From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Date: Sun, 15 Oct 2017 14:33:47 +0000 (+0200)
Subject: 4.13-stable patches
X-Git-Tag: v3.18.76~8
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=a26d741b2309386bdea78823ef2574893149ae8b;p=thirdparty%2Fkernel%2Fstable-queue.git

4.13-stable patches

added patches:
	ras-cec-use-the-right-length-for-cec_disable.patch
	x86-alternatives-fix-alt_max_short-macro-to-really-be-a-max.patch
	x86-microcode-do-the-family-check-first.patch
---

diff --git a/queue-4.13/ras-cec-use-the-right-length-for-cec_disable.patch b/queue-4.13/ras-cec-use-the-right-length-for-cec_disable.patch
new file mode 100644
index 00000000000..cf90fb2d10a
--- /dev/null
+++ b/queue-4.13/ras-cec-use-the-right-length-for-cec_disable.patch
@@ -0,0 +1,46 @@
+From 69a330007091ea8a801dd9fcd897ec52f9529586 Mon Sep 17 00:00:00 2001
+From: Nicolas Iooss <nicolas.iooss_linux@m4x.org>
+Date: Mon, 2 Oct 2017 11:28:35 +0200
+Subject: RAS/CEC: Use the right length for "cec_disable"
+
+From: Nicolas Iooss <nicolas.iooss_linux@m4x.org>
+
+commit 69a330007091ea8a801dd9fcd897ec52f9529586 upstream.
+
+parse_cec_param() compares a string with "cec_disable" using only 7
+characters of the 11-character-long string.
+
+The proper solution for this would be:
+
+#define CEC_DISABLE 	"cec_disable"
+
+	strncmp(str, CEC_DISABLE, strlen(CEC_DISABLE))
+
+but when comparing a string against a string constant strncmp() has no
+advantage over strcmp() because the comparison is guaranteed to be bound by
+the string constant. So just replace str strncmp() with strcmp().
+
+[ tglx: Made it use strcmp and updated the changelog ]
+
+Fixes: 011d82611172 ("RAS: Add a Corrected Errors Collector")
+Signed-off-by: Nicolas Iooss <nicolas.iooss_linux@m4x.org>
+Signed-off-by: Borislav Petkov <bp@suse.de>
+Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
+Link: http://lkml.kernel.org/r/20170903075440.30250-1-nicolas.iooss_linux@m4x.org
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ drivers/ras/cec.c |    2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/drivers/ras/cec.c
++++ b/drivers/ras/cec.c
+@@ -523,7 +523,7 @@ int __init parse_cec_param(char *str)
+ 	if (*str == '=')
+ 		str++;
+ 
+-	if (!strncmp(str, "cec_disable", 7))
++	if (!strcmp(str, "cec_disable"))
+ 		ce_arr.disabled = 1;
+ 	else
+ 		return 0;
diff --git a/queue-4.13/series b/queue-4.13/series
index 1a31dd83450..e794349a34e 100644
--- a/queue-4.13/series
+++ b/queue-4.13/series
@@ -47,3 +47,6 @@ usb-serial-option-add-support-for-tp-link-lte-module.patch
 usb-serial-qcserial-add-dell-dw5818-dw5819.patch
 usb-serial-console-fix-use-after-free-on-disconnect.patch
 usb-serial-console-fix-use-after-free-after-failed-setup.patch
+ras-cec-use-the-right-length-for-cec_disable.patch
+x86-microcode-do-the-family-check-first.patch
+x86-alternatives-fix-alt_max_short-macro-to-really-be-a-max.patch
diff --git a/queue-4.13/x86-alternatives-fix-alt_max_short-macro-to-really-be-a-max.patch b/queue-4.13/x86-alternatives-fix-alt_max_short-macro-to-really-be-a-max.patch
new file mode 100644
index 00000000000..6016ac5254d
--- /dev/null
+++ b/queue-4.13/x86-alternatives-fix-alt_max_short-macro-to-really-be-a-max.patch
@@ -0,0 +1,79 @@
+From 6b32c126d33d5cb379bca280ab8acedc1ca978ff Mon Sep 17 00:00:00 2001
+From: Mathias Krause <minipli@googlemail.com>
+Date: Thu, 5 Oct 2017 20:30:12 +0200
+Subject: x86/alternatives: Fix alt_max_short macro to really be a max()
+
+From: Mathias Krause <minipli@googlemail.com>
+
+commit 6b32c126d33d5cb379bca280ab8acedc1ca978ff upstream.
+
+The alt_max_short() macro in asm/alternative.h does not work as
+intended, leading to nasty bugs. E.g. alt_max_short("1", "3")
+evaluates to 3, but alt_max_short("3", "1") evaluates to 1 -- not
+exactly the maximum of 1 and 3.
+
+In fact, I had to learn it the hard way by crashing my kernel in not
+so funny ways by attempting to make use of the ALTENATIVE_2 macro
+with alternatives where the first one was larger than the second
+one.
+
+According to [1] and commit dbe4058a6a44 ("x86/alternatives: Fix
+ALTERNATIVE_2 padding generation properly") the right handed side
+should read "-(-(a < b))" not "-(-(a - b))". Fix that, to make the
+macro work as intended.
+
+While at it, fix up the comments regarding the additional "-", too.
+It's not about gas' usage of s32 but brain dead logic of having a
+"true" value of -1 for the < operator ... *sigh*
+
+Btw., the one in asm/alternative-asm.h is correct. And, apparently,
+all current users of ALTERNATIVE_2() pass same sized alternatives,
+avoiding to hit the bug.
+
+[1] http://graphics.stanford.edu/~seander/bithacks.html#IntegerMinOrMax
+
+Reviewed-and-tested-by: Borislav Petkov <bp@suse.de>
+Fixes: dbe4058a6a44 ("x86/alternatives: Fix ALTERNATIVE_2 padding generation properly")
+Signed-off-by: Mathias Krause <minipli@googlemail.com>
+Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
+Cc: Borislav Petkov <bp@suse.de>
+Link: https://lkml.kernel.org/r/1507228213-13095-1-git-send-email-minipli@googlemail.com
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ arch/x86/include/asm/alternative-asm.h |    4 +++-
+ arch/x86/include/asm/alternative.h     |    6 +++---
+ 2 files changed, 6 insertions(+), 4 deletions(-)
+
+--- a/arch/x86/include/asm/alternative-asm.h
++++ b/arch/x86/include/asm/alternative-asm.h
+@@ -62,8 +62,10 @@
+ #define new_len2		145f-144f
+ 
+ /*
+- * max without conditionals. Idea adapted from:
++ * gas compatible max based on the idea from:
+  * http://graphics.stanford.edu/~seander/bithacks.html#IntegerMinOrMax
++ *
++ * The additional "-" is needed because gas uses a "true" value of -1.
+  */
+ #define alt_max_short(a, b)	((a) ^ (((a) ^ (b)) & -(-((a) < (b)))))
+ 
+--- a/arch/x86/include/asm/alternative.h
++++ b/arch/x86/include/asm/alternative.h
+@@ -103,12 +103,12 @@ static inline int alternatives_text_rese
+ 	alt_end_marker ":\n"
+ 
+ /*
+- * max without conditionals. Idea adapted from:
++ * gas compatible max based on the idea from:
+  * http://graphics.stanford.edu/~seander/bithacks.html#IntegerMinOrMax
+  *
+- * The additional "-" is needed because gas works with s32s.
++ * The additional "-" is needed because gas uses a "true" value of -1.
+  */
+-#define alt_max_short(a, b)	"((" a ") ^ (((" a ") ^ (" b ")) & -(-((" a ") - (" b ")))))"
++#define alt_max_short(a, b)	"((" a ") ^ (((" a ") ^ (" b ")) & -(-((" a ") < (" b ")))))"
+ 
+ /*
+  * Pad the second replacement alternative with additional NOPs if it is
diff --git a/queue-4.13/x86-microcode-do-the-family-check-first.patch b/queue-4.13/x86-microcode-do-the-family-check-first.patch
new file mode 100644
index 00000000000..4459d070f77
--- /dev/null
+++ b/queue-4.13/x86-microcode-do-the-family-check-first.patch
@@ -0,0 +1,89 @@
+From 1f161f67a272cc4f29f27934dd3f74cb657eb5c4 Mon Sep 17 00:00:00 2001
+From: Borislav Petkov <bp@suse.de>
+Date: Thu, 12 Oct 2017 13:23:16 +0200
+Subject: x86/microcode: Do the family check first
+
+From: Borislav Petkov <bp@suse.de>
+
+commit 1f161f67a272cc4f29f27934dd3f74cb657eb5c4 upstream.
+
+On CPUs like AMD's Geode, for example, we shouldn't even try to load
+microcode because they do not support the modern microcode loading
+interface.
+
+However, we do the family check *after* the other checks whether the
+loader has been disabled on the command line or whether we're running in
+a guest.
+
+So move the family checks first in order to exit early if we're being
+loaded on an unsupported family.
+
+Reported-and-tested-by: Sven Glodowski <glodi1@arcor.de>
+Signed-off-by: Borislav Petkov <bp@suse.de>
+Cc: Linus Torvalds <torvalds@linux-foundation.org>
+Cc: Peter Zijlstra <peterz@infradead.org>
+Cc: Thomas Gleixner <tglx@linutronix.de>
+Link: http://bugzilla.suse.com/show_bug.cgi?id=1061396
+Link: http://lkml.kernel.org/r/20171012112316.977-1-bp@alien8.de
+Signed-off-by: Ingo Molnar <mingo@kernel.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ arch/x86/kernel/cpu/microcode/core.c |   27 ++++++++++++++++++---------
+ 1 file changed, 18 insertions(+), 9 deletions(-)
+
+--- a/arch/x86/kernel/cpu/microcode/core.c
++++ b/arch/x86/kernel/cpu/microcode/core.c
+@@ -122,9 +122,6 @@ static bool __init check_loader_disabled
+ 	bool *res = &dis_ucode_ldr;
+ #endif
+ 
+-	if (!have_cpuid_p())
+-		return *res;
+-
+ 	/*
+ 	 * CPUID(1).ECX[31]: reserved for hypervisor use. This is still not
+ 	 * completely accurate as xen pv guests don't see that CPUID bit set but
+@@ -166,24 +163,36 @@ bool get_builtin_firmware(struct cpio_da
+ void __init load_ucode_bsp(void)
+ {
+ 	unsigned int cpuid_1_eax;
++	bool intel = true;
+ 
+-	if (check_loader_disabled_bsp())
++	if (!have_cpuid_p())
+ 		return;
+ 
+ 	cpuid_1_eax = native_cpuid_eax(1);
+ 
+ 	switch (x86_cpuid_vendor()) {
+ 	case X86_VENDOR_INTEL:
+-		if (x86_family(cpuid_1_eax) >= 6)
+-			load_ucode_intel_bsp();
++		if (x86_family(cpuid_1_eax) < 6)
++			return;
+ 		break;
++
+ 	case X86_VENDOR_AMD:
+-		if (x86_family(cpuid_1_eax) >= 0x10)
+-			load_ucode_amd_bsp(cpuid_1_eax);
++		if (x86_family(cpuid_1_eax) < 0x10)
++			return;
++		intel = false;
+ 		break;
++
+ 	default:
+-		break;
++		return;
+ 	}
++
++	if (check_loader_disabled_bsp())
++		return;
++
++	if (intel)
++		load_ucode_intel_bsp();
++	else
++		load_ucode_amd_bsp(cpuid_1_eax);
+ }
+ 
+ static bool check_loader_disabled_ap(void)