From: Greg Kroah-Hartman Date: Tue, 25 Apr 2017 12:20:42 +0000 (+0100) Subject: 3.18-stable patches X-Git-Tag: v4.4.64~5 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=0504398356f2cf87f002b8e4d46a1b895a8eebe3;p=thirdparty%2Fkernel%2Fstable-queue.git 3.18-stable patches added patches: kvm-arm-arm64-fix-locking-for-kvm_free_stage2_pgd.patch powerpc-64-fix-flush_-d-i-cache_range-called-from-modules.patch x86-mce-amd-give-a-name-to-mca-bank-3-when-accessed-with-legacy-msrs.patch x86-pmem-fix-broken-__copy_user_nocache-cache-bypass-assumptions.patch --- diff --git a/queue-3.18/kvm-arm-arm64-fix-locking-for-kvm_free_stage2_pgd.patch b/queue-3.18/kvm-arm-arm64-fix-locking-for-kvm_free_stage2_pgd.patch new file mode 100644 index 00000000000..ace2ec71c78 --- /dev/null +++ b/queue-3.18/kvm-arm-arm64-fix-locking-for-kvm_free_stage2_pgd.patch @@ -0,0 +1,68 @@ +From 8b3405e345b5a098101b0c31b264c812bba045d9 Mon Sep 17 00:00:00 2001 +From: Suzuki K Poulose +Date: Mon, 3 Apr 2017 15:12:43 +0100 +Subject: kvm: arm/arm64: Fix locking for kvm_free_stage2_pgd + +From: Suzuki K Poulose + +commit 8b3405e345b5a098101b0c31b264c812bba045d9 upstream. + +In kvm_free_stage2_pgd() we don't hold the kvm->mmu_lock while calling +unmap_stage2_range() on the entire memory range for the guest. This could +cause problems with other callers (e.g, munmap on a memslot) trying to +unmap a range. And since we have to unmap the entire Guest memory range +holding a spinlock, make sure we yield the lock if necessary, after we +unmap each PUD range. + +Fixes: commit d5d8184d35c9 ("KVM: ARM: Memory virtualization setup") +Cc: Paolo Bonzini +Cc: Marc Zyngier +Cc: Christoffer Dall +Cc: Mark Rutland +Signed-off-by: Suzuki K Poulose +[ Avoid vCPU starvation and lockup detector warnings ] +Signed-off-by: Marc Zyngier +Signed-off-by: Suzuki K Poulose +Signed-off-by: Christoffer Dall +Signed-off-by: Greg Kroah-Hartman + +--- + arch/arm/kvm/mmu.c | 12 ++++++++++++ + 1 file changed, 12 insertions(+) + +--- a/arch/arm/kvm/mmu.c ++++ b/arch/arm/kvm/mmu.c +@@ -256,6 +256,14 @@ static void unmap_range(struct kvm *kvm, + next = kvm_pgd_addr_end(addr, end); + if (!pgd_none(*pgd)) + unmap_puds(kvm, pgd, addr, next); ++ /* ++ * If we are dealing with a large range in ++ * stage2 table, release the kvm->mmu_lock ++ * to prevent starvation and lockup detector ++ * warnings. ++ */ ++ if (kvm && (next != end)) ++ cond_resched_lock(&kvm->mmu_lock); + } while (pgd++, addr = next, addr != end); + } + +@@ -693,6 +701,7 @@ int kvm_alloc_stage2_pgd(struct kvm *kvm + */ + static void unmap_stage2_range(struct kvm *kvm, phys_addr_t start, u64 size) + { ++ assert_spin_locked(&kvm->mmu_lock); + unmap_range(kvm, kvm->arch.pgd, start, size); + } + +@@ -777,7 +786,10 @@ void kvm_free_stage2_pgd(struct kvm *kvm + if (kvm->arch.pgd == NULL) + return; + ++ spin_lock(&kvm->mmu_lock); + unmap_stage2_range(kvm, 0, KVM_PHYS_SIZE); ++ spin_unlock(&kvm->mmu_lock); ++ + kvm_free_hwpgd(kvm_get_hwpgd(kvm)); + if (KVM_PREALLOC_LEVEL > 0) + kfree(kvm->arch.pgd); diff --git a/queue-3.18/powerpc-64-fix-flush_-d-i-cache_range-called-from-modules.patch b/queue-3.18/powerpc-64-fix-flush_-d-i-cache_range-called-from-modules.patch new file mode 100644 index 00000000000..7788afafc73 --- /dev/null +++ b/queue-3.18/powerpc-64-fix-flush_-d-i-cache_range-called-from-modules.patch @@ -0,0 +1,53 @@ +From 8f5f525d5b83f7d76a6baf9c4e94d4bf312ea7f6 Mon Sep 17 00:00:00 2001 +From: Oliver O'Halloran +Date: Mon, 3 Apr 2017 13:25:12 +1000 +Subject: powerpc/64: Fix flush_(d|i)cache_range() called from modules + +From: Oliver O'Halloran + +commit 8f5f525d5b83f7d76a6baf9c4e94d4bf312ea7f6 upstream. + +When the kernel is compiled to use 64bit ABIv2 the _GLOBAL() macro does +not include a global entry point. A function's global entry point is +used when the function is called from a different TOC context and in the +kernel this typically means a call from a module into the vmlinux (or +vice-versa). + +There are a few exported asm functions declared with _GLOBAL() and +calling them from a module will likely crash the kernel since any TOC +relative load will yield garbage. + +flush_icache_range() and flush_dcache_range() are both exported to +modules, and use the TOC, so must use _GLOBAL_TOC(). + +Fixes: 721aeaa9fdf3 ("powerpc: Build little endian ppc64 kernel with ABIv2") +Signed-off-by: Oliver O'Halloran +Signed-off-by: Michael Ellerman +Signed-off-by: Greg Kroah-Hartman + + +--- + arch/powerpc/kernel/misc_64.S | 5 ++++- + 1 file changed, 4 insertions(+), 1 deletion(-) + +--- a/arch/powerpc/kernel/misc_64.S ++++ b/arch/powerpc/kernel/misc_64.S +@@ -66,6 +66,9 @@ PPC64_CACHES: + */ + + _KPROBE(flush_icache_range) ++0: addis r2,r12,(.TOC. - 0b)@ha ++ addi r2, r2,(.TOC. - 0b)@l ++ .localentry flush_icache_range, . - flush_icache_range + BEGIN_FTR_SECTION + PURGE_PREFETCHED_INS + blr +@@ -116,7 +119,7 @@ END_FTR_SECTION_IFSET(CPU_FTR_COHERENT_I + * + * flush all bytes from start to stop-1 inclusive + */ +-_GLOBAL(flush_dcache_range) ++_GLOBAL_TOC(flush_dcache_range) + + /* + * Flush the data cache to memory diff --git a/queue-3.18/series b/queue-3.18/series index 096d5947013..06e940c3aaa 100644 --- a/queue-3.18/series +++ b/queue-3.18/series @@ -12,3 +12,7 @@ acpi-power-avoid-maybe-uninitialized-warning.patch mmc-sdhci-esdhc-imx-increase-the-pad-i-o-drive-strength-for-ddr50-card.patch ubi-upd-always-flush-after-prepared-for-an-update.patch powerpc-kprobe-fix-oops-when-kprobed-on-stdu-instruction.patch +x86-mce-amd-give-a-name-to-mca-bank-3-when-accessed-with-legacy-msrs.patch +kvm-arm-arm64-fix-locking-for-kvm_free_stage2_pgd.patch +powerpc-64-fix-flush_-d-i-cache_range-called-from-modules.patch +x86-pmem-fix-broken-__copy_user_nocache-cache-bypass-assumptions.patch diff --git a/queue-3.18/x86-mce-amd-give-a-name-to-mca-bank-3-when-accessed-with-legacy-msrs.patch b/queue-3.18/x86-mce-amd-give-a-name-to-mca-bank-3-when-accessed-with-legacy-msrs.patch new file mode 100644 index 00000000000..85ad3a7ed91 --- /dev/null +++ b/queue-3.18/x86-mce-amd-give-a-name-to-mca-bank-3-when-accessed-with-legacy-msrs.patch @@ -0,0 +1,53 @@ +From 29f72ce3e4d18066ec75c79c857bee0618a3504b Mon Sep 17 00:00:00 2001 +From: Yazen Ghannam +Date: Thu, 30 Mar 2017 13:17:14 +0200 +Subject: x86/mce/AMD: Give a name to MCA bank 3 when accessed with legacy MSRs + +From: Yazen Ghannam + +commit 29f72ce3e4d18066ec75c79c857bee0618a3504b upstream. + +MCA bank 3 is reserved on systems pre-Fam17h, so it didn't have a name. +However, MCA bank 3 is defined on Fam17h systems and can be accessed +using legacy MSRs. Without a name we get a stack trace on Fam17h systems +when trying to register sysfs files for bank 3 on kernels that don't +recognize Scalable MCA. + +Call MCA bank 3 "decode_unit" since this is what it represents on +Fam17h. This will allow kernels without SMCA support to see this bank on +Fam17h+ and prevent the stack trace. This will not affect older systems +since this bank is reserved on them, i.e. it'll be ignored. + +Tested on AMD Fam15h and Fam17h systems. + + WARNING: CPU: 26 PID: 1 at lib/kobject.c:210 kobject_add_internal + kobject: (ffff88085bb256c0): attempted to be registered with empty name! + ... + Call Trace: + kobject_add_internal + kobject_add + kobject_create_and_add + threshold_create_device + threshold_init_device + +Signed-off-by: Yazen Ghannam +Signed-off-by: Borislav Petkov +Link: http://lkml.kernel.org/r/1490102285-3659-1-git-send-email-Yazen.Ghannam@amd.com +Signed-off-by: Thomas Gleixner +Signed-off-by: Greg Kroah-Hartman + +--- + arch/x86/kernel/cpu/mcheck/mce_amd.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/arch/x86/kernel/cpu/mcheck/mce_amd.c ++++ b/arch/x86/kernel/cpu/mcheck/mce_amd.c +@@ -51,7 +51,7 @@ static const char * const th_names[] = { + "load_store", + "insn_fetch", + "combined_unit", +- "", ++ "decode_unit", + "northbridge", + "execution_unit", + }; diff --git a/queue-3.18/x86-pmem-fix-broken-__copy_user_nocache-cache-bypass-assumptions.patch b/queue-3.18/x86-pmem-fix-broken-__copy_user_nocache-cache-bypass-assumptions.patch new file mode 100644 index 00000000000..a40f1f9d93a --- /dev/null +++ b/queue-3.18/x86-pmem-fix-broken-__copy_user_nocache-cache-bypass-assumptions.patch @@ -0,0 +1,104 @@ +From 11e63f6d920d6f2dfd3cd421e939a4aec9a58dcd Mon Sep 17 00:00:00 2001 +From: Dan Williams +Date: Thu, 6 Apr 2017 09:04:31 -0700 +Subject: x86, pmem: fix broken __copy_user_nocache cache-bypass assumptions + +From: Dan Williams + +commit 11e63f6d920d6f2dfd3cd421e939a4aec9a58dcd upstream. + +Before we rework the "pmem api" to stop abusing __copy_user_nocache() +for memcpy_to_pmem() we need to fix cases where we may strand dirty data +in the cpu cache. The problem occurs when copy_from_iter_pmem() is used +for arbitrary data transfers from userspace. There is no guarantee that +these transfers, performed by dax_iomap_actor(), will have aligned +destinations or aligned transfer lengths. Backstop the usage +__copy_user_nocache() with explicit cache management in these unaligned +cases. + +Yes, copy_from_iter_pmem() is now too big for an inline, but addressing +that is saved for a later patch that moves the entirety of the "pmem +api" into the pmem driver directly. + +Fixes: 5de490daec8b ("pmem: add copy_from_iter_pmem() and clear_pmem()") +Cc: +Cc: Jan Kara +Cc: Jeff Moyer +Cc: Ingo Molnar +Cc: Christoph Hellwig +Cc: "H. Peter Anvin" +Cc: Al Viro +Cc: Thomas Gleixner +Cc: Matthew Wilcox +Reviewed-by: Ross Zwisler +Signed-off-by: Toshi Kani +Signed-off-by: Dan Williams +Signed-off-by: Greg Kroah-Hartman + +diff --git a/arch/x86/include/asm/pmem.h b/arch/x86/include/asm/pmem.h +index 2c1ebeb4d737..529bb4a6487a 100644 +--- a/arch/x86/include/asm/pmem.h ++++ b/arch/x86/include/asm/pmem.h +@@ -55,7 +55,8 @@ static inline int arch_memcpy_from_pmem(void *dst, const void *src, size_t n) + * @size: number of bytes to write back + * + * Write back a cache range using the CLWB (cache line write back) +- * instruction. ++ * instruction. Note that @size is internally rounded up to be cache ++ * line size aligned. + */ + static inline void arch_wb_cache_pmem(void *addr, size_t size) + { +@@ -69,15 +70,6 @@ static inline void arch_wb_cache_pmem(void *addr, size_t size) + clwb(p); + } + +-/* +- * copy_from_iter_nocache() on x86 only uses non-temporal stores for iovec +- * iterators, so for other types (bvec & kvec) we must do a cache write-back. +- */ +-static inline bool __iter_needs_pmem_wb(struct iov_iter *i) +-{ +- return iter_is_iovec(i) == false; +-} +- + /** + * arch_copy_from_iter_pmem - copy data from an iterator to PMEM + * @addr: PMEM destination address +@@ -94,7 +86,35 @@ static inline size_t arch_copy_from_iter_pmem(void *addr, size_t bytes, + /* TODO: skip the write-back by always using non-temporal stores */ + len = copy_from_iter_nocache(addr, bytes, i); + +- if (__iter_needs_pmem_wb(i)) ++ /* ++ * In the iovec case on x86_64 copy_from_iter_nocache() uses ++ * non-temporal stores for the bulk of the transfer, but we need ++ * to manually flush if the transfer is unaligned. A cached ++ * memory copy is used when destination or size is not naturally ++ * aligned. That is: ++ * - Require 8-byte alignment when size is 8 bytes or larger. ++ * - Require 4-byte alignment when size is 4 bytes. ++ * ++ * In the non-iovec case the entire destination needs to be ++ * flushed. ++ */ ++ if (iter_is_iovec(i)) { ++ unsigned long flushed, dest = (unsigned long) addr; ++ ++ if (bytes < 8) { ++ if (!IS_ALIGNED(dest, 4) || (bytes != 4)) ++ arch_wb_cache_pmem(addr, 1); ++ } else { ++ if (!IS_ALIGNED(dest, 8)) { ++ dest = ALIGN(dest, boot_cpu_data.x86_clflush_size); ++ arch_wb_cache_pmem(addr, 1); ++ } ++ ++ flushed = dest - (unsigned long) addr; ++ if (bytes > flushed && !IS_ALIGNED(bytes - flushed, 8)) ++ arch_wb_cache_pmem(addr + bytes - 1, 1); ++ } ++ } else + arch_wb_cache_pmem(addr, bytes); + + return len;