1. 18 Jan, 2022 1 commit
    • Marcelo Tosatti's avatar
      KVM: VMX: switch blocked_vcpu_on_cpu_lock to raw spinlock · 5f02ef74
      Marcelo Tosatti authored
      blocked_vcpu_on_cpu_lock is taken from hard interrupt context
      (pi_wakeup_handler), therefore it cannot sleep.
      
      Switch it to a raw spinlock.
      
      Fixes:
      
      [41297.066254] BUG: scheduling while atomic: CPU 0/KVM/635218/0x00010001
      [41297.066323] Preemption disabled at:
      [41297.066324] [<ffffffff902ee47f>] irq_enter_rcu+0xf/0x60
      [41297.066339] Call Trace:
      [41297.066342]  <IRQ>
      [41297.066346]  dump_stack_lvl+0x34/0x44
      [41297.066353]  ? irq_enter_rcu+0xf/0x60
      [41297.066356]  __schedule_bug.cold+0x7d/0x8b
      [41297.066361]  __schedule+0x439/0x5b0
      [41297.066365]  ? task_blocks_on_rt_mutex.constprop.0.isra.0+0x1b0/0x440
      [41297.066369]  schedule_rtlock+0x1e/0x40
      [41297.066371]  rtlock_slowlock_locked+0xf1/0x260
      [41297.066374]  rt_spin_lock+0x3b/0x60
      [41297.066378]  pi_wakeup_handler+0x31/0x90 [kvm_intel]
      [41297.066388]  sysvec_kvm_posted_intr_wakeup_ipi+0x9d/0xd0
      [41297.066392]  </IRQ>
      [41297.066392]  asm_sysvec_kvm_posted_intr_wakeup_ipi+0x12/0x20
      ...
      Signed-off-by: default avatarMarcelo Tosatti <mtosatti@redhat.com>
      Cc: stable@vger.kernel.org
      Signed-off-by: default avatarPaolo Bonzini <pbonzini@redhat.com>
      5f02ef74
  2. 09 Jan, 2022 6 commits
  3. 08 Jan, 2022 5 commits
  4. 07 Jan, 2022 11 commits
  5. 06 Jan, 2022 11 commits
  6. 05 Jan, 2022 6 commits
    • Naveen N. Rao's avatar
      tracing: Tag trace_percpu_buffer as a percpu pointer · f28439db
      Naveen N. Rao authored
      Tag trace_percpu_buffer as a percpu pointer to resolve warnings
      reported by sparse:
        /linux/kernel/trace/trace.c:3218:46: warning: incorrect type in initializer (different address spaces)
        /linux/kernel/trace/trace.c:3218:46:    expected void const [noderef] __percpu *__vpp_verify
        /linux/kernel/trace/trace.c:3218:46:    got struct trace_buffer_struct *
        /linux/kernel/trace/trace.c:3234:9: warning: incorrect type in initializer (different address spaces)
        /linux/kernel/trace/trace.c:3234:9:    expected void const [noderef] __percpu *__vpp_verify
        /linux/kernel/trace/trace.c:3234:9:    got int *
      
      Link: https://lkml.kernel.org/r/ebabd3f23101d89cb75671b68b6f819f5edc830b.1640255304.git.naveen.n.rao@linux.vnet.ibm.com
      
      Cc: stable@vger.kernel.org
      Reported-by: default avatarkernel test robot <lkp@intel.com>
      Fixes: 07d777fe ("tracing: Add percpu buffers for trace_printk()")
      Signed-off-by: default avatarNaveen N. Rao <naveen.n.rao@linux.vnet.ibm.com>
      Signed-off-by: default avatarSteven Rostedt <rostedt@goodmis.org>
      f28439db
    • Naveen N. Rao's avatar
      tracing: Fix check for trace_percpu_buffer validity in get_trace_buf() · 823e670f
      Naveen N. Rao authored
      With the new osnoise tracer, we are seeing the below splat:
          Kernel attempted to read user page (c7d880000) - exploit attempt? (uid: 0)
          BUG: Unable to handle kernel data access on read at 0xc7d880000
          Faulting instruction address: 0xc0000000002ffa10
          Oops: Kernel access of bad area, sig: 11 [#1]
          LE PAGE_SIZE=64K MMU=Radix SMP NR_CPUS=2048 NUMA pSeries
          ...
          NIP [c0000000002ffa10] __trace_array_vprintk.part.0+0x70/0x2f0
          LR [c0000000002ff9fc] __trace_array_vprintk.part.0+0x5c/0x2f0
          Call Trace:
          [c0000008bdd73b80] [c0000000001c49cc] put_prev_task_fair+0x3c/0x60 (unreliable)
          [c0000008bdd73be0] [c000000000301430] trace_array_printk_buf+0x70/0x90
          [c0000008bdd73c00] [c0000000003178b0] trace_sched_switch_callback+0x250/0x290
          [c0000008bdd73c90] [c000000000e70d60] __schedule+0x410/0x710
          [c0000008bdd73d40] [c000000000e710c0] schedule+0x60/0x130
          [c0000008bdd73d70] [c000000000030614] interrupt_exit_user_prepare_main+0x264/0x270
          [c0000008bdd73de0] [c000000000030a70] syscall_exit_prepare+0x150/0x180
          [c0000008bdd73e10] [c00000000000c174] system_call_vectored_common+0xf4/0x278
      
      osnoise tracer on ppc64le is triggering osnoise_taint() for negative
      duration in get_int_safe_duration() called from
      trace_sched_switch_callback()->thread_exit().
      
      The problem though is that the check for a valid trace_percpu_buffer is
      incorrect in get_trace_buf(). The check is being done after calculating
      the pointer for the current cpu, rather than on the main percpu pointer.
      Fix the check to be against trace_percpu_buffer.
      
      Link: https://lkml.kernel.org/r/a920e4272e0b0635cf20c444707cbce1b2c8973d.1640255304.git.naveen.n.rao@linux.vnet.ibm.com
      
      Cc: stable@vger.kernel.org
      Fixes: e2ace001 ("tracing: Choose static tp_printk buffer by explicit nesting count")
      Signed-off-by: default avatarNaveen N. Rao <naveen.n.rao@linux.vnet.ibm.com>
      Signed-off-by: default avatarSteven Rostedt <rostedt@goodmis.org>
      823e670f
    • Jiri Olsa's avatar
      ftrace/samples: Add missing prototypes direct functions · 0daf5cb2
      Jiri Olsa authored
      There's another compilation fail (first here [1]) reported by kernel
      test robot for W=1 clang build:
      
        >> samples/ftrace/ftrace-direct-multi-modify.c:7:6: warning: no previous
        prototype for function 'my_direct_func1' [-Wmissing-prototypes]
           void my_direct_func1(unsigned long ip)
      
      Direct functions in ftrace direct sample modules need to have prototypes
      defined. They are already global in order to be visible for the inline
      assembly, so there's no problem.
      
      The kernel test robot reported just error for ftrace-direct-multi-modify,
      but I got same errors also for the rest of the modules touched by this patch.
      
      [1] 67d4f6e3 ftrace/samples: Add missing prototype for my_direct_func
      
      Link: https://lkml.kernel.org/r/20211219135317.212430-1-jolsa@kernel.orgReported-by: default avatarkernel test robot <lkp@intel.com>
      Fixes: e1067a07 ("ftrace/samples: Add module to test multi direct modify interface")
      Fixes: ae0cc3b7 ("ftrace/samples: Add a sample module that implements modify_ftrace_direct()")
      Fixes: 156473a0 ("ftrace: Add another example of register_ftrace_direct() use case")
      Fixes: b06457c8 ("ftrace: Add sample module that uses register_ftrace_direct()")
      Signed-off-by: default avatarJiri Olsa <jolsa@kernel.org>
      Signed-off-by: default avatarSteven Rostedt <rostedt@goodmis.org>
      0daf5cb2
    • Linus Torvalds's avatar
      Merge tag 'net-5.16-final' of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net · 75acfdb6
      Linus Torvalds authored
      Pull networking fixes from Jakub Kicinski"
       "Networking fixes, including fixes from bpf, and WiFi. One last pull
        request, turns out some of the recent fixes did more harm than good.
      
        Current release - regressions:
      
         - Revert "xsk: Do not sleep in poll() when need_wakeup set", made the
           problem worse
      
         - Revert "net: phy: fixed_phy: Fix NULL vs IS_ERR() checking in
           __fixed_phy_register", broke EPROBE_DEFER handling
      
         - Revert "net: usb: r8152: Add MAC pass-through support for more
           Lenovo Docks", broke setups without a Lenovo dock
      
        Current release - new code bugs:
      
         - selftests: set amt.sh executable
      
        Previous releases - regressions:
      
         - batman-adv: mcast: don't send link-local multicast to mcast routers
      
        Previous releases - always broken:
      
         - ipv4/ipv6: check attribute length for RTA_FLOW / RTA_GATEWAY
      
         - sctp: hold endpoint before calling cb in
           sctp_transport_lookup_process
      
         - mac80211: mesh: embed mesh_paths and mpp_paths into
           ieee80211_if_mesh to avoid complicated handling of sub-object
           allocation failures
      
         - seg6: fix traceroute in the presence of SRv6
      
         - tipc: fix a kernel-infoleak in __tipc_sendmsg()"
      
      * tag 'net-5.16-final' of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net: (36 commits)
        selftests: set amt.sh executable
        Revert "net: usb: r8152: Add MAC passthrough support for more Lenovo Docks"
        sfc: The RX page_ring is optional
        iavf: Fix limit of total number of queues to active queues of VF
        i40e: Fix incorrect netdev's real number of RX/TX queues
        i40e: Fix for displaying message regarding NVM version
        i40e: fix use-after-free in i40e_sync_filters_subtask()
        i40e: Fix to not show opcode msg on unsuccessful VF MAC change
        ieee802154: atusb: fix uninit value in atusb_set_extended_addr
        mac80211: mesh: embedd mesh_paths and mpp_paths into ieee80211_if_mesh
        mac80211: initialize variable have_higher_than_11mbit
        sch_qfq: prevent shift-out-of-bounds in qfq_init_qdisc
        netrom: fix copying in user data in nr_setsockopt
        udp6: Use Segment Routing Header for dest address if present
        icmp: ICMPV6: Examine invoking packet for Segment Route Headers.
        seg6: export get_srh() for ICMP handling
        Revert "net: phy: fixed_phy: Fix NULL vs IS_ERR() checking in __fixed_phy_register"
        ipv6: Do cleanup if attribute validation fails in multipath route
        ipv6: Continue processing multipath route even if gateway attribute is invalid
        net/fsl: Remove leftover definition in xgmac_mdio
        ...
      75acfdb6
    • Leon Romanovsky's avatar
      RDMA/core: Don't infoleak GRH fields · b35a0f4d
      Leon Romanovsky authored
      If dst->is_global field is not set, the GRH fields are not cleared
      and the following infoleak is reported.
      
      =====================================================
      BUG: KMSAN: kernel-infoleak in instrument_copy_to_user include/linux/instrumented.h:121 [inline]
      BUG: KMSAN: kernel-infoleak in _copy_to_user+0x1c9/0x270 lib/usercopy.c:33
       instrument_copy_to_user include/linux/instrumented.h:121 [inline]
       _copy_to_user+0x1c9/0x270 lib/usercopy.c:33
       copy_to_user include/linux/uaccess.h:209 [inline]
       ucma_init_qp_attr+0x8c7/0xb10 drivers/infiniband/core/ucma.c:1242
       ucma_write+0x637/0x6c0 drivers/infiniband/core/ucma.c:1732
       vfs_write+0x8ce/0x2030 fs/read_write.c:588
       ksys_write+0x28b/0x510 fs/read_write.c:643
       __do_sys_write fs/read_write.c:655 [inline]
       __se_sys_write fs/read_write.c:652 [inline]
       __ia32_sys_write+0xdb/0x120 fs/read_write.c:652
       do_syscall_32_irqs_on arch/x86/entry/common.c:114 [inline]
       __do_fast_syscall_32+0x96/0xf0 arch/x86/entry/common.c:180
       do_fast_syscall_32+0x34/0x70 arch/x86/entry/common.c:205
       do_SYSENTER_32+0x1b/0x20 arch/x86/entry/common.c:248
       entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
      
      Local variable resp created at:
       ucma_init_qp_attr+0xa4/0xb10 drivers/infiniband/core/ucma.c:1214
       ucma_write+0x637/0x6c0 drivers/infiniband/core/ucma.c:1732
      
      Bytes 40-59 of 144 are uninitialized
      Memory access of size 144 starts at ffff888167523b00
      Data copied to user address 0000000020000100
      
      CPU: 1 PID: 25910 Comm: syz-executor.1 Not tainted 5.16.0-rc5-syzkaller #0
      Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
      =====================================================
      
      Fixes: 4ba66093 ("IB/core: Check for global flag when using ah_attr")
      Link: https://lore.kernel.org/r/0e9dd51f93410b7b2f4f5562f52befc878b71afa.1641298868.git.leonro@nvidia.com
      Reported-by: syzbot+6d532fa8f9463da290bc@syzkaller.appspotmail.com
      Signed-off-by: default avatarLeon Romanovsky <leonro@nvidia.com>
      Signed-off-by: default avatarJason Gunthorpe <jgg@nvidia.com>
      b35a0f4d
    • Taehee Yoo's avatar
      selftests: set amt.sh executable · db54c12a
      Taehee Yoo authored
      amt.sh test script will not work because it doesn't have execution
      permission. So, it adds execution permission.
      Reported-by: default avatarHangbin Liu <liuhangbin@gmail.com>
      Fixes: c08e8bae ("selftests: add amt interface selftest script")
      Signed-off-by: default avatarTaehee Yoo <ap420073@gmail.com>
      Link: https://lore.kernel.org/r/20220105144436.13415-1-ap420073@gmail.comSigned-off-by: default avatarJakub Kicinski <kuba@kernel.org>
      db54c12a