From ffc6ce08b85fc8ea90e178d86b11fa9b16140fa8 Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman Date: Thu, 13 Jun 2024 12:14:27 +0200 Subject: [PATCH] 5.15-stable patches added patches: ext4-fix-mb_cache_entry-s-e_refcnt-leak-in-ext4_xattr_block_cache_find.patch ext4-set-type-of-ac_groups_linear_remaining-to-__u32-to-avoid-overflow.patch i3c-master-svc-fix-invalidate-ibi-type-and-miss-call-client-ibi-handler.patch s390-ap-fix-crash-in-ap-internal-function-modify_bitmap.patch s390-cpacf-make-use-of-invalid-opcode-produce-a-link-error.patch s390-cpacf-split-and-rework-cpacf-query-functions.patch --- ...-leak-in-ext4_xattr_block_cache_find.patch | 59 +++++++ ...remaining-to-__u32-to-avoid-overflow.patch | 38 +++++ ...ype-and-miss-call-client-ibi-handler.patch | 74 +++++++++ ...n-ap-internal-function-modify_bitmap.patch | 75 +++++++++ ...-invalid-opcode-produce-a-link-error.patch | 60 +++++++ ...lit-and-rework-cpacf-query-functions.patch | 147 ++++++++++++++++++ queue-5.15/series | 6 + 7 files changed, 459 insertions(+) create mode 100644 queue-5.15/ext4-fix-mb_cache_entry-s-e_refcnt-leak-in-ext4_xattr_block_cache_find.patch create mode 100644 queue-5.15/ext4-set-type-of-ac_groups_linear_remaining-to-__u32-to-avoid-overflow.patch create mode 100644 queue-5.15/i3c-master-svc-fix-invalidate-ibi-type-and-miss-call-client-ibi-handler.patch create mode 100644 queue-5.15/s390-ap-fix-crash-in-ap-internal-function-modify_bitmap.patch create mode 100644 queue-5.15/s390-cpacf-make-use-of-invalid-opcode-produce-a-link-error.patch create mode 100644 queue-5.15/s390-cpacf-split-and-rework-cpacf-query-functions.patch diff --git a/queue-5.15/ext4-fix-mb_cache_entry-s-e_refcnt-leak-in-ext4_xattr_block_cache_find.patch b/queue-5.15/ext4-fix-mb_cache_entry-s-e_refcnt-leak-in-ext4_xattr_block_cache_find.patch new file mode 100644 index 00000000000..795cf4d0d98 --- /dev/null +++ b/queue-5.15/ext4-fix-mb_cache_entry-s-e_refcnt-leak-in-ext4_xattr_block_cache_find.patch @@ -0,0 +1,59 @@ +From 0c0b4a49d3e7f49690a6827a41faeffad5df7e21 Mon Sep 17 00:00:00 2001 +From: Baokun Li +Date: Sat, 4 May 2024 15:55:25 +0800 +Subject: ext4: fix mb_cache_entry's e_refcnt leak in ext4_xattr_block_cache_find() + +From: Baokun Li + +commit 0c0b4a49d3e7f49690a6827a41faeffad5df7e21 upstream. + +Syzbot reports a warning as follows: + +============================================ +WARNING: CPU: 0 PID: 5075 at fs/mbcache.c:419 mb_cache_destroy+0x224/0x290 +Modules linked in: +CPU: 0 PID: 5075 Comm: syz-executor199 Not tainted 6.9.0-rc6-gb947cc5bf6d7 +RIP: 0010:mb_cache_destroy+0x224/0x290 fs/mbcache.c:419 +Call Trace: + + ext4_put_super+0x6d4/0xcd0 fs/ext4/super.c:1375 + generic_shutdown_super+0x136/0x2d0 fs/super.c:641 + kill_block_super+0x44/0x90 fs/super.c:1675 + ext4_kill_sb+0x68/0xa0 fs/ext4/super.c:7327 +[...] +============================================ + +This is because when finding an entry in ext4_xattr_block_cache_find(), if +ext4_sb_bread() returns -ENOMEM, the ce's e_refcnt, which has already grown +in the __entry_find(), won't be put away, and eventually trigger the above +issue in mb_cache_destroy() due to reference count leakage. + +So call mb_cache_entry_put() on the -ENOMEM error branch as a quick fix. + +Reported-by: syzbot+dd43bd0f7474512edc47@syzkaller.appspotmail.com +Closes: https://syzkaller.appspot.com/bug?extid=dd43bd0f7474512edc47 +Fixes: fb265c9cb49e ("ext4: add ext4_sb_bread() to disambiguate ENOMEM cases") +Cc: stable@kernel.org +Signed-off-by: Baokun Li +Reviewed-by: Jan Kara +Link: https://lore.kernel.org/r/20240504075526.2254349-2-libaokun@huaweicloud.com +Signed-off-by: Theodore Ts'o +Signed-off-by: Greg Kroah-Hartman +--- + fs/ext4/xattr.c | 4 +++- + 1 file changed, 3 insertions(+), 1 deletion(-) + +--- a/fs/ext4/xattr.c ++++ b/fs/ext4/xattr.c +@@ -3075,8 +3075,10 @@ ext4_xattr_block_cache_find(struct inode + + bh = ext4_sb_bread(inode->i_sb, ce->e_value, REQ_PRIO); + if (IS_ERR(bh)) { +- if (PTR_ERR(bh) == -ENOMEM) ++ if (PTR_ERR(bh) == -ENOMEM) { ++ mb_cache_entry_put(ea_block_cache, ce); + return NULL; ++ } + bh = NULL; + EXT4_ERROR_INODE(inode, "block %lu read error", + (unsigned long)ce->e_value); diff --git a/queue-5.15/ext4-set-type-of-ac_groups_linear_remaining-to-__u32-to-avoid-overflow.patch b/queue-5.15/ext4-set-type-of-ac_groups_linear_remaining-to-__u32-to-avoid-overflow.patch new file mode 100644 index 00000000000..0e75564a7ff --- /dev/null +++ b/queue-5.15/ext4-set-type-of-ac_groups_linear_remaining-to-__u32-to-avoid-overflow.patch @@ -0,0 +1,38 @@ +From 9a9f3a9842927e4af7ca10c19c94dad83bebd713 Mon Sep 17 00:00:00 2001 +From: Baokun Li +Date: Tue, 19 Mar 2024 19:33:23 +0800 +Subject: ext4: set type of ac_groups_linear_remaining to __u32 to avoid overflow + +From: Baokun Li + +commit 9a9f3a9842927e4af7ca10c19c94dad83bebd713 upstream. + +Now ac_groups_linear_remaining is of type __u16 and s_mb_max_linear_groups +is of type unsigned int, so an overflow occurs when setting a value above +65535 through the mb_max_linear_groups sysfs interface. Therefore, the +type of ac_groups_linear_remaining is set to __u32 to avoid overflow. + +Fixes: 196e402adf2e ("ext4: improve cr 0 / cr 1 group scanning") +CC: stable@kernel.org +Signed-off-by: Baokun Li +Reviewed-by: Zhang Yi +Reviewed-by: Jan Kara +Link: https://lore.kernel.org/r/20240319113325.3110393-8-libaokun1@huawei.com +Signed-off-by: Theodore Ts'o +Signed-off-by: Greg Kroah-Hartman +--- + fs/ext4/mballoc.h | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/fs/ext4/mballoc.h ++++ b/fs/ext4/mballoc.h +@@ -181,8 +181,8 @@ struct ext4_allocation_context { + ext4_group_t ac_last_optimal_group; + __u32 ac_groups_considered; + __u32 ac_flags; /* allocation hints */ ++ __u32 ac_groups_linear_remaining; + __u16 ac_groups_scanned; +- __u16 ac_groups_linear_remaining; + __u16 ac_found; + __u16 ac_tail; + __u16 ac_buddy; diff --git a/queue-5.15/i3c-master-svc-fix-invalidate-ibi-type-and-miss-call-client-ibi-handler.patch b/queue-5.15/i3c-master-svc-fix-invalidate-ibi-type-and-miss-call-client-ibi-handler.patch new file mode 100644 index 00000000000..fba9c816358 --- /dev/null +++ b/queue-5.15/i3c-master-svc-fix-invalidate-ibi-type-and-miss-call-client-ibi-handler.patch @@ -0,0 +1,74 @@ +From 38baed9b8600008e5d7bc8cb9ceccc1af3dd54b7 Mon Sep 17 00:00:00 2001 +From: Frank Li +Date: Mon, 6 May 2024 12:40:09 -0400 +Subject: i3c: master: svc: fix invalidate IBI type and miss call client IBI handler + +From: Frank Li + +commit 38baed9b8600008e5d7bc8cb9ceccc1af3dd54b7 upstream. + +In an In-Band Interrupt (IBI) handle, the code logic is as follows: + +1: writel(SVC_I3C_MCTRL_REQUEST_AUTO_IBI | SVC_I3C_MCTRL_IBIRESP_AUTO, + master->regs + SVC_I3C_MCTRL); + +2: ret = readl_relaxed_poll_timeout(master->regs + SVC_I3C_MSTATUS, val, + SVC_I3C_MSTATUS_IBIWON(val), 0, 1000); + ... +3: ibitype = SVC_I3C_MSTATUS_IBITYPE(status); + ibiaddr = SVC_I3C_MSTATUS_IBIADDR(status); + +SVC_I3C_MSTATUS_IBIWON may be set before step 1. Thus, step 2 will return +immediately, and the I3C controller has not sent out the 9th SCL yet. +Consequently, ibitype and ibiaddr are 0, resulting in an unknown IBI type +occurrence and missing call I3C client driver's IBI handler. + +A typical case is that SVC_I3C_MSTATUS_IBIWON is set when an IBI occurs +during the controller send start frame in svc_i3c_master_xfer(). + +Clear SVC_I3C_MSTATUS_IBIWON before issue SVC_I3C_MCTRL_REQUEST_AUTO_IBI +to fix this issue. + +Cc: stable@vger.kernel.org +Fixes: 5e5e3c92e748 ("i3c: master: svc: fix wrong data return when IBI happen during start frame") +Signed-off-by: Frank Li +Reviewed-by: Miquel Raynal +Link: https://lore.kernel.org/r/20240506164009.21375-3-Frank.Li@nxp.com +Signed-off-by: Alexandre Belloni +Signed-off-by: Greg Kroah-Hartman +--- + drivers/i3c/master/svc-i3c-master.c | 16 +++++++++++++--- + 1 file changed, 13 insertions(+), 3 deletions(-) + +--- a/drivers/i3c/master/svc-i3c-master.c ++++ b/drivers/i3c/master/svc-i3c-master.c +@@ -356,6 +356,19 @@ static void svc_i3c_master_ibi_work(stru + int ret; + + mutex_lock(&master->lock); ++ /* ++ * IBIWON may be set before SVC_I3C_MCTRL_REQUEST_AUTO_IBI, causing ++ * readl_relaxed_poll_timeout() to return immediately. Consequently, ++ * ibitype will be 0 since it was last updated only after the 8th SCL ++ * cycle, leading to missed client IBI handlers. ++ * ++ * A typical scenario is when IBIWON occurs and bus arbitration is lost ++ * at svc_i3c_master_priv_xfers(). ++ * ++ * Clear SVC_I3C_MINT_IBIWON before sending SVC_I3C_MCTRL_REQUEST_AUTO_IBI. ++ */ ++ writel(SVC_I3C_MINT_IBIWON, master->regs + SVC_I3C_MSTATUS); ++ + /* Acknowledge the incoming interrupt with the AUTOIBI mechanism */ + writel(SVC_I3C_MCTRL_REQUEST_AUTO_IBI | + SVC_I3C_MCTRL_IBIRESP_AUTO, +@@ -370,9 +383,6 @@ static void svc_i3c_master_ibi_work(stru + goto reenable_ibis; + } + +- /* Clear the interrupt status */ +- writel(SVC_I3C_MINT_IBIWON, master->regs + SVC_I3C_MSTATUS); +- + status = readl(master->regs + SVC_I3C_MSTATUS); + ibitype = SVC_I3C_MSTATUS_IBITYPE(status); + ibiaddr = SVC_I3C_MSTATUS_IBIADDR(status); diff --git a/queue-5.15/s390-ap-fix-crash-in-ap-internal-function-modify_bitmap.patch b/queue-5.15/s390-ap-fix-crash-in-ap-internal-function-modify_bitmap.patch new file mode 100644 index 00000000000..2b619b12553 --- /dev/null +++ b/queue-5.15/s390-ap-fix-crash-in-ap-internal-function-modify_bitmap.patch @@ -0,0 +1,75 @@ +From d4f9d5a99a3fd1b1c691b7a1a6f8f3f25f4116c9 Mon Sep 17 00:00:00 2001 +From: Harald Freudenberger +Date: Mon, 13 May 2024 14:49:13 +0200 +Subject: s390/ap: Fix crash in AP internal function modify_bitmap() + +From: Harald Freudenberger + +commit d4f9d5a99a3fd1b1c691b7a1a6f8f3f25f4116c9 upstream. + +A system crash like this + + Failing address: 200000cb7df6f000 TEID: 200000cb7df6f403 + Fault in home space mode while using kernel ASCE. + AS:00000002d71bc007 R3:00000003fe5b8007 S:000000011a446000 P:000000015660c13d + Oops: 0038 ilc:3 [#1] PREEMPT SMP + Modules linked in: mlx5_ib ... + CPU: 8 PID: 7556 Comm: bash Not tainted 6.9.0-rc7 #8 + Hardware name: IBM 3931 A01 704 (LPAR) + Krnl PSW : 0704e00180000000 0000014b75e7b606 (ap_parse_bitmap_str+0x10e/0x1f8) + R:0 T:1 IO:1 EX:1 Key:0 M:1 W:0 P:0 AS:3 CC:2 PM:0 RI:0 EA:3 + Krnl GPRS: 0000000000000001 ffffffffffffffc0 0000000000000001 00000048f96b75d3 + 000000cb00000100 ffffffffffffffff ffffffffffffffff 000000cb7df6fce0 + 000000cb7df6fce0 00000000ffffffff 000000000000002b 00000048ffffffff + 000003ff9b2dbc80 200000cb7df6fcd8 0000014bffffffc0 000000cb7df6fbc8 + Krnl Code: 0000014b75e7b5fc: a7840047 brc 8,0000014b75e7b68a + 0000014b75e7b600: 18b2 lr %r11,%r2 + #0000014b75e7b602: a7f4000a brc 15,0000014b75e7b616 + >0000014b75e7b606: eb22d00000e6 laog %r2,%r2,0(%r13) + 0000014b75e7b60c: a7680001 lhi %r6,1 + 0000014b75e7b610: 187b lr %r7,%r11 + 0000014b75e7b612: 84960021 brxh %r9,%r6,0000014b75e7b654 + 0000014b75e7b616: 18e9 lr %r14,%r9 + Call Trace: + [<0000014b75e7b606>] ap_parse_bitmap_str+0x10e/0x1f8 + ([<0000014b75e7b5dc>] ap_parse_bitmap_str+0xe4/0x1f8) + [<0000014b75e7b758>] apmask_store+0x68/0x140 + [<0000014b75679196>] kernfs_fop_write_iter+0x14e/0x1e8 + [<0000014b75598524>] vfs_write+0x1b4/0x448 + [<0000014b7559894c>] ksys_write+0x74/0x100 + [<0000014b7618a440>] __do_syscall+0x268/0x328 + [<0000014b761a3558>] system_call+0x70/0x98 + INFO: lockdep is turned off. + Last Breaking-Event-Address: + [<0000014b75e7b636>] ap_parse_bitmap_str+0x13e/0x1f8 + Kernel panic - not syncing: Fatal exception: panic_on_oops + +occured when /sys/bus/ap/a[pq]mask was updated with a relative mask value +(like +0x10-0x12,+60,-90) with one of the numeric values exceeding INT_MAX. + +The fix is simple: use unsigned long values for the internal variables. The +correct checks are already in place in the function but a simple int for +the internal variables was used with the possibility to overflow. + +Reported-by: Marc Hartmayer +Signed-off-by: Harald Freudenberger +Tested-by: Marc Hartmayer +Reviewed-by: Holger Dengler +Cc: +Signed-off-by: Heiko Carstens +Signed-off-by: Greg Kroah-Hartman +--- + drivers/s390/crypto/ap_bus.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/drivers/s390/crypto/ap_bus.c ++++ b/drivers/s390/crypto/ap_bus.c +@@ -1031,7 +1031,7 @@ static int hex2bitmap(const char *str, u + */ + static int modify_bitmap(const char *str, unsigned long *bitmap, int bits) + { +- int a, i, z; ++ unsigned long a, i, z; + char *np, sign; + + /* bits needs to be a multiple of 8 */ diff --git a/queue-5.15/s390-cpacf-make-use-of-invalid-opcode-produce-a-link-error.patch b/queue-5.15/s390-cpacf-make-use-of-invalid-opcode-produce-a-link-error.patch new file mode 100644 index 00000000000..cdfa53c66ad --- /dev/null +++ b/queue-5.15/s390-cpacf-make-use-of-invalid-opcode-produce-a-link-error.patch @@ -0,0 +1,60 @@ +From 32e8bd6423fc127d2b37bdcf804fd76af3bbec79 Mon Sep 17 00:00:00 2001 +From: Harald Freudenberger +Date: Tue, 14 May 2024 10:09:32 +0200 +Subject: s390/cpacf: Make use of invalid opcode produce a link error + +From: Harald Freudenberger + +commit 32e8bd6423fc127d2b37bdcf804fd76af3bbec79 upstream. + +Instead of calling BUG() at runtime introduce and use a prototype for a +non-existing function to produce a link error during compile when a not +supported opcode is used with the __cpacf_query() or __cpacf_check_opcode() +inline functions. + +Suggested-by: Heiko Carstens +Signed-off-by: Harald Freudenberger +Reviewed-by: Holger Dengler +Reviewed-by: Juergen Christ +Cc: stable@vger.kernel.org +Signed-off-by: Heiko Carstens +Signed-off-by: Greg Kroah-Hartman +--- + arch/s390/include/asm/cpacf.h | 12 ++++++++++-- + 1 file changed, 10 insertions(+), 2 deletions(-) + +--- a/arch/s390/include/asm/cpacf.h ++++ b/arch/s390/include/asm/cpacf.h +@@ -161,6 +161,13 @@ + + typedef struct { unsigned char bytes[16]; } cpacf_mask_t; + ++/* ++ * Prototype for a not existing function to produce a link ++ * error if __cpacf_query() or __cpacf_check_opcode() is used ++ * with an invalid compile time const opcode. ++ */ ++void __cpacf_bad_opcode(void); ++ + static __always_inline void __cpacf_query_rre(u32 opc, u8 r1, u8 r2, + cpacf_mask_t *mask) + { +@@ -232,7 +239,7 @@ static __always_inline void __cpacf_quer + __cpacf_query_rre(CPACF_PRNO, 2, 4, mask); + break; + default: +- BUG(); ++ __cpacf_bad_opcode(); + } + } + +@@ -257,7 +264,8 @@ static __always_inline int __cpacf_check + case CPACF_KMA: + return test_facility(146); /* check for MSA8 */ + default: +- BUG(); ++ __cpacf_bad_opcode(); ++ return 0; + } + } + diff --git a/queue-5.15/s390-cpacf-split-and-rework-cpacf-query-functions.patch b/queue-5.15/s390-cpacf-split-and-rework-cpacf-query-functions.patch new file mode 100644 index 00000000000..b5b299b3fe4 --- /dev/null +++ b/queue-5.15/s390-cpacf-split-and-rework-cpacf-query-functions.patch @@ -0,0 +1,147 @@ +From 830999bd7e72f4128b9dfa37090d9fa8120ce323 Mon Sep 17 00:00:00 2001 +From: Harald Freudenberger +Date: Fri, 3 May 2024 11:31:42 +0200 +Subject: s390/cpacf: Split and rework cpacf query functions + +From: Harald Freudenberger + +commit 830999bd7e72f4128b9dfa37090d9fa8120ce323 upstream. + +Rework the cpacf query functions to use the correct RRE +or RRF instruction formats and set register fields within +instructions correctly. + +Fixes: 1afd43e0fbba ("s390/crypto: allow to query all known cpacf functions") +Reported-by: Nina Schoetterl-Glausch +Suggested-by: Heiko Carstens +Suggested-by: Juergen Christ +Suggested-by: Holger Dengler +Signed-off-by: Harald Freudenberger +Reviewed-by: Holger Dengler +Reviewed-by: Juergen Christ +Cc: +Signed-off-by: Heiko Carstens +Signed-off-by: Greg Kroah-Hartman +--- + arch/s390/include/asm/cpacf.h | 101 +++++++++++++++++++++++++++++++++--------- + 1 file changed, 81 insertions(+), 20 deletions(-) + +--- a/arch/s390/include/asm/cpacf.h ++++ b/arch/s390/include/asm/cpacf.h +@@ -161,28 +161,79 @@ + + typedef struct { unsigned char bytes[16]; } cpacf_mask_t; + +-/** +- * cpacf_query() - check if a specific CPACF function is available +- * @opcode: the opcode of the crypto instruction +- * @func: the function code to test for +- * +- * Executes the query function for the given crypto instruction @opcode +- * and checks if @func is available +- * +- * Returns 1 if @func is available for @opcode, 0 otherwise +- */ +-static __always_inline void __cpacf_query(unsigned int opcode, cpacf_mask_t *mask) ++static __always_inline void __cpacf_query_rre(u32 opc, u8 r1, u8 r2, ++ cpacf_mask_t *mask) ++{ ++ asm volatile( ++ " la %%r1,%[mask]\n" ++ " xgr %%r0,%%r0\n" ++ " .insn rre,%[opc] << 16,%[r1],%[r2]\n" ++ : [mask] "=R" (*mask) ++ : [opc] "i" (opc), ++ [r1] "i" (r1), [r2] "i" (r2) ++ : "cc", "r0", "r1"); ++} ++ ++static __always_inline void __cpacf_query_rrf(u32 opc, ++ u8 r1, u8 r2, u8 r3, u8 m4, ++ cpacf_mask_t *mask) + { + asm volatile( +- " lghi 0,0\n" /* query function */ +- " lgr 1,%[mask]\n" +- " spm 0\n" /* pckmo doesn't change the cc */ +- /* Parameter regs are ignored, but must be nonzero and unique */ +- "0: .insn rrf,%[opc] << 16,2,4,6,0\n" +- " brc 1,0b\n" /* handle partial completion */ +- : "=m" (*mask) +- : [mask] "d" ((unsigned long)mask), [opc] "i" (opcode) +- : "cc", "0", "1"); ++ " la %%r1,%[mask]\n" ++ " xgr %%r0,%%r0\n" ++ " .insn rrf,%[opc] << 16,%[r1],%[r2],%[r3],%[m4]\n" ++ : [mask] "=R" (*mask) ++ : [opc] "i" (opc), [r1] "i" (r1), [r2] "i" (r2), ++ [r3] "i" (r3), [m4] "i" (m4) ++ : "cc", "r0", "r1"); ++} ++ ++static __always_inline void __cpacf_query(unsigned int opcode, ++ cpacf_mask_t *mask) ++{ ++ switch (opcode) { ++ case CPACF_KDSA: ++ __cpacf_query_rre(CPACF_KDSA, 0, 2, mask); ++ break; ++ case CPACF_KIMD: ++ __cpacf_query_rre(CPACF_KIMD, 0, 2, mask); ++ break; ++ case CPACF_KLMD: ++ __cpacf_query_rre(CPACF_KLMD, 0, 2, mask); ++ break; ++ case CPACF_KM: ++ __cpacf_query_rre(CPACF_KM, 2, 4, mask); ++ break; ++ case CPACF_KMA: ++ __cpacf_query_rrf(CPACF_KMA, 2, 4, 6, 0, mask); ++ break; ++ case CPACF_KMAC: ++ __cpacf_query_rre(CPACF_KMAC, 0, 2, mask); ++ break; ++ case CPACF_KMC: ++ __cpacf_query_rre(CPACF_KMC, 2, 4, mask); ++ break; ++ case CPACF_KMCTR: ++ __cpacf_query_rrf(CPACF_KMCTR, 2, 4, 6, 0, mask); ++ break; ++ case CPACF_KMF: ++ __cpacf_query_rre(CPACF_KMF, 2, 4, mask); ++ break; ++ case CPACF_KMO: ++ __cpacf_query_rre(CPACF_KMO, 2, 4, mask); ++ break; ++ case CPACF_PCC: ++ __cpacf_query_rre(CPACF_PCC, 0, 0, mask); ++ break; ++ case CPACF_PCKMO: ++ __cpacf_query_rre(CPACF_PCKMO, 0, 0, mask); ++ break; ++ case CPACF_PRNO: ++ __cpacf_query_rre(CPACF_PRNO, 2, 4, mask); ++ break; ++ default: ++ BUG(); ++ } + } + + static __always_inline int __cpacf_check_opcode(unsigned int opcode) +@@ -210,6 +261,16 @@ static __always_inline int __cpacf_check + } + } + ++/** ++ * cpacf_query() - check if a specific CPACF function is available ++ * @opcode: the opcode of the crypto instruction ++ * @func: the function code to test for ++ * ++ * Executes the query function for the given crypto instruction @opcode ++ * and checks if @func is available ++ * ++ * Returns 1 if @func is available for @opcode, 0 otherwise ++ */ + static __always_inline int cpacf_query(unsigned int opcode, cpacf_mask_t *mask) + { + if (__cpacf_check_opcode(opcode)) { diff --git a/queue-5.15/series b/queue-5.15/series index 9f5e33029e4..7fb48279283 100644 --- a/queue-5.15/series +++ b/queue-5.15/series @@ -390,3 +390,9 @@ kdb-merge-identical-case-statements-in-kdb_read.patch kdb-use-format-specifiers-rather-than-memset-for-padding-in-kdb_read.patch net-fix-__dst_negative_advice-race.patch sparc-move-struct-termio-to-asm-termios.h.patch +ext4-set-type-of-ac_groups_linear_remaining-to-__u32-to-avoid-overflow.patch +ext4-fix-mb_cache_entry-s-e_refcnt-leak-in-ext4_xattr_block_cache_find.patch +s390-ap-fix-crash-in-ap-internal-function-modify_bitmap.patch +s390-cpacf-split-and-rework-cpacf-query-functions.patch +s390-cpacf-make-use-of-invalid-opcode-produce-a-link-error.patch +i3c-master-svc-fix-invalidate-ibi-type-and-miss-call-client-ibi-handler.patch -- 2.47.3