From a93a5e422c6ed338a3ea7ab7d50385bf358fbbb4 Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman Date: Mon, 1 Mar 2021 14:31:45 +0100 Subject: [PATCH] 5.11-stable patches added patches: exfat-fix-shift-out-of-bounds-in-exfat_fill_super.patch gpio-pcf857x-fix-missing-first-interrupt.patch kcmp-support-selection-of-sys_kcmp-without-checkpoint_restore.patch mei-bus-block-send-with-vtag-on-non-conformat-fw.patch mei-fix-transfer-over-dma-with-extended-header.patch mei-me-add-adler-lake-point-lp-did.patch mei-me-add-adler-lake-point-s-did.patch mei-me-emmitsburg-workstation-did.patch mfd-gateworks-gsc-fix-interrupt-type.patch mmc-sdhci-esdhc-imx-fix-kernel-panic-when-remove-module.patch mmc-sdhci-pci-o2micro-bug-fix-for-sdr104-hw-tuning-failure.patch module-ignore-_global_offset_table_-when-warning-for-undefined-symbols.patch nvmem-qcom-spmi-sdam-fix-uninitialized-pdev-pointer.patch powerpc-32-preserve-cr1-in-exception-prolog-stack-check-to-fix-build-error.patch powerpc-32s-add-missing-call-to-kuep_lock-on-syscall-entry.patch powerpc-kexec_file-fix-fdt-size-estimation-for-kdump-kernel.patch printk-fix-deadlock-when-kernel-panic.patch spmi-spmi-pmic-arb-fix-hw_irq-overflow.patch thermal-cpufreq_cooling-freq_qos_update_request-returns-0-on-error.patch zonefs-fix-file-size-of-zones-in-full-condition.patch --- ...ft-out-of-bounds-in-exfat_fill_super.patch | 121 +++++++++++++++ ...-pcf857x-fix-missing-first-interrupt.patch | 45 ++++++ ...-sys_kcmp-without-checkpoint_restore.patch | 143 ++++++++++++++++++ ...k-send-with-vtag-on-non-conformat-fw.patch | 37 +++++ ...ansfer-over-dma-with-extended-header.patch | 98 ++++++++++++ .../mei-me-add-adler-lake-point-lp-did.patch | 41 +++++ .../mei-me-add-adler-lake-point-s-did.patch | 43 ++++++ .../mei-me-emmitsburg-workstation-did.patch | 42 +++++ ...mfd-gateworks-gsc-fix-interrupt-type.patch | 32 ++++ ...-fix-kernel-panic-when-remove-module.patch | 82 ++++++++++ ...bug-fix-for-sdr104-hw-tuning-failure.patch | 71 +++++++++ ..._-when-warning-for-undefined-symbols.patch | 80 ++++++++++ ...-sdam-fix-uninitialized-pdev-pointer.patch | 60 ++++++++ ...rolog-stack-check-to-fix-build-error.patch | 61 ++++++++ ...g-call-to-kuep_lock-on-syscall-entry.patch | 38 +++++ ...fdt-size-estimation-for-kdump-kernel.patch | 104 +++++++++++++ ...rintk-fix-deadlock-when-kernel-panic.patch | 109 +++++++++++++ queue-5.11/series | 20 +++ ...mi-spmi-pmic-arb-fix-hw_irq-overflow.patch | 51 +++++++ ...os_update_request-returns-0-on-error.patch | 51 +++++++ ...file-size-of-zones-in-full-condition.patch | 37 +++++ 21 files changed, 1366 insertions(+) create mode 100644 queue-5.11/exfat-fix-shift-out-of-bounds-in-exfat_fill_super.patch create mode 100644 queue-5.11/gpio-pcf857x-fix-missing-first-interrupt.patch create mode 100644 queue-5.11/kcmp-support-selection-of-sys_kcmp-without-checkpoint_restore.patch create mode 100644 queue-5.11/mei-bus-block-send-with-vtag-on-non-conformat-fw.patch create mode 100644 queue-5.11/mei-fix-transfer-over-dma-with-extended-header.patch create mode 100644 queue-5.11/mei-me-add-adler-lake-point-lp-did.patch create mode 100644 queue-5.11/mei-me-add-adler-lake-point-s-did.patch create mode 100644 queue-5.11/mei-me-emmitsburg-workstation-did.patch create mode 100644 queue-5.11/mfd-gateworks-gsc-fix-interrupt-type.patch create mode 100644 queue-5.11/mmc-sdhci-esdhc-imx-fix-kernel-panic-when-remove-module.patch create mode 100644 queue-5.11/mmc-sdhci-pci-o2micro-bug-fix-for-sdr104-hw-tuning-failure.patch create mode 100644 queue-5.11/module-ignore-_global_offset_table_-when-warning-for-undefined-symbols.patch create mode 100644 queue-5.11/nvmem-qcom-spmi-sdam-fix-uninitialized-pdev-pointer.patch create mode 100644 queue-5.11/powerpc-32-preserve-cr1-in-exception-prolog-stack-check-to-fix-build-error.patch create mode 100644 queue-5.11/powerpc-32s-add-missing-call-to-kuep_lock-on-syscall-entry.patch create mode 100644 queue-5.11/powerpc-kexec_file-fix-fdt-size-estimation-for-kdump-kernel.patch create mode 100644 queue-5.11/printk-fix-deadlock-when-kernel-panic.patch create mode 100644 queue-5.11/spmi-spmi-pmic-arb-fix-hw_irq-overflow.patch create mode 100644 queue-5.11/thermal-cpufreq_cooling-freq_qos_update_request-returns-0-on-error.patch create mode 100644 queue-5.11/zonefs-fix-file-size-of-zones-in-full-condition.patch diff --git a/queue-5.11/exfat-fix-shift-out-of-bounds-in-exfat_fill_super.patch b/queue-5.11/exfat-fix-shift-out-of-bounds-in-exfat_fill_super.patch new file mode 100644 index 00000000000..4cc22ef454b --- /dev/null +++ b/queue-5.11/exfat-fix-shift-out-of-bounds-in-exfat_fill_super.patch @@ -0,0 +1,121 @@ +From 78c276f5495aa53a8beebb627e5bf6a54f0af34f Mon Sep 17 00:00:00 2001 +From: Namjae Jeon +Date: Mon, 1 Feb 2021 09:23:37 +0900 +Subject: exfat: fix shift-out-of-bounds in exfat_fill_super() + +From: Namjae Jeon + +commit 78c276f5495aa53a8beebb627e5bf6a54f0af34f upstream. + +syzbot reported a warning which could cause shift-out-of-bounds issue. + +Call Trace: + __dump_stack lib/dump_stack.c:79 [inline] + dump_stack+0x183/0x22e lib/dump_stack.c:120 + ubsan_epilogue lib/ubsan.c:148 [inline] + __ubsan_handle_shift_out_of_bounds+0x432/0x4d0 lib/ubsan.c:395 + exfat_read_boot_sector fs/exfat/super.c:471 [inline] + __exfat_fill_super fs/exfat/super.c:556 [inline] + exfat_fill_super+0x2acb/0x2d00 fs/exfat/super.c:624 + get_tree_bdev+0x406/0x630 fs/super.c:1291 + vfs_get_tree+0x86/0x270 fs/super.c:1496 + do_new_mount fs/namespace.c:2881 [inline] + path_mount+0x1937/0x2c50 fs/namespace.c:3211 + do_mount fs/namespace.c:3224 [inline] + __do_sys_mount fs/namespace.c:3432 [inline] + __se_sys_mount+0x2f9/0x3b0 fs/namespace.c:3409 + do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46 + entry_SYSCALL_64_after_hwframe+0x44/0xa9 + +exfat specification describe sect_per_clus_bits field of boot sector +could be at most 25 - sect_size_bits and at least 0. And sect_size_bits +can also affect this calculation, It also needs validation. +This patch add validation for sect_per_clus_bits and sect_size_bits +field of boot sector. + +Fixes: 719c1e182916 ("exfat: add super block operations") +Cc: stable@vger.kernel.org # v5.9+ +Reported-by: syzbot+da4fe66aaadd3c2e2d1c@syzkaller.appspotmail.com +Reviewed-by: Sungjong Seo +Tested-by: Randy Dunlap +Signed-off-by: Namjae Jeon +Signed-off-by: Greg Kroah-Hartman +--- + fs/exfat/exfat_raw.h | 4 ++++ + fs/exfat/super.c | 31 ++++++++++++++++++++++++++----- + 2 files changed, 30 insertions(+), 5 deletions(-) + +--- a/fs/exfat/exfat_raw.h ++++ b/fs/exfat/exfat_raw.h +@@ -77,6 +77,10 @@ + + #define EXFAT_FILE_NAME_LEN 15 + ++#define EXFAT_MIN_SECT_SIZE_BITS 9 ++#define EXFAT_MAX_SECT_SIZE_BITS 12 ++#define EXFAT_MAX_SECT_PER_CLUS_BITS(x) (25 - (x)->sect_size_bits) ++ + /* EXFAT: Main and Backup Boot Sector (512 bytes) */ + struct boot_sector { + __u8 jmp_boot[BOOTSEC_JUMP_BOOT_LEN]; +--- a/fs/exfat/super.c ++++ b/fs/exfat/super.c +@@ -381,8 +381,7 @@ static int exfat_calibrate_blocksize(str + { + struct exfat_sb_info *sbi = EXFAT_SB(sb); + +- if (!is_power_of_2(logical_sect) || +- logical_sect < 512 || logical_sect > 4096) { ++ if (!is_power_of_2(logical_sect)) { + exfat_err(sb, "bogus logical sector size %u", logical_sect); + return -EIO; + } +@@ -451,6 +450,25 @@ static int exfat_read_boot_sector(struct + return -EINVAL; + } + ++ /* ++ * sect_size_bits could be at least 9 and at most 12. ++ */ ++ if (p_boot->sect_size_bits < EXFAT_MIN_SECT_SIZE_BITS || ++ p_boot->sect_size_bits > EXFAT_MAX_SECT_SIZE_BITS) { ++ exfat_err(sb, "bogus sector size bits : %u\n", ++ p_boot->sect_size_bits); ++ return -EINVAL; ++ } ++ ++ /* ++ * sect_per_clus_bits could be at least 0 and at most 25 - sect_size_bits. ++ */ ++ if (p_boot->sect_per_clus_bits > EXFAT_MAX_SECT_PER_CLUS_BITS(p_boot)) { ++ exfat_err(sb, "bogus sectors bits per cluster : %u\n", ++ p_boot->sect_per_clus_bits); ++ return -EINVAL; ++ } ++ + sbi->sect_per_clus = 1 << p_boot->sect_per_clus_bits; + sbi->sect_per_clus_bits = p_boot->sect_per_clus_bits; + sbi->cluster_size_bits = p_boot->sect_per_clus_bits + +@@ -477,16 +495,19 @@ static int exfat_read_boot_sector(struct + sbi->used_clusters = EXFAT_CLUSTERS_UNTRACKED; + + /* check consistencies */ +- if (sbi->num_FAT_sectors << p_boot->sect_size_bits < +- sbi->num_clusters * 4) { ++ if ((u64)sbi->num_FAT_sectors << p_boot->sect_size_bits < ++ (u64)sbi->num_clusters * 4) { + exfat_err(sb, "bogus fat length"); + return -EINVAL; + } ++ + if (sbi->data_start_sector < +- sbi->FAT1_start_sector + sbi->num_FAT_sectors * p_boot->num_fats) { ++ (u64)sbi->FAT1_start_sector + ++ (u64)sbi->num_FAT_sectors * p_boot->num_fats) { + exfat_err(sb, "bogus data start sector"); + return -EINVAL; + } ++ + if (sbi->vol_flags & VOLUME_DIRTY) + exfat_warn(sb, "Volume was not properly unmounted. Some data may be corrupt. Please run fsck."); + if (sbi->vol_flags & MEDIA_FAILURE) diff --git a/queue-5.11/gpio-pcf857x-fix-missing-first-interrupt.patch b/queue-5.11/gpio-pcf857x-fix-missing-first-interrupt.patch new file mode 100644 index 00000000000..a92ac0654f4 --- /dev/null +++ b/queue-5.11/gpio-pcf857x-fix-missing-first-interrupt.patch @@ -0,0 +1,45 @@ +From a8002a35935aaefcd6a42ad3289f62bab947f2ca Mon Sep 17 00:00:00 2001 +From: Maxim Kiselev +Date: Wed, 17 Feb 2021 14:10:00 +0100 +Subject: gpio: pcf857x: Fix missing first interrupt + +From: Maxim Kiselev + +commit a8002a35935aaefcd6a42ad3289f62bab947f2ca upstream. + +If no n_latch value will be provided at driver probe then all pins will +be used as an input: + + gpio->out = ~n_latch; + +In that case initial state for all pins is "one": + + gpio->status = gpio->out; + +So if pcf857x IRQ happens with change pin value from "zero" to "one" +then we miss it, because of "one" from IRQ and "one" from initial state +leaves corresponding pin unchanged: +change = (gpio->status ^ status) & gpio->irq_enabled; + +The right solution will be to read actual state at driver probe. + +Cc: stable@vger.kernel.org +Fixes: 6e20a0a429bd ("gpio: pcf857x: enable gpio_to_irq() support") +Signed-off-by: Maxim Kiselev +Signed-off-by: Bartosz Golaszewski +Signed-off-by: Greg Kroah-Hartman +--- + drivers/gpio/gpio-pcf857x.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/drivers/gpio/gpio-pcf857x.c ++++ b/drivers/gpio/gpio-pcf857x.c +@@ -332,7 +332,7 @@ static int pcf857x_probe(struct i2c_clie + * reset state. Otherwise it flags pins to be driven low. + */ + gpio->out = ~n_latch; +- gpio->status = gpio->out; ++ gpio->status = gpio->read(gpio->client); + + /* Enable irqchip if we have an interrupt */ + if (client->irq) { diff --git a/queue-5.11/kcmp-support-selection-of-sys_kcmp-without-checkpoint_restore.patch b/queue-5.11/kcmp-support-selection-of-sys_kcmp-without-checkpoint_restore.patch new file mode 100644 index 00000000000..904b563a218 --- /dev/null +++ b/queue-5.11/kcmp-support-selection-of-sys_kcmp-without-checkpoint_restore.patch @@ -0,0 +1,143 @@ +From bfe3911a91047557eb0e620f95a370aee6a248c7 Mon Sep 17 00:00:00 2001 +From: Chris Wilson +Date: Fri, 5 Feb 2021 22:00:12 +0000 +Subject: kcmp: Support selection of SYS_kcmp without CHECKPOINT_RESTORE + +From: Chris Wilson + +commit bfe3911a91047557eb0e620f95a370aee6a248c7 upstream. + +Userspace has discovered the functionality offered by SYS_kcmp and has +started to depend upon it. In particular, Mesa uses SYS_kcmp for +os_same_file_description() in order to identify when two fd (e.g. device +or dmabuf) point to the same struct file. Since they depend on it for +core functionality, lift SYS_kcmp out of the non-default +CONFIG_CHECKPOINT_RESTORE into the selectable syscall category. + +Rasmus Villemoes also pointed out that systemd uses SYS_kcmp to +deduplicate the per-service file descriptor store. + +Note that some distributions such as Ubuntu are already enabling +CHECKPOINT_RESTORE in their configs and so, by extension, SYS_kcmp. + +References: https://gitlab.freedesktop.org/drm/intel/-/issues/3046 +Signed-off-by: Chris Wilson +Cc: Kees Cook +Cc: Andy Lutomirski +Cc: Will Drewry +Cc: Andrew Morton +Cc: Dave Airlie +Cc: Daniel Vetter +Cc: Lucas Stach +Cc: Rasmus Villemoes +Cc: Cyrill Gorcunov +Cc: stable@vger.kernel.org +Acked-by: Daniel Vetter # DRM depends on kcmp +Acked-by: Rasmus Villemoes # systemd uses kcmp +Reviewed-by: Cyrill Gorcunov +Reviewed-by: Kees Cook +Acked-by: Thomas Zimmermann +Signed-off-by: Daniel Vetter +Link: https://patchwork.freedesktop.org/patch/msgid/20210205220012.1983-1-chris@chris-wilson.co.uk +Signed-off-by: Greg Kroah-Hartman +--- + drivers/gpu/drm/Kconfig | 3 +++ + fs/eventpoll.c | 4 ++-- + include/linux/eventpoll.h | 2 +- + init/Kconfig | 11 +++++++++++ + kernel/Makefile | 2 +- + tools/testing/selftests/seccomp/seccomp_bpf.c | 2 +- + 6 files changed, 19 insertions(+), 5 deletions(-) + +--- a/drivers/gpu/drm/Kconfig ++++ b/drivers/gpu/drm/Kconfig +@@ -15,6 +15,9 @@ menuconfig DRM + select I2C_ALGOBIT + select DMA_SHARED_BUFFER + select SYNC_FILE ++# gallium uses SYS_kcmp for os_same_file_description() to de-duplicate ++# device and dmabuf fd. Let's make sure that is available for our userspace. ++ select KCMP + help + Kernel-level support for the Direct Rendering Infrastructure (DRI) + introduced in XFree86 4.0. If you say Y here, you need to select +--- a/fs/eventpoll.c ++++ b/fs/eventpoll.c +@@ -979,7 +979,7 @@ static struct epitem *ep_find(struct eve + return epir; + } + +-#ifdef CONFIG_CHECKPOINT_RESTORE ++#ifdef CONFIG_KCMP + static struct epitem *ep_find_tfd(struct eventpoll *ep, int tfd, unsigned long toff) + { + struct rb_node *rbp; +@@ -1021,7 +1021,7 @@ struct file *get_epoll_tfile_raw_ptr(str + + return file_raw; + } +-#endif /* CONFIG_CHECKPOINT_RESTORE */ ++#endif /* CONFIG_KCMP */ + + /** + * Adds a new entry to the tail of the list in a lockless way, i.e. +--- a/include/linux/eventpoll.h ++++ b/include/linux/eventpoll.h +@@ -18,7 +18,7 @@ struct file; + + #ifdef CONFIG_EPOLL + +-#ifdef CONFIG_CHECKPOINT_RESTORE ++#ifdef CONFIG_KCMP + struct file *get_epoll_tfile_raw_ptr(struct file *file, int tfd, unsigned long toff); + #endif + +--- a/init/Kconfig ++++ b/init/Kconfig +@@ -1193,6 +1193,7 @@ endif # NAMESPACES + config CHECKPOINT_RESTORE + bool "Checkpoint/restore support" + select PROC_CHILDREN ++ select KCMP + default n + help + Enables additional kernel features in a sake of checkpoint/restore. +@@ -1736,6 +1737,16 @@ config ARCH_HAS_MEMBARRIER_CALLBACKS + config ARCH_HAS_MEMBARRIER_SYNC_CORE + bool + ++config KCMP ++ bool "Enable kcmp() system call" if EXPERT ++ help ++ Enable the kernel resource comparison system call. It provides ++ user-space with the ability to compare two processes to see if they ++ share a common resource, such as a file descriptor or even virtual ++ memory space. ++ ++ If unsure, say N. ++ + config RSEQ + bool "Enable rseq() system call" if EXPERT + default y +--- a/kernel/Makefile ++++ b/kernel/Makefile +@@ -51,7 +51,7 @@ obj-y += livepatch/ + obj-y += dma/ + obj-y += entry/ + +-obj-$(CONFIG_CHECKPOINT_RESTORE) += kcmp.o ++obj-$(CONFIG_KCMP) += kcmp.o + obj-$(CONFIG_FREEZER) += freezer.o + obj-$(CONFIG_PROFILING) += profile.o + obj-$(CONFIG_STACKTRACE) += stacktrace.o +--- a/tools/testing/selftests/seccomp/seccomp_bpf.c ++++ b/tools/testing/selftests/seccomp/seccomp_bpf.c +@@ -315,7 +315,7 @@ TEST(kcmp) + ret = __filecmp(getpid(), getpid(), 1, 1); + EXPECT_EQ(ret, 0); + if (ret != 0 && errno == ENOSYS) +- SKIP(return, "Kernel does not support kcmp() (missing CONFIG_CHECKPOINT_RESTORE?)"); ++ SKIP(return, "Kernel does not support kcmp() (missing CONFIG_KCMP?)"); + } + + TEST(mode_strict_support) diff --git a/queue-5.11/mei-bus-block-send-with-vtag-on-non-conformat-fw.patch b/queue-5.11/mei-bus-block-send-with-vtag-on-non-conformat-fw.patch new file mode 100644 index 00000000000..60f60d8c05d --- /dev/null +++ b/queue-5.11/mei-bus-block-send-with-vtag-on-non-conformat-fw.patch @@ -0,0 +1,37 @@ +From b398d53cd421454d64850f8b1f6d609ede9042d9 Mon Sep 17 00:00:00 2001 +From: Alexander Usyskin +Date: Mon, 8 Feb 2021 17:06:48 +0200 +Subject: mei: bus: block send with vtag on non-conformat FW + +From: Alexander Usyskin + +commit b398d53cd421454d64850f8b1f6d609ede9042d9 upstream. + +Block data send with vtag if either transport layer or +FW client are not supporting vtags. + +Cc: # v5.10+ +Signed-off-by: Alexander Usyskin +Signed-off-by: Tomas Winkler +Link: https://lore.kernel.org/r/20210208150649.141358-1-tomas.winkler@intel.com +Signed-off-by: Greg Kroah-Hartman +--- + drivers/misc/mei/bus.c | 7 +++++++ + 1 file changed, 7 insertions(+) + +--- a/drivers/misc/mei/bus.c ++++ b/drivers/misc/mei/bus.c +@@ -60,6 +60,13 @@ ssize_t __mei_cl_send(struct mei_cl *cl, + goto out; + } + ++ if (vtag) { ++ /* Check if vtag is supported by client */ ++ rets = mei_cl_vt_support_check(cl); ++ if (rets) ++ goto out; ++ } ++ + if (length > mei_cl_mtu(cl)) { + rets = -EFBIG; + goto out; diff --git a/queue-5.11/mei-fix-transfer-over-dma-with-extended-header.patch b/queue-5.11/mei-fix-transfer-over-dma-with-extended-header.patch new file mode 100644 index 00000000000..2825ec56366 --- /dev/null +++ b/queue-5.11/mei-fix-transfer-over-dma-with-extended-header.patch @@ -0,0 +1,98 @@ +From 1309ecc90f16ee9cc3077761e7f4474369747e6e Mon Sep 17 00:00:00 2001 +From: Alexander Usyskin +Date: Fri, 29 Jan 2021 14:07:46 +0200 +Subject: mei: fix transfer over dma with extended header + +From: Alexander Usyskin + +commit 1309ecc90f16ee9cc3077761e7f4474369747e6e upstream. + +The size in header field for packet transferred over DMA +includes size of the extended header. +Include extended header in size check. +Add size and sanity checks on extended header. + +Cc: # v5.10+ +Signed-off-by: Alexander Usyskin +Signed-off-by: Tomas Winkler +Link: https://lore.kernel.org/r/20210129120752.850325-1-tomas.winkler@intel.com +Signed-off-by: Greg Kroah-Hartman +--- + drivers/misc/mei/interrupt.c | 33 ++++++++++++++++++++++++++++++--- + 1 file changed, 30 insertions(+), 3 deletions(-) + +--- a/drivers/misc/mei/interrupt.c ++++ b/drivers/misc/mei/interrupt.c +@@ -295,12 +295,17 @@ static inline bool hdr_is_fixed(struct m + static inline int hdr_is_valid(u32 msg_hdr) + { + struct mei_msg_hdr *mei_hdr; ++ u32 expected_len = 0; + + mei_hdr = (struct mei_msg_hdr *)&msg_hdr; + if (!msg_hdr || mei_hdr->reserved) + return -EBADMSG; + +- if (mei_hdr->dma_ring && mei_hdr->length != MEI_SLOT_SIZE) ++ if (mei_hdr->dma_ring) ++ expected_len += MEI_SLOT_SIZE; ++ if (mei_hdr->extended) ++ expected_len += MEI_SLOT_SIZE; ++ if (mei_hdr->length < expected_len) + return -EBADMSG; + + return 0; +@@ -324,6 +329,8 @@ int mei_irq_read_handler(struct mei_devi + struct mei_cl *cl; + int ret; + u32 ext_meta_hdr_u32; ++ u32 hdr_size_left; ++ u32 hdr_size_ext; + int i; + int ext_hdr_end; + +@@ -353,6 +360,7 @@ int mei_irq_read_handler(struct mei_devi + } + + ext_hdr_end = 1; ++ hdr_size_left = mei_hdr->length; + + if (mei_hdr->extended) { + if (!dev->rd_msg_hdr[1]) { +@@ -363,8 +371,21 @@ int mei_irq_read_handler(struct mei_devi + dev_dbg(dev->dev, "extended header is %08x\n", + ext_meta_hdr_u32); + } +- meta_hdr = ((struct mei_ext_meta_hdr *) +- dev->rd_msg_hdr + 1); ++ meta_hdr = ((struct mei_ext_meta_hdr *)dev->rd_msg_hdr + 1); ++ if (check_add_overflow((u32)sizeof(*meta_hdr), ++ mei_slots2data(meta_hdr->size), ++ &hdr_size_ext)) { ++ dev_err(dev->dev, "extended message size too big %d\n", ++ meta_hdr->size); ++ return -EBADMSG; ++ } ++ if (hdr_size_left < hdr_size_ext) { ++ dev_err(dev->dev, "corrupted message header len %d\n", ++ mei_hdr->length); ++ return -EBADMSG; ++ } ++ hdr_size_left -= hdr_size_ext; ++ + ext_hdr_end = meta_hdr->size + 2; + for (i = dev->rd_msg_hdr_count; i < ext_hdr_end; i++) { + dev->rd_msg_hdr[i] = mei_read_hdr(dev); +@@ -376,6 +397,12 @@ int mei_irq_read_handler(struct mei_devi + } + + if (mei_hdr->dma_ring) { ++ if (hdr_size_left != sizeof(dev->rd_msg_hdr[ext_hdr_end])) { ++ dev_err(dev->dev, "corrupted message header len %d\n", ++ mei_hdr->length); ++ return -EBADMSG; ++ } ++ + dev->rd_msg_hdr[ext_hdr_end] = mei_read_hdr(dev); + dev->rd_msg_hdr_count++; + (*slots)--; diff --git a/queue-5.11/mei-me-add-adler-lake-point-lp-did.patch b/queue-5.11/mei-me-add-adler-lake-point-lp-did.patch new file mode 100644 index 00000000000..2d753fcd80f --- /dev/null +++ b/queue-5.11/mei-me-add-adler-lake-point-lp-did.patch @@ -0,0 +1,41 @@ +From 930c922a987a02936000f15ea62988b7a39c27f5 Mon Sep 17 00:00:00 2001 +From: Alexander Usyskin +Date: Fri, 29 Jan 2021 14:07:52 +0200 +Subject: mei: me: add adler lake point LP DID + +From: Alexander Usyskin + +commit 930c922a987a02936000f15ea62988b7a39c27f5 upstream. + +Add Adler Lake LP device id. + +Cc: +Signed-off-by: Alexander Usyskin +Signed-off-by: Tomas Winkler +Link: https://lore.kernel.org/r/20210129120752.850325-7-tomas.winkler@intel.com +Signed-off-by: Greg Kroah-Hartman +--- + drivers/misc/mei/hw-me-regs.h | 1 + + drivers/misc/mei/pci-me.c | 1 + + 2 files changed, 2 insertions(+) + +--- a/drivers/misc/mei/hw-me-regs.h ++++ b/drivers/misc/mei/hw-me-regs.h +@@ -104,6 +104,7 @@ + #define MEI_DEV_ID_EBG 0x1BE0 /* Emmitsburg WS */ + + #define MEI_DEV_ID_ADP_S 0x7AE8 /* Alder Lake Point S */ ++#define MEI_DEV_ID_ADP_LP 0x7A60 /* Alder Lake Point LP */ + + /* + * MEI HW Section +--- a/drivers/misc/mei/pci-me.c ++++ b/drivers/misc/mei/pci-me.c +@@ -110,6 +110,7 @@ static const struct pci_device_id mei_me + {MEI_PCI_DEVICE(MEI_DEV_ID_EBG, MEI_ME_PCH15_SPS_CFG)}, + + {MEI_PCI_DEVICE(MEI_DEV_ID_ADP_S, MEI_ME_PCH15_CFG)}, ++ {MEI_PCI_DEVICE(MEI_DEV_ID_ADP_LP, MEI_ME_PCH15_CFG)}, + + /* required last entry */ + {0, } diff --git a/queue-5.11/mei-me-add-adler-lake-point-s-did.patch b/queue-5.11/mei-me-add-adler-lake-point-s-did.patch new file mode 100644 index 00000000000..b4d1c23d8ce --- /dev/null +++ b/queue-5.11/mei-me-add-adler-lake-point-s-did.patch @@ -0,0 +1,43 @@ +From f7545efaf7950b240de6b8a20b9c3ffd7278538e Mon Sep 17 00:00:00 2001 +From: Alexander Usyskin +Date: Fri, 29 Jan 2021 14:07:51 +0200 +Subject: mei: me: add adler lake point S DID + +From: Alexander Usyskin + +commit f7545efaf7950b240de6b8a20b9c3ffd7278538e upstream. + +Add Adler Lake S device id. + +Cc: +Signed-off-by: Alexander Usyskin +Signed-off-by: Tomas Winkler +Link: https://lore.kernel.org/r/20210129120752.850325-6-tomas.winkler@intel.com +Signed-off-by: Greg Kroah-Hartman +--- + drivers/misc/mei/hw-me-regs.h | 2 ++ + drivers/misc/mei/pci-me.c | 2 ++ + 2 files changed, 4 insertions(+) + +--- a/drivers/misc/mei/hw-me-regs.h ++++ b/drivers/misc/mei/hw-me-regs.h +@@ -103,6 +103,8 @@ + + #define MEI_DEV_ID_EBG 0x1BE0 /* Emmitsburg WS */ + ++#define MEI_DEV_ID_ADP_S 0x7AE8 /* Alder Lake Point S */ ++ + /* + * MEI HW Section + */ +--- a/drivers/misc/mei/pci-me.c ++++ b/drivers/misc/mei/pci-me.c +@@ -109,6 +109,8 @@ static const struct pci_device_id mei_me + + {MEI_PCI_DEVICE(MEI_DEV_ID_EBG, MEI_ME_PCH15_SPS_CFG)}, + ++ {MEI_PCI_DEVICE(MEI_DEV_ID_ADP_S, MEI_ME_PCH15_CFG)}, ++ + /* required last entry */ + {0, } + }; diff --git a/queue-5.11/mei-me-emmitsburg-workstation-did.patch b/queue-5.11/mei-me-emmitsburg-workstation-did.patch new file mode 100644 index 00000000000..dfc516f0ef7 --- /dev/null +++ b/queue-5.11/mei-me-emmitsburg-workstation-did.patch @@ -0,0 +1,42 @@ +From 372726cb3957dbd69ded9a4e3419d5c6c3bc648e Mon Sep 17 00:00:00 2001 +From: Tomas Winkler +Date: Fri, 29 Jan 2021 14:07:50 +0200 +Subject: mei: me: emmitsburg workstation DID + +From: Tomas Winkler + +commit 372726cb3957dbd69ded9a4e3419d5c6c3bc648e upstream. + +Add Emmitsburg workstation DID. + +Cc: +Signed-off-by: Tomas Winkler +Link: https://lore.kernel.org/r/20210129120752.850325-5-tomas.winkler@intel.com +Signed-off-by: Greg Kroah-Hartman +--- + drivers/misc/mei/hw-me-regs.h | 2 ++ + drivers/misc/mei/pci-me.c | 2 ++ + 2 files changed, 4 insertions(+) + +--- a/drivers/misc/mei/hw-me-regs.h ++++ b/drivers/misc/mei/hw-me-regs.h +@@ -101,6 +101,8 @@ + #define MEI_DEV_ID_MCC 0x4B70 /* Mule Creek Canyon (EHL) */ + #define MEI_DEV_ID_MCC_4 0x4B75 /* Mule Creek Canyon 4 (EHL) */ + ++#define MEI_DEV_ID_EBG 0x1BE0 /* Emmitsburg WS */ ++ + /* + * MEI HW Section + */ +--- a/drivers/misc/mei/pci-me.c ++++ b/drivers/misc/mei/pci-me.c +@@ -107,6 +107,8 @@ static const struct pci_device_id mei_me + + {MEI_PCI_DEVICE(MEI_DEV_ID_CDF, MEI_ME_PCH8_CFG)}, + ++ {MEI_PCI_DEVICE(MEI_DEV_ID_EBG, MEI_ME_PCH15_SPS_CFG)}, ++ + /* required last entry */ + {0, } + }; diff --git a/queue-5.11/mfd-gateworks-gsc-fix-interrupt-type.patch b/queue-5.11/mfd-gateworks-gsc-fix-interrupt-type.patch new file mode 100644 index 00000000000..802fa99c275 --- /dev/null +++ b/queue-5.11/mfd-gateworks-gsc-fix-interrupt-type.patch @@ -0,0 +1,32 @@ +From 8d9bf3c3e1451fc8de7b590040a868ade26d6b22 Mon Sep 17 00:00:00 2001 +From: Tim Harvey +Date: Mon, 28 Dec 2020 13:10:04 -0800 +Subject: mfd: gateworks-gsc: Fix interrupt type + +From: Tim Harvey + +commit 8d9bf3c3e1451fc8de7b590040a868ade26d6b22 upstream. + +The Gateworks System Controller has an active-low interrupt. +Fix the interrupt request type. + +Cc: +Fixes: d85234994b2f ("mfd: Add Gateworks System Controller core driver") +Signed-off-by: Tim Harvey +Signed-off-by: Lee Jones +Signed-off-by: Greg Kroah-Hartman +--- + drivers/mfd/gateworks-gsc.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/drivers/mfd/gateworks-gsc.c ++++ b/drivers/mfd/gateworks-gsc.c +@@ -234,7 +234,7 @@ static int gsc_probe(struct i2c_client * + + ret = devm_regmap_add_irq_chip(dev, gsc->regmap, client->irq, + IRQF_ONESHOT | IRQF_SHARED | +- IRQF_TRIGGER_FALLING, 0, ++ IRQF_TRIGGER_LOW, 0, + &gsc_irq_chip, &irq_data); + if (ret) + return ret; diff --git a/queue-5.11/mmc-sdhci-esdhc-imx-fix-kernel-panic-when-remove-module.patch b/queue-5.11/mmc-sdhci-esdhc-imx-fix-kernel-panic-when-remove-module.patch new file mode 100644 index 00000000000..39de15b12b1 --- /dev/null +++ b/queue-5.11/mmc-sdhci-esdhc-imx-fix-kernel-panic-when-remove-module.patch @@ -0,0 +1,82 @@ +From a56f44138a2c57047f1ea94ea121af31c595132b Mon Sep 17 00:00:00 2001 +From: Frank Li +Date: Wed, 10 Feb 2021 12:19:33 -0600 +Subject: mmc: sdhci-esdhc-imx: fix kernel panic when remove module + +From: Frank Li + +commit a56f44138a2c57047f1ea94ea121af31c595132b upstream. + +In sdhci_esdhc_imx_remove() the SDHCI_INT_STATUS in read. Under some +circumstances, this may be done while the device is runtime suspended, +triggering the below splat. + +Fix the problem by adding a pm_runtime_get_sync(), before reading the +register, which will turn on clocks etc making the device accessible again. + +[ 1811.323148] mmc1: card aaaa removed +[ 1811.347483] Internal error: synchronous external abort: 96000210 [#1] PREEMPT SMP +[ 1811.354988] Modules linked in: sdhci_esdhc_imx(-) sdhci_pltfm sdhci cqhci mmc_block mmc_core [last unloaded: mmc_core] +[ 1811.365726] CPU: 0 PID: 3464 Comm: rmmod Not tainted 5.10.1-sd-99871-g53835a2e8186 #5 +[ 1811.373559] Hardware name: Freescale i.MX8DXL EVK (DT) +[ 1811.378705] pstate: 60000005 (nZCv daif -PAN -UAO -TCO BTYPE=--) +[ 1811.384723] pc : sdhci_esdhc_imx_remove+0x28/0x15c [sdhci_esdhc_imx] +[ 1811.391090] lr : platform_drv_remove+0x2c/0x50 +[ 1811.395536] sp : ffff800012c7bcb0 +[ 1811.398855] x29: ffff800012c7bcb0 x28: ffff00002c72b900 +[ 1811.404181] x27: 0000000000000000 x26: 0000000000000000 +[ 1811.409497] x25: 0000000000000000 x24: 0000000000000000 +[ 1811.414814] x23: ffff0000042b3890 x22: ffff800009127120 +[ 1811.420131] x21: ffff00002c4c9580 x20: ffff0000042d0810 +[ 1811.425456] x19: ffff0000042d0800 x18: 0000000000000020 +[ 1811.430773] x17: 0000000000000000 x16: 0000000000000000 +[ 1811.436089] x15: 0000000000000004 x14: ffff000004019c10 +[ 1811.441406] x13: 0000000000000000 x12: 0000000000000020 +[ 1811.446723] x11: 0101010101010101 x10: 7f7f7f7f7f7f7f7f +[ 1811.452040] x9 : fefefeff6364626d x8 : 7f7f7f7f7f7f7f7f +[ 1811.457356] x7 : 78725e6473607372 x6 : 0000000080808080 +[ 1811.462673] x5 : 0000000000000000 x4 : 0000000000000000 +[ 1811.467990] x3 : ffff800011ac1cb0 x2 : 0000000000000000 +[ 1811.473307] x1 : ffff8000091214d4 x0 : ffff8000133a0030 +[ 1811.478624] Call trace: +[ 1811.481081] sdhci_esdhc_imx_remove+0x28/0x15c [sdhci_esdhc_imx] +[ 1811.487098] platform_drv_remove+0x2c/0x50 +[ 1811.491198] __device_release_driver+0x188/0x230 +[ 1811.495818] driver_detach+0xc0/0x14c +[ 1811.499487] bus_remove_driver+0x5c/0xb0 +[ 1811.503413] driver_unregister+0x30/0x60 +[ 1811.507341] platform_driver_unregister+0x14/0x20 +[ 1811.512048] sdhci_esdhc_imx_driver_exit+0x1c/0x3a8 [sdhci_esdhc_imx] +[ 1811.518495] __arm64_sys_delete_module+0x19c/0x230 +[ 1811.523291] el0_svc_common.constprop.0+0x78/0x1a0 +[ 1811.528086] do_el0_svc+0x24/0x90 +[ 1811.531405] el0_svc+0x14/0x20 +[ 1811.534461] el0_sync_handler+0x1a4/0x1b0 +[ 1811.538474] el0_sync+0x174/0x180 +[ 1811.541801] Code: a9025bf5 f9403e95 f9400ea0 9100c000 (b9400000) +[ 1811.547902] ---[ end trace 3fb1a3bd48ff7be5 ]--- + +Signed-off-by: Frank Li +Cc: stable@vger.kernel.org # v4.0+ +Link: https://lore.kernel.org/r/20210210181933.29263-1-Frank.Li@nxp.com +[Ulf: Clarified the commit message a bit] +Signed-off-by: Ulf Hansson +Signed-off-by: Greg Kroah-Hartman +--- + drivers/mmc/host/sdhci-esdhc-imx.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +--- a/drivers/mmc/host/sdhci-esdhc-imx.c ++++ b/drivers/mmc/host/sdhci-esdhc-imx.c +@@ -1666,9 +1666,10 @@ static int sdhci_esdhc_imx_remove(struct + struct sdhci_host *host = platform_get_drvdata(pdev); + struct sdhci_pltfm_host *pltfm_host = sdhci_priv(host); + struct pltfm_imx_data *imx_data = sdhci_pltfm_priv(pltfm_host); +- int dead = (readl(host->ioaddr + SDHCI_INT_STATUS) == 0xffffffff); ++ int dead; + + pm_runtime_get_sync(&pdev->dev); ++ dead = (readl(host->ioaddr + SDHCI_INT_STATUS) == 0xffffffff); + pm_runtime_disable(&pdev->dev); + pm_runtime_put_noidle(&pdev->dev); + diff --git a/queue-5.11/mmc-sdhci-pci-o2micro-bug-fix-for-sdr104-hw-tuning-failure.patch b/queue-5.11/mmc-sdhci-pci-o2micro-bug-fix-for-sdr104-hw-tuning-failure.patch new file mode 100644 index 00000000000..88e885a635a --- /dev/null +++ b/queue-5.11/mmc-sdhci-pci-o2micro-bug-fix-for-sdr104-hw-tuning-failure.patch @@ -0,0 +1,71 @@ +From 1ad9f88014ae1d5abccb6fe930bc4c5c311bdc05 Mon Sep 17 00:00:00 2001 +From: Shirley Her +Date: Fri, 5 Feb 2021 17:40:51 -0800 +Subject: mmc: sdhci-pci-o2micro: Bug fix for SDR104 HW tuning failure + +From: Shirley Her + +commit 1ad9f88014ae1d5abccb6fe930bc4c5c311bdc05 upstream. + +Force chip enter L0 power state during SDR104 HW tuning to avoid tuning failure + +Signed-off-by: Shirley Her +Link: https://lore.kernel.org/r/20210206014051.3418-1-shirley.her@bayhubtech.com +Fixes: 7b7d897e8898 ("mmc: sdhci-pci-o2micro: Add HW tuning for SDR104 mode") +Cc: stable@vger.kernel.org +Signed-off-by: Ulf Hansson +Signed-off-by: Greg Kroah-Hartman +--- + drivers/mmc/host/sdhci-pci-o2micro.c | 20 ++++++++++++++++++++ + 1 file changed, 20 insertions(+) + +--- a/drivers/mmc/host/sdhci-pci-o2micro.c ++++ b/drivers/mmc/host/sdhci-pci-o2micro.c +@@ -33,6 +33,8 @@ + #define O2_SD_ADMA2 0xE7 + #define O2_SD_INF_MOD 0xF1 + #define O2_SD_MISC_CTRL4 0xFC ++#define O2_SD_MISC_CTRL 0x1C0 ++#define O2_SD_PWR_FORCE_L0 0x0002 + #define O2_SD_TUNING_CTRL 0x300 + #define O2_SD_PLL_SETTING 0x304 + #define O2_SD_MISC_SETTING 0x308 +@@ -300,6 +302,8 @@ static int sdhci_o2_execute_tuning(struc + { + struct sdhci_host *host = mmc_priv(mmc); + int current_bus_width = 0; ++ u32 scratch32 = 0; ++ u16 scratch = 0; + + /* + * This handler only implements the eMMC tuning that is specific to +@@ -312,6 +316,17 @@ static int sdhci_o2_execute_tuning(struc + if (WARN_ON((opcode != MMC_SEND_TUNING_BLOCK_HS200) && + (opcode != MMC_SEND_TUNING_BLOCK))) + return -EINVAL; ++ ++ /* Force power mode enter L0 */ ++ scratch = sdhci_readw(host, O2_SD_MISC_CTRL); ++ scratch |= O2_SD_PWR_FORCE_L0; ++ sdhci_writew(host, scratch, O2_SD_MISC_CTRL); ++ ++ /* wait DLL lock, timeout value 5ms */ ++ if (readx_poll_timeout(sdhci_o2_pll_dll_wdt_control, host, ++ scratch32, (scratch32 & O2_DLL_LOCK_STATUS), 1, 5000)) ++ pr_warn("%s: DLL can't lock in 5ms after force L0 during tuning.\n", ++ mmc_hostname(host->mmc)); + /* + * Judge the tuning reason, whether caused by dll shift + * If cause by dll shift, should call sdhci_o2_dll_recovery +@@ -344,6 +359,11 @@ static int sdhci_o2_execute_tuning(struc + sdhci_set_bus_width(host, current_bus_width); + } + ++ /* Cancel force power mode enter L0 */ ++ scratch = sdhci_readw(host, O2_SD_MISC_CTRL); ++ scratch &= ~(O2_SD_PWR_FORCE_L0); ++ sdhci_writew(host, scratch, O2_SD_MISC_CTRL); ++ + sdhci_reset(host, SDHCI_RESET_CMD); + sdhci_reset(host, SDHCI_RESET_DATA); + diff --git a/queue-5.11/module-ignore-_global_offset_table_-when-warning-for-undefined-symbols.patch b/queue-5.11/module-ignore-_global_offset_table_-when-warning-for-undefined-symbols.patch new file mode 100644 index 00000000000..7d7e1832445 --- /dev/null +++ b/queue-5.11/module-ignore-_global_offset_table_-when-warning-for-undefined-symbols.patch @@ -0,0 +1,80 @@ +From ebfac7b778fac8b0e8e92ec91d0b055f046b4604 Mon Sep 17 00:00:00 2001 +From: Fangrui Song +Date: Fri, 15 Jan 2021 11:52:22 -0800 +Subject: module: Ignore _GLOBAL_OFFSET_TABLE_ when warning for undefined symbols + +From: Fangrui Song + +commit ebfac7b778fac8b0e8e92ec91d0b055f046b4604 upstream. + +clang-12 -fno-pic (since +https://github.com/llvm/llvm-project/commit/a084c0388e2a59b9556f2de0083333232da3f1d6) +can emit `call __stack_chk_fail@PLT` instead of `call __stack_chk_fail` +on x86. The two forms should have identical behaviors on x86-64 but the +former causes GNU as<2.37 to produce an unreferenced undefined symbol +_GLOBAL_OFFSET_TABLE_. + +(On x86-32, there is an R_386_PC32 vs R_386_PLT32 difference but the +linker behavior is identical as far as Linux kernel is concerned.) + +Simply ignore _GLOBAL_OFFSET_TABLE_ for now, like what +scripts/mod/modpost.c:ignore_undef_symbol does. This also fixes the +problem for gcc/clang -fpie and -fpic, which may emit `call foo@PLT` for +external function calls on x86. + +Note: ld -z defs and dynamic loaders do not error for unreferenced +undefined symbols so the module loader is reading too much. If we ever +need to ignore more symbols, the code should be refactored to ignore +unreferenced symbols. + +Cc: +Link: https://github.com/ClangBuiltLinux/linux/issues/1250 +Link: https://sourceware.org/bugzilla/show_bug.cgi?id=27178 +Reported-by: Marco Elver +Reviewed-by: Nick Desaulniers +Reviewed-by: Nathan Chancellor +Tested-by: Marco Elver +Signed-off-by: Fangrui Song +Signed-off-by: Jessica Yu +Signed-off-by: Greg Kroah-Hartman +--- + kernel/module.c | 21 +++++++++++++++++++-- + 1 file changed, 19 insertions(+), 2 deletions(-) + +--- a/kernel/module.c ++++ b/kernel/module.c +@@ -2348,6 +2348,21 @@ static int verify_exported_symbols(struc + return 0; + } + ++static bool ignore_undef_symbol(Elf_Half emachine, const char *name) ++{ ++ /* ++ * On x86, PIC code and Clang non-PIC code may have call foo@PLT. GNU as ++ * before 2.37 produces an unreferenced _GLOBAL_OFFSET_TABLE_ on x86-64. ++ * i386 has a similar problem but may not deserve a fix. ++ * ++ * If we ever have to ignore many symbols, consider refactoring the code to ++ * only warn if referenced by a relocation. ++ */ ++ if (emachine == EM_386 || emachine == EM_X86_64) ++ return !strcmp(name, "_GLOBAL_OFFSET_TABLE_"); ++ return false; ++} ++ + /* Change all symbols so that st_value encodes the pointer directly. */ + static int simplify_symbols(struct module *mod, const struct load_info *info) + { +@@ -2395,8 +2410,10 @@ static int simplify_symbols(struct modul + break; + } + +- /* Ok if weak. */ +- if (!ksym && ELF_ST_BIND(sym[i].st_info) == STB_WEAK) ++ /* Ok if weak or ignored. */ ++ if (!ksym && ++ (ELF_ST_BIND(sym[i].st_info) == STB_WEAK || ++ ignore_undef_symbol(info->hdr->e_machine, name))) + break; + + ret = PTR_ERR(ksym) ?: -ENOENT; diff --git a/queue-5.11/nvmem-qcom-spmi-sdam-fix-uninitialized-pdev-pointer.patch b/queue-5.11/nvmem-qcom-spmi-sdam-fix-uninitialized-pdev-pointer.patch new file mode 100644 index 00000000000..9c2c0da187b --- /dev/null +++ b/queue-5.11/nvmem-qcom-spmi-sdam-fix-uninitialized-pdev-pointer.patch @@ -0,0 +1,60 @@ +From e2057ee29973b9741d43d3f475a6b02fb46a0e61 Mon Sep 17 00:00:00 2001 +From: Subbaraman Narayanamurthy +Date: Fri, 5 Feb 2021 10:08:53 +0000 +Subject: nvmem: qcom-spmi-sdam: Fix uninitialized pdev pointer + +From: Subbaraman Narayanamurthy + +commit e2057ee29973b9741d43d3f475a6b02fb46a0e61 upstream. + +"sdam->pdev" is uninitialized and it is used to print error logs. +Fix it. Since device pointer can be used from sdam_config, use it +directly thereby removing pdev pointer. + +Fixes: 40ce9798794f ("nvmem: add QTI SDAM driver") +Cc: stable@vger.kernel.org +Signed-off-by: Subbaraman Narayanamurthy +Signed-off-by: Srinivas Kandagatla +Link: https://lore.kernel.org/r/20210205100853.32372-3-srinivas.kandagatla@linaro.org +Signed-off-by: Greg Kroah-Hartman +Signed-off-by: Greg Kroah-Hartman +--- + drivers/nvmem/qcom-spmi-sdam.c | 7 +++---- + 1 file changed, 3 insertions(+), 4 deletions(-) + +--- a/drivers/nvmem/qcom-spmi-sdam.c ++++ b/drivers/nvmem/qcom-spmi-sdam.c +@@ -1,6 +1,6 @@ + // SPDX-License-Identifier: GPL-2.0-only + /* +- * Copyright (c) 2017, 2020 The Linux Foundation. All rights reserved. ++ * Copyright (c) 2017, 2020-2021, The Linux Foundation. All rights reserved. + */ + + #include +@@ -18,7 +18,6 @@ + #define SDAM_PBS_TRIG_CLR 0xE6 + + struct sdam_chip { +- struct platform_device *pdev; + struct regmap *regmap; + struct nvmem_config sdam_config; + unsigned int base; +@@ -65,7 +64,7 @@ static int sdam_read(void *priv, unsigne + size_t bytes) + { + struct sdam_chip *sdam = priv; +- struct device *dev = &sdam->pdev->dev; ++ struct device *dev = sdam->sdam_config.dev; + int rc; + + if (!sdam_is_valid(sdam, offset, bytes)) { +@@ -86,7 +85,7 @@ static int sdam_write(void *priv, unsign + size_t bytes) + { + struct sdam_chip *sdam = priv; +- struct device *dev = &sdam->pdev->dev; ++ struct device *dev = sdam->sdam_config.dev; + int rc; + + if (!sdam_is_valid(sdam, offset, bytes)) { diff --git a/queue-5.11/powerpc-32-preserve-cr1-in-exception-prolog-stack-check-to-fix-build-error.patch b/queue-5.11/powerpc-32-preserve-cr1-in-exception-prolog-stack-check-to-fix-build-error.patch new file mode 100644 index 00000000000..6ed581a2f60 --- /dev/null +++ b/queue-5.11/powerpc-32-preserve-cr1-in-exception-prolog-stack-check-to-fix-build-error.patch @@ -0,0 +1,61 @@ +From 3642eb21256a317ac14e9ed560242c6d20cf06d9 Mon Sep 17 00:00:00 2001 +From: Christophe Leroy +Date: Mon, 8 Feb 2021 07:17:40 +0000 +Subject: powerpc/32: Preserve cr1 in exception prolog stack check to fix build error + +From: Christophe Leroy + +commit 3642eb21256a317ac14e9ed560242c6d20cf06d9 upstream. + +THREAD_ALIGN_SHIFT = THREAD_SHIFT + 1 = PAGE_SHIFT + 1 +Maximum PAGE_SHIFT is 18 for 256k pages so +THREAD_ALIGN_SHIFT is 19 at the maximum. + +No need to clobber cr1, it can be preserved when moving r1 +into CR when we check stack overflow. + +This reduces the number of instructions in Machine Check Exception +prolog and fixes a build failure reported by the kernel test robot +on v5.10 stable when building with RTAS + VMAP_STACK + KVM. That +build failure is due to too many instructions in the prolog hence +not fitting between 0x200 and 0x300. Allthough the problem doesn't +show up in mainline, it is still worth the change. + +Fixes: 98bf2d3f4970 ("powerpc/32s: Fix RTAS machine check with VMAP stack") +Cc: stable@vger.kernel.org +Reported-by: kernel test robot +Signed-off-by: Christophe Leroy +Signed-off-by: Michael Ellerman +Link: https://lore.kernel.org/r/5ae4d545e3ac58e133d2599e0deb88843cb494fc.1612768623.git.christophe.leroy@csgroup.eu +Signed-off-by: Greg Kroah-Hartman +--- + arch/powerpc/kernel/head_32.h | 2 +- + arch/powerpc/kernel/head_book3s_32.S | 6 ------ + 2 files changed, 1 insertion(+), 7 deletions(-) + +--- a/arch/powerpc/kernel/head_32.h ++++ b/arch/powerpc/kernel/head_32.h +@@ -47,7 +47,7 @@ + lwz r1,TASK_STACK-THREAD(r1) + addi r1, r1, THREAD_SIZE - INT_FRAME_SIZE + 1: +- mtcrf 0x7f, r1 ++ mtcrf 0x3f, r1 + bt 32 - THREAD_ALIGN_SHIFT, stack_overflow + #else + subi r11, r1, INT_FRAME_SIZE /* use r1 if kernel */ +--- a/arch/powerpc/kernel/head_book3s_32.S ++++ b/arch/powerpc/kernel/head_book3s_32.S +@@ -278,12 +278,6 @@ MachineCheck: + 7: EXCEPTION_PROLOG_2 + addi r3,r1,STACK_FRAME_OVERHEAD + #ifdef CONFIG_PPC_CHRP +-#ifdef CONFIG_VMAP_STACK +- mfspr r4, SPRN_SPRG_THREAD +- tovirt(r4, r4) +- lwz r4, RTAS_SP(r4) +- cmpwi cr1, r4, 0 +-#endif + beq cr1, machine_check_tramp + twi 31, 0, 0 + #else diff --git a/queue-5.11/powerpc-32s-add-missing-call-to-kuep_lock-on-syscall-entry.patch b/queue-5.11/powerpc-32s-add-missing-call-to-kuep_lock-on-syscall-entry.patch new file mode 100644 index 00000000000..ba54d9fa06f --- /dev/null +++ b/queue-5.11/powerpc-32s-add-missing-call-to-kuep_lock-on-syscall-entry.patch @@ -0,0 +1,38 @@ +From 57fdfbce89137ae85cd5cef48be168040a47dd13 Mon Sep 17 00:00:00 2001 +From: Christophe Leroy +Date: Mon, 8 Feb 2021 15:10:20 +0000 +Subject: powerpc/32s: Add missing call to kuep_lock on syscall entry + +From: Christophe Leroy + +commit 57fdfbce89137ae85cd5cef48be168040a47dd13 upstream. + +Userspace Execution protection and fast syscall entry were implemented +independently from each other and were both merged in kernel 5.2, +leading to syscall entry missing userspace execution protection. + +On syscall entry, execution of user space memory must be +locked in the same way as on exception entry. + +Fixes: b86fb88855ea ("powerpc/32: implement fast entry for syscalls on non BOOKE") +Cc: stable@vger.kernel.org +Signed-off-by: Christophe Leroy +Signed-off-by: Michael Ellerman +Link: https://lore.kernel.org/r/c65e105b63aaf74f91a14f845bc77192350b84a6.1612796617.git.christophe.leroy@csgroup.eu +Signed-off-by: Greg Kroah-Hartman +--- + arch/powerpc/kernel/entry_32.S | 3 +++ + 1 file changed, 3 insertions(+) + +--- a/arch/powerpc/kernel/entry_32.S ++++ b/arch/powerpc/kernel/entry_32.S +@@ -356,6 +356,9 @@ trace_syscall_entry_irq_off: + + .globl transfer_to_syscall + transfer_to_syscall: ++#ifdef CONFIG_PPC_BOOK3S_32 ++ kuep_lock r11, r12 ++#endif + #ifdef CONFIG_TRACE_IRQFLAGS + andi. r12,r9,MSR_EE + beq- trace_syscall_entry_irq_off diff --git a/queue-5.11/powerpc-kexec_file-fix-fdt-size-estimation-for-kdump-kernel.patch b/queue-5.11/powerpc-kexec_file-fix-fdt-size-estimation-for-kdump-kernel.patch new file mode 100644 index 00000000000..b55298614bf --- /dev/null +++ b/queue-5.11/powerpc-kexec_file-fix-fdt-size-estimation-for-kdump-kernel.patch @@ -0,0 +1,104 @@ +From 2377c92e37fe97bc5b365f55cf60f56dfc4849f5 Mon Sep 17 00:00:00 2001 +From: Hari Bathini +Date: Thu, 4 Feb 2021 17:01:10 +0530 +Subject: powerpc/kexec_file: fix FDT size estimation for kdump kernel + +From: Hari Bathini + +commit 2377c92e37fe97bc5b365f55cf60f56dfc4849f5 upstream. + +On systems with large amount of memory, loading kdump kernel through +kexec_file_load syscall may fail with the below error: + + "Failed to update fdt with linux,drconf-usable-memory property" + +This happens because the size estimation for kdump kernel's FDT does +not account for the additional space needed to setup usable memory +properties. Fix it by accounting for the space needed to include +linux,usable-memory & linux,drconf-usable-memory properties while +estimating kdump kernel's FDT size. + +Fixes: 6ecd0163d360 ("powerpc/kexec_file: Add appropriate regions for memory reserve map") +Cc: stable@vger.kernel.org # v5.9+ +Signed-off-by: Hari Bathini +Signed-off-by: Michael Ellerman +Link: https://lore.kernel.org/r/161243826811.119001.14083048209224609814.stgit@hbathini +Signed-off-by: Greg Kroah-Hartman +--- + arch/powerpc/include/asm/kexec.h | 1 + + arch/powerpc/kexec/elf_64.c | 2 +- + arch/powerpc/kexec/file_load_64.c | 35 +++++++++++++++++++++++++++++++++++ + 3 files changed, 37 insertions(+), 1 deletion(-) + +--- a/arch/powerpc/include/asm/kexec.h ++++ b/arch/powerpc/include/asm/kexec.h +@@ -136,6 +136,7 @@ int load_crashdump_segments_ppc64(struct + int setup_purgatory_ppc64(struct kimage *image, const void *slave_code, + const void *fdt, unsigned long kernel_load_addr, + unsigned long fdt_load_addr); ++unsigned int kexec_fdt_totalsize_ppc64(struct kimage *image); + int setup_new_fdt_ppc64(const struct kimage *image, void *fdt, + unsigned long initrd_load_addr, + unsigned long initrd_len, const char *cmdline); +--- a/arch/powerpc/kexec/elf_64.c ++++ b/arch/powerpc/kexec/elf_64.c +@@ -102,7 +102,7 @@ static void *elf64_load(struct kimage *i + pr_debug("Loaded initrd at 0x%lx\n", initrd_load_addr); + } + +- fdt_size = fdt_totalsize(initial_boot_params) * 2; ++ fdt_size = kexec_fdt_totalsize_ppc64(image); + fdt = kmalloc(fdt_size, GFP_KERNEL); + if (!fdt) { + pr_err("Not enough memory for the device tree.\n"); +--- a/arch/powerpc/kexec/file_load_64.c ++++ b/arch/powerpc/kexec/file_load_64.c +@@ -21,6 +21,7 @@ + #include + #include + #include ++#include + #include + #include + #include +@@ -926,6 +927,40 @@ out: + } + + /** ++ * kexec_fdt_totalsize_ppc64 - Return the estimated size needed to setup FDT ++ * for kexec/kdump kernel. ++ * @image: kexec image being loaded. ++ * ++ * Returns the estimated size needed for kexec/kdump kernel FDT. ++ */ ++unsigned int kexec_fdt_totalsize_ppc64(struct kimage *image) ++{ ++ unsigned int fdt_size; ++ u64 usm_entries; ++ ++ /* ++ * The below estimate more than accounts for a typical kexec case where ++ * the additional space is to accommodate things like kexec cmdline, ++ * chosen node with properties for initrd start & end addresses and ++ * a property to indicate kexec boot.. ++ */ ++ fdt_size = fdt_totalsize(initial_boot_params) + (2 * COMMAND_LINE_SIZE); ++ if (image->type != KEXEC_TYPE_CRASH) ++ return fdt_size; ++ ++ /* ++ * For kdump kernel, also account for linux,usable-memory and ++ * linux,drconf-usable-memory properties. Get an approximate on the ++ * number of usable memory entries and use for FDT size estimation. ++ */ ++ usm_entries = ((memblock_end_of_DRAM() / drmem_lmb_size()) + ++ (2 * (resource_size(&crashk_res) / drmem_lmb_size()))); ++ fdt_size += (unsigned int)(usm_entries * sizeof(u64)); ++ ++ return fdt_size; ++} ++ ++/** + * setup_new_fdt_ppc64 - Update the flattend device-tree of the kernel + * being loaded. + * @image: kexec image being loaded. diff --git a/queue-5.11/printk-fix-deadlock-when-kernel-panic.patch b/queue-5.11/printk-fix-deadlock-when-kernel-panic.patch new file mode 100644 index 00000000000..0235070f7fe --- /dev/null +++ b/queue-5.11/printk-fix-deadlock-when-kernel-panic.patch @@ -0,0 +1,109 @@ +From 8a8109f303e25a27f92c1d8edd67d7cbbc60a4eb Mon Sep 17 00:00:00 2001 +From: Muchun Song +Date: Wed, 10 Feb 2021 11:48:23 +0800 +Subject: printk: fix deadlock when kernel panic + +From: Muchun Song + +commit 8a8109f303e25a27f92c1d8edd67d7cbbc60a4eb upstream. + +printk_safe_flush_on_panic() caused the following deadlock on our +server: + +CPU0: CPU1: +panic rcu_dump_cpu_stacks + kdump_nmi_shootdown_cpus nmi_trigger_cpumask_backtrace + register_nmi_handler(crash_nmi_callback) printk_safe_flush + __printk_safe_flush + raw_spin_lock_irqsave(&read_lock) + // send NMI to other processors + apic_send_IPI_allbutself(NMI_VECTOR) + // NMI interrupt, dead loop + crash_nmi_callback + printk_safe_flush_on_panic + printk_safe_flush + __printk_safe_flush + // deadlock + raw_spin_lock_irqsave(&read_lock) + +DEADLOCK: read_lock is taken on CPU1 and will never get released. + +It happens when panic() stops a CPU by NMI while it has been in +the middle of printk_safe_flush(). + +Handle the lock the same way as logbuf_lock. The printk_safe buffers +are flushed only when both locks can be safely taken. It can avoid +the deadlock _in this particular case_ at expense of losing contents +of printk_safe buffers. + +Note: It would actually be safe to re-init the locks when all CPUs were + stopped by NMI. But it would require passing this information + from arch-specific code. It is not worth the complexity. + Especially because logbuf_lock and printk_safe buffers have been + obsoleted by the lockless ring buffer. + +Fixes: cf9b1106c81c ("printk/nmi: flush NMI messages on the system panic") +Signed-off-by: Muchun Song +Reviewed-by: Petr Mladek +Cc: +Acked-by: Sergey Senozhatsky +Signed-off-by: Petr Mladek +Link: https://lore.kernel.org/r/20210210034823.64867-1-songmuchun@bytedance.com +Signed-off-by: Greg Kroah-Hartman +--- + kernel/printk/printk_safe.c | 16 ++++++++++++---- + 1 file changed, 12 insertions(+), 4 deletions(-) + +--- a/kernel/printk/printk_safe.c ++++ b/kernel/printk/printk_safe.c +@@ -45,6 +45,8 @@ struct printk_safe_seq_buf { + static DEFINE_PER_CPU(struct printk_safe_seq_buf, safe_print_seq); + static DEFINE_PER_CPU(int, printk_context); + ++static DEFINE_RAW_SPINLOCK(safe_read_lock); ++ + #ifdef CONFIG_PRINTK_NMI + static DEFINE_PER_CPU(struct printk_safe_seq_buf, nmi_print_seq); + #endif +@@ -180,8 +182,6 @@ static void report_message_lost(struct p + */ + static void __printk_safe_flush(struct irq_work *work) + { +- static raw_spinlock_t read_lock = +- __RAW_SPIN_LOCK_INITIALIZER(read_lock); + struct printk_safe_seq_buf *s = + container_of(work, struct printk_safe_seq_buf, work); + unsigned long flags; +@@ -195,7 +195,7 @@ static void __printk_safe_flush(struct i + * different CPUs. This is especially important when printing + * a backtrace. + */ +- raw_spin_lock_irqsave(&read_lock, flags); ++ raw_spin_lock_irqsave(&safe_read_lock, flags); + + i = 0; + more: +@@ -232,7 +232,7 @@ more: + + out: + report_message_lost(s); +- raw_spin_unlock_irqrestore(&read_lock, flags); ++ raw_spin_unlock_irqrestore(&safe_read_lock, flags); + } + + /** +@@ -278,6 +278,14 @@ void printk_safe_flush_on_panic(void) + raw_spin_lock_init(&logbuf_lock); + } + ++ if (raw_spin_is_locked(&safe_read_lock)) { ++ if (num_online_cpus() > 1) ++ return; ++ ++ debug_locks_off(); ++ raw_spin_lock_init(&safe_read_lock); ++ } ++ + printk_safe_flush(); + } + diff --git a/queue-5.11/series b/queue-5.11/series index 6a5905518fc..e958b7c7cfd 100644 --- a/queue-5.11/series +++ b/queue-5.11/series @@ -705,3 +705,23 @@ hugetlb-fix-copy_huge_page_from_user-contig-page-struct-assumption.patch mm-vmscan-restore-zone_reclaim_mode-abi.patch mm-compaction-make-fast_isolate_freepages-stay-within-zone.patch kvm-nsvm-fix-running-nested-guests-when-npt-0.patch +nvmem-qcom-spmi-sdam-fix-uninitialized-pdev-pointer.patch +module-ignore-_global_offset_table_-when-warning-for-undefined-symbols.patch +mmc-sdhci-esdhc-imx-fix-kernel-panic-when-remove-module.patch +mmc-sdhci-pci-o2micro-bug-fix-for-sdr104-hw-tuning-failure.patch +powerpc-32-preserve-cr1-in-exception-prolog-stack-check-to-fix-build-error.patch +powerpc-kexec_file-fix-fdt-size-estimation-for-kdump-kernel.patch +powerpc-32s-add-missing-call-to-kuep_lock-on-syscall-entry.patch +spmi-spmi-pmic-arb-fix-hw_irq-overflow.patch +mei-bus-block-send-with-vtag-on-non-conformat-fw.patch +mei-fix-transfer-over-dma-with-extended-header.patch +mei-me-emmitsburg-workstation-did.patch +mei-me-add-adler-lake-point-s-did.patch +mei-me-add-adler-lake-point-lp-did.patch +gpio-pcf857x-fix-missing-first-interrupt.patch +mfd-gateworks-gsc-fix-interrupt-type.patch +printk-fix-deadlock-when-kernel-panic.patch +exfat-fix-shift-out-of-bounds-in-exfat_fill_super.patch +zonefs-fix-file-size-of-zones-in-full-condition.patch +kcmp-support-selection-of-sys_kcmp-without-checkpoint_restore.patch +thermal-cpufreq_cooling-freq_qos_update_request-returns-0-on-error.patch diff --git a/queue-5.11/spmi-spmi-pmic-arb-fix-hw_irq-overflow.patch b/queue-5.11/spmi-spmi-pmic-arb-fix-hw_irq-overflow.patch new file mode 100644 index 00000000000..41348555f46 --- /dev/null +++ b/queue-5.11/spmi-spmi-pmic-arb-fix-hw_irq-overflow.patch @@ -0,0 +1,51 @@ +From d19db80a366576d3ffadf2508ed876b4c1faf959 Mon Sep 17 00:00:00 2001 +From: Subbaraman Narayanamurthy +Date: Thu, 11 Feb 2021 19:14:17 -0800 +Subject: spmi: spmi-pmic-arb: Fix hw_irq overflow + +From: Subbaraman Narayanamurthy + +commit d19db80a366576d3ffadf2508ed876b4c1faf959 upstream. + +Currently, when handling the SPMI summary interrupt, the hw_irq +number is calculated based on SID, Peripheral ID, IRQ index and +APID. This is then passed to irq_find_mapping() to see if a +mapping exists for this hw_irq and if available, invoke the +interrupt handler. Since the IRQ index uses an "int" type, hw_irq +which is of unsigned long data type can take a large value when +SID has its MSB set to 1 and the type conversion happens. Because +of this, irq_find_mapping() returns 0 as there is no mapping +for this hw_irq. This ends up invoking cleanup_irq() as if +the interrupt is spurious whereas it is actually a valid +interrupt. Fix this by using the proper data type (u32) for id. + +Cc: stable@vger.kernel.org +Signed-off-by: Subbaraman Narayanamurthy +Link: https://lore.kernel.org/r/1612812784-26369-1-git-send-email-subbaram@codeaurora.org +Signed-off-by: Stephen Boyd +Link: https://lore.kernel.org/r/20210212031417.3148936-1-sboyd@kernel.org +Signed-off-by: Greg Kroah-Hartman +--- + drivers/spmi/spmi-pmic-arb.c | 5 ++--- + 1 file changed, 2 insertions(+), 3 deletions(-) + +--- a/drivers/spmi/spmi-pmic-arb.c ++++ b/drivers/spmi/spmi-pmic-arb.c +@@ -1,6 +1,6 @@ + // SPDX-License-Identifier: GPL-2.0-only + /* +- * Copyright (c) 2012-2015, 2017, The Linux Foundation. All rights reserved. ++ * Copyright (c) 2012-2015, 2017, 2021, The Linux Foundation. All rights reserved. + */ + #include + #include +@@ -505,8 +505,7 @@ static void cleanup_irq(struct spmi_pmic + static void periph_interrupt(struct spmi_pmic_arb *pmic_arb, u16 apid) + { + unsigned int irq; +- u32 status; +- int id; ++ u32 status, id; + u8 sid = (pmic_arb->apid_data[apid].ppid >> 8) & 0xF; + u8 per = pmic_arb->apid_data[apid].ppid & 0xFF; + diff --git a/queue-5.11/thermal-cpufreq_cooling-freq_qos_update_request-returns-0-on-error.patch b/queue-5.11/thermal-cpufreq_cooling-freq_qos_update_request-returns-0-on-error.patch new file mode 100644 index 00000000000..0bf44d6f564 --- /dev/null +++ b/queue-5.11/thermal-cpufreq_cooling-freq_qos_update_request-returns-0-on-error.patch @@ -0,0 +1,51 @@ +From a51afb13311cd85b2f638c691b2734622277d8f5 Mon Sep 17 00:00:00 2001 +From: Viresh Kumar +Date: Wed, 17 Feb 2021 11:18:58 +0530 +Subject: thermal: cpufreq_cooling: freq_qos_update_request() returns < 0 on error + +From: Viresh Kumar + +commit a51afb13311cd85b2f638c691b2734622277d8f5 upstream. + +freq_qos_update_request() returns 1 if the effective constraint value +has changed, 0 if the effective constraint value has not changed, or a +negative error code on failures. + +The frequency constraints for CPUs can be set by different parts of the +kernel. If the maximum frequency constraint set by other parts of the +kernel are set at a lower value than the one corresponding to cooling +state 0, then we will never be able to cool down the system as +freq_qos_update_request() will keep on returning 0 and we will skip +updating cpufreq_state and thermal pressure. + +Fix that by doing the updates even in the case where +freq_qos_update_request() returns 0, as we have effectively set the +constraint to a new value even if the consolidated value of the +actual constraint is unchanged because of external factors. + +Cc: v5.7+ # v5.7+ +Reported-by: Thara Gopinath +Fixes: f12e4f66ab6a ("thermal/cpu-cooling: Update thermal pressure in case of a maximum frequency capping") +Signed-off-by: Viresh Kumar +Reviewed-by: Lukasz Luba +Tested-by: Lukasz Luba +Reviewed-by: Rafael J. Wysocki +Tested-by: Thara Gopinath +Signed-off-by: Daniel Lezcano +Link: https://lore.kernel.org/r/b2b7e84944937390256669df5a48ce5abba0c1ef.1613540713.git.viresh.kumar@linaro.org +Signed-off-by: Greg Kroah-Hartman +--- + drivers/thermal/cpufreq_cooling.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/drivers/thermal/cpufreq_cooling.c ++++ b/drivers/thermal/cpufreq_cooling.c +@@ -441,7 +441,7 @@ static int cpufreq_set_cur_state(struct + frequency = get_state_freq(cpufreq_cdev, state); + + ret = freq_qos_update_request(&cpufreq_cdev->qos_req, frequency); +- if (ret > 0) { ++ if (ret >= 0) { + cpufreq_cdev->cpufreq_state = state; + cpus = cpufreq_cdev->policy->cpus; + max_capacity = arch_scale_cpu_capacity(cpumask_first(cpus)); diff --git a/queue-5.11/zonefs-fix-file-size-of-zones-in-full-condition.patch b/queue-5.11/zonefs-fix-file-size-of-zones-in-full-condition.patch new file mode 100644 index 00000000000..6c90d3a0f10 --- /dev/null +++ b/queue-5.11/zonefs-fix-file-size-of-zones-in-full-condition.patch @@ -0,0 +1,37 @@ +From 059c01039c0185dbee7ed080f1f2bd22cb1e4dab Mon Sep 17 00:00:00 2001 +From: Shin'ichiro Kawasaki +Date: Wed, 17 Feb 2021 18:58:11 +0900 +Subject: zonefs: Fix file size of zones in full condition + +From: Shin'ichiro Kawasaki + +commit 059c01039c0185dbee7ed080f1f2bd22cb1e4dab upstream. + +Per ZBC/ZAC/ZNS specifications, write pointers may not have valid values +when zones are in full condition. However, when zonefs mounts a zoned +block device, zonefs refers write pointers to set file size even when +the zones are in full condition. This results in wrong file size. To fix +this, refer maximum file size in place of write pointers for zones in +full condition. + +Signed-off-by: Shin'ichiro Kawasaki +Fixes: 8dcc1a9d90c1 ("fs: New zonefs file system") +Cc: # 5.6+ +Signed-off-by: Damien Le Moal +Signed-off-by: Greg Kroah-Hartman +--- + fs/zonefs/super.c | 3 +++ + 1 file changed, 3 insertions(+) + +--- a/fs/zonefs/super.c ++++ b/fs/zonefs/super.c +@@ -250,6 +250,9 @@ static loff_t zonefs_check_zone_conditio + } + inode->i_mode &= ~0222; + return i_size_read(inode); ++ case BLK_ZONE_COND_FULL: ++ /* The write pointer of full zones is invalid. */ ++ return zi->i_max_size; + default: + if (zi->i_ztype == ZONEFS_ZTYPE_CNV) + return zi->i_max_size; -- 2.47.3