+++ /dev/null
-From 7982effd2e5da77dcf1dfbd2515e9cb512d7bb33 Mon Sep 17 00:00:00 2001
-From: Sasha Levin <sashal@kernel.org>
-Date: Mon, 15 Jul 2024 12:07:29 +0200
-Subject: s390/cpum_cf: Fix endless loop in CF_DIAG event stop
-
-From: Thomas Richter <tmricht@linux.ibm.com>
-
-[ Upstream commit e6ce1f12d777f6ee22b20e10ae6a771e7e6f44f5 ]
-
-Event CF_DIAG reads out complete counter sets using stcctm
-instruction. This is done at event start time when the process
-starts execution and at event stop time when the process is
-removed from the CPU. During removal the difference of each
-counter in the counter sets is calculated and saved as raw data
-in the ring buffer. This works fine unless the number of counters
-in a counter set is zero. This may happen for the extended counter
-set. This set is machine specific and the size of the counter
-set can be zero even when extended counter set is authorized for
-read access.
-
-This case is not handled. cfdiag_diffctr() checks authorization
-of the extended counter set. If true the functions assumes
-the extended counter set has been saved in a data buffer. However
-this is not the case, cfdiag_getctrset() does not save a counter
-set with counter set size of zero. This mismatch causes an endless
-loop in the counter set readout during event stop handling.
-
-The calculation of the difference of the counters in each counter
-now verifies the size of the counter set is non-zero. A counter set
-with size zero is skipped.
-
-Fixes: a029a4eab39e ("s390/cpumf: Allow concurrent access for CPU Measurement Counter Facility")
-Signed-off-by: Thomas Richter <tmricht@linux.ibm.com>
-Acked-by: Sumanth Korikkar <sumanthk@linux.ibm.com>
-Acked-by: Heiko Carstens <hca@linux.ibm.com>
-Cc: Heiko Carstens <hca@linux.ibm.com>
-Cc: Vasily Gorbik <gor@linux.ibm.com>
-Cc: Alexander Gordeev <agordeev@linux.ibm.com>
-Signed-off-by: Vasily Gorbik <gor@linux.ibm.com>
-Signed-off-by: Sasha Levin <sashal@kernel.org>
----
- arch/s390/kernel/perf_cpum_cf.c | 14 ++++++++++----
- 1 file changed, 10 insertions(+), 4 deletions(-)
-
-diff --git a/arch/s390/kernel/perf_cpum_cf.c b/arch/s390/kernel/perf_cpum_cf.c
-index d2a2a18b55808..34b8d9410503d 100644
---- a/arch/s390/kernel/perf_cpum_cf.c
-+++ b/arch/s390/kernel/perf_cpum_cf.c
-@@ -213,25 +213,31 @@ static int cfdiag_diffctr(struct cpu_cf_events *cpuhw, unsigned long auth)
- struct cf_trailer_entry *trailer_start, *trailer_stop;
- struct cf_ctrset_entry *ctrstart, *ctrstop;
- size_t offset = 0;
-+ int i;
-
-- auth &= (1 << CPUMF_LCCTL_ENABLE_SHIFT) - 1;
-- do {
-+ for (i = CPUMF_CTR_SET_BASIC; i < CPUMF_CTR_SET_MAX; ++i) {
- ctrstart = (struct cf_ctrset_entry *)(cpuhw->start + offset);
- ctrstop = (struct cf_ctrset_entry *)(cpuhw->stop + offset);
-
-+ /* Counter set not authorized */
-+ if (!(auth & cpumf_ctr_ctl[i]))
-+ continue;
-+ /* Counter set size zero was not saved */
-+ if (!cpum_cf_read_setsize(i))
-+ continue;
-+
- if (memcmp(ctrstop, ctrstart, sizeof(*ctrstop))) {
- pr_err_once("cpum_cf_diag counter set compare error "
- "in set %i\n", ctrstart->set);
- return 0;
- }
-- auth &= ~cpumf_ctr_ctl[ctrstart->set];
- if (ctrstart->def == CF_DIAG_CTRSET_DEF) {
- cfdiag_diffctrset((u64 *)(ctrstart + 1),
- (u64 *)(ctrstop + 1), ctrstart->ctr);
- offset += ctrstart->ctr * sizeof(u64) +
- sizeof(*ctrstart);
- }
-- } while (ctrstart->def && auth);
-+ }
-
- /* Save time_stamp from start of event in stop's trailer */
- trailer_start = (struct cf_trailer_entry *)(cpuhw->start + offset);
---
-2.43.0
-
s390-pci-rework-msi-descriptor-walk.patch
s390-pci-refactor-arch_setup_msi_irqs.patch
s390-pci-allow-allocation-of-more-than-1-msi-interru.patch
-s390-cpum_cf-fix-endless-loop-in-cf_diag-event-stop.patch
iommu-sprd-avoid-null-deref-in-sprd_iommu_hw_en.patch
nvme-split-command-copy-into-a-helper.patch
nvme-separate-command-prep-and-issue.patch
+++ /dev/null
-From 86a1ad74ba3b3400f4c52a5c7de2cfe44792289e Mon Sep 17 00:00:00 2001
-From: Sasha Levin <sashal@kernel.org>
-Date: Mon, 15 Jul 2024 12:07:29 +0200
-Subject: s390/cpum_cf: Fix endless loop in CF_DIAG event stop
-
-From: Thomas Richter <tmricht@linux.ibm.com>
-
-[ Upstream commit e6ce1f12d777f6ee22b20e10ae6a771e7e6f44f5 ]
-
-Event CF_DIAG reads out complete counter sets using stcctm
-instruction. This is done at event start time when the process
-starts execution and at event stop time when the process is
-removed from the CPU. During removal the difference of each
-counter in the counter sets is calculated and saved as raw data
-in the ring buffer. This works fine unless the number of counters
-in a counter set is zero. This may happen for the extended counter
-set. This set is machine specific and the size of the counter
-set can be zero even when extended counter set is authorized for
-read access.
-
-This case is not handled. cfdiag_diffctr() checks authorization
-of the extended counter set. If true the functions assumes
-the extended counter set has been saved in a data buffer. However
-this is not the case, cfdiag_getctrset() does not save a counter
-set with counter set size of zero. This mismatch causes an endless
-loop in the counter set readout during event stop handling.
-
-The calculation of the difference of the counters in each counter
-now verifies the size of the counter set is non-zero. A counter set
-with size zero is skipped.
-
-Fixes: a029a4eab39e ("s390/cpumf: Allow concurrent access for CPU Measurement Counter Facility")
-Signed-off-by: Thomas Richter <tmricht@linux.ibm.com>
-Acked-by: Sumanth Korikkar <sumanthk@linux.ibm.com>
-Acked-by: Heiko Carstens <hca@linux.ibm.com>
-Cc: Heiko Carstens <hca@linux.ibm.com>
-Cc: Vasily Gorbik <gor@linux.ibm.com>
-Cc: Alexander Gordeev <agordeev@linux.ibm.com>
-Signed-off-by: Vasily Gorbik <gor@linux.ibm.com>
-Signed-off-by: Sasha Levin <sashal@kernel.org>
----
- arch/s390/kernel/perf_cpum_cf.c | 14 ++++++++++----
- 1 file changed, 10 insertions(+), 4 deletions(-)
-
-diff --git a/arch/s390/kernel/perf_cpum_cf.c b/arch/s390/kernel/perf_cpum_cf.c
-index 28fa80fd69fa0..3b7fbc14aa4a4 100644
---- a/arch/s390/kernel/perf_cpum_cf.c
-+++ b/arch/s390/kernel/perf_cpum_cf.c
-@@ -213,25 +213,31 @@ static int cfdiag_diffctr(struct cpu_cf_events *cpuhw, unsigned long auth)
- struct cf_trailer_entry *trailer_start, *trailer_stop;
- struct cf_ctrset_entry *ctrstart, *ctrstop;
- size_t offset = 0;
-+ int i;
-
-- auth &= (1 << CPUMF_LCCTL_ENABLE_SHIFT) - 1;
-- do {
-+ for (i = CPUMF_CTR_SET_BASIC; i < CPUMF_CTR_SET_MAX; ++i) {
- ctrstart = (struct cf_ctrset_entry *)(cpuhw->start + offset);
- ctrstop = (struct cf_ctrset_entry *)(cpuhw->stop + offset);
-
-+ /* Counter set not authorized */
-+ if (!(auth & cpumf_ctr_ctl[i]))
-+ continue;
-+ /* Counter set size zero was not saved */
-+ if (!cpum_cf_read_setsize(i))
-+ continue;
-+
- if (memcmp(ctrstop, ctrstart, sizeof(*ctrstop))) {
- pr_err_once("cpum_cf_diag counter set compare error "
- "in set %i\n", ctrstart->set);
- return 0;
- }
-- auth &= ~cpumf_ctr_ctl[ctrstart->set];
- if (ctrstart->def == CF_DIAG_CTRSET_DEF) {
- cfdiag_diffctrset((u64 *)(ctrstart + 1),
- (u64 *)(ctrstop + 1), ctrstart->ctr);
- offset += ctrstart->ctr * sizeof(u64) +
- sizeof(*ctrstart);
- }
-- } while (ctrstart->def && auth);
-+ }
-
- /* Save time_stamp from start of event in stop's trailer */
- trailer_start = (struct cf_trailer_entry *)(cpuhw->start + offset);
---
-2.43.0
-
ceph-fix-incorrect-kmalloc-size-of-pagevec-mempool.patch
s390-pci-refactor-arch_setup_msi_irqs.patch
s390-pci-allow-allocation-of-more-than-1-msi-interru.patch
-s390-cpum_cf-fix-endless-loop-in-cf_diag-event-stop.patch
iommu-sprd-avoid-null-deref-in-sprd_iommu_hw_en.patch
io_uring-fix-io_match_task-must_hold.patch
nvme-pci-add-missing-condition-check-for-existence-o.patch
projects / thirdparty / kernel / stable-queue.git / commitdiff
