From: Sasha Levin Date: Sun, 11 Feb 2024 23:43:17 +0000 (-0500) Subject: Fixes for 6.7 X-Git-Tag: v6.1.78~61 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=c002e88bb16ec006d7bd298ed98a6af3f0c6af5e;p=thirdparty%2Fkernel%2Fstable-queue.git Fixes for 6.7 Signed-off-by: Sasha Levin --- diff --git a/queue-6.7/blk-iocost-fix-an-ubsan-shift-out-of-bounds-warning.patch b/queue-6.7/blk-iocost-fix-an-ubsan-shift-out-of-bounds-warning.patch new file mode 100644 index 00000000000..cb5a7b96ff8 --- /dev/null +++ b/queue-6.7/blk-iocost-fix-an-ubsan-shift-out-of-bounds-warning.patch @@ -0,0 +1,72 @@ +From a934d6bd991adc306b92e1a9f993313d952ad4a2 Mon Sep 17 00:00:00 2001 +From: Sasha Levin +Date: Mon, 20 Nov 2023 12:25:56 -1000 +Subject: blk-iocost: Fix an UBSAN shift-out-of-bounds warning +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +From: Tejun Heo + +[ Upstream commit 2a427b49d02995ea4a6ff93a1432c40fa4d36821 ] + +When iocg_kick_delay() is called from a CPU different than the one which set +the delay, @now may be in the past of @iocg->delay_at leading to the +following warning: + + UBSAN: shift-out-of-bounds in block/blk-iocost.c:1359:23 + shift exponent 18446744073709 is too large for 64-bit type 'u64' (aka 'unsigned long long') + ... + Call Trace: + + dump_stack_lvl+0x79/0xc0 + __ubsan_handle_shift_out_of_bounds+0x2ab/0x300 + iocg_kick_delay+0x222/0x230 + ioc_rqos_merge+0x1d7/0x2c0 + __rq_qos_merge+0x2c/0x80 + bio_attempt_back_merge+0x83/0x190 + blk_attempt_plug_merge+0x101/0x150 + blk_mq_submit_bio+0x2b1/0x720 + submit_bio_noacct_nocheck+0x320/0x3e0 + __swap_writepage+0x2ab/0x9d0 + +The underflow itself doesn't really affect the behavior in any meaningful +way; however, the past timestamp may exaggerate the delay amount calculated +later in the code, which shouldn't be a material problem given the nature of +the delay mechanism. + +If @now is in the past, this CPU is racing another CPU which recently set up +the delay and there's nothing this CPU can contribute w.r.t. the delay. +Let's bail early from iocg_kick_delay() in such cases. + +Reported-by: Breno Leitão +Signed-off-by: Tejun Heo +Fixes: 5160a5a53c0c ("blk-iocost: implement delay adjustment hysteresis") +Link: https://lore.kernel.org/r/ZVvc9L_CYk5LO1fT@slm.duckdns.org +Signed-off-by: Jens Axboe +Signed-off-by: Sasha Levin +--- + block/blk-iocost.c | 7 +++++++ + 1 file changed, 7 insertions(+) + +diff --git a/block/blk-iocost.c b/block/blk-iocost.c +index 089fcb9cfce3..7ee8d85c2c68 100644 +--- a/block/blk-iocost.c ++++ b/block/blk-iocost.c +@@ -1353,6 +1353,13 @@ static bool iocg_kick_delay(struct ioc_gq *iocg, struct ioc_now *now) + + lockdep_assert_held(&iocg->waitq.lock); + ++ /* ++ * If the delay is set by another CPU, we may be in the past. No need to ++ * change anything if so. This avoids decay calculation underflow. ++ */ ++ if (time_before64(now->now, iocg->delay_at)) ++ return false; ++ + /* calculate the current delay in effect - 1/2 every second */ + tdelta = now->now - iocg->delay_at; + if (iocg->delay) +-- +2.43.0 + diff --git a/queue-6.7/nvme-host-fix-the-updating-of-the-firmware-version.patch b/queue-6.7/nvme-host-fix-the-updating-of-the-firmware-version.patch new file mode 100644 index 00000000000..ccd58783bae --- /dev/null +++ b/queue-6.7/nvme-host-fix-the-updating-of-the-firmware-version.patch @@ -0,0 +1,74 @@ +From e30cad94fa40c07bb3d7c92e6e2cab612291fa44 Mon Sep 17 00:00:00 2001 +From: Sasha Levin +Date: Thu, 18 Jan 2024 12:48:54 +0100 +Subject: nvme-host: fix the updating of the firmware version + +From: Maurizio Lombardi + +[ Upstream commit f0377ff97509f5a4921993d5d61da000361bd884 ] + +The original code didn't update the firmware version if the +"next slot" of the AFI register isn't zero or if the +"current slot" field is zero; in those cases it assumed +that a reset was needed. + +However, the NVMe specification doesn't exclude the possibility that +the "next slot" value is equal to the "current slot" value, +meaning that the same firmware slot will be activated after performing +a controller level reset; in this case a reset is clearly not +necessary and we can safely update the firmware version. + +Modify the code so the kernel will report that a Controller Level Reset +is needed only in the following cases: + +1) If the "current slot" field is zero. This is invalid and means that + something is wrong, a reset is needed. + +or + +2) if the "next slot" field isn't zero AND it's not equal to the + "current slot" value. This means that at the next reset a different + firmware slot will be activated. + +Fixes: 983a338b96c8 ("nvme: update firmware version after commit") +Signed-off-by: Maurizio Lombardi +Reviewed-by: Daniel Wagner +Signed-off-by: Keith Busch +Signed-off-by: Sasha Levin +--- + drivers/nvme/host/core.c | 7 +++++-- + 1 file changed, 5 insertions(+), 2 deletions(-) + +diff --git a/drivers/nvme/host/core.c b/drivers/nvme/host/core.c +index 60f14019f981..86149275ccb8 100644 +--- a/drivers/nvme/host/core.c ++++ b/drivers/nvme/host/core.c +@@ -4107,6 +4107,7 @@ static bool nvme_ctrl_pp_status(struct nvme_ctrl *ctrl) + static void nvme_get_fw_slot_info(struct nvme_ctrl *ctrl) + { + struct nvme_fw_slot_info_log *log; ++ u8 next_fw_slot, cur_fw_slot; + + log = kmalloc(sizeof(*log), GFP_KERNEL); + if (!log) +@@ -4118,13 +4119,15 @@ static void nvme_get_fw_slot_info(struct nvme_ctrl *ctrl) + goto out_free_log; + } + +- if (log->afi & 0x70 || !(log->afi & 0x7)) { ++ cur_fw_slot = log->afi & 0x7; ++ next_fw_slot = (log->afi & 0x70) >> 4; ++ if (!cur_fw_slot || (next_fw_slot && (cur_fw_slot != next_fw_slot))) { + dev_info(ctrl->device, + "Firmware is activated after next Controller Level Reset\n"); + goto out_free_log; + } + +- memcpy(ctrl->subsys->firmware_rev, &log->frs[(log->afi & 0x7) - 1], ++ memcpy(ctrl->subsys->firmware_rev, &log->frs[cur_fw_slot - 1], + sizeof(ctrl->subsys->firmware_rev)); + + out_free_log: +-- +2.43.0 + diff --git a/queue-6.7/selftests-core-include-linux-close_range.h-for-close.patch b/queue-6.7/selftests-core-include-linux-close_range.h-for-close.patch new file mode 100644 index 00000000000..39ad3fa341e --- /dev/null +++ b/queue-6.7/selftests-core-include-linux-close_range.h-for-close.patch @@ -0,0 +1,40 @@ +From ee1ceeefe7b119c8517b5beb99f6fa42fe9a8de7 Mon Sep 17 00:00:00 2001 +From: Sasha Levin +Date: Tue, 24 Oct 2023 20:51:25 +0500 +Subject: selftests: core: include linux/close_range.h for CLOSE_RANGE_* macros + +From: Muhammad Usama Anjum + +[ Upstream commit 01c1484ac04790fe27a37f89dd3a350f99646815 ] + +Correct header file is needed for getting CLOSE_RANGE_* macros. +Previously it was tested with newer glibc which didn't show the need to +include the header which was a mistake. + +Link: https://lkml.kernel.org/r/20231024155137.219700-1-usama.anjum@collabora.com +Fixes: ec54424923cf ("selftests: core: remove duplicate defines") +Reported-by: Aishwarya TCV +Link: https://lore.kernel.org/all/7161219e-0223-d699-d6f3-81abd9abf13b@arm.com +Signed-off-by: Muhammad Usama Anjum +Cc: Shuah Khan +Signed-off-by: Andrew Morton +Signed-off-by: Sasha Levin +--- + tools/testing/selftests/core/close_range_test.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/tools/testing/selftests/core/close_range_test.c b/tools/testing/selftests/core/close_range_test.c +index 534576f06df1..c59e4adb905d 100644 +--- a/tools/testing/selftests/core/close_range_test.c ++++ b/tools/testing/selftests/core/close_range_test.c +@@ -12,6 +12,7 @@ + #include + #include + #include ++#include + + #include "../kselftest_harness.h" + #include "../clone3/clone3_selftests.h" +-- +2.43.0 + diff --git a/queue-6.7/series b/queue-6.7/series index 05c9f3a41a3..f81d15d46e5 100644 --- a/queue-6.7/series +++ b/queue-6.7/series @@ -81,3 +81,6 @@ libceph-just-wait-for-more-data-to-be-available-on-t.patch ceph-always-set-initial-i_blkbits-to-ceph_fscrypt_bl.patch riscv-fix-arch_hugetlb_migration_supported-for-napot.patch riscv-declare-overflow_stack-as-exported-from-traps..patch +nvme-host-fix-the-updating-of-the-firmware-version.patch +selftests-core-include-linux-close_range.h-for-close.patch +blk-iocost-fix-an-ubsan-shift-out-of-bounds-warning.patch