From 9c5fbaa34cd4321de3a31b82c383dce677226607 Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman Date: Tue, 23 Jul 2019 12:57:51 +0200 Subject: [PATCH] 4.9-stable patches added patches: arm64-tegra-fix-agic-register-range.patch fs-proc-proc_sysctl.c-fix-the-default-values-of-i_uid-i_gid-on-proc-sys-inodes.patch --- .../arm64-tegra-fix-agic-register-range.patch | 38 ++++++++ ...et-info-if-we-have-writeable-handles.patch | 61 ------------- ...es-of-i_uid-i_gid-on-proc-sys-inodes.patch | 87 +++++++++++++++++++ queue-4.9/series | 3 +- 4 files changed, 127 insertions(+), 62 deletions(-) create mode 100644 queue-4.9/arm64-tegra-fix-agic-register-range.patch delete mode 100644 queue-4.9/cifs-flush-before-set-info-if-we-have-writeable-handles.patch create mode 100644 queue-4.9/fs-proc-proc_sysctl.c-fix-the-default-values-of-i_uid-i_gid-on-proc-sys-inodes.patch diff --git a/queue-4.9/arm64-tegra-fix-agic-register-range.patch b/queue-4.9/arm64-tegra-fix-agic-register-range.patch new file mode 100644 index 00000000000..b64cd3f1748 --- /dev/null +++ b/queue-4.9/arm64-tegra-fix-agic-register-range.patch @@ -0,0 +1,38 @@ +From ba24eee6686f6ed3738602b54d959253316a9541 Mon Sep 17 00:00:00 2001 +From: Jon Hunter +Date: Thu, 20 Jun 2019 09:17:00 +0100 +Subject: arm64: tegra: Fix AGIC register range + +From: Jon Hunter + +commit ba24eee6686f6ed3738602b54d959253316a9541 upstream. + +The Tegra AGIC interrupt controller is an ARM GIC400 interrupt +controller. Per the ARM GIC device-tree binding, the first address +region is for the GIC distributor registers and the second address +region is for the GIC CPU interface registers. The address space for +the distributor registers is 4kB, but currently this is incorrectly +defined as 8kB for the Tegra AGIC and overlaps with the CPU interface +registers. Correct the address space for the distributor to be 4kB. + +Cc: stable@vger.kernel.org +Signed-off-by: Jon Hunter +Fixes: bcdbde433542 ("arm64: tegra: Add AGIC node for Tegra210") +Signed-off-by: Thierry Reding +Signed-off-by: Greg Kroah-Hartman + +--- + arch/arm64/boot/dts/nvidia/tegra210.dtsi | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/arch/arm64/boot/dts/nvidia/tegra210.dtsi ++++ b/arch/arm64/boot/dts/nvidia/tegra210.dtsi +@@ -1020,7 +1020,7 @@ + compatible = "nvidia,tegra210-agic"; + #interrupt-cells = <3>; + interrupt-controller; +- reg = <0x702f9000 0x2000>, ++ reg = <0x702f9000 0x1000>, + <0x702fa000 0x2000>; + interrupts = ; + clocks = <&tegra_car TEGRA210_CLK_APE>; diff --git a/queue-4.9/cifs-flush-before-set-info-if-we-have-writeable-handles.patch b/queue-4.9/cifs-flush-before-set-info-if-we-have-writeable-handles.patch deleted file mode 100644 index b170c859f8b..00000000000 --- a/queue-4.9/cifs-flush-before-set-info-if-we-have-writeable-handles.patch +++ /dev/null @@ -1,61 +0,0 @@ -From aa081859b10c5d8b19f5c525c78883a59d73c2b8 Mon Sep 17 00:00:00 2001 -From: Ronnie Sahlberg -Date: Fri, 19 Jul 2019 08:12:11 +1000 -Subject: cifs: flush before set-info if we have writeable handles - -From: Ronnie Sahlberg - -commit aa081859b10c5d8b19f5c525c78883a59d73c2b8 upstream. - -Servers can defer destaging any data and updating the mtime until close(). -This means that if we do a setinfo to modify the mtime while other handles -are open for write the server may overwrite our setinfo timestamps when -if flushes the file on close() of the writeable handle. - -To solve this we add an explicit flush when the mtime is about to -be updated. - -This fixes "cp -p" to preserve mtime when copying a file onto an SMB2 share. - -CC: Stable -Signed-off-by: Ronnie Sahlberg -Reviewed-by: Pavel Shilovsky -Signed-off-by: Steve French -Signed-off-by: Greg Kroah-Hartman - ---- - fs/cifs/inode.c | 16 ++++++++++++++++ - 1 file changed, 16 insertions(+) - ---- a/fs/cifs/inode.c -+++ b/fs/cifs/inode.c -@@ -2335,6 +2335,8 @@ cifs_setattr_nounix(struct dentry *diren - struct inode *inode = d_inode(direntry); - struct cifs_sb_info *cifs_sb = CIFS_SB(inode->i_sb); - struct cifsInodeInfo *cifsInode = CIFS_I(inode); -+ struct cifsFileInfo *wfile; -+ struct cifs_tcon *tcon; - char *full_path = NULL; - int rc = -EACCES; - __u32 dosattr = 0; -@@ -2376,6 +2378,20 @@ cifs_setattr_nounix(struct dentry *diren - mapping_set_error(inode->i_mapping, rc); - rc = 0; - -+ if (attrs->ia_valid & ATTR_MTIME) { -+ rc = cifs_get_writable_file(cifsInode, false, &wfile); -+ if (!rc) { -+ tcon = tlink_tcon(wfile->tlink); -+ rc = tcon->ses->server->ops->flush(xid, tcon, &wfile->fid); -+ cifsFileInfo_put(wfile); -+ if (rc) -+ return rc; -+ } else if (rc != -EBADF) -+ return rc; -+ else -+ rc = 0; -+ } -+ - if (attrs->ia_valid & ATTR_SIZE) { - rc = cifs_set_file_size(inode, attrs, xid, full_path); - if (rc != 0) diff --git a/queue-4.9/fs-proc-proc_sysctl.c-fix-the-default-values-of-i_uid-i_gid-on-proc-sys-inodes.patch b/queue-4.9/fs-proc-proc_sysctl.c-fix-the-default-values-of-i_uid-i_gid-on-proc-sys-inodes.patch new file mode 100644 index 00000000000..10b536a25d5 --- /dev/null +++ b/queue-4.9/fs-proc-proc_sysctl.c-fix-the-default-values-of-i_uid-i_gid-on-proc-sys-inodes.patch @@ -0,0 +1,87 @@ +From 5ec27ec735ba0477d48c80561cc5e856f0c5dfaf Mon Sep 17 00:00:00 2001 +From: Radoslaw Burny +Date: Tue, 16 Jul 2019 16:26:51 -0700 +Subject: fs/proc/proc_sysctl.c: fix the default values of i_uid/i_gid on /proc/sys inodes. + +From: Radoslaw Burny + +commit 5ec27ec735ba0477d48c80561cc5e856f0c5dfaf upstream. + +Normally, the inode's i_uid/i_gid are translated relative to s_user_ns, +but this is not a correct behavior for proc. Since sysctl permission +check in test_perm is done against GLOBAL_ROOT_[UG]ID, it makes more +sense to use these values in u_[ug]id of proc inodes. In other words: +although uid/gid in the inode is not read during test_perm, the inode +logically belongs to the root of the namespace. I have confirmed this +with Eric Biederman at LPC and in this thread: + https://lore.kernel.org/lkml/87k1kzjdff.fsf@xmission.com + +Consequences +============ + +Since the i_[ug]id values of proc nodes are not used for permissions +checks, this change usually makes no functional difference. However, it +causes an issue in a setup where: + + * a namespace container is created without root user in container - + hence the i_[ug]id of proc nodes are set to INVALID_[UG]ID + + * container creator tries to configure it by writing /proc/sys files, + e.g. writing /proc/sys/kernel/shmmax to configure shared memory limit + +Kernel does not allow to open an inode for writing if its i_[ug]id are +invalid, making it impossible to write shmmax and thus - configure the +container. + +Using a container with no root mapping is apparently rare, but we do use +this configuration at Google. Also, we use a generic tool to configure +the container limits, and the inability to write any of them causes a +failure. + +History +======= + +The invalid uids/gids in inodes first appeared due to 81754357770e (fs: +Update i_[ug]id_(read|write) to translate relative to s_user_ns). +However, AFAIK, this did not immediately cause any issues. The +inability to write to these "invalid" inodes was only caused by a later +commit 0bd23d09b874 (vfs: Don't modify inodes with a uid or gid unknown +to the vfs). + +Tested: Used a repro program that creates a user namespace without any +mapping and stat'ed /proc/$PID/root/proc/sys/kernel/shmmax from outside. +Before the change, it shows the overflow uid, with the change it's 0. +The overflow uid indicates that the uid in the inode is not correct and +thus it is not possible to open the file for writing. + +Link: http://lkml.kernel.org/r/20190708115130.250149-1-rburny@google.com +Fixes: 0bd23d09b874 ("vfs: Don't modify inodes with a uid or gid unknown to the vfs") +Signed-off-by: Radoslaw Burny +Acked-by: Luis Chamberlain +Cc: Kees Cook +Cc: "Eric W . Biederman" +Cc: Seth Forshee +Cc: John Sperbeck +Cc: Alexey Dobriyan +Cc: [4.8+] +Signed-off-by: Andrew Morton +Signed-off-by: Linus Torvalds +Signed-off-by: Greg Kroah-Hartman + +--- + fs/proc/proc_sysctl.c | 4 ++++ + 1 file changed, 4 insertions(+) + +--- a/fs/proc/proc_sysctl.c ++++ b/fs/proc/proc_sysctl.c +@@ -500,6 +500,10 @@ static struct inode *proc_sys_make_inode + + if (root->set_ownership) + root->set_ownership(head, table, &inode->i_uid, &inode->i_gid); ++ else { ++ inode->i_uid = GLOBAL_ROOT_UID; ++ inode->i_gid = GLOBAL_ROOT_GID; ++ } + + return inode; + } diff --git a/queue-4.9/series b/queue-4.9/series index 62b970a1ac0..64102c57f70 100644 --- a/queue-4.9/series +++ b/queue-4.9/series @@ -85,7 +85,6 @@ crypto-arm64-sha1-ce-correct-digest-for-empty-data-in-finup.patch crypto-arm64-sha2-ce-correct-digest-for-empty-data-in-finup.patch crypto-chacha20poly1305-fix-atomic-sleep-when-using-async-algorithm.patch crypto-crypto4xx-fix-a-potential-double-free-in-ppc4xx_trng_probe.patch -cifs-flush-before-set-info-if-we-have-writeable-handles.patch input-gtco-bounds-check-collection-indent-level.patch regulator-s2mps11-fix-buck7-and-buck8-wrong-voltages.patch arm64-tegra-update-jetson-tx1-gpu-regulator-timings.patch @@ -98,3 +97,5 @@ alsa-hda-realtek-apply-alc891-headset-fixup-to-one-dell-machine.patch media-v4l2-test-type-instead-of-cfg-type-in-v4l2_ctrl_new_custom.patch media-coda-remove-unbalanced-and-unneeded-mutex-unlock.patch kvm-x86-vpmu-refine-kvm_pmu-err-msg-when-event-creation-failed.patch +arm64-tegra-fix-agic-register-range.patch +fs-proc-proc_sysctl.c-fix-the-default-values-of-i_uid-i_gid-on-proc-sys-inodes.patch -- 2.47.3