--- /dev/null
+From 14831fad73f5ac30ac61760487d95a538e6ab3cb Mon Sep 17 00:00:00 2001
+From: Nick Desaulniers <ndesaulniers@google.com>
+Date: Tue, 19 Oct 2021 15:36:45 -0700
+Subject: arm64: vdso32: suppress error message for 'make mrproper'
+
+From: Nick Desaulniers <ndesaulniers@google.com>
+
+commit 14831fad73f5ac30ac61760487d95a538e6ab3cb upstream.
+
+When running the following command without arm-linux-gnueabi-gcc in
+one's $PATH, the following warning is observed:
+
+$ ARCH=arm64 CROSS_COMPILE_COMPAT=arm-linux-gnueabi- make -j72 LLVM=1 mrproper
+make[1]: arm-linux-gnueabi-gcc: No such file or directory
+
+This is because KCONFIG is not run for mrproper, so CONFIG_CC_IS_CLANG
+is not set, and we end up eagerly evaluating various variables that try
+to invoke CC_COMPAT.
+
+This is a similar problem to what was observed in
+commit dc960bfeedb0 ("h8300: suppress error messages for 'make clean'")
+
+Reported-by: Lucas Henneman <henneman@google.com>
+Suggested-by: Masahiro Yamada <masahiroy@kernel.org>
+Signed-off-by: Nick Desaulniers <ndesaulniers@google.com>
+Reviewed-by: Vincenzo Frascino <vincenzo.frascino@arm.com>
+Reviewed-by: Nathan Chancellor <nathan@kernel.org>
+Tested-by: Nathan Chancellor <nathan@kernel.org>
+Link: https://lore.kernel.org/r/20211019223646.1146945-4-ndesaulniers@google.com
+Signed-off-by: Will Deacon <will@kernel.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ arch/arm64/kernel/vdso32/Makefile | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+--- a/arch/arm64/kernel/vdso32/Makefile
++++ b/arch/arm64/kernel/vdso32/Makefile
+@@ -48,7 +48,8 @@ cc32-as-instr = $(call try-run,\
+ # As a result we set our own flags here.
+
+ # KBUILD_CPPFLAGS and NOSTDINC_FLAGS from top-level Makefile
+-VDSO_CPPFLAGS := -D__KERNEL__ -nostdinc -isystem $(shell $(CC_COMPAT) -print-file-name=include)
++VDSO_CPPFLAGS := -D__KERNEL__ -nostdinc
++VDSO_CPPFLAGS += -isystem $(shell $(CC_COMPAT) -print-file-name=include)
+ VDSO_CPPFLAGS += $(LINUXINCLUDE)
+
+ # Common C and assembly flags
--- /dev/null
+From 3ec18fc7831e7d79e2d536dd1f3bc0d3ba425e8a Mon Sep 17 00:00:00 2001
+From: Sven Schnelle <svens@stackframe.org>
+Date: Sat, 13 Nov 2021 20:41:17 +0100
+Subject: parisc/entry: fix trace test in syscall exit path
+
+From: Sven Schnelle <svens@stackframe.org>
+
+commit 3ec18fc7831e7d79e2d536dd1f3bc0d3ba425e8a upstream.
+
+commit 8779e05ba8aa ("parisc: Fix ptrace check on syscall return")
+fixed testing of TI_FLAGS. This uncovered a bug in the test mask.
+syscall_restore_rfi is only used when the kernel needs to exit to
+usespace with single or block stepping and the recovery counter
+enabled. The test however used _TIF_SYSCALL_TRACE_MASK, which
+includes a lot of bits that shouldn't be tested here.
+
+Fix this by using TIF_SINGLESTEP and TIF_BLOCKSTEP directly.
+
+I encountered this bug by enabling syscall tracepoints. Both in qemu and
+on real hardware. As soon as i enabled the tracepoint (sys_exit_read,
+but i guess it doesn't really matter which one), i got random page
+faults in userspace almost immediately.
+
+Signed-off-by: Sven Schnelle <svens@stackframe.org>
+Signed-off-by: Helge Deller <deller@gmx.de>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ arch/parisc/kernel/entry.S | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/arch/parisc/kernel/entry.S
++++ b/arch/parisc/kernel/entry.S
+@@ -1849,7 +1849,7 @@ syscall_restore:
+
+ /* Are we being ptraced? */
+ LDREG TI_FLAGS-THREAD_SZ_ALGN-FRAME_SIZE(%r30),%r19
+- ldi _TIF_SYSCALL_TRACE_MASK,%r2
++ ldi _TIF_SINGLESTEP|_TIF_BLOCKSTEP,%r2
+ and,COND(=) %r19,%r2,%r0
+ b,n syscall_restore_rfi
+
--- /dev/null
+From b968e84b509da593c50dc3db679e1d33de701f78 Mon Sep 17 00:00:00 2001
+From: Peter Zijlstra <peterz@infradead.org>
+Date: Fri, 17 Sep 2021 11:20:04 +0200
+Subject: x86/iopl: Fake iopl(3) CLI/STI usage
+
+From: Peter Zijlstra <peterz@infradead.org>
+
+commit b968e84b509da593c50dc3db679e1d33de701f78 upstream.
+
+Since commit c8137ace5638 ("x86/iopl: Restrict iopl() permission
+scope") it's possible to emulate iopl(3) using ioperm(), except for
+the CLI/STI usage.
+
+Userspace CLI/STI usage is very dubious (read broken), since any
+exception taken during that window can lead to rescheduling anyway (or
+worse). The IOPL(2) manpage even states that usage of CLI/STI is highly
+discouraged and might even crash the system.
+
+Of course, that won't stop people and HP has the dubious honour of
+being the first vendor to be found using this in their hp-health
+package.
+
+In order to enable this 'software' to still 'work', have the #GP treat
+the CLI/STI instructions as NOPs when iopl(3). Warn the user that
+their program is doing dubious things.
+
+Fixes: a24ca9976843 ("x86/iopl: Remove legacy IOPL option")
+Reported-by: Ondrej Zary <linux@zary.sk>
+Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
+Reviewed-by: Thomas Gleixner <tglx@linutronix.de>
+Cc: stable@kernel.org # v5.5+
+Link: https://lkml.kernel.org/r/20210918090641.GD5106@worktop.programming.kicks-ass.net
+Signed-off-by: Ondrej Zary <linux@zary.sk>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ arch/x86/include/asm/insn-eval.h | 1 +
+ arch/x86/include/asm/processor.h | 1 +
+ arch/x86/kernel/process.c | 1 +
+ arch/x86/kernel/traps.c | 34 ++++++++++++++++++++++++++++++++++
+ arch/x86/lib/insn-eval.c | 2 +-
+ 5 files changed, 38 insertions(+), 1 deletion(-)
+
+--- a/arch/x86/include/asm/insn-eval.h
++++ b/arch/x86/include/asm/insn-eval.h
+@@ -21,6 +21,7 @@ int insn_get_modrm_rm_off(struct insn *i
+ int insn_get_modrm_reg_off(struct insn *insn, struct pt_regs *regs);
+ unsigned long insn_get_seg_base(struct pt_regs *regs, int seg_reg_idx);
+ int insn_get_code_seg_params(struct pt_regs *regs);
++unsigned long insn_get_effective_ip(struct pt_regs *regs);
+ int insn_fetch_from_user(struct pt_regs *regs,
+ unsigned char buf[MAX_INSN_SIZE]);
+ int insn_fetch_from_user_inatomic(struct pt_regs *regs,
+--- a/arch/x86/include/asm/processor.h
++++ b/arch/x86/include/asm/processor.h
+@@ -534,6 +534,7 @@ struct thread_struct {
+ */
+ unsigned long iopl_emul;
+
++ unsigned int iopl_warn:1;
+ unsigned int sig_on_uaccess_err:1;
+
+ /* Floating point and extended processor state */
+--- a/arch/x86/kernel/process.c
++++ b/arch/x86/kernel/process.c
+@@ -138,6 +138,7 @@ int copy_thread(unsigned long clone_flag
+ frame->ret_addr = (unsigned long) ret_from_fork;
+ p->thread.sp = (unsigned long) fork_frame;
+ p->thread.io_bitmap = NULL;
++ p->thread.iopl_warn = 0;
+ memset(p->thread.ptrace_bps, 0, sizeof(p->thread.ptrace_bps));
+
+ #ifdef CONFIG_X86_64
+--- a/arch/x86/kernel/traps.c
++++ b/arch/x86/kernel/traps.c
+@@ -523,6 +523,37 @@ static enum kernel_gp_hint get_kernel_gp
+
+ #define GPFSTR "general protection fault"
+
++static bool fixup_iopl_exception(struct pt_regs *regs)
++{
++ struct thread_struct *t = ¤t->thread;
++ unsigned char byte;
++ unsigned long ip;
++
++ if (!IS_ENABLED(CONFIG_X86_IOPL_IOPERM) || t->iopl_emul != 3)
++ return false;
++
++ ip = insn_get_effective_ip(regs);
++ if (!ip)
++ return false;
++
++ if (get_user(byte, (const char __user *)ip))
++ return false;
++
++ if (byte != 0xfa && byte != 0xfb)
++ return false;
++
++ if (!t->iopl_warn && printk_ratelimit()) {
++ pr_err("%s[%d] attempts to use CLI/STI, pretending it's a NOP, ip:%lx",
++ current->comm, task_pid_nr(current), ip);
++ print_vma_addr(KERN_CONT " in ", ip);
++ pr_cont("\n");
++ t->iopl_warn = 1;
++ }
++
++ regs->ip += 1;
++ return true;
++}
++
+ DEFINE_IDTENTRY_ERRORCODE(exc_general_protection)
+ {
+ char desc[sizeof(GPFSTR) + 50 + 2*sizeof(unsigned long) + 1] = GPFSTR;
+@@ -548,6 +579,9 @@ DEFINE_IDTENTRY_ERRORCODE(exc_general_pr
+ tsk = current;
+
+ if (user_mode(regs)) {
++ if (fixup_iopl_exception(regs))
++ goto exit;
++
+ tsk->thread.error_code = error_code;
+ tsk->thread.trap_nr = X86_TRAP_GP;
+
+--- a/arch/x86/lib/insn-eval.c
++++ b/arch/x86/lib/insn-eval.c
+@@ -1415,7 +1415,7 @@ void __user *insn_get_addr_ref(struct in
+ }
+ }
+
+-static unsigned long insn_get_effective_ip(struct pt_regs *regs)
++unsigned long insn_get_effective_ip(struct pt_regs *regs)
+ {
+ unsigned long seg_base = 0;
+
projects / thirdparty / kernel / stable-queue.git / commitdiff
