March 2022 - Linux-stable-mirror

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 5.15.29 release. There are 110 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Wed, 16 Mar 2022 11:27:22 +0000. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v5.x/stable-review/patch-5.15.29-rc… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-5.15.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 5.15.29-rc1 Vladimir Oltean <vladimir.oltean(a)nxp.com> Revert "net: dsa: mv88e6xxx: flush switchdev FDB workqueue before removing VLAN" Christoph Hellwig <hch(a)lst.de> block: drop unused includes in <linux/genhd.h> Niklas Cassel <niklas.cassel(a)wdc.com> riscv: dts: k210: fix broken IRQs on hart1 Ville Syrjälä <ville.syrjala(a)linux.intel.com> drm/i915: Workaround broken BIOS DBUF configuration on TGL/RKL Filipe Manana <fdmanana(a)suse.com> btrfs: make send work with concurrent block group relocation Thomas Zimmermann <tzimmermann(a)suse.de> drm/panel: Select DRM_DP_HELPER for DRM_PANEL_EDP Li Huafei <lihuafei1(a)huawei.com> x86/traps: Mark do_int3() NOKPROBE_SYMBOL Jarkko Sakkinen <jarkko(a)kernel.org> x86/sgx: Free backing memory after faulting the enclave page Ross Philipson <ross.philipson(a)oracle.com> x86/boot: Add setup_indirect support in early_memremap_is_setup_data() Ross Philipson <ross.philipson(a)oracle.com> x86/boot: Fix memremap of setup_indirect structures David Howells <dhowells(a)redhat.com> watch_queue: Make comment about setting ->defunct more accurate David Howells <dhowells(a)redhat.com> watch_queue: Fix lack of barrier/sync/lock between post and read David Howells <dhowells(a)redhat.com> watch_queue: Free the alloc bitmap when the watch_queue is torn down David Howells <dhowells(a)redhat.com> watch_queue: Fix the alloc bitmap size to reflect notes allocated David Howells <dhowells(a)redhat.com> watch_queue: Fix to always request a pow-of-2 pipe ring size David Howells <dhowells(a)redhat.com> watch_queue: Fix to release page in ->release() David Howells <dhowells(a)redhat.com> watch_queue, pipe: Free watchqueue state after clearing pipe ring David Howells <dhowells(a)redhat.com> watch_queue: Fix filter limit check Russell King (Oracle) <rmk+kernel(a)armlinux.org.uk> ARM: fix Thumb2 regression with Spectre BHB Dima Chumak <dchumak(a)nvidia.com> net/mlx5: Fix offloading with ESWITCH_IPV4_TTL_MODIFY_ENABLE Michael S. Tsirkin <mst(a)redhat.com> virtio: acknowledge all features before access Michael S. Tsirkin <mst(a)redhat.com> virtio: unexport virtio_finalize_features Andrei Vagin <avagin(a)gmail.com> KVM: x86/mmu: kvm_faultin_pfn has to return false if pfh is returned Halil Pasic <pasic(a)linux.ibm.com> swiotlb: rework "fix info leak with DMA_FROM_DEVICE" Paul Semel <semelpaul(a)gmail.com> arm64: kasan: fix include error in MTE functions Catalin Marinas <catalin.marinas(a)arm.com> arm64: Ensure execute-only permissions are not allowed without EPAN Pali Rohár <pali(a)kernel.org> arm64: dts: marvell: armada-37xx: Remap IO space to bus address 0x0 Nicolas Saenz Julienne <nsaenzju(a)redhat.com> tracing/osnoise: Force quiescent states while tracing Emil Renner Berthing <kernel(a)esmil.dk> riscv: Fix auipc+jalr relocation range checks Rong Chen <rong.chen(a)amlogic.com> mmc: meson: Fix usage of meson_mmc_post_req() Jisheng Zhang <jszhang(a)kernel.org> riscv: alternative only works on !XIP_KERNEL Robert Hancock <robert.hancock(a)calian.com> net: macb: Fix lost RX packet wakeup race in NAPI receive Dan Carpenter <dan.carpenter(a)oracle.com> staging: gdm724x: fix use after free in gdm_lte_rx() Hans de Goede <hdegoede(a)redhat.com> staging: rtl8723bs: Fix access-point mode deadlock Miklos Szeredi <mszeredi(a)redhat.com> fuse: fix pipe buffer lifetime for direct_io Miklos Szeredi <mszeredi(a)redhat.com> fuse: fix fileattr op failure Randy Dunlap <rdunlap(a)infradead.org> ARM: Spectre-BHB: provide empty stub for non-config Mike Kravetz <mike.kravetz(a)oracle.com> selftests/memfd: clean up mapping in mfd_fail_write Aneesh Kumar K.V <aneesh.kumar(a)linux.ibm.com> selftest/vm: fix map_fixed_noreplace test failure Daniel Bristot de Oliveira <bristot(a)kernel.org> tracing/osnoise: Make osnoise_main to sleep for microseconds Sven Schnelle <svens(a)linux.ibm.com> tracing: Ensure trace buffer is at least 4096 bytes large Niels Dossche <dossche.niels(a)gmail.com> ipv6: prevent a possible race condition with lifetimes Marek Marczykowski-Górecki <marmarek(a)invisiblethingslab.com> Revert "xen-netback: Check for hotplug-status existence before watching" Marek Marczykowski-Górecki <marmarek(a)invisiblethingslab.com> Revert "xen-netback: remove 'hotplug-status' once it has served its purpose" Guchun Chen <guchun.chen(a)amd.com> drm/amdgpu: bypass tiling flag check in virtual display case (v2) Shreeya Patel <shreeya.patel(a)collabora.com> gpio: Return EPROBE_DEFER if gc->to_irq is NULL Alex Deucher <alexander.deucher(a)amd.com> PCI: Mark all AMD Navi10 and Navi14 GPU ATS as broken Vikash Chandola <vikash.chandola(a)linux.intel.com> hwmon: (pmbus) Clear pmbus fault/warning bits after read suresh kumar <suresh2514(a)gmail.com> net-sysfs: add check for netdevice being present to speed_show Wanpeng Li <wanpengli(a)tencent.com> x86/kvm: Don't use pv tlb/ipi/sched_yield if on 1 vCPU Maxime Ripard <maxime(a)cerno.tech> drm/vc4: hdmi: Unregister codec device on unbind Jon Lin <jon.lin(a)rock-chips.com> spi: rockchip: terminate dma transmission when slave abort Jon Lin <jon.lin(a)rock-chips.com> spi: rockchip: Fix error in getting num-cs property Anton Romanov <romanton(a)google.com> kvm: x86: Disable KVM_HC_CLOCK_PAIRING if tsc is in always catchup mode Wanpeng Li <wanpengli(a)tencent.com> KVM: Fix lockdep false negative during host resume Andy Shevchenko <andriy.shevchenko(a)linux.intel.com> pinctrl: tigerlake: Revert "Add Alder Lake-M ACPI ID" Heikki Krogerus <heikki.krogerus(a)linux.intel.com> usb: dwc3: pci: add support for the Intel Raptor Lake-S Halil Pasic <pasic(a)linux.ibm.com> swiotlb: fix info leak with DMA_FROM_DEVICE Kumar Kartikeya Dwivedi <memxor(a)gmail.com> selftests/bpf: Add test for bpf_timer overwriting crash Heiner Kallweit <hkallweit1(a)gmail.com> net: phy: meson-gxl: improve link-up behavior Jeremy Linton <jeremy.linton(a)arm.com> net: bcmgenet: Don't claim WOL when its not available Eric Dumazet <edumazet(a)google.com> sctp: fix kernel-infoleak for SCTP sockets Clément Léger <clement.leger(a)bootlin.com> net: phy: DP83822: clear MISR2 register to disable interrupts Miaoqian Lin <linmq006(a)gmail.com> gianfar: ethtool: Fix refcount leak in gfar_get_ts_info Mark Featherston <mark(a)embeddedTS.com> gpio: ts4900: Do not set DAT and OE together Guillaume Nault <gnault(a)redhat.com> selftests: pmtu.sh: Kill nettest processes launched in subshell. Guillaume Nault <gnault(a)redhat.com> selftests: pmtu.sh: Kill tcpdump processes launched by subshell. Pavel Skripkin <paskripkin(a)gmail.com> NFC: port100: fix use-after-free in port100_send_complete Roi Dayan <roid(a)nvidia.com> net/mlx5e: Lag, Only handle events from highest priority multipath entry Moshe Shemesh <moshe(a)nvidia.com> net/mlx5: Fix a race on command flush flow Mohammad Kabat <mohammadkab(a)nvidia.com> net/mlx5: Fix size field in bufferx_reg struct Duoming Zhou <duoming(a)zju.edu.cn> ax25: Fix NULL pointer dereference in ax25_kill_by_device Miaoqian Lin <linmq006(a)gmail.com> net: marvell: prestera: Add missing of_node_put() in prestera_switch_set_base_mac_addr Jiasheng Jiang <jiasheng(a)iscas.ac.cn> net: ethernet: lpc_eth: Handle error for clk_enable Jiasheng Jiang <jiasheng(a)iscas.ac.cn> net: ethernet: ti: cpts: Handle error for clk_enable Tung Nguyen <tung.q.nguyen(a)dektech.com.au> tipc: fix incorrect order of state message data sanity check Miaoqian Lin <linmq006(a)gmail.com> ethernet: Fix error handling in xemaclite_of_probe Jedrzej Jagielski <jedrzej.jagielski(a)intel.com> ice: Fix curr_link_speed advertised speed Christophe JAILLET <christophe.jaillet(a)wanadoo.fr> ice: Don't use GFP_KERNEL in atomic context Dave Ertman <david.m.ertman(a)intel.com> ice: Fix error with handling of bonding MTU Jacob Keller <jacob.e.keller(a)intel.com> ice: stop disabling VFs due to PF error responses Jacob Keller <jacob.e.keller(a)intel.com> i40e: stop disabling VFs due to PF error responses Michal Maloszewski <michal.maloszewski(a)intel.com> iavf: Fix handling of vlan strip virtual channel messages Joel Stanley <joel(a)jms.id.au> ARM: dts: aspeed: Fix AST2600 quad spi group Russell King (Oracle) <rmk+kernel(a)armlinux.org.uk> net: dsa: mt7530: fix incorrect test in mt753x_phylink_validate() Jernej Skrabec <jernej.skrabec(a)gmail.com> drm/sun4i: mixer: Fix P010 and P210 format numbers Andy Shevchenko <andriy.shevchenko(a)linux.intel.com> gpiolib: acpi: Convert ACPI value of debounce to microseconds Fabio Estevam <festevam(a)denx.de> smsc95xx: Ignore -ENODEV errors when device is unplugged Tom Rix <trix(a)redhat.com> qed: return status of qed_iov_get_link Steffen Klassert <steffen.klassert(a)secunet.com> esp: Fix BEET mode inter address family tunneling on GSO Steffen Klassert <steffen.klassert(a)secunet.com> esp: Fix possible buffer overflow in ESP transformation Jia-Ju Bai <baijiaju1990(a)gmail.com> net: qlogic: check the return value of dma_alloc_coherent() in qed_vf_hw_prepare() Jia-Ju Bai <baijiaju1990(a)gmail.com> isdn: hfcpci: check the return value of dma_set_mask() in setup_hw() Zhang Min <zhang.min9(a)zte.com.cn> vdpa: fix use-after-free on vp_vdpa_remove Xie Yongji <xieyongji(a)bytedance.com> virtio-blk: Don't use MAX_DISCARD_SEGMENTS if max_discard_seg is zero Anirudh Rayabharam <mail(a)anirudhrb.com> vhost: fix hung thread due to erroneous iotlb entries Alexey Khoroshilov <khoroshilov(a)ispras.ru> mISDN: Fix memory leak in dsp_pipeline_build() Heiner Kallweit <hkallweit1(a)gmail.com> net: phy: meson-gxl: fix interrupt handling in forced mode Xie Yongji <xieyongji(a)bytedance.com> vduse: Fix returning wrong type in vduse_domain_alloc_iova() Si-Wei Liu <si-wei.liu(a)oracle.com> vdpa/mlx5: add validation for VIRTIO_NET_CTRL_MQ_VQ_PAIRS_SET command Tung Nguyen <tung.q.nguyen(a)dektech.com.au> tipc: fix kernel panic when enabling bearer Pali Rohár <pali(a)kernel.org> arm64: dts: armada-3720-turris-mox: Add missing ethernet0 alias Dmitry Torokhov <dmitry.torokhov(a)gmail.com> HID: vivaldi: fix sysfs attributes leak Taniya Das <tdas(a)codeaurora.org> clk: qcom: dispcc: Update the transition delay for MDSS GDSC Taniya Das <tdas(a)codeaurora.org> clk: qcom: gdsc: Add support to update GDSC transition delay Maxime Ripard <maxime(a)cerno.tech> ARM: boot: dts: bcm2711: Fix HVS register range Pavel Skripkin <paskripkin(a)gmail.com> HID: hid-thrustmaster: fix OOB read in thrustmaster_interrupts Jiri Kosina <jkosina(a)suse.cz> HID: elo: Revert USB reference counting Bjorn Andersson <bjorn.andersson(a)linaro.org> arm64: dts: qcom: sm8350: Correct UFS symbol clocks Konrad Dybcio <konrad.dybcio(a)somainline.org> arm64: dts: qcom: sm8350: Describe GCC dependency clocks ------------- Diffstat: Makefile | 4 +- arch/arm/boot/dts/aspeed-g6-pinctrl.dtsi | 2 +- arch/arm/boot/dts/bcm2711.dtsi | 1 + arch/arm/include/asm/spectre.h | 6 + arch/arm/kernel/entry-armv.S | 4 +- arch/arm64/Kconfig | 3 - .../boot/dts/marvell/armada-3720-turris-mox.dts | 8 +- arch/arm64/boot/dts/marvell/armada-37xx.dtsi | 2 +- arch/arm64/boot/dts/qcom/sm8350.dtsi | 48 ++- arch/arm64/include/asm/mte-kasan.h | 1 + arch/arm64/include/asm/pgtable-prot.h | 4 +- arch/arm64/include/asm/pgtable.h | 12 - arch/arm64/mm/mmap.c | 17 + arch/riscv/Kconfig.erratas | 1 + arch/riscv/Kconfig.socs | 4 +- arch/riscv/boot/dts/canaan/k210.dtsi | 3 +- arch/riscv/kernel/module.c | 21 +- arch/um/drivers/ubd_kern.c | 1 + arch/x86/kernel/cpu/sgx/encl.c | 57 +++- arch/x86/kernel/e820.c | 41 ++- arch/x86/kernel/kdebugfs.c | 37 ++- arch/x86/kernel/ksysfs.c | 77 ++++- arch/x86/kernel/kvm.c | 9 +- arch/x86/kernel/setup.c | 34 +- arch/x86/kernel/traps.c | 1 + arch/x86/kvm/mmu/mmu.c | 1 + arch/x86/kvm/x86.c | 7 + arch/x86/mm/ioremap.c | 57 +++- block/genhd.c | 1 + block/holder.c | 1 + block/partitions/core.c | 1 + drivers/block/amiflop.c | 1 + drivers/block/ataflop.c | 1 + drivers/block/floppy.c | 1 + drivers/block/swim.c | 1 + drivers/block/virtio_blk.c | 10 +- drivers/block/xen-blkfront.c | 1 + drivers/clk/qcom/dispcc-sc7180.c | 5 +- drivers/clk/qcom/dispcc-sc7280.c | 5 +- drivers/clk/qcom/dispcc-sm8250.c | 5 +- drivers/clk/qcom/gdsc.c | 26 +- drivers/clk/qcom/gdsc.h | 8 +- drivers/gpio/gpio-ts4900.c | 24 +- drivers/gpio/gpiolib-acpi.c | 6 +- drivers/gpio/gpiolib.c | 20 ++ drivers/gpu/drm/amd/amdgpu/amdgpu_display.c | 2 +- drivers/gpu/drm/i915/display/intel_display.c | 5 +- drivers/gpu/drm/i915/display/intel_display.h | 2 + drivers/gpu/drm/i915/intel_pm.c | 68 ++++ drivers/gpu/drm/i915/intel_pm.h | 1 + drivers/gpu/drm/panel/Kconfig | 1 + drivers/gpu/drm/sun4i/sun8i_mixer.h | 8 +- drivers/gpu/drm/vc4/vc4_hdmi.c | 8 + drivers/gpu/drm/vc4/vc4_hdmi.h | 1 + drivers/hid/hid-elo.c | 7 +- drivers/hid/hid-thrustmaster.c | 6 + drivers/hid/hid-vivaldi.c | 2 +- drivers/hwmon/pmbus/pmbus_core.c | 5 + drivers/isdn/hardware/mISDN/hfcpci.c | 6 +- drivers/isdn/mISDN/dsp_pipeline.c | 6 +- drivers/md/md.c | 1 + drivers/mmc/host/meson-gx-mmc.c | 15 +- drivers/net/dsa/mt7530.c | 2 +- drivers/net/dsa/mv88e6xxx/chip.c | 7 - drivers/net/ethernet/broadcom/genet/bcmgenet_wol.c | 7 + drivers/net/ethernet/cadence/macb_main.c | 25 +- drivers/net/ethernet/freescale/gianfar_ethtool.c | 1 + drivers/net/ethernet/intel/i40e/i40e_debugfs.c | 6 +- drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.c | 57 +--- drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.h | 5 - drivers/net/ethernet/intel/iavf/iavf_virtchnl.c | 40 +++ drivers/net/ethernet/intel/ice/ice.h | 1 + drivers/net/ethernet/intel/ice/ice_ethtool.c | 2 +- drivers/net/ethernet/intel/ice/ice_main.c | 31 +- drivers/net/ethernet/intel/ice/ice_virtchnl_pf.c | 18 -- drivers/net/ethernet/intel/ice/ice_virtchnl_pf.h | 3 - .../net/ethernet/marvell/prestera/prestera_main.c | 1 + drivers/net/ethernet/mellanox/mlx5/core/cmd.c | 15 +- drivers/net/ethernet/mellanox/mlx5/core/lag_mp.c | 11 +- .../ethernet/mellanox/mlx5/core/lib/fs_chains.c | 3 - drivers/net/ethernet/nxp/lpc_eth.c | 5 +- drivers/net/ethernet/qlogic/qed/qed_sriov.c | 18 +- drivers/net/ethernet/qlogic/qed/qed_vf.c | 7 + drivers/net/ethernet/ti/cpts.c | 4 +- drivers/net/ethernet/xilinx/xilinx_emaclite.c | 4 +- drivers/net/phy/dp83822.c | 2 +- drivers/net/phy/meson-gxl.c | 31 +- drivers/net/usb/smsc95xx.c | 28 +- drivers/net/xen-netback/xenbus.c | 14 +- drivers/nfc/port100.c | 2 + drivers/pci/quirks.c | 14 +- drivers/pinctrl/intel/pinctrl-tigerlake.c | 1 - drivers/s390/block/dasd_genhd.c | 1 + drivers/scsi/sd.c | 1 + drivers/scsi/sg.c | 1 + drivers/scsi/sr.c | 1 + drivers/scsi/st.c | 1 + drivers/spi/spi-rockchip.c | 13 +- drivers/staging/gdm724x/gdm_lte.c | 5 +- drivers/staging/rtl8723bs/core/rtw_mlme_ext.c | 7 +- drivers/staging/rtl8723bs/core/rtw_recv.c | 10 +- drivers/staging/rtl8723bs/core/rtw_sta_mgt.c | 22 +- drivers/staging/rtl8723bs/core/rtw_xmit.c | 16 +- drivers/staging/rtl8723bs/hal/rtl8723bs_xmit.c | 2 + drivers/usb/dwc3/dwc3-pci.c | 4 + drivers/vdpa/mlx5/net/mlx5_vnet.c | 16 + drivers/vdpa/vdpa_user/iova_domain.c | 2 +- drivers/vdpa/virtio_pci/vp_vdpa.c | 2 +- drivers/vhost/iotlb.c | 11 + drivers/vhost/vhost.c | 5 + drivers/virtio/virtio.c | 40 +-- fs/btrfs/block-group.c | 9 +- fs/btrfs/ctree.c | 98 ++++-- fs/btrfs/ctree.h | 14 +- fs/btrfs/disk-io.c | 4 +- fs/btrfs/relocation.c | 13 - fs/btrfs/send.c | 357 ++++++++++++++++++--- fs/btrfs/transaction.c | 4 + fs/fuse/dev.c | 12 +- fs/fuse/file.c | 1 + fs/fuse/fuse_i.h | 1 + fs/fuse/ioctl.c | 9 +- fs/pipe.c | 11 +- include/linux/genhd.h | 14 +- include/linux/mlx5/mlx5_ifc.h | 4 +- include/linux/part_stat.h | 1 + include/linux/virtio.h | 1 - include/linux/virtio_config.h | 3 +- include/linux/watch_queue.h | 3 +- include/net/dsa.h | 1 - include/net/esp.h | 2 + kernel/dma/swiotlb.c | 22 +- kernel/trace/trace.c | 10 +- kernel/trace/trace_osnoise.c | 73 +++-- kernel/watch_queue.c | 15 +- net/ax25/af_ax25.c | 7 + net/core/net-sysfs.c | 2 +- net/dsa/dsa.c | 1 - net/dsa/dsa_priv.h | 1 + net/ipv4/esp4.c | 5 + net/ipv4/esp4_offload.c | 3 + net/ipv6/addrconf.c | 2 + net/ipv6/esp6.c | 5 + net/ipv6/esp6_offload.c | 3 + net/sctp/diag.c | 9 +- net/tipc/bearer.c | 12 +- net/tipc/link.c | 9 +- .../testing/selftests/bpf/prog_tests/timer_crash.c | 32 ++ tools/testing/selftests/bpf/progs/timer_crash.c | 54 ++++ tools/testing/selftests/memfd/memfd_test.c | 1 + tools/testing/selftests/net/pmtu.sh | 21 +- tools/testing/selftests/vm/map_fixed_noreplace.c | 49 ++- virt/kvm/kvm_main.c | 4 +- 153 files changed, 1594 insertions(+), 557 deletions(-)

2 years, 10 months

11
123
0 0

[PATCH 4.19 1/2] sctp: fix the processing for INIT chunk

by Ovidiu Panait

From: Xin Long <lucien.xin(a)gmail.com> commit eae5783908042a762c24e1bd11876edb91d314b1 upstream. This patch fixes the problems below: 1. In non-shutdown_ack_sent states: in sctp_sf_do_5_1B_init() and sctp_sf_do_5_2_2_dupinit(): chunk length check should be done before any checks that may cause to send abort, as making packet for abort will access the init_tag from init_hdr in sctp_ootb_pkt_new(). 2. In shutdown_ack_sent state: in sctp_sf_do_9_2_reshutack(): The same checks as does in sctp_sf_do_5_2_2_dupinit() is needed for sctp_sf_do_9_2_reshutack(). Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2") Signed-off-by: Xin Long <lucien.xin(a)gmail.com> Acked-by: Marcelo Ricardo Leitner <marcelo.leitner(a)gmail.com> Signed-off-by: Jakub Kicinski <kuba(a)kernel.org> [OP: adjusted context for 4.19] Signed-off-by: Ovidiu Panait <ovidiu.panait(a)windriver.com> --- CVE-2021-3772 patchset consists of 7 fixes: [1] 4f7019c7eb33 ("sctp: use init_tag from inithdr for ABORT chunk") [2] eae578390804 ("sctp: fix the processing for INIT chunk") [3] 438b95a7c98f ("sctp: fix the processing for INIT_ACK chunk") [4] a64b341b8695 ("sctp: fix the processing for COOKIE_ECHO chunk") [5] aa0f697e4528 ("sctp: add vtag check in sctp_sf_violation") [6] ef16b1734f0a ("sctp: add vtag check in sctp_sf_do_8_5_1_E_sa") [7] 9d02831e517a ("sctp: add vtag check in sctp_sf_ootb") This series contains backports for [2] and [3], which are the only fixes missing from 4.19-stable. Only small contextual adjustments were made. net/sctp/sm_statefuns.c | 71 ++++++++++++++++++++++++++--------------- 1 file changed, 46 insertions(+), 25 deletions(-) diff --git a/net/sctp/sm_statefuns.c b/net/sctp/sm_statefuns.c index ebca069064df..5e17df88df5d 100644 --- a/net/sctp/sm_statefuns.c +++ b/net/sctp/sm_statefuns.c @@ -164,6 +164,12 @@ static enum sctp_disposition __sctp_sf_do_9_1_abort( void *arg, struct sctp_cmd_seq *commands); +static enum sctp_disposition +__sctp_sf_do_9_2_reshutack(struct net *net, const struct sctp_endpoint *ep, + const struct sctp_association *asoc, + const union sctp_subtype type, void *arg, + struct sctp_cmd_seq *commands); + /* Small helper function that checks if the chunk length * is of the appropriate length. The 'required_length' argument * is set to be the size of a specific chunk we are testing. @@ -345,6 +351,14 @@ enum sctp_disposition sctp_sf_do_5_1B_init(struct net *net, if (!chunk->singleton) return sctp_sf_pdiscard(net, ep, asoc, type, arg, commands); + /* Make sure that the INIT chunk has a valid length. + * Normally, this would cause an ABORT with a Protocol Violation + * error, but since we don't have an association, we'll + * just discard the packet. + */ + if (!sctp_chunk_length_valid(chunk, sizeof(struct sctp_init_chunk))) + return sctp_sf_pdiscard(net, ep, asoc, type, arg, commands); + /* If the packet is an OOTB packet which is temporarily on the * control endpoint, respond with an ABORT. */ @@ -359,14 +373,6 @@ enum sctp_disposition sctp_sf_do_5_1B_init(struct net *net, if (chunk->sctp_hdr->vtag != 0) return sctp_sf_tabort_8_4_8(net, ep, asoc, type, arg, commands); - /* Make sure that the INIT chunk has a valid length. - * Normally, this would cause an ABORT with a Protocol Violation - * error, but since we don't have an association, we'll - * just discard the packet. - */ - if (!sctp_chunk_length_valid(chunk, sizeof(struct sctp_init_chunk))) - return sctp_sf_pdiscard(net, ep, asoc, type, arg, commands); - /* If the INIT is coming toward a closing socket, we'll send back * and ABORT. Essentially, this catches the race of INIT being * backloged to the socket at the same time as the user isses close(). @@ -1499,19 +1505,16 @@ static enum sctp_disposition sctp_sf_do_unexpected_init( if (!chunk->singleton) return sctp_sf_pdiscard(net, ep, asoc, type, arg, commands); + /* Make sure that the INIT chunk has a valid length. */ + if (!sctp_chunk_length_valid(chunk, sizeof(struct sctp_init_chunk))) + return sctp_sf_pdiscard(net, ep, asoc, type, arg, commands); + /* 3.1 A packet containing an INIT chunk MUST have a zero Verification * Tag. */ if (chunk->sctp_hdr->vtag != 0) return sctp_sf_tabort_8_4_8(net, ep, asoc, type, arg, commands); - /* Make sure that the INIT chunk has a valid length. - * In this case, we generate a protocol violation since we have - * an association established. - */ - if (!sctp_chunk_length_valid(chunk, sizeof(struct sctp_init_chunk))) - return sctp_sf_violation_chunklen(net, ep, asoc, type, arg, - commands); /* Grab the INIT header. */ chunk->subh.init_hdr = (struct sctp_inithdr *)chunk->skb->data; @@ -1829,9 +1832,9 @@ static enum sctp_disposition sctp_sf_do_dupcook_a( * its peer. */ if (sctp_state(asoc, SHUTDOWN_ACK_SENT)) { - disposition = sctp_sf_do_9_2_reshutack(net, ep, asoc, - SCTP_ST_CHUNK(chunk->chunk_hdr->type), - chunk, commands); + disposition = __sctp_sf_do_9_2_reshutack(net, ep, asoc, + SCTP_ST_CHUNK(chunk->chunk_hdr->type), + chunk, commands); if (SCTP_DISPOSITION_NOMEM == disposition) goto nomem; @@ -2930,13 +2933,11 @@ enum sctp_disposition sctp_sf_do_9_2_shut_ctsn( * that belong to this association, it should discard the INIT chunk and * retransmit the SHUTDOWN ACK chunk. */ -enum sctp_disposition sctp_sf_do_9_2_reshutack( - struct net *net, - const struct sctp_endpoint *ep, - const struct sctp_association *asoc, - const union sctp_subtype type, - void *arg, - struct sctp_cmd_seq *commands) +static enum sctp_disposition +__sctp_sf_do_9_2_reshutack(struct net *net, const struct sctp_endpoint *ep, + const struct sctp_association *asoc, + const union sctp_subtype type, void *arg, + struct sctp_cmd_seq *commands) { struct sctp_chunk *chunk = arg; struct sctp_chunk *reply; @@ -2970,6 +2971,26 @@ enum sctp_disposition sctp_sf_do_9_2_reshutack( return SCTP_DISPOSITION_NOMEM; } +enum sctp_disposition +sctp_sf_do_9_2_reshutack(struct net *net, const struct sctp_endpoint *ep, + const struct sctp_association *asoc, + const union sctp_subtype type, void *arg, + struct sctp_cmd_seq *commands) +{ + struct sctp_chunk *chunk = arg; + + if (!chunk->singleton) + return sctp_sf_pdiscard(net, ep, asoc, type, arg, commands); + + if (!sctp_chunk_length_valid(chunk, sizeof(struct sctp_init_chunk))) + return sctp_sf_pdiscard(net, ep, asoc, type, arg, commands); + + if (chunk->sctp_hdr->vtag != 0) + return sctp_sf_tabort_8_4_8(net, ep, asoc, type, arg, commands); + + return __sctp_sf_do_9_2_reshutack(net, ep, asoc, type, arg, commands); +} + /* * sctp_sf_do_ecn_cwr * -- 2.25.1

2 years, 10 months

1
1
0 0

[PATCH 5.4 1/1] sctp: fix the processing for INIT chunk

by Ovidiu Panait

From: Xin Long <lucien.xin(a)gmail.com> commit eae5783908042a762c24e1bd11876edb91d314b1 upstream. This patch fixes the problems below: 1. In non-shutdown_ack_sent states: in sctp_sf_do_5_1B_init() and sctp_sf_do_5_2_2_dupinit(): chunk length check should be done before any checks that may cause to send abort, as making packet for abort will access the init_tag from init_hdr in sctp_ootb_pkt_new(). 2. In shutdown_ack_sent state: in sctp_sf_do_9_2_reshutack(): The same checks as does in sctp_sf_do_5_2_2_dupinit() is needed for sctp_sf_do_9_2_reshutack(). Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2") Signed-off-by: Xin Long <lucien.xin(a)gmail.com> Acked-by: Marcelo Ricardo Leitner <marcelo.leitner(a)gmail.com> Signed-off-by: Jakub Kicinski <kuba(a)kernel.org> [OP: adjusted context for 5.4] Signed-off-by: Ovidiu Panait <ovidiu.panait(a)windriver.com> --- CVE-2021-3772 patchset consists of 7 fixes: [1] 4f7019c7eb33 ("sctp: use init_tag from inithdr for ABORT chunk") [2] eae578390804 ("sctp: fix the processing for INIT chunk") [3] 438b95a7c98f ("sctp: fix the processing for INIT_ACK chunk") [4] a64b341b8695 ("sctp: fix the processing for COOKIE_ECHO chunk") [5] aa0f697e4528 ("sctp: add vtag check in sctp_sf_violation") [6] ef16b1734f0a ("sctp: add vtag check in sctp_sf_do_8_5_1_E_sa") [7] 9d02831e517a ("sctp: add vtag check in sctp_sf_ootb") This is a backport for [2], which is the only fix missing from 5.4-stable. Only small contextual adjustments were made. net/sctp/sm_statefuns.c | 71 ++++++++++++++++++++++++++--------------- 1 file changed, 46 insertions(+), 25 deletions(-) diff --git a/net/sctp/sm_statefuns.c b/net/sctp/sm_statefuns.c index 7c6dcbc8e98b..1d2f633c6c7c 100644 --- a/net/sctp/sm_statefuns.c +++ b/net/sctp/sm_statefuns.c @@ -149,6 +149,12 @@ static enum sctp_disposition __sctp_sf_do_9_1_abort( void *arg, struct sctp_cmd_seq *commands); +static enum sctp_disposition +__sctp_sf_do_9_2_reshutack(struct net *net, const struct sctp_endpoint *ep, + const struct sctp_association *asoc, + const union sctp_subtype type, void *arg, + struct sctp_cmd_seq *commands); + /* Small helper function that checks if the chunk length * is of the appropriate length. The 'required_length' argument * is set to be the size of a specific chunk we are testing. @@ -330,6 +336,14 @@ enum sctp_disposition sctp_sf_do_5_1B_init(struct net *net, if (!chunk->singleton) return sctp_sf_pdiscard(net, ep, asoc, type, arg, commands); + /* Make sure that the INIT chunk has a valid length. + * Normally, this would cause an ABORT with a Protocol Violation + * error, but since we don't have an association, we'll + * just discard the packet. + */ + if (!sctp_chunk_length_valid(chunk, sizeof(struct sctp_init_chunk))) + return sctp_sf_pdiscard(net, ep, asoc, type, arg, commands); + /* If the packet is an OOTB packet which is temporarily on the * control endpoint, respond with an ABORT. */ @@ -344,14 +358,6 @@ enum sctp_disposition sctp_sf_do_5_1B_init(struct net *net, if (chunk->sctp_hdr->vtag != 0) return sctp_sf_tabort_8_4_8(net, ep, asoc, type, arg, commands); - /* Make sure that the INIT chunk has a valid length. - * Normally, this would cause an ABORT with a Protocol Violation - * error, but since we don't have an association, we'll - * just discard the packet. - */ - if (!sctp_chunk_length_valid(chunk, sizeof(struct sctp_init_chunk))) - return sctp_sf_pdiscard(net, ep, asoc, type, arg, commands); - /* If the INIT is coming toward a closing socket, we'll send back * and ABORT. Essentially, this catches the race of INIT being * backloged to the socket at the same time as the user isses close(). @@ -1484,19 +1490,16 @@ static enum sctp_disposition sctp_sf_do_unexpected_init( if (!chunk->singleton) return sctp_sf_pdiscard(net, ep, asoc, type, arg, commands); + /* Make sure that the INIT chunk has a valid length. */ + if (!sctp_chunk_length_valid(chunk, sizeof(struct sctp_init_chunk))) + return sctp_sf_pdiscard(net, ep, asoc, type, arg, commands); + /* 3.1 A packet containing an INIT chunk MUST have a zero Verification * Tag. */ if (chunk->sctp_hdr->vtag != 0) return sctp_sf_tabort_8_4_8(net, ep, asoc, type, arg, commands); - /* Make sure that the INIT chunk has a valid length. - * In this case, we generate a protocol violation since we have - * an association established. - */ - if (!sctp_chunk_length_valid(chunk, sizeof(struct sctp_init_chunk))) - return sctp_sf_violation_chunklen(net, ep, asoc, type, arg, - commands); /* Grab the INIT header. */ chunk->subh.init_hdr = (struct sctp_inithdr *)chunk->skb->data; @@ -1814,9 +1817,9 @@ static enum sctp_disposition sctp_sf_do_dupcook_a( * its peer. */ if (sctp_state(asoc, SHUTDOWN_ACK_SENT)) { - disposition = sctp_sf_do_9_2_reshutack(net, ep, asoc, - SCTP_ST_CHUNK(chunk->chunk_hdr->type), - chunk, commands); + disposition = __sctp_sf_do_9_2_reshutack(net, ep, asoc, + SCTP_ST_CHUNK(chunk->chunk_hdr->type), + chunk, commands); if (SCTP_DISPOSITION_NOMEM == disposition) goto nomem; @@ -2915,13 +2918,11 @@ enum sctp_disposition sctp_sf_do_9_2_shut_ctsn( * that belong to this association, it should discard the INIT chunk and * retransmit the SHUTDOWN ACK chunk. */ -enum sctp_disposition sctp_sf_do_9_2_reshutack( - struct net *net, - const struct sctp_endpoint *ep, - const struct sctp_association *asoc, - const union sctp_subtype type, - void *arg, - struct sctp_cmd_seq *commands) +static enum sctp_disposition +__sctp_sf_do_9_2_reshutack(struct net *net, const struct sctp_endpoint *ep, + const struct sctp_association *asoc, + const union sctp_subtype type, void *arg, + struct sctp_cmd_seq *commands) { struct sctp_chunk *chunk = arg; struct sctp_chunk *reply; @@ -2955,6 +2956,26 @@ enum sctp_disposition sctp_sf_do_9_2_reshutack( return SCTP_DISPOSITION_NOMEM; } +enum sctp_disposition +sctp_sf_do_9_2_reshutack(struct net *net, const struct sctp_endpoint *ep, + const struct sctp_association *asoc, + const union sctp_subtype type, void *arg, + struct sctp_cmd_seq *commands) +{ + struct sctp_chunk *chunk = arg; + + if (!chunk->singleton) + return sctp_sf_pdiscard(net, ep, asoc, type, arg, commands); + + if (!sctp_chunk_length_valid(chunk, sizeof(struct sctp_init_chunk))) + return sctp_sf_pdiscard(net, ep, asoc, type, arg, commands); + + if (chunk->sctp_hdr->vtag != 0) + return sctp_sf_tabort_8_4_8(net, ep, asoc, type, arg, commands); + + return __sctp_sf_do_9_2_reshutack(net, ep, asoc, type, arg, commands); +} + /* * sctp_sf_do_ecn_cwr * -- 2.25.1

2 years, 10 months

1
0
0 0

[PATCH 5.10 1/1] sctp: fix the processing for INIT chunk

by Ovidiu Panait

From: Xin Long <lucien.xin(a)gmail.com> commit eae5783908042a762c24e1bd11876edb91d314b1 upstream. This patch fixes the problems below: 1. In non-shutdown_ack_sent states: in sctp_sf_do_5_1B_init() and sctp_sf_do_5_2_2_dupinit(): chunk length check should be done before any checks that may cause to send abort, as making packet for abort will access the init_tag from init_hdr in sctp_ootb_pkt_new(). 2. In shutdown_ack_sent state: in sctp_sf_do_9_2_reshutack(): The same checks as does in sctp_sf_do_5_2_2_dupinit() is needed for sctp_sf_do_9_2_reshutack(). Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2") Signed-off-by: Xin Long <lucien.xin(a)gmail.com> Acked-by: Marcelo Ricardo Leitner <marcelo.leitner(a)gmail.com> Signed-off-by: Jakub Kicinski <kuba(a)kernel.org> [OP: adjusted context for 5.10] Signed-off-by: Ovidiu Panait <ovidiu.panait(a)windriver.com> --- CVE-2021-3772 patchset consists of 7 fixes: [1] 4f7019c7eb33 ("sctp: use init_tag from inithdr for ABORT chunk") [2] eae578390804 ("sctp: fix the processing for INIT chunk") [3] 438b95a7c98f ("sctp: fix the processing for INIT_ACK chunk") [4] a64b341b8695 ("sctp: fix the processing for COOKIE_ECHO chunk") [5] aa0f697e4528 ("sctp: add vtag check in sctp_sf_violation") [6] ef16b1734f0a ("sctp: add vtag check in sctp_sf_do_8_5_1_E_sa") [7] 9d02831e517a ("sctp: add vtag check in sctp_sf_ootb") This is a backport for [2], which is the only fix missing from 5.10-stable. Only small contextual adjustments were made. net/sctp/sm_statefuns.c | 71 ++++++++++++++++++++++++++--------------- 1 file changed, 46 insertions(+), 25 deletions(-) diff --git a/net/sctp/sm_statefuns.c b/net/sctp/sm_statefuns.c index 096e6be1d8fc..ee0b2b03657c 100644 --- a/net/sctp/sm_statefuns.c +++ b/net/sctp/sm_statefuns.c @@ -149,6 +149,12 @@ static enum sctp_disposition __sctp_sf_do_9_1_abort( void *arg, struct sctp_cmd_seq *commands); +static enum sctp_disposition +__sctp_sf_do_9_2_reshutack(struct net *net, const struct sctp_endpoint *ep, + const struct sctp_association *asoc, + const union sctp_subtype type, void *arg, + struct sctp_cmd_seq *commands); + /* Small helper function that checks if the chunk length * is of the appropriate length. The 'required_length' argument * is set to be the size of a specific chunk we are testing. @@ -330,6 +336,14 @@ enum sctp_disposition sctp_sf_do_5_1B_init(struct net *net, if (!chunk->singleton) return sctp_sf_pdiscard(net, ep, asoc, type, arg, commands); + /* Make sure that the INIT chunk has a valid length. + * Normally, this would cause an ABORT with a Protocol Violation + * error, but since we don't have an association, we'll + * just discard the packet. + */ + if (!sctp_chunk_length_valid(chunk, sizeof(struct sctp_init_chunk))) + return sctp_sf_pdiscard(net, ep, asoc, type, arg, commands); + /* If the packet is an OOTB packet which is temporarily on the * control endpoint, respond with an ABORT. */ @@ -344,14 +358,6 @@ enum sctp_disposition sctp_sf_do_5_1B_init(struct net *net, if (chunk->sctp_hdr->vtag != 0) return sctp_sf_tabort_8_4_8(net, ep, asoc, type, arg, commands); - /* Make sure that the INIT chunk has a valid length. - * Normally, this would cause an ABORT with a Protocol Violation - * error, but since we don't have an association, we'll - * just discard the packet. - */ - if (!sctp_chunk_length_valid(chunk, sizeof(struct sctp_init_chunk))) - return sctp_sf_pdiscard(net, ep, asoc, type, arg, commands); - /* If the INIT is coming toward a closing socket, we'll send back * and ABORT. Essentially, this catches the race of INIT being * backloged to the socket at the same time as the user isses close(). @@ -1484,19 +1490,16 @@ static enum sctp_disposition sctp_sf_do_unexpected_init( if (!chunk->singleton) return sctp_sf_pdiscard(net, ep, asoc, type, arg, commands); + /* Make sure that the INIT chunk has a valid length. */ + if (!sctp_chunk_length_valid(chunk, sizeof(struct sctp_init_chunk))) + return sctp_sf_pdiscard(net, ep, asoc, type, arg, commands); + /* 3.1 A packet containing an INIT chunk MUST have a zero Verification * Tag. */ if (chunk->sctp_hdr->vtag != 0) return sctp_sf_tabort_8_4_8(net, ep, asoc, type, arg, commands); - /* Make sure that the INIT chunk has a valid length. - * In this case, we generate a protocol violation since we have - * an association established. - */ - if (!sctp_chunk_length_valid(chunk, sizeof(struct sctp_init_chunk))) - return sctp_sf_violation_chunklen(net, ep, asoc, type, arg, - commands); /* Grab the INIT header. */ chunk->subh.init_hdr = (struct sctp_inithdr *)chunk->skb->data; @@ -1814,9 +1817,9 @@ static enum sctp_disposition sctp_sf_do_dupcook_a( * its peer. */ if (sctp_state(asoc, SHUTDOWN_ACK_SENT)) { - disposition = sctp_sf_do_9_2_reshutack(net, ep, asoc, - SCTP_ST_CHUNK(chunk->chunk_hdr->type), - chunk, commands); + disposition = __sctp_sf_do_9_2_reshutack(net, ep, asoc, + SCTP_ST_CHUNK(chunk->chunk_hdr->type), + chunk, commands); if (SCTP_DISPOSITION_NOMEM == disposition) goto nomem; @@ -2915,13 +2918,11 @@ enum sctp_disposition sctp_sf_do_9_2_shut_ctsn( * that belong to this association, it should discard the INIT chunk and * retransmit the SHUTDOWN ACK chunk. */ -enum sctp_disposition sctp_sf_do_9_2_reshutack( - struct net *net, - const struct sctp_endpoint *ep, - const struct sctp_association *asoc, - const union sctp_subtype type, - void *arg, - struct sctp_cmd_seq *commands) +static enum sctp_disposition +__sctp_sf_do_9_2_reshutack(struct net *net, const struct sctp_endpoint *ep, + const struct sctp_association *asoc, + const union sctp_subtype type, void *arg, + struct sctp_cmd_seq *commands) { struct sctp_chunk *chunk = arg; struct sctp_chunk *reply; @@ -2955,6 +2956,26 @@ enum sctp_disposition sctp_sf_do_9_2_reshutack( return SCTP_DISPOSITION_NOMEM; } +enum sctp_disposition +sctp_sf_do_9_2_reshutack(struct net *net, const struct sctp_endpoint *ep, + const struct sctp_association *asoc, + const union sctp_subtype type, void *arg, + struct sctp_cmd_seq *commands) +{ + struct sctp_chunk *chunk = arg; + + if (!chunk->singleton) + return sctp_sf_pdiscard(net, ep, asoc, type, arg, commands); + + if (!sctp_chunk_length_valid(chunk, sizeof(struct sctp_init_chunk))) + return sctp_sf_pdiscard(net, ep, asoc, type, arg, commands); + + if (chunk->sctp_hdr->vtag != 0) + return sctp_sf_tabort_8_4_8(net, ep, asoc, type, arg, commands); + + return __sctp_sf_do_9_2_reshutack(net, ep, asoc, type, arg, commands); +} + /* * sctp_sf_do_ecn_cwr * -- 2.25.1

2 years, 10 months

1
0
0 0

[PATCH 5.10 00/58] 5.10.105-rc2 review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 5.10.105 release. There are 58 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Sat, 12 Mar 2022 14:07:58 +0000. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v5.x/stable-review/patch-5.10.105-r… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-5.10.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 5.10.105-rc2 Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Revert "ACPI: PM: s2idle: Cancel wakeup before dispatching EC GPE" Juergen Gross <jgross(a)suse.com> xen/netfront: react properly to failing gnttab_end_foreign_access_ref() Juergen Gross <jgross(a)suse.com> xen/gnttab: fix gnttab_end_foreign_access() without page specified Juergen Gross <jgross(a)suse.com> xen/pvcalls: use alloc/free_pages_exact() Juergen Gross <jgross(a)suse.com> xen/9p: use alloc/free_pages_exact() Juergen Gross <jgross(a)suse.com> xen: remove gnttab_query_foreign_access() Juergen Gross <jgross(a)suse.com> xen/gntalloc: don't use gnttab_query_foreign_access() Juergen Gross <jgross(a)suse.com> xen/scsifront: don't use gnttab_query_foreign_access() for mapped status Juergen Gross <jgross(a)suse.com> xen/netfront: don't use gnttab_query_foreign_access() for mapped status Juergen Gross <jgross(a)suse.com> xen/blkfront: don't use gnttab_query_foreign_access() for mapped status Juergen Gross <jgross(a)suse.com> xen/grant-table: add gnttab_try_end_foreign_access() Juergen Gross <jgross(a)suse.com> xen/xenbus: don't let xenbus_grant_ring() remove grants in error case Russell King (Oracle) <rmk+kernel(a)armlinux.org.uk> ARM: fix build warning in proc-v7-bugs.c Nathan Chancellor <nathan(a)kernel.org> ARM: Do not use NOCROSSREFS directive with ld.lld Russell King (Oracle) <rmk+kernel(a)armlinux.org.uk> ARM: fix co-processor register typo Emmanuel Gil Peyrot <linkmauve(a)linkmauve.fr> ARM: fix build error when BPF_SYSCALL is disabled James Morse <james.morse(a)arm.com> arm64: proton-pack: Include unprivileged eBPF status in Spectre v2 mitigation reporting James Morse <james.morse(a)arm.com> arm64: Use the clearbhb instruction in mitigations James Morse <james.morse(a)arm.com> KVM: arm64: Allow SMCCC_ARCH_WORKAROUND_3 to be discovered and migrated James Morse <james.morse(a)arm.com> arm64: Mitigate spectre style branch history side channels James Morse <james.morse(a)arm.com> KVM: arm64: Allow indirect vectors to be used without SPECTRE_V3A James Morse <james.morse(a)arm.com> arm64: proton-pack: Report Spectre-BHB vulnerabilities as part of Spectre-v2 James Morse <james.morse(a)arm.com> arm64: Add percpu vectors for EL1 James Morse <james.morse(a)arm.com> arm64: entry: Add macro for reading symbol addresses from the trampoline James Morse <james.morse(a)arm.com> arm64: entry: Add vectors that have the bhb mitigation sequences James Morse <james.morse(a)arm.com> arm64: entry: Add non-kpti __bp_harden_el1_vectors for mitigations James Morse <james.morse(a)arm.com> arm64: entry: Allow the trampoline text to occupy multiple pages James Morse <james.morse(a)arm.com> arm64: entry: Make the kpti trampoline's kpti sequence optional James Morse <james.morse(a)arm.com> arm64: entry: Move trampoline macros out of ifdef'd section James Morse <james.morse(a)arm.com> arm64: entry: Don't assume tramp_vectors is the start of the vectors James Morse <james.morse(a)arm.com> arm64: entry: Allow tramp_alias to access symbols after the 4K boundary James Morse <james.morse(a)arm.com> arm64: entry: Move the trampoline data page before the text page James Morse <james.morse(a)arm.com> arm64: entry: Free up another register on kpti's tramp_exit path James Morse <james.morse(a)arm.com> arm64: entry: Make the trampoline cleanup optional James Morse <james.morse(a)arm.com> arm64: spectre: Rename spectre_v4_patch_fw_mitigation_conduit James Morse <james.morse(a)arm.com> arm64: entry.S: Add ventry overflow sanity checks Joey Gouly <joey.gouly(a)arm.com> arm64: cpufeature: add HWCAP for FEAT_RPRES Joey Gouly <joey.gouly(a)arm.com> arm64: cpufeature: add HWCAP for FEAT_AFP Joey Gouly <joey.gouly(a)arm.com> arm64: add ID_AA64ISAR2_EL1 sys register Marc Zyngier <maz(a)kernel.org> arm64: Add HWCAP for self-synchronising virtual counter Anshuman Khandual <anshuman.khandual(a)arm.com> arm64: Add Cortex-A510 CPU part definition Anshuman Khandual <anshuman.khandual(a)arm.com> arm64: Add Cortex-X2 CPU part definition Suzuki K Poulose <suzuki.poulose(a)arm.com> arm64: Add Neoverse-N2, Cortex-A710 CPU part definition Hector Martin <marcan(a)marcan.st> arm64: cputype: Add CPU implementor & types for the Apple M1 cores Russell King (Oracle) <rmk+kernel(a)armlinux.org.uk> ARM: include unprivileged BPF status in Spectre V2 reporting Russell King (Oracle) <rmk+kernel(a)armlinux.org.uk> ARM: Spectre-BHB workaround Russell King (Oracle) <rmk+kernel(a)armlinux.org.uk> ARM: use LOADADDR() to get load address of sections Russell King (Oracle) <rmk+kernel(a)armlinux.org.uk> ARM: early traps initialisation Russell King (Oracle) <rmk+kernel(a)armlinux.org.uk> ARM: report Spectre v2 status through sysfs Josh Poimboeuf <jpoimboe(a)redhat.com> x86/speculation: Warn about eIBRS + LFENCE + Unprivileged eBPF + SMT Josh Poimboeuf <jpoimboe(a)redhat.com> x86/speculation: Warn about Spectre v2 LFENCE mitigation Kim Phillips <kim.phillips(a)amd.com> x86/speculation: Update link to AMD speculation whitepaper Kim Phillips <kim.phillips(a)amd.com> x86/speculation: Use generic retpoline by default on AMD Josh Poimboeuf <jpoimboe(a)redhat.com> x86/speculation: Include unprivileged eBPF status in Spectre v2 mitigation reporting Peter Zijlstra <peterz(a)infradead.org> Documentation/hw-vuln: Update spectre doc Peter Zijlstra <peterz(a)infradead.org> x86/speculation: Add eIBRS + Retpoline options Peter Zijlstra (Intel) <peterz(a)infradead.org> x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE Peter Zijlstra <peterz(a)infradead.org> x86,bugs: Unconditionally allow spectre_v2=retpoline,amd ------------- Diffstat: Documentation/admin-guide/hw-vuln/spectre.rst | 48 ++-- Documentation/admin-guide/kernel-parameters.txt | 8 +- Documentation/arm64/cpu-feature-registers.rst | 29 +- Documentation/arm64/elf_hwcaps.rst | 12 + Makefile | 4 +- arch/arm/include/asm/assembler.h | 10 + arch/arm/include/asm/spectre.h | 32 +++ arch/arm/include/asm/vmlinux.lds.h | 43 ++- arch/arm/kernel/Makefile | 2 + arch/arm/kernel/entry-armv.S | 79 +++++- arch/arm/kernel/entry-common.S | 24 ++ arch/arm/kernel/spectre.c | 71 +++++ arch/arm/kernel/traps.c | 65 ++++- arch/arm/mm/Kconfig | 11 + arch/arm/mm/proc-v7-bugs.c | 208 +++++++++++--- arch/arm64/Kconfig | 9 + arch/arm64/include/asm/assembler.h | 33 +++ arch/arm64/include/asm/cpu.h | 1 + arch/arm64/include/asm/cpucaps.h | 3 +- arch/arm64/include/asm/cpufeature.h | 28 ++ arch/arm64/include/asm/cputype.h | 22 ++ arch/arm64/include/asm/fixmap.h | 6 +- arch/arm64/include/asm/hwcap.h | 3 + arch/arm64/include/asm/insn.h | 1 + arch/arm64/include/asm/kvm_asm.h | 8 + arch/arm64/include/asm/kvm_mmu.h | 3 +- arch/arm64/include/asm/mmu.h | 6 + arch/arm64/include/asm/sections.h | 5 + arch/arm64/include/asm/spectre.h | 4 + arch/arm64/include/asm/sysreg.h | 18 ++ arch/arm64/include/asm/vectors.h | 73 +++++ arch/arm64/include/uapi/asm/hwcap.h | 3 + arch/arm64/include/uapi/asm/kvm.h | 5 + arch/arm64/kernel/cpu_errata.c | 7 + arch/arm64/kernel/cpufeature.c | 28 +- arch/arm64/kernel/cpuinfo.c | 4 + arch/arm64/kernel/entry.S | 213 ++++++++++---- arch/arm64/kernel/proton-pack.c | 359 +++++++++++++++++++++++- arch/arm64/kernel/vmlinux.lds.S | 2 +- arch/arm64/kvm/arm.c | 3 +- arch/arm64/kvm/hyp/hyp-entry.S | 4 + arch/arm64/kvm/hyp/smccc_wa.S | 75 +++++ arch/arm64/kvm/hyp/vhe/switch.c | 9 +- arch/arm64/kvm/hypercalls.c | 12 + arch/arm64/kvm/psci.c | 18 +- arch/arm64/kvm/sys_regs.c | 2 +- arch/arm64/mm/mmu.c | 12 +- arch/x86/include/asm/cpufeatures.h | 2 +- arch/x86/include/asm/nospec-branch.h | 16 +- arch/x86/kernel/cpu/bugs.c | 205 ++++++++++---- drivers/acpi/ec.c | 10 - drivers/acpi/sleep.c | 14 +- drivers/block/xen-blkfront.c | 63 +++-- drivers/net/xen-netfront.c | 54 ++-- drivers/scsi/xen-scsifront.c | 3 +- drivers/xen/gntalloc.c | 25 +- drivers/xen/grant-table.c | 71 ++--- drivers/xen/pvcalls-front.c | 8 +- drivers/xen/xenbus/xenbus_client.c | 24 +- include/linux/arm-smccc.h | 5 + include/linux/bpf.h | 12 + include/xen/grant_table.h | 19 +- kernel/sysctl.c | 7 + net/9p/trans_xen.c | 14 +- tools/arch/x86/include/asm/cpufeatures.h | 2 +- 65 files changed, 1825 insertions(+), 354 deletions(-)

2 years, 10 months

11
73
0 0

[PATCH 5.10 00/71] 5.10.106-rc1 review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 5.10.106 release. There are 71 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Wed, 16 Mar 2022 11:27:22 +0000. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v5.x/stable-review/patch-5.10.106-r… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-5.10.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 5.10.106-rc1 David Howells <dhowells(a)redhat.com> watch_queue: Fix filter limit check Russell King (Oracle) <rmk+kernel(a)armlinux.org.uk> ARM: fix Thumb2 regression with Spectre BHB Josh Triplett <josh(a)joshtriplett.org> ext4: add check to prevent attempting to resize an fs with sparse_super2 Li Huafei <lihuafei1(a)huawei.com> x86/traps: Mark do_int3() NOKPROBE_SYMBOL Ross Philipson <ross.philipson(a)oracle.com> x86/boot: Add setup_indirect support in early_memremap_is_setup_data() Ross Philipson <ross.philipson(a)oracle.com> x86/boot: Fix memremap of setup_indirect structures David Howells <dhowells(a)redhat.com> watch_queue: Make comment about setting ->defunct more accurate David Howells <dhowells(a)redhat.com> watch_queue: Fix lack of barrier/sync/lock between post and read David Howells <dhowells(a)redhat.com> watch_queue: Free the alloc bitmap when the watch_queue is torn down David Howells <dhowells(a)redhat.com> watch_queue: Fix the alloc bitmap size to reflect notes allocated David Howells <dhowells(a)redhat.com> watch_queue: Fix to always request a pow-of-2 pipe ring size David Howells <dhowells(a)redhat.com> watch_queue: Fix to release page in ->release() David Howells <dhowells(a)redhat.com> watch_queue, pipe: Free watchqueue state after clearing pipe ring Michael S. Tsirkin <mst(a)redhat.com> virtio: acknowledge all features before access Michael S. Tsirkin <mst(a)redhat.com> virtio: unexport virtio_finalize_features Pali Rohár <pali(a)kernel.org> arm64: dts: marvell: armada-37xx: Remap IO space to bus address 0x0 Emil Renner Berthing <kernel(a)esmil.dk> riscv: Fix auipc+jalr relocation range checks Rong Chen <rong.chen(a)amlogic.com> mmc: meson: Fix usage of meson_mmc_post_req() Robert Hancock <robert.hancock(a)calian.com> net: macb: Fix lost RX packet wakeup race in NAPI receive Dan Carpenter <dan.carpenter(a)oracle.com> staging: gdm724x: fix use after free in gdm_lte_rx() Hans de Goede <hdegoede(a)redhat.com> staging: rtl8723bs: Fix access-point mode deadlock Miklos Szeredi <mszeredi(a)redhat.com> fuse: fix pipe buffer lifetime for direct_io Randy Dunlap <rdunlap(a)infradead.org> ARM: Spectre-BHB: provide empty stub for non-config Mike Kravetz <mike.kravetz(a)oracle.com> selftests/memfd: clean up mapping in mfd_fail_write Aneesh Kumar K.V <aneesh.kumar(a)linux.ibm.com> selftest/vm: fix map_fixed_noreplace test failure Sven Schnelle <svens(a)linux.ibm.com> tracing: Ensure trace buffer is at least 4096 bytes large Niels Dossche <dossche.niels(a)gmail.com> ipv6: prevent a possible race condition with lifetimes Marek Marczykowski-Górecki <marmarek(a)invisiblethingslab.com> Revert "xen-netback: Check for hotplug-status existence before watching" Marek Marczykowski-Górecki <marmarek(a)invisiblethingslab.com> Revert "xen-netback: remove 'hotplug-status' once it has served its purpose" Shreeya Patel <shreeya.patel(a)collabora.com> gpio: Return EPROBE_DEFER if gc->to_irq is NULL Vikash Chandola <vikash.chandola(a)linux.intel.com> hwmon: (pmbus) Clear pmbus fault/warning bits after read suresh kumar <suresh2514(a)gmail.com> net-sysfs: add check for netdevice being present to speed_show Jon Lin <jon.lin(a)rock-chips.com> spi: rockchip: terminate dma transmission when slave abort Jon Lin <jon.lin(a)rock-chips.com> spi: rockchip: Fix error in getting num-cs property Kumar Kartikeya Dwivedi <memxor(a)gmail.com> selftests/bpf: Add test for bpf_timer overwriting crash Jeremy Linton <jeremy.linton(a)arm.com> net: bcmgenet: Don't claim WOL when its not available Eric Dumazet <edumazet(a)google.com> sctp: fix kernel-infoleak for SCTP sockets Clément Léger <clement.leger(a)bootlin.com> net: phy: DP83822: clear MISR2 register to disable interrupts Miaoqian Lin <linmq006(a)gmail.com> gianfar: ethtool: Fix refcount leak in gfar_get_ts_info Mark Featherston <mark(a)embeddedTS.com> gpio: ts4900: Do not set DAT and OE together Guillaume Nault <gnault(a)redhat.com> selftests: pmtu.sh: Kill tcpdump processes launched by subshell. Pavel Skripkin <paskripkin(a)gmail.com> NFC: port100: fix use-after-free in port100_send_complete Roi Dayan <roid(a)nvidia.com> net/mlx5e: Lag, Only handle events from highest priority multipath entry Moshe Shemesh <moshe(a)nvidia.com> net/mlx5: Fix a race on command flush flow Mohammad Kabat <mohammadkab(a)nvidia.com> net/mlx5: Fix size field in bufferx_reg struct Duoming Zhou <duoming(a)zju.edu.cn> ax25: Fix NULL pointer dereference in ax25_kill_by_device Jiasheng Jiang <jiasheng(a)iscas.ac.cn> net: ethernet: lpc_eth: Handle error for clk_enable Jiasheng Jiang <jiasheng(a)iscas.ac.cn> net: ethernet: ti: cpts: Handle error for clk_enable Tung Nguyen <tung.q.nguyen(a)dektech.com.au> tipc: fix incorrect order of state message data sanity check Miaoqian Lin <linmq006(a)gmail.com> ethernet: Fix error handling in xemaclite_of_probe Jedrzej Jagielski <jedrzej.jagielski(a)intel.com> ice: Fix curr_link_speed advertised speed Anirudh Venkataramanan <anirudh.venkataramanan(a)intel.com> ice: Rename a couple of variables Anirudh Venkataramanan <anirudh.venkataramanan(a)intel.com> ice: Remove unnecessary checker loop Anirudh Venkataramanan <anirudh.venkataramanan(a)intel.com> ice: Align macro names to the specification Jacob Keller <jacob.e.keller(a)intel.com> ice: stop disabling VFs due to PF error responses Jacob Keller <jacob.e.keller(a)intel.com> i40e: stop disabling VFs due to PF error responses Joel Stanley <joel(a)jms.id.au> ARM: dts: aspeed: Fix AST2600 quad spi group Russell King (Oracle) <rmk+kernel(a)armlinux.org.uk> net: dsa: mt7530: fix incorrect test in mt753x_phylink_validate() Jernej Skrabec <jernej.skrabec(a)gmail.com> drm/sun4i: mixer: Fix P010 and P210 format numbers Tom Rix <trix(a)redhat.com> qed: return status of qed_iov_get_link Steffen Klassert <steffen.klassert(a)secunet.com> esp: Fix BEET mode inter address family tunneling on GSO Jia-Ju Bai <baijiaju1990(a)gmail.com> net: qlogic: check the return value of dma_alloc_coherent() in qed_vf_hw_prepare() Jia-Ju Bai <baijiaju1990(a)gmail.com> isdn: hfcpci: check the return value of dma_set_mask() in setup_hw() Xie Yongji <xieyongji(a)bytedance.com> virtio-blk: Don't use MAX_DISCARD_SEGMENTS if max_discard_seg is zero Alexey Khoroshilov <khoroshilov(a)ispras.ru> mISDN: Fix memory leak in dsp_pipeline_build() Zhen Lei <thunder.leizhen(a)huawei.com> mISDN: Remove obsolete PIPELINE_DEBUG debugging information Tung Nguyen <tung.q.nguyen(a)dektech.com.au> tipc: fix kernel panic when enabling bearer Pali Rohár <pali(a)kernel.org> arm64: dts: armada-3720-turris-mox: Add missing ethernet0 alias Dmitry Torokhov <dmitry.torokhov(a)gmail.com> HID: vivaldi: fix sysfs attributes leak Taniya Das <tdas(a)codeaurora.org> clk: qcom: gdsc: Add support to update GDSC transition delay Maxime Ripard <maxime(a)cerno.tech> ARM: boot: dts: bcm2711: Fix HVS register range ------------- Diffstat: Makefile | 4 +- arch/arm/boot/dts/aspeed-g6-pinctrl.dtsi | 2 +- arch/arm/boot/dts/bcm2711.dtsi | 1 + arch/arm/include/asm/spectre.h | 6 ++ arch/arm/kernel/entry-armv.S | 4 +- .../boot/dts/marvell/armada-3720-turris-mox.dts | 8 ++- arch/arm64/boot/dts/marvell/armada-37xx.dtsi | 2 +- arch/riscv/kernel/module.c | 21 ++++-- arch/x86/kernel/e820.c | 41 ++++++++---- arch/x86/kernel/kdebugfs.c | 37 ++++++++--- arch/x86/kernel/ksysfs.c | 77 +++++++++++++++++----- arch/x86/kernel/setup.c | 34 ++++++++-- arch/x86/kernel/traps.c | 1 + arch/x86/mm/ioremap.c | 57 ++++++++++++++-- drivers/block/virtio_blk.c | 10 ++- drivers/clk/qcom/gdsc.c | 26 ++++++-- drivers/clk/qcom/gdsc.h | 8 ++- drivers/gpio/gpio-ts4900.c | 24 +++++-- drivers/gpio/gpiolib.c | 10 +++ drivers/gpu/drm/sun4i/sun8i_mixer.h | 8 +-- drivers/hid/hid-vivaldi.c | 2 +- drivers/hwmon/pmbus/pmbus_core.c | 5 ++ drivers/isdn/hardware/mISDN/hfcpci.c | 6 +- drivers/isdn/mISDN/dsp_pipeline.c | 52 ++------------- drivers/mmc/host/meson-gx-mmc.c | 15 +++-- drivers/net/dsa/mt7530.c | 2 +- drivers/net/ethernet/broadcom/genet/bcmgenet_wol.c | 7 ++ drivers/net/ethernet/cadence/macb_main.c | 25 ++++++- drivers/net/ethernet/freescale/gianfar_ethtool.c | 1 + drivers/net/ethernet/intel/i40e/i40e_debugfs.c | 6 +- drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.c | 57 ++-------------- drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.h | 5 -- drivers/net/ethernet/intel/ice/ice_adminq_cmd.h | 10 +-- drivers/net/ethernet/intel/ice/ice_common.c | 13 ++-- drivers/net/ethernet/intel/ice/ice_ethtool.c | 70 +++++++++----------- drivers/net/ethernet/intel/ice/ice_main.c | 12 ++-- drivers/net/ethernet/intel/ice/ice_virtchnl_pf.c | 18 ----- drivers/net/ethernet/intel/ice/ice_virtchnl_pf.h | 3 - drivers/net/ethernet/mellanox/mlx5/core/cmd.c | 15 +++-- drivers/net/ethernet/mellanox/mlx5/core/lag_mp.c | 11 +++- drivers/net/ethernet/nxp/lpc_eth.c | 5 +- drivers/net/ethernet/qlogic/qed/qed_sriov.c | 18 +++-- drivers/net/ethernet/qlogic/qed/qed_vf.c | 7 ++ drivers/net/ethernet/ti/cpts.c | 4 +- drivers/net/ethernet/xilinx/xilinx_emaclite.c | 4 +- drivers/net/phy/dp83822.c | 2 +- drivers/net/xen-netback/xenbus.c | 14 ++-- drivers/nfc/port100.c | 2 + drivers/spi/spi-rockchip.c | 13 +++- drivers/staging/gdm724x/gdm_lte.c | 5 +- drivers/staging/rtl8723bs/core/rtw_mlme_ext.c | 7 +- drivers/staging/rtl8723bs/core/rtw_recv.c | 10 ++- drivers/staging/rtl8723bs/core/rtw_sta_mgt.c | 22 +++---- drivers/staging/rtl8723bs/core/rtw_xmit.c | 16 +++-- drivers/staging/rtl8723bs/hal/rtl8723bs_xmit.c | 2 + drivers/virtio/virtio.c | 40 ++++++----- fs/ext4/resize.c | 5 ++ fs/fuse/dev.c | 12 +++- fs/fuse/file.c | 1 + fs/fuse/fuse_i.h | 1 + fs/pipe.c | 11 ++-- include/linux/mlx5/mlx5_ifc.h | 4 +- include/linux/virtio.h | 1 - include/linux/virtio_config.h | 3 +- include/linux/watch_queue.h | 3 +- kernel/trace/trace.c | 10 +-- kernel/watch_queue.c | 15 +++-- net/ax25/af_ax25.c | 7 ++ net/core/net-sysfs.c | 2 +- net/ipv4/esp4_offload.c | 3 + net/ipv6/addrconf.c | 2 + net/ipv6/esp6_offload.c | 3 + net/sctp/diag.c | 9 +-- net/tipc/bearer.c | 12 ++-- net/tipc/link.c | 9 +-- .../testing/selftests/bpf/prog_tests/timer_crash.c | 32 +++++++++ tools/testing/selftests/bpf/progs/timer_crash.c | 54 +++++++++++++++ tools/testing/selftests/memfd/memfd_test.c | 1 + tools/testing/selftests/net/pmtu.sh | 7 +- tools/testing/selftests/vm/map_fixed_noreplace.c | 49 ++++++++++---- 80 files changed, 744 insertions(+), 399 deletions(-)

2 years, 10 months

10
80
0 0

[PATCH 4.19 00/30] 4.19.235-rc1 review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 4.19.235 release. There are 30 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Wed, 16 Mar 2022 11:27:22 +0000. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.19.235-r… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.19.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 4.19.235-rc1 Valentin Schneider <valentin.schneider(a)arm.com> ia64: ensure proper NUMA distance and possible map initialization Dietmar Eggemann <dietmar.eggemann(a)arm.com> sched/topology: Fix sched_domain_topology_level alloc in sched_init_numa() Valentin Schneider <valentin.schneider(a)arm.com> sched/topology: Make sched_init_numa() use a set for the deduplicating sort Qu Wenruo <wqu(a)suse.com> btrfs: unlock newly allocated extent buffer after error Josh Triplett <josh(a)joshtriplett.org> ext4: add check to prevent attempting to resize an fs with sparse_super2 Russell King (Oracle) <rmk+kernel(a)armlinux.org.uk> ARM: fix Thumb2 regression with Spectre BHB Michael S. Tsirkin <mst(a)redhat.com> virtio: acknowledge all features before access Michael S. Tsirkin <mst(a)redhat.com> virtio: unexport virtio_finalize_features James Morse <james.morse(a)arm.com> KVM: arm64: Reset PMC_EL0 to avoid a panic() on systems with no PMU Emil Renner Berthing <kernel(a)esmil.dk> riscv: Fix auipc+jalr relocation range checks Robert Hancock <robert.hancock(a)calian.com> net: macb: Fix lost RX packet wakeup race in NAPI receive Dan Carpenter <dan.carpenter(a)oracle.com> staging: gdm724x: fix use after free in gdm_lte_rx() Randy Dunlap <rdunlap(a)infradead.org> ARM: Spectre-BHB: provide empty stub for non-config Mike Kravetz <mike.kravetz(a)oracle.com> selftests/memfd: clean up mapping in mfd_fail_write Sven Schnelle <svens(a)linux.ibm.com> tracing: Ensure trace buffer is at least 4096 bytes large Marek Marczykowski-Górecki <marmarek(a)invisiblethingslab.com> Revert "xen-netback: Check for hotplug-status existence before watching" Marek Marczykowski-Górecki <marmarek(a)invisiblethingslab.com> Revert "xen-netback: remove 'hotplug-status' once it has served its purpose" suresh kumar <suresh2514(a)gmail.com> net-sysfs: add check for netdevice being present to speed_show Eric Dumazet <edumazet(a)google.com> sctp: fix kernel-infoleak for SCTP sockets Clément Léger <clement.leger(a)bootlin.com> net: phy: DP83822: clear MISR2 register to disable interrupts Miaoqian Lin <linmq006(a)gmail.com> gianfar: ethtool: Fix refcount leak in gfar_get_ts_info Mark Featherston <mark(a)embeddedTS.com> gpio: ts4900: Do not set DAT and OE together Pavel Skripkin <paskripkin(a)gmail.com> NFC: port100: fix use-after-free in port100_send_complete Mohammad Kabat <mohammadkab(a)nvidia.com> net/mlx5: Fix size field in bufferx_reg struct Duoming Zhou <duoming(a)zju.edu.cn> ax25: Fix NULL pointer dereference in ax25_kill_by_device Jiasheng Jiang <jiasheng(a)iscas.ac.cn> net: ethernet: lpc_eth: Handle error for clk_enable Jiasheng Jiang <jiasheng(a)iscas.ac.cn> net: ethernet: ti: cpts: Handle error for clk_enable Miaoqian Lin <linmq006(a)gmail.com> ethernet: Fix error handling in xemaclite_of_probe Tom Rix <trix(a)redhat.com> qed: return status of qed_iov_get_link Jia-Ju Bai <baijiaju1990(a)gmail.com> net: qlogic: check the return value of dma_alloc_coherent() in qed_vf_hw_prepare() ------------- Diffstat: Makefile | 4 +- arch/arm/include/asm/spectre.h | 6 ++ arch/arm/kernel/entry-armv.S | 4 +- arch/arm64/kvm/sys_regs.c | 4 +- arch/ia64/kernel/acpi.c | 7 +- arch/riscv/kernel/module.c | 21 +++-- drivers/gpio/gpio-ts4900.c | 24 ++++-- drivers/net/ethernet/cadence/macb_main.c | 25 +++++- drivers/net/ethernet/freescale/gianfar_ethtool.c | 1 + drivers/net/ethernet/nxp/lpc_eth.c | 5 +- drivers/net/ethernet/qlogic/qed/qed_sriov.c | 18 +++-- drivers/net/ethernet/qlogic/qed/qed_vf.c | 7 ++ drivers/net/ethernet/ti/cpts.c | 4 +- drivers/net/ethernet/xilinx/xilinx_emaclite.c | 4 +- drivers/net/phy/dp83822.c | 2 +- drivers/net/xen-netback/xenbus.c | 13 ++-- drivers/nfc/port100.c | 2 + drivers/staging/gdm724x/gdm_lte.c | 5 +- drivers/virtio/virtio.c | 40 +++++----- fs/btrfs/extent-tree.c | 1 + fs/ext4/resize.c | 5 ++ include/linux/mlx5/mlx5_ifc.h | 4 +- include/linux/topology.h | 1 + include/linux/virtio.h | 1 - include/linux/virtio_config.h | 3 +- kernel/sched/topology.c | 99 ++++++++++++------------ kernel/trace/trace.c | 10 ++- net/ax25/af_ax25.c | 7 ++ net/core/net-sysfs.c | 2 +- net/sctp/diag.c | 9 +-- tools/testing/selftests/memfd/memfd_test.c | 1 + 31 files changed, 215 insertions(+), 124 deletions(-)

2 years, 10 months

4
38
0 0

From Dr Ava Smith from United States

by Dr Ava Smith

-- Hello Dear, how are you today?hope you are fine My name is Dr Ava Smith ,Am an English and French nationalities. I will give you pictures and more details about me as soon as i hear from you Thanks Ava

2 years, 10 months

1
0
0 0

[PATCH 5.16 000/121] 5.16.15-rc1 review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 5.16.15 release. There are 121 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Wed, 16 Mar 2022 11:27:22 +0000. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v5.x/stable-review/patch-5.16.15-rc… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-5.16.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 5.16.15-rc1 Niklas Cassel <niklas.cassel(a)wdc.com> riscv: dts: k210: fix broken IRQs on hart1 Filipe Manana <fdmanana(a)suse.com> btrfs: make send work with concurrent block group relocation Zhengjun Xing <zhengjun.xing(a)linux.intel.com> perf parse: Fix event parser error for hybrid systems Thomas Zimmermann <tzimmermann(a)suse.de> drm/panel: Select DRM_DP_HELPER for DRM_PANEL_EDP Li Huafei <lihuafei1(a)huawei.com> x86/traps: Mark do_int3() NOKPROBE_SYMBOL Jarkko Sakkinen <jarkko(a)kernel.org> x86/sgx: Free backing memory after faulting the enclave page Peter Zijlstra <peterz(a)infradead.org> x86/module: Fix the paravirt vs alternative order Ross Philipson <ross.philipson(a)oracle.com> x86/boot: Add setup_indirect support in early_memremap_is_setup_data() Ross Philipson <ross.philipson(a)oracle.com> x86/boot: Fix memremap of setup_indirect structures David Howells <dhowells(a)redhat.com> watch_queue: Make comment about setting ->defunct more accurate David Howells <dhowells(a)redhat.com> watch_queue: Fix lack of barrier/sync/lock between post and read David Howells <dhowells(a)redhat.com> watch_queue: Free the alloc bitmap when the watch_queue is torn down David Howells <dhowells(a)redhat.com> watch_queue: Fix the alloc bitmap size to reflect notes allocated David Howells <dhowells(a)redhat.com> watch_queue: Fix to always request a pow-of-2 pipe ring size David Howells <dhowells(a)redhat.com> watch_queue: Fix to release page in ->release() David Howells <dhowells(a)redhat.com> watch_queue, pipe: Free watchqueue state after clearing pipe ring David Howells <dhowells(a)redhat.com> watch_queue: Fix filter limit check Russell King (Oracle) <rmk+kernel(a)armlinux.org.uk> ARM: fix Thumb2 regression with Spectre BHB Dima Chumak <dchumak(a)nvidia.com> net/mlx5: Fix offloading with ESWITCH_IPV4_TTL_MODIFY_ENABLE Michael S. Tsirkin <mst(a)redhat.com> virtio: acknowledge all features before access Michael S. Tsirkin <mst(a)redhat.com> virtio: unexport virtio_finalize_features Halil Pasic <pasic(a)linux.ibm.com> swiotlb: rework "fix info leak with DMA_FROM_DEVICE" Paul Semel <semelpaul(a)gmail.com> arm64: kasan: fix include error in MTE functions Catalin Marinas <catalin.marinas(a)arm.com> arm64: Ensure execute-only permissions are not allowed without EPAN Pali Rohár <pali(a)kernel.org> arm64: dts: marvell: armada-37xx: Remap IO space to bus address 0x0 Daniel Bristot de Oliveira <bristot(a)kernel.org> tracing/osnoise: Do not unregister events twice Nicolas Saenz Julienne <nsaenzju(a)redhat.com> tracing/osnoise: Force quiescent states while tracing Emil Renner Berthing <kernel(a)esmil.dk> riscv: Fix auipc+jalr relocation range checks Rong Chen <rong.chen(a)amlogic.com> mmc: meson: Fix usage of meson_mmc_post_req() Jisheng Zhang <jszhang(a)kernel.org> riscv: alternative only works on !XIP_KERNEL Robert Hancock <robert.hancock(a)calian.com> net: macb: Fix lost RX packet wakeup race in NAPI receive Dan Carpenter <dan.carpenter(a)oracle.com> staging: gdm724x: fix use after free in gdm_lte_rx() Hans de Goede <hdegoede(a)redhat.com> staging: rtl8723bs: Fix access-point mode deadlock Miklos Szeredi <mszeredi(a)redhat.com> fuse: fix pipe buffer lifetime for direct_io Miklos Szeredi <mszeredi(a)redhat.com> fuse: fix fileattr op failure Randy Dunlap <rdunlap(a)infradead.org> ARM: Spectre-BHB: provide empty stub for non-config Mike Kravetz <mike.kravetz(a)oracle.com> selftests/memfd: clean up mapping in mfd_fail_write Aneesh Kumar K.V <aneesh.kumar(a)linux.ibm.com> selftest/vm: fix map_fixed_noreplace test failure Christophe Leroy <christophe.leroy(a)csgroup.eu> tracing: Fix selftest config check for function graph start up test Daniel Bristot de Oliveira <bristot(a)kernel.org> tracing/osnoise: Make osnoise_main to sleep for microseconds Sven Schnelle <svens(a)linux.ibm.com> tracing: Ensure trace buffer is at least 4096 bytes large Niels Dossche <dossche.niels(a)gmail.com> ipv6: prevent a possible race condition with lifetimes Marek Marczykowski-Górecki <marmarek(a)invisiblethingslab.com> Revert "xen-netback: Check for hotplug-status existence before watching" Marek Marczykowski-Górecki <marmarek(a)invisiblethingslab.com> Revert "xen-netback: remove 'hotplug-status' once it has served its purpose" Guchun Chen <guchun.chen(a)amd.com> drm/amdgpu: bypass tiling flag check in virtual display case (v2) Shreeya Patel <shreeya.patel(a)collabora.com> gpio: Return EPROBE_DEFER if gc->to_irq is NULL Alex Deucher <alexander.deucher(a)amd.com> PCI: Mark all AMD Navi10 and Navi14 GPU ATS as broken Varun Prakash <varun(a)chelsio.com> nvme-tcp: send H2CData PDUs based on MAXH2CDATA Vikash Chandola <vikash.chandola(a)linux.intel.com> hwmon: (pmbus) Clear pmbus fault/warning bits after read suresh kumar <suresh2514(a)gmail.com> net-sysfs: add check for netdevice being present to speed_show Duoming Zhou <duoming(a)zju.edu.cn> drivers: hamradio: 6pack: fix UAF bug caused by mod_timer() Wanpeng Li <wanpengli(a)tencent.com> x86/kvm: Don't use pv tlb/ipi/sched_yield if on 1 vCPU Nikhil Gupta <nikhil.gupta(a)nxp.com> of/fdt: move elfcorehdr reservation early for crash dump kernel Maxime Ripard <maxime(a)cerno.tech> drm/vc4: hdmi: Unregister codec device on unbind Jon Lin <jon.lin(a)rock-chips.com> spi: rockchip: terminate dma transmission when slave abort Jon Lin <jon.lin(a)rock-chips.com> spi: rockchip: Fix error in getting num-cs property Anton Romanov <romanton(a)google.com> kvm: x86: Disable KVM_HC_CLOCK_PAIRING if tsc is in always catchup mode Wanpeng Li <wanpengli(a)tencent.com> KVM: Fix lockdep false negative during host resume Andy Shevchenko <andriy.shevchenko(a)linux.intel.com> pinctrl: tigerlake: Revert "Add Alder Lake-M ACPI ID" Heikki Krogerus <heikki.krogerus(a)linux.intel.com> usb: dwc3: pci: add support for the Intel Raptor Lake-S Halil Pasic <pasic(a)linux.ibm.com> swiotlb: fix info leak with DMA_FROM_DEVICE Kumar Kartikeya Dwivedi <memxor(a)gmail.com> selftests/bpf: Add test for bpf_timer overwriting crash Heiner Kallweit <hkallweit1(a)gmail.com> net: phy: meson-gxl: improve link-up behavior Jeremy Linton <jeremy.linton(a)arm.com> net: bcmgenet: Don't claim WOL when its not available Jianglei Nie <niejianglei2021(a)163.com> net: arc_emac: Fix use after free in arc_mdio_probe() Eric Dumazet <edumazet(a)google.com> sctp: fix kernel-infoleak for SCTP sockets Clément Léger <clement.leger(a)bootlin.com> net: phy: DP83822: clear MISR2 register to disable interrupts Miaoqian Lin <linmq006(a)gmail.com> gianfar: ethtool: Fix refcount leak in gfar_get_ts_info Linus Torvalds <torvalds(a)linux-foundation.org> mm: gup: make fault_in_safe_writeable() use fixup_user_fault() Mark Featherston <mark(a)embeddedTS.com> gpio: ts4900: Do not set DAT and OE together Guillaume Nault <gnault(a)redhat.com> selftests: pmtu.sh: Kill nettest processes launched in subshell. Guillaume Nault <gnault(a)redhat.com> selftests: pmtu.sh: Kill tcpdump processes launched by subshell. Pavel Skripkin <paskripkin(a)gmail.com> NFC: port100: fix use-after-free in port100_send_complete Ben Ben-Ishay <benishay(a)nvidia.com> net/mlx5e: SHAMPO, reduce TIR indication Roi Dayan <roid(a)nvidia.com> net/mlx5e: Lag, Only handle events from highest priority multipath entry Moshe Shemesh <moshe(a)nvidia.com> net/mlx5: Fix a race on command flush flow Mohammad Kabat <mohammadkab(a)nvidia.com> net/mlx5: Fix size field in bufferx_reg struct Duoming Zhou <duoming(a)zju.edu.cn> ax25: Fix NULL pointer dereference in ax25_kill_by_device Miaoqian Lin <linmq006(a)gmail.com> net: marvell: prestera: Add missing of_node_put() in prestera_switch_set_base_mac_addr Jiasheng Jiang <jiasheng(a)iscas.ac.cn> net: ethernet: lpc_eth: Handle error for clk_enable Jiasheng Jiang <jiasheng(a)iscas.ac.cn> net: ethernet: ti: cpts: Handle error for clk_enable Tung Nguyen <tung.q.nguyen(a)dektech.com.au> tipc: fix incorrect order of state message data sanity check Miaoqian Lin <linmq006(a)gmail.com> ethernet: Fix error handling in xemaclite_of_probe Jedrzej Jagielski <jedrzej.jagielski(a)intel.com> ice: Fix curr_link_speed advertised speed Christophe JAILLET <christophe.jaillet(a)wanadoo.fr> ice: Don't use GFP_KERNEL in atomic context Dave Ertman <david.m.ertman(a)intel.com> ice: Fix error with handling of bonding MTU Jacob Keller <jacob.e.keller(a)intel.com> ice: stop disabling VFs due to PF error responses Jacob Keller <jacob.e.keller(a)intel.com> i40e: stop disabling VFs due to PF error responses Michal Maloszewski <michal.maloszewski(a)intel.com> iavf: Fix handling of vlan strip virtual channel messages Joel Stanley <joel(a)jms.id.au> ARM: dts: aspeed: Fix AST2600 quad spi group Russell King (Oracle) <rmk+kernel(a)armlinux.org.uk> net: dsa: mt7530: fix incorrect test in mt753x_phylink_validate() Jernej Skrabec <jernej.skrabec(a)gmail.com> drm/sun4i: mixer: Fix P010 and P210 format numbers Jouni Högander <jouni.hogander(a)intel.com> drm/i915/psr: Set "SF Partial Frame Enable" also on full update Andy Shevchenko <andriy.shevchenko(a)linux.intel.com> gpiolib: acpi: Convert ACPI value of debounce to microseconds Fabio Estevam <festevam(a)denx.de> smsc95xx: Ignore -ENODEV errors when device is unplugged Tom Rix <trix(a)redhat.com> qed: return status of qed_iov_get_link Eric Dumazet <edumazet(a)google.com> net: gro: move skb_gro_receive_list to udp_offload.c Steffen Klassert <steffen.klassert(a)secunet.com> esp: Fix BEET mode inter address family tunneling on GSO Steffen Klassert <steffen.klassert(a)secunet.com> esp: Fix possible buffer overflow in ESP transformation Jia-Ju Bai <baijiaju1990(a)gmail.com> net: qlogic: check the return value of dma_alloc_coherent() in qed_vf_hw_prepare() Jia-Ju Bai <baijiaju1990(a)gmail.com> isdn: hfcpci: check the return value of dma_set_mask() in setup_hw() Zhang Min <zhang.min9(a)zte.com.cn> vdpa: fix use-after-free on vp_vdpa_remove Xie Yongji <xieyongji(a)bytedance.com> virtio-blk: Remove BUG_ON() in virtio_queue_rq() Xie Yongji <xieyongji(a)bytedance.com> virtio-blk: Don't use MAX_DISCARD_SEGMENTS if max_discard_seg is zero Anirudh Rayabharam <mail(a)anirudhrb.com> vhost: fix hung thread due to erroneous iotlb entries Alexey Khoroshilov <khoroshilov(a)ispras.ru> mISDN: Fix memory leak in dsp_pipeline_build() Heiner Kallweit <hkallweit1(a)gmail.com> net: phy: meson-gxl: fix interrupt handling in forced mode Xie Yongji <xieyongji(a)bytedance.com> vduse: Fix returning wrong type in vduse_domain_alloc_iova() Si-Wei Liu <si-wei.liu(a)oracle.com> vdpa/mlx5: add validation for VIRTIO_NET_CTRL_MQ_VQ_PAIRS_SET command Tung Nguyen <tung.q.nguyen(a)dektech.com.au> tipc: fix kernel panic when enabling bearer Pali Rohár <pali(a)kernel.org> arm64: dts: armada-3720-turris-mox: Add missing ethernet0 alias Jia-Ju Bai <baijiaju1990(a)gmail.com> HID: nintendo: check the return value of alloc_workqueue() Dmitry Torokhov <dmitry.torokhov(a)gmail.com> HID: vivaldi: fix sysfs attributes leak AngeloGioacchino Del Regno <angelogioacchino.delregno(a)collabora.com> soc: mediatek: mt8192-mmsys: Fix dither to dsi0 path's input sel Taniya Das <tdas(a)codeaurora.org> clk: qcom: dispcc: Update the transition delay for MDSS GDSC Taniya Das <tdas(a)codeaurora.org> clk: qcom: gdsc: Add support to update GDSC transition delay Maxime Ripard <maxime(a)cerno.tech> ARM: boot: dts: bcm2711: Fix HVS register range Pavel Skripkin <paskripkin(a)gmail.com> HID: hid-thrustmaster: fix OOB read in thrustmaster_interrupts Jiri Kosina <jkosina(a)suse.cz> HID: elo: Revert USB reference counting Bjorn Andersson <bjorn.andersson(a)linaro.org> arm64: dts: qcom: sm8350: Correct UFS symbol clocks Konrad Dybcio <konrad.dybcio(a)somainline.org> arm64: dts: qcom: sm8350: Describe GCC dependency clocks ------------- Diffstat: Makefile | 4 +- arch/arm/boot/dts/aspeed-g6-pinctrl.dtsi | 2 +- arch/arm/boot/dts/bcm2711.dtsi | 1 + arch/arm/include/asm/spectre.h | 6 + arch/arm/kernel/entry-armv.S | 4 +- arch/arm64/Kconfig | 3 - .../boot/dts/marvell/armada-3720-turris-mox.dts | 8 +- arch/arm64/boot/dts/marvell/armada-37xx.dtsi | 2 +- arch/arm64/boot/dts/qcom/sm8350.dtsi | 48 ++- arch/arm64/include/asm/mte-kasan.h | 1 + arch/arm64/include/asm/pgtable-prot.h | 4 +- arch/arm64/include/asm/pgtable.h | 11 - arch/arm64/mm/mmap.c | 17 + arch/riscv/Kconfig.erratas | 1 + arch/riscv/Kconfig.socs | 4 +- arch/riscv/boot/dts/canaan/k210.dtsi | 3 +- arch/riscv/kernel/module.c | 21 +- arch/x86/kernel/cpu/sgx/encl.c | 57 +++- arch/x86/kernel/e820.c | 41 ++- arch/x86/kernel/kdebugfs.c | 37 ++- arch/x86/kernel/ksysfs.c | 77 ++++- arch/x86/kernel/kvm.c | 9 +- arch/x86/kernel/module.c | 13 +- arch/x86/kernel/setup.c | 34 +- arch/x86/kernel/traps.c | 1 + arch/x86/kvm/x86.c | 7 + arch/x86/mm/ioremap.c | 57 +++- drivers/block/virtio_blk.c | 20 +- drivers/clk/qcom/dispcc-sc7180.c | 5 +- drivers/clk/qcom/dispcc-sc7280.c | 5 +- drivers/clk/qcom/dispcc-sm8250.c | 5 +- drivers/clk/qcom/gdsc.c | 26 +- drivers/clk/qcom/gdsc.h | 8 +- drivers/gpio/gpio-ts4900.c | 24 +- drivers/gpio/gpiolib-acpi.c | 6 +- drivers/gpio/gpiolib.c | 20 ++ drivers/gpu/drm/amd/amdgpu/amdgpu_display.c | 2 +- drivers/gpu/drm/i915/display/intel_psr.c | 16 +- drivers/gpu/drm/i915/i915_reg.h | 1 + drivers/gpu/drm/panel/Kconfig | 1 + drivers/gpu/drm/sun4i/sun8i_mixer.h | 8 +- drivers/gpu/drm/vc4/vc4_hdmi.c | 8 + drivers/gpu/drm/vc4/vc4_hdmi.h | 1 + drivers/hid/hid-elo.c | 7 +- drivers/hid/hid-nintendo.c | 4 + drivers/hid/hid-thrustmaster.c | 6 + drivers/hid/hid-vivaldi.c | 2 +- drivers/hwmon/pmbus/pmbus_core.c | 5 + drivers/isdn/hardware/mISDN/hfcpci.c | 6 +- drivers/isdn/mISDN/dsp_pipeline.c | 6 +- drivers/mmc/host/meson-gx-mmc.c | 15 +- drivers/net/dsa/mt7530.c | 2 +- drivers/net/ethernet/arc/emac_mdio.c | 5 +- drivers/net/ethernet/broadcom/genet/bcmgenet_wol.c | 7 + drivers/net/ethernet/cadence/macb_main.c | 25 +- drivers/net/ethernet/freescale/gianfar_ethtool.c | 1 + drivers/net/ethernet/intel/i40e/i40e_debugfs.c | 6 +- drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.c | 57 +--- drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.h | 5 - drivers/net/ethernet/intel/iavf/iavf_virtchnl.c | 40 +++ drivers/net/ethernet/intel/ice/ice.h | 1 + drivers/net/ethernet/intel/ice/ice_ethtool.c | 2 +- drivers/net/ethernet/intel/ice/ice_main.c | 31 +- drivers/net/ethernet/intel/ice/ice_virtchnl_pf.c | 18 -- drivers/net/ethernet/intel/ice/ice_virtchnl_pf.h | 3 - .../net/ethernet/marvell/prestera/prestera_main.c | 1 + drivers/net/ethernet/mellanox/mlx5/core/cmd.c | 15 +- drivers/net/ethernet/mellanox/mlx5/core/en/tir.c | 3 - drivers/net/ethernet/mellanox/mlx5/core/en_main.c | 3 +- drivers/net/ethernet/mellanox/mlx5/core/lag/mp.c | 11 +- .../ethernet/mellanox/mlx5/core/lib/fs_chains.c | 3 - drivers/net/ethernet/nxp/lpc_eth.c | 5 +- drivers/net/ethernet/qlogic/qed/qed_sriov.c | 18 +- drivers/net/ethernet/qlogic/qed/qed_vf.c | 7 + drivers/net/ethernet/ti/cpts.c | 4 +- drivers/net/ethernet/xilinx/xilinx_emaclite.c | 4 +- drivers/net/hamradio/6pack.c | 4 +- drivers/net/phy/dp83822.c | 2 +- drivers/net/phy/meson-gxl.c | 31 +- drivers/net/usb/smsc95xx.c | 28 +- drivers/net/xen-netback/xenbus.c | 14 +- drivers/nfc/port100.c | 2 + drivers/nvme/host/tcp.c | 63 +++- drivers/of/fdt.c | 2 +- drivers/pci/quirks.c | 14 +- drivers/pinctrl/intel/pinctrl-tigerlake.c | 1 - drivers/soc/mediatek/mt8192-mmsys.h | 3 +- drivers/spi/spi-rockchip.c | 13 +- drivers/staging/gdm724x/gdm_lte.c | 5 +- drivers/staging/rtl8723bs/core/rtw_mlme_ext.c | 7 +- drivers/staging/rtl8723bs/core/rtw_recv.c | 10 +- drivers/staging/rtl8723bs/core/rtw_sta_mgt.c | 22 +- drivers/staging/rtl8723bs/core/rtw_xmit.c | 16 +- drivers/staging/rtl8723bs/hal/rtl8723bs_xmit.c | 2 + drivers/usb/dwc3/dwc3-pci.c | 4 + drivers/vdpa/mlx5/net/mlx5_vnet.c | 16 + drivers/vdpa/vdpa_user/iova_domain.c | 2 +- drivers/vdpa/virtio_pci/vp_vdpa.c | 2 +- drivers/vhost/iotlb.c | 11 + drivers/vhost/vhost.c | 5 + drivers/virtio/virtio.c | 40 +-- fs/btrfs/block-group.c | 9 +- fs/btrfs/ctree.c | 98 ++++-- fs/btrfs/ctree.h | 14 +- fs/btrfs/disk-io.c | 4 +- fs/btrfs/relocation.c | 13 - fs/btrfs/send.c | 357 ++++++++++++++++++--- fs/btrfs/transaction.c | 4 + fs/fuse/dev.c | 12 +- fs/fuse/file.c | 1 + fs/fuse/fuse_i.h | 1 + fs/fuse/ioctl.c | 9 +- fs/pipe.c | 11 +- include/linux/mlx5/mlx5_ifc.h | 5 +- include/linux/netdevice.h | 1 - include/linux/nvme-tcp.h | 1 + include/linux/virtio.h | 1 - include/linux/virtio_config.h | 3 +- include/linux/watch_queue.h | 3 +- include/net/esp.h | 2 + kernel/dma/swiotlb.c | 22 +- kernel/trace/trace.c | 10 +- kernel/trace/trace_osnoise.c | 84 +++-- kernel/trace/trace_selftest.c | 6 +- kernel/watch_queue.c | 15 +- mm/gup.c | 57 ++-- net/ax25/af_ax25.c | 7 + net/core/net-sysfs.c | 2 +- net/core/skbuff.c | 26 -- net/ipv4/esp4.c | 5 + net/ipv4/esp4_offload.c | 3 + net/ipv4/udp_offload.c | 27 ++ net/ipv6/addrconf.c | 2 + net/ipv6/esp6.c | 5 + net/ipv6/esp6_offload.c | 3 + net/sctp/diag.c | 9 +- net/tipc/bearer.c | 12 +- net/tipc/link.c | 9 +- tools/perf/util/parse-events.c | 6 +- .../testing/selftests/bpf/prog_tests/timer_crash.c | 32 ++ tools/testing/selftests/bpf/progs/timer_crash.c | 54 ++++ tools/testing/selftests/memfd/memfd_test.c | 1 + tools/testing/selftests/net/pmtu.sh | 21 +- tools/testing/selftests/vm/map_fixed_noreplace.c | 49 ++- virt/kvm/kvm_main.c | 4 +- 145 files changed, 1650 insertions(+), 646 deletions(-)

2 years, 10 months

11
131
0 0

[PATCH] cpufreq: fix cpufreq_get() can't get correct CPU frequency

by z00314508

From: Zucheng Zheng <zhengzucheng(a)huawei.com> On some specific platforms, the cpufreq driver does not define cpufreq_driver.get() routine (eg:x86 intel_pstate driver), as a result, the cpufreq_get() can't get the correct CPU frequency. Modern x86 processors include the hardware needed to accurately calculate frequency over an interval -- APERF, MPERF and the TSC. Here we use arch_freq_get_on_cpu() in preference to any driver driver-specific cpufreq_driver.get() routine to get CPU frequency. Fixes: f8475cef9008 ("x86: use common aperfmperf_khz_on_cpu() to calculate KHz using APERF/MPERF") Signed-off-by: Zucheng Zheng <zhengzucheng(a)huawei.com> --- drivers/cpufreq/cpufreq.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/drivers/cpufreq/cpufreq.c b/drivers/cpufreq/cpufreq.c index 80f535cc8a75..d777257b4454 100644 --- a/drivers/cpufreq/cpufreq.c +++ b/drivers/cpufreq/cpufreq.c @@ -1806,10 +1806,14 @@ unsigned int cpufreq_get(unsigned int cpu) { struct cpufreq_policy *policy = cpufreq_cpu_get(cpu); unsigned int ret_freq = 0; + unsigned int freq; if (policy) { down_read(&policy->rwsem); - if (cpufreq_driver->get) + freq = arch_freq_get_on_cpu(policy->cpu); + if (freq) + ret_freq = freq; + else if (cpufreq_driver->get) ret_freq = __cpufreq_get(policy); up_read(&policy->rwsem); -- 2.18.0.huawei.25

2 years, 10 months

4
4
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-stable-mirror March 2022