--- /dev/null
+From 8dfe804a4031ca6ba3a3efb2048534249b64f3a5 Mon Sep 17 00:00:00 2001
+From: Jiping Ma <jiping.ma2@windriver.com>
+Date: Mon, 11 May 2020 10:52:07 +0800
+Subject: arm64: perf: Report the PC value in REGS_ABI_32 mode
+
+From: Jiping Ma <jiping.ma2@windriver.com>
+
+commit 8dfe804a4031ca6ba3a3efb2048534249b64f3a5 upstream.
+
+A 32-bit perf querying the registers of a compat task using REGS_ABI_32
+will receive zeroes from w15, when it expects to find the PC.
+
+Return the PC value for register dwarf register 15 when returning register
+values for a compat task to perf.
+
+Cc: <stable@vger.kernel.org>
+Acked-by: Mark Rutland <mark.rutland@arm.com>
+Signed-off-by: Jiping Ma <jiping.ma2@windriver.com>
+Link: https://lore.kernel.org/r/1589165527-188401-1-git-send-email-jiping.ma2@windriver.com
+[will: Shuffled code and added a comment]
+Signed-off-by: Will Deacon <will@kernel.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ arch/arm64/kernel/perf_regs.c | 25 ++++++++++++++++++++++---
+ 1 file changed, 22 insertions(+), 3 deletions(-)
+
+--- a/arch/arm64/kernel/perf_regs.c
++++ b/arch/arm64/kernel/perf_regs.c
+@@ -13,15 +13,34 @@ u64 perf_reg_value(struct pt_regs *regs,
+ return 0;
+
+ /*
+- * Compat (i.e. 32 bit) mode:
+- * - PC has been set in the pt_regs struct in kernel_entry,
+- * - Handle SP and LR here.
++ * Our handling of compat tasks (PERF_SAMPLE_REGS_ABI_32) is weird, but
++ * we're stuck with it for ABI compatability reasons.
++ *
++ * For a 32-bit consumer inspecting a 32-bit task, then it will look at
++ * the first 16 registers (see arch/arm/include/uapi/asm/perf_regs.h).
++ * These correspond directly to a prefix of the registers saved in our
++ * 'struct pt_regs', with the exception of the PC, so we copy that down
++ * (x15 corresponds to SP_hyp in the architecture).
++ *
++ * So far, so good.
++ *
++ * The oddity arises when a 64-bit consumer looks at a 32-bit task and
++ * asks for registers beyond PERF_REG_ARM_MAX. In this case, we return
++ * SP_usr, LR_usr and PC in the positions where the AArch64 SP, LR and
++ * PC registers would normally live. The initial idea was to allow a
++ * 64-bit unwinder to unwind a 32-bit task and, although it's not clear
++ * how well that works in practice, somebody might be relying on it.
++ *
++ * At the time we make a sample, we don't know whether the consumer is
++ * 32-bit or 64-bit, so we have to cater for both possibilities.
+ */
+ if (compat_user_mode(regs)) {
+ if ((u32)idx == PERF_REG_ARM64_SP)
+ return regs->compat_sp;
+ if ((u32)idx == PERF_REG_ARM64_LR)
+ return regs->compat_lr;
++ if (idx == 15)
++ return regs->pc;
+ }
+
+ if ((u32)idx == PERF_REG_ARM64_SP)
--- /dev/null
+From 8982ae527fbef170ef298650c15d55a9ccd33973 Mon Sep 17 00:00:00 2001
+From: Waiman Long <longman@redhat.com>
+Date: Thu, 25 Jun 2020 20:29:52 -0700
+Subject: mm/slab: use memzero_explicit() in kzfree()
+
+From: Waiman Long <longman@redhat.com>
+
+commit 8982ae527fbef170ef298650c15d55a9ccd33973 upstream.
+
+The kzfree() function is normally used to clear some sensitive
+information, like encryption keys, in the buffer before freeing it back to
+the pool. Memset() is currently used for buffer clearing. However
+unlikely, there is still a non-zero probability that the compiler may
+choose to optimize away the memory clearing especially if LTO is being
+used in the future.
+
+To make sure that this optimization will never happen,
+memzero_explicit(), which is introduced in v3.18, is now used in
+kzfree() to future-proof it.
+
+Link: http://lkml.kernel.org/r/20200616154311.12314-2-longman@redhat.com
+Fixes: 3ef0e5ba4673 ("slab: introduce kzfree()")
+Signed-off-by: Waiman Long <longman@redhat.com>
+Acked-by: Michal Hocko <mhocko@suse.com>
+Cc: David Howells <dhowells@redhat.com>
+Cc: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
+Cc: James Morris <jmorris@namei.org>
+Cc: "Serge E. Hallyn" <serge@hallyn.com>
+Cc: Joe Perches <joe@perches.com>
+Cc: Matthew Wilcox <willy@infradead.org>
+Cc: David Rientjes <rientjes@google.com>
+Cc: Johannes Weiner <hannes@cmpxchg.org>
+Cc: Dan Carpenter <dan.carpenter@oracle.com>
+Cc: "Jason A . Donenfeld" <Jason@zx2c4.com>
+Cc: <stable@vger.kernel.org>
+Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
+Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ mm/slab_common.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/mm/slab_common.c
++++ b/mm/slab_common.c
+@@ -1345,7 +1345,7 @@ void kzfree(const void *p)
+ if (unlikely(ZERO_OR_NULL_PTR(mem)))
+ return;
+ ks = ksize(mem);
+- memset(mem, 0, ks);
++ memzero_explicit(mem, ks);
+ kfree(mem);
+ }
+ EXPORT_SYMBOL(kzfree);
--- /dev/null
+From e5a15e17a78d58f933d17cafedfcf7486a29f5b4 Mon Sep 17 00:00:00 2001
+From: Junxiao Bi <junxiao.bi@oracle.com>
+Date: Thu, 25 Jun 2020 20:29:37 -0700
+Subject: ocfs2: fix panic on nfs server over ocfs2
+
+From: Junxiao Bi <junxiao.bi@oracle.com>
+
+commit e5a15e17a78d58f933d17cafedfcf7486a29f5b4 upstream.
+
+The following kernel panic was captured when running nfs server over
+ocfs2, at that time ocfs2_test_inode_bit() was checking whether one
+inode locating at "blkno" 5 was valid, that is ocfs2 root inode, its
+"suballoc_slot" was OCFS2_INVALID_SLOT(65535) and it was allocted from
+//global_inode_alloc, but here it wrongly assumed that it was got from per
+slot inode alloctor which would cause array overflow and trigger kernel
+panic.
+
+ BUG: unable to handle kernel paging request at 0000000000001088
+ IP: [<ffffffff816f6898>] _raw_spin_lock+0x18/0xf0
+ PGD 1e06ba067 PUD 1e9e7d067 PMD 0
+ Oops: 0002 [#1] SMP
+ CPU: 6 PID: 24873 Comm: nfsd Not tainted 4.1.12-124.36.1.el6uek.x86_64 #2
+ Hardware name: Huawei CH121 V3/IT11SGCA1, BIOS 3.87 02/02/2018
+ RIP: _raw_spin_lock+0x18/0xf0
+ RSP: e02b:ffff88005ae97908 EFLAGS: 00010206
+ RAX: ffff88005ae98000 RBX: 0000000000001088 RCX: 0000000000000000
+ RDX: 0000000000020000 RSI: 0000000000000009 RDI: 0000000000001088
+ RBP: ffff88005ae97928 R08: 0000000000000000 R09: ffff880212878e00
+ R10: 0000000000007ff0 R11: 0000000000000000 R12: 0000000000001088
+ R13: ffff8800063c0aa8 R14: ffff8800650c27d0 R15: 000000000000ffff
+ FS: 0000000000000000(0000) GS:ffff880218180000(0000) knlGS:ffff880218180000
+ CS: e033 DS: 0000 ES: 0000 CR0: 0000000080050033
+ CR2: 0000000000001088 CR3: 00000002033d0000 CR4: 0000000000042660
+ Call Trace:
+ igrab+0x1e/0x60
+ ocfs2_get_system_file_inode+0x63/0x3a0 [ocfs2]
+ ocfs2_test_inode_bit+0x328/0xa00 [ocfs2]
+ ocfs2_get_parent+0xba/0x3e0 [ocfs2]
+ reconnect_path+0xb5/0x300
+ exportfs_decode_fh+0xf6/0x2b0
+ fh_verify+0x350/0x660 [nfsd]
+ nfsd4_putfh+0x4d/0x60 [nfsd]
+ nfsd4_proc_compound+0x3d3/0x6f0 [nfsd]
+ nfsd_dispatch+0xe0/0x290 [nfsd]
+ svc_process_common+0x412/0x6a0 [sunrpc]
+ svc_process+0x123/0x210 [sunrpc]
+ nfsd+0xff/0x170 [nfsd]
+ kthread+0xcb/0xf0
+ ret_from_fork+0x61/0x90
+ Code: 83 c2 02 0f b7 f2 e8 18 dc 91 ff 66 90 eb bf 0f 1f 40 00 55 48 89 e5 41 56 41 55 41 54 53 0f 1f 44 00 00 48 89 fb ba 00 00 02 00 <f0> 0f c1 17 89 d0 45 31 e4 45 31 ed c1 e8 10 66 39 d0 41 89 c6
+ RIP _raw_spin_lock+0x18/0xf0
+ CR2: 0000000000001088
+ ---[ end trace 7264463cd1aac8f9 ]---
+ Kernel panic - not syncing: Fatal exception
+
+Link: http://lkml.kernel.org/r/20200616183829.87211-4-junxiao.bi@oracle.com
+Signed-off-by: Junxiao Bi <junxiao.bi@oracle.com>
+Reviewed-by: Joseph Qi <joseph.qi@linux.alibaba.com>
+Cc: Changwei Ge <gechangwei@live.cn>
+Cc: Gang He <ghe@suse.com>
+Cc: Joel Becker <jlbec@evilplan.org>
+Cc: Jun Piao <piaojun@huawei.com>
+Cc: Mark Fasheh <mark@fasheh.com>
+Cc: <stable@vger.kernel.org>
+Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
+Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ fs/ocfs2/suballoc.c | 9 ++++++---
+ 1 file changed, 6 insertions(+), 3 deletions(-)
+
+--- a/fs/ocfs2/suballoc.c
++++ b/fs/ocfs2/suballoc.c
+@@ -2891,9 +2891,12 @@ int ocfs2_test_inode_bit(struct ocfs2_su
+ goto bail;
+ }
+
+- inode_alloc_inode =
+- ocfs2_get_system_file_inode(osb, INODE_ALLOC_SYSTEM_INODE,
+- suballoc_slot);
++ if (suballoc_slot == (u16)OCFS2_INVALID_SLOT)
++ inode_alloc_inode = ocfs2_get_system_file_inode(osb,
++ GLOBAL_INODE_ALLOC_SYSTEM_INODE, suballoc_slot);
++ else
++ inode_alloc_inode = ocfs2_get_system_file_inode(osb,
++ INODE_ALLOC_SYSTEM_INODE, suballoc_slot);
+ if (!inode_alloc_inode) {
+ /* the error code could be inaccurate, but we are not able to
+ * get the correct one. */
--- /dev/null
+From 9277f8334ffc719fe922d776444d6e4e884dbf30 Mon Sep 17 00:00:00 2001
+From: Junxiao Bi <junxiao.bi@oracle.com>
+Date: Thu, 25 Jun 2020 20:29:40 -0700
+Subject: ocfs2: fix value of OCFS2_INVALID_SLOT
+
+From: Junxiao Bi <junxiao.bi@oracle.com>
+
+commit 9277f8334ffc719fe922d776444d6e4e884dbf30 upstream.
+
+In the ocfs2 disk layout, slot number is 16 bits, but in ocfs2
+implementation, slot number is 32 bits. Usually this will not cause any
+issue, because slot number is converted from u16 to u32, but
+OCFS2_INVALID_SLOT was defined as -1, when an invalid slot number from
+disk was obtained, its value was (u16)-1, and it was converted to u32.
+Then the following checking in get_local_system_inode will be always
+skipped:
+
+ static struct inode **get_local_system_inode(struct ocfs2_super *osb,
+ int type,
+ u32 slot)
+ {
+ BUG_ON(slot == OCFS2_INVALID_SLOT);
+ ...
+ }
+
+Link: http://lkml.kernel.org/r/20200616183829.87211-5-junxiao.bi@oracle.com
+Signed-off-by: Junxiao Bi <junxiao.bi@oracle.com>
+Reviewed-by: Joseph Qi <joseph.qi@linux.alibaba.com>
+Cc: Mark Fasheh <mark@fasheh.com>
+Cc: Joel Becker <jlbec@evilplan.org>
+Cc: Changwei Ge <gechangwei@live.cn>
+Cc: Gang He <ghe@suse.com>
+Cc: Jun Piao <piaojun@huawei.com>
+Cc: <stable@vger.kernel.org>
+Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
+Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ fs/ocfs2/ocfs2_fs.h | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/fs/ocfs2/ocfs2_fs.h
++++ b/fs/ocfs2/ocfs2_fs.h
+@@ -304,7 +304,7 @@
+ #define OCFS2_MAX_SLOTS 255
+
+ /* Slot map indicator for an empty slot */
+-#define OCFS2_INVALID_SLOT -1
++#define OCFS2_INVALID_SLOT ((u16)-1)
+
+ #define OCFS2_VOL_UUID_LEN 16
+ #define OCFS2_MAX_VOL_LABEL_LEN 64
--- /dev/null
+From 7569d3c754e452769a5747eeeba488179e38a5da Mon Sep 17 00:00:00 2001
+From: Junxiao Bi <junxiao.bi@oracle.com>
+Date: Thu, 25 Jun 2020 20:29:33 -0700
+Subject: ocfs2: load global_inode_alloc
+
+From: Junxiao Bi <junxiao.bi@oracle.com>
+
+commit 7569d3c754e452769a5747eeeba488179e38a5da upstream.
+
+Set global_inode_alloc as OCFS2_FIRST_ONLINE_SYSTEM_INODE, that will
+make it load during mount. It can be used to test whether some
+global/system inodes are valid. One use case is that nfsd will test
+whether root inode is valid.
+
+Link: http://lkml.kernel.org/r/20200616183829.87211-3-junxiao.bi@oracle.com
+Signed-off-by: Junxiao Bi <junxiao.bi@oracle.com>
+Reviewed-by: Joseph Qi <joseph.qi@linux.alibaba.com>
+Cc: Changwei Ge <gechangwei@live.cn>
+Cc: Gang He <ghe@suse.com>
+Cc: Joel Becker <jlbec@evilplan.org>
+Cc: Jun Piao <piaojun@huawei.com>
+Cc: Mark Fasheh <mark@fasheh.com>
+Cc: <stable@vger.kernel.org>
+Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
+Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ fs/ocfs2/ocfs2_fs.h | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/fs/ocfs2/ocfs2_fs.h
++++ b/fs/ocfs2/ocfs2_fs.h
+@@ -340,8 +340,8 @@ struct ocfs2_system_inode_info {
+ enum {
+ BAD_BLOCK_SYSTEM_INODE = 0,
+ GLOBAL_INODE_ALLOC_SYSTEM_INODE,
++#define OCFS2_FIRST_ONLINE_SYSTEM_INODE GLOBAL_INODE_ALLOC_SYSTEM_INODE
+ SLOT_MAP_SYSTEM_INODE,
+-#define OCFS2_FIRST_ONLINE_SYSTEM_INODE SLOT_MAP_SYSTEM_INODE
+ HEARTBEAT_SYSTEM_INODE,
+ GLOBAL_BITMAP_SYSTEM_INODE,
+ USER_QUOTA_SYSTEM_INODE,
alsa-hda-add-nvidia-codec-ids-9a-9d-through-a0-to-patch-table.patch
acpi-sysfs-fix-pm_profile_attr-type.patch
kvm-x86-fix-msr-range-of-apic-registers-in-x2apic-mode.patch
+mm-slab-use-memzero_explicit-in-kzfree.patch
+ocfs2-load-global_inode_alloc.patch
+ocfs2-fix-value-of-ocfs2_invalid_slot.patch
+ocfs2-fix-panic-on-nfs-server-over-ocfs2.patch
+arm64-perf-report-the-pc-value-in-regs_abi_32-mode.patch
projects / thirdparty / kernel / stable-queue.git / commitdiff
