From: Greg Kroah-Hartman Date: Sun, 16 Oct 2022 09:32:44 +0000 (+0200) Subject: 6.0-stable patches X-Git-Tag: v5.4.219~156 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=b8c9cb664d75be09f2d3fc8cfece17bb64b86046;p=thirdparty%2Fkernel%2Fstable-queue.git 6.0-stable patches added patches: parisc-fbdev-stifb-align-graphics-memory-size-to-4mb.patch parisc-fix-userspace-graphics-card-breakage-due-to-pgtable-special-bit.patch risc-v-make-port-i-o-string-accessors-actually-work.patch risc-v-re-enable-counter-access-from-userspace.patch riscv-allow-prot_write-only-mmap.patch riscv-always-honor-the-config_cmdline_force-when-parsing-dtb.patch riscv-make-vm_write-imply-vm_read.patch riscv-pass-mno-relax-only-on-lld-15.0.0.patch riscv-topology-fix-default-topology-reporting.patch riscv-vdso-fix-null-deference-in-vdso_join_timens-when-vfork.patch --- diff --git a/queue-6.0/parisc-fbdev-stifb-align-graphics-memory-size-to-4mb.patch b/queue-6.0/parisc-fbdev-stifb-align-graphics-memory-size-to-4mb.patch new file mode 100644 index 00000000000..961112f9d8b --- /dev/null +++ b/queue-6.0/parisc-fbdev-stifb-align-graphics-memory-size-to-4mb.patch @@ -0,0 +1,31 @@ +From aca7c13d3bee81a968337a5515411409ae9d095d Mon Sep 17 00:00:00 2001 +From: Helge Deller +Date: Fri, 14 Oct 2022 10:13:55 +0200 +Subject: parisc: fbdev/stifb: Align graphics memory size to 4MB + +From: Helge Deller + +commit aca7c13d3bee81a968337a5515411409ae9d095d upstream. + +Independend of the current graphics resolution, adjust the reported +graphics card memory size to the next 4MB boundary. +This fixes the fbtest program which expects a naturally aligned size. + +Signed-off-by: Helge Deller +Cc: +Signed-off-by: Greg Kroah-Hartman +--- + drivers/video/fbdev/stifb.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/drivers/video/fbdev/stifb.c ++++ b/drivers/video/fbdev/stifb.c +@@ -1298,7 +1298,7 @@ static int __init stifb_init_fb(struct s + + /* limit fbsize to max visible screen size */ + if (fix->smem_len > yres*fix->line_length) +- fix->smem_len = yres*fix->line_length; ++ fix->smem_len = ALIGN(yres*fix->line_length, 4*1024*1024); + + fix->accel = FB_ACCEL_NONE; + diff --git a/queue-6.0/parisc-fix-userspace-graphics-card-breakage-due-to-pgtable-special-bit.patch b/queue-6.0/parisc-fix-userspace-graphics-card-breakage-due-to-pgtable-special-bit.patch new file mode 100644 index 00000000000..b21f4ce7c55 --- /dev/null +++ b/queue-6.0/parisc-fix-userspace-graphics-card-breakage-due-to-pgtable-special-bit.patch @@ -0,0 +1,84 @@ +From 70be49f2f6223ddd2fcddb0089a40864c37e1494 Mon Sep 17 00:00:00 2001 +From: Helge Deller +Date: Fri, 14 Oct 2022 10:18:53 +0200 +Subject: parisc: Fix userspace graphics card breakage due to pgtable special bit + +From: Helge Deller + +commit 70be49f2f6223ddd2fcddb0089a40864c37e1494 upstream. + +Commit df24e1783e6e ("parisc: Add vDSO support") introduced the vDSO +support, for which a _PAGE_SPECIAL page table flag was needed. Since we +wanted to keep every page table entry in 32-bits, this patch re-used the +existing - but yet unused - _PAGE_DMB flag (which triggers a hardware break +if a page is accessed) to store the special bit. + +But when graphics card memory is mmapped into userspace, the kernel uses +vm_iomap_memory() which sets the the special flag. So, with the DMB bit +set, every access to the graphics memory now triggered a hardware +exception and segfaulted the userspace program. + +Fix this breakage by dropping the DMB bit when writing the page +protection bits to the CPU TLB. + +In addition this patch adds a small optimization: if huge pages aren't +configured (which is at least the case for 32-bit kernels), then the +special bit is stored in the hpage (HUGE PAGE) bit instead. That way we +can skip to reset the DMB bit. + +Fixes: df24e1783e6e ("parisc: Add vDSO support") +Cc: # 5.18+ +Signed-off-by: Helge Deller +Signed-off-by: Greg Kroah-Hartman +--- + arch/parisc/include/asm/pgtable.h | 7 ++++++- + arch/parisc/kernel/entry.S | 8 ++++++++ + 2 files changed, 14 insertions(+), 1 deletion(-) + +--- a/arch/parisc/include/asm/pgtable.h ++++ b/arch/parisc/include/asm/pgtable.h +@@ -192,6 +192,11 @@ extern void __update_cache(pte_t pte); + #define _PAGE_PRESENT_BIT 22 /* (0x200) Software: translation valid */ + #define _PAGE_HPAGE_BIT 21 /* (0x400) Software: Huge Page */ + #define _PAGE_USER_BIT 20 /* (0x800) Software: User accessible page */ ++#ifdef CONFIG_HUGETLB_PAGE ++#define _PAGE_SPECIAL_BIT _PAGE_DMB_BIT /* DMB feature is currently unused */ ++#else ++#define _PAGE_SPECIAL_BIT _PAGE_HPAGE_BIT /* use unused HUGE PAGE bit */ ++#endif + + /* N.B. The bits are defined in terms of a 32 bit word above, so the */ + /* following macro is ok for both 32 and 64 bit. */ +@@ -219,7 +224,7 @@ extern void __update_cache(pte_t pte); + #define _PAGE_PRESENT (1 << xlate_pabit(_PAGE_PRESENT_BIT)) + #define _PAGE_HUGE (1 << xlate_pabit(_PAGE_HPAGE_BIT)) + #define _PAGE_USER (1 << xlate_pabit(_PAGE_USER_BIT)) +-#define _PAGE_SPECIAL (_PAGE_DMB) ++#define _PAGE_SPECIAL (1 << xlate_pabit(_PAGE_SPECIAL_BIT)) + + #define _PAGE_TABLE (_PAGE_PRESENT | _PAGE_READ | _PAGE_WRITE | _PAGE_DIRTY | _PAGE_ACCESSED) + #define _PAGE_CHG_MASK (PAGE_MASK | _PAGE_ACCESSED | _PAGE_DIRTY | _PAGE_SPECIAL) +--- a/arch/parisc/kernel/entry.S ++++ b/arch/parisc/kernel/entry.S +@@ -499,6 +499,10 @@ + * Finally, _PAGE_READ goes in the top bit of PL1 (so we + * trigger an access rights trap in user space if the user + * tries to read an unreadable page */ ++#if _PAGE_SPECIAL_BIT == _PAGE_DMB_BIT ++ /* need to drop DMB bit, as it's used as SPECIAL flag */ ++ depi 0,_PAGE_SPECIAL_BIT,1,\pte ++#endif + depd \pte,8,7,\prot + + /* PAGE_USER indicates the page can be read with user privileges, +@@ -529,6 +533,10 @@ + * makes the tlb entry for the differently formatted pa11 + * insertion instructions */ + .macro make_insert_tlb_11 spc,pte,prot ++#if _PAGE_SPECIAL_BIT == _PAGE_DMB_BIT ++ /* need to drop DMB bit, as it's used as SPECIAL flag */ ++ depi 0,_PAGE_SPECIAL_BIT,1,\pte ++#endif + zdep \spc,30,15,\prot + dep \pte,8,7,\prot + extru,= \pte,_PAGE_NO_CACHE_BIT,1,%r0 diff --git a/queue-6.0/risc-v-make-port-i-o-string-accessors-actually-work.patch b/queue-6.0/risc-v-make-port-i-o-string-accessors-actually-work.patch new file mode 100644 index 00000000000..2b988826e70 --- /dev/null +++ b/queue-6.0/risc-v-make-port-i-o-string-accessors-actually-work.patch @@ -0,0 +1,110 @@ +From 9cc205e3c17d5716da7ebb7fa0c985555e95d009 Mon Sep 17 00:00:00 2001 +From: "Maciej W. Rozycki" +Date: Thu, 22 Sep 2022 22:56:06 +0100 +Subject: RISC-V: Make port I/O string accessors actually work + +From: Maciej W. Rozycki + +commit 9cc205e3c17d5716da7ebb7fa0c985555e95d009 upstream. + +Fix port I/O string accessors such as `insb', `outsb', etc. which use +the physical PCI port I/O address rather than the corresponding memory +mapping to get at the requested location, which in turn breaks at least +accesses made by our parport driver to a PCIe parallel port such as: + +PCI parallel port detected: 1415:c118, I/O at 0x1000(0x1008), IRQ 20 +parport0: PC-style at 0x1000 (0x1008), irq 20, using FIFO [PCSPP,TRISTATE,COMPAT,EPP,ECP] + +causing a memory access fault: + +Unable to handle kernel access to user memory without uaccess routines at virtual address 0000000000001008 +Oops [#1] +Modules linked in: +CPU: 1 PID: 350 Comm: cat Not tainted 6.0.0-rc2-00283-g10d4879f9ef0-dirty #23 +Hardware name: SiFive HiFive Unmatched A00 (DT) +epc : parport_pc_fifo_write_block_pio+0x266/0x416 + ra : parport_pc_fifo_write_block_pio+0xb4/0x416 +epc : ffffffff80542c3e ra : ffffffff80542a8c sp : ffffffd88899fc60 + gp : ffffffff80fa2700 tp : ffffffd882b1e900 t0 : ffffffd883d0b000 + t1 : ffffffffff000002 t2 : 4646393043330a38 s0 : ffffffd88899fcf0 + s1 : 0000000000001000 a0 : 0000000000000010 a1 : 0000000000000000 + a2 : ffffffd883d0a010 a3 : 0000000000000023 a4 : 00000000ffff8fbb + a5 : ffffffd883d0a001 a6 : 0000000100000000 a7 : ffffffc800000000 + s2 : ffffffffff000002 s3 : ffffffff80d28880 s4 : ffffffff80fa1f50 + s5 : 0000000000001008 s6 : 0000000000000008 s7 : ffffffd883d0a000 + s8 : 0004000000000000 s9 : ffffffff80dc1d80 s10: ffffffd8807e4000 + s11: 0000000000000000 t3 : 00000000000000ff t4 : 393044410a303930 + t5 : 0000000000001000 t6 : 0000000000040000 +status: 0000000200000120 badaddr: 0000000000001008 cause: 000000000000000f +[] parport_pc_compat_write_block_pio+0xfe/0x200 +[] parport_write+0x46/0xf8 +[] lp_write+0x158/0x2d2 +[] vfs_write+0x8e/0x2c2 +[] ksys_write+0x52/0xc2 +[] sys_write+0xe/0x16 +[] ret_from_syscall+0x0/0x2 +---[ end trace 0000000000000000 ]--- + +For simplicity address the problem by adding PCI_IOBASE to the physical +address requested in the respective wrapper macros only, observing that +the raw accessors such as `__insb', `__outsb', etc. are not supposed to +be used other than by said macros. Remove the cast to `long' that is no +longer needed on `addr' now that it is used as an offset from PCI_IOBASE +and add parentheses around `addr' needed for predictable evaluation in +macro expansion. No need to make said adjustments in separate changes +given that current code is gravely broken and does not ever work. + +Signed-off-by: Maciej W. Rozycki +Fixes: fab957c11efe2 ("RISC-V: Atomic and Locking Code") +Cc: stable@vger.kernel.org # v4.15+ +Reviewed-by: Arnd Bergmann +Link: https://lore.kernel.org/r/alpine.DEB.2.21.2209220223080.29493@angie.orcam.me.uk +Signed-off-by: Palmer Dabbelt +Signed-off-by: Greg Kroah-Hartman +--- + arch/riscv/include/asm/io.h | 16 ++++++++-------- + 1 file changed, 8 insertions(+), 8 deletions(-) + +--- a/arch/riscv/include/asm/io.h ++++ b/arch/riscv/include/asm/io.h +@@ -101,9 +101,9 @@ __io_reads_ins(reads, u32, l, __io_br(), + __io_reads_ins(ins, u8, b, __io_pbr(), __io_par(addr)) + __io_reads_ins(ins, u16, w, __io_pbr(), __io_par(addr)) + __io_reads_ins(ins, u32, l, __io_pbr(), __io_par(addr)) +-#define insb(addr, buffer, count) __insb((void __iomem *)(long)addr, buffer, count) +-#define insw(addr, buffer, count) __insw((void __iomem *)(long)addr, buffer, count) +-#define insl(addr, buffer, count) __insl((void __iomem *)(long)addr, buffer, count) ++#define insb(addr, buffer, count) __insb(PCI_IOBASE + (addr), buffer, count) ++#define insw(addr, buffer, count) __insw(PCI_IOBASE + (addr), buffer, count) ++#define insl(addr, buffer, count) __insl(PCI_IOBASE + (addr), buffer, count) + + __io_writes_outs(writes, u8, b, __io_bw(), __io_aw()) + __io_writes_outs(writes, u16, w, __io_bw(), __io_aw()) +@@ -115,22 +115,22 @@ __io_writes_outs(writes, u32, l, __io_bw + __io_writes_outs(outs, u8, b, __io_pbw(), __io_paw()) + __io_writes_outs(outs, u16, w, __io_pbw(), __io_paw()) + __io_writes_outs(outs, u32, l, __io_pbw(), __io_paw()) +-#define outsb(addr, buffer, count) __outsb((void __iomem *)(long)addr, buffer, count) +-#define outsw(addr, buffer, count) __outsw((void __iomem *)(long)addr, buffer, count) +-#define outsl(addr, buffer, count) __outsl((void __iomem *)(long)addr, buffer, count) ++#define outsb(addr, buffer, count) __outsb(PCI_IOBASE + (addr), buffer, count) ++#define outsw(addr, buffer, count) __outsw(PCI_IOBASE + (addr), buffer, count) ++#define outsl(addr, buffer, count) __outsl(PCI_IOBASE + (addr), buffer, count) + + #ifdef CONFIG_64BIT + __io_reads_ins(reads, u64, q, __io_br(), __io_ar(addr)) + #define readsq(addr, buffer, count) __readsq(addr, buffer, count) + + __io_reads_ins(ins, u64, q, __io_pbr(), __io_par(addr)) +-#define insq(addr, buffer, count) __insq((void __iomem *)addr, buffer, count) ++#define insq(addr, buffer, count) __insq(PCI_IOBASE + (addr), buffer, count) + + __io_writes_outs(writes, u64, q, __io_bw(), __io_aw()) + #define writesq(addr, buffer, count) __writesq(addr, buffer, count) + + __io_writes_outs(outs, u64, q, __io_pbr(), __io_paw()) +-#define outsq(addr, buffer, count) __outsq((void __iomem *)addr, buffer, count) ++#define outsq(addr, buffer, count) __outsq(PCI_IOBASE + (addr), buffer, count) + #endif + + #include diff --git a/queue-6.0/risc-v-re-enable-counter-access-from-userspace.patch b/queue-6.0/risc-v-re-enable-counter-access-from-userspace.patch new file mode 100644 index 00000000000..c9ca9610a01 --- /dev/null +++ b/queue-6.0/risc-v-re-enable-counter-access-from-userspace.patch @@ -0,0 +1,40 @@ +From 5a5294fbe0200d1327f0e089135dad77b45aa2ee Mon Sep 17 00:00:00 2001 +From: Palmer Dabbelt +Date: Wed, 28 Sep 2022 06:18:07 -0700 +Subject: RISC-V: Re-enable counter access from userspace + +From: Palmer Dabbelt + +commit 5a5294fbe0200d1327f0e089135dad77b45aa2ee upstream. + +These counters were part of the ISA when we froze the uABI, removing +them breaks userspace. + +Link: https://lore.kernel.org/all/YxEhC%2FmDW1lFt36J@aurel32.net/ +Fixes: e9991434596f ("RISC-V: Add perf platform driver based on SBI PMU extension") +Tested-by: Conor Dooley +Reviewed-by: Conor Dooley +Link: https://lore.kernel.org/r/20220928131807.30386-1-palmer@rivosinc.com +Cc: stable@vger.kernel.org +Signed-off-by: Palmer Dabbelt +Signed-off-by: Greg Kroah-Hartman +--- + drivers/perf/riscv_pmu_sbi.c | 7 +++++-- + 1 file changed, 5 insertions(+), 2 deletions(-) + +--- a/drivers/perf/riscv_pmu_sbi.c ++++ b/drivers/perf/riscv_pmu_sbi.c +@@ -645,8 +645,11 @@ static int pmu_sbi_starting_cpu(unsigned + struct riscv_pmu *pmu = hlist_entry_safe(node, struct riscv_pmu, node); + struct cpu_hw_events *cpu_hw_evt = this_cpu_ptr(pmu->hw_events); + +- /* Enable the access for TIME csr only from the user mode now */ +- csr_write(CSR_SCOUNTEREN, 0x2); ++ /* ++ * Enable the access for CYCLE, TIME, and INSTRET CSRs from userspace, ++ * as is necessary to maintain uABI compatibility. ++ */ ++ csr_write(CSR_SCOUNTEREN, 0x7); + + /* Stop all the counters so that they can be enabled from perf */ + pmu_sbi_stop_all(pmu); diff --git a/queue-6.0/riscv-allow-prot_write-only-mmap.patch b/queue-6.0/riscv-allow-prot_write-only-mmap.patch new file mode 100644 index 00000000000..4d93998c3f3 --- /dev/null +++ b/queue-6.0/riscv-allow-prot_write-only-mmap.patch @@ -0,0 +1,46 @@ +From 9e2e6042a7ec6504fe8e366717afa2f40cf16488 Mon Sep 17 00:00:00 2001 +From: Andrew Bresticker +Date: Thu, 15 Sep 2022 15:37:02 -0400 +Subject: riscv: Allow PROT_WRITE-only mmap() + +From: Andrew Bresticker + +commit 9e2e6042a7ec6504fe8e366717afa2f40cf16488 upstream. + +Commit 2139619bcad7 ("riscv: mmap with PROT_WRITE but no PROT_READ is +invalid") made mmap() return EINVAL if PROT_WRITE was set wihtout +PROT_READ with the justification that a write-only PTE is considered a +reserved PTE permission bit pattern in the privileged spec. This check +is unnecessary since we let VM_WRITE imply VM_READ on RISC-V, and it is +inconsistent with other architectures that don't support write-only PTEs, +creating a potential software portability issue. Just remove the check +altogether and let PROT_WRITE imply PROT_READ as is the case on other +architectures. + +Note that this also allows PROT_WRITE|PROT_EXEC mappings which were +disallowed prior to the aforementioned commit; PROT_READ is implied in +such mappings as well. + +Fixes: 2139619bcad7 ("riscv: mmap with PROT_WRITE but no PROT_READ is invalid") +Reviewed-by: Atish Patra +Signed-off-by: Andrew Bresticker +Cc: stable@vger.kernel.org +Link: https://lore.kernel.org/r/20220915193702.2201018-3-abrestic@rivosinc.com/ +Signed-off-by: Palmer Dabbelt +Signed-off-by: Greg Kroah-Hartman +--- + arch/riscv/kernel/sys_riscv.c | 3 --- + 1 file changed, 3 deletions(-) + +--- a/arch/riscv/kernel/sys_riscv.c ++++ b/arch/riscv/kernel/sys_riscv.c +@@ -18,9 +18,6 @@ static long riscv_sys_mmap(unsigned long + if (unlikely(offset & (~PAGE_MASK >> page_shift_offset))) + return -EINVAL; + +- if (unlikely((prot & PROT_WRITE) && !(prot & PROT_READ))) +- return -EINVAL; +- + return ksys_mmap_pgoff(addr, len, prot, flags, fd, + offset >> (PAGE_SHIFT - page_shift_offset)); + } diff --git a/queue-6.0/riscv-always-honor-the-config_cmdline_force-when-parsing-dtb.patch b/queue-6.0/riscv-always-honor-the-config_cmdline_force-when-parsing-dtb.patch new file mode 100644 index 00000000000..e4ef44329a4 --- /dev/null +++ b/queue-6.0/riscv-always-honor-the-config_cmdline_force-when-parsing-dtb.patch @@ -0,0 +1,52 @@ +From 10f6913c548b32ecb73801a16b120e761c6957ea Mon Sep 17 00:00:00 2001 +From: Wenting Zhang +Date: Fri, 8 Jul 2022 16:38:22 -0400 +Subject: riscv: always honor the CONFIG_CMDLINE_FORCE when parsing dtb +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +From: Wenting Zhang + +commit 10f6913c548b32ecb73801a16b120e761c6957ea upstream. + +When CONFIG_CMDLINE_FORCE is enabled, cmdline provided by +CONFIG_CMDLINE are always used. This allows CONFIG_CMDLINE to be +used regardless of the result of device tree scanning. + +This especially fixes the case where a device tree without the +chosen node is supplied to the kernel. In such cases, +early_init_dt_scan would return true. But inside +early_init_dt_scan_chosen, the cmdline won't be updated as there +is no chosen node in the device tree. As a result, CONFIG_CMDLINE +is not copied into boot_command_line even if CONFIG_CMDLINE_FORCE +is enabled. This commit allows properly update boot_command_line +in this situation. + +Fixes: 8fd6e05c7463 ("arch: riscv: support kernel command line forcing when no DTB passed") +Signed-off-by: Wenting Zhang +Reviewed-by: Björn Töpel +Reviewed-by: Conor Dooley +Link: https://lore.kernel.org/r/PSBPR04MB399135DFC54928AB958D0638B1829@PSBPR04MB3991.apcprd04.prod.outlook.com +Cc: stable@vger.kernel.org +Signed-off-by: Palmer Dabbelt +Signed-off-by: Greg Kroah-Hartman +--- + arch/riscv/kernel/setup.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +--- a/arch/riscv/kernel/setup.c ++++ b/arch/riscv/kernel/setup.c +@@ -252,10 +252,10 @@ static void __init parse_dtb(void) + pr_info("Machine model: %s\n", name); + dump_stack_set_arch_desc("%s (DT)", name); + } +- return; ++ } else { ++ pr_err("No DTB passed to the kernel\n"); + } + +- pr_err("No DTB passed to the kernel\n"); + #ifdef CONFIG_CMDLINE_FORCE + strscpy(boot_command_line, CONFIG_CMDLINE, COMMAND_LINE_SIZE); + pr_info("Forcing kernel command line to: %s\n", boot_command_line); diff --git a/queue-6.0/riscv-make-vm_write-imply-vm_read.patch b/queue-6.0/riscv-make-vm_write-imply-vm_read.patch new file mode 100644 index 00000000000..37b82c279ee --- /dev/null +++ b/queue-6.0/riscv-make-vm_write-imply-vm_read.patch @@ -0,0 +1,37 @@ +From 7ab72c597356be1e7f0f3d856e54ce78527f43c8 Mon Sep 17 00:00:00 2001 +From: Andrew Bresticker +Date: Thu, 15 Sep 2022 15:37:01 -0400 +Subject: riscv: Make VM_WRITE imply VM_READ + +From: Andrew Bresticker + +commit 7ab72c597356be1e7f0f3d856e54ce78527f43c8 upstream. + +RISC-V does not presently have write-only mappings as that PTE bit pattern +is considered reserved in the privileged spec, so allow handling of read +faults in VMAs that have VM_WRITE without VM_READ in order to be consistent +with other architectures that have similar limitations. + +Fixes: 2139619bcad7 ("riscv: mmap with PROT_WRITE but no PROT_READ is invalid") +Reviewed-by: Atish Patra +Signed-off-by: Andrew Bresticker +Cc: stable@vger.kernel.org +Link: https://lore.kernel.org/r/20220915193702.2201018-2-abrestic@rivosinc.com/ +Signed-off-by: Palmer Dabbelt +Signed-off-by: Greg Kroah-Hartman +--- + arch/riscv/mm/fault.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +--- a/arch/riscv/mm/fault.c ++++ b/arch/riscv/mm/fault.c +@@ -184,7 +184,8 @@ static inline bool access_error(unsigned + } + break; + case EXC_LOAD_PAGE_FAULT: +- if (!(vma->vm_flags & VM_READ)) { ++ /* Write implies read */ ++ if (!(vma->vm_flags & (VM_READ | VM_WRITE))) { + return true; + } + break; diff --git a/queue-6.0/riscv-pass-mno-relax-only-on-lld-15.0.0.patch b/queue-6.0/riscv-pass-mno-relax-only-on-lld-15.0.0.patch new file mode 100644 index 00000000000..eaa6c646c3f --- /dev/null +++ b/queue-6.0/riscv-pass-mno-relax-only-on-lld-15.0.0.patch @@ -0,0 +1,51 @@ +From 3cebf80e9a0d3adcb174053be32c88a640b3344b Mon Sep 17 00:00:00 2001 +From: Fangrui Song +Date: Sun, 18 Sep 2022 02:29:34 -0700 +Subject: riscv: Pass -mno-relax only on lld < 15.0.0 + +From: Fangrui Song + +commit 3cebf80e9a0d3adcb174053be32c88a640b3344b upstream. + +lld since llvm:6611d58f5bbc ("[ELF] Relax R_RISCV_ALIGN"), which will be +included in the 15.0.0 release, has implemented some RISC-V linker +relaxation. -mno-relax is no longer needed in +KBUILD_CFLAGS/KBUILD_AFLAGS to suppress R_RISCV_ALIGN which older lld +can not handle: + + ld.lld: error: capability.c:(.fixup+0x0): relocation R_RISCV_ALIGN + requires unimplemented linker relaxation; recompile with -mno-relax + but the .o is already compiled with -mno-relax + +Signed-off-by: Fangrui Song +Link: https://lore.kernel.org/r/20220710071117.446112-1-maskray@google.com/ +Link: https://lore.kernel.org/r/20220918092933.19943-1-palmer@rivosinc.com +Reviewed-by: Nick Desaulniers +Tested-by: Nick Desaulniers +Tested-by: Nathan Chancellor +Tested-by: Conor Dooley +Cc: stable@vger.kernel.org +Signed-off-by: Palmer Dabbelt +Signed-off-by: Greg Kroah-Hartman +--- + arch/riscv/Makefile | 2 ++ + 1 file changed, 2 insertions(+) + +--- a/arch/riscv/Makefile ++++ b/arch/riscv/Makefile +@@ -37,6 +37,7 @@ else + endif + + ifeq ($(CONFIG_LD_IS_LLD),y) ++ifeq ($(shell test $(CONFIG_LLD_VERSION) -lt 150000; echo $$?),0) + KBUILD_CFLAGS += -mno-relax + KBUILD_AFLAGS += -mno-relax + ifndef CONFIG_AS_IS_LLVM +@@ -44,6 +45,7 @@ ifndef CONFIG_AS_IS_LLVM + KBUILD_AFLAGS += -Wa,-mno-relax + endif + endif ++endif + + # ISA string setting + riscv-march-$(CONFIG_ARCH_RV32I) := rv32ima diff --git a/queue-6.0/riscv-topology-fix-default-topology-reporting.patch b/queue-6.0/riscv-topology-fix-default-topology-reporting.patch new file mode 100644 index 00000000000..84a78d75e68 --- /dev/null +++ b/queue-6.0/riscv-topology-fix-default-topology-reporting.patch @@ -0,0 +1,84 @@ +From fbd92809997a391f28075f1c8b5ee314c225557c Mon Sep 17 00:00:00 2001 +From: Conor Dooley +Date: Fri, 15 Jul 2022 18:51:56 +0100 +Subject: riscv: topology: fix default topology reporting + +From: Conor Dooley + +commit fbd92809997a391f28075f1c8b5ee314c225557c upstream. + +RISC-V has no sane defaults to fall back on where there is no cpu-map +in the devicetree. +Without sane defaults, the package, core and thread IDs are all set to +-1. This causes user-visible inaccuracies for tools like hwloc/lstopo +which rely on the sysfs cpu topology files to detect a system's +topology. + +On a PolarFire SoC, which should have 4 harts with a thread each, +lstopo currently reports: + +Machine (793MB total) + Package L#0 + NUMANode L#0 (P#0 793MB) + Core L#0 + L1d L#0 (32KB) + L1i L#0 (32KB) + PU L#0 (P#0) + L1d L#1 (32KB) + L1i L#1 (32KB) + PU L#1 (P#1) + L1d L#2 (32KB) + L1i L#2 (32KB) + PU L#2 (P#2) + L1d L#3 (32KB) + L1i L#3 (32KB) + PU L#3 (P#3) + +Adding calls to store_cpu_topology() in {boot,smp} hart bringup code +results in the correct topolgy being reported: + +Machine (793MB total) + Package L#0 + NUMANode L#0 (P#0 793MB) + L1d L#0 (32KB) + L1i L#0 (32KB) + Core L#0 + PU L#0 (P#0) + L1d L#1 (32KB) + L1i L#1 (32KB) + Core L#1 + PU L#1 (P#1) + L1d L#2 (32KB) + L1i L#2 (32KB) + Core L#2 + PU L#2 (P#2) + L1d L#3 (32KB) + L1i L#3 (32KB) + Core L#3 + PU L#3 (P#3) + +CC: stable@vger.kernel.org # 456797da792f: arm64: topology: move store_cpu_topology() to shared code +Fixes: 03f11f03dbfe ("RISC-V: Parse cpu topology during boot.") +Reported-by: Brice Goglin +Link: https://github.com/open-mpi/hwloc/issues/536 +Reviewed-by: Sudeep Holla +Reviewed-by: Atish Patra +Signed-off-by: Conor Dooley +Signed-off-by: Greg Kroah-Hartman +--- + arch/riscv/Kconfig | 2 +- + arch/riscv/kernel/smpboot.c | 3 ++- + 2 files changed, 3 insertions(+), 2 deletions(-) + +--- a/arch/riscv/Kconfig ++++ b/arch/riscv/Kconfig +@@ -52,7 +52,7 @@ config RISCV + select COMMON_CLK + select CPU_PM if CPU_IDLE + select EDAC_SUPPORT +- select GENERIC_ARCH_TOPOLOGY if SMP ++ select GENERIC_ARCH_TOPOLOGY + select GENERIC_ATOMIC64 if !64BIT + select GENERIC_CLOCKEVENTS_BROADCAST if SMP + select GENERIC_EARLY_IOREMAP +--- a/arch/riscv/kernel/smpboot.c ++++ b/arch/riscv/kernel/smpboot.c +@@ -49,6 +49,7 @@ void __init smp_prepare_cpus(unsigned in + unsigned int curr_cpuid; + + curr_cpuid = smp_processor_id(); ++ store_cpu_topology(curr_cpuid); + numa_store_cpu_info(curr_cpuid); + numa_add_cpu(curr_cpuid); + +@@ -162,9 +163,9 @@ asmlinkage __visible void smp_callin(voi + mmgrab(mm); + current->active_mm = mm; + ++ store_cpu_topology(curr_cpuid); + notify_cpu_starting(curr_cpuid); + numa_add_cpu(curr_cpuid); +- update_siblings_masks(curr_cpuid); + set_cpu_online(curr_cpuid, 1); + + /* diff --git a/queue-6.0/riscv-vdso-fix-null-deference-in-vdso_join_timens-when-vfork.patch b/queue-6.0/riscv-vdso-fix-null-deference-in-vdso_join_timens-when-vfork.patch new file mode 100644 index 00000000000..a29f67edc70 --- /dev/null +++ b/queue-6.0/riscv-vdso-fix-null-deference-in-vdso_join_timens-when-vfork.patch @@ -0,0 +1,112 @@ +From a8616d2dc193b6becc36b5f3cfeaa9ac7a5762f9 Mon Sep 17 00:00:00 2001 +From: Jisheng Zhang +Date: Sat, 24 Sep 2022 15:07:37 +0800 +Subject: riscv: vdso: fix NULL deference in vdso_join_timens() when vfork + +From: Jisheng Zhang + +commit a8616d2dc193b6becc36b5f3cfeaa9ac7a5762f9 upstream. + +Testing tools/testing/selftests/timens/vfork_exec.c got below +kernel log: + +[ 6.838454] Unable to handle kernel access to user memory without uaccess routines at virtual address 0000000000000020 +[ 6.842255] Oops [#1] +[ 6.842871] Modules linked in: +[ 6.844249] CPU: 1 PID: 64 Comm: vfork_exec Not tainted 6.0.0-rc3-rt15+ #8 +[ 6.845861] Hardware name: riscv-virtio,qemu (DT) +[ 6.848009] epc : vdso_join_timens+0xd2/0x110 +[ 6.850097] ra : vdso_join_timens+0xd2/0x110 +[ 6.851164] epc : ffffffff8000635c ra : ffffffff8000635c sp : ff6000000181fbf0 +[ 6.852562] gp : ffffffff80cff648 tp : ff60000000fdb700 t0 : 3030303030303030 +[ 6.853852] t1 : 0000000000000030 t2 : 3030303030303030 s0 : ff6000000181fc40 +[ 6.854984] s1 : ff60000001e6c000 a0 : 0000000000000010 a1 : ffffffff8005654c +[ 6.856221] a2 : 00000000ffffefff a3 : 0000000000000000 a4 : 0000000000000000 +[ 6.858114] a5 : 0000000000000000 a6 : 0000000000000008 a7 : 0000000000000038 +[ 6.859484] s2 : ff60000001e6c068 s3 : ff6000000108abb0 s4 : 0000000000000000 +[ 6.860751] s5 : 0000000000001000 s6 : ffffffff8089dc40 s7 : ffffffff8089dc38 +[ 6.862029] s8 : ffffffff8089dc30 s9 : ff60000000fdbe38 s10: 000000000000005e +[ 6.863304] s11: ffffffff80cc3510 t3 : ffffffff80d1112f t4 : ffffffff80d1112f +[ 6.864565] t5 : ffffffff80d11130 t6 : ff6000000181fa00 +[ 6.865561] status: 0000000000000120 badaddr: 0000000000000020 cause: 000000000000000d +[ 6.868046] [] timens_commit+0x38/0x11a +[ 6.869089] [] timens_on_fork+0x72/0xb4 +[ 6.870055] [] begin_new_exec+0x3c6/0x9f0 +[ 6.871231] [] load_elf_binary+0x628/0x1214 +[ 6.872304] [] bprm_execve+0x1f2/0x4e4 +[ 6.873243] [] do_execveat_common+0x16e/0x1ee +[ 6.874258] [] sys_execve+0x3c/0x48 +[ 6.875162] [] ret_from_syscall+0x0/0x2 +[ 6.877484] ---[ end trace 0000000000000000 ]--- + +This is because the mm->context.vdso_info is NULL in vfork case. From +another side, mm->context.vdso_info either points to vdso info +for RV64 or vdso info for compat, there's no need to bloat riscv's +mm_context_t, we can handle the difference when setup the additional +page for vdso. + +Signed-off-by: Jisheng Zhang +Suggested-by: Palmer Dabbelt +Fixes: 3092eb456375 ("riscv: compat: vdso: Add setup additional pages implementation") +Link: https://lore.kernel.org/r/20220924070737.3048-1-jszhang@kernel.org +Cc: stable@vger.kernel.org +Signed-off-by: Palmer Dabbelt +Signed-off-by: Greg Kroah-Hartman +--- + arch/riscv/include/asm/mmu.h | 1 - + arch/riscv/kernel/vdso.c | 13 ++++++++++--- + 2 files changed, 10 insertions(+), 4 deletions(-) + +--- a/arch/riscv/include/asm/mmu.h ++++ b/arch/riscv/include/asm/mmu.h +@@ -16,7 +16,6 @@ typedef struct { + atomic_long_t id; + #endif + void *vdso; +- void *vdso_info; + #ifdef CONFIG_SMP + /* A local icache flush is needed before user execution can resume. */ + cpumask_t icache_stale_mask; +--- a/arch/riscv/kernel/vdso.c ++++ b/arch/riscv/kernel/vdso.c +@@ -60,6 +60,11 @@ struct __vdso_info { + struct vm_special_mapping *cm; + }; + ++static struct __vdso_info vdso_info; ++#ifdef CONFIG_COMPAT ++static struct __vdso_info compat_vdso_info; ++#endif ++ + static int vdso_mremap(const struct vm_special_mapping *sm, + struct vm_area_struct *new_vma) + { +@@ -114,15 +119,18 @@ int vdso_join_timens(struct task_struct + { + struct mm_struct *mm = task->mm; + struct vm_area_struct *vma; +- struct __vdso_info *vdso_info = mm->context.vdso_info; + + mmap_read_lock(mm); + + for (vma = mm->mmap; vma; vma = vma->vm_next) { + unsigned long size = vma->vm_end - vma->vm_start; + +- if (vma_is_special_mapping(vma, vdso_info->dm)) ++ if (vma_is_special_mapping(vma, vdso_info.dm)) + zap_page_range(vma, vma->vm_start, size); ++#ifdef CONFIG_COMPAT ++ if (vma_is_special_mapping(vma, compat_vdso_info.dm)) ++ zap_page_range(vma, vma->vm_start, size); ++#endif + } + + mmap_read_unlock(mm); +@@ -264,7 +272,6 @@ static int __setup_additional_pages(stru + + vdso_base += VVAR_SIZE; + mm->context.vdso = (void *)vdso_base; +- mm->context.vdso_info = (void *)vdso_info; + + ret = + _install_special_mapping(mm, vdso_base, vdso_text_len, diff --git a/queue-6.0/series b/queue-6.0/series index c9af7cc61a3..66bf0a00e94 100644 --- a/queue-6.0/series +++ b/queue-6.0/series @@ -52,3 +52,13 @@ asoc-wcd934x-fix-order-of-slimbus-unprepare-disable.patch hwmon-gsc-hwmon-call-of_node_get-before-of_find_xxx-api.patch net-thunderbolt-enable-dma-paths-only-after-rings-are-enabled.patch regulator-qcom_rpm-fix-circular-deferral-regression.patch +riscv-topology-fix-default-topology-reporting.patch +risc-v-re-enable-counter-access-from-userspace.patch +risc-v-make-port-i-o-string-accessors-actually-work.patch +parisc-fbdev-stifb-align-graphics-memory-size-to-4mb.patch +parisc-fix-userspace-graphics-card-breakage-due-to-pgtable-special-bit.patch +riscv-vdso-fix-null-deference-in-vdso_join_timens-when-vfork.patch +riscv-allow-prot_write-only-mmap.patch +riscv-make-vm_write-imply-vm_read.patch +riscv-always-honor-the-config_cmdline_force-when-parsing-dtb.patch +riscv-pass-mno-relax-only-on-lld-15.0.0.patch