[RFC PATCH 0/1] Various config changes for better Bay and Cherry Trail support
by Hans de Goede
Hi All,
For the last couple of months I've been working on improving Linux
support for Intel Bay and Cherry Trail devices as a spare-time project.
A lot of my changes for this have landed in the 4.12 kernel, see:
http://hansdegoede.livejournal.com/
The proposed config changes enable various drivers to make these
improvements available for Fedora users.
Most of these changes just enable modules, but there is one change
which also impacts non Bay and Cherry Trail x86_64 users, the proposed
changes also change the I2C_DESIGNWARE controller options from module
to built-in. This is necessary because Bay and Cherry Trail devices use
an i2c attached PMIC which provides an ACPI OpRegion and this OpRegion
must be available before any devices with _PS0 or _PS3 methods which
use this OpRegion get their drivers bound to them.
I'm not expecting any side-effects from this change, but I wanted
to point this out just in case.
Unless there are objections against these changes I plan to push them
to the master branch around the end of next week.
I also plan to add some small isolated code-fixes which missed 4.12, and
have been queued up for 4.13.
Regards,
Hans
6 years, 5 months
BUG: scheduling while atomic: rcuos
by Chris Murphy
I did not notice this upon first updating to 4.11.6-301.fc26.x86_64
but now every boot I get a gnome-shell notification that there's been
an oops, but abrt won't file a bug.
The backtrace does not contain enough meaningful function frames to be
reported. It is annoying but it does not necessary signalize a problem
with your computer. ABRT will not allow you to create a report in a
bug tracking system but you can contact kernel maintainers via e-mail.
BUG: scheduling while atomic: rcuos/3/37/0x00000200
Modules linked in: hfsplus hfs minix msdos jfs xfs vfat fat rfcomm
fuse ccm tun ip_set nfnetlink bridge stp llc cmac bnep sunrpc
dm_thin_pool dm_persistent_data dm_bio_prison libcrc32c arc4
intel_rapl snd_soc_skl x86_pkg_temp_thermal intel_powerclamp
snd_soc_skl_ipc coretemp kvm_intel snd_soc_sst_ipc snd_soc_sst_dsp
snd_hda_ext_core snd_soc_sst_match iTCO_wdt iTCO_vendor_support kvm
snd_soc_core iwlmvm i2c_designware_platform i2c_designware_core hp_wmi
sparse_keymap snd_hda_codec_hdmi mac80211 snd_hda_codec_conexant
snd_hda_codec_generic irqbypass snd_compress crct10dif_pclmul
crc32_pclmul uvcvideo snd_pcm_dmaengine ac97_bus ghash_clmulni_intel
snd_hda_intel iwlwifi intel_cstate videobuf2_vmalloc snd_hda_codec
videobuf2_memops intel_uncore videobuf2_v4l2 videobuf2_core
intel_rapl_perf
videodev snd_hda_core snd_hwdep snd_seq snd_seq_device cfg80211
snd_pcm media hci_uart joydev snd_timer btusb snd btrtl i2c_i801
mei_me soundcore btbcm shpchp mei btqca btintel idma64
processor_thermal_device intel_soc_dts_iosf intel_pch_thermal
intel_lpss_pci ucsi bluetooth wmi int3403_thermal int340x_thermal_zone
pinctrl_sunrisepoint hp_accel lis3lv02d rfkill pinctrl_intel
intel_lpss_acpi intel_lpss input_polldev hp_wireless tpm_crb
int3400_thermal acpi_thermal_rel acpi_pad tpm_tis tpm_tis_core tpm
btrfs xor raid6_pq i915 i2c_algo_bit drm_kms_helper crc32c_intel drm
serio_raw nvme nvme_core i2c_hid video [last unloaded: ip6_tables]
CPU: 3 PID: 37 Comm: rcuos/3 Not tainted 4.11.6-301.fc26.x86_64 #1
Hardware name: HP HP Spectre Notebook/81A0, BIOS F.33 05/11/2017
There is no call trace, and there's nothing revealing in dmesg, and
there's no tainting messages.
$ sudo cat /proc/sys/kernel/tainted
0
This was not happening with 4.11.5.
--
Chris Murphy
6 years, 5 months
iptables is broken in 4.11
by Andrei Vagin
Hello,
One of our tests failed due to iptables. It works fine with kernels <=
4.11 and 4.12-rc* (from rawhide). The problem is that the command for
deleting a rule returns an error.
[root@zdtm ~]# unshare -n
[root@zdtm ~]# iptables -w -t filter --protocol tcp -A INPUT --dport
9999 -j DROP
[root@zdtm ~]# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
DROP tcp -- anywhere anywhere tcp dpt:distinct
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
[root@zdtm ~]# iptables -w -t filter --protocol tcp -D INPUT --dport
9999 -j DROP
iptables: Bad rule (does a matching rule exist in that chain?).
[root@zdtm ~]# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
DROP tcp -- anywhere anywhere tcp dpt:distinct
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
[root@zdtm ~]# uname -a
Linux zdtm.openvz.org 4.11.5-200.fc25.x86_64 #1 SMP Wed Jun 14
17:17:29 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux
https://bugzilla.redhat.com/show_bug.cgi?id=1459676
Thanks,
Andrei
6 years, 5 months
Fix for audit records on the console (RHBZ #1459326)
by Paul Moore
First a quick link to the BZ, as it provides more detail and a link to
the patch:
* https://bugzilla.redhat.com/show_bug.cgi?id=1459326
Dusty and Adam reported a problem where audit records were
occasionally appearing on the system's console (via KERN_NOTICE) using
F26. It took a couple of days to track down the problem and get a
reasonable fix in place, but it is now in the audit/next branch and
I'll be sending it to Linus during the next merge window.
I'm mixed as to if it is important enough to warrant a backport, but
if you do decide on the backport it should be relatively easy as the
patch is quite small and non-intrusive.
commit c81be52a3ac0267aa830a2c4cb769030ea3483c9
Author: Paul Moore <paul(a)paul-moore.com>
Date: Mon Jun 12 09:35:24 2017 -0400
audit: fix a race condition with the auditd tracking code
Originally reported by Adam and Dusty, it appears we have a small
race window in kauditd_thread(), as documented in the Fedora BZ:
* https://bugzilla.redhat.com/show_bug.cgi?id=1459326#c35
"This issue is partly due to the read-copy nature of RCU, and
partly due to how we sync the auditd_connection state across
kauditd_thread and the audit control channel. The kauditd_thread
thread is always running so it can service the record queues and
emit the multicast messages, if it happens to be just past the
"main_queue" label, but before the "if (sk == NULL || ...)"
if-statement which calls auditd_reset() when the new auditd
connection is registered it could end up resetting the auditd
connection, regardless of if it is valid or not. This is a rather
small window and the variable nature of multi-core scheduling
explains why this is proving rather difficult to reproduce."
The fix is to have functions only call auditd_reset() when they
believe that the kernel/auditd connection is still valid, e.g.
non-NULL, and to have these callers pass their local copy of the
auditd_connection pointer to auditd_reset() where it can be compared
with the current connection state before resetting. If the caller
has a stale state tracking pointer then the reset is ignored.
We also make a small change to kauditd_thread() so that if the
kernel/auditd connection is dead we skip the retry queue and send the
records straight to the hold queue. This is necessary as we used to
rely on auditd_reset() to occasionally purge the retry queue but we
are going to be calling the reset function much less now and we want
to make sure the retry queue doesn't grow unbounded.
Reported-by: Adam Williamson <awilliam(a)redhat.com>
Reported-by: Dusty Mabe <dustymabe(a)redhat.com>
Reviewed-by: Richard Guy Briggs <rgb(a)redhat.com>
Signed-off-by: Paul Moore <paul(a)paul-moore.com>
audit.c | 36 +++++++++++++++++++++++-------------
1 file changed, 23 insertions(+), 13 deletions(-)
--
paul moore
security @ redhat
6 years, 5 months
Secure boot could not be determined
by Chris Murphy
On both Fedora 25 and Fedora 26, I'm seeing this message with 4.11
kernels and not 4.10 kernels.
Linux version 4.10.15-200.fc25.x86_64
May 09 12:50:44 f25s kernel: Secure boot enabled and kernel locked down
Linux version 4.11.3-300.fc26.x86_64
Jun 10 23:21:56 f25s kernel: Secure boot could not be determined
In both cases
$ mokutil --sb-state
SecureBoot enabled
Is this expected?
--
Chris Murphy
6 years, 6 months
Building kernel with fedpkg and custom config
by laridae.fuscus@gmail.com
Hello,
I've tried to build a kernel with custom config following https://fedoraproject.org/wiki/Building_a_custom_kernel
Building the kernel following that recipe works fine.
$ fedpkg clone -a kernel
$ git checkout origin/f25
edit kernel.spec
# define buildid .local > %define buildid .local
$ fedpkg local
However I can't figure out the bit with the custom config.
The instructions on the wiki say that:
"Enabling config options
If there are configuration options that need to be adjusted for your build, you can add changes in the config-local file.
This will override anything set in the rest of the defconfigs."
I've created the .config with "make xconfig"
But there is no config-local file anywhere, copying/renaming the .config to config-local does nothing
There is a kernel-local file, copying the .config to kernel-local does nothing
I've also tried to replace the kernel-x64-86.config generated with build_configs.sh with the .config I made with make xconfig, and then tried to run fedpkg local - but that gives an error message (target for arch not found or something along those lines)
So in short, how do I build a kernel with fedpkg with a custom config? It seems that the wiki is lacking a crucial bit of information, or there's something wrong with the fedpkg system for building kernels.
regards
6 years, 6 months
-Wimplicit-function-declaration
by Ian Pilcher
Is the Fedora kernel package built with -Wimplicit-function-declaration?
I'm rebuilding the Fedora kernel with a patch that will hopefully fix an
issue with my Dell TB16 dock:
https://www.spinics.net/lists/linux-usb/msg157865.html
The kbuild test robot is showing a missing function declaration:
https://www.spinics.net/lists/linux-usb/msg157888.html
I looked at the relevant files, and it looks to me that the required
header file is included, albeit indirectly.
The RPM rebuild just completed, and this warning/error does not appear
in the build log, and I was wondering if this is significant (which it
wouldn't be if the build process doesn't have that warning enabled).
--
========================================================================
Ian Pilcher arequipeno(a)gmail.com
-------- "I grew up before Mark Zuckerberg invented friendship" --------
========================================================================
6 years, 6 months
