June 2024 - Linux-stable-mirror

Candidates for stable v6.9..v6.10-rc1 Out Of Bounds

by Ronnie Sahlberg

These commits reference out.of.bound between v6.9 and v6.10-rc1 These commits are not, yet, in stable/linux-rolling-stable. Let me know if you would rather me compare to a different repo/branch. The list has been manually pruned to only contain commits that look like actual issues. If they contain a Fixes line it has been verified that at least one of the commits that the Fixes tag(s) reference is in stable/linux-rolling-stable 2ba24864d2f61b52210b Syz Fuzzers, Out of bounds 3ebc46ca8675de6378e3 Syz Fuzzers, Out of bounds 9841991a446c87f90f66 Kernel panic, NULL pointer, Out of bounds 51fafb3cd7fcf4f46826 Out of bounds 45cf976008ddef4a9c9a Out of bounds 8b2faf1a4f3b6c748c0d Out of bounds faa4364bef2ec0060de3 Buffer overflow, Out of bounds 8ee1b439b1540ae54314 Out of bounds 7b4c74cf22d7584d1eb4 Out of bounds 1008368e1c7e36bdec01 Out of bounds -- Ronnie Sahlberg [Principal Software Engineer, Linux] P 775 384 8203 | E [email] | W ciq.com

12 months

2
1
0 0

Candidates for stable v6.9..v6.10-rc1 KASAN

by Ronnie Sahlberg

These commits reference KASAN between v6.9 and v6.10-rc1 These commits are not, yet, in stable/linux-rolling-stable. Let me know if you would rather me compare to a different repo/branch. The list has been manually pruned to only contain commits that look like actual issues. If they contain a Fixes line it has been verified that at least one of the commits that the Fixes tag(s) reference is in stable/linux-rolling-stable 195aba96b854dd664768 KASAN, Out of bounds 2e577732e8d28b9183df Kernel panic, KASAN 20faaf30e55522bba2b5 KASAN, Syz Fuzzers, Out of bounds c1115ddbda9c930fba0f KASAN, NULL pointer -- Ronnie Sahlberg [Principal Software Engineer, Linux] P 775 384 8203 | E [email] | W ciq.com

12 months

2
1
0 0

[PATCH 1/2 v5.10] netfilter: nf_tables: restrict tunnel object to NFPROTO_NETDEV

by Kuntal Nayak

From: Pablo Neira Ayuso <pablo(a)netfilter.org> [ upstream commit 776d451648443f9884be4a1b4e38e8faf1c621f9 ] Bail out on using the tunnel dst template from other than netdev family. Add the infrastructure to check for the family in objects. Fixes: af308b94a2a4 ("netfilter: nf_tables: add tunnel support") Signed-off-by: Pablo Neira Ayuso <pablo(a)netfilter.org> [KN: Backport patch according to v5.10.x source] Signed-off-by: Kuntal Nayak <kuntal.nayak(a)broadcom.com> --- include/net/netfilter/nf_tables.h | 2 ++ net/netfilter/nf_tables_api.c | 14 +++++++++----- net/netfilter/nft_tunnel.c | 1 + 3 files changed, 12 insertions(+), 5 deletions(-) diff --git a/include/net/netfilter/nf_tables.h b/include/net/netfilter/nf_tables.h index 2da11d8c0..ab8d84775 100644 --- a/include/net/netfilter/nf_tables.h +++ b/include/net/netfilter/nf_tables.h @@ -1174,6 +1174,7 @@ void nft_obj_notify(struct net *net, const struct nft_table *table, * @type: stateful object numeric type * @owner: module owner * @maxattr: maximum netlink attribute + * @family: address family for AF-specific object types * @policy: netlink attribute policy */ struct nft_object_type { @@ -1183,6 +1184,7 @@ struct nft_object_type { struct list_head list; u32 type; unsigned int maxattr; + u8 family; struct module *owner; const struct nla_policy *policy; }; diff --git a/net/netfilter/nf_tables_api.c b/net/netfilter/nf_tables_api.c index 858d09b54..de56f25dc 100644 --- a/net/netfilter/nf_tables_api.c +++ b/net/netfilter/nf_tables_api.c @@ -6234,11 +6234,15 @@ static int nft_object_dump(struct sk_buff *skb, unsigned int attr, return -1; } -static const struct nft_object_type *__nft_obj_type_get(u32 objtype) +static const struct nft_object_type *__nft_obj_type_get(u32 objtype, u8 family) { const struct nft_object_type *type; list_for_each_entry(type, &nf_tables_objects, list) { + if (type->family != NFPROTO_UNSPEC && + type->family != family) + continue; + if (objtype == type->type) return type; } @@ -6246,11 +6250,11 @@ static const struct nft_object_type *__nft_obj_type_get(u32 objtype) } static const struct nft_object_type * -nft_obj_type_get(struct net *net, u32 objtype) +nft_obj_type_get(struct net *net, u32 objtype, u8 family) { const struct nft_object_type *type; - type = __nft_obj_type_get(objtype); + type = __nft_obj_type_get(objtype, family); if (type != NULL && try_module_get(type->owner)) return type; @@ -6343,7 +6347,7 @@ static int nf_tables_newobj(struct net *net, struct sock *nlsk, if (nlh->nlmsg_flags & NLM_F_REPLACE) return -EOPNOTSUPP; - type = __nft_obj_type_get(objtype); + type = __nft_obj_type_get(objtype, family); nft_ctx_init(&ctx, net, skb, nlh, family, table, NULL, nla); return nf_tables_updobj(&ctx, type, nla[NFTA_OBJ_DATA], obj); @@ -6354,7 +6358,7 @@ static int nf_tables_newobj(struct net *net, struct sock *nlsk, if (!nft_use_inc(&table->use)) return -EMFILE; - type = nft_obj_type_get(net, objtype); + type = nft_obj_type_get(net, objtype, family); if (IS_ERR(type)) { err = PTR_ERR(type); goto err_type; diff --git a/net/netfilter/nft_tunnel.c b/net/netfilter/nft_tunnel.c index 2ee50996d..c8822fa81 100644 --- a/net/netfilter/nft_tunnel.c +++ b/net/netfilter/nft_tunnel.c @@ -684,6 +684,7 @@ static const struct nft_object_ops nft_tunnel_obj_ops = { static struct nft_object_type nft_tunnel_obj_type __read_mostly = { .type = NFT_OBJECT_TUNNEL, + .family = NFPROTO_NETDEV, .ops = &nft_tunnel_obj_ops, .maxattr = NFTA_TUNNEL_KEY_MAX, .policy = nft_tunnel_key_policy, -- 2.39.3

12 months

2
2
0 0

stable-rc: queue_5.10: arch/powerpc/include/asm/uaccess.h:472:4: error: implicit declaration of function '__get_user_size' [-Werror,-Wimplicit-function-declaration]

by Naresh Kamboju

The Powerpc tinyconfig builds started failing on stable-rc queues for queue_5.10 branch from June 5, 2024. Please find the build log and related links below. Reported-by: Linux Kernel Functional Testing <lkft(a)linaro.org> powerpc: * build/clang-18-tinyconfig * build/clang-nightly-tinyconfig * build/gcc-12-tinyconfig Build error: -------- arch/powerpc/include/asm/uaccess.h:472:4: error: implicit declaration of function '__get_user_size' [-Werror,-Wimplicit-function-declaration] 472 | __get_user_size(*(u8 *)to, from, 1, ret); | metadata: -------- git_describe: v5.10.218-265-g807add29e709 git_repo: https://gitlab.com/Linaro/lkft/mirrors/stable/linux-stable-rc-queues git_short_log: 807add29e709 ("SUNRPC: Fix loop termination condition in gss_free_in_token_pages()") Links: - https://qa-reports.linaro.org/lkft/linux-stable-rc-queues-queue_5.10/build/… - https://qa-reports.linaro.org/lkft/linux-stable-rc-queues-queue_5.10/build/… - https://qa-reports.linaro.org/lkft/linux-stable-rc-queues-queue_5.10/build/… -- Linaro LKFT https://lkft.linaro.org

12 months

1
0
0 0

[PATCH 5.15] sunrpc: exclude from freezer when waiting for requests:

by cel＠kernel.org

From: NeilBrown <neilb(a)suse.de> Prior to v6.1, the freezer will only wake a kernel thread from an uninterruptible sleep. Since we changed svc_get_next_xprt() to use and IDLE sleep the freezer cannot wake it. We need to tell the freezer to ignore it instead. To make this work with only upstream commits, 5.15.y would need commit f5d39b020809 ("freezer,sched: Rewrite core freezer logic") which allows non-interruptible sleeps to be woken by the freezer. Fixes: 9b8a8e5e8129 ("nfsd: don't allow nfsd threads to be signalled.") Tested-by: Jon Hunter <jonathanh(a)nvidia.com> Signed-off-by: NeilBrown <neilb(a)suse.de> --- fs/nfs/callback.c | 2 +- fs/nfsd/nfs4proc.c | 3 ++- net/sunrpc/svc_xprt.c | 4 ++-- 3 files changed, 5 insertions(+), 4 deletions(-) diff --git a/fs/nfs/callback.c b/fs/nfs/callback.c index 46a0a2d6962e..8fe143cad4a2 100644 --- a/fs/nfs/callback.c +++ b/fs/nfs/callback.c @@ -124,7 +124,7 @@ nfs41_callback_svc(void *vrqstp) } else { spin_unlock_bh(&serv->sv_cb_lock); if (!kthread_should_stop()) - schedule(); + freezable_schedule(); finish_wait(&serv->sv_cb_waitq, &wq); } } diff --git a/fs/nfsd/nfs4proc.c b/fs/nfsd/nfs4proc.c index 6779291efca9..e0ff2212866a 100644 --- a/fs/nfsd/nfs4proc.c +++ b/fs/nfsd/nfs4proc.c @@ -38,6 +38,7 @@ #include <linux/slab.h> #include <linux/kthread.h> #include <linux/namei.h> +#include <linux/freezer.h> #include <linux/sunrpc/addr.h> #include <linux/nfs_ssc.h> @@ -1322,7 +1323,7 @@ static __be32 nfsd4_ssc_setup_dul(struct nfsd_net *nn, char *ipaddr, /* allow 20secs for mount/unmount for now - revisit */ if (kthread_should_stop() || - (schedule_timeout(20*HZ) == 0)) { + (freezable_schedule_timeout(20*HZ) == 0)) { finish_wait(&nn->nfsd_ssc_waitq, &wait); kfree(work); return nfserr_eagain; diff --git a/net/sunrpc/svc_xprt.c b/net/sunrpc/svc_xprt.c index b19592673eef..3cf53e3140a5 100644 --- a/net/sunrpc/svc_xprt.c +++ b/net/sunrpc/svc_xprt.c @@ -705,7 +705,7 @@ static int svc_alloc_arg(struct svc_rqst *rqstp) set_current_state(TASK_RUNNING); return -EINTR; } - schedule_timeout(msecs_to_jiffies(500)); + freezable_schedule_timeout(msecs_to_jiffies(500)); } rqstp->rq_page_end = &rqstp->rq_pages[pages]; rqstp->rq_pages[pages] = NULL; /* this might be seen in nfsd_splice_actor() */ @@ -765,7 +765,7 @@ static struct svc_xprt *svc_get_next_xprt(struct svc_rqst *rqstp, long timeout) smp_mb__after_atomic(); if (likely(rqst_should_sleep(rqstp))) - time_left = schedule_timeout(timeout); + time_left = freezable_schedule_timeout(timeout); else __set_current_state(TASK_RUNNING); -- 2.45.1

12 months

2
1
0 0

[PATCH v2] mtd: spinand: macronix: Add support for serial NAND flash

by Cheng Ming Lin

From: Cheng Ming Lin <chengminglin(a)mxic.com.tw> commit c374839f9b4475173e536d1eaddff45cb481dbdf upstream. MX35UF{1,2,4}GE4AD and MX35UF{1,2}GE4AC have been merged into Linux kernel mainline through upstream commit. For SPI-NAND flash support on Linux kernel LTS v5.4.y, add SPI-NAND flash MX35UF{1,2,4}GE4AD and MX35UF{1,2}GE4AC in id tables. Those five flashes have been validated on Xilinx zynq-picozed board and Linux kernel LTS v5.4.y. Cc: stable(a)vger.kernel.org # 5.4.y Signed-off-by: Cheng Ming Lin <chengminglin(a)mxic.com.tw> --- drivers/mtd/nand/spi/macronix.c | 45 +++++++++++++++++++++++++++++++++ 1 file changed, 45 insertions(+) diff --git a/drivers/mtd/nand/spi/macronix.c b/drivers/mtd/nand/spi/macronix.c index f18c6cfe8ff5..e1446798bfb3 100644 --- a/drivers/mtd/nand/spi/macronix.c +++ b/drivers/mtd/nand/spi/macronix.c @@ -132,6 +132,51 @@ static const struct spinand_info macronix_spinand_table[] = { &update_cache_variants), SPINAND_HAS_QE_BIT, SPINAND_ECCINFO(&mx35lfxge4ab_ooblayout, NULL)), + SPINAND_INFO("MX35UF4GE4AD", 0xb7, + NAND_MEMORG(1, 4096, 256, 64, 2048, 40, 1, 1, 1), + NAND_ECCREQ(8, 512), + SPINAND_INFO_OP_VARIANTS(&read_cache_variants, + &write_cache_variants, + &update_cache_variants), + SPINAND_HAS_QE_BIT, + SPINAND_ECCINFO(&mx35lfxge4ab_ooblayout, + mx35lf1ge4ab_ecc_get_status)), + SPINAND_INFO("MX35UF2GE4AD", 0xa6, + NAND_MEMORG(1, 2048, 128, 64, 2048, 40, 1, 1, 1), + NAND_ECCREQ(8, 512), + SPINAND_INFO_OP_VARIANTS(&read_cache_variants, + &write_cache_variants, + &update_cache_variants), + SPINAND_HAS_QE_BIT, + SPINAND_ECCINFO(&mx35lfxge4ab_ooblayout, + mx35lf1ge4ab_ecc_get_status)), + SPINAND_INFO("MX35UF2GE4AC", 0xa2, + NAND_MEMORG(1, 2048, 64, 64, 2048, 40, 1, 1, 1), + NAND_ECCREQ(4, 512), + SPINAND_INFO_OP_VARIANTS(&read_cache_variants, + &write_cache_variants, + &update_cache_variants), + SPINAND_HAS_QE_BIT, + SPINAND_ECCINFO(&mx35lfxge4ab_ooblayout, + mx35lf1ge4ab_ecc_get_status)), + SPINAND_INFO("MX35UF1GE4AD", 0x96, + NAND_MEMORG(1, 2048, 128, 64, 1024, 20, 1, 1, 1), + NAND_ECCREQ(8, 512), + SPINAND_INFO_OP_VARIANTS(&read_cache_variants, + &write_cache_variants, + &update_cache_variants), + SPINAND_HAS_QE_BIT, + SPINAND_ECCINFO(&mx35lfxge4ab_ooblayout, + mx35lf1ge4ab_ecc_get_status)), + SPINAND_INFO("MX35UF1GE4AC", 0x92, + NAND_MEMORG(1, 2048, 64, 64, 1024, 20, 1, 1, 1), + NAND_ECCREQ(4, 512), + SPINAND_INFO_OP_VARIANTS(&read_cache_variants, + &write_cache_variants, + &update_cache_variants), + SPINAND_HAS_QE_BIT, + SPINAND_ECCINFO(&mx35lfxge4ab_ooblayout, + mx35lf1ge4ab_ecc_get_status)), }; static int macronix_spinand_detect(struct spinand_device *spinand) -- 2.25.1

12 months

2
1
0 0

[PATCH net] bnx2x: Fix multiple UBSAN array-index-out-of-bounds

by Ghadi Elie Rahme

Fix UBSAN warnings that occur when using a system with 32 physical cpu cores or more, or when the user defines a number of ethernet queues greater than or equal to FP_SB_MAX_E1x. The value of the maximum number of Ethernet queues should be limited to FP_SB_MAX_E1x in case FCOE is disabled or to [FP_SB_MAX_E1x-1] if enabled to avoid out of bounds reads and writes. Stack trace: UBSAN: array-index-out-of-bounds in /home/kernel/COD/linux/drivers/net/ethernet/broadcom/bnx2x/bnx2x_stats.c:1529:11 index 20 is out of range for type 'stats_query_entry [19]' CPU: 12 PID: 858 Comm: systemd-network Not tainted 6.9.0-060900rc7-generic #202405052133 Hardware name: HP ProLiant DL360 Gen9/ProLiant DL360 Gen9, BIOS P89 10/21/2019 Call Trace: <TASK> dump_stack_lvl+0x76/0xa0 dump_stack+0x10/0x20 __ubsan_handle_out_of_bounds+0xcb/0x110 bnx2x_prep_fw_stats_req+0x2e1/0x310 [bnx2x] bnx2x_stats_init+0x156/0x320 [bnx2x] bnx2x_post_irq_nic_init+0x81/0x1a0 [bnx2x] bnx2x_nic_load+0x8e8/0x19e0 [bnx2x] bnx2x_open+0x16b/0x290 [bnx2x] __dev_open+0x10e/0x1d0 __dev_change_flags+0x1bb/0x240 ? sock_def_readable+0x52/0xf0 dev_change_flags+0x27/0x80 do_setlink+0xab7/0xe50 ? rtnl_getlink+0x3c7/0x470 ? __nla_validate_parse+0x49/0x1d0 rtnl_setlink+0x12f/0x1f0 ? security_capable+0x47/0x80 rtnetlink_rcv_msg+0x170/0x440 ? ep_done_scan+0xe4/0x100 ? __pfx_rtnetlink_rcv_msg+0x10/0x10 netlink_rcv_skb+0x5d/0x110 rtnetlink_rcv+0x15/0x30 netlink_unicast+0x243/0x380 netlink_sendmsg+0x213/0x460 __sys_sendto+0x21e/0x230 __x64_sys_sendto+0x24/0x40 x64_sys_call+0x1c33/0x25c0 do_syscall_64+0x7e/0x180 ? __task_pid_nr_ns+0x6c/0xc0 ? syscall_exit_to_user_mode+0x81/0x270 ? do_syscall_64+0x8b/0x180 ? do_syscall_64+0x8b/0x180 ? __task_pid_nr_ns+0x6c/0xc0 ? syscall_exit_to_user_mode+0x81/0x270 ? do_syscall_64+0x8b/0x180 ? do_syscall_64+0x8b/0x180 ? exc_page_fault+0x93/0x1b0 entry_SYSCALL_64_after_hwframe+0x76/0x7e RIP: 0033:0x736223927a0a Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb b8 0f 1f 00 f3 0f 1e fa 41 89 ca 64 8b 04 25 18 00 00 00 85 c0 75 15 b8 2c 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 7e c3 0f 1f 44 00 00 41 54 48 83 ec 30 44 89 RSP: 002b:00007ffc0bb2ada8 EFLAGS: 00000246 ORIG_RAX: 000000000000002c RAX: ffffffffffffffda RBX: 0000583df50f9c78 RCX: 0000736223927a0a RDX: 0000000000000020 RSI: 0000583df50ee510 RDI: 0000000000000003 RBP: 0000583df50d4940 R08: 00007ffc0bb2adb0 R09: 0000000000000080 R10: 0000000000000000 R11: 0000000000000246 R12: 0000583df5103ae0 R13: 000000000000035a R14: 0000583df50f9c30 R15: 0000583ddddddf00 </TASK> ---[ end trace ]--- ------------[ cut here ]------------ UBSAN: array-index-out-of-bounds in /home/kernel/COD/linux/drivers/net/ethernet/broadcom/bnx2x/bnx2x_stats.c:1546:11 index 28 is out of range for type 'stats_query_entry [19]' CPU: 12 PID: 858 Comm: systemd-network Not tainted 6.9.0-060900rc7-generic #202405052133 Hardware name: HP ProLiant DL360 Gen9/ProLiant DL360 Gen9, BIOS P89 10/21/2019 Call Trace: <TASK> dump_stack_lvl+0x76/0xa0 dump_stack+0x10/0x20 __ubsan_handle_out_of_bounds+0xcb/0x110 bnx2x_prep_fw_stats_req+0x2fd/0x310 [bnx2x] bnx2x_stats_init+0x156/0x320 [bnx2x] bnx2x_post_irq_nic_init+0x81/0x1a0 [bnx2x] bnx2x_nic_load+0x8e8/0x19e0 [bnx2x] bnx2x_open+0x16b/0x290 [bnx2x] __dev_open+0x10e/0x1d0 __dev_change_flags+0x1bb/0x240 ? sock_def_readable+0x52/0xf0 dev_change_flags+0x27/0x80 do_setlink+0xab7/0xe50 ? rtnl_getlink+0x3c7/0x470 ? __nla_validate_parse+0x49/0x1d0 rtnl_setlink+0x12f/0x1f0 ? security_capable+0x47/0x80 rtnetlink_rcv_msg+0x170/0x440 ? ep_done_scan+0xe4/0x100 ? __pfx_rtnetlink_rcv_msg+0x10/0x10 netlink_rcv_skb+0x5d/0x110 rtnetlink_rcv+0x15/0x30 netlink_unicast+0x243/0x380 netlink_sendmsg+0x213/0x460 __sys_sendto+0x21e/0x230 __x64_sys_sendto+0x24/0x40 x64_sys_call+0x1c33/0x25c0 do_syscall_64+0x7e/0x180 ? __task_pid_nr_ns+0x6c/0xc0 ? syscall_exit_to_user_mode+0x81/0x270 ? do_syscall_64+0x8b/0x180 ? do_syscall_64+0x8b/0x180 ? __task_pid_nr_ns+0x6c/0xc0 ? syscall_exit_to_user_mode+0x81/0x270 ? do_syscall_64+0x8b/0x180 ? do_syscall_64+0x8b/0x180 ? exc_page_fault+0x93/0x1b0 entry_SYSCALL_64_after_hwframe+0x76/0x7e RIP: 0033:0x736223927a0a Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb b8 0f 1f 00 f3 0f 1e fa 41 89 ca 64 8b 04 25 18 00 00 00 85 c0 75 15 b8 2c 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 7e c3 0f 1f 44 00 00 41 54 48 83 ec 30 44 89 RSP: 002b:00007ffc0bb2ada8 EFLAGS: 00000246 ORIG_RAX: 000000000000002c RAX: ffffffffffffffda RBX: 0000583df50f9c78 RCX: 0000736223927a0a RDX: 0000000000000020 RSI: 0000583df50ee510 RDI: 0000000000000003 RBP: 0000583df50d4940 R08: 00007ffc0bb2adb0 R09: 0000000000000080 R10: 0000000000000000 R11: 0000000000000246 R12: 0000583df5103ae0 R13: 000000000000035a R14: 0000583df50f9c30 R15: 0000583ddddddf00 </TASK> ---[ end trace ]--- bnx2x 0000:04:00.1: 32.000 Gb/s available PCIe bandwidth (5.0 GT/s PCIe x8 link) bnx2x 0000:04:00.1 eno50: renamed from eth0 ------------[ cut here ]------------ UBSAN: array-index-out-of-bounds in /home/kernel/COD/linux/drivers/net/ethernet/broadcom/bnx2x/bnx2x_sriov.c:1895:8 index 29 is out of range for type 'stats_query_entry [19]' CPU: 13 PID: 163 Comm: kworker/u96:1 Not tainted 6.9.0-060900rc7-generic #202405052133 Hardware name: HP ProLiant DL360 Gen9/ProLiant DL360 Gen9, BIOS P89 10/21/2019 Workqueue: bnx2x bnx2x_sp_task [bnx2x] Call Trace: <TASK> dump_stack_lvl+0x76/0xa0 dump_stack+0x10/0x20 __ubsan_handle_out_of_bounds+0xcb/0x110 bnx2x_iov_adjust_stats_req+0x3c4/0x3d0 [bnx2x] bnx2x_storm_stats_post.part.0+0x4a/0x330 [bnx2x] ? bnx2x_hw_stats_post+0x231/0x250 [bnx2x] bnx2x_stats_start+0x44/0x70 [bnx2x] bnx2x_stats_handle+0x149/0x350 [bnx2x] bnx2x_attn_int_asserted+0x998/0x9b0 [bnx2x] bnx2x_sp_task+0x491/0x5c0 [bnx2x] process_one_work+0x18d/0x3f0 worker_thread+0x304/0x440 ? __pfx_worker_thread+0x10/0x10 kthread+0xe4/0x110 ? __pfx_kthread+0x10/0x10 ret_from_fork+0x47/0x70 ? __pfx_kthread+0x10/0x10 ret_from_fork_asm+0x1a/0x30 </TASK> ---[ end trace ]--- Fixes: 7d0445d66a76 ("bnx2x: clamp num_queues to prevent passing a negative value") Signed-off-by: Ghadi Elie Rahme <ghadi.rahme(a)canonical.com> --- drivers/net/ethernet/broadcom/bnx2x/bnx2x_cmn.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/drivers/net/ethernet/broadcom/bnx2x/bnx2x_cmn.c b/drivers/net/ethernet/broadcom/bnx2x/bnx2x_cmn.c index a8e07e51418f..837617b99089 100644 --- a/drivers/net/ethernet/broadcom/bnx2x/bnx2x_cmn.c +++ b/drivers/net/ethernet/broadcom/bnx2x/bnx2x_cmn.c @@ -66,7 +66,12 @@ static int bnx2x_calc_num_queues(struct bnx2x *bp) if (is_kdump_kernel()) nq = 1; - nq = clamp(nq, 1, BNX2X_MAX_QUEUES(bp)); + int max_nq = FP_SB_MAX_E1x - 1; + + if(NO_FCOE(bp)) + max_nq = FP_SB_MAX_E1x; + + nq = clamp(nq, 1, max_nq); return nq; } -- 2.43.0

12 months

4
3
0 0

[PATCH 6.9.y] erofs: avoid allocating DEFLATE streams before mounting

by Gao Xiang

commit 80eb4f62056d6ae709bdd0636ab96ce660f494b2 upstream. Currently, each DEFLATE stream takes one 32 KiB permanent internal window buffer even if there is no running instance which uses DEFLATE algorithm. It's unexpected and wasteful on embedded devices with limited resources and servers with hundreds of CPU cores if DEFLATE is enabled but unused. Fixes: ffa09b3bd024 ("erofs: DEFLATE compression support") Cc: <stable(a)vger.kernel.org> # 6.6+ Reviewed-by: Sandeep Dhavale <dhavale(a)google.com> Signed-off-by: Gao Xiang <hsiangkao(a)linux.alibaba.com> Link: https://lore.kernel.org/r/20240520090106.2898681-1-hsiangkao@linux.alibaba.… --- fs/erofs/decompressor_deflate.c | 55 +++++++++++++++++---------------- 1 file changed, 29 insertions(+), 26 deletions(-) diff --git a/fs/erofs/decompressor_deflate.c b/fs/erofs/decompressor_deflate.c index 81e65c453ef0..3a3461561a3c 100644 --- a/fs/erofs/decompressor_deflate.c +++ b/fs/erofs/decompressor_deflate.c @@ -46,39 +46,15 @@ int __init z_erofs_deflate_init(void) /* by default, use # of possible CPUs instead */ if (!z_erofs_deflate_nstrms) z_erofs_deflate_nstrms = num_possible_cpus(); - - for (; z_erofs_deflate_avail_strms < z_erofs_deflate_nstrms; - ++z_erofs_deflate_avail_strms) { - struct z_erofs_deflate *strm; - - strm = kzalloc(sizeof(*strm), GFP_KERNEL); - if (!strm) - goto out_failed; - - /* XXX: in-kernel zlib cannot shrink windowbits currently */ - strm->z.workspace = vmalloc(zlib_inflate_workspacesize()); - if (!strm->z.workspace) { - kfree(strm); - goto out_failed; - } - - spin_lock(&z_erofs_deflate_lock); - strm->next = z_erofs_deflate_head; - z_erofs_deflate_head = strm; - spin_unlock(&z_erofs_deflate_lock); - } return 0; - -out_failed: - erofs_err(NULL, "failed to allocate zlib workspace"); - z_erofs_deflate_exit(); - return -ENOMEM; } int z_erofs_load_deflate_config(struct super_block *sb, struct erofs_super_block *dsb, void *data, int size) { struct z_erofs_deflate_cfgs *dfl = data; + static DEFINE_MUTEX(deflate_resize_mutex); + static bool inited; if (!dfl || size < sizeof(struct z_erofs_deflate_cfgs)) { erofs_err(sb, "invalid deflate cfgs, size=%u", size); @@ -89,9 +65,36 @@ int z_erofs_load_deflate_config(struct super_block *sb, erofs_err(sb, "unsupported windowbits %u", dfl->windowbits); return -EOPNOTSUPP; } + mutex_lock(&deflate_resize_mutex); + if (!inited) { + for (; z_erofs_deflate_avail_strms < z_erofs_deflate_nstrms; + ++z_erofs_deflate_avail_strms) { + struct z_erofs_deflate *strm; + + strm = kzalloc(sizeof(*strm), GFP_KERNEL); + if (!strm) + goto failed; + /* XXX: in-kernel zlib cannot customize windowbits */ + strm->z.workspace = vmalloc(zlib_inflate_workspacesize()); + if (!strm->z.workspace) { + kfree(strm); + goto failed; + } + spin_lock(&z_erofs_deflate_lock); + strm->next = z_erofs_deflate_head; + z_erofs_deflate_head = strm; + spin_unlock(&z_erofs_deflate_lock); + } + inited = true; + } + mutex_unlock(&deflate_resize_mutex); erofs_info(sb, "EXPERIMENTAL DEFLATE feature in use. Use at your own risk!"); return 0; +failed: + mutex_unlock(&deflate_resize_mutex); + z_erofs_deflate_exit(); + return -ENOMEM; } int z_erofs_deflate_decompress(struct z_erofs_decompress_req *rq, -- 2.39.3

12 months

2
5
0 0

[PATCH 4.19.y] neighbour: fix unaligned access to pneigh_entry

by Qingfang Deng

From: Qingfang Deng <qingfang.deng(a)siflower.com.cn> [ Upstream commit ed779fe4c9b5a20b4ab4fd6f3e19807445bb78c7 ] After the blamed commit, the member key is longer 4-byte aligned. On platforms that do not support unaligned access, e.g., MIPS32R2 with unaligned_action set to 1, this will trigger a crash when accessing an IPv6 pneigh_entry, as the key is cast to an in6_addr pointer. Change the type of the key to u32 to make it aligned. Fixes: 62dd93181aaa ("[IPV6] NDISC: Set per-entry is_router flag in Proxy NA.") Signed-off-by: Qingfang Deng <qingfang.deng(a)siflower.com.cn> --- include/net/neighbour.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/net/neighbour.h b/include/net/neighbour.h index e58ef9e338de..4c53e51f0799 100644 --- a/include/net/neighbour.h +++ b/include/net/neighbour.h @@ -172,7 +172,7 @@ struct pneigh_entry { possible_net_t net; struct net_device *dev; u8 flags; - u8 key[0]; + u32 key[0]; }; /* -- 2.34.1

12 months

2
1
0 0

[PATCH stable-5.15.y 0/2] Fix PTP received on wrong port with bridged SJA1105 DSA

by Vladimir Oltean

It has been brought to my attention that what had been fixed 1 year ago here for kernels 5.18 and later: https://lore.kernel.org/netdev/20230626155112.3155993-1-vladimir.oltean@nxp… is still broken on linux-5.15.y. Short summary: PTP boundary clock is broken for ports under a VLAN-aware bridge. The reason is that the Fixes: tags in those patches were wrong. The issue originated from earlier, but the changes from 5.18 (blamed there), aka DSA FDB isolation, masked that. A straightforward cherry-pick was not possible, due to the conflict with the aforementioned DSA FDB isolation work from 5.18. So I redid patch 2/2 and marked what I had to adapt. Tested on the NXP LS1021A-TSN board. Vladimir Oltean (2): net: dsa: sja1105: always enable the INCL_SRCPT option net: dsa: tag_sja1105: always prefer source port information from INCL_SRCPT drivers/net/dsa/sja1105/sja1105_main.c | 9 ++----- net/dsa/tag_sja1105.c | 34 ++++++++++++++++++++------ 2 files changed, 28 insertions(+), 15 deletions(-) --- I'm sorry for the people who will want to backport DSA FDB isolation to linux-5.15.y :( -- 2.34.1

12 months

2
3
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-stable-mirror June 2024