From: Greg Kroah-Hartman Date: Mon, 29 Jun 2020 11:25:54 +0000 (+0200) Subject: 4.4-stable patches X-Git-Tag: v5.7.7~29 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=8c4b0719b45939302334b48dafedefe31d28d5d5;p=thirdparty%2Fkernel%2Fstable-queue.git 4.4-stable patches added patches: arm64-perf-report-the-pc-value-in-regs_abi_32-mode.patch mm-slab-use-memzero_explicit-in-kzfree.patch ocfs2-fix-panic-on-nfs-server-over-ocfs2.patch ocfs2-fix-value-of-ocfs2_invalid_slot.patch ocfs2-load-global_inode_alloc.patch --- diff --git a/queue-4.4/arm64-perf-report-the-pc-value-in-regs_abi_32-mode.patch b/queue-4.4/arm64-perf-report-the-pc-value-in-regs_abi_32-mode.patch new file mode 100644 index 00000000000..0b666b81ce0 --- /dev/null +++ b/queue-4.4/arm64-perf-report-the-pc-value-in-regs_abi_32-mode.patch @@ -0,0 +1,67 @@ +From 8dfe804a4031ca6ba3a3efb2048534249b64f3a5 Mon Sep 17 00:00:00 2001 +From: Jiping Ma +Date: Mon, 11 May 2020 10:52:07 +0800 +Subject: arm64: perf: Report the PC value in REGS_ABI_32 mode + +From: Jiping Ma + +commit 8dfe804a4031ca6ba3a3efb2048534249b64f3a5 upstream. + +A 32-bit perf querying the registers of a compat task using REGS_ABI_32 +will receive zeroes from w15, when it expects to find the PC. + +Return the PC value for register dwarf register 15 when returning register +values for a compat task to perf. + +Cc: +Acked-by: Mark Rutland +Signed-off-by: Jiping Ma +Link: https://lore.kernel.org/r/1589165527-188401-1-git-send-email-jiping.ma2@windriver.com +[will: Shuffled code and added a comment] +Signed-off-by: Will Deacon +Signed-off-by: Greg Kroah-Hartman + +--- + arch/arm64/kernel/perf_regs.c | 25 ++++++++++++++++++++++--- + 1 file changed, 22 insertions(+), 3 deletions(-) + +--- a/arch/arm64/kernel/perf_regs.c ++++ b/arch/arm64/kernel/perf_regs.c +@@ -13,15 +13,34 @@ u64 perf_reg_value(struct pt_regs *regs, + return 0; + + /* +- * Compat (i.e. 32 bit) mode: +- * - PC has been set in the pt_regs struct in kernel_entry, +- * - Handle SP and LR here. ++ * Our handling of compat tasks (PERF_SAMPLE_REGS_ABI_32) is weird, but ++ * we're stuck with it for ABI compatability reasons. ++ * ++ * For a 32-bit consumer inspecting a 32-bit task, then it will look at ++ * the first 16 registers (see arch/arm/include/uapi/asm/perf_regs.h). ++ * These correspond directly to a prefix of the registers saved in our ++ * 'struct pt_regs', with the exception of the PC, so we copy that down ++ * (x15 corresponds to SP_hyp in the architecture). ++ * ++ * So far, so good. ++ * ++ * The oddity arises when a 64-bit consumer looks at a 32-bit task and ++ * asks for registers beyond PERF_REG_ARM_MAX. In this case, we return ++ * SP_usr, LR_usr and PC in the positions where the AArch64 SP, LR and ++ * PC registers would normally live. The initial idea was to allow a ++ * 64-bit unwinder to unwind a 32-bit task and, although it's not clear ++ * how well that works in practice, somebody might be relying on it. ++ * ++ * At the time we make a sample, we don't know whether the consumer is ++ * 32-bit or 64-bit, so we have to cater for both possibilities. + */ + if (compat_user_mode(regs)) { + if ((u32)idx == PERF_REG_ARM64_SP) + return regs->compat_sp; + if ((u32)idx == PERF_REG_ARM64_LR) + return regs->compat_lr; ++ if (idx == 15) ++ return regs->pc; + } + + if ((u32)idx == PERF_REG_ARM64_SP) diff --git a/queue-4.4/mm-slab-use-memzero_explicit-in-kzfree.patch b/queue-4.4/mm-slab-use-memzero_explicit-in-kzfree.patch new file mode 100644 index 00000000000..7a6815fecd3 --- /dev/null +++ b/queue-4.4/mm-slab-use-memzero_explicit-in-kzfree.patch @@ -0,0 +1,54 @@ +From 8982ae527fbef170ef298650c15d55a9ccd33973 Mon Sep 17 00:00:00 2001 +From: Waiman Long +Date: Thu, 25 Jun 2020 20:29:52 -0700 +Subject: mm/slab: use memzero_explicit() in kzfree() + +From: Waiman Long + +commit 8982ae527fbef170ef298650c15d55a9ccd33973 upstream. + +The kzfree() function is normally used to clear some sensitive +information, like encryption keys, in the buffer before freeing it back to +the pool. Memset() is currently used for buffer clearing. However +unlikely, there is still a non-zero probability that the compiler may +choose to optimize away the memory clearing especially if LTO is being +used in the future. + +To make sure that this optimization will never happen, +memzero_explicit(), which is introduced in v3.18, is now used in +kzfree() to future-proof it. + +Link: http://lkml.kernel.org/r/20200616154311.12314-2-longman@redhat.com +Fixes: 3ef0e5ba4673 ("slab: introduce kzfree()") +Signed-off-by: Waiman Long +Acked-by: Michal Hocko +Cc: David Howells +Cc: Jarkko Sakkinen +Cc: James Morris +Cc: "Serge E. Hallyn" +Cc: Joe Perches +Cc: Matthew Wilcox +Cc: David Rientjes +Cc: Johannes Weiner +Cc: Dan Carpenter +Cc: "Jason A . Donenfeld" +Cc: +Signed-off-by: Andrew Morton +Signed-off-by: Linus Torvalds +Signed-off-by: Greg Kroah-Hartman + +--- + mm/slab_common.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/mm/slab_common.c ++++ b/mm/slab_common.c +@@ -1269,7 +1269,7 @@ void kzfree(const void *p) + if (unlikely(ZERO_OR_NULL_PTR(mem))) + return; + ks = ksize(mem); +- memset(mem, 0, ks); ++ memzero_explicit(mem, ks); + kfree(mem); + } + EXPORT_SYMBOL(kzfree); diff --git a/queue-4.4/ocfs2-fix-panic-on-nfs-server-over-ocfs2.patch b/queue-4.4/ocfs2-fix-panic-on-nfs-server-over-ocfs2.patch new file mode 100644 index 00000000000..a8057e481f4 --- /dev/null +++ b/queue-4.4/ocfs2-fix-panic-on-nfs-server-over-ocfs2.patch @@ -0,0 +1,90 @@ +From e5a15e17a78d58f933d17cafedfcf7486a29f5b4 Mon Sep 17 00:00:00 2001 +From: Junxiao Bi +Date: Thu, 25 Jun 2020 20:29:37 -0700 +Subject: ocfs2: fix panic on nfs server over ocfs2 + +From: Junxiao Bi + +commit e5a15e17a78d58f933d17cafedfcf7486a29f5b4 upstream. + +The following kernel panic was captured when running nfs server over +ocfs2, at that time ocfs2_test_inode_bit() was checking whether one +inode locating at "blkno" 5 was valid, that is ocfs2 root inode, its +"suballoc_slot" was OCFS2_INVALID_SLOT(65535) and it was allocted from +//global_inode_alloc, but here it wrongly assumed that it was got from per +slot inode alloctor which would cause array overflow and trigger kernel +panic. + + BUG: unable to handle kernel paging request at 0000000000001088 + IP: [] _raw_spin_lock+0x18/0xf0 + PGD 1e06ba067 PUD 1e9e7d067 PMD 0 + Oops: 0002 [#1] SMP + CPU: 6 PID: 24873 Comm: nfsd Not tainted 4.1.12-124.36.1.el6uek.x86_64 #2 + Hardware name: Huawei CH121 V3/IT11SGCA1, BIOS 3.87 02/02/2018 + RIP: _raw_spin_lock+0x18/0xf0 + RSP: e02b:ffff88005ae97908 EFLAGS: 00010206 + RAX: ffff88005ae98000 RBX: 0000000000001088 RCX: 0000000000000000 + RDX: 0000000000020000 RSI: 0000000000000009 RDI: 0000000000001088 + RBP: ffff88005ae97928 R08: 0000000000000000 R09: ffff880212878e00 + R10: 0000000000007ff0 R11: 0000000000000000 R12: 0000000000001088 + R13: ffff8800063c0aa8 R14: ffff8800650c27d0 R15: 000000000000ffff + FS: 0000000000000000(0000) GS:ffff880218180000(0000) knlGS:ffff880218180000 + CS: e033 DS: 0000 ES: 0000 CR0: 0000000080050033 + CR2: 0000000000001088 CR3: 00000002033d0000 CR4: 0000000000042660 + Call Trace: + igrab+0x1e/0x60 + ocfs2_get_system_file_inode+0x63/0x3a0 [ocfs2] + ocfs2_test_inode_bit+0x328/0xa00 [ocfs2] + ocfs2_get_parent+0xba/0x3e0 [ocfs2] + reconnect_path+0xb5/0x300 + exportfs_decode_fh+0xf6/0x2b0 + fh_verify+0x350/0x660 [nfsd] + nfsd4_putfh+0x4d/0x60 [nfsd] + nfsd4_proc_compound+0x3d3/0x6f0 [nfsd] + nfsd_dispatch+0xe0/0x290 [nfsd] + svc_process_common+0x412/0x6a0 [sunrpc] + svc_process+0x123/0x210 [sunrpc] + nfsd+0xff/0x170 [nfsd] + kthread+0xcb/0xf0 + ret_from_fork+0x61/0x90 + Code: 83 c2 02 0f b7 f2 e8 18 dc 91 ff 66 90 eb bf 0f 1f 40 00 55 48 89 e5 41 56 41 55 41 54 53 0f 1f 44 00 00 48 89 fb ba 00 00 02 00 0f c1 17 89 d0 45 31 e4 45 31 ed c1 e8 10 66 39 d0 41 89 c6 + RIP _raw_spin_lock+0x18/0xf0 + CR2: 0000000000001088 + ---[ end trace 7264463cd1aac8f9 ]--- + Kernel panic - not syncing: Fatal exception + +Link: http://lkml.kernel.org/r/20200616183829.87211-4-junxiao.bi@oracle.com +Signed-off-by: Junxiao Bi +Reviewed-by: Joseph Qi +Cc: Changwei Ge +Cc: Gang He +Cc: Joel Becker +Cc: Jun Piao +Cc: Mark Fasheh +Cc: +Signed-off-by: Andrew Morton +Signed-off-by: Linus Torvalds +Signed-off-by: Greg Kroah-Hartman + +--- + fs/ocfs2/suballoc.c | 9 ++++++--- + 1 file changed, 6 insertions(+), 3 deletions(-) + +--- a/fs/ocfs2/suballoc.c ++++ b/fs/ocfs2/suballoc.c +@@ -2863,9 +2863,12 @@ int ocfs2_test_inode_bit(struct ocfs2_su + goto bail; + } + +- inode_alloc_inode = +- ocfs2_get_system_file_inode(osb, INODE_ALLOC_SYSTEM_INODE, +- suballoc_slot); ++ if (suballoc_slot == (u16)OCFS2_INVALID_SLOT) ++ inode_alloc_inode = ocfs2_get_system_file_inode(osb, ++ GLOBAL_INODE_ALLOC_SYSTEM_INODE, suballoc_slot); ++ else ++ inode_alloc_inode = ocfs2_get_system_file_inode(osb, ++ INODE_ALLOC_SYSTEM_INODE, suballoc_slot); + if (!inode_alloc_inode) { + /* the error code could be inaccurate, but we are not able to + * get the correct one. */ diff --git a/queue-4.4/ocfs2-fix-value-of-ocfs2_invalid_slot.patch b/queue-4.4/ocfs2-fix-value-of-ocfs2_invalid_slot.patch new file mode 100644 index 00000000000..39af5629c17 --- /dev/null +++ b/queue-4.4/ocfs2-fix-value-of-ocfs2_invalid_slot.patch @@ -0,0 +1,53 @@ +From 9277f8334ffc719fe922d776444d6e4e884dbf30 Mon Sep 17 00:00:00 2001 +From: Junxiao Bi +Date: Thu, 25 Jun 2020 20:29:40 -0700 +Subject: ocfs2: fix value of OCFS2_INVALID_SLOT + +From: Junxiao Bi + +commit 9277f8334ffc719fe922d776444d6e4e884dbf30 upstream. + +In the ocfs2 disk layout, slot number is 16 bits, but in ocfs2 +implementation, slot number is 32 bits. Usually this will not cause any +issue, because slot number is converted from u16 to u32, but +OCFS2_INVALID_SLOT was defined as -1, when an invalid slot number from +disk was obtained, its value was (u16)-1, and it was converted to u32. +Then the following checking in get_local_system_inode will be always +skipped: + + static struct inode **get_local_system_inode(struct ocfs2_super *osb, + int type, + u32 slot) + { + BUG_ON(slot == OCFS2_INVALID_SLOT); + ... + } + +Link: http://lkml.kernel.org/r/20200616183829.87211-5-junxiao.bi@oracle.com +Signed-off-by: Junxiao Bi +Reviewed-by: Joseph Qi +Cc: Mark Fasheh +Cc: Joel Becker +Cc: Changwei Ge +Cc: Gang He +Cc: Jun Piao +Cc: +Signed-off-by: Andrew Morton +Signed-off-by: Linus Torvalds +Signed-off-by: Greg Kroah-Hartman + +--- + fs/ocfs2/ocfs2_fs.h | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/fs/ocfs2/ocfs2_fs.h ++++ b/fs/ocfs2/ocfs2_fs.h +@@ -304,7 +304,7 @@ + #define OCFS2_MAX_SLOTS 255 + + /* Slot map indicator for an empty slot */ +-#define OCFS2_INVALID_SLOT -1 ++#define OCFS2_INVALID_SLOT ((u16)-1) + + #define OCFS2_VOL_UUID_LEN 16 + #define OCFS2_MAX_VOL_LABEL_LEN 64 diff --git a/queue-4.4/ocfs2-load-global_inode_alloc.patch b/queue-4.4/ocfs2-load-global_inode_alloc.patch new file mode 100644 index 00000000000..3b71b2e8f91 --- /dev/null +++ b/queue-4.4/ocfs2-load-global_inode_alloc.patch @@ -0,0 +1,43 @@ +From 7569d3c754e452769a5747eeeba488179e38a5da Mon Sep 17 00:00:00 2001 +From: Junxiao Bi +Date: Thu, 25 Jun 2020 20:29:33 -0700 +Subject: ocfs2: load global_inode_alloc + +From: Junxiao Bi + +commit 7569d3c754e452769a5747eeeba488179e38a5da upstream. + +Set global_inode_alloc as OCFS2_FIRST_ONLINE_SYSTEM_INODE, that will +make it load during mount. It can be used to test whether some +global/system inodes are valid. One use case is that nfsd will test +whether root inode is valid. + +Link: http://lkml.kernel.org/r/20200616183829.87211-3-junxiao.bi@oracle.com +Signed-off-by: Junxiao Bi +Reviewed-by: Joseph Qi +Cc: Changwei Ge +Cc: Gang He +Cc: Joel Becker +Cc: Jun Piao +Cc: Mark Fasheh +Cc: +Signed-off-by: Andrew Morton +Signed-off-by: Linus Torvalds +Signed-off-by: Greg Kroah-Hartman + +--- + fs/ocfs2/ocfs2_fs.h | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/fs/ocfs2/ocfs2_fs.h ++++ b/fs/ocfs2/ocfs2_fs.h +@@ -340,8 +340,8 @@ struct ocfs2_system_inode_info { + enum { + BAD_BLOCK_SYSTEM_INODE = 0, + GLOBAL_INODE_ALLOC_SYSTEM_INODE, ++#define OCFS2_FIRST_ONLINE_SYSTEM_INODE GLOBAL_INODE_ALLOC_SYSTEM_INODE + SLOT_MAP_SYSTEM_INODE, +-#define OCFS2_FIRST_ONLINE_SYSTEM_INODE SLOT_MAP_SYSTEM_INODE + HEARTBEAT_SYSTEM_INODE, + GLOBAL_BITMAP_SYSTEM_INODE, + USER_QUOTA_SYSTEM_INODE, diff --git a/queue-4.4/series b/queue-4.4/series index 1b611f84f67..34ecf121df6 100644 --- a/queue-4.4/series +++ b/queue-4.4/series @@ -119,3 +119,8 @@ kbuild-improve-cc-option-to-clean-up-all-temporary-f.patch blktrace-break-out-of-blktrace-setup-on-concurrent-c.patch acpi-sysfs-fix-pm_profile_attr-type.patch kvm-x86-fix-msr-range-of-apic-registers-in-x2apic-mode.patch +mm-slab-use-memzero_explicit-in-kzfree.patch +ocfs2-load-global_inode_alloc.patch +ocfs2-fix-value-of-ocfs2_invalid_slot.patch +ocfs2-fix-panic-on-nfs-server-over-ocfs2.patch +arm64-perf-report-the-pc-value-in-regs_abi_32-mode.patch