From 6ed08aaa778ecde3ce5ca9a9ce1e0cb5378786bf Mon Sep 17 00:00:00 2001 From: Sasha Levin Date: Mon, 11 Mar 2019 22:39:05 -0400 Subject: [PATCH] patches for 4.19 Signed-off-by: Sasha Levin --- ...ched-dma-optimization-for-arm-and-ar.patch | 86 ++++++++ ...-add-missing-code-to-get-interface-i.patch | 48 +++++ ...xt_tee-fix-wrong-interface-selection.patch | 189 ++++++++++++++++++ queue-4.19/series | 3 + 4 files changed, 326 insertions(+) create mode 100644 queue-4.19/drm-disable-uncached-dma-optimization-for-arm-and-ar.patch create mode 100644 queue-4.19/netfilter-xt_tee-add-missing-code-to-get-interface-i.patch create mode 100644 queue-4.19/netfilter-xt_tee-fix-wrong-interface-selection.patch diff --git a/queue-4.19/drm-disable-uncached-dma-optimization-for-arm-and-ar.patch b/queue-4.19/drm-disable-uncached-dma-optimization-for-arm-and-ar.patch new file mode 100644 index 00000000000..f9ce421c28c --- /dev/null +++ b/queue-4.19/drm-disable-uncached-dma-optimization-for-arm-and-ar.patch @@ -0,0 +1,86 @@ +From 700c755e6faf1ada0a0bb219f0cc31841b335be2 Mon Sep 17 00:00:00 2001 +From: Ard Biesheuvel +Date: Thu, 24 Jan 2019 13:06:58 +0100 +Subject: drm: disable uncached DMA optimization for ARM and arm64 +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +[ Upstream commit e02f5c1bb2283cfcee68f2f0feddcc06150f13aa ] + +The DRM driver stack is designed to work with cache coherent devices +only, but permits an optimization to be enabled in some cases, where +for some buffers, both the CPU and the GPU use uncached mappings, +removing the need for DMA snooping and allocation in the CPU caches. + +The use of uncached GPU mappings relies on the correct implementation +of the PCIe NoSnoop TLP attribute by the platform, otherwise the GPU +will use cached mappings nonetheless. On x86 platforms, this does not +seem to matter, as uncached CPU mappings will snoop the caches in any +case. However, on ARM and arm64, enabling this optimization on a +platform where NoSnoop is ignored results in loss of coherency, which +breaks correct operation of the device. Since we have no way of +detecting whether NoSnoop works or not, just disable this +optimization entirely for ARM and arm64. + +Cc: Christian Koenig +Cc: Alex Deucher +Cc: David Zhou +Cc: Huang Rui +Cc: Junwei Zhang +Cc: Michel Daenzer +Cc: David Airlie +Cc: Daniel Vetter +Cc: Maarten Lankhorst +Cc: Maxime Ripard +Cc: Sean Paul +Cc: Michael Ellerman +Cc: Benjamin Herrenschmidt +Cc: Will Deacon +Cc: Christoph Hellwig +Cc: Robin Murphy +Cc: amd-gfx list +Cc: dri-devel +Reported-by: Carsten Haitzler +Signed-off-by: Ard Biesheuvel +Reviewed-by: Christian König +Reviewed-by: Alex Deucher +Link: https://patchwork.kernel.org/patch/10778815/ +Signed-off-by: Christian König +Signed-off-by: Sasha Levin +--- + include/drm/drm_cache.h | 18 ++++++++++++++++++ + 1 file changed, 18 insertions(+) + +diff --git a/include/drm/drm_cache.h b/include/drm/drm_cache.h +index bfe1639df02d..97fc498dc767 100644 +--- a/include/drm/drm_cache.h ++++ b/include/drm/drm_cache.h +@@ -47,6 +47,24 @@ static inline bool drm_arch_can_wc_memory(void) + return false; + #elif defined(CONFIG_MIPS) && defined(CONFIG_CPU_LOONGSON3) + return false; ++#elif defined(CONFIG_ARM) || defined(CONFIG_ARM64) ++ /* ++ * The DRM driver stack is designed to work with cache coherent devices ++ * only, but permits an optimization to be enabled in some cases, where ++ * for some buffers, both the CPU and the GPU use uncached mappings, ++ * removing the need for DMA snooping and allocation in the CPU caches. ++ * ++ * The use of uncached GPU mappings relies on the correct implementation ++ * of the PCIe NoSnoop TLP attribute by the platform, otherwise the GPU ++ * will use cached mappings nonetheless. On x86 platforms, this does not ++ * seem to matter, as uncached CPU mappings will snoop the caches in any ++ * case. However, on ARM and arm64, enabling this optimization on a ++ * platform where NoSnoop is ignored results in loss of coherency, which ++ * breaks correct operation of the device. Since we have no way of ++ * detecting whether NoSnoop works or not, just disable this ++ * optimization entirely for ARM and arm64. ++ */ ++ return false; + #else + return true; + #endif +-- +2.19.1 + diff --git a/queue-4.19/netfilter-xt_tee-add-missing-code-to-get-interface-i.patch b/queue-4.19/netfilter-xt_tee-add-missing-code-to-get-interface-i.patch new file mode 100644 index 00000000000..fc868287d61 --- /dev/null +++ b/queue-4.19/netfilter-xt_tee-add-missing-code-to-get-interface-i.patch @@ -0,0 +1,48 @@ +From 8a85e08976a34b86ee314dead41ec0ff7f8025cd Mon Sep 17 00:00:00 2001 +From: Taehee Yoo +Date: Sun, 7 Oct 2018 00:09:32 +0900 +Subject: netfilter: xt_TEE: add missing code to get interface index in + checkentry. + +[ Upstream commit 18c0ab87364ac5128a152055fdcb1d27e01caf01 ] + +checkentry(tee_tg_check) should initialize priv->oif from dev if possible. +But only netdevice notifier handler can set that. +Hence priv->oif is always -1 until notifier handler is called. + +Fixes: 9e2f6c5d78db ("netfilter: Rework xt_TEE netdevice notifier") +Signed-off-by: Taehee Yoo +Signed-off-by: Pablo Neira Ayuso +Signed-off-by: Sasha Levin +--- + net/netfilter/xt_TEE.c | 7 +++++++ + 1 file changed, 7 insertions(+) + +diff --git a/net/netfilter/xt_TEE.c b/net/netfilter/xt_TEE.c +index 673ad2099f97..1dae02a97ee3 100644 +--- a/net/netfilter/xt_TEE.c ++++ b/net/netfilter/xt_TEE.c +@@ -104,6 +104,8 @@ static int tee_tg_check(const struct xt_tgchk_param *par) + return -EINVAL; + + if (info->oif[0]) { ++ struct net_device *dev; ++ + if (info->oif[sizeof(info->oif)-1] != '\0') + return -EINVAL; + +@@ -115,6 +117,11 @@ static int tee_tg_check(const struct xt_tgchk_param *par) + priv->oif = -1; + info->priv = priv; + ++ dev = dev_get_by_name(par->net, info->oif); ++ if (dev) { ++ priv->oif = dev->ifindex; ++ dev_put(dev); ++ } + mutex_lock(&tn->lock); + list_add(&priv->list, &tn->priv_list); + mutex_unlock(&tn->lock); +-- +2.19.1 + diff --git a/queue-4.19/netfilter-xt_tee-fix-wrong-interface-selection.patch b/queue-4.19/netfilter-xt_tee-fix-wrong-interface-selection.patch new file mode 100644 index 00000000000..7aaa1006dbf --- /dev/null +++ b/queue-4.19/netfilter-xt_tee-fix-wrong-interface-selection.patch @@ -0,0 +1,189 @@ +From 1c742b9bdd199e302da488def5c4292d50b6aff8 Mon Sep 17 00:00:00 2001 +From: Taehee Yoo +Date: Sun, 7 Oct 2018 00:09:18 +0900 +Subject: netfilter: xt_TEE: fix wrong interface selection + +[ Upstream commit f24d2d4f9586985509320f90308723d3d0c4e47f ] + +TEE netdevice notifier handler checks only interface name. however +each netns can have same interface name. hence other netns's interface +could be selected. + +test commands: + %ip netns add vm1 + %iptables -I INPUT -p icmp -j TEE --gateway 192.168.1.1 --oif enp2s0 + %ip link set enp2s0 netns vm1 + +Above rule is in the root netns. but that rule could get enp2s0 +ifindex of vm1 by notifier handler. + +After this patch, TEE rule is added to the per-netns list. + +Fixes: 9e2f6c5d78db ("netfilter: Rework xt_TEE netdevice notifier") +Signed-off-by: Taehee Yoo +Signed-off-by: Pablo Neira Ayuso +Signed-off-by: Sasha Levin +--- + net/netfilter/xt_TEE.c | 69 +++++++++++++++++++++++++++++++----------- + 1 file changed, 52 insertions(+), 17 deletions(-) + +diff --git a/net/netfilter/xt_TEE.c b/net/netfilter/xt_TEE.c +index 0d0d68c989df..673ad2099f97 100644 +--- a/net/netfilter/xt_TEE.c ++++ b/net/netfilter/xt_TEE.c +@@ -14,6 +14,8 @@ + #include + #include + #include ++#include ++#include + #include + #include + #include +@@ -25,8 +27,15 @@ struct xt_tee_priv { + int oif; + }; + ++static unsigned int tee_net_id __read_mostly; + static const union nf_inet_addr tee_zero_address; + ++struct tee_net { ++ struct list_head priv_list; ++ /* lock protects the priv_list */ ++ struct mutex lock; ++}; ++ + static unsigned int + tee_tg4(struct sk_buff *skb, const struct xt_action_param *par) + { +@@ -51,17 +60,16 @@ tee_tg6(struct sk_buff *skb, const struct xt_action_param *par) + } + #endif + +-static DEFINE_MUTEX(priv_list_mutex); +-static LIST_HEAD(priv_list); +- + static int tee_netdev_event(struct notifier_block *this, unsigned long event, + void *ptr) + { + struct net_device *dev = netdev_notifier_info_to_dev(ptr); ++ struct net *net = dev_net(dev); ++ struct tee_net *tn = net_generic(net, tee_net_id); + struct xt_tee_priv *priv; + +- mutex_lock(&priv_list_mutex); +- list_for_each_entry(priv, &priv_list, list) { ++ mutex_lock(&tn->lock); ++ list_for_each_entry(priv, &tn->priv_list, list) { + switch (event) { + case NETDEV_REGISTER: + if (!strcmp(dev->name, priv->tginfo->oif)) +@@ -79,13 +87,14 @@ static int tee_netdev_event(struct notifier_block *this, unsigned long event, + break; + } + } +- mutex_unlock(&priv_list_mutex); ++ mutex_unlock(&tn->lock); + + return NOTIFY_DONE; + } + + static int tee_tg_check(const struct xt_tgchk_param *par) + { ++ struct tee_net *tn = net_generic(par->net, tee_net_id); + struct xt_tee_tginfo *info = par->targinfo; + struct xt_tee_priv *priv; + +@@ -106,9 +115,9 @@ static int tee_tg_check(const struct xt_tgchk_param *par) + priv->oif = -1; + info->priv = priv; + +- mutex_lock(&priv_list_mutex); +- list_add(&priv->list, &priv_list); +- mutex_unlock(&priv_list_mutex); ++ mutex_lock(&tn->lock); ++ list_add(&priv->list, &tn->priv_list); ++ mutex_unlock(&tn->lock); + } else + info->priv = NULL; + +@@ -118,12 +127,13 @@ static int tee_tg_check(const struct xt_tgchk_param *par) + + static void tee_tg_destroy(const struct xt_tgdtor_param *par) + { ++ struct tee_net *tn = net_generic(par->net, tee_net_id); + struct xt_tee_tginfo *info = par->targinfo; + + if (info->priv) { +- mutex_lock(&priv_list_mutex); ++ mutex_lock(&tn->lock); + list_del(&info->priv->list); +- mutex_unlock(&priv_list_mutex); ++ mutex_unlock(&tn->lock); + kfree(info->priv); + } + static_key_slow_dec(&xt_tee_enabled); +@@ -156,6 +166,21 @@ static struct xt_target tee_tg_reg[] __read_mostly = { + #endif + }; + ++static int __net_init tee_net_init(struct net *net) ++{ ++ struct tee_net *tn = net_generic(net, tee_net_id); ++ ++ INIT_LIST_HEAD(&tn->priv_list); ++ mutex_init(&tn->lock); ++ return 0; ++} ++ ++static struct pernet_operations tee_net_ops = { ++ .init = tee_net_init, ++ .id = &tee_net_id, ++ .size = sizeof(struct tee_net), ++}; ++ + static struct notifier_block tee_netdev_notifier = { + .notifier_call = tee_netdev_event, + }; +@@ -164,22 +189,32 @@ static int __init tee_tg_init(void) + { + int ret; + +- ret = xt_register_targets(tee_tg_reg, ARRAY_SIZE(tee_tg_reg)); +- if (ret) ++ ret = register_pernet_subsys(&tee_net_ops); ++ if (ret < 0) + return ret; ++ ++ ret = xt_register_targets(tee_tg_reg, ARRAY_SIZE(tee_tg_reg)); ++ if (ret < 0) ++ goto cleanup_subsys; ++ + ret = register_netdevice_notifier(&tee_netdev_notifier); +- if (ret) { +- xt_unregister_targets(tee_tg_reg, ARRAY_SIZE(tee_tg_reg)); +- return ret; +- } ++ if (ret < 0) ++ goto unregister_targets; + + return 0; ++ ++unregister_targets: ++ xt_unregister_targets(tee_tg_reg, ARRAY_SIZE(tee_tg_reg)); ++cleanup_subsys: ++ unregister_pernet_subsys(&tee_net_ops); ++ return ret; + } + + static void __exit tee_tg_exit(void) + { + unregister_netdevice_notifier(&tee_netdev_notifier); + xt_unregister_targets(tee_tg_reg, ARRAY_SIZE(tee_tg_reg)); ++ unregister_pernet_subsys(&tee_net_ops); + } + + module_init(tee_tg_init); +-- +2.19.1 + diff --git a/queue-4.19/series b/queue-4.19/series index 2c4fe5379a6..fefe347bc85 100644 --- a/queue-4.19/series +++ b/queue-4.19/series @@ -131,3 +131,6 @@ arm64-dts-hikey-revert-enable-hs200-mode-on-emmc.patch arm-dts-exynos-fix-pinctrl-definition-for-emmc-rtsn-line-on-odroid-x2-u3.patch arm-dts-exynos-add-minimal-clkout-parameters-to-exynos3250-pmu.patch arm-dts-exynos-fix-max-voltage-for-buck8-regulator-on-odroid-xu3-xu4.patch +drm-disable-uncached-dma-optimization-for-arm-and-ar.patch +netfilter-xt_tee-fix-wrong-interface-selection.patch +netfilter-xt_tee-add-missing-code-to-get-interface-i.patch -- 2.47.2