mirror of
https://github.com/hardkernel/linux.git
synced 2026-03-26 12:30:23 +09:00
51aee9ecaf77458d6bbeb827320141aa46dc9a36
127054 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
Greg Kroah-Hartman
|
f0a557399c |
Merge 5.10.101 into android13-5.10
Changes in 5.10.101 integrity: check the return value of audit_log_start() ima: Remove ima_policy file before directory ima: Allow template selection with ima_template[_fmt]= after ima_hash= ima: Do not print policy rule with inactive LSM labels mmc: sdhci-of-esdhc: Check for error num after setting mask can: isotp: fix potential CAN frame reception race in isotp_rcv() net: phy: marvell: Fix RGMII Tx/Rx delays setting in 88e1121-compatible PHYs net: phy: marvell: Fix MDI-x polarity setting in 88e1118-compatible PHYs NFS: Fix initialisation of nfs_client cl_flags field NFSD: Clamp WRITE offsets NFSD: Fix offset type in I/O trace points drm/amdgpu: Set a suitable dev_info.gart_page_size tracing: Propagate is_signed to expression NFS: change nfs_access_get_cached to only report the mask NFSv4 only print the label when its queried nfs: nfs4clinet: check the return value of kstrdup() NFSv4.1: Fix uninitialised variable in devicenotify NFSv4 remove zero number of fs_locations entries error check NFSv4 expose nfs_parse_server_name function NFSv4 handle port presence in fs_location server string x86/perf: Avoid warning for Arch LBR without XSAVE drm: panel-orientation-quirks: Add quirk for the 1Netbook OneXPlayer net: sched: Clarify error message when qdisc kind is unknown powerpc/fixmap: Fix VM debug warning on unmap scsi: target: iscsi: Make sure the np under each tpg is unique scsi: ufs: ufshcd-pltfrm: Check the return value of devm_kstrdup() scsi: qedf: Add stag_work to all the vports scsi: qedf: Fix refcount issue when LOGO is received during TMF scsi: pm8001: Fix bogus FW crash for maxcpus=1 scsi: ufs: Treat link loss as fatal error scsi: myrs: Fix crash in error case PM: hibernate: Remove register_nosave_region_late() usb: dwc2: gadget: don't try to disable ep0 in dwc2_hsotg_suspend perf: Always wake the parent event nvme-pci: add the IGNORE_DEV_SUBNQN quirk for Intel P4500/P4600 SSDs net: stmmac: dwmac-sun8i: use return val of readl_poll_timeout() KVM: eventfd: Fix false positive RCU usage warning KVM: nVMX: eVMCS: Filter out VM_EXIT_SAVE_VMX_PREEMPTION_TIMER KVM: nVMX: Also filter MSR_IA32_VMX_TRUE_PINBASED_CTLS when eVMCS KVM: SVM: Don't kill SEV guest if SMAP erratum triggers in usermode KVM: VMX: Set vmcs.PENDING_DBG.BS on #DB in STI/MOVSS blocking shadow riscv: fix build with binutils 2.38 ARM: dts: imx23-evk: Remove MX23_PAD_SSP1_DETECT from hog group ARM: dts: Fix boot regression on Skomer ARM: socfpga: fix missing RESET_CONTROLLER nvme-tcp: fix bogus request completion when failing to send AER ACPI/IORT: Check node revision for PMCG resources PM: s2idle: ACPI: Fix wakeup interrupts handling drm/rockchip: vop: Correct RK3399 VOP register fields ARM: dts: Fix timer regression for beagleboard revision c ARM: dts: meson: Fix the UART compatible strings ARM: dts: meson8: Fix the UART device-tree schema validation ARM: dts: meson8b: Fix the UART device-tree schema validation staging: fbtft: Fix error path in fbtft_driver_module_init() ARM: dts: imx6qdl-udoo: Properly describe the SD card detect phy: xilinx: zynqmp: Fix bus width setting for SGMII ARM: dts: imx7ulp: Fix 'assigned-clocks-parents' typo usb: f_fs: Fix use-after-free for epfile gpio: aggregator: Fix calling into sleeping GPIO controllers drm/vc4: hdmi: Allow DBLCLK modes even if horz timing is odd. misc: fastrpc: avoid double fput() on failed usercopy netfilter: ctnetlink: disable helper autoassign arm64: dts: meson-g12b-odroid-n2: fix typo 'dio2133' ixgbevf: Require large buffers for build_skb on 82599VF drm/panel: simple: Assign data from panel_dpi_probe() correctly ACPI: PM: s2idle: Cancel wakeup before dispatching EC GPE gpio: sifive: use the correct register to read output values bonding: pair enable_port with slave_arr_updates net: dsa: mv88e6xxx: don't use devres for mdiobus net: dsa: ar9331: register the mdiobus under devres net: dsa: bcm_sf2: don't use devres for mdiobus net: dsa: felix: don't use devres for mdiobus net: dsa: lantiq_gswip: don't use devres for mdiobus ipmr,ip6mr: acquire RTNL before calling ip[6]mr_free_table() on failure path nfp: flower: fix ida_idx not being released net: do not keep the dst cache when uncloning an skb dst and its metadata net: fix a memleak when uncloning an skb dst and its metadata veth: fix races around rq->rx_notify_masked net: mdio: aspeed: Add missing MODULE_DEVICE_TABLE tipc: rate limit warning for received illegal binding update net: amd-xgbe: disable interrupts during pci removal dpaa2-eth: unregister the netdev before disconnecting from the PHY ice: fix an error code in ice_cfg_phy_fec() ice: fix IPIP and SIT TSO offload net: mscc: ocelot: fix mutex lock error during ethtool stats read net: dsa: mv88e6xxx: fix use-after-free in mv88e6xxx_mdios_unregister vt_ioctl: fix array_index_nospec in vt_setactivate vt_ioctl: add array_index_nospec to VT_ACTIVATE n_tty: wake up poll(POLLRDNORM) on receiving data eeprom: ee1004: limit i2c reads to I2C_SMBUS_BLOCK_MAX usb: dwc2: drd: fix soft connect when gadget is unconfigured Revert "usb: dwc2: drd: fix soft connect when gadget is unconfigured" net: usb: ax88179_178a: Fix out-of-bounds accesses in RX fixup usb: ulpi: Move of_node_put to ulpi_dev_release usb: ulpi: Call of_node_put correctly usb: dwc3: gadget: Prevent core from processing stale TRBs usb: gadget: udc: renesas_usb3: Fix host to USB_ROLE_NONE transition USB: gadget: validate interface OS descriptor requests usb: gadget: rndis: check size of RNDIS_MSG_SET command usb: gadget: f_uac2: Define specific wTerminalType usb: raw-gadget: fix handling of dual-direction-capable endpoints USB: serial: ftdi_sio: add support for Brainboxes US-159/235/320 USB: serial: option: add ZTE MF286D modem USB: serial: ch341: add support for GW Instek USB2.0-Serial devices USB: serial: cp210x: add NCR Retail IO box id USB: serial: cp210x: add CPI Bulk Coin Recycler id speakup-dectlk: Restore pitch setting phy: ti: Fix missing sentinel for clk_div_table hwmon: (dell-smm) Speed up setting of fan speed Makefile.extrawarn: Move -Wunaligned-access to W=1 can: isotp: fix error path in isotp_sendmsg() to unlock wait queue scsi: lpfc: Remove NVMe support if kernel has NVME_FC disabled scsi: lpfc: Reduce log messages seen after firmware download arm64: dts: imx8mq: fix lcdif port node perf: Fix list corruption in perf_cgroup_switch() iommu: Fix potential use-after-free during probe Linux 5.10.101 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I6105dcbfc0c7f1373020d378d2048e692dc502ab |
||
|
Antoine Tenart
|
00e6d6c3bc |
net: fix a memleak when uncloning an skb dst and its metadata
[ Upstream commit |
||
|
Antoine Tenart
|
2e9fd2d0f6 |
net: do not keep the dst cache when uncloning an skb dst and its metadata
[ Upstream commit |
||
|
Florian Westphal
|
04fe6569a7 |
netfilter: ctnetlink: disable helper autoassign
[ Upstream commit |
||
|
Rafael J. Wysocki
|
a941384fba |
PM: s2idle: ACPI: Fix wakeup interrupts handling
commit |
||
|
Amadeusz Sławiński
|
4607218fde |
PM: hibernate: Remove register_nosave_region_late()
[ Upstream commit
|
||
|
NeilBrown
|
e2b4435fd3 |
NFS: change nfs_access_get_cached to only report the mask
[ Upstream commit
|
||
|
Andrey Konovalov
|
460aa619e3 |
FROMGIT: kasan, vmalloc: only tag normal vmalloc allocations
The kernel can use to allocate executable memory. The only supported way to do that is via __vmalloc_node_range() with the executable bit set in the prot argument. (vmap() resets the bit via pgprot_nx()). Once tag-based KASAN modes start tagging vmalloc allocations, executing code from such allocations will lead to the PC register getting a tag, which is not tolerated by the kernel. Only tag the allocations for normal kernel pages. Link: https://lkml.kernel.org/r/fbfd9939a4dc375923c9a5c6b9e7ab05c26b8c6b.1643047180.git.andreyknvl@google.com Signed-off-by: Andrey Konovalov <andreyknvl@google.com> Acked-by: Marco Elver <elver@google.com> Cc: Alexander Potapenko <glider@google.com> Cc: Andrey Ryabinin <ryabinin.a.a@gmail.com> Cc: Catalin Marinas <catalin.marinas@arm.com> Cc: Dmitry Vyukov <dvyukov@google.com> Cc: Evgenii Stepanov <eugenis@google.com> Cc: Mark Rutland <mark.rutland@arm.com> Cc: Peter Collingbourne <pcc@google.com> Cc: Vincenzo Frascino <vincenzo.frascino@arm.com> Cc: Will Deacon <will@kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Stephen Rothwell <sfr@canb.auug.org.au> (cherry picked from commit 831af5e7f050e2c4cc0aa1989753d14e6361cae7 git://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git akpm) Bug: 217222520 Change-Id: I77c52e16d63f23ed84a6eb488996b1822eeb09e9 Signed-off-by: Andrey Konovalov <andreyknvl@google.com> |
||
|
Andrey Konovalov
|
01047c8c75 |
BACKPORT: FROMGIT: kasan, vmalloc: add vmalloc tagging for HW_TAGS
(Backport: drop find_vmap_area_exceed_addr changes, as the function is not present in 5.10.) Add vmalloc tagging support to HW_TAGS KASAN. The key difference between HW_TAGS and the other two KASAN modes when it comes to vmalloc: HW_TAGS KASAN can only assign tags to physical memory. The other two modes have shadow memory covering every mapped virtual memory region. Make __kasan_unpoison_vmalloc() for HW_TAGS KASAN: - Skip non-VM_ALLOC mappings as HW_TAGS KASAN can only tag a single mapping of normal physical memory; see the comment in the function. - Generate a random tag, tag the returned pointer and the allocation, and initialize the allocation at the same time. - Propagate the tag into the page stucts to allow accesses through page_address(vmalloc_to_page()). The rest of vmalloc-related KASAN hooks are not needed: - The shadow-related ones are fully skipped. - __kasan_poison_vmalloc() is kept as a no-op with a comment. Poisoning and zeroing of physical pages that are backing vmalloc() allocations are skipped via __GFP_SKIP_KASAN_UNPOISON and __GFP_SKIP_ZERO: __kasan_unpoison_vmalloc() does that instead. Enabling CONFIG_KASAN_VMALLOC with HW_TAGS is not yet allowed. Link: https://lkml.kernel.org/r/d19b2e9e59a9abc59d05b72dea8429dcaea739c6.1643047180.git.andreyknvl@google.com Signed-off-by: Andrey Konovalov <andreyknvl@google.com> Co-developed-by: Vincenzo Frascino <vincenzo.frascino@arm.com> Signed-off-by: Vincenzo Frascino <vincenzo.frascino@arm.com> Acked-by: Marco Elver <elver@google.com> Cc: Alexander Potapenko <glider@google.com> Cc: Andrey Ryabinin <ryabinin.a.a@gmail.com> Cc: Catalin Marinas <catalin.marinas@arm.com> Cc: Dmitry Vyukov <dvyukov@google.com> Cc: Evgenii Stepanov <eugenis@google.com> Cc: Mark Rutland <mark.rutland@arm.com> Cc: Peter Collingbourne <pcc@google.com> Cc: Will Deacon <will@kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Stephen Rothwell <sfr@canb.auug.org.au> (cherry picked from commit c9a950bcf1d67298187050bc3179096e4ef248c1 git://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git akpm) Bug: 217222520 Change-Id: I446b0ae074938389ade70bf503784d4d32b5d09b Signed-off-by: Andrey Konovalov <andreyknvl@google.com> |
||
|
Andrey Konovalov
|
20cd51626a |
BACKPORT: FROMGIT: kasan, page_alloc: allow skipping memory init for HW_TAGS
(Backport: adapt the patch to account for added GFP flags and __GFP_BITS_SHIFT definition changes; don't try to pack all flags to avoid macro mess.) Add a new GFP flag __GFP_SKIP_ZERO that allows to skip memory initialization. The flag is only effective with HW_TAGS KASAN. This flag will be used by vmalloc code for page_alloc allocations backing vmalloc() mappings in a following patch. The reason to skip memory initialization for these pages in page_alloc is because vmalloc code will be initializing them instead. With the current implementation, when __GFP_SKIP_ZERO is provided, __GFP_ZEROTAGS is ignored. This doesn't matter, as these two flags are never provided at the same time. However, if this is changed in the future, this particular implementation detail can be changed as well. Link: https://lkml.kernel.org/r/0d53efeff345de7d708e0baa0d8829167772521e.1643047180.git.andreyknvl@google.com Signed-off-by: Andrey Konovalov <andreyknvl@google.com> Acked-by: Marco Elver <elver@google.com> Cc: Alexander Potapenko <glider@google.com> Cc: Andrey Ryabinin <ryabinin.a.a@gmail.com> Cc: Catalin Marinas <catalin.marinas@arm.com> Cc: Dmitry Vyukov <dvyukov@google.com> Cc: Evgenii Stepanov <eugenis@google.com> Cc: Mark Rutland <mark.rutland@arm.com> Cc: Peter Collingbourne <pcc@google.com> Cc: Vincenzo Frascino <vincenzo.frascino@arm.com> Cc: Will Deacon <will@kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Stephen Rothwell <sfr@canb.auug.org.au> (cherry picked from commit db88e21f5cce8c45f7973a272c3bd60440f0e1b2 git://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git akpm) Bug: 217222520 Change-Id: I617be9a6e1480a204edea41a3627fb6a41733753 Signed-off-by: Andrey Konovalov <andreyknvl@google.com> |
||
|
Andrey Konovalov
|
352906d8e9 |
BACKPORT: FROMGIT: kasan, page_alloc: allow skipping unpoisoning for HW_TAGS
(Backport: adapt the patch to account for added GFP flags and __GFP_BITS_SHIFT definition changes; don't try to pack all flags to avoid macro mess.) Add a new GFP flag __GFP_SKIP_KASAN_UNPOISON that allows skipping KASAN poisoning for page_alloc allocations. The flag is only effective with HW_TAGS KASAN. This flag will be used by vmalloc code for page_alloc allocations backing vmalloc() mappings in a following patch. The reason to skip KASAN poisoning for these pages in page_alloc is because vmalloc code will be poisoning them instead. Also reword the comment for __GFP_SKIP_KASAN_POISON. Link: https://lkml.kernel.org/r/35c97d77a704f6ff971dd3bfe4be95855744108e.1643047180.git.andreyknvl@google.com Signed-off-by: Andrey Konovalov <andreyknvl@google.com> Acked-by: Marco Elver <elver@google.com> Cc: Alexander Potapenko <glider@google.com> Cc: Andrey Ryabinin <ryabinin.a.a@gmail.com> Cc: Catalin Marinas <catalin.marinas@arm.com> Cc: Dmitry Vyukov <dvyukov@google.com> Cc: Evgenii Stepanov <eugenis@google.com> Cc: Mark Rutland <mark.rutland@arm.com> Cc: Peter Collingbourne <pcc@google.com> Cc: Vincenzo Frascino <vincenzo.frascino@arm.com> Cc: Will Deacon <will@kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Stephen Rothwell <sfr@canb.auug.org.au> (cherry picked from commit 9a47b06547a9c28d2899b27888bc006422d29554 git://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git akpm) Bug: 217222520 Change-Id: I9c52fa6370c6fd19d23edaed1a082cae946e2ef5 Signed-off-by: Andrey Konovalov <andreyknvl@google.com> |
||
|
Andrey Konovalov
|
682a821bd7 |
BACKPORT: FROMGIT: kasan, mm: only define ___GFP_SKIP_KASAN_POISON with HW_TAGS
(Backport: adapt the patch to account for __GFP_BITS_SHIFT changes.) Only define the ___GFP_SKIP_KASAN_POISON flag when CONFIG_KASAN_HW_TAGS is enabled. This patch it not useful by itself, but it prepares the code for additions of new KASAN-specific GFP patches. Link: https://lkml.kernel.org/r/44e5738a584c11801b2b8f1231898918efc8634a.1643047180.git.andreyknvl@google.com Signed-off-by: Andrey Konovalov <andreyknvl@google.com> Acked-by: Marco Elver <elver@google.com> Cc: Alexander Potapenko <glider@google.com> Cc: Andrey Ryabinin <ryabinin.a.a@gmail.com> Cc: Catalin Marinas <catalin.marinas@arm.com> Cc: Dmitry Vyukov <dvyukov@google.com> Cc: Evgenii Stepanov <eugenis@google.com> Cc: Mark Rutland <mark.rutland@arm.com> Cc: Peter Collingbourne <pcc@google.com> Cc: Vincenzo Frascino <vincenzo.frascino@arm.com> Cc: Will Deacon <will@kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Stephen Rothwell <sfr@canb.auug.org.au> (cherry picked from commit b3963a3ecc9b53c788f7f5d542110d0fd350967d git://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git akpm) Bug: 217222520 Change-Id: Id971e37a04f138469b4a24cd5a87aeef4ab583c4 Signed-off-by: Andrey Konovalov <andreyknvl@google.com> |
||
|
Andrey Konovalov
|
a537a4c09f |
BACKPORT: FROMGIT: kasan, vmalloc, arm64: mark vmalloc mappings as pgprot_tagged
(Backport: conflicts due to adjacent lines changed; add includes to arch/arm64/include/asm/vmalloc.h.) HW_TAGS KASAN relies on ARM Memory Tagging Extension (MTE). With MTE, a memory region must be mapped as MT_NORMAL_TAGGED to allow setting memory tags via MTE-specific instructions. Add proper protection bits to vmalloc() allocations. These allocations are always backed by page_alloc pages, so the tags will actually be getting set on the corresponding physical memory. Link: https://lkml.kernel.org/r/983fc33542db2f6b1e77b34ca23448d4640bbb9e.1643047180.git.andreyknvl@google.com Signed-off-by: Andrey Konovalov <andreyknvl@google.com> Co-developed-by: Vincenzo Frascino <vincenzo.frascino@arm.com> Signed-off-by: Vincenzo Frascino <vincenzo.frascino@arm.com> Acked-by: Marco Elver <elver@google.com> Cc: Alexander Potapenko <glider@google.com> Cc: Andrey Ryabinin <ryabinin.a.a@gmail.com> Cc: Catalin Marinas <catalin.marinas@arm.com> Cc: Dmitry Vyukov <dvyukov@google.com> Cc: Evgenii Stepanov <eugenis@google.com> Cc: Mark Rutland <mark.rutland@arm.com> Cc: Peter Collingbourne <pcc@google.com> Cc: Will Deacon <will@kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Stephen Rothwell <sfr@canb.auug.org.au> (cherry picked from commit df70c9aebdba46948cf5af35a82c23a8e8376797 git://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git akpm) Bug: 217222520 Change-Id: I1ea6aa7cfa907a75fa1b8cab3d33538f89fe0fca Signed-off-by: Andrey Konovalov <andreyknvl@google.com> |
||
|
Andrey Konovalov
|
57d4eb31e8 |
FROMGIT: kasan, vmalloc: add vmalloc tagging for SW_TAGS
Add vmalloc tagging support to SW_TAGS KASAN. - __kasan_unpoison_vmalloc() now assigns a random pointer tag, poisons the virtual mapping accordingly, and embeds the tag into the returned pointer. - __get_vm_area_node() (used by vmalloc() and vmap()) and pcpu_get_vm_areas() save the tagged pointer into vm_struct->addr (note: not into vmap_area->addr). This requires putting kasan_unpoison_vmalloc() after setup_vmalloc_vm[_locked](); otherwise the latter will overwrite the tagged pointer. The tagged pointer then is naturally propagateed to vmalloc() and vmap(). - vm_map_ram() returns the tagged pointer directly. As a result of this change, vm_struct->addr is now tagged. Enabling KASAN_VMALLOC with SW_TAGS is not yet allowed. Link: https://lkml.kernel.org/r/4a78f3c064ce905e9070c29733aca1dd254a74f1.1643047180.git.andreyknvl@google.com Signed-off-by: Andrey Konovalov <andreyknvl@google.com> Acked-by: Marco Elver <elver@google.com> Cc: Alexander Potapenko <glider@google.com> Cc: Andrey Ryabinin <ryabinin.a.a@gmail.com> Cc: Catalin Marinas <catalin.marinas@arm.com> Cc: Dmitry Vyukov <dvyukov@google.com> Cc: Evgenii Stepanov <eugenis@google.com> Cc: Mark Rutland <mark.rutland@arm.com> Cc: Peter Collingbourne <pcc@google.com> Cc: Vincenzo Frascino <vincenzo.frascino@arm.com> Cc: Will Deacon <will@kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Stephen Rothwell <sfr@canb.auug.org.au> (cherry picked from commit 93555972485ebcac55b3855205bf154f1ba8478f git://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git akpm) Bug: 217222520 Change-Id: I1e156582d91c39a3bf3351405ffd82624072b653 Signed-off-by: Andrey Konovalov <andreyknvl@google.com> |
||
|
Andrey Konovalov
|
83ab9cb5c3 |
FROMGIT: kasan: add wrappers for vmalloc hooks
Add wrappers around functions that [un]poison memory for vmalloc allocations. These functions will be used by HW_TAGS KASAN and therefore need to be disabled when kasan=off command line argument is provided. This patch does no functional changes for software KASAN modes. Link: https://lkml.kernel.org/r/3b8728eac438c55389fb0f9a8a2145d71dd77487.1643047180.git.andreyknvl@google.com Signed-off-by: Andrey Konovalov <andreyknvl@google.com> Reviewed-by: Alexander Potapenko <glider@google.com> Acked-by: Marco Elver <elver@google.com> Cc: Andrey Ryabinin <ryabinin.a.a@gmail.com> Cc: Catalin Marinas <catalin.marinas@arm.com> Cc: Dmitry Vyukov <dvyukov@google.com> Cc: Evgenii Stepanov <eugenis@google.com> Cc: Mark Rutland <mark.rutland@arm.com> Cc: Peter Collingbourne <pcc@google.com> Cc: Vincenzo Frascino <vincenzo.frascino@arm.com> Cc: Will Deacon <will@kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Stephen Rothwell <sfr@canb.auug.org.au> (cherry picked from commit 229f54a9a70a62e5e1cc4c52fae578113519a547 git://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git akpm) Bug: 217222520 Change-Id: I78cd783997a59a255120b47de4851d16968ed77c Signed-off-by: Andrey Konovalov <andreyknvl@google.com> |
||
|
Andrey Konovalov
|
8443112c12 |
BACKPORT: FROMGIT: kasan: reorder vmalloc hooks
(Backport: drop kasan_populate_early_vm_area_shadow changes, as
|
||
|
Andrey Konovalov
|
4dfbecd756 |
BACKPORT: FROMGIT: kasan, vmalloc: drop outdated VM_KASAN comment
(Backport: conflicts with not backported grammar fixes.) The comment about VM_KASAN in include/linux/vmalloc.c is outdated. VM_KASAN is currently only used to mark vm_areas allocated for kernel modules when CONFIG_KASAN_VMALLOC is disabled. Drop the comment. Link: https://lkml.kernel.org/r/780395afea83a147b3b5acc36cf2e38f7f8479f9.1643047180.git.andreyknvl@google.com Signed-off-by: Andrey Konovalov <andreyknvl@google.com> Reviewed-by: Alexander Potapenko <glider@google.com> Acked-by: Marco Elver <elver@google.com> Cc: Andrey Ryabinin <ryabinin.a.a@gmail.com> Cc: Catalin Marinas <catalin.marinas@arm.com> Cc: Dmitry Vyukov <dvyukov@google.com> Cc: Evgenii Stepanov <eugenis@google.com> Cc: Mark Rutland <mark.rutland@arm.com> Cc: Peter Collingbourne <pcc@google.com> Cc: Vincenzo Frascino <vincenzo.frascino@arm.com> Cc: Will Deacon <will@kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Stephen Rothwell <sfr@canb.auug.org.au> (cherry picked from commit 9315a646b156aa70d2453f14c56f9901c18c4142 git://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git akpm) Bug: 217222520 Change-Id: I894a02f14a07c0f3bac0f15564215b641f5736e0 Signed-off-by: Andrey Konovalov <andreyknvl@google.com> |
||
|
Andrey Konovalov
|
a585db0de0 |
FROMGIT: kasan, x86, arm64, s390: rename functions for modules shadow
Rename kasan_free_shadow to kasan_free_module_shadow and kasan_module_alloc to kasan_alloc_module_shadow. These functions are used to allocate/free shadow memory for kernel modules when KASAN_VMALLOC is not enabled. The new names better reflect their purpose. Also reword the comment next to their declaration to improve clarity. Link: https://lkml.kernel.org/r/36db32bde765d5d0b856f77d2d806e838513fe84.1643047180.git.andreyknvl@google.com Signed-off-by: Andrey Konovalov <andreyknvl@google.com> Acked-by: Catalin Marinas <catalin.marinas@arm.com> Acked-by: Marco Elver <elver@google.com> Cc: Alexander Potapenko <glider@google.com> Cc: Andrey Ryabinin <ryabinin.a.a@gmail.com> Cc: Dmitry Vyukov <dvyukov@google.com> Cc: Evgenii Stepanov <eugenis@google.com> Cc: Mark Rutland <mark.rutland@arm.com> Cc: Peter Collingbourne <pcc@google.com> Cc: Vincenzo Frascino <vincenzo.frascino@arm.com> Cc: Will Deacon <will@kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Stephen Rothwell <sfr@canb.auug.org.au> (cherry picked from commit c7073f59d25ed0f9eca0a15e7a232b92d720bfbf git://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git akpm) Bug: 217222520 Change-Id: I42a719cf9b65ab032987f5bcc4aabd15dad26888 Signed-off-by: Andrey Konovalov <andreyknvl@google.com> |
||
|
Andrey Konovalov
|
f8fcca16ee |
FROMGIT: kasan, page_alloc: merge kasan_alloc_pages into post_alloc_hook
Currently, the code responsible for initializing and poisoning memory in post_alloc_hook() is scattered across two locations: kasan_alloc_pages() hook for HW_TAGS KASAN and post_alloc_hook() itself. This is confusing. This and a few following patches combine the code from these two locations. Along the way, these patches do a step-by-step restructure the many performed checks to make them easier to follow. Replace the only caller of kasan_alloc_pages() with its implementation. As kasan_has_integrated_init() is only true when CONFIG_KASAN_HW_TAGS is enabled, moving the code does no functional changes. Also move init and init_tags variables definitions out of kasan_has_integrated_init() clause in post_alloc_hook(), as they have the same values regardless of what the if condition evaluates to. This patch is not useful by itself but makes the simplifications in the following patches easier to follow. Link: https://lkml.kernel.org/r/5ac7e0b30f5cbb177ec363ddd7878a3141289592.1643047180.git.andreyknvl@google.com Signed-off-by: Andrey Konovalov <andreyknvl@google.com> Acked-by: Marco Elver <elver@google.com> Cc: Alexander Potapenko <glider@google.com> Cc: Andrey Ryabinin <ryabinin.a.a@gmail.com> Cc: Catalin Marinas <catalin.marinas@arm.com> Cc: Dmitry Vyukov <dvyukov@google.com> Cc: Evgenii Stepanov <eugenis@google.com> Cc: Mark Rutland <mark.rutland@arm.com> Cc: Peter Collingbourne <pcc@google.com> Cc: Vincenzo Frascino <vincenzo.frascino@arm.com> Cc: Will Deacon <will@kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Stephen Rothwell <sfr@canb.auug.org.au> (cherry picked from commit 2a10554bf7e83f0613511f6781afe03cebab5a6c git://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git akpm) Bug: 217222520 Change-Id: Iafd536232d6f9996887f9e7e47b22f6d65e6c28a Signed-off-by: Andrey Konovalov <andreyknvl@google.com> |
||
|
Andrey Konovalov
|
79faa99fb2 |
FROMGIT: mm: clarify __GFP_ZEROTAGS comment
__GFP_ZEROTAGS is intended as an optimization: if memory is zeroed during allocation, it's possible to set memory tags at the same time with little performance impact. Clarify this intention of __GFP_ZEROTAGS in the comment. Link: https://lkml.kernel.org/r/cdffde013973c5634a447513e10ec0d21e8eee29.1643047180.git.andreyknvl@google.com Signed-off-by: Andrey Konovalov <andreyknvl@google.com> Acked-by: Marco Elver <elver@google.com> Cc: Alexander Potapenko <glider@google.com> Cc: Andrey Ryabinin <ryabinin.a.a@gmail.com> Cc: Catalin Marinas <catalin.marinas@arm.com> Cc: Dmitry Vyukov <dvyukov@google.com> Cc: Evgenii Stepanov <eugenis@google.com> Cc: Mark Rutland <mark.rutland@arm.com> Cc: Peter Collingbourne <pcc@google.com> Cc: Vincenzo Frascino <vincenzo.frascino@arm.com> Cc: Will Deacon <will@kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Stephen Rothwell <sfr@canb.auug.org.au> (cherry picked from commit 7023db5ba49e559dac67152bf95f8264941928d0 git://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git akpm) Bug: 217222520 Change-Id: Id498ea0c72adff5bc752394161a3a69ccbeba912 Signed-off-by: Andrey Konovalov <andreyknvl@google.com> |
||
|
Andrey Konovalov
|
93ee6de568 |
FROMGIT: kasan, page_alloc: merge kasan_free_pages into free_pages_prepare
Currently, the code responsible for initializing and poisoning memory in free_pages_prepare() is scattered across two locations: kasan_free_pages() for HW_TAGS KASAN and free_pages_prepare() itself. This is confusing. This and a few following patches combine the code from these two locations. Along the way, these patches also simplify the performed checks to make them easier to follow. Replaces the only caller of kasan_free_pages() with its implementation. As kasan_has_integrated_init() is only true when CONFIG_KASAN_HW_TAGS is enabled, moving the code does no functional changes. This patch is not useful by itself but makes the simplifications in the following patches easier to follow. Link: https://lkml.kernel.org/r/303498d15840bb71905852955c6e2390ecc87139.1643047180.git.andreyknvl@google.com Signed-off-by: Andrey Konovalov <andreyknvl@google.com> Reviewed-by: Alexander Potapenko <glider@google.com> Acked-by: Marco Elver <elver@google.com> Cc: Andrey Ryabinin <ryabinin.a.a@gmail.com> Cc: Catalin Marinas <catalin.marinas@arm.com> Cc: Dmitry Vyukov <dvyukov@google.com> Cc: Evgenii Stepanov <eugenis@google.com> Cc: Mark Rutland <mark.rutland@arm.com> Cc: Peter Collingbourne <pcc@google.com> Cc: Vincenzo Frascino <vincenzo.frascino@arm.com> Cc: Will Deacon <will@kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Stephen Rothwell <sfr@canb.auug.org.au> (cherry picked from commit c0a6431afea7568de0a427aca260388e6fe5a833 git://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git akpm) Bug: 217222520 Change-Id: Ia88ae7b249cd81375e8f7a4f78f14d7f30e2e038 Signed-off-by: Andrey Konovalov <andreyknvl@google.com> |
||
|
Mike Rapoport
|
a5993a710c |
UPSTREAM: mmflags.h: add missing __GFP_ZEROTAGS and __GFP_SKIP_KASAN_POISON names
printk("%pGg") outputs these two flags as hexadecimal number, rather
than as a string, e.g:
GFP_KERNEL|0x1800000
Fix this by adding missing names of __GFP_ZEROTAGS and
__GFP_SKIP_KASAN_POISON flags to __def_gfpflag_names.
Link: https://lkml.kernel.org/r/20210816133502.590-1-rppt@kernel.org
Fixes:
|
||
|
Kefeng Wang
|
f26b7aacea |
UPSTREAM: mm: defer kmemleak object creation of module_alloc()
Yongqiang reports a kmemleak panic when module insmod/rmmod with KASAN
enabled(without KASAN_VMALLOC) on x86[1].
When the module area allocates memory, it's kmemleak_object is created
successfully, but the KASAN shadow memory of module allocation is not
ready, so when kmemleak scan the module's pointer, it will panic due to
no shadow memory with KASAN check.
module_alloc
__vmalloc_node_range
kmemleak_vmalloc
kmemleak_scan
update_checksum
kasan_module_alloc
kmemleak_ignore
Note, there is no problem if KASAN_VMALLOC enabled, the modules area
entire shadow memory is preallocated. Thus, the bug only exits on ARCH
which supports dynamic allocation of module area per module load, for
now, only x86/arm64/s390 are involved.
Add a VM_DEFER_KMEMLEAK flags, defer vmalloc'ed object register of
kmemleak in module_alloc() to fix this issue.
[1] https://lore.kernel.org/all/6d41e2b9-4692-5ec4-b1cd-cbe29ae89739@huawei.com/
[wangkefeng.wang@huawei.com: fix build]
Link: https://lkml.kernel.org/r/20211125080307.27225-1-wangkefeng.wang@huawei.com
[akpm@linux-foundation.org: simplify ifdefs, per Andrey]
Link: https://lkml.kernel.org/r/CA+fCnZcnwJHUQq34VuRxpdoY6_XbJCDJ-jopksS5Eia4PijPzw@mail.gmail.com
Link: https://lkml.kernel.org/r/20211124142034.192078-1-wangkefeng.wang@huawei.com
Fixes:
|
||
|
Marco Elver
|
e3e5e4a728 |
UPSTREAM: kasan: generic: introduce kasan_record_aux_stack_noalloc()
Introduce a variant of kasan_record_aux_stack() that does not do any
memory allocation through stackdepot. This will permit using it in
contexts that cannot allocate any memory.
Link: https://lkml.kernel.org/r/20210913112609.2651084-6-elver@google.com
Signed-off-by: Marco Elver <elver@google.com>
Tested-by: Shuah Khan <skhan@linuxfoundation.org>
Acked-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de>
Reviewed-by: Andrey Konovalov <andreyknvl@gmail.com>
Cc: Alexander Potapenko <glider@google.com>
Cc: Andrey Ryabinin <ryabinin.a.a@gmail.com>
Cc: Dmitry Vyukov <dvyukov@google.com>
Cc: "Gustavo A. R. Silva" <gustavoars@kernel.org>
Cc: Lai Jiangshan <jiangshanlai@gmail.com>
Cc: Taras Madan <tarasmadan@google.com>
Cc: Tejun Heo <tj@kernel.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Vijayanand Jitta <vjitta@codeaurora.org>
Cc: Vinayak Menon <vinmenon@codeaurora.org>
Cc: Walter Wu <walter-zh.wu@mediatek.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
(cherry picked from commit
|
||
|
Marco Elver
|
edcc1b6ef3 |
UPSTREAM: lib/stackdepot: introduce __stack_depot_save()
Add __stack_depot_save(), which provides more fine-grained control over
stackdepot's memory allocation behaviour, in case stackdepot runs out of
"stack slabs".
Normally stackdepot uses alloc_pages() in case it runs out of space;
passing can_alloc==false to __stack_depot_save() prohibits this, at the
cost of more likely failure to record a stack trace.
Link: https://lkml.kernel.org/r/20210913112609.2651084-4-elver@google.com
Signed-off-by: Marco Elver <elver@google.com>
Tested-by: Shuah Khan <skhan@linuxfoundation.org>
Acked-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de>
Reviewed-by: Andrey Konovalov <andreyknvl@gmail.com>
Cc: Alexander Potapenko <glider@google.com>
Cc: Andrey Ryabinin <ryabinin.a.a@gmail.com>
Cc: Dmitry Vyukov <dvyukov@google.com>
Cc: "Gustavo A. R. Silva" <gustavoars@kernel.org>
Cc: Lai Jiangshan <jiangshanlai@gmail.com>
Cc: Taras Madan <tarasmadan@google.com>
Cc: Tejun Heo <tj@kernel.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Vijayanand Jitta <vjitta@codeaurora.org>
Cc: Vinayak Menon <vinmenon@codeaurora.org>
Cc: Walter Wu <walter-zh.wu@mediatek.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
(cherry picked from commit
|
||
|
Marco Elver
|
5b02568375 |
UPSTREAM: lib/stackdepot: include gfp.h
Patch series "stackdepot, kasan, workqueue: Avoid expanding stackdepot slabs when holding raw_spin_lock", v2. Shuah Khan reported [1]: | When CONFIG_PROVE_RAW_LOCK_NESTING=y and CONFIG_KASAN are enabled, | kasan_record_aux_stack() runs into "BUG: Invalid wait context" when | it tries to allocate memory attempting to acquire spinlock in page | allocation code while holding workqueue pool raw_spinlock. | | There are several instances of this problem when block layer tries | to __queue_work(). Call trace from one of these instances is below: | | kblockd_mod_delayed_work_on() | mod_delayed_work_on() | __queue_delayed_work() | __queue_work() (rcu_read_lock, raw_spin_lock pool->lock held) | insert_work() | kasan_record_aux_stack() | kasan_save_stack() | stack_depot_save() | alloc_pages() | __alloc_pages() | get_page_from_freelist() | rm_queue() | rm_queue_pcplist() | local_lock_irqsave(&pagesets.lock, flags); | [ BUG: Invalid wait context triggered ] PROVE_RAW_LOCK_NESTING is pointing out that (on RT kernels) the locking rules are being violated. More generally, memory is being allocated from a non-preemptive context (raw_spin_lock'd c-s) where it is not allowed. To properly fix this, we must prevent stackdepot from replenishing its "stack slab" pool if memory allocations cannot be done in the current context: it's a bug to use either GFP_ATOMIC nor GFP_NOWAIT in certain non-preemptive contexts, including raw_spin_locks (see gfp.h and commit |
||
|
Qian Cai
|
531f811d32 |
BACKPORT: arm64: Track no early_pgtable_alloc() for kmemleak
(Backport: arm32 KASAN not backported; drop related changes.) After switched page size from 64KB to 4KB on several arm64 servers here, kmemleak starts to run out of early memory pool due to a huge number of those early_pgtable_alloc() calls: kmemleak_alloc_phys() memblock_alloc_range_nid() memblock_phys_alloc_range() early_pgtable_alloc() init_pmd() alloc_init_pud() __create_pgd_mapping() __map_memblock() paging_init() setup_arch() start_kernel() Increased the default value of DEBUG_KMEMLEAK_MEM_POOL_SIZE by 4 times won't be enough for a server with 200GB+ memory. There isn't much interesting to check memory leaks for those early page tables and those early memory mappings should not reference to other memory. Hence, no kmemleak false positives, and we can safely skip tracking those early allocations from kmemleak like we did in the commit |
||
|
Peter Collingbourne
|
9f94c4bd2c |
UPSTREAM: arm64: kasan: mte: move GCR_EL1 switch to task switch when KASAN disabled
It is not necessary to write to GCR_EL1 on every kernel entry and
exit when HW tag-based KASAN is disabled because the kernel will not
execute any IRG instructions in that mode. Since accessing GCR_EL1
can be expensive on some microarchitectures, avoid doing so by moving
the access to task switch when HW tag-based KASAN is disabled.
Signed-off-by: Peter Collingbourne <pcc@google.com>
Acked-by: Andrey Konovalov <andreyknvl@gmail.com>
Link: https://linux-review.googlesource.com/id/I78e90d60612a94c24344526f476ac4ff216e10d2
Reviewed-by: Catalin Marinas <catalin.marinas@arm.com>
Link: https://lore.kernel.org/r/20210924010655.2886918-1-pcc@google.com
Signed-off-by: Will Deacon <will@kernel.org>
(cherry picked from commit
|
||
|
Mark Rutland
|
0a5156326b |
UPSTREAM: arm64: kasan: mte: use a constant kernel GCR_EL1 value
When KASAN_HW_TAGS is selected, KASAN is enabled at boot time, and the
hardware supports MTE, we'll initialize `kernel_gcr_excl` with a value
dependent on KASAN_TAG_MAX. While the resulting value is a constant
which depends on KASAN_TAG_MAX, we have to perform some runtime work to
generate the value, and have to read the value from memory during the
exception entry path. It would be better if we could generate this as a
constant at compile-time, and use it as such directly.
Early in boot within __cpu_setup(), we initialize GCR_EL1 to a safe
value, and later override this with the value required by KASAN. If
CONFIG_KASAN_HW_TAGS is not selected, or if KASAN is disabeld at boot
time, the kernel will not use IRG instructions, and so the initial value
of GCR_EL1 is does not matter to the kernel. Thus, we can instead have
__cpu_setup() initialize GCR_EL1 to a value consistent with
KASAN_TAG_MAX, and avoid the need to re-initialize it during hotplug and
resume form suspend.
This patch makes arem64 use a compile-time constant KERNEL_GCR_EL1
value, which is compatible with KASAN_HW_TAGS when this is selected.
This removes the need to re-initialize GCR_EL1 dynamically, and acts as
an optimization to the entry assembly, which no longer needs to load
this value from memory. The redundant initialization hooks are removed.
In order to do this, KASAN_TAG_MAX needs to be visible outside of the
core KASAN code. To do this, I've moved the KASAN_TAG_* values into
<linux/kasan-tags.h>.
There should be no functional change as a result of this patch.
Signed-off-by: Mark Rutland <mark.rutland@arm.com>
Cc: Alexander Potapenko <glider@google.com>
Cc: Andrey Konovalov <andreyknvl@gmail.com>
Cc: Andrey Ryabinin <ryabinin.a.a@gmail.com>
Cc: Dmitry Vyukov <dvyukov@google.com>
Cc: Peter Collingbourne <pcc@google.com>
Cc: Vincenzo Frascino <vincenzo.frascino@arm.com>
Cc: Will Deacon <will@kernel.org>
Reviewed-by: Catalin Marinas <catalin.marinas@arm.com>
Reviewed-by: Andrey Konovalov <andreyknvl@gmail.com>
Tested-by: Andrey Konovalov <andreyknvl@gmail.com>
Link: https://lore.kernel.org/r/20210714143843.56537-3-mark.rutland@arm.com
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
(cherry picked from commit
|
||
|
Marco Elver
|
47b2adaaa8 |
UPSTREAM: kasan: fix build by including kernel.h
The <linux/kasan.h> header relies on _RET_IP_ being defined, and had been receiving that definition via inclusion of bug.h which includes kernel.h. However, since |
||
|
David Gow
|
781ec5fa5b |
UPSTREAM: kasan: test: improve failure message in KUNIT_EXPECT_KASAN_FAIL()
The KUNIT_EXPECT_KASAN_FAIL() macro currently uses KUNIT_EXPECT_EQ() to
compare fail_data.report_expected and fail_data.report_found. This always
gave a somewhat useless error message on failure, but the addition of
extra compile-time checking with READ_ONCE() has caused it to get much
longer, and be truncated before anything useful is displayed.
Instead, just check fail_data.report_found by hand (we've just set
report_expected to 'true'), and print a better failure message with
KUNIT_FAIL(). Because of this, report_expected is no longer used
anywhere, and can be removed.
Beforehand, a failure in:
KUNIT_EXPECT_KASAN_FAIL(test, ((volatile char *)area)[3100]);
would have looked like:
[22:00:34] [FAILED] vmalloc_oob
[22:00:34] # vmalloc_oob: EXPECTATION FAILED at lib/test_kasan.c:991
[22:00:34] Expected ({ do { extern void __compiletime_assert_705(void) __attribute__((__error__("Unsupported access size for {READ,WRITE}_ONCE()."))); if (!((sizeof(fail_data.report_expected) == sizeof(char) || sizeof(fail_data.repp
[22:00:34] not ok 45 - vmalloc_oob
With this change, it instead looks like:
[22:04:04] [FAILED] vmalloc_oob
[22:04:04] # vmalloc_oob: EXPECTATION FAILED at lib/test_kasan.c:993
[22:04:04] KASAN failure expected in "((volatile char *)area)[3100]", but none occurred
[22:04:04] not ok 45 - vmalloc_oob
Also update the example failure in the documentation to reflect this.
Link: https://lkml.kernel.org/r/20210606005531.165954-1-davidgow@google.com
Signed-off-by: David Gow <davidgow@google.com>
Reviewed-by: Andrey Konovalov <andreyknvl@gmail.com>
Reviewed-by: Marco Elver <elver@google.com>
Acked-by: Brendan Higgins <brendanhiggins@google.com>
Cc: Andrey Ryabinin <ryabinin.a.a@gmail.com>
Cc: Dmitry Vyukov <dvyukov@google.com>
Cc: Daniel Axtens <dja@axtens.net>
Cc: David Gow <davidgow@google.com>
Cc: Jonathan Corbet <corbet@lwn.net>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
(cherry picked from commit
|
||
|
Eric Dumazet
|
8b6ad29032 |
UPSTREAM: net: add and use skb_unclone_keeptruesize() helper
While commit |
||
|
Andy Shevchenko
|
78c0c72de9 |
UPSTREAM: device property: Add missed header in fwnode.h
When adding some stuff to the header file we must not rely on implicit dependencies that are happen by luck or bugs in other headers. Hence fwnode.h needs to use bits.h directly. Fixes: |
||
|
Marco Elver
|
e5c6bb9cdb |
UPSTREAM: kfence: fix is_kfence_address() for addresses below KFENCE_POOL_SIZE
Originally the addr != NULL check was meant to take care of the case where __kfence_pool == NULL (KFENCE is disabled). However, this does not work for addresses where addr > 0 && addr < KFENCE_POOL_SIZE. This can be the case on NULL-deref where addr > 0 && addr < PAGE_SIZE or any other faulting access with addr < KFENCE_POOL_SIZE. While the kernel would likely crash, the stack traces and report might be confusing due to double faults upon KFENCE's attempt to unprotect such an address. Fix it by just checking that __kfence_pool != NULL instead. Link: https://lkml.kernel.org/r/20210818130300.2482437-1-elver@google.com Fixes: |
||
|
Kyle Tso
|
00e3210a2f |
ANDROID: usb: typec: tcpm: Add vendor hook to modify port src caps
Add a vendor hook to modify the port Source Capabilities. If the caps are changed and the port state is feasible, start a Power Negotiation AMS to update the current contract to the new one. Bug: 201006190 Bug: 206108037 Signed-off-by: Kyle Tso <kyletso@google.com> Change-Id: I8b524242353781cb39b3ba85c6a75bd5a204ebcf |
||
|
Marc Bonnici
|
6115643278 |
UPSTREAM: firmware: arm_ffa: Add support for MEM_LEND
As part of the FF-A spec, an endpoint is allowed to transfer access of,
or lend, a memory region to one or more borrowers.
Extend the existing memory sharing implementation to support
FF-A MEM_LEND functionality and expose this to other kernel drivers.
Note that upon a successful MEM_LEND request the caller must ensure that
the memory region specified is not accessed until a successful
MEM_RECALIM call has been made. On systems with a hypervisor present
this will been enforced, however on systems without a hypervisor the
responsibility falls to the calling kernel driver to prevent access.
Link: https://lore.kernel.org/r/20211015165742.2513065-1-marc.bonnici@arm.com
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Marc Bonnici <marc.bonnici@arm.com>
Signed-off-by: Sudeep Holla <sudeep.holla@arm.com>
(cherry picked from commit
|
||
|
Sudeep Holla
|
d33aef5719 |
UPSTREAM: firmware: arm_ffa: Add support for MEM_* interfaces
Most of the MEM_* APIs share the same parameters, so they can be
generalised. Currently only MEM_SHARE is implemented and the user space
interface for that is not added yet.
Link: https://lore.kernel.org/r/20210521151033.181846-6-sudeep.holla@arm.com
Tested-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Sudeep Holla <sudeep.holla@arm.com>
(cherry picked from commit
|
||
|
Sudeep Holla
|
60d19549ea |
UPSTREAM: firmware: arm_ffa: Setup in-kernel users of FFA partitions
Parse the FFA nodes from the device-tree and register all the partitions
whose services will be used in the kernel.
In order to also enable in-kernel users of FFA interface, let us add
simple set of operations for such devices.
The in-kernel users are registered without the character device interface.
Link: https://lore.kernel.org/r/20210521151033.181846-5-sudeep.holla@arm.com
Tested-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Sudeep Holla <sudeep.holla@arm.com>
(cherry picked from commit
|
||
|
Sudeep Holla
|
bbf206b65d |
UPSTREAM: firmware: arm_ffa: Add initial FFA bus support for device enumeration
The Arm FF for Armv8-A specification has concept of endpoints or
partitions. In the Normal world, a partition could be a VM when
the Virtualization extension is enabled or the kernel itself.
In order to handle multiple partitions, we can create a FFA device for
each such partition on a dedicated FFA bus. Similarly, different drivers
requiring FFA transport can be registered on the same bus. We can match
the device and drivers using UUID. This is mostly for the in-kernel
users with FFA drivers.
Link: https://lore.kernel.org/r/20210521151033.181846-2-sudeep.holla@arm.com
Tested-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Sudeep Holla <sudeep.holla@arm.com>
(cherry picked from commit
|
||
|
Greg Kroah-Hartman
|
193970ba72 |
Merge 5.10.99 into android13-5.10
Changes in 5.10.99 selinux: fix double free of cond_list on error paths audit: improve audit queue handling when "audit=1" on cmdline ASoC: ops: Reject out of bounds values in snd_soc_put_volsw() ASoC: ops: Reject out of bounds values in snd_soc_put_volsw_sx() ASoC: ops: Reject out of bounds values in snd_soc_put_xr_sx() ALSA: usb-audio: Correct quirk for VF0770 ALSA: hda: Fix UAF of leds class devs at unbinding ALSA: hda: realtek: Fix race at concurrent COEF updates ALSA: hda/realtek: Add quirk for ASUS GU603 ALSA: hda/realtek: Add missing fixup-model entry for Gigabyte X570 ALC1220 quirks ALSA: hda/realtek: Fix silent output on Gigabyte X570S Aorus Master (newer chipset) ALSA: hda/realtek: Fix silent output on Gigabyte X570 Aorus Xtreme after reboot from Windows btrfs: fix deadlock between quota disable and qgroup rescan worker drm/nouveau: fix off by one in BIOS boundary checking drm/amd/display: Force link_rate as LINK_RATE_RBR2 for 2018 15" Apple Retina panels nvme-fabrics: fix state check in nvmf_ctlr_matches_baseopts() mm/debug_vm_pgtable: remove pte entry from the page table mm/pgtable: define pte_index so that preprocessor could recognize it mm/kmemleak: avoid scanning potential huge holes block: bio-integrity: Advance seed correctly for larger interval sizes dma-buf: heaps: Fix potential spectre v1 gadget IB/hfi1: Fix AIP early init panic Revert "ASoC: mediatek: Check for error clk pointer" memcg: charge fs_context and legacy_fs_context RDMA/cma: Use correct address when leaving multicast group RDMA/ucma: Protect mc during concurrent multicast leaves IB/rdmavt: Validate remote_addr during loopback atomic tests RDMA/siw: Fix broken RDMA Read Fence/Resume logic. RDMA/mlx4: Don't continue event handler after memory allocation failure iommu/vt-d: Fix potential memory leak in intel_setup_irq_remapping() iommu/amd: Fix loop timeout issue in iommu_ga_log_enable() spi: bcm-qspi: check for valid cs before applying chip select spi: mediatek: Avoid NULL pointer crash in interrupt spi: meson-spicc: add IRQ check in meson_spicc_probe spi: uniphier: fix reference count leak in uniphier_spi_probe() net: ieee802154: hwsim: Ensure proper channel selection at probe time net: ieee802154: mcr20a: Fix lifs/sifs periods net: ieee802154: ca8210: Stop leaking skb's net: ieee802154: Return meaningful error codes from the netlink helpers net: macsec: Fix offload support for NETDEV_UNREGISTER event net: macsec: Verify that send_sci is on when setting Tx sci explicitly net: stmmac: dump gmac4 DMA registers correctly net: stmmac: ensure PTP time register reads are consistent drm/i915/overlay: Prevent divide by zero bugs in scaling ASoC: fsl: Add missing error handling in pcm030_fabric_probe ASoC: xilinx: xlnx_formatter_pcm: Make buffer bytes multiple of period bytes ASoC: cpcap: Check for NULL pointer after calling of_get_child_by_name ASoC: max9759: fix underflow in speaker_gain_control_put() pinctrl: intel: Fix a glitch when updating IRQ flags on a preconfigured line pinctrl: intel: fix unexpected interrupt pinctrl: bcm2835: Fix a few error paths scsi: bnx2fc: Make bnx2fc_recv_frame() mp safe nfsd: nfsd4_setclientid_confirm mistakenly expires confirmed client. gve: fix the wrong AdminQ buffer queue index check bpf: Use VM_MAP instead of VM_ALLOC for ringbuf selftests/exec: Remove pipe from TEST_GEN_FILES selftests: futex: Use variable MAKE instead of make tools/resolve_btfids: Do not print any commands when building silently rtc: cmos: Evaluate century appropriate Revert "fbcon: Disable accelerated scrolling" fbcon: Add option to enable legacy hardware acceleration perf stat: Fix display of grouped aliased events perf/x86/intel/pt: Fix crash with stop filters in single-range mode x86/perf: Default set FREEZE_ON_SMI for all EDAC/altera: Fix deferred probing EDAC/xgene: Fix deferred probing ext4: prevent used blocks from being allocated during fast commit replay ext4: modify the logic of ext4_mb_new_blocks_simple ext4: fix error handling in ext4_restore_inline_data() ext4: fix error handling in ext4_fc_record_modified_inode() ext4: fix incorrect type issue during replay_del_range net: dsa: mt7530: make NET_DSA_MT7530 select MEDIATEK_GE_PHY cgroup/cpuset: Fix "suspicious RCU usage" lockdep warning selftests: nft_concat_range: add test for reload with no element add/del Linux 5.10.99 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I3571b1ff035a83999daafa35157f96ebfd65ef0a |
||
|
Mike Rapoport
|
7053188ddb |
mm/pgtable: define pte_index so that preprocessor could recognize it
commit |
||
|
Greg Kroah-Hartman
|
a23e639396 |
Merge 5.10.97 into android13-5.10
Changes in 5.10.97 PCI: pciehp: Fix infinite loop in IRQ handler upon power fault net: ipa: fix atomic update in ipa_endpoint_replenish() net: ipa: use a bitmap for endpoint replenish_enabled net: ipa: prevent concurrent replenish Revert "drivers: bus: simple-pm-bus: Add support for probing simple bus only devices" KVM: x86: Forcibly leave nested virt when SMM state is toggled psi: Fix uaf issue when psi trigger is destroyed while being polled x86/mce: Add Xeon Sapphire Rapids to list of CPUs that support PPIN x86/cpu: Add Xeon Icelake-D to list of CPUs that support PPIN drm/vc4: hdmi: Make sure the device is powered with CEC cgroup-v1: Require capabilities to set release_agent net/mlx5e: Fix handling of wrong devices during bond netevent net/mlx5: Use del_timer_sync in fw reset flow of halting poll net/mlx5: E-Switch, Fix uninitialized variable modact ipheth: fix EOVERFLOW in ipheth_rcvbulk_callback net: amd-xgbe: ensure to reset the tx_timer_active flag net: amd-xgbe: Fix skb data length underflow fanotify: Fix stale file descriptor in copy_event_to_user() net: sched: fix use-after-free in tc_new_tfilter() rtnetlink: make sure to refresh master_dev/m_ops in __rtnl_newlink() cpuset: Fix the bug that subpart_cpus updated wrongly in update_cpumask() af_packet: fix data-race in packet_setsockopt / packet_setsockopt tcp: add missing tcp_skb_can_collapse() test in tcp_shift_skb_data() Linux 5.10.97 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I5fedd9e1819539df7b733cdfc7ff619bace1ece8 |
||
|
Suren Baghdasaryan
|
d4e4e61d4a |
psi: Fix uaf issue when psi trigger is destroyed while being polled
commit |
||
|
Greg Kroah-Hartman
|
7859e08c9c |
Merge 5.10.96 into android13-5.10
Changes in 5.10.96
Bluetooth: refactor malicious adv data check
media: venus: core: Drop second v4l2 device unregister
net: sfp: ignore disabled SFP node
net: stmmac: skip only stmmac_ptp_register when resume from suspend
s390/module: fix loading modules with a lot of relocations
s390/hypfs: include z/VM guests with access control group set
bpf: Guard against accessing NULL pt_regs in bpf_get_task_stack()
scsi: zfcp: Fix failed recovery on gone remote port with non-NPIV FCP devices
udf: Restore i_lenAlloc when inode expansion fails
udf: Fix NULL ptr deref when converting from inline format
efi: runtime: avoid EFIv2 runtime services on Apple x86 machines
PM: wakeup: simplify the output logic of pm_show_wakelocks()
tracing/histogram: Fix a potential memory leak for kstrdup()
tracing: Don't inc err_log entry count if entry allocation fails
ceph: properly put ceph_string reference after async create attempt
ceph: set pool_ns in new inode layout for async creates
fsnotify: fix fsnotify hooks in pseudo filesystems
Revert "KVM: SVM: avoid infinite loop on NPF from bad address"
perf/x86/intel/uncore: Fix CAS_COUNT_WRITE issue for ICX
drm/etnaviv: relax submit size limits
KVM: x86: Update vCPU's runtime CPUID on write to MSR_IA32_XSS
arm64: errata: Fix exec handling in erratum
|
||
|
Amir Goldstein
|
0b4e82403c |
fsnotify: invalidate dcache before IN_DELETE event
commit |
||
|
Eric Dumazet
|
bc58a5bb9e |
ipv4: remove sparse error in ip_neigh_gw4()
[ Upstream commit |
||
|
Guillaume Nault
|
869f1704f1 |
Revert "ipv6: Honor all IPv6 PIO Valid Lifetime values"
[ Upstream commit |
||
|
Peter Zijlstra
|
91b04e83c7 |
perf: Fix perf_event_read_local() time
[ Upstream commit |
||
|
Eric Dumazet
|
4cd0ef6215 |
ipv6: annotate accesses to fn->fn_sernum
commit |
||
|
Eric Dumazet
|
b26fed25e6 |
ipv4: avoid using shared IP generator for connected sockets
commit |