From aacd00eaa195f970132964df2a16bd30624a4db4 Mon Sep 17 00:00:00 2001 From: Sasha Levin Date: Sun, 11 Feb 2024 18:43:18 -0500 Subject: [PATCH] Fixes for 5.15 Signed-off-by: Sasha Levin --- ...an-ubsan-shift-out-of-bounds-warning.patch | 72 +++++++++++++++++++ ...vers-lkdtm-fix-clang-wformat-warning.patch | 52 ++++++++++++++ queue-5.15/series | 2 + 3 files changed, 126 insertions(+) create mode 100644 queue-5.15/blk-iocost-fix-an-ubsan-shift-out-of-bounds-warning.patch create mode 100644 queue-5.15/drivers-lkdtm-fix-clang-wformat-warning.patch diff --git a/queue-5.15/blk-iocost-fix-an-ubsan-shift-out-of-bounds-warning.patch b/queue-5.15/blk-iocost-fix-an-ubsan-shift-out-of-bounds-warning.patch new file mode 100644 index 00000000000..56fd9904e6b --- /dev/null +++ b/queue-5.15/blk-iocost-fix-an-ubsan-shift-out-of-bounds-warning.patch @@ -0,0 +1,72 @@ +From d16ebf8de8b14117f80030c16111b78bb95ab105 Mon Sep 17 00:00:00 2001 +From: Sasha Levin +Date: Mon, 20 Nov 2023 12:25:56 -1000 +Subject: blk-iocost: Fix an UBSAN shift-out-of-bounds warning +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +From: Tejun Heo + +[ Upstream commit 2a427b49d02995ea4a6ff93a1432c40fa4d36821 ] + +When iocg_kick_delay() is called from a CPU different than the one which set +the delay, @now may be in the past of @iocg->delay_at leading to the +following warning: + + UBSAN: shift-out-of-bounds in block/blk-iocost.c:1359:23 + shift exponent 18446744073709 is too large for 64-bit type 'u64' (aka 'unsigned long long') + ... + Call Trace: + + dump_stack_lvl+0x79/0xc0 + __ubsan_handle_shift_out_of_bounds+0x2ab/0x300 + iocg_kick_delay+0x222/0x230 + ioc_rqos_merge+0x1d7/0x2c0 + __rq_qos_merge+0x2c/0x80 + bio_attempt_back_merge+0x83/0x190 + blk_attempt_plug_merge+0x101/0x150 + blk_mq_submit_bio+0x2b1/0x720 + submit_bio_noacct_nocheck+0x320/0x3e0 + __swap_writepage+0x2ab/0x9d0 + +The underflow itself doesn't really affect the behavior in any meaningful +way; however, the past timestamp may exaggerate the delay amount calculated +later in the code, which shouldn't be a material problem given the nature of +the delay mechanism. + +If @now is in the past, this CPU is racing another CPU which recently set up +the delay and there's nothing this CPU can contribute w.r.t. the delay. +Let's bail early from iocg_kick_delay() in such cases. + +Reported-by: Breno Leitão +Signed-off-by: Tejun Heo +Fixes: 5160a5a53c0c ("blk-iocost: implement delay adjustment hysteresis") +Link: https://lore.kernel.org/r/ZVvc9L_CYk5LO1fT@slm.duckdns.org +Signed-off-by: Jens Axboe +Signed-off-by: Sasha Levin +--- + block/blk-iocost.c | 7 +++++++ + 1 file changed, 7 insertions(+) + +diff --git a/block/blk-iocost.c b/block/blk-iocost.c +index f95feabb3ca8..645a589edda8 100644 +--- a/block/blk-iocost.c ++++ b/block/blk-iocost.c +@@ -1342,6 +1342,13 @@ static bool iocg_kick_delay(struct ioc_gq *iocg, struct ioc_now *now) + + lockdep_assert_held(&iocg->waitq.lock); + ++ /* ++ * If the delay is set by another CPU, we may be in the past. No need to ++ * change anything if so. This avoids decay calculation underflow. ++ */ ++ if (time_before64(now->now, iocg->delay_at)) ++ return false; ++ + /* calculate the current delay in effect - 1/2 every second */ + tdelta = now->now - iocg->delay_at; + if (iocg->delay) +-- +2.43.0 + diff --git a/queue-5.15/drivers-lkdtm-fix-clang-wformat-warning.patch b/queue-5.15/drivers-lkdtm-fix-clang-wformat-warning.patch new file mode 100644 index 00000000000..4670469ec21 --- /dev/null +++ b/queue-5.15/drivers-lkdtm-fix-clang-wformat-warning.patch @@ -0,0 +1,52 @@ +From 28e8aff820ffac615cd55dd0d17ec87ec51a2536 Mon Sep 17 00:00:00 2001 +From: Sasha Levin +Date: Thu, 21 Jul 2022 14:57:06 -0700 +Subject: drivers: lkdtm: fix clang -Wformat warning + +From: Justin Stitt + +[ Upstream commit b4909252da9be56fe1e0a23c2c1908c5630525fa ] + +When building with Clang we encounter the following warning +(ARCH=hexagon + CONFIG_FRAME_WARN=0): +| ../drivers/misc/lkdtm/bugs.c:107:3: error: format specifies type +| 'unsigned long' but the argument has type 'int' [-Werror,-Wformat] +| REC_STACK_SIZE, recur_count); +| ^~~~~~~~~~~~~~ + +Cast REC_STACK_SIZE to `unsigned long` to match format specifier `%lu` +as well as maintain symmetry with `#define REC_STACK_SIZE +(_AC(CONFIG_FRAME_WARN, UL) / 2)`. + +Link: https://github.com/ClangBuiltLinux/linux/issues/378 +Reported-by: Nathan Chancellor +Suggested-by: Nathan Chancellor +Suggested-by: Nick Desaulniers +Signed-off-by: Justin Stitt +Reviewed-by: Nathan Chancellor +Tested-by: Nathan Chancellor +Acked-by: Kees Cook +Fixes: 24cccab42c419 ("lkdtm/bugs: Adjust recursion test to avoid elision") +Signed-off-by: Kees Cook +Link: https://lore.kernel.org/r/20220721215706.4153027-1-justinstitt@google.com +Signed-off-by: Sasha Levin +--- + drivers/misc/lkdtm/bugs.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/drivers/misc/lkdtm/bugs.c b/drivers/misc/lkdtm/bugs.c +index fac4a811b97b..3ab8dbae96af 100644 +--- a/drivers/misc/lkdtm/bugs.c ++++ b/drivers/misc/lkdtm/bugs.c +@@ -29,7 +29,7 @@ struct lkdtm_list { + #if defined(CONFIG_FRAME_WARN) && (CONFIG_FRAME_WARN > 0) + #define REC_STACK_SIZE (_AC(CONFIG_FRAME_WARN, UL) / 2) + #else +-#define REC_STACK_SIZE (THREAD_SIZE / 8) ++#define REC_STACK_SIZE (THREAD_SIZE / 8UL) + #endif + #define REC_NUM_DEFAULT ((THREAD_SIZE / REC_STACK_SIZE) * 2) + +-- +2.43.0 + diff --git a/queue-5.15/series b/queue-5.15/series index 8cde13d2c77..67214524cd3 100644 --- a/queue-5.15/series +++ b/queue-5.15/series @@ -333,3 +333,5 @@ netfilter-nft_set_pipapo-add-helper-to-release-pcpu-.patch netfilter-nft_set_pipapo-remove-scratch_aligned-poin.patch fs-ntfs3-fix-an-null-dereference-bug.patch scsi-core-move-scsi_host_busy-out-of-host-lock-if-it.patch +blk-iocost-fix-an-ubsan-shift-out-of-bounds-warning.patch +drivers-lkdtm-fix-clang-wformat-warning.patch -- 2.47.3