Commit Graph

997383 Commits

Author SHA1 Message Date
Heiner Kallweit
f658b90977 r8169: fix DMA being used after buffer free if WoL is enabled
IOMMU errors have been reported if WoL is enabled and interface is
brought down. It turned out that the network chip triggers DMA
transfers after the DMA buffers have been freed. For WoL to work we
need to leave rx enabled, therefore simply stop the chip from being
a DMA busmaster.

Fixes: 567ca57faa ("r8169: add rtl8169_up")
Tested-by: Paul Blazejowski <paulb@blazebox.homeip.net>
Signed-off-by: Heiner Kallweit <hkallweit1@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2021-03-20 19:01:41 -07:00
David S. Miller
49371a8a66 linux-can-fixes-for-5.12-20210320
-----BEGIN PGP SIGNATURE-----
 
 iQFHBAABCgAxFiEEK3kIWJt9yTYMP3ehqclaivrt76kFAmBWTS8THG1rbEBwZW5n
 dXRyb25peC5kZQAKCRCpyVqK+u3vqbuDB/0ZGZMjbNdB4CLkEdiCSSBjdJTONqSt
 1SfxaFZUggWv0CTKY+L8VVIzUqeSIV4VEIU347zTwAAqZNpoZ90c6gcrzYGPN1YW
 yHwvlOESLno51bNxNgkSQRkR5mCBTP+uYsejBTpisgG9kRNpZ8D6iNMeS7Iczm4L
 93b/qhDQCPn4OUetq9ozutY0FRpOirrIntwikyrVix/Ih+A3t1lV6gA79557IU0u
 uGSuIuHzyhk5X7KVBQbaJu4S6pU8VIKWdJJNQd8iZwX3/6awMCoAigpy+i7HM129
 Ha5+wN4TbdPnpeM+qVoVRniursBKXQL6E2baMH7AZCVRm4cf8DP7rd/r
 =S4/o
 -----END PGP SIGNATURE-----

Merge tag 'linux-can-fixes-for-5.12-20210320' of git://git.kernel.org/pub/scm/linux/kernel/git/mkl/linux-can

Marc Kleine-Budde says:

====================
pull-request: can 2021-03-20

this is a pull request of 2 patches for net/master.

The first patch is by Oliver Hartkopp. He fixes the TX-path in the
ISO-TP protocol by properly initializing the outgoing CAN frames.

The second patch is by me and reverts a patch from my previous pull
request which added MODULE_SUPPORTED_DEVICE to the peak_usb driver. In
the mean time in Linus's tree the entirely MODULE_SUPPORTED_DEVICE was
removed. So this reverts the adding of the new MODULE_SUPPORTED_DEVICE
to avoid the merge conflict.

If you prefer to resolve the merge conflict by hand, I'll send a new
pull request without that patch.
====================

Signed-off-by: David S. Miller <davem@davemloft.net>
2021-03-20 18:58:56 -07:00
David S. Miller
a05b0c8c82 Merge branch 'pa-fox-validation'
Alex Elder says:

====================
ipa: fix validation

There is sanity checking code in the IPA driver that's meant to be
enabled only during development.  This allows the driver to make
certain assumptions, but not have to verify those assumptions are
true at (operational) runtime.  This code is built conditional on
IPA_VALIDATION, set (if desired) inside the IPA makefile.

Unfortunately, this validation code has some errors.  First, there
are some mismatched arguments supplied to some dev_err() calls in
ipa_cmd_table_valid() and ipa_cmd_header_valid(), and these are
exposed if validation is enabled.  Second, the tag that enables
this conditional code isn't used consistently (it's IPA_VALIDATE
in some spots and IPA_VALIDATION in others).

This series fixes those two problems with the conditional validation
code.

Version 2 removes the two patches that introduced ipa_assert().  It
also modifies the description in the first patch so that it mentions
the changes made to ipa_cmd_table_valid().
====================

Signed-off-by: David S. Miller <davem@davemloft.net>
2021-03-20 18:53:41 -07:00
Alex Elder
b4afd4b90a net: ipa: fix init header command validation
We use ipa_cmd_header_valid() to ensure certain values we will
program into hardware are within range, well in advance of when we
actually program them.  This way we avoid having to check for errors
when we actually program the hardware.

Unfortunately the dev_err() call for a bad offset value does not
supply the arguments to match the format specifiers properly.
Fix this.

There was also supposed to be a check to ensure the size to be
programmed fits in the field that holds it.  Add this missing check.

Rearrange the way we ensure the header table fits in overall IPA
memory range.

Finally, update ipa_cmd_table_valid() so the format of messages
printed for errors matches what's done in ipa_cmd_header_valid().

Signed-off-by: Alex Elder <elder@linaro.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2021-03-20 18:53:41 -07:00
Thomas Gleixner
81e2073c17 genirq: Disable interrupts for force threaded handlers
With interrupt force threading all device interrupt handlers are invoked
from kernel threads. Contrary to hard interrupt context the invocation only
disables bottom halfs, but not interrupts. This was an oversight back then
because any code like this will have an issue:

thread(irq_A)
  irq_handler(A)
    spin_lock(&foo->lock);

interrupt(irq_B)
  irq_handler(B)
    spin_lock(&foo->lock);

This has been triggered with networking (NAPI vs. hrtimers) and console
drivers where printk() happens from an interrupt which interrupted the
force threaded handler.

Now people noticed and started to change the spin_lock() in the handler to
spin_lock_irqsave() which affects performance or add IRQF_NOTHREAD to the
interrupt request which in turn breaks RT.

Fix the root cause and not the symptom and disable interrupts before
invoking the force threaded handler which preserves the regular semantics
and the usefulness of the interrupt force threading as a general debugging
tool.

For not RT this is not changing much, except that during the execution of
the threaded handler interrupts are delayed until the handler
returns. Vs. scheduling and softirq processing there is no difference.

For RT kernels there is no issue.

Fixes: 8d32a307e4 ("genirq: Provide forced interrupt threading")
Reported-by: Johan Hovold <johan@kernel.org>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Reviewed-by: Johan Hovold <johan@kernel.org>
Acked-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de>
Link: https://lore.kernel.org/r/20210317143859.513307808@linutronix.de
2021-03-21 00:17:52 +01:00
David S. Miller
e56c53d194 Merge git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf
Alexei Starovoitov says:

====================
pull-request: bpf 2021-03-20

The following pull-request contains BPF updates for your *net* tree.

We've added 5 non-merge commits during the last 3 day(s) which contain
a total of 8 files changed, 155 insertions(+), 12 deletions(-).

The main changes are:

1) Use correct nops in fexit trampoline, from Stanislav.

2) Fix BTF dump, from Jean-Philippe.

3) Fix umd memory leak, from Zqiang.
====================

Signed-off-by: David S. Miller <davem@davemloft.net>
2021-03-20 15:18:06 -07:00
Marc Kleine-Budde
5d7047ed6b can: peak_usb: Revert "can: peak_usb: add forgotten supported devices"
In commit 6417f03132 ("module: remove never implemented
MODULE_SUPPORTED_DEVICE") the MODULE_SUPPORTED_DEVICE macro was
removed from the kerne entirely. Shortly before this patch was applied
mainline the commit 59ec7b89ed ("can: peak_usb: add forgotten
supported devices") was added to net/master. As this would result in a
merge conflict, let's revert this patch.

Fixes: 59ec7b89ed ("can: peak_usb: add forgotten supported devices")
Link: https://lore.kernel.org/r/20210320192649.341832-1-mkl@pengutronix.de
Suggested-by: Leon Romanovsky <leon@kernel.org>
Cc: Stephane Grosjean <s.grosjean@peak-system.com>
Signed-off-by: Marc Kleine-Budde <mkl@pengutronix.de>
2021-03-20 20:28:45 +01:00
Oliver Hartkopp
b5f020f82a can: isotp: tx-path: zero initialize outgoing CAN frames
Commit d4eb538e1f ("can: isotp: TX-path: ensure that CAN frame flags are
initialized") ensured the TX flags to be properly set for outgoing CAN
frames.

In fact the root cause of the issue results from a missing initialization
of outgoing CAN frames created by isotp. This is no problem on the CAN bus
as the CAN driver only picks the correctly defined content from the struct
can(fd)_frame. But when the outgoing frames are monitored (e.g. with
candump) we potentially leak some bytes in the unused content of
struct can(fd)_frame.

Fixes: e057dd3fc2 ("can: add ISO 15765-2:2016 transport protocol")
Cc: Marc Kleine-Budde <mkl@pengutronix.de>
Link: https://lore.kernel.org/r/20210319100619.10858-1-socketcan@hartkopp.net
Signed-off-by: Oliver Hartkopp <socketcan@hartkopp.net>
Signed-off-by: Marc Kleine-Budde <mkl@pengutronix.de>
2021-03-20 20:21:35 +01:00
Linus Torvalds
812da4d394 RISC-V Fixes for 5.12-rc4
I have handful of fixes for 5.12:
 
 * A fix to the SBI remote fence numbers for hypervisor fences, which had
   been transcribed in the wrong order in Linux.  These fences are only
   used with the KVM patches applied.
 * A whole host of build warnings have been fixed, these should have no
   functional change.
 * A fix to init_resources() that prevents an off-by-one error from
   causing an out-of-bounds array reference.  This is manifesting during
   boot on vexriscv.
 * A fix to ensure the KASAN mappings are visible before proceeding to
   use them.
 -----BEGIN PGP SIGNATURE-----
 
 iQJHBAABCgAxFiEEKzw3R0RoQ7JKlDp6LhMZ81+7GIkFAmBVgV4THHBhbG1lckBk
 YWJiZWx0LmNvbQAKCRAuExnzX7sYiTOWD/4l+uRCwTelZqm/G0yKSSAevAv5Crsc
 Nzsa1uq7dOC+JLZ5y96SUng825WdGX+HiIf7QyUFPzpnqyYc4+ROwNb80ObPWQZU
 dctatP2g9Jk2ImmJbGQVeDXKAiqrMM3hf1bOF3N3VV9DpqID0z/S8l8H9mz7x9yl
 opd6kXxCPFKLgmAbMxcsytUduxZrJEcCpy3jPpIvjJ3BrzaGZlgjytqc2tYvbv/L
 9i//evmGTCNXfQPrWEcMpBPbMf+aSzb/9Im8THB42jpJVQ7kx3txVg6d+wb73oGf
 XHkm5mwrESAcnVGfxY5xRaaSK/L2k5Lg98J1K/BIHIKskjCTg5FdyrgeGwdtLg6T
 FuXEvK29FJgfMb7k2Mf25l/Lglzi4q4LxBO4wcAUb1OpaVeK2kgYJr1eniSKrE/v
 NF5/bD9h7sD1qbZLfk+lsTggBGfMBmthwp59jNb7V4cLkIFXwopgx2h/73jm6kn8
 8fMCTlwOoktewbv0DdWCy0Sfaa0iCXMSJy+Y13GWlcEMvQn1VLtX7RbQzZq9X+tV
 C/qkp1SdXfPG3vJbkNnZh/eS12F6vDauYJ814s3VAeJKOoMJWABB6Jm2SoBwFM6v
 kpIRNzDyJ1oKhF4PxIrmGkv6PvRM/j5akspOwy/zdHB3FBVCGmyuoB9GE8Bg1Rw7
 xyfdZthPDdvGyQ==
 =XhDE
 -----END PGP SIGNATURE-----

Merge tag 'riscv-for-linus-5.12-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/riscv/linux

Pull RISC-V fixes from Palmer Dabbelt:
 "A handful of fixes for 5.12:

   - fix the SBI remote fence numbers for hypervisor fences, which had
     been transcribed in the wrong order in Linux. These fences are only
     used with the KVM patches applied.

   - fix a whole host of build warnings, these should have no functional
     change.

   - fix init_resources() to prevent an off-by-one error from causing an
     out-of-bounds array reference. This was manifesting during boot on
     vexriscv.

   - ensure the KASAN mappings are visible before proceeding to use
     them"

* tag 'riscv-for-linus-5.12-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/riscv/linux:
  riscv: Correct SPARSEMEM configuration
  RISC-V: kasan: Declare kasan_shallow_populate() static
  riscv: Ensure page table writes are flushed when initializing KASAN vmalloc
  RISC-V: Fix out-of-bounds accesses in init_resources()
  riscv: Fix compilation error with Canaan SoC
  ftrace: Fix spelling mistake "disabed" -> "disabled"
  riscv: fix bugon.cocci warnings
  riscv: process: Fix no prototype for arch_dup_task_struct
  riscv: ftrace: Use ftrace_get_regs helper
  riscv: process: Fix no prototype for show_regs
  riscv: syscall_table: Reduce W=1 compilation warnings noise
  riscv: time: Fix no prototype for time_init
  riscv: ptrace: Fix no prototype warnings
  riscv: sbi: Fix comment of __sbi_set_timer_v01
  riscv: irq: Fix no prototype warning
  riscv: traps: Fix no prototype warnings
  RISC-V: correct enum sbi_ext_rfence_fid
2021-03-20 11:01:54 -07:00
Linus Torvalds
bfdc4aa9e9 5 cifs/smb3 fixes, 3 for stable, including an important ACL fix and security signature fix
-----BEGIN PGP SIGNATURE-----
 
 iQGzBAABCgAdFiEE6fsu8pdIjtWE/DpLiiy9cAdyT1EFAmBWHtgACgkQiiy9cAdy
 T1HRZAv/Z3bxnkLLU/mIHHpaa7VpeB1gsF2dzWy1laF6NQ4hnlPKnTG4didlBvxz
 E/ekEsxiDx/OYik0/RJnI1VJf/7EJ9VdfNeQmRZHeGMAjLLAxKQeXpIek/XidVfT
 QQUjneJQBDglzlV/flzxqMAqq+v9fhlRzEq10YuGgMvRSlCXHn8O9lrHEYSQxXFf
 AehAoaDqRPht+PkDAcAjC90m1rE8zYaxIgwWeeXcKqVuXyxCf+1bWZJuLfNOJ3qY
 OXSK4YiAWWcW4MhhmLAGnDOqJZ9mGdAw5YPiIv60t9SF5bpvEmmuNv6ApeljzmAd
 Z2G7Ygr2vXyI+btB6om9gtBfG+1c0jqb8JzK/pGN7w7srIyFtHuUp3OX4Alp59y/
 2kAcW9cV1NYlKvP+0QAnZNqk7J90LmIAo5Dft9fb9PTc5CCmU9R2T6AuYQ+WTV/3
 vkUd5gAJDUCarhn+uWQdmJvNuoS7eueht6F/dX+8pZ9t2gGzGerGY5O2+82ByPBn
 BanDlHwh
 =h/5R
 -----END PGP SIGNATURE-----

Merge tag '5.12-rc3-smb3' of git://git.samba.org/sfrench/cifs-2.6

Pull cifs fixes from Steve French:
 "Five cifs/smb3 fixes - three for stable, including an important ACL
  fix and security signature fix"

* tag '5.12-rc3-smb3' of git://git.samba.org/sfrench/cifs-2.6:
  cifs: fix allocation size on newly created files
  cifs: warn and fail if trying to use rootfs without the config option
  fs/cifs/: fix misspellings using codespell tool
  cifs: Fix preauth hash corruption
  cifs: update new ACE pointer after populate_new_aces.
2021-03-20 11:00:25 -07:00
Linus Torvalds
af97713dff SCSI fixes on 20210320
Eight fixes, all in drivers, all fairly minor either being fixes in
 error legs, memory leaks on teardown, context errors or semantic
 problems.
 
 Signed-off-by: James E.J. Bottomley <jejb@linux.ibm.com>
 -----BEGIN PGP SIGNATURE-----
 
 iJwEABMIAEQWIQTnYEDbdso9F2cI+arnQslM7pishQUCYFYmeiYcamFtZXMuYm90
 dG9tbGV5QGhhbnNlbnBhcnRuZXJzaGlwLmNvbQAKCRDnQslM7pishXQRAPwKUNlT
 7KbOMx5MqsBq+/0m7iVUHEDg0kNJwYslEL0jSQEAnauUYfDI34z6cPXx4L+hqOiM
 wP5dRGK4rs1u92AJmoY=
 =h42D
 -----END PGP SIGNATURE-----

Merge tag 'scsi-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi

Pull SCSI fixes from James Bottomley:
 "Eight fixes, all in drivers, all fairly minor either being fixes in
  error legs, memory leaks on teardown, context errors or semantic
  problems"

* tag 'scsi-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi:
  scsi: mpt3sas: Do not use GFP_KERNEL in atomic context
  scsi: ufs: ufs-mediatek: Correct operator & -> &&
  scsi: sd_zbc: Update write pointer offset cache
  scsi: lpfc: Fix some error codes in debugfs
  scsi: qla2xxx: Fix broken #endif placement
  scsi: st: Fix a use after free in st_open()
  scsi: myrs: Fix a double free in myrs_cleanup()
  scsi: ibmvfc: Free channel_setup_buf during device tear down
2021-03-20 10:57:10 -07:00
Stanislav Fomichev
b908297047 bpf: Use NOP_ATOMIC5 instead of emit_nops(&prog, 5) for BPF_TRAMP_F_CALL_ORIG
__bpf_arch_text_poke does rewrite only for atomic nop5, emit_nops(xxx, 5)
emits non-atomic one which breaks fentry/fexit with k8 atomics:

P6_NOP5 == P6_NOP5_ATOMIC (0f1f440000 == 0f1f440000)
K8_NOP5 != K8_NOP5_ATOMIC (6666906690 != 6666666690)

Can be reproduced by doing "ideal_nops = k8_nops" in "arch_init_ideal_nops()
and running fexit_bpf2bpf selftest.

Fixes: e21aa34178 ("bpf: Fix fexit trampoline.")
Signed-off-by: Stanislav Fomichev <sdf@google.com>
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Link: https://lore.kernel.org/bpf/20210320000001.915366-1-sdf@google.com
2021-03-19 19:25:39 -07:00
Linus Torvalds
1c273e10bc zonefs fixes for 5.12-rc4
3 patches in this pull request:
 - A fix of inode write open reference count, from Chao
 - Fix wrong write offset for asynchronous O_APPEND writes, from me
 - Prevent use of sequential zone file as swap files, from me
 
 Signed-off-by: Damien Le Moal <damien.lemoal@wdc.com>
 -----BEGIN PGP SIGNATURE-----
 
 iHUEABYIAB0WIQSRPv8tYSvhwAzJdzjdoc3SxdoYdgUCYFVA3AAKCRDdoc3SxdoY
 drOqAQD9Yp7HAgAwHPKLY/q5RcsR/2+apnlYvm0mLRcmnXq13AEApOTFoJnKGzqE
 tM9PPsMF2zQXzbJa3hCy1cprB7uUlA0=
 =Gm6B
 -----END PGP SIGNATURE-----

Merge tag 'zonefs-5.12-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/dlemoal/zonefs

Pull zonefs fixes from Damien Le Moal:

 - fix inode write open reference count (Chao)

 - Fix wrong write offset for asynchronous O_APPEND writes (me)

 - Prevent use of sequential zone file as swap files (me)

* tag 'zonefs-5.12-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/dlemoal/zonefs:
  zonefs: fix to update .i_wr_refcnt correctly in zonefs_open_zone()
  zonefs: Fix O_APPEND async write handling
  zonefs: prevent use of seq files as swap file
2021-03-19 17:32:30 -07:00
Linus Torvalds
d626c692aa block-5.12-2021-03-19
-----BEGIN PGP SIGNATURE-----
 
 iQJEBAABCAAuFiEEwPw5LcreJtl1+l5K99NY+ylx4KYFAmBVI64QHGF4Ym9lQGtl
 cm5lbC5kawAKCRD301j7KXHgpsRdD/9DONnkH5KrrqE0vltBOcSefpuDsT0ET6Fl
 xEfmPw3ndW2WWG7U/Elb3dXiOGA2AslmDe2XaU+5gaodKn6u3XpRiCFSvwX0At8l
 Ple5wyvQg3z0XiecL+iKyUcrfqamcTy4Aa2lrN+ffvYo4fsY0a546hbTPkqhckcZ
 1Svuc+C+Gh+TuCUwINWT+A7n2ji5xUjsuX19vZ8iWhTECsWRwa64HGku5PHB+zF0
 z4eFPhOrKYxus/4ArH2/QnZXXb2K3jE1sULCoGC08DJBDnC7pRaxwaVvhZWNIxrT
 0evKZRHtzCmkmWqZPwIc82wcNGfJ0URPQ2817ZWLZY9fbk0rY2LBgo+iWsIi95iO
 g+OkETweJbBOOcibto337i+VaeYaQ6MFRvTA4IM46fhuHBAXFf+4qPl3SisnXDyx
 xT+cF7GPXG+qg9/FytmMC1Ngj+C1y15gF9tmpsTnol3mud354al99hs+WU934of9
 buYKPQ8DmdHTWNtOFv8/brHnaa0jPOQZxQEN+no+bHfZbGYjr8Oo+KUuxx/OY164
 ZNj3FGQU98MMky3nqJLgPr806G+wNdTVgtRpmlMnf0doQLPyoEaYJrNKy6Uz0BxV
 OEtJEWuEPlsgQpkk0Aqs2ZnzNtke/lUKhupV9oiqNapEaxHflnmnmZt0T/easbPu
 EWwYltg0Xw==
 =hP6T
 -----END PGP SIGNATURE-----

Merge tag 'block-5.12-2021-03-19' of git://git.kernel.dk/linux-block

Pull block fixes from Jens Axboe:
 "Just an NVMe pull request this week:

   - fix tag allocation for keep alive

   - fix a unit mismatch for the Write Zeroes limits

   - various TCP transport fixes (Sagi Grimberg, Elad Grupi)

   - fix iosqes and iocqes validation for discovery controllers (Sagi Grimberg)"

* tag 'block-5.12-2021-03-19' of git://git.kernel.dk/linux-block:
  nvmet-tcp: fix kmap leak when data digest in use
  nvmet: don't check iosqes,iocqes for discovery controllers
  nvme-rdma: fix possible hang when failing to set io queues
  nvme-tcp: fix possible hang when failing to set io queues
  nvme-tcp: fix misuse of __smp_processor_id with preemption enabled
  nvme-tcp: fix a NULL deref when receiving a 0-length r2t PDU
  nvme: fix Write Zeroes limitations
  nvme: allocate the keep alive request using BLK_MQ_REQ_NOWAIT
  nvme: merge nvme_keep_alive into nvme_keep_alive_work
  nvme-fabrics: only reserve a single tag
2021-03-19 17:07:10 -07:00
Linus Torvalds
0ada2dad8b io_uring-5.12-2021-03-19
-----BEGIN PGP SIGNATURE-----
 
 iQJEBAABCAAuFiEEwPw5LcreJtl1+l5K99NY+ylx4KYFAmBVI8cQHGF4Ym9lQGtl
 cm5lbC5kawAKCRD301j7KXHgpuFOD/494N0khk5EpLnoq0+/uyRpnqnTjL3n+iWc
 fviiodL2/eirKWML/WbNUaKOWMs76iBwRqvTFnmCuyVexM9iPq3BXHocNYESYFni
 0EfuL+jzs/LjQLVJgCxyYUyafDtCGZ5ct/3ilfGWSY13ngfYdUVT1p+u9NK94T63
 4SrT6KKqEnpStpA1kjCw+doL17Tx2jrcrnX8gztIm0IarTnJGusiNZboy1IBMcqf
 Lw7CEePn4b9/0wKJa8sDYIFtI8Rvj2Jk86c4DDpGgoPU6I9fGPnp3oMGrxlwectT
 uTguzTlKAvbSu6v+2jqHCcXpkOG3aQJJM+YaNZmWOKwkLdyzLLIDT7SPlNHlacDF
 yBj+Ou3FbKvVUrYldUHlQoLZIAgp7AQO1JBilijNNibXsH0M4Gaw3aGPFmhEFfeJ
 /y+DXEfi2TGC6Yo+Ogub9Rh3gd2kgATu9Qbbnxi5TmYFc6WASBHP3OQEMVpVkD6F
 IZxZDvIKMj3DoYX3Can0vlqiWhmL5o7gyaRTkmxc4A21CR+AHstupDNTHbR23IsY
 dVxWmfrU25VFcIUAUOUgzPayDRn5KevexXjpkC8MVPQUqe/8FgI18eigDWTwlkcG
 0AZUraswv8uT5b0oLj9cawtAU9Dlit7niI6r9I3dtoUAD3JY4+yDp7oZp2TTOV2z
 +rgS+5zjug==
 =aPxz
 -----END PGP SIGNATURE-----

Merge tag 'io_uring-5.12-2021-03-19' of git://git.kernel.dk/linux-block

Pull io_uring fixes from Jens Axboe:
 "Quieter week this time, which was both expected and desired. About
  half of the below is fixes for this release, the other half are just
  fixes in general. In detail:

   - Fix the freezing of IO threads, by making the freezer not send them
     fake signals. Make them freezable by default.

   - Like we did for personalities, move the buffer IDR to xarray. Kills
     some code and avoids a use-after-free on teardown.

   - SQPOLL cleanups and fixes (Pavel)

   - Fix linked timeout race (Pavel)

   - Fix potential completion post use-after-free (Pavel)

   - Cleanup and move internal structures outside of general kernel view
     (Stefan)

   - Use MSG_SIGNAL for send/recv from io_uring (Stefan)"

* tag 'io_uring-5.12-2021-03-19' of git://git.kernel.dk/linux-block:
  io_uring: don't leak creds on SQO attach error
  io_uring: use typesafe pointers in io_uring_task
  io_uring: remove structures from include/linux/io_uring.h
  io_uring: imply MSG_NOSIGNAL for send[msg]()/recv[msg]() calls
  io_uring: fix sqpoll cancellation via task_work
  io_uring: add generic callback_head helpers
  io_uring: fix concurrent parking
  io_uring: halt SQO submission on ctx exit
  io_uring: replace sqd rw_semaphore with mutex
  io_uring: fix complete_post use ctx after free
  io_uring: fix ->flags races by linked timeouts
  io_uring: convert io_buffer_idr to XArray
  io_uring: allow IO worker threads to be frozen
  kernel: freezer should treat PF_IO_WORKER like PF_KTHREAD for freezing
2021-03-19 17:01:09 -07:00
Johan Hovold
dd926880da x86/apic/of: Fix CPU devicetree-node lookups
Architectures that describe the CPU topology in devicetree and do not have
an identity mapping between physical and logical CPU ids must override the
default implementation of arch_match_cpu_phys_id().

Failing to do so breaks CPU devicetree-node lookups using of_get_cpu_node()
and of_cpu_device_node_get() which several drivers rely on. It also causes
the CPU struct devices exported through sysfs to point to the wrong
devicetree nodes.

On x86, CPUs are described in devicetree using their APIC ids and those
do not generally coincide with the logical ids, even if CPU0 typically
uses APIC id 0.

Add the missing implementation of arch_match_cpu_phys_id() so that CPU-node
lookups work also with SMP.

Apart from fixing the broken sysfs devicetree-node links this likely does
not affect current users of mainline kernels on x86.

Fixes: 4e07db9c8d ("x86/devicetree: Use CPU description from Device Tree")
Signed-off-by: Johan Hovold <johan@kernel.org>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Link: https://lore.kernel.org/r/20210312092033.26317-1-johan@kernel.org
2021-03-19 23:01:49 +01:00
Zqiang
f60a85cad6 bpf: Fix umd memory leak in copy_process()
The syzbot reported a memleak as follows:

BUG: memory leak
unreferenced object 0xffff888101b41d00 (size 120):
  comm "kworker/u4:0", pid 8, jiffies 4294944270 (age 12.780s)
  backtrace:
    [<ffffffff8125dc56>] alloc_pid+0x66/0x560
    [<ffffffff81226405>] copy_process+0x1465/0x25e0
    [<ffffffff81227943>] kernel_clone+0xf3/0x670
    [<ffffffff812281a1>] kernel_thread+0x61/0x80
    [<ffffffff81253464>] call_usermodehelper_exec_work
    [<ffffffff81253464>] call_usermodehelper_exec_work+0xc4/0x120
    [<ffffffff812591c9>] process_one_work+0x2c9/0x600
    [<ffffffff81259ab9>] worker_thread+0x59/0x5d0
    [<ffffffff812611c8>] kthread+0x178/0x1b0
    [<ffffffff8100227f>] ret_from_fork+0x1f/0x30

unreferenced object 0xffff888110ef5c00 (size 232):
  comm "kworker/u4:0", pid 8414, jiffies 4294944270 (age 12.780s)
  backtrace:
    [<ffffffff8154a0cf>] kmem_cache_zalloc
    [<ffffffff8154a0cf>] __alloc_file+0x1f/0xf0
    [<ffffffff8154a809>] alloc_empty_file+0x69/0x120
    [<ffffffff8154a8f3>] alloc_file+0x33/0x1b0
    [<ffffffff8154ab22>] alloc_file_pseudo+0xb2/0x140
    [<ffffffff81559218>] create_pipe_files+0x138/0x2e0
    [<ffffffff8126c793>] umd_setup+0x33/0x220
    [<ffffffff81253574>] call_usermodehelper_exec_async+0xb4/0x1b0
    [<ffffffff8100227f>] ret_from_fork+0x1f/0x30

After the UMD process exits, the pipe_to_umh/pipe_from_umh and
tgid need to be released.

Fixes: d71fa5c976 ("bpf: Add kernel module with user mode driver that populates bpffs.")
Reported-by: syzbot+44908bb56d2bfe56b28e@syzkaller.appspotmail.com
Signed-off-by: Zqiang <qiang.zhang@windriver.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Link: https://lore.kernel.org/bpf/20210317030915.2865-1-qiang.zhang@windriver.com
2021-03-19 22:23:19 +01:00
Andrii Nakryiko
e75b513ec6 Merge branch 'libbpf: Fix BTF dump of pointer-to-array-of-struct'
Jean-Philippe Brucker says:

====================

Fix an issue with the libbpf BTF dump, see patch 1 for details.

Since [v1] I added the selftest in patch 2, though I couldn't figure out
a way to make it independent from the order in which debug info is
issued by the compiler.

[v1]: https://lore.kernel.org/bpf/20210318122700.396574-1-jean-philippe@linaro.org/
====================

Signed-off-by: Andrii Nakryiko <andrii@kernel.org>
2021-03-19 14:14:44 -07:00
Jean-Philippe Brucker
f118aac651 selftests/bpf: Add selftest for pointer-to-array-of-struct BTF dump
Bpftool used to issue forward declarations for a struct used as part of
a pointer to array, which is invalid. Add a test to check that the
struct is fully defined in this case:

	@@ -134,9 +134,9 @@
	 	};
	 };

	-struct struct_in_array {};
	+struct struct_in_array;

	-struct struct_in_array_typed {};
	+struct struct_in_array_typed;

	 typedef struct struct_in_array_typed struct_in_array_t[2];

	@@ -189,3 +189,7 @@
	 	struct struct_with_embedded_stuff _14;
	 };

	+struct struct_in_array {};
	+
	+struct struct_in_array_typed {};
	+
	...
	#13/1 btf_dump: syntax:FAIL

Suggested-by: Andrii Nakryiko <andrii.nakryiko@gmail.com>
Signed-off-by: Jean-Philippe Brucker <jean-philippe@linaro.org>
Signed-off-by: Andrii Nakryiko <andrii@kernel.org>
Link: https://lore.kernel.org/bpf/20210319112554.794552-3-jean-philippe@linaro.org
2021-03-19 14:14:44 -07:00
Jean-Philippe Brucker
901ee1d750 libbpf: Fix BTF dump of pointer-to-array-of-struct
The vmlinux.h generated from BTF is invalid when building
drivers/phy/ti/phy-gmii-sel.c with clang:

vmlinux.h:61702:27: error: array type has incomplete element type ‘struct reg_field’
61702 |  const struct reg_field (*regfields)[3];
      |                           ^~~~~~~~~

bpftool generates a forward declaration for this struct regfield, which
compilers aren't happy about. Here's a simplified reproducer:

	struct inner {
		int val;
	};
	struct outer {
		struct inner (*ptr_to_array)[2];
	} A;

After build with clang -> bpftool btf dump c -> clang/gcc:
./def-clang.h:11:23: error: array has incomplete element type 'struct inner'
        struct inner (*ptr_to_array)[2];

Member ptr_to_array of struct outer is a pointer to an array of struct
inner. In the DWARF generated by clang, struct outer appears before
struct inner, so when converting BTF of struct outer into C, bpftool
issues a forward declaration to struct inner. With GCC the DWARF info is
reversed so struct inner gets fully defined.

That forward declaration is not sufficient when compilers handle an
array of the struct, even when it's only used through a pointer. Note
that we can trigger the same issue with an intermediate typedef:

	struct inner {
	        int val;
	};
	typedef struct inner inner2_t[2];
	struct outer {
	        inner2_t *ptr_to_array;
	} A;

Becomes:

	struct inner;
	typedef struct inner inner2_t[2];

And causes:

./def-clang.h:10:30: error: array has incomplete element type 'struct inner'
	typedef struct inner inner2_t[2];

To fix this, clear through_ptr whenever we encounter an intermediate
array, to make the inner struct part of a strong link and force full
declaration.

Fixes: 351131b51c ("libbpf: add btf_dump API for BTF-to-C conversion")
Signed-off-by: Jean-Philippe Brucker <jean-philippe@linaro.org>
Signed-off-by: Andrii Nakryiko <andrii@kernel.org>
Link: https://lore.kernel.org/bpf/20210319112554.794552-2-jean-philippe@linaro.org
2021-03-19 14:14:44 -07:00
Linus Torvalds
ecd8ee7f9c x86:
* new selftests
 * fixes for migration with HyperV re-enlightenment enabled
 * fix RCU/SRCU usage
 * fixes for local_irq_restore misuse false positive
 -----BEGIN PGP SIGNATURE-----
 
 iQFIBAABCAAyFiEE8TM4V0tmI4mGbHaCv/vSX3jHroMFAmBUpO8UHHBib256aW5p
 QHJlZGhhdC5jb20ACgkQv/vSX3jHroPj6Af+LSkDniR08Eh/x4GHdX+ZSA9EhNuP
 PMqL+nDYvLXqc0XaErbZQpQbSP4aK7Tjly0LguZmNkBk17pnbjLb5Vv9hqJ30pM/
 pI8bGgdh+KDO9LClfrgsaYgC+B4R+fwqqTIvtBYMilVZ96JwixFiODB4ntRQmZgd
 xJS99jwjD8TO9pTYskKPf8y8yv5W9RH+wVQGXwc+T/sSzK/rcL4Jwt/ibO2FLcJK
 gBRXJDVjMIlpxPrqqoejVB2FHQQe36Bns85QU3dz0QuXfDuuEvbShY/f4R1z32fT
 RaccrvdMQtvgwS0l9Ij06PT0BdiG0EdZv/gOBUq5gVgx4XZyJTleJaVURw==
 =WZP4
 -----END PGP SIGNATURE-----

Merge tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm

Pull kvm fixes from Paolo Bonzini:
 "Fixes for kvm on x86:

   - new selftests

   - fixes for migration with HyperV re-enlightenment enabled

   - fix RCU/SRCU usage

   - fixes for local_irq_restore misuse false positive"

* tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm:
  documentation/kvm: additional explanations on KVM_SET_BOOT_CPU_ID
  x86/kvm: Fix broken irq restoration in kvm_wait
  KVM: X86: Fix missing local pCPU when executing wbinvd on all dirty pCPUs
  KVM: x86: Protect userspace MSR filter with SRCU, and set atomically-ish
  selftests: kvm: add set_boot_cpu_id test
  selftests: kvm: add _vm_ioctl
  selftests: kvm: add get_msr_index_features
  selftests: kvm: Add basic Hyper-V clocksources tests
  KVM: x86: hyper-v: Don't touch TSC page values when guest opted for re-enlightenment
  KVM: x86: hyper-v: Track Hyper-V TSC page status
  KVM: x86: hyper-v: Prevent using not-yet-updated TSC page by secondary CPUs
  KVM: x86: hyper-v: Limit guest to writing zero to HV_X64_MSR_TSC_EMULATION_STATUS
  KVM: x86/mmu: Store the address space ID in the TDP iterator
  KVM: x86/mmu: Factor out tdp_iter_return_to_root
  KVM: x86/mmu: Fix RCU usage when atomically zapping SPTEs
  KVM: x86/mmu: Fix RCU usage in handle_removed_tdp_mmu_page
2021-03-19 14:10:07 -07:00
Linus Torvalds
3149860dc7 gpio fixes for v5.12-rc4
- fix the return value in error path in gpiolib_dev_init()
 - fix the "gpio-line-names" property handling correctly this time
 -----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCAAdFiEEFp3rbAvDxGAT0sefEacuoBRx13IFAmBVBxoACgkQEacuoBRx
 13L6nQ//VQaD6WeOxuMBv9ASPJPg7766bUzSJjamE7XygTOer1aHK8SHEsltENbY
 n2DfNUEfwluCAS46+GxpaJiX5pl8k/GZSwtog7jOoCCFBRz8TxxVXqVLykad5NBy
 GhTBWBgSD/9Hkn0T7EljXaVM0gGUP+5pUCwNyR64vkZVGcm21f2MILi4tCvLGxrI
 WRlVxCLl1kgZta6WRnJ9bYTU3k+/tNW8FpQPFlABBKjIc+JhXejw7TWdAgQIRaiN
 ZK8P3FP3uI1IaNGb9oha6JJY/11VpbieWUF0qyN8mohsfz0p2IP6Bu97iv0tNwwM
 9AmAnDOg5QimjtxBkdsKklvvzIPVtyKox/fafIystqrIROxAB/AiUpnWPPefm7mj
 qORwvgAmIgQ2/Cnne/I9bP2hkBnERk/Yv/t9VXCbP4LcA2LRwQ3FspuGb4bsVydA
 H+xb7ouhj5Pw3BBpj9gV+coXYQEI+MzCntdvKvtVOsk3WjN49+taK3xhXlFeR4Au
 N/7+ZVjqOR9q1jJ64pfrE63pB6896UOGn0k5NSHlBrdGdfYZOq08oECQl8QwvQGX
 pLV+EhVtnDEnQ07nHYZ8N66KKCWYS9BORMnI1ciP8aXOdbxlO5tR9hKkptWFaocr
 nqJz5y7WqQAtxnegTEdD+DW0f9b0tFctKocesaBd8YKA4TtvoU8=
 =47ih
 -----END PGP SIGNATURE-----

Merge tag 'gpio-fixes-for-v5.12-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/brgl/linux

Pull gpio fixes from Bartosz Golaszewski:
 "Two fixes for the GPIO subsystem. Both address issues in the core GPIO
  code:

   - fix the return value in error path in gpiolib_dev_init()

   - fix the 'gpio-line-names' property handling correctly this time"

* tag 'gpio-fixes-for-v5.12-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/brgl/linux:
  gpiolib: Assign fwnode to parent's if no primary one provided
  gpiolib: Fix error return code in gpiolib_dev_init()
2021-03-19 14:07:19 -07:00
Hangbin Liu
5aa3c334a4 selftests: forwarding: vxlan_bridge_1d: Fix vxlan ecn decapsulate value
The ECN bit defines ECT(1) = 1, ECT(0) = 2. So inner 0x02 + outer 0x01
should be inner ECT(0) + outer ECT(1). Based on the description of
__INET_ECN_decapsulate, the final decapsulate value should be
ECT(1). So fix the test expect value to 0x01.

Before the fix:
TEST: VXLAN: ECN decap: 01/02->0x02                                 [FAIL]
        Expected to capture 10 packets, got 0.

After the fix:
TEST: VXLAN: ECN decap: 01/02->0x01                                 [ OK ]

Fixes: a0b61f3d8e ("selftests: forwarding: vxlan_bridge_1d: Add an ECN decap test")
Signed-off-by: Hangbin Liu <liuhangbin@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2021-03-19 13:54:28 -07:00
Mat Martineau
ef2ef02cd9 mptcp: Change mailing list address
The mailing list for MPTCP maintenance has moved to the
kernel.org-supported mptcp@lists.linux.dev address.

Complete, combined archives for both lists are now hosted at
https://lore.kernel.org/mptcp

Cc: Matthieu Baerts <matthieu.baerts@tessares.net>
Signed-off-by: Mat Martineau <mathew.j.martineau@linux.intel.com>
Acked-by: Matthieu Baerts <matthieu.baerts@tessares.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
2021-03-19 13:52:03 -07:00
David S. Miller
3c16e398ba Merge branch '1GbE' of git://git.kernel.org/pub/scm/linux/kernel/git/tnguy/net-queue
Tony Nguyen says:

====================
Intel Wired LAN Driver Updates 2021-03-19

This series contains updates to e1000e and igb drivers.

Tom Seewald fixes duplicate guard issues by including the driver name in
the guard for e1000e and igb.

Jesse adds checks that timestamping is on and valid to avoid possible
issues with a misinterpreted time stamp for igb.
====================

Signed-off-by: David S. Miller <davem@davemloft.net>
2021-03-19 13:49:25 -07:00
David Brazdil
1f935e8e72 selinux: vsock: Set SID for socket returned by accept()
For AF_VSOCK, accept() currently returns sockets that are unlabelled.
Other socket families derive the child's SID from the SID of the parent
and the SID of the incoming packet. This is typically done as the
connected socket is placed in the queue that accept() removes from.

Reuse the existing 'security_sk_clone' hook to copy the SID from the
parent (server) socket to the child. There is no packet SID in this
case.

Fixes: d021c34405 ("VSOCK: Introduce VM Sockets")
Signed-off-by: David Brazdil <dbrazdil@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2021-03-19 13:46:55 -07:00
Corentin Labbe
014dfa26ce net: stmmac: dwmac-sun8i: Provide TX and RX fifo sizes
MTU cannot be changed on dwmac-sun8i. (ip link set eth0 mtu xxx returning EINVAL)
This is due to tx_fifo_size being 0, since this value is used to compute valid
MTU range.
Like dwmac-sunxi (with commit 806fd188ce ("net: stmmac: dwmac-sunxi: Provide TX and RX fifo sizes"))
dwmac-sun8i need to have tx and rx fifo sizes set.
I have used values from datasheets.
After this patch, setting a non-default MTU (like 1000) value works and network is still useable.

Tested-on: sun8i-h3-orangepi-pc
Tested-on: sun8i-r40-bananapi-m2-ultra
Tested-on: sun50i-a64-bananapi-m64
Tested-on: sun50i-h5-nanopi-neo-plus2
Tested-on: sun50i-h6-pine-h64
Fixes: 9f93ac8d40 ("net-next: stmmac: Add dwmac-sun8i")
Reported-by: Belisko Marek <marek.belisko@gmail.com>
Signed-off-by: Corentin Labbe <clabbe@baylibre.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2021-03-19 13:44:06 -07:00
Hayes Wang
f91a50d8b5 r8152: limit the RX buffer size of RTL8153A for USB 2.0
If the USB host controller is EHCI, the throughput is reduced from
300Mb/s to 60Mb/s, when the rx buffer size is modified from 16K to
32K.

According to the EHCI spec, the maximum size of the qTD is 20K.
Therefore, when the driver uses more than 20K buffer, the latency
time of EHCI would be increased. And, it let the RTL8153A get worse
throughput.

However, the driver uses alloc_pages() for rx buffer, so I limit
the rx buffer to 16K rather than 20K.

BugLink: https://bugzilla.kernel.org/show_bug.cgi?id=205923
Fixes: ec5791c202 ("r8152: separate the rx buffer size")
Reported-by: Robert Davies <robdavies1977@gmail.com>
Signed-off-by: Hayes Wang <hayeswang@realtek.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2021-03-19 11:55:09 -07:00
Bhaskar Chowdhury
8a2dc6af67 sch_red: Fix a typo
s/recalcultion/recalculation/

Signed-off-by: Bhaskar Chowdhury <unixbhaskar@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2021-03-19 11:51:03 -07:00
Linus Torvalds
6bfea141b3 s390 updates for 5.12-rc4
- disable preemption when accessing local per-cpu variables in the new
   counter set driver
 
 - fix by a factor of four increased steal time due to missing
   cputime_to_nsecs() conversion
 
 - fix PCI device structure leak
 -----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCAAdFiEECMNfWEw3SLnmiLkZIg7DeRspbsIFAmBU69MACgkQIg7DeRsp
 bsLyGA/+LXcEa1+WnzbsYFxTdvA/mfpoEXVOCk8VmQPvNSkH6dG+aUvXE41EHsmD
 88yUUEl7ux1+D9YPn2hj2E+ThtYmf1Cv19IyA6wGUa1aemZ0fB3kkXP1MhmtJV2w
 yfo8dvtEaBUcdm/qgy7v/vXZHM7FVTCkxD7pgHG/5M52a2gW+8liteDBxz4Iwi12
 jOxRSRtzxjZNl5ZRwG7nityTpldlEEVwRm9s8y07PLyMADTt7vP35J5OFpUukWfm
 SapXUZ4k2YctzSUue0zT2SWdbSlyEloI8QlzmE2WvYpMLxC6OitMrEwXhggnOnPC
 SXZf8Q9LHGxD0To9yvwqoljKQpJx9jNGA/SL3Iqmf1f1Z25hzijVcPNvDrUkJIbG
 xwzKHrGXjamZH13Sos+yLsvZ5Q5RUg40wK6BPFKdlnaKwC2yRKaAoSliPlmZufJZ
 0c8saNoc8Z9+oQMVS/vg+9cDo/4LF/KF1OZJhkchnBBttNIKyZArkw/RYWVorpGX
 E7vAcgNOWATd5cD0M+0ysEqx285jqNt/hxitezgMlg0mEkebrC/MP/4qW7HfO2XH
 tkR1lE9lOmf5k//y+NRvcz9QTpxjPtC6cpTBi2UlgTnLJ6Ma5EIXKYKqebEkF7JN
 IwCIcRI+GqjeFO9P1psqhO8/DXIqWbGqhJ75hUXfnNVg77uqR5o=
 =F2B0
 -----END PGP SIGNATURE-----

Merge tag 's390-5.12-4' of git://git.kernel.org/pub/scm/linux/kernel/git/s390/linux

Pull s390 updates from Heiko Carstens:

 - disable preemption when accessing local per-cpu variables in the new
   counter set driver

 - fix by a factor of four increased steal time due to missing
   cputime_to_nsecs() conversion

 - fix PCI device structure leak

* tag 's390-5.12-4' of git://git.kernel.org/pub/scm/linux/kernel/git/s390/linux:
  s390/pci: fix leak of PCI device structure
  s390/vtime: fix increased steal time accounting
  s390/cpumf: disable preemption when accessing per-cpu variable
2021-03-19 11:39:28 -07:00
Xin Long
8ff0b1f08e sctp: move sk_route_caps check and set into sctp_outq_flush_transports
The sk's sk_route_caps is set in sctp_packet_config, and later it
only needs to change when traversing the transport_list in a loop,
as the dst might be changed in the tx path.

So move sk_route_caps check and set into sctp_outq_flush_transports
from sctp_packet_transmit. This also fixes a dst leak reported by
Chen Yi:

  https://bugzilla.kernel.org/show_bug.cgi?id=212227

As calling sk_setup_caps() in sctp_packet_transmit may also set the
sk_route_caps for the ctrl sock in a netns. When the netns is being
deleted, the ctrl sock's releasing is later than dst dev's deleting,
which will cause this dev's deleting to hang and dmesg error occurs:

  unregister_netdevice: waiting for xxx to become free. Usage count = 1

Reported-by: Chen Yi <yiche@redhat.com>
Fixes: bcd623d8e9 ("sctp: call sk_setup_caps in sctp_packet_transmit instead")
Signed-off-by: Xin Long <lucien.xin@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2021-03-19 11:34:49 -07:00
Linus Torvalds
278924cb99 Fix workqueue trace event unsafe string reference
After adding a verifier to test all strings printed in trace events
 to make sure they either point to a string on the ring buffer,
 or to read only core kernel memory, it triggered on a workqueue
 trace event. The trace event workqueue_queue_work references
 the allocated name of the workqueue in the output. If the workqueue
 is freed before the trace is read, then the trace will dereference
 freed memory. Update the trace event to use the __string(), __assign_str(),
 and __get_str() helpers to handle such cases.
 -----BEGIN PGP SIGNATURE-----
 
 iIoEABYIADIWIQRRSw7ePDh/lE+zeZMp5XQQmuv6qgUCYFSrChQccm9zdGVkdEBn
 b29kbWlzLm9yZwAKCRAp5XQQmuv6qnJpAP9XZR+/XryjQgTGmaXWeD3n2YdRmR5p
 Foz5nLhURN/+KAEA8fPqLXyBGowl87twYJIFzmYAd0OtLBD3MTrTMenvCQ4=
 =akct
 -----END PGP SIGNATURE-----

Merge tag 'trace-v5.12-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/rostedt/linux-trace

Pull workqueue tracing fix from Steven Rostedt:
 "Fix workqueue trace event unsafe string reference

  After adding a verifier to test all strings printed in trace events to
  make sure they either point to a string on the ring buffer, or to read
  only core kernel memory, it triggered on a workqueue trace event. The
  trace event workqueue_queue_work references the allocated name of the
  workqueue in the output. If the workqueue is freed before the trace is
  read, then the trace will dereference freed memory.

  Update the trace event to use the __string(), __assign_str(), and
  __get_str() helpers to handle such cases"

* tag 'trace-v5.12-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/rostedt/linux-trace:
  workqueue/tracing: Copy workqueue name to buffer in trace event
2021-03-19 10:06:30 -07:00
Linus Torvalds
ec85720933 Power management fixes for 5.12-rc4
- Revert ACPI PM commit that attempted to improve reboot handling
    on some systems, but it caused other systems to panic() during
    reboot (Josef Bacik).
 
  - Revert PM-runtime commit that attempted to improve the handling
    of suppliers during PM-runtime suspend of a consumer device, but
    it introduced a race condition potentially leading to unexpected
    behavior (Rafael Wysocki).
 -----BEGIN PGP SIGNATURE-----
 
 iQJGBAABCAAwFiEE4fcc61cGeeHD/fCwgsRv/nhiVHEFAmBUx4YSHHJqd0Byand5
 c29ja2kubmV0AAoJEILEb/54YlRxzX4P/2DEYb3+rwy6xEwjdagbDOvlNgnqmMux
 1bWZs+E+WEDEsEQrPgm0LwzR/KReXRYZ2oJUlXv6TnqCqT5QSQZcXtrooxrQo9KK
 0ASaYhHeAwUaw8Sdsle7xR16dLBDimZ8S99l8Cb+qpjlkPSiwRkbxpAPGkWgGJOA
 YV5AgKZOgf5iUQcSj/z3MEELdzINokj8angj19WMLc0i96LDy8WmkZ4KnYYvwQrn
 wo4h/EZbaWQa2/1kfEbF67hoI0rEdDPmteGoFjwtgeHMLwLVrRxseMlD42AQG5YT
 AJ0ATXC2W1/hPLgHsDLUm1eMxGqq6uNjv5xV08K/32wwBWR2oygbYy9X1KRuJ/Ca
 tNMpI5g2Qi8kEBApD22qesJbv36i8YgKg77e1ge6tvQjGpEYKmICZl3YuvJ6K4Hz
 f2O0TCelhPPsLGfCUw9OuOnlZQ1l8n9xPmErDEkdC8v+NLEoWH9MNaIKRKULmM04
 qm25/q0YKlkZt2VutgtMl0Lq+1lfM00jX0JF5Lo6MiE1Ih65hBYaQJKf8Wmb3adG
 iUgDrhtejgJ1/tiVs8DlFYk5kRresWCiJEZ4P2611oKK1cqiKdRj18wFdldLsxxn
 ZDteGkObf6s2qLvHx37koYfxcKlW7uLfDbOq8SNeizdQC5fR+LnGCVRnE9ZoGM4a
 koggpjlTN10X
 =RB5l
 -----END PGP SIGNATURE-----

Merge tag 'pm-5.12-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm

Pull power management fixes from Rafael Wysocki:
 "Revert two problematic commits.

  Specifics:

   - Revert ACPI PM commit that attempted to improve reboot handling on
     some systems, but it caused other systems to panic() during reboot
     (Josef Bacik)

   - Revert PM-runtime commit that attempted to improve the handling of
     suppliers during PM-runtime suspend of a consumer device, but it
     introduced a race condition potentially leading to unexpected
     behavior (Rafael Wysocki)"

* tag 'pm-5.12-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm:
  Revert "PM: runtime: Update device status before letting suppliers suspend"
  Revert "PM: ACPI: reboot: Use S5 for reboot"
2021-03-19 10:00:10 -07:00
Linus Torvalds
65a1037471 IOMMU Fixes for Linux v5.12-rc3
Including:
 
 	- Three AMD IOMMU patches to fix a boot crash on AMD Stoney
 	  systems and every other AMD IOMMU system booted with
 	  'amd_iommu=off'. This is a v5.11 regression.
 
 	- A Fix for the Tegra IOMMU driver to make sure it detects all
 	  IOMMUs
 -----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCAAdFiEEr9jSbILcajRFYWYyK/BELZcBGuMFAmBUhvoACgkQK/BELZcB
 GuMsWg//ZKqUb2tzOHnlrHk9kUqOZ9tm0e+PQuG3G22VvB7RKR1jhkodVDpAlJwA
 k57S7ij/5r6xTyhpyKvHr2KC0Ms/TEhPflB8Tf0xiG3rKnks0vLETWSBnhgZFblo
 g0hJ/ZeuBElgcy/SJSz1p44+HHBmDEDpFGuv8QuY1fy2vg3MoVvxoYnM1SSToF3m
 xtR2zZ1QE1eRfkq9MNnB1HdYA8PwF4E0ISY5eYFTyX+x56TYSqFkqLcWPX0qqUX1
 AwjPRWjKzw8hOFOecwMdSq3IfT7aupio7QISZ8WfoDz9CPKg2RCpRaovSeyVgPCN
 Gm0uRXoQkjcZCgiIB0wwBsFQKuR6tkhltmqD8qIj2xopa2/uqF0DZ759o3qF7+Cy
 xgGALJNO77+zYeGO5ms9WeiJf3l0AFHolYLPaFxjrp5uKU8BWoGmR+LKZy3MEcmD
 6MAqAF18lr5pYrNsY8t/u6e9yxeQFdqzWKBCH6JIQimNG2HgY0lgcRYXrH9fb41d
 YzLtpY6ZjncMaOOKHMoBc3TOZ2mC4/6jsQdgJSHK+Ji75B9eUrW24k9mvrU91kgj
 Di9pM1ACQeeDN8rEbiQNdiF4AbhIpQktHkHyd0eMfxFl/W/O8StZfODQi7RM94u8
 h43dAIti2bDU+51f7a66QIpjOyQZFcnE9waUAdwneO7Vg6mBiIk=
 =PJvl
 -----END PGP SIGNATURE-----

Merge tag 'iommu-fixes-v5.12-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/joro/iommu

Pull iommu fixes from Joerg Roedel:

 - Three AMD IOMMU patches to fix a boot crash on AMD Stoney systems and
   every other AMD IOMMU system booted with 'amd_iommu=off'.

   This is a v5.11 regression.

 - A Fix for the Tegra IOMMU driver to make sure it detects all IOMMUs

* tag 'iommu-fixes-v5.12-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/joro/iommu:
  iommu/tegra-smmu: Make tegra_smmu_probe_device() to handle all IOMMU phandles
  iommu/amd: Keep track of amd_iommu_irq_remap state
  iommu/amd: Don't call early_amd_iommu_init() when AMD IOMMU is disabled
  iommu/amd: Move Stoney Ridge check to detect_ivrs()
2021-03-19 09:56:04 -07:00
Linus Torvalds
769e155c53 sound fixes for 5.12-rc4
Majority of changes are various ASoC device/platform-specific small
 fixes (including a removal of stale file) while the only common
 change is a clk management fix in ASoC simple-card driver.
 The rest are usual HD-audio quirks.
 -----BEGIN PGP SIGNATURE-----
 
 iQJCBAABCAAsFiEEIXTw5fNLNI7mMiVaLtJE4w1nLE8FAmBUbqgOHHRpd2FpQHN1
 c2UuZGUACgkQLtJE4w1nLE+4yBAAkA6y2fNlWYsQzZeNeWNnZyRdeoi5M0Flqd0q
 PRK6VynM/M0kn2U/PgwhlDgrcNPqmW6AgXAPEEnv5zfwPs9MPXM3B9uJiiIOW6t1
 c0EfS2msnTXx6RAn62ecYJkp6BUVnejAYIgzKiLOBj5/0mNXgnbTfC7PSnfghWca
 ajtq/+l3pr519C4ewJSKZ84ho3S7mEEZdBGkpvaYTVZY09mkoZj1eefuQBp8690d
 n/jTl+gCk8Z3834bhBKgdax2huZmTaMQ2wXsoEHZNPpHr2NfmR0RvPgnNutDA6uJ
 JVM4KBStTxIpgg84D0wXIOvUst4/FcPtaho5UCNqSJ1/xoom+BGV3hTXLSW1SVUT
 /TUZje6hCfl9WyN5lR2S2JIYorTp6yqLQscXPmolkq+vtkLbQa83MybhyTK1w78q
 xMLCezctc3cpFikydelWa39xMUyjd7/PkabhwWoFk50niBIVS119rhH/GqhGIusp
 UU6JyujhoM8JWvywoyHsgV6c+2gDLQVU9k6mrAgMf9hgjRTz2ztCgK4fWccqEGvt
 5retVRVdv0xUxBxLkD9AhZ47ym8udcOLP7NyBl70MHJSm4GuEPUdefPNOGOWqIUr
 0XJfCmvipxJkA4/QwC5j7du8uILMXmjqzvf/LGfhg8Yo4YtQbJSv6mPmCSrtE1JE
 2yz8zTA=
 =kGbc
 -----END PGP SIGNATURE-----

Merge tag 'sound-5.12-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound

Pull sound fixes from Takashi Iwai:
 "The majority of changes are various ASoC device/platform-specific
  small fixes (including a removal of stale file) while the only common
  change is a clk management fix in ASoC simple-card driver.

  The rest are the usual HD-audio quirks"

* tag 'sound-5.12-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound: (44 commits)
  ALSA: usb-audio: Fix unintentional sign extension issue
  ALSA: hda/realtek: fix mute/micmute LEDs for HP 850 G8
  ASoC: dt-bindings: fsl_spdif: Add compatible string for new platforms
  ASoC: rt711: add snd_soc_component remove callback
  ASoC: rt5659: Update MCLK rate in set_sysclk()
  ASoC: simple-card-utils: Do not handle device clock
  ALSA: hda/realtek: fix mute/micmute LEDs for HP 440 G8
  ALSA: hda/realtek: fix mute/micmute LEDs for HP 840 G8
  ALSA: hda/realtek: apply pin quirk for XiaomiNotebook Pro
  ALSA: hda/realtek: Apply headset-mic quirks for Xiaomi Redmibook Air
  ASoC: mediatek: mt8192: fix tdm out data is valid on rising edge
  ALSA: dice: fix null pointer dereference when node is disconnected
  ALSA: hda: generic: Fix the micmute led init state
  ASoC: qcom: lpass-cpu: Fix lpass dai ids parse
  spi: cadence: set cqspi to the driver_data field of struct device
  ASoC: SOF: intel: fix wrong poll bits in dsp power down
  ASoC: codecs: wcd934x: add a sanity check in set channel map
  ASoC: qcom: sdm845: Fix array out of range on rx slim channels
  ASoC: qcom: sdm845: Fix array out of bounds access
  ASoC: remove remnants of sirf prima/atlas audio codec
  ...
2021-03-19 09:53:32 -07:00
Steve French
65af8f0166 cifs: fix allocation size on newly created files
Applications that create and extend and write to a file do not
expect to see 0 allocation size.  When file is extended,
set its allocation size to a plausible value until we have a
chance to query the server for it.  When the file is cached
this will prevent showing an impossible number of allocated
blocks (like 0).  This fixes e.g. xfstests 614 which does

    1) create a file and set its size to 64K
    2) mmap write 64K to the file
    3) stat -c %b for the file (to query the number of allocated blocks)

It was failing because we returned 0 blocks.  Even though we would
return the correct cached file size, we returned an impossible
allocation size.

Signed-off-by: Steve French <stfrench@microsoft.com>
CC: <stable@vger.kernel.org>
Reviewed-by: Aurelien Aptel <aaptel@suse.com>
2021-03-19 11:51:31 -05:00
Jesse Brandeburg
f0a03a0268 igb: check timestamp validity
Add a couple of checks to make sure timestamping is on and that the
timestamp value from DMA is valid. This avoids any functional issues
that could come from a misinterpreted time stamp.

One of the functions changed doesn't need a return value added because
there was no value in checking from the calling locations.

While here, fix a couple of reverse christmas tree issues next to
the code being changed.

Fixes: f56e7bba22 ("igb: Pull timestamp from fragment before adding it to skb")
Fixes: 9cbc948b5a ("igb: add XDP support")
Signed-off-by: Jesse Brandeburg <jesse.brandeburg@intel.com>
Tested-by: Dave Switzer <david.switzer@intel.com>
Signed-off-by: Tony Nguyen <anthony.l.nguyen@intel.com>
2021-03-19 08:47:46 -07:00
Tom Seewald
a75519a848 igb: Fix duplicate include guard
The include guard "_E1000_HW_H_" is used by two separate header files in
two different drivers (e1000/e1000_hw.h and igb/e1000_hw.h). Using the
same include guard macro in more than one header file may cause
unexpected behavior from the compiler. Fix this by renaming the
duplicate guard in the igb driver.

Fixes: 9d5c824399 ("igb: PCI-Express 82575 Gigabit Ethernet driver")
Signed-off-by: Tom Seewald <tseewald@gmail.com>
Reviewed-by: Jesse Brandeburg <jesse.brandeburg@intel.com>
Signed-off-by: Tony Nguyen <anthony.l.nguyen@intel.com>
2021-03-19 08:47:46 -07:00
Tom Seewald
896ea5dab2 e1000e: Fix duplicate include guard
The include guard "_E1000_HW_H_" is used by header files in three
different drivers (e1000/e1000_hw.h, e1000e/hw.h, and igb/e1000_hw.h).
Using the same include guard macro in more than one header file may
cause unexpected behavior from the compiler. Fix the duplicate include
guard in the e1000e driver by renaming it.

Fixes: bc7f75fa97 ("[E1000E]: New pci-express e1000 driver (currently for ICH9 devices only)")
Signed-off-by: Tom Seewald <tseewald@gmail.com>
Tested-by: Dvora Fuxbrumer <dvorax.fuxbrumer@linux.intel.com>
Acked-by: Sasha Neftin <sasha.neftin@intel.com>
Signed-off-by: Tony Nguyen <anthony.l.nguyen@intel.com>
2021-03-19 08:47:46 -07:00
Rafael J. Wysocki
49cb71a77c Merge branch 'pm-core'
* pm-core:
  Revert "PM: runtime: Update device status before letting suppliers suspend"
2021-03-19 16:38:45 +01:00
Rafael J. Wysocki
0cab893f40 Revert "PM: runtime: Update device status before letting suppliers suspend"
Revert commit 44cc89f764 ("PM: runtime: Update device status
before letting suppliers suspend") that introduced a race condition
into __rpm_callback() which allowed a concurrent rpm_resume() to
run and resume the device prematurely after its status had been
changed to RPM_SUSPENDED by __rpm_callback().

Fixes: 44cc89f764 ("PM: runtime: Update device status before letting suppliers suspend")
Link: https://lore.kernel.org/linux-pm/24dfb6fc-5d54-6ee2-9195-26428b7ecf8a@intel.com/
Reported-by: Adrian Hunter <adrian.hunter@intel.com>
Cc: 4.10+ <stable@vger.kernel.org> # 4.10+
Signed-off-by: Rafael J. Wysocki <rafael.j.wysocki@intel.com>
Reviewed-by: Ulf Hansson <ulf.hansson@linaro.org>
2021-03-19 16:35:47 +01:00
Ingo Molnar
429257a430 Another couple of EFI fixes for v5.12-rc:
- anothing missing RT_PROP table related fix, to ensure that the efivarfs
   pseudo filesystem fails gracefully if variable services are unsupported
 - use the correct alignment for literal EFI GUIDs
 - fix a use after unmap issue in the memreserve code
 -----BEGIN PGP SIGNATURE-----
 
 iQGzBAABCgAdFiEE+9lifEBpyUIVN1cpw08iOZLZjyQFAmBUSNkACgkQw08iOZLZ
 jyS6lgv+PVVOOm4JJiU0bXP5Nld6fbALMS4xoCpb8/tl5P836BXP39t47nTVBfph
 2gP27rlODTexNfqYKiQigdtB2+YGkWU5ySmeW8mTwXDxVrDVBCJw/4vSmxIeerUW
 FxPkqL/tlI4++4xwUVsXP1+a48Zkdg8vUl1kPCRdwruFZE5Puz5xQIUvsfZwx6nT
 A9ukWvJ71cpae76tvFdMcBUimUbBj0ZYpnNZYbc+La3fPqud9N71g4b7nDngLg4y
 2z/V1XNcY+J9KNJvRHVWZAsxRpG2Kgmy0fun1a6H7IccRNzg7Jxl0gGcNdODFJ7c
 H02SaFwHDHHfjp4GkecoeQ5pi6YcpF5oAnvjLdEhAsHrULz6a6lXHL1xF3ksz48A
 Af2P+qw2+d4kcsRAO3wz1dX51+5B84ICqma8lERvER2xl2yhDdq2e4cfo4bXu9Oy
 6sUXXFxpPGjnCII8E5kC0NCD2BtXEEgK/M+8vBoralRxZI6QucwgNrhNovRUU904
 LJM1rw1q
 =a7TN
 -----END PGP SIGNATURE-----

Merge tag 'efi-urgent-for-v5.12-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/efi/efi into efi/urgent

Pull EFI fixes from Ard Biesheuvel:

 "- another missing RT_PROP table related fix, to ensure that the efivarfs
    pseudo filesystem fails gracefully if variable services are unsupported
  - use the correct alignment for literal EFI GUIDs
  - fix a use after unmap issue in the memreserve code"

Signed-off-by: Ingo Molnar <mingo@kernel.org>
2021-03-19 14:23:46 +01:00
Jens Axboe
d38b4d2894 nvme fixes for 5.12
- fix tag allocation for keep alive
  - fix a unit mismatch for the Write Zeroes limits
  - various TCP transport fixes (Sagi Grimberg, Elad Grupi)
  - fix iosqes and iocqes validation for discovery controllers (Sagi Grimberg)
 -----BEGIN PGP SIGNATURE-----
 
 iQI/BAABCgApFiEEgdbnc3r/njty3Iq9D55TZVIEUYMFAmBUTswLHGhjaEBsc3Qu
 ZGUACgkQD55TZVIEUYOV+A//WjY6AqLVYvaJsSQ8TOg1M1XjUrE1XzmgqBBBN3/m
 7RPtbIhsI3iZRiauCGbdSRhJfJEMqdeJLEOjpq83toBgCe8Jh0eLgw7ZBqYu6N5Q
 d7HGlXHb/QTxarAAkVZbAEusnBXDqfVXJiJEe0jgSqiuS2+Y0AGufA65cH+1MbNg
 r0u4lvO5hO4Z+DMQVOCxzLsHYHszeZNULMpgQWu8yi89BbNwr2SMx9a9TX1PITPm
 thYCeXRAY9yp4UDE9dMvfCgxWPZfEyyYAK+7vt0vWxpnEWE9chijPY+fjb23mhf0
 VTBmr4RmptetkLOyTnfp11f8bGCmPQgbOJC/DjwQoC/aZ+TAzgj9ot0c4zsRE23o
 U1WoEB9RRO/UOndam0DkZK8ClretF/sIIxydO0nCrlFILPgvDddXweIO/DiLs8rM
 NsQV95GtT3TjyWNwtyN4ThKbunk/4TmUVftvgz7soE0hPobLNmPQlXs+HrLcn7U7
 92CwQzy+WzRKuM6Wfnjt/6R3702XCBaBkF2mJdnX5EKlqp+OdCIOCdVxBAyMUAUA
 6BPVt0An4MCaAcfqXBh+Irf0HKV4veMLQT0egi1o33eLZBFBgomU3ugKzUykPP0V
 fHUfVe5sccvOdwOfOVV8vgNc1Pe+wNVcybyaemlHkv2lzZJPDnUd96Oi7av6NcOR
 CPQ=
 =cE+0
 -----END PGP SIGNATURE-----

Merge tag 'nvme-5.12-20210319' of git://git.infradead.org/nvme into block-5.12

Pull NVMe updates from Christoph:

"nvme fixes for 5.12

 - fix tag allocation for keep alive
 - fix a unit mismatch for the Write Zeroes limits
 - various TCP transport fixes (Sagi Grimberg, Elad Grupi)
 - fix iosqes and iocqes validation for discovery controllers (Sagi Grimberg)"

* tag 'nvme-5.12-20210319' of git://git.infradead.org/nvme:
  nvmet-tcp: fix kmap leak when data digest in use
  nvmet: don't check iosqes,iocqes for discovery controllers
  nvme-rdma: fix possible hang when failing to set io queues
  nvme-tcp: fix possible hang when failing to set io queues
  nvme-tcp: fix misuse of __smp_processor_id with preemption enabled
  nvme-tcp: fix a NULL deref when receiving a 0-length r2t PDU
  nvme: fix Write Zeroes limitations
  nvme: allocate the keep alive request using BLK_MQ_REQ_NOWAIT
  nvme: merge nvme_keep_alive into nvme_keep_alive_work
  nvme-fabrics: only reserve a single tag
2021-03-19 06:40:47 -06:00
Peter Zijlstra
38c9358737 static_call: Fix static_call_update() sanity check
Sites that match init_section_contains() get marked as INIT. For
built-in code init_sections contains both __init and __exit text. OTOH
kernel_text_address() only explicitly includes __init text (and there
are no __exit text markers).

Match what jump_label already does and ignore the warning for INIT
sites. Also see the excellent changelog for commit: 8f35eaa5f2
("jump_label: Don't warn on __exit jump entries")

Fixes: 9183c3f9ed ("static_call: Add inline static call infrastructure")
Reported-by: Sumit Garg <sumit.garg@linaro.org>
Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Acked-by: Jarkko Sakkinen <jarkko@kernel.org>
Tested-by: Sumit Garg <sumit.garg@linaro.org>
Link: https://lkml.kernel.org/r/20210318113610.739542434@infradead.org
2021-03-19 13:16:44 +01:00
Peter Zijlstra
698bacefe9 static_call: Align static_call_is_init() patching condition
The intent is to avoid writing init code after init (because the text
might have been freed). The code is needlessly different between
jump_label and static_call and not obviously correct.

The existing code relies on the fact that the module loader clears the
init layout, such that within_module_init() always fails, while
jump_label relies on the module state which is more obvious and
matches the kernel logic.

Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Acked-by: Jarkko Sakkinen <jarkko@kernel.org>
Tested-by: Sumit Garg <sumit.garg@linaro.org>
Link: https://lkml.kernel.org/r/20210318113610.636651340@infradead.org
2021-03-19 13:16:44 +01:00
Peter Zijlstra
68b1eddd42 static_call: Fix static_call_set_init()
It turns out that static_call_set_init() does not preserve the other
flags; IOW. it clears TAIL if it was set.

Fixes: 9183c3f9ed ("static_call: Add inline static call infrastructure")
Reported-by: Sumit Garg <sumit.garg@linaro.org>
Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Acked-by: Jarkko Sakkinen <jarkko@kernel.org>
Tested-by: Sumit Garg <sumit.garg@linaro.org>
Link: https://lkml.kernel.org/r/20210318113610.519406371@infradead.org
2021-03-19 13:16:44 +01:00
Thomas Gleixner
a501b048a9 x86/ioapic: Ignore IRQ2 again
Vitaly ran into an issue with hotplugging CPU0 on an Amazon instance where
the matrix allocator claimed to be out of vectors. He analyzed it down to
the point that IRQ2, the PIC cascade interrupt, which is supposed to be not
ever routed to the IO/APIC ended up having an interrupt vector assigned
which got moved during unplug of CPU0.

The underlying issue is that IRQ2 for various reasons (see commit
af174783b9 ("x86: I/O APIC: Never configure IRQ2" for details) is treated
as a reserved system vector by the vector core code and is not accounted as
a regular vector. The Amazon BIOS has an routing entry of pin2 to IRQ2
which causes the IO/APIC setup to claim that interrupt which is granted by
the vector domain because there is no sanity check. As a consequence the
allocation counter of CPU0 underflows which causes a subsequent unplug to
fail with:

  [ ... ] CPU 0 has 4294967295 vectors, 589 available. Cannot disable CPU

There is another sanity check missing in the matrix allocator, but the
underlying root cause is that the IO/APIC code lost the IRQ2 ignore logic
during the conversion to irqdomains.

For almost 6 years nobody complained about this wreckage, which might
indicate that this requirement could be lifted, but for any system which
actually has a PIC IRQ2 is unusable by design so any routing entry has no
effect and the interrupt cannot be connected to a device anyway.

Due to that and due to history biased paranoia reasons restore the IRQ2
ignore logic and treat it as non existent despite a routing entry claiming
otherwise.

Fixes: d32932d02e ("x86/irq: Convert IOAPIC to use hierarchical irqdomain interfaces")
Reported-by: Vitaly Kuznetsov <vkuznets@redhat.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Tested-by: Vitaly Kuznetsov <vkuznets@redhat.com>
Cc: stable@vger.kernel.org
Link: https://lore.kernel.org/r/20210318192819.636943062@linutronix.de
2021-03-19 12:43:41 +01:00
Emanuele Giuseppe Esposito
9ce3746d64 documentation/kvm: additional explanations on KVM_SET_BOOT_CPU_ID
The ioctl KVM_SET_BOOT_CPU_ID fails when called after vcpu creation.
Add this explanation in the documentation.

Signed-off-by: Emanuele Giuseppe Esposito <eesposit@redhat.com>
Message-Id: <20210319091650.11967-1-eesposit@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2021-03-19 05:31:32 -04:00
Ard Biesheuvel
fb98cc0b3a efi: use 32-bit alignment for efi_guid_t literals
Commit 494c704f9a ("efi: Use 32-bit alignment for efi_guid_t") updated
the type definition of efi_guid_t to ensure that it always appears
sufficiently aligned (the UEFI spec is ambiguous about this, but given
the fact that its EFI_GUID type is defined in terms of a struct carrying
a uint32_t, the natural alignment is definitely >= 32 bits).

However, we missed the EFI_GUID() macro which is used to instantiate
efi_guid_t literals: that macro is still based on the guid_t type,
which does not have a minimum alignment at all. This results in warnings
such as

  In file included from drivers/firmware/efi/mokvar-table.c:35:
  include/linux/efi.h:1093:34: warning: passing 1-byte aligned argument to
      4-byte aligned parameter 2 of 'get_var' may result in an unaligned pointer
      access [-Walign-mismatch]
          status = get_var(L"SecureBoot", &EFI_GLOBAL_VARIABLE_GUID, NULL, &size,
                                          ^
  include/linux/efi.h:1101:24: warning: passing 1-byte aligned argument to
      4-byte aligned parameter 2 of 'get_var' may result in an unaligned pointer
      access [-Walign-mismatch]
          get_var(L"SetupMode", &EFI_GLOBAL_VARIABLE_GUID, NULL, &size, &setupmode);

The distinction only matters on CPUs that do not support misaligned loads
fully, but 32-bit ARM's load-multiple instructions fall into that category,
and these are likely to be emitted by the compiler that built the firmware
for loading word-aligned 128-bit GUIDs from memory

So re-implement the initializer in terms of our own efi_guid_t type, so that
the alignment becomes a property of the literal's type.

Fixes: 494c704f9a ("efi: Use 32-bit alignment for efi_guid_t")
Reported-by: Nathan Chancellor <nathan@kernel.org>
Reviewed-by: Nick Desaulniers <ndesaulniers@google.com>
Reviewed-by: Nathan Chancellor <nathan@kernel.org>
Tested-by: Nathan Chancellor <nathan@kernel.org>
Link: https://github.com/ClangBuiltLinux/linux/issues/1327
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
2021-03-19 07:44:28 +01:00
Lv Yunlong
9ceee7d084 firmware/efi: Fix a use after bug in efi_mem_reserve_persistent
In the for loop in efi_mem_reserve_persistent(), prsv = rsv->next
use the unmapped rsv. Use the unmapped pages will cause segment
fault.

Fixes: 18df7577ad ("efi/memreserve: deal with memreserve entries in unmapped memory")
Signed-off-by: Lv Yunlong <lyl2019@mail.ustc.edu.cn>
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
2021-03-19 07:44:27 +01:00