From: Greg Kroah-Hartman Date: Sat, 17 Aug 2024 07:46:13 +0000 (+0200) Subject: drop broken s390 kvm patches from 5.10 X-Git-Tag: v4.19.320~4 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=e867e44313220b8444fd624e11563895165b600b;p=thirdparty%2Fkernel%2Fstable-queue.git drop broken s390 kvm patches from 5.10 does not build. --- diff --git a/queue-5.10/kvm-s390-fix-race-in-gmap_make_secure.patch b/queue-5.10/kvm-s390-fix-race-in-gmap_make_secure.patch deleted file mode 100644 index 77c7be11b0d..00000000000 --- a/queue-5.10/kvm-s390-fix-race-in-gmap_make_secure.patch +++ /dev/null @@ -1,95 +0,0 @@ -From f7d5788fd019b54a579f631afe37e8a69894cc2a Mon Sep 17 00:00:00 2001 -From: Sasha Levin -Date: Fri, 28 Apr 2023 11:27:53 +0200 -Subject: KVM: s390: fix race in gmap_make_secure() - -From: Claudio Imbrenda - -[ Upstream commit c148dc8e2fa403be501612ee409db866eeed35c0 ] - -Fix a potential race in gmap_make_secure() and remove the last user of -follow_page() without FOLL_GET. - -The old code is locking something it doesn't have a reference to, and -as explained by Jason and David in this discussion: -https://lore.kernel.org/linux-mm/Y9J4P%2FRNvY1Ztn0Q@nvidia.com/ -it can lead to all kind of bad things, including the page getting -unmapped (MADV_DONTNEED), freed, reallocated as a larger folio and the -unlock_page() would target the wrong bit. -There is also another race with the FOLL_WRITE, which could race -between the follow_page() and the get_locked_pte(). - -The main point is to remove the last use of follow_page() without -FOLL_GET or FOLL_PIN, removing the races can be considered a nice -bonus. - -Link: https://lore.kernel.org/linux-mm/Y9J4P%2FRNvY1Ztn0Q@nvidia.com/ -Suggested-by: Jason Gunthorpe -Fixes: 214d9bbcd3a6 ("s390/mm: provide memory management functions for protected KVM guests") -Reviewed-by: Jason Gunthorpe -Signed-off-by: Claudio Imbrenda -Message-Id: <20230428092753.27913-2-imbrenda@linux.ibm.com> -Stable-dep-of: 3f29f6537f54 ("s390/uv: Don't call folio_wait_writeback() without a folio reference") -Signed-off-by: Sasha Levin ---- - arch/s390/kernel/uv.c | 32 +++++++++++--------------------- - 1 file changed, 11 insertions(+), 21 deletions(-) - -diff --git a/arch/s390/kernel/uv.c b/arch/s390/kernel/uv.c -index c38103f3044da..6abf73e832445 100644 ---- a/arch/s390/kernel/uv.c -+++ b/arch/s390/kernel/uv.c -@@ -213,21 +213,10 @@ static int expected_page_refs(struct page *page) - return res; - } - --static int make_secure_pte(pte_t *ptep, unsigned long addr, -- struct page *exp_page, struct uv_cb_header *uvcb) -+static int make_page_secure(struct page *page, struct uv_cb_header *uvcb) - { -- pte_t entry = READ_ONCE(*ptep); -- struct page *page; - int expected, cc = 0; - -- if (!pte_present(entry)) -- return -ENXIO; -- if (pte_val(entry) & _PAGE_INVALID) -- return -ENXIO; -- -- page = pte_page(entry); -- if (page != exp_page) -- return -ENXIO; - if (PageWriteback(page)) - return -EAGAIN; - expected = expected_page_refs(page); -@@ -318,17 +307,18 @@ int gmap_make_secure(struct gmap *gmap, unsigned long gaddr, void *uvcb) - goto out; - - rc = -ENXIO; -- page = follow_page(vma, uaddr, FOLL_WRITE); -- if (IS_ERR_OR_NULL(page)) -- goto out; -- -- lock_page(page); - ptep = get_locked_pte(gmap->mm, uaddr, &ptelock); -- if (should_export_before_import(uvcb, gmap->mm)) -- uv_convert_from_secure(page_to_phys(page)); -- rc = make_secure_pte(ptep, uaddr, page, uvcb); -+ if (pte_present(*ptep) && !(pte_val(*ptep) & _PAGE_INVALID) && pte_write(*ptep)) { -+ page = pte_page(*ptep); -+ rc = -EAGAIN; -+ if (trylock_page(page)) { -+ if (should_export_before_import(uvcb, gmap->mm)) -+ uv_convert_from_secure(page_to_phys(page)); -+ rc = make_page_secure(page, uvcb); -+ unlock_page(page); -+ } -+ } - pte_unmap_unlock(ptep, ptelock); -- unlock_page(page); - out: - mmap_read_unlock(gmap->mm); - --- -2.43.0 - diff --git a/queue-5.10/kvm-s390-pv-add-export-before-import.patch b/queue-5.10/kvm-s390-pv-add-export-before-import.patch deleted file mode 100644 index 74d66f6f863..00000000000 --- a/queue-5.10/kvm-s390-pv-add-export-before-import.patch +++ /dev/null @@ -1,81 +0,0 @@ -From fd4f645d27e14d69d1c7e9c277f5128920e06791 Mon Sep 17 00:00:00 2001 -From: Sasha Levin -Date: Tue, 28 Jun 2022 15:56:07 +0200 -Subject: KVM: s390: pv: add export before import - -From: Claudio Imbrenda - -[ Upstream commit 72b1daff2671cef2c8cccc6c4e52f8d5ce4ebe58 ] - -Due to upcoming changes, it will be possible to temporarily have -multiple protected VMs in the same address space, although only one -will be actually active. - -In that scenario, it is necessary to perform an export of every page -that is to be imported, since the hardware does not allow a page -belonging to a protected guest to be imported into a different -protected guest. - -This also applies to pages that are shared, and thus accessible by the -host. - -Signed-off-by: Claudio Imbrenda -Reviewed-by: Janosch Frank -Link: https://lore.kernel.org/r/20220628135619.32410-7-imbrenda@linux.ibm.com -Message-Id: <20220628135619.32410-7-imbrenda@linux.ibm.com> -Signed-off-by: Janosch Frank -Stable-dep-of: 3f29f6537f54 ("s390/uv: Don't call folio_wait_writeback() without a folio reference") -Signed-off-by: Sasha Levin ---- - arch/s390/kernel/uv.c | 28 ++++++++++++++++++++++++++++ - 1 file changed, 28 insertions(+) - -diff --git a/arch/s390/kernel/uv.c b/arch/s390/kernel/uv.c -index 5173c24a02637..c38103f3044da 100644 ---- a/arch/s390/kernel/uv.c -+++ b/arch/s390/kernel/uv.c -@@ -255,6 +255,32 @@ static int make_secure_pte(pte_t *ptep, unsigned long addr, - return uvcb->rc == 0x10a ? -ENXIO : -EINVAL; - } - -+/** -+ * should_export_before_import - Determine whether an export is needed -+ * before an import-like operation -+ * @uvcb: the Ultravisor control block of the UVC to be performed -+ * @mm: the mm of the process -+ * -+ * Returns whether an export is needed before every import-like operation. -+ * This is needed for shared pages, which don't trigger a secure storage -+ * exception when accessed from a different guest. -+ * -+ * Although considered as one, the Unpin Page UVC is not an actual import, -+ * so it is not affected. -+ * -+ * No export is needed also when there is only one protected VM, because the -+ * page cannot belong to the wrong VM in that case (there is no "other VM" -+ * it can belong to). -+ * -+ * Return: true if an export is needed before every import, otherwise false. -+ */ -+static bool should_export_before_import(struct uv_cb_header *uvcb, struct mm_struct *mm) -+{ -+ if (uvcb->cmd == UVC_CMD_UNPIN_PAGE_SHARED) -+ return false; -+ return atomic_read(&mm->context.protected_count) > 1; -+} -+ - /* - * Requests the Ultravisor to make a page accessible to a guest. - * If it's brought in the first time, it will be cleared. If -@@ -298,6 +324,8 @@ int gmap_make_secure(struct gmap *gmap, unsigned long gaddr, void *uvcb) - - lock_page(page); - ptep = get_locked_pte(gmap->mm, uaddr, &ptelock); -+ if (should_export_before_import(uvcb, gmap->mm)) -+ uv_convert_from_secure(page_to_phys(page)); - rc = make_secure_pte(ptep, uaddr, page, uvcb); - pte_unmap_unlock(ptep, ptelock); - unlock_page(page); --- -2.43.0 - diff --git a/queue-5.10/kvm-s390-pv-avoid-stalls-when-making-pages-secure.patch b/queue-5.10/kvm-s390-pv-avoid-stalls-when-making-pages-secure.patch deleted file mode 100644 index be095dd9d38..00000000000 --- a/queue-5.10/kvm-s390-pv-avoid-stalls-when-making-pages-secure.patch +++ /dev/null @@ -1,110 +0,0 @@ -From e88645a7bea4dee26297a5f1c95913e80788ffeb Mon Sep 17 00:00:00 2001 -From: Sasha Levin -Date: Mon, 20 Sep 2021 15:24:52 +0200 -Subject: KVM: s390: pv: avoid stalls when making pages secure - -From: Claudio Imbrenda - -[ Upstream commit f0a1a0615a6ff6d38af2c65a522698fb4bb85df6 ] - -Improve make_secure_pte to avoid stalls when the system is heavily -overcommitted. This was especially problematic in kvm_s390_pv_unpack, -because of the loop over all pages that needed unpacking. - -Due to the locks being held, it was not possible to simply replace -uv_call with uv_call_sched. A more complex approach was -needed, in which uv_call is replaced with __uv_call, which does not -loop. When the UVC needs to be executed again, -EAGAIN is returned, and -the caller (or its caller) will try again. - -When -EAGAIN is returned, the path is the same as when the page is in -writeback (and the writeback check is also performed, which is -harmless). - -Fixes: 214d9bbcd3a672 ("s390/mm: provide memory management functions for protected KVM guests") -Signed-off-by: Claudio Imbrenda -Reviewed-by: Janosch Frank -Reviewed-by: Christian Borntraeger -Link: https://lore.kernel.org/r/20210920132502.36111-5-imbrenda@linux.ibm.com -Signed-off-by: Christian Borntraeger -Stable-dep-of: 3f29f6537f54 ("s390/uv: Don't call folio_wait_writeback() without a folio reference") -Signed-off-by: Sasha Levin ---- - arch/s390/kernel/uv.c | 29 +++++++++++++++++++++++------ - arch/s390/kvm/intercept.c | 5 +++++ - 2 files changed, 28 insertions(+), 6 deletions(-) - -diff --git a/arch/s390/kernel/uv.c b/arch/s390/kernel/uv.c -index c811b2313100b..422765c81dd69 100644 ---- a/arch/s390/kernel/uv.c -+++ b/arch/s390/kernel/uv.c -@@ -186,7 +186,7 @@ static int make_secure_pte(pte_t *ptep, unsigned long addr, - { - pte_t entry = READ_ONCE(*ptep); - struct page *page; -- int expected, rc = 0; -+ int expected, cc = 0; - - if (!pte_present(entry)) - return -ENXIO; -@@ -202,12 +202,25 @@ static int make_secure_pte(pte_t *ptep, unsigned long addr, - if (!page_ref_freeze(page, expected)) - return -EBUSY; - set_bit(PG_arch_1, &page->flags); -- rc = uv_call(0, (u64)uvcb); -+ /* -+ * If the UVC does not succeed or fail immediately, we don't want to -+ * loop for long, or we might get stall notifications. -+ * On the other hand, this is a complex scenario and we are holding a lot of -+ * locks, so we can't easily sleep and reschedule. We try only once, -+ * and if the UVC returned busy or partial completion, we return -+ * -EAGAIN and we let the callers deal with it. -+ */ -+ cc = __uv_call(0, (u64)uvcb); - page_ref_unfreeze(page, expected); -- /* Return -ENXIO if the page was not mapped, -EINVAL otherwise */ -- if (rc) -- rc = uvcb->rc == 0x10a ? -ENXIO : -EINVAL; -- return rc; -+ /* -+ * Return -ENXIO if the page was not mapped, -EINVAL for other errors. -+ * If busy or partially completed, return -EAGAIN. -+ */ -+ if (cc == UVC_CC_OK) -+ return 0; -+ else if (cc == UVC_CC_BUSY || cc == UVC_CC_PARTIAL) -+ return -EAGAIN; -+ return uvcb->rc == 0x10a ? -ENXIO : -EINVAL; - } - - /* -@@ -260,6 +273,10 @@ int gmap_make_secure(struct gmap *gmap, unsigned long gaddr, void *uvcb) - mmap_read_unlock(gmap->mm); - - if (rc == -EAGAIN) { -+ /* -+ * If we are here because the UVC returned busy or partial -+ * completion, this is just a useless check, but it is safe. -+ */ - wait_on_page_writeback(page); - } else if (rc == -EBUSY) { - /* -diff --git a/arch/s390/kvm/intercept.c b/arch/s390/kvm/intercept.c -index 8bf72a323e4fa..8f13943c9160d 100644 ---- a/arch/s390/kvm/intercept.c -+++ b/arch/s390/kvm/intercept.c -@@ -535,6 +535,11 @@ static int handle_pv_uvc(struct kvm_vcpu *vcpu) - */ - if (rc == -EINVAL) - return 0; -+ /* -+ * If we got -EAGAIN here, we simply return it. It will eventually -+ * get propagated all the way to userspace, which should then try -+ * again. -+ */ - return rc; - } - --- -2.43.0 - diff --git a/queue-5.10/kvm-s390-pv-properly-handle-page-flags-for-protected.patch b/queue-5.10/kvm-s390-pv-properly-handle-page-flags-for-protected.patch deleted file mode 100644 index 845c0fd6693..00000000000 --- a/queue-5.10/kvm-s390-pv-properly-handle-page-flags-for-protected.patch +++ /dev/null @@ -1,184 +0,0 @@ -From 118aed88a4b89ddc321e735e50c4836e20fffe3b Mon Sep 17 00:00:00 2001 -From: Sasha Levin -Date: Mon, 20 Sep 2021 15:24:54 +0200 -Subject: KVM: s390: pv: properly handle page flags for protected guests - -From: Claudio Imbrenda - -[ Upstream commit 380d97bd02fca7b9b41aec2d1c767874d602bc78 ] - -Introduce variants of the convert and destroy page functions that also -clear the PG_arch_1 bit used to mark them as secure pages. - -The PG_arch_1 flag is always allowed to overindicate; using the new -functions introduced here allows to reduce the extent of overindication -and thus improve performance. - -These new functions can only be called on pages for which a reference -is already being held. - -Signed-off-by: Claudio Imbrenda -Reviewed-by: Janosch Frank -Reviewed-by: Christian Borntraeger -Link: https://lore.kernel.org/r/20210920132502.36111-7-imbrenda@linux.ibm.com -Signed-off-by: Christian Borntraeger -Stable-dep-of: 3f29f6537f54 ("s390/uv: Don't call folio_wait_writeback() without a folio reference") -Signed-off-by: Sasha Levin ---- - arch/s390/include/asm/pgtable.h | 9 ++++++--- - arch/s390/include/asm/uv.h | 10 ++++++++-- - arch/s390/kernel/uv.c | 34 ++++++++++++++++++++++++++++++++- - arch/s390/mm/gmap.c | 4 +++- - 4 files changed, 50 insertions(+), 7 deletions(-) - -diff --git a/arch/s390/include/asm/pgtable.h b/arch/s390/include/asm/pgtable.h -index 2338345912a31..e967cc2a01f7e 100644 ---- a/arch/s390/include/asm/pgtable.h -+++ b/arch/s390/include/asm/pgtable.h -@@ -1080,8 +1080,9 @@ static inline pte_t ptep_get_and_clear(struct mm_struct *mm, - pte_t res; - - res = ptep_xchg_lazy(mm, addr, ptep, __pte(_PAGE_INVALID)); -+ /* At this point the reference through the mapping is still present */ - if (mm_is_protected(mm) && pte_present(res)) -- uv_convert_from_secure(pte_val(res) & PAGE_MASK); -+ uv_convert_owned_from_secure(pte_val(res) & PAGE_MASK); - return res; - } - -@@ -1097,8 +1098,9 @@ static inline pte_t ptep_clear_flush(struct vm_area_struct *vma, - pte_t res; - - res = ptep_xchg_direct(vma->vm_mm, addr, ptep, __pte(_PAGE_INVALID)); -+ /* At this point the reference through the mapping is still present */ - if (mm_is_protected(vma->vm_mm) && pte_present(res)) -- uv_convert_from_secure(pte_val(res) & PAGE_MASK); -+ uv_convert_owned_from_secure(pte_val(res) & PAGE_MASK); - return res; - } - -@@ -1122,8 +1124,9 @@ static inline pte_t ptep_get_and_clear_full(struct mm_struct *mm, - } else { - res = ptep_xchg_lazy(mm, addr, ptep, __pte(_PAGE_INVALID)); - } -+ /* At this point the reference through the mapping is still present */ - if (mm_is_protected(mm) && pte_present(res)) -- uv_convert_from_secure(pte_val(res) & PAGE_MASK); -+ uv_convert_owned_from_secure(pte_val(res) & PAGE_MASK); - return res; - } - -diff --git a/arch/s390/include/asm/uv.h b/arch/s390/include/asm/uv.h -index 12c5f006c1364..bbd51aa94d05c 100644 ---- a/arch/s390/include/asm/uv.h -+++ b/arch/s390/include/asm/uv.h -@@ -351,8 +351,9 @@ static inline int is_prot_virt_host(void) - } - - int gmap_make_secure(struct gmap *gmap, unsigned long gaddr, void *uvcb); --int uv_destroy_page(unsigned long paddr); -+int uv_destroy_owned_page(unsigned long paddr); - int uv_convert_from_secure(unsigned long paddr); -+int uv_convert_owned_from_secure(unsigned long paddr); - int gmap_convert_to_secure(struct gmap *gmap, unsigned long gaddr); - - void setup_uv(void); -@@ -362,7 +363,7 @@ void adjust_to_uv_max(unsigned long *vmax); - static inline void setup_uv(void) {} - static inline void adjust_to_uv_max(unsigned long *vmax) {} - --static inline int uv_destroy_page(unsigned long paddr) -+static inline int uv_destroy_owned_page(unsigned long paddr) - { - return 0; - } -@@ -371,6 +372,11 @@ static inline int uv_convert_from_secure(unsigned long paddr) - { - return 0; - } -+ -+static inline int uv_convert_owned_from_secure(unsigned long paddr) -+{ -+ return 0; -+} - #endif - - #if defined(CONFIG_PROTECTED_VIRTUALIZATION_GUEST) || IS_ENABLED(CONFIG_KVM) -diff --git a/arch/s390/kernel/uv.c b/arch/s390/kernel/uv.c -index 422765c81dd69..5173c24a02637 100644 ---- a/arch/s390/kernel/uv.c -+++ b/arch/s390/kernel/uv.c -@@ -121,7 +121,7 @@ static int uv_pin_shared(unsigned long paddr) - * - * @paddr: Absolute host address of page to be destroyed - */ --int uv_destroy_page(unsigned long paddr) -+static int uv_destroy_page(unsigned long paddr) - { - struct uv_cb_cfs uvcb = { - .header.cmd = UVC_CMD_DESTR_SEC_STOR, -@@ -141,6 +141,22 @@ int uv_destroy_page(unsigned long paddr) - return 0; - } - -+/* -+ * The caller must already hold a reference to the page -+ */ -+int uv_destroy_owned_page(unsigned long paddr) -+{ -+ struct page *page = phys_to_page(paddr); -+ int rc; -+ -+ get_page(page); -+ rc = uv_destroy_page(paddr); -+ if (!rc) -+ clear_bit(PG_arch_1, &page->flags); -+ put_page(page); -+ return rc; -+} -+ - /* - * Requests the Ultravisor to encrypt a guest page and make it - * accessible to the host for paging (export). -@@ -160,6 +176,22 @@ int uv_convert_from_secure(unsigned long paddr) - return 0; - } - -+/* -+ * The caller must already hold a reference to the page -+ */ -+int uv_convert_owned_from_secure(unsigned long paddr) -+{ -+ struct page *page = phys_to_page(paddr); -+ int rc; -+ -+ get_page(page); -+ rc = uv_convert_from_secure(paddr); -+ if (!rc) -+ clear_bit(PG_arch_1, &page->flags); -+ put_page(page); -+ return rc; -+} -+ - /* - * Calculate the expected ref_count for a page that would otherwise have no - * further pins. This was cribbed from similar functions in other places in -diff --git a/arch/s390/mm/gmap.c b/arch/s390/mm/gmap.c -index ad4bae2465b19..46daa9115a192 100644 ---- a/arch/s390/mm/gmap.c -+++ b/arch/s390/mm/gmap.c -@@ -2693,8 +2693,10 @@ static int __s390_reset_acc(pte_t *ptep, unsigned long addr, - { - pte_t pte = READ_ONCE(*ptep); - -+ /* There is a reference through the mapping */ - if (pte_present(pte)) -- WARN_ON_ONCE(uv_destroy_page(pte_val(pte) & PAGE_MASK)); -+ WARN_ON_ONCE(uv_destroy_owned_page(pte_val(pte) & PAGE_MASK)); -+ - return 0; - } - --- -2.43.0 - diff --git a/queue-5.10/series b/queue-5.10/series index 4382d23639d..c48fc5b2cf6 100644 --- a/queue-5.10/series +++ b/queue-5.10/series @@ -66,10 +66,6 @@ drm-panel-boe-tv101wum-nl6-if-prepare-fails-disable-.patch drm-panel-boe-tv101wum-nl6-check-for-errors-on-the-n.patch media-dvb-usb-fix-unexpected-infinite-loop-in-dvb_us.patch media-imon-fix-race-getting-ictx-lock.patch -kvm-s390-pv-avoid-stalls-when-making-pages-secure.patch -kvm-s390-pv-properly-handle-page-flags-for-protected.patch -kvm-s390-pv-add-export-before-import.patch -kvm-s390-fix-race-in-gmap_make_secure.patch saa7134-unchecked-i2c_transfer-function-result-fixed.patch media-uvcvideo-allow-entity-defined-get_info-and-get.patch media-uvcvideo-override-default-flags.patch