From 986475f553a1548ecf6bad13f79f1b746e6ea7b4 Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman Date: Sun, 24 Jan 2016 14:12:34 -0800 Subject: [PATCH] 3.10-stable patches added patches: kvm-ppc-book3s-hv-prohibit-setting-illegal-transaction-state-in-msr.patch x86-boot-double-boot_heap_size-to-64kb.patch x86-reboot-quirks-add-imac10-1-to-pci_reboot_dmi_table.patch x86-signal-fix-restart_syscall-number-for-x32-tasks.patch x86-xen-don-t-reset-vcpu_info-on-a-cancelled-suspend.patch xen-gntdev-grant-maps-should-not-be-subject-to-numa-balancing.patch --- ...ing-illegal-transaction-state-in-msr.patch | 51 ++++++++++++++++ queue-3.10/series | 6 ++ ...6-boot-double-boot_heap_size-to-64kb.patch | 43 +++++++++++++ ...add-imac10-1-to-pci_reboot_dmi_table.patch | 48 +++++++++++++++ ...restart_syscall-number-for-x32-tasks.patch | 60 +++++++++++++++++++ ...set-vcpu_info-on-a-cancelled-suspend.patch | 36 +++++++++++ ...uld-not-be-subject-to-numa-balancing.patch | 40 +++++++++++++ queue-3.14/series | 6 ++ 8 files changed, 290 insertions(+) create mode 100644 queue-3.10/kvm-ppc-book3s-hv-prohibit-setting-illegal-transaction-state-in-msr.patch create mode 100644 queue-3.10/x86-boot-double-boot_heap_size-to-64kb.patch create mode 100644 queue-3.10/x86-reboot-quirks-add-imac10-1-to-pci_reboot_dmi_table.patch create mode 100644 queue-3.10/x86-signal-fix-restart_syscall-number-for-x32-tasks.patch create mode 100644 queue-3.10/x86-xen-don-t-reset-vcpu_info-on-a-cancelled-suspend.patch create mode 100644 queue-3.10/xen-gntdev-grant-maps-should-not-be-subject-to-numa-balancing.patch create mode 100644 queue-3.14/series diff --git a/queue-3.10/kvm-ppc-book3s-hv-prohibit-setting-illegal-transaction-state-in-msr.patch b/queue-3.10/kvm-ppc-book3s-hv-prohibit-setting-illegal-transaction-state-in-msr.patch new file mode 100644 index 00000000000..16f0dcc98b5 --- /dev/null +++ b/queue-3.10/kvm-ppc-book3s-hv-prohibit-setting-illegal-transaction-state-in-msr.patch @@ -0,0 +1,51 @@ +From c20875a3e638e4a03e099b343ec798edd1af5cc6 Mon Sep 17 00:00:00 2001 +From: Paul Mackerras +Date: Thu, 12 Nov 2015 16:43:02 +1100 +Subject: KVM: PPC: Book3S HV: Prohibit setting illegal transaction state in MSR + +From: Paul Mackerras + +commit c20875a3e638e4a03e099b343ec798edd1af5cc6 upstream. + +Currently it is possible for userspace (e.g. QEMU) to set a value +for the MSR for a guest VCPU which has both of the TS bits set, +which is an illegal combination. The result of this is that when +we execute a hrfid (hypervisor return from interrupt doubleword) +instruction to enter the guest, the CPU will take a TM Bad Thing +type of program interrupt (vector 0x700). + +Now, if PR KVM is configured in the kernel along with HV KVM, we +actually handle this without crashing the host or giving hypervisor +privilege to the guest; instead what happens is that we deliver a +program interrupt to the guest, with SRR0 reflecting the address +of the hrfid instruction and SRR1 containing the MSR value at that +point. If PR KVM is not configured in the kernel, then we try to +run the host's program interrupt handler with the MMU set to the +guest context, which almost certainly causes a host crash. + +This closes the hole by making kvmppc_set_msr_hv() check for the +illegal combination and force the TS field to a safe value (00, +meaning non-transactional). + +Signed-off-by: Paul Mackerras +Signed-off-by: Greg Kroah-Hartman + +--- + arch/powerpc/kvm/book3s_hv.c | 6 ++++++ + 1 file changed, 6 insertions(+) + +--- a/arch/powerpc/kvm/book3s_hv.c ++++ b/arch/powerpc/kvm/book3s_hv.c +@@ -160,6 +160,12 @@ void kvmppc_core_vcpu_put(struct kvm_vcp + + void kvmppc_set_msr(struct kvm_vcpu *vcpu, u64 msr) + { ++ /* ++ * Check for illegal transactional state bit combination ++ * and if we find it, force the TS field to a safe state. ++ */ ++ if ((msr & MSR_TS_MASK) == MSR_TS_MASK) ++ msr &= ~MSR_TS_MASK; + vcpu->arch.shregs.msr = msr; + kvmppc_end_cede(vcpu); + } diff --git a/queue-3.10/series b/queue-3.10/series index f18a4ab2ff9..1cf21cbd700 100644 --- a/queue-3.10/series +++ b/queue-3.10/series @@ -1 +1,7 @@ af_unix-fix-incorrect-revert-of-lock_interruptible-in-stream.patch +x86-signal-fix-restart_syscall-number-for-x32-tasks.patch +xen-gntdev-grant-maps-should-not-be-subject-to-numa-balancing.patch +x86-xen-don-t-reset-vcpu_info-on-a-cancelled-suspend.patch +kvm-ppc-book3s-hv-prohibit-setting-illegal-transaction-state-in-msr.patch +x86-reboot-quirks-add-imac10-1-to-pci_reboot_dmi_table.patch +x86-boot-double-boot_heap_size-to-64kb.patch diff --git a/queue-3.10/x86-boot-double-boot_heap_size-to-64kb.patch b/queue-3.10/x86-boot-double-boot_heap_size-to-64kb.patch new file mode 100644 index 00000000000..779c4625336 --- /dev/null +++ b/queue-3.10/x86-boot-double-boot_heap_size-to-64kb.patch @@ -0,0 +1,43 @@ +From 8c31902cffc4d716450be549c66a67a8a3dd479c Mon Sep 17 00:00:00 2001 +From: "H.J. Lu" +Date: Mon, 4 Jan 2016 10:17:09 -0800 +Subject: x86/boot: Double BOOT_HEAP_SIZE to 64KB + +From: "H.J. Lu" + +commit 8c31902cffc4d716450be549c66a67a8a3dd479c upstream. + +When decompressing kernel image during x86 bootup, malloc memory +for ELF program headers may run out of heap space, which leads +to system halt. This patch doubles BOOT_HEAP_SIZE to 64KB. + +Tested with 32-bit kernel which failed to boot without this patch. + +Signed-off-by: H.J. Lu +Acked-by: H. Peter Anvin +Cc: Andy Lutomirski +Cc: Borislav Petkov +Cc: Brian Gerst +Cc: Denys Vlasenko +Cc: Linus Torvalds +Cc: Peter Zijlstra +Cc: Thomas Gleixner +Cc: linux-kernel@vger.kernel.org +Signed-off-by: Ingo Molnar +Signed-off-by: Greg Kroah-Hartman + +--- + arch/x86/include/asm/boot.h | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/arch/x86/include/asm/boot.h ++++ b/arch/x86/include/asm/boot.h +@@ -27,7 +27,7 @@ + #define BOOT_HEAP_SIZE 0x400000 + #else /* !CONFIG_KERNEL_BZIP2 */ + +-#define BOOT_HEAP_SIZE 0x8000 ++#define BOOT_HEAP_SIZE 0x10000 + + #endif /* !CONFIG_KERNEL_BZIP2 */ + diff --git a/queue-3.10/x86-reboot-quirks-add-imac10-1-to-pci_reboot_dmi_table.patch b/queue-3.10/x86-reboot-quirks-add-imac10-1-to-pci_reboot_dmi_table.patch new file mode 100644 index 00000000000..e3e354f3fad --- /dev/null +++ b/queue-3.10/x86-reboot-quirks-add-imac10-1-to-pci_reboot_dmi_table.patch @@ -0,0 +1,48 @@ +From 2f0c0b2d96b1205efb14347009748d786c2d9ba5 Mon Sep 17 00:00:00 2001 +From: Mario Kleiner +Date: Fri, 18 Dec 2015 20:24:06 +0100 +Subject: x86/reboot/quirks: Add iMac10,1 to pci_reboot_dmi_table[] + +From: Mario Kleiner + +commit 2f0c0b2d96b1205efb14347009748d786c2d9ba5 upstream. + +Without the reboot=pci method, the iMac 10,1 simply +hangs after printing "Restarting system" at the point +when it should reboot. This fixes it. + +Signed-off-by: Mario Kleiner +Cc: Andy Lutomirski +Cc: Borislav Petkov +Cc: Brian Gerst +Cc: Dave Jones +Cc: Denys Vlasenko +Cc: H. Peter Anvin +Cc: Linus Torvalds +Cc: Peter Zijlstra +Cc: Thomas Gleixner +Link: http://lkml.kernel.org/r/1450466646-26663-1-git-send-email-mario.kleiner.de@gmail.com +Signed-off-by: Ingo Molnar +Signed-off-by: Greg Kroah-Hartman + +--- + arch/x86/kernel/reboot.c | 8 ++++++++ + 1 file changed, 8 insertions(+) + +--- a/arch/x86/kernel/reboot.c ++++ b/arch/x86/kernel/reboot.c +@@ -366,6 +366,14 @@ static struct dmi_system_id __initdata r + DMI_MATCH(DMI_BOARD_NAME, "P4S800"), + }, + }, ++ { /* Handle problems with rebooting on the iMac10,1. */ ++ .callback = set_pci_reboot, ++ .ident = "Apple iMac10,1", ++ .matches = { ++ DMI_MATCH(DMI_SYS_VENDOR, "Apple Inc."), ++ DMI_MATCH(DMI_PRODUCT_NAME, "iMac10,1"), ++ }, ++ }, + + { /* Handle reboot issue on Acer Aspire one */ + .callback = set_kbd_reboot, diff --git a/queue-3.10/x86-signal-fix-restart_syscall-number-for-x32-tasks.patch b/queue-3.10/x86-signal-fix-restart_syscall-number-for-x32-tasks.patch new file mode 100644 index 00000000000..96d45cd822d --- /dev/null +++ b/queue-3.10/x86-signal-fix-restart_syscall-number-for-x32-tasks.patch @@ -0,0 +1,60 @@ +From 22eab1108781eff09961ae7001704f7bd8fb1dce Mon Sep 17 00:00:00 2001 +From: "Dmitry V. Levin" +Date: Tue, 1 Dec 2015 00:54:36 +0300 +Subject: x86/signal: Fix restart_syscall number for x32 tasks + +From: "Dmitry V. Levin" + +commit 22eab1108781eff09961ae7001704f7bd8fb1dce upstream. + +When restarting a syscall with regs->ax == -ERESTART_RESTARTBLOCK, +regs->ax is assigned to a restart_syscall number. For x32 tasks, this +syscall number must have __X32_SYSCALL_BIT set, otherwise it will be +an x86_64 syscall number instead of a valid x32 syscall number. This +issue has been there since the introduction of x32. + +Reported-by: strace/tests/restart_syscall.test +Reported-and-tested-by: Elvira Khabirova +Signed-off-by: Dmitry V. Levin +Cc: Elvira Khabirova +Link: http://lkml.kernel.org/r/20151130215436.GA25996@altlinux.org +Signed-off-by: Thomas Gleixner +Signed-off-by: Greg Kroah-Hartman + +--- + arch/x86/kernel/signal.c | 17 ++++++++++------- + 1 file changed, 10 insertions(+), 7 deletions(-) + +--- a/arch/x86/kernel/signal.c ++++ b/arch/x86/kernel/signal.c +@@ -686,12 +686,15 @@ handle_signal(struct ksignal *ksig, stru + signal_setup_done(failed, ksig, test_thread_flag(TIF_SINGLESTEP)); + } + +-#ifdef CONFIG_X86_32 +-#define NR_restart_syscall __NR_restart_syscall +-#else /* !CONFIG_X86_32 */ +-#define NR_restart_syscall \ +- test_thread_flag(TIF_IA32) ? __NR_ia32_restart_syscall : __NR_restart_syscall +-#endif /* CONFIG_X86_32 */ ++static inline unsigned long get_nr_restart_syscall(const struct pt_regs *regs) ++{ ++#if defined(CONFIG_X86_32) || !defined(CONFIG_X86_64) ++ return __NR_restart_syscall; ++#else /* !CONFIG_X86_32 && CONFIG_X86_64 */ ++ return test_thread_flag(TIF_IA32) ? __NR_ia32_restart_syscall : ++ __NR_restart_syscall | (regs->orig_ax & __X32_SYSCALL_BIT); ++#endif /* CONFIG_X86_32 || !CONFIG_X86_64 */ ++} + + /* + * Note that 'init' is a special process: it doesn't get signals it doesn't +@@ -720,7 +723,7 @@ static void do_signal(struct pt_regs *re + break; + + case -ERESTART_RESTARTBLOCK: +- regs->ax = NR_restart_syscall; ++ regs->ax = get_nr_restart_syscall(regs); + regs->ip -= 2; + break; + } diff --git a/queue-3.10/x86-xen-don-t-reset-vcpu_info-on-a-cancelled-suspend.patch b/queue-3.10/x86-xen-don-t-reset-vcpu_info-on-a-cancelled-suspend.patch new file mode 100644 index 00000000000..ac02f72b9d9 --- /dev/null +++ b/queue-3.10/x86-xen-don-t-reset-vcpu_info-on-a-cancelled-suspend.patch @@ -0,0 +1,36 @@ +From 6a1f513776b78c994045287073e55bae44ed9f8c Mon Sep 17 00:00:00 2001 +From: "Ouyang Zhaowei (Charles)" +Date: Wed, 6 May 2015 09:47:04 +0800 +Subject: x86/xen: don't reset vcpu_info on a cancelled suspend + +From: "Ouyang Zhaowei (Charles)" + +commit 6a1f513776b78c994045287073e55bae44ed9f8c upstream. + +On a cancelled suspend the vcpu_info location does not change (it's +still in the per-cpu area registered by xen_vcpu_setup()). So do not +call xen_hvm_init_shared_info() which would make the kernel think its +back in the shared info. With the wrong vcpu_info, events cannot be +received and the domain will hang after a cancelled suspend. + +Signed-off-by: Charles Ouyang +Reviewed-by: Boris Ostrovsky +Signed-off-by: David Vrabel +Signed-off-by: Greg Kroah-Hartman + +--- + arch/x86/xen/suspend.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +--- a/arch/x86/xen/suspend.c ++++ b/arch/x86/xen/suspend.c +@@ -30,7 +30,8 @@ void xen_arch_hvm_post_suspend(int suspe + { + #ifdef CONFIG_XEN_PVHVM + int cpu; +- xen_hvm_init_shared_info(); ++ if (!suspend_cancelled) ++ xen_hvm_init_shared_info(); + xen_callback_vector(); + xen_unplug_emulated_devices(); + if (xen_feature(XENFEAT_hvm_safe_pvclock)) { diff --git a/queue-3.10/xen-gntdev-grant-maps-should-not-be-subject-to-numa-balancing.patch b/queue-3.10/xen-gntdev-grant-maps-should-not-be-subject-to-numa-balancing.patch new file mode 100644 index 00000000000..030653a8d67 --- /dev/null +++ b/queue-3.10/xen-gntdev-grant-maps-should-not-be-subject-to-numa-balancing.patch @@ -0,0 +1,40 @@ +From 9c17d96500f78d7ecdb71ca6942830158bc75a2b Mon Sep 17 00:00:00 2001 +From: Boris Ostrovsky +Date: Tue, 10 Nov 2015 15:10:33 -0500 +Subject: xen/gntdev: Grant maps should not be subject to NUMA balancing + +From: Boris Ostrovsky + +commit 9c17d96500f78d7ecdb71ca6942830158bc75a2b upstream. + +Doing so will cause the grant to be unmapped and then, during +fault handling, the fault to be mistakenly treated as NUMA hint +fault. + +In addition, even if those maps could partcipate in NUMA +balancing, it wouldn't provide any benefit since we are unable +to determine physical page's node (even if/when VNUMA is +implemented). + +Marking grant maps' VMAs as VM_IO will exclude them from being +part of NUMA balancing. + +Signed-off-by: Boris Ostrovsky +Signed-off-by: David Vrabel +Signed-off-by: Greg Kroah-Hartman + +--- + drivers/xen/gntdev.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/drivers/xen/gntdev.c ++++ b/drivers/xen/gntdev.c +@@ -770,7 +770,7 @@ static int gntdev_mmap(struct file *flip + + vma->vm_ops = &gntdev_vmops; + +- vma->vm_flags |= VM_DONTEXPAND | VM_DONTDUMP; ++ vma->vm_flags |= VM_DONTEXPAND | VM_DONTDUMP | VM_IO; + + if (use_ptemod) + vma->vm_flags |= VM_DONTCOPY; diff --git a/queue-3.14/series b/queue-3.14/series new file mode 100644 index 00000000000..4a548094989 --- /dev/null +++ b/queue-3.14/series @@ -0,0 +1,6 @@ +x86-signal-fix-restart_syscall-number-for-x32-tasks.patch +xen-gntdev-grant-maps-should-not-be-subject-to-numa-balancing.patch +x86-xen-don-t-reset-vcpu_info-on-a-cancelled-suspend.patch +kvm-ppc-book3s-hv-prohibit-setting-illegal-transaction-state-in-msr.patch +x86-reboot-quirks-add-imac10-1-to-pci_reboot_dmi_table.patch +x86-boot-double-boot_heap_size-to-64kb.patch -- 2.47.3