diff options
Diffstat (limited to 'Documentation/admin-guide')
56 files changed, 1991 insertions, 565 deletions
diff --git a/Documentation/admin-guide/README.rst b/Documentation/admin-guide/README.rst index 95a28f47ac30..261b7b4cca1f 100644 --- a/Documentation/admin-guide/README.rst +++ b/Documentation/admin-guide/README.rst @@ -398,8 +398,8 @@ If something goes wrong If you for some reason cannot do the above (you have a pre-compiled kernel image or similar), telling me as much about your setup as - possible will help. Please read the :ref:`admin-guide/reporting-bugs.rst <reportingbugs>` - document for details. + possible will help. Please read + 'Documentation/admin-guide/reporting-issues.rst' for details. - Alternatively, you can use gdb on a running kernel. (read-only; i.e. you cannot change values or set break points.) To do this, first compile the diff --git a/Documentation/admin-guide/acpi/cppc_sysfs.rst b/Documentation/admin-guide/acpi/cppc_sysfs.rst index a4b99afbe331..fccf22114e85 100644 --- a/Documentation/admin-guide/acpi/cppc_sysfs.rst +++ b/Documentation/admin-guide/acpi/cppc_sysfs.rst @@ -8,7 +8,7 @@ CPPC ==== CPPC defined in the ACPI spec describes a mechanism for the OS to manage the -performance of a logical processor on a contigious and abstract performance +performance of a logical processor on a contiguous and abstract performance scale. CPPC exposes a set of registers to describe abstract performance scale, to request performance levels and to measure per-cpu delivered performance. @@ -45,7 +45,7 @@ for each cpu X:: * lowest_freq : CPU frequency corresponding to lowest_perf (in MHz). * nominal_freq : CPU frequency corresponding to nominal_perf (in MHz). The above frequencies should only be used to report processor performance in - freqency instead of abstract scale. These values should not be used for any + frequency instead of abstract scale. These values should not be used for any functional decisions. * feedback_ctrs : Includes both Reference and delivered performance counter. diff --git a/Documentation/admin-guide/binderfs.rst b/Documentation/admin-guide/binderfs.rst index 8243af9b3510..199d84314a14 100644 --- a/Documentation/admin-guide/binderfs.rst +++ b/Documentation/admin-guide/binderfs.rst @@ -70,5 +70,5 @@ Deleting binder Devices Binderfs binder devices can be deleted via `unlink() <unlink_>`_. This means that the `rm() <rm_>`_ tool can be used to delete them. Note that the ``binder-control`` device cannot be deleted since this would make the binderfs -instance unuseable. The ``binder-control`` device will be deleted when the +instance unusable. The ``binder-control`` device will be deleted when the binderfs instance is unmounted and all references to it have been dropped. diff --git a/Documentation/admin-guide/blockdev/paride.rst b/Documentation/admin-guide/blockdev/paride.rst index 87b4278bf314..e1ce90af602a 100644 --- a/Documentation/admin-guide/blockdev/paride.rst +++ b/Documentation/admin-guide/blockdev/paride.rst @@ -220,7 +220,7 @@ example:: Finally, you can load high-level drivers for each kind of device that you have connected. By default, each driver will autoprobe for a single device, but you can support up to four similar devices by giving their -individual co-ordinates when you load the driver. +individual coordinates when you load the driver. For example, if you had two no-name CD-ROM drives both using the KingByte KBIC-951A adapter, one on port 0x378 and the other on 0x3bc diff --git a/Documentation/admin-guide/blockdev/zram.rst b/Documentation/admin-guide/blockdev/zram.rst index a6fd1f9b5faf..700329d25f57 100644 --- a/Documentation/admin-guide/blockdev/zram.rst +++ b/Documentation/admin-guide/blockdev/zram.rst @@ -266,6 +266,7 @@ line of text and contains the following stats separated by whitespace: No memory is allocated for such pages. pages_compacted the number of pages freed during compaction huge_pages the number of incompressible pages + huge_pages_since the number of incompressible pages since zram set up ================ ============================================================= File /sys/block/zram<id>/bd_stat @@ -334,6 +335,11 @@ Admin can request writeback of those idle pages at right timing via:: With the command, zram writeback idle pages from memory to the storage. +If admin want to write a specific page in zram device to backing device, +they could write a page index into the interface. + + echo "page_index=1251" > /sys/block/zramX/writeback + If there are lots of write IO with flash device, potentially, it has flash wearout problem so that admin needs to design write limitation to guarantee storage health for entire product life. @@ -360,7 +366,7 @@ like below:: /sys/block/zram0/writeback_limit. $ echo 1 > /sys/block/zram0/writeback_limit_enable -If admins want to allow further write again once the bugdet is exhausted, +If admins want to allow further write again once the budget is exhausted, he could do it like below:: $ echo $((400<<MB_SHIFT>>4K_SHIFT)) > \ diff --git a/Documentation/admin-guide/bootconfig.rst b/Documentation/admin-guide/bootconfig.rst index a22024f9175e..9b90efcc3a35 100644 --- a/Documentation/admin-guide/bootconfig.rst +++ b/Documentation/admin-guide/bootconfig.rst @@ -137,15 +137,24 @@ Boot Kernel With a Boot Config ============================== Since the boot configuration file is loaded with initrd, it will be added -to the end of the initrd (initramfs) image file with size, checksum and -12-byte magic word as below. +to the end of the initrd (initramfs) image file with padding, size, +checksum and 12-byte magic word as below. -[initrd][bootconfig][size(u32)][checksum(u32)][#BOOTCONFIG\n] +[initrd][bootconfig][padding][size(le32)][checksum(le32)][#BOOTCONFIG\n] + +The size and checksum fields are unsigned 32bit little endian value. + +When the boot configuration is added to the initrd image, the total +file size is aligned to 4 bytes. To fill the gap, null characters +(``\0``) will be added. Thus the ``size`` is the length of the bootconfig +file + padding bytes. The Linux kernel decodes the last part of the initrd image in memory to get the boot configuration data. Because of this "piggyback" method, there is no need to change or -update the boot loader and the kernel image itself. +update the boot loader and the kernel image itself as long as the boot +loader passes the correct initrd file size. If by any chance, the boot +loader passes a longer size, the kernel feils to find the bootconfig data. To do this operation, Linux kernel provides "bootconfig" command under tools/bootconfig, which allows admin to apply or delete the config file @@ -176,7 +185,8 @@ up to 512 key-value pairs. If keys contains 3 words in average, it can contain 256 key-value pairs. In most cases, the number of config items will be under 100 entries and smaller than 8KB, so it would be enough. If the node number exceeds 1024, parser returns an error even if the file -size is smaller than 32KB. +size is smaller than 32KB. (Note that this maximum size is not including +the padding null characters.) Anyway, since bootconfig command verifies it when appending a boot config to initrd image, user can notice it before boot. diff --git a/Documentation/admin-guide/bug-bisect.rst b/Documentation/admin-guide/bug-bisect.rst index 59567da344e8..325c5d0ed34a 100644 --- a/Documentation/admin-guide/bug-bisect.rst +++ b/Documentation/admin-guide/bug-bisect.rst @@ -15,7 +15,7 @@ give up. Report as much as you have found to the relevant maintainer. See MAINTAINERS for who that is for the subsystem you have worked on. Before you submit a bug report read -:ref:`Documentation/admin-guide/reporting-bugs.rst <reportingbugs>`. +'Documentation/admin-guide/reporting-issues.rst'. Devices not appearing ===================== diff --git a/Documentation/admin-guide/bug-hunting.rst b/Documentation/admin-guide/bug-hunting.rst index f7c80f4649fc..95299b08c405 100644 --- a/Documentation/admin-guide/bug-hunting.rst +++ b/Documentation/admin-guide/bug-hunting.rst @@ -263,7 +263,7 @@ Please notice that it will point to: - The last developers that touched the source code (if this is done inside a git tree). On the above example, Tejun and Bhaktipriya (in this - specific case, none really envolved on the development of this file); + specific case, none really involved on the development of this file); - The driver maintainer (Hans Verkuil); - The subsystem maintainer (Mauro Carvalho Chehab); - The driver and/or subsystem mailing list (linux-media@vger.kernel.org); diff --git a/Documentation/admin-guide/cgroup-v1/memcg_test.rst b/Documentation/admin-guide/cgroup-v1/memcg_test.rst index 3f7115e07b5d..45b94f7b3beb 100644 --- a/Documentation/admin-guide/cgroup-v1/memcg_test.rst +++ b/Documentation/admin-guide/cgroup-v1/memcg_test.rst @@ -133,18 +133,9 @@ Under below explanation, we assume CONFIG_MEM_RES_CTRL_SWAP=y. 8. LRU ====== - Each memcg has its own private LRU. Now, its handling is under global - VM's control (means that it's handled under global pgdat->lru_lock). - Almost all routines around memcg's LRU is called by global LRU's - list management functions under pgdat->lru_lock. - - A special function is mem_cgroup_isolate_pages(). This scans - memcg's private LRU and call __isolate_lru_page() to extract a page - from LRU. - - (By __isolate_lru_page(), the page is removed from both of global and - private LRU.) - + Each memcg has its own vector of LRUs (inactive anon, active anon, + inactive file, active file, unevictable) of pages from each node, + each LRU handled under a single lru_lock for that memcg and node. 9. Typical Tests. ================= @@ -219,13 +210,11 @@ Under below explanation, we assume CONFIG_MEM_RES_CTRL_SWAP=y. This is an easy way to test page migration, too. -9.5 mkdir/rmdir ---------------- +9.5 nested cgroups +------------------ - When using hierarchy, mkdir/rmdir test should be done. - Use tests like the following:: + Use tests like the following for testing nested cgroups:: - echo 1 >/opt/cgroup/01/memory/use_hierarchy mkdir /opt/cgroup/01/child_a mkdir /opt/cgroup/01/child_b diff --git a/Documentation/admin-guide/cgroup-v1/memory.rst b/Documentation/admin-guide/cgroup-v1/memory.rst index 12757e63b26c..52688ae34461 100644 --- a/Documentation/admin-guide/cgroup-v1/memory.rst +++ b/Documentation/admin-guide/cgroup-v1/memory.rst @@ -77,6 +77,8 @@ Brief summary of control files. memory.soft_limit_in_bytes set/show soft limit of memory usage memory.stat show various statistics memory.use_hierarchy set/show hierarchical account enabled + This knob is deprecated and shouldn't be + used. memory.force_empty trigger forced page reclaim memory.pressure_level set memory pressure notifications memory.swappiness set/show swappiness parameter of vmscan @@ -285,20 +287,17 @@ When oom event notifier is registered, event will be delivered. 2.6 Locking ----------- - lock_page_cgroup()/unlock_page_cgroup() should not be called under - the i_pages lock. - - Other lock order is following: - - PG_locked. - mm->page_table_lock - pgdat->lru_lock - lock_page_cgroup. +Lock order is as follows: - In many cases, just lock_page_cgroup() is called. + Page lock (PG_locked bit of page->flags) + mm->page_table_lock or split pte_lock + lock_page_memcg (memcg->move_lock) + mapping->i_pages lock + lruvec->lru_lock. - per-zone-per-cgroup LRU (cgroup's private LRU) is just guarded by - pgdat->lru_lock, it has no lock of its own. +Per-node-per-memcgroup LRU (cgroup's private LRU) is guarded by +lruvec->lru_lock; PG_lru bit of page->flags is cleared before +isolating a page from its LRU under lruvec->lru_lock. 2.7 Kernel Memory Extension (CONFIG_MEMCG_KMEM) ----------------------------------------------- @@ -495,16 +494,13 @@ cgroup might have some charge associated with it, even though all tasks have migrated away from it. (because we charge against pages, not against tasks.) -We move the stats to root (if use_hierarchy==0) or parent (if -use_hierarchy==1), and no change on the charge except uncharging +We move the stats to parent, and no change on the charge except uncharging from the child. Charges recorded in swap information is not updated at removal of cgroup. Recorded information is discarded and a cgroup which uses swap (swapcache) will be charged as a new owner of it. -About use_hierarchy, see Section 6. - 5. Misc. interfaces =================== @@ -527,8 +523,6 @@ About use_hierarchy, see Section 6. write will still return success. In this case, it is expected that memory.kmem.usage_in_bytes == memory.usage_in_bytes. - About use_hierarchy, see Section 6. - 5.2 stat file ------------- @@ -675,31 +669,20 @@ hierarchy:: d e In the diagram above, with hierarchical accounting enabled, all memory -usage of e, is accounted to its ancestors up until the root (i.e, c and root), -that has memory.use_hierarchy enabled. If one of the ancestors goes over its -limit, the reclaim algorithm reclaims from the tasks in the ancestor and the -children of the ancestor. - -6.1 Enabling hierarchical accounting and reclaim ------------------------------------------------- +usage of e, is accounted to its ancestors up until the root (i.e, c and root). +If one of the ancestors goes over its limit, the reclaim algorithm reclaims +from the tasks in the ancestor and the children of the ancestor. -A memory cgroup by default disables the hierarchy feature. Support -can be enabled by writing 1 to memory.use_hierarchy file of the root cgroup:: +6.1 Hierarchical accounting and reclaim +--------------------------------------- - # echo 1 > memory.use_hierarchy - -The feature can be disabled by:: - - # echo 0 > memory.use_hierarchy +Hierarchical accounting is enabled by default. Disabling the hierarchical +accounting is deprecated. An attempt to do it will result in a failure +and a warning printed to dmesg. -NOTE1: - Enabling/disabling will fail if either the cgroup already has other - cgroups created below it, or if the parent cgroup has use_hierarchy - enabled. +For compatibility reasons writing 1 to memory.use_hierarchy will always pass:: -NOTE2: - When panic_on_oom is set to "2", the whole system will panic in - case of an OOM event in any cgroup. + # echo 1 > memory.use_hierarchy 7. Soft limits ============== diff --git a/Documentation/admin-guide/cgroup-v2.rst b/Documentation/admin-guide/cgroup-v2.rst index 608d7c279396..63521cd36ce5 100644 --- a/Documentation/admin-guide/cgroup-v2.rst +++ b/Documentation/admin-guide/cgroup-v2.rst @@ -1274,6 +1274,9 @@ PAGE_SIZE multiple when read back. kernel_stack Amount of memory allocated to kernel stacks. + pagetables + Amount of memory allocated for page tables. + percpu(npn) Amount of memory used for storing per-cpu kernel data structures. @@ -1300,6 +1303,14 @@ PAGE_SIZE multiple when read back. Amount of memory used in anonymous mappings backed by transparent hugepages + file_thp + Amount of cached filesystem data backed by transparent + hugepages + + shmem_thp + Amount of shm, tmpfs, shared anonymous mmap()s backed by + transparent hugepages + inactive_anon, active_anon, inactive_file, active_file, unevictable Amount of memory, swap-backed and filesystem-backed, on the internal memory management lists used by the diff --git a/Documentation/admin-guide/cifs/introduction.rst b/Documentation/admin-guide/cifs/introduction.rst index 0b98f672d36f..cc2851d93d17 100644 --- a/Documentation/admin-guide/cifs/introduction.rst +++ b/Documentation/admin-guide/cifs/introduction.rst @@ -9,7 +9,7 @@ Introduction PC operating systems. New and improved versions of CIFS are now called SMB2 and SMB3. Use of SMB3 (and later, including SMB3.1.1) is strongly preferred over using older dialects like CIFS due to - security reaasons. All modern dialects, including the most recent, + security reasons. All modern dialects, including the most recent, SMB3.1.1 are supported by the CIFS VFS module. The SMB3 protocol is implemented and supported by all major file servers such as all modern versions of Windows (including Windows 2016 diff --git a/Documentation/admin-guide/cifs/usage.rst b/Documentation/admin-guide/cifs/usage.rst index 7b32d5063803..b6d9f02bc12b 100644 --- a/Documentation/admin-guide/cifs/usage.rst +++ b/Documentation/admin-guide/cifs/usage.rst @@ -115,7 +115,7 @@ later source tree in docs/manpages/mount.cifs.8 Allowing User Unmounts ====================== -To permit users to ummount directories that they have user mounted (see above), +To permit users to unmount directories that they have user mounted (see above), the utility umount.cifs may be used. It may be invoked directly, or if umount.cifs is placed in /sbin, umount can invoke the cifs umount helper (at least for most versions of the umount utility) for umount of cifs @@ -197,7 +197,7 @@ that is ignored by local server applications and non-cifs clients and that will not be traversed by the Samba server). This is opaque to the Linux client application using the cifs vfs. Absolute symlinks will work to Samba 3.0.5 or later, but only for remote clients using the CIFS Unix extensions, and will -be invisbile to Windows clients and typically will not affect local +be invisible to Windows clients and typically will not affect local applications running on the same server as Samba. Use instructions @@ -267,7 +267,7 @@ would be forbidden for Windows/CIFS semantics) as long as the server is configured for Unix Extensions (and the client has not disabled /proc/fs/cifs/LinuxExtensionsEnabled). In addition the mount option ``mapposix`` can be used on CIFS (vers=1.0) to force the mapping of -illegal Windows/NTFS/SMB characters to a remap range (this mount parm +illegal Windows/NTFS/SMB characters to a remap range (this mount parameter is the default for SMB3). This remap (``mapposix``) range is also compatible with Mac (and "Services for Mac" on some older Windows). diff --git a/Documentation/admin-guide/device-mapper/dm-crypt.rst b/Documentation/admin-guide/device-mapper/dm-crypt.rst index bc28a9527ee5..1a6753b76dbb 100644 --- a/Documentation/admin-guide/device-mapper/dm-crypt.rst +++ b/Documentation/admin-guide/device-mapper/dm-crypt.rst @@ -46,7 +46,7 @@ Parameters:: capi:authenc(hmac(sha256),xts(aes))-random capi:rfc7539(chacha20,poly1305)-random - The /proc/crypto contains a list of curently loaded crypto modes. + The /proc/crypto contains a list of currently loaded crypto modes. <key> Key used for encryption. It is encoded either as a hexadecimal number @@ -92,7 +92,7 @@ Parameters:: <#opt_params> Number of optional parameters. If there are no optional parameters, - the optional paramaters section can be skipped or #opt_params can be zero. + the optional parameters section can be skipped or #opt_params can be zero. Otherwise #opt_params is the number of following arguments. Example of optional parameters section: diff --git a/Documentation/admin-guide/device-mapper/dm-integrity.rst b/Documentation/admin-guide/device-mapper/dm-integrity.rst index 3ab4f7756a6e..4e6f504474ac 100644 --- a/Documentation/admin-guide/device-mapper/dm-integrity.rst +++ b/Documentation/admin-guide/device-mapper/dm-integrity.rst @@ -117,7 +117,7 @@ journal_watermark:number commit_time:number Commit time in milliseconds. When this time passes, the journal is - written. The journal is also written immediatelly if the FLUSH + written. The journal is also written immediately if the FLUSH request is received. internal_hash:algorithm(:key) (the key is optional) @@ -147,7 +147,7 @@ journal_crypt:algorithm(:key) (the key is optional) "salsa20" or "ctr(aes)"). The journal contains history of last writes to the block device, - an attacker reading the journal could see the last sector nubmers + an attacker reading the journal could see the last sector numbers that were written. From the sector numbers, the attacker can infer the size of files that were written. To protect against this situation, you can encrypt the journal. diff --git a/Documentation/admin-guide/device-mapper/dm-raid.rst b/Documentation/admin-guide/device-mapper/dm-raid.rst index 7ef9fe63b3d4..bb17e26e3c1b 100644 --- a/Documentation/admin-guide/device-mapper/dm-raid.rst +++ b/Documentation/admin-guide/device-mapper/dm-raid.rst @@ -418,6 +418,6 @@ Version History specific devices are requested via rebuild. Fix RAID leg rebuild errors. 1.15.0 Fix size extensions not being synchronized in case of new MD bitmap - pages allocated; also fix those not occuring after previous reductions + pages allocated; also fix those not occurring after previous reductions 1.15.1 Fix argument count and arguments for rebuild/write_mostly/journal_(dev|mode) on the status line. diff --git a/Documentation/admin-guide/device-mapper/dm-zoned.rst b/Documentation/admin-guide/device-mapper/dm-zoned.rst index e635041351bc..0fac051caeac 100644 --- a/Documentation/admin-guide/device-mapper/dm-zoned.rst +++ b/Documentation/admin-guide/device-mapper/dm-zoned.rst @@ -24,7 +24,7 @@ The dm-zoned implementation is simple and minimizes system overhead (CPU and memory usage as well as storage capacity loss). For a 10TB host-managed disk with 256 MB zones, dm-zoned memory usage per disk instance is at most 4.5 MB and as little as 5 zones will be used -internally for storing metadata and performaing reclaim operations. +internally for storing metadata and performing reclaim operations. dm-zoned target devices are formatted and checked using the dmzadm utility available at: @@ -102,7 +102,7 @@ the buffer zone assigned. If the accessed chunk has no mapping, or the accessed blocks are invalid, the read buffer is zeroed and the read operation terminated. -After some time, the limited number of convnetional zones available may +After some time, the limited number of conventional zones available may be exhausted (all used to map chunks or buffer sequential zones) and unaligned writes to unbuffered chunks become impossible. To avoid this situation, a reclaim process regularly scans used conventional zones and @@ -158,7 +158,7 @@ Ex:: dmzadm --format /dev/sdxx /dev/sdyy -Fomatted device(s) can be started with the dmzadm utility, too.: +Formatted device(s) can be started with the dmzadm utility, too.: Ex:: diff --git a/Documentation/admin-guide/device-mapper/verity.rst b/Documentation/admin-guide/device-mapper/verity.rst index 66f71f0dab1b..1a6b91368e59 100644 --- a/Documentation/admin-guide/device-mapper/verity.rst +++ b/Documentation/admin-guide/device-mapper/verity.rst @@ -69,7 +69,7 @@ Construction Parameters <#opt_params> Number of optional parameters. If there are no optional parameters, - the optional paramaters section can be skipped or #opt_params can be zero. + the optional parameters section can be skipped or #opt_params can be zero. Otherwise #opt_params is the number of following arguments. Example of optional parameters section: @@ -134,7 +134,12 @@ root_hash_sig_key_desc <key_description> the pkcs7 signature of the roothash. The pkcs7 signature is used to validate the root hash during the creation of the device mapper block device. Verification of roothash depends on the config DM_VERITY_VERIFY_ROOTHASH_SIG - being set in the kernel. + being set in the kernel. The signatures are checked against the builtin + trusted keyring by default, or the secondary trusted keyring if + DM_VERITY_VERIFY_ROOTHASH_SIG_SECONDARY_KEYRING is set. The secondary + trusted keyring includes by default the builtin trusted keyring, and it can + also gain new certificates at run time if they are signed by a certificate + already in the secondary trusted keyring. Theory of operation =================== diff --git a/Documentation/admin-guide/device-mapper/writecache.rst b/Documentation/admin-guide/device-mapper/writecache.rst index d3d7690f5e8d..dce0184e07ca 100644 --- a/Documentation/admin-guide/device-mapper/writecache.rst +++ b/Documentation/admin-guide/device-mapper/writecache.rst @@ -37,10 +37,10 @@ Constructor parameters: autocommit_blocks n (default: 64 for pmem, 65536 for ssd) when the application writes this amount of blocks without issuing the FLUSH request, the blocks are automatically - commited + committed autocommit_time ms (default: 1000) autocommit time in milliseconds. The data is automatically - commited if this time passes and no FLUSH request is + committed if this time passes and no FLUSH request is received fua (by default on) applicable only to persistent memory - use the FUA flag diff --git a/Documentation/admin-guide/features.rst b/Documentation/admin-guide/features.rst new file mode 100644 index 000000000000..8c167082a84f --- /dev/null +++ b/Documentation/admin-guide/features.rst @@ -0,0 +1,3 @@ +.. SPDX-License-Identifier: GPL-2.0 + +.. kernel-feat:: $srctree/Documentation/features diff --git a/Documentation/admin-guide/hw-vuln/tsx_async_abort.rst b/Documentation/admin-guide/hw-vuln/tsx_async_abort.rst index 68d96f0e9c95..76673affd917 100644 --- a/Documentation/admin-guide/hw-vuln/tsx_async_abort.rst +++ b/Documentation/admin-guide/hw-vuln/tsx_async_abort.rst @@ -60,7 +60,7 @@ Hyper-Thread attacks are possible. The victim of a malicious actor does not need to make use of TSX. Only the attacker needs to begin a TSX transaction and raise an asynchronous abort -which in turn potenitally leaks data stored in the buffers. +which in turn potentially leaks data stored in the buffers. More detailed technical information is available in the TAA specific x86 architecture section: :ref:`Documentation/x86/tsx_async_abort.rst <tsx_async_abort>`. diff --git a/Documentation/admin-guide/index.rst b/Documentation/admin-guide/index.rst index 4e0c4ae44acd..423116c4e787 100644 --- a/Documentation/admin-guide/index.rst +++ b/Documentation/admin-guide/index.rst @@ -19,6 +19,7 @@ etc. sysctl/index abi + features This section describes CPU vulnerabilities and their mitigations. @@ -33,7 +34,8 @@ problems and bugs in particular. .. toctree:: :maxdepth: 1 - reporting-bugs + reporting-issues + Reporting bugs (obsolete) <reporting-bugs> security-bugs bug-hunting bug-bisect @@ -111,13 +113,13 @@ configure specific aspects of kernel behavior to your liking. rtc serial-console svga + syscall-user-dispatch sysrq thunderbolt ufs unicode vga-softcursor video-output - wimax/index xfs .. only:: subproject and html diff --git a/Documentation/admin-guide/kdump/vmcoreinfo.rst b/Documentation/admin-guide/kdump/vmcoreinfo.rst index e44a6c01f336..3861a25faae1 100644 --- a/Documentation/admin-guide/kdump/vmcoreinfo.rst +++ b/Documentation/admin-guide/kdump/vmcoreinfo.rst @@ -39,6 +39,12 @@ call. User-space tools can get the kernel name, host name, kernel release number, kernel version, architecture name and OS type from it. +(uts_namespace, name) +--------------------- + +Offset of the name's member. Crash Utility and Makedumpfile get +the start address of the init_uts_ns.name from this. + node_online_map --------------- diff --git a/Documentation/admin-guide/kernel-parameters.rst b/Documentation/admin-guide/kernel-parameters.rst index 6d421694d98e..06fb1b4aa849 100644 --- a/Documentation/admin-guide/kernel-parameters.rst +++ b/Documentation/admin-guide/kernel-parameters.rst @@ -172,6 +172,7 @@ parameter is applicable:: X86 Either 32-bit or 64-bit x86 (same as X86-32+X86-64) X86_UV SGI UV support is enabled. XEN Xen support is enabled + XTENSA xtensa architecture is enabled. In addition, the following text indicates that the option:: diff --git a/Documentation/admin-guide/kernel-parameters.txt b/Documentation/admin-guide/kernel-parameters.txt index 526d65d8573a..c722ec19cd00 100644 --- a/Documentation/admin-guide/kernel-parameters.txt +++ b/Documentation/admin-guide/kernel-parameters.txt @@ -1883,11 +1883,6 @@ Note that using this option lowers the security provided by tboot because it makes the system vulnerable to DMA attacks. - nobounce [Default off] - Disable bounce buffer for untrusted devices such as - the Thunderbolt devices. This will treat the untrusted - devices as the trusted ones, hence might expose security - risks of DMA attacks. intel_idle.max_cstate= [KNL,HW,ACPI,X86] 0 disables intel_idle and fall back on acpi_idle. @@ -2259,6 +2254,16 @@ for all guests. Default is 1 (enabled) if in 64-bit or 32-bit PAE mode. + kvm-arm.mode= + [KVM,ARM] Select one of KVM/arm64's modes of operation. + + protected: nVHE-based mode with support for guests whose + state is kept private from the host. + Not valid if the kernel is running in EL2. + + Defaults to VHE/nVHE based on hardware support and + the value of CONFIG_ARM64_VHE. + kvm-arm.vgic_v3_group0_trap= [KVM,ARM] Trap guest accesses to GICv3 group-0 system registers @@ -2709,7 +2714,7 @@ option description. memmap=nn[KMG]@ss[KMG] - [KNL] Force usage of a specific region of memory. + [KNL, X86, MIPS, XTENSA] Force usage of a specific region of memory. Region of memory to be used is from ss to ss+nn. If @ss[KMG] is omitted, it is equivalent to mem=nn[KMG], which limits max address to nn[KMG]. @@ -2858,6 +2863,8 @@ mds=off [X86] tsx_async_abort=off [X86] kvm.nx_huge_pages=off [X86] + no_entry_flush [PPC] + no_uaccess_flush [PPC] Exceptions: This does not have any effect on @@ -2951,7 +2958,7 @@ mtdset= [ARM] ARM/S3C2412 JIVE boot control - See arch/arm/mach-s3c2412/mach-jive.c + See arch/arm/mach-s3c/mach-jive.c mtouchusb.raw_coordinates= [HW] Make the MicroTouch USB driver use raw coordinates @@ -3186,6 +3193,8 @@ noefi Disable EFI runtime services support. + no_entry_flush [PPC] Don't flush the L1-D cache when entering the kernel. + noexec [IA-64] noexec [X86] @@ -3235,6 +3244,9 @@ nospec_store_bypass_disable [HW] Disable all mitigations for the Speculative Store Bypass vulnerability + no_uaccess_flush + [PPC] Don't flush the L1-D cache after accessing user data. + noxsave [BUGS=X86] Disables x86 extended register state save and restore using xsave. The kernel will fallback to enabling legacy floating-point and sse state. @@ -3368,6 +3380,8 @@ nosep [BUGS=X86-32] Disables x86 SYSENTER/SYSEXIT support. + nosgx [X86-64,SGX] Disables Intel SGX kernel support. + nosmp [SMP] Tells an SMP kernel to act as a UP kernel, and disable the IO APIC. legacy for "maxcpus=0". @@ -5656,6 +5670,7 @@ device); j = NO_REPORT_LUNS (don't use report luns command, uas only); + k = NO_SAME (do not use WRITE_SAME, uas only) l = NOT_LOCKABLE (don't try to lock and unlock ejectable media, not on uas); m = MAX_SECTORS_64 (don't transfer more diff --git a/Documentation/admin-guide/md.rst b/Documentation/admin-guide/md.rst index cc8781b96b4d..d8fc9a59c086 100644 --- a/Documentation/admin-guide/md.rst +++ b/Documentation/admin-guide/md.rst @@ -221,7 +221,7 @@ All md devices contain: layout The ``layout`` for the array for the particular level. This is - simply a number that is interpretted differently by different + simply a number that is interpreted differently by different levels. It can be written while assembling an array. array_size diff --git a/Documentation/admin-guide/media/bttv.rst b/Documentation/admin-guide/media/bttv.rst index 49382377b1dc..0ef1f203104d 100644 --- a/Documentation/admin-guide/media/bttv.rst +++ b/Documentation/admin-guide/media/bttv.rst @@ -77,7 +77,7 @@ the Subsystem ID in the second line, looks like this: only bt878-based cards can have a subsystem ID (which does not mean that every card really has one). bt848 cards can't have a Subsystem ID and therefore can't be autodetected. There is a list with the ID's -at :doc:`bttv-cardlist` (in case you are intrested or want to mail +at :doc:`bttv-cardlist` (in case you are interested or want to mail patches with updates). diff --git a/Documentation/admin-guide/media/dvb_references.rst b/Documentation/admin-guide/media/dvb_references.rst index 48445ac76275..4f0fd4259cfa 100644 --- a/Documentation/admin-guide/media/dvb_references.rst +++ b/Documentation/admin-guide/media/dvb_references.rst @@ -10,7 +10,7 @@ The DVB mailing list linux-dvb is hosted at vger. Please see http://vger.kernel.org/vger-lists.html#linux-media for details. There are also some other old lists hosted at: -https://linuxtv.org/lists.php. If you're insterested on that for historic +https://linuxtv.org/lists.php. If you're interested on that for historic reasons, please check the archive at https://linuxtv.org/pipermail/linux-dvb/. The media subsystem Wiki is hosted at https://linuxtv.org/wiki/. diff --git a/Documentation/admin-guide/media/frontend-cardlist.rst b/Documentation/admin-guide/media/frontend-cardlist.rst index 73a248c1b064..ba5b7c69a978 100644 --- a/Documentation/admin-guide/media/frontend-cardlist.rst +++ b/Documentation/admin-guide/media/frontend-cardlist.rst @@ -68,7 +68,7 @@ cx24116 Conexant CX24116 based cx24117 Conexant CX24117 based cx24120 Conexant CX24120 based cx24123 Conexant CX24123 based -ds3000 Montage Tehnology DS3000 based +ds3000 Montage Technology DS3000 based mb86a16 Fujitsu MB86A16 based mt312 Zarlink VP310/MT312/ZL10313 based s5h1420 Samsung S5H1420 based @@ -83,7 +83,7 @@ tda10086 Philips TDA10086 based tda8083 Philips TDA8083 based tda8261 Philips TDA8261 based tda826x Philips TDA826X silicon tuner -ts2020 Montage Tehnology TS2020 based tuners +ts2020 Montage Technology TS2020 based tuners tua6100 Infineon TUA6100 PLL cx24113 Conexant CX24113/CX24128 tuner for DVB-S/DSS itd1000 Integrant ITD1000 Zero IF tuner for DVB-S/DSS diff --git a/Documentation/admin-guide/media/gspca-cardlist.rst b/Documentation/admin-guide/media/gspca-cardlist.rst index adda933616f1..e3404d1589da 100644 --- a/Documentation/admin-guide/media/gspca-cardlist.rst +++ b/Documentation/admin-guide/media/gspca-cardlist.rst @@ -305,7 +305,7 @@ pac7302 093a:2625 Genius iSlim 310 pac7302 093a:2626 Labtec 2200 pac7302 093a:2627 Genius FaceCam 300 pac7302 093a:2628 Genius iLook 300 -pac7302 093a:2629 Genious iSlim 300 +pac7302 093a:2629 Genius iSlim 300 pac7302 093a:262a Webcam 300k pac7302 093a:262c Philips SPC 230 NC jl2005bcd 0979:0227 Various brands, 19 known cameras supported diff --git a/Documentation/admin-guide/media/ipu3.rst b/Documentation/admin-guide/media/ipu3.rst index 07d139bf8459..f59697c7b374 100644 --- a/Documentation/admin-guide/media/ipu3.rst +++ b/Documentation/admin-guide/media/ipu3.rst @@ -86,7 +86,7 @@ raw Bayer format that is specific to IPU3. Let us take the example of ov5670 sensor connected to CSI2 port 0, for a 2592x1944 image capture. -Using the media contorller APIs, the ov5670 sensor is configured to send +Using the media controller APIs, the ov5670 sensor is configured to send frames in packed raw Bayer format to IPU3 CSI2 receiver. .. code-block:: none @@ -313,8 +313,8 @@ configuration steps of 0.03125 (1/32). **Geometric Distortion Correction** -Geometric Distortion Correction is used to performe correction of distortions -and image filtering. It needs some extra filter and envelop padding pixels to +Geometric Distortion Correction is used to perform correction of distortions +and image filtering. It needs some extra filter and envelope padding pixels to work, so the input resolution of GDC should be larger than the output resolution. diff --git a/Documentation/admin-guide/media/remote-controller.rst b/Documentation/admin-guide/media/remote-controller.rst index fa05410c3cd5..188944b00f4f 100644 --- a/Documentation/admin-guide/media/remote-controller.rst +++ b/Documentation/admin-guide/media/remote-controller.rst @@ -68,7 +68,7 @@ Using without lircd Xorg recognizes several IR keycodes that have its numerical value lower than 247. With the advent of Wayland, the input driver got updated too, -and should now accept all keycodes. Yet, you may want to just reasign +and should now accept all keycodes. Yet, you may want to just reassign the keycodes to something that your favorite media application likes. This can be done by setting diff --git a/Documentation/admin-guide/media/rkisp1.rst b/Documentation/admin-guide/media/rkisp1.rst index 42e37ed255f6..2267e4fb475e 100644 --- a/Documentation/admin-guide/media/rkisp1.rst +++ b/Documentation/admin-guide/media/rkisp1.rst @@ -86,7 +86,7 @@ the driver through the rkisp_params node to improve image quality during a video stream. The buffer format is defined by struct :c:type:`rkisp1_stat_buffer`, and userspace should set -:ref:`V4L2_META_FMT_RK_ISP1_STAT_3A <v4l2-meta-fmt-stat-rkisp1>` as the +:ref:`V4L2_META_FMT_RK_ISP1_STAT_3A <v4l2-meta-fmt-rk-isp1-stat-3a>` as the dataformat. .. _rkisp1_params: @@ -100,7 +100,7 @@ and others. The buffer format is defined by struct :c:type:`rkisp1_params_cfg`, and userspace should set -:ref:`V4L2_META_FMT_RK_ISP1_PARAMS <v4l2-meta-fmt-params-rkisp1>` as the +:ref:`V4L2_META_FMT_RK_ISP1_PARAMS <v4l2-meta-fmt-rk-isp1-params>` as the dataformat. diff --git a/Documentation/admin-guide/mm/index.rst b/Documentation/admin-guide/mm/index.rst index cd727cfc1b04..4b14d8b50e9e 100644 --- a/Documentation/admin-guide/mm/index.rst +++ b/Documentation/admin-guide/mm/index.rst @@ -3,9 +3,9 @@ Memory Management ================= Linux memory management subsystem is responsible, as the name implies, -for managing the memory in the system. This includes implemnetation of +for managing the memory in the system. This includes implementation of virtual memory and demand paging, memory allocation both for kernel -internal structures and user space programms, mapping of files into +internal structures and user space programs, mapping of files into processes address space and many other cool things. Linux memory management is a complex system with many configurable diff --git a/Documentation/admin-guide/mm/numaperf.rst b/Documentation/admin-guide/mm/numaperf.rst index 86f2a3c4b638..c2f826409bf0 100644 --- a/Documentation/admin-guide/mm/numaperf.rst +++ b/Documentation/admin-guide/mm/numaperf.rst @@ -74,7 +74,7 @@ memory node's access class 0 initiators as follows:: /sys/devices/system/node/nodeY/access0/initiators/ These attributes apply only when accessed from nodes that have the -are linked under the this access's inititiators. +are linked under the this access's initiators. The performance characteristics the kernel provides for the local initiators are exported are as follows:: diff --git a/Documentation/admin-guide/mm/transhuge.rst b/Documentation/admin-guide/mm/transhuge.rst index b2acd0d395ca..3b8a336511a4 100644 --- a/Documentation/admin-guide/mm/transhuge.rst +++ b/Documentation/admin-guide/mm/transhuge.rst @@ -401,21 +401,6 @@ compact_fail is incremented if the system tries to compact memory but failed. -compact_pages_moved - is incremented each time a page is moved. If - this value is increasing rapidly, it implies that the system - is copying a lot of data to satisfy the huge page allocation. - It is possible that the cost of copying exceeds any savings - from reduced TLB misses. - -compact_pagemigrate_failed - is incremented when the underlying mechanism - for moving a page failed. - -compact_blocks_moved - is incremented each time memory compaction examines - a huge page aligned range of pages. - It is possible to establish how long the stalls were using the function tracer to record how long was spent in __alloc_pages_nodemask and using the mm_page_alloc tracepoint to identify which allocations were diff --git a/Documentation/admin-guide/mm/userfaultfd.rst b/Documentation/admin-guide/mm/userfaultfd.rst index 1dc2d5f823b4..65eefa66c0ba 100644 --- a/Documentation/admin-guide/mm/userfaultfd.rst +++ b/Documentation/admin-guide/mm/userfaultfd.rst @@ -114,7 +114,7 @@ Notes: you must provide some kind of page in your thread after reading from the uffd. You must provide either ``UFFDIO_COPY`` or ``UFFDIO_ZEROPAGE``. The normal behavior of the OS automatically providing a zero page on - an annonymous mmaping is not in place. + an anonymous mmaping is not in place. - None of the page-delivering ioctls default to the range that you registered with. You must fill in all fields for the appropriate diff --git a/Documentation/admin-guide/module-signing.rst b/Documentation/admin-guide/module-signing.rst index f8b584179cff..7d7c7c8a545c 100644 --- a/Documentation/admin-guide/module-signing.rst +++ b/Documentation/admin-guide/module-signing.rst @@ -106,7 +106,7 @@ This has a number of options available: certificate and a private key. If the PEM file containing the private key is encrypted, or if the - PKCS#11 token requries a PIN, this can be provided at build time by + PKCS#11 token requires a PIN, this can be provided at build time by means of the ``KBUILD_SIGN_PIN`` variable. diff --git a/Documentation/admin-guide/perf-security.rst b/Documentation/admin-guide/perf-security.rst index 1307b5274a0f..904e4eb37f99 100644 --- a/Documentation/admin-guide/perf-security.rst +++ b/Documentation/admin-guide/perf-security.rst @@ -84,11 +84,14 @@ capabilities then providing the process with CAP_PERFMON capability singly is recommended as the preferred secure approach to resolve double access denial logging related to usage of performance monitoring and observability. -Unprivileged processes using perf_events system call are also subject -for PTRACE_MODE_READ_REALCREDS ptrace access mode check [7]_ , whose -outcome determines whether monitoring is permitted. So unprivileged -processes provided with CAP_SYS_PTRACE capability are effectively -permitted to pass the check. +Prior Linux v5.9 unprivileged processes using perf_events system call +are also subject for PTRACE_MODE_READ_REALCREDS ptrace access mode check +[7]_ , whose outcome determines whether monitoring is permitted. +So unprivileged processes provided with CAP_SYS_PTRACE capability are +effectively permitted to pass the check. Starting from Linux v5.9 +CAP_SYS_PTRACE capability is not required and CAP_PERFMON is enough to +be provided for processes to make performance monitoring and observability +operations. Other capabilities being granted to unprivileged processes can effectively enable capturing of additional data required for later @@ -99,11 +102,11 @@ CAP_SYSLOG capability permits reading kernel space memory addresses from Privileged Perf users groups --------------------------------- -Mechanisms of capabilities, privileged capability-dumb files [6]_ and -file system ACLs [10]_ can be used to create dedicated groups of -privileged Perf users who are permitted to execute performance monitoring -and observability without scope limits. The following steps can be -taken to create such groups of privileged Perf users. +Mechanisms of capabilities, privileged capability-dumb files [6]_, +file system ACLs [10]_ and sudo [15]_ utility can be used to create +dedicated groups of privileged Perf users who are permitted to execute +performance monitoring and observability without limits. The following +steps can be taken to create such groups of privileged Perf users. 1. Create perf_users group of privileged Perf users, assign perf_users group to Perf tool executable and limit access to the executable for @@ -133,7 +136,7 @@ taken to create such groups of privileged Perf users. # getcap perf perf = cap_sys_ptrace,cap_syslog,cap_perfmon+ep -If the libcap installed doesn't yet support "cap_perfmon", use "38" instead, +If the libcap [16]_ installed doesn't yet support "cap_perfmon", use "38" instead, i.e.: :: @@ -159,6 +162,60 @@ performance monitoring and observability by using functionality of the configured Perf tool executable that, when executes, passes perf_events subsystem scope checks. +In case Perf tool executable can't be assigned required capabilities (e.g. +file system is mounted with nosuid option or extended attributes are +not supported by the file system) then creation of the capabilities +privileged environment, naturally shell, is possible. The shell provides +inherent processes with CAP_PERFMON and other required capabilities so that +performance monitoring and observability operations are available in the +environment without limits. Access to the environment can be open via sudo +utility for members of perf_users group only. In order to create such +environment: + +1. Create shell script that uses capsh utility [16]_ to assign CAP_PERFMON + and other required capabilities into ambient capability set of the shell + process, lock the process security bits after enabling SECBIT_NO_SETUID_FIXUP, + SECBIT_NOROOT and SECBIT_NO_CAP_AMBIENT_RAISE bits and then change + the process identity to sudo caller of the script who should essentially + be a member of perf_users group: + +:: + + # ls -alh /usr/local/bin/perf.shell + -rwxr-xr-x. 1 root root 83 Oct 13 23:57 /usr/local/bin/perf.shell + # cat /usr/local/bin/perf.shell + exec /usr/sbin/capsh --iab=^cap_perfmon --secbits=239 --user=$SUDO_USER -- -l + +2. Extend sudo policy at /etc/sudoers file with a rule for perf_users group: + +:: + + # grep perf_users /etc/sudoers + %perf_users ALL=/usr/local/bin/perf.shell + +3. Check that members of perf_users group have access to the privileged + shell and have CAP_PERFMON and other required capabilities enabled + in permitted, effective and ambient capability sets of an inherent process: + +:: + + $ id + uid=1003(capsh_test) gid=1004(capsh_test) groups=1004(capsh_test),1000(perf_users) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 + $ sudo perf.shell + [sudo] password for capsh_test: + $ grep Cap /proc/self/status + CapInh: 0000004000000000 + CapPrm: 0000004000000000 + CapEff: 0000004000000000 + CapBnd: 000000ffffffffff + CapAmb: 0000004000000000 + $ capsh --decode=0000004000000000 + 0x0000004000000000=cap_perfmon + +As a result, members of perf_users group have access to the privileged +environment where they can use tools employing performance monitoring APIs +governed by CAP_PERFMON Linux capability. + This specific access control management is only available to superuser or root running processes with CAP_SETPCAP, CAP_SETFCAP [6]_ capabilities. @@ -264,3 +321,5 @@ Bibliography .. [12] `<http://man7.org/linux/man-pages/man5/limits.conf.5.html>`_ .. [13] `<https://sites.google.com/site/fullycapable>`_ .. [14] `<http://man7.org/linux/man-pages/man8/auditd.8.html>`_ +.. [15] `<https://man7.org/linux/man-pages/man8/sudo.8.html>`_ +.. [16] `<https://git.kernel.org/pub/scm/libs/libcap/libcap.git/>`_ diff --git a/Documentation/admin-guide/perf/imx-ddr.rst b/Documentation/admin-guide/perf/imx-ddr.rst index f05f56c73b7d..90926d0fb8ec 100644 --- a/Documentation/admin-guide/perf/imx-ddr.rst +++ b/Documentation/admin-guide/perf/imx-ddr.rst @@ -4,7 +4,7 @@ Freescale i.MX8 DDR Performance Monitoring Unit (PMU) There are no performance counters inside the DRAM controller, so performance signals are brought out to the edge of the controller where a set of 4 x 32 bit -counters is implemented. This is controlled by the CSV modes programed in counter +counters is implemented. This is controlled by the CSV modes programmed in counter control register which causes a large number of PERF signals to be generated. Selection of the value for each counter is done via the config registers. There diff --git a/Documentation/admin-guide/pm/intel-speed-select.rst b/Documentation/admin-guide/pm/intel-speed-select.rst index 219f1359aac7..0a1fbdb54bfe 100644 --- a/Documentation/admin-guide/pm/intel-speed-select.rst +++ b/Documentation/admin-guide/pm/intel-speed-select.rst @@ -57,7 +57,7 @@ To get help on a command, another level of help is provided. For example for the Summary of platform capability ------------------------------ -To check the current platform and driver capaibilities, execute:: +To check the current platform and driver capabilities, execute:: #intel-speed-select --info @@ -658,7 +658,7 @@ If -a option is not used, then the following steps are required before enabling Intel(R) SST-BF: - Discover Intel(R) SST-BF and note low and high priority base frequency -- Note the high prioity CPU list +- Note the high priority CPU list - Enable CLOS using core-power feature set - Configure CLOS parameters. Use CLOS.min to set to minimum performance - Subscribe desired CPUs to CLOS groups diff --git a/Documentation/admin-guide/pm/intel_pstate.rst b/Documentation/admin-guide/pm/intel_pstate.rst index 5072e7064d13..df29b4f1f219 100644 --- a/Documentation/admin-guide/pm/intel_pstate.rst +++ b/Documentation/admin-guide/pm/intel_pstate.rst @@ -56,7 +56,7 @@ Operation Modes ``intel_pstate`` can operate in two different modes, active or passive. In the active mode, it uses its own internal performance scaling governor algorithm or -allows the hardware to do preformance scaling by itself, while in the passive +allows the hardware to do performance scaling by itself, while in the passive mode it responds to requests made by a generic ``CPUFreq`` governor implementing a certain performance scaling algorithm. Which of them will be in effect depends on what kernel command line options are used and on the capabilities of @@ -380,13 +380,13 @@ argument is passed to the kernel in the command line. ``no_turbo`` If set (equal to 1), the driver is not allowed to set any turbo P-states - (see `Turbo P-states Support`_). If unset (equalt to 0, which is the + (see `Turbo P-states Support`_). If unset (equal to 0, which is the default), turbo P-states can be set by the driver. [Note that ``intel_pstate`` does not support the general ``boost`` attribute (supported by some other scaling drivers) which is replaced by this one.] - This attrubute does not affect the maximum supported frequency value + This attribute does not affect the maximum supported frequency value supplied to the ``CPUFreq`` core and exposed via the policy interface, but it affects the maximum possible value of per-policy P-state limits (see `Interpretation of Policy Attributes`_ below for details). diff --git a/Documentation/admin-guide/pstore-blk.rst b/Documentation/admin-guide/pstore-blk.rst index 6898aba9fb5c..49d8149f8d32 100644 --- a/Documentation/admin-guide/pstore-blk.rst +++ b/Documentation/admin-guide/pstore-blk.rst @@ -35,7 +35,7 @@ module parameters have priority over Kconfig. Here is an example for module parameters:: - pstore_blk.blkdev=179:7 pstore_blk.kmsg_size=64 + pstore_blk.blkdev=/dev/mmcblk0p7 pstore_blk.kmsg_size=64 best_effort=y The detail of each configurations may be of interest to you. @@ -151,10 +151,7 @@ otherwise KMSG_DUMP_MAX. Configurations for driver ------------------------- -Only a block device driver cares about these configurations. A block device -driver uses ``register_pstore_blk`` to register to pstore/blk. - -A non-block device driver uses ``register_pstore_device`` with +A device driver uses ``register_pstore_device`` with ``struct pstore_device_info`` to register to pstore/blk. .. kernel-doc:: fs/pstore/blk.c diff --git a/Documentation/admin-guide/ramoops.rst b/Documentation/admin-guide/ramoops.rst index a60a96218ba9..b0a1ae7df13b 100644 --- a/Documentation/admin-guide/ramoops.rst +++ b/Documentation/admin-guide/ramoops.rst @@ -22,7 +22,7 @@ and type of the memory area are set using three variables: * ``mem_address`` for the start * ``mem_size`` for the size. The memory size will be rounded down to a power of two. - * ``mem_type`` to specifiy if the memory type (default is pgprot_writecombine). + * ``mem_type`` to specify if the memory type (default is pgprot_writecombine). Typically the default value of ``mem_type=0`` should be used as that sets the pstore mapping to pgprot_writecombine. Setting ``mem_type=1`` attempts to use diff --git a/Documentation/admin-guide/reporting-bugs.rst b/Documentation/admin-guide/reporting-bugs.rst index 42481ea7b41d..409fa91d7495 100644 --- a/Documentation/admin-guide/reporting-bugs.rst +++ b/Documentation/admin-guide/reporting-bugs.rst @@ -1,5 +1,10 @@ .. _reportingbugs: +.. note:: + + This document is obsolete, and will be replaced by + 'Documentation/admin-guide/reporting-issues.rst' in the near future. + Reporting bugs ++++++++++++++ diff --git a/Documentation/admin-guide/reporting-issues.rst b/Documentation/admin-guide/reporting-issues.rst new file mode 100644 index 000000000000..07879d01fe68 --- /dev/null +++ b/Documentation/admin-guide/reporting-issues.rst @@ -0,0 +1,1631 @@ +.. SPDX-License-Identifier: (GPL-2.0+ OR CC-BY-4.0) +.. + If you want to distribute this text under CC-BY-4.0 only, please use 'The + Linux kernel developers' for author attribution and link this as source: + https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/plain/Documentation/admin-guide/reporting-issues.rst +.. + Note: Only the content of this RST file as found in the Linux kernel sources + is available under CC-BY-4.0, as versions of this text that were processed + (for example by the kernel's build system) might contain content taken from + files which use a more restrictive license. + +.. important:: + + This document is being prepared to replace + 'Documentation/admin-guide/reporting-bugs.rst'. The main work is done and + you are already free to follow its instructions when reporting issues to the + Linux kernel developers. But keep in mind, below text still needs a few + finishing touches and review. It was merged to the Linux kernel sources at + this stage to make this process easier and increase the text's visibility. + + Any improvements for the text or other feedback is thus very much welcome. + Please send it to 'Thorsten Leemhuis <linux@leemhuis.info>' and 'Jonathan + Corbet <corbet@lwn.net>', ideally with 'Linux kernel mailing list (LKML) + <linux-kernel@vger.kernel.org>' and the 'Linux Kernel Documentation List + <linux-doc@vger.kernel.org>' in CC. + + Areas in the text that still need work or discussion contain a hint like this + which point out the remaining issues; all of them start with the word "FIXME" + to make them easy to find. + + +Reporting issues +++++++++++++++++ + + +The short guide (aka TL;DR) +=========================== + +If you're facing multiple issues with the Linux kernel at once, report each +separately to its developers. Try your best guess which kernel part might be +causing the issue. Check the :ref:`MAINTAINERS <maintainers>` file for how its +developers expect to be told about issues. Note, it's rarely +`bugzilla.kernel.org <https://bugzilla.kernel.org/>`_, as in almost all cases +the report needs to be sent by email! + +Check the destination thoroughly for existing reports; also search the LKML +archives and the web. Join existing discussion if you find matches. If you +don't find any, install `the latest Linux mainline kernel +<https://kernel.org/>`_. Make sure it's vanilla, thus is not patched or using +add-on kernel modules. Also ensure the kernel is running in a healthy +environment and is not already tainted before the issue occurs. + +If you can reproduce your issue with the mainline kernel, send a report to the +destination you determined earlier. Make sure it includes all relevant +information, which in case of a regression should mention the change that's +causing it which can often can be found with a bisection. Also ensure the +report reaches all people that need to know about it, for example the security +team, the stable maintainers or the developers of the patch that causes a +regression. Once the report is out, answer any questions that might be raised +and help where you can. That includes keeping the ball rolling: every time a +new rc1 mainline kernel is released, check if the issue is still happening +there and attach a status update to your initial report. + +If you can not reproduce the issue with the mainline kernel, consider sticking +with it; if you'd like to use an older version line and want to see it fixed +there, first make sure it's still supported. Install its latest release as +vanilla kernel. If you cannot reproduce the issue there, try to find the commit +that fixed it in mainline or any discussion preceding it: those will often +mention if backporting is planed or considered too complex. If backporting was +not discussed, ask if it's in the cards. In case you don't find any commits or +a preceding discussion, see the Linux-stable mailing list archives for existing +reports, as it might be a regression specific to the version line. If it is, +report it like you would report a problem in mainline (including the +bisection). + +If you reached this point without a solution, ask for advice one the +subsystem's mailing list. + + +Step-by-step guide how to report issues to the kernel maintainers +================================================================= + +The above TL;DR outlines roughly how to report issues to the Linux kernel +developers. It might be all that's needed for people already familiar with +reporting issues to Free/Libre & Open Source Software (FLOSS) projects. For +everyone else there is this section. It is more detailed and uses a +step-by-step approach. It still tries to be brief for readability and leaves +out a lot of details; those are described below the step-by-step guide in a +reference section, which explains each of the steps in more detail. + +Note: this section covers a few more aspects than the TL;DR and does things in +a slightly different order. That's in your interest, to make sure you notice +early if an issue that looks like a Linux kernel problem is actually caused by +something else. These steps thus help to ensure the time you invest in this +process won't feel wasted in the end: + + * Stop reading this document and report the problem to your vendor instead, + unless you are running the latest mainline kernel already or are willing to + install it. This kernel must not be modified or enhanced in any way, and + thus be considered 'vanilla'. + + * See if the issue you are dealing with qualifies as regression, security + issue, or a really severe problem: those are 'issues of high priority' that + need special handling in some steps that are about to follow. + + * Check if your kernel was 'tainted' when the issue occurred, as the event + that made the kernel set this flag might be causing the issue you face. + + * Locate the driver or kernel subsystem that seems to be causing the issue. + Find out how and where its developers expect reports. Note: most of the + time this won't be bugzilla.kernel.org, as issues typically need to be sent + by mail to a maintainer and a public mailing list. + + * Search the archives of the bug tracker or mailing list in question + thoroughly for reports that might match your issue. Also check if you find + something with your favorite internet search engine or in the Linux Kernel + Mailing List (LKML) archives. If you find anything, join the discussion + instead of sending a new report. + + * Create a fresh backup and put system repair and restore tools at hand. + + * Ensure your system does not enhance its kernels by building additional + kernel modules on-the-fly, which solutions like DKMS might be doing locally + without your knowledge. + + * Make sure it's not the kernel's surroundings that are causing the issue + you face. + + * Write down coarsely how to reproduce the issue. If you deal with multiple + issues at once, create separate notes for each of them and make sure they + work independently on a freshly booted system. That's needed, as each issue + needs to get reported to the kernel developers separately, unless they are + strongly entangled. + +After these preparations you'll now enter the main part: + + * Install the latest Linux mainline kernel: that's where all issues get + fixed first, because it's the version line the kernel developers mainly + care about. Testing and reporting with the latest Linux stable kernel can + be an acceptable alternative in some situations, for example during the + merge window; but during that period you might want to suspend your efforts + till its end anyway. + + * Ensure the kernel you just installed does not 'taint' itself when + running. + + * Reproduce the issue with the kernel you just installed. If it doesn't show + up there, head over to the instructions for issues only happening with + stable and longterm kernels. + + * Optimize your notes: try to find and write the most straightforward way to + reproduce your issue. Make sure the end result has all the important + details, and at the same time is easy to read and understand for others + that hear about it for the first time. And if you learned something in this + process, consider searching again for existing reports about the issue. + + * If the failure includes a stack dump, like an Oops does, consider decoding + it to find the offending line of code. + + * If your problem is a regression, try to narrow down when the issue was + introduced as much as possible. + + * Start to compile the report by writing a detailed description about the + issue. Always mention a few things: the latest kernel version you installed + for reproducing, the Linux Distribution used, and your notes on how to + reproduce the issue. Ideally, make the kernel's build configuration + (.config) and the output from ``dmesg`` available somewhere on the net and + link to it. Include or upload all other information that might be relevant, + like the output/screenshot of an Oops or the output from ``lspci``. Once + you wrote this main part, insert a normal length paragraph on top of it + outlining the issue and the impact quickly. On top of this add one sentence + that briefly describes the problem and gets people to read on. Now give the + thing a descriptive title or subject that yet again is shorter. Then you're + ready to send or file the report like the MAINTAINERS file told you, unless + you are dealing with one of those 'issues of high priority': they need + special care which is explained in 'Special handling for high priority + issues' below. + + * Wait for reactions and keep the thing rolling until you can accept the + outcome in one way or the other. Thus react publicly and in a timely manner + to any inquiries. Test proposed fixes. Do proactive testing: retest with at + least every first release candidate (RC) of a new mainline version and + report your results. Send friendly reminders if things stall. And try to + help yourself, if you don't get any help or if it's unsatisfying. + + +Reporting issues only occurring in older kernel version lines +------------------------------------------------------------- + +This section is for you, if you tried the latest mainline kernel as outlined +above, but failed to reproduce your issue there; at the same time you want to +see the issue fixed in older version lines or a vendor kernel that's regularly +rebased on new stable or longterm releases. If that case follow these steps: + + * Prepare yourself for the possibility that going through the next few steps + might not get the issue solved in older releases: the fix might be too big + or risky to get backported there. + + * Check if the kernel developers still maintain the Linux kernel version + line you care about: go to the front page of kernel.org and make sure it + mentions the latest release of the particular version line without an + '[EOL]' tag. + + * Check the archives of the Linux stable mailing list for existing reports. + + * Install the latest release from the particular version line as a vanilla + kernel. Ensure this kernel is not tainted and still shows the problem, as + the issue might have already been fixed there. + + * Search the Linux kernel version control system for the change that fixed + the issue in mainline, as its commit message might tell you if the fix is + scheduled for backporting already. If you don't find anything that way, + search the appropriate mailing lists for posts that discuss such an issue + or peer-review possible fixes; then check the discussions if the fix was + deemed unsuitable for backporting. If backporting was not considered at + all, join the newest discussion, asking if it's in the cards. + + * Check if you're dealing with a regression that was never present in + mainline by installing the first release of the version line you care + about. If the issue doesn't show up with it, you basically need to report + the issue with this version like you would report a problem with mainline + (see above). This ideally includes a bisection followed by a search for + existing reports on the net; with the help of the subject and the two + relevant commit-ids. If that doesn't turn up anything, write the report; CC + or forward the report to the stable maintainers, the stable mailing list, + and those who authored the change. Include the shortened commit-id if you + found the change that causes it. + + * One of the former steps should lead to a solution. If that doesn't work + out, ask the maintainers for the subsystem that seems to be causing the + issue for advice; CC the mailing list for the particular subsystem as well + as the stable mailing list. + + +Reference section: Reporting issues to the kernel maintainers +============================================================= + +The detailed guides above outline all the major steps in brief fashion, which +should be enough for most people. But sometimes there are situations where even +experienced users might wonder how to actually do one of those steps. That's +what this section is for, as it will provide a lot more details on each of the +above steps. Consider this as reference documentation: it's possible to read it +from top to bottom. But it's mainly meant to skim over and a place to look up +details how to actually perform those steps. + +A few words of general advice before digging into the details: + + * The Linux kernel developers are well aware this process is complicated and + demands more than other FLOSS projects. We'd love to make it simpler. But + that would require work in various places as well as some infrastructure, + which would need constant maintenance; nobody has stepped up to do that + work, so that's just how things are for now. + + * A warranty or support contract with some vendor doesn't entitle you to + request fixes from developers in the upstream Linux kernel community: such + contracts are completely outside the scope of the Linux kernel, its + development community, and this document. That's why you can't demand + anything such a contract guarantees in this context, not even if the + developer handling the issue works for the vendor in question. If you want + to claim your rights, use the vendor's support channel instead. When doing + so, you might want to mention you'd like to see the issue fixed in the + upstream Linux kernel; motivate them by saying it's the only way to ensure + the fix in the end will get incorporated in all Linux distributions. + + * If you never reported an issue to a FLOSS project before you should consider + reading `How to Report Bugs Effectively + <https://www.chiark.greenend.org.uk/~sgtatham/bugs.html>`_, `How To Ask + Questions The Smart Way + <http://www.catb.org/esr/faqs/smart-questions.html>`_, and `How to ask good + questions <https://jvns.ca/blog/good-questions/>`_. + +With that off the table, find below the details on how to properly report +issues to the Linux kernel developers. + + +Make sure you're using the upstream Linux kernel +------------------------------------------------ + + *Stop reading this document and report the problem to your vendor instead, + unless you are running the latest mainline kernel already or are willing to + install it. This kernel must not be modified or enhanced in any way, and + thus be considered 'vanilla'.* + +Like most programmers, Linux kernel developers don't like to spend time dealing +with reports for issues that don't even happen with the source code they +maintain: it's just a waste everybody's time, yours included. That's why you +later will have to test your issue with the latest 'vanilla' kernel: a kernel +that was build using the Linux sources taken straight from `kernel.org +<https://kernel.org/>`_ and not modified or enhanced in any way. + +Almost all kernels used in devices (Computers, Laptops, Smartphones, Routers, +…) and most kernels shipped by Linux distributors are ancient from the point of +kernel development and heavily modified. They thus do not qualify for reporting +an issue to the Linux kernel developers: the issue you face with such a kernel +might be fixed already or caused by the changes or additions, even if they look +small or totally unrelated. That's why issues with such kernels need to be +reported to the vendor that distributed it. Its developers should look into the +report and, in case it turns out to be an upstream issue, fix it directly +upstream or report it there. In practice that sometimes does not work out. If +that the case, you might want to circumvent the vendor by installing the latest +mainline kernel yourself and reporting the issue as outlined in this document; +just make sure to use really fresh kernel (see below). + + +.. note:: + + FIXME: Should we accept reports for issues with kernel images that are pretty + close to vanilla? But when are they close enough and how to put that line in + words? Maybe something like this? + + *Note: Some Linux kernel developers accept reports from vendor kernels that + are known to be close to upstream. That for example is often the case for + the kernels that Debian GNU/Linux Sid or Fedora Rawhide ship, which are + normally following mainline closely and carry only a few patches. So a + report with one of these might be accepted by the developers that need to + handle it. But if they do, depends heavily on the individual developers and + the issue at hand. That's why installing a mainline vanilla kernel is the + safe bet.* + + *Arch Linux, other Fedora releases, and openSUSE Tumbleweed often use quite + recent stable kernels that are pretty close to upstream, too. Some + developers accept bugs from them as well. But note that you normally should + avoid stable kernels for reporting issues and use a mainline kernel instead + (see below).* + + Are there any other major Linux distributions that should be mentioned here? + + +Issue of high priority? +----------------------- + + *See if the issue you are dealing with qualifies as regression, security + issue, or a really severe problem: those are 'issues of high priority' that + need special handling in some steps that are about to follow.* + +Linus Torvalds and the leading Linux kernel developers want to see some issues +fixed as soon as possible, hence there are 'issues of high priority' that get +handled slightly differently in the reporting process. Three type of cases +qualify: regressions, security issues, and really severe problems. + +You deal with a 'regression' if something that worked with an older version of +the Linux kernel does not work with a newer one or somehow works worse with it. +It thus is a regression when a WiFi driver that did a fine job with Linux 5.7 +somehow misbehaves with 5.8 or doesn't work at all. It's also a regression if +an application shows erratic behavior with a newer kernel, which might happen +due to incompatible changes in the interface between the kernel and the +userland (like procfs and sysfs). Significantly reduced performance or +increased power consumption also qualify as regression. But keep in mind: the +new kernel needs to be built with a configuration that is similar to the one +from the old kernel (see below how to achieve that). That's because the kernel +developers sometimes can not avoid incompatibilities when implementing new +features; but to avoid regressions such features have to be enabled explicitly +during build time configuration. + +What qualifies as security issue is left to your judgment. Consider reading +'Documentation/admin-guide/security-bugs.rst' before proceeding, as it +provides additional details how to best handle security issues. + +An issue is a 'really severe problem' when something totally unacceptably bad +happens. That's for example the case when a Linux kernel corrupts the data it's +handling or damages hardware it's running on. You're also dealing with a severe +issue when the kernel suddenly stops working with an error message ('kernel +panic') or without any farewell note at all. Note: do not confuse a 'panic' (a +fatal error where the kernel stop itself) with a 'Oops' (a recoverable error), +as the kernel remains running after the latter. + + +Check 'taint' flag +------------------ + + *Check if your kernel was 'tainted' when the issue occurred, as the event + that made the kernel set this flag might be causing the issue you face.* + +The kernel marks itself with a 'taint' flag when something happens that might +lead to follow-up errors that look totally unrelated. The issue you face might +be such an error if your kernel is tainted. That's why it's in your interest to +rule this out early before investing more time into this process. This is the +only reason why this step is here, as this process later will tell you to +install the latest mainline kernel; you will need to check the taint flag again +then, as that's when it matters because it's the kernel the report will focus +on. + +On a running system is easy to check if the kernel tainted itself: if ``cat +/proc/sys/kernel/tainted`` returns '0' then the kernel is not tainted and +everything is fine. Checking that file is impossible in some situations; that's +why the kernel also mentions the taint status when it reports an internal +problem (a 'kernel bug'), a recoverable error (a 'kernel Oops') or a +non-recoverable error before halting operation (a 'kernel panic'). Look near +the top of the error messages printed when one of these occurs and search for a +line starting with 'CPU:'. It should end with 'Not tainted' if the kernel was +not tainted when it noticed the problem; it was tainted if you see 'Tainted:' +followed by a few spaces and some letters. + +If your kernel is tainted, study 'Documentation/admin-guide/tainted-kernels.rst' +to find out why. Try to eliminate the reason. Often it's caused by one these +three things: + + 1. A recoverable error (a 'kernel Oops') occurred and the kernel tainted + itself, as the kernel knows it might misbehave in strange ways after that + point. In that case check your kernel or system log and look for a section + that starts with this:: + + Oops: 0000 [#1] SMP + + That's the first Oops since boot-up, as the '#1' between the brackets shows. + Every Oops and any other problem that happens after that point might be a + follow-up problem to that first Oops, even if both look totally unrelated. + Rule this out by getting rid of the cause for the first Oops and reproducing + the issue afterwards. Sometimes simply restarting will be enough, sometimes + a change to the configuration followed by a reboot can eliminate the Oops. + But don't invest too much time into this at this point of the process, as + the cause for the Oops might already be fixed in the newer Linux kernel + version you are going to install later in this process. + + 2. Your system uses a software that installs its own kernel modules, for + example Nvidia's proprietary graphics driver or VirtualBox. The kernel + taints itself when it loads such module from external sources (even if + they are Open Source): they sometimes cause errors in unrelated kernel + areas and thus might be causing the issue you face. You therefore have to + prevent those modules from loading when you want to report an issue to the + Linux kernel developers. Most of the time the easiest way to do that is: + temporarily uninstall such software including any modules they might have + installed. Afterwards reboot. + + 3. The kernel also taints itself when it's loading a module that resides in + the staging tree of the Linux kernel source. That's a special area for + code (mostly drivers) that does not yet fulfill the normal Linux kernel + quality standards. When you report an issue with such a module it's + obviously okay if the kernel is tainted; just make sure the module in + question is the only reason for the taint. If the issue happens in an + unrelated area reboot and temporarily block the module from being loaded + by specifying ``foo.blacklist=1`` as kernel parameter (replace 'foo' with + the name of the module in question). + + +Locate kernel area that causes the issue +---------------------------------------- + + *Locate the driver or kernel subsystem that seems to be causing the issue. + Find out how and where its developers expect reports. Note: most of the + time this won't be bugzilla.kernel.org, as issues typically need to be sent + by mail to a maintainer and a public mailing list.* + +It's crucial to send your report to the right people, as the Linux kernel is a +big project and most of its developers are only familiar with a small subset of +it. Quite a few programmers for example only care for just one driver, for +example one for a WiFi chip; its developer likely will only have small or no +knowledge about the internals of remote or unrelated "subsystems", like the TCP +stack, the PCIe/PCI subsystem, memory management or file systems. + +Problem is: the Linux kernel lacks a central bug tracker where you can simply +file your issue and make it reach the developers that need to know about it. +That's why you have to find the right place and way to report issues yourself. +You can do that with the help of a script (see below), but it mainly targets +kernel developers and experts. For everybody else the MAINTAINERS file is the +better place. + +How to read the MAINTAINERS file +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +To illustrate how to use the :ref:`MAINTAINERS <maintainers>` file, lets assume +the WiFi in your Laptop suddenly misbehaves after updating the kernel. In that +case it's likely an issue in the WiFi driver. Obviously it could also be some +code it builds upon, but unless you suspect something like that stick to the +driver. If it's really something else, the driver's developers will get the +right people involved. + +Sadly, there is no way to check which code is driving a particular hardware +component that is both universal and easy. + +In case of a problem with the WiFi driver you for example might want to look at +the output of ``lspci -k``, as it lists devices on the PCI/PCIe bus and the +kernel module driving it:: + + [user@something ~]$ lspci -k + [...] + 3a:00.0 Network controller: Qualcomm Atheros QCA6174 802.11ac Wireless Network Adapter (rev 32) + Subsystem: Bigfoot Networks, Inc. Device 1535 + Kernel driver in use: ath10k_pci + Kernel modules: ath10k_pci + [...] + +But this approach won't work if your WiFi chip is connected over USB or some +other internal bus. In those cases you might want to check your WiFi manager or +the output of ``ip link``. Look for the name of the problematic network +interface, which might be something like 'wlp58s0'. This name can be used like +this to find the module driving it:: + + [user@something ~]$ realpath --relative-to=/sys/module/ /sys/class/net/wlp58s0/device/driver/module + ath10k_pci + +In case tricks like these don't bring you any further, try to search the +internet on how to narrow down the driver or subsystem in question. And if you +are unsure which it is: just try your best guess, somebody will help you if you +guessed poorly. + +Once you know the driver or subsystem, you want to search for it in the +MAINTAINERS file. In the case of 'ath10k_pci' you won't find anything, as the +name is too specific. Sometimes you will need to search on the net for help; +but before doing so, try a somewhat shorted or modified name when searching the +MAINTAINERS file, as then you might find something like this:: + + QUALCOMM ATHEROS ATH10K WIRELESS DRIVER + Mail: A. Some Human <shuman@example.com> + Mailing list: ath10k@lists.infradead.org + Status: Supported + Web-page: https://wireless.wiki.kernel.org/en/users/Drivers/ath10k + SCM: git git://git.kernel.org/pub/scm/linux/kernel/git/kvalo/ath.git + Files: drivers/net/wireless/ath/ath10k/ + +Note: the line description will be abbreviations, if you read the plain +MAINTAINERS file found in the root of the Linux source tree. 'Mail:' for +example will be 'M:', 'Mailing list:' will be 'L', and 'Status:' will be 'S:'. +A section near the top of the file explains these and other abbreviations. + +First look at the line 'Status'. Ideally it should be 'Supported' or +'Maintained'. If it states 'Obsolete' then you are using some outdated approach +that was replaced by a newer solution you need to switch to. Sometimes the code +only has someone who provides 'Odd Fixes' when feeling motivated. And with +'Orphan' you are totally out of luck, as nobody takes care of the code anymore. +That only leaves these options: arrange yourself to live with the issue, fix it +yourself, or find a programmer somewhere willing to fix it. + +After checking the status, look for a line starting with 'bugs:': it will tell +you where to find a subsystem specific bug tracker to file your issue. The +example above does not have such a line. That is the case for most sections, as +Linux kernel development is completely driven by mail. Very few subsystems use +a bug tracker, and only some of those rely on bugzilla.kernel.org. + + +.. note:: + + FIXME: The old text took a totally different approach to bugzilla.kernel.org, + as it mentions it as the place to file issue for people that don't known how + to contact the appropriate people. The new one mentions it rarely; and when + it does like here, it warns users that it's often the wrong place to go. + + This approach was chosen as the main author of this document noticed quite a + few users (or even a lot?) get no reply to the bugs they file in bugzilla. + That's kind of expected, as quite a few (many? most?) of the maintainers + don't even get notified when reports for their subsystem get filed there. And + not getting a single reply to report is something that is just annoying for + users and might make them angry. Improving bugzilla.k.o would be an option, + but on the kernel and maintainers summit 2017 it was agreed on to first go + this route (sorry it took so long): it's easier to achieve and less + controversial, as putting additional burden on already overworked maintainers + is unlikely to get well received. + + +In this and many other cases you thus have to look for lines starting with +'Mail:' instead. Those mention the name and the email addresses for the +maintainers of the particular code. Also look for a line starting with 'Mailing +list:', which tells you the public mailing list where the code is developed. +Your report later needs to go by mail to those addresses. Additionally, for all +issue reports sent by email, make sure to add the Linux Kernel Mailing List +(LKML) <linux-kernel@vger.kernel.org> to CC. Don't omit either of the mailing +lists when sending your issue report by mail later! Maintainers are busy people +and might leave some work for other developers on the subsystem specific list; +and LKML is important to have one place where all issue reports can be found. + + +.. note:: + + FIXME: Above section tells users to always CC LKML. These days it's a kind of + "catch-all" list anyway, which nearly nobody seems to follow closely. So it + seems appropriate to go "all in" and make people send their reports here, + too, as everything (reports, fixes, ...) then can be found in one place (at + least for all reports sent by mail and all subsystems that CC LKML). + + Related: Should we create mailing list like 'linux-issues@vger.kernel.org' + and tell users above to always CC it when reporting issues? Then there would + be one central place reporters could search for existing reports (at least + for issues reported by mail) without getting regular LKML traffic mixed into + the results. + + +Finding the maintainers with the help of a script +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +For people that have the Linux sources at hand there is a second option to find +the proper place to report: the script 'scripts/get_maintainer.pl' which tries +to find all people to contact. It queries the MAINTAINERS file and needs to be +called with a path to the source code in question. For drivers compiled as +module if often can be found with a command like this:: + + $ modinfo ath10k_pci | grep filename | sed 's!/lib/modules/.*/kernel/!!; s!filename:!!; s!\.ko\(\|\.xz\)!!' + drivers/net/wireless/ath/ath10k/ath10k_pci.ko + +Pass parts of this to the script:: + + $ ./scripts/get_maintainer.pl -f drivers/net/wireless/ath/ath10k* + Some Human <shuman@example.com> (supporter:QUALCOMM ATHEROS ATH10K WIRELESS DRIVER) + Another S. Human <asomehuman@example.com> (maintainer:NETWORKING DRIVERS) + ath10k@lists.infradead.org (open list:QUALCOMM ATHEROS ATH10K WIRELESS DRIVER) + linux-wireless@vger.kernel.org (open list:NETWORKING DRIVERS (WIRELESS)) + netdev@vger.kernel.org (open list:NETWORKING DRIVERS) + linux-kernel@vger.kernel.org (open list) + +Don't sent your report to all of them. Send it to the maintainers, which the +script calls "supporter:"; additionally CC the most specific mailing list for +the code as well as the Linux Kernel Mailing List (LKML). In this case you thus +would need to send the report to 'Some Human <shuman@example.com>' with +'ath10k@lists.infradead.org' and 'linux-kernel@vger.kernel.org' in CC. + +Note: in case you cloned the Linux sources with git you might want to call +``get_maintainer.pl`` a second time with ``--git``. The script then will look +at the commit history to find which people recently worked on the code in +question, as they might be able to help. But use these results with care, as it +can easily send you in a wrong direction. That for example happens quickly in +areas rarely changed (like old or unmaintained drivers): sometimes such code is +modified during tree-wide cleanups by developers that do not care about the +particular driver at all. + + +Search for existing reports +--------------------------- + + *Search the archives of the bug tracker or mailing list in question + thoroughly for reports that might match your issue. Also check if you find + something with your favorite internet search engine or in the Linux Kernel + Mailing List (LKML) archives. If you find anything, join the discussion + instead of sending a new report.* + +Reporting an issue that someone else already brought forward is often a waste +of time for everyone involved, especially you as the reporter. So it's in your +own interest to thoroughly check if somebody reported the issue already. Thus +do not hurry with this step of the reporting process. Spending 30 to 60 minutes +or even more time can save you and others quite a lot of time and trouble. + +The best place to search is the bug tracker or the mailing list where your +report needs to be filed. You'll find quite a few of those lists on +`lore.kernel.org <https://lore.kernel.org/>`_, but some are hosted in +different places. That for example is the case for the ath10k WiFi driver used +as example in the previous step. But you'll often find the archives for these +lists easily on the net. Searching for 'archive ath10k@lists.infradead.org' for +example will quickly lead you to the `Info page for the ath10k mailing list +<https://lists.infradead.org/mailman/listinfo/ath10k>`_, which at the top links +to its `list archives <https://lists.infradead.org/pipermail/ath10k/>`_. + +Sadly this and quite a few other lists miss a way to search the archives. In +those cases use a regular internet search engine and add something like +'site:lists.infradead.org/pipermail/ath10k/' to your search terms, which limits +the results to the archives at that URL. + +Additionally, search the internet and the `Linux Kernel Mailing List (LKML) +archives <https://lore.kernel.org/lkml/>`_, as maybe the real culprit might be +in some other subsystem. Searching in `bugzilla.kernel.org +<https://bugzilla.kernel.org/>`_ might also be a good idea, but if you find +anything there keep in mind: most subsystems expect reports in different +places, hence those you find there might have not even reached the people +responsible for the subsystem in question. Nevertheless, the data there might +provide valuable insights. + +If you get flooded with results consider telling your search engine to limit +search timeframe to the past month or year. And wherever you search, make sure +to use good search terms; vary them a few times, too. While doing so try to +look at the issue from the perspective of someone else: that will help you to +come up with other words to use as search terms. Also make sure not to use too +many search terms at once. Remember to search with and without information like +the name of the kernel driver or the name of the affected hardware component. +But its exact brand name (say 'ASUS Red Devil Radeon RX 5700 XT Gaming OC') +often is not much helpful, as it is too specific. Instead try search terms like +the model line (Radeon 5700 or Radeon 5000) and the code name of the main chip +('Navi' or 'Navi10') with and without its manufacturer ('AMD'). + +In case you find an existing report about your issue, join the discussion, as +you might be able to provide valuable additional information. That can be +important even when a fix is prepared or in its final stages already, as +developers might look for people that can provide additional information or +test a proposed fix. Jump to the section 'Duties after the report went out' for +details on how to get properly involved. + + +Prepare for emergencies +----------------------- + + *Create a fresh backup and put system repair and restore tools at hand.* + +Reminder, you are dealing with computers, which sometimes do unexpected things, +especially if you fiddle with crucial parts like the kernel of its operating +system. That's what you are about to do in this process. Thus, make sure to +create a fresh backup; also ensure you have all tools at hand to repair or +reinstall the operating system as well as everything you need to restore the +backup. + + +Make sure your kernel doesn't get enhanced +------------------------------------------ + + *Ensure your system does not enhance its kernels by building additional + kernel modules on-the-fly, which solutions like DKMS might be doing locally + without your knowledge.* + +Your kernel must be 'vanilla' when reporting an issue, but stops being pure as +soon as it loads a kernel module not built from the sources used to compile the +kernel image itself. That's why you need to ensure your Linux kernel stays +vanilla by removing or disabling mechanisms like akmods and DKMS: those might +build additional kernel modules automatically, for example when your boot into +a newly installed Linux kernel the first time. Reboot after removing them and +any modules they installed. + +Note, you might not be aware that your system is using one of these solutions: +they often get set up silently when you install Nvidia's proprietary graphics +driver, VirtualBox, or other software that requires a some support from a +module not part of the Linux kernel. That why your might need to uninstall the +packages with such software to get rid of any 3rd party kernel module. + + +Ensure a healthy environment +---------------------------- + + *Make sure it's not the kernel's surroundings that are causing the issue + you face.* + +Problems that look a lot like a kernel issue are sometimes caused by build or +runtime environment. It's hard to rule out that problem completely, but you +should minimize it: + + * Use proven tools when building your kernel, as bugs in the compiler or the + binutils can cause the resulting kernel to misbehave. + + * Ensure your computer components run within their design specifications; + that's especially important for the main processor, the main memory, and the + motherboard. Therefore, stop undervolting or overclocking when facing a + potential kernel issue. + + * Try to make sure it's not faulty hardware that is causing your issue. Bad + main memory for example can result in a multitude of issues that will + manifest itself in problems looking like kernel issues. + + * If you're dealing with a filesystem issue, you might want to check the file + system in question with ``fsck``, as it might be damaged in a way that leads + to unexpected kernel behavior. + + * When dealing with a regression, make sure it's not something else that + changed in parallel to updating the kernel. The problem for example might be + caused by other software that was updated at the same time. It can also + happen that a hardware component coincidentally just broke when you rebooted + into a new kernel for the first time. Updating the systems BIOS or changing + something in the BIOS Setup can also lead to problems that on look a lot + like a kernel regression. + + +Document how to reproduce issue +------------------------------- + + *Write down coarsely how to reproduce the issue. If you deal with multiple + issues at once, create separate notes for each of them and make sure they + work independently on a freshly booted system. That's needed, as each issue + needs to get reported to the kernel developers separately, unless they are + strongly entangled.* + +If you deal with multiple issues at once, you'll have to report each of them +separately, as they might be handled by different developers. Describing +various issues in one report also makes it quite difficult for others to tear +it apart. Hence, only combine issues in one report if they are very strongly +entangled. + +Additionally, during the reporting process you will have to test if the issue +happens with other kernel versions. Therefore, it will make your work easier if +you know exactly how to reproduce an issue quickly on a freshly booted system. + +Note: it's often fruitless to report issues that only happened once, as they +might be caused by a bit flip due to cosmic radiation. That's why you should +try to rule that out by reproducing the issue before going further. Feel free +to ignore this advice if you are experienced enough to tell a one-time error +due to faulty hardware apart from a kernel issue that rarely happens and thus +is hard to reproduce. + + +Install a fresh kernel for testing +---------------------------------- + + *Install the latest Linux mainline kernel: that's where all issues get + fixed first, because it's the version line the kernel developers mainly + care about. Testing and reporting with the latest Linux stable kernel can + be an acceptable alternative in some situations, for example during the + merge window; but during that period you might want to suspend your efforts + till its end anyway.* + +Reporting an issue to the Linux kernel developers they fixed weeks or months +ago is annoying for them and wasting their and your time. That's why it's in +everybody's interest to check if the issue occurs with the latest codebase +before reporting it. + +In the scope of the Linux kernel the term 'latest' means: a kernel version +recently created from the main line of development, as this 'mainline' tree is +where developers first apply fixes; only after that are they are allowed to get +backported to older, still supported version lines called 'stable' and +'longterm' kernels. That's why you should check a recent mainline kernel, even +if you deal with an issue you only want to see fixed in an older version line. +Another reason: some fixes are only applied to mainline or recent version +lines, as it's too hard or risky to backport them to older versions. If that +the case, reporting the issue again is unlikely to change anything. + +Longterm kernels (sometimes called "LTS kernels") are therefore unsuitable for +testing; they simply are too distant from current development. Even the latest +Linux 'stable' kernel is a significant bit behind and thus better avoided. At +least most of the time, as sometimes a stable kernel can the best choice; but +in those situations you might want to wait a few days anyway: + +Choosing between mainline, stable and waiting +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +Head over to `kernel.org <https://kernel.org/>`_ to decide which version to +use. Ignore the big yellow button that says 'Latest release' and look a little +lower for a table. At its top you'll see a line starting with 'mainline', which +most of the time will point to a pre-release with a version number like +'5.8-rc2'. If that's the case, you'll want to use this mainline kernel for +testing. Do not let that 'rc' scare you, these 'development kernels' are pretty +reliable — and you made a backup, as you were instructed above, didn't you? + +In about two out of every nine to ten weeks, 'mainline' might point you to a +proper release with a version number like '5.7'. If that happens, consider +suspending the reporting process until the first pre-release of the next +version (5.8-rc1) shows up on kernel.org. That's because the Linux development +cycle then is in its two-week long 'merge window'. The bulk of the changes and +all intrusive ones get merged for the next release during this time. It's a bit +more risky to use mainline during this period. Kernel developers are also often +quite busy then and might have no spare time to deal with issue reports. It's +also quite possible that one of the many changes applied during the merge +window fixes the issue you face; that's why you soon would have to retest with +a newer kernel version anyway, as outlined below in the section 'Duties after +the report went out'. + +That's why it might make sense to wait till the merge window is over. But don't +to that if you're dealing with something that shouldn't wait. In that case +consider obtaining the latest mainline kernel via git (see below) or use the +latest stable version offered on kernel.org. Using that is also acceptable in +case mainline for some reason does currently not work for you. An in general: +using it for reproducing the issue is also better than not reporting it issue +at all. + +How to obtain a fresh Linux kernel +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +You can use pre-built or self-compiled kernel for testing; if you choose the +latter approach, you can either obtain the source code using git or download it +as tar archive. + +Using a pre-compiled kernel for testing is often the quickest, easiest, and +safest way – especially is you are unfamiliar with the Linux kernel. But it +needs to be a vanilla kernel, which can be hard to come buy. You are in luck if +you are using a popular Linux distribution: for quite a few of them you'll find +repositories on the net that contain packages with the latest mainline or +stable kernels in vanilla fashion. It's totally okay to use these, just make +sure from the repository's documentation they are really vanilla. And ensure +the packages contain the latest versions as offered on kernel.org; they are +likely unsuitable if the package is older than a week, as new mainline and +stable kernels typically get released at least once a week. And be aware that +you might need to get build your own kernel later anyway when it comes to +helping test fixes, as described later in this document. + +Developers and experienced Linux users familiar with git are often best served +by obtaining the latest Linux kernel sources straight from the `official +development repository on kernel.org +<https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/>`_. +Those are likely a bit ahead of the latest mainline pre-release. Don't worry +about it: they are as reliable as a proper pre-release, unless the kernel's +development cycle is currently in the middle of a merge window. But even then +they are quite reliable. + +People unfamiliar with git are often best served by downloading the sources as +tarball from `kernel.org <https://kernel.org/>`_. + +How to actually build a kernel isnot described here, as many websites explain +the necessary steps already. If you are new to it, consider following one of +those how-to's that suggest to use ``make localmodconfig``, as that tries to +pick up the configuration of your current kernel and then tries to adjust it +somewhat for your system. That does not make the resulting kernel any better, +but quicker to compile. + + +Check 'taint' flag +------------------ + + *Ensure the kernel you just installed does not 'taint' itself when + running.* + +As outlined above in more detail already: the kernel sets a 'taint' flag when +something happens that can lead to follow-up errors that look totally +unrelated. That's why you need to check if the kernel you just installed does +not set this flag. And if it does, you in almost all the cases needs to +eliminate the reason for it before you reporting issues that occur with it. See +the section above for details how to do that. + + +Reproduce issue with the fresh kernel +------------------------------------- + + *Reproduce the issue with the kernel you just installed. If it doesn't show + up there, head over to the instructions for issues only happening with + stable and longterm kernels.* + +Check if the issue occurs with the fresh Linux kernel version you just +installed. If it was fixed there already, consider sticking with this version +line and abandoning your plan to report the issue. But keep in mind that other +users might still be plagued by it, as long as it's not fixed in either stable +and longterm version from kernel.org (and thus vendor kernels derived from +those). If you prefer to use one of those or just want to help their users, +head over to the section "Details about reporting issues only occurring in +older kernel version lines" below. + + +Optimize description to reproduce issue +--------------------------------------- + + *Optimize your notes: try to find and write the most straightforward way to + reproduce your issue. Make sure the end result has all the important + details, and at the same time is easy to read and understand for others + that hear about it for the first time. And if you learned something in this + process, consider searching again for existing reports about the issue.* + +An unnecessarily complex report will make it hard for others to understand your +report. Thus try to find a reproducer that's straight forward to describe and +thus easy to understand in written form. Include all important details, but at +the same time try to keep it as short as possible. + +In this in the previous steps you likely have learned a thing or two about the +issue you face. Use this knowledge and search again for existing reports +instead you can join. + + +Decode failure messages +----------------------- + +.. note:: + + FIXME: The text in this section is a placeholder for now and quite similar to + the old text found in 'Documentation/admin-guide/reporting-bugs.rst' + currently. It and the document it references are known to be outdated and + thus need to be revisited. Thus consider this note a request for help: if you + are familiar with this topic, please write a few lines that would fit here. + Alternatively, simply outline the current situation roughly to the main + authors of this document (see intro), as they might be able to write + something then. + + This section in the end should answer questions like "when is this actually + needed", "what .config options to ideally set earlier to make this step easy + or unnecessary?" (likely CONFIG_UNWINDER_ORC when it's available, otherwise + CONFIG_UNWINDER_FRAME_POINTER; but is there anything else needed?). + +.. + + *If the failure includes a stack dump, like an Oops does, consider decoding + it to find the offending line of code.* + +When the kernel detects an error, it will print a stack dump that allows to +identify the exact line of code where the issue happens. But that information +sometimes needs to get decoded to be readable, which is explained in +admin-guide/bug-hunting.rst. + + +Special care for regressions +---------------------------- + + *If your problem is a regression, try to narrow down when the issue was + introduced as much as possible.* + +Linux lead developer Linus Torvalds insists that the Linux kernel never +worsens, that's why he deems regressions as unacceptable and wants to see them +fixed quickly. That's why changes that introduced a regression are often +promptly reverted if the issue they cause can't get solved quickly any other +way. Reporting a regression is thus a bit like playing a kind of trump card to +get something quickly fixed. But for that to happen the change that's causing +the regression needs to be known. Normally it's up to the reporter to track +down the culprit, as maintainers often won't have the time or setup at hand to +reproduce it themselves. + +To find the change there is a process called 'bisection' which the document +'Documentation/admin-guide/bug-bisect.rst' describes in detail. That process +will often require you to build about ten to twenty kernel images, trying to +reproduce the issue with each of them before building the next. Yes, that takes +some time, but don't worry, it works a lot quicker than most people assume. +Thanks to a 'binary search' this will lead you to the one commit in the source +code management system that's causing the regression. Once you find it, search +the net for the subject of the change, its commit id and the shortened commit id +(the first 12 characters of the commit id). This will lead you to existing +reports about it, if there are any. + +Note, a bisection needs a bit of know-how, which not everyone has, and quite a +bit of effort, which not everyone is willing to invest. Nevertheless, it's +highly recommended performing a bisection yourself. If you really can't or +don't want to go down that route at least find out which mainline kernel +introduced the regression. If something for example breaks when switching from +5.5.15 to 5.8.4, then try at least all the mainline releases in that area (5.6, +5.7 and 5.8) to check when it first showed up. Unless you're trying to find a +regression in a stable or longterm kernel, avoid testing versions which number +has three sections (5.6.12, 5.7.8), as that makes the outcome hard to +interpret, which might render your testing useless. Once you found the major +version which introduced the regression, feel free to move on in the reporting +process. But keep in mind: it depends on the issue at hand if the developers +will be able to help without knowing the culprit. Sometimes they might +recognize from the report want went wrong and can fix it; other times they will +be unable to help unless you perform a bisection. + +When dealing with regressions make sure the issue you face is really caused by +the kernel and not by something else, as outlined above already. + +In the whole process keep in mind: an issue only qualifies as regression if the +older and the newer kernel got built with a similar configuration. The best way +to archive this: copy the configuration file (``.config``) from the old working +kernel freshly to each newer kernel version you try. Afterwards run ``make +oldnoconfig`` to adjust it for the needs of the new version without enabling +any new feature, as those are allowed to cause regressions. + + +Write and send the report +------------------------- + + *Start to compile the report by writing a detailed description about the + issue. Always mention a few things: the latest kernel version you installed + for reproducing, the Linux Distribution used, and your notes on how to + reproduce the issue. Ideally, make the kernel's build configuration + (.config) and the output from ``dmesg`` available somewhere on the net and + link to it. Include or upload all other information that might be relevant, + like the output/screenshot of an Oops or the output from ``lspci``. Once + you wrote this main part, insert a normal length paragraph on top of it + outlining the issue and the impact quickly. On top of this add one sentence + that briefly describes the problem and gets people to read on. Now give the + thing a descriptive title or subject that yet again is shorter. Then you're + ready to send or file the report like the MAINTAINERS file told you, unless + you are dealing with one of those 'issues of high priority': they need + special care which is explained in 'Special handling for high priority + issues' below.* + +Now that you have prepared everything it's time to write your report. How to do +that is partly explained by the three documents linked to in the preface above. +That's why this text will only mention a few of the essentials as well as +things specific to the Linux kernel. + +There is one thing that fits both categories: the most crucial parts of your +report are the title/subject, the first sentence, and the first paragraph. +Developers often get quite a lot of mail. They thus often just take a few +seconds to skim a mail before deciding to move on or look closer. Thus: the +better the top section of your report, the higher are the chances that someone +will look into it and help you. And that is why you should ignore them for now +and write the detailed report first. ;-) + +Things each report should mention +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +Describe in detail how your issue happens with the fresh vanilla kernel you +installed. Try to include the step-by-step instructions you wrote and optimized +earlier that outline how you and ideally others can reproduce the issue; in +those rare cases where that's impossible try to describe what you did to +trigger it. + +Also include all the relevant information others might need to understand the +issue and its environment. What's actually needed depends a lot on the issue, +but there are some things you should include always: + + * the output from ``cat /proc/version``, which contains the Linux kernel + version number and the compiler it was built with. + + * the Linux distribution the machine is running (``hostnamectl | grep + "Operating System"``) + + * the architecture of the CPU and the operating system (``uname -mi``) + + * if you are dealing with a regression and performed a bisection, mention the + subject and the commit-id of the change that is causing it. + +In a lot of cases it's also wise to make two more things available to those +that read your report: + + * the configuration used for building your Linux kernel (the '.config' file) + + * the kernel's messages that you get from ``dmesg`` written to a file. Make + sure that it starts with a line like 'Linux version 5.8-1 + (foobar@example.com) (gcc (GCC) 10.2.1, GNU ld version 2.34) #1 SMP Mon Aug + 3 14:54:37 UTC 2020' If it's missing, then important messages from the first + boot phase already got discarded. In this case instead consider using + ``journalctl -b 0 -k``; alternatively you can also reboot, reproduce the + issue and call ``dmesg`` right afterwards. + +These two files are big, that's why it's a bad idea to put them directly into +your report. If you are filing the issue in a bug tracker then attach them to +the ticket. If you report the issue by mail do not attach them, as that makes +the mail too large; instead do one of these things: + + * Upload the files somewhere public (your website, a public file paste + service, a ticket created just for this purpose on `bugzilla.kernel.org + <https://bugzilla.kernel.org/>`_, ...) and include a link to them in your + report. Ideally use something where the files stay available for years, as + they could be useful to someone many years from now; this for example can + happen if five or ten years from now a developer works on some code that was + changed just to fix your issue. + + * Put the files aside and mention you will send them later in individual + replies to your own mail. Just remember to actually do that once the report + went out. ;-) + +Things that might be wise to provide +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +Depending on the issue you might need to add more background data. Here are a +few suggestions what often is good to provide: + + * If you are dealing with a 'warning', an 'OOPS' or a 'panic' from the kernel, + include it. If you can't copy'n'paste it, try to capture a netconsole trace + or at least take a picture of the screen. + + * If the issue might be related to your computer hardware, mention what kind + of system you use. If you for example have problems with your graphics card, + mention its manufacturer, the card's model, and what chip is uses. If it's a + laptop mention its name, but try to make sure it's meaningful. 'Dell XPS 13' + for example is not, because it might be the one from 2012; that one looks + not that different from the one sold today, but apart from that the two have + nothing in common. Hence, in such cases add the exact model number, which + for example are '9380' or '7390' for XPS 13 models introduced during 2019. + Names like 'Lenovo Thinkpad T590' are also somewhat ambiguous: there are + variants of this laptop with and without a dedicated graphics chip, so try + to find the exact model name or specify the main components. + + * Mention the relevant software in use. If you have problems with loading + modules, you want to mention the versions of kmod, systemd, and udev in use. + If one of the DRM drivers misbehaves, you want to state the versions of + libdrm and Mesa; also specify your Wayland compositor or the X-Server and + its driver. If you have a filesystem issue, mention the version of + corresponding filesystem utilities (e2fsprogs, btrfs-progs, xfsprogs, ...). + + * Gather additional information from the kernel that might be of interest. The + output from ``lspci -nn`` will for example help others to identify what + hardware you use. If you have a problem with hardware you even might want to + make the output from ``sudo lspci -vvv`` available, as that provides + insights how the components were configured. For some issues it might be + good to include the contents of files like ``/proc/cpuinfo``, + ``/proc/ioports``, ``/proc/iomem``, ``/proc/modules``, or + ``/proc/scsi/scsi``. Some subsystem also offer tools to collect relevant + information. One such tool is ``alsa-info.sh`` `which the audio/sound + subsystem developers provide <https://www.alsa-project.org/wiki/AlsaInfo>`_. + +Those examples should give your some ideas of what data might be wise to +attach, but you have to think yourself what will be helpful for others to know. +Don't worry too much about forgetting something, as developers will ask for +additional details they need. But making everything important available from +the start increases the chance someone will take a closer look. + + +The important part: the head of your report +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +Now that you have the detailed part of the report prepared let's get to the +most important section: the first few sentences. Thus go to the top, add +something like 'The detailed description:' before the part you just wrote and +insert two newlines at the top. Now write one normal length paragraph that +describes the issue roughly. Leave out all boring details and focus on the +crucial parts readers need to know to understand what this is all about; if you +think this bug affects a lot of users, mention this to get people interested. + +Once you did that insert two more lines at the top and write a one sentence +summary that explains quickly what the report is about. After that you have to +get even more abstract and write an even shorter subject/title for the report. + +Now that you have written this part take some time to optimize it, as it is the +most important parts of your report: a lot of people will only read this before +they decide if reading the rest is time well spent. + +Now send or file the report like the :ref:`MAINTAINERS <maintainers>` file told +you, unless it's one of those 'issues of high priority' outlined earlier: in +that case please read the next subsection first before sending the report on +its way. + +Special handling for high priority issues +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +Reports for high priority issues need special handling. + +**Severe bugs**: make sure the subject or ticket title as well as the first +paragraph makes the severeness obvious. + +**Regressions**: If the issue is a regression add [REGRESSION] to the mail's +subject or the title in the bug-tracker. If you did not perform a bisection +mention at least the latest mainline version you tested that worked fine (say +5.7) and the oldest where the issue occurs (say 5.8). If you did a successful +bisection mention the commit id and subject of the change that causes the +regression. Also make sure to add the author of that change to your report; if +you need to file your bug in a bug-tracker forward the report to him in a +private mail and mention where your filed it. + +**Security issues**: for these issues your will have to evaluate if a +short-term risk to other users would arise if details were publicly disclosed. +If that's not the case simply proceed with reporting the issue as described. +For issues that bear such a risk you will need to adjust the reporting process +slightly: + + * If the MAINTAINERS file instructed you to report the issue by mail, do not + CC any public mailing lists. + + * If you were supposed to file the issue in a bug tracker make sure to mark + the ticket as 'private' or 'security issue'. If the bug tracker does not + offer a way to keep reports private, forget about it and send your report as + a private mail to the maintainers instead. + +In both cases make sure to also mail your report to the addresses the +MAINTAINERS file lists in the section 'security contact'. Ideally directly CC +them when sending the report by mail. If you filed it in a bug tracker, forward +the report's text to these addresses; but on top of it put a small note where +you mention that you filed it with a link to the ticket. + +See 'Documentation/admin-guide/security-bugs.rst' for more information. + + +Duties after the report went out +-------------------------------- + + *Wait for reactions and keep the thing rolling until you can accept the + outcome in one way or the other. Thus react publicly and in a timely manner + to any inquiries. Test proposed fixes. Do proactive testing: retest with at + least every first release candidate (RC) of a new mainline version and + report your results. Send friendly reminders if things stall. And try to + help yourself, if you don't get any help or if it's unsatisfying.* + +If your report was good and you are really lucky then one of the developers +might immediately spot what's causing the issue; they then might write a patch +to fix it, test it, and send it straight for integration in mainline while +tagging it for later backport to stable and longterm kernels that need it. Then +all you need to do is reply with a 'Thank you very much' and switch to a version +with the fix once it gets released. + +But this ideal scenario rarely happens. That's why the job is only starting +once you got the report out. What you'll have to do depends on the situations, +but often it will be the things listed below. But before digging into the +details, here are a few important things you need to keep in mind for this part +of the process. + + +General advice for further interactions +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +**Always reply in public**: When you filed the issue in a bug tracker, always +reply there and do not contact any of the developers privately about it. For +mailed reports always use the 'Reply-all' function when replying to any mails +you receive. That includes mails with any additional data you might want to add +to your report: go to your mail applications 'Sent' folder and use 'reply-all' +on your mail with the report. This approach will make sure the public mailing +list(s) and everyone else that gets involved over time stays in the loop; it +also keeps the mail thread intact, which among others is really important for +mailing lists to group all related mails together. + +There are just two situations where a comment in a bug tracker or a 'Reply-all' +is unsuitable: + + * Someone tells you to send something privately. + + * You were told to send something, but noticed it contains sensitive + information that needs to be kept private. In that case it's okay to send it + in private to the developer that asked for it. But note in the ticket or a + mail that you did that, so everyone else knows you honored the request. + +**Do research before asking for clarifications or help**: In this part of the +process someone might tell you to do something that requires a skill you might +not have mastered yet. For example, you might be asked to use some test tools +you never have heard of yet; or you might be asked to apply a patch to the +Linux kernel sources to test if it helps. In some cases it will be fine sending +a reply asking for instructions how to do that. But before going that route try +to find the answer own your own by searching the internet; alternatively +consider asking in other places for advice. For example ask a fried or post +about it to a chatroom or forum you normally hang out. + +**Be patient**: If you are really lucky you might get a reply to your report +within a few hours. But most of the time it will take longer, as maintainers +are scattered around the globe and thus might be in a different time zone – one +where they already enjoy their night away from keyboard. + +In general, kernel developers will take one to five business days to respond to +reports. Sometimes it will take longer, as they might be busy with the merge +windows, other work, visiting developer conferences, or simply enjoying a long +summer holiday. + +The 'issues of high priority' (see above for an explanation) are an exception +here: maintainers should address them as soon as possible; that's why you +should wait a week at maximum (or just two days if it's something urgent) +before sending a friendly reminder. + +Sometimes the maintainer might not be responding in a timely manner; other +times there might be disagreements, for example if an issue qualifies as +regression or not. In such cases raise your concerns on the mailing list and +ask others for public or private replies how to move on. If that fails, it +might be appropriate to get a higher authority involved. In case of a WiFi +driver that would be the wireless maintainers; if there are no higher level +maintainers or all else fails, it might be one of those rare situations where +it's okay to get Linus Torvalds involved. + +**Proactive testing**: Every time the first pre-release (the 'rc1') of a new +mainline kernel version gets released, go and check if the issue is fixed there +or if anything of importance changed. Mention the outcome in the ticket or in a +mail you sent as reply to your report (make sure it has all those in the CC +that up to that point participated in the discussion). This will show your +commitment and that you are willing to help. It also tells developers if the +issue persists and makes sure they do not forget about it. A few other +occasional retests (for example with rc3, rc5 and the final) are also a good +idea, but only report your results if something relevant changed or if you are +writing something anyway. + +With all these general things off the table let's get into the details of how +to help to get issues resolved once they were reported. + +Inquires and testing request +~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +Here are your duties in case you got replies to your report: + +**Check who you deal with**: Most of the time it will be the maintainer or a +developer of the particular code area that will respond to your report. But as +issues are normally reported in public it could be anyone that's replying — +including people that want to help, but in the end might guide you totally off +track with their questions or requests. That rarely happens, but it's one of +many reasons why it's wise to quickly run an internet search to see who you're +interacting with. By doing this you also get aware if your report was heard by +the right people, as a reminder to the maintainer (see below) might be in order +later if discussion fades out without leading to a satisfying solution for the +issue. + +**Inquiries for data**: Often you will be asked to test something or provide +additional details. Try to provide the requested information soon, as you have +the attention of someone that might help and risk losing it the longer you +wait; that outcome is even likely if you do not provide the information within +a few business days. + +**Requests for testing**: When you are asked to test a diagnostic patch or a +possible fix, try to test it in timely manner, too. But do it properly and make +sure to not rush it: mixing things up can happen easily and can lead to a lot +of confusion for everyone involved. A common mistake for example is thinking a +proposed patch with a fix was applied, but in fact wasn't. Things like that +happen even to experienced testers occasionally, but they most of the time will +notice when the kernel with the fix behaves just as one without it. + +What to do when nothing of substance happens +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +Some reports will not get any reaction from the responsible Linux kernel +developers; or a discussion around the issue evolved, but faded out with +nothing of substance coming out of it. + +In these cases wait two (better: three) weeks before sending a friendly +reminder: maybe the maintainer was just away from keyboard for a while when +your report arrived or had something more important to take care of. When +writing the reminder, kindly ask if anything else from your side is needed to +get the ball running somehow. If the report got out by mail, do that in the +first lines of a mail that is a reply to your initial mail (see above) which +includes a full quote of the original report below: that's on of those few +situations where such a 'TOFU' (Text Over, Fullquote Under) is the right +approach, as then all the recipients will have the details at hand immediately +in the proper order. + +After the reminder wait three more weeks for replies. If you still don't get a +proper reaction, you first should reconsider your approach. Did you maybe try +to reach out to the wrong people? Was the report maybe offensive or so +confusing that people decided to completely stay away from it? The best way to +rule out such factors: show the report to one or two people familiar with FLOSS +issue reporting and ask for their opinion. Also ask them for their advice how +to move forward. That might mean: prepare a better report and make those people +review it before you send it out. Such an approach is totally fine; just +mention that this is the second and improved report on the issue and include a +link to the first report. + +If the report was proper you can send a second reminder; in it ask for advice +why the report did not get any replies. A good moment for this second reminder +mail is shortly after the first pre-release (the 'rc1') of a new Linux kernel +version got published, as you should retest and provide a status update at that +point anyway (see above). + +If the second reminder again results in no reaction within a week, try to +contact a higher-level maintainer asking for advice: even busy maintainers by +then should at least have sent some kind of acknowledgment. + +Remember to prepare yourself for a disappointment: maintainers ideally should +react somehow to every issue report, but they are only obliged to fix those +'issues of high priority' outlined earlier. So don't be too devastating if you +get a reply along the lines of 'thanks for the report, I have more important +issues to deal with currently and won't have time to look into this for the +foreseeable future'. + +It's also possible that after some discussion in the bug tracker or on a list +nothing happens anymore and reminders don't help to motivate anyone to work out +a fix. Such situations can be devastating, but is within the cards when it +comes to Linux kernel development. This and several other reasons for not +getting help are explained in 'Why some issues won't get any reaction or remain +unfixed after being reported' near the end of this document. + +Don't get devastated if you don't find any help or if the issue in the end does +not get solved: the Linux kernel is FLOSS and thus you can still help yourself. +You for example could try to find others that are affected and team up with +them to get the issue resolved. Such a team could prepare a fresh report +together that mentions how many you are and why this is something that in your +option should get fixed. Maybe together you can also narrow down the root cause +or the change that introduced a regression, which often makes developing a fix +easier. And with a bit of luck there might be someone in the team that knows a +bit about programming and might be able to write a fix. + + +Details about reporting issues only occurring in older kernel version lines +--------------------------------------------------------------------------- + +This subsection provides details for steps you need to take if you could not +reproduce your issue with a mainline kernel, but want to see it fixed in older +version lines (aka stable and longterm kernels). + +Some fixes are too complex +~~~~~~~~~~~~~~~~~~~~~~~~~~ + + *Prepare yourself for the possibility that going through the next few steps + might not get the issue solved in older releases: the fix might be too big + or risky to get backported there.* + +Even small and seemingly obvious code-changes sometimes introduce new and +totally unexpected problems. The maintainers of the stable and longterm kernels +are very aware of that and thus only apply changes to these kernels that are +within rules outlined in 'Documentation/process/stable-kernel-rules.rst'. + +Complex or risky changes for example do not qualify and thus only get applied +to mainline. Other fixes are easy to get backported to the newest stable and +longterm kernels, but too risky to integrate into older ones. So be aware the +fix you are hoping for might be one of those that won't be backported to the +version line your care about. In that case you'll have no other choice then to +live with the issue or switch to a newer Linux version, unless you want to +patch the fix into your kernels yourself. + +Make sure the particular version line still gets support +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + + *Check if the kernel developers still maintain the Linux kernel version + line you care about: go to the front page of kernel.org and make sure it + mentions the latest release of the particular version line without an + '[EOL]' tag.* + +Most kernel version lines only get supported for about three months, as +maintaining them longer is quite a lot of work. Hence, only one per year is +chosen and gets supported for at least two years (often six). That's why you +need to check if the kernel developers still support the version line you care +for. + +Note, if kernel.org lists two 'stable' version lines on the front page, you +should consider switching to the newer one and forget about the older one: +support for it is likely to be abandoned soon. Then it will get a "end-of-life" +(EOL) stamp. Version lines that reached that point still get mentioned on the +kernel.org front page for a week or two, but are unsuitable for testing and +reporting. + +Search stable mailing list +~~~~~~~~~~~~~~~~~~~~~~~~~~ + + *Check the archives of the Linux stable mailing list for existing reports.* + +Maybe the issue you face is already known and was fixed or is about to. Hence, +`search the archives of the Linux stable mailing list +<https://lore.kernel.org/stable/>`_ for reports about an issue like yours. If +you find any matches, consider joining the discussion, unless the fix is +already finished and scheduled to get applied soon. + +Reproduce issue with the newest release +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + + *Install the latest release from the particular version line as a vanilla + kernel. Ensure this kernel is not tainted and still shows the problem, as + the issue might have already been fixed there.* + +Before investing any more time in this process you want to check if the issue +was already fixed in the latest release of version line you're interested in. +This kernel needs to be vanilla and shouldn't be tainted before the issue +happens, as detailed outlined already above in the process of testing mainline. + +Check code history and search for existing discussions +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + + *Search the Linux kernel version control system for the change that fixed + the issue in mainline, as its commit message might tell you if the fix is + scheduled for backporting already. If you don't find anything that way, + search the appropriate mailing lists for posts that discuss such an issue + or peer-review possible fixes; then check the discussions if the fix was + deemed unsuitable for backporting. If backporting was not considered at + all, join the newest discussion, asking if it's in the cards.* + +In a lot of cases the issue you deal with will have happened with mainline, but +got fixed there. The commit that fixed it would need to get backported as well +to get the issue solved. That's why you want to search for it or any +discussions abound it. + + * First try to find the fix in the Git repository that holds the Linux kernel + sources. You can do this with the web interfaces `on kernel.org + <https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/>`_ + or its mirror `on GitHub <https://github.com/torvalds/linux>`_; if you have + a local clone you alternatively can search on the command line with ``git + log --grep=<pattern>``. + + If you find the fix, look if the commit message near the end contains a + 'stable tag' that looks like this: + + Cc: <stable@vger.kernel.org> # 5.4+ + + If that's case the developer marked the fix safe for backporting to version + line 5.4 and later. Most of the time it's getting applied there within two + weeks, but sometimes it takes a bit longer. + + * If the commit doesn't tell you anything or if you can't find the fix, look + again for discussions about the issue. Search the net with your favorite + internet search engine as well as the archives for the `Linux kernel + developers mailing list <https://lore.kernel.org/lkml/>`_. Also read the + section `Locate kernel area that causes the issue` above and follow the + instructions to find the subsystem in question: its bug tracker or mailing + list archive might have the answer you are looking for. + + * If you see a proposed fix, search for it in the version control system as + outlined above, as the commit might tell you if a backport can be expected. + + * Check the discussions for any indicators the fix might be too risky to get + backported to the version line you care about. If that's the case you have + to live with the issue or switch to the kernel version line where the fix + got applied. + + * If the fix doesn't contain a stable tag and backporting was not discussed, + join the discussion: mention the version where you face the issue and that + you would like to see it fixed, if suitable. + +Check if it's a regression specific to stable or longterm kernels +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + + *Check if you're dealing with a regression that was never present in + mainline by installing the first release of the version line you care + about. If the issue doesn't show up with it, you basically need to report + the issue with this version like you would report a problem with mainline + (see above). This ideally includes a bisection followed by a search for + existing reports on the net; with the help of the subject and the two + relevant commit-ids. If that doesn't turn up anything, write the report; CC + or forward the report to the stable maintainers, the stable mailing list, + and those who authored the change. Include the shortened commit-id if you + found the change that causes it.* + +Sometimes you won't find anything in the previous step: the issue you face +might have never occurred in mainline, as it is caused by some change that is +incomplete or not correctly applied. To check this, install the first release +from version line you care about, e.g., if you care about 5.4.x, install 5.4. + +If the issue doesn't show itself there, it's a regression specific to the +particular version line. In that case you need to report it like an issue +happening in mainline, like the last few steps in the main section in the above +outline. + +One of them suggests doing a bisection, which you are strongly advised to do in +this case. After finding the culprit, search the net for existing reports +again: not only search for the exact subject and the commit-id (proper and +shortened to twelve characters) of the change, but also for the commit-id +(proper and shortened) mentioned as 'Upstream commit' in the commit message. + +Write the report; just keep a few specialties in mind: CC or forward the report +to the stable maintainers, the stable mailing list, which the :ref:`MAINTAINERS +<maintainers>` file mentions in the section "STABLE BRANCH". If you performed a +successful bisection, CC the author of the change and include its subject and +the shortened commit-id. + +Ask for advice +~~~~~~~~~~~~~~ + + *One of the former steps should lead to a solution. If that doesn't work + out, ask the maintainers for the subsystem that seems to be causing the + issue for advice; CC the mailing list for the particular subsystem as well + as the stable mailing list.* + +If the previous three steps didn't get you closer to a solution there is only +one option left: ask for advice. Do that in a mail you sent to the maintainers +for the subsystem where the issue seems to have its roots; CC the mailing list +for the subsystem as well as the stable mailing list the :ref:`MAINTAINERS +<maintainers>` file mention in the section "STABLE BRANCH". + + +Why some issues won't get any reaction or remain unfixed after being reported +============================================================================= + +When reporting a problem to the Linux developers, be aware only 'issues of high +priority' (regressions, security issues, severe problems) are definitely going +to get resolved. The maintainers or if all else fails Linus Torvalds himself +will make sure of that. They and the other kernel developers will fix a lot of +other issues as well. But be aware that sometimes they can't or won't help; and +sometimes there isn't even anyone to send a report to. + +This is best explained with kernel developers that contribute to the Linux +kernel in their spare time. Quite a few of the drivers in the kernel were +written by such programmers, often because they simply wanted to make their +hardware usable on their favorite operating system. + +These programmers most of the time will happily fix problems other people +report. But nobody can force them to do, as they are contributing voluntarily. + +Then there are situations where such developers really want to fix an issue, +but can't: sometimes they lack hardware programming documentation to do so. +This often happens when the publicly available docs are superficial or the +driver was written with the help of reverse engineering. + +Sooner or later spare time developers will also stop caring for the driver. +Maybe their test hardware broke, got replaced by something more fancy, or is so +old that it's something you don't find much outside of computer museums +anymore. Sometimes developer stops caring for their code and Linux at all, as +something different in their life became way more important. In some cases +nobody is willing to take over the job as maintainer – and nobody can be forced +to, as contributing to the Linux kernel is done on a voluntary basis. Abandoned +drivers nevertheless remain in the kernel: they are still useful for people and +removing would be a regression. + +The situation is not that different with developers that are paid for their +work on the Linux kernel. Those contribute most changes these days. But their +employers sooner or later also stop caring for their code or make its +programmer focus on other things. Hardware vendors for example earn their money +mainly by selling new hardware; quite a few of them hence are not investing +much time and energy in maintaining a Linux kernel driver for something they +stopped selling years ago. Enterprise Linux distributors often care for a +longer time period, but in new versions often leave support for old and rare +hardware aside to limit the scope. Often spare time contributors take over once +a company orphans some code, but as mentioned above: sooner or later they will +leave the code behind, too. + +Priorities are another reason why some issues are not fixed, as maintainers +quite often are forced to set those, as time to work on Linux is limited. +That's true for spare time or the time employers grant their developers to +spend on maintenance work on the upstream kernel. Sometimes maintainers also +get overwhelmed with reports, even if a driver is working nearly perfectly. To +not get completely stuck, the programmer thus might have no other choice than +to prioritize issue reports and reject some of them. + +But don't worry too much about all of this, a lot of drivers have active +maintainers who are quite interested in fixing as many issues as possible. + + +Closing words +============= + +Compared with other Free/Libre & Open Source Software it's hard to report +issues to the Linux kernel developers: the length and complexity of this +document and the implications between the lines illustrate that. But that's how +it is for now. The main author of this text hopes documenting the state of the +art will lay some groundwork to improve the situation over time. diff --git a/Documentation/admin-guide/security-bugs.rst b/Documentation/admin-guide/security-bugs.rst index c32eb786201c..82e29837d589 100644 --- a/Documentation/admin-guide/security-bugs.rst +++ b/Documentation/admin-guide/security-bugs.rst @@ -21,7 +21,7 @@ understand and fix the security vulnerability. As it is with any bug, the more information provided the easier it will be to diagnose and fix. Please review the procedure outlined in -:doc:`reporting-bugs` if you are unclear about what +'Documentation/admin-guide/reporting-issues.rst' if you are unclear about what information is helpful. Any exploit code is very helpful and will not be released without consent from the reporter unless it has already been made public. diff --git a/Documentation/admin-guide/spkguide.txt b/Documentation/admin-guide/spkguide.txt index 3782f6a09e97..5ff6a0fe87d1 100644 --- a/Documentation/admin-guide/spkguide.txt +++ b/Documentation/admin-guide/spkguide.txt @@ -344,6 +344,7 @@ spk key_slash = say_attributes spk key_8 = speakup_paste shift spk key_m = say_first_char ctrl spk key_semicolon = say_last_char +spk key_r = read_all_doc 5. The Speakup Sys System diff --git a/Documentation/admin-guide/syscall-user-dispatch.rst b/Documentation/admin-guide/syscall-user-dispatch.rst new file mode 100644 index 000000000000..a380d6515774 --- /dev/null +++ b/Documentation/admin-guide/syscall-user-dispatch.rst @@ -0,0 +1,90 @@ +.. SPDX-License-Identifier: GPL-2.0 + +===================== +Syscall User Dispatch +===================== + +Background +---------- + +Compatibility layers like Wine need a way to efficiently emulate system +calls of only a part of their process - the part that has the +incompatible code - while being able to execute native syscalls without +a high performance penalty on the native part of the process. Seccomp +falls short on this task, since it has limited support to efficiently +filter syscalls based on memory regions, and it doesn't support removing +filters. Therefore a new mechanism is necessary. + +Syscall User Dispatch brings the filtering of the syscall dispatcher +address back to userspace. The application is in control of a flip +switch, indicating the current personality of the process. A +multiple-personality application can then flip the switch without +invoking the kernel, when crossing the compatibility layer API +boundaries, to enable/disable the syscall redirection and execute +syscalls directly (disabled) or send them to be emulated in userspace +through a SIGSYS. + +The goal of this design is to provide very quick compatibility layer +boundary crosses, which is achieved by not executing a syscall to change +personality every time the compatibility layer executes. Instead, a +userspace memory region exposed to the kernel indicates the current +personality, and the application simply modifies that variable to +configure the mechanism. + +There is a relatively high cost associated with handling signals on most +architectures, like x86, but at least for Wine, syscalls issued by +native Windows code are currently not known to be a performance problem, +since they are quite rare, at least for modern gaming applications. + +Since this mechanism is designed to capture syscalls issued by +non-native applications, it must function on syscalls whose invocation +ABI is completely unexpected to Linux. Syscall User Dispatch, therefore +doesn't rely on any of the syscall ABI to make the filtering. It uses +only the syscall dispatcher address and the userspace key. + +As the ABI of these intercepted syscalls is unknown to Linux, these +syscalls are not instrumentable via ptrace or the syscall tracepoints. + +Interface +--------- + +A thread can setup this mechanism on supported kernels by executing the +following prctl: + + prctl(PR_SET_SYSCALL_USER_DISPATCH, <op>, <offset>, <length>, [selector]) + +<op> is either PR_SYS_DISPATCH_ON or PR_SYS_DISPATCH_OFF, to enable and +disable the mechanism globally for that thread. When +PR_SYS_DISPATCH_OFF is used, the other fields must be zero. + +[<offset>, <offset>+<length>) delimit a memory region interval +from which syscalls are always executed directly, regardless of the +userspace selector. This provides a fast path for the C library, which +includes the most common syscall dispatchers in the native code +applications, and also provides a way for the signal handler to return +without triggering a nested SIGSYS on (rt\_)sigreturn. Users of this +interface should make sure that at least the signal trampoline code is +included in this region. In addition, for syscalls that implement the +trampoline code on the vDSO, that trampoline is never intercepted. + +[selector] is a pointer to a char-sized region in the process memory +region, that provides a quick way to enable disable syscall redirection +thread-wide, without the need to invoke the kernel directly. selector +can be set to PR_SYS_DISPATCH_ON or PR_SYS_DISPATCH_OFF. Any other +value should terminate the program with a SIGSYS. + +Security Notes +-------------- + +Syscall User Dispatch provides functionality for compatibility layers to +quickly capture system calls issued by a non-native part of the +application, while not impacting the Linux native regions of the +process. It is not a mechanism for sandboxing system calls, and it +should not be seen as a security mechanism, since it is trivial for a +malicious application to subvert the mechanism by jumping to an allowed +dispatcher region prior to executing the syscall, or to discover the +address and modify the selector value. If the use case requires any +kind of security sandboxing, Seccomp should be used instead. + +Any fork or exec of the existing process resets the mechanism to +PR_SYS_DISPATCH_OFF. diff --git a/Documentation/admin-guide/sysctl/abi.rst b/Documentation/admin-guide/sysctl/abi.rst index ac87eafdb54f..77b1d1b2ad42 100644 --- a/Documentation/admin-guide/sysctl/abi.rst +++ b/Documentation/admin-guide/sysctl/abi.rst @@ -28,7 +28,7 @@ vsyscall32 (x86) Determines whether the kernels maps a vDSO page into 32-bit processes; can be set to 1 to enable, or 0 to disable. Defaults to enabled if -``CONFIG_COMPAT_VDSO`` is set, disabled otherwide. +``CONFIG_COMPAT_VDSO`` is set, disabled otherwise. This controls the same setting as the ``vdso32`` kernel boot parameter. diff --git a/Documentation/admin-guide/sysctl/kernel.rst b/Documentation/admin-guide/sysctl/kernel.rst index d4b32cc32bb7..1d56a6b73a4e 100644 --- a/Documentation/admin-guide/sysctl/kernel.rst +++ b/Documentation/admin-guide/sysctl/kernel.rst @@ -14,7 +14,7 @@ For general info and legal blurb, please look in :doc:`index`. ------------------------------------------------------------------------------ This file contains documentation for the sysctl files in -``/proc/sys/kernel/`` and is valid for Linux kernel version 2.2. +``/proc/sys/kernel/``. The files in this directory can be used to tune and monitor miscellaneous and general things in the operation of the Linux @@ -879,7 +879,7 @@ The default value is 127. perf_event_mlock_kb =================== -Control size of per-cpu ring buffer not counted agains mlock limit. +Control size of per-cpu ring buffer not counted against mlock limit. The default value is 512 + 1 page @@ -1095,8 +1095,8 @@ Enables/disables scheduler statistics. Enabling this feature incurs a small amount of overhead in the scheduler but is useful for debugging and performance tuning. -sched_util_clamp_min: -===================== +sched_util_clamp_min +==================== Max allowed *minimum* utilization. @@ -1106,8 +1106,8 @@ It means that any requested uclamp.min value cannot be greater than sched_util_clamp_min, i.e., it is restricted to the range [0:sched_util_clamp_min]. -sched_util_clamp_max: -===================== +sched_util_clamp_max +==================== Max allowed *maximum* utilization. @@ -1117,8 +1117,8 @@ It means that any requested uclamp.max value cannot be greater than sched_util_clamp_max, i.e., it is restricted to the range [0:sched_util_clamp_max]. -sched_util_clamp_min_rt_default: -================================ +sched_util_clamp_min_rt_default +=============================== By default Linux is tuned for performance. Which means that RT tasks always run at the highest frequency and most capable (highest capacity) CPU (in @@ -1336,7 +1336,7 @@ ORed together. The letters are seen in "Tainted" line of Oops reports. ====== ===== ============================================================== 1 `(P)` proprietary module was loaded 2 `(F)` module was force loaded - 4 `(S)` SMP kernel oops on an officially SMP incapable processor + 4 `(S)` kernel running on an out of specification system 8 `(R)` module was force unloaded 16 `(M)` processor reported a Machine Check Exception (MCE) 32 `(B)` bad page referenced or some unexpected page flags diff --git a/Documentation/admin-guide/sysctl/vm.rst b/Documentation/admin-guide/sysctl/vm.rst index f455fa00c00f..e35a3f2fb006 100644 --- a/Documentation/admin-guide/sysctl/vm.rst +++ b/Documentation/admin-guide/sysctl/vm.rst @@ -146,7 +146,7 @@ This should be used on systems where stalls for minor page faults are an acceptable trade for large contiguous free memory. Set to 0 to prevent compaction from moving pages that are unevictable. Default value is 1. On CONFIG_PREEMPT_RT the default value is 0 in order to avoid a page fault, due -to compaction, which would block the task from becomming active until the fault +to compaction, which would block the task from becoming active until the fault is resolved. @@ -428,7 +428,7 @@ While most applications need less than a thousand maps, certain programs, particularly malloc debuggers, may consume lots of them, e.g., up to one or two maps per allocation. -The default value is 65536. +The default value is 65530. memory_failure_early_kill: @@ -873,12 +873,17 @@ file-backed pages is less than the high watermark in a zone. unprivileged_userfaultfd ======================== -This flag controls whether unprivileged users can use the userfaultfd -system calls. Set this to 1 to allow unprivileged users to use the -userfaultfd system calls, or set this to 0 to restrict userfaultfd to only -privileged users (with SYS_CAP_PTRACE capability). +This flag controls the mode in which unprivileged users can use the +userfaultfd system calls. Set this to 0 to restrict unprivileged users +to handle page faults in user mode only. In this case, users without +SYS_CAP_PTRACE must pass UFFD_USER_MODE_ONLY in order for userfaultfd to +succeed. Prohibiting use of userfaultfd for handling faults from kernel +mode may make certain vulnerabilities more difficult to exploit. -The default value is 1. +Set this to 1 to allow unprivileged users to use the userfaultfd system +calls without any restrictions. + +The default value is 0. user_reserve_kbytes diff --git a/Documentation/admin-guide/tainted-kernels.rst b/Documentation/admin-guide/tainted-kernels.rst index f718a2eaf1f6..ceeed7b0798d 100644 --- a/Documentation/admin-guide/tainted-kernels.rst +++ b/Documentation/admin-guide/tainted-kernels.rst @@ -84,7 +84,7 @@ Bit Log Number Reason that got the kernel tainted === === ====== ======================================================== 0 G/P 1 proprietary module was loaded 1 _/F 2 module was force loaded - 2 _/S 4 SMP kernel oops on an officially SMP incapable processor + 2 _/S 4 kernel running on an out of specification system 3 _/R 8 module was force unloaded 4 _/M 16 processor reported a Machine Check Exception (MCE) 5 _/B 32 bad page referenced or some unexpected page flags @@ -116,10 +116,23 @@ More detailed explanation for tainting 1) ``F`` if any module was force loaded by ``insmod -f``, ``' '`` if all modules were loaded normally. - 2) ``S`` if the oops occurred on an SMP kernel running on hardware that - hasn't been certified as safe to run multiprocessor. - Currently this occurs only on various Athlons that are not - SMP capable. + 2) ``S`` if the kernel is running on a processor or system that is out of + specification: hardware has been put into an unsupported configuration, + therefore proper execution cannot be guaranteed. + Kernel will be tainted if, for example: + + - on x86: PAE is forced through forcepae on intel CPUs (such as Pentium M) + which do not report PAE but may have a functional implementation, an SMP + kernel is running on non officially capable SMP Athlon CPUs, MSRs are + being poked at from userspace. + - on arm: kernel running on certain CPUs (such as Keystone 2) without + having certain kernel features enabled. + - on arm64: there are mismatched hardware features between CPUs, the + bootloader has booted CPUs in different modes. + - certain drivers are being used on non supported architectures (such as + scsi/snic on something else than x86_64, scsi/ips on non + x86/x86_64/itanium, have broken firmware settings for the + irqchip/irq-gic on arm64 ...). 3) ``R`` if a module was force unloaded by ``rmmod -f``, ``' '`` if all modules were unloaded normally. diff --git a/Documentation/admin-guide/wimax/i2400m.rst b/Documentation/admin-guide/wimax/i2400m.rst deleted file mode 100644 index 194388c0c351..000000000000 --- a/Documentation/admin-guide/wimax/i2400m.rst +++ /dev/null @@ -1,283 +0,0 @@ -.. include:: <isonum.txt> - -==================================================== -Driver for the Intel Wireless Wimax Connection 2400m -==================================================== - -:Copyright: |copy| 2008 Intel Corporation < linux-wimax@intel.com > - - This provides a driver for the Intel Wireless WiMAX Connection 2400m - and a basic Linux kernel WiMAX stack. - -1. Requirements -=============== - - * Linux installation with Linux kernel 2.6.22 or newer (if building - from a separate tree) - * Intel i2400m Echo Peak or Baxter Peak; this includes the Intel - Wireless WiMAX/WiFi Link 5x50 series. - * build tools: - - + Linux kernel development package for the target kernel; to - build against your currently running kernel, you need to have - the kernel development package corresponding to the running - image installed (usually if your kernel is named - linux-VERSION, the development package is called - linux-dev-VERSION or linux-headers-VERSION). - + GNU C Compiler, make - -2. Compilation and installation -=============================== - -2.1. Compilation of the drivers included in the kernel ------------------------------------------------------- - - Configure the kernel; to enable the WiMAX drivers select Drivers > - Networking Drivers > WiMAX device support. Enable all of them as - modules (easier). - - If USB or SDIO are not enabled in the kernel configuration, the options - to build the i2400m USB or SDIO drivers will not show. Enable said - subsystems and go back to the WiMAX menu to enable the drivers. - - Compile and install your kernel as usual. - -2.2. Compilation of the drivers distributed as an standalone module -------------------------------------------------------------------- - - To compile:: - - $ cd source/directory - $ make - - Once built you can load and unload using the provided load.sh script; - load.sh will load the modules, load.sh u will unload them. - - To install in the default kernel directories (and enable auto loading - when the device is plugged):: - - $ make install - $ depmod -a - - If your kernel development files are located in a non standard - directory or if you want to build for a kernel that is not the - currently running one, set KDIR to the right location:: - - $ make KDIR=/path/to/kernel/dev/tree - - For more information, please contact linux-wimax@intel.com. - -3. Installing the firmware --------------------------- - - The firmware can be obtained from http://linuxwimax.org or might have - been supplied with your hardware. - - It has to be installed in the target system:: - - $ cp FIRMWAREFILE.sbcf /lib/firmware/i2400m-fw-BUSTYPE-1.3.sbcf - - * NOTE: if your firmware came in an .rpm or .deb file, just install - it as normal, with the rpm (rpm -i FIRMWARE.rpm) or dpkg - (dpkg -i FIRMWARE.deb) commands. No further action is needed. - * BUSTYPE will be usb or sdio, depending on the hardware you have. - Each hardware type comes with its own firmware and will not work - with other types. - -4. Design -========= - - This package contains two major parts: a WiMAX kernel stack and a - driver for the Intel i2400m. - - The WiMAX stack is designed to provide for common WiMAX control - services to current and future WiMAX devices from any vendor; please - see README.wimax for details. - - The i2400m kernel driver is broken up in two main parts: the bus - generic driver and the bus-specific drivers. The bus generic driver - forms the drivercore and contain no knowledge of the actual method we - use to connect to the device. The bus specific drivers are just the - glue to connect the bus-generic driver and the device. Currently only - USB and SDIO are supported. See drivers/net/wimax/i2400m/i2400m.h for - more information. - - The bus generic driver is logically broken up in two parts: OS-glue and - hardware-glue. The OS-glue interfaces with Linux. The hardware-glue - interfaces with the device on using an interface provided by the - bus-specific driver. The reason for this breakup is to be able to - easily reuse the hardware-glue to write drivers for other OSes; note - the hardware glue part is written as a native Linux driver; no - abstraction layers are used, so to port to another OS, the Linux kernel - API calls should be replaced with the target OS's. - -5. Usage -======== - - To load the driver, follow the instructions in the install section; - once the driver is loaded, plug in the device (unless it is permanently - plugged in). The driver will enumerate the device, upload the firmware - and output messages in the kernel log (dmesg, /var/log/messages or - /var/log/kern.log) such as:: - - ... - i2400m_usb 5-4:1.0: firmware interface version 8.0.0 - i2400m_usb 5-4:1.0: WiMAX interface wmx0 (00:1d:e1:01:94:2c) ready - - At this point the device is ready to work. - - Current versions require the Intel WiMAX Network Service in userspace - to make things work. See the network service's README for instructions - on how to scan, connect and disconnect. - -5.1. Module parameters ----------------------- - - Module parameters can be set at kernel or module load time or by - echoing values:: - - $ echo VALUE > /sys/module/MODULENAME/parameters/PARAMETERNAME - - To make changes permanent, for example, for the i2400m module, you can - also create a file named /etc/modprobe.d/i2400m containing:: - - options i2400m idle_mode_disabled=1 - - To find which parameters are supported by a module, run:: - - $ modinfo path/to/module.ko - - During kernel bootup (if the driver is linked in the kernel), specify - the following to the kernel command line:: - - i2400m.PARAMETER=VALUE - -5.1.1. i2400m: idle_mode_disabled -^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ - - The i2400m module supports a parameter to disable idle mode. This - parameter, once set, will take effect only when the device is - reinitialized by the driver (eg: following a reset or a reconnect). - -5.2. Debug operations: debugfs entries --------------------------------------- - - The driver will register debugfs entries that allow the user to tweak - debug settings. There are three main container directories where - entries are placed, which correspond to the three blocks a i2400m WiMAX - driver has: - - * /sys/kernel/debug/wimax:DEVNAME/ for the generic WiMAX stack - controls - * /sys/kernel/debug/wimax:DEVNAME/i2400m for the i2400m generic - driver controls - * /sys/kernel/debug/wimax:DEVNAME/i2400m-usb (or -sdio) for the - bus-specific i2400m-usb or i2400m-sdio controls). - - Of course, if debugfs is mounted in a directory other than - /sys/kernel/debug, those paths will change. - -5.2.1. Increasing debug output -^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ - - The files named *dl_* indicate knobs for controlling the debug output - of different submodules:: - - # find /sys/kernel/debug/wimax\:wmx0 -name \*dl_\* - /sys/kernel/debug/wimax:wmx0/i2400m-usb/dl_tx - /sys/kernel/debug/wimax:wmx0/i2400m-usb/dl_rx - /sys/kernel/debug/wimax:wmx0/i2400m-usb/dl_notif - /sys/kernel/debug/wimax:wmx0/i2400m-usb/dl_fw - /sys/kernel/debug/wimax:wmx0/i2400m-usb/dl_usb - /sys/kernel/debug/wimax:wmx0/i2400m/dl_tx - /sys/kernel/debug/wimax:wmx0/i2400m/dl_rx - /sys/kernel/debug/wimax:wmx0/i2400m/dl_rfkill - /sys/kernel/debug/wimax:wmx0/i2400m/dl_netdev - /sys/kernel/debug/wimax:wmx0/i2400m/dl_fw - /sys/kernel/debug/wimax:wmx0/i2400m/dl_debugfs - /sys/kernel/debug/wimax:wmx0/i2400m/dl_driver - /sys/kernel/debug/wimax:wmx0/i2400m/dl_control - /sys/kernel/debug/wimax:wmx0/wimax_dl_stack - /sys/kernel/debug/wimax:wmx0/wimax_dl_op_rfkill - /sys/kernel/debug/wimax:wmx0/wimax_dl_op_reset - /sys/kernel/debug/wimax:wmx0/wimax_dl_op_msg - /sys/kernel/debug/wimax:wmx0/wimax_dl_id_table - /sys/kernel/debug/wimax:wmx0/wimax_dl_debugfs - - By reading the file you can obtain the current value of said debug - level; by writing to it, you can set it. - - To increase the debug level of, for example, the i2400m's generic TX - engine, just write:: - - $ echo 3 > /sys/kernel/debug/wimax:wmx0/i2400m/dl_tx - - Increasing numbers yield increasing debug information; for details of - what is printed and the available levels, check the source. The code - uses 0 for disabled and increasing values until 8. - -5.2.2. RX and TX statistics -^^^^^^^^^^^^^^^^^^^^^^^^^^^ - - The i2400m/rx_stats and i2400m/tx_stats provide statistics about the - data reception/delivery from the device:: - - $ cat /sys/kernel/debug/wimax:wmx0/i2400m/rx_stats - 45 1 3 34 3104 48 480 - - The numbers reported are: - - * packets/RX-buffer: total, min, max - * RX-buffers: total RX buffers received, accumulated RX buffer size - in bytes, min size received, max size received - - Thus, to find the average buffer size received, divide accumulated - RX-buffer / total RX-buffers. - - To clear the statistics back to 0, write anything to the rx_stats file:: - - $ echo 1 > /sys/kernel/debug/wimax:wmx0/i2400m_rx_stats - - Likewise for TX. - - Note the packets this debug file refers to are not network packet, but - packets in the sense of the device-specific protocol for communication - to the host. See drivers/net/wimax/i2400m/tx.c. - -5.2.3. Tracing messages received from user space -^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ - - To echo messages received from user space into the trace pipe that the - i2400m driver creates, set the debug file i2400m/trace_msg_from_user to - 1:: - - $ echo 1 > /sys/kernel/debug/wimax:wmx0/i2400m/trace_msg_from_user - -5.2.4. Performing a device reset -^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ - - By writing a 0, a 1 or a 2 to the file - /sys/kernel/debug/wimax:wmx0/reset, the driver performs a warm (without - disconnecting from the bus), cold (disconnecting from the bus) or bus - (bus specific) reset on the device. - -5.2.5. Asking the device to enter power saving mode -^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ - - By writing any value to the /sys/kernel/debug/wimax:wmx0 file, the - device will attempt to enter power saving mode. - -6. Troubleshooting -================== - -6.1. Driver complains about ``i2400m-fw-usb-1.2.sbcf: request failed`` ----------------------------------------------------------------------- - - If upon connecting the device, the following is output in the kernel - log:: - - i2400m_usb 5-4:1.0: fw i2400m-fw-usb-1.3.sbcf: request failed: -2 - - This means that the driver cannot locate the firmware file named - /lib/firmware/i2400m-fw-usb-1.2.sbcf. Check that the file is present in - the right location. diff --git a/Documentation/admin-guide/wimax/index.rst b/Documentation/admin-guide/wimax/index.rst deleted file mode 100644 index fdf7c1f99ff5..000000000000 --- a/Documentation/admin-guide/wimax/index.rst +++ /dev/null @@ -1,19 +0,0 @@ -.. SPDX-License-Identifier: GPL-2.0 - -=============== -WiMAX subsystem -=============== - -.. toctree:: - :maxdepth: 2 - - wimax - - i2400m - -.. only:: subproject and html - - Indices - ======= - - * :ref:`genindex` diff --git a/Documentation/admin-guide/wimax/wimax.rst b/Documentation/admin-guide/wimax/wimax.rst deleted file mode 100644 index 817ee8ba2732..000000000000 --- a/Documentation/admin-guide/wimax/wimax.rst +++ /dev/null @@ -1,89 +0,0 @@ -.. include:: <isonum.txt> - -======================== -Linux kernel WiMAX stack -======================== - -:Copyright: |copy| 2008 Intel Corporation < linux-wimax@intel.com > - - This provides a basic Linux kernel WiMAX stack to provide a common - control API for WiMAX devices, usable from kernel and user space. - -1. Design -========= - - The WiMAX stack is designed to provide for common WiMAX control - services to current and future WiMAX devices from any vendor. - - Because currently there is only one and we don't know what would be the - common services, the APIs it currently provides are very minimal. - However, it is done in such a way that it is easily extensible to - accommodate future requirements. - - The stack works by embedding a struct wimax_dev in your device's - control structures. This provides a set of callbacks that the WiMAX - stack will call in order to implement control operations requested by - the user. As well, the stack provides API functions that the driver - calls to notify about changes of state in the device. - - The stack exports the API calls needed to control the device to user - space using generic netlink as a marshalling mechanism. You can access - them using your own code or use the wrappers provided for your - convenience in libwimax (in the wimax-tools package). - - For detailed information on the stack, please see - include/linux/wimax.h. - -2. Usage -======== - - For usage in a driver (registration, API, etc) please refer to the - instructions in the header file include/linux/wimax.h. - - When a device is registered with the WiMAX stack, a set of debugfs - files will appear in /sys/kernel/debug/wimax:wmxX can tweak for - control. - -2.1. Obtaining debug information: debugfs entries -------------------------------------------------- - - The WiMAX stack is compiled, by default, with debug messages that can - be used to diagnose issues. By default, said messages are disabled. - - The drivers will register debugfs entries that allow the user to tweak - debug settings. - - Each driver, when registering with the stack, will cause a debugfs - directory named wimax:DEVICENAME to be created; optionally, it might - create more subentries below it. - -2.1.1. Increasing debug output ------------------------------- - - The files named *dl_* indicate knobs for controlling the debug output - of different submodules of the WiMAX stack:: - - # find /sys/kernel/debug/wimax\:wmx0 -name \*dl_\* - /sys/kernel/debug/wimax:wmx0/wimax_dl_stack - /sys/kernel/debug/wimax:wmx0/wimax_dl_op_rfkill - /sys/kernel/debug/wimax:wmx0/wimax_dl_op_reset - /sys/kernel/debug/wimax:wmx0/wimax_dl_op_msg - /sys/kernel/debug/wimax:wmx0/wimax_dl_id_table - /sys/kernel/debug/wimax:wmx0/wimax_dl_debugfs - /sys/kernel/debug/wimax:wmx0/.... # other driver specific files - - NOTE: - Of course, if debugfs is mounted in a directory other than - /sys/kernel/debug, those paths will change. - - By reading the file you can obtain the current value of said debug - level; by writing to it, you can set it. - - To increase the debug level of, for example, the id-table submodule, - just write: - - $ echo 3 > /sys/kernel/debug/wimax:wmx0/wimax_dl_id_table - - Increasing numbers yield increasing debug information; for details of - what is printed and the available levels, check the source. The code - uses 0 for disabled and increasing values until 8. |