shinys000114/linux
1
0
Fork 0
mirror of https://github.com/hardkernel/linux.git synced 2026-06-05 10:31:46 +09:00
Code Issues Packages Projects Releases Wiki Activity

Merge tag 'android14-6.1.90_r00' into android14-6.1

Browse Source 
This merges up to the 6.1.90 LTS release into the android14-6.1 branch.
Included in here are the following commits:

* c034535679 Revert "macsec: Enable devices to advertise whether they update sk_buff md_dst during offloads"
* 35df421fc4 Revert "macsec: Detect if Rx skb is macsec-related for offloading devices that update md_dst"
* f17db53dd9 Revert "net/mlx5e: Advertise mlx5 ethernet driver updates sk_buff md_dst for MACsec"
*   62184d7812 Merge 6.1.90 into android14-6.1-lts
|\
| * 909ba1f1b4 Linux 6.1.90
| * ca817d44be net/mlx5e: Advertise mlx5 ethernet driver updates sk_buff md_dst for MACsec
| * 21e042d29e macsec: Detect if Rx skb is macsec-related for offloading devices that update md_dst
| * 6536f12fe2 macsec: Enable devices to advertise whether they update sk_buff md_dst during offloads
| * 9b7c5004d7 bounds: Use the right number of bits for power-of-two CONFIG_NR_CPUS
| * 4e75e222d3 i2c: smbus: fix NULL function pointer dereference
| * 25b3498485 phy: ti: tusb1210: Resolve charger-det crash if charger psy is unregistered
| * 4201b8c8f2 riscv: Fix TASK_SIZE on 64-bit NOMMU
| * 0b947c90e3 riscv: fix VMALLOC_START definition
| * 023b6390a1 dmaengine: idxd: Fix oops during rmmod on single-CPU platforms
| * 8bf5741832 dma: xilinx_dpdma: Fix locking
| * e71d5ec7c0 phy: rockchip-snps-pcie3: fix clearing PHP_GRF_PCIESEL_CON bits
| * 199895b8b6 phy: rockchip-snps-pcie3: fix bifurcation on rk3588
| * 4723dfe76d phy: freescale: imx8m-pcie: fix pcie link-up instability
| * ed4b981b1d phy: freescale: imx8m-pcie: Refine i.MX8MM PCIe PHY driver
| * d6a6bacd0a phy: marvell: a3700-comphy: Fix hardcoded array size
| * 976df695f5 phy: marvell: a3700-comphy: Fix out of bounds read
| * 2203a447fd idma64: Don't try to serve interrupts when device is powered off
| * 33d8e3e5f3 dmaengine: tegra186: Fix residual calculation
| * 56bce3fcf8 dmaengine: owl: fix register access functions
| * a8e8c79ed2 x86/tdx: Preserve shared bit on mprotect()
| * 2bd852307f rust: remove `params` from `module` macro example
| * ad371d69a6 mtd: diskonchip: work around ubsan link failure
| * 4ebf1ff60e udp: preserve the connected status if only UDP cmsg
| * e3f0519da4 fbdev: fix incorrect address computation in deferred IO
| * d0205d6e0a stackdepot: respect __GFP_NOLOCKDEP allocation flag
| * c35fc18071 net: b44: set pause params only when interface is up
| * 8e2c583c26 ethernet: Add helper for assigning packet type when dest address does not match device address
| * ba234a54ee ACPI: CPPC: Fix access width used for PCC registers
| * 0f708a7e0a ACPI: CPPC: Fix bit_offset shift in MASK_VAL() macro
| * 01fc53be67 ACPI: CPPC: Use access_width over bit_width for system memory accesses
| * dd681710ab irqchip/gic-v3-its: Prevent double free on error
| * 64f9d8ac2c drm/amdgpu: Fix leak when GPU memory allocation fails
| * 404b0ae432 drm/amdgpu/sdma5.2: use legacy HDP flush for SDMA2/3
| * ffddf569e3 arm64: dts: rockchip: enable internal pull-up for Q7_THRM# on RK3399 Puma
| * ba9bcc0e58 LoongArch: Fix access error when read fault on a write-only VMA
| * 94021d1d2b LoongArch: Fix callchain parse error with kernel tracepoint events
| * 38f17d1fbb cpu: Re-enable CPU mitigations by default for !X86 architectures
| * 8bdbcfaf3e btrfs: fix information leak in btrfs_ioctl_logical_to_ino()
| * 0561b65fbd HID: i2c-hid: remove I2C_HID_READ_PENDING flag to prevent lock-up
| * c7a4bca289 smb3: fix lock ordering potential deadlock in cifs_sync_mid_result
| * 2b8bf690e0 smb: client: Fix struct_group() usage in __packed structs
| * a957ea5aa3 mmc: sdhci-msm: pervent access to suspended controller
| * e60502b907 Bluetooth: qca: fix NULL-deref on non-serdev suspend
| * e6dd0117e9 Bluetooth: btusb: Add Realtek RTL8852BE support ID 0x0bda:0x4853
| * c788236289 Bluetooth: Fix type of len in {l2cap,sco}_sock_getsockopt_old()
| * 4e6cd21498 rust: make mutually exclusive with CFI_CLANG
| * 9f882077f5 rust: don't select CONSTRUCTORS
| * 6a190e7ca4 x86/cpu: Fix check for RDPKRU in __show_regs()
| * 0c42f7e039 fork: defer linking file vma until vma is fully initialized
| * 539a2b995a virtio_net: Do not send RSS key if it is not supported
| * 34410fcad9 Revert "crypto: api - Disallow identical driver names"
| * b3686200ad cifs: Replace remaining 1-element arrays
| * 2ceacda270 af_unix: Suppress false-positive lockdep splat for spin_lock() in __unix_gc().
| * f05caed833 net: ethernet: ti: am65-cpts: Fix PTPv1 message type on TX packets
| * 777d7d0049 iavf: Fix TC config comparison with existing adapter TC config
| * 81ad28ac21 i40e: Report MFS in decimal base instead of hex
| * 152ed360cf i40e: Do not use WQ_MEM_RECLAIM flag for workqueue
| * 13ba94f6cc netfilter: nf_tables: honor table dormant flag from netdev release event path
| * e325357440 eth: bnxt: fix counting packets discarded due to OOM and netpoll
| * 5bfe7bf965 mlxsw: spectrum_acl_tcam: Fix memory leak when canceling rehash work
| * 4526a56e02 mlxsw: spectrum_acl_tcam: Fix incorrect list API usage
| * 751d352858 mlxsw: spectrum_acl_tcam: Fix warning during rehash
| * b822644fd9 mlxsw: spectrum_acl_tcam: Fix memory leak during rehash
| * 78884187c0 mlxsw: spectrum_acl_tcam: Rate limit error message
| * 813e2ab753 mlxsw: spectrum_acl_tcam: Fix possible use-after-free during rehash
| * b996e8699d mlxsw: spectrum_acl_tcam: Fix possible use-after-free during activity update
| * 19ebdce660 mlxsw: spectrum_acl_tcam: Fix race during rehash delayed work
| * bca6fa2d9a net: openvswitch: Fix Use-After-Free in ovs_ct_exit
| * f4861f052f ipvs: Fix checksumming on GSO of SCTP packets
| * 4115403dc9 Bluetooth: qca: set power_ctrl_enabled on NULL returned by gpiod_get_optional()
| * 31f18a1f58 Bluetooth: hci_sync: Using hci_cmd_sync_submit when removing Adv Monitor
| * 14051cbcf3 Bluetooth: MGMT: Fix failing to MGMT_OP_ADD_UUID/MGMT_OP_REMOVE_UUID
| * 25a1c2d4b1 net: gtp: Fix Use-After-Free in gtp_dellink
| * 5e5e1865b7 net: usb: ax88179_178a: stop lying about skb->truesize
| * 7a25bfd127 ipv4: check for NULL idev in ip_route_use_hint()
| * 1e9b694597 net: fix sk_memory_allocated_{add|sub} vs softirqs
| * 82810873ac net: make SK_MEMORY_PCPU_RESERV tunable
| * 0d14f10402 ax25: Fix netdev refcount issue
| * 424c69dbb2 NFC: trf7970a: disable all regulators on removal
| * 25a82005d5 bnxt_en: Fix the PCI-AER routines
| * b20beb0598 bnxt_en: refactor reset close code
| * 16be600293 bridge/br_netlink.c: no need to return void function
| * 599c9ad5e1 icmp: prevent possible NULL dereferences from icmp_build_probe()
| * d3c4b14c8a ARM: dts: microchip: at91-sama7g5ek: Replace regulator-suspend-voltage with the valid property
| * 3f7ecad54c mlxsw: core: Unregister EMAD trap using FORWARD action
| * 9064163f1c vxlan: drop packets from invalid src-address
| * 9b9c4adad6 wifi: iwlwifi: mvm: return uid from iwl_mvm_build_scan_cmd
| * d20e3beb83 wifi: iwlwifi: mvm: remove old PASN station when adding a new one
| * bab058e31a ARC: [plat-hsdk]: Remove misplaced interrupt-cells property
| * 0277e73e8e arm64: dts: rockchip: regulator for sd needs to be always on for BPI-R2Pro
| * af45b5bc30 arm64: dts: mediatek: mt2712: fix validation errors
| * 1aea205a42 arm64: dts: mediatek: mt7622: drop "reset-names" from thermal block
| * d078de8674 arm64: dts: mediatek: mt7622: fix ethernet controller "compatible"
| * da3c0740f0 arm64: dts: mediatek: mt7622: fix IR nodename
| * ce782b5a74 arm64: dts: mediatek: mt7622: fix clock controllers
| * 818f56a8b3 arm64: dts: mediatek: mt8195-cherry: Update min voltage constraint for MT6315
| * 942debbea5 arm64: dts: mediatek: mt8192-asurada: Update min voltage constraint for MT6315
| * e8ac4490db arm64: dts: mediatek: mt8195: Add missing gce-client-reg to mutex
| * 5bcfc53373 arm64: dts: mediatek: mt8195: Add missing gce-client-reg to vpp/vdosys
| * 18548e2ab9 arm64: dts: mediatek: mt8192: Add missing gce-client-reg to mutex
| * 2f83d4763a arm64: dts: mediatek: mt8183: Add power-domains properity to mfgcfg
| * 475816446f arm64: dts: rockchip: Remove unsupported node from the Pinebook Pro dts
| * 076ff06a1e arm64: dts: rockchip: enable internal pull-up on PCIE_WAKE# for RK3399 Puma
| * aa1af71dee arm64: dts: rockchip: fix alphabetical ordering RK3399 puma
| * cb5b05e619 arm64: dts: rockchip: enable internal pull-up on Q7_USB_ID for RK3399 Puma
| * 9ab1d84bdb arm64: dts: rockchip: set PHY address of MT7531 switch to 0x1f
| * 526facda61 HID: logitech-dj: allow mice to use all types of reports
| * 6b0ac25f36 HID: intel-ish-hid: ipc: Fix dev_err usage with uninitialized dev->devc
| * 4f83ca4c7a cifs: reinstate original behavior again for forceuid/forcegid
| * e24e165190 smb: client: fix rename(2) regression against samba
* | beb491c1c2 Merge 6.1.89 into android14-6.1-lts
|\|
| * dcbc050cb0 Linux 6.1.89
| * 8a5291736e Revert "ASoC: ti: Convert Pandora ASoC to GPIO descriptors"
* | 3b75c4ca77 ANDROID: update .stg for change to struct clk_core
* | 077eb0a09d Revert "usb: xhci: Add timeout argument in address_device USB HCD callback"
* | 992f4a2013 Merge 6.1.88 into android14-6.1-lts
|\|
| * f2295faba5 Linux 6.1.88
| * 0f7908a016 PCI/ASPM: Fix deadlock when enabling ASPM
| * 67a877128b ksmbd: common: use struct_group_attr instead of struct_group for network_open_info
| * 4687606d94 ksmbd: clear RENAME_NOREPLACE before calling vfs_rename
| * 21ff9d7d22 ksmbd: validate request buffer size in smb2_allocate_rsp_buf()
| * b80ba64871 ksmbd: fix slab-out-of-bounds in smb2_allocate_rsp_buf
| * 7d51db455c net: dsa: mt7530: fix enabling EEE on MT7531 switch on all boards
| * 41a004ffba net: dsa: mt7530: fix improper frames on all 25MHz and 40MHz XTAL MT7530
| * d9c2f69cc1 net: dsa: introduce preferred_default_local_cpu_port and use on MT7530
| * 013c787d23 net: dsa: mt7530: set all CPU ports in MT7531_CPU_PMAP
| * 897ac5306b nilfs2: fix OOB in nilfs_set_de_type
| * 1e7feb31a1 bootconfig: use memblock_free_late to free xbc memory to buddy
| * ad74d208f2 nouveau: fix instmem race condition around ptr stores
| * bcff1ed2ff drm/vmwgfx: Fix crtc's atomic check conditional
| * 8f79b42d1c drm/vmwgfx: Sort primary plane formats by order of preference
| * 212e3baccd drm/amdgpu: validate the parameters of bo mapping operations more clearly
| * 5ef7ba2799 mm/memory-failure: fix deadlock when hugetlb_optimize_vmemmap is enabled
| * 76c2f4d426 init/main.c: Fix potential static_command_line memory overflow
| * f7e71a7cf3 arm64: hibernate: Fix level3 translation fault in swsusp_save()
| * e09465aecc KVM: x86/pmu: Do not mask LVTPC when handling a PMI on AMD platforms
| * 0fb74c00d1 KVM: x86/pmu: Disable support for adaptive PEBS
| * e487b8eccf KVM: x86: Snapshot if a vCPU's vendor model is AMD vs. Intel compatible
| * 5d43e07228 fs: sysfs: Fix reference leak in sysfs_break_active_protection()
| * 89af25bd4b speakup: Avoid crash on very long word
| * 7c6f941492 mei: me: disable RPL-S on SPS and IGN firmwares
| * 0588bbbd71 usb: gadget: f_ncm: Fix UAF ncm object at re-bind after usb ep transport error
| * a676b17edb usb: Disable USB3 LPM at shutdown
| * 9de10b59d1 usb: dwc2: host: Fix dereference issue in DDMA completion flow.
| * 8672ad663a Revert "usb: cdc-wdm: close race between read and workqueue"
| * 4ed7c7720a USB: serial: option: add Telit FN920C04 rmnet compositions
| * 19f98f214b USB: serial: option: add Rolling RW101-GL and RW135-GL support
| * 25a299c566 USB: serial: option: support Quectel EM060K sub-models
| * 9eba075025 USB: serial: option: add Lonsung U8300/U9300 product
| * 3e34029b3c USB: serial: option: add support for Fibocom FM650/FG650
| * 3c4ba8a6c5 USB: serial: option: add Fibocom FM135-GL variants
| * 282b223cfd serial: stm32: Reset .throttled state in .startup()
| * 87d15af82d serial: stm32: Return IRQ_NONE in the ISR if no handling happend
| * bbaafbb465 serial/pmac_zilog: Remove flawed mitigation for rx irq flood
| * 2c9b943e99 serial: mxs-auart: add spinlock around changing cts state
| * ac882d6b21 comedi: vmk80xx: fix incomplete endpoint checking
| * 9eae1facfc thunderbolt: Fix wake configurations after device unplug
| * 38e10c9faa thunderbolt: Avoid notify PM core about runtime PM resume
| * a6d2a8b211 binder: check offset alignment in binder_get_object()
| * d05380576f ALSA: hda/realtek - Enable audio jacks of Haier Boyue G42 with ALC269VC
| * 943c3e45c8 x86/cpufeatures: Fix dependencies for GFNI, VAES, and VPCLMULQDQ
| * d17075a935 x86/bugs: Fix BHI retpoline check
| * 165d226472 clk: mediatek: Do a runtime PM get on controllers during probe
| * c1d87d56af clk: mediatek: clk-mtk: Extend mtk_clk_simple_probe()
| * a4fe8813a7 clk: mediatek: clk-mux: Propagate struct device for mtk-mux
| * 6f5f72a684 clk: mediatek: clk-mtk: Propagate struct device for composites
| * 082b831488 clk: mediatek: clk-gate: Propagate struct device with mtk_clk_register_gates()
| * 647a25b07d clk: mediatek: mt8192: Propagate struct device for gate clocks
| * 0904f9ef91 clk: mediatek: mt8192: Correctly unregister and free clocks on failure
| * 83ada89e4a clk: Get runtime PM before walking tree for clk_summary
| * 5a704c267a clk: Show active consumers of clocks in debugfs
| * 5833b99cf8 clk: remove unnecessary (void*) conversions
| * a424e713e0 clk: Get runtime PM before walking tree during disable_unused
| * 5558b3b68c clk: Initialize struct clk_core kref earlier
| * 43bc4cfef2 clk: Print an info line before disabling unused clocks
| * 349dbfd65f clk: Remove prepare_lock hold assertion in __clk_release()
| * f6ac4fdfa5 usb: new quirk to reduce the SET_ADDRESS request timeout
| * 5f9b63193b usb: xhci: Add timeout argument in address_device USB HCD callback
| * 1d011d972f drm: panel-orientation-quirks: Add quirk for Lenovo Legion Go
| * 7989b04d6c ALSA: scarlett2: Rename scarlett_gen2 to scarlett2
| * 39f932d295 PCI: Simplify pcie_capability_clear_and_set_word() to ..._clear_word()
| * 636f0fdb36 PCI/DPC: Use FIELD_GET()
| * aedbd09614 ALSA: scarlett2: Add Focusrite Clarett 2Pre and 4Pre USB support
| * 03bfe0e936 ALSA: scarlett2: Add Focusrite Clarett+ 2Pre and 4Pre support
| * 7c02a4a6cc ALSA: scarlett2: Add correct product series name to messages
| * b928cde9c0 ALSA: scarlett2: Default mixer driver to enabled
| * 0f4048e1a0 ASoC: ti: Convert Pandora ASoC to GPIO descriptors
| * e2b8480b70 ALSA: scarlett2: Add support for Clarett 8Pre USB
| * 4d74cb9cdf ALSA: scarlett2: Move USB IDs out from device_info struct
| * bbdfa14482 PCI: switchtec: Add support for PCIe Gen5 devices
| * 87709f7ecd PCI: switchtec: Use normal comment style
| * 89a9196aec PCI: Execute quirk_enable_clear_retrain_link() earlier
| * caa7ff1d7d thunderbolt: Add debug log for link controller power quirk
| * 932a765100 thunderbolt: Log function name of the called quirk
| * 4b7ed2400e x86/quirks: Include linux/pnp.h for arch_pnpbios_disabled()
| * f4aae2afe2 PCI: Delay after FLR of Solidigm P44 Pro NVMe
| * 0fe6a97a5f usb: pci-quirks: Reduce the length of a spinlock section in usb_amd_find_chipset_info()
| * c96b07dca1 HID: kye: Sort kye devices
| * 57aadcc028 PCI: Avoid FLR for SolidRun SNET DPU rev 1
| * 3c55d4396b ARM: omap2: n8x0: stop instantiating codec platform data
| * c330a13ab7 drm/panel: visionox-rm69299: don't unregister DSI device
| * 5fd4b09030 drm: nv04: Fix out of bounds access
| * 559f3a6333 s390/cio: fix race condition during online processing
| * beb3ff19a5 s390/qdio: handle deferred cc1
| * fe446927f8 RDMA/mlx5: Fix port number for counter query in multi-port configuration
| * ea42dbe759 RDMA/cm: Print the old state when cm_destroy_id gets timeout
| * 196617d07d RDMA/rxe: Fix the problem "mutex_destroy missing"
| * 45e811bab2 net: ethernet: ti: am65-cpsw-nuss: cleanup DMA Channels before using them
| * e86c9db58e net: dsa: mt7530: fix mirroring frames received on local port
| * 62e27ef18e tun: limit printing rate when illegal packet received by tun dev
| * 6a6ebec408 ice: tc: allow zero flags in parsing tc flower
| * 46efa4d593 net/mlx5e: Prevent deadlock while disabling aRFS
| * 8635ac7dd9 net/mlx5: Lag, restore buckets number to default after hash LAG deactivation
| * ba0db46385 af_unix: Don't peek OOB data without MSG_OOB.
| * a1d3e3521f af_unix: Call manage_oob() for every skb in unix_stream_read_generic().
| * f1c3c61701 netfilter: flowtable: incorrect pppoe tuple
| * 8bf7c76a2a netfilter: flowtable: validate pppoe header
| * 41d8fdf3af netfilter: nft_set_pipapo: do not free live element
| * b13db0d16b netfilter: br_netfilter: skip conntrack input hook for promisc packets
| * df7c0fb8c2 netfilter: nf_tables: Fix potential data-race in __nft_obj_type_get()
| * 8d56bad42a netfilter: nf_tables: Fix potential data-race in __nft_expr_type_get()
| * 408a43b6c9 x86/efistub: Remap kernel text read-only before dropping NX attribute
| * f56faf87c1 x86/sev: Move early startup code into .head.text section
| * d6f5bc5ff0 x86/sme: Move early SME kernel encryption handling into .head.text
| * e6489cc45f x86/head/64: Move the __head definition to <asm/init.h>
| * bbcd0534a3 x86/head/64: Add missing __head annotation to startup_64_load_idt()
| * 20dc656b06 x86/mm: Remove P*D_PAGE_MASK and P*D_PAGE_SIZE macros
| * d327e96157 x86/efistub: Use 1:1 file:memory mapping for PE/COFF .compat section
| * c4421279b6 x86/boot: Increase section and file alignment to 4k/512
| * 581f5d5e02 x86/boot: Split off PE/COFF .data section
| * 43b1920588 x86/boot: Drop PE/COFF .reloc section
| * d03399c3e2 x86/boot: Construct PE/COFF .text section from assembler
| * 1fa0a21475 x86/boot: Derive file size from _edata symbol
| * 1c754c6ec9 x86/boot: Define setup size in linker script
| * f9d68334dd x86/boot: Set EFI handover offset directly in header asm
| * e1380c923c x86/boot: Grab kernel_info offset from zoffset header directly
| * 67b8dc5089 x86/boot: Drop references to startup_64
| * 33d38d9b35 x86/boot: Drop redundant code setting the root device
| * 5c3e92ad49 x86/boot: Omit compression buffer from PE/COFF image memory footprint
| * f31f521ad2 x86/boot: Remove the 'bugger off' message
| * 0db16d1dce x86/efi: Drop alignment flags from PE section headers
| * 1800c9628e x86/efistub: Reinstate soft limit for initrd loading
| * f46e0e9fbe x86/efi: Disregard setup header of loaded image
| * f5603f9e13 x86/efi: Drop EFI stub .bss from .data section
| * 704edc9252 drm/i915/vma: Fix UAF on destroy against retire race
| * add0ff3486 net: usb: ax88179_178a: avoid writing the mac address before first reading
| * 07b37f227c random: handle creditable entropy from atomic process context
| * bcdd9ce78d selftests/ftrace: Limit length in subsystem-enable tests
| * 45eec81eac SUNRPC: Fix rpcgss_context trace event acceptor field
| * cbe7b911e0 io_uring: Fix io_cqring_wait() not restoring sigmask on get_timespec64() failure
| * 121a83be21 drm/amd/display: Do not recursively call manual trigger programming
| * 01c227f5a7 drm/amdgpu: fix incorrect number of active RBs for gfx11
| * 87f8aac740 drm/amdgpu: fix incorrect active rb bitmap for gfx11
| * 1e05339968 drm/vmwgfx: Enable DMA mappings with SEV
* | af0a15ff84 Merge 6.1.87 into android14-6.1-lts
|\|
| * 6741e066ec Linux 6.1.87
| * 724fbc7c0c drm/amd/display: fix disable otg wa logic in DCN316
| * 90819b1830 drm/amdgpu: always force full reset for SOC21
| * 7cc89dbcb8 drm/amdgpu: Reset dGPU if suspend got aborted
| * 29bd4d05f2 drm/i915: Disable port sync when bigjoiner is used
| * 2bc1796f8e drm/i915/cdclk: Fix CDCLK programming order when pipes are active
| * d844df1100 x86/bugs: Replace CONFIG_SPECTRE_BHI_{ON,OFF} with CONFIG_MITIGATION_SPECTRE_BHI
| * 7f18a0df76 x86/bugs: Remove CONFIG_BHI_MITIGATION_AUTO and spectre_bhi=auto
| * d737d8cd8e x86/bugs: Clarify that syscall hardening isn't a BHI mitigation
| * 4b0b5d621e x86/bugs: Fix BHI handling of RRSBA
| * dc2db3e978 x86/bugs: Rename various 'ia32_cap' variables to 'x86_arch_cap_msr'
| * b1b32586f7 x86/bugs: Cache the value of MSR_IA32_ARCH_CAPABILITIES
| * 662e341e57 x86/bugs: Fix BHI documentation
| * 0d433e4082 x86/bugs: Fix return type of spectre_bhi_state()
| * d447d8de84 irqflags: Explicitly ignore lockdep_hrtimer_exit() argument
| * 22f51ddb0c x86/apic: Force native_apic_mem_read() to use the MOV instruction
| * 881b495ed2 selftests: timers: Fix abs() warning in posix_timers test
| * 9c09773917 x86/cpu: Actually turn off mitigations by default for SPECULATION_MITIGATIONS=n
| * 0c182182d6 perf/x86: Fix out of range data
| * a2c1c0cfab vhost: Add smp_rmb() in vhost_enable_notify()
| * f6e2d61dc1 vhost: Add smp_rmb() in vhost_vq_avail_empty()
| * 18c8cc6680 drm/client: Fully protect modes[] with dev->mode_config.mutex
| * 8a6fea3fcb drm/ast: Fix soft lockup
| * d29b50a32c drm/amdkfd: Reset GPU on queue preemption failure
| * 4b53d7d620 drm/i915/vrr: Disable VRR when using bigjoiner
| * 62029bc9ff kprobes: Fix possible use-after-free issue on kprobe registration
| * 88dd8bb129 io_uring/net: restore msg_control on sendzc retry
| * c00146b399 btrfs: qgroup: convert PREALLOC to PERTRANS after record_root_in_trans
| * 06fe999854 btrfs: record delayed inode root in transaction
| * cb3131b5a2 btrfs: qgroup: correctly model root qgroup rsv in convert
| * 5f1205b86b iommu/vt-d: Allocate local memory for page request queue
| * 91580ea48b tracing: hide unused ftrace_event_id_fops
| * 19ff8fed33 net: ena: Fix incorrect descriptor free behavior
| * 7d44e12efb net: ena: Wrong missing IO completions check order
| * 4dea83d483 net: ena: Fix potential sign extension issue
| * b75722be42 af_unix: Fix garbage collector racing against connect()
| * fb6d14e23d af_unix: Do not use atomic ops for unix_sk(sk)->inflight.
| * 19643bf8c9 net: dsa: mt7530: trap link-local frames regardless of ST Port State
| * 8edb087c44 net: sparx5: fix wrong config being used when reconfiguring PCS
| * 88a50c8a50 net/mlx5e: HTB, Fix inconsistencies with QoS SQs number
| * ad26f26abd net/mlx5e: Fix mlx5e_priv_init() cleanup flow
| * 2e8dc5cffc net/mlx5: Properly link new fs rules into the tree
| * c760089aa9 netfilter: complete validation of user input
| * 9d42f37339 Bluetooth: L2CAP: Fix not validating setsockopt user input
| * 7bc65d23ba Bluetooth: SCO: Fix not validating setsockopt user input
| * de76ae9ea1 ipv6: fix race condition between ipv6_get_ifaddr and ipv6_del_addr
| * 03d564999f ipv4/route: avoid unused-but-set-variable warning
| * 2c46877f5f ipv6: fib: hide unused 'pn' variable
| * 7e33f68791 octeontx2-af: Fix NIX SQ mode and BP config
| * 84a352b7eb af_unix: Clear stale u->oob_skb.
| * 492337a4fb net: ks8851: Handle softirqs at the end of IRQ thread to fix hang
| * be03315452 net: ks8851: Inline ks8851_rx_skb()
| * ecedcd7e39 bnxt_en: Reset PTP tx_avail after possible firmware reset
| * 4a1b65d1e5 geneve: fix header validation in geneve[6]_xmit_skb
| * 2a523f14a3 xsk: validate user input for XDP_{UMEM|COMPLETION}_FILL_RING
| * ac1c10b4eb u64_stats: fix u64_stats_init() for lockdep when used repeatedly in one file
| * 0b44500559 net: openvswitch: fix unwanted error log on timeout policy probing
| * 9fc74e367b scsi: qla2xxx: Fix off by one in qla_edif_app_getstats()
| * 438b9a71b2 scsi: hisi_sas: Modify the deadline for ata_wait_after_reset()
| * b7dc2e6b87 nouveau: fix function cast warning
| * 84fb600635 Revert "drm/qxl: simplify qxl_fence_wait"
| * 24c0c5867a arm64: dts: imx8-ss-conn: fix usdhc wrong lpcg clock order
| * 49054b3ed2 media: cec: core: remove length check of Timer Status
| * bccc8d1550 PM: s2idle: Make sure CPUs will wakeup directly on resume
| * bd9b94055c drm/amd/pm: fixes a random hang in S4 for SMU v13.0.4/11
| * 66fab1e120 Bluetooth: Fix memory leak in hci_req_sync_complete()
| * 2d5f12de4c ring-buffer: Only update pages_touched when a new page is touched
| * 3fe79b2c83 batman-adv: Avoid infinite loop trying to resize local TT
| * 0559b2d759 ata: libata-scsi: Fix ata_scsi_dev_rescan() error path
| * ca5962bdc5 smb3: fix Open files on server counter going negative
* | 37db5a6cac Reapply "scsi: core: Add struct for args to execution functions"
* | faf34a67eb Merge 6.1.86 into android14-6.1-lts
|\|
| * cd5d98c055 Linux 6.1.86
| * c5f9fe2c1e Revert "drm/amd/amdgpu: Fix potential ioremap() memory leaks in amdgpu_device_init()"
| * eea65ed738 VMCI: Fix possible memcpy() run-time warning in vmci_datagram_invoke_guest_handler()
| * cea93dae3e net: mpls: error out if inner headers are not set
| * 21f5cfed1e Bluetooth: btintel: Fixe build regression
| * 00e34ff1ce platform/x86: intel-vbtn: Update tablet mode switch at end of probe
| * e80b4980af randomize_kstack: Improve entropy diffusion
| * 649e564636 virtio: reenable config if freezing device failed
| * 3a9c459091 scsi: sd: usb_storage: uas: Access media prior to querying device properties
| * 345b6b8319 Revert "scsi: core: Add struct for args to execution functions"
| * f1465ff4c8 Revert "scsi: sd: usb_storage: uas: Access media prior to querying device properties"
| * cf0650adb6 gcc-plugins/stackleak: Avoid .head.text section
| * 2b85977977 tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc
| * 2aeb805a1b netfilter: nf_tables: discard table flag update with pending basechain deletion
| * 8d3a58af50 netfilter: nf_tables: release mutex after nft_gc_seq_end from abort path
| * fcd1993a29 netfilter: nf_tables: release batch on table validation from abort path
| * 664206ff8b fbmon: prevent division by zero in fb_videomode_from_videomode()
| * 30044c66bc drivers/nvme: Add quirks for device 126f:2262
| * 5245a6da27 io_uring: clear opcode specific data for an early failure
| * f8a7b7b085 fbdev: viafb: fix typo in hw_bitblt_1 and hw_bitblt_2
| * 8b849265da ASoC: soc-core.c: Skip dummy codec when adding platforms
| * 103c0f946f thermal/of: Assume polling-delay(-passive) 0 when absent
| * 409289d0a1 usb: sl811-hcd: only defined function checkdone if QUIRK2 is defined
| * 57e6634e59 usb: typec: tcpci: add generic tcpci fallback compatible
| * f692c547e3 thunderbolt: Keep the domain powered when USB4 port is in redrive mode
| * 893b256261 usb: gadget: uvc: mark incomplete frames with UVC_STREAM_ERR
| * 7dbf082988 bus: mhi: host: Add MHI_PM_SYS_ERR_FAIL state
| * 63eaa43d5d tools: iio: replace seekdir() in iio_generic_buffer
| * 1e9f5619d9 ring-buffer: use READ_ONCE() to read cpu_buffer->commit_page in concurrent environment
| * 5e7da5bb2d ktest: force $buildonly = 1 for 'make_warnings_file' test type
| * 39da708cb2 perf/x86/amd/lbr: Discard erroneous branch entries
| * 44479c7fef platform/x86: touchscreen_dmi: Add an extra entry for a variant of the Chuwi Vi8 tablet
| * 70310e55b5 Input: allocate keycode for Display refresh rate toggle
| * 055e406d7b Input: imagis - use FIELD_GET where applicable
| * 4097b1f10f RDMA/cm: add timeout to cm_destroy_id wait
| * 512a01da71 block: prevent division by zero in blk_rq_stat_sum()
| * c87e811cae input/touchscreen: imagis: Correct the maximum touch area value
| * b7d153bfba libperf evlist: Avoid out-of-bounds access
| * aaefa79c15 Revert "ACPI: PM: Block ASUS B1400CEAE from suspend to idle by default"
| * 43be051f35 SUNRPC: increase size of rpc_wait_queue.qlen from unsigned short to unsigned int
| * 3a94feab04 drm/amd/amdgpu: Fix potential ioremap() memory leaks in amdgpu_device_init()
| * 354a5d7bb7 drm/amd/display: Fix nanosec stat overflow
| * aba664845a ext4: forbid commit inconsistent quota data when errors=remount-ro
| * baba351068 ext4: add a hint for block bitmap corrupt state in mb_groups
| * b75395ec4b ALSA: firewire-lib: handle quirk to calculate payload quadlets as data block counter
| * 84ed33a082 media: sta2x11: fix irq handler cast
| * 2e2177f94c Julia Lawall reported this null pointer dereference, this should fix it.
| * 3f3c1e735d rcu-tasks: Repair RCU Tasks Trace quiescence check
| * eae948ecd5 ASoC: Intel: common: DMI remap for rebranded Intel NUC M15 (LAPRC710) laptops
| * 13701b0f01 isofs: handle CDs with bad root inode but good Joliet root directory
| * ee0b5f96b6 scsi: lpfc: Fix possible memory leak in lpfc_rcv_padisc()
| * 53cb1e52c9 sysv: don't call sb_bread() with pointers_lock held
| * 5238e1c2bd pinctrl: renesas: checker: Limit cfg reg enum checks to provided IDs
| * c87dd15918 drm: panel-orientation-quirks: Add quirk for GPD Win Mini
| * ac1e0f080a Input: synaptics-rmi4 - fail probing if memory allocation for "phys" fails
| * 48bfb4b03c drm/vc4: don't check if plane->state->fb == state->fb
| * a83a7728e4 Bluetooth: btmtk: Add MODULE_FIRMWARE() for MT7922
| * b19fe5eea6 Bluetooth: btintel: Fix null ptr deref in btintel_read_version
| * d7ee3bf0ca net/smc: reduce rtnl pressure in smc_pnet_create_pnetids_list()
| * 5693dd6d3d ice: use relative VSI index for VFs instead of PF VSI number
| * 9ae356c627 btrfs: send: handle path ref underflow in header iterate_inode_ref()
| * 0f30f95b91 btrfs: export: handle invalid inode or root reference in btrfs_get_parent()
| * 36c2a2863b btrfs: handle chunk tree lookup error in btrfs_relocate_sys_chunks()
| * 50bd749c60 cpufreq: Don't unregister cpufreq cooling on CPU hotplug
| * 6597a6687a wifi: ath11k: decrease MHI channel buffer length to 8KB
| * 4e0cfb25d4 dma-direct: Leak pages on dma_set_decrypted() failure
| * a3f6045ce3 net: pcs: xpcs: Return EINVAL in the internal methods
| * 51a9b20a04 tools/power x86_energy_perf_policy: Fix file leak in get_pkg_num()
| * 635594cca5 pstore/zone: Add a null pointer check to the psz_kmsg_read
| * 8ead0a04a7 wifi: brcmfmac: Add DMI nvram filename quirk for ACEPC W5 Pro
| * 161d6b8037 firmware: tegra: bpmp: Return directly after a failed kzalloc() in get_filename()
| * 8af60bb2b2 net: skbuff: add overflow debug check to pull/push helpers
| * b8ca15861c ionic: set adminq irq affinity
| * 6925d11fbd arm64: dts: rockchip: fix rk3399 hdmi ports node
| * a292048934 arm64: dts: rockchip: fix rk3328 hdmi ports node
| * b510fbe3a7 cpuidle: Avoid potential overflow in integer multiplication
| * 94b016b28b panic: Flush kernel log buffer at the end
| * 8d80e09202 wifi: iwlwifi: pcie: Add the PCI device id for new hardware
| * feacd430b4 VMCI: Fix memcpy() run-time warning in dg_dispatch_as_host()
| * fd5fdacae9 wifi: rtw89: pci: enlarge RX DMA buffer to consider size of RX descriptor
| * d6b0472d5f bnx2x: Fix firmware version string character counts
| * 7dd4831c3e wifi: ath9k: fix LNA selection in ath_ant_try_scan()
| * e6768c6737 amdkfd: use calloc instead of kzalloc to avoid integer overflow
* | a28d27f66e ANDROID: fix crc issue in net/ipv4/inet_fragment.c
* | da08c217d8 ANDROID: preserve CRC values in struct sk_buff due to ip_defrag_offset removal
* | 416b90bf47 Revert "vsock/virtio: fix packet delivery to tap device"
* | 66a1080110 Merge 6.1.85 into android14-6.1-lts
|\|
| * bf1e3b1cb1 Linux 6.1.85
| * e21838dfd0 x86: set SPECTRE_BHI_ON as default
| * 3e4283b771 KVM: x86: Add BHI_NO
| * 43704e993a x86/bhi: Mitigate KVM by default
| * bb8384b6df x86/bhi: Add BHI mitigation knob
| * 42196bdec0 x86/bhi: Enumerate Branch History Injection (BHI) bug
| * 29c50bb6fb x86/bhi: Define SPEC_CTRL_BHI_DIS_S
| * 07dbb10f15 x86/bhi: Add support for clearing branch history at syscall entry
| * 74fcb18177 x86/syscall: Don't force use of indirect calls for system calls
| * fd52c0397b x86/bugs: Change commas to semicolons in 'spectre_v2' sysfs file
| * 5e6898b854 nvme: fix miss command type check
| * 9c2b4b6577 mm/secretmem: fix GUP-fast succeeding on secretmem folios
| * a6dc534c07 selftests: mptcp: display simult in extra_msg
| * d1fefedc1a mptcp: don't account accept() of non-MPC client as fallback to TCP
| * 08ef93ebc7 selftests: mptcp: join: fix dev in check_endpoint
| * 7e8360ac87 smb: client: fix potential UAF in cifs_signal_cifsd_for_reconnect()
| * f941400479 smb: client: fix potential UAF in smb2_is_network_name_deleted()
| * 494c91e1e9 smb: client: fix potential UAF in is_valid_oplock_break()
| * c868cabdf6 smb: client: fix potential UAF in smb2_is_valid_lease_break()
| * 84488466b7 smb: client: fix potential UAF in smb2_is_valid_oplock_break()
| * 16b7d78577 smb: client: fix potential UAF in cifs_stats_proc_show()
| * 8fefd166fc smb: client: fix potential UAF in cifs_stats_proc_write()
| * 2290423146 smb: client: fix potential UAF in cifs_debug_files_proc_show()
| * 8c99dfb49b smb3: retrying on failed server close
| * f6583444d7 riscv: process: Fix kernel gp leakage
| * c88f7a7095 riscv: Fix spurious errors from __get/put_kernel_nofault
| * 447d844a3e s390/entry: align system call table on 8 bytes
| * 22943e4fe4 x86/coco: Require seeding RNG with RDRAND on CoCo systems
| * 20a915154c x86/mce: Make sure to grab mce_sysfs_mutex in set_bank()
| * 97e93367e8 x86/mm/pat: fix VM_PAT handling in COW mappings
| * 7b6df050c4 of: dynamic: Synchronize of_changeset_destroy() with the devlink removals
| * 9406d598a1 driver core: Introduce device_link_wait_removal()
| * f35d7ede62 ALSA: hda/realtek: Update Panasonic CF-SZ6 quirk to support headset with microphone
| * 2ff8f06550 ALSA: hda/realtek - Fix inactive headset mic jack
| * 883e072e83 ksmbd: do not set SMB2_GLOBAL_CAP_ENCRYPTION for SMB 3.1.1
| * 51a6c2af9d ksmbd: validate payload size in ipc response
| * 2e5f8dc1de ksmbd: don't send oplock break if rename fails
| * 7ef6a7f9b3 x86/retpoline: Add NOENDBR annotation to the SRSO dummy return thunk
| * c19715ec25 nfsd: hold a lighter-weight client reference over CB_RECALL_ANY
| * 12059cf048 ata: sata_mv: Fix PCI device ID table declaration compilation warning
| * 78942ac754 cifs: Fix caching to try to do open O_WRONLY as rdwr on server
| * 9adcfd5670 scsi: sd: Unregister device if device_add_disk() failed in sd_probe()
| * 4b87c1bc25 scsi: mylex: Fix sysfs buffer lengths
| * 7171d6aef1 ata: sata_sx4: fix pdc20621_get_from_dimm() on 64-bit
| * 7ff957cea8 ASoC: ops: Fix wraparound for mask in snd_soc_get_volsw
| * 4ff3d8ac62 ASoC: rt711-sdw: fix locking sequence
| * 044c34fe35 ASoC: rt711-sdca: fix locking sequence
| * eb028d1ebd ASoC: rt5682-sdw: fix locking sequence
| * 392c47fea7 drm/panfrost: fix power transition timeout warnings
| * 81f7c9da2b drivers/perf: riscv: Disable PERF_SAMPLE_BRANCH_* while not supported
| * d00c24ddec 9p: Fix read/write debug statements to report server reply
| * 90a477dfda fs/pipe: Fix lockdep false-positive in watchqueue pipe_write()
| * 4af6d5b4d9 KVM: SVM: Add support for allowing zero SEV ASIDs
| * 2233bd583c KVM: SVM: Use unsigned integers when dealing with ASIDs
| * 815c2a1c43 KVM: SVM: WARN, but continue, if misc_cg_set_capacity() fails
| * 2f7efda53a KVM: SVM: enhance info printk's in SEV init
| * f089d4554a net: ravb: Always update error counters
| * f9690dfa18 net: ravb: Always process TX descriptor ring
| * 265a0fc55f net: ravb: Let IP-specific receive function to interrogate descriptors
| * b3608fe28f net: fec: Set mac_managed_pm during probe
| * c178122207 drivers: net: convert to boolean for the mac_managed_pm flag
| * 4eed9d0a48 tcp: Fix bind() regression for v6-only wildcard and v4(-mapped-v6) non-wildcard addresses.
| * 77db987b47 r8169: prepare rtl_hw_aspm_clkreq_enable for usage in atomic context
| * 9109472e71 r8169: use spinlock to protect access to registers Config2 and Config5
| * a33b7cb184 r8169: use spinlock to protect mac ocp register access
| * 095cfa2d9b i40e: Enforce software interrupt during busy-poll exit
| * 2f6953617d i40e: Remove _t suffix from enum type names
| * f3c2ceb847 i40e: Store the irq number in i40e_q_vector
| * 810dd068ae drm/amd: Flush GFXOFF requests in prepare stage
| * 43df8e64df drm/amd: Add concept of running prepare_suspend() sequence for IP blocks
| * 2990d8eacd drm/amd: Evict resources during PM ops prepare() callback
| * 3e89846283 i40e: fix vf may be used uninitialized in this function warning
| * fe74ea5b8b i40e: fix i40e_count_filters() to count only active/new filters
| * d417e3c16d octeontx2-af: Add array index check
| * e7e7030f0a octeontx2-pf: check negative error code in otx2_open()
| * 39efe5b6f6 octeontx2-af: Fix issue with loading coalesced KPU profiles
| * 940ff35ae8 udp: prevent local UDP tunnel packets from being GROed
| * 8c58d38405 udp: do not transition UDP GRO fraglist partial checksums to unnecessary
| * d12245080c udp: do not accept non-tunnel GSO skbs landing in a tunnel
| * fd6692e9b5 r8169: skip DASH fw status checks when DASH is disabled
| * 80247e0eca mlxbf_gige: stop interface during shutdown
| * 167d4b47a9 ipv6: Fix infinite recursion in fib6_dump_done().
| * 2febb7eeb4 selftests: reuseaddr_conflict: add missing new line at the end of the output
| * 1db7fcb2b2 erspan: make sure erspan_base_hdr is present in skb->head
| * 1829b618cc i40e: Fix VF MAC filter removal
| * ed37bdaee6 x86/retpoline: Do the necessary fixup to the Zen3/4 srso return thunk for !SRSO
| * 23178ec5ab x86/bugs: Fix the SRSO mitigation on Zen3/4
| * 2eeab8c47c gro: fix ownership transfer
| * 66cb665900 selftests: net: gro fwd: update vxlan GRO test expectations
| * 1060816169 net: phy: micrel: Fix potential null pointer dereference
| * 77f5e52d7b net: phy: micrel: lan8814: Fix when enabling/disabling 1-step timestamping
| * e01835f3a1 net: stmmac: fix rx queue priority assignment
| * b7d1ce2cc7 net/sched: fix lockdep splat in qdisc_tree_reduce_backlog()
| * 55d3fe7b2b net/sched: act_skbmod: prevent kernel-infoleak
| * a44770fed8 bpf, sockmap: Prevent lock inversion deadlock in map delete elem
| * 8a57544e92 vboxsf: Avoid an spurious warning if load_nls_xxx() fails
| * 18aae2cb87 netfilter: validate user input for expected length
| * 9b5b7708ec netfilter: nf_tables: Fix potential data-race in __nft_flowtable_type_get()
| * 4e8447a9a3 netfilter: nf_tables: flush pending destroy work before exit_net release
| * 745cf6a843 netfilter: nf_tables: reject new basechain after table flag update
| * 1c9e71ca61 Revert "x86/mm/ident_map: Use gbpages only where full GB page should be mapped."
| * db388b8e12 vsock/virtio: fix packet delivery to tap device
| * fc77240f63 net: usb: ax88179_178a: avoid the interface always configured as random address
| * cbaac2e548 net/rds: fix possible cp null dereference
| * 7c1250796b xen-netfront: Add missing skb_mark_for_recycle
| * 18e189442a Bluetooth: Fix TOCTOU in HCI debugfs implementation
| * 38e3eaa861 Bluetooth: hci_event: set the conn encrypted before conn establishes
| * 3e773d04ae Bluetooth: add quirk for broken address properties
| * a2812ff7ea Bluetooth: qca: fix device-address endianness
| * 298dc5dd38 arm64: dts: qcom: sc7180-trogdor: mark bluetooth address as broken
| * 9bf4acc802 Revert "Bluetooth: hci_qca: Set BDA quirk bit if fwnode exists in DT"
| * 5d920886c3 x86/cpufeatures: Add CPUID_LNX_5 to track recently added Linux-defined word
| * 3d61f1704b r8169: fix issue caused by buggy BIOS on certain boards with RTL8168d
| * 923579201d KVM: arm64: Fix host-programmed guest events in nVHE
| * ad141b08d1 perf/x86/amd/lbr: Use freeze based on availability
| * 8d029111b8 x86/cpufeatures: Add new word for scattered features
| * 58638e3b48 dm integrity: fix out-of-range warning
| * 7d0567842b inet: inet_defrag: prevent sk release while still in use
| * 0642673765 Octeontx2-af: fix pause frame configuration in GMP mode
| * 2553bfaa19 net: lan743x: Add set RFE read fifo threshold for PCI1x1x chips
| * 852698c9fd cifs: Fix duplicate fscache cookie warnings
| * 98cdac206b bpf: Protect against int overflow for stack access size
| * 24444af5dd mlxbf_gige: call request_irq() after NAPI initialized
| * 30fabe50a7 tls: get psock ref after taking rxlock to avoid leak
| * f52c8f1210 tls: adjust recv return with async crypto and failed copy to userspace
| * efb4573fea tls: recv: process_rx_list shouldn't use an offset with kvec
| * 0e111ce740 net: hns3: mark unexcuted loopback test result as UNEXECUTED
| * 50b69054f4 net: hns3: fix kernel crash when devlink reload during pf initialization
| * b8b533eeee net: hns3: fix index limit to support all queue stats
| * ebabdae52f ACPICA: debugger: check status of acpi_evaluate_object() in acpi_db_walk_for_fields()
| * beaf0e7996 net: wwan: t7xx: Split 64bit accesses to fix alignment issues
| * 91b243de91 tcp: properly terminate timers for kernel sockets
| * 16307e7bc1 s390/qeth: handle deferred cc1
| * 231b189fa1 ixgbe: avoid sleeping allocation in ixgbe_ipsec_vf_add_sa()
| * 99a75d7500 wifi: iwlwifi: mvm: rfi: fix potential response leaks
| * 57beec623a mlxbf_gige: stop PHY during open() error paths
| * b51ec7fc9f nfc: nci: Fix uninit-value in nci_dev_up and nci_ntf_packet
| * 0336995512 dma-buf: Fix NULL pointer dereference in sanitycheck()
| * 8333aae9bb scripts/bpf_doc: Use silent mode when exec make cmd
* 7b7c6df465 Merge branch 'android14-6.1' into branch 'android14-6.1-lts'
* 0cf5cecba6 Revert "crypto: api - Disallow identical driver names"

Change-Id: Iace3d6c28e979288bd5e452ec7513ce23ee300d6
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
This commit is contained in:
Greg Kroah-Hartman
2024-07-20 13:53:50 +00:00
parent 6d6afa9d3f c034535679
commit 002bba562d
555 changed files with 5709 additions and 2886 deletions
Download Patch File Download Diff File Expand all files Collapse all files

44
Documentation/admin-guide/hw-vuln/spectre.rst
View File

@@ -138,11 +138,10 @@ associated with the source address of the indirect branch. Specifically,
the BHB might be shared across privilege levels even in the presence of
Enhanced IBRS.
Currently the only known real-world BHB attack vector is via
unprivileged eBPF. Therefore, it's highly recommended to not enable
unprivileged eBPF, especially when eIBRS is used (without retpolines).
For a full mitigation against BHB attacks, it's recommended to use
retpolines (or eIBRS combined with retpolines).
Previously the only known real-world BHB attack vector was via unprivileged
eBPF. Further research has found attacks that don't require unprivileged eBPF.
For a full mitigation against BHB attacks it is recommended to set BHI_DIS_S or
use the BHB clearing sequence.
Attack scenarios
----------------
@@ -430,6 +429,23 @@ The possible values in this file are:
'PBRSB-eIBRS: Not affected' CPU is not affected by PBRSB
=========================== =======================================================
- Branch History Injection (BHI) protection status:
.. list-table::
* - BHI: Not affected
- System is not affected
* - BHI: Retpoline
- System is protected by retpoline
* - BHI: BHI_DIS_S
- System is protected by BHI_DIS_S
* - BHI: SW loop, KVM SW loop
- System is protected by software clearing sequence
* - BHI: Vulnerable
- System is vulnerable to BHI
* - BHI: Vulnerable, KVM: SW loop
- System is vulnerable; KVM is protected by software clearing sequence
Full mitigation might require a microcode update from the CPU
vendor. When the necessary microcode is not available, the kernel will
report vulnerability.
@@ -484,7 +500,11 @@ Spectre variant 2
Systems which support enhanced IBRS (eIBRS) enable IBRS protection once at
boot, by setting the IBRS bit, and they're automatically protected against
Spectre v2 variant attacks.
some Spectre v2 variant attacks. The BHB can still influence the choice of
indirect branch predictor entry, and although branch predictor entries are
isolated between modes when eIBRS is enabled, the BHB itself is not isolated
between modes. Systems which support BHI_DIS_S will set it to protect against
BHI attacks.
On Intel's enhanced IBRS systems, this includes cross-thread branch target
injections on SMT systems (STIBP). In other words, Intel eIBRS enables
@@ -638,6 +658,18 @@ kernel command line.
spectre_v2=off. Spectre variant 1 mitigations
cannot be disabled.
spectre_bhi=
[X86] Control mitigation of Branch History Injection
(BHI) vulnerability. This setting affects the deployment
of the HW BHI control and the SW BHB clearing sequence.
on
(default) Enable the HW or SW mitigation as
needed.
off
Disable the mitigation.
For spectre_v2_user see Documentation/admin-guide/kernel-parameters.txt
Mitigation selection guide

13
Documentation/admin-guide/kernel-parameters.txt
View File

@@ -3331,6 +3331,7 @@
reg_file_data_sampling=off [X86]
retbleed=off [X86]
spec_store_bypass_disable=off [X86,PPC]
spectre_bhi=off [X86]
spectre_v2_user=off [X86]
srbds=off [X86,INTEL]
ssbd=force-off [ARM64]
@@ -5801,6 +5802,15 @@
sonypi.*= [HW] Sony Programmable I/O Control Device driver
See Documentation/admin-guide/laptops/sonypi.rst
spectre_bhi= [X86] Control mitigation of Branch History Injection
(BHI) vulnerability. This setting affects the
deployment of the HW BHI control and the SW BHB
clearing sequence.
on - (default) Enable the HW or SW mitigation
as needed.
off - Disable the mitigation.
spectre_v2= [X86] Control mitigation of Spectre variant 2
(indirect branch speculation) vulnerability.
The default operation protects the kernel from
@@ -6661,6 +6671,9 @@
pause after every control message);
o = USB_QUIRK_HUB_SLOW_RESET (Hub needs extra
delay after resetting its port);
p = USB_QUIRK_SHORT_SET_ADDRESS_REQ_TIMEOUT
(Reduce timeout of the SET_ADDRESS
request from 5000 ms to 500 ms);
Example: quirks=0781:5580:bk,0a5c:5834:gij
usbhid.mousepoll=

5
Documentation/admin-guide/sysctl/net.rst
View File

@@ -205,6 +205,11 @@ Will increase power usage.
Default: 0 (off)
mem_pcpu_rsv
------------
Per-cpu reserved forward alloc cache size in page units. Default 1MB per CPU.
rmem_default
------------

2
MAINTAINERS
View File

@@ -8040,7 +8040,7 @@ M: Geoffrey D. Bennett <g@b4.vu>
L: alsa-devel@alsa-project.org (moderated for non-subscribers)
S: Maintained
T: git git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound.git
F: sound/usb/mixer_scarlett_gen2.c
F: sound/usb/mixer_scarlett2.c
FORCEDETH GIGABIT ETHERNET DRIVER
M: Rain River <rain.1986.08.12@gmail.com>

2
Makefile
View File

@@ -1,7 +1,7 @@
# SPDX-License-Identifier: GPL-2.0
VERSION = 6
PATCHLEVEL = 1
SUBLEVEL = 84
SUBLEVEL = 90
EXTRAVERSION =
NAME = Curry Ramen

243
android/abi_gki_aarch64.stg
View File

@@ -43770,10 +43770,10 @@ member {
offset: 20352
}
member {
id: 0x6b47fdc8
id: 0x6b47f58f
name: "accuracy"
type_id: 0x33756485
offset: 1216
offset: 1344
}
member {
id: 0x6bbd8f78
@@ -55714,10 +55714,10 @@ member {
offset: 128
}
member {
id: 0x1068dd68
id: 0x1068d085
name: "boot_enabled"
type_id: 0x6d7f5ff6
offset: 984
offset: 1112
}
member {
id: 0xc12e10df
@@ -61856,10 +61856,10 @@ member {
offset: 4608
}
member {
id: 0x19578fc7
id: 0x1957812f
name: "child_node"
type_id: 0x49a73111
offset: 1472
offset: 1600
}
member {
id: 0x19cde9e5
@@ -61958,10 +61958,10 @@ member {
offset: 64
}
member {
id: 0x25f4197a
id: 0x25f4116e
name: "children"
type_id: 0x5e8dc7f4
offset: 1408
offset: 1536
}
member {
id: 0x7d657f67
@@ -63278,10 +63278,10 @@ member {
offset: 2816
}
member {
id: 0x08f4a5ea
id: 0x08f4ab77
name: "clks"
type_id: 0x5e8dc7f4
offset: 1600
offset: 1728
}
member {
id: 0x5f036ab2
@@ -73077,10 +73077,10 @@ member {
offset: 62464
}
member {
id: 0xe0038b0c
id: 0xe0038ca1
name: "debug_node"
type_id: 0x49a73111
offset: 1792
offset: 1920
}
member {
id: 0x2c8c53b8
@@ -74399,18 +74399,18 @@ member {
type_id: 0x120540d1
offset: 34368
}
member {
id: 0xf3efe7b3
name: "dentry"
type_id: 0x120540d1
offset: 1856
}
member {
id: 0xf3efe84f
name: "dentry"
type_id: 0x120540d1
offset: 64
}
member {
id: 0xf3efeb8b
name: "dentry"
type_id: 0x120540d1
offset: 1728
}
member {
id: 0xf3efebee
name: "dentry"
@@ -82124,10 +82124,10 @@ member {
offset: 64
}
member {
id: 0xd5562c37
id: 0xd5562760
name: "duty"
type_id: 0x7747934c
offset: 1312
offset: 1440
}
member {
id: 0xc1236c49
@@ -83527,10 +83527,10 @@ member {
offset: 256
}
member {
id: 0x7ad6105e
id: 0x7ad61d96
name: "enable_count"
type_id: 0x4585663f
offset: 992
offset: 1120
}
member {
id: 0xd6605ae1
@@ -92038,12 +92038,6 @@ member {
type_id: 0x33756485
offset: 3264
}
member {
id: 0x2d5bfb9c
name: "flags"
type_id: 0x33756485
offset: 896
}
member {
id: 0x2d5bfbb9
name: "flags"
@@ -125673,18 +125667,18 @@ member {
type_id: 0xc93e017b
offset: 912
}
member {
id: 0x5c4b3279
name: "max_rate"
type_id: 0x33756485
offset: 1152
}
member {
id: 0x5c4b3567
name: "max_rate"
type_id: 0x33756485
offset: 128
}
member {
id: 0x5c4b3ad8
name: "max_rate"
type_id: 0x33756485
offset: 1280
}
member {
id: 0x5c4b3b62
name: "max_rate"
@@ -128872,18 +128866,18 @@ member {
type_id: 0x92233392
offset: 256
}
member {
id: 0x78e29322
name: "min_rate"
type_id: 0x33756485
offset: 1088
}
member {
id: 0x78e29ab5
name: "min_rate"
type_id: 0x33756485
offset: 64
}
member {
id: 0x78e29c90
name: "min_rate"
type_id: 0x33756485
offset: 1216
}
member {
id: 0x78e29eff
name: "min_rate"
@@ -134791,10 +134785,10 @@ member {
bitsize: 1
}
member {
id: 0xfbc6aa01
id: 0xfbc6a07e
name: "need_sync"
type_id: 0x6d7f5ff6
offset: 976
offset: 1104
}
member {
id: 0xfbc6aa7e
@@ -135260,10 +135254,10 @@ member {
offset: 1568
}
member {
id: 0x4c568493
id: 0x4c568fda
name: "new_child"
type_id: 0x16b3acfc
offset: 832
offset: 960
}
member {
id: 0x6fa9956d
@@ -135302,16 +135296,16 @@ member {
offset: 2432
}
member {
id: 0x7c11dfa4
id: 0x7c11ddac
name: "new_parent"
type_id: 0x16b3acfc
offset: 768
offset: 896
}
member {
id: 0xde66b021
id: 0xde66bd46
name: "new_parent_index"
type_id: 0x295c7202
offset: 520
offset: 648
}
member {
id: 0x47a34ff8
@@ -135327,10 +135321,10 @@ member {
offset: 32
}
member {
id: 0x4c8e95ba
id: 0x4c8e943d
name: "new_rate"
type_id: 0x33756485
offset: 704
offset: 832
}
member {
id: 0x0a536b98
@@ -137857,10 +137851,10 @@ member {
offset: 192
}
member {
id: 0xbbe14bb7
id: 0xbbe14ee8
name: "notifier_count"
type_id: 0x4585663f
offset: 1664
offset: 1792
}
member {
id: 0xdec375c9
@@ -140681,18 +140675,18 @@ member {
type_id: 0x6720d32f
offset: 1088
}
member {
id: 0x5f13c0bd
name: "num_parents"
type_id: 0x295c7202
offset: 640
}
member {
id: 0x5f13c103
name: "num_parents"
type_id: 0x295c7202
offset: 320
}
member {
id: 0x5f13cddc
name: "num_parents"
type_id: 0x295c7202
offset: 512
}
member {
id: 0x5f7f1537
name: "num_parents"
@@ -144781,18 +144775,18 @@ member {
type_id: 0x92233392
offset: 2176
}
member {
id: 0x6ba6999e
name: "orphan"
type_id: 0x6d7f5ff6
offset: 1088
}
member {
id: 0x6ba699d3
name: "orphan"
type_id: 0x6d7f5ff6
offset: 32
}
member {
id: 0x6ba69c1b
name: "orphan"
type_id: 0x6d7f5ff6
offset: 960
}
member {
id: 0x304e36cb
name: "orphan_count"
@@ -147335,10 +147329,10 @@ member {
offset: 768
}
member {
id: 0x7227c0c4
id: 0x7227ca4e
name: "parent"
type_id: 0x16b3acfc
offset: 384
offset: 512
}
member {
id: 0x72281112
@@ -147623,10 +147617,10 @@ member {
offset: 1024
}
member {
id: 0x0a0fa3a3
id: 0x0a0fada6
name: "parents"
type_id: 0x27b8a069
offset: 448
offset: 576
}
member {
id: 0x0a33e4ac
@@ -150224,10 +150218,10 @@ member {
offset: 44992
}
member {
id: 0x39ef5b6d
id: 0x39ef5fe3
name: "phase"
type_id: 0x6720d32f
offset: 1280
offset: 1408
}
member {
id: 0xad142fe3
@@ -154789,10 +154783,10 @@ member {
offset: 64
}
member {
id: 0x088ec4c0
id: 0x088ecd03
name: "prepare_count"
type_id: 0x4585663f
offset: 1024
offset: 1152
}
member {
id: 0x90c1fac3
@@ -157629,10 +157623,10 @@ member {
offset: 1608
}
member {
id: 0x6fd5241a
id: 0x6fd52f10
name: "protect_count"
type_id: 0x4585663f
offset: 1056
offset: 1184
}
member {
id: 0xbe992d26
@@ -160468,17 +160462,17 @@ member {
type_id: 0x0baa70a7
offset: 448
}
member {
id: 0x5fe125a7
name: "rate"
type_id: 0x33756485
offset: 704
}
member {
id: 0x5fe1279a
name: "rate"
type_id: 0x33756485
}
member {
id: 0x5fe12ee8
name: "rate"
type_id: 0x33756485
offset: 576
}
member {
id: 0x5fe12f53
name: "rate"
@@ -163315,17 +163309,17 @@ member {
type_id: 0x6f1daf87
offset: 832
}
member {
id: 0xce703a83
name: "ref"
type_id: 0x6f1daf87
offset: 1920
}
member {
id: 0xce703b5d
name: "ref"
type_id: 0x6f1daf87
}
member {
id: 0xce703cdf
name: "ref"
type_id: 0x6f1daf87
offset: 2048
}
member {
id: 0xce703d24
name: "ref"
@@ -166377,10 +166371,10 @@ member {
offset: 5120
}
member {
id: 0x9c3f558c
id: 0x9c3f5b5b
name: "req_rate"
type_id: 0x33756485
offset: 640
offset: 768
}
member {
id: 0xfa136415
@@ -170240,10 +170234,10 @@ member {
offset: 34816
}
member {
id: 0x1070b82a
id: 0x1070ba03
name: "rpm_enabled"
type_id: 0x6d7f5ff6
offset: 968
offset: 1096
}
member {
id: 0x175e0853
@@ -170251,6 +170245,12 @@ member {
type_id: 0xa69e469b
offset: 704
}
member {
id: 0x6796571d
name: "rpm_node"
type_id: 0x49a73111
offset: 320
}
member {
id: 0x82287aae
name: "rpm_status"
@@ -224861,42 +224861,43 @@ struct_union {
kind: STRUCT
name: "clk_core"
definition {
bytesize: 248
bytesize: 264
member_id: 0x0de57ce8
member_id: 0xafb61a8a
member_id: 0x97cde891
member_id: 0x4a965a99
member_id: 0xce3bba18
member_id: 0xf7c3f586
member_id: 0x7227c0c4
member_id: 0x0a0fa3a3
member_id: 0x5f13cddc
member_id: 0xde66b021
member_id: 0x5fe12ee8
member_id: 0x9c3f558c
member_id: 0x4c8e95ba
member_id: 0x7c11dfa4
member_id: 0x4c568493
member_id: 0x2d5bfb9c
member_id: 0x6ba69c1b
member_id: 0x1070b82a
member_id: 0xfbc6aa01
member_id: 0x1068dd68
member_id: 0x7ad6105e
member_id: 0x088ec4c0
member_id: 0x6fd5241a
member_id: 0x78e29322
member_id: 0x5c4b3279
member_id: 0x6b47fdc8
member_id: 0x39ef5b6d
member_id: 0xd5562c37
member_id: 0x25f4197a
member_id: 0x19578fc7
member_id: 0x08f4a5ea
member_id: 0xbbe14bb7
member_id: 0xf3efeb8b
member_id: 0xe0038b0c
member_id: 0xce703a83
member_id: 0x6796571d
member_id: 0xf7c3f536
member_id: 0x7227ca4e
member_id: 0x0a0fada6
member_id: 0x5f13c0bd
member_id: 0xde66bd46
member_id: 0x5fe125a7
member_id: 0x9c3f5b5b
member_id: 0x4c8e943d
member_id: 0x7c11ddac
member_id: 0x4c568fda
member_id: 0x2d5bf625
member_id: 0x6ba6999e
member_id: 0x1070ba03
member_id: 0xfbc6a07e
member_id: 0x1068d085
member_id: 0x7ad61d96
member_id: 0x088ecd03
member_id: 0x6fd52f10
member_id: 0x78e29c90
member_id: 0x5c4b3ad8
member_id: 0x6b47f58f
member_id: 0x39ef5fe3
member_id: 0xd5562760
member_id: 0x25f4116e
member_id: 0x1957812f
member_id: 0x08f4ab77
member_id: 0xbbe14ee8
member_id: 0xf3efe7b3
member_id: 0xe0038ca1
member_id: 0xce703cdf
}
}
struct_union {

8
arch/Kconfig
View File

@@ -9,6 +9,14 @@
#
source "arch/$(SRCARCH)/Kconfig"
config ARCH_CONFIGURES_CPU_MITIGATIONS
bool
if !ARCH_CONFIGURES_CPU_MITIGATIONS
config CPU_MITIGATIONS
def_bool y
endif
menu "General architecture-dependent options"
config CRASH_CORE

1
arch/arc/boot/dts/hsdk.dts
View File

@@ -205,7 +205,6 @@
};
gmac: ethernet@8000 {
#interrupt-cells = <1>;
compatible = "snps,dwmac";
reg = <0x8000 0x2000>;
interrupts = <10>;

8
arch/arm/boot/dts/at91-sama7g5ek.dts
View File

@@ -293,7 +293,7 @@
regulator-state-standby {
regulator-on-in-suspend;
regulator-suspend-voltage = <1150000>;
regulator-suspend-microvolt = <1150000>;
regulator-mode = <4>;
};
@@ -314,7 +314,7 @@
regulator-state-standby {
regulator-on-in-suspend;
regulator-suspend-voltage = <1050000>;
regulator-suspend-microvolt = <1050000>;
regulator-mode = <4>;
};
@@ -331,7 +331,7 @@
regulator-always-on;
regulator-state-standby {
regulator-suspend-voltage = <1800000>;
regulator-suspend-microvolt = <1800000>;
regulator-on-in-suspend;
};
@@ -346,7 +346,7 @@
regulator-max-microvolt = <3700000>;
regulator-state-standby {
regulator-suspend-voltage = <1800000>;
regulator-suspend-microvolt = <1800000>;
regulator-on-in-suspend;
};

5
arch/arm/mach-omap2/board-n8x0.c
View File

@@ -22,7 +22,6 @@
#include <linux/platform_data/spi-omap2-mcspi.h>
#include <linux/platform_data/mmc-omap.h>
#include <linux/mfd/menelaus.h>
#include <sound/tlv320aic3x.h>
#include <asm/mach/arch.h>
#include <asm/mach-types.h>
@@ -567,10 +566,6 @@ struct menelaus_platform_data n8x0_menelaus_platform_data = {
.late_init = n8x0_menelaus_late_init,
};
struct aic3x_pdata n810_aic33_data = {
.gpio_reset = 118,
};
static int __init n8x0_late_initcall(void)
{
if (!board_caps)

2
arch/arm/mach-omap2/common-board-devices.h
View File

@@ -2,12 +2,10 @@
#ifndef __OMAP_COMMON_BOARD_DEVICES__
#define __OMAP_COMMON_BOARD_DEVICES__
#include <sound/tlv320aic3x.h>
#include <linux/mfd/menelaus.h>
void *n8x0_legacy_init(void);
extern struct menelaus_platform_data n8x0_menelaus_platform_data;
extern struct aic3x_pdata n810_aic33_data;
#endif /* __OMAP_COMMON_BOARD_DEVICES__ */

1
arch/arm/mach-omap2/pdata-quirks.c
View File

@@ -440,7 +440,6 @@ static struct of_dev_auxdata omap_auxdata_lookup[] = {
#ifdef CONFIG_MACH_NOKIA_N8X0
OF_DEV_AUXDATA("ti,omap2420-mmc", 0x4809c000, "mmci-omap.0", NULL),
OF_DEV_AUXDATA("menelaus", 0x72, "1-0072", &n8x0_menelaus_platform_data),
OF_DEV_AUXDATA("tlv320aic3x", 0x18, "2-0018", &n810_aic33_data),
#endif
#ifdef CONFIG_ARCH_OMAP3
OF_DEV_AUXDATA("ti,omap2-iommu", 0x5d000000, "5d000000.mmu",

12
arch/arm64/boot/dts/freescale/imx8-ss-conn.dtsi
View File

@@ -38,8 +38,8 @@ conn_subsys: bus@5b000000 {
interrupts = <GIC_SPI 232 IRQ_TYPE_LEVEL_HIGH>;
reg = <0x5b010000 0x10000>;
clocks = <&sdhc0_lpcg IMX_LPCG_CLK_4>,
<&sdhc0_lpcg IMX_LPCG_CLK_0>,
<&sdhc0_lpcg IMX_LPCG_CLK_5>;
<&sdhc0_lpcg IMX_LPCG_CLK_5>,
<&sdhc0_lpcg IMX_LPCG_CLK_0>;
clock-names = "ipg", "ahb", "per";
power-domains = <&pd IMX_SC_R_SDHC_0>;
status = "disabled";
@@ -49,8 +49,8 @@ conn_subsys: bus@5b000000 {
interrupts = <GIC_SPI 233 IRQ_TYPE_LEVEL_HIGH>;
reg = <0x5b020000 0x10000>;
clocks = <&sdhc1_lpcg IMX_LPCG_CLK_4>,
<&sdhc1_lpcg IMX_LPCG_CLK_0>,
<&sdhc1_lpcg IMX_LPCG_CLK_5>;
<&sdhc1_lpcg IMX_LPCG_CLK_5>,
<&sdhc1_lpcg IMX_LPCG_CLK_0>;
clock-names = "ipg", "ahb", "per";
power-domains = <&pd IMX_SC_R_SDHC_1>;
fsl,tuning-start-tap = <20>;
@@ -62,8 +62,8 @@ conn_subsys: bus@5b000000 {
interrupts = <GIC_SPI 234 IRQ_TYPE_LEVEL_HIGH>;
reg = <0x5b030000 0x10000>;
clocks = <&sdhc2_lpcg IMX_LPCG_CLK_4>,
<&sdhc2_lpcg IMX_LPCG_CLK_0>,
<&sdhc2_lpcg IMX_LPCG_CLK_5>;
<&sdhc2_lpcg IMX_LPCG_CLK_5>,
<&sdhc2_lpcg IMX_LPCG_CLK_0>;
clock-names = "ipg", "ahb", "per";
power-domains = <&pd IMX_SC_R_SDHC_2>;
status = "disabled";

8
arch/arm64/boot/dts/mediatek/mt2712-evb.dts
View File

@@ -128,7 +128,7 @@
};
&pio {
eth_default: eth_default {
eth_default: eth-default-pins {
tx_pins {
pinmux = <MT2712_PIN_71_GBE_TXD3__FUNC_GBE_TXD3>,
<MT2712_PIN_72_GBE_TXD2__FUNC_GBE_TXD2>,
@@ -155,7 +155,7 @@
};
};
eth_sleep: eth_sleep {
eth_sleep: eth-sleep-pins {
tx_pins {
pinmux = <MT2712_PIN_71_GBE_TXD3__FUNC_GPIO71>,
<MT2712_PIN_72_GBE_TXD2__FUNC_GPIO72>,
@@ -181,14 +181,14 @@
};
};
usb0_id_pins_float: usb0_iddig {
usb0_id_pins_float: usb0-iddig-pins {
pins_iddig {
pinmux = <MT2712_PIN_12_IDDIG_P0__FUNC_IDDIG_A>;
bias-pull-up;
};
};
usb1_id_pins_float: usb1_iddig {
usb1_id_pins_float: usb1-iddig-pins {
pins_iddig {
pinmux = <MT2712_PIN_14_IDDIG_P1__FUNC_IDDIG_B>;
bias-pull-up;

3
arch/arm64/boot/dts/mediatek/mt2712e.dtsi
View File

@@ -249,10 +249,11 @@
#clock-cells = <1>;
};
infracfg: syscon@10001000 {
infracfg: clock-controller@10001000 {
compatible = "mediatek,mt2712-infracfg", "syscon";
reg = <0 0x10001000 0 0x1000>;
#clock-cells = <1>;
#reset-cells = <1>;
};
pericfg: syscon@10003000 {

34
arch/arm64/boot/dts/mediatek/mt7622.dtsi
View File

@@ -251,7 +251,7 @@
clock-names = "hif_sel";
};
cir: cir@10009000 {
cir: ir-receiver@10009000 {
compatible = "mediatek,mt7622-cir";
reg = <0 0x10009000 0 0x1000>;
interrupts = <GIC_SPI 175 IRQ_TYPE_LEVEL_LOW>;
@@ -282,16 +282,14 @@
};
};
apmixedsys: apmixedsys@10209000 {
compatible = "mediatek,mt7622-apmixedsys",
"syscon";
apmixedsys: clock-controller@10209000 {
compatible = "mediatek,mt7622-apmixedsys";
reg = <0 0x10209000 0 0x1000>;
#clock-cells = <1>;
};
topckgen: topckgen@10210000 {
compatible = "mediatek,mt7622-topckgen",
"syscon";
topckgen: clock-controller@10210000 {
compatible = "mediatek,mt7622-topckgen";
reg = <0 0x10210000 0 0x1000>;
#clock-cells = <1>;
};
@@ -514,7 +512,6 @@
<&pericfg CLK_PERI_AUXADC_PD>;
clock-names = "therm", "auxadc";
resets = <&pericfg MT7622_PERI_THERM_SW_RST>;
reset-names = "therm";
mediatek,auxadc = <&auxadc>;
mediatek,apmixedsys = <&apmixedsys>;
nvmem-cells = <&thermal_calibration>;
@@ -734,9 +731,8 @@
power-domains = <&scpsys MT7622_POWER_DOMAIN_WB>;
};
ssusbsys: ssusbsys@1a000000 {
compatible = "mediatek,mt7622-ssusbsys",
"syscon";
ssusbsys: clock-controller@1a000000 {
compatible = "mediatek,mt7622-ssusbsys";
reg = <0 0x1a000000 0 0x1000>;
#clock-cells = <1>;
#reset-cells = <1>;
@@ -793,9 +789,8 @@
};
};
pciesys: pciesys@1a100800 {
compatible = "mediatek,mt7622-pciesys",
"syscon";
pciesys: clock-controller@1a100800 {
compatible = "mediatek,mt7622-pciesys";
reg = <0 0x1a100800 0 0x1000>;
#clock-cells = <1>;
#reset-cells = <1>;
@@ -921,12 +916,13 @@
};
};
hifsys: syscon@1af00000 {
compatible = "mediatek,mt7622-hifsys", "syscon";
hifsys: clock-controller@1af00000 {
compatible = "mediatek,mt7622-hifsys";
reg = <0 0x1af00000 0 0x70>;
#clock-cells = <1>;
};
ethsys: syscon@1b000000 {
ethsys: clock-controller@1b000000 {
compatible = "mediatek,mt7622-ethsys",
"syscon";
reg = <0 0x1b000000 0 0x1000>;
@@ -966,9 +962,7 @@
};
eth: ethernet@1b100000 {
compatible = "mediatek,mt7622-eth",
"mediatek,mt2701-eth",
"syscon";
compatible = "mediatek,mt7622-eth";
reg = <0 0x1b100000 0 0x20000>;
interrupts = <GIC_SPI 223 IRQ_TYPE_LEVEL_LOW>,
<GIC_SPI 224 IRQ_TYPE_LEVEL_LOW>,

1
arch/arm64/boot/dts/mediatek/mt8183.dtsi
View File

@@ -1554,6 +1554,7 @@
compatible = "mediatek,mt8183-mfgcfg", "syscon";
reg = <0 0x13000000 0 0x1000>;
#clock-cells = <1>;
power-domains = <&spm MT8183_POWER_DOMAIN_MFG_ASYNC>;
};
gpu: gpu@13040000 {

6
arch/arm64/boot/dts/mediatek/mt8192-asurada.dtsi
View File

@@ -903,7 +903,7 @@
mt6315_6_vbuck1: vbuck1 {
regulator-compatible = "vbuck1";
regulator-name = "Vbcpu";
regulator-min-microvolt = <300000>;
regulator-min-microvolt = <400000>;
regulator-max-microvolt = <1193750>;
regulator-enable-ramp-delay = <256>;
regulator-allowed-modes = <0 1 2>;
@@ -913,7 +913,7 @@
mt6315_6_vbuck3: vbuck3 {
regulator-compatible = "vbuck3";
regulator-name = "Vlcpu";
regulator-min-microvolt = <300000>;
regulator-min-microvolt = <400000>;
regulator-max-microvolt = <1193750>;
regulator-enable-ramp-delay = <256>;
regulator-allowed-modes = <0 1 2>;
@@ -930,7 +930,7 @@
mt6315_7_vbuck1: vbuck1 {
regulator-compatible = "vbuck1";
regulator-name = "Vgpu";
regulator-min-microvolt = <606250>;
regulator-min-microvolt = <400000>;
regulator-max-microvolt = <800000>;
regulator-enable-ramp-delay = <256>;
regulator-allowed-modes = <0 1 2>;

1
arch/arm64/boot/dts/mediatek/mt8192.dtsi
View File

@@ -1240,6 +1240,7 @@
reg = <0 0x14001000 0 0x1000>;
interrupts = <GIC_SPI 252 IRQ_TYPE_LEVEL_HIGH 0>;
clocks = <&mmsys CLK_MM_DISP_MUTEX0>;
mediatek,gce-client-reg = <&gce SUBSYS_1400XXXX 0x1000 0x1000>;
mediatek,gce-events = <CMDQ_EVENT_DISP_STREAM_DONE_ENG_EVENT_0>,
<CMDQ_EVENT_DISP_STREAM_DONE_ENG_EVENT_1>;
power-domains = <&spm MT8192_POWER_DOMAIN_DISP>;

4
arch/arm64/boot/dts/mediatek/mt8195-cherry.dtsi
View File

@@ -845,7 +845,7 @@
mt6315_6_vbuck1: vbuck1 {
regulator-compatible = "vbuck1";
regulator-name = "Vbcpu";
regulator-min-microvolt = <300000>;
regulator-min-microvolt = <400000>;
regulator-max-microvolt = <1193750>;
regulator-enable-ramp-delay = <256>;
regulator-ramp-delay = <6250>;
@@ -863,7 +863,7 @@
mt6315_7_vbuck1: vbuck1 {
regulator-compatible = "vbuck1";
regulator-name = "Vgpu";
regulator-min-microvolt = <625000>;
regulator-min-microvolt = <400000>;
regulator-max-microvolt = <1193750>;
regulator-enable-ramp-delay = <256>;
regulator-ramp-delay = <6250>;

4
arch/arm64/boot/dts/mediatek/mt8195.dtsi
View File

@@ -1492,6 +1492,7 @@
compatible = "mediatek,mt8195-vppsys0";
reg = <0 0x14000000 0 0x1000>;
#clock-cells = <1>;
mediatek,gce-client-reg = <&gce1 SUBSYS_1400XXXX 0 0x1000>;
};
smi_sub_common_vpp0_vpp1_2x1: smi@14010000 {
@@ -1597,6 +1598,7 @@
compatible = "mediatek,mt8195-vppsys1";
reg = <0 0x14f00000 0 0x1000>;
#clock-cells = <1>;
mediatek,gce-client-reg = <&gce1 SUBSYS_14f0XXXX 0 0x1000>;
};
larb5: larb@14f02000 {
@@ -1982,6 +1984,7 @@
reg = <0 0x1c01a000 0 0x1000>;
mboxes = <&gce0 0 CMDQ_THR_PRIO_4>;
#clock-cells = <1>;
mediatek,gce-client-reg = <&gce0 SUBSYS_1c01XXXX 0xa000 0x1000>;
};
larb20: larb@1b010000 {
@@ -2085,6 +2088,7 @@
interrupts = <GIC_SPI 658 IRQ_TYPE_LEVEL_HIGH 0>;
power-domains = <&spm MT8195_POWER_DOMAIN_VDOSYS0>;
clocks = <&vdosys0 CLK_VDO0_DISP_MUTEX0>;
mediatek,gce-client-reg = <&gce0 SUBSYS_1c01XXXX 0x6000 0x1000>;
mediatek,gce-events = <CMDQ_EVENT_VDO0_DISP_STREAM_DONE_0>;
};

2
arch/arm64/boot/dts/qcom/sc7180-trogdor.dtsi
View File

@@ -923,6 +923,8 @@ ap_spi_fp: &spi10 {
vddrf-supply = <&pp1300_l2c>;
vddch0-supply = <&pp3300_l10c>;
max-speed = <3200000>;
qcom,local-bd-address-broken;
};
};

11
arch/arm64/boot/dts/rockchip/rk3328.dtsi
View File

@@ -741,11 +741,20 @@
status = "disabled";
ports {
hdmi_in: port {
#address-cells = <1>;
#size-cells = <0>;
hdmi_in: port@0 {
reg = <0>;
hdmi_in_vop: endpoint {
remote-endpoint = <&vop_out_hdmi>;
};
};
hdmi_out: port@1 {
reg = <1>;
};
};
};

1
arch/arm64/boot/dts/rockchip/rk3399-pinebook-pro.dts
View File

@@ -789,7 +789,6 @@
};
&pcie0 {
bus-scan-delay-ms = <1000>;
ep-gpios = <&gpio2 RK_PD4 GPIO_ACTIVE_HIGH>;
num-lanes = <4>;
pinctrl-names = "default";

31
arch/arm64/boot/dts/rockchip/rk3399-puma.dtsi
View File

@@ -401,16 +401,22 @@
gpio1830-supply = <&vcc_1v8>;
};
&pmu_io_domains {
status = "okay";
pmu1830-supply = <&vcc_1v8>;
};
&pwm2 {
status = "okay";
&pcie_clkreqn_cpm {
rockchip,pins =
<2 RK_PD2 RK_FUNC_GPIO &pcfg_pull_up>;
};
&pinctrl {
pinctrl-names = "default";
pinctrl-0 = <&q7_thermal_pin>;
gpios {
q7_thermal_pin: q7-thermal-pin {
rockchip,pins =
<0 RK_PA3 RK_FUNC_GPIO &pcfg_pull_up>;
};
};
i2c8 {
i2c8_xfer_a: i2c8-xfer {
rockchip,pins =
@@ -443,11 +449,20 @@
usb3 {
usb3_id: usb3-id {
rockchip,pins =
<1 RK_PC2 RK_FUNC_GPIO &pcfg_pull_none>;
<1 RK_PC2 RK_FUNC_GPIO &pcfg_pull_up>;
};
};
};
&pmu_io_domains {
status = "okay";
pmu1830-supply = <&vcc_1v8>;
};
&pwm2 {
status = "okay";
};
&sdhci {
/*
* Signal integrity isn't great at 200MHz but 100MHz has proven stable

12
arch/arm64/boot/dts/rockchip/rk3399.dtsi
View File

@@ -1906,6 +1906,7 @@
hdmi: hdmi@ff940000 {
compatible = "rockchip,rk3399-dw-hdmi";
reg = <0x0 0xff940000 0x0 0x20000>;
reg-io-width = <4>;
interrupts = <GIC_SPI 23 IRQ_TYPE_LEVEL_HIGH 0>;
clocks = <&cru PCLK_HDMI_CTRL>,
<&cru SCLK_HDMI_SFR>,
@@ -1914,13 +1915,16 @@
<&cru PLL_VPLL>;
clock-names = "iahb", "isfr", "cec", "grf", "ref";
power-domains = <&power RK3399_PD_HDCP>;
reg-io-width = <4>;
rockchip,grf = <&grf>;
#sound-dai-cells = <0>;
status = "disabled";
ports {
hdmi_in: port {
#address-cells = <1>;
#size-cells = <0>;
hdmi_in: port@0 {
reg = <0>;
#address-cells = <1>;
#size-cells = <0>;
@@ -1933,6 +1937,10 @@
remote-endpoint = <&vopl_out_hdmi>;
};
};
hdmi_out: port@1 {
reg = <1>;
};
};
};

6
arch/arm64/boot/dts/rockchip/rk3568-bpi-r2-pro.dts
View File

@@ -412,6 +412,8 @@
vccio_sd: LDO_REG5 {
regulator-name = "vccio_sd";
regulator-always-on;
regulator-boot-on;
regulator-min-microvolt = <1800000>;
regulator-max-microvolt = <3300000>;
@@ -521,9 +523,9 @@
#address-cells = <1>;
#size-cells = <0>;
switch@0 {
switch@1f {
compatible = "mediatek,mt7531";
reg = <0>;
reg = <0x1f>;
ports {
#address-cells = <1>;

3
arch/arm64/mm/pageattr.c
View File

@@ -237,9 +237,6 @@ bool kernel_page_present(struct page *page)
pte_t *ptep;
unsigned long addr = (unsigned long)page_address(page);
if (!can_set_direct_map())
return true;
pgdp = pgd_offset_k(addr);
if (pgd_none(READ_ONCE(*pgdp)))
return false;

8
arch/loongarch/include/asm/perf_event.h
View File

@@ -7,6 +7,14 @@
#ifndef __LOONGARCH_PERF_EVENT_H__
#define __LOONGARCH_PERF_EVENT_H__
#include <asm/ptrace.h>
#define perf_arch_bpf_user_pt_regs(regs) (struct user_pt_regs *)regs
#define perf_arch_fetch_caller_regs(regs, __ip) { \
(regs)->csr_era = (__ip); \
(regs)->regs[3] = current_stack_pointer; \
(regs)->regs[22] = (unsigned long) __builtin_frame_address(0); \
}
#endif /* __LOONGARCH_PERF_EVENT_H__ */

4
arch/loongarch/mm/fault.c
View File

@@ -193,10 +193,10 @@ good_area:
if (!(vma->vm_flags & VM_WRITE))
goto bad_area;
} else {
if (!(vma->vm_flags & VM_READ) && address != exception_era(regs))
goto bad_area;
if (!(vma->vm_flags & VM_EXEC) && address == exception_era(regs))
goto bad_area;
if (!(vma->vm_flags & (VM_READ | VM_WRITE)) && address != exception_era(regs))
goto bad_area;
}
/*

4
arch/riscv/include/asm/pgtable.h
View File

@@ -799,8 +799,8 @@ static inline pmd_t pmdp_establish(struct vm_area_struct *vma,
#define PAGE_SHARED __pgprot(0)
#define PAGE_KERNEL __pgprot(0)
#define swapper_pg_dir NULL
#define TASK_SIZE 0xffffffffUL
#define VMALLOC_START 0
#define TASK_SIZE _AC(-1, UL)
#define VMALLOC_START _AC(0, UL)
#define VMALLOC_END TASK_SIZE
#endif /* !CONFIG_MMU */

4
arch/riscv/include/asm/uaccess.h
View File

@@ -319,7 +319,7 @@ unsigned long __must_check clear_user(void __user *to, unsigned long n)
#define __get_kernel_nofault(dst, src, type, err_label) \
do { \
long __kr_err; \
long __kr_err = 0; \
\
__get_user_nocheck(*((type *)(dst)), (type *)(src), __kr_err); \
if (unlikely(__kr_err)) \
@@ -328,7 +328,7 @@ do { \
#define __put_kernel_nofault(dst, src, type, err_label) \
do { \
long __kr_err; \
long __kr_err = 0; \
\
__put_user_nocheck(*((type *)(src)), (type *)(dst), __kr_err); \
if (unlikely(__kr_err)) \

3
arch/riscv/kernel/process.c
View File

@@ -25,8 +25,6 @@
#include <asm/thread_info.h>
#include <asm/cpuidle.h>
register unsigned long gp_in_global __asm__("gp");
#if defined(CONFIG_STACKPROTECTOR) && !defined(CONFIG_STACKPROTECTOR_PER_TASK)
#include <linux/stackprotector.h>
unsigned long __stack_chk_guard __read_mostly;
@@ -170,7 +168,6 @@ int copy_thread(struct task_struct *p, const struct kernel_clone_args *args)
if (unlikely(args->fn)) {
/* Kernel thread */
memset(childregs, 0, sizeof(struct pt_regs));
childregs->gp = gp_in_global;
/* Supervisor/Machine, irqs on: */
childregs->status = SR_PP | SR_PIE;

1
arch/s390/kernel/entry.S
View File

@@ -699,6 +699,7 @@ ENDPROC(stack_overflow)
.Lthis_cpu: .short 0
.Lstosm_tmp: .byte 0
.section .rodata, "a"
.balign 8
#define SYSCALL(esame,emu) .quad __s390x_ ## esame
.globl sys_call_table
sys_call_table:

21
arch/x86/Kconfig
View File

@@ -62,6 +62,7 @@ config X86
select ACPI_SYSTEM_POWER_STATES_SUPPORT if ACPI
select ARCH_32BIT_OFF_T if X86_32
select ARCH_CLOCKSOURCE_INIT
select ARCH_CONFIGURES_CPU_MITIGATIONS
select ARCH_CORRECT_STACKTRACE_ON_KRETPROBE
select ARCH_ENABLE_HUGEPAGE_MIGRATION if X86_64 && HUGETLB_PAGE && MIGRATION
select ARCH_ENABLE_MEMORY_HOTPLUG if X86_64
@@ -2450,17 +2451,17 @@ config CC_HAS_SLS
config CC_HAS_RETURN_THUNK
def_bool $(cc-option,-mfunction-return=thunk-extern)
menuconfig SPECULATION_MITIGATIONS
bool "Mitigations for speculative execution vulnerabilities"
menuconfig CPU_MITIGATIONS
bool "Mitigations for CPU vulnerabilities"
default y
help
Say Y here to enable options which enable mitigations for
speculative execution hardware vulnerabilities.
Say Y here to enable options which enable mitigations for hardware
vulnerabilities (usually related to speculative execution).
If you say N, all mitigations will be disabled. You really
should know what you are doing to say so.
if SPECULATION_MITIGATIONS
if CPU_MITIGATIONS
config PAGE_TABLE_ISOLATION
bool "Remove the kernel mapping in user mode"
@@ -2564,6 +2565,16 @@ config MITIGATION_RFDS
stored in floating point, vector and integer registers.
See also <file:Documentation/admin-guide/hw-vuln/reg-file-data-sampling.rst>
config MITIGATION_SPECTRE_BHI
bool "Mitigate Spectre-BHB (Branch History Injection)"
depends on CPU_SUP_INTEL
default y
help
Enable BHI mitigations. BHI attacks are a form of Spectre V2 attacks
where the branch history buffer is poisoned to speculatively steer
indirect branches.
See <file:Documentation/admin-guide/hw-vuln/spectre.rst>
endif
config ARCH_HAS_ADD_PAGES

2
arch/x86/boot/Makefile
View File

@@ -91,7 +91,7 @@ $(obj)/vmlinux.bin: $(obj)/compressed/vmlinux FORCE
SETUP_OBJS = $(addprefix $(obj)/,$(setup-y))
sed-zoffset := -e 's/^\([0-9a-fA-F]*\) [a-zA-Z] \(startup_32\|startup_64\|efi32_stub_entry\|efi64_stub_entry\|efi_pe_entry\|efi32_pe_entry\|input_data\|kernel_info\|_end\|_ehead\|_text\|z_.*\)$$/\#define ZO_\2 0x\1/p'
sed-zoffset := -e 's/^\([0-9a-fA-F]*\) [a-zA-Z] \(startup_32\|efi.._stub_entry\|efi\(32\)\?_pe_entry\|input_data\|kernel_info\|_end\|_ehead\|_text\|_e\?data\|z_.*\)$$/\#define ZO_\2 0x\1/p'
quiet_cmd_zoffset = ZOFFSET $@
cmd_zoffset = $(NM) $< | sed -n $(sed-zoffset) > $@

2
arch/x86/boot/compressed/Makefile
View File

@@ -84,7 +84,7 @@ LDFLAGS_vmlinux += -T
hostprogs := mkpiggy
HOST_EXTRACFLAGS += -I$(srctree)/tools/include
sed-voffset := -e 's/^\([0-9a-fA-F]*\) [ABCDGRSTVW] \(_text\|__bss_start\|_end\)$$/\#define VO_\2 _AC(0x\1,UL)/p'
sed-voffset := -e 's/^\([0-9a-fA-F]*\) [ABCDGRSTVW] \(_text\|__start_rodata\|__bss_start\|_end\)$$/\#define VO_\2 _AC(0x\1,UL)/p'
quiet_cmd_voffset = VOFFSET $@
cmd_voffset = $(NM) $< | sed -n $(sed-voffset) > $@

1
arch/x86/boot/compressed/misc.c
View File

@@ -330,6 +330,7 @@ static size_t parse_elf(void *output)
return ehdr.e_entry - LOAD_PHYSICAL_ADDR;
}
const unsigned long kernel_text_size = VO___start_rodata - VO__text;
const unsigned long kernel_total_size = VO__end - VO__text;
static u8 boot_heap[BOOT_HEAP_SIZE] __aligned(4);

3
arch/x86/boot/compressed/sev.c
View File

@@ -118,6 +118,9 @@ static bool fault_in_kernel_space(unsigned long address)
#define __init
#define __pa(x) ((unsigned long)(x))
#undef __head
#define __head
#define __BOOT_COMPRESSED
/* Basic instruction decoding support needed */

6
arch/x86/boot/compressed/vmlinux.lds.S
View File

@@ -42,11 +42,13 @@ SECTIONS
*(.rodata.*)
_erodata = . ;
}
.data : {
.data : ALIGN(0x1000) {
_data = . ;
*(.data)
*(.data.*)
*(.bss.efistub)
/* Add 4 bytes of extra space for a CRC-32 checksum */
. = ALIGN(. + 4, 0x200);
_edata = . ;
}
. = ALIGN(L1_CACHE_BYTES);

211
arch/x86/boot/header.S
View File

@@ -36,65 +36,19 @@ SYSSEG = 0x1000 /* historical load address >> 4 */
#define ROOT_RDONLY 1
#endif
.set salign, 0x1000
.set falign, 0x200
.code16
.section ".bstext", "ax"
.global bootsect_start
bootsect_start:
#ifdef CONFIG_EFI_STUB
# "MZ", MS-DOS header
.word MZ_MAGIC
#endif
# Normalize the start address
ljmp $BOOTSEG, $start2
start2:
movw %cs, %ax
movw %ax, %ds
movw %ax, %es
movw %ax, %ss
xorw %sp, %sp
sti
cld
movw $bugger_off_msg, %si
msg_loop:
lodsb
andb %al, %al
jz bs_die
movb $0xe, %ah
movw $7, %bx
int $0x10
jmp msg_loop
bs_die:
# Allow the user to press a key, then reboot
xorw %ax, %ax
int $0x16
int $0x19
# int 0x19 should never return. In case it does anyway,
# invoke the BIOS reset code...
ljmp $0xf000,$0xfff0
#ifdef CONFIG_EFI_STUB
.org 0x3c
#
# Offset to the PE header.
#
.long pe_header
#endif /* CONFIG_EFI_STUB */
.section ".bsdata", "a"
bugger_off_msg:
.ascii "Use a boot loader.\r\n"
.ascii "\n"
.ascii "Remove disk and press any key to reboot...\r\n"
.byte 0
#ifdef CONFIG_EFI_STUB
pe_header:
.long PE_MAGIC
@@ -123,30 +77,26 @@ optional_header:
.byte 0x02 # MajorLinkerVersion
.byte 0x14 # MinorLinkerVersion
# Filled in by build.c
.long 0 # SizeOfCode
.long ZO__data # SizeOfCode
.long 0 # SizeOfInitializedData
.long ZO__end - ZO__data # SizeOfInitializedData
.long 0 # SizeOfUninitializedData
# Filled in by build.c
.long 0x0000 # AddressOfEntryPoint
.long setup_size + ZO_efi_pe_entry # AddressOfEntryPoint
.long 0x0200 # BaseOfCode
.long setup_size # BaseOfCode
#ifdef CONFIG_X86_32
.long 0 # data
#endif
extra_header_fields:
# PE specification requires ImageBase to be 64k aligned
.set image_base, (LOAD_PHYSICAL_ADDR + 0xffff) & ~0xffff
#ifdef CONFIG_X86_32
.long image_base # ImageBase
.long 0 # ImageBase
#else
.quad image_base # ImageBase
.quad 0 # ImageBase
#endif
.long 0x20 # SectionAlignment
.long 0x20 # FileAlignment
.long salign # SectionAlignment
.long falign # FileAlignment
.word 0 # MajorOperatingSystemVersion
.word 0 # MinorOperatingSystemVersion
.word LINUX_EFISTUB_MAJOR_VERSION # MajorImageVersion
@@ -155,12 +105,9 @@ extra_header_fields:
.word 0 # MinorSubsystemVersion
.long 0 # Win32VersionValue
#
# The size of the bzImage is written in tools/build.c
#
.long 0 # SizeOfImage
.long setup_size + ZO__end # SizeOfImage
.long 0x200 # SizeOfHeaders
.long salign # SizeOfHeaders
.long 0 # CheckSum
.word IMAGE_SUBSYSTEM_EFI_APPLICATION # Subsystem (EFI application)
#ifdef CONFIG_EFI_DXE_MEM_ATTRIBUTES
@@ -191,87 +138,77 @@ extra_header_fields:
# Section table
section_table:
#
# The offset & size fields are filled in by build.c.
#
.ascii ".setup"
.byte 0
.byte 0
.long 0
.long 0x0 # startup_{32,64}
.long 0 # Size of initialized data
# on disk
.long 0x0 # startup_{32,64}
.long 0 # PointerToRelocations
.long 0 # PointerToLineNumbers
.word 0 # NumberOfRelocations
.word 0 # NumberOfLineNumbers
.long IMAGE_SCN_CNT_CODE | \
IMAGE_SCN_MEM_READ | \
IMAGE_SCN_MEM_EXECUTE | \
IMAGE_SCN_ALIGN_16BYTES # Characteristics
.long pecompat_fstart - salign # VirtualSize
.long salign # VirtualAddress
.long pecompat_fstart - salign # SizeOfRawData
.long salign # PointerToRawData
#
# The EFI application loader requires a relocation section
# because EFI applications must be relocatable. The .reloc
# offset & size fields are filled in by build.c.
#
.ascii ".reloc"
.byte 0
.byte 0
.long 0
.long 0
.long 0 # SizeOfRawData
.long 0 # PointerToRawData
.long 0 # PointerToRelocations
.long 0 # PointerToLineNumbers
.word 0 # NumberOfRelocations
.word 0 # NumberOfLineNumbers
.long 0, 0, 0
.long IMAGE_SCN_CNT_INITIALIZED_DATA | \
IMAGE_SCN_MEM_READ | \
IMAGE_SCN_MEM_DISCARDABLE | \
IMAGE_SCN_ALIGN_1BYTES # Characteristics
IMAGE_SCN_MEM_DISCARDABLE # Characteristics
#ifdef CONFIG_EFI_MIXED
#
# The offset & size fields are filled in by build.c.
#
.asciz ".compat"
.long 0
.long 0x0
.long 0 # Size of initialized data
# on disk
.long 0x0
.long 0 # PointerToRelocations
.long 0 # PointerToLineNumbers
.word 0 # NumberOfRelocations
.word 0 # NumberOfLineNumbers
.long pecompat_fsize # VirtualSize
.long pecompat_fstart # VirtualAddress
.long pecompat_fsize # SizeOfRawData
.long pecompat_fstart # PointerToRawData
.long 0, 0, 0
.long IMAGE_SCN_CNT_INITIALIZED_DATA | \
IMAGE_SCN_MEM_READ | \
IMAGE_SCN_MEM_DISCARDABLE | \
IMAGE_SCN_ALIGN_1BYTES # Characteristics
#endif
IMAGE_SCN_MEM_DISCARDABLE # Characteristics
#
# The offset & size fields are filled in by build.c.
#
/*
* Put the IA-32 machine type and the associated entry point address in
* the .compat section, so loaders can figure out which other execution
* modes this image supports.
*/
.pushsection ".pecompat", "a", @progbits
.balign salign
.globl pecompat_fstart
pecompat_fstart:
.byte 0x1 # Version
.byte 8 # Size
.word IMAGE_FILE_MACHINE_I386 # PE machine type
.long setup_size + ZO_efi32_pe_entry # Entrypoint
.byte 0x0 # Sentinel
.popsection
#else
.set pecompat_fstart, setup_size
#endif
.ascii ".text"
.byte 0
.byte 0
.byte 0
.long 0
.long 0x0 # startup_{32,64}
.long 0 # Size of initialized data
.long ZO__data
.long setup_size
.long ZO__data # Size of initialized data
# on disk
.long 0x0 # startup_{32,64}
.long setup_size
.long 0 # PointerToRelocations
.long 0 # PointerToLineNumbers
.word 0 # NumberOfRelocations
.word 0 # NumberOfLineNumbers
.long IMAGE_SCN_CNT_CODE | \
IMAGE_SCN_MEM_READ | \
IMAGE_SCN_MEM_EXECUTE | \
IMAGE_SCN_ALIGN_16BYTES # Characteristics
IMAGE_SCN_MEM_EXECUTE # Characteristics
.ascii ".data\0\0\0"
.long ZO__end - ZO__data # VirtualSize
.long setup_size + ZO__data # VirtualAddress
.long ZO__edata - ZO__data # SizeOfRawData
.long setup_size + ZO__data # PointerToRawData
.long 0, 0, 0
.long IMAGE_SCN_CNT_INITIALIZED_DATA | \
IMAGE_SCN_MEM_READ | \
IMAGE_SCN_MEM_WRITE # Characteristics
.set section_count, (. - section_table) / 40
#endif /* CONFIG_EFI_STUB */
@@ -285,12 +222,12 @@ sentinel: .byte 0xff, 0xff /* Used to detect broken loaders */
.globl hdr
hdr:
setup_sects: .byte 0 /* Filled in by build.c */
.byte setup_sects - 1
root_flags: .word ROOT_RDONLY
syssize: .long 0 /* Filled in by build.c */
syssize: .long ZO__edata / 16
ram_size: .word 0 /* Obsolete */
vid_mode: .word SVGA_MODE
root_dev: .word 0 /* Filled in by build.c */
root_dev: .word 0 /* Default to major/minor 0/0 */
boot_flag: .word 0xAA55
# offset 512, entry point
@@ -578,9 +515,25 @@ pref_address: .quad LOAD_PHYSICAL_ADDR # preferred load addr
# define INIT_SIZE VO_INIT_SIZE
#endif
.macro __handover_offset
#ifndef CONFIG_EFI_HANDOVER_PROTOCOL
.long 0
#elif !defined(CONFIG_X86_64)
.long ZO_efi32_stub_entry
#else
/* Yes, this is really how we defined it :( */
.long ZO_efi64_stub_entry - 0x200
#ifdef CONFIG_EFI_MIXED
.if ZO_efi32_stub_entry != ZO_efi64_stub_entry - 0x200
.error "32-bit and 64-bit EFI entry points do not match"
.endif
#endif
#endif
.endm
init_size: .long INIT_SIZE # kernel initialization size
handover_offset: .long 0 # Filled in by build.c
kernel_info_offset: .long 0 # Filled in by build.c
handover_offset: __handover_offset
kernel_info_offset: .long ZO_kernel_info
# End of setup header #####################################################

14
arch/x86/boot/setup.ld
View File

@@ -10,10 +10,11 @@ ENTRY(_start)
SECTIONS
{
. = 0;
.bstext : { *(.bstext) }
.bsdata : { *(.bsdata) }
.bstext : {
*(.bstext)
. = 495;
} =0xffffffff
. = 495;
.header : { *(.header) }
.entrytext : { *(.entrytext) }
.inittext : { *(.inittext) }
@@ -23,6 +24,9 @@ SECTIONS
.text : { *(.text .text.*) }
.text32 : { *(.text32) }
.pecompat : { *(.pecompat) }
PROVIDE(pecompat_fsize = setup_size - pecompat_fstart);
. = ALIGN(16);
.rodata : { *(.rodata*) }
@@ -38,8 +42,10 @@ SECTIONS
.signature : {
setup_sig = .;
LONG(0x5a5aaa55)
}
setup_size = ALIGN(ABSOLUTE(.), 4096);
setup_sects = ABSOLUTE(setup_size / 512);
}
. = ALIGN(16);
.bss :

273
arch/x86/boot/tools/build.c
View File

@@ -40,10 +40,6 @@ typedef unsigned char u8;
typedef unsigned short u16;
typedef unsigned int u32;
#define DEFAULT_MAJOR_ROOT 0
#define DEFAULT_MINOR_ROOT 0
#define DEFAULT_ROOT_DEV (DEFAULT_MAJOR_ROOT << 8 | DEFAULT_MINOR_ROOT)
/* Minimal number of setup sectors */
#define SETUP_SECT_MIN 5
#define SETUP_SECT_MAX 64
@@ -51,22 +47,7 @@ typedef unsigned int u32;
/* This must be large enough to hold the entire setup */
u8 buf[SETUP_SECT_MAX*512];
#define PECOFF_RELOC_RESERVE 0x20
#ifdef CONFIG_EFI_MIXED
#define PECOFF_COMPAT_RESERVE 0x20
#else
#define PECOFF_COMPAT_RESERVE 0x0
#endif
static unsigned long efi32_stub_entry;
static unsigned long efi64_stub_entry;
static unsigned long efi_pe_entry;
static unsigned long efi32_pe_entry;
static unsigned long kernel_info;
static unsigned long startup_64;
static unsigned long _ehead;
static unsigned long _end;
static unsigned long _edata;
/*----------------------------------------------------------------------*/
@@ -152,180 +133,6 @@ static void usage(void)
die("Usage: build setup system zoffset.h image");
}
#ifdef CONFIG_EFI_STUB
static void update_pecoff_section_header_fields(char *section_name, u32 vma, u32 size, u32 datasz, u32 offset)
{
unsigned int pe_header;
unsigned short num_sections;
u8 *section;
pe_header = get_unaligned_le32(&buf[0x3c]);
num_sections = get_unaligned_le16(&buf[pe_header + 6]);
#ifdef CONFIG_X86_32
section = &buf[pe_header + 0xa8];
#else
section = &buf[pe_header + 0xb8];
#endif
while (num_sections > 0) {
if (strncmp((char*)section, section_name, 8) == 0) {
/* section header size field */
put_unaligned_le32(size, section + 0x8);
/* section header vma field */
put_unaligned_le32(vma, section + 0xc);
/* section header 'size of initialised data' field */
put_unaligned_le32(datasz, section + 0x10);
/* section header 'file offset' field */
put_unaligned_le32(offset, section + 0x14);
break;
}
section += 0x28;
num_sections--;
}
}
static void update_pecoff_section_header(char *section_name, u32 offset, u32 size)
{
update_pecoff_section_header_fields(section_name, offset, size, size, offset);
}
static void update_pecoff_setup_and_reloc(unsigned int size)
{
u32 setup_offset = 0x200;
u32 reloc_offset = size - PECOFF_RELOC_RESERVE - PECOFF_COMPAT_RESERVE;
#ifdef CONFIG_EFI_MIXED
u32 compat_offset = reloc_offset + PECOFF_RELOC_RESERVE;
#endif
u32 setup_size = reloc_offset - setup_offset;
update_pecoff_section_header(".setup", setup_offset, setup_size);
update_pecoff_section_header(".reloc", reloc_offset, PECOFF_RELOC_RESERVE);
/*
* Modify .reloc section contents with a single entry. The
* relocation is applied to offset 10 of the relocation section.
*/
put_unaligned_le32(reloc_offset + 10, &buf[reloc_offset]);
put_unaligned_le32(10, &buf[reloc_offset + 4]);
#ifdef CONFIG_EFI_MIXED
update_pecoff_section_header(".compat", compat_offset, PECOFF_COMPAT_RESERVE);
/*
* Put the IA-32 machine type (0x14c) and the associated entry point
* address in the .compat section, so loaders can figure out which other
* execution modes this image supports.
*/
buf[compat_offset] = 0x1;
buf[compat_offset + 1] = 0x8;
put_unaligned_le16(0x14c, &buf[compat_offset + 2]);
put_unaligned_le32(efi32_pe_entry + size, &buf[compat_offset + 4]);
#endif
}
static void update_pecoff_text(unsigned int text_start, unsigned int file_sz,
unsigned int init_sz)
{
unsigned int pe_header;
unsigned int text_sz = file_sz - text_start;
unsigned int bss_sz = init_sz - file_sz;
pe_header = get_unaligned_le32(&buf[0x3c]);
/*
* The PE/COFF loader may load the image at an address which is
* misaligned with respect to the kernel_alignment field in the setup
* header.
*
* In order to avoid relocating the kernel to correct the misalignment,
* add slack to allow the buffer to be aligned within the declared size
* of the image.
*/
bss_sz += CONFIG_PHYSICAL_ALIGN;
init_sz += CONFIG_PHYSICAL_ALIGN;
/*
* Size of code: Subtract the size of the first sector (512 bytes)
* which includes the header.
*/
put_unaligned_le32(file_sz - 512 + bss_sz, &buf[pe_header + 0x1c]);
/* Size of image */
put_unaligned_le32(init_sz, &buf[pe_header + 0x50]);
/*
* Address of entry point for PE/COFF executable
*/
put_unaligned_le32(text_start + efi_pe_entry, &buf[pe_header + 0x28]);
update_pecoff_section_header_fields(".text", text_start, text_sz + bss_sz,
text_sz, text_start);
}
static int reserve_pecoff_reloc_section(int c)
{
/* Reserve 0x20 bytes for .reloc section */
memset(buf+c, 0, PECOFF_RELOC_RESERVE);
return PECOFF_RELOC_RESERVE;
}
static void efi_stub_defaults(void)
{
/* Defaults for old kernel */
#ifdef CONFIG_X86_32
efi_pe_entry = 0x10;
#else
efi_pe_entry = 0x210;
startup_64 = 0x200;
#endif
}
static void efi_stub_entry_update(void)
{
unsigned long addr = efi32_stub_entry;
#ifdef CONFIG_EFI_HANDOVER_PROTOCOL
#ifdef CONFIG_X86_64
/* Yes, this is really how we defined it :( */
addr = efi64_stub_entry - 0x200;
#endif
#ifdef CONFIG_EFI_MIXED
if (efi32_stub_entry != addr)
die("32-bit and 64-bit EFI entry points do not match\n");
#endif
#endif
put_unaligned_le32(addr, &buf[0x264]);
}
#else
static inline void update_pecoff_setup_and_reloc(unsigned int size) {}
static inline void update_pecoff_text(unsigned int text_start,
unsigned int file_sz,
unsigned int init_sz) {}
static inline void efi_stub_defaults(void) {}
static inline void efi_stub_entry_update(void) {}
static inline int reserve_pecoff_reloc_section(int c)
{
return 0;
}
#endif /* CONFIG_EFI_STUB */
static int reserve_pecoff_compat_section(int c)
{
/* Reserve 0x20 bytes for .compat section */
memset(buf+c, 0, PECOFF_COMPAT_RESERVE);
return PECOFF_COMPAT_RESERVE;
}
/*
* Parse zoffset.h and find the entry points. We could just #include zoffset.h
* but that would mean tools/build would have to be rebuilt every time. It's
@@ -354,14 +161,7 @@ static void parse_zoffset(char *fname)
p = (char *)buf;
while (p && *p) {
PARSE_ZOFS(p, efi32_stub_entry);
PARSE_ZOFS(p, efi64_stub_entry);
PARSE_ZOFS(p, efi_pe_entry);
PARSE_ZOFS(p, efi32_pe_entry);
PARSE_ZOFS(p, kernel_info);
PARSE_ZOFS(p, startup_64);
PARSE_ZOFS(p, _ehead);
PARSE_ZOFS(p, _end);
PARSE_ZOFS(p, _edata);
p = strchr(p, '\n');
while (p && (*p == '\r' || *p == '\n'))
@@ -371,17 +171,14 @@ static void parse_zoffset(char *fname)
int main(int argc, char ** argv)
{
unsigned int i, sz, setup_sectors, init_sz;
unsigned int i, sz, setup_sectors;
int c;
u32 sys_size;
struct stat sb;
FILE *file, *dest;
int fd;
void *kernel;
u32 crc = 0xffffffffUL;
efi_stub_defaults();
if (argc != 5)
usage();
parse_zoffset(argv[3]);
@@ -403,72 +200,27 @@ int main(int argc, char ** argv)
die("Boot block hasn't got boot flag (0xAA55)");
fclose(file);
c += reserve_pecoff_compat_section(c);
c += reserve_pecoff_reloc_section(c);
/* Pad unused space with zeros */
setup_sectors = (c + 511) / 512;
setup_sectors = (c + 4095) / 4096;
setup_sectors *= 8;
if (setup_sectors < SETUP_SECT_MIN)
setup_sectors = SETUP_SECT_MIN;
i = setup_sectors*512;
memset(buf+c, 0, i-c);
update_pecoff_setup_and_reloc(i);
/* Set the default root device */
put_unaligned_le16(DEFAULT_ROOT_DEV, &buf[508]);
/* Open and stat the kernel file */
fd = open(argv[2], O_RDONLY);
if (fd < 0)
die("Unable to open `%s': %m", argv[2]);
if (fstat(fd, &sb))
die("Unable to stat `%s': %m", argv[2]);
sz = sb.st_size;
if (_edata != sb.st_size)
die("Unexpected file size `%s': %u != %u", argv[2], _edata,
sb.st_size);
sz = _edata - 4;
kernel = mmap(NULL, sz, PROT_READ, MAP_SHARED, fd, 0);
if (kernel == MAP_FAILED)
die("Unable to mmap '%s': %m", argv[2]);
/* Number of 16-byte paragraphs, including space for a 4-byte CRC */
sys_size = (sz + 15 + 4) / 16;
#ifdef CONFIG_EFI_STUB
/*
* COFF requires minimum 32-byte alignment of sections, and
* adding a signature is problematic without that alignment.
*/
sys_size = (sys_size + 1) & ~1;
#endif
/* Patch the setup code with the appropriate size parameters */
buf[0x1f1] = setup_sectors-1;
put_unaligned_le32(sys_size, &buf[0x1f4]);
init_sz = get_unaligned_le32(&buf[0x260]);
#ifdef CONFIG_EFI_STUB
/*
* The decompression buffer will start at ImageBase. When relocating
* the compressed kernel to its end, we must ensure that the head
* section does not get overwritten. The head section occupies
* [i, i + _ehead), and the destination is [init_sz - _end, init_sz).
*
* At present these should never overlap, because 'i' is at most 32k
* because of SETUP_SECT_MAX, '_ehead' is less than 1k, and the
* calculation of INIT_SIZE in boot/header.S ensures that
* 'init_sz - _end' is at least 64k.
*
* For future-proofing, increase init_sz if necessary.
*/
if (init_sz - _end < i + _ehead) {
init_sz = (i + _ehead + _end + 4095) & ~4095;
put_unaligned_le32(init_sz, &buf[0x260]);
}
#endif
update_pecoff_text(setup_sectors * 512, i + (sys_size * 16), init_sz);
efi_stub_entry_update();
/* Update kernel_info offset. */
put_unaligned_le32(kernel_info, &buf[0x268]);
crc = partial_crc32(buf, i, crc);
if (fwrite(buf, 1, i, dest) != i)
@@ -479,13 +231,6 @@ int main(int argc, char ** argv)
if (fwrite(kernel, 1, sz, dest) != sz)
die("Writing kernel failed");
/* Add padding leaving 4 bytes for the checksum */
while (sz++ < (sys_size*16) - 4) {
crc = partial_crc32_one('\0', crc);
if (fwrite("\0", 1, 1, dest) != 1)
die("Writing padding failed");
}
/* Write the CRC */
put_unaligned_le32(crc, buf);
if (fwrite(buf, 1, 4, dest) != 4)

41
arch/x86/coco/core.c
View File

@@ -3,13 +3,17 @@
* Confidential Computing Platform Capability checks
*
* Copyright (C) 2021 Advanced Micro Devices, Inc.
* Copyright (C) 2024 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
*
* Author: Tom Lendacky <thomas.lendacky@amd.com>
*/
#include <linux/export.h>
#include <linux/cc_platform.h>
#include <linux/string.h>
#include <linux/random.h>
#include <asm/archrandom.h>
#include <asm/coco.h>
#include <asm/processor.h>
@@ -128,3 +132,40 @@ u64 cc_mkdec(u64 val)
}
}
EXPORT_SYMBOL_GPL(cc_mkdec);
__init void cc_random_init(void)
{
/*
* The seed is 32 bytes (in units of longs), which is 256 bits, which
* is the security level that the RNG is targeting.
*/
unsigned long rng_seed[32 / sizeof(long)];
size_t i, longs;
if (!cc_platform_has(CC_ATTR_GUEST_MEM_ENCRYPT))
return;
/*
* Since the CoCo threat model includes the host, the only reliable
* source of entropy that can be neither observed nor manipulated is
* RDRAND. Usually, RDRAND failure is considered tolerable, but since
* CoCo guests have no other unobservable source of entropy, it's
* important to at least ensure the RNG gets some initial random seeds.
*/
for (i = 0; i < ARRAY_SIZE(rng_seed); i += longs) {
longs = arch_get_random_longs(&rng_seed[i], ARRAY_SIZE(rng_seed) - i);
/*
* A zero return value means that the guest doesn't have RDRAND
* or the CPU is physically broken, and in both cases that
* means most crypto inside of the CoCo instance will be
* broken, defeating the purpose of CoCo in the first place. So
* just panic here because it's absolutely unsafe to continue
* executing.
*/
if (longs == 0)
panic("RDRAND is defective.");
}
add_device_randomness(rng_seed, sizeof(rng_seed));
memzero_explicit(rng_seed, sizeof(rng_seed));
}

10
arch/x86/entry/common.c
View File

@@ -48,7 +48,7 @@ static __always_inline bool do_syscall_x64(struct pt_regs *regs, int nr)
if (likely(unr < NR_syscalls)) {
unr = array_index_nospec(unr, NR_syscalls);
regs->ax = sys_call_table[unr](regs);
regs->ax = x64_sys_call(regs, unr);
return true;
}
return false;
@@ -65,7 +65,7 @@ static __always_inline bool do_syscall_x32(struct pt_regs *regs, int nr)
if (IS_ENABLED(CONFIG_X86_X32_ABI) && likely(xnr < X32_NR_syscalls)) {
xnr = array_index_nospec(xnr, X32_NR_syscalls);
regs->ax = x32_sys_call_table[xnr](regs);
regs->ax = x32_sys_call(regs, xnr);
return true;
}
return false;
@@ -114,7 +114,7 @@ static __always_inline void do_syscall_32_irqs_on(struct pt_regs *regs, int nr)
if (likely(unr < IA32_NR_syscalls)) {
unr = array_index_nospec(unr, IA32_NR_syscalls);
regs->ax = ia32_sys_call_table[unr](regs);
regs->ax = ia32_sys_call(regs, unr);
} else if (nr != -1) {
regs->ax = __ia32_sys_ni_syscall(regs);
}
@@ -141,7 +141,7 @@ static __always_inline bool int80_is_external(void)
}
/**
* int80_emulation - 32-bit legacy syscall entry
* do_int80_emulation - 32-bit legacy syscall C entry from asm
*
* This entry point can be used by 32-bit and 64-bit programs to perform
* 32-bit system calls. Instances of INT $0x80 can be found inline in
@@ -159,7 +159,7 @@ static __always_inline bool int80_is_external(void)
* eax: system call number
* ebx, ecx, edx, esi, edi, ebp: arg1 - arg 6
*/
DEFINE_IDTENTRY_RAW(int80_emulation)
__visible noinstr void do_int80_emulation(struct pt_regs *regs)
{
int nr;

61
arch/x86/entry/entry_64.S
View File

@@ -116,6 +116,7 @@ SYM_INNER_LABEL(entry_SYSCALL_64_after_hwframe, SYM_L_GLOBAL)
/* clobbers %rax, make sure it is after saving the syscall nr */
IBRS_ENTER
UNTRAIN_RET
CLEAR_BRANCH_HISTORY
call do_syscall_64 /* returns with IRQs disabled */
@@ -1539,3 +1540,63 @@ SYM_CODE_START(rewind_stack_and_make_dead)
call make_task_dead
SYM_CODE_END(rewind_stack_and_make_dead)
.popsection
/*
* This sequence executes branches in order to remove user branch information
* from the branch history tracker in the Branch Predictor, therefore removing
* user influence on subsequent BTB lookups.
*
* It should be used on parts prior to Alder Lake. Newer parts should use the
* BHI_DIS_S hardware control instead. If a pre-Alder Lake part is being
* virtualized on newer hardware the VMM should protect against BHI attacks by
* setting BHI_DIS_S for the guests.
*
* CALLs/RETs are necessary to prevent Loop Stream Detector(LSD) from engaging
* and not clearing the branch history. The call tree looks like:
*
* call 1
* call 2
* call 2
* call 2
* call 2
* call 2
* ret
* ret
* ret
* ret
* ret
* ret
*
* This means that the stack is non-constant and ORC can't unwind it with %rsp
* alone. Therefore we unconditionally set up the frame pointer, which allows
* ORC to unwind properly.
*
* The alignment is for performance and not for safety, and may be safely
* refactored in the future if needed.
*/
SYM_FUNC_START(clear_bhb_loop)
push %rbp
mov %rsp, %rbp
movl $5, %ecx
ANNOTATE_INTRA_FUNCTION_CALL
call 1f
jmp 5f
.align 64, 0xcc
ANNOTATE_INTRA_FUNCTION_CALL
1: call 2f
RET
.align 64, 0xcc
2: movl $5, %eax
3: jmp 4f
nop
4: sub $1, %eax
jnz 3b
sub $1, %ecx
jnz 1b
RET
5: lfence
pop %rbp
RET
SYM_FUNC_END(clear_bhb_loop)
EXPORT_SYMBOL_GPL(clear_bhb_loop)
STACK_FRAME_NON_STANDARD(clear_bhb_loop)

16
arch/x86/entry/entry_64_compat.S
View File

@@ -92,6 +92,7 @@ SYM_INNER_LABEL(entry_SYSENTER_compat_after_hwframe, SYM_L_GLOBAL)
IBRS_ENTER
UNTRAIN_RET
CLEAR_BRANCH_HISTORY
/*
* SYSENTER doesn't filter flags, so we need to clear NT and AC
@@ -210,6 +211,7 @@ SYM_INNER_LABEL(entry_SYSCALL_compat_after_hwframe, SYM_L_GLOBAL)
IBRS_ENTER
UNTRAIN_RET
CLEAR_BRANCH_HISTORY
movq %rsp, %rdi
call do_fast_syscall_32
@@ -278,3 +280,17 @@ SYM_INNER_LABEL(entry_SYSRETL_compat_end, SYM_L_GLOBAL)
ANNOTATE_NOENDBR
int3
SYM_CODE_END(entry_SYSCALL_compat)
/*
* int 0x80 is used by 32 bit mode as a system call entry. Normally idt entries
* point to C routines, however since this is a system call interface the branch
* history needs to be scrubbed to protect against BHI attacks, and that
* scrubbing needs to take place in assembly code prior to entering any C
* routines.
*/
SYM_CODE_START(int80_emulation)
ANNOTATE_NOENDBR
UNWIND_HINT_FUNC
CLEAR_BRANCH_HISTORY
jmp do_int80_emulation
SYM_CODE_END(int80_emulation)

21
arch/x86/entry/syscall_32.c
View File

@@ -18,8 +18,25 @@
#include <asm/syscalls_32.h>
#undef __SYSCALL
/*
* The sys_call_table[] is no longer used for system calls, but
* kernel/trace/trace_syscalls.c still wants to know the system
* call address.
*/
#ifdef CONFIG_X86_32
#define __SYSCALL(nr, sym) __ia32_##sym,
__visible const sys_call_ptr_t ia32_sys_call_table[] = {
const sys_call_ptr_t sys_call_table[] = {
#include <asm/syscalls_32.h>
};
#undef __SYSCALL
#endif
#define __SYSCALL(nr, sym) case nr: return __ia32_##sym(regs);
long ia32_sys_call(const struct pt_regs *regs, unsigned int nr)
{
switch (nr) {
#include <asm/syscalls_32.h>
default: return __ia32_sys_ni_syscall(regs);
}
};

19
arch/x86/entry/syscall_64.c
View File

@@ -11,8 +11,23 @@
#include <asm/syscalls_64.h>
#undef __SYSCALL
/*
* The sys_call_table[] is no longer used for system calls, but
* kernel/trace/trace_syscalls.c still wants to know the system
* call address.
*/
#define __SYSCALL(nr, sym) __x64_##sym,
asmlinkage const sys_call_ptr_t sys_call_table[] = {
const sys_call_ptr_t sys_call_table[] = {
#include <asm/syscalls_64.h>
};
#undef __SYSCALL
#define __SYSCALL(nr, sym) case nr: return __x64_##sym(regs);
long x64_sys_call(const struct pt_regs *regs, unsigned int nr)
{
switch (nr) {
#include <asm/syscalls_64.h>
default: return __x64_sys_ni_syscall(regs);
}
};

10
arch/x86/entry/syscall_x32.c
View File

@@ -11,8 +11,12 @@
#include <asm/syscalls_x32.h>
#undef __SYSCALL
#define __SYSCALL(nr, sym) __x64_##sym,
#define __SYSCALL(nr, sym) case nr: return __x64_##sym(regs);
asmlinkage const sys_call_ptr_t x32_sys_call_table[] = {
#include <asm/syscalls_x32.h>
long x32_sys_call(const struct pt_regs *regs, unsigned int nr)
{
switch (nr) {
#include <asm/syscalls_x32.h>
default: return __x64_sys_ni_syscall(regs);
}
};

4
arch/x86/events/amd/core.c
View File

@@ -904,8 +904,8 @@ static int amd_pmu_v2_handle_irq(struct pt_regs *regs)
if (!status)
goto done;
/* Read branch records before unfreezing */
if (status & GLOBAL_STATUS_LBRS_FROZEN) {
/* Read branch records */
if (x86_pmu.lbr_nr) {
amd_pmu_lbr_read();
status &= ~GLOBAL_STATUS_LBRS_FROZEN;
}

22
arch/x86/events/amd/lbr.c
View File

@@ -173,9 +173,11 @@ void amd_pmu_lbr_read(void)
/*
* Check if a branch has been logged; if valid = 0, spec = 0
* then no branch was recorded
* then no branch was recorded; if reserved = 1 then an
* erroneous branch was recorded (see Erratum 1452)
*/
if (!entry.to.split.valid && !entry.to.split.spec)
if ((!entry.to.split.valid && !entry.to.split.spec) ||
entry.to.split.reserved)
continue;
perf_clear_branch_entry_bitfields(br + out);
@@ -400,10 +402,12 @@ void amd_pmu_lbr_enable_all(void)
wrmsrl(MSR_AMD64_LBR_SELECT, lbr_select);
}
rdmsrl(MSR_IA32_DEBUGCTLMSR, dbg_ctl);
rdmsrl(MSR_AMD_DBG_EXTN_CFG, dbg_extn_cfg);
if (cpu_feature_enabled(X86_FEATURE_AMD_LBR_PMC_FREEZE)) {
rdmsrl(MSR_IA32_DEBUGCTLMSR, dbg_ctl);
wrmsrl(MSR_IA32_DEBUGCTLMSR, dbg_ctl | DEBUGCTLMSR_FREEZE_LBRS_ON_PMI);
}
wrmsrl(MSR_IA32_DEBUGCTLMSR, dbg_ctl | DEBUGCTLMSR_FREEZE_LBRS_ON_PMI);
rdmsrl(MSR_AMD_DBG_EXTN_CFG, dbg_extn_cfg);
wrmsrl(MSR_AMD_DBG_EXTN_CFG, dbg_extn_cfg | DBG_EXTN_CFG_LBRV2EN);
}
@@ -416,10 +420,12 @@ void amd_pmu_lbr_disable_all(void)
return;
rdmsrl(MSR_AMD_DBG_EXTN_CFG, dbg_extn_cfg);
rdmsrl(MSR_IA32_DEBUGCTLMSR, dbg_ctl);
wrmsrl(MSR_AMD_DBG_EXTN_CFG, dbg_extn_cfg & ~DBG_EXTN_CFG_LBRV2EN);
wrmsrl(MSR_IA32_DEBUGCTLMSR, dbg_ctl & ~DEBUGCTLMSR_FREEZE_LBRS_ON_PMI);
if (cpu_feature_enabled(X86_FEATURE_AMD_LBR_PMC_FREEZE)) {
rdmsrl(MSR_IA32_DEBUGCTLMSR, dbg_ctl);
wrmsrl(MSR_IA32_DEBUGCTLMSR, dbg_ctl & ~DEBUGCTLMSR_FREEZE_LBRS_ON_PMI);
}
}
__init int amd_pmu_lbr_init(void)

1
arch/x86/events/core.c
View File

@@ -1644,6 +1644,7 @@ static void x86_pmu_del(struct perf_event *event, int flags)
while (++i < cpuc->n_events) {
cpuc->event_list[i-1] = cpuc->event_list[i];
cpuc->event_constraint[i-1] = cpuc->event_constraint[i];
cpuc->assign[i-1] = cpuc->assign[i];
}
cpuc->event_constraint[i-1] = NULL;
--cpuc->n_events;

3
arch/x86/include/asm/apic.h
View File

@@ -12,6 +12,7 @@
#include <asm/mpspec.h>
#include <asm/msr.h>
#include <asm/hardirq.h>
#include <asm/io.h>
#define ARCH_APICTIMER_STOPS_ON_C3 1
@@ -109,7 +110,7 @@ static inline void native_apic_mem_write(u32 reg, u32 v)
static inline u32 native_apic_mem_read(u32 reg)
{
return *((volatile u32 *)(APIC_BASE + reg));
return readl((void __iomem *)(APIC_BASE + reg));
}
extern void native_apic_wait_icr_idle(void);

1
arch/x86/include/asm/asm-prototypes.h
View File

@@ -12,6 +12,7 @@
#include <asm/special_insns.h>
#include <asm/preempt.h>
#include <asm/asm.h>
#include <asm/nospec-branch.h>
#ifndef CONFIG_X86_CMPXCHG64
extern void cmpxchg8b_emu(void);

1
arch/x86/include/asm/boot.h
View File

@@ -81,6 +81,7 @@
#ifndef __ASSEMBLY__
extern unsigned int output_len;
extern const unsigned long kernel_text_size;
extern const unsigned long kernel_total_size;
unsigned long decompress_kernel(unsigned char *outbuf, unsigned long virt_addr,

7
arch/x86/include/asm/coco.h
View File

@@ -13,9 +13,10 @@ enum cc_vendor {
};
extern enum cc_vendor cc_vendor;
extern u64 cc_mask;
#ifdef CONFIG_ARCH_HAS_CC_PLATFORM
extern u64 cc_mask;
static inline void cc_set_mask(u64 mask)
{
RIP_REL_REF(cc_mask) = mask;
@@ -23,7 +24,10 @@ static inline void cc_set_mask(u64 mask)
u64 cc_mkenc(u64 val);
u64 cc_mkdec(u64 val);
void cc_random_init(void);
#else
static const u64 cc_mask = 0;
static inline u64 cc_mkenc(u64 val)
{
return val;
@@ -33,6 +37,7 @@ static inline u64 cc_mkdec(u64 val)
{
return val;
}
static inline void cc_random_init(void) { }
#endif
#endif /* _ASM_X86_COCO_H */

8
arch/x86/include/asm/cpufeature.h
View File

@@ -33,6 +33,8 @@ enum cpuid_leafs
CPUID_7_EDX,
CPUID_8000_001F_EAX,
CPUID_8000_0021_EAX,
CPUID_LNX_5,
NR_CPUID_WORDS,
};
#define X86_CAP_FMT_NUM "%d:%d"
@@ -96,8 +98,9 @@ extern const char * const x86_bug_flags[NBUGINTS*32];
CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 18, feature_bit) || \
CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 19, feature_bit) || \
CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 20, feature_bit) || \
CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 21, feature_bit) || \
REQUIRED_MASK_CHECK || \
BUILD_BUG_ON_ZERO(NCAPINTS != 21))
BUILD_BUG_ON_ZERO(NCAPINTS != 22))
#define DISABLED_MASK_BIT_SET(feature_bit) \
( CHECK_BIT_IN_MASK_WORD(DISABLED_MASK, 0, feature_bit) || \
@@ -121,8 +124,9 @@ extern const char * const x86_bug_flags[NBUGINTS*32];
CHECK_BIT_IN_MASK_WORD(DISABLED_MASK, 18, feature_bit) || \
CHECK_BIT_IN_MASK_WORD(DISABLED_MASK, 19, feature_bit) || \
CHECK_BIT_IN_MASK_WORD(DISABLED_MASK, 20, feature_bit) || \
CHECK_BIT_IN_MASK_WORD(DISABLED_MASK, 21, feature_bit) || \
DISABLED_MASK_CHECK || \
BUILD_BUG_ON_ZERO(NCAPINTS != 21))
BUILD_BUG_ON_ZERO(NCAPINTS != 22))
#define cpu_has(c, bit) \
(__builtin_constant_p(bit) && REQUIRED_MASK_BIT_SET(bit) ? 1 : \

15
arch/x86/include/asm/cpufeatures.h
View File

@@ -13,7 +13,7 @@
/*
* Defines x86 CPU feature bits
*/
#define NCAPINTS 21 /* N 32-bit words worth of info */
#define NCAPINTS 22 /* N 32-bit words worth of info */
#define NBUGINTS 2 /* N 32-bit bug flags */
/*
@@ -432,6 +432,18 @@
#define X86_FEATURE_IBPB_BRTYPE (20*32+28) /* "" MSR_PRED_CMD[IBPB] flushes all branch type predictions */
#define X86_FEATURE_SRSO_NO (20*32+29) /* "" CPU is not affected by SRSO */
/*
* Extended auxiliary flags: Linux defined - for features scattered in various
* CPUID levels like 0x80000022, etc and Linux defined features.
*
* Reuse free bits when adding new feature flags!
*/
#define X86_FEATURE_AMD_LBR_PMC_FREEZE (21*32+ 0) /* AMD LBR and PMC Freeze */
#define X86_FEATURE_CLEAR_BHB_LOOP (21*32+ 1) /* "" Clear branch history at syscall entry using SW loop */
#define X86_FEATURE_BHI_CTRL (21*32+ 2) /* "" BHI_DIS_S HW control available */
#define X86_FEATURE_CLEAR_BHB_HW (21*32+ 3) /* "" BHI_DIS_S HW control enabled */
#define X86_FEATURE_CLEAR_BHB_LOOP_ON_VMEXIT (21*32+ 4) /* "" Clear branch history at vmexit using SW loop */
/*
* BUG word(s)
*/
@@ -479,4 +491,5 @@
#define X86_BUG_SRSO X86_BUG(1*32 + 0) /* AMD SRSO bug */
#define X86_BUG_DIV0 X86_BUG(1*32 + 1) /* AMD DIV0 speculation bug */
#define X86_BUG_RFDS X86_BUG(1*32 + 2) /* CPU is vulnerable to Register File Data Sampling */
#define X86_BUG_BHI X86_BUG(1*32 + 3) /* CPU is affected by Branch History Injection */
#endif /* _ASM_X86_CPUFEATURES_H */

3
arch/x86/include/asm/disabled-features.h
View File

@@ -112,6 +112,7 @@
#define DISABLED_MASK18 0
#define DISABLED_MASK19 0
#define DISABLED_MASK20 0
#define DISABLED_MASK_CHECK BUILD_BUG_ON_ZERO(NCAPINTS != 21)
#define DISABLED_MASK21 0
#define DISABLED_MASK_CHECK BUILD_BUG_ON_ZERO(NCAPINTS != 22)
#endif /* _ASM_X86_DISABLED_FEATURES_H */

2
arch/x86/include/asm/init.h
View File

@@ -2,6 +2,8 @@
#ifndef _ASM_X86_INIT_H
#define _ASM_X86_INIT_H
#define __head __section(".head.text")
struct x86_mapping_info {
void *(*alloc_pgt_page)(void *); /* allocate buf for page table */
void *context; /* context for alloc_pgt_page */

1
arch/x86/include/asm/kvm_host.h
View File

@@ -773,6 +773,7 @@ struct kvm_vcpu_arch {
int cpuid_nent;
struct kvm_cpuid_entry2 *cpuid_entries;
u32 kvm_cpuid_base;
bool is_amd_compatible;
u64 reserved_gpa_bits;
int maxphyaddr;

8
arch/x86/include/asm/mem_encrypt.h
View File

@@ -46,8 +46,8 @@ void __init sme_unmap_bootdata(char *real_mode_data);
void __init sme_early_init(void);
void __init sev_setup_arch(void);
void __init sme_encrypt_kernel(struct boot_params *bp);
void __init sme_enable(struct boot_params *bp);
void sme_encrypt_kernel(struct boot_params *bp);
void sme_enable(struct boot_params *bp);
int __init early_set_memory_decrypted(unsigned long vaddr, unsigned long size);
int __init early_set_memory_encrypted(unsigned long vaddr, unsigned long size);
@@ -80,8 +80,8 @@ static inline void __init sme_unmap_bootdata(char *real_mode_data) { }
static inline void __init sme_early_init(void) { }
static inline void __init sev_setup_arch(void) { }
static inline void __init sme_encrypt_kernel(struct boot_params *bp) { }
static inline void __init sme_enable(struct boot_params *bp) { }
static inline void sme_encrypt_kernel(struct boot_params *bp) { }
static inline void sme_enable(struct boot_params *bp) { }
static inline void sev_es_init_vc_handling(void) { }

9
arch/x86/include/asm/msr-index.h
View File

@@ -55,10 +55,13 @@
#define SPEC_CTRL_SSBD BIT(SPEC_CTRL_SSBD_SHIFT) /* Speculative Store Bypass Disable */
#define SPEC_CTRL_RRSBA_DIS_S_SHIFT 6 /* Disable RRSBA behavior */
#define SPEC_CTRL_RRSBA_DIS_S BIT(SPEC_CTRL_RRSBA_DIS_S_SHIFT)
#define SPEC_CTRL_BHI_DIS_S_SHIFT 10 /* Disable Branch History Injection behavior */
#define SPEC_CTRL_BHI_DIS_S BIT(SPEC_CTRL_BHI_DIS_S_SHIFT)
/* A mask for bits which the kernel toggles when controlling mitigations */
#define SPEC_CTRL_MITIGATIONS_MASK (SPEC_CTRL_IBRS | SPEC_CTRL_STIBP | SPEC_CTRL_SSBD \
| SPEC_CTRL_RRSBA_DIS_S)
| SPEC_CTRL_RRSBA_DIS_S \
| SPEC_CTRL_BHI_DIS_S)
#define MSR_IA32_PRED_CMD 0x00000049 /* Prediction Command */
#define PRED_CMD_IBPB BIT(0) /* Indirect Branch Prediction Barrier */
@@ -157,6 +160,10 @@
* are restricted to targets in
* kernel.
*/
#define ARCH_CAP_BHI_NO BIT(20) /*
* CPU is not affected by Branch
* History Injection.
*/
#define ARCH_CAP_PBRSB_NO BIT(24) /*
* Not susceptible to Post-Barrier
* Return Stack Buffer Predictions.

37
arch/x86/include/asm/nospec-branch.h
View File

@@ -167,11 +167,20 @@
.Lskip_rsb_\@:
.endm
/*
* The CALL to srso_alias_untrain_ret() must be patched in directly at
* the spot where untraining must be done, ie., srso_alias_untrain_ret()
* must be the target of a CALL instruction instead of indirectly
* jumping to a wrapper which then calls it. Therefore, this macro is
* called outside of __UNTRAIN_RET below, for the time being, before the
* kernel can support nested alternatives with arbitrary nesting.
*/
.macro CALL_UNTRAIN_RET
#ifdef CONFIG_CPU_UNRET_ENTRY
#define CALL_UNTRAIN_RET "call entry_untrain_ret"
#else
#define CALL_UNTRAIN_RET ""
ALTERNATIVE_2 "", "call entry_untrain_ret", X86_FEATURE_UNRET, \
"call srso_alias_untrain_ret", X86_FEATURE_SRSO_ALIAS
#endif
.endm
/*
* Mitigate RETBleed for AMD/Hygon Zen uarch. Requires KERNEL CR3 because the
@@ -188,9 +197,8 @@
#if defined(CONFIG_CPU_UNRET_ENTRY) || defined(CONFIG_CPU_IBPB_ENTRY) || \
defined(CONFIG_CPU_SRSO)
ANNOTATE_UNRET_END
ALTERNATIVE_2 "", \
CALL_UNTRAIN_RET, X86_FEATURE_UNRET, \
"call entry_ibpb", X86_FEATURE_ENTRY_IBPB
CALL_UNTRAIN_RET
ALTERNATIVE "", "call entry_ibpb", X86_FEATURE_ENTRY_IBPB
#endif
.endm
@@ -207,6 +215,19 @@
.Lskip_verw_\@:
.endm
#ifdef CONFIG_X86_64
.macro CLEAR_BRANCH_HISTORY
ALTERNATIVE "", "call clear_bhb_loop", X86_FEATURE_CLEAR_BHB_LOOP
.endm
.macro CLEAR_BRANCH_HISTORY_VMEXIT
ALTERNATIVE "", "call clear_bhb_loop", X86_FEATURE_CLEAR_BHB_LOOP_ON_VMEXIT
.endm
#else
#define CLEAR_BRANCH_HISTORY
#define CLEAR_BRANCH_HISTORY_VMEXIT
#endif
#else /* __ASSEMBLY__ */
#define ANNOTATE_RETPOLINE_SAFE \
@@ -235,6 +256,10 @@ extern void srso_alias_untrain_ret(void);
extern void entry_untrain_ret(void);
extern void entry_ibpb(void);
#ifdef CONFIG_X86_64
extern void clear_bhb_loop(void);
#endif
extern void (*x86_return_thunk)(void);
#ifdef CONFIG_RETPOLINE

12
arch/x86/include/asm/page_types.h
View File

@@ -11,20 +11,14 @@
#define PAGE_SIZE (_AC(1,UL) << PAGE_SHIFT)
#define PAGE_MASK (~(PAGE_SIZE-1))
#define PMD_PAGE_SIZE (_AC(1, UL) << PMD_SHIFT)
#define PMD_PAGE_MASK (~(PMD_PAGE_SIZE-1))
#define PUD_PAGE_SIZE (_AC(1, UL) << PUD_SHIFT)
#define PUD_PAGE_MASK (~(PUD_PAGE_SIZE-1))
#define __VIRTUAL_MASK ((1UL << __VIRTUAL_MASK_SHIFT) - 1)
/* Cast *PAGE_MASK to a signed type so that it is sign-extended if
/* Cast P*D_MASK to a signed type so that it is sign-extended if
virtual addresses are 32-bits but physical addresses are larger
(ie, 32-bit PAE). */
#define PHYSICAL_PAGE_MASK (((signed long)PAGE_MASK) & __PHYSICAL_MASK)
#define PHYSICAL_PMD_PAGE_MASK (((signed long)PMD_PAGE_MASK) & __PHYSICAL_MASK)
#define PHYSICAL_PUD_PAGE_MASK (((signed long)PUD_PAGE_MASK) & __PHYSICAL_MASK)
#define PHYSICAL_PMD_PAGE_MASK (((signed long)PMD_MASK) & __PHYSICAL_MASK)
#define PHYSICAL_PUD_PAGE_MASK (((signed long)PUD_MASK) & __PHYSICAL_MASK)
#define HPAGE_SHIFT PMD_SHIFT
#define HPAGE_SIZE (_AC(1,UL) << HPAGE_SHIFT)

3
arch/x86/include/asm/pgtable_types.h
View File

@@ -127,7 +127,7 @@
*/
#define _COMMON_PAGE_CHG_MASK (PTE_PFN_MASK | _PAGE_PCD | _PAGE_PWT | \
_PAGE_SPECIAL | _PAGE_ACCESSED | _PAGE_DIRTY |\
_PAGE_SOFT_DIRTY | _PAGE_DEVMAP | _PAGE_ENC | \
_PAGE_SOFT_DIRTY | _PAGE_DEVMAP | _PAGE_CC | \
_PAGE_UFFD_WP)
#define _PAGE_CHG_MASK (_COMMON_PAGE_CHG_MASK | _PAGE_PAT)
#define _HPAGE_CHG_MASK (_COMMON_PAGE_CHG_MASK | _PAGE_PSE | _PAGE_PAT_LARGE)
@@ -153,6 +153,7 @@ enum page_cache_mode {
};
#endif
#define _PAGE_CC (_AT(pteval_t, cc_mask))
#define _PAGE_ENC (_AT(pteval_t, sme_me_mask))
#define _PAGE_CACHE_MASK (_PAGE_PWT | _PAGE_PCD | _PAGE_PAT)

3
arch/x86/include/asm/required-features.h
View File

@@ -99,6 +99,7 @@
#define REQUIRED_MASK18 0
#define REQUIRED_MASK19 0
#define REQUIRED_MASK20 0
#define REQUIRED_MASK_CHECK BUILD_BUG_ON_ZERO(NCAPINTS != 21)
#define REQUIRED_MASK21 0
#define REQUIRED_MASK_CHECK BUILD_BUG_ON_ZERO(NCAPINTS != 22)
#endif /* _ASM_X86_REQUIRED_FEATURES_H */

10
arch/x86/include/asm/sev.h
View File

@@ -192,15 +192,15 @@ static inline int pvalidate(unsigned long vaddr, bool rmp_psize, bool validate)
struct snp_guest_request_ioctl;
void setup_ghcb(void);
void __init early_snp_set_memory_private(unsigned long vaddr, unsigned long paddr,
unsigned long npages);
void __init early_snp_set_memory_shared(unsigned long vaddr, unsigned long paddr,
unsigned long npages);
void early_snp_set_memory_private(unsigned long vaddr, unsigned long paddr,
unsigned long npages);
void early_snp_set_memory_shared(unsigned long vaddr, unsigned long paddr,
unsigned long npages);
void snp_set_memory_shared(unsigned long vaddr, unsigned long npages);
void snp_set_memory_private(unsigned long vaddr, unsigned long npages);
void snp_set_wakeup_secondary_cpu(void);
bool snp_init(struct boot_params *bp);
void __init __noreturn snp_abort(void);
void __noreturn snp_abort(void);
void snp_dmi_setup(void);
int snp_issue_guest_request(u64 exit_code, struct snp_req_data *input, struct snp_guest_request_ioctl *rio);
u64 snp_get_unsupported_features(u64 status);

11
arch/x86/include/asm/syscall.h
View File

@@ -16,19 +16,17 @@
#include <asm/thread_info.h> /* for TS_COMPAT */
#include <asm/unistd.h>
/* This is used purely for kernel/trace/trace_syscalls.c */
typedef long (*sys_call_ptr_t)(const struct pt_regs *);
extern const sys_call_ptr_t sys_call_table[];
#if defined(CONFIG_X86_32)
#define ia32_sys_call_table sys_call_table
#else
/*
* These may not exist, but still put the prototypes in so we
* can use IS_ENABLED().
*/
extern const sys_call_ptr_t ia32_sys_call_table[];
extern const sys_call_ptr_t x32_sys_call_table[];
#endif
extern long ia32_sys_call(const struct pt_regs *, unsigned int nr);
extern long x32_sys_call(const struct pt_regs *, unsigned int nr);
extern long x64_sys_call(const struct pt_regs *, unsigned int nr);
/*
* Only the low 32 bits of orig_ax are meaningful, so we return int.
@@ -129,6 +127,7 @@ static inline int syscall_get_arch(struct task_struct *task)
void do_syscall_64(struct pt_regs *regs, int nr);
void do_int80_syscall_32(struct pt_regs *regs);
long do_fast_syscall_32(struct pt_regs *regs);
void do_int80_emulation(struct pt_regs *regs);
#endif /* CONFIG_X86_32 */

2
arch/x86/kernel/amd_gart_64.c
View File

@@ -504,7 +504,7 @@ static __init unsigned long check_iommu_size(unsigned long aper, u64 aper_size)
}
a = aper + iommu_size;
iommu_size -= round_up(a, PMD_PAGE_SIZE) - a;
iommu_size -= round_up(a, PMD_SIZE) - a;
if (iommu_size < 64*1024*1024) {
pr_warn("PCI-DMA: Warning: Small IOMMU %luMB."

6
arch/x86/kernel/apic/apic.c
View File

@@ -1760,11 +1760,11 @@ static int x2apic_state;
static bool x2apic_hw_locked(void)
{
u64 ia32_cap;
u64 x86_arch_cap_msr;
u64 msr;
ia32_cap = x86_read_arch_cap_msr();
if (ia32_cap & ARCH_CAP_XAPIC_DISABLE) {
x86_arch_cap_msr = x86_read_arch_cap_msr();
if (x86_arch_cap_msr & ARCH_CAP_XAPIC_DISABLE) {
rdmsrl(MSR_IA32_XAPIC_DISABLE_STATUS, msr);
return (msr & LEGACY_XAPIC_DISABLED);
}

170
arch/x86/kernel/cpu/bugs.c
View File

@@ -60,6 +60,8 @@ EXPORT_SYMBOL_GPL(x86_spec_ctrl_current);
u64 x86_pred_cmd __ro_after_init = PRED_CMD_IBPB;
EXPORT_SYMBOL_GPL(x86_pred_cmd);
static u64 __ro_after_init x86_arch_cap_msr;
static DEFINE_MUTEX(spec_ctrl_mutex);
void (*x86_return_thunk)(void) __ro_after_init = &__x86_return_thunk;
@@ -143,6 +145,8 @@ void __init cpu_select_mitigations(void)
x86_spec_ctrl_base &= ~SPEC_CTRL_MITIGATIONS_MASK;
}
x86_arch_cap_msr = x86_read_arch_cap_msr();
/* Select the proper CPU mitigations before patching alternatives: */
spectre_v1_select_mitigation();
spectre_v2_select_mitigation();
@@ -300,8 +304,6 @@ static const char * const taa_strings[] = {
static void __init taa_select_mitigation(void)
{
u64 ia32_cap;
if (!boot_cpu_has_bug(X86_BUG_TAA)) {
taa_mitigation = TAA_MITIGATION_OFF;
return;
@@ -340,9 +342,8 @@ static void __init taa_select_mitigation(void)
* On MDS_NO=1 CPUs if ARCH_CAP_TSX_CTRL_MSR is not set, microcode
* update is required.
*/
ia32_cap = x86_read_arch_cap_msr();
if ( (ia32_cap & ARCH_CAP_MDS_NO) &&
!(ia32_cap & ARCH_CAP_TSX_CTRL_MSR))
if ( (x86_arch_cap_msr & ARCH_CAP_MDS_NO) &&
!(x86_arch_cap_msr & ARCH_CAP_TSX_CTRL_MSR))
taa_mitigation = TAA_MITIGATION_UCODE_NEEDED;
/*
@@ -400,8 +401,6 @@ static const char * const mmio_strings[] = {
static void __init mmio_select_mitigation(void)
{
u64 ia32_cap;
if (!boot_cpu_has_bug(X86_BUG_MMIO_STALE_DATA) ||
boot_cpu_has_bug(X86_BUG_MMIO_UNKNOWN) ||
cpu_mitigations_off()) {
@@ -412,8 +411,6 @@ static void __init mmio_select_mitigation(void)
if (mmio_mitigation == MMIO_MITIGATION_OFF)
return;
ia32_cap = x86_read_arch_cap_msr();
/*
* Enable CPU buffer clear mitigation for host and VMM, if also affected
* by MDS or TAA. Otherwise, enable mitigation for VMM only.
@@ -436,7 +433,7 @@ static void __init mmio_select_mitigation(void)
* be propagated to uncore buffers, clearing the Fill buffers on idle
* is required irrespective of SMT state.
*/
if (!(ia32_cap & ARCH_CAP_FBSDP_NO))
if (!(x86_arch_cap_msr & ARCH_CAP_FBSDP_NO))
static_branch_enable(&mds_idle_clear);
/*
@@ -446,10 +443,10 @@ static void __init mmio_select_mitigation(void)
* FB_CLEAR or by the presence of both MD_CLEAR and L1D_FLUSH on MDS
* affected systems.
*/
if ((ia32_cap & ARCH_CAP_FB_CLEAR) ||
if ((x86_arch_cap_msr & ARCH_CAP_FB_CLEAR) ||
(boot_cpu_has(X86_FEATURE_MD_CLEAR) &&
boot_cpu_has(X86_FEATURE_FLUSH_L1D) &&
!(ia32_cap & ARCH_CAP_MDS_NO)))
!(x86_arch_cap_msr & ARCH_CAP_MDS_NO)))
mmio_mitigation = MMIO_MITIGATION_VERW;
else
mmio_mitigation = MMIO_MITIGATION_UCODE_NEEDED;
@@ -507,7 +504,7 @@ static void __init rfds_select_mitigation(void)
if (rfds_mitigation == RFDS_MITIGATION_OFF)
return;
if (x86_read_arch_cap_msr() & ARCH_CAP_RFDS_CLEAR)
if (x86_arch_cap_msr & ARCH_CAP_RFDS_CLEAR)
setup_force_cpu_cap(X86_FEATURE_CLEAR_CPU_BUF);
else
rfds_mitigation = RFDS_MITIGATION_UCODE_NEEDED;
@@ -658,8 +655,6 @@ void update_srbds_msr(void)
static void __init srbds_select_mitigation(void)
{
u64 ia32_cap;
if (!boot_cpu_has_bug(X86_BUG_SRBDS))
return;
@@ -668,8 +663,7 @@ static void __init srbds_select_mitigation(void)
* are only exposed to SRBDS when TSX is enabled or when CPU is affected
* by Processor MMIO Stale Data vulnerability.
*/
ia32_cap = x86_read_arch_cap_msr();
if ((ia32_cap & ARCH_CAP_MDS_NO) && !boot_cpu_has(X86_FEATURE_RTM) &&
if ((x86_arch_cap_msr & ARCH_CAP_MDS_NO) && !boot_cpu_has(X86_FEATURE_RTM) &&
!boot_cpu_has_bug(X86_BUG_MMIO_STALE_DATA))
srbds_mitigation = SRBDS_MITIGATION_TSX_OFF;
else if (boot_cpu_has(X86_FEATURE_HYPERVISOR))
@@ -812,7 +806,7 @@ static void __init gds_select_mitigation(void)
/* Will verify below that mitigation _can_ be disabled */
/* No microcode */
if (!(x86_read_arch_cap_msr() & ARCH_CAP_GDS_CTRL)) {
if (!(x86_arch_cap_msr & ARCH_CAP_GDS_CTRL)) {
if (gds_mitigation == GDS_MITIGATION_FORCE) {
/*
* This only needs to be done on the boot CPU so do it
@@ -1521,20 +1515,25 @@ static enum spectre_v2_mitigation __init spectre_v2_select_retpoline(void)
return SPECTRE_V2_RETPOLINE;
}
static bool __ro_after_init rrsba_disabled;
/* Disable in-kernel use of non-RSB RET predictors */
static void __init spec_ctrl_disable_kernel_rrsba(void)
{
u64 ia32_cap;
if (rrsba_disabled)
return;
if (!(x86_arch_cap_msr & ARCH_CAP_RRSBA)) {
rrsba_disabled = true;
return;
}
if (!boot_cpu_has(X86_FEATURE_RRSBA_CTRL))
return;
ia32_cap = x86_read_arch_cap_msr();
if (ia32_cap & ARCH_CAP_RRSBA) {
x86_spec_ctrl_base |= SPEC_CTRL_RRSBA_DIS_S;
update_spec_ctrl(x86_spec_ctrl_base);
}
x86_spec_ctrl_base |= SPEC_CTRL_RRSBA_DIS_S;
update_spec_ctrl(x86_spec_ctrl_base);
rrsba_disabled = true;
}
static void __init spectre_v2_determine_rsb_fill_type_at_vmexit(enum spectre_v2_mitigation mode)
@@ -1584,6 +1583,74 @@ static void __init spectre_v2_determine_rsb_fill_type_at_vmexit(enum spectre_v2_
dump_stack();
}
/*
* Set BHI_DIS_S to prevent indirect branches in kernel to be influenced by
* branch history in userspace. Not needed if BHI_NO is set.
*/
static bool __init spec_ctrl_bhi_dis(void)
{
if (!boot_cpu_has(X86_FEATURE_BHI_CTRL))
return false;
x86_spec_ctrl_base |= SPEC_CTRL_BHI_DIS_S;
update_spec_ctrl(x86_spec_ctrl_base);
setup_force_cpu_cap(X86_FEATURE_CLEAR_BHB_HW);
return true;
}
enum bhi_mitigations {
BHI_MITIGATION_OFF,
BHI_MITIGATION_ON,
};
static enum bhi_mitigations bhi_mitigation __ro_after_init =
IS_ENABLED(CONFIG_MITIGATION_SPECTRE_BHI) ? BHI_MITIGATION_ON : BHI_MITIGATION_OFF;
static int __init spectre_bhi_parse_cmdline(char *str)
{
if (!str)
return -EINVAL;
if (!strcmp(str, "off"))
bhi_mitigation = BHI_MITIGATION_OFF;
else if (!strcmp(str, "on"))
bhi_mitigation = BHI_MITIGATION_ON;
else
pr_err("Ignoring unknown spectre_bhi option (%s)", str);
return 0;
}
early_param("spectre_bhi", spectre_bhi_parse_cmdline);
static void __init bhi_select_mitigation(void)
{
if (bhi_mitigation == BHI_MITIGATION_OFF)
return;
/* Retpoline mitigates against BHI unless the CPU has RRSBA behavior */
if (boot_cpu_has(X86_FEATURE_RETPOLINE) &&
!boot_cpu_has(X86_FEATURE_RETPOLINE_LFENCE)) {
spec_ctrl_disable_kernel_rrsba();
if (rrsba_disabled)
return;
}
if (spec_ctrl_bhi_dis())
return;
if (!IS_ENABLED(CONFIG_X86_64))
return;
/* Mitigate KVM by default */
setup_force_cpu_cap(X86_FEATURE_CLEAR_BHB_LOOP_ON_VMEXIT);
pr_info("Spectre BHI mitigation: SW BHB clearing on vm exit\n");
/* Mitigate syscalls when the mitigation is forced =on */
setup_force_cpu_cap(X86_FEATURE_CLEAR_BHB_LOOP);
pr_info("Spectre BHI mitigation: SW BHB clearing on syscall\n");
}
static void __init spectre_v2_select_mitigation(void)
{
enum spectre_v2_mitigation_cmd cmd = spectre_v2_parse_cmdline();
@@ -1694,6 +1761,9 @@ static void __init spectre_v2_select_mitigation(void)
mode == SPECTRE_V2_RETPOLINE)
spec_ctrl_disable_kernel_rrsba();
if (boot_cpu_has(X86_BUG_BHI))
bhi_select_mitigation();
spectre_v2_enabled = mode;
pr_info("%s\n", spectre_v2_strings[mode]);
@@ -1808,8 +1878,6 @@ static void update_indir_branch_cond(void)
/* Update the static key controlling the MDS CPU buffer clear in idle */
static void update_mds_branch_idle(void)
{
u64 ia32_cap = x86_read_arch_cap_msr();
/*
* Enable the idle clearing if SMT is active on CPUs which are
* affected only by MSBDS and not any other MDS variant.
@@ -1824,7 +1892,7 @@ static void update_mds_branch_idle(void)
if (sched_smt_active()) {
static_branch_enable(&mds_idle_clear);
} else if (mmio_mitigation == MMIO_MITIGATION_OFF ||
(ia32_cap & ARCH_CAP_FBSDP_NO)) {
(x86_arch_cap_msr & ARCH_CAP_FBSDP_NO)) {
static_branch_disable(&mds_idle_clear);
}
}
@@ -2674,15 +2742,15 @@ static char *stibp_state(void)
switch (spectre_v2_user_stibp) {
case SPECTRE_V2_USER_NONE:
return ", STIBP: disabled";
return "; STIBP: disabled";
case SPECTRE_V2_USER_STRICT:
return ", STIBP: forced";
return "; STIBP: forced";
case SPECTRE_V2_USER_STRICT_PREFERRED:
return ", STIBP: always-on";
return "; STIBP: always-on";
case SPECTRE_V2_USER_PRCTL:
case SPECTRE_V2_USER_SECCOMP:
if (static_key_enabled(&switch_to_cond_stibp))
return ", STIBP: conditional";
return "; STIBP: conditional";
}
return "";
}
@@ -2691,10 +2759,10 @@ static char *ibpb_state(void)
{
if (boot_cpu_has(X86_FEATURE_IBPB)) {
if (static_key_enabled(&switch_mm_always_ibpb))
return ", IBPB: always-on";
return "; IBPB: always-on";
if (static_key_enabled(&switch_mm_cond_ibpb))
return ", IBPB: conditional";
return ", IBPB: disabled";
return "; IBPB: conditional";
return "; IBPB: disabled";
}
return "";
}
@@ -2704,14 +2772,32 @@ static char *pbrsb_eibrs_state(void)
if (boot_cpu_has_bug(X86_BUG_EIBRS_PBRSB)) {
if (boot_cpu_has(X86_FEATURE_RSB_VMEXIT_LITE) ||
boot_cpu_has(X86_FEATURE_RSB_VMEXIT))
return ", PBRSB-eIBRS: SW sequence";
return "; PBRSB-eIBRS: SW sequence";
else
return ", PBRSB-eIBRS: Vulnerable";
return "; PBRSB-eIBRS: Vulnerable";
} else {
return ", PBRSB-eIBRS: Not affected";
return "; PBRSB-eIBRS: Not affected";
}
}
static const char *spectre_bhi_state(void)
{
if (!boot_cpu_has_bug(X86_BUG_BHI))
return "; BHI: Not affected";
else if (boot_cpu_has(X86_FEATURE_CLEAR_BHB_HW))
return "; BHI: BHI_DIS_S";
else if (boot_cpu_has(X86_FEATURE_CLEAR_BHB_LOOP))
return "; BHI: SW loop, KVM: SW loop";
else if (boot_cpu_has(X86_FEATURE_RETPOLINE) &&
!boot_cpu_has(X86_FEATURE_RETPOLINE_LFENCE) &&
rrsba_disabled)
return "; BHI: Retpoline";
else if (boot_cpu_has(X86_FEATURE_CLEAR_BHB_LOOP_ON_VMEXIT))
return "; BHI: Vulnerable, KVM: SW loop";
return "; BHI: Vulnerable";
}
static ssize_t spectre_v2_show_state(char *buf)
{
if (spectre_v2_enabled == SPECTRE_V2_LFENCE)
@@ -2724,13 +2810,15 @@ static ssize_t spectre_v2_show_state(char *buf)
spectre_v2_enabled == SPECTRE_V2_EIBRS_LFENCE)
return sysfs_emit(buf, "Vulnerable: eIBRS+LFENCE with unprivileged eBPF and SMT\n");
return sysfs_emit(buf, "%s%s%s%s%s%s%s\n",
return sysfs_emit(buf, "%s%s%s%s%s%s%s%s\n",
spectre_v2_strings[spectre_v2_enabled],
ibpb_state(),
boot_cpu_has(X86_FEATURE_USE_IBRS_FW) ? ", IBRS_FW" : "",
boot_cpu_has(X86_FEATURE_USE_IBRS_FW) ? "; IBRS_FW" : "",
stibp_state(),
boot_cpu_has(X86_FEATURE_RSB_CTXSW) ? ", RSB filling" : "",
boot_cpu_has(X86_FEATURE_RSB_CTXSW) ? "; RSB filling" : "",
pbrsb_eibrs_state(),
spectre_bhi_state(),
/* this should always be at the end */
spectre_v2_module_string());
}

70
arch/x86/kernel/cpu/common.c
View File

@@ -1144,6 +1144,7 @@ static void identify_cpu_without_cpuid(struct cpuinfo_x86 *c)
#define NO_SPECTRE_V2 BIT(8)
#define NO_MMIO BIT(9)
#define NO_EIBRS_PBRSB BIT(10)
#define NO_BHI BIT(11)
#define VULNWL(vendor, family, model, whitelist) \
X86_MATCH_VENDOR_FAM_MODEL(vendor, family, model, whitelist)
@@ -1206,18 +1207,18 @@ static const __initconst struct x86_cpu_id cpu_vuln_whitelist[] = {
VULNWL_INTEL(ATOM_TREMONT_D, NO_ITLB_MULTIHIT | NO_EIBRS_PBRSB),
/* AMD Family 0xf - 0x12 */
VULNWL_AMD(0x0f, NO_MELTDOWN | NO_SSB | NO_L1TF | NO_MDS | NO_SWAPGS | NO_ITLB_MULTIHIT | NO_MMIO),
VULNWL_AMD(0x10, NO_MELTDOWN | NO_SSB | NO_L1TF | NO_MDS | NO_SWAPGS | NO_ITLB_MULTIHIT | NO_MMIO),
VULNWL_AMD(0x11, NO_MELTDOWN | NO_SSB | NO_L1TF | NO_MDS | NO_SWAPGS | NO_ITLB_MULTIHIT | NO_MMIO),
VULNWL_AMD(0x12, NO_MELTDOWN | NO_SSB | NO_L1TF | NO_MDS | NO_SWAPGS | NO_ITLB_MULTIHIT | NO_MMIO),
VULNWL_AMD(0x0f, NO_MELTDOWN | NO_SSB | NO_L1TF | NO_MDS | NO_SWAPGS | NO_ITLB_MULTIHIT | NO_MMIO | NO_BHI),
VULNWL_AMD(0x10, NO_MELTDOWN | NO_SSB | NO_L1TF | NO_MDS | NO_SWAPGS | NO_ITLB_MULTIHIT | NO_MMIO | NO_BHI),
VULNWL_AMD(0x11, NO_MELTDOWN | NO_SSB | NO_L1TF | NO_MDS | NO_SWAPGS | NO_ITLB_MULTIHIT | NO_MMIO | NO_BHI),
VULNWL_AMD(0x12, NO_MELTDOWN | NO_SSB | NO_L1TF | NO_MDS | NO_SWAPGS | NO_ITLB_MULTIHIT | NO_MMIO | NO_BHI),
/* FAMILY_ANY must be last, otherwise 0x0f - 0x12 matches won't work */
VULNWL_AMD(X86_FAMILY_ANY, NO_MELTDOWN | NO_L1TF | NO_MDS | NO_SWAPGS | NO_ITLB_MULTIHIT | NO_MMIO | NO_EIBRS_PBRSB),
VULNWL_HYGON(X86_FAMILY_ANY, NO_MELTDOWN | NO_L1TF | NO_MDS | NO_SWAPGS | NO_ITLB_MULTIHIT | NO_MMIO | NO_EIBRS_PBRSB),
VULNWL_AMD(X86_FAMILY_ANY, NO_MELTDOWN | NO_L1TF | NO_MDS | NO_SWAPGS | NO_ITLB_MULTIHIT | NO_MMIO | NO_EIBRS_PBRSB | NO_BHI),
VULNWL_HYGON(X86_FAMILY_ANY, NO_MELTDOWN | NO_L1TF | NO_MDS | NO_SWAPGS | NO_ITLB_MULTIHIT | NO_MMIO | NO_EIBRS_PBRSB | NO_BHI),
/* Zhaoxin Family 7 */
VULNWL(CENTAUR, 7, X86_MODEL_ANY, NO_SPECTRE_V2 | NO_SWAPGS | NO_MMIO),
VULNWL(ZHAOXIN, 7, X86_MODEL_ANY, NO_SPECTRE_V2 | NO_SWAPGS | NO_MMIO),
VULNWL(CENTAUR, 7, X86_MODEL_ANY, NO_SPECTRE_V2 | NO_SWAPGS | NO_MMIO | NO_BHI),
VULNWL(ZHAOXIN, 7, X86_MODEL_ANY, NO_SPECTRE_V2 | NO_SWAPGS | NO_MMIO | NO_BHI),
{}
};
@@ -1307,25 +1308,25 @@ static bool __init cpu_matches(const struct x86_cpu_id *table, unsigned long whi
u64 x86_read_arch_cap_msr(void)
{
u64 ia32_cap = 0;
u64 x86_arch_cap_msr = 0;
if (boot_cpu_has(X86_FEATURE_ARCH_CAPABILITIES))
rdmsrl(MSR_IA32_ARCH_CAPABILITIES, ia32_cap);
rdmsrl(MSR_IA32_ARCH_CAPABILITIES, x86_arch_cap_msr);
return ia32_cap;
return x86_arch_cap_msr;
}
static bool arch_cap_mmio_immune(u64 ia32_cap)
static bool arch_cap_mmio_immune(u64 x86_arch_cap_msr)
{
return (ia32_cap & ARCH_CAP_FBSDP_NO &&
ia32_cap & ARCH_CAP_PSDP_NO &&
ia32_cap & ARCH_CAP_SBDR_SSDP_NO);
return (x86_arch_cap_msr & ARCH_CAP_FBSDP_NO &&
x86_arch_cap_msr & ARCH_CAP_PSDP_NO &&
x86_arch_cap_msr & ARCH_CAP_SBDR_SSDP_NO);
}
static bool __init vulnerable_to_rfds(u64 ia32_cap)
static bool __init vulnerable_to_rfds(u64 x86_arch_cap_msr)
{
/* The "immunity" bit trumps everything else: */
if (ia32_cap & ARCH_CAP_RFDS_NO)
if (x86_arch_cap_msr & ARCH_CAP_RFDS_NO)
return false;
/*
@@ -1333,7 +1334,7 @@ static bool __init vulnerable_to_rfds(u64 ia32_cap)
* indicate that mitigation is needed because guest is running on a
* vulnerable hardware or may migrate to such hardware:
*/
if (ia32_cap & ARCH_CAP_RFDS_CLEAR)
if (x86_arch_cap_msr & ARCH_CAP_RFDS_CLEAR)
return true;
/* Only consult the blacklist when there is no enumeration: */
@@ -1342,11 +1343,11 @@ static bool __init vulnerable_to_rfds(u64 ia32_cap)
static void __init cpu_set_bug_bits(struct cpuinfo_x86 *c)
{
u64 ia32_cap = x86_read_arch_cap_msr();
u64 x86_arch_cap_msr = x86_read_arch_cap_msr();
/* Set ITLB_MULTIHIT bug if cpu is not in the whitelist and not mitigated */
if (!cpu_matches(cpu_vuln_whitelist, NO_ITLB_MULTIHIT) &&
!(ia32_cap & ARCH_CAP_PSCHANGE_MC_NO))
!(x86_arch_cap_msr & ARCH_CAP_PSCHANGE_MC_NO))
setup_force_cpu_bug(X86_BUG_ITLB_MULTIHIT);
if (cpu_matches(cpu_vuln_whitelist, NO_SPECULATION))
@@ -1358,7 +1359,7 @@ static void __init cpu_set_bug_bits(struct cpuinfo_x86 *c)
setup_force_cpu_bug(X86_BUG_SPECTRE_V2);
if (!cpu_matches(cpu_vuln_whitelist, NO_SSB) &&
!(ia32_cap & ARCH_CAP_SSB_NO) &&
!(x86_arch_cap_msr & ARCH_CAP_SSB_NO) &&
!cpu_has(c, X86_FEATURE_AMD_SSB_NO))
setup_force_cpu_bug(X86_BUG_SPEC_STORE_BYPASS);
@@ -1366,15 +1367,15 @@ static void __init cpu_set_bug_bits(struct cpuinfo_x86 *c)
* AMD's AutoIBRS is equivalent to Intel's eIBRS - use the Intel feature
* flag and protect from vendor-specific bugs via the whitelist.
*/
if ((ia32_cap & ARCH_CAP_IBRS_ALL) || cpu_has(c, X86_FEATURE_AUTOIBRS)) {
if ((x86_arch_cap_msr & ARCH_CAP_IBRS_ALL) || cpu_has(c, X86_FEATURE_AUTOIBRS)) {
setup_force_cpu_cap(X86_FEATURE_IBRS_ENHANCED);
if (!cpu_matches(cpu_vuln_whitelist, NO_EIBRS_PBRSB) &&
!(ia32_cap & ARCH_CAP_PBRSB_NO))
!(x86_arch_cap_msr & ARCH_CAP_PBRSB_NO))
setup_force_cpu_bug(X86_BUG_EIBRS_PBRSB);
}
if (!cpu_matches(cpu_vuln_whitelist, NO_MDS) &&
!(ia32_cap & ARCH_CAP_MDS_NO)) {
!(x86_arch_cap_msr & ARCH_CAP_MDS_NO)) {
setup_force_cpu_bug(X86_BUG_MDS);
if (cpu_matches(cpu_vuln_whitelist, MSBDS_ONLY))
setup_force_cpu_bug(X86_BUG_MSBDS_ONLY);
@@ -1393,9 +1394,9 @@ static void __init cpu_set_bug_bits(struct cpuinfo_x86 *c)
* TSX_CTRL check alone is not sufficient for cases when the microcode
* update is not present or running as guest that don't get TSX_CTRL.
*/
if (!(ia32_cap & ARCH_CAP_TAA_NO) &&
if (!(x86_arch_cap_msr & ARCH_CAP_TAA_NO) &&
(cpu_has(c, X86_FEATURE_RTM) ||
(ia32_cap & ARCH_CAP_TSX_CTRL_MSR)))
(x86_arch_cap_msr & ARCH_CAP_TSX_CTRL_MSR)))
setup_force_cpu_bug(X86_BUG_TAA);
/*
@@ -1421,7 +1422,7 @@ static void __init cpu_set_bug_bits(struct cpuinfo_x86 *c)
* Set X86_BUG_MMIO_UNKNOWN for CPUs that are neither in the blacklist,
* nor in the whitelist and also don't enumerate MSR ARCH_CAP MMIO bits.
*/
if (!arch_cap_mmio_immune(ia32_cap)) {
if (!arch_cap_mmio_immune(x86_arch_cap_msr)) {
if (cpu_matches(cpu_vuln_blacklist, MMIO))
setup_force_cpu_bug(X86_BUG_MMIO_STALE_DATA);
else if (!cpu_matches(cpu_vuln_whitelist, NO_MMIO))
@@ -1429,7 +1430,7 @@ static void __init cpu_set_bug_bits(struct cpuinfo_x86 *c)
}
if (!cpu_has(c, X86_FEATURE_BTC_NO)) {
if (cpu_matches(cpu_vuln_blacklist, RETBLEED) || (ia32_cap & ARCH_CAP_RSBA))
if (cpu_matches(cpu_vuln_blacklist, RETBLEED) || (x86_arch_cap_msr & ARCH_CAP_RSBA))
setup_force_cpu_bug(X86_BUG_RETBLEED);
}
@@ -1442,7 +1443,7 @@ static void __init cpu_set_bug_bits(struct cpuinfo_x86 *c)
* disabling AVX2. The only way to do this in HW is to clear XCR0[2],
* which means that AVX will be disabled.
*/
if (cpu_matches(cpu_vuln_blacklist, GDS) && !(ia32_cap & ARCH_CAP_GDS_NO) &&
if (cpu_matches(cpu_vuln_blacklist, GDS) && !(x86_arch_cap_msr & ARCH_CAP_GDS_NO) &&
boot_cpu_has(X86_FEATURE_AVX))
setup_force_cpu_bug(X86_BUG_GDS);
@@ -1451,14 +1452,21 @@ static void __init cpu_set_bug_bits(struct cpuinfo_x86 *c)
setup_force_cpu_bug(X86_BUG_SRSO);
}
if (vulnerable_to_rfds(ia32_cap))
if (vulnerable_to_rfds(x86_arch_cap_msr))
setup_force_cpu_bug(X86_BUG_RFDS);
/* When virtualized, eIBRS could be hidden, assume vulnerable */
if (!(x86_arch_cap_msr & ARCH_CAP_BHI_NO) &&
!cpu_matches(cpu_vuln_whitelist, NO_BHI) &&
(boot_cpu_has(X86_FEATURE_IBRS_ENHANCED) ||
boot_cpu_has(X86_FEATURE_HYPERVISOR)))
setup_force_cpu_bug(X86_BUG_BHI);
if (cpu_matches(cpu_vuln_whitelist, NO_MELTDOWN))
return;
/* Rogue Data Cache Load? No! */
if (ia32_cap & ARCH_CAP_RDCL_NO)
if (x86_arch_cap_msr & ARCH_CAP_RDCL_NO)
return;
setup_force_cpu_bug(X86_BUG_CPU_MELTDOWN);

6
arch/x86/kernel/cpu/cpuid-deps.c
View File

@@ -44,7 +44,10 @@ static const struct cpuid_dep cpuid_deps[] = {
{ X86_FEATURE_F16C, X86_FEATURE_XMM2, },
{ X86_FEATURE_AES, X86_FEATURE_XMM2 },
{ X86_FEATURE_SHA_NI, X86_FEATURE_XMM2 },
{ X86_FEATURE_GFNI, X86_FEATURE_XMM2 },
{ X86_FEATURE_FMA, X86_FEATURE_AVX },
{ X86_FEATURE_VAES, X86_FEATURE_AVX },
{ X86_FEATURE_VPCLMULQDQ, X86_FEATURE_AVX },
{ X86_FEATURE_AVX2, X86_FEATURE_AVX, },
{ X86_FEATURE_AVX512F, X86_FEATURE_AVX, },
{ X86_FEATURE_AVX512IFMA, X86_FEATURE_AVX512F },
@@ -56,9 +59,6 @@ static const struct cpuid_dep cpuid_deps[] = {
{ X86_FEATURE_AVX512VL, X86_FEATURE_AVX512F },
{ X86_FEATURE_AVX512VBMI, X86_FEATURE_AVX512F },
{ X86_FEATURE_AVX512_VBMI2, X86_FEATURE_AVX512VL },
{ X86_FEATURE_GFNI, X86_FEATURE_AVX512VL },
{ X86_FEATURE_VAES, X86_FEATURE_AVX512VL },
{ X86_FEATURE_VPCLMULQDQ, X86_FEATURE_AVX512VL },
{ X86_FEATURE_AVX512_VNNI, X86_FEATURE_AVX512VL },
{ X86_FEATURE_AVX512_BITALG, X86_FEATURE_AVX512VL },
{ X86_FEATURE_AVX512_4VNNIW, X86_FEATURE_AVX512F },

4
arch/x86/kernel/cpu/mce/core.c
View File

@@ -2471,12 +2471,14 @@ static ssize_t set_bank(struct device *s, struct device_attribute *attr,
return -EINVAL;
b = &per_cpu(mce_banks_array, s->id)[bank];
if (!b->init)
return -ENODEV;
b->ctl = new;
mutex_lock(&mce_sysfs_mutex);
mce_restart();
mutex_unlock(&mce_sysfs_mutex);
return size;
}

2
arch/x86/kernel/cpu/scattered.c
View File

@@ -28,6 +28,7 @@ static const struct cpuid_bit cpuid_bits[] = {
{ X86_FEATURE_EPB, CPUID_ECX, 3, 0x00000006, 0 },
{ X86_FEATURE_INTEL_PPIN, CPUID_EBX, 0, 0x00000007, 1 },
{ X86_FEATURE_RRSBA_CTRL, CPUID_EDX, 2, 0x00000007, 2 },
{ X86_FEATURE_BHI_CTRL, CPUID_EDX, 4, 0x00000007, 2 },
{ X86_FEATURE_CQM_LLC, CPUID_EDX, 1, 0x0000000f, 0 },
{ X86_FEATURE_CQM_OCCUP_LLC, CPUID_EDX, 0, 0x0000000f, 1 },
{ X86_FEATURE_CQM_MBM_TOTAL, CPUID_EDX, 1, 0x0000000f, 1 },
@@ -46,6 +47,7 @@ static const struct cpuid_bit cpuid_bits[] = {
{ X86_FEATURE_MBA, CPUID_EBX, 6, 0x80000008, 0 },
{ X86_FEATURE_PERFMON_V2, CPUID_EAX, 0, 0x80000022, 0 },
{ X86_FEATURE_AMD_LBR_V2, CPUID_EAX, 1, 0x80000022, 0 },
{ X86_FEATURE_AMD_LBR_PMC_FREEZE, CPUID_EAX, 2, 0x80000022, 0 },
{ 0, 0, 0, 0, 0 }
};

7
arch/x86/kernel/head64.c
View File

@@ -41,6 +41,7 @@
#include <asm/trapnr.h>
#include <asm/sev.h>
#include <asm/tdx.h>
#include <asm/init.h>
/*
* Manage page tables very early on.
@@ -84,8 +85,6 @@ static struct desc_ptr startup_gdt_descr = {
.address = 0,
};
#define __head __section(".head.text")
static void __head *fixup_pointer(void *ptr, unsigned long physaddr)
{
return ptr - (void *)_text + (void *)physaddr;
@@ -203,7 +202,7 @@ unsigned long __head __startup_64(unsigned long physaddr,
load_delta = physaddr - (unsigned long)(_text - __START_KERNEL_map);
/* Is the address not 2M aligned? */
if (load_delta & ~PMD_PAGE_MASK)
if (load_delta & ~PMD_MASK)
for (;;);
/* Include the SME encryption mask in the fixup value */
@@ -588,7 +587,7 @@ static void set_bringup_idt_handler(gate_desc *idt, int n, void *handler)
}
/* This runs while still in the direct mapping */
static void startup_64_load_idt(unsigned long physbase)
static void __head startup_64_load_idt(unsigned long physbase)
{
struct desc_ptr *desc = fixup_pointer(&bringup_idt_descr, physbase);
gate_desc *idt = fixup_pointer(bringup_idt_table, physbase);

1
arch/x86/kernel/platform-quirks.c
View File

@@ -1,6 +1,7 @@
// SPDX-License-Identifier: GPL-2.0
#include <linux/kernel.h>
#include <linux/init.h>
#include <linux/pnp.h>
#include <asm/setup.h>
#include <asm/bios_ebda.h>

2
arch/x86/kernel/process_64.c
View File

@@ -137,7 +137,7 @@ void __show_regs(struct pt_regs *regs, enum show_regs_mode mode,
log_lvl, d3, d6, d7);
}
if (cpu_feature_enabled(X86_FEATURE_OSPKE))
if (cr4 & X86_CR4_PKE)
printk("%sPKRU: %08x\n", log_lvl, read_pkru());
}

2
arch/x86/kernel/setup.c
View File

@@ -33,6 +33,7 @@
#include <asm/numa.h>
#include <asm/bios_ebda.h>
#include <asm/bugs.h>
#include <asm/coco.h>
#include <asm/cpu.h>
#include <asm/efi.h>
#include <asm/gart.h>
@@ -1132,6 +1133,7 @@ void __init setup_arch(char **cmdline_p)
* memory size.
*/
sev_setup_arch();
cc_random_init();
efi_fake_memmap();
efi_find_mirror();

23
arch/x86/kernel/sev-shared.c
View File

@@ -86,7 +86,8 @@ static bool __init sev_es_check_cpu_features(void)
return true;
}
static void __noreturn sev_es_terminate(unsigned int set, unsigned int reason)
static void __head __noreturn
sev_es_terminate(unsigned int set, unsigned int reason)
{
u64 val = GHCB_MSR_TERM_REQ;
@@ -323,13 +324,7 @@ static int sev_cpuid_hv(struct ghcb *ghcb, struct es_em_ctxt *ctxt, struct cpuid
*/
static const struct snp_cpuid_table *snp_cpuid_get_table(void)
{
void *ptr;
asm ("lea cpuid_table_copy(%%rip), %0"
: "=r" (ptr)
: "p" (&cpuid_table_copy));
return ptr;
return &RIP_REL_REF(cpuid_table_copy);
}
/*
@@ -388,7 +383,7 @@ static u32 snp_cpuid_calc_xsave_size(u64 xfeatures_en, bool compacted)
return xsave_size;
}
static bool
static bool __head
snp_cpuid_get_validated_func(struct cpuid_leaf *leaf)
{
const struct snp_cpuid_table *cpuid_table = snp_cpuid_get_table();
@@ -525,7 +520,8 @@ static int snp_cpuid_postprocess(struct ghcb *ghcb, struct es_em_ctxt *ctxt,
* Returns -EOPNOTSUPP if feature not enabled. Any other non-zero return value
* should be treated as fatal by caller.
*/
static int snp_cpuid(struct ghcb *ghcb, struct es_em_ctxt *ctxt, struct cpuid_leaf *leaf)
static int __head
snp_cpuid(struct ghcb *ghcb, struct es_em_ctxt *ctxt, struct cpuid_leaf *leaf)
{
const struct snp_cpuid_table *cpuid_table = snp_cpuid_get_table();
@@ -567,7 +563,7 @@ static int snp_cpuid(struct ghcb *ghcb, struct es_em_ctxt *ctxt, struct cpuid_le
* page yet, so it only supports the MSR based communication with the
* hypervisor and only the CPUID exit-code.
*/
void __init do_vc_no_ghcb(struct pt_regs *regs, unsigned long exit_code)
void __head do_vc_no_ghcb(struct pt_regs *regs, unsigned long exit_code)
{
unsigned int subfn = lower_bits(regs->cx, 32);
unsigned int fn = lower_bits(regs->ax, 32);
@@ -1013,7 +1009,8 @@ struct cc_setup_data {
* Search for a Confidential Computing blob passed in as a setup_data entry
* via the Linux Boot Protocol.
*/
static struct cc_blob_sev_info *find_cc_blob_setup_data(struct boot_params *bp)
static __head
struct cc_blob_sev_info *find_cc_blob_setup_data(struct boot_params *bp)
{
struct cc_setup_data *sd = NULL;
struct setup_data *hdr;
@@ -1040,7 +1037,7 @@ static struct cc_blob_sev_info *find_cc_blob_setup_data(struct boot_params *bp)
* mapping needs to be updated in sync with all the changes to virtual memory
* layout and related mapping facilities throughout the boot process.
*/
static void __init setup_cpuid_table(const struct cc_blob_sev_info *cc_info)
static void __head setup_cpuid_table(const struct cc_blob_sev_info *cc_info)
{
const struct snp_cpuid_table *cpuid_table_fw, *cpuid_table;
int i;

11
arch/x86/kernel/sev.c
View File

@@ -26,6 +26,7 @@
#include <linux/dmi.h>
#include <uapi/linux/sev-guest.h>
#include <asm/init.h>
#include <asm/cpu_entry_area.h>
#include <asm/stacktrace.h>
#include <asm/sev.h>
@@ -690,7 +691,7 @@ static void pvalidate_pages(unsigned long vaddr, unsigned long npages, bool vali
}
}
static void __init early_set_pages_state(unsigned long paddr, unsigned long npages, enum psc_op op)
static void __head early_set_pages_state(unsigned long paddr, unsigned long npages, enum psc_op op)
{
unsigned long paddr_end;
u64 val;
@@ -728,7 +729,7 @@ e_term:
sev_es_terminate(SEV_TERM_SET_LINUX, GHCB_TERM_PSC);
}
void __init early_snp_set_memory_private(unsigned long vaddr, unsigned long paddr,
void __head early_snp_set_memory_private(unsigned long vaddr, unsigned long paddr,
unsigned long npages)
{
/*
@@ -2085,7 +2086,7 @@ fail:
*
* Scan for the blob in that order.
*/
static __init struct cc_blob_sev_info *find_cc_blob(struct boot_params *bp)
static __head struct cc_blob_sev_info *find_cc_blob(struct boot_params *bp)
{
struct cc_blob_sev_info *cc_info;
@@ -2111,7 +2112,7 @@ found_cc_info:
return cc_info;
}
bool __init snp_init(struct boot_params *bp)
bool __head snp_init(struct boot_params *bp)
{
struct cc_blob_sev_info *cc_info;
@@ -2133,7 +2134,7 @@ bool __init snp_init(struct boot_params *bp)
return true;
}
void __init __noreturn snp_abort(void)
void __head __noreturn snp_abort(void)
{
sev_es_terminate(SEV_TERM_SET_GEN, GHCB_SNP_UNSUPPORTED);
}

1
arch/x86/kvm/cpuid.c
View File

@@ -340,6 +340,7 @@ static void kvm_vcpu_after_set_cpuid(struct kvm_vcpu *vcpu)
kvm_update_pv_runtime(vcpu);
vcpu->arch.is_amd_compatible = guest_cpuid_is_amd_or_hygon(vcpu);
vcpu->arch.maxphyaddr = cpuid_query_maxphyaddr(vcpu);
vcpu->arch.reserved_gpa_bits = kvm_vcpu_reserved_gpa_bits_raw(vcpu);

10
arch/x86/kvm/cpuid.h
View File

@@ -125,6 +125,16 @@ static inline bool guest_cpuid_is_intel(struct kvm_vcpu *vcpu)
return best && is_guest_vendor_intel(best->ebx, best->ecx, best->edx);
}
static inline bool guest_cpuid_is_amd_compatible(struct kvm_vcpu *vcpu)
{
return vcpu->arch.is_amd_compatible;
}
static inline bool guest_cpuid_is_intel_compatible(struct kvm_vcpu *vcpu)
{
return !guest_cpuid_is_amd_compatible(vcpu);
}
static inline int guest_cpuid_family(struct kvm_vcpu *vcpu)
{
struct kvm_cpuid_entry2 *best;

3
arch/x86/kvm/lapic.c
View File

@@ -2548,7 +2548,8 @@ int kvm_apic_local_deliver(struct kvm_lapic *apic, int lvt_type)
trig_mode = reg & APIC_LVT_LEVEL_TRIGGER;
r = __apic_accept_irq(apic, mode, vector, 1, trig_mode, NULL);
if (r && lvt_type == APIC_LVTPC)
if (r && lvt_type == APIC_LVTPC &&
guest_cpuid_is_intel_compatible(apic->vcpu))
kvm_lapic_set_reg(apic, APIC_LVTPC, reg | APIC_LVT_MASKED);
return r;
}

2
arch/x86/kvm/mmu/mmu.c
View File

@@ -4649,7 +4649,7 @@ static void reset_guest_rsvds_bits_mask(struct kvm_vcpu *vcpu,
context->cpu_role.base.level, is_efer_nx(context),
guest_can_use_gbpages(vcpu),
is_cr4_pse(context),
guest_cpuid_is_amd_or_hygon(vcpu));
guest_cpuid_is_amd_compatible(vcpu));
}
static void

5
arch/x86/kvm/reverse_cpuid.h
View File

@@ -42,7 +42,7 @@ enum kvm_only_cpuid_leafs {
#define X86_FEATURE_IPRED_CTRL KVM_X86_FEATURE(CPUID_7_2_EDX, 1)
#define KVM_X86_FEATURE_RRSBA_CTRL KVM_X86_FEATURE(CPUID_7_2_EDX, 2)
#define X86_FEATURE_DDPD_U KVM_X86_FEATURE(CPUID_7_2_EDX, 3)
#define X86_FEATURE_BHI_CTRL KVM_X86_FEATURE(CPUID_7_2_EDX, 4)
#define KVM_X86_FEATURE_BHI_CTRL KVM_X86_FEATURE(CPUID_7_2_EDX, 4)
#define X86_FEATURE_MCDT_NO KVM_X86_FEATURE(CPUID_7_2_EDX, 5)
struct cpuid_reg {
@@ -83,10 +83,12 @@ static const struct cpuid_reg reverse_cpuid[] = {
*/
static __always_inline void reverse_cpuid_check(unsigned int x86_leaf)
{
BUILD_BUG_ON(NR_CPUID_WORDS != NCAPINTS);
BUILD_BUG_ON(x86_leaf == CPUID_LNX_1);
BUILD_BUG_ON(x86_leaf == CPUID_LNX_2);
BUILD_BUG_ON(x86_leaf == CPUID_LNX_3);
BUILD_BUG_ON(x86_leaf == CPUID_LNX_4);
BUILD_BUG_ON(x86_leaf == CPUID_LNX_5);
BUILD_BUG_ON(x86_leaf >= ARRAY_SIZE(reverse_cpuid));
BUILD_BUG_ON(reverse_cpuid[x86_leaf].function == 0);
}
@@ -104,6 +106,7 @@ static __always_inline u32 __feature_translate(int x86_feature)
KVM_X86_TRANSLATE_FEATURE(SGX1);
KVM_X86_TRANSLATE_FEATURE(SGX2);
KVM_X86_TRANSLATE_FEATURE(RRSBA_CTRL);
KVM_X86_TRANSLATE_FEATURE(BHI_CTRL);
default:
return x86_feature;
}

60
arch/x86/kvm/svm/sev.c
View File

@@ -76,9 +76,10 @@ struct enc_region {
};
/* Called with the sev_bitmap_lock held, or on shutdown */
static int sev_flush_asids(int min_asid, int max_asid)
static int sev_flush_asids(unsigned int min_asid, unsigned int max_asid)
{
int ret, asid, error = 0;
int ret, error = 0;
unsigned int asid;
/* Check if there are any ASIDs to reclaim before performing a flush */
asid = find_next_bit(sev_reclaim_asid_bitmap, nr_asids, min_asid);
@@ -108,7 +109,7 @@ static inline bool is_mirroring_enc_context(struct kvm *kvm)
}
/* Must be called with the sev_bitmap_lock held */
static bool __sev_recycle_asids(int min_asid, int max_asid)
static bool __sev_recycle_asids(unsigned int min_asid, unsigned int max_asid)
{
if (sev_flush_asids(min_asid, max_asid))
return false;
@@ -135,8 +136,20 @@ static void sev_misc_cg_uncharge(struct kvm_sev_info *sev)
static int sev_asid_new(struct kvm_sev_info *sev)
{
int asid, min_asid, max_asid, ret;
/*
* SEV-enabled guests must use asid from min_sev_asid to max_sev_asid.
* SEV-ES-enabled guest can use from 1 to min_sev_asid - 1.
* Note: min ASID can end up larger than the max if basic SEV support is
* effectively disabled by disallowing use of ASIDs for SEV guests.
*/
unsigned int min_asid = sev->es_active ? 1 : min_sev_asid;
unsigned int max_asid = sev->es_active ? min_sev_asid - 1 : max_sev_asid;
unsigned int asid;
bool retry = true;
int ret;
if (min_asid > max_asid)
return -ENOTTY;
WARN_ON(sev->misc_cg);
sev->misc_cg = get_current_misc_cg();
@@ -149,12 +162,6 @@ static int sev_asid_new(struct kvm_sev_info *sev)
mutex_lock(&sev_bitmap_lock);
/*
* SEV-enabled guests must use asid from min_sev_asid to max_sev_asid.
* SEV-ES-enabled guest can use from 1 to min_sev_asid - 1.
*/
min_asid = sev->es_active ? 1 : min_sev_asid;
max_asid = sev->es_active ? min_sev_asid - 1 : max_sev_asid;
again:
asid = find_next_zero_bit(sev_asid_bitmap, max_asid + 1, min_asid);
if (asid > max_asid) {
@@ -179,7 +186,7 @@ e_uncharge:
return ret;
}
static int sev_get_asid(struct kvm *kvm)
static unsigned int sev_get_asid(struct kvm *kvm)
{
struct kvm_sev_info *sev = &to_kvm_svm(kvm)->sev_info;
@@ -276,8 +283,8 @@ e_no_asid:
static int sev_bind_asid(struct kvm *kvm, unsigned int handle, int *error)
{
unsigned int asid = sev_get_asid(kvm);
struct sev_data_activate activate;
int asid = sev_get_asid(kvm);
int ret;
/* activate ASID on the given handle */
@@ -2213,11 +2220,10 @@ void __init sev_hardware_setup(void)
goto out;
}
sev_asid_count = max_sev_asid - min_sev_asid + 1;
if (misc_cg_set_capacity(MISC_CG_RES_SEV, sev_asid_count))
goto out;
pr_info("SEV supported: %u ASIDs\n", sev_asid_count);
if (min_sev_asid <= max_sev_asid) {
sev_asid_count = max_sev_asid - min_sev_asid + 1;
WARN_ON_ONCE(misc_cg_set_capacity(MISC_CG_RES_SEV, sev_asid_count));
}
sev_supported = true;
/* SEV-ES support requested? */
@@ -2242,13 +2248,21 @@ void __init sev_hardware_setup(void)
goto out;
sev_es_asid_count = min_sev_asid - 1;
if (misc_cg_set_capacity(MISC_CG_RES_SEV_ES, sev_es_asid_count))
goto out;
pr_info("SEV-ES supported: %u ASIDs\n", sev_es_asid_count);
WARN_ON_ONCE(misc_cg_set_capacity(MISC_CG_RES_SEV_ES, sev_es_asid_count));
sev_es_supported = true;
out:
if (boot_cpu_has(X86_FEATURE_SEV))
pr_info("SEV %s (ASIDs %u - %u)\n",
sev_supported ? min_sev_asid <= max_sev_asid ? "enabled" :
"unusable" :
"disabled",
min_sev_asid, max_sev_asid);
if (boot_cpu_has(X86_FEATURE_SEV_ES))
pr_info("SEV-ES %s (ASIDs %u - %u)\n",
sev_es_supported ? "enabled" : "disabled",
min_sev_asid > 1 ? 1 : 0, min_sev_asid - 1);
sev_enabled = sev_supported;
sev_es_enabled = sev_es_supported;
#endif
@@ -2287,7 +2301,7 @@ int sev_cpu_init(struct svm_cpu_data *sd)
*/
static void sev_flush_encrypted_page(struct kvm_vcpu *vcpu, void *va)
{
int asid = to_kvm_svm(vcpu->kvm)->sev_info.asid;
unsigned int asid = sev_get_asid(vcpu->kvm);
/*
* Note! The address must be a kernel address, as regular page walk
@@ -2608,7 +2622,7 @@ void sev_es_unmap_ghcb(struct vcpu_svm *svm)
void pre_sev_run(struct vcpu_svm *svm, int cpu)
{
struct svm_cpu_data *sd = per_cpu_ptr(&svm_data, cpu);
int asid = sev_get_asid(svm->vcpu.kvm);
unsigned int asid = sev_get_asid(svm->vcpu.kvm);
/* Assign the asid allocated with this SEV guest */
svm->asid = asid;

10
arch/x86/kvm/trace.h
View File

@@ -729,13 +729,13 @@ TRACE_EVENT(kvm_nested_intr_vmexit,
* Tracepoint for nested #vmexit because of interrupt pending
*/
TRACE_EVENT(kvm_invlpga,
TP_PROTO(__u64 rip, int asid, u64 address),
TP_PROTO(__u64 rip, unsigned int asid, u64 address),
TP_ARGS(rip, asid, address),
TP_STRUCT__entry(
__field( __u64, rip )
__field( int, asid )
__field( __u64, address )
__field( __u64, rip )
__field( unsigned int, asid )
__field( __u64, address )
),
TP_fast_assign(
@@ -744,7 +744,7 @@ TRACE_EVENT(kvm_invlpga,
__entry->address = address;
),
TP_printk("rip: 0x%016llx asid: %d address: 0x%016llx",
TP_printk("rip: 0x%016llx asid: %u address: 0x%016llx",
__entry->rip, __entry->asid, __entry->address)
);

2
arch/x86/kvm/vmx/vmenter.S
View File

@@ -242,6 +242,8 @@ SYM_INNER_LABEL(vmx_vmexit, SYM_L_GLOBAL)
call vmx_spec_ctrl_restore_host
CLEAR_BRANCH_HISTORY_VMEXIT
/* Put return value in AX */
mov %_ASM_BX, %_ASM_AX

24
arch/x86/kvm/vmx/vmx.c
View File

@@ -7742,8 +7742,28 @@ static u64 vmx_get_perf_capabilities(void)
if (vmx_pebs_supported()) {
perf_cap |= host_perf_cap & PERF_CAP_PEBS_MASK;
if ((perf_cap & PERF_CAP_PEBS_FORMAT) < 4)
perf_cap &= ~PERF_CAP_PEBS_BASELINE;
/*
* Disallow adaptive PEBS as it is functionally broken, can be
* used by the guest to read *host* LBRs, and can be used to
* bypass userspace event filters. To correctly and safely
* support adaptive PEBS, KVM needs to:
*
* 1. Account for the ADAPTIVE flag when (re)programming fixed
* counters.
*
* 2. Gain support from perf (or take direct control of counter
* programming) to support events without adaptive PEBS
* enabled for the hardware counter.
*
* 3. Ensure LBR MSRs cannot hold host data on VM-Entry with
* adaptive PEBS enabled and MSR_PEBS_DATA_CFG.LBRS=1.
*
* 4. Document which PMU events are effectively exposed to the
* guest via adaptive PEBS, and make adaptive PEBS mutually
* exclusive with KVM_SET_PMU_EVENT_FILTER if necessary.
*/
perf_cap &= ~PERF_CAP_PEBS_BASELINE;
}
return perf_cap;

4
arch/x86/kvm/x86.c
View File

@@ -1614,7 +1614,7 @@ static unsigned int num_msr_based_features;
ARCH_CAP_PSCHANGE_MC_NO | ARCH_CAP_TSX_CTRL_MSR | ARCH_CAP_TAA_NO | \
ARCH_CAP_SBDR_SSDP_NO | ARCH_CAP_FBSDP_NO | ARCH_CAP_PSDP_NO | \
ARCH_CAP_FB_CLEAR | ARCH_CAP_RRSBA | ARCH_CAP_PBRSB_NO | ARCH_CAP_GDS_NO | \
ARCH_CAP_RFDS_NO | ARCH_CAP_RFDS_CLEAR)
ARCH_CAP_RFDS_NO | ARCH_CAP_RFDS_CLEAR | ARCH_CAP_BHI_NO)
static u64 kvm_get_arch_capabilities(void)
{
@@ -3278,7 +3278,7 @@ static bool is_mci_status_msr(u32 msr)
static bool can_set_mci_status(struct kvm_vcpu *vcpu)
{
/* McStatusWrEn enabled? */
if (guest_cpuid_is_amd_or_hygon(vcpu))
if (guest_cpuid_is_amd_compatible(vcpu))
return !!(vcpu->arch.msr_hwcr & BIT_ULL(18));
return false;

6
arch/x86/lib/retpoline.S
View File

@@ -110,6 +110,7 @@ SYM_START(srso_alias_untrain_ret, SYM_L_GLOBAL, SYM_A_NONE)
ret
int3
SYM_FUNC_END(srso_alias_untrain_ret)
__EXPORT_THUNK(srso_alias_untrain_ret)
#endif
SYM_START(srso_alias_safe_ret, SYM_L_GLOBAL, SYM_A_NONE)
@@ -252,9 +253,7 @@ SYM_CODE_START(srso_return_thunk)
SYM_CODE_END(srso_return_thunk)
SYM_FUNC_START(entry_untrain_ret)
ALTERNATIVE_2 "jmp retbleed_untrain_ret", \
"jmp srso_untrain_ret", X86_FEATURE_SRSO, \
"jmp srso_alias_untrain_ret", X86_FEATURE_SRSO_ALIAS
ALTERNATIVE "jmp retbleed_untrain_ret", "jmp srso_untrain_ret", X86_FEATURE_SRSO
SYM_FUNC_END(entry_untrain_ret)
__EXPORT_THUNK(entry_untrain_ret)
@@ -262,6 +261,7 @@ SYM_CODE_START(__x86_return_thunk)
UNWIND_HINT_FUNC
ANNOTATE_NOENDBR
ANNOTATE_UNRET_SAFE
ANNOTATE_NOENDBR
ret
int3
SYM_CODE_END(__x86_return_thunk)

23
arch/x86/mm/ident_map.c
View File

@@ -26,31 +26,18 @@ static int ident_pud_init(struct x86_mapping_info *info, pud_t *pud_page,
for (; addr < end; addr = next) {
pud_t *pud = pud_page + pud_index(addr);
pmd_t *pmd;
bool use_gbpage;
next = (addr & PUD_MASK) + PUD_SIZE;
if (next > end)
next = end;
/* if this is already a gbpage, this portion is already mapped */
if (pud_large(*pud))
continue;
/* Is using a gbpage allowed? */
use_gbpage = info->direct_gbpages;
/* Don't use gbpage if it maps more than the requested region. */
/* at the begining: */
use_gbpage &= ((addr & ~PUD_MASK) == 0);
/* ... or at the end: */
use_gbpage &= ((next & ~PUD_MASK) == 0);
/* Never overwrite existing mappings */
use_gbpage &= !pud_present(*pud);
if (use_gbpage) {
if (info->direct_gbpages) {
pud_t pudval;
if (pud_present(*pud))
continue;
addr &= PUD_MASK;
pudval = __pud((addr - info->offset) | info->page_flag);
set_pud(pud, pudval);
continue;

4
arch/x86/mm/mem_encrypt_boot.S
View File

@@ -26,7 +26,7 @@ SYM_FUNC_START(sme_encrypt_execute)
* RCX - virtual address of the encryption workarea, including:
* - stack page (PAGE_SIZE)
* - encryption routine page (PAGE_SIZE)
* - intermediate copy buffer (PMD_PAGE_SIZE)
* - intermediate copy buffer (PMD_SIZE)
* R8 - physical address of the pagetables to use for encryption
*/
@@ -123,7 +123,7 @@ SYM_FUNC_START(__enc_copy)
wbinvd /* Invalidate any cache entries */
/* Copy/encrypt up to 2MB at a time */
movq $PMD_PAGE_SIZE, %r12
movq $PMD_SIZE, %r12
1:
cmpq %r12, %r9
jnb 2f

58
arch/x86/mm/mem_encrypt_identity.c
View File

@@ -41,6 +41,7 @@
#include <linux/mem_encrypt.h>
#include <linux/cc_platform.h>
#include <asm/init.h>
#include <asm/setup.h>
#include <asm/sections.h>
#include <asm/cmdline.h>
@@ -93,12 +94,12 @@ struct sme_populate_pgd_data {
* section is 2MB aligned to allow for simple pagetable setup using only
* PMD entries (see vmlinux.lds.S).
*/
static char sme_workarea[2 * PMD_PAGE_SIZE] __section(".init.scratch");
static char sme_workarea[2 * PMD_SIZE] __section(".init.scratch");
static char sme_cmdline_arg[] __initdata = "mem_encrypt";
static char sme_cmdline_on[] __initdata = "on";
static void __init sme_clear_pgd(struct sme_populate_pgd_data *ppd)
static void __head sme_clear_pgd(struct sme_populate_pgd_data *ppd)
{
unsigned long pgd_start, pgd_end, pgd_size;
pgd_t *pgd_p;
@@ -113,7 +114,7 @@ static void __init sme_clear_pgd(struct sme_populate_pgd_data *ppd)
memset(pgd_p, 0, pgd_size);
}
static pud_t __init *sme_prepare_pgd(struct sme_populate_pgd_data *ppd)
static pud_t __head *sme_prepare_pgd(struct sme_populate_pgd_data *ppd)
{
pgd_t *pgd;
p4d_t *p4d;
@@ -150,7 +151,7 @@ static pud_t __init *sme_prepare_pgd(struct sme_populate_pgd_data *ppd)
return pud;
}
static void __init sme_populate_pgd_large(struct sme_populate_pgd_data *ppd)
static void __head sme_populate_pgd_large(struct sme_populate_pgd_data *ppd)
{
pud_t *pud;
pmd_t *pmd;
@@ -166,7 +167,7 @@ static void __init sme_populate_pgd_large(struct sme_populate_pgd_data *ppd)
set_pmd(pmd, __pmd(ppd->paddr | ppd->pmd_flags));
}
static void __init sme_populate_pgd(struct sme_populate_pgd_data *ppd)
static void __head sme_populate_pgd(struct sme_populate_pgd_data *ppd)
{
pud_t *pud;
pmd_t *pmd;
@@ -192,17 +193,17 @@ static void __init sme_populate_pgd(struct sme_populate_pgd_data *ppd)
set_pte(pte, __pte(ppd->paddr | ppd->pte_flags));
}
static void __init __sme_map_range_pmd(struct sme_populate_pgd_data *ppd)
static void __head __sme_map_range_pmd(struct sme_populate_pgd_data *ppd)
{
while (ppd->vaddr < ppd->vaddr_end) {
sme_populate_pgd_large(ppd);
ppd->vaddr += PMD_PAGE_SIZE;
ppd->paddr += PMD_PAGE_SIZE;
ppd->vaddr += PMD_SIZE;
ppd->paddr += PMD_SIZE;
}
}
static void __init __sme_map_range_pte(struct sme_populate_pgd_data *ppd)
static void __head __sme_map_range_pte(struct sme_populate_pgd_data *ppd)
{
while (ppd->vaddr < ppd->vaddr_end) {
sme_populate_pgd(ppd);
@@ -212,7 +213,7 @@ static void __init __sme_map_range_pte(struct sme_populate_pgd_data *ppd)
}
}
static void __init __sme_map_range(struct sme_populate_pgd_data *ppd,
static void __head __sme_map_range(struct sme_populate_pgd_data *ppd,
pmdval_t pmd_flags, pteval_t pte_flags)
{
unsigned long vaddr_end;
@@ -224,11 +225,11 @@ static void __init __sme_map_range(struct sme_populate_pgd_data *ppd,
vaddr_end = ppd->vaddr_end;
/* If start is not 2MB aligned, create PTE entries */
ppd->vaddr_end = ALIGN(ppd->vaddr, PMD_PAGE_SIZE);
ppd->vaddr_end = ALIGN(ppd->vaddr, PMD_SIZE);
__sme_map_range_pte(ppd);
/* Create PMD entries */
ppd->vaddr_end = vaddr_end & PMD_PAGE_MASK;
ppd->vaddr_end = vaddr_end & PMD_MASK;
__sme_map_range_pmd(ppd);
/* If end is not 2MB aligned, create PTE entries */
@@ -236,22 +237,22 @@ static void __init __sme_map_range(struct sme_populate_pgd_data *ppd,
__sme_map_range_pte(ppd);
}
static void __init sme_map_range_encrypted(struct sme_populate_pgd_data *ppd)
static void __head sme_map_range_encrypted(struct sme_populate_pgd_data *ppd)
{
__sme_map_range(ppd, PMD_FLAGS_ENC, PTE_FLAGS_ENC);
}
static void __init sme_map_range_decrypted(struct sme_populate_pgd_data *ppd)
static void __head sme_map_range_decrypted(struct sme_populate_pgd_data *ppd)
{
__sme_map_range(ppd, PMD_FLAGS_DEC, PTE_FLAGS_DEC);
}
static void __init sme_map_range_decrypted_wp(struct sme_populate_pgd_data *ppd)
static void __head sme_map_range_decrypted_wp(struct sme_populate_pgd_data *ppd)
{
__sme_map_range(ppd, PMD_FLAGS_DEC_WP, PTE_FLAGS_DEC_WP);
}
static unsigned long __init sme_pgtable_calc(unsigned long len)
static unsigned long __head sme_pgtable_calc(unsigned long len)
{
unsigned long entries = 0, tables = 0;
@@ -288,7 +289,7 @@ static unsigned long __init sme_pgtable_calc(unsigned long len)
return entries + tables;
}
void __init sme_encrypt_kernel(struct boot_params *bp)
void __head sme_encrypt_kernel(struct boot_params *bp)
{
unsigned long workarea_start, workarea_end, workarea_len;
unsigned long execute_start, execute_end, execute_len;
@@ -323,9 +324,8 @@ void __init sme_encrypt_kernel(struct boot_params *bp)
* memory from being cached.
*/
/* Physical addresses gives us the identity mapped virtual addresses */
kernel_start = __pa_symbol(_text);
kernel_end = ALIGN(__pa_symbol(_end), PMD_PAGE_SIZE);
kernel_start = (unsigned long)RIP_REL_REF(_text);
kernel_end = ALIGN((unsigned long)RIP_REL_REF(_end), PMD_SIZE);
kernel_len = kernel_end - kernel_start;
initrd_start = 0;
@@ -342,25 +342,17 @@ void __init sme_encrypt_kernel(struct boot_params *bp)
}
#endif
/*
* We're running identity mapped, so we must obtain the address to the
* SME encryption workarea using rip-relative addressing.
*/
asm ("lea sme_workarea(%%rip), %0"
: "=r" (workarea_start)
: "p" (sme_workarea));
/*
* Calculate required number of workarea bytes needed:
* executable encryption area size:
* stack page (PAGE_SIZE)
* encryption routine page (PAGE_SIZE)
* intermediate copy buffer (PMD_PAGE_SIZE)
* intermediate copy buffer (PMD_SIZE)
* pagetable structures for the encryption of the kernel
* pagetable structures for workarea (in case not currently mapped)
*/
execute_start = workarea_start;
execute_end = execute_start + (PAGE_SIZE * 2) + PMD_PAGE_SIZE;
execute_start = workarea_start = (unsigned long)RIP_REL_REF(sme_workarea);
execute_end = execute_start + (PAGE_SIZE * 2) + PMD_SIZE;
execute_len = execute_end - execute_start;
/*
@@ -383,7 +375,7 @@ void __init sme_encrypt_kernel(struct boot_params *bp)
* before it is mapped.
*/
workarea_len = execute_len + pgtable_area_len;
workarea_end = ALIGN(workarea_start + workarea_len, PMD_PAGE_SIZE);
workarea_end = ALIGN(workarea_start + workarea_len, PMD_SIZE);
/*
* Set the address to the start of where newly created pagetable
@@ -502,7 +494,7 @@ void __init sme_encrypt_kernel(struct boot_params *bp)
native_write_cr3(__native_read_cr3());
}
void __init sme_enable(struct boot_params *bp)
void __head sme_enable(struct boot_params *bp)
{
const char *cmdline_ptr, *cmdline_arg, *cmdline_on;
unsigned int eax, ebx, ecx, edx;

49
arch/x86/mm/pat/memtype.c
View File

@@ -997,6 +997,38 @@ static void free_pfn_range(u64 paddr, unsigned long size)
memtype_free(paddr, paddr + size);
}
static int get_pat_info(struct vm_area_struct *vma, resource_size_t *paddr,
pgprot_t *pgprot)
{
unsigned long prot;
VM_WARN_ON_ONCE(!(vma->vm_flags & VM_PAT));
/*
* We need the starting PFN and cachemode used for track_pfn_remap()
* that covered the whole VMA. For most mappings, we can obtain that
* information from the page tables. For COW mappings, we might now
* suddenly have anon folios mapped and follow_phys() will fail.
*
* Fallback to using vma->vm_pgoff, see remap_pfn_range_notrack(), to
* detect the PFN. If we need the cachemode as well, we're out of luck
* for now and have to fail fork().
*/
if (!follow_phys(vma, vma->vm_start, 0, &prot, paddr)) {
if (pgprot)
*pgprot = __pgprot(prot);
return 0;
}
if (is_cow_mapping(vma->vm_flags)) {
if (pgprot)
return -EINVAL;
*paddr = (resource_size_t)vma->vm_pgoff << PAGE_SHIFT;
return 0;
}
WARN_ON_ONCE(1);
return -EINVAL;
}
/*
* track_pfn_copy is called when vma that is covering the pfnmap gets
* copied through copy_page_range().
@@ -1007,20 +1039,13 @@ static void free_pfn_range(u64 paddr, unsigned long size)
int track_pfn_copy(struct vm_area_struct *vma)
{
resource_size_t paddr;
unsigned long prot;
unsigned long vma_size = vma->vm_end - vma->vm_start;
pgprot_t pgprot;
if (vma->vm_flags & VM_PAT) {
/*
* reserve the whole chunk covered by vma. We need the
* starting address and protection from pte.
*/
if (follow_phys(vma, vma->vm_start, 0, &prot, &paddr)) {
WARN_ON_ONCE(1);
if (get_pat_info(vma, &paddr, &pgprot))
return -EINVAL;
}
pgprot = __pgprot(prot);
/* reserve the whole chunk covered by vma. */
return reserve_pfn_range(paddr, vma_size, &pgprot, 1);
}
@@ -1095,7 +1120,6 @@ void untrack_pfn(struct vm_area_struct *vma, unsigned long pfn,
unsigned long size, bool mm_wr_locked)
{
resource_size_t paddr;
unsigned long prot;
if (vma && !(vma->vm_flags & VM_PAT))
return;
@@ -1103,11 +1127,8 @@ void untrack_pfn(struct vm_area_struct *vma, unsigned long pfn,
/* free the chunk starting from pfn or the whole chunk */
paddr = (resource_size_t)pfn << PAGE_SHIFT;
if (!paddr && !size) {
if (follow_phys(vma, vma->vm_start, 0, &prot, &paddr)) {
WARN_ON_ONCE(1);
if (get_pat_info(vma, &paddr, NULL))
return;
}
size = vma->vm_end - vma->vm_start;
}
free_pfn_range(paddr, size);

6
arch/x86/mm/pat/set_memory.c
View File

@@ -747,11 +747,11 @@ phys_addr_t slow_virt_to_phys(void *__virt_addr)
switch (level) {
case PG_LEVEL_1G:
phys_addr = (phys_addr_t)pud_pfn(*(pud_t *)pte) << PAGE_SHIFT;
offset = virt_addr & ~PUD_PAGE_MASK;
offset = virt_addr & ~PUD_MASK;
break;
case PG_LEVEL_2M:
phys_addr = (phys_addr_t)pmd_pfn(*(pmd_t *)pte) << PAGE_SHIFT;
offset = virt_addr & ~PMD_PAGE_MASK;
offset = virt_addr & ~PMD_MASK;
break;
default:
phys_addr = (phys_addr_t)pte_pfn(*pte) << PAGE_SHIFT;
@@ -1041,7 +1041,7 @@ __split_large_page(struct cpa_data *cpa, pte_t *kpte, unsigned long address,
case PG_LEVEL_1G:
ref_prot = pud_pgprot(*(pud_t *)kpte);
ref_pfn = pud_pfn(*(pud_t *)kpte);
pfninc = PMD_PAGE_SIZE >> PAGE_SHIFT;
pfninc = PMD_SIZE >> PAGE_SHIFT;
lpaddr = address & PUD_MASK;
lpinc = PMD_SIZE;
/*

2
arch/x86/mm/pti.c
View File

@@ -592,7 +592,7 @@ static void pti_set_kernel_image_nonglobal(void)
* of the image.
*/
unsigned long start = PFN_ALIGN(_text);
unsigned long end = ALIGN((unsigned long)_end, PMD_PAGE_SIZE);
unsigned long end = ALIGN((unsigned long)_end, PMD_SIZE);
/*
* This clears _PAGE_GLOBAL from the entire kernel image.

Some files were not shown because too many files have changed in this diff Show More