--- /dev/null
+From d176708ffc20332d1c730098d2b111e0b77ece82 Mon Sep 17 00:00:00 2001
+From: Hans de Goede <hdegoede@redhat.com>
+Date: Mon, 28 Feb 2022 22:52:31 -0800
+Subject: Input: goodix - use the new soc_intel_is_byt() helper
+
+From: Hans de Goede <hdegoede@redhat.com>
+
+commit d176708ffc20332d1c730098d2b111e0b77ece82 upstream.
+
+Use the new soc_intel_is_byt() helper from linux/platform_data/x86/soc.h.
+
+Signed-off-by: Hans de Goede <hdegoede@redhat.com>
+Link: https://lore.kernel.org/r/20220131143539.109142-5-hdegoede@redhat.com
+Signed-off-by: Dmitry Torokhov <dmitry.torokhov@gmail.com>
+Signed-off-by: Ricardo Neri <ricardo.neri-calderon@linux.intel.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ drivers/input/touchscreen/goodix.c | 18 ++----------------
+ 1 file changed, 2 insertions(+), 16 deletions(-)
+
+--- a/drivers/input/touchscreen/goodix.c
++++ b/drivers/input/touchscreen/goodix.c
+@@ -18,6 +18,7 @@
+ #include <linux/delay.h>
+ #include <linux/irq.h>
+ #include <linux/interrupt.h>
++#include <linux/platform_data/x86/soc.h>
+ #include <linux/slab.h>
+ #include <linux/acpi.h>
+ #include <linux/of.h>
+@@ -684,21 +685,6 @@ static int goodix_reset(struct goodix_ts
+ }
+
+ #ifdef ACPI_GPIO_SUPPORT
+-#include <asm/cpu_device_id.h>
+-#include <asm/intel-family.h>
+-
+-static const struct x86_cpu_id baytrail_cpu_ids[] = {
+- { X86_VENDOR_INTEL, 6, INTEL_FAM6_ATOM_SILVERMONT, X86_FEATURE_ANY, },
+- {}
+-};
+-
+-static inline bool is_byt(void)
+-{
+- const struct x86_cpu_id *id = x86_match_cpu(baytrail_cpu_ids);
+-
+- return !!id;
+-}
+-
+ static const struct acpi_gpio_params first_gpio = { 0, 0, false };
+ static const struct acpi_gpio_params second_gpio = { 1, 0, false };
+
+@@ -782,7 +768,7 @@ static int goodix_add_acpi_gpio_mappings
+ dev_info(dev, "Using ACPI INTI and INTO methods for IRQ pin access\n");
+ ts->irq_pin_access_method = IRQ_PIN_ACCESS_ACPI_METHOD;
+ gpio_mapping = acpi_goodix_reset_only_gpios;
+- } else if (is_byt() && ts->gpio_count == 2 && ts->gpio_int_idx == -1) {
++ } else if (soc_intel_is_byt() && ts->gpio_count == 2 && ts->gpio_int_idx == -1) {
+ dev_info(dev, "No ACPI GpioInt resource, assuming that the GPIO order is reset, int\n");
+ ts->irq_pin_access_method = IRQ_PIN_ACCESS_ACPI_GPIO;
+ gpio_mapping = acpi_goodix_int_last_gpios;
--- /dev/null
+From d05b5e0baf424c8c4b4709ac11f66ab726c8deaf Mon Sep 17 00:00:00 2001
+From: Sumeet Pawnikar <sumeet.r.pawnikar@intel.com>
+Date: Thu, 8 Jun 2023 08:00:06 +0530
+Subject: powercap: RAPL: fix invalid initialization for pl4_supported field
+
+From: Sumeet Pawnikar <sumeet.r.pawnikar@intel.com>
+
+commit d05b5e0baf424c8c4b4709ac11f66ab726c8deaf upstream.
+
+The current initialization of the struct x86_cpu_id via
+pl4_support_ids[] is partial and wrong. It is initializing
+"stepping" field with "X86_FEATURE_ANY" instead of "feature" field.
+
+Use X86_MATCH_INTEL_FAM6_MODEL macro instead of initializing
+each field of the struct x86_cpu_id for pl4_supported list of CPUs.
+This X86_MATCH_INTEL_FAM6_MODEL macro internally uses another macro
+X86_MATCH_VENDOR_FAM_MODEL_FEATURE for X86 based CPU matching with
+appropriate initialized values.
+
+Reported-by: Dave Hansen <dave.hansen@intel.com>
+Link: https://lore.kernel.org/lkml/28ead36b-2d9e-1a36-6f4e-04684e420260@intel.com
+Fixes: eb52bc2ae5b8 ("powercap: RAPL: Add Power Limit4 support for Meteor Lake SoC")
+Fixes: b08b95cf30f5 ("powercap: RAPL: Add Power Limit4 support for Alder Lake-N and Raptor Lake-P")
+Fixes: 515755906921 ("powercap: RAPL: Add Power Limit4 support for RaptorLake")
+Fixes: 1cc5b9a411e4 ("powercap: Add Power Limit4 support for Alder Lake SoC")
+Fixes: 8365a898fe53 ("powercap: Add Power Limit4 support")
+Signed-off-by: Sumeet Pawnikar <sumeet.r.pawnikar@intel.com>
+Signed-off-by: Rafael J. Wysocki <rafael.j.wysocki@intel.com>
+[ Ricardo: I only kept TIGERLAKE, ALDERLAKE, and ALDERLAKE_L in
+ pl4_support_ids as only these models are enumerated before this
+ changeset. ]
+Signed-off-by: Ricardo Neri <ricardo.neri-calderon@linux.intel.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ drivers/powercap/intel_rapl_msr.c | 6 +++---
+ 1 file changed, 3 insertions(+), 3 deletions(-)
+
+--- a/drivers/powercap/intel_rapl_msr.c
++++ b/drivers/powercap/intel_rapl_msr.c
+@@ -136,9 +136,9 @@ static int rapl_msr_write_raw(int cpu, s
+
+ /* List of verified CPUs. */
+ static const struct x86_cpu_id pl4_support_ids[] = {
+- { X86_VENDOR_INTEL, 6, INTEL_FAM6_TIGERLAKE_L, X86_FEATURE_ANY },
+- { X86_VENDOR_INTEL, 6, INTEL_FAM6_ALDERLAKE, X86_FEATURE_ANY },
+- { X86_VENDOR_INTEL, 6, INTEL_FAM6_ALDERLAKE_L, X86_FEATURE_ANY },
++ X86_MATCH_INTEL_FAM6_MODEL(TIGERLAKE_L, NULL),
++ X86_MATCH_INTEL_FAM6_MODEL(ALDERLAKE, NULL),
++ X86_MATCH_INTEL_FAM6_MODEL(ALDERLAKE_L, NULL),
+ {}
+ };
+
--- /dev/null
+From 76a0e79bc84f466999fa501fce5bf7a07641b8a7 Mon Sep 17 00:00:00 2001
+From: Scott Mayhew <smayhew@redhat.com>
+Date: Wed, 28 Aug 2024 15:51:29 -0400
+Subject: selinux,smack: don't bypass permissions check in inode_setsecctx hook
+
+From: Scott Mayhew <smayhew@redhat.com>
+
+commit 76a0e79bc84f466999fa501fce5bf7a07641b8a7 upstream.
+
+Marek Gresko reports that the root user on an NFS client is able to
+change the security labels on files on an NFS filesystem that is
+exported with root squashing enabled.
+
+The end of the kerneldoc comment for __vfs_setxattr_noperm() states:
+
+ * This function requires the caller to lock the inode's i_mutex before it
+ * is executed. It also assumes that the caller will make the appropriate
+ * permission checks.
+
+nfsd_setattr() does do permissions checking via fh_verify() and
+nfsd_permission(), but those don't do all the same permissions checks
+that are done by security_inode_setxattr() and its related LSM hooks do.
+
+Since nfsd_setattr() is the only consumer of security_inode_setsecctx(),
+simplest solution appears to be to replace the call to
+__vfs_setxattr_noperm() with a call to __vfs_setxattr_locked(). This
+fixes the above issue and has the added benefit of causing nfsd to
+recall conflicting delegations on a file when a client tries to change
+its security label.
+
+Cc: stable@kernel.org
+Reported-by: Marek Gresko <marek.gresko@protonmail.com>
+Link: https://bugzilla.kernel.org/show_bug.cgi?id=218809
+Signed-off-by: Scott Mayhew <smayhew@redhat.com>
+Tested-by: Stephen Smalley <stephen.smalley.work@gmail.com>
+Reviewed-by: Stephen Smalley <stephen.smalley.work@gmail.com>
+Reviewed-by: Chuck Lever <chuck.lever@oracle.com>
+Reviewed-by: Jeff Layton <jlayton@kernel.org>
+Acked-by: Casey Schaufler <casey@schaufler-ca.com>
+Signed-off-by: Paul Moore <paul@paul-moore.com>
+[Shivani: Modified to apply on v5.15.y-v6.1.y]
+Signed-off-by: Shivani Agarwal <shivani.agarwal@broadcom.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ security/selinux/hooks.c | 4 ++--
+ security/smack/smack_lsm.c | 4 ++--
+ 2 files changed, 4 insertions(+), 4 deletions(-)
+
+--- a/security/selinux/hooks.c
++++ b/security/selinux/hooks.c
+@@ -6727,8 +6727,8 @@ static int selinux_inode_notifysecctx(st
+ */
+ static int selinux_inode_setsecctx(struct dentry *dentry, void *ctx, u32 ctxlen)
+ {
+- return __vfs_setxattr_noperm(&init_user_ns, dentry, XATTR_NAME_SELINUX,
+- ctx, ctxlen, 0);
++ return __vfs_setxattr_locked(&init_user_ns, dentry, XATTR_NAME_SELINUX,
++ ctx, ctxlen, 0, NULL);
+ }
+
+ static int selinux_inode_getsecctx(struct inode *inode, void **ctx, u32 *ctxlen)
+--- a/security/smack/smack_lsm.c
++++ b/security/smack/smack_lsm.c
+@@ -4649,8 +4649,8 @@ static int smack_inode_notifysecctx(stru
+
+ static int smack_inode_setsecctx(struct dentry *dentry, void *ctx, u32 ctxlen)
+ {
+- return __vfs_setxattr_noperm(&init_user_ns, dentry, XATTR_NAME_SMACK,
+- ctx, ctxlen, 0);
++ return __vfs_setxattr_locked(&init_user_ns, dentry, XATTR_NAME_SMACK,
++ ctx, ctxlen, 0, NULL);
+ }
+
+ static int smack_inode_getsecctx(struct inode *inode, void **ctx, u32 *ctxlen)
xen-introduce-generic-helper-checking-for-memory-map.patch
xen-move-max_pfn-in-xen_memory_setup-out-of-function.patch
xen-add-capability-to-remap-non-ram-pages-to-differe.patch
-xen-tolerate-acpi-nvs-memory-overlapping-with-xen-al.patch
selftests-vdso-fix-elf-hash-table-entry-size-for-s39.patch
selftests-vdso-fix-vdso_config-for-s390.patch
xen-swiotlb-add-alignment-check-for-dma-buffers.patch
netfilter-nf_tables-keep-deleted-flowtable-hooks-unt.patch
netfilter-ctnetlink-compile-ctnetlink_label_size-wit.patch
drm-amd-display-fix-synaptics-cascaded-panamera-dsc-determination.patch
+input-goodix-use-the-new-soc_intel_is_byt-helper.patch
+powercap-rapl-fix-invalid-initialization-for-pl4_supported-field.patch
+x86-mm-switch-to-new-intel-cpu-model-defines.patch
+vfio-pci-fix-potential-memory-leak-in-vfio_intx_enable.patch
+selinux-smack-don-t-bypass-permissions-check-in-inode_setsecctx-hook.patch
--- /dev/null
+From 82b951e6fbd31d85ae7f4feb5f00ddd4c5d256e2 Mon Sep 17 00:00:00 2001
+From: Ye Bin <yebin10@huawei.com>
+Date: Mon, 15 Apr 2024 09:50:29 +0800
+Subject: vfio/pci: fix potential memory leak in vfio_intx_enable()
+
+From: Ye Bin <yebin10@huawei.com>
+
+commit 82b951e6fbd31d85ae7f4feb5f00ddd4c5d256e2 upstream.
+
+If vfio_irq_ctx_alloc() failed will lead to 'name' memory leak.
+
+Fixes: 18c198c96a81 ("vfio/pci: Create persistent INTx handler")
+Signed-off-by: Ye Bin <yebin10@huawei.com>
+Reviewed-by: Kevin Tian <kevin.tian@intel.com>
+Acked-by: Reinette Chatre <reinette.chatre@intel.com>
+Link: https://lore.kernel.org/r/20240415015029.3699844-1-yebin10@huawei.com
+Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
+Signed-off-by: Oleksandr Tymoshenko <ovt@google.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ drivers/vfio/pci/vfio_pci_intrs.c | 4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+
+--- a/drivers/vfio/pci/vfio_pci_intrs.c
++++ b/drivers/vfio/pci/vfio_pci_intrs.c
+@@ -181,8 +181,10 @@ static int vfio_intx_enable(struct vfio_
+ return -ENOMEM;
+
+ vdev->ctx = kzalloc(sizeof(struct vfio_pci_irq_ctx), GFP_KERNEL);
+- if (!vdev->ctx)
++ if (!vdev->ctx) {
++ kfree(name);
+ return -ENOMEM;
++ }
+
+ vdev->num_ctx = 1;
+
--- /dev/null
+From 2eda374e883ad297bd9fe575a16c1dc850346075 Mon Sep 17 00:00:00 2001
+From: Tony Luck <tony.luck@intel.com>
+Date: Wed, 24 Apr 2024 11:15:18 -0700
+Subject: x86/mm: Switch to new Intel CPU model defines
+
+From: Tony Luck <tony.luck@intel.com>
+
+commit 2eda374e883ad297bd9fe575a16c1dc850346075 upstream.
+
+New CPU #defines encode vendor and family as well as model.
+
+[ dhansen: vertically align 0's in invlpg_miss_ids[] ]
+
+Signed-off-by: Tony Luck <tony.luck@intel.com>
+Signed-off-by: Dave Hansen <dave.hansen@linux.intel.com>
+Signed-off-by: Borislav Petkov (AMD) <bp@alien8.de>
+Link: https://lore.kernel.org/all/20240424181518.41946-1-tony.luck%40intel.com
+[ Ricardo: I used the old match macro X86_MATCH_INTEL_FAM6_MODEL()
+ instead of X86_MATCH_VFM() as in the upstream commit.
+ I also kept the ALDERLAKE_N name instead of ATOM_GRACEMONT. Both refer
+ to the same CPU model. ]
+Signed-off-by: Ricardo Neri <ricardo.neri-calderon@linux.intel.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ arch/x86/mm/init.c | 16 ++++++----------
+ 1 file changed, 6 insertions(+), 10 deletions(-)
+
+--- a/arch/x86/mm/init.c
++++ b/arch/x86/mm/init.c
+@@ -263,21 +263,17 @@ static void __init probe_page_size_mask(
+ }
+ }
+
+-#define INTEL_MATCH(_model) { .vendor = X86_VENDOR_INTEL, \
+- .family = 6, \
+- .model = _model, \
+- }
+ /*
+ * INVLPG may not properly flush Global entries
+ * on these CPUs when PCIDs are enabled.
+ */
+ static const struct x86_cpu_id invlpg_miss_ids[] = {
+- INTEL_MATCH(INTEL_FAM6_ALDERLAKE ),
+- INTEL_MATCH(INTEL_FAM6_ALDERLAKE_L ),
+- INTEL_MATCH(INTEL_FAM6_ALDERLAKE_N ),
+- INTEL_MATCH(INTEL_FAM6_RAPTORLAKE ),
+- INTEL_MATCH(INTEL_FAM6_RAPTORLAKE_P),
+- INTEL_MATCH(INTEL_FAM6_RAPTORLAKE_S),
++ X86_MATCH_INTEL_FAM6_MODEL(ALDERLAKE, 0),
++ X86_MATCH_INTEL_FAM6_MODEL(ALDERLAKE_L, 0),
++ X86_MATCH_INTEL_FAM6_MODEL(ALDERLAKE_N, 0),
++ X86_MATCH_INTEL_FAM6_MODEL(RAPTORLAKE, 0),
++ X86_MATCH_INTEL_FAM6_MODEL(RAPTORLAKE_P, 0),
++ X86_MATCH_INTEL_FAM6_MODEL(RAPTORLAKE_S, 0),
+ {}
+ };
+
+++ /dev/null
-From b9991477d70059e93a1f1819586a77aaf509149b Mon Sep 17 00:00:00 2001
-From: Sasha Levin <sashal@kernel.org>
-Date: Fri, 2 Aug 2024 20:14:22 +0200
-Subject: xen: tolerate ACPI NVS memory overlapping with Xen allocated memory
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-From: Juergen Gross <jgross@suse.com>
-
-[ Upstream commit be35d91c8880650404f3bf813573222dfb106935 ]
-
-In order to minimize required special handling for running as Xen PV
-dom0, the memory layout is modified to match that of the host. This
-requires to have only RAM at the locations where Xen allocated memory
-is living. Unfortunately there seem to be some machines, where ACPI
-NVS is located at 64 MB, resulting in a conflict with the loaded
-kernel or the initial page tables built by Xen.
-
-Avoid this conflict by swapping the ACPI NVS area in the memory map
-with unused RAM. This is possible via modification of the dom0 P2M map.
-Accesses to the ACPI NVS area are done either for saving and restoring
-it across suspend operations (this will work the same way as before),
-or by ACPI code when NVS memory is referenced from other ACPI tables.
-The latter case is handled by a Xen specific indirection of
-acpi_os_ioremap().
-
-While the E820 map can (and should) be modified right away, the P2M
-map can be updated only after memory allocation is working, as the P2M
-map might need to be extended.
-
-Fixes: 808fdb71936c ("xen: check for kernel memory conflicting with memory layout")
-Signed-off-by: Juergen Gross <jgross@suse.com>
-Tested-by: Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com>
-Reviewed-by: Jan Beulich <jbeulich@suse.com>
-Signed-off-by: Juergen Gross <jgross@suse.com>
-Signed-off-by: Sasha Levin <sashal@kernel.org>
----
- arch/x86/xen/setup.c | 92 +++++++++++++++++++++++++++++++++++++++++++-
- 1 file changed, 91 insertions(+), 1 deletion(-)
-
-diff --git a/arch/x86/xen/setup.c b/arch/x86/xen/setup.c
-index ffe2b3918cbb2..5126b5b79383b 100644
---- a/arch/x86/xen/setup.c
-+++ b/arch/x86/xen/setup.c
-@@ -539,6 +539,8 @@ void __init xen_remap_memory(void)
- set_pte_mfn(buf, mfn_save, PAGE_KERNEL);
-
- pr_info("Remapped %ld page(s)\n", remapped);
-+
-+ xen_do_remap_nonram();
- }
-
- static unsigned long __init xen_get_pages_limit(void)
-@@ -669,14 +671,102 @@ phys_addr_t __init xen_find_free_area(phys_addr_t size)
- return 0;
- }
-
-+/*
-+ * Swap a non-RAM E820 map entry with RAM above ini_nr_pages.
-+ * Note that the E820 map is modified accordingly, but the P2M map isn't yet.
-+ * The adaption of the P2M must be deferred until page allocation is possible.
-+ */
-+static void __init xen_e820_swap_entry_with_ram(struct e820_entry *swap_entry)
-+{
-+ struct e820_entry *entry;
-+ unsigned int mapcnt;
-+ phys_addr_t mem_end = PFN_PHYS(ini_nr_pages);
-+ phys_addr_t swap_addr, swap_size, entry_end;
-+
-+ swap_addr = PAGE_ALIGN_DOWN(swap_entry->addr);
-+ swap_size = PAGE_ALIGN(swap_entry->addr - swap_addr + swap_entry->size);
-+ entry = xen_e820_table.entries;
-+
-+ for (mapcnt = 0; mapcnt < xen_e820_table.nr_entries; mapcnt++) {
-+ entry_end = entry->addr + entry->size;
-+ if (entry->type == E820_TYPE_RAM && entry->size >= swap_size &&
-+ entry_end - swap_size >= mem_end) {
-+ /* Reduce RAM entry by needed space (whole pages). */
-+ entry->size -= swap_size;
-+
-+ /* Add new entry at the end of E820 map. */
-+ entry = xen_e820_table.entries +
-+ xen_e820_table.nr_entries;
-+ xen_e820_table.nr_entries++;
-+
-+ /* Fill new entry (keep size and page offset). */
-+ entry->type = swap_entry->type;
-+ entry->addr = entry_end - swap_size +
-+ swap_addr - swap_entry->addr;
-+ entry->size = swap_entry->size;
-+
-+ /* Convert old entry to RAM, align to pages. */
-+ swap_entry->type = E820_TYPE_RAM;
-+ swap_entry->addr = swap_addr;
-+ swap_entry->size = swap_size;
-+
-+ /* Remember PFN<->MFN relation for P2M update. */
-+ xen_add_remap_nonram(swap_addr, entry_end - swap_size,
-+ swap_size);
-+
-+ /* Order E820 table and merge entries. */
-+ e820__update_table(&xen_e820_table);
-+
-+ return;
-+ }
-+
-+ entry++;
-+ }
-+
-+ xen_raw_console_write("No suitable area found for required E820 entry remapping action\n");
-+ BUG();
-+}
-+
-+/*
-+ * Look for non-RAM memory types in a specific guest physical area and move
-+ * those away if possible (ACPI NVS only for now).
-+ */
-+static void __init xen_e820_resolve_conflicts(phys_addr_t start,
-+ phys_addr_t size)
-+{
-+ struct e820_entry *entry;
-+ unsigned int mapcnt;
-+ phys_addr_t end;
-+
-+ if (!size)
-+ return;
-+
-+ end = start + size;
-+ entry = xen_e820_table.entries;
-+
-+ for (mapcnt = 0; mapcnt < xen_e820_table.nr_entries; mapcnt++) {
-+ if (entry->addr >= end)
-+ return;
-+
-+ if (entry->addr + entry->size > start &&
-+ entry->type == E820_TYPE_NVS)
-+ xen_e820_swap_entry_with_ram(entry);
-+
-+ entry++;
-+ }
-+}
-+
- /*
- * Check for an area in physical memory to be usable for non-movable purposes.
-- * An area is considered to usable if the used E820 map lists it to be RAM.
-+ * An area is considered to usable if the used E820 map lists it to be RAM or
-+ * some other type which can be moved to higher PFNs while keeping the MFNs.
- * In case the area is not usable, crash the system with an error message.
- */
- void __init xen_chk_is_e820_usable(phys_addr_t start, phys_addr_t size,
- const char *component)
- {
-+ xen_e820_resolve_conflicts(start, size);
-+
- if (!xen_is_e820_reserved(start, size))
- return;
-
---
-2.43.0
-
projects / thirdparty / kernel / stable-queue.git / commitdiff
