1. 16 Oct, 2024 2 commits
  2. 10 Oct, 2024 4 commits
    • Michael Mueller's avatar
      KVM: s390: Change virtual to physical address access in diag 0x258 handler · cad4b3d4
      Michael Mueller authored
      The parameters for the diag 0x258 are real addresses, not virtual, but
      KVM was using them as virtual addresses. This only happened to work, since
      the Linux kernel as a guest used to have a 1:1 mapping for physical vs
      virtual addresses.
      
      Fix KVM so that it correctly uses the addresses as real addresses.
      
      Cc: stable@vger.kernel.org
      Fixes: 8ae04b8f ("KVM: s390: Guest's memory access functions get access registers")
      Suggested-by: default avatarVasily Gorbik <gor@linux.ibm.com>
      Signed-off-by: default avatarMichael Mueller <mimu@linux.ibm.com>
      Signed-off-by: default avatarNico Boehr <nrb@linux.ibm.com>
      Reviewed-by: default avatarChristian Borntraeger <borntraeger@linux.ibm.com>
      Reviewed-by: default avatarHeiko Carstens <hca@linux.ibm.com>
      Link: https://lore.kernel.org/r/20240917151904.74314-3-nrb@linux.ibm.comAcked-by: default avatarJanosch Frank <frankja@linux.ibm.com>
      Signed-off-by: default avatarHeiko Carstens <hca@linux.ibm.com>
      cad4b3d4
    • Nico Boehr's avatar
      KVM: s390: gaccess: Check if guest address is in memslot · e8061f06
      Nico Boehr authored
      Previously, access_guest_page() did not check whether the given guest
      address is inside of a memslot. This is not a problem, since
      kvm_write_guest_page/kvm_read_guest_page return -EFAULT in this case.
      
      However, -EFAULT is also returned when copy_to/from_user fails.
      
      When emulating a guest instruction, the address being outside a memslot
      usually means that an addressing exception should be injected into the
      guest.
      
      Failure in copy_to/from_user however indicates that something is wrong
      in userspace and hence should be handled there.
      
      To be able to distinguish these two cases, return PGM_ADDRESSING in
      access_guest_page() when the guest address is outside guest memory. In
      access_guest_real(), populate vcpu->arch.pgm.code such that
      kvm_s390_inject_prog_cond() can be used in the caller for injecting into
      the guest (if applicable).
      
      Since this adds a new return value to access_guest_page(), we need to make
      sure that other callers are not confused by the new positive return value.
      
      There are the following users of access_guest_page():
      - access_guest_with_key() does the checking itself (in
        guest_range_to_gpas()), so this case should never happen. Even if, the
        handling is set up properly.
      - access_guest_real() just passes the return code to its callers, which
        are:
          - read_guest_real() - see below
          - write_guest_real() - see below
      
      There are the following users of read_guest_real():
      - ar_translation() in gaccess.c which already returns PGM_*
      - setup_apcb10(), setup_apcb00(), setup_apcb11() in vsie.c which always
        return -EFAULT on read_guest_read() nonzero return - no change
      - shadow_crycb(), handle_stfle() always present this as validity, this
        could be handled better but doesn't change current behaviour - no change
      
      There are the following users of write_guest_real():
      - kvm_s390_store_status_unloaded() always returns -EFAULT on
        write_guest_real() failure.
      
      Fixes: 22938978 ("KVM: s390: add architecture compliant guest access functions")
      Cc: stable@vger.kernel.org
      Signed-off-by: default avatarNico Boehr <nrb@linux.ibm.com>
      Reviewed-by: default avatarHeiko Carstens <hca@linux.ibm.com>
      Link: https://lore.kernel.org/r/20240917151904.74314-2-nrb@linux.ibm.comAcked-by: default avatarJanosch Frank <frankja@linux.ibm.com>
      Signed-off-by: default avatarHeiko Carstens <hca@linux.ibm.com>
      e8061f06
    • Harald Freudenberger's avatar
      s390/ap: Fix CCA crypto card behavior within protected execution environment · 78f636e8
      Harald Freudenberger authored
      A crypto card comes in 3 flavors: accelerator, CCA co-processor or
      EP11 co-processor. Within a protected execution environment only the
      accelerator and EP11 co-processor is supported. However, it is
      possible to set up a KVM guest with a CCA card and run it as a
      protected execution guest. There is nothing at the host side which
      prevents this. Within such a guest, a CCA card is shown as "illicit"
      and you can't do anything with such a crypto card.
      
      Regardless of the unsupported CCA card within a protected execution
      guest there are a couple of user space applications which
      unconditional try to run crypto requests to the zcrypt device
      driver. There was a bug within the AP bus code which allowed such a
      request to be forwarded to a CCA card where it is finally
      rejected and the driver reacts with -ENODEV but also triggers an AP
      bus scan. Together with a retry loop this caused some kind of "hang"
      of the KVM guest. On startup it caused timeouts and finally led the
      KVM guest startup fail. Fix that by closing the gap and make sure a
      CCA card is not usable within a protected execution environment.
      
      Another behavior within an protected execution environment with CCA
      cards was that the se_bind and se_associate AP queue sysfs attributes
      where shown. The implementation unconditional always added these
      attributes. Fix that by checking if the card mode is supported within
      a protected execution environment and only if valid, add the attribute
      group.
      Signed-off-by: default avatarHarald Freudenberger <freude@linux.ibm.com>
      Reviewed-by: default avatarHolger Dengler <dengler@linux.ibm.com>
      Signed-off-by: default avatarHeiko Carstens <hca@linux.ibm.com>
      78f636e8
    • Niklas Schnelle's avatar
      s390/pci: Handle PCI error codes other than 0x3a · 3cd03ea5
      Niklas Schnelle authored
      The Linux implementation of PCI error recovery for s390 was based on the
      understanding that firmware error recovery is a two step process with an
      optional initial error event to indicate the cause of the error if known
      followed by either error event 0x3A (Success) or 0x3B (Failure) to
      indicate whether firmware was able to recover. While this has been the
      case in testing and the error cases seen in the wild it turns out this
      is not correct. Instead firmware only generates 0x3A for some error and
      service scenarios and expects the OS to perform recovery for all PCI
      events codes except for those indicating permanent error (0x3B, 0x40)
      and those indicating errors on the function measurement block (0x2A,
      0x2B, 0x2C). Align Linux behavior with these expectations.
      
      Fixes: 4cdf2f4e ("s390/pci: implement minimal PCI error recovery")
      Reviewed-by: default avatarGerd Bayer <gbayer@linux.ibm.com>
      Signed-off-by: default avatarNiklas Schnelle <schnelle@linux.ibm.com>
      Signed-off-by: default avatarHeiko Carstens <hca@linux.ibm.com>
      3cd03ea5
  3. 06 Oct, 2024 20 commits
  4. 05 Oct, 2024 14 commits
    • Linus Torvalds's avatar
      Merge tag 'bcachefs-2024-10-05' of git://evilpiepirate.org/bcachefs · 8f602276
      Linus Torvalds authored
      Pull bcachefs fixes from Kent Overstreet:
       "A lot of little fixes, bigger ones include:
      
         - bcachefs's __wait_on_freeing_inode() was broken in rc1 due to vfs
           changes, now fixed along with another lost wakeup
      
         - fragmentation LRU fixes; fsck now repairs successfully (this is the
           data structure copygc uses); along with some nice simplification.
      
         - Rework logged op error handling, so that if logged op replay errors
           (due to another filesystem error) we delete the logged op instead
           of going into an infinite loop)
      
         - Various small filesystem connectivitity repair fixes"
      
      * tag 'bcachefs-2024-10-05' of git://evilpiepirate.org/bcachefs:
        bcachefs: Rework logged op error handling
        bcachefs: Add warn param to subvol_get_snapshot, peek_inode
        bcachefs: Kill snapshot arg to fsck_write_inode()
        bcachefs: Check for unlinked, non-empty dirs in check_inode()
        bcachefs: Check for unlinked inodes with dirents
        bcachefs: Check for directories with no backpointers
        bcachefs: Kill alloc_v4.fragmentation_lru
        bcachefs: minor lru fsck fixes
        bcachefs: Mark more errors AUTOFIX
        bcachefs: Make sure we print error that causes fsck to bail out
        bcachefs: bkey errors are only AUTOFIX during read
        bcachefs: Create lost+found in correct snapshot
        bcachefs: Fix reattach_inode()
        bcachefs: Add missing wakeup to bch2_inode_hash_remove()
        bcachefs: Fix trans_commit disk accounting revert
        bcachefs: Fix bch2_inode_is_open() check
        bcachefs: Fix return type of dirent_points_to_inode_nowarn()
        bcachefs: Fix bad shift in bch2_read_flag_list()
      8f602276
    • Linus Torvalds's avatar
      Merge tag 'for-linus-6.12a-rc2-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/xen/tip · fc20a3e5
      Linus Torvalds authored
      Pull xen fix from Juergen Gross:
       "Fix Xen config issue introduced in the merge window"
      
      * tag 'for-linus-6.12a-rc2-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/xen/tip:
        xen: Fix config option reference in XEN_PRIVCMD definition
      fc20a3e5
    • Linus Torvalds's avatar
      Merge tag 'ext4_for_linus-5.12-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/tytso/ext4 · fdd0a94d
      Linus Torvalds authored
      Pull ext4 fixes from Ted Ts'o:
       "Fix some ext4 bugs and regressions relating to oneline resize and fast
        commits"
      
      * tag 'ext4_for_linus-5.12-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/tytso/ext4:
        ext4: fix off by one issue in alloc_flex_gd()
        ext4: mark fc as ineligible using an handle in ext4_xattr_set()
        ext4: use handle to mark fc as ineligible in __track_dentry_update()
      fdd0a94d
    • Linus Torvalds's avatar
      Merge tag 'cxl-fixes-6.12-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/cxl/cxl · 7c50f221
      Linus Torvalds authored
      Pull cxl fix from Ira Weiny:
      
       - Fix calculation for SBDF in error injection
      
      * tag 'cxl-fixes-6.12-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/cxl/cxl:
        EINJ, CXL: Fix CXL device SBDF calculation
      7c50f221
    • Linus Torvalds's avatar
      Merge tag 'i2c-for-6.12-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/wsa/linux · 3a28c9e1
      Linus Torvalds authored
      Pull i2c fix from Wolfram Sang:
      
       - Fix potential deadlock during runtime suspend and resume (stm32f7)
      
      * tag 'i2c-for-6.12-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/wsa/linux:
        i2c: stm32f7: Do not prepare/unprepare clock during runtime suspend/resume
      3a28c9e1
    • Linus Torvalds's avatar
      Merge tag 'spi-fix-v6.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/broonie/spi · 60b9f47e
      Linus Torvalds authored
      Pull spi fixes from Mark Brown:
       "A small set of driver specific fixes that came in since the merge
        window, about half of which is fixes for correctness in the use of the
        runtime PM APIs done as part of a broader cleanup"
      
      * tag 'spi-fix-v6.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/broonie/spi:
        spi: s3c64xx: fix timeout counters in flush_fifo
        spi: atmel-quadspi: Fix wrong register value written to MR
        spi: spi-cadence: Fix missing spi_controller_is_target() check
        spi: spi-cadence: Fix pm_runtime_set_suspended() with runtime pm enabled
        spi: spi-imx: Fix pm_runtime_set_suspended() with runtime pm enabled
      60b9f47e
    • Linus Torvalds's avatar
      Merge tag 'hardening-v6.12-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux · 9ec2236a
      Linus Torvalds authored
      Pull hardening fixes from Kees Cook:
      
       - gcc plugins: Avoid Kconfig warnings with randstruct (Nathan
         Chancellor)
      
       - MAINTAINERS: Add security/Kconfig.hardening to hardening section
         (Nathan Chancellor)
      
       - MAINTAINERS: Add unsafe_memcpy() to the FORTIFY review list
      
      * tag 'hardening-v6.12-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux:
        MAINTAINERS: Add security/Kconfig.hardening to hardening section
        hardening: Adjust dependencies in selection of MODVERSIONS
        MAINTAINERS: Add unsafe_memcpy() to the FORTIFY review list
      9ec2236a
    • Linus Torvalds's avatar
      Merge tag 'lsm-pr-20241004' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/lsm · fb9b7674
      Linus Torvalds authored
      Pull lsm revert from Paul Moore:
       "Here is the CONFIG_SECURITY_TOMOYO_LKM revert that we've been
        discussing this week. With near unanimous agreement that the original
        TOMOYO patches were not the right way to solve the distro problem
        Tetsuo is trying the solve, reverting is our best option at this time"
      
      * tag 'lsm-pr-20241004' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/lsm:
        tomoyo: revert CONFIG_SECURITY_TOMOYO_LKM support
      fb9b7674
    • Zach Wade's avatar
      platform/x86: ISST: Fix the KASAN report slab-out-of-bounds bug · 7d59ac07
      Zach Wade authored
      Attaching SST PCI device to VM causes "BUG: KASAN: slab-out-of-bounds".
      kasan report:
      [   19.411889] ==================================================================
      [   19.413702] BUG: KASAN: slab-out-of-bounds in _isst_if_get_pci_dev+0x3d5/0x400 [isst_if_common]
      [   19.415634] Read of size 8 at addr ffff888829e65200 by task cpuhp/16/113
      [   19.417368]
      [   19.418627] CPU: 16 PID: 113 Comm: cpuhp/16 Tainted: G            E      6.9.0 #10
      [   19.420435] Hardware name: VMware, Inc. VMware20,1/440BX Desktop Reference Platform, BIOS VMW201.00V.20192059.B64.2207280713 07/28/2022
      [   19.422687] Call Trace:
      [   19.424091]  <TASK>
      [   19.425448]  dump_stack_lvl+0x5d/0x80
      [   19.426963]  ? _isst_if_get_pci_dev+0x3d5/0x400 [isst_if_common]
      [   19.428694]  print_report+0x19d/0x52e
      [   19.430206]  ? __pfx__raw_spin_lock_irqsave+0x10/0x10
      [   19.431837]  ? _isst_if_get_pci_dev+0x3d5/0x400 [isst_if_common]
      [   19.433539]  kasan_report+0xf0/0x170
      [   19.435019]  ? _isst_if_get_pci_dev+0x3d5/0x400 [isst_if_common]
      [   19.436709]  _isst_if_get_pci_dev+0x3d5/0x400 [isst_if_common]
      [   19.438379]  ? __pfx_sched_clock_cpu+0x10/0x10
      [   19.439910]  isst_if_cpu_online+0x406/0x58f [isst_if_common]
      [   19.441573]  ? __pfx_isst_if_cpu_online+0x10/0x10 [isst_if_common]
      [   19.443263]  ? ttwu_queue_wakelist+0x2c1/0x360
      [   19.444797]  cpuhp_invoke_callback+0x221/0xec0
      [   19.446337]  cpuhp_thread_fun+0x21b/0x610
      [   19.447814]  ? __pfx_cpuhp_thread_fun+0x10/0x10
      [   19.449354]  smpboot_thread_fn+0x2e7/0x6e0
      [   19.450859]  ? __pfx_smpboot_thread_fn+0x10/0x10
      [   19.452405]  kthread+0x29c/0x350
      [   19.453817]  ? __pfx_kthread+0x10/0x10
      [   19.455253]  ret_from_fork+0x31/0x70
      [   19.456685]  ? __pfx_kthread+0x10/0x10
      [   19.458114]  ret_from_fork_asm+0x1a/0x30
      [   19.459573]  </TASK>
      [   19.460853]
      [   19.462055] Allocated by task 1198:
      [   19.463410]  kasan_save_stack+0x30/0x50
      [   19.464788]  kasan_save_track+0x14/0x30
      [   19.466139]  __kasan_kmalloc+0xaa/0xb0
      [   19.467465]  __kmalloc+0x1cd/0x470
      [   19.468748]  isst_if_cdev_register+0x1da/0x350 [isst_if_common]
      [   19.470233]  isst_if_mbox_init+0x108/0xff0 [isst_if_mbox_msr]
      [   19.471670]  do_one_initcall+0xa4/0x380
      [   19.472903]  do_init_module+0x238/0x760
      [   19.474105]  load_module+0x5239/0x6f00
      [   19.475285]  init_module_from_file+0xd1/0x130
      [   19.476506]  idempotent_init_module+0x23b/0x650
      [   19.477725]  __x64_sys_finit_module+0xbe/0x130
      [   19.476506]  idempotent_init_module+0x23b/0x650
      [   19.477725]  __x64_sys_finit_module+0xbe/0x130
      [   19.478920]  do_syscall_64+0x82/0x160
      [   19.480036]  entry_SYSCALL_64_after_hwframe+0x76/0x7e
      [   19.481292]
      [   19.482205] The buggy address belongs to the object at ffff888829e65000
       which belongs to the cache kmalloc-512 of size 512
      [   19.484818] The buggy address is located 0 bytes to the right of
       allocated 512-byte region [ffff888829e65000, ffff888829e65200)
      [   19.487447]
      [   19.488328] The buggy address belongs to the physical page:
      [   19.489569] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff888829e60c00 pfn:0x829e60
      [   19.491140] head: order:3 entire_mapcount:0 nr_pages_mapped:0 pincount:0
      [   19.492466] anon flags: 0x57ffffc0000840(slab|head|node=1|zone=2|lastcpupid=0x1fffff)
      [   19.493914] page_type: 0xffffffff()
      [   19.494988] raw: 0057ffffc0000840 ffff88810004cc80 0000000000000000 0000000000000001
      [   19.496451] raw: ffff888829e60c00 0000000080200018 00000001ffffffff 0000000000000000
      [   19.497906] head: 0057ffffc0000840 ffff88810004cc80 0000000000000000 0000000000000001
      [   19.499379] head: ffff888829e60c00 0000000080200018 00000001ffffffff 0000000000000000
      [   19.500844] head: 0057ffffc0000003 ffffea0020a79801 ffffea0020a79848 00000000ffffffff
      [   19.502316] head: 0000000800000000 0000000000000000 00000000ffffffff 0000000000000000
      [   19.503784] page dumped because: kasan: bad access detected
      [   19.505058]
      [   19.505970] Memory state around the buggy address:
      [   19.507172]  ffff888829e65100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
      [   19.508599]  ffff888829e65180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
      [   19.510013] >ffff888829e65200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
      [   19.510014]                    ^
      [   19.510016]  ffff888829e65280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
      [   19.510018]  ffff888829e65300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
      [   19.515367] ==================================================================
      
      The reason for this error is physical_package_ids assigned by VMware VMM
      are not continuous and have gaps. This will cause value returned by
      topology_physical_package_id() to be more than topology_max_packages().
      
      Here the allocation uses topology_max_packages(). The call to
      topology_max_packages() returns maximum logical package ID not physical
      ID. Hence use topology_logical_package_id() instead of
      topology_physical_package_id().
      
      Fixes: 9a1aac8a ("platform/x86: ISST: PUNIT device mapping with Sub-NUMA clustering")
      Cc: stable@vger.kernel.org
      Acked-by: default avatarSrinivas Pandruvada <srinivas.pandruvada@linux.intel.com>
      Signed-off-by: default avatarZach Wade <zachwade.k@gmail.com>
      Link: https://lore.kernel.org/r/20240923144508.1764-1-zachwade.k@gmail.comReviewed-by: default avatarHans de Goede <hdegoede@redhat.com>
      Signed-off-by: default avatarHans de Goede <hdegoede@redhat.com>
      7d59ac07
    • Linus Torvalds's avatar
      Merge tag 'linux_kselftest-fixes-6.12-rc2' of... · 27cc6fdf
      Linus Torvalds authored
      Merge tag 'linux_kselftest-fixes-6.12-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/shuah/linux-kselftest
      
      Pull kselftest fixes from Shuah Khan:
       "Fixes to build warnings, install scripts, run-time error path, and git
        status cleanups to tests:
      
         - devices/probe: fix for Python3 regex string syntax warnings
      
         - clone3: removing unused macro from clone3_cap_checkpoint_restore()
      
         - vDSO: fix to align getrandom states to cache line
      
         - core and exec: add missing executables to .gitignore files
      
         - rtc: change to skip test if /dev/rtc0 can't be accessed
      
         - timers/posix: fix warn_unused_result result in __fatal_error()
      
         - breakpoints: fix to detect suspend successful condition correctly
      
         - hid: fix to install required dependencies to run the test"
      
      * tag 'linux_kselftest-fixes-6.12-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/shuah/linux-kselftest:
        selftests: breakpoints: use remaining time to check if suspend succeed
        kselftest/devices/probe: Fix SyntaxWarning in regex strings for Python3
        selftest: hid: add missing run-hid-tools-tests.sh
        selftests: vDSO: align getrandom states to cache line
        selftests: exec: update gitignore for load_address
        selftests: core: add unshare_test to gitignore
        clone3: clone3_cap_checkpoint_restore: remove unused MAX_PID_NS_LEVEL macro
        selftests:timers: posix_timers: Fix warn_unused_result in __fatal_error()
        selftest: rtc: Check if could access /dev/rtc0 before testing
      27cc6fdf
    • Kent Overstreet's avatar
      bcachefs: Rework logged op error handling · 0f25eb4b
      Kent Overstreet authored
      Initially it was thought that we just wanted to ignore errors from
      logged op replay, but it turns out we do need to catch -EROFS, or we'll
      go into an infinite loop.
      Signed-off-by: default avatarKent Overstreet <kent.overstreet@linux.dev>
      0f25eb4b
    • Kent Overstreet's avatar
      bcachefs: Add warn param to subvol_get_snapshot, peek_inode · 1f73cb4d
      Kent Overstreet authored
      These shouldn't always be fatal errors - logged op resume, in
      particular, and we want it as a parameter there.
      Signed-off-by: default avatarKent Overstreet <kent.overstreet@linux.dev>
      1f73cb4d
    • Kent Overstreet's avatar
      bcachefs: Kill snapshot arg to fsck_write_inode() · 72350ee0
      Kent Overstreet authored
      It was initially believed that it would be better to be explicit about
      the snapshot we're updating when writing inodes in fsck; however, it
      turns out that passing around the snapshot separately is more error
      prone and we're usually updating the inode in the same snapshow we read
      it from.
      
      This is different from normal filesystem paths, where we do the update
      in the snapshot of the subvolume we're in.
      Signed-off-by: default avatarKent Overstreet <kent.overstreet@linux.dev>
      72350ee0
    • Kent Overstreet's avatar
      bcachefs: Check for unlinked, non-empty dirs in check_inode() · c9306a91
      Kent Overstreet authored
      We want to check for this early so it can be reattached if necessary in
      check_unreachable_inodes(); better than letting it be deleted and having
      the children reattached, losing their filenames.
      Signed-off-by: default avatarKent Overstreet <kent.overstreet@linux.dev>
      c9306a91