From: Sasha Levin Date: Sun, 25 Sep 2022 01:52:33 +0000 (-0400) Subject: Fixes for 4.9 X-Git-Tag: v4.9.330~61 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=4cebe2ce1a52f8ec0458cbafbc828f86fa3b0697;p=thirdparty%2Fkernel%2Fstable-queue.git Fixes for 4.9 Signed-off-by: Sasha Levin --- diff --git a/queue-4.9/can-gs_usb-gs_can_open-fix-race-dev-can.state-condit.patch b/queue-4.9/can-gs_usb-gs_can_open-fix-race-dev-can.state-condit.patch new file mode 100644 index 00000000000..f06bc8a2ac0 --- /dev/null +++ b/queue-4.9/can-gs_usb-gs_can_open-fix-race-dev-can.state-condit.patch @@ -0,0 +1,55 @@ +From ba713a07c1743b38065c59fdcbecdc6613d89423 Mon Sep 17 00:00:00 2001 +From: Sasha Levin +Date: Tue, 20 Sep 2022 11:40:56 +0200 +Subject: can: gs_usb: gs_can_open(): fix race dev->can.state condition + +From: Marc Kleine-Budde + +[ Upstream commit 5440428b3da65408dba0241985acb7a05258b85e ] + +The dev->can.state is set to CAN_STATE_ERROR_ACTIVE, after the device +has been started. On busy networks the CAN controller might receive +CAN frame between and go into an error state before the dev->can.state +is assigned. + +Assign dev->can.state before starting the controller to close the race +window. + +Fixes: d08e973a77d1 ("can: gs_usb: Added support for the GS_USB CAN devices") +Link: https://lore.kernel.org/all/20220920195216.232481-1-mkl@pengutronix.de +Signed-off-by: Marc Kleine-Budde +Signed-off-by: Sasha Levin +--- + drivers/net/can/usb/gs_usb.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/drivers/net/can/usb/gs_usb.c b/drivers/net/can/usb/gs_usb.c +index e3dc59fffdb7..8472667ffe71 100644 +--- a/drivers/net/can/usb/gs_usb.c ++++ b/drivers/net/can/usb/gs_usb.c +@@ -687,6 +687,7 @@ static int gs_can_open(struct net_device *netdev) + flags |= GS_CAN_MODE_TRIPLE_SAMPLE; + + /* finally start device */ ++ dev->can.state = CAN_STATE_ERROR_ACTIVE; + dm->mode = cpu_to_le32(GS_CAN_MODE_START); + dm->flags = cpu_to_le32(flags); + rc = usb_control_msg(interface_to_usbdev(dev->iface), +@@ -703,13 +704,12 @@ static int gs_can_open(struct net_device *netdev) + if (rc < 0) { + netdev_err(netdev, "Couldn't start device (err=%d)\n", rc); + kfree(dm); ++ dev->can.state = CAN_STATE_STOPPED; + return rc; + } + + kfree(dm); + +- dev->can.state = CAN_STATE_ERROR_ACTIVE; +- + parent->active_channels++; + if (!(dev->can.ctrlmode & CAN_CTRLMODE_LISTENONLY)) + netif_start_queue(netdev); +-- +2.35.1 + diff --git a/queue-4.9/ipvlan-fix-out-of-bound-bugs-caused-by-unset-skb-mac.patch b/queue-4.9/ipvlan-fix-out-of-bound-bugs-caused-by-unset-skb-mac.patch new file mode 100644 index 00000000000..210034d7fe5 --- /dev/null +++ b/queue-4.9/ipvlan-fix-out-of-bound-bugs-caused-by-unset-skb-mac.patch @@ -0,0 +1,98 @@ +From 215e90278401441894b0a5a5ebf5a8c9ce92dde6 Mon Sep 17 00:00:00 2001 +From: Sasha Levin +Date: Wed, 7 Sep 2022 18:12:04 +0800 +Subject: ipvlan: Fix out-of-bound bugs caused by unset skb->mac_header + +From: Lu Wei + +[ Upstream commit 81225b2ea161af48e093f58e8dfee6d705b16af4 ] + +If an AF_PACKET socket is used to send packets through ipvlan and the +default xmit function of the AF_PACKET socket is changed from +dev_queue_xmit() to packet_direct_xmit() via setsockopt() with the option +name of PACKET_QDISC_BYPASS, the skb->mac_header may not be reset and +remains as the initial value of 65535, this may trigger slab-out-of-bounds +bugs as following: + +================================================================= +UG: KASAN: slab-out-of-bounds in ipvlan_xmit_mode_l2+0xdb/0x330 [ipvlan] +PU: 2 PID: 1768 Comm: raw_send Kdump: loaded Not tainted 6.0.0-rc4+ #6 +ardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.14.0-1.fc33 +all Trace: +print_address_description.constprop.0+0x1d/0x160 +print_report.cold+0x4f/0x112 +kasan_report+0xa3/0x130 +ipvlan_xmit_mode_l2+0xdb/0x330 [ipvlan] +ipvlan_start_xmit+0x29/0xa0 [ipvlan] +__dev_direct_xmit+0x2e2/0x380 +packet_direct_xmit+0x22/0x60 +packet_snd+0x7c9/0xc40 +sock_sendmsg+0x9a/0xa0 +__sys_sendto+0x18a/0x230 +__x64_sys_sendto+0x74/0x90 +do_syscall_64+0x3b/0x90 +entry_SYSCALL_64_after_hwframe+0x63/0xcd + +The root cause is: + 1. packet_snd() only reset skb->mac_header when sock->type is SOCK_RAW + and skb->protocol is not specified as in packet_parse_headers() + + 2. packet_direct_xmit() doesn't reset skb->mac_header as dev_queue_xmit() + +In this case, skb->mac_header is 65535 when ipvlan_xmit_mode_l2() is +called. So when ipvlan_xmit_mode_l2() gets mac header with eth_hdr() which +use "skb->head + skb->mac_header", out-of-bound access occurs. + +This patch replaces eth_hdr() with skb_eth_hdr() in ipvlan_xmit_mode_l2() +and reset mac header in multicast to solve this out-of-bound bug. + +Fixes: 2ad7bf363841 ("ipvlan: Initial check-in of the IPVLAN driver.") +Signed-off-by: Lu Wei +Reviewed-by: Eric Dumazet +Signed-off-by: David S. Miller +Signed-off-by: Sasha Levin +--- + drivers/net/ipvlan/ipvlan_core.c | 6 ++++-- + 1 file changed, 4 insertions(+), 2 deletions(-) + +diff --git a/drivers/net/ipvlan/ipvlan_core.c b/drivers/net/ipvlan/ipvlan_core.c +index 6c0982a39486..7668584c3843 100644 +--- a/drivers/net/ipvlan/ipvlan_core.c ++++ b/drivers/net/ipvlan/ipvlan_core.c +@@ -441,7 +441,6 @@ static int ipvlan_process_v6_outbound(struct sk_buff *skb) + + static int ipvlan_process_outbound(struct sk_buff *skb) + { +- struct ethhdr *ethh = eth_hdr(skb); + int ret = NET_XMIT_DROP; + + /* The ipvlan is a pseudo-L2 device, so the packets that we receive +@@ -451,6 +450,8 @@ static int ipvlan_process_outbound(struct sk_buff *skb) + if (skb_mac_header_was_set(skb)) { + /* In this mode we dont care about + * multicast and broadcast traffic */ ++ struct ethhdr *ethh = eth_hdr(skb); ++ + if (is_multicast_ether_addr(ethh->h_dest)) { + pr_debug_ratelimited( + "Dropped {multi|broad}cast of type=[%x]\n", +@@ -520,7 +521,7 @@ static int ipvlan_xmit_mode_l3(struct sk_buff *skb, struct net_device *dev) + static int ipvlan_xmit_mode_l2(struct sk_buff *skb, struct net_device *dev) + { + const struct ipvl_dev *ipvlan = netdev_priv(dev); +- struct ethhdr *eth = eth_hdr(skb); ++ struct ethhdr *eth = skb_eth_hdr(skb); + struct ipvl_addr *addr; + void *lyr3h; + int addr_type; +@@ -544,6 +545,7 @@ static int ipvlan_xmit_mode_l2(struct sk_buff *skb, struct net_device *dev) + return dev_forward_skb(ipvlan->phy_dev, skb); + + } else if (is_multicast_ether_addr(eth->h_dest)) { ++ skb_reset_mac_header(skb); + ipvlan_skb_crossing_ns(skb, NULL); + ipvlan_multicast_enqueue(ipvlan->port, skb); + return NET_XMIT_SUCCESS; +-- +2.35.1 + diff --git a/queue-4.9/mips-lantiq-export-clk_get_io-for-lantiq_wdt.ko.patch b/queue-4.9/mips-lantiq-export-clk_get_io-for-lantiq_wdt.ko.patch new file mode 100644 index 00000000000..5e869536fa8 --- /dev/null +++ b/queue-4.9/mips-lantiq-export-clk_get_io-for-lantiq_wdt.ko.patch @@ -0,0 +1,41 @@ +From 3ccb55ceb96e06df4af915db2740bc98ad75729e Mon Sep 17 00:00:00 2001 +From: Sasha Levin +Date: Sat, 17 Sep 2022 16:25:40 -0700 +Subject: MIPS: lantiq: export clk_get_io() for lantiq_wdt.ko + +From: Randy Dunlap + +[ Upstream commit 502550123bee6a2ffa438409b5b9aad4d6db3a8c ] + +The lantiq WDT driver uses clk_get_io(), which is not exported, +so export it to fix a build error: + +ERROR: modpost: "clk_get_io" [drivers/watchdog/lantiq_wdt.ko] undefined! + +Fixes: 287e3f3f4e68 ("MIPS: lantiq: implement support for clkdev api") +Signed-off-by: Randy Dunlap +Reported-by: kernel test robot +Cc: Thomas Bogendoerfer +Cc: John Crispin +Cc: linux-mips@vger.kernel.org +Signed-off-by: Thomas Bogendoerfer +Signed-off-by: Sasha Levin +--- + arch/mips/lantiq/clk.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/arch/mips/lantiq/clk.c b/arch/mips/lantiq/clk.c +index d1de57b86683..e0835a743e41 100644 +--- a/arch/mips/lantiq/clk.c ++++ b/arch/mips/lantiq/clk.c +@@ -52,6 +52,7 @@ struct clk *clk_get_io(void) + { + return &cpu_clk_generic[2]; + } ++EXPORT_SYMBOL_GPL(clk_get_io); + + struct clk *clk_get_ppe(void) + { +-- +2.35.1 + diff --git a/queue-4.9/net-sunhme-fix-packet-reception-for-len-rx_copy_thre.patch b/queue-4.9/net-sunhme-fix-packet-reception-for-len-rx_copy_thre.patch new file mode 100644 index 00000000000..9ebd86458d0 --- /dev/null +++ b/queue-4.9/net-sunhme-fix-packet-reception-for-len-rx_copy_thre.patch @@ -0,0 +1,58 @@ +From 93b1707be4f8de2e5a4c8964b5ff03cea43594e2 Mon Sep 17 00:00:00 2001 +From: Sasha Levin +Date: Tue, 20 Sep 2022 19:50:18 -0400 +Subject: net: sunhme: Fix packet reception for len < RX_COPY_THRESHOLD + +From: Sean Anderson + +[ Upstream commit 878e2405710aacfeeb19364c300f38b7a9abfe8f ] + +There is a separate receive path for small packets (under 256 bytes). +Instead of allocating a new dma-capable skb to be used for the next packet, +this path allocates a skb and copies the data into it (reusing the existing +sbk for the next packet). There are two bytes of junk data at the beginning +of every packet. I believe these are inserted in order to allow aligned DMA +and IP headers. We skip over them using skb_reserve. Before copying over +the data, we must use a barrier to ensure we see the whole packet. The +current code only synchronizes len bytes, starting from the beginning of +the packet, including the junk bytes. However, this leaves off the final +two bytes in the packet. Synchronize the whole packet. + +To reproduce this problem, ping a HME with a payload size between 17 and +214 + + $ ping -s 17 + +which will complain rather loudly about the data mismatch. Small packets +(below 60 bytes on the wire) do not have this issue. I suspect this is +related to the padding added to increase the minimum packet size. + +Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2") +Signed-off-by: Sean Anderson +Reviewed-by: Andrew Lunn +Link: https://lore.kernel.org/r/20220920235018.1675956-1-seanga2@gmail.com +Signed-off-by: Jakub Kicinski +Signed-off-by: Sasha Levin +--- + drivers/net/ethernet/sun/sunhme.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/drivers/net/ethernet/sun/sunhme.c b/drivers/net/ethernet/sun/sunhme.c +index b38106a7cb5d..b421a1d44783 100644 +--- a/drivers/net/ethernet/sun/sunhme.c ++++ b/drivers/net/ethernet/sun/sunhme.c +@@ -2064,9 +2064,9 @@ static void happy_meal_rx(struct happy_meal *hp, struct net_device *dev) + + skb_reserve(copy_skb, 2); + skb_put(copy_skb, len); +- dma_sync_single_for_cpu(hp->dma_dev, dma_addr, len, DMA_FROM_DEVICE); ++ dma_sync_single_for_cpu(hp->dma_dev, dma_addr, len + 2, DMA_FROM_DEVICE); + skb_copy_from_linear_data(skb, copy_skb->data, len); +- dma_sync_single_for_device(hp->dma_dev, dma_addr, len, DMA_FROM_DEVICE); ++ dma_sync_single_for_device(hp->dma_dev, dma_addr, len + 2, DMA_FROM_DEVICE); + /* Reuse original ring buffer. */ + hme_write_rxd(hp, this, + (RXFLAG_OWN|((RX_BUF_ALLOC_SIZE-RX_OFFSET)<<16)), +-- +2.35.1 + diff --git a/queue-4.9/net-team-unsync-device-addresses-on-ndo_stop.patch b/queue-4.9/net-team-unsync-device-addresses-on-ndo_stop.patch new file mode 100644 index 00000000000..eaf83cd558f --- /dev/null +++ b/queue-4.9/net-team-unsync-device-addresses-on-ndo_stop.patch @@ -0,0 +1,87 @@ +From 4e7cd27bd9d23a20c5f6e08f00d15bfde674e6af Mon Sep 17 00:00:00 2001 +From: Sasha Levin +Date: Wed, 7 Sep 2022 16:56:41 +0900 +Subject: net: team: Unsync device addresses on ndo_stop + +From: Benjamin Poirier + +[ Upstream commit bd60234222b2fd5573526da7bcd422801f271f5f ] + +Netdev drivers are expected to call dev_{uc,mc}_sync() in their +ndo_set_rx_mode method and dev_{uc,mc}_unsync() in their ndo_stop method. +This is mentioned in the kerneldoc for those dev_* functions. + +The team driver calls dev_{uc,mc}_unsync() during ndo_uninit instead of +ndo_stop. This is ineffective because address lists (dev->{uc,mc}) have +already been emptied in unregister_netdevice_many() before ndo_uninit is +called. This mistake can result in addresses being leftover on former team +ports after a team device has been deleted; see test_LAG_cleanup() in the +last patch in this series. + +Add unsync calls at their expected location, team_close(). + +v3: +* When adding or deleting a port, only sync/unsync addresses if the team + device is up. In other cases, it is taken care of at the right time by + ndo_open/ndo_set_rx_mode/ndo_stop. + +Fixes: 3d249d4ca7d0 ("net: introduce ethernet teaming device") +Signed-off-by: Benjamin Poirier +Signed-off-by: David S. Miller +Signed-off-by: Sasha Levin +--- + drivers/net/team/team.c | 24 ++++++++++++++++++------ + 1 file changed, 18 insertions(+), 6 deletions(-) + +diff --git a/drivers/net/team/team.c b/drivers/net/team/team.c +index 001dea7aaba3..657e12e0b5e2 100644 +--- a/drivers/net/team/team.c ++++ b/drivers/net/team/team.c +@@ -1280,10 +1280,12 @@ static int team_port_add(struct team *team, struct net_device *port_dev) + } + } + +- netif_addr_lock_bh(dev); +- dev_uc_sync_multiple(port_dev, dev); +- dev_mc_sync_multiple(port_dev, dev); +- netif_addr_unlock_bh(dev); ++ if (dev->flags & IFF_UP) { ++ netif_addr_lock_bh(dev); ++ dev_uc_sync_multiple(port_dev, dev); ++ dev_mc_sync_multiple(port_dev, dev); ++ netif_addr_unlock_bh(dev); ++ } + + port->index = -1; + list_add_tail_rcu(&port->list, &team->port_list); +@@ -1354,8 +1356,10 @@ static int team_port_del(struct team *team, struct net_device *port_dev) + netdev_rx_handler_unregister(port_dev); + team_port_disable_netpoll(port); + vlan_vids_del_by_dev(port_dev, dev); +- dev_uc_unsync(port_dev, dev); +- dev_mc_unsync(port_dev, dev); ++ if (dev->flags & IFF_UP) { ++ dev_uc_unsync(port_dev, dev); ++ dev_mc_unsync(port_dev, dev); ++ } + dev_close(port_dev); + team_port_leave(team, port); + +@@ -1703,6 +1707,14 @@ static int team_open(struct net_device *dev) + + static int team_close(struct net_device *dev) + { ++ struct team *team = netdev_priv(dev); ++ struct team_port *port; ++ ++ list_for_each_entry(port, &team->port_list, list) { ++ dev_uc_unsync(port->dev, dev); ++ dev_mc_unsync(port->dev, dev); ++ } ++ + return 0; + } + +-- +2.35.1 + diff --git a/queue-4.9/netfilter-nf_conntrack_irc-tighten-matching-on-dcc-m.patch b/queue-4.9/netfilter-nf_conntrack_irc-tighten-matching-on-dcc-m.patch new file mode 100644 index 00000000000..ea1bea1a59a --- /dev/null +++ b/queue-4.9/netfilter-nf_conntrack_irc-tighten-matching-on-dcc-m.patch @@ -0,0 +1,84 @@ +From a781205cc0388f3bbf80d96612dd1ba1a8512fdb Mon Sep 17 00:00:00 2001 +From: Sasha Levin +Date: Fri, 26 Aug 2022 14:56:57 +1000 +Subject: netfilter: nf_conntrack_irc: Tighten matching on DCC message + +From: David Leadbeater + +[ Upstream commit e8d5dfd1d8747b56077d02664a8838c71ced948e ] + +CTCP messages should only be at the start of an IRC message, not +anywhere within it. + +While the helper only decodes packes in the ORIGINAL direction, its +possible to make a client send a CTCP message back by empedding one into +a PING request. As-is, thats enough to make the helper believe that it +saw a CTCP message. + +Fixes: 869f37d8e48f ("[NETFILTER]: nf_conntrack/nf_nat: add IRC helper port") +Signed-off-by: David Leadbeater +Signed-off-by: Florian Westphal +Signed-off-by: Sasha Levin +--- + net/netfilter/nf_conntrack_irc.c | 34 ++++++++++++++++++++++++++------ + 1 file changed, 28 insertions(+), 6 deletions(-) + +diff --git a/net/netfilter/nf_conntrack_irc.c b/net/netfilter/nf_conntrack_irc.c +index c6a8bdc3a226..5d630288f86c 100644 +--- a/net/netfilter/nf_conntrack_irc.c ++++ b/net/netfilter/nf_conntrack_irc.c +@@ -150,15 +150,37 @@ static int help(struct sk_buff *skb, unsigned int protoff, + data = ib_ptr; + data_limit = ib_ptr + skb->len - dataoff; + +- /* strlen("\1DCC SENT t AAAAAAAA P\1\n")=24 +- * 5+MINMATCHLEN+strlen("t AAAAAAAA P\1\n")=14 */ +- while (data < data_limit - (19 + MINMATCHLEN)) { +- if (memcmp(data, "\1DCC ", 5)) { ++ /* Skip any whitespace */ ++ while (data < data_limit - 10) { ++ if (*data == ' ' || *data == '\r' || *data == '\n') ++ data++; ++ else ++ break; ++ } ++ ++ /* strlen("PRIVMSG x ")=10 */ ++ if (data < data_limit - 10) { ++ if (strncasecmp("PRIVMSG ", data, 8)) ++ goto out; ++ data += 8; ++ } ++ ++ /* strlen(" :\1DCC SENT t AAAAAAAA P\1\n")=26 ++ * 7+MINMATCHLEN+strlen("t AAAAAAAA P\1\n")=26 ++ */ ++ while (data < data_limit - (21 + MINMATCHLEN)) { ++ /* Find first " :", the start of message */ ++ if (memcmp(data, " :", 2)) { + data++; + continue; + } ++ data += 2; ++ ++ /* then check that place only for the DCC command */ ++ if (memcmp(data, "\1DCC ", 5)) ++ goto out; + data += 5; +- /* we have at least (19+MINMATCHLEN)-5 bytes valid data left */ ++ /* we have at least (21+MINMATCHLEN)-(2+5) bytes valid data left */ + + iph = ip_hdr(skb); + pr_debug("DCC found in master %pI4:%u %pI4:%u\n", +@@ -174,7 +196,7 @@ static int help(struct sk_buff *skb, unsigned int protoff, + pr_debug("DCC %s detected\n", dccprotos[i]); + + /* we have at least +- * (19+MINMATCHLEN)-5-dccprotos[i].matchlen bytes valid ++ * (21+MINMATCHLEN)-7-dccprotos[i].matchlen bytes valid + * data left (== 14/13 bytes) */ + if (parse_dcc(data, data_limit, &dcc_ip, + &dcc_port, &addr_beg_p, &addr_end_p)) { +-- +2.35.1 + diff --git a/queue-4.9/netfilter-nf_conntrack_sip-fix-ct_sip_walk_headers.patch b/queue-4.9/netfilter-nf_conntrack_sip-fix-ct_sip_walk_headers.patch new file mode 100644 index 00000000000..91c744470e1 --- /dev/null +++ b/queue-4.9/netfilter-nf_conntrack_sip-fix-ct_sip_walk_headers.patch @@ -0,0 +1,60 @@ +From 0e325848e58026d98f32f090f4d71d109acbe651 Mon Sep 17 00:00:00 2001 +From: Sasha Levin +Date: Wed, 5 Jun 2019 12:32:40 +0300 +Subject: netfilter: nf_conntrack_sip: fix ct_sip_walk_headers + +From: Igor Ryzhov + +[ Upstream commit 39aebedeaaa95757f5c1f2ddb5f43fdddbf478ca ] + +ct_sip_next_header and ct_sip_get_header return an absolute +value of matchoff, not a shift from current dataoff. +So dataoff should be assigned matchoff, not incremented by it. + +This issue can be seen in the scenario when there are multiple +Contact headers and the first one is using a hostname and other headers +use IP addresses. In this case, ct_sip_walk_headers will work as follows: + +The first ct_sip_get_header call to will find the first Contact header +but will return -1 as the header uses a hostname. But matchoff will +be changed to the offset of this header. After that, dataoff should be +set to matchoff, so that the next ct_sip_get_header call find the next +Contact header. But instead of assigning dataoff to matchoff, it is +incremented by it, which is not correct, as matchoff is an absolute +value of the offset. So on the next call to the ct_sip_get_header, +dataoff will be incorrect, and the next Contact header may not be +found at all. + +Fixes: 05e3ced297fe ("[NETFILTER]: nf_conntrack_sip: introduce SIP-URI parsing helper") +Signed-off-by: Igor Ryzhov +Signed-off-by: Florian Westphal +Signed-off-by: Sasha Levin +--- + net/netfilter/nf_conntrack_sip.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/net/netfilter/nf_conntrack_sip.c b/net/netfilter/nf_conntrack_sip.c +index 3a8dc39a9116..7dc23df7b4e3 100644 +--- a/net/netfilter/nf_conntrack_sip.c ++++ b/net/netfilter/nf_conntrack_sip.c +@@ -471,7 +471,7 @@ static int ct_sip_walk_headers(const struct nf_conn *ct, const char *dptr, + return ret; + if (ret == 0) + break; +- dataoff += *matchoff; ++ dataoff = *matchoff; + } + *in_header = 0; + } +@@ -483,7 +483,7 @@ static int ct_sip_walk_headers(const struct nf_conn *ct, const char *dptr, + break; + if (ret == 0) + return ret; +- dataoff += *matchoff; ++ dataoff = *matchoff; + } + + if (in_header) +-- +2.35.1 + diff --git a/queue-4.9/perf-kcore_copy-do-not-check-proc-modules-is-unchang.patch b/queue-4.9/perf-kcore_copy-do-not-check-proc-modules-is-unchang.patch new file mode 100644 index 00000000000..17c0dc17438 --- /dev/null +++ b/queue-4.9/perf-kcore_copy-do-not-check-proc-modules-is-unchang.patch @@ -0,0 +1,62 @@ +From 054ba041b8ec0acbab0897256a41050286bbf59c Mon Sep 17 00:00:00 2001 +From: Sasha Levin +Date: Wed, 14 Sep 2022 15:24:29 +0300 +Subject: perf kcore_copy: Do not check /proc/modules is unchanged + +From: Adrian Hunter + +[ Upstream commit 5b427df27b94aec1312cace48a746782a0925c53 ] + +/proc/kallsyms and /proc/modules are compared before and after the copy +in order to ensure no changes during the copy. + +However /proc/modules also might change due to reference counts changing +even though that does not make any difference. + +Any modules loaded or unloaded should be visible in changes to kallsyms, +so it is not necessary to check /proc/modules also anyway. + +Remove the comparison checking that /proc/modules is unchanged. + +Fixes: fc1b691d7651d949 ("perf buildid-cache: Add ability to add kcore to the cache") +Reported-by: Daniel Dao +Signed-off-by: Adrian Hunter +Tested-by: Daniel Dao +Acked-by: Namhyung Kim +Cc: Ian Rogers +Cc: Jiri Olsa +Link: https://lore.kernel.org/r/20220914122429.8770-1-adrian.hunter@intel.com +Signed-off-by: Arnaldo Carvalho de Melo +Signed-off-by: Sasha Levin +--- + tools/perf/util/symbol-elf.c | 7 ++----- + 1 file changed, 2 insertions(+), 5 deletions(-) + +diff --git a/tools/perf/util/symbol-elf.c b/tools/perf/util/symbol-elf.c +index e155783c601a..0a7e1543ce8f 100644 +--- a/tools/perf/util/symbol-elf.c ++++ b/tools/perf/util/symbol-elf.c +@@ -1694,8 +1694,8 @@ static int kcore_copy__compare_file(const char *from_dir, const char *to_dir, + * unusual. One significant peculiarity is that the mapping (start -> pgoff) + * is not the same for the kernel map and the modules map. That happens because + * the data is copied adjacently whereas the original kcore has gaps. Finally, +- * kallsyms and modules files are compared with their copies to check that +- * modules have not been loaded or unloaded while the copies were taking place. ++ * kallsyms file is compared with its copy to check that modules have not been ++ * loaded or unloaded while the copies were taking place. + * + * Return: %0 on success, %-1 on failure. + */ +@@ -1758,9 +1758,6 @@ int kcore_copy(const char *from_dir, const char *to_dir) + kci.modules_map.len)) + goto out_extract_close; + +- if (kcore_copy__compare_file(from_dir, to_dir, "modules")) +- goto out_extract_close; +- + if (kcore_copy__compare_file(from_dir, to_dir, "kallsyms")) + goto out_extract_close; + +-- +2.35.1 + diff --git a/queue-4.9/series b/queue-4.9/series index 8c72c9a5eed..619d2a914ac 100644 --- a/queue-4.9/series +++ b/queue-4.9/series @@ -15,3 +15,11 @@ usb-core-fix-rst-error-in-hub.c.patch alsa-hda-tegra-set-depop-delay-for-tegra.patch alsa-hda-add-intel-5-series-3400-pci-did.patch mm-slub-fix-to-return-errno-if-kmalloc-fails.patch +netfilter-nf_conntrack_sip-fix-ct_sip_walk_headers.patch +netfilter-nf_conntrack_irc-tighten-matching-on-dcc-m.patch +ipvlan-fix-out-of-bound-bugs-caused-by-unset-skb-mac.patch +net-team-unsync-device-addresses-on-ndo_stop.patch +mips-lantiq-export-clk_get_io-for-lantiq_wdt.ko.patch +can-gs_usb-gs_can_open-fix-race-dev-can.state-condit.patch +perf-kcore_copy-do-not-check-proc-modules-is-unchang.patch +net-sunhme-fix-packet-reception-for-len-rx_copy_thre.patch