2
0
mirror of https://github.com/edk2-porting/linux-next.git synced 2024-12-16 17:23:55 +08:00
Commit Graph

886867 Commits

Author SHA1 Message Date
Changbin Du
3be5cbcde9 kernel-hacking: group kernel data structures debugging together
Group these similar runtime data structures verification options
together.

Link: http://lkml.kernel.org/r/20190909144453.3520-4-changbin.du@gmail.com
Signed-off-by: Changbin Du <changbin.du@gmail.com>
Acked-by: Randy Dunlap <rdunlap@infradead.org>
Tested-by: Randy Dunlap <rdunlap@infradead.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2019-12-07 11:00:19 -08:00
Changbin Du
ff600a9a69 kernel-hacking: create submenu for arch special debugging options
The arch special options are a little long, so create a submenu for
them.

Link: http://lkml.kernel.org/r/20190909144453.3520-3-changbin.du@gmail.com
Signed-off-by: Changbin Du <changbin.du@gmail.com>
Acked-by: Randy Dunlap <rdunlap@infradead.org>
Tested-by: Randy Dunlap <rdunlap@infradead.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2019-12-07 11:00:19 -08:00
Changbin Du
6210b6402f kernel-hacking: group sysrq/kgdb/ubsan into 'Generic Kernel Debugging Instruments'
Patch series "hacking: make 'kernel hacking' menu better structurized", v3.

This series is a trivial improvment for the layout of 'kernel hacking'
configuration menu.  Now we have many items in it which makes takes a
little time to look up them since they are not well structurized yet.

Early discussion is here:
  https://lkml.org/lkml/2019/9/1/39

This patch (of 9):

Group generic kernel debugging instruments sysrq/kgdb/ubsan together
into a new submenu.

Link: http://lkml.kernel.org/r/20190909144453.3520-2-changbin.du@gmail.com
Signed-off-by: Changbin Du <changbin.du@gmail.com>
Acked-by: Randy Dunlap <rdunlap@infradead.org>
Tested-by: Randy Dunlap <rdunlap@infradead.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2019-12-07 11:00:19 -08:00
Linus Torvalds
ad910e36da pipe: fix poll/select race introduced by the pipe rework
The kernel wait queues have a basic rule to them: you add yourself to
the wait-queue first, and then you check the things that you're going to
wait on.  That avoids the races with the event you're waiting for.

The same goes for poll/select logic: the "poll_wait()" goes first, and
then you check the things you're polling for.

Of course, if you use locking, the ordering doesn't matter since the
lock will serialize with anything that changes the state you're looking
at. That's not the case here, though.

So move the poll_wait() first in pipe_poll(), before you start looking
at the pipe state.

Fixes: 8cefc107ca ("pipe: Use head and tail pointers for the ring, not cursor and length")
Cc: David Howells <dhowells@redhat.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2019-12-07 10:41:17 -08:00
Patrick Steinhardt
38a2204f52 nfsd: depend on CRYPTO_MD5 for legacy client tracking
The legacy client tracking infrastructure of nfsd makes use of MD5 to
derive a client's recovery directory name. As the nfsd module doesn't
declare any dependency on CRYPTO_MD5, though, it may fail to allocate
the hash if the kernel was compiled without it. As a result, generation
of client recovery directories will fail with the following error:

    NFSD: unable to generate recoverydir name

The explicit dependency on CRYPTO_MD5 was removed as redundant back in
6aaa67b5f3 (NFSD: Remove redundant "select" clauses in fs/Kconfig
2008-02-11) as it was already implicitly selected via RPCSEC_GSS_KRB5.
This broke when RPCSEC_GSS_KRB5 was made optional for NFSv4 in commit
df486a2590 (NFS: Fix the selection of security flavours in Kconfig) at
a later point.

Fix the issue by adding back an explicit dependency on CRYPTO_MD5.

Fixes: df486a2590 (NFS: Fix the selection of security flavours in Kconfig)
Signed-off-by: Patrick Steinhardt <ps@pks.im>
Signed-off-by: J. Bruce Fields <bfields@redhat.com>
2019-12-07 11:28:52 -05:00
Olga Kornievskaia
18f428d4e2 NFSD fixing possible null pointer derefering in copy offload
Static checker revealed possible error path leading to possible
NULL pointer dereferencing.

Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
Fixes: e0639dc580: ("NFSD introduce async copy feature")
Signed-off-by: Olga Kornievskaia <kolga@netapp.com>
Signed-off-by: J. Bruce Fields <bfields@redhat.com>
2019-12-07 11:28:46 -05:00
David S. Miller
5532946e33 Merge branch 'tcp-fix-handling-of-stale-syncookies-timestamps'
Guillaume Nault says:

====================
tcp: fix handling of stale syncookies timestamps

The synflood timestamps (->ts_recent_stamp and ->synq_overflow_ts) are
only refreshed when the syncookie protection triggers. Therefore, their
value can become very far apart from jiffies if no synflood happens for
a long time.

If jiffies grows too much and wraps while the synflood timestamp isn't
refreshed, then time_after32() might consider the later to be in the
future. This can trick tcp_synq_no_recent_overflow() into returning
erroneous values and rejecting valid ACKs.

Patch 1 handles the case of ACKs using legitimate syncookies.
Patch 2 handles the case of stray ACKs.
Patch 3 annotates lockless timestamp operations with READ_ONCE() and
WRITE_ONCE().

Changes from v3:
  - Fix description of time_between32() (found by Eric Dumazet).
  - Use more accurate Fixes tag in patch 3 (suggested by Eric Dumazet).

Changes from v2:
  - Define and use time_between32() instead of a pair of
    time_before32/time_after32 (suggested by Eric Dumazet).
  - Use 'last_overflow - HZ' as lower bound in
    tcp_synq_no_recent_overflow(), to accommodate for concurrent
    timestamp updates (found by Eric Dumazet).
  - Add a third patch to annotate lockless accesses to .ts_recent_stamp.

Changes from v1:
  - Initialising timestamps at socket creation time is not enough
    because jiffies wraps in 24 days with HZ=1000 (Eric Dumazet).
    Handle stale timestamps in tcp_synq_overflow() and
    tcp_synq_no_recent_overflow() instead.
  - Rework commit description.
  - Add a second patch to handle the case of stray ACKs.
====================

Signed-off-by: David S. Miller <davem@davemloft.net>
2019-12-06 21:05:14 -08:00
Guillaume Nault
721c8dafad tcp: Protect accesses to .ts_recent_stamp with {READ,WRITE}_ONCE()
Syncookies borrow the ->rx_opt.ts_recent_stamp field to store the
timestamp of the last synflood. Protect them with READ_ONCE() and
WRITE_ONCE() since reads and writes aren't serialised.

Use of .rx_opt.ts_recent_stamp for storing the synflood timestamp was
introduced by a0f82f64e2 ("syncookies: remove last_synq_overflow from
struct tcp_sock"). But unprotected accesses were already there when
timestamp was stored in .last_synq_overflow.

Fixes: 1da177e4c3 ("Linux-2.6.12-rc2")
Signed-off-by: Guillaume Nault <gnault@redhat.com>
Signed-off-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2019-12-06 21:05:14 -08:00
Guillaume Nault
cb44a08f86 tcp: tighten acceptance of ACKs not matching a child socket
When no synflood occurs, the synflood timestamp isn't updated.
Therefore it can be so old that time_after32() can consider it to be
in the future.

That's a problem for tcp_synq_no_recent_overflow() as it may report
that a recent overflow occurred while, in fact, it's just that jiffies
has grown past 'last_overflow' + TCP_SYNCOOKIE_VALID + 2^31.

Spurious detection of recent overflows lead to extra syncookie
verification in cookie_v[46]_check(). At that point, the verification
should fail and the packet dropped. But we should have dropped the
packet earlier as we didn't even send a syncookie.

Let's refine tcp_synq_no_recent_overflow() to report a recent overflow
only if jiffies is within the
[last_overflow, last_overflow + TCP_SYNCOOKIE_VALID] interval. This
way, no spurious recent overflow is reported when jiffies wraps and
'last_overflow' becomes in the future from the point of view of
time_after32().

However, if jiffies wraps and enters the
[last_overflow, last_overflow + TCP_SYNCOOKIE_VALID] interval (with
'last_overflow' being a stale synflood timestamp), then
tcp_synq_no_recent_overflow() still erroneously reports an
overflow. In such cases, we have to rely on syncookie verification
to drop the packet. We unfortunately have no way to differentiate
between a fresh and a stale syncookie timestamp.

In practice, using last_overflow as lower bound is problematic.
If the synflood timestamp is concurrently updated between the time
we read jiffies and the moment we store the timestamp in
'last_overflow', then 'now' becomes smaller than 'last_overflow' and
tcp_synq_no_recent_overflow() returns true, potentially dropping a
valid syncookie.

Reading jiffies after loading the timestamp could fix the problem,
but that'd require a memory barrier. Let's just accommodate for
potential timestamp growth instead and extend the interval using
'last_overflow - HZ' as lower bound.

Signed-off-by: Guillaume Nault <gnault@redhat.com>
Signed-off-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2019-12-06 21:05:14 -08:00
Guillaume Nault
04d26e7b15 tcp: fix rejected syncookies due to stale timestamps
If no synflood happens for a long enough period of time, then the
synflood timestamp isn't refreshed and jiffies can advance so much
that time_after32() can't accurately compare them any more.

Therefore, we can end up in a situation where time_after32(now,
last_overflow + HZ) returns false, just because these two values are
too far apart. In that case, the synflood timestamp isn't updated as
it should be, which can trick tcp_synq_no_recent_overflow() into
rejecting valid syncookies.

For example, let's consider the following scenario on a system
with HZ=1000:

  * The synflood timestamp is 0, either because that's the timestamp
    of the last synflood or, more commonly, because we're working with
    a freshly created socket.

  * We receive a new SYN, which triggers synflood protection. Let's say
    that this happens when jiffies == 2147484649 (that is,
    'synflood timestamp' + HZ + 2^31 + 1).

  * Then tcp_synq_overflow() doesn't update the synflood timestamp,
    because time_after32(2147484649, 1000) returns false.
    With:
      - 2147484649: the value of jiffies, aka. 'now'.
      - 1000: the value of 'last_overflow' + HZ.

  * A bit later, we receive the ACK completing the 3WHS. But
    cookie_v[46]_check() rejects it because tcp_synq_no_recent_overflow()
    says that we're not under synflood. That's because
    time_after32(2147484649, 120000) returns false.
    With:
      - 2147484649: the value of jiffies, aka. 'now'.
      - 120000: the value of 'last_overflow' + TCP_SYNCOOKIE_VALID.

    Of course, in reality jiffies would have increased a bit, but this
    condition will last for the next 119 seconds, which is far enough
    to accommodate for jiffie's growth.

Fix this by updating the overflow timestamp whenever jiffies isn't
within the [last_overflow, last_overflow + HZ] range. That shouldn't
have any performance impact since the update still happens at most once
per second.

Now we're guaranteed to have fresh timestamps while under synflood, so
tcp_synq_no_recent_overflow() can safely use it with time_after32() in
such situations.

Stale timestamps can still make tcp_synq_no_recent_overflow() return
the wrong verdict when not under synflood. This will be handled in the
next patch.

For 64 bits architectures, the problem was introduced with the
conversion of ->tw_ts_recent_stamp to 32 bits integer by commit
cca9bab1b7 ("tcp: use monotonic timestamps for PAWS").
The problem has always been there on 32 bits architectures.

Fixes: cca9bab1b7 ("tcp: use monotonic timestamps for PAWS")
Fixes: 1da177e4c3 ("Linux-2.6.12-rc2")
Signed-off-by: Guillaume Nault <gnault@redhat.com>
Signed-off-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2019-12-06 21:05:14 -08:00
David S. Miller
537d0779a1 mlx5-fixes-2019-12-05
-----BEGIN PGP SIGNATURE-----
 
 iQEzBAABCAAdFiEEGhZs6bAKwk/OTgTpSD+KveBX+j4FAl3pcFUACgkQSD+KveBX
 +j4tNgf/VJ1FgeYn4INueeliFebX+8sgk7pA8zI5Wf3s0gzmCLulNeF8sK3sV7o4
 U94dHauU1CZxTpI9P2AVJVQ5CnTi2GBjuEKHh1Rz9bVwU3N5D4miShtHUEI1PLna
 VhLJiMSU1ffUerL66zgW+QYbPAKSlp+INysr+KeBBOwxoco4C17pGwJ9idpaHYnL
 sdVsHVcWmD1fen+eSN/8i4RzqVFTjM3cCsMg1OJn8KuDH+z6bQZ9cOWWLn+hz9lc
 uBZHZHvRFRTg1NeN1BFcMEL0RBoG0sTtfJLkVeyQxmLbmTeBPHDBIAJysqjAe1kY
 OFvEnq5t3HScuZIxTd5yXQ3rHy1EIg==
 =InW3
 -----END PGP SIGNATURE-----

Merge tag 'mlx5-fixes-2019-12-05' of git://git.kernel.org/pub/scm/linux/kernel/git/saeed/linux

Saeed Mahameed says:

====================
Mellanox, mlx5 fixes 2019-12-05

This series introduces some fixes to mlx5 driver.

Please pull and let me know if there is any problem.

For -stable v4.19:
 ('net/mlx5e: Query global pause state before setting prio2buffer')

For -stable v5.3
 ('net/mlx5e: Fix SFF 8472 eeprom length')
 ('net/mlx5e: Fix translation of link mode into speed')
 ('net/mlx5e: Fix freeing flow with kfree() and not kvfree()')
 ('net/mlx5e: ethtool, Fix analysis of speed setting')
 ('net/mlx5e: Fix TXQ indices to be sequential')
====================

Signed-off-by: David S. Miller <davem@davemloft.net>
2019-12-06 20:52:16 -08:00
Bruno Carneiro da Cunha
04aa1bc42e lpc_eth: kernel BUG on remove
We may have found a bug in the nxp/lpc_eth.c driver. The function
platform_set_drvdata() is called twice, the second time it is called,
in lpc_mii_init(), it overwrites the struct net_device which should be
at pdev->dev->driver_data with pldat->mii_bus. When trying to remove
the driver, in lpc_eth_drv_remove(), platform_get_drvdata() will
return the pldat->mii_bus pointer and try to use it as a struct
net_device pointer. This causes unregister_netdev to segfault and
generate a kernel BUG. Is this reproducible?

Signed-off-by: Daniel Martinez <linux@danielsmartinez.com>
Signed-off-by: Bruno Carneiro da Cunha <brunocarneirodacunha@usp.br>
Signed-off-by: David S. Miller <davem@davemloft.net>
2019-12-06 20:51:19 -08:00
Eric Dumazet
9424e2e7ad tcp: md5: fix potential overestimation of TCP option space
Back in 2008, Adam Langley fixed the corner case of packets for flows
having all of the following options : MD5 TS SACK

Since MD5 needs 20 bytes, and TS needs 12 bytes, no sack block
can be cooked from the remaining 8 bytes.

tcp_established_options() correctly sets opts->num_sack_blocks
to zero, but returns 36 instead of 32.

This means TCP cooks packets with 4 extra bytes at the end
of options, containing unitialized bytes.

Fixes: 33ad798c92 ("tcp: options clean up")
Signed-off-by: Eric Dumazet <edumazet@google.com>
Reported-by: syzbot <syzkaller@googlegroups.com>
Acked-by: Neal Cardwell <ncardwell@google.com>
Acked-by: Soheil Hassas Yeganeh <soheil@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2019-12-06 20:47:38 -08:00
David S. Miller
9a74542eee Merge branch 'net-tc-indirect-block-relay'
John Hurley says:

====================
Ensure egress un/bind are relayed with indirect blocks

On register and unregister for indirect blocks, a command is called that
sends a bind/unbind event to the registering driver. This command assumes
that the bind to indirect block will be on ingress. However, drivers such
as NFP have allowed binding to clsact qdiscs as well as ingress qdiscs
from mainline Linux 5.2. A clsact qdisc binds to an ingress and an egress
block.

Rather than assuming that an indirect bind is always ingress, modify the
function names to remove the ingress tag (patch 1). In cls_api, which is
used by NFP to offload TC flower, generate bind/unbind message for both
ingress and egress blocks on the event of indirectly
registering/unregistering from that block. Doing so mimics the behaviour
of both ingress and clsact qdiscs on initialise and destroy.

This now ensures that drivers such as NFP receive the correct binder type
for the indirect block registration.
====================

Signed-off-by: David S. Miller <davem@davemloft.net>
2019-12-06 20:45:09 -08:00
John Hurley
25a443f74b net: sched: allow indirect blocks to bind to clsact in TC
When a device is bound to a clsact qdisc, bind events are triggered to
registered drivers for both ingress and egress. However, if a driver
registers to such a device using the indirect block routines then it is
assumed that it is only interested in ingress offload and so only replays
ingress bind/unbind messages.

The NFP driver supports the offload of some egress filters when
registering to a block with qdisc of type clsact. However, on unregister,
if the block is still active, it will not receive an unbind egress
notification which can prevent proper cleanup of other registered
callbacks.

Modify the indirect block callback command in TC to send messages of
ingress and/or egress bind depending on the qdisc in use. NFP currently
supports egress offload for TC flower offload so the changes are only
added to TC.

Fixes: 4d12ba4278 ("nfp: flower: allow offloading of matches on 'internal' ports")
Signed-off-by: John Hurley <john.hurley@netronome.com>
Acked-by: Jakub Kicinski <jakub.kicinski@netronome.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2019-12-06 20:45:09 -08:00
John Hurley
dbad340889 net: core: rename indirect block ingress cb function
With indirect blocks, a driver can register for callbacks from a device
that is does not 'own', for example, a tunnel device. When registering to
or unregistering from a new device, a callback is triggered to generate
a bind/unbind event. This, in turn, allows the driver to receive any
existing rules or to properly clean up installed rules.

When first added, it was assumed that all indirect block registrations
would be for ingress offloads. However, the NFP driver can, in some
instances, support clsact qdisc binds for egress offload.

Change the name of the indirect block callback command in flow_offload to
remove the 'ingress' identifier from it. While this does not change
functionality, a follow up patch will implement a more more generic
callback than just those currently just supporting ingress offload.

Fixes: 4d12ba4278 ("nfp: flower: allow offloading of matches on 'internal' ports")
Signed-off-by: John Hurley <john.hurley@netronome.com>
Acked-by: Jakub Kicinski <jakub.kicinski@netronome.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2019-12-06 20:45:09 -08:00
Jouni Hogander
e0b60903b4 net-sysfs: Call dev_hold always in netdev_queue_add_kobject
Dev_hold has to be called always in netdev_queue_add_kobject.
Otherwise usage count drops below 0 in case of failure in
kobject_init_and_add.

Fixes: b8eb718348 ("net-sysfs: Fix reference count leak in rx|netdev_queue_add_kobject")
Reported-by: Hulk Robot <hulkci@huawei.com>
Cc: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Cc: David Miller <davem@davemloft.net>
Cc: Lukas Bulwahn <lukas.bulwahn@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2019-12-06 20:37:28 -08:00
Alexander Lobakin
8bef0af09a net: dsa: fix flow dissection on Tx path
Commit 43e665287f ("net-next: dsa: fix flow dissection") added an
ability to override protocol and network offset during flow dissection
for DSA-enabled devices (i.e. controllers shipped as switch CPU ports)
in order to fix skb hashing for RPS on Rx path.

However, skb_hash() and added part of code can be invoked not only on
Rx, but also on Tx path if we have a multi-queued device and:
 - kernel is running on UP system or
 - XPS is not configured.

The call stack in this two cases will be like: dev_queue_xmit() ->
__dev_queue_xmit() -> netdev_core_pick_tx() -> netdev_pick_tx() ->
skb_tx_hash() -> skb_get_hash().

The problem is that skbs queued for Tx have both network offset and
correct protocol already set up even after inserting a CPU tag by DSA
tagger, so calling tag_ops->flow_dissect() on this path actually only
breaks flow dissection and hashing.

This can be observed by adding debug prints just before and right after
tag_ops->flow_dissect() call to the related block of code:

Before the patch:

Rx path (RPS):

[   19.240001] Rx: proto: 0x00f8, nhoff: 0	/* ETH_P_XDSA */
[   19.244271] tag_ops->flow_dissect()
[   19.247811] Rx: proto: 0x0800, nhoff: 8	/* ETH_P_IP */

[   19.215435] Rx: proto: 0x00f8, nhoff: 0	/* ETH_P_XDSA */
[   19.219746] tag_ops->flow_dissect()
[   19.223241] Rx: proto: 0x0806, nhoff: 8	/* ETH_P_ARP */

[   18.654057] Rx: proto: 0x00f8, nhoff: 0	/* ETH_P_XDSA */
[   18.658332] tag_ops->flow_dissect()
[   18.661826] Rx: proto: 0x8100, nhoff: 8	/* ETH_P_8021Q */

Tx path (UP system):

[   18.759560] Tx: proto: 0x0800, nhoff: 26	/* ETH_P_IP */
[   18.763933] tag_ops->flow_dissect()
[   18.767485] Tx: proto: 0x920b, nhoff: 34	/* junk */

[   22.800020] Tx: proto: 0x0806, nhoff: 26	/* ETH_P_ARP */
[   22.804392] tag_ops->flow_dissect()
[   22.807921] Tx: proto: 0x920b, nhoff: 34	/* junk */

[   16.898342] Tx: proto: 0x86dd, nhoff: 26	/* ETH_P_IPV6 */
[   16.902705] tag_ops->flow_dissect()
[   16.906227] Tx: proto: 0x920b, nhoff: 34	/* junk */

After:

Rx path (RPS):

[   16.520993] Rx: proto: 0x00f8, nhoff: 0	/* ETH_P_XDSA */
[   16.525260] tag_ops->flow_dissect()
[   16.528808] Rx: proto: 0x0800, nhoff: 8	/* ETH_P_IP */

[   15.484807] Rx: proto: 0x00f8, nhoff: 0	/* ETH_P_XDSA */
[   15.490417] tag_ops->flow_dissect()
[   15.495223] Rx: proto: 0x0806, nhoff: 8	/* ETH_P_ARP */

[   17.134621] Rx: proto: 0x00f8, nhoff: 0	/* ETH_P_XDSA */
[   17.138895] tag_ops->flow_dissect()
[   17.142388] Rx: proto: 0x8100, nhoff: 8	/* ETH_P_8021Q */

Tx path (UP system):

[   15.499558] Tx: proto: 0x0800, nhoff: 26	/* ETH_P_IP */

[   20.664689] Tx: proto: 0x0806, nhoff: 26	/* ETH_P_ARP */

[   18.565782] Tx: proto: 0x86dd, nhoff: 26	/* ETH_P_IPV6 */

In order to fix that we can add the check 'proto == htons(ETH_P_XDSA)'
to prevent code from calling tag_ops->flow_dissect() on Tx.
I also decided to initialize 'offset' variable so tagger callbacks can
now safely leave it untouched without provoking a chaos.

Fixes: 43e665287f ("net-next: dsa: fix flow dissection")
Signed-off-by: Alexander Lobakin <alobakin@dlink.ru>
Reviewed-by: Florian Fainelli <f.fainelli@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2019-12-06 20:20:17 -08:00
Valentin Vidic
4a5cdc604b net/tls: Fix return values to avoid ENOTSUPP
ENOTSUPP is not available in userspace, for example:

  setsockopt failed, 524, Unknown error 524

Signed-off-by: Valentin Vidic <vvidic@valentin-vidic.from.hr>
Acked-by: Jakub Kicinski <jakub.kicinski@netronome.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2019-12-06 20:15:39 -08:00
Linus Torvalds
eea2d5da29 ARM fixes for 5.5-rc:
- fix CPU topology setup for SCHED_MC case
 - fix VDSO regression
 -----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCgAdFiEEuNNh8scc2k/wOAE+9OeQG+StrGQFAl3qQUYACgkQ9OeQG+St
 rGTg0g/+LThc7XoEkGzXbswGtAZU0Tv+pcNXi4G+KAlePIutHpcf9ogY//mfXyVp
 SHLQBb0fNKzygt5e1Aq1X+99RsGbI7oMgKTiQgLrb6MPrhOLWwCWymnbyaTAcKgD
 QXHghta7tEGunvnnRWJTKWG24qoTvM1JFoUnHnrArYYyJoyRzQE2kMK2S3Z6X6xp
 Rcx152s/7lPdwPB5i6hyIlYVYVQN6JAz0w1nyrqmwjGTZU1NvPQaAemKYO3Ti4pD
 8HjMGtLa4AhgngkKiZt0gFI75kKp2Uf/rcowC4Li6ZQua1kYCankCYXoc9soCkHu
 1Qn0WyEZXVtMGMenEOGeYo/neTfhcBEkY3CMQO/QMfcpsFFn2fmiBmwMLvE8RMJ7
 UDiNBqVW8eZL45h6BF6QefWUzbzFQjfe2SXk5C58WrvlaZPldTucSmNLA1GoFn/p
 Ni+KqDHUACTNMb87kEDAfJGx3znS2EtdiwFfb3lqHnQ5GO6GdKrMPC1GfK32LgfO
 TN4nVEYu71ZMINidxuK0wuSRK2eadY6M08lKlrikGbkQJlo0R6YGuwzKiRmlHq5H
 QldDMKhPRuxLMTViphqRdHwoWRPpvbwVbJDjwea0run0lgCzEq4J+s2X/CXUZIAM
 b1y4APz/UgGyiYzmstZCYvfYZ0Tq8AU52757jFWjBoiEr+xEppE=
 =gTck
 -----END PGP SIGNATURE-----

Merge tag 'for-linus' of git://git.armlinux.org.uk/~rmk/linux-arm

Pull ARM fixes from Russell King:

 - fix CPU topology setup for SCHED_MC case

 - fix VDSO regression

* tag 'for-linus' of git://git.armlinux.org.uk/~rmk/linux-arm:
  ARM: 8947/1: Fix __arch_get_hw_counter() access to CNTVCT
  ARM: 8943/1: Fix topology setup in case of CPU hotplug for CONFIG_SCHED_MC
2019-12-06 16:12:39 -08:00
Linus Torvalds
347f56fb38 ARM: SoC fixes
A set of fixes that we've merged late, but for the most part that have
 been sitting in -next for a while through platform maintainer trees.
 
  + Fixes to suspend/resume on Tegra, caused by the added features
    this merge window
 
  + Cleanups and minor fixes to TI additions this merge window
 
  + Tee fixes queued up late before the merge window, included here.
 
  + A handful of other fixlets
 
 There's also a refresh of the shareed config files (multi_v* on 32-bit,
 and defconfig on 64-bit), to avoid conflicts when we get new
 contributions.
 -----BEGIN PGP SIGNATURE-----
 
 iQJDBAABCAAtFiEElf+HevZ4QCAJmMQ+jBrnPN6EHHcFAl3qvzwPHG9sb2ZAbGl4
 b20ubmV0AAoJEIwa5zzehBx3ZNoP/Rpd4KSoE4YdKgvn2MJZhJ6an6O9fcGxPj9z
 8Bos9LrYkfE9ai80H/EOfMWOq2XE0H6Wkahv1qk9R/YtXzg/RYtpFFhAeXDcnCXK
 OcVwD7c8RLmFo1pJLo2aBlRm56CCxxvrvKPIeUM12+6/P7GYb2vxHCE3J3bTpPKC
 yps5g/dKSp2sKIoDe4a7EEXO8VLobQZh7khiwcUKK23Mjax4Z/4TXRAxZu5rCqZm
 oyORX/QEx1uGZuJvUNMWJOQaDVbW9LkYqWtktQL0t8jvUwjSLItUtu63/OdgqNV0
 F9mDH+PLySaCvCjL31DmKDFAkOelY8DRL2hbJqmU31FCm+E6i4mBS8EEzvk0QCTY
 cjYDWHcr7RpMBwWzwtiywWTmXq82Cxw9CMQzIiZfxTMthQp1Pe08a1GTr49NXs0b
 sW5rrzXSmQ3vM7hYIoUnGiuPHJQoBcRV2iCySqVekesgHRHCsnGiykPc6Yz+igqO
 BU9u8PBAyaFEDAZBMCuah8YeI6Gsdy35ptNdy1zWTMGCY6vi9aTJdBCzlLs4my0a
 YeQNDe1xzApLE5/gF1JReFSf7g7JopvTN3pSigfHO+mLdbtVY51U76XYngogEIRr
 q1MjO9m9VQ93vSrlXIhgVMHRC8OpxawbB6cQCtlY5ey/AdJRZeX3HSCa32hCui2S
 f6YJ3mBT
 =ozla
 -----END PGP SIGNATURE-----

Merge tag 'armsoc-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/soc/soc

Pull ARM SoC fixes from Olof Johansson:
 "A set of fixes that we've merged late, but for the most part that have
  been sitting in -next for a while through platform maintainer trees:

   - Fixes to suspend/resume on Tegra, caused by the added features this
     merge window

   - Cleanups and minor fixes to TI additions this merge window

   - Tee fixes queued up late before the merge window, included here.

   - A handful of other fixlets

  There's also a refresh of the shareed config files (multi_v* on
  32-bit, and defconfig on 64-bit), to avoid conflicts when we get new
  contributions"

* tag 'armsoc-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/soc/soc: (32 commits)
  ARM: multi_v7_defconfig: Restore debugfs support
  ARM: defconfig: re-run savedefconfig on multi_v* configs
  arm64: defconfig: re-run savedefconfig
  ARM: pxa: Fix resource properties
  soc: mediatek: cmdq: fixup wrong input order of write api
  soc: aspeed: Fix snoop_file_poll()'s return type
  MAINTAINERS: Switch to Marvell addresses
  MAINTAINERS: update Cavium ThunderX drivers
  Revert "arm64: dts: juno: add dma-ranges property"
  MAINTAINERS: Make Nicolas Saenz Julienne the new bcm2835 maintainer
  firmware: arm_scmi: Avoid double free in error flow
  arm64: dts: juno: Fix UART frequency
  ARM: dts: Fix sgx sysconfig register for omap4
  arm: socfpga: execute cold reboot by default
  ARM: dts: Fix vcsi regulator to be always-on for droid4 to prevent hangs
  ARM: dts: dra7: fix cpsw mdio fck clock
  ARM: dts: am57xx-beagle-x15: Update pinmux name to ddr_3_3v
  ARM: dts: omap3-tao3530: Fix incorrect MMC card detection GPIO polarity
  soc/tegra: pmc: Add reset sources and levels on Tegra194
  soc/tegra: pmc: Add missing IRQ callbacks on Tegra194
  ...
2019-12-06 14:19:37 -08:00
Linus Torvalds
9888428102 arm64 updates for 5.5:
- ZONE_DMA32 initialisation fix when memblocks fall entirely within the
   first GB (used by ZONE_DMA in 5.5 for Raspberry Pi 4).
 
 - Couple of ftrace fixes following the FTRACE_WITH_REGS patchset.
 
 - access_ok() fix for the Tagged Address ABI when called from from a
   kernel thread (asynchronous I/O): the kthread does not have the TIF
   flags of the mm owner, so untag the user address unconditionally.
 
 - KVM compute_layout() called before the alternatives code patching.
 
 - Minor clean-ups.
 -----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCgAdFiEE5RElWfyWxS+3PLO2a9axLQDIXvEFAl3qdr8ACgkQa9axLQDI
 XvEKNA/9FWyqesV612qaFkhTFCg0f6byLP4wQf0ZqcZf74L5J6zeUCIc7Mqgdno3
 jWROZNAW69gOYfwHxcBNyPVBpbAcx3k3WBBRWRJPnnJmeQk0oBLVdRziqdGKLxfw
 GhhWGsndnpxDOmyBJOWxZLemZjKFqYX3dhQ9Zi6pvkZgAeFEtIESw6S/iqf42nWL
 1o/LgyQ5kjR6eto1OVW9QOQ83/TlXXlbsvoNwNFGghX1yHjQ6mZ3LITbiFdrbFlT
 FLLwsqlsPzDQcKagszTEHZTbXBf0RojKXWh3HKSEnmPwpacestvLJcKHTD9mtDmY
 Z+rLfyiolZmXoNU9LT6uGTzVD4cRWfzz6eHSYHiufM1UztGSV+dOhIqfPuEOLEu3
 2Xf8sKmQMtuICgbol6Q6ISrjXKH/UNvK2CuuuJSNmOHDlyHKvNfJtoyEhZ5rHUpT
 HQy0qxDCEU7rFCP7clOD/94EGA8gYrV8j5NauY8/VsLpRCMBwoLNglI049qJydaZ
 jL9dPxo+GG7kh7S8VmYwBKtPhqlDNFCzw/HmBBURFhkM1j0nCNt5dKHx+kdLNurg
 nbzRvJ+W42eDze2lmVf33eOfrAy2MfcGr+VuJ5QdmL30bQENCemPrreIy+VnVVR8
 ydeK3lyknJjmX4q8a5o/URsAKvk13crwimNPa0OSoYzDKmWd8SA=
 =vhnZ
 -----END PGP SIGNATURE-----

Merge tag 'arm64-upstream' of git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux

Pull arm64 fixes from Catalin Marinas:

 - ZONE_DMA32 initialisation fix when memblocks fall entirely within the
   first GB (used by ZONE_DMA in 5.5 for Raspberry Pi 4).

 - Couple of ftrace fixes following the FTRACE_WITH_REGS patchset.

 - access_ok() fix for the Tagged Address ABI when called from from a
   kernel thread (asynchronous I/O): the kthread does not have the TIF
   flags of the mm owner, so untag the user address unconditionally.

 - KVM compute_layout() called before the alternatives code patching.

 - Minor clean-ups.

* tag 'arm64-upstream' of git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux:
  arm64: entry: refine comment of stack overflow check
  arm64: ftrace: fix ifdeffery
  arm64: KVM: Invoke compute_layout() before alternatives are applied
  arm64: Validate tagged addresses in access_ok() called from kernel threads
  arm64: mm: Fix column alignment for UXN in kernel_page_tables
  arm64: insn: consistently handle exit text
  arm64: mm: Fix initialisation of DMA zones on non-NUMA systems
2019-12-06 14:18:01 -08:00
David Howells
76f6777c9c pipe: Fix iteration end check in fuse_dev_splice_write()
Fix the iteration end check in fuse_dev_splice_write().  The iterator
position can only be compared with == or != since wrappage may be involved.

Fixes: 8cefc107ca ("pipe: Use head and tail pointers for the ring, not cursor and length")
Reported-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: David Howells <dhowells@redhat.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2019-12-06 13:57:04 -08:00
Linus Torvalds
43a2898631 powerpc updates for 5.5 #2
A few commits splitting the KASAN instrumented bitops header in
 three, to match the split of the asm-generic bitops headers.
 
 This is needed on powerpc because we use asm-generic/bitops/non-atomic.h,
 for the non-atomic bitops, whereas the existing KASAN instrumented
 bitops assume all the underlying operations are provided by the arch
 as arch_foo() versions.
 
 Thanks to:
   Daniel Axtens & Christophe Leroy.
 -----BEGIN PGP SIGNATURE-----
 
 iQJHBAABCAAxFiEEJFGtCPCthwEv2Y/bUevqPMjhpYAFAl3qN0wTHG1wZUBlbGxl
 cm1hbi5pZC5hdQAKCRBR6+o8yOGlgLWFD/4/e3CO1oWjQdDGjgvhydhmhjMQqI9m
 EINQjg3hl0ceig1HzsgjVdWI4TOf7bXbaQRf8m2pFWpA+iSx4KpjlnXzNjfUDapO
 JqzKYfVSdi0o6OAFigDYuN1V5F2jAgrM7/w5PKpVuiAABcgJNcEY59tgEMTdj9r0
 9H3OekYv0UnZ5ZNsUhCibKVvVLdbtys3ALrm1YETAauCkY/lpNk6afcr33t0iw2l
 WAdd2sfWvw4tBn+35ZrNnv7z4hQ423Imd+lyuI5zhMBOOGspgMxlGGeIn370WyAi
 00Jl66TRot6EtWGDVzV10bjB53qDhHrtNIk0NG2QMBB8vdTjBMtXfJnVc3Q8iVZ9
 GkpdvMLNAlmxa4AuzpdHAOUQK48aggQzDmJkGp/JdYT6+WwTa5SLZcsy+njHGyjU
 It+728FnStilM1XvjnaN9pljqANEcN4/YIycK55XGDsZS9fVRMY/QMAQZbdLHfzc
 nB54Q/8vtPc9H69ws3U3g0ogVtYi5ca5RpTPiYU6WUQfEe9mjZdEgglsHC1y8ef2
 9J3Muv4ASDGLjKN+G4dvKLCIgF+QKtsvwrtSztQq6wVnXUxuUQBEQSCaMPN9PN5g
 Hlkjk95WevXcHyXeE2r8cXndUTboIgWRMZp0AHao44du3EziPMCvE0tFAHOEWfV0
 8Oty9Fo5QSb1Mw==
 =FCVX
 -----END PGP SIGNATURE-----

Merge tag 'powerpc-5.5-2' of git://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux

Pull more powerpc updates from Michael Ellerman:
 "A few commits splitting the KASAN instrumented bitops header in three,
  to match the split of the asm-generic bitops headers.

  This is needed on powerpc because we use the generic bitops for the
  non-atomic case only, whereas the existing KASAN instrumented bitops
  assume all the underlying operations are provided by the arch as
  arch_foo() versions.

  Thanks to: Daniel Axtens & Christophe Leroy"

* tag 'powerpc-5.5-2' of git://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux:
  docs/core-api: Remove possibly confusing sub-headings from Bit Operations
  powerpc: support KASAN instrumentation of bitops
  kasan: support instrumented bitops combined with generic bitops
2019-12-06 13:36:31 -08:00
Linus Torvalds
f89d416a86 powerpc fixes for 5.5 #3
One fix for a regression introduced by our recent rework of cache flushing on
 memory hotunplug.
 
 Like several other arches, our VDSO clock_getres() needed a fix to match the
 semantics of posix_get_hrtimer_res().
 
 A fix for a boot crash on Power9 LPARs using PCI LSI interrupts.
 
 A commit disabling use of the trace_imc PMU (not the core PMU) on Power9
 systems, because it can lead to checkstops, until a workaround is developed.
 
 A handful of other minor fixes.
 
 Thanks to:
   Aneesh Kumar K.V, Anju T Sudhakar, Ard Biesheuvel, Christophe Leroy, Cédric Le
   Goater, Madhavan Srinivasan, Vincenzo Frascino.
 -----BEGIN PGP SIGNATURE-----
 
 iQJHBAABCAAxFiEEJFGtCPCthwEv2Y/bUevqPMjhpYAFAl3qRJcTHG1wZUBlbGxl
 cm1hbi5pZC5hdQAKCRBR6+o8yOGlgDymD/4lqWlFnXBUJA0MrYGa6PI7AA7W+oFC
 vVAFobQ0kCI7RiWv8UW1GKAOkQKIhIhCxl/TEv5DNevajelsvfaPeF/nlI5fL2y9
 klrvpMvQmEvBVTDispKQy3+pIr8EDWlvVOhFzU8YQMSZirxACLCmM/XNSmboCSR8
 Y3chFNgEL9nYpEVxX+IhN9oTJ8/eCJqfp8QhcVt1kG/jXnf8CVfSx7z/Qr1IarIT
 3LiiDBCCJbtG4WWH3Ku9WaCBZ66QxcTz/3RonGffYhalguhQjXl2vSdz9gg/icos
 G0H372ONZ5MkUj+IkyTTs/tmg2QVEzn1ZsVkstJZphbJ+/5VmrpdiAH0FvuJ/CaN
 kJ0dww4I9IEC2bl9Ok9XKNZSoQaXckfkPdX6JcHqD52pCIaBCoG+MdOvi0eMfcBj
 SDKuCK2BiAz+aOt0buSaqlgUNA6wXneb96h3I0u7CcV/CuzKChkJMLC6aJYB32DB
 gPZsnaespvOHBtbcLFP6RFAlY/nwaeLHTfSlLrbvs6k+5w9+ZUHA81uMzEBhNLN6
 ANPx57lDOzmlAQ/8fLyvGRWCdYZVGKmO4GaQXV9eDKn6lNV94hHkYMe0JX0bI0M9
 1SZP20t+zBBBV80nO7+JHEAxpTnT4RA6GNJ8p/bPyawEo6xdD1IMIZQy+EKYg++Q
 BeK76ccKp7wtZg==
 =1Q9O
 -----END PGP SIGNATURE-----

Merge tag 'powerpc-5.5-3' of git://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux

Pull powerpc fixes from Michael Ellerman:
 "One fix for a regression introduced by our recent rework of cache
  flushing on memory hotunplug.

  Like several other arches, our VDSO clock_getres() needed a fix to
  match the semantics of posix_get_hrtimer_res().

  A fix for a boot crash on Power9 LPARs using PCI LSI interrupts.

  A commit disabling use of the trace_imc PMU (not the core PMU) on
  Power9 systems, because it can lead to checkstops, until a workaround
  is developed.

  A handful of other minor fixes.

  Thanks to: Aneesh Kumar K.V, Anju T Sudhakar, Ard Biesheuvel,
  Christophe Leroy, Cédric Le Goater, Madhavan Srinivasan, Vincenzo
  Frascino"

* tag 'powerpc-5.5-3' of git://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux:
  powerpc/perf: Disable trace_imc pmu
  powerpc/powernv: Avoid re-registration of imc debugfs directory
  powerpc/pmem: Convert to EXPORT_SYMBOL_GPL
  powerpc/archrandom: fix arch_get_random_seed_int()
  powerpc: Fix vDSO clock_getres()
  powerpc/pmem: Fix kernel crash due to wrong range value usage in flush_dcache_range
  powerpc/xive: Skip ioremap() of ESB pages for LSI interrupts
  powerpc/kasan: Fix boot failure with RELOCATABLE && FSL_BOOKE
2019-12-06 13:34:31 -08:00
Linus Torvalds
3cf2890f29 sound updates #2 for 5.5-rc1
A few last-minute updates, most of them are the regression fixes:
 - AMD HD-audio HDMI runtime PM improvements
 - Fixes for HD-audio HDMI regressions wrt DP-MST
 - A regression fix for the previous aloop enhancement
 - A fix for a long-time problem in PCM OSS layer that was spotted by
   fuzzer now
 - A few HD-audio quirks
 -----BEGIN PGP SIGNATURE-----
 
 iQJCBAABCAAsFiEEIXTw5fNLNI7mMiVaLtJE4w1nLE8FAl3qVZwOHHRpd2FpQHN1
 c2UuZGUACgkQLtJE4w1nLE9jNRAA1Z/OAAwuoOHPDRVCKvlsZ/cm2FG7jaaTxSpi
 p8jcs59gKhIzeDD9w2WMNr8sw7mx+S7t4r0OPLqGyOlmfwxOIPiZ9P4WJAr+EXJV
 IWjG/lfyqWswcLQIo543OKEDv/4enKnKGL5UxBQyHUDmBsnK0dRLmVchQvGfZrwJ
 wV6Z7qfpBg/DqCA5cEZj6M2j+CyWn6PzBwK7mJTEO9r/JPwONRK9kSu85kbKSGyp
 GpKosgMv9jJ3aoC9sPgEEh03i++y5q/Sn9LrMkuv7oCF7to46DmpXobKQAod9sQT
 nnFYhXNz9y2kStNPlWuQbNTUxdBN5Ad06AzlAFYRv+IVB3rTbSfotRvMJBg6nBnH
 rICv6gEn1+E6voDszPH40+9DbvEUaXdE1F3qZNv2eQd3hFCUjQg4KFY+g8YpsFI6
 AqEt68vRt6zZrfYNrL8loADvckyy+lLc3PQmfsLvF8Wr0T04cBAUC3fIJc+sYd3V
 kZQhAZBiL0qihmF/PZKjdycmT8+3GpRkZwhlZdOBe1t39ZeXy7ztxnROYqZcxEZK
 BZUoBq7sh0qSui1sfxF8uuUp/H1wprbJYwTrjmPLTo3eYRTYpwfbi7bZQ0hLkKUF
 C3Haf4e4IWWZabl+6HcdZhXfcXXSH+1pnV2ITjh83nbnd2+wEVnzS705s9qaD7ge
 SGgWfcY=
 =eLUD
 -----END PGP SIGNATURE-----

Merge tag 'sound-fix-5.5-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound

Pull more sound updates from Takashi Iwai:
 "A few last-minute updates, most of them are the regression fixes:

   - AMD HD-audio HDMI runtime PM improvements

   - Fixes for HD-audio HDMI regressions wrt DP-MST

   - A regression fix for the previous aloop enhancement

   - A fix for a long-time problem in PCM OSS layer that was spotted by
     fuzzer now

   - A few HD-audio quirks"

* tag 'sound-fix-5.5-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound:
  ALSA: pcm: oss: Avoid potential buffer overflows
  ALSA: hda: hdmi - Keep old slot assignment behavior for Intel platforms
  ALSA: hda: Modify stream stripe mask only when needed
  ALSA: hda - fixup for the bass speaker on Lenovo Carbon X1 7th gen
  ALSA: hda: hdmi - preserve non-MST PCM routing for Intel platforms
  ALSA: hda: hdmi - fix kernel oops caused by invalid PCM idx
  ALSA: hda/realtek - Fix inverted bass GPIO pin on Acer 8951G
  ALSA: hda/realtek - Dell headphone has noise on unmute for ALC236
  ALSA: hda: hdmi - fix regression in connect list handling
  ALSA: aloop: Avoid pointer dereference before null-check
  ALSA: hda/hdmi - enable automatic runtime pm for AMD HDMI codecs by default
  ALSA: hda/hdmi - enable runtime pm for newer AMD display audio
  ALSA: hda/hdmi - Add new pci ids for AMD GPU display audio
  ALSA: hda/hdmi - fix vgaswitcheroo detection for AMD
2019-12-06 13:06:14 -08:00
Linus Torvalds
ec057595cb pipe: fix incorrect caching of pipe state over pipe_wait()
Similarly to commit 8f868d68d3 ("pipe: Fix missing mask update after
pipe_wait()") this fixes a case where the pipe rewrite ended up caching
the pipe state incorrectly over a pipe lock drop event.

It wasn't quite as obvious, because you needed to splice data from a
pipe to a file, which is a fairly unusual operation, but it's completely
wrong.

Make sure we load the pipe head/tail/size information only after we've
waited for there to be data in the pipe.

While in that file, also make one of the splice helper functions use the
canonical arghument order for pipe_empty().  That's syntactic - pipe
emptiness is just that head and tail are equal, and thus mixing up head
and tail doesn't really matter.  It's still wrong, though.

Reported-by: David Sterba <dsterba@suse.cz>
Cc: David Howells <dhowells@redhat.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2019-12-06 12:40:35 -08:00
Steve French
fdef665ba4 smb3: fix mode passed in on create for modetosid mount option
When using the special SID to store the mode bits in an ACE (See
http://technet.microsoft.com/en-us/library/hh509017(v=ws.10).aspx)
which is enabled with mount parm "modefromsid" we were not
passing in the mode via SMB3 create (although chmod was enabled).
SMB3 create allows a security descriptor context to be passed
in (which is more atomic and thus preferable to setting the mode
bits after create via a setinfo).

This patch enables setting the mode bits on create when using
modefromsid mount option.  In addition it fixes an endian
error in the definition of the Control field flags in the SMB3
security descriptor. It also makes the ACE type of the special
SID better match the documentation (and behavior of servers
which use this to store mode bits in SMB3 ACLs).

Signed-off-by: Steve French <stfrench@microsoft.com>
Acked-by: Ronnie Sahlberg <lsahlber@redhat.com>
Reviewed-by: Pavel Shilovsky <pshilov@microsoft.com>
2019-12-06 14:15:52 -06:00
Eric Dumazet
1af66221a6 net: avoid an indirect call in ____sys_recvmsg()
CONFIG_RETPOLINE=y made indirect calls expensive.

gcc seems to add an indirect call in ____sys_recvmsg().

Rewriting the code slightly makes sure to avoid this indirection.

Alternative would be to not call sock_recvmsg() and instead
use security_socket_recvmsg() and sock_recvmsg_nosec(),
but this is less readable IMO.

Signed-off-by: Eric Dumazet <edumazet@google.com>
Cc: Paolo Abeni <pabeni@redhat.com>
Cc: David Laight <David.Laight@aculab.com>
Acked-by: Paolo Abeni <pabeni@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2019-12-06 12:06:44 -08:00
Chuhong Yuan
462f8554a8 phy: mdio-thunder: add missed pci_release_regions in remove
The driver forgets to call pci_release_regions() in remove like that
in probe failure.
Add the missed call to fix it.

Signed-off-by: Chuhong Yuan <hslester96@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2019-12-06 12:05:06 -08:00
Taehee Yoo
9cf1cd8ee3 tipc: fix ordering of tipc module init and exit routine
In order to set/get/dump, the tipc uses the generic netlink
infrastructure. So, when tipc module is inserted, init function
calls genl_register_family().
After genl_register_family(), set/get/dump commands are immediately
allowed and these callbacks internally use the net_generic.
net_generic is allocated by register_pernet_device() but this
is called after genl_register_family() in the __init function.
So, these callbacks would use un-initialized net_generic.

Test commands:
    #SHELL1
    while :
    do
        modprobe tipc
        modprobe -rv tipc
    done

    #SHELL2
    while :
    do
        tipc link list
    done

Splat looks like:
[   59.616322][ T2788] kasan: CONFIG_KASAN_INLINE enabled
[   59.617234][ T2788] kasan: GPF could be caused by NULL-ptr deref or user memory access
[   59.618398][ T2788] general protection fault: 0000 [#1] SMP DEBUG_PAGEALLOC KASAN PTI
[   59.619389][ T2788] CPU: 3 PID: 2788 Comm: tipc Not tainted 5.4.0+ #194
[   59.620231][ T2788] Hardware name: innotek GmbH VirtualBox/VirtualBox, BIOS VirtualBox 12/01/2006
[   59.621428][ T2788] RIP: 0010:tipc_bcast_get_broadcast_mode+0x131/0x310 [tipc]
[   59.622379][ T2788] Code: c7 c6 ef 8b 38 c0 65 ff 0d 84 83 c9 3f e8 d7 a5 f2 e3 48 8d bb 38 11 00 00 48 b8 00 00 00 00
[   59.622550][ T2780] NET: Registered protocol family 30
[   59.624627][ T2788] RSP: 0018:ffff88804b09f578 EFLAGS: 00010202
[   59.624630][ T2788] RAX: dffffc0000000000 RBX: 0000000000000011 RCX: 000000008bc66907
[   59.624631][ T2788] RDX: 0000000000000229 RSI: 000000004b3cf4cc RDI: 0000000000001149
[   59.624633][ T2788] RBP: ffff88804b09f588 R08: 0000000000000003 R09: fffffbfff4fb3df1
[   59.624635][ T2788] R10: fffffbfff50318f8 R11: ffff888066cadc18 R12: ffffffffa6cc2f40
[   59.624637][ T2788] R13: 1ffff11009613eba R14: ffff8880662e9328 R15: ffff8880662e9328
[   59.624639][ T2788] FS:  00007f57d8f7b740(0000) GS:ffff88806cc00000(0000) knlGS:0000000000000000
[   59.624645][ T2788] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   59.625875][ T2780] tipc: Started in single node mode
[   59.626128][ T2788] CR2: 00007f57d887a8c0 CR3: 000000004b140002 CR4: 00000000000606e0
[   59.633991][ T2788] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   59.635195][ T2788] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   59.636478][ T2788] Call Trace:
[   59.637025][ T2788]  tipc_nl_add_bc_link+0x179/0x1470 [tipc]
[   59.638219][ T2788]  ? lock_downgrade+0x6e0/0x6e0
[   59.638923][ T2788]  ? __tipc_nl_add_link+0xf90/0xf90 [tipc]
[   59.639533][ T2788]  ? tipc_nl_node_dump_link+0x318/0xa50 [tipc]
[   59.640160][ T2788]  ? mutex_lock_io_nested+0x1380/0x1380
[   59.640746][ T2788]  tipc_nl_node_dump_link+0x4fd/0xa50 [tipc]
[   59.641356][ T2788]  ? tipc_nl_node_reset_link_stats+0x340/0x340 [tipc]
[   59.642088][ T2788]  ? __skb_ext_del+0x270/0x270
[   59.642594][ T2788]  genl_lock_dumpit+0x85/0xb0
[   59.643050][ T2788]  netlink_dump+0x49c/0xed0
[   59.643529][ T2788]  ? __netlink_sendskb+0xc0/0xc0
[   59.644044][ T2788]  ? __netlink_dump_start+0x190/0x800
[   59.644617][ T2788]  ? __mutex_unlock_slowpath+0xd0/0x670
[   59.645177][ T2788]  __netlink_dump_start+0x5a0/0x800
[   59.645692][ T2788]  genl_rcv_msg+0xa75/0xe90
[   59.646144][ T2788]  ? __lock_acquire+0xdfe/0x3de0
[   59.646692][ T2788]  ? genl_family_rcv_msg_attrs_parse+0x320/0x320
[   59.647340][ T2788]  ? genl_lock_dumpit+0xb0/0xb0
[   59.647821][ T2788]  ? genl_unlock+0x20/0x20
[   59.648290][ T2788]  ? genl_parallel_done+0xe0/0xe0
[   59.648787][ T2788]  ? find_held_lock+0x39/0x1d0
[   59.649276][ T2788]  ? genl_rcv+0x15/0x40
[   59.649722][ T2788]  ? lock_contended+0xcd0/0xcd0
[   59.650296][ T2788]  netlink_rcv_skb+0x121/0x350
[   59.650828][ T2788]  ? genl_family_rcv_msg_attrs_parse+0x320/0x320
[   59.651491][ T2788]  ? netlink_ack+0x940/0x940
[   59.651953][ T2788]  ? lock_acquire+0x164/0x3b0
[   59.652449][ T2788]  genl_rcv+0x24/0x40
[   59.652841][ T2788]  netlink_unicast+0x421/0x600
[ ... ]

Fixes: 7e43690578 ("tipc: fix a slab object leak")
Fixes: a62fbccecd ("tipc: make subscriber server support net namespace")
Signed-off-by: Taehee Yoo <ap420073@gmail.com>
Acked-by: Jon Maloy <jon.maloy@ericsson.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2019-12-06 12:01:09 -08:00
Vladyslav Tarasiuk
9f104c7736 mqprio: Fix out-of-bounds access in mqprio_dump
When user runs a command like
tc qdisc add dev eth1 root mqprio
KASAN stack-out-of-bounds warning is emitted.
Currently, NLA_ALIGN macro used in mqprio_dump provides too large
buffer size as argument for nla_put and memcpy down the call stack.
The flow looks like this:
1. nla_put expects exact object size as an argument;
2. Later it provides this size to memcpy;
3. To calculate correct padding for SKB, nla_put applies NLA_ALIGN
   macro itself.

Therefore, NLA_ALIGN should not be applied to the nla_put parameter.
Otherwise it will lead to out-of-bounds memory access in memcpy.

Fixes: 4e8b86c062 ("mqprio: Introduce new hardware offload mode and shaper in mqprio")
Signed-off-by: Vladyslav Tarasiuk <vladyslavt@mellanox.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2019-12-06 11:58:45 -08:00
Jongsung Kim
f421031e3f net: stmmac: reset Tx desc base address before restarting Tx
Refer to the databook of DesignWare Cores Ethernet MAC Universal:

6.2.1.5 Register 4 (Transmit Descriptor List Address Register

If this register is not changed when the ST bit is set to 0, then
the DMA takes the descriptor address where it was stopped earlier.

The stmmac_tx_err() does zero indices to Tx descriptors, but does
not reset HW current Tx descriptor address. To fix inconsistency,
the base address of the Tx descriptors should be rewritten before
restarting Tx.

Signed-off-by: Jongsung Kim <neidhard.kim@lge.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2019-12-06 11:50:36 -08:00
Yangbo Lu
a6a10d45d1 enetc: disable EEE autoneg by default
The EEE support has not been enabled on ENETC, but it may connect
to a PHY which supports EEE and advertises EEE by default, while
its link partner also advertises EEE. If this happens, the PHY enters
low power mode when the traffic rate is low and causes packet loss.
This patch disables EEE advertisement by default for any PHY that
ENETC connects to, to prevent the above unwanted outcome.

Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
Reviewed-by: Claudiu Manoil <claudiu.manoil@nxp.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2019-12-06 11:47:26 -08:00
Dmitry Torokhov
afbd65f5e7 Merge branch 'next' into for-linus
Prepare second round of updates for 5.5 merge window.
2019-12-06 11:14:23 -08:00
Linus Torvalds
7ada90eb9c drm msm + fixes for 5.5-rc1
msm-next:
 - OCMEM support for a3xx and a4xx GPUs.
 - a510 support + display support
 
 core:
 - mst payload deletion fix
 
 i915:
 - uapi alignment fix
 - fix for power usage regression due to security fixes
 - change default preemption timeout to 640ms from 100ms
 - EHL voltage level display fixes
 - TGL DGL PHY fix
 - gvt - MI_ATOMIC cmd parser fix, CFL non-priv warning
 - CI spotted deadlock fix
 - EHL port D programming fix
 
 amdgpu:
 - VRAM lost fixes on BACO for CI/VI
 - navi14 DC fixes
 - misc SR-IOV, gfx10 fixes
 - XGMI fixes for arcturus
 - SRIOV fixes
 
 amdkfd:
 - KFD on ppc64le enabled
 - page table optimisations
 
 radeon:
 - fix for r1xx/2xx register checker.
 
 tegra:
 - displayport regression fixes
 - DMA API regression fixes
 
 mgag200:
 - fix devices that can't scanout except at 0 addr
 
 omap:
 - fix dma_addr refcounting
 -----BEGIN PGP SIGNATURE-----
 
 iQIcBAABAgAGBQJd6cqnAAoJEAx081l5xIa+YR0P/A0LkilEbSnF/k7zKDjm0HN8
 JGsf9ZfQRGA2y8URoLRtNdFjZfyuTSpiDSxsbDI0ShBhRimGHyCSxAJXO42vp8q3
 jE57jBoaTSiGtagSO3nxrc1vQP7CfUpaggC2ilKSmcVvTrlqip6iPx7s2PoNyQYc
 GRVUhkcylnZK5UrMiE8Yz/iNcy3Mh0X8bJQKXMEYxpW2KA3SL4qxuRlYIxXEoMyB
 4MlWEV09wHTduf1uYuKdusHjILgR5EiVOdmbvpM92obqZOTokt5/S20TEdhFqiy0
 0IHxuEkgVx+trXzGFbmqgh2I7BZvZIbKVCSnBT4AXAvUEJ99kGTdEP0I6uOp2lsC
 1DCm+7/hcI8BlwmwC9N6ogUwoAzKn7DNc1urcet/0QVbnZLZlueUK/6fSgUNnUYe
 miOeMNBmfHr83b75MpnNxYVoyz5S+/DFbtUplYKqxgjDYfiWWceSSE47NB+IHAiI
 RVpz3AxGpKaw4/w5l2q8VuToWZxdO85TNjgVCTmKfwlYjIbEuveWpZNFqO/GHMm9
 x50f4ZYVOjU2TEPnLQNTIJOgv71JrTpoAdFzPVwCeWUf4h4Y4lVLgTLvdG1JLcw+
 k9BrA5z2R0kjzPtabRhS6WfSjpgSbY3DgY9hfi+HIUmKvZq4fdtAbBlp1oGSXJ9N
 zkVrs9eE6Ahkcndi6ZV9
 =3cs2
 -----END PGP SIGNATURE-----

Merge tag 'drm-next-2019-12-06' of git://anongit.freedesktop.org/drm/drm

Pull more drm updates from Dave Airlie:
 "Rob pointed out I missed his pull request for msm-next, it's been in
  next for a while outside of my tree so shouldn't cause any unexpected
  issues, it has some OCMEM support in drivers/soc that is acked by
  other maintainers as it's outside my tree.

  Otherwise it's a usual fixes pull, i915, amdgpu, the main ones, with
  some tegra, omap, mgag200 and one core fix.

  Summary:

  msm-next:
   - OCMEM support for a3xx and a4xx GPUs.
   - a510 support + display support

  core:
   - mst payload deletion fix

  i915:
   - uapi alignment fix
   - fix for power usage regression due to security fixes
   - change default preemption timeout to 640ms from 100ms
   - EHL voltage level display fixes
   - TGL DGL PHY fix
   - gvt - MI_ATOMIC cmd parser fix, CFL non-priv warning
   - CI spotted deadlock fix
   - EHL port D programming fix

  amdgpu:
   - VRAM lost fixes on BACO for CI/VI
   - navi14 DC fixes
   - misc SR-IOV, gfx10 fixes
   - XGMI fixes for arcturus
   - SRIOV fixes

  amdkfd:
   - KFD on ppc64le enabled
   - page table optimisations

  radeon:
   - fix for r1xx/2xx register checker.

  tegra:
   - displayport regression fixes
   - DMA API regression fixes

  mgag200:
   - fix devices that can't scanout except at 0 addr

  omap:
   - fix dma_addr refcounting"

* tag 'drm-next-2019-12-06' of git://anongit.freedesktop.org/drm/drm: (100 commits)
  drm/dp_mst: Correct the bug in drm_dp_update_payload_part1()
  drm/omap: fix dma_addr refcounting
  drm/tegra: Run hub cleanup on ->remove()
  drm/tegra: sor: Make the +5V HDMI supply optional
  drm/tegra: Silence expected errors on IOMMU attach
  drm/tegra: vic: Export module device table
  drm/tegra: sor: Implement system suspend/resume
  drm/tegra: Use proper IOVA address for cursor image
  drm/tegra: gem: Remove premature import restrictions
  drm/tegra: gem: Properly pin imported buffers
  drm/tegra: hub: Remove bogus connection mutex check
  ia64: agp: Replace empty define with do while
  agp: Add bridge parameter documentation
  agp: remove unused variable num_segments
  agp: move AGPGART_MINOR to include/linux/miscdevice.h
  agp: remove unused variable size in agp_generic_create_gatt_table
  drm/dp_mst: Fix build on systems with STACKTRACE_SUPPORT=n
  drm/radeon: fix r1xx/r2xx register checker for POT textures
  drm/amdgpu: fix GFX10 missing CSIB set(v3)
  drm/amdgpu: should stop GFX ring in hw_fini
  ...
2019-12-06 10:28:09 -08:00
Linus Torvalds
9feb1af97e for-linus-20191205
-----BEGIN PGP SIGNATURE-----
 
 iQJEBAABCAAuFiEEwPw5LcreJtl1+l5K99NY+ylx4KYFAl3puL4QHGF4Ym9lQGtl
 cm5lbC5kawAKCRD301j7KXHgpjOJD/4vV2ENSYcwZ7Qezgn9tx5NEdADN6jC0DXe
 tJDnA0sDLfLTlVM9I1U2/wD6Wu31cvV2dHKmxO+WWWRP2M0orI00UA3I6BssVptY
 42e/YJd13IM+iVrhfhm+hmcAHvQUmWHTPZg/7F7OZPkEtNcbCjn6s+HTyzu9gqtt
 /kbJVDJ75TR9dEWCPY/A4jUcJYLw2leoHI4u2eqYRsTFNJHUQoaFUHDyNHyj7UNI
 kIUi2UixJv+a4pkFvyLPKhJcLr6DBC2TeUnfP2Re5oX1Z/XkDR7iX+L5dUwRHHbT
 4M7aJJ+mHDm8Z4IwwBqsSDRU5wUpzuplwBQBY/EQilUZAyOALVzUQABlRa0zxH8t
 0D4U6LDDOopYeK0by/FGdD88S6Z0LKm0HJETbdPaGd9fqSlhBn19iGeBKYk0cCIu
 Uecm9DKF+QLfKhTbN6h8nPyR3bfkqyUptQJ1UnheWo9f6L32bfp19sdI9LdtRUnS
 k661QApajaYQu/641u9CDZiI+DvI+57Wm9I4eCF3GXqOYWPAxSgWP7rJVgS+mfA3
 wo99/r11SruaA1Wqf+bOoN/wjsQCiUPFa8po8sh05ER4MH5Brb5EFlg04ZlQZkR9
 jOdiL8ISM9t86eyKwtR4PanE7/pPEYUjEWm4ntCC6ViTwCvgV3d6s2We6QPw1j2l
 nQ9p/c2bhg==
 =7ZFw
 -----END PGP SIGNATURE-----

Merge tag 'for-linus-20191205' of git://git.kernel.dk/linux-block

Pull more block and io_uring updates from Jens Axboe:
 "I wasn't expecting this to be so big, and if I was, I would have used
  separate branches for this. Going forward I'll be doing separate
  branches for the current tree, just like for the next kernel version
  tree. In any case, this contains:

   - Series from Christoph that fixes an inherent race condition with
     zoned devices and revalidation.

   - null_blk zone size fix (Damien)

   - Fix for a regression in this merge window that caused busy spins by
     sending empty disk uevents (Eric)

   - Fix for a regression in this merge window for bfq stats (Hou)

   - Fix for io_uring creds allocation failure handling (me)

   - io_uring -ERESTARTSYS send/recvmsg fix (me)

   - Series that fixes the need for applications to retain state across
     async request punts for io_uring. This one is a bit larger than I
     would have hoped, but I think it's important we get this fixed for
     5.5.

   - connect(2) improvement for io_uring, handling EINPROGRESS instead
     of having applications needing to poll for it (me)

   - Have io_uring use a hash for poll requests instead of an rbtree.
     This turned out to work much better in practice, so I think we
     should make the switch now. For some workloads, even with a fair
     amount of cancellations, the insertion sort is just too expensive.
     (me)

   - Various little io_uring fixes (me, Jackie, Pavel, LimingWu)

   - Fix for brd unaligned IO, and a warning for the future (Ming)

   - Fix for a bio integrity data leak (Justin)

   - bvec_iter_advance() improvement (Pavel)

   - Xen blkback page unmap fix (SeongJae)

  The major items in here are all well tested, and on the liburing side
  we continue to add regression and feature test cases. We're up to 50
  topic cases now, each with anywhere from 1 to more than 10 cases in
  each"

* tag 'for-linus-20191205' of git://git.kernel.dk/linux-block: (33 commits)
  block: fix memleak of bio integrity data
  io_uring: fix a typo in a comment
  bfq-iosched: Ensure bio->bi_blkg is valid before using it
  io_uring: hook all linked requests via link_list
  io_uring: fix error handling in io_queue_link_head
  io_uring: use hash table for poll command lookups
  io-wq: clear node->next on list deletion
  io_uring: ensure deferred timeouts copy necessary data
  io_uring: allow IO_SQE_* flags on IORING_OP_TIMEOUT
  null_blk: remove unused variable warning on !CONFIG_BLK_DEV_ZONED
  brd: warn on un-aligned buffer
  brd: remove max_hw_sectors queue limit
  xen/blkback: Avoid unmapping unmapped grant pages
  io_uring: handle connect -EINPROGRESS like -EAGAIN
  block: set the zone size in blk_revalidate_disk_zones atomically
  block: don't handle bio based drivers in blk_revalidate_disk_zones
  block: allocate the zone bitmaps lazily
  block: replace seq_zones_bitmap with conv_zones_bitmap
  block: simplify blkdev_nr_zones
  block: remove the empty line at the end of blk-zoned.c
  ...
2019-12-06 10:08:59 -08:00
Linus Torvalds
0aecba6173 Merge branch 'fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
Pull vfs d_inode/d_flags memory ordering fixes from Al Viro:
 "Fallout from tree-wide audit for ->d_inode/->d_flags barriers use.
  Basically, the problem is that negative pinned dentries require
  careful treatment - unless ->d_lock is locked or parent is held at
  least shared, another thread can make them positive right under us.

  Most of the uses turned out to be safe - the main surprises as far as
  filesystems are concerned were

   - race in dget_parent() fastpath, that might end up with the caller
     observing the returned dentry _negative_, due to insufficient
     barriers. It is positive in memory, but we could end up seeing the
     wrong value of ->d_inode in CPU cache. Fixed.

   - manual checks that result of lookup_one_len_unlocked() is positive
     (and rejection of negatives). Again, insufficient barriers (we
     might end up with inconsistent observed values of ->d_inode and
     ->d_flags). Fixed by switching to a new primitive that does the
     checks itself and returns ERR_PTR(-ENOENT) instead of a negative
     dentry. That way we get rid of boilerplate converting negatives
     into ERR_PTR(-ENOENT) in the callers and have a single place to
     deal with the barrier-related mess - inside fs/namei.c rather than
     in every caller out there.

  The guts of pathname resolution *do* need to be careful - the race
  found by Ritesh is real, as well as several similar races.
  Fortunately, it turns out that we can take care of that with fairly
  local changes in there.

  The tree-wide audit had not been fun, and I hate the idea of repeating
  it. I think the right approach would be to annotate the places where
  we are _not_ guaranteed ->d_inode/->d_flags stability and have sparse
  catch regressions. But I'm still not sure what would be the least
  invasive way of doing that and it's clearly the next cycle fodder"

* 'fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs:
  fs/namei.c: fix missing barriers when checking positivity
  fix dget_parent() fastpath race
  new helper: lookup_positive_unlocked()
  fs/namei.c: pull positivity check into follow_managed()
2019-12-06 09:06:58 -08:00
Olof Johansson
30f55eae47 This pull request contains the second batch of changes for Broadcom
ARM-based SoCs, please pull the following:
 
 - Nicolas declares a CMA area within the first 1GB of DRAM in order for
   it to be guaranteed to reside there, otherwise ARM64's memory
   initialization will pick up a CMA area within ZONE_DMA32
 
 - Stefan adds the Device Tree node for the built-in Ethernet controller
   (GENET) on the Raspberry Pi 4 model B board
 -----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCgAdFiEEm+Rq3+YGJdiR9yuFh9CWnEQHBwQFAl3S0/UACgkQh9CWnEQH
 BwT8TRAA4dc59NUOpqSZfTZeKV4gHlATVVwB08a2e1j3KW3lfac9C1uwEq/7EsDv
 oj4s+8Uy1Gu70Vd4ii7RGcgWhkkE3J95K48pDqPh9YyfhYxPaboxr1elwGnUmcE4
 Seys0PuK/H1xzc2H/SHUEjodZ2XC0fmCS4pgOmMHND5kD4/jFFg67pjg71vA6NjY
 Gpzgqhx7vwlgn/jyf7yb8nNRk9jm4a6BDZDMK6BRWeSJ3IArZrhYnsHqv2sX1Kj4
 VvKj0nd3rZmZkglfSeRK48/TBpxUneIzhMAp+Si3zq/HRjZR1TQRdKZuH3zloD2K
 oqWV2ZSmcTrQChjaDow2BZl5LbG33RFut+u1Ak+k66YR4Y+PlA3UIePcQXwiqjes
 1o/Wubh5YnV13MFsUB63R275AN5p8/NHEZNxZp2+9Z200mKFPzNwvh4UhHDyZ/Z9
 D0UrDSTjGBpHCH2SMIXTz1pW67S899hV/Jh8GKbXLzgveUtsc1soBxVBcECmhz6X
 yEJ9b2g3FW1mnd4cJSe6ONqLaxzULA2CWOfhdKDfoJ4aqbqdKCXCWyZ03yJW+BVM
 vwxpCkLrpmtRhm9n8I8ZhxE3MqiIkp2AzKh3HgW5u5Cxf0znOCoToUTfIZHjMQHs
 1ldxdyNrIJEU3kbYJV+BO24W/Y27snoHzi+/pCE5IVMGYdxfE5A=
 =yVJh
 -----END PGP SIGNATURE-----

Merge tag 'arm-soc/for-5.5/devicetree-part2' of https://github.com/Broadcom/stblinux into arm/fixes

This pull request contains the second batch of changes for Broadcom
ARM-based SoCs, please pull the following:

- Nicolas declares a CMA area within the first 1GB of DRAM in order for
  it to be guaranteed to reside there, otherwise ARM64's memory
  initialization will pick up a CMA area within ZONE_DMA32

- Stefan adds the Device Tree node for the built-in Ethernet controller
  (GENET) on the Raspberry Pi 4 model B board

* tag 'arm-soc/for-5.5/devicetree-part2' of https://github.com/Broadcom/stblinux:
  ARM: dts: bcm2711-rpi-4: Enable GENET support
  ARM: dts: bcm2711: force CMA into first GB of memory

Link: https://lore.kernel.org/r/20191118182931.11884-1-f.fainelli@gmail.com
Signed-off-by: Olof Johansson <olof@lixom.net>
2019-12-06 08:29:56 -08:00
Olof Johansson
916a914062 memory: tegra: Fixes for v5.5-rc1
This contains a fix for a kernel panic that can occur on suspend if EMC
 timings are not available in device tree.
 -----BEGIN PGP SIGNATURE-----
 
 iQJHBAABCAAxFiEEiOrDCAFJzPfAjcif3SOs138+s6EFAl3nq0MTHHRyZWRpbmdA
 bnZpZGlhLmNvbQAKCRDdI6zXfz6zodFYD/9gNLCDt9QcdUAZB2lDM5DoRScR6j5U
 6yPomGt227t7cA0UWGu5Gy9L0C4vGTYZlAhoA+MOl9dQfk2lN5h9GJNv2cDpPlU1
 H9CnBq7WN69C5Tto7Kq+WX2ooQ+EuODPGHBJAOqwjsd5mxU+52QErZAuMoasTYT4
 lx3Nq4oZSb/A/myCKVkjxSvI2rzLeh0EK5m8RgisVpMze0HebKARwOfYILgQ9MBo
 +O5doGNu/AdXfLKLiK2AGZMcJP8c5qzaM8wyKU7VEV7nGgXtfv0K2rZINVuZpwq2
 pZnbSRuRenTEpRwjSo/cHvTX8kjlHduJKWN3AzoihGmEJXNfWx7Cuqn/8T6snTdA
 qmGIMlOd7OrLdNFKYVyBMKB/5bSVKubHES0AaMaqKv1V1NMwNEdKL7aChGjNvNWA
 A7fQYAWiQ3xg4frNvWxyk8Px9pe9gZJkz4ltJyh3aOG/sNFuSH7FLdc9az01riHs
 mej/W103JsyW53OWmbLjtI47v6W5WsFtYshl7mZjfx7W/PNyPwAJdlQZb8I8Qj/6
 KAGSY7MAkeRdRGuFFE4t4D3zFPb0gq2f3m1VrUUE7K6wCqh6/sH0Vxz3JxRNIfdM
 UIGD3FCZV0hJyzaAnxx3QR0lGojRyB68Tr+pqj5jjWXuBPss3rlyT7USHaKvcU0L
 xxRCTl6u2OOGEg==
 =zun7
 -----END PGP SIGNATURE-----

Merge tag 'tegra-for-5.5-memory-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/tegra/linux into arm/fixes

memory: tegra: Fixes for v5.5-rc1

This contains a fix for a kernel panic that can occur on suspend if EMC
timings are not available in device tree.

* tag 'tegra-for-5.5-memory-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/tegra/linux:
  memory: tegra30-emc: Fix panic on suspend

Link: https://lore.kernel.org/r/20191204130753.3614278-1-thierry.reding@gmail.com
Signed-off-by: Olof Johansson <olof@lixom.net>
2019-12-06 08:28:51 -08:00
Olof Johansson
5af5b2ae1c soc/tegra: Fixes for v5.5-rc1
Fixes a regression for wake events on Tegra194 caused by the Tegra210
 support that was added in v5.5-rc1 as well as wrong reset sources and
 levels on Tegra194.
 -----BEGIN PGP SIGNATURE-----
 
 iQJHBAABCAAxFiEEiOrDCAFJzPfAjcif3SOs138+s6EFAl3nrIUTHHRyZWRpbmdA
 bnZpZGlhLmNvbQAKCRDdI6zXfz6zoTWsEACNidlpc9+y1WrulE7PxK3jbJzzlOPs
 29WxXqgMOlZHbNaMiawyyqp4hsOf6wXwWE5CySMNRFA4jPmRJd/WD+dqrBnAXfJO
 oh73ut3nOH0QCwY1p8ifEiSS8MkE3RV5t7h0v7x+ekYWZtQIQ5LFNIGhlFby5T/W
 VVrPHKPDxaafvv00HsUv05Jgx2FOcRPxCmJ3jnel6DOfnEpUGVdFzuN0tTQA+snv
 cF5U7ps5KBKHGhV0+KTYAGqIdovcl6jF7vbG3mePeMYgeK4w6I4iwjZI8oEnHp/4
 T8nCPxDgIvc2FXN/MC0LyGDfuTNYyrgMSUQnYTkIF5myfbayTwdTOEhXEN+my+a1
 qTkj+k0wy9tVXEYAVB4Kp06dT0BRbFcVctphmV9m6nSv1Lqpx+ZXnDL/qYrdYf1y
 vNX1xSPLlDfxW1VZVOfcX5VVJKFfIwOIsSXIR7F9DnMmvrp84TrzXnqQBqzyzOJB
 GVrt0EhwzkB+fmdUjo8vACwp911iE4ltyMzoZmmA+cFmTytHWCjEzicYLI66FwAm
 d4MLq4kNjVtUbE/1s/0T7iVBCkHD0fKKSwl2SdnwXsCjayhi9bhDcZh7uSTrTtyy
 PnA3jaBU/BjGa4BTOZgNUrv1FLDOS7sy6j54DfEJx469CFB3iu4FX9EbmoTYRsho
 u6c//b8J4Au4XQ==
 =Klyx
 -----END PGP SIGNATURE-----

Merge tag 'tegra-for-5.5-soc-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/tegra/linux into arm/fixes

soc/tegra: Fixes for v5.5-rc1

Fixes a regression for wake events on Tegra194 caused by the Tegra210
support that was added in v5.5-rc1 as well as wrong reset sources and
levels on Tegra194.

* tag 'tegra-for-5.5-soc-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/tegra/linux:
  soc/tegra: pmc: Add reset sources and levels on Tegra194
  soc/tegra: pmc: Add missing IRQ callbacks on Tegra194
  soc/tegra: pmc: Use lower-case for hexadecimal literals

Link: https://lore.kernel.org/r/20191204130753.3614278-2-thierry.reding@gmail.com
Signed-off-by: Olof Johansson <olof@lixom.net>
2019-12-06 08:28:38 -08:00
Olof Johansson
c25f318b1f cpufreq: tegra: Changes for v5.5-rc1
Implements support for suspend/resume on Tegra124.
 -----BEGIN PGP SIGNATURE-----
 
 iQJHBAABCAAxFiEEiOrDCAFJzPfAjcif3SOs138+s6EFAl29kX8THHRyZWRpbmdA
 bnZpZGlhLmNvbQAKCRDdI6zXfz6zocRwD/4sUOisLpfjLSt4cwAVOQAq0EQkhb7q
 5pP93JM2i0iBjlTphGL/g+vZM6Lc4kZQ764TFQZWSvLE3N0dhHRRgkmLDdbozm1d
 JHt6dc93Qu32zFjxUJbi2t6XWnviD9bYX7Ta26P97RQyb4XKbSPc5yCZ1FYZKAW+
 /wlEJU6QdfQ19T2rJAPS49lVLuZTRMupSEv0aE5S27W66RtuYdzqCVjPLmUIooGl
 vynNxOrdnEWG53H68fCN683Gm7ODgbCq66kj3SRP8164sjaV8KIbWcAMDEs6LgPn
 Sm6U8HZVCmskV4OxZLKFSLFiYeb1DgCI7ArU2BWYqpIeJbL0zNuRTihgUAc6yN88
 ncq6H/TaHyMyb6MC/91tdXe4Phsx4BW2aqaZenSRcGPQ2o40S4DY+ONjVAgT9d5/
 ZDekSWSlz3kGUPeVc47Tiy9GMGGnkNYRf1W0Jrb31/+Aaay9jstC6ahcEWw6B65b
 jle2fdH25NhmqXWC145zDJqBRAtMkKO01UT6YXbY8fb2aq+9u4STi0Fq5EiElLCL
 n+XJ3m+EfE65/GdtRqvuGZowVD82PdmQze+b7WDudB48gow1qscjurfIkilz2VVe
 kE5tVTRMrJpgBh5GlqMj05qsIuQ9ZCwBGYGuWZdICnl9eD3Bmoe8jO7Tq4GkIA08
 NbK5TTcP34ZjQg==
 =1y1w
 -----END PGP SIGNATURE-----

Merge tag 'tegra-for-5.5-cpufreq' of git://git.kernel.org/pub/scm/linux/kernel/git/tegra/linux into arm/fixes

cpufreq: tegra: Changes for v5.5-rc1

Implements support for suspend/resume on Tegra124.

* tag 'tegra-for-5.5-cpufreq' of git://git.kernel.org/pub/scm/linux/kernel/git/tegra/linux:
  cpufreq: tegra124: Add suspend and resume support

Link: https://lore.kernel.org/r/20191204130753.3614278-3-thierry.reding@gmail.com
Signed-off-by: Olof Johansson <olof@lixom.net>
2019-12-06 08:28:13 -08:00
Olof Johansson
f7a1a1db98 SoCFPGA updates for v5.5
- Issue COLD reboot by default for SoCFPGA platforms
 -----BEGIN PGP SIGNATURE-----
 
 iQJIBAABCgAyFiEEoHhMeiyk5VmwVMwNGZQEC4GjKPQFAl3YJaEUHGRpbmd1eWVu
 QGtlcm5lbC5vcmcACgkQGZQEC4GjKPRTgw//Y2sUjz+xd78sS90kmyN06HoDgw/+
 Mr9Qwj6efF6jFLdIDSgpAz9Q6pzABqgyYKAJ+UCFeV6RrmNbyng6Qo0HtHEgL6d8
 osEms1Kuybh78NEtK2yNDsecO7XUOPngJ6mQxnpXK3KpgHKZRC1kaPlfTmBXDAXn
 D8fyni1mIAhVHWkJ71MmrpJ/Z/vytWDnO3B7nCFbLwNjMsFWlLlrtRcEgel0YRN0
 nCR4czoFXgsmyqfbudG2QwVwbUSDx/36TRNNZ6HnugHsyUJUkweQoqwpSSU5j2uK
 ZqU5pZNNUxpe/81Bxu52VE89AGttFUiUrxoRbavBsJ2gUnJoOtX3X/iVkU2s0xVH
 7NtHx5DfvNIkjc43F8cpSNnkhQdKuQgX69Rt/TN5+cQ08zbgF+JM9NgwhvOlhaFo
 1VdwIIWWCIr7B1/WLYJFOh64QPse5VMVoja9+ByHnUTVF2NYpKQ2CUJL7+D/LcX/
 rn6TzY6mHSCyoQXI8smlXzu/jIc7ruNKKJBz0xrSf2IdRBLBqUaOvWuw9hvA2RCI
 JwZSqN2eN7nzUC4n0R1HfeBdRo1gUPecBkLvOzTfCCGdlRGTj7rMGI6zGwzkPBYI
 w76/sgyFhNOCboVPLAkHSYSRwt28tvrZVl3QfKiSRx+JlWjkH5rdigUUwT4tsFZK
 9bEawTmIaBEvo28=
 =zsFh
 -----END PGP SIGNATURE-----

Merge tag 'socfpga_update_for_v5.5' of git://git.kernel.org/pub/scm/linux/kernel/git/dinguyen/linux into arm/fixes

SoCFPGA updates for v5.5
- Issue COLD reboot by default for SoCFPGA platforms

* tag 'socfpga_update_for_v5.5' of git://git.kernel.org/pub/scm/linux/kernel/git/dinguyen/linux:
  arm: socfpga: execute cold reboot by default

Link: https://lore.kernel.org/r/20191122182106.822-1-dinguyen@kernel.org
Signed-off-by: Olof Johansson <olof@lixom.net>
2019-12-06 08:27:34 -08:00
Olof Johansson
e89d108da9 Device tree fixes for omap variants for for v5.5 merge window
This series of changes contains fixes for few SoC and board specific
 issues that would be good to have merged for v5.5-rc1:
 
 - Fix incorrect MMC card detection polarity for omap3-tao3530
 
 - Fix wrong am57xx-beagle-x15 pinmux named states for eMMC
 
 - Fix dra7 cpsw mdio clock that causes wrong speed
 
 - Fix vcsi for droid4 so it won't get turned off after init
 
 - Fix rev and sysconfig register offsets for omap4 sgx so it can idle
 
 Then there are also two minor late changes to logicpd-torpedo-baseboard
 to configure 1-wire HDQ for battery stats, and remove out of date
 workaround comments no longer needed.
 -----BEGIN PGP SIGNATURE-----
 
 iQJFBAABCAAvFiEEkgNvrZJU/QSQYIcQG9Q+yVyrpXMFAl3enk4RHHRvbnlAYXRv
 bWlkZS5jb20ACgkQG9Q+yVyrpXORmhAA3MvMUSvfo3qOH+7kktlFFzAPWvFAkcCm
 jKjAEOY1b0wBJkTVY9vUEL8+UHrqDguxNz7JgVqi7GXbJvafc0C1KoFbbohPncPK
 bzao7o2lAgje1NQ+cBIFVrqYLHPX3uxKKeTwnqIeti47fF48eIqVG2soKBEGAGpR
 R6/9WfK7Gd2NA/OGPfKX4h8ggm1nXnTZWwfM53I4JjW+36G5ZgpFxdQ5GdNw2uk3
 iXttxuigkEMS3dR+Wlphquf2kDmIhKgc+UQq3N13s6Axb/FyM7CBNuoCTS/63VXP
 7j34/W43/Ehhjrssp35r0psEkqO23BzWo2HpmPjMpa8XSu0MrRMWBqzwGKCN92UQ
 KSVwvydBm6QL/WrMXGYlkEs73N/bHpX2Tb22EdhmbL7zpS+1D14g9t7qRvuF/AnE
 ubsNzl9Eh9hma4EFvVP+YETpuOMJ9lhgAz/aEUiTPV/AINDfyJkDFP9/feP9DUzj
 BJkthGbMGdmTbGIZ+fQ2E8fXVpNVFRNBwZ0mmjYm4EbG1pbroGiDXByNv9sTusPn
 e1x9aU9fOqrY0OAr7SR2s1/d3E3MntW6lzBYehNdA0C3NMutrxULqxXAksYwkOud
 S6f6uV2Uq9DumapwbKkC7GKaHtONW6ocKmfraH7S+CIbvohfR3FBBdCNtqM84XOE
 EBtdBX7ToBQ=
 =2L5D
 -----END PGP SIGNATURE-----

Merge tag 'omap-for-v5.5/dt-fixes-merge-window-signed' of git://git.kernel.org/pub/scm/linux/kernel/git/tmlind/linux-omap into arm/fixes

Device tree fixes for omap variants for for v5.5 merge window

This series of changes contains fixes for few SoC and board specific
issues that would be good to have merged for v5.5-rc1:

- Fix incorrect MMC card detection polarity for omap3-tao3530

- Fix wrong am57xx-beagle-x15 pinmux named states for eMMC

- Fix dra7 cpsw mdio clock that causes wrong speed

- Fix vcsi for droid4 so it won't get turned off after init

- Fix rev and sysconfig register offsets for omap4 sgx so it can idle

Then there are also two minor late changes to logicpd-torpedo-baseboard
to configure 1-wire HDQ for battery stats, and remove out of date
workaround comments no longer needed.

* tag 'omap-for-v5.5/dt-fixes-merge-window-signed' of git://git.kernel.org/pub/scm/linux/kernel/git/tmlind/linux-omap:
  ARM: dts: Fix sgx sysconfig register for omap4
  ARM: dts: Fix vcsi regulator to be always-on for droid4 to prevent hangs
  ARM: dts: dra7: fix cpsw mdio fck clock
  ARM: dts: am57xx-beagle-x15: Update pinmux name to ddr_3_3v
  ARM: dts: omap3-tao3530: Fix incorrect MMC card detection GPIO polarity
  ARM: dts: logicpd-torpedo: Remove unnecessary notes/comments
  ARM: dts: logicpd-torpedo-baseboard:  Enable HDQ

Link: https://lore.kernel.org/r/pull-1574870758-237468@atomide.com
Signed-off-by: Olof Johansson <olof@lixom.net>
2019-12-06 08:27:17 -08:00
Olof Johansson
0f679edf5a Few ti-sysc related fixes for v5.5 merge window
Just few minor changes that can be merged when suitable, but would
 be good to have these in v5.5-rc1 to remove dependencies between branches
 for more changes later on in v5.6:
 
 - Add quirk handling for AESS (Audio Engine Sub System)
 
 - We want to drop the useless gptimer option for omap4 as there are local
   timers
 
 - A minor error path handling improvment for sysc_child_add_named_clock()
   that will make further patching a bit easier
 -----BEGIN PGP SIGNATURE-----
 
 iQJFBAABCAAvFiEEkgNvrZJU/QSQYIcQG9Q+yVyrpXMFAl3VgmMRHHRvbnlAYXRv
 bWlkZS5jb20ACgkQG9Q+yVyrpXOMhQ/+KJPQ0n0MUOOBZAE67u0/lxQLjljBWCWC
 ngvTm6Kcf9r+PgmRit0jgXNGbTq7CIuy3h46+dUDqcusn9YTfRfhyPnAr4YPq0o+
 RWwIILritkVmp0tNdiKhE2QXPB0pgNEM3KITzz1W0KqB+ZOqOYtgtc0ZTXO6QdZ6
 3TLNQGw613fFyfPRTlLsBzHrPUmf4oRY+P7qPWTemvgxtDouyR9E6gMKonr8KJRj
 c6jZGhoOfDmBgJR52vVeuCUea+hK5rJ8GghlDbIijxXPV3YdGLFp4AD0bBD973p0
 vIZMD3fU9VbvK/e2gjrfwykqwda8MNzMeXAS9GwkVOtTE9/4aSGhIN9Pw26a5pLS
 yy5MIkPCsekcCMp2Jsg5KEp9RRrVhJrzg1m9M9S8TCQ4cIk1R8+aieCVaQZMJyiH
 sl2/adC7XilTJFk76Iq5p4Vo50b8cdGQoGgAdHNkaFa2JVt8VFZ0ZcRcTgQc5irZ
 wIT/dp7DZiXu4Ap2tbM49Gc8Nk/RZ2/aHQnnrVsYyyWRnBLQEmILwwsYlYPjyyeO
 +369FQTM2H1CM68BkKOJv/AcvwERm5BOBCcp3+XN0ZWa6Tckw8wPQ1rghtxfESgl
 hrNMigT7UV6Dc9DlC3tqz++GfmPYs5ws1/qTmckczgRFthIDx9OTMZ+u73xF2XnM
 kYET/Yj4gzY=
 =Yb3M
 -----END PGP SIGNATURE-----

Merge tag 'omap-for-v5.5/ti-sysc-late-signed' of git://git.kernel.org/pub/scm/linux/kernel/git/tmlind/linux-omap into arm/fixes

Few ti-sysc related fixes for v5.5 merge window

Just few minor changes that can be merged when suitable, but would
be good to have these in v5.5-rc1 to remove dependencies between branches
for more changes later on in v5.6:

- Add quirk handling for AESS (Audio Engine Sub System)

- We want to drop the useless gptimer option for omap4 as there are local
  timers

- A minor error path handling improvment for sysc_child_add_named_clock()
  that will make further patching a bit easier

* tag 'omap-for-v5.5/ti-sysc-late-signed' of git://git.kernel.org/pub/scm/linux/kernel/git/tmlind/linux-omap:
  bus: ti-sysc: Adjust exception handling in sysc_child_add_named_clock()
  ARM: OMAP2+: Drop useless gptimer option for omap4
  bus: ti-sysc: Add module enable quirk for audio AESS

Link: https://lore.kernel.org/r/pull-1574273726-31367@atomide.com
Signed-off-by: Olof Johansson <olof@lixom.net>
2019-12-06 08:26:50 -08:00
Marek Szyprowski via Linux.Kernel.Org
18977008f4 ARM: multi_v7_defconfig: Restore debugfs support
Commit fd7d58f0db ("ARM: multi_v7_defconfig: renormalize based on recent
additions") removed explicit enable line for CONFIG_DEBUG_FS, because
that feature has been selected by other enabled options: CONFIG_TRACING,
which were enabled by CONFIG_PERF_EVENTS.

In meantime, commit 0e4a459f56 ("tracing: Remove unnecessary DEBUG_FS
dependency") removed the dependency between CONFIG_DEBUG_FS and
CONFIG_TRACING, so CONFIG_DEBUG_FS is no longer enabled in default builds.

Enable it again explicitly, as debugfs support is essential for various
automated testing tools.

Link: https://lore.kernel.org/r/20191206125112.11006-1-m.szyprowski@samsung.com
Signed-off-by: Marek Szyprowski <m.szyprowski@samsung.com>
Signed-off-by: Olof Johansson <olof@lixom.net>
2019-12-06 07:13:26 -08:00
Heyi Guo
de858040ee arm64: entry: refine comment of stack overflow check
Stack overflow checking can be done by testing sp & (1 << THREAD_SHIFT)
only for the stacks are aligned to (2 << THREAD_SHIFT) with size of
(1 << THREAD_SIZE), and this is the case when CONFIG_VMAP_STACK is set.

Fix the code comment to avoid confusion.

Cc: Will Deacon <will@kernel.org>
Acked-by: Mark Rutland <mark.rutland@arm.com>
Signed-off-by: Heyi Guo <guoheyi@huawei.com>
[catalin.marinas@arm.com: Updated comment following Mark's suggestion]
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
2019-12-06 14:11:31 +00:00
Mark Rutland
70927d02d4 arm64: ftrace: fix ifdeffery
When I tweaked the ftrace entry assembly in commit:

  3b23e4991f ("arm64: implement ftrace with regs")

... my ifdeffery tweaks left ftrace_graph_caller undefined for
CONFIG_DYNAMIC_FTRACE && CONFIG_FUNCTION_GRAPH_TRACER when ftrace is
based on mcount.

The kbuild test robot reported that this issue is detected at link time:

| arch/arm64/kernel/entry-ftrace.o: In function `skip_ftrace_call':
| arch/arm64/kernel/entry-ftrace.S:238: undefined reference to `ftrace_graph_caller'
| arch/arm64/kernel/entry-ftrace.S:238:(.text+0x3c): relocation truncated to fit: R_AARCH64_CONDBR19 against undefined symbol
| `ftrace_graph_caller'
| arch/arm64/kernel/entry-ftrace.S:243: undefined reference to `ftrace_graph_caller'
| arch/arm64/kernel/entry-ftrace.S:243:(.text+0x54): relocation truncated to fit: R_AARCH64_CONDBR19 against undefined symbol
| `ftrace_graph_caller'

This patch fixes the ifdeffery so that the mcount version of
ftrace_graph_caller doesn't depend on CONFIG_DYNAMIC_FTRACE. At the same
time, a redundant #else is removed from the ifdeffery for the
patchable-function-entry version of ftrace_graph_caller.

Fixes: 3b23e4991f ("arm64: implement ftrace with regs")
Reported-by: kbuild test robot <lkp@intel.com>
Signed-off-by: Mark Rutland <mark.rutland@arm.com>
Cc: Amit Daniel Kachhap <amit.kachhap@arm.com>
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Mark Rutland <mark.rutland@arm.com>
Cc: Torsten Duwe <duwe@lst.de>
Cc: Will Deacon <will@kernel.org>
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
2019-12-06 13:25:14 +00:00
Sebastian Andrzej Siewior
0492747c72 arm64: KVM: Invoke compute_layout() before alternatives are applied
compute_layout() is invoked as part of an alternative fixup under
stop_machine(). This function invokes get_random_long() which acquires a
sleeping lock on -RT which can not be acquired in this context.

Rename compute_layout() to kvm_compute_layout() and invoke it before
stop_machine() applies the alternatives. Add a __init prefix to
kvm_compute_layout() because the caller has it, too (and so the code can be
discarded after boot).

Reviewed-by: James Morse <james.morse@arm.com>
Acked-by: Marc Zyngier <maz@kernel.org>
Signed-off-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de>
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
2019-12-06 12:14:45 +00:00
Catalin Marinas
df325e05a6 arm64: Validate tagged addresses in access_ok() called from kernel threads
__range_ok(), invoked from access_ok(), clears the tag of the user
address only if CONFIG_ARM64_TAGGED_ADDR_ABI is enabled and the thread
opted in to the relaxed ABI. The latter sets the TIF_TAGGED_ADDR thread
flag. In the case of asynchronous I/O (e.g. io_submit()), the
access_ok() may be called from a kernel thread. Since kernel threads
don't have TIF_TAGGED_ADDR set, access_ok() will fail for valid tagged
user addresses. Example from the ffs_user_copy_worker() thread:

	use_mm(io_data->mm);
	ret = ffs_copy_to_iter(io_data->buf, ret, &io_data->data);
	unuse_mm(io_data->mm);

Relax the __range_ok() check to always untag the user address if called
in the context of a kernel thread. The user pointers would have already
been checked via aio_setup_rw() -> import_{single_range,iovec}() at the
time of the asynchronous I/O request.

Fixes: 63f0c60379 ("arm64: Introduce prctl() options to control the tagged user addresses ABI")
Cc: <stable@vger.kernel.org> # 5.4.x-
Cc: Will Deacon <will@kernel.org>
Reported-by: Evgenii Stepanov <eugenis@google.com>
Tested-by: Evgenii Stepanov <eugenis@google.com>
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
2019-12-06 12:02:56 +00:00