLE: + case PD_ACCESS_TYPE_NONE: + goto force_ro; + } +-- +2.16.4 + diff --git a/patches.suse/vfs-add-super_operations-get_inode_dev b/patches.suse/vfs-add-super_operations-get_inode_dev index c0cdb75..d57c482 100644 --- a/patches.suse/vfs-add-super_operations-get_inode_dev +++ b/patches.suse/vfs-add-super_operations-get_inode_dev @@ -40,10 +40,10 @@ Signed-off-by: Jeff Mahoney --- a/fs/locks.c +++ b/fs/locks.c -@@ -2792,8 +2792,8 @@ +@@ -2792,8 +2792,8 @@ static void lock_get_status(struct seq_f if (inode) { /* userspace relies on this representation of dev_t */ - seq_printf(f, "%d %02x:%02x:%ld ", fl_pid, + seq_printf(f, "%d %02x:%02x:%lu ", fl_pid, - MAJOR(inode->i_sb->s_dev), - MINOR(inode->i_sb->s_dev), inode->i_ino); + MAJOR(inode_get_dev(inode)), @@ -53,7 +53,7 @@ Signed-off-by: Jeff Mahoney } --- a/fs/nfsd/nfs3xdr.c +++ b/fs/nfsd/nfs3xdr.c -@@ -147,7 +147,7 @@ +@@ -147,7 +147,7 @@ static __be32 *encode_fsid(__be32 *p, st default: case FSIDSOURCE_DEV: p = xdr_encode_hyper(p, (u64)huge_encode_dev @@ -64,7 +64,7 @@ Signed-off-by: Jeff Mahoney p = xdr_encode_hyper(p, (u64) fhp->fh_export->ex_fsid); --- a/fs/nfsd/vfs.c +++ b/fs/nfsd/vfs.c -@@ -812,7 +812,7 @@ +@@ -812,7 +812,7 @@ struct raparms * nfsd_init_raparms(struct file *file) { struct inode *inode = file_inode(file); @@ -73,7 +73,7 @@ Signed-off-by: Jeff Mahoney ino_t ino = inode->i_ino; struct raparms *ra, **rap, **frap = NULL; int depth = 0; -@@ -975,7 +975,7 @@ +@@ -975,7 +975,7 @@ static int wait_for_concurrent_writes(st int err = 0; if (atomic_read(&inode->i_writecount) > 1 @@ -82,7 +82,7 @@ Signed-off-by: Jeff Mahoney dprintk("nfsd: write defer %d\n", task_pid_nr(current)); msleep(10); dprintk("nfsd: write resume %d\n", task_pid_nr(current)); -@@ -986,7 +986,7 @@ +@@ -986,7 +986,7 @@ static int wait_for_concurrent_writes(st err = vfs_fsync(file, 0); } last_ino = inode->i_ino; @@ -93,7 +93,7 @@ Signed-off-by: Jeff Mahoney --- a/fs/notify/fdinfo.c +++ b/fs/notify/fdinfo.c -@@ -92,7 +92,7 @@ +@@ -92,7 +92,7 @@ static void inotify_fdinfo(struct seq_fi */ u32 mask = mark->mask & IN_ALL_EVENTS; seq_printf(m, "inotify wd:%x ino:%lx sdev:%x mask:%x ignored_mask:%x ", @@ -102,7 +102,7 @@ Signed-off-by: Jeff Mahoney mask, mark->ignored_mask); show_mark_fhandle(m, inode); seq_putc(m, '\n'); -@@ -122,7 +122,7 @@ +@@ -122,7 +122,7 @@ static void fanotify_fdinfo(struct seq_f if (!inode) return; seq_printf(m, "fanotify ino:%lx sdev:%x mflags:%x mask:%x ignored_mask:%x ", @@ -113,7 +113,7 @@ Signed-off-by: Jeff Mahoney seq_putc(m, '\n'); --- a/fs/proc/nommu.c +++ b/fs/proc/nommu.c -@@ -42,7 +42,7 @@ +@@ -42,7 +42,7 @@ static int nommu_region_show(struct seq_ if (file) { struct inode *inode = file_inode(region->vm_file); @@ -124,7 +124,7 @@ Signed-off-by: Jeff Mahoney --- a/fs/proc/task_mmu.c +++ b/fs/proc/task_mmu.c -@@ -310,7 +310,7 @@ +@@ -310,7 +310,7 @@ show_map_vma(struct seq_file *m, struct if (file) { struct inode *inode = file_inode(vma->vm_file); @@ -135,7 +135,7 @@ Signed-off-by: Jeff Mahoney } --- a/fs/proc/task_nommu.c +++ b/fs/proc/task_nommu.c -@@ -156,7 +156,7 @@ +@@ -156,7 +156,7 @@ static int nommu_vma_show(struct seq_fil if (file) { struct inode *inode = file_inode(vma->vm_file); @@ -157,7 +157,7 @@ Signed-off-by: Jeff Mahoney stat->nlink = inode->i_nlink; --- a/include/linux/fs.h +++ b/include/linux/fs.h -@@ -1940,6 +1940,7 @@ +@@ -1947,6 +1947,7 @@ struct super_operations { struct shrink_control *); long (*free_cached_objects)(struct super_block *, struct shrink_control *); @@ -165,7 +165,7 @@ Signed-off-by: Jeff Mahoney }; /* -@@ -3566,4 +3567,12 @@ +@@ -3573,4 +3574,12 @@ static inline int inode_drain_writes(str return filemap_write_and_wait(inode->i_mapping); } @@ -180,7 +180,7 @@ Signed-off-by: Jeff Mahoney #endif /* _LINUX_FS_H */ --- a/include/trace/events/filelock.h +++ b/include/trace/events/filelock.h -@@ -48,7 +48,7 @@ +@@ -48,7 +48,7 @@ TRACE_EVENT(locks_get_lock_context, ), TP_fast_assign( @@ -189,7 +189,7 @@ Signed-off-by: Jeff Mahoney __entry->i_ino = inode->i_ino; __entry->type = type; __entry->ctx = ctx; -@@ -80,7 +80,7 @@ +@@ -80,7 +80,7 @@ DECLARE_EVENT_CLASS(filelock_lock, TP_fast_assign( __entry->fl = fl ? fl : NULL; @@ -198,7 +198,7 @@ Signed-off-by: Jeff Mahoney __entry->i_ino = inode->i_ino; __entry->fl_blocker = fl ? fl->fl_blocker : NULL; __entry->fl_owner = fl ? fl->fl_owner : NULL; -@@ -135,7 +135,7 @@ +@@ -135,7 +135,7 @@ DECLARE_EVENT_CLASS(filelock_lease, TP_fast_assign( __entry->fl = fl ? fl : NULL; @@ -207,7 +207,7 @@ Signed-off-by: Jeff Mahoney __entry->i_ino = inode->i_ino; __entry->fl_blocker = fl ? fl->fl_blocker : NULL; __entry->fl_owner = fl ? fl->fl_owner : NULL; -@@ -185,7 +185,7 @@ +@@ -185,7 +185,7 @@ TRACE_EVENT(generic_add_lease, ), TP_fast_assign( @@ -218,7 +218,7 @@ Signed-off-by: Jeff Mahoney __entry->dcount = d_count(fl->fl_file->f_path.dentry); --- a/include/trace/events/filemap.h +++ b/include/trace/events/filemap.h -@@ -31,7 +31,7 @@ +@@ -31,7 +31,7 @@ DECLARE_EVENT_CLASS(mm_filemap_op_page_c __entry->i_ino = page->mapping->host->i_ino; __entry->index = page->index; if (page->mapping->host->i_sb) @@ -229,7 +229,7 @@ Signed-off-by: Jeff Mahoney ), --- a/include/trace/events/writeback.h +++ b/include/trace/events/writeback.h -@@ -726,7 +726,7 @@ +@@ -726,7 +726,7 @@ DECLARE_EVENT_CLASS(writeback_inode_temp ), TP_fast_assign( @@ -240,7 +240,7 @@ Signed-off-by: Jeff Mahoney __entry->mode = inode->i_mode; --- a/kernel/audit_fsnotify.c +++ b/kernel/audit_fsnotify.c -@@ -67,7 +67,7 @@ +@@ -67,7 +67,7 @@ int audit_mark_compare(struct audit_fsno static void audit_update_mark(struct audit_fsnotify_mark *audit_mark, const struct inode *inode) { @@ -251,7 +251,7 @@ Signed-off-by: Jeff Mahoney --- a/kernel/audit_watch.c +++ b/kernel/audit_watch.c -@@ -353,7 +353,7 @@ +@@ -353,7 +353,7 @@ static int audit_get_nd(struct audit_wat return PTR_ERR(d); if (d_is_positive(d)) { /* update watch filter fields */ @@ -260,7 +260,7 @@ Signed-off-by: Jeff Mahoney watch->ino = d_backing_inode(d)->i_ino; } inode_unlock(d_backing_inode(parent->dentry)); -@@ -494,7 +494,7 @@ +@@ -494,7 +494,7 @@ static int audit_watch_handle_event(stru } if (mask & (FS_CREATE|FS_MOVED_TO) && inode) @@ -269,7 +269,7 @@ Signed-off-by: Jeff Mahoney else if (mask & (FS_DELETE|FS_MOVED_FROM)) audit_update_watch(parent, dname, AUDIT_DEV_UNSET, AUDIT_INO_UNSET, 1); else if (mask & (FS_DELETE_SELF|FS_UNMOUNT|FS_MOVE_SELF)) -@@ -548,7 +548,7 @@ +@@ -548,7 +548,7 @@ int audit_exe_compare(struct task_struct if (!exe_file) return 0; ino = file_inode(exe_file)->i_ino; @@ -280,7 +280,7 @@ Signed-off-by: Jeff Mahoney } --- a/kernel/auditsc.c +++ b/kernel/auditsc.c -@@ -1922,7 +1922,7 @@ +@@ -1922,7 +1922,7 @@ static void audit_copy_inode(struct audi struct inode *inode, unsigned int flags) { name->ino = inode->i_ino; @@ -289,7 +289,7 @@ Signed-off-by: Jeff Mahoney name->mode = inode->i_mode; name->uid = inode->i_uid; name->gid = inode->i_gid; -@@ -1994,7 +1994,7 @@ +@@ -1994,7 +1994,7 @@ void __audit_inode(struct filename *name if (n->ino) { /* valid inode number, use that for the comparison */ if (n->ino != inode->i_ino || @@ -298,7 +298,7 @@ Signed-off-by: Jeff Mahoney continue; } else if (n->name) { /* inode number has not been set, check the name */ -@@ -2099,7 +2099,7 @@ +@@ -2099,7 +2099,7 @@ void __audit_inode_child(struct inode *p n->type != AUDIT_TYPE_UNKNOWN)) continue; @@ -309,7 +309,7 @@ Signed-off-by: Jeff Mahoney if (n->type == AUDIT_TYPE_UNKNOWN) --- a/kernel/events/core.c +++ b/kernel/events/core.c -@@ -7470,7 +7470,7 @@ +@@ -7470,7 +7470,7 @@ static void perf_event_mmap_event(struct goto cpy_name; } inode = file_inode(vma->vm_file); @@ -320,7 +320,7 @@ Signed-off-by: Jeff Mahoney maj = MAJOR(dev); --- a/mm/memory-failure.c +++ b/mm/memory-failure.c -@@ -97,7 +97,7 @@ +@@ -97,7 +97,7 @@ static int hwpoison_filter_dev(struct pa if (mapping == NULL || mapping->host == NULL) return -EINVAL; @@ -331,7 +331,7 @@ Signed-off-by: Jeff Mahoney return -EINVAL; --- a/net/unix/diag.c +++ b/net/unix/diag.c -@@ -30,7 +30,7 @@ +@@ -30,7 +30,7 @@ static int sk_diag_dump_vfs(struct sock if (dentry) { struct unix_diag_vfs uv = { .udiag_vfs_ino = d_backing_inode(dentry)->i_ino, @@ -342,7 +342,7 @@ Signed-off-by: Jeff Mahoney return nla_put(nlskb, UNIX_DIAG_VFS, sizeof(uv), &uv); --- a/security/tomoyo/condition.c +++ b/security/tomoyo/condition.c -@@ -743,7 +743,7 @@ +@@ -743,7 +743,7 @@ void tomoyo_get_attributes(struct tomoyo stat->gid = inode->i_gid; stat->ino = inode->i_ino; stat->mode = inode->i_mode; diff --git a/series.conf b/series.conf index 14efe2b..a2eaedb 100644 --- a/series.conf +++ b/series.conf @@ -723,6 +723,7 @@ patches.suse/KVM-PPC-Book3S-Enable-XIVE-native-capability-only-if.patch patches.suse/KVM-PPC-Book3S-HV-Check-for-MMU-ready-on-piggybacked.patch patches.suse/KVM-PPC-Book3S-HV-Don-t-lose-pending-doorbell-reques.patch + patches.suse/arm64-KVM-Device-mappings-should-be-execute-never.patch patches.suse/KVM-arm-arm64-vgic-Allow-more-than-256-vcpus-for-KVM.patch patches.suse/KVM-x86-always-stop-emulation-on-page-fault.patch patches.suse/KVM-x86-set-ctxt-have_exception-in-x86_decode_insn.patch @@ -2491,6 +2492,7 @@ patches.suse/selftests-powerpc-Retry-on-host-facility-unavailable.patch patches.suse/powerpc-64s-support-nospectre_v2-cmdline-option.patch patches.suse/powerpc-spinlocks-Refactor-SHARED_PROCESSOR.patch + patches.suse/powerpc-convert-to-copy_thread_tls.patch patches.suse/powerpc-64s-exception-machine-check-fwnmi-remove-HV-.patch patches.suse/powerpc-64s-exception-machine-check-remove-bitrotted.patch patches.suse/powerpc-64s-exception-machine-check-fix-KVM-guest-te.patch @@ -3002,6 +3004,7 @@ patches.suse/ext4-fix-warning-inside-ext4_convert_unwritten_exten.patch patches.suse/ext4-fix-punch-hole-for-inline_data-file-systems.patch patches.suse/ext4-fix-potential-use-after-free-after-remounting-w.patch + patches.suse/ext4-fix-kernel-oops-caused-by-spurious-casefold-fla.patch patches.suse/quota-fix-wrong-condition-in-is_quota_modification.patch patches.suse/f2fs-fix-to-drop-meta-node-pages-during-umount.patch patches.suse/gfs2-clear-buf_in_tr-when-ending-a-transaction-in-sw.patch @@ -4932,7 +4935,10 @@ patches.suse/io_uring-Fix-mm_fault-with-READ-WRITE_FIXED.patch patches.suse/ahci-tegra-use-regulator_bulk_set_supply_names.patch patches.suse/libata-Ensure-ata_port-probe-has-completed-before-de.patch + patches.suse/fcntl-fix-typo-in-RWH_WRITE_LIFE_NOT_SET-r-w-hint-na.patch patches.suse/blk-mq-avoid-sysfs-buffer-overflow-with-too-many-CPU.patch + patches.suse/bdev-Factor-out-bdev-revalidation-into-a-common-help.patch + patches.suse/bdev-Refresh-bdev-size-for-disks-without-partitionin.patch patches.suse/blk-mq-make-sure-that-line-break-can-be-printed.patch patches.suse/block-Warn-if-elevator-parameter-is-used.patch patches.suse/md-raid0-Fix-an-error-message-in-raid0_make_request.patch @@ -7021,6 +7027,8 @@ patches.suse/xfs-Sanity-check-flags-of-Q_XQUOTARM-call.patch patches.suse/xfs-properly-serialise-fallocate-against-AIO-DIO.patch patches.suse/xfs-attach-dquots-and-reserve-quota-blocks-during-un.patch + patches.suse/ubifs-Fixed-missed-le64_to_cpu-in-journal.patch + patches.suse/ubifs-do_kill_orphans-Fix-a-memory-leak-bug.patch patches.suse/0026-modpost-do-not-invoke-extra-modpost-for-nsdeps.patch patches.suse/0027-modpost-free-ns_deps_buf.p-after-writing-ns_deps-fil.patch patches.suse/0028-modpost-dump-missing-namespaces-into-a-single-module.patch @@ -7262,6 +7270,7 @@ patches.suse/SUNRPC-Fix-backchannel-latency-metrics.patch patches.suse/nfsd-Ensure-CLONE-persists-data-and-metadata-changes.patch patches.suse/xfs-fix-mount-failure-crash-on-invalid-iclog-memory-.patch + patches.suse/iomap-fix-sub-page-uptodate-handling.patch patches.suse/Input-goodix-add-upside-down-quirk-for-Teclast-X89-t.patch patches.suse/Input-synaptics-rmi4-re-enable-IRQs-in-f34v7_do_refl.patch patches.suse/CIFS-Fix-NULL-pointer-dereference-in-smb2_push_manda.patch @@ -7650,11 +7659,15 @@ patches.suse/sbitmap-only-queue-kyber-s-wait-callback-if-not-alre.patch patches.suse/ext4-fix-ext4_empty_dir-for-directories-with-holes.patch patches.suse/ext4-check-for-directory-entries-too-close-to-block-.patch + patches.suse/ext4-unlock-on-error-in-ext4_expand_extra_isize.patch + patches.suse/ext4-validate-the-debug_want_extra_isize-mount-optio.patch patches.suse/xfs-use-bitops-interface-for-buf-log-item-AIL-flag-c.patch patches.suse/gpio-mpc8xxx-Add-platform-device-to-gpiochip-parent.patch patches.suse/gpio-Fix-error-message-on-out-of-range-GPIO-in-looku.patch patches.suse/gpio-xtensa-fix-driver-build.patch patches.suse/gpiolib-fix-up-emulated-open-drain-outputs.patch + patches.suse/compat_ioctl-block-handle-BLKREPORTZONE-BLKRESETZONE.patch + patches.suse/compat_ioctl-block-handle-BLKGETZONESZ-BLKGETNRZONES.patch patches.suse/libata-Fix-retrieving-of-active-qcs.patch patches.suse/ata-libahci_platform-Export-again-ahci_platform_-en-.patch patches.suse/ata-ahci_brcm-Fix-AHCI-resources-management.patch @@ -7662,6 +7675,7 @@ patches.suse/ata-ahci_brcm-Add-missing-clock-management-during-re.patch patches.suse/rseq-selftests-Fix-Namespace-gettid-for-compatibilit.patch patches.suse/drm-i915-Hold-reference-to-intel_frontbuffer-as-we-t.patch + patches.suse/locks-print-unsigned-ino-in-proc-locks.patch patches.suse/tomoyo-Don-t-use-nifty-names-on-sockets.patch patches.suse/udp-fix-integer-overflow-while-computing-available-s.patch patches.suse/sctp-fix-err-handling-of-stream-initialization.patch @@ -7707,6 +7721,7 @@ patches.suse/taskstats-fix-data-race.patch patches.suse/exit-panic-before-exit_mm-on-global-init-exit.patch patches.suse/gen_initramfs_list.sh-fix-bad-variable-name-error.patch + patches.suse/block-fix-splitting-segments-on-boundary-masks.patch patches.suse/Btrfs-fix-infinite-loop-during-nocow-writeback-due-t.patch patches.suse/media-cec-CEC-2.0-only-bcast-messages-were-ignored.patch patches.suse/media-cec-avoid-decrementing-transmit_queue_sz-if-it.patch @@ -7855,6 +7870,7 @@ patches.suse/arm64-Move-__ARCH_WANT_SYS_CLONE3-definition-to-uapi.patch patches.suse/arm64-Implement-copy_thread_tls.patch patches.suse/arm-Implement-copy_thread_tls.patch + patches.suse/clone3-ensure-copy_thread_tls-is-implemented.patch patches.suse/i2c-bcm2835-Store-pointer-to-bus-clock.patch patches.suse/i2c-fix-bus-recovery-stop-mode-timing.patch patches.suse/iommu-vt-d-fix-adding-non-pci-devices-to-intel-iommu @@ -7888,6 +7904,7 @@ patches.suse/clk-sunxi-ng-r40-Allow-setting-parent-rate-for-exter.patch patches.suse/clk-sunxi-ng-sun8i-r-Fix-divider-on-APB0-clock.patch patches.suse/clk-sunxi-ng-h6-r-Fix-AR100-R_APB2-parent-order.patch + patches.suse/arm64-dts-agilex-stratix10-fix-pmu-interrupt-numbers.patch patches.suse/clk-mmp2-Fix-the-order-of-timer-mux-parents.patch patches.suse/ARM-OMAP2-Fix-ti_sysc_find_one_clockdomain-to-check-.patch patches.suse/bus-ti-sysc-Fix-iterating-over-clocks.patch @@ -7907,6 +7924,7 @@ patches.suse/ARM-dts-imx6sll-evk-Remove-incorrect-power-supply-as.patch patches.suse/ARM-dts-imx7-Fix-Toradex-Colibri-iMX7S-256MB-NAND-fl.patch patches.suse/arm64-dts-allwinner-a64-olinuxino-Fix-SDIO-supply-re.patch + patches.suse/block-fix-get_max_segment_size-overflow-on-32bit-arc.patch patches.suse/ALSA-firewire-tascam-fix-corruption-due-to-spin-lock.patch patches.suse/ALSA-dice-fix-fallback-from-protocol-extension-into-.patch patches.suse/ALSA-usb-audio-fix-sync-ep-altsetting-sanity-check.patch @@ -8023,6 +8041,7 @@ patches.suse/hwmon-adt7475-Make-volt2reg-return-same-reg-as-reg2v.patch patches.suse/hwmon-core-Do-not-use-device-managed-functions-for-m.patch patches.suse/led-max77650-add-of_match-table.patch + patches.suse/readdir-be-more-conservative-with-directory-entry-na.patch patches.suse/readdir-make-user_access_begin-use-the-real-access-r.patch patches.suse/PCI-Mark-AMD-Navi14-GPU-rev-0xc5-ATS-as-broken.patch patches.suse/PM-hibernate-fix-crashes-with-init_on_free-1.patch @@ -8183,6 +8202,7 @@ patches.suse/btrfs-fix-split-brain-handling-when-changing-fsid-to-metadata-uuid.patch patches.suse/fs-allow-deduplication-of-eof-block-into-the-end-of-.patch patches.suse/Btrfs-make-deduplication-with-range-including-the-la.patch + patches.suse/ubifs-don-t-trigger-assertion-on-invalid-no-key-file.patch patches.suse/hwrng-iproc-rng200-add-support-for-bcm2711.patch patches.suse/crypto-ccree-fix-backlog-memory-leak.patch patches.suse/crypto-ccp-set-max-RSA-modulus-size-for-v3-platform-.patch @@ -8556,6 +8576,7 @@ patches.suse/mei-hdcp-bind-only-with-i915-on-the-same-PCH.patch patches.suse/visorbus-fix-uninitialized-variable-access.patch patches.suse/mei-me-add-comet-point-lake-H-device-ids.patch + patches.suse/erofs-fix-out-of-bound-read-for-shifted-uncompressed.patch patches.suse/selftests-settings-tests-can-be-in-subsubdirs.patch patches.suse/scripts-find-unused-docs-Fix-massive-false-positives.patch patches.suse/scsi-qla2xxx-Remove-defer-flag-to-indicate-immeadiat.patch @@ -8626,6 +8647,21 @@ patches.suse/drm-msm-adreno-fix-zap-vs-no-zap-handling.patch patches.suse/drm-msm-mdp4-Adjust-indentation-in-mdp4_dsi_encoder_.patch patches.suse/drm-vmwgfx-prevent-memory-leak-in-vmw_cmdbuf_res_add.patch + patches.suse/ext4-fix-deadlock-allocating-crypto-bounce-page-from.patch + patches.suse/jbd2-clear-JBD2_ABORT-flag-before-journal_reset-to-u.patch + patches.suse/ext4-fix-race-conditions-in-d_compare-and-d_hash.patch + patches.suse/jbd2_seq_info_next-should-increase-position-index.patch + patches.suse/jbd2-switch-to-use-jbd2_journal_abort-when-failed-to.patch + patches.suse/ext4-jbd2-ensure-panic-when-aborting-with-zero-errno.patch + patches.suse/jbd2-make-sure-ESHUTDOWN-to-be-recorded-in-the-journ.patch + patches.suse/reiserfs-Fix-memory-leak-of-journal-device-string.patch + patches.suse/reiserfs-Fix-spurious-unlock-in-reiserfs_fill_super-.patch + patches.suse/udf-Allow-writing-to-Rewritable-partitions.patch + patches.suse/ubifs-Fix-FS_IOC_SETFLAGS-unexpectedly-clearing-encr.patch + patches.suse/ubifs-Fix-wrong-memory-allocation.patch + patches.suse/ubifs-Fix-deadlock-in-concurrent-bulk-read-and-write.patch + patches.suse/ubifs-Fix-ino_t-format-warnings-in-orphan_delete.patch + patches.suse/ubifs-Fix-memory-leak-from-c-sup_node.patch patches.suse/mtd-onenand_base-Adjust-indentation-in-onenand_read_.patch patches.suse/mtd-sharpslpart-Fix-unsigned-comparison-to-zero.patch patches.suse/kvm-svm-override-default-mmio-mask-if-memory-encryption-is-enabled @@ -8642,6 +8678,7 @@ patches.suse/x86-resctrl-fix-use-after-free-due-to-inaccurate-refcount-of-rdtgroup.patch patches.suse/x86-resctrl-fix-a-deadlock-due-to-inaccurate-reference.patch patches.suse/0005-modsign-print-module-name-along-with-error-message.patch + patches.suse/memcg-fix-a-crash-in-wb_workfn-when-a-device-disappe.patch patches.suse/0001-mm-sparse.c-reset-section-s-mem_map-when-fully-deact.patch patches.suse/mm-thp-don-t-need-care-deferred-split-queue-in-memcg-charge-move-path.patch patches.suse/ocfs2-make-local-header-paths-relative-to-C-files.patch @@ -8852,6 +8889,9 @@ patches.suse/0023-bcache-add-readahead-cache-policy-options-via-sysfs-.patch patches.suse/0024-bcache-fix-incorrect-data-type-usage-in-btree_flush_.patch patches.suse/0025-bcache-check-return-value-of-prio_read.patch + patches.suse/block-bfq-do-not-plug-I-O-for-bfq_queues-with-no-pro.patch + patches.suse/eventfd-track-eventfd_signal-recursion-depth.patch + patches.suse/aio-prevent-potential-eventfd-recursion-on-poll.patch patches.suse/tracing-fix-very-unlikely-race-of-registering-two-stat-tracers.patch patches.suse/tracing-fix-tracing_stat-return-values-in-error-handling-paths.patch patches.suse/tracing-simplify-assignment-parsing-for-hist-triggers.patch @@ -8995,6 +9035,12 @@ patches.suse/RDMA-rxe-Fix-soft-lockup-problem-due-to-using-taskle.patch patches.suse/RDMA-core-Fix-protection-fault-in-get_pkey_idx_qp_li.patch patches.suse/IB-mlx5-Use-div64_u64-for-num_var_hw_entries-calcula.patch + patches.suse/ext4-fix-support-for-inode-sizes-1024-bytes.patch + patches.suse/ext4-fix-checksum-errors-with-indexed-dirs.patch + patches.suse/ext4-add-cond_resched-to-ext4_protect_reserved_inode.patch + patches.suse/jbd2-move-the-clearing-of-b_modified-flag-to-the-jou.patch + patches.suse/jbd2-do-not-clear-the-BH_Mapped-flag-when-forgetting.patch + patches.suse/ext4-improve-explanation-of-a-mount-failure-caused-b.patch patches.suse/cifs-fix-mount-option-display-for-sec-krb5i.patch patches.suse/0026-bcache-ignore-pending-signals-when-creating-gc-and-a.patch patches.suse/0027-bcache-Revert-bcache-shrink-btree-node-cache-after-b.patch