From: Greg Kroah-Hartman Date: Mon, 4 Apr 2022 10:07:57 +0000 (+0200) Subject: 5.16-stable patches X-Git-Tag: v5.17.2~73 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=dcc3b7ca8f7b49238baf760ad6f8191b94b58b02;p=thirdparty%2Fkernel%2Fstable-queue.git 5.16-stable patches added patches: af_unix-support-pollpri-for-oob.patch arm-9187-1-jive-fix-return-value-of-__setup-handler.patch libbpf-define-btf_kind_-constants-in-btf.h-to-avoid-compilation-errors.patch mm-memcontrol-return-1-from-cgroup.memory-__setup-handler.patch mm-mmap-return-1-from-stack_guard_gap-__setup-handler.patch mm-usercopy-return-1-from-hardened_usercopy-__setup-handler.patch --- diff --git a/queue-5.16/af_unix-support-pollpri-for-oob.patch b/queue-5.16/af_unix-support-pollpri-for-oob.patch new file mode 100644 index 00000000000..47c2be89288 --- /dev/null +++ b/queue-5.16/af_unix-support-pollpri-for-oob.patch @@ -0,0 +1,55 @@ +From d9a232d435dcc966738b0f414a86f7edf4f4c8c4 Mon Sep 17 00:00:00 2001 +From: Kuniyuki Iwashima +Date: Thu, 17 Mar 2022 12:08:09 +0900 +Subject: af_unix: Support POLLPRI for OOB. + +From: Kuniyuki Iwashima + +commit d9a232d435dcc966738b0f414a86f7edf4f4c8c4 upstream. + +The commit 314001f0bf92 ("af_unix: Add OOB support") introduced OOB for +AF_UNIX, but it lacks some changes for POLLPRI. Let's add the missing +piece. + +In the selftest, normal datagrams are sent followed by OOB data, so this +commit replaces `POLLIN | POLLPRI` with just `POLLPRI` in the first test +case. + +Fixes: 314001f0bf92 ("af_unix: Add OOB support") +Signed-off-by: Kuniyuki Iwashima +Signed-off-by: David S. Miller +Signed-off-by: Greg Kroah-Hartman +--- + net/unix/af_unix.c | 4 ++++ + tools/testing/selftests/net/af_unix/test_unix_oob.c | 6 +++--- + 2 files changed, 7 insertions(+), 3 deletions(-) + +--- a/net/unix/af_unix.c ++++ b/net/unix/af_unix.c +@@ -3049,6 +3049,10 @@ static __poll_t unix_poll(struct file *f + mask |= EPOLLIN | EPOLLRDNORM; + if (sk_is_readable(sk)) + mask |= EPOLLIN | EPOLLRDNORM; ++#if IS_ENABLED(CONFIG_AF_UNIX_OOB) ++ if (READ_ONCE(unix_sk(sk)->oob_skb)) ++ mask |= EPOLLPRI; ++#endif + + /* Connection-based need to check for termination and startup */ + if ((sk->sk_type == SOCK_STREAM || sk->sk_type == SOCK_SEQPACKET) && +--- a/tools/testing/selftests/net/af_unix/test_unix_oob.c ++++ b/tools/testing/selftests/net/af_unix/test_unix_oob.c +@@ -218,10 +218,10 @@ main(int argc, char **argv) + + /* Test 1: + * veriyf that SIGURG is +- * delivered and 63 bytes are +- * read and oob is '@' ++ * delivered, 63 bytes are ++ * read, oob is '@', and POLLPRI works. + */ +- wait_for_data(pfd, POLLIN | POLLPRI); ++ wait_for_data(pfd, POLLPRI); + read_oob(pfd, &oob); + len = read_data(pfd, buf, 1024); + if (!signal_recvd || len != 63 || oob != '@') { diff --git a/queue-5.16/arm-9187-1-jive-fix-return-value-of-__setup-handler.patch b/queue-5.16/arm-9187-1-jive-fix-return-value-of-__setup-handler.patch new file mode 100644 index 00000000000..08f01772090 --- /dev/null +++ b/queue-5.16/arm-9187-1-jive-fix-return-value-of-__setup-handler.patch @@ -0,0 +1,56 @@ +From 8b2360c7157b462c4870d447d1e65d30ef31f9aa Mon Sep 17 00:00:00 2001 +From: Randy Dunlap +Date: Sat, 12 Mar 2022 07:36:09 +0100 +Subject: ARM: 9187/1: JIVE: fix return value of __setup handler + +From: Randy Dunlap + +commit 8b2360c7157b462c4870d447d1e65d30ef31f9aa upstream. + +__setup() handlers should return 1 to obsolete_checksetup() in +init/main.c to indicate that the boot option has been handled. +A return of 0 causes the boot option/value to be listed as an Unknown +kernel parameter and added to init's (limited) argument or environment +strings. Also, error return codes don't mean anything to +obsolete_checksetup() -- only non-zero (usually 1) or zero. +So return 1 from jive_mtdset(). + +Fixes: 9db829f485c5 ("[ARM] JIVE: Initial machine support for Logitech Jive") +Signed-off-by: Randy Dunlap +Cc: Ben Dooks +Cc: Krzysztof Kozlowski +Cc: Alim Akhtar +Cc: linux-arm-kernel@lists.infradead.org +Cc: linux-samsung-soc@vger.kernel.org +Cc: patches@armlinux.org.uk +Signed-off-by: Russell King (Oracle) +Signed-off-by: Greg Kroah-Hartman +--- + arch/arm/mach-s3c/mach-jive.c | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +--- a/arch/arm/mach-s3c/mach-jive.c ++++ b/arch/arm/mach-s3c/mach-jive.c +@@ -236,11 +236,11 @@ static int __init jive_mtdset(char *opti + unsigned long set; + + if (options == NULL || options[0] == '\0') +- return 0; ++ return 1; + + if (kstrtoul(options, 10, &set)) { + printk(KERN_ERR "failed to parse mtdset=%s\n", options); +- return 0; ++ return 1; + } + + switch (set) { +@@ -255,7 +255,7 @@ static int __init jive_mtdset(char *opti + "using default.", set); + } + +- return 0; ++ return 1; + } + + /* parse the mtdset= option given to the kernel command line */ diff --git a/queue-5.16/libbpf-define-btf_kind_-constants-in-btf.h-to-avoid-compilation-errors.patch b/queue-5.16/libbpf-define-btf_kind_-constants-in-btf.h-to-avoid-compilation-errors.patch new file mode 100644 index 00000000000..df5e889fb40 --- /dev/null +++ b/queue-5.16/libbpf-define-btf_kind_-constants-in-btf.h-to-avoid-compilation-errors.patch @@ -0,0 +1,72 @@ +From eaa266d83a3730a15de2ceebcc89e8f6290e8cf6 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Toke=20H=C3=B8iland-J=C3=B8rgensen?= +Date: Tue, 18 Jan 2022 15:13:27 +0100 +Subject: libbpf: Define BTF_KIND_* constants in btf.h to avoid compilation errors +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +From: Toke Høiland-Jørgensen + +commit eaa266d83a3730a15de2ceebcc89e8f6290e8cf6 upstream. + +The btf.h header included with libbpf contains inline helper functions to +check for various BTF kinds. These helpers directly reference the +BTF_KIND_* constants defined in the kernel header, and because the header +file is included in user applications, this happens in the user application +compile units. + +This presents a problem if a user application is compiled on a system with +older kernel headers because the constants are not available. To avoid +this, add #defines of the constants directly in btf.h before using them. + +Since the kernel header moved to an enum for BTF_KIND_*, the #defines can +shadow the enum values without any errors, so we only need #ifndef guards +for the constants that predates the conversion to enum. We group these so +there's only one guard for groups of values that were added together. + + [0] Closes: https://github.com/libbpf/libbpf/issues/436 + +Fixes: 223f903e9c83 ("bpf: Rename BTF_KIND_TAG to BTF_KIND_DECL_TAG") +Fixes: 5b84bd10363e ("libbpf: Add support for BTF_KIND_TAG") +Signed-off-by: Toke Høiland-Jørgensen +Signed-off-by: Andrii Nakryiko +Acked-by: Arnaldo Carvalho de Melo +Link: https://lore.kernel.org/bpf/20220118141327.34231-1-toke@redhat.com +Signed-off-by: Greg Kroah-Hartman +--- + tools/lib/bpf/btf.h | 22 +++++++++++++++++++++- + 1 file changed, 21 insertions(+), 1 deletion(-) + +--- a/tools/lib/bpf/btf.h ++++ b/tools/lib/bpf/btf.h +@@ -313,8 +313,28 @@ btf_dump__dump_type_data(struct btf_dump + const struct btf_dump_type_data_opts *opts); + + /* +- * A set of helpers for easier BTF types handling ++ * A set of helpers for easier BTF types handling. ++ * ++ * The inline functions below rely on constants from the kernel headers which ++ * may not be available for applications including this header file. To avoid ++ * compilation errors, we define all the constants here that were added after ++ * the initial introduction of the BTF_KIND* constants. + */ ++#ifndef BTF_KIND_FUNC ++#define BTF_KIND_FUNC 12 /* Function */ ++#define BTF_KIND_FUNC_PROTO 13 /* Function Proto */ ++#endif ++#ifndef BTF_KIND_VAR ++#define BTF_KIND_VAR 14 /* Variable */ ++#define BTF_KIND_DATASEC 15 /* Section */ ++#endif ++#ifndef BTF_KIND_FLOAT ++#define BTF_KIND_FLOAT 16 /* Floating point */ ++#endif ++/* The kernel header switched to enums, so these two were never #defined */ ++#define BTF_KIND_DECL_TAG 17 /* Decl Tag */ ++#define BTF_KIND_TYPE_TAG 18 /* Type Tag */ ++ + static inline __u16 btf_kind(const struct btf_type *t) + { + return BTF_INFO_KIND(t->info); diff --git a/queue-5.16/mm-memcontrol-return-1-from-cgroup.memory-__setup-handler.patch b/queue-5.16/mm-memcontrol-return-1-from-cgroup.memory-__setup-handler.patch new file mode 100644 index 00000000000..e2af738b16b --- /dev/null +++ b/queue-5.16/mm-memcontrol-return-1-from-cgroup.memory-__setup-handler.patch @@ -0,0 +1,58 @@ +From 460a79e18842caca6fa0c415de4a3ac1e671ac50 Mon Sep 17 00:00:00 2001 +From: Randy Dunlap +Date: Tue, 22 Mar 2022 14:40:31 -0700 +Subject: mm/memcontrol: return 1 from cgroup.memory __setup() handler +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +From: Randy Dunlap + +commit 460a79e18842caca6fa0c415de4a3ac1e671ac50 upstream. + +__setup() handlers should return 1 if the command line option is handled +and 0 if not (or maybe never return 0; it just pollutes init's +environment). + +The only reason that this particular __setup handler does not pollute +init's environment is that the setup string contains a '.', as in +"cgroup.memory". This causes init/main.c::unknown_boottoption() to +consider it to be an "Unused module parameter" and ignore it. (This is +for parsing of loadable module parameters any time after kernel init.) +Otherwise the string "cgroup.memory=whatever" would be added to init's +environment strings. + +Instead of relying on this '.' quirk, just return 1 to indicate that the +boot option has been handled. + +Note that there is no warning message if someone enters: + cgroup.memory=anything_invalid + +Link: https://lkml.kernel.org/r/20220222005811.10672-1-rdunlap@infradead.org +Fixes: f7e1cb6ec51b0 ("mm: memcontrol: account socket memory in unified hierarchy memory controller") +Signed-off-by: Randy Dunlap +Reported-by: Igor Zhbanov +Link: lore.kernel.org/r/64644a2f-4a20-bab3-1e15-3b2cdd0defe3@omprussia.ru +Reviewed-by: Michal Koutný +Cc: Johannes Weiner +Cc: Michal Hocko +Cc: Vladimir Davydov +Cc: Roman Gushchin +Signed-off-by: Andrew Morton +Signed-off-by: Linus Torvalds +Signed-off-by: Greg Kroah-Hartman +--- + mm/memcontrol.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/mm/memcontrol.c ++++ b/mm/memcontrol.c +@@ -7038,7 +7038,7 @@ static int __init cgroup_memory(char *s) + if (!strcmp(token, "nokmem")) + cgroup_memory_nokmem = true; + } +- return 0; ++ return 1; + } + __setup("cgroup.memory=", cgroup_memory); + diff --git a/queue-5.16/mm-mmap-return-1-from-stack_guard_gap-__setup-handler.patch b/queue-5.16/mm-mmap-return-1-from-stack_guard_gap-__setup-handler.patch new file mode 100644 index 00000000000..315823892be --- /dev/null +++ b/queue-5.16/mm-mmap-return-1-from-stack_guard_gap-__setup-handler.patch @@ -0,0 +1,61 @@ +From e6d094936988910ce6e8197570f2753898830081 Mon Sep 17 00:00:00 2001 +From: Randy Dunlap +Date: Tue, 22 Mar 2022 14:42:27 -0700 +Subject: mm/mmap: return 1 from stack_guard_gap __setup() handler + +From: Randy Dunlap + +commit e6d094936988910ce6e8197570f2753898830081 upstream. + +__setup() handlers should return 1 if the command line option is handled +and 0 if not (or maybe never return 0; it just pollutes init's +environment). This prevents: + + Unknown kernel command line parameters \ + "BOOT_IMAGE=/boot/bzImage-517rc5 stack_guard_gap=100", will be \ + passed to user space. + + Run /sbin/init as init process + with arguments: + /sbin/init + with environment: + HOME=/ + TERM=linux + BOOT_IMAGE=/boot/bzImage-517rc5 + stack_guard_gap=100 + +Return 1 to indicate that the boot option has been handled. + +Note that there is no warning message if someone enters: + stack_guard_gap=anything_invalid +and 'val' and stack_guard_gap are both set to 0 due to the use of +simple_strtoul(). This could be improved by using kstrtoxxx() and +checking for an error. + +It appears that having stack_guard_gap == 0 is valid (if unexpected) since +using "stack_guard_gap=0" on the kernel command line does that. + +Link: https://lkml.kernel.org/r/20220222005817.11087-1-rdunlap@infradead.org +Link: lore.kernel.org/r/64644a2f-4a20-bab3-1e15-3b2cdd0defe3@omprussia.ru +Fixes: 1be7107fbe18e ("mm: larger stack guard gap, between vmas") +Signed-off-by: Randy Dunlap +Reported-by: Igor Zhbanov +Cc: Hugh Dickins +Signed-off-by: Andrew Morton +Signed-off-by: Linus Torvalds +Signed-off-by: Greg Kroah-Hartman +--- + mm/mmap.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/mm/mmap.c ++++ b/mm/mmap.c +@@ -2550,7 +2550,7 @@ static int __init cmdline_parse_stack_gu + if (!*endptr) + stack_guard_gap = val << PAGE_SHIFT; + +- return 0; ++ return 1; + } + __setup("stack_guard_gap=", cmdline_parse_stack_guard_gap); + diff --git a/queue-5.16/mm-usercopy-return-1-from-hardened_usercopy-__setup-handler.patch b/queue-5.16/mm-usercopy-return-1-from-hardened_usercopy-__setup-handler.patch new file mode 100644 index 00000000000..d11d2af06cf --- /dev/null +++ b/queue-5.16/mm-usercopy-return-1-from-hardened_usercopy-__setup-handler.patch @@ -0,0 +1,63 @@ +From 05fe3c103f7e6b8b4fca8a7001dfc9ed4628085b Mon Sep 17 00:00:00 2001 +From: Randy Dunlap +Date: Tue, 22 Mar 2022 14:47:52 -0700 +Subject: mm/usercopy: return 1 from hardened_usercopy __setup() handler + +From: Randy Dunlap + +commit 05fe3c103f7e6b8b4fca8a7001dfc9ed4628085b upstream. + +__setup() handlers should return 1 if the command line option is handled +and 0 if not (or maybe never return 0; it just pollutes init's +environment). This prevents: + + Unknown kernel command line parameters \ + "BOOT_IMAGE=/boot/bzImage-517rc5 hardened_usercopy=off", will be \ + passed to user space. + + Run /sbin/init as init process + with arguments: + /sbin/init + with environment: + HOME=/ + TERM=linux + BOOT_IMAGE=/boot/bzImage-517rc5 + hardened_usercopy=off +or + hardened_usercopy=on +but when "hardened_usercopy=foo" is used, there is no Unknown kernel +command line parameter. + +Return 1 to indicate that the boot option has been handled. +Print a warning if strtobool() returns an error on the option string, +but do not mark this as in unknown command line option and do not cause +init's environment to be polluted with this string. + +Link: https://lkml.kernel.org/r/20220222034249.14795-1-rdunlap@infradead.org +Link: lore.kernel.org/r/64644a2f-4a20-bab3-1e15-3b2cdd0defe3@omprussia.ru +Fixes: b5cb15d9372ab ("usercopy: Allow boot cmdline disabling of hardening") +Signed-off-by: Randy Dunlap +Reported-by: Igor Zhbanov +Acked-by: Chris von Recklinghausen +Cc: Kees Cook +Signed-off-by: Andrew Morton +Signed-off-by: Linus Torvalds +Signed-off-by: Greg Kroah-Hartman +--- + mm/usercopy.c | 5 ++++- + 1 file changed, 4 insertions(+), 1 deletion(-) + +--- a/mm/usercopy.c ++++ b/mm/usercopy.c +@@ -294,7 +294,10 @@ static bool enable_checks __initdata = t + + static int __init parse_hardened_usercopy(char *str) + { +- return strtobool(str, &enable_checks); ++ if (strtobool(str, &enable_checks)) ++ pr_warn("Invalid option string for hardened_usercopy: '%s'\n", ++ str); ++ return 1; + } + + __setup("hardened_usercopy=", parse_hardened_usercopy); diff --git a/queue-5.16/series b/queue-5.16/series index 49d78794e00..a7d58f975f7 100644 --- a/queue-5.16/series +++ b/queue-5.16/series @@ -968,3 +968,9 @@ reinstate-some-of-swiotlb-rework-fix-info-leak-with-dma_from_device.patch tracing-have-type-enum-modifications-copy-the-strings.patch net-add-skb_set_end_offset-helper.patch net-preserve-skb_end_offset-in-skb_unclone_keeptruesize.patch +mm-mmap-return-1-from-stack_guard_gap-__setup-handler.patch +arm-9187-1-jive-fix-return-value-of-__setup-handler.patch +mm-memcontrol-return-1-from-cgroup.memory-__setup-handler.patch +mm-usercopy-return-1-from-hardened_usercopy-__setup-handler.patch +af_unix-support-pollpri-for-oob.patch +libbpf-define-btf_kind_-constants-in-btf.h-to-avoid-compilation-errors.patch