]> git.ipfire.org Git - thirdparty/kernel/stable-queue.git/commitdiff
drop a 4.14 and 4.19 patch that were breaking the build
authorGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Wed, 30 Aug 2023 12:35:52 +0000 (14:35 +0200)
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Wed, 30 Aug 2023 12:35:52 +0000 (14:35 +0200)
queue-4.14/powerpc-rtas_flash-allow-user-copy-to-flash-block-cache-objects.patch [deleted file]
queue-4.14/series
queue-4.19/bus-ti-sysc-flush-posted-write-on-enable-before-reset.patch [deleted file]
queue-4.19/series

diff --git a/queue-4.14/powerpc-rtas_flash-allow-user-copy-to-flash-block-cache-objects.patch b/queue-4.14/powerpc-rtas_flash-allow-user-copy-to-flash-block-cache-objects.patch
deleted file mode 100644 (file)
index 71f2689..0000000
+++ /dev/null
@@ -1,68 +0,0 @@
-From 4f3175979e62de3b929bfa54a0db4b87d36257a7 Mon Sep 17 00:00:00 2001
-From: Nathan Lynch <nathanl@linux.ibm.com>
-Date: Thu, 10 Aug 2023 22:37:55 -0500
-Subject: powerpc/rtas_flash: allow user copy to flash block cache objects
-
-From: Nathan Lynch <nathanl@linux.ibm.com>
-
-commit 4f3175979e62de3b929bfa54a0db4b87d36257a7 upstream.
-
-With hardened usercopy enabled (CONFIG_HARDENED_USERCOPY=y), using the
-/proc/powerpc/rtas/firmware_update interface to prepare a system
-firmware update yields a BUG():
-
-  kernel BUG at mm/usercopy.c:102!
-  Oops: Exception in kernel mode, sig: 5 [#1]
-  LE PAGE_SIZE=64K MMU=Hash SMP NR_CPUS=2048 NUMA pSeries
-  Modules linked in:
-  CPU: 0 PID: 2232 Comm: dd Not tainted 6.5.0-rc3+ #2
-  Hardware name: IBM,8408-E8E POWER8E (raw) 0x4b0201 0xf000004 of:IBM,FW860.50 (SV860_146) hv:phyp pSeries
-  NIP:  c0000000005991d0 LR: c0000000005991cc CTR: 0000000000000000
-  REGS: c0000000148c76a0 TRAP: 0700   Not tainted  (6.5.0-rc3+)
-  MSR:  8000000000029033 <SF,EE,ME,IR,DR,RI,LE>  CR: 24002242  XER: 0000000c
-  CFAR: c0000000001fbd34 IRQMASK: 0
-  [ ... GPRs omitted ... ]
-  NIP usercopy_abort+0xa0/0xb0
-  LR  usercopy_abort+0x9c/0xb0
-  Call Trace:
-    usercopy_abort+0x9c/0xb0 (unreliable)
-    __check_heap_object+0x1b4/0x1d0
-    __check_object_size+0x2d0/0x380
-    rtas_flash_write+0xe4/0x250
-    proc_reg_write+0xfc/0x160
-    vfs_write+0xfc/0x4e0
-    ksys_write+0x90/0x160
-    system_call_exception+0x178/0x320
-    system_call_common+0x160/0x2c4
-
-The blocks of the firmware image are copied directly from user memory
-to objects allocated from flash_block_cache, so flash_block_cache must
-be created using kmem_cache_create_usercopy() to mark it safe for user
-access.
-
-Fixes: 6d07d1cd300f ("usercopy: Restrict non-usercopy caches to size 0")
-Signed-off-by: Nathan Lynch <nathanl@linux.ibm.com>
-Reviewed-by: Kees Cook <keescook@chromium.org>
-[mpe: Trim and indent oops]
-Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
-Link: https://msgid.link/20230810-rtas-flash-vs-hardened-usercopy-v2-1-dcf63793a938@linux.ibm.com
-Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
----
- arch/powerpc/kernel/rtas_flash.c |    6 +++---
- 1 file changed, 3 insertions(+), 3 deletions(-)
-
---- a/arch/powerpc/kernel/rtas_flash.c
-+++ b/arch/powerpc/kernel/rtas_flash.c
-@@ -714,9 +714,9 @@ static int __init rtas_flash_init(void)
-       if (!rtas_validate_flash_data.buf)
-               return -ENOMEM;
--      flash_block_cache = kmem_cache_create("rtas_flash_cache",
--                                            RTAS_BLK_SIZE, RTAS_BLK_SIZE, 0,
--                                            NULL);
-+      flash_block_cache = kmem_cache_create_usercopy("rtas_flash_cache",
-+                                                     RTAS_BLK_SIZE, RTAS_BLK_SIZE,
-+                                                     0, 0, RTAS_BLK_SIZE, NULL);
-       if (!flash_block_cache) {
-               printk(KERN_ERR "%s: failed to create block cache\n",
-                               __func__);
index 5a8c1cdca87cecd4212ab35300bac04863c93e99..4dbd926597be86d8ff32aaa1b1063a4700668099 100644 (file)
@@ -15,7 +15,6 @@ pcmcia-rsrc_nonstatic-fix-memory-leak-in-nonstatic_r.patch
 bluetooth-l2cap-fix-use-after-free.patch
 drm-amdgpu-fix-potential-fence-use-after-free-v2.patch
 fbdev-mmp-fix-value-check-in-mmphw_probe.patch
-powerpc-rtas_flash-allow-user-copy-to-flash-block-cache-objects.patch
 net-xfrm-fix-xfrm_address_filter-oob-read.patch
 net-af_key-fix-sadb_x_filter-validation.patch
 ip6_vti-fix-slab-use-after-free-in-decode_session6.patch
diff --git a/queue-4.19/bus-ti-sysc-flush-posted-write-on-enable-before-reset.patch b/queue-4.19/bus-ti-sysc-flush-posted-write-on-enable-before-reset.patch
deleted file mode 100644 (file)
index 0cdfb9e..0000000
+++ /dev/null
@@ -1,43 +0,0 @@
-From 34539b442b3bc7d5bf10164750302b60b91f18a7 Mon Sep 17 00:00:00 2001
-From: Tony Lindgren <tony@atomide.com>
-Date: Wed, 14 Jun 2023 10:18:23 +0300
-Subject: bus: ti-sysc: Flush posted write on enable before reset
-
-From: Tony Lindgren <tony@atomide.com>
-
-commit 34539b442b3bc7d5bf10164750302b60b91f18a7 upstream.
-
-The am335x devices started producing boot errors for resetting musb module
-in because of subtle timing changes:
-
-Unhandled fault: external abort on non-linefetch (0x1008)
-...
-sysc_poll_reset_sysconfig from sysc_reset+0x109/0x12
-sysc_reset from sysc_probe+0xa99/0xeb0
-...
-
-The fix is to flush posted write after enable before reset during
-probe. Note that some devices also need to specify the delay after enable
-with ti,sysc-delay-us, but this is not needed for musb on am335x based on
-my tests.
-
-Reported-by: kernelci.org bot <bot@kernelci.org>
-Closes: https://storage.kernelci.org/next/master/next-20230614/arm/multi_v7_defconfig+CONFIG_THUMB2_KERNEL=y/gcc-10/lab-cip/baseline-beaglebone-black.html
-Fixes: 596e7955692b ("bus: ti-sysc: Add support for software reset")
-Signed-off-by: Tony Lindgren <tony@atomide.com>
-Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
----
- drivers/bus/ti-sysc.c |    2 ++
- 1 file changed, 2 insertions(+)
-
---- a/drivers/bus/ti-sysc.c
-+++ b/drivers/bus/ti-sysc.c
-@@ -978,6 +978,8 @@ static int sysc_reset(struct sysc *ddata
-       val = sysc_read(ddata, offset);
-       val |= (0x1 << ddata->cap->regbits->srst_shift);
-       sysc_write(ddata, offset, val);
-+      /* Flush posted write */
-+      val = sysc_read_sysconfig(ddata);
-       /* Poll on reset status */
-       offset = ddata->offsets[SYSC_SYSSTATUS];
index 4d29c652f608ffce721d09a483b0da3172477199..ec069ad39335dc94e4b7e8f56f5e9f6eb4fe9834 100644 (file)
@@ -72,7 +72,6 @@ test_firmware-prevent-race-conditions-by-a-correct-implementation-of-locking.pat
 netfilter-set-default-timeout-to-3-secs-for-sctp-shutdown-send-and-recv-state.patch
 af_unix-fix-null-ptr-deref-in-unix_stream_sendpage.patch
 virtio-net-set-queues-after-driver_ok.patch
-bus-ti-sysc-flush-posted-write-on-enable-before-reset.patch
 net-fix-the-rto-timer-retransmitting-skb-every-1ms-if-linear-option-is-enabled.patch
 net-xfrm-amend-xfrma_sec_ctx-nla_policy-structure.patch
 net-phy-broadcom-stub-c45-read-write-for-54810.patch