All of lore.kernel.org
 help / color / mirror / Atom feed
* Re: [PATCH] phy: core: Add consumer device link support
From: Andy Shevchenko @ 2020-02-14 18:46 UTC (permalink / raw)
  To: Alexandre Torgue
  Cc: Kishon Vijay Abraham I, youling 257, Yoshihiro Shimoda,
	Greg Kroah-Hartman, Linux Kernel Mailing List, USB, saravanak
In-Reply-To: <1cd5885d-7db4-59b9-ef2d-e3556f60ca68@st.com>

On Mon, Feb 10, 2020 at 1:32 PM Alexandre Torgue
<alexandre.torgue@st.com> wrote:
> On 2/10/20 9:08 AM, Kishon Vijay Abraham I wrote:
> > On 07/02/20 12:27 PM, youling 257 wrote:
> >> test this diff, dwc3 work for my device, thanks.
> >>
> >> 2020-02-07 13:16 GMT+08:00, Kishon Vijay Abraham I <kishon@ti.com>:
> >>> On 06/02/20 7:09 PM, youling257 wrote:
> >>>> This patch cause "dwc3 dwc3.3.auto: failed to create device link to
> >>>> dwc3.3.auto.ulpi" problem.
> >>>> https://bugzilla.kernel.org/show_bug.cgi?id=206435

+1 to the report.
Please revert for v5.6 or provide a fix ASAP!

> >>>
> >>> I'm suspecting there is some sort of reverse dependency with dwc3 ULPI.
> >>> Can you try the following diff?
> >>>
> >>> diff --git a/drivers/phy/phy-core.c b/drivers/phy/phy-core.c
> >>> index 2eb28cc2d2dc..397311dcb116 100644
> >>> --- a/drivers/phy/phy-core.c
> >>> +++ b/drivers/phy/phy-core.c
> >>> @@ -687,7 +687,7 @@ struct phy *phy_get(struct device *dev, const char
> >>> *string)
> >>>
> >>>          get_device(&phy->dev);
> >>>
> >>> -       link = device_link_add(dev, &phy->dev, DL_FLAG_STATELESS);
> >>> +       link = device_link_add(dev, &phy->dev, DL_FLAG_SYNC_STATE_ONLY);
> >>>          if (!link) {
> >>>                  dev_err(dev, "failed to create device link to %s\n",
> >>>                          dev_name(phy->dev.parent));
> >>> @@ -802,7 +802,7 @@ struct phy *devm_of_phy_get(struct device *dev,
> >>> struct device_node *np,
> >>>                  return phy;
> >>>          }
> >>>
> >>> -       link = device_link_add(dev, &phy->dev, DL_FLAG_STATELESS);
> >>> +       link = device_link_add(dev, &phy->dev, DL_FLAG_SYNC_STATE_ONLY);
> >>>          if (!link) {
> >>>                  dev_err(dev, "failed to create device link to %s\n",
> >>>                          dev_name(phy->dev.parent));
> >>> @@ -851,7 +851,7 @@ struct phy *devm_of_phy_get_by_index(struct device
> >>> *dev, struct device_node *np,
> >>>          *ptr = phy;
> >>>          devres_add(dev, ptr);
> >>>
> >>> -       link = device_link_add(dev, &phy->dev, DL_FLAG_STATELESS);
> >>> +       link = device_link_add(dev, &phy->dev, DL_FLAG_SYNC_STATE_ONLY);
> >>>          if (!link) {
> >>>                  dev_err(dev, "failed to create device link to %s\n",
> >>>                          dev_name(phy->dev.parent));Parent
> >
> > Can you check if this doesn't affect the suspend/resume ordering?
>
> With this fix, suspend/resume ordering is broken on my side. What do you
> think to keep the STATELESS flag and to only display a warn if
> "device_link_add" returns an error ? It's not "smart" but it could
> solved our issue.
>
> As a lot of improvements have been recently done on device link topic by
> Saravana, we could check with him what is the way to follow.
>
> Regards
> Alex
>
> >
> > Thanks
> > Kishon
> >



-- 
With Best Regards,
Andy Shevchenko

^ permalink raw reply

* [meta-python][PATCH] python3-bcrypt: consolidate inc and bb files into a single bb file
From: Derek Straka @ 2020-02-14 18:45 UTC (permalink / raw)
  To: openembedded-devel

Signed-off-by: Derek Straka <derek@asterius.io>
---
 .../recipes-devtools/python/python-bcrypt.inc | 17 -----------------
 .../python/python3-bcrypt_3.1.7.bb            | 19 +++++++++++++++++--
 2 files changed, 17 insertions(+), 19 deletions(-)
 delete mode 100644 meta-python/recipes-devtools/python/python-bcrypt.inc

diff --git a/meta-python/recipes-devtools/python/python-bcrypt.inc b/meta-python/recipes-devtools/python/python-bcrypt.inc
deleted file mode 100644
index a264003293..0000000000
--- a/meta-python/recipes-devtools/python/python-bcrypt.inc
+++ /dev/null
@@ -1,17 +0,0 @@
-DESCRIPTION = "Modern password hashing for your software and your servers."
-LICENSE = "Apache-2.0"
-LIC_FILES_CHKSUM = "file://LICENSE;md5=8f7bb094c7232b058c7e9f2e431f389c"
-
-DEPENDS += "${PYTHON_PN}-cffi-native"
-
-SRC_URI[md5sum] = "5d6f93b575ce52470af37a8e7dce76fe"
-SRC_URI[sha256sum] = "0b0069c752ec14172c5f78208f1863d7ad6755a6fae6fe76ec2c80d13be41e42"
-
-inherit pypi
-
-RDEPENDS_${PN}_class-target += "\
-    ${PYTHON_PN}-cffi \
-    ${PYTHON_PN}-ctypes \
-    ${PYTHON_PN}-shell \
-    ${PYTHON_PN}-six \
-"
diff --git a/meta-python/recipes-devtools/python/python3-bcrypt_3.1.7.bb b/meta-python/recipes-devtools/python/python3-bcrypt_3.1.7.bb
index d2ec9e386c..0f2d31f537 100644
--- a/meta-python/recipes-devtools/python/python3-bcrypt_3.1.7.bb
+++ b/meta-python/recipes-devtools/python/python3-bcrypt_3.1.7.bb
@@ -1,2 +1,17 @@
-inherit setuptools3
-require python-bcrypt.inc
+DESCRIPTION = "Modern password hashing for your software and your servers."
+LICENSE = "Apache-2.0"
+LIC_FILES_CHKSUM = "file://LICENSE;md5=8f7bb094c7232b058c7e9f2e431f389c"
+
+DEPENDS += "${PYTHON_PN}-cffi-native"
+
+SRC_URI[md5sum] = "5d6f93b575ce52470af37a8e7dce76fe"
+SRC_URI[sha256sum] = "0b0069c752ec14172c5f78208f1863d7ad6755a6fae6fe76ec2c80d13be41e42"
+
+inherit pypi setuptools3
+
+RDEPENDS_${PN}_class-target += "\
+    ${PYTHON_PN}-cffi \
+    ${PYTHON_PN}-ctypes \
+    ${PYTHON_PN}-shell \
+    ${PYTHON_PN}-six \
+"
-- 
2.17.1



^ permalink raw reply related

* Re: [PATCH v2 0/5] fstests: overlay: initial support for aufs and
From: Amir Goldstein @ 2020-02-14 18:45 UTC (permalink / raw)
  To: Mauricio Faria de Oliveira; +Cc: fstests, overlayfs
In-Reply-To: <20200214151848.8328-1-mfo@canonical.com>

+CC: <linux-unionfs@vger.kernel.org>

On Fri, Feb 14, 2020 at 5:18 PM Mauricio Faria de Oliveira
<mfo@canonical.com> wrote:
>
> This patchset allows the existing support for overlay to be used with
> aufs and fuse-overlayfs, so the increase the coverage/test tools that
> are available for these filesystems.
>
> Initial numbers on v5.4-based Ubuntu kernel on Ubuntu Eoan/19.10
> (fuse-overlay installed from distro package), few tests excluded:
>
>  OVL_FSTYP=aufs
>  - Ran: 645 tests
>  - Not run: 483 tests
>  - Failures: 22 tests
>
>  OVL_FSTYP=fuse.fuse-overlayfs
>  - Ran: 530
>  - Not run: 395
>  - Failures: 29
>

It'd be interesting to know the baseline - what are those numbers for
OVL_FSTYP=overlay with same kernel?

Thanks,
Amir.

> Thanks to Amir Goldstein for review/improvements/suggestions.
>
> Changes:
>  - v2:
>    - fix tests/overlay that hardcode the overlay fs type
>    - add support to fuse-overlayfs with +3 other patches
>  - v1:
>    - [PATCH] common/overlay,rc: introduce OVL_ALT_FSTYP for testing aufs
>
> Mauricio Faria de Oliveira (5):
>   common/overlay,rc,config: introduce OVL_FSTYP variable and aufs
>   tests/overlay: mount: replace overlay hardcode with OVL_FSTYP variable
>   common/rc: introduce new helper function _fs_type_dev_dir()
>   common/rc: add quirks for fuse-overlayfs device/mount point
>   common/overlay: silence some mount messages for fuse-overlayfs
>
>  README.overlay    |  5 ++++
>  common/config     |  2 ++
>  common/overlay    | 29 +++++++++++++++++++---
>  common/rc         | 61 ++++++++++++++++++++++++++++++++++++++++-------
>  tests/overlay/011 |  2 +-
>  tests/overlay/035 |  2 +-
>  tests/overlay/052 |  4 ++--
>  tests/overlay/053 |  4 ++--
>  tests/overlay/062 |  2 +-
>  9 files changed, 92 insertions(+), 19 deletions(-)
>
> --
> 2.20.1
>

^ permalink raw reply

* Re: [PATCH v5 1/7] mm: pass task and mm to do_madvise
From: Minchan Kim @ 2020-02-14 18:45 UTC (permalink / raw)
  To: Jens Axboe
  Cc: Jann Horn, io-uring, Andrew Morton, LKML, linux-mm, Linux API,
	Oleksandr Natalenko, Suren Baghdasaryan, Tim Murray,
	Daniel Colascione, Sandeep Patil, Sonny Rao, Brian Geffon,
	Michal Hocko, Johannes Weiner, Shakeel Butt, John Dias,
	Joel Fernandes, sj38.park, Alexander Duyck
In-Reply-To: <68044a15-6a31-e432-3105-f2f1af9f4b74@kernel.dk>

On Fri, Feb 14, 2020 at 11:22:08AM -0700, Jens Axboe wrote:
> On 2/14/20 10:25 AM, Jann Horn wrote:
> > +Jens and io-uring list
> > 
> > On Fri, Feb 14, 2020 at 6:06 PM Minchan Kim <minchan@kernel.org> wrote:
> >> In upcoming patches, do_madvise will be called from external process
> >> context so we shouldn't asssume "current" is always hinted process's
> >> task_struct.
> > [...]
> >> [1] http://lore.kernel.org/r/CAG48ez27=pwm5m_N_988xT1huO7g7h6arTQL44zev6TD-h-7Tg@mail.gmail.com
> > [...]
> >> diff --git a/fs/io_uring.c b/fs/io_uring.c
> > [...]
> >> @@ -2736,7 +2736,7 @@ static int io_madvise(struct io_kiocb *req, struct io_kiocb **nxt,
> >>         if (force_nonblock)
> >>                 return -EAGAIN;
> >>
> >> -       ret = do_madvise(ma->addr, ma->len, ma->advice);
> >> +       ret = do_madvise(current, current->mm, ma->addr, ma->len, ma->advice);
> >>         if (ret < 0)
> >>                 req_set_fail_links(req);
> >>         io_cqring_add_event(req, ret);
> > 
> > Jens, can you have a look at this change and the following patch
> > <https://lore.kernel.org/linux-mm/20200214170520.160271-4-minchan@kernel.org/>
> > ("[PATCH v5 3/7] mm: check fatal signal pending of target process")?
> > Basically Minchan's patch tries to plumb through the identity of the
> > target task so that if that task gets killed in the middle of the
> > operation, the (potentially long-running and costly) madvise operation
> > can be cancelled. Just passing in "current" instead (which in this
> > case is the uring worker thread AFAIK) doesn't really break anything,
> > other than making the optimization not work, but I wonder whether this
> > couldn't be done more cleanly - maybe by passing in NULL to mean "we
> > don't know who the target task is", since I think we don't know that
> > here?
> 
> Thanks for bringing this to my attention, patches that touch io_uring
> (or anything else) really should be CC'ed to the maintainer(s) of those
> areas...

Hi Jens, it was my mistake. Sorry for that.

> 
> Yeah, the change above won't do the right thing for io_uring, in fact
> it'll always be the wrong task. So I'd second Jann's question, and ask
> if we really need the actual task, or if NULL could be used? For
> cancelation purposes, I'm guessing you want the task that's actually
> doing the operation, even if it's on behalf of someone else. That makes
> the interface a bit weird, as you'd assume the task/mm passed in would
> be related to the madvise itself, not just for cancelation.
> 
> Would be nice with some clarification, so we can figure out an approach
> that would actually work.

MADV_(COLD|PAGEOUT) checks both caller and callee and the part aims for
callee(ie, target task). Thus, we could pass NULL for io_madvise if
it couldn't know who is target and let's have NULL check before the
fatal_signal_pending. I will put following checks in [3/7].

	if (private->target_Task &&
			fatal_signal_pending(private->target_task))
		return -EINTR;

From d008a5a1049b03b3e0eeef7121faead2b6555f49 Mon Sep 17 00:00:00 2001
From: Minchan Kim <minchan@kernel.org>
Date: Fri, 14 Feb 2020 07:29:58 -0800
Subject: [PATCH] mm: pass task and mm to do_madvise

In upcoming patches, do_madvise will be called from external process
context so we shouldn't asssume "current" is always hinted process's
task_struct. Furthermore, we couldn't access mm_struct via task->mm
once it's verified by access_mm which will be introduced in next
patch[1]. And let's pass *current* and current->mm as arguments of
do_madvise so it shouldn't change existing behavior but prepare
next patch to make review easy.

Note: io_madvise pass NULL as target_tas argument of do_madvise
because it couldn't know who is target.

[1] http://lore.kernel.org/r/CAG48ez27=pwm5m_N_988xT1huO7g7h6arTQL44zev6TD-h-7Tg@mail.gmail.com

Cc: Jens Axboe <axboe@kernel.dk>
Cc: Jann Horn <jannh@google.com>
Signed-off-by: Minchan Kim <minchan@kernel.org>
---
 fs/io_uring.c      |  2 +-
 include/linux/mm.h |  3 ++-
 mm/madvise.c       | 34 +++++++++++++++++++---------------
 3 files changed, 22 insertions(+), 17 deletions(-)

diff --git a/fs/io_uring.c b/fs/io_uring.c
index 63beda9bafc5..1c7e9cd6c8ce 100644
--- a/fs/io_uring.c
+++ b/fs/io_uring.c
@@ -2736,7 +2736,7 @@ static int io_madvise(struct io_kiocb *req, struct io_kiocb **nxt,
 	if (force_nonblock)
 		return -EAGAIN;
 
-	ret = do_madvise(ma->addr, ma->len, ma->advice);
+	ret = do_madvise(NULL, current->mm, ma->addr, ma->len, ma->advice);
 	if (ret < 0)
 		req_set_fail_links(req);
 	io_cqring_add_event(req, ret);
diff --git a/include/linux/mm.h b/include/linux/mm.h
index 52269e56c514..beb9259f9ed1 100644
--- a/include/linux/mm.h
+++ b/include/linux/mm.h
@@ -2323,7 +2323,8 @@ extern int __do_munmap(struct mm_struct *, unsigned long, size_t,
 		       struct list_head *uf, bool downgrade);
 extern int do_munmap(struct mm_struct *, unsigned long, size_t,
 		     struct list_head *uf);
-extern int do_madvise(unsigned long start, size_t len_in, int behavior);
+extern int do_madvise(struct task_struct *task, struct mm_struct *mm,
+		unsigned long start, size_t len_in, int behavior);
 
 static inline unsigned long
 do_mmap_pgoff(struct file *file, unsigned long addr,
diff --git a/mm/madvise.c b/mm/madvise.c
index 43b47d3fae02..f75c86b6c463 100644
--- a/mm/madvise.c
+++ b/mm/madvise.c
@@ -254,6 +254,7 @@ static long madvise_willneed(struct vm_area_struct *vma,
 			     struct vm_area_struct **prev,
 			     unsigned long start, unsigned long end)
 {
+	struct mm_struct *mm = vma->vm_mm;
 	struct file *file = vma->vm_file;
 	loff_t offset;
 
@@ -288,12 +289,12 @@ static long madvise_willneed(struct vm_area_struct *vma,
 	 */
 	*prev = NULL;	/* tell sys_madvise we drop mmap_sem */
 	get_file(file);
-	up_read(&current->mm->mmap_sem);
+	up_read(&mm->mmap_sem);
 	offset = (loff_t)(start - vma->vm_start)
 			+ ((loff_t)vma->vm_pgoff << PAGE_SHIFT);
 	vfs_fadvise(file, offset, end - start, POSIX_FADV_WILLNEED);
 	fput(file);
-	down_read(&current->mm->mmap_sem);
+	down_read(&mm->mmap_sem);
 	return 0;
 }
 
@@ -676,7 +677,6 @@ static int madvise_free_pte_range(pmd_t *pmd, unsigned long addr,
 	if (nr_swap) {
 		if (current->mm == mm)
 			sync_mm_rss(mm);
-
 		add_mm_counter(mm, MM_SWAPENTS, nr_swap);
 	}
 	arch_leave_lazy_mmu_mode();
@@ -756,6 +756,8 @@ static long madvise_dontneed_free(struct vm_area_struct *vma,
 				  unsigned long start, unsigned long end,
 				  int behavior)
 {
+	struct mm_struct *mm = vma->vm_mm;
+
 	*prev = vma;
 	if (!can_madv_lru_vma(vma))
 		return -EINVAL;
@@ -763,8 +765,8 @@ static long madvise_dontneed_free(struct vm_area_struct *vma,
 	if (!userfaultfd_remove(vma, start, end)) {
 		*prev = NULL; /* mmap_sem has been dropped, prev is stale */
 
-		down_read(&current->mm->mmap_sem);
-		vma = find_vma(current->mm, start);
+		down_read(&mm->mmap_sem);
+		vma = find_vma(mm, start);
 		if (!vma)
 			return -ENOMEM;
 		if (start < vma->vm_start) {
@@ -818,6 +820,7 @@ static long madvise_remove(struct vm_area_struct *vma,
 	loff_t offset;
 	int error;
 	struct file *f;
+	struct mm_struct *mm = vma->vm_mm;
 
 	*prev = NULL;	/* tell sys_madvise we drop mmap_sem */
 
@@ -845,13 +848,13 @@ static long madvise_remove(struct vm_area_struct *vma,
 	get_file(f);
 	if (userfaultfd_remove(vma, start, end)) {
 		/* mmap_sem was not released by userfaultfd_remove() */
-		up_read(&current->mm->mmap_sem);
+		up_read(&mm->mmap_sem);
 	}
 	error = vfs_fallocate(f,
 				FALLOC_FL_PUNCH_HOLE | FALLOC_FL_KEEP_SIZE,
 				offset, end - start);
 	fput(f);
-	down_read(&current->mm->mmap_sem);
+	down_read(&mm->mmap_sem);
 	return error;
 }
 
@@ -1044,7 +1047,8 @@ madvise_behavior_valid(int behavior)
  *  -EBADF  - map exists, but area maps something that isn't a file.
  *  -EAGAIN - a kernel resource was temporarily unavailable.
  */
-int do_madvise(unsigned long start, size_t len_in, int behavior)
+int do_madvise(struct task_struct *target_task, struct mm_struct *mm,
+		unsigned long start, size_t len_in, int behavior)
 {
 	unsigned long end, tmp;
 	struct vm_area_struct *vma, *prev;
@@ -1082,10 +1086,10 @@ int do_madvise(unsigned long start, size_t len_in, int behavior)
 
 	write = madvise_need_mmap_write(behavior);
 	if (write) {
-		if (down_write_killable(&current->mm->mmap_sem))
+		if (down_write_killable(&mm->mmap_sem))
 			return -EINTR;
 	} else {
-		down_read(&current->mm->mmap_sem);
+		down_read(&mm->mmap_sem);
 	}
 
 	/*
@@ -1093,7 +1097,7 @@ int do_madvise(unsigned long start, size_t len_in, int behavior)
 	 * ranges, just ignore them, but return -ENOMEM at the end.
 	 * - different from the way of handling in mlock etc.
 	 */
-	vma = find_vma_prev(current->mm, start, &prev);
+	vma = find_vma_prev(mm, start, &prev);
 	if (vma && start > vma->vm_start)
 		prev = vma;
 
@@ -1130,19 +1134,19 @@ int do_madvise(unsigned long start, size_t len_in, int behavior)
 		if (prev)
 			vma = prev->vm_next;
 		else	/* madvise_remove dropped mmap_sem */
-			vma = find_vma(current->mm, start);
+			vma = find_vma(mm, start);
 	}
 out:
 	blk_finish_plug(&plug);
 	if (write)
-		up_write(&current->mm->mmap_sem);
+		up_write(&mm->mmap_sem);
 	else
-		up_read(&current->mm->mmap_sem);
+		up_read(&mm->mmap_sem);
 
 	return error;
 }
 
 SYSCALL_DEFINE3(madvise, unsigned long, start, size_t, len_in, int, behavior)
 {
-	return do_madvise(start, len_in, behavior);
+	return do_madvise(current, current->mm, start, len_in, behavior);
 }
-- 
2.25.0.265.gbab2e86ba0-goog

^ permalink raw reply related

* Re: [PATCH v1 00/12] arm64: dts: librem5-devkit: description updates
From: Guido Günther @ 2020-02-14 18:44 UTC (permalink / raw)
  To: Martin Kepplinger
  Cc: mark.rutland, robh, kernel, Anson.Huang, devicetree, shawnguo,
	s.hauer, linux-kernel, linux-imx, kernel, festevam,
	linux-arm-kernel
In-Reply-To: <5f81b30a-d00f-9331-dc70-161376cfc008@puri.sm>

Hi,
On Thu, Feb 13, 2020 at 03:08:57PM +0100, Martin Kepplinger wrote:
> On 05.02.20 15:29, Martin Kepplinger wrote:
> > These are additions to the imx8mq-librem5-devkit devicetree description
> > we are running for quite some time. All users should have them:
> > 
> > Angus Ainslie (Purism) (11):
> >   arm64: dts: librem5-devkit: add sai2 and sai6 pinctrl definitions
> >   arm64: dts: librem5-devkit: add the simcom 7100 modem and audio
> >   arm64: dts: librem5-devkit: allow modem to wake the system from
> >     suspend
> >   arm64: dts: librem5-devkit: enable sai2 audio interface
> >   arm64: dts: librem5-devkit: add the sgtl5000 i2c audio codec
> >   arm64: dts: librem5-devkit: add a vbus supply to usb0
> >   arm64: dts: librem5-devkit: add the regulators for DVFS
> >   arm64: dts: librem5-devkit: add a battery for the bq25896 to monitor
> >   arm64: dts: librem5-devkit: allow the redpine card to be removed
> >   arm64: dts: librem5-devkit: configure VSELECT
> >   arm64: dts: librem5-devkit: increase the VBUS current in the kernel
> > 
> > Martin Kepplinger (1):
> >   arm64: dts: librem5-devkit: add lsm9ds1 mount matrix
> > 
> >  .../dts/freescale/imx8mq-librem5-devkit.dts   | 173 +++++++++++++++++-
> >  1 file changed, 165 insertions(+), 8 deletions(-)
> > 
> 
> hi,
> 
> any objections or opinions on these additions?

I think

'arm64: dts: librem5-devkit: add a battery for the bq25896 to monitor'

should be dropped since the driver does not process any battery
information.

Cheers,
 -- Guido

> 
> thanks!
> 
>                                   martin

_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel

^ permalink raw reply

* Re: [PATCH v1 00/12] arm64: dts: librem5-devkit: description updates
From: Guido Günther @ 2020-02-14 18:44 UTC (permalink / raw)
  To: Martin Kepplinger
  Cc: robh, mark.rutland, shawnguo, s.hauer, kernel, festevam,
	linux-imx, Anson.Huang, devicetree, kernel, linux-arm-kernel,
	linux-kernel
In-Reply-To: <5f81b30a-d00f-9331-dc70-161376cfc008@puri.sm>

Hi,
On Thu, Feb 13, 2020 at 03:08:57PM +0100, Martin Kepplinger wrote:
> On 05.02.20 15:29, Martin Kepplinger wrote:
> > These are additions to the imx8mq-librem5-devkit devicetree description
> > we are running for quite some time. All users should have them:
> > 
> > Angus Ainslie (Purism) (11):
> >   arm64: dts: librem5-devkit: add sai2 and sai6 pinctrl definitions
> >   arm64: dts: librem5-devkit: add the simcom 7100 modem and audio
> >   arm64: dts: librem5-devkit: allow modem to wake the system from
> >     suspend
> >   arm64: dts: librem5-devkit: enable sai2 audio interface
> >   arm64: dts: librem5-devkit: add the sgtl5000 i2c audio codec
> >   arm64: dts: librem5-devkit: add a vbus supply to usb0
> >   arm64: dts: librem5-devkit: add the regulators for DVFS
> >   arm64: dts: librem5-devkit: add a battery for the bq25896 to monitor
> >   arm64: dts: librem5-devkit: allow the redpine card to be removed
> >   arm64: dts: librem5-devkit: configure VSELECT
> >   arm64: dts: librem5-devkit: increase the VBUS current in the kernel
> > 
> > Martin Kepplinger (1):
> >   arm64: dts: librem5-devkit: add lsm9ds1 mount matrix
> > 
> >  .../dts/freescale/imx8mq-librem5-devkit.dts   | 173 +++++++++++++++++-
> >  1 file changed, 165 insertions(+), 8 deletions(-)
> > 
> 
> hi,
> 
> any objections or opinions on these additions?

I think

'arm64: dts: librem5-devkit: add a battery for the bq25896 to monitor'

should be dropped since the driver does not process any battery
information.

Cheers,
 -- Guido

> 
> thanks!
> 
>                                   martin

^ permalink raw reply

* Re: [Intel-gfx] [PATCH i-g-t] lib/i915/gem_engine_topology.c - intel_get_current_engine invalid result
From: Chris Wilson @ 2020-02-14 18:44 UTC (permalink / raw)
  To: Antonio Argenziano, Dale B Stimson, igt-dev, intel-gfx
In-Reply-To: <9d522af3-470d-52f2-51e1-fef2ffdcfaa8@intel.com>

Quoting Antonio Argenziano (2020-02-14 18:43:01)
> 
> 
> On 13/02/20 11:26, Dale B Stimson wrote:
> > Function intel_get_current_engine() should return NULL (instead of
> > engine 0) if there are no engines.
> > 
> > Function intel_init_engine_list() should not store potential engine
> > data in the output structure unless the engine is present.
> > 
> > Function intel_init_engine_list() should arguably not filter the static
> > engine list with gem_has_ring if fd == -1, so that subtests can still
> > be individually invoked to show subtest FAIL instead of test notrun.
> > 
> > Symptom: A device open failure in gem_ctx_isolation resulted in
> > an endless __for_each_physical_engine "per-engine" loop with the
> > purported last potential engine being processed every time.
> > 
> > Diagnosis: device open (or debugfs open) failed, leaving fd == -1.
> > Control skipped the rest of the initial igt_fixture block, after
> > which an attempt was made to iterate through engines using macro
> > __for_each_physical_engine.
> > 
> > Macro __for_each_physical_engine called intel_init_engine_list()
> > to initialize the loop control data.  Because fd == -1,
> > intel_init_engine_list() fell back to using __for_each_static_engine().
> > All of the engines in the static engine list are rejected due to
> > gem_has_ring returning false (because of fd == -1), leaving 0 engines.
> > That resulted in loop control data with engine_data.nengines == 0
> > and the data for the last engine considered stored at index 0.
> > 
> > Still in macro __for_each_physical_engine, intel_get_current_engine()
> > was called to get the engine to process.  It should have returned NULL,
> > but instead returned the engine entry at index 0, which
> > had received information describing the last potential engine.
> > This happened without end.
> > 
> > Signed-off-by: Dale B Stimson <dale.b.stimson@intel.com>
> > ---
> >   lib/i915/gem_engine_topology.c | 29 ++++++++++++++++-------------
> >   1 file changed, 16 insertions(+), 13 deletions(-)
> > 
> > diff --git a/lib/i915/gem_engine_topology.c b/lib/i915/gem_engine_topology.c
> > index 9daa03df4..b8ed49bc9 100644
> > --- a/lib/i915/gem_engine_topology.c
> > +++ b/lib/i915/gem_engine_topology.c
> > @@ -156,10 +156,10 @@ static void query_engine_list(int fd, struct intel_engine_data *ed)
> >   struct intel_execution_engine2 *
> >   intel_get_current_engine(struct intel_engine_data *ed)
> >   {
> > -     if (!ed->n)
> > -             ed->current_engine = &ed->engines[0];
> > -     else if (ed->n >= ed->nengines)
> > +     if (ed->n >= ed->nengines)
> >               ed->current_engine = NULL;
> > +     else if (!ed->n)
> > +             ed->current_engine = &ed->engines[0];
> >   
> >       return ed->current_engine;
> >   }
> > @@ -222,18 +222,21 @@ struct intel_engine_data intel_init_engine_list(int fd, uint32_t ctx_id)
> >               igt_debug("using pre-allocated engine list\n");
> >   
> >               __for_each_static_engine(e2) {
> > -                     struct intel_execution_engine2 *__e2 =
> > -                             &engine_data.engines[engine_data.nengines];
> > -
> > -                     strcpy(__e2->name, e2->name);
> > -                     __e2->instance   = e2->instance;
> > -                     __e2->class      = e2->class;
> > -                     __e2->flags      = e2->flags;
> > -                     __e2->is_virtual = false;
> > -
> >                       if (igt_only_list_subtests() ||
> > -                         gem_has_ring(fd, e2->flags))
> > +                         (fd < 0) ||
> 
> Patch LGTM, Chris do you have any issues merging this before someone 
> implements some tests for the infrastructure?

It seems like a really trivial one to write a test for. 3 minutes
tops... Just do it.
-Chris
_______________________________________________
Intel-gfx mailing list
Intel-gfx@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/intel-gfx

^ permalink raw reply

* Re: [igt-dev] [PATCH i-g-t] lib/i915/gem_engine_topology.c - intel_get_current_engine invalid result
From: Chris Wilson @ 2020-02-14 18:44 UTC (permalink / raw)
  To: Antonio Argenziano, Dale B Stimson, igt-dev, intel-gfx; +Cc: Petri Latvala
In-Reply-To: <9d522af3-470d-52f2-51e1-fef2ffdcfaa8@intel.com>

Quoting Antonio Argenziano (2020-02-14 18:43:01)
> 
> 
> On 13/02/20 11:26, Dale B Stimson wrote:
> > Function intel_get_current_engine() should return NULL (instead of
> > engine 0) if there are no engines.
> > 
> > Function intel_init_engine_list() should not store potential engine
> > data in the output structure unless the engine is present.
> > 
> > Function intel_init_engine_list() should arguably not filter the static
> > engine list with gem_has_ring if fd == -1, so that subtests can still
> > be individually invoked to show subtest FAIL instead of test notrun.
> > 
> > Symptom: A device open failure in gem_ctx_isolation resulted in
> > an endless __for_each_physical_engine "per-engine" loop with the
> > purported last potential engine being processed every time.
> > 
> > Diagnosis: device open (or debugfs open) failed, leaving fd == -1.
> > Control skipped the rest of the initial igt_fixture block, after
> > which an attempt was made to iterate through engines using macro
> > __for_each_physical_engine.
> > 
> > Macro __for_each_physical_engine called intel_init_engine_list()
> > to initialize the loop control data.  Because fd == -1,
> > intel_init_engine_list() fell back to using __for_each_static_engine().
> > All of the engines in the static engine list are rejected due to
> > gem_has_ring returning false (because of fd == -1), leaving 0 engines.
> > That resulted in loop control data with engine_data.nengines == 0
> > and the data for the last engine considered stored at index 0.
> > 
> > Still in macro __for_each_physical_engine, intel_get_current_engine()
> > was called to get the engine to process.  It should have returned NULL,
> > but instead returned the engine entry at index 0, which
> > had received information describing the last potential engine.
> > This happened without end.
> > 
> > Signed-off-by: Dale B Stimson <dale.b.stimson@intel.com>
> > ---
> >   lib/i915/gem_engine_topology.c | 29 ++++++++++++++++-------------
> >   1 file changed, 16 insertions(+), 13 deletions(-)
> > 
> > diff --git a/lib/i915/gem_engine_topology.c b/lib/i915/gem_engine_topology.c
> > index 9daa03df4..b8ed49bc9 100644
> > --- a/lib/i915/gem_engine_topology.c
> > +++ b/lib/i915/gem_engine_topology.c
> > @@ -156,10 +156,10 @@ static void query_engine_list(int fd, struct intel_engine_data *ed)
> >   struct intel_execution_engine2 *
> >   intel_get_current_engine(struct intel_engine_data *ed)
> >   {
> > -     if (!ed->n)
> > -             ed->current_engine = &ed->engines[0];
> > -     else if (ed->n >= ed->nengines)
> > +     if (ed->n >= ed->nengines)
> >               ed->current_engine = NULL;
> > +     else if (!ed->n)
> > +             ed->current_engine = &ed->engines[0];
> >   
> >       return ed->current_engine;
> >   }
> > @@ -222,18 +222,21 @@ struct intel_engine_data intel_init_engine_list(int fd, uint32_t ctx_id)
> >               igt_debug("using pre-allocated engine list\n");
> >   
> >               __for_each_static_engine(e2) {
> > -                     struct intel_execution_engine2 *__e2 =
> > -                             &engine_data.engines[engine_data.nengines];
> > -
> > -                     strcpy(__e2->name, e2->name);
> > -                     __e2->instance   = e2->instance;
> > -                     __e2->class      = e2->class;
> > -                     __e2->flags      = e2->flags;
> > -                     __e2->is_virtual = false;
> > -
> >                       if (igt_only_list_subtests() ||
> > -                         gem_has_ring(fd, e2->flags))
> > +                         (fd < 0) ||
> 
> Patch LGTM, Chris do you have any issues merging this before someone 
> implements some tests for the infrastructure?

It seems like a really trivial one to write a test for. 3 minutes
tops... Just do it.
-Chris
_______________________________________________
igt-dev mailing list
igt-dev@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/igt-dev

^ permalink raw reply

* [PATCH AUTOSEL 4.19 077/252] net/wan/fsl_ucc_hdlc: reject muram offsets above 64K
From: Sasha Levin @ 2020-02-14 16:08 UTC (permalink / raw)
  To: linux-kernel, stable
  Cc: Sasha Levin, Timur Tabi, netdev, Rasmus Villemoes, Li Yang,
	linuxppc-dev, David S . Miller, Qiang Zhao
In-Reply-To: <20200214161147.15842-1-sashal@kernel.org>

From: Rasmus Villemoes <linux@rasmusvillemoes.dk>

[ Upstream commit 148587a59f6b85831695e0497d9dd1af5f0495af ]

Qiang Zhao points out that these offsets get written to 16-bit
registers, and there are some QE platforms with more than 64K
muram. So it is possible that qe_muram_alloc() gives us an allocation
that can't actually be used by the hardware, so detect and reject
that.

Reported-by: Qiang Zhao <qiang.zhao@nxp.com>
Reviewed-by: Timur Tabi <timur@kernel.org>
Signed-off-by: Rasmus Villemoes <linux@rasmusvillemoes.dk>
Acked-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Li Yang <leoyang.li@nxp.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
---
 drivers/net/wan/fsl_ucc_hdlc.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/drivers/net/wan/fsl_ucc_hdlc.c b/drivers/net/wan/fsl_ucc_hdlc.c
index daeab33f623e7..9ab04ef532f34 100644
--- a/drivers/net/wan/fsl_ucc_hdlc.c
+++ b/drivers/net/wan/fsl_ucc_hdlc.c
@@ -242,6 +242,11 @@ static int uhdlc_init(struct ucc_hdlc_private *priv)
 		ret = -ENOMEM;
 		goto free_riptr;
 	}
+	if (riptr != (u16)riptr || tiptr != (u16)tiptr) {
+		dev_err(priv->dev, "MURAM allocation out of addressable range\n");
+		ret = -ENOMEM;
+		goto free_tiptr;
+	}
 
 	/* Set RIPTR, TIPTR */
 	iowrite16be(riptr, &priv->ucc_pram->riptr);
-- 
2.20.1


^ permalink raw reply related

* Re: [Intel-gfx] [PATCH i-g-t] lib/i915/gem_engine_topology.c - intel_get_current_engine invalid result
From: Antonio Argenziano @ 2020-02-14 18:43 UTC (permalink / raw)
  To: Dale B Stimson, igt-dev, intel-gfx
In-Reply-To: <20200213192606.63025-1-dale.b.stimson@intel.com>



On 13/02/20 11:26, Dale B Stimson wrote:
> Function intel_get_current_engine() should return NULL (instead of
> engine 0) if there are no engines.
> 
> Function intel_init_engine_list() should not store potential engine
> data in the output structure unless the engine is present.
> 
> Function intel_init_engine_list() should arguably not filter the static
> engine list with gem_has_ring if fd == -1, so that subtests can still
> be individually invoked to show subtest FAIL instead of test notrun.
> 
> Symptom: A device open failure in gem_ctx_isolation resulted in
> an endless __for_each_physical_engine "per-engine" loop with the
> purported last potential engine being processed every time.
> 
> Diagnosis: device open (or debugfs open) failed, leaving fd == -1.
> Control skipped the rest of the initial igt_fixture block, after
> which an attempt was made to iterate through engines using macro
> __for_each_physical_engine.
> 
> Macro __for_each_physical_engine called intel_init_engine_list()
> to initialize the loop control data.  Because fd == -1,
> intel_init_engine_list() fell back to using __for_each_static_engine().
> All of the engines in the static engine list are rejected due to
> gem_has_ring returning false (because of fd == -1), leaving 0 engines.
> That resulted in loop control data with engine_data.nengines == 0
> and the data for the last engine considered stored at index 0.
> 
> Still in macro __for_each_physical_engine, intel_get_current_engine()
> was called to get the engine to process.  It should have returned NULL,
> but instead returned the engine entry at index 0, which
> had received information describing the last potential engine.
> This happened without end.
> 
> Signed-off-by: Dale B Stimson <dale.b.stimson@intel.com>
> ---
>   lib/i915/gem_engine_topology.c | 29 ++++++++++++++++-------------
>   1 file changed, 16 insertions(+), 13 deletions(-)
> 
> diff --git a/lib/i915/gem_engine_topology.c b/lib/i915/gem_engine_topology.c
> index 9daa03df4..b8ed49bc9 100644
> --- a/lib/i915/gem_engine_topology.c
> +++ b/lib/i915/gem_engine_topology.c
> @@ -156,10 +156,10 @@ static void query_engine_list(int fd, struct intel_engine_data *ed)
>   struct intel_execution_engine2 *
>   intel_get_current_engine(struct intel_engine_data *ed)
>   {
> -	if (!ed->n)
> -		ed->current_engine = &ed->engines[0];
> -	else if (ed->n >= ed->nengines)
> +	if (ed->n >= ed->nengines)
>   		ed->current_engine = NULL;
> +	else if (!ed->n)
> +		ed->current_engine = &ed->engines[0];
>   
>   	return ed->current_engine;
>   }
> @@ -222,18 +222,21 @@ struct intel_engine_data intel_init_engine_list(int fd, uint32_t ctx_id)
>   		igt_debug("using pre-allocated engine list\n");
>   
>   		__for_each_static_engine(e2) {
> -			struct intel_execution_engine2 *__e2 =
> -				&engine_data.engines[engine_data.nengines];
> -
> -			strcpy(__e2->name, e2->name);
> -			__e2->instance   = e2->instance;
> -			__e2->class      = e2->class;
> -			__e2->flags      = e2->flags;
> -			__e2->is_virtual = false;
> -
>   			if (igt_only_list_subtests() ||
> -			    gem_has_ring(fd, e2->flags))
> +			    (fd < 0) ||

Patch LGTM, Chris do you have any issues merging this before someone 
implements some tests for the infrastructure?

Acked-by: Antonio Argenziano <antonio.argenziano@intel.com>

> +			    gem_has_ring(fd, e2->flags)) {
> +				struct intel_execution_engine2 *__e2 =
> +					&engine_data.engines[
> +					engine_data.nengines];
> +
> +				strcpy(__e2->name, e2->name);
> +				__e2->instance   = e2->instance;
> +				__e2->class      = e2->class;
> +				__e2->flags      = e2->flags;
> +				__e2->is_virtual = false;
> +
>   				engine_data.nengines++;
> +                        }
>   		}
>   		return engine_data;
>   	}
> 
_______________________________________________
Intel-gfx mailing list
Intel-gfx@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/intel-gfx

^ permalink raw reply

* Re: [igt-dev] [PATCH i-g-t] lib/i915/gem_engine_topology.c - intel_get_current_engine invalid result
From: Antonio Argenziano @ 2020-02-14 18:43 UTC (permalink / raw)
  To: Dale B Stimson, igt-dev, intel-gfx; +Cc: Petri Latvala
In-Reply-To: <20200213192606.63025-1-dale.b.stimson@intel.com>



On 13/02/20 11:26, Dale B Stimson wrote:
> Function intel_get_current_engine() should return NULL (instead of
> engine 0) if there are no engines.
> 
> Function intel_init_engine_list() should not store potential engine
> data in the output structure unless the engine is present.
> 
> Function intel_init_engine_list() should arguably not filter the static
> engine list with gem_has_ring if fd == -1, so that subtests can still
> be individually invoked to show subtest FAIL instead of test notrun.
> 
> Symptom: A device open failure in gem_ctx_isolation resulted in
> an endless __for_each_physical_engine "per-engine" loop with the
> purported last potential engine being processed every time.
> 
> Diagnosis: device open (or debugfs open) failed, leaving fd == -1.
> Control skipped the rest of the initial igt_fixture block, after
> which an attempt was made to iterate through engines using macro
> __for_each_physical_engine.
> 
> Macro __for_each_physical_engine called intel_init_engine_list()
> to initialize the loop control data.  Because fd == -1,
> intel_init_engine_list() fell back to using __for_each_static_engine().
> All of the engines in the static engine list are rejected due to
> gem_has_ring returning false (because of fd == -1), leaving 0 engines.
> That resulted in loop control data with engine_data.nengines == 0
> and the data for the last engine considered stored at index 0.
> 
> Still in macro __for_each_physical_engine, intel_get_current_engine()
> was called to get the engine to process.  It should have returned NULL,
> but instead returned the engine entry at index 0, which
> had received information describing the last potential engine.
> This happened without end.
> 
> Signed-off-by: Dale B Stimson <dale.b.stimson@intel.com>
> ---
>   lib/i915/gem_engine_topology.c | 29 ++++++++++++++++-------------
>   1 file changed, 16 insertions(+), 13 deletions(-)
> 
> diff --git a/lib/i915/gem_engine_topology.c b/lib/i915/gem_engine_topology.c
> index 9daa03df4..b8ed49bc9 100644
> --- a/lib/i915/gem_engine_topology.c
> +++ b/lib/i915/gem_engine_topology.c
> @@ -156,10 +156,10 @@ static void query_engine_list(int fd, struct intel_engine_data *ed)
>   struct intel_execution_engine2 *
>   intel_get_current_engine(struct intel_engine_data *ed)
>   {
> -	if (!ed->n)
> -		ed->current_engine = &ed->engines[0];
> -	else if (ed->n >= ed->nengines)
> +	if (ed->n >= ed->nengines)
>   		ed->current_engine = NULL;
> +	else if (!ed->n)
> +		ed->current_engine = &ed->engines[0];
>   
>   	return ed->current_engine;
>   }
> @@ -222,18 +222,21 @@ struct intel_engine_data intel_init_engine_list(int fd, uint32_t ctx_id)
>   		igt_debug("using pre-allocated engine list\n");
>   
>   		__for_each_static_engine(e2) {
> -			struct intel_execution_engine2 *__e2 =
> -				&engine_data.engines[engine_data.nengines];
> -
> -			strcpy(__e2->name, e2->name);
> -			__e2->instance   = e2->instance;
> -			__e2->class      = e2->class;
> -			__e2->flags      = e2->flags;
> -			__e2->is_virtual = false;
> -
>   			if (igt_only_list_subtests() ||
> -			    gem_has_ring(fd, e2->flags))
> +			    (fd < 0) ||

Patch LGTM, Chris do you have any issues merging this before someone 
implements some tests for the infrastructure?

Acked-by: Antonio Argenziano <antonio.argenziano@intel.com>

> +			    gem_has_ring(fd, e2->flags)) {
> +				struct intel_execution_engine2 *__e2 =
> +					&engine_data.engines[
> +					engine_data.nengines];
> +
> +				strcpy(__e2->name, e2->name);
> +				__e2->instance   = e2->instance;
> +				__e2->class      = e2->class;
> +				__e2->flags      = e2->flags;
> +				__e2->is_virtual = false;
> +
>   				engine_data.nengines++;
> +                        }
>   		}
>   		return engine_data;
>   	}
> 
_______________________________________________
igt-dev mailing list
igt-dev@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/igt-dev

^ permalink raw reply

* Re: [PATCH v2 5/8] serial: 8250_port: Don't use power management for kernel console
From: Tony Lindgren @ 2020-02-14 18:42 UTC (permalink / raw)
  To: Andy Shevchenko
  Cc: Russell King - ARM Linux admin, Greg Kroah-Hartman, Jiri Slaby,
	linux-serial, Sebastian Andrzej Siewior
In-Reply-To: <20200214180935.GP10400@smile.fi.intel.com>

* Andy Shevchenko <andriy.shevchenko@linux.intel.com> [200214 18:10]:
> On Fri, Feb 14, 2020 at 09:13:48AM -0800, Tony Lindgren wrote:
> > * Russell King - ARM Linux admin <linux@armlinux.org.uk> [200214 13:40]:
> > > On Fri, Feb 14, 2020 at 01:43:36PM +0200, Andy Shevchenko wrote:
> > > > Doing any kind of power management for kernel console is really bad idea.
> > > > 
> > > > First of all, it runs in poll and atomic mode. This fact attaches a limitation
> > > > on the functions that might be called. For example, pm_runtime_get_sync() might
> > > > sleep and thus can't be used. This call needs, for example, to bring the device
> > > > to powered on state on the system, where the power on sequence may require
> > > > on-atomic operations, such as Intel Cherrytrail with ACPI enumerated UARTs.
> > > > That said, on ACPI enabled platforms it might even call firmware for a job.
> > > > 
> > > > On the other hand pm_runtime_get() doesn't guarantee that device will become
> > > > powered on fast enough.
> > > > 
> > > > Besides that, imagine the case when console is about to print a kernel Oops and
> > > > it's powered off. In such an emergency case calling the complex functions is
> > > > not the best what we can do, taking into consideration that user wants to see
> > > > at least something of the last kernel word before it passes away.
> > > > 
> > > > Here we modify the 8250 console code to prevent runtime power management.
> > > 
> > > It's probably also worth noting (and documenting) that this will likely
> > > cause a PM regression for OMAP platforms since the serial port will no
> > > longer be idled, and therefore the power domains will not hit retention
> > > state.  Please wait for Tony to confirm.
> > 
> > Well with patch 4 in this series we can now attach and detach the serial
> > console as we've discussed earlier.
> > 
> > This should remove the need for PM during serial console use hopefully :)
> > 
> > I'll try to test this series ASAP.
> 
> Tony, I have realized that last patch (two patches) makes a regression. So,
> I'll drop them in next version, please do not include them in your testing
> bucket.

OK. So far no luck getting console UART idled after detaching the
console with:

# echo N > /sys/class/tty/ttyS2/console

Any ideas what might be missing still?

Also, maybe we can get rid of the console_suspend_enabled stuff now
too in drivers and handle it in a generic way?

Regards,

Tony

^ permalink raw reply

* Re: [f2fs-dev] [PATCH 4/4] f2fs: clean up bggc mount option
From: Jaegeuk Kim @ 2020-02-14 18:42 UTC (permalink / raw)
  To: Chao Yu; +Cc: linux-kernel, linux-f2fs-devel
In-Reply-To: <20200214094413.12784-4-yuchao0@huawei.com>

On 02/14, Chao Yu wrote:
> There are three status for background gc: on, off and sync, it's
> a little bit confused to use test_opt(BG_GC) and test_opt(FORCE_FG_GC)
> combinations to indicate status of background gc.
> 
> So let's remove F2FS_MOUNT_BG_GC and F2FS_MOUNT_FORCE_FG_GC mount

I don't think we can do as well.

> options, and add F2FS_OPTION().bggc_mode with below three status
> to clean up codes and enhance bggc mode's scalability.
> 
> enum {
> 	BGGC_MODE_ON,		/* background gc is on */
> 	BGGC_MODE_OFF,		/* background gc is off */
> 	BGGC_MODE_SYNC,		/*
> 				 * background gc is on, migrating blocks
> 				 * like foreground gc
> 				 */
> };
> 
> Signed-off-by: Chao Yu <yuchao0@huawei.com>
> ---
>  fs/f2fs/f2fs.h  | 12 ++++++++++--
>  fs/f2fs/gc.c    |  6 +++++-
>  fs/f2fs/super.c | 29 +++++++++++++----------------
>  3 files changed, 28 insertions(+), 19 deletions(-)
> 
> diff --git a/fs/f2fs/f2fs.h b/fs/f2fs/f2fs.h
> index d2d50827772c..9f65ba8057ad 100644
> --- a/fs/f2fs/f2fs.h
> +++ b/fs/f2fs/f2fs.h
> @@ -74,7 +74,6 @@ extern const char *f2fs_fault_name[FAULT_MAX];
>  /*
>   * For mount options
>   */
> -#define F2FS_MOUNT_BG_GC		0x00000001
>  #define F2FS_MOUNT_DISABLE_ROLL_FORWARD	0x00000002
>  #define F2FS_MOUNT_DISCARD		0x00000004
>  #define F2FS_MOUNT_NOHEAP		0x00000008
> @@ -88,7 +87,6 @@ extern const char *f2fs_fault_name[FAULT_MAX];
>  #define F2FS_MOUNT_NOBARRIER		0x00000800
>  #define F2FS_MOUNT_FASTBOOT		0x00001000
>  #define F2FS_MOUNT_EXTENT_CACHE		0x00002000
> -#define F2FS_MOUNT_FORCE_FG_GC		0x00004000
>  #define F2FS_MOUNT_DATA_FLUSH		0x00008000
>  #define F2FS_MOUNT_FAULT_INJECTION	0x00010000
>  #define F2FS_MOUNT_USRQUOTA		0x00080000
> @@ -137,6 +135,7 @@ struct f2fs_mount_info {
>  	int alloc_mode;			/* segment allocation policy */
>  	int fsync_mode;			/* fsync policy */
>  	int fs_mode;			/* fs mode: LFS or ADAPTIVE */
> +	int bggc_mode;			/* bggc mode: off, on or sync */
>  	bool test_dummy_encryption;	/* test dummy encryption */
>  	block_t unusable_cap;		/* Amount of space allowed to be
>  					 * unusable when disabling checkpoint
> @@ -1170,6 +1169,15 @@ enum {
>  	GC_URGENT,
>  };
>  
> +enum {
> +	BGGC_MODE_ON,		/* background gc is on */
> +	BGGC_MODE_OFF,		/* background gc is off */
> +	BGGC_MODE_SYNC,		/*
> +				 * background gc is on, migrating blocks
> +				 * like foreground gc
> +				 */
> +};
> +
>  enum {
>  	FS_MODE_ADAPTIVE,	/* use both lfs/ssr allocation */
>  	FS_MODE_LFS,		/* use lfs allocation only */
> diff --git a/fs/f2fs/gc.c b/fs/f2fs/gc.c
> index 8aebe2b9c655..897de003e423 100644
> --- a/fs/f2fs/gc.c
> +++ b/fs/f2fs/gc.c
> @@ -31,6 +31,8 @@ static int gc_thread_func(void *data)
>  
>  	set_freezable();
>  	do {
> +		bool sync_mode;
> +
>  		wait_event_interruptible_timeout(*wq,
>  				kthread_should_stop() || freezing(current) ||
>  				gc_th->gc_wake,
> @@ -101,8 +103,10 @@ static int gc_thread_func(void *data)
>  do_gc:
>  		stat_inc_bggc_count(sbi->stat_info);
>  
> +		sync_mode = F2FS_OPTION(sbi).bggc_mode == BGGC_MODE_SYNC;
> +
>  		/* if return value is not zero, no victim was selected */
> -		if (f2fs_gc(sbi, test_opt(sbi, FORCE_FG_GC), true, NULL_SEGNO))
> +		if (f2fs_gc(sbi, sync_mode, true, NULL_SEGNO))
>  			wait_ms = gc_th->no_gc_sleep_time;
>  
>  		trace_f2fs_background_gc(sbi->sb, wait_ms,
> diff --git a/fs/f2fs/super.c b/fs/f2fs/super.c
> index 427409eff354..4ef7e6eb37da 100644
> --- a/fs/f2fs/super.c
> +++ b/fs/f2fs/super.c
> @@ -427,14 +427,11 @@ static int parse_options(struct super_block *sb, char *options)
>  			if (!name)
>  				return -ENOMEM;
>  			if (strlen(name) == 2 && !strncmp(name, "on", 2)) {
> -				set_opt(sbi, BG_GC);
> -				clear_opt(sbi, FORCE_FG_GC);
> +				F2FS_OPTION(sbi).bggc_mode = BGGC_MODE_ON;
>  			} else if (strlen(name) == 3 && !strncmp(name, "off", 3)) {
> -				clear_opt(sbi, BG_GC);
> -				clear_opt(sbi, FORCE_FG_GC);
> +				F2FS_OPTION(sbi).bggc_mode = BGGC_MODE_OFF;
>  			} else if (strlen(name) == 4 && !strncmp(name, "sync", 4)) {
> -				set_opt(sbi, BG_GC);
> -				set_opt(sbi, FORCE_FG_GC);
> +				F2FS_OPTION(sbi).bggc_mode = BGGC_MODE_SYNC;
>  			} else {
>  				kvfree(name);
>  				return -EINVAL;
> @@ -1436,14 +1433,13 @@ static int f2fs_show_options(struct seq_file *seq, struct dentry *root)
>  {
>  	struct f2fs_sb_info *sbi = F2FS_SB(root->d_sb);
>  
> -	if (!f2fs_readonly(sbi->sb) && test_opt(sbi, BG_GC)) {
> -		if (test_opt(sbi, FORCE_FG_GC))
> -			seq_printf(seq, ",background_gc=%s", "sync");
> -		else
> -			seq_printf(seq, ",background_gc=%s", "on");
> -	} else {
> +	if (F2FS_OPTION(sbi).bggc_mode == BGGC_MODE_SYNC)
> +		seq_printf(seq, ",background_gc=%s", "sync");
> +	else if (F2FS_OPTION(sbi).bggc_mode == BGGC_MODE_ON)
> +		seq_printf(seq, ",background_gc=%s", "on");
> +	else if (F2FS_OPTION(sbi).bggc_mode == BGGC_MODE_OFF)
>  		seq_printf(seq, ",background_gc=%s", "off");
> -	}
> +
>  	if (test_opt(sbi, DISABLE_ROLL_FORWARD))
>  		seq_puts(seq, ",disable_roll_forward");
>  	if (test_opt(sbi, DISCARD))
> @@ -1573,8 +1569,8 @@ static void default_options(struct f2fs_sb_info *sbi)
>  	F2FS_OPTION(sbi).compress_algorithm = COMPRESS_LZO;
>  	F2FS_OPTION(sbi).compress_log_size = MIN_COMPRESS_LOG_SIZE;
>  	F2FS_OPTION(sbi).compress_ext_cnt = 0;
> +	F2FS_OPTION(sbi).bggc_mode = BGGC_MODE_ON;
>  
> -	set_opt(sbi, BG_GC);
>  	set_opt(sbi, INLINE_XATTR);
>  	set_opt(sbi, INLINE_DATA);
>  	set_opt(sbi, INLINE_DENTRY);
> @@ -1780,7 +1776,8 @@ static int f2fs_remount(struct super_block *sb, int *flags, char *data)
>  	 * or if background_gc = off is passed in mount
>  	 * option. Also sync the filesystem.
>  	 */
> -	if ((*flags & SB_RDONLY) || !test_opt(sbi, BG_GC)) {
> +	if ((*flags & SB_RDONLY) ||
> +			F2FS_OPTION(sbi).bggc_mode == BGGC_MODE_OFF) {
>  		if (sbi->gc_thread) {
>  			f2fs_stop_gc_thread(sbi);
>  			need_restart_gc = true;
> @@ -3664,7 +3661,7 @@ static int f2fs_fill_super(struct super_block *sb, void *data, int silent)
>  	 * If filesystem is not mounted as read-only then
>  	 * do start the gc_thread.
>  	 */
> -	if (test_opt(sbi, BG_GC) && !f2fs_readonly(sb)) {
> +	if (F2FS_OPTION(sbi).bggc_mode != BGGC_MODE_OFF && !f2fs_readonly(sb)) {
>  		/* After POR, we can run background GC thread.*/
>  		err = f2fs_start_gc_thread(sbi);
>  		if (err)
> -- 
> 2.18.0.rc1


_______________________________________________
Linux-f2fs-devel mailing list
Linux-f2fs-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel

^ permalink raw reply

* [PATCH v2 25/28] commoncap: handle fsid mappings with vfs caps
From: Christian Brauner @ 2020-02-14 18:35 UTC (permalink / raw)
  To: Stéphane Graber, Eric W. Biederman, Aleksa Sarai, Jann Horn
  Cc: smbarber, Seth Forshee, Alexander Viro, Alexey Dobriyan,
	Serge Hallyn, James Morris, Kees Cook, Jonathan Corbet,
	Phil Estes, linux-kernel, linux-fsdevel, containers,
	linux-security-module, linux-api, Christian Brauner
In-Reply-To: <20200214183554.1133805-1-christian.brauner@ubuntu.com>

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
---
 security/commoncap.c | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

diff --git a/security/commoncap.c b/security/commoncap.c
index 0581c6aa8bdc..d2259dc0450b 100644
--- a/security/commoncap.c
+++ b/security/commoncap.c
@@ -328,7 +328,7 @@ static bool rootid_owns_currentns(kuid_t kroot)
 		return false;
 
 	for (ns = current_user_ns(); ; ns = ns->parent) {
-		if (from_kuid(ns, kroot) == 0)
+		if (from_kfsuid(ns, kroot) == 0)
 			return true;
 		if (ns == &init_user_ns)
 			break;
@@ -411,11 +411,11 @@ int cap_inode_getsecurity(struct inode *inode, const char *name, void **buffer,
 
 	nscap = (struct vfs_ns_cap_data *) tmpbuf;
 	root = le32_to_cpu(nscap->rootid);
-	kroot = make_kuid(fs_ns, root);
+	kroot = make_kfsuid(fs_ns, root);
 
-	/* If the root kuid maps to a valid uid in current ns, then return
+	/* If the root kfsuid maps to a valid uid in current ns, then return
 	 * this as a nscap. */
-	mappedroot = from_kuid(current_user_ns(), kroot);
+	mappedroot = from_kfsuid(current_user_ns(), kroot);
 	if (mappedroot != (uid_t)-1 && mappedroot != (uid_t)0) {
 		if (alloc) {
 			*buffer = tmpbuf;
@@ -460,7 +460,7 @@ static kuid_t rootid_from_xattr(const void *value, size_t size,
 	if (size == XATTR_CAPS_SZ_3)
 		rootid = le32_to_cpu(nscap->rootid);
 
-	return make_kuid(task_ns, rootid);
+	return make_kfsuid(task_ns, rootid);
 }
 
 static bool validheader(size_t size, const struct vfs_cap_data *cap)
@@ -501,7 +501,7 @@ int cap_convert_nscap(struct dentry *dentry, void **ivalue, size_t size)
 	if (!uid_valid(rootid))
 		return -EINVAL;
 
-	nsrootid = from_kuid(fs_ns, rootid);
+	nsrootid = from_kfsuid(fs_ns, rootid);
 	if (nsrootid == -1)
 		return -EINVAL;
 
@@ -600,7 +600,7 @@ int get_vfs_caps_from_disk(const struct dentry *dentry, struct cpu_vfs_cap_data
 
 	cpu_caps->magic_etc = magic_etc = le32_to_cpu(caps->magic_etc);
 
-	rootkuid = make_kuid(fs_ns, 0);
+	rootkuid = make_kfsuid(fs_ns, 0);
 	switch (magic_etc & VFS_CAP_REVISION_MASK) {
 	case VFS_CAP_REVISION_1:
 		if (size != XATTR_CAPS_SZ_1)
@@ -616,7 +616,7 @@ int get_vfs_caps_from_disk(const struct dentry *dentry, struct cpu_vfs_cap_data
 		if (size != XATTR_CAPS_SZ_3)
 			return -EINVAL;
 		tocopy = VFS_CAP_U32_3;
-		rootkuid = make_kuid(fs_ns, le32_to_cpu(nscaps->rootid));
+		rootkuid = make_kfsuid(fs_ns, le32_to_cpu(nscaps->rootid));
 		break;
 
 	default:
-- 
2.25.0


^ permalink raw reply related

* Re: [PATCH 4/4] f2fs: clean up bggc mount option
From: Jaegeuk Kim @ 2020-02-14 18:42 UTC (permalink / raw)
  To: Chao Yu; +Cc: linux-f2fs-devel, linux-kernel, chao
In-Reply-To: <20200214094413.12784-4-yuchao0@huawei.com>

On 02/14, Chao Yu wrote:
> There are three status for background gc: on, off and sync, it's
> a little bit confused to use test_opt(BG_GC) and test_opt(FORCE_FG_GC)
> combinations to indicate status of background gc.
> 
> So let's remove F2FS_MOUNT_BG_GC and F2FS_MOUNT_FORCE_FG_GC mount

I don't think we can do as well.

> options, and add F2FS_OPTION().bggc_mode with below three status
> to clean up codes and enhance bggc mode's scalability.
> 
> enum {
> 	BGGC_MODE_ON,		/* background gc is on */
> 	BGGC_MODE_OFF,		/* background gc is off */
> 	BGGC_MODE_SYNC,		/*
> 				 * background gc is on, migrating blocks
> 				 * like foreground gc
> 				 */
> };
> 
> Signed-off-by: Chao Yu <yuchao0@huawei.com>
> ---
>  fs/f2fs/f2fs.h  | 12 ++++++++++--
>  fs/f2fs/gc.c    |  6 +++++-
>  fs/f2fs/super.c | 29 +++++++++++++----------------
>  3 files changed, 28 insertions(+), 19 deletions(-)
> 
> diff --git a/fs/f2fs/f2fs.h b/fs/f2fs/f2fs.h
> index d2d50827772c..9f65ba8057ad 100644
> --- a/fs/f2fs/f2fs.h
> +++ b/fs/f2fs/f2fs.h
> @@ -74,7 +74,6 @@ extern const char *f2fs_fault_name[FAULT_MAX];
>  /*
>   * For mount options
>   */
> -#define F2FS_MOUNT_BG_GC		0x00000001
>  #define F2FS_MOUNT_DISABLE_ROLL_FORWARD	0x00000002
>  #define F2FS_MOUNT_DISCARD		0x00000004
>  #define F2FS_MOUNT_NOHEAP		0x00000008
> @@ -88,7 +87,6 @@ extern const char *f2fs_fault_name[FAULT_MAX];
>  #define F2FS_MOUNT_NOBARRIER		0x00000800
>  #define F2FS_MOUNT_FASTBOOT		0x00001000
>  #define F2FS_MOUNT_EXTENT_CACHE		0x00002000
> -#define F2FS_MOUNT_FORCE_FG_GC		0x00004000
>  #define F2FS_MOUNT_DATA_FLUSH		0x00008000
>  #define F2FS_MOUNT_FAULT_INJECTION	0x00010000
>  #define F2FS_MOUNT_USRQUOTA		0x00080000
> @@ -137,6 +135,7 @@ struct f2fs_mount_info {
>  	int alloc_mode;			/* segment allocation policy */
>  	int fsync_mode;			/* fsync policy */
>  	int fs_mode;			/* fs mode: LFS or ADAPTIVE */
> +	int bggc_mode;			/* bggc mode: off, on or sync */
>  	bool test_dummy_encryption;	/* test dummy encryption */
>  	block_t unusable_cap;		/* Amount of space allowed to be
>  					 * unusable when disabling checkpoint
> @@ -1170,6 +1169,15 @@ enum {
>  	GC_URGENT,
>  };
>  
> +enum {
> +	BGGC_MODE_ON,		/* background gc is on */
> +	BGGC_MODE_OFF,		/* background gc is off */
> +	BGGC_MODE_SYNC,		/*
> +				 * background gc is on, migrating blocks
> +				 * like foreground gc
> +				 */
> +};
> +
>  enum {
>  	FS_MODE_ADAPTIVE,	/* use both lfs/ssr allocation */
>  	FS_MODE_LFS,		/* use lfs allocation only */
> diff --git a/fs/f2fs/gc.c b/fs/f2fs/gc.c
> index 8aebe2b9c655..897de003e423 100644
> --- a/fs/f2fs/gc.c
> +++ b/fs/f2fs/gc.c
> @@ -31,6 +31,8 @@ static int gc_thread_func(void *data)
>  
>  	set_freezable();
>  	do {
> +		bool sync_mode;
> +
>  		wait_event_interruptible_timeout(*wq,
>  				kthread_should_stop() || freezing(current) ||
>  				gc_th->gc_wake,
> @@ -101,8 +103,10 @@ static int gc_thread_func(void *data)
>  do_gc:
>  		stat_inc_bggc_count(sbi->stat_info);
>  
> +		sync_mode = F2FS_OPTION(sbi).bggc_mode == BGGC_MODE_SYNC;
> +
>  		/* if return value is not zero, no victim was selected */
> -		if (f2fs_gc(sbi, test_opt(sbi, FORCE_FG_GC), true, NULL_SEGNO))
> +		if (f2fs_gc(sbi, sync_mode, true, NULL_SEGNO))
>  			wait_ms = gc_th->no_gc_sleep_time;
>  
>  		trace_f2fs_background_gc(sbi->sb, wait_ms,
> diff --git a/fs/f2fs/super.c b/fs/f2fs/super.c
> index 427409eff354..4ef7e6eb37da 100644
> --- a/fs/f2fs/super.c
> +++ b/fs/f2fs/super.c
> @@ -427,14 +427,11 @@ static int parse_options(struct super_block *sb, char *options)
>  			if (!name)
>  				return -ENOMEM;
>  			if (strlen(name) == 2 && !strncmp(name, "on", 2)) {
> -				set_opt(sbi, BG_GC);
> -				clear_opt(sbi, FORCE_FG_GC);
> +				F2FS_OPTION(sbi).bggc_mode = BGGC_MODE_ON;
>  			} else if (strlen(name) == 3 && !strncmp(name, "off", 3)) {
> -				clear_opt(sbi, BG_GC);
> -				clear_opt(sbi, FORCE_FG_GC);
> +				F2FS_OPTION(sbi).bggc_mode = BGGC_MODE_OFF;
>  			} else if (strlen(name) == 4 && !strncmp(name, "sync", 4)) {
> -				set_opt(sbi, BG_GC);
> -				set_opt(sbi, FORCE_FG_GC);
> +				F2FS_OPTION(sbi).bggc_mode = BGGC_MODE_SYNC;
>  			} else {
>  				kvfree(name);
>  				return -EINVAL;
> @@ -1436,14 +1433,13 @@ static int f2fs_show_options(struct seq_file *seq, struct dentry *root)
>  {
>  	struct f2fs_sb_info *sbi = F2FS_SB(root->d_sb);
>  
> -	if (!f2fs_readonly(sbi->sb) && test_opt(sbi, BG_GC)) {
> -		if (test_opt(sbi, FORCE_FG_GC))
> -			seq_printf(seq, ",background_gc=%s", "sync");
> -		else
> -			seq_printf(seq, ",background_gc=%s", "on");
> -	} else {
> +	if (F2FS_OPTION(sbi).bggc_mode == BGGC_MODE_SYNC)
> +		seq_printf(seq, ",background_gc=%s", "sync");
> +	else if (F2FS_OPTION(sbi).bggc_mode == BGGC_MODE_ON)
> +		seq_printf(seq, ",background_gc=%s", "on");
> +	else if (F2FS_OPTION(sbi).bggc_mode == BGGC_MODE_OFF)
>  		seq_printf(seq, ",background_gc=%s", "off");
> -	}
> +
>  	if (test_opt(sbi, DISABLE_ROLL_FORWARD))
>  		seq_puts(seq, ",disable_roll_forward");
>  	if (test_opt(sbi, DISCARD))
> @@ -1573,8 +1569,8 @@ static void default_options(struct f2fs_sb_info *sbi)
>  	F2FS_OPTION(sbi).compress_algorithm = COMPRESS_LZO;
>  	F2FS_OPTION(sbi).compress_log_size = MIN_COMPRESS_LOG_SIZE;
>  	F2FS_OPTION(sbi).compress_ext_cnt = 0;
> +	F2FS_OPTION(sbi).bggc_mode = BGGC_MODE_ON;
>  
> -	set_opt(sbi, BG_GC);
>  	set_opt(sbi, INLINE_XATTR);
>  	set_opt(sbi, INLINE_DATA);
>  	set_opt(sbi, INLINE_DENTRY);
> @@ -1780,7 +1776,8 @@ static int f2fs_remount(struct super_block *sb, int *flags, char *data)
>  	 * or if background_gc = off is passed in mount
>  	 * option. Also sync the filesystem.
>  	 */
> -	if ((*flags & SB_RDONLY) || !test_opt(sbi, BG_GC)) {
> +	if ((*flags & SB_RDONLY) ||
> +			F2FS_OPTION(sbi).bggc_mode == BGGC_MODE_OFF) {
>  		if (sbi->gc_thread) {
>  			f2fs_stop_gc_thread(sbi);
>  			need_restart_gc = true;
> @@ -3664,7 +3661,7 @@ static int f2fs_fill_super(struct super_block *sb, void *data, int silent)
>  	 * If filesystem is not mounted as read-only then
>  	 * do start the gc_thread.
>  	 */
> -	if (test_opt(sbi, BG_GC) && !f2fs_readonly(sb)) {
> +	if (F2FS_OPTION(sbi).bggc_mode != BGGC_MODE_OFF && !f2fs_readonly(sb)) {
>  		/* After POR, we can run background GC thread.*/
>  		err = f2fs_start_gc_thread(sbi);
>  		if (err)
> -- 
> 2.18.0.rc1

^ permalink raw reply

* [PATCH v2 26/28] exec: bprm_fill_uid(): handle fsid mappings
From: Christian Brauner @ 2020-02-14 18:35 UTC (permalink / raw)
  To: Stéphane Graber, Eric W. Biederman, Aleksa Sarai, Jann Horn
  Cc: smbarber, Seth Forshee, Alexander Viro, Alexey Dobriyan,
	Serge Hallyn, James Morris, Kees Cook, Jonathan Corbet,
	Phil Estes, linux-kernel, linux-fsdevel, containers,
	linux-security-module, linux-api, Christian Brauner
In-Reply-To: <20200214183554.1133805-1-christian.brauner@ubuntu.com>

Make sure that during suid/sgid binary execution we lookup the fsids in the
fsid mappings. If the kernel is compiled without fsid mappings or now fsid
mappings are setup the behavior is unchanged.

Assuming we have a binary in a given user namespace that is owned by 0:0 in the
given user namespace which appears as 300000:300000 on-disk in the initial user
namespace. Now assume we write an id mapping of 0 100000 100000 and an fsid
mapping for 0 300000 300000 in the user namespace. When we hit bprm_fill_uid()
during setid execution we will retrieve inode kuid=100000 and kgid=1000000. We
first check whether there's an fsid mapping for these kids. In our scenario we
find that they map to fsuid=0 and fsgid=0 in the user namespace. Now we
translate them into kids in the id mapping. In our example they translate to
kuid=100000 and kgid=100000 which means the file will ultimately run as uid=0
and gid=0 in the user namespace and as uid=100000, gid=100000 in the initial
user namespace.
Let's alter the example and assume that there is an fsid mapping of 0 300000
300000 set up but no id mapping has been setup for the user namespace. In this
the last step of translating into a valid kid pair in the id mappings will fail
and we will behave as before and ignore the sid bits.

Cc: Jann Horn <jannh@google.com>
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
---
/* v2 */
patch added
- Christian Brauner <christian.brauner@ubuntu.com>:
  - Make sure that bprm_fill_uid() handles fsid mappings.
---
 fs/exec.c | 25 +++++++++++++++++++------
 1 file changed, 19 insertions(+), 6 deletions(-)

diff --git a/fs/exec.c b/fs/exec.c
index db17be51b112..9e4a7e757cef 100644
--- a/fs/exec.c
+++ b/fs/exec.c
@@ -62,6 +62,7 @@
 #include <linux/oom.h>
 #include <linux/compat.h>
 #include <linux/vmalloc.h>
+#include <linux/fsuidgid.h>
 
 #include <linux/uaccess.h>
 #include <asm/mmu_context.h>
@@ -1518,8 +1519,8 @@ static void bprm_fill_uid(struct linux_binprm *bprm)
 {
 	struct inode *inode;
 	unsigned int mode;
-	kuid_t uid;
-	kgid_t gid;
+	kuid_t uid, euid;
+	kgid_t gid, egid;
 
 	/*
 	 * Since this can be called multiple times (via prepare_binprm),
@@ -1551,18 +1552,30 @@ static void bprm_fill_uid(struct linux_binprm *bprm)
 	inode_unlock(inode);
 
 	/* We ignore suid/sgid if there are no mappings for them in the ns */
-	if (!kuid_has_mapping(bprm->cred->user_ns, uid) ||
-		 !kgid_has_mapping(bprm->cred->user_ns, gid))
+	if (!kfsuid_has_mapping(bprm->cred->user_ns, uid) ||
+		 !kfsgid_has_mapping(bprm->cred->user_ns, gid))
 		return;
 
+	if (mode & S_ISUID) {
+		euid = kfsuid_to_kuid(bprm->cred->user_ns, uid);
+		if (!uid_valid(euid))
+			return;
+	}
+
+	if ((mode & (S_ISGID | S_IXGRP)) == (S_ISGID | S_IXGRP)) {
+		egid = kfsgid_to_kgid(bprm->cred->user_ns, gid);
+		if (!gid_valid(egid))
+			return;
+	}
+
 	if (mode & S_ISUID) {
 		bprm->per_clear |= PER_CLEAR_ON_SETID;
-		bprm->cred->euid = uid;
+		bprm->cred->euid = euid;
 	}
 
 	if ((mode & (S_ISGID | S_IXGRP)) == (S_ISGID | S_IXGRP)) {
 		bprm->per_clear |= PER_CLEAR_ON_SETID;
-		bprm->cred->egid = gid;
+		bprm->cred->egid = egid;
 	}
 }
 
-- 
2.25.0


^ permalink raw reply related

* Re: [f2fs-dev] [PATCH 3/4] f2fs: clean up lfs/adaptive mount option
From: Jaegeuk Kim @ 2020-02-14 18:41 UTC (permalink / raw)
  To: Chao Yu; +Cc: linux-kernel, linux-f2fs-devel
In-Reply-To: <20200214094413.12784-3-yuchao0@huawei.com>

On 02/14, Chao Yu wrote:
> This patch removes F2FS_MOUNT_ADAPTIVE and F2FS_MOUNT_LFS mount options,
> and add F2FS_OPTION.fs_mode with below two status to indicate filesystem
> mode.
> 
> enum {
> 	FS_MODE_ADAPTIVE,	/* use both lfs/ssr allocation */
> 	FS_MODE_LFS,		/* use lfs allocation only */
> };
> 
> It can enhance code readability and fs mode's scalability.
> 
> Signed-off-by: Chao Yu <yuchao0@huawei.com>
> ---
>  fs/f2fs/data.c    |  8 ++++----
>  fs/f2fs/f2fs.h    | 27 ++++++++++-----------------
>  fs/f2fs/file.c    |  2 +-
>  fs/f2fs/gc.c      |  2 +-
>  fs/f2fs/segment.c | 12 ++++++------
>  fs/f2fs/super.c   | 16 ++++++++--------
>  6 files changed, 30 insertions(+), 37 deletions(-)
> 
> diff --git a/fs/f2fs/data.c b/fs/f2fs/data.c
> index ec4b030e2466..019c91f7b301 100644
> --- a/fs/f2fs/data.c
> +++ b/fs/f2fs/data.c
> @@ -445,7 +445,7 @@ static inline void __submit_bio(struct f2fs_sb_info *sbi,
>  		if (type != DATA && type != NODE)
>  			goto submit_io;
>  
> -		if (test_opt(sbi, LFS) && current->plug)
> +		if (f2fs_lfs_mode(sbi) && current->plug)
>  			blk_finish_plug(current->plug);
>  
>  		if (F2FS_IO_ALIGNED(sbi))
> @@ -1420,7 +1420,7 @@ int f2fs_map_blocks(struct inode *inode, struct f2fs_map_blocks *map,
>  	end = pgofs + maxblocks;
>  
>  	if (!create && f2fs_lookup_extent_cache(inode, pgofs, &ei)) {
> -		if (test_opt(sbi, LFS) && flag == F2FS_GET_BLOCK_DIO &&
> +		if (f2fs_lfs_mode(sbi) && flag == F2FS_GET_BLOCK_DIO &&
>  							map->m_may_create)
>  			goto next_dnode;
>  
> @@ -1475,7 +1475,7 @@ int f2fs_map_blocks(struct inode *inode, struct f2fs_map_blocks *map,
>  
>  	if (__is_valid_data_blkaddr(blkaddr)) {
>  		/* use out-place-update for driect IO under LFS mode */
> -		if (test_opt(sbi, LFS) && flag == F2FS_GET_BLOCK_DIO &&
> +		if (f2fs_lfs_mode(sbi) && flag == F2FS_GET_BLOCK_DIO &&
>  							map->m_may_create) {
>  			err = __allocate_data_block(&dn, map->m_seg_type);
>  			if (err)
> @@ -2403,7 +2403,7 @@ bool f2fs_should_update_outplace(struct inode *inode, struct f2fs_io_info *fio)
>  {
>  	struct f2fs_sb_info *sbi = F2FS_I_SB(inode);
>  
> -	if (test_opt(sbi, LFS))
> +	if (f2fs_lfs_mode(sbi))
>  		return true;
>  	if (S_ISDIR(inode->i_mode))
>  		return true;
> diff --git a/fs/f2fs/f2fs.h b/fs/f2fs/f2fs.h
> index 5152e9bf432b..d2d50827772c 100644
> --- a/fs/f2fs/f2fs.h
> +++ b/fs/f2fs/f2fs.h
> @@ -91,8 +91,6 @@ extern const char *f2fs_fault_name[FAULT_MAX];
>  #define F2FS_MOUNT_FORCE_FG_GC		0x00004000
>  #define F2FS_MOUNT_DATA_FLUSH		0x00008000
>  #define F2FS_MOUNT_FAULT_INJECTION	0x00010000
> -#define F2FS_MOUNT_ADAPTIVE		0x00020000
> -#define F2FS_MOUNT_LFS			0x00040000

I don't think we can remove this simply.

>  #define F2FS_MOUNT_USRQUOTA		0x00080000
>  #define F2FS_MOUNT_GRPQUOTA		0x00100000
>  #define F2FS_MOUNT_PRJQUOTA		0x00200000
> @@ -138,6 +136,7 @@ struct f2fs_mount_info {
>  	int whint_mode;
>  	int alloc_mode;			/* segment allocation policy */
>  	int fsync_mode;			/* fsync policy */
> +	int fs_mode;			/* fs mode: LFS or ADAPTIVE */
>  	bool test_dummy_encryption;	/* test dummy encryption */
>  	block_t unusable_cap;		/* Amount of space allowed to be
>  					 * unusable when disabling checkpoint
> @@ -1171,6 +1170,11 @@ enum {
>  	GC_URGENT,
>  };
>  
> +enum {
> +	FS_MODE_ADAPTIVE,	/* use both lfs/ssr allocation */
> +	FS_MODE_LFS,		/* use lfs allocation only */
> +};
> +
>  enum {
>  	WHINT_MODE_OFF,		/* not pass down write hints */
>  	WHINT_MODE_USER,	/* try to pass down hints given by users */
> @@ -3907,20 +3911,9 @@ static inline bool f2fs_hw_is_readonly(struct f2fs_sb_info *sbi)
>  	return false;
>  }
>  
> -
> -static inline void set_opt_mode(struct f2fs_sb_info *sbi, unsigned int mt)
> +static inline bool f2fs_lfs_mode(struct f2fs_sb_info *sbi)
>  {
> -	clear_opt(sbi, ADAPTIVE);
> -	clear_opt(sbi, LFS);
> -
> -	switch (mt) {
> -	case F2FS_MOUNT_ADAPTIVE:
> -		set_opt(sbi, ADAPTIVE);
> -		break;
> -	case F2FS_MOUNT_LFS:
> -		set_opt(sbi, LFS);
> -		break;
> -	}
> +	return F2FS_OPTION(sbi).fs_mode == FS_MODE_LFS;
>  }
>  
>  static inline bool f2fs_may_encrypt(struct inode *inode)
> @@ -3975,7 +3968,7 @@ static inline int allow_outplace_dio(struct inode *inode,
>  	struct f2fs_sb_info *sbi = F2FS_I_SB(inode);
>  	int rw = iov_iter_rw(iter);
>  
> -	return (test_opt(sbi, LFS) && (rw == WRITE) &&
> +	return (f2fs_lfs_mode(sbi) && (rw == WRITE) &&
>  				!block_unaligned_IO(inode, iocb, iter));
>  }
>  
> @@ -3997,7 +3990,7 @@ static inline bool f2fs_force_buffered_io(struct inode *inode,
>  	 */
>  	if (f2fs_sb_has_blkzoned(sbi))
>  		return true;
> -	if (test_opt(sbi, LFS) && (rw == WRITE)) {
> +	if (f2fs_lfs_mode(sbi) && (rw == WRITE)) {
>  		if (block_unaligned_IO(inode, iocb, iter))
>  			return true;
>  		if (F2FS_IO_ALIGNED(sbi))
> diff --git a/fs/f2fs/file.c b/fs/f2fs/file.c
> index 5a0f84751091..efca4ed17b7d 100644
> --- a/fs/f2fs/file.c
> +++ b/fs/f2fs/file.c
> @@ -1132,7 +1132,7 @@ static int __read_out_blkaddrs(struct inode *inode, block_t *blkaddr,
>  
>  		if (!f2fs_is_checkpointed_data(sbi, *blkaddr)) {
>  
> -			if (test_opt(sbi, LFS)) {
> +			if (f2fs_lfs_mode(sbi)) {
>  				f2fs_put_dnode(&dn);
>  				return -EOPNOTSUPP;
>  			}
> diff --git a/fs/f2fs/gc.c b/fs/f2fs/gc.c
> index 53312d7bc78b..8aebe2b9c655 100644
> --- a/fs/f2fs/gc.c
> +++ b/fs/f2fs/gc.c
> @@ -762,7 +762,7 @@ static int move_data_block(struct inode *inode, block_t bidx,
>  	struct page *page, *mpage;
>  	block_t newaddr;
>  	int err = 0;
> -	bool lfs_mode = test_opt(fio.sbi, LFS);
> +	bool lfs_mode = f2fs_lfs_mode(fio.sbi);
>  
>  	/* do not read out */
>  	page = f2fs_grab_cache_page(inode->i_mapping, bidx, false);
> diff --git a/fs/f2fs/segment.c b/fs/f2fs/segment.c
> index cf0eb002cfd4..c3252603ff79 100644
> --- a/fs/f2fs/segment.c
> +++ b/fs/f2fs/segment.c
> @@ -172,7 +172,7 @@ bool f2fs_need_SSR(struct f2fs_sb_info *sbi)
>  	int dent_secs = get_blocktype_secs(sbi, F2FS_DIRTY_DENTS);
>  	int imeta_secs = get_blocktype_secs(sbi, F2FS_DIRTY_IMETA);
>  
> -	if (test_opt(sbi, LFS))
> +	if (f2fs_lfs_mode(sbi))
>  		return false;
>  	if (sbi->gc_mode == GC_URGENT)
>  		return true;
> @@ -1940,7 +1940,7 @@ void f2fs_clear_prefree_segments(struct f2fs_sb_info *sbi,
>  	unsigned int start = 0, end = -1;
>  	unsigned int secno, start_segno;
>  	bool force = (cpc->reason & CP_DISCARD);
> -	bool need_align = test_opt(sbi, LFS) && __is_large_section(sbi);
> +	bool need_align = f2fs_lfs_mode(sbi) && __is_large_section(sbi);
>  
>  	mutex_lock(&dirty_i->seglist_lock);
>  
> @@ -1972,7 +1972,7 @@ void f2fs_clear_prefree_segments(struct f2fs_sb_info *sbi,
>  					(end - 1) <= cpc->trim_end)
>  				continue;
>  
> -		if (!test_opt(sbi, LFS) || !__is_large_section(sbi)) {
> +		if (!f2fs_lfs_mode(sbi) || !__is_large_section(sbi)) {
>  			f2fs_issue_discard(sbi, START_BLOCK(sbi, start),
>  				(end - start) << sbi->log_blocks_per_seg);
>  			continue;
> @@ -2830,7 +2830,7 @@ int f2fs_trim_fs(struct f2fs_sb_info *sbi, struct fstrim_range *range)
>  	struct discard_policy dpolicy;
>  	unsigned long long trimmed = 0;
>  	int err = 0;
> -	bool need_align = test_opt(sbi, LFS) && __is_large_section(sbi);
> +	bool need_align = f2fs_lfs_mode(sbi) && __is_large_section(sbi);
>  
>  	if (start >= MAX_BLKADDR(sbi) || range->len < sbi->blocksize)
>  		return -EINVAL;
> @@ -3193,7 +3193,7 @@ static void update_device_state(struct f2fs_io_info *fio)
>  static void do_write_page(struct f2fs_summary *sum, struct f2fs_io_info *fio)
>  {
>  	int type = __get_segment_type(fio);
> -	bool keep_order = (test_opt(fio->sbi, LFS) && type == CURSEG_COLD_DATA);
> +	bool keep_order = (f2fs_lfs_mode(fio->sbi) && type == CURSEG_COLD_DATA);
>  
>  	if (keep_order)
>  		down_read(&fio->sbi->io_order_lock);
> @@ -4678,7 +4678,7 @@ int f2fs_build_segment_manager(struct f2fs_sb_info *sbi)
>  	if (sm_info->rec_prefree_segments > DEF_MAX_RECLAIM_PREFREE_SEGMENTS)
>  		sm_info->rec_prefree_segments = DEF_MAX_RECLAIM_PREFREE_SEGMENTS;
>  
> -	if (!test_opt(sbi, LFS))
> +	if (!f2fs_lfs_mode(sbi))
>  		sm_info->ipu_policy = 1 << F2FS_IPU_FSYNC;
>  	sm_info->min_ipu_util = DEF_MIN_IPU_UTIL;
>  	sm_info->min_fsync_blocks = DEF_MIN_FSYNC_BLOCKS;
> diff --git a/fs/f2fs/super.c b/fs/f2fs/super.c
> index 65a7a432dfee..427409eff354 100644
> --- a/fs/f2fs/super.c
> +++ b/fs/f2fs/super.c
> @@ -600,10 +600,10 @@ static int parse_options(struct super_block *sb, char *options)
>  					kvfree(name);
>  					return -EINVAL;
>  				}
> -				set_opt_mode(sbi, F2FS_MOUNT_ADAPTIVE);
> +				F2FS_OPTION(sbi).fs_mode = FS_MODE_ADAPTIVE;
>  			} else if (strlen(name) == 3 &&
>  					!strncmp(name, "lfs", 3)) {
> -				set_opt_mode(sbi, F2FS_MOUNT_LFS);
> +				F2FS_OPTION(sbi).fs_mode = FS_MODE_LFS;
>  			} else {
>  				kvfree(name);
>  				return -EINVAL;
> @@ -904,7 +904,7 @@ static int parse_options(struct super_block *sb, char *options)
>  	}
>  #endif
>  
> -	if (F2FS_IO_SIZE_BITS(sbi) && !test_opt(sbi, LFS)) {
> +	if (F2FS_IO_SIZE_BITS(sbi) && !f2fs_lfs_mode(sbi)) {
>  		f2fs_err(sbi, "Should set mode=lfs with %uKB-sized IO",
>  			 F2FS_IO_SIZE_KB(sbi));
>  		return -EINVAL;
> @@ -934,7 +934,7 @@ static int parse_options(struct super_block *sb, char *options)
>  		}
>  	}
>  
> -	if (test_opt(sbi, DISABLE_CHECKPOINT) && test_opt(sbi, LFS)) {
> +	if (test_opt(sbi, DISABLE_CHECKPOINT) && f2fs_lfs_mode(sbi)) {
>  		f2fs_err(sbi, "LFS not compatible with checkpoint=disable\n");
>  		return -EINVAL;
>  	}
> @@ -1497,9 +1497,9 @@ static int f2fs_show_options(struct seq_file *seq, struct dentry *root)
>  		seq_puts(seq, ",data_flush");
>  
>  	seq_puts(seq, ",mode=");
> -	if (test_opt(sbi, ADAPTIVE))
> +	if (F2FS_OPTION(sbi).fs_mode == FS_MODE_ADAPTIVE)
>  		seq_puts(seq, "adaptive");
> -	else if (test_opt(sbi, LFS))
> +	else if (F2FS_OPTION(sbi).fs_mode == FS_MODE_LFS)
>  		seq_puts(seq, "lfs");
>  	seq_printf(seq, ",active_logs=%u", F2FS_OPTION(sbi).active_logs);
>  	if (test_opt(sbi, RESERVE_ROOT))
> @@ -1586,9 +1586,9 @@ static void default_options(struct f2fs_sb_info *sbi)
>  	set_opt(sbi, FLUSH_MERGE);
>  	set_opt(sbi, DISCARD);
>  	if (f2fs_sb_has_blkzoned(sbi))
> -		set_opt_mode(sbi, F2FS_MOUNT_LFS);
> +		F2FS_OPTION(sbi).fs_mode = FS_MODE_LFS;
>  	else
> -		set_opt_mode(sbi, F2FS_MOUNT_ADAPTIVE);
> +		F2FS_OPTION(sbi).fs_mode = FS_MODE_ADAPTIVE;
>  
>  #ifdef CONFIG_F2FS_FS_XATTR
>  	set_opt(sbi, XATTR_USER);
> -- 
> 2.18.0.rc1


_______________________________________________
Linux-f2fs-devel mailing list
Linux-f2fs-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel

^ permalink raw reply

* Re: [PATCH 3/4] f2fs: clean up lfs/adaptive mount option
From: Jaegeuk Kim @ 2020-02-14 18:41 UTC (permalink / raw)
  To: Chao Yu; +Cc: linux-f2fs-devel, linux-kernel, chao
In-Reply-To: <20200214094413.12784-3-yuchao0@huawei.com>

On 02/14, Chao Yu wrote:
> This patch removes F2FS_MOUNT_ADAPTIVE and F2FS_MOUNT_LFS mount options,
> and add F2FS_OPTION.fs_mode with below two status to indicate filesystem
> mode.
> 
> enum {
> 	FS_MODE_ADAPTIVE,	/* use both lfs/ssr allocation */
> 	FS_MODE_LFS,		/* use lfs allocation only */
> };
> 
> It can enhance code readability and fs mode's scalability.
> 
> Signed-off-by: Chao Yu <yuchao0@huawei.com>
> ---
>  fs/f2fs/data.c    |  8 ++++----
>  fs/f2fs/f2fs.h    | 27 ++++++++++-----------------
>  fs/f2fs/file.c    |  2 +-
>  fs/f2fs/gc.c      |  2 +-
>  fs/f2fs/segment.c | 12 ++++++------
>  fs/f2fs/super.c   | 16 ++++++++--------
>  6 files changed, 30 insertions(+), 37 deletions(-)
> 
> diff --git a/fs/f2fs/data.c b/fs/f2fs/data.c
> index ec4b030e2466..019c91f7b301 100644
> --- a/fs/f2fs/data.c
> +++ b/fs/f2fs/data.c
> @@ -445,7 +445,7 @@ static inline void __submit_bio(struct f2fs_sb_info *sbi,
>  		if (type != DATA && type != NODE)
>  			goto submit_io;
>  
> -		if (test_opt(sbi, LFS) && current->plug)
> +		if (f2fs_lfs_mode(sbi) && current->plug)
>  			blk_finish_plug(current->plug);
>  
>  		if (F2FS_IO_ALIGNED(sbi))
> @@ -1420,7 +1420,7 @@ int f2fs_map_blocks(struct inode *inode, struct f2fs_map_blocks *map,
>  	end = pgofs + maxblocks;
>  
>  	if (!create && f2fs_lookup_extent_cache(inode, pgofs, &ei)) {
> -		if (test_opt(sbi, LFS) && flag == F2FS_GET_BLOCK_DIO &&
> +		if (f2fs_lfs_mode(sbi) && flag == F2FS_GET_BLOCK_DIO &&
>  							map->m_may_create)
>  			goto next_dnode;
>  
> @@ -1475,7 +1475,7 @@ int f2fs_map_blocks(struct inode *inode, struct f2fs_map_blocks *map,
>  
>  	if (__is_valid_data_blkaddr(blkaddr)) {
>  		/* use out-place-update for driect IO under LFS mode */
> -		if (test_opt(sbi, LFS) && flag == F2FS_GET_BLOCK_DIO &&
> +		if (f2fs_lfs_mode(sbi) && flag == F2FS_GET_BLOCK_DIO &&
>  							map->m_may_create) {
>  			err = __allocate_data_block(&dn, map->m_seg_type);
>  			if (err)
> @@ -2403,7 +2403,7 @@ bool f2fs_should_update_outplace(struct inode *inode, struct f2fs_io_info *fio)
>  {
>  	struct f2fs_sb_info *sbi = F2FS_I_SB(inode);
>  
> -	if (test_opt(sbi, LFS))
> +	if (f2fs_lfs_mode(sbi))
>  		return true;
>  	if (S_ISDIR(inode->i_mode))
>  		return true;
> diff --git a/fs/f2fs/f2fs.h b/fs/f2fs/f2fs.h
> index 5152e9bf432b..d2d50827772c 100644
> --- a/fs/f2fs/f2fs.h
> +++ b/fs/f2fs/f2fs.h
> @@ -91,8 +91,6 @@ extern const char *f2fs_fault_name[FAULT_MAX];
>  #define F2FS_MOUNT_FORCE_FG_GC		0x00004000
>  #define F2FS_MOUNT_DATA_FLUSH		0x00008000
>  #define F2FS_MOUNT_FAULT_INJECTION	0x00010000
> -#define F2FS_MOUNT_ADAPTIVE		0x00020000
> -#define F2FS_MOUNT_LFS			0x00040000

I don't think we can remove this simply.

>  #define F2FS_MOUNT_USRQUOTA		0x00080000
>  #define F2FS_MOUNT_GRPQUOTA		0x00100000
>  #define F2FS_MOUNT_PRJQUOTA		0x00200000
> @@ -138,6 +136,7 @@ struct f2fs_mount_info {
>  	int whint_mode;
>  	int alloc_mode;			/* segment allocation policy */
>  	int fsync_mode;			/* fsync policy */
> +	int fs_mode;			/* fs mode: LFS or ADAPTIVE */
>  	bool test_dummy_encryption;	/* test dummy encryption */
>  	block_t unusable_cap;		/* Amount of space allowed to be
>  					 * unusable when disabling checkpoint
> @@ -1171,6 +1170,11 @@ enum {
>  	GC_URGENT,
>  };
>  
> +enum {
> +	FS_MODE_ADAPTIVE,	/* use both lfs/ssr allocation */
> +	FS_MODE_LFS,		/* use lfs allocation only */
> +};
> +
>  enum {
>  	WHINT_MODE_OFF,		/* not pass down write hints */
>  	WHINT_MODE_USER,	/* try to pass down hints given by users */
> @@ -3907,20 +3911,9 @@ static inline bool f2fs_hw_is_readonly(struct f2fs_sb_info *sbi)
>  	return false;
>  }
>  
> -
> -static inline void set_opt_mode(struct f2fs_sb_info *sbi, unsigned int mt)
> +static inline bool f2fs_lfs_mode(struct f2fs_sb_info *sbi)
>  {
> -	clear_opt(sbi, ADAPTIVE);
> -	clear_opt(sbi, LFS);
> -
> -	switch (mt) {
> -	case F2FS_MOUNT_ADAPTIVE:
> -		set_opt(sbi, ADAPTIVE);
> -		break;
> -	case F2FS_MOUNT_LFS:
> -		set_opt(sbi, LFS);
> -		break;
> -	}
> +	return F2FS_OPTION(sbi).fs_mode == FS_MODE_LFS;
>  }
>  
>  static inline bool f2fs_may_encrypt(struct inode *inode)
> @@ -3975,7 +3968,7 @@ static inline int allow_outplace_dio(struct inode *inode,
>  	struct f2fs_sb_info *sbi = F2FS_I_SB(inode);
>  	int rw = iov_iter_rw(iter);
>  
> -	return (test_opt(sbi, LFS) && (rw == WRITE) &&
> +	return (f2fs_lfs_mode(sbi) && (rw == WRITE) &&
>  				!block_unaligned_IO(inode, iocb, iter));
>  }
>  
> @@ -3997,7 +3990,7 @@ static inline bool f2fs_force_buffered_io(struct inode *inode,
>  	 */
>  	if (f2fs_sb_has_blkzoned(sbi))
>  		return true;
> -	if (test_opt(sbi, LFS) && (rw == WRITE)) {
> +	if (f2fs_lfs_mode(sbi) && (rw == WRITE)) {
>  		if (block_unaligned_IO(inode, iocb, iter))
>  			return true;
>  		if (F2FS_IO_ALIGNED(sbi))
> diff --git a/fs/f2fs/file.c b/fs/f2fs/file.c
> index 5a0f84751091..efca4ed17b7d 100644
> --- a/fs/f2fs/file.c
> +++ b/fs/f2fs/file.c
> @@ -1132,7 +1132,7 @@ static int __read_out_blkaddrs(struct inode *inode, block_t *blkaddr,
>  
>  		if (!f2fs_is_checkpointed_data(sbi, *blkaddr)) {
>  
> -			if (test_opt(sbi, LFS)) {
> +			if (f2fs_lfs_mode(sbi)) {
>  				f2fs_put_dnode(&dn);
>  				return -EOPNOTSUPP;
>  			}
> diff --git a/fs/f2fs/gc.c b/fs/f2fs/gc.c
> index 53312d7bc78b..8aebe2b9c655 100644
> --- a/fs/f2fs/gc.c
> +++ b/fs/f2fs/gc.c
> @@ -762,7 +762,7 @@ static int move_data_block(struct inode *inode, block_t bidx,
>  	struct page *page, *mpage;
>  	block_t newaddr;
>  	int err = 0;
> -	bool lfs_mode = test_opt(fio.sbi, LFS);
> +	bool lfs_mode = f2fs_lfs_mode(fio.sbi);
>  
>  	/* do not read out */
>  	page = f2fs_grab_cache_page(inode->i_mapping, bidx, false);
> diff --git a/fs/f2fs/segment.c b/fs/f2fs/segment.c
> index cf0eb002cfd4..c3252603ff79 100644
> --- a/fs/f2fs/segment.c
> +++ b/fs/f2fs/segment.c
> @@ -172,7 +172,7 @@ bool f2fs_need_SSR(struct f2fs_sb_info *sbi)
>  	int dent_secs = get_blocktype_secs(sbi, F2FS_DIRTY_DENTS);
>  	int imeta_secs = get_blocktype_secs(sbi, F2FS_DIRTY_IMETA);
>  
> -	if (test_opt(sbi, LFS))
> +	if (f2fs_lfs_mode(sbi))
>  		return false;
>  	if (sbi->gc_mode == GC_URGENT)
>  		return true;
> @@ -1940,7 +1940,7 @@ void f2fs_clear_prefree_segments(struct f2fs_sb_info *sbi,
>  	unsigned int start = 0, end = -1;
>  	unsigned int secno, start_segno;
>  	bool force = (cpc->reason & CP_DISCARD);
> -	bool need_align = test_opt(sbi, LFS) && __is_large_section(sbi);
> +	bool need_align = f2fs_lfs_mode(sbi) && __is_large_section(sbi);
>  
>  	mutex_lock(&dirty_i->seglist_lock);
>  
> @@ -1972,7 +1972,7 @@ void f2fs_clear_prefree_segments(struct f2fs_sb_info *sbi,
>  					(end - 1) <= cpc->trim_end)
>  				continue;
>  
> -		if (!test_opt(sbi, LFS) || !__is_large_section(sbi)) {
> +		if (!f2fs_lfs_mode(sbi) || !__is_large_section(sbi)) {
>  			f2fs_issue_discard(sbi, START_BLOCK(sbi, start),
>  				(end - start) << sbi->log_blocks_per_seg);
>  			continue;
> @@ -2830,7 +2830,7 @@ int f2fs_trim_fs(struct f2fs_sb_info *sbi, struct fstrim_range *range)
>  	struct discard_policy dpolicy;
>  	unsigned long long trimmed = 0;
>  	int err = 0;
> -	bool need_align = test_opt(sbi, LFS) && __is_large_section(sbi);
> +	bool need_align = f2fs_lfs_mode(sbi) && __is_large_section(sbi);
>  
>  	if (start >= MAX_BLKADDR(sbi) || range->len < sbi->blocksize)
>  		return -EINVAL;
> @@ -3193,7 +3193,7 @@ static void update_device_state(struct f2fs_io_info *fio)
>  static void do_write_page(struct f2fs_summary *sum, struct f2fs_io_info *fio)
>  {
>  	int type = __get_segment_type(fio);
> -	bool keep_order = (test_opt(fio->sbi, LFS) && type == CURSEG_COLD_DATA);
> +	bool keep_order = (f2fs_lfs_mode(fio->sbi) && type == CURSEG_COLD_DATA);
>  
>  	if (keep_order)
>  		down_read(&fio->sbi->io_order_lock);
> @@ -4678,7 +4678,7 @@ int f2fs_build_segment_manager(struct f2fs_sb_info *sbi)
>  	if (sm_info->rec_prefree_segments > DEF_MAX_RECLAIM_PREFREE_SEGMENTS)
>  		sm_info->rec_prefree_segments = DEF_MAX_RECLAIM_PREFREE_SEGMENTS;
>  
> -	if (!test_opt(sbi, LFS))
> +	if (!f2fs_lfs_mode(sbi))
>  		sm_info->ipu_policy = 1 << F2FS_IPU_FSYNC;
>  	sm_info->min_ipu_util = DEF_MIN_IPU_UTIL;
>  	sm_info->min_fsync_blocks = DEF_MIN_FSYNC_BLOCKS;
> diff --git a/fs/f2fs/super.c b/fs/f2fs/super.c
> index 65a7a432dfee..427409eff354 100644
> --- a/fs/f2fs/super.c
> +++ b/fs/f2fs/super.c
> @@ -600,10 +600,10 @@ static int parse_options(struct super_block *sb, char *options)
>  					kvfree(name);
>  					return -EINVAL;
>  				}
> -				set_opt_mode(sbi, F2FS_MOUNT_ADAPTIVE);
> +				F2FS_OPTION(sbi).fs_mode = FS_MODE_ADAPTIVE;
>  			} else if (strlen(name) == 3 &&
>  					!strncmp(name, "lfs", 3)) {
> -				set_opt_mode(sbi, F2FS_MOUNT_LFS);
> +				F2FS_OPTION(sbi).fs_mode = FS_MODE_LFS;
>  			} else {
>  				kvfree(name);
>  				return -EINVAL;
> @@ -904,7 +904,7 @@ static int parse_options(struct super_block *sb, char *options)
>  	}
>  #endif
>  
> -	if (F2FS_IO_SIZE_BITS(sbi) && !test_opt(sbi, LFS)) {
> +	if (F2FS_IO_SIZE_BITS(sbi) && !f2fs_lfs_mode(sbi)) {
>  		f2fs_err(sbi, "Should set mode=lfs with %uKB-sized IO",
>  			 F2FS_IO_SIZE_KB(sbi));
>  		return -EINVAL;
> @@ -934,7 +934,7 @@ static int parse_options(struct super_block *sb, char *options)
>  		}
>  	}
>  
> -	if (test_opt(sbi, DISABLE_CHECKPOINT) && test_opt(sbi, LFS)) {
> +	if (test_opt(sbi, DISABLE_CHECKPOINT) && f2fs_lfs_mode(sbi)) {
>  		f2fs_err(sbi, "LFS not compatible with checkpoint=disable\n");
>  		return -EINVAL;
>  	}
> @@ -1497,9 +1497,9 @@ static int f2fs_show_options(struct seq_file *seq, struct dentry *root)
>  		seq_puts(seq, ",data_flush");
>  
>  	seq_puts(seq, ",mode=");
> -	if (test_opt(sbi, ADAPTIVE))
> +	if (F2FS_OPTION(sbi).fs_mode == FS_MODE_ADAPTIVE)
>  		seq_puts(seq, "adaptive");
> -	else if (test_opt(sbi, LFS))
> +	else if (F2FS_OPTION(sbi).fs_mode == FS_MODE_LFS)
>  		seq_puts(seq, "lfs");
>  	seq_printf(seq, ",active_logs=%u", F2FS_OPTION(sbi).active_logs);
>  	if (test_opt(sbi, RESERVE_ROOT))
> @@ -1586,9 +1586,9 @@ static void default_options(struct f2fs_sb_info *sbi)
>  	set_opt(sbi, FLUSH_MERGE);
>  	set_opt(sbi, DISCARD);
>  	if (f2fs_sb_has_blkzoned(sbi))
> -		set_opt_mode(sbi, F2FS_MOUNT_LFS);
> +		F2FS_OPTION(sbi).fs_mode = FS_MODE_LFS;
>  	else
> -		set_opt_mode(sbi, F2FS_MOUNT_ADAPTIVE);
> +		F2FS_OPTION(sbi).fs_mode = FS_MODE_ADAPTIVE;
>  
>  #ifdef CONFIG_F2FS_FS_XATTR
>  	set_opt(sbi, XATTR_USER);
> -- 
> 2.18.0.rc1

^ permalink raw reply

* [PATCH v2 20/28] open: handle fsid mappings
From: Christian Brauner @ 2020-02-14 18:35 UTC (permalink / raw)
  To: Stéphane Graber, Eric W. Biederman, Aleksa Sarai, Jann Horn
  Cc: smbarber, Seth Forshee, Alexander Viro, Alexey Dobriyan,
	Serge Hallyn, James Morris, Kees Cook, Jonathan Corbet,
	Phil Estes, linux-kernel, linux-fsdevel, containers,
	linux-security-module, linux-api, Christian Brauner
In-Reply-To: <20200214183554.1133805-1-christian.brauner@ubuntu.com>

Let chown_common() lookup fsids in the fsid mappings. If no fsid mappings are
setup the behavior is unchanged, i.e. fsids are looked up in the id mappings.
do_faccessat() just needs to translate from real ids into fsids.

Filesystems that share a superblock in all user namespaces they are mounted in
will retain their old semantics even with the introduction of fsidmappings.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
---
/* v2 */
- Christian Brauner <christian.brauner@ubuntu.com>:
  - handle faccessat() too
---
 fs/open.c | 16 ++++++++++++----
 1 file changed, 12 insertions(+), 4 deletions(-)

diff --git a/fs/open.c b/fs/open.c
index 0788b3715731..4e092845728f 100644
--- a/fs/open.c
+++ b/fs/open.c
@@ -32,6 +32,7 @@
 #include <linux/ima.h>
 #include <linux/dnotify.h>
 #include <linux/compat.h>
+#include <linux/fsuidgid.h>
 
 #include "internal.h"
 
@@ -361,8 +362,10 @@ long do_faccessat(int dfd, const char __user *filename, int mode)
 	if (!override_cred)
 		return -ENOMEM;
 
-	override_cred->fsuid = override_cred->uid;
-	override_cred->fsgid = override_cred->gid;
+	override_cred->kfsuid = override_cred->uid;
+	override_cred->kfsgid = override_cred->gid;
+	override_cred->fsuid = kuid_to_kfsuid(override_cred->user_ns, override_cred->uid);
+	override_cred->fsgid = kgid_to_kfsgid(override_cred->user_ns, override_cred->gid);
 
 	if (!issecure(SECURE_NO_SETUID_FIXUP)) {
 		/* Clear the capabilities if we switch to a non-root user */
@@ -626,8 +629,13 @@ static int chown_common(const struct path *path, uid_t user, gid_t group)
 	kuid_t uid;
 	kgid_t gid;
 
-	uid = make_kuid(current_user_ns(), user);
-	gid = make_kgid(current_user_ns(), group);
+	if (is_userns_visible(inode->i_sb->s_iflags)) {
+		uid = make_kuid(current_user_ns(), user);
+		gid = make_kgid(current_user_ns(), group);
+	} else {
+		uid = make_kfsuid(current_user_ns(), user);
+		gid = make_kfsgid(current_user_ns(), group);
+	}
 
 retry_deleg:
 	newattrs.ia_valid =  ATTR_CTIME;
-- 
2.25.0


^ permalink raw reply related

* [PATCH v2 27/28] ptrace: adapt ptrace_may_access() to always uses unmapped fsids
From: Christian Brauner @ 2020-02-14 18:35 UTC (permalink / raw)
  To: Stéphane Graber, Eric W. Biederman, Aleksa Sarai, Jann Horn
  Cc: smbarber, Seth Forshee, Alexander Viro, Alexey Dobriyan,
	Serge Hallyn, James Morris, Kees Cook, Jonathan Corbet,
	Phil Estes, linux-kernel, linux-fsdevel, containers,
	linux-security-module, linux-api, Christian Brauner
In-Reply-To: <20200214183554.1133805-1-christian.brauner@ubuntu.com>

ptrace_may_access() with PTRACE_MODE_FSCREDS is only used with proc and proc
wants to use the unmapped fsids.

Cc: Jann Horn <jannh@google.com>
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
---
/* v2 */
patch added
---
 kernel/ptrace.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/kernel/ptrace.c b/kernel/ptrace.c
index 43d6179508d6..3734713cc0dd 100644
--- a/kernel/ptrace.c
+++ b/kernel/ptrace.c
@@ -304,8 +304,8 @@ static int __ptrace_may_access(struct task_struct *task, unsigned int mode)
 		return 0;
 	rcu_read_lock();
 	if (mode & PTRACE_MODE_FSCREDS) {
-		caller_uid = cred->fsuid;
-		caller_gid = cred->fsgid;
+		caller_uid = cred->kfsuid;
+		caller_gid = cred->kfsgid;
 	} else {
 		/*
 		 * Using the euid would make more sense here, but something
-- 
2.25.0


^ permalink raw reply related

* [PATCH v2 21/28] posix_acl: handle fsid mappings
From: Christian Brauner @ 2020-02-14 18:35 UTC (permalink / raw)
  To: Stéphane Graber, Eric W. Biederman, Aleksa Sarai, Jann Horn
  Cc: smbarber, Seth Forshee, Alexander Viro, Alexey Dobriyan,
	Serge Hallyn, James Morris, Kees Cook, Jonathan Corbet,
	Phil Estes, linux-kernel, linux-fsdevel, containers,
	linux-security-module, linux-api, Christian Brauner
In-Reply-To: <20200214183554.1133805-1-christian.brauner@ubuntu.com>

Switch posix_acls() to lookup fsids in the fsid mappings. If no fsid
mappings are setup the behavior is unchanged, i.e. fsids are looked up in the
id mappings.

Afaict, all filesystems that share a superblock in all user namespaces
currently do not support acls so this change should be safe to do
unconditionally.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
---
/* v2 */
unchanged
---
 fs/posix_acl.c | 21 +++++++++++----------
 1 file changed, 11 insertions(+), 10 deletions(-)

diff --git a/fs/posix_acl.c b/fs/posix_acl.c
index 249672bf54fe..763bba24f380 100644
--- a/fs/posix_acl.c
+++ b/fs/posix_acl.c
@@ -22,6 +22,7 @@
 #include <linux/xattr.h>
 #include <linux/export.h>
 #include <linux/user_namespace.h>
+#include <linux/fsuidgid.h>
 
 static struct posix_acl **acl_by_type(struct inode *inode, int type)
 {
@@ -692,12 +693,12 @@ static void posix_acl_fix_xattr_userns(
 	for (end = entry + count; entry != end; entry++) {
 		switch(le16_to_cpu(entry->e_tag)) {
 		case ACL_USER:
-			uid = make_kuid(from, le32_to_cpu(entry->e_id));
-			entry->e_id = cpu_to_le32(from_kuid(to, uid));
+			uid = make_kfsuid(from, le32_to_cpu(entry->e_id));
+			entry->e_id = cpu_to_le32(from_kfsuid(to, uid));
 			break;
 		case ACL_GROUP:
-			gid = make_kgid(from, le32_to_cpu(entry->e_id));
-			entry->e_id = cpu_to_le32(from_kgid(to, gid));
+			gid = make_kfsgid(from, le32_to_cpu(entry->e_id));
+			entry->e_id = cpu_to_le32(from_kfsgid(to, gid));
 			break;
 		default:
 			break;
@@ -746,12 +747,12 @@ posix_acl_from_xattr(struct user_namespace *user_ns,
 		return ERR_PTR(-EINVAL);
 	if (count == 0)
 		return NULL;
-	
+
 	acl = posix_acl_alloc(count, GFP_NOFS);
 	if (!acl)
 		return ERR_PTR(-ENOMEM);
 	acl_e = acl->a_entries;
-	
+
 	for (end = entry + count; entry != end; acl_e++, entry++) {
 		acl_e->e_tag  = le16_to_cpu(entry->e_tag);
 		acl_e->e_perm = le16_to_cpu(entry->e_perm);
@@ -765,14 +766,14 @@ posix_acl_from_xattr(struct user_namespace *user_ns,
 
 			case ACL_USER:
 				acl_e->e_uid =
-					make_kuid(user_ns,
+					make_kfsuid(user_ns,
 						  le32_to_cpu(entry->e_id));
 				if (!uid_valid(acl_e->e_uid))
 					goto fail;
 				break;
 			case ACL_GROUP:
 				acl_e->e_gid =
-					make_kgid(user_ns,
+					make_kfsgid(user_ns,
 						  le32_to_cpu(entry->e_id));
 				if (!gid_valid(acl_e->e_gid))
 					goto fail;
@@ -817,11 +818,11 @@ posix_acl_to_xattr(struct user_namespace *user_ns, const struct posix_acl *acl,
 		switch(acl_e->e_tag) {
 		case ACL_USER:
 			ext_entry->e_id =
-				cpu_to_le32(from_kuid(user_ns, acl_e->e_uid));
+				cpu_to_le32(from_kfsuid(user_ns, acl_e->e_uid));
 			break;
 		case ACL_GROUP:
 			ext_entry->e_id =
-				cpu_to_le32(from_kgid(user_ns, acl_e->e_gid));
+				cpu_to_le32(from_kfsgid(user_ns, acl_e->e_gid));
 			break;
 		default:
 			ext_entry->e_id = cpu_to_le32(ACL_UNDEFINED_ID);
-- 
2.25.0


^ permalink raw reply related

* Re: [PATCH 11/35] KVM: s390/mm: Make pages accessible before destroying the guest
From: David Hildenbrand @ 2020-02-14 18:40 UTC (permalink / raw)
  To: Christian Borntraeger, Janosch Frank
  Cc: KVM, Cornelia Huck, Thomas Huth, Ulrich Weigand, Claudio Imbrenda,
	Andrea Arcangeli, linux-s390, Michael Mueller, Vasily Gorbik,
	linux-mm, Andrew Morton
In-Reply-To: <20200207113958.7320-12-borntraeger@de.ibm.com>

On 07.02.20 12:39, Christian Borntraeger wrote:
> Before we destroy the secure configuration, we better make all
> pages accessible again. This also happens during reboot, where we reboot
> into a non-secure guest that then can go again into secure mode. As
> this "new" secure guest will have a new ID we cannot reuse the old page
> state.
> 
> Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
> Reviewed-by: Thomas Huth <thuth@redhat.com>
> Reviewed-by: Cornelia Huck <cohuck@redhat.com>
> ---
>  arch/s390/include/asm/pgtable.h |  1 +
>  arch/s390/kvm/pv.c              |  2 ++
>  arch/s390/mm/gmap.c             | 35 +++++++++++++++++++++++++++++++++
>  3 files changed, 38 insertions(+)
> 
> diff --git a/arch/s390/include/asm/pgtable.h b/arch/s390/include/asm/pgtable.h
> index dbd1453e6924..3e2ea997c334 100644
> --- a/arch/s390/include/asm/pgtable.h
> +++ b/arch/s390/include/asm/pgtable.h
> @@ -1669,6 +1669,7 @@ extern int vmem_remove_mapping(unsigned long start, unsigned long size);
>  extern int s390_enable_sie(void);
>  extern int s390_enable_skey(void);
>  extern void s390_reset_cmma(struct mm_struct *mm);
> +extern void s390_reset_acc(struct mm_struct *mm);
>  
>  /* s390 has a private copy of get unmapped area to deal with cache synonyms */
>  #define HAVE_ARCH_UNMAPPED_AREA
> diff --git a/arch/s390/kvm/pv.c b/arch/s390/kvm/pv.c
> index 4795e61f4e16..392795a92bd9 100644
> --- a/arch/s390/kvm/pv.c
> +++ b/arch/s390/kvm/pv.c
> @@ -66,6 +66,8 @@ int kvm_s390_pv_destroy_vm(struct kvm *kvm)
>  	int rc;
>  	u32 ret;
>  
> +	/* make all pages accessible before destroying the guest */
> +	s390_reset_acc(kvm->mm);
>  	rc = uv_cmd_nodata(kvm_s390_pv_handle(kvm),
>  			   UVC_CMD_DESTROY_SEC_CONF, &ret);
>  	WRITE_ONCE(kvm->arch.gmap->guest_handle, 0);
> diff --git a/arch/s390/mm/gmap.c b/arch/s390/mm/gmap.c
> index 7291452fe5f0..27926a06df32 100644
> --- a/arch/s390/mm/gmap.c
> +++ b/arch/s390/mm/gmap.c
> @@ -2650,3 +2650,38 @@ void s390_reset_cmma(struct mm_struct *mm)
>  	up_write(&mm->mmap_sem);
>  }
>  EXPORT_SYMBOL_GPL(s390_reset_cmma);
> +
> +/*
> + * make inaccessible pages accessible again
> + */
> +static int __s390_reset_acc(pte_t *ptep, unsigned long addr,
> +			    unsigned long next, struct mm_walk *walk)
> +{
> +	pte_t pte = READ_ONCE(*ptep);
> +
> +	if (pte_present(pte))
> +		WARN_ON_ONCE(uv_convert_from_secure(pte_val(pte) & PAGE_MASK));
> +	return 0;
> +}
> +
> +static const struct mm_walk_ops reset_acc_walk_ops = {
> +	.pte_entry		= __s390_reset_acc,
> +};
> +
> +#include <linux/sched/mm.h>
> +void s390_reset_acc(struct mm_struct *mm)
> +{
> +	/*
> +	 * we might be called during
> +	 * reset:                             we walk the pages and clear
> +	 * close of all kvm file descriptors: we walk the pages and clear
> +	 * exit of process on fd closure:     vma already gone, do nothing
> +	 */
> +	if (!mmget_not_zero(mm))
> +		return;
> +	down_read(&mm->mmap_sem);
> +	walk_page_range(mm, 0, TASK_SIZE, &reset_acc_walk_ops, NULL);
> +	up_read(&mm->mmap_sem);
> +	mmput(mm);
> +}
> +EXPORT_SYMBOL_GPL(s390_reset_acc);
> 

Reviewed-by: David Hildenbrand <david@redhat.com>

-- 
Thanks,

David / dhildenb

^ permalink raw reply

* [PATCH v2 22/28] attr: notify_change(): handle fsid mappings
From: Christian Brauner @ 2020-02-14 18:35 UTC (permalink / raw)
  To: Stéphane Graber, Eric W. Biederman, Aleksa Sarai, Jann Horn
  Cc: smbarber, Seth Forshee, Alexander Viro, Alexey Dobriyan,
	Serge Hallyn, James Morris, Kees Cook, Jonathan Corbet,
	Phil Estes, linux-kernel, linux-fsdevel, containers,
	linux-security-module, linux-api, Christian Brauner
In-Reply-To: <20200214183554.1133805-1-christian.brauner@ubuntu.com>

Switch notify_change() to lookup fsids in the fsid mappings. If no fsid
mappings are setup the behavior is unchanged, i.e. fsids are looked up in the
id mappings.

Filesystems that share a superblock in all user namespaces they are mounted in
will retain their old semantics even with the introduction of fsidmappings.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
---
/* v2 */
unchanged
---
 fs/attr.c | 23 +++++++++++++++++------
 1 file changed, 17 insertions(+), 6 deletions(-)

diff --git a/fs/attr.c b/fs/attr.c
index b4bbdbd4c8ca..b3fe9d9582d2 100644
--- a/fs/attr.c
+++ b/fs/attr.c
@@ -17,6 +17,8 @@
 #include <linux/security.h>
 #include <linux/evm.h>
 #include <linux/ima.h>
+#include <linux/fsuidgid.h>
+#include <linux/fs.h>
 
 static bool chown_ok(const struct inode *inode, kuid_t uid)
 {
@@ -310,12 +312,21 @@ int notify_change(struct dentry * dentry, struct iattr * attr, struct inode **de
 	 * Verify that uid/gid changes are valid in the target
 	 * namespace of the superblock.
 	 */
-	if (ia_valid & ATTR_UID &&
-	    !kuid_has_mapping(inode->i_sb->s_user_ns, attr->ia_uid))
-		return -EOVERFLOW;
-	if (ia_valid & ATTR_GID &&
-	    !kgid_has_mapping(inode->i_sb->s_user_ns, attr->ia_gid))
-		return -EOVERFLOW;
+	if (is_userns_visible(inode->i_sb->s_iflags)) {
+		if (ia_valid & ATTR_UID &&
+		    !kuid_has_mapping(inode->i_sb->s_user_ns, attr->ia_uid))
+			return -EOVERFLOW;
+		if (ia_valid & ATTR_GID &&
+		    !kgid_has_mapping(inode->i_sb->s_user_ns, attr->ia_gid))
+			return -EOVERFLOW;
+	} else {
+		if (ia_valid & ATTR_UID &&
+		    !kfsuid_has_mapping(inode->i_sb->s_user_ns, attr->ia_uid))
+			return -EOVERFLOW;
+		if (ia_valid & ATTR_GID &&
+		    !kfsgid_has_mapping(inode->i_sb->s_user_ns, attr->ia_gid))
+			return -EOVERFLOW;
+	}
 
 	/* Don't allow modifications of files with invalid uids or
 	 * gids unless those uids & gids are being made valid.
-- 
2.25.0


^ permalink raw reply related

* [PATCH v2 24/28] commoncap: cap_task_fix_setuid(): handle fsid mappings
From: Christian Brauner @ 2020-02-14 18:35 UTC (permalink / raw)
  To: Stéphane Graber, Eric W. Biederman, Aleksa Sarai, Jann Horn
  Cc: smbarber, Seth Forshee, Alexander Viro, Alexey Dobriyan,
	Serge Hallyn, James Morris, Kees Cook, Jonathan Corbet,
	Phil Estes, linux-kernel, linux-fsdevel, containers,
	linux-security-module, linux-api, Christian Brauner
In-Reply-To: <20200214183554.1133805-1-christian.brauner@ubuntu.com>

Switch cap_task_fix_setuid() to lookup fsids in the fsid mappings. If no fsid
mappings are setup the behavior is unchanged, i.e. fsids are looked up in the
id mappings.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
---
/* v2 */
unchanged
---
 security/commoncap.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/security/commoncap.c b/security/commoncap.c
index 9641695d8383..0581c6aa8bdc 100644
--- a/security/commoncap.c
+++ b/security/commoncap.c
@@ -24,6 +24,7 @@
 #include <linux/user_namespace.h>
 #include <linux/binfmts.h>
 #include <linux/personality.h>
+#include <linux/fsuidgid.h>
 
 /*
  * If a non-root user executes a setuid-root binary in
@@ -1061,7 +1062,7 @@ int cap_task_fix_setuid(struct cred *new, const struct cred *old, int flags)
 		 *          if not, we might be a bit too harsh here.
 		 */
 		if (!issecure(SECURE_NO_SETUID_FIXUP)) {
-			kuid_t root_uid = make_kuid(old->user_ns, 0);
+			kuid_t root_uid = make_kfsuid(old->user_ns, 0);
 			if (uid_eq(old->fsuid, root_uid) && !uid_eq(new->fsuid, root_uid))
 				new->cap_effective =
 					cap_drop_fs_set(new->cap_effective);
-- 
2.25.0


^ permalink raw reply related

* [PATCH v2 28/28] devpts: handle fsid mappings
From: Christian Brauner @ 2020-02-14 18:35 UTC (permalink / raw)
  To: Stéphane Graber, Eric W. Biederman, Aleksa Sarai, Jann Horn
  Cc: smbarber, Seth Forshee, Alexander Viro, Alexey Dobriyan,
	Serge Hallyn, James Morris, Kees Cook, Jonathan Corbet,
	Phil Estes, linux-kernel, linux-fsdevel, containers,
	linux-security-module, linux-api, Christian Brauner
In-Reply-To: <20200214183554.1133805-1-christian.brauner@ubuntu.com>

When a uid or gid mount option is specified with devpts have it lookup the
corresponding kfsids in the fsid mappings. If no fsid mappings are setup the
behavior is unchanged, i.e. fsids are looked up in the id mappings.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
---
/* v2 */
unchanged
---
 fs/devpts/inode.c | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/fs/devpts/inode.c b/fs/devpts/inode.c
index 42e5a766d33c..139958892572 100644
--- a/fs/devpts/inode.c
+++ b/fs/devpts/inode.c
@@ -24,6 +24,7 @@
 #include <linux/parser.h>
 #include <linux/fsnotify.h>
 #include <linux/seq_file.h>
+#include <linux/fsuidgid.h>
 
 #define DEVPTS_DEFAULT_MODE 0600
 /*
@@ -277,7 +278,7 @@ static int parse_mount_options(char *data, int op, struct pts_mount_opts *opts)
 		case Opt_uid:
 			if (match_int(&args[0], &option))
 				return -EINVAL;
-			uid = make_kuid(current_user_ns(), option);
+			uid = make_kfsuid(current_user_ns(), option);
 			if (!uid_valid(uid))
 				return -EINVAL;
 			opts->uid = uid;
@@ -286,7 +287,7 @@ static int parse_mount_options(char *data, int op, struct pts_mount_opts *opts)
 		case Opt_gid:
 			if (match_int(&args[0], &option))
 				return -EINVAL;
-			gid = make_kgid(current_user_ns(), option);
+			gid = make_kfsgid(current_user_ns(), option);
 			if (!gid_valid(gid))
 				return -EINVAL;
 			opts->gid = gid;
@@ -410,7 +411,7 @@ static int devpts_show_options(struct seq_file *seq, struct dentry *root)
 			   from_kuid_munged(&init_user_ns, opts->uid));
 	if (opts->setgid)
 		seq_printf(seq, ",gid=%u",
-			   from_kgid_munged(&init_user_ns, opts->gid));
+			   from_kfsgid_munged(&init_user_ns, opts->gid));
 	seq_printf(seq, ",mode=%03o", opts->mode);
 	seq_printf(seq, ",ptmxmode=%03o", opts->ptmxmode);
 	if (opts->max < NR_UNIX98_PTY_MAX)
-- 
2.25.0


^ permalink raw reply related


This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.