From: Sasha Levin Date: Fri, 6 Mar 2020 14:20:53 +0000 (-0500) Subject: fixes for 4.14 X-Git-Tag: v4.4.216~68 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=9e531d9235f13766e1ca146b9ab1c9c1a8761565;p=thirdparty%2Fkernel%2Fstable-queue.git fixes for 4.14 Signed-off-by: Sasha Levin --- diff --git a/queue-4.14/edac-amd64-set-grain-per-dimm.patch b/queue-4.14/edac-amd64-set-grain-per-dimm.patch new file mode 100644 index 00000000000..b055db6b5cf --- /dev/null +++ b/queue-4.14/edac-amd64-set-grain-per-dimm.patch @@ -0,0 +1,51 @@ +From 6203dceb62c1c92fb4b173edce4d9a61c9450a41 Mon Sep 17 00:00:00 2001 +From: Sasha Levin +Date: Thu, 5 Mar 2020 17:30:07 +0100 +Subject: EDAC/amd64: Set grain per DIMM + +From: Yazen Ghannam + +[ Upstream commit 466503d6b1b33be46ab87c6090f0ade6c6011cbc ] + +The following commit introduced a warning on error reports without a +non-zero grain value. + + 3724ace582d9 ("EDAC/mc: Fix grain_bits calculation") + +The amd64_edac_mod module does not provide a value, so the warning will +be given on the first reported memory error. + +Set the grain per DIMM to cacheline size (64 bytes). This is the current +recommendation. + +Fixes: 3724ace582d9 ("EDAC/mc: Fix grain_bits calculation") +Signed-off-by: Yazen Ghannam +Signed-off-by: Borislav Petkov +Cc: "linux-edac@vger.kernel.org" +Cc: James Morse +Cc: Mauro Carvalho Chehab +Cc: Robert Richter +Cc: Tony Luck +Link: https://lkml.kernel.org/r/20191022203448.13962-7-Yazen.Ghannam@amd.com +[jwang: backport to 4.14 for fix warning during memory error. ] +Signed-off-by: Jack Wang +Signed-off-by: Sasha Levin +--- + drivers/edac/amd64_edac.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/drivers/edac/amd64_edac.c b/drivers/edac/amd64_edac.c +index 40fb0e7ff8fd9..b36abd2537863 100644 +--- a/drivers/edac/amd64_edac.c ++++ b/drivers/edac/amd64_edac.c +@@ -2863,6 +2863,7 @@ static int init_csrows(struct mem_ctl_info *mci) + dimm = csrow->channels[j]->dimm; + dimm->mtype = pvt->dram_type; + dimm->edac_mode = edac_mode; ++ dimm->grain = 64; + } + } + +-- +2.20.1 + diff --git a/queue-4.14/series b/queue-4.14/series index 21c8b1f23e0..e5bf2bb594f 100644 --- a/queue-4.14/series +++ b/queue-4.14/series @@ -64,3 +64,6 @@ mm-huge_memory.c-use-head-to-check-huge-zero-page.patch mm-thp-fix-defrag-setting-if-newline-is-not-used.patch revert-char-random-silence-a-lockdep-splat-with-printk.patch audit-always-check-the-netlink-payload-length-in-aud.patch +vhost-check-docket-sk_family-instead-of-call-getname.patch +x86-mce-handle-varying-mca-bank-counts.patch +edac-amd64-set-grain-per-dimm.patch diff --git a/queue-4.14/vhost-check-docket-sk_family-instead-of-call-getname.patch b/queue-4.14/vhost-check-docket-sk_family-instead-of-call-getname.patch new file mode 100644 index 00000000000..e400e7cfc98 --- /dev/null +++ b/queue-4.14/vhost-check-docket-sk_family-instead-of-call-getname.patch @@ -0,0 +1,67 @@ +From cc22b6e682a095b1db5aa48ac9cb4dda0ff578ea Mon Sep 17 00:00:00 2001 +From: Sasha Levin +Date: Thu, 5 Mar 2020 17:30:05 +0100 +Subject: vhost: Check docket sk_family instead of call getname +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +From: Eugenio Pérez + +commit 42d84c8490f9f0931786f1623191fcab397c3d64 upstream. + +Doing so, we save one call to get data we already have in the struct. + +Also, since there is no guarantee that getname use sockaddr_ll +parameter beyond its size, we add a little bit of security here. +It should do not do beyond MAX_ADDR_LEN, but syzbot found that +ax25_getname writes more (72 bytes, the size of full_sockaddr_ax25, +versus 20 + 32 bytes of sockaddr_ll + MAX_ADDR_LEN in syzbot repro). + +Fixes: 3a4d5c94e9593 ("vhost_net: a kernel-level virtio server") +Reported-by: syzbot+f2a62d07a5198c819c7b@syzkaller.appspotmail.com +Signed-off-by: Eugenio Pérez +Acked-by: Michael S. Tsirkin +Signed-off-by: David S. Miller +Signed-off-by: Greg Kroah-Hartman +[jwang: backport to 4.14] +Signed-off-by: Jack Wang +Signed-off-by: Sasha Levin +--- + drivers/vhost/net.c | 13 ++----------- + 1 file changed, 2 insertions(+), 11 deletions(-) + +diff --git a/drivers/vhost/net.c b/drivers/vhost/net.c +index 4d11152e60c15..8fe07622ae59e 100644 +--- a/drivers/vhost/net.c ++++ b/drivers/vhost/net.c +@@ -1025,11 +1025,7 @@ static int vhost_net_release(struct inode *inode, struct file *f) + + static struct socket *get_raw_socket(int fd) + { +- struct { +- struct sockaddr_ll sa; +- char buf[MAX_ADDR_LEN]; +- } uaddr; +- int uaddr_len = sizeof uaddr, r; ++ int r; + struct socket *sock = sockfd_lookup(fd, &r); + + if (!sock) +@@ -1041,12 +1037,7 @@ static struct socket *get_raw_socket(int fd) + goto err; + } + +- r = sock->ops->getname(sock, (struct sockaddr *)&uaddr.sa, +- &uaddr_len, 0); +- if (r) +- goto err; +- +- if (uaddr.sa.sll_family != AF_PACKET) { ++ if (sock->sk->sk_family != AF_PACKET) { + r = -EPFNOSUPPORT; + goto err; + } +-- +2.20.1 + diff --git a/queue-4.14/x86-mce-handle-varying-mca-bank-counts.patch b/queue-4.14/x86-mce-handle-varying-mca-bank-counts.patch new file mode 100644 index 00000000000..9af734e83d1 --- /dev/null +++ b/queue-4.14/x86-mce-handle-varying-mca-bank-counts.patch @@ -0,0 +1,178 @@ +From c35058aaf9f303179103bdf4776b5a0248e1a8cf Mon Sep 17 00:00:00 2001 +From: Sasha Levin +Date: Thu, 5 Mar 2020 17:30:06 +0100 +Subject: x86/mce: Handle varying MCA bank counts + +From: Yazen Ghannam + +[ Upstream commit 006c077041dc73b9490fffc4c6af5befe0687110 ] + +Linux reads MCG_CAP[Count] to find the number of MCA banks visible to a +CPU. Currently, this number is the same for all CPUs and a warning is +shown if there is a difference. The number of banks is overwritten with +the MCG_CAP[Count] value of each following CPU that boots. + +According to the Intel SDM and AMD APM, the MCG_CAP[Count] value gives +the number of banks that are available to a "processor implementation". +The AMD BKDGs/PPRs further clarify that this value is per core. This +value has historically been the same for every core in the system, but +that is not an architectural requirement. + +Future AMD systems may have different MCG_CAP[Count] values per core, +so the assumption that all CPUs will have the same MCG_CAP[Count] value +will no longer be valid. + +Also, the first CPU to boot will allocate the struct mce_banks[] array +using the number of banks based on its MCG_CAP[Count] value. The machine +check handler and other functions use the global number of banks to +iterate and index into the mce_banks[] array. So it's possible to use an +out-of-bounds index on an asymmetric system where a following CPU sees a +MCG_CAP[Count] value greater than its predecessors. + +Thus, allocate the mce_banks[] array to the maximum number of banks. +This will avoid the potential out-of-bounds index since the value of +mca_cfg.banks is capped to MAX_NR_BANKS. + +Set the value of mca_cfg.banks equal to the max of the previous value +and the value for the current CPU. This way mca_cfg.banks will always +represent the max number of banks detected on any CPU in the system. + +This will ensure that all CPUs will access all the banks that are +visible to them. A CPU that can access fewer than the max number of +banks will find the registers of the extra banks to be read-as-zero. + +Furthermore, print the resulting number of MCA banks in use. Do this in +mcheck_late_init() so that the final value is printed after all CPUs +have been initialized. + +Finally, get bank count from target CPU when doing injection with mce-inject +module. + + [ bp: Remove out-of-bounds example, passify and cleanup commit message. ] + +Signed-off-by: Yazen Ghannam +Signed-off-by: Borislav Petkov +Cc: "H. Peter Anvin" +Cc: Ingo Molnar +Cc: linux-edac +Cc: Pu Wen +Cc: Thomas Gleixner +Cc: Tony Luck +Cc: Vishal Verma +Cc: x86-ml +Link: https://lkml.kernel.org/r/20180727214009.78289-1-Yazen.Ghannam@amd.com +Signed-off-by: Sasha Levin +[jwang: cherry-pick to fix boot warning in +arch/x86/kernel/cpu/mcheck/mce.c:1549 in epyc rome server] +Signed-off-by: Jack Wang +Signed-off-by: Sasha Levin +--- + arch/x86/kernel/cpu/mcheck/mce-inject.c | 14 +++++++------- + arch/x86/kernel/cpu/mcheck/mce.c | 22 +++++++--------------- + 2 files changed, 14 insertions(+), 22 deletions(-) + +diff --git a/arch/x86/kernel/cpu/mcheck/mce-inject.c b/arch/x86/kernel/cpu/mcheck/mce-inject.c +index f12141ba9a76d..e57b59762f9f5 100644 +--- a/arch/x86/kernel/cpu/mcheck/mce-inject.c ++++ b/arch/x86/kernel/cpu/mcheck/mce-inject.c +@@ -46,8 +46,6 @@ + static struct mce i_mce; + static struct dentry *dfs_inj; + +-static u8 n_banks; +- + #define MAX_FLAG_OPT_SIZE 4 + #define NBCFG 0x44 + +@@ -570,9 +568,15 @@ static void do_inject(void) + static int inj_bank_set(void *data, u64 val) + { + struct mce *m = (struct mce *)data; ++ u8 n_banks; ++ u64 cap; ++ ++ /* Get bank count on target CPU so we can handle non-uniform values. */ ++ rdmsrl_on_cpu(m->extcpu, MSR_IA32_MCG_CAP, &cap); ++ n_banks = cap & MCG_BANKCNT_MASK; + + if (val >= n_banks) { +- pr_err("Non-existent MCE bank: %llu\n", val); ++ pr_err("MCA bank %llu non-existent on CPU%d\n", val, m->extcpu); + return -EINVAL; + } + +@@ -665,10 +669,6 @@ static struct dfs_node { + static int __init debugfs_init(void) + { + unsigned int i; +- u64 cap; +- +- rdmsrl(MSR_IA32_MCG_CAP, cap); +- n_banks = cap & MCG_BANKCNT_MASK; + + dfs_inj = debugfs_create_dir("mce-inject", NULL); + if (!dfs_inj) +diff --git a/arch/x86/kernel/cpu/mcheck/mce.c b/arch/x86/kernel/cpu/mcheck/mce.c +index 0b0e44f853931..95c09db1bba21 100644 +--- a/arch/x86/kernel/cpu/mcheck/mce.c ++++ b/arch/x86/kernel/cpu/mcheck/mce.c +@@ -1499,13 +1499,12 @@ EXPORT_SYMBOL_GPL(mce_notify_irq); + static int __mcheck_cpu_mce_banks_init(void) + { + int i; +- u8 num_banks = mca_cfg.banks; + +- mce_banks = kzalloc(num_banks * sizeof(struct mce_bank), GFP_KERNEL); ++ mce_banks = kcalloc(MAX_NR_BANKS, sizeof(struct mce_bank), GFP_KERNEL); + if (!mce_banks) + return -ENOMEM; + +- for (i = 0; i < num_banks; i++) { ++ for (i = 0; i < MAX_NR_BANKS; i++) { + struct mce_bank *b = &mce_banks[i]; + + b->ctl = -1ULL; +@@ -1519,28 +1518,19 @@ static int __mcheck_cpu_mce_banks_init(void) + */ + static int __mcheck_cpu_cap_init(void) + { +- unsigned b; + u64 cap; ++ u8 b; + + rdmsrl(MSR_IA32_MCG_CAP, cap); + + b = cap & MCG_BANKCNT_MASK; +- if (!mca_cfg.banks) +- pr_info("CPU supports %d MCE banks\n", b); +- +- if (b > MAX_NR_BANKS) { +- pr_warn("Using only %u machine check banks out of %u\n", +- MAX_NR_BANKS, b); ++ if (WARN_ON_ONCE(b > MAX_NR_BANKS)) + b = MAX_NR_BANKS; +- } + +- /* Don't support asymmetric configurations today */ +- WARN_ON(mca_cfg.banks != 0 && b != mca_cfg.banks); +- mca_cfg.banks = b; ++ mca_cfg.banks = max(mca_cfg.banks, b); + + if (!mce_banks) { + int err = __mcheck_cpu_mce_banks_init(); +- + if (err) + return err; + } +@@ -2470,6 +2460,8 @@ EXPORT_SYMBOL_GPL(mcsafe_key); + + static int __init mcheck_late_init(void) + { ++ pr_info("Using %d MCE banks\n", mca_cfg.banks); ++ + if (mca_cfg.recovery) + static_branch_inc(&mcsafe_key); + +-- +2.20.1 +