From: Sasha Levin Date: Thu, 25 Mar 2021 20:14:44 +0000 (-0400) Subject: Fixes for 4.4 X-Git-Tag: v5.11.11~71 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=4eabc6edf60d9fa68aa1fcd46477afb3a176c052;p=thirdparty%2Fkernel%2Fstable-queue.git Fixes for 4.4 Signed-off-by: Sasha Levin --- diff --git a/queue-4.4/atm-eni-dont-release-is-never-initialized.patch b/queue-4.4/atm-eni-dont-release-is-never-initialized.patch new file mode 100644 index 00000000000..03beda89756 --- /dev/null +++ b/queue-4.4/atm-eni-dont-release-is-never-initialized.patch @@ -0,0 +1,106 @@ +From 8a9e36e485f49da1910287e1f239f5b208fa6227 Mon Sep 17 00:00:00 2001 +From: Sasha Levin +Date: Sat, 27 Feb 2021 16:15:06 -0500 +Subject: atm: eni: dont release is never initialized + +From: Tong Zhang + +[ Upstream commit 4deb550bc3b698a1f03d0332cde3df154d1b6c1e ] + +label err_eni_release is reachable when eni_start() fail. +In eni_start() it calls dev->phy->start() in the last step, if start() +fail we don't need to call phy->stop(), if start() is never called, we +neither need to call phy->stop(), otherwise null-ptr-deref will happen. + +In order to fix this issue, don't call phy->stop() in label err_eni_release + +[ 4.875714] ================================================================== +[ 4.876091] BUG: KASAN: null-ptr-deref in suni_stop+0x47/0x100 [suni] +[ 4.876433] Read of size 8 at addr 0000000000000030 by task modprobe/95 +[ 4.876778] +[ 4.876862] CPU: 0 PID: 95 Comm: modprobe Not tainted 5.11.0-rc7-00090-gdcc0b49040c7 #2 +[ 4.877290] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-48-gd94 +[ 4.877876] Call Trace: +[ 4.878009] dump_stack+0x7d/0xa3 +[ 4.878191] kasan_report.cold+0x10c/0x10e +[ 4.878410] ? __slab_free+0x2f0/0x340 +[ 4.878612] ? suni_stop+0x47/0x100 [suni] +[ 4.878832] suni_stop+0x47/0x100 [suni] +[ 4.879043] eni_do_release+0x3b/0x70 [eni] +[ 4.879269] eni_init_one.cold+0x1152/0x1747 [eni] +[ 4.879528] ? _raw_spin_lock_irqsave+0x7b/0xd0 +[ 4.879768] ? eni_ioctl+0x270/0x270 [eni] +[ 4.879990] ? __mutex_lock_slowpath+0x10/0x10 +[ 4.880226] ? eni_ioctl+0x270/0x270 [eni] +[ 4.880448] local_pci_probe+0x6f/0xb0 +[ 4.880650] pci_device_probe+0x171/0x240 +[ 4.880864] ? pci_device_remove+0xe0/0xe0 +[ 4.881086] ? kernfs_create_link+0xb6/0x110 +[ 4.881315] ? sysfs_do_create_link_sd.isra.0+0x76/0xe0 +[ 4.881594] really_probe+0x161/0x420 +[ 4.881791] driver_probe_device+0x6d/0xd0 +[ 4.882010] device_driver_attach+0x82/0x90 +[ 4.882233] ? device_driver_attach+0x90/0x90 +[ 4.882465] __driver_attach+0x60/0x100 +[ 4.882671] ? device_driver_attach+0x90/0x90 +[ 4.882903] bus_for_each_dev+0xe1/0x140 +[ 4.883114] ? subsys_dev_iter_exit+0x10/0x10 +[ 4.883346] ? klist_node_init+0x61/0x80 +[ 4.883557] bus_add_driver+0x254/0x2a0 +[ 4.883764] driver_register+0xd3/0x150 +[ 4.883971] ? 0xffffffffc0038000 +[ 4.884149] do_one_initcall+0x84/0x250 +[ 4.884355] ? trace_event_raw_event_initcall_finish+0x150/0x150 +[ 4.884674] ? unpoison_range+0xf/0x30 +[ 4.884875] ? ____kasan_kmalloc.constprop.0+0x84/0xa0 +[ 4.885150] ? unpoison_range+0xf/0x30 +[ 4.885352] ? unpoison_range+0xf/0x30 +[ 4.885557] do_init_module+0xf8/0x350 +[ 4.885760] load_module+0x3fe6/0x4340 +[ 4.885960] ? vm_unmap_ram+0x1d0/0x1d0 +[ 4.886166] ? ____kasan_kmalloc.constprop.0+0x84/0xa0 +[ 4.886441] ? module_frob_arch_sections+0x20/0x20 +[ 4.886697] ? __do_sys_finit_module+0x108/0x170 +[ 4.886941] __do_sys_finit_module+0x108/0x170 +[ 4.887178] ? __ia32_sys_init_module+0x40/0x40 +[ 4.887419] ? file_open_root+0x200/0x200 +[ 4.887634] ? do_sys_open+0x85/0xe0 +[ 4.887826] ? filp_open+0x50/0x50 +[ 4.888009] ? fpregs_assert_state_consistent+0x4d/0x60 +[ 4.888287] ? exit_to_user_mode_prepare+0x2f/0x130 +[ 4.888547] do_syscall_64+0x33/0x40 +[ 4.888739] entry_SYSCALL_64_after_hwframe+0x44/0xa9 +[ 4.889010] RIP: 0033:0x7ff62fcf1cf7 +[ 4.889202] Code: 48 89 57 30 48 8b 04 24 48 89 47 38 e9 1d a0 02 00 48 89 f8 48 89 f71 +[ 4.890172] RSP: 002b:00007ffe6644ade8 EFLAGS: 00000246 ORIG_RAX: 0000000000000139 +[ 4.890570] RAX: ffffffffffffffda RBX: 0000000000f2ca70 RCX: 00007ff62fcf1cf7 +[ 4.890944] RDX: 0000000000000000 RSI: 0000000000f2b9e0 RDI: 0000000000000003 +[ 4.891318] RBP: 0000000000000003 R08: 0000000000000000 R09: 0000000000000001 +[ 4.891691] R10: 00007ff62fd55300 R11: 0000000000000246 R12: 0000000000f2b9e0 +[ 4.892064] R13: 0000000000000000 R14: 0000000000f2bdd0 R15: 0000000000000001 +[ 4.892439] ================================================================== + +Signed-off-by: Tong Zhang +Signed-off-by: David S. Miller +Signed-off-by: Sasha Levin +--- + drivers/atm/eni.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/drivers/atm/eni.c b/drivers/atm/eni.c +index 340a1ee79d28..3d5ad2bc809b 100644 +--- a/drivers/atm/eni.c ++++ b/drivers/atm/eni.c +@@ -2278,7 +2278,8 @@ static int eni_init_one(struct pci_dev *pci_dev, + return rc; + + err_eni_release: +- eni_do_release(dev); ++ dev->phy = NULL; ++ iounmap(ENI_DEV(dev)->ioaddr); + err_unregister: + atm_dev_deregister(dev); + err_free_consistent: +-- +2.30.1 + diff --git a/queue-4.4/atm-idt77252-fix-null-ptr-dereference.patch b/queue-4.4/atm-idt77252-fix-null-ptr-dereference.patch new file mode 100644 index 00000000000..ae8e70ad05e --- /dev/null +++ b/queue-4.4/atm-idt77252-fix-null-ptr-dereference.patch @@ -0,0 +1,48 @@ +From 43702846cd596ee0bf13c4042a41201b7ef3aefd Mon Sep 17 00:00:00 2001 +From: Sasha Levin +Date: Sun, 7 Mar 2021 22:25:30 -0500 +Subject: atm: idt77252: fix null-ptr-dereference + +From: Tong Zhang + +[ Upstream commit 4416e98594dc04590ebc498fc4e530009535c511 ] + +this one is similar to the phy_data allocation fix in uPD98402, the +driver allocate the idt77105_priv and store to dev_data but later +dereference using dev->dev_data, which will cause null-ptr-dereference. + +fix this issue by changing dev_data to phy_data so that PRIV(dev) can +work correctly. + +Signed-off-by: Tong Zhang +Signed-off-by: David S. Miller +Signed-off-by: Sasha Levin +--- + drivers/atm/idt77105.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/drivers/atm/idt77105.c b/drivers/atm/idt77105.c +index feb023d7eebd..40644670cff2 100644 +--- a/drivers/atm/idt77105.c ++++ b/drivers/atm/idt77105.c +@@ -261,7 +261,7 @@ static int idt77105_start(struct atm_dev *dev) + { + unsigned long flags; + +- if (!(dev->dev_data = kmalloc(sizeof(struct idt77105_priv),GFP_KERNEL))) ++ if (!(dev->phy_data = kmalloc(sizeof(struct idt77105_priv),GFP_KERNEL))) + return -ENOMEM; + PRIV(dev)->dev = dev; + spin_lock_irqsave(&idt77105_priv_lock, flags); +@@ -338,7 +338,7 @@ static int idt77105_stop(struct atm_dev *dev) + else + idt77105_all = walk->next; + dev->phy = NULL; +- dev->dev_data = NULL; ++ dev->phy_data = NULL; + kfree(walk); + break; + } +-- +2.30.1 + diff --git a/queue-4.4/atm-lanai-dont-run-lanai_dev_close-if-not-open.patch b/queue-4.4/atm-lanai-dont-run-lanai_dev_close-if-not-open.patch new file mode 100644 index 00000000000..f3798f38bc0 --- /dev/null +++ b/queue-4.4/atm-lanai-dont-run-lanai_dev_close-if-not-open.patch @@ -0,0 +1,147 @@ +From 863f262eb512f698a80422d9363f2d8591014e5b Mon Sep 17 00:00:00 2001 +From: Sasha Levin +Date: Sat, 27 Feb 2021 22:55:50 -0500 +Subject: atm: lanai: dont run lanai_dev_close if not open + +From: Tong Zhang + +[ Upstream commit a2bd45834e83d6c5a04d397bde13d744a4812dfc ] + +lanai_dev_open() can fail. When it fail, lanai->base is unmapped and the +pci device is disabled. The caller, lanai_init_one(), then tries to run +atm_dev_deregister(). This will subsequently call lanai_dev_close() and +use the already released MMIO area. + +To fix this issue, set the lanai->base to NULL if open fail, +and test the flag in lanai_dev_close(). + +[ 8.324153] lanai: lanai_start() failed, err=19 +[ 8.324819] lanai(itf 0): shutting down interface +[ 8.325211] BUG: unable to handle page fault for address: ffffc90000180024 +[ 8.325781] #PF: supervisor write access in kernel mode +[ 8.326215] #PF: error_code(0x0002) - not-present page +[ 8.326641] PGD 100000067 P4D 100000067 PUD 100139067 PMD 10013a067 PTE 0 +[ 8.327206] Oops: 0002 [#1] SMP KASAN NOPTI +[ 8.327557] CPU: 0 PID: 95 Comm: modprobe Not tainted 5.11.0-rc7-00090-gdcc0b49040c7 #12 +[ 8.328229] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-48-gd9c812dda519-4 +[ 8.329145] RIP: 0010:lanai_dev_close+0x4f/0xe5 [lanai] +[ 8.329587] Code: 00 48 c7 c7 00 d3 01 c0 e8 49 4e 0a c2 48 8d bd 08 02 00 00 e8 6e 52 14 c1 48 80 +[ 8.330917] RSP: 0018:ffff8881029ef680 EFLAGS: 00010246 +[ 8.331196] RAX: 000000000003fffe RBX: ffff888102fb4800 RCX: ffffffffc001a98a +[ 8.331572] RDX: ffffc90000180000 RSI: 0000000000000246 RDI: ffff888102fb4000 +[ 8.331948] RBP: ffff888102fb4000 R08: ffffffff8115da8a R09: ffffed102053deaa +[ 8.332326] R10: 0000000000000003 R11: ffffed102053dea9 R12: ffff888102fb48a4 +[ 8.332701] R13: ffffffffc00123c0 R14: ffff888102fb4b90 R15: ffff888102fb4b88 +[ 8.333077] FS: 00007f08eb9056a0(0000) GS:ffff88815b400000(0000) knlGS:0000000000000000 +[ 8.333502] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 +[ 8.333806] CR2: ffffc90000180024 CR3: 0000000102a28000 CR4: 00000000000006f0 +[ 8.334182] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 +[ 8.334557] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 +[ 8.334932] Call Trace: +[ 8.335066] atm_dev_deregister+0x161/0x1a0 [atm] +[ 8.335324] lanai_init_one.cold+0x20c/0x96d [lanai] +[ 8.335594] ? lanai_send+0x2a0/0x2a0 [lanai] +[ 8.335831] local_pci_probe+0x6f/0xb0 +[ 8.336039] pci_device_probe+0x171/0x240 +[ 8.336255] ? pci_device_remove+0xe0/0xe0 +[ 8.336475] ? kernfs_create_link+0xb6/0x110 +[ 8.336704] ? sysfs_do_create_link_sd.isra.0+0x76/0xe0 +[ 8.336983] really_probe+0x161/0x420 +[ 8.337181] driver_probe_device+0x6d/0xd0 +[ 8.337401] device_driver_attach+0x82/0x90 +[ 8.337626] ? device_driver_attach+0x90/0x90 +[ 8.337859] __driver_attach+0x60/0x100 +[ 8.338065] ? device_driver_attach+0x90/0x90 +[ 8.338298] bus_for_each_dev+0xe1/0x140 +[ 8.338511] ? subsys_dev_iter_exit+0x10/0x10 +[ 8.338745] ? klist_node_init+0x61/0x80 +[ 8.338956] bus_add_driver+0x254/0x2a0 +[ 8.339164] driver_register+0xd3/0x150 +[ 8.339370] ? 0xffffffffc0028000 +[ 8.339550] do_one_initcall+0x84/0x250 +[ 8.339755] ? trace_event_raw_event_initcall_finish+0x150/0x150 +[ 8.340076] ? free_vmap_area_noflush+0x1a5/0x5c0 +[ 8.340329] ? unpoison_range+0xf/0x30 +[ 8.340532] ? ____kasan_kmalloc.constprop.0+0x84/0xa0 +[ 8.340806] ? unpoison_range+0xf/0x30 +[ 8.341014] ? unpoison_range+0xf/0x30 +[ 8.341217] do_init_module+0xf8/0x350 +[ 8.341419] load_module+0x3fe6/0x4340 +[ 8.341621] ? vm_unmap_ram+0x1d0/0x1d0 +[ 8.341826] ? ____kasan_kmalloc.constprop.0+0x84/0xa0 +[ 8.342101] ? module_frob_arch_sections+0x20/0x20 +[ 8.342358] ? __do_sys_finit_module+0x108/0x170 +[ 8.342604] __do_sys_finit_module+0x108/0x170 +[ 8.342841] ? __ia32_sys_init_module+0x40/0x40 +[ 8.343083] ? file_open_root+0x200/0x200 +[ 8.343298] ? do_sys_open+0x85/0xe0 +[ 8.343491] ? filp_open+0x50/0x50 +[ 8.343675] ? exit_to_user_mode_prepare+0xfc/0x130 +[ 8.343935] do_syscall_64+0x33/0x40 +[ 8.344132] entry_SYSCALL_64_after_hwframe+0x44/0xa9 +[ 8.344401] RIP: 0033:0x7f08eb887cf7 +[ 8.344594] Code: 48 89 57 30 48 8b 04 24 48 89 47 38 e9 1d a0 02 00 48 89 f8 48 89 f7 48 89 d6 41 +[ 8.345565] RSP: 002b:00007ffcd5c98ad8 EFLAGS: 00000246 ORIG_RAX: 0000000000000139 +[ 8.345962] RAX: ffffffffffffffda RBX: 00000000008fea70 RCX: 00007f08eb887cf7 +[ 8.346336] RDX: 0000000000000000 RSI: 00000000008fd9e0 RDI: 0000000000000003 +[ 8.346711] RBP: 0000000000000003 R08: 0000000000000000 R09: 0000000000000001 +[ 8.347085] R10: 00007f08eb8eb300 R11: 0000000000000246 R12: 00000000008fd9e0 +[ 8.347460] R13: 0000000000000000 R14: 00000000008fddd0 R15: 0000000000000001 +[ 8.347836] Modules linked in: lanai(+) atm +[ 8.348065] CR2: ffffc90000180024 +[ 8.348244] ---[ end trace 7fdc1c668f2003e5 ]--- +[ 8.348490] RIP: 0010:lanai_dev_close+0x4f/0xe5 [lanai] +[ 8.348772] Code: 00 48 c7 c7 00 d3 01 c0 e8 49 4e 0a c2 48 8d bd 08 02 00 00 e8 6e 52 14 c1 48 80 +[ 8.349745] RSP: 0018:ffff8881029ef680 EFLAGS: 00010246 +[ 8.350022] RAX: 000000000003fffe RBX: ffff888102fb4800 RCX: ffffffffc001a98a +[ 8.350397] RDX: ffffc90000180000 RSI: 0000000000000246 RDI: ffff888102fb4000 +[ 8.350772] RBP: ffff888102fb4000 R08: ffffffff8115da8a R09: ffffed102053deaa +[ 8.351151] R10: 0000000000000003 R11: ffffed102053dea9 R12: ffff888102fb48a4 +[ 8.351525] R13: ffffffffc00123c0 R14: ffff888102fb4b90 R15: ffff888102fb4b88 +[ 8.351918] FS: 00007f08eb9056a0(0000) GS:ffff88815b400000(0000) knlGS:0000000000000000 +[ 8.352343] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 +[ 8.352647] CR2: ffffc90000180024 CR3: 0000000102a28000 CR4: 00000000000006f0 +[ 8.353022] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 +[ 8.353397] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 +[ 8.353958] modprobe (95) used greatest stack depth: 26216 bytes left + +Signed-off-by: Tong Zhang +Signed-off-by: David S. Miller +Signed-off-by: Sasha Levin +--- + drivers/atm/lanai.c | 5 ++++- + 1 file changed, 4 insertions(+), 1 deletion(-) + +diff --git a/drivers/atm/lanai.c b/drivers/atm/lanai.c +index ce43ae3e87b3..3002b1177005 100644 +--- a/drivers/atm/lanai.c ++++ b/drivers/atm/lanai.c +@@ -2239,6 +2239,7 @@ static int lanai_dev_open(struct atm_dev *atmdev) + conf1_write(lanai); + #endif + iounmap(lanai->base); ++ lanai->base = NULL; + error_pci: + pci_disable_device(lanai->pci); + error: +@@ -2251,6 +2252,8 @@ static int lanai_dev_open(struct atm_dev *atmdev) + static void lanai_dev_close(struct atm_dev *atmdev) + { + struct lanai_dev *lanai = (struct lanai_dev *) atmdev->dev_data; ++ if (lanai->base==NULL) ++ return; + printk(KERN_INFO DEV_LABEL "(itf %d): shutting down interface\n", + lanai->number); + lanai_timed_poll_stop(lanai); +@@ -2560,7 +2563,7 @@ static int lanai_init_one(struct pci_dev *pci, + struct atm_dev *atmdev; + int result; + +- lanai = kmalloc(sizeof(*lanai), GFP_KERNEL); ++ lanai = kzalloc(sizeof(*lanai), GFP_KERNEL); + if (lanai == NULL) { + printk(KERN_ERR DEV_LABEL + ": couldn't allocate dev_data structure!\n"); +-- +2.30.1 + diff --git a/queue-4.4/atm-upd98402-fix-incorrect-allocation.patch b/queue-4.4/atm-upd98402-fix-incorrect-allocation.patch new file mode 100644 index 00000000000..5411c28ad90 --- /dev/null +++ b/queue-4.4/atm-upd98402-fix-incorrect-allocation.patch @@ -0,0 +1,39 @@ +From a27c9d5e9a288c4ad9d84ee2ebf3fff8888daf49 Mon Sep 17 00:00:00 2001 +From: Sasha Levin +Date: Sun, 7 Mar 2021 22:25:29 -0500 +Subject: atm: uPD98402: fix incorrect allocation + +From: Tong Zhang + +[ Upstream commit 3153724fc084d8ef640c611f269ddfb576d1dcb1 ] + +dev->dev_data is set in zatm.c, calling zatm_start() will overwrite this +dev->dev_data in uPD98402_start() and a subsequent PRIV(dev)->lock +(i.e dev->phy_data->lock) will result in a null-ptr-dereference. + +I believe this is a typo and what it actually want to do is to allocate +phy_data instead of dev_data. + +Signed-off-by: Tong Zhang +Signed-off-by: David S. Miller +Signed-off-by: Sasha Levin +--- + drivers/atm/uPD98402.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/drivers/atm/uPD98402.c b/drivers/atm/uPD98402.c +index 5120a96b3a89..b2f4e8df1591 100644 +--- a/drivers/atm/uPD98402.c ++++ b/drivers/atm/uPD98402.c +@@ -210,7 +210,7 @@ static void uPD98402_int(struct atm_dev *dev) + static int uPD98402_start(struct atm_dev *dev) + { + DPRINTK("phy_start\n"); +- if (!(dev->dev_data = kmalloc(sizeof(struct uPD98402_priv),GFP_KERNEL))) ++ if (!(dev->phy_data = kmalloc(sizeof(struct uPD98402_priv),GFP_KERNEL))) + return -ENOMEM; + spin_lock_init(&PRIV(dev)->lock); + memset(&PRIV(dev)->sonet_stats,0,sizeof(struct k_sonet_stats)); +-- +2.30.1 + diff --git a/queue-4.4/ia64-fix-ia64_syscall_get_set_arguments-for-break-ba.patch b/queue-4.4/ia64-fix-ia64_syscall_get_set_arguments-for-break-ba.patch new file mode 100644 index 00000000000..d5da5794a7e --- /dev/null +++ b/queue-4.4/ia64-fix-ia64_syscall_get_set_arguments-for-break-ba.patch @@ -0,0 +1,98 @@ +From fbf7a7b20865aef3c8e0d72c6182b9a896d1b5ae Mon Sep 17 00:00:00 2001 +From: Sasha Levin +Date: Fri, 12 Mar 2021 21:08:23 -0800 +Subject: ia64: fix ia64_syscall_get_set_arguments() for break-based syscalls + +From: Sergei Trofimovich + +[ Upstream commit 0ceb1ace4a2778e34a5414e5349712ae4dc41d85 ] + +In https://bugs.gentoo.org/769614 Dmitry noticed that +`ptrace(PTRACE_GET_SYSCALL_INFO)` does not work for syscalls called via +glibc's syscall() wrapper. + +ia64 has two ways to call syscalls from userspace: via `break` and via +`eps` instructions. + +The difference is in stack layout: + +1. `eps` creates simple stack frame: no locals, in{0..7} == out{0..8} +2. `break` uses userspace stack frame: may be locals (glibc provides + one), in{0..7} == out{0..8}. + +Both work fine in syscall handling cde itself. + +But `ptrace(PTRACE_GET_SYSCALL_INFO)` uses unwind mechanism to +re-extract syscall arguments but it does not account for locals. + +The change always skips locals registers. It should not change `eps` +path as kernel's handler already enforces locals=0 and fixes `break`. + +Tested on v5.10 on rx3600 machine (ia64 9040 CPU). + +Link: https://lkml.kernel.org/r/20210221002554.333076-1-slyfox@gentoo.org +Link: https://bugs.gentoo.org/769614 +Signed-off-by: Sergei Trofimovich +Reported-by: Dmitry V. Levin +Cc: Oleg Nesterov +Cc: John Paul Adrian Glaubitz +Signed-off-by: Andrew Morton +Signed-off-by: Linus Torvalds +Signed-off-by: Sasha Levin +--- + arch/ia64/kernel/ptrace.c | 24 ++++++++++++++++++------ + 1 file changed, 18 insertions(+), 6 deletions(-) + +diff --git a/arch/ia64/kernel/ptrace.c b/arch/ia64/kernel/ptrace.c +index 6f54d511cc50..a757b123ebaf 100644 +--- a/arch/ia64/kernel/ptrace.c ++++ b/arch/ia64/kernel/ptrace.c +@@ -2140,27 +2140,39 @@ static void syscall_get_set_args_cb(struct unw_frame_info *info, void *data) + { + struct syscall_get_set_args *args = data; + struct pt_regs *pt = args->regs; +- unsigned long *krbs, cfm, ndirty; ++ unsigned long *krbs, cfm, ndirty, nlocals, nouts; + int i, count; + + if (unw_unwind_to_user(info) < 0) + return; + ++ /* ++ * We get here via a few paths: ++ * - break instruction: cfm is shared with caller. ++ * syscall args are in out= regs, locals are non-empty. ++ * - epsinstruction: cfm is set by br.call ++ * locals don't exist. ++ * ++ * For both cases argguments are reachable in cfm.sof - cfm.sol. ++ * CFM: [ ... | sor: 17..14 | sol : 13..7 | sof : 6..0 ] ++ */ + cfm = pt->cr_ifs; ++ nlocals = (cfm >> 7) & 0x7f; /* aka sol */ ++ nouts = (cfm & 0x7f) - nlocals; /* aka sof - sol */ + krbs = (unsigned long *)info->task + IA64_RBS_OFFSET/8; + ndirty = ia64_rse_num_regs(krbs, krbs + (pt->loadrs >> 19)); + + count = 0; + if (in_syscall(pt)) +- count = min_t(int, args->n, cfm & 0x7f); ++ count = min_t(int, args->n, nouts); + ++ /* Iterate over outs. */ + for (i = 0; i < count; i++) { ++ int j = ndirty + nlocals + i + args->i; + if (args->rw) +- *ia64_rse_skip_regs(krbs, ndirty + i + args->i) = +- args->args[i]; ++ *ia64_rse_skip_regs(krbs, j) = args->args[i]; + else +- args->args[i] = *ia64_rse_skip_regs(krbs, +- ndirty + i + args->i); ++ args->args[i] = *ia64_rse_skip_regs(krbs, j); + } + + if (!args->rw) { +-- +2.30.1 + diff --git a/queue-4.4/ia64-fix-ptrace-ptrace_syscall_info_exit-sign.patch b/queue-4.4/ia64-fix-ptrace-ptrace_syscall_info_exit-sign.patch new file mode 100644 index 00000000000..2d61fdeaa29 --- /dev/null +++ b/queue-4.4/ia64-fix-ptrace-ptrace_syscall_info_exit-sign.patch @@ -0,0 +1,72 @@ +From 533c3348c8b6278001caecfaf51831e369cc4081 Mon Sep 17 00:00:00 2001 +From: Sasha Levin +Date: Fri, 12 Mar 2021 21:08:27 -0800 +Subject: ia64: fix ptrace(PTRACE_SYSCALL_INFO_EXIT) sign + +From: Sergei Trofimovich + +[ Upstream commit 61bf318eac2c13356f7bd1c6a05421ef504ccc8a ] + +In https://bugs.gentoo.org/769614 Dmitry noticed that +`ptrace(PTRACE_GET_SYSCALL_INFO)` does not return error sign properly. + +The bug is in mismatch between get/set errors: + +static inline long syscall_get_error(struct task_struct *task, + struct pt_regs *regs) +{ + return regs->r10 == -1 ? regs->r8:0; +} + +static inline long syscall_get_return_value(struct task_struct *task, + struct pt_regs *regs) +{ + return regs->r8; +} + +static inline void syscall_set_return_value(struct task_struct *task, + struct pt_regs *regs, + int error, long val) +{ + if (error) { + /* error < 0, but ia64 uses > 0 return value */ + regs->r8 = -error; + regs->r10 = -1; + } else { + regs->r8 = val; + regs->r10 = 0; + } +} + +Tested on v5.10 on rx3600 machine (ia64 9040 CPU). + +Link: https://lkml.kernel.org/r/20210221002554.333076-2-slyfox@gentoo.org +Link: https://bugs.gentoo.org/769614 +Signed-off-by: Sergei Trofimovich +Reported-by: Dmitry V. Levin +Reviewed-by: Dmitry V. Levin +Cc: John Paul Adrian Glaubitz +Cc: Oleg Nesterov +Signed-off-by: Andrew Morton +Signed-off-by: Linus Torvalds +Signed-off-by: Sasha Levin +--- + arch/ia64/include/asm/syscall.h | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/arch/ia64/include/asm/syscall.h b/arch/ia64/include/asm/syscall.h +index 1d0b875fec44..ec909eec0b4c 100644 +--- a/arch/ia64/include/asm/syscall.h ++++ b/arch/ia64/include/asm/syscall.h +@@ -35,7 +35,7 @@ static inline void syscall_rollback(struct task_struct *task, + static inline long syscall_get_error(struct task_struct *task, + struct pt_regs *regs) + { +- return regs->r10 == -1 ? regs->r8:0; ++ return regs->r10 == -1 ? -regs->r8:0; + } + + static inline long syscall_get_return_value(struct task_struct *task, +-- +2.30.1 + diff --git a/queue-4.4/net-fec-ptp-avoid-register-access-when-ipg-clock-is-.patch b/queue-4.4/net-fec-ptp-avoid-register-access-when-ipg-clock-is-.patch new file mode 100644 index 00000000000..58a4166f358 --- /dev/null +++ b/queue-4.4/net-fec-ptp-avoid-register-access-when-ipg-clock-is-.patch @@ -0,0 +1,53 @@ +From 61cd382cf38752694a3c53a539d5fae24ed57d64 Mon Sep 17 00:00:00 2001 +From: Sasha Levin +Date: Thu, 25 Feb 2021 22:15:16 +0100 +Subject: net: fec: ptp: avoid register access when ipg clock is disabled + +From: Heiko Thiery + +[ Upstream commit 6a4d7234ae9a3bb31181f348ade9bbdb55aeb5c5 ] + +When accessing the timecounter register on an i.MX8MQ the kernel hangs. +This is only the case when the interface is down. This can be reproduced +by reading with 'phc_ctrl eth0 get'. + +Like described in the change in 91c0d987a9788dcc5fe26baafd73bf9242b68900 +the igp clock is disabled when the interface is down and leads to a +system hang. + +So we check if the ptp clock status before reading the timecounter +register. + +Signed-off-by: Heiko Thiery +Acked-by: Richard Cochran +Link: https://lore.kernel.org/r/20210225211514.9115-1-heiko.thiery@gmail.com +Signed-off-by: Jakub Kicinski +Signed-off-by: Sasha Levin +--- + drivers/net/ethernet/freescale/fec_ptp.c | 7 +++++++ + 1 file changed, 7 insertions(+) + +diff --git a/drivers/net/ethernet/freescale/fec_ptp.c b/drivers/net/ethernet/freescale/fec_ptp.c +index f9e74461bdc0..123181612595 100644 +--- a/drivers/net/ethernet/freescale/fec_ptp.c ++++ b/drivers/net/ethernet/freescale/fec_ptp.c +@@ -396,9 +396,16 @@ static int fec_ptp_gettime(struct ptp_clock_info *ptp, struct timespec64 *ts) + u64 ns; + unsigned long flags; + ++ mutex_lock(&adapter->ptp_clk_mutex); ++ /* Check the ptp clock */ ++ if (!adapter->ptp_clk_on) { ++ mutex_unlock(&adapter->ptp_clk_mutex); ++ return -EINVAL; ++ } + spin_lock_irqsave(&adapter->tmreg_lock, flags); + ns = timecounter_read(&adapter->tc); + spin_unlock_irqrestore(&adapter->tmreg_lock, flags); ++ mutex_unlock(&adapter->ptp_clk_mutex); + + *ts = ns_to_timespec64(ns); + +-- +2.30.1 + diff --git a/queue-4.4/net-tehuti-fix-error-return-code-in-bdx_probe.patch b/queue-4.4/net-tehuti-fix-error-return-code-in-bdx_probe.patch new file mode 100644 index 00000000000..14d7632fd67 --- /dev/null +++ b/queue-4.4/net-tehuti-fix-error-return-code-in-bdx_probe.patch @@ -0,0 +1,36 @@ +From 39514896fa5cee2551ccae8392b352255b050f76 Mon Sep 17 00:00:00 2001 +From: Sasha Levin +Date: Thu, 4 Mar 2021 18:06:48 -0800 +Subject: net: tehuti: fix error return code in bdx_probe() + +From: Jia-Ju Bai + +[ Upstream commit 38c26ff3048af50eee3fcd591921357ee5bfd9ee ] + +When bdx_read_mac() fails, no error return code of bdx_probe() +is assigned. +To fix this bug, err is assigned with -EFAULT as error return code. + +Reported-by: TOTE Robot +Signed-off-by: Jia-Ju Bai +Signed-off-by: David S. Miller +Signed-off-by: Sasha Levin +--- + drivers/net/ethernet/tehuti/tehuti.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/drivers/net/ethernet/tehuti/tehuti.c b/drivers/net/ethernet/tehuti/tehuti.c +index 14c9d1baa85c..19c832aaecf0 100644 +--- a/drivers/net/ethernet/tehuti/tehuti.c ++++ b/drivers/net/ethernet/tehuti/tehuti.c +@@ -2068,6 +2068,7 @@ bdx_probe(struct pci_dev *pdev, const struct pci_device_id *ent) + /*bdx_hw_reset(priv); */ + if (bdx_read_mac(priv)) { + pr_err("load MAC address failed\n"); ++ err = -EFAULT; + goto err_out_iomap; + } + SET_NETDEV_DEV(ndev, &pdev->dev); +-- +2.30.1 + diff --git a/queue-4.4/nfs-correct-size-calculation-for-create-reply-length.patch b/queue-4.4/nfs-correct-size-calculation-for-create-reply-length.patch new file mode 100644 index 00000000000..bb38b13d2be --- /dev/null +++ b/queue-4.4/nfs-correct-size-calculation-for-create-reply-length.patch @@ -0,0 +1,49 @@ +From 3844f0e8ba43a62a53759d5b34aacb95b823b9e0 Mon Sep 17 00:00:00 2001 +From: Sasha Levin +Date: Mon, 8 Mar 2021 12:12:13 -0600 +Subject: NFS: Correct size calculation for create reply length + +From: Frank Sorenson + +[ Upstream commit ad3dbe35c833c2d4d0bbf3f04c785d32f931e7c9 ] + +CREATE requests return a post_op_fh3, rather than nfs_fh3. The +post_op_fh3 includes an extra word to indicate 'handle_follows'. + +Without that additional word, create fails when full 64-byte +filehandles are in use. + +Add NFS3_post_op_fh_sz, and correct the size calculation for +NFS3_createres_sz. + +Signed-off-by: Frank Sorenson +Signed-off-by: Anna Schumaker +Signed-off-by: Sasha Levin +--- + fs/nfs/nfs3xdr.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/fs/nfs/nfs3xdr.c b/fs/nfs/nfs3xdr.c +index 267126d32ec0..4a68837e92ea 100644 +--- a/fs/nfs/nfs3xdr.c ++++ b/fs/nfs/nfs3xdr.c +@@ -33,6 +33,7 @@ + */ + #define NFS3_fhandle_sz (1+16) + #define NFS3_fh_sz (NFS3_fhandle_sz) /* shorthand */ ++#define NFS3_post_op_fh_sz (1+NFS3_fh_sz) + #define NFS3_sattr_sz (15) + #define NFS3_filename_sz (1+(NFS3_MAXNAMLEN>>2)) + #define NFS3_path_sz (1+(NFS3_MAXPATHLEN>>2)) +@@ -70,7 +71,7 @@ + #define NFS3_readlinkres_sz (1+NFS3_post_op_attr_sz+1) + #define NFS3_readres_sz (1+NFS3_post_op_attr_sz+3) + #define NFS3_writeres_sz (1+NFS3_wcc_data_sz+4) +-#define NFS3_createres_sz (1+NFS3_fh_sz+NFS3_post_op_attr_sz+NFS3_wcc_data_sz) ++#define NFS3_createres_sz (1+NFS3_post_op_fh_sz+NFS3_post_op_attr_sz+NFS3_wcc_data_sz) + #define NFS3_renameres_sz (1+(2 * NFS3_wcc_data_sz)) + #define NFS3_linkres_sz (1+NFS3_post_op_attr_sz+NFS3_wcc_data_sz) + #define NFS3_readdirres_sz (1+NFS3_post_op_attr_sz+2) +-- +2.30.1 + diff --git a/queue-4.4/nfs-fix-pnfs_flexfile_layout-kconfig-default.patch b/queue-4.4/nfs-fix-pnfs_flexfile_layout-kconfig-default.patch new file mode 100644 index 00000000000..2d317c919d8 --- /dev/null +++ b/queue-4.4/nfs-fix-pnfs_flexfile_layout-kconfig-default.patch @@ -0,0 +1,36 @@ +From 9accff76cf6f39189e058dd421d7f27d9e08b985 Mon Sep 17 00:00:00 2001 +From: Sasha Levin +Date: Tue, 23 Feb 2021 15:19:01 +0100 +Subject: nfs: fix PNFS_FLEXFILE_LAYOUT Kconfig default + +From: Timo Rothenpieler + +[ Upstream commit a0590473c5e6c4ef17c3132ad08fbad170f72d55 ] + +This follows what was done in 8c2fabc6542d9d0f8b16bd1045c2eda59bdcde13. +With the default being m, it's impossible to build the module into the +kernel. + +Signed-off-by: Timo Rothenpieler +Signed-off-by: Anna Schumaker +Signed-off-by: Sasha Levin +--- + fs/nfs/Kconfig | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/fs/nfs/Kconfig b/fs/nfs/Kconfig +index c3428767332c..55ebf9f4a824 100644 +--- a/fs/nfs/Kconfig ++++ b/fs/nfs/Kconfig +@@ -132,7 +132,7 @@ config PNFS_OBJLAYOUT + config PNFS_FLEXFILE_LAYOUT + tristate + depends on NFS_V4_1 && NFS_V3 +- default m ++ default NFS_V4 + + config NFS_V4_1_IMPLEMENTATION_ID_DOMAIN + string "NFSv4.1 Implementation ID Domain" +-- +2.30.1 + diff --git a/queue-4.4/nfs-we-don-t-support-removing-system.nfs4_acl.patch b/queue-4.4/nfs-we-don-t-support-removing-system.nfs4_acl.patch new file mode 100644 index 00000000000..b961f90a5ad --- /dev/null +++ b/queue-4.4/nfs-we-don-t-support-removing-system.nfs4_acl.patch @@ -0,0 +1,40 @@ +From 7ad6e2dc60d0c74946f1fde30b8b00ff394ce322 Mon Sep 17 00:00:00 2001 +From: Sasha Levin +Date: Thu, 28 Jan 2021 17:36:38 -0500 +Subject: nfs: we don't support removing system.nfs4_acl + +From: J. Bruce Fields + +[ Upstream commit 4f8be1f53bf615102d103c0509ffa9596f65b718 ] + +The NFSv4 protocol doesn't have any notion of reomoving an attribute, so +removexattr(path,"system.nfs4_acl") doesn't make sense. + +There's no documented return value. Arguably it could be EOPNOTSUPP but +I'm a little worried an application might take that to mean that we +don't support ACLs or xattrs. How about EINVAL? + +Signed-off-by: J. Bruce Fields +Signed-off-by: Anna Schumaker +Signed-off-by: Sasha Levin +--- + fs/nfs/nfs4proc.c | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/fs/nfs/nfs4proc.c b/fs/nfs/nfs4proc.c +index 0c9386978d9d..92ca753723b5 100644 +--- a/fs/nfs/nfs4proc.c ++++ b/fs/nfs/nfs4proc.c +@@ -4848,6 +4848,9 @@ static int __nfs4_proc_set_acl(struct inode *inode, const void *buf, size_t bufl + unsigned int npages = DIV_ROUND_UP(buflen, PAGE_SIZE); + int ret, i; + ++ /* You can't remove system.nfs4_acl: */ ++ if (buflen == 0) ++ return -EINVAL; + if (!nfs4_server_supports_acls(server)) + return -EOPNOTSUPP; + if (npages > ARRAY_SIZE(pages)) +-- +2.30.1 + diff --git a/queue-4.4/powerpc-4xx-fix-build-errors-from-mfdcr.patch b/queue-4.4/powerpc-4xx-fix-build-errors-from-mfdcr.patch new file mode 100644 index 00000000000..6b096bc9ac7 --- /dev/null +++ b/queue-4.4/powerpc-4xx-fix-build-errors-from-mfdcr.patch @@ -0,0 +1,72 @@ +From ba4feacfa3c63f4bdd76f8ebef35cac7714e5753 Mon Sep 17 00:00:00 2001 +From: Sasha Levin +Date: Thu, 18 Feb 2021 23:30:58 +1100 +Subject: powerpc/4xx: Fix build errors from mfdcr() + +From: Michael Ellerman + +[ Upstream commit eead089311f4d935ab5d1d8fbb0c42ad44699ada ] + +lkp reported a build error in fsp2.o: + + CC arch/powerpc/platforms/44x/fsp2.o + {standard input}:577: Error: unsupported relocation against base + +Which comes from: + + pr_err("GESR0: 0x%08x\n", mfdcr(base + PLB4OPB_GESR0)); + +Where our mfdcr() macro is stringifying "base + PLB4OPB_GESR0", and +passing that to the assembler, which obviously doesn't work. + +The mfdcr() macro already checks that the argument is constant using +__builtin_constant_p(), and if not calls the out-of-line version of +mfdcr(). But in this case GCC is smart enough to notice that "base + +PLB4OPB_GESR0" will be constant, even though it's not something we can +immediately stringify into a register number. + +Segher pointed out that passing the register number to the inline asm +as a constant would be better, and in fact it fixes the build error, +presumably because it gives GCC a chance to resolve the value. + +While we're at it, change mtdcr() similarly. + +Reported-by: kernel test robot +Suggested-by: Segher Boessenkool +Signed-off-by: Michael Ellerman +Acked-by: Feng Tang +Link: https://lore.kernel.org/r/20210218123058.748882-1-mpe@ellerman.id.au +Signed-off-by: Sasha Levin +--- + arch/powerpc/include/asm/dcr-native.h | 8 ++++---- + 1 file changed, 4 insertions(+), 4 deletions(-) + +diff --git a/arch/powerpc/include/asm/dcr-native.h b/arch/powerpc/include/asm/dcr-native.h +index 4efc11dacb98..4494d5e1932f 100644 +--- a/arch/powerpc/include/asm/dcr-native.h ++++ b/arch/powerpc/include/asm/dcr-native.h +@@ -64,8 +64,8 @@ static inline void mtdcrx(unsigned int reg, unsigned int val) + #define mfdcr(rn) \ + ({unsigned int rval; \ + if (__builtin_constant_p(rn) && rn < 1024) \ +- asm volatile("mfdcr %0," __stringify(rn) \ +- : "=r" (rval)); \ ++ asm volatile("mfdcr %0, %1" : "=r" (rval) \ ++ : "n" (rn)); \ + else if (likely(cpu_has_feature(CPU_FTR_INDEXED_DCR))) \ + rval = mfdcrx(rn); \ + else \ +@@ -75,8 +75,8 @@ static inline void mtdcrx(unsigned int reg, unsigned int val) + #define mtdcr(rn, v) \ + do { \ + if (__builtin_constant_p(rn) && rn < 1024) \ +- asm volatile("mtdcr " __stringify(rn) ",%0" \ +- : : "r" (v)); \ ++ asm volatile("mtdcr %0, %1" \ ++ : : "n" (rn), "r" (v)); \ + else if (likely(cpu_has_feature(CPU_FTR_INDEXED_DCR))) \ + mtdcrx(rn, v); \ + else \ +-- +2.30.1 + diff --git a/queue-4.4/series b/queue-4.4/series new file mode 100644 index 00000000000..33deea159e7 --- /dev/null +++ b/queue-4.4/series @@ -0,0 +1,14 @@ +net-fec-ptp-avoid-register-access-when-ipg-clock-is-.patch +powerpc-4xx-fix-build-errors-from-mfdcr.patch +atm-eni-dont-release-is-never-initialized.patch +atm-lanai-dont-run-lanai_dev_close-if-not-open.patch +net-tehuti-fix-error-return-code-in-bdx_probe.patch +sun-niu-fix-wrong-rxmac_bc_frm_cnt_count-count.patch +nfs-fix-pnfs_flexfile_layout-kconfig-default.patch +nfs-correct-size-calculation-for-create-reply-length.patch +atm-upd98402-fix-incorrect-allocation.patch +atm-idt77252-fix-null-ptr-dereference.patch +u64_stats-lockdep-fix-u64_stats_init-vs-lockdep.patch +nfs-we-don-t-support-removing-system.nfs4_acl.patch +ia64-fix-ia64_syscall_get_set_arguments-for-break-ba.patch +ia64-fix-ptrace-ptrace_syscall_info_exit-sign.patch diff --git a/queue-4.4/sun-niu-fix-wrong-rxmac_bc_frm_cnt_count-count.patch b/queue-4.4/sun-niu-fix-wrong-rxmac_bc_frm_cnt_count-count.patch new file mode 100644 index 00000000000..ba50ccaa0e3 --- /dev/null +++ b/queue-4.4/sun-niu-fix-wrong-rxmac_bc_frm_cnt_count-count.patch @@ -0,0 +1,35 @@ +From f23e0985371995d3040b487452cf9549555c457f Mon Sep 17 00:00:00 2001 +From: Sasha Levin +Date: Fri, 5 Mar 2021 20:02:12 +0300 +Subject: sun/niu: fix wrong RXMAC_BC_FRM_CNT_COUNT count + +From: Denis Efremov + +[ Upstream commit 155b23e6e53475ca3b8c2a946299b4d4dd6a5a1e ] + +RXMAC_BC_FRM_CNT_COUNT added to mp->rx_bcasts twice in a row +in niu_xmac_interrupt(). Remove the second addition. + +Signed-off-by: Denis Efremov +Signed-off-by: David S. Miller +Signed-off-by: Sasha Levin +--- + drivers/net/ethernet/sun/niu.c | 2 -- + 1 file changed, 2 deletions(-) + +diff --git a/drivers/net/ethernet/sun/niu.c b/drivers/net/ethernet/sun/niu.c +index 85f3a2c0d4dd..cc3b025ab7a7 100644 +--- a/drivers/net/ethernet/sun/niu.c ++++ b/drivers/net/ethernet/sun/niu.c +@@ -3948,8 +3948,6 @@ static void niu_xmac_interrupt(struct niu *np) + mp->rx_mcasts += RXMAC_MC_FRM_CNT_COUNT; + if (val & XRXMAC_STATUS_RXBCAST_CNT_EXP) + mp->rx_bcasts += RXMAC_BC_FRM_CNT_COUNT; +- if (val & XRXMAC_STATUS_RXBCAST_CNT_EXP) +- mp->rx_bcasts += RXMAC_BC_FRM_CNT_COUNT; + if (val & XRXMAC_STATUS_RXHIST1_CNT_EXP) + mp->rx_hist_cnt1 += RXMAC_HIST_CNT1_COUNT; + if (val & XRXMAC_STATUS_RXHIST2_CNT_EXP) +-- +2.30.1 + diff --git a/queue-4.4/u64_stats-lockdep-fix-u64_stats_init-vs-lockdep.patch b/queue-4.4/u64_stats-lockdep-fix-u64_stats_init-vs-lockdep.patch new file mode 100644 index 00000000000..d1d7524a6f8 --- /dev/null +++ b/queue-4.4/u64_stats-lockdep-fix-u64_stats_init-vs-lockdep.patch @@ -0,0 +1,64 @@ +From b15b30c46599b9769bf17de8981dc9f0486dadb8 Mon Sep 17 00:00:00 2001 +From: Sasha Levin +Date: Mon, 8 Mar 2021 09:38:12 +0100 +Subject: u64_stats,lockdep: Fix u64_stats_init() vs lockdep + +From: Peter Zijlstra + +[ Upstream commit d5b0e0677bfd5efd17c5bbb00156931f0d41cb85 ] + +Jakub reported that: + + static struct net_device *rtl8139_init_board(struct pci_dev *pdev) + { + ... + u64_stats_init(&tp->rx_stats.syncp); + u64_stats_init(&tp->tx_stats.syncp); + ... + } + +results in lockdep getting confused between the RX and TX stats lock. +This is because u64_stats_init() is an inline calling seqcount_init(), +which is a macro using a static variable to generate a lockdep class. + +By wrapping that in an inline, we negate the effect of the macro and +fold the static key variable, hence the confusion. + +Fix by also making u64_stats_init() a macro for the case where it +matters, leaving the other case an inline for argument validation +etc. + +Reported-by: Jakub Kicinski +Debugged-by: "Ahmed S. Darwish" +Signed-off-by: Peter Zijlstra (Intel) +Tested-by: "Erhard F." +Link: https://lkml.kernel.org/r/YEXicy6+9MksdLZh@hirez.programming.kicks-ass.net +Signed-off-by: Sasha Levin +--- + include/linux/u64_stats_sync.h | 7 ++++--- + 1 file changed, 4 insertions(+), 3 deletions(-) + +diff --git a/include/linux/u64_stats_sync.h b/include/linux/u64_stats_sync.h +index df89c9bcba7d..7b38288dc239 100644 +--- a/include/linux/u64_stats_sync.h ++++ b/include/linux/u64_stats_sync.h +@@ -68,12 +68,13 @@ struct u64_stats_sync { + }; + + ++#if BITS_PER_LONG == 32 && defined(CONFIG_SMP) ++#define u64_stats_init(syncp) seqcount_init(&(syncp)->seq) ++#else + static inline void u64_stats_init(struct u64_stats_sync *syncp) + { +-#if BITS_PER_LONG == 32 && defined(CONFIG_SMP) +- seqcount_init(&syncp->seq); +-#endif + } ++#endif + + static inline void u64_stats_update_begin(struct u64_stats_sync *syncp) + { +-- +2.30.1 +