From: Greg Kroah-Hartman Date: Mon, 3 Aug 2020 10:11:02 +0000 (+0200) Subject: 5.7-stable patches X-Git-Tag: v5.7.13~11 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=e508b1e1750e99e4a49f9e2335984716c79e2fd7;p=thirdparty%2Fkernel%2Fstable-queue.git 5.7-stable patches added patches: kvm-arm64-don-t-inherit-exec-permission-across-page-table-levels.patch kvm-lapic-prevent-setting-the-tscdeadline-timer-if-the-lapic-is-hw-disabled.patch kvm-svm-fix-disable-pause-loop-exit-pause-filtering-capability-on-svm.patch x86-i8259-use-printk_deferred-to-prevent-deadlock.patch --- diff --git a/queue-5.7/kvm-arm64-don-t-inherit-exec-permission-across-page-table-levels.patch b/queue-5.7/kvm-arm64-don-t-inherit-exec-permission-across-page-table-levels.patch new file mode 100644 index 00000000000..2e0aa0c4224 --- /dev/null +++ b/queue-5.7/kvm-arm64-don-t-inherit-exec-permission-across-page-table-levels.patch @@ -0,0 +1,70 @@ +From b757b47a2fcba584d4a32fd7ee68faca510ab96f Mon Sep 17 00:00:00 2001 +From: Will Deacon +Date: Thu, 23 Jul 2020 11:17:14 +0100 +Subject: KVM: arm64: Don't inherit exec permission across page-table levels + +From: Will Deacon + +commit b757b47a2fcba584d4a32fd7ee68faca510ab96f upstream. + +If a stage-2 page-table contains an executable, read-only mapping at the +pte level (e.g. due to dirty logging being enabled), a subsequent write +fault to the same page which tries to install a larger block mapping +(e.g. due to dirty logging having been disabled) will erroneously inherit +the exec permission and consequently skip I-cache invalidation for the +rest of the block. + +Ensure that exec permission is only inherited by write faults when the +new mapping is of the same size as the existing one. A subsequent +instruction abort will result in I-cache invalidation for the entire +block mapping. + +Signed-off-by: Will Deacon +Signed-off-by: Marc Zyngier +Tested-by: Quentin Perret +Reviewed-by: Quentin Perret +Cc: Marc Zyngier +Cc: +Link: https://lore.kernel.org/r/20200723101714.15873-1-will@kernel.org +Signed-off-by: Greg Kroah-Hartman + +--- + virt/kvm/arm/mmu.c | 11 ++++++----- + 1 file changed, 6 insertions(+), 5 deletions(-) + +--- a/virt/kvm/arm/mmu.c ++++ b/virt/kvm/arm/mmu.c +@@ -1198,7 +1198,7 @@ static bool stage2_get_leaf_entry(struct + return true; + } + +-static bool stage2_is_exec(struct kvm *kvm, phys_addr_t addr) ++static bool stage2_is_exec(struct kvm *kvm, phys_addr_t addr, unsigned long sz) + { + pud_t *pudp; + pmd_t *pmdp; +@@ -1210,11 +1210,11 @@ static bool stage2_is_exec(struct kvm *k + return false; + + if (pudp) +- return kvm_s2pud_exec(pudp); ++ return sz <= PUD_SIZE && kvm_s2pud_exec(pudp); + else if (pmdp) +- return kvm_s2pmd_exec(pmdp); ++ return sz <= PMD_SIZE && kvm_s2pmd_exec(pmdp); + else +- return kvm_s2pte_exec(ptep); ++ return sz == PAGE_SIZE && kvm_s2pte_exec(ptep); + } + + static int stage2_set_pte(struct kvm *kvm, struct kvm_mmu_memory_cache *cache, +@@ -1801,7 +1801,8 @@ static int user_mem_abort(struct kvm_vcp + * execute permissions, and we preserve whatever we have. + */ + needs_exec = exec_fault || +- (fault_status == FSC_PERM && stage2_is_exec(kvm, fault_ipa)); ++ (fault_status == FSC_PERM && ++ stage2_is_exec(kvm, fault_ipa, vma_pagesize)); + + if (vma_pagesize == PUD_SIZE) { + pud_t new_pud = kvm_pfn_pud(pfn, mem_type); diff --git a/queue-5.7/kvm-lapic-prevent-setting-the-tscdeadline-timer-if-the-lapic-is-hw-disabled.patch b/queue-5.7/kvm-lapic-prevent-setting-the-tscdeadline-timer-if-the-lapic-is-hw-disabled.patch new file mode 100644 index 00000000000..3ee2f6e1144 --- /dev/null +++ b/queue-5.7/kvm-lapic-prevent-setting-the-tscdeadline-timer-if-the-lapic-is-hw-disabled.patch @@ -0,0 +1,33 @@ +From d2286ba7d574ba3103a421a2f9ec17cb5b0d87a1 Mon Sep 17 00:00:00 2001 +From: Wanpeng Li +Date: Fri, 31 Jul 2020 11:12:19 +0800 +Subject: KVM: LAPIC: Prevent setting the tscdeadline timer if the lapic is hw disabled + +From: Wanpeng Li + +commit d2286ba7d574ba3103a421a2f9ec17cb5b0d87a1 upstream. + +Prevent setting the tscdeadline timer if the lapic is hw disabled. + +Fixes: bce87cce88 (KVM: x86: consolidate different ways to test for in-kernel LAPIC) +Cc: +Signed-off-by: Wanpeng Li +Message-Id: <1596165141-28874-1-git-send-email-wanpengli@tencent.com> +Signed-off-by: Paolo Bonzini +Signed-off-by: Greg Kroah-Hartman + +--- + arch/x86/kvm/lapic.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/arch/x86/kvm/lapic.c ++++ b/arch/x86/kvm/lapic.c +@@ -2136,7 +2136,7 @@ void kvm_set_lapic_tscdeadline_msr(struc + { + struct kvm_lapic *apic = vcpu->arch.apic; + +- if (!lapic_in_kernel(vcpu) || apic_lvtt_oneshot(apic) || ++ if (!kvm_apic_present(vcpu) || apic_lvtt_oneshot(apic) || + apic_lvtt_period(apic)) + return; + diff --git a/queue-5.7/kvm-svm-fix-disable-pause-loop-exit-pause-filtering-capability-on-svm.patch b/queue-5.7/kvm-svm-fix-disable-pause-loop-exit-pause-filtering-capability-on-svm.patch new file mode 100644 index 00000000000..60fd9f81398 --- /dev/null +++ b/queue-5.7/kvm-svm-fix-disable-pause-loop-exit-pause-filtering-capability-on-svm.patch @@ -0,0 +1,67 @@ +From 830f01b089b12bbe93bd55f2d62837253012a30e Mon Sep 17 00:00:00 2001 +From: Wanpeng Li +Date: Fri, 31 Jul 2020 11:12:21 +0800 +Subject: KVM: SVM: Fix disable pause loop exit/pause filtering capability on SVM + +From: Wanpeng Li + +commit 830f01b089b12bbe93bd55f2d62837253012a30e upstream. + +'Commit 8566ac8b8e7c ("KVM: SVM: Implement pause loop exit logic in SVM")' +drops disable pause loop exit/pause filtering capability completely, I +guess it is a merge fault by Radim since disable vmexits capabilities and +pause loop exit for SVM patchsets are merged at the same time. This patch +reintroduces the disable pause loop exit/pause filtering capability support. + +Reported-by: Haiwei Li +Tested-by: Haiwei Li +Fixes: 8566ac8b ("KVM: SVM: Implement pause loop exit logic in SVM") +Signed-off-by: Wanpeng Li +Message-Id: <1596165141-28874-3-git-send-email-wanpengli@tencent.com> +Cc: stable@vger.kernel.org +Signed-off-by: Paolo Bonzini +Signed-off-by: Greg Kroah-Hartman + +--- + arch/x86/kvm/svm/svm.c | 9 ++++++--- + 1 file changed, 6 insertions(+), 3 deletions(-) + +--- a/arch/x86/kvm/svm/svm.c ++++ b/arch/x86/kvm/svm/svm.c +@@ -1105,7 +1105,7 @@ static void init_vmcb(struct vcpu_svm *s + svm->nested.vmcb = 0; + svm->vcpu.arch.hflags = 0; + +- if (pause_filter_count) { ++ if (!kvm_pause_in_guest(svm->vcpu.kvm)) { + control->pause_filter_count = pause_filter_count; + if (pause_filter_thresh) + control->pause_filter_thresh = pause_filter_thresh; +@@ -2682,7 +2682,7 @@ static int pause_interception(struct vcp + struct kvm_vcpu *vcpu = &svm->vcpu; + bool in_kernel = (svm_get_cpl(vcpu) == 0); + +- if (pause_filter_thresh) ++ if (!kvm_pause_in_guest(vcpu->kvm)) + grow_ple_window(vcpu); + + kvm_vcpu_on_spin(vcpu, in_kernel); +@@ -3727,7 +3727,7 @@ static void svm_handle_exit_irqoff(struc + + static void svm_sched_in(struct kvm_vcpu *vcpu, int cpu) + { +- if (pause_filter_thresh) ++ if (!kvm_pause_in_guest(vcpu->kvm)) + shrink_ple_window(vcpu); + } + +@@ -3892,6 +3892,9 @@ static void svm_vm_destroy(struct kvm *k + + static int svm_vm_init(struct kvm *kvm) + { ++ if (!pause_filter_count || !pause_filter_thresh) ++ kvm->arch.pause_in_guest = true; ++ + if (avic) { + int ret = avic_vm_init(kvm); + if (ret) diff --git a/queue-5.7/series b/queue-5.7/series index f45ef7c6572..91aa7482e6c 100644 --- a/queue-5.7/series +++ b/queue-5.7/series @@ -114,3 +114,7 @@ xen-netfront-fix-potential-deadlock-in-xennet_remove.patch risc-v-set-maximum-number-of-mapped-pages-correctly.patch drivers-net-wan-lapb-corrected-the-usage-of-skb_cow.patch riscv-parse-all-memory-blocks-to-remove-unusable-mem.patch +kvm-arm64-don-t-inherit-exec-permission-across-page-table-levels.patch +kvm-lapic-prevent-setting-the-tscdeadline-timer-if-the-lapic-is-hw-disabled.patch +kvm-svm-fix-disable-pause-loop-exit-pause-filtering-capability-on-svm.patch +x86-i8259-use-printk_deferred-to-prevent-deadlock.patch diff --git a/queue-5.7/x86-i8259-use-printk_deferred-to-prevent-deadlock.patch b/queue-5.7/x86-i8259-use-printk_deferred-to-prevent-deadlock.patch new file mode 100644 index 00000000000..63fb6ec8ff9 --- /dev/null +++ b/queue-5.7/x86-i8259-use-printk_deferred-to-prevent-deadlock.patch @@ -0,0 +1,51 @@ +From bdd65589593edd79b6a12ce86b3b7a7c6dae5208 Mon Sep 17 00:00:00 2001 +From: Thomas Gleixner +Date: Wed, 29 Jul 2020 10:53:28 +0200 +Subject: x86/i8259: Use printk_deferred() to prevent deadlock + +From: Thomas Gleixner + +commit bdd65589593edd79b6a12ce86b3b7a7c6dae5208 upstream. + +0day reported a possible circular locking dependency: + +Chain exists of: + &irq_desc_lock_class --> console_owner --> &port_lock_key + + Possible unsafe locking scenario: + + CPU0 CPU1 + ---- ---- + lock(&port_lock_key); + lock(console_owner); + lock(&port_lock_key); + lock(&irq_desc_lock_class); + +The reason for this is a printk() in the i8259 interrupt chip driver +which is invoked with the irq descriptor lock held, which reverses the +lock operations vs. printk() from arbitrary contexts. + +Switch the printk() to printk_deferred() to avoid that. + +Reported-by: kernel test robot +Signed-off-by: Thomas Gleixner +Signed-off-by: Ingo Molnar +Cc: stable@vger.kernel.org +Link: https://lore.kernel.org/r/87365abt2v.fsf@nanos.tec.linutronix.de +Signed-off-by: Greg Kroah-Hartman + +--- + arch/x86/kernel/i8259.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/arch/x86/kernel/i8259.c ++++ b/arch/x86/kernel/i8259.c +@@ -207,7 +207,7 @@ spurious_8259A_irq: + * lets ACK and report it. [once per IRQ] + */ + if (!(spurious_irq_mask & irqmask)) { +- printk(KERN_DEBUG ++ printk_deferred(KERN_DEBUG + "spurious 8259A interrupt: IRQ%d.\n", irq); + spurious_irq_mask |= irqmask; + }