From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Date: Sun, 24 May 2020 10:19:29 +0000 (+0200)
Subject: 4.14-stable patches
X-Git-Tag: v4.4.225~37
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=9a54870d700b53a26455cdfee7579c775b155c44;p=thirdparty%2Fkernel%2Fstable-queue.git

4.14-stable patches

added patches:
	ubsan-build-ubsan.c-more-conservatively.patch
	x86-uaccess-ubsan-fix-ubsan-vs.-smap.patch
---

diff --git a/queue-4.14/series b/queue-4.14/series
index 7999fd69093..ee6ede7ad02 100644
--- a/queue-4.14/series
+++ b/queue-4.14/series
@@ -39,3 +39,5 @@ dmaengine-tegra210-adma-fix-an-error-handling-path-in-tegra_adma_probe.patch
 powerpc-restore-alphabetic-order-in-kconfig.patch
 powerpc-remove-strict_kernel_rwx-incompatibility-wit.patch
 powerpc-64s-disable-strict_kernel_rwx.patch
+x86-uaccess-ubsan-fix-ubsan-vs.-smap.patch
+ubsan-build-ubsan.c-more-conservatively.patch
diff --git a/queue-4.14/ubsan-build-ubsan.c-more-conservatively.patch b/queue-4.14/ubsan-build-ubsan.c-more-conservatively.patch
new file mode 100644
index 00000000000..e72ab551138
--- /dev/null
+++ b/queue-4.14/ubsan-build-ubsan.c-more-conservatively.patch
@@ -0,0 +1,69 @@
+From af700eaed0564d5d3963a7a51cb0843629d7fe3d Mon Sep 17 00:00:00 2001
+From: Arnd Bergmann <arnd@arndb.de>
+Date: Fri, 2 Aug 2019 21:48:58 -0700
+Subject: ubsan: build ubsan.c more conservatively
+
+From: Arnd Bergmann <arnd@arndb.de>
+
+commit af700eaed0564d5d3963a7a51cb0843629d7fe3d upstream.
+
+objtool points out several conditions that it does not like, depending
+on the combination with other configuration options and compiler
+variants:
+
+stack protector:
+  lib/ubsan.o: warning: objtool: __ubsan_handle_type_mismatch()+0xbf: call to __stack_chk_fail() with UACCESS enabled
+  lib/ubsan.o: warning: objtool: __ubsan_handle_type_mismatch_v1()+0xbe: call to __stack_chk_fail() with UACCESS enabled
+
+stackleak plugin:
+  lib/ubsan.o: warning: objtool: __ubsan_handle_type_mismatch()+0x4a: call to stackleak_track_stack() with UACCESS enabled
+  lib/ubsan.o: warning: objtool: __ubsan_handle_type_mismatch_v1()+0x4a: call to stackleak_track_stack() with UACCESS enabled
+
+kasan:
+  lib/ubsan.o: warning: objtool: __ubsan_handle_type_mismatch()+0x25: call to memcpy() with UACCESS enabled
+  lib/ubsan.o: warning: objtool: __ubsan_handle_type_mismatch_v1()+0x25: call to memcpy() with UACCESS enabled
+
+The stackleak and kasan options just need to be disabled for this file
+as we do for other files already.  For the stack protector, we already
+attempt to disable it, but this fails on clang because the check is
+mixed with the gcc specific -fno-conserve-stack option.  According to
+Andrey Ryabinin, that option is not even needed, dropping it here fixes
+the stackprotector issue.
+
+Link: http://lkml.kernel.org/r/20190722125139.1335385-1-arnd@arndb.de
+Link: https://lore.kernel.org/lkml/20190617123109.667090-1-arnd@arndb.de/t/
+Link: https://lore.kernel.org/lkml/20190722091050.2188664-1-arnd@arndb.de/t/
+Fixes: d08965a27e84 ("x86/uaccess, ubsan: Fix UBSAN vs. SMAP")
+Signed-off-by: Arnd Bergmann <arnd@arndb.de>
+Reviewed-by: Andrey Ryabinin <aryabinin@virtuozzo.com>
+Cc: Josh Poimboeuf <jpoimboe@redhat.com>
+Cc: Peter Zijlstra <peterz@infradead.org>
+Cc: Arnd Bergmann <arnd@arndb.de>
+Cc: Borislav Petkov <bp@alien8.de>
+Cc: Dmitry Vyukov <dvyukov@google.com>
+Cc: Thomas Gleixner <tglx@linutronix.de>
+Cc: Ingo Molnar <mingo@kernel.org>
+Cc: Kees Cook <keescook@chromium.org>
+Cc: Matthew Wilcox <willy@infradead.org>
+Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
+Cc: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
+Cc: <stable@vger.kernel.org>
+Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
+Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ lib/Makefile |    3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+--- a/lib/Makefile
++++ b/lib/Makefile
+@@ -256,7 +256,8 @@ obj-$(CONFIG_UCS2_STRING) += ucs2_string
+ obj-$(CONFIG_UBSAN) += ubsan.o
+ 
+ UBSAN_SANITIZE_ubsan.o := n
+-CFLAGS_ubsan.o := $(call cc-option, -fno-conserve-stack -fno-stack-protector)
++KASAN_SANITIZE_ubsan.o := n
++CFLAGS_ubsan.o := $(call cc-option, -fno-stack-protector) $(DISABLE_STACKLEAK_PLUGIN)
+ 
+ obj-$(CONFIG_SBITMAP) += sbitmap.o
+ 
diff --git a/queue-4.14/x86-uaccess-ubsan-fix-ubsan-vs.-smap.patch b/queue-4.14/x86-uaccess-ubsan-fix-ubsan-vs.-smap.patch
new file mode 100644
index 00000000000..2c0c75ee254
--- /dev/null
+++ b/queue-4.14/x86-uaccess-ubsan-fix-ubsan-vs.-smap.patch
@@ -0,0 +1,40 @@
+From d08965a27e84ca090b504844d50c24fc98587b11 Mon Sep 17 00:00:00 2001
+From: Peter Zijlstra <peterz@infradead.org>
+Date: Wed, 3 Apr 2019 09:40:16 +0200
+Subject: x86/uaccess, ubsan: Fix UBSAN vs. SMAP
+
+From: Peter Zijlstra <peterz@infradead.org>
+
+commit d08965a27e84ca090b504844d50c24fc98587b11 upstream.
+
+UBSAN can insert extra code in random locations; including AC=1
+sections. Typically this code is not safe and needs wrapping.
+
+So far, only __ubsan_handle_type_mismatch* have been observed in AC=1
+sections and therefore only those are annotated.
+
+Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
+Cc: Borislav Petkov <bp@alien8.de>
+Cc: Dmitry Vyukov <dvyukov@google.com>
+Cc: Josh Poimboeuf <jpoimboe@redhat.com>
+Cc: Linus Torvalds <torvalds@linux-foundation.org>
+Cc: Peter Zijlstra <peterz@infradead.org>
+Cc: Thomas Gleixner <tglx@linutronix.de>
+Signed-off-by: Ingo Molnar <mingo@kernel.org>
+[stable backport: only take the lib/Makefile change to resolve gcc-10
+ build issues]
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ lib/Makefile |    1 +
+ 1 file changed, 1 insertion(+)
+
+--- a/lib/Makefile
++++ b/lib/Makefile
+@@ -256,6 +256,7 @@ obj-$(CONFIG_UCS2_STRING) += ucs2_string
+ obj-$(CONFIG_UBSAN) += ubsan.o
+ 
+ UBSAN_SANITIZE_ubsan.o := n
++CFLAGS_ubsan.o := $(call cc-option, -fno-conserve-stack -fno-stack-protector)
+ 
+ obj-$(CONFIG_SBITMAP) += sbitmap.o
+