--- /dev/null
+From 47846d51348dd62e5231a83be040981b17c955fa Mon Sep 17 00:00:00 2001
+From: Paul Moore <paul@paul-moore.com>
+Date: Mon, 9 Oct 2023 13:18:49 -0400
+Subject: audit: don't take task_lock() in audit_exe_compare() code path
+
+From: Paul Moore <paul@paul-moore.com>
+
+commit 47846d51348dd62e5231a83be040981b17c955fa upstream.
+
+The get_task_exe_file() function locks the given task with task_lock()
+which when used inside audit_exe_compare() can cause deadlocks on
+systems that generate audit records when the task_lock() is held. We
+resolve this problem with two changes: ignoring those cases where the
+task being audited is not the current task, and changing our approach
+to obtaining the executable file struct to not require task_lock().
+
+With the intent of the audit exe filter being to filter on audit events
+generated by processes started by the specified executable, it makes
+sense that we would only want to use the exe filter on audit records
+associated with the currently executing process, e.g. @current. If
+we are asked to filter records using a non-@current task_struct we can
+safely ignore the exe filter without negatively impacting the admin's
+expectations for the exe filter.
+
+Knowing that we only have to worry about filtering the currently
+executing task in audit_exe_compare() we can do away with the
+task_lock() and call get_mm_exe_file() with @current->mm directly.
+
+Cc: <stable@vger.kernel.org>
+Fixes: 5efc244346f9 ("audit: fix exe_file access in audit_exe_compare")
+Reported-by: Andreas Steinmetz <anstein99@googlemail.com>
+Reviewed-by: John Johansen <john.johanse@canonical.com>
+Reviewed-by: Mateusz Guzik <mjguzik@gmail.com>
+Signed-off-by: Paul Moore <paul@paul-moore.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ kernel/audit_watch.c | 9 ++++++++-
+ 1 file changed, 8 insertions(+), 1 deletion(-)
+
+--- a/kernel/audit_watch.c
++++ b/kernel/audit_watch.c
+@@ -557,11 +557,18 @@ int audit_exe_compare(struct task_struct
+ unsigned long ino;
+ dev_t dev;
+
+- exe_file = get_task_exe_file(tsk);
++ /* only do exe filtering if we are recording @current events/records */
++ if (tsk != current)
++ return 0;
++
++ if (WARN_ON_ONCE(!current->mm))
++ return 0;
++ exe_file = get_mm_exe_file(current->mm);
+ if (!exe_file)
+ return 0;
+ ino = file_inode(exe_file)->i_ino;
+ dev = file_inode(exe_file)->i_sb->s_dev;
+ fput(exe_file);
++
+ return audit_mark_compare(mark, ino, dev);
+ }
--- /dev/null
+From 969d90ec212bae4b45bf9d21d7daa30aa6cf055e Mon Sep 17 00:00:00 2001
+From: Paul Moore <paul@paul-moore.com>
+Date: Tue, 14 Nov 2023 17:25:48 -0500
+Subject: audit: don't WARN_ON_ONCE(!current->mm) in audit_exe_compare()
+
+From: Paul Moore <paul@paul-moore.com>
+
+commit 969d90ec212bae4b45bf9d21d7daa30aa6cf055e upstream.
+
+eBPF can end up calling into the audit code from some odd places, and
+some of these places don't have @current set properly so we end up
+tripping the `WARN_ON_ONCE(!current->mm)` near the top of
+`audit_exe_compare()`. While the basic `!current->mm` check is good,
+the `WARN_ON_ONCE()` results in some scary console messages so let's
+drop that and just do the regular `!current->mm` check to avoid
+problems.
+
+Cc: <stable@vger.kernel.org>
+Fixes: 47846d51348d ("audit: don't take task_lock() in audit_exe_compare() code path")
+Reported-by: Artem Savkov <asavkov@redhat.com>
+Signed-off-by: Paul Moore <paul@paul-moore.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ kernel/audit_watch.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/kernel/audit_watch.c
++++ b/kernel/audit_watch.c
+@@ -561,7 +561,7 @@ int audit_exe_compare(struct task_struct
+ if (tsk != current)
+ return 0;
+
+- if (WARN_ON_ONCE(!current->mm))
++ if (!current->mm)
+ return 0;
+ exe_file = get_mm_exe_file(current->mm);
+ if (!exe_file)
--- /dev/null
+From 2704c9a5593f4a47620c12dad78838ca62b52f48 Mon Sep 17 00:00:00 2001
+From: David Woodhouse <dwmw@amazon.co.uk>
+Date: Fri, 20 Oct 2023 17:15:28 +0100
+Subject: hvc/xen: fix error path in xen_hvc_init() to always register frontend driver
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+From: David Woodhouse <dwmw@amazon.co.uk>
+
+commit 2704c9a5593f4a47620c12dad78838ca62b52f48 upstream.
+
+The xen_hvc_init() function should always register the frontend driver,
+even when there's no primary console — as there may be secondary consoles.
+(Qemu can always add secondary consoles, but only the toolstack can add
+the primary because it's special.)
+
+Signed-off-by: David Woodhouse <dwmw@amazon.co.uk>
+Reviewed-by: Juergen Gross <jgross@suse.com>
+Cc: stable@vger.kernel.org
+Link: https://lore.kernel.org/r/20231020161529.355083-3-dwmw2@infradead.org
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ drivers/tty/hvc/hvc_xen.c | 5 +++--
+ 1 file changed, 3 insertions(+), 2 deletions(-)
+
+--- a/drivers/tty/hvc/hvc_xen.c
++++ b/drivers/tty/hvc/hvc_xen.c
+@@ -600,7 +600,7 @@ static int __init xen_hvc_init(void)
+ ops = &dom0_hvc_ops;
+ r = xen_initial_domain_console_init();
+ if (r < 0)
+- return r;
++ goto register_fe;
+ info = vtermno_to_xencons(HVC_COOKIE);
+ } else {
+ ops = &domU_hvc_ops;
+@@ -609,7 +609,7 @@ static int __init xen_hvc_init(void)
+ else
+ r = xen_pv_console_init();
+ if (r < 0)
+- return r;
++ goto register_fe;
+
+ info = vtermno_to_xencons(HVC_COOKIE);
+ info->irq = bind_evtchn_to_irq_lateeoi(info->evtchn);
+@@ -634,6 +634,7 @@ static int __init xen_hvc_init(void)
+ }
+
+ r = 0;
++ register_fe:
+ #ifdef CONFIG_HVC_XEN_FRONTEND
+ r = xenbus_register_frontend(&xencons_driver);
+ #endif
--- /dev/null
+From 70b70a4307cccebe91388337b1c85735ce4de6ff Mon Sep 17 00:00:00 2001
+From: Lukas Wunner <lukas@wunner.de>
+Date: Mon, 18 Sep 2023 14:48:01 +0200
+Subject: PCI/sysfs: Protect driver's D3cold preference from user space
+
+From: Lukas Wunner <lukas@wunner.de>
+
+commit 70b70a4307cccebe91388337b1c85735ce4de6ff upstream.
+
+struct pci_dev contains two flags which govern whether the device may
+suspend to D3cold:
+
+* no_d3cold provides an opt-out for drivers (e.g. if a device is known
+ to not wake from D3cold)
+
+* d3cold_allowed provides an opt-out for user space (default is true,
+ user space may set to false)
+
+Since commit 9d26d3a8f1b0 ("PCI: Put PCIe ports into D3 during suspend"),
+the user space setting overwrites the driver setting. Essentially user
+space is trusted to know better than the driver whether D3cold is
+working.
+
+That feels unsafe and wrong. Assume that the change was introduced
+inadvertently and do not overwrite no_d3cold when d3cold_allowed is
+modified. Instead, consider d3cold_allowed in addition to no_d3cold
+when choosing a suspend state for the device.
+
+That way, user space may opt out of D3cold if the driver hasn't, but it
+may no longer force an opt in if the driver has opted out.
+
+Fixes: 9d26d3a8f1b0 ("PCI: Put PCIe ports into D3 during suspend")
+Link: https://lore.kernel.org/r/b8a7f4af2b73f6b506ad8ddee59d747cbf834606.1695025365.git.lukas@wunner.de
+Signed-off-by: Lukas Wunner <lukas@wunner.de>
+Signed-off-by: Bjorn Helgaas <bhelgaas@google.com>
+Reviewed-by: Mika Westerberg <mika.westerberg@linux.intel.com>
+Reviewed-by: Mario Limonciello <mario.limonciello@amd.com>
+Cc: stable@vger.kernel.org # v4.8+
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ drivers/pci/pci-acpi.c | 2 +-
+ drivers/pci/pci-sysfs.c | 5 +----
+ 2 files changed, 2 insertions(+), 5 deletions(-)
+
+--- a/drivers/pci/pci-acpi.c
++++ b/drivers/pci/pci-acpi.c
+@@ -482,7 +482,7 @@ static pci_power_t acpi_pci_choose_state
+ {
+ int acpi_state, d_max;
+
+- if (pdev->no_d3cold)
++ if (pdev->no_d3cold || !pdev->d3cold_allowed)
+ d_max = ACPI_STATE_D3_HOT;
+ else
+ d_max = ACPI_STATE_D3_COLD;
+--- a/drivers/pci/pci-sysfs.c
++++ b/drivers/pci/pci-sysfs.c
+@@ -534,10 +534,7 @@ static ssize_t d3cold_allowed_store(stru
+ return -EINVAL;
+
+ pdev->d3cold_allowed = !!val;
+- if (pdev->d3cold_allowed)
+- pci_d3cold_enable(pdev);
+- else
+- pci_d3cold_disable(pdev);
++ pci_bridge_d3_update(pdev);
+
+ pm_runtime_resume(dev);
+
media-venus-hfi-add-checks-to-perform-sanity-on-queue-pointers.patch
randstruct-fix-gcc-plugin-performance-mode-to-stay-in-group.patch
kvm-x86-ignore-msr_amd64_tw_cfg-access.patch
+audit-don-t-take-task_lock-in-audit_exe_compare-code-path.patch
+audit-don-t-warn_on_once-current-mm-in-audit_exe_compare.patch
+hvc-xen-fix-error-path-in-xen_hvc_init-to-always-register-frontend-driver.patch
+pci-sysfs-protect-driver-s-d3cold-preference-from-user-space.patch
projects / thirdparty / kernel / stable-queue.git / commitdiff
