- Linux-stable-mirror - lists.linaro.org

by Matthieu Baerts

Patch 1 fixes a possible deadlock in subflow_error_report() reported by lockdep. The report was in fact a false positive but the modification makes sense and silences lockdep to allow syzkaller to find real issues. The regression has been introduced in v5.12. Patch 2 is a refactoring needed to be able to fix the two next issues. It improves the situation and can be backported up to v6.0. Patches 3 and 4 fix UaF reported by KASAN. It fixes issues potentially visible since v5.7 and v5.19 but only reproducible until recently (v6.0). These two patches depend on patch 2/7. Patch 5 fixes the order of the printed values: expected vs seen values. The regression has been introduced recently: present in Linus' tree but not in a tagged version yet. Patch 6 adds missing ro_after_init flags. A previous patch added them for other functions but these two have been missed. This previous patch has been backported to stable versions (up to v5.12) so probably better to do the same here. Patch 7 fixes tcp_set_state() being called twice in a row since v5.10. Signed-off-by: Matthieu Baerts <matthieu.baerts(a)tessares.net> --- Geliang Tang (1): mptcp: add ro_after_init for tcp{,v6}_prot_override Matthieu Baerts (2): selftests: mptcp: userspace pm: fix printed values mptcp: avoid setting TCP_CLOSE state twice Paolo Abeni (4): mptcp: fix possible deadlock in subflow_error_report mptcp: refactor passive socket initialization mptcp: use the workqueue to destroy unaccepted sockets mptcp: fix UaF in listener shutdown net/mptcp/protocol.c | 44 +++----- net/mptcp/protocol.h | 4 +- net/mptcp/subflow.c | 122 +++++++--------------- tools/testing/selftests/net/mptcp/userspace_pm.sh | 2 +- 4 files changed, 59 insertions(+), 113 deletions(-) --- base-commit: aaa3c08ee0653beaa649d4adfb27ad562641cfd8 change-id: 20230227-upstream-net-20230227-mptcp-fixes-cc78f3a2f5b2 Best regards, -- Matthieu Baerts <matthieu.baerts(a)tessares.net>

2 years, 8 months

2
9
0 0

[REGRESSION] 5.15.88 and onwards no longer return EADDRINUSE from bind

by Winter

Hi all, I'm facing the same issue as https://lore.kernel.org/stable/CAFsF8vL4CGFzWMb38_XviiEgxoKX0GYup=JiUFXUOma…, but on 5.15. I've bisected it across releases to 5.15.88, and can reproduce on 5.15.93. However, I cannot seem to find the identified problematic commit in the 5.15 branch, so I'm unsure if this is a different issue or not. There's a few ways to reproduce this issue, but the one I've been using is running libuv's (https://github.com/libuv/libuv) tests, specifically tests 271 and 277. #regzbot introduced v5.15.88.. Thanks, Winter

2 years, 8 months

5
8
0 0

Symbol cpu_feature_keys should be exported to all modules on powerpc

by 王昊然

Just like symbol 'mmu_feature_keys'[1], 'cpu_feature_keys' was referenced indirectly by many inline functions; any GPL-incompatible modules using such a function will be potentially broken due to 'cpu_feature_keys' being exported as GPL-only. For example it still breaks ZFS, see https://github.com/openzfs/zfs/issues/14545 [1]: https://patchwork.ozlabs.org/project/linuxppc-dev/patch/20220329085709.4132…

2 years, 8 months

2
3
0 0

HELLO

by Aisha Al-Gaddafi

Please, I have an investment Project transaction of US$27.500.000.00. that involves transfer and I would like to have your advice on which Investment / Industry that you think that can bring us profit. If you're interested, kindly reply for more specific information on this project. Mr. Aisha Al-Gaddafi

2 years, 8 months

1
0
0 0

[PATCH 5.15 v2 0/5] Fix Build ID on arm64 if CONFIG_MODVERSIONS=y

by Tom Saeger

Build ID is missing for arm64 with CONFIG_MODVERSIONS=y using ld >= 2.36 on 5.4, 5.10, and 5.15 Backport BuildID fixes. I've build tested this on {x86_64, arm64, riscv, powerpc, s390, sh}. # view Build ID $ readelf -n vmlinux | grep "Build ID" Changes for v2: - rebase 5/5 c1c551bebf92 ("sh: define RUNTIME_DISCARD_EXIT") from upstream Previous threads: [1] https://lore.kernel.org/all/cover.1674851705.git.tom.saeger@oracle.com/ [2] https://lore.kernel.org/all/3df32572ec7016e783d37e185f88495831671f5d.167114… [3] https://lore.kernel.org/all/cover.1670358255.git.tom.saeger@oracle.com/ Signed-off-by: Tom Saeger <tom.saeger(a)oracle.com> --- Masahiro Yamada (2): arch: fix broken BuildID for arm64 and riscv s390: define RUNTIME_DISCARD_EXIT to fix link error with GNU ld < 2.36 Michael Ellerman (2): powerpc/vmlinux.lds: Define RUNTIME_DISCARD_EXIT powerpc/vmlinux.lds: Don't discard .rela* for relocatable builds Tom Saeger (1): sh: define RUNTIME_DISCARD_EXIT arch/powerpc/kernel/vmlinux.lds.S | 6 +++++- arch/s390/kernel/vmlinux.lds.S | 2 ++ arch/sh/kernel/vmlinux.lds.S | 1 + include/asm-generic/vmlinux.lds.h | 5 +++++ 4 files changed, 13 insertions(+), 1 deletion(-) --- base-commit: 85d7786c66b69d3f07cc149ac2f78d8f330c7c11 change-id: 20230210-tsaeger-upstream-linux-stable-5-15-f7bf45952c23 Best regards, -- Tom Saeger <tom.saeger(a)oracle.com>

2 years, 8 months

2
14
0 0

Ahoj

by silverl ynrojas

drahý příteli Jak se dneska máš? Myslím, že už je to dlouho, co jsme spolu mluvili naposledy. V každém případě Vás budu znovu kontaktovat ohledně naší předchozí transakce, která u Vás nebyla úspěšná. Vaše spolupráce se mnou bohužel nemůže dokončit převod finančních prostředků. Nevím, možná proto, že se musím smířit se svým zájmem o případ. V každém případě jsem rád, že mohu oznámit úspěch při přijímání finančních prostředků převedených novým partnerem z Venezuely. Momentálně jsem ve Venezuele kvůli investici. Nezapomněl jsem však na své předchozí snažení a snažil jsem se mi s převodem fondu pomoci, i když jsme nemohli dojít ke konkrétnímu závěru. Díky mé snaze pomoci mně jsme se s mým novým partnerem rozhodli vrátit vám 850 000 $, abyste si s námi mohli užívat radosti a štěstí. Nechal jsem vaše kompenzační vízum pro svou sekretářku, aby mi pomohla podat žádost. Nyní kontaktujte mou sekretářku v Togu, jmenuje se paní Silverly Rojas a její e-mailová adresa je (silverlynrojas94(a)gmail.com). Řekněte jí, aby vám poslala kartu Visa v hodnotě 850 000 USD. V současné době jsem velmi zaneprázdněn ve Venezuele kvůli investičním projektům, které mám se svým novým partnerem. Rychle kontaktujte paní Silverly Rojasovou a dejte jí vědět, kam má poslat čekající vízum. Karta vám bude obratem zaslána. Přeji vám vše nejlepší ve všech vašich snahách. S pozdravem Robert G Mohammed

2 years, 8 months

1
0
0 0

Olá

by Leigh Himsworth

Olá, Sou Leigh Himsworth, de Massachusetts, estou procurando investir um ativo avaliado em US $ 350 milhões, no Astronaut Asteroid e em qualquer outro projeto comercial lucrativo em seu país que possa gerar nosso retorno esperado sobre o investimento. Por favor, deixe-me saber se você está interessado para que possamos falar sobre isso com mais detalhes. Cumprimentos. Leigh Himsworth

2 years, 8 months

1
0
0 0

[PATCH v2 1/2] Revert "kasan: drop skip_kasan_poison variable in free_pages_prepare"

by Peter Collingbourne

This reverts commit 487a32ec24be819e747af8c2ab0d5c515508086a. The should_skip_kasan_poison() function reads the PG_skip_kasan_poison flag from page->flags. However, this line of code in free_pages_prepare(): page->flags &= ~PAGE_FLAGS_CHECK_AT_PREP; clears most of page->flags, including PG_skip_kasan_poison, before calling should_skip_kasan_poison(), which meant that it would never return true as a result of the page flag being set. Therefore, fix the code to call should_skip_kasan_poison() before clearing the flags, as we were doing before the reverted patch. Signed-off-by: Peter Collingbourne <pcc(a)google.com> Fixes: 487a32ec24be ("kasan: drop skip_kasan_poison variable in free_pages_prepare") Cc: <stable(a)vger.kernel.org> # 6.1 Link: https://linux-review.googlesource.com/id/Ic4f13affeebd20548758438bb9ed9ca40… Reviewed-by: Andrey Konovalov <andreyknvl(a)gmail.com> --- mm/page_alloc.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/mm/page_alloc.c b/mm/page_alloc.c index ac1fc986af44..7136c36c5d01 100644 --- a/mm/page_alloc.c +++ b/mm/page_alloc.c @@ -1398,6 +1398,7 @@ static __always_inline bool free_pages_prepare(struct page *page, unsigned int order, bool check_free, fpi_t fpi_flags) { int bad = 0; + bool skip_kasan_poison = should_skip_kasan_poison(page, fpi_flags); bool init = want_init_on_free(); VM_BUG_ON_PAGE(PageTail(page), page); @@ -1470,7 +1471,7 @@ static __always_inline bool free_pages_prepare(struct page *page, * With hardware tag-based KASAN, memory tags must be set before the * page becomes unavailable via debug_pagealloc or arch_free_page. */ - if (!should_skip_kasan_poison(page, fpi_flags)) { + if (!skip_kasan_poison) { kasan_poison_pages(page, order, init); /* Memory is already initialized if KASAN did it internally. */ -- 2.39.2.722.g9855ee24e9-goog

2 years, 8 months

1
0
0 0

Re:

by Mahmut Akten

Hello I need your urgent response to a transaction request attached to your name/email stable(a)vger.kernel.org I would like to discuss with you now. Thank You Mahmut Akten Vice Chairman Garanti BBVA Bank (Turkey) www.garantibbva.com.tr

2 years, 8 months

1
0
0 0

[PATCH] serial: 8250_fsl: fix handle_irq locking

by Johan Hovold

The 8250 handle_irq callback is not just called from the interrupt handler but also from a timer callback when polling (e.g. for ports without an interrupt line). Consequently the callback must explicitly disable interrupts to avoid a potential deadlock with another interrupt in polled mode. Fix up the two paths in the freescale callback that failed to re-enable interrupts when polling. Fixes: 853a9ae29e97 ("serial: 8250: fix handle_irq locking") Cc: stable(a)vger.kernel.org # 5.13 Reported-by: Dan Carpenter <error27(a)gmail.com> Link: https://lore.kernel.org/r/Y/xYzqp4ogmOF5t0@kili Signed-off-by: Johan Hovold <johan(a)kernel.org> --- drivers/tty/serial/8250/8250_fsl.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/drivers/tty/serial/8250/8250_fsl.c b/drivers/tty/serial/8250/8250_fsl.c index 8aad15622a2e..8adfaa183f77 100644 --- a/drivers/tty/serial/8250/8250_fsl.c +++ b/drivers/tty/serial/8250/8250_fsl.c @@ -34,7 +34,7 @@ int fsl8250_handle_irq(struct uart_port *port) iir = port->serial_in(port, UART_IIR); if (iir & UART_IIR_NO_INT) { - spin_unlock(&up->port.lock); + spin_unlock_irqrestore(&up->port.lock, flags); return 0; } @@ -42,7 +42,7 @@ int fsl8250_handle_irq(struct uart_port *port) if (unlikely(up->lsr_saved_flags & UART_LSR_BI)) { up->lsr_saved_flags &= ~UART_LSR_BI; port->serial_in(port, UART_RX); - spin_unlock(&up->port.lock); + spin_unlock_irqrestore(&up->port.lock, flags); return 1; } -- 2.39.2

2 years, 8 months

2
1
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-stable-mirror