]> git.ipfire.org Git - thirdparty/kernel/stable-queue.git/commitdiff
5.4-stable patches
authorGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Sun, 12 Dec 2021 13:26:21 +0000 (14:26 +0100)
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Sun, 12 Dec 2021 13:26:21 +0000 (14:26 +0100)
added patches:
can-m_can-disable-and-ignore-elo-interrupt.patch
can-pch_can-pch_can_rx_normal-fix-use-after-free.patch
clk-qcom-regmap-mux-fix-parent-clock-lookup.patch
drm-syncobj-deal-with-signalled-fences-in-drm_syncobj_find_fence.patch
libata-add-horkage-for-asmedia-1092.patch
nfsd-fix-nsfd-startup-race-again.patch
tracefs-have-new-files-inherit-the-ownership-of-their-parent.patch
x86-sme-explicitly-map-new-efi-memmap-table-as-encrypted.patch

queue-5.4/can-m_can-disable-and-ignore-elo-interrupt.patch [new file with mode: 0644]
queue-5.4/can-pch_can-pch_can_rx_normal-fix-use-after-free.patch [new file with mode: 0644]
queue-5.4/clk-qcom-regmap-mux-fix-parent-clock-lookup.patch [new file with mode: 0644]
queue-5.4/drm-syncobj-deal-with-signalled-fences-in-drm_syncobj_find_fence.patch [new file with mode: 0644]
queue-5.4/libata-add-horkage-for-asmedia-1092.patch [new file with mode: 0644]
queue-5.4/nfsd-fix-nsfd-startup-race-again.patch [new file with mode: 0644]
queue-5.4/series
queue-5.4/tracefs-have-new-files-inherit-the-ownership-of-their-parent.patch [new file with mode: 0644]
queue-5.4/x86-sme-explicitly-map-new-efi-memmap-table-as-encrypted.patch [new file with mode: 0644]

diff --git a/queue-5.4/can-m_can-disable-and-ignore-elo-interrupt.patch b/queue-5.4/can-m_can-disable-and-ignore-elo-interrupt.patch
new file mode 100644 (file)
index 0000000..63e2fd2
--- /dev/null
@@ -0,0 +1,63 @@
+From f58ac1adc76b5beda43c64ef359056077df4d93a Mon Sep 17 00:00:00 2001
+From: Brian Silverman <brian.silverman@bluerivertech.com>
+Date: Mon, 29 Nov 2021 14:26:28 -0800
+Subject: can: m_can: Disable and ignore ELO interrupt
+
+From: Brian Silverman <brian.silverman@bluerivertech.com>
+
+commit f58ac1adc76b5beda43c64ef359056077df4d93a upstream.
+
+With the design of this driver, this condition is often triggered.
+However, the counter that this interrupt indicates an overflow is never
+read either, so overflowing is harmless.
+
+On my system, when a CAN bus starts flapping up and down, this locks up
+the whole system with lots of interrupts and printks.
+
+Specifically, this interrupt indicates the CEL field of ECR has
+overflowed. All reads of ECR mask out CEL.
+
+Fixes: e0d1f4816f2a ("can: m_can: add Bosch M_CAN controller support")
+Link: https://lore.kernel.org/all/20211129222628.7490-1-brian.silverman@bluerivertech.com
+Cc: stable@vger.kernel.org
+Signed-off-by: Brian Silverman <brian.silverman@bluerivertech.com>
+Signed-off-by: Marc Kleine-Budde <mkl@pengutronix.de>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ drivers/net/can/m_can/m_can.c |   14 ++++++--------
+ 1 file changed, 6 insertions(+), 8 deletions(-)
+
+--- a/drivers/net/can/m_can/m_can.c
++++ b/drivers/net/can/m_can/m_can.c
+@@ -206,15 +206,15 @@ enum m_can_reg {
+ /* Interrupts for version 3.0.x */
+ #define IR_ERR_LEC_30X        (IR_STE | IR_FOE | IR_ACKE | IR_BE | IR_CRCE)
+-#define IR_ERR_BUS_30X        (IR_ERR_LEC_30X | IR_WDI | IR_ELO | IR_BEU | \
+-                       IR_BEC | IR_TOO | IR_MRAF | IR_TSW | IR_TEFL | \
+-                       IR_RF1L | IR_RF0L)
++#define IR_ERR_BUS_30X        (IR_ERR_LEC_30X | IR_WDI | IR_BEU | IR_BEC | \
++                       IR_TOO | IR_MRAF | IR_TSW | IR_TEFL | IR_RF1L | \
++                       IR_RF0L)
+ #define IR_ERR_ALL_30X        (IR_ERR_STATE | IR_ERR_BUS_30X)
+ /* Interrupts for version >= 3.1.x */
+ #define IR_ERR_LEC_31X        (IR_PED | IR_PEA)
+-#define IR_ERR_BUS_31X      (IR_ERR_LEC_31X | IR_WDI | IR_ELO | IR_BEU | \
+-                       IR_BEC | IR_TOO | IR_MRAF | IR_TSW | IR_TEFL | \
+-                       IR_RF1L | IR_RF0L)
++#define IR_ERR_BUS_31X      (IR_ERR_LEC_31X | IR_WDI | IR_BEU | IR_BEC | \
++                       IR_TOO | IR_MRAF | IR_TSW | IR_TEFL | IR_RF1L | \
++                       IR_RF0L)
+ #define IR_ERR_ALL_31X        (IR_ERR_STATE | IR_ERR_BUS_31X)
+ /* Interrupt Line Select (ILS) */
+@@ -751,8 +751,6 @@ static void m_can_handle_other_err(struc
+ {
+       if (irqstatus & IR_WDI)
+               netdev_err(dev, "Message RAM Watchdog event due to missing READY\n");
+-      if (irqstatus & IR_ELO)
+-              netdev_err(dev, "Error Logging Overflow\n");
+       if (irqstatus & IR_BEU)
+               netdev_err(dev, "Bit Error Uncorrected\n");
+       if (irqstatus & IR_BEC)
diff --git a/queue-5.4/can-pch_can-pch_can_rx_normal-fix-use-after-free.patch b/queue-5.4/can-pch_can-pch_can_rx_normal-fix-use-after-free.patch
new file mode 100644 (file)
index 0000000..2fd4ba9
--- /dev/null
@@ -0,0 +1,41 @@
+From 94cddf1e9227a171b27292509d59691819c458db Mon Sep 17 00:00:00 2001
+From: Vincent Mailhol <mailhol.vincent@wanadoo.fr>
+Date: Tue, 23 Nov 2021 20:16:54 +0900
+Subject: can: pch_can: pch_can_rx_normal: fix use after free
+
+From: Vincent Mailhol <mailhol.vincent@wanadoo.fr>
+
+commit 94cddf1e9227a171b27292509d59691819c458db upstream.
+
+After calling netif_receive_skb(skb), dereferencing skb is unsafe.
+Especially, the can_frame cf which aliases skb memory is dereferenced
+just after the call netif_receive_skb(skb).
+
+Reordering the lines solves the issue.
+
+Fixes: b21d18b51b31 ("can: Topcliff: Add PCH_CAN driver.")
+Link: https://lore.kernel.org/all/20211123111654.621610-1-mailhol.vincent@wanadoo.fr
+Cc: stable@vger.kernel.org
+Signed-off-by: Vincent Mailhol <mailhol.vincent@wanadoo.fr>
+Signed-off-by: Marc Kleine-Budde <mkl@pengutronix.de>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ drivers/net/can/pch_can.c |    2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/drivers/net/can/pch_can.c
++++ b/drivers/net/can/pch_can.c
+@@ -692,11 +692,11 @@ static int pch_can_rx_normal(struct net_
+                       cf->data[i + 1] = data_reg >> 8;
+               }
+-              netif_receive_skb(skb);
+               rcv_pkts++;
+               stats->rx_packets++;
+               quota--;
+               stats->rx_bytes += cf->can_dlc;
++              netif_receive_skb(skb);
+               pch_fifo_thresh(priv, obj_num);
+               obj_num++;
diff --git a/queue-5.4/clk-qcom-regmap-mux-fix-parent-clock-lookup.patch b/queue-5.4/clk-qcom-regmap-mux-fix-parent-clock-lookup.patch
new file mode 100644 (file)
index 0000000..78c05db
--- /dev/null
@@ -0,0 +1,70 @@
+From 9a61f813fcc8d56d85fcf9ca6119cf2b5ac91dd5 Mon Sep 17 00:00:00 2001
+From: Dmitry Baryshkov <dmitry.baryshkov@linaro.org>
+Date: Tue, 16 Nov 2021 02:34:07 +0300
+Subject: clk: qcom: regmap-mux: fix parent clock lookup
+
+From: Dmitry Baryshkov <dmitry.baryshkov@linaro.org>
+
+commit 9a61f813fcc8d56d85fcf9ca6119cf2b5ac91dd5 upstream.
+
+The function mux_get_parent() uses qcom_find_src_index() to find the
+parent clock index, which is incorrect: qcom_find_src_index() uses src
+enum for the lookup, while mux_get_parent() should use cfg field (which
+corresponds to the register value). Add qcom_find_cfg_index() function
+doing this kind of lookup and use it for mux parent lookup.
+
+Fixes: df964016490b ("clk: qcom: add parent map for regmap mux")
+Cc: stable@vger.kernel.org
+Signed-off-by: Dmitry Baryshkov <dmitry.baryshkov@linaro.org>
+Link: https://lore.kernel.org/r/20211115233407.1046179-1-dmitry.baryshkov@linaro.org
+Signed-off-by: Stephen Boyd <sboyd@kernel.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ drivers/clk/qcom/clk-regmap-mux.c |    2 +-
+ drivers/clk/qcom/common.c         |   12 ++++++++++++
+ drivers/clk/qcom/common.h         |    2 ++
+ 3 files changed, 15 insertions(+), 1 deletion(-)
+
+--- a/drivers/clk/qcom/clk-regmap-mux.c
++++ b/drivers/clk/qcom/clk-regmap-mux.c
+@@ -28,7 +28,7 @@ static u8 mux_get_parent(struct clk_hw *
+       val &= mask;
+       if (mux->parent_map)
+-              return qcom_find_src_index(hw, mux->parent_map, val);
++              return qcom_find_cfg_index(hw, mux->parent_map, val);
+       return val;
+ }
+--- a/drivers/clk/qcom/common.c
++++ b/drivers/clk/qcom/common.c
+@@ -69,6 +69,18 @@ int qcom_find_src_index(struct clk_hw *h
+ }
+ EXPORT_SYMBOL_GPL(qcom_find_src_index);
++int qcom_find_cfg_index(struct clk_hw *hw, const struct parent_map *map, u8 cfg)
++{
++      int i, num_parents = clk_hw_get_num_parents(hw);
++
++      for (i = 0; i < num_parents; i++)
++              if (cfg == map[i].cfg)
++                      return i;
++
++      return -ENOENT;
++}
++EXPORT_SYMBOL_GPL(qcom_find_cfg_index);
++
+ struct regmap *
+ qcom_cc_map(struct platform_device *pdev, const struct qcom_cc_desc *desc)
+ {
+--- a/drivers/clk/qcom/common.h
++++ b/drivers/clk/qcom/common.h
+@@ -49,6 +49,8 @@ extern void
+ qcom_pll_set_fsm_mode(struct regmap *m, u32 reg, u8 bias_count, u8 lock_count);
+ extern int qcom_find_src_index(struct clk_hw *hw, const struct parent_map *map,
+                              u8 src);
++extern int qcom_find_cfg_index(struct clk_hw *hw, const struct parent_map *map,
++                             u8 cfg);
+ extern int qcom_cc_register_board_clk(struct device *dev, const char *path,
+                                     const char *name, unsigned long rate);
diff --git a/queue-5.4/drm-syncobj-deal-with-signalled-fences-in-drm_syncobj_find_fence.patch b/queue-5.4/drm-syncobj-deal-with-signalled-fences-in-drm_syncobj_find_fence.patch
new file mode 100644 (file)
index 0000000..268efe0
--- /dev/null
@@ -0,0 +1,59 @@
+From b19926d4f3a660a8b76e5d989ffd1168e619a5c4 Mon Sep 17 00:00:00 2001
+From: Bas Nieuwenhuizen <bas@basnieuwenhuizen.nl>
+Date: Wed, 8 Dec 2021 03:39:35 +0100
+Subject: drm/syncobj: Deal with signalled fences in drm_syncobj_find_fence.
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+From: Bas Nieuwenhuizen <bas@basnieuwenhuizen.nl>
+
+commit b19926d4f3a660a8b76e5d989ffd1168e619a5c4 upstream.
+
+dma_fence_chain_find_seqno only ever returns the top fence in the
+chain or an unsignalled fence. Hence if we request a seqno that
+is already signalled it returns a NULL fence. Some callers are
+not prepared to handle this, like the syncobj transfer functions
+for example.
+
+This behavior is "new" with timeline syncobj and it looks like
+not all callers were updated. To fix this behavior make sure
+that a successful drm_sync_find_fence always returns a non-NULL
+fence.
+
+v2: Move the fix to drm_syncobj_find_fence from the transfer
+    functions.
+
+Fixes: ea569910cbab ("drm/syncobj: add transition iotcls between binary and timeline v2")
+Cc: stable@vger.kernel.org
+Signed-off-by: Bas Nieuwenhuizen <bas@basnieuwenhuizen.nl>
+Reviewed-by: Christian König <christian.koenig@amd.com>
+Acked-by: Lionel Landwerlin <lionel.g.landwerlin@intel.com>
+Signed-off-by: Christian König <christian.koenig@amd.com>
+Link: https://patchwork.freedesktop.org/patch/msgid/20211208023935.17018-1-bas@basnieuwenhuizen.nl
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ drivers/gpu/drm/drm_syncobj.c |   11 ++++++++++-
+ 1 file changed, 10 insertions(+), 1 deletion(-)
+
+--- a/drivers/gpu/drm/drm_syncobj.c
++++ b/drivers/gpu/drm/drm_syncobj.c
+@@ -329,8 +329,17 @@ int drm_syncobj_find_fence(struct drm_fi
+       if (*fence) {
+               ret = dma_fence_chain_find_seqno(fence, point);
+-              if (!ret)
++              if (!ret) {
++                      /* If the requested seqno is already signaled
++                       * drm_syncobj_find_fence may return a NULL
++                       * fence. To make sure the recipient gets
++                       * signalled, use a new fence instead.
++                       */
++                      if (!*fence)
++                              *fence = dma_fence_get_stub();
++
+                       goto out;
++              }
+               dma_fence_put(*fence);
+       } else {
+               ret = -EINVAL;
diff --git a/queue-5.4/libata-add-horkage-for-asmedia-1092.patch b/queue-5.4/libata-add-horkage-for-asmedia-1092.patch
new file mode 100644 (file)
index 0000000..a4ffe6c
--- /dev/null
@@ -0,0 +1,33 @@
+From a66307d473077b7aeba74e9b09c841ab3d399c2d Mon Sep 17 00:00:00 2001
+From: Hannes Reinecke <hare@suse.de>
+Date: Wed, 8 Dec 2021 07:58:53 +0100
+Subject: libata: add horkage for ASMedia 1092
+
+From: Hannes Reinecke <hare@suse.de>
+
+commit a66307d473077b7aeba74e9b09c841ab3d399c2d upstream.
+
+The ASMedia 1092 has a configuration mode which will present a
+dummy device; sadly the implementation falsely claims to provide
+a device with 100M which doesn't actually exist.
+So disable this device to avoid errors during boot.
+
+Cc: stable@vger.kernel.org
+Signed-off-by: Hannes Reinecke <hare@suse.de>
+Signed-off-by: Damien Le Moal <damien.lemoal@opensource.wdc.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ drivers/ata/libata-core.c |    2 ++
+ 1 file changed, 2 insertions(+)
+
+--- a/drivers/ata/libata-core.c
++++ b/drivers/ata/libata-core.c
+@@ -4437,6 +4437,8 @@ static const struct ata_blacklist_entry
+       { "VRFDFC22048UCHC-TE*", NULL,          ATA_HORKAGE_NODMA },
+       /* Odd clown on sil3726/4726 PMPs */
+       { "Config  Disk",       NULL,           ATA_HORKAGE_DISABLE },
++      /* Similar story with ASMedia 1092 */
++      { "ASMT109x- Config",   NULL,           ATA_HORKAGE_DISABLE },
+       /* Weird ATAPI devices */
+       { "TORiSAN DVD-ROM DRD-N216", NULL,     ATA_HORKAGE_MAX_SEC_128 },
diff --git a/queue-5.4/nfsd-fix-nsfd-startup-race-again.patch b/queue-5.4/nfsd-fix-nsfd-startup-race-again.patch
new file mode 100644 (file)
index 0000000..b0ce4de
--- /dev/null
@@ -0,0 +1,109 @@
+From b10252c7ae9c9d7c90552f88b544a44ee773af64 Mon Sep 17 00:00:00 2001
+From: Alexander Sverdlin <alexander.sverdlin@nokia.com>
+Date: Tue, 7 Dec 2021 15:00:39 +0100
+Subject: nfsd: Fix nsfd startup race (again)
+
+From: Alexander Sverdlin <alexander.sverdlin@nokia.com>
+
+commit b10252c7ae9c9d7c90552f88b544a44ee773af64 upstream.
+
+Commit bd5ae9288d64 ("nfsd: register pernet ops last, unregister first")
+has re-opened rpc_pipefs_event() race against nfsd_net_id registration
+(register_pernet_subsys()) which has been fixed by commit bb7ffbf29e76
+("nfsd: fix nsfd startup race triggering BUG_ON").
+
+Restore the order of register_pernet_subsys() vs register_cld_notifier().
+Add WARN_ON() to prevent a future regression.
+
+Crash info:
+Unable to handle kernel NULL pointer dereference at virtual address 0000000000000012
+CPU: 8 PID: 345 Comm: mount Not tainted 5.4.144-... #1
+pc : rpc_pipefs_event+0x54/0x120 [nfsd]
+lr : rpc_pipefs_event+0x48/0x120 [nfsd]
+Call trace:
+ rpc_pipefs_event+0x54/0x120 [nfsd]
+ blocking_notifier_call_chain
+ rpc_fill_super
+ get_tree_keyed
+ rpc_fs_get_tree
+ vfs_get_tree
+ do_mount
+ ksys_mount
+ __arm64_sys_mount
+ el0_svc_handler
+ el0_svc
+
+Fixes: bd5ae9288d64 ("nfsd: register pernet ops last, unregister first")
+Cc: stable@vger.kernel.org
+Signed-off-by: Alexander Sverdlin <alexander.sverdlin@nokia.com>
+Signed-off-by: J. Bruce Fields <bfields@redhat.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ fs/nfsd/nfs4recover.c |    1 +
+ fs/nfsd/nfsctl.c      |   14 +++++++-------
+ 2 files changed, 8 insertions(+), 7 deletions(-)
+
+--- a/fs/nfsd/nfs4recover.c
++++ b/fs/nfsd/nfs4recover.c
+@@ -2177,6 +2177,7 @@ static struct notifier_block nfsd4_cld_b
+ int
+ register_cld_notifier(void)
+ {
++      WARN_ON(!nfsd_net_id);
+       return rpc_pipefs_notifier_register(&nfsd4_cld_block);
+ }
+--- a/fs/nfsd/nfsctl.c
++++ b/fs/nfsd/nfsctl.c
+@@ -1526,12 +1526,9 @@ static int __init init_nfsd(void)
+       int retval;
+       printk(KERN_INFO "Installing knfsd (copyright (C) 1996 okir@monad.swb.de).\n");
+-      retval = register_cld_notifier();
+-      if (retval)
+-              return retval;
+       retval = nfsd4_init_slabs();
+       if (retval)
+-              goto out_unregister_notifier;
++              return retval;
+       retval = nfsd4_init_pnfs();
+       if (retval)
+               goto out_free_slabs;
+@@ -1549,9 +1546,14 @@ static int __init init_nfsd(void)
+               goto out_free_exports;
+       retval = register_pernet_subsys(&nfsd_net_ops);
+       if (retval < 0)
++              goto out_free_filesystem;
++      retval = register_cld_notifier();
++      if (retval)
+               goto out_free_all;
+       return 0;
+ out_free_all:
++      unregister_pernet_subsys(&nfsd_net_ops);
++out_free_filesystem:
+       unregister_filesystem(&nfsd_fs_type);
+ out_free_exports:
+       remove_proc_entry("fs/nfs/exports", NULL);
+@@ -1565,13 +1567,12 @@ out_free_stat:
+       nfsd4_exit_pnfs();
+ out_free_slabs:
+       nfsd4_free_slabs();
+-out_unregister_notifier:
+-      unregister_cld_notifier();
+       return retval;
+ }
+ static void __exit exit_nfsd(void)
+ {
++      unregister_cld_notifier();
+       unregister_pernet_subsys(&nfsd_net_ops);
+       nfsd_drc_slab_free();
+       remove_proc_entry("fs/nfs/exports", NULL);
+@@ -1582,7 +1583,6 @@ static void __exit exit_nfsd(void)
+       nfsd4_exit_pnfs();
+       nfsd_fault_inject_cleanup();
+       unregister_filesystem(&nfsd_fs_type);
+-      unregister_cld_notifier();
+ }
+ MODULE_AUTHOR("Olaf Kirch <okir@monad.swb.de>");
index f4cc6873550d5aa364de21ee1395dd59a1126447..26455740f11f02b48075ab7c42efc9fd1565797e 100644 (file)
@@ -32,3 +32,11 @@ alsa-pcm-oss-limit-the-period-size-to-16mb.patch
 alsa-pcm-oss-handle-missing-errors-in-snd_pcm_oss_change_params.patch
 btrfs-clear-extent-buffer-uptodate-when-we-fail-to-write-it.patch
 btrfs-replace-the-bug_on-in-btrfs_del_root_ref-with-proper-error-handling.patch
+nfsd-fix-nsfd-startup-race-again.patch
+tracefs-have-new-files-inherit-the-ownership-of-their-parent.patch
+clk-qcom-regmap-mux-fix-parent-clock-lookup.patch
+drm-syncobj-deal-with-signalled-fences-in-drm_syncobj_find_fence.patch
+can-pch_can-pch_can_rx_normal-fix-use-after-free.patch
+can-m_can-disable-and-ignore-elo-interrupt.patch
+x86-sme-explicitly-map-new-efi-memmap-table-as-encrypted.patch
+libata-add-horkage-for-asmedia-1092.patch
diff --git a/queue-5.4/tracefs-have-new-files-inherit-the-ownership-of-their-parent.patch b/queue-5.4/tracefs-have-new-files-inherit-the-ownership-of-their-parent.patch
new file mode 100644 (file)
index 0000000..142fbae
--- /dev/null
@@ -0,0 +1,53 @@
+From ee7f3666995d8537dec17b1d35425f28877671a9 Mon Sep 17 00:00:00 2001
+From: "Steven Rostedt (VMware)" <rostedt@goodmis.org>
+Date: Wed, 8 Dec 2021 07:57:20 -0500
+Subject: tracefs: Have new files inherit the ownership of their parent
+
+From: Steven Rostedt (VMware) <rostedt@goodmis.org>
+
+commit ee7f3666995d8537dec17b1d35425f28877671a9 upstream.
+
+If directories in tracefs have their ownership changed, then any new files
+and directories that are created under those directories should inherit
+the ownership of the director they are created in.
+
+Link: https://lkml.kernel.org/r/20211208075720.4855d180@gandalf.local.home
+
+Cc: Kees Cook <keescook@chromium.org>
+Cc: Ingo Molnar <mingo@kernel.org>
+Cc: Andrew Morton <akpm@linux-foundation.org>
+Cc: Linus Torvalds <torvalds@linux-foundation.org>
+Cc: Al Viro <viro@zeniv.linux.org.uk>
+Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+Cc: Yabin Cui <yabinc@google.com>
+Cc: Christian Brauner <christian.brauner@ubuntu.com>
+Cc: stable@vger.kernel.org
+Fixes: 4282d60689d4f ("tracefs: Add new tracefs file system")
+Reported-by: Kalesh Singh <kaleshsingh@google.com>
+Reported: https://lore.kernel.org/all/CAC_TJve8MMAv+H_NdLSJXZUSoxOEq2zB_pVaJ9p=7H6Bu3X76g@mail.gmail.com/
+Signed-off-by: Steven Rostedt (VMware) <rostedt@goodmis.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ fs/tracefs/inode.c |    4 ++++
+ 1 file changed, 4 insertions(+)
+
+--- a/fs/tracefs/inode.c
++++ b/fs/tracefs/inode.c
+@@ -409,6 +409,8 @@ struct dentry *tracefs_create_file(const
+       inode->i_mode = mode;
+       inode->i_fop = fops ? fops : &tracefs_file_operations;
+       inode->i_private = data;
++      inode->i_uid = d_inode(dentry->d_parent)->i_uid;
++      inode->i_gid = d_inode(dentry->d_parent)->i_gid;
+       d_instantiate(dentry, inode);
+       fsnotify_create(dentry->d_parent->d_inode, dentry);
+       return end_creating(dentry);
+@@ -431,6 +433,8 @@ static struct dentry *__create_dir(const
+       inode->i_mode = S_IFDIR | S_IRWXU | S_IRUSR| S_IRGRP | S_IXUSR | S_IXGRP;
+       inode->i_op = ops;
+       inode->i_fop = &simple_dir_operations;
++      inode->i_uid = d_inode(dentry->d_parent)->i_uid;
++      inode->i_gid = d_inode(dentry->d_parent)->i_gid;
+       /* directory inodes start off with i_nlink == 2 (for "." entry) */
+       inc_nlink(inode);
diff --git a/queue-5.4/x86-sme-explicitly-map-new-efi-memmap-table-as-encrypted.patch b/queue-5.4/x86-sme-explicitly-map-new-efi-memmap-table-as-encrypted.patch
new file mode 100644 (file)
index 0000000..61c8af0
--- /dev/null
@@ -0,0 +1,60 @@
+From 1ff2fc02862d52e18fd3daabcfe840ec27e920a8 Mon Sep 17 00:00:00 2001
+From: Tom Lendacky <thomas.lendacky@amd.com>
+Date: Wed, 20 Oct 2021 13:02:11 -0500
+Subject: x86/sme: Explicitly map new EFI memmap table as encrypted
+
+From: Tom Lendacky <thomas.lendacky@amd.com>
+
+commit 1ff2fc02862d52e18fd3daabcfe840ec27e920a8 upstream.
+
+Reserving memory using efi_mem_reserve() calls into the x86
+efi_arch_mem_reserve() function. This function will insert a new EFI
+memory descriptor into the EFI memory map representing the area of
+memory to be reserved and marking it as EFI runtime memory. As part
+of adding this new entry, a new EFI memory map is allocated and mapped.
+The mapping is where a problem can occur. This new memory map is mapped
+using early_memremap() and generally mapped encrypted, unless the new
+memory for the mapping happens to come from an area of memory that is
+marked as EFI_BOOT_SERVICES_DATA memory. In this case, the new memory will
+be mapped unencrypted. However, during replacement of the old memory map,
+efi_mem_type() is disabled, so the new memory map will now be long-term
+mapped encrypted (in efi.memmap), resulting in the map containing invalid
+data and causing the kernel boot to crash.
+
+Since it is known that the area will be mapped encrypted going forward,
+explicitly map the new memory map as encrypted using early_memremap_prot().
+
+Cc: <stable@vger.kernel.org> # 4.14.x
+Fixes: 8f716c9b5feb ("x86/mm: Add support to access boot related data in the clear")
+Link: https://lore.kernel.org/all/ebf1eb2940405438a09d51d121ec0d02c8755558.1634752931.git.thomas.lendacky@amd.com/
+Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
+[ardb: incorporate Kconfig fix by Arnd]
+Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ arch/x86/Kconfig               |    1 +
+ arch/x86/platform/efi/quirks.c |    3 ++-
+ 2 files changed, 3 insertions(+), 1 deletion(-)
+
+--- a/arch/x86/Kconfig
++++ b/arch/x86/Kconfig
+@@ -1990,6 +1990,7 @@ config EFI
+       depends on ACPI
+       select UCS2_STRING
+       select EFI_RUNTIME_WRAPPERS
++      select ARCH_USE_MEMREMAP_PROT
+       ---help---
+         This enables the kernel to use EFI runtime services that are
+         available (such as the EFI variable services).
+--- a/arch/x86/platform/efi/quirks.c
++++ b/arch/x86/platform/efi/quirks.c
+@@ -279,7 +279,8 @@ void __init efi_arch_mem_reserve(phys_ad
+               return;
+       }
+-      new = early_memremap(new_phys, new_size);
++      new = early_memremap_prot(new_phys, new_size,
++                                pgprot_val(pgprot_encrypted(FIXMAP_PAGE_NORMAL)));
+       if (!new) {
+               pr_err("Failed to map new boot services memmap\n");
+               return;