From 4df874659f6ff2083355e81217030d3159e161c2 Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman Date: Sun, 3 Apr 2022 10:46:20 +0200 Subject: [PATCH] 5.15-stable patches added patches: kvm-prevent-module-exit-until-all-vms-are-freed.patch kvm-svm-fix-panic-on-out-of-bounds-guest-irq.patch kvm-x86-avoid-theoretical-null-pointer-dereference-in-kvm_irq_delivery_to_apic_fast.patch kvm-x86-check-lapic_in_kernel-before-attempting-to-set-a-synic-irq.patch kvm-x86-fix-sending-pv-ipi.patch kvm-x86-forbid-vmm-to-set-synic-stimer-msrs-when-synic-wasn-t-activated.patch platform-chrome-split-trace-include-file.patch --- ...-module-exit-until-all-vms-are-freed.patch | 75 +++++ ...fix-panic-on-out-of-bounds-guest-irq.patch | 81 +++++ ...nce-in-kvm_irq_delivery_to_apic_fast.patch | 35 ++ ...before-attempting-to-set-a-synic-irq.patch | 39 +++ queue-5.15/kvm-x86-fix-sending-pv-ipi.patch | 38 +++ ...mer-msrs-when-synic-wasn-t-activated.patch | 66 ++++ ...form-chrome-split-trace-include-file.patch | 303 ++++++++++++++++++ queue-5.15/series | 7 + 8 files changed, 644 insertions(+) create mode 100644 queue-5.15/kvm-prevent-module-exit-until-all-vms-are-freed.patch create mode 100644 queue-5.15/kvm-svm-fix-panic-on-out-of-bounds-guest-irq.patch create mode 100644 queue-5.15/kvm-x86-avoid-theoretical-null-pointer-dereference-in-kvm_irq_delivery_to_apic_fast.patch create mode 100644 queue-5.15/kvm-x86-check-lapic_in_kernel-before-attempting-to-set-a-synic-irq.patch create mode 100644 queue-5.15/kvm-x86-fix-sending-pv-ipi.patch create mode 100644 queue-5.15/kvm-x86-forbid-vmm-to-set-synic-stimer-msrs-when-synic-wasn-t-activated.patch create mode 100644 queue-5.15/platform-chrome-split-trace-include-file.patch diff --git a/queue-5.15/kvm-prevent-module-exit-until-all-vms-are-freed.patch b/queue-5.15/kvm-prevent-module-exit-until-all-vms-are-freed.patch new file mode 100644 index 00000000000..2545b5033a9 --- /dev/null +++ b/queue-5.15/kvm-prevent-module-exit-until-all-vms-are-freed.patch @@ -0,0 +1,75 @@ +From 5f6de5cbebee925a612856fce6f9182bb3eee0db Mon Sep 17 00:00:00 2001 +From: David Matlack +Date: Thu, 3 Mar 2022 18:33:27 +0000 +Subject: KVM: Prevent module exit until all VMs are freed + +From: David Matlack + +commit 5f6de5cbebee925a612856fce6f9182bb3eee0db upstream. + +Tie the lifetime the KVM module to the lifetime of each VM via +kvm.users_count. This way anything that grabs a reference to the VM via +kvm_get_kvm() cannot accidentally outlive the KVM module. + +Prior to this commit, the lifetime of the KVM module was tied to the +lifetime of /dev/kvm file descriptors, VM file descriptors, and vCPU +file descriptors by their respective file_operations "owner" field. +This approach is insufficient because references grabbed via +kvm_get_kvm() do not prevent closing any of the aforementioned file +descriptors. + +This fixes a long standing theoretical bug in KVM that at least affects +async page faults. kvm_setup_async_pf() grabs a reference via +kvm_get_kvm(), and drops it in an asynchronous work callback. Nothing +prevents the VM file descriptor from being closed and the KVM module +from being unloaded before this callback runs. + +Fixes: af585b921e5d ("KVM: Halt vcpu if page it tries to access is swapped out") +Fixes: 3d3aab1b973b ("KVM: set owner of cpu and vm file operations") +Cc: stable@vger.kernel.org +Suggested-by: Ben Gardon +[ Based on a patch from Ben implemented for Google's kernel. ] +Signed-off-by: David Matlack +Message-Id: <20220303183328.1499189-2-dmatlack@google.com> +Signed-off-by: Paolo Bonzini +Signed-off-by: Greg Kroah-Hartman +--- + virt/kvm/kvm_main.c | 13 +++++++++++++ + 1 file changed, 13 insertions(+) + +--- a/virt/kvm/kvm_main.c ++++ b/virt/kvm/kvm_main.c +@@ -117,6 +117,8 @@ EXPORT_SYMBOL_GPL(kvm_debugfs_dir); + + static const struct file_operations stat_fops_per_vm; + ++static struct file_operations kvm_chardev_ops; ++ + static long kvm_vcpu_ioctl(struct file *file, unsigned int ioctl, + unsigned long arg); + #ifdef CONFIG_KVM_COMPAT +@@ -1099,6 +1101,16 @@ static struct kvm *kvm_create_vm(unsigne + preempt_notifier_inc(); + kvm_init_pm_notifier(kvm); + ++ /* ++ * When the fd passed to this ioctl() is opened it pins the module, ++ * but try_module_get() also prevents getting a reference if the module ++ * is in MODULE_STATE_GOING (e.g. if someone ran "rmmod --wait"). ++ */ ++ if (!try_module_get(kvm_chardev_ops.owner)) { ++ r = -ENODEV; ++ goto out_err; ++ } ++ + return kvm; + + out_err: +@@ -1188,6 +1200,7 @@ static void kvm_destroy_vm(struct kvm *k + preempt_notifier_dec(); + hardware_disable_all(); + mmdrop(mm); ++ module_put(kvm_chardev_ops.owner); + } + + void kvm_get_kvm(struct kvm *kvm) diff --git a/queue-5.15/kvm-svm-fix-panic-on-out-of-bounds-guest-irq.patch b/queue-5.15/kvm-svm-fix-panic-on-out-of-bounds-guest-irq.patch new file mode 100644 index 00000000000..dfdff54933c --- /dev/null +++ b/queue-5.15/kvm-svm-fix-panic-on-out-of-bounds-guest-irq.patch @@ -0,0 +1,81 @@ +From a80ced6ea514000d34bf1239d47553de0d1ee89e Mon Sep 17 00:00:00 2001 +From: Yi Wang +Date: Wed, 9 Mar 2022 19:30:25 +0800 +Subject: KVM: SVM: fix panic on out-of-bounds guest IRQ + +From: Yi Wang + +commit a80ced6ea514000d34bf1239d47553de0d1ee89e upstream. + +As guest_irq is coming from KVM_IRQFD API call, it may trigger +crash in svm_update_pi_irte() due to out-of-bounds: + +crash> bt +PID: 22218 TASK: ffff951a6ad74980 CPU: 73 COMMAND: "vcpu8" + #0 [ffffb1ba6707fa40] machine_kexec at ffffffff8565b397 + #1 [ffffb1ba6707fa90] __crash_kexec at ffffffff85788a6d + #2 [ffffb1ba6707fb58] crash_kexec at ffffffff8578995d + #3 [ffffb1ba6707fb70] oops_end at ffffffff85623c0d + #4 [ffffb1ba6707fb90] no_context at ffffffff856692c9 + #5 [ffffb1ba6707fbf8] exc_page_fault at ffffffff85f95b51 + #6 [ffffb1ba6707fc50] asm_exc_page_fault at ffffffff86000ace + [exception RIP: svm_update_pi_irte+227] + RIP: ffffffffc0761b53 RSP: ffffb1ba6707fd08 RFLAGS: 00010086 + RAX: ffffb1ba6707fd78 RBX: ffffb1ba66d91000 RCX: 0000000000000001 + RDX: 00003c803f63f1c0 RSI: 000000000000019a RDI: ffffb1ba66db2ab8 + RBP: 000000000000019a R8: 0000000000000040 R9: ffff94ca41b82200 + R10: ffffffffffffffcf R11: 0000000000000001 R12: 0000000000000001 + R13: 0000000000000001 R14: ffffffffffffffcf R15: 000000000000005f + ORIG_RAX: ffffffffffffffff CS: 0010 SS: 0018 + #7 [ffffb1ba6707fdb8] kvm_irq_routing_update at ffffffffc09f19a1 [kvm] + #8 [ffffb1ba6707fde0] kvm_set_irq_routing at ffffffffc09f2133 [kvm] + #9 [ffffb1ba6707fe18] kvm_vm_ioctl at ffffffffc09ef544 [kvm] + RIP: 00007f143c36488b RSP: 00007f143a4e04b8 RFLAGS: 00000246 + RAX: ffffffffffffffda RBX: 00007f05780041d0 RCX: 00007f143c36488b + RDX: 00007f05780041d0 RSI: 000000004008ae6a RDI: 0000000000000020 + RBP: 00000000000004e8 R8: 0000000000000008 R9: 00007f05780041e0 + R10: 00007f0578004560 R11: 0000000000000246 R12: 00000000000004e0 + R13: 000000000000001a R14: 00007f1424001c60 R15: 00007f0578003bc0 + ORIG_RAX: 0000000000000010 CS: 0033 SS: 002b + +Vmx have been fix this in commit 3a8b0677fc61 (KVM: VMX: Do not BUG() on +out-of-bounds guest IRQ), so we can just copy source from that to fix +this. + +Co-developed-by: Yi Liu +Signed-off-by: Yi Liu +Signed-off-by: Yi Wang +Message-Id: <20220309113025.44469-1-wang.yi59@zte.com.cn> +Cc: stable@vger.kernel.org +Signed-off-by: Paolo Bonzini +Signed-off-by: Greg Kroah-Hartman +--- + arch/x86/kvm/svm/avic.c | 10 ++++++++-- + 1 file changed, 8 insertions(+), 2 deletions(-) + +--- a/arch/x86/kvm/svm/avic.c ++++ b/arch/x86/kvm/svm/avic.c +@@ -799,7 +799,7 @@ int svm_update_pi_irte(struct kvm *kvm, + { + struct kvm_kernel_irq_routing_entry *e; + struct kvm_irq_routing_table *irq_rt; +- int idx, ret = -EINVAL; ++ int idx, ret = 0; + + if (!kvm_arch_has_assigned_device(kvm) || + !irq_remapping_cap(IRQ_POSTING_CAP)) +@@ -810,7 +810,13 @@ int svm_update_pi_irte(struct kvm *kvm, + + idx = srcu_read_lock(&kvm->irq_srcu); + irq_rt = srcu_dereference(kvm->irq_routing, &kvm->irq_srcu); +- WARN_ON(guest_irq >= irq_rt->nr_rt_entries); ++ ++ if (guest_irq >= irq_rt->nr_rt_entries || ++ hlist_empty(&irq_rt->map[guest_irq])) { ++ pr_warn_once("no route for guest_irq %u/%u (broken user space?)\n", ++ guest_irq, irq_rt->nr_rt_entries); ++ goto out; ++ } + + hlist_for_each_entry(e, &irq_rt->map[guest_irq], link) { + struct vcpu_data vcpu_info; diff --git a/queue-5.15/kvm-x86-avoid-theoretical-null-pointer-dereference-in-kvm_irq_delivery_to_apic_fast.patch b/queue-5.15/kvm-x86-avoid-theoretical-null-pointer-dereference-in-kvm_irq_delivery_to_apic_fast.patch new file mode 100644 index 00000000000..ee236964b98 --- /dev/null +++ b/queue-5.15/kvm-x86-avoid-theoretical-null-pointer-dereference-in-kvm_irq_delivery_to_apic_fast.patch @@ -0,0 +1,35 @@ +From 00b5f37189d24ac3ed46cb7f11742094778c46ce Mon Sep 17 00:00:00 2001 +From: Vitaly Kuznetsov +Date: Fri, 25 Mar 2022 14:21:39 +0100 +Subject: KVM: x86: Avoid theoretical NULL pointer dereference in kvm_irq_delivery_to_apic_fast() + +From: Vitaly Kuznetsov + +commit 00b5f37189d24ac3ed46cb7f11742094778c46ce upstream. + +When kvm_irq_delivery_to_apic_fast() is called with APIC_DEST_SELF +shorthand, 'src' must not be NULL. Crash the VM with KVM_BUG_ON() +instead of crashing the host. + +Signed-off-by: Vitaly Kuznetsov +Message-Id: <20220325132140.25650-3-vkuznets@redhat.com> +Cc: stable@vger.kernel.org +Signed-off-by: Paolo Bonzini +Signed-off-by: Greg Kroah-Hartman +--- + arch/x86/kvm/lapic.c | 4 ++++ + 1 file changed, 4 insertions(+) + +--- a/arch/x86/kvm/lapic.c ++++ b/arch/x86/kvm/lapic.c +@@ -987,6 +987,10 @@ bool kvm_irq_delivery_to_apic_fast(struc + *r = -1; + + if (irq->shorthand == APIC_DEST_SELF) { ++ if (KVM_BUG_ON(!src, kvm)) { ++ *r = 0; ++ return true; ++ } + *r = kvm_apic_set_irq(src->vcpu, irq, dest_map); + return true; + } diff --git a/queue-5.15/kvm-x86-check-lapic_in_kernel-before-attempting-to-set-a-synic-irq.patch b/queue-5.15/kvm-x86-check-lapic_in_kernel-before-attempting-to-set-a-synic-irq.patch new file mode 100644 index 00000000000..774b5349157 --- /dev/null +++ b/queue-5.15/kvm-x86-check-lapic_in_kernel-before-attempting-to-set-a-synic-irq.patch @@ -0,0 +1,39 @@ +From 7ec37d1cbe17d8189d9562178d8b29167fe1c31a Mon Sep 17 00:00:00 2001 +From: Vitaly Kuznetsov +Date: Fri, 25 Mar 2022 14:21:38 +0100 +Subject: KVM: x86: Check lapic_in_kernel() before attempting to set a SynIC irq + +From: Vitaly Kuznetsov + +commit 7ec37d1cbe17d8189d9562178d8b29167fe1c31a upstream. + +When KVM_CAP_HYPERV_SYNIC{,2} is activated, KVM already checks for +irqchip_in_kernel() so normally SynIC irqs should never be set. It is, +however, possible for a misbehaving VMM to write to SYNIC/STIMER MSRs +causing erroneous behavior. + +The immediate issue being fixed is that kvm_irq_delivery_to_apic() +(kvm_irq_delivery_to_apic_fast()) crashes when called with +'irq.shorthand = APIC_DEST_SELF' and 'src == NULL'. + +Signed-off-by: Vitaly Kuznetsov +Message-Id: <20220325132140.25650-2-vkuznets@redhat.com> +Cc: stable@vger.kernel.org +Signed-off-by: Paolo Bonzini +Signed-off-by: Greg Kroah-Hartman +--- + arch/x86/kvm/hyperv.c | 3 +++ + 1 file changed, 3 insertions(+) + +--- a/arch/x86/kvm/hyperv.c ++++ b/arch/x86/kvm/hyperv.c +@@ -446,6 +446,9 @@ static int synic_set_irq(struct kvm_vcpu + struct kvm_lapic_irq irq; + int ret, vector; + ++ if (KVM_BUG_ON(!lapic_in_kernel(vcpu), vcpu->kvm)) ++ return -EINVAL; ++ + if (sint >= ARRAY_SIZE(synic->sint)) + return -EINVAL; + diff --git a/queue-5.15/kvm-x86-fix-sending-pv-ipi.patch b/queue-5.15/kvm-x86-fix-sending-pv-ipi.patch new file mode 100644 index 00000000000..91642b2cdaf --- /dev/null +++ b/queue-5.15/kvm-x86-fix-sending-pv-ipi.patch @@ -0,0 +1,38 @@ +From c15e0ae42c8e5a61e9aca8aac920517cf7b3e94e Mon Sep 17 00:00:00 2001 +From: Li RongQing +Date: Wed, 9 Mar 2022 16:35:44 +0800 +Subject: KVM: x86: fix sending PV IPI + +From: Li RongQing + +commit c15e0ae42c8e5a61e9aca8aac920517cf7b3e94e upstream. + +If apic_id is less than min, and (max - apic_id) is greater than +KVM_IPI_CLUSTER_SIZE, then the third check condition is satisfied but +the new apic_id does not fit the bitmask. In this case __send_ipi_mask +should send the IPI. + +This is mostly theoretical, but it can happen if the apic_ids on three +iterations of the loop are for example 1, KVM_IPI_CLUSTER_SIZE, 0. + +Fixes: aaffcfd1e82 ("KVM: X86: Implement PV IPIs in linux guest") +Signed-off-by: Li RongQing +Message-Id: <1646814944-51801-1-git-send-email-lirongqing@baidu.com> +Cc: stable@vger.kernel.org +Signed-off-by: Paolo Bonzini +Signed-off-by: Greg Kroah-Hartman +--- + arch/x86/kernel/kvm.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/arch/x86/kernel/kvm.c ++++ b/arch/x86/kernel/kvm.c +@@ -510,7 +510,7 @@ static void __send_ipi_mask(const struct + } else if (apic_id < min && max - apic_id < KVM_IPI_CLUSTER_SIZE) { + ipi_bitmap <<= min - apic_id; + min = apic_id; +- } else if (apic_id < min + KVM_IPI_CLUSTER_SIZE) { ++ } else if (apic_id > min && apic_id < min + KVM_IPI_CLUSTER_SIZE) { + max = apic_id < max ? max : apic_id; + } else { + ret = kvm_hypercall4(KVM_HC_SEND_IPI, (unsigned long)ipi_bitmap, diff --git a/queue-5.15/kvm-x86-forbid-vmm-to-set-synic-stimer-msrs-when-synic-wasn-t-activated.patch b/queue-5.15/kvm-x86-forbid-vmm-to-set-synic-stimer-msrs-when-synic-wasn-t-activated.patch new file mode 100644 index 00000000000..5be0c194657 --- /dev/null +++ b/queue-5.15/kvm-x86-forbid-vmm-to-set-synic-stimer-msrs-when-synic-wasn-t-activated.patch @@ -0,0 +1,66 @@ +From b1e34d325397a33d97d845e312d7cf2a8b646b44 Mon Sep 17 00:00:00 2001 +From: Vitaly Kuznetsov +Date: Fri, 25 Mar 2022 14:21:40 +0100 +Subject: KVM: x86: Forbid VMM to set SYNIC/STIMER MSRs when SynIC wasn't activated + +From: Vitaly Kuznetsov + +commit b1e34d325397a33d97d845e312d7cf2a8b646b44 upstream. + +Setting non-zero values to SYNIC/STIMER MSRs activates certain features, +this should not happen when KVM_CAP_HYPERV_SYNIC{,2} was not activated. + +Note, it would've been better to forbid writing anything to SYNIC/STIMER +MSRs, including zeroes, however, at least QEMU tries clearing +HV_X64_MSR_STIMER0_CONFIG without SynIC. HV_X64_MSR_EOM MSR is somewhat +'special' as writing zero there triggers an action, this also should not +happen when SynIC wasn't activated. + +Signed-off-by: Vitaly Kuznetsov +Message-Id: <20220325132140.25650-4-vkuznets@redhat.com> +Cc: stable@vger.kernel.org +Signed-off-by: Paolo Bonzini +Signed-off-by: Greg Kroah-Hartman +--- + arch/x86/kvm/hyperv.c | 9 ++++++--- + 1 file changed, 6 insertions(+), 3 deletions(-) + +--- a/arch/x86/kvm/hyperv.c ++++ b/arch/x86/kvm/hyperv.c +@@ -236,7 +236,7 @@ static int synic_set_msr(struct kvm_vcpu + struct kvm_vcpu *vcpu = hv_synic_to_vcpu(synic); + int ret; + +- if (!synic->active && !host) ++ if (!synic->active && (!host || data)) + return 1; + + trace_kvm_hv_synic_set_msr(vcpu->vcpu_id, msr, data, host); +@@ -282,6 +282,9 @@ static int synic_set_msr(struct kvm_vcpu + case HV_X64_MSR_EOM: { + int i; + ++ if (!synic->active) ++ break; ++ + for (i = 0; i < ARRAY_SIZE(synic->sint); i++) + kvm_hv_notify_acked_sint(vcpu, i); + break; +@@ -661,7 +664,7 @@ static int stimer_set_config(struct kvm_ + struct kvm_vcpu_hv *hv_vcpu = to_hv_vcpu(vcpu); + struct kvm_vcpu_hv_synic *synic = to_hv_synic(vcpu); + +- if (!synic->active && !host) ++ if (!synic->active && (!host || config)) + return 1; + + if (unlikely(!host && hv_vcpu->enforce_cpuid && new_config.direct_mode && +@@ -690,7 +693,7 @@ static int stimer_set_count(struct kvm_v + struct kvm_vcpu *vcpu = hv_stimer_to_vcpu(stimer); + struct kvm_vcpu_hv_synic *synic = to_hv_synic(vcpu); + +- if (!synic->active && !host) ++ if (!synic->active && (!host || count)) + return 1; + + trace_kvm_hv_stimer_set_count(hv_stimer_to_vcpu(stimer)->vcpu_id, diff --git a/queue-5.15/platform-chrome-split-trace-include-file.patch b/queue-5.15/platform-chrome-split-trace-include-file.patch new file mode 100644 index 00000000000..c16f57744bc --- /dev/null +++ b/queue-5.15/platform-chrome-split-trace-include-file.patch @@ -0,0 +1,303 @@ +From eabd9a3807e17e211690e6c40f1405b427b64c48 Mon Sep 17 00:00:00 2001 +From: Gwendal Grignou +Date: Fri, 21 Jan 2022 16:13:01 -0800 +Subject: platform: chrome: Split trace include file + +From: Gwendal Grignou + +commit eabd9a3807e17e211690e6c40f1405b427b64c48 upstream. + +cros_ec_trace.h defined 5 tracing events, 2 for cros_ec_proto and +3 for cros_ec_sensorhub_ring. +These 2 files are in different kernel modules, the traces are defined +twice in the kernel which leads to problem enabling only some traces. + +Move sensorhub traces from cros_ec_trace.h to cros_ec_sensorhub_trace.h +and enable them only in cros_ec_sensorhub kernel module. + +Check we can now enable any single traces: without this patch, +we can only enable all sensorhub traces or none. + +Fixes: d453ceb6549a ("platform/chrome: sensorhub: Add trace events for sample") + +Signed-off-by: Gwendal Grignou +Cc: stable@vger.kernel.org +Link: https://lore.kernel.org/r/20220122001301.640337-1-gwendal@chromium.org +Signed-off-by: Benson Leung +Signed-off-by: Greg Kroah-Hartman +--- + drivers/platform/chrome/Makefile | 3 + drivers/platform/chrome/cros_ec_sensorhub_ring.c | 3 + drivers/platform/chrome/cros_ec_sensorhub_trace.h | 123 ++++++++++++++++++++++ + drivers/platform/chrome/cros_ec_trace.h | 95 ---------------- + 4 files changed, 127 insertions(+), 97 deletions(-) + create mode 100644 drivers/platform/chrome/cros_ec_sensorhub_trace.h + +--- a/drivers/platform/chrome/Makefile ++++ b/drivers/platform/chrome/Makefile +@@ -2,6 +2,7 @@ + + # tell define_trace.h where to find the cros ec trace header + CFLAGS_cros_ec_trace.o:= -I$(src) ++CFLAGS_cros_ec_sensorhub_ring.o:= -I$(src) + + obj-$(CONFIG_CHROMEOS_LAPTOP) += chromeos_laptop.o + obj-$(CONFIG_CHROMEOS_PSTORE) += chromeos_pstore.o +@@ -20,7 +21,7 @@ obj-$(CONFIG_CROS_EC_CHARDEV) += cros_e + obj-$(CONFIG_CROS_EC_LIGHTBAR) += cros_ec_lightbar.o + obj-$(CONFIG_CROS_EC_VBC) += cros_ec_vbc.o + obj-$(CONFIG_CROS_EC_DEBUGFS) += cros_ec_debugfs.o +-cros-ec-sensorhub-objs := cros_ec_sensorhub.o cros_ec_sensorhub_ring.o cros_ec_trace.o ++cros-ec-sensorhub-objs := cros_ec_sensorhub.o cros_ec_sensorhub_ring.o + obj-$(CONFIG_CROS_EC_SENSORHUB) += cros-ec-sensorhub.o + obj-$(CONFIG_CROS_EC_SYSFS) += cros_ec_sysfs.o + obj-$(CONFIG_CROS_USBPD_LOGGER) += cros_usbpd_logger.o +--- a/drivers/platform/chrome/cros_ec_sensorhub_ring.c ++++ b/drivers/platform/chrome/cros_ec_sensorhub_ring.c +@@ -17,7 +17,8 @@ + #include + #include + +-#include "cros_ec_trace.h" ++#define CREATE_TRACE_POINTS ++#include "cros_ec_sensorhub_trace.h" + + /* Precision of fixed point for the m values from the filter */ + #define M_PRECISION BIT(23) +--- /dev/null ++++ b/drivers/platform/chrome/cros_ec_sensorhub_trace.h +@@ -0,0 +1,123 @@ ++/* SPDX-License-Identifier: GPL-2.0 */ ++/* ++ * Trace events for the ChromeOS Sensorhub kernel module ++ * ++ * Copyright 2021 Google LLC. ++ */ ++ ++#undef TRACE_SYSTEM ++#define TRACE_SYSTEM cros_ec ++ ++#if !defined(_CROS_EC_SENSORHUB_TRACE_H_) || defined(TRACE_HEADER_MULTI_READ) ++#define _CROS_EC_SENSORHUB_TRACE_H_ ++ ++#include ++#include ++ ++#include ++ ++TRACE_EVENT(cros_ec_sensorhub_timestamp, ++ TP_PROTO(u32 ec_sample_timestamp, u32 ec_fifo_timestamp, s64 fifo_timestamp, ++ s64 current_timestamp, s64 current_time), ++ TP_ARGS(ec_sample_timestamp, ec_fifo_timestamp, fifo_timestamp, current_timestamp, ++ current_time), ++ TP_STRUCT__entry( ++ __field(u32, ec_sample_timestamp) ++ __field(u32, ec_fifo_timestamp) ++ __field(s64, fifo_timestamp) ++ __field(s64, current_timestamp) ++ __field(s64, current_time) ++ __field(s64, delta) ++ ), ++ TP_fast_assign( ++ __entry->ec_sample_timestamp = ec_sample_timestamp; ++ __entry->ec_fifo_timestamp = ec_fifo_timestamp; ++ __entry->fifo_timestamp = fifo_timestamp; ++ __entry->current_timestamp = current_timestamp; ++ __entry->current_time = current_time; ++ __entry->delta = current_timestamp - current_time; ++ ), ++ TP_printk("ec_ts: %9u, ec_fifo_ts: %9u, fifo_ts: %12lld, curr_ts: %12lld, curr_time: %12lld, delta %12lld", ++ __entry->ec_sample_timestamp, ++ __entry->ec_fifo_timestamp, ++ __entry->fifo_timestamp, ++ __entry->current_timestamp, ++ __entry->current_time, ++ __entry->delta ++ ) ++); ++ ++TRACE_EVENT(cros_ec_sensorhub_data, ++ TP_PROTO(u32 ec_sensor_num, u32 ec_fifo_timestamp, s64 fifo_timestamp, ++ s64 current_timestamp, s64 current_time), ++ TP_ARGS(ec_sensor_num, ec_fifo_timestamp, fifo_timestamp, current_timestamp, current_time), ++ TP_STRUCT__entry( ++ __field(u32, ec_sensor_num) ++ __field(u32, ec_fifo_timestamp) ++ __field(s64, fifo_timestamp) ++ __field(s64, current_timestamp) ++ __field(s64, current_time) ++ __field(s64, delta) ++ ), ++ TP_fast_assign( ++ __entry->ec_sensor_num = ec_sensor_num; ++ __entry->ec_fifo_timestamp = ec_fifo_timestamp; ++ __entry->fifo_timestamp = fifo_timestamp; ++ __entry->current_timestamp = current_timestamp; ++ __entry->current_time = current_time; ++ __entry->delta = current_timestamp - current_time; ++ ), ++ TP_printk("ec_num: %4u, ec_fifo_ts: %9u, fifo_ts: %12lld, curr_ts: %12lld, curr_time: %12lld, delta %12lld", ++ __entry->ec_sensor_num, ++ __entry->ec_fifo_timestamp, ++ __entry->fifo_timestamp, ++ __entry->current_timestamp, ++ __entry->current_time, ++ __entry->delta ++ ) ++); ++ ++TRACE_EVENT(cros_ec_sensorhub_filter, ++ TP_PROTO(struct cros_ec_sensors_ts_filter_state *state, s64 dx, s64 dy), ++ TP_ARGS(state, dx, dy), ++ TP_STRUCT__entry( ++ __field(s64, dx) ++ __field(s64, dy) ++ __field(s64, median_m) ++ __field(s64, median_error) ++ __field(s64, history_len) ++ __field(s64, x) ++ __field(s64, y) ++ ), ++ TP_fast_assign( ++ __entry->dx = dx; ++ __entry->dy = dy; ++ __entry->median_m = state->median_m; ++ __entry->median_error = state->median_error; ++ __entry->history_len = state->history_len; ++ __entry->x = state->x_offset; ++ __entry->y = state->y_offset; ++ ), ++ TP_printk("dx: %12lld. dy: %12lld median_m: %12lld median_error: %12lld len: %lld x: %12lld y: %12lld", ++ __entry->dx, ++ __entry->dy, ++ __entry->median_m, ++ __entry->median_error, ++ __entry->history_len, ++ __entry->x, ++ __entry->y ++ ) ++); ++ ++ ++#endif /* _CROS_EC_SENSORHUB_TRACE_H_ */ ++ ++/* this part must be outside header guard */ ++ ++#undef TRACE_INCLUDE_PATH ++#define TRACE_INCLUDE_PATH . ++ ++#undef TRACE_INCLUDE_FILE ++#define TRACE_INCLUDE_FILE cros_ec_sensorhub_trace ++ ++#include +--- a/drivers/platform/chrome/cros_ec_trace.h ++++ b/drivers/platform/chrome/cros_ec_trace.h +@@ -15,7 +15,6 @@ + #include + #include + #include +-#include + + #include + +@@ -71,100 +70,6 @@ TRACE_EVENT(cros_ec_request_done, + __entry->retval) + ); + +-TRACE_EVENT(cros_ec_sensorhub_timestamp, +- TP_PROTO(u32 ec_sample_timestamp, u32 ec_fifo_timestamp, s64 fifo_timestamp, +- s64 current_timestamp, s64 current_time), +- TP_ARGS(ec_sample_timestamp, ec_fifo_timestamp, fifo_timestamp, current_timestamp, +- current_time), +- TP_STRUCT__entry( +- __field(u32, ec_sample_timestamp) +- __field(u32, ec_fifo_timestamp) +- __field(s64, fifo_timestamp) +- __field(s64, current_timestamp) +- __field(s64, current_time) +- __field(s64, delta) +- ), +- TP_fast_assign( +- __entry->ec_sample_timestamp = ec_sample_timestamp; +- __entry->ec_fifo_timestamp = ec_fifo_timestamp; +- __entry->fifo_timestamp = fifo_timestamp; +- __entry->current_timestamp = current_timestamp; +- __entry->current_time = current_time; +- __entry->delta = current_timestamp - current_time; +- ), +- TP_printk("ec_ts: %9u, ec_fifo_ts: %9u, fifo_ts: %12lld, curr_ts: %12lld, curr_time: %12lld, delta %12lld", +- __entry->ec_sample_timestamp, +- __entry->ec_fifo_timestamp, +- __entry->fifo_timestamp, +- __entry->current_timestamp, +- __entry->current_time, +- __entry->delta +- ) +-); +- +-TRACE_EVENT(cros_ec_sensorhub_data, +- TP_PROTO(u32 ec_sensor_num, u32 ec_fifo_timestamp, s64 fifo_timestamp, +- s64 current_timestamp, s64 current_time), +- TP_ARGS(ec_sensor_num, ec_fifo_timestamp, fifo_timestamp, current_timestamp, current_time), +- TP_STRUCT__entry( +- __field(u32, ec_sensor_num) +- __field(u32, ec_fifo_timestamp) +- __field(s64, fifo_timestamp) +- __field(s64, current_timestamp) +- __field(s64, current_time) +- __field(s64, delta) +- ), +- TP_fast_assign( +- __entry->ec_sensor_num = ec_sensor_num; +- __entry->ec_fifo_timestamp = ec_fifo_timestamp; +- __entry->fifo_timestamp = fifo_timestamp; +- __entry->current_timestamp = current_timestamp; +- __entry->current_time = current_time; +- __entry->delta = current_timestamp - current_time; +- ), +- TP_printk("ec_num: %4u, ec_fifo_ts: %9u, fifo_ts: %12lld, curr_ts: %12lld, curr_time: %12lld, delta %12lld", +- __entry->ec_sensor_num, +- __entry->ec_fifo_timestamp, +- __entry->fifo_timestamp, +- __entry->current_timestamp, +- __entry->current_time, +- __entry->delta +- ) +-); +- +-TRACE_EVENT(cros_ec_sensorhub_filter, +- TP_PROTO(struct cros_ec_sensors_ts_filter_state *state, s64 dx, s64 dy), +- TP_ARGS(state, dx, dy), +- TP_STRUCT__entry( +- __field(s64, dx) +- __field(s64, dy) +- __field(s64, median_m) +- __field(s64, median_error) +- __field(s64, history_len) +- __field(s64, x) +- __field(s64, y) +- ), +- TP_fast_assign( +- __entry->dx = dx; +- __entry->dy = dy; +- __entry->median_m = state->median_m; +- __entry->median_error = state->median_error; +- __entry->history_len = state->history_len; +- __entry->x = state->x_offset; +- __entry->y = state->y_offset; +- ), +- TP_printk("dx: %12lld. dy: %12lld median_m: %12lld median_error: %12lld len: %lld x: %12lld y: %12lld", +- __entry->dx, +- __entry->dy, +- __entry->median_m, +- __entry->median_error, +- __entry->history_len, +- __entry->x, +- __entry->y +- ) +-); +- +- + #endif /* _CROS_EC_TRACE_H_ */ + + /* this part must be outside header guard */ diff --git a/queue-5.15/series b/queue-5.15/series index 27f062cc059..b9ba8b2b02d 100644 --- a/queue-5.15/series +++ b/queue-5.15/series @@ -807,3 +807,10 @@ scsi-qla2xxx-fix-n2n-inconsistent-plogi.patch scsi-qla2xxx-fix-stuck-session-of-prli-reject.patch scsi-qla2xxx-reduce-false-trigger-to-login.patch scsi-qla2xxx-use-correct-feature-type-field-during-rff_id-processing.patch +platform-chrome-split-trace-include-file.patch +kvm-x86-check-lapic_in_kernel-before-attempting-to-set-a-synic-irq.patch +kvm-x86-avoid-theoretical-null-pointer-dereference-in-kvm_irq_delivery_to_apic_fast.patch +kvm-x86-forbid-vmm-to-set-synic-stimer-msrs-when-synic-wasn-t-activated.patch +kvm-prevent-module-exit-until-all-vms-are-freed.patch +kvm-x86-fix-sending-pv-ipi.patch +kvm-svm-fix-panic-on-out-of-bounds-guest-irq.patch -- 2.47.3