1. 06 Jun, 2023 6 commits
    • Mark Rutland's avatar
      arm64: module: rework module VA range selection · 3e35d303
      Mark Rutland authored
      Currently, the modules region is 128M in size, which is a problem for
      some large modules. Shanker reports [1] that the NVIDIA GPU driver alone
      can consume 110M of module space in some configurations. We'd like to
      make the modules region a full 2G such that we can always make use of a
      2G range.
      
      It's possible to build kernel images which are larger than 128M in some
      configurations, such as when many debug options are selected and many
      drivers are built in. In these configurations, we can't legitimately
      select a base for a 128M module region, though we currently select a
      value for which allocation will fail. It would be nicer to have a
      diagnostic message in this case.
      
      Similarly, in theory it's possible to build a kernel image which is
      larger than 2G and which cannot support modules. While this isn't likely
      to be the case for any realistic kernel deplyed in the field, it would
      be nice if we could print a diagnostic in this case.
      
      This patch reworks the module VA range selection to use a 2G range, and
      improves handling of cases where we cannot select legitimate module
      regions. We now attempt to select a 128M region and a 2G region:
      
      * The 128M region is selected such that modules can use direct branches
        (with JUMP26/CALL26 relocations) to branch to kernel code and other
        modules, and so that modules can reference data and text (using PREL32
        relocations) anywhere in the kernel image and other modules.
      
        This region covers the entire kernel image (rather than just the text)
        to ensure that all PREL32 relocations are in range even when the
        kernel data section is absurdly large. Where we cannot allocate from
        this region, we'll fall back to the full 2G region.
      
      * The 2G region is selected such that modules can use direct branches
        with PLTs to branch to kernel code and other modules, and so that
        modules can use reference data and text (with PREL32 relocations) in
        the kernel image and other modules.
      
        This region covers the entire kernel image, and the 128M region (if
        one is selected).
      
      The two module regions are randomized independently while ensuring the
      constraints described above.
      
      [1] https://lore.kernel.org/linux-arm-kernel/159ceeab-09af-3174-5058-445bc8dcf85b@nvidia.com/Signed-off-by: default avatarMark Rutland <mark.rutland@arm.com>
      Reviewed-by: default avatarArd Biesheuvel <ardb@kernel.org>
      Cc: Shanker Donthineni <sdonthineni@nvidia.com>
      Cc: Will Deacon <will@kernel.org>
      Tested-by: default avatarShanker Donthineni <sdonthineni@nvidia.com>
      Link: https://lore.kernel.org/r/20230530110328.2213762-7-mark.rutland@arm.comSigned-off-by: default avatarCatalin Marinas <catalin.marinas@arm.com>
      3e35d303
    • Mark Rutland's avatar
      arm64: module: mandate MODULE_PLTS · ea3752ba
      Mark Rutland authored
      Contemporary kernels and modules can be relatively large, especially
      when common debug options are enabled. Using GCC 12.1.0, a v6.3-rc7
      defconfig kernel is ~38M, and with PROVE_LOCKING + KASAN_INLINE enabled
      this expands to ~117M. Shanker reports [1] that the NVIDIA GPU driver
      alone can consume 110M of module space in some configurations.
      
      Both KASLR and ARM64_ERRATUM_843419 select MODULE_PLTS, so anyone
      wanting a kernel to have KASLR or run on Cortex-A53 will have
      MODULE_PLTS selected. This is the case in defconfig and distribution
      kernels (e.g. Debian, Android, etc).
      
      Practically speaking, this means we're very likely to need MODULE_PLTS
      and while it's almost guaranteed that MODULE_PLTS will be selected, it
      is possible to disable support, and we have to maintain some awkward
      special cases for such unusual configurations.
      
      This patch removes the MODULE_PLTS config option, with the support code
      always enabled if MODULES is selected. This results in a slight
      simplification, and will allow for further improvement in subsequent
      patches.
      
      For any config which currently selects MODULE_PLTS, there will be no
      functional change as a result of this patch.
      
      [1] https://lore.kernel.org/linux-arm-kernel/159ceeab-09af-3174-5058-445bc8dcf85b@nvidia.com/Signed-off-by: default avatarMark Rutland <mark.rutland@arm.com>
      Reviewed-by: default avatarArd Biesheuvel <ardb@kernel.org>
      Cc: Shanker Donthineni <sdonthineni@nvidia.com>
      Cc: Will Deacon <will@kernel.org>
      Tested-by: default avatarShanker Donthineni <sdonthineni@nvidia.com>
      Link: https://lore.kernel.org/r/20230530110328.2213762-6-mark.rutland@arm.comSigned-off-by: default avatarCatalin Marinas <catalin.marinas@arm.com>
      ea3752ba
    • Mark Rutland's avatar
      arm64: module: move module randomization to module.c · e46b7103
      Mark Rutland authored
      When CONFIG_RANDOMIZE_BASE=y, module_alloc_base is a variable which is
      configured by kaslr_module_init() in kaslr.c, and otherwise it is an
      expression defined in module.h.
      
      As kaslr_module_init() is no longer tightly coupled with the KASLR
      initialization code, we can centralize this in module.c.
      
      This patch moves kaslr_module_init() to module.c, making
      module_alloc_base a static variable, and removing redundant includes from
      kaslr.c. For the defintion of struct arm64_ftr_override we must include
      <asm/cpufeature.h>, which was previously included transitively via
      another header.
      
      There should be no functional change as a result of this patch.
      Signed-off-by: default avatarMark Rutland <mark.rutland@arm.com>
      Reviewed-by: default avatarArd Biesheuvel <ardb@kernel.org>
      Cc: Will Deacon <will@kernel.org>
      Tested-by: default avatarShanker Donthineni <sdonthineni@nvidia.com>
      Link: https://lore.kernel.org/r/20230530110328.2213762-5-mark.rutland@arm.comSigned-off-by: default avatarCatalin Marinas <catalin.marinas@arm.com>
      e46b7103
    • Mark Rutland's avatar
      arm64: kaslr: split kaslr/module initialization · 6e13b6b9
      Mark Rutland authored
      Currently kaslr_init() handles a mixture of detecting/announcing whether
      KASLR is enabled, and randomizing the module region depending on whether
      KASLR is enabled.
      
      To make it easier to rework the module region initialization, split the
      KASLR initialization into two steps:
      
      * kaslr_init() determines whether KASLR should be enabled, and announces
        this choice, recording this to a new global boolean variable. This is
        called from setup_arch() just before the existing call to
        kaslr_requires_kpti() so that this will always provide the expected
        result.
      
      * kaslr_module_init() randomizes the module region when required. This
        is called as a subsys_initcall, where we previously called
        kaslr_init().
      
      As a bonus, moving the KASLR reporting earlier makes it easier to spot
      and permits it to be logged via earlycon, making it easier to debug any
      issues that could be triggered by KASLR.
      
      Booting a v6.4-rc1 kernel with this patch applied, the log looks like:
      
      | EFI stub: Booting Linux Kernel...
      | EFI stub: Generating empty DTB
      | EFI stub: Exiting boot services...
      | [    0.000000] Booting Linux on physical CPU 0x0000000000 [0x000f0510]
      | [    0.000000] Linux version 6.4.0-rc1-00006-g4763a8f8aeb3 (mark@lakrids) (aarch64-linux-gcc (GCC) 12.1.0, GNU ld (GNU Binutils) 2.38) #2 SMP PREEMPT Tue May  9 11:03:37 BST 2023
      | [    0.000000] KASLR enabled
      | [    0.000000] earlycon: pl11 at MMIO 0x0000000009000000 (options '')
      | [    0.000000] printk: bootconsole [pl11] enabled
      Signed-off-by: default avatarMark Rutland <mark.rutland@arm.com>
      Reviewed-by: default avatarArd Biesheuvel <ardb@kernel.org>
      Cc: Will Deacon <will@kernel.org>
      Tested-by: default avatarShanker Donthineni <sdonthineni@nvidia.com>
      Link: https://lore.kernel.org/r/20230530110328.2213762-4-mark.rutland@arm.comSigned-off-by: default avatarCatalin Marinas <catalin.marinas@arm.com>
      6e13b6b9
    • Mark Rutland's avatar
      arm64: kasan: remove !KASAN_VMALLOC remnants · 55123aff
      Mark Rutland authored
      Historically, KASAN could be selected with or without KASAN_VMALLOC, but
      since commit:
      
        f6f37d93 ("arm64: select KASAN_VMALLOC for SW/HW_TAGS modes")
      
      ... we can never select KASAN without KASAN_VMALLOC on arm64, and thus
      arm64 code for KASAN && !KASAN_VMALLOC is redundant and can be removed.
      
      Remove the redundant code kasan_init.c
      Signed-off-by: default avatarMark Rutland <mark.rutland@arm.com>
      Reviewed-by: default avatarAlexander Potapenko <glider@google.com>
      Reviewed-by: default avatarArd Biesheuvel <ardb@kernel.org>
      Cc: Andrey Konovalov <andreyknvl@google.com>
      Cc: Andrey Ryabinin <ryabinin.a.a@gmail.com>
      Cc: Dmitry Vyukov <dvyukov@google.com>
      Cc: Will Deacon <will@kernel.org>
      Tested-by: default avatarShanker Donthineni <sdonthineni@nvidia.com>
      Link: https://lore.kernel.org/r/20230530110328.2213762-3-mark.rutland@arm.comSigned-off-by: default avatarCatalin Marinas <catalin.marinas@arm.com>
      55123aff
    • Mark Rutland's avatar
      arm64: module: remove old !KASAN_VMALLOC logic · 8339f7d8
      Mark Rutland authored
      Historically, KASAN could be selected with or without KASAN_VMALLOC, and
      we had to be very careful where to place modules when KASAN_VMALLOC was
      not selected.
      
      However, since commit:
      
        f6f37d93 ("arm64: select KASAN_VMALLOC for SW/HW_TAGS modes")
      
      Selecting CONFIG_KASAN on arm64 will also select CONFIG_KASAN_VMALLOC,
      and so the logic for handling CONFIG_KASAN without CONFIG_KASAN_VMALLOC
      is redundant and can be removed.
      
      Note: the "kasan.vmalloc={on,off}" option which only exists for HW_TAGS
      changes whether the vmalloc region is given non-match-all tags, and does
      not affect the page table manipulation code.
      
      The VM_DEFER_KMEMLEAK flag was only necessary for !CONFIG_KASAN_VMALLOC
      as described in its introduction in commit:
      
        60115fa5 ("mm: defer kmemleak object creation of module_alloc()")
      
      ... and therefore it can also be removed.
      
      Remove the redundant logic for !CONFIG_KASAN_VMALLOC. At the same time,
      add the missing braces around the multi-line conditional block in
      arch/arm64/kernel/module.c.
      Suggested-by: default avatarArd Biesheuvel <ardb@kernel.org>
      Signed-off-by: default avatarMark Rutland <mark.rutland@arm.com>
      Reviewed-by: default avatarArd Biesheuvel <ardb@kernel.org>
      Cc: Alexander Potapenko <glider@google.com>
      Cc: Andrew Morton <akpm@linux-foundation.org>
      Cc: Andrey Konovalov <andreyknvl@google.com>
      Cc: Andrey Ryabinin <ryabinin.a.a@gmail.com>
      Cc: Dmitry Vyukov <dvyukov@google.com>
      Cc: Will Deacon <will@kernel.org>
      Tested-by: default avatarShanker Donthineni <sdonthineni@nvidia.com>
      Link: https://lore.kernel.org/r/20230530110328.2213762-2-mark.rutland@arm.comSigned-off-by: default avatarCatalin Marinas <catalin.marinas@arm.com>
      8339f7d8
  2. 21 May, 2023 12 commits
    • Linus Torvalds's avatar
      Linux 6.4-rc3 · 44c026a7
      Linus Torvalds authored
      44c026a7
    • Linus Torvalds's avatar
      Merge tag 'uml-for-linus-6.4-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/uml/linux · fa4fe8ce
      Linus Torvalds authored
      Pull UML fix from Richard Weinberger:
      
       - Fix modular build for UML watchdog
      
      * tag 'uml-for-linus-6.4-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/uml/linux:
        um: harddog: fix modular build
      fa4fe8ce
    • Linus Torvalds's avatar
      Merge tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm · a35747c3
      Linus Torvalds authored
      Pull kvm fixes from Paolo Bonzini:
       "ARM:
      
         - Plug a race in the stage-2 mapping code where the IPA and the PA
           would end up being out of sync
      
         - Make better use of the bitmap API (bitmap_zero, bitmap_zalloc...)
      
         - FP/SVE/SME documentation update, in the hope that this field
           becomes clearer...
      
         - Add workaround for Apple SEIS brokenness to a new SoC
      
         - Random comment fixes
      
        x86:
      
         - add MSR_IA32_TSX_CTRL into msrs_to_save
      
         - fixes for XCR0 handling in SGX enclaves
      
        Generic:
      
         - Fix vcpu_array[0] races
      
         - Fix race between starting a VM and 'reboot -f'"
      
      * tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm:
        KVM: VMX: add MSR_IA32_TSX_CTRL into msrs_to_save
        KVM: x86: Don't adjust guest's CPUID.0x12.1 (allowed SGX enclave XFRM)
        KVM: VMX: Don't rely _only_ on CPUID to enforce XCR0 restrictions for ECREATE
        KVM: Fix vcpu_array[0] races
        KVM: VMX: Fix header file dependency of asm/vmx.h
        KVM: Don't enable hardware after a restart/shutdown is initiated
        KVM: Use syscore_ops instead of reboot_notifier to hook restart/shutdown
        KVM: arm64: vgic: Add Apple M2 PRO/MAX cpus to the list of broken SEIS implementations
        KVM: arm64: Clarify host SME state management
        KVM: arm64: Restructure check for SVE support in FP trap handler
        KVM: arm64: Document check for TIF_FOREIGN_FPSTATE
        KVM: arm64: Fix repeated words in comments
        KVM: arm64: Constify start/end/phys fields of the pgtable walker data
        KVM: arm64: Infer PA offset from VA in hyp map walker
        KVM: arm64: Infer the PA offset from IPA in stage-2 map walker
        KVM: arm64: Use the bitmap API to allocate bitmaps
        KVM: arm64: Slightly optimize flush_context()
      a35747c3
    • Linus Torvalds's avatar
      Merge tag 'perf-tools-fixes-for-v6.4-1-2023-05-20' of... · c47d122c
      Linus Torvalds authored
      Merge tag 'perf-tools-fixes-for-v6.4-1-2023-05-20' of git://git.kernel.org/pub/scm/linux/kernel/git/acme/linux
      
      Pull perf tools fixes from Arnaldo Carvalho de Melo:
      
       - Fail graciously if BUILD_BPF_SKEL=1 is specified and clang isn't
         available
      
       - Add empty 'struct rq' to 'perf lock contention' to satisfy libbpf
         'runqueue' type verification. This feature is built only with
         BUILD_BPF_SKEL=1
      
       - Make vmlinux.h use bpf.h and perf_event.h in source directory, not
         system ones that may be old and not have things like 'union
         perf_sample_weight'
      
       - Add system include paths to BPF builds to pick things missing in the
         headers included by clang -target bpf
      
       - Update various header copies with the kernel sources
      
       - Change divide by zero and not supported events behavior to show
         'nan'/'not counted' in 'perf stat' output.
      
         This happens when using things like 'perf stat -M TopdownL2 true',
         involving JSON metrics
      
       - Update no event/metric expectations affected by using JSON metrics in
         'perf stat -ddd' perf test
      
       - Avoid segv with 'perf stat --topdown' for metrics without a group
      
       - Do not assume which events may have a PMU name, allowing the logic to
         keep an AUX event group together. Makes this usecase work again:
      
           $ perf record --no-bpf-event -c 10 -e '{intel_pt//,tlb_flush.stlb_any/aux-sample-size=8192/pp}:u' -- sleep 0.1
           [ perf record: Woken up 1 times to write data ]
           [ perf record: Captured and wrote 0.078 MB perf.data ]
           $ perf script -F-dso,+addr | grep -C5 tlb_flush.stlb_any | head -11
           sleep 20444 [003]  7939.510243:  1  branches:uH:  7f5350cc82a2 dl_main+0x9a2 => 7f5350cb38f0 _dl_add_to_namespace_list+0x0
           sleep 20444 [003]  7939.510243:  1  branches:uH:  7f5350cb3908 _dl_add_to_namespace_list+0x18 => 7f5350cbb080 rtld_mutex_dummy+0x0
           sleep 20444 [003]  7939.510243:  1  branches:uH:  7f5350cc8350 dl_main+0xa50 => 0 [unknown]
           sleep 20444 [003]  7939.510244:  1  branches:uH:  7f5350cc83ca dl_main+0xaca => 7f5350caeb60 _dl_process_pt_gnu_property+0x0
           sleep 20444 [003]  7939.510245:  1  branches:uH:  7f5350caeb60 _dl_process_pt_gnu_property+0x0 => 0 [unknown]
           sleep 20444  7939.510245:       10 tlb_flush.stlb_any/aux-sample-size=8192/pp: 0 7f5350caeb60 _dl_process_pt_gnu_property+0x0
           sleep 20444 [003]  7939.510254:  1  branches:uH:  7f5350cc87fe dl_main+0xefe => 7f5350ccd240 strcmp+0x0
           sleep 20444 [003]  7939.510254:  1  branches:uH:  7f5350cc8862 dl_main+0xf62 => 0 [unknown]
      
       - Add a check for the above use case in 'perf test test_intel_pt'
      
       - Fix build with refcount checking on arm64, it was still accessing
         fields that need to be wrapped so that the refcounted struct gets
         checked
      
       - Fix contextid validation in ARM's CS-ETM, so that older kernels
         without that field can still be supported
      
       - Skip unsupported aggregation for stat events found in perf.data files
         in 'perf script'
      
       - Add stat test for record and script to check the previous problem
      
       - Remove needless debuginfod queries from 'perf test java symbol', this
         was just making the test take a long time to complete
      
       - Address python SafeConfigParser() deprecation warning in 'perf test
         attr'
      
       - Fix __NR_execve undeclared on i386 'perf bench syscall' build error
      
      * tag 'perf-tools-fixes-for-v6.4-1-2023-05-20' of git://git.kernel.org/pub/scm/linux/kernel/git/acme/linux: (33 commits)
        perf bench syscall: Fix __NR_execve undeclared build error
        perf test attr: Fix python SafeConfigParser() deprecation warning
        perf test attr: Update no event/metric expectations
        tools headers disabled-features: Sync with the kernel sources
        tools headers UAPI: Sync arch prctl headers with the kernel sources
        tools headers: Update the copy of x86's mem{cpy,set}_64.S used in 'perf bench'
        tools headers x86 cpufeatures: Sync with the kernel sources
        tools headers UAPI: Sync s390 syscall table file that wires up the memfd_secret syscall
        tools headers UAPI: Sync linux/prctl.h with the kernel sources
        perf metrics: Avoid segv with --topdown for metrics without a group
        perf lock contention: Add empty 'struct rq' to satisfy libbpf 'runqueue' type verification
        perf cs-etm: Fix contextid validation
        perf arm64: Fix build with refcount checking
        perf test: Add stat test for record and script
        perf script: Skip aggregation for stat events
        perf build: Add system include paths to BPF builds
        perf bpf skels: Make vmlinux.h use bpf.h and perf_event.h in source directory
        perf parse-events: Do not break up AUX event group
        perf test test_intel_pt.sh: Test sample mode with event with PMU name
        perf evsel: Modify group pmu name for software events
        ...
      c47d122c
    • Linus Torvalds's avatar
      Merge tag 'powerpc-6.4-2' of git://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux · 4927cb98
      Linus Torvalds authored
      Pull powerpc fixes from Michael Ellerman:
      
       - Fix broken soft dirty tracking when using the Radix MMU (>= P9)
      
       - Fix ISA mapping when "ranges" property is not present, for PASemi
         Nemo boards
      
       - Fix a possible WARN_ON_ONCE hitting in BPF extable handling
      
       - Fix incorrect DMA address handling when using 2MB TCEs
      
       - Fix a bug in IOMMU table handling for SR-IOV devices
      
       - Fix the recent rework of IOMMU handling which left arch code calling
         clean up routines that are handled by the IOMMU core
      
       - A few assorted build fixes
      
      Thanks to Christian Zigotzky, Dan Horák, Gaurav Batra, Hari Bathini,
      Jason Gunthorpe, Nathan Chancellor, Naveen N. Rao, Nicholas Piggin, Pali
      Rohár, Randy Dunlap, and Rob Herring.
      
      * tag 'powerpc-6.4-2' of git://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux:
        powerpc/iommu: Incorrect DDW Table is referenced for SR-IOV device
        powerpc/iommu: DMA address offset is incorrectly calculated with 2MB TCEs
        powerpc/iommu: Remove iommu_del_device()
        powerpc/crypto: Fix aes-gcm-p10 build when VSX=n
        powerpc/bpf: populate extable entries only during the last pass
        powerpc/boot: Disable power10 features after BOOTAFLAGS assignment
        powerpc/64s/radix: Fix soft dirty tracking
        powerpc/fsl_uli1575: fix kconfig warnings and build errors
        powerpc/isa-bridge: Fix ISA mapping when "ranges" is not present
      4927cb98
    • Linus Torvalds's avatar
      Merge tag 'ata-6.4-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/dlemoal/libata · 90af47ed
      Linus Torvalds authored
      Pull ata fix from Damien Le Moal:
      
       - Fix DT binding for the ahci-ceva driver to fully describe all iommus,
         from Michal
      
      * tag 'ata-6.4-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/dlemoal/libata:
        dt-bindings: ata: ahci-ceva: Cover all 4 iommus entries
      90af47ed
    • Linus Torvalds's avatar
      Merge tag 'fbdev-for-6.4-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/deller/linux-fbdev · 70e137e3
      Linus Torvalds authored
      Pull fbdev fixes from Helge Deller:
       "A few small unspectacular fbdev fixes:
      
         - Fix for USB endpoint check in udlfb (found by syzbot fuzzer)
      
         - Small fix in error code path in omapfb
      
         - compiler warning fixes in fbmem & i810
      
         - code removal and whitespace cleanups in stifb and atyfb"
      
      * tag 'fbdev-for-6.4-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/deller/linux-fbdev:
        fbdev: stifb: Whitespace cleanups
        fbdev: udlfb: Use usb_control_msg_send()
        fbdev: udlfb: Fix endpoint check
        fbdev: atyfb: Remove unused clock determination
        fbdev: i810: include i810_main.h in i810_dvt.c
        fbdev: fbmem: mark get_fb_unmapped_area() static
        fbdev: omapfb: panel-tpo-td043mtea1: fix error code in probe()
      70e137e3
    • Linus Torvalds's avatar
      Merge tag '6.4-rc2-ksmbd-server-fixes' of git://git.samba.org/ksmbd · e2065b8c
      Linus Torvalds authored
      Pull ksmbd server fixes from Steve French:
      
       - two fixes for incorrect SMB3 message validation (one for client which
         uses 8 byte padding, and one for empty bcc)
      
       - two fixes for out of bounds bugs: one for username offset checks (in
         session setup) and the other for create context name length checks in
         open requests
      
      * tag '6.4-rc2-ksmbd-server-fixes' of git://git.samba.org/ksmbd:
        ksmbd: smb2: Allow messages padded to 8byte boundary
        ksmbd: allocate one more byte for implied bcc[0]
        ksmbd: fix wrong UserName check in session_user
        ksmbd: fix global-out-of-bounds in smb2_find_context_vals
      e2065b8c
    • Linus Torvalds's avatar
      Merge tag '6.4-rc2-smb3-client-fixes' of git://git.samba.org/sfrench/cifs-2.6 · 0c9dcf12
      Linus Torvalds authored
      Pull cifs client fixes from Steve French:
       "Two smb3 client fixes, both related to deferred close, and also for
        stable:
      
         - send close for deferred handles before not after lease break
           response to avoid possible sharing violations
      
         - check all opens on an inode (looking for deferred handles) when
           lease break is returned not just the handle the lease break came in
           on"
      
      * tag '6.4-rc2-smb3-client-fixes' of git://git.samba.org/sfrench/cifs-2.6:
        SMB3: drop reference to cfile before sending oplock break
        SMB3: Close all deferred handles of inode in case of handle lease break
      0c9dcf12
    • Mingwei Zhang's avatar
      KVM: VMX: add MSR_IA32_TSX_CTRL into msrs_to_save · b9846a69
      Mingwei Zhang authored
      Add MSR_IA32_TSX_CTRL into msrs_to_save[] to explicitly tell userspace to
      save/restore the register value during migration. Missing this may cause
      userspace that relies on KVM ioctl(KVM_GET_MSR_INDEX_LIST) fail to port the
      value to the target VM.
      
      In addition, there is no need to add MSR_IA32_TSX_CTRL when
      ARCH_CAP_TSX_CTRL_MSR is not supported in kvm_get_arch_capabilities(). So
      add the checking in kvm_probe_msr_to_save().
      
      Fixes: c11f83e0 ("KVM: vmx: implement MSR_IA32_TSX_CTRL disable RTM functionality")
      Reported-by: default avatarJim Mattson <jmattson@google.com>
      Signed-off-by: default avatarMingwei Zhang <mizhang@google.com>
      Reviewed-by: default avatarXiaoyao Li <xiaoyao.li@intel.com>
      Reviewed-by: default avatarJim Mattson <jmattson@google.com>
      Message-Id: <20230509032348.1153070-1-mizhang@google.com>
      Signed-off-by: default avatarPaolo Bonzini <pbonzini@redhat.com>
      b9846a69
    • Sean Christopherson's avatar
      KVM: x86: Don't adjust guest's CPUID.0x12.1 (allowed SGX enclave XFRM) · 275a8724
      Sean Christopherson authored
      Drop KVM's manipulation of guest's CPUID.0x12.1 ECX and EDX, i.e. the
      allowed XFRM of SGX enclaves, now that KVM explicitly checks the guest's
      allowed XCR0 when emulating ECREATE.
      
      Note, this could theoretically break a setup where userspace advertises
      a "bad" XFRM and relies on KVM to provide a sane CPUID model, but QEMU
      is the only known user of KVM SGX, and QEMU explicitly sets the SGX CPUID
      XFRM subleaf based on the guest's XCR0.
      Reviewed-by: default avatarKai Huang <kai.huang@intel.com>
      Tested-by: default avatarKai Huang <kai.huang@intel.com>
      Signed-off-by: default avatarSean Christopherson <seanjc@google.com>
      Message-Id: <20230503160838.3412617-3-seanjc@google.com>
      Signed-off-by: default avatarPaolo Bonzini <pbonzini@redhat.com>
      275a8724
    • Sean Christopherson's avatar
      KVM: VMX: Don't rely _only_ on CPUID to enforce XCR0 restrictions for ECREATE · ad45413d
      Sean Christopherson authored
      Explicitly check the vCPU's supported XCR0 when determining whether or not
      the XFRM for ECREATE is valid.  Checking CPUID works because KVM updates
      guest CPUID.0x12.1 to restrict the leaf to a subset of the guest's allowed
      XCR0, but that is rather subtle and KVM should not modify guest CPUID
      except for modeling true runtime behavior (allowed XFRM is most definitely
      not "runtime" behavior).
      Reviewed-by: default avatarKai Huang <kai.huang@intel.com>
      Tested-by: default avatarKai Huang <kai.huang@intel.com>
      Signed-off-by: default avatarSean Christopherson <seanjc@google.com>
      Message-Id: <20230503160838.3412617-2-seanjc@google.com>
      Signed-off-by: default avatarPaolo Bonzini <pbonzini@redhat.com>
      ad45413d
  3. 20 May, 2023 13 commits
    • Helge Deller's avatar
      fbdev: stifb: Whitespace cleanups · d9a45969
      Helge Deller authored
      Missed whitespace cleanups in stifb.
      
      Fixes: 80004257 ("fbdev: stifb: Remove trailing whitespaces")
      Signed-off-by: default avatarHelge Deller <deller@gmx.de>
      d9a45969
    • Helge Deller's avatar
      fbdev: udlfb: Use usb_control_msg_send() · 537adba4
      Helge Deller authored
      Use the newly introduced usb_control_msg_send() instead of usb_control_msg()
      when selecting the channel.
      Reviewed-by: default avatarAlan Stern <stern@rowland.harvard.edu>
      Signed-off-by: default avatarHelge Deller <deller@gmx.de>
      537adba4
    • Linus Torvalds's avatar
      Merge tag 'tty-6.4-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty · 0dd2a6fb
      Linus Torvalds authored
      Pull tty / serial fixes from Greg KH:
       "Here are some small tty and serial driver fixes for 6.4-rc3 to resolve
        some reported problems, and add some new device ids. These include:
      
         - termios documentation updates
      
         - vc_screen use-after-free fix
      
         - memory leak fix in arc_uart driver
      
         - new 8250 driver ids
      
         - other small serial driver fixes
      
        All of these have been in linux-next for a while with no reported
        problems"
      
      * tag 'tty-6.4-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty:
        vc_screen: reload load of struct vc_data pointer in vcs_write() to avoid UAF
        serial: qcom-geni: fix enabling deactivated interrupt
        serial: 8250_bcm7271: fix leak in `brcmuart_probe`
        serial: 8250_bcm7271: balance clk_enable calls
        serial: arc_uart: fix of_iomap leak in `arc_serial_probe`
        serial: 8250: Document termios parameter of serial8250_em485_config()
        serial: Add support for Advantech PCI-1611U card
        serial: 8250_exar: Add support for USR298x PCI Modems
      0dd2a6fb
    • Linus Torvalds's avatar
      Merge tag 'usb-6.4-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb · 2dd0d98d
      Linus Torvalds authored
      Pull USB / Thunderbolt fixes from Greg KH:
       "Here are some USB fixes for 6.4-rc3, as well as a driver core fix that
        resolves a memory leak that shows up in USB devices easier than other
        subsystems.
      
        Included in here are:
      
         - driver core memory leak as reported and tested by syzbot and
           developers
      
         - dwc3 driver fixes for reported problems
      
         - xhci driver fixes for reported problems
      
         - USB gadget driver reverts to resolve regressions
      
         - usbtmc driver fix for syzbot reported problem
      
         - thunderbolt driver fixes for reported issues
      
         - other small USB fixes
      
        All of these, except for the driver core fix, have been in linux-next
        with no reported problems. The driver core fix was tested and verified
        to solve the issue by syzbot and the original reporter"
      
      * tag 'usb-6.4-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb:
        driver core: class: properly reference count class_dev_iter()
        xhci: Fix incorrect tracking of free space on transfer rings
        xhci-pci: Only run d3cold avoidance quirk for s2idle
        usb-storage: fix deadlock when a scsi command timeouts more than once
        usb: dwc3: fix a test for error in dwc3_core_init()
        usb: typec: tps6598x: Fix fault at module removal
        usb: gadget: u_ether: Fix host MAC address case
        usb: typec: altmodes/displayport: fix pin_assignment_show
        Revert "usb: gadget: udc: core: Invoke usb_gadget_connect only when started"
        Revert "usb: gadget: udc: core: Prevent redundant calls to pullup"
        usb: gadget: drop superfluous ':' in doc string
        usb: dwc3: debugfs: Resume dwc3 before accessing registers
        USB: UHCI: adjust zhaoxin UHCI controllers OverCurrent bit value
        usb: dwc3: fix gadget mode suspend interrupt handler issue
        usb: dwc3: gadget: Improve dwc3_gadget_suspend() and dwc3_gadget_resume()
        USB: usbtmc: Fix direction for 0-length ioctl control messages
        thunderbolt: Clear registers properly when auto clear isn't in use
      2dd0d98d
    • Linus Torvalds's avatar
      Merge tag 'block-6.4-2023-05-20' of git://git.kernel.dk/linux · 98be58a6
      Linus Torvalds authored
      Pull block fixes from Jens Axboe:
      
       - NVMe pull request via Keith:
           - More device quirks (Sagi, Hristo, Adrian, Daniel)
           - Controller delete race (Maurizo)
           - Multipath cleanup fix (Christoph)
      
       - Deny writeable mmap mapping on a readonly block device (Loic)
      
       - Kill unused define that got introduced by accident (Christoph)
      
       - Error handling fix for s390 dasd (Stefan)
      
       - ublk locking fix (Ming)
      
      * tag 'block-6.4-2023-05-20' of git://git.kernel.dk/linux:
        block: remove NFL4_UFLG_MASK
        block: Deny writable memory mapping if block is read-only
        s390/dasd: fix command reject error on ESE devices
        nvme-pci: Add quirk for Teamgroup MP33 SSD
        ublk: fix AB-BA lockdep warning
        nvme: do not let the user delete a ctrl before a complete initialization
        nvme-multipath: don't call blk_mark_disk_dead in nvme_mpath_remove_disk
        nvme-pci: clamp max_hw_sectors based on DMA optimized limitation
        nvme-pci: add quirk for missing secondary temperature thresholds
        nvme-pci: add NVME_QUIRK_BOGUS_NID for HS-SSD-FUTURE 2048G
      98be58a6
    • Christoph Hellwig's avatar
      block: remove NFL4_UFLG_MASK · e3afec91
      Christoph Hellwig authored
      The NFL4_UFLG_MASK define slipped in in commit 9208d414
      ("block: add a ->get_unique_id method") and should never have been
      added, as NFSD as the only user of it already has it's copy.
      Signed-off-by: default avatarChristoph Hellwig <hch@lst.de>
      Link: https://lore.kernel.org/r/20230520090010.527046-1-hch@lst.deSigned-off-by: default avatarJens Axboe <axboe@kernel.dk>
      e3afec91
    • Alan Stern's avatar
      fbdev: udlfb: Fix endpoint check · ed9de4ed
      Alan Stern authored
      The syzbot fuzzer detected a problem in the udlfb driver, caused by an
      endpoint not having the expected type:
      
      usb 1-1: Read EDID byte 0 failed: -71
      usb 1-1: Unable to get valid EDID from device/display
      ------------[ cut here ]------------
      usb 1-1: BOGUS urb xfer, pipe 3 != type 1
      WARNING: CPU: 0 PID: 9 at drivers/usb/core/urb.c:504 usb_submit_urb+0xed6/0x1880
      drivers/usb/core/urb.c:504
      Modules linked in:
      CPU: 0 PID: 9 Comm: kworker/0:1 Not tainted
      6.4.0-rc1-syzkaller-00016-ga4422ff2 #0
      Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google
      04/28/2023
      Workqueue: usb_hub_wq hub_event
      RIP: 0010:usb_submit_urb+0xed6/0x1880 drivers/usb/core/urb.c:504
      ...
      Call Trace:
       <TASK>
       dlfb_submit_urb+0x92/0x180 drivers/video/fbdev/udlfb.c:1980
       dlfb_set_video_mode+0x21f0/0x2950 drivers/video/fbdev/udlfb.c:315
       dlfb_ops_set_par+0x2a7/0x8d0 drivers/video/fbdev/udlfb.c:1111
       dlfb_usb_probe+0x149a/0x2710 drivers/video/fbdev/udlfb.c:1743
      
      The current approach for this issue failed to catch the problem
      because it only checks for the existence of a bulk-OUT endpoint; it
      doesn't check whether this endpoint is the one that the driver will
      actually use.
      
      We can fix the problem by instead checking that the endpoint used by
      the driver does exist and is bulk-OUT.
      
      Reported-and-tested-by: syzbot+0e22d63dcebb802b9bc8@syzkaller.appspotmail.com
      Signed-off-by: default avatarAlan Stern <stern@rowland.harvard.edu>
      CC: Pavel Skripkin <paskripkin@gmail.com>
      Fixes: aaf7dbe0 ("video: fbdev: udlfb: properly check endpoint type")
      Signed-off-by: default avatarHelge Deller <deller@gmx.de>
      ed9de4ed
    • Niklas Schnelle's avatar
      fbdev: atyfb: Remove unused clock determination · 93f57c7a
      Niklas Schnelle authored
      Just below the removed lines par->clk_wr_offset is hard coded to 3 so
      there is no use in determining a different clock just to then ignore it
      anyway. This also removes the only I/O port use remaining in the driver
      allowing it to be built without CONFIG_HAS_IOPORT.
      
      Link: https://lore.kernel.org/all/ZBx5aLo5h546BzBt@intel.com/Suggested-by: default avatarVille Syrjälä <ville.syrjala@linux.intel.com>
      Signed-off-by: default avatarNiklas Schnelle <schnelle@linux.ibm.com>
      Reviewed-by: default avatarVille Syrjälä <ville.syrjala@linux.intel.com>
      Signed-off-by: default avatarHelge Deller <deller@gmx.de>
      93f57c7a
    • Arnd Bergmann's avatar
      fbdev: i810: include i810_main.h in i810_dvt.c · f6cd4c96
      Arnd Bergmann authored
      Building with W=1 shows that a header needs to be included to
      make the prototypes visible:
      
      drivers/video/fbdev/i810/i810_dvt.c:194:6: error: no previous prototype for 'round_off_xres' [-Werror=missing-prototypes]
      drivers/video/fbdev/i810/i810_dvt.c:233:6: error: no previous prototype for 'i810fb_encode_registers' [-Werror=missing-prototypes]
      drivers/video/fbdev/i810/i810_dvt.c:245:6: error: no previous prototype for 'i810fb_fill_var_timings' [-Werror=missing-prototypes]
      drivers/video/fbdev/i810/i810_dvt.c:279:5: error: no previous prototype for 'i810_get_watermark' [-Werror=missing-prototypes]
      
      Adding the header leads to another warning from a mismatched
      prototype, so fix this as well:
      
      drivers/video/fbdev/i810/i810_dvt.c:280:5: error: conflicting types for 'i810_get_watermark'; have 'u32(struct fb_var_screeninfo *,
      Signed-off-by: default avatarArnd Bergmann <arnd@arndb.de>
      Reviewed-by: default avatarJani Nikula <jani.nikula@intel.com>
      Signed-off-by: default avatarHelge Deller <deller@gmx.de>
      f6cd4c96
    • Arnd Bergmann's avatar
      fbdev: fbmem: mark get_fb_unmapped_area() static · 19abb458
      Arnd Bergmann authored
      There is a global function with this name on sparc, but no
      global declaration:
      
      drivers/video/fbdev/core/fbmem.c:1469:15: error: no previous prototype for 'get_fb_unmapped_area'
      
      Make the generic definition static to avoid this warning. On
      sparc, this is never seen.
      
      Edit by Helge:
      Update Kconfig text as suggested by Geert Uytterhoeven.
      Signed-off-by: default avatarArnd Bergmann <arnd@arndb.de>
      Signed-off-by: default avatarHelge Deller <deller@gmx.de>
      19abb458
    • Loic Poulain's avatar
      block: Deny writable memory mapping if block is read-only · 69baa3a6
      Loic Poulain authored
      User should not be able to write block device if it is read-only at
      block level (e.g force_ro attribute). This is ensured in the regular
      fops write operation (blkdev_write_iter) but not when writing via
      user mapping (mmap), allowing user to actually write a read-only
      block device via a PROT_WRITE mapping.
      
      Example: This can lead to integrity issue of eMMC boot partition
      (e.g mmcblk0boot0) which is read-only by default.
      
      To fix this issue, simply deny shared writable mapping if the block
      is readonly.
      
      Note: Block remains writable if switch to read-only is performed
      after the initial mapping, but this is expected behavior according
      to commit a32e236e ("Partially revert "block: fail op_is_write()
      requests to read-only partitions"")'.
      Signed-off-by: default avatarLoic Poulain <loic.poulain@linaro.org>
      Reviewed-by: default avatarChristoph Hellwig <hch@lst.de>
      Link: https://lore.kernel.org/r/20230510074223.991297-1-loic.poulain@linaro.orgSigned-off-by: default avatarJens Axboe <axboe@kernel.dk>
      69baa3a6
    • Linus Torvalds's avatar
      Merge tag 'drm-fixes-2023-05-20' of git://anongit.freedesktop.org/drm/drm · d635f6cc
      Linus Torvalds authored
      Pull drm fixes from Dave Airlie:
       "Regular fixes pull, amdgpu and msm make up most of these, nothing too
        serious, also one i915 and one exynos.
      
        I didn't get a misc fixes pull this week (one of the maintainers is
        off, so have to engage the backup) so I think there are a few
        outstanding patches that will show up next week,
      
        amdgpu:
         - update gfx11 clock counter logic
         - Fix a race when disabling gfxoff on gfx10/11 for profiling
         - Raven/Raven2/PCO clock counter fix
         - Add missing get_vbios_fb_size for GMC 11
         - Fix a spurious irq warning in the device remove case
         - Fix possible power mode mismatch between driver and PMFW
         - USB4 fix
      
        exynos:
         - fix build warning
      
        i915:
         - fix missing NULL check in HDCP code
      
        msm:
         - display:
            - msm8998: fix fetch and qos to align with downstream
            - msm8998: fix LM pairs to align with downstream
            - remove unused INTF0 interrupt mask on some chipsets
            - remove TE2 block from relevant chipsets
            - relocate non-MDP_TOP offset to different header
            - fix some indentation
            - fix register offets/masks for dither blocks
            - make ping-ping block length 0
            - remove duplicated defines
            - fix log mask for writeback block
            - unregister the hdmi codec for dp during unbind
            - fix yaml warnings
         - gpu:
            - fix submit error path leak
            - arm-smmu-qcom fix for regression that broke per-process page
              tables
            - fix no-iommu crash"
      
      * tag 'drm-fixes-2023-05-20' of git://anongit.freedesktop.org/drm/drm: (29 commits)
        drm/amd/display: enable dpia validate
        drm/amd/pm: fix possible power mode mismatch between driver and PMFW
        drm/amdgpu: skip disabling fence driver src_irqs when device is unplugged
        drm/amdgpu/gmc11: implement get_vbios_fb_size()
        drm/amdgpu: Differentiate between Raven2 and Raven/Picasso according to revision id
        drm/amdgpu/gfx11: Adjust gfxoff before powergating on gfx11 as well
        drm/amdgpu/gfx10: Disable gfxoff before disabling powergating.
        drm/amdgpu/gfx11: update gpu_clock_counter logic
        drm/msm: Be more shouty if per-process pgtables aren't working
        iommu/arm-smmu-qcom: Fix missing adreno_smmu's
        drm/i915/hdcp: Check if media_gt exists
        drm/exynos: fix g2d_open/close helper function definitions
        drm/msm: Fix submit error-path leaks
        drm/msm/iommu: Fix null pointer dereference in no-IOMMU case
        dt-bindings: display/msm: dsi-controller-main: Document qcom, master-dsi and qcom, sync-dual-dsi
        drm/msm/dpu: Remove duplicate register defines from INTF
        drm/msm/dpu: Set PINGPONG block length to zero for DPU >= 7.0.0
        drm/msm/dpu: Use V2 DITHER PINGPONG sub-block in SM8[34]50/SC8280XP
        drm/msm/dpu: Fix PP_BLK_DIPHER -> DITHER typo
        drm/msm/dpu: Reindent REV_7xxx interrupt masks with tabs
        ...
      d635f6cc
    • Stefan Haberland's avatar
      s390/dasd: fix command reject error on ESE devices · c99bff34
      Stefan Haberland authored
      Formatting a thin-provisioned (ESE) device that is part of a PPRC copy
      relation might fail with the following error:
      
      dasd-eckd 0.0.f500: An error occurred in the DASD device driver, reason=09
      [...]
      24 Byte: 0 MSG 4, no MSGb to SYSOP
      
      During format of an ESE disk the Release Allocated Space command is used.
      A bit in the payload of the command is set that is not allowed to be set
      for devices in a copy relation. This bit is set to allow the partial
      release of an extent.
      
      Check for the existence of a copy relation before setting the respective
      bit.
      
      Fixes: 91dc4a19 ("s390/dasd: Add new ioctl to release space")
      Cc: stable@kernel.org # 5.3+
      Signed-off-by: default avatarStefan Haberland <sth@linux.ibm.com>
      Reviewed-by: default avatarJan Hoeppner <hoeppner@linux.ibm.com>
      Link: https://lore.kernel.org/r/20230519102340.3854819-2-sth@linux.ibm.comSigned-off-by: default avatarJens Axboe <axboe@kernel.dk>
      c99bff34
  4. 19 May, 2023 9 commits
    • Linus Torvalds's avatar
      Merge tag 'scsi-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi · 5565ec4e
      Linus Torvalds authored
      Pull SCSI fixes from James Bottomley:
       "Six small fixes.
      
        Four in drivers and the two core changes should be read together as a
        correction to a prior iorequest_cnt fix that exposed us to a potential
        use after free"
      
      * tag 'scsi-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi:
        scsi: core: Decrease scsi_device's iorequest_cnt if dispatch failed
        scsi: Revert "scsi: core: Do not increase scsi_device's iorequest_cnt if dispatch failed"
        scsi: storvsc: Don't pass unused PFNs to Hyper-V host
        scsi: ufs: core: Fix MCQ nr_hw_queues
        scsi: ufs: core: Rename symbol sizeof_utp_transfer_cmd_desc()
        scsi: ufs: core: Fix MCQ tag calculation
      5565ec4e
    • Linus Torvalds's avatar
      Merge tag 'ceph-for-6.4-rc3' of https://github.com/ceph/ceph-client · a5948745
      Linus Torvalds authored
      Pull ceph fixes from Ilya Dryomov:
       "A workaround for a just discovered bug in MClientSnap encoding which
        goes back to 2017 (marked for stable) and a fixup to quieten a static
        checker"
      
      * tag 'ceph-for-6.4-rc3' of https://github.com/ceph/ceph-client:
        ceph: force updating the msg pointer in non-split case
        ceph: silence smatch warning in reconnect_caps_cb()
      a5948745
    • Linus Torvalds's avatar
      Merge tag 'pm-6.4-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm · d3f70431
      Linus Torvalds authored
      Pull power management fixes from Rafael Wysocki:
       "These fix two issues in the cpupower utility and get rid of a spurious
        warning message printed to the kernel log by the ACPI cpufreq driver
        after recent changes.
      
        Specifics:
      
         - Get rid of a warning message printed by the ACPI cpufreq driver
           after recent changes in it when anohter CPU performance scaling
           driver is registered already when it starts (Petr Pavlu)
      
         - Make cpupower read TSC on each CPU right before reading MPERF so as
           to reduce the potential time difference between the TSC and MPERF
           accesses and improve the C0 percentage calculation (Wyes Karny)
      
         - Fix a possible file handle leak and clean up the code in the
           sysfs_get_enabled() function in cpupower (Hao Zeng)"
      
      * tag 'pm-6.4-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm:
        cpufreq: ACPI: Prevent a warning when another frequency driver is loaded
        cpupower: Make TSC read per CPU for Mperf monitor
        cpupower:Fix resource leaks in sysfs_get_enabled()
      d3f70431
    • Linus Torvalds's avatar
      Merge tag 'acpi-6.4-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm · c8306329
      Linus Torvalds authored
      Pull ACPI fix from Rafael Wysocki:
       "Add an ACPI IRQ override quirk for LG UltraPC 17U70P so as to make the
        internal keyboard work on that machine (Rubén Gómez)"
      
      * tag 'acpi-6.4-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm:
        ACPI: resource: Add IRQ override quirk for LG UltraPC 17U70P
      c8306329
    • Linus Torvalds's avatar
      Merge tag 'docs-6.4-fixes' of git://git.lwn.net/linux · cbd6ac38
      Linus Torvalds authored
      Pull documentation fixes from Jonathan Corbet:
       "Four straightforward documentation fixes"
      
      * tag 'docs-6.4-fixes' of git://git.lwn.net/linux:
        Documentation/filesystems: ramfs-rootfs-initramfs: use :Author:
        Documentation/filesystems: sharedsubtree: add section headings
        docs: quickly-build-trimmed-linux: various small fixes and improvements
        Documentation: use capitalization for chapters and acronyms
      cbd6ac38
    • Linus Torvalds's avatar
      Merge tag 's390-6.4-2' of git://git.kernel.org/pub/scm/linux/kernel/git/s390/linux · ac92c279
      Linus Torvalds authored
      Pull s390 fixes from Alexander Gordeev:
      
       - Add check whether the required facilities are installed before using
         the s390-specific ChaCha20 implementation
      
       - Key blobs for s390 protected key interface IOCTLs commands
         PKEY_VERIFYKEY2 and PKEY_VERIFYKEY3 may contain clear key material.
         Zeroize copies of these keys in kernel memory after creating
         protected keys
      
       - Set CONFIG_INIT_STACK_NONE=y in defconfigs to avoid extra overhead of
         initializing all stack variables by default
      
       - Make sure that when a new channel-path is enabled all subchannels are
         evaluated: with and without any devices connected on it
      
       - When SMT thread CPUs are added to CPU topology masks the nr_cpu_ids
         limit is not checked and could be exceeded. Respect the nr_cpu_ids
         limit and avoid a warning when CONFIG_DEBUG_PER_CPU_MAPS is set
      
       - The pointer to IPL Parameter Information Block is stored in the
         absolute lowcore as a virtual address. Save it as the physical
         address for later use by dump tools
      
       - Fix a Queued Direct I/O (QDIO) problem on z/VM guests using QIOASSIST
         with dedicated (pass through) QDIO-based devices such as FCP, real
         OSA or HiperSockets
      
       - s390's struct statfs and struct statfs64 contain padding, which
         field-by-field copying does not set. Initialize the respective
         structures with zeros before filling them and copying to userspace
      
       - Grow s390 compat_statfs64, statfs and statfs64 structures f_spare
         array member to cover padding and simplify things
      
       - Remove obsolete SCHED_BOOK and SCHED_DRAWER configs
      
       - Remove unneeded S390_CCW_IOMMU and S390_AP_IOM configs
      
      * tag 's390-6.4-2' of git://git.kernel.org/pub/scm/linux/kernel/git/s390/linux:
        s390/iommu: get rid of S390_CCW_IOMMU and S390_AP_IOMMU
        s390/Kconfig: remove obsolete configs SCHED_{BOOK,DRAWER}
        s390/uapi: cover statfs padding by growing f_spare
        statfs: enforce statfs[64] structure initialization
        s390/qdio: fix do_sqbs() inline assembly constraint
        s390/ipl: fix IPIB virtual vs physical address confusion
        s390/topology: honour nr_cpu_ids when adding CPUs
        s390/cio: include subchannels without devices also for evaluation
        s390/defconfigs: set CONFIG_INIT_STACK_NONE=y
        s390/pkey: zeroize key blobs
        s390/crypto: use vector instructions only if available for ChaCha20
      ac92c279
    • Linus Torvalds's avatar
      Merge tag 'arm64-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux · 4ffd96c9
      Linus Torvalds authored
      Pull arm64 fixes from Will Deacon:
       "A mixture of compiler/static checker resolutions and a couple of MTE
        fixes:
      
         - Avoid erroneously marking untagged pages with PG_mte_tagged
      
         - Always reset KASAN tags for destination page in copy_page()
      
         - Mark PMU header functions 'static inline'
      
         - Fix some sparse warnings due to missing casts"
      
      * tag 'arm64-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux:
        arm64: mte: Do not set PG_mte_tagged if tags were not initialized
        arm64: Also reset KASAN tag if page is not PG_mte_tagged
        arm64: perf: Mark all accessor functions inline
        ARM: perf: Mark all accessor functions inline
        arm64: vdso: Pass (void *) to virt_to_page()
        arm64/mm: mark private VM_FAULT_X defines as vm_fault_t
      4ffd96c9
    • Michal Luczaj's avatar
      KVM: Fix vcpu_array[0] races · afb2acb2
      Michal Luczaj authored
      In kvm_vm_ioctl_create_vcpu(), add vcpu to vcpu_array iff it's safe to
      access vcpu via kvm_get_vcpu() and kvm_for_each_vcpu(), i.e. when there's
      no failure path requiring vcpu removal and destruction. Such order is
      important because vcpu_array accessors may end up referencing vcpu at
      vcpu_array[0] even before online_vcpus is set to 1.
      
      When online_vcpus=0, any call to kvm_get_vcpu() goes through
      array_index_nospec() and ends with an attempt to xa_load(vcpu_array, 0):
      
      	int num_vcpus = atomic_read(&kvm->online_vcpus);
      	i = array_index_nospec(i, num_vcpus);
      	return xa_load(&kvm->vcpu_array, i);
      
      Similarly, when online_vcpus=0, a kvm_for_each_vcpu() does not iterate over
      an "empty" range, but actually [0, ULONG_MAX]:
      
      	xa_for_each_range(&kvm->vcpu_array, idx, vcpup, 0, \
      			  (atomic_read(&kvm->online_vcpus) - 1))
      
      In both cases, such online_vcpus=0 edge case, even if leading to
      unnecessary calls to XArray API, should not be an issue; requesting
      unpopulated indexes/ranges is handled by xa_load() and xa_for_each_range().
      
      However, this means that when the first vCPU is created and inserted in
      vcpu_array *and* before online_vcpus is incremented, code calling
      kvm_get_vcpu()/kvm_for_each_vcpu() already has access to that first vCPU.
      
      This should not pose a problem assuming that once a vcpu is stored in
      vcpu_array, it will remain there, but that's not the case:
      kvm_vm_ioctl_create_vcpu() first inserts to vcpu_array, then requests a
      file descriptor. If create_vcpu_fd() fails, newly inserted vcpu is removed
      from the vcpu_array, then destroyed:
      
      	vcpu->vcpu_idx = atomic_read(&kvm->online_vcpus);
      	r = xa_insert(&kvm->vcpu_array, vcpu->vcpu_idx, vcpu, GFP_KERNEL_ACCOUNT);
      	kvm_get_kvm(kvm);
      	r = create_vcpu_fd(vcpu);
      	if (r < 0) {
      		xa_erase(&kvm->vcpu_array, vcpu->vcpu_idx);
      		kvm_put_kvm_no_destroy(kvm);
      		goto unlock_vcpu_destroy;
      	}
      	atomic_inc(&kvm->online_vcpus);
      
      This results in a possible race condition when a reference to a vcpu is
      acquired (via kvm_get_vcpu() or kvm_for_each_vcpu()) moments before said
      vcpu is destroyed.
      Signed-off-by: default avatarMichal Luczaj <mhal@rbox.co>
      Message-Id: <20230510140410.1093987-2-mhal@rbox.co>
      Cc: stable@vger.kernel.org
      Fixes: c5b07754 ("KVM: Convert the kvm->vcpus array to a xarray", 2021-12-08)
      Signed-off-by: default avatarPaolo Bonzini <pbonzini@redhat.com>
      afb2acb2
    • Jacob Xu's avatar
      KVM: VMX: Fix header file dependency of asm/vmx.h · 3367eeab
      Jacob Xu authored
      Include a definition of WARN_ON_ONCE() before using it.
      
      Fixes: bb1fcc70 ("KVM: nVMX: Allow L1 to use 5-level page walks for nested EPT")
      Cc: Sean Christopherson <seanjc@google.com>
      Signed-off-by: default avatarJacob Xu <jacobhxu@google.com>
      [reworded commit message; changed <asm/bug.h> to <linux/bug.h>]
      Signed-off-by: default avatarJim Mattson <jmattson@google.com>
      Reviewed-by: default avatarSean Christopherson <seanjc@google.com>
      Message-Id: <20220225012959.1554168-1-jmattson@google.com>
      Signed-off-by: default avatarPaolo Bonzini <pbonzini@redhat.com>
      3367eeab