1. 19 May, 2016 1 commit
    • Josh Poimboeuf's avatar
      x86/entry/64: Fix stack return address retrieval in thunk · d4bf7078
      Josh Poimboeuf authored
      With CONFIG_FRAME_POINTER enabled, a thunk can pass a bad return address
      value to the called function.  '9*8(%rsp)' actually gets the frame
      pointer, not the return address.
      
      The only users of the 'put_ret_addr_in_rdi' option are two functions
      which trace the enabling and disabling of interrupts, so this bug can
      result in bad debug or tracing information with CONFIG_IRQSOFF_TRACER or
      CONFIG_PROVE_LOCKING.
      
      Fix this by implementing the suggestion of Linus: explicitly push
      the frame pointer all the time and constify the stack offsets that
      way. This is both correct and easier to read.
      Reported-by: default avatarMatt Fleming <matt@codeblueprint.co.uk>
      Signed-off-by: default avatarJosh Poimboeuf <jpoimboe@redhat.com>
      [ Extended the changelog a bit. ]
      Acked-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      Cc: Alex Thorlton <athorlton@sgi.com>
      Cc: Andrew Morton <akpm@linux-foundation.org>
      Cc: Andy Lutomirski <luto@kernel.org>
      Cc: Borislav Petkov <bp@alien8.de>
      Cc: Brian Gerst <brgerst@gmail.com>
      Cc: Denys Vlasenko <dvlasenk@redhat.com>
      Cc: H. Peter Anvin <hpa@zytor.com>
      Cc: Peter Zijlstra <a.p.zijlstra@chello.nl>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: Steven Rostedt <rostedt@goodmis.org>
      Cc: Thomas Gleixner <tglx@linutronix.de>
      Fixes: 058fb732 ("x86/asm/entry: Create stack frames in thunk functions")
      Link: http://lkml.kernel.org/r/20160517180606.v5o7wcgdni7443ol@trebleSigned-off-by: default avatarIngo Molnar <mingo@kernel.org>
      d4bf7078
  2. 17 May, 2016 1 commit
    • Linus Torvalds's avatar
      x86/efi: Fix 7-parameter efi_call()s · 683ad809
      Linus Torvalds authored
      Alex Thorlton reported that the SGI/UV code crashes in the efi_call()
      code when invoked with 7 parameters, due to:
      
              mov (%rsp), %rax
              mov 8(%rax), %rax
              ...
              mov %rax, 40(%rsp)
      
      Offset 8 is only true if CONFIG_FRAME_POINTERS is disabled,
      with frame pointers enabled it should be 16.
      
      Furthermore, the SAVE_XMM code saves the old stack pointer, but
      that's just crazy. It saves the stack pointer *AFTER* we've done
      the:
      
              FRAME_BEGIN
      
      ... which will have *changed* the stack pointer, depending on whether
      stack frames are enabled or not.
      
      So when the code then does:
      
              mov (%rsp), %rax
      
      ... we now move that old stack pointer into %rax, but the offset off that
      stack pointer will depend on whether that FRAME_BEGIN saved off %rbp
      or not.
      
      So that whole 8-vs-16 offset confusion depends on the frame pointer!
      If frame pointers were enabled, it will be 16. If they weren't, it
      will be 8.
      
      The right fix is to just get rid of that silly conditional frame
      pointer thing, and always use frame pointers in this stub function.
      And then we don't need that (odd) load to get the old stack
      pointer into %rax - we can just use the frame pointer.
      Reported-by: default avatarAlex Thorlton <athorlton@sgi.com>
      Tested-by: default avatarAlex Thorlton <athorlton@sgi.com>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      Cc: Alexander Shishkin <alexander.shishkin@linux.intel.com>
      Cc: Andrew Morton <akpm@linux-foundation.org>
      Cc: Andy Lutomirski <luto@amacapital.net>
      Cc: Arnaldo Carvalho de Melo <acme@redhat.com>
      Cc: Borislav Petkov <bp@alien8.de>
      Cc: Brian Gerst <brgerst@gmail.com>
      Cc: Denys Vlasenko <dvlasenk@redhat.com>
      Cc: H. Peter Anvin <hpa@zytor.com>
      Cc: Jiri Olsa <jolsa@redhat.com>
      Cc: Matt Fleming <matt@codeblueprint.co.uk>
      Cc: Peter Zijlstra <a.p.zijlstra@chello.nl>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: Stephane Eranian <eranian@google.com>
      Cc: Thomas Gleixner <tglx@linutronix.de>
      Cc: Vince Weaver <vincent.weaver@maine.edu>
      Link: http://lkml.kernel.org/r/CA%2B55aFzBS2v%3DWnEH83cUDg7XkOremFqJ30BJwF40dCYjReBkUQ@mail.gmail.comSigned-off-by: default avatarIngo Molnar <mingo@kernel.org>
      683ad809
  3. 16 May, 2016 1 commit
    • Dave Hansen's avatar
      x86/cpufeature, x86/mm/pkeys: Fix broken compile-time disabling of pkeys · e8df1a95
      Dave Hansen authored
      When I added support for the Memory Protection Keys processor
      feature, I had to reindent the REQUIRED/DISABLED_MASK macros, and
      also consult the later cpufeature words.
      
      I'm not quite sure how I bungled it, but I consulted the wrong
      word at the end.  This only affected required or disabled cpu
      features in cpufeature words 14, 15 and 16.  So, only Protection
      Keys itself was screwed over here.
      
      The result was that if you disabled pkeys in your .config, you
      might still see some code show up that should have been compiled
      out.  There should be no functional problems, though.
      
      In verifying this patch I also realized that the DISABLE_PKU/OSPKE
      macros were defined backwards and that the cpu_has() check in
      setup_pku() was not doing the compile-time disabled checks.
      
      So also fix the macro for DISABLE_PKU/OSPKE and add a compile-time
      check for pkeys being enabled in setup_pku().
      Signed-off-by: default avatarDave Hansen <dave.hansen@linux.intel.com>
      Cc: <stable@vger.kernel.org>
      Cc: Alexander Shishkin <alexander.shishkin@linux.intel.com>
      Cc: Arnaldo Carvalho de Melo <acme@redhat.com>
      Cc: Dave Hansen <dave@sr71.net>
      Cc: Jiri Olsa <jolsa@redhat.com>
      Cc: Linus Torvalds <torvalds@linux-foundation.org>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: Stephane Eranian <eranian@google.com>
      Cc: Thomas Gleixner <tglx@linutronix.de>
      Cc: Vince Weaver <vincent.weaver@maine.edu>
      Fixes: dfb4a70f ("x86/cpufeature, x86/mm/pkeys: Add protection keys related CPUID definitions")
      Link: http://lkml.kernel.org/r/20160513221328.C200930B@viggo.jf.intel.comSigned-off-by: default avatarIngo Molnar <mingo@kernel.org>
      e8df1a95
  4. 12 May, 2016 2 commits
  5. 11 May, 2016 14 commits
    • Linus Torvalds's avatar
      Merge tag 'scsi-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi · 685764b1
      Linus Torvalds authored
      Pull SCSI fixes from James Bottomley:
       "This is a couple of small fixes: one is a potential uninitialised
        error variable in the alua code, potentially causing spurious failures
        and the other is a problem caused by the conversion of SCSI to
        hostwide tags which resulted in the qla1280 driver always failing in
        host initialisation"
      
      * tag 'scsi-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi:
        qla1280: Don't allocate 512kb of host tags
        scsi_dh_alua: uninitialized variable in alua_rtpg()
      685764b1
    • Linus Torvalds's avatar
      Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net · 4d8bbbff
      Linus Torvalds authored
      Pull networking fixes from David Miller:
       "Hopefully the last round of fixes this release, fingers crossed :)
      
         1) Initialize static nf_conntrack_locks_all_lock properly, from
            Florian Westphal.
      
         2) Need to cancel pending work when destroying IDLETIMER entries,
            from Liping Zhang.
      
         3) Fix TX param usage when sending TSO over iwlwifi devices, from
            Emmanuel Grumbach.
      
         4) NFACCT quota params not validated properly, from Phil Turnbull.
      
         5) Resolve more glibc vs.  kernel header conflicts, from Mikko
            Tapeli.
      
         6) Missing IRQ free in ravb_close(), from Geert Uytterhoeven.
      
         7) Fix infoleak in x25, from Kangjie Lu.
      
         8) Similarly in thunderx driver, from Heinrich Schuchardt.
      
         9) tc_ife.h uapi header not exported properly, from Jamal Hadi Salim.
      
        10) Don't reenable PHY interreupts if device is in polling mode, from
            Shaohui Xie.
      
        11) Packet scheduler actions late binding was not being handled
            properly at all, from Jamal Hadi Salim.
      
        12) Fix binding of conntrack entries to helpers in openvswitch, from
            Joe Stringer"
      
      * git://git.kernel.org/pub/scm/linux/kernel/git/davem/net: (21 commits)
        gre: do not keep the GRE header around in collect medata mode
        openvswitch: Fix cached ct with helper.
        net sched: ife action fix late binding
        net sched: skbedit action fix late binding
        net sched: simple action fix late binding
        net sched: mirred action fix late binding
        net sched: ipt action fix late binding
        net sched: vlan action fix late binding
        net: phylib: fix interrupts re-enablement in phy_start
        tcp: refresh skb timestamp at retransmit time
        net: nps_enet: bug fix - handle lost tx interrupts
        net: nps_enet: Tx handler synchronization
        export tc ife uapi header
        net: thunderx: avoid exposing kernel stack
        net: fix a kernel infoleak in x25 module
        ravb: Add missing free_irq() call to ravb_close()
        uapi glibc compat: fix compile errors when glibc net/if.h included before linux/if.h
        netfilter: nfnetlink_acct: validate NFACCT_QUOTA parameter
        iwlwifi: mvm: don't override the rate with the AMSDU len
        netfilter: IDLETIMER: fix race condition when destroy the target
        ...
      4d8bbbff
    • Jiri Benc's avatar
      gre: do not keep the GRE header around in collect medata mode · e271c7b4
      Jiri Benc authored
      For ipgre interface in collect metadata mode, it doesn't make sense for the
      interface to be of ARPHRD_IPGRE type. The outer header of received packets
      is not needed, as all the information from it is present in metadata_dst. We
      already don't set ipgre_header_ops for collect metadata interfaces, which is
      the only consumer of mac_header pointing to the outer IP header.
      
      Just set the interface type to ARPHRD_NONE in collect metadata mode for
      ipgre (not gretap, that still correctly stays ARPHRD_ETHER) and reset
      mac_header.
      
      Fixes: a64b04d8 ("gre: do not assign header_ops in collect metadata mode")
      Fixes: 2e15ea39 ("ip_gre: Add support to collect tunnel metadata.")
      Signed-off-by: default avatarJiri Benc <jbenc@redhat.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      e271c7b4
    • Joe Stringer's avatar
      openvswitch: Fix cached ct with helper. · 16ec3d4f
      Joe Stringer authored
      When using conntrack helpers from OVS, a common configuration is to
      perform a lookup without specifying a helper, then go through a
      firewalling policy, only to decide to attach a helper afterwards.
      
      In this case, the initial lookup will cause a ct entry to be attached to
      the skb, then the later commit with helper should attach the helper and
      confirm the connection. However, the helper attachment has been missing.
      If the user has enabled automatic helper attachment, then this issue
      will be masked as it will be applied in init_conntrack(). It is also
      masked if the action is executed from ovs_packet_cmd_execute() as that
      will construct a fresh skb.
      
      This patch fixes the issue by making an explicit call to try to assign
      the helper if there is a discrepancy between the action's helper and the
      current skb->nfct.
      
      Fixes: cae3a262 ("openvswitch: Allow attaching helpers to ct action")
      Signed-off-by: default avatarJoe Stringer <joe@ovn.org>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      16ec3d4f
    • Mathias Krause's avatar
      x86/extable: ensure entries are swapped completely when sorting · 50c73890
      Mathias Krause authored
      The x86 exception table sorting was changed in commit 29934b0f
      ("x86/extable: use generic search and sort routines") to use the arch
      independent code in lib/extable.c.  However, the patch was mangled
      somehow on its way into the kernel from the last version posted at [1].
      The committed version kind of attempted to incorporate the changes of
      commit 548acf19 ("x86/mm: Expand the exception table logic to allow
      new handling options") as in _completely_ _ignoring_ the x86 specific
      'handler' member of struct exception_table_entry.  This effectively
      broke the sorting as entries will only partly be swapped now.
      
      Fortunately, the x86 Kconfig selects BUILDTIME_EXTABLE_SORT, so the
      exception table doesn't need to be sorted at runtime. However, in case
      that ever changes, we better not break the exception table sorting just
      because of that.
      
      [ Ard Biesheuvel points out that BUILDTIME_EXTABLE_SORT applies to the
        core image only, but we still rely on the sorting routines for modules
        in that case - Linus ]
      
      Fix this by providing a swap_ex_entry_fixup() macro that takes care of
      the 'handler' member.
      
      [1] https://lkml.org/lkml/2016/1/27/232Signed-off-by: default avatarMathias Krause <minipli@googlemail.com>
      Fixes: 29934b0f ("x86/extable: use generic search and sort routines")
      Reviewed-by: default avatarArd Biesheuvel <ard.biesheuvel@linaro.org>
      Cc: Andrew Morton <akpm@linux-foundation.org>
      Cc: Andy Lutomirski <luto@kernel.org>
      Cc: Borislav Petkov <bp@suse.de>
      Cc: H. Peter Anvin <hpa@linux.intel.com>
      Cc: Ingo Molnar <mingo@kernel.org>
      Cc: Thomas Gleixner <tglx@linutronix.de>
      Cc: Tony Luck <tony.luck@intel.com>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      50c73890
    • Linus Torvalds's avatar
      Merge tag 'spi-fix-v4.6-rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/broonie/spi · e0d09e32
      Linus Torvalds authored
      Pull spi fixes from Mark Brown:
       "A bunch of small driver specific fixes that have come up, none of them
        remarkable in themselves.  One fixes a regression introduced in the
        merge window and another two are targetted at stable"
      
      * tag 'spi-fix-v4.6-rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/broonie/spi:
        spi: pxa2xx: Do not detect number of enabled chip selects on Intel SPT
        spi: spi-ti-qspi: Handle truncated frames properly
        spi: spi-ti-qspi: Fix FLEN and WLEN settings if bits_per_word is overridden
        spi: omap2-mcspi: Undo broken fix for dma transfer of vmalloced buffer
        spi: spi-fsl-dspi: Fix cs_change handling in message transfer
      e0d09e32
    • Linus Torvalds's avatar
      Merge tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm · d32917ee
      Linus Torvalds authored
      Pull KVM fixes from Paolo Bonzini:
       "Two small x86 patches, improving "make kvmconfig" and fixing an
        objtool warning for CONFIG_PROFILE_ALL_BRANCHES"
      
      * tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm:
        kvmconfig: add more virtio drivers
        x86/kvm: Add stack frame dependency to fastop() inline asm
      d32917ee
    • David S. Miller's avatar
      Merge branch 'net-sched-fixes' · 6e14313f
      David S. Miller authored
      Jamal Hadi Salim says:
      
      ====================
      Some actions were broken in allowing for late binding of actions.
      Late binding workflow is as follows:
      a) create an action and provide all necessary parameters for it
      Optionally provide an index or let the kernel give you one.
      Example:
      sudo tc actions add action police rate 1kbit burst 90k drop index 1
      
      b) later on bind to the pre-created action from a filter definition
      by merely specifying the index.
      Example:
      sudo tc filter add dev lo parent ffff: protocol ip prio 8 \
      u32 match ip src 127.0.0.8/32 flowid 1:8 action police index 1
      ====================
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      6e14313f
    • Jamal Hadi Salim's avatar
      net sched: ife action fix late binding · 4e8c8615
      Jamal Hadi Salim authored
      The process below was broken and is fixed with this patch.
      
      //add an ife action and give it an instance id of 1
      sudo tc actions add action ife encode \
      type 0xDEAD allow mark dst 02:15:15:15:15:15 index 1
      
      //create a filter which binds to ife action id 1
      sudo tc filter add dev $DEV parent ffff: protocol ip prio 1 u32\
      match ip dst 17.0.0.1/32 flowid 1:11 action ife index 1
      
      Message before fix was:
      RTNETLINK answers: Invalid argument
      We have an error talking to the kernel
      Signed-off-by: default avatarJamal Hadi Salim <jhs@mojatatu.com>
      Reviewed-by: default avatarCong Wang <xiyou.wangcong@gmail.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      4e8c8615
    • Jamal Hadi Salim's avatar
      net sched: skbedit action fix late binding · 5e1567ae
      Jamal Hadi Salim authored
      The process below was broken and is fixed with this patch.
      
      //add a skbedit action and give it an instance id of 1
      sudo tc actions add action skbedit mark 10 index 1
      //create a filter which binds to skbedit action id 1
      sudo tc filter add dev $DEV parent ffff: protocol ip prio 1 u32\
      match ip dst 17.0.0.1/32 flowid 1:10 action skbedit index 1
      
      Message before fix was:
      RTNETLINK answers: Invalid argument
      We have an error talking to the kernel
      Signed-off-by: default avatarJamal Hadi Salim <jhs@mojatatu.com>
      Reviewed-by: default avatarCong Wang <xiyou.wangcong@gmail.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      5e1567ae
    • Jamal Hadi Salim's avatar
      net sched: simple action fix late binding · 0e5538ab
      Jamal Hadi Salim authored
      The process below was broken and is fixed with this patch.
      
      //add a simple action and give it an instance id of 1
      sudo tc actions add action simple sdata "foobar" index 1
      //create a filter which binds to simple action id 1
      sudo tc filter add dev $DEV parent ffff: protocol ip prio 1 u32\
      match ip dst 17.0.0.1/32 flowid 1:10 action simple index 1
      
      Message before fix was:
      RTNETLINK answers: Invalid argument
      We have an error talking to the kernel
      Signed-off-by: default avatarJamal Hadi Salim <jhs@mojatatu.com>
      Reviewed-by: default avatarCong Wang <xiyou.wangcong@gmail.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      0e5538ab
    • Jamal Hadi Salim's avatar
      net sched: mirred action fix late binding · 87dfbdc6
      Jamal Hadi Salim authored
      The process below was broken and is fixed with this patch.
      
      //add an mirred action and give it an instance id of 1
      sudo tc actions add action mirred egress mirror dev $MDEV  index 1
      //create a filter which binds to mirred action id 1
      sudo tc filter add dev $DEV parent ffff: protocol ip prio 1 u32\
      match ip dst 17.0.0.1/32 flowid 1:10 action mirred index 1
      
      Message before bug fix was:
      RTNETLINK answers: Invalid argument
      We have an error talking to the kernel
      Signed-off-by: default avatarJamal Hadi Salim <jhs@mojatatu.com>
      Reviewed-by: default avatarCong Wang <xiyou.wangcong@gmail.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      87dfbdc6
    • Jamal Hadi Salim's avatar
      net sched: ipt action fix late binding · a57f19d3
      Jamal Hadi Salim authored
      This was broken and is fixed with this patch.
      
      //add an ipt action and give it an instance id of 1
      sudo tc actions add action ipt -j mark --set-mark 2 index 1
      //create a filter which binds to ipt action id 1
      sudo tc filter add dev $DEV parent ffff: protocol ip prio 1 u32\
      match ip dst 17.0.0.1/32 flowid 1:10 action ipt index 1
      
      Message before bug fix was:
      RTNETLINK answers: Invalid argument
      We have an error talking to the kernel
      Signed-off-by: default avatarJamal Hadi Salim <jhs@mojatatu.com>
      Reviewed-by: default avatarCong Wang <xiyou.wangcong@gmail.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      a57f19d3
    • Jamal Hadi Salim's avatar
      net sched: vlan action fix late binding · 5026c9b1
      Jamal Hadi Salim authored
      Late vlan action binding was broken and is fixed with this patch.
      
      //add a vlan action to pop and give it an instance id of 1
      sudo tc actions add action vlan pop index 1
      //create filter which binds to vlan action id 1
      sudo tc filter add dev $DEV parent ffff: protocol ip prio 1 u32 \
      match ip dst 17.0.0.1/32 flowid 1:1 action vlan index 1
      
      current message(before bug fix) was:
      RTNETLINK answers: Invalid argument
      We have an error talking to the kernel
      Signed-off-by: default avatarJamal Hadi Salim <jhs@mojatatu.com>
      Reviewed-by: default avatarCong Wang <xiyou.wangcong@gmail.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      5026c9b1
  6. 10 May, 2016 21 commits