linux-2.6-microblaze.git
17 months agoKVM: selftests: get-reg-list: support ID register features
Joey Gouly [Tue, 6 Jun 2023 14:58:58 +0000 (15:58 +0100)]
KVM: selftests: get-reg-list: support ID register features

This stops the test complaining about missing registers, when running
on an older kernel that does not support newer features.

Signed-off-by: Joey Gouly <joey.gouly@arm.com>
Cc: Marc Zyngier <maz@kernel.org>
Cc: Oliver Upton <oliver.upton@linux.dev>
Cc: Mark Brown <broonie@kernel.org>
Cc: Shuah Khan <shuah@kernel.org>
Link: https://lore.kernel.org/r/20230606145859.697944-20-joey.gouly@arm.com
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
17 months agoarm64: Document boot requirements for PIE
Joey Gouly [Tue, 6 Jun 2023 14:58:57 +0000 (15:58 +0100)]
arm64: Document boot requirements for PIE

Features PIE and TCR2 introduce new registers, update the trap requirements
for these features.

Signed-off-by: Joey Gouly <joey.gouly@arm.com>
Cc: Will Deacon <will@kernel.org>
Cc: Mark Brown <broonie@kernel.org>
Reviewed-by: Mark Brown <broonie@kernel.org>
Reviewed-by: Catalin Marinas <catalin.marinas@arm.com>
Link: https://lore.kernel.org/r/20230606145859.697944-19-joey.gouly@arm.com
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
17 months agoarm64: transfer permission indirection settings to EL2
Joey Gouly [Tue, 6 Jun 2023 14:58:56 +0000 (15:58 +0100)]
arm64: transfer permission indirection settings to EL2

Copy the EL1 registers: TCR2_EL1, PIR_EL1, PIRE0_EL1, such that PIE
is also enabled for EL2.

Signed-off-by: Joey Gouly <joey.gouly@arm.com>
Cc: Will Deacon <will@kernel.org>
Cc: Marc Zyngier <maz@kernel.org>
Cc: Oliver Upton <oliver.upton@linux.dev>
Reviewed-by: Catalin Marinas <catalin.marinas@arm.com>
Link: https://lore.kernel.org/r/20230606145859.697944-18-joey.gouly@arm.com
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
17 months agoarm64: enable Permission Indirection Extension (PIE)
Joey Gouly [Tue, 6 Jun 2023 14:58:55 +0000 (15:58 +0100)]
arm64: enable Permission Indirection Extension (PIE)

Now that the necessary changes have been made, set the Permission Indirection
registers and enable the Permission Indirection Extension.

Signed-off-by: Joey Gouly <joey.gouly@arm.com>
Cc: Will Deacon <will@kernel.org>
Reviewed-by: Catalin Marinas <catalin.marinas@arm.com>
Link: https://lore.kernel.org/r/20230606145859.697944-17-joey.gouly@arm.com
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
17 months agoarm64: add encodings of PIRx_ELx registers
Joey Gouly [Tue, 6 Jun 2023 14:58:54 +0000 (15:58 +0100)]
arm64: add encodings of PIRx_ELx registers

The encodings used in the permission indirection registers means that the
values that Linux puts in the PTEs do not need to be changed.

The E0 values are replicated in E1, with the execute permissions removed.
This is needed as the futex operations access user mappings with privileged
loads/stores.

Signed-off-by: Joey Gouly <joey.gouly@arm.com>
Cc: Will Deacon <will@kernel.org>
Reviewed-by: Catalin Marinas <catalin.marinas@arm.com>
Link: https://lore.kernel.org/r/20230606145859.697944-16-joey.gouly@arm.com
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
17 months agoarm64: disable EL2 traps for PIE
Joey Gouly [Tue, 6 Jun 2023 14:58:53 +0000 (15:58 +0100)]
arm64: disable EL2 traps for PIE

Disable trapping of TCR2_EL1 and PIRx_EL1 registers, so they can be
accessed from by EL1.

Signed-off-by: Joey Gouly <joey.gouly@arm.com>
Cc: Will Deacon <will@kernel.org>
Reviewed-by: Mark Brown <broonie@kernel.org>
Reviewed-by: Catalin Marinas <catalin.marinas@arm.com>
Link: https://lore.kernel.org/r/20230606145859.697944-15-joey.gouly@arm.com
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
17 months agoarm64: reorganise PAGE_/PROT_ macros
Joey Gouly [Tue, 6 Jun 2023 14:58:52 +0000 (15:58 +0100)]
arm64: reorganise PAGE_/PROT_ macros

Make these macros available to assembly code, so they can be re-used by the
PIE initialisation code.

This involves adding some extra macros, prepended with _ that are the raw
values not `pgprot` values.

A dummy value for PTE_MAYBE_NG is also provided, for use in assembly.

Signed-off-by: Joey Gouly <joey.gouly@arm.com>
Cc: Will Deacon <will@kernel.org>
Cc: Mark Rutland <mark.rutland@arm.com>
Reviewed-by: Catalin Marinas <catalin.marinas@arm.com>
Link: https://lore.kernel.org/r/20230606145859.697944-14-joey.gouly@arm.com
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
17 months agoarm64: add PTE_WRITE to PROT_SECT_NORMAL
Joey Gouly [Tue, 6 Jun 2023 14:58:51 +0000 (15:58 +0100)]
arm64: add PTE_WRITE to PROT_SECT_NORMAL

With PIE enabled, PROT_SECT_NORMAL would map onto PAGE_KERNEL_RO.
Add PTE_WRITE so that this maps onto PAGE_KERNEL, so that it is writable.

Without PIE, this should enable DBM for PROT_SECT_NORMAL. However PTE_RDONLY
is already cleared, so the DBM mechanism is not used, and it is always writable,
so this is functionally equivalent.

Signed-off-by: Joey Gouly <joey.gouly@arm.com>
Cc: Will Deacon <will@kernel.org>
Cc: Mark Rutland <mark.rutland@arm.com>
Reviewed-by: Catalin Marinas <catalin.marinas@arm.com>
Link: https://lore.kernel.org/r/20230606145859.697944-13-joey.gouly@arm.com
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
17 months agoarm64: add PTE_UXN/PTE_WRITE to SWAPPER_*_FLAGS
Joey Gouly [Tue, 6 Jun 2023 14:58:50 +0000 (15:58 +0100)]
arm64: add PTE_UXN/PTE_WRITE to SWAPPER_*_FLAGS

With PIE enabled, the swapper PTEs would have a Permission Indirection Index
(PIIndex) of 0. A PIIndex of 0 is not currently used by any other PTEs.

To avoid using index 0 specifically for the swapper PTEs, mark them as
PTE_UXN and PTE_WRITE, so that they map to a PAGE_KERNEL_EXEC equivalent.

This also adds PTE_WRITE to KPTI_NG_PTE_FLAGS, which was tested by booting
with kpti=on.

Signed-off-by: Joey Gouly <joey.gouly@arm.com>
Cc: Will Deacon <will@kernel.org>
Cc: Mark Rutland <mark.rutland@arm.com>
Link: https://lore.kernel.org/r/20230606145859.697944-12-joey.gouly@arm.com
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
17 months agoKVM: arm64: expose ID_AA64MMFR3_EL1 to guests
Joey Gouly [Tue, 6 Jun 2023 14:58:49 +0000 (15:58 +0100)]
KVM: arm64: expose ID_AA64MMFR3_EL1 to guests

Now that KVM context switches the appropriate registers, expose ID_AA64MMFR3_EL1
to guests to allow them to use the new features.

Signed-off-by: Joey Gouly <joey.gouly@arm.com>
Cc: Marc Zyngier <maz@kernel.org>
Cc: Oliver Upton <oliver.upton@linux.dev>
Cc: James Morse <james.morse@arm.com>
Cc: Suzuki K Poulose <suzuki.poulose@arm.com>
Cc: Zenghui Yu <yuzenghui@huawei.com>
Cc: Will Deacon <will@kernel.org>
Acked-by: Catalin Marinas <catalin.marinas@arm.com>
Reviewed-by: Marc Zyngier <maz@kernel.org>
Link: https://lore.kernel.org/r/20230606145859.697944-11-joey.gouly@arm.com
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
17 months agoKVM: arm64: Save/restore PIE registers
Joey Gouly [Tue, 6 Jun 2023 14:58:48 +0000 (15:58 +0100)]
KVM: arm64: Save/restore PIE registers

Define the new system registers that PIE introduces and context switch them.
The PIE feature is still hidden from the ID register, and not exposed to a VM.

Signed-off-by: Joey Gouly <joey.gouly@arm.com>
Cc: Marc Zyngier <maz@kernel.org>
Cc: Oliver Upton <oliver.upton@linux.dev>
Cc: James Morse <james.morse@arm.com>
Cc: Suzuki K Poulose <suzuki.poulose@arm.com>
Cc: Zenghui Yu <yuzenghui@huawei.com>
Cc: Will Deacon <will@kernel.org>
Reviewed-by: Catalin Marinas <catalin.marinas@arm.com>
Reviewed-by: Marc Zyngier <maz@kernel.org>
Link: https://lore.kernel.org/r/20230606145859.697944-10-joey.gouly@arm.com
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
17 months agoKVM: arm64: Save/restore TCR2_EL1
Joey Gouly [Tue, 6 Jun 2023 14:58:47 +0000 (15:58 +0100)]
KVM: arm64: Save/restore TCR2_EL1

Define the new system register TCR2_EL1 and context switch it.

Signed-off-by: Joey Gouly <joey.gouly@arm.com>
Cc: Marc Zyngier <maz@kernel.org>
Cc: Oliver Upton <oliver.upton@linux.dev>
Cc: James Morse <james.morse@arm.com>
Cc: Suzuki K Poulose <suzuki.poulose@arm.com>
Cc: Zenghui Yu <yuzenghui@huawei.com>
Cc: Will Deacon <will@kernel.org>
Reviewed-by: Catalin Marinas <catalin.marinas@arm.com>
Reviewed-by: Marc Zyngier <maz@kernel.org>
Link: https://lore.kernel.org/r/20230606145859.697944-9-joey.gouly@arm.com
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
17 months agoarm64: cpufeature: add Permission Indirection Extension cpucap
Joey Gouly [Tue, 6 Jun 2023 14:58:46 +0000 (15:58 +0100)]
arm64: cpufeature: add Permission Indirection Extension cpucap

This indicates if the system supports PIE. This is a CPUCAP_BOOT_CPU_FEATURE
as the boot CPU will enable PIE if it has it, so secondary CPUs must also
have this feature.

Signed-off-by: Joey Gouly <joey.gouly@arm.com>
Cc: Will Deacon <will@kernel.org>
Reviewed-by: Catalin Marinas <catalin.marinas@arm.com>
Reviewed-by: Mark Brown <broonie@kernel.org>
Link: https://lore.kernel.org/r/20230606145859.697944-8-joey.gouly@arm.com
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
17 months agoarm64: cpufeature: add TCR2 cpucap
Joey Gouly [Tue, 6 Jun 2023 14:58:45 +0000 (15:58 +0100)]
arm64: cpufeature: add TCR2 cpucap

This capability indicates if the system supports the TCR2_ELx system register.

Signed-off-by: Joey Gouly <joey.gouly@arm.com>
Cc: Will Deacon <will@kernel.org>
Reviewed-by: Catalin Marinas <catalin.marinas@arm.com>
Reviewed-by: Mark Brown <broonie@kernel.org>
Link: https://lore.kernel.org/r/20230606145859.697944-7-joey.gouly@arm.com
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
17 months agoarm64: cpufeature: add system register ID_AA64MMFR3
Joey Gouly [Tue, 6 Jun 2023 14:58:44 +0000 (15:58 +0100)]
arm64: cpufeature: add system register ID_AA64MMFR3

Add new system register ID_AA64MMFR3 to the cpufeature infrastructure.

Signed-off-by: Joey Gouly <joey.gouly@arm.com>
Cc: Will Deacon <will@kernel.org>
Reviewed-by: Catalin Marinas <catalin.marinas@arm.com>
Link: https://lore.kernel.org/r/20230606145859.697944-6-joey.gouly@arm.com
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
17 months agoarm64/sysreg: add PIR*_ELx registers
Joey Gouly [Tue, 6 Jun 2023 14:58:43 +0000 (15:58 +0100)]
arm64/sysreg: add PIR*_ELx registers

Add definitions of PIR_EL1, PIR_EL12, PIRE0_EL1, PIRE0_EL12, and
PIR_EL2 registers.

Signed-off-by: Joey Gouly <joey.gouly@arm.com>
Cc: Will Deacon <will@kernel.org>
Cc: Mark Brown <broonie@kernel.org>
Reviewed-by: Mark Brown <broonie@kernel.org>
Acked-by: Catalin Marinas <catalin.marinas@arm.com>
Link: https://lore.kernel.org/r/20230606145859.697944-5-joey.gouly@arm.com
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
17 months agoarm64/sysreg: update HCRX_EL2 register
Joey Gouly [Tue, 6 Jun 2023 14:58:42 +0000 (15:58 +0100)]
arm64/sysreg: update HCRX_EL2 register

Update the HCRX_EL2 register with new bit definitions.

Signed-off-by: Joey Gouly <joey.gouly@arm.com>
Cc: Will Deacon <will@kernel.org>
Cc: Mark Brown <broonie@kernel.org>
Reviewed-by: Mark Brown <broonie@kernel.org>
Acked-by: Catalin Marinas <catalin.marinas@arm.com>
Link: https://lore.kernel.org/r/20230606145859.697944-4-joey.gouly@arm.com
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
17 months agoarm64/sysreg: add system registers TCR2_ELx
Joey Gouly [Tue, 6 Jun 2023 14:58:41 +0000 (15:58 +0100)]
arm64/sysreg: add system registers TCR2_ELx

Add definitions of TCR2_EL1, TCR2_EL12 and TCR_EL2 registers.

Signed-off-by: Joey Gouly <joey.gouly@arm.com>
Cc: Will Deacon <will@kernel.org>
Cc: Mark Brown <broonie@kernel.org>
Reviewed-by: Mark Brown <broonie@kernel.org>
Acked-by: Catalin Marinas <catalin.marinas@arm.com>
Link: https://lore.kernel.org/r/20230606145859.697944-3-joey.gouly@arm.com
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
17 months agoarm64/sysreg: Add ID register ID_AA64MMFR3
Joey Gouly [Tue, 6 Jun 2023 14:58:40 +0000 (15:58 +0100)]
arm64/sysreg: Add ID register ID_AA64MMFR3

Add the new ID register ID_AA64MMFR3, according to DDI0601 2023-03.

Signed-off-by: Joey Gouly <joey.gouly@arm.com>
Cc: Will Deacon <will@kernel.org>
Cc: Mark Brown <broonie@kernel.org>
Reviewed-by: Mark Brown <broonie@kernel.org>
Acked-by: Catalin Marinas <catalin.marinas@arm.com>
Link: https://lore.kernel.org/r/20230606145859.697944-2-joey.gouly@arm.com
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
17 months agokselftest/arm64: add MOPS to hwcap test
Kristina Martsenko [Tue, 9 May 2023 14:22:35 +0000 (15:22 +0100)]
kselftest/arm64: add MOPS to hwcap test

Add the MOPS hwcap to the hwcap kselftest and check that a SIGILL is not
generated when the feature is detected. A SIGILL is reliable when the
feature is not detected as SCTLR_EL1.MSCEn won't have been set.

Signed-off-by: Kristina Martsenko <kristina.martsenko@arm.com>
Reviewed-by: Mark Brown <broonie@kernel.org>
Link: https://lore.kernel.org/r/20230509142235.3284028-12-kristina.martsenko@arm.com
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
17 months agoarm64: mops: allow disabling MOPS from the kernel command line
Kristina Martsenko [Tue, 9 May 2023 14:22:34 +0000 (15:22 +0100)]
arm64: mops: allow disabling MOPS from the kernel command line

Make it possible to disable the MOPS extension at runtime using the
kernel command line. This can be useful for testing or working around
hardware issues. For example it could be used to test new memory copy
routines that do not use MOPS instructions (e.g. from Arm Optimized
Routines).

Reviewed-by: Catalin Marinas <catalin.marinas@arm.com>
Signed-off-by: Kristina Martsenko <kristina.martsenko@arm.com>
Link: https://lore.kernel.org/r/20230509142235.3284028-11-kristina.martsenko@arm.com
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
17 months agoarm64: mops: detect and enable FEAT_MOPS
Kristina Martsenko [Tue, 9 May 2023 14:22:33 +0000 (15:22 +0100)]
arm64: mops: detect and enable FEAT_MOPS

The Arm v8.8/9.3 FEAT_MOPS feature provides new instructions that
perform a memory copy or set. Wire up the cpufeature code to detect the
presence of FEAT_MOPS and enable it.

Reviewed-by: Catalin Marinas <catalin.marinas@arm.com>
Signed-off-by: Kristina Martsenko <kristina.martsenko@arm.com>
Link: https://lore.kernel.org/r/20230509142235.3284028-10-kristina.martsenko@arm.com
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
17 months agoarm64: mops: handle single stepping after MOPS exception
Kristina Martsenko [Tue, 9 May 2023 14:22:32 +0000 (15:22 +0100)]
arm64: mops: handle single stepping after MOPS exception

When a MOPS main or epilogue instruction is being executed, the task may
get scheduled on a different CPU and restart execution from the prologue
instruction. If the main or epilogue instruction is being single stepped
then it makes sense to finish the step and take the step exception
before starting to execute the next (prologue) instruction. So
fast-forward the single step state machine when taking a MOPS exception.

This means that if a main or epilogue instruction is single stepped with
ptrace, the debugger will sometimes observe the PC moving back to the
prologue instruction. (As already mentioned, this should be rare as it
only happens when the task is scheduled to another CPU during the step.)

This also ensures that perf breakpoints count prologue instructions
consistently (i.e. every time they are executed), rather than skipping
them when there also happens to be a breakpoint on a main or epilogue
instruction.

Acked-by: Catalin Marinas <catalin.marinas@arm.com>
Signed-off-by: Kristina Martsenko <kristina.martsenko@arm.com>
Link: https://lore.kernel.org/r/20230509142235.3284028-9-kristina.martsenko@arm.com
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
17 months agoarm64: mops: handle MOPS exceptions
Kristina Martsenko [Tue, 9 May 2023 14:22:31 +0000 (15:22 +0100)]
arm64: mops: handle MOPS exceptions

The memory copy/set instructions added as part of FEAT_MOPS can take an
exception (e.g. page fault) part-way through their execution and resume
execution afterwards.

If however the task is re-scheduled and execution resumes on a different
CPU, then the CPU may take a new type of exception to indicate this.
This is because the architecture allows two options (Option A and Option
B) to implement the instructions and a heterogeneous system can have
different implementations between CPUs.

In this case the OS has to reset the registers and restart execution
from the prologue instruction. The algorithm for doing this is provided
as part of the Arm ARM.

Add an exception handler for the new exception and wire it up for
userspace tasks.

Reviewed-by: Catalin Marinas <catalin.marinas@arm.com>
Signed-off-by: Kristina Martsenko <kristina.martsenko@arm.com>
Link: https://lore.kernel.org/r/20230509142235.3284028-8-kristina.martsenko@arm.com
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
17 months agoKVM: arm64: hide MOPS from guests
Kristina Martsenko [Tue, 9 May 2023 14:22:30 +0000 (15:22 +0100)]
KVM: arm64: hide MOPS from guests

As FEAT_MOPS is not supported in guests yet, hide it from the ID
registers for guests.

The MOPS instructions are UNDEFINED in guests as HCRX_EL2.MSCEn is not
set in HCRX_GUEST_FLAGS, and will take an exception to EL1 if executed.

Signed-off-by: Kristina Martsenko <kristina.martsenko@arm.com>
Acked-by: Catalin Marinas <catalin.marinas@arm.com>
Acked-by: Marc Zyngier <maz@kernel.org>
Acked-by: Oliver Upton <oliver.upton@linux.dev>
Link: https://lore.kernel.org/r/20230509142235.3284028-7-kristina.martsenko@arm.com
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
17 months agoarm64: mops: don't disable host MOPS instructions from EL2
Kristina Martsenko [Tue, 9 May 2023 14:22:29 +0000 (15:22 +0100)]
arm64: mops: don't disable host MOPS instructions from EL2

To allow nVHE host EL0 and EL1 to use FEAT_MOPS instructions, configure
EL2 to not cause these instructions to be treated as UNDEFINED. A VHE
host is unaffected by this control.

Reviewed-by: Catalin Marinas <catalin.marinas@arm.com>
Signed-off-by: Kristina Martsenko <kristina.martsenko@arm.com>
Link: https://lore.kernel.org/r/20230509142235.3284028-6-kristina.martsenko@arm.com
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
17 months agoarm64: mops: document boot requirements for MOPS
Kristina Martsenko [Tue, 9 May 2023 14:22:28 +0000 (15:22 +0100)]
arm64: mops: document boot requirements for MOPS

FEAT_MOPS introduces new instructions, we require that these
instructions not execute as UNDEFINED when we identify that the feature
is supported.

Signed-off-by: Kristina Martsenko <kristina.martsenko@arm.com>
Link: https://lore.kernel.org/r/20230509142235.3284028-5-kristina.martsenko@arm.com
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
17 months agoKVM: arm64: switch HCRX_EL2 between host and guest
Kristina Martsenko [Tue, 9 May 2023 14:22:27 +0000 (15:22 +0100)]
KVM: arm64: switch HCRX_EL2 between host and guest

Switch the HCRX_EL2 register between host and guest configurations, in
order to enable different features in the host and guest.

Now that there are separate guest flags, we can also remove SMPME from
the host flags, as SMPME is used for virtualizing SME priorities and has
no use in the host.

Signed-off-by: Kristina Martsenko <kristina.martsenko@arm.com>
Acked-by: Marc Zyngier <maz@kernel.org>
Acked-by: Oliver Upton <oliver.upton@linux.dev>
Link: https://lore.kernel.org/r/20230509142235.3284028-4-kristina.martsenko@arm.com
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
17 months agoarm64: cpufeature: detect FEAT_HCX
Kristina Martsenko [Tue, 9 May 2023 14:22:26 +0000 (15:22 +0100)]
arm64: cpufeature: detect FEAT_HCX

Detect if the system has the new HCRX_EL2 register added in ARMv8.7/9.2,
so that subsequent patches can check for its presence.

KVM currently relies on the register being present on all CPUs (or
none), so the kernel will panic if that is not the case. Fortunately no
such systems currently exist, but this can be revisited if they appear.
Note that the kernel will not panic if CONFIG_KVM is disabled.

Reviewed-by: Catalin Marinas <catalin.marinas@arm.com>
Signed-off-by: Kristina Martsenko <kristina.martsenko@arm.com>
Link: https://lore.kernel.org/r/20230509142235.3284028-3-kristina.martsenko@arm.com
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
17 months agoKVM: arm64: initialize HCRX_EL2
Kristina Martsenko [Tue, 9 May 2023 14:22:25 +0000 (15:22 +0100)]
KVM: arm64: initialize HCRX_EL2

ARMv8.7/9.2 adds a new hypervisor configuration register HCRX_EL2.
Initialize the register to a safe value (all fields 0), to be robust
against firmware that has not initialized it. This is also needed to
ensure that the register is reinitialized after a kexec by a future
kernel.

In addition, move SMPME setup over to the new flags, as it would
otherwise get overridden. It is safe to set the bit even if SME is not
(uniformly) supported, as it will write to a RES0 bit (having no
effect), and SME will be disabled by the cpufeature framework.
(Similar to how e.g. the API bit is handled in HCR_HOST_NVHE_FLAGS.)

Signed-off-by: Kristina Martsenko <kristina.martsenko@arm.com>
Acked-by: Marc Zyngier <maz@kernel.org>
Acked-by: Oliver Upton <oliver.upton@linux.dev>
Link: https://lore.kernel.org/r/20230509142235.3284028-2-kristina.martsenko@arm.com
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
17 months agoLinux 6.4-rc3
Linus Torvalds [Sun, 21 May 2023 21:05:48 +0000 (14:05 -0700)]
Linux 6.4-rc3

17 months agoMerge tag 'uml-for-linus-6.4-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git...
Linus Torvalds [Sun, 21 May 2023 21:03:22 +0000 (14:03 -0700)]
Merge tag 'uml-for-linus-6.4-rc3' of git://git./linux/kernel/git/uml/linux

Pull UML fix from Richard Weinberger:

 - Fix modular build for UML watchdog

* tag 'uml-for-linus-6.4-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/uml/linux:
  um: harddog: fix modular build

17 months agoMerge tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm
Linus Torvalds [Sun, 21 May 2023 20:58:37 +0000 (13:58 -0700)]
Merge tag 'for-linus' of git://git./virt/kvm/kvm

Pull kvm fixes from Paolo Bonzini:
 "ARM:

   - Plug a race in the stage-2 mapping code where the IPA and the PA
     would end up being out of sync

   - Make better use of the bitmap API (bitmap_zero, bitmap_zalloc...)

   - FP/SVE/SME documentation update, in the hope that this field
     becomes clearer...

   - Add workaround for Apple SEIS brokenness to a new SoC

   - Random comment fixes

  x86:

   - add MSR_IA32_TSX_CTRL into msrs_to_save

   - fixes for XCR0 handling in SGX enclaves

  Generic:

   - Fix vcpu_array[0] races

   - Fix race between starting a VM and 'reboot -f'"

* tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm:
  KVM: VMX: add MSR_IA32_TSX_CTRL into msrs_to_save
  KVM: x86: Don't adjust guest's CPUID.0x12.1 (allowed SGX enclave XFRM)
  KVM: VMX: Don't rely _only_ on CPUID to enforce XCR0 restrictions for ECREATE
  KVM: Fix vcpu_array[0] races
  KVM: VMX: Fix header file dependency of asm/vmx.h
  KVM: Don't enable hardware after a restart/shutdown is initiated
  KVM: Use syscore_ops instead of reboot_notifier to hook restart/shutdown
  KVM: arm64: vgic: Add Apple M2 PRO/MAX cpus to the list of broken SEIS implementations
  KVM: arm64: Clarify host SME state management
  KVM: arm64: Restructure check for SVE support in FP trap handler
  KVM: arm64: Document check for TIF_FOREIGN_FPSTATE
  KVM: arm64: Fix repeated words in comments
  KVM: arm64: Constify start/end/phys fields of the pgtable walker data
  KVM: arm64: Infer PA offset from VA in hyp map walker
  KVM: arm64: Infer the PA offset from IPA in stage-2 map walker
  KVM: arm64: Use the bitmap API to allocate bitmaps
  KVM: arm64: Slightly optimize flush_context()

17 months agoMerge tag 'perf-tools-fixes-for-v6.4-1-2023-05-20' of git://git.kernel.org/pub/scm...
Linus Torvalds [Sun, 21 May 2023 20:24:59 +0000 (13:24 -0700)]
Merge tag 'perf-tools-fixes-for-v6.4-1-2023-05-20' of git://git./linux/kernel/git/acme/linux

Pull perf tools fixes from Arnaldo Carvalho de Melo:

 - Fail graciously if BUILD_BPF_SKEL=1 is specified and clang isn't
   available

 - Add empty 'struct rq' to 'perf lock contention' to satisfy libbpf
   'runqueue' type verification. This feature is built only with
   BUILD_BPF_SKEL=1

 - Make vmlinux.h use bpf.h and perf_event.h in source directory, not
   system ones that may be old and not have things like 'union
   perf_sample_weight'

 - Add system include paths to BPF builds to pick things missing in the
   headers included by clang -target bpf

 - Update various header copies with the kernel sources

 - Change divide by zero and not supported events behavior to show
   'nan'/'not counted' in 'perf stat' output.

   This happens when using things like 'perf stat -M TopdownL2 true',
   involving JSON metrics

 - Update no event/metric expectations affected by using JSON metrics in
   'perf stat -ddd' perf test

 - Avoid segv with 'perf stat --topdown' for metrics without a group

 - Do not assume which events may have a PMU name, allowing the logic to
   keep an AUX event group together. Makes this usecase work again:

     $ perf record --no-bpf-event -c 10 -e '{intel_pt//,tlb_flush.stlb_any/aux-sample-size=8192/pp}:u' -- sleep 0.1
     [ perf record: Woken up 1 times to write data ]
     [ perf record: Captured and wrote 0.078 MB perf.data ]
     $ perf script -F-dso,+addr | grep -C5 tlb_flush.stlb_any | head -11
     sleep 20444 [003]  7939.510243:  1  branches:uH:  7f5350cc82a2 dl_main+0x9a2 => 7f5350cb38f0 _dl_add_to_namespace_list+0x0
     sleep 20444 [003]  7939.510243:  1  branches:uH:  7f5350cb3908 _dl_add_to_namespace_list+0x18 => 7f5350cbb080 rtld_mutex_dummy+0x0
     sleep 20444 [003]  7939.510243:  1  branches:uH:  7f5350cc8350 dl_main+0xa50 => 0 [unknown]
     sleep 20444 [003]  7939.510244:  1  branches:uH:  7f5350cc83ca dl_main+0xaca => 7f5350caeb60 _dl_process_pt_gnu_property+0x0
     sleep 20444 [003]  7939.510245:  1  branches:uH:  7f5350caeb60 _dl_process_pt_gnu_property+0x0 => 0 [unknown]
     sleep 20444  7939.510245:       10 tlb_flush.stlb_any/aux-sample-size=8192/pp: 0 7f5350caeb60 _dl_process_pt_gnu_property+0x0
     sleep 20444 [003]  7939.510254:  1  branches:uH:  7f5350cc87fe dl_main+0xefe => 7f5350ccd240 strcmp+0x0
     sleep 20444 [003]  7939.510254:  1  branches:uH:  7f5350cc8862 dl_main+0xf62 => 0 [unknown]

 - Add a check for the above use case in 'perf test test_intel_pt'

 - Fix build with refcount checking on arm64, it was still accessing
   fields that need to be wrapped so that the refcounted struct gets
   checked

 - Fix contextid validation in ARM's CS-ETM, so that older kernels
   without that field can still be supported

 - Skip unsupported aggregation for stat events found in perf.data files
   in 'perf script'

 - Add stat test for record and script to check the previous problem

 - Remove needless debuginfod queries from 'perf test java symbol', this
   was just making the test take a long time to complete

 - Address python SafeConfigParser() deprecation warning in 'perf test
   attr'

 - Fix __NR_execve undeclared on i386 'perf bench syscall' build error

* tag 'perf-tools-fixes-for-v6.4-1-2023-05-20' of git://git.kernel.org/pub/scm/linux/kernel/git/acme/linux: (33 commits)
  perf bench syscall: Fix __NR_execve undeclared build error
  perf test attr: Fix python SafeConfigParser() deprecation warning
  perf test attr: Update no event/metric expectations
  tools headers disabled-features: Sync with the kernel sources
  tools headers UAPI: Sync arch prctl headers with the kernel sources
  tools headers: Update the copy of x86's mem{cpy,set}_64.S used in 'perf bench'
  tools headers x86 cpufeatures: Sync with the kernel sources
  tools headers UAPI: Sync s390 syscall table file that wires up the memfd_secret syscall
  tools headers UAPI: Sync linux/prctl.h with the kernel sources
  perf metrics: Avoid segv with --topdown for metrics without a group
  perf lock contention: Add empty 'struct rq' to satisfy libbpf 'runqueue' type verification
  perf cs-etm: Fix contextid validation
  perf arm64: Fix build with refcount checking
  perf test: Add stat test for record and script
  perf script: Skip aggregation for stat events
  perf build: Add system include paths to BPF builds
  perf bpf skels: Make vmlinux.h use bpf.h and perf_event.h in source directory
  perf parse-events: Do not break up AUX event group
  perf test test_intel_pt.sh: Test sample mode with event with PMU name
  perf evsel: Modify group pmu name for software events
  ...

17 months agoMerge tag 'powerpc-6.4-2' of git://git.kernel.org/pub/scm/linux/kernel/git/powerpc...
Linus Torvalds [Sun, 21 May 2023 18:53:52 +0000 (11:53 -0700)]
Merge tag 'powerpc-6.4-2' of git://git./linux/kernel/git/powerpc/linux

Pull powerpc fixes from Michael Ellerman:

 - Fix broken soft dirty tracking when using the Radix MMU (>= P9)

 - Fix ISA mapping when "ranges" property is not present, for PASemi
   Nemo boards

 - Fix a possible WARN_ON_ONCE hitting in BPF extable handling

 - Fix incorrect DMA address handling when using 2MB TCEs

 - Fix a bug in IOMMU table handling for SR-IOV devices

 - Fix the recent rework of IOMMU handling which left arch code calling
   clean up routines that are handled by the IOMMU core

 - A few assorted build fixes

Thanks to Christian Zigotzky, Dan Horák, Gaurav Batra, Hari Bathini,
Jason Gunthorpe, Nathan Chancellor, Naveen N. Rao, Nicholas Piggin, Pali
Rohár, Randy Dunlap, and Rob Herring.

* tag 'powerpc-6.4-2' of git://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux:
  powerpc/iommu: Incorrect DDW Table is referenced for SR-IOV device
  powerpc/iommu: DMA address offset is incorrectly calculated with 2MB TCEs
  powerpc/iommu: Remove iommu_del_device()
  powerpc/crypto: Fix aes-gcm-p10 build when VSX=n
  powerpc/bpf: populate extable entries only during the last pass
  powerpc/boot: Disable power10 features after BOOTAFLAGS assignment
  powerpc/64s/radix: Fix soft dirty tracking
  powerpc/fsl_uli1575: fix kconfig warnings and build errors
  powerpc/isa-bridge: Fix ISA mapping when "ranges" is not present

17 months agoMerge tag 'ata-6.4-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/dlemoal...
Linus Torvalds [Sun, 21 May 2023 18:46:23 +0000 (11:46 -0700)]
Merge tag 'ata-6.4-rc3' of git://git./linux/kernel/git/dlemoal/libata

Pull ata fix from Damien Le Moal:

 - Fix DT binding for the ahci-ceva driver to fully describe all iommus,
   from Michal

* tag 'ata-6.4-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/dlemoal/libata:
  dt-bindings: ata: ahci-ceva: Cover all 4 iommus entries

17 months agoMerge tag 'fbdev-for-6.4-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/deller...
Linus Torvalds [Sun, 21 May 2023 18:13:23 +0000 (11:13 -0700)]
Merge tag 'fbdev-for-6.4-rc3' of git://git./linux/kernel/git/deller/linux-fbdev

Pull fbdev fixes from Helge Deller:
 "A few small unspectacular fbdev fixes:

   - Fix for USB endpoint check in udlfb (found by syzbot fuzzer)

   - Small fix in error code path in omapfb

   - compiler warning fixes in fbmem & i810

   - code removal and whitespace cleanups in stifb and atyfb"

* tag 'fbdev-for-6.4-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/deller/linux-fbdev:
  fbdev: stifb: Whitespace cleanups
  fbdev: udlfb: Use usb_control_msg_send()
  fbdev: udlfb: Fix endpoint check
  fbdev: atyfb: Remove unused clock determination
  fbdev: i810: include i810_main.h in i810_dvt.c
  fbdev: fbmem: mark get_fb_unmapped_area() static
  fbdev: omapfb: panel-tpo-td043mtea1: fix error code in probe()

17 months agoMerge tag '6.4-rc2-ksmbd-server-fixes' of git://git.samba.org/ksmbd
Linus Torvalds [Sun, 21 May 2023 17:55:31 +0000 (10:55 -0700)]
Merge tag '6.4-rc2-ksmbd-server-fixes' of git://git.samba.org/ksmbd

Pull ksmbd server fixes from Steve French:

 - two fixes for incorrect SMB3 message validation (one for client which
   uses 8 byte padding, and one for empty bcc)

 - two fixes for out of bounds bugs: one for username offset checks (in
   session setup) and the other for create context name length checks in
   open requests

* tag '6.4-rc2-ksmbd-server-fixes' of git://git.samba.org/ksmbd:
  ksmbd: smb2: Allow messages padded to 8byte boundary
  ksmbd: allocate one more byte for implied bcc[0]
  ksmbd: fix wrong UserName check in session_user
  ksmbd: fix global-out-of-bounds in smb2_find_context_vals

17 months agoMerge tag '6.4-rc2-smb3-client-fixes' of git://git.samba.org/sfrench/cifs-2.6
Linus Torvalds [Sun, 21 May 2023 17:20:58 +0000 (10:20 -0700)]
Merge tag '6.4-rc2-smb3-client-fixes' of git://git.samba.org/sfrench/cifs-2.6

Pull cifs client fixes from Steve French:
 "Two smb3 client fixes, both related to deferred close, and also for
  stable:

   - send close for deferred handles before not after lease break
     response to avoid possible sharing violations

   - check all opens on an inode (looking for deferred handles) when
     lease break is returned not just the handle the lease break came in
     on"

* tag '6.4-rc2-smb3-client-fixes' of git://git.samba.org/sfrench/cifs-2.6:
  SMB3: drop reference to cfile before sending oplock break
  SMB3: Close all deferred handles of inode in case of handle lease break

17 months agoKVM: VMX: add MSR_IA32_TSX_CTRL into msrs_to_save
Mingwei Zhang [Tue, 9 May 2023 03:23:48 +0000 (03:23 +0000)]
KVM: VMX: add MSR_IA32_TSX_CTRL into msrs_to_save

Add MSR_IA32_TSX_CTRL into msrs_to_save[] to explicitly tell userspace to
save/restore the register value during migration. Missing this may cause
userspace that relies on KVM ioctl(KVM_GET_MSR_INDEX_LIST) fail to port the
value to the target VM.

In addition, there is no need to add MSR_IA32_TSX_CTRL when
ARCH_CAP_TSX_CTRL_MSR is not supported in kvm_get_arch_capabilities(). So
add the checking in kvm_probe_msr_to_save().

Fixes: c11f83e0626b ("KVM: vmx: implement MSR_IA32_TSX_CTRL disable RTM functionality")
Reported-by: Jim Mattson <jmattson@google.com>
Signed-off-by: Mingwei Zhang <mizhang@google.com>
Reviewed-by: Xiaoyao Li <xiaoyao.li@intel.com>
Reviewed-by: Jim Mattson <jmattson@google.com>
Message-Id: <20230509032348.1153070-1-mizhang@google.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
17 months agoKVM: x86: Don't adjust guest's CPUID.0x12.1 (allowed SGX enclave XFRM)
Sean Christopherson [Wed, 3 May 2023 16:08:37 +0000 (09:08 -0700)]
KVM: x86: Don't adjust guest's CPUID.0x12.1 (allowed SGX enclave XFRM)

Drop KVM's manipulation of guest's CPUID.0x12.1 ECX and EDX, i.e. the
allowed XFRM of SGX enclaves, now that KVM explicitly checks the guest's
allowed XCR0 when emulating ECREATE.

Note, this could theoretically break a setup where userspace advertises
a "bad" XFRM and relies on KVM to provide a sane CPUID model, but QEMU
is the only known user of KVM SGX, and QEMU explicitly sets the SGX CPUID
XFRM subleaf based on the guest's XCR0.

Reviewed-by: Kai Huang <kai.huang@intel.com>
Tested-by: Kai Huang <kai.huang@intel.com>
Signed-off-by: Sean Christopherson <seanjc@google.com>
Message-Id: <20230503160838.3412617-3-seanjc@google.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
17 months agoKVM: VMX: Don't rely _only_ on CPUID to enforce XCR0 restrictions for ECREATE
Sean Christopherson [Wed, 3 May 2023 16:08:36 +0000 (09:08 -0700)]
KVM: VMX: Don't rely _only_ on CPUID to enforce XCR0 restrictions for ECREATE

Explicitly check the vCPU's supported XCR0 when determining whether or not
the XFRM for ECREATE is valid.  Checking CPUID works because KVM updates
guest CPUID.0x12.1 to restrict the leaf to a subset of the guest's allowed
XCR0, but that is rather subtle and KVM should not modify guest CPUID
except for modeling true runtime behavior (allowed XFRM is most definitely
not "runtime" behavior).

Reviewed-by: Kai Huang <kai.huang@intel.com>
Tested-by: Kai Huang <kai.huang@intel.com>
Signed-off-by: Sean Christopherson <seanjc@google.com>
Message-Id: <20230503160838.3412617-2-seanjc@google.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
17 months agofbdev: stifb: Whitespace cleanups
Helge Deller [Sat, 20 May 2023 20:43:35 +0000 (22:43 +0200)]
fbdev: stifb: Whitespace cleanups

Missed whitespace cleanups in stifb.

Fixes: 8000425739dc ("fbdev: stifb: Remove trailing whitespaces")
Signed-off-by: Helge Deller <deller@gmx.de>
17 months agofbdev: udlfb: Use usb_control_msg_send()
Helge Deller [Fri, 19 May 2023 21:11:51 +0000 (23:11 +0200)]
fbdev: udlfb: Use usb_control_msg_send()

Use the newly introduced usb_control_msg_send() instead of usb_control_msg()
when selecting the channel.

Reviewed-by: Alan Stern <stern@rowland.harvard.edu>
Signed-off-by: Helge Deller <deller@gmx.de>
17 months agoMerge tag 'tty-6.4-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty
Linus Torvalds [Sat, 20 May 2023 17:33:57 +0000 (10:33 -0700)]
Merge tag 'tty-6.4-rc3' of git://git./linux/kernel/git/gregkh/tty

Pull tty / serial fixes from Greg KH:
 "Here are some small tty and serial driver fixes for 6.4-rc3 to resolve
  some reported problems, and add some new device ids. These include:

   - termios documentation updates

   - vc_screen use-after-free fix

   - memory leak fix in arc_uart driver

   - new 8250 driver ids

   - other small serial driver fixes

  All of these have been in linux-next for a while with no reported
  problems"

* tag 'tty-6.4-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty:
  vc_screen: reload load of struct vc_data pointer in vcs_write() to avoid UAF
  serial: qcom-geni: fix enabling deactivated interrupt
  serial: 8250_bcm7271: fix leak in `brcmuart_probe`
  serial: 8250_bcm7271: balance clk_enable calls
  serial: arc_uart: fix of_iomap leak in `arc_serial_probe`
  serial: 8250: Document termios parameter of serial8250_em485_config()
  serial: Add support for Advantech PCI-1611U card
  serial: 8250_exar: Add support for USR298x PCI Modems

17 months agoMerge tag 'usb-6.4-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb
Linus Torvalds [Sat, 20 May 2023 17:16:38 +0000 (10:16 -0700)]
Merge tag 'usb-6.4-rc3' of git://git./linux/kernel/git/gregkh/usb

Pull USB / Thunderbolt fixes from Greg KH:
 "Here are some USB fixes for 6.4-rc3, as well as a driver core fix that
  resolves a memory leak that shows up in USB devices easier than other
  subsystems.

  Included in here are:

   - driver core memory leak as reported and tested by syzbot and
     developers

   - dwc3 driver fixes for reported problems

   - xhci driver fixes for reported problems

   - USB gadget driver reverts to resolve regressions

   - usbtmc driver fix for syzbot reported problem

   - thunderbolt driver fixes for reported issues

   - other small USB fixes

  All of these, except for the driver core fix, have been in linux-next
  with no reported problems. The driver core fix was tested and verified
  to solve the issue by syzbot and the original reporter"

* tag 'usb-6.4-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb:
  driver core: class: properly reference count class_dev_iter()
  xhci: Fix incorrect tracking of free space on transfer rings
  xhci-pci: Only run d3cold avoidance quirk for s2idle
  usb-storage: fix deadlock when a scsi command timeouts more than once
  usb: dwc3: fix a test for error in dwc3_core_init()
  usb: typec: tps6598x: Fix fault at module removal
  usb: gadget: u_ether: Fix host MAC address case
  usb: typec: altmodes/displayport: fix pin_assignment_show
  Revert "usb: gadget: udc: core: Invoke usb_gadget_connect only when started"
  Revert "usb: gadget: udc: core: Prevent redundant calls to pullup"
  usb: gadget: drop superfluous ':' in doc string
  usb: dwc3: debugfs: Resume dwc3 before accessing registers
  USB: UHCI: adjust zhaoxin UHCI controllers OverCurrent bit value
  usb: dwc3: fix gadget mode suspend interrupt handler issue
  usb: dwc3: gadget: Improve dwc3_gadget_suspend() and dwc3_gadget_resume()
  USB: usbtmc: Fix direction for 0-length ioctl control messages
  thunderbolt: Clear registers properly when auto clear isn't in use

17 months agoMerge tag 'block-6.4-2023-05-20' of git://git.kernel.dk/linux
Linus Torvalds [Sat, 20 May 2023 15:48:04 +0000 (08:48 -0700)]
Merge tag 'block-6.4-2023-05-20' of git://git.kernel.dk/linux

Pull block fixes from Jens Axboe:

 - NVMe pull request via Keith:
     - More device quirks (Sagi, Hristo, Adrian, Daniel)
     - Controller delete race (Maurizo)
     - Multipath cleanup fix (Christoph)

 - Deny writeable mmap mapping on a readonly block device (Loic)

 - Kill unused define that got introduced by accident (Christoph)

 - Error handling fix for s390 dasd (Stefan)

 - ublk locking fix (Ming)

* tag 'block-6.4-2023-05-20' of git://git.kernel.dk/linux:
  block: remove NFL4_UFLG_MASK
  block: Deny writable memory mapping if block is read-only
  s390/dasd: fix command reject error on ESE devices
  nvme-pci: Add quirk for Teamgroup MP33 SSD
  ublk: fix AB-BA lockdep warning
  nvme: do not let the user delete a ctrl before a complete initialization
  nvme-multipath: don't call blk_mark_disk_dead in nvme_mpath_remove_disk
  nvme-pci: clamp max_hw_sectors based on DMA optimized limitation
  nvme-pci: add quirk for missing secondary temperature thresholds
  nvme-pci: add NVME_QUIRK_BOGUS_NID for HS-SSD-FUTURE 2048G

17 months agoblock: remove NFL4_UFLG_MASK
Christoph Hellwig [Sat, 20 May 2023 09:00:10 +0000 (11:00 +0200)]
block: remove NFL4_UFLG_MASK

The NFL4_UFLG_MASK define slipped in in commit 9208d4149758
("block: add a ->get_unique_id method") and should never have been
added, as NFSD as the only user of it already has it's copy.

Signed-off-by: Christoph Hellwig <hch@lst.de>
Link: https://lore.kernel.org/r/20230520090010.527046-1-hch@lst.de
Signed-off-by: Jens Axboe <axboe@kernel.dk>
17 months agofbdev: udlfb: Fix endpoint check
Alan Stern [Fri, 19 May 2023 19:32:30 +0000 (15:32 -0400)]
fbdev: udlfb: Fix endpoint check

The syzbot fuzzer detected a problem in the udlfb driver, caused by an
endpoint not having the expected type:

usb 1-1: Read EDID byte 0 failed: -71
usb 1-1: Unable to get valid EDID from device/display
------------[ cut here ]------------
usb 1-1: BOGUS urb xfer, pipe 3 != type 1
WARNING: CPU: 0 PID: 9 at drivers/usb/core/urb.c:504 usb_submit_urb+0xed6/0x1880
drivers/usb/core/urb.c:504
Modules linked in:
CPU: 0 PID: 9 Comm: kworker/0:1 Not tainted
6.4.0-rc1-syzkaller-00016-ga4422ff22142 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google
04/28/2023
Workqueue: usb_hub_wq hub_event
RIP: 0010:usb_submit_urb+0xed6/0x1880 drivers/usb/core/urb.c:504
...
Call Trace:
 <TASK>
 dlfb_submit_urb+0x92/0x180 drivers/video/fbdev/udlfb.c:1980
 dlfb_set_video_mode+0x21f0/0x2950 drivers/video/fbdev/udlfb.c:315
 dlfb_ops_set_par+0x2a7/0x8d0 drivers/video/fbdev/udlfb.c:1111
 dlfb_usb_probe+0x149a/0x2710 drivers/video/fbdev/udlfb.c:1743

The current approach for this issue failed to catch the problem
because it only checks for the existence of a bulk-OUT endpoint; it
doesn't check whether this endpoint is the one that the driver will
actually use.

We can fix the problem by instead checking that the endpoint used by
the driver does exist and is bulk-OUT.

Reported-and-tested-by: syzbot+0e22d63dcebb802b9bc8@syzkaller.appspotmail.com
Signed-off-by: Alan Stern <stern@rowland.harvard.edu>
CC: Pavel Skripkin <paskripkin@gmail.com>
Fixes: aaf7dbe07385 ("video: fbdev: udlfb: properly check endpoint type")
Signed-off-by: Helge Deller <deller@gmx.de>
17 months agofbdev: atyfb: Remove unused clock determination
Niklas Schnelle [Tue, 16 May 2023 11:00:33 +0000 (13:00 +0200)]
fbdev: atyfb: Remove unused clock determination

Just below the removed lines par->clk_wr_offset is hard coded to 3 so
there is no use in determining a different clock just to then ignore it
anyway. This also removes the only I/O port use remaining in the driver
allowing it to be built without CONFIG_HAS_IOPORT.

Link: https://lore.kernel.org/all/ZBx5aLo5h546BzBt@intel.com/
Suggested-by: Ville Syrjälä <ville.syrjala@linux.intel.com>
Signed-off-by: Niklas Schnelle <schnelle@linux.ibm.com>
Reviewed-by: Ville Syrjälä <ville.syrjala@linux.intel.com>
Signed-off-by: Helge Deller <deller@gmx.de>
17 months agofbdev: i810: include i810_main.h in i810_dvt.c
Arnd Bergmann [Tue, 16 May 2023 20:28:09 +0000 (22:28 +0200)]
fbdev: i810: include i810_main.h in i810_dvt.c

Building with W=1 shows that a header needs to be included to
make the prototypes visible:

drivers/video/fbdev/i810/i810_dvt.c:194:6: error: no previous prototype for 'round_off_xres' [-Werror=missing-prototypes]
drivers/video/fbdev/i810/i810_dvt.c:233:6: error: no previous prototype for 'i810fb_encode_registers' [-Werror=missing-prototypes]
drivers/video/fbdev/i810/i810_dvt.c:245:6: error: no previous prototype for 'i810fb_fill_var_timings' [-Werror=missing-prototypes]
drivers/video/fbdev/i810/i810_dvt.c:279:5: error: no previous prototype for 'i810_get_watermark' [-Werror=missing-prototypes]

Adding the header leads to another warning from a mismatched
prototype, so fix this as well:

drivers/video/fbdev/i810/i810_dvt.c:280:5: error: conflicting types for 'i810_get_watermark'; have 'u32(struct fb_var_screeninfo *,

Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Reviewed-by: Jani Nikula <jani.nikula@intel.com>
Signed-off-by: Helge Deller <deller@gmx.de>
17 months agofbdev: fbmem: mark get_fb_unmapped_area() static
Arnd Bergmann [Tue, 16 May 2023 20:22:48 +0000 (22:22 +0200)]
fbdev: fbmem: mark get_fb_unmapped_area() static

There is a global function with this name on sparc, but no
global declaration:

drivers/video/fbdev/core/fbmem.c:1469:15: error: no previous prototype for 'get_fb_unmapped_area'

Make the generic definition static to avoid this warning. On
sparc, this is never seen.

Edit by Helge:
Update Kconfig text as suggested by Geert Uytterhoeven.

Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Signed-off-by: Helge Deller <deller@gmx.de>
17 months agoblock: Deny writable memory mapping if block is read-only
Loic Poulain [Wed, 10 May 2023 07:42:23 +0000 (09:42 +0200)]
block: Deny writable memory mapping if block is read-only

User should not be able to write block device if it is read-only at
block level (e.g force_ro attribute). This is ensured in the regular
fops write operation (blkdev_write_iter) but not when writing via
user mapping (mmap), allowing user to actually write a read-only
block device via a PROT_WRITE mapping.

Example: This can lead to integrity issue of eMMC boot partition
(e.g mmcblk0boot0) which is read-only by default.

To fix this issue, simply deny shared writable mapping if the block
is readonly.

Note: Block remains writable if switch to read-only is performed
after the initial mapping, but this is expected behavior according
to commit a32e236eb93e ("Partially revert "block: fail op_is_write()
requests to read-only partitions"")'.

Signed-off-by: Loic Poulain <loic.poulain@linaro.org>
Reviewed-by: Christoph Hellwig <hch@lst.de>
Link: https://lore.kernel.org/r/20230510074223.991297-1-loic.poulain@linaro.org
Signed-off-by: Jens Axboe <axboe@kernel.dk>
17 months agoMerge tag 'drm-fixes-2023-05-20' of git://anongit.freedesktop.org/drm/drm
Linus Torvalds [Sat, 20 May 2023 02:11:20 +0000 (19:11 -0700)]
Merge tag 'drm-fixes-2023-05-20' of git://anongit.freedesktop.org/drm/drm

Pull drm fixes from Dave Airlie:
 "Regular fixes pull, amdgpu and msm make up most of these, nothing too
  serious, also one i915 and one exynos.

  I didn't get a misc fixes pull this week (one of the maintainers is
  off, so have to engage the backup) so I think there are a few
  outstanding patches that will show up next week,

  amdgpu:
   - update gfx11 clock counter logic
   - Fix a race when disabling gfxoff on gfx10/11 for profiling
   - Raven/Raven2/PCO clock counter fix
   - Add missing get_vbios_fb_size for GMC 11
   - Fix a spurious irq warning in the device remove case
   - Fix possible power mode mismatch between driver and PMFW
   - USB4 fix

  exynos:
   - fix build warning

  i915:
   - fix missing NULL check in HDCP code

  msm:
   - display:
      - msm8998: fix fetch and qos to align with downstream
      - msm8998: fix LM pairs to align with downstream
      - remove unused INTF0 interrupt mask on some chipsets
      - remove TE2 block from relevant chipsets
      - relocate non-MDP_TOP offset to different header
      - fix some indentation
      - fix register offets/masks for dither blocks
      - make ping-ping block length 0
      - remove duplicated defines
      - fix log mask for writeback block
      - unregister the hdmi codec for dp during unbind
      - fix yaml warnings
   - gpu:
      - fix submit error path leak
      - arm-smmu-qcom fix for regression that broke per-process page
        tables
      - fix no-iommu crash"

* tag 'drm-fixes-2023-05-20' of git://anongit.freedesktop.org/drm/drm: (29 commits)
  drm/amd/display: enable dpia validate
  drm/amd/pm: fix possible power mode mismatch between driver and PMFW
  drm/amdgpu: skip disabling fence driver src_irqs when device is unplugged
  drm/amdgpu/gmc11: implement get_vbios_fb_size()
  drm/amdgpu: Differentiate between Raven2 and Raven/Picasso according to revision id
  drm/amdgpu/gfx11: Adjust gfxoff before powergating on gfx11 as well
  drm/amdgpu/gfx10: Disable gfxoff before disabling powergating.
  drm/amdgpu/gfx11: update gpu_clock_counter logic
  drm/msm: Be more shouty if per-process pgtables aren't working
  iommu/arm-smmu-qcom: Fix missing adreno_smmu's
  drm/i915/hdcp: Check if media_gt exists
  drm/exynos: fix g2d_open/close helper function definitions
  drm/msm: Fix submit error-path leaks
  drm/msm/iommu: Fix null pointer dereference in no-IOMMU case
  dt-bindings: display/msm: dsi-controller-main: Document qcom, master-dsi and qcom, sync-dual-dsi
  drm/msm/dpu: Remove duplicate register defines from INTF
  drm/msm/dpu: Set PINGPONG block length to zero for DPU >= 7.0.0
  drm/msm/dpu: Use V2 DITHER PINGPONG sub-block in SM8[34]50/SC8280XP
  drm/msm/dpu: Fix PP_BLK_DIPHER -> DITHER typo
  drm/msm/dpu: Reindent REV_7xxx interrupt masks with tabs
  ...

17 months agos390/dasd: fix command reject error on ESE devices
Stefan Haberland [Fri, 19 May 2023 10:23:40 +0000 (12:23 +0200)]
s390/dasd: fix command reject error on ESE devices

Formatting a thin-provisioned (ESE) device that is part of a PPRC copy
relation might fail with the following error:

dasd-eckd 0.0.f500: An error occurred in the DASD device driver, reason=09
[...]
24 Byte: 0 MSG 4, no MSGb to SYSOP

During format of an ESE disk the Release Allocated Space command is used.
A bit in the payload of the command is set that is not allowed to be set
for devices in a copy relation. This bit is set to allow the partial
release of an extent.

Check for the existence of a copy relation before setting the respective
bit.

Fixes: 91dc4a197569 ("s390/dasd: Add new ioctl to release space")
Cc: stable@kernel.org # 5.3+
Signed-off-by: Stefan Haberland <sth@linux.ibm.com>
Reviewed-by: Jan Hoeppner <hoeppner@linux.ibm.com>
Link: https://lore.kernel.org/r/20230519102340.3854819-2-sth@linux.ibm.com
Signed-off-by: Jens Axboe <axboe@kernel.dk>
17 months agoMerge tag 'scsi-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi
Linus Torvalds [Fri, 19 May 2023 22:54:01 +0000 (15:54 -0700)]
Merge tag 'scsi-fixes' of git://git./linux/kernel/git/jejb/scsi

Pull SCSI fixes from James Bottomley:
 "Six small fixes.

  Four in drivers and the two core changes should be read together as a
  correction to a prior iorequest_cnt fix that exposed us to a potential
  use after free"

* tag 'scsi-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi:
  scsi: core: Decrease scsi_device's iorequest_cnt if dispatch failed
  scsi: Revert "scsi: core: Do not increase scsi_device's iorequest_cnt if dispatch failed"
  scsi: storvsc: Don't pass unused PFNs to Hyper-V host
  scsi: ufs: core: Fix MCQ nr_hw_queues
  scsi: ufs: core: Rename symbol sizeof_utp_transfer_cmd_desc()
  scsi: ufs: core: Fix MCQ tag calculation

17 months agoMerge tag 'ceph-for-6.4-rc3' of https://github.com/ceph/ceph-client
Linus Torvalds [Fri, 19 May 2023 19:02:12 +0000 (12:02 -0700)]
Merge tag 'ceph-for-6.4-rc3' of https://github.com/ceph/ceph-client

Pull ceph fixes from Ilya Dryomov:
 "A workaround for a just discovered bug in MClientSnap encoding which
  goes back to 2017 (marked for stable) and a fixup to quieten a static
  checker"

* tag 'ceph-for-6.4-rc3' of https://github.com/ceph/ceph-client:
  ceph: force updating the msg pointer in non-split case
  ceph: silence smatch warning in reconnect_caps_cb()

17 months agoMerge tag 'pm-6.4-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm
Linus Torvalds [Fri, 19 May 2023 18:44:08 +0000 (11:44 -0700)]
Merge tag 'pm-6.4-rc3' of git://git./linux/kernel/git/rafael/linux-pm

Pull power management fixes from Rafael Wysocki:
 "These fix two issues in the cpupower utility and get rid of a spurious
  warning message printed to the kernel log by the ACPI cpufreq driver
  after recent changes.

  Specifics:

   - Get rid of a warning message printed by the ACPI cpufreq driver
     after recent changes in it when anohter CPU performance scaling
     driver is registered already when it starts (Petr Pavlu)

   - Make cpupower read TSC on each CPU right before reading MPERF so as
     to reduce the potential time difference between the TSC and MPERF
     accesses and improve the C0 percentage calculation (Wyes Karny)

   - Fix a possible file handle leak and clean up the code in the
     sysfs_get_enabled() function in cpupower (Hao Zeng)"

* tag 'pm-6.4-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm:
  cpufreq: ACPI: Prevent a warning when another frequency driver is loaded
  cpupower: Make TSC read per CPU for Mperf monitor
  cpupower:Fix resource leaks in sysfs_get_enabled()

17 months agoMerge tag 'acpi-6.4-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael...
Linus Torvalds [Fri, 19 May 2023 18:38:41 +0000 (11:38 -0700)]
Merge tag 'acpi-6.4-rc3' of git://git./linux/kernel/git/rafael/linux-pm

Pull ACPI fix from Rafael Wysocki:
 "Add an ACPI IRQ override quirk for LG UltraPC 17U70P so as to make the
  internal keyboard work on that machine (Rubén Gómez)"

* tag 'acpi-6.4-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm:
  ACPI: resource: Add IRQ override quirk for LG UltraPC 17U70P

17 months agoMerge tag 'docs-6.4-fixes' of git://git.lwn.net/linux
Linus Torvalds [Fri, 19 May 2023 18:25:17 +0000 (11:25 -0700)]
Merge tag 'docs-6.4-fixes' of git://git.lwn.net/linux

Pull documentation fixes from Jonathan Corbet:
 "Four straightforward documentation fixes"

* tag 'docs-6.4-fixes' of git://git.lwn.net/linux:
  Documentation/filesystems: ramfs-rootfs-initramfs: use :Author:
  Documentation/filesystems: sharedsubtree: add section headings
  docs: quickly-build-trimmed-linux: various small fixes and improvements
  Documentation: use capitalization for chapters and acronyms

17 months agoMerge tag 's390-6.4-2' of git://git.kernel.org/pub/scm/linux/kernel/git/s390/linux
Linus Torvalds [Fri, 19 May 2023 18:11:04 +0000 (11:11 -0700)]
Merge tag 's390-6.4-2' of git://git./linux/kernel/git/s390/linux

Pull s390 fixes from Alexander Gordeev:

 - Add check whether the required facilities are installed before using
   the s390-specific ChaCha20 implementation

 - Key blobs for s390 protected key interface IOCTLs commands
   PKEY_VERIFYKEY2 and PKEY_VERIFYKEY3 may contain clear key material.
   Zeroize copies of these keys in kernel memory after creating
   protected keys

 - Set CONFIG_INIT_STACK_NONE=y in defconfigs to avoid extra overhead of
   initializing all stack variables by default

 - Make sure that when a new channel-path is enabled all subchannels are
   evaluated: with and without any devices connected on it

 - When SMT thread CPUs are added to CPU topology masks the nr_cpu_ids
   limit is not checked and could be exceeded. Respect the nr_cpu_ids
   limit and avoid a warning when CONFIG_DEBUG_PER_CPU_MAPS is set

 - The pointer to IPL Parameter Information Block is stored in the
   absolute lowcore as a virtual address. Save it as the physical
   address for later use by dump tools

 - Fix a Queued Direct I/O (QDIO) problem on z/VM guests using QIOASSIST
   with dedicated (pass through) QDIO-based devices such as FCP, real
   OSA or HiperSockets

 - s390's struct statfs and struct statfs64 contain padding, which
   field-by-field copying does not set. Initialize the respective
   structures with zeros before filling them and copying to userspace

 - Grow s390 compat_statfs64, statfs and statfs64 structures f_spare
   array member to cover padding and simplify things

 - Remove obsolete SCHED_BOOK and SCHED_DRAWER configs

 - Remove unneeded S390_CCW_IOMMU and S390_AP_IOM configs

* tag 's390-6.4-2' of git://git.kernel.org/pub/scm/linux/kernel/git/s390/linux:
  s390/iommu: get rid of S390_CCW_IOMMU and S390_AP_IOMMU
  s390/Kconfig: remove obsolete configs SCHED_{BOOK,DRAWER}
  s390/uapi: cover statfs padding by growing f_spare
  statfs: enforce statfs[64] structure initialization
  s390/qdio: fix do_sqbs() inline assembly constraint
  s390/ipl: fix IPIB virtual vs physical address confusion
  s390/topology: honour nr_cpu_ids when adding CPUs
  s390/cio: include subchannels without devices also for evaluation
  s390/defconfigs: set CONFIG_INIT_STACK_NONE=y
  s390/pkey: zeroize key blobs
  s390/crypto: use vector instructions only if available for ChaCha20

17 months agoMerge tag 'arm64-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux
Linus Torvalds [Fri, 19 May 2023 18:05:42 +0000 (11:05 -0700)]
Merge tag 'arm64-fixes' of git://git./linux/kernel/git/arm64/linux

Pull arm64 fixes from Will Deacon:
 "A mixture of compiler/static checker resolutions and a couple of MTE
  fixes:

   - Avoid erroneously marking untagged pages with PG_mte_tagged

   - Always reset KASAN tags for destination page in copy_page()

   - Mark PMU header functions 'static inline'

   - Fix some sparse warnings due to missing casts"

* tag 'arm64-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux:
  arm64: mte: Do not set PG_mte_tagged if tags were not initialized
  arm64: Also reset KASAN tag if page is not PG_mte_tagged
  arm64: perf: Mark all accessor functions inline
  ARM: perf: Mark all accessor functions inline
  arm64: vdso: Pass (void *) to virt_to_page()
  arm64/mm: mark private VM_FAULT_X defines as vm_fault_t

17 months agoKVM: Fix vcpu_array[0] races
Michal Luczaj [Wed, 10 May 2023 14:04:09 +0000 (16:04 +0200)]
KVM: Fix vcpu_array[0] races

In kvm_vm_ioctl_create_vcpu(), add vcpu to vcpu_array iff it's safe to
access vcpu via kvm_get_vcpu() and kvm_for_each_vcpu(), i.e. when there's
no failure path requiring vcpu removal and destruction. Such order is
important because vcpu_array accessors may end up referencing vcpu at
vcpu_array[0] even before online_vcpus is set to 1.

When online_vcpus=0, any call to kvm_get_vcpu() goes through
array_index_nospec() and ends with an attempt to xa_load(vcpu_array, 0):

int num_vcpus = atomic_read(&kvm->online_vcpus);
i = array_index_nospec(i, num_vcpus);
return xa_load(&kvm->vcpu_array, i);

Similarly, when online_vcpus=0, a kvm_for_each_vcpu() does not iterate over
an "empty" range, but actually [0, ULONG_MAX]:

xa_for_each_range(&kvm->vcpu_array, idx, vcpup, 0, \
  (atomic_read(&kvm->online_vcpus) - 1))

In both cases, such online_vcpus=0 edge case, even if leading to
unnecessary calls to XArray API, should not be an issue; requesting
unpopulated indexes/ranges is handled by xa_load() and xa_for_each_range().

However, this means that when the first vCPU is created and inserted in
vcpu_array *and* before online_vcpus is incremented, code calling
kvm_get_vcpu()/kvm_for_each_vcpu() already has access to that first vCPU.

This should not pose a problem assuming that once a vcpu is stored in
vcpu_array, it will remain there, but that's not the case:
kvm_vm_ioctl_create_vcpu() first inserts to vcpu_array, then requests a
file descriptor. If create_vcpu_fd() fails, newly inserted vcpu is removed
from the vcpu_array, then destroyed:

vcpu->vcpu_idx = atomic_read(&kvm->online_vcpus);
r = xa_insert(&kvm->vcpu_array, vcpu->vcpu_idx, vcpu, GFP_KERNEL_ACCOUNT);
kvm_get_kvm(kvm);
r = create_vcpu_fd(vcpu);
if (r < 0) {
xa_erase(&kvm->vcpu_array, vcpu->vcpu_idx);
kvm_put_kvm_no_destroy(kvm);
goto unlock_vcpu_destroy;
}
atomic_inc(&kvm->online_vcpus);

This results in a possible race condition when a reference to a vcpu is
acquired (via kvm_get_vcpu() or kvm_for_each_vcpu()) moments before said
vcpu is destroyed.

Signed-off-by: Michal Luczaj <mhal@rbox.co>
Message-Id: <20230510140410.1093987-2-mhal@rbox.co>
Cc: stable@vger.kernel.org
Fixes: c5b077549136 ("KVM: Convert the kvm->vcpus array to a xarray", 2021-12-08)
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
17 months agoKVM: VMX: Fix header file dependency of asm/vmx.h
Jacob Xu [Fri, 25 Feb 2022 01:29:59 +0000 (17:29 -0800)]
KVM: VMX: Fix header file dependency of asm/vmx.h

Include a definition of WARN_ON_ONCE() before using it.

Fixes: bb1fcc70d98f ("KVM: nVMX: Allow L1 to use 5-level page walks for nested EPT")
Cc: Sean Christopherson <seanjc@google.com>
Signed-off-by: Jacob Xu <jacobhxu@google.com>
[reworded commit message; changed <asm/bug.h> to <linux/bug.h>]
Signed-off-by: Jim Mattson <jmattson@google.com>
Reviewed-by: Sean Christopherson <seanjc@google.com>
Message-Id: <20220225012959.1554168-1-jmattson@google.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
17 months agoKVM: Don't enable hardware after a restart/shutdown is initiated
Sean Christopherson [Fri, 12 May 2023 23:31:27 +0000 (16:31 -0700)]
KVM: Don't enable hardware after a restart/shutdown is initiated

Reject hardware enabling, i.e. VM creation, if a restart/shutdown has
been initiated to avoid re-enabling hardware between kvm_reboot() and
machine_{halt,power_off,restart}().  The restart case is especially
problematic (for x86) as enabling VMX (or clearing GIF in KVM_RUN on
SVM) blocks INIT, which results in the restart/reboot hanging as BIOS
is unable to wake and rendezvous with APs.

Note, this bug, and the original issue that motivated the addition of
kvm_reboot(), is effectively limited to a forced reboot, e.g. `reboot -f`.
In a "normal" reboot, userspace will gracefully teardown userspace before
triggering the kernel reboot (modulo bugs, errors, etc), i.e. any process
that might do ioctl(KVM_CREATE_VM) is long gone.

Fixes: 8e1c18157d87 ("KVM: VMX: Disable VMX when system shutdown")
Signed-off-by: Sean Christopherson <seanjc@google.com>
Acked-by: Marc Zyngier <maz@kernel.org>
Message-Id: <20230512233127.804012-3-seanjc@google.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
17 months agoKVM: Use syscore_ops instead of reboot_notifier to hook restart/shutdown
Sean Christopherson [Fri, 12 May 2023 23:31:26 +0000 (16:31 -0700)]
KVM: Use syscore_ops instead of reboot_notifier to hook restart/shutdown

Use syscore_ops.shutdown to disable hardware virtualization during a
reboot instead of using the dedicated reboot_notifier so that KVM disables
virtualization _after_ system_state has been updated.  This will allow
fixing a race in KVM's handling of a forced reboot where KVM can end up
enabling hardware virtualization between kernel_restart_prepare() and
machine_restart().

Rename KVM's hook to match the syscore op to avoid any possible confusion
from wiring up a "reboot" helper to a "shutdown" hook (neither "shutdown
nor "reboot" is completely accurate as the hook handles both).

Opportunistically rewrite kvm_shutdown()'s comment to make it less VMX
specific, and to explain why kvm_rebooting exists.

Cc: Marc Zyngier <maz@kernel.org>
Cc: Oliver Upton <oliver.upton@linux.dev>
Cc: James Morse <james.morse@arm.com>
Cc: Suzuki K Poulose <suzuki.poulose@arm.com>
Cc: Zenghui Yu <yuzenghui@huawei.com>
Cc: kvmarm@lists.linux.dev
Cc: Huacai Chen <chenhuacai@kernel.org>
Cc: Aleksandar Markovic <aleksandar.qemu.devel@gmail.com>
Cc: Anup Patel <anup@brainfault.org>
Cc: Atish Patra <atishp@atishpatra.org>
Cc: kvm-riscv@lists.infradead.org
Signed-off-by: Sean Christopherson <seanjc@google.com>
Acked-by: Marc Zyngier <maz@kernel.org>
Message-Id: <20230512233127.804012-2-seanjc@google.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
17 months agoMerge tag 'sound-6.4-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai...
Linus Torvalds [Fri, 19 May 2023 17:55:55 +0000 (10:55 -0700)]
Merge tag 'sound-6.4-rc3' of git://git./linux/kernel/git/tiwai/sound

Pull sound fixes from Takashi Iwai:
 "A collection of small fixes that have been gathered since rc1:

   - Lots of small ASoC SOF Intel fixes

   - A couple of UAF and NULL-dereference fixes

   - Quirks and updates for HD-audio, USB-audio and ASoC AMD

   - A few minor build / sparse warning fixes

   - MAINTAINERS and DT updates"

* tag 'sound-6.4-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound: (38 commits)
  ALSA: hda: Add NVIDIA codec IDs a3 through a7 to patch table
  ALSA: oss: avoid missing-prototype warnings
  ALSA: cs46xx: mark snd_cs46xx_download_image as static
  ALSA: hda: Fix Oops by 9.1 surround channel names
  ASoC: SOF: topology: Fix tuples array allocation
  ASoC: SOF: Separate the tokens for input and output pin index
  MAINTAINERS: Remove self from Cirrus Codec drivers
  ASoC: cs35l56: Prevent unbalanced pm_runtime in dsp_work() on SoundWire
  ASoC: SOF: topology: Fix logic for copying tuples
  ASoC: SOF: pm: save io region state in case of errors in resume
  ASoC: MAINTAINERS: drop Krzysztof Kozlowski from Samsung audio
  ASoC: mediatek: mt8186: Fix use-after-free in driver remove path
  ASoC: SOF: ipc3-topology: Make sure that only one cmd is sent in dai_config
  ASoC: SOF: sof-client-probes: fix pm_runtime imbalance in error handling
  ASoC: SOF: pcm: fix pm_runtime imbalance in error handling
  ASoC: SOF: debug: conditionally bump runtime_pm counter on exceptions
  ASoC: SOF: Intel: hda-mlink: add helper to program SoundWire PCMSyCM registers
  ASoC: SOF: Intel: hda-mlink: initialize instance_offset member
  ASoC: SOF: Intel: hda-mlink: use 'ml_addr' parameter consistently
  ASoC: SOF: Intel: hda-mlink: fix base_ptr computation
  ...

17 months agoperf bench syscall: Fix __NR_execve undeclared build error
Tiezhu Yang [Fri, 19 May 2023 07:17:37 +0000 (15:17 +0800)]
perf bench syscall: Fix __NR_execve undeclared build error

The __NR_execve definition for i386 was deleted by mistake
in the commit ece7f7c0507c ("perf bench syscall: Add fork
syscall benchmark"), add it to fix the build error on i386.

Fixes: ece7f7c0507cc147 ("perf bench syscall: Add fork syscall benchmark")
Reported-by: Linux Kernel Functional Testing <lkft@linaro.org>
Signed-off-by: Tiezhu Yang <yangtiezhu@loongson.cn>
Tested-by: Naresh Kamboju <naresh.kamboju@linaro.org>
Cc: Adrian Hunter <adrian.hunter@intel.com>
Cc: Alexander Shishkin <alexander.shishkin@linux.intel.com>
Cc: Ian Rogers <irogers@google.com>
Cc: Ingo Molnar <mingo@redhat.com>
Cc: Jiri Olsa <jolsa@kernel.org>
Cc: Mark Rutland <mark.rutland@arm.com>
Cc: Namhyung Kim <namhyung@kernel.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Tiezhu Yang <yangtiezhu@loongson.cn>
Cc: loongson-kernel@lists.loongnix.cn
Closes: https://lore.kernel.org/all/CA+G9fYvgBR1iB0CorM8OC4AM_w_tFzyQKHc+rF6qPzJL=TbfDQ@mail.gmail.com/
Link: https://lore.kernel.org/r/1684480657-2375-1-git-send-email-yangtiezhu@loongson.cn
Signed-off-by: Arnaldo Carvalho de Melo <acme@redhat.com>
17 months agoMerge branch 'pm-tools'
Rafael J. Wysocki [Fri, 19 May 2023 14:33:50 +0000 (16:33 +0200)]
Merge branch 'pm-tools'

Merge cpupower utility fixes for 6.4-rc3:

 - Read TSC on each CPU right before reading MPERF so as to reduce the
   potential time difference between the TSC and MPERF accesses and
   improve the C0 percentage calculation (Wyes Karny).

 - Fix a possible file handle leak and clean up the code in
   sysfs_get_enabled() (Hao Zeng).

* pm-tools:
  cpupower: Make TSC read per CPU for Mperf monitor
  cpupower:Fix resource leaks in sysfs_get_enabled()

17 months agoMerge tag 'linux-cpupower-6.4-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git...
Rafael J. Wysocki [Fri, 19 May 2023 14:23:07 +0000 (16:23 +0200)]
Merge tag 'linux-cpupower-6.4-rc3' of git://git./linux/kernel/git/shuah/linux

Pull cpupower utility fixes for 6.4-rc3 from Shuah Khan:

"This cpupower fixes update for Linux 67.4-rc3 consists of:

- a resource leak fix
- fix drift in C0 percentage calculation due to System-wide TSC read.
  To lower this drift read TSC per CPU and also just after mperf read.
  This technique improves C0 percentage calculation in Mperf monitor"

* tag 'linux-cpupower-6.4-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/shuah/linux:
  cpupower: Make TSC read per CPU for Mperf monitor
  cpupower:Fix resource leaks in sysfs_get_enabled()

17 months agofbdev: omapfb: panel-tpo-td043mtea1: fix error code in probe()
Dan Carpenter [Mon, 15 May 2023 10:32:47 +0000 (13:32 +0300)]
fbdev: omapfb: panel-tpo-td043mtea1: fix error code in probe()

This was using the wrong variable, "r", instead of "ddata->vcc_reg", so
it returned success instead of a negative error code.

Fixes: 0d3dbeb8142a ("video: fbdev: omapfb: panel-tpo-td043mtea1: Make use of the helper function dev_err_probe()")
Signed-off-by: Dan Carpenter <dan.carpenter@linaro.org>
Signed-off-by: Helge Deller <deller@gmx.de>
17 months agoperf test attr: Fix python SafeConfigParser() deprecation warning
Ian Rogers [Wed, 17 May 2023 22:57:06 +0000 (15:57 -0700)]
perf test attr: Fix python SafeConfigParser() deprecation warning

Address the warning:
```
tests/attr.py:155: DeprecationWarning: The SafeConfigParser class has
  been renamed to ConfigParser in Python 3.2. This alias will be
  removed in Python 3.12. Use ConfigParser directly instead.
parser = configparser.SafeConfigParser()
```
by removing the word 'Safe'.

Reviewed-by: James Clark <james.clark@arm.com>
Signed-off-by: Ian Rogers <irogers@google.com>
Tested-by: Arnaldo Carvalho de Melo <acme@redhat.com>
Cc: Adrian Hunter <adrian.hunter@intel.com>
Cc: Alexander Shishkin <alexander.shishkin@linux.intel.com>
Cc: Ingo Molnar <mingo@redhat.com>
Cc: Jiri Olsa <jolsa@kernel.org>
Cc: Kan Liang <kan.liang@linux.intel.com>
Cc: Mark Rutland <mark.rutland@arm.com>
Cc: Namhyung Kim <namhyung@kernel.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Thomas Richter <tmricht@linux.ibm.com>
Link: https://lore.kernel.org/r/20230517225707.2682235-2-irogers@google.com
Signed-off-by: Arnaldo Carvalho de Melo <acme@redhat.com>
17 months agoperf test attr: Update no event/metric expectations
Ian Rogers [Wed, 17 May 2023 22:57:05 +0000 (15:57 -0700)]
perf test attr: Update no event/metric expectations

Previously hard coded events/metrics were used, update for the use of
the TopdownL1 json metric group.

Reported-by: Arnaldo Carvalho de Melo <acme@redhat.com>
Fixes: 94b1a603fca78388 ("perf stat: Add TopdownL1 metric as a default if present")
Reviewed-by: James Clark <james.clark@arm.com>
Signed-off-by: Ian Rogers <irogers@google.com>
Tested-by: Arnaldo Carvalho de Melo <acme@redhat.com>
Tested-by: Kan Liang <kan.liang@linux.intel.com>
Cc: Adrian Hunter <adrian.hunter@intel.com>
Cc: Alexander Shishkin <alexander.shishkin@linux.intel.com>
Cc: Ingo Molnar <mingo@redhat.com>
Cc: Jiri Olsa <jolsa@kernel.org>
Cc: Mark Rutland <mark.rutland@arm.com>
Cc: Namhyung Kim <namhyung@kernel.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Thomas Richter <tmricht@linux.ibm.com>
Link: https://lore.kernel.org/r/20230517225707.2682235-1-irogers@google.com
Signed-off-by: Arnaldo Carvalho de Melo <acme@redhat.com>
17 months agodriver core: class: properly reference count class_dev_iter()
Greg Kroah-Hartman [Tue, 16 May 2023 19:20:14 +0000 (21:20 +0200)]
driver core: class: properly reference count class_dev_iter()

When class_dev_iter is initialized, the reference count for the subsys
private structure is incremented, but never decremented, causing a
memory leak over time.  To resolve this, save off a pointer to the
internal structure into the class_dev_iter structure and then when the
iterator is finished, drop the reference count.

Reported-and-tested-by: syzbot+e7afd76ad060fa0d2605@syzkaller.appspotmail.com
Fixes: 7b884b7f24b4 ("driver core: class.c: convert to only use class_to_subsys")
Reported-by: Mirsad Goran Todorovac <mirsad.todorovac@alu.unizg.hr>
Cc: Alan Stern <stern@rowland.harvard.edu>
Acked-by: Rafael J. Wysocki <rafael@kernel.org>
Tested-by: Mirsad Goran Todorovac <mirsad.todorovac@alu.unizg.hr>
Link: https://lore.kernel.org/r/2023051610-stove-condense-9a77@gregkh
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
17 months agoMerge tag 'nvme-6.4-2023-05-18' of git://git.infradead.org/nvme into block-6.4
Jens Axboe [Fri, 19 May 2023 01:46:42 +0000 (19:46 -0600)]
Merge tag 'nvme-6.4-2023-05-18' of git://git.infradead.org/nvme into block-6.4

Pull NVMe fixes from Keith:

"nvme fixes for Linux 6.4

 - More device quirks (Sagi, Hristo, Adrian, Daniel)
 - Controller delete race (Maurizo)
 - Multipath cleanup fix (Christoph)"

* tag 'nvme-6.4-2023-05-18' of git://git.infradead.org/nvme:
  nvme-pci: Add quirk for Teamgroup MP33 SSD
  nvme: do not let the user delete a ctrl before a complete initialization
  nvme-multipath: don't call blk_mark_disk_dead in nvme_mpath_remove_disk
  nvme-pci: clamp max_hw_sectors based on DMA optimized limitation
  nvme-pci: add quirk for missing secondary temperature thresholds
  nvme-pci: add NVME_QUIRK_BOGUS_NID for HS-SSD-FUTURE 2048G

17 months agoMerge tag 'amd-drm-fixes-6.4-2023-05-18' of https://gitlab.freedesktop.org/agd5f...
Dave Airlie [Fri, 19 May 2023 01:26:21 +0000 (11:26 +1000)]
Merge tag 'amd-drm-fixes-6.4-2023-05-18' of https://gitlab.freedesktop.org/agd5f/linux into drm-fixes

amd-drm-fixes-6.4-2023-05-18:

amdgpu:
- update gfx11 clock counter logic
- Fix a race when disabling gfxoff on gfx10/11 for profiling
- Raven/Raven2/PCO clock counter fix
- Add missing get_vbios_fb_size for GMC 11
- Fix a spurious irq warning in the device remove case
- Fix possible power mode mismatch between driver and PMFW
- USB4 fix

Signed-off-by: Dave Airlie <airlied@redhat.com>
From: Alex Deucher <alexdeucher@gmail.com>
Link: https://patchwork.freedesktop.org/patch/msgid/20230518174811.3841-1-alexander.deucher@amd.com
17 months agoMerge tag 'drm-msm-fixes-2023-05-17' of https://gitlab.freedesktop.org/drm/msm into...
Dave Airlie [Fri, 19 May 2023 01:22:22 +0000 (11:22 +1000)]
Merge tag 'drm-msm-fixes-2023-05-17' of https://gitlab.freedesktop.org/drm/msm into drm-fixes

msm-fixes for v6.4-rc3

Display Fixes:

+ Catalog fixes:
 - fix the programmable fetch lines and qos settings of msm8998
   to match what is present downstream
 - fix the LM pairs for msm8998 to match what is present downstream.
   The current settings are not right as LMs with incompatible
   connected blocks are paired
 - remove unused INTF0 interrupt mask from SM6115/QCM2290 as there
   is no INTF0 present on those chipsets. There is only one DSI on
   index 1
 - remove TE2 block from relevant chipsets because this is mainly
   used for ping-pong split feature which is not supported upstream
   and also for the chipsets where we are removing them in this
   change, that block is not present as the tear check has been moved
   to the intf block
 - relocate non-MDP_TOP INTF_INTR offsets from dpu_hwio.h to
   dpu_hw_interrupts.c to match where they belong
 - fix the indentation for REV_7xxx interrupt masks
 - fix the offset and version for dither blocks of SM8[34]50/SC8280XP
   chipsets as it was incorrect
 - make the ping-pong blk length 0 for appropriate chipsets as those
   chipsets only have a dither ping-pong dither block but no other
   functionality in the base ping-pong
 - remove some duplicate register defines from INTF
+ Fix the log mask for the writeback block so that it can be enabled
  correctly via debugfs
+ unregister the hdmi codec for dp during unbind otherwise it leaks
  audio codec devices
+ Yaml change to fix warnings related to 'qcom,master-dsi' and
  'qcom,sync-dual-dsi'

GPU Fixes:

+ fix submit error path leak
+ arm-smmu-qcom fix for regression that broke per-process page tables
+ fix no-iommu crash

Signed-off-by: Dave Airlie <airlied@redhat.com>
From: Rob Clark <robdclark@gmail.com>
Link: https://patchwork.freedesktop.org/patch/msgid/CAF6AEGvHEcJfp=k6qatmb_SvAeyvy3CBpaPfwLqtNthuEzA_7w@mail.gmail.com
17 months agoMerge tag 'drm-intel-fixes-2023-05-17' of git://anongit.freedesktop.org/drm/drm-intel...
Dave Airlie [Fri, 19 May 2023 01:19:15 +0000 (11:19 +1000)]
Merge tag 'drm-intel-fixes-2023-05-17' of git://anongit.freedesktop.org/drm/drm-intel into drm-fixes

Add missing null check for HDCP code.

Signed-off-by: Dave Airlie <airlied@redhat.com>
From: Joonas Lahtinen <joonas.lahtinen@linux.intel.com>
Link: https://patchwork.freedesktop.org/patch/msgid/ZGUgi7kXq+MiLcCA@jlahtine-mobl.ger.corp.intel.com
17 months agonvme-pci: Add quirk for Teamgroup MP33 SSD
Daniel Smith [Wed, 17 May 2023 21:32:32 +0000 (14:32 -0700)]
nvme-pci: Add quirk for Teamgroup MP33 SSD

Add a quirk for Teamgroup MP33 that reports duplicate ids for disk.

Signed-off-by: Daniel Smith <dansmith@ds.gy>
[kch: patch formatting]
Signed-off-by: Chaitanya Kulkarni <kch@nvidia.com>
Tested-by: Daniel Smith <dansmith@ds.gy>
Signed-off-by: Keith Busch <kbusch@kernel.org>
17 months agoMerge tag 'exynos-drm-fixes-for-v6.4-rc3' of git://git.kernel.org/pub/scm/linux/kerne...
Dave Airlie [Fri, 19 May 2023 00:43:54 +0000 (10:43 +1000)]
Merge tag 'exynos-drm-fixes-for-v6.4-rc3' of git://git./linux/kernel/git/daeinki/drm-exynos into drm-fixes

Just one fixup to exynos_drm_g2d module.
- Fix below build warning by marking them as 'static inline'
    drivers/gpu/drm/exynos/exynos_drm_g2d.h:37:5: error: no previous prototype for 'g2d_open'
    drivers/gpu/drm/exynos/exynos_drm_g2d.h:42:5: error: no previous prototype for 'g2d_close'

Signed-off-by: Dave Airlie <airlied@redhat.com>
From: Inki Dae <inki.dae@samsung.com>
Link: https://patchwork.freedesktop.org/patch/msgid/20230515083943.43933-1-inki.dae@samsung.com
17 months agoMerge tag 'mm-hotfixes-stable-2023-05-18-15-52' of git://git.kernel.org/pub/scm/linux...
Linus Torvalds [Fri, 19 May 2023 00:06:04 +0000 (17:06 -0700)]
Merge tag 'mm-hotfixes-stable-2023-05-18-15-52' of git://git./linux/kernel/git/akpm/mm

Pull misc fixes from Andrew Morton:
 "Eight hotfixes. Four are cc:stable, the other four are for post-6.4
  issues, or aren't considered suitable for backporting"

* tag 'mm-hotfixes-stable-2023-05-18-15-52' of git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm:
  MAINTAINERS: Cleanup Arm Display IP maintainers
  MAINTAINERS: repair pattern in DIALOG SEMICONDUCTOR DRIVERS
  nilfs2: fix use-after-free bug of nilfs_root in nilfs_evict_inode()
  mm: fix zswap writeback race condition
  mm: kfence: fix false positives on big endian
  zsmalloc: move LRU update from zs_map_object() to zs_malloc()
  mm: shrinkers: fix race condition on debugfs cleanup
  maple_tree: make maple state reusable after mas_empty_area()

17 months agoMerge tag 'probes-fixes-v6.4-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git...
Linus Torvalds [Thu, 18 May 2023 16:04:45 +0000 (09:04 -0700)]
Merge tag 'probes-fixes-v6.4-rc1' of git://git./linux/kernel/git/trace/linux-trace

Pull probes fixes from Masami Hiramatsu:

 - Initialize 'ret' local variables on fprobe_handler() to fix the
   smatch warning. With this, fprobe function exit handler is not
   working randomly.

 - Fix to use preempt_enable/disable_notrace for rethook handler to
   prevent recursive call of fprobe exit handler (which is based on
   rethook)

 - Fix recursive call issue on fprobe_kprobe_handler()

 - Fix to detect recursive call on fprobe_exit_handler()

 - Fix to make all arch-dependent rethook code notrace (the
   arch-independent code is already notrace)"

* tag 'probes-fixes-v6.4-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/trace/linux-trace:
  rethook, fprobe: do not trace rethook related functions
  fprobe: add recursion detection in fprobe_exit_handler
  fprobe: make fprobe_kprobe_handler recursion free
  rethook: use preempt_{disable, enable}_notrace in rethook_trampoline_handler
  tracing: fprobe: Initialize ret valiable to fix smatch error

17 months agoMerge tag 'net-6.4-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net
Linus Torvalds [Thu, 18 May 2023 15:52:14 +0000 (08:52 -0700)]
Merge tag 'net-6.4-rc3' of git://git./linux/kernel/git/netdev/net

Pull networking fixes from Paolo Abeni:
 "Including fixes from can, xfrm, bluetooth and netfilter.

  Current release - regressions:

   - ipv6: fix RCU splat in ipv6_route_seq_show()

   - wifi: iwlwifi: disable RFI feature

  Previous releases - regressions:

   - tcp: fix possible sk_priority leak in tcp_v4_send_reset()

   - tipc: do not update mtu if msg_max is too small in mtu negotiation

   - netfilter: fix null deref on element insertion

   - devlink: change per-devlink netdev notifier to static one

   - phylink: fix ksettings_set() ethtool call

   - wifi: mac80211: fortify the spinlock against deadlock by interrupt

   - wifi: brcmfmac: check for probe() id argument being NULL

   - eth: ice:
      - fix undersized tx_flags variable
      - fix ice VF reset during iavf initialization

   - eth: hns3: fix sending pfc frames after reset issue

  Previous releases - always broken:

   - xfrm: release all offloaded policy memory

   - nsh: use correct mac_offset to unwind gso skb in nsh_gso_segment()

   - vsock: avoid to close connected socket after the timeout

   - dsa: rzn1-a5psw: enable management frames for CPU port

   - eth: virtio_net: fix error unwinding of XDP initialization

   - eth: tun: fix memory leak for detached NAPI queue.

  Misc:

   - MAINTAINERS: sctp: move Neil to CREDITS"

* tag 'net-6.4-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net: (107 commits)
  MAINTAINERS: skip CCing netdev for Bluetooth patches
  mdio_bus: unhide mdio_bus_init prototype
  bridge: always declare tunnel functions
  atm: hide unused procfs functions
  net: isa: include net/Space.h
  Revert "ARM: dts: stm32: add CAN support on stm32f746"
  netfilter: nft_set_rbtree: fix null deref on element insertion
  netfilter: nf_tables: fix nft_trans type confusion
  netfilter: conntrack: define variables exp_nat_nla_policy and any_addr with CONFIG_NF_NAT
  net: wwan: t7xx: Ensure init is completed before system sleep
  net: selftests: Fix optstring
  net: pcs: xpcs: fix C73 AN not getting enabled
  net: wwan: iosm: fix NULL pointer dereference when removing device
  vlan: fix a potential uninit-value in vlan_dev_hard_start_xmit()
  mailmap: add entries for Nikolay Aleksandrov
  igb: fix bit_shift to be in [1..8] range
  net: dsa: mv88e6xxx: Fix mv88e6393x EPC write command offset
  cassini: Fix a memory leak in the error handling path of cas_init_one()
  tun: Fix memory leak for detached NAPI queue.
  can: kvaser_pciefd: Disable interrupts in probe error path
  ...

17 months agoMerge tag 'media/v6.4-3' of git://git.kernel.org/pub/scm/linux/kernel/git/mchehab...
Linus Torvalds [Thu, 18 May 2023 15:42:23 +0000 (08:42 -0700)]
Merge tag 'media/v6.4-3' of git://git./linux/kernel/git/mchehab/linux-media

Pull media fixes from Mauro Carvalho Chehab:
 "Several fixes for the dvb core and drivers:

   - fix UAF and null pointer de-reference in DVB core

   - fix kernel runtime warning for blocking operation in wait_event*()
     in dvb core

   - fix write size bug in DVB conditional access core

   - fix dvb demux continuity counter debug check logic

   - randconfig build fixes in pvrusb2 and mn88443x

   - fix memory leak in ttusb-dec

   - fix netup_unidvb probe-time error check logic

   - improve error handling in dw2102 if it can't retrieve DVB MAC
     address"

* tag 'media/v6.4-3' of git://git.kernel.org/pub/scm/linux/kernel/git/mchehab/linux-media:
  media: dvb-core: Fix use-after-free due to race condition at dvb_ca_en50221
  media: dvb-core: Fix kernel WARNING for blocking operation in wait_event*()
  media: dvb-core: Fix use-after-free due to race at dvb_register_device()
  media: dvb-core: Fix use-after-free due on race condition at dvb_net
  media: dvb-core: Fix use-after-free on race condition at dvb_frontend
  media: mn88443x: fix !CONFIG_OF error by drop of_match_ptr from ID table
  media: ttusb-dec: fix memory leak in ttusb_dec_exit_dvb()
  media: dvb_ca_en50221: fix a size write bug
  media: netup_unidvb: fix irq init by register it at the end of probe
  media: dvb-usb: dw2102: fix uninit-value in su3000_read_mac_address
  media: dvb-usb: digitv: fix null-ptr-deref in digitv_i2c_xfer()
  media: dvb-usb-v2: rtl28xxu: fix null-ptr-deref in rtl28xxu_i2c_xfer
  media: dvb-usb-v2: ce6230: fix null-ptr-deref in ce6230_i2c_master_xfer()
  media: dvb-usb-v2: ec168: fix null-ptr-deref in ec168_i2c_xfer()
  media: dvb-usb: az6027: fix three null-ptr-deref in az6027_i2c_xfer()
  media: netup_unidvb: fix use-after-free at del_timer()
  media: dvb_demux: fix a bug for the continuity counter
  media: pvrusb2: fix DVB_CORE dependency

17 months agoublk: fix AB-BA lockdep warning
Ming Lei [Wed, 17 May 2023 13:34:08 +0000 (21:34 +0800)]
ublk: fix AB-BA lockdep warning

When handling UBLK_IO_FETCH_REQ, ctx->uring_lock is grabbed first, then
ub->mutex is acquired.

When handling UBLK_CMD_STOP_DEV or UBLK_CMD_DEL_DEV, ub->mutex is
grabbed first, then calling io_uring_cmd_done() for canceling uring
command, in which ctx->uring_lock may be required.

Real deadlock only happens when all the above commands are issued from
same uring context, and in reality different uring contexts are often used
for handing control command and IO command.

Fix the issue by using io_uring_cmd_complete_in_task() to cancel command
in ublk_cancel_dev(ublk_cancel_queue).

Reported-by: Shinichiro Kawasaki <shinichiro.kawasaki@wdc.com>
Closes: https://lore.kernel.org/linux-block/becol2g7sawl4rsjq2dztsbc7mqypfqko6wzsyoyazqydoasml@rcxarzwidrhk
Cc: Ziyang Zhang <ZiyangZhang@linux.alibaba.com>
Signed-off-by: Ming Lei <ming.lei@redhat.com>
Tested-by: Shinichiro Kawasaki <shinichiro.kawasaki@wdc.com>
Link: https://lore.kernel.org/r/20230517133408.210944-1-ming.lei@redhat.com
Signed-off-by: Jens Axboe <axboe@kernel.dk>
17 months agodrm/amd/display: enable dpia validate
Mustapha Ghaddar [Fri, 28 Apr 2023 16:13:21 +0000 (12:13 -0400)]
drm/amd/display: enable dpia validate

Use dpia_validate_usb4_bw() function

Fixes: a8b537605e22 ("drm/amd/display: Add function pointer for validate bw usb4")
Reviewed-by: Roman Li <roman.li@amd.com>
Reviewed-by: Meenakshikumar Somasundaram <meenakshikumar.somasundaram@amd.com>
Acked-by: Aurabindo Pillai <aurabindo.pillai@amd.com>
Signed-off-by: Mustapha Ghaddar <mghaddar@amd.com>
Tested-by: Daniel Wheeler <daniel.wheeler@amd.com>
Signed-off-by: Alex Deucher <alexander.deucher@amd.com>
17 months agodrm/amd/pm: fix possible power mode mismatch between driver and PMFW
Evan Quan [Thu, 11 May 2023 07:41:27 +0000 (15:41 +0800)]
drm/amd/pm: fix possible power mode mismatch between driver and PMFW

PMFW may boots the ASIC with a different power mode from the system's
real one. Notify PMFW explicitly the power mode the system in. This
is needed only when ACDC switch via gpio is not supported.

Signed-off-by: Evan Quan <evan.quan@amd.com>
Reviewed-by: Kenneth Feng <kenneth.feng@amd.com>
Signed-off-by: Alex Deucher <alexander.deucher@amd.com>
Cc: stable@vger.kernel.org
17 months agodrm/amdgpu: skip disabling fence driver src_irqs when device is unplugged
Guchun Chen [Tue, 9 May 2023 08:15:27 +0000 (16:15 +0800)]
drm/amdgpu: skip disabling fence driver src_irqs when device is unplugged

When performing device unbind or halt, we have disabled all irqs at the
very begining like amdgpu_pci_remove or amdgpu_device_halt. So
amdgpu_irq_put for irqs stored in fence driver should not be called
any more, otherwise, below calltrace will arrive.

[  139.114088] WARNING: CPU: 2 PID: 1550 at drivers/gpu/drm/amd/amdgpu/amdgpu_irq.c:616 amdgpu_irq_put+0xf6/0x110 [amdgpu]
[  139.114655] Call Trace:
[  139.114655]  <TASK>
[  139.114657]  amdgpu_fence_driver_hw_fini+0x93/0x130 [amdgpu]
[  139.114836]  amdgpu_device_fini_hw+0xb6/0x350 [amdgpu]
[  139.114955]  amdgpu_driver_unload_kms+0x51/0x70 [amdgpu]
[  139.115075]  amdgpu_pci_remove+0x63/0x160 [amdgpu]
[  139.115193]  ? __pm_runtime_resume+0x64/0x90
[  139.115195]  pci_device_remove+0x3a/0xb0
[  139.115197]  device_remove+0x43/0x70
[  139.115198]  device_release_driver_internal+0xbd/0x140

Signed-off-by: Guchun Chen <guchun.chen@amd.com>
Acked-by: Alex Deucher <alexander.deucher@amd.com>
Signed-off-by: Alex Deucher <alexander.deucher@amd.com>
17 months agodrm/amdgpu/gmc11: implement get_vbios_fb_size()
Alex Deucher [Thu, 11 May 2023 14:40:03 +0000 (10:40 -0400)]
drm/amdgpu/gmc11: implement get_vbios_fb_size()

Implement get_vbios_fb_size() so we can properly reserve
the vbios splash screen to avoid potential artifacts on the
screen during the transition from the pre-OS console to the
OS console.

Acked-by: Sunil Khatri <sunil.khatri@amd.com>
Signed-off-by: Alex Deucher <alexander.deucher@amd.com>
Cc: stable@vger.kernel.org # 6.1.x
17 months agodrm/amdgpu: Differentiate between Raven2 and Raven/Picasso according to revision id
Jesse Zhang [Fri, 12 May 2023 01:29:17 +0000 (09:29 +0800)]
drm/amdgpu: Differentiate between Raven2 and Raven/Picasso according to revision id

Due to the raven2 and raven/picasso maybe have the same GC_HWIP version.
So differentiate them by revision id.

Signed-off-by: shanshengwang <shansheng.wang@amd.com>
Signed-off-by: Jesse Zhang <Jesse.Zhang@amd.com>
Acked-by: Evan Quan <evan.quan@amd.com>
Signed-off-by: Alex Deucher <alexander.deucher@amd.com>
17 months agodrm/amdgpu/gfx11: Adjust gfxoff before powergating on gfx11 as well
Guilherme G. Piccoli [Tue, 9 May 2023 16:49:47 +0000 (18:49 +0200)]
drm/amdgpu/gfx11: Adjust gfxoff before powergating on gfx11 as well

(Bas: speculative change to mirror gfx10/gfx9)

Signed-off-by: Guilherme G. Piccoli <gpiccoli@igalia.com>
Signed-off-by: Bas Nieuwenhuizen <bas@basnieuwenhuizen.nl>
Cc: Alex Deucher <alexander.deucher@amd.com>
Signed-off-by: Alex Deucher <alexander.deucher@amd.com>
Cc: stable@vger.kernel.org # 6.1.x
17 months agodrm/amdgpu/gfx10: Disable gfxoff before disabling powergating.
Bas Nieuwenhuizen [Tue, 9 May 2023 16:49:46 +0000 (18:49 +0200)]
drm/amdgpu/gfx10: Disable gfxoff before disabling powergating.

Otherwise we get a full system lock (looks like a FW mess).

Copied the order from the GFX9 powergating code.

Fixes: 366468ff6c34 ("drm/amdgpu: Allow GfxOff on Vangogh as default")
Link: https://gitlab.freedesktop.org/drm/amd/-/issues/2545
Signed-off-by: Bas Nieuwenhuizen <bas@basnieuwenhuizen.nl>
Tested-by: Guilherme G. Piccoli <gpiccoli@igalia.com>
Cc: Alex Deucher <alexander.deucher@amd.com>
Signed-off-by: Alex Deucher <alexander.deucher@amd.com>
Cc: stable@vger.kernel.org
17 months agoceph: force updating the msg pointer in non-split case
Xiubo Li [Thu, 18 May 2023 01:47:23 +0000 (09:47 +0800)]
ceph: force updating the msg pointer in non-split case

When the MClientSnap reqeust's op is not CEPH_SNAP_OP_SPLIT the
request may still contain a list of 'split_realms', and we need
to skip it anyway. Or it will be parsed as a corrupt snaptrace.

Cc: stable@vger.kernel.org
Link: https://tracker.ceph.com/issues/61200
Reported-by: Frank Schilder <frans@dtu.dk>
Signed-off-by: Xiubo Li <xiubli@redhat.com>
Reviewed-by: Ilya Dryomov <idryomov@gmail.com>
Signed-off-by: Ilya Dryomov <idryomov@gmail.com>
17 months agoceph: silence smatch warning in reconnect_caps_cb()
Xiubo Li [Mon, 8 May 2023 06:45:01 +0000 (14:45 +0800)]
ceph: silence smatch warning in reconnect_caps_cb()

Smatch static checker warning:

  fs/ceph/mds_client.c:3968 reconnect_caps_cb()
  warn: missing error code here? '__get_cap_for_mds()' failed. 'err' = '0'

[ idryomov: Dan says that Smatch considers it intentional only if the
  "ret = 0;" assignment is within 4 or 5 lines of the goto. ]

Reported-by: Dan Carpenter <dan.carpenter@linaro.org>
Signed-off-by: Xiubo Li <xiubli@redhat.com>
Reviewed-by: Ilya Dryomov <idryomov@gmail.com>
Signed-off-by: Ilya Dryomov <idryomov@gmail.com>
17 months agoMerge tag 'linux-can-fixes-for-6.4-20230518' of git://git.kernel.org/pub/scm/linux...
Paolo Abeni [Thu, 18 May 2023 09:06:28 +0000 (11:06 +0200)]
Merge tag 'linux-can-fixes-for-6.4-20230518' of git://git./linux/kernel/git/mkl/linux-can

Marc Kleine-Budde says:

====================
pull-request: can 2023-05-18

this is a pull request of 7 patches for net/master.

The first 6 patches are by Jimmy Assarsson and fix several bugs in the
kvaser_pciefd driver.

The latest patch is from me and reverts a change in stm32f746.dtsi
that causes build errors due to a missing dependent patch.

* tag 'linux-can-fixes-for-6.4-20230518' of git://git.kernel.org/pub/scm/linux/kernel/git/mkl/linux-can:
  Revert "ARM: dts: stm32: add CAN support on stm32f746"
  can: kvaser_pciefd: Disable interrupts in probe error path
  can: kvaser_pciefd: Do not send EFLUSH command on TFD interrupt
  can: kvaser_pciefd: Empty SRB buffer in probe
  can: kvaser_pciefd: Call request_irq() before enabling interrupts
  can: kvaser_pciefd: Clear listen-only bit if not explicitly requested
  can: kvaser_pciefd: Set CAN_STATE_STOPPED in kvaser_pciefd_stop()
====================

Link: https://lore.kernel.org/r/20230518073241.1110453-1-mkl@pengutronix.de
Signed-off-by: Paolo Abeni <pabeni@redhat.com>
18 months agoMerge tag 'nf-23-05-17' of https://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf
Jakub Kicinski [Thu, 18 May 2023 04:43:20 +0000 (21:43 -0700)]
Merge tag 'nf-23-05-17' of https://git./linux/kernel/git/netfilter/nf

Florian Westphal says:

====================
Netfilter fixes for net

1. Silence warning about unused variable when CONFIG_NF_NAT=n, from Tom Rix.
2. nftables: Fix possible out-of-bounds access, from myself.
3. nftables: fix null deref+UAF during element insertion into rbtree,
   also from myself.

* tag 'nf-23-05-17' of https://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf:
  netfilter: nft_set_rbtree: fix null deref on element insertion
  netfilter: nf_tables: fix nft_trans type confusion
  netfilter: conntrack: define variables exp_nat_nla_policy and any_addr with CONFIG_NF_NAT
====================

Link: https://lore.kernel.org/r/20230517123756.7353-1-fw@strlen.de
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
18 months agoMerge tag 'wireless-2023-05-17' of git://git.kernel.org/pub/scm/linux/kernel/git...
Jakub Kicinski [Thu, 18 May 2023 04:36:21 +0000 (21:36 -0700)]
Merge tag 'wireless-2023-05-17' of git://git./linux/kernel/git/wireless/wireless

Kalle Valo says:

====================
wireless fixes for v6.4

A lot of fixes this time, for both the stack and the drivers. The
brcmfmac resume fix has been reported by several people so I would say
it's the most important here. The iwlwifi RFI workaround is also
something which was reported as a regression recently.

* tag 'wireless-2023-05-17' of git://git.kernel.org/pub/scm/linux/kernel/git/wireless/wireless: (31 commits)
  wifi: b43: fix incorrect __packed annotation
  wifi: rtw88: sdio: Always use two consecutive bytes for word operations
  mac80211_hwsim: fix memory leak in hwsim_new_radio_nl
  wifi: iwlwifi: mvm: Add locking to the rate read flow
  wifi: iwlwifi: Don't use valid_links to iterate sta links
  wifi: iwlwifi: mvm: don't trust firmware n_channels
  wifi: iwlwifi: mvm: fix OEM's name in the tas approved list
  wifi: iwlwifi: fix OEM's name in the ppag approved list
  wifi: iwlwifi: mvm: fix initialization of a return value
  wifi: iwlwifi: mvm: fix access to fw_id_to_mac_id
  wifi: iwlwifi: fw: fix DBGI dump
  wifi: iwlwifi: mvm: fix number of concurrent link checks
  wifi: iwlwifi: mvm: fix cancel_delayed_work_sync() deadlock
  wifi: iwlwifi: mvm: don't double-init spinlock
  wifi: iwlwifi: mvm: always free dup_data
  wifi: mac80211: recalc chanctx mindef before assigning
  wifi: mac80211: consider reserved chanctx for mindef
  wifi: mac80211: simplify chanctx allocation
  wifi: mac80211: Abort running color change when stopping the AP
  wifi: mac80211: fix min center freq offset tracing
  ...
====================

Link: https://lore.kernel.org/r/20230517151914.B0AF6C433EF@smtp.kernel.org
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
18 months agoMAINTAINERS: skip CCing netdev for Bluetooth patches
Jakub Kicinski [Wed, 17 May 2023 01:42:53 +0000 (18:42 -0700)]
MAINTAINERS: skip CCing netdev for Bluetooth patches

As requested by Marcel skip netdev for Bluetooth patches.
Bluetooth has its own mailing list and overloading netdev
leads to fewer people reading it.

Link: https://lore.kernel.org/netdev/639C8EA4-1F6E-42BE-8F04-E4A753A6EFFC@holtmann.org/
Reviewed-by: Simon Horman <simon.horman@corigine.com>
Link: https://lore.kernel.org/r/20230517014253.1233333-1-kuba@kernel.org
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
18 months agomdio_bus: unhide mdio_bus_init prototype
Arnd Bergmann [Tue, 16 May 2023 19:45:36 +0000 (21:45 +0200)]
mdio_bus: unhide mdio_bus_init prototype

mdio_bus_init() is either used as a local module_init() entry,
or it gets called in phy_device.c. In the former case, there
is no declaration, which causes a warning:

drivers/net/phy/mdio_bus.c:1371:12: error: no previous prototype for 'mdio_bus_init' [-Werror=missing-prototypes]

Remove the #ifdef around the declaration to avoid the warning..

Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Link: https://lore.kernel.org/r/20230516194625.549249-4-arnd@kernel.org
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
18 months agobridge: always declare tunnel functions
Arnd Bergmann [Tue, 16 May 2023 19:45:35 +0000 (21:45 +0200)]
bridge: always declare tunnel functions

When CONFIG_BRIDGE_VLAN_FILTERING is disabled, two functions are still
defined but have no prototype or caller. This causes a W=1 warning for
the missing prototypes:

net/bridge/br_netlink_tunnel.c:29:6: error: no previous prototype for 'vlan_tunid_inrange' [-Werror=missing-prototypes]
net/bridge/br_netlink_tunnel.c:199:5: error: no previous prototype for 'br_vlan_tunnel_info' [-Werror=missing-prototypes]

The functions are already contitional on CONFIG_BRIDGE_VLAN_FILTERING,
and I coulnd't easily figure out the right set of #ifdefs, so just
move the declarations out of the #ifdef to avoid the warning,
at a small cost in code size over a more elaborate fix.

Fixes: 188c67dd1906 ("net: bridge: vlan options: add support for tunnel id dumping")
Fixes: 569da0822808 ("net: bridge: vlan options: add support for tunnel mapping set/del")
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Acked-by: Nikolay Aleksandrov <razor@blackwall.org>
Link: https://lore.kernel.org/r/20230516194625.549249-3-arnd@kernel.org
Signed-off-by: Jakub Kicinski <kuba@kernel.org>