From: Greg Kroah-Hartman Date: Fri, 17 May 2019 12:53:53 +0000 (+0200) Subject: 4.14-stable patches X-Git-Tag: v4.9.178~38 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=ae34071f3233a8eb9b41342b0135dece4de32a9c;p=thirdparty%2Fkernel%2Fstable-queue.git 4.14-stable patches added patches: arm-dts-exynos-fix-audio-microphone-routing-on-odroid-xu3.patch arm-dts-exynos-fix-interrupt-for-shared-eints-on-exynos5260.patch arm-exynos-fix-a-leaked-reference-by-adding-missing-of_node_put.patch arm64-clear-osdlr_el1-on-cpu-boot.patch arm64-compat-reduce-address-limit.patch arm64-save-and-restore-osdlr_el1-across-suspend-resume.patch crypto-arm-aes-neonbs-don-t-access-already-freed-walk.iv.patch crypto-chacha20poly1305-set-cra_name-correctly.patch crypto-crct10dif-generic-fix-use-via-crypto_shash_digest.patch crypto-gcm-fix-incompatibility-between-gcm-and-gcm_base.patch crypto-rockchip-update-iv-buffer-to-contain-the-next-iv.patch crypto-skcipher-don-t-warn-on-unprocessed-data-after-slow-walk-step.patch crypto-vmx-fix-copy-paste-error-in-ctr-mode.patch crypto-x86-crct10dif-pcl-fix-use-via-crypto_shash_digest.patch objtool-fix-function-fallthrough-detection.patch power-supply-axp288_charger-fix-unchecked-return-value.patch sched-x86-save-flags-on-context-switch.patch x86-speculation-mds-improve-cpu-buffer-clear-documentation.patch x86-speculation-mds-revert-cpu-buffer-clear-on-double-fault-exit.patch --- diff --git a/queue-4.14/arm-dts-exynos-fix-audio-microphone-routing-on-odroid-xu3.patch b/queue-4.14/arm-dts-exynos-fix-audio-microphone-routing-on-odroid-xu3.patch new file mode 100644 index 00000000000..f1ba56f51d2 --- /dev/null +++ b/queue-4.14/arm-dts-exynos-fix-audio-microphone-routing-on-odroid-xu3.patch @@ -0,0 +1,33 @@ +From 9b23e1a3e8fde76e8cc0e366ab1ed4ffb4440feb Mon Sep 17 00:00:00 2001 +From: Sylwester Nawrocki +Date: Wed, 20 Mar 2019 10:59:50 +0100 +Subject: ARM: dts: exynos: Fix audio (microphone) routing on Odroid XU3 + +From: Sylwester Nawrocki + +commit 9b23e1a3e8fde76e8cc0e366ab1ed4ffb4440feb upstream. + +The name of CODEC input widget to which microphone is connected through +the "Headphone" jack is "IN12" not "IN1". This fixes microphone support +on Odroid XU3. + +Cc: # v4.14+ +Signed-off-by: Sylwester Nawrocki +Signed-off-by: Krzysztof Kozlowski +Signed-off-by: Greg Kroah-Hartman + +--- + arch/arm/boot/dts/exynos5422-odroidxu3-audio.dtsi | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/arch/arm/boot/dts/exynos5422-odroidxu3-audio.dtsi ++++ b/arch/arm/boot/dts/exynos5422-odroidxu3-audio.dtsi +@@ -23,7 +23,7 @@ + "Headphone Jack", "HPL", + "Headphone Jack", "HPR", + "Headphone Jack", "MICBIAS", +- "IN1", "Headphone Jack", ++ "IN12", "Headphone Jack", + "Speakers", "SPKL", + "Speakers", "SPKR"; + diff --git a/queue-4.14/arm-dts-exynos-fix-interrupt-for-shared-eints-on-exynos5260.patch b/queue-4.14/arm-dts-exynos-fix-interrupt-for-shared-eints-on-exynos5260.patch new file mode 100644 index 00000000000..55d008d4d7f --- /dev/null +++ b/queue-4.14/arm-dts-exynos-fix-interrupt-for-shared-eints-on-exynos5260.patch @@ -0,0 +1,33 @@ +From b7ed69d67ff0788d8463e599dd5dd1b45c701a7e Mon Sep 17 00:00:00 2001 +From: Stuart Menefy +Date: Tue, 19 Feb 2019 13:03:37 +0000 +Subject: ARM: dts: exynos: Fix interrupt for shared EINTs on Exynos5260 + +From: Stuart Menefy + +commit b7ed69d67ff0788d8463e599dd5dd1b45c701a7e upstream. + +Fix the interrupt information for the GPIO lines with a shared EINT +interrupt. + +Fixes: 16d7ff2642e7 ("ARM: dts: add dts files for exynos5260 SoC") +Cc: stable@vger.kernel.org +Signed-off-by: Stuart Menefy +Signed-off-by: Krzysztof Kozlowski +Signed-off-by: Greg Kroah-Hartman + +--- + arch/arm/boot/dts/exynos5260.dtsi | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/arch/arm/boot/dts/exynos5260.dtsi ++++ b/arch/arm/boot/dts/exynos5260.dtsi +@@ -226,7 +226,7 @@ + wakeup-interrupt-controller { + compatible = "samsung,exynos4210-wakeup-eint"; + interrupt-parent = <&gic>; +- interrupts = ; ++ interrupts = ; + }; + }; + diff --git a/queue-4.14/arm-exynos-fix-a-leaked-reference-by-adding-missing-of_node_put.patch b/queue-4.14/arm-exynos-fix-a-leaked-reference-by-adding-missing-of_node_put.patch new file mode 100644 index 00000000000..73142f64f1c --- /dev/null +++ b/queue-4.14/arm-exynos-fix-a-leaked-reference-by-adding-missing-of_node_put.patch @@ -0,0 +1,51 @@ +From 629266bf7229cd6a550075f5961f95607b823b59 Mon Sep 17 00:00:00 2001 +From: Wen Yang +Date: Tue, 5 Mar 2019 19:33:54 +0800 +Subject: ARM: exynos: Fix a leaked reference by adding missing of_node_put + +From: Wen Yang + +commit 629266bf7229cd6a550075f5961f95607b823b59 upstream. + +The call to of_get_next_child returns a node pointer with refcount +incremented thus it must be explicitly decremented after the last +usage. + +Detected by coccinelle with warnings like: + arch/arm/mach-exynos/firmware.c:201:2-8: ERROR: missing of_node_put; + acquired a node pointer with refcount incremented on line 193, + but without a corresponding object release within this function. + +Cc: stable@vger.kernel.org +Signed-off-by: Wen Yang +Signed-off-by: Krzysztof Kozlowski +Signed-off-by: Greg Kroah-Hartman + +--- + arch/arm/mach-exynos/firmware.c | 1 + + arch/arm/mach-exynos/suspend.c | 2 ++ + 2 files changed, 3 insertions(+) + +--- a/arch/arm/mach-exynos/firmware.c ++++ b/arch/arm/mach-exynos/firmware.c +@@ -205,6 +205,7 @@ void __init exynos_firmware_init(void) + return; + + addr = of_get_address(nd, 0, NULL, NULL); ++ of_node_put(nd); + if (!addr) { + pr_err("%s: No address specified.\n", __func__); + return; +--- a/arch/arm/mach-exynos/suspend.c ++++ b/arch/arm/mach-exynos/suspend.c +@@ -649,8 +649,10 @@ void __init exynos_pm_init(void) + + if (WARN_ON(!of_find_property(np, "interrupt-controller", NULL))) { + pr_warn("Outdated DT detected, suspend/resume will NOT work\n"); ++ of_node_put(np); + return; + } ++ of_node_put(np); + + pm_data = (const struct exynos_pm_data *) match->data; + diff --git a/queue-4.14/arm64-clear-osdlr_el1-on-cpu-boot.patch b/queue-4.14/arm64-clear-osdlr_el1-on-cpu-boot.patch new file mode 100644 index 00000000000..faa47925b43 --- /dev/null +++ b/queue-4.14/arm64-clear-osdlr_el1-on-cpu-boot.patch @@ -0,0 +1,31 @@ +From 6fda41bf12615ee7c3ddac88155099b1a8cf8d00 Mon Sep 17 00:00:00 2001 +From: Jean-Philippe Brucker +Date: Mon, 8 Apr 2019 18:17:18 +0100 +Subject: arm64: Clear OSDLR_EL1 on CPU boot + +From: Jean-Philippe Brucker + +commit 6fda41bf12615ee7c3ddac88155099b1a8cf8d00 upstream. + +Some firmwares may reboot CPUs with OS Double Lock set. Make sure that +it is unlocked, in order to use debug exceptions. + +Cc: +Signed-off-by: Jean-Philippe Brucker +Signed-off-by: Will Deacon +Signed-off-by: Greg Kroah-Hartman + +--- + arch/arm64/kernel/debug-monitors.c | 1 + + 1 file changed, 1 insertion(+) + +--- a/arch/arm64/kernel/debug-monitors.c ++++ b/arch/arm64/kernel/debug-monitors.c +@@ -133,6 +133,7 @@ NOKPROBE_SYMBOL(disable_debug_monitors); + */ + static int clear_os_lock(unsigned int cpu) + { ++ write_sysreg(0, osdlr_el1); + write_sysreg(0, oslar_el1); + isb(); + return 0; diff --git a/queue-4.14/arm64-compat-reduce-address-limit.patch b/queue-4.14/arm64-compat-reduce-address-limit.patch new file mode 100644 index 00000000000..4135b28a970 --- /dev/null +++ b/queue-4.14/arm64-compat-reduce-address-limit.patch @@ -0,0 +1,52 @@ +From d263119387de9975d2acba1dfd3392f7c5979c18 Mon Sep 17 00:00:00 2001 +From: Vincenzo Frascino +Date: Mon, 1 Apr 2019 12:30:14 +0100 +Subject: arm64: compat: Reduce address limit + +From: Vincenzo Frascino + +commit d263119387de9975d2acba1dfd3392f7c5979c18 upstream. + +Currently, compat tasks running on arm64 can allocate memory up to +TASK_SIZE_32 (UL(0x100000000)). + +This means that mmap() allocations, if we treat them as returning an +array, are not compliant with the sections 6.5.8 of the C standard +(C99) which states that: "If the expression P points to an element of +an array object and the expression Q points to the last element of the +same array object, the pointer expression Q+1 compares greater than P". + +Redefine TASK_SIZE_32 to address the issue. + +Cc: Catalin Marinas +Cc: Will Deacon +Cc: Jann Horn +Cc: +Reported-by: Jann Horn +Signed-off-by: Vincenzo Frascino +[will: fixed typo in comment] +Signed-off-by: Will Deacon +Signed-off-by: Greg Kroah-Hartman + +--- + arch/arm64/include/asm/processor.h | 8 ++++++++ + 1 file changed, 8 insertions(+) + +--- a/arch/arm64/include/asm/processor.h ++++ b/arch/arm64/include/asm/processor.h +@@ -49,7 +49,15 @@ + * TASK_UNMAPPED_BASE - the lower boundary of the mmap VM area. + */ + #ifdef CONFIG_COMPAT ++#ifdef CONFIG_ARM64_64K_PAGES ++/* ++ * With CONFIG_ARM64_64K_PAGES enabled, the last page is occupied ++ * by the compat vectors page. ++ */ + #define TASK_SIZE_32 UL(0x100000000) ++#else ++#define TASK_SIZE_32 (UL(0x100000000) - PAGE_SIZE) ++#endif /* CONFIG_ARM64_64K_PAGES */ + #define TASK_SIZE (test_thread_flag(TIF_32BIT) ? \ + TASK_SIZE_32 : TASK_SIZE_64) + #define TASK_SIZE_OF(tsk) (test_tsk_thread_flag(tsk, TIF_32BIT) ? \ diff --git a/queue-4.14/arm64-save-and-restore-osdlr_el1-across-suspend-resume.patch b/queue-4.14/arm64-save-and-restore-osdlr_el1-across-suspend-resume.patch new file mode 100644 index 00000000000..b749d676fd7 --- /dev/null +++ b/queue-4.14/arm64-save-and-restore-osdlr_el1-across-suspend-resume.patch @@ -0,0 +1,83 @@ +From 827a108e354db633698f0b4a10c1ffd2b1f8d1d0 Mon Sep 17 00:00:00 2001 +From: Jean-Philippe Brucker +Date: Mon, 8 Apr 2019 18:17:19 +0100 +Subject: arm64: Save and restore OSDLR_EL1 across suspend/resume + +From: Jean-Philippe Brucker + +commit 827a108e354db633698f0b4a10c1ffd2b1f8d1d0 upstream. + +When the CPU comes out of suspend, the firmware may have modified the OS +Double Lock Register. Save it in an unused slot of cpu_suspend_ctx, and +restore it on resume. + +Cc: +Signed-off-by: Jean-Philippe Brucker +Signed-off-by: Will Deacon +Signed-off-by: Greg Kroah-Hartman + +--- + arch/arm64/mm/proc.S | 34 ++++++++++++++++++---------------- + 1 file changed, 18 insertions(+), 16 deletions(-) + +--- a/arch/arm64/mm/proc.S ++++ b/arch/arm64/mm/proc.S +@@ -64,24 +64,25 @@ ENTRY(cpu_do_suspend) + mrs x2, tpidr_el0 + mrs x3, tpidrro_el0 + mrs x4, contextidr_el1 +- mrs x5, cpacr_el1 +- mrs x6, tcr_el1 +- mrs x7, vbar_el1 +- mrs x8, mdscr_el1 +- mrs x9, oslsr_el1 +- mrs x10, sctlr_el1 ++ mrs x5, osdlr_el1 ++ mrs x6, cpacr_el1 ++ mrs x7, tcr_el1 ++ mrs x8, vbar_el1 ++ mrs x9, mdscr_el1 ++ mrs x10, oslsr_el1 ++ mrs x11, sctlr_el1 + alternative_if_not ARM64_HAS_VIRT_HOST_EXTN +- mrs x11, tpidr_el1 ++ mrs x12, tpidr_el1 + alternative_else +- mrs x11, tpidr_el2 ++ mrs x12, tpidr_el2 + alternative_endif +- mrs x12, sp_el0 ++ mrs x13, sp_el0 + stp x2, x3, [x0] +- stp x4, xzr, [x0, #16] +- stp x5, x6, [x0, #32] +- stp x7, x8, [x0, #48] +- stp x9, x10, [x0, #64] +- stp x11, x12, [x0, #80] ++ stp x4, x5, [x0, #16] ++ stp x6, x7, [x0, #32] ++ stp x8, x9, [x0, #48] ++ stp x10, x11, [x0, #64] ++ stp x12, x13, [x0, #80] + ret + ENDPROC(cpu_do_suspend) + +@@ -104,8 +105,8 @@ ENTRY(cpu_do_resume) + msr cpacr_el1, x6 + + /* Don't change t0sz here, mask those bits when restoring */ +- mrs x5, tcr_el1 +- bfi x8, x5, TCR_T0SZ_OFFSET, TCR_TxSZ_WIDTH ++ mrs x7, tcr_el1 ++ bfi x8, x7, TCR_T0SZ_OFFSET, TCR_TxSZ_WIDTH + + msr tcr_el1, x8 + msr vbar_el1, x9 +@@ -129,6 +130,7 @@ alternative_endif + /* + * Restore oslsr_el1 by writing oslar_el1 + */ ++ msr osdlr_el1, x5 + ubfx x11, x11, #1, #1 + msr oslar_el1, x11 + reset_pmuserenr_el0 x0 // Disable PMU access from EL0 diff --git a/queue-4.14/crypto-arm-aes-neonbs-don-t-access-already-freed-walk.iv.patch b/queue-4.14/crypto-arm-aes-neonbs-don-t-access-already-freed-walk.iv.patch new file mode 100644 index 00000000000..8601751b15c --- /dev/null +++ b/queue-4.14/crypto-arm-aes-neonbs-don-t-access-already-freed-walk.iv.patch @@ -0,0 +1,42 @@ +From 767f015ea0b7ab9d60432ff6cd06b664fd71f50f Mon Sep 17 00:00:00 2001 +From: Eric Biggers +Date: Tue, 9 Apr 2019 23:46:31 -0700 +Subject: crypto: arm/aes-neonbs - don't access already-freed walk.iv + +From: Eric Biggers + +commit 767f015ea0b7ab9d60432ff6cd06b664fd71f50f upstream. + +If the user-provided IV needs to be aligned to the algorithm's +alignmask, then skcipher_walk_virt() copies the IV into a new aligned +buffer walk.iv. But skcipher_walk_virt() can fail afterwards, and then +if the caller unconditionally accesses walk.iv, it's a use-after-free. + +arm32 xts-aes-neonbs doesn't set an alignmask, so currently it isn't +affected by this despite unconditionally accessing walk.iv. However +this is more subtle than desired, and it was actually broken prior to +the alignmask being removed by commit cc477bf64573 ("crypto: arm/aes - +replace bit-sliced OpenSSL NEON code"). Thus, update xts-aes-neonbs to +start checking the return value of skcipher_walk_virt(). + +Fixes: e4e7f10bfc40 ("ARM: add support for bit sliced AES using NEON instructions") +Cc: # v3.13+ +Signed-off-by: Eric Biggers +Signed-off-by: Herbert Xu +Signed-off-by: Greg Kroah-Hartman + +--- + arch/arm/crypto/aes-neonbs-glue.c | 2 ++ + 1 file changed, 2 insertions(+) + +--- a/arch/arm/crypto/aes-neonbs-glue.c ++++ b/arch/arm/crypto/aes-neonbs-glue.c +@@ -280,6 +280,8 @@ static int __xts_crypt(struct skcipher_r + int err; + + err = skcipher_walk_virt(&walk, req, true); ++ if (err) ++ return err; + + crypto_cipher_encrypt_one(ctx->tweak_tfm, walk.iv, walk.iv); + diff --git a/queue-4.14/crypto-chacha20poly1305-set-cra_name-correctly.patch b/queue-4.14/crypto-chacha20poly1305-set-cra_name-correctly.patch new file mode 100644 index 00000000000..d26a7dfc625 --- /dev/null +++ b/queue-4.14/crypto-chacha20poly1305-set-cra_name-correctly.patch @@ -0,0 +1,46 @@ +From 5e27f38f1f3f45a0c938299c3a34a2d2db77165a Mon Sep 17 00:00:00 2001 +From: Eric Biggers +Date: Sun, 31 Mar 2019 13:04:16 -0700 +Subject: crypto: chacha20poly1305 - set cra_name correctly + +From: Eric Biggers + +commit 5e27f38f1f3f45a0c938299c3a34a2d2db77165a upstream. + +If the rfc7539 template is instantiated with specific implementations, +e.g. "rfc7539(chacha20-generic,poly1305-generic)" rather than +"rfc7539(chacha20,poly1305)", then the implementation names end up +included in the instance's cra_name. This is incorrect because it then +prevents all users from allocating "rfc7539(chacha20,poly1305)", if the +highest priority implementations of chacha20 and poly1305 were selected. +Also, the self-tests aren't run on an instance allocated in this way. + +Fix it by setting the instance's cra_name from the underlying +algorithms' actual cra_names, rather than from the requested names. +This matches what other templates do. + +Fixes: 71ebc4d1b27d ("crypto: chacha20poly1305 - Add a ChaCha20-Poly1305 AEAD construction, RFC7539") +Cc: # v4.2+ +Cc: Martin Willi +Signed-off-by: Eric Biggers +Reviewed-by: Martin Willi +Signed-off-by: Herbert Xu +Signed-off-by: Greg Kroah-Hartman + +--- + crypto/chacha20poly1305.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +--- a/crypto/chacha20poly1305.c ++++ b/crypto/chacha20poly1305.c +@@ -647,8 +647,8 @@ static int chachapoly_create(struct cryp + + err = -ENAMETOOLONG; + if (snprintf(inst->alg.base.cra_name, CRYPTO_MAX_ALG_NAME, +- "%s(%s,%s)", name, chacha_name, +- poly_name) >= CRYPTO_MAX_ALG_NAME) ++ "%s(%s,%s)", name, chacha->base.cra_name, ++ poly->cra_name) >= CRYPTO_MAX_ALG_NAME) + goto out_drop_chacha; + if (snprintf(inst->alg.base.cra_driver_name, CRYPTO_MAX_ALG_NAME, + "%s(%s,%s)", name, chacha->base.cra_driver_name, diff --git a/queue-4.14/crypto-crct10dif-generic-fix-use-via-crypto_shash_digest.patch b/queue-4.14/crypto-crct10dif-generic-fix-use-via-crypto_shash_digest.patch new file mode 100644 index 00000000000..d032c1caeb8 --- /dev/null +++ b/queue-4.14/crypto-crct10dif-generic-fix-use-via-crypto_shash_digest.patch @@ -0,0 +1,65 @@ +From 307508d1072979f4435416f87936f87eaeb82054 Mon Sep 17 00:00:00 2001 +From: Eric Biggers +Date: Sun, 31 Mar 2019 13:04:12 -0700 +Subject: crypto: crct10dif-generic - fix use via crypto_shash_digest() + +From: Eric Biggers + +commit 307508d1072979f4435416f87936f87eaeb82054 upstream. + +The ->digest() method of crct10dif-generic reads the current CRC value +from the shash_desc context. But this value is uninitialized, causing +crypto_shash_digest() to compute the wrong result. Fix it. + +Probably this wasn't noticed before because lib/crc-t10dif.c only uses +crypto_shash_update(), not crypto_shash_digest(). Likewise, +crypto_shash_digest() is not yet tested by the crypto self-tests because +those only test the ahash API which only uses shash init/update/final. + +This bug was detected by my patches that improve testmgr to fuzz +algorithms against their generic implementation. + +Fixes: 2d31e518a428 ("crypto: crct10dif - Wrap crc_t10dif function all to use crypto transform framework") +Cc: # v3.11+ +Cc: Tim Chen +Signed-off-by: Eric Biggers +Signed-off-by: Herbert Xu +Signed-off-by: Greg Kroah-Hartman + +--- + crypto/crct10dif_generic.c | 11 ++++------- + 1 file changed, 4 insertions(+), 7 deletions(-) + +--- a/crypto/crct10dif_generic.c ++++ b/crypto/crct10dif_generic.c +@@ -65,10 +65,9 @@ static int chksum_final(struct shash_des + return 0; + } + +-static int __chksum_finup(__u16 *crcp, const u8 *data, unsigned int len, +- u8 *out) ++static int __chksum_finup(__u16 crc, const u8 *data, unsigned int len, u8 *out) + { +- *(__u16 *)out = crc_t10dif_generic(*crcp, data, len); ++ *(__u16 *)out = crc_t10dif_generic(crc, data, len); + return 0; + } + +@@ -77,15 +76,13 @@ static int chksum_finup(struct shash_des + { + struct chksum_desc_ctx *ctx = shash_desc_ctx(desc); + +- return __chksum_finup(&ctx->crc, data, len, out); ++ return __chksum_finup(ctx->crc, data, len, out); + } + + static int chksum_digest(struct shash_desc *desc, const u8 *data, + unsigned int length, u8 *out) + { +- struct chksum_desc_ctx *ctx = shash_desc_ctx(desc); +- +- return __chksum_finup(&ctx->crc, data, length, out); ++ return __chksum_finup(0, data, length, out); + } + + static struct shash_alg alg = { diff --git a/queue-4.14/crypto-gcm-fix-incompatibility-between-gcm-and-gcm_base.patch b/queue-4.14/crypto-gcm-fix-incompatibility-between-gcm-and-gcm_base.patch new file mode 100644 index 00000000000..3eea63aee90 --- /dev/null +++ b/queue-4.14/crypto-gcm-fix-incompatibility-between-gcm-and-gcm_base.patch @@ -0,0 +1,137 @@ +From f699594d436960160f6d5ba84ed4a222f20d11cd Mon Sep 17 00:00:00 2001 +From: Eric Biggers +Date: Thu, 18 Apr 2019 14:43:02 -0700 +Subject: crypto: gcm - fix incompatibility between "gcm" and "gcm_base" + +From: Eric Biggers + +commit f699594d436960160f6d5ba84ed4a222f20d11cd upstream. + +GCM instances can be created by either the "gcm" template, which only +allows choosing the block cipher, e.g. "gcm(aes)"; or by "gcm_base", +which allows choosing the ctr and ghash implementations, e.g. +"gcm_base(ctr(aes-generic),ghash-generic)". + +However, a "gcm_base" instance prevents a "gcm" instance from being +registered using the same implementations. Nor will the instance be +found by lookups of "gcm". This can be used as a denial of service. +Moreover, "gcm_base" instances are never tested by the crypto +self-tests, even if there are compatible "gcm" tests. + +The root cause of these problems is that instances of the two templates +use different cra_names. Therefore, fix these problems by making +"gcm_base" instances set the same cra_name as "gcm" instances, e.g. +"gcm(aes)" instead of "gcm_base(ctr(aes-generic),ghash-generic)". + +This requires extracting the block cipher name from the name of the ctr +algorithm. It also requires starting to verify that the algorithms are +really ctr and ghash, not something else entirely. But it would be +bizarre if anyone were actually using non-gcm-compatible algorithms with +gcm_base, so this shouldn't break anyone in practice. + +Fixes: d00aa19b507b ("[CRYPTO] gcm: Allow block cipher parameter") +Cc: stable@vger.kernel.org +Signed-off-by: Eric Biggers +Signed-off-by: Herbert Xu +Signed-off-by: Greg Kroah-Hartman + +--- + crypto/gcm.c | 34 +++++++++++----------------------- + 1 file changed, 11 insertions(+), 23 deletions(-) + +--- a/crypto/gcm.c ++++ b/crypto/gcm.c +@@ -616,7 +616,6 @@ static void crypto_gcm_free(struct aead_ + + static int crypto_gcm_create_common(struct crypto_template *tmpl, + struct rtattr **tb, +- const char *full_name, + const char *ctr_name, + const char *ghash_name) + { +@@ -657,7 +656,8 @@ static int crypto_gcm_create_common(stru + goto err_free_inst; + + err = -EINVAL; +- if (ghash->digestsize != 16) ++ if (strcmp(ghash->base.cra_name, "ghash") != 0 || ++ ghash->digestsize != 16) + goto err_drop_ghash; + + crypto_set_skcipher_spawn(&ctx->ctr, aead_crypto_instance(inst)); +@@ -669,24 +669,24 @@ static int crypto_gcm_create_common(stru + + ctr = crypto_spawn_skcipher_alg(&ctx->ctr); + +- /* We only support 16-byte blocks. */ ++ /* The skcipher algorithm must be CTR mode, using 16-byte blocks. */ + err = -EINVAL; +- if (crypto_skcipher_alg_ivsize(ctr) != 16) ++ if (strncmp(ctr->base.cra_name, "ctr(", 4) != 0 || ++ crypto_skcipher_alg_ivsize(ctr) != 16 || ++ ctr->base.cra_blocksize != 1) + goto out_put_ctr; + +- /* Not a stream cipher? */ +- if (ctr->base.cra_blocksize != 1) ++ err = -ENAMETOOLONG; ++ if (snprintf(inst->alg.base.cra_name, CRYPTO_MAX_ALG_NAME, ++ "gcm(%s", ctr->base.cra_name + 4) >= CRYPTO_MAX_ALG_NAME) + goto out_put_ctr; + +- err = -ENAMETOOLONG; + if (snprintf(inst->alg.base.cra_driver_name, CRYPTO_MAX_ALG_NAME, + "gcm_base(%s,%s)", ctr->base.cra_driver_name, + ghash_alg->cra_driver_name) >= + CRYPTO_MAX_ALG_NAME) + goto out_put_ctr; + +- memcpy(inst->alg.base.cra_name, full_name, CRYPTO_MAX_ALG_NAME); +- + inst->alg.base.cra_flags = (ghash->base.cra_flags | + ctr->base.cra_flags) & CRYPTO_ALG_ASYNC; + inst->alg.base.cra_priority = (ghash->base.cra_priority + +@@ -728,7 +728,6 @@ static int crypto_gcm_create(struct cryp + { + const char *cipher_name; + char ctr_name[CRYPTO_MAX_ALG_NAME]; +- char full_name[CRYPTO_MAX_ALG_NAME]; + + cipher_name = crypto_attr_alg_name(tb[1]); + if (IS_ERR(cipher_name)) +@@ -738,12 +737,7 @@ static int crypto_gcm_create(struct cryp + CRYPTO_MAX_ALG_NAME) + return -ENAMETOOLONG; + +- if (snprintf(full_name, CRYPTO_MAX_ALG_NAME, "gcm(%s)", cipher_name) >= +- CRYPTO_MAX_ALG_NAME) +- return -ENAMETOOLONG; +- +- return crypto_gcm_create_common(tmpl, tb, full_name, +- ctr_name, "ghash"); ++ return crypto_gcm_create_common(tmpl, tb, ctr_name, "ghash"); + } + + static struct crypto_template crypto_gcm_tmpl = { +@@ -757,7 +751,6 @@ static int crypto_gcm_base_create(struct + { + const char *ctr_name; + const char *ghash_name; +- char full_name[CRYPTO_MAX_ALG_NAME]; + + ctr_name = crypto_attr_alg_name(tb[1]); + if (IS_ERR(ctr_name)) +@@ -767,12 +760,7 @@ static int crypto_gcm_base_create(struct + if (IS_ERR(ghash_name)) + return PTR_ERR(ghash_name); + +- if (snprintf(full_name, CRYPTO_MAX_ALG_NAME, "gcm_base(%s,%s)", +- ctr_name, ghash_name) >= CRYPTO_MAX_ALG_NAME) +- return -ENAMETOOLONG; +- +- return crypto_gcm_create_common(tmpl, tb, full_name, +- ctr_name, ghash_name); ++ return crypto_gcm_create_common(tmpl, tb, ctr_name, ghash_name); + } + + static struct crypto_template crypto_gcm_base_tmpl = { diff --git a/queue-4.14/crypto-rockchip-update-iv-buffer-to-contain-the-next-iv.patch b/queue-4.14/crypto-rockchip-update-iv-buffer-to-contain-the-next-iv.patch new file mode 100644 index 00000000000..0b611735804 --- /dev/null +++ b/queue-4.14/crypto-rockchip-update-iv-buffer-to-contain-the-next-iv.patch @@ -0,0 +1,68 @@ +From f0cfd57b43fec65761ca61d3892b983a71515f23 Mon Sep 17 00:00:00 2001 +From: Zhang Zhijie +Date: Fri, 12 Apr 2019 17:16:33 +0800 +Subject: crypto: rockchip - update IV buffer to contain the next IV + +From: Zhang Zhijie + +commit f0cfd57b43fec65761ca61d3892b983a71515f23 upstream. + +The Kernel Crypto API request output the next IV data to +IV buffer for CBC implementation. So the last block data of +ciphertext should be copid into assigned IV buffer. + +Reported-by: Eric Biggers +Fixes: 433cd2c617bf ("crypto: rockchip - add crypto driver for rk3288") +Cc: # v4.5+ +Signed-off-by: Zhang Zhijie +Signed-off-by: Herbert Xu +Signed-off-by: Greg Kroah-Hartman + +--- + drivers/crypto/rockchip/rk3288_crypto_ablkcipher.c | 25 +++++++++++++++------ + 1 file changed, 18 insertions(+), 7 deletions(-) + +--- a/drivers/crypto/rockchip/rk3288_crypto_ablkcipher.c ++++ b/drivers/crypto/rockchip/rk3288_crypto_ablkcipher.c +@@ -250,9 +250,14 @@ static int rk_set_data_start(struct rk_c + u8 *src_last_blk = page_address(sg_page(dev->sg_src)) + + dev->sg_src->offset + dev->sg_src->length - ivsize; + +- /* store the iv that need to be updated in chain mode */ +- if (ctx->mode & RK_CRYPTO_DEC) ++ /* Store the iv that need to be updated in chain mode. ++ * And update the IV buffer to contain the next IV for decryption mode. ++ */ ++ if (ctx->mode & RK_CRYPTO_DEC) { + memcpy(ctx->iv, src_last_blk, ivsize); ++ sg_pcopy_to_buffer(dev->first, dev->src_nents, req->info, ++ ivsize, dev->total - ivsize); ++ } + + err = dev->load_data(dev, dev->sg_src, dev->sg_dst); + if (!err) +@@ -288,13 +293,19 @@ static void rk_iv_copyback(struct rk_cry + struct ablkcipher_request *req = + ablkcipher_request_cast(dev->async_req); + struct crypto_ablkcipher *tfm = crypto_ablkcipher_reqtfm(req); ++ struct rk_cipher_ctx *ctx = crypto_ablkcipher_ctx(tfm); + u32 ivsize = crypto_ablkcipher_ivsize(tfm); + +- if (ivsize == DES_BLOCK_SIZE) +- memcpy_fromio(req->info, dev->reg + RK_CRYPTO_TDES_IV_0, +- ivsize); +- else if (ivsize == AES_BLOCK_SIZE) +- memcpy_fromio(req->info, dev->reg + RK_CRYPTO_AES_IV_0, ivsize); ++ /* Update the IV buffer to contain the next IV for encryption mode. */ ++ if (!(ctx->mode & RK_CRYPTO_DEC)) { ++ if (dev->aligned) { ++ memcpy(req->info, sg_virt(dev->sg_dst) + ++ dev->sg_dst->length - ivsize, ivsize); ++ } else { ++ memcpy(req->info, dev->addr_vir + ++ dev->count - ivsize, ivsize); ++ } ++ } + } + + static void rk_update_iv(struct rk_crypto_info *dev) diff --git a/queue-4.14/crypto-skcipher-don-t-warn-on-unprocessed-data-after-slow-walk-step.patch b/queue-4.14/crypto-skcipher-don-t-warn-on-unprocessed-data-after-slow-walk-step.patch new file mode 100644 index 00000000000..11ac8a72df9 --- /dev/null +++ b/queue-4.14/crypto-skcipher-don-t-warn-on-unprocessed-data-after-slow-walk-step.patch @@ -0,0 +1,56 @@ +From dcaca01a42cc2c425154a13412b4124293a6e11e Mon Sep 17 00:00:00 2001 +From: Eric Biggers +Date: Sun, 31 Mar 2019 13:04:15 -0700 +Subject: crypto: skcipher - don't WARN on unprocessed data after slow walk step + +From: Eric Biggers + +commit dcaca01a42cc2c425154a13412b4124293a6e11e upstream. + +skcipher_walk_done() assumes it's a bug if, after the "slow" path is +executed where the next chunk of data is processed via a bounce buffer, +the algorithm says it didn't process all bytes. Thus it WARNs on this. + +However, this can happen legitimately when the message needs to be +evenly divisible into "blocks" but isn't, and the algorithm has a +'walksize' greater than the block size. For example, ecb-aes-neonbs +sets 'walksize' to 128 bytes and only supports messages evenly divisible +into 16-byte blocks. If, say, 17 message bytes remain but they straddle +scatterlist elements, the skcipher_walk code will take the "slow" path +and pass the algorithm all 17 bytes in the bounce buffer. But the +algorithm will only be able to process 16 bytes, triggering the WARN. + +Fix this by just removing the WARN_ON(). Returning -EINVAL, as the code +already does, is the right behavior. + +This bug was detected by my patches that improve testmgr to fuzz +algorithms against their generic implementation. + +Fixes: b286d8b1a690 ("crypto: skcipher - Add skcipher walk interface") +Cc: # v4.10+ +Signed-off-by: Eric Biggers +Signed-off-by: Herbert Xu +Signed-off-by: Greg Kroah-Hartman + +--- + crypto/skcipher.c | 9 +++++++-- + 1 file changed, 7 insertions(+), 2 deletions(-) + +--- a/crypto/skcipher.c ++++ b/crypto/skcipher.c +@@ -131,8 +131,13 @@ unmap_src: + memcpy(walk->dst.virt.addr, walk->page, n); + skcipher_unmap_dst(walk); + } else if (unlikely(walk->flags & SKCIPHER_WALK_SLOW)) { +- if (WARN_ON(err)) { +- /* unexpected case; didn't process all bytes */ ++ if (err) { ++ /* ++ * Didn't process all bytes. Either the algorithm is ++ * broken, or this was the last step and it turned out ++ * the message wasn't evenly divisible into blocks but ++ * the algorithm requires it. ++ */ + err = -EINVAL; + goto finish; + } diff --git a/queue-4.14/crypto-vmx-fix-copy-paste-error-in-ctr-mode.patch b/queue-4.14/crypto-vmx-fix-copy-paste-error-in-ctr-mode.patch new file mode 100644 index 00000000000..327b1d467c7 --- /dev/null +++ b/queue-4.14/crypto-vmx-fix-copy-paste-error-in-ctr-mode.patch @@ -0,0 +1,56 @@ +From dcf7b48212c0fab7df69e84fab22d6cb7c8c0fb9 Mon Sep 17 00:00:00 2001 +From: Daniel Axtens +Date: Fri, 15 Mar 2019 13:09:01 +1100 +Subject: crypto: vmx - fix copy-paste error in CTR mode +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +From: Daniel Axtens + +commit dcf7b48212c0fab7df69e84fab22d6cb7c8c0fb9 upstream. + +The original assembly imported from OpenSSL has two copy-paste +errors in handling CTR mode. When dealing with a 2 or 3 block tail, +the code branches to the CBC decryption exit path, rather than to +the CTR exit path. + +This leads to corruption of the IV, which leads to subsequent blocks +being corrupted. + +This can be detected with libkcapi test suite, which is available at +https://github.com/smuellerDD/libkcapi + +Reported-by: Ondrej Mosnáček +Fixes: 5c380d623ed3 ("crypto: vmx - Add support for VMS instructions by ASM") +Cc: stable@vger.kernel.org +Signed-off-by: Daniel Axtens +Tested-by: Michael Ellerman +Tested-by: Ondrej Mosnacek +Signed-off-by: Herbert Xu +Signed-off-by: Greg Kroah-Hartman + +--- + drivers/crypto/vmx/aesp8-ppc.pl | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +--- a/drivers/crypto/vmx/aesp8-ppc.pl ++++ b/drivers/crypto/vmx/aesp8-ppc.pl +@@ -1815,7 +1815,7 @@ Lctr32_enc8x_three: + stvx_u $out1,$x10,$out + stvx_u $out2,$x20,$out + addi $out,$out,0x30 +- b Lcbc_dec8x_done ++ b Lctr32_enc8x_done + + .align 5 + Lctr32_enc8x_two: +@@ -1827,7 +1827,7 @@ Lctr32_enc8x_two: + stvx_u $out0,$x00,$out + stvx_u $out1,$x10,$out + addi $out,$out,0x20 +- b Lcbc_dec8x_done ++ b Lctr32_enc8x_done + + .align 5 + Lctr32_enc8x_one: diff --git a/queue-4.14/crypto-x86-crct10dif-pcl-fix-use-via-crypto_shash_digest.patch b/queue-4.14/crypto-x86-crct10dif-pcl-fix-use-via-crypto_shash_digest.patch new file mode 100644 index 00000000000..0c91aeb1170 --- /dev/null +++ b/queue-4.14/crypto-x86-crct10dif-pcl-fix-use-via-crypto_shash_digest.patch @@ -0,0 +1,68 @@ +From dec3d0b1071a0f3194e66a83d26ecf4aa8c5910e Mon Sep 17 00:00:00 2001 +From: Eric Biggers +Date: Sun, 31 Mar 2019 13:04:13 -0700 +Subject: crypto: x86/crct10dif-pcl - fix use via crypto_shash_digest() + +From: Eric Biggers + +commit dec3d0b1071a0f3194e66a83d26ecf4aa8c5910e upstream. + +The ->digest() method of crct10dif-pclmul reads the current CRC value +from the shash_desc context. But this value is uninitialized, causing +crypto_shash_digest() to compute the wrong result. Fix it. + +Probably this wasn't noticed before because lib/crc-t10dif.c only uses +crypto_shash_update(), not crypto_shash_digest(). Likewise, +crypto_shash_digest() is not yet tested by the crypto self-tests because +those only test the ahash API which only uses shash init/update/final. + +Fixes: 0b95a7f85718 ("crypto: crct10dif - Glue code to cast accelerated CRCT10DIF assembly as a crypto transform") +Cc: # v3.11+ +Cc: Tim Chen +Signed-off-by: Eric Biggers +Signed-off-by: Herbert Xu +Signed-off-by: Greg Kroah-Hartman + +--- + arch/x86/crypto/crct10dif-pclmul_glue.c | 13 +++++-------- + 1 file changed, 5 insertions(+), 8 deletions(-) + +--- a/arch/x86/crypto/crct10dif-pclmul_glue.c ++++ b/arch/x86/crypto/crct10dif-pclmul_glue.c +@@ -76,15 +76,14 @@ static int chksum_final(struct shash_des + return 0; + } + +-static int __chksum_finup(__u16 *crcp, const u8 *data, unsigned int len, +- u8 *out) ++static int __chksum_finup(__u16 crc, const u8 *data, unsigned int len, u8 *out) + { + if (irq_fpu_usable()) { + kernel_fpu_begin(); +- *(__u16 *)out = crc_t10dif_pcl(*crcp, data, len); ++ *(__u16 *)out = crc_t10dif_pcl(crc, data, len); + kernel_fpu_end(); + } else +- *(__u16 *)out = crc_t10dif_generic(*crcp, data, len); ++ *(__u16 *)out = crc_t10dif_generic(crc, data, len); + return 0; + } + +@@ -93,15 +92,13 @@ static int chksum_finup(struct shash_des + { + struct chksum_desc_ctx *ctx = shash_desc_ctx(desc); + +- return __chksum_finup(&ctx->crc, data, len, out); ++ return __chksum_finup(ctx->crc, data, len, out); + } + + static int chksum_digest(struct shash_desc *desc, const u8 *data, + unsigned int length, u8 *out) + { +- struct chksum_desc_ctx *ctx = shash_desc_ctx(desc); +- +- return __chksum_finup(&ctx->crc, data, length, out); ++ return __chksum_finup(0, data, length, out); + } + + static struct shash_alg alg = { diff --git a/queue-4.14/objtool-fix-function-fallthrough-detection.patch b/queue-4.14/objtool-fix-function-fallthrough-detection.patch new file mode 100644 index 00000000000..4a16bce8bc1 --- /dev/null +++ b/queue-4.14/objtool-fix-function-fallthrough-detection.patch @@ -0,0 +1,59 @@ +From e6f393bc939d566ce3def71232d8013de9aaadde Mon Sep 17 00:00:00 2001 +From: Josh Poimboeuf +Date: Mon, 13 May 2019 12:01:32 -0500 +Subject: objtool: Fix function fallthrough detection + +From: Josh Poimboeuf + +commit e6f393bc939d566ce3def71232d8013de9aaadde upstream. + +When a function falls through to the next function due to a compiler +bug, objtool prints some obscure warnings. For example: + + drivers/regulator/core.o: warning: objtool: regulator_count_voltages()+0x95: return with modified stack frame + drivers/regulator/core.o: warning: objtool: regulator_count_voltages()+0x0: stack state mismatch: cfa1=7+32 cfa2=7+8 + +Instead it should be printing: + + drivers/regulator/core.o: warning: objtool: regulator_supply_is_couple() falls through to next function regulator_count_voltages() + +This used to work, but was broken by the following commit: + + 13810435b9a7 ("objtool: Support GCC 8's cold subfunctions") + +The padding nops at the end of a function aren't actually part of the +function, as defined by the symbol table. So the 'func' variable in +validate_branch() is getting cleared to NULL when a padding nop is +encountered, breaking the fallthrough detection. + +If the current instruction doesn't have a function associated with it, +just consider it to be part of the previously detected function by not +overwriting the previous value of 'func'. + +Reported-by: kbuild test robot +Signed-off-by: Josh Poimboeuf +Cc: Linus Torvalds +Cc: Peter Zijlstra +Cc: Thomas Gleixner +Cc: +Fixes: 13810435b9a7 ("objtool: Support GCC 8's cold subfunctions") +Link: http://lkml.kernel.org/r/546d143820cd08a46624ae8440d093dd6c902cae.1557766718.git.jpoimboe@redhat.com +Signed-off-by: Ingo Molnar +Signed-off-by: Greg Kroah-Hartman + +--- + tools/objtool/check.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +--- a/tools/objtool/check.c ++++ b/tools/objtool/check.c +@@ -1779,7 +1779,8 @@ static int validate_branch(struct objtoo + return 1; + } + +- func = insn->func ? insn->func->pfunc : NULL; ++ if (insn->func) ++ func = insn->func->pfunc; + + if (func && insn->ignore) { + WARN_FUNC("BUG: why am I validating an ignored function?", diff --git a/queue-4.14/power-supply-axp288_charger-fix-unchecked-return-value.patch b/queue-4.14/power-supply-axp288_charger-fix-unchecked-return-value.patch new file mode 100644 index 00000000000..5e0e4c6c16a --- /dev/null +++ b/queue-4.14/power-supply-axp288_charger-fix-unchecked-return-value.patch @@ -0,0 +1,42 @@ +From c3422ad5f84a66739ec6a37251ca27638c85b6be Mon Sep 17 00:00:00 2001 +From: "Gustavo A. R. Silva" +Date: Mon, 18 Mar 2019 11:14:39 -0500 +Subject: power: supply: axp288_charger: Fix unchecked return value + +From: Gustavo A. R. Silva + +commit c3422ad5f84a66739ec6a37251ca27638c85b6be upstream. + +Currently there is no check on platform_get_irq() return value +in case it fails, hence never actually reporting any errors and +causing unexpected behavior when using such value as argument +for function regmap_irq_get_virq(). + +Fix this by adding a proper check, a message reporting any errors +and returning *pirq* + +Addresses-Coverity-ID: 1443940 ("Improper use of negative value") +Fixes: 843735b788a4 ("power: axp288_charger: axp288 charger driver") +Cc: stable@vger.kernel.org +Signed-off-by: Gustavo A. R. Silva +Reviewed-by: Hans de Goede +Signed-off-by: Sebastian Reichel +Signed-off-by: Greg Kroah-Hartman + +--- + drivers/power/supply/axp288_charger.c | 4 ++++ + 1 file changed, 4 insertions(+) + +--- a/drivers/power/supply/axp288_charger.c ++++ b/drivers/power/supply/axp288_charger.c +@@ -881,6 +881,10 @@ static int axp288_charger_probe(struct p + /* Register charger interrupts */ + for (i = 0; i < CHRG_INTR_END; i++) { + pirq = platform_get_irq(info->pdev, i); ++ if (pirq < 0) { ++ dev_err(&pdev->dev, "Failed to get IRQ: %d\n", pirq); ++ return pirq; ++ } + info->irq[i] = regmap_irq_get_virq(info->regmap_irqc, pirq); + if (info->irq[i] < 0) { + dev_warn(&info->pdev->dev, diff --git a/queue-4.14/sched-x86-save-flags-on-context-switch.patch b/queue-4.14/sched-x86-save-flags-on-context-switch.patch new file mode 100644 index 00000000000..7305dea75a9 --- /dev/null +++ b/queue-4.14/sched-x86-save-flags-on-context-switch.patch @@ -0,0 +1,128 @@ +From 6690e86be83ac75832e461c141055b5d601c0a6d Mon Sep 17 00:00:00 2001 +From: Peter Zijlstra +Date: Thu, 14 Feb 2019 10:30:52 +0100 +Subject: sched/x86: Save [ER]FLAGS on context switch + +From: Peter Zijlstra + +commit 6690e86be83ac75832e461c141055b5d601c0a6d upstream. + +Effectively reverts commit: + + 2c7577a75837 ("sched/x86_64: Don't save flags on context switch") + +Specifically because SMAP uses FLAGS.AC which invalidates the claim +that the kernel has clean flags. + +In particular; while preemption from interrupt return is fine (the +IRET frame on the exception stack contains FLAGS) it breaks any code +that does synchonous scheduling, including preempt_enable(). + +This has become a significant issue ever since commit: + + 5b24a7a2aa20 ("Add 'unsafe' user access functions for batched accesses") + +provided for means of having 'normal' C code between STAC / CLAC, +exposing the FLAGS.AC state. So far this hasn't led to trouble, +however fix it before it comes apart. + +Reported-by: Julien Thierry +Signed-off-by: Peter Zijlstra (Intel) +Acked-by: Andy Lutomirski +Cc: Borislav Petkov +Cc: Josh Poimboeuf +Cc: Linus Torvalds +Cc: Peter Zijlstra +Cc: Thomas Gleixner +Cc: stable@kernel.org +Fixes: 5b24a7a2aa20 ("Add 'unsafe' user access functions for batched accesses") +Signed-off-by: Ingo Molnar +Signed-off-by: Greg Kroah-Hartman + +--- + arch/x86/entry/entry_32.S | 2 ++ + arch/x86/entry/entry_64.S | 2 ++ + arch/x86/include/asm/switch_to.h | 1 + + arch/x86/kernel/process_32.c | 7 +++++++ + arch/x86/kernel/process_64.c | 8 ++++++++ + 5 files changed, 20 insertions(+) + +--- a/arch/x86/entry/entry_32.S ++++ b/arch/x86/entry/entry_32.S +@@ -234,6 +234,7 @@ ENTRY(__switch_to_asm) + pushl %ebx + pushl %edi + pushl %esi ++ pushfl + + /* switch stack */ + movl %esp, TASK_threadsp(%eax) +@@ -256,6 +257,7 @@ ENTRY(__switch_to_asm) + #endif + + /* restore callee-saved registers */ ++ popfl + popl %esi + popl %edi + popl %ebx +--- a/arch/x86/entry/entry_64.S ++++ b/arch/x86/entry/entry_64.S +@@ -342,6 +342,7 @@ ENTRY(__switch_to_asm) + pushq %r13 + pushq %r14 + pushq %r15 ++ pushfq + + /* switch stack */ + movq %rsp, TASK_threadsp(%rdi) +@@ -364,6 +365,7 @@ ENTRY(__switch_to_asm) + #endif + + /* restore callee-saved registers */ ++ popfq + popq %r15 + popq %r14 + popq %r13 +--- a/arch/x86/include/asm/switch_to.h ++++ b/arch/x86/include/asm/switch_to.h +@@ -41,6 +41,7 @@ asmlinkage void ret_from_fork(void); + * order of the fields must match the code in __switch_to_asm(). + */ + struct inactive_task_frame { ++ unsigned long flags; + #ifdef CONFIG_X86_64 + unsigned long r15; + unsigned long r14; +--- a/arch/x86/kernel/process_32.c ++++ b/arch/x86/kernel/process_32.c +@@ -132,6 +132,13 @@ int copy_thread_tls(unsigned long clone_ + struct task_struct *tsk; + int err; + ++ /* ++ * For a new task use the RESET flags value since there is no before. ++ * All the status flags are zero; DF and all the system flags must also ++ * be 0, specifically IF must be 0 because we context switch to the new ++ * task with interrupts disabled. ++ */ ++ frame->flags = X86_EFLAGS_FIXED; + frame->bp = 0; + frame->ret_addr = (unsigned long) ret_from_fork; + p->thread.sp = (unsigned long) fork_frame; +--- a/arch/x86/kernel/process_64.c ++++ b/arch/x86/kernel/process_64.c +@@ -278,6 +278,14 @@ int copy_thread_tls(unsigned long clone_ + childregs = task_pt_regs(p); + fork_frame = container_of(childregs, struct fork_frame, regs); + frame = &fork_frame->frame; ++ ++ /* ++ * For a new task use the RESET flags value since there is no before. ++ * All the status flags are zero; DF and all the system flags must also ++ * be 0, specifically IF must be 0 because we context switch to the new ++ * task with interrupts disabled. ++ */ ++ frame->flags = X86_EFLAGS_FIXED; + frame->bp = 0; + frame->ret_addr = (unsigned long) ret_from_fork; + p->thread.sp = (unsigned long) fork_frame; diff --git a/queue-4.14/series b/queue-4.14/series index 1e6a136f120..0ed9d27806c 100644 --- a/queue-4.14/series +++ b/queue-4.14/series @@ -3,3 +3,22 @@ locking-rwsem-prevent-decrement-of-reader-count-befo.patch pci-hv-fix-a-memory-leak-in-hv_eject_device_work.patch pci-hv-add-hv_pci_remove_slots-when-we-unload-the-dr.patch pci-hv-add-pci_destroy_slot-in-pci_devices_present_w.patch +x86-speculation-mds-revert-cpu-buffer-clear-on-double-fault-exit.patch +x86-speculation-mds-improve-cpu-buffer-clear-documentation.patch +objtool-fix-function-fallthrough-detection.patch +arm-dts-exynos-fix-interrupt-for-shared-eints-on-exynos5260.patch +arm-dts-exynos-fix-audio-microphone-routing-on-odroid-xu3.patch +arm-exynos-fix-a-leaked-reference-by-adding-missing-of_node_put.patch +power-supply-axp288_charger-fix-unchecked-return-value.patch +arm64-compat-reduce-address-limit.patch +arm64-clear-osdlr_el1-on-cpu-boot.patch +arm64-save-and-restore-osdlr_el1-across-suspend-resume.patch +sched-x86-save-flags-on-context-switch.patch +crypto-chacha20poly1305-set-cra_name-correctly.patch +crypto-vmx-fix-copy-paste-error-in-ctr-mode.patch +crypto-skcipher-don-t-warn-on-unprocessed-data-after-slow-walk-step.patch +crypto-crct10dif-generic-fix-use-via-crypto_shash_digest.patch +crypto-x86-crct10dif-pcl-fix-use-via-crypto_shash_digest.patch +crypto-gcm-fix-incompatibility-between-gcm-and-gcm_base.patch +crypto-rockchip-update-iv-buffer-to-contain-the-next-iv.patch +crypto-arm-aes-neonbs-don-t-access-already-freed-walk.iv.patch diff --git a/queue-4.14/x86-speculation-mds-improve-cpu-buffer-clear-documentation.patch b/queue-4.14/x86-speculation-mds-improve-cpu-buffer-clear-documentation.patch new file mode 100644 index 00000000000..996ae76046a --- /dev/null +++ b/queue-4.14/x86-speculation-mds-improve-cpu-buffer-clear-documentation.patch @@ -0,0 +1,80 @@ +From 9d8d0294e78a164d407133dea05caf4b84247d6a Mon Sep 17 00:00:00 2001 +From: Andy Lutomirski +Date: Tue, 14 May 2019 13:24:40 -0700 +Subject: x86/speculation/mds: Improve CPU buffer clear documentation + +From: Andy Lutomirski + +commit 9d8d0294e78a164d407133dea05caf4b84247d6a upstream. + +On x86_64, all returns to usermode go through +prepare_exit_to_usermode(), with the sole exception of do_nmi(). +This even includes machine checks -- this was added several years +ago to support MCE recovery. Update the documentation. + +Signed-off-by: Andy Lutomirski +Cc: Borislav Petkov +Cc: Frederic Weisbecker +Cc: Greg Kroah-Hartman +Cc: Jon Masters +Cc: Linus Torvalds +Cc: Peter Zijlstra +Cc: Thomas Gleixner +Cc: stable@vger.kernel.org +Fixes: 04dcbdb80578 ("x86/speculation/mds: Clear CPU buffers on exit to user") +Link: http://lkml.kernel.org/r/999fa9e126ba6a48e9d214d2f18dbde5c62ac55c.1557865329.git.luto@kernel.org +Signed-off-by: Ingo Molnar +Signed-off-by: Greg Kroah-Hartman + +--- + Documentation/x86/mds.rst | 39 +++++++-------------------------------- + 1 file changed, 7 insertions(+), 32 deletions(-) + +--- a/Documentation/x86/mds.rst ++++ b/Documentation/x86/mds.rst +@@ -142,38 +142,13 @@ Mitigation points + mds_user_clear. + + The mitigation is invoked in prepare_exit_to_usermode() which covers +- most of the kernel to user space transitions. There are a few exceptions +- which are not invoking prepare_exit_to_usermode() on return to user +- space. These exceptions use the paranoid exit code. +- +- - Non Maskable Interrupt (NMI): +- +- Access to sensible data like keys, credentials in the NMI context is +- mostly theoretical: The CPU can do prefetching or execute a +- misspeculated code path and thereby fetching data which might end up +- leaking through a buffer. +- +- But for mounting other attacks the kernel stack address of the task is +- already valuable information. So in full mitigation mode, the NMI is +- mitigated on the return from do_nmi() to provide almost complete +- coverage. +- +- - Machine Check Exception (#MC): +- +- Another corner case is a #MC which hits between the CPU buffer clear +- invocation and the actual return to user. As this still is in kernel +- space it takes the paranoid exit path which does not clear the CPU +- buffers. So the #MC handler repopulates the buffers to some +- extent. Machine checks are not reliably controllable and the window is +- extremly small so mitigation would just tick a checkbox that this +- theoretical corner case is covered. To keep the amount of special +- cases small, ignore #MC. +- +- - Debug Exception (#DB): +- +- This takes the paranoid exit path only when the INT1 breakpoint is in +- kernel space. #DB on a user space address takes the regular exit path, +- so no extra mitigation required. ++ all but one of the kernel to user space transitions. The exception ++ is when we return from a Non Maskable Interrupt (NMI), which is ++ handled directly in do_nmi(). ++ ++ (The reason that NMI is special is that prepare_exit_to_usermode() can ++ enable IRQs. In NMI context, NMIs are blocked, and we don't want to ++ enable IRQs with NMIs blocked.) + + + 2. C-State transition diff --git a/queue-4.14/x86-speculation-mds-revert-cpu-buffer-clear-on-double-fault-exit.patch b/queue-4.14/x86-speculation-mds-revert-cpu-buffer-clear-on-double-fault-exit.patch new file mode 100644 index 00000000000..fbd9a3728b0 --- /dev/null +++ b/queue-4.14/x86-speculation-mds-revert-cpu-buffer-clear-on-double-fault-exit.patch @@ -0,0 +1,73 @@ +From 88640e1dcd089879530a49a8d212d1814678dfe7 Mon Sep 17 00:00:00 2001 +From: Andy Lutomirski +Date: Tue, 14 May 2019 13:24:39 -0700 +Subject: x86/speculation/mds: Revert CPU buffer clear on double fault exit + +From: Andy Lutomirski + +commit 88640e1dcd089879530a49a8d212d1814678dfe7 upstream. + +The double fault ESPFIX path doesn't return to user mode at all -- +it returns back to the kernel by simulating a #GP fault. +prepare_exit_to_usermode() will run on the way out of +general_protection before running user code. + +Signed-off-by: Andy Lutomirski +Cc: Borislav Petkov +Cc: Frederic Weisbecker +Cc: Greg Kroah-Hartman +Cc: Jon Masters +Cc: Linus Torvalds +Cc: Peter Zijlstra +Cc: Thomas Gleixner +Cc: stable@vger.kernel.org +Fixes: 04dcbdb80578 ("x86/speculation/mds: Clear CPU buffers on exit to user") +Link: http://lkml.kernel.org/r/ac97612445c0a44ee10374f6ea79c222fe22a5c4.1557865329.git.luto@kernel.org +Signed-off-by: Ingo Molnar +Signed-off-by: Greg Kroah-Hartman + +--- + Documentation/x86/mds.rst | 7 ------- + arch/x86/kernel/traps.c | 8 -------- + 2 files changed, 15 deletions(-) + +--- a/Documentation/x86/mds.rst ++++ b/Documentation/x86/mds.rst +@@ -158,13 +158,6 @@ Mitigation points + mitigated on the return from do_nmi() to provide almost complete + coverage. + +- - Double fault (#DF): +- +- A double fault is usually fatal, but the ESPFIX workaround, which can +- be triggered from user space through modify_ldt(2) is a recoverable +- double fault. #DF uses the paranoid exit path, so explicit mitigation +- in the double fault handler is required. +- + - Machine Check Exception (#MC): + + Another corner case is a #MC which hits between the CPU buffer clear +--- a/arch/x86/kernel/traps.c ++++ b/arch/x86/kernel/traps.c +@@ -58,7 +58,6 @@ + #include + #include + #include +-#include + #include + #include + +@@ -386,13 +385,6 @@ dotraplinkage void do_double_fault(struc + regs->ip = (unsigned long)general_protection; + regs->sp = (unsigned long)&gpregs->orig_ax; + +- /* +- * This situation can be triggered by userspace via +- * modify_ldt(2) and the return does not take the regular +- * user space exit, so a CPU buffer clear is required when +- * MDS mitigation is enabled. +- */ +- mds_user_clear_cpu_buffers(); + return; + } + #endif