- Linux-stable-mirror - lists.linaro.org

[PATCH AUTOSEL 6.12 01/12] wifi: mac80211: always initialize sdata::key_list

by Sasha Levin

From: Miri Korenblit <miriam.rachel.korenblit(a)intel.com> [ Upstream commit d7a54d02db41f72f0581a3c77c75b0993ed3f6e2 ] This is currently not initialized for a virtual monitor, leading to a NULL pointer dereference when - for example - iterating over all the keys of all the vifs. Reviewed-by: Johannes Berg <johannes.berg(a)intel.com> Signed-off-by: Miri Korenblit <miriam.rachel.korenblit(a)intel.com> Link: https://patch.msgid.link/20250709233400.8dcefe578497.I4c90a00ae3256520e0631… Signed-off-by: Johannes Berg <johannes.berg(a)intel.com> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- LLM Generated explanations, may be completely bogus: Based on my analysis of the commit and the code changes, here is my assessment: **YES** This commit should be backported to stable kernel trees for the following reasons: 1. **Critical NULL Pointer Dereference Fix**: The commit fixes a NULL pointer dereference that occurs when iterating over the key_list of virtual monitor interfaces. This is a crash-inducing bug that affects system stability. 2. **Clear Bug with Simple Fix**: The issue is straightforward - the `key_list` was not initialized for virtual monitor interfaces created via `ieee80211_add_virtual_monitor()`. The fix is minimal and contained - it simply moves the `INIT_LIST_HEAD(&sdata->key_list)` initialization from `ieee80211_if_add()` into `ieee80211_sdata_init()`, ensuring all sdata structures have their key_list properly initialized. 3. **Real-World Impact**: The bug can be triggered when any code iterates over all interfaces and their keys. Looking at the code, functions like `ieee80211_iter_keys()` and `ieee80211_iter_keys_rcu()` iterate through all interfaces when called without a specific vif parameter: ```c list_for_each_entry(sdata, &local->interfaces, list) list_for_each_entry_safe(key, tmp, &sdata->key_list, list) ``` This would cause a NULL pointer dereference when it encounters a virtual monitor interface. 4. **Minimal Risk**: The change is extremely low risk - it only adds initialization of a list head that should have been initialized all along. There are no architectural changes or feature additions. 5. **Follows Stable Rules**: This perfectly fits the stable kernel criteria: - Fixes a real bug (NULL pointer dereference/crash) - Small and contained change (2 lines moved) - Obviously correct fix - No new features or behaviors introduced The commit is similar in nature to commit #5 in the reference list which was marked as suitable for backporting - both fix NULL pointer dereferences in the wifi/mac80211 subsystem with minimal, targeted changes. net/mac80211/iface.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/net/mac80211/iface.c b/net/mac80211/iface.c index 209d6ffa8e426..adfdc14bd91ac 100644 --- a/net/mac80211/iface.c +++ b/net/mac80211/iface.c @@ -1121,6 +1121,8 @@ static void ieee80211_sdata_init(struct ieee80211_local *local, { sdata->local = local; + INIT_LIST_HEAD(&sdata->key_list); + /* * Initialize the default link, so we can use link_id 0 for non-MLD, * and that continues to work for non-MLD-aware drivers that use just @@ -2162,8 +2164,6 @@ int ieee80211_if_add(struct ieee80211_local *local, const char *name, ieee80211_init_frag_cache(&sdata->frags); - INIT_LIST_HEAD(&sdata->key_list); - wiphy_delayed_work_init(&sdata->dec_tailroom_needed_wk, ieee80211_delayed_tailroom_dec); -- 2.39.5

3 months, 3 weeks

1
11
0 0

[PATCH AUTOSEL 6.15 01/15] wifi: mac80211: always initialize sdata::key_list

by Sasha Levin

From: Miri Korenblit <miriam.rachel.korenblit(a)intel.com> [ Upstream commit d7a54d02db41f72f0581a3c77c75b0993ed3f6e2 ] This is currently not initialized for a virtual monitor, leading to a NULL pointer dereference when - for example - iterating over all the keys of all the vifs. Reviewed-by: Johannes Berg <johannes.berg(a)intel.com> Signed-off-by: Miri Korenblit <miriam.rachel.korenblit(a)intel.com> Link: https://patch.msgid.link/20250709233400.8dcefe578497.I4c90a00ae3256520e0631… Signed-off-by: Johannes Berg <johannes.berg(a)intel.com> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- LLM Generated explanations, may be completely bogus: Based on my analysis of the commit and the code changes, here is my assessment: **YES** This commit should be backported to stable kernel trees for the following reasons: 1. **Critical NULL Pointer Dereference Fix**: The commit fixes a NULL pointer dereference that occurs when iterating over the key_list of virtual monitor interfaces. This is a crash-inducing bug that affects system stability. 2. **Clear Bug with Simple Fix**: The issue is straightforward - the `key_list` was not initialized for virtual monitor interfaces created via `ieee80211_add_virtual_monitor()`. The fix is minimal and contained - it simply moves the `INIT_LIST_HEAD(&sdata->key_list)` initialization from `ieee80211_if_add()` into `ieee80211_sdata_init()`, ensuring all sdata structures have their key_list properly initialized. 3. **Real-World Impact**: The bug can be triggered when any code iterates over all interfaces and their keys. Looking at the code, functions like `ieee80211_iter_keys()` and `ieee80211_iter_keys_rcu()` iterate through all interfaces when called without a specific vif parameter: ```c list_for_each_entry(sdata, &local->interfaces, list) list_for_each_entry_safe(key, tmp, &sdata->key_list, list) ``` This would cause a NULL pointer dereference when it encounters a virtual monitor interface. 4. **Minimal Risk**: The change is extremely low risk - it only adds initialization of a list head that should have been initialized all along. There are no architectural changes or feature additions. 5. **Follows Stable Rules**: This perfectly fits the stable kernel criteria: - Fixes a real bug (NULL pointer dereference/crash) - Small and contained change (2 lines moved) - Obviously correct fix - No new features or behaviors introduced The commit is similar in nature to commit #5 in the reference list which was marked as suitable for backporting - both fix NULL pointer dereferences in the wifi/mac80211 subsystem with minimal, targeted changes. net/mac80211/iface.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/net/mac80211/iface.c b/net/mac80211/iface.c index 7d93e5aa595b2..0485a78eda366 100644 --- a/net/mac80211/iface.c +++ b/net/mac80211/iface.c @@ -1117,6 +1117,8 @@ static void ieee80211_sdata_init(struct ieee80211_local *local, { sdata->local = local; + INIT_LIST_HEAD(&sdata->key_list); + /* * Initialize the default link, so we can use link_id 0 for non-MLD, * and that continues to work for non-MLD-aware drivers that use just @@ -2177,8 +2179,6 @@ int ieee80211_if_add(struct ieee80211_local *local, const char *name, ieee80211_init_frag_cache(&sdata->frags); - INIT_LIST_HEAD(&sdata->key_list); - wiphy_delayed_work_init(&sdata->dec_tailroom_needed_wk, ieee80211_delayed_tailroom_dec); -- 2.39.5

3 months, 3 weeks

1
14
0 0

[PATCH] HID: multitouch: fix slab out-of-bounds access in mt_report_fixup()

by Qasim Ijaz

A malicious HID device can trigger a slab out-of-bounds during mt_report_fixup() by passing in report descriptor smaller than 607 bytes. mt_report_fixup() attempts to patch byte offset 607 of the descriptor with 0x25 by first checking if byte offset 607 is 0x15 however it lacks bounds checks to verify if the descriptor is big enough before conducting this check. Fix this vulnerability by ensuring the descriptor size is greater than or equal to 608 before accessing it. Below is the KASAN splat after the out of bounds access happens: [ 13.671954] ================================================================== [ 13.672667] BUG: KASAN: slab-out-of-bounds in mt_report_fixup+0x103/0x110 [ 13.673297] Read of size 1 at addr ffff888103df39df by task kworker/0:1/10 [ 13.673297] [ 13.673297] CPU: 0 UID: 0 PID: 10 Comm: kworker/0:1 Not tainted 6.15.0-00005-gec5d573d83f4-dirty #3 [ 13.673297] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.2-debian-1.16.2-1 04/04 [ 13.673297] Call Trace: [ 13.673297] <TASK> [ 13.673297] dump_stack_lvl+0x5f/0x80 [ 13.673297] print_report+0xd1/0x660 [ 13.673297] kasan_report+0xe5/0x120 [ 13.673297] __asan_report_load1_noabort+0x18/0x20 [ 13.673297] mt_report_fixup+0x103/0x110 [ 13.673297] hid_open_report+0x1ef/0x810 [ 13.673297] mt_probe+0x422/0x960 [ 13.673297] hid_device_probe+0x2e2/0x6f0 [ 13.673297] really_probe+0x1c6/0x6b0 [ 13.673297] __driver_probe_device+0x24f/0x310 [ 13.673297] driver_probe_device+0x4e/0x220 [ 13.673297] __device_attach_driver+0x169/0x320 [ 13.673297] bus_for_each_drv+0x11d/0x1b0 [ 13.673297] __device_attach+0x1b8/0x3e0 [ 13.673297] device_initial_probe+0x12/0x20 [ 13.673297] bus_probe_device+0x13d/0x180 [ 13.673297] device_add+0xe3a/0x1670 [ 13.673297] hid_add_device+0x31d/0xa40 [...] Fixes: c8000deb6836 ("HID: multitouch: Add support for GT7868Q") Cc: stable(a)vger.kernel.org Signed-off-by: Qasim Ijaz <qasdev00(a)gmail.com> --- drivers/hid/hid-multitouch.c | 25 ++++++++++++++++--------- 1 file changed, 16 insertions(+), 9 deletions(-) diff --git a/drivers/hid/hid-multitouch.c b/drivers/hid/hid-multitouch.c index 7ac8e16e6158..af4abe3ba410 100644 --- a/drivers/hid/hid-multitouch.c +++ b/drivers/hid/hid-multitouch.c @@ -1461,18 +1461,25 @@ static const __u8 *mt_report_fixup(struct hid_device *hdev, __u8 *rdesc, if (hdev->vendor == I2C_VENDOR_ID_GOODIX && (hdev->product == I2C_DEVICE_ID_GOODIX_01E8 || hdev->product == I2C_DEVICE_ID_GOODIX_01E9)) { - if (rdesc[607] == 0x15) { - rdesc[607] = 0x25; - dev_info( - &hdev->dev, - "GT7868Q report descriptor fixup is applied.\n"); + if (*size >= 608) { + if (rdesc[607] == 0x15) { + rdesc[607] = 0x25; + dev_info( + &hdev->dev, + "GT7868Q report descriptor fixup is applied.\n"); + } else { + dev_info( + &hdev->dev, + "The byte is not expected for fixing the report descriptor. \ + It's possible that the touchpad firmware is not suitable for applying the fix. \ + got: %x\n", + rdesc[607]); + } } else { dev_info( &hdev->dev, - "The byte is not expected for fixing the report descriptor. \ -It's possible that the touchpad firmware is not suitable for applying the fix. \ -got: %x\n", - rdesc[607]); + "GT7868Q fixup: report descriptor only %u bytes, skipping\n", + *size); } } -- 2.39.5

3 months, 3 weeks

1
0
0 0

[PATCH] ARM: Fix allowing linker DCE with binutils < 2.36

by Nathan Chancellor

Commit e7607f7d6d81 ("ARM: 9443/1: Require linker to support KEEP within OVERLAY for DCE") accidentally broke the binutils version restriction that was added in commit 0d437918fb64 ("ARM: 9414/1: Fix build issue with LD_DEAD_CODE_DATA_ELIMINATION"), reintroducing the segmentation fault addressed by that workaround. Restore the binutils version dependency by using CONFIG_LD_CAN_USE_KEEP_IN_OVERLAY as an additional condition to ensure that CONFIG_HAVE_LD_DEAD_CODE_DATA_ELIMINATION is only enabled with binutils >= 2.36 and ld.lld >= 21.0.0. Cc: stable(a)vger.kernel.org Fixes: e7607f7d6d81 ("ARM: 9443/1: Require linker to support KEEP within OVERLAY for DCE") Reported-by: Rob Landley <rob(a)landley.net> Closes: https://lore.kernel.org/6739da7d-e555-407a-b5cb-e5681da71056@landley.net/ Tested-by: Rob Landley <rob(a)landley.net> Signed-off-by: Nathan Chancellor <nathan(a)kernel.org> --- arch/arm/Kconfig | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/arm/Kconfig b/arch/arm/Kconfig index 3072731fe09c..962451e54fdd 100644 --- a/arch/arm/Kconfig +++ b/arch/arm/Kconfig @@ -121,7 +121,7 @@ config ARM select HAVE_KERNEL_XZ select HAVE_KPROBES if !XIP_KERNEL && !CPU_ENDIAN_BE32 && !CPU_V7M select HAVE_KRETPROBES if HAVE_KPROBES - select HAVE_LD_DEAD_CODE_DATA_ELIMINATION if (LD_VERSION >= 23600 || LD_CAN_USE_KEEP_IN_OVERLAY) + select HAVE_LD_DEAD_CODE_DATA_ELIMINATION if (LD_VERSION >= 23600 || LD_IS_LLD) && LD_CAN_USE_KEEP_IN_OVERLAY select HAVE_MOD_ARCH_SPECIFIC select HAVE_NMI select HAVE_OPTPROBES if !THUMB2_KERNEL --- base-commit: d7b8f8e20813f0179d8ef519541a3527e7661d3a change-id: 20250707-arm-fix-dce-older-binutils-87a5a4b829d9 Best regards, -- Nathan Chancellor <nathan(a)kernel.org>

3 months, 3 weeks

1
1
0 0

[stable-6.1] x86: Fix X86_FEATURE_VERW_CLEAR definition

by Jack Wang

This is a mistake during backport. VERW_CLEAR is on bit 5, not bit 10. Fixes: d12145e8454f ("x86/bugs: Add a Transient Scheduler Attacks mitigation") Cc: Borislav Petkov (AMD) <bp(a)alien8.de> Signed-off-by: Jack Wang <jinpu.wang(a)ionos.com> --- arch/x86/include/asm/cpufeatures.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/x86/include/asm/cpufeatures.h b/arch/x86/include/asm/cpufeatures.h index 1c71f947b426..6f6ea3b9a95e 100644 --- a/arch/x86/include/asm/cpufeatures.h +++ b/arch/x86/include/asm/cpufeatures.h @@ -429,8 +429,8 @@ #define X86_FEATURE_V_TSC_AUX (19*32+ 9) /* "" Virtual TSC_AUX */ #define X86_FEATURE_SME_COHERENT (19*32+10) /* "" AMD hardware-enforced cache coherency */ +#define X86_FEATURE_VERW_CLEAR (20*32+ 5) /* "" The memory form of VERW mitigates TSA */ #define X86_FEATURE_AUTOIBRS (20*32+ 8) /* "" Automatic IBRS */ -#define X86_FEATURE_VERW_CLEAR (20*32+ 10) /* "" The memory form of VERW mitigates TSA */ #define X86_FEATURE_SBPB (20*32+27) /* "" Selective Branch Prediction Barrier */ #define X86_FEATURE_IBPB_BRTYPE (20*32+28) /* "" MSR_PRED_CMD[IBPB] flushes all branch type predictions */ #define X86_FEATURE_SRSO_NO (20*32+29) /* "" CPU is not affected by SRSO */ -- 2.43.0

3 months, 3 weeks

2
1
0 0

[stable-5.15] x86: Fix X86_FEATURE_VERW_CLEAR definition

by Jack Wang

This is a mistake during backport. VERW_CLEAR is on bit 5, not bit 10. Fixes: f2b75f1368af ("x86/bugs: Add a Transient Scheduler Attacks mitigation") Cc: Borislav Petkov (AMD) <bp(a)alien8.de> Signed-off-by: Jack Wang <jinpu.wang(a)ionos.com> --- arch/x86/include/asm/cpufeatures.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/x86/include/asm/cpufeatures.h b/arch/x86/include/asm/cpufeatures.h index 63b84540cfb3..b8d945d8d34f 100644 --- a/arch/x86/include/asm/cpufeatures.h +++ b/arch/x86/include/asm/cpufeatures.h @@ -418,8 +418,8 @@ #define X86_FEATURE_SEV_ES (19*32+ 3) /* AMD Secure Encrypted Virtualization - Encrypted State */ #define X86_FEATURE_SME_COHERENT (19*32+10) /* "" AMD hardware-enforced cache coherency */ +#define X86_FEATURE_VERW_CLEAR (20*32+ 5) /* "" The memory form of VERW mitigates TSA */ #define X86_FEATURE_AUTOIBRS (20*32+ 8) /* "" Automatic IBRS */ -#define X86_FEATURE_VERW_CLEAR (20*32+ 10) /* "" The memory form of VERW mitigates TSA */ #define X86_FEATURE_SBPB (20*32+27) /* "" Selective Branch Prediction Barrier */ #define X86_FEATURE_IBPB_BRTYPE (20*32+28) /* "" MSR_PRED_CMD[IBPB] flushes all branch type predictions */ #define X86_FEATURE_SRSO_NO (20*32+29) /* "" CPU is not affected by SRSO */ -- 2.43.0

3 months, 3 weeks

1
0
0 0

TSA mitigation doesn't work on 6.6.y

by Thomas Voegtle

Hello, with kernel v6.16-rc5-121-gbc9ff192a6c9 I see this: cat /sys/devices/system/cpu/vulnerabilities/tsa Mitigation: Clear CPU buffers dmesg | grep micro [ 1.479203] microcode: Current revision: 0x0a20102e [ 1.479206] microcode: Updated early from: 0x0a201016 So, this works. but same machine with 6.6.97: dmesg | grep micro [ 0.451496] Transient Scheduler Attacks: Vulnerable: Clear CPU buffers attempted, no microcode [ 1.077149] microcode: Current revision: 0x0a20102e [ 1.077152] microcode: Updated early from: 0x0a201016 so: cat /sys/devices/system/cpu/vulnerabilities/tsa Vulnerable: Clear CPU buffers attempted, no microcode but it is switched on: zcat /proc/config.gz | grep TSA CONFIG_MITIGATION_TSA=y And other stuff which need microcode works: cat /sys/devices/system/cpu/vulnerabilities/spec_rstack_overflow Mitigation: Safe RET without microcode you wwould see: Vulnerable: Safe RET, no microcode 6.12.37 broken too 6.15.6 works v6.16-rc5-121-gbc9ff192a6c9 works This is a: processor : 11 vendor_id : AuthenticAMD cpu family : 25 model : 33 model name : AMD Ryzen 5 5600X 6-Core Processor stepping : 0 microcode : 0xa20102e Is something missing in 6.6.y and 6.12.y? Thomas

3 months, 3 weeks

4
23
0 0

[REGRESSION]: fwd: regression in 6.15.5: KVM guest launch FAILSs with missing CPU feature error (sbpb, ibpb-brtype)

by pgnd

(already submitted @ Fedora; advised to post here to upstream as well) -------- Forwarded Message -------- Subject: regression in 6.15.5: KVM guest launch FAILSs with missing CPU feature error (sbpb, ibpb-brtype) Date: Sun, 13 Jul 2025 17:37:57 -0400 From: pgnd <pgnd(a)dev-mail.net> Reply-To: pgnd(a)dev-mail.net To: kernel(a)lists.fedoraproject.org i'm seeing a regression on Fedora 42 kernel 6.15.4 -> 6.15.5 on AMD Ryzen 5 5600G host (x86_64) kvm guests that launch ok under kernels 6.15.[3,4] fail with the following error when attempting to autostart under 6.15.5: internal error: Failed to autostart VM: operation failed: guest CPU doesn't match specification: missing features: sbpb,ibpb-brtype no changes made to libvirt, qemu, or VM defs between kernel versions. re-booting to old kernel versions restores expected behavior. maybe related (?) to recent changes in AMD CPU feature exposure / mitigation handling in kernel 6.15.5? i've opened a bug: https://bugzilla.redhat.com/show_bug.cgi?id=2379784

3 months, 3 weeks

1
0
0 0

[PATCH] spi: Add check for 8-bit transfer with 8 IO mode support

by Cheng Ming Lin

From: Cheng Ming Lin <chengminglin(a)mxic.com.tw> The current SPI framework does not verify if the SPI device supports 8 IO mode when doing an 8-bit transfer. This patch adds a check to ensure that if the transfer tx_nbits or rx_nbits is 8, the SPI mode must support 8 IO. If not, an error is returned, preventing undefined behavior. Fixes: d6a711a898672 ("spi: Fix OCTAL mode support") Cc: stable(a)vger.kernel.org Signed-off-by: Cheng Ming Lin <chengminglin(a)mxic.com.tw> --- drivers/spi/spi.c | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) diff --git a/drivers/spi/spi.c b/drivers/spi/spi.c index 1bc0fdbb1bd7..0ffa3f9f2870 100644 --- a/drivers/spi/spi.c +++ b/drivers/spi/spi.c @@ -4138,10 +4138,13 @@ static int __spi_validate(struct spi_device *spi, struct spi_message *message) xfer->tx_nbits != SPI_NBITS_OCTAL) return -EINVAL; if ((xfer->tx_nbits == SPI_NBITS_DUAL) && - !(spi->mode & (SPI_TX_DUAL | SPI_TX_QUAD))) + !(spi->mode & (SPI_TX_DUAL | SPI_TX_QUAD | SPI_TX_OCTAL))) return -EINVAL; if ((xfer->tx_nbits == SPI_NBITS_QUAD) && - !(spi->mode & SPI_TX_QUAD)) + !(spi->mode & (SPI_TX_QUAD | SPI_TX_OCTAL))) + return -EINVAL; + if ((xfer->tx_nbits == SPI_NBITS_OCTAL) && + !(spi->mode & SPI_TX_OCTAL)) return -EINVAL; } /* Check transfer rx_nbits */ @@ -4154,10 +4157,13 @@ static int __spi_validate(struct spi_device *spi, struct spi_message *message) xfer->rx_nbits != SPI_NBITS_OCTAL) return -EINVAL; if ((xfer->rx_nbits == SPI_NBITS_DUAL) && - !(spi->mode & (SPI_RX_DUAL | SPI_RX_QUAD))) + !(spi->mode & (SPI_RX_DUAL | SPI_RX_QUAD | SPI_RX_OCTAL))) return -EINVAL; if ((xfer->rx_nbits == SPI_NBITS_QUAD) && - !(spi->mode & SPI_RX_QUAD)) + !(spi->mode & (SPI_RX_QUAD | SPI_RX_OCTAL))) + return -EINVAL; + if ((xfer->rx_nbits == SPI_NBITS_OCTAL) && + !(spi->mode & SPI_RX_OCTAL)) return -EINVAL; } -- 2.25.1

3 months, 3 weeks

2
1
0 0

[RFC V1 PATCH mm-hotfixes 1/3] mm: introduce and use {pgd,p4d}_populate_kernel()

by Harry Yoo

Intrdocue and use {pgd,p4d}_pouplate_kernel() in core MM code when populating PGD and P4D entries corresponding to the kernel address space. The main purpose of these helpers is to ensure synchronization of the kernel portion of the top-level page tables whenever such an entry is populated. Until now, the kernel has relied on each architecture to handle synchronization of top-level page tables in an ad-hoc manner. For example, see commit 9b861528a801 ("x86-64, mem: Update all PGDs for direct mapping and vmemmap mapping changes"). However, this approach has proven fragile, as it's easy to forget to perform the necessary synchronization when introducing new changes. To address this, introduce _kernel() varients of the page table population helpers that invoke architecture-specific hooks to properly synchronize the page tables. For now, it only targets x86_64, so only PGD and P4D level helpers are introduced. In theory, PUD and PMD level helpers can be added later if needed by other architectures. Currently it is no-op as no arch defines __HAVE_ARCH_SYNC_KERNEL_PGTABLES. Cc: <stable(a)vger.kernel.org> Suggested-by: Dave Hansen <dave.hansen(a)linux.intel.com> Signed-off-by: Harry Yoo <harry.yoo(a)oracle.com> --- include/asm-generic/pgalloc.h | 4 ++++ include/linux/pgalloc.h | 0 mm/kasan/init.c | 10 +++++----- mm/percpu.c | 4 ++-- mm/sparse-vmemmap.c | 4 ++-- 5 files changed, 13 insertions(+), 9 deletions(-) create mode 100644 include/linux/pgalloc.h diff --git a/include/asm-generic/pgalloc.h b/include/asm-generic/pgalloc.h index 3c8ec3bfea44..6cac1ce64e01 100644 --- a/include/asm-generic/pgalloc.h +++ b/include/asm-generic/pgalloc.h @@ -295,6 +295,10 @@ static inline void pgd_free(struct mm_struct *mm, pgd_t *pgd) __pgd_free(mm, pgd); } #endif +#ifndef __HAVE_ARCH_SYNC_KERNEL_PGTABLE +#define pgd_populate_kernel(addr, pgd, p4d) pgd_populate(&init_mm, pgd, p4d) +#define p4d_populate_kernel(addr, p4d, pud) p4d_populate(&init_mm, p4d, pud) +#endif #endif /* CONFIG_MMU */ diff --git a/include/linux/pgalloc.h b/include/linux/pgalloc.h new file mode 100644 index 000000000000..e69de29bb2d1 diff --git a/mm/kasan/init.c b/mm/kasan/init.c index ced6b29fcf76..43de820ee282 100644 --- a/mm/kasan/init.c +++ b/mm/kasan/init.c @@ -191,7 +191,7 @@ static int __ref zero_p4d_populate(pgd_t *pgd, unsigned long addr, pud_t *pud; pmd_t *pmd; - p4d_populate(&init_mm, p4d, + p4d_populate_kernel(addr, p4d, lm_alias(kasan_early_shadow_pud)); pud = pud_offset(p4d, addr); pud_populate(&init_mm, pud, @@ -212,7 +212,7 @@ static int __ref zero_p4d_populate(pgd_t *pgd, unsigned long addr, } else { p = early_alloc(PAGE_SIZE, NUMA_NO_NODE); pud_init(p); - p4d_populate(&init_mm, p4d, p); + p4d_populate_kernel(addr, p4d, p); } } zero_pud_populate(p4d, addr, next); @@ -251,10 +251,10 @@ int __ref kasan_populate_early_shadow(const void *shadow_start, * puds,pmds, so pgd_populate(), pud_populate() * is noops. */ - pgd_populate(&init_mm, pgd, + pgd_populate_kernel(addr, pgd, lm_alias(kasan_early_shadow_p4d)); p4d = p4d_offset(pgd, addr); - p4d_populate(&init_mm, p4d, + p4d_populate_kernel(addr, p4d, lm_alias(kasan_early_shadow_pud)); pud = pud_offset(p4d, addr); pud_populate(&init_mm, pud, @@ -273,7 +273,7 @@ int __ref kasan_populate_early_shadow(const void *shadow_start, if (!p) return -ENOMEM; } else { - pgd_populate(&init_mm, pgd, + pgd_populate_kernel(addr, pgd, early_alloc(PAGE_SIZE, NUMA_NO_NODE)); } } diff --git a/mm/percpu.c b/mm/percpu.c index 782cc148b39c..57450a03c432 100644 --- a/mm/percpu.c +++ b/mm/percpu.c @@ -3134,13 +3134,13 @@ void __init __weak pcpu_populate_pte(unsigned long addr) if (pgd_none(*pgd)) { p4d = memblock_alloc_or_panic(P4D_TABLE_SIZE, P4D_TABLE_SIZE); - pgd_populate(&init_mm, pgd, p4d); + pgd_populate_kernel(addr, pgd, p4d); } p4d = p4d_offset(pgd, addr); if (p4d_none(*p4d)) { pud = memblock_alloc_or_panic(PUD_TABLE_SIZE, PUD_TABLE_SIZE); - p4d_populate(&init_mm, p4d, pud); + p4d_populate_kernel(addr, p4d, pud); } pud = pud_offset(p4d, addr); diff --git a/mm/sparse-vmemmap.c b/mm/sparse-vmemmap.c index fd2ab5118e13..e275310ac708 100644 --- a/mm/sparse-vmemmap.c +++ b/mm/sparse-vmemmap.c @@ -229,7 +229,7 @@ p4d_t * __meminit vmemmap_p4d_populate(pgd_t *pgd, unsigned long addr, int node) if (!p) return NULL; pud_init(p); - p4d_populate(&init_mm, p4d, p); + p4d_populate_kernel(addr, p4d, p); } return p4d; } @@ -241,7 +241,7 @@ pgd_t * __meminit vmemmap_pgd_populate(unsigned long addr, int node) void *p = vmemmap_alloc_block_zero(PAGE_SIZE, node); if (!p) return NULL; - pgd_populate(&init_mm, pgd, p); + pgd_populate_kernel(addr, pgd, p); } return pgd; } -- 2.43.0

3 months, 3 weeks

3
5
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-stable-mirror