- Linux-stable-mirror - lists.linaro.org

[PATCH] KVM: VMX: fixes for vmentry_l1d_flush module parameter

by Paolo Bonzini

Two bug fixes: 1) missing entries in the l1d_param array; this can cause a host crash if an access attempts to reach the missing entry. Future-proof the get function against any overflows as well. However, the two entries VMENTER_L1D_FLUSH_EPT_DISABLED and VMENTER_L1D_FLUSH_NOT_REQUIRED must not be accepted by the parse function, so disable them there. 2) invalid values must be rejected even if the CPU does not have the bug, so test for them before checking boot_cpu_has(X86_BUG_L1TF) ... and a small refactoring, since the .cmd field is redundant with the index in the array. Reported-by: Bandan Das <bsd(a)redhat.com> Cc: stable(a)vger.kernel.org Fixes: a7b9020b06ec6d7c3f3b0d4ef1a9eba12654f4f7 Signed-off-by: Paolo Bonzini <pbonzini(a)redhat.com> --- arch/x86/kvm/vmx.c | 26 ++++++++++++++++---------- 1 file changed, 16 insertions(+), 10 deletions(-) diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c index c76ca8c4befa..8dae47e7267a 100644 --- a/arch/x86/kvm/vmx.c +++ b/arch/x86/kvm/vmx.c @@ -198,12 +198,14 @@ static const struct { const char *option; - enum vmx_l1d_flush_state cmd; + bool for_parse; } vmentry_l1d_param[] = { - {"auto", VMENTER_L1D_FLUSH_AUTO}, - {"never", VMENTER_L1D_FLUSH_NEVER}, - {"cond", VMENTER_L1D_FLUSH_COND}, - {"always", VMENTER_L1D_FLUSH_ALWAYS}, + [VMENTER_L1D_FLUSH_AUTO] = {"auto", true}, + [VMENTER_L1D_FLUSH_NEVER] = {"never", true}, + [VMENTER_L1D_FLUSH_COND] = {"cond", true}, + [VMENTER_L1D_FLUSH_ALWAYS] = {"always", true}, + [VMENTER_L1D_FLUSH_EPT_DISABLED] = {"EPT disabled", false}, + [VMENTER_L1D_FLUSH_NOT_REQUIRED] = {"not required", false}, }; #define L1D_CACHE_ORDER 4 @@ -287,8 +289,9 @@ static int vmentry_l1d_flush_parse(const char *s) if (s) { for (i = 0; i < ARRAY_SIZE(vmentry_l1d_param); i++) { - if (sysfs_streq(s, vmentry_l1d_param[i].option)) - return vmentry_l1d_param[i].cmd; + if (vmentry_l1d_param[i].for_parse && + sysfs_streq(s, vmentry_l1d_param[i].option)) + return i; } } return -EINVAL; @@ -298,13 +301,13 @@ static int vmentry_l1d_flush_set(const char *s, const struct kernel_param *kp) { int l1tf, ret; - if (!boot_cpu_has(X86_BUG_L1TF)) - return 0; - l1tf = vmentry_l1d_flush_parse(s); if (l1tf < 0) return l1tf; + if (!boot_cpu_has(X86_BUG_L1TF)) + return 0; + /* * Has vmx_init() run already? If not then this is the pre init * parameter parsing. In that case just store the value and let @@ -324,6 +327,9 @@ static int vmentry_l1d_flush_set(const char *s, const struct kernel_param *kp) static int vmentry_l1d_flush_get(char *s, const struct kernel_param *kp) { + if (WARN_ON_ONCE(l1tf_vmx_mitigation >= ARRAY_SIZE(vmentry_l1d_param))) + return sprintf(s, "???\n"); + return sprintf(s, "%s\n", vmentry_l1d_param[l1tf_vmx_mitigation].option); } -- 1.8.3.1

6 years, 11 months

3
3
0 0

Build failures in -stable queues

by Guenter Roeck

v4.4.y, v4.9.y: Building mips:cavium_octeon_defconfig ... failed -------------- Error log: /opt/buildbot/slave/stable-queue-4.4/build/drivers/net/ethernet/octeon/octeon_mgmt.c: In function 'octeon_mgmt_change_mtu': /opt/buildbot/slave/stable-queue-4.4/build/drivers/net/ethernet/octeon/octeon_mgmt.c:652:6: error: 'size_without_fcs' undeclared v4.9.y, v4.14.y: Building i386:tools/perf ... failed Building x86_64:tools/perf ... failed -------------- Error log: PERF_VERSION = 4.9.123.g5175d5 tests/parse-events.c: In function ‘test_event’: tests/parse-events.c:1681:3: error: implicit declaration of function ‘parse_events_print_error’ [-Werror=implicit-function-declaration] parse_events_print_error(&err, e->name); ^ tests/parse-events.c:1681:3: error: nested extern declaration of ‘parse_events_print_error’ This is just a snapshot; builds are still ongoing. I'll send another e-mail later if more errors are reported after the build is complete. Guenter

6 years, 11 months

3
6
0 0

[PATCH] bcache: release dc->writeback_lock properly in bch_writeback_thread()

by Coly Li

From: Shan Hai <shan.hai(a)oracle.com> The writeback thread would exit with a lock held when the cache device is detached via sysfs interface, fix it by releasing the held lock before exiting the while-loop. Signed-off-by: Shan Hai <shan.hai(a)oracle.com> Signed-off-by: Coly Li <colyli(a)suse.de> Tested-by: Shenghui Wang <shhuiw(a)foxmail.com> Cc: stable(a)vger.kernel.org #4.17+ --- drivers/md/bcache/writeback.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/drivers/md/bcache/writeback.c b/drivers/md/bcache/writeback.c index 6be05bd7ca67..08c3a9f9676c 100644 --- a/drivers/md/bcache/writeback.c +++ b/drivers/md/bcache/writeback.c @@ -685,8 +685,10 @@ static int bch_writeback_thread(void *arg) * data on cache. BCACHE_DEV_DETACHING flag is set in * bch_cached_dev_detach(). */ - if (test_bit(BCACHE_DEV_DETACHING, &dc->disk.flags)) + if (test_bit(BCACHE_DEV_DETACHING, &dc->disk.flags)) { + up_write(&dc->writeback_lock); break; + } } up_write(&dc->writeback_lock); -- 2.18.0

6 years, 11 months

1
0
0 0

[PATCH 2/2] fs/quota: Fix spectre gadget in do_quotactl

by Jeremy Cline

'type' is user-controlled, so sanitize it after the bounds check to avoid using it in speculative execution. This covers the following potential gadgets detected with the help of smatch: * fs/ext4/super.c:5741 ext4_quota_read() warn: potential spectre issue 'sb_dqopt(sb)->files' [r] * fs/ext4/super.c:5778 ext4_quota_write() warn: potential spectre issue 'sb_dqopt(sb)->files' [r] * fs/f2fs/super.c:1552 f2fs_quota_read() warn: potential spectre issue 'sb_dqopt(sb)->files' [r] * fs/f2fs/super.c:1608 f2fs_quota_write() warn: potential spectre issue 'sb_dqopt(sb)->files' [r] * fs/quota/dquot.c:412 mark_info_dirty() warn: potential spectre issue 'sb_dqopt(sb)->info' [w] * fs/quota/dquot.c:933 dqinit_needed() warn: potential spectre issue 'dquots' [r] * fs/quota/dquot.c:2112 dquot_commit_info() warn: potential spectre issue 'dqopt->ops' [r] * fs/quota/dquot.c:2362 vfs_load_quota_inode() warn: potential spectre issue 'dqopt->files' [w] (local cap) * fs/quota/dquot.c:2369 vfs_load_quota_inode() warn: potential spectre issue 'dqopt->ops' [w] (local cap) * fs/quota/dquot.c:2370 vfs_load_quota_inode() warn: potential spectre issue 'dqopt->info' [w] (local cap) * fs/quota/quota.c:110 quota_getfmt() warn: potential spectre issue 'sb_dqopt(sb)->info' [r] * fs/quota/quota_v2.c:84 v2_check_quota_file() warn: potential spectre issue 'quota_magics' [w] * fs/quota/quota_v2.c:85 v2_check_quota_file() warn: potential spectre issue 'quota_versions' [w] * fs/quota/quota_v2.c:96 v2_read_file_info() warn: potential spectre issue 'dqopt->info' [r] * fs/quota/quota_v2.c:172 v2_write_file_info() warn: potential spectre issue 'dqopt->info' [r] Additionally, a quick inspection indicates there are array accesses with 'type' in quota_on() and quota_off() functions which are also addressed by this. Cc: Josh Poimboeuf <jpoimboe(a)redhat.com> Cc: stable(a)vger.kernel.org Signed-off-by: Jeremy Cline <jcline(a)redhat.com> --- This patch isn't going to cleanly apply to stable without the "fs/quota: Replace XQM_MAXQUOTAS usage with MAXQUOTAS" patch, but I'm not sure that patch is really stable material and XQM_MAXQUOTAS has been 3 since pre-v4.4 so the end result will be the same even if that patch isn't backported. fs/quota/quota.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/fs/quota/quota.c b/fs/quota/quota.c index d403392d8a0f..f0cbf58ad4da 100644 --- a/fs/quota/quota.c +++ b/fs/quota/quota.c @@ -18,6 +18,7 @@ #include <linux/quotaops.h> #include <linux/types.h> #include <linux/writeback.h> +#include <linux/nospec.h> static int check_quotactl_permission(struct super_block *sb, int type, int cmd, qid_t id) @@ -701,6 +702,7 @@ static int do_quotactl(struct super_block *sb, int type, int cmd, qid_t id, if (type >= MAXQUOTAS) return -EINVAL; + type = array_index_nospec(type, MAXQUOTAS); /* * Quota not supported on this fs? Check this before s_quota_types * since they needn't be set if quota is not supported at all. -- 2.17.1

6 years, 11 months

2
1
0 0

[PATCH 3/9] drm/msm: fix OF child-node lookup

by Johan Hovold

Use the new of_get_compatible_child() helper to lookup the legacy pwrlevels child node instead of using of_find_compatible_node(), which searches the entire tree and thus can return an unrelated (i.e. non-child) node. This also addresses a potential use-after-free (e.g. after probe deferral) as the tree-wide helper drops a reference to its first argument (i.e. the probed device's node). While at it, also fix the related child-node reference leak. Fixes: e2af8b6b0ca1 ("drm/msm: gpu: Use OPP tables if we can") Cc: stable <stable(a)vger.kernel.org> # 4.12 Cc: Jordan Crouse <jcrouse(a)codeaurora.org> Cc: Rob Clark <robdclark(a)gmail.com> Cc: David Airlie <airlied(a)linux.ie> Signed-off-by: Johan Hovold <johan(a)kernel.org> --- drivers/gpu/drm/msm/adreno/adreno_gpu.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/drivers/gpu/drm/msm/adreno/adreno_gpu.c b/drivers/gpu/drm/msm/adreno/adreno_gpu.c index da1363a0c54d..93d70f4a2154 100644 --- a/drivers/gpu/drm/msm/adreno/adreno_gpu.c +++ b/drivers/gpu/drm/msm/adreno/adreno_gpu.c @@ -633,8 +633,7 @@ static int adreno_get_legacy_pwrlevels(struct device *dev) struct device_node *child, *node; int ret; - node = of_find_compatible_node(dev->of_node, NULL, - "qcom,gpu-pwrlevels"); + node = of_get_compatible_child(dev->of_node, "qcom,gpu-pwrlevels"); if (!node) { dev_err(dev, "Could not find the GPU powerlevels\n"); return -ENXIO; @@ -655,6 +654,8 @@ static int adreno_get_legacy_pwrlevels(struct device *dev) dev_pm_opp_add(dev, val, 0); } + of_node_put(node); + return 0; } -- 2.18.0

6 years, 11 months

2
1
0 0

FAILED: patch "[PATCH] parisc: Remove unnecessary barriers from spinlock.h" failed to apply to 4.14-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.14-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 3b885ac1dc35b87a39ee176a6c7e2af9c789d8b8 Mon Sep 17 00:00:00 2001 From: John David Anglin <dave.anglin(a)bell.net> Date: Sun, 12 Aug 2018 16:31:17 -0400 Subject: [PATCH] parisc: Remove unnecessary barriers from spinlock.h MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Now that mb() is an instruction barrier, it will slow performance if we issue unnecessary barriers. The spinlock defines have a number of unnecessary barriers. The __ldcw() define is both a hardware and compiler barrier. The mb() barriers in the routines using __ldcw() serve no purpose. The only barrier needed is the one in arch_spin_unlock(). We need to ensure all accesses are complete prior to releasing the lock. Signed-off-by: John David Anglin <dave.anglin(a)bell.net> Cc: stable(a)vger.kernel.org # 4.0+ Signed-off-by: Helge Deller <deller(a)gmx.de> diff --git a/arch/parisc/include/asm/spinlock.h b/arch/parisc/include/asm/spinlock.h index 6f84b6acc86e..8a63515f03bf 100644 --- a/arch/parisc/include/asm/spinlock.h +++ b/arch/parisc/include/asm/spinlock.h @@ -20,7 +20,6 @@ static inline void arch_spin_lock_flags(arch_spinlock_t *x, { volatile unsigned int *a; - mb(); a = __ldcw_align(x); while (__ldcw(a) == 0) while (*a == 0) @@ -30,17 +29,16 @@ static inline void arch_spin_lock_flags(arch_spinlock_t *x, local_irq_disable(); } else cpu_relax(); - mb(); } #define arch_spin_lock_flags arch_spin_lock_flags static inline void arch_spin_unlock(arch_spinlock_t *x) { volatile unsigned int *a; - mb(); + a = __ldcw_align(x); - *a = 1; mb(); + *a = 1; } static inline int arch_spin_trylock(arch_spinlock_t *x) @@ -48,10 +46,8 @@ static inline int arch_spin_trylock(arch_spinlock_t *x) volatile unsigned int *a; int ret; - mb(); a = __ldcw_align(x); ret = __ldcw(a) != 0; - mb(); return ret; }

6 years, 11 months

3
2
0 0

request for 4.4-stable: 08474cc1e6ea7 ("bridge: Propagate vlan add failure to user")

by SZ Lin (林上智)

Hi Greg, This patch is not marked for 4.4-stable, but it's already in 4.9 and 4.14 stable. Please apply to 4.4-stable. This patch fixed the kernel oops issue when executing bridge tool, please see reproducible steps with kernel 4.4 in below. # brctl addbr br0 # brctl addif br0 eth0 [ 1073.390028] device eth0 entered promiscuous mode [ 1073.395022] cpsw 4a100000.ethernet eth0: failed to initialize vlan filtering on this port # brctl addif br0 eth1 [ 1092.205685] net eth1: promiscuity not disabled as the other interface is still in promiscuity mode [ 1092.217541] device eth1 entered promiscuous mode [ 1092.222460] cpsw 4a100000.ethernet eth1: failed to initialize vlan filtering on this port # ifconfig br0 192.168.127.253 netmask 255.255.254.0 [ 1112.412740] br0: port 1(eth0) entered forwarding state [ 1112.417975] br0: port 1(eth0) entered forwarding state # brctl delif br0 eth0 [ 1137.645792] device eth0 left promiscuous mode [ 1137.650429] net eth0: promiscuity not disabled as the other interface is still in promiscuity mode [ 1137.663592] br0: port 1(eth0) entered disabled state [ 1137.668815] Unable to handle kernel NULL pointer dereference at virtual address 0000007a [ 1137.677026] pgd = dc58c000 [ 1137.679745] [0000007a] *pgd=00000000 [ 1137.683377] Internal error: Oops: 805 [#1] SMP ARM [ 1137.688189] Modules linked in: cryptodev omap_sham omap_aes omap_wdt sunrpc ip_tables x_tables autofs4 [ 1137.697598] CPU: 0 PID: 851 Comm: brctl Not tainted 4.4.0-cip-uc8100+ #1 [ 1137.704325] Hardware name: Generic AM33XX (Flattened Device Tree) [ 1137.710442] task: de580dc0 ti: dc574000 task.ti: dc574000 [ 1137.715883] PC is at __vlan_flush+0x18/0x54 [ 1137.720084] LR is at nbp_vlan_flush+0x28/0x60 [ 1137.724457] pc : [<c051ab3c>] lr : [<c051c2f4>] psr: 20080013 [ 1137.724457] sp : dc575dc8 ip : dc575de0 fp : dc575ddc [ 1137.735981] r10: 00000000 r9 : 00000000 r8 : 00000000 [ 1137.741226] r7 : dc5236d4 r6 : de239800 r5 : 00000000 r4 : 00000000 [ 1137.747779] r3 : 00000000 r2 : dc49e4c4 r1 : 00000200 r0 : 00000000 [ 1137.754333] Flags: nzCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none [ 1137.761497] Control: 10c5387d Table: 9c58c019 DAC: 00000051 [ 1137.767264] Process brctl (pid: 851, stack limit = 0xdc574218) [ 1137.773119] Stack: (0xdc575dc8 to 0xdc576000) [ 1137.777496] 5dc0: 00000000 dc523600 dc575df4 dc575de0 c051c2f4 c051ab30 [ 1137.785711] 5de0: dc523600 dc49e4c0 dc575e14 dc575df8 c050e450 c051c2d8 dc49e4c0 dc49e4c0 [ 1137.793925] 5e00: 00000002 00000000 dc575e2c dc575e18 c050ebd8 c050e3d0 c0748380 dc49e4c0 [ 1137.802139] 5e20: dc575e4c dc575e30 c050f69c c050ebac dc575ea8 dc49e000 dc575ea8 c0596714 [ 1137.810353] 5e40: dc575e64 dc575e50 c05100f4 c050f650 000089a3 dc49e000 dc575e9c dc575e68 [ 1137.818567] 5e60: c04293d0 c05100a0 c0409b84 c0265738 dc575ea8 c0748380 000089a3 000089a3 [ 1137.826781] 5e80: c0748380 bee56bf4 dc575ea8 00000000 dc575ef4 dc575ea0 c0429828 c0429118 [ 1137.834995] 5ea0: 00000001 d543b3b8 00307262 00000000 00000000 00000000 00000002 00000003 [ 1137.843210] 5ec0: 7f5b0e34 bee56ebf c0147120 000089a3 fffffdfd bee56bf4 c0748380 bee56bf4 [ 1137.851424] 5ee0: 00000003 00000000 dc575f14 dc575ef8 c03f3230 c0429494 bee56bf4 ddb840a0 [ 1137.859638] 5f00: dc4ca340 00000003 dc575f7c dc575f18 c0142c08 c03f30b0 dc575f5c dc575f28 [ 1137.867852] 5f20: c0131f08 c01509ac 00000020 00000000 dc575f54 de581244 00000000 c0754108 [ 1137.876067] 5f40: de580dc0 c000fa64 dc574000 00000000 dc575f6c 00000000 dc4ca340 dc4ca340 [ 1137.884281] 5f60: 000089a3 bee56bf4 00000003 00000000 dc575fa4 dc575f80 c0142e98 c0142724 [ 1137.892495] 5f80: 7f5b10f0 b6f7ace8 00000002 00000036 c000fa64 dc574000 00000000 dc575fa8 [ 1137.900708] 5fa0: c000f8a0 c0142e30 7f5b10f0 b6f7ace8 00000003 000089a3 bee56bf4 000000cc [ 1137.908922] 5fc0: 7f5b10f0 b6f7ace8 00000002 00000036 bee56bf4 00000000 7f5b1000 00000000 [ 1137.917136] 5fe0: b6ef4711 bee56bdc 7f59f1ff b6ef4716 00080030 00000003 00000000 00000000 [ 1137.925343] Backtrace: [ 1137.927810] [<c051ab24>] (__vlan_flush) from [<c051c2f4>] (nbp_vlan_flush+0x28/0x60) [ 1137.935582] r5:dc523600 r4:00000000 [ 1137.939194] [<c051c2cc>] (nbp_vlan_flush) from [<c050e450>] (del_nbp+0x8c/0x110) [ 1137.946618] r5:dc49e4c0 r4:dc523600 [ 1137.950224] [<c050e3c4>] (del_nbp) from [<c050ebd8>] (br_del_if+0x38/0x9c) [ 1137.957125] r7:00000000 r6:00000002 r5:dc49e4c0 r4:dc49e4c0 [ 1137.962833] [<c050eba0>] (br_del_if) from [<c050f69c>] (add_del_if+0x58/0x74) [ 1137.969995] r5:dc49e4c0 r4:c0748380 [ 1137.973600] [<c050f644>] (add_del_if) from [<c05100f4>] (br_dev_ioctl+0x60/0x64) [ 1137.981023] r7:c0596714 r6:dc575ea8 r5:dc49e000 r4:dc575ea8 [ 1137.986731] [<c0510094>] (br_dev_ioctl) from [<c04293d0>] (dev_ifsioc+0x2c4/0x308) [ 1137.994330] r5:dc49e000 r4:000089a3 [ 1137.997930] [<c042910c>] (dev_ifsioc) from [<c0429828>] (dev_ioctl+0x3a0/0x8bc) [ 1138.005266] r8:00000000 r7:dc575ea8 r6:bee56bf4 r5:c0748380 r4:000089a3 [ 1138.012032] [<c0429488>] (dev_ioctl) from [<c03f3230>] (sock_ioctl+0x18c/0x2dc) [ 1138.019368] r10:00000000 r9:00000003 r8:bee56bf4 r7:c0748380 r6:bee56bf4 r5:fffffdfd [ 1138.027260] r4:000089a3 [ 1138.029817] [<c03f30a4>] (sock_ioctl) from [<c0142c08>] (do_vfs_ioctl+0x4f0/0x70c) [ 1138.037416] r7:00000003 r6:dc4ca340 r5:ddb840a0 r4:bee56bf4 [ 1138.043124] [<c0142718>] (do_vfs_ioctl) from [<c0142e98>] (SyS_ioctl+0x74/0x84) [ 1138.050460] r10:00000000 r9:00000003 r8:bee56bf4 r7:000089a3 r6:dc4ca340 r5:dc4ca340 [ 1138.058347] r4:00000000 [ 1138.060907] [<c0142e24>] (SyS_ioctl) from [<c000f8a0>] (ret_fast_syscall+0x0/0x44) [ 1138.068505] r9:dc574000 r8:c000fa64 r7:00000036 r6:00000002 r5:b6f7ace8 r4:7f5b10f0 [ 1138.076311] Code: e24cb004 f57ff05a e1a05000 e3a03000 (e1c037ba) [ 1138.082666] ---[ end trace d055796b6cd31311 ]--- Segmentation fault -- SZ Lin (林上智)

6 years, 11 months

2
1
0 0

FAILED: patch "[PATCH] parisc: Remove unnecessary barriers from spinlock.h" failed to apply to 4.4-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.4-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 3b885ac1dc35b87a39ee176a6c7e2af9c789d8b8 Mon Sep 17 00:00:00 2001 From: John David Anglin <dave.anglin(a)bell.net> Date: Sun, 12 Aug 2018 16:31:17 -0400 Subject: [PATCH] parisc: Remove unnecessary barriers from spinlock.h MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Now that mb() is an instruction barrier, it will slow performance if we issue unnecessary barriers. The spinlock defines have a number of unnecessary barriers. The __ldcw() define is both a hardware and compiler barrier. The mb() barriers in the routines using __ldcw() serve no purpose. The only barrier needed is the one in arch_spin_unlock(). We need to ensure all accesses are complete prior to releasing the lock. Signed-off-by: John David Anglin <dave.anglin(a)bell.net> Cc: stable(a)vger.kernel.org # 4.0+ Signed-off-by: Helge Deller <deller(a)gmx.de> diff --git a/arch/parisc/include/asm/spinlock.h b/arch/parisc/include/asm/spinlock.h index 6f84b6acc86e..8a63515f03bf 100644 --- a/arch/parisc/include/asm/spinlock.h +++ b/arch/parisc/include/asm/spinlock.h @@ -20,7 +20,6 @@ static inline void arch_spin_lock_flags(arch_spinlock_t *x, { volatile unsigned int *a; - mb(); a = __ldcw_align(x); while (__ldcw(a) == 0) while (*a == 0) @@ -30,17 +29,16 @@ static inline void arch_spin_lock_flags(arch_spinlock_t *x, local_irq_disable(); } else cpu_relax(); - mb(); } #define arch_spin_lock_flags arch_spin_lock_flags static inline void arch_spin_unlock(arch_spinlock_t *x) { volatile unsigned int *a; - mb(); + a = __ldcw_align(x); - *a = 1; mb(); + *a = 1; } static inline int arch_spin_trylock(arch_spinlock_t *x) @@ -48,10 +46,8 @@ static inline int arch_spin_trylock(arch_spinlock_t *x) volatile unsigned int *a; int ret; - mb(); a = __ldcw_align(x); ret = __ldcw(a) != 0; - mb(); return ret; }

6 years, 11 months

1
0
0 0

FAILED: patch "[PATCH] parisc: Remove unnecessary barriers from spinlock.h" failed to apply to 4.9-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.9-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 3b885ac1dc35b87a39ee176a6c7e2af9c789d8b8 Mon Sep 17 00:00:00 2001 From: John David Anglin <dave.anglin(a)bell.net> Date: Sun, 12 Aug 2018 16:31:17 -0400 Subject: [PATCH] parisc: Remove unnecessary barriers from spinlock.h MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Now that mb() is an instruction barrier, it will slow performance if we issue unnecessary barriers. The spinlock defines have a number of unnecessary barriers. The __ldcw() define is both a hardware and compiler barrier. The mb() barriers in the routines using __ldcw() serve no purpose. The only barrier needed is the one in arch_spin_unlock(). We need to ensure all accesses are complete prior to releasing the lock. Signed-off-by: John David Anglin <dave.anglin(a)bell.net> Cc: stable(a)vger.kernel.org # 4.0+ Signed-off-by: Helge Deller <deller(a)gmx.de> diff --git a/arch/parisc/include/asm/spinlock.h b/arch/parisc/include/asm/spinlock.h index 6f84b6acc86e..8a63515f03bf 100644 --- a/arch/parisc/include/asm/spinlock.h +++ b/arch/parisc/include/asm/spinlock.h @@ -20,7 +20,6 @@ static inline void arch_spin_lock_flags(arch_spinlock_t *x, { volatile unsigned int *a; - mb(); a = __ldcw_align(x); while (__ldcw(a) == 0) while (*a == 0) @@ -30,17 +29,16 @@ static inline void arch_spin_lock_flags(arch_spinlock_t *x, local_irq_disable(); } else cpu_relax(); - mb(); } #define arch_spin_lock_flags arch_spin_lock_flags static inline void arch_spin_unlock(arch_spinlock_t *x) { volatile unsigned int *a; - mb(); + a = __ldcw_align(x); - *a = 1; mb(); + *a = 1; } static inline int arch_spin_trylock(arch_spinlock_t *x) @@ -48,10 +46,8 @@ static inline int arch_spin_trylock(arch_spinlock_t *x) volatile unsigned int *a; int ret; - mb(); a = __ldcw_align(x); ret = __ldcw(a) != 0; - mb(); return ret; }

6 years, 11 months

1
0
0 0

[PATCH 8/9] NFC: nfcmrvl_uart: fix OF child-node lookup

by Johan Hovold

Use the new of_get_compatible_child() helper to lookup the nfc child node instead of using of_find_compatible_node(), which searches the entire tree and thus can return an unrelated (i.e. non-child) node. This also addresses a potential use-after-free (e.g. after probe deferral) as the tree-wide helper drops a reference to its first argument (i.e. the parent node). Fixes: e097dc624f78 ("NFC: nfcmrvl: add UART driver") Fixes: d8e018c0b321 ("NFC: nfcmrvl: update device tree bindings for Marvell NFC") Cc: stable <stable(a)vger.kernel.org> # 4.2 Cc: Vincent Cuissard <cuissard(a)marvell.com> Cc: Samuel Ortiz <sameo(a)linux.intel.com> Signed-off-by: Johan Hovold <johan(a)kernel.org> --- drivers/nfc/nfcmrvl/uart.c | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/drivers/nfc/nfcmrvl/uart.c b/drivers/nfc/nfcmrvl/uart.c index 91162f8e0366..9a22056e8d9e 100644 --- a/drivers/nfc/nfcmrvl/uart.c +++ b/drivers/nfc/nfcmrvl/uart.c @@ -73,10 +73,9 @@ static int nfcmrvl_uart_parse_dt(struct device_node *node, struct device_node *matched_node; int ret; - matched_node = of_find_compatible_node(node, NULL, "marvell,nfc-uart"); + matched_node = of_get_compatible_child(node, "marvell,nfc-uart"); if (!matched_node) { - matched_node = of_find_compatible_node(node, NULL, - "mrvl,nfc-uart"); + matched_node = of_get_compatible_child(node, "mrvl,nfc-uart"); if (!matched_node) return -ENODEV; } -- 2.18.0

6 years, 11 months

1
0
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-stable-mirror