--- /dev/null
+From c0b15c25d25171db4b70cc0b7dbc1130ee94017d Mon Sep 17 00:00:00 2001
+From: Suzuki K Poulose <suzuki.poulose@arm.com>
+Date: Wed, 3 Feb 2021 23:00:57 +0000
+Subject: arm64: Extend workaround for erratum 1024718 to all versions of Cortex-A55
+
+From: Suzuki K Poulose <suzuki.poulose@arm.com>
+
+commit c0b15c25d25171db4b70cc0b7dbc1130ee94017d upstream.
+
+The erratum 1024718 affects Cortex-A55 r0p0 to r2p0. However
+we apply the work around for r0p0 - r1p0. Unfortunately this
+won't be fixed for the future revisions for the CPU. Thus
+extend the work around for all versions of A55, to cover
+for r2p0 and any future revisions.
+
+Cc: stable@vger.kernel.org
+Cc: Catalin Marinas <catalin.marinas@arm.com>
+Cc: Will Deacon <will@kernel.org>
+Cc: James Morse <james.morse@arm.com>
+Cc: Kunihiko Hayashi <hayashi.kunihiko@socionext.com>
+Signed-off-by: Suzuki K Poulose <suzuki.poulose@arm.com>
+Link: https://lore.kernel.org/r/20210203230057.3961239-1-suzuki.poulose@arm.com
+[will: Update Kconfig help text]
+Signed-off-by: Will Deacon <will@kernel.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ arch/arm64/Kconfig | 2 +-
+ arch/arm64/kernel/cpufeature.c | 2 +-
+ 2 files changed, 2 insertions(+), 2 deletions(-)
+
+--- a/arch/arm64/Kconfig
++++ b/arch/arm64/Kconfig
+@@ -473,7 +473,7 @@ config ARM64_ERRATUM_1024718
+ help
+ This option adds work around for Arm Cortex-A55 Erratum 1024718.
+
+- Affected Cortex-A55 cores (r0p0, r0p1, r1p0) could cause incorrect
++ Affected Cortex-A55 cores (all revisions) could cause incorrect
+ update of the hardware dirty bit when the DBM/AP bits are updated
+ without a break-before-make. The work around is to disable the usage
+ of hardware DBM locally on the affected cores. CPUs not affected by
+--- a/arch/arm64/kernel/cpufeature.c
++++ b/arch/arm64/kernel/cpufeature.c
+@@ -1012,7 +1012,7 @@ static bool cpu_has_broken_dbm(void)
+ /* List of CPUs which have broken DBM support. */
+ static const struct midr_range cpus[] = {
+ #ifdef CONFIG_ARM64_ERRATUM_1024718
+- MIDR_RANGE(MIDR_CORTEX_A55, 0, 0, 1, 0), // A55 r0p0 -r1p0
++ MIDR_ALL_VERSIONS(MIDR_CORTEX_A55),
+ #endif
+ {},
+ };
--- /dev/null
+From a8002a35935aaefcd6a42ad3289f62bab947f2ca Mon Sep 17 00:00:00 2001
+From: Maxim Kiselev <bigunclemax@gmail.com>
+Date: Wed, 17 Feb 2021 14:10:00 +0100
+Subject: gpio: pcf857x: Fix missing first interrupt
+
+From: Maxim Kiselev <bigunclemax@gmail.com>
+
+commit a8002a35935aaefcd6a42ad3289f62bab947f2ca upstream.
+
+If no n_latch value will be provided at driver probe then all pins will
+be used as an input:
+
+ gpio->out = ~n_latch;
+
+In that case initial state for all pins is "one":
+
+ gpio->status = gpio->out;
+
+So if pcf857x IRQ happens with change pin value from "zero" to "one"
+then we miss it, because of "one" from IRQ and "one" from initial state
+leaves corresponding pin unchanged:
+change = (gpio->status ^ status) & gpio->irq_enabled;
+
+The right solution will be to read actual state at driver probe.
+
+Cc: stable@vger.kernel.org
+Fixes: 6e20a0a429bd ("gpio: pcf857x: enable gpio_to_irq() support")
+Signed-off-by: Maxim Kiselev <bigunclemax@gmail.com>
+Signed-off-by: Bartosz Golaszewski <bgolaszewski@baylibre.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ drivers/gpio/gpio-pcf857x.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/drivers/gpio/gpio-pcf857x.c
++++ b/drivers/gpio/gpio-pcf857x.c
+@@ -357,7 +357,7 @@ static int pcf857x_probe(struct i2c_clie
+ * reset state. Otherwise it flags pins to be driven low.
+ */
+ gpio->out = ~n_latch;
+- gpio->status = gpio->out;
++ gpio->status = gpio->read(gpio->client);
+
+ status = devm_gpiochip_add_data(&client->dev, &gpio->chip, gpio);
+ if (status < 0)
--- /dev/null
+From a56f44138a2c57047f1ea94ea121af31c595132b Mon Sep 17 00:00:00 2001
+From: Frank Li <Frank.Li@nxp.com>
+Date: Wed, 10 Feb 2021 12:19:33 -0600
+Subject: mmc: sdhci-esdhc-imx: fix kernel panic when remove module
+
+From: Frank Li <Frank.Li@nxp.com>
+
+commit a56f44138a2c57047f1ea94ea121af31c595132b upstream.
+
+In sdhci_esdhc_imx_remove() the SDHCI_INT_STATUS in read. Under some
+circumstances, this may be done while the device is runtime suspended,
+triggering the below splat.
+
+Fix the problem by adding a pm_runtime_get_sync(), before reading the
+register, which will turn on clocks etc making the device accessible again.
+
+[ 1811.323148] mmc1: card aaaa removed
+[ 1811.347483] Internal error: synchronous external abort: 96000210 [#1] PREEMPT SMP
+[ 1811.354988] Modules linked in: sdhci_esdhc_imx(-) sdhci_pltfm sdhci cqhci mmc_block mmc_core [last unloaded: mmc_core]
+[ 1811.365726] CPU: 0 PID: 3464 Comm: rmmod Not tainted 5.10.1-sd-99871-g53835a2e8186 #5
+[ 1811.373559] Hardware name: Freescale i.MX8DXL EVK (DT)
+[ 1811.378705] pstate: 60000005 (nZCv daif -PAN -UAO -TCO BTYPE=--)
+[ 1811.384723] pc : sdhci_esdhc_imx_remove+0x28/0x15c [sdhci_esdhc_imx]
+[ 1811.391090] lr : platform_drv_remove+0x2c/0x50
+[ 1811.395536] sp : ffff800012c7bcb0
+[ 1811.398855] x29: ffff800012c7bcb0 x28: ffff00002c72b900
+[ 1811.404181] x27: 0000000000000000 x26: 0000000000000000
+[ 1811.409497] x25: 0000000000000000 x24: 0000000000000000
+[ 1811.414814] x23: ffff0000042b3890 x22: ffff800009127120
+[ 1811.420131] x21: ffff00002c4c9580 x20: ffff0000042d0810
+[ 1811.425456] x19: ffff0000042d0800 x18: 0000000000000020
+[ 1811.430773] x17: 0000000000000000 x16: 0000000000000000
+[ 1811.436089] x15: 0000000000000004 x14: ffff000004019c10
+[ 1811.441406] x13: 0000000000000000 x12: 0000000000000020
+[ 1811.446723] x11: 0101010101010101 x10: 7f7f7f7f7f7f7f7f
+[ 1811.452040] x9 : fefefeff6364626d x8 : 7f7f7f7f7f7f7f7f
+[ 1811.457356] x7 : 78725e6473607372 x6 : 0000000080808080
+[ 1811.462673] x5 : 0000000000000000 x4 : 0000000000000000
+[ 1811.467990] x3 : ffff800011ac1cb0 x2 : 0000000000000000
+[ 1811.473307] x1 : ffff8000091214d4 x0 : ffff8000133a0030
+[ 1811.478624] Call trace:
+[ 1811.481081] sdhci_esdhc_imx_remove+0x28/0x15c [sdhci_esdhc_imx]
+[ 1811.487098] platform_drv_remove+0x2c/0x50
+[ 1811.491198] __device_release_driver+0x188/0x230
+[ 1811.495818] driver_detach+0xc0/0x14c
+[ 1811.499487] bus_remove_driver+0x5c/0xb0
+[ 1811.503413] driver_unregister+0x30/0x60
+[ 1811.507341] platform_driver_unregister+0x14/0x20
+[ 1811.512048] sdhci_esdhc_imx_driver_exit+0x1c/0x3a8 [sdhci_esdhc_imx]
+[ 1811.518495] __arm64_sys_delete_module+0x19c/0x230
+[ 1811.523291] el0_svc_common.constprop.0+0x78/0x1a0
+[ 1811.528086] do_el0_svc+0x24/0x90
+[ 1811.531405] el0_svc+0x14/0x20
+[ 1811.534461] el0_sync_handler+0x1a4/0x1b0
+[ 1811.538474] el0_sync+0x174/0x180
+[ 1811.541801] Code: a9025bf5 f9403e95 f9400ea0 9100c000 (b9400000)
+[ 1811.547902] ---[ end trace 3fb1a3bd48ff7be5 ]---
+
+Signed-off-by: Frank Li <Frank.Li@nxp.com>
+Cc: stable@vger.kernel.org # v4.0+
+Link: https://lore.kernel.org/r/20210210181933.29263-1-Frank.Li@nxp.com
+[Ulf: Clarified the commit message a bit]
+Signed-off-by: Ulf Hansson <ulf.hansson@linaro.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ drivers/mmc/host/sdhci-esdhc-imx.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+--- a/drivers/mmc/host/sdhci-esdhc-imx.c
++++ b/drivers/mmc/host/sdhci-esdhc-imx.c
+@@ -1370,9 +1370,10 @@ static int sdhci_esdhc_imx_remove(struct
+ struct sdhci_host *host = platform_get_drvdata(pdev);
+ struct sdhci_pltfm_host *pltfm_host = sdhci_priv(host);
+ struct pltfm_imx_data *imx_data = sdhci_pltfm_priv(pltfm_host);
+- int dead = (readl(host->ioaddr + SDHCI_INT_STATUS) == 0xffffffff);
++ int dead;
+
+ pm_runtime_get_sync(&pdev->dev);
++ dead = (readl(host->ioaddr + SDHCI_INT_STATUS) == 0xffffffff);
+ pm_runtime_disable(&pdev->dev);
+ pm_runtime_put_noidle(&pdev->dev);
+
--- /dev/null
+From ebfac7b778fac8b0e8e92ec91d0b055f046b4604 Mon Sep 17 00:00:00 2001
+From: Fangrui Song <maskray@google.com>
+Date: Fri, 15 Jan 2021 11:52:22 -0800
+Subject: module: Ignore _GLOBAL_OFFSET_TABLE_ when warning for undefined symbols
+
+From: Fangrui Song <maskray@google.com>
+
+commit ebfac7b778fac8b0e8e92ec91d0b055f046b4604 upstream.
+
+clang-12 -fno-pic (since
+https://github.com/llvm/llvm-project/commit/a084c0388e2a59b9556f2de0083333232da3f1d6)
+can emit `call __stack_chk_fail@PLT` instead of `call __stack_chk_fail`
+on x86. The two forms should have identical behaviors on x86-64 but the
+former causes GNU as<2.37 to produce an unreferenced undefined symbol
+_GLOBAL_OFFSET_TABLE_.
+
+(On x86-32, there is an R_386_PC32 vs R_386_PLT32 difference but the
+linker behavior is identical as far as Linux kernel is concerned.)
+
+Simply ignore _GLOBAL_OFFSET_TABLE_ for now, like what
+scripts/mod/modpost.c:ignore_undef_symbol does. This also fixes the
+problem for gcc/clang -fpie and -fpic, which may emit `call foo@PLT` for
+external function calls on x86.
+
+Note: ld -z defs and dynamic loaders do not error for unreferenced
+undefined symbols so the module loader is reading too much. If we ever
+need to ignore more symbols, the code should be refactored to ignore
+unreferenced symbols.
+
+Cc: <stable@vger.kernel.org>
+Link: https://github.com/ClangBuiltLinux/linux/issues/1250
+Link: https://sourceware.org/bugzilla/show_bug.cgi?id=27178
+Reported-by: Marco Elver <elver@google.com>
+Reviewed-by: Nick Desaulniers <ndesaulniers@google.com>
+Reviewed-by: Nathan Chancellor <natechancellor@gmail.com>
+Tested-by: Marco Elver <elver@google.com>
+Signed-off-by: Fangrui Song <maskray@google.com>
+Signed-off-by: Jessica Yu <jeyu@kernel.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ kernel/module.c | 21 +++++++++++++++++++--
+ 1 file changed, 19 insertions(+), 2 deletions(-)
+
+--- a/kernel/module.c
++++ b/kernel/module.c
+@@ -2274,6 +2274,21 @@ static int verify_export_symbols(struct
+ return 0;
+ }
+
++static bool ignore_undef_symbol(Elf_Half emachine, const char *name)
++{
++ /*
++ * On x86, PIC code and Clang non-PIC code may have call foo@PLT. GNU as
++ * before 2.37 produces an unreferenced _GLOBAL_OFFSET_TABLE_ on x86-64.
++ * i386 has a similar problem but may not deserve a fix.
++ *
++ * If we ever have to ignore many symbols, consider refactoring the code to
++ * only warn if referenced by a relocation.
++ */
++ if (emachine == EM_386 || emachine == EM_X86_64)
++ return !strcmp(name, "_GLOBAL_OFFSET_TABLE_");
++ return false;
++}
++
+ /* Change all symbols so that st_value encodes the pointer directly. */
+ static int simplify_symbols(struct module *mod, const struct load_info *info)
+ {
+@@ -2319,8 +2334,10 @@ static int simplify_symbols(struct modul
+ break;
+ }
+
+- /* Ok if weak. */
+- if (!ksym && ELF_ST_BIND(sym[i].st_info) == STB_WEAK)
++ /* Ok if weak or ignored. */
++ if (!ksym &&
++ (ELF_ST_BIND(sym[i].st_info) == STB_WEAK ||
++ ignore_undef_symbol(info->hdr->e_machine, name)))
+ break;
+
+ ret = PTR_ERR(ksym) ?: -ENOENT;
--- /dev/null
+From 8a8109f303e25a27f92c1d8edd67d7cbbc60a4eb Mon Sep 17 00:00:00 2001
+From: Muchun Song <songmuchun@bytedance.com>
+Date: Wed, 10 Feb 2021 11:48:23 +0800
+Subject: printk: fix deadlock when kernel panic
+
+From: Muchun Song <songmuchun@bytedance.com>
+
+commit 8a8109f303e25a27f92c1d8edd67d7cbbc60a4eb upstream.
+
+printk_safe_flush_on_panic() caused the following deadlock on our
+server:
+
+CPU0: CPU1:
+panic rcu_dump_cpu_stacks
+ kdump_nmi_shootdown_cpus nmi_trigger_cpumask_backtrace
+ register_nmi_handler(crash_nmi_callback) printk_safe_flush
+ __printk_safe_flush
+ raw_spin_lock_irqsave(&read_lock)
+ // send NMI to other processors
+ apic_send_IPI_allbutself(NMI_VECTOR)
+ // NMI interrupt, dead loop
+ crash_nmi_callback
+ printk_safe_flush_on_panic
+ printk_safe_flush
+ __printk_safe_flush
+ // deadlock
+ raw_spin_lock_irqsave(&read_lock)
+
+DEADLOCK: read_lock is taken on CPU1 and will never get released.
+
+It happens when panic() stops a CPU by NMI while it has been in
+the middle of printk_safe_flush().
+
+Handle the lock the same way as logbuf_lock. The printk_safe buffers
+are flushed only when both locks can be safely taken. It can avoid
+the deadlock _in this particular case_ at expense of losing contents
+of printk_safe buffers.
+
+Note: It would actually be safe to re-init the locks when all CPUs were
+ stopped by NMI. But it would require passing this information
+ from arch-specific code. It is not worth the complexity.
+ Especially because logbuf_lock and printk_safe buffers have been
+ obsoleted by the lockless ring buffer.
+
+Fixes: cf9b1106c81c ("printk/nmi: flush NMI messages on the system panic")
+Signed-off-by: Muchun Song <songmuchun@bytedance.com>
+Reviewed-by: Petr Mladek <pmladek@suse.com>
+Cc: <stable@vger.kernel.org>
+Acked-by: Sergey Senozhatsky <sergey.senozhatsky@gmail.com>
+Signed-off-by: Petr Mladek <pmladek@suse.com>
+Link: https://lore.kernel.org/r/20210210034823.64867-1-songmuchun@bytedance.com
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ kernel/printk/printk_safe.c | 16 ++++++++++++----
+ 1 file changed, 12 insertions(+), 4 deletions(-)
+
+--- a/kernel/printk/printk_safe.c
++++ b/kernel/printk/printk_safe.c
+@@ -55,6 +55,8 @@ struct printk_safe_seq_buf {
+ static DEFINE_PER_CPU(struct printk_safe_seq_buf, safe_print_seq);
+ static DEFINE_PER_CPU(int, printk_context);
+
++static DEFINE_RAW_SPINLOCK(safe_read_lock);
++
+ #ifdef CONFIG_PRINTK_NMI
+ static DEFINE_PER_CPU(struct printk_safe_seq_buf, nmi_print_seq);
+ #endif
+@@ -190,8 +192,6 @@ static void report_message_lost(struct p
+ */
+ static void __printk_safe_flush(struct irq_work *work)
+ {
+- static raw_spinlock_t read_lock =
+- __RAW_SPIN_LOCK_INITIALIZER(read_lock);
+ struct printk_safe_seq_buf *s =
+ container_of(work, struct printk_safe_seq_buf, work);
+ unsigned long flags;
+@@ -205,7 +205,7 @@ static void __printk_safe_flush(struct i
+ * different CPUs. This is especially important when printing
+ * a backtrace.
+ */
+- raw_spin_lock_irqsave(&read_lock, flags);
++ raw_spin_lock_irqsave(&safe_read_lock, flags);
+
+ i = 0;
+ more:
+@@ -242,7 +242,7 @@ more:
+
+ out:
+ report_message_lost(s);
+- raw_spin_unlock_irqrestore(&read_lock, flags);
++ raw_spin_unlock_irqrestore(&safe_read_lock, flags);
+ }
+
+ /**
+@@ -288,6 +288,14 @@ void printk_safe_flush_on_panic(void)
+ raw_spin_lock_init(&logbuf_lock);
+ }
+
++ if (raw_spin_is_locked(&safe_read_lock)) {
++ if (num_online_cpus() > 1)
++ return;
++
++ debug_locks_off();
++ raw_spin_lock_init(&safe_read_lock);
++ }
++
+ printk_safe_flush();
+ }
+
x86-fix-seq_file-iteration-for-pat-memtype.c.patch
hugetlb-fix-copy_huge_page_from_user-contig-page-struct-assumption.patch
libnvdimm-dimm-avoid-race-between-probe-and-available_slots_show.patch
+arm64-extend-workaround-for-erratum-1024718-to-all-versions-of-cortex-a55.patch
+module-ignore-_global_offset_table_-when-warning-for-undefined-symbols.patch
+mmc-sdhci-esdhc-imx-fix-kernel-panic-when-remove-module.patch
+gpio-pcf857x-fix-missing-first-interrupt.patch
+printk-fix-deadlock-when-kernel-panic.patch
projects / thirdparty / kernel / stable-queue.git / commitdiff
