From: Greg Kroah-Hartman Date: Sun, 23 Jan 2022 17:04:52 +0000 (+0100) Subject: 5.10-stable patches X-Git-Tag: v4.4.300~111 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=dc54ce497fbe2f02f8e219adc464041757785c3f;p=thirdparty%2Fkernel%2Fstable-queue.git 5.10-stable patches added patches: pci-pci-bridge-emul-correctly-set-pcie-capabilities.patch pci-pci-bridge-emul-fix-definitions-of-reserved-bits.patch pci-pci-bridge-emul-make-expansion-rom-base-address-register-read-only.patch pci-pci-bridge-emul-properly-mark-reserved-pcie-bits-in-pci-config-space.patch pci-pci-bridge-emul-set-pci_status_cap_list-for-pcie-device.patch pci-pciehp-fix-infinite-loop-in-irq-handler-upon-power-fault.patch pci-pciehp-use-down_read-write_nested-reset_lock-to-fix-lockdep-errors.patch pci-xgene-fix-ib-window-setup.patch xfrm-fix-policy-lookup-for-ipv6-gre-packets.patch --- diff --git a/queue-5.10/pci-pci-bridge-emul-correctly-set-pcie-capabilities.patch b/queue-5.10/pci-pci-bridge-emul-correctly-set-pcie-capabilities.patch new file mode 100644 index 00000000000..12612f66c87 --- /dev/null +++ b/queue-5.10/pci-pci-bridge-emul-correctly-set-pcie-capabilities.patch @@ -0,0 +1,89 @@ +From 1f1050c5e1fefb34ac90a506b43e9da803b5f8f7 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Pali=20Roh=C3=A1r?= +Date: Wed, 24 Nov 2021 16:59:43 +0100 +Subject: PCI: pci-bridge-emul: Correctly set PCIe capabilities +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +From: Pali Rohár + +commit 1f1050c5e1fefb34ac90a506b43e9da803b5f8f7 upstream. + +Older mvebu hardware provides PCIe Capability structure only in version 1. +New mvebu and aardvark hardware provides it in version 2. So do not force +version to 2 in pci_bridge_emul_init() and rather allow drivers to set +correct version. Drivers need to set version in pcie_conf.cap field without +overwriting PCI_CAP_LIST_ID register. Both drivers (mvebu and aardvark) do +not provide slot support yet, so do not set PCI_EXP_FLAGS_SLOT flag. + +Link: https://lore.kernel.org/r/20211124155944.1290-6-pali@kernel.org +Fixes: 23a5fba4d941 ("PCI: Introduce PCI bridge emulated config space common logic") +Signed-off-by: Pali Rohár +Signed-off-by: Lorenzo Pieralisi +Cc: stable@vger.kernel.org +Signed-off-by: Greg Kroah-Hartman +--- + drivers/pci/controller/pci-aardvark.c | 4 +++- + drivers/pci/controller/pci-mvebu.c | 8 ++++++++ + drivers/pci/pci-bridge-emul.c | 5 +---- + 3 files changed, 12 insertions(+), 5 deletions(-) + +--- a/drivers/pci/controller/pci-aardvark.c ++++ b/drivers/pci/controller/pci-aardvark.c +@@ -879,7 +879,6 @@ advk_pci_bridge_emul_pcie_conf_read(stru + return PCI_BRIDGE_EMUL_HANDLED; + } + +- case PCI_CAP_LIST_ID: + case PCI_EXP_DEVCAP: + case PCI_EXP_DEVCTL: + *value = advk_readl(pcie, PCIE_CORE_PCIEXP_CAP + reg); +@@ -960,6 +959,9 @@ static int advk_sw_pci_bridge_init(struc + /* Support interrupt A for MSI feature */ + bridge->conf.intpin = PCIE_CORE_INT_A_ASSERT_ENABLE; + ++ /* Aardvark HW provides PCIe Capability structure in version 2 */ ++ bridge->pcie_conf.cap = cpu_to_le16(2); ++ + /* Indicates supports for Completion Retry Status */ + bridge->pcie_conf.rootcap = cpu_to_le16(PCI_EXP_RTCAP_CRSVIS); + +--- a/drivers/pci/controller/pci-mvebu.c ++++ b/drivers/pci/controller/pci-mvebu.c +@@ -573,6 +573,8 @@ static struct pci_bridge_emul_ops mvebu_ + static void mvebu_pci_bridge_emul_init(struct mvebu_pcie_port *port) + { + struct pci_bridge_emul *bridge = &port->bridge; ++ u32 pcie_cap = mvebu_readl(port, PCIE_CAP_PCIEXP); ++ u8 pcie_cap_ver = ((pcie_cap >> 16) & PCI_EXP_FLAGS_VERS); + + bridge->conf.vendor = PCI_VENDOR_ID_MARVELL; + bridge->conf.device = mvebu_readl(port, PCIE_DEV_ID_OFF) >> 16; +@@ -585,6 +587,12 @@ static void mvebu_pci_bridge_emul_init(s + bridge->conf.iolimit = PCI_IO_RANGE_TYPE_32; + } + ++ /* ++ * Older mvebu hardware provides PCIe Capability structure only in ++ * version 1. New hardware provides it in version 2. ++ */ ++ bridge->pcie_conf.cap = cpu_to_le16(pcie_cap_ver); ++ + bridge->has_pcie = true; + bridge->data = port; + bridge->ops = &mvebu_pci_bridge_emul_ops; +--- a/drivers/pci/pci-bridge-emul.c ++++ b/drivers/pci/pci-bridge-emul.c +@@ -297,10 +297,7 @@ int pci_bridge_emul_init(struct pci_brid + if (bridge->has_pcie) { + bridge->conf.capabilities_pointer = PCI_CAP_PCIE_START; + bridge->pcie_conf.cap_id = PCI_CAP_ID_EXP; +- /* Set PCIe v2, root port, slot support */ +- bridge->pcie_conf.cap = +- cpu_to_le16(PCI_EXP_TYPE_ROOT_PORT << 4 | 2 | +- PCI_EXP_FLAGS_SLOT); ++ bridge->pcie_conf.cap |= cpu_to_le16(PCI_EXP_TYPE_ROOT_PORT << 4); + bridge->pcie_cap_regs_behavior = + kmemdup(pcie_cap_regs_behavior, + sizeof(pcie_cap_regs_behavior), diff --git a/queue-5.10/pci-pci-bridge-emul-fix-definitions-of-reserved-bits.patch b/queue-5.10/pci-pci-bridge-emul-fix-definitions-of-reserved-bits.patch new file mode 100644 index 00000000000..e2673308acf --- /dev/null +++ b/queue-5.10/pci-pci-bridge-emul-fix-definitions-of-reserved-bits.patch @@ -0,0 +1,97 @@ +From 12998087d9f48b66965b97412069c7826502cd7e Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Pali=20Roh=C3=A1r?= +Date: Wed, 24 Nov 2021 16:59:42 +0100 +Subject: PCI: pci-bridge-emul: Fix definitions of reserved bits +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +From: Pali Rohár + +commit 12998087d9f48b66965b97412069c7826502cd7e upstream. + +Some bits in PCI_EXP registers are reserved for non-root ports. Driver +pci-bridge-emul.c implements PCIe Root Port device therefore it should not +allow setting reserved bits of registers. + +Properly define non-reserved bits for all PCI_EXP registers. + +Link: https://lore.kernel.org/r/20211124155944.1290-5-pali@kernel.org +Fixes: 23a5fba4d941 ("PCI: Introduce PCI bridge emulated config space common logic") +Signed-off-by: Pali Rohár +Signed-off-by: Lorenzo Pieralisi +Cc: stable@vger.kernel.org +Signed-off-by: Greg Kroah-Hartman +--- + drivers/pci/pci-bridge-emul.c | 36 +++++++++++++++++++++++++----------- + 1 file changed, 25 insertions(+), 11 deletions(-) + +--- a/drivers/pci/pci-bridge-emul.c ++++ b/drivers/pci/pci-bridge-emul.c +@@ -176,41 +176,55 @@ struct pci_bridge_reg_behavior pcie_cap_ + [PCI_CAP_LIST_ID / 4] = { + /* + * Capability ID, Next Capability Pointer and +- * Capabilities register are all read-only. ++ * bits [14:0] of Capabilities register are all read-only. ++ * Bit 15 of Capabilities register is reserved. + */ +- .ro = ~0, ++ .ro = GENMASK(30, 0), + }, + + [PCI_EXP_DEVCAP / 4] = { +- .ro = ~0, ++ /* ++ * Bits [31:29] and [17:16] are reserved. ++ * Bits [27:18] are reserved for non-upstream ports. ++ * Bits 28 and [14:6] are reserved for non-endpoint devices. ++ * Other bits are read-only. ++ */ ++ .ro = BIT(15) | GENMASK(5, 0), + }, + + [PCI_EXP_DEVCTL / 4] = { +- /* Device control register is RW */ +- .rw = GENMASK(15, 0), ++ /* ++ * Device control register is RW, except bit 15 which is ++ * reserved for non-endpoints or non-PCIe-to-PCI/X bridges. ++ */ ++ .rw = GENMASK(14, 0), + + /* + * Device status register has bits 6 and [3:0] W1C, [5:4] RO, +- * the rest is reserved ++ * the rest is reserved. Also bit 6 is reserved for non-upstream ++ * ports. + */ +- .w1c = (BIT(6) | GENMASK(3, 0)) << 16, ++ .w1c = GENMASK(3, 0) << 16, + .ro = GENMASK(5, 4) << 16, + }, + + [PCI_EXP_LNKCAP / 4] = { +- /* All bits are RO, except bit 23 which is reserved */ +- .ro = lower_32_bits(~BIT(23)), ++ /* ++ * All bits are RO, except bit 23 which is reserved and ++ * bit 18 which is reserved for non-upstream ports. ++ */ ++ .ro = lower_32_bits(~(BIT(23) | PCI_EXP_LNKCAP_CLKPM)), + }, + + [PCI_EXP_LNKCTL / 4] = { + /* + * Link control has bits [15:14], [11:3] and [1:0] RW, the +- * rest is reserved. ++ * rest is reserved. Bit 8 is reserved for non-upstream ports. + * + * Link status has bits [13:0] RO, and bits [15:14] + * W1C. + */ +- .rw = GENMASK(15, 14) | GENMASK(11, 3) | GENMASK(1, 0), ++ .rw = GENMASK(15, 14) | GENMASK(11, 9) | GENMASK(7, 3) | GENMASK(1, 0), + .ro = GENMASK(13, 0) << 16, + .w1c = GENMASK(15, 14) << 16, + }, diff --git a/queue-5.10/pci-pci-bridge-emul-make-expansion-rom-base-address-register-read-only.patch b/queue-5.10/pci-pci-bridge-emul-make-expansion-rom-base-address-register-read-only.patch new file mode 100644 index 00000000000..5d25f80eb55 --- /dev/null +++ b/queue-5.10/pci-pci-bridge-emul-make-expansion-rom-base-address-register-read-only.patch @@ -0,0 +1,44 @@ +From 1c1a3b4d3e86b997a313ffb297c1129540882859 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Pali=20Roh=C3=A1r?= +Date: Wed, 24 Nov 2021 16:59:39 +0100 +Subject: PCI: pci-bridge-emul: Make expansion ROM Base Address register read-only +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +From: Pali Rohár + +commit 1c1a3b4d3e86b997a313ffb297c1129540882859 upstream. + +If expansion ROM is unsupported (which is the case of pci-bridge-emul.c +driver) then ROM Base Address register must be implemented as read-only +register that return 0 when read, same as for unused Base Address +registers. + +Link: https://lore.kernel.org/r/20211124155944.1290-2-pali@kernel.org +Fixes: 23a5fba4d941 ("PCI: Introduce PCI bridge emulated config space common logic") +Signed-off-by: Pali Rohár +Signed-off-by: Lorenzo Pieralisi +Cc: stable@vger.kernel.org +Signed-off-by: Greg Kroah-Hartman +--- + drivers/pci/pci-bridge-emul.c | 7 ++++++- + 1 file changed, 6 insertions(+), 1 deletion(-) + +--- a/drivers/pci/pci-bridge-emul.c ++++ b/drivers/pci/pci-bridge-emul.c +@@ -139,8 +139,13 @@ struct pci_bridge_reg_behavior pci_regs_ + .ro = GENMASK(7, 0), + }, + ++ /* ++ * If expansion ROM is unsupported then ROM Base Address register must ++ * be implemented as read-only register that return 0 when read, same ++ * as for unused Base Address registers. ++ */ + [PCI_ROM_ADDRESS1 / 4] = { +- .rw = GENMASK(31, 11) | BIT(0), ++ .ro = ~0, + }, + + /* diff --git a/queue-5.10/pci-pci-bridge-emul-properly-mark-reserved-pcie-bits-in-pci-config-space.patch b/queue-5.10/pci-pci-bridge-emul-properly-mark-reserved-pcie-bits-in-pci-config-space.patch new file mode 100644 index 00000000000..68714080896 --- /dev/null +++ b/queue-5.10/pci-pci-bridge-emul-properly-mark-reserved-pcie-bits-in-pci-config-space.patch @@ -0,0 +1,56 @@ +From 7b067ac63a5730d2fae18399fed7e45f23d36912 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Pali=20Roh=C3=A1r?= +Date: Wed, 24 Nov 2021 16:59:40 +0100 +Subject: PCI: pci-bridge-emul: Properly mark reserved PCIe bits in PCI config space +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +From: Pali Rohár + +commit 7b067ac63a5730d2fae18399fed7e45f23d36912 upstream. + +Some bits in PCI config space are reserved when device is PCIe. Properly +define behavior of PCI registers for PCIe emulated bridge and ensure that +it would not be possible change these reserved bits. + +Link: https://lore.kernel.org/r/20211124155944.1290-3-pali@kernel.org +Fixes: 23a5fba4d941 ("PCI: Introduce PCI bridge emulated config space common logic") +Signed-off-by: Pali Rohár +Signed-off-by: Lorenzo Pieralisi +Cc: stable@vger.kernel.org +Signed-off-by: Greg Kroah-Hartman +--- + drivers/pci/pci-bridge-emul.c | 21 +++++++++++++++++++++ + 1 file changed, 21 insertions(+) + +--- a/drivers/pci/pci-bridge-emul.c ++++ b/drivers/pci/pci-bridge-emul.c +@@ -295,6 +295,27 @@ int pci_bridge_emul_init(struct pci_brid + kfree(bridge->pci_regs_behavior); + return -ENOMEM; + } ++ /* These bits are applicable only for PCI and reserved on PCIe */ ++ bridge->pci_regs_behavior[PCI_CACHE_LINE_SIZE / 4].ro &= ++ ~GENMASK(15, 8); ++ bridge->pci_regs_behavior[PCI_COMMAND / 4].ro &= ++ ~((PCI_COMMAND_SPECIAL | PCI_COMMAND_INVALIDATE | ++ PCI_COMMAND_VGA_PALETTE | PCI_COMMAND_WAIT | ++ PCI_COMMAND_FAST_BACK) | ++ (PCI_STATUS_66MHZ | PCI_STATUS_FAST_BACK | ++ PCI_STATUS_DEVSEL_MASK) << 16); ++ bridge->pci_regs_behavior[PCI_PRIMARY_BUS / 4].ro &= ++ ~GENMASK(31, 24); ++ bridge->pci_regs_behavior[PCI_IO_BASE / 4].ro &= ++ ~((PCI_STATUS_66MHZ | PCI_STATUS_FAST_BACK | ++ PCI_STATUS_DEVSEL_MASK) << 16); ++ bridge->pci_regs_behavior[PCI_INTERRUPT_LINE / 4].rw &= ++ ~((PCI_BRIDGE_CTL_MASTER_ABORT | ++ BIT(8) | BIT(9) | BIT(11)) << 16); ++ bridge->pci_regs_behavior[PCI_INTERRUPT_LINE / 4].ro &= ++ ~((PCI_BRIDGE_CTL_FAST_BACK) << 16); ++ bridge->pci_regs_behavior[PCI_INTERRUPT_LINE / 4].w1c &= ++ ~(BIT(10) << 16); + } + + if (flags & PCI_BRIDGE_EMUL_NO_PREFETCHABLE_BAR) { diff --git a/queue-5.10/pci-pci-bridge-emul-set-pci_status_cap_list-for-pcie-device.patch b/queue-5.10/pci-pci-bridge-emul-set-pci_status_cap_list-for-pcie-device.patch new file mode 100644 index 00000000000..4d8926533c7 --- /dev/null +++ b/queue-5.10/pci-pci-bridge-emul-set-pci_status_cap_list-for-pcie-device.patch @@ -0,0 +1,38 @@ +From 3be9d243b21724d49b65043d4520d688b6040b36 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Pali=20Roh=C3=A1r?= +Date: Wed, 24 Nov 2021 16:59:44 +0100 +Subject: PCI: pci-bridge-emul: Set PCI_STATUS_CAP_LIST for PCIe device +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +From: Pali Rohár + +commit 3be9d243b21724d49b65043d4520d688b6040b36 upstream. + +Since all PCI Express device Functions are required to implement the PCI +Express Capability structure, Capabilities List bit in PCI Status Register +must be hardwired to 1b. Capabilities Pointer register (which is already +set by pci-bride-emul.c driver) is valid only when Capabilities List is set +to 1b. + +Link: https://lore.kernel.org/r/20211124155944.1290-7-pali@kernel.org +Fixes: 23a5fba4d941 ("PCI: Introduce PCI bridge emulated config space common logic") +Signed-off-by: Pali Rohár +Signed-off-by: Lorenzo Pieralisi +Cc: stable@vger.kernel.org +Signed-off-by: Greg Kroah-Hartman +--- + drivers/pci/pci-bridge-emul.c | 1 + + 1 file changed, 1 insertion(+) + +--- a/drivers/pci/pci-bridge-emul.c ++++ b/drivers/pci/pci-bridge-emul.c +@@ -296,6 +296,7 @@ int pci_bridge_emul_init(struct pci_brid + + if (bridge->has_pcie) { + bridge->conf.capabilities_pointer = PCI_CAP_PCIE_START; ++ bridge->conf.status |= cpu_to_le16(PCI_STATUS_CAP_LIST); + bridge->pcie_conf.cap_id = PCI_CAP_ID_EXP; + bridge->pcie_conf.cap |= cpu_to_le16(PCI_EXP_TYPE_ROOT_PORT << 4); + bridge->pcie_cap_regs_behavior = diff --git a/queue-5.10/pci-pciehp-fix-infinite-loop-in-irq-handler-upon-power-fault.patch b/queue-5.10/pci-pciehp-fix-infinite-loop-in-irq-handler-upon-power-fault.patch new file mode 100644 index 00000000000..2c812afab0d --- /dev/null +++ b/queue-5.10/pci-pciehp-fix-infinite-loop-in-irq-handler-upon-power-fault.patch @@ -0,0 +1,76 @@ +From 23584c1ed3e15a6f4bfab8dc5a88d94ab929ee12 Mon Sep 17 00:00:00 2001 +From: Lukas Wunner +Date: Wed, 17 Nov 2021 23:22:09 +0100 +Subject: PCI: pciehp: Fix infinite loop in IRQ handler upon power fault + +From: Lukas Wunner + +commit 23584c1ed3e15a6f4bfab8dc5a88d94ab929ee12 upstream. + +The Power Fault Detected bit in the Slot Status register differs from +all other hotplug events in that it is sticky: It can only be cleared +after turning off slot power. Per PCIe r5.0, sec. 6.7.1.8: + + If a power controller detects a main power fault on the hot-plug slot, + it must automatically set its internal main power fault latch [...]. + The main power fault latch is cleared when software turns off power to + the hot-plug slot. + +The stickiness used to cause interrupt storms and infinite loops which +were fixed in 2009 by commits 5651c48cfafe ("PCI pciehp: fix power fault +interrupt storm problem") and 99f0169c17f3 ("PCI: pciehp: enable +software notification on empty slots"). + +Unfortunately in 2020 the infinite loop issue was inadvertently +reintroduced by commit 8edf5332c393 ("PCI: pciehp: Fix MSI interrupt +race"): The hardirq handler pciehp_isr() clears the PFD bit until +pciehp's power_fault_detected flag is set. That happens in the IRQ +thread pciehp_ist(), which never learns of the event because the hardirq +handler is stuck in an infinite loop. Fix by setting the +power_fault_detected flag already in the hardirq handler. + +Link: https://bugzilla.kernel.org/show_bug.cgi?id=214989 +Link: https://lore.kernel.org/linux-pci/DM8PR11MB5702255A6A92F735D90A4446868B9@DM8PR11MB5702.namprd11.prod.outlook.com +Fixes: 8edf5332c393 ("PCI: pciehp: Fix MSI interrupt race") +Link: https://lore.kernel.org/r/66eaeef31d4997ceea357ad93259f290ededecfd.1637187226.git.lukas@wunner.de +Reported-by: Joseph Bao +Tested-by: Joseph Bao +Signed-off-by: Lukas Wunner +Signed-off-by: Bjorn Helgaas +Cc: stable@vger.kernel.org # v4.19+ +Cc: Stuart Hayes +Signed-off-by: Greg Kroah-Hartman +--- + drivers/pci/hotplug/pciehp_hpc.c | 7 ++++--- + 1 file changed, 4 insertions(+), 3 deletions(-) + +--- a/drivers/pci/hotplug/pciehp_hpc.c ++++ b/drivers/pci/hotplug/pciehp_hpc.c +@@ -642,6 +642,8 @@ read_status: + */ + if (ctrl->power_fault_detected) + status &= ~PCI_EXP_SLTSTA_PFD; ++ else if (status & PCI_EXP_SLTSTA_PFD) ++ ctrl->power_fault_detected = true; + + events |= status; + if (!events) { +@@ -651,7 +653,7 @@ read_status: + } + + if (status) { +- pcie_capability_write_word(pdev, PCI_EXP_SLTSTA, events); ++ pcie_capability_write_word(pdev, PCI_EXP_SLTSTA, status); + + /* + * In MSI mode, all event bits must be zero before the port +@@ -725,8 +727,7 @@ static irqreturn_t pciehp_ist(int irq, v + } + + /* Check Power Fault Detected */ +- if ((events & PCI_EXP_SLTSTA_PFD) && !ctrl->power_fault_detected) { +- ctrl->power_fault_detected = 1; ++ if (events & PCI_EXP_SLTSTA_PFD) { + ctrl_err(ctrl, "Slot(%s): Power fault\n", slot_name(ctrl)); + pciehp_set_indicators(ctrl, PCI_EXP_SLTCTL_PWR_IND_OFF, + PCI_EXP_SLTCTL_ATTN_IND_ON); diff --git a/queue-5.10/pci-pciehp-use-down_read-write_nested-reset_lock-to-fix-lockdep-errors.patch b/queue-5.10/pci-pciehp-use-down_read-write_nested-reset_lock-to-fix-lockdep-errors.patch new file mode 100644 index 00000000000..e99af90c7a4 --- /dev/null +++ b/queue-5.10/pci-pciehp-use-down_read-write_nested-reset_lock-to-fix-lockdep-errors.patch @@ -0,0 +1,190 @@ +From 085a9f43433f30cbe8a1ade62d9d7827c3217f4d Mon Sep 17 00:00:00 2001 +From: Hans de Goede +Date: Fri, 17 Dec 2021 15:17:09 +0100 +Subject: PCI: pciehp: Use down_read/write_nested(reset_lock) to fix lockdep errors + +From: Hans de Goede + +commit 085a9f43433f30cbe8a1ade62d9d7827c3217f4d upstream. + +Use down_read_nested() and down_write_nested() when taking the +ctrl->reset_lock rw-sem, passing the number of PCIe hotplug controllers in +the path to the PCI root bus as lock subclass parameter. + +This fixes the following false-positive lockdep report when unplugging a +Lenovo X1C8 from a Lenovo 2nd gen TB3 dock: + + pcieport 0000:06:01.0: pciehp: Slot(1): Link Down + pcieport 0000:06:01.0: pciehp: Slot(1): Card not present + ============================================ + WARNING: possible recursive locking detected + 5.16.0-rc2+ #621 Not tainted + -------------------------------------------- + irq/124-pciehp/86 is trying to acquire lock: + ffff8e5ac4299ef8 (&ctrl->reset_lock){.+.+}-{3:3}, at: pciehp_check_presence+0x23/0x80 + + but task is already holding lock: + ffff8e5ac4298af8 (&ctrl->reset_lock){.+.+}-{3:3}, at: pciehp_ist+0xf3/0x180 + + other info that might help us debug this: + Possible unsafe locking scenario: + + CPU0 + ---- + lock(&ctrl->reset_lock); + lock(&ctrl->reset_lock); + + *** DEADLOCK *** + + May be due to missing lock nesting notation + + 3 locks held by irq/124-pciehp/86: + #0: ffff8e5ac4298af8 (&ctrl->reset_lock){.+.+}-{3:3}, at: pciehp_ist+0xf3/0x180 + #1: ffffffffa3b024e8 (pci_rescan_remove_lock){+.+.}-{3:3}, at: pciehp_unconfigure_device+0x31/0x110 + #2: ffff8e5ac1ee2248 (&dev->mutex){....}-{3:3}, at: device_release_driver+0x1c/0x40 + + stack backtrace: + CPU: 4 PID: 86 Comm: irq/124-pciehp Not tainted 5.16.0-rc2+ #621 + Hardware name: LENOVO 20U90SIT19/20U90SIT19, BIOS N2WET30W (1.20 ) 08/26/2021 + Call Trace: + + dump_stack_lvl+0x59/0x73 + __lock_acquire.cold+0xc5/0x2c6 + lock_acquire+0xb5/0x2b0 + down_read+0x3e/0x50 + pciehp_check_presence+0x23/0x80 + pciehp_runtime_resume+0x5c/0xa0 + device_for_each_child+0x45/0x70 + pcie_port_device_runtime_resume+0x20/0x30 + pci_pm_runtime_resume+0xa7/0xc0 + __rpm_callback+0x41/0x110 + rpm_callback+0x59/0x70 + rpm_resume+0x512/0x7b0 + __pm_runtime_resume+0x4a/0x90 + __device_release_driver+0x28/0x240 + device_release_driver+0x26/0x40 + pci_stop_bus_device+0x68/0x90 + pci_stop_bus_device+0x2c/0x90 + pci_stop_and_remove_bus_device+0xe/0x20 + pciehp_unconfigure_device+0x6c/0x110 + pciehp_disable_slot+0x5b/0xe0 + pciehp_handle_presence_or_link_change+0xc3/0x2f0 + pciehp_ist+0x179/0x180 + +This lockdep warning is triggered because with Thunderbolt, hotplug ports +are nested. When removing multiple devices in a daisy-chain, each hotplug +port's reset_lock may be acquired recursively. It's never the same lock, so +the lockdep splat is a false positive. + +Because locks at the same hierarchy level are never acquired recursively, a +per-level lockdep class is sufficient to fix the lockdep warning. + +The choice to use one lockdep subclass per pcie-hotplug controller in the +path to the root-bus was made to conserve class keys because their number +is limited and the complexity grows quadratically with number of keys +according to Documentation/locking/lockdep-design.rst. + +Link: https://lore.kernel.org/linux-pci/20190402021933.GA2966@mit.edu/ +Link: https://lore.kernel.org/linux-pci/de684a28-9038-8fc6-27ca-3f6f2f6400d7@redhat.com/ +Link: https://lore.kernel.org/r/20211217141709.379663-1-hdegoede@redhat.com +Link: https://bugzilla.kernel.org/show_bug.cgi?id=208855 +Reported-by: "Theodore Ts'o" +Signed-off-by: Hans de Goede +Signed-off-by: Bjorn Helgaas +Reviewed-by: Lukas Wunner +Cc: stable@vger.kernel.org +Signed-off-by: Greg Kroah-Hartman +--- + drivers/pci/hotplug/pciehp.h | 3 +++ + drivers/pci/hotplug/pciehp_core.c | 2 +- + drivers/pci/hotplug/pciehp_hpc.c | 21 ++++++++++++++++++--- + 3 files changed, 22 insertions(+), 4 deletions(-) + +--- a/drivers/pci/hotplug/pciehp.h ++++ b/drivers/pci/hotplug/pciehp.h +@@ -72,6 +72,8 @@ extern int pciehp_poll_time; + * @reset_lock: prevents access to the Data Link Layer Link Active bit in the + * Link Status register and to the Presence Detect State bit in the Slot + * Status register during a slot reset which may cause them to flap ++ * @depth: Number of additional hotplug ports in the path to the root bus, ++ * used as lock subclass for @reset_lock + * @ist_running: flag to keep user request waiting while IRQ thread is running + * @request_result: result of last user request submitted to the IRQ thread + * @requester: wait queue to wake up on completion of user request, +@@ -103,6 +105,7 @@ struct controller { + + struct hotplug_slot hotplug_slot; /* hotplug core interface */ + struct rw_semaphore reset_lock; ++ unsigned int depth; + unsigned int ist_running; + int request_result; + wait_queue_head_t requester; +--- a/drivers/pci/hotplug/pciehp_core.c ++++ b/drivers/pci/hotplug/pciehp_core.c +@@ -166,7 +166,7 @@ static void pciehp_check_presence(struct + { + int occupied; + +- down_read(&ctrl->reset_lock); ++ down_read_nested(&ctrl->reset_lock, ctrl->depth); + mutex_lock(&ctrl->state_lock); + + occupied = pciehp_card_present_or_link_active(ctrl); +--- a/drivers/pci/hotplug/pciehp_hpc.c ++++ b/drivers/pci/hotplug/pciehp_hpc.c +@@ -583,7 +583,7 @@ static void pciehp_ignore_dpc_link_chang + * the corresponding link change may have been ignored above. + * Synthesize it to ensure that it is acted on. + */ +- down_read(&ctrl->reset_lock); ++ down_read_nested(&ctrl->reset_lock, ctrl->depth); + if (!pciehp_check_link_active(ctrl)) + pciehp_request(ctrl, PCI_EXP_SLTSTA_DLLSC); + up_read(&ctrl->reset_lock); +@@ -746,7 +746,7 @@ static irqreturn_t pciehp_ist(int irq, v + * Disable requests have higher priority than Presence Detect Changed + * or Data Link Layer State Changed events. + */ +- down_read(&ctrl->reset_lock); ++ down_read_nested(&ctrl->reset_lock, ctrl->depth); + if (events & DISABLE_SLOT) + pciehp_handle_disable_request(ctrl); + else if (events & (PCI_EXP_SLTSTA_PDC | PCI_EXP_SLTSTA_DLLSC)) +@@ -880,7 +880,7 @@ int pciehp_reset_slot(struct hotplug_slo + if (probe) + return 0; + +- down_write(&ctrl->reset_lock); ++ down_write_nested(&ctrl->reset_lock, ctrl->depth); + + if (!ATTN_BUTTN(ctrl)) { + ctrl_mask |= PCI_EXP_SLTCTL_PDCE; +@@ -936,6 +936,20 @@ static inline void dbg_ctrl(struct contr + + #define FLAG(x, y) (((x) & (y)) ? '+' : '-') + ++static inline int pcie_hotplug_depth(struct pci_dev *dev) ++{ ++ struct pci_bus *bus = dev->bus; ++ int depth = 0; ++ ++ while (bus->parent) { ++ bus = bus->parent; ++ if (bus->self && bus->self->is_hotplug_bridge) ++ depth++; ++ } ++ ++ return depth; ++} ++ + struct controller *pcie_init(struct pcie_device *dev) + { + struct controller *ctrl; +@@ -949,6 +963,7 @@ struct controller *pcie_init(struct pcie + return NULL; + + ctrl->pcie = dev; ++ ctrl->depth = pcie_hotplug_depth(dev->port); + pcie_capability_read_dword(pdev, PCI_EXP_SLTCAP, &slot_cap); + + if (pdev->hotplug_user_indicators) diff --git a/queue-5.10/pci-xgene-fix-ib-window-setup.patch b/queue-5.10/pci-xgene-fix-ib-window-setup.patch new file mode 100644 index 00000000000..561683c5b27 --- /dev/null +++ b/queue-5.10/pci-xgene-fix-ib-window-setup.patch @@ -0,0 +1,46 @@ +From c7a75d07827a1f33d566e18e6098379cc2a0c2b2 Mon Sep 17 00:00:00 2001 +From: Rob Herring +Date: Mon, 29 Nov 2021 11:36:37 -0600 +Subject: PCI: xgene: Fix IB window setup +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +From: Rob Herring + +commit c7a75d07827a1f33d566e18e6098379cc2a0c2b2 upstream. + +Commit 6dce5aa59e0b ("PCI: xgene: Use inbound resources for setup") +broke PCI support on XGene. The cause is the IB resources are now sorted +in address order instead of being in DT dma-ranges order. The result is +which inbound registers are used for each region are swapped. I don't +know the details about this h/w, but it appears that IB region 0 +registers can't handle a size greater than 4GB. In any case, limiting +the size for region 0 is enough to get back to the original assignment +of dma-ranges to regions. + +Link: https://lore.kernel.org/all/CA+enf=v9rY_xnZML01oEgKLmvY1NGBUUhnSJaETmXtDtXfaczA@mail.gmail.com/ +Link: https://lore.kernel.org/r/20211129173637.303201-1-robh@kernel.org +Fixes: 6dce5aa59e0b ("PCI: xgene: Use inbound resources for setup") +Reported-by: Stéphane Graber +Tested-by: Stéphane Graber +Signed-off-by: Rob Herring +Signed-off-by: Lorenzo Pieralisi +Reviewed-by: Krzysztof Wilczyński +Cc: stable@vger.kernel.org # v5.5+ +Signed-off-by: Greg Kroah-Hartman +--- + drivers/pci/controller/pci-xgene.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/drivers/pci/controller/pci-xgene.c ++++ b/drivers/pci/controller/pci-xgene.c +@@ -467,7 +467,7 @@ static int xgene_pcie_select_ib_reg(u8 * + return 1; + } + +- if ((size > SZ_1K) && (size < SZ_1T) && !(*ib_reg_mask & (1 << 0))) { ++ if ((size > SZ_1K) && (size < SZ_4G) && !(*ib_reg_mask & (1 << 0))) { + *ib_reg_mask |= (1 << 0); + return 0; + } diff --git a/queue-5.10/series b/queue-5.10/series index be781f89f8e..fdb8100e099 100644 --- a/queue-5.10/series +++ b/queue-5.10/series @@ -457,3 +457,12 @@ drm-nouveau-kms-nv04-use-vzalloc-for-nv04_display.patch drm-bridge-analogix_dp-make-psr-exit-block-less.patch parisc-fix-lpa-and-lpa_user-defines.patch powerpc-64s-radix-fix-huge-vmap-false-positive.patch +pci-xgene-fix-ib-window-setup.patch +pci-pciehp-use-down_read-write_nested-reset_lock-to-fix-lockdep-errors.patch +pci-pciehp-fix-infinite-loop-in-irq-handler-upon-power-fault.patch +pci-pci-bridge-emul-make-expansion-rom-base-address-register-read-only.patch +pci-pci-bridge-emul-properly-mark-reserved-pcie-bits-in-pci-config-space.patch +pci-pci-bridge-emul-fix-definitions-of-reserved-bits.patch +pci-pci-bridge-emul-correctly-set-pcie-capabilities.patch +pci-pci-bridge-emul-set-pci_status_cap_list-for-pcie-device.patch +xfrm-fix-policy-lookup-for-ipv6-gre-packets.patch diff --git a/queue-5.10/xfrm-fix-policy-lookup-for-ipv6-gre-packets.patch b/queue-5.10/xfrm-fix-policy-lookup-for-ipv6-gre-packets.patch new file mode 100644 index 00000000000..55020e2acfb --- /dev/null +++ b/queue-5.10/xfrm-fix-policy-lookup-for-ipv6-gre-packets.patch @@ -0,0 +1,100 @@ +From bcf141b2eb551b3477b24997ebc09c65f117a803 Mon Sep 17 00:00:00 2001 +From: Ghalem Boudour +Date: Fri, 19 Nov 2021 18:20:16 +0100 +Subject: xfrm: fix policy lookup for ipv6 gre packets + +From: Ghalem Boudour + +commit bcf141b2eb551b3477b24997ebc09c65f117a803 upstream. + +On egress side, xfrm lookup is called from __gre6_xmit() with the +fl6_gre_key field not initialized leading to policies selectors check +failure. Consequently, gre packets are sent without encryption. + +On ingress side, INET6_PROTO_NOPOLICY was set, thus packets were not +checked against xfrm policies. Like for egress side, fl6_gre_key should be +correctly set, this is now done in decode_session6(). + +Fixes: c12b395a4664 ("gre: Support GRE over IPv6") +Cc: stable@vger.kernel.org +Signed-off-by: Ghalem Boudour +Signed-off-by: Nicolas Dichtel +Signed-off-by: Steffen Klassert +Signed-off-by: Greg Kroah-Hartman +--- + net/ipv6/ip6_gre.c | 5 ++++- + net/xfrm/xfrm_policy.c | 21 +++++++++++++++++++++ + 2 files changed, 25 insertions(+), 1 deletion(-) + +--- a/net/ipv6/ip6_gre.c ++++ b/net/ipv6/ip6_gre.c +@@ -755,6 +755,7 @@ static netdev_tx_t __gre6_xmit(struct sk + fl6->daddr = key->u.ipv6.dst; + fl6->flowlabel = key->label; + fl6->flowi6_uid = sock_net_uid(dev_net(dev), NULL); ++ fl6->fl6_gre_key = tunnel_id_to_key32(key->tun_id); + + dsfield = key->tos; + flags = key->tun_flags & +@@ -990,6 +991,7 @@ static netdev_tx_t ip6erspan_tunnel_xmit + fl6.daddr = key->u.ipv6.dst; + fl6.flowlabel = key->label; + fl6.flowi6_uid = sock_net_uid(dev_net(dev), NULL); ++ fl6.fl6_gre_key = tunnel_id_to_key32(key->tun_id); + + dsfield = key->tos; + if (!(tun_info->key.tun_flags & TUNNEL_ERSPAN_OPT)) +@@ -1098,6 +1100,7 @@ static void ip6gre_tnl_link_config_commo + fl6->flowi6_oif = p->link; + fl6->flowlabel = 0; + fl6->flowi6_proto = IPPROTO_GRE; ++ fl6->fl6_gre_key = t->parms.o_key; + + if (!(p->flags&IP6_TNL_F_USE_ORIG_TCLASS)) + fl6->flowlabel |= IPV6_TCLASS_MASK & p->flowinfo; +@@ -1543,7 +1546,7 @@ static void ip6gre_fb_tunnel_init(struct + static struct inet6_protocol ip6gre_protocol __read_mostly = { + .handler = gre_rcv, + .err_handler = ip6gre_err, +- .flags = INET6_PROTO_NOPOLICY|INET6_PROTO_FINAL, ++ .flags = INET6_PROTO_FINAL, + }; + + static void ip6gre_destroy_tunnels(struct net *net, struct list_head *head) +--- a/net/xfrm/xfrm_policy.c ++++ b/net/xfrm/xfrm_policy.c +@@ -33,6 +33,7 @@ + #include + #include + #include ++#include + #if IS_ENABLED(CONFIG_IPV6_MIP6) + #include + #endif +@@ -3455,6 +3456,26 @@ decode_session6(struct sk_buff *skb, str + } + fl6->flowi6_proto = nexthdr; + return; ++ case IPPROTO_GRE: ++ if (!onlyproto && ++ (nh + offset + 12 < skb->data || ++ pskb_may_pull(skb, nh + offset + 12 - skb->data))) { ++ struct gre_base_hdr *gre_hdr; ++ __be32 *gre_key; ++ ++ nh = skb_network_header(skb); ++ gre_hdr = (struct gre_base_hdr *)(nh + offset); ++ gre_key = (__be32 *)(gre_hdr + 1); ++ ++ if (gre_hdr->flags & GRE_KEY) { ++ if (gre_hdr->flags & GRE_CSUM) ++ gre_key++; ++ fl6->fl6_gre_key = *gre_key; ++ } ++ } ++ fl6->flowi6_proto = nexthdr; ++ return; ++ + #if IS_ENABLED(CONFIG_IPV6_MIP6) + case IPPROTO_MH: + offset += ipv6_optlen(exthdr);