From f92ad964ce00b7e42398755778313361fd456ab5 Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman Date: Fri, 19 Aug 2022 13:26:30 +0200 Subject: [PATCH] 4.19-stable patches added patches: firmware-arm_scpi-ensure-scpi_info-is-not-assigned-if-the-probe-fails.patch net-9p-initialize-the-iounit-field-during-fid-creation.patch net_sched-cls_route-disallow-handle-of-0.patch powerpc-mm-split-dump_pagelinuxtables-flag_array-table.patch powerpc-ptdump-fix-display-of-rw-pages-on-fsl_book3e.patch --- ...o-is-not-assigned-if-the-probe-fails.patch | 154 +++++ ...the-iounit-field-during-fid-creation.patch | 69 +++ ...sched-cls_route-disallow-handle-of-0.patch | 87 +++ ...ump_pagelinuxtables-flag_array-table.patch | 526 ++++++++++++++++++ ...ix-display-of-rw-pages-on-fsl_book3e.patch | 46 ++ queue-4.19/series | 5 + 6 files changed, 887 insertions(+) create mode 100644 queue-4.19/firmware-arm_scpi-ensure-scpi_info-is-not-assigned-if-the-probe-fails.patch create mode 100644 queue-4.19/net-9p-initialize-the-iounit-field-during-fid-creation.patch create mode 100644 queue-4.19/net_sched-cls_route-disallow-handle-of-0.patch create mode 100644 queue-4.19/powerpc-mm-split-dump_pagelinuxtables-flag_array-table.patch create mode 100644 queue-4.19/powerpc-ptdump-fix-display-of-rw-pages-on-fsl_book3e.patch diff --git a/queue-4.19/firmware-arm_scpi-ensure-scpi_info-is-not-assigned-if-the-probe-fails.patch b/queue-4.19/firmware-arm_scpi-ensure-scpi_info-is-not-assigned-if-the-probe-fails.patch new file mode 100644 index 00000000000..ef740df1652 --- /dev/null +++ b/queue-4.19/firmware-arm_scpi-ensure-scpi_info-is-not-assigned-if-the-probe-fails.patch @@ -0,0 +1,154 @@ +From 689640efc0a2c4e07e6f88affe6d42cd40cc3f85 Mon Sep 17 00:00:00 2001 +From: Sudeep Holla +Date: Fri, 1 Jul 2022 17:03:10 +0100 +Subject: firmware: arm_scpi: Ensure scpi_info is not assigned if the probe fails + +From: Sudeep Holla + +commit 689640efc0a2c4e07e6f88affe6d42cd40cc3f85 upstream. + +When scpi probe fails, at any point, we need to ensure that the scpi_info +is not set and will remain NULL until the probe succeeds. If it is not +taken care, then it could result use-after-free as the value is exported +via get_scpi_ops() and could refer to a memory allocated via devm_kzalloc() +but freed when the probe fails. + +Link: https://lore.kernel.org/r/20220701160310.148344-1-sudeep.holla@arm.com +Cc: stable@vger.kernel.org # 4.19+ +Reported-by: huhai +Reviewed-by: Jackie Liu +Signed-off-by: Sudeep Holla +Signed-off-by: Greg Kroah-Hartman +--- + drivers/firmware/arm_scpi.c | 61 +++++++++++++++++++++++++------------------- + 1 file changed, 35 insertions(+), 26 deletions(-) + +--- a/drivers/firmware/arm_scpi.c ++++ b/drivers/firmware/arm_scpi.c +@@ -826,7 +826,7 @@ static int scpi_init_versions(struct scp + info->firmware_version = le32_to_cpu(caps.platform_version); + } + /* Ignore error if not implemented */ +- if (scpi_info->is_legacy && ret == -EOPNOTSUPP) ++ if (info->is_legacy && ret == -EOPNOTSUPP) + return 0; + + return ret; +@@ -916,13 +916,14 @@ static int scpi_probe(struct platform_de + struct resource res; + struct device *dev = &pdev->dev; + struct device_node *np = dev->of_node; ++ struct scpi_drvinfo *scpi_drvinfo; + +- scpi_info = devm_kzalloc(dev, sizeof(*scpi_info), GFP_KERNEL); +- if (!scpi_info) ++ scpi_drvinfo = devm_kzalloc(dev, sizeof(*scpi_drvinfo), GFP_KERNEL); ++ if (!scpi_drvinfo) + return -ENOMEM; + + if (of_match_device(legacy_scpi_of_match, &pdev->dev)) +- scpi_info->is_legacy = true; ++ scpi_drvinfo->is_legacy = true; + + count = of_count_phandle_with_args(np, "mboxes", "#mbox-cells"); + if (count < 0) { +@@ -930,19 +931,19 @@ static int scpi_probe(struct platform_de + return -ENODEV; + } + +- scpi_info->channels = devm_kcalloc(dev, count, sizeof(struct scpi_chan), +- GFP_KERNEL); +- if (!scpi_info->channels) ++ scpi_drvinfo->channels = ++ devm_kcalloc(dev, count, sizeof(struct scpi_chan), GFP_KERNEL); ++ if (!scpi_drvinfo->channels) + return -ENOMEM; + +- ret = devm_add_action(dev, scpi_free_channels, scpi_info); ++ ret = devm_add_action(dev, scpi_free_channels, scpi_drvinfo); + if (ret) + return ret; + +- for (; scpi_info->num_chans < count; scpi_info->num_chans++) { ++ for (; scpi_drvinfo->num_chans < count; scpi_drvinfo->num_chans++) { + resource_size_t size; +- int idx = scpi_info->num_chans; +- struct scpi_chan *pchan = scpi_info->channels + idx; ++ int idx = scpi_drvinfo->num_chans; ++ struct scpi_chan *pchan = scpi_drvinfo->channels + idx; + struct mbox_client *cl = &pchan->cl; + struct device_node *shmem = of_parse_phandle(np, "shmem", idx); + +@@ -986,49 +987,57 @@ static int scpi_probe(struct platform_de + return ret; + } + +- scpi_info->commands = scpi_std_commands; ++ scpi_drvinfo->commands = scpi_std_commands; + +- platform_set_drvdata(pdev, scpi_info); ++ platform_set_drvdata(pdev, scpi_drvinfo); + +- if (scpi_info->is_legacy) { ++ if (scpi_drvinfo->is_legacy) { + /* Replace with legacy variants */ + scpi_ops.clk_set_val = legacy_scpi_clk_set_val; +- scpi_info->commands = scpi_legacy_commands; ++ scpi_drvinfo->commands = scpi_legacy_commands; + + /* Fill priority bitmap */ + for (idx = 0; idx < ARRAY_SIZE(legacy_hpriority_cmds); idx++) + set_bit(legacy_hpriority_cmds[idx], +- scpi_info->cmd_priority); ++ scpi_drvinfo->cmd_priority); + } + +- ret = scpi_init_versions(scpi_info); ++ scpi_info = scpi_drvinfo; ++ ++ ret = scpi_init_versions(scpi_drvinfo); + if (ret) { + dev_err(dev, "incorrect or no SCP firmware found\n"); ++ scpi_info = NULL; + return ret; + } + +- if (scpi_info->is_legacy && !scpi_info->protocol_version && +- !scpi_info->firmware_version) ++ if (scpi_drvinfo->is_legacy && !scpi_drvinfo->protocol_version && ++ !scpi_drvinfo->firmware_version) + dev_info(dev, "SCP Protocol legacy pre-1.0 firmware\n"); + else + dev_info(dev, "SCP Protocol %lu.%lu Firmware %lu.%lu.%lu version\n", + FIELD_GET(PROTO_REV_MAJOR_MASK, +- scpi_info->protocol_version), ++ scpi_drvinfo->protocol_version), + FIELD_GET(PROTO_REV_MINOR_MASK, +- scpi_info->protocol_version), ++ scpi_drvinfo->protocol_version), + FIELD_GET(FW_REV_MAJOR_MASK, +- scpi_info->firmware_version), ++ scpi_drvinfo->firmware_version), + FIELD_GET(FW_REV_MINOR_MASK, +- scpi_info->firmware_version), ++ scpi_drvinfo->firmware_version), + FIELD_GET(FW_REV_PATCH_MASK, +- scpi_info->firmware_version)); +- scpi_info->scpi_ops = &scpi_ops; ++ scpi_drvinfo->firmware_version)); + + ret = devm_device_add_groups(dev, versions_groups); + if (ret) + dev_err(dev, "unable to create sysfs version group\n"); + +- return devm_of_platform_populate(dev); ++ scpi_drvinfo->scpi_ops = &scpi_ops; ++ ++ ret = devm_of_platform_populate(dev); ++ if (ret) ++ scpi_info = NULL; ++ ++ return ret; + } + + static const struct of_device_id scpi_of_match[] = { diff --git a/queue-4.19/net-9p-initialize-the-iounit-field-during-fid-creation.patch b/queue-4.19/net-9p-initialize-the-iounit-field-during-fid-creation.patch new file mode 100644 index 00000000000..f744c28ae45 --- /dev/null +++ b/queue-4.19/net-9p-initialize-the-iounit-field-during-fid-creation.patch @@ -0,0 +1,69 @@ +From aa7aeee169480e98cf41d83c01290a37e569be6d Mon Sep 17 00:00:00 2001 +From: Tyler Hicks +Date: Sun, 10 Jul 2022 09:14:02 -0500 +Subject: net/9p: Initialize the iounit field during fid creation + +From: Tyler Hicks + +commit aa7aeee169480e98cf41d83c01290a37e569be6d upstream. + +Ensure that the fid's iounit field is set to zero when a new fid is +created. Certain 9P operations, such as OPEN and CREATE, allow the +server to reply with an iounit size which the client code assigns to the +p9_fid struct shortly after the fid is created by p9_fid_create(). On +the other hand, an XATTRWALK operation doesn't allow for the server to +specify an iounit value. The iounit field of the newly allocated p9_fid +struct remained uninitialized in that case. Depending on allocation +patterns, the iounit value could have been something reasonable that was +carried over from previously freed fids or, in the worst case, could +have been arbitrary values from non-fid related usages of the memory +location. + +The bug was detected in the Windows Subsystem for Linux 2 (WSL2) kernel +after the uninitialized iounit field resulted in the typical sequence of +two getxattr(2) syscalls, one to get the size of an xattr and another +after allocating a sufficiently sized buffer to fit the xattr value, to +hit an unexpected ERANGE error in the second call to getxattr(2). An +uninitialized iounit field would sometimes force rsize to be smaller +than the xattr value size in p9_client_read_once() and the 9P server in +WSL refused to chunk up the READ on the attr_fid and, instead, returned +ERANGE to the client. The virtfs server in QEMU seems happy to chunk up +the READ and this problem goes undetected there. + +Link: https://lkml.kernel.org/r/20220710141402.803295-1-tyhicks@linux.microsoft.com +Fixes: ebf46264a004 ("fs/9p: Add support user. xattr") +Cc: stable@vger.kernel.org +Signed-off-by: Tyler Hicks +Reviewed-by: Christian Schoenebeck +Signed-off-by: Dominique Martinet +[tyhicks: Adjusted context due to: + - Lack of fid refcounting introduced in v5.11 commit 6636b6dcc3db ("9p: + add refcount to p9_fid struct") + - Difference in how buffer sizes are specified v5.16 commit + 6e195b0f7c8e ("9p: fix a bunch of checkpatch warnings")] +Signed-off-by: Tyler Hicks +Signed-off-by: Greg Kroah-Hartman +--- + net/9p/client.c | 5 +---- + 1 file changed, 1 insertion(+), 4 deletions(-) + +--- a/net/9p/client.c ++++ b/net/9p/client.c +@@ -908,16 +908,13 @@ static struct p9_fid *p9_fid_create(stru + struct p9_fid *fid; + + p9_debug(P9_DEBUG_FID, "clnt %p\n", clnt); +- fid = kmalloc(sizeof(struct p9_fid), GFP_KERNEL); ++ fid = kzalloc(sizeof(struct p9_fid), GFP_KERNEL); + if (!fid) + return NULL; + +- memset(&fid->qid, 0, sizeof(struct p9_qid)); + fid->mode = -1; + fid->uid = current_fsuid(); + fid->clnt = clnt; +- fid->rdir = NULL; +- fid->fid = 0; + + idr_preload(GFP_KERNEL); + spin_lock_irq(&clnt->lock); diff --git a/queue-4.19/net_sched-cls_route-disallow-handle-of-0.patch b/queue-4.19/net_sched-cls_route-disallow-handle-of-0.patch new file mode 100644 index 00000000000..416ba77e41b --- /dev/null +++ b/queue-4.19/net_sched-cls_route-disallow-handle-of-0.patch @@ -0,0 +1,87 @@ +From 02799571714dc5dd6948824b9d080b44a295f695 Mon Sep 17 00:00:00 2001 +From: Jamal Hadi Salim +Date: Sun, 14 Aug 2022 11:27:58 +0000 +Subject: net_sched: cls_route: disallow handle of 0 + +From: Jamal Hadi Salim + +commit 02799571714dc5dd6948824b9d080b44a295f695 upstream. + +Follows up on: +https://lore.kernel.org/all/20220809170518.164662-1-cascardo@canonical.com/ + +handle of 0 implies from/to of universe realm which is not very +sensible. + +Lets see what this patch will do: +$sudo tc qdisc add dev $DEV root handle 1:0 prio + +//lets manufacture a way to insert handle of 0 +$sudo tc filter add dev $DEV parent 1:0 protocol ip prio 100 \ +route to 0 from 0 classid 1:10 action ok + +//gets rejected... +Error: handle of 0 is not valid. +We have an error talking to the kernel, -1 + +//lets create a legit entry.. +sudo tc filter add dev $DEV parent 1:0 protocol ip prio 100 route from 10 \ +classid 1:10 action ok + +//what did the kernel insert? +$sudo tc filter ls dev $DEV parent 1:0 +filter protocol ip pref 100 route chain 0 +filter protocol ip pref 100 route chain 0 fh 0x000a8000 flowid 1:10 from 10 + action order 1: gact action pass + random type none pass val 0 + index 1 ref 1 bind 1 + +//Lets try to replace that legit entry with a handle of 0 +$ sudo tc filter replace dev $DEV parent 1:0 protocol ip prio 100 \ +handle 0x000a8000 route to 0 from 0 classid 1:10 action drop + +Error: Replacing with handle of 0 is invalid. +We have an error talking to the kernel, -1 + +And last, lets run Cascardo's POC: +$ ./poc +0 +0 +-22 +-22 +-22 + +Signed-off-by: Jamal Hadi Salim +Acked-by: Stephen Hemminger +Signed-off-by: David S. Miller +Signed-off-by: Greg Kroah-Hartman +--- + net/sched/cls_route.c | 10 ++++++++++ + 1 file changed, 10 insertions(+) + +--- a/net/sched/cls_route.c ++++ b/net/sched/cls_route.c +@@ -427,6 +427,11 @@ static int route4_set_parms(struct net * + return -EINVAL; + } + ++ if (!nhandle) { ++ NL_SET_ERR_MSG(extack, "Replacing with handle of 0 is invalid"); ++ return -EINVAL; ++ } ++ + h1 = to_hash(nhandle); + b = rtnl_dereference(head->table[h1]); + if (!b) { +@@ -480,6 +485,11 @@ static int route4_change(struct net *net + int err; + bool new = true; + ++ if (!handle) { ++ NL_SET_ERR_MSG(extack, "Creating with handle of 0 is invalid"); ++ return -EINVAL; ++ } ++ + if (opt == NULL) + return handle ? -EINVAL : 0; + diff --git a/queue-4.19/powerpc-mm-split-dump_pagelinuxtables-flag_array-table.patch b/queue-4.19/powerpc-mm-split-dump_pagelinuxtables-flag_array-table.patch new file mode 100644 index 00000000000..532cf9d5cb0 --- /dev/null +++ b/queue-4.19/powerpc-mm-split-dump_pagelinuxtables-flag_array-table.patch @@ -0,0 +1,526 @@ +From 97026b5a5ac26541b3d294146f5c941491a9e609 Mon Sep 17 00:00:00 2001 +From: Christophe Leroy +Date: Tue, 9 Oct 2018 13:51:58 +0000 +Subject: powerpc/mm: Split dump_pagelinuxtables flag_array table + +From: Christophe Leroy + +commit 97026b5a5ac26541b3d294146f5c941491a9e609 upstream. + +To reduce the complexity of flag_array, and allow the removal of +default 0 value of non existing flags, lets have one flag_array +table for each platform family with only the really existing flags. + +Reviewed-by: Aneesh Kumar K.V +Signed-off-by: Christophe Leroy +Signed-off-by: Michael Ellerman +Signed-off-by: Greg Kroah-Hartman +--- + arch/powerpc/mm/Makefile | 7 + + arch/powerpc/mm/dump_linuxpagetables-8xx.c | 82 ++++++++++++ + arch/powerpc/mm/dump_linuxpagetables-book3s64.c | 115 +++++++++++++++++ + arch/powerpc/mm/dump_linuxpagetables-generic.c | 82 ++++++++++++ + arch/powerpc/mm/dump_linuxpagetables.c | 155 ------------------------ + arch/powerpc/mm/dump_linuxpagetables.h | 19 ++ + 6 files changed, 307 insertions(+), 153 deletions(-) + create mode 100644 arch/powerpc/mm/dump_linuxpagetables-8xx.c + create mode 100644 arch/powerpc/mm/dump_linuxpagetables-book3s64.c + create mode 100644 arch/powerpc/mm/dump_linuxpagetables-generic.c + create mode 100644 arch/powerpc/mm/dump_linuxpagetables.h + +--- a/arch/powerpc/mm/Makefile ++++ b/arch/powerpc/mm/Makefile +@@ -43,5 +43,12 @@ obj-$(CONFIG_HIGHMEM) += highmem.o + obj-$(CONFIG_PPC_COPRO_BASE) += copro_fault.o + obj-$(CONFIG_SPAPR_TCE_IOMMU) += mmu_context_iommu.o + obj-$(CONFIG_PPC_PTDUMP) += dump_linuxpagetables.o ++ifdef CONFIG_PPC_PTDUMP ++obj-$(CONFIG_4xx) += dump_linuxpagetables-generic.o ++obj-$(CONFIG_PPC_8xx) += dump_linuxpagetables-8xx.o ++obj-$(CONFIG_PPC_BOOK3E_MMU) += dump_linuxpagetables-generic.o ++obj-$(CONFIG_PPC_BOOK3S_32) += dump_linuxpagetables-generic.o ++obj-$(CONFIG_PPC_BOOK3S_64) += dump_linuxpagetables-book3s64.o ++endif + obj-$(CONFIG_PPC_HTDUMP) += dump_hashpagetable.o + obj-$(CONFIG_PPC_MEM_KEYS) += pkeys.o +--- /dev/null ++++ b/arch/powerpc/mm/dump_linuxpagetables-8xx.c +@@ -0,0 +1,82 @@ ++// SPDX-License-Identifier: GPL-2.0 ++/* ++ * From split of dump_linuxpagetables.c ++ * Copyright 2016, Rashmica Gupta, IBM Corp. ++ * ++ */ ++#include ++#include ++ ++#include "dump_linuxpagetables.h" ++ ++static const struct flag_info flag_array[] = { ++ { ++ .mask = _PAGE_PRIVILEGED, ++ .val = 0, ++ .set = "user", ++ .clear = " ", ++ }, { ++ .mask = _PAGE_RO | _PAGE_NA, ++ .val = 0, ++ .set = "rw", ++ }, { ++ .mask = _PAGE_RO | _PAGE_NA, ++ .val = _PAGE_RO, ++ .set = "r ", ++ }, { ++ .mask = _PAGE_RO | _PAGE_NA, ++ .val = _PAGE_NA, ++ .set = " ", ++ }, { ++ .mask = _PAGE_EXEC, ++ .val = _PAGE_EXEC, ++ .set = " X ", ++ .clear = " ", ++ }, { ++ .mask = _PAGE_PRESENT, ++ .val = _PAGE_PRESENT, ++ .set = "present", ++ .clear = " ", ++ }, { ++ .mask = _PAGE_GUARDED, ++ .val = _PAGE_GUARDED, ++ .set = "guarded", ++ .clear = " ", ++ }, { ++ .mask = _PAGE_DIRTY, ++ .val = _PAGE_DIRTY, ++ .set = "dirty", ++ .clear = " ", ++ }, { ++ .mask = _PAGE_ACCESSED, ++ .val = _PAGE_ACCESSED, ++ .set = "accessed", ++ .clear = " ", ++ }, { ++ .mask = _PAGE_NO_CACHE, ++ .val = _PAGE_NO_CACHE, ++ .set = "no cache", ++ .clear = " ", ++ }, { ++ .mask = _PAGE_SPECIAL, ++ .val = _PAGE_SPECIAL, ++ .set = "special", ++ } ++}; ++ ++struct pgtable_level pg_level[5] = { ++ { ++ }, { /* pgd */ ++ .flag = flag_array, ++ .num = ARRAY_SIZE(flag_array), ++ }, { /* pud */ ++ .flag = flag_array, ++ .num = ARRAY_SIZE(flag_array), ++ }, { /* pmd */ ++ .flag = flag_array, ++ .num = ARRAY_SIZE(flag_array), ++ }, { /* pte */ ++ .flag = flag_array, ++ .num = ARRAY_SIZE(flag_array), ++ }, ++}; +--- /dev/null ++++ b/arch/powerpc/mm/dump_linuxpagetables-book3s64.c +@@ -0,0 +1,115 @@ ++// SPDX-License-Identifier: GPL-2.0 ++/* ++ * From split of dump_linuxpagetables.c ++ * Copyright 2016, Rashmica Gupta, IBM Corp. ++ * ++ */ ++#include ++#include ++ ++#include "dump_linuxpagetables.h" ++ ++static const struct flag_info flag_array[] = { ++ { ++ .mask = _PAGE_PRIVILEGED, ++ .val = 0, ++ .set = "user", ++ .clear = " ", ++ }, { ++ .mask = _PAGE_READ, ++ .val = _PAGE_READ, ++ .set = "r", ++ .clear = " ", ++ }, { ++ .mask = _PAGE_WRITE, ++ .val = _PAGE_WRITE, ++ .set = "w", ++ .clear = " ", ++ }, { ++ .mask = _PAGE_EXEC, ++ .val = _PAGE_EXEC, ++ .set = " X ", ++ .clear = " ", ++ }, { ++ .mask = _PAGE_PTE, ++ .val = _PAGE_PTE, ++ .set = "pte", ++ .clear = " ", ++ }, { ++ .mask = _PAGE_PRESENT, ++ .val = _PAGE_PRESENT, ++ .set = "present", ++ .clear = " ", ++ }, { ++ .mask = H_PAGE_HASHPTE, ++ .val = H_PAGE_HASHPTE, ++ .set = "hpte", ++ .clear = " ", ++ }, { ++ .mask = _PAGE_DIRTY, ++ .val = _PAGE_DIRTY, ++ .set = "dirty", ++ .clear = " ", ++ }, { ++ .mask = _PAGE_ACCESSED, ++ .val = _PAGE_ACCESSED, ++ .set = "accessed", ++ .clear = " ", ++ }, { ++ .mask = _PAGE_NON_IDEMPOTENT, ++ .val = _PAGE_NON_IDEMPOTENT, ++ .set = "non-idempotent", ++ .clear = " ", ++ }, { ++ .mask = _PAGE_TOLERANT, ++ .val = _PAGE_TOLERANT, ++ .set = "tolerant", ++ .clear = " ", ++ }, { ++ .mask = H_PAGE_BUSY, ++ .val = H_PAGE_BUSY, ++ .set = "busy", ++ }, { ++#ifdef CONFIG_PPC_64K_PAGES ++ .mask = H_PAGE_COMBO, ++ .val = H_PAGE_COMBO, ++ .set = "combo", ++ }, { ++ .mask = H_PAGE_4K_PFN, ++ .val = H_PAGE_4K_PFN, ++ .set = "4K_pfn", ++ }, { ++#else /* CONFIG_PPC_64K_PAGES */ ++ .mask = H_PAGE_F_GIX, ++ .val = H_PAGE_F_GIX, ++ .set = "f_gix", ++ .is_val = true, ++ .shift = H_PAGE_F_GIX_SHIFT, ++ }, { ++ .mask = H_PAGE_F_SECOND, ++ .val = H_PAGE_F_SECOND, ++ .set = "f_second", ++ }, { ++#endif /* CONFIG_PPC_64K_PAGES */ ++ .mask = _PAGE_SPECIAL, ++ .val = _PAGE_SPECIAL, ++ .set = "special", ++ } ++}; ++ ++struct pgtable_level pg_level[5] = { ++ { ++ }, { /* pgd */ ++ .flag = flag_array, ++ .num = ARRAY_SIZE(flag_array), ++ }, { /* pud */ ++ .flag = flag_array, ++ .num = ARRAY_SIZE(flag_array), ++ }, { /* pmd */ ++ .flag = flag_array, ++ .num = ARRAY_SIZE(flag_array), ++ }, { /* pte */ ++ .flag = flag_array, ++ .num = ARRAY_SIZE(flag_array), ++ }, ++}; +--- /dev/null ++++ b/arch/powerpc/mm/dump_linuxpagetables-generic.c +@@ -0,0 +1,82 @@ ++// SPDX-License-Identifier: GPL-2.0 ++/* ++ * From split of dump_linuxpagetables.c ++ * Copyright 2016, Rashmica Gupta, IBM Corp. ++ * ++ */ ++#include ++#include ++ ++#include "dump_linuxpagetables.h" ++ ++static const struct flag_info flag_array[] = { ++ { ++ .mask = _PAGE_USER, ++ .val = _PAGE_USER, ++ .set = "user", ++ .clear = " ", ++ }, { ++ .mask = _PAGE_RW, ++ .val = _PAGE_RW, ++ .set = "rw", ++ .clear = "r ", ++ }, { ++#ifndef CONFIG_PPC_BOOK3S_32 ++ .mask = _PAGE_EXEC, ++ .val = _PAGE_EXEC, ++ .set = " X ", ++ .clear = " ", ++ }, { ++#endif ++ .mask = _PAGE_PRESENT, ++ .val = _PAGE_PRESENT, ++ .set = "present", ++ .clear = " ", ++ }, { ++ .mask = _PAGE_GUARDED, ++ .val = _PAGE_GUARDED, ++ .set = "guarded", ++ .clear = " ", ++ }, { ++ .mask = _PAGE_DIRTY, ++ .val = _PAGE_DIRTY, ++ .set = "dirty", ++ .clear = " ", ++ }, { ++ .mask = _PAGE_ACCESSED, ++ .val = _PAGE_ACCESSED, ++ .set = "accessed", ++ .clear = " ", ++ }, { ++ .mask = _PAGE_WRITETHRU, ++ .val = _PAGE_WRITETHRU, ++ .set = "write through", ++ .clear = " ", ++ }, { ++ .mask = _PAGE_NO_CACHE, ++ .val = _PAGE_NO_CACHE, ++ .set = "no cache", ++ .clear = " ", ++ }, { ++ .mask = _PAGE_SPECIAL, ++ .val = _PAGE_SPECIAL, ++ .set = "special", ++ } ++}; ++ ++struct pgtable_level pg_level[5] = { ++ { ++ }, { /* pgd */ ++ .flag = flag_array, ++ .num = ARRAY_SIZE(flag_array), ++ }, { /* pud */ ++ .flag = flag_array, ++ .num = ARRAY_SIZE(flag_array), ++ }, { /* pmd */ ++ .flag = flag_array, ++ .num = ARRAY_SIZE(flag_array), ++ }, { /* pte */ ++ .flag = flag_array, ++ .num = ARRAY_SIZE(flag_array), ++ }, ++}; +--- a/arch/powerpc/mm/dump_linuxpagetables.c ++++ b/arch/powerpc/mm/dump_linuxpagetables.c +@@ -28,6 +28,8 @@ + #include + #include + ++#include "dump_linuxpagetables.h" ++ + #ifdef CONFIG_PPC32 + #define KERN_VIRT_START 0 + #endif +@@ -102,159 +104,6 @@ static struct addr_marker address_marker + { -1, NULL }, + }; + +-struct flag_info { +- u64 mask; +- u64 val; +- const char *set; +- const char *clear; +- bool is_val; +- int shift; +-}; +- +-static const struct flag_info flag_array[] = { +- { +- .mask = _PAGE_USER | _PAGE_PRIVILEGED, +- .val = _PAGE_USER, +- .set = "user", +- .clear = " ", +- }, { +- .mask = _PAGE_RW | _PAGE_RO | _PAGE_NA, +- .val = _PAGE_RW, +- .set = "rw", +- }, { +- .mask = _PAGE_RW | _PAGE_RO | _PAGE_NA, +- .val = _PAGE_RO, +- .set = "ro", +- }, { +-#if _PAGE_NA != 0 +- .mask = _PAGE_RW | _PAGE_RO | _PAGE_NA, +- .val = _PAGE_RO, +- .set = "na", +- }, { +-#endif +- .mask = _PAGE_EXEC, +- .val = _PAGE_EXEC, +- .set = " X ", +- .clear = " ", +- }, { +- .mask = _PAGE_PTE, +- .val = _PAGE_PTE, +- .set = "pte", +- .clear = " ", +- }, { +- .mask = _PAGE_PRESENT, +- .val = _PAGE_PRESENT, +- .set = "present", +- .clear = " ", +- }, { +-#ifdef CONFIG_PPC_BOOK3S_64 +- .mask = H_PAGE_HASHPTE, +- .val = H_PAGE_HASHPTE, +-#else +- .mask = _PAGE_HASHPTE, +- .val = _PAGE_HASHPTE, +-#endif +- .set = "hpte", +- .clear = " ", +- }, { +-#ifndef CONFIG_PPC_BOOK3S_64 +- .mask = _PAGE_GUARDED, +- .val = _PAGE_GUARDED, +- .set = "guarded", +- .clear = " ", +- }, { +-#endif +- .mask = _PAGE_DIRTY, +- .val = _PAGE_DIRTY, +- .set = "dirty", +- .clear = " ", +- }, { +- .mask = _PAGE_ACCESSED, +- .val = _PAGE_ACCESSED, +- .set = "accessed", +- .clear = " ", +- }, { +-#ifndef CONFIG_PPC_BOOK3S_64 +- .mask = _PAGE_WRITETHRU, +- .val = _PAGE_WRITETHRU, +- .set = "write through", +- .clear = " ", +- }, { +-#endif +-#ifndef CONFIG_PPC_BOOK3S_64 +- .mask = _PAGE_NO_CACHE, +- .val = _PAGE_NO_CACHE, +- .set = "no cache", +- .clear = " ", +- }, { +-#else +- .mask = _PAGE_NON_IDEMPOTENT, +- .val = _PAGE_NON_IDEMPOTENT, +- .set = "non-idempotent", +- .clear = " ", +- }, { +- .mask = _PAGE_TOLERANT, +- .val = _PAGE_TOLERANT, +- .set = "tolerant", +- .clear = " ", +- }, { +-#endif +-#ifdef CONFIG_PPC_BOOK3S_64 +- .mask = H_PAGE_BUSY, +- .val = H_PAGE_BUSY, +- .set = "busy", +- }, { +-#ifdef CONFIG_PPC_64K_PAGES +- .mask = H_PAGE_COMBO, +- .val = H_PAGE_COMBO, +- .set = "combo", +- }, { +- .mask = H_PAGE_4K_PFN, +- .val = H_PAGE_4K_PFN, +- .set = "4K_pfn", +- }, { +-#else /* CONFIG_PPC_64K_PAGES */ +- .mask = H_PAGE_F_GIX, +- .val = H_PAGE_F_GIX, +- .set = "f_gix", +- .is_val = true, +- .shift = H_PAGE_F_GIX_SHIFT, +- }, { +- .mask = H_PAGE_F_SECOND, +- .val = H_PAGE_F_SECOND, +- .set = "f_second", +- }, { +-#endif /* CONFIG_PPC_64K_PAGES */ +-#endif +- .mask = _PAGE_SPECIAL, +- .val = _PAGE_SPECIAL, +- .set = "special", +- } +-}; +- +-struct pgtable_level { +- const struct flag_info *flag; +- size_t num; +- u64 mask; +-}; +- +-static struct pgtable_level pg_level[] = { +- { +- }, { /* pgd */ +- .flag = flag_array, +- .num = ARRAY_SIZE(flag_array), +- }, { /* pud */ +- .flag = flag_array, +- .num = ARRAY_SIZE(flag_array), +- }, { /* pmd */ +- .flag = flag_array, +- .num = ARRAY_SIZE(flag_array), +- }, { /* pte */ +- .flag = flag_array, +- .num = ARRAY_SIZE(flag_array), +- }, +-}; +- + static void dump_flag_info(struct pg_state *st, const struct flag_info + *flag, u64 pte, int num) + { +--- /dev/null ++++ b/arch/powerpc/mm/dump_linuxpagetables.h +@@ -0,0 +1,19 @@ ++/* SPDX-License-Identifier: GPL-2.0 */ ++#include ++ ++struct flag_info { ++ u64 mask; ++ u64 val; ++ const char *set; ++ const char *clear; ++ bool is_val; ++ int shift; ++}; ++ ++struct pgtable_level { ++ const struct flag_info *flag; ++ size_t num; ++ u64 mask; ++}; ++ ++extern struct pgtable_level pg_level[5]; diff --git a/queue-4.19/powerpc-ptdump-fix-display-of-rw-pages-on-fsl_book3e.patch b/queue-4.19/powerpc-ptdump-fix-display-of-rw-pages-on-fsl_book3e.patch new file mode 100644 index 00000000000..7467b7d3640 --- /dev/null +++ b/queue-4.19/powerpc-ptdump-fix-display-of-rw-pages-on-fsl_book3e.patch @@ -0,0 +1,46 @@ +From dd8de84b57b02ba9c1fe530a6d916c0853f136bd Mon Sep 17 00:00:00 2001 +From: Christophe Leroy +Date: Tue, 28 Jun 2022 16:43:35 +0200 +Subject: powerpc/ptdump: Fix display of RW pages on FSL_BOOK3E + +From: Christophe Leroy + +commit dd8de84b57b02ba9c1fe530a6d916c0853f136bd upstream. + +On FSL_BOOK3E, _PAGE_RW is defined with two bits, one for user and one +for supervisor. As soon as one of the two bits is set, the page has +to be display as RW. But the way it is implemented today requires both +bits to be set in order to display it as RW. + +Instead of display RW when _PAGE_RW bits are set and R otherwise, +reverse the logic and display R when _PAGE_RW bits are all 0 and +RW otherwise. + +This change has no impact on other platforms as _PAGE_RW is a single +bit on all of them. + +Fixes: 8eb07b187000 ("powerpc/mm: Dump linux pagetables") +Cc: stable@vger.kernel.org +Signed-off-by: Christophe Leroy +Signed-off-by: Michael Ellerman +Link: https://lore.kernel.org/r/0c33b96317811edf691e81698aaee8fa45ec3449.1656427391.git.christophe.leroy@csgroup.eu +Signed-off-by: Greg Kroah-Hartman +--- + arch/powerpc/mm/dump_linuxpagetables-generic.c | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +--- a/arch/powerpc/mm/dump_linuxpagetables-generic.c ++++ b/arch/powerpc/mm/dump_linuxpagetables-generic.c +@@ -17,9 +17,9 @@ static const struct flag_info flag_array + .clear = " ", + }, { + .mask = _PAGE_RW, +- .val = _PAGE_RW, +- .set = "rw", +- .clear = "r ", ++ .val = 0, ++ .set = "r ", ++ .clear = "rw", + }, { + #ifndef CONFIG_PPC_BOOK3S_32 + .mask = _PAGE_EXEC, diff --git a/queue-4.19/series b/queue-4.19/series index b1255c4b316..17131a46f50 100644 --- a/queue-4.19/series +++ b/queue-4.19/series @@ -208,3 +208,8 @@ tcp-fix-over-estimation-in-sk_forced_mem_schedule.patch scsi-sg-allow-waiting-for-commands-to-complete-on-removed-device.patch revert-net-usb-ax88179_178a-needs-flag_send_zlp.patch bluetooth-l2cap-fix-l2cap_global_chan_by_psm-regression.patch +net-9p-initialize-the-iounit-field-during-fid-creation.patch +net_sched-cls_route-disallow-handle-of-0.patch +firmware-arm_scpi-ensure-scpi_info-is-not-assigned-if-the-probe-fails.patch +powerpc-mm-split-dump_pagelinuxtables-flag_array-table.patch +powerpc-ptdump-fix-display-of-rw-pages-on-fsl_book3e.patch -- 2.47.3