June 2022 - Linux-stable-mirror

by Ben Hutchings

I've attached mailboxes with backports to 4.9, 4.14, and 4.19 of fixes for: - TCP source port randomisation - xprtdma header length calculation - [4.9 only] swiotlb information leak - [4.9 only] FUSE pipe buffer information leak Ben. -- Ben Hutchings Man invented language to satisfy his deep need to complain. - Lily Tomlin

3 years

2
1
0 0

[PATCH 5.15] usb: gadget: u_ether: fix regression in setting fixed MAC address

by Marian Postevca

commit b337af3a4d6147000b7ca6b3438bf5c820849b37 upstream. In systemd systems setting a fixed MAC address through the "dev_addr" module argument fails systematically. When checking the MAC address after the interface is created it always has the same but different MAC address to the one supplied as argument. This is partially caused by systemd which by default will set an internally generated permanent MAC address for interfaces that are marked as having a randomly generated address. Commit 890d5b40908bfd1a ("usb: gadget: u_ether: fix race in setting MAC address in setup phase") didn't take into account the fact that the interface must be marked as having a set MAC address when it's set as module argument. Fixed by marking the interface with NET_ADDR_SET when the "dev_addr" module argument is supplied. Reported-by: Maximilian Senftleben <kernel(a)mail.msdigital.de> Cc: stable(a)vger.kernel.org Fixes: 890d5b40908bfd1a ("usb: gadget: u_ether: fix race in setting MAC address in setup phase") Signed-off-by: Marian Postevca <posteuca(a)mutex.one> --- drivers/usb/gadget/function/u_ether.c | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/drivers/usb/gadget/function/u_ether.c b/drivers/usb/gadget/function/u_ether.c index d15a54f6c24b9..ef253599dcf96 100644 --- a/drivers/usb/gadget/function/u_ether.c +++ b/drivers/usb/gadget/function/u_ether.c @@ -774,9 +774,13 @@ struct eth_dev *gether_setup_name(struct usb_gadget *g, dev->qmult = qmult; snprintf(net->name, sizeof(net->name), "%s%%d", netname); - if (get_ether_addr(dev_addr, net->dev_addr)) + if (get_ether_addr(dev_addr, net->dev_addr)) { + net->addr_assign_type = NET_ADDR_RANDOM; dev_warn(&g->dev, "using random %s ethernet address\n", "self"); + } else { + net->addr_assign_type = NET_ADDR_SET; + } if (get_ether_addr(host_addr, dev->host_mac)) dev_warn(&g->dev, "using random %s ethernet address\n", "host"); @@ -833,6 +837,9 @@ struct net_device *gether_setup_name_default(const char *netname) INIT_LIST_HEAD(&dev->tx_reqs); INIT_LIST_HEAD(&dev->rx_reqs); + /* by default we always have a random MAC address */ + net->addr_assign_type = NET_ADDR_RANDOM; + skb_queue_head_init(&dev->rx_frames); /* network device setup */ @@ -869,7 +876,6 @@ int gether_register_netdev(struct net_device *net) dev = netdev_priv(net); g = dev->gadget; - net->addr_assign_type = NET_ADDR_RANDOM; eth_hw_addr_set(net, dev->dev_mac); status = register_netdev(net); @@ -910,6 +916,7 @@ int gether_set_dev_addr(struct net_device *net, const char *dev_addr) if (get_ether_addr(dev_addr, new_addr)) return -EINVAL; memcpy(dev->dev_mac, new_addr, ETH_ALEN); + net->addr_assign_type = NET_ADDR_SET; return 0; } EXPORT_SYMBOL_GPL(gether_set_dev_addr); -- 2.35.1

3 years

2
1
0 0

FAILED: patch "[PATCH] zonefs: fix zonefs_iomap_begin() for reads" failed to apply to 5.18-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.18-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From c1c1204c0d0c1dccc1310b9277fb2bd8b663d8fe Mon Sep 17 00:00:00 2001 From: Damien Le Moal <damien.lemoal(a)opensource.wdc.com> Date: Mon, 23 May 2022 16:29:10 +0900 Subject: [PATCH] zonefs: fix zonefs_iomap_begin() for reads If a readahead is issued to a sequential zone file with an offset exactly equal to the current file size, the iomap type is set to IOMAP_UNWRITTEN, which will prevent an IO, but the iomap length is calculated as 0. This causes a WARN_ON() in iomap_iter(): [17309.548939] WARNING: CPU: 3 PID: 2137 at fs/iomap/iter.c:34 iomap_iter+0x9cf/0xe80 [...] [17309.650907] RIP: 0010:iomap_iter+0x9cf/0xe80 [...] [17309.754560] Call Trace: [17309.757078] <TASK> [17309.759240] ? lock_is_held_type+0xd8/0x130 [17309.763531] iomap_readahead+0x1a8/0x870 [17309.767550] ? iomap_read_folio+0x4c0/0x4c0 [17309.771817] ? lockdep_hardirqs_on_prepare+0x400/0x400 [17309.778848] ? lock_release+0x370/0x750 [17309.784462] ? folio_add_lru+0x217/0x3f0 [17309.790220] ? reacquire_held_locks+0x4e0/0x4e0 [17309.796543] read_pages+0x17d/0xb60 [17309.801854] ? folio_add_lru+0x238/0x3f0 [17309.807573] ? readahead_expand+0x5f0/0x5f0 [17309.813554] ? policy_node+0xb5/0x140 [17309.819018] page_cache_ra_unbounded+0x27d/0x450 [17309.825439] filemap_get_pages+0x500/0x1450 [17309.831444] ? filemap_add_folio+0x140/0x140 [17309.837519] ? lock_is_held_type+0xd8/0x130 [17309.843509] filemap_read+0x28c/0x9f0 [17309.848953] ? zonefs_file_read_iter+0x1ea/0x4d0 [zonefs] [17309.856162] ? trace_contention_end+0xd6/0x130 [17309.862416] ? __mutex_lock+0x221/0x1480 [17309.868151] ? zonefs_file_read_iter+0x166/0x4d0 [zonefs] [17309.875364] ? filemap_get_pages+0x1450/0x1450 [17309.881647] ? __mutex_unlock_slowpath+0x15e/0x620 [17309.888248] ? wait_for_completion_io_timeout+0x20/0x20 [17309.895231] ? lock_is_held_type+0xd8/0x130 [17309.901115] ? lock_is_held_type+0xd8/0x130 [17309.906934] zonefs_file_read_iter+0x356/0x4d0 [zonefs] [17309.913750] new_sync_read+0x2d8/0x520 [17309.919035] ? __x64_sys_lseek+0x1d0/0x1d0 Furthermore, this causes iomap_readahead() to loop forever as iomap_readahead_iter() always returns 0, making no progress. Fix this by treating reads after the file size as access to holes, setting the iomap type to IOMAP_HOLE, the iomap addr to IOMAP_NULL_ADDR and using the length argument as is for the iomap length. To simplify the code with this change, zonefs_iomap_begin() is split into the read variant, zonefs_read_iomap_begin() and zonefs_read_iomap_ops, and the write variant, zonefs_write_iomap_begin() and zonefs_write_iomap_ops. Reported-by: Jorgen Hansen <Jorgen.Hansen(a)wdc.com> Fixes: 8dcc1a9d90c1 ("fs: New zonefs file system") Signed-off-by: Damien Le Moal <damien.lemoal(a)opensource.wdc.com> Reviewed-by: Christoph Hellwig <hch(a)lst.de> Reviewed-by: Johannes Thumshirn <johannes.thumshirn(a)wdc.com> Reviewed-by: Jorgen Hansen <Jorgen.Hansen(a)wdc.com> diff --git a/fs/zonefs/super.c b/fs/zonefs/super.c index 123464d2145a..053299758deb 100644 --- a/fs/zonefs/super.c +++ b/fs/zonefs/super.c @@ -110,15 +110,51 @@ static inline void zonefs_i_size_write(struct inode *inode, loff_t isize) } } -static int zonefs_iomap_begin(struct inode *inode, loff_t offset, loff_t length, - unsigned int flags, struct iomap *iomap, - struct iomap *srcmap) +static int zonefs_read_iomap_begin(struct inode *inode, loff_t offset, + loff_t length, unsigned int flags, + struct iomap *iomap, struct iomap *srcmap) { struct zonefs_inode_info *zi = ZONEFS_I(inode); struct super_block *sb = inode->i_sb; loff_t isize; - /* All I/Os should always be within the file maximum size */ + /* + * All blocks are always mapped below EOF. If reading past EOF, + * act as if there is a hole up to the file maximum size. + */ + mutex_lock(&zi->i_truncate_mutex); + iomap->bdev = inode->i_sb->s_bdev; + iomap->offset = ALIGN_DOWN(offset, sb->s_blocksize); + isize = i_size_read(inode); + if (iomap->offset >= isize) { + iomap->type = IOMAP_HOLE; + iomap->addr = IOMAP_NULL_ADDR; + iomap->length = length; + } else { + iomap->type = IOMAP_MAPPED; + iomap->addr = (zi->i_zsector << SECTOR_SHIFT) + iomap->offset; + iomap->length = isize - iomap->offset; + } + mutex_unlock(&zi->i_truncate_mutex); + + trace_zonefs_iomap_begin(inode, iomap); + + return 0; +} + +static const struct iomap_ops zonefs_read_iomap_ops = { + .iomap_begin = zonefs_read_iomap_begin, +}; + +static int zonefs_write_iomap_begin(struct inode *inode, loff_t offset, + loff_t length, unsigned int flags, + struct iomap *iomap, struct iomap *srcmap) +{ + struct zonefs_inode_info *zi = ZONEFS_I(inode); + struct super_block *sb = inode->i_sb; + loff_t isize; + + /* All write I/Os should always be within the file maximum size */ if (WARN_ON_ONCE(offset + length > zi->i_max_size)) return -EIO; @@ -128,7 +164,7 @@ static int zonefs_iomap_begin(struct inode *inode, loff_t offset, loff_t length, * operation. */ if (WARN_ON_ONCE(zi->i_ztype == ZONEFS_ZTYPE_SEQ && - (flags & IOMAP_WRITE) && !(flags & IOMAP_DIRECT))) + !(flags & IOMAP_DIRECT))) return -EIO; /* @@ -137,47 +173,44 @@ static int zonefs_iomap_begin(struct inode *inode, loff_t offset, loff_t length, * write pointer) and unwriten beyond. */ mutex_lock(&zi->i_truncate_mutex); + iomap->bdev = inode->i_sb->s_bdev; + iomap->offset = ALIGN_DOWN(offset, sb->s_blocksize); + iomap->addr = (zi->i_zsector << SECTOR_SHIFT) + iomap->offset; isize = i_size_read(inode); - if (offset >= isize) + if (iomap->offset >= isize) { iomap->type = IOMAP_UNWRITTEN; - else + iomap->length = zi->i_max_size - iomap->offset; + } else { iomap->type = IOMAP_MAPPED; - if (flags & IOMAP_WRITE) - length = zi->i_max_size - offset; - else - length = min(length, isize - offset); + iomap->length = isize - iomap->offset; + } mutex_unlock(&zi->i_truncate_mutex); - iomap->offset = ALIGN_DOWN(offset, sb->s_blocksize); - iomap->length = ALIGN(offset + length, sb->s_blocksize) - iomap->offset; - iomap->bdev = inode->i_sb->s_bdev; - iomap->addr = (zi->i_zsector << SECTOR_SHIFT) + iomap->offset; - trace_zonefs_iomap_begin(inode, iomap); return 0; } -static const struct iomap_ops zonefs_iomap_ops = { - .iomap_begin = zonefs_iomap_begin, +static const struct iomap_ops zonefs_write_iomap_ops = { + .iomap_begin = zonefs_write_iomap_begin, }; static int zonefs_read_folio(struct file *unused, struct folio *folio) { - return iomap_read_folio(folio, &zonefs_iomap_ops); + return iomap_read_folio(folio, &zonefs_read_iomap_ops); } static void zonefs_readahead(struct readahead_control *rac) { - iomap_readahead(rac, &zonefs_iomap_ops); + iomap_readahead(rac, &zonefs_read_iomap_ops); } /* * Map blocks for page writeback. This is used only on conventional zone files, * which implies that the page range can only be within the fixed inode size. */ -static int zonefs_map_blocks(struct iomap_writepage_ctx *wpc, - struct inode *inode, loff_t offset) +static int zonefs_write_map_blocks(struct iomap_writepage_ctx *wpc, + struct inode *inode, loff_t offset) { struct zonefs_inode_info *zi = ZONEFS_I(inode); @@ -191,12 +224,12 @@ static int zonefs_map_blocks(struct iomap_writepage_ctx *wpc, offset < wpc->iomap.offset + wpc->iomap.length) return 0; - return zonefs_iomap_begin(inode, offset, zi->i_max_size - offset, - IOMAP_WRITE, &wpc->iomap, NULL); + return zonefs_write_iomap_begin(inode, offset, zi->i_max_size - offset, + IOMAP_WRITE, &wpc->iomap, NULL); } static const struct iomap_writeback_ops zonefs_writeback_ops = { - .map_blocks = zonefs_map_blocks, + .map_blocks = zonefs_write_map_blocks, }; static int zonefs_writepage(struct page *page, struct writeback_control *wbc) @@ -226,7 +259,8 @@ static int zonefs_swap_activate(struct swap_info_struct *sis, return -EINVAL; } - return iomap_swapfile_activate(sis, swap_file, span, &zonefs_iomap_ops); + return iomap_swapfile_activate(sis, swap_file, span, + &zonefs_read_iomap_ops); } static const struct address_space_operations zonefs_file_aops = { @@ -647,7 +681,7 @@ static vm_fault_t zonefs_filemap_page_mkwrite(struct vm_fault *vmf) /* Serialize against truncates */ filemap_invalidate_lock_shared(inode->i_mapping); - ret = iomap_page_mkwrite(vmf, &zonefs_iomap_ops); + ret = iomap_page_mkwrite(vmf, &zonefs_write_iomap_ops); filemap_invalidate_unlock_shared(inode->i_mapping); sb_end_pagefault(inode->i_sb); @@ -899,7 +933,7 @@ static ssize_t zonefs_file_dio_write(struct kiocb *iocb, struct iov_iter *from) if (append) ret = zonefs_file_dio_append(iocb, from); else - ret = iomap_dio_rw(iocb, from, &zonefs_iomap_ops, + ret = iomap_dio_rw(iocb, from, &zonefs_write_iomap_ops, &zonefs_write_dio_ops, 0, NULL, 0); if (zi->i_ztype == ZONEFS_ZTYPE_SEQ && (ret > 0 || ret == -EIOCBQUEUED)) { @@ -948,7 +982,7 @@ static ssize_t zonefs_file_buffered_write(struct kiocb *iocb, if (ret <= 0) goto inode_unlock; - ret = iomap_file_buffered_write(iocb, from, &zonefs_iomap_ops); + ret = iomap_file_buffered_write(iocb, from, &zonefs_write_iomap_ops); if (ret > 0) iocb->ki_pos += ret; else if (ret == -EIO) @@ -1041,7 +1075,7 @@ static ssize_t zonefs_file_read_iter(struct kiocb *iocb, struct iov_iter *to) goto inode_unlock; } file_accessed(iocb->ki_filp); - ret = iomap_dio_rw(iocb, to, &zonefs_iomap_ops, + ret = iomap_dio_rw(iocb, to, &zonefs_read_iomap_ops, &zonefs_read_dio_ops, 0, NULL, 0); } else { ret = generic_file_read_iter(iocb, to);

3 years

3
3
0 0

[PATCH 5.4 00/34] 5.4.197-rc1 review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 5.4.197 release. There are 34 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Sun, 05 Jun 2022 17:38:05 +0000. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v5.x/stable-review/patch-5.4.197-rc… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-5.4.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 5.4.197-rc1 Liu Jian <liujian56(a)huawei.com> bpf: Enlarge offset check value to INT_MAX in bpf_skb_{load,store}_bytes Chuck Lever <chuck.lever(a)oracle.com> NFSD: Fix possible sleep during nfsd4_release_lockowner() Trond Myklebust <trond.myklebust(a)hammerspace.com> NFS: Memory allocation failures are not server fatal errors Akira Yokosawa <akiyks(a)gmail.com> docs: submitting-patches: Fix crossref to 'The canonical patch format' Xiu Jianfeng <xiujianfeng(a)huawei.com> tpm: ibmvtpm: Correct the return value in tpm_ibmvtpm_probe() Stefan Mahnke-Hartmann <stefan.mahnke-hartmann(a)infineon.com> tpm: Fix buffer access in tpm2_get_tpm_pt() Marek Maślanka <mm(a)semihalf.com> HID: multitouch: Add support for Google Whiskers Touchpad Mariusz Tkaczyk <mariusz.tkaczyk(a)linux.intel.com> raid5: introduce MD_BROKEN Sarthak Kukreti <sarthakkukreti(a)google.com> dm verity: set DM_TARGET_IMMUTABLE feature flag Mikulas Patocka <mpatocka(a)redhat.com> dm stats: add cond_resched when looping over entries Mikulas Patocka <mpatocka(a)redhat.com> dm crypt: make printing of the key constant-time Dan Carpenter <dan.carpenter(a)oracle.com> dm integrity: fix error code in dm_integrity_ctr() Sultan Alsawaf <sultan(a)kerneltoast.com> zsmalloc: fix races between asynchronous zspage free and page migration Vitaly Chikunov <vt(a)altlinux.org> crypto: ecrdsa - Fix incorrect use of vli_cmp Florian Westphal <fw(a)strlen.de> netfilter: conntrack: re-fetch conntrack after insertion Kees Cook <keescook(a)chromium.org> exec: Force single empty string when argv is empty Gustavo A. R. Silva <gustavoars(a)kernel.org> drm/i915: Fix -Wstringop-overflow warning in call to intel_read_wm_latency() Miri Korenblit <miriam.rachel.korenblit(a)intel.com> cfg80211: set custom regdomain after wiphy registration Stephen Brennan <stephen.s.brennan(a)oracle.com> assoc_array: Fix BUG_ON during garbage collect Piyush Malgujar <pmalgujar(a)marvell.com> drivers: i2c: thunderx: Allow driver to work with ACPI defined TWSI controllers Mika Westerberg <mika.westerberg(a)linux.intel.com> i2c: ismt: Provide a DMA buffer for Interrupt Cause Logging Joel Stanley <joel(a)jms.id.au> net: ftgmac100: Disable hardware checksum on AST2600 Thomas Bartschies <thomas.bartschies(a)cvk.de> net: af_key: check encryption module availability consistency IotaHydrae <writeforever(a)foxmail.com> pinctrl: sunxi: fix f1c100s uart2 function Lorenzo Pieralisi <lorenzo.pieralisi(a)arm.com> ACPI: sysfs: Fix BERT error region memory mapping Andy Shevchenko <andriy.shevchenko(a)linux.intel.com> ACPI: sysfs: Make sparse happy about address space in use Hans Verkuil <hverkuil-cisco(a)xs4all.nl> media: vim2m: initialize the media device earlier Sakari Ailus <sakari.ailus(a)linux.intel.com> media: vim2m: Register video device after setting up internals Willy Tarreau <w(a)1wt.eu> secure_seq: use the 64 bits of the siphash for port offset calculation Eric Dumazet <edumazet(a)google.com> tcp: change source port randomizarion at connect() time Dmitry Mastykin <dmastykin(a)astralinux.ru> Input: goodix - fix spurious key release events Denis Efremov (Oracle) <efremov(a)linux.com> staging: rtl8723bs: prevent ->Ssid overflow in rtw_wx_set_scan() Thomas Gleixner <tglx(a)linutronix.de> x86/pci/xen: Disable PCI/MSI[-X] masking for XEN_HVM guests Daniel Thompson <daniel.thompson(a)linaro.org> lockdown: also lock down previous kgdb use ------------- Diffstat: Documentation/process/submitting-patches.rst | 2 +- Makefile | 4 +- arch/x86/pci/xen.c | 5 +++ crypto/ecrdsa.c | 8 ++-- drivers/acpi/sysfs.c | 23 +++++++--- drivers/char/tpm/tpm2-cmd.c | 11 ++++- drivers/char/tpm/tpm_ibmvtpm.c | 1 + drivers/gpu/drm/i915/intel_pm.c | 2 +- drivers/hid/hid-multitouch.c | 3 ++ drivers/i2c/busses/i2c-ismt.c | 14 ++++++ drivers/i2c/busses/i2c-thunderx-pcidrv.c | 1 + drivers/input/touchscreen/goodix.c | 2 +- drivers/md/dm-crypt.c | 14 ++++-- drivers/md/dm-integrity.c | 2 - drivers/md/dm-stats.c | 8 ++++ drivers/md/dm-verity-target.c | 1 + drivers/md/raid5.c | 47 +++++++++---------- drivers/media/platform/vim2m.c | 22 +++++---- drivers/net/ethernet/faraday/ftgmac100.c | 5 +++ drivers/pinctrl/sunxi/pinctrl-suniv-f1c100s.c | 2 +- drivers/staging/rtl8723bs/os_dep/ioctl_linux.c | 6 ++- fs/exec.c | 25 ++++++++++- fs/nfs/internal.h | 1 + fs/nfsd/nfs4state.c | 12 ++--- include/linux/security.h | 2 + include/net/inet_hashtables.h | 2 +- include/net/netfilter/nf_conntrack_core.h | 7 ++- include/net/secure_seq.h | 4 +- kernel/debug/debug_core.c | 24 ++++++++++ kernel/debug/kdb/kdb_main.c | 62 ++++++++++++++++++++++++-- lib/assoc_array.c | 8 ++++ mm/zsmalloc.c | 37 +++++++++++++-- net/core/filter.c | 4 +- net/core/secure_seq.c | 4 +- net/ipv4/inet_hashtables.c | 28 +++++++++--- net/ipv6/inet6_hashtables.c | 4 +- net/key/af_key.c | 6 +-- net/wireless/core.c | 8 ++-- net/wireless/reg.c | 1 + security/lockdown/lockdown.c | 2 + 40 files changed, 327 insertions(+), 97 deletions(-)

3 years

9
53
0 0

request to stable branch [PATCH] net: mana: Add handling of CQE_RX_TRUNCATED

by Haiyang Zhang

To stable tree maintainers: Patch: net: mana: Add handling of CQE_RX_TRUNCATED commit e4b7621982d29f26ff4d39af389e5e675a4ffed4 upstream Why you think it should be applied: This patch fixes the handling of CQE_RX_TRUNCATED case, otherwise someone can easily attack it by sending a jumbo packet and cause the driver misbehave. What kernel version you wish it to be applied to: 5.15.x Thanks, - Haiyang

3 years

2
1
0 0

Display corruption on resume

by Limonciello, Mario

[Public] Hi, Can you please backport this commit to 5.15.y? commit 79d6b9351f086e0f914a26915d96ab52286ec46c ("drm/amd/display: Don't reinitialize DMCUB on s0ix resume") It fixes display corruption that was found during s0ix resume on Ryzen 6000. https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1978244 Thanks,

3 years

2
1
0 0

please consider for stable: "s390/mm: use non-quiescing sske for KVM switch to keyed guest"

by Christian Borntraeger

stable team, please consider commit 3ae11dbcfac906a8c3a480e98660a823130dc16a It will noticeable reduce system overhead when this happens on multiple CPUs. ----snip---- commit 3ae11dbcfac906a8c3a480e98660a823130dc16a s390/mm: use non-quiescing sske for KVM switch to keyed guest The switch to a keyed guest does not require a classic sske as the other guest CPUs are not accessing the key before the switch is complete. By using the NQ SSKE things are faster especially with multiple guests. Signed-off-by: Christian Borntraeger <borntraeger(a)linux.ibm.com> Suggested-by: Janis Schoetterl-Glausch <scgl(a)linux.ibm.com> Reviewed-by: Claudio Imbrenda <imbrenda(a)linux.ibm.com> Link: https://lore.kernel.org/r/20220530092706.11637-3-borntraeger@linux.ibm.com Signed-off-by: Christian Borntraeger <borntraeger(a)linux.ibm.com> Signed-off-by: Heiko Carstens <hca(a)linux.ibm.com> diff --git a/arch/s390/mm/pgtable.c b/arch/s390/mm/pgtable.c index 697df02362af..4909dcd762e8 100644 --- a/arch/s390/mm/pgtable.c +++ b/arch/s390/mm/pgtable.c @@ -748,7 +748,7 @@ void ptep_zap_key(struct mm_struct *mm, unsigned long addr, pte_t *ptep) pgste_val(pgste) |= PGSTE_GR_BIT | PGSTE_GC_BIT; ptev = pte_val(*ptep); if (!(ptev & _PAGE_INVALID) && (ptev & _PAGE_WRITE)) - page_set_storage_key(ptev & PAGE_MASK, PAGE_DEFAULT_KEY, 1); + page_set_storage_key(ptev & PAGE_MASK, PAGE_DEFAULT_KEY, 0); pgste_set_unlock(ptep, pgste); preempt_enable(); }

3 years

2
1
0 0

[PATCH stable-5.10] arm64: mm: Don't invalidate FROM_DEVICE buffers at start of DMA transfer

by Catalin Marinas

From: Will Deacon <will(a)kernel.org> commit c50f11c6196f45c92ca48b16a5071615d4ae0572 upstream. Invalidating the buffer memory in arch_sync_dma_for_device() for FROM_DEVICE transfers When using the streaming DMA API to map a buffer prior to inbound non-coherent DMA (i.e. DMA_FROM_DEVICE), we invalidate any dirty CPU cachelines so that they will not be written back during the transfer and corrupt the buffer contents written by the DMA. This, however, poses two potential problems: (1) If the DMA transfer does not write to every byte in the buffer, then the unwritten bytes will contain stale data once the transfer has completed. (2) If the buffer has a virtual alias in userspace, then stale data may be visible via this alias during the period between performing the cache invalidation and the DMA writes landing in memory. Address both of these issues by cleaning (aka writing-back) the dirty lines in arch_sync_dma_for_device(DMA_FROM_DEVICE) instead of discarding them using invalidation. Cc: Ard Biesheuvel <ardb(a)kernel.org> Cc: Christoph Hellwig <hch(a)lst.de> Cc: Robin Murphy <robin.murphy(a)arm.com> Cc: Russell King <linux(a)armlinux.org.uk> Cc: <stable(a)vger.kernel.org> Link: https://lore.kernel.org/r/20220606152150.GA31568@willie-the-truck Signed-off-by: Will Deacon <will(a)kernel.org> Reviewed-by: Ard Biesheuvel <ardb(a)kernel.org> Link: https://lore.kernel.org/r/20220610151228.4562-2-will@kernel.org Signed-off-by: Catalin Marinas <catalin.marinas(a)arm.com> --- arch/arm64/mm/cache.S | 2 -- 1 file changed, 2 deletions(-) diff --git a/arch/arm64/mm/cache.S b/arch/arm64/mm/cache.S index 2d881f34dd9d..7b8158ae36ec 100644 --- a/arch/arm64/mm/cache.S +++ b/arch/arm64/mm/cache.S @@ -228,8 +228,6 @@ SYM_FUNC_END_PI(__dma_flush_area) * - dir - DMA direction */ SYM_FUNC_START_PI(__dma_map_area) - cmp w2, #DMA_FROM_DEVICE - b.eq __dma_inv_area b __dma_clean_area SYM_FUNC_END_PI(__dma_map_area)

3 years

1
0
0 0

[PATCH stable-5.4] arm64: mm: Don't invalidate FROM_DEVICE buffers at start of DMA transfer

by Catalin Marinas

From: Will Deacon <will(a)kernel.org> commit c50f11c6196f45c92ca48b16a5071615d4ae0572 upstream. Invalidating the buffer memory in arch_sync_dma_for_device() for FROM_DEVICE transfers When using the streaming DMA API to map a buffer prior to inbound non-coherent DMA (i.e. DMA_FROM_DEVICE), we invalidate any dirty CPU cachelines so that they will not be written back during the transfer and corrupt the buffer contents written by the DMA. This, however, poses two potential problems: (1) If the DMA transfer does not write to every byte in the buffer, then the unwritten bytes will contain stale data once the transfer has completed. (2) If the buffer has a virtual alias in userspace, then stale data may be visible via this alias during the period between performing the cache invalidation and the DMA writes landing in memory. Address both of these issues by cleaning (aka writing-back) the dirty lines in arch_sync_dma_for_device(DMA_FROM_DEVICE) instead of discarding them using invalidation. Cc: Ard Biesheuvel <ardb(a)kernel.org> Cc: Christoph Hellwig <hch(a)lst.de> Cc: Robin Murphy <robin.murphy(a)arm.com> Cc: Russell King <linux(a)armlinux.org.uk> Cc: <stable(a)vger.kernel.org> Link: https://lore.kernel.org/r/20220606152150.GA31568@willie-the-truck Signed-off-by: Will Deacon <will(a)kernel.org> Reviewed-by: Ard Biesheuvel <ardb(a)kernel.org> Link: https://lore.kernel.org/r/20220610151228.4562-2-will@kernel.org Signed-off-by: Catalin Marinas <catalin.marinas(a)arm.com> --- arch/arm64/mm/cache.S | 2 -- 1 file changed, 2 deletions(-) diff --git a/arch/arm64/mm/cache.S b/arch/arm64/mm/cache.S index db767b072601..7b054c67acd8 100644 --- a/arch/arm64/mm/cache.S +++ b/arch/arm64/mm/cache.S @@ -228,8 +228,6 @@ ENDPIPROC(__dma_flush_area) * - dir - DMA direction */ ENTRY(__dma_map_area) - cmp w2, #DMA_FROM_DEVICE - b.eq __dma_inv_area b __dma_clean_area ENDPIPROC(__dma_map_area)

3 years

1
0
0 0

[PATCH] soc: fsl: select FSL_GUTS driver for DPIO

by Mathew McBride

The soc/fsl/dpio driver will perform a soc_device_match() to determine the optimal cache settings for a given CPU core. If FSL_GUTS is not enabled, this search will fail and the driver will not configure cache stashing for the given DPIO, and a string of "unknown SoC" messages will appear: fsl_mc_dpio dpio.7: unknown SoC version fsl_mc_dpio dpio.6: unknown SoC version fsl_mc_dpio dpio.5: unknown SoC version Signed-off-by: Mathew McBride <matt(a)traverse.com.au> Fixes: 51da14e96e9b ("soc: fsl: dpio: configure cache stashing destination") Cc: stable(a)vger.kernel.org --- drivers/soc/fsl/Kconfig | 1 + 1 file changed, 1 insertion(+) diff --git a/drivers/soc/fsl/Kconfig b/drivers/soc/fsl/Kconfig index 07d52cafbb31..fcec6ed83d5e 100644 --- a/drivers/soc/fsl/Kconfig +++ b/drivers/soc/fsl/Kconfig @@ -24,6 +24,7 @@ config FSL_MC_DPIO tristate "QorIQ DPAA2 DPIO driver" depends on FSL_MC_BUS select SOC_BUS + select FSL_GUTS select DIMLIB help Driver for the DPAA2 DPIO object. A DPIO provides queue and -- 2.30.1

3 years

2
1
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-stable-mirror June 2022