From: Greg Kroah-Hartman Date: Thu, 12 Jan 2023 12:55:46 +0000 (+0100) Subject: 5.4-stable patches X-Git-Tag: v5.10.163~21 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=ba7ccbfa6d140afff7e2e32cc094fdae531b60fe;p=thirdparty%2Fkernel%2Fstable-queue.git 5.4-stable patches added patches: driver-core-fix-bus_type.match-error-handling-in-__driver_attach.patch efi-random-combine-bootloader-provided-rng-seed-with-rng-protocol-output.patch selftests-fix-kselftest-o-objdir-build-from-cluttering-top-level-objdir.patch selftests-set-the-build-variable-to-absolute-path.patch --- diff --git a/queue-5.4/driver-core-fix-bus_type.match-error-handling-in-__driver_attach.patch b/queue-5.4/driver-core-fix-bus_type.match-error-handling-in-__driver_attach.patch new file mode 100644 index 00000000000..7dcfb02a829 --- /dev/null +++ b/queue-5.4/driver-core-fix-bus_type.match-error-handling-in-__driver_attach.patch @@ -0,0 +1,48 @@ +From 27c0d217340e47ec995557f61423ef415afba987 Mon Sep 17 00:00:00 2001 +From: "Isaac J. Manjarres" +Date: Tue, 20 Sep 2022 17:14:13 -0700 +Subject: driver core: Fix bus_type.match() error handling in __driver_attach() + +From: Isaac J. Manjarres + +commit 27c0d217340e47ec995557f61423ef415afba987 upstream. + +When a driver registers with a bus, it will attempt to match with every +device on the bus through the __driver_attach() function. Currently, if +the bus_type.match() function encounters an error that is not +-EPROBE_DEFER, __driver_attach() will return a negative error code, which +causes the driver registration logic to stop trying to match with the +remaining devices on the bus. + +This behavior is not correct; a failure while matching a driver to a +device does not mean that the driver won't be able to match and bind +with other devices on the bus. Update the logic in __driver_attach() +to reflect this. + +Fixes: 656b8035b0ee ("ARM: 8524/1: driver cohandle -EPROBE_DEFER from bus_type.match()") +Cc: stable@vger.kernel.org +Cc: Saravana Kannan +Signed-off-by: Isaac J. Manjarres +Link: https://lore.kernel.org/r/20220921001414.4046492-1-isaacmanjarres@google.com +Signed-off-by: Greg Kroah-Hartman +--- + drivers/base/dd.c | 8 ++++++-- + 1 file changed, 6 insertions(+), 2 deletions(-) + +--- a/drivers/base/dd.c ++++ b/drivers/base/dd.c +@@ -1079,8 +1079,12 @@ static int __driver_attach(struct device + */ + return 0; + } else if (ret < 0) { +- dev_dbg(dev, "Bus failed to match device: %d", ret); +- return ret; ++ dev_dbg(dev, "Bus failed to match device: %d\n", ret); ++ /* ++ * Driver could not match with device, but may match with ++ * another device on the bus. ++ */ ++ return 0; + } /* ret > 0 means positive match */ + + if (driver_allows_async_probing(drv)) { diff --git a/queue-5.4/efi-random-combine-bootloader-provided-rng-seed-with-rng-protocol-output.patch b/queue-5.4/efi-random-combine-bootloader-provided-rng-seed-with-rng-protocol-output.patch new file mode 100644 index 00000000000..42b23ae38f1 --- /dev/null +++ b/queue-5.4/efi-random-combine-bootloader-provided-rng-seed-with-rng-protocol-output.patch @@ -0,0 +1,286 @@ +From 196dff2712ca5a2e651977bb2fe6b05474111a83 Mon Sep 17 00:00:00 2001 +From: Ard Biesheuvel +Date: Thu, 20 Oct 2022 10:39:10 +0200 +Subject: efi: random: combine bootloader provided RNG seed with RNG protocol output + +From: Ard Biesheuvel + +commit 196dff2712ca5a2e651977bb2fe6b05474111a83 upstream. + +Instead of blindly creating the EFI random seed configuration table if +the RNG protocol is implemented and works, check whether such a EFI +configuration table was provided by an earlier boot stage and if so, +concatenate the existing and the new seeds, leaving it up to the core +code to mix it in and credit it the way it sees fit. + +This can be used for, e.g., systemd-boot, to pass an additional seed to +Linux in a way that can be consumed by the kernel very early. In that +case, the following definitions should be used to pass the seed to the +EFI stub: + +struct linux_efi_random_seed { + u32 size; // of the 'seed' array in bytes + u8 seed[]; +}; + +The memory for the struct must be allocated as EFI_ACPI_RECLAIM_MEMORY +pool memory, and the address of the struct in memory should be installed +as a EFI configuration table using the following GUID: + +LINUX_EFI_RANDOM_SEED_TABLE_GUID 1ce1e5bc-7ceb-42f2-81e5-8aadf180f57b + +Note that doing so is safe even on kernels that were built without this +patch applied, but the seed will simply be overwritten with a seed +derived from the EFI RNG protocol, if available. The recommended seed +size is 32 bytes, and seeds larger than 512 bytes are considered +corrupted and ignored entirely. + +In order to preserve forward secrecy, seeds from previous bootloaders +are memzero'd out, and in order to preserve memory, those older seeds +are also freed from memory. Freeing from memory without first memzeroing +is not safe to do, as it's possible that nothing else will ever +overwrite those pages used by EFI. + +Reviewed-by: Jason A. Donenfeld +[ardb: incorporate Jason's followup changes to extend the maximum seed + size on the consumer end, memzero() it and drop a needless printk] +Signed-off-by: Ard Biesheuvel +Signed-off-by: Jason A. Donenfeld +Signed-off-by: Greg Kroah-Hartman +--- + arch/x86/boot/compressed/eboot.c | 3 + + drivers/firmware/efi/efi.c | 4 - + drivers/firmware/efi/libstub/Makefile | 5 + + drivers/firmware/efi/libstub/efistub.h | 3 - + drivers/firmware/efi/libstub/random.c | 86 +++++++++++++++++++++++++++------ + include/linux/efi.h | 2 + 6 files changed, 83 insertions(+), 20 deletions(-) + +--- a/arch/x86/boot/compressed/eboot.c ++++ b/arch/x86/boot/compressed/eboot.c +@@ -782,6 +782,9 @@ efi_main(struct efi_config *c, struct bo + + /* Ask the firmware to clear memory on unclean shutdown */ + efi_enable_reset_attack_mitigation(sys_table); ++ ++ efi_random_get_seed(sys_table); ++ + efi_retrieve_tpm2_eventlog(sys_table); + + setup_graphics(boot_params); +--- a/drivers/firmware/efi/efi.c ++++ b/drivers/firmware/efi/efi.c +@@ -546,7 +546,7 @@ int __init efi_config_parse_tables(void + + seed = early_memremap(efi.rng_seed, sizeof(*seed)); + if (seed != NULL) { +- size = min(seed->size, EFI_RANDOM_SEED_SIZE); ++ size = min_t(u32, seed->size, SZ_1K); // sanity check + early_memunmap(seed, sizeof(*seed)); + } else { + pr_err("Could not map UEFI random seed!\n"); +@@ -555,8 +555,8 @@ int __init efi_config_parse_tables(void + seed = early_memremap(efi.rng_seed, + sizeof(*seed) + size); + if (seed != NULL) { +- pr_notice("seeding entropy pool\n"); + add_bootloader_randomness(seed->bits, size); ++ memzero_explicit(seed->bits, size); + early_memunmap(seed, sizeof(*seed) + size); + } else { + pr_err("Could not map UEFI random seed!\n"); +--- a/drivers/firmware/efi/libstub/Makefile ++++ b/drivers/firmware/efi/libstub/Makefile +@@ -39,7 +39,8 @@ OBJECT_FILES_NON_STANDARD := y + # Prevents link failures: __sanitizer_cov_trace_pc() is not linked in. + KCOV_INSTRUMENT := n + +-lib-y := efi-stub-helper.o gop.o secureboot.o tpm.o ++lib-y := efi-stub-helper.o gop.o secureboot.o tpm.o \ ++ random.o + + # include the stub's generic dependencies from lib/ when building for ARM/arm64 + arm-deps-y := fdt_rw.c fdt_ro.c fdt_wip.c fdt.c fdt_empty_tree.c fdt_sw.c +@@ -48,7 +49,7 @@ arm-deps-$(CONFIG_ARM64) += sort.c + $(obj)/lib-%.o: $(srctree)/lib/%.c FORCE + $(call if_changed_rule,cc_o_c) + +-lib-$(CONFIG_EFI_ARMSTUB) += arm-stub.o fdt.o string.o random.o \ ++lib-$(CONFIG_EFI_ARMSTUB) += arm-stub.o fdt.o string.o \ + $(patsubst %.c,lib-%.o,$(arm-deps-y)) + + lib-$(CONFIG_ARM) += arm32-stub.o +--- a/drivers/firmware/efi/libstub/efistub.h ++++ b/drivers/firmware/efi/libstub/efistub.h +@@ -34,6 +34,7 @@ extern int __pure novamap(void); + } while (0) + + #define pr_efi_err(sys_table, msg) efi_printk(sys_table, "EFI stub: ERROR: "msg) ++#define pr_efi_warn(sys_table, msg) efi_printk(sys_table, "EFI stub: WARNING: "msg) + + void efi_char16_printk(efi_system_table_t *, efi_char16_t *); + +@@ -63,8 +64,6 @@ efi_status_t efi_random_alloc(efi_system + + efi_status_t check_platform_features(efi_system_table_t *sys_table_arg); + +-efi_status_t efi_random_get_seed(efi_system_table_t *sys_table_arg); +- + void *get_efi_config_table(efi_system_table_t *sys_table, efi_guid_t guid); + + /* Helper macros for the usual case of using simple C variables: */ +--- a/drivers/firmware/efi/libstub/random.c ++++ b/drivers/firmware/efi/libstub/random.c +@@ -9,12 +9,22 @@ + + #include "efistub.h" + +-struct efi_rng_protocol { ++typedef struct efi_rng_protocol { + efi_status_t (*get_info)(struct efi_rng_protocol *, + unsigned long *, efi_guid_t *); + efi_status_t (*get_rng)(struct efi_rng_protocol *, + efi_guid_t *, unsigned long, u8 *out); +-}; ++} efi_rng_protocol_t; ++ ++typedef struct { ++ u32 get_info; ++ u32 get_rng; ++} efi_rng_protocol_32_t; ++ ++typedef struct { ++ u64 get_info; ++ u64 get_rng; ++} efi_rng_protocol_64_t; + + efi_status_t efi_get_random_bytes(efi_system_table_t *sys_table_arg, + unsigned long size, u8 *out) +@@ -28,7 +38,7 @@ efi_status_t efi_get_random_bytes(efi_sy + if (status != EFI_SUCCESS) + return status; + +- return rng->get_rng(rng, NULL, size, out); ++ return efi_call_proto(efi_rng_protocol, get_rng, rng, NULL, size, out); + } + + /* +@@ -141,13 +151,27 @@ efi_status_t efi_random_alloc(efi_system + return status; + } + ++/** ++ * efi_random_get_seed() - provide random seed as configuration table ++ * ++ * The EFI_RNG_PROTOCOL is used to read random bytes. These random bytes are ++ * saved as a configuration table which can be used as entropy by the kernel ++ * for the initialization of its pseudo random number generator. ++ * ++ * If the EFI_RNG_PROTOCOL is not available or there are not enough random bytes ++ * available, the configuration table will not be installed and an error code ++ * will be returned. ++ * ++ * Return: status code ++ */ + efi_status_t efi_random_get_seed(efi_system_table_t *sys_table_arg) + { + efi_guid_t rng_proto = EFI_RNG_PROTOCOL_GUID; + efi_guid_t rng_algo_raw = EFI_RNG_ALGORITHM_RAW; + efi_guid_t rng_table_guid = LINUX_EFI_RANDOM_SEED_TABLE_GUID; +- struct efi_rng_protocol *rng; +- struct linux_efi_random_seed *seed; ++ struct linux_efi_random_seed *prev_seed, *seed = NULL; ++ int prev_seed_size = 0, seed_size = EFI_RANDOM_SEED_SIZE; ++ struct efi_rng_protocol *rng = NULL; + efi_status_t status; + + status = efi_call_early(locate_protocol, &rng_proto, NULL, +@@ -155,34 +179,68 @@ efi_status_t efi_random_get_seed(efi_sys + if (status != EFI_SUCCESS) + return status; + +- status = efi_call_early(allocate_pool, EFI_RUNTIME_SERVICES_DATA, +- sizeof(*seed) + EFI_RANDOM_SEED_SIZE, ++ /* ++ * Check whether a seed was provided by a prior boot stage. In that ++ * case, instead of overwriting it, let's create a new buffer that can ++ * hold both, and concatenate the existing and the new seeds. ++ * Note that we should read the seed size with caution, in case the ++ * table got corrupted in memory somehow. ++ */ ++ prev_seed = get_efi_config_table(sys_table_arg, LINUX_EFI_RANDOM_SEED_TABLE_GUID); ++ if (prev_seed && prev_seed->size <= 512U) { ++ prev_seed_size = prev_seed->size; ++ seed_size += prev_seed_size; ++ } ++ ++ /* ++ * Use EFI_ACPI_RECLAIM_MEMORY here so that it is guaranteed that the ++ * allocation will survive a kexec reboot (although we refresh the seed ++ * beforehand) ++ */ ++ status = efi_call_early(allocate_pool, EFI_ACPI_RECLAIM_MEMORY, ++ struct_size(seed, bits, seed_size), + (void **)&seed); +- if (status != EFI_SUCCESS) +- return status; ++ if (status != EFI_SUCCESS) { ++ pr_efi_warn(sys_table_arg, "Failed to allocate memory for RNG seed.\n"); ++ goto err_warn; ++ } + +- status = rng->get_rng(rng, &rng_algo_raw, EFI_RANDOM_SEED_SIZE, +- seed->bits); ++ status = efi_call_proto(efi_rng_protocol, get_rng, rng, &rng_algo_raw, ++ EFI_RANDOM_SEED_SIZE, seed->bits); + if (status == EFI_UNSUPPORTED) + /* + * Use whatever algorithm we have available if the raw algorithm + * is not implemented. + */ +- status = rng->get_rng(rng, NULL, EFI_RANDOM_SEED_SIZE, +- seed->bits); ++ status = efi_call_proto(efi_rng_protocol, get_rng, rng, NULL, ++ EFI_RANDOM_SEED_SIZE, seed->bits); + + if (status != EFI_SUCCESS) + goto err_freepool; + +- seed->size = EFI_RANDOM_SEED_SIZE; ++ seed->size = seed_size; ++ if (prev_seed_size) ++ memcpy(seed->bits + EFI_RANDOM_SEED_SIZE, prev_seed->bits, ++ prev_seed_size); ++ + status = efi_call_early(install_configuration_table, &rng_table_guid, + seed); + if (status != EFI_SUCCESS) + goto err_freepool; + ++ if (prev_seed_size) { ++ /* wipe and free the old seed if we managed to install the new one */ ++ memzero_explicit(prev_seed->bits, prev_seed_size); ++ efi_call_early(free_pool, prev_seed); ++ } + return EFI_SUCCESS; + + err_freepool: ++ memzero_explicit(seed, struct_size(seed, bits, seed_size)); + efi_call_early(free_pool, seed); ++ pr_efi_warn(sys_table_arg, "Failed to obtain seed from EFI_RNG_PROTOCOL\n"); ++err_warn: ++ if (prev_seed) ++ pr_efi_warn(sys_table_arg, "Retaining bootloader-supplied seed only"); + return status; + } +--- a/include/linux/efi.h ++++ b/include/linux/efi.h +@@ -1653,6 +1653,8 @@ static inline void + efi_enable_reset_attack_mitigation(efi_system_table_t *sys_table_arg) { } + #endif + ++efi_status_t efi_random_get_seed(efi_system_table_t *sys_table_arg); ++ + void efi_retrieve_tpm2_eventlog(efi_system_table_t *sys_table); + + /* diff --git a/queue-5.4/selftests-fix-kselftest-o-objdir-build-from-cluttering-top-level-objdir.patch b/queue-5.4/selftests-fix-kselftest-o-objdir-build-from-cluttering-top-level-objdir.patch new file mode 100644 index 00000000000..1cb3d5437a1 --- /dev/null +++ b/queue-5.4/selftests-fix-kselftest-o-objdir-build-from-cluttering-top-level-objdir.patch @@ -0,0 +1,40 @@ +From 29e911ef7b706215caf02a82b0d3076611d6abe8 Mon Sep 17 00:00:00 2001 +From: Shuah Khan +Date: Wed, 26 Feb 2020 15:54:49 -0700 +Subject: selftests: Fix kselftest O=objdir build from cluttering top level objdir + +From: Shuah Khan + +commit 29e911ef7b706215caf02a82b0d3076611d6abe8 upstream. + +make kselftest-all O=objdir builds create generated objects in objdir. +This clutters the top level directory with kselftest objects. Fix it +to create sub-directory under objdir for kselftest objects. + +Signed-off-by: Shuah Khan +Signed-off-by: Tyler Hicks (Microsoft) +Signed-off-by: Greg Kroah-Hartman +--- + tools/testing/selftests/Makefile | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +--- a/tools/testing/selftests/Makefile ++++ b/tools/testing/selftests/Makefile +@@ -78,7 +78,7 @@ override LDFLAGS = + override MAKEFLAGS = + endif + +-# Append kselftest to KBUILD_OUTPUT to avoid cluttering ++# Append kselftest to KBUILD_OUTPUT and O to avoid cluttering + # KBUILD_OUTPUT with selftest objects and headers installed + # by selftests Makefile or lib.mk. + ifdef building_out_of_srctree +@@ -86,7 +86,7 @@ override LDFLAGS = + endif + + ifneq ($(O),) +- BUILD := $(O) ++ BUILD := $(O)/kselftest + else + ifneq ($(KBUILD_OUTPUT),) + BUILD := $(KBUILD_OUTPUT)/kselftest diff --git a/queue-5.4/selftests-set-the-build-variable-to-absolute-path.patch b/queue-5.4/selftests-set-the-build-variable-to-absolute-path.patch new file mode 100644 index 00000000000..18d94ecd577 --- /dev/null +++ b/queue-5.4/selftests-set-the-build-variable-to-absolute-path.patch @@ -0,0 +1,70 @@ +From 5ad51ab618de5d05f4e692ebabeb6fe6289aaa57 Mon Sep 17 00:00:00 2001 +From: Muhammad Usama Anjum +Date: Wed, 19 Jan 2022 15:15:22 +0500 +Subject: selftests: set the BUILD variable to absolute path + +From: Muhammad Usama Anjum + +commit 5ad51ab618de5d05f4e692ebabeb6fe6289aaa57 upstream. + +The build of kselftests fails if relative path is specified through +KBUILD_OUTPUT or O= method. BUILD variable is used to determine +the path of the output objects. When make is run from other directories +with relative paths, the exact path of the build objects is ambiguous +and build fails. + + make[1]: Entering directory '/home/usama/repos/kernel/linux_mainline2/tools/testing/selftests/alsa' + gcc mixer-test.c -L/usr/lib/x86_64-linux-gnu -lasound -o build/kselftest/alsa/mixer-test + /usr/bin/ld: cannot open output file build/kselftest/alsa/mixer-test + +Set the BUILD variable to the absolute path of the output directory. +Make the logic readable and easy to follow. Use spaces instead of tabs +for indentation as if with tab indentation is considered recipe in make. + +Signed-off-by: Muhammad Usama Anjum +Signed-off-by: Shuah Khan +Signed-off-by: Tyler Hicks (Microsoft) +Signed-off-by: Greg Kroah-Hartman +--- + tools/testing/selftests/Makefile | 26 +++++++++++++++++--------- + 1 file changed, 17 insertions(+), 9 deletions(-) + +--- a/tools/testing/selftests/Makefile ++++ b/tools/testing/selftests/Makefile +@@ -85,19 +85,27 @@ ifdef building_out_of_srctree + override LDFLAGS = + endif + +-ifneq ($(O),) +- BUILD := $(O)/kselftest ++top_srcdir ?= ../../.. ++ ++ifeq ("$(origin O)", "command line") ++ KBUILD_OUTPUT := $(O) ++endif ++ ++ifneq ($(KBUILD_OUTPUT),) ++ # Make's built-in functions such as $(abspath ...), $(realpath ...) cannot ++ # expand a shell special character '~'. We use a somewhat tedious way here. ++ abs_objtree := $(shell cd $(top_srcdir) && mkdir -p $(KBUILD_OUTPUT) && cd $(KBUILD_OUTPUT) && pwd) ++ $(if $(abs_objtree),, \ ++ $(error failed to create output directory "$(KBUILD_OUTPUT)")) ++ # $(realpath ...) resolves symlinks ++ abs_objtree := $(realpath $(abs_objtree)) ++ BUILD := $(abs_objtree)/kselftest + else +- ifneq ($(KBUILD_OUTPUT),) +- BUILD := $(KBUILD_OUTPUT)/kselftest +- else +- BUILD := $(shell pwd) +- DEFAULT_INSTALL_HDR_PATH := 1 +- endif ++ BUILD := $(CURDIR) ++ DEFAULT_INSTALL_HDR_PATH := 1 + endif + + # Prepare for headers install +-top_srcdir ?= ../../.. + include $(top_srcdir)/scripts/subarch.include + ARCH ?= $(SUBARCH) + export KSFT_KHDR_INSTALL_DONE := 1 diff --git a/queue-5.4/series b/queue-5.4/series index fba8e9bb8c7..a3597168fc4 100644 --- a/queue-5.4/series +++ b/queue-5.4/series @@ -596,3 +596,7 @@ hfs-hfsplus-use-warn_on-for-sanity-check.patch hfs-hfsplus-avoid-warn_on-for-sanity-check-use-proper-error-handling.patch mbcache-avoid-nesting-of-cache-c_list_lock-under-bit-locks.patch parisc-align-parisc-madv_xxx-constants-with-all-other-architectures.patch +efi-random-combine-bootloader-provided-rng-seed-with-rng-protocol-output.patch +selftests-fix-kselftest-o-objdir-build-from-cluttering-top-level-objdir.patch +selftests-set-the-build-variable-to-absolute-path.patch +driver-core-fix-bus_type.match-error-handling-in-__driver_attach.patch