From: Greg Kroah-Hartman Date: Wed, 28 Jul 2021 18:06:14 +0000 (+0200) Subject: 4.9-stable patches X-Git-Tag: v5.13.7~24 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=7673f100a947f72f66907ca01061f3323817cbd2;p=thirdparty%2Fkernel%2Fstable-queue.git 4.9-stable patches added patches: iommu-amd-fix-backport-of-140456f994195b568ecd7fc2287a34eadffef3ca.patch tipc-fix-backport-of-b77413446408fdd256599daf00d5be72b5f3e7c6.patch --- diff --git a/queue-4.9/iommu-amd-fix-backport-of-140456f994195b568ecd7fc2287a34eadffef3ca.patch b/queue-4.9/iommu-amd-fix-backport-of-140456f994195b568ecd7fc2287a34eadffef3ca.patch new file mode 100644 index 00000000000..1bcd32f1c49 --- /dev/null +++ b/queue-4.9/iommu-amd-fix-backport-of-140456f994195b568ecd7fc2287a34eadffef3ca.patch @@ -0,0 +1,62 @@ +From nathan@kernel.org Wed Jul 28 20:03:29 2021 +From: Nathan Chancellor +Date: Tue, 27 Jul 2021 15:56:49 -0700 +Subject: iommu/amd: Fix backport of 140456f994195b568ecd7fc2287a34eadffef3ca +To: Greg Kroah-Hartman , Sasha Levin +Cc: stable@vger.kernel.org, clang-built-linux@googlegroups.com, Nathan Chancellor , Andrey Ryabinin , Joerg Roedel , Will Deacon , kernel test robot +Message-ID: <20210727225650.726875-1-nathan@kernel.org> + +From: Nathan Chancellor + +Clang warns: + +drivers/iommu/amd_iommu.c:1335:6: warning: variable 'flags' is used +uninitialized whenever 'if' condition is true +[-Wsometimes-uninitialized] + if (!pte) + ^~~~ +drivers/iommu/amd_iommu.c:1352:40: note: uninitialized use occurs here + spin_unlock_irqrestore(&domain->lock, flags); + ^~~~~ +drivers/iommu/amd_iommu.c:1335:2: note: remove the 'if' if its condition +is always false + if (!pte) + ^~~~~~~~~ +drivers/iommu/amd_iommu.c:1331:21: note: initialize the variable 'flags' +to silence this warning + unsigned long flags; + ^ + = 0 +1 warning generated. + +The backport of commit 140456f99419 ("iommu/amd: Fix sleeping in atomic +in increase_address_space()") to 4.9 as commit 1d648460d7c5 ("iommu/amd: +Fix sleeping in atomic in increase_address_space()") failed to keep the +"return false", which in 4.9 needs to be a regular "return" due to a +lack of commit f15d9a992f90 ("iommu/amd: Remove domain->updated"). + +This resolves the warning and matches the 4.14-4.19 backport. + +Cc: Andrey Ryabinin +Cc: Joerg Roedel +Cc: Will Deacon +Fixes: 1d648460d7c5 ("iommu/amd: Fix sleeping in atomic in increase_address_space()") +Reported-by: kernel test robot +Signed-off-by: Nathan Chancellor +Acked-by: Joerg Roedel +Signed-off-by: Greg Kroah-Hartman +--- + drivers/iommu/amd_iommu.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/drivers/iommu/amd_iommu.c ++++ b/drivers/iommu/amd_iommu.c +@@ -1333,7 +1333,7 @@ static void increase_address_space(struc + + pte = (void *)get_zeroed_page(gfp); + if (!pte) +- goto out; ++ return; + + spin_lock_irqsave(&domain->lock, flags); + diff --git a/queue-4.9/series b/queue-4.9/series new file mode 100644 index 00000000000..3142a3a78cc --- /dev/null +++ b/queue-4.9/series @@ -0,0 +1,2 @@ +iommu-amd-fix-backport-of-140456f994195b568ecd7fc2287a34eadffef3ca.patch +tipc-fix-backport-of-b77413446408fdd256599daf00d5be72b5f3e7c6.patch diff --git a/queue-4.9/tipc-fix-backport-of-b77413446408fdd256599daf00d5be72b5f3e7c6.patch b/queue-4.9/tipc-fix-backport-of-b77413446408fdd256599daf00d5be72b5f3e7c6.patch new file mode 100644 index 00000000000..fa7d8d4c6f6 --- /dev/null +++ b/queue-4.9/tipc-fix-backport-of-b77413446408fdd256599daf00d5be72b5f3e7c6.patch @@ -0,0 +1,66 @@ +From nathan@kernel.org Wed Jul 28 20:04:22 2021 +From: Nathan Chancellor +Date: Tue, 27 Jul 2021 15:56:50 -0700 +Subject: tipc: Fix backport of b77413446408fdd256599daf00d5be72b5f3e7c6 +To: Greg Kroah-Hartman , Sasha Levin +Cc: stable@vger.kernel.org, clang-built-linux@googlegroups.com, Nathan Chancellor , Hoang Le , Jon Maloy , Ying Xue , kernel test robot +Message-ID: <20210727225650.726875-2-nathan@kernel.org> + +From: Nathan Chancellor + +Clang warns: + +net/tipc/link.c:896:23: warning: variable 'hdr' is uninitialized when +used here [-Wuninitialized] + imp = msg_importance(hdr); + ^~~ +net/tipc/link.c:890:22: note: initialize the variable 'hdr' to silence +this warning + struct tipc_msg *hdr; + ^ + = NULL +1 warning generated. + +The backport of commit b77413446408 ("tipc: fix NULL deref in +tipc_link_xmit()") to 4.9 as commit 310014f572a5 ("tipc: fix NULL deref +in tipc_link_xmit()") added the hdr initialization above the + + if (unlikely(msg_size(hdr) > mtu)) { + +like in the upstream commit; however, in 4.9, that check is below imp's +first use because commit 365ad353c256 ("tipc: reduce risk of user +starvation during link congestion") is not present. This results in hdr +being used uninitialized. + +Fix this by moving hdr's initialization before imp and after the if +check like the original backport did. + +Cc: Hoang Le +Cc: Jon Maloy +Cc: Ying Xue +Fixes: 310014f572a5 ("tipc: fix NULL deref in tipc_link_xmit()") +Reported-by: kernel test robot +Signed-off-by: Nathan Chancellor +Signed-off-by: Greg Kroah-Hartman +--- + net/tipc/link.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/net/tipc/link.c ++++ b/net/tipc/link.c +@@ -893,6 +893,7 @@ int tipc_link_xmit(struct tipc_link *l, + if (pkt_cnt <= 0) + return 0; + ++ hdr = buf_msg(skb_peek(list)); + imp = msg_importance(hdr); + /* Match msg importance against this and all higher backlog limits: */ + if (!skb_queue_empty(backlogq)) { +@@ -902,7 +903,6 @@ int tipc_link_xmit(struct tipc_link *l, + } + } + +- hdr = buf_msg(skb_peek(list)); + if (unlikely(msg_size(hdr) > mtu)) { + skb_queue_purge(list); + return -EMSGSIZE;