From: Sasha Levin Date: Sun, 29 Mar 2020 20:22:31 +0000 (-0400) Subject: Fixes for 4.14 X-Git-Tag: v5.6.1~69 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=387414a0357864451e5f8ac77784b79387971445;p=thirdparty%2Fkernel%2Fstable-queue.git Fixes for 4.14 Signed-off-by: Sasha Levin --- diff --git a/queue-4.14/arm64-dts-ls1043a-fman-erratum-a050385.patch b/queue-4.14/arm64-dts-ls1043a-fman-erratum-a050385.patch new file mode 100644 index 00000000000..d24f16e0cc5 --- /dev/null +++ b/queue-4.14/arm64-dts-ls1043a-fman-erratum-a050385.patch @@ -0,0 +1,36 @@ +From d07090d8877ec1ad1289dbfe782543f0df51348f Mon Sep 17 00:00:00 2001 +From: Sasha Levin +Date: Wed, 4 Mar 2020 18:04:26 +0200 +Subject: arm64: dts: ls1043a: FMan erratum A050385 + +From: Madalin Bucur + +[ Upstream commit b54d3900862374e1bb2846e6b39d79c896c0b200 ] + +The LS1043A SoC is affected by the A050385 erratum stating that +FMAN DMA read or writes under heavy traffic load may cause FMAN +internal resource leak thus stopping further packet processing. + +Signed-off-by: Madalin Bucur +Signed-off-by: David S. Miller +Signed-off-by: Sasha Levin +--- + arch/arm64/boot/dts/freescale/fsl-ls1043-post.dtsi | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/arch/arm64/boot/dts/freescale/fsl-ls1043-post.dtsi b/arch/arm64/boot/dts/freescale/fsl-ls1043-post.dtsi +index 169e171407a63..acd205ef329f7 100644 +--- a/arch/arm64/boot/dts/freescale/fsl-ls1043-post.dtsi ++++ b/arch/arm64/boot/dts/freescale/fsl-ls1043-post.dtsi +@@ -21,6 +21,8 @@ + }; + + &fman0 { ++ fsl,erratum-a050385; ++ + /* these aliases provide the FMan ports mapping */ + enet0: ethernet@e0000 { + }; +-- +2.20.1 + diff --git a/queue-4.14/batman-adv-don-t-schedule-ogm-for-disabled-interface.patch b/queue-4.14/batman-adv-don-t-schedule-ogm-for-disabled-interface.patch new file mode 100644 index 00000000000..b454b91ee3c --- /dev/null +++ b/queue-4.14/batman-adv-don-t-schedule-ogm-for-disabled-interface.patch @@ -0,0 +1,47 @@ +From 797216472830f43a460eda1ff7ce23ba802e75ff Mon Sep 17 00:00:00 2001 +From: Sasha Levin +Date: Sun, 16 Feb 2020 13:02:06 +0100 +Subject: batman-adv: Don't schedule OGM for disabled interface + +From: Sven Eckelmann + +[ Upstream commit 8e8ce08198de193e3d21d42e96945216e3d9ac7f ] + +A transmission scheduling for an interface which is currently dropped by +batadv_iv_ogm_iface_disable could still be in progress. The B.A.T.M.A.N. V +is simply cancelling the workqueue item in an synchronous way but this is +not possible with B.A.T.M.A.N. IV because the OGM submissions are +intertwined. + +Instead it has to stop submitting the OGM when it detect that the buffer +pointer is set to NULL. + +Reported-by: syzbot+a98f2016f40b9cd3818a@syzkaller.appspotmail.com +Reported-by: syzbot+ac36b6a33c28a491e929@syzkaller.appspotmail.com +Fixes: c6c8fea29769 ("net: Add batman-adv meshing protocol") +Signed-off-by: Sven Eckelmann +Cc: Hillf Danton +Signed-off-by: Simon Wunderlich +Signed-off-by: Sasha Levin +--- + net/batman-adv/bat_iv_ogm.c | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/net/batman-adv/bat_iv_ogm.c b/net/batman-adv/bat_iv_ogm.c +index 7a723e124dbb5..e6acd36f83a41 100644 +--- a/net/batman-adv/bat_iv_ogm.c ++++ b/net/batman-adv/bat_iv_ogm.c +@@ -961,6 +961,10 @@ static void batadv_iv_ogm_schedule_buff(struct batadv_hard_iface *hard_iface) + + lockdep_assert_held(&hard_iface->bat_iv.ogm_buff_mutex); + ++ /* interface already disabled by batadv_iv_ogm_iface_disable */ ++ if (!*ogm_buff) ++ return; ++ + /* interface already disabled by batadv_iv_ogm_iface_disable */ + if (!*ogm_buff) + return; +-- +2.20.1 + diff --git a/queue-4.14/cgroup-v1-cgroup_pidlist_next-should-update-position.patch b/queue-4.14/cgroup-v1-cgroup_pidlist_next-should-update-position.patch new file mode 100644 index 00000000000..d5d0bfddb88 --- /dev/null +++ b/queue-4.14/cgroup-v1-cgroup_pidlist_next-should-update-position.patch @@ -0,0 +1,60 @@ +From 38fc445747238f43c5c138b808ef63ccfa5233a3 Mon Sep 17 00:00:00 2001 +From: Sasha Levin +Date: Thu, 30 Jan 2020 13:34:49 +0300 +Subject: cgroup-v1: cgroup_pidlist_next should update position index + +From: Vasily Averin + +[ Upstream commit db8dd9697238be70a6b4f9d0284cd89f59c0e070 ] + +if seq_file .next fuction does not change position index, +read after some lseek can generate unexpected output. + + # mount | grep cgroup + # dd if=/mnt/cgroup.procs bs=1 # normal output +... +1294 +1295 +1296 +1304 +1382 +584+0 records in +584+0 records out +584 bytes copied + +dd: /mnt/cgroup.procs: cannot skip to specified offset +83 <<< generates end of last line +1383 <<< ... and whole last line once again +0+1 records in +0+1 records out +8 bytes copied + +dd: /mnt/cgroup.procs: cannot skip to specified offset +1386 <<< generates last line anyway +0+1 records in +0+1 records out +5 bytes copied + +https://bugzilla.kernel.org/show_bug.cgi?id=206283 +Signed-off-by: Vasily Averin +Signed-off-by: Tejun Heo +Signed-off-by: Sasha Levin +--- + kernel/cgroup/cgroup-v1.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/kernel/cgroup/cgroup-v1.c b/kernel/cgroup/cgroup-v1.c +index a2c05d2476ac5..d148965180893 100644 +--- a/kernel/cgroup/cgroup-v1.c ++++ b/kernel/cgroup/cgroup-v1.c +@@ -501,6 +501,7 @@ static void *cgroup_pidlist_next(struct seq_file *s, void *v, loff_t *pos) + */ + p++; + if (p >= end) { ++ (*pos)++; + return NULL; + } else { + *pos = *p; +-- +2.20.1 + diff --git a/queue-4.14/cgroup1-don-t-call-release_agent-when-it-is.patch b/queue-4.14/cgroup1-don-t-call-release_agent-when-it-is.patch new file mode 100644 index 00000000000..06c1d308b48 --- /dev/null +++ b/queue-4.14/cgroup1-don-t-call-release_agent-when-it-is.patch @@ -0,0 +1,43 @@ +From 730bb5bbd9f2658844a11a86b6a18d520effa229 Mon Sep 17 00:00:00 2001 +From: Sasha Levin +Date: Wed, 19 Feb 2020 12:01:29 -0700 +Subject: cgroup1: don't call release_agent when it is "" + +From: Tycho Andersen + +[ Upstream commit 2e5383d7904e60529136727e49629a82058a5607 ] + +Older (and maybe current) versions of systemd set release_agent to "" when +shutting down, but do not set notify_on_release to 0. + +Since 64e90a8acb85 ("Introduce STATIC_USERMODEHELPER to mediate +call_usermodehelper()"), we filter out such calls when the user mode helper +path is "". However, when used in conjunction with an actual (i.e. non "") +STATIC_USERMODEHELPER, the path is never "", so the real usermode helper +will be called with argv[0] == "". + +Let's avoid this by not invoking the release_agent when it is "". + +Signed-off-by: Tycho Andersen +Signed-off-by: Tejun Heo +Signed-off-by: Sasha Levin +--- + kernel/cgroup/cgroup-v1.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/kernel/cgroup/cgroup-v1.c b/kernel/cgroup/cgroup-v1.c +index d148965180893..545f29c5268d7 100644 +--- a/kernel/cgroup/cgroup-v1.c ++++ b/kernel/cgroup/cgroup-v1.c +@@ -824,7 +824,7 @@ void cgroup1_release_agent(struct work_struct *work) + + pathbuf = kmalloc(PATH_MAX, GFP_KERNEL); + agentbuf = kstrdup(cgrp->root->release_agent_path, GFP_KERNEL); +- if (!pathbuf || !agentbuf) ++ if (!pathbuf || !agentbuf || !strlen(agentbuf)) + goto out; + + spin_lock_irq(&css_set_lock); +-- +2.20.1 + diff --git a/queue-4.14/cpupower-avoid-multiple-definition-with-gcc-fno-comm.patch b/queue-4.14/cpupower-avoid-multiple-definition-with-gcc-fno-comm.patch new file mode 100644 index 00000000000..19a2a2a0fde --- /dev/null +++ b/queue-4.14/cpupower-avoid-multiple-definition-with-gcc-fno-comm.patch @@ -0,0 +1,90 @@ +From d55c01a8f825e138d366ddfd0371bafb0ddcb635 Mon Sep 17 00:00:00 2001 +From: Sasha Levin +Date: Wed, 26 Feb 2020 14:33:59 -0500 +Subject: cpupower: avoid multiple definition with gcc -fno-common + +From: Mike Gilbert + +[ Upstream commit 2de7fb60a4740135e03cf55c1982e393ccb87b6b ] + +Building cpupower with -fno-common in CFLAGS results in errors due to +multiple definitions of the 'cpu_count' and 'start_time' variables. + +./utils/idle_monitor/snb_idle.o:./utils/idle_monitor/cpupower-monitor.h:28: +multiple definition of `cpu_count'; +./utils/idle_monitor/nhm_idle.o:./utils/idle_monitor/cpupower-monitor.h:28: +first defined here +... +./utils/idle_monitor/cpuidle_sysfs.o:./utils/idle_monitor/cpuidle_sysfs.c:22: +multiple definition of `start_time'; +./utils/idle_monitor/amd_fam14h_idle.o:./utils/idle_monitor/amd_fam14h_idle.c:85: +first defined here + +The -fno-common option will be enabled by default in GCC 10. + +Bug: https://bugs.gentoo.org/707462 +Signed-off-by: Mike Gilbert +Signed-off-by: Shuah Khan +Signed-off-by: Sasha Levin +--- + tools/power/cpupower/utils/idle_monitor/amd_fam14h_idle.c | 2 +- + tools/power/cpupower/utils/idle_monitor/cpuidle_sysfs.c | 2 +- + tools/power/cpupower/utils/idle_monitor/cpupower-monitor.c | 2 ++ + tools/power/cpupower/utils/idle_monitor/cpupower-monitor.h | 2 +- + 4 files changed, 5 insertions(+), 3 deletions(-) + +diff --git a/tools/power/cpupower/utils/idle_monitor/amd_fam14h_idle.c b/tools/power/cpupower/utils/idle_monitor/amd_fam14h_idle.c +index 2116df9ad8325..c097a3748674f 100644 +--- a/tools/power/cpupower/utils/idle_monitor/amd_fam14h_idle.c ++++ b/tools/power/cpupower/utils/idle_monitor/amd_fam14h_idle.c +@@ -83,7 +83,7 @@ static struct pci_access *pci_acc; + static struct pci_dev *amd_fam14h_pci_dev; + static int nbp1_entered; + +-struct timespec start_time; ++static struct timespec start_time; + static unsigned long long timediff; + + #ifdef DEBUG +diff --git a/tools/power/cpupower/utils/idle_monitor/cpuidle_sysfs.c b/tools/power/cpupower/utils/idle_monitor/cpuidle_sysfs.c +index 5b3205f162174..5277df27191f3 100644 +--- a/tools/power/cpupower/utils/idle_monitor/cpuidle_sysfs.c ++++ b/tools/power/cpupower/utils/idle_monitor/cpuidle_sysfs.c +@@ -21,7 +21,7 @@ struct cpuidle_monitor cpuidle_sysfs_monitor; + + static unsigned long long **previous_count; + static unsigned long long **current_count; +-struct timespec start_time; ++static struct timespec start_time; + static unsigned long long timediff; + + static int cpuidle_get_count_percent(unsigned int id, double *percent, +diff --git a/tools/power/cpupower/utils/idle_monitor/cpupower-monitor.c b/tools/power/cpupower/utils/idle_monitor/cpupower-monitor.c +index 05f953f0f0a0c..80a21cb67d94f 100644 +--- a/tools/power/cpupower/utils/idle_monitor/cpupower-monitor.c ++++ b/tools/power/cpupower/utils/idle_monitor/cpupower-monitor.c +@@ -29,6 +29,8 @@ struct cpuidle_monitor *all_monitors[] = { + 0 + }; + ++int cpu_count; ++ + static struct cpuidle_monitor *monitors[MONITORS_MAX]; + static unsigned int avail_monitors; + +diff --git a/tools/power/cpupower/utils/idle_monitor/cpupower-monitor.h b/tools/power/cpupower/utils/idle_monitor/cpupower-monitor.h +index 9e43f3371fbc6..3558bbae2b5dc 100644 +--- a/tools/power/cpupower/utils/idle_monitor/cpupower-monitor.h ++++ b/tools/power/cpupower/utils/idle_monitor/cpupower-monitor.h +@@ -18,7 +18,7 @@ + #define CSTATE_NAME_LEN 5 + #define CSTATE_DESC_LEN 60 + +-int cpu_count; ++extern int cpu_count; + + /* Hard to define the right names ...: */ + enum power_range_e { +-- +2.20.1 + diff --git a/queue-4.14/dpaa_eth-remove-unnecessary-boolean-expression-in-dp.patch b/queue-4.14/dpaa_eth-remove-unnecessary-boolean-expression-in-dp.patch new file mode 100644 index 00000000000..0c3230f6478 --- /dev/null +++ b/queue-4.14/dpaa_eth-remove-unnecessary-boolean-expression-in-dp.patch @@ -0,0 +1,57 @@ +From bc801e5108c1895ccdb478f9bb4d01608c3c93c7 Mon Sep 17 00:00:00 2001 +From: Sasha Levin +Date: Tue, 10 Mar 2020 15:06:54 -0700 +Subject: dpaa_eth: Remove unnecessary boolean expression in dpaa_get_headroom + +From: Nathan Chancellor + +[ Upstream commit 7395f62d95aafacdb9bd4996ec2f95b4a655d7e6 ] + +Clang warns: + +drivers/net/ethernet/freescale/dpaa/dpaa_eth.c:2860:9: warning: +converting the result of '?:' with integer constants to a boolean always +evaluates to 'true' [-Wtautological-constant-compare] + return DPAA_FD_DATA_ALIGNMENT ? ALIGN(headroom, + ^ +drivers/net/ethernet/freescale/dpaa/dpaa_eth.c:131:34: note: expanded +from macro 'DPAA_FD_DATA_ALIGNMENT' +\#define DPAA_FD_DATA_ALIGNMENT (fman_has_errata_a050385() ? 64 : 16) + ^ +1 warning generated. + +This was exposed by commit 3c68b8fffb48 ("dpaa_eth: FMan erratum A050385 +workaround") even though it appears to have been an issue since the +introductory commit 9ad1a3749333 ("dpaa_eth: add support for DPAA +Ethernet") since DPAA_FD_DATA_ALIGNMENT has never been able to be zero. + +Just replace the whole boolean expression with the true branch, as it is +always been true. + +Link: https://github.com/ClangBuiltLinux/linux/issues/928 +Signed-off-by: Nathan Chancellor +Reviewed-by: Madalin Bucur +Signed-off-by: David S. Miller +Signed-off-by: Sasha Levin +--- + drivers/net/ethernet/freescale/dpaa/dpaa_eth.c | 4 +--- + 1 file changed, 1 insertion(+), 3 deletions(-) + +diff --git a/drivers/net/ethernet/freescale/dpaa/dpaa_eth.c b/drivers/net/ethernet/freescale/dpaa/dpaa_eth.c +index 39b8b6730e77c..67246d42c3d9f 100644 +--- a/drivers/net/ethernet/freescale/dpaa/dpaa_eth.c ++++ b/drivers/net/ethernet/freescale/dpaa/dpaa_eth.c +@@ -2646,9 +2646,7 @@ static inline u16 dpaa_get_headroom(struct dpaa_buffer_layout *bl) + headroom = (u16)(bl->priv_data_size + DPAA_PARSE_RESULTS_SIZE + + DPAA_TIME_STAMP_SIZE + DPAA_HASH_RESULTS_SIZE); + +- return DPAA_FD_DATA_ALIGNMENT ? ALIGN(headroom, +- DPAA_FD_DATA_ALIGNMENT) : +- headroom; ++ return ALIGN(headroom, DPAA_FD_DATA_ALIGNMENT); + } + + static int dpaa_eth_probe(struct platform_device *pdev) +-- +2.20.1 + diff --git a/queue-4.14/drivers-of-of_mdio.c-fix-of_mdiobus_register.patch b/queue-4.14/drivers-of-of_mdio.c-fix-of_mdiobus_register.patch new file mode 100644 index 00000000000..d2aad6f4487 --- /dev/null +++ b/queue-4.14/drivers-of-of_mdio.c-fix-of_mdiobus_register.patch @@ -0,0 +1,36 @@ +From abb187ac82b175a2857e2bca6799f03e06ac9c10 Mon Sep 17 00:00:00 2001 +From: Sasha Levin +Date: Mon, 2 Mar 2020 20:24:21 -0800 +Subject: drivers/of/of_mdio.c:fix of_mdiobus_register() + +From: Dajun Jin + +[ Upstream commit 209c65b61d94344522c41a83cd6ce51aac5fd0a4 ] + +When registers a phy_device successful, should terminate the loop +or the phy_device would be registered in other addr. If there are +multiple PHYs without reg properties, it will go wrong. + +Signed-off-by: Dajun Jin +Reviewed-by: Andrew Lunn +Signed-off-by: David S. Miller +Signed-off-by: Sasha Levin +--- + drivers/of/of_mdio.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/drivers/of/of_mdio.c b/drivers/of/of_mdio.c +index fe26697d3bd72..69da2f6896dae 100644 +--- a/drivers/of/of_mdio.c ++++ b/drivers/of/of_mdio.c +@@ -259,6 +259,7 @@ int of_mdiobus_register(struct mii_bus *mdio, struct device_node *np) + rc = of_mdiobus_register_phy(mdio, child, addr); + if (rc && rc != -ENODEV) + goto unregister; ++ break; + } + } + } +-- +2.20.1 + diff --git a/queue-4.14/dt-bindings-net-fman-erratum-a050385.patch b/queue-4.14/dt-bindings-net-fman-erratum-a050385.patch new file mode 100644 index 00000000000..0b2e5c4d2bb --- /dev/null +++ b/queue-4.14/dt-bindings-net-fman-erratum-a050385.patch @@ -0,0 +1,89 @@ +From b0d6629b4618530ec5625b9175fad8d675d42f0e Mon Sep 17 00:00:00 2001 +From: Sasha Levin +Date: Wed, 4 Mar 2020 18:04:25 +0200 +Subject: dt-bindings: net: FMan erratum A050385 + +From: Madalin Bucur + +[ Upstream commit 26d5bb9e4c4b541c475751e015072eb2cbf70d15 ] + +FMAN DMA read or writes under heavy traffic load may cause FMAN +internal resource leak; thus stopping further packet processing. + +The FMAN internal queue can overflow when FMAN splits single +read or write transactions into multiple smaller transactions +such that more than 17 AXI transactions are in flight from FMAN +to interconnect. When the FMAN internal queue overflows, it can +stall further packet processing. The issue can occur with any one +of the following three conditions: + + 1. FMAN AXI transaction crosses 4K address boundary (Errata + A010022) + 2. FMAN DMA address for an AXI transaction is not 16 byte + aligned, i.e. the last 4 bits of an address are non-zero + 3. Scatter Gather (SG) frames have more than one SG buffer in + the SG list and any one of the buffers, except the last + buffer in the SG list has data size that is not a multiple + of 16 bytes, i.e., other than 16, 32, 48, 64, etc. + +With any one of the above three conditions present, there is +likelihood of stalled FMAN packet processing, especially under +stress with multiple ports injecting line-rate traffic. + +To avoid situations that stall FMAN packet processing, all of the +above three conditions must be avoided; therefore, configure the +system with the following rules: + + 1. Frame buffers must not span a 4KB address boundary, unless + the frame start address is 256 byte aligned + 2. All FMAN DMA start addresses (for example, BMAN buffer + address, FD[address] + FD[offset]) are 16B aligned + 3. SG table and buffer addresses are 16B aligned and the size + of SG buffers are multiple of 16 bytes, except for the last + SG buffer that can be of any size. + +Additional workaround notes: +- Address alignment of 64 bytes is recommended for maximally +efficient system bus transactions (although 16 byte alignment is +sufficient to avoid the stall condition) +- To support frame sizes that are larger than 4K bytes, there are +two options: + 1. Large single buffer frames that span a 4KB page boundary can + be converted into SG frames to avoid transaction splits at + the 4KB boundary, + 2. Align the large single buffer to 256B address boundaries, + ensure that the frame address plus offset is 256B aligned. +- If software generated SG frames have buffers that are unaligned +and with random non-multiple of 16 byte lengths, before +transmitting such frames via FMAN, frames will need to be copied +into a new single buffer or multiple buffer SG frame that is +compliant with the three rules listed above. + +Signed-off-by: Madalin Bucur +Signed-off-by: David S. Miller +Signed-off-by: Sasha Levin +--- + Documentation/devicetree/bindings/net/fsl-fman.txt | 7 +++++++ + 1 file changed, 7 insertions(+) + +diff --git a/Documentation/devicetree/bindings/net/fsl-fman.txt b/Documentation/devicetree/bindings/net/fsl-fman.txt +index df873d1f3b7c5..2aaae210317bb 100644 +--- a/Documentation/devicetree/bindings/net/fsl-fman.txt ++++ b/Documentation/devicetree/bindings/net/fsl-fman.txt +@@ -110,6 +110,13 @@ PROPERTIES + Usage: required + Definition: See soc/fsl/qman.txt and soc/fsl/bman.txt + ++- fsl,erratum-a050385 ++ Usage: optional ++ Value type: boolean ++ Definition: A boolean property. Indicates the presence of the ++ erratum A050385 which indicates that DMA transactions that are ++ split can result in a FMan lock. ++ + ============================================================================= + FMan MURAM Node + +-- +2.20.1 + diff --git a/queue-4.14/fsl-fman-detect-fman-erratum-a050385.patch b/queue-4.14/fsl-fman-detect-fman-erratum-a050385.patch new file mode 100644 index 00000000000..d176fae6390 --- /dev/null +++ b/queue-4.14/fsl-fman-detect-fman-erratum-a050385.patch @@ -0,0 +1,130 @@ +From c709cfe01b889ae7117fc043716bd9e783c0a7d3 Mon Sep 17 00:00:00 2001 +From: Sasha Levin +Date: Wed, 4 Mar 2020 18:04:27 +0200 +Subject: fsl/fman: detect FMan erratum A050385 + +From: Madalin Bucur + +[ Upstream commit b281f7b93b258ce1419043bbd898a29254d5c9c7 ] + +Detect the presence of the A050385 erratum. + +Signed-off-by: Madalin Bucur +Signed-off-by: David S. Miller +Signed-off-by: Sasha Levin +--- + drivers/net/ethernet/freescale/fman/Kconfig | 28 +++++++++++++++++++++ + drivers/net/ethernet/freescale/fman/fman.c | 18 +++++++++++++ + drivers/net/ethernet/freescale/fman/fman.h | 5 ++++ + 3 files changed, 51 insertions(+) + +diff --git a/drivers/net/ethernet/freescale/fman/Kconfig b/drivers/net/ethernet/freescale/fman/Kconfig +index 8870a9a798ca4..91437b94bfcb6 100644 +--- a/drivers/net/ethernet/freescale/fman/Kconfig ++++ b/drivers/net/ethernet/freescale/fman/Kconfig +@@ -8,3 +8,31 @@ config FSL_FMAN + help + Freescale Data-Path Acceleration Architecture Frame Manager + (FMan) support ++ ++config DPAA_ERRATUM_A050385 ++ bool ++ depends on ARM64 && FSL_DPAA ++ default y ++ help ++ DPAA FMan erratum A050385 software workaround implementation: ++ align buffers, data start, SG fragment length to avoid FMan DMA ++ splits. ++ FMAN DMA read or writes under heavy traffic load may cause FMAN ++ internal resource leak thus stopping further packet processing. ++ The FMAN internal queue can overflow when FMAN splits single ++ read or write transactions into multiple smaller transactions ++ such that more than 17 AXI transactions are in flight from FMAN ++ to interconnect. When the FMAN internal queue overflows, it can ++ stall further packet processing. The issue can occur with any ++ one of the following three conditions: ++ 1. FMAN AXI transaction crosses 4K address boundary (Errata ++ A010022) ++ 2. FMAN DMA address for an AXI transaction is not 16 byte ++ aligned, i.e. the last 4 bits of an address are non-zero ++ 3. Scatter Gather (SG) frames have more than one SG buffer in ++ the SG list and any one of the buffers, except the last ++ buffer in the SG list has data size that is not a multiple ++ of 16 bytes, i.e., other than 16, 32, 48, 64, etc. ++ With any one of the above three conditions present, there is ++ likelihood of stalled FMAN packet processing, especially under ++ stress with multiple ports injecting line-rate traffic. +diff --git a/drivers/net/ethernet/freescale/fman/fman.c b/drivers/net/ethernet/freescale/fman/fman.c +index 97425d94e280d..9080d2332d030 100644 +--- a/drivers/net/ethernet/freescale/fman/fman.c ++++ b/drivers/net/ethernet/freescale/fman/fman.c +@@ -1,5 +1,6 @@ + /* + * Copyright 2008-2015 Freescale Semiconductor Inc. ++ * Copyright 2020 NXP + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: +@@ -566,6 +567,10 @@ struct fman_cfg { + u32 qmi_def_tnums_thresh; + }; + ++#ifdef CONFIG_DPAA_ERRATUM_A050385 ++static bool fman_has_err_a050385; ++#endif ++ + static irqreturn_t fman_exceptions(struct fman *fman, + enum fman_exceptions exception) + { +@@ -2517,6 +2522,14 @@ struct fman *fman_bind(struct device *fm_dev) + } + EXPORT_SYMBOL(fman_bind); + ++#ifdef CONFIG_DPAA_ERRATUM_A050385 ++bool fman_has_errata_a050385(void) ++{ ++ return fman_has_err_a050385; ++} ++EXPORT_SYMBOL(fman_has_errata_a050385); ++#endif ++ + static irqreturn_t fman_err_irq(int irq, void *handle) + { + struct fman *fman = (struct fman *)handle; +@@ -2843,6 +2856,11 @@ static struct fman *read_dts_node(struct platform_device *of_dev) + goto fman_free; + } + ++#ifdef CONFIG_DPAA_ERRATUM_A050385 ++ fman_has_err_a050385 = ++ of_property_read_bool(fm_node, "fsl,erratum-a050385"); ++#endif ++ + return fman; + + fman_node_put: +diff --git a/drivers/net/ethernet/freescale/fman/fman.h b/drivers/net/ethernet/freescale/fman/fman.h +index bfa02e0014ae0..693401994fa2d 100644 +--- a/drivers/net/ethernet/freescale/fman/fman.h ++++ b/drivers/net/ethernet/freescale/fman/fman.h +@@ -1,5 +1,6 @@ + /* + * Copyright 2008-2015 Freescale Semiconductor Inc. ++ * Copyright 2020 NXP + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: +@@ -397,6 +398,10 @@ u16 fman_get_max_frm(void); + + int fman_get_rx_extra_headroom(void); + ++#ifdef CONFIG_DPAA_ERRATUM_A050385 ++bool fman_has_errata_a050385(void); ++#endif ++ + struct fman *fman_bind(struct device *dev); + + #endif /* __FM_H */ +-- +2.20.1 + diff --git a/queue-4.14/mac80211-do-not-send-mesh-hwmp-preq-if-hwmp-is-disab.patch b/queue-4.14/mac80211-do-not-send-mesh-hwmp-preq-if-hwmp-is-disab.patch new file mode 100644 index 00000000000..5f4715e1bde --- /dev/null +++ b/queue-4.14/mac80211-do-not-send-mesh-hwmp-preq-if-hwmp-is-disab.patch @@ -0,0 +1,38 @@ +From 8d7b41a03d67726f79cae2e3a18a5e4d24a647a2 Mon Sep 17 00:00:00 2001 +From: Sasha Levin +Date: Thu, 5 Mar 2020 15:04:09 +0100 +Subject: mac80211: Do not send mesh HWMP PREQ if HWMP is disabled + +From: Nicolas Cavallari + +[ Upstream commit ba32679cac50c38fdf488296f96b1f3175532b8e ] + +When trying to transmit to an unknown destination, the mesh code would +unconditionally transmit a HWMP PREQ even if HWMP is not the current +path selection algorithm. + +Signed-off-by: Nicolas Cavallari +Link: https://lore.kernel.org/r/20200305140409.12204-1-cavallar@lri.fr +Signed-off-by: Johannes Berg +Signed-off-by: Sasha Levin +--- + net/mac80211/mesh_hwmp.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/net/mac80211/mesh_hwmp.c b/net/mac80211/mesh_hwmp.c +index 994dde6e5f9d9..986e9b6b961d2 100644 +--- a/net/mac80211/mesh_hwmp.c ++++ b/net/mac80211/mesh_hwmp.c +@@ -1137,7 +1137,8 @@ int mesh_nexthop_resolve(struct ieee80211_sub_if_data *sdata, + } + } + +- if (!(mpath->flags & MESH_PATH_RESOLVING)) ++ if (!(mpath->flags & MESH_PATH_RESOLVING) && ++ mesh_path_sel_is_hwmp(sdata)) + mesh_queue_preq(mpath, PREQ_Q_F_START); + + if (skb_queue_len(&mpath->frame_queue) >= MESH_FRAME_QUEUE_LEN) +-- +2.20.1 + diff --git a/queue-4.14/scsi-ipr-fix-softlockup-when-rescanning-devices-in-p.patch b/queue-4.14/scsi-ipr-fix-softlockup-when-rescanning-devices-in-p.patch new file mode 100644 index 00000000000..299165a0577 --- /dev/null +++ b/queue-4.14/scsi-ipr-fix-softlockup-when-rescanning-devices-in-p.patch @@ -0,0 +1,107 @@ +From 059cad4899971d0063a22fe86d5c769ea3eef439 Mon Sep 17 00:00:00 2001 +From: Sasha Levin +Date: Fri, 6 Mar 2020 09:57:28 -0600 +Subject: scsi: ipr: Fix softlockup when rescanning devices in petitboot + +From: Wen Xiong + +[ Upstream commit 394b61711f3ce33f75bf70a3e22938464a13b3ee ] + +When trying to rescan disks in petitboot shell, we hit the following +softlockup stacktrace: + +Kernel panic - not syncing: System is deadlocked on memory +[ 241.223394] CPU: 32 PID: 693 Comm: sh Not tainted 5.4.16-openpower1 #1 +[ 241.223406] Call Trace: +[ 241.223415] [c0000003f07c3180] [c000000000493fc4] dump_stack+0xa4/0xd8 (unreliable) +[ 241.223432] [c0000003f07c31c0] [c00000000007d4ac] panic+0x148/0x3cc +[ 241.223446] [c0000003f07c3260] [c000000000114b10] out_of_memory+0x468/0x4c4 +[ 241.223461] [c0000003f07c3300] [c0000000001472b0] __alloc_pages_slowpath+0x594/0x6d8 +[ 241.223476] [c0000003f07c3420] [c00000000014757c] __alloc_pages_nodemask+0x188/0x1a4 +[ 241.223492] [c0000003f07c34a0] [c000000000153e10] alloc_pages_current+0xcc/0xd8 +[ 241.223508] [c0000003f07c34e0] [c0000000001577ac] alloc_slab_page+0x30/0x98 +[ 241.223524] [c0000003f07c3520] [c0000000001597fc] new_slab+0x138/0x40c +[ 241.223538] [c0000003f07c35f0] [c00000000015b204] ___slab_alloc+0x1e4/0x404 +[ 241.223552] [c0000003f07c36c0] [c00000000015b450] __slab_alloc+0x2c/0x48 +[ 241.223566] [c0000003f07c36f0] [c00000000015b754] kmem_cache_alloc_node+0x9c/0x1b4 +[ 241.223582] [c0000003f07c3760] [c000000000218c48] blk_alloc_queue_node+0x34/0x270 +[ 241.223599] [c0000003f07c37b0] [c000000000226574] blk_mq_init_queue+0x2c/0x78 +[ 241.223615] [c0000003f07c37e0] [c0000000002ff710] scsi_mq_alloc_queue+0x28/0x70 +[ 241.223631] [c0000003f07c3810] [c0000000003005b8] scsi_alloc_sdev+0x184/0x264 +[ 241.223647] [c0000003f07c38a0] [c000000000300ba0] scsi_probe_and_add_lun+0x288/0xa3c +[ 241.223663] [c0000003f07c3a00] [c000000000301768] __scsi_scan_target+0xcc/0x478 +[ 241.223679] [c0000003f07c3b20] [c000000000301c64] scsi_scan_channel.part.9+0x74/0x7c +[ 241.223696] [c0000003f07c3b70] [c000000000301df4] scsi_scan_host_selected+0xe0/0x158 +[ 241.223712] [c0000003f07c3bd0] [c000000000303f04] store_scan+0x104/0x114 +[ 241.223727] [c0000003f07c3cb0] [c0000000002d5ac4] dev_attr_store+0x30/0x4c +[ 241.223741] [c0000003f07c3cd0] [c0000000001dbc34] sysfs_kf_write+0x64/0x78 +[ 241.223756] [c0000003f07c3cf0] [c0000000001da858] kernfs_fop_write+0x170/0x1b8 +[ 241.223773] [c0000003f07c3d40] [c0000000001621fc] __vfs_write+0x34/0x60 +[ 241.223787] [c0000003f07c3d60] [c000000000163c2c] vfs_write+0xa8/0xcc +[ 241.223802] [c0000003f07c3db0] [c000000000163df4] ksys_write+0x70/0xbc +[ 241.223816] [c0000003f07c3e20] [c00000000000b40c] system_call+0x5c/0x68 + +As a part of the scan process Linux will allocate and configure a +scsi_device for each target to be scanned. If the device is not present, +then the scsi_device is torn down. As a part of scsi_device teardown a +workqueue item will be scheduled and the lockups we see are because there +are 250k workqueue items to be processed. Accoding to the specification of +SIS-64 sas controller, max_channel should be decreased on SIS-64 adapters +to 4. + +The patch fixes softlockup issue. + +Thanks for Oliver Halloran's help with debugging and explanation! + +Link: https://lore.kernel.org/r/1583510248-23672-1-git-send-email-wenxiong@linux.vnet.ibm.com +Signed-off-by: Wen Xiong +Signed-off-by: Martin K. Petersen +Signed-off-by: Sasha Levin +--- + drivers/scsi/ipr.c | 3 ++- + drivers/scsi/ipr.h | 1 + + 2 files changed, 3 insertions(+), 1 deletion(-) + +diff --git a/drivers/scsi/ipr.c b/drivers/scsi/ipr.c +index 35d54ee1c5c74..b172f0a020834 100644 +--- a/drivers/scsi/ipr.c ++++ b/drivers/scsi/ipr.c +@@ -9962,6 +9962,7 @@ static void ipr_init_ioa_cfg(struct ipr_ioa_cfg *ioa_cfg, + ioa_cfg->max_devs_supported = ipr_max_devs; + + if (ioa_cfg->sis64) { ++ host->max_channel = IPR_MAX_SIS64_BUSES; + host->max_id = IPR_MAX_SIS64_TARGETS_PER_BUS; + host->max_lun = IPR_MAX_SIS64_LUNS_PER_TARGET; + if (ipr_max_devs > IPR_MAX_SIS64_DEVS) +@@ -9970,6 +9971,7 @@ static void ipr_init_ioa_cfg(struct ipr_ioa_cfg *ioa_cfg, + + ((sizeof(struct ipr_config_table_entry64) + * ioa_cfg->max_devs_supported))); + } else { ++ host->max_channel = IPR_VSET_BUS; + host->max_id = IPR_MAX_NUM_TARGETS_PER_BUS; + host->max_lun = IPR_MAX_NUM_LUNS_PER_TARGET; + if (ipr_max_devs > IPR_MAX_PHYSICAL_DEVS) +@@ -9979,7 +9981,6 @@ static void ipr_init_ioa_cfg(struct ipr_ioa_cfg *ioa_cfg, + * ioa_cfg->max_devs_supported))); + } + +- host->max_channel = IPR_VSET_BUS; + host->unique_id = host->host_no; + host->max_cmd_len = IPR_MAX_CDB_LEN; + host->can_queue = ioa_cfg->max_cmds; +diff --git a/drivers/scsi/ipr.h b/drivers/scsi/ipr.h +index 085e6c90f9e6a..89b36987ff309 100644 +--- a/drivers/scsi/ipr.h ++++ b/drivers/scsi/ipr.h +@@ -1306,6 +1306,7 @@ struct ipr_resource_entry { + #define IPR_ARRAY_VIRTUAL_BUS 0x1 + #define IPR_VSET_VIRTUAL_BUS 0x2 + #define IPR_IOAFP_VIRTUAL_BUS 0x3 ++#define IPR_MAX_SIS64_BUSES 0x4 + + #define IPR_GET_RES_PHYS_LOC(res) \ + (((res)->bus << 24) | ((res)->target << 8) | (res)->lun) +-- +2.20.1 + diff --git a/queue-4.14/series b/queue-4.14/series index dfb4da93946..0736bb95049 100644 --- a/queue-4.14/series +++ b/queue-4.14/series @@ -71,3 +71,15 @@ hsr-use-rcu_read_lock-in-hsr_get_node_-list-status.patch hsr-add-restart-routine-into-hsr_get_node_list.patch hsr-set-.netnsok-flag.patch net-ipv4-don-t-let-pmtu-updates-increase-route-mtu.patch +cgroup-v1-cgroup_pidlist_next-should-update-position.patch +batman-adv-don-t-schedule-ogm-for-disabled-interface.patch +cpupower-avoid-multiple-definition-with-gcc-fno-comm.patch +drivers-of-of_mdio.c-fix-of_mdiobus_register.patch +cgroup1-don-t-call-release_agent-when-it-is.patch +dt-bindings-net-fman-erratum-a050385.patch +arm64-dts-ls1043a-fman-erratum-a050385.patch +fsl-fman-detect-fman-erratum-a050385.patch +scsi-ipr-fix-softlockup-when-rescanning-devices-in-p.patch +mac80211-do-not-send-mesh-hwmp-preq-if-hwmp-is-disab.patch +dpaa_eth-remove-unnecessary-boolean-expression-in-dp.patch +sxgbe-fix-off-by-one-in-samsung-driver-strncpy-size-.patch diff --git a/queue-4.14/sxgbe-fix-off-by-one-in-samsung-driver-strncpy-size-.patch b/queue-4.14/sxgbe-fix-off-by-one-in-samsung-driver-strncpy-size-.patch new file mode 100644 index 00000000000..e2256abd14b --- /dev/null +++ b/queue-4.14/sxgbe-fix-off-by-one-in-samsung-driver-strncpy-size-.patch @@ -0,0 +1,44 @@ +From b682e1bd0a68ac5cecbde9b9c55b0595e23b876c Mon Sep 17 00:00:00 2001 +From: Sasha Levin +Date: Mon, 9 Mar 2020 16:22:50 +0100 +Subject: sxgbe: Fix off by one in samsung driver strncpy size arg + +From: Dominik Czarnota + +[ Upstream commit f3cc008bf6d59b8d93b4190e01d3e557b0040e15 ] + +This patch fixes an off-by-one error in strncpy size argument in +drivers/net/ethernet/samsung/sxgbe/sxgbe_main.c. The issue is that in: + + strncmp(opt, "eee_timer:", 6) + +the passed string literal: "eee_timer:" has 10 bytes (without the NULL +byte) and the passed size argument is 6. As a result, the logic will +also accept other, malformed strings, e.g. "eee_tiXXX:". + +This bug doesn't seem to have any security impact since its present in +module's cmdline parsing code. + +Signed-off-by: Dominik Czarnota +Signed-off-by: David S. Miller +Signed-off-by: Sasha Levin +--- + drivers/net/ethernet/samsung/sxgbe/sxgbe_main.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/drivers/net/ethernet/samsung/sxgbe/sxgbe_main.c b/drivers/net/ethernet/samsung/sxgbe/sxgbe_main.c +index 89831adb8eb75..6d27eec85fcef 100644 +--- a/drivers/net/ethernet/samsung/sxgbe/sxgbe_main.c ++++ b/drivers/net/ethernet/samsung/sxgbe/sxgbe_main.c +@@ -2284,7 +2284,7 @@ static int __init sxgbe_cmdline_opt(char *str) + if (!str || !*str) + return -EINVAL; + while ((opt = strsep(&str, ",")) != NULL) { +- if (!strncmp(opt, "eee_timer:", 6)) { ++ if (!strncmp(opt, "eee_timer:", 10)) { + if (kstrtoint(opt + 10, 0, &eee_timer)) + goto err; + } +-- +2.20.1 +