- Linux-stable-mirror - lists.linaro.org

[Linux-stable-mirror] Patch "KVM: PPC: Book3S HV: Fix exclusion between HPT resizing and other HPT updates" has been added to the 4.13-stable tree

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled KVM: PPC: Book3S HV: Fix exclusion between HPT resizing and other HPT updates to the 4.13-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… The filename of the patch is: kvm-ppc-book3s-hv-fix-exclusion-between-hpt-resizing-and-other-hpt-updates.patch and it can be found in the queue-4.13 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable(a)vger.kernel.org> know about it. >From 38c53af853069adf87181684370d7b8866d6387b Mon Sep 17 00:00:00 2001 From: Paul Mackerras <paulus(a)ozlabs.org> Date: Wed, 8 Nov 2017 14:44:04 +1100 Subject: KVM: PPC: Book3S HV: Fix exclusion between HPT resizing and other HPT updates From: Paul Mackerras <paulus(a)ozlabs.org> commit 38c53af853069adf87181684370d7b8866d6387b upstream. Commit 5e9859699aba ("KVM: PPC: Book3S HV: Outline of KVM-HV HPT resizing implementation", 2016-12-20) added code that tries to exclude any use or update of the hashed page table (HPT) while the HPT resizing code is iterating through all the entries in the HPT. It does this by taking the kvm->lock mutex, clearing the kvm->arch.hpte_setup_done flag and then sending an IPI to all CPUs in the host. The idea is that any VCPU task that tries to enter the guest will see that the hpte_setup_done flag is clear and therefore call kvmppc_hv_setup_htab_rma, which also takes the kvm->lock mutex and will therefore block until we release kvm->lock. However, any VCPU that is already in the guest, or is handling a hypervisor page fault or hypercall, can re-enter the guest without rechecking the hpte_setup_done flag. The IPI will cause a guest exit of any VCPUs that are currently in the guest, but does not prevent those VCPU tasks from immediately re-entering the guest. The result is that after resize_hpt_rehash_hpte() has made a HPTE absent, a hypervisor page fault can occur and make that HPTE present again. This includes updating the rmap array for the guest real page, meaning that we now have a pointer in the rmap array which connects with pointers in the old rev array but not the new rev array. In fact, if the HPT is being reduced in size, the pointer in the rmap array could point outside the bounds of the new rev array. If that happens, we can get a host crash later on such as this one: [91652.628516] Unable to handle kernel paging request for data at address 0xd0000000157fb10c [91652.628668] Faulting instruction address: 0xc0000000000e2640 [91652.628736] Oops: Kernel access of bad area, sig: 11 [#1] [91652.628789] LE SMP NR_CPUS=1024 NUMA PowerNV [91652.628847] Modules linked in: binfmt_misc vhost_net vhost tap xt_CHECKSUM ipt_MASQUERADE nf_nat_masquerade_ipv4 ip6t_rpfilter ip6t_REJECT nf_reject_ipv6 nf_conntrack_ipv6 nf_defrag_ipv6 xt_conntrack ip_set nfnetlink ebtable_nat ebtable_broute bridge stp llc ip6table_mangle ip6table_security ip6table_raw iptable_nat nf_conntrack_ipv4 nf_defrag_ipv4 nf_nat_ipv4 nf_nat nf_conntrack libcrc32c iptable_mangle iptable_security iptable_raw ebtable_filter ebtables ip6table_filter ip6_tables ses enclosure scsi_transport_sas i2c_opal ipmi_powernv ipmi_devintf i2c_core ipmi_msghandler powernv_op_panel nfsd auth_rpcgss oid_registry nfs_acl lockd grace sunrpc kvm_hv kvm_pr kvm scsi_dh_alua dm_service_time dm_multipath tg3 ptp pps_core [last unloaded: stap_552b612747aec2da355051e464fa72a1_14259] [91652.629566] CPU: 136 PID: 41315 Comm: CPU 21/KVM Tainted: G O 4.14.0-1.rc4.dev.gitb27fc5c.el7.centos.ppc64le #1 [91652.629684] task: c0000007a419e400 task.stack: c0000000028d8000 [91652.629750] NIP: c0000000000e2640 LR: d00000000c36e498 CTR: c0000000000e25f0 [91652.629829] REGS: c0000000028db5d0 TRAP: 0300 Tainted: G O (4.14.0-1.rc4.dev.gitb27fc5c.el7.centos.ppc64le) [91652.629932] MSR: 900000010280b033 <SF,HV,VEC,VSX,EE,FP,ME,IR,DR,RI,LE,TM[E]> CR: 44022422 XER: 00000000 [91652.630034] CFAR: d00000000c373f84 DAR: d0000000157fb10c DSISR: 40000000 SOFTE: 1 [91652.630034] GPR00: d00000000c36e498 c0000000028db850 c000000001403900 c0000007b7960000 [91652.630034] GPR04: d0000000117fb100 d000000007ab00d8 000000000033bb10 0000000000000000 [91652.630034] GPR08: fffffffffffffe7f 801001810073bb10 d00000000e440000 d00000000c373f70 [91652.630034] GPR12: c0000000000e25f0 c00000000fdb9400 f000000003b24680 0000000000000000 [91652.630034] GPR16: 00000000000004fb 00007ff7081a0000 00000000000ec91a 000000000033bb10 [91652.630034] GPR20: 0000000000010000 00000000001b1190 0000000000000001 0000000000010000 [91652.630034] GPR24: c0000007b7ab8038 d0000000117fb100 0000000ec91a1190 c000001e6a000000 [91652.630034] GPR28: 00000000033bb100 000000000073bb10 c0000007b7960000 d0000000157fb100 [91652.630735] NIP [c0000000000e2640] kvmppc_add_revmap_chain+0x50/0x120 [91652.630806] LR [d00000000c36e498] kvmppc_book3s_hv_page_fault+0xbb8/0xc40 [kvm_hv] [91652.630884] Call Trace: [91652.630913] [c0000000028db850] [c0000000028db8b0] 0xc0000000028db8b0 (unreliable) [91652.630996] [c0000000028db8b0] [d00000000c36e498] kvmppc_book3s_hv_page_fault+0xbb8/0xc40 [kvm_hv] [91652.631091] [c0000000028db9e0] [d00000000c36a078] kvmppc_vcpu_run_hv+0xdf8/0x1300 [kvm_hv] [91652.631179] [c0000000028dbb30] [d00000000c2248c4] kvmppc_vcpu_run+0x34/0x50 [kvm] [91652.631266] [c0000000028dbb50] [d00000000c220d54] kvm_arch_vcpu_ioctl_run+0x114/0x2a0 [kvm] [91652.631351] [c0000000028dbbd0] [d00000000c2139d8] kvm_vcpu_ioctl+0x598/0x7a0 [kvm] [91652.631433] [c0000000028dbd40] [c0000000003832e0] do_vfs_ioctl+0xd0/0x8c0 [91652.631501] [c0000000028dbde0] [c000000000383ba4] SyS_ioctl+0xd4/0x130 [91652.631569] [c0000000028dbe30] [c00000000000b8e0] system_call+0x58/0x6c [91652.631635] Instruction dump: [91652.631676] fba1ffe8 fbc1fff0 fbe1fff8 f8010010 f821ffa1 2fa70000 793d0020 e9432110 [91652.631814] 7bbf26e4 7c7e1b78 7feafa14 409e0094 <807f000c> 786326e4 7c6a1a14 93a40008 [91652.631959] ---[ end trace ac85ba6db72e5b2e ]--- To fix this, we tighten up the way that the hpte_setup_done flag is checked to ensure that it does provide the guarantee that the resizing code needs. In kvmppc_run_core(), we check the hpte_setup_done flag after disabling interrupts and refuse to enter the guest if it is clear (for a HPT guest). The code that checks hpte_setup_done and calls kvmppc_hv_setup_htab_rma() is moved from kvmppc_vcpu_run_hv() to a point inside the main loop in kvmppc_run_vcpu(), ensuring that we don't just spin endlessly calling kvmppc_run_core() while hpte_setup_done is clear, but instead have a chance to block on the kvm->lock mutex. Finally we also check hpte_setup_done inside the region in kvmppc_book3s_hv_page_fault() where the HPTE is locked and we are about to update the HPTE, and bail out if it is clear. If another CPU is inside kvm_vm_ioctl_resize_hpt_commit) and has cleared hpte_setup_done, then we know that either we are looking at a HPTE that resize_hpt_rehash_hpte() has not yet processed, which is OK, or else we will see hpte_setup_done clear and refuse to update it, because of the full barrier formed by the unlock of the HPTE in resize_hpt_rehash_hpte() combined with the locking of the HPTE in kvmppc_book3s_hv_page_fault(). Fixes: 5e9859699aba ("KVM: PPC: Book3S HV: Outline of KVM-HV HPT resizing implementation") Reported-by: Satheesh Rajendran <satheera(a)in.ibm.com> Signed-off-by: Paul Mackerras <paulus(a)ozlabs.org> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- arch/powerpc/kvm/book3s_64_mmu_hv.c | 10 ++++++++++ arch/powerpc/kvm/book3s_hv.c | 29 +++++++++++++++++++---------- 2 files changed, 29 insertions(+), 10 deletions(-) --- a/arch/powerpc/kvm/book3s_64_mmu_hv.c +++ b/arch/powerpc/kvm/book3s_64_mmu_hv.c @@ -645,6 +645,16 @@ int kvmppc_book3s_hv_page_fault(struct k hnow_v = hpte_new_to_old_v(hnow_v, hnow_r); hnow_r = hpte_new_to_old_r(hnow_r); } + + /* + * If the HPT is being resized, don't update the HPTE, + * instead let the guest retry after the resize operation is complete. + * The synchronization for hpte_setup_done test vs. set is provided + * by the HPTE lock. + */ + if (!kvm->arch.hpte_setup_done) + goto out_unlock; + if ((hnow_v & ~HPTE_V_HVLOCK) != hpte[0] || hnow_r != hpte[1] || rev->guest_rpte != hpte[2]) /* HPTE has been changed under us; let the guest retry */ --- a/arch/powerpc/kvm/book3s_hv.c +++ b/arch/powerpc/kvm/book3s_hv.c @@ -2688,11 +2688,14 @@ static noinline void kvmppc_run_core(str * Hard-disable interrupts, and check resched flag and signals. * If we need to reschedule or deliver a signal, clean up * and return without going into the guest(s). + * If the hpte_setup_done flag has been cleared, don't go into the + * guest because that means a HPT resize operation is in progress. */ local_irq_disable(); hard_irq_disable(); if (lazy_irq_pending() || need_resched() || - recheck_signals(&core_info)) { + recheck_signals(&core_info) || + (!kvm_is_radix(vc->kvm) && !vc->kvm->arch.hpte_setup_done)) { local_irq_enable(); vc->vcore_state = VCORE_INACTIVE; /* Unlock all except the primary vcore */ @@ -3061,7 +3064,7 @@ out: static int kvmppc_run_vcpu(struct kvm_run *kvm_run, struct kvm_vcpu *vcpu) { - int n_ceded, i; + int n_ceded, i, r; struct kvmppc_vcore *vc; struct kvm_vcpu *v; @@ -3115,6 +3118,20 @@ static int kvmppc_run_vcpu(struct kvm_ru while (vcpu->arch.state == KVMPPC_VCPU_RUNNABLE && !signal_pending(current)) { + /* See if the HPT and VRMA are ready to go */ + if (!kvm_is_radix(vcpu->kvm) && + !vcpu->kvm->arch.hpte_setup_done) { + spin_unlock(&vc->lock); + r = kvmppc_hv_setup_htab_rma(vcpu); + spin_lock(&vc->lock); + if (r) { + kvm_run->exit_reason = KVM_EXIT_FAIL_ENTRY; + kvm_run->fail_entry.hardware_entry_failure_reason = 0; + vcpu->arch.ret = r; + break; + } + } + if (vc->vcore_state == VCORE_PREEMPT && vc->runner == NULL) kvmppc_vcore_end_preempt(vc); @@ -3232,13 +3249,6 @@ static int kvmppc_vcpu_run_hv(struct kvm /* Order vcpus_running vs. hpte_setup_done, see kvmppc_alloc_reset_hpt */ smp_mb(); - /* On the first time here, set up HTAB and VRMA */ - if (!kvm_is_radix(vcpu->kvm) && !vcpu->kvm->arch.hpte_setup_done) { - r = kvmppc_hv_setup_htab_rma(vcpu); - if (r) - goto out; - } - flush_all_to_thread(current); /* Save userspace EBB and other register values */ @@ -3286,7 +3296,6 @@ static int kvmppc_vcpu_run_hv(struct kvm } mtspr(SPRN_VRSAVE, user_vrsave); - out: vcpu->arch.state = KVMPPC_VCPU_NOTREADY; atomic_dec(&vcpu->kvm->arch.vcpus_running); return r; Patches currently in stable-queue which might be from paulus(a)ozlabs.org are queue-4.13/kvm-ppc-book3s-hv-fix-exclusion-between-hpt-resizing-and-other-hpt-updates.patch

7 years, 2 months

1
0
0 0

[Linux-stable-mirror] Patch "Input: elan_i2c - add ELAN060C to the ACPI table" has been added to the 4.13-stable tree

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled Input: elan_i2c - add ELAN060C to the ACPI table to the 4.13-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… The filename of the patch is: input-elan_i2c-add-elan060c-to-the-acpi-table.patch and it can be found in the queue-4.13 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable(a)vger.kernel.org> know about it. >From cdea6a30c2689cc33b34c6691b57cca277f0c5dc Mon Sep 17 00:00:00 2001 From: Kai-Heng Feng <kai.heng.feng(a)canonical.com> Date: Tue, 7 Nov 2017 16:19:24 -0800 Subject: Input: elan_i2c - add ELAN060C to the ACPI table From: Kai-Heng Feng <kai.heng.feng(a)canonical.com> commit cdea6a30c2689cc33b34c6691b57cca277f0c5dc upstream. ELAN060C touchpad uses elan_i2c as its driver. It can be found on Lenovo ideapad 320-14AST. BugLink: https://bugs.launchpad.net/bugs/1727544 Signed-off-by: Kai-Heng Feng <kai.heng.feng(a)canonical.com> Signed-off-by: Dmitry Torokhov <dmitry.torokhov(a)gmail.com> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- drivers/input/mouse/elan_i2c_core.c | 1 + 1 file changed, 1 insertion(+) --- a/drivers/input/mouse/elan_i2c_core.c +++ b/drivers/input/mouse/elan_i2c_core.c @@ -1253,6 +1253,7 @@ static const struct acpi_device_id elan_ { "ELAN0605", 0 }, { "ELAN0609", 0 }, { "ELAN060B", 0 }, + { "ELAN060C", 0 }, { "ELAN0611", 0 }, { "ELAN1000", 0 }, { } Patches currently in stable-queue which might be from kai.heng.feng(a)canonical.com are queue-4.13/input-elan_i2c-add-elan060c-to-the-acpi-table.patch

7 years, 2 months

1
0
0 0

[Linux-stable-mirror] Patch "drm/vmwgfx: Fix Ubuntu 17.10 Wayland black screen issue" has been added to the 4.13-stable tree

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled drm/vmwgfx: Fix Ubuntu 17.10 Wayland black screen issue to the 4.13-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… The filename of the patch is: drm-vmwgfx-fix-ubuntu-17.10-wayland-black-screen-issue.patch and it can be found in the queue-4.13 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable(a)vger.kernel.org> know about it. >From cef75036c40408ba3bc308bcb00a3d440da713fc Mon Sep 17 00:00:00 2001 From: Sinclair Yeh <syeh(a)vmware.com> Date: Wed, 1 Nov 2017 10:47:05 -0700 Subject: drm/vmwgfx: Fix Ubuntu 17.10 Wayland black screen issue From: Sinclair Yeh <syeh(a)vmware.com> commit cef75036c40408ba3bc308bcb00a3d440da713fc upstream. This is an extension of Commit 7c20d213dd3c ("drm/vmwgfx: Work around mode set failure in 2D VMs") With Wayland desktop and atomic mode set, during the mode setting process there is a moment when two framebuffer sized surfaces are being pinned. This was not an issue with Xorg. Since this only happens during a mode change, there should be no performance impact by increasing allowable mem_size. Signed-off-by: Sinclair Yeh <syeh(a)vmware.com> Reviewed-by: Thomas Hellstrom <thellstrom(a)vmware.com> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- drivers/gpu/drm/vmwgfx/vmwgfx_drv.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) --- a/drivers/gpu/drm/vmwgfx/vmwgfx_drv.c +++ b/drivers/gpu/drm/vmwgfx/vmwgfx_drv.c @@ -722,7 +722,7 @@ static int vmw_driver_load(struct drm_de * allocation taken by fbdev */ if (!(dev_priv->capabilities & SVGA_CAP_3D)) - mem_size *= 2; + mem_size *= 3; dev_priv->max_mob_pages = mem_size * 1024 / PAGE_SIZE; dev_priv->prim_bb_mem = Patches currently in stable-queue which might be from syeh(a)vmware.com are queue-4.13/drm-vmwgfx-fix-ubuntu-17.10-wayland-black-screen-issue.patch

7 years, 2 months

1
0
0 0

[Linux-stable-mirror] Patch "MIPS: AR7: Ensure that serial ports are properly set up" has been added to the 3.18-stable tree

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled MIPS: AR7: Ensure that serial ports are properly set up to the 3.18-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… The filename of the patch is: mips-ar7-ensure-that-serial-ports-are-properly-set-up.patch and it can be found in the queue-3.18 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable(a)vger.kernel.org> know about it. >From b084116f8587b222a2c5ef6dcd846f40f24b9420 Mon Sep 17 00:00:00 2001 From: Oswald Buddenhagen <oswald.buddenhagen(a)gmx.de> Date: Sun, 29 Oct 2017 16:27:20 +0100 Subject: MIPS: AR7: Ensure that serial ports are properly set up From: Oswald Buddenhagen <oswald.buddenhagen(a)gmx.de> commit b084116f8587b222a2c5ef6dcd846f40f24b9420 upstream. Without UPF_FIXED_TYPE, the data from the PORT_AR7 uart_config entry is never copied, resulting in a dead port. Fixes: 154615d55459 ("MIPS: AR7: Use correct UART port type") Signed-off-by: Oswald Buddenhagen <oswald.buddenhagen(a)gmx.de> [jonas.gorski: add Fixes tag] Signed-off-by: Jonas Gorski <jonas.gorski(a)gmail.com> Reviewed-by: Florian Fainelli <f.fainelli(a)gmail.com> Cc: Ralf Baechle <ralf(a)linux-mips.org> Cc: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Cc: Yoshihiro YUNOMAE <yoshihiro.yunomae.ez(a)hitachi.com> Cc: Nicolas Schichan <nschichan(a)freebox.fr> Cc: Oswald Buddenhagen <oswald.buddenhagen(a)gmx.de> Cc: linux-mips(a)linux-mips.org Cc: linux-serial(a)vger.kernel.org Patchwork: https://patchwork.linux-mips.org/patch/17543/ Signed-off-by: James Hogan <jhogan(a)kernel.org> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- arch/mips/ar7/platform.c | 1 + 1 file changed, 1 insertion(+) --- a/arch/mips/ar7/platform.c +++ b/arch/mips/ar7/platform.c @@ -581,6 +581,7 @@ static int __init ar7_register_uarts(voi uart_port.type = PORT_AR7; uart_port.uartclk = clk_get_rate(bus_clk) / 2; uart_port.iotype = UPIO_MEM32; + uart_port.flags = UPF_FIXED_TYPE; uart_port.regshift = 2; uart_port.line = 0; Patches currently in stable-queue which might be from oswald.buddenhagen(a)gmx.de are queue-3.18/mips-ar7-ensure-that-serial-ports-are-properly-set-up.patch

7 years, 2 months

1
0
0 0

[Linux-stable-mirror] [PATCH 0/4] fix device-dax pud crash and fixup {pte, pmd, pud}_write

by Dan Williams

Andrew, Here is a new version to the pud_write() fix [1], and some follow-on patches to use the '_access_permitted' helpers in fault and get_user_pages() paths where we are checking if the thread has access to write. I explicitly omit conversions for places where the kernel is checking the _PAGE_RW flag for kernel purposes, not for userspace access. Beyond fixing the crash, this series also fixes get_user_pages() and fault paths to honor protection keys in the same manner as get_user_pages_fast(). Only the crash fix is tagged for -stable as the protection key check is done just for consistency reasons since userspace can change protection keys at will. [1]: https://lists.01.org/pipermail/linux-nvdimm/2017-November/013237.html --- Dan Williams (4): mm: fix device-dax pud write-faults triggered by get_user_pages() mm: replace pud_write with pud_access_permitted in fault + gup paths mm: replace pmd_write with pmd_access_permitted in fault + gup paths mm: replace pte_write with pte_access_permitted in fault + gup paths arch/sparc/mm/gup.c | 4 ++-- arch/x86/include/asm/pgtable.h | 6 ++++++ fs/dax.c | 3 ++- include/asm-generic/pgtable.h | 9 +++++++++ include/linux/hugetlb.h | 8 -------- mm/gup.c | 2 +- mm/hmm.c | 8 ++++---- mm/huge_memory.c | 6 +++--- mm/memory.c | 8 ++++---- 9 files changed, 31 insertions(+), 23 deletions(-)

7 years, 2 months

1
1
0 0

Re: [Linux-stable-mirror] [PATCH] KVM: SVM: obey guest PAT

by Radim Krčmář

2017-10-26 09:13+0200, Paolo Bonzini: > For many years some users of assigned devices have reported worse > performance on AMD processors with NPT than on AMD without NPT, > Intel or bare metal. > > The reason turned out to be that SVM is discarding the guest PAT > setting and uses the default (PA0=PA4=WB, PA1=PA5=WT, PA2=PA6=UC-, > PA3=UC). The guest might be using a different setting, and > especially might want write combining but isn't getting it > (instead getting slow UC or UC- accesses). > > Thanks a lot to geoff(a)hostfission.com for noticing the relation > to the g_pat setting. The patch has been tested also by a bunch > of people on VFIO users forums. > > Fixes: 709ddebf81cb40e3c36c6109a7892e8b93a09464 > Fixes: https://bugzilla.kernel.org/show_bug.cgi?id=196409 > Cc: stable(a)vger.kernel.org > Signed-off-by: Paolo Bonzini <pbonzini(a)redhat.com> Applied, thanks.

7 years, 2 months

1
0
0 0

Re: [Linux-stable-mirror] FAILED: patch "[PATCH] KEYS: trusted: fix writing past end of buffer in" failed to apply to 4.9-stable tree

by Greg KH

On Mon, Nov 06, 2017 at 06:06:19AM -0500, Mimi Zohar wrote: > Hi Greg, > > On Sun, 2017-11-05 at 15:18 +0100, gregkh(a)linuxfoundation.org wrote: > > The patch below does not apply to the 4.9-stable tree. > > If someone wants it applied there, or to any other stable or longterm > > tree, then please email the backport, including the original git commit > > id to <stable(a)vger.kernel.org>. > > > > thanks, > > > > greg k-h > > This commit needs to prereq commit ee618b4619b7 "KEYS: trusted: > sanitize all key material". Thanks, that fixes the issue for 4.4 and 4.9, but not for 3.18 :( thanks, greg k-h

7 years, 2 months

3
2
0 0

Re: [Linux-stable-mirror] [PATCH] lib/mpi: call cond_resched() from mpi_powm() loop

by Herbert Xu

On Mon, Nov 06, 2017 at 10:19:51PM -0800, Eric Biggers wrote: > From: Eric Biggers <ebiggers(a)google.com> > > On a non-preemptible kernel, if KEYCTL_DH_COMPUTE is called with the > largest permitted inputs (16384 bits), the kernel spends 10+ seconds > doing modular exponentiation in mpi_powm() without rescheduling. If all > threads do it, it locks up the system. Moreover, it can cause > rcu_sched-stall warnings. > > Notwithstanding the insanity of doing this calculation in kernel mode > rather than in userspace, fix it by calling cond_resched() as each bit > from the exponent is processed. It's still noninterruptible, but at > least it's preemptible now. > > Cc: stable(a)vger.kernel.org # v4.12+ > Signed-off-by: Eric Biggers <ebiggers(a)google.com> Patch applied. Thanks. -- Email: Herbert Xu <herbert(a)gondor.apana.org.au> Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

7 years, 2 months

2
1
0 0

Re: [Linux-stable-mirror] [PATCH] usb: f_fs: Drop check on Reserved1 field on OS_DESC_EXT_COMPAT

by John Keeping

On Fri, 10 Nov 2017 12:40:39 +0200, Felipe Balbi wrote: > John Keeping <john(a)metanate.com> writes: > > This check has gone through several incompatible variations in commits > > 53642399aa71 ("usb: gadget: f_fs: Fix wrong check on reserved1 of > > OS_DESC_EXT_COMPAT"), 354bc45bf329 ("usb: gadget: f_fs: Fix ExtCompat > > descriptor validation") and 3ba534df815f ("Revert "usb: gadget: f_fs: > > Fix ExtCompat descriptor validation"") after initially being introduced > > in commit f0175ab51993 ("usb: gadget: f_fs: OS descriptors support"). > > > > The various changes make it impossible for a single userspace > > implementation to work with different kernel versions, so let's just > > drop the condition to avoid breaking userspace. > > > > Fixes: 53642399aa71 ("usb: gadget: f_fs: Fix wrong check on reserved1 of OS_DESC_EXT_COMPAT") > > Cc: stable(a)vger.kernel.org # v4.7+ > > Signed-off-by: John Keeping <john(a)metanate.com> > > --- > > drivers/usb/gadget/function/f_fs.c | 3 +-- > > 1 file changed, 1 insertion(+), 2 deletions(-) > > > > diff --git a/drivers/usb/gadget/function/f_fs.c b/drivers/usb/gadget/function/f_fs.c > > index 652397eda6d6..0d9962834345 100644 > > --- a/drivers/usb/gadget/function/f_fs.c > > +++ b/drivers/usb/gadget/function/f_fs.c > > @@ -2282,8 +2282,7 @@ static int __ffs_data_do_os_desc(enum ffs_os_desc_type type, > > int i; > > > > if (len < sizeof(*d) || > > - d->bFirstInterfaceNumber >= ffs->interfaces_count || > > - !d->Reserved1) > > + d->bFirstInterfaceNumber >= ffs->interfaces_count) > > return -EINVAL; > > for (i = 0; i < ARRAY_SIZE(d->Reserved2); ++i) > > if (d->Reserved2[i]) > > Sorry, but no. We want to be compliant with the specification. If there > are older still-maintained stable trees which are not working, we need > to backport a fix to them, but we're not allowing uncompliant > implementations. Aren't we allowing non-compliant implementations now? The spec says the value must be 1 but since v4.7 this code has allowed all non-zero values. At this point I don't think the kernel can disallow any values of Reserved1 without breaking someone's userspace.

7 years, 2 months

1
0
0 0

[Linux-stable-mirror] [PATCH v2] drm/fsl-dcu: Don't set connector DPMS property

by Stefan Agner

From: Laurent Pinchart <laurent.pinchart+renesas(a)ideasonboard.com> Since commit 4a97a3da420b ("drm: Don't update property values for atomic drivers") atomic drivers must not update property values as properties are read from the state instead. To catch remaining users, the drm_object_property_set_value() function now throws a warning when called by atomic drivers on non-immutable properties, and we hit that warning when creating connectors. The easy fix is to just remove the drm_object_property_set_value() as it is used here to set the initial value of the connector's DPMS property to OFF. The DPMS property applies on top of the connector's state crtc pointer (initialized to NULL) that is the main connector on/off control, and should thus default to ON. Fixes: 4a97a3da420b ("drm: Don't update property values for atomic drivers") Cc: stable(a)vger.kernel.org Signed-off-by: Laurent Pinchart <laurent.pinchart+renesas(a)ideasonboard.com> Signed-off-by: Stefan Agner <stefan(a)agner.ch> --- drivers/gpu/drm/fsl-dcu/fsl_dcu_drm_rgb.c | 5 ----- 1 file changed, 5 deletions(-) diff --git a/drivers/gpu/drm/fsl-dcu/fsl_dcu_drm_rgb.c b/drivers/gpu/drm/fsl-dcu/fsl_dcu_drm_rgb.c index edd7d8127d19..c54806d08dd7 100644 --- a/drivers/gpu/drm/fsl-dcu/fsl_dcu_drm_rgb.c +++ b/drivers/gpu/drm/fsl-dcu/fsl_dcu_drm_rgb.c @@ -102,7 +102,6 @@ static int fsl_dcu_attach_panel(struct fsl_dcu_drm_device *fsl_dev, { struct drm_encoder *encoder = &fsl_dev->encoder; struct drm_connector *connector = &fsl_dev->connector.base; - struct drm_mode_config *mode_config = &fsl_dev->drm->mode_config; int ret; fsl_dev->connector.encoder = encoder; @@ -122,10 +121,6 @@ static int fsl_dcu_attach_panel(struct fsl_dcu_drm_device *fsl_dev, if (ret < 0) goto err_sysfs; - drm_object_property_set_value(&connector->base, - mode_config->dpms_property, - DRM_MODE_DPMS_OFF); - ret = drm_panel_attach(panel, connector); if (ret) { dev_err(fsl_dev->dev, "failed to attach panel\n"); -- 2.14.2

7 years, 2 months

1
0
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-stable-mirror