From 57c9b27510ba1832f1da77f71b0728189cfbaf87 Mon Sep 17 00:00:00 2001
From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Date: Wed, 12 Jun 2024 15:46:14 +0200
Subject: [PATCH] 6.9-stable patches

added patches:
	vxlan-fix-regression-when-dropping-packets-due-to-invalid-src-addresses.patch
	x86-topology-amd-evaluate-smt-in-cpuid-leaf-0x8000001e-only-on-family-0x17-and-greater.patch
---
 queue-6.9/series                              |  2 +
 ...packets-due-to-invalid-src-addresses.patch | 71 +++++++++++++++++++
 ...001e-only-on-family-0x17-and-greater.patch | 54 ++++++++++++++
 3 files changed, 127 insertions(+)
 create mode 100644 queue-6.9/vxlan-fix-regression-when-dropping-packets-due-to-invalid-src-addresses.patch
 create mode 100644 queue-6.9/x86-topology-amd-evaluate-smt-in-cpuid-leaf-0x8000001e-only-on-family-0x17-and-greater.patch

diff --git a/queue-6.9/series b/queue-6.9/series
index bc6c47ce02f..ca19e18619d 100644
--- a/queue-6.9/series
+++ b/queue-6.9/series
@@ -2,3 +2,5 @@ drm-amdkfd-handle-duplicate-bos-in-reserve_bo_and_cond_vms.patch
 drm-i915-hwmon-get-rid-of-devm.patch
 afs-don-t-cross-.backup-mountpoint-from-backup-volume.patch
 erofs-avoid-allocating-deflate-streams-before-mounting.patch
+x86-topology-amd-evaluate-smt-in-cpuid-leaf-0x8000001e-only-on-family-0x17-and-greater.patch
+vxlan-fix-regression-when-dropping-packets-due-to-invalid-src-addresses.patch
diff --git a/queue-6.9/vxlan-fix-regression-when-dropping-packets-due-to-invalid-src-addresses.patch b/queue-6.9/vxlan-fix-regression-when-dropping-packets-due-to-invalid-src-addresses.patch
new file mode 100644
index 00000000000..87ff9e61a90
--- /dev/null
+++ b/queue-6.9/vxlan-fix-regression-when-dropping-packets-due-to-invalid-src-addresses.patch
@@ -0,0 +1,71 @@
+From 1cd4bc987abb2823836cbb8f887026011ccddc8a Mon Sep 17 00:00:00 2001
+From: Daniel Borkmann <daniel@iogearbox.net>
+Date: Mon, 3 Jun 2024 10:59:26 +0200
+Subject: vxlan: Fix regression when dropping packets due to invalid src addresses
+
+From: Daniel Borkmann <daniel@iogearbox.net>
+
+commit 1cd4bc987abb2823836cbb8f887026011ccddc8a upstream.
+
+Commit f58f45c1e5b9 ("vxlan: drop packets from invalid src-address")
+has recently been added to vxlan mainly in the context of source
+address snooping/learning so that when it is enabled, an entry in the
+FDB is not being created for an invalid address for the corresponding
+tunnel endpoint.
+
+Before commit f58f45c1e5b9 vxlan was similarly behaving as geneve in
+that it passed through whichever macs were set in the L2 header. It
+turns out that this change in behavior breaks setups, for example,
+Cilium with netkit in L3 mode for Pods as well as tunnel mode has been
+passing before the change in f58f45c1e5b9 for both vxlan and geneve.
+After mentioned change it is only passing for geneve as in case of
+vxlan packets are dropped due to vxlan_set_mac() returning false as
+source and destination macs are zero which for E/W traffic via tunnel
+is totally fine.
+
+Fix it by only opting into the is_valid_ether_addr() check in
+vxlan_set_mac() when in fact source address snooping/learning is
+actually enabled in vxlan. This is done by moving the check into
+vxlan_snoop(). With this change, the Cilium connectivity test suite
+passes again for both tunnel flavors.
+
+Fixes: f58f45c1e5b9 ("vxlan: drop packets from invalid src-address")
+Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
+Cc: David Bauer <mail@david-bauer.net>
+Cc: Ido Schimmel <idosch@nvidia.com>
+Cc: Nikolay Aleksandrov <razor@blackwall.org>
+Cc: Martin KaFai Lau <martin.lau@kernel.org>
+Reviewed-by: Ido Schimmel <idosch@nvidia.com>
+Reviewed-by: Nikolay Aleksandrov <razor@blackwall.org>
+Reviewed-by: David Bauer <mail@david-bauer.net>
+Signed-off-by: David S. Miller <davem@davemloft.net>
+Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ drivers/net/vxlan/vxlan_core.c |    8 ++++----
+ 1 file changed, 4 insertions(+), 4 deletions(-)
+
+--- a/drivers/net/vxlan/vxlan_core.c
++++ b/drivers/net/vxlan/vxlan_core.c
+@@ -1446,6 +1446,10 @@ static bool vxlan_snoop(struct net_devic
+ 	struct vxlan_fdb *f;
+ 	u32 ifindex = 0;
+ 
++	/* Ignore packets from invalid src-address */
++	if (!is_valid_ether_addr(src_mac))
++		return true;
++
+ #if IS_ENABLED(CONFIG_IPV6)
+ 	if (src_ip->sa.sa_family == AF_INET6 &&
+ 	    (ipv6_addr_type(&src_ip->sin6.sin6_addr) & IPV6_ADDR_LINKLOCAL))
+@@ -1615,10 +1619,6 @@ static bool vxlan_set_mac(struct vxlan_d
+ 	if (ether_addr_equal(eth_hdr(skb)->h_source, vxlan->dev->dev_addr))
+ 		return false;
+ 
+-	/* Ignore packets from invalid src-address */
+-	if (!is_valid_ether_addr(eth_hdr(skb)->h_source))
+-		return false;
+-
+ 	/* Get address from the outer IP header */
+ 	if (vxlan_get_sk_family(vs) == AF_INET) {
+ 		saddr.sin.sin_addr.s_addr = ip_hdr(skb)->saddr;
diff --git a/queue-6.9/x86-topology-amd-evaluate-smt-in-cpuid-leaf-0x8000001e-only-on-family-0x17-and-greater.patch b/queue-6.9/x86-topology-amd-evaluate-smt-in-cpuid-leaf-0x8000001e-only-on-family-0x17-and-greater.patch
new file mode 100644
index 00000000000..ca071e86faa
--- /dev/null
+++ b/queue-6.9/x86-topology-amd-evaluate-smt-in-cpuid-leaf-0x8000001e-only-on-family-0x17-and-greater.patch
@@ -0,0 +1,54 @@
+From 34bf6bae3286a58762711cfbce2cf74ecd42e1b5 Mon Sep 17 00:00:00 2001
+From: Thomas Gleixner <tglx@linutronix.de>
+Date: Tue, 28 May 2024 22:21:31 +0200
+Subject: x86/topology/amd: Evaluate SMT in CPUID leaf 0x8000001e only on family 0x17 and greater
+
+From: Thomas Gleixner <tglx@linutronix.de>
+
+commit 34bf6bae3286a58762711cfbce2cf74ecd42e1b5 upstream.
+
+The new AMD/HYGON topology parser evaluates the SMT information in CPUID leaf
+0x8000001e unconditionally while the original code restricted it to CPUs with
+family 0x17 and greater.
+
+This breaks family 0x15 CPUs which advertise that leaf and have a non-zero
+value in the SMT section. The machine boots, but the scheduler complains loudly
+about the mismatch of the core IDs:
+
+  WARNING: CPU: 1 PID: 0 at kernel/sched/core.c:6482 sched_cpu_starting+0x183/0x250
+  WARNING: CPU: 0 PID: 1 at kernel/sched/topology.c:2408 build_sched_domains+0x76b/0x12b0
+
+Add the condition back to cure it.
+
+  [ bp: Make it actually build because grandpa is not concerned with
+    trivial stuff. :-P ]
+
+Fixes: f7fb3b2dd92c ("x86/cpu: Provide an AMD/HYGON specific topology parser")
+Closes: https://gitlab.archlinux.org/archlinux/packaging/packages/linux/-/issues/56
+Reported-by: Tim Teichmann <teichmanntim@outlook.de>
+Reported-by: Christian Heusel <christian@heusel.eu>
+Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
+Signed-off-by: Borislav Petkov (AMD) <bp@alien8.de>
+Tested-by: Tim Teichmann <teichmanntim@outlook.de>
+Cc: stable@vger.kernel.org
+Link: https://lore.kernel.org/r/7skhx6mwe4hxiul64v6azhlxnokheorksqsdbp7qw6g2jduf6c@7b5pvomauugk
+Signed-off-by: Christian Heusel <christian@heusel.eu>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ arch/x86/kernel/cpu/topology_amd.c |    4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+--- a/arch/x86/kernel/cpu/topology_amd.c
++++ b/arch/x86/kernel/cpu/topology_amd.c
+@@ -84,9 +84,9 @@ static bool parse_8000_001e(struct topo_
+ 
+ 	/*
+ 	 * If leaf 0xb is available, then the domain shifts are set
+-	 * already and nothing to do here.
++	 * already and nothing to do here. Only valid for family >= 0x17.
+ 	 */
+-	if (!has_0xb) {
++	if (!has_0xb && tscan->c->x86 >= 0x17) {
+ 		/*
+ 		 * Leaf 0x80000008 set the CORE domain shift already.
+ 		 * Update the SMT domain, but do not propagate it.
-- 
2.47.3