From: Greg Kroah-Hartman Date: Mon, 16 Mar 2020 14:28:18 +0000 (+0100) Subject: 4.19-stable patches X-Git-Tag: v4.19.111~21 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=ea110c6d804ac149efa5d8644269e168f209b3b7;p=thirdparty%2Fkernel%2Fstable-queue.git 4.19-stable patches added patches: i2c-acpi-put-device-when-verifying-client-fails.patch iommu-vt-d-fix-the-wrong-printing-in-rhsa-parsing.patch iommu-vt-d-ignore-devices-with-out-of-spec-domain-number.patch netfilter-nft_payload-add-missing-attribute-validation-for-payload-csum-flags.patch netfilter-nft_tunnel-add-missing-attribute-validation-for-tunnels.patch --- diff --git a/queue-4.19/i2c-acpi-put-device-when-verifying-client-fails.patch b/queue-4.19/i2c-acpi-put-device-when-verifying-client-fails.patch new file mode 100644 index 00000000000..1c4161a5158 --- /dev/null +++ b/queue-4.19/i2c-acpi-put-device-when-verifying-client-fails.patch @@ -0,0 +1,47 @@ +From 8daee952b4389729358665fb91949460641659d4 Mon Sep 17 00:00:00 2001 +From: Wolfram Sang +Date: Thu, 12 Mar 2020 14:32:44 +0100 +Subject: i2c: acpi: put device when verifying client fails + +From: Wolfram Sang + +commit 8daee952b4389729358665fb91949460641659d4 upstream. + +i2c_verify_client() can fail, so we need to put the device when that +happens. + +Fixes: 525e6fabeae2 ("i2c / ACPI: add support for ACPI reconfigure notifications") +Reported-by: Geert Uytterhoeven +Signed-off-by: Wolfram Sang +Reviewed-by: Geert Uytterhoeven +Reviewed-by: Andy Shevchenko +Acked-by: Mika Westerberg +Signed-off-by: Wolfram Sang +Signed-off-by: Greg Kroah-Hartman + +--- + drivers/i2c/i2c-core-acpi.c | 10 +++++++++- + 1 file changed, 9 insertions(+), 1 deletion(-) + +--- a/drivers/i2c/i2c-core-acpi.c ++++ b/drivers/i2c/i2c-core-acpi.c +@@ -352,10 +352,18 @@ static struct i2c_adapter *i2c_acpi_find + static struct i2c_client *i2c_acpi_find_client_by_adev(struct acpi_device *adev) + { + struct device *dev; ++ struct i2c_client *client; + + dev = bus_find_device(&i2c_bus_type, NULL, adev, + i2c_acpi_find_match_device); +- return dev ? i2c_verify_client(dev) : NULL; ++ if (!dev) ++ return NULL; ++ ++ client = i2c_verify_client(dev); ++ if (!client) ++ put_device(dev); ++ ++ return client; + } + + static int i2c_acpi_notify(struct notifier_block *nb, unsigned long value, diff --git a/queue-4.19/iommu-vt-d-fix-the-wrong-printing-in-rhsa-parsing.patch b/queue-4.19/iommu-vt-d-fix-the-wrong-printing-in-rhsa-parsing.patch new file mode 100644 index 00000000000..2797b117754 --- /dev/null +++ b/queue-4.19/iommu-vt-d-fix-the-wrong-printing-in-rhsa-parsing.patch @@ -0,0 +1,36 @@ +From b0bb0c22c4db623f2e7b1a471596fbf1c22c6dc5 Mon Sep 17 00:00:00 2001 +From: Zhenzhong Duan +Date: Thu, 12 Mar 2020 14:09:54 +0800 +Subject: iommu/vt-d: Fix the wrong printing in RHSA parsing + +From: Zhenzhong Duan + +commit b0bb0c22c4db623f2e7b1a471596fbf1c22c6dc5 upstream. + +When base address in RHSA structure doesn't match base address in +each DRHD structure, the base address in last DRHD is printed out. + +This doesn't make sense when there are multiple DRHD units, fix it +by printing the buggy RHSA's base address. + +Signed-off-by: Lu Baolu +Signed-off-by: Zhenzhong Duan +Fixes: fd0c8894893cb ("intel-iommu: Set a more specific taint flag for invalid BIOS DMAR tables") +Signed-off-by: Joerg Roedel +Signed-off-by: Greg Kroah-Hartman + +--- + drivers/iommu/dmar.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/drivers/iommu/dmar.c ++++ b/drivers/iommu/dmar.c +@@ -486,7 +486,7 @@ static int dmar_parse_one_rhsa(struct ac + pr_warn(FW_BUG + "Your BIOS is broken; RHSA refers to non-existent DMAR unit at %llx\n" + "BIOS vendor: %s; Ver: %s; Product Version: %s\n", +- drhd->reg_base_addr, ++ rhsa->base_address, + dmi_get_system_info(DMI_BIOS_VENDOR), + dmi_get_system_info(DMI_BIOS_VERSION), + dmi_get_system_info(DMI_PRODUCT_VERSION)); diff --git a/queue-4.19/iommu-vt-d-ignore-devices-with-out-of-spec-domain-number.patch b/queue-4.19/iommu-vt-d-ignore-devices-with-out-of-spec-domain-number.patch new file mode 100644 index 00000000000..be291b6d21c --- /dev/null +++ b/queue-4.19/iommu-vt-d-ignore-devices-with-out-of-spec-domain-number.patch @@ -0,0 +1,70 @@ +From da72a379b2ec0bad3eb265787f7008bead0b040c Mon Sep 17 00:00:00 2001 +From: Daniel Drake +Date: Thu, 12 Mar 2020 14:09:55 +0800 +Subject: iommu/vt-d: Ignore devices with out-of-spec domain number +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +From: Daniel Drake + +commit da72a379b2ec0bad3eb265787f7008bead0b040c upstream. + +VMD subdevices are created with a PCI domain ID of 0x10000 or +higher. + +These subdevices are also handled like all other PCI devices by +dmar_pci_bus_notifier(). + +However, when dmar_alloc_pci_notify_info() take records of such devices, +it will truncate the domain ID to a u16 value (in info->seg). +The device at (e.g.) 10000:00:02.0 is then treated by the DMAR code as if +it is 0000:00:02.0. + +In the unlucky event that a real device also exists at 0000:00:02.0 and +also has a device-specific entry in the DMAR table, +dmar_insert_dev_scope() will crash on: +   BUG_ON(i >= devices_cnt); + +That's basically a sanity check that only one PCI device matches a +single DMAR entry; in this case we seem to have two matching devices. + +Fix this by ignoring devices that have a domain number higher than +what can be looked up in the DMAR table. + +This problem was carefully diagnosed by Jian-Hong Pan. + +Signed-off-by: Lu Baolu +Signed-off-by: Daniel Drake +Fixes: 59ce0515cdaf3 ("iommu/vt-d: Update DRHD/RMRR/ATSR device scope caches when PCI hotplug happens") +Signed-off-by: Joerg Roedel +Signed-off-by: Greg Kroah-Hartman + +--- + drivers/iommu/dmar.c | 8 ++++++++ + 1 file changed, 8 insertions(+) + +--- a/drivers/iommu/dmar.c ++++ b/drivers/iommu/dmar.c +@@ -39,6 +39,7 @@ + #include + #include + #include ++#include + #include + #include + +@@ -139,6 +140,13 @@ dmar_alloc_pci_notify_info(struct pci_de + + BUG_ON(dev->is_virtfn); + ++ /* ++ * Ignore devices that have a domain number higher than what can ++ * be looked up in DMAR, e.g. VMD subdevices with domain 0x10000 ++ */ ++ if (pci_domain_nr(dev->bus) > U16_MAX) ++ return NULL; ++ + /* Only generate path[] for device addition event */ + if (event == BUS_NOTIFY_ADD_DEVICE) + for (tmp = dev; tmp; tmp = tmp->bus->self) diff --git a/queue-4.19/netfilter-nft_payload-add-missing-attribute-validation-for-payload-csum-flags.patch b/queue-4.19/netfilter-nft_payload-add-missing-attribute-validation-for-payload-csum-flags.patch new file mode 100644 index 00000000000..812a96f2ef6 --- /dev/null +++ b/queue-4.19/netfilter-nft_payload-add-missing-attribute-validation-for-payload-csum-flags.patch @@ -0,0 +1,31 @@ +From 9d6effb2f1523eb84516e44213c00f2fd9e6afff Mon Sep 17 00:00:00 2001 +From: Jakub Kicinski +Date: Mon, 2 Mar 2020 21:08:32 -0800 +Subject: netfilter: nft_payload: add missing attribute validation for payload csum flags + +From: Jakub Kicinski + +commit 9d6effb2f1523eb84516e44213c00f2fd9e6afff upstream. + +Add missing attribute validation for NFTA_PAYLOAD_CSUM_FLAGS +to the netlink policy. + +Fixes: 1814096980bb ("netfilter: nft_payload: layer 4 checksum adjustment for pseudoheader fields") +Signed-off-by: Jakub Kicinski +Signed-off-by: Pablo Neira Ayuso +Signed-off-by: Greg Kroah-Hartman + +--- + net/netfilter/nft_payload.c | 1 + + 1 file changed, 1 insertion(+) + +--- a/net/netfilter/nft_payload.c ++++ b/net/netfilter/nft_payload.c +@@ -121,6 +121,7 @@ static const struct nla_policy nft_paylo + [NFTA_PAYLOAD_LEN] = { .type = NLA_U32 }, + [NFTA_PAYLOAD_CSUM_TYPE] = { .type = NLA_U32 }, + [NFTA_PAYLOAD_CSUM_OFFSET] = { .type = NLA_U32 }, ++ [NFTA_PAYLOAD_CSUM_FLAGS] = { .type = NLA_U32 }, + }; + + static int nft_payload_init(const struct nft_ctx *ctx, diff --git a/queue-4.19/netfilter-nft_tunnel-add-missing-attribute-validation-for-tunnels.patch b/queue-4.19/netfilter-nft_tunnel-add-missing-attribute-validation-for-tunnels.patch new file mode 100644 index 00000000000..c81200a39a5 --- /dev/null +++ b/queue-4.19/netfilter-nft_tunnel-add-missing-attribute-validation-for-tunnels.patch @@ -0,0 +1,32 @@ +From 88a637719a1570705c02cacb3297af164b1714e7 Mon Sep 17 00:00:00 2001 +From: Jakub Kicinski +Date: Mon, 2 Mar 2020 21:08:33 -0800 +Subject: netfilter: nft_tunnel: add missing attribute validation for tunnels + +From: Jakub Kicinski + +commit 88a637719a1570705c02cacb3297af164b1714e7 upstream. + +Add missing attribute validation for tunnel source and +destination ports to the netlink policy. + +Fixes: af308b94a2a4 ("netfilter: nf_tables: add tunnel support") +Signed-off-by: Jakub Kicinski +Signed-off-by: Pablo Neira Ayuso +Signed-off-by: Greg Kroah-Hartman + +--- + net/netfilter/nft_tunnel.c | 2 ++ + 1 file changed, 2 insertions(+) + +--- a/net/netfilter/nft_tunnel.c ++++ b/net/netfilter/nft_tunnel.c +@@ -308,6 +308,8 @@ static const struct nla_policy nft_tunne + [NFTA_TUNNEL_KEY_FLAGS] = { .type = NLA_U32, }, + [NFTA_TUNNEL_KEY_TOS] = { .type = NLA_U8, }, + [NFTA_TUNNEL_KEY_TTL] = { .type = NLA_U8, }, ++ [NFTA_TUNNEL_KEY_SPORT] = { .type = NLA_U16, }, ++ [NFTA_TUNNEL_KEY_DPORT] = { .type = NLA_U16, }, + [NFTA_TUNNEL_KEY_OPTS] = { .type = NLA_NESTED, }, + }; + diff --git a/queue-4.19/series b/queue-4.19/series index 2a4d2a8e4f8..cf0b37561a7 100644 --- a/queue-4.19/series +++ b/queue-4.19/series @@ -77,3 +77,8 @@ nl80211-add-missing-attribute-validation-for-beacon-report-scanning.patch nl80211-add-missing-attribute-validation-for-channel-switch.patch perf-bench-futex-wake-restore-thread-count-default-to-online-cpu-count.patch netfilter-cthelper-add-missing-attribute-validation-for-cthelper.patch +netfilter-nft_payload-add-missing-attribute-validation-for-payload-csum-flags.patch +netfilter-nft_tunnel-add-missing-attribute-validation-for-tunnels.patch +iommu-vt-d-fix-the-wrong-printing-in-rhsa-parsing.patch +iommu-vt-d-ignore-devices-with-out-of-spec-domain-number.patch +i2c-acpi-put-device-when-verifying-client-fails.patch