5.10-stable patches

added patches:
	crypto-api-move-cryptomgr-soft-dependency-into-algapi.patch
	kvm-s390-return-error-on-sida-memop-on-normal-guest.patch

diff --git a/queue-5.10/crypto-api-move-cryptomgr-soft-dependency-into-algapi.patch b/queue-5.10/crypto-api-move-cryptomgr-soft-dependency-into-algapi.patch
new file mode 100644 (file)
index 0000000..5355220
--- /dev/null
+++ b/queue-5.10/crypto-api-move-cryptomgr-soft-dependency-into-algapi.patch
@@ -0,0 +1,39 @@
+From c6ce9c5831cae515d375a01b97ae1778689acf19 Mon Sep 17 00:00:00 2001
+From: Herbert Xu <herbert@gondor.apana.org.au>
+Date: Wed, 2 Feb 2022 17:46:48 +1100
+Subject: crypto: api - Move cryptomgr soft dependency into algapi
+
+From: Herbert Xu <herbert@gondor.apana.org.au>
+
+commit c6ce9c5831cae515d375a01b97ae1778689acf19 upstream.
+
+The soft dependency on cryptomgr is only needed in algapi because
+if algapi isn't present then no algorithms can be loaded.  This
+also fixes the case where api is built-in but algapi is built as
+a module as the soft dependency would otherwise get lost.
+
+Fixes: 8ab23d547f65 ("crypto: api - Add softdep on cryptomgr")
+Reported-by: Jan Beulich <jbeulich@suse.com>
+Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
+Tested-by: Jan Beulich <jbeulich@suse.com>
+Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ crypto/algapi.c |    1 +
+ crypto/api.c    |    1 -
+ 2 files changed, 1 insertion(+), 1 deletion(-)
+
+--- a/crypto/algapi.c
++++ b/crypto/algapi.c
+@@ -1295,3 +1295,4 @@ module_exit(crypto_algapi_exit);
+ 
+ MODULE_LICENSE("GPL");
+ MODULE_DESCRIPTION("Cryptographic algorithms API");
++MODULE_SOFTDEP("pre: cryptomgr");
+--- a/crypto/api.c
++++ b/crypto/api.c
+@@ -603,4 +603,3 @@ EXPORT_SYMBOL_GPL(crypto_req_done);
+ 
+ MODULE_DESCRIPTION("Cryptographic core API");
+ MODULE_LICENSE("GPL");
+-MODULE_SOFTDEP("pre: cryptomgr");

diff --git a/queue-5.10/kvm-s390-return-error-on-sida-memop-on-normal-guest.patch b/queue-5.10/kvm-s390-return-error-on-sida-memop-on-normal-guest.patch
new file mode 100644 (file)
index 0000000..1c10d83
--- /dev/null
+++ b/queue-5.10/kvm-s390-return-error-on-sida-memop-on-normal-guest.patch
@@ -0,0 +1,33 @@
+From 2c212e1baedcd782b2535a3f86bc491977677c0e Mon Sep 17 00:00:00 2001
+From: Janis Schoetterl-Glausch <scgl@linux.ibm.com>
+Date: Fri, 28 Jan 2022 15:06:43 +0100
+Subject: KVM: s390: Return error on SIDA memop on normal guest
+
+From: Janis Schoetterl-Glausch <scgl@linux.ibm.com>
+
+commit 2c212e1baedcd782b2535a3f86bc491977677c0e upstream.
+
+Refuse SIDA memops on guests which are not protected.
+For normal guests, the secure instruction data address designation,
+which determines the location we access, is not under control of KVM.
+
+Fixes: 19e122776886 (KVM: S390: protvirt: Introduce instruction data area bounce buffer)
+Signed-off-by: Janis Schoetterl-Glausch <scgl@linux.ibm.com>
+Cc: stable@vger.kernel.org
+Signed-off-by: Christian Borntraeger <borntraeger@linux.ibm.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ arch/s390/kvm/kvm-s390.c |    2 ++
+ 1 file changed, 2 insertions(+)
+
+--- a/arch/s390/kvm/kvm-s390.c
++++ b/arch/s390/kvm/kvm-s390.c
+@@ -4654,6 +4654,8 @@ static long kvm_s390_guest_sida_op(struc
+               return -EINVAL;
+       if (mop->size + mop->sida_offset > sida_size(vcpu->arch.sie_block))
+               return -E2BIG;
++      if (!kvm_s390_pv_cpu_is_protected(vcpu))
++              return -EINVAL;
+ 
+       switch (mop->op) {
+       case KVM_S390_MEMOP_SIDA_READ:

diff --git a/queue-5.10/series b/queue-5.10/series
index ff12c79e2b1385e6cd4045ad7d01733b180eaa79..3dec649e3215ffb345fff5e9959920ed7628c993 100644 (file)
--- a/queue-5.10/series
+++ b/queue-5.10/series
@@ -1 +1,3 @@
 moxart-fix-potential-use-after-free-on-remove-path.patch
+kvm-s390-return-error-on-sida-memop-on-normal-guest.patch
+crypto-api-move-cryptomgr-soft-dependency-into-algapi.patch