From: Greg Kroah-Hartman Date: Sat, 9 Apr 2016 23:05:19 +0000 (-0700) Subject: 3.14-stable patches X-Git-Tag: v4.5.1~37 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=a8dff28e241c2ea1fee5d907bdaa1267e22e4bf5;p=thirdparty%2Fkernel%2Fstable-queue.git 3.14-stable patches added patches: x86-apic-fix-suspicious-rcu-usage-in-smp_trace_call_function_interrupt.patch x86-iopl-fix-iopl-capability-check-on-xen-pv.patch --- diff --git a/queue-3.14/series b/queue-3.14/series index 5f08353d5d7..4a4749bf10f 100644 --- a/queue-3.14/series +++ b/queue-3.14/series @@ -5,3 +5,5 @@ kvm-fix-spin_lock_init-order-on-x86.patch kvm-vmx-avoid-guest-hang-on-invalid-invept-instruction.patch edac-amd64_edac-shift-wrapping-issue-in-f1x_get_norm_dct_addr.patch pci-disable-io-mem-decoding-for-devices-with-non-compliant-bars.patch +x86-apic-fix-suspicious-rcu-usage-in-smp_trace_call_function_interrupt.patch +x86-iopl-fix-iopl-capability-check-on-xen-pv.patch diff --git a/queue-3.14/x86-apic-fix-suspicious-rcu-usage-in-smp_trace_call_function_interrupt.patch b/queue-3.14/x86-apic-fix-suspicious-rcu-usage-in-smp_trace_call_function_interrupt.patch new file mode 100644 index 00000000000..470b3c5c5e8 --- /dev/null +++ b/queue-3.14/x86-apic-fix-suspicious-rcu-usage-in-smp_trace_call_function_interrupt.patch @@ -0,0 +1,68 @@ +From 7834c10313fb823e538f2772be78edcdeed2e6e3 Mon Sep 17 00:00:00 2001 +From: Dave Jones +Date: Mon, 14 Mar 2016 21:20:54 -0400 +Subject: x86/apic: Fix suspicious RCU usage in smp_trace_call_function_interrupt() + +From: Dave Jones + +commit 7834c10313fb823e538f2772be78edcdeed2e6e3 upstream. + +Since 4.4, I've been able to trigger this occasionally: + +=============================== +[ INFO: suspicious RCU usage. ] +4.5.0-rc7-think+ #3 Not tainted +Cc: Andi Kleen +Link: http://lkml.kernel.org/r/20160315012054.GA17765@codemonkey.org.uk +Signed-off-by: Thomas Gleixner +Signed-off-by: Greg Kroah-Hartman + +------------------------------- +./arch/x86/include/asm/msr-trace.h:47 suspicious rcu_dereference_check() usage! + +other info that might help us debug this: + +RCU used illegally from idle CPU! +rcu_scheduler_active = 1, debug_locks = 1 +RCU used illegally from extended quiescent state! +no locks held by swapper/3/0. + +stack backtrace: +CPU: 3 PID: 0 Comm: swapper/3 Not tainted 4.5.0-rc7-think+ #3 + ffffffff92f821e0 1f3e5c340597d7fc ffff880468e07f10 ffffffff92560c2a + ffff880462145280 0000000000000001 ffff880468e07f40 ffffffff921376a6 + ffffffff93665ea0 0000cc7c876d28da 0000000000000005 ffffffff9383dd60 +Call Trace: + [] dump_stack+0x67/0x9d + [] lockdep_rcu_suspicious+0xe6/0x100 + [] do_trace_write_msr+0x127/0x1a0 + [] native_apic_msr_eoi_write+0x23/0x30 + [] smp_trace_call_function_interrupt+0x38/0x360 + [] trace_call_function_interrupt+0x90/0xa0 + [] ? cpuidle_enter_state+0x1b4/0x520 + +Move the entering_irq() call before ack_APIC_irq(), because entering_irq() +tells the RCU susbstems to end the extended quiescent state, so that the +following trace call in ack_APIC_irq() works correctly. + +Suggested-by: Andi Kleen +Fixes: 4787c368a9bc "x86/tracing: Add irq_enter/exit() in smp_trace_reschedule_interrupt()" +Signed-off-by: Dave Jones +Signed-off-by: Thomas Gleixner + +--- + arch/x86/include/asm/apic.h | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/arch/x86/include/asm/apic.h ++++ b/arch/x86/include/asm/apic.h +@@ -699,8 +699,8 @@ static inline void entering_irq(void) + + static inline void entering_ack_irq(void) + { +- ack_APIC_irq(); + entering_irq(); ++ ack_APIC_irq(); + } + + static inline void exiting_irq(void) diff --git a/queue-3.14/x86-iopl-fix-iopl-capability-check-on-xen-pv.patch b/queue-3.14/x86-iopl-fix-iopl-capability-check-on-xen-pv.patch new file mode 100644 index 00000000000..b3f8425b3e2 --- /dev/null +++ b/queue-3.14/x86-iopl-fix-iopl-capability-check-on-xen-pv.patch @@ -0,0 +1,64 @@ +From c29016cf41fe9fa994a5ecca607cf5f1cd98801e Mon Sep 17 00:00:00 2001 +From: Andy Lutomirski +Date: Wed, 16 Mar 2016 14:14:22 -0700 +Subject: x86/iopl: Fix iopl capability check on Xen PV + +From: Andy Lutomirski + +commit c29016cf41fe9fa994a5ecca607cf5f1cd98801e upstream. + +iopl(3) is supposed to work if iopl is already 3, even if +unprivileged. This didn't work right on Xen PV. Fix it. + +Reviewewd-by: Jan Beulich +Signed-off-by: Andy Lutomirski +Cc: Andrew Cooper +Cc: Andy Lutomirski +Cc: Boris Ostrovsky +Cc: Borislav Petkov +Cc: Brian Gerst +Cc: David Vrabel +Cc: Denys Vlasenko +Cc: H. Peter Anvin +Cc: Jan Beulich +Cc: Linus Torvalds +Cc: Peter Zijlstra +Cc: Thomas Gleixner +Link: http://lkml.kernel.org/r/8ce12013e6e4c0a44a97e316be4a6faff31bd5ea.1458162709.git.luto@kernel.org +Signed-off-by: Ingo Molnar +Signed-off-by: Greg Kroah-Hartman + +--- + arch/x86/kernel/ioport.c | 12 +++++++++--- + 1 file changed, 9 insertions(+), 3 deletions(-) + +--- a/arch/x86/kernel/ioport.c ++++ b/arch/x86/kernel/ioport.c +@@ -96,9 +96,14 @@ asmlinkage long sys_ioperm(unsigned long + SYSCALL_DEFINE1(iopl, unsigned int, level) + { + struct pt_regs *regs = current_pt_regs(); +- unsigned int old = (regs->flags >> 12) & 3; + struct thread_struct *t = ¤t->thread; + ++ /* ++ * Careful: the IOPL bits in regs->flags are undefined under Xen PV ++ * and changing them has no effect. ++ */ ++ unsigned int old = t->iopl >> X86_EFLAGS_IOPL_BIT; ++ + if (level > 3) + return -EINVAL; + /* Trying to gain more privileges? */ +@@ -106,8 +111,9 @@ SYSCALL_DEFINE1(iopl, unsigned int, leve + if (!capable(CAP_SYS_RAWIO)) + return -EPERM; + } +- regs->flags = (regs->flags & ~X86_EFLAGS_IOPL) | (level << 12); +- t->iopl = level << 12; ++ regs->flags = (regs->flags & ~X86_EFLAGS_IOPL) | ++ (level << X86_EFLAGS_IOPL_BIT); ++ t->iopl = level << X86_EFLAGS_IOPL_BIT; + set_iopl_mask(t->iopl); + + return 0;