From: Sasha Levin Date: Mon, 27 Mar 2023 01:40:37 +0000 (-0400) Subject: Fixes for 5.15 X-Git-Tag: v5.15.105~67 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=e28585e6fdeb8f153bfe84144b7b644329d05f8f;p=thirdparty%2Fkernel%2Fstable-queue.git Fixes for 5.15 Signed-off-by: Sasha Levin --- diff --git a/queue-5.15/entry-rcu-check-tif_resched-_after_-delayed-rcu-wake.patch b/queue-5.15/entry-rcu-check-tif_resched-_after_-delayed-rcu-wake.patch new file mode 100644 index 00000000000..8ca6cd0c1d3 --- /dev/null +++ b/queue-5.15/entry-rcu-check-tif_resched-_after_-delayed-rcu-wake.patch @@ -0,0 +1,56 @@ +From 70038a27801298aa0738ce385136e038f09f987f Mon Sep 17 00:00:00 2001 +From: Sasha Levin +Date: Wed, 15 Mar 2023 19:43:43 +0000 +Subject: entry/rcu: Check TIF_RESCHED _after_ delayed RCU wake-up + +From: Frederic Weisbecker + +[ Upstream commit b416514054810cf2d2cc348ae477cea619b64da7 ] + +RCU sometimes needs to perform a delayed wake up for specific kthreads +handling offloaded callbacks (RCU_NOCB). These wakeups are performed +by timers and upon entry to idle (also to guest and to user on nohz_full). + +However the delayed wake-up on kernel exit is actually performed after +the thread flags are fetched towards the fast path check for work to +do on exit to user. As a result, and if there is no other pending work +to do upon that kernel exit, the current task will resume to userspace +with TIF_RESCHED set and the pending wake up ignored. + +Fix this with fetching the thread flags _after_ the delayed RCU-nocb +kthread wake-up. + +Fixes: 47b8ff194c1f ("entry: Explicitly flush pending rcuog wakeup before last rescheduling point") +Signed-off-by: Frederic Weisbecker +Signed-off-by: Paul E. McKenney +Signed-off-by: Joel Fernandes (Google) +Signed-off-by: Thomas Gleixner +Link: https://lore.kernel.org/r/20230315194349.10798-3-joel@joelfernandes.org +Signed-off-by: Sasha Levin +--- + kernel/entry/common.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/kernel/entry/common.c b/kernel/entry/common.c +index 3ce3a0a6c762e..e002bea6b4be3 100644 +--- a/kernel/entry/common.c ++++ b/kernel/entry/common.c +@@ -196,13 +196,14 @@ static unsigned long exit_to_user_mode_loop(struct pt_regs *regs, + + static void exit_to_user_mode_prepare(struct pt_regs *regs) + { +- unsigned long ti_work = read_thread_flags(); ++ unsigned long ti_work; + + lockdep_assert_irqs_disabled(); + + /* Flush pending rcuog wakeup before the last need_resched() check */ + tick_nohz_user_enter_prepare(); + ++ ti_work = read_thread_flags(); + if (unlikely(ti_work & EXIT_TO_USER_MODE_WORK)) + ti_work = exit_to_user_mode_loop(regs, ti_work); + +-- +2.39.2 + diff --git a/queue-5.15/entry-snapshot-thread-flags.patch b/queue-5.15/entry-snapshot-thread-flags.patch new file mode 100644 index 00000000000..c510cd6460f --- /dev/null +++ b/queue-5.15/entry-snapshot-thread-flags.patch @@ -0,0 +1,91 @@ +From d3c2defe16ba78ebd44a7249ef6b470a760fa119 Mon Sep 17 00:00:00 2001 +From: Sasha Levin +Date: Mon, 29 Nov 2021 13:06:44 +0000 +Subject: entry: Snapshot thread flags + +From: Mark Rutland + +[ Upstream commit 6ce895128b3bff738fe8d9dd74747a03e319e466 ] + +Some thread flags can be set remotely, and so even when IRQs are disabled, +the flags can change under our feet. Generally this is unlikely to cause a +problem in practice, but it is somewhat unsound, and KCSAN will +legitimately warn that there is a data race. + +To avoid such issues, a snapshot of the flags has to be taken prior to +using them. Some places already use READ_ONCE() for that, others do not. + +Convert them all to the new flag accessor helpers. + +Signed-off-by: Mark Rutland +Signed-off-by: Thomas Gleixner +Acked-by: Paul E. McKenney +Link: https://lore.kernel.org/r/20211129130653.2037928-3-mark.rutland@arm.com +Stable-dep-of: b41651405481 ("entry/rcu: Check TIF_RESCHED _after_ delayed RCU wake-up") +Signed-off-by: Sasha Levin +--- + include/linux/entry-kvm.h | 2 +- + kernel/entry/common.c | 4 ++-- + kernel/entry/kvm.c | 4 ++-- + 3 files changed, 5 insertions(+), 5 deletions(-) + +diff --git a/include/linux/entry-kvm.h b/include/linux/entry-kvm.h +index 0d7865a0731ce..07c878d6e323e 100644 +--- a/include/linux/entry-kvm.h ++++ b/include/linux/entry-kvm.h +@@ -75,7 +75,7 @@ static inline void xfer_to_guest_mode_prepare(void) + */ + static inline bool __xfer_to_guest_mode_work_pending(void) + { +- unsigned long ti_work = READ_ONCE(current_thread_info()->flags); ++ unsigned long ti_work = read_thread_flags(); + + return !!(ti_work & XFER_TO_GUEST_MODE_WORK); + } +diff --git a/kernel/entry/common.c b/kernel/entry/common.c +index 998bdb7b8bf7f..3ce3a0a6c762e 100644 +--- a/kernel/entry/common.c ++++ b/kernel/entry/common.c +@@ -187,7 +187,7 @@ static unsigned long exit_to_user_mode_loop(struct pt_regs *regs, + /* Check if any of the above work has queued a deferred wakeup */ + tick_nohz_user_enter_prepare(); + +- ti_work = READ_ONCE(current_thread_info()->flags); ++ ti_work = read_thread_flags(); + } + + /* Return the latest work state for arch_exit_to_user_mode() */ +@@ -196,7 +196,7 @@ static unsigned long exit_to_user_mode_loop(struct pt_regs *regs, + + static void exit_to_user_mode_prepare(struct pt_regs *regs) + { +- unsigned long ti_work = READ_ONCE(current_thread_info()->flags); ++ unsigned long ti_work = read_thread_flags(); + + lockdep_assert_irqs_disabled(); + +diff --git a/kernel/entry/kvm.c b/kernel/entry/kvm.c +index 49972ee99aff6..96d476e06c777 100644 +--- a/kernel/entry/kvm.c ++++ b/kernel/entry/kvm.c +@@ -26,7 +26,7 @@ static int xfer_to_guest_mode_work(struct kvm_vcpu *vcpu, unsigned long ti_work) + if (ret) + return ret; + +- ti_work = READ_ONCE(current_thread_info()->flags); ++ ti_work = read_thread_flags(); + } while (ti_work & XFER_TO_GUEST_MODE_WORK || need_resched()); + return 0; + } +@@ -43,7 +43,7 @@ int xfer_to_guest_mode_handle_work(struct kvm_vcpu *vcpu) + * disabled in the inner loop before going into guest mode. No need + * to disable interrupts here. + */ +- ti_work = READ_ONCE(current_thread_info()->flags); ++ ti_work = read_thread_flags(); + if (!(ti_work & XFER_TO_GUEST_MODE_WORK)) + return 0; + +-- +2.39.2 + diff --git a/queue-5.15/hwmon-fix-potential-sensor-registration-fail-if-of_n.patch b/queue-5.15/hwmon-fix-potential-sensor-registration-fail-if-of_n.patch new file mode 100644 index 00000000000..31de8003b2f --- /dev/null +++ b/queue-5.15/hwmon-fix-potential-sensor-registration-fail-if-of_n.patch @@ -0,0 +1,58 @@ +From c1713537b2ea9ee7da5a23c342efac755bc0c060 Mon Sep 17 00:00:00 2001 +From: Sasha Levin +Date: Tue, 21 Mar 2023 14:02:23 +0800 +Subject: hwmon: fix potential sensor registration fail if of_node is missing + +From: Phinex Hung + +[ Upstream commit 2315332efcbe7124252f080e03b57d3d2f1f4771 ] + +It is not sufficient to check of_node in current device. +In some cases, this would cause the sensor registration to fail. + +This patch looks for device's ancestors to find a valid of_node if any. + +Fixes: d560168b5d0f ("hwmon: (core) New hwmon registration API") +Signed-off-by: Phinex Hung +Link: https://lore.kernel.org/r/20230321060224.3819-1-phinex@realtek.com +Signed-off-by: Guenter Roeck +Signed-off-by: Sasha Levin +--- + drivers/hwmon/hwmon.c | 7 +++++-- + 1 file changed, 5 insertions(+), 2 deletions(-) + +diff --git a/drivers/hwmon/hwmon.c b/drivers/hwmon/hwmon.c +index 3ae961986fc31..fd3b277d340a9 100644 +--- a/drivers/hwmon/hwmon.c ++++ b/drivers/hwmon/hwmon.c +@@ -736,6 +736,7 @@ __hwmon_device_register(struct device *dev, const char *name, void *drvdata, + { + struct hwmon_device *hwdev; + struct device *hdev; ++ struct device *tdev = dev; + int i, err, id; + + /* Complain about invalid characters in hwmon name attribute */ +@@ -793,7 +794,9 @@ __hwmon_device_register(struct device *dev, const char *name, void *drvdata, + hwdev->name = name; + hdev->class = &hwmon_class; + hdev->parent = dev; +- hdev->of_node = dev ? dev->of_node : NULL; ++ while (tdev && !tdev->of_node) ++ tdev = tdev->parent; ++ hdev->of_node = tdev ? tdev->of_node : NULL; + hwdev->chip = chip; + dev_set_drvdata(hdev, drvdata); + dev_set_name(hdev, HWMON_ID_FORMAT, id); +@@ -805,7 +808,7 @@ __hwmon_device_register(struct device *dev, const char *name, void *drvdata, + + INIT_LIST_HEAD(&hwdev->tzdata); + +- if (dev && dev->of_node && chip && chip->ops->read && ++ if (hdev->of_node && chip && chip->ops->read && + chip->info[0]->type == hwmon_chip && + (chip->info[0]->config[0] & HWMON_C_REGISTER_TZ)) { + err = hwmon_thermal_register_sensors(hdev); +-- +2.39.2 + diff --git a/queue-5.15/hwmon-it87-fix-voltage-scaling-for-chips-with-10.9mv.patch b/queue-5.15/hwmon-it87-fix-voltage-scaling-for-chips-with-10.9mv.patch new file mode 100644 index 00000000000..c36d9bb0a25 --- /dev/null +++ b/queue-5.15/hwmon-it87-fix-voltage-scaling-for-chips-with-10.9mv.patch @@ -0,0 +1,47 @@ +From e8e3ca5e9536012f8543abf21a57a8611f80004c Mon Sep 17 00:00:00 2001 +From: Sasha Levin +Date: Sat, 18 Mar 2023 19:05:42 +1100 +Subject: hwmon (it87): Fix voltage scaling for chips with 10.9mV ADCs + +From: Frank Crawford + +[ Upstream commit 968b66ffeb7956acc72836a7797aeb7b2444ec51 ] + +Fix voltage scaling for chips that have 10.9mV ADCs, where scaling was +not performed. + +Fixes: ead8080351c9 ("hwmon: (it87) Add support for IT8732F") +Signed-off-by: Frank Crawford +Link: https://lore.kernel.org/r/20230318080543.1226700-2-frank@crawford.emu.id.au +[groeck: Update subject and description to focus on bug fix] +Signed-off-by: Guenter Roeck +Signed-off-by: Sasha Levin +--- + drivers/hwmon/it87.c | 4 +++- + 1 file changed, 3 insertions(+), 1 deletion(-) + +diff --git a/drivers/hwmon/it87.c b/drivers/hwmon/it87.c +index 1f93134afcb9f..485d68ab79e17 100644 +--- a/drivers/hwmon/it87.c ++++ b/drivers/hwmon/it87.c +@@ -486,6 +486,8 @@ static const struct it87_devices it87_devices[] = { + #define has_pwm_freq2(data) ((data)->features & FEAT_PWM_FREQ2) + #define has_six_temp(data) ((data)->features & FEAT_SIX_TEMP) + #define has_vin3_5v(data) ((data)->features & FEAT_VIN3_5V) ++#define has_scaling(data) ((data)->features & (FEAT_12MV_ADC | \ ++ FEAT_10_9MV_ADC)) + + struct it87_sio_data { + int sioaddr; +@@ -3098,7 +3100,7 @@ static int it87_probe(struct platform_device *pdev) + "Detected broken BIOS defaults, disabling PWM interface\n"); + + /* Starting with IT8721F, we handle scaling of internal voltages */ +- if (has_12mv_adc(data)) { ++ if (has_scaling(data)) { + if (sio_data->internal & BIT(0)) + data->in_scaled |= BIT(3); /* in3 is AVCC */ + if (sio_data->internal & BIT(1)) +-- +2.39.2 + diff --git a/queue-5.15/series b/queue-5.15/series index 635a4dd3673..1c3c528d152 100644 --- a/queue-5.15/series +++ b/queue-5.15/series @@ -67,3 +67,8 @@ bluetooth-btqcomsmd-fix-command-timeout-after-settin.patch bluetooth-l2cap-fix-responding-with-wrong-pdu-type.patch bluetooth-btsdio-fix-use-after-free-bug-in-btsdio_re.patch platform-chrome-cros_ec_chardev-fix-kernel-data-leak.patch +thread_info-add-helpers-to-snapshot-thread-flags.patch +entry-snapshot-thread-flags.patch +entry-rcu-check-tif_resched-_after_-delayed-rcu-wake.patch +hwmon-fix-potential-sensor-registration-fail-if-of_n.patch +hwmon-it87-fix-voltage-scaling-for-chips-with-10.9mv.patch diff --git a/queue-5.15/thread_info-add-helpers-to-snapshot-thread-flags.patch b/queue-5.15/thread_info-add-helpers-to-snapshot-thread-flags.patch new file mode 100644 index 00000000000..be63e0000bc --- /dev/null +++ b/queue-5.15/thread_info-add-helpers-to-snapshot-thread-flags.patch @@ -0,0 +1,75 @@ +From f9ac4dbf887b6fb53676018a96d5153aed04cbf0 Mon Sep 17 00:00:00 2001 +From: Sasha Levin +Date: Mon, 29 Nov 2021 13:06:43 +0000 +Subject: thread_info: Add helpers to snapshot thread flags + +From: Mark Rutland + +[ Upstream commit 7ad639840acf2800b5f387c495795f995a67a329 ] + +In there are helpers to manipulate individual thread +flags, but where code wants to check several flags at once, it must open +code reading current_thread_info()->flags and operating on a snapshot. + +As some flags can be set remotely it's necessary to use READ_ONCE() to get +a consistent snapshot even when IRQs are disabled, but some code forgets to +do this. Generally this is unlike to cause a problem in practice, but it is +somewhat unsound, and KCSAN will legitimately warn that there is a data +race. + +To make it easier to do the right thing, and to highlight that concurrent +modification is possible, add new helpers to snapshot the flags, which +should be used in preference to plain reads. Subsequent patches will move +existing code to use the new helpers. + +Signed-off-by: Mark Rutland +Signed-off-by: Thomas Gleixner +Reviewed-by: Thomas Gleixner +Acked-by: Marco Elver +Acked-by: Paul E. McKenney +Cc: Boqun Feng +Cc: Dmitry Vyukov +Cc: Peter Zijlstra +Cc: Will Deacon +Link: https://lore.kernel.org/r/20211129130653.2037928-2-mark.rutland@arm.com +Stable-dep-of: b41651405481 ("entry/rcu: Check TIF_RESCHED _after_ delayed RCU wake-up") +Signed-off-by: Sasha Levin +--- + include/linux/thread_info.h | 14 ++++++++++++++ + 1 file changed, 14 insertions(+) + +diff --git a/include/linux/thread_info.h b/include/linux/thread_info.h +index 0999f6317978f..9a073535c0bdd 100644 +--- a/include/linux/thread_info.h ++++ b/include/linux/thread_info.h +@@ -118,6 +118,15 @@ static inline int test_ti_thread_flag(struct thread_info *ti, int flag) + return test_bit(flag, (unsigned long *)&ti->flags); + } + ++/* ++ * This may be used in noinstr code, and needs to be __always_inline to prevent ++ * inadvertent instrumentation. ++ */ ++static __always_inline unsigned long read_ti_thread_flags(struct thread_info *ti) ++{ ++ return READ_ONCE(ti->flags); ++} ++ + #define set_thread_flag(flag) \ + set_ti_thread_flag(current_thread_info(), flag) + #define clear_thread_flag(flag) \ +@@ -130,6 +139,11 @@ static inline int test_ti_thread_flag(struct thread_info *ti, int flag) + test_and_clear_ti_thread_flag(current_thread_info(), flag) + #define test_thread_flag(flag) \ + test_ti_thread_flag(current_thread_info(), flag) ++#define read_thread_flags() \ ++ read_ti_thread_flags(current_thread_info()) ++ ++#define read_task_thread_flags(t) \ ++ read_ti_thread_flags(task_thread_info(t)) + + #ifdef CONFIG_GENERIC_ENTRY + #define set_syscall_work(fl) \ +-- +2.39.2 +