+++ /dev/null
-From e1c86210fe27428399643861b81b080eccd79f87 Mon Sep 17 00:00:00 2001
-From: Xiaoliang Yu <yxl_22@outlook.com>
-Date: Sat, 13 Mar 2021 07:54:53 +0800
-Subject: ALSA: hda/realtek: Apply headset-mic quirks for Xiaomi Redmibook Air
-
-From: Xiaoliang Yu <yxl_22@outlook.com>
-
-commit e1c86210fe27428399643861b81b080eccd79f87 upstream.
-
-There is another fix for headset-mic problem on Redmibook (1d72:1602),
-it also works on Redmibook Air (1d72:1947), which has the same issue.
-
-Signed-off-by: Xiaoliang Yu <yxl_22@outlook.com>
-Cc: <stable@vger.kernel.org>
-Link: https://lore.kernel.org/r/TYBP286MB02856DC016849DEA0F9B6A37EE6F9@TYBP286MB0285.JPNP286.PROD.OUTLOOK.COM
-Signed-off-by: Takashi Iwai <tiwai@suse.de>
-Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
----
- sound/pci/hda/patch_realtek.c | 1 +
- 1 file changed, 1 insertion(+)
-
---- a/sound/pci/hda/patch_realtek.c
-+++ b/sound/pci/hda/patch_realtek.c
-@@ -7265,6 +7265,7 @@ static const struct snd_pci_quirk alc269
- SND_PCI_QUIRK(0x19e5, 0x3204, "Huawei MBXP", ALC256_FIXUP_HUAWEI_MBXP_PINS),
- SND_PCI_QUIRK(0x1b7d, 0xa831, "Ordissimo EVE2 ", ALC269VB_FIXUP_ORDISSIMO_EVE2), /* Also known as Malata PC-B1303 */
- SND_PCI_QUIRK(0x1d72, 0x1901, "RedmiBook 14", ALC256_FIXUP_ASUS_HEADSET_MIC),
-+ SND_PCI_QUIRK(0x1d72, 0x1947, "RedmiBook Air", ALC255_FIXUP_XIAOMI_HEADSET_MIC),
- SND_PCI_QUIRK(0x10ec, 0x118c, "Medion EE4254 MD62100", ALC256_FIXUP_MEDION_HEADSET_NO_PRESENCE),
-
- #if 0
--- /dev/null
+From foo@baz Sat Mar 20 11:54:47 AM CET 2021
+From: Nicolas Boichat <drinkcat@chromium.org>
+Date: Sat, 20 Mar 2021 12:16:26 +0800
+Subject: lkdtm: don't move ctors to .rodata
+To: stable@vger.kernel.org
+Cc: groeck@chromium.org, Mark Rutland <mark.rutland@arm.com>, Arnd Bergmann <arnd@arndb.de>, Greg Kroah-Hartman <gregkh@linuxfoundation.org>, Kees Cook <keescook@chromium.org>, Nicolas Boichat <drinkcat@chromium.org>, clang-built-linux@googlegroups.com, linux-kernel@vger.kernel.org
+Message-ID: <20210320121614.for-stable-4.19.v2.2.I0387622b15d84eed675e48a0ba3be9c03b9f9e97@changeid>
+
+From: Nicolas Boichat <drinkcat@chromium.org>
+
+From: Mark Rutland <mark.rutland@arm.com>
+
+commit 3f618ab3323407ee4c6a6734a37eb6e9663ebfb9 upstream.
+
+When building with KASAN and LKDTM, clang may implictly generate an
+asan.module_ctor function in the LKDTM rodata object. The Makefile moves
+the lkdtm_rodata_do_nothing() function into .rodata by renaming the
+file's .text section to .rodata, and consequently also moves the ctor
+function into .rodata, leading to a boot time crash (splat below) when
+the ctor is invoked by do_ctors().
+
+Let's prevent this by marking the function as noinstr rather than
+notrace, and renaming the file's .noinstr.text to .rodata. Marking the
+function as noinstr will prevent tracing and kprobes, and will inhibit
+any undesireable compiler instrumentation.
+
+The ctor function (if any) will be placed in .text and will work
+correctly.
+
+Example splat before this patch is applied:
+
+[ 0.916359] Unable to handle kernel execute from non-executable memory at virtual address ffffa0006b60f5ac
+[ 0.922088] Mem abort info:
+[ 0.922828] ESR = 0x8600000e
+[ 0.923635] EC = 0x21: IABT (current EL), IL = 32 bits
+[ 0.925036] SET = 0, FnV = 0
+[ 0.925838] EA = 0, S1PTW = 0
+[ 0.926714] swapper pgtable: 4k pages, 48-bit VAs, pgdp=00000000427b3000
+[ 0.928489] [ffffa0006b60f5ac] pgd=000000023ffff003, p4d=000000023ffff003, pud=000000023fffe003, pmd=0068000042000f01
+[ 0.931330] Internal error: Oops: 8600000e [#1] PREEMPT SMP
+[ 0.932806] Modules linked in:
+[ 0.933617] CPU: 0 PID: 1 Comm: swapper/0 Not tainted 5.10.0-rc7 #2
+[ 0.935620] Hardware name: linux,dummy-virt (DT)
+[ 0.936924] pstate: 40400005 (nZcv daif +PAN -UAO -TCO BTYPE=--)
+[ 0.938609] pc : asan.module_ctor+0x0/0x14
+[ 0.939759] lr : do_basic_setup+0x4c/0x70
+[ 0.940889] sp : ffff27b600177e30
+[ 0.941815] x29: ffff27b600177e30 x28: 0000000000000000
+[ 0.943306] x27: 0000000000000000 x26: 0000000000000000
+[ 0.944803] x25: 0000000000000000 x24: 0000000000000000
+[ 0.946289] x23: 0000000000000001 x22: 0000000000000000
+[ 0.947777] x21: ffffa0006bf4a890 x20: ffffa0006befb6c0
+[ 0.949271] x19: ffffa0006bef9358 x18: 0000000000000068
+[ 0.950756] x17: fffffffffffffff8 x16: 0000000000000000
+[ 0.952246] x15: 0000000000000000 x14: 0000000000000000
+[ 0.953734] x13: 00000000838a16d5 x12: 0000000000000001
+[ 0.955223] x11: ffff94000da74041 x10: dfffa00000000000
+[ 0.956715] x9 : 0000000000000000 x8 : ffffa0006b60f5ac
+[ 0.958199] x7 : f9f9f9f9f9f9f9f9 x6 : 000000000000003f
+[ 0.959683] x5 : 0000000000000040 x4 : 0000000000000000
+[ 0.961178] x3 : ffffa0006bdc15a0 x2 : 0000000000000005
+[ 0.962662] x1 : 00000000000000f9 x0 : ffffa0006bef9350
+[ 0.964155] Call trace:
+[ 0.964844] asan.module_ctor+0x0/0x14
+[ 0.965895] kernel_init_freeable+0x158/0x198
+[ 0.967115] kernel_init+0x14/0x19c
+[ 0.968104] ret_from_fork+0x10/0x30
+[ 0.969110] Code: 00000003 00000000 00000000 00000000 (00000000)
+[ 0.970815] ---[ end trace b5339784e20d015c ]---
+
+Cc: Arnd Bergmann <arnd@arndb.de>
+Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+Cc: Kees Cook <keescook@chromium.org>
+Acked-by: Kees Cook <keescook@chromium.org>
+Signed-off-by: Mark Rutland <mark.rutland@arm.com>
+Link: https://lore.kernel.org/r/20201207170533.10738-1-mark.rutland@arm.com
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+Signed-off-by: Nicolas Boichat <drinkcat@chromium.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+
+(no changes since v1)
+
+ drivers/misc/lkdtm/Makefile | 2 +-
+ drivers/misc/lkdtm/rodata.c | 2 +-
+ 2 files changed, 2 insertions(+), 2 deletions(-)
+
+--- a/drivers/misc/lkdtm/Makefile
++++ b/drivers/misc/lkdtm/Makefile
+@@ -13,7 +13,7 @@ KCOV_INSTRUMENT_rodata.o := n
+
+ OBJCOPYFLAGS :=
+ OBJCOPYFLAGS_rodata_objcopy.o := \
+- --rename-section .text=.rodata,alloc,readonly,load
++ --rename-section .noinstr.text=.rodata,alloc,readonly,load
+ targets += rodata.o rodata_objcopy.o
+ $(obj)/rodata_objcopy.o: $(obj)/rodata.o FORCE
+ $(call if_changed,objcopy)
+--- a/drivers/misc/lkdtm/rodata.c
++++ b/drivers/misc/lkdtm/rodata.c
+@@ -5,7 +5,7 @@
+ */
+ #include "lkdtm.h"
+
+-void notrace lkdtm_rodata_do_nothing(void)
++void noinstr lkdtm_rodata_do_nothing(void)
+ {
+ /* Does nothing. We just want an architecture agnostic "return". */
+ }
--- /dev/null
+From foo@baz Sat Mar 20 11:54:47 AM CET 2021
+From: Nicolas Boichat <drinkcat@chromium.org>
+Date: Sat, 20 Mar 2021 12:16:25 +0800
+Subject: vmlinux.lds.h: Create section for protection against instrumentation
+To: stable@vger.kernel.org
+Cc: groeck@chromium.org, Thomas Gleixner <tglx@linutronix.de>, Alexandre Chartre <alexandre.chartre@oracle.com>, Peter Zijlstra <peterz@infradead.org>, Nicolas Boichat <drinkcat@chromium.org>, Arnd Bergmann <arnd@arndb.de>, Benjamin Herrenschmidt <benh@kernel.crashing.org>, Christopher Li <sparse@chrisli.org>, Daniel Axtens <dja@axtens.net>, Greg Kroah-Hartman <gregkh@linuxfoundation.org>, Masahiro Yamada <yamada.masahiro@socionext.com>, Michael Ellerman <mpe@ellerman.id.au>, Michal Marek <michal.lkml@markovi.net>, "Naveen N. Rao" <naveen.n.rao@linux.vnet.ibm.com>, Nicholas Piggin <npiggin@gmail.com>, Paul Mackerras <paulus@samba.org>, linux-arch@vger.kernel.org, linux-kbuild@vger.kernel.org, linux-kernel@vger.kernel.org, linux-sparse@vger.kernel.org, linuxppc-dev@lists.ozlabs.org
+Message-ID: <20210320121614.for-stable-4.19.v2.1.I222f801866f71be9f7d85e5b10665cd4506d78ec@changeid>
+
+From: Nicolas Boichat <drinkcat@chromium.org>
+
+From: Thomas Gleixner <tglx@linutronix.de>
+
+commit 6553896666433e7efec589838b400a2a652b3ffa upstream.
+
+Some code pathes, especially the low level entry code, must be protected
+against instrumentation for various reasons:
+
+ - Low level entry code can be a fragile beast, especially on x86.
+
+ - With NO_HZ_FULL RCU state needs to be established before using it.
+
+Having a dedicated section for such code allows to validate with tooling
+that no unsafe functions are invoked.
+
+Add the .noinstr.text section and the noinstr attribute to mark
+functions. noinstr implies notrace. Kprobes will gain a section check
+later.
+
+Provide also a set of markers: instrumentation_begin()/end()
+
+These are used to mark code inside a noinstr function which calls
+into regular instrumentable text section as safe.
+
+The instrumentation markers are only active when CONFIG_DEBUG_ENTRY is
+enabled as the end marker emits a NOP to prevent the compiler from merging
+the annotation points. This means the objtool verification requires a
+kernel compiled with this option.
+
+Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
+Reviewed-by: Alexandre Chartre <alexandre.chartre@oracle.com>
+Acked-by: Peter Zijlstra <peterz@infradead.org>
+Link: https://lkml.kernel.org/r/20200505134100.075416272@linutronix.de
+
+[Nicolas:
+Guard noinstr macro in include/linux/compiler_types.h in __KERNEL__
+&& !__ASSEMBLY__, otherwise noinstr is expanded in the linker
+script construct.
+
+Upstream does not have this problem as many macros were moved by
+commit 71391bdd2e9a ("include/linux/compiler_types.h: don't pollute
+userspace with macro definitions"). We take the minimal approach here
+and just guard the new macro.
+
+Minor context conflicts in:
+ arch/powerpc/kernel/vmlinux.lds.S
+ include/asm-generic/vmlinux.lds.h
+ include/linux/compiler.h]
+Signed-off-by: Nicolas Boichat <drinkcat@chromium.org>
+
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+Technically guarding with !__ASSEMBLY__ should be enough, but
+there seems to be no reason to expose this new macro when
+!__KERNEL__, so let's just match what upstream does.
+
+Changes in v2:
+ - Guard noinstr macro by __KERNEL__ && !__ASSEMBLY__ to prevent
+ expansion in linker script and match upstream.
+
+ arch/powerpc/kernel/vmlinux.lds.S | 1
+ include/asm-generic/sections.h | 3 ++
+ include/asm-generic/vmlinux.lds.h | 10 +++++++
+ include/linux/compiler.h | 54 ++++++++++++++++++++++++++++++++++++++
+ include/linux/compiler_types.h | 6 ++++
+ scripts/mod/modpost.c | 2 -
+ 6 files changed, 75 insertions(+), 1 deletion(-)
+
+--- a/arch/powerpc/kernel/vmlinux.lds.S
++++ b/arch/powerpc/kernel/vmlinux.lds.S
+@@ -99,6 +99,7 @@ SECTIONS
+ #endif
+ /* careful! __ftr_alt_* sections need to be close to .text */
+ *(.text.hot TEXT_MAIN .text.fixup .text.unlikely .fixup __ftr_alt_* .ref.text);
++ NOINSTR_TEXT
+ SCHED_TEXT
+ CPUIDLE_TEXT
+ LOCK_TEXT
+--- a/include/asm-generic/sections.h
++++ b/include/asm-generic/sections.h
+@@ -53,6 +53,9 @@ extern char __ctors_start[], __ctors_end
+ /* Start and end of .opd section - used for function descriptors. */
+ extern char __start_opd[], __end_opd[];
+
++/* Start and end of instrumentation protected text section */
++extern char __noinstr_text_start[], __noinstr_text_end[];
++
+ extern __visible const void __nosave_begin, __nosave_end;
+
+ /* Function descriptor handling (if any). Override in asm/sections.h */
+--- a/include/asm-generic/vmlinux.lds.h
++++ b/include/asm-generic/vmlinux.lds.h
+@@ -483,6 +483,15 @@
+ }
+
+ /*
++ * Non-instrumentable text section
++ */
++#define NOINSTR_TEXT \
++ ALIGN_FUNCTION(); \
++ __noinstr_text_start = .; \
++ *(.noinstr.text) \
++ __noinstr_text_end = .;
++
++/*
+ * .text section. Map to function alignment to avoid address changes
+ * during second ld run in second ld pass when generating System.map
+ *
+@@ -496,6 +505,7 @@
+ *(TEXT_MAIN .text.fixup) \
+ *(.text.unlikely .text.unlikely.*) \
+ *(.text.unknown .text.unknown.*) \
++ NOINSTR_TEXT \
+ *(.text..refcount) \
+ *(.ref.text) \
+ MEM_KEEP(init.text*) \
+--- a/include/linux/compiler.h
++++ b/include/linux/compiler.h
+@@ -129,11 +129,65 @@ void ftrace_likely_update(struct ftrace_
+ ".pushsection .discard.unreachable\n\t" \
+ ".long 999b - .\n\t" \
+ ".popsection\n\t"
++
++#ifdef CONFIG_DEBUG_ENTRY
++/* Begin/end of an instrumentation safe region */
++#define instrumentation_begin() ({ \
++ asm volatile("%c0:\n\t" \
++ ".pushsection .discard.instr_begin\n\t" \
++ ".long %c0b - .\n\t" \
++ ".popsection\n\t" : : "i" (__COUNTER__)); \
++})
++
++/*
++ * Because instrumentation_{begin,end}() can nest, objtool validation considers
++ * _begin() a +1 and _end() a -1 and computes a sum over the instructions.
++ * When the value is greater than 0, we consider instrumentation allowed.
++ *
++ * There is a problem with code like:
++ *
++ * noinstr void foo()
++ * {
++ * instrumentation_begin();
++ * ...
++ * if (cond) {
++ * instrumentation_begin();
++ * ...
++ * instrumentation_end();
++ * }
++ * bar();
++ * instrumentation_end();
++ * }
++ *
++ * If instrumentation_end() would be an empty label, like all the other
++ * annotations, the inner _end(), which is at the end of a conditional block,
++ * would land on the instruction after the block.
++ *
++ * If we then consider the sum of the !cond path, we'll see that the call to
++ * bar() is with a 0-value, even though, we meant it to happen with a positive
++ * value.
++ *
++ * To avoid this, have _end() be a NOP instruction, this ensures it will be
++ * part of the condition block and does not escape.
++ */
++#define instrumentation_end() ({ \
++ asm volatile("%c0: nop\n\t" \
++ ".pushsection .discard.instr_end\n\t" \
++ ".long %c0b - .\n\t" \
++ ".popsection\n\t" : : "i" (__COUNTER__)); \
++})
++#endif /* CONFIG_DEBUG_ENTRY */
++
+ #else
+ #define annotate_reachable()
+ #define annotate_unreachable()
+ #endif
+
++#ifndef instrumentation_begin
++#define instrumentation_begin() do { } while(0)
++#define instrumentation_end() do { } while(0)
++#endif
++
+ #ifndef ASM_UNREACHABLE
+ # define ASM_UNREACHABLE
+ #endif
+--- a/include/linux/compiler_types.h
++++ b/include/linux/compiler_types.h
+@@ -234,6 +234,12 @@ struct ftrace_likely_data {
+ #define notrace __attribute__((no_instrument_function))
+ #endif
+
++#if defined(__KERNEL__) && !defined(__ASSEMBLY__)
++/* Section for code which can't be instrumented at all */
++#define noinstr \
++ noinline notrace __attribute((__section__(".noinstr.text")))
++#endif
++
+ /*
+ * it doesn't make sense on ARM (currently the only user of __naked)
+ * to trace naked functions because then mcount is called without
+--- a/scripts/mod/modpost.c
++++ b/scripts/mod/modpost.c
+@@ -895,7 +895,7 @@ static void check_section(const char *mo
+
+ #define DATA_SECTIONS ".data", ".data.rel"
+ #define TEXT_SECTIONS ".text", ".text.unlikely", ".sched.text", \
+- ".kprobes.text", ".cpuidle.text"
++ ".kprobes.text", ".cpuidle.text", ".noinstr.text"
+ #define OTHER_TEXT_SECTIONS ".ref.text", ".head.text", ".spinlock.text", \
+ ".fixup", ".entry.text", ".exception.text", ".text.*", \
+ ".coldtext"
projects / thirdparty / kernel / stable-queue.git / commitdiff
