- Linux-stable-mirror - lists.linaro.org

[PATCH] pinctrl: armada-37xx: Fix spurious irq management

by Gregory CLEMENT

From: Terry Zhou <bjzhou(a)marvell.com> Until now, if we found spurious irq in irq_handler, we only updated the status in register but not the status in the code. Due to this the system will got stuck dues to the infinite loop [gregory.clement(a)bootlin.com: update comment and add fix and stable tags] Fixes: 30ac0d3b0702 ("pinctrl: armada-37xx: Add edge both type gpio irq support") Cc: <stable(a)vger.kernel.org> Signed-off-by: Terry Zhou <bjzhou(a)marvell.com> Reviewed-by: Gregory CLEMENT <gregory.clement(a)bootlin.com> Signed-off-by: Gregory CLEMENT <gregory.clement(a)bootlin.com> --- drivers/pinctrl/mvebu/pinctrl-armada-37xx.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/drivers/pinctrl/mvebu/pinctrl-armada-37xx.c b/drivers/pinctrl/mvebu/pinctrl-armada-37xx.c index 5b63248c8209..7bef929bd7fe 100644 --- a/drivers/pinctrl/mvebu/pinctrl-armada-37xx.c +++ b/drivers/pinctrl/mvebu/pinctrl-armada-37xx.c @@ -679,12 +679,13 @@ static void armada_37xx_irq_handler(struct irq_desc *desc) writel(1 << hwirq, info->base + IRQ_STATUS + 4 * i); - continue; + goto update_status; } } generic_handle_irq(virq); +update_status: /* Update status in case a new IRQ appears */ spin_lock_irqsave(&info->irq_lock, flags); status = readl_relaxed(info->base + -- 2.17.0

7 years, 7 months

2
1
0 0

[PATCH] gpio: rcar: Add Runtime PM handling for interrupts

by Fabrizio Castro

From: Geert Uytterhoeven <geert+renesas(a)glider.be> commit b26a719bdba9aa926ceaadecc66e07623d2b8a53 upstream. The R-Car GPIO driver handles Runtime PM for requested GPIOs only. When using a GPIO purely as an interrupt source, no Runtime PM handling is done, and the GPIO module's clock may not be enabled. To fix this: - Add .irq_request_resources() and .irq_release_resources() callbacks to handle Runtime PM when an interrupt is requested, - Add irq_bus_lock() and sync_unlock() callbacks to handle Runtime PM when e.g. disabling/enabling an interrupt, or configuring the interrupt type. Fixes: d5c3d84657db57bd "net: phy: Avoid polling PHY with PHY_IGNORE_INTERRUPTS" Signed-off-by: Geert Uytterhoeven <geert+renesas(a)glider.be> Signed-off-by: Linus Walleij <linus.walleij(a)linaro.org> [fabrizio: cherry-pick to v4.4.y. Use container_of instead of gpiochip_get_data.] Signed-off-by: Fabrizio Castro <fabrizio.castro(a)bp.renesas.com> Reviewed-by: Biju Das <biju.das(a)bp.renesas.com> --- Hi Greg, on R-Car we have found that if a GPIO is used purely as an interrupt source, the corresponding clock is not enabled, therefore the interrupt doesn't work. On Koelsch, the HDMI trasmitter node in the DT uses GPIO 3 29 for the interrupt line, and since gpio3 is used only for this, its clock is OFF, preventing the interrupt from working. This patch fixes this problem. Would you please consider this patch for 4.4.y? Thanks, Fab drivers/gpio/gpio-rcar.c | 46 ++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 46 insertions(+) diff --git a/drivers/gpio/gpio-rcar.c b/drivers/gpio/gpio-rcar.c index 2a81224..9ba4aaa 100644 --- a/drivers/gpio/gpio-rcar.c +++ b/drivers/gpio/gpio-rcar.c @@ -200,6 +200,48 @@ static int gpio_rcar_irq_set_wake(struct irq_data *d, unsigned int on) return 0; } +static void gpio_rcar_irq_bus_lock(struct irq_data *d) +{ + struct gpio_chip *gc = irq_data_get_irq_chip_data(d); + struct gpio_rcar_priv *p = container_of(gc, struct gpio_rcar_priv, + gpio_chip); + + pm_runtime_get_sync(&p->pdev->dev); +} + +static void gpio_rcar_irq_bus_sync_unlock(struct irq_data *d) +{ + struct gpio_chip *gc = irq_data_get_irq_chip_data(d); + struct gpio_rcar_priv *p = container_of(gc, struct gpio_rcar_priv, + gpio_chip); + + pm_runtime_put(&p->pdev->dev); +} + + +static int gpio_rcar_irq_request_resources(struct irq_data *d) +{ + struct gpio_chip *gc = irq_data_get_irq_chip_data(d); + struct gpio_rcar_priv *p = container_of(gc, struct gpio_rcar_priv, + gpio_chip); + int error; + + error = pm_runtime_get_sync(&p->pdev->dev); + if (error < 0) + return error; + + return 0; +} + +static void gpio_rcar_irq_release_resources(struct irq_data *d) +{ + struct gpio_chip *gc = irq_data_get_irq_chip_data(d); + struct gpio_rcar_priv *p = container_of(gc, struct gpio_rcar_priv, + gpio_chip); + + pm_runtime_put(&p->pdev->dev); +} + static irqreturn_t gpio_rcar_irq_handler(int irq, void *dev_id) { struct gpio_rcar_priv *p = dev_id; @@ -460,6 +502,10 @@ static int gpio_rcar_probe(struct platform_device *pdev) irq_chip->irq_unmask = gpio_rcar_irq_enable; irq_chip->irq_set_type = gpio_rcar_irq_set_type; irq_chip->irq_set_wake = gpio_rcar_irq_set_wake; + irq_chip->irq_bus_lock = gpio_rcar_irq_bus_lock; + irq_chip->irq_bus_sync_unlock = gpio_rcar_irq_bus_sync_unlock; + irq_chip->irq_request_resources = gpio_rcar_irq_request_resources; + irq_chip->irq_release_resources = gpio_rcar_irq_release_resources; irq_chip->flags = IRQCHIP_SET_TYPE_MASKED | IRQCHIP_MASK_ON_SUSPEND; ret = gpiochip_add(gpio_chip); -- 2.7.4

7 years, 7 months

2
1
0 0

Please apply 318aaf34f117 ("scsi: libsas: defer ata device eh...") to stable releases

by Guenter Roeck

Hi Greg, commit 318aaf34f1179b39f ("scsi: libsas: defer ata device eh commands to libata") fixes CVE-2018-10021. Its severity is disputed, yet it is a real bug. Please consider applying it to stable releases. Thanks, Guenter

7 years, 7 months

2
1
0 0

[PATCH 0/5] mm: rework hmm to use devm_memremap_pages

by Dan Williams

Hi Andrew, please consider this series for 4.18. For maintainability, as ZONE_DEVICE continues to attract new users, it is useful to keep all users consolidated on devm_memremap_pages() as the interface for create "device pages". The devm_memremap_pages() implementation was recently reworked to make it more generic for arbitrary users, like the proposed peer-to-peer PCI-E enabling. HMM pre-dated this rework and opted to duplicate devm_memremap_pages() as hmm_devmem_pages_create(). Rework HMM to be a consumer of devm_memremap_pages() directly and fix up the licensing on the exports given the deep dependencies on the mm. Patches based on v4.17-rc6 where there are no upstream consumers of the HMM functionality. --- Dan Williams (5): mm, devm_memremap_pages: mark devm_memremap_pages() EXPORT_SYMBOL_GPL mm, devm_memremap_pages: handle errors allocating final devres action mm, hmm: use devm semantics for hmm_devmem_{add,remove} mm, hmm: replace hmm_devmem_pages_create() with devm_memremap_pages() mm, hmm: mark hmm_devmem_{add,add_resource} EXPORT_SYMBOL_GPL Documentation/vm/hmm.txt | 1 include/linux/hmm.h | 4 - include/linux/memremap.h | 1 kernel/memremap.c | 39 +++++- mm/hmm.c | 297 +++++++--------------------------------------- 5 files changed, 77 insertions(+), 265 deletions(-)

7 years, 7 months

5
12
0 0

[PATCH V3] blk-mq: avoid to starve tag allocation after allocation process migrates

by Ming Lei

When the allocation process is scheduled back and the mapped hw queue is changed, fake one extra wake up on previous queue for compensating wake up miss, so other allocations on the previous queue won't be starved. This patch fixes one request allocation hang issue, which can be triggered easily in case of very low nr_request. Cc: <stable(a)vger.kernel.org> Cc: Omar Sandoval <osandov(a)fb.com> Signed-off-by: Ming Lei <ming.lei(a)redhat.com> --- V3: - fix comments as suggested by Jens - remove the wrapper as suggested by Omar V2: - fix build failure block/blk-mq-tag.c | 12 ++++++++++++ include/linux/sbitmap.h | 7 +++++++ lib/sbitmap.c | 22 ++++++++++++---------- 3 files changed, 31 insertions(+), 10 deletions(-) diff --git a/block/blk-mq-tag.c b/block/blk-mq-tag.c index 336dde07b230..a4e58fc28a06 100644 --- a/block/blk-mq-tag.c +++ b/block/blk-mq-tag.c @@ -134,6 +134,8 @@ unsigned int blk_mq_get_tag(struct blk_mq_alloc_data *data) ws = bt_wait_ptr(bt, data->hctx); drop_ctx = data->ctx == NULL; do { + struct sbitmap_queue *bt_prev; + /* * We're out of tags on this hardware queue, kick any * pending IO submits before going to sleep waiting for @@ -159,6 +161,7 @@ unsigned int blk_mq_get_tag(struct blk_mq_alloc_data *data) if (data->ctx) blk_mq_put_ctx(data->ctx); + bt_prev = bt; io_schedule(); data->ctx = blk_mq_get_ctx(data->q); @@ -170,6 +173,15 @@ unsigned int blk_mq_get_tag(struct blk_mq_alloc_data *data) bt = &tags->bitmap_tags; finish_wait(&ws->wait, &wait); + + /* + * If destination hw queue is changed, fake wake up on + * previous queue for compensating the wake up miss, so + * other allocations on previous queue won't be starved. + */ + if (bt != bt_prev) + sbitmap_queue_wake_up(bt_prev); + ws = bt_wait_ptr(bt, data->hctx); } while (1); diff --git a/include/linux/sbitmap.h b/include/linux/sbitmap.h index 841585f6e5f2..bba9d80191b7 100644 --- a/include/linux/sbitmap.h +++ b/include/linux/sbitmap.h @@ -484,6 +484,13 @@ static inline struct sbq_wait_state *sbq_wait_ptr(struct sbitmap_queue *sbq, void sbitmap_queue_wake_all(struct sbitmap_queue *sbq); /** + * sbitmap_queue_wake_up() - Wake up some of waiters in one waitqueue + * on a &struct sbitmap_queue. + * @sbq: Bitmap queue to wake up. + */ +void sbitmap_queue_wake_up(struct sbitmap_queue *sbq); + +/** * sbitmap_queue_show() - Dump &struct sbitmap_queue information to a &struct * seq_file. * @sbq: Bitmap queue to show. diff --git a/lib/sbitmap.c b/lib/sbitmap.c index e6a9c06ec70c..14e027a33ffa 100644 --- a/lib/sbitmap.c +++ b/lib/sbitmap.c @@ -335,8 +335,9 @@ void sbitmap_queue_resize(struct sbitmap_queue *sbq, unsigned int depth) if (sbq->wake_batch != wake_batch) { WRITE_ONCE(sbq->wake_batch, wake_batch); /* - * Pairs with the memory barrier in sbq_wake_up() to ensure that - * the batch size is updated before the wait counts. + * Pairs with the memory barrier in sbitmap_queue_wake_up() + * to ensure that the batch size is updated before the wait + * counts. */ smp_mb__before_atomic(); for (i = 0; i < SBQ_WAIT_QUEUES; i++) @@ -425,7 +426,7 @@ static struct sbq_wait_state *sbq_wake_ptr(struct sbitmap_queue *sbq) return NULL; } -static void sbq_wake_up(struct sbitmap_queue *sbq) +void sbitmap_queue_wake_up(struct sbitmap_queue *sbq) { struct sbq_wait_state *ws; unsigned int wake_batch; @@ -454,23 +455,24 @@ static void sbq_wake_up(struct sbitmap_queue *sbq) */ smp_mb__before_atomic(); /* - * If there are concurrent callers to sbq_wake_up(), the last - * one to decrement the wait count below zero will bump it back - * up. If there is a concurrent resize, the count reset will - * either cause the cmpxchg to fail or overwrite after the - * cmpxchg. + * If there are concurrent callers to sbitmap_queue_wake_up(), + * the last one to decrement the wait count below zero will + * bump it back up. If there is a concurrent resize, the count + * reset will either cause the cmpxchg to fail or overwrite + * after the cmpxchg. */ atomic_cmpxchg(&ws->wait_cnt, wait_cnt, wait_cnt + wake_batch); sbq_index_atomic_inc(&sbq->wake_index); wake_up_nr(&ws->wait, wake_batch); } } +EXPORT_SYMBOL_GPL(sbitmap_queue_wake_up); void sbitmap_queue_clear(struct sbitmap_queue *sbq, unsigned int nr, unsigned int cpu) { sbitmap_clear_bit_unlock(&sbq->sb, nr); - sbq_wake_up(sbq); + sbitmap_queue_wake_up(sbq); if (likely(!sbq->round_robin && nr < sbq->sb.depth)) *per_cpu_ptr(sbq->alloc_hint, cpu) = nr; } @@ -482,7 +484,7 @@ void sbitmap_queue_wake_all(struct sbitmap_queue *sbq) /* * Pairs with the memory barrier in set_current_state() like in - * sbq_wake_up(). + * sbitmap_queue_wake_up(). */ smp_mb(); wake_index = atomic_read(&sbq->wake_index); -- 2.9.5

7 years, 7 months

2
1
0 0

[PATCH V2] blk-mq: avoid to starve tag allocation after allocation process migrates

by Ming Lei

When the allocation process is scheduled back and the mapped hw queue is changed, do one extra wake up on orignal queue for compensating wake up miss, so other allocations on the orignal queue won't be starved. This patch fixes one request allocation hang issue, which can be triggered easily in case of very low nr_request. Cc: <stable(a)vger.kernel.org> Cc: Omar Sandoval <osandov(a)fb.com> Signed-off-by: Ming Lei <ming.lei(a)redhat.com> --- V2: fix build failure block/blk-mq-tag.c | 13 +++++++++++++ include/linux/sbitmap.h | 7 +++++++ lib/sbitmap.c | 6 ++++++ 3 files changed, 26 insertions(+) diff --git a/block/blk-mq-tag.c b/block/blk-mq-tag.c index 336dde07b230..77607f89d205 100644 --- a/block/blk-mq-tag.c +++ b/block/blk-mq-tag.c @@ -134,6 +134,8 @@ unsigned int blk_mq_get_tag(struct blk_mq_alloc_data *data) ws = bt_wait_ptr(bt, data->hctx); drop_ctx = data->ctx == NULL; do { + struct sbitmap_queue *bt_orig; + /* * We're out of tags on this hardware queue, kick any * pending IO submits before going to sleep waiting for @@ -159,6 +161,7 @@ unsigned int blk_mq_get_tag(struct blk_mq_alloc_data *data) if (data->ctx) blk_mq_put_ctx(data->ctx); + bt_orig = bt; io_schedule(); data->ctx = blk_mq_get_ctx(data->q); @@ -170,6 +173,16 @@ unsigned int blk_mq_get_tag(struct blk_mq_alloc_data *data) bt = &tags->bitmap_tags; finish_wait(&ws->wait, &wait); + + /* + * If destination hw queue is changed, wake up original + * queue one extra time for compensating the wake up + * miss, so other allocations on original queue won't + * be starved. + */ + if (bt != bt_orig) + sbitmap_queue_wake_up(bt_orig); + ws = bt_wait_ptr(bt, data->hctx); } while (1); diff --git a/include/linux/sbitmap.h b/include/linux/sbitmap.h index 841585f6e5f2..b23f50355281 100644 --- a/include/linux/sbitmap.h +++ b/include/linux/sbitmap.h @@ -484,6 +484,13 @@ static inline struct sbq_wait_state *sbq_wait_ptr(struct sbitmap_queue *sbq, void sbitmap_queue_wake_all(struct sbitmap_queue *sbq); /** + * sbitmap_wake_up() - Do a regular wake up compensation if the queue + * allocated from is changed after scheduling back. + * @sbq: Bitmap queue to wake up. + */ +void sbitmap_queue_wake_up(struct sbitmap_queue *sbq); + +/** * sbitmap_queue_show() - Dump &struct sbitmap_queue information to a &struct * seq_file. * @sbq: Bitmap queue to show. diff --git a/lib/sbitmap.c b/lib/sbitmap.c index e6a9c06ec70c..c6ae4206bcb1 100644 --- a/lib/sbitmap.c +++ b/lib/sbitmap.c @@ -466,6 +466,12 @@ static void sbq_wake_up(struct sbitmap_queue *sbq) } } +void sbitmap_queue_wake_up(struct sbitmap_queue *sbq) +{ + sbq_wake_up(sbq); +} +EXPORT_SYMBOL_GPL(sbitmap_queue_wake_up); + void sbitmap_queue_clear(struct sbitmap_queue *sbq, unsigned int nr, unsigned int cpu) { -- 2.9.5

7 years, 7 months

4
5
0 0

[PATCH v7 1/8] softirq: reorder trace_softirqs_on to prevent lockdep splat

by Joel Fernandes

From: "Joel Fernandes (Google)" <joel(a)joelfernandes.org> I'm able to reproduce a lockdep splat with config options: CONFIG_PROVE_LOCKING=y, CONFIG_DEBUG_LOCK_ALLOC=y and CONFIG_PREEMPTIRQ_EVENTS=y $ echo 1 > /d/tracing/events/preemptirq/preempt_enable/enable [ 26.112609] DEBUG_LOCKS_WARN_ON(current->softirqs_enabled) [ 26.112636] WARNING: CPU: 0 PID: 118 at kernel/locking/lockdep.c:3854 [...] [ 26.144229] Call Trace: [ 26.144926] <IRQ> [ 26.145506] lock_acquire+0x55/0x1b0 [ 26.146499] ? __do_softirq+0x46f/0x4d9 [ 26.147571] ? __do_softirq+0x46f/0x4d9 [ 26.148646] trace_preempt_on+0x8f/0x240 [ 26.149744] ? trace_preempt_on+0x4d/0x240 [ 26.150862] ? __do_softirq+0x46f/0x4d9 [ 26.151930] preempt_count_sub+0x18a/0x1a0 [ 26.152985] __do_softirq+0x46f/0x4d9 [ 26.153937] irq_exit+0x68/0xe0 [ 26.154755] smp_apic_timer_interrupt+0x271/0x280 [ 26.156056] apic_timer_interrupt+0xf/0x20 [ 26.157105] </IRQ> The issue was this: preempt_count = 1 << SOFTIRQ_SHIFT __local_bh_enable(cnt = 1 << SOFTIRQ_SHIFT) { if (softirq_count() == (cnt && SOFTIRQ_MASK)) { trace_softirqs_on() { current->softirqs_enabled = 1; } } preempt_count_sub(cnt) { trace_preempt_on() { tracepoint() { rcu_read_lock_sched() { // jumps into lockdep Where preempt_count still has softirqs disabled, but current->softirqs_enabled is true, and we get a splat. Cc: stable(a)vger.kernel.org Reviewed-by: Steven Rostedt (VMware) <rostedt(a)goodmis.org> Fixes: d59158162e032 ("tracing: Add support for preempt and irq enable/disable events") Signed-off-by: Joel Fernandes (Google) <joel(a)joelfernandes.org> --- kernel/softirq.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/kernel/softirq.c b/kernel/softirq.c index 177de3640c78..8a040bcaa033 100644 --- a/kernel/softirq.c +++ b/kernel/softirq.c @@ -139,9 +139,13 @@ static void __local_bh_enable(unsigned int cnt) { lockdep_assert_irqs_disabled(); + if (preempt_count() == cnt) + trace_preempt_on(CALLER_ADDR0, get_lock_parent_ip()); + if (softirq_count() == (cnt & SOFTIRQ_MASK)) trace_softirqs_on(_RET_IP_); - preempt_count_sub(cnt); + + __preempt_count_sub(cnt); } /* -- 2.17.0.441.gb46fe60e1d-goog

7 years, 7 months

1
0
0 0

[PATCH 0/9] s390 spectre update for 4.9

by Martin Schwidefsky

Hi Greg, 9 more patches against the 2018/05/23 linux-4.9.y stable branch. This gets the spectre defense of 4.9 up-to-date compared to the current upstream tree. The upstream patches to remove the indirect branches from the BPF JIT are included (these do not have a CC:stable tag). Martin Schwidefsky (9): s390: add assembler macros for CPU alternatives s390: move expoline assembler macros to a header s390/crc32-vx: use expoline for indirect branches s390/lib: use expoline for indirect branches s390/ftrace: use expoline for indirect branches s390/kernel: use expoline for indirect branches s390: move spectre sysfs attribute code s390: extend expoline to BC instructions s390: use expoline thunks in the BPF JIT arch/s390/crypto/crc32be-vx.S | 5 +- arch/s390/crypto/crc32le-vx.S | 4 +- arch/s390/include/asm/alternative-asm.h | 108 ++++++++++++++++++ arch/s390/include/asm/nospec-insn.h | 195 ++++++++++++++++++++++++++++++++ arch/s390/kernel/Makefile | 1 + arch/s390/kernel/asm-offsets.c | 1 + arch/s390/kernel/base.S | 24 ++-- arch/s390/kernel/entry.S | 105 ++++------------- arch/s390/kernel/mcount.S | 14 ++- arch/s390/kernel/nospec-branch.c | 43 ++++--- arch/s390/kernel/nospec-sysfs.c | 21 ++++ arch/s390/kernel/reipl.S | 7 +- arch/s390/kernel/swsusp.S | 9 +- arch/s390/lib/mem.S | 9 +- arch/s390/net/bpf_jit.S | 16 ++- arch/s390/net/bpf_jit_comp.c | 63 ++++++++++- 16 files changed, 488 insertions(+), 137 deletions(-) create mode 100644 arch/s390/include/asm/alternative-asm.h create mode 100644 arch/s390/include/asm/nospec-insn.h create mode 100644 arch/s390/kernel/nospec-sysfs.c -- 2.16.3

7 years, 7 months

2
10
0 0

[PATCH 0/9] s390 spectre update for 4.14

by Martin Schwidefsky

Hi Greg, 9 more patches against the 2018/05/23 linux-4.14.y stable branch. This gets the spectre defense of 4.14 up-to-date compared to the current upstream tree. The upstream patches to remove the indirect branches from the BPF JIT are included (these do not have a CC:stable tag). Martin Schwidefsky (9): s390: add assembler macros for CPU alternatives s390: move expoline assembler macros to a header s390/crc32-vx: use expoline for indirect branches s390/lib: use expoline for indirect branches s390/ftrace: use expoline for indirect branches s390/kernel: use expoline for indirect branches s390: move spectre sysfs attribute code s390: extend expoline to BC instructions s390: use expoline thunks in the BPF JIT arch/s390/crypto/crc32be-vx.S | 5 +- arch/s390/crypto/crc32le-vx.S | 4 +- arch/s390/include/asm/alternative-asm.h | 108 ++++++++++++++++++ arch/s390/include/asm/nospec-insn.h | 195 ++++++++++++++++++++++++++++++++ arch/s390/kernel/Makefile | 1 + arch/s390/kernel/asm-offsets.c | 1 + arch/s390/kernel/base.S | 24 ++-- arch/s390/kernel/entry.S | 105 ++++------------- arch/s390/kernel/mcount.S | 14 ++- arch/s390/kernel/nospec-branch.c | 43 ++++--- arch/s390/kernel/nospec-sysfs.c | 21 ++++ arch/s390/kernel/reipl.S | 7 +- arch/s390/kernel/swsusp.S | 10 +- arch/s390/lib/mem.S | 13 ++- arch/s390/net/bpf_jit.S | 16 ++- arch/s390/net/bpf_jit_comp.c | 63 ++++++++++- 16 files changed, 490 insertions(+), 140 deletions(-) create mode 100644 arch/s390/include/asm/alternative-asm.h create mode 100644 arch/s390/include/asm/nospec-insn.h create mode 100644 arch/s390/kernel/nospec-sysfs.c -- 2.16.3

7 years, 7 months

2
10
0 0

[PATCH 00/15] s390 spectre update for 4.16

by Martin Schwidefsky

Hi Greg, 15 more patches against the 2018/05/23 linux-4.16.y stable branch. This gets the spectre defense of 4.16 up-to-date compared to the current upstream tree. The upstream patches to remove the indirect branches from the BPF JIT are included (these do not have a CC:stable tag). Martin Schwidefsky (15): s390: move nobp parameter functions to nospec-branch.c s390: add automatic detection of the spectre defense s390: report spectre mitigation via syslog s390: add sysfs attributes for spectre s390: add assembler macros for CPU alternatives s390: correct nospec auto detection init order s390: correct module section names for expoline code revert s390: move expoline assembler macros to a header s390/crc32-vx: use expoline for indirect branches s390/lib: use expoline for indirect branches s390/ftrace: use expoline for indirect branches s390/kernel: use expoline for indirect branches s390: move spectre sysfs attribute code s390: extend expoline to BC instructions s390: use expoline thunks in the BPF JIT arch/s390/Kconfig | 3 +- arch/s390/Makefile | 2 +- arch/s390/crypto/crc32be-vx.S | 5 +- arch/s390/crypto/crc32le-vx.S | 4 +- arch/s390/include/asm/alternative-asm.h | 108 ++++++++++++++++++ arch/s390/include/asm/nospec-branch.h | 7 +- arch/s390/include/asm/nospec-insn.h | 196 ++++++++++++++++++++++++++++++++ arch/s390/kernel/Makefile | 5 +- arch/s390/kernel/alternative.c | 24 +--- arch/s390/kernel/asm-offsets.c | 1 + arch/s390/kernel/base.S | 24 ++-- arch/s390/kernel/entry.S | 105 ++++------------- arch/s390/kernel/mcount.S | 14 ++- arch/s390/kernel/module.c | 15 ++- arch/s390/kernel/nospec-branch.c | 123 +++++++++++++++----- arch/s390/kernel/nospec-sysfs.c | 21 ++++ arch/s390/kernel/reipl.S | 7 +- arch/s390/kernel/setup.c | 3 + arch/s390/kernel/swsusp.S | 10 +- arch/s390/lib/mem.S | 19 ++-- arch/s390/net/bpf_jit.S | 16 ++- arch/s390/net/bpf_jit_comp.c | 63 +++++++++- 22 files changed, 587 insertions(+), 188 deletions(-) create mode 100644 arch/s390/include/asm/alternative-asm.h create mode 100644 arch/s390/include/asm/nospec-insn.h create mode 100644 arch/s390/kernel/nospec-sysfs.c -- 2.16.3

7 years, 7 months

2
16
0 0

[PATCH stable 4.16 00/14] powerpc backports for 4.16

by Michael Ellerman

Hi Greg, Please queue up this series of patches for 4.16 if you have no objections. These are mostly clean backports but one or two required some fixing up, hench the backport. cheers Mauricio Faria de Oliveira (2): powerpc/pseries: Fix clearing of security feature flags powerpc: Move default security feature flags Michael Ellerman (11): powerpc/rfi-flush: Always enable fallback flush on pseries powerpc: Add security feature flags for Spectre/Meltdown powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags powerpc/pseries: Set or clear security feature flags powerpc/powernv: Set or clear security feature flags powerpc/64s: Move cpu_show_meltdown() powerpc/64s: Enhance the information in cpu_show_meltdown() powerpc/powernv: Use the security flags in pnv_setup_rfi_flush() powerpc/pseries: Use the security flags in pseries_setup_rfi_flush() powerpc/64s: Wire up cpu_show_spectre_v1() powerpc/64s: Wire up cpu_show_spectre_v2() Nicholas Piggin (1): powerpc/64s: Add support for a store forwarding barrier at kernel entry/exit arch/powerpc/include/asm/exception-64s.h | 29 ++++ arch/powerpc/include/asm/feature-fixups.h | 19 +++ arch/powerpc/include/asm/hvcall.h | 3 + arch/powerpc/include/asm/security_features.h | 85 ++++++++++ arch/powerpc/kernel/Makefile | 2 +- arch/powerpc/kernel/exceptions-64s.S | 19 ++- arch/powerpc/kernel/security.c | 237 +++++++++++++++++++++++++++ arch/powerpc/kernel/setup_64.c | 8 - arch/powerpc/kernel/vmlinux.lds.S | 14 ++ arch/powerpc/lib/feature-fixups.c | 115 +++++++++++++ arch/powerpc/platforms/powernv/setup.c | 96 +++++++---- arch/powerpc/platforms/pseries/setup.c | 71 +++++--- 12 files changed, 638 insertions(+), 60 deletions(-) create mode 100644 arch/powerpc/include/asm/security_features.h create mode 100644 arch/powerpc/kernel/security.c -- 2.14.1

7 years, 7 months

2
15
0 0

[PATCH v2 0/7] mm: Rework hmm to use devm_memremap_pages

by Dan Williams

Changes since v1: [1] * Kill support for mapping System RAM as a nop. No one uses this functionality and it is broken relative to percpu_ref management. * Fix percpu_ref teardown. Given that devm_memremap_pages() has strict assumptions about when the percpu_ref is killed, give it responsibility to make the live-dead transition explicitly. (Logan) * Split the patch that adds HMM support to devm_memremap_pages() from the patch that converts HMM to use devm_memremap_pages(). This caught an incomplete conversion in v1. (Logan) * Collect Christoph's reviewed-by. [1]: https://lkml.org/lkml/2018/5/21/1109 --- Hi Andrew, here's v2 to replace the 5 currently in mm. The first and last patch did not change. For maintainability, as ZONE_DEVICE continues to attract new users, it is useful to keep all users consolidated on devm_memremap_pages() as the interface for create "device pages". The devm_memremap_pages() implementation was recently reworked to make it more generic for arbitrary users, like the proposed peer-to-peer PCI-E enabling. HMM pre-dated this rework and opted to duplicate devm_memremap_pages() as hmm_devmem_pages_create(). Rework HMM to be a consumer of devm_memremap_pages() directly and fix up the licensing on the exports given the deep dependencies on the mm. Patches based on v4.17-rc6 where there are no upstream consumers of the HMM functionality. --- Dan Williams (7): mm, devm_memremap_pages: Mark devm_memremap_pages() EXPORT_SYMBOL_GPL mm, devm_memremap_pages: Kill mapping "System RAM" support mm, devm_memremap_pages: Fix shutdown handling mm, devm_memremap_pages: Add MEMORY_DEVICE_PRIVATE support mm, hmm: Use devm semantics for hmm_devmem_{add,remove} mm, hmm: Replace hmm_devmem_pages_create() with devm_memremap_pages() mm, hmm: Mark hmm_devmem_{add,add_resource} EXPORT_SYMBOL_GPL Documentation/vm/hmm.txt | 1 drivers/dax/pmem.c | 10 - drivers/nvdimm/pmem.c | 18 +- include/linux/hmm.h | 4 include/linux/memremap.h | 7 + kernel/memremap.c | 85 +++++++--- mm/hmm.c | 307 +++++-------------------------------- tools/testing/nvdimm/test/iomap.c | 21 ++- 8 files changed, 130 insertions(+), 323 deletions(-)

7 years, 7 months

2
3
0 0

[PATCH 1/3] drm/vmwgfx: Fix 32-bit VMW_PORT_HB_[IN|OUT] macros

by Thomas Hellstrom

Depending on whether the kernel is compiled with frame-pointer or not, the temporary memory location used for the bp parameter in these macros is referenced relative to the stack pointer or the frame pointer. Hence we can never reference that parameter when we've modified either the stack pointer or the frame pointer, because then the compiler would generate an incorrect stack reference. Fix this by pushing the temporary memory parameter on a known location on the stack before modifying the stack- and frame pointers. Cc: <stable(a)vger.kernel.org> Signed-off-by: Thomas Hellstrom <thellstrom(a)vmware.com> Reviewed-by: Brian Paul <brianp(a)vmware.com> Reviewed-by: Sinclair Yeh <syeh(a)vmware.com> --- drivers/gpu/drm/vmwgfx/vmwgfx_msg.h | 25 +++++++++++++++++-------- 1 file changed, 17 insertions(+), 8 deletions(-) diff --git a/drivers/gpu/drm/vmwgfx/vmwgfx_msg.h b/drivers/gpu/drm/vmwgfx/vmwgfx_msg.h index 557a033fb610..8545488aa0cf 100644 --- a/drivers/gpu/drm/vmwgfx/vmwgfx_msg.h +++ b/drivers/gpu/drm/vmwgfx/vmwgfx_msg.h @@ -135,17 +135,24 @@ #else -/* In the 32-bit version of this macro, we use "m" because there is no - * more register left for bp +/* + * In the 32-bit version of this macro, we store bp in a memory location + * because we've ran out of registers. + * Now we can't reference that memory location while we've modified + * %esp or %ebp, so we first push it on the stack, just before we push + * %ebp, and then when we need it we read it from the stack where we + * just pushed it. */ #define VMW_PORT_HB_OUT(cmd, in_ecx, in_si, in_di, \ port_num, magic, bp, \ eax, ebx, ecx, edx, si, di) \ ({ \ - asm volatile ("push %%ebp;" \ - "mov %12, %%ebp;" \ + asm volatile ("push %12;" \ + "push %%ebp;" \ + "mov 0x04(%%esp), %%ebp;" \ "rep outsb;" \ - "pop %%ebp;" : \ + "pop %%ebp;" \ + "add $0x04, %%esp;" : \ "=a"(eax), \ "=b"(ebx), \ "=c"(ecx), \ @@ -167,10 +174,12 @@ port_num, magic, bp, \ eax, ebx, ecx, edx, si, di) \ ({ \ - asm volatile ("push %%ebp;" \ - "mov %12, %%ebp;" \ + asm volatile ("push %12;" \ + "push %%ebp;" \ + "mov 0x04(%%esp), %%ebp;" \ "rep insb;" \ - "pop %%ebp" : \ + "pop %%ebp;" \ + "add $0x04, %%esp;" : \ "=a"(eax), \ "=b"(ebx), \ "=c"(ecx), \ -- 2.17.0

7 years, 7 months

1
1
0 0

[PATCH v3 1/2] MIPS: memset.S: Fix byte_fixup for MIPSr6

by Matt Redfearn

The __clear_user function is defined to return the number of bytes that could not be cleared. From the underlying memset / bzero implementation this means setting register a2 to that number on return. Currently if a page fault is triggered within the MIPSr6 version of setting of initial unaligned bytes, the value loaded into a2 on return is meaningless. During the MIPSr6 version of the initial unaligned bytes block, register a2 contains the number of bytes to be set beyond the initial unaligned bytes. The t0 register is initally set to the number of unaligned bytes - STORSIZE, effectively a negative version of the number of unaligned bytes. This is then incremented before each byte is saved. The label .Lbyte_fixup\@ is jumped to on page fault. Currently the value in a2 is incorrectly replaced by 0 - t0 + 1, effectively the number of unaligned bytes remaining. This leads to the failures being reported by the following test code: static int __init test_clear_user(void) { int j, k; pr_info("\n\n\nTesting clear_user\n"); for (j = 0; j < 512; j++) { if ((k = clear_user(NULL+3, j)) != j) { pr_err("clear_user (NULL %d) returned %d\n", j, k); } } return 0; } late_initcall(test_clear_user); Which reports: [ 3.965439] Testing clear_user [ 3.973169] clear_user (NULL 8) returned 6 [ 3.976782] clear_user (NULL 9) returned 6 [ 3.980390] clear_user (NULL 10) returned 6 [ 3.984052] clear_user (NULL 11) returned 6 [ 3.987524] clear_user (NULL 12) returned 6 Fix this by subtracting t0 from a2 (rather than $0), effectivey giving: unset_bytes = (#bytes - (#unaligned bytes)) - (-#unaligned bytes remaining + 1) + 1 a2 = a2 - t0 + 1 This fixes the value returned from __clear user when the number of bytes to set is > LONGSIZE and the address is invalid and unaligned. Unfortunately, this breaks the fixup handling for unaligned bytes after the final long, where register a2 still contains the number of bytes remaining to be set and the t0 register is to 0 - the number of unaligned bytes remaining. Because t0 is now is now subtracted from a2 rather than 0, the number of bytes unset is reported incorrectly: static int __init test_clear_user(void) { char *test; int j, k; pr_info("\n\n\nTesting clear_user\n"); test = vmalloc(PAGE_SIZE); for (j = 256; j < 512; j++) { if ((k = clear_user(test + PAGE_SIZE - 254, j)) != j - 254) { pr_err("clear_user (%px %d) returned %d\n", test + PAGE_SIZE - 254, j, k); } } return 0; } late_initcall(test_clear_user); [ 3.976775] clear_user (c00000000000df02 256) returned 4 [ 3.981957] clear_user (c00000000000df02 257) returned 6 [ 3.986425] clear_user (c00000000000df02 258) returned 8 [ 3.990850] clear_user (c00000000000df02 259) returned 10 [ 3.995332] clear_user (c00000000000df02 260) returned 12 [ 3.999815] clear_user (c00000000000df02 261) returned 14 Fix this by ensuring that a2 is set to 0 during the set of final unaligned bytes. Fixes: 8c56208aff77 ("MIPS: lib: memset: Add MIPS R6 support") Cc: stable(a)vger.kernel.org Signed-off-by: Matt Redfearn <matt.redfearn(a)mips.com> --- Changes in v3: New patch to fix fault handling during MIPSr6 version of setting unaligned bytes. Changes in v2: None arch/mips/lib/memset.S | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/arch/mips/lib/memset.S b/arch/mips/lib/memset.S index 1cc306520a5..fac26ce64b2 100644 --- a/arch/mips/lib/memset.S +++ b/arch/mips/lib/memset.S @@ -195,6 +195,7 @@ #endif #else PTR_SUBU t0, $0, a2 + move a2, zero /* No remaining longs */ PTR_ADDIU t0, 1 STORE_BYTE(0) STORE_BYTE(1) @@ -231,7 +232,7 @@ #ifdef CONFIG_CPU_MIPSR6 .Lbyte_fixup\@: - PTR_SUBU a2, $0, t0 + PTR_SUBU a2, t0 jr ra PTR_ADDIU a2, 1 #endif /* CONFIG_CPU_MIPSR6 */ -- 2.7.4

7 years, 7 months

1
0
0 0

T/T payment of EUR 47,631.35 Done.

by Rai Exchanges

Please find attached details of our T/T payment of EUR 47,631.35 to you for outstanding payment. Our sister company instructed we arrange payment to the attached bank details. Best regards Mit freundlichen Grüßen / Best regards Fackelmann GmbH + Co. KG Lena Hauenstein Sebastian-Fackelmann-Str. 6 91217 Hersbruck Telefon: +49 9151 811 101 Fax: +49 9151 811 421 0 E-mailbhirvi(a)ecrobot.com.com www.ecrobot.com

7 years, 7 months

1
0
0 0

[PATCH v2] drm: fix off-by-one in logger

by Norbert Manthey

The current implementation will leak a byte to the log via memmove. The specified 27 bytes are off-by-one, as the payload is 25 bytes, and the termination character is only one byte large. To avoid this, factor out the error message, and furthermore make the second parameter of the append_entry function const. The full trace is as follows: In function ‘memmove’, from ‘append_entry’ at drivers/gpu/drm/amd/display/dc/basics/logger.c:257:2, from ‘dm_logger_append_va’ at drivers/gpu/drm/amd/display/dc/basics/logger.c:348:4 detected read beyond size of object passed as 2nd parameter Signed-off-by: Norbert Manthey <nmanthey(a)amazon.de> --- drivers/gpu/drm/amd/display/dc/basics/logger.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/drivers/gpu/drm/amd/display/dc/basics/logger.c b/drivers/gpu/drm/amd/display/dc/basics/logger.c index 31bee05..6ba8d0c 100644 --- a/drivers/gpu/drm/amd/display/dc/basics/logger.c +++ b/drivers/gpu/drm/amd/display/dc/basics/logger.c @@ -244,7 +244,7 @@ static void log_heading(struct log_entry *entry) static void append_entry( struct log_entry *entry, - char *buffer, + const char *buffer, uint32_t buf_size) { if (!entry->buf || @@ -346,7 +346,9 @@ void dm_logger_append_va( if (size < LOG_MAX_LINE_SIZE - 1) { append_entry(entry, buffer, size); } else { - append_entry(entry, "LOG_ERROR, line too long\n", 27); + static const char msg[] = "LOG_ERROR, line too long\n"; + + append_entry(entry, msg, sizeof(msg)); } } } -- 2.7.4 Amazon Development Center Germany GmbH Berlin - Dresden - Aachen main office: Krausenstr. 38, 10117 Berlin Geschaeftsfuehrer: Dr. Ralf Herbrich, Christian Schlaeger Ust-ID: DE289237879 Eingetragen am Amtsgericht Charlottenburg HRB 149173 B

7 years, 7 months

1
1
0 0

[PATCH v2 02/16] arm64: dts: marvell: fix CP110 ICU node size

by Miquel Raynal

ICU size in CP110 is not 0x10 but at least 0x440 bytes long (from the specification). Fixes: 6ef84a827c37 ("arm64: dts: marvell: enable GICP and ICU on Armada 7K/8K") Cc: stable(a)vger.kernel.org Signed-off-by: Miquel Raynal <miquel.raynal(a)bootlin.com> Reviewed-by: Thomas Petazzoni <thomas.petazzoni(a)bootlin.com> --- arch/arm64/boot/dts/marvell/armada-cp110.dtsi | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/arm64/boot/dts/marvell/armada-cp110.dtsi b/arch/arm64/boot/dts/marvell/armada-cp110.dtsi index 48cad7919efa..9fa41c54f69c 100644 --- a/arch/arm64/boot/dts/marvell/armada-cp110.dtsi +++ b/arch/arm64/boot/dts/marvell/armada-cp110.dtsi @@ -146,7 +146,7 @@ CP110_LABEL(icu): interrupt-controller@1e0000 { compatible = "marvell,cp110-icu"; - reg = <0x1e0000 0x10>; + reg = <0x1e0000 0x440>; #interrupt-cells = <3>; interrupt-controller; msi-parent = <&gicp>; -- 2.14.1

7 years, 7 months

2
1
0 0

[PATCH 4.16 000/110] 4.16.11-stable review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 4.16.11 release. There are 110 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Tue May 22 21:04:14 UTC 2018. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.16.11-rc… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.16.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 4.16.11-rc1 Alexei Starovoitov <ast(a)kernel.org> bpf: Prevent memory disambiguation attack Konrad Rzeszutek Wilk <konrad.wilk(a)oracle.com> x86/bugs: Rename SSBD_NO to SSB_NO Tom Lendacky <thomas.lendacky(a)amd.com> KVM: SVM: Implement VIRT_SPEC_CTRL support for SSBD Thomas Gleixner <tglx(a)linutronix.de> x86/speculation, KVM: Implement support for VIRT_SPEC_CTRL/LS_CFG Thomas Gleixner <tglx(a)linutronix.de> x86/bugs: Rework spec_ctrl base and mask logic Thomas Gleixner <tglx(a)linutronix.de> x86/bugs: Remove x86_spec_ctrl_set() Thomas Gleixner <tglx(a)linutronix.de> x86/bugs: Expose x86_spec_ctrl_base directly Borislav Petkov <bp(a)suse.de> x86/bugs: Unify x86_spec_ctrl_{set_guest,restore_host} Thomas Gleixner <tglx(a)linutronix.de> x86/speculation: Rework speculative_store_bypass_update() Tom Lendacky <thomas.lendacky(a)amd.com> x86/speculation: Add virtualized speculative store bypass disable support Thomas Gleixner <tglx(a)linutronix.de> x86/bugs, KVM: Extend speculation control for VIRT_SPEC_CTRL Thomas Gleixner <tglx(a)linutronix.de> x86/speculation: Handle HT correctly on AMD Thomas Gleixner <tglx(a)linutronix.de> x86/cpufeatures: Add FEATURE_ZEN Thomas Gleixner <tglx(a)linutronix.de> x86/cpufeatures: Disentangle SSBD enumeration Thomas Gleixner <tglx(a)linutronix.de> x86/cpufeatures: Disentangle MSR_SPEC_CTRL enumeration from IBRS Borislav Petkov <bp(a)suse.de> x86/speculation: Use synthetic bits for IBRS/IBPB/STIBP Thomas Gleixner <tglx(a)linutronix.de> KVM: SVM: Move spec control call after restore of GS Jim Mattson <jmattson(a)google.com> x86/cpu: Make alternative_msr_write work for 32-bit code Konrad Rzeszutek Wilk <konrad.wilk(a)oracle.com> x86/bugs: Fix the parameters alignment and missing void Jiri Kosina <jkosina(a)suse.cz> x86/bugs: Make cpu_show_common() static Jiri Kosina <jkosina(a)suse.cz> x86/bugs: Fix __ssb_select_mitigation() return type Borislav Petkov <bp(a)suse.de> Documentation/spec_ctrl: Do some minor cleanups Konrad Rzeszutek Wilk <konrad.wilk(a)oracle.com> proc: Use underscores for SSBD in 'status' Konrad Rzeszutek Wilk <konrad.wilk(a)oracle.com> x86/bugs: Rename _RDS to _SSBD Kees Cook <keescook(a)chromium.org> x86/speculation: Make "seccomp" the default mode for Speculative Store Bypass Thomas Gleixner <tglx(a)linutronix.de> seccomp: Move speculation migitation control to arch code Kees Cook <keescook(a)chromium.org> seccomp: Add filter flag to opt-out of SSB mitigation Thomas Gleixner <tglx(a)linutronix.de> seccomp: Use PR_SPEC_FORCE_DISABLE Thomas Gleixner <tglx(a)linutronix.de> prctl: Add force disable speculation Kees Cook <keescook(a)chromium.org> x86/bugs: Make boot modes __ro_after_init Kees Cook <keescook(a)chromium.org> seccomp: Enable speculation flaw mitigations Kees Cook <keescook(a)chromium.org> proc: Provide details on speculation flaw mitigations Kees Cook <keescook(a)chromium.org> nospec: Allow getting/setting on non-current task Thomas Gleixner <tglx(a)linutronix.de> x86/speculation: Add prctl for Speculative Store Bypass mitigation Thomas Gleixner <tglx(a)linutronix.de> x86/process: Allow runtime control of Speculative Store Bypass Thomas Gleixner <tglx(a)linutronix.de> prctl: Add speculation control prctls Thomas Gleixner <tglx(a)linutronix.de> x86/speculation: Create spec-ctrl.h to avoid include hell Konrad Rzeszutek Wilk <konrad.wilk(a)oracle.com> x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest Konrad Rzeszutek Wilk <konrad.wilk(a)oracle.com> x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested Konrad Rzeszutek Wilk <konrad.wilk(a)oracle.com> x86/bugs: Whitelist allowed SPEC_CTRL MSR values Konrad Rzeszutek Wilk <konrad.wilk(a)oracle.com> x86/bugs/intel: Set proper CPU features and setup RDS Konrad Rzeszutek Wilk <konrad.wilk(a)oracle.com> x86/bugs: Provide boot parameters for the spec_store_bypass_disable mitigation Konrad Rzeszutek Wilk <konrad.wilk(a)oracle.com> x86/cpufeatures: Add X86_FEATURE_RDS Konrad Rzeszutek Wilk <konrad.wilk(a)oracle.com> x86/bugs: Expose /sys/../spec_store_bypass Konrad Rzeszutek Wilk <konrad.wilk(a)oracle.com> x86/bugs, KVM: Support the combination of guest and host IBRS Konrad Rzeszutek Wilk <konrad.wilk(a)oracle.com> x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits Konrad Rzeszutek Wilk <konrad.wilk(a)oracle.com> x86/bugs: Concentrate bug reporting into a separate function Konrad Rzeszutek Wilk <konrad.wilk(a)oracle.com> x86/bugs: Concentrate bug detection into a separate function Linus Torvalds <torvalds(a)linux-foundation.org> x86/nospec: Simplify alternative_msr_write() Liu Bo <bo.liu(a)linux.alibaba.com> btrfs: fix reading stale metadata blocks after degraded raid1 mounts Nikolay Borisov <nborisov(a)suse.com> btrfs: Fix delalloc inodes invalidation during transaction abort Nikolay Borisov <nborisov(a)suse.com> btrfs: Split btrfs_del_delalloc_inode into 2 functions Anand Jain <anand.jain(a)oracle.com> btrfs: fix crash when trying to resume balance without the resume flag Misono Tomohiro <misono.tomohiro(a)jp.fujitsu.com> btrfs: property: Set incompat flag if lzo/zstd compression is set Robbie Ko <robbieko(a)synology.com> Btrfs: send, fix invalid access to commit roots due to concurrent snapshotting Filipe Manana <fdmanana(a)suse.com> Btrfs: fix xattr loss after power failure Masami Hiramatsu <mhiramat(a)kernel.org> ARM: 8772/1: kprobes: Prohibit kprobes on get_user functions Masami Hiramatsu <mhiramat(a)kernel.org> ARM: 8770/1: kprobes: Prohibit probing on optimized_callback Masami Hiramatsu <mhiramat(a)kernel.org> ARM: 8769/1: kprobes: Fix to use get_kprobe_ctlblk after irq-disabed Dexuan Cui <decui(a)microsoft.com> tick/broadcast: Use for_each_cpu() specially on UP kernels Dmitry Safonov <dima(a)arista.com> x86/mm: Drop TS_COMPAT on 64-bit exec() syscall Thomas Gleixner <tglx(a)linutronix.de> x86/apic/x2apic: Initialize cluster ID properly Masami Hiramatsu <mhiramat(a)kernel.org> ARM: 8771/1: kprobes: Prohibit kprobes on do_undefinstr Ard Biesheuvel <ard.biesheuvel(a)linaro.org> efi: Avoid potential crashes, fix the 'struct efi_pci_io_protocol_32' definition for mixed mode Dave Hansen <dave.hansen(a)linux.intel.com> x86/pkeys: Do not special case protection key 0 Dave Hansen <dave.hansen(a)linux.intel.com> x86/pkeys: Override pkey when moving away from PROT_EXEC Coly Li <colyli(a)suse.de> bcache: return 0 from bch_debug_init() if CONFIG_DEBUG_FS=n Martin Schwidefsky <schwidefsky(a)de.ibm.com> s390: remove indirect branch from do_softirq_own_stack Julian Wiedmann <jwi(a)linux.ibm.com> s390/qdio: don't release memory in qdio_setup_irq() Hendrik Brueckner <brueckner(a)linux.ibm.com> s390/cpum_sf: ensure sample frequency of perf event attributes is non-zero Julian Wiedmann <jwi(a)linux.ibm.com> s390/qdio: fix access to uninitialized qdio_q fields Michel Thierry <michel.thierry(a)intel.com> drm/i915/gen9: Add WaClearHIZ_WM_CHICKEN3 for bxt and glk Pavel Tatashin <pasha.tatashin(a)oracle.com> mm: don't allow deferred pages with NEED_PER_CPU_KM Ross Zwisler <ross.zwisler(a)linux.intel.com> radix tree: fix multi-order iteration race Matthew Wilcox <mawilcox(a)microsoft.com> lib/test_bitmap.c: fix bitmap optimisation tests to report errors correctly Miquel Raynal <miquel.raynal(a)bootlin.com> cpufreq: armada-37xx: driver relies on cpufreq-dt Haneen Mohammed <hamohammed.sa(a)gmail.com> drm: Match sysfs name in link removal to link creation Nicholas Piggin <npiggin(a)gmail.com> powerpc/powernv: Fix NVRAM sleep in invalid context when crashing Boris Brezillon <boris.brezillon(a)bootlin.com> mtd: rawnand: marvell: Fix read logic for layouts with ->nchunks > 2 Alexander Monakov <amonakov(a)ispras.ru> i2c: designware: fix poll-after-enable regression Maxime Chevallier <maxime.chevallier(a)bootlin.com> ARM64: dts: marvell: armada-cp110: Add mg_core_clk for ethernet node Maxime Chevallier <maxime.chevallier(a)bootlin.com> ARM64: dts: marvell: armada-cp110: Add clocks for the xmdio node kbuild test robot <fengguang.wu(a)intel.com> netfilter: nf_tables: nf_tables_obj_lookup_byhandle() can be static Florian Westphal <fw(a)strlen.de> netfilter: nf_tables: can't fail after linking rule into active rule list Florian Westphal <fw(a)strlen.de> netfilter: nf_tables: free set name in error path Jann Horn <jannh(a)google.com> tee: shm: fix use-after-free via temporarily dropped reference Guenter Roeck <linux(a)roeck-us.net> x86/amd_nb: Add support for Raven Ridge CPUs Steven Rostedt (VMware) <rostedt(a)goodmis.org> vsprintf: Replace memory barrier with static_key for random_ptr_key update Steven Rostedt (VMware) <rostedt(a)goodmis.org> tracing/x86/xen: Remove zero data size trace events trace_xen_mmu_flush_tlb{_all} Halil Pasic <pasic(a)linux.vnet.ibm.com> vfio: ccw: fix cleanup if cp_prefetch fails Guenter Roeck <linux(a)roeck-us.net> hwmon: (k10temp) Use API function to access System Management Network Guenter Roeck <linux(a)roeck-us.net> hwmon: (k10temp) Fix reading critical temperature register Andre Przywara <andre.przywara(a)arm.com> KVM: arm/arm64: VGIC/ITS: protect kvm_read_guest() calls with SRCU lock Andre Przywara <andre.przywara(a)arm.com> KVM: arm/arm64: VGIC/ITS save/restore: protect kvm_read_guest() calls Andre Przywara <andre.przywara(a)arm.com> KVM: arm/arm64: VGIC/ITS: Promote irq_lock() in update_affinity Andre Przywara <andre.przywara(a)arm.com> KVM: arm/arm64: Properly protect VGIC locks from IRQs Sean Christopherson <sean.j.christopherson(a)intel.com> KVM: vmx: update sec exec controls for UMIP iff emulating UMIP Kamal Dasu <kdasu.kdev(a)gmail.com> spi: bcm-qspi: Always read and set BSPI_MAST_N_BOOT_CTRL Kamal Dasu <kdasu.kdev(a)gmail.com> spi: bcm-qspi: Avoid setting MSPI_CDRAM_PCS for spi-nor master Andy Shevchenko <andriy.shevchenko(a)linux.intel.com> spi: pxa2xx: Allow 64-bit DMA Wenwen Wang <wang6495(a)umn.edu> ALSA: control: fix a redundant-copy issue Hans de Goede <hdegoede(a)redhat.com> ALSA: hda: Add Lenovo C50 All in one to the power_save blacklist Jeremy Soller <jeremy(a)system76.com> ALSA: hda/realtek - Clevo P950ER ALC1220 Fixup Federico Cuello <fedux(a)fedux.com.ar> ALSA: usb: mixer: volume quirk for CM102-A+/102S+ Shuah Khan (Samsung OSG) <shuah(a)kernel.org> usbip: usbip_host: fix bad unlock balance during stub_probe() Shuah Khan (Samsung OSG) <shuah(a)kernel.org> usbip: usbip_host: fix NULL-ptr deref and use-after-free errors Shuah Khan (Samsung OSG) <shuah(a)kernel.org> usbip: usbip_host: run rebind from exit when module is removed Shuah Khan (Samsung OSG) <shuah(a)kernel.org> usbip: usbip_host: delete device from busid_table after rebind Shuah Khan <shuah(a)kernel.org> usbip: usbip_host: refine probe and disconnect debug msgs to be useful Mathias Nyman <mathias.nyman(a)linux.intel.com> xhci: Fix USB3 NULL pointer dereference at logical disconnect. ------------- Diffstat: Documentation/ABI/testing/sysfs-devices-system-cpu | 1 + Documentation/admin-guide/kernel-parameters.txt | 45 +++ .../devicetree/bindings/net/marvell-pp2.txt | 9 +- Documentation/userspace-api/index.rst | 1 + Documentation/userspace-api/spec_ctrl.rst | 94 +++++ Makefile | 4 +- arch/arm/include/asm/assembler.h | 10 + arch/arm/include/asm/kvm_mmu.h | 16 + arch/arm/kernel/traps.c | 5 +- arch/arm/lib/getuser.S | 10 + arch/arm/probes/kprobes/opt-arm.c | 4 +- arch/arm64/boot/dts/marvell/armada-cp110.dtsi | 7 +- arch/arm64/include/asm/kvm_mmu.h | 16 + arch/powerpc/platforms/powernv/opal-nvram.c | 14 +- arch/s390/kernel/irq.c | 5 +- arch/s390/kernel/perf_cpum_sf.c | 4 + arch/x86/boot/compressed/eboot.c | 6 +- arch/x86/include/asm/cpufeatures.h | 20 +- arch/x86/include/asm/kvm_host.h | 2 +- arch/x86/include/asm/mmu_context.h | 2 +- arch/x86/include/asm/msr-index.h | 9 + arch/x86/include/asm/nospec-branch.h | 43 ++- arch/x86/include/asm/pkeys.h | 18 +- arch/x86/include/asm/spec-ctrl.h | 80 +++++ arch/x86/include/asm/thread_info.h | 4 +- arch/x86/kernel/amd_nb.c | 6 + arch/x86/kernel/apic/x2apic_cluster.c | 1 + arch/x86/kernel/cpu/amd.c | 22 ++ arch/x86/kernel/cpu/bugs.c | 397 ++++++++++++++++++++- arch/x86/kernel/cpu/common.c | 77 +++- arch/x86/kernel/cpu/cpu.h | 2 + arch/x86/kernel/cpu/intel.c | 3 + arch/x86/kernel/process.c | 146 ++++++++ arch/x86/kernel/process_64.c | 1 + arch/x86/kernel/smpboot.c | 5 + arch/x86/kvm/cpuid.c | 21 +- arch/x86/kvm/svm.c | 66 ++-- arch/x86/kvm/vmx.c | 60 ++-- arch/x86/kvm/x86.c | 13 +- arch/x86/mm/pkeys.c | 21 +- arch/x86/xen/mmu.c | 4 +- arch/x86/xen/mmu_pv.c | 4 +- drivers/base/cpu.c | 8 + drivers/cpufreq/Kconfig.arm | 2 +- drivers/gpu/drm/drm_drv.c | 2 +- drivers/gpu/drm/i915/i915_reg.h | 3 + drivers/gpu/drm/i915/intel_engine_cs.c | 4 + drivers/hwmon/Kconfig | 2 +- drivers/hwmon/k10temp.c | 51 ++- drivers/i2c/busses/i2c-designware-master.c | 5 +- drivers/md/bcache/debug.c | 3 + drivers/mtd/nand/marvell_nand.c | 8 +- drivers/s390/cio/qdio_setup.c | 12 +- drivers/s390/cio/vfio_ccw_cp.c | 13 +- drivers/spi/spi-bcm-qspi.c | 28 +- drivers/spi/spi-pxa2xx.h | 2 +- drivers/tee/tee_shm.c | 5 +- drivers/usb/host/xhci-hub.c | 2 +- drivers/usb/usbip/stub.h | 2 + drivers/usb/usbip/stub_dev.c | 43 ++- drivers/usb/usbip/stub_main.c | 105 +++++- fs/btrfs/ctree.c | 22 +- fs/btrfs/ctree.h | 2 + fs/btrfs/disk-io.c | 26 +- fs/btrfs/inode.c | 13 +- fs/btrfs/props.c | 12 +- fs/btrfs/tree-log.c | 7 + fs/btrfs/volumes.c | 9 + fs/proc/array.c | 25 ++ include/linux/bpf_verifier.h | 1 + include/linux/cpu.h | 2 + include/linux/efi.h | 8 +- include/linux/nospec.h | 10 + include/linux/sched.h | 10 +- include/linux/seccomp.h | 5 +- include/trace/events/xen.h | 16 - include/uapi/linux/prctl.h | 12 + include/uapi/linux/seccomp.h | 5 +- kernel/bpf/verifier.c | 59 ++- kernel/seccomp.c | 21 +- kernel/sys.c | 23 ++ kernel/time/tick-broadcast.c | 8 + lib/radix-tree.c | 6 +- lib/test_bitmap.c | 21 +- lib/vsprintf.c | 26 +- mm/Kconfig | 1 + net/netfilter/nf_tables_api.c | 75 ++-- sound/core/control_compat.c | 3 +- sound/pci/hda/hda_intel.c | 2 + sound/pci/hda/patch_realtek.c | 1 + sound/usb/mixer.c | 8 + tools/testing/selftests/seccomp/seccomp_bpf.c | 22 +- virt/kvm/arm/vgic/vgic-debug.c | 5 +- virt/kvm/arm/vgic/vgic-its.c | 34 +- virt/kvm/arm/vgic/vgic-v3.c | 4 +- virt/kvm/arm/vgic/vgic.c | 22 +- 96 files changed, 1731 insertions(+), 373 deletions(-)

7 years, 7 months

6
119
0 0

[PATCH] PCI/portdrv: do not disable device on remove()

by Sinan Kaya

'Commit cc27b735ad3a ("PCI/portdrv: Turn off PCIe services during shutdown")' has been added to kernel to shutdown pending PCIe port service interrupts during reboot so that a newly started kexec kernel wouldn't observe pending interrupts. pcie_port_device_remove() is disabling the root port and switches by calling pci_disable_device() after all PCIe service drivers are shutdown. pci_disable_device() has a much wider impact then port service itself and it prevents all inbound transactions to reach to the system and impacts the entire PCI traffic behind the bridge. Issue is that pcie_port_device_remove() doesn't maintain any coordination with the rest of the PCI device drivers in the system before clearing the bus master bit. This has been found to cause crashes on HP DL360 Gen9 machines during reboot. Besides, kexec is already clearing the bus master bit in pci_device_shutdown() after all PCI drivers are removed. Just remove the extra clear here. Signed-off-by: Sinan Kaya <okaya(a)codeaurora.org> Link: https://bugzilla.kernel.org/show_bug.cgi?id=199779 Fixes: cc27b735ad3a ("PCI/portdrv: Turn off PCIe services during shutdown") Cc: stable(a)vger.kernel.org Reported-by: Ryan Finnie <ryan(a)finnie.org> --- drivers/pci/pcie/portdrv_core.c | 1 - 1 file changed, 1 deletion(-) diff --git a/drivers/pci/pcie/portdrv_core.c b/drivers/pci/pcie/portdrv_core.c index c9c0663..d22a95d 100644 --- a/drivers/pci/pcie/portdrv_core.c +++ b/drivers/pci/pcie/portdrv_core.c @@ -409,7 +409,6 @@ void pcie_port_device_remove(struct pci_dev *dev) { device_for_each_child(&dev->dev, NULL, remove_iter); pci_free_irq_vectors(dev); - pci_disable_device(dev); } /** -- 2.7.4

7 years, 7 months

3
3
0 0

Stable release queue build failures (3.18, 4.1)

by Guenter Roeck

v3.18.109-42-g6009175, s390:allnoconfig: arch/s390/mm/vmem.c:30:20: warning: 'vmem_alloc_pages' defined but not used [-Wunused-function] arch/s390/kernel/irq.c: Assembler messages: arch/s390/kernel/irq.c:180: Error: Unrecognized opcode: `brasl' v4.1.51-555-g5b61994, {i386,x86_64}:{allyesconfig,allmodconfig}: arch/x86/kvm/vmx.c: In function 'vmx_handle_external_intr': arch/x86/kvm/vmx.c:8016:4: error: expected ':' or ')' before 'CALL_NOSPEC' Guenter

7 years, 7 months

3
2
0 0

[PATCH for-next 0/5] IB/hfi1,isert: Updates for-next 5/15/2018

by Dennis Dalessandro

Hi Doug and Jason, Here are some patches to go to for-next. One is a code cleanup. The rest are bug fixes that are probably not serious enough for an -rc6. The one that may be on the fence is the isert patch. Since it only affects debug kernels it can probably even wait till for-next. It has been marked stable though. --- Alex Estrin (1): IB/isert: Fix for lib/dma_debug check_sync warning Kamenee Arumugam (1): IB/Hfi1: Mask Unsupported Request error bit in PCIe AER Michael J. Ruhl (1): IB/hfi1: Set port number for errorinfo MAD response Mike Marciniszyn (2): IB/hfi1: Cleanup of exp_rcv IB/{rdmavt,hfi1}; Change hrtimer add to use the pinned variation drivers/infiniband/hw/hfi1/exp_rcv.c | 39 +++++++++++++++++++------------ drivers/infiniband/hw/hfi1/exp_rcv.h | 24 ++++++++++++++++++- drivers/infiniband/hw/hfi1/hfi.h | 14 ++++++----- drivers/infiniband/hw/hfi1/init.c | 4 +-- drivers/infiniband/hw/hfi1/mad.c | 1 + drivers/infiniband/hw/hfi1/pcie.c | 15 ++++++++++++ drivers/infiniband/hw/hfi1/rc.c | 2 +- drivers/infiniband/sw/rdmavt/qp.c | 2 +- drivers/infiniband/ulp/isert/ib_isert.c | 26 ++++++++++++++------- 9 files changed, 91 insertions(+), 36 deletions(-) -- -Denny

7 years, 7 months

5
10
0 0

+ kasan-fix-memory-hotplug-during-boot.patch added to -mm tree

by akpm＠linux-foundation.org

The patch titled Subject: kasan: fix memory hotplug during boot has been added to the -mm tree. Its filename is kasan-fix-memory-hotplug-during-boot.patch This patch should soon appear at http://ozlabs.org/~akpm/mmots/broken-out/kasan-fix-memory-hotplug-during-bo… and later at http://ozlabs.org/~akpm/mmotm/broken-out/kasan-fix-memory-hotplug-during-bo… Before you just go and hit "reply", please: a) Consider who else should be cc'ed b) Prefer to cc a suitable mailing list as well c) Ideally: find the original patch on the mailing list and do a reply-to-all to that, adding suitable additional cc's *** Remember to use Documentation/process/submit-checklist.rst when testing your code *** The -mm tree is included into linux-next and is updated there every 3-4 working days ------------------------------------------------------ From: David Hildenbrand <david(a)redhat.com> Subject: kasan: fix memory hotplug during boot Using module_init() is wrong. E.g. ACPI adds and onlines memory before our memory notifier gets registered. This makes sure that ACPI memory detected during boot up will not result in a kernel crash. Easily reproducible with QEMU, just specify a DIMM when starting up. Link: http://lkml.kernel.org/r/20180522100756.18478-3-david@redhat.com Fixes: 786a8959912e ("kasan: disable memory hotplug") Signed-off-by: David Hildenbrand <david(a)redhat.com> Acked-by: Andrey Ryabinin <aryabinin(a)virtuozzo.com> Cc: Alexander Potapenko <glider(a)google.com> Cc: Dmitry Vyukov <dvyukov(a)google.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- mm/kasan/kasan.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff -puN mm/kasan/kasan.c~kasan-fix-memory-hotplug-during-boot mm/kasan/kasan.c --- a/mm/kasan/kasan.c~kasan-fix-memory-hotplug-during-boot +++ a/mm/kasan/kasan.c @@ -892,5 +892,5 @@ static int __init kasan_memhotplug_init( return 0; } -module_init(kasan_memhotplug_init); +core_initcall(kasan_memhotplug_init); #endif _ Patches currently in -mm which might be from david(a)redhat.com are kasan-free-allocated-shadow-memory-on-mem_cancel_online.patch kasan-fix-memory-hotplug-during-boot.patch

7 years, 7 months

1
0
0 0

+ kasan-free-allocated-shadow-memory-on-mem_cancel_online.patch added to -mm tree

by akpm＠linux-foundation.org

The patch titled Subject: kasan: free allocated shadow memory on MEM_CANCEL_ONLINE has been added to the -mm tree. Its filename is kasan-free-allocated-shadow-memory-on-mem_cancel_online.patch This patch should soon appear at http://ozlabs.org/~akpm/mmots/broken-out/kasan-free-allocated-shadow-memory… and later at http://ozlabs.org/~akpm/mmotm/broken-out/kasan-free-allocated-shadow-memory… Before you just go and hit "reply", please: a) Consider who else should be cc'ed b) Prefer to cc a suitable mailing list as well c) Ideally: find the original patch on the mailing list and do a reply-to-all to that, adding suitable additional cc's *** Remember to use Documentation/process/submit-checklist.rst when testing your code *** The -mm tree is included into linux-next and is updated there every 3-4 working days ------------------------------------------------------ From: David Hildenbrand <david(a)redhat.com> Subject: kasan: free allocated shadow memory on MEM_CANCEL_ONLINE We have to free memory again when we cancel onlining, otherwise a later onlining attempt will fail. Link: http://lkml.kernel.org/r/20180522100756.18478-2-david@redhat.com Fixes: fa69b5989bb0 ("mm/kasan: add support for memory hotplug") Signed-off-by: David Hildenbrand <david(a)redhat.com> Acked-by: Andrey Ryabinin <aryabinin(a)virtuozzo.com> Cc: Alexander Potapenko <glider(a)google.com> Cc: Dmitry Vyukov <dvyukov(a)google.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- mm/kasan/kasan.c | 1 + 1 file changed, 1 insertion(+) diff -puN mm/kasan/kasan.c~kasan-free-allocated-shadow-memory-on-mem_cancel_online mm/kasan/kasan.c --- a/mm/kasan/kasan.c~kasan-free-allocated-shadow-memory-on-mem_cancel_online +++ a/mm/kasan/kasan.c @@ -867,6 +867,7 @@ static int __meminit kasan_mem_notifier( kmemleak_ignore(ret); return NOTIFY_OK; } + case MEM_CANCEL_ONLINE: case MEM_OFFLINE: { struct vm_struct *vm; _ Patches currently in -mm which might be from david(a)redhat.com are kasan-free-allocated-shadow-memory-on-mem_cancel_online.patch kasan-fix-memory-hotplug-during-boot.patch

7 years, 7 months

1
0
0 0

[PATCH 4.14 00/95] 4.14.43-stable review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 4.14.43 release. There are 95 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Tue May 22 21:04:09 UTC 2018. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.14.43-rc… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.14.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 4.14.43-rc1 Konrad Rzeszutek Wilk <konrad.wilk(a)oracle.com> x86/bugs: Rename SSBD_NO to SSB_NO Tom Lendacky <thomas.lendacky(a)amd.com> KVM: SVM: Implement VIRT_SPEC_CTRL support for SSBD Thomas Gleixner <tglx(a)linutronix.de> x86/speculation, KVM: Implement support for VIRT_SPEC_CTRL/LS_CFG Thomas Gleixner <tglx(a)linutronix.de> x86/bugs: Rework spec_ctrl base and mask logic Thomas Gleixner <tglx(a)linutronix.de> x86/bugs: Remove x86_spec_ctrl_set() Thomas Gleixner <tglx(a)linutronix.de> x86/bugs: Expose x86_spec_ctrl_base directly Borislav Petkov <bp(a)suse.de> x86/bugs: Unify x86_spec_ctrl_{set_guest,restore_host} Thomas Gleixner <tglx(a)linutronix.de> x86/speculation: Rework speculative_store_bypass_update() Tom Lendacky <thomas.lendacky(a)amd.com> x86/speculation: Add virtualized speculative store bypass disable support Thomas Gleixner <tglx(a)linutronix.de> x86/bugs, KVM: Extend speculation control for VIRT_SPEC_CTRL Thomas Gleixner <tglx(a)linutronix.de> x86/speculation: Handle HT correctly on AMD Thomas Gleixner <tglx(a)linutronix.de> x86/cpufeatures: Add FEATURE_ZEN Thomas Gleixner <tglx(a)linutronix.de> x86/cpufeatures: Disentangle SSBD enumeration Thomas Gleixner <tglx(a)linutronix.de> x86/cpufeatures: Disentangle MSR_SPEC_CTRL enumeration from IBRS Borislav Petkov <bp(a)suse.de> x86/speculation: Use synthetic bits for IBRS/IBPB/STIBP Thomas Gleixner <tglx(a)linutronix.de> KVM: SVM: Move spec control call after restore of GS Jim Mattson <jmattson(a)google.com> x86/cpu: Make alternative_msr_write work for 32-bit code Konrad Rzeszutek Wilk <konrad.wilk(a)oracle.com> x86/bugs: Fix the parameters alignment and missing void Jiri Kosina <jkosina(a)suse.cz> x86/bugs: Make cpu_show_common() static Jiri Kosina <jkosina(a)suse.cz> x86/bugs: Fix __ssb_select_mitigation() return type Borislav Petkov <bp(a)suse.de> Documentation/spec_ctrl: Do some minor cleanups Konrad Rzeszutek Wilk <konrad.wilk(a)oracle.com> proc: Use underscores for SSBD in 'status' Konrad Rzeszutek Wilk <konrad.wilk(a)oracle.com> x86/bugs: Rename _RDS to _SSBD Kees Cook <keescook(a)chromium.org> x86/speculation: Make "seccomp" the default mode for Speculative Store Bypass Thomas Gleixner <tglx(a)linutronix.de> seccomp: Move speculation migitation control to arch code Kees Cook <keescook(a)chromium.org> seccomp: Add filter flag to opt-out of SSB mitigation Thomas Gleixner <tglx(a)linutronix.de> seccomp: Use PR_SPEC_FORCE_DISABLE Thomas Gleixner <tglx(a)linutronix.de> prctl: Add force disable speculation Kees Cook <keescook(a)chromium.org> x86/bugs: Make boot modes __ro_after_init Kees Cook <keescook(a)chromium.org> seccomp: Enable speculation flaw mitigations Kees Cook <keescook(a)chromium.org> proc: Provide details on speculation flaw mitigations Kees Cook <keescook(a)chromium.org> nospec: Allow getting/setting on non-current task Thomas Gleixner <tglx(a)linutronix.de> x86/speculation: Add prctl for Speculative Store Bypass mitigation Thomas Gleixner <tglx(a)linutronix.de> x86/process: Allow runtime control of Speculative Store Bypass Thomas Gleixner <tglx(a)linutronix.de> prctl: Add speculation control prctls Thomas Gleixner <tglx(a)linutronix.de> x86/speculation: Create spec-ctrl.h to avoid include hell Konrad Rzeszutek Wilk <konrad.wilk(a)oracle.com> x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest Konrad Rzeszutek Wilk <konrad.wilk(a)oracle.com> x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested Konrad Rzeszutek Wilk <konrad.wilk(a)oracle.com> x86/bugs: Whitelist allowed SPEC_CTRL MSR values Konrad Rzeszutek Wilk <konrad.wilk(a)oracle.com> x86/bugs/intel: Set proper CPU features and setup RDS Konrad Rzeszutek Wilk <konrad.wilk(a)oracle.com> x86/bugs: Provide boot parameters for the spec_store_bypass_disable mitigation Konrad Rzeszutek Wilk <konrad.wilk(a)oracle.com> x86/cpufeatures: Add X86_FEATURE_RDS Konrad Rzeszutek Wilk <konrad.wilk(a)oracle.com> x86/bugs: Expose /sys/../spec_store_bypass Konrad Rzeszutek Wilk <konrad.wilk(a)oracle.com> x86/bugs, KVM: Support the combination of guest and host IBRS Konrad Rzeszutek Wilk <konrad.wilk(a)oracle.com> x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits Konrad Rzeszutek Wilk <konrad.wilk(a)oracle.com> x86/bugs: Concentrate bug reporting into a separate function Konrad Rzeszutek Wilk <konrad.wilk(a)oracle.com> x86/bugs: Concentrate bug detection into a separate function Linus Torvalds <torvalds(a)linux-foundation.org> x86/nospec: Simplify alternative_msr_write() Liu Bo <bo.liu(a)linux.alibaba.com> btrfs: fix reading stale metadata blocks after degraded raid1 mounts Nikolay Borisov <nborisov(a)suse.com> btrfs: Fix delalloc inodes invalidation during transaction abort Nikolay Borisov <nborisov(a)suse.com> btrfs: Split btrfs_del_delalloc_inode into 2 functions Anand Jain <anand.jain(a)oracle.com> btrfs: fix crash when trying to resume balance without the resume flag Misono Tomohiro <misono.tomohiro(a)jp.fujitsu.com> btrfs: property: Set incompat flag if lzo/zstd compression is set Robbie Ko <robbieko(a)synology.com> Btrfs: send, fix invalid access to commit roots due to concurrent snapshotting Filipe Manana <fdmanana(a)suse.com> Btrfs: fix xattr loss after power failure Masami Hiramatsu <mhiramat(a)kernel.org> ARM: 8772/1: kprobes: Prohibit kprobes on get_user functions Masami Hiramatsu <mhiramat(a)kernel.org> ARM: 8770/1: kprobes: Prohibit probing on optimized_callback Masami Hiramatsu <mhiramat(a)kernel.org> ARM: 8769/1: kprobes: Fix to use get_kprobe_ctlblk after irq-disabed Dexuan Cui <decui(a)microsoft.com> tick/broadcast: Use for_each_cpu() specially on UP kernels Dmitry Safonov <dima(a)arista.com> x86/mm: Drop TS_COMPAT on 64-bit exec() syscall Masami Hiramatsu <mhiramat(a)kernel.org> ARM: 8771/1: kprobes: Prohibit kprobes on do_undefinstr Ard Biesheuvel <ard.biesheuvel(a)linaro.org> efi: Avoid potential crashes, fix the 'struct efi_pci_io_protocol_32' definition for mixed mode Dave Hansen <dave.hansen(a)linux.intel.com> x86/pkeys: Do not special case protection key 0 Dave Hansen <dave.hansen(a)linux.intel.com> x86/pkeys: Override pkey when moving away from PROT_EXEC Martin Schwidefsky <schwidefsky(a)de.ibm.com> s390: remove indirect branch from do_softirq_own_stack Julian Wiedmann <jwi(a)linux.ibm.com> s390/qdio: don't release memory in qdio_setup_irq() Hendrik Brueckner <brueckner(a)linux.ibm.com> s390/cpum_sf: ensure sample frequency of perf event attributes is non-zero Julian Wiedmann <jwi(a)linux.ibm.com> s390/qdio: fix access to uninitialized qdio_q fields Michel Thierry <michel.thierry(a)intel.com> drm/i915/gen9: Add WaClearHIZ_WM_CHICKEN3 for bxt and glk Pavel Tatashin <pasha.tatashin(a)oracle.com> mm: don't allow deferred pages with NEED_PER_CPU_KM Ross Zwisler <ross.zwisler(a)linux.intel.com> radix tree: fix multi-order iteration race Matthew Wilcox <mawilcox(a)microsoft.com> lib/test_bitmap.c: fix bitmap optimisation tests to report errors correctly Haneen Mohammed <hamohammed.sa(a)gmail.com> drm: Match sysfs name in link removal to link creation Nicholas Piggin <npiggin(a)gmail.com> powerpc/powernv: Fix NVRAM sleep in invalid context when crashing Alexander Monakov <amonakov(a)ispras.ru> i2c: designware: fix poll-after-enable regression Subash Abhinov Kasiviswanathan <subashab(a)codeaurora.org> netfilter: nf_socket: Fix out of bounds access in nf_sk_lookup_slow_v{4,6} Florian Westphal <fw(a)strlen.de> netfilter: nf_tables: can't fail after linking rule into active rule list Florian Westphal <fw(a)strlen.de> netfilter: nf_tables: free set name in error path Jann Horn <jannh(a)google.com> tee: shm: fix use-after-free via temporarily dropped reference Steven Rostedt (VMware) <rostedt(a)goodmis.org> tracing/x86/xen: Remove zero data size trace events trace_xen_mmu_flush_tlb{_all} Halil Pasic <pasic(a)linux.vnet.ibm.com> vfio: ccw: fix cleanup if cp_prefetch fails Benjamin Herrenschmidt <benh(a)kernel.crashing.org> powerpc: Don't preempt_disable() in show_cpuinfo() Andre Przywara <andre.przywara(a)arm.com> KVM: arm/arm64: VGIC/ITS: protect kvm_read_guest() calls with SRCU lock Andre Przywara <andre.przywara(a)arm.com> KVM: arm/arm64: VGIC/ITS save/restore: protect kvm_read_guest() calls Kamal Dasu <kdasu.kdev(a)gmail.com> spi: bcm-qspi: Always read and set BSPI_MAST_N_BOOT_CTRL Kamal Dasu <kdasu.kdev(a)gmail.com> spi: bcm-qspi: Avoid setting MSPI_CDRAM_PCS for spi-nor master Andy Shevchenko <andriy.shevchenko(a)linux.intel.com> spi: pxa2xx: Allow 64-bit DMA Wenwen Wang <wang6495(a)umn.edu> ALSA: control: fix a redundant-copy issue Hans de Goede <hdegoede(a)redhat.com> ALSA: hda: Add Lenovo C50 All in one to the power_save blacklist Federico Cuello <fedux(a)fedux.com.ar> ALSA: usb: mixer: volume quirk for CM102-A+/102S+ Shuah Khan (Samsung OSG) <shuah(a)kernel.org> usbip: usbip_host: fix bad unlock balance during stub_probe() Shuah Khan (Samsung OSG) <shuah(a)kernel.org> usbip: usbip_host: fix NULL-ptr deref and use-after-free errors Shuah Khan (Samsung OSG) <shuah(a)kernel.org> usbip: usbip_host: run rebind from exit when module is removed Shuah Khan (Samsung OSG) <shuah(a)kernel.org> usbip: usbip_host: delete device from busid_table after rebind Shuah Khan <shuah(a)kernel.org> usbip: usbip_host: refine probe and disconnect debug msgs to be useful ------------- Diffstat: Documentation/ABI/testing/sysfs-devices-system-cpu | 1 + Documentation/admin-guide/kernel-parameters.txt | 45 +++ Documentation/userspace-api/index.rst | 1 + Documentation/userspace-api/spec_ctrl.rst | 94 +++++ Makefile | 4 +- arch/arm/include/asm/assembler.h | 10 + arch/arm/include/asm/kvm_mmu.h | 16 + arch/arm/kernel/traps.c | 5 +- arch/arm/lib/getuser.S | 10 + arch/arm/probes/kprobes/opt-arm.c | 4 +- arch/arm64/include/asm/kvm_mmu.h | 16 + arch/powerpc/kernel/setup-common.c | 11 - arch/powerpc/platforms/powernv/opal-nvram.c | 14 +- arch/s390/kernel/irq.c | 5 +- arch/s390/kernel/perf_cpum_sf.c | 4 + arch/x86/boot/compressed/eboot.c | 6 +- arch/x86/include/asm/cpufeatures.h | 18 +- arch/x86/include/asm/kvm_host.h | 2 +- arch/x86/include/asm/mmu_context.h | 2 +- arch/x86/include/asm/msr-index.h | 9 + arch/x86/include/asm/nospec-branch.h | 43 ++- arch/x86/include/asm/pkeys.h | 18 +- arch/x86/include/asm/spec-ctrl.h | 80 +++++ arch/x86/include/asm/thread_info.h | 4 +- arch/x86/kernel/cpu/amd.c | 22 ++ arch/x86/kernel/cpu/bugs.c | 397 ++++++++++++++++++++- arch/x86/kernel/cpu/common.c | 77 +++- arch/x86/kernel/cpu/cpu.h | 2 + arch/x86/kernel/cpu/intel.c | 3 + arch/x86/kernel/process.c | 146 ++++++++ arch/x86/kernel/process_64.c | 1 + arch/x86/kernel/smpboot.c | 5 + arch/x86/kvm/cpuid.c | 21 +- arch/x86/kvm/svm.c | 66 ++-- arch/x86/kvm/vmx.c | 32 +- arch/x86/kvm/x86.c | 13 +- arch/x86/mm/pkeys.c | 21 +- arch/x86/xen/mmu.c | 4 +- arch/x86/xen/mmu_pv.c | 4 +- drivers/base/cpu.c | 8 + drivers/gpu/drm/drm_drv.c | 2 +- drivers/gpu/drm/i915/i915_reg.h | 3 + drivers/gpu/drm/i915/intel_engine_cs.c | 4 + drivers/i2c/busses/i2c-designware-master.c | 5 +- drivers/s390/cio/qdio_setup.c | 12 +- drivers/s390/cio/vfio_ccw_cp.c | 13 +- drivers/spi/spi-bcm-qspi.c | 28 +- drivers/spi/spi-pxa2xx.h | 2 +- drivers/tee/tee_shm.c | 5 +- drivers/usb/usbip/stub.h | 2 + drivers/usb/usbip/stub_dev.c | 43 ++- drivers/usb/usbip/stub_main.c | 105 +++++- fs/btrfs/ctree.c | 22 +- fs/btrfs/ctree.h | 2 + fs/btrfs/disk-io.c | 26 +- fs/btrfs/inode.c | 13 +- fs/btrfs/props.c | 12 +- fs/btrfs/tree-log.c | 7 + fs/btrfs/volumes.c | 9 + fs/proc/array.c | 25 ++ include/linux/cpu.h | 2 + include/linux/efi.h | 8 +- include/linux/nospec.h | 10 + include/linux/sched.h | 10 +- include/linux/seccomp.h | 5 +- include/trace/events/xen.h | 16 - include/uapi/linux/prctl.h | 12 + include/uapi/linux/seccomp.h | 5 +- kernel/seccomp.c | 21 +- kernel/sys.c | 23 ++ kernel/time/tick-broadcast.c | 8 + lib/radix-tree.c | 6 +- lib/test_bitmap.c | 21 +- mm/Kconfig | 1 + net/ipv4/netfilter/nf_socket_ipv4.c | 6 +- net/ipv6/netfilter/nf_socket_ipv6.c | 6 +- net/netfilter/nf_tables_api.c | 67 ++-- sound/core/control_compat.c | 3 +- sound/pci/hda/hda_intel.c | 2 + sound/usb/mixer.c | 8 + tools/testing/selftests/seccomp/seccomp_bpf.c | 22 +- virt/kvm/arm/vgic/vgic-its.c | 19 +- virt/kvm/arm/vgic/vgic-v3.c | 4 +- 83 files changed, 1557 insertions(+), 312 deletions(-)

7 years, 7 months

4
97
0 0

[PATCH 4.9 00/87] 4.9.102-stable review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 4.9.102 release. There are 87 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Tue May 22 21:03:57 UTC 2018. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.9.102-rc… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.9.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 4.9.102-rc1 Konrad Rzeszutek Wilk <konrad.wilk(a)oracle.com> x86/bugs: Rename SSBD_NO to SSB_NO Tom Lendacky <thomas.lendacky(a)amd.com> KVM: SVM: Implement VIRT_SPEC_CTRL support for SSBD Thomas Gleixner <tglx(a)linutronix.de> x86/speculation, KVM: Implement support for VIRT_SPEC_CTRL/LS_CFG Thomas Gleixner <tglx(a)linutronix.de> x86/bugs: Rework spec_ctrl base and mask logic Thomas Gleixner <tglx(a)linutronix.de> x86/bugs: Remove x86_spec_ctrl_set() Thomas Gleixner <tglx(a)linutronix.de> x86/bugs: Expose x86_spec_ctrl_base directly Borislav Petkov <bp(a)suse.de> x86/bugs: Unify x86_spec_ctrl_{set_guest,restore_host} Thomas Gleixner <tglx(a)linutronix.de> x86/speculation: Rework speculative_store_bypass_update() Tom Lendacky <thomas.lendacky(a)amd.com> x86/speculation: Add virtualized speculative store bypass disable support Thomas Gleixner <tglx(a)linutronix.de> x86/bugs, KVM: Extend speculation control for VIRT_SPEC_CTRL Thomas Gleixner <tglx(a)linutronix.de> x86/speculation: Handle HT correctly on AMD Thomas Gleixner <tglx(a)linutronix.de> x86/cpufeatures: Add FEATURE_ZEN Borislav Petkov <bp(a)suse.de> x86/cpu/AMD: Fix erratum 1076 (CPB bit) Thomas Gleixner <tglx(a)linutronix.de> x86/cpufeatures: Disentangle SSBD enumeration Thomas Gleixner <tglx(a)linutronix.de> x86/cpufeatures: Disentangle MSR_SPEC_CTRL enumeration from IBRS Borislav Petkov <bp(a)suse.de> x86/speculation: Use synthetic bits for IBRS/IBPB/STIBP Thomas Gleixner <tglx(a)linutronix.de> KVM: SVM: Move spec control call after restore of GS Jim Mattson <jmattson(a)google.com> x86/cpu: Make alternative_msr_write work for 32-bit code Konrad Rzeszutek Wilk <konrad.wilk(a)oracle.com> x86/bugs: Fix the parameters alignment and missing void Jiri Kosina <jkosina(a)suse.cz> x86/bugs: Make cpu_show_common() static Jiri Kosina <jkosina(a)suse.cz> x86/bugs: Fix __ssb_select_mitigation() return type Borislav Petkov <bp(a)suse.de> Documentation/spec_ctrl: Do some minor cleanups Konrad Rzeszutek Wilk <konrad.wilk(a)oracle.com> proc: Use underscores for SSBD in 'status' Konrad Rzeszutek Wilk <konrad.wilk(a)oracle.com> x86/bugs: Rename _RDS to _SSBD Kees Cook <keescook(a)chromium.org> x86/speculation: Make "seccomp" the default mode for Speculative Store Bypass Thomas Gleixner <tglx(a)linutronix.de> seccomp: Move speculation migitation control to arch code Kees Cook <keescook(a)chromium.org> seccomp: Add filter flag to opt-out of SSB mitigation Thomas Gleixner <tglx(a)linutronix.de> seccomp: Use PR_SPEC_FORCE_DISABLE Thomas Gleixner <tglx(a)linutronix.de> prctl: Add force disable speculation Kees Cook <keescook(a)chromium.org> x86/bugs: Make boot modes __ro_after_init Kees Cook <keescook(a)chromium.org> seccomp: Enable speculation flaw mitigations Kees Cook <keescook(a)chromium.org> proc: Provide details on speculation flaw mitigations Kees Cook <keescook(a)chromium.org> nospec: Allow getting/setting on non-current task Thomas Gleixner <tglx(a)linutronix.de> x86/speculation: Add prctl for Speculative Store Bypass mitigation Thomas Gleixner <tglx(a)linutronix.de> x86/process: Allow runtime control of Speculative Store Bypass Thomas Gleixner <tglx(a)linutronix.de> x86/process: Optimize TIF_NOTSC switch Kyle Huey <me(a)kylehuey.com> x86/process: Correct and optimize TIF_BLOCKSTEP switch Kyle Huey <me(a)kylehuey.com> x86/process: Optimize TIF checks in __switch_to_xtra() Thomas Gleixner <tglx(a)linutronix.de> prctl: Add speculation control prctls Thomas Gleixner <tglx(a)linutronix.de> x86/speculation: Create spec-ctrl.h to avoid include hell Konrad Rzeszutek Wilk <konrad.wilk(a)oracle.com> x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest David Woodhouse <dwmw(a)amazon.co.uk> x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested Konrad Rzeszutek Wilk <konrad.wilk(a)oracle.com> x86/bugs: Whitelist allowed SPEC_CTRL MSR values Konrad Rzeszutek Wilk <konrad.wilk(a)oracle.com> x86/bugs/intel: Set proper CPU features and setup RDS Konrad Rzeszutek Wilk <konrad.wilk(a)oracle.com> x86/bugs: Provide boot parameters for the spec_store_bypass_disable mitigation Konrad Rzeszutek Wilk <konrad.wilk(a)oracle.com> x86/cpufeatures: Add X86_FEATURE_RDS Konrad Rzeszutek Wilk <konrad.wilk(a)oracle.com> x86/bugs: Expose /sys/../spec_store_bypass Konrad Rzeszutek Wilk <konrad.wilk(a)oracle.com> x86/bugs, KVM: Support the combination of guest and host IBRS Konrad Rzeszutek Wilk <konrad.wilk(a)oracle.com> x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits Konrad Rzeszutek Wilk <konrad.wilk(a)oracle.com> x86/bugs: Concentrate bug reporting into a separate function Konrad Rzeszutek Wilk <konrad.wilk(a)oracle.com> x86/bugs: Concentrate bug detection into a separate function Linus Torvalds <torvalds(a)linux-foundation.org> x86/nospec: Simplify alternative_msr_write() Liu Bo <bo.liu(a)linux.alibaba.com> btrfs: fix reading stale metadata blocks after degraded raid1 mounts David Woodhouse <dwmw(a)amazon.co.uk> x86/amd: don't set X86_BUG_SYSRET_SS_ATTRS when running under Xen Anand Jain <anand.jain(a)oracle.com> btrfs: fix crash when trying to resume balance without the resume flag Filipe Manana <fdmanana(a)suse.com> Btrfs: fix xattr loss after power failure Masami Hiramatsu <mhiramat(a)kernel.org> ARM: 8772/1: kprobes: Prohibit kprobes on get_user functions Masami Hiramatsu <mhiramat(a)kernel.org> ARM: 8770/1: kprobes: Prohibit probing on optimized_callback Masami Hiramatsu <mhiramat(a)kernel.org> ARM: 8769/1: kprobes: Fix to use get_kprobe_ctlblk after irq-disabed Dexuan Cui <decui(a)microsoft.com> tick/broadcast: Use for_each_cpu() specially on UP kernels Masami Hiramatsu <mhiramat(a)kernel.org> ARM: 8771/1: kprobes: Prohibit kprobes on do_undefinstr Ard Biesheuvel <ard.biesheuvel(a)linaro.org> efi: Avoid potential crashes, fix the 'struct efi_pci_io_protocol_32' definition for mixed mode Dave Hansen <dave.hansen(a)linux.intel.com> x86/pkeys: Do not special case protection key 0 Dave Hansen <dave.hansen(a)linux.intel.com> x86/pkeys: Override pkey when moving away from PROT_EXEC Martin Schwidefsky <schwidefsky(a)de.ibm.com> s390: remove indirect branch from do_softirq_own_stack Julian Wiedmann <jwi(a)linux.ibm.com> s390/qdio: don't release memory in qdio_setup_irq() Hendrik Brueckner <brueckner(a)linux.ibm.com> s390/cpum_sf: ensure sample frequency of perf event attributes is non-zero Julian Wiedmann <jwi(a)linux.ibm.com> s390/qdio: fix access to uninitialized qdio_q fields Pavel Tatashin <pasha.tatashin(a)oracle.com> mm: don't allow deferred pages with NEED_PER_CPU_KM Nicholas Piggin <npiggin(a)gmail.com> powerpc/powernv: Fix NVRAM sleep in invalid context when crashing Alexander Monakov <amonakov(a)ispras.ru> i2c: designware: fix poll-after-enable regression Florian Westphal <fw(a)strlen.de> netfilter: nf_tables: can't fail after linking rule into active rule list Steven Rostedt (VMware) <rostedt(a)goodmis.org> tracing/x86/xen: Remove zero data size trace events trace_xen_mmu_flush_tlb{_all} Waiman Long <Waiman.Long(a)hpe.com> signals: avoid unnecessary taking of sighand->siglock Benjamin Herrenschmidt <benh(a)kernel.crashing.org> powerpc: Don't preempt_disable() in show_cpuinfo() Andre Przywara <andre.przywara(a)arm.com> KVM: arm/arm64: VGIC/ITS: protect kvm_read_guest() calls with SRCU lock Kamal Dasu <kdasu.kdev(a)gmail.com> spi: bcm-qspi: Always read and set BSPI_MAST_N_BOOT_CTRL Kamal Dasu <kdasu.kdev(a)gmail.com> spi: bcm-qspi: Avoid setting MSPI_CDRAM_PCS for spi-nor master Andy Shevchenko <andriy.shevchenko(a)linux.intel.com> spi: pxa2xx: Allow 64-bit DMA Wenwen Wang <wang6495(a)umn.edu> ALSA: control: fix a redundant-copy issue Hans de Goede <hdegoede(a)redhat.com> ALSA: hda: Add Lenovo C50 All in one to the power_save blacklist Federico Cuello <fedux(a)fedux.com.ar> ALSA: usb: mixer: volume quirk for CM102-A+/102S+ Shuah Khan (Samsung OSG) <shuah(a)kernel.org> usbip: usbip_host: fix bad unlock balance during stub_probe() Shuah Khan (Samsung OSG) <shuah(a)kernel.org> usbip: usbip_host: fix NULL-ptr deref and use-after-free errors Shuah Khan (Samsung OSG) <shuah(a)kernel.org> usbip: usbip_host: run rebind from exit when module is removed Shuah Khan (Samsung OSG) <shuah(a)kernel.org> usbip: usbip_host: delete device from busid_table after rebind Shuah Khan <shuah(a)kernel.org> usbip: usbip_host: refine probe and disconnect debug msgs to be useful ------------- Diffstat: Documentation/ABI/testing/sysfs-devices-system-cpu | 1 + Documentation/kernel-parameters.txt | 45 +++ Documentation/spec_ctrl.txt | 94 +++++ Makefile | 4 +- arch/arm/include/asm/assembler.h | 10 + arch/arm/include/asm/kvm_mmu.h | 16 + arch/arm/kernel/traps.c | 5 +- arch/arm/lib/getuser.S | 10 + arch/arm/probes/kprobes/opt-arm.c | 4 +- arch/arm64/include/asm/kvm_mmu.h | 16 + arch/powerpc/kernel/setup-common.c | 11 - arch/powerpc/platforms/powernv/opal-nvram.c | 14 +- arch/s390/kernel/irq.c | 5 +- arch/s390/kernel/perf_cpum_sf.c | 4 + arch/x86/boot/compressed/eboot.c | 6 +- arch/x86/include/asm/cpufeatures.h | 20 +- arch/x86/include/asm/kvm_host.h | 2 +- arch/x86/include/asm/mmu_context.h | 2 +- arch/x86/include/asm/msr-index.h | 10 + arch/x86/include/asm/nospec-branch.h | 43 ++- arch/x86/include/asm/pkeys.h | 18 +- arch/x86/include/asm/spec-ctrl.h | 80 +++++ arch/x86/include/asm/thread_info.h | 6 +- arch/x86/include/asm/tlbflush.h | 10 + arch/x86/kernel/cpu/amd.c | 38 +- arch/x86/kernel/cpu/bugs.c | 397 ++++++++++++++++++++- arch/x86/kernel/cpu/common.c | 77 +++- arch/x86/kernel/cpu/cpu.h | 3 + arch/x86/kernel/cpu/intel.c | 3 + arch/x86/kernel/process.c | 224 +++++++++--- arch/x86/kernel/smpboot.c | 5 + arch/x86/kvm/cpuid.c | 21 +- arch/x86/kvm/cpuid.h | 17 +- arch/x86/kvm/svm.c | 64 ++-- arch/x86/kvm/vmx.c | 33 +- arch/x86/kvm/x86.c | 13 +- arch/x86/mm/pkeys.c | 21 +- arch/x86/xen/enlighten.c | 4 +- arch/x86/xen/mmu.c | 4 - drivers/base/cpu.c | 8 + drivers/i2c/busses/i2c-designware-core.c | 5 +- drivers/s390/cio/qdio_setup.c | 12 +- drivers/spi/spi-bcm-qspi.c | 28 +- drivers/spi/spi-pxa2xx.h | 2 +- drivers/usb/usbip/stub.h | 2 + drivers/usb/usbip/stub_dev.c | 43 ++- drivers/usb/usbip/stub_main.c | 105 +++++- fs/btrfs/ctree.c | 6 +- fs/btrfs/tree-log.c | 7 + fs/btrfs/volumes.c | 9 + fs/proc/array.c | 27 +- include/linux/cpu.h | 2 + include/linux/efi.h | 8 +- include/linux/nospec.h | 10 + include/linux/sched.h | 9 + include/linux/seccomp.h | 3 +- include/linux/signal.h | 17 + include/trace/events/xen.h | 16 - include/uapi/linux/prctl.h | 12 + include/uapi/linux/seccomp.h | 4 +- kernel/seccomp.c | 21 +- kernel/signal.c | 7 + kernel/sys.c | 23 ++ kernel/time/tick-broadcast.c | 8 + mm/Kconfig | 1 + net/netfilter/nf_tables_api.c | 59 +-- sound/core/control_compat.c | 3 +- sound/pci/hda/hda_intel.c | 2 + sound/usb/mixer.c | 8 + tools/testing/selftests/seccomp/seccomp_bpf.c | 78 +++- virt/kvm/arm/vgic/vgic-its.c | 15 +- 71 files changed, 1611 insertions(+), 309 deletions(-)

7 years, 7 months

4
88
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-stable-mirror