From d19786459d1bc9d7e555bdaf499494f7693d7fff Mon Sep 17 00:00:00 2001
From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Date: Tue, 20 Aug 2019 09:31:08 -0700
Subject: [PATCH] 4.14-stable patches

added patches:
	arm64-compat-allow-single-byte-watchpoints-on-all-addresses.patch
	arm64-ftrace-ensure-module-ftrace-trampoline-is-coherent-with-i-side.patch
	netfilter-conntrack-use-consistent-ct-id-hash-calculation.patch
---
 ...le-byte-watchpoints-on-all-addresses.patch | 42 ++++++++++
 ...e-trampoline-is-coherent-with-i-side.patch | 81 +++++++++++++++++++
 ...se-consistent-ct-id-hash-calculation.patch | 65 +++++++++++++++
 queue-4.14/series                             |  3 +
 4 files changed, 191 insertions(+)
 create mode 100644 queue-4.14/arm64-compat-allow-single-byte-watchpoints-on-all-addresses.patch
 create mode 100644 queue-4.14/arm64-ftrace-ensure-module-ftrace-trampoline-is-coherent-with-i-side.patch
 create mode 100644 queue-4.14/netfilter-conntrack-use-consistent-ct-id-hash-calculation.patch

diff --git a/queue-4.14/arm64-compat-allow-single-byte-watchpoints-on-all-addresses.patch b/queue-4.14/arm64-compat-allow-single-byte-watchpoints-on-all-addresses.patch
new file mode 100644
index 00000000000..ba9a9e07b3a
--- /dev/null
+++ b/queue-4.14/arm64-compat-allow-single-byte-watchpoints-on-all-addresses.patch
@@ -0,0 +1,42 @@
+From 849adec41203ac5837c40c2d7e08490ffdef3c2c Mon Sep 17 00:00:00 2001
+From: Will Deacon <will@kernel.org>
+Date: Mon, 29 Jul 2019 11:06:17 +0100
+Subject: arm64: compat: Allow single-byte watchpoints on all addresses
+
+From: Will Deacon <will@kernel.org>
+
+commit 849adec41203ac5837c40c2d7e08490ffdef3c2c upstream.
+
+Commit d968d2b801d8 ("ARM: 7497/1: hw_breakpoint: allow single-byte
+watchpoints on all addresses") changed the validation requirements for
+hardware watchpoints on arch/arm/. Update our compat layer to implement
+the same relaxation.
+
+Cc: <stable@vger.kernel.org>
+Signed-off-by: Will Deacon <will@kernel.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ arch/arm64/kernel/hw_breakpoint.c |    7 ++++---
+ 1 file changed, 4 insertions(+), 3 deletions(-)
+
+--- a/arch/arm64/kernel/hw_breakpoint.c
++++ b/arch/arm64/kernel/hw_breakpoint.c
+@@ -548,13 +548,14 @@ int arch_validate_hwbkpt_settings(struct
+ 			/* Aligned */
+ 			break;
+ 		case 1:
+-			/* Allow single byte watchpoint. */
+-			if (info->ctrl.len == ARM_BREAKPOINT_LEN_1)
+-				break;
+ 		case 2:
+ 			/* Allow halfword watchpoints and breakpoints. */
+ 			if (info->ctrl.len == ARM_BREAKPOINT_LEN_2)
+ 				break;
++		case 3:
++			/* Allow single byte watchpoint. */
++			if (info->ctrl.len == ARM_BREAKPOINT_LEN_1)
++				break;
+ 		default:
+ 			return -EINVAL;
+ 		}
diff --git a/queue-4.14/arm64-ftrace-ensure-module-ftrace-trampoline-is-coherent-with-i-side.patch b/queue-4.14/arm64-ftrace-ensure-module-ftrace-trampoline-is-coherent-with-i-side.patch
new file mode 100644
index 00000000000..4d9a280336f
--- /dev/null
+++ b/queue-4.14/arm64-ftrace-ensure-module-ftrace-trampoline-is-coherent-with-i-side.patch
@@ -0,0 +1,81 @@
+From b6143d10d23ebb4a77af311e8b8b7f019d0163e6 Mon Sep 17 00:00:00 2001
+From: Will Deacon <will@kernel.org>
+Date: Fri, 16 Aug 2019 14:57:43 +0100
+Subject: arm64: ftrace: Ensure module ftrace trampoline is coherent with I-side
+
+From: Will Deacon <will@kernel.org>
+
+commit b6143d10d23ebb4a77af311e8b8b7f019d0163e6 upstream.
+
+The initial support for dynamic ftrace trampolines in modules made use
+of an indirect branch which loaded its target from the beginning of
+a special section (e71a4e1bebaf7 ("arm64: ftrace: add support for far
+branches to dynamic ftrace")). Since no instructions were being patched,
+no cache maintenance was needed. However, later in be0f272bfc83 ("arm64:
+ftrace: emit ftrace-mod.o contents through code") this code was reworked
+to output the trampoline instructions directly into the PLT entry but,
+unfortunately, the necessary cache maintenance was overlooked.
+
+Add a call to __flush_icache_range() after writing the new trampoline
+instructions but before patching in the branch to the trampoline.
+
+Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
+Cc: James Morse <james.morse@arm.com>
+Cc: <stable@vger.kernel.org>
+Fixes: be0f272bfc83 ("arm64: ftrace: emit ftrace-mod.o contents through code")
+Signed-off-by: Will Deacon <will@kernel.org>
+Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+
+---
+ arch/arm64/kernel/ftrace.c |   21 ++++++++++++---------
+ 1 file changed, 12 insertions(+), 9 deletions(-)
+
+--- a/arch/arm64/kernel/ftrace.c
++++ b/arch/arm64/kernel/ftrace.c
+@@ -76,7 +76,7 @@ int ftrace_make_call(struct dyn_ftrace *
+ 
+ 	if (offset < -SZ_128M || offset >= SZ_128M) {
+ #ifdef CONFIG_ARM64_MODULE_PLTS
+-		struct plt_entry trampoline;
++		struct plt_entry trampoline, *dst;
+ 		struct module *mod;
+ 
+ 		/*
+@@ -104,24 +104,27 @@ int ftrace_make_call(struct dyn_ftrace *
+ 		 * is added in the future, but for now, the pr_err() below
+ 		 * deals with a theoretical issue only.
+ 		 */
++		dst = mod->arch.ftrace_trampoline;
+ 		trampoline = get_plt_entry(addr);
+-		if (!plt_entries_equal(mod->arch.ftrace_trampoline,
+-				       &trampoline)) {
+-			if (!plt_entries_equal(mod->arch.ftrace_trampoline,
+-					       &(struct plt_entry){})) {
++		if (!plt_entries_equal(dst, &trampoline)) {
++			if (!plt_entries_equal(dst, &(struct plt_entry){})) {
+ 				pr_err("ftrace: far branches to multiple entry points unsupported inside a single module\n");
+ 				return -EINVAL;
+ 			}
+ 
+ 			/* point the trampoline to our ftrace entry point */
+ 			module_disable_ro(mod);
+-			*mod->arch.ftrace_trampoline = trampoline;
++			*dst = trampoline;
+ 			module_enable_ro(mod, true);
+ 
+-			/* update trampoline before patching in the branch */
+-			smp_wmb();
++			/*
++			 * Ensure updated trampoline is visible to instruction
++			 * fetch before we patch in the branch.
++			 */
++			flush_icache_range((unsigned long)&dst[0],
++					   (unsigned long)&dst[1]);
+ 		}
+-		addr = (unsigned long)(void *)mod->arch.ftrace_trampoline;
++		addr = (unsigned long)dst;
+ #else /* CONFIG_ARM64_MODULE_PLTS */
+ 		return -EINVAL;
+ #endif /* CONFIG_ARM64_MODULE_PLTS */
diff --git a/queue-4.14/netfilter-conntrack-use-consistent-ct-id-hash-calculation.patch b/queue-4.14/netfilter-conntrack-use-consistent-ct-id-hash-calculation.patch
new file mode 100644
index 00000000000..d2fe355b0ec
--- /dev/null
+++ b/queue-4.14/netfilter-conntrack-use-consistent-ct-id-hash-calculation.patch
@@ -0,0 +1,65 @@
+From 656c8e9cc1badbc18eefe6ba01d33ebbcae61b9a Mon Sep 17 00:00:00 2001
+From: Dirk Morris <dmorris@metaloft.com>
+Date: Thu, 8 Aug 2019 13:57:51 -0700
+Subject: netfilter: conntrack: Use consistent ct id hash calculation
+
+From: Dirk Morris <dmorris@metaloft.com>
+
+commit 656c8e9cc1badbc18eefe6ba01d33ebbcae61b9a upstream.
+
+Change ct id hash calculation to only use invariants.
+
+Currently the ct id hash calculation is based on some fields that can
+change in the lifetime on a conntrack entry in some corner cases. The
+current hash uses the whole tuple which contains an hlist pointer which
+will change when the conntrack is placed on the dying list resulting in
+a ct id change.
+
+This patch also removes the reply-side tuple and extension pointer from
+the hash calculation so that the ct id will will not change from
+initialization until confirmation.
+
+Fixes: 3c79107631db1f7 ("netfilter: ctnetlink: don't use conntrack/expect object addresses as id")
+Signed-off-by: Dirk Morris <dmorris@metaloft.com>
+Acked-by: Florian Westphal <fw@strlen.de>
+Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ net/netfilter/nf_conntrack_core.c |   16 ++++++++--------
+ 1 file changed, 8 insertions(+), 8 deletions(-)
+
+--- a/net/netfilter/nf_conntrack_core.c
++++ b/net/netfilter/nf_conntrack_core.c
+@@ -307,13 +307,12 @@ EXPORT_SYMBOL_GPL(nf_ct_invert_tuple);
+  * table location, we assume id gets exposed to userspace.
+  *
+  * Following nf_conn items do not change throughout lifetime
+- * of the nf_conn after it has been committed to main hash table:
++ * of the nf_conn:
+  *
+  * 1. nf_conn address
+- * 2. nf_conn->ext address
+- * 3. nf_conn->master address (normally NULL)
+- * 4. tuple
+- * 5. the associated net namespace
++ * 2. nf_conn->master address (normally NULL)
++ * 3. the associated net namespace
++ * 4. the original direction tuple
+  */
+ u32 nf_ct_get_id(const struct nf_conn *ct)
+ {
+@@ -323,9 +322,10 @@ u32 nf_ct_get_id(const struct nf_conn *c
+ 	net_get_random_once(&ct_id_seed, sizeof(ct_id_seed));
+ 
+ 	a = (unsigned long)ct;
+-	b = (unsigned long)ct->master ^ net_hash_mix(nf_ct_net(ct));
+-	c = (unsigned long)ct->ext;
+-	d = (unsigned long)siphash(&ct->tuplehash, sizeof(ct->tuplehash),
++	b = (unsigned long)ct->master;
++	c = (unsigned long)nf_ct_net(ct);
++	d = (unsigned long)siphash(&ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple,
++				   sizeof(ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple),
+ 				   &ct_id_seed);
+ #ifdef CONFIG_64BIT
+ 	return siphash_4u64((u64)a, (u64)b, (u64)c, (u64)d, &ct_id_seed);
diff --git a/queue-4.14/series b/queue-4.14/series
index 331d543c320..de627082a21 100644
--- a/queue-4.14/series
+++ b/queue-4.14/series
@@ -54,3 +54,6 @@ usb-serial-option-add-the-broadmobi-bm818-card.patch
 usb-serial-option-add-motorola-modem-uarts.patch
 bpf-fix-bpf_jit_limit-knob-for-page_size-64k.patch
 revert-tcp-clear-sk_send_head-after-purging-the-writ.patch
+arm64-compat-allow-single-byte-watchpoints-on-all-addresses.patch
+arm64-ftrace-ensure-module-ftrace-trampoline-is-coherent-with-i-side.patch
+netfilter-conntrack-use-consistent-ct-id-hash-calculation.patch
-- 
2.47.3