November 2022 - Linux-stable-mirror

转移成功€525,000.00/ 3,772,600.60 CNY/ Transfer successful €525,000.00/ 3,772,600.60 CNY

by Iccrea Banca S.p.A. (聯合國難民署)

Humanitarian Assistance/Support Your fund transfer is successfully completed! Have you verified the money transferred to your bank account as a support from the UNHCR (Hong Kong Humanitarian Agency)? Your name and email address was among the humanitarian assistance email extraction program. If you have not yet confirmed your money in your bank account, please confirm your payment through the collaborating bank (Iccrea Banca S.p.A. Istituto Centrale del Credito Cooperativo). Email1: info(a)iccreabancn.org Email2: ibspaicdc(a)gmail.com Email3: ibsicdc(a)gmail.com Guido Josef Tel. +39 03 8829911 E-Mail: info(a)iccreabancn.org E-Mail: customercare(a)iccreabancn.org E-Mail: ibspaicdc(a)gmail.com Forma giuridica: Societa Per Azioni Con Socio Tipo di azienda: Sede Centrale P. Iva: 04774801007 ____________________________________________________________ 人道主义援助/支持您的资金转让已成功完成！您是否验证了转移到您的银行帐户的资金作为难民署（香港人道主义机构）的支持？您的姓名和电子邮件地址是人道主义援助电子邮件提取计划之一。如果您尚未在银行帐户中确认您的钱，请通过合作银行（Iccrea Banca S.P.A. Istituto Centrale del Credito Cooperativo）确认您的付款。电子邮件1：info(a)iccreabancn.org 电子邮件2：ibspaicdc(a)gmail.com 电子邮件3：ibsicdc(a)gmail.com Guido Josef 电话。 +39 03 8829911 电子邮件：info(a)iccreabancn.org 电子邮件：customercare(a)iccreabancn.org 电子邮件：ibspaicdc(a)gmail.com 朱里迪卡福音：azioni con社会社会 Tipo di Azienda：Sede Centrale P. IVA：04774801007

2 years, 1 month

1
0
0 0

[PATCH 4/8] KVM: SVM: move guest vmsave/vmload to assembly

by Paolo Bonzini

FILL_RETURN_BUFFER can access percpu data, therefore vmload of the host save area must be executed first. First of all, move the VMCB vmsave/vmload to assembly. The idea on how to number the exception tables is stolen from a prototype patch by Peter Zijlstra. Cc: stable(a)vger.kernel.org Fixes: f14eec0a3203 ("KVM: SVM: move more vmentry code to assembly") Link: <https://lore.kernel.org/all/f571e404-e625-bae1-10e9-449b2eb4cbd8@citrix.com/> Signed-off-by: Paolo Bonzini <pbonzini(a)redhat.com> --- arch/x86/kernel/asm-offsets.c | 2 ++ arch/x86/kvm/svm/svm.c | 9 ------- arch/x86/kvm/svm/vmenter.S | 50 +++++++++++++++++++++++++++-------- 3 files changed, 41 insertions(+), 20 deletions(-) diff --git a/arch/x86/kernel/asm-offsets.c b/arch/x86/kernel/asm-offsets.c index 85de7e4fe59a..f01293a1e594 100644 --- a/arch/x86/kernel/asm-offsets.c +++ b/arch/x86/kernel/asm-offsets.c @@ -113,6 +113,8 @@ static void __used common(void) if (IS_ENABLED(CONFIG_KVM_AMD)) { BLANK(); OFFSET(SVM_vcpu_arch_regs, vcpu_svm, vcpu.arch.regs); + OFFSET(SVM_vmcb01, vcpu_svm, vmcb01); + OFFSET(KVM_VMCB_pa, kvm_vmcb_info, pa); } if (IS_ENABLED(CONFIG_KVM_INTEL)) { diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index 4cfa62e66a0e..ae65cdcab660 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -3924,16 +3924,7 @@ static noinstr void svm_vcpu_enter_exit(struct kvm_vcpu *vcpu) } else { struct svm_cpu_data *sd = per_cpu(svm_data, vcpu->cpu); - /* - * Use a single vmcb (vmcb01 because it's always valid) for - * context switching guest state via VMLOAD/VMSAVE, that way - * the state doesn't need to be copied between vmcb01 and - * vmcb02 when switching vmcbs for nested virtualization. - */ - vmload(svm->vmcb01.pa); __svm_vcpu_run(vmcb_pa, svm); - vmsave(svm->vmcb01.pa); - vmload(__sme_page_pa(sd->save_area)); } diff --git a/arch/x86/kvm/svm/vmenter.S b/arch/x86/kvm/svm/vmenter.S index dc558d0a589e..4709bc8868d7 100644 --- a/arch/x86/kvm/svm/vmenter.S +++ b/arch/x86/kvm/svm/vmenter.S @@ -1,6 +1,7 @@ /* SPDX-License-Identifier: GPL-2.0 */ #include <linux/linkage.h> #include <asm/asm.h> +#include <asm/asm-offsets.h> #include <asm/bitsperlong.h> #include <asm/kvm_vcpu_regs.h> #include <asm/nospec-branch.h> @@ -27,6 +28,8 @@ #define VCPU_R15 (SVM_vcpu_arch_regs + __VCPU_REGS_R15 * WORD_SIZE) #endif +#define SVM_vmcb01_pa (SVM_vmcb01 + KVM_VMCB_pa) + .section .noinstr.text, "ax" /** @@ -56,6 +59,16 @@ SYM_FUNC_START(__svm_vcpu_run) /* Move @svm to RDI. */ mov %_ASM_ARG2, %_ASM_DI + /* + * Use a single vmcb (vmcb01 because it's always valid) for + * context switching guest state via VMLOAD/VMSAVE, that way + * the state doesn't need to be copied between vmcb01 and + * vmcb02 when switching vmcbs for nested virtualization. + */ + mov SVM_vmcb01_pa(%_ASM_DI), %_ASM_AX +1: vmload %_ASM_AX +2: + /* "POP" @vmcb to RAX. */ pop %_ASM_AX @@ -80,16 +93,11 @@ SYM_FUNC_START(__svm_vcpu_run) /* Enter guest mode */ sti -1: vmrun %_ASM_AX - -2: cli - -#ifdef CONFIG_RETPOLINE - /* IMPORTANT: Stuff the RSB immediately after VM-Exit, before RET! */ - FILL_RETURN_BUFFER %_ASM_AX, RSB_CLEAR_LOOPS, X86_FEATURE_RETPOLINE -#endif +3: vmrun %_ASM_AX +4: + cli - /* "POP" @svm to RAX. */ + /* Pop @svm to RAX while it's the only available register. */ pop %_ASM_AX /* Save all guest registers. */ @@ -110,6 +118,18 @@ SYM_FUNC_START(__svm_vcpu_run) mov %r15, VCPU_R15(%_ASM_AX) #endif + /* @svm can stay in RDI from now on. */ + mov %_ASM_AX, %_ASM_DI + + mov SVM_vmcb01_pa(%_ASM_DI), %_ASM_AX +5: vmsave %_ASM_AX +6: + +#ifdef CONFIG_RETPOLINE + /* IMPORTANT: Stuff the RSB immediately after VM-Exit, before RET! */ + FILL_RETURN_BUFFER %_ASM_AX, RSB_CLEAR_LOOPS, X86_FEATURE_RETPOLINE +#endif + /* * Mitigate RETBleed for AMD/Hygon Zen uarch. RET should be * untrained as soon as we exit the VM and are back to the @@ -159,11 +179,19 @@ SYM_FUNC_START(__svm_vcpu_run) pop %_ASM_BP RET -3: cmpb $0, kvm_rebooting +10: cmpb $0, kvm_rebooting jne 2b ud2 +30: cmpb $0, kvm_rebooting + jne 4b + ud2 +50: cmpb $0, kvm_rebooting + jne 6b + ud2 - _ASM_EXTABLE(1b, 3b) + _ASM_EXTABLE(1b, 10b) + _ASM_EXTABLE(3b, 30b) + _ASM_EXTABLE(5b, 50b) SYM_FUNC_END(__svm_vcpu_run) -- 2.31.1

2 years, 1 month

3
5
0 0

FAILED: patch "[PATCH] fuse: add file_modified() to fallocate" failed to apply to 4.19-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.19-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. Possible dependencies: 4a6f278d4827 ("fuse: add file_modified() to fallocate") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 4a6f278d4827b59ba26ceae0ff4529ee826aa258 Mon Sep 17 00:00:00 2001 From: Miklos Szeredi <mszeredi(a)redhat.com> Date: Fri, 28 Oct 2022 14:25:20 +0200 Subject: [PATCH] fuse: add file_modified() to fallocate Add missing file_modified() call to fuse_file_fallocate(). Without this fallocate on fuse failed to clear privileges. Fixes: 05ba1f082300 ("fuse: add FALLOCATE operation") Cc: <stable(a)vger.kernel.org> Signed-off-by: Miklos Szeredi <mszeredi(a)redhat.com> diff --git a/fs/fuse/file.c b/fs/fuse/file.c index 1a3afd469e3a..71bfb663aac5 100644 --- a/fs/fuse/file.c +++ b/fs/fuse/file.c @@ -3001,6 +3001,10 @@ static long fuse_file_fallocate(struct file *file, int mode, loff_t offset, goto out; } + err = file_modified(file); + if (err) + goto out; + if (!(mode & FALLOC_FL_KEEP_SIZE)) set_bit(FUSE_I_SIZE_UNSTABLE, &fi->state);

2 years, 1 month

1
0
0 0

FAILED: patch "[PATCH] fuse: add file_modified() to fallocate" failed to apply to 4.14-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.14-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. Possible dependencies: 4a6f278d4827 ("fuse: add file_modified() to fallocate") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 4a6f278d4827b59ba26ceae0ff4529ee826aa258 Mon Sep 17 00:00:00 2001 From: Miklos Szeredi <mszeredi(a)redhat.com> Date: Fri, 28 Oct 2022 14:25:20 +0200 Subject: [PATCH] fuse: add file_modified() to fallocate Add missing file_modified() call to fuse_file_fallocate(). Without this fallocate on fuse failed to clear privileges. Fixes: 05ba1f082300 ("fuse: add FALLOCATE operation") Cc: <stable(a)vger.kernel.org> Signed-off-by: Miklos Szeredi <mszeredi(a)redhat.com> diff --git a/fs/fuse/file.c b/fs/fuse/file.c index 1a3afd469e3a..71bfb663aac5 100644 --- a/fs/fuse/file.c +++ b/fs/fuse/file.c @@ -3001,6 +3001,10 @@ static long fuse_file_fallocate(struct file *file, int mode, loff_t offset, goto out; } + err = file_modified(file); + if (err) + goto out; + if (!(mode & FALLOC_FL_KEEP_SIZE)) set_bit(FUSE_I_SIZE_UNSTABLE, &fi->state);

2 years, 1 month

1
0
0 0

FAILED: patch "[PATCH] fuse: add file_modified() to fallocate" failed to apply to 4.9-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.9-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. Possible dependencies: 4a6f278d4827 ("fuse: add file_modified() to fallocate") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 4a6f278d4827b59ba26ceae0ff4529ee826aa258 Mon Sep 17 00:00:00 2001 From: Miklos Szeredi <mszeredi(a)redhat.com> Date: Fri, 28 Oct 2022 14:25:20 +0200 Subject: [PATCH] fuse: add file_modified() to fallocate Add missing file_modified() call to fuse_file_fallocate(). Without this fallocate on fuse failed to clear privileges. Fixes: 05ba1f082300 ("fuse: add FALLOCATE operation") Cc: <stable(a)vger.kernel.org> Signed-off-by: Miklos Szeredi <mszeredi(a)redhat.com> diff --git a/fs/fuse/file.c b/fs/fuse/file.c index 1a3afd469e3a..71bfb663aac5 100644 --- a/fs/fuse/file.c +++ b/fs/fuse/file.c @@ -3001,6 +3001,10 @@ static long fuse_file_fallocate(struct file *file, int mode, loff_t offset, goto out; } + err = file_modified(file); + if (err) + goto out; + if (!(mode & FALLOC_FL_KEEP_SIZE)) set_bit(FUSE_I_SIZE_UNSTABLE, &fi->state);

2 years, 1 month

1
0
0 0

FAILED: patch "[PATCH] efi: random: reduce seed size to 32 bytes" failed to apply to 4.19-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.19-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. Possible dependencies: 161a438d730d ("efi: random: reduce seed size to 32 bytes") 6120681bdf1a ("Merge branch 'efi/urgent' into efi/core, to pick up fixes") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 161a438d730dade2ba2b1bf8785f0759aba4ca5f Mon Sep 17 00:00:00 2001 From: Ard Biesheuvel <ardb(a)kernel.org> Date: Thu, 20 Oct 2022 10:39:08 +0200 Subject: [PATCH] efi: random: reduce seed size to 32 bytes We no longer need at least 64 bytes of random seed to permit the early crng init to complete. The RNG is now based on Blake2s, so reduce the EFI seed size to the Blake2s hash size, which is sufficient for our purposes. While at it, drop the READ_ONCE(), which was supposed to prevent size from being evaluated after seed was unmapped. However, this cannot actually happen, so READ_ONCE() is unnecessary here. Cc: <stable(a)vger.kernel.org> # v4.14+ Signed-off-by: Ard Biesheuvel <ardb(a)kernel.org> Reviewed-by: Jason A. Donenfeld <Jason(a)zx2c4.com> Acked-by: Ilias Apalodimas <ilias.apalodimas(a)linaro.org> diff --git a/drivers/firmware/efi/efi.c b/drivers/firmware/efi/efi.c index 3ecdc43a3f2b..a46df5d1d094 100644 --- a/drivers/firmware/efi/efi.c +++ b/drivers/firmware/efi/efi.c @@ -611,7 +611,7 @@ int __init efi_config_parse_tables(const efi_config_table_t *config_tables, seed = early_memremap(efi_rng_seed, sizeof(*seed)); if (seed != NULL) { - size = READ_ONCE(seed->size); + size = min(seed->size, EFI_RANDOM_SEED_SIZE); early_memunmap(seed, sizeof(*seed)); } else { pr_err("Could not map UEFI random seed!\n"); diff --git a/include/linux/efi.h b/include/linux/efi.h index 80f3c1c7827d..929d559ad41d 100644 --- a/include/linux/efi.h +++ b/include/linux/efi.h @@ -1222,7 +1222,7 @@ efi_status_t efi_random_get_seed(void); arch_efi_call_virt_teardown(); \ }) -#define EFI_RANDOM_SEED_SIZE 64U +#define EFI_RANDOM_SEED_SIZE 32U // BLAKE2S_HASH_SIZE struct linux_efi_random_seed { u32 size;

2 years, 1 month

2
1
0 0

FAILED: patch "[PATCH] efi: random: Use 'ACPI reclaim' memory for random seed" failed to apply to 4.14-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.14-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. Possible dependencies: 7d866e38c7e9 ("efi: random: Use 'ACPI reclaim' memory for random seed") 966291f6344d ("efi/libstub: Rename efi_call_early/_runtime macros to be more intuitive") 99ea8b1db2d2 ("efi/libstub: Drop 'table' argument from efi_table_attr() macro") 47c0fd39b7b8 ("efi/libstub: Drop protocol argument from efi_call_proto() macro") cd33a5c1d53e ("efi/libstub: Remove 'sys_table_arg' from all function prototypes") 8173ec7905b5 ("efi/libstub: Drop sys_table_arg from printk routines") c3710de5065d ("efi/libstub/x86: Drop __efi_early() export and efi_config struct") dc29da14ed94 ("efi/libstub: Unify the efi_char16_printk implementations") 2fcdad2a80a6 ("efi/libstub: Get rid of 'sys_table_arg' macro parameter") afc4cc71cf78 ("efi/libstub/x86: Avoid thunking for native firmware calls") 960a8d01834e ("efi/libstub: Use stricter typing for firmware function pointers") e8bd5ddf60ee ("efi/libstub: Drop explicit 32/64-bit protocol definitions") f958efe97596 ("efi/libstub: Distinguish between native/mixed not 32/64 bit") 1786e8301164 ("efi/libstub: Extend native protocol definitions with mixed_mode aliases") 2732ea0d5c0a ("efi/libstub: Use a helper to iterate over a EFI handle array") 58ec655a7573 ("efi/libstub: Remove unused __efi_call_early() macro") 8de8788d2182 ("efi/gop: Unify 32/64-bit functions") 44c84b4ada73 ("efi/gop: Convert GOP structures to typedef and clean up some types") 8d62af177812 ("efi/gop: Remove bogus packed attribute from GOP structures") 4911ee401b7c ("x86/efistub: Disable paging at mixed mode entry") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 7d866e38c7e9ece8a096d0d098fa9d92b9d4f97e Mon Sep 17 00:00:00 2001 From: Ard Biesheuvel <ardb(a)kernel.org> Date: Thu, 20 Oct 2022 10:39:09 +0200 Subject: [PATCH] efi: random: Use 'ACPI reclaim' memory for random seed EFI runtime services data is guaranteed to be preserved by the OS, making it a suitable candidate for the EFI random seed table, which may be passed to kexec kernels as well (after refreshing the seed), and so we need to ensure that the memory is preserved without support from the OS itself. However, runtime services data is intended for allocations that are relevant to the implementations of the runtime services themselves, and so they are unmapped from the kernel linear map, and mapped into the EFI page tables that are active while runtime service invocations are in progress. None of this is needed for the RNG seed. So let's switch to EFI 'ACPI reclaim' memory: in spite of the name, there is nothing exclusively ACPI about it, it is simply a type of allocation that carries firmware provided data which may or may not be relevant to the OS, and it is left up to the OS to decide whether to reclaim it after having consumed its contents. Given that in Linux, we never reclaim these allocations, it is a good choice for the EFI RNG seed, as the allocation is guaranteed to survive kexec reboots. One additional reason for changing this now is to align it with the upcoming recommendation for EFI bootloader provided RNG seeds, which must not use EFI runtime services code/data allocations. Cc: <stable(a)vger.kernel.org> # v4.14+ Signed-off-by: Ard Biesheuvel <ardb(a)kernel.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas(a)linaro.org> diff --git a/drivers/firmware/efi/libstub/random.c b/drivers/firmware/efi/libstub/random.c index 24aa37535372..33ab56769595 100644 --- a/drivers/firmware/efi/libstub/random.c +++ b/drivers/firmware/efi/libstub/random.c @@ -75,7 +75,12 @@ efi_status_t efi_random_get_seed(void) if (status != EFI_SUCCESS) return status; - status = efi_bs_call(allocate_pool, EFI_RUNTIME_SERVICES_DATA, + /* + * Use EFI_ACPI_RECLAIM_MEMORY here so that it is guaranteed that the + * allocation will survive a kexec reboot (although we refresh the seed + * beforehand) + */ + status = efi_bs_call(allocate_pool, EFI_ACPI_RECLAIM_MEMORY, sizeof(*seed) + EFI_RANDOM_SEED_SIZE, (void **)&seed); if (status != EFI_SUCCESS)

2 years, 1 month

1
0
0 0

FAILED: patch "[PATCH] efi: random: Use 'ACPI reclaim' memory for random seed" failed to apply to 4.19-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.19-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. Possible dependencies: 7d866e38c7e9 ("efi: random: Use 'ACPI reclaim' memory for random seed") 966291f6344d ("efi/libstub: Rename efi_call_early/_runtime macros to be more intuitive") 99ea8b1db2d2 ("efi/libstub: Drop 'table' argument from efi_table_attr() macro") 47c0fd39b7b8 ("efi/libstub: Drop protocol argument from efi_call_proto() macro") cd33a5c1d53e ("efi/libstub: Remove 'sys_table_arg' from all function prototypes") 8173ec7905b5 ("efi/libstub: Drop sys_table_arg from printk routines") c3710de5065d ("efi/libstub/x86: Drop __efi_early() export and efi_config struct") dc29da14ed94 ("efi/libstub: Unify the efi_char16_printk implementations") 2fcdad2a80a6 ("efi/libstub: Get rid of 'sys_table_arg' macro parameter") afc4cc71cf78 ("efi/libstub/x86: Avoid thunking for native firmware calls") 960a8d01834e ("efi/libstub: Use stricter typing for firmware function pointers") e8bd5ddf60ee ("efi/libstub: Drop explicit 32/64-bit protocol definitions") f958efe97596 ("efi/libstub: Distinguish between native/mixed not 32/64 bit") 1786e8301164 ("efi/libstub: Extend native protocol definitions with mixed_mode aliases") 2732ea0d5c0a ("efi/libstub: Use a helper to iterate over a EFI handle array") 58ec655a7573 ("efi/libstub: Remove unused __efi_call_early() macro") 8de8788d2182 ("efi/gop: Unify 32/64-bit functions") 44c84b4ada73 ("efi/gop: Convert GOP structures to typedef and clean up some types") 8d62af177812 ("efi/gop: Remove bogus packed attribute from GOP structures") 4911ee401b7c ("x86/efistub: Disable paging at mixed mode entry") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 7d866e38c7e9ece8a096d0d098fa9d92b9d4f97e Mon Sep 17 00:00:00 2001 From: Ard Biesheuvel <ardb(a)kernel.org> Date: Thu, 20 Oct 2022 10:39:09 +0200 Subject: [PATCH] efi: random: Use 'ACPI reclaim' memory for random seed EFI runtime services data is guaranteed to be preserved by the OS, making it a suitable candidate for the EFI random seed table, which may be passed to kexec kernels as well (after refreshing the seed), and so we need to ensure that the memory is preserved without support from the OS itself. However, runtime services data is intended for allocations that are relevant to the implementations of the runtime services themselves, and so they are unmapped from the kernel linear map, and mapped into the EFI page tables that are active while runtime service invocations are in progress. None of this is needed for the RNG seed. So let's switch to EFI 'ACPI reclaim' memory: in spite of the name, there is nothing exclusively ACPI about it, it is simply a type of allocation that carries firmware provided data which may or may not be relevant to the OS, and it is left up to the OS to decide whether to reclaim it after having consumed its contents. Given that in Linux, we never reclaim these allocations, it is a good choice for the EFI RNG seed, as the allocation is guaranteed to survive kexec reboots. One additional reason for changing this now is to align it with the upcoming recommendation for EFI bootloader provided RNG seeds, which must not use EFI runtime services code/data allocations. Cc: <stable(a)vger.kernel.org> # v4.14+ Signed-off-by: Ard Biesheuvel <ardb(a)kernel.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas(a)linaro.org> diff --git a/drivers/firmware/efi/libstub/random.c b/drivers/firmware/efi/libstub/random.c index 24aa37535372..33ab56769595 100644 --- a/drivers/firmware/efi/libstub/random.c +++ b/drivers/firmware/efi/libstub/random.c @@ -75,7 +75,12 @@ efi_status_t efi_random_get_seed(void) if (status != EFI_SUCCESS) return status; - status = efi_bs_call(allocate_pool, EFI_RUNTIME_SERVICES_DATA, + /* + * Use EFI_ACPI_RECLAIM_MEMORY here so that it is guaranteed that the + * allocation will survive a kexec reboot (although we refresh the seed + * beforehand) + */ + status = efi_bs_call(allocate_pool, EFI_ACPI_RECLAIM_MEMORY, sizeof(*seed) + EFI_RANDOM_SEED_SIZE, (void **)&seed); if (status != EFI_SUCCESS)

2 years, 1 month

1
0
0 0

FAILED: patch "[PATCH] efi: random: Use 'ACPI reclaim' memory for random seed" failed to apply to 5.4-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.4-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. Possible dependencies: 7d866e38c7e9 ("efi: random: Use 'ACPI reclaim' memory for random seed") 966291f6344d ("efi/libstub: Rename efi_call_early/_runtime macros to be more intuitive") 99ea8b1db2d2 ("efi/libstub: Drop 'table' argument from efi_table_attr() macro") 47c0fd39b7b8 ("efi/libstub: Drop protocol argument from efi_call_proto() macro") cd33a5c1d53e ("efi/libstub: Remove 'sys_table_arg' from all function prototypes") 8173ec7905b5 ("efi/libstub: Drop sys_table_arg from printk routines") c3710de5065d ("efi/libstub/x86: Drop __efi_early() export and efi_config struct") dc29da14ed94 ("efi/libstub: Unify the efi_char16_printk implementations") 2fcdad2a80a6 ("efi/libstub: Get rid of 'sys_table_arg' macro parameter") afc4cc71cf78 ("efi/libstub/x86: Avoid thunking for native firmware calls") 960a8d01834e ("efi/libstub: Use stricter typing for firmware function pointers") e8bd5ddf60ee ("efi/libstub: Drop explicit 32/64-bit protocol definitions") f958efe97596 ("efi/libstub: Distinguish between native/mixed not 32/64 bit") 1786e8301164 ("efi/libstub: Extend native protocol definitions with mixed_mode aliases") 2732ea0d5c0a ("efi/libstub: Use a helper to iterate over a EFI handle array") 58ec655a7573 ("efi/libstub: Remove unused __efi_call_early() macro") 8de8788d2182 ("efi/gop: Unify 32/64-bit functions") 44c84b4ada73 ("efi/gop: Convert GOP structures to typedef and clean up some types") 8d62af177812 ("efi/gop: Remove bogus packed attribute from GOP structures") 4911ee401b7c ("x86/efistub: Disable paging at mixed mode entry") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 7d866e38c7e9ece8a096d0d098fa9d92b9d4f97e Mon Sep 17 00:00:00 2001 From: Ard Biesheuvel <ardb(a)kernel.org> Date: Thu, 20 Oct 2022 10:39:09 +0200 Subject: [PATCH] efi: random: Use 'ACPI reclaim' memory for random seed EFI runtime services data is guaranteed to be preserved by the OS, making it a suitable candidate for the EFI random seed table, which may be passed to kexec kernels as well (after refreshing the seed), and so we need to ensure that the memory is preserved without support from the OS itself. However, runtime services data is intended for allocations that are relevant to the implementations of the runtime services themselves, and so they are unmapped from the kernel linear map, and mapped into the EFI page tables that are active while runtime service invocations are in progress. None of this is needed for the RNG seed. So let's switch to EFI 'ACPI reclaim' memory: in spite of the name, there is nothing exclusively ACPI about it, it is simply a type of allocation that carries firmware provided data which may or may not be relevant to the OS, and it is left up to the OS to decide whether to reclaim it after having consumed its contents. Given that in Linux, we never reclaim these allocations, it is a good choice for the EFI RNG seed, as the allocation is guaranteed to survive kexec reboots. One additional reason for changing this now is to align it with the upcoming recommendation for EFI bootloader provided RNG seeds, which must not use EFI runtime services code/data allocations. Cc: <stable(a)vger.kernel.org> # v4.14+ Signed-off-by: Ard Biesheuvel <ardb(a)kernel.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas(a)linaro.org> diff --git a/drivers/firmware/efi/libstub/random.c b/drivers/firmware/efi/libstub/random.c index 24aa37535372..33ab56769595 100644 --- a/drivers/firmware/efi/libstub/random.c +++ b/drivers/firmware/efi/libstub/random.c @@ -75,7 +75,12 @@ efi_status_t efi_random_get_seed(void) if (status != EFI_SUCCESS) return status; - status = efi_bs_call(allocate_pool, EFI_RUNTIME_SERVICES_DATA, + /* + * Use EFI_ACPI_RECLAIM_MEMORY here so that it is guaranteed that the + * allocation will survive a kexec reboot (although we refresh the seed + * beforehand) + */ + status = efi_bs_call(allocate_pool, EFI_ACPI_RECLAIM_MEMORY, sizeof(*seed) + EFI_RANDOM_SEED_SIZE, (void **)&seed); if (status != EFI_SUCCESS)

2 years, 1 month

1
0
0 0

FAILED: patch "[PATCH] fuse: fix readdir cache race" failed to apply to 5.4-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.4-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. Possible dependencies: 9fa248c65bdb ("fuse: fix readdir cache race") 5fe0fc9f1de6 ("fuse: use kmap_local_page()") 9ac29fd3f87f ("fuse: move ioctl to separate source file") 5d069dbe8aaf ("fuse: fix bad inode") fcee216beb9c ("fuse: split fuse_mount off of fuse_conn") 8f622e9497bb ("fuse: drop fuse_conn parameter where possible") 24754db2728a ("fuse: store fuse_conn in fuse_req") 9a752d18c85a ("virtiofs: add logic to free up a memory range") d0cfb9dcbca6 ("virtiofs: maintain a list of busy elements") 6ae330cad6ef ("virtiofs: serialize truncate/punch_hole and dax fault path") 2a9a609a0c4a ("virtiofs: add DAX mmap support") c2d0ad00d948 ("virtiofs: implement dax read/write operations") ceec02d4354a ("virtiofs: introduce setupmapping/removemapping commands") fd1a1dc6f5aa ("virtiofs: implement FUSE_INIT map_alignment field") 45f2348eceb6 ("virtiofs: keep a list of free dax memory ranges") 1dd539577c42 ("virtiofs: add a mount option to enable dax") f4fd4ae354ba ("virtiofs: get rid of no_mount_options") 31070f6ccec0 ("fuse: Fix parameter for FS_IOC_{GET,SET}FLAGS") 69a6487ac0ea ("fuse: move rb_erase() before tree_insert()") 5b14671be58d ("Merge tag 'fuse-update-5.8' of git://git.kernel.org/pub/scm/linux/kernel/git/mszeredi/fuse") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 9fa248c65bdbf5af0a2f74dd38575acfc8dfd2bf Mon Sep 17 00:00:00 2001 From: Miklos Szeredi <mszeredi(a)redhat.com> Date: Thu, 20 Oct 2022 17:18:58 +0200 Subject: [PATCH] fuse: fix readdir cache race There's a race in fuse's readdir cache that can result in an uninitilized page being read. The page lock is supposed to prevent this from happening but in the following case it doesn't: Two fuse_add_dirent_to_cache() start out and get the same parameters (size=0,offset=0). One of them wins the race to create and lock the page, after which it fills in data, sets rdc.size and unlocks the page. In the meantime the page gets evicted from the cache before the other instance gets to run. That one also creates the page, but finds the size to be mismatched, bails out and leaves the uninitialized page in the cache. Fix by marking a filled page uptodate and ignoring non-uptodate pages. Reported-by: Frank Sorenson <fsorenso(a)redhat.com> Fixes: 5d7bc7e8680c ("fuse: allow using readdir cache") Cc: <stable(a)vger.kernel.org> # v4.20 Signed-off-by: Miklos Szeredi <mszeredi(a)redhat.com> diff --git a/fs/fuse/readdir.c b/fs/fuse/readdir.c index b4e565711045..e8deaacf1832 100644 --- a/fs/fuse/readdir.c +++ b/fs/fuse/readdir.c @@ -77,8 +77,10 @@ static void fuse_add_dirent_to_cache(struct file *file, goto unlock; addr = kmap_local_page(page); - if (!offset) + if (!offset) { clear_page(addr); + SetPageUptodate(page); + } memcpy(addr + offset, dirent, reclen); kunmap_local(addr); fi->rdc.size = (index << PAGE_SHIFT) + offset + reclen; @@ -516,6 +518,12 @@ static int fuse_readdir_cached(struct file *file, struct dir_context *ctx) page = find_get_page_flags(file->f_mapping, index, FGP_ACCESSED | FGP_LOCK); + /* Page gone missing, then re-added to cache, but not initialized? */ + if (page && !PageUptodate(page)) { + unlock_page(page); + put_page(page); + page = NULL; + } spin_lock(&fi->rdc.lock); if (!page) { /*

2 years, 1 month

1
0
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-stable-mirror November 2022