From: Sasha Levin Date: Wed, 6 Nov 2024 01:54:07 +0000 (-0500) Subject: Fixes for 5.10 X-Git-Tag: v4.19.323~55 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=15ffd6c6d1c2eb2480fc37a49027e82b4b708e81;p=thirdparty%2Fkernel%2Fstable-queue.git Fixes for 5.10 Signed-off-by: Sasha Levin --- diff --git a/queue-5.10/ocfs2-pass-u64-to-ocfs2_truncate_inline-maybe-overfl.patch b/queue-5.10/ocfs2-pass-u64-to-ocfs2_truncate_inline-maybe-overfl.patch new file mode 100644 index 00000000000..facbd17dba6 --- /dev/null +++ b/queue-5.10/ocfs2-pass-u64-to-ocfs2_truncate_inline-maybe-overfl.patch @@ -0,0 +1,60 @@ +From f19e6c39a0f8fc051e1f2ef3bc317f1b8ddf9981 Mon Sep 17 00:00:00 2001 +From: Sasha Levin +Date: Wed, 16 Oct 2024 19:43:47 +0800 +Subject: ocfs2: pass u64 to ocfs2_truncate_inline maybe overflow + +From: Edward Adam Davis + +[ Upstream commit bc0a2f3a73fcdac651fca64df39306d1e5ebe3b0 ] + +Syzbot reported a kernel BUG in ocfs2_truncate_inline. There are two +reasons for this: first, the parameter value passed is greater than +ocfs2_max_inline_data_with_xattr, second, the start and end parameters of +ocfs2_truncate_inline are "unsigned int". + +So, we need to add a sanity check for byte_start and byte_len right before +ocfs2_truncate_inline() in ocfs2_remove_inode_range(), if they are greater +than ocfs2_max_inline_data_with_xattr return -EINVAL. + +Link: https://lkml.kernel.org/r/tencent_D48DB5122ADDAEDDD11918CFB68D93258C07@qq.com +Fixes: 1afc32b95233 ("ocfs2: Write support for inline data") +Signed-off-by: Edward Adam Davis +Reported-by: syzbot+81092778aac03460d6b7@syzkaller.appspotmail.com +Closes: https://syzkaller.appspot.com/bug?extid=81092778aac03460d6b7 +Reviewed-by: Joseph Qi +Cc: Joel Becker +Cc: Joseph Qi +Cc: Mark Fasheh +Cc: Junxiao Bi +Cc: Changwei Ge +Cc: Gang He +Cc: Jun Piao +Cc: +Signed-off-by: Andrew Morton +Signed-off-by: Sasha Levin +--- + fs/ocfs2/file.c | 8 ++++++++ + 1 file changed, 8 insertions(+) + +diff --git a/fs/ocfs2/file.c b/fs/ocfs2/file.c +index 5fd565a6228f7..09a62539ab74d 100644 +--- a/fs/ocfs2/file.c ++++ b/fs/ocfs2/file.c +@@ -1787,6 +1787,14 @@ int ocfs2_remove_inode_range(struct inode *inode, + return 0; + + if (OCFS2_I(inode)->ip_dyn_features & OCFS2_INLINE_DATA_FL) { ++ int id_count = ocfs2_max_inline_data_with_xattr(inode->i_sb, di); ++ ++ if (byte_start > id_count || byte_start + byte_len > id_count) { ++ ret = -EINVAL; ++ mlog_errno(ret); ++ goto out; ++ } ++ + ret = ocfs2_truncate_inline(inode, di_bh, byte_start, + byte_start + byte_len, 0); + if (ret) { +-- +2.43.0 + diff --git a/queue-5.10/riscv-efi-set-nx-compat-flag-in-pe-coff-header.patch b/queue-5.10/riscv-efi-set-nx-compat-flag-in-pe-coff-header.patch new file mode 100644 index 00000000000..c4cfa9337e6 --- /dev/null +++ b/queue-5.10/riscv-efi-set-nx-compat-flag-in-pe-coff-header.patch @@ -0,0 +1,48 @@ +From 1f6eb0c07ee692b9a4786670bb3e2b4c6d9682cd Mon Sep 17 00:00:00 2001 +From: Sasha Levin +Date: Sun, 29 Sep 2024 16:02:33 +0200 +Subject: riscv: efi: Set NX compat flag in PE/COFF header + +From: Heinrich Schuchardt + +[ Upstream commit d41373a4b910961df5a5e3527d7bde6ad45ca438 ] + +The IMAGE_DLLCHARACTERISTICS_NX_COMPAT informs the firmware that the +EFI binary does not rely on pages that are both executable and +writable. + +The flag is used by some distro versions of GRUB to decide if the EFI +binary may be executed. + +As the Linux kernel neither has RWX sections nor needs RWX pages for +relocation we should set the flag. + +Cc: Ard Biesheuvel +Cc: +Signed-off-by: Heinrich Schuchardt +Reviewed-by: Emil Renner Berthing +Fixes: cb7d2dd5612a ("RISC-V: Add PE/COFF header for EFI stub") +Acked-by: Ard Biesheuvel +Link: https://lore.kernel.org/r/20240929140233.211800-1-heinrich.schuchardt@canonical.com +Signed-off-by: Palmer Dabbelt +Signed-off-by: Sasha Levin +--- + arch/riscv/kernel/efi-header.S | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/arch/riscv/kernel/efi-header.S b/arch/riscv/kernel/efi-header.S +index 8e733aa48ba6c..c306f3a6a800e 100644 +--- a/arch/riscv/kernel/efi-header.S ++++ b/arch/riscv/kernel/efi-header.S +@@ -59,7 +59,7 @@ extra_header_fields: + .long efi_header_end - _start // SizeOfHeaders + .long 0 // CheckSum + .short IMAGE_SUBSYSTEM_EFI_APPLICATION // Subsystem +- .short 0 // DllCharacteristics ++ .short IMAGE_DLL_CHARACTERISTICS_NX_COMPAT // DllCharacteristics + .quad 0 // SizeOfStackReserve + .quad 0 // SizeOfStackCommit + .quad 0 // SizeOfHeapReserve +-- +2.43.0 + diff --git a/queue-5.10/riscv-remove-duplicated-get_rm.patch b/queue-5.10/riscv-remove-duplicated-get_rm.patch new file mode 100644 index 00000000000..fe03eeebf73 --- /dev/null +++ b/queue-5.10/riscv-remove-duplicated-get_rm.patch @@ -0,0 +1,38 @@ +From a3538c433cc7f3008f911e220ddcf3f2a41451f7 Mon Sep 17 00:00:00 2001 +From: Sasha Levin +Date: Tue, 8 Oct 2024 17:41:39 +0800 +Subject: riscv: Remove duplicated GET_RM + +From: Chunyan Zhang + +[ Upstream commit 164f66de6bb6ef454893f193c898dc8f1da6d18b ] + +The macro GET_RM defined twice in this file, one can be removed. + +Reviewed-by: Alexandre Ghiti +Signed-off-by: Chunyan Zhang +Fixes: 956d705dd279 ("riscv: Unaligned load/store handling for M_MODE") +Cc: stable@vger.kernel.org +Link: https://lore.kernel.org/r/20241008094141.549248-3-zhangchunyan@iscas.ac.cn +Signed-off-by: Palmer Dabbelt +Signed-off-by: Sasha Levin +--- + arch/riscv/kernel/traps_misaligned.c | 2 -- + 1 file changed, 2 deletions(-) + +diff --git a/arch/riscv/kernel/traps_misaligned.c b/arch/riscv/kernel/traps_misaligned.c +index b246c3dc69930..d548d6992d988 100644 +--- a/arch/riscv/kernel/traps_misaligned.c ++++ b/arch/riscv/kernel/traps_misaligned.c +@@ -131,8 +131,6 @@ + #define REG_PTR(insn, pos, regs) \ + (ulong *)((ulong)(regs) + REG_OFFSET(insn, pos)) + +-#define GET_RM(insn) (((insn) >> 12) & 7) +- + #define GET_RS1(insn, regs) (*REG_PTR(insn, SH_RS1, regs)) + #define GET_RS2(insn, regs) (*REG_PTR(insn, SH_RS2, regs)) + #define GET_RS1S(insn, regs) (*REG_PTR(RVC_RS1S(insn), 0, regs)) +-- +2.43.0 + diff --git a/queue-5.10/riscv-remove-unused-generating_asm_offsets.patch b/queue-5.10/riscv-remove-unused-generating_asm_offsets.patch new file mode 100644 index 00000000000..74b3bf1a687 --- /dev/null +++ b/queue-5.10/riscv-remove-unused-generating_asm_offsets.patch @@ -0,0 +1,44 @@ +From 4377414a62001f4a686276f4f9570fe22bc94daa Mon Sep 17 00:00:00 2001 +From: Sasha Levin +Date: Tue, 8 Oct 2024 17:41:38 +0800 +Subject: riscv: Remove unused GENERATING_ASM_OFFSETS + +From: Chunyan Zhang + +[ Upstream commit 46d4e5ac6f2f801f97bcd0ec82365969197dc9b1 ] + +The macro is not used in the current version of kernel, it looks like +can be removed to avoid a build warning: + +../arch/riscv/kernel/asm-offsets.c: At top level: +../arch/riscv/kernel/asm-offsets.c:7: warning: macro "GENERATING_ASM_OFFSETS" is not used [-Wunused-macros] + 7 | #define GENERATING_ASM_OFFSETS + +Fixes: 9639a44394b9 ("RISC-V: Provide a cleaner raw_smp_processor_id()") +Cc: stable@vger.kernel.org +Reviewed-by: Alexandre Ghiti +Tested-by: Alexandre Ghiti +Signed-off-by: Chunyan Zhang +Link: https://lore.kernel.org/r/20241008094141.549248-2-zhangchunyan@iscas.ac.cn +Signed-off-by: Palmer Dabbelt +Signed-off-by: Sasha Levin +--- + arch/riscv/kernel/asm-offsets.c | 2 -- + 1 file changed, 2 deletions(-) + +diff --git a/arch/riscv/kernel/asm-offsets.c b/arch/riscv/kernel/asm-offsets.c +index 877ff65b4e136..a3d4317309d4c 100644 +--- a/arch/riscv/kernel/asm-offsets.c ++++ b/arch/riscv/kernel/asm-offsets.c +@@ -4,8 +4,6 @@ + * Copyright (C) 2017 SiFive + */ + +-#define GENERATING_ASM_OFFSETS +- + #include + #include + #include +-- +2.43.0 + diff --git a/queue-5.10/riscv-use-u-to-format-the-output-of-cpu.patch b/queue-5.10/riscv-use-u-to-format-the-output-of-cpu.patch new file mode 100644 index 00000000000..c6461fc9568 --- /dev/null +++ b/queue-5.10/riscv-use-u-to-format-the-output-of-cpu.patch @@ -0,0 +1,43 @@ +From 18a0a742e23459ac46a628af0ba88f424f43bec5 Mon Sep 17 00:00:00 2001 +From: Sasha Levin +Date: Thu, 17 Oct 2024 11:20:10 +0800 +Subject: riscv: Use '%u' to format the output of 'cpu' + +From: WangYuli + +[ Upstream commit e0872ab72630dada3ae055bfa410bf463ff1d1e0 ] + +'cpu' is an unsigned integer, so its conversion specifier should +be %u, not %d. + +Suggested-by: Wentao Guan +Suggested-by: Maciej W. Rozycki +Link: https://lore.kernel.org/all/alpine.DEB.2.21.2409122309090.40372@angie.orcam.me.uk/ +Signed-off-by: WangYuli +Reviewed-by: Charlie Jenkins +Tested-by: Charlie Jenkins +Fixes: f1e58583b9c7 ("RISC-V: Support cpu hotplug") +Cc: stable@vger.kernel.org +Link: https://lore.kernel.org/r/4C127DEECDA287C8+20241017032010.96772-1-wangyuli@uniontech.com +Signed-off-by: Palmer Dabbelt +Signed-off-by: Sasha Levin +--- + arch/riscv/kernel/cpu-hotplug.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/arch/riscv/kernel/cpu-hotplug.c b/arch/riscv/kernel/cpu-hotplug.c +index df84e0c13db18..0e948e87bd813 100644 +--- a/arch/riscv/kernel/cpu-hotplug.c ++++ b/arch/riscv/kernel/cpu-hotplug.c +@@ -69,7 +69,7 @@ void __cpu_die(unsigned int cpu) + if (cpu_ops[cpu]->cpu_is_stopped) + ret = cpu_ops[cpu]->cpu_is_stopped(cpu); + if (ret) +- pr_warn("CPU%d may not have stopped: %d\n", cpu, ret); ++ pr_warn("CPU%u may not have stopped: %d\n", cpu, ret); + } + + /* +-- +2.43.0 + diff --git a/queue-5.10/riscv-vdso-prevent-the-compiler-from-inserting-calls.patch b/queue-5.10/riscv-vdso-prevent-the-compiler-from-inserting-calls.patch new file mode 100644 index 00000000000..da351eb1bbc --- /dev/null +++ b/queue-5.10/riscv-vdso-prevent-the-compiler-from-inserting-calls.patch @@ -0,0 +1,40 @@ +From 3883e95407c3005e4bcdf6dbadc82094fdd2605b Mon Sep 17 00:00:00 2001 +From: Sasha Levin +Date: Wed, 16 Oct 2024 10:36:24 +0200 +Subject: riscv: vdso: Prevent the compiler from inserting calls to memset() + +From: Alexandre Ghiti + +[ Upstream commit bf40167d54d55d4b54d0103713d86a8638fb9290 ] + +The compiler is smart enough to insert a call to memset() in +riscv_vdso_get_cpus(), which generates a dynamic relocation. + +So prevent this by using -fno-builtin option. + +Fixes: e2c0cdfba7f6 ("RISC-V: User-facing API") +Cc: stable@vger.kernel.org +Signed-off-by: Alexandre Ghiti +Reviewed-by: Guo Ren +Link: https://lore.kernel.org/r/20241016083625.136311-2-alexghiti@rivosinc.com +Signed-off-by: Palmer Dabbelt +Signed-off-by: Sasha Levin +--- + arch/riscv/kernel/vdso/Makefile | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/arch/riscv/kernel/vdso/Makefile b/arch/riscv/kernel/vdso/Makefile +index f4ac7ff56bcea..53fe5e2ab32ed 100644 +--- a/arch/riscv/kernel/vdso/Makefile ++++ b/arch/riscv/kernel/vdso/Makefile +@@ -18,6 +18,7 @@ obj-vdso = $(patsubst %, %.o, $(vdso-syms)) note.o + + ccflags-y := -fno-stack-protector + ccflags-y += -DDISABLE_BRANCH_PROFILING ++ccflags-y += -fno-builtin + + ifneq ($(c-gettimeofday-y),) + CFLAGS_vgettimeofday.o += -fPIC -include $(c-gettimeofday-y) +-- +2.43.0 + diff --git a/queue-5.10/series b/queue-5.10/series index 564bd74430c..0e2fdbfb52e 100644 --- a/queue-5.10/series +++ b/queue-5.10/series @@ -95,3 +95,9 @@ iio-light-veml6030-fix-microlux-value-calculation.patch nilfs2-fix-potential-deadlock-with-newly-created-symlinks.patch mm-add-remap_pfn_range_notrack.patch mm-avoid-leaving-partial-pfn-mappings-around-in-error-case.patch +riscv-vdso-prevent-the-compiler-from-inserting-calls.patch +riscv-efi-set-nx-compat-flag-in-pe-coff-header.patch +riscv-use-u-to-format-the-output-of-cpu.patch +riscv-remove-unused-generating_asm_offsets.patch +riscv-remove-duplicated-get_rm.patch +ocfs2-pass-u64-to-ocfs2_truncate_inline-maybe-overfl.patch