]> git.ipfire.org Git - thirdparty/kernel/stable-queue.git/commitdiff
fixes for 4.4
authorSasha Levin <sashal@kernel.org>
Sat, 28 Sep 2019 00:58:08 +0000 (20:58 -0400)
committerSasha Levin <sashal@kernel.org>
Sat, 28 Sep 2019 00:58:08 +0000 (20:58 -0400)
Signed-off-by: Sasha Levin <sashal@kernel.org>
queue-4.4/f2fs-check-all-the-data-segments-against-all-node-on.patch [new file with mode: 0644]
queue-4.4/irqchip-gic-v3-its-fix-lpi-release-for-multi-msi-dev.patch [new file with mode: 0644]
queue-4.4/revert-f2fs-avoid-out-of-range-memory-access.patch [new file with mode: 0644]
queue-4.4/series

diff --git a/queue-4.4/f2fs-check-all-the-data-segments-against-all-node-on.patch b/queue-4.4/f2fs-check-all-the-data-segments-against-all-node-on.patch
new file mode 100644 (file)
index 0000000..eb76e63
--- /dev/null
@@ -0,0 +1,44 @@
+From d5e98b5c33d8f1e7eaa55072be3ada10e56ee652 Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Fri, 23 Aug 2019 15:40:45 -0700
+Subject: f2fs: check all the data segments against all node ones
+
+From: Surbhi Palande <f2fsnewbie@gmail.com>
+
+[ Upstream commit 1166c1f2f69117ad254189ca781287afa6e550b6 ]
+
+As a part of the sanity checking while mounting, distinct segment number
+assignment to data and node segments is verified. Fixing a small bug in
+this verification between node and data segments. We need to check all
+the data segments with all the node segments.
+
+Fixes: 042be0f849e5f ("f2fs: fix to do sanity check with current segment number")
+Signed-off-by: Surbhi Palande <csurbhi@gmail.com>
+Reviewed-by: Chao Yu <yuchao0@huawei.com>
+Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ fs/f2fs/super.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/fs/f2fs/super.c b/fs/f2fs/super.c
+index bd0dfaecfac3b..aa07c01dc036c 100644
+--- a/fs/f2fs/super.c
++++ b/fs/f2fs/super.c
+@@ -1211,11 +1211,11 @@ int sanity_check_ckpt(struct f2fs_sb_info *sbi)
+               }
+       }
+       for (i = 0; i < NR_CURSEG_NODE_TYPE; i++) {
+-              for (j = i; j < NR_CURSEG_DATA_TYPE; j++) {
++              for (j = 0; j < NR_CURSEG_DATA_TYPE; j++) {
+                       if (le32_to_cpu(ckpt->cur_node_segno[i]) ==
+                               le32_to_cpu(ckpt->cur_data_segno[j])) {
+                               f2fs_msg(sbi->sb, KERN_ERR,
+-                                      "Data segment (%u) and Data segment (%u)"
++                                      "Node segment (%u) and Data segment (%u)"
+                                       " has the same segno: %u", i, j,
+                                       le32_to_cpu(ckpt->cur_node_segno[i]));
+                               return 1;
+-- 
+2.20.1
+
diff --git a/queue-4.4/irqchip-gic-v3-its-fix-lpi-release-for-multi-msi-dev.patch b/queue-4.4/irqchip-gic-v3-its-fix-lpi-release-for-multi-msi-dev.patch
new file mode 100644 (file)
index 0000000..863abce
--- /dev/null
@@ -0,0 +1,54 @@
+From 88bd3cbc099490c139ccdbdcaa56f03ae9548fe1 Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Thu, 5 Sep 2019 14:56:47 +0100
+Subject: irqchip/gic-v3-its: Fix LPI release for Multi-MSI devices
+
+From: Marc Zyngier <maz@kernel.org>
+
+[ Upstream commit c9c96e30ecaa0aafa225aa1a5392cb7db17c7a82 ]
+
+When allocating a range of LPIs for a Multi-MSI capable device,
+this allocation extended to the closest power of 2.
+
+But on the release path, the interrupts are released one by
+one. This results in not releasing the "extra" range, leaking
+the its_device. Trying to reprobe the device will then fail.
+
+Fix it by releasing the LPIs the same way we allocate them.
+
+Fixes: 8208d1708b88 ("irqchip/gic-v3-its: Align PCI Multi-MSI allocation on their size")
+Reported-by: Jiaxing Luo <luojiaxing@huawei.com>
+Tested-by: John Garry <john.garry@huawei.com>
+Signed-off-by: Marc Zyngier <maz@kernel.org>
+Link: https://lore.kernel.org/r/f5e948aa-e32f-3f74-ae30-31fee06c2a74@huawei.com
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ drivers/irqchip/irq-gic-v3-its.c | 9 ++++-----
+ 1 file changed, 4 insertions(+), 5 deletions(-)
+
+diff --git a/drivers/irqchip/irq-gic-v3-its.c b/drivers/irqchip/irq-gic-v3-its.c
+index 114d5883d4978..cf11d43ce2416 100644
+--- a/drivers/irqchip/irq-gic-v3-its.c
++++ b/drivers/irqchip/irq-gic-v3-its.c
+@@ -1372,14 +1372,13 @@ static void its_irq_domain_free(struct irq_domain *domain, unsigned int virq,
+       struct its_device *its_dev = irq_data_get_irq_chip_data(d);
+       int i;
++      bitmap_release_region(its_dev->event_map.lpi_map,
++                            its_get_event_id(irq_domain_get_irq_data(domain, virq)),
++                            get_count_order(nr_irqs));
++
+       for (i = 0; i < nr_irqs; i++) {
+               struct irq_data *data = irq_domain_get_irq_data(domain,
+                                                               virq + i);
+-              u32 event = its_get_event_id(data);
+-
+-              /* Mark interrupt index as unused */
+-              clear_bit(event, its_dev->event_map.lpi_map);
+-
+               /* Nuke the entry in the domain */
+               irq_domain_reset_irq_data(data);
+       }
+-- 
+2.20.1
+
diff --git a/queue-4.4/revert-f2fs-avoid-out-of-range-memory-access.patch b/queue-4.4/revert-f2fs-avoid-out-of-range-memory-access.patch
new file mode 100644 (file)
index 0000000..63484a2
--- /dev/null
@@ -0,0 +1,61 @@
+From 48c6bc54464c6d4748110ae0ce12de9ded6f9519 Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Fri, 2 Aug 2019 18:15:48 +0800
+Subject: Revert "f2fs: avoid out-of-range memory access"
+
+From: Chao Yu <yuchao0@huawei.com>
+
+[ Upstream commit a37d0862d17411edb67677a580a6f505ec2225f6 ]
+
+As Pavel Machek reported:
+
+"We normally use -EUCLEAN to signal filesystem corruption. Plus, it is
+good idea to report it to the syslog and mark filesystem as "needing
+fsck" if filesystem can do that."
+
+Still we need improve the original patch with:
+- use unlikely keyword
+- add message print
+- return EUCLEAN
+
+However, after rethink this patch, I don't think we should add such
+condition check here as below reasons:
+- We have already checked the field in f2fs_sanity_check_ckpt(),
+- If there is fs corrupt or security vulnerability, there is nothing
+to guarantee the field is integrated after the check, unless we do
+the check before each of its use, however no filesystem does that.
+- We only have similar check for bitmap, which was added due to there
+is bitmap corruption happened on f2fs' runtime in product.
+- There are so many key fields in SB/CP/NAT did have such check
+after f2fs_sanity_check_{sb,cp,..}.
+
+So I propose to revert this unneeded check.
+
+This reverts commit 56f3ce675103e3fb9e631cfb4131fc768bc23e9a.
+
+Signed-off-by: Chao Yu <yuchao0@huawei.com>
+Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ fs/f2fs/segment.c | 5 -----
+ 1 file changed, 5 deletions(-)
+
+diff --git a/fs/f2fs/segment.c b/fs/f2fs/segment.c
+index 014bee5c0e75e..6802cd754eda0 100644
+--- a/fs/f2fs/segment.c
++++ b/fs/f2fs/segment.c
+@@ -1510,11 +1510,6 @@ static int read_compacted_summaries(struct f2fs_sb_info *sbi)
+               seg_i = CURSEG_I(sbi, i);
+               segno = le32_to_cpu(ckpt->cur_data_segno[i]);
+               blk_off = le16_to_cpu(ckpt->cur_data_blkoff[i]);
+-              if (blk_off > ENTRIES_IN_SUM) {
+-                      f2fs_bug_on(sbi, 1);
+-                      f2fs_put_page(page, 1);
+-                      return -EFAULT;
+-              }
+               seg_i->next_segno = segno;
+               reset_curseg(sbi, i, 0);
+               seg_i->alloc_type = ckpt->alloc_type[i];
+-- 
+2.20.1
+
index 6d511291a31a04c520ec804e19f4b1f6c83e1fc7..b43e938e31f34b8ee5a550a05c671ad69a297bee 100644 (file)
@@ -11,3 +11,6 @@ alsa-hda-add-laptop-imic-fixup-for-asus-m9v-laptop.patch
 mac80211-print-text-for-disassociation-reason.patch
 mac80211-handle-deauthentication-disassociation-from.patch
 locking-lockdep-add-debug_locks-check-in-__lock_down.patch
+irqchip-gic-v3-its-fix-lpi-release-for-multi-msi-dev.patch
+f2fs-check-all-the-data-segments-against-all-node-on.patch
+revert-f2fs-avoid-out-of-range-memory-access.patch