This is the start of the stable review cycle for the 5.15.40 release.
There are 21 patches in this series, all will be posted as a response
to this one. If anyone has any issues with these being applied, please
let me know.
Responses should be made by Sun, 15 May 2022 14:22:19 +0000.
Anything received after that time might be too late.
The whole patch series can be found in one patch at:
https://www.kernel.org/pub/linux/kernel/v5.x/stable-review/patch-5.15.40-rc1.gz
or in the git tree and branch at:
git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-5.15.y
and the diffstat can be found below.
thanks,
greg k-h
-------------
Pseudo-Shortlog of commits:
Greg Kroah-Hartman <[email protected]>
Linux 5.15.40-rc1
Peter Xu <[email protected]>
mm: fix invalid page pointer returned with FOLL_PIN gups
Miaohe Lin <[email protected]>
mm/mlock: fix potential imbalanced rlimit ucounts adjustment
Naoya Horiguchi <[email protected]>
mm/hwpoison: fix error page recovered but reported "not recovered"
Muchun Song <[email protected]>
mm: userfaultfd: fix missing cache flush in mcopy_atomic_pte() and __mcopy_atomic()
Muchun Song <[email protected]>
mm: shmem: fix missing cache flush in shmem_mfill_atomic_pte()
Muchun Song <[email protected]>
mm: hugetlb: fix missing cache flush in copy_huge_page_from_user()
Muchun Song <[email protected]>
mm: fix missing cache flush for all tail pages of compound page
Jan Kara <[email protected]>
udf: Avoid using stale lengthOfImpUse
Gleb Fotengauer-Malinovskiy <[email protected]>
rfkill: uapi: fix RFKILL_IOCTL_MAX_SIZE ioctl request definition
Itay Iellin <[email protected]>
Bluetooth: Fix the creation of hdev->name
Peter Zijlstra <[email protected]>
objtool: Fix SLS validation for kcov tail-call replacement
Peter Zijlstra <[email protected]>
crypto: x86/poly1305 - Fixup SLS
Borislav Petkov <[email protected]>
kvm/emulate: Fix SETcc emulation function offsets with SLS
Arnaldo Carvalho de Melo <[email protected]>
tools arch: Update arch/x86/lib/mem{cpy,set}_64.S copies used in 'perf bench mem memcpy'
Peter Zijlstra <[email protected]>
x86: Add straight-line-speculation mitigation
Masahiro Yamada <[email protected]>
kbuild: move objtool_args back to scripts/Makefile.build
Peter Zijlstra <[email protected]>
x86/alternative: Relax text_poke_bp() constraint
Peter Zijlstra <[email protected]>
objtool: Add straight-line-speculation validation
Peter Zijlstra <[email protected]>
x86: Prepare inline-asm for straight-line-speculation
Peter Zijlstra <[email protected]>
x86: Prepare asm files for straight-line-speculation
Peter Zijlstra <[email protected]>
x86/lib/atomic64_386_32: Rename things
-------------
Diffstat:
Makefile | 4 +-
arch/x86/Kconfig | 12 ++++
arch/x86/Makefile | 4 ++
arch/x86/boot/compressed/efi_thunk_64.S | 2 +-
arch/x86/boot/compressed/head_64.S | 8 +--
arch/x86/boot/compressed/mem_encrypt.S | 6 +-
arch/x86/crypto/aegis128-aesni-asm.S | 48 +++++++--------
arch/x86/crypto/aes_ctrby8_avx-x86_64.S | 2 +-
arch/x86/crypto/aesni-intel_asm.S | 56 ++++++++---------
arch/x86/crypto/aesni-intel_avx-x86_64.S | 40 ++++++-------
arch/x86/crypto/blake2s-core.S | 4 +-
arch/x86/crypto/blowfish-x86_64-asm_64.S | 12 ++--
arch/x86/crypto/camellia-aesni-avx-asm_64.S | 14 ++---
arch/x86/crypto/camellia-aesni-avx2-asm_64.S | 14 ++---
arch/x86/crypto/camellia-x86_64-asm_64.S | 12 ++--
arch/x86/crypto/cast5-avx-x86_64-asm_64.S | 12 ++--
arch/x86/crypto/cast6-avx-x86_64-asm_64.S | 10 ++--
arch/x86/crypto/chacha-avx2-x86_64.S | 6 +-
arch/x86/crypto/chacha-avx512vl-x86_64.S | 6 +-
arch/x86/crypto/chacha-ssse3-x86_64.S | 8 +--
arch/x86/crypto/crc32-pclmul_asm.S | 2 +-
arch/x86/crypto/crc32c-pcl-intel-asm_64.S | 2 +-
arch/x86/crypto/crct10dif-pcl-asm_64.S | 2 +-
arch/x86/crypto/des3_ede-asm_64.S | 4 +-
arch/x86/crypto/ghash-clmulni-intel_asm.S | 6 +-
arch/x86/crypto/nh-avx2-x86_64.S | 2 +-
arch/x86/crypto/nh-sse2-x86_64.S | 2 +-
arch/x86/crypto/poly1305-x86_64-cryptogams.pl | 38 ++++++------
arch/x86/crypto/serpent-avx-x86_64-asm_64.S | 10 ++--
arch/x86/crypto/serpent-avx2-asm_64.S | 10 ++--
arch/x86/crypto/serpent-sse2-i586-asm_32.S | 6 +-
arch/x86/crypto/serpent-sse2-x86_64-asm_64.S | 6 +-
arch/x86/crypto/sha1_avx2_x86_64_asm.S | 2 +-
arch/x86/crypto/sha1_ni_asm.S | 2 +-
arch/x86/crypto/sha1_ssse3_asm.S | 2 +-
arch/x86/crypto/sha256-avx-asm.S | 2 +-
arch/x86/crypto/sha256-avx2-asm.S | 2 +-
arch/x86/crypto/sha256-ssse3-asm.S | 2 +-
arch/x86/crypto/sha256_ni_asm.S | 2 +-
arch/x86/crypto/sha512-avx-asm.S | 2 +-
arch/x86/crypto/sha512-avx2-asm.S | 2 +-
arch/x86/crypto/sha512-ssse3-asm.S | 2 +-
arch/x86/crypto/sm4-aesni-avx-asm_64.S | 12 ++--
arch/x86/crypto/sm4-aesni-avx2-asm_64.S | 8 +--
arch/x86/crypto/twofish-avx-x86_64-asm_64.S | 10 ++--
arch/x86/crypto/twofish-i586-asm_32.S | 4 +-
arch/x86/crypto/twofish-x86_64-asm_64-3way.S | 6 +-
arch/x86/crypto/twofish-x86_64-asm_64.S | 4 +-
arch/x86/entry/entry_32.S | 2 +-
arch/x86/entry/entry_64.S | 10 ++--
arch/x86/entry/thunk_32.S | 2 +-
arch/x86/entry/thunk_64.S | 2 +-
arch/x86/entry/vdso/vdso32/system_call.S | 2 +-
arch/x86/entry/vdso/vsgx.S | 2 +-
arch/x86/entry/vsyscall/vsyscall_emu_64.S | 6 +-
arch/x86/include/asm/linkage.h | 14 +++++
arch/x86/include/asm/paravirt.h | 2 +-
arch/x86/include/asm/qspinlock_paravirt.h | 4 +-
arch/x86/include/asm/static_call.h | 2 +-
arch/x86/kernel/acpi/wakeup_32.S | 6 +-
arch/x86/kernel/alternative.c | 51 +++++++++++-----
arch/x86/kernel/ftrace.c | 2 +-
arch/x86/kernel/ftrace_32.S | 6 +-
arch/x86/kernel/ftrace_64.S | 10 ++--
arch/x86/kernel/head_32.S | 2 +-
arch/x86/kernel/irqflags.S | 2 +-
arch/x86/kernel/kprobes/core.c | 2 +-
arch/x86/kernel/paravirt.c | 2 +-
arch/x86/kernel/relocate_kernel_32.S | 10 ++--
arch/x86/kernel/relocate_kernel_64.S | 10 ++--
arch/x86/kernel/sev_verify_cbit.S | 2 +-
arch/x86/kernel/static_call.c | 5 +-
arch/x86/kernel/verify_cpu.S | 4 +-
arch/x86/kvm/emulate.c | 23 +++++--
arch/x86/kvm/svm/vmenter.S | 4 +-
arch/x86/kvm/vmx/vmenter.S | 14 ++---
arch/x86/lib/atomic64_386_32.S | 86 +++++++++++++++------------
arch/x86/lib/atomic64_cx8_32.S | 16 ++---
arch/x86/lib/checksum_32.S | 8 +--
arch/x86/lib/clear_page_64.S | 6 +-
arch/x86/lib/cmpxchg16b_emu.S | 4 +-
arch/x86/lib/cmpxchg8b_emu.S | 4 +-
arch/x86/lib/copy_mc_64.S | 6 +-
arch/x86/lib/copy_page_64.S | 4 +-
arch/x86/lib/copy_user_64.S | 12 ++--
arch/x86/lib/csum-copy_64.S | 2 +-
arch/x86/lib/error-inject.c | 3 +-
arch/x86/lib/getuser.S | 22 +++----
arch/x86/lib/hweight.S | 6 +-
arch/x86/lib/iomap_copy_64.S | 2 +-
arch/x86/lib/memcpy_64.S | 12 ++--
arch/x86/lib/memmove_64.S | 4 +-
arch/x86/lib/memset_64.S | 6 +-
arch/x86/lib/msr-reg.S | 4 +-
arch/x86/lib/putuser.S | 6 +-
arch/x86/lib/retpoline.S | 4 +-
arch/x86/math-emu/div_Xsig.S | 2 +-
arch/x86/math-emu/div_small.S | 2 +-
arch/x86/math-emu/mul_Xsig.S | 6 +-
arch/x86/math-emu/polynom_Xsig.S | 2 +-
arch/x86/math-emu/reg_norm.S | 6 +-
arch/x86/math-emu/reg_round.S | 2 +-
arch/x86/math-emu/reg_u_add.S | 2 +-
arch/x86/math-emu/reg_u_div.S | 2 +-
arch/x86/math-emu/reg_u_mul.S | 2 +-
arch/x86/math-emu/reg_u_sub.S | 2 +-
arch/x86/math-emu/round_Xsig.S | 4 +-
arch/x86/math-emu/shr_Xsig.S | 8 +--
arch/x86/math-emu/wm_shrx.S | 16 ++---
arch/x86/mm/mem_encrypt_boot.S | 4 +-
arch/x86/platform/efi/efi_stub_32.S | 2 +-
arch/x86/platform/efi/efi_stub_64.S | 2 +-
arch/x86/platform/efi/efi_thunk_64.S | 2 +-
arch/x86/platform/olpc/xo1-wakeup.S | 6 +-
arch/x86/power/hibernate_asm_32.S | 4 +-
arch/x86/power/hibernate_asm_64.S | 4 +-
arch/x86/um/checksum_32.S | 4 +-
arch/x86/um/setjmp_32.S | 2 +-
arch/x86/um/setjmp_64.S | 2 +-
arch/x86/xen/xen-asm.S | 12 ++--
arch/x86/xen/xen-head.S | 2 +-
fs/udf/namei.c | 8 +--
include/net/bluetooth/hci_core.h | 3 +
include/uapi/linux/rfkill.h | 2 +-
mm/gup.c | 2 +-
mm/memory-failure.c | 4 +-
mm/memory.c | 2 +
mm/migrate.c | 7 ++-
mm/mlock.c | 1 +
mm/shmem.c | 4 +-
mm/userfaultfd.c | 3 +
net/bluetooth/hci_core.c | 6 +-
samples/ftrace/ftrace-direct-modify.c | 4 +-
samples/ftrace/ftrace-direct-too.c | 2 +-
samples/ftrace/ftrace-direct.c | 2 +-
scripts/Makefile.build | 11 ++++
scripts/Makefile.lib | 11 ----
scripts/link-vmlinux.sh | 3 +
tools/arch/x86/lib/memcpy_64.S | 12 ++--
tools/arch/x86/lib/memset_64.S | 6 +-
tools/objtool/arch/x86/decode.c | 13 ++--
tools/objtool/builtin-check.c | 3 +-
tools/objtool/check.c | 24 ++++++++
tools/objtool/include/objtool/arch.h | 1 +
tools/objtool/include/objtool/builtin.h | 2 +-
145 files changed, 608 insertions(+), 484 deletions(-)
From: Peter Zijlstra <[email protected]>
[ Upstream commit 7a53f408902d913cd541b4f8ad7dbcd4961f5b82 ]
Since not all compilers have a function attribute to disable KCOV
instrumentation, objtool can rewrite KCOV instrumentation in noinstr
functions as per commit:
f56dae88a81f ("objtool: Handle __sanitize_cov*() tail calls")
However, this has subtle interaction with the SLS validation from
commit:
1cc1e4c8aab4 ("objtool: Add straight-line-speculation validation")
In that when a tail-call instrucion is replaced with a RET an
additional INT3 instruction is also written, but is not represented in
the decoded instruction stream.
This then leads to false positive missing INT3 objtool warnings in
noinstr code.
Instead of adding additional struct instruction objects, mark the RET
instruction with retpoline_safe to suppress the warning (since we know
there really is an INT3).
Fixes: 1cc1e4c8aab4 ("objtool: Add straight-line-speculation validation")
Signed-off-by: Peter Zijlstra (Intel) <[email protected]>
Link: https://lkml.kernel.org/r/[email protected]
Signed-off-by: Sasha Levin <[email protected]>
Signed-off-by: Greg Kroah-Hartman <[email protected]>
---
tools/objtool/check.c | 10 ++++++++++
1 file changed, 10 insertions(+)
--- a/tools/objtool/check.c
+++ b/tools/objtool/check.c
@@ -871,6 +871,16 @@ static void add_call_dest(struct objtool
: arch_nop_insn(insn->len));
insn->type = sibling ? INSN_RETURN : INSN_NOP;
+
+ if (sibling) {
+ /*
+ * We've replaced the tail-call JMP insn by two new
+ * insn: RET; INT3, except we only have a single struct
+ * insn here. Mark it retpoline_safe to avoid the SLS
+ * warning, instead of adding another insn.
+ */
+ insn->retpoline_safe = true;
+ }
}
if (mcount && !strcmp(insn->call_dest->name, "__fentry__")) {
From: Arnaldo Carvalho de Melo <[email protected]>
[ Upstream commit 35cb8c713a496e8c114eed5e2a5a30b359876df2 ]
To bring in the change made in this cset:
f94909ceb1ed4bfd ("x86: Prepare asm files for straight-line-speculation")
It silences these perf tools build warnings, no change in the tools:
Warning: Kernel ABI header at 'tools/arch/x86/lib/memcpy_64.S' differs from latest version at 'arch/x86/lib/memcpy_64.S'
diff -u tools/arch/x86/lib/memcpy_64.S arch/x86/lib/memcpy_64.S
Warning: Kernel ABI header at 'tools/arch/x86/lib/memset_64.S' differs from latest version at 'arch/x86/lib/memset_64.S'
diff -u tools/arch/x86/lib/memset_64.S arch/x86/lib/memset_64.S
The code generated was checked before and after using 'objdump -d /tmp/build/perf/bench/mem-memcpy-x86-64-asm.o',
no changes.
Cc: Borislav Petkov <[email protected]>
Cc: Peter Zijlstra <[email protected]>
Signed-off-by: Arnaldo Carvalho de Melo <[email protected]>
Signed-off-by: Sasha Levin <[email protected]>
Signed-off-by: Greg Kroah-Hartman <[email protected]>
---
tools/arch/x86/lib/memcpy_64.S | 12 ++++++------
tools/arch/x86/lib/memset_64.S | 6 +++---
2 files changed, 9 insertions(+), 9 deletions(-)
--- a/tools/arch/x86/lib/memcpy_64.S
+++ b/tools/arch/x86/lib/memcpy_64.S
@@ -39,7 +39,7 @@ SYM_FUNC_START_WEAK(memcpy)
rep movsq
movl %edx, %ecx
rep movsb
- ret
+ RET
SYM_FUNC_END(memcpy)
SYM_FUNC_END_ALIAS(__memcpy)
EXPORT_SYMBOL(memcpy)
@@ -53,7 +53,7 @@ SYM_FUNC_START_LOCAL(memcpy_erms)
movq %rdi, %rax
movq %rdx, %rcx
rep movsb
- ret
+ RET
SYM_FUNC_END(memcpy_erms)
SYM_FUNC_START_LOCAL(memcpy_orig)
@@ -137,7 +137,7 @@ SYM_FUNC_START_LOCAL(memcpy_orig)
movq %r9, 1*8(%rdi)
movq %r10, -2*8(%rdi, %rdx)
movq %r11, -1*8(%rdi, %rdx)
- retq
+ RET
.p2align 4
.Lless_16bytes:
cmpl $8, %edx
@@ -149,7 +149,7 @@ SYM_FUNC_START_LOCAL(memcpy_orig)
movq -1*8(%rsi, %rdx), %r9
movq %r8, 0*8(%rdi)
movq %r9, -1*8(%rdi, %rdx)
- retq
+ RET
.p2align 4
.Lless_8bytes:
cmpl $4, %edx
@@ -162,7 +162,7 @@ SYM_FUNC_START_LOCAL(memcpy_orig)
movl -4(%rsi, %rdx), %r8d
movl %ecx, (%rdi)
movl %r8d, -4(%rdi, %rdx)
- retq
+ RET
.p2align 4
.Lless_3bytes:
subl $1, %edx
@@ -180,7 +180,7 @@ SYM_FUNC_START_LOCAL(memcpy_orig)
movb %cl, (%rdi)
.Lend:
- retq
+ RET
SYM_FUNC_END(memcpy_orig)
.popsection
--- a/tools/arch/x86/lib/memset_64.S
+++ b/tools/arch/x86/lib/memset_64.S
@@ -40,7 +40,7 @@ SYM_FUNC_START(__memset)
movl %edx,%ecx
rep stosb
movq %r9,%rax
- ret
+ RET
SYM_FUNC_END(__memset)
SYM_FUNC_END_ALIAS(memset)
EXPORT_SYMBOL(memset)
@@ -63,7 +63,7 @@ SYM_FUNC_START_LOCAL(memset_erms)
movq %rdx,%rcx
rep stosb
movq %r9,%rax
- ret
+ RET
SYM_FUNC_END(memset_erms)
SYM_FUNC_START_LOCAL(memset_orig)
@@ -125,7 +125,7 @@ SYM_FUNC_START_LOCAL(memset_orig)
.Lende:
movq %r10,%rax
- ret
+ RET
.Lbad_alignment:
cmpq $7,%rdx
From: Masahiro Yamada <[email protected]>
[ Upstream commit 8f0c32c788fffa8e88f995372415864039347c8a ]
Commit b1a1a1a09b46 ("kbuild: lto: postpone objtool") moved objtool_args
to Makefile.lib, so the arguments can be used in Makefile.modfinal as
well as Makefile.build.
With commit 850ded46c642 ("kbuild: Fix TRIM_UNUSED_KSYMS with
LTO_CLANG"), module LTO linking came back to scripts/Makefile.build
again.
So, there is no more reason to keep objtool_args in a separate file.
Get it back to the original place, close to the objtool command.
Remove the stale comment too.
Signed-off-by: Masahiro Yamada <[email protected]>
Reviewed-by: Kees Cook <[email protected]>
Acked-by: Josh Poimboeuf <[email protected]>
Signed-off-by: Sasha Levin <[email protected]>
Signed-off-by: Greg Kroah-Hartman <[email protected]>
---
scripts/Makefile.build | 10 ++++++++++
scripts/Makefile.lib | 11 -----------
2 files changed, 10 insertions(+), 11 deletions(-)
--- a/scripts/Makefile.build
+++ b/scripts/Makefile.build
@@ -224,6 +224,16 @@ cmd_record_mcount = $(if $(findstring $(
endif # CONFIG_FTRACE_MCOUNT_USE_RECORDMCOUNT
ifdef CONFIG_STACK_VALIDATION
+
+objtool_args = \
+ $(if $(CONFIG_UNWINDER_ORC),orc generate,check) \
+ $(if $(part-of-module), --module) \
+ $(if $(CONFIG_FRAME_POINTER),, --no-fp) \
+ $(if $(CONFIG_GCOV_KERNEL)$(CONFIG_LTO_CLANG), --no-unreachable)\
+ $(if $(CONFIG_RETPOLINE), --retpoline) \
+ $(if $(CONFIG_X86_SMAP), --uaccess) \
+ $(if $(CONFIG_FTRACE_MCOUNT_USE_OBJTOOL), --mcount)
+
ifndef CONFIG_LTO_CLANG
__objtool_obj := $(objtree)/tools/objtool/objtool
--- a/scripts/Makefile.lib
+++ b/scripts/Makefile.lib
@@ -232,17 +232,6 @@ ifeq ($(CONFIG_LTO_CLANG),y)
mod-prelink-ext := .lto
endif
-# Objtool arguments are also needed for modfinal with LTO, so we define
-# then here to avoid duplication.
-objtool_args = \
- $(if $(CONFIG_UNWINDER_ORC),orc generate,check) \
- $(if $(part-of-module), --module) \
- $(if $(CONFIG_FRAME_POINTER),, --no-fp) \
- $(if $(CONFIG_GCOV_KERNEL)$(CONFIG_LTO_CLANG), --no-unreachable)\
- $(if $(CONFIG_RETPOLINE), --retpoline) \
- $(if $(CONFIG_X86_SMAP), --uaccess) \
- $(if $(CONFIG_FTRACE_MCOUNT_USE_OBJTOOL), --mcount)
-
# Useful for describing the dependency of composite objects
# Usage:
# $(call multi_depend, multi_used_targets, suffix_to_remove, suffix_to_add)
From: Borislav Petkov <[email protected]>
[ Upstream commit fe83f5eae432ccc8e90082d6ed506d5233547473 ]
The commit in Fixes started adding INT3 after RETs as a mitigation
against straight-line speculation.
The fastop SETcc implementation in kvm's insn emulator uses macro magic
to generate all possible SETcc functions and to jump to them when
emulating the respective instruction.
However, it hardcodes the size and alignment of those functions to 4: a
three-byte SETcc insn and a single-byte RET. BUT, with SLS, there's an
INT3 that gets slapped after the RET, which brings the whole scheme out
of alignment:
15: 0f 90 c0 seto %al
18: c3 ret
19: cc int3
1a: 0f 1f 00 nopl (%rax)
1d: 0f 91 c0 setno %al
20: c3 ret
21: cc int3
22: 0f 1f 00 nopl (%rax)
25: 0f 92 c0 setb %al
28: c3 ret
29: cc int3
and this explodes like this:
int3: 0000 [#1] PREEMPT SMP PTI
CPU: 0 PID: 2435 Comm: qemu-system-x86 Not tainted 5.17.0-rc8-sls #1
Hardware name: Dell Inc. Precision WorkStation T3400 /0TP412, BIOS A14 04/30/2012
RIP: 0010:setc+0x5/0x8 [kvm]
Code: 00 00 0f 1f 00 0f b6 05 43 24 06 00 c3 cc 0f 1f 80 00 00 00 00 0f 90 c0 c3 cc 0f \
1f 00 0f 91 c0 c3 cc 0f 1f 00 0f 92 c0 c3 cc <0f> 1f 00 0f 93 c0 c3 cc 0f 1f 00 \
0f 94 c0 c3 cc 0f 1f 00 0f 95 c0
Call Trace:
<TASK>
? x86_emulate_insn [kvm]
? x86_emulate_instruction [kvm]
? vmx_handle_exit [kvm_intel]
? kvm_arch_vcpu_ioctl_run [kvm]
? kvm_vcpu_ioctl [kvm]
? __x64_sys_ioctl
? do_syscall_64
? entry_SYSCALL_64_after_hwframe
</TASK>
Raise the alignment value when SLS is enabled and use a macro for that
instead of hard-coding naked numbers.
Fixes: e463a09af2f0 ("x86: Add straight-line-speculation mitigation")
Reported-by: Jamie Heilman <[email protected]>
Signed-off-by: Borislav Petkov <[email protected]>
Acked-by: Peter Zijlstra (Intel) <[email protected]>
Tested-by: Jamie Heilman <[email protected]>
Link: https://lore.kernel.org/r/[email protected]
[Add a comment and a bit of safety checking, since this is going to be changed
again for IBT support. - Paolo]
Signed-off-by: Paolo Bonzini <[email protected]>
Signed-off-by: Sasha Levin <[email protected]>
Signed-off-by: Greg Kroah-Hartman <[email protected]>
---
arch/x86/kvm/emulate.c | 19 +++++++++++++++++--
1 file changed, 17 insertions(+), 2 deletions(-)
--- a/arch/x86/kvm/emulate.c
+++ b/arch/x86/kvm/emulate.c
@@ -427,8 +427,23 @@ static int fastop(struct x86_emulate_ctx
FOP_END
/* Special case for SETcc - 1 instruction per cc */
+
+/*
+ * Depending on .config the SETcc functions look like:
+ *
+ * SETcc %al [3 bytes]
+ * RET [1 byte]
+ * INT3 [1 byte; CONFIG_SLS]
+ *
+ * Which gives possible sizes 4 or 5. When rounded up to the
+ * next power-of-two alignment they become 4 or 8.
+ */
+#define SETCC_LENGTH (4 + IS_ENABLED(CONFIG_SLS))
+#define SETCC_ALIGN (4 << IS_ENABLED(CONFIG_SLS))
+static_assert(SETCC_LENGTH <= SETCC_ALIGN);
+
#define FOP_SETCC(op) \
- ".align 4 \n\t" \
+ ".align " __stringify(SETCC_ALIGN) " \n\t" \
".type " #op ", @function \n\t" \
#op ": \n\t" \
#op " %al \n\t" \
@@ -1053,7 +1068,7 @@ static int em_bsr_c(struct x86_emulate_c
static __always_inline u8 test_cc(unsigned int condition, unsigned long flags)
{
u8 rc;
- void (*fop)(void) = (void *)em_setcc + 4 * (condition & 0xf);
+ void (*fop)(void) = (void *)em_setcc + SETCC_ALIGN * (condition & 0xf);
flags = (flags & EFLAGS_MASK) | X86_EFLAGS_IF;
asm("push %[flags]; popf; " CALL_NOSPEC
From: Muchun Song <[email protected]>
commit e763243cc6cb1fcc720ec58cfd6e7c35ae90a479 upstream.
userfaultfd calls copy_huge_page_from_user() which does not do any cache
flushing for the target page. Then the target page will be mapped to
the user space with a different address (user address), which might have
an alias issue with the kernel address used to copy the data from the
user to.
Fix this issue by flushing dcache in copy_huge_page_from_user().
Link: https://lkml.kernel.org/r/[email protected]
Fixes: fa4d75c1de13 ("userfaultfd: hugetlbfs: add copy_huge_page_from_user for hugetlb userfaultfd support")
Signed-off-by: Muchun Song <[email protected]>
Reviewed-by: Mike Kravetz <[email protected]>
Cc: Axel Rasmussen <[email protected]>
Cc: David Rientjes <[email protected]>
Cc: Fam Zheng <[email protected]>
Cc: Kirill A. Shutemov <[email protected]>
Cc: Lars Persson <[email protected]>
Cc: Peter Xu <[email protected]>
Cc: Xiongchun Duan <[email protected]>
Cc: Zi Yan <[email protected]>
Signed-off-by: Andrew Morton <[email protected]>
Signed-off-by: Linus Torvalds <[email protected]>
Signed-off-by: Greg Kroah-Hartman <[email protected]>
---
mm/memory.c | 2 ++
1 file changed, 2 insertions(+)
--- a/mm/memory.c
+++ b/mm/memory.c
@@ -5467,6 +5467,8 @@ long copy_huge_page_from_user(struct pag
if (rc)
break;
+ flush_dcache_page(subpage);
+
cond_resched();
}
return ret_val;
On 5/13/22 07:23, Greg Kroah-Hartman wrote:
> This is the start of the stable review cycle for the 5.15.40 release.
> There are 21 patches in this series, all will be posted as a response
> to this one. If anyone has any issues with these being applied, please
> let me know.
>
> Responses should be made by Sun, 15 May 2022 14:22:19 +0000.
> Anything received after that time might be too late.
>
> The whole patch series can be found in one patch at:
> https://www.kernel.org/pub/linux/kernel/v5.x/stable-review/patch-5.15.40-rc1.gz
> or in the git tree and branch at:
> git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-5.15.y
> and the diffstat can be found below.
>
> thanks,
>
> greg k-h
On ARCH_BRCMSTB using 32-bit and 64-bit ARM kernels:
Tested-by: Florian Fainelli <[email protected]>
--
Florian
On Fri, 13 May 2022 16:23:42 +0200, Greg Kroah-Hartman <[email protected]> wrote:
> This is the start of the stable review cycle for the 5.15.40 release.
> There are 21 patches in this series, all will be posted as a response
> to this one. If anyone has any issues with these being applied, please
> let me know.
>
> Responses should be made by Sun, 15 May 2022 14:22:19 +0000.
> Anything received after that time might be too late.
>
> The whole patch series can be found in one patch at:
> https://www.kernel.org/pub/linux/kernel/v5.x/stable-review/patch-5.15.40-rc1.gz
> or in the git tree and branch at:
> git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-5.15.y
> and the diffstat can be found below.
>
> thanks,
>
> greg k-h
>
5.15.40-rc1 Successfully Compiled and booted on my Raspberry PI 4b (8g) (bcm2711)
Tested-by: Fox Chen <[email protected]>
On Fri, May 13, 2022 at 04:23:42PM +0200, Greg Kroah-Hartman wrote:
> This is the start of the stable review cycle for the 5.15.40 release.
> There are 21 patches in this series, all will be posted as a response
> to this one. If anyone has any issues with these being applied, please
> let me know.
>
> Responses should be made by Sun, 15 May 2022 14:22:19 +0000.
> Anything received after that time might be too late.
>
Build results:
total: 156 pass: 156 fail: 0
Qemu test results:
total: 488 pass: 488 fail: 0
Tested-by: Guenter Roeck <[email protected]>
Guenter
On Fri, 13 May 2022 at 19:58, Greg Kroah-Hartman
<[email protected]> wrote:
>
> This is the start of the stable review cycle for the 5.15.40 release.
> There are 21 patches in this series, all will be posted as a response
> to this one. If anyone has any issues with these being applied, please
> let me know.
>
> Responses should be made by Sun, 15 May 2022 14:22:19 +0000.
> Anything received after that time might be too late.
>
> The whole patch series can be found in one patch at:
> https://www.kernel.org/pub/linux/kernel/v5.x/stable-review/patch-5.15.40-rc1.gz
> or in the git tree and branch at:
> git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-5.15.y
> and the diffstat can be found below.
>
> thanks,
>
> greg k-h
Results from Linaro’s test farm.
No regressions on arm64, arm, x86_64, and i386.
Tested-by: Linux Kernel Functional Testing <[email protected]>
## Build
* kernel: 5.15.40-rc1
* git: https://gitlab.com/Linaro/lkft/mirrors/stable/linux-stable-rc
* git branch: linux-5.15.y
* git commit: 13b089c28632ad5a051bdbb1951ee189f96b01fd
* git describe: v5.15.39-22-g13b089c28632
* test details:
https://qa-reports.linaro.org/lkft/linux-stable-rc-linux-5.15.y/build/v5.15.39-22-g13b089c28632
## Test Regressions (compared to v5.15.38-136-g60041d098524)
No test regressions found.
## Metric Regressions (compared to v5.15.38-136-g60041d098524)
No metric regressions found.
## Test Fixes (compared to v5.15.38-136-g60041d098524)
No test fixes found.
## Metric Fixes (compared to v5.15.38-136-g60041d098524)
No metric fixes found.
## Test result summary
total: 110223, pass: 92720, fail: 1126, skip: 15100, xfail: 1277
## Build Summary
* arc: 10 total, 10 passed, 0 failed
* arm: 296 total, 293 passed, 3 failed
* arm64: 47 total, 47 passed, 0 failed
* dragonboard-410c: 1 total, 1 passed, 0 failed
* hi6220-hikey: 1 total, 1 passed, 0 failed
* i386: 45 total, 41 passed, 4 failed
* juno-r2: 1 total, 1 passed, 0 failed
* mips: 41 total, 38 passed, 3 failed
* parisc: 14 total, 14 passed, 0 failed
* powerpc: 59 total, 56 passed, 3 failed
* riscv: 27 total, 27 passed, 0 failed
* s390: 26 total, 23 passed, 3 failed
* sh: 26 total, 24 passed, 2 failed
* sparc: 14 total, 14 passed, 0 failed
* x15: 1 total, 1 passed, 0 failed
* x86: 1 total, 1 passed, 0 failed
* x86_64: 47 total, 47 passed, 0 failed
## Test suites summary
* fwts
* igt-gpu-tools
* kselftest-
* kselftest-android
* kselftest-arm64
* kselftest-bpf
* kselftest-breakpoints
* kselftest-capabilities
* kselftest-cgroup
* kselftest-clone3
* kselftest-core
* kselftest-cpu-hotplug
* kselftest-cpufreq
* kselftest-drivers
* kselftest-efivarfs
* kselftest-filesystems
* kselftest-firmware
* kselftest-fpu
* kselftest-futex
* kselftest-gpio
* kselftest-intel_pstate
* kselftest-ipc
* kselftest-ir
* kselftest-kcmp
* kselftest-kexec
* kselftest-kvm
* kselftest-lib
* kselftest-livepatch
* kselftest-membarrier
* kselftest-memfd
* kselftest-memory-hotplug
* kselftest-mincore
* kselftest-mount
* kselftest-mqueue
* kselftest-net
* kselftest-netfilter
* kselftest-nsfs
* kselftest-openat2
* kselftest-pid_namespace
* kselftest-pidfd
* kselftest-proc
* kselftest-pstore
* kselftest-ptrace
* kselftest-rseq
* kselftest-rtc
* kselftest-seccomp
* kselftest-sigaltstack
* kselftest-size
* kselftest-splice
* kselftest-static_keys
* kselftest-sync
* kselftest-sysctl
* kselftest-tc-testing
* kselftest-timens
* kselftest-timers
* kselftest-tmpfs
* kselftest-tpm2
* kselftest-user
* kselftest-vm
* kselftest-x86
* kselftest-zram
* kunit
* kvm-unit-tests
* libgpiod
* libhugetlbfs
* linux-log-parser
* ltp-cap_bounds-tests
* ltp-commands-tests
* ltp-containers-tests
* ltp-controllers-tests
* ltp-cpuhotplug-tests
* ltp-crypto-tests
* ltp-cve-tests
* ltp-dio-tests
* ltp-fcntl-locktests-tests
* ltp-filecaps-tests
* ltp-fs-tests
* ltp-fs_bind-tests
* ltp-fs_perms_simple-tests
* ltp-fsx-tests
* ltp-hugetlb-tests
* ltp-io-tests
* ltp-ipc-tests
* ltp-math-tests
* ltp-mm-tests
* ltp-nptl-tests
* ltp-open-posix-tests
* ltp-pty-tests
* ltp-sched-tests
* ltp-securebits-tests
* ltp-syscalls-tests
* ltp-tracing-tests
* network-basic-tests
* packetdrill
* perf
* rcutorture
* ssuite
* v4l2-compliance
* vdso
--
Linaro LKFT
https://lkft.linaro.org
On 5/13/22 7:23 AM, Greg Kroah-Hartman wrote:
> This is the start of the stable review cycle for the 5.15.40 release.
> There are 21 patches in this series, all will be posted as a response
> to this one. If anyone has any issues with these being applied, please
> let me know.
>
> Responses should be made by Sun, 15 May 2022 14:22:19 +0000.
> Anything received after that time might be too late.
>
> The whole patch series can be found in one patch at:
> https://www.kernel.org/pub/linux/kernel/v5.x/stable-review/patch-5.15.40-rc1.gz
> or in the git tree and branch at:
> git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-5.15.y
> and the diffstat can be found below.
>
> thanks,
>
> greg k-h
Built and booted successfully on RISC-V RV64 (HiFive Unmatched).
Tested-by: Ron Economos <[email protected]>
Hi Greg,
On Fri, May 13, 2022 at 04:23:42PM +0200, Greg Kroah-Hartman wrote:
> This is the start of the stable review cycle for the 5.15.40 release.
> There are 21 patches in this series, all will be posted as a response
> to this one. If anyone has any issues with these being applied, please
> let me know.
>
> Responses should be made by Sun, 15 May 2022 14:22:19 +0000.
> Anything received after that time might be too late.
Build test:
mips (gcc version 11.2.1 20220408): 62 configs -> no failure
arm (gcc version 11.2.1 20220408): 100 configs -> no new failure
arm64 (gcc version 11.2.1 20220408): 3 configs -> no failure
x86_64 (gcc version 11.2.1 20220408): 4 configs -> no failure
Boot test:
x86_64: Booted on my test laptop. No regression.
x86_64: Booted on qemu. No regression. [1]
arm64: Booted on rpi4b (4GB model). No regression. [2]
mips: Booted on ci20 board. No regression. [3]
[1]. https://openqa.qa.codethink.co.uk/tests/1141
[2]. https://openqa.qa.codethink.co.uk/tests/1145
[3]. https://openqa.qa.codethink.co.uk/tests/1142
Tested-by: Sudip Mukherjee <[email protected]>
--
Regards
Sudip