[Devel] [PATCH v2 rh7 2/2] mm/page-writeback: Introduce per-CT dirty memory limit.

. https://jira.sw.ru/browse/PSBM-33841 Signed-off-by: Andrey Ryabinin <aryabi...@virtuozzo.com> --- mm/page-writeback.c | 122 +++- 1 file changed, 121 insertions(+), 1 deletion(-) diff --git a/mm/page-writeback.c b/mm/page-writeback.c index 4

[Devel] [PATCH rh7 2/2] mm/page-writeback: Introduce per-CT dirty memory limit.

This patch adds balance_dirty_pages_ub() which is mostly copy-paste of balance_dirty_pages() from PCS6. balance_dirty_pages_ub() is invoked only for containers. The original balance_dirty_pages() still used for global writeback. https://jira.sw.ru/browse/PSBM-33841 Signed-off-by: Andrey Ryabinin

[Devel] [PATCH rh7 1/2] fs/writeback: prepare for per-CT writeback

Small preparational chages for the next patch: * export writeback_inodes_wb() and add new argument 'struct user_beancounter *ub' * add beancounter pointer to struct wb_writeback_work. * Pass beacounter to __bdi_start_writeback(). https://jira.sw.ru/browse/PSBM-33841 Signed-off-by: Andrey

[Devel] [PATCH rh7] user namespace: don't TAINT the kernel with 'tech preview'

don't TAINT the kernel with 'tech preview' when using user namespaces. Signed-off-by: Andrey Ryabinin <aryabi...@virtuozzo.com> --- kernel/user_namespace.c | 4 1 file changed, 4 deletions(-) diff --git a/kernel/user_namespace.c b/kernel/user_namespace.c index 060a6f7..fe53b77

[Devel] [PATCH rh7] fs/superblock: apply d23da150a37c correctly

It seems that commit d23da150a37c ("fs/superblock: avoid locking counting inodes and dentries before reclaiming them") wasn't applied correctly durring rebase to RHEL 7.2. Fix this up. https://bugs.openvz.org/browse/OVZ-6646 Signed-off-by: Andrey Ryabinin <aryabi...@virtuozzo

Re: [Devel] [PATCH RH7] lib/nlattr: use ve_pr_warn_ratelimited instead pr_warn_ratelimited

On 12/25/2015 03:42 PM, Dmitry Safonov wrote: > > Signed-off-by: Dmitry Safonov @virtuozzo.com ___ Devel mailing list Devel@openvz.org https://lists.openvz.org/mailman/listinfo/devel

[Devel] [PATCH rh7] ipv6/addrlabel: fix ip6addrlbl_get()

-link: http://lkml.kernel.org/g/<1450691685-29413-1-git-send-email-aryabi...@virtuozzo.com> Fixes: 2a8cc6c89039 ("[IPV6] ADDRCONF: Support RFC3484 configurable address selection policy table.") Signed-off-by: Andrey Ryabinin <aryabi...@virtuozzo.com> --- net/ipv6/addr

Re: [Devel] [PATCH] kernel: check the JOBCTL_TRAPPING_BIT bit correctly

On 12/10/2015 07:06 PM, Andrew Vagin wrote: > #define JOBCTL_TRAPPING_BIT 21 /* switching to TRACED */ > #define JOBCTL_TRAPPING (1 << JOBCTL_TRAPPING_BIT) > > https://jira.sw.ru/browse/PSBM-42052 Fucked-up-by: Andrey Ryabinin <aryabi...@virtuozzo.com>

Re: [Devel] [PATCH rh7 v2] tcache: fix use-after-free in tcache_invalidate_node_pages()

On 12/09/2015 12:55 PM, Vladimir Davydov wrote: >> +/* >> + * Restart iteration over the radix tree, because the >> + * current node could have been freed when we dropped >> + * the lock. >> + */

[Devel] [PATCH rh7 v2] tcache: fix use-after-free in tcache_invalidate_node_pages()

eed to resched the task. https://jira.sw.ru/browse/PSBM-42104 Signed-off-by: Andrey Ryabinin <aryabi...@virtuozzo.com> --- mm/tcache.c | 23 +++ 1 file changed, 15 insertions(+), 8 deletions(-) diff --git a/mm/tcache.c b/mm/tcache.c index b8757cf..a09ae49 100644

[Devel] [PATCH rh7 v4] tcache: fix use-after-free in tcache_invalidate_node_pages()

eed to resched the task. https://jira.sw.ru/browse/PSBM-42104 Signed-off-by: Andrey Ryabinin <aryabi...@virtuozzo.com> --- mm/tcache.c | 28 ++-- 1 file changed, 18 insertions(+), 10 deletions(-) diff --git a/mm/tcache.c b/mm/tcache.c index b8757cf..9bf7564 100644

[Devel] [PATCH rh7] tcache: fix use-after-free in tcache_invalidate_node_pages()

tcache_invalidate_node_pages() temporarly drops/takes back node->tree_lock. Once lock was dropped, another thread might remove and free the next slot. Don't drop the looks. https://jira.sw.ru/browse/PSBM-42104 Signed-off-by: Andrey Ryabinin <aryabi...@virtuozzo.com> --- mm/tcac

[Devel] [PATCH rh7] fs: drop useless d_root_check()

pre-mount namespace days, we don't need it today. https://jira.sw.ru/browse/PSBM-41919 Signed-off-by: Andrey Ryabinin <aryabi...@virtuozzo.com> --- fs/dcache.c| 53 -- fs/proc/base.c | 31 + f

Re: [Devel] [PATCH rh7] net: avoid reference counter overflows on fib_rules in multicast forwarding

<da...@davemloft.net> > Signed-off-by: Stanislav Kinsburskiy <skinsbur...@odin.com> > --- > net/ipv4/ipmr.c |7 +-- > net/ipv6/ip6mr.c |7 +-- > 2 files changed, 10 insertions(+), 4 deletions(-) > What about dn_fib_lookup()? Do we need a similar patch

[Devel] [PATCH rh7] mm, ve: allow container's root to to ignore mlock limit

Global root is allowed to exceed memlock limit, so this should be allowed for container's root too. capable() works only for global root, so use ve_capable() instead. Signed-off-by: Andrey Ryabinin <aryabi...@virtuozzo.com> --- mm/mlock.c | 8 mm/mmap.c | 6 +++--- mm/mremap

Re: [Devel] [PATCH rh7] mm, ve: allow container's root to to ignore mlock limit

On 11/23/2015 12:51 PM, Andrey Ryabinin wrote: > Global root is allowed to exceed memlock limit, so this should be > allowed for container's root too. > capable() works only for global root, so use ve_capable() instead. > https://jira.sw.ru/browse/PSBM-41405 > Signed-off-by:

Re: [Devel] [PATCH rh7] fib_rules: mark default fib reles as BLACK

On 11/23/2015 03:47 PM, Stanislav Kinsburskiy wrote: > This patch fixed flase positive, reported by KASan. > s/flase/false s/KASan/kmemleak > https://jira.sw.ru/browse/PSBM-41453 > > Signed-off-by: Stanislav Kinsburskiy > --- > net/core/fib_rules.c |4 > 1

Re: [Devel] [PATCH rh7] fib_rules: mark default fib reles as BLACK

On 11/23/2015 06:46 PM, Stanislav Kinsburskiу wrote: > +1 > I'm curious, why network namespace is not reported as leaked... > >> >>> 3) This object holds network namespace. And it also have to be leaked >>> leaked after CT stop. Is it? Why do you think it leaked? How the rule could hold the

Re: [Devel] [PATCH rh7] fib_rules: mark default fib reles as BLACK

On 11/23/2015 06:09 PM, Stanislav Kinsburskiy wrote: > > > 23.11.2015 14:49, Andrey Ryabinin пишет: >> On 11/23/2015 03:47 PM, Stanislav Kinsburskiy wrote: >>> This patch fixed flase positive, reported by KASan. >>> >> s/flase/false >> s/KASan/k

Re: [Devel] [PATCH rh7] fib_rules: mark default fib reles as BLACK

On 11/23/2015 07:04 PM, Stanislav Kinsburskiy wrote: > > > 23.11.2015 16:53, Andrey Ryabinin пишет: >> >> On 11/23/2015 06:46 PM, Stanislav Kinsburskiу wrote: >> >>> +1 >>> I'm curious, why network namespace is not reported as leaked... >

[Devel] [PATCH rh7 2/3] cfq-iosched: fix async oom queue handling

ns Axboe <ax...@fb.com> https://jira.sw.ru/browse/PSBM-41334 (cherry picked from commit 95e5d6f62693f27d9011ec307eb32c6126314ea3) Signed-off-by: Andrey Ryabinin <aryabi...@virtuozzo.com> --- block/cfq-iosched.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/block

[Devel] [PATCH rh7 3/3] cfq-iosched: fix oom cfq_queue ref leak in cfq_set_request()

.com> Cc: Vivek Goyal <vgo...@redhat.com> Cc: Arianna Avanzini <avanzini.aria...@gmail.com> Signed-off-by: Jens Axboe <ax...@fb.com> https://jira.sw.ru/browse/PSBM-41334 (cherry picked from commit bce6133b09013f70d41a678d262a12147ed43889) Signed-off-by: Andrey Ryabinin <

[Devel] [PATCH rh7 1/3] cfq-iosched: simplify control flow in cfq_get_queue()

jira.sw.ru/browse/PSBM-41334 (cherry picked from commit 4ebc1c61d6185604c97fd0b0355ab668052044ab) Signed-off-by: Andrey Ryabinin <aryabi...@virtuozzo.com> --- block/cfq-iosched.c | 13 +++-- 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/block/cfq-iosched.c b/block/cfq-i

[Devel] [PATCH rh7] kernel/freezer: don't freeze stopped & about to be ptraced task

is the only place which sets that bit iff task_is_stopped(), thus TRAPPING_BIT is clear indication that ptrace_attach waits for clearing that bit => we shouldn't freeze. https://jira.sw.ru/browse/PSBM-40683 Signed-off-by: Andrey Ryabinin <aryabi...@virtuozzo.com> --- kernel/freezer.c | 3

[Devel] [PATCH rh7 v2 2/2] kasan: fix kmemleak false-positive in kasan_module_alloc()

his memory doesn't contain any pointers. https://jira.sw.ru/browse/PSBM-41328 Signed-off-by: Andrey Ryabinin <aryabi...@virtuozzo.com> --- Changes since v1: - Use kmemleak_ignore() instead of kmemleak_not_leak(), since shadow memory doesn't contain any pointers mm/kasan/kasan.c | 2 ++

[Devel] [PATCH rh7 v2 1/2] include/linux/kmemleak.h: needs slab.h

<a...@linux-foundation.org> Signed-off-by: Linus Torvalds <torva...@linux-foundation.org> (cherry picked from commit 66f2ca7e3f59312888131546176b42d6e248558a) Signed-off-by: Andrey Ryabinin <aryabi...@virtuozzo.com> --- include/linux/kmemleak.h | 2 ++ 1 file changed, 2 insertions(

Re: [Devel] [PATCH rh7] signal/ve: allow to send signal from another ve namespace

On 11/18/2015 04:09 PM, Cyrill Gorcunov wrote: > On Wed, Nov 18, 2015 at 03:49:57PM +0300, Konstantin Khorenko wrote: >> And do we need the following patch after sig_ve_ignored() is removed? >> >> >> commit 5bd842976fb9d014452287bdadc9d592aabe688b >> Author: Cyrill Gorcunov

Re: [Devel] [PATCH rh7] signal/ve: allow to send signal from another ve namespace

On 11/18/2015 04:18 PM, Cyrill Gorcunov wrote: > On Wed, Nov 18, 2015 at 04:16:32PM +0300, Andrey Ryabinin wrote: >> On 11/18/2015 04:09 PM, Cyrill Gorcunov wrote: >>> On Wed, Nov 18, 2015 at 03:49:57PM +0300, Konstantin Khorenko wrote: >>>> And do we need the follow

[Devel] [PATCH rh7 1/2] include/linux/kmemleak.h: needs slab.h

<a...@linux-foundation.org> Signed-off-by: Linus Torvalds <torva...@linux-foundation.org> (cherry picked from commit 66f2ca7e3f59312888131546176b42d6e248558a) Signed-off-by: Andrey Ryabinin <aryabi...@virtuozzo.com> --- include/linux/kmemleak.h | 2 ++ 1 file changed, 2 insertions(

[Devel] [PATCH rh7 2/2] kasan: fix kmemleak false-positive in kasan_module_alloc()

PSBM-41328 Signed-off-by: Andrey Ryabinin <aryabi...@virtuozzo.com> --- mm/kasan/kasan.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/mm/kasan/kasan.c b/mm/kasan/kasan.c index d6798bc..8853b7e 100644 --- a/mm/kasan/kasan.c +++ b/mm/kasan/kasan.c @@ -19,6 +19,7 @@ #include #in

[Devel] [PATCH rh7 0/8] Fix get_wchan() & Silence KASAN warnings in it.

-checks-from-READ-WRITE-_ONCE.patch 0005-x86-process-Add-proper-bound-checks-in-64bit-get_wch.patch 0006-x86-process-Unify-32bit-and-64bit-implementations-of.patch 0007-compiler-atomics-kasan-Provide-READ_ONCE_NOCHECK.patch 0008-x86-mm-kasan-Silence-KASAN-warnings-in-get_wchan.patch Andrey

[Devel] [PATCH rh7 1/8] x86/asm/entry: Create and use a 'TOP_OF_KERNEL_STACK_PADDING' macro

. ] Signed-off-by: Ingo Molnar <mi...@kernel.org> (cherry picked from commit 3ee4298f440c81638cbb5ec06f2497fb7a9a9eb4) Signed-off-by: Andrey Ryabinin <aryabi...@virtuozzo.com> --- arch/x86/include/asm/processor.h | 3 ++- arch/x86/include/asm/thread_info.h | 27

[Devel] [PATCH rh7 7/8] compiler, atomics, kasan: Provide READ_ONCE_NOCHECK()

not be applied to that function. We declare it as static '__maybe_unsed' because GCC is not capable to inline such function: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=67368 With KASAN=n READ_ONCE_NOCHECK() is just a clone of READ_ONCE(). Signed-off-by: Andrey Ryabinin <aryabi...@virtuozzo.com&

[Devel] [PATCH rh7 8/8] x86/mm, kasan: Silence KASAN warnings in get_wchan()

get_wchan() is racy by design, it may access volatile stack of running task, thus it may access redzone in a stack frame and cause KASAN to warn about this. Use READ_ONCE_NOCHECK() to silence these warnings. Reported-by: Sasha Levin <sasha.le...@oracle.com> Signed-off-by: Andrey Ryabinin &

[Devel] [PATCH rh7 3/8] kernel: make READ_ONCE() valid on const arguments

herry picked from commit dd36929720f40f17685e841ae0d4c581c165ea60) Signed-off-by: Andrey Ryabinin <aryabi...@virtuozzo.com> --- include/linux/compiler.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/include/linux/compiler.h b/include/linux/compiler.h index 0737107..39fe1dc 100644 --- a/include/linux/

[Devel] [PATCH rh7 4/8] locking: Remove atomicy checks from {READ, WRITE}_ONCE

l...@linux.vnet.ibm.com> Cc: Stephen Rothwell <s...@canb.auug.org.au> Cc: Thomas Gleixner <t...@linutronix.de> Signed-off-by: Ingo Molnar <mi...@kernel.org> (cherry picked from commit 7bd3e239d6c6d1cad276e8f130b386df4234dcd7) Signed-off-by: Andrey Ryabinin <aryabi...@virtu

[Devel] [PATCH rh7 6/8] x86/process: Unify 32bit and 64bit implementations of get_wchan()

ix.de Signed-off-by: Thomas Gleixner <t...@linutronix.de> (cherry picked from commit 7ba78053aacb89998a052843e3c56983c31d57f0) Signed-off-by: Andrey Ryabinin <aryabi...@virtuozzo.com> --- arch/x86/kernel/process.c| 55 +++ arch/x86/kernel/process_32.c | 28 --

[Devel] [PATCH rh7 5/8] x86/process: Add proper bound checks in 64bit get_wchan()

i-muenchen.de> Signed-off-by: Thomas Gleixner <t...@linutronix.de> Reviewed-by: Borislav Petkov <b...@alien8.de> Reviewed-by: Dmitry Vyukov <dvyu...@google.com> Cc: Andrey Ryabinin <ryabinin@gmail.com> Cc: Andy Lutomirski <l...@amacapital.net> Cc: Andrey Kono

[Devel] [PATCH rh7 2/8] kernel: Provide READ_ONCE and ASSIGN_ONCE

;borntrae...@de.ibm.com> (cherry picked from commit 230fa253df6352af12ad0a16128760b5cb3f92df) Signed-off-by: Andrey Ryabinin <aryabi...@virtuozzo.com> --- include/linux/compiler.h | 74 1 file changed, 74 insertions(+) diff --git a/include/linux/co

Re: [Devel] [PATCH rh7] signal/ve: allow to send signal from another ve namespace

On 11/12/2015 08:07 PM, Stanislav Kinsburskiу wrote: > > 12 нояб. 2015 г. 17:51 пользователь Andrey Wagin написал: >> >> >> >> [root@fc22-vm ~]# unshare --fork -p >> [root@fc22-vm ~]# kill -9 1 >> [root@fc22-vm ~]# kill -9 1 >> [root@fc22-vm ~]# kill -9 1 >> [root@fc22-vm

[Devel] [PATCH rh7] signal/ve: allow to send signal from another ve namespace

. https://jira.sw.ru/browse/PSBM-40896 Signed-off-by: Andrey Ryabinin <aryabi...@virtuozzo.com> --- include/linux/ve_proto.h | 3 --- kernel/signal.c | 27 ++- 2 files changed, 2 insertions(+), 28 deletions(-) diff --git a/include/linux/ve_proto.h b/i

Re: [Devel] [PATCH rh7] signal/ve: allow to send signal from another ve namespace

On 11/12/2015 05:59 PM, Stanislav Kinsburskiy wrote: > > 12.11.2015 15:53, Andrey Wagin пишет: >> 2015-11-12 17:46 GMT+03:00 Stanislav Kinsburskiу <skinsbur...@odin.com>: >>> 12 нояб. 2015 г. 15:14 пользователь Andrey Ryabinin >>> <aryabi...@virtuozz

Re: [Devel] [PATCH rh7] signal/ve: allow to send signal from another ve namespace

On 11/12/2015 07:08 PM, Stanislav Kinsburskiy wrote: > > > 12.11.2015 16:47, Andrey Ryabinin пишет: >> On 11/12/2015 05:59 PM, Stanislav Kinsburskiy wrote: >>> 12.11.2015 15:53, Andrey Wagin пишет: >>>> 2015-11-12 17:46 GMT+03:00 Stanislav Kinsburskiу &

[Devel] [PATCH rh7 v2 1/2] ve: introduce ve_init_user_ns() helper

Add new helper ve_init_user_ns() which returns initial namespace for current ve, and use it in do_new_mount() https://jira.sw.ru/browse/PSBM-41075 Signed-off-by: Andrey Ryabinin <aryabi...@virtuozzo.com> --- fs/namespace.c | 8 +--- include/linux/ve.h | 9 + kernel/v

[Devel] [PATCH rh7 v2 2/2] fuse: allow to mount fuse filesystems inside CT

Currently mounting fuse fs inside CT fails because we don't pass (file->f_cred->user_ns != _user_ns) check. Test file's namespace against VE's init_cred->user_ns instead. This allows to use fuse inside containers. https://jira.sw.ru/browse/PSBM-41075 Signed-off-by: Andrey Ryabini

Re: [Devel] [PATCH rh7] fuse: allow to mount fuse filesystems inside CT

On 11/10/2015 05:52 PM, Stanislav Kinsburskiy wrote: >> goto err; >> +if (get_exec_env()->init_cred) >> +root_user_ns = get_exec_env()->init_cred->user_ns; >> +else >> +root_user_ns = _user_ns; >> + > > We have some helper for this, if I'm not mistaken. >

[Devel] [PATCH rh7 2/2] ixgbe: fix use of list_for_each in ixgbe_enumerate_functions

herry picked from commit 8818970d8d361e358dd61e5d5774e67794cde791) Signed-off-by: Andrey Ryabinin <aryabi...@virtuozzo.com> --- drivers/net/ethernet/intel/ixgbe/ixgbe_main.c | 17 +++-- 1 file changed, 7 insertions(+), 10 deletions(-) diff --git a/drivers/net/ethernet/intel/ixgbe/ixgbe_

[Devel] [PATCH rh7 1/2] ixgbe: cleanup ixgbe_enumerate_functions

herry picked from commit f1f965793b2bb8a75067e94acbe886a61637cab8) Signed-off-by: Andrey Ryabinin <aryabi...@virtuozzo.com> --- drivers/net/ethernet/intel/ixgbe/ixgbe_main.c | 13 + 1 file changed, 5 insertions(+), 8 deletions(-) diff --git a/drivers/net/ethernet/intel/ixgbe/ixgbe_main.c b/drivers/net/eth

[Devel] [PATCH rh7] fuse: allow to mount fuse filesystems inside CT

Currently mounting fuse fs inside CT fails because we don't pass (file->f_cred->user_ns != _user_ns) check. Test file's namespace against VE's init_cred->user_ns instead. This allows to use fuse inside containers. https://jira.sw.ru/browse/PSBM-41075 Signed-off-by: Andrey Ryabini

[Devel] [PATCH rh7] mm, oom: print information about ve of killed task

dmesg |grep Killed Before: Killed process 14892 (trinity-c271) total-vm:97920kB, anon-rss:2508kB, file-rss:1060kB After: Killed process 14892 (trinity-c271) in ve 4 total-vm:97920kB, anon-rss:2508kB, file-rss:1060kB https://jira.sw.ru/browse/PSBM-40610 Signed-off-by: Andrey

[Devel] [PATCH rh7 2/2] lockd: create NSM handles per net namespace

erent net namespaces will not be able share the same nsm_handle. Signed-off-by: Andrey Ryabinin <aryabi...@virtuozzo.com> Signed-off-by: J. Bruce Fields <bfie...@redhat.com> https://jira.sw.ru/browse/PSBM-39721 Signed-off-by: Andrey Ryabinin <aryabi...@virtuozzo.com>

[Devel] [PATCH rh7 1/2] SUNRPC: NULL utsname dereference on NFS umount during namespace cleanup

issue] Signed-off-by: Andrey Ryabinin <aryabi...@virtuozzo.com> --- fs/lockd/mon.c | 13 + include/linux/sunrpc/clnt.h | 3 ++- net/sunrpc/clnt.c | 12 +++- net/sunrpc/rpcb_clnt.c | 8 ++-- 4 files changed, 24 insertions(+), 12 deletions(-) diff

[Devel] [PATCH] mm/page-writeback.c: fix divide by zero in bdi_dirty_limits()

..@intel.com> Cc: Johannes Weiner <han...@cmpxchg.org> Signed-off-by: Andrew Morton <a...@linux-foundation.org> Signed-off-by: Linus Torvalds <torva...@linux-foundation.org> Fixes: https://jira.sw.ru/browse/PSBM-40116 Signed-off-by: Andrey Ryabinin <aryabi...@virtuozzo.co

[Devel] [PATCH rh7 v2] mm/page-writeback.c: fix divide by zero in bdi_dirty_limits()

motoh...@jp.fujitsu.com> Cc: Wu Fengguang <fengguang...@intel.com> Cc: Johannes Weiner <han...@cmpxchg.org> Signed-off-by: Andrew Morton <a...@linux-foundation.org> Signed-off-by: Linus Torvalds <torva...@linux-foundation.org> Fixes: https://jira.sw.ru/browse/PSBM-40116 S

Re: [Devel] [PATCH rh7] SUNRPC: NULL utsname dereference on NFS umount during namespace cleanup

On 09/17/2015 10:46 AM, Andrey Ryabinin wrote: > From: Trond Myklebust <trond.mykleb...@primarydata.com> > > commit 03a9a42a1a7e5b3e7919ddfacc1d1cc81882a955 upstream. > > Fix an Oopsable condition when nsm_mon_unmon is called as part of the > namespace cleanup, whic

[Devel] [PATCH rh7] SUNRPC: NULL utsname dereference on NFS umount during namespace cleanup

issue] Signed-off-by: Andrey Ryabinin <aryabi...@virtuozzo.com> --- fs/lockd/mon.c | 13 + include/linux/sunrpc/clnt.h | 3 ++- net/sunrpc/clnt.c | 12 +++- net/sunrpc/rpcb_clnt.c | 8 ++-- 4 files changed, 24 insertions(+), 12 deletions(-) diff

Re: [Devel] [PATCH 2/4] mm, slub, kasan: enable user tracking by default.

On 09/07/2015 04:56 PM, Vladimir Davydov wrote: > On Fri, Sep 04, 2015 at 05:06:14PM +0300, Andrey Ryabinin wrote: > ... >> @@ -457,6 +457,8 @@ static void get_map(struct kmem_cache *s, struct page >> *page, unsigned long *map) >> */ >> #ifdef CONFIG_SLUB_DEBU

Re: [Devel] [PATCH 3/4] kasan: always taint kernel on report.

On 09/07/2015 04:59 PM, Vladimir Davydov wrote: > On Fri, Sep 04, 2015 at 05:06:15PM +0300, Andrey Ryabinin wrote: > ... >> diff --git a/mm/kasan/report.c b/mm/kasan/report.c >> index ad69bac..17af572 100644 >> --- a/mm/kasan/report.c >> +++ b/mm/kasan/report.c >

[Devel] [PATCH] kexec, kasan: increase KEXEC_AUTO_RESERVED_SIZE under CONFIG_KASAN=y

CONFIG_KASAN=y significantly increases kernel's memory usage. 160Mb for crash kernel is not enough. Increase it up to 196Mb. https://jira.sw.ru/browse/PSBM-39339 Signed-off-by: Andrey Ryabinin <aryabi...@odin.com> --- include/asm-generic/kexec.h | 4 1 file changed, 4 insertions(+)

[Devel] [PATCH 3/4] kasan: always taint kernel on report.

This is usefull for automated testing. https://jira.sw.ru/browse/PSBM-39339 Signed-off-by: Andrey Ryabinin <aryabi...@odin.com> --- mm/kasan/report.c | 1 + 1 file changed, 1 insertion(+) diff --git a/mm/kasan/report.c b/mm/kasan/report.c index ad69bac..17af572 100644 --- a/mm/kasan/re

[Devel] [PATCH 2/4] mm, slub, kasan: enable user tracking by default.

. So we should enable this by default. https://jira.sw.ru/browse/PSBM-39339 Signed-off-by: Andrey Ryabinin <aryabi...@odin.com> --- Documentation/kasan.txt | 3 +-- mm/slub.c | 2 ++ 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/Documentation/kasan

[Devel] [PATCH 1/4] kasan: update reported bug types for not user nor kernel memory accesses

value. https://jira.sw.ru/browse/PSBM-39339 Signed-off-by: Andrey Konovalov <andreyk...@google.com> Signed-off-by: Andrey Ryabinin <aryabi...@odin.com> --- mm/kasan/kasan.c | 8 +--- mm/kasan/kasan.h | 3 --- mm/kasan/report.c | 45 +++-- 3

[Devel] [PATCH 4/4] kasan: introduce single-shot mode and enable it by default

'kasan_print_till_death' boot option. https://jira.sw.ru/browse/PSBM-39339 Signed-off-by: Andrey Ryabinin <aryabi...@odin.com> --- mm/kasan/report.c | 14 ++ 1 file changed, 14 insertions(+) diff --git a/mm/kasan/report.c b/mm/kasan/report.c index 17af572..515ab38 100644 --- a/mm

[Devel] [PATCH rh7] crypto/ghash-intel: specify context size for ghash async algorithm

Currently context size (cra_ctxsize) doesn't specified for ghash_async_alg. Which means it's zero. Thus crypto_create_tfm() doesn't allocate needed space for ghash_async_ctx, so any read/write to ctx becomes invalid. https://jira.sw.ru/browse/PSBM-38669 Signed-off-by: Andrey Ryabinin aryabi

[Devel] [PATCH rh7] kernel/kmod: fix out-of-bounds access in call_modprobe()

Commit 18f83b2460e2 (ve/kmod: Port autoloading from CT) extended argv array for one more element, however it wasn't extended on allocation site. https://jira.sw.ru/browse/PSBM-38666 Fixes: 18f83b2460e2 (ve/kmod: Port autoloading from CT) Signed-off-by: Andrey Ryabinin aryabi...@odin.com Cc

[Devel] [PATCH 00/39] KASAN backport.

-initialized.patch Alexander Popov (1): x86/kasan: Fix KASAN shadow region page tables Andrew Morton (1): MODULE_DEVICE_TABLE: fix some callsites Andrey Ryabinin (30): lib/idr.c: fix out-of-bounds pointer dereference mm: move slab related stuff from util.c to slab_common.c mm: slub

[Devel] [PATCH 01/39] kernel: use the gnu89 standard explicitly

-off-by: Sasha Levin sasha.le...@oracle.com Singed-off-by: Kirill A. Shutemov kirill.shute...@linux.intel.com Signed-off-by: Linus Torvalds torva...@linux-foundation.org Signed-off-by: Andrey Ryabinin aryabi...@odin.com --- Makefile | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff

[Devel] [PATCH 02/39] compiler-gcc: integrate the various compiler-gcc[345].h files

: Alan Modra amo...@gmail.com Signed-off-by: Andrew Morton a...@linux-foundation.org Signed-off-by: Linus Torvalds torva...@linux-foundation.org Signed-off-by: Andrey Ryabinin aryabi...@odin.com --- include/linux/compiler-gcc.h | 120 -- include/linux/compiler

[Devel] [PATCH 03/39] sched/numa: Fix initialization of sched_domain_topology for NUMA

://lkml.kernel.org/r/1399972261-25693-1-git-send-email-vincent.guit...@linaro.org Signed-off-by: Ingo Molnar mi...@kernel.org Signed-off-by: Andrey Ryabinin aryabi...@odin.com --- kernel/sched/core.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/kernel/sched/core.c b/kernel/sched/core.c

[Devel] [PATCH 04/39] lib/idr.c: fix out-of-bounds pointer dereference

From: Andrey Ryabinin a.ryabi...@samsung.com commit 93b7aca35dd7bf0c3ba7ea0542b556bcfdb28e76 upstream. I'm working on address sanitizer project for kernel. Recently we started experiments with stack instrumentation, to detect out-of-bounds read/write bugs on stack. Just after booting I've hit

[Devel] [PATCH 05/39] mm/vmalloc: use wrapper function get_vm_area_size to caculate size of vm area

: Jiri Kosina jkos...@suse.cz Cc: Wanpeng Li liw...@linux.vnet.ibm.com Signed-off-by: Andrew Morton a...@linux-foundation.org Signed-off-by: Linus Torvalds torva...@linux-foundation.org Signed-off-by: Andrey Ryabinin aryabi...@odin.com --- mm/vmalloc.c | 12 ++-- 1 file changed, 6 insertions

[Devel] [PATCH 06/39] mm/arch: use NUMA_NO_NODE

a...@linux-foundation.org Signed-off-by: Linus Torvalds torva...@linux-foundation.org Signed-off-by: Andrey Ryabinin aryabi...@odin.com --- arch/arm/kernel/module.c| 2 +- arch/arm64/kernel/module.c | 2 +- arch/parisc/kernel/module.c | 2 +- arch/s390/kernel/module.c | 2 +- arch/sparc

[Devel] [PATCH 08/39] mm: move slab related stuff from util.c to slab_common.c

From: Andrey Ryabinin a.ryabi...@samsung.com commit 928cec9cd6db53a68f54bc9ef1c54c674ba1c6bb upstream. Functions krealloc(), __krealloc(), kzfree() belongs to slab API, so should be placed in slab_common.c Also move slab allocator's tracepoints defenitions to slab_common.c No functional changes

[Devel] [PATCH 07/39] MIPS: Use NUMA_NO_NODE instead of -1 for node ID.

From: Ralf Baechle r...@linux-mips.org commit 761845f0f68cf6eba9cad0a58d977b89f8d4486f upstream. Original patch by Jianguo Wu wujian...@huawei.com. Signed-off-by: Ralf Baechle r...@linux-mips.org Signed-off-by: Andrey Ryabinin aryabi...@odin.com --- arch/mips/kernel/module.c | 3 ++- 1 file

[Devel] [PATCH 11/39] compiler: introduce __alias(symbol) shortcut

From: Andrey Ryabinin a.ryabi...@samsung.com commit cb4188ac8e5779f66b9f55888ac2c75b391cde44 upstream. To be consistent with other compiler attributes introduce __alias(symbol) macro expanding into __attribute__((alias(#symbol))) Signed-off-by: Andrey Ryabinin a.ryabi...@samsung.com Cc: Dmitry

[Devel] [PATCH 12/39] kasan: add kernel address sanitizer infrastructure

From: Andrey Ryabinin a.ryabi...@samsung.com commit 0b24becc810dc3be6e3f94103a866f214c282394 upstream. Kernel Address sanitizer (KASan) is a dynamic memory error detector. It provides fast and comprehensive solution for finding use-after-free and out-of-bounds bugs. KASAN uses compile-time

[Devel] [PATCH 13/39] kasan: disable memory hotplug

From: Andrey Ryabinin a.ryabi...@samsung.com commit 786a8959912eb94fc2381c2ae487a96ce55dabca upstream. Currently memory hotplug won't work with KASan. As we don't have shadow for hotplugged memory, kernel will crash on the first access to it. To make this work we will need to allocate shadow

[Devel] [PATCH 14/39] x86_64: add KASan support

From: Andrey Ryabinin a.ryabi...@samsung.com commit ef7f0d6a6ca8c9e4b27d78895af86c2fbfaeedb2 upstream. This patch adds arch specific code for kernel address sanitizer. 16TB of virtual addressed used for shadow memory. It's located in range [ec00 - fc00] between vmemmap

[Devel] [PATCH 15/39] mm: page_alloc: add kasan hooks on alloc and free paths

From: Andrey Ryabinin a.ryabi...@samsung.com commit b8c73fc2493d42517be95cf2c89659fc6c6f4d02 upstream. Add kernel address sanitizer hooks to mark allocated page's addresses as accessible in corresponding shadow region. Mark freed pages as inaccessible. Signed-off-by: Andrey Ryabinin a.ryabi

[Devel] [PATCH 16/39] mm: slub: introduce virt_to_obj function

From: Andrey Ryabinin a.ryabi...@samsung.com commit 912f5fbf1d3060f25d6994aed0265c55b974b2e9 upstream. virt_to_obj takes kmem_cache address, address of slab page, address x pointing somewhere inside slab object, and returns address of the beginning of object. Signed-off-by: Andrey Ryabinin

[Devel] [PATCH 17/39] mm: slub: share object_err function

From: Andrey Ryabinin a.ryabi...@samsung.com commit 75c66def8d815201aa0386ecc7c66a5c8dbca1ee upstream. Remove static and add function declarations to linux/slub_def.h so it could be used by kernel address sanitizer. Signed-off-by: Andrey Ryabinin a.ryabi...@samsung.com Cc: Dmitry Vyukov dvyu

[Devel] [PATCH 18/39] mm: slub: introduce metadata_access_enable()/metadata_access_disable()

From: Andrey Ryabinin a.ryabi...@samsung.com commit a79316c6178ca419e35feef47d47f50b4e0ee9f2 upstream. It's ok for slub to access memory that marked by kasan as inaccessible (object's metadata). Kasan shouldn't print report in that case because these accesses are valid. Disabling

[Devel] [PATCH 19/39] mm: slub: add kernel address sanitizer support for slub allocator

From: Andrey Ryabinin a.ryabi...@samsung.com commit 0316bec22ec95ea2faca6406437b0b5950553b7c upstream. With this patch kasan will be able to catch bugs in memory allocated by slub. Initially all objects in newly allocated slab page, marked as redzone. Later, when allocation of slub object

[Devel] [PATCH 20/39] fs: dcache: manually unpoison dname after allocation to shut up kasan's reports

From: Andrey Ryabinin a.ryabi...@samsung.com commit df4c0e36f1b1782b0611a77c52cc240e5c4752dd upstream. We need to manually unpoison rounded up allocation size for dname to avoid kasan's reports in dentry_string_cmp(). When CONFIG_DCACHE_WORD_ACCESS=y dentry_string_cmp may access few bytes

[Devel] [PATCH 21/39] kmemleak: disable kasan instrumentation for kmemleak

From: Andrey Ryabinin a.ryabi...@samsung.com commit e79ed2f13faab8fc9d4ad76d5f5a241724e45836 upstream. kmalloc internally round up allocation size, and kmemleak uses rounded up size as object's size. This makes kasan to complain while kmemleak scans memory or calculates of object's checksum

[Devel] [PATCH 22/39] lib: add kasan test module

From: Andrey Ryabinin a.ryabi...@samsung.com commit 3f15801cdc2379ca4bf507f48bffd788f9e508ae upstream. This is a test module doing various nasty things like out of bounds accesses, use after free. It is useful for testing kernel debugging features like kernel address sanitizer. It mostly

[Devel] [PATCH 24/39] kasan: enable stack instrumentation

From: Andrey Ryabinin a.ryabi...@samsung.com commit c420f167db8c799d69fe43a801c58a7f02e9d57c upstream. Stack instrumentation allows to detect out of bounds memory accesses for variables allocated on stack. Compiler adds redzones around every variable on stack and poisons redzones in function's

[Devel] [PATCH 25/39] mm: vmalloc: add flag preventing guard hole allocation

From: Andrey Ryabinin a.ryabi...@samsung.com commit 71394fe50146202f2c8d92cf50f5ebc761acf254 upstream. For instrumenting global variables KASan will shadow memory backing memory for modules. So on module loading we will need to allocate memory for shadow and map it at address in shadow

[Devel] [PATCH 26/39] mm: vmalloc: pass additional vm_flags to __vmalloc_node_range()

From: Andrey Ryabinin a.ryabi...@samsung.com commit cb9e3c292d0115499c660028ad35ac5501d722b5 upstream. For instrumenting global variables KASan will shadow memory backing memory for modules. So on module loading we will need to allocate memory for shadow and map it at address in shadow

[Devel] [PATCH 27/39] kernel: add support for .init_array.* constructors

From: Andrey Ryabinin a.ryabi...@samsung.com commit 9ddf82521c86ae07af79dbe5a93c52890f2bab23 upstream. KASan uses constructors for initializing redzones for global variables. Globals instrumentation in GCC 4.9.2 produces constructors with priority (.init_array.00099) Currently kernel ignores

[Devel] [PATCH 28/39] module: fix types of device tables aliases

From: Andrey Ryabinin a.ryabi...@samsung.com commit 6301939d97d079f0d3dbe71e750f4daf5d39fc33 upstream. MODULE_DEVICE_TABLE() macro used to create aliases to device tables. Normally alias should have the same type as aliased symbol. Device tables are arrays, so they have 'struct type##_device_id

[Devel] [PATCH 29/39] kasan: enable instrumentation of global variables

From: Andrey Ryabinin a.ryabi...@samsung.com commit bebf56a1b176c2e1c9efe44e7e6915532cc682cf upstream. This feature let us to detect accesses out of bounds of global variables. This will work as for globals in kernel image, so for globals in modules. Currently this won't work for symbols in user

[Devel] [PATCH 32/39] mm, mempool: poison elements backed by slab allocator

Cc: Catalin Marinas catalin.mari...@arm.com Signed-off-by: Fabio Estevam fabio.este...@freescale.com Signed-off-by: Arnd Bergmann a...@arndb.de Signed-off-by: Andrew Morton a...@linux-foundation.org Signed-off-by: Linus Torvalds torva...@linux-foundation.org Signed-off-by: Andrey Ryabinin aryabi

[Devel] [PATCH 33/39] mm/mempool.c: kasan: poison mempool elements

From: Andrey Ryabinin a.ryabi...@samsung.com commit 923936157b158f36bd6a3d86496dce82b1a957de upstream. Mempools keep allocated objects in reserved for situations when ordinary allocation may not be possible to satisfy. These objects shouldn't be accessed before they leave the pool. This patch

[Devel] [PATCH 34/39] kasan: Makefile: shut up warnings if CONFIG_COMPILE_TEST=y

From: Andrey Ryabinin a.ryabi...@samsung.com commit 6e54abac1b8e0b7febffdbad37b605daef1cfcff upstream. It might be annoying to constantly see this: scripts/Makefile.kasan:16: Cannot use CONFIG_KASAN: -fsanitize=kernel-address is not supported by compiler while performing allmodconfig

[Devel] [PATCH 35/39] x86/init: Clear 'init_level4_pgt' earlier

From: Andrey Ryabinin a.ryabi...@samsung.com commit d0f77d4d04b222a817925d33ba3589b190bfa863 upstream. Currently x86_64_start_kernel() has two KASAN related function calls. The first call maps shadow to early_level4_pgt, the second maps shadow to init_level4_pgt. If we move clear_page

[Devel] [PATCH 36/39] x86/kasan: Fix KASAN shadow region page tables

profit to the code readability. Otherwise describing all the new order dependencies would be too verbose. Signed-off-by: Alexander Popov alpo...@ptsecurity.com Signed-off-by: Andrey Ryabinin a.ryabi...@samsung.com Cc: sta...@vger.kernel.org # 4.0+ Cc: Alexander Potapenko gli...@google.com Cc

[Devel] [PATCH 37/39] x86/kasan: Flush TLBs after switching CR3

From: Andrey Ryabinin a.ryabi...@samsung.com commit 241d2c54c62fa0939fc9a9512b48ac3434e90a89 upstream. load_cr3() doesn't cause tlb_flush if PGE enabled. This may cause tons of false positive reports spamming the kernel to death. To fix this __flush_tlb_all() should be called explicitly after

[Devel] [PATCH 38/39] x86/kasan: Fix boot crash on AMD processors

From: Andrey Ryabinin a.ryabi...@samsung.com commit d4f86beacc21d538dc41e1fc75a22e084f547edf upstream. While populating zero shadow wrong bits in upper level page tables used. __PAGE_KERNEL_RO that was used for pgd/pud/pmd has _PAGE_BIT_GLOBAL set. Global bit is present only in the lowest level

[Devel] [PATCH 39/39] x86/kasan: Add message about KASAN being initialized

From: Andrey Ryabinin a.ryabi...@samsung.com commit 8515522949951d81fe2d06c0a3292f171f2b8ec4 upstream. Print informational message to tell user that kernel runs with KASAN enabled. Add a kasan: prefix to all messages in kasan_init_64.c. Signed-off-by: Andrey Ryabinin a.ryabi...@samsung.com Cc

<    5   6   7   8   9   10   11   >