--- /dev/null
+From b6835ea77729e7faf4656ca637ba53f42b8ee3fd Mon Sep 17 00:00:00 2001
+From: Alexey Brodkin <abrodkin@synopsys.com>
+Date: Fri, 8 Feb 2019 13:55:19 +0300
+Subject: ARC: define ARCH_SLAB_MINALIGN = 8
+
+From: Alexey Brodkin <abrodkin@synopsys.com>
+
+commit b6835ea77729e7faf4656ca637ba53f42b8ee3fd upstream.
+
+The default value of ARCH_SLAB_MINALIGN in "include/linux/slab.h" is
+"__alignof__(unsigned long long)" which for ARC unexpectedly turns out
+to be 4. This is not a compiler bug, but as defined by ARC ABI [1]
+
+Thus slab allocator would allocate a struct which is 32-bit aligned,
+which is generally OK even if struct has long long members.
+There was however potetial problem when it had any atomic64_t which
+use LLOCKD/SCONDD instructions which are required by ISA to take
+64-bit addresses. This is the problem we ran into
+
+[ 4.015732] EXT4-fs (mmcblk0p2): re-mounted. Opts: (null)
+[ 4.167881] Misaligned Access
+[ 4.172356] Path: /bin/busybox.nosuid
+[ 4.176004] CPU: 2 PID: 171 Comm: rm Not tainted 4.19.14-yocto-standard #1
+[ 4.182851]
+[ 4.182851] [ECR ]: 0x000d0000 => Check Programmer's Manual
+[ 4.190061] [EFA ]: 0xbeaec3fc
+[ 4.190061] [BLINK ]: ext4_delete_entry+0x210/0x234
+[ 4.190061] [ERET ]: ext4_delete_entry+0x13e/0x234
+[ 4.202985] [STAT32]: 0x80080002 : IE K
+[ 4.207236] BTA: 0x9009329c SP: 0xbe5b1ec4 FP: 0x00000000
+[ 4.212790] LPS: 0x9074b118 LPE: 0x9074b120 LPC: 0x00000000
+[ 4.218348] r00: 0x00000040 r01: 0x00000021 r02: 0x00000001
+...
+...
+[ 4.270510] Stack Trace:
+[ 4.274510] ext4_delete_entry+0x13e/0x234
+[ 4.278695] ext4_rmdir+0xe0/0x238
+[ 4.282187] vfs_rmdir+0x50/0xf0
+[ 4.285492] do_rmdir+0x9e/0x154
+[ 4.288802] EV_Trap+0x110/0x114
+
+The fix is to make sure slab allocations are 64-bit aligned.
+
+Do note that atomic64_t is __attribute__((aligned(8)) which means gcc
+does generate 64-bit aligned references, relative to beginning of
+container struct. However the issue is if the container itself is not
+64-bit aligned, atomic64_t ends up unaligned which is what this patch
+ensures.
+
+[1] https://github.com/foss-for-synopsys-dwc-arc-processors/toolchain/wiki/files/ARCv2_ABI.pdf
+
+Signed-off-by: Alexey Brodkin <abrodkin@synopsys.com>
+Cc: <stable@vger.kernel.org> # 4.8+
+Signed-off-by: Vineet Gupta <vgupta@synopsys.com>
+[vgupta: reworked changelog, added dependency on LL64+LLSC]
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ arch/arc/include/asm/cache.h | 11 +++++++++++
+ 1 file changed, 11 insertions(+)
+
+--- a/arch/arc/include/asm/cache.h
++++ b/arch/arc/include/asm/cache.h
+@@ -52,6 +52,17 @@
+ #define cache_line_size() SMP_CACHE_BYTES
+ #define ARCH_DMA_MINALIGN SMP_CACHE_BYTES
+
++/*
++ * Make sure slab-allocated buffers are 64-bit aligned when atomic64_t uses
++ * ARCv2 64-bit atomics (LLOCKD/SCONDD). This guarantess runtime 64-bit
++ * alignment for any atomic64_t embedded in buffer.
++ * Default ARCH_SLAB_MINALIGN is __alignof__(long long) which has a relaxed
++ * value of 4 (and not 8) in ARC ABI.
++ */
++#if defined(CONFIG_ARC_HAS_LL64) && defined(CONFIG_ARC_HAS_LLSC)
++#define ARCH_SLAB_MINALIGN 8
++#endif
++
+ extern void arc_cache_init(void);
+ extern char *arc_cache_mumbojumbo(int cpu_id, char *buf, int len);
+ extern void read_decode_cache_bcr(void);
--- /dev/null
+From a66f2e57bd566240d8b3884eedf503928fbbe557 Mon Sep 17 00:00:00 2001
+From: Eugeniy Paltsev <Eugeniy.Paltsev@synopsys.com>
+Date: Thu, 14 Feb 2019 18:07:44 +0300
+Subject: ARC: U-boot: check arguments paranoidly
+
+From: Eugeniy Paltsev <Eugeniy.Paltsev@synopsys.com>
+
+commit a66f2e57bd566240d8b3884eedf503928fbbe557 upstream.
+
+Handle U-boot arguments paranoidly:
+ * don't allow to pass unknown tag.
+ * try to use external device tree blob only if corresponding tag
+ (TAG_DTB) is set.
+ * don't check uboot_tag if kernel build with no ARC_UBOOT_SUPPORT.
+
+NOTE:
+If U-boot args are invalid we skip them and try to use embedded device
+tree blob. We can't panic on invalid U-boot args as we really pass
+invalid args due to bug in U-boot code.
+This happens if we don't provide external DTB to U-boot and
+don't set 'bootargs' U-boot environment variable (which is default
+case at least for HSDK board) In that case we will pass
+{r0 = 1 (bootargs in r2); r1 = 0; r2 = 0;} to linux which is invalid.
+
+While I'm at it refactor U-boot arguments handling code.
+
+Cc: stable@vger.kernel.org
+Tested-by: Corentin LABBE <clabbe@baylibre.com>
+Signed-off-by: Eugeniy Paltsev <Eugeniy.Paltsev@synopsys.com>
+Signed-off-by: Vineet Gupta <vgupta@synopsys.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ arch/arc/kernel/head.S | 4 +-
+ arch/arc/kernel/setup.c | 89 +++++++++++++++++++++++++++++++++---------------
+ 2 files changed, 65 insertions(+), 28 deletions(-)
+
+--- a/arch/arc/kernel/head.S
++++ b/arch/arc/kernel/head.S
+@@ -103,9 +103,9 @@ ENTRY(stext)
+ #ifdef CONFIG_ARC_UBOOT_SUPPORT
+ ; Uboot - kernel ABI
+ ; r0 = [0] No uboot interaction, [1] cmdline in r2, [2] DTB in r2
+- ; r1 = magic number (board identity, unused as of now
++ ; r1 = magic number (always zero as of now)
+ ; r2 = pointer to uboot provided cmdline or external DTB in mem
+- ; These are handled later in setup_arch()
++ ; These are handled later in handle_uboot_args()
+ st r0, [@uboot_tag]
+ st r2, [@uboot_arg]
+ #endif
+--- a/arch/arc/kernel/setup.c
++++ b/arch/arc/kernel/setup.c
+@@ -414,43 +414,80 @@ void setup_processor(void)
+ arc_chk_core_config();
+ }
+
+-static inline int is_kernel(unsigned long addr)
++static inline bool uboot_arg_invalid(unsigned long addr)
+ {
+- if (addr >= (unsigned long)_stext && addr <= (unsigned long)_end)
+- return 1;
+- return 0;
++ /*
++ * Check that it is a untranslated address (although MMU is not enabled
++ * yet, it being a high address ensures this is not by fluke)
++ */
++ if (addr < PAGE_OFFSET)
++ return true;
++
++ /* Check that address doesn't clobber resident kernel image */
++ return addr >= (unsigned long)_stext && addr <= (unsigned long)_end;
+ }
+
+-void __init setup_arch(char **cmdline_p)
++#define IGNORE_ARGS "Ignore U-boot args: "
++
++/* uboot_tag values for U-boot - kernel ABI revision 0; see head.S */
++#define UBOOT_TAG_NONE 0
++#define UBOOT_TAG_CMDLINE 1
++#define UBOOT_TAG_DTB 2
++
++void __init handle_uboot_args(void)
+ {
++ bool use_embedded_dtb = true;
++ bool append_cmdline = false;
++
+ #ifdef CONFIG_ARC_UBOOT_SUPPORT
+- /* make sure that uboot passed pointer to cmdline/dtb is valid */
+- if (uboot_tag && is_kernel((unsigned long)uboot_arg))
+- panic("Invalid uboot arg\n");
+-
+- /* See if u-boot passed an external Device Tree blob */
+- machine_desc = setup_machine_fdt(uboot_arg); /* uboot_tag == 2 */
+- if (!machine_desc)
++ /* check that we know this tag */
++ if (uboot_tag != UBOOT_TAG_NONE &&
++ uboot_tag != UBOOT_TAG_CMDLINE &&
++ uboot_tag != UBOOT_TAG_DTB) {
++ pr_warn(IGNORE_ARGS "invalid uboot tag: '%08x'\n", uboot_tag);
++ goto ignore_uboot_args;
++ }
++
++ if (uboot_tag != UBOOT_TAG_NONE &&
++ uboot_arg_invalid((unsigned long)uboot_arg)) {
++ pr_warn(IGNORE_ARGS "invalid uboot arg: '%px'\n", uboot_arg);
++ goto ignore_uboot_args;
++ }
++
++ /* see if U-boot passed an external Device Tree blob */
++ if (uboot_tag == UBOOT_TAG_DTB) {
++ machine_desc = setup_machine_fdt((void *)uboot_arg);
++
++ /* external Device Tree blob is invalid - use embedded one */
++ use_embedded_dtb = !machine_desc;
++ }
++
++ if (uboot_tag == UBOOT_TAG_CMDLINE)
++ append_cmdline = true;
++
++ignore_uboot_args:
+ #endif
+- {
+- /* No, so try the embedded one */
++
++ if (use_embedded_dtb) {
+ machine_desc = setup_machine_fdt(__dtb_start);
+ if (!machine_desc)
+ panic("Embedded DT invalid\n");
++ }
+
+- /*
+- * If we are here, it is established that @uboot_arg didn't
+- * point to DT blob. Instead if u-boot says it is cmdline,
+- * append to embedded DT cmdline.
+- * setup_machine_fdt() would have populated @boot_command_line
+- */
+- if (uboot_tag == 1) {
+- /* Ensure a whitespace between the 2 cmdlines */
+- strlcat(boot_command_line, " ", COMMAND_LINE_SIZE);
+- strlcat(boot_command_line, uboot_arg,
+- COMMAND_LINE_SIZE);
+- }
++ /*
++ * NOTE: @boot_command_line is populated by setup_machine_fdt() so this
++ * append processing can only happen after.
++ */
++ if (append_cmdline) {
++ /* Ensure a whitespace between the 2 cmdlines */
++ strlcat(boot_command_line, " ", COMMAND_LINE_SIZE);
++ strlcat(boot_command_line, uboot_arg, COMMAND_LINE_SIZE);
+ }
++}
++
++void __init setup_arch(char **cmdline_p)
++{
++ handle_uboot_args();
+
+ /* Save unparsed command line copy for /proc/cmdline */
+ *cmdline_p = boot_command_line;
--- /dev/null
+From 252f6e8eae909bc075a1b1e3b9efb095ae4c0b56 Mon Sep 17 00:00:00 2001
+From: Eugeniy Paltsev <Eugeniy.Paltsev@synopsys.com>
+Date: Wed, 16 Jan 2019 14:29:50 +0300
+Subject: ARCv2: Enable unaligned access in early ASM code
+
+From: Eugeniy Paltsev <Eugeniy.Paltsev@synopsys.com>
+
+commit 252f6e8eae909bc075a1b1e3b9efb095ae4c0b56 upstream.
+
+It is currently done in arc_init_IRQ() which might be too late
+considering gcc 7.3.1 onwards (GNU 2018.03) generates unaligned
+memory accesses by default
+
+Cc: stable@vger.kernel.org #4.4+
+Signed-off-by: Eugeniy Paltsev <Eugeniy.Paltsev@synopsys.com>
+Signed-off-by: Vineet Gupta <vgupta@synopsys.com>
+[vgupta: rewrote changelog]
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ arch/arc/kernel/head.S | 10 ++++++++++
+ 1 file changed, 10 insertions(+)
+
+--- a/arch/arc/kernel/head.S
++++ b/arch/arc/kernel/head.S
+@@ -17,6 +17,7 @@
+ #include <asm/entry.h>
+ #include <asm/arcregs.h>
+ #include <asm/cache.h>
++#include <asm/irqflags.h>
+
+ .macro CPU_EARLY_SETUP
+
+@@ -47,6 +48,15 @@
+ sr r5, [ARC_REG_DC_CTRL]
+
+ 1:
++
++#ifdef CONFIG_ISA_ARCV2
++ ; Unaligned access is disabled at reset, so re-enable early as
++ ; gcc 7.3.1 (ARC GNU 2018.03) onwards generates unaligned access
++ ; by default
++ lr r5, [status32]
++ bset r5, r5, STATUS_AD_BIT
++ kflag r5
++#endif
+ .endm
+
+ .section .init.text, "ax",@progbits
--- /dev/null
+From d179b88deb3bf6fed4991a31fd6f0f2cad21fab5 Mon Sep 17 00:00:00 2001
+From: Chris Wilson <chris@chris-wilson.co.uk>
+Date: Fri, 15 Feb 2019 12:30:19 +0000
+Subject: drm/i915/fbdev: Actually configure untiled displays
+
+From: Chris Wilson <chris@chris-wilson.co.uk>
+
+commit d179b88deb3bf6fed4991a31fd6f0f2cad21fab5 upstream.
+
+If we skipped all the connectors that were not part of a tile, we would
+leave conn_seq=0 and conn_configured=0, convincing ourselves that we
+had stagnated in our configuration attempts. Avoid this situation by
+starting conn_seq=ALL_CONNECTORS, and repeating until we find no more
+connectors to configure.
+
+Fixes: 754a76591b12 ("drm/i915/fbdev: Stop repeating tile configuration on stagnation")
+Reported-by: Maarten Lankhorst <maarten.lankhorst@linux.intel.com>
+Signed-off-by: Chris Wilson <chris@chris-wilson.co.uk>
+Cc: Maarten Lankhorst <maarten.lankhorst@linux.intel.com>
+Reviewed-by: Maarten Lankhorst <maarten.lankhorst@linux.intel.com>
+Link: https://patchwork.freedesktop.org/patch/msgid/20190215123019.32283-1-chris@chris-wilson.co.uk
+Cc: <stable@vger.kernel.org> # v3.19+
+(cherry picked from commit d9b308b1f8a1acc0c3279f443d4fe0f9f663252e)
+Signed-off-by: Jani Nikula <jani.nikula@intel.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ drivers/gpu/drm/i915/intel_fbdev.c | 12 +++++++-----
+ 1 file changed, 7 insertions(+), 5 deletions(-)
+
+--- a/drivers/gpu/drm/i915/intel_fbdev.c
++++ b/drivers/gpu/drm/i915/intel_fbdev.c
+@@ -326,8 +326,8 @@ static bool intel_fb_initial_config(stru
+ bool *enabled, int width, int height)
+ {
+ struct drm_i915_private *dev_priv = to_i915(fb_helper->dev);
+- unsigned long conn_configured, conn_seq, mask;
+ unsigned int count = min(fb_helper->connector_count, BITS_PER_LONG);
++ unsigned long conn_configured, conn_seq;
+ int i, j;
+ bool *save_enabled;
+ bool fallback = true, ret = true;
+@@ -345,10 +345,9 @@ static bool intel_fb_initial_config(stru
+ drm_modeset_backoff(&ctx);
+
+ memcpy(save_enabled, enabled, count);
+- mask = GENMASK(count - 1, 0);
++ conn_seq = GENMASK(count - 1, 0);
+ conn_configured = 0;
+ retry:
+- conn_seq = conn_configured;
+ for (i = 0; i < count; i++) {
+ struct drm_fb_helper_connector *fb_conn;
+ struct drm_connector *connector;
+@@ -361,7 +360,8 @@ retry:
+ if (conn_configured & BIT(i))
+ continue;
+
+- if (conn_seq == 0 && !connector->has_tile)
++ /* First pass, only consider tiled connectors */
++ if (conn_seq == GENMASK(count - 1, 0) && !connector->has_tile)
+ continue;
+
+ if (connector->status == connector_status_connected)
+@@ -465,8 +465,10 @@ retry:
+ conn_configured |= BIT(i);
+ }
+
+- if ((conn_configured & mask) != mask && conn_configured != conn_seq)
++ if (conn_configured != conn_seq) { /* repeat until no more are found */
++ conn_seq = conn_configured;
+ goto retry;
++ }
+
+ /*
+ * If the BIOS didn't enable everything it could, fall back to have the
--- /dev/null
+From b7dc5a071ddf69c0350396b203cba32fe5bab510 Mon Sep 17 00:00:00 2001
+From: "Dmitry V. Levin" <ldv@altlinux.org>
+Date: Sat, 16 Feb 2019 16:10:39 +0300
+Subject: parisc: Fix ptrace syscall number modification
+
+From: Dmitry V. Levin <ldv@altlinux.org>
+
+commit b7dc5a071ddf69c0350396b203cba32fe5bab510 upstream.
+
+Commit 910cd32e552e ("parisc: Fix and enable seccomp filter support")
+introduced a regression in ptrace-based syscall tampering: when tracer
+changes syscall number to -1, the kernel fails to initialize %r28 with
+-ENOSYS and subsequently fails to return the error code of the failed
+syscall to userspace.
+
+This erroneous behaviour could be observed with a simple strace syscall
+fault injection command which is expected to print something like this:
+
+$ strace -a0 -ewrite -einject=write:error=enospc echo hello
+write(1, "hello\n", 6) = -1 ENOSPC (No space left on device) (INJECTED)
+write(2, "echo: ", 6) = -1 ENOSPC (No space left on device) (INJECTED)
+write(2, "write error", 11) = -1 ENOSPC (No space left on device) (INJECTED)
+write(2, "\n", 1) = -1 ENOSPC (No space left on device) (INJECTED)
++++ exited with 1 +++
+
+After commit 910cd32e552ea09caa89cdbe328e468979b030dd it loops printing
+something like this instead:
+
+write(1, "hello\n", 6../strace: Failed to tamper with process 12345: unexpectedly got no error (return value 0, error 0)
+) = 0 (INJECTED)
+
+This bug was found by strace test suite.
+
+Fixes: 910cd32e552e ("parisc: Fix and enable seccomp filter support")
+Cc: stable@vger.kernel.org # v4.5+
+Signed-off-by: Dmitry V. Levin <ldv@altlinux.org>
+Tested-by: Helge Deller <deller@gmx.de>
+Signed-off-by: Helge Deller <deller@gmx.de>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ arch/parisc/kernel/ptrace.c | 29 +++++++++++++++++++++--------
+ 1 file changed, 21 insertions(+), 8 deletions(-)
+
+--- a/arch/parisc/kernel/ptrace.c
++++ b/arch/parisc/kernel/ptrace.c
+@@ -312,15 +312,29 @@ long compat_arch_ptrace(struct task_stru
+
+ long do_syscall_trace_enter(struct pt_regs *regs)
+ {
+- if (test_thread_flag(TIF_SYSCALL_TRACE) &&
+- tracehook_report_syscall_entry(regs)) {
++ if (test_thread_flag(TIF_SYSCALL_TRACE)) {
++ int rc = tracehook_report_syscall_entry(regs);
++
+ /*
+- * Tracing decided this syscall should not happen or the
+- * debugger stored an invalid system call number. Skip
+- * the system call and the system call restart handling.
++ * As tracesys_next does not set %r28 to -ENOSYS
++ * when %r20 is set to -1, initialize it here.
+ */
+- regs->gr[20] = -1UL;
+- goto out;
++ regs->gr[28] = -ENOSYS;
++
++ if (rc) {
++ /*
++ * A nonzero return code from
++ * tracehook_report_syscall_entry() tells us
++ * to prevent the syscall execution. Skip
++ * the syscall call and the syscall restart handling.
++ *
++ * Note that the tracer may also just change
++ * regs->gr[20] to an invalid syscall number,
++ * that is handled by tracesys_next.
++ */
++ regs->gr[20] = -1UL;
++ return -1;
++ }
+ }
+
+ /* Do the secure computing check after ptrace. */
+@@ -344,7 +358,6 @@ long do_syscall_trace_enter(struct pt_re
+ regs->gr[24] & 0xffffffff,
+ regs->gr[23] & 0xffffffff);
+
+-out:
+ /*
+ * Sign extend the syscall number to 64bit since it may have been
+ * modified by a compat ptrace call
rdma-srp-rework-scsi-device-reset-handling.patch
keys-user-align-the-payload-buffer.patch
keys-always-initialize-keyring_index_key-desc_len.patch
+parisc-fix-ptrace-syscall-number-modification.patch
+arcv2-enable-unaligned-access-in-early-asm-code.patch
+arc-u-boot-check-arguments-paranoidly.patch
+arc-define-arch_slab_minalign-8.patch
+drm-i915-fbdev-actually-configure-untiled-displays.patch
projects / thirdparty / kernel / stable-queue.git / commitdiff
