--- /dev/null
+From 0288c3e709e5fabd51e84715c5c798a02f43061a Mon Sep 17 00:00:00 2001
+From: Jesse Brandeburg <jesse.brandeburg@intel.com>
+Date: Wed, 11 Oct 2023 16:33:33 -0700
+Subject: ice: reset first in crash dump kernels
+
+From: Jesse Brandeburg <jesse.brandeburg@intel.com>
+
+commit 0288c3e709e5fabd51e84715c5c798a02f43061a upstream.
+
+When the system boots into the crash dump kernel after a panic, the ice
+networking device may still have pending transactions that can cause errors
+or machine checks when the device is re-enabled. This can prevent the crash
+dump kernel from loading the driver or collecting the crash data.
+
+To avoid this issue, perform a function level reset (FLR) on the ice device
+via PCIe config space before enabling it on the crash kernel. This will
+clear any outstanding transactions and stop all queues and interrupts.
+Restore the config space after the FLR, otherwise it was found in testing
+that the driver wouldn't load successfully.
+
+The following sequence causes the original issue:
+- Load the ice driver with modprobe ice
+- Enable SR-IOV with 2 VFs: echo 2 > /sys/class/net/eth0/device/sriov_num_vfs
+- Trigger a crash with echo c > /proc/sysrq-trigger
+- Load the ice driver again (or let it load automatically) with modprobe ice
+- The system crashes again during pcim_enable_device()
+
+Fixes: 837f08fdecbe ("ice: Add basic driver framework for Intel(R) E800 Series")
+Reported-by: Vishal Agrawal <vagrawal@redhat.com>
+Reviewed-by: Jay Vosburgh <jay.vosburgh@canonical.com>
+Reviewed-by: Przemek Kitszel <przemyslaw.kitszel@intel.com>
+Signed-off-by: Jesse Brandeburg <jesse.brandeburg@intel.com>
+Tested-by: Pucha Himasekhar Reddy <himasekharx.reddy.pucha@intel.com> (A Contingent worker at Intel)
+Link: https://lore.kernel.org/r/20231011233334.336092-3-jacob.e.keller@intel.com
+Signed-off-by: Jakub Kicinski <kuba@kernel.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ drivers/net/ethernet/intel/ice/ice_main.c | 15 +++++++++++++++
+ 1 file changed, 15 insertions(+)
+
+--- a/drivers/net/ethernet/intel/ice/ice_main.c
++++ b/drivers/net/ethernet/intel/ice/ice_main.c
+@@ -6,6 +6,7 @@
+ #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
+
+ #include <generated/utsrelease.h>
++#include <linux/crash_dump.h>
+ #include "ice.h"
+ #include "ice_base.h"
+ #include "ice_lib.h"
+@@ -4025,6 +4026,20 @@ ice_probe(struct pci_dev *pdev, const st
+ return -EINVAL;
+ }
+
++ /* when under a kdump kernel initiate a reset before enabling the
++ * device in order to clear out any pending DMA transactions. These
++ * transactions can cause some systems to machine check when doing
++ * the pcim_enable_device() below.
++ */
++ if (is_kdump_kernel()) {
++ pci_save_state(pdev);
++ pci_clear_master(pdev);
++ err = pcie_flr(pdev);
++ if (err)
++ return err;
++ pci_restore_state(pdev);
++ }
++
+ /* this driver uses devres, see
+ * Documentation/driver-api/driver-model/devres.rst
+ */
--- /dev/null
+From a16eb25b09c02a54c1c1b449d4b6cfa2cf3f013a Mon Sep 17 00:00:00 2001
+From: Jim Mattson <jmattson@google.com>
+Date: Mon, 25 Sep 2023 17:34:47 +0000
+Subject: KVM: x86: Mask LVTPC when handling a PMI
+
+From: Jim Mattson <jmattson@google.com>
+
+commit a16eb25b09c02a54c1c1b449d4b6cfa2cf3f013a upstream.
+
+Per the SDM, "When the local APIC handles a performance-monitoring
+counters interrupt, it automatically sets the mask flag in the LVT
+performance counter register." Add this behavior to KVM's local APIC
+emulation.
+
+Failure to mask the LVTPC entry results in spurious PMIs, e.g. when
+running Linux as a guest, PMI handlers that do a "late_ack" spew a large
+number of "dazed and confused" spurious NMI warnings.
+
+Fixes: f5132b01386b ("KVM: Expose a version 2 architectural PMU to a guests")
+Cc: stable@vger.kernel.org
+Signed-off-by: Jim Mattson <jmattson@google.com>
+Tested-by: Mingwei Zhang <mizhang@google.com>
+Signed-off-by: Mingwei Zhang <mizhang@google.com>
+Link: https://lore.kernel.org/r/20230925173448.3518223-3-mizhang@google.com
+[sean: massage changelog, correct Fixes]
+Signed-off-by: Sean Christopherson <seanjc@google.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ arch/x86/kvm/lapic.c | 8 ++++++--
+ 1 file changed, 6 insertions(+), 2 deletions(-)
+
+--- a/arch/x86/kvm/lapic.c
++++ b/arch/x86/kvm/lapic.c
+@@ -2397,13 +2397,17 @@ int kvm_apic_local_deliver(struct kvm_la
+ {
+ u32 reg = kvm_lapic_get_reg(apic, lvt_type);
+ int vector, mode, trig_mode;
++ int r;
+
+ if (kvm_apic_hw_enabled(apic) && !(reg & APIC_LVT_MASKED)) {
+ vector = reg & APIC_VECTOR_MASK;
+ mode = reg & APIC_MODE_MASK;
+ trig_mode = reg & APIC_LVT_LEVEL_TRIGGER;
+- return __apic_accept_irq(apic, mode, vector, 1, trig_mode,
+- NULL);
++
++ r = __apic_accept_irq(apic, mode, vector, 1, trig_mode, NULL);
++ if (r && lvt_type == APIC_LVTPC)
++ kvm_lapic_set_reg(apic, APIC_LVTPC, reg | APIC_LVT_MASKED);
++ return r;
+ }
+ return 0;
+ }
--- /dev/null
+From 7937609cd387246aed994e81aa4fa951358fba41 Mon Sep 17 00:00:00 2001
+From: Krzysztof Kozlowski <krzysztof.kozlowski@linaro.org>
+Date: Fri, 13 Oct 2023 20:41:29 +0200
+Subject: nfc: nci: fix possible NULL pointer dereference in send_acknowledge()
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+From: Krzysztof Kozlowski <krzysztof.kozlowski@linaro.org>
+
+commit 7937609cd387246aed994e81aa4fa951358fba41 upstream.
+
+Handle memory allocation failure from nci_skb_alloc() (calling
+alloc_skb()) to avoid possible NULL pointer dereference.
+
+Reported-by: 黄思聪 <huangsicong@iie.ac.cn>
+Fixes: 391d8a2da787 ("NFC: Add NCI over SPI receive")
+Cc: <stable@vger.kernel.org>
+Signed-off-by: Krzysztof Kozlowski <krzysztof.kozlowski@linaro.org>
+Reviewed-by: Simon Horman <horms@kernel.org>
+Link: https://lore.kernel.org/r/20231013184129.18738-1-krzysztof.kozlowski@linaro.org
+Signed-off-by: Jakub Kicinski <kuba@kernel.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ net/nfc/nci/spi.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+--- a/net/nfc/nci/spi.c
++++ b/net/nfc/nci/spi.c
+@@ -151,6 +151,8 @@ static int send_acknowledge(struct nci_s
+ int ret;
+
+ skb = nci_skb_alloc(nspi->ndev, 0, GFP_KERNEL);
++ if (!skb)
++ return -ENOMEM;
+
+ /* add the NCI SPI header to the start of the buffer */
+ hdr = skb_push(skb, NCI_SPI_HDR_LEN);
--- /dev/null
+From c6df843348d6b71ea986266c12831cb60c2cf325 Mon Sep 17 00:00:00 2001
+From: Johan Hovold <johan+linaro@kernel.org>
+Date: Fri, 6 Oct 2023 10:21:04 +0200
+Subject: regmap: fix NULL deref on lookup
+
+From: Johan Hovold <johan+linaro@kernel.org>
+
+commit c6df843348d6b71ea986266c12831cb60c2cf325 upstream.
+
+Not all regmaps have a name so make sure to check for that to avoid
+dereferencing a NULL pointer when dev_get_regmap() is used to lookup a
+named regmap.
+
+Fixes: e84861fec32d ("regmap: dev_get_regmap_match(): fix string comparison")
+Cc: stable@vger.kernel.org # 5.8
+Cc: Marc Kleine-Budde <mkl@pengutronix.de>
+Signed-off-by: Johan Hovold <johan+linaro@kernel.org>
+Link: https://lore.kernel.org/r/20231006082104.16707-1-johan+linaro@kernel.org
+Signed-off-by: Mark Brown <broonie@kernel.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ drivers/base/regmap/regmap.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/drivers/base/regmap/regmap.c
++++ b/drivers/base/regmap/regmap.c
+@@ -1511,7 +1511,7 @@ static int dev_get_regmap_match(struct d
+
+ /* If the user didn't specify a name match any */
+ if (data)
+- return !strcmp((*r)->name, data);
++ return (*r)->name && !strcmp((*r)->name, data);
+ else
+ return 1;
+ }
bluetooth-hci_event-fix-coding-style.patch
bluetooth-avoid-memcmp-out-of-bounds-warning.patch
ice-fix-over-shifted-variable.patch
+ice-reset-first-in-crash-dump-kernels.patch
+nfc-nci-fix-possible-null-pointer-dereference-in-send_acknowledge.patch
+regmap-fix-null-deref-on-lookup.patch
+kvm-x86-mask-lvtpc-when-handling-a-pmi.patch
projects / thirdparty / kernel / stable-queue.git / commitdiff
