1. 20 Jan, 2023 10 commits
  2. 19 Jan, 2023 10 commits
    • Ian Abbott's avatar
      comedi: check data length for INSN_CONFIG_GET_PWM_OUTPUT · 863cf332
      Ian Abbott authored
      Comedi INSN_CONFIG instructions have different expected instructtion
      data lengths depending on the type of configuration instruction
      specified by the first word of data.  This is checked by
      `check_insn_config_length()`.  There are a few configuration
      instructions whose data lengths are not currently checked, usually for
      rare configuration instructions that are implemented differently by
      different drivers.  For unknown configuration instructions, the function
      logs a warning and accepts the specified data length.
      
      The `INSN_CONFIG_GET_PWM_OUTPUT` configuration instruction length is not
      currently checked, but all the places it is currently used expect a data
      length of 3.  (These places are `ni_get_pwm_config()` in
      "ni_mio_common.c", and `pci1760_pwm_insn_config()` in "adv_pci1760.c".)
      Make this length official by checking it in
      `check_insn_config_length()`.
      Signed-off-by: default avatarIan Abbott <abbotti@mev.co.uk>
      Link: https://lore.kernel.org/r/20230103151127.19287-1-abbotti@mev.co.ukSigned-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
      863cf332
    • Randy Dunlap's avatar
      comedi: use menuconfig for main Comedi menu · 28ecbbae
      Randy Dunlap authored
      Bring the Comedi menu in line with most other device drivers
      by using "menuconfig" instead of "config" for the top-level entry.
      This also fixes a menu presentation issue with xconfig.
      
      Fixes: ed9eccbe ("Staging: add comedi core")
      Signed-off-by: default avatarRandy Dunlap <rdunlap@infradead.org>
      Cc: Ian Abbott <abbotti@mev.co.uk>
      Cc: H Hartley Sweeten <hsweeten@visionengravers.com>
      Cc: David Schleef <ds@schleef.org>
      Cc: Shawn Bohrer <shawn.bohrer@gmail.com>
      Cc: Frank Mori Hess <fmhess@users.sourceforge.net>
      Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
      Link: https://lore.kernel.org/r/20230110064844.18533-1-rdunlap@infradead.orgSigned-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
      28ecbbae
    • Randy Dunlap's avatar
      misc: genwqe: move intervening macros away from kernel-doc · 0e656b80
      Randy Dunlap authored
      Don't separate a function's kernel-doc comment and its definition with
      macros or data; move the macro and data ahead of the function and its
      comments to prevent a warning:
      
      drivers/misc/genwqe/card_utils.c:162: warning: expecting prototype for genwqe_init_crc32(). Prototype was for CRC32_POLYNOMIAL() instead
      Signed-off-by: default avatarRandy Dunlap <rdunlap@infradead.org>
      Cc: Frank Haverkamp <haver@linux.ibm.com>
      Cc: Arnd Bergmann <arnd@arndb.de>
      Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
      Link: https://lore.kernel.org/r/20230113063909.19694-1-rdunlap@infradead.orgSigned-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
      0e656b80
    • Duoming Zhou's avatar
      Revert "char: pcmcia: cm4000_cs: Replace mdelay with usleep_range in set_protocol" · 70fae37a
      Duoming Zhou authored
      This reverts commit be826ada.
      
      The function monitor_card() is a timer handler that runs in an
      atomic context, but it calls usleep_range() that can sleep.
      As a result, the sleep-in-atomic-context bugs will happen.
      The process is shown below:
      
          (atomic context)
      monitor_card()
        set_protocol()
          usleep_range() //sleep
      
      The origin commit c1986ee9 ("[PATCH] New Omnikey Cardman
      4000 driver") works fine.
      
      Fixes: be826ada ("char: pcmcia: cm4000_cs: Replace mdelay with usleep_range in set_protocol")
      Signed-off-by: default avatarDuoming Zhou <duoming@zju.edu.cn>
      Link: https://lore.kernel.org/r/20230118141000.5580-1-duoming@zju.edu.cnSigned-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
      70fae37a
    • Randy Dunlap's avatar
      pcmcia: synclink_cs: remove kernel-doc notation · af35dbad
      Randy Dunlap authored
      Remove all kernel-doc "/**" markers; just use "/*" comments since
      these are not in kernel-doc format.
      This eliminates 11 kernel-doc warnings:
      
      drivers/char/pcmcia/synclink_cs.c:487: warning: This comment starts with '/**', but isn't a kernel-doc comment. Refer Documentation/doc-guide/kernel-doc.rst
       * line discipline callback wrappers
      drivers/char/pcmcia/synclink_cs.c:3861: warning: This comment starts with '/**', but isn't a kernel-doc comment. Refer Documentation/doc-guide/kernel-doc.rst
       * called by generic HDLC layer when protocol selected (PPP, frame relay, etc.)
      drivers/char/pcmcia/synclink_cs.c:3914: warning: This comment starts with '/**', but isn't a kernel-doc comment. Refer Documentation/doc-guide/kernel-doc.rst
       * called by generic HDLC layer to send frame
      drivers/char/pcmcia/synclink_cs.c:3959: warning: This comment starts with '/**', but isn't a kernel-doc comment. Refer Documentation/doc-guide/kernel-doc.rst
       * called by network layer when interface enabled
      drivers/char/pcmcia/synclink_cs.c:4022: warning: This comment starts with '/**', but isn't a kernel-doc comment. Refer Documentation/doc-guide/kernel-doc.rst
       * called by network layer when interface is disabled
      drivers/char/pcmcia/synclink_cs.c:4053: warning: This comment starts with '/**', but isn't a kernel-doc comment. Refer Documentation/doc-guide/kernel-doc.rst
       * called by network layer to process IOCTL call to network device
      drivers/char/pcmcia/synclink_cs.c:4156: warning: This comment starts with '/**', but isn't a kernel-doc comment. Refer Documentation/doc-guide/kernel-doc.rst
       * called by network layer when transmit timeout is detected
      drivers/char/pcmcia/synclink_cs.c:4179: warning: This comment starts with '/**', but isn't a kernel-doc comment. Refer Documentation/doc-guide/kernel-doc.rst
       * called by device driver when transmit completes
      drivers/char/pcmcia/synclink_cs.c:4191: warning: This comment starts with '/**', but isn't a kernel-doc comment. Refer Documentation/doc-guide/kernel-doc.rst
       * called by device driver when frame received
      drivers/char/pcmcia/synclink_cs.c:4231: warning: This comment starts with '/**', but isn't a kernel-doc comment. Refer Documentation/doc-guide/kernel-doc.rst
       * called by device driver when adding device instance
      drivers/char/pcmcia/synclink_cs.c:4279: warning: This comment starts with '/**', but isn't a kernel-doc comment. Refer Documentation/doc-guide/kernel-doc.rst
       * called by device driver when removing device instance
      Signed-off-by: default avatarRandy Dunlap <rdunlap@infradead.org>
      Cc: Dominik Brodowski <linux@dominikbrodowski.net>
      Cc: Arnd Bergmann <arnd@arndb.de>
      Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
      Link: https://lore.kernel.org/r/20230114034646.1535-1-rdunlap@infradead.orgSigned-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
      af35dbad
    • Randy Dunlap's avatar
      most: tell what the MOST acronym means · 34d0938e
      Randy Dunlap authored
      Tell kconfig users what "MOST" means so that they can have a bit
      of information about what it is. I.e., more than zero information.
      Signed-off-by: default avatarRandy Dunlap <rdunlap@infradead.org>
      Cc: Christian Gromm <christian.gromm@microchip.com>
      Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
      Link: https://lore.kernel.org/r/20230117182840.26890-1-rdunlap@infradead.orgSigned-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
      34d0938e
    • Randy Dunlap's avatar
      most: fix kernel-doc warnings · fba3993e
      Randy Dunlap authored
      Fix various W=1 kernel-doc warnings in drivers/most/:
      
      drivers/most/most_usb.c:669: warning: Excess function parameter 'data' description in 'link_stat_timer_handler'
      drivers/most/most_usb.c:769: warning: cannot understand function prototype: 'const struct file_operations hdm_usb_fops = '
      drivers/most/most_usb.c:776: warning: cannot understand function prototype: 'const struct usb_device_id usbid[] = '
      drivers/most/most_cdev.c:301: warning: This comment starts with '/**', but isn't a kernel-doc comment. Refer Documentation/doc-guide/kernel-doc.rst
       * Initialization of struct file_operations
      drivers/most/most_cdev.c:414: warning: Function parameter or member 'args' not described in 'comp_probe'
      drivers/most/most_snd.c:56: warning: Function parameter or member 'pcm_hardware' not described in 'channel'
      drivers/most/most_snd.c:56: warning: Function parameter or member 'copy_fn' not described in 'channel'
      drivers/most/most_snd.c:404: warning: This comment starts with '/**', but isn't a kernel-doc comment. Refer Documentation/doc-guide/kernel-doc.rst
       * Initialization of struct snd_pcm_ops
      drivers/most/most_snd.c:514: warning: Function parameter or member 'device_name' not described in 'audio_probe_channel'
      drivers/most/most_snd.c:703: warning: This comment starts with '/**', but isn't a kernel-doc comment. Refer Documentation/doc-guide/kernel-doc.rst
       * Initialization of the struct most_component
      Signed-off-by: default avatarRandy Dunlap <rdunlap@infradead.org>
      Cc: Christian Gromm <christian.gromm@microchip.com>
      Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
      Link: https://lore.kernel.org/r/20230113063947.23174-1-rdunlap@infradead.orgSigned-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
      fba3993e
    • Randy Dunlap's avatar
      android: fix W=1 kernel-doc warnings · ad228a34
      Randy Dunlap authored
      Clean up kernel-doc notation, use correct function and parameter
      names.
      
      drivers/android/binderfs.c:236: warning: expecting prototype for binderfs_ctl_ioctl(). Prototype was for binder_ctl_ioctl() instead
      drivers/android/binder.c:386: warning: expecting prototype for binder_node_unlock(). Prototype was for binder_node_inner_unlock() instead
      drivers/android/binder.c:1206: warning: expecting prototype for binder_dec_ref(). Prototype was for binder_dec_ref_olocked() instead
      drivers/andrond/binder.c:284: warning: Excess function parameter 'proc' description in 'binder_proc_unlock'
      drivers/andrond/binder.c:387: warning: expecting prototype for binder_node_unlock(). Prototype was for binder_node_inner_unlock() instead
      Signed-off-by: default avatarRandy Dunlap <rdunlap@infradead.org>
      Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
      Cc: Arve Hjønnevåg <arve@android.com>
      Cc: Todd Kjos <tkjos@android.com>
      Cc: Martijn Coenen <maco@android.com>
      Cc: Joel Fernandes <joel@joelfernandes.org>
      Cc: Christian Brauner <christian@brauner.io>
      Cc: Carlos Llamas <cmllamas@google.com>
      Cc: Suren Baghdasaryan <surenb@google.com>
      Acked-by: default avatarCarlos Llamas <cmllamas@google.com>
      Link: https://lore.kernel.org/r/20230117183745.20842-1-rdunlap@infradead.orgSigned-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
      ad228a34
    • Li Li's avatar
      binder: return pending info for frozen async txns · 0567461a
      Li Li authored
      An async transaction to a frozen process will still be successfully
      put in the queue. But this pending async transaction won't be processed
      until the target process is unfrozen at an unspecified time in the
      future. Pass this important information back to the user space caller
      by returning BR_TRANSACTION_PENDING_FROZEN.
      Signed-off-by: default avatarLi Li <dualli@google.com>
      Acked-by: default avatarCarlos Llamas <cmllamas@google.com>
      Link: https://lore.kernel.org/r/20221123201654.589322-2-dualli@chromium.orgSigned-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
      0567461a
    • Jiazi.Li's avatar
      binder: remove unneeded size check code · 7feb35bc
      Jiazi.Li authored
      In binder_ioctl function, the legitimacy check of cmd size has been
      done in switch-case code:
      switch (cmd) {
      	case BINDER_WRITE_READ;//BINDER_WRITE_READ contains size info
      
      So unneeded do size check in binder_ioctl and binder_ioctl_write_read
      again.
      
      In the following version of Google GKI:
      
      Linux version 5.10.110-android12-9-00011-g2c814f559132-ab8969555
      
      It seems that the compiler has made optimization and has not passed
      cmd parameters to binder_ioctl_write_read:
      <binder_ioctl+628>:  mov     w8, #0x6201                     // #25089
      <binder_ioctl+632>:  movk    w8, #0xc030, lsl #16
      <binder_ioctl+636>:  cmp     w20, w8
      <binder_ioctl+640>:  b.ne    0xffffffda8aa97880 <binder_ioctl+3168>
      <binder_ioctl+644>:  mov     x0, x23 //filp
      <binder_ioctl+648>:  mov     x1, x27 //arg
      <binder_ioctl+652>:  mov     x2, x22 //thread
      <binder_ioctl+656>:  bl      0xffffffda8aa9e6e4 <binder_ioctl_write_read>
      <binder_ioctl+660>:  mov     w26, w0
      Signed-off-by: default avatarJiazi.Li <jiazi.li@transsion.com>
      Acked-by: default avatarCarlos Llamas <cmllamas@google.com>
      Link: https://lore.kernel.org/r/20221115120351.2769-1-jiazi.li@transsion.comSigned-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
      7feb35bc
  3. 15 Jan, 2023 4 commits
  4. 14 Jan, 2023 7 commits
    • Linus Torvalds's avatar
      Merge tag 'iommu-fixes-v6.2-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/joro/iommu · 7c698440
      Linus Torvalds authored
      Pull iommu fixes from Joerg Roedel:
      
       - Core: Fix an iommu-group refcount leak
      
       - Fix overflow issue in IOVA alloc path
      
       - ARM-SMMU fixes from Will:
          - Fix VFIO regression on NXP SoCs by reporting IOMMU_CAP_CACHE_COHERENCY
          - Fix SMMU shutdown paths to avoid device unregistration race
      
       - Error handling fix for Mediatek IOMMU driver
      
      * tag 'iommu-fixes-v6.2-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/joro/iommu:
        iommu/mediatek-v1: Fix an error handling path in mtk_iommu_v1_probe()
        iommu/iova: Fix alloc iova overflows issue
        iommu: Fix refcount leak in iommu_device_claim_dma_owner
        iommu/arm-smmu-v3: Don't unregister on shutdown
        iommu/arm-smmu: Don't unregister on shutdown
        iommu/arm-smmu: Report IOMMU_CAP_CACHE_COHERENCY even betterer
      7c698440
    • Linus Torvalds's avatar
      Merge tag 'fixes-2023-01-14' of git://git.kernel.org/pub/scm/linux/kernel/git/rppt/memblock · 4f43ade4
      Linus Torvalds authored
      Pull memblock fix from Mike Rapoport:
       "memblock: always release pages to the buddy allocator in
        memblock_free_late()
      
        If CONFIG_DEFERRED_STRUCT_PAGE_INIT is enabled, memblock_free_pages()
        only releases pages to the buddy allocator if they are not in the
        deferred range. This is correct for free pages (as defined by
        for_each_free_mem_pfn_range_in_zone()) because free pages in the
        deferred range will be initialized and released as part of the
        deferred init process.
      
        memblock_free_pages() is called by memblock_free_late(), which is used
        to free reserved ranges after memblock_free_all() has run. All pages
        in reserved ranges have been initialized at that point, and
        accordingly, those pages are not touched by the deferred init process.
      
        This means that currently, if the pages that memblock_free_late()
        intends to release are in the deferred range, they will never be
        released to the buddy allocator. They will forever be reserved.
      
        In addition, memblock_free_pages() calls kmsan_memblock_free_pages(),
        which is also correct for free pages but is not correct for reserved
        pages. KMSAN metadata for reserved pages is initialized by
        kmsan_init_shadow(), which runs shortly before memblock_free_all().
      
        For both of these reasons, memblock_free_pages() should only be called
        for free pages, and memblock_free_late() should call
        __free_pages_core() directly instead.
      
        One case where this issue can occur in the wild is EFI boot on x86_64.
        The x86 EFI code reserves all EFI boot services memory ranges via
        memblock_reserve() and frees them later via memblock_free_late()
        (efi_reserve_boot_services() and efi_free_boot_services(),
        respectively).
      
        If any of those ranges happens to fall within the deferred init range,
        the pages will not be released and that memory will be unavailable.
      
        For example, on an Amazon EC2 t3.micro VM (1 GB) booting via EFI:
      
          v6.2-rc2:
          Node 0, zone      DMA
                spanned  4095
                present  3999
                managed  3840
          Node 0, zone    DMA32
                spanned  246652
                present  245868
                managed  178867
      
          v6.2-rc2 + patch:
          Node 0, zone      DMA
                spanned  4095
                present  3999
                managed  3840
          Node 0, zone    DMA32
                spanned  246652
                present  245868
                managed  222816   # +43,949 pages"
      
      * tag 'fixes-2023-01-14' of git://git.kernel.org/pub/scm/linux/kernel/git/rppt/memblock:
        mm: Always release pages to the buddy allocator in memblock_free_late().
      4f43ade4
    • Linus Torvalds's avatar
      Merge tag 'hardening-v6.2-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux · 880ca43e
      Linus Torvalds authored
      Pull kernel hardening fixes from Kees Cook:
      
       - Fix CFI hash randomization with KASAN (Sami Tolvanen)
      
       - Check size of coreboot table entry and use flex-array
      
      * tag 'hardening-v6.2-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux:
        kbuild: Fix CFI hash randomization with KASAN
        firmware: coreboot: Check size of table entry and use flex-array
      880ca43e
    • Linus Torvalds's avatar
      Merge tag 'modules-6.2-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/mcgrof/linux · 8b7be52f
      Linus Torvalds authored
      Pull module fix from Luis Chamberlain:
       "Just one fix for modules by Nick"
      
      * tag 'modules-6.2-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/mcgrof/linux:
        kallsyms: Fix scheduling with interrupts disabled in self-test
      8b7be52f
    • Linus Torvalds's avatar
      Merge tag '6.2-rc3-smb3-client-fixes' of git://git.samba.org/sfrench/cifs-2.6 · b35ad63e
      Linus Torvalds authored
      Pull cifs fixes from Steve French:
      
       - memory leak and double free fix
      
       - two symlink fixes
      
       - minor cleanup fix
      
       - two smb1 fixes
      
      * tag '6.2-rc3-smb3-client-fixes' of git://git.samba.org/sfrench/cifs-2.6:
        cifs: Fix uninitialized memory read for smb311 posix symlink create
        cifs: fix potential memory leaks in session setup
        cifs: do not query ifaces on smb1 mounts
        cifs: fix double free on failed kerberos auth
        cifs: remove redundant assignment to the variable match
        cifs: fix file info setting in cifs_open_file()
        cifs: fix file info setting in cifs_query_path_info()
      b35ad63e
    • Linus Torvalds's avatar
      Merge tag 'scsi-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi · 8e768130
      Linus Torvalds authored
      Pull SCSI fixes from James Bottomley:
       "Two minor fixes in the hisi_sas driver which only impact enterprise
        style multi-expander and shared disk situations and no core changes"
      
      * tag 'scsi-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi:
        scsi: hisi_sas: Set a port invalid only if there are no devices attached when refreshing port id
        scsi: hisi_sas: Use abort task set to reset SAS disks when discovered
      8e768130
    • Linus Torvalds's avatar
      Merge tag 'ata-6.2-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/dlemoal/libata · 34cbf89a
      Linus Torvalds authored
      Pull ATA fix from Damien Le Moal:
       "A single fix to prevent building the pata_cs5535 driver with user mode
        linux as it uses msr operations that are not defined with UML"
      
      * tag 'ata-6.2-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/dlemoal/libata:
        ata: pata_cs5535: Don't build on UML
      34cbf89a
  5. 13 Jan, 2023 9 commits
    • Linus Torvalds's avatar
      Merge tag 'block-6.2-2023-01-13' of git://git.kernel.dk/linux · 97ec4d55
      Linus Torvalds authored
      Pull block fixes from Jens Axboe:
       "Nothing major in here, just a collection of NVMe fixes and dropping a
        wrong might_sleep() that static checkers tripped over but which isn't
        valid"
      
      * tag 'block-6.2-2023-01-13' of git://git.kernel.dk/linux:
        MAINTAINERS: stop nvme matching for nvmem files
        nvme: don't allow unprivileged passthrough on partitions
        nvme: replace the "bool vec" arguments with flags in the ioctl path
        nvme: remove __nvme_ioctl
        nvme-pci: fix error handling in nvme_pci_enable()
        nvme-pci: add NVME_QUIRK_IDENTIFY_CNS quirk to Apple T2 controllers
        nvme-apple: add NVME_QUIRK_IDENTIFY_CNS quirk to fix regression
        block: Drop spurious might_sleep() from blk_put_queue()
      97ec4d55
    • Linus Torvalds's avatar
      Merge tag 'io_uring-6.2-2023-01-13' of git://git.kernel.dk/linux · 2ce7592d
      Linus Torvalds authored
      Pull io_uring fixes from Jens Axboe:
       "A fix for a regression that happened last week, rest is fixes that
        will be headed to stable as well. In detail:
      
         - Fix for a regression added with the leak fix from last week (me)
      
         - In writing a test case for that leak, inadvertently discovered a
           case where we a poll request can race. So fix that up and mark it
           for stable, and also ensure that fdinfo covers both the poll tables
           that we have. The latter was an oversight when the split poll table
           were added (me)
      
         - Fix for a lockdep reported issue with IOPOLL (Pavel)"
      
      * tag 'io_uring-6.2-2023-01-13' of git://git.kernel.dk/linux:
        io_uring: lock overflowing for IOPOLL
        io_uring/poll: attempt request issue after racy poll wakeup
        io_uring/fdinfo: include locked hash table in fdinfo output
        io_uring/poll: add hash if ready poll request can't complete inline
        io_uring/io-wq: only free worker if it was allocated for creation
      2ce7592d
    • Linus Torvalds's avatar
      Merge tag 'pci-v6.2-fixes-1' of git://git.kernel.org/pub/scm/linux/kernel/git/helgaas/pci · 9e058c29
      Linus Torvalds authored
      Pull pci fixes from Bjorn Helgaas:
      
       - Work around apparent firmware issue that made Linux reject MMCONFIG
         space, which broke PCI extended config space (Bjorn Helgaas)
      
       - Fix CONFIG_PCIE_BT1 dependency due to mid-air collision between a
         PCI_MSI_IRQ_DOMAIN -> PCI_MSI change and addition of PCIE_BT1 (Lukas
         Bulwahn)
      
      * tag 'pci-v6.2-fixes-1' of git://git.kernel.org/pub/scm/linux/kernel/git/helgaas/pci:
        x86/pci: Treat EfiMemoryMappedIO as reservation of ECAM space
        x86/pci: Simplify is_mmconf_reserved() messages
        PCI: dwc: Adjust to recent removal of PCI_MSI_IRQ_DOMAIN
      9e058c29
    • Sami Tolvanen's avatar
      kbuild: Fix CFI hash randomization with KASAN · 42633ed8
      Sami Tolvanen authored
      Clang emits a asan.module_ctor constructor to each object file
      when KASAN is enabled, and these functions are indirectly called
      in do_ctors. With CONFIG_CFI_CLANG, the compiler also emits a CFI
      type hash before each address-taken global function so they can
      pass indirect call checks.
      
      However, in commit 0c3e806e ("x86/cfi: Add boot time hash
      randomization"), x86 implemented boot time hash randomization,
      which relies on the .cfi_sites section generated by objtool. As
      objtool is run against vmlinux.o instead of individual object
      files with X86_KERNEL_IBT (enabled by default), CFI types in
      object files that are not part of vmlinux.o end up not being
      included in .cfi_sites, and thus won't get randomized and trip
      CFI when called.
      
      Only .vmlinux.export.o and init/version-timestamp.o are linked
      into vmlinux separately from vmlinux.o. As these files don't
      contain any functions, disable KASAN for both of them to avoid
      breaking hash randomization.
      
      Link: https://github.com/ClangBuiltLinux/linux/issues/1742
      Fixes: 0c3e806e ("x86/cfi: Add boot time hash randomization")
      Signed-off-by: default avatarSami Tolvanen <samitolvanen@google.com>
      Acked-by: default avatarPeter Zijlstra (Intel) <peterz@infradead.org>
      Signed-off-by: default avatarKees Cook <keescook@chromium.org>
      Link: https://lore.kernel.org/r/20230112224948.1479453-2-samitolvanen@google.com
      42633ed8
    • Kees Cook's avatar
      firmware: coreboot: Check size of table entry and use flex-array · 3b293487
      Kees Cook authored
      The memcpy() of the data following a coreboot_table_entry couldn't
      be evaluated by the compiler under CONFIG_FORTIFY_SOURCE. To make it
      easier to reason about, add an explicit flexible array member to struct
      coreboot_device so the entire entry can be copied at once. Additionally,
      validate the sizes before copying. Avoids this run-time false positive
      warning:
      
        memcpy: detected field-spanning write (size 168) of single field "&device->entry" at drivers/firmware/google/coreboot_table.c:103 (size 8)
      Reported-by: default avatarPaul Menzel <pmenzel@molgen.mpg.de>
      Link: https://lore.kernel.org/all/03ae2704-8c30-f9f0-215b-7cdf4ad35a9a@molgen.mpg.de/
      Cc: Jack Rosenthal <jrosenth@chromium.org>
      Cc: Guenter Roeck <groeck@chromium.org>
      Cc: Julius Werner <jwerner@chromium.org>
      Cc: Brian Norris <briannorris@chromium.org>
      Cc: Stephen Boyd <swboyd@chromium.org>
      Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
      Signed-off-by: default avatarKees Cook <keescook@chromium.org>
      Reviewed-by: default avatarJulius Werner <jwerner@chromium.org>
      Reviewed-by: default avatarGuenter Roeck <groeck@chromium.org>
      Link: https://lore.kernel.org/r/20230107031406.gonna.761-kees@kernel.orgReviewed-by: default avatarStephen Boyd <swboyd@chromium.org>
      Reviewed-by: default avatarJack Rosenthal <jrosenth@chromium.org>
      Link: https://lore.kernel.org/r/20230112230312.give.446-kees@kernel.org
      3b293487
    • Nicholas Piggin's avatar
      kallsyms: Fix scheduling with interrupts disabled in self-test · da35048f
      Nicholas Piggin authored
      kallsyms_on_each* may schedule so must not be called with interrupts
      disabled. The iteration function could disable interrupts, but this
      also changes lookup_symbol() to match the change to the other timing
      code.
      Reported-by: default avatarErhard F. <erhard_f@mailbox.org>
      Link: https://lore.kernel.org/all/bug-216902-206035@https.bugzilla.kernel.org%2F/Reported-by: default avatarkernel test robot <oliver.sang@intel.com>
      Link: https://lore.kernel.org/oe-lkp/202212251728.8d0872ff-oliver.sang@intel.com
      Fixes: 30f3bb09 ("kallsyms: Add self-test facility")
      Tested-by: default avatar"Erhard F." <erhard_f@mailbox.org>
      Signed-off-by: default avatarNicholas Piggin <npiggin@gmail.com>
      Signed-off-by: default avatarLuis Chamberlain <mcgrof@kernel.org>
      da35048f
    • Peter Foley's avatar
      ata: pata_cs5535: Don't build on UML · 22eebaa6
      Peter Foley authored
      This driver uses MSR functions that aren't implemented under UML.
      Avoid building it to prevent tripping up allyesconfig.
      
      e.g.
      /usr/lib/gcc/x86_64-pc-linux-gnu/12/../../../../x86_64-pc-linux-gnu/bin/ld: pata_cs5535.c:(.text+0x3a3): undefined reference to `__tracepoint_read_msr'
      /usr/lib/gcc/x86_64-pc-linux-gnu/12/../../../../x86_64-pc-linux-gnu/bin/ld: pata_cs5535.c:(.text+0x3d2): undefined reference to `__tracepoint_write_msr'
      /usr/lib/gcc/x86_64-pc-linux-gnu/12/../../../../x86_64-pc-linux-gnu/bin/ld: pata_cs5535.c:(.text+0x457): undefined reference to `__tracepoint_write_msr'
      /usr/lib/gcc/x86_64-pc-linux-gnu/12/../../../../x86_64-pc-linux-gnu/bin/ld: pata_cs5535.c:(.text+0x481): undefined reference to `do_trace_write_msr'
      /usr/lib/gcc/x86_64-pc-linux-gnu/12/../../../../x86_64-pc-linux-gnu/bin/ld: pata_cs5535.c:(.text+0x4d5): undefined reference to `do_trace_write_msr'
      /usr/lib/gcc/x86_64-pc-linux-gnu/12/../../../../x86_64-pc-linux-gnu/bin/ld: pata_cs5535.c:(.text+0x4f5): undefined reference to `do_trace_read_msr'
      /usr/lib/gcc/x86_64-pc-linux-gnu/12/../../../../x86_64-pc-linux-gnu/bin/ld: pata_cs5535.c:(.text+0x51c): undefined reference to `do_trace_write_msr'
      Signed-off-by: default avatarPeter Foley <pefoley2@pefoley.com>
      Reviewed-by: default avatarRandy Dunlap <rdunlap@infradead.org>
      Signed-off-by: default avatarDamien Le Moal <damien.lemoal@opensource.wdc.com>
      22eebaa6
    • Linus Torvalds's avatar
      Merge tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm · 92783a90
      Linus Torvalds authored
      Pull kvm fixes from Paolo Bonzini:
       "ARM:
      
         - Fix the PMCR_EL0 reset value after the PMU rework
      
         - Correctly handle S2 fault triggered by a S1 page table walk by not
           always classifying it as a write, as this breaks on R/O memslots
      
         - Document why we cannot exit with KVM_EXIT_MMIO when taking a write
           fault from a S1 PTW on a R/O memslot
      
         - Put the Apple M2 on the naughty list for not being able to
           correctly implement the vgic SEIS feature, just like the M1 before
           it
      
         - Reviewer updates: Alex is stepping down, replaced by Zenghui
      
        x86:
      
         - Fix various rare locking issues in Xen emulation and teach lockdep
           to detect them
      
         - Documentation improvements
      
         - Do not return host topology information from KVM_GET_SUPPORTED_CPUID"
      
      * tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm:
        KVM: x86/xen: Avoid deadlock by adding kvm->arch.xen.xen_lock leaf node lock
        KVM: Ensure lockdep knows about kvm->lock vs. vcpu->mutex ordering rule
        KVM: x86/xen: Fix potential deadlock in kvm_xen_update_runstate_guest()
        KVM: x86/xen: Fix lockdep warning on "recursive" gpc locking
        Documentation: kvm: fix SRCU locking order docs
        KVM: x86: Do not return host topology information from KVM_GET_SUPPORTED_CPUID
        KVM: nSVM: clarify recalc_intercepts() wrt CR8
        MAINTAINERS: Remove myself as a KVM/arm64 reviewer
        MAINTAINERS: Add Zenghui Yu as a KVM/arm64 reviewer
        KVM: arm64: vgic: Add Apple M2 cpus to the list of broken SEIS implementations
        KVM: arm64: Convert FSC_* over to ESR_ELx_FSC_*
        KVM: arm64: Document the behaviour of S1PTW faults on RO memslots
        KVM: arm64: Fix S1PTW handling on RO memslots
        KVM: arm64: PMU: Fix PMCR_EL0 reset value
      92783a90
    • Mateusz Guzik's avatar
      lockref: stop doing cpu_relax in the cmpxchg loop · f5fe24ef
      Mateusz Guzik authored
      On the x86-64 architecture even a failing cmpxchg grants exclusive
      access to the cacheline, making it preferable to retry the failed op
      immediately instead of stalling with the pause instruction.
      
      To illustrate the impact, below are benchmark results obtained by
      running various will-it-scale tests on top of the 6.2-rc3 kernel and
      Cascade Lake (2 sockets * 24 cores * 2 threads) CPU.
      
      All results in ops/s.  Note there is some variance in re-runs, but the
      code is consistently faster when contention is present.
      
        open3 ("Same file open/close"):
        proc          stock       no-pause
           1         805603         814942       (+%1)
           2        1054980        1054781       (-0%)
           8        1544802        1822858      (+18%)
          24        1191064        2199665      (+84%)
          48         851582        1469860      (+72%)
          96         609481        1427170     (+134%)
      
        fstat2 ("Same file fstat"):
        proc          stock       no-pause
           1        3013872        3047636       (+1%)
           2        4284687        4400421       (+2%)
           8        3257721        5530156      (+69%)
          24        2239819        5466127     (+144%)
          48        1701072        5256609     (+209%)
          96        1269157        6649326     (+423%)
      
      Additionally, a kernel with a private patch to help access() scalability:
      access2 ("Same file access"):
      
        proc          stock        patched      patched
                                               +nopause
          24        2378041        2005501      5370335  (-15% / +125%)
      
      That is, fixing the problems in access itself *reduces* scalability
      after the cacheline ping-pong only happens in lockref with the pause
      instruction.
      
      Note that fstat and access benchmarks are not currently integrated into
      will-it-scale, but interested parties can find them in pull requests to
      said project.
      
      Code at hand has a rather tortured history.  First modification showed
      up in commit d472d9d9 ("lockref: Relax in cmpxchg loop"), written
      with Itanium in mind.  Later it got patched up to use an arch-dependent
      macro to stop doing it on s390 where it caused a significant regression.
      Said macro had undergone revisions and was ultimately eliminated later,
      going back to cpu_relax.
      
      While I intended to only remove cpu_relax for x86-64, I got the
      following comment from Linus:
      
          I would actually prefer just removing it entirely and see if
          somebody else hollers. You have the numbers to prove it hurts on
          real hardware, and I don't think we have any numbers to the
          contrary.
      
          So I think it's better to trust the numbers and remove it as a
          failure, than say "let's just remove it on x86-64 and leave
          everybody else with the potentially broken code"
      
      Additionally, Will Deacon (maintainer of the arm64 port, one of the
      architectures previously benchmarked):
      
          So, from the arm64 side of the fence, I'm perfectly happy just
          removing the cpu_relax() calls from lockref.
      
      As such, come back full circle in history and whack it altogether.
      Signed-off-by: default avatarMateusz Guzik <mjguzik@gmail.com>
      Link: https://lore.kernel.org/all/CAGudoHHx0Nqg6DE70zAVA75eV-HXfWyhVMWZ-aSeOofkA_=WdA@mail.gmail.com/
      Acked-by: Tony Luck <tony.luck@intel.com> # ia64
      Acked-by: Nicholas Piggin <npiggin@gmail.com> # powerpc
      Acked-by: Will Deacon <will@kernel.org> # arm64
      Acked-by: default avatarPeter Zijlstra <peterz@infradead.org>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      f5fe24ef