From: Sasha Levin <sashal@kernel.org>
Date: Wed, 15 Feb 2023 16:33:47 +0000 (-0500)
Subject: Fixes for 4.14
X-Git-Tag: v4.14.306~63
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=0aa2ef54c08eca9b7794d2c634bdb43362d776cc;p=thirdparty%2Fkernel%2Fstable-queue.git

Fixes for 4.14

Signed-off-by: Sasha Levin <sashal@kernel.org>
---

diff --git a/queue-4.14/net-rose-fix-to-not-accept-on-connected-socket.patch b/queue-4.14/net-rose-fix-to-not-accept-on-connected-socket.patch
new file mode 100644
index 00000000000..f651733d9d8
--- /dev/null
+++ b/queue-4.14/net-rose-fix-to-not-accept-on-connected-socket.patch
@@ -0,0 +1,63 @@
+From 86feed2b6e6d8b2ed21e2884542c517676f93ff1 Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Wed, 25 Jan 2023 02:59:44 -0800
+Subject: net/rose: Fix to not accept on connected socket
+
+From: Hyunwoo Kim <v4bel@theori.io>
+
+[ Upstream commit 14caefcf9837a2be765a566005ad82cd0d2a429f ]
+
+If you call listen() and accept() on an already connect()ed
+rose socket, accept() can successfully connect.
+This is because when the peer socket sends data to sendmsg,
+the skb with its own sk stored in the connected socket's
+sk->sk_receive_queue is connected, and rose_accept() dequeues
+the skb waiting in the sk->sk_receive_queue.
+
+This creates a child socket with the sk of the parent
+rose socket, which can cause confusion.
+
+Fix rose_listen() to return -EINVAL if the socket has
+already been successfully connected, and add lock_sock
+to prevent this issue.
+
+Signed-off-by: Hyunwoo Kim <v4bel@theori.io>
+Reviewed-by: Kuniyuki Iwashima <kuniyu@amazon.com>
+Link: https://lore.kernel.org/r/20230125105944.GA133314@ubuntu
+Signed-off-by: Jakub Kicinski <kuba@kernel.org>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ net/rose/af_rose.c | 8 ++++++++
+ 1 file changed, 8 insertions(+)
+
+diff --git a/net/rose/af_rose.c b/net/rose/af_rose.c
+index b53468edf35a6..ac2ea4ebf7c7c 100644
+--- a/net/rose/af_rose.c
++++ b/net/rose/af_rose.c
+@@ -490,6 +490,12 @@ static int rose_listen(struct socket *sock, int backlog)
+ {
+ 	struct sock *sk = sock->sk;
+ 
++	lock_sock(sk);
++	if (sock->state != SS_UNCONNECTED) {
++		release_sock(sk);
++		return -EINVAL;
++	}
++
+ 	if (sk->sk_state != TCP_LISTEN) {
+ 		struct rose_sock *rose = rose_sk(sk);
+ 
+@@ -499,8 +505,10 @@ static int rose_listen(struct socket *sock, int backlog)
+ 		memset(rose->dest_digis, 0, AX25_ADDR_LEN * ROSE_MAX_DIGIS);
+ 		sk->sk_max_ack_backlog = backlog;
+ 		sk->sk_state           = TCP_LISTEN;
++		release_sock(sk);
+ 		return 0;
+ 	}
++	release_sock(sk);
+ 
+ 	return -EOPNOTSUPP;
+ }
+-- 
+2.39.0
+
diff --git a/queue-4.14/nvme-fc-fix-a-missing-queue-put-in-nvmet_fc_ls_creat.patch b/queue-4.14/nvme-fc-fix-a-missing-queue-put-in-nvmet_fc_ls_creat.patch
new file mode 100644
index 00000000000..f1cf24481ce
--- /dev/null
+++ b/queue-4.14/nvme-fc-fix-a-missing-queue-put-in-nvmet_fc_ls_creat.patch
@@ -0,0 +1,41 @@
+From 1375d614b1cf926857755550d93686baa6690185 Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Mon, 23 Jan 2023 14:37:28 +0200
+Subject: nvme-fc: fix a missing queue put in nvmet_fc_ls_create_association
+
+From: Amit Engel <Amit.Engel@dell.com>
+
+[ Upstream commit 0cab4404874f2de52617de8400c844891c6ea1ce ]
+
+As part of nvmet_fc_ls_create_association there is a case where
+nvmet_fc_alloc_target_queue fails right after a new association with an
+admin queue is created. In this case, no one releases the get taken in
+nvmet_fc_alloc_target_assoc.  This fix is adding the missing put.
+
+Signed-off-by: Amit Engel <Amit.Engel@dell.com>
+Reviewed-by: James Smart <jsmart2021@gmail.com>
+Signed-off-by: Christoph Hellwig <hch@lst.de>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ drivers/nvme/target/fc.c | 4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+
+diff --git a/drivers/nvme/target/fc.c b/drivers/nvme/target/fc.c
+index df1c6dee255bf..b702bdc589551 100644
+--- a/drivers/nvme/target/fc.c
++++ b/drivers/nvme/target/fc.c
+@@ -1301,8 +1301,10 @@ nvmet_fc_ls_create_association(struct nvmet_fc_tgtport *tgtport,
+ 		else {
+ 			queue = nvmet_fc_alloc_target_queue(iod->assoc, 0,
+ 					be16_to_cpu(rqst->assoc_cmd.sqsize));
+-			if (!queue)
++			if (!queue) {
+ 				ret = VERR_QUEUE_ALLOC_FAIL;
++				nvmet_fc_tgt_a_put(iod->assoc);
++			}
+ 		}
+ 	}
+ 
+-- 
+2.39.0
+
diff --git a/queue-4.14/series b/queue-4.14/series
index 27f4e84fa14..35a2c98c99c 100644
--- a/queue-4.14/series
+++ b/queue-4.14/series
@@ -31,3 +31,6 @@ pinctrl-single-fix-potential-null-dereference.patch
 net-usb-fix-wrong-direction-warning-in-plusb.c.patch
 usb-core-add-quirk-for-alcor-link-ak9563-smartcard-reader.patch
 migrate-hugetlb-check-for-hugetlb-shared-pmd-in-node-migration.patch
+tools-virtio-fix-the-vringh-test-for-virtio-ring-cha.patch
+net-rose-fix-to-not-accept-on-connected-socket.patch
+nvme-fc-fix-a-missing-queue-put-in-nvmet_fc_ls_creat.patch
diff --git a/queue-4.14/tools-virtio-fix-the-vringh-test-for-virtio-ring-cha.patch b/queue-4.14/tools-virtio-fix-the-vringh-test-for-virtio-ring-cha.patch
new file mode 100644
index 00000000000..21df51d9ce9
--- /dev/null
+++ b/queue-4.14/tools-virtio-fix-the-vringh-test-for-virtio-ring-cha.patch
@@ -0,0 +1,148 @@
+From 261321211a4871e75ecf45d2b8b095eddd972dec Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Tue, 10 Jan 2023 12:43:10 +0900
+Subject: tools/virtio: fix the vringh test for virtio ring changes
+
+From: Shunsuke Mie <mie@igel.co.jp>
+
+[ Upstream commit 3f7b75abf41cc4143aa295f62acbb060a012868d ]
+
+Fix the build caused by missing kmsan_handle_dma() and is_power_of_2() that
+are used in drivers/virtio/virtio_ring.c.
+
+Signed-off-by: Shunsuke Mie <mie@igel.co.jp>
+Message-Id: <20230110034310.779744-1-mie@igel.co.jp>
+Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ tools/virtio/linux/bug.h         |  8 +++-----
+ tools/virtio/linux/build_bug.h   |  7 +++++++
+ tools/virtio/linux/cpumask.h     |  7 +++++++
+ tools/virtio/linux/gfp.h         |  7 +++++++
+ tools/virtio/linux/kernel.h      |  1 +
+ tools/virtio/linux/kmsan.h       | 12 ++++++++++++
+ tools/virtio/linux/scatterlist.h |  1 +
+ tools/virtio/linux/topology.h    |  7 +++++++
+ 8 files changed, 45 insertions(+), 5 deletions(-)
+ create mode 100644 tools/virtio/linux/build_bug.h
+ create mode 100644 tools/virtio/linux/cpumask.h
+ create mode 100644 tools/virtio/linux/gfp.h
+ create mode 100644 tools/virtio/linux/kmsan.h
+ create mode 100644 tools/virtio/linux/topology.h
+
+diff --git a/tools/virtio/linux/bug.h b/tools/virtio/linux/bug.h
+index b14c2c3b6b857..74aef964f5099 100644
+--- a/tools/virtio/linux/bug.h
++++ b/tools/virtio/linux/bug.h
+@@ -1,11 +1,9 @@
+ /* SPDX-License-Identifier: GPL-2.0 */
+-#ifndef BUG_H
+-#define BUG_H
++#ifndef _LINUX_BUG_H
++#define _LINUX_BUG_H
+ 
+ #define BUG_ON(__BUG_ON_cond) assert(!(__BUG_ON_cond))
+ 
+-#define BUILD_BUG_ON(x)
+-
+ #define BUG() abort()
+ 
+-#endif /* BUG_H */
++#endif /* _LINUX_BUG_H */
+diff --git a/tools/virtio/linux/build_bug.h b/tools/virtio/linux/build_bug.h
+new file mode 100644
+index 0000000000000..cdbb75e28a604
+--- /dev/null
++++ b/tools/virtio/linux/build_bug.h
+@@ -0,0 +1,7 @@
++/* SPDX-License-Identifier: GPL-2.0 */
++#ifndef _LINUX_BUILD_BUG_H
++#define _LINUX_BUILD_BUG_H
++
++#define BUILD_BUG_ON(x)
++
++#endif	/* _LINUX_BUILD_BUG_H */
+diff --git a/tools/virtio/linux/cpumask.h b/tools/virtio/linux/cpumask.h
+new file mode 100644
+index 0000000000000..307da69d6b26c
+--- /dev/null
++++ b/tools/virtio/linux/cpumask.h
+@@ -0,0 +1,7 @@
++/* SPDX-License-Identifier: GPL-2.0 */
++#ifndef _LINUX_CPUMASK_H
++#define _LINUX_CPUMASK_H
++
++#include <linux/kernel.h>
++
++#endif /* _LINUX_CPUMASK_H */
+diff --git a/tools/virtio/linux/gfp.h b/tools/virtio/linux/gfp.h
+new file mode 100644
+index 0000000000000..43d146f236f14
+--- /dev/null
++++ b/tools/virtio/linux/gfp.h
+@@ -0,0 +1,7 @@
++/* SPDX-License-Identifier: GPL-2.0 */
++#ifndef __LINUX_GFP_H
++#define __LINUX_GFP_H
++
++#include <linux/topology.h>
++
++#endif
+diff --git a/tools/virtio/linux/kernel.h b/tools/virtio/linux/kernel.h
+index 268ce239de650..e4e35e66ea14a 100644
+--- a/tools/virtio/linux/kernel.h
++++ b/tools/virtio/linux/kernel.h
+@@ -10,6 +10,7 @@
+ #include <stdarg.h>
+ 
+ #include <linux/compiler.h>
++#include <linux/log2.h>
+ #include <linux/types.h>
+ #include <linux/printk.h>
+ #include <linux/bug.h>
+diff --git a/tools/virtio/linux/kmsan.h b/tools/virtio/linux/kmsan.h
+new file mode 100644
+index 0000000000000..272b5aa285d5a
+--- /dev/null
++++ b/tools/virtio/linux/kmsan.h
+@@ -0,0 +1,12 @@
++/* SPDX-License-Identifier: GPL-2.0 */
++#ifndef _LINUX_KMSAN_H
++#define _LINUX_KMSAN_H
++
++#include <linux/gfp.h>
++
++inline void kmsan_handle_dma(struct page *page, size_t offset, size_t size,
++			     enum dma_data_direction dir)
++{
++}
++
++#endif /* _LINUX_KMSAN_H */
+diff --git a/tools/virtio/linux/scatterlist.h b/tools/virtio/linux/scatterlist.h
+index 9a45f90e2d089..97448e1ceebc1 100644
+--- a/tools/virtio/linux/scatterlist.h
++++ b/tools/virtio/linux/scatterlist.h
+@@ -2,6 +2,7 @@
+ #ifndef SCATTERLIST_H
+ #define SCATTERLIST_H
+ #include <linux/kernel.h>
++#include <linux/bug.h>
+ 
+ struct scatterlist {
+ 	unsigned long	page_link;
+diff --git a/tools/virtio/linux/topology.h b/tools/virtio/linux/topology.h
+new file mode 100644
+index 0000000000000..910794afb993a
+--- /dev/null
++++ b/tools/virtio/linux/topology.h
+@@ -0,0 +1,7 @@
++/* SPDX-License-Identifier: GPL-2.0 */
++#ifndef _LINUX_TOPOLOGY_H
++#define _LINUX_TOPOLOGY_H
++
++#include <linux/cpumask.h>
++
++#endif /* _LINUX_TOPOLOGY_H */
+-- 
+2.39.0
+