From: Greg Kroah-Hartman Date: Fri, 2 Dec 2016 17:10:38 +0000 (+0100) Subject: 4.4-stable patches X-Git-Tag: v4.8.13~14 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=a722575e9c568b03fb3f59aeca00650405f8bc3d;p=thirdparty%2Fkernel%2Fstable-queue.git 4.4-stable patches added patches: arc-don-t-use-l-inline-asm-constraint.patch kasan-update-kasan_global-for-gcc-7.patch x86-traps-ignore-high-word-of-regs-cs-in-early_fixup_exception.patch zram-fix-unbalanced-idr-management-at-hot-removal.patch --- diff --git a/queue-4.4/arc-don-t-use-l-inline-asm-constraint.patch b/queue-4.4/arc-don-t-use-l-inline-asm-constraint.patch new file mode 100644 index 00000000000..e9dc382d96d --- /dev/null +++ b/queue-4.4/arc-don-t-use-l-inline-asm-constraint.patch @@ -0,0 +1,37 @@ +From 3c7c7a2fc8811bc7097479f69acf2527693d7562 Mon Sep 17 00:00:00 2001 +From: Vineet Gupta +Date: Wed, 23 Nov 2016 17:43:17 -0800 +Subject: ARC: Don't use "+l" inline asm constraint + +From: Vineet Gupta + +commit 3c7c7a2fc8811bc7097479f69acf2527693d7562 upstream. + +Apparenty this is coming in the way of gcc fix which inhibits the usage +of LP_COUNT as a gpr. + +Signed-off-by: Vineet Gupta +Signed-off-by: Greg Kroah-Hartman + +--- + arch/arc/include/asm/delay.h | 9 +++++---- + 1 file changed, 5 insertions(+), 4 deletions(-) + +--- a/arch/arc/include/asm/delay.h ++++ b/arch/arc/include/asm/delay.h +@@ -22,10 +22,11 @@ + static inline void __delay(unsigned long loops) + { + __asm__ __volatile__( +- " lp 1f \n" +- " nop \n" +- "1: \n" +- : "+l"(loops)); ++ " mov lp_count, %0 \n" ++ " lp 1f \n" ++ " nop \n" ++ "1: \n" ++ : : "r"(loops)); + } + + extern void __bad_udelay(void); diff --git a/queue-4.4/kasan-update-kasan_global-for-gcc-7.patch b/queue-4.4/kasan-update-kasan_global-for-gcc-7.patch new file mode 100644 index 00000000000..01778cc3f18 --- /dev/null +++ b/queue-4.4/kasan-update-kasan_global-for-gcc-7.patch @@ -0,0 +1,53 @@ +From 045d599a286bc01daa3510d59272440a17b23c2e Mon Sep 17 00:00:00 2001 +From: Dmitry Vyukov +Date: Wed, 30 Nov 2016 15:54:13 -0800 +Subject: kasan: update kasan_global for gcc 7 + +From: Dmitry Vyukov + +commit 045d599a286bc01daa3510d59272440a17b23c2e upstream. + +kasan_global struct is part of compiler/runtime ABI. gcc revision +241983 has added a new field to kasan_global struct. Update kernel +definition of kasan_global struct to include the new field. + +Without this patch KASAN is broken with gcc 7. + +Link: http://lkml.kernel.org/r/1479219743-28682-1-git-send-email-dvyukov@google.com +Signed-off-by: Dmitry Vyukov +Acked-by: Andrey Ryabinin +Cc: Alexander Potapenko +Signed-off-by: Andrew Morton +Signed-off-by: Linus Torvalds +Signed-off-by: Greg Kroah-Hartman + +--- + include/linux/compiler-gcc.h | 4 +++- + mm/kasan/kasan.h | 3 +++ + 2 files changed, 6 insertions(+), 1 deletion(-) + +--- a/include/linux/compiler-gcc.h ++++ b/include/linux/compiler-gcc.h +@@ -251,7 +251,9 @@ + #endif + #endif /* CONFIG_ARCH_USE_BUILTIN_BSWAP */ + +-#if GCC_VERSION >= 50000 ++#if GCC_VERSION >= 70000 ++#define KASAN_ABI_VERSION 5 ++#elif GCC_VERSION >= 50000 + #define KASAN_ABI_VERSION 4 + #elif GCC_VERSION >= 40902 + #define KASAN_ABI_VERSION 3 +--- a/mm/kasan/kasan.h ++++ b/mm/kasan/kasan.h +@@ -52,6 +52,9 @@ struct kasan_global { + #if KASAN_ABI_VERSION >= 4 + struct kasan_source_location *location; + #endif ++#if KASAN_ABI_VERSION >= 5 ++ char *odr_indicator; ++#endif + }; + + static inline const void *kasan_shadow_to_mem(const void *shadow_addr) diff --git a/queue-4.4/series b/queue-4.4/series new file mode 100644 index 00000000000..fcf99760ca6 --- /dev/null +++ b/queue-4.4/series @@ -0,0 +1,4 @@ +arc-don-t-use-l-inline-asm-constraint.patch +zram-fix-unbalanced-idr-management-at-hot-removal.patch +kasan-update-kasan_global-for-gcc-7.patch +x86-traps-ignore-high-word-of-regs-cs-in-early_fixup_exception.patch diff --git a/queue-4.4/x86-traps-ignore-high-word-of-regs-cs-in-early_fixup_exception.patch b/queue-4.4/x86-traps-ignore-high-word-of-regs-cs-in-early_fixup_exception.patch new file mode 100644 index 00000000000..22fea8322e3 --- /dev/null +++ b/queue-4.4/x86-traps-ignore-high-word-of-regs-cs-in-early_fixup_exception.patch @@ -0,0 +1,44 @@ +From fc0e81b2bea0ebceb71889b61d2240856141c9ee Mon Sep 17 00:00:00 2001 +From: Andy Lutomirski +Date: Sat, 19 Nov 2016 18:42:40 -0800 +Subject: x86/traps: Ignore high word of regs->cs in early_fixup_exception() + +From: Andy Lutomirski + +commit fc0e81b2bea0ebceb71889b61d2240856141c9ee upstream. + +On the 80486 DX, it seems that some exceptions may leave garbage in +the high bits of CS. This causes sporadic failures in which +early_fixup_exception() refuses to fix up an exception. + +As far as I can tell, this has been buggy for a long time, but the +problem seems to have been exacerbated by commits: + + 1e02ce4cccdc ("x86: Store a per-cpu shadow copy of CR4") + e1bfc11c5a6f ("x86/init: Fix cr4_init_shadow() on CR4-less machines") + +This appears to have broken for as long as we've had early +exception handling. + +[ This backport should apply to kernels from 3.4 - 4.5. ] + +Fixes: 4c5023a3fa2e ("x86-32: Handle exception table entries during early boot") +Cc: H. Peter Anvin +Reported-by: Matthew Whitehead +Signed-off-by: Andy Lutomirski +Signed-off-by: Greg Kroah-Hartman +--- + arch/x86/kernel/head_32.S | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/arch/x86/kernel/head_32.S ++++ b/arch/x86/kernel/head_32.S +@@ -571,7 +571,7 @@ early_idt_handler_common: + movl %eax,%ds + movl %eax,%es + +- cmpl $(__KERNEL_CS),32(%esp) ++ cmpw $(__KERNEL_CS),32(%esp) + jne 10f + + leal 28(%esp),%eax # Pointer to %eip diff --git a/queue-4.4/zram-fix-unbalanced-idr-management-at-hot-removal.patch b/queue-4.4/zram-fix-unbalanced-idr-management-at-hot-removal.patch new file mode 100644 index 00000000000..5d3656b58e6 --- /dev/null +++ b/queue-4.4/zram-fix-unbalanced-idr-management-at-hot-removal.patch @@ -0,0 +1,88 @@ +From 529e71e16403830ae0d737a66c55c5f360f3576b Mon Sep 17 00:00:00 2001 +From: Takashi Iwai +Date: Wed, 30 Nov 2016 15:54:08 -0800 +Subject: zram: fix unbalanced idr management at hot removal + +From: Takashi Iwai + +commit 529e71e16403830ae0d737a66c55c5f360f3576b upstream. + +The zram hot removal code calls idr_remove() even when zram_remove() +returns an error (typically -EBUSY). This results in a leftover at the +device release, eventually leading to a crash when the module is +reloaded. + +As described in the bug report below, the following procedure would +cause an Oops with zram: + + - provision three zram devices via modprobe zram num_devices=3 + - configure a size for each device + + echo "1G" > /sys/block/$zram_name/disksize + - mkfs and mount zram0 only + - attempt to hot remove all three devices + + echo 2 > /sys/class/zram-control/hot_remove + + echo 1 > /sys/class/zram-control/hot_remove + + echo 0 > /sys/class/zram-control/hot_remove + - zram0 removal fails with EBUSY, as expected + - unmount zram0 + - try zram0 hot remove again + + echo 0 > /sys/class/zram-control/hot_remove + - fails with ENODEV (unexpected) + - unload zram kernel module + + completes successfully + - zram0 device node still exists + - attempt to mount /dev/zram0 + + mount command is killed + + following BUG is encountered + + BUG: unable to handle kernel paging request at ffffffffa0002ba0 + IP: get_disk+0x16/0x50 + Oops: 0000 [#1] SMP + CPU: 0 PID: 252 Comm: mount Not tainted 4.9.0-rc6 #176 + Call Trace: + exact_lock+0xc/0x20 + kobj_lookup+0xdc/0x160 + get_gendisk+0x2f/0x110 + __blkdev_get+0x10c/0x3c0 + blkdev_get+0x19d/0x2e0 + blkdev_open+0x56/0x70 + do_dentry_open.isra.19+0x1ff/0x310 + vfs_open+0x43/0x60 + path_openat+0x2c9/0xf30 + do_filp_open+0x79/0xd0 + do_sys_open+0x114/0x1e0 + SyS_open+0x19/0x20 + entry_SYSCALL_64_fastpath+0x13/0x94 + +This patch adds the proper error check in hot_remove_store() not to call +idr_remove() unconditionally. + +Fixes: 17ec4cd98578 ("zram: don't call idr_remove() from zram_remove()") +Bugzilla: https://bugzilla.opensuse.org/show_bug.cgi?id=1010970 +Link: http://lkml.kernel.org/r/20161121132140.12683-1-tiwai@suse.de +Signed-off-by: Takashi Iwai +Reviewed-by: David Disseldorp +Reported-by: David Disseldorp +Tested-by: David Disseldorp +Acked-by: Minchan Kim +Acked-by: Sergey Senozhatsky +Signed-off-by: Andrew Morton +Signed-off-by: Linus Torvalds +Signed-off-by: Greg Kroah-Hartman + +--- + drivers/block/zram/zram_drv.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +--- a/drivers/block/zram/zram_drv.c ++++ b/drivers/block/zram/zram_drv.c +@@ -1368,7 +1368,8 @@ static ssize_t hot_remove_store(struct c + zram = idr_find(&zram_index_idr, dev_id); + if (zram) { + ret = zram_remove(zram); +- idr_remove(&zram_index_idr, dev_id); ++ if (!ret) ++ idr_remove(&zram_index_idr, dev_id); + } else { + ret = -ENODEV; + } diff --git a/queue-4.8/series b/queue-4.8/series new file mode 100644 index 00000000000..96ee2d07ded --- /dev/null +++ b/queue-4.8/series @@ -0,0 +1,13 @@ +libata-scsi-fixup-ata_gen_passthru_sense.patch +scsi-hpsa-use-bus-3-for-legacy-hba-devices.patch +scsi-libfc-fix-seconds_since_last_reset-miscalculation.patch +arc-mm-pae40-fix-crash-at-munmap.patch +arc-don-t-use-l-inline-asm-constraint.patch +mm-thp-propagation-of-conditional-compilation-in-khugepaged.c.patch +thp-fix-corner-case-of-munlock-of-pte-mapped-thps.patch +zram-fix-unbalanced-idr-management-at-hot-removal.patch +kasan-update-kasan_global-for-gcc-7.patch +mm-fix-false-positive-warn_on-in-truncate-invalidate-for-hugetlb.patch +ovl-fix-d_real-for-stacked-fs.patch +input-change-key_data-from-0x275-to-0x277.patch +input-psmouse-disable-automatic-probing-of-byd-touchpads.patch