From 9890208c71958d96a89fa458a04f531505ccddaf Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman Date: Mon, 29 Jan 2024 08:15:22 -0800 Subject: [PATCH] 4.19-stable patches added patches: mips-call-lose_fpu-0-before-initializing-fcr31-in-mips_set_personality_nan.patch tick-sched-preserve-number-of-idle-sleeps-across-cpu-hotplug-events.patch x86-entry-ia32-ensure-s32-is-sign-extended-to-s64.patch --- ...ng-fcr31-in-mips_set_personality_nan.patch | 57 ++++++++++++ queue-4.19/series | 3 + ...dle-sleeps-across-cpu-hotplug-events.patch | 52 +++++++++++ ...2-ensure-s32-is-sign-extended-to-s64.patch | 86 +++++++++++++++++++ 4 files changed, 198 insertions(+) create mode 100644 queue-4.19/mips-call-lose_fpu-0-before-initializing-fcr31-in-mips_set_personality_nan.patch create mode 100644 queue-4.19/tick-sched-preserve-number-of-idle-sleeps-across-cpu-hotplug-events.patch create mode 100644 queue-4.19/x86-entry-ia32-ensure-s32-is-sign-extended-to-s64.patch diff --git a/queue-4.19/mips-call-lose_fpu-0-before-initializing-fcr31-in-mips_set_personality_nan.patch b/queue-4.19/mips-call-lose_fpu-0-before-initializing-fcr31-in-mips_set_personality_nan.patch new file mode 100644 index 00000000000..dfcb10e8217 --- /dev/null +++ b/queue-4.19/mips-call-lose_fpu-0-before-initializing-fcr31-in-mips_set_personality_nan.patch @@ -0,0 +1,57 @@ +From 59be5c35850171e307ca5d3d703ee9ff4096b948 Mon Sep 17 00:00:00 2001 +From: Xi Ruoyao +Date: Sat, 27 Jan 2024 05:05:57 +0800 +Subject: mips: Call lose_fpu(0) before initializing fcr31 in mips_set_personality_nan + +From: Xi Ruoyao + +commit 59be5c35850171e307ca5d3d703ee9ff4096b948 upstream. + +If we still own the FPU after initializing fcr31, when we are preempted +the dirty value in the FPU will be read out and stored into fcr31, +clobbering our setting. This can cause an improper floating-point +environment after execve(). For example: + + zsh% cat measure.c + #include + int main() { return fetestexcept(FE_INEXACT); } + zsh% cc measure.c -o measure -lm + zsh% echo $((1.0/3)) # raising FE_INEXACT + 0.33333333333333331 + zsh% while ./measure; do ; done + (stopped in seconds) + +Call lose_fpu(0) before setting fcr31 to prevent this. + +Closes: https://lore.kernel.org/linux-mips/7a6aa1bbdbbe2e63ae96ff163fab0349f58f1b9e.camel@xry111.site/ +Fixes: 9b26616c8d9d ("MIPS: Respect the ISA level in FCSR handling") +Cc: stable@vger.kernel.org +Signed-off-by: Xi Ruoyao +Signed-off-by: Thomas Bogendoerfer +Signed-off-by: Greg Kroah-Hartman +--- + arch/mips/kernel/elf.c | 6 ++++++ + 1 file changed, 6 insertions(+) + +--- a/arch/mips/kernel/elf.c ++++ b/arch/mips/kernel/elf.c +@@ -15,6 +15,7 @@ + + #include + #include ++#include + + /* Whether to accept legacy-NaN and 2008-NaN user binaries. */ + bool mips_use_nan_legacy; +@@ -311,6 +312,11 @@ void mips_set_personality_nan(struct arc + struct cpuinfo_mips *c = &boot_cpu_data; + struct task_struct *t = current; + ++ /* Do this early so t->thread.fpu.fcr31 won't be clobbered in case ++ * we are preempted before the lose_fpu(0) in start_thread. ++ */ ++ lose_fpu(0); ++ + t->thread.fpu.fcr31 = c->fpu_csr31; + switch (state->nan_2008) { + case 0: diff --git a/queue-4.19/series b/queue-4.19/series index 0bd5256d406..bd4ee3d9484 100644 --- a/queue-4.19/series +++ b/queue-4.19/series @@ -42,3 +42,6 @@ drm-bridge-nxp-ptn3460-fix-i2c_master_send-error-checking.patch drm-bridge-nxp-ptn3460-simplify-some-error-checking.patch drm-exynos-gsc-minor-fix-for-loop-iteration-in-gsc_r.patch gpio-eic-sprd-clear-interrupt-after-set-the-interrup.patch +mips-call-lose_fpu-0-before-initializing-fcr31-in-mips_set_personality_nan.patch +tick-sched-preserve-number-of-idle-sleeps-across-cpu-hotplug-events.patch +x86-entry-ia32-ensure-s32-is-sign-extended-to-s64.patch diff --git a/queue-4.19/tick-sched-preserve-number-of-idle-sleeps-across-cpu-hotplug-events.patch b/queue-4.19/tick-sched-preserve-number-of-idle-sleeps-across-cpu-hotplug-events.patch new file mode 100644 index 00000000000..5bd8797558b --- /dev/null +++ b/queue-4.19/tick-sched-preserve-number-of-idle-sleeps-across-cpu-hotplug-events.patch @@ -0,0 +1,52 @@ +From 9a574ea9069be30b835a3da772c039993c43369b Mon Sep 17 00:00:00 2001 +From: Tim Chen +Date: Mon, 22 Jan 2024 15:35:34 -0800 +Subject: tick/sched: Preserve number of idle sleeps across CPU hotplug events + +From: Tim Chen + +commit 9a574ea9069be30b835a3da772c039993c43369b upstream. + +Commit 71fee48f ("tick-sched: Fix idle and iowait sleeptime accounting vs +CPU hotplug") preserved total idle sleep time and iowait sleeptime across +CPU hotplug events. + +Similar reasoning applies to the number of idle calls and idle sleeps to +get the proper average of sleep time per idle invocation. + +Preserve those fields too. + +Fixes: 71fee48f ("tick-sched: Fix idle and iowait sleeptime accounting vs CPU hotplug") +Signed-off-by: Tim Chen +Signed-off-by: Thomas Gleixner +Cc: stable@vger.kernel.org +Link: https://lore.kernel.org/r/20240122233534.3094238-1-tim.c.chen@linux.intel.com +Signed-off-by: Greg Kroah-Hartman +--- + kernel/time/tick-sched.c | 5 +++++ + 1 file changed, 5 insertions(+) + +--- a/kernel/time/tick-sched.c ++++ b/kernel/time/tick-sched.c +@@ -1346,6 +1346,7 @@ void tick_cancel_sched_timer(int cpu) + { + struct tick_sched *ts = &per_cpu(tick_cpu_sched, cpu); + ktime_t idle_sleeptime, iowait_sleeptime; ++ unsigned long idle_calls, idle_sleeps; + + # ifdef CONFIG_HIGH_RES_TIMERS + if (ts->sched_timer.base) +@@ -1354,9 +1355,13 @@ void tick_cancel_sched_timer(int cpu) + + idle_sleeptime = ts->idle_sleeptime; + iowait_sleeptime = ts->iowait_sleeptime; ++ idle_calls = ts->idle_calls; ++ idle_sleeps = ts->idle_sleeps; + memset(ts, 0, sizeof(*ts)); + ts->idle_sleeptime = idle_sleeptime; + ts->iowait_sleeptime = iowait_sleeptime; ++ ts->idle_calls = idle_calls; ++ ts->idle_sleeps = idle_sleeps; + } + #endif + diff --git a/queue-4.19/x86-entry-ia32-ensure-s32-is-sign-extended-to-s64.patch b/queue-4.19/x86-entry-ia32-ensure-s32-is-sign-extended-to-s64.patch new file mode 100644 index 00000000000..0ea3e7c31d9 --- /dev/null +++ b/queue-4.19/x86-entry-ia32-ensure-s32-is-sign-extended-to-s64.patch @@ -0,0 +1,86 @@ +From 56062d60f117dccfb5281869e0ab61e090baf864 Mon Sep 17 00:00:00 2001 +From: Richard Palethorpe +Date: Wed, 10 Jan 2024 15:01:22 +0200 +Subject: x86/entry/ia32: Ensure s32 is sign extended to s64 + +From: Richard Palethorpe + +commit 56062d60f117dccfb5281869e0ab61e090baf864 upstream. + +Presently ia32 registers stored in ptregs are unconditionally cast to +unsigned int by the ia32 stub. They are then cast to long when passed to +__se_sys*, but will not be sign extended. + +This takes the sign of the syscall argument into account in the ia32 +stub. It still casts to unsigned int to avoid implementation specific +behavior. However then casts to int or unsigned int as necessary. So that +the following cast to long sign extends the value. + +This fixes the io_pgetevents02 LTP test when compiled with -m32. Presently +the systemcall io_pgetevents_time64() unexpectedly accepts -1 for the +maximum number of events. + +It doesn't appear other systemcalls with signed arguments are effected +because they all have compat variants defined and wired up. + +Fixes: ebeb8c82ffaf ("syscalls/x86: Use 'struct pt_regs' based syscall calling for IA32_EMULATION and x32") +Suggested-by: Arnd Bergmann +Signed-off-by: Richard Palethorpe +Signed-off-by: Nikolay Borisov +Signed-off-by: Thomas Gleixner +Reviewed-by: Arnd Bergmann +Cc: stable@vger.kernel.org +Link: https://lore.kernel.org/r/20240110130122.3836513-1-nik.borisov@suse.com +Link: https://lore.kernel.org/ltp/20210921130127.24131-1-rpalethorpe@suse.com/ +Signed-off-by: Greg Kroah-Hartman +--- + arch/x86/include/asm/syscall_wrapper.h | 25 +++++++++++++++++++++---- + include/linux/syscalls.h | 1 + + 2 files changed, 22 insertions(+), 4 deletions(-) + +--- a/arch/x86/include/asm/syscall_wrapper.h ++++ b/arch/x86/include/asm/syscall_wrapper.h +@@ -12,12 +12,29 @@ + ,,regs->di,,regs->si,,regs->dx \ + ,,regs->r10,,regs->r8,,regs->r9) \ + ++ ++/* SYSCALL_PT_ARGS is Adapted from s390x */ ++#define SYSCALL_PT_ARG6(m, t1, t2, t3, t4, t5, t6) \ ++ SYSCALL_PT_ARG5(m, t1, t2, t3, t4, t5), m(t6, (regs->bp)) ++#define SYSCALL_PT_ARG5(m, t1, t2, t3, t4, t5) \ ++ SYSCALL_PT_ARG4(m, t1, t2, t3, t4), m(t5, (regs->di)) ++#define SYSCALL_PT_ARG4(m, t1, t2, t3, t4) \ ++ SYSCALL_PT_ARG3(m, t1, t2, t3), m(t4, (regs->si)) ++#define SYSCALL_PT_ARG3(m, t1, t2, t3) \ ++ SYSCALL_PT_ARG2(m, t1, t2), m(t3, (regs->dx)) ++#define SYSCALL_PT_ARG2(m, t1, t2) \ ++ SYSCALL_PT_ARG1(m, t1), m(t2, (regs->cx)) ++#define SYSCALL_PT_ARG1(m, t1) m(t1, (regs->bx)) ++#define SYSCALL_PT_ARGS(x, ...) SYSCALL_PT_ARG##x(__VA_ARGS__) ++ ++#define __SC_COMPAT_CAST(t, a) \ ++ (__typeof(__builtin_choose_expr(__TYPE_IS_L(t), 0, 0U))) \ ++ (unsigned int)a ++ + /* Mapping of registers to parameters for syscalls on i386 */ + #define SC_IA32_REGS_TO_ARGS(x, ...) \ +- __MAP(x,__SC_ARGS \ +- ,,(unsigned int)regs->bx,,(unsigned int)regs->cx \ +- ,,(unsigned int)regs->dx,,(unsigned int)regs->si \ +- ,,(unsigned int)regs->di,,(unsigned int)regs->bp) ++ SYSCALL_PT_ARGS(x, __SC_COMPAT_CAST, \ ++ __MAP(x, __SC_TYPE, __VA_ARGS__)) \ + + #ifdef CONFIG_IA32_EMULATION + /* +--- a/include/linux/syscalls.h ++++ b/include/linux/syscalls.h +@@ -120,6 +120,7 @@ union bpf_attr; + #define __TYPE_IS_LL(t) (__TYPE_AS(t, 0LL) || __TYPE_AS(t, 0ULL)) + #define __SC_LONG(t, a) __typeof(__builtin_choose_expr(__TYPE_IS_LL(t), 0LL, 0L)) a + #define __SC_CAST(t, a) (__force t) a ++#define __SC_TYPE(t, a) t + #define __SC_ARGS(t, a) a + #define __SC_TEST(t, a) (void)BUILD_BUG_ON_ZERO(!__TYPE_IS_LL(t) && sizeof(t) > sizeof(long)) + -- 2.47.3