| Commit message (Collapse) | Author | Age |
|---|
| |
|
|
|
|
|
|
|
| |
. avoid walking the stack when there is no room left in the buffer
. generalize get_perf_callchain() to be called from bpf helper
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Chatur27 <jasonbright2709@gmail.com>
|
| |\
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Changes in 4.4.289
USB: cdc-acm: fix racy tty buffer accesses
USB: cdc-acm: fix break reporting
nfsd4: Handle the NFSv4 READDIR 'dircount' hint being zero
xtensa: call irqchip_init only when CONFIG_USE_OF is selected
phy: mdio: fix memory leak
net_sched: fix NULL deref in fifo_set_limit()
ptp_pch: Load module automatically if ID matches
ARM: imx6: disable the GIC CPU interface before calling stby-poweroff sequence
netlink: annotate data races around nlk->bound
i40e: fix endless loop under rtnl
gup: document and work around "COW can break either way" issue
mm: check VMA flags to avoid invalid PROT_NONE NUMA balancing
HID: apple: Fix logical maximum and usage maximum of Magic Keyboard JIS
netfilter: ip6_tables: zero-initialize fragment offset
mac80211: Drop frames from invalid MAC address in ad-hoc mode
scsi: ses: Fix unsigned comparison with less than zero
scsi: virtio_scsi: Fix spelling mistake "Unsupport" -> "Unsupported"
perf/x86: Reset destroy callback on event init failure
Linux 4.4.289
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I3a65de3023522d2c5370858c3f0e98e86ad6b7ff
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
[ Upstream commit 02d029a41dc986e2d5a77ecca45803857b346829 ]
perf_init_event tries multiple init callbacks and does not reset the
event state between tries. When x86_pmu_event_init runs, it
unconditionally sets the destroy callback to hw_perf_event_destroy. On
the next init attempt after x86_pmu_event_init, in perf_try_init_event,
if the pmu's capabilities includes PERF_PMU_CAP_NO_EXCLUDE, the destroy
callback will be run. However, if the next init didn't set the destroy
callback, hw_perf_event_destroy will be run (since the callback wasn't
reset).
Looking at other pmu init functions, the common pattern is to only set
the destroy callback on a successful init. Resetting the callback on
failure tries to replicate that pattern.
This was discovered after commit f11dd0d80555 ("perf/x86/amd/ibs: Extend
PERF_PMU_CAP_NO_EXCLUDE to IBS Op") when the second (and only second)
run of the perf tool after a reboot results in 0 samples being
generated. The extra run of hw_perf_event_destroy results in
active_events having an extra decrement on each perf run. The second run
has active_events == 0 and every subsequent run has active_events < 0.
When active_events == 0, the NMI handler will early-out and not record
any samples.
Signed-off-by: Anand K Mistry <amistry@google.com>
Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Link: https://lkml.kernel.org/r/20210929170405.1.I078b98ee7727f9ae9d6df8262bad7e325e40faf0@changeid
Signed-off-by: Sasha Levin <sashal@kernel.org>
|
| |\|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Changes in 4.4.269
timerfd: Reject ALARM timerfds without CAP_WAKE_ALARM
net: usb: ax88179_178a: initialize local variables before use
iwlwifi: Fix softirq/hardirq disabling in iwl_pcie_enqueue_hcmd()
ALSA: usb-audio: Add MIDI quirk for Vox ToneLab EX
USB: Add LPM quirk for Lenovo ThinkPad USB-C Dock Gen2 Ethernet
USB: Add reset-resume quirk for WD19's Realtek Hub
platform/x86: thinkpad_acpi: Correct thermal sensor allocation
s390/disassembler: increase ebpf disasm buffer size
ACPI: custom_method: fix potential use-after-free issue
ACPI: custom_method: fix a possible memory leak
ecryptfs: fix kernel panic with null dev_name
mmc: core: Do a power cycle when the CMD11 fails
mmc: core: Set read only for SD cards with permanent write protect bit
fbdev: zero-fill colormap in fbcmap.c
staging: wimax/i2400m: fix byte-order issue
usb: gadget: uvc: add bInterval checking for HS mode
PCI: PM: Do not read power state in pci_enable_device_flags()
x86/build: Propagate $(CLANG_FLAGS) to $(REALMODE_FLAGS)
spi: dln2: Fix reference leak to master
spi: omap-100k: Fix reference leak to master
intel_th: Consistency and off-by-one fix
phy: phy-twl4030-usb: Fix possible use-after-free in twl4030_usb_remove()
btrfs: convert logic BUG_ON()'s in replace_path to ASSERT()'s
scsi: target: pscsi: Fix warning in pscsi_complete_cmd()
media: ite-cir: check for receive overflow
media: media/saa7164: fix saa7164_encoder_register() memory leak bugs
media: gspca/sq905.c: fix uninitialized variable
media: em28xx: fix memory leak
clk: socfpga: arria10: Fix memory leak of socfpga_clk on error return
power: supply: generic-adc-battery: fix possible use-after-free in gab_remove()
power: supply: s3c_adc_battery: fix possible use-after-free in s3c_adc_bat_remove()
media: i2c: adv7511-v4l2: fix possible use-after-free in adv7511_remove()
media: dvb-usb: fix memory leak in dvb_usb_adapter_init
media: gscpa/stv06xx: fix memory leak
drm/msm/mdp5: Configure PP_SYNC_HEIGHT to double the vtotal
drm/amdgpu: fix NULL pointer dereference
scsi: lpfc: Fix crash when a REG_RPI mailbox fails triggering a LOGO response
scsi: libfc: Fix a format specifier
ALSA: emu8000: Fix a use after free in snd_emu8000_create_mixer
ALSA: sb: Fix two use after free in snd_sb_qsound_build
arm64/vdso: Discard .note.gnu.property sections in vDSO
openvswitch: fix stack OOB read while fragmenting IPv4 packets
jffs2: Fix kasan slab-out-of-bounds problem
powerpc/eeh: Fix EEH handling for hugepages in ioremap space.
powerpc: fix EDEADLOCK redefinition error in uapi/asm/errno.h
jffs2: check the validity of dstlen in jffs2_zlib_compress()
ftrace: Handle commands when closing set_ftrace_filter file
ext4: fix check to prevent false positive report of incorrect used inodes
ext4: fix error code in ext4_commit_super
usb: gadget: dummy_hcd: fix gpf in gadget_setup
usb: gadget/function/f_fs string table fix for multiple languages
dm persistent data: packed struct should have an aligned() attribute too
dm space map common: fix division bug in sm_ll_find_free_block()
Bluetooth: verify AMP hci_chan before amp_destroy
hsr: use netdev_err() instead of WARN_ONCE()
net/nfc: fix use-after-free llcp_sock_bind/connect
FDDI: defxx: Bail out gracefully with unassigned PCI resource for CSR
misc: lis3lv02d: Fix false-positive WARN on various HP models
misc: vmw_vmci: explicitly initialize vmci_notify_bm_set_msg struct
misc: vmw_vmci: explicitly initialize vmci_datagram payload
tracing: Use strlcpy() instead of strcpy() in __trace_find_cmdline()
tracing: Treat recording comm for idle task as a success
tracing: Map all PIDs to command lines
tracing: Restructure trace_clock_global() to never block
md: factor out a mddev_find_locked helper from mddev_find
md: md_open returns -EBUSY when entering racing area
ipw2x00: potential buffer overflow in libipw_wx_set_encodeext()
cfg80211: scan: drop entry from hidden_list on overflow
drm/radeon: fix copy of uninitialized variable back to userspace
ALSA: hda/realtek: Re-order ALC882 Acer quirk table entries
ALSA: hda/realtek: Re-order ALC882 Sony quirk table entries
ALSA: hda/realtek: Re-order ALC269 Sony quirk table entries
ALSA: hda/realtek: Remove redundant entry for ALC861 Haier/Uniwill devices
KVM: s390: split kvm_s390_real_to_abs
usb: gadget: pch_udc: Revert d3cb25a12138 completely
memory: gpmc: fix out of bounds read and dereference on gpmc_cs[]
ARM: dts: exynos: correct PMIC interrupt trigger level on SMDK5250
ARM: dts: exynos: correct PMIC interrupt trigger level on Snow
usb: gadget: pch_udc: Replace cpu_to_le32() by lower_32_bits()
usb: gadget: pch_udc: Check if driver is present before calling ->setup()
usb: gadget: pch_udc: Check for DMA mapping error
crypto: qat - don't release uninitialized resources
fotg210-udc: Fix DMA on EP0 for length > max packet size
fotg210-udc: Fix EP0 IN requests bigger than two packets
fotg210-udc: Remove a dubious condition leading to fotg210_done
fotg210-udc: Mask GRP2 interrupts we don't handle
fotg210-udc: Don't DMA more than the buffer can take
fotg210-udc: Complete OUT requests on short packets
mtd: require write permissions for locking and badblock ioctls
crypto: qat - fix error path in adf_isr_resource_alloc()
staging: rtl8192u: Fix potential infinite loop
crypto: qat - Fix a double free in adf_create_ring
usb: gadget: r8a66597: Add missing null check on return from platform_get_resource
USB: cdc-acm: fix unprivileged TIOCCSERIAL
tty: fix return value for unsupported ioctls
ttyprintk: Add TTY hangup callback.
media: vivid: fix assignment of dev->fbuf_out_flags
media: omap4iss: return error code when omap4iss_get() failed
media: m88rs6000t: avoid potential out-of-bounds reads on arrays
pata_arasan_cf: fix IRQ check
pata_ipx4xx_cf: fix IRQ check
sata_mv: add IRQ checks
ata: libahci_platform: fix IRQ check
scsi: fcoe: Fix mismatched fcoe_wwn_from_mac declaration
media: dvb-usb-remote: fix dvb_usb_nec_rc_key_to_event type mismatch
scsi: jazz_esp: Add IRQ check
scsi: sun3x_esp: Add IRQ check
scsi: sni_53c710: Add IRQ check
HSI: core: fix resource leaks in hsi_add_client_from_dt()
x86/events/amd/iommu: Fix sysfs type mismatch
HID: plantronics: Workaround for double volume key presses
net: lapbether: Prevent racing when checking whether the netif is running
powerpc/prom: Mark identical_pvr_fixup as __init
ALSA: core: remove redundant spin_lock pair in snd_card_disconnect
nfc: pn533: prevent potential memory corruption
ALSA: usb-audio: Add error checks for usb_driver_claim_interface() calls
powerpc: iommu: fix build when neither PCI or IBMVIO is set
mac80211: bail out if cipher schemes are invalid
mt7601u: fix always true expression
net: thunderx: Fix unintentional sign extension issue
i2c: cadence: add IRQ check
i2c: jz4780: add IRQ check
i2c: sh7760: add IRQ check
powerpc/pseries: extract host bridge from pci_bus prior to bus removal
i2c: sh7760: fix IRQ error path
mwl8k: Fix a double Free in mwl8k_probe_hw
vsock/vmci: log once the failed queue pair allocation
net: davinci_emac: Fix incorrect masking of tx and rx error channel
ath9k: Fix error check in ath9k_hw_read_revisions() for PCI devices
powerpc/52xx: Fix an invalid ASM expression ('addi' used instead of 'add')
net:nfc:digital: Fix a double free in digital_tg_recv_dep_req
kfifo: fix ternary sign extension bugs
Revert "net/sctp: fix race condition in sctp_destroy_sock"
sctp: delay auto_asconf init until binding the first addr
fs: dlm: fix debugfs dump
tipc: convert dest node's address to network order
net: stmmac: Set FIFO sizes for ipq806x
ALSA: hdsp: don't disable if not enabled
ALSA: hdspm: don't disable if not enabled
ALSA: rme9652: don't disable if not enabled
Bluetooth: Set CONF_NOT_COMPLETE as l2cap_chan default
Bluetooth: initialize skb_queue_head at l2cap_chan_create()
ip6_vti: proper dev_{hold|put} in ndo_[un]init methods
mac80211: clear the beacon's CRC after channel switch
cuse: prevent clone
selftests: Set CC to clang in lib.mk if LLVM is set
kconfig: nconf: stop endless search loops
sctp: Fix out-of-bounds warning in sctp_process_asconf_param()
ASoC: rt286: Generalize support for ALC3263 codec
wl3501_cs: Fix out-of-bounds warnings in wl3501_send_pkt
wl3501_cs: Fix out-of-bounds warnings in wl3501_mgmt_join
powerpc/iommu: Annotate nested lock for lockdep
ASoC: rt286: Make RT286_SET_GPIO_* readable and writable
PCI: Release OF node in pci_scan_device()'s error path
NFS: Deal correctly with attribute generation counter overflow
pNFS/flexfiles: fix incorrect size check in decode_nfs_fh()
NFSv4.2 fix handling of sr_eof in SEEK's reply
sctp: fix a SCTP_MIB_CURRESTAB leak in sctp_sf_do_dupcook_b
drm/radeon: Fix off-by-one power_state index heap overwrite
ksm: fix potential missing rmap_item for stable_node
kernel: kexec_file: fix error return code of kexec_calculate_store_digests()
ARC: entry: fix off-by-one error in syscall number validation
powerpc/64s: Fix crashes when toggling entry flush barrier
squashfs: fix divide error in calculate_skip()
usb: fotg210-hcd: Fix an error message
usb: xhci: Increase timeout for HC halt
usb: dwc2: Fix gadget DMA unmap direction
usb: core: hub: fix race condition about TRSMRCY of resume
KVM: x86: Cancel pvclock_gtod_work on module removal
FDDI: defxx: Make MMIO the configuration default except for EISA
thermal/core/fair share: Lock the thermal zone while looping over instances
dm ioctl: fix out of bounds array access when no devices
kobject_uevent: remove warning in init_uevent_argv()
x86/msr: Fix wr/rdmsr_safe_regs_on_cpu() prototypes
kgdb: fix gcc-11 warning on indentation
usb: sl811-hcd: improve misleading indentation
cxgb4: Fix the -Wmisleading-indentation warning
isdn: capi: fix mismatched prototypes
ACPI / hotplug / PCI: Fix reference count leak in enable_slot()
um: Mark all kernel symbols as local
ALSA: hda: generic: change the DAC ctl name for LO+SPK or LO+HP
sit: proper dev_{hold|put} in ndo_[un]init methods
ip6_tunnel: sit: proper dev_{hold|put} in ndo_[un]init methods
ipv6: remove extra dev_hold() for fallback tunnels
xhci: Do not use GFP_KERNEL in (potentially) atomic context
iio: tsl2583: Fix division by a zero lux_val
Linux 4.4.269
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: Ifc6e8ab285aa71c13faa3c5002c25c5e33110b47
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
[ Upstream commit de5bc7b425d4c27ae5faa00ea7eb6b9780b9a355 ]
dev_attr_show() calls _iommu_event_show() via an indirect call but
_iommu_event_show()'s type does not currently match the type of the
show() member in 'struct device_attribute', resulting in a Control Flow
Integrity violation.
$ cat /sys/devices/amd_iommu_1/events/mem_dte_hit
csource=0x0a
$ dmesg | grep "CFI failure"
[ 3526.735140] CFI failure (target: _iommu_event_show...):
Change _iommu_event_show() and 'struct amd_iommu_event_desc' to
'struct device_attribute' so that there is no more CFI violation.
Fixes: 7be6296fdd75 ("perf/x86/amd: AMD IOMMU Performance Counter PERF uncore PMU implementation")
Signed-off-by: Nathan Chancellor <nathan@kernel.org>
Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Link: https://lkml.kernel.org/r/20210415001112.3024673-1-nathan@kernel.org
Signed-off-by: Sasha Levin <sashal@kernel.org>
|
| |\|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Changes in 4.4.251
kbuild: don't hardcode depmod path
workqueue: Kick a worker based on the actual activation of delayed works
lib/genalloc: fix the overflow when size is too big
depmod: handle the case of /sbin/depmod without /sbin in PATH
atm: idt77252: call pci_disable_device() on error path
ipv4: Ignore ECN bits for fib lookups in fib_compute_spec_dst()
net: hns: fix return value check in __lb_other_process()
net: hdlc_ppp: Fix issues when mod_timer is called while timer is running
CDC-NCM: remove "connected" log message
vhost_net: fix ubuf refcount incorrectly when sendmsg fails
net: sched: prevent invalid Scell_log shift count
virtio_net: Fix recursive call to cpus_read_lock()
ethernet: ucc_geth: fix use-after-free in ucc_geth_remove()
video: hyperv_fb: Fix the mmap() regression for v5.4.y and older
usb: gadget: enable super speed plus
USB: cdc-acm: blacklist another IR Droid device
usb: chipidea: ci_hdrc_imx: add missing put_device() call in usbmisc_get_init_data()
USB: xhci: fix U1/U2 handling for hardware with XHCI_INTEL_HOST quirk set
usb: uas: Add PNY USB Portable SSD to unusual_uas
USB: serial: iuu_phoenix: fix DMA from stack
USB: serial: option: add LongSung M5710 module support
USB: yurex: fix control-URB timeout handling
USB: usblp: fix DMA to stack
ALSA: usb-audio: Fix UBSAN warnings for MIDI jacks
usb: gadget: select CONFIG_CRC32
usb: gadget: f_uac2: reset wMaxPacketSize
usb: gadget: function: printer: Fix a memory leak for interface descriptor
USB: gadget: legacy: fix return error code in acm_ms_bind()
usb: gadget: Fix spinlock lockup on usb_function_deactivate
usb: gadget: configfs: Preserve function ordering after bind failure
USB: serial: keyspan_pda: remove unused variable
x86/mm: Fix leak of pmd ptlock
ALSA: hda/conexant: add a new hda codec CX11970
Revert "device property: Keep secondary firmware node secondary by type"
netfilter: ipset: fix shift-out-of-bounds in htable_bits()
netfilter: xt_RATEEST: reject non-null terminated string from userspace
x86/mtrr: Correct the range check before performing MTRR type lookups
Linux 4.4.251
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: Ic1f58f780b773ada8027b13b863c26e9d3e97e17
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
commit cb7f4a8b1fb426a175d1708f05581939c61329d4 upstream.
In mtrr_type_lookup(), if the input memory address region is not in the
MTRR, over 4GB, and not over the top of memory, a write-back attribute
is returned. These condition checks are for ensuring the input memory
address region is actually mapped to the physical memory.
However, if the end address is just aligned with the top of memory,
the condition check treats the address is over the top of memory, and
write-back attribute is not returned.
And this hits in a real use case with NVDIMM: the nd_pmem module tries
to map NVDIMMs as cacheable memories when NVDIMMs are connected. If a
NVDIMM is the last of the DIMMs, the performance of this NVDIMM becomes
very low since it is aligned with the top of memory and its memory type
is uncached-minus.
Move the input end address change to inclusive up into
mtrr_type_lookup(), before checking for the top of memory in either
mtrr_type_lookup_{variable,fixed}() helpers.
[ bp: Massage commit message. ]
Fixes: 0cc705f56e40 ("x86/mm/mtrr: Clean up mtrr_type_lookup()")
Signed-off-by: Ying-Tsun Huang <ying-tsun.huang@amd.com>
Signed-off-by: Borislav Petkov <bp@suse.de>
Link: https://lkml.kernel.org/r/20201215070721.4349-1-ying-tsun.huang@amd.com
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
| |\|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Changes in 4.4.247
btrfs: tree-checker: Enhance chunk checker to validate chunk profile
btrfs: inode: Verify inode mode to avoid NULL pointer dereference
HID: cypress: Support Varmilo Keyboards' media hotkeys
Input: i8042 - allow insmod to succeed on devices without an i8042 controller
HID: hid-sensor-hub: Fix issue with devices with no report ID
x86/xen: don't unbind uninitialized lock_kicker_irq
proc: don't allow async path resolution of /proc/self components
dmaengine: pl330: _prep_dma_memcpy: Fix wrong burst size
scsi: libiscsi: Fix NOP race condition
scsi: target: iscsi: Fix cmd abort fabric stop race
scsi: ufs: Fix race between shutdown and runtime resume flow
bnxt_en: fix error return code in bnxt_init_board()
video: hyperv_fb: Fix the cache type when mapping the VRAM
bnxt_en: Release PCI regions when DMA mask setup fails during probe.
IB/mthca: fix return value of error branch in mthca_init_cq()
nfc: s3fwrn5: use signed integer for parsing GPIO numbers
efivarfs: revert "fix memory leak in efivarfs_create()"
perf probe: Fix to die_entrypc() returns error correctly
USB: core: Change %pK for __user pointers to %px
x86/speculation: Fix prctl() when spectre_v2_user={seccomp,prctl},ibpb
USB: core: add endpoint-blacklist quirk
USB: core: Fix regression in Hercules audio card
btrfs: fix lockdep splat when reading qgroup config on mount
Linux 4.4.247
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I8e8603322c7bf2a54d2758e3ab7a5424758a6548
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
commit 33fc379df76b4991e5ae312f07bcd6820811971e upstream.
When spectre_v2_user={seccomp,prctl},ibpb is specified on the command
line, IBPB is force-enabled and STIPB is conditionally-enabled (or not
available).
However, since
21998a351512 ("x86/speculation: Avoid force-disabling IBPB based on STIBP and enhanced IBRS.")
the spectre_v2_user_ibpb variable is set to SPECTRE_V2_USER_{PRCTL,SECCOMP}
instead of SPECTRE_V2_USER_STRICT, which is the actual behaviour.
Because the issuing of IBPB relies on the switch_mm_*_ibpb static
branches, the mitigations behave as expected.
Since
1978b3a53a74 ("x86/speculation: Allow IBPB to be conditionally enabled on CPUs with always-on STIBP")
this discrepency caused the misreporting of IB speculation via prctl().
On CPUs with STIBP always-on and spectre_v2_user=seccomp,ibpb,
prctl(PR_GET_SPECULATION_CTRL) would return PR_SPEC_PRCTL |
PR_SPEC_ENABLE instead of PR_SPEC_DISABLE since both IBPB and STIPB are
always on. It also allowed prctl(PR_SET_SPECULATION_CTRL) to set the IB
speculation mode, even though the flag is ignored.
Similarly, for CPUs without SMT, prctl(PR_GET_SPECULATION_CTRL) should
also return PR_SPEC_DISABLE since IBPB is always on and STIBP is not
available.
[ bp: Massage commit message. ]
Fixes: 21998a351512 ("x86/speculation: Avoid force-disabling IBPB based on STIBP and enhanced IBRS.")
Fixes: 1978b3a53a74 ("x86/speculation: Allow IBPB to be conditionally enabled on CPUs with always-on STIBP")
Signed-off-by: Anand K Mistry <amistry@google.com>
Signed-off-by: Borislav Petkov <bp@suse.de>
Cc: <stable@vger.kernel.org>
Link: https://lkml.kernel.org/r/20201110123349.1.Id0cbf996d2151f4c143c90f9028651a5b49a5908@changeid
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
| |\|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Changes in 4.4.246
ah6: fix error return code in ah6_input()
atm: nicstar: Unmap DMA on send error
net: b44: fix error return code in b44_init_one()
net: bridge: add missing counters to ndo_get_stats64 callback
netlabel: fix our progress tracking in netlbl_unlabel_staticlist()
netlabel: fix an uninitialized warning in netlbl_unlabel_staticlist()
net/mlx4_core: Fix init_hca fields offset
net: x25: Increase refcnt of "struct x25_neigh" in x25_rx_call_request
qlcnic: fix error return code in qlcnic_83xx_restart_hw()
sctp: change to hold/put transport for proto_unreach_timer
net: usb: qmi_wwan: Set DTR quirk for MR400
net: Have netpoll bring-up DSA management interface
pinctrl: rockchip: enable gpio pclk for rockchip_gpio_to_irq
arm64: psci: Avoid printing in cpu_psci_cpu_die()
MIPS: Fix BUILD_ROLLBACK_PROLOGUE for microMIPS
Input: adxl34x - clean up a data type in adxl34x_probe()
arm: dts: imx6qdl-udoo: fix rgmii phy-mode for ksz9031 phy
ARM: dts: imx50-evk: Fix the chip select 1 IOMUX
perf lock: Don't free "lock_seq_stat" if read_count isn't zero
can: dev: can_restart(): post buffer from the right context
can: peak_usb: fix potential integer overflow on shift of a int
can: m_can: m_can_handle_state_change(): fix state change
MIPS: Alchemy: Fix memleak in alchemy_clk_setup_cpu
regulator: ti-abb: Fix array out of bound read access on the first transition
libfs: fix error cast of negative value in simple_attr_write()
powerpc/uaccess-flush: fix corenet64_smp_defconfig build
ALSA: ctl: fix error path at adding user-defined element set
ALSA: mixart: Fix mutex deadlock
tty: serial: imx: keep console clocks always on
efivarfs: fix memory leak in efivarfs_create()
ext4: fix bogus warning in ext4_update_dx_flag()
xtensa: disable preemption around cache alias management calls
mac80211: minstrel: remove deferred sampling code
mac80211: minstrel: fix tx status processing corner case
mac80211: allow driver to prevent two stations w/ same address
mac80211: free sta in sta_info_insert_finish() on errors
s390/cpum_sf.c: fix file permission for cpum_sfb_size
x86/microcode/intel: Check patch signature before saving microcode for early loading
Linux 4.4.246
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I61a042e58de9b4af9a8e1880cf9ad829f57af60c
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
loading
commit 1a371e67dc77125736cc56d3a0893f06b75855b6 upstream.
Currently, scan_microcode() leverages microcode_matches() to check
if the microcode matches the CPU by comparing the family and model.
However, the processor stepping and flags of the microcode signature
should also be considered when saving a microcode patch for early
update.
Use find_matching_signature() in scan_microcode() and get rid of the
now-unused microcode_matches() which is a good cleanup in itself.
Complete the verification of the patch being saved for early loading in
save_microcode_patch() directly. This needs to be done there too because
save_mc_for_early() will call save_microcode_patch() too.
The second reason why this needs to be done is because the loader still
tries to support, at least hypothetically, mixed-steppings systems and
thus adds all patches to the cache that belong to the same CPU model
albeit with different steppings.
For example:
microcode: CPU: sig=0x906ec, pf=0x2, rev=0xd6
microcode: mc_saved[0]: sig=0x906e9, pf=0x2a, rev=0xd6, total size=0x19400, date = 2020-04-23
microcode: mc_saved[1]: sig=0x906ea, pf=0x22, rev=0xd6, total size=0x19000, date = 2020-04-27
microcode: mc_saved[2]: sig=0x906eb, pf=0x2, rev=0xd6, total size=0x19400, date = 2020-04-23
microcode: mc_saved[3]: sig=0x906ec, pf=0x22, rev=0xd6, total size=0x19000, date = 2020-04-27
microcode: mc_saved[4]: sig=0x906ed, pf=0x22, rev=0xd6, total size=0x19400, date = 2020-04-23
The patch which is being saved for early loading, however, can only be
the one which fits the CPU this runs on so do the signature verification
before saving.
[ bp: Do signature verification in save_microcode_patch()
and rewrite commit message. ]
Fixes: ec400ddeff20 ("x86/microcode_intel_early.c: Early update ucode on Intel's CPU")
Signed-off-by: Chen Yu <yu.c.chen@intel.com>
Signed-off-by: Borislav Petkov <bp@suse.de>
Cc: stable@vger.kernel.org
Link: https://bugzilla.kernel.org/show_bug.cgi?id=208535
Link: https://lkml.kernel.org/r/20201113015923.13960-1-yu.c.chen@intel.com
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
| |\|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Changes in 4.4.244
ring-buffer: Fix recursion protection transitions between interrupt context
gfs2: Wake up when sd_glock_disposal becomes zero
mm: mempolicy: fix potential pte_unmap_unlock pte error
time: Prevent undefined behaviour in timespec64_to_ns()
btrfs: reschedule when cloning lots of extents
net: xfrm: fix a race condition during allocing spi
perf tools: Add missing swap for ino_generation
ALSA: hda: prevent undefined shift in snd_hdac_ext_bus_get_link()
can: dev: can_get_echo_skb(): prevent call to kfree_skb() in hard IRQ context
can: dev: __can_get_echo_skb(): fix real payload length return value for RTR frames
can: can_create_echo_skb(): fix echo skb generation: always use skb_clone()
can: peak_usb: add range checking in decode operations
can: peak_usb: peak_usb_get_ts_time(): fix timestamp wrapping
Btrfs: fix missing error return if writeback for extent buffer never started
pinctrl: devicetree: Avoid taking direct reference to device name string
i40e: Wrong truncation from u16 to u8
i40e: Fix of memory leak and integer truncation in i40e_virtchnl.c
geneve: add transport ports in route lookup for geneve
ath9k_htc: Use appropriate rs_datalen type
usb: gadget: goku_udc: fix potential crashes in probe
gfs2: Free rd_bits later in gfs2_clear_rgrpd to fix use-after-free
gfs2: check for live vs. read-only file system in gfs2_fitrim
drm/amdgpu: perform srbm soft reset always on SDMA resume
mac80211: fix use of skb payload instead of header
cfg80211: regulatory: Fix inconsistent format argument
iommu/amd: Increase interrupt remapping table limit to 512 entries
xfs: fix a missing unlock on error in xfs_fs_map_blocks
of/address: Fix of_node memory leak in of_dma_is_coherent
cosa: Add missing kfree in error path of cosa_write
perf: Fix get_recursion_context()
ext4: correctly report "not supported" for {usr,grp}jquota when !CONFIG_QUOTA
ext4: unlock xattr_sem properly in ext4_inline_data_truncate()
usb: cdc-acm: Add DISABLE_ECHO for Renesas USB Download mode
mei: protect mei_cl_mtu from null dereference
ocfs2: initialize ip_next_orphan
don't dump the threads that had been already exiting when zapped.
drm/gma500: Fix out-of-bounds access to struct drm_device.vblank[]
pinctrl: amd: use higher precision for 512 RtcClk
pinctrl: amd: fix incorrect way to disable debounce filter
swiotlb: fix "x86: Don't panic if can not alloc buffer for swiotlb"
IPv6: Set SIT tunnel hard_header_len to zero
net/af_iucv: fix null pointer dereference on shutdown
net/x25: Fix null-ptr-deref in x25_connect
net: Update window_clamp if SOCK_RCVBUF is set
random32: make prandom_u32() output unpredictable
x86/speculation: Allow IBPB to be conditionally enabled on CPUs with always-on STIBP
xen/events: avoid removing an event channel while handling it
xen/events: add a proper barrier to 2-level uevent unmasking
xen/events: fix race in evtchn_fifo_unmask()
xen/events: add a new "late EOI" evtchn framework
xen/blkback: use lateeoi irq binding
xen/netback: use lateeoi irq binding
xen/scsiback: use lateeoi irq binding
xen/pciback: use lateeoi irq binding
xen/events: switch user event channels to lateeoi model
xen/events: use a common cpu hotplug hook for event channels
xen/events: defer eoi in case of excessive number of events
xen/events: block rogue events for some time
perf/core: Fix race in the perf_mmap_close() function
Revert "kernel/reboot.c: convert simple_strtoul to kstrtoint"
reboot: fix overflow parsing reboot cpu number
ext4: fix leaking sysfs kobject after failed mount
Convert trailing spaces and periods in path components
Linux 4.4.244
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I70bf4c5ac9248a8ca3383b9b0c4871729606e75e
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
always-on STIBP
commit 1978b3a53a74e3230cd46932b149c6e62e832e9a upstream.
On AMD CPUs which have the feature X86_FEATURE_AMD_STIBP_ALWAYS_ON,
STIBP is set to on and
spectre_v2_user_stibp == SPECTRE_V2_USER_STRICT_PREFERRED
At the same time, IBPB can be set to conditional.
However, this leads to the case where it's impossible to turn on IBPB
for a process because in the PR_SPEC_DISABLE case in ib_prctl_set() the
spectre_v2_user_stibp == SPECTRE_V2_USER_STRICT_PREFERRED
condition leads to a return before the task flag is set. Similarly,
ib_prctl_get() will return PR_SPEC_DISABLE even though IBPB is set to
conditional.
More generally, the following cases are possible:
1. STIBP = conditional && IBPB = on for spectre_v2_user=seccomp,ibpb
2. STIBP = on && IBPB = conditional for AMD CPUs with
X86_FEATURE_AMD_STIBP_ALWAYS_ON
The first case functions correctly today, but only because
spectre_v2_user_ibpb isn't updated to reflect the IBPB mode.
At a high level, this change does one thing. If either STIBP or IBPB
is set to conditional, allow the prctl to change the task flag.
Also, reflect that capability when querying the state. This isn't
perfect since it doesn't take into account if only STIBP or IBPB is
unconditionally on. But it allows the conditional feature to work as
expected, without affecting the unconditional one.
[ bp: Massage commit message and comment; space out statements for
better readability. ]
Fixes: 21998a351512 ("x86/speculation: Avoid force-disabling IBPB based on STIBP and enhanced IBRS.")
Signed-off-by: Anand K Mistry <amistry@google.com>
Signed-off-by: Borislav Petkov <bp@suse.de>
Acked-by: Thomas Gleixner <tglx@linutronix.de>
Acked-by: Tom Lendacky <thomas.lendacky@amd.com>
Link: https://lkml.kernel.org/r/20201105163246.v2.1.Ifd7243cd3e2c2206a893ad0a5b9a4f19549e22c6@changeid
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
| |\|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Changes in 4.4.228
ipv6: fix IPV6_ADDRFORM operation logic
vxlan: Avoid infinite loop when suppressing NS messages with invalid options
scsi: return correct blkprep status code in case scsi_init_io() fails.
net: phy: marvell: Limit 88m1101 autoneg errata to 88E1145 as well.
pwm: fsl-ftm: Use flat regmap cache
igb: improve handling of disconnected adapters
ARM: 8977/1: ptrace: Fix mask for thumb breakpoint hook
sched/fair: Don't NUMA balance for kthreads
ath9k_htc: Silence undersized packet warnings
x86_64: Fix jiffies ODR violation
x86/speculation: Prevent rogue cross-process SSBD shutdown
x86/reboot/quirks: Add MacBook6,1 reboot quirk
efi/efivars: Add missing kobject_put() in sysfs entry creation error path
ALSA: es1688: Add the missed snd_card_free()
ALSA: usb-audio: Fix inconsistent card PM state after resume
ACPI: sysfs: Fix reference count leak in acpi_sysfs_add_hotplug_profile()
ACPI: PM: Avoid using power resources if there are none for D0
cgroup, blkcg: Prepare some symbols for module and !CONFIG_CGROUP usages
nilfs2: fix null pointer dereference at nilfs_segctor_do_construct()
spi: bcm2835aux: Fix controller unregister order
ALSA: pcm: disallow linking stream to itself
x86/speculation: Change misspelled STIPB to STIBP
x86/speculation: Add support for STIBP always-on preferred mode
x86/speculation: Avoid force-disabling IBPB based on STIBP and enhanced IBRS.
x86/speculation: PR_SPEC_FORCE_DISABLE enforcement for indirect branches.
spi: dw: fix possible race condition
spi: dw: Fix controller unregister order
spi: No need to assign dummy value in spi_unregister_controller()
spi: Fix controller unregister order
spi: pxa2xx: Fix controller unregister order
spi: bcm2835: Fix controller unregister order
ovl: initialize error in ovl_copy_xattr
proc: Use new_inode not new_inode_pseudo
video: fbdev: w100fb: Fix a potential double free.
KVM: nSVM: leave ASID aside in copy_vmcb_control_area
KVM: nVMX: Consult only the "basic" exit reason when routing nested exit
KVM: arm64: Make vcpu_cp1x() work on Big Endian hosts
ath9k: Fix use-after-free Read in ath9k_wmi_ctrl_rx
ath9k: Fix use-after-free Write in ath9k_htc_rx_msg
ath9x: Fix stack-out-of-bounds Write in ath9k_hif_usb_rx_cb
ath9k: Fix general protection fault in ath9k_hif_usb_rx_cb
Smack: slab-out-of-bounds in vsscanf
mm/slub: fix a memory leak in sysfs_slab_add()
fat: don't allow to mount if the FAT length == 0
can: kvaser_usb: kvaser_usb_leaf: Fix some info-leaks to USB devices
spi: dw: Zero DMA Tx and Rx configurations on stack
Bluetooth: Add SCO fallback for invalid LMP parameters error
kgdb: Prevent infinite recursive entries to the debugger
spi: dw: Enable interrupts in accordance with DMA xfer mode
clocksource: dw_apb_timer_of: Fix missing clockevent timers
btrfs: do not ignore error from btrfs_next_leaf() when inserting checksums
ARM: 8978/1: mm: make act_mm() respect THREAD_SIZE
net: vmxnet3: fix possible buffer overflow caused by bad DMA value in vmxnet3_get_rss()
staging: android: ion: use vmap instead of vm_map_ram
e1000: Distribute switch variables for initialization
media: dvb: return -EREMOTEIO on i2c transfer failure.
MIPS: Make sparse_init() using top-down allocation
netfilter: nft_nat: return EOPNOTSUPP if type or flags are not supported
lib/mpi: Fix 64-bit MIPS build with Clang
net: lpc-enet: fix error return code in lpc_mii_init()
net: allwinner: Fix use correct return type for ndo_start_xmit()
powerpc/spufs: fix copy_to_user while atomic
mips: cm: Fix an invalid error code of INTVN_*_ERR
kgdb: Fix spurious true from in_dbg_master()
md: don't flush workqueue unconditionally in md_open
mwifiex: Fix memory corruption in dump_station
mips: Add udelay lpj numbers adjustment
x86/mm: Stop printing BRK addresses
m68k: mac: Don't call via_flush_cache() on Mac IIfx
macvlan: Skip loopback packets in RX handler
PCI: Don't disable decoding when mmio_always_on is set
MIPS: Fix IRQ tracing when call handle_fpe() and handle_msa_fpe()
ixgbe: fix signed-integer-overflow warning
spi: dw: Return any value retrieved from the dma_transfer callback
cpuidle: Fix three reference count leaks
ima: Fix ima digest hash table key calculation
ext4: fix EXT_MAX_EXTENT/INDEX to check for zeroed eh_max
Btrfs: fix unreplayable log after snapshot delete + parent dir fsync
btrfs: send: emit file capabilities after chown
btrfs: fix error handling when submitting direct I/O bio
ima: Directly assign the ima_default_policy pointer to ima_rules
PCI: Program MPS for RCiEP devices
e1000e: Relax condition to trigger reset for ME workaround
carl9170: remove P2P_GO support
media: go7007: fix a miss of snd_card_free
b43legacy: Fix case where channel status is corrupted
b43: Fix connection problem with WPA3
b43_legacy: Fix connection problem with WPA3
igb: Report speed and duplex as unknown when device is runtime suspended
power: vexpress: add suppress_bind_attrs to true
pinctrl: samsung: Save/restore eint_mask over suspend for EINT_TYPE GPIOs
sparc32: fix register window handling in genregs32_[gs]et()
kernel/cpu_pm: Fix uninitted local in cpu_pm
ARM: tegra: Correct PL310 Auxiliary Control Register initialization
drivers/macintosh: Fix memleak in windfarm_pm112 driver
kbuild: force to build vmlinux if CONFIG_MODVERSION=y
sunrpc: svcauth_gss_register_pseudoflavor must reject duplicate registrations.
sunrpc: clean up properly in gss_mech_unregister()
w1: omap-hdq: cleanup to add missing newline for some dev_dbg
perf probe: Do not show the skipped events
perf symbols: Fix debuginfo search for Ubuntu
Linux 4.4.228
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: Ice915aaa684101ec7e774ccf43bfb533f84b4740
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
[ Upstream commit 4d8df8cbb9156b0a0ab3f802b80cb5db57acc0bf ]
Currently, it is possible to enable indirect branch speculation even after
it was force-disabled using the PR_SPEC_FORCE_DISABLE option. Moreover, the
PR_GET_SPECULATION_CTRL command gives afterwards an incorrect result
(force-disabled when it is in fact enabled). This also is inconsistent
vs. STIBP and the documention which cleary states that
PR_SPEC_FORCE_DISABLE cannot be undone.
Fix this by actually enforcing force-disabled indirect branch
speculation. PR_SPEC_ENABLE called after PR_SPEC_FORCE_DISABLE now fails
with -EPERM as described in the documentation.
Fixes: 9137bb27e60e ("x86/speculation: Add prctl() control for indirect branch speculation")
Signed-off-by: Anthony Steinhauser <asteinhauser@google.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Cc: stable@vger.kernel.org
Signed-off-by: Sasha Levin <sashal@kernel.org>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
[ Upstream commit 21998a351512eba4ed5969006f0c55882d995ada ]
When STIBP is unavailable or enhanced IBRS is available, Linux
force-disables the IBPB mitigation of Spectre-BTB even when simultaneous
multithreading is disabled. While attempts to enable IBPB using
prctl(PR_SET_SPECULATION_CTRL, PR_SPEC_INDIRECT_BRANCH, ...) fail with
EPERM, the seccomp syscall (or its prctl(PR_SET_SECCOMP, ...) equivalent)
which are used e.g. by Chromium or OpenSSH succeed with no errors but the
application remains silently vulnerable to cross-process Spectre v2 attacks
(classical BTB poisoning). At the same time the SYSFS reporting
(/sys/devices/system/cpu/vulnerabilities/spectre_v2) displays that IBPB is
conditionally enabled when in fact it is unconditionally disabled.
STIBP is useful only when SMT is enabled. When SMT is disabled and STIBP is
unavailable, it makes no sense to force-disable also IBPB, because IBPB
protects against cross-process Spectre-BTB attacks regardless of the SMT
state. At the same time since missing STIBP was only observed on AMD CPUs,
AMD does not recommend using STIBP, but recommends using IBPB, so disabling
IBPB because of missing STIBP goes directly against AMD's advice:
https://developer.amd.com/wp-content/resources/Architecture_Guidelines_Update_Indirect_Branch_Control.pdf
Similarly, enhanced IBRS is designed to protect cross-core BTB poisoning
and BTB-poisoning attacks from user space against kernel (and
BTB-poisoning attacks from guest against hypervisor), it is not designed
to prevent cross-process (or cross-VM) BTB poisoning between processes (or
VMs) running on the same core. Therefore, even with enhanced IBRS it is
necessary to flush the BTB during context-switches, so there is no reason
to force disable IBPB when enhanced IBRS is available.
Enable the prctl control of IBPB even when STIBP is unavailable or enhanced
IBRS is available.
Fixes: 7cc765a67d8e ("x86/speculation: Enable prctl mode for spectre_v2_user")
Signed-off-by: Anthony Steinhauser <asteinhauser@google.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Cc: stable@vger.kernel.org
Signed-off-by: Sasha Levin <sashal@kernel.org>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
[ Upstream commit 20c3a2c33e9fdc82e9e8e8d2a6445b3256d20191 ]
Different AMD processors may have different implementations of STIBP.
When STIBP is conditionally enabled, some implementations would benefit
from having STIBP always on instead of toggling the STIBP bit through MSR
writes. This preference is advertised through a CPUID feature bit.
When conditional STIBP support is requested at boot and the CPU advertises
STIBP always-on mode as preferred, switch to STIBP "on" support. To show
that this transition has occurred, create a new spectre_v2_user_mitigation
value and a new spectre_v2_user_strings message. The new mitigation value
is used in spectre_v2_user_select_mitigation() to print the new mitigation
message as well as to return a new string from stibp_state().
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Cc: Andrea Arcangeli <aarcange@redhat.com>
Cc: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Cc: Jiri Kosina <jkosina@suse.cz>
Cc: Borislav Petkov <bp@alien8.de>
Cc: Tim Chen <tim.c.chen@linux.intel.com>
Cc: David Woodhouse <dwmw@amazon.co.uk>
Link: https://lkml.kernel.org/r/20181213230352.6937.74943.stgit@tlendack-t1.amdoffice.net
Signed-off-by: Sasha Levin <sashal@kernel.org>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
[ Upstream commit aa77bfb354c495fc4361199e63fc5765b9e1e783 ]
STIBP stands for Single Thread Indirect Branch Predictors. The acronym,
however, can be easily mis-spelled as STIPB. It is perhaps due to the
presence of another related term - IBPB (Indirect Branch Predictor
Barrier).
Fix the mis-spelling in the code.
Signed-off-by: Waiman Long <longman@redhat.com>
Signed-off-by: Borislav Petkov <bp@suse.de>
Cc: "H. Peter Anvin" <hpa@zytor.com>
Cc: Andi Kleen <ak@linux.intel.com>
Cc: David Woodhouse <dwmw@amazon.co.uk>
Cc: Ingo Molnar <mingo@redhat.com>
Cc: Jiri Kosina <jkosina@suse.cz>
Cc: Josh Poimboeuf <jpoimboe@redhat.com>
Cc: KarimAllah Ahmed <karahmed@amazon.de>
Cc: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Tim Chen <tim.c.chen@linux.intel.com>
Cc: x86-ml <x86@kernel.org>
Link: https://lkml.kernel.org/r/1544039368-9009-1-git-send-email-longman@redhat.com
Signed-off-by: Sasha Levin <sashal@kernel.org>
|
| |\|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Changes in 4.4.227
scsi: scsi_devinfo: fixup string compare
usb: gadget: f_uac2: fix error handling in afunc_bind (again)
platform/x86: acer-wmi: setup accelerometer when ACPI device was found
esp6: fix memleak on error path in esp6_input
IB/mlx4: Fix an error handling path in 'mlx4_ib_rereg_user_mr()'
ALSA: hda - No loopback on ALC299 codec
spi: dw: use "smp_mb()" to avoid sending spi data error
s390/ftrace: save traced function caller
ARC: Fix ICCM & DCCM runtime size checks
x86/mmiotrace: Use cpumask_available() for cpumask_var_t variables
net: bmac: Fix read of MAC address from ROM
net/ethernet/freescale: rework quiesce/activate for ucc_geth
net: ethernet: stmmac: Enable interface clocks on probe for IPQ806x
pppoe: only process PADT targeted at local interfaces
mmc: fix compilation of user API
slcan: Fix double-free on slcan_open() error path
slip: not call free_netdev before rtnl_unlock in slip_open
scsi: ufs: Release clock if DMA map fails
devinet: fix memleak in inetdev_init()
NFC: st21nfca: add missed kfree_skb() in an error path
vsock: fix timeout in vsock_accept()
l2tp: add sk_family checks to l2tp_validate_socket
l2tp: do not use inet_hash()/inet_unhash()
USB: serial: qcserial: add DW5816e QDL support
USB: serial: usb_wwan: do not resubmit rx urb on fatal errors
USB: serial: option: add Telit LE910C1-EUX compositions
vt: keyboard: avoid signed integer overflow in k_ascii
staging: rtl8712: Fix IEEE80211_ADDBA_PARAM_BUF_SIZE_MASK
x86/cpu: Rename cpu_data.x86_mask to cpu_data.x86_stepping
x86/cpu: Add a steppings field to struct x86_cpu_id
x86/cpu: Add 'table' argument to cpu_matches()
x86/speculation: Add Special Register Buffer Data Sampling (SRBDS) mitigation
x86/speculation: Add SRBDS vulnerability and mitigation documentation
x86/speculation: Add Ivy Bridge to affected list
iio: vcnl4000: Fix i2c swapped word reading.
uprobes: ensure that uprobe->offset and ->ref_ctr_offset are properly aligned
Linux 4.4.227
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: Ib2e396e7c9444adb4cad958e3423afe3c4d5963d
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
commit 7e5b3c267d256822407a22fdce6afdf9cd13f9fb upstream
SRBDS is an MDS-like speculative side channel that can leak bits from the
random number generator (RNG) across cores and threads. New microcode
serializes the processor access during the execution of RDRAND and
RDSEED. This ensures that the shared buffer is overwritten before it is
released for reuse.
While it is present on all affected CPU models, the microcode mitigation
is not needed on models that enumerate ARCH_CAPABILITIES[MDS_NO] in the
cases where TSX is not supported or has been disabled with TSX_CTRL.
The mitigation is activated by default on affected processors and it
increases latency for RDRAND and RDSEED instructions. Among other
effects this will reduce throughput from /dev/urandom.
* Enable administrator to configure the mitigation off when desired using
either mitigations=off or srbds=off.
* Export vulnerability status via sysfs
* Rename file-scoped macros to apply for non-whitelist table initializations.
[ bp: Massage,
- s/VULNBL_INTEL_STEPPING/VULNBL_INTEL_STEPPINGS/g,
- do not read arch cap MSR a second time in tsx_fused_off() - just pass it in,
- flip check in cpu_set_bug_bits() to save an indentation level,
- reflow comments.
jpoimboe: s/Mitigated/Mitigation/ in user-visible strings
tglx: Dropped the fused off magic for now
]
Signed-off-by: Mark Gross <mgross@linux.intel.com>
Signed-off-by: Borislav Petkov <bp@suse.de>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Reviewed-by: Tony Luck <tony.luck@intel.com>
Reviewed-by: Pawan Gupta <pawan.kumar.gupta@linux.intel.com>
Reviewed-by: Josh Poimboeuf <jpoimboe@redhat.com>
Tested-by: Neelima Krishnan <neelima.krishnan@intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
commit 93920f61c2ad7edb01e63323832585796af75fc9 upstream
To make cpu_matches() reusable for other matching tables, have it take a
pointer to a x86_cpu_id table as an argument.
[ bp: Flip arguments order. ]
Signed-off-by: Mark Gross <mgross@linux.intel.com>
Signed-off-by: Borislav Petkov <bp@suse.de>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Reviewed-by: Josh Poimboeuf <jpoimboe@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
commit e9d7144597b10ff13ff2264c059f7d4a7fbc89ac upstream
Intel uses the same family/model for several CPUs. Sometimes the
stepping must be checked to tell them apart.
On x86 there can be at most 16 steppings. Add a steppings bitmask to
x86_cpu_id and a X86_MATCH_VENDOR_FAMILY_MODEL_STEPPING_FEATURE macro
and support for matching against family/model/stepping.
[ bp: Massage.
tglx: Lightweight variant for backporting ]
Signed-off-by: Mark Gross <mgross@linux.intel.com>
Signed-off-by: Borislav Petkov <bp@suse.de>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Reviewed-by: Tony Luck <tony.luck@intel.com>
Reviewed-by: Josh Poimboeuf <jpoimboe@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
commit b399151cb48db30ad1e0e93dd40d68c6d007b637 upstream.
x86_mask is a confusing name which is hard to associate with the
processor's stepping.
Additionally, correct an indent issue in lib/cpu.c.
[ Backport by Mark Gross to simplify the SRBDS backport ]
Signed-off-by: Jia Zhang <qianyue.zj@alibaba-inc.com>
[ Updated it to more recent kernels. ]
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: bp@alien8.de
Cc: tony.luck@intel.com
Link: http://lkml.kernel.org/r/1514771530-70829-1-git-send-email-qianyue.zj@alibaba-inc.com
Signed-off-by: Ingo Molnar <mingo@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
| |\|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Changes in 4.4.223
mwifiex: fix PCIe register information for 8997 chipset
drm/qxl: qxl_release use after free
drm/qxl: qxl_release leak in qxl_draw_dirty_fb()
staging: rtl8192u: Fix crash due to pointers being "confusing"
usb: gadget: f_acm: Fix configfs attr name
usb: gadged: pch_udc: get rid of redundant assignments
usb: gadget: pch_udc: reorder spin_[un]lock to avoid deadlock
usb: gadget: udc: core: don't starve DMA resources
MIPS: Fix macro typo
MIPS: ptrace: Drop cp0_tcstatus from regoffset_table[]
MIPS: BMIPS: Fix PRID_IMP_BMIPS5000 masking for BMIPS5200
MIPS: smp-cps: Stop printing EJTAG exceptions to UART
MIPS: scall: Handle seccomp filters which redirect syscalls
MIPS: BMIPS: BMIPS5000 has I cache filing from D cache
MIPS: BMIPS: Clear MIPS_CACHE_ALIASES earlier
MIPS: BMIPS: local_r4k___flush_cache_all needs to blast S-cache
MIPS: BMIPS: Pretty print BMIPS5200 processor name
MIPS: Fix HTW config on XPA kernel without LPA enabled
MIPS: BMIPS: Adjust mips-hpt-frequency for BCM7435
MIPS: math-emu: Fix BC1{EQ,NE}Z emulation
MIPS: Fix BC1{EQ,NE}Z return offset calculation
MIPS: perf: Fix I6400 event numbers
MIPS: KVM: Fix translation of MFC0 ErrCtl
MIPS: SMP: Update cpu_foreign_map on CPU disable
MIPS: c-r4k: Fix protected_writeback_scache_line for EVA
MIPS: Octeon: Off by one in octeon_irq_gpio_map()
bpf, mips: fix off-by-one in ctx offset allocation
MIPS: RM7000: Double locking bug in rm7k_tc_disable()
MIPS: Define AT_VECTOR_SIZE_ARCH for ARCH_DLINFO
mips/panic: replace smp_send_stop() with kdump friendly version in panic path
ARM: dts: armadillo800eva Correct extal1 frequency to 24 MHz
ARM: imx: select SRC for i.MX7
ARM: dts: kirkwood: gpio pin fixes for linkstation ls-wxl/wsxl
ARM: dts: kirkwood: gpio pin fixes for linkstation ls-wvl/vl
ARM: dts: kirkwood: gpio-leds fixes for linkstation ls-wxl/wsxl
ARM: dts: kirkwood: gpio-leds fixes for linkstation ls-wvl/vl
ARM: dts: orion5x: gpio pin fixes for linkstation lswtgl
ARM: dts: orion5x: fix the missing mtd flash on linkstation lswtgl
ARM: dts: kirkwood: use unique machine name for ds112
ARM: dts: kirkwood: add kirkwood-ds112.dtb to Makefile
ARM: OMAP2+: hwmod: fix _idle() hwmod state sanity check sequence
perf/x86: Fix filter_events() bug with event mappings
x86/LDT: Print the real LDT base address
x86/apic/uv: Silence a shift wrapping warning
ALSA: fm801: explicitly free IRQ line
ALSA: fm801: propagate TUNER_ONLY bit when autodetected
ALSA: fm801: detect FM-only card earlier
netfilter: nfnetlink: use original skbuff when acking batches
xfrm: fix crash in XFRM_MSG_GETSA netlink handler
mwifiex: fix IBSS data path issue.
mwifiex: add missing check for PCIe8997 chipset
iwlwifi: set max firmware version of 7265 to 17
Bluetooth: btmrvl: fix hung task warning dump
dccp: limit sk_filter trim to payload
net/mlx4_core: Do not BUG_ON during reset when PCI is offline
mlxsw: pci: Correctly determine if descriptor queue is full
PCI: Supply CPU physical address (not bus address) to iomem_is_exclusive()
net/mlx4_core: Implement pci_resume callback
alpha/PCI: Call iomem_is_exclusive() for IORESOURCE_MEM, but not IORESOURCE_IO
vfio/pci: Allow VPD short read
brcmfmac: add eth_type_trans back for PCIe full dongle
mlxsw: Treat local port 64 as valid
IB/mlx4: Initialize hop_limit when creating address handle
ovs/gre,geneve: fix error path when creating an iface
GRE: Disable segmentation offloads w/ CSUM and we are encapsulated via FOU
powerpc/pci/of: Parse unassigned resources
firmware: actually return NULL on failed request_firmware_nowait()
c8sectpfe: Rework firmware loading mechanism
net/mlx5: Avoid passing dma address 0 to firmware
IB/mlx5: Fix RC transport send queue overhead computation
net/mlx5: Make command timeout way shorter
IB/mlx5: Fix FW version diaplay in sysfs
net/mlx5e: Fix MLX5E_100BASE_T define
net/mlx5: Fix the size of modify QP mailbox
net/mlx5: Fix masking of reserved bits in XRCD number
net/mlx5e: Fix blue flame quota logic
net/mlx5: use mlx5_buf_alloc_node instead of mlx5_buf_alloc in mlx5_wq_ll_create
net/mlx5: Avoid calling sleeping function by the health poll thread
net/mlx5: Fix wait_vital for VFs and remove fixed sleep
net/mlx5: Fix potential deadlock in command mode change
net/mlx5: Add timeout handle to commands with callback
net/mlx5: Fix pci error recovery flow
net/mlx5e: Copy all L2 headers into inline segment
net_sched: keep backlog updated with qlen
sch_drr: update backlog as well
sch_hfsc: always keep backlog updated
sch_prio: update backlog as well
sch_qfq: keep backlog updated with qlen
sch_sfb: keep backlog updated with qlen
sch_tbf: update backlog as well
btrfs: cleaner_kthread() doesn't need explicit freeze
irda: Free skb on irda_accept error path.
phy: fix device reference leaks
bonding: prevent out of bound accesses
mtd: nand: fix ONFI parameter page layout
ath10k: free cached fw bin contents when get board id fails
xprtrdma: checking for NULL instead of IS_ERR()
xprtrdma: Fix additional uses of spin_lock_irqsave(rb_lock)
xprtrdma: xprt_rdma_free() must not release backchannel reqs
xprtrdma: rpcrdma_bc_receive_call() should init rq_private_buf.len
RDMA/cxgb3: device driver frees DMA memory with different size
mlxsw: spectrum: Don't forward packets when STP state is DISABLED
mlxsw: spectrum: Disable learning according to STP state
mlxsw: spectrum: Don't count internal TX header bytes to stats
mlxsw: spectrum: Indicate support for autonegotiation
mlxsw: spectrum: Fix misuse of hard_header_len
net: tcp_memcontrol: properly detect ancestor socket pressure
tcp: do not set rtt_min to 1
RDS:TCP: Synchronize rds_tcp_accept_one with rds_send_xmit when resetting t_sock
net: ipv6: tcp reset, icmp need to consider L3 domain
batman-adv: Fix lockdep annotation of batadv_tlv_container_remove
batman-adv: replace WARN with rate limited output on non-existing VLAN
tty: serial: msm: Support more bauds
serial: samsung: Fix possible out of bounds access on non-DT platform
Drivers: hv: utils: use memdup_user in hvt_op_write
isa: Call isa_bus_init before dependent ISA bus drivers register
Btrfs: clean up an error code in btrfs_init_space_info()
Input: gpio-keys - fix check for disabling unsupported keys
Input: edt-ft5x06 - fix setting gain, offset, and threshold via device tree
net/xfrm_input: fix possible NULL deref of tunnel.ip6->parms.i_key
xfrm_user: propagate sec ctx allocation errors
xfrm: Fix memory leak of aead algorithm name
mac80211: fix mgmt-tx abort cookie and leak
mac80211: TDLS: always downgrade invalid chandefs
mac80211: TDLS: change BW calculation for WIDER_BW peers
mac80211: Fix BW upgrade for TDLS peers
NFS: Fix an LOCK/OPEN race when unlinking an open file
net: get rid of an signed integer overflow in ip_idents_reserve()
mtd: nand: denali: add missing nand_release() call in denali_remove()
ASoC: Intel: pass correct parameter in sst_alloc_stream_mrfld()
ASoC: tegra_alc5632: check return value
ASoC: fsl_ssi: mark SACNT register volatile
Revert "ACPI / LPSS: allow to use specific PM domain during ->probe()"
mmc: sdhci: restore behavior when setting VDD via external regulator
mmc: sd: limit SD card power limit according to cards capabilities
mmc: debugfs: correct wrong voltage value
mmc: block: return error on failed mmc_blk_get()
clk: rockchip: Revert "clk: rockchip: reset init state before mmc card initialization"
mmc: dw_mmc: rockchip: Set the drive phase properly
mmc: moxart: fix wait_for_completion_interruptible_timeout return variable type
mmc: sdhci: Fix regression setting power on Trats2 board
perf tools: Fix perf regs mask generation
powerpc/tm: Fix stack pointer corruption in __tm_recheckpoint()
powerpc/book3s: Fix MCE console messages for unrecoverable MCE.
sctp: fix the transports round robin issue when init is retransmitted
sunrpc: Update RPCBIND_MAXNETIDLEN
NFC: nci: memory leak in nci_core_conn_create()
net: phy: Avoid polling PHY with PHY_IGNORE_INTERRUPTS
net: phy: Fix phy_mac_interrupt()
net: phy: bcm7xxx: Fix shadow mode 2 disabling
of_mdio: fix node leak in of_phy_register_fixed_link error path
phy: micrel: Fix finding PHY properties in MAC node for KSZ9031.
net: dsa: slave: fix of-node leak and phy priority
drivers: net: cpsw: don't ignore phy-mode if phy-handle is used
iommu/dma: Respect IOMMU aperture when allocating
mdio-sun4i: oops in error handling in probe
iio:ad7797: Use correct attribute_group
selftests/ipc: Fix test failure seen after initial test run
wimax/i2400m: Fix potential urb refcnt leak
cifs: protect updating server->dstaddr with a spinlock
scripts/config: allow colons in option strings for sed
lib/mpi: Fix building for powerpc with clang
net: bcmgenet: suppress warnings on failed Rx SKB allocations
net: systemport: suppress warnings on failed Rx SKB allocations
rc: allow rc modules to be loaded if rc-main is not a module
lirc_imon: do not leave imon_probe() with mutex held
am437x-vpfe: fix an uninitialized variable bug
cx23885: uninitialized variable in cx23885_av_work_handler()
ath9k_htc: check for underflow in ath9k_htc_rx_msg()
VFIO: platform: reset: fix a warning message condition
net: moxa: fix an error code
mfd: lp8788-irq: Uninitialized variable in irq handler
ethernet: micrel: fix some error codes
power: ipaq-micro-battery: freeing the wrong variable
i40e: fix an uninitialized variable bug
qede: uninitialized variable in qede_start_xmit()
qlcnic: potential NULL dereference in qlcnic_83xx_get_minidump_template()
qlcnic: use the correct ring in qlcnic_83xx_process_rcv_ring_diag()
target: Fix a memory leak in target_dev_lba_map_store()
memory/tegra: Add number of TLB lines for Tegra124
pinctrl: bcm2835: Fix memory leak in error path
be2net: Don't leak iomapped memory on removal.
ipv4: Fix memory leak in exception case for splitting tries
flow_dissector: Check for IP fragmentation even if not using IPv4 address
ipv4: fix checksum annotation in udp4_csum_init
ipv4: do not abuse GFP_ATOMIC in inet_netconf_notify_devconf()
ipv4: accept u8 in IP_TOS ancillary data
net: vrf: Fix dev refcnt leak due to IPv6 prefix route
ipv6: fix checksum annotation in udp6_csum_init
ipv6: do not abuse GFP_ATOMIC in inet6_netconf_notify_devconf()
ipv6: add missing netconf notif when 'all' is updated
net: ipv6: Fix processing of RAs in presence of VRF
netfilter: nf_tables: fix a wrong check to skip the inactive rules
netfilter: nft_dynset: fix panic if NFT_SET_HASH is not enabled
netfilter: nf_tables: destroy the set if fail to add transaction
netfilter: nft_dup: do not use sreg_dev if the user doesn't specify it
udp: restore UDPlite many-cast delivery
clk: st: avoid uninitialized variable use
clk: gpio: handle error codes for of_clk_get_parent_count()
clk: ti: omap3+: dpll: use non-locking version of clk_get_rate
clk: multiplier: Prevent the multiplier from under / over flowing
clk: imx: clk-pllv3: fix incorrect handle of enet powerdown bit
clk: xgene: Don't call __pa on ioremaped address
cls_bpf: reset class and reuse major in da
arm64: bpf: jit JMP_JSET_{X,K}
bpf, trace: check event type in bpf_perf_event_read
bpf: fix map not being uncharged during map creation failure
net/mlx4_core: Fix potential corruption in counters database
net/mlx4_core: Fix access to uninitialized index
net/mlx4_en: Fix the return value of a failure in VLAN VID add/kill
net/mlx4_core: Check device state before unregistering it
net/mlx4_core: Fix the resource-type enum in res tracker to conform to FW spec
net/mlx4_en: Process all completions in RX rings after port goes up
net/mlx4_core: Do not access comm channel if it has not yet been initialized
net/mlx4_en: Fix potential deadlock in port statistics flow
net/mlx4: Fix uninitialized fields in rule when adding promiscuous mode to device managed flow steering
net/mlx4_core: Fix QUERY FUNC CAP flags
mlxsw: switchx2: Fix misuse of hard_header_len
mlxsw: switchx2: Fix ethernet port initialization
sched/fair: Fix calc_cfs_shares() fixed point arithmetics width confusion
net_sched: flower: Avoid dissection of unmasked keys
pkt_sched: fq: use proper locking in fq_dump_stats()
sched/preempt: Fix preempt_count manipulations
power: bq27xxx: fix reading for bq27000 and bq27010
power: bq27xxx: fix register numbers of bq27500
power: test_power: correctly handle empty writes
power: bq27xxx_battery: Fix bq27541 AveragePower register address
power_supply: tps65217-charger: Fix NULL deref during property export
net: vrf: Fix dst reference counting
net: Don't delete routes in different VRFs
vti6: fix input path
ipv4: Fix table id reference in fib_sync_down_addr
mlx4: do not call napi_schedule() without care
xprtrdma: Fix backchannel allocation of extra rpcrdma_reps
ALSA: fm801: Initialize chip after IRQ handler is registered
bonding: fix length of actor system
MIPS: perf: Remove incorrect odd/even counter handling for I6400
Revert "cpufreq: Drop rwsem lock around CPUFREQ_GOV_POLICY_EXIT"
net: dsa: mv88e6xxx: unlock DSA and CPU ports
gfs2: fix flock panic issue
blk-mq: fix undefined behaviour in order_to_size()
dm: fix second blk_delay_queue() parameter to be in msec units not jiffies
dmaengine: edma: Add probe callback to edma_tptc_driver
openvswitch: update checksum in {push,pop}_mpls
cxgb4/cxgb4vf: Fixes regression in perf when tx vlan offload is disabled
net: bcmgenet: fix skb_len in bcmgenet_xmit_single()
net: bcmgenet: device stats are unsigned long
ovs/gre: fix rtnl notifications on iface deletion
gre: do not assign header_ops in collect metadata mode
gre: build header correctly for collect metadata tunnels
gre: reject GUE and FOU in collect metadata mode
sfc: fix potential stack corruption from running past stat bitmask
sfc: clear napi_hash state when copying channels
net: bcmsysport: Device stats are unsigned long
cxgbi: fix uninitialized flowi6
net: macb: add missing free_netdev() on error in macb_probe()
macvtap: segmented packet is consumed
tipc: fix the error handling in tipc_udp_enable()
net: icmp6_send should use dst dev to determine L3 domain
et131x: Fix logical vs bitwise check in et131x_tx_timeout()
net: ethernet: stmmac: dwmac-sti: fix probe error path
rtnl: reset calcit fptr in rtnl_unregister()
net: ethernet: stmmac: dwmac-rk: fix probe error path
fq_codel: return non zero qlen in class dumps
net: ethernet: stmmac: dwmac-generic: fix probe error path
ovs/geneve: fix rtnl notifications on iface deletion
bnxt: add a missing rcu synchronization
qdisc: fix a module refcount leak in qdisc_create_dflt()
net: axienet: Fix return value check in axienet_probe()
bnxt_en: Remove locking around txr->dev_state
net: ethernet: davinci_emac: Fix devioctl while in fixed link
net: ethernet: mvneta: Remove IFF_UNICAST_FLT which is not implemented
net: ethernet: ti: cpsw: fix device and of_node leaks
net: ethernet: ti: cpsw: fix secondary-emac probe error path
net: hns: fix device reference leaks
net: bridge: don't increment tx_dropped in br_do_proxy_arp
net: dsa: mv88e6xxx: enable SA learning on DSA ports
net: ehea: avoid null pointer dereference
l2tp: fix use-after-free during module unload
hwrng: exynos - Disable runtime PM on driver unbind
net: icmp_route_lookup should use rt dev to determine L3 domain
net: mvneta: fix trivial cut-off issue in mvneta_ethtool_update_stats
net: macb: replace macb_writel() call by queue_writel() to update queue ISR
ravb: Add missing free_irq() call to ravb_close()
mvpp2: use correct size for memset
net: vxlan: lwt: Fix vxlan local traffic.
net: ethoc: Fix early error paths
ovs/vxlan: fix rtnl notifications on iface deletion
net: mv643xx_eth: fix packet corruption with TSO and tiny unaligned packets.
regulator: core: Rely on regulator_dev_release to free constraints
net: dsa: mv88e6xxx: fix port VLAN maps
at803x: fix reset handling
cxl: Fix DAR check & use REGION_ID instead of opencoding
net: ethernet: davinci_emac: Fix platform_data overwrite
ata: sata_dwc_460ex: remove incorrect locking
pinctrl: tegra: Correctly check the supported configuration
brcmfmac: add fallback for devices that do not report per-chain values
brcmfmac: restore stopping netdev queue when bus clogs up
bridge: Fix problems around fdb entries pointing to the bridge device
bna: add missing per queue ethtool stat
net: skbuff: Remove errornous length validation in skb_vlan_pop()
net: ep93xx_eth: Do not crash unloading module
macvlan: Fix potential use-after free for broadcasts
sctp: Fix SHUTDOWN CTSN Ack in the peer restart case
ALSA: hda: Match both PCI ID and SSID for driver blacklist
mac80211: add ieee80211_is_any_nullfunc()
Linux 4.4.223
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: Ie7caca39501fe5e82b947964cc474ed1c786d756
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
commit 61b87cae6361ea6af161c1ffa549898892707b19 upstream.
This patch fixes a bug in the filter_events() function.
The patch fixes the bug whereby if some mappings did not
exist, e.g., STALLED_CYCLES_FRONTEND, then any event after it
in the attrs array would disappear from the published list of
events in /sys/devices/cpu/events. This could be verified
easily on any system post SNB (which do not publish
STALLED_CYCLES_FRONTEND):
$ ./perf stat -e cycles,ref-cycles true
Performance counter stats for 'true':
1,217,348 cycles
<not supported> ref-cycles
The problem is that in filter_events() there is an assumption
that the argument (attrs) is organized in increasing continuous
event indexes related to the event_map(). But if we remove the
non-supported events by shifing the position in the array, then
the lookup x86_pmu.event_map() needs to compensate for it, otherwise
we are looking up the wrong index. This patch corrects this problem
by compensating for the deleted events and with that ref-cycles
reappears (here shown on Haswell):
$ perf stat -e ref-cycles,cycles true
Performance counter stats for 'true':
4,525,910 ref-cycles
1,064,920 cycles
0.002943888 seconds time elapsed
Signed-off-by: Stephane Eranian <eranian@google.com>
Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Cc: Arnaldo Carvalho de Melo <acme@redhat.com>
Cc: Jiri Olsa <jolsa@redhat.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Vince Weaver <vincent.weaver@maine.edu>
Cc: jolsa@kernel.org
Cc: kan.liang@intel.com
Fixes: 8300daa26755 ("perf/x86: Filter out undefined events from sysfs events attribute")
Link: http://lkml.kernel.org/r/1449516805-6637-1-git-send-email-eranian@google.com
Signed-off-by: Ingo Molnar <mingo@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
| |\|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Changes in 4.4.222
ext4: fix special inode number checks in __ext4_iget()
drm/qxl: qxl_release leak in qxl_hw_surface_alloc()
ALSA: pcm: oss: Place the plugin buffer overflow checks correctly
PM: ACPI: Output correct message on target power state
RDMA/mlx4: Initialize ib_spec on the stack
vfio/type1: Fix VA->PA translation for PFNMAP VMAs in vaddr_get_pfn()
ALSA: opti9xx: shut up gcc-10 range warning
nfs: Fix potential posix_acl refcnt leak in nfs3_set_acl
dmaengine: dmatest: Fix iteration non-stop logic
i2c: designware-pci: use IRQF_COND_SUSPEND flag
perf hists: Fix HISTC_MEM_DCACHELINE width setting
powerpc/perf: Remove PPMU_HAS_SSLOT flag for Power8
perf/x86: Fix uninitialized value usage
exynos4-is: fix a format string bug
ASoC: wm8960: Fix WM8960_SYSCLK_PLL mode
ASoC: imx-spdif: Fix crash on suspend
ipv6: use READ_ONCE() for inet->hdrincl as in ipv4
selinux: properly handle multiple messages in selinux_netlink_send()
Linux 4.4.222
Change-Id: I510144039d424ae2e57ae23c188f2ed4d020ed11
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
commit e01d8718de4170373cd7fbf5cf6f9cb61cebb1e9 upstream.
When calling intel_alt_er() with .idx != EXTRA_REG_RSP_* we will not
initialize alt_idx and then use this uninitialized value to index an
array.
When that is not fatal, it can result in an infinite loop in its
caller __intel_shared_reg_get_constraints(), with IRQs disabled.
Alternative error modes are random memory corruption due to the
cpuc->shared_regs->regs[] array overrun, which manifest in either
get_constraints or put_constraints doing weird stuff.
Only took 6 hours of painful debugging to find this. Neither GCC nor
Smatch warnings flagged this bug.
Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Cc: Arnaldo Carvalho de Melo <acme@redhat.com>
Cc: David Ahern <dsahern@gmail.com>
Cc: Jiri Olsa <jolsa@redhat.com>
Cc: Kan Liang <kan.liang@intel.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Namhyung Kim <namhyung@kernel.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Stephane Eranian <eranian@google.com>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Vince Weaver <vincent.weaver@maine.edu>
Fixes: ae3f011fc251 ("perf/x86/intel: Fix SLM MSR_OFFCORE_RSP1 valid_mask")
Signed-off-by: Ingo Molnar <mingo@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
| |\|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Changes in 4.4.220
bus: sunxi-rsb: Return correct data when mixing 16-bit and 8-bit reads
net: vxge: fix wrong __VA_ARGS__ usage
qlcnic: Fix bad kzalloc null test
i2c: st: fix missing struct parameter description
irqchip/versatile-fpga: Handle chained IRQs properly
selftests/x86/ptrace_syscall_32: Fix no-vDSO segfault
libata: Remove extra scsi_host_put() in ata_scsi_add_hosts()
gfs2: Don't demote a glock until its revokes are written
x86/boot: Use unsigned comparison for addresses
locking/lockdep: Avoid recursion in lockdep_count_{for,back}ward_deps()
btrfs: remove a BUG_ON() from merge_reloc_roots()
btrfs: track reloc roots based on their commit root bytenr
misc: rtsx: set correct pcr_ops for rts522A
ASoC: fix regwmask
ASoC: dapm: connect virtual mux with default value
ASoC: dpcm: allow start or stop during pause for backend
ASoC: topology: use name_prefix for new kcontrol
usb: gadget: f_fs: Fix use after free issue as part of queue failure
usb: gadget: composite: Inform controller driver of self-powered
ALSA: usb-audio: Add mixer workaround for TRX40 and co
ALSA: hda: Add driver blacklist
ALSA: hda: Fix potential access overflow in beep helper
ALSA: ice1724: Fix invalid access for enumerated ctl items
ALSA: pcm: oss: Fix regression by buffer overflow fix
acpi/x86: ignore unspecified bit positions in the ACPI global lock field
thermal: devfreq_cooling: inline all stubs for CONFIG_DEVFREQ_THERMAL=n
KEYS: reaching the keys quotas correctly
irqchip/versatile-fpga: Apply clear-mask earlier
MIPS: OCTEON: irq: Fix potential NULL pointer dereference
ath9k: Handle txpower changes even when TPC is disabled
signal: Extend exec_id to 64bits
x86/entry/32: Add missing ASM_CLAC to general_protection entry
KVM: x86: Allocate new rmap and large page tracking when moving memslot
crypto: mxs-dcp - fix scatterlist linearization for hash
futex: futex_wake_op, do not fail on invalid op
xen-netfront: Rework the fix for Rx stall during OOM and network stress
ALSA: hda: Initialize power_state field properly
Btrfs: incremental send, fix invalid memory access
IB/ipoib: Fix lockdep issue found on ipoib_ib_dev_heavy_flush
scsi: zfcp: fix missing erp_lock in port recovery trigger for point-to-point
arm64: armv8_deprecated: Fix undef_hook mask for thumb setend
ext4: fix a data race at inode->i_blocks
ocfs2: no need try to truncate file beyond i_size
s390/diag: fix display of diagnose call statistics
Input: i8042 - add Acer Aspire 5738z to nomux list
kmod: make request_module() return an error when autoloading is disabled
hfsplus: fix crash and filesystem corruption when deleting files
libata: Return correct status in sata_pmp_eh_recover_pm() when ATA_DFLAG_DETACH is set
powerpc/64/tm: Don't let userspace set regs->trap via sigreturn
Btrfs: fix crash during unmount due to race with delayed inode workers
drm/dp_mst: Fix clearing payload state on topology disable
ipmi: fix hung processes in __get_guid()
powerpc/fsl_booke: Avoid creating duplicate tlb1 entry
misc: echo: Remove unnecessary parentheses and simplify check for zero
mfd: dln2: Fix sanity checking for endpoints
net: ipv4: devinet: Fix crash when add/del multicast IP with autojoin
net: ipv6: do not consider routes via gateways for anycast address check
scsi: ufs: Fix ufshcd_hold() caused scheduling while atomic
jbd2: improve comments about freeing data buffers whose page mapping is NULL
ext4: fix incorrect group count in ext4_fill_super error message
ext4: fix incorrect inodes per group in error message
ASoC: Intel: mrfld: fix incorrect check on p->sink
ASoC: Intel: mrfld: return error codes when an error occurs
ALSA: usb-audio: Don't override ignore_ctl_error value from the map
mac80211_hwsim: Use kstrndup() in place of kasprintf()
ext4: do not zeroout extents beyond i_disksize
dm flakey: check for null arg_name in parse_features()
kvm: x86: Host feature SSBD doesn't imply guest feature SPEC_CTRL_SSBD
x86/mitigations: Clear CPU buffers on the SYSCALL fast path
tracing: Fix the race between registering 'snapshot' event trigger and triggering 'snapshot' operation
scsi: sg: add sg_remove_request in sg_common_write
ALSA: hda: Don't release card at firmware loading error
video: fbdev: sis: Remove unnecessary parentheses and commented code
drm: NULL pointer dereference [null-pointer-deref] (CWE 476) problem
wil6210: increase firmware ready timeout
wil6210: fix temperature debugfs
scsi: ufs: ufs-qcom: remove broken hci version quirk
wil6210: rate limit wil_rx_refill error
rtc: pm8xxx: Fix issue in RTC write path
soc: qcom: smem: Use le32_to_cpu for comparison
of: fix missing kobject init for !SYSFS && OF_DYNAMIC config
of: unittest: kmemleak in of_unittest_platform_populate()
clk: at91: usb: continue if clk_hw_round_rate() return zero
clk: tegra: Fix Tegra PMC clock out parents
NFS: direct.c: Fix memory leak of dreq when nfs_get_lock_context fails
ext4: do not commit super on read-only bdev
percpu_counter: fix a data race at vm_committed_as
compiler.h: fix error in BUILD_BUG_ON() reporting
NFS: Fix memory leaks in nfs_pageio_stop_mirroring()
ext2: fix empty body warnings when -Wextra is used
iommu/amd: Fix the configuration of GCR3 table root pointer
fbdev: potential information leak in do_fb_ioctl()
tty: evh_bytechan: Fix out of bounds accesses
locktorture: Print ratio of acquisitions, not failures
mtd: lpddr: Fix a double free in probe()
mtd: phram: fix a double free issue in error path
x86/CPU: Add native CPUID variants returning a single datum
x86/microcode/intel: replace sync_core() with native_cpuid_reg(eax)
x86/vdso: Fix lsl operand order
Linux 4.4.220
Change-Id: Ic931642c95ad95eb2755c3c20f6802e04283e68b
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The fast SYSCALL exit path returns with SYSRET to userspace after
verifying that there's no pending work. MDS mitigation mandates that CPU
buffers must be cleared on transition from kernel to userspace so do
that here too.
Signed-off-by: Borislav Petkov <bp@suse.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
| |\|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Changes in 4.4.217
NFS: Remove superfluous kmap in nfs_readdir_xdr_to_array
r8152: check disconnect status after long sleep
net: nfc: fix bounds checking bugs on "pipe"
bnxt_en: reinitialize IRQs when MTU is modified
fib: add missing attribute validation for tun_id
nl802154: add missing attribute validation
nl802154: add missing attribute validation for dev_type
team: add missing attribute validation for port ifindex
team: add missing attribute validation for array index
nfc: add missing attribute validation for SE API
nfc: add missing attribute validation for vendor subcommand
ipvlan: add cond_resched_rcu() while processing muticast backlog
ipvlan: do not add hardware address of master to its unicast filter list
ipvlan: egress mcast packets are not exceptional
ipvlan: do not use cond_resched_rcu() in ipvlan_process_multicast()
ipvlan: don't deref eth hdr before checking it's set
macvlan: add cond_resched() during multicast processing
net: fec: validate the new settings in fec_enet_set_coalesce()
slip: make slhc_compress() more robust against malicious packets
bonding/alb: make sure arp header is pulled before accessing it
net: fq: add missing attribute validation for orphan mask
iommu/vt-d: quirk_ioat_snb_local_iommu: replace WARN_TAINT with pr_warn + add_taint
drm/amd/display: remove duplicated assignment to grph_obj_type
gfs2_atomic_open(): fix O_EXCL|O_CREAT handling on cold dcache
KVM: x86: clear stale x86_emulate_ctxt->intercept value
ARC: define __ALIGN_STR and __ALIGN symbols for ARC
efi: Fix a race and a buffer overflow while reading efivars via sysfs
iommu/vt-d: dmar: replace WARN_TAINT with pr_warn + add_taint
iommu/vt-d: Fix a bug in intel_iommu_iova_to_phys() for huge page
nl80211: add missing attribute validation for critical protocol indication
nl80211: add missing attribute validation for channel switch
netfilter: cthelper: add missing attribute validation for cthelper
iommu/vt-d: Fix the wrong printing in RHSA parsing
iommu/vt-d: Ignore devices with out-of-spec domain number
mwifiex: Fix heap overflow in mmwifiex_process_tdls_action_frame()
ipv6: restrict IPV6_ADDRFORM operation
efi: Add a sanity check to efivar_store_raw()
batman-adv: Fix invalid read while copying bat_iv.bcast_own
batman-adv: Only put gw_node list reference when removed
batman-adv: Only put orig_node_vlan list reference when removed
batman-adv: Avoid endless loop in bat-on-bat netdevice check
batman-adv: Fix unexpected free of bcast_own on add_if error
batman-adv: Fix integer overflow in batadv_iv_ogm_calc_tq
batman-adv: init neigh node last seen field
batman-adv: Deactivate TO_BE_ACTIVATED hardif on shutdown
batman-adv: Drop reference to netdevice on last reference
batman-adv: Fix reference counting of vlan object for tt_local_entry
batman-adv: Avoid duplicate neigh_node additions
batman-adv: fix skb deref after free
batman-adv: Fix use-after-free/double-free of tt_req_node
batman-adv: Fix ICMP RR ethernet access after skb_linearize
batman-adv: Clean up untagged vlan when destroying via rtnl-link
batman-adv: Avoid nullptr dereference in bla after vlan_insert_tag
batman-adv: Avoid nullptr dereference in dat after vlan_insert_tag
batman-adv: Fix orig_node_vlan leak on orig_node_release
batman-adv: lock crc access in bridge loop avoidance
batman-adv: Fix non-atomic bla_claim::backbone_gw access
batman-adv: Fix reference leak in batadv_find_router
batman-adv: Free last_bonding_candidate on release of orig_node
batman-adv: Fix speedy join in gateway client mode
batman-adv: Add missing refcnt for last_candidate
batman-adv: Fix double free during fragment merge error
batman-adv: Fix transmission of final, 16th fragment
batman-adv: Fix rx packet/bytes stats on local ARP reply
batman-adv: fix TT sync flag inconsistencies
batman-adv: Fix lock for ogm cnt access in batadv_iv_ogm_calc_tq
batman-adv: Fix internal interface indices types
batman-adv: update data pointers after skb_cow()
batman-adv: Fix skbuff rcsum on packet reroute
batman-adv: Avoid race in TT TVLV allocator helper
batman-adv: Fix TT sync flags for intermediate TT responses
batman-adv: prevent TT request storms by not sending inconsistent TT TLVLs
batman-adv: Fix debugfs path for renamed hardif
batman-adv: Fix debugfs path for renamed softif
batman-adv: Avoid storing non-TT-sync flags on singular entries too
batman-adv: Prevent duplicated gateway_node entry
batman-adv: Prevent duplicated nc_node entry
batman-adv: Prevent duplicated global TT entry
batman-adv: Prevent duplicated tvlv handler
batman-adv: Reduce claim hash refcnt only for removed entry
batman-adv: Reduce tt_local hash refcnt only for removed entry
batman-adv: Reduce tt_global hash refcnt only for removed entry
batman-adv: Only read OGM tvlv_len after buffer len check
batman-adv: Avoid free/alloc race when handling OGM buffer
batman-adv: Don't schedule OGM for disabled interface
perf/amd/uncore: Replace manual sampling check with CAP_NO_INTERRUPT flag
net: ks8851-ml: Fix IRQ handling and locking
signal: avoid double atomic counter increments for user accounting
jbd2: fix data races at struct journal_head
ARM: 8957/1: VDSO: Match ARMv8 timer in cntvct_functional()
ARM: 8958/1: rename missed uaccess .fixup section
mm: slub: add missing TID bump in kmem_cache_alloc_bulk()
ipv4: ensure rcu_read_lock() in cipso_v4_error()
Linux 4.4.217
Change-Id: Ic8c9ec91c66a9a0bb0b6291ad0a5101d18889a67
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
[ Upstream commit f967140dfb7442e2db0868b03b961f9c59418a1b ]
Enable the sampling check in kernel/events/core.c::perf_event_open(),
which returns the more appropriate -EOPNOTSUPP.
BEFORE:
$ sudo perf record -a -e instructions,l3_request_g1.caching_l3_cache_accesses true
Error:
The sys_perf_event_open() syscall returned with 22 (Invalid argument) for event (l3_request_g1.caching_l3_cache_accesses).
/bin/dmesg | grep -i perf may provide additional information.
With nothing relevant in dmesg.
AFTER:
$ sudo perf record -a -e instructions,l3_request_g1.caching_l3_cache_accesses true
Error:
l3_request_g1.caching_l3_cache_accesses: PMU Hardware doesn't support sampling/overflow-interrupts. Try 'perf stat'
Fixes: c43ca5091a37 ("perf/x86/amd: Add support for AMD NB and L2I "uncore" counters")
Signed-off-by: Kim Phillips <kim.phillips@amd.com>
Signed-off-by: Borislav Petkov <bp@suse.de>
Acked-by: Peter Zijlstra <peterz@infradead.org>
Cc: stable@vger.kernel.org
Link: https://lkml.kernel.org/r/20200311191323.13124-1-kim.phillips@amd.com
Signed-off-by: Sasha Levin <sashal@kernel.org>
|
| |\|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Changes in 4.4.215
x86/vdso: Use RDPID in preference to LSL when available
KVM: x86: emulate RDPID
ALSA: hda: Use scnprintf() for printing texts for sysfs/procfs
ecryptfs: fix a memory leak bug in parse_tag_1_packet()
ecryptfs: fix a memory leak bug in ecryptfs_init_messaging()
ALSA: usb-audio: Apply sample rate quirk for Audioengine D1
ubifs: Fix deadlock in concurrent bulk-read and writepage
ext4: fix checksum errors with indexed dirs
Btrfs: fix race between using extent maps and merging them
btrfs: log message when rw remount is attempted with unclean tree-log
padata: Remove broken queue flushing
s390/time: Fix clk type in get_tod_clock
hwmon: (pmbus/ltc2978) Fix PMBus polling of MFR_COMMON definitions.
jbd2: move the clearing of b_modified flag to the journal_unmap_buffer()
jbd2: do not clear the BH_Mapped flag when forgetting a metadata buffer
btrfs: print message when tree-log replay starts
scsi: qla2xxx: fix a potential NULL pointer dereference
Revert "KVM: VMX: Add non-canonical check on writes to RTIT address MSRs"
drm/gma500: Fixup fbdev stolen size usage evaluation
brcmfmac: Fix use after free in brcmf_sdio_readframes()
gianfar: Fix TX timestamping with a stacked DSA driver
pinctrl: sh-pfc: sh7264: Fix CAN function GPIOs
media: i2c: mt9v032: fix enum mbus codes and frame sizes
media: sti: bdisp: fix a possible sleep-in-atomic-context bug in bdisp_device_run()
efi/x86: Map the entire EFI vendor string before copying it
MIPS: Loongson: Fix potential NULL dereference in loongson3_platform_init()
uio: fix a sleep-in-atomic-context bug in uio_dmem_genirq_irqcontrol()
usb: gadget: udc: fix possible sleep-in-atomic-context bugs in gr_probe()
nfs: NFS_SWAP should depend on SWAP
jbd2: clear JBD2_ABORT flag before journal_reset to update log tail info when load journal
tracing: Fix very unlikely race of registering two stat tracers
ext4, jbd2: ensure panic when aborting with zero errno
kconfig: fix broken dependency in randconfig-generated .config
clk: qcom: rcg2: Don't crash if our parent can't be found; return an error
drm/amdgpu: remove 4 set but not used variable in amdgpu_atombios_get_connector_info_from_object_table
regulator: rk808: Lower log level on optional GPIOs being not available
NFC: port100: Convert cpu_to_le16(le16_to_cpu(E1) + E2) to use le16_add_cpu().
reiserfs: Fix spurious unlock in reiserfs_fill_super() error handling
ALSA: usx2y: Adjust indentation in snd_usX2Y_hwdep_dsp_status
b43legacy: Fix -Wcast-function-type
ipw2x00: Fix -Wcast-function-type
iwlegacy: Fix -Wcast-function-type
rtlwifi: rtl_pci: Fix -Wcast-function-type
orinoco: avoid assertion in case of NULL pointer
ACPICA: Disassembler: create buffer fields in ACPI_PARSE_LOAD_PASS1
scsi: aic7xxx: Adjust indentation in ahc_find_syncrate
ARM: dts: r8a7779: Add device node for ARM global timer
x86/vdso: Provide missing include file
pinctrl: sh-pfc: sh7269: Fix CAN function GPIOs
ALSA: sh: Fix compile warning wrt const
tools lib api fs: Fix gcc9 stringop-truncation compilation error
usbip: Fix unsafe unaligned pointer usage
soc/tegra: fuse: Correct straps' address for older Tegra124 device trees
rcu: Use WRITE_ONCE() for assignments to ->pprev for hlist_nulls
Input: edt-ft5x06 - work around first register access error
wan: ixp4xx_hss: fix compile-testing on 64-bit
ASoC: atmel: fix build error with CONFIG_SND_ATMEL_SOC_DMA=m
PCI: Don't disable bridge BARs when assigning bus resources
driver core: Print device when resources present in really_probe()
drm/nouveau: Fix copy-paste error in nouveau_fence_wait_uevent_handler
drm/vmwgfx: prevent memory leak in vmw_cmdbuf_res_add
iommu/arm-smmu-v3: Use WRITE_ONCE() when changing validity of an STE
scsi: iscsi: Don't destroy session if there are outstanding connections
cmd64x: potential buffer overflow in cmd64x_program_timings()
ide: serverworks: potential overflow in svwks_set_pio_mode()
remoteproc: Initialize rproc_class before use
s390/ftrace: generate traced function stack frame
ALSA: hda - Add docking station support for Lenovo Thinkpad T420s
jbd2: switch to use jbd2_journal_abort() when failed to submit the commit record
ARM: 8951/1: Fix Kexec compilation issue.
hostap: Adjust indentation in prism2_hostapd_add_sta
iwlegacy: ensure loop counter addr does not wrap and cause an infinite loop
drm/nouveau/disp/nv50-: prevent oops when no channel method map provided
trigger_next should increase position index
radeon: insert 10ms sleep in dce5_crtc_load_lut
ocfs2: fix a NULL pointer dereference when call ocfs2_update_inode_fsync_trans()
lib/scatterlist.c: adjust indentation in __sg_alloc_table
reiserfs: prevent NULL pointer dereference in reiserfs_insert_item()
bcache: explicity type cast in bset_bkey_last()
irqchip/gic-v3-its: Reference to its_invall_cmd descriptor when building INVALL
microblaze: Prevent the overflow of the start
brd: check and limit max_part par
selinux: ensure we cleanup the internal AVC counters on error in avc_update()
enic: prevent waking up stopped tx queues over watchdog reset
floppy: check FDC index for errors before assigning it
staging: android: ashmem: Disallow ashmem memory from being remapped
staging: vt6656: fix sign of rx_dbm to bb_pre_ed_rssi.
usb: uas: fix a plug & unplug racing
USB: Fix novation SourceControl XL after suspend
USB: hub: Don't record a connect-change event during reset-resume
staging: rtl8188eu: Fix potential security hole
staging: rtl8188eu: Fix potential overuse of kernel memory
x86/mce/amd: Fix kobject lifetime
tty: serial: imx: setup the correct sg entry for tx dma
Revert "ipc,sem: remove uneeded sem_undo_list lock usage in exit_sem()"
xhci: apply XHCI_PME_STUCK_QUIRK to Intel Comet Lake platforms
VT_RESIZEX: get rid of field-by-field copyin
vt: vt_ioctl: fix race in VT_RESIZEX
KVM: nVMX: Don't emulate instructions in guest mode
netfilter: xt_bpf: add overflow checks
ext4: fix a data race in EXT4_I(inode)->i_disksize
ext4: add cond_resched() to __ext4_find_entry()
KVM: nVMX: Refactor IO bitmap checks into helper function
KVM: nVMX: Check IO instruction VM-exit conditions
KVM: apic: avoid calculating pending eoi from an uninitialized val
Btrfs: fix btrfs_wait_ordered_range() so that it waits for all ordered extents
scsi: Revert "RDMA/isert: Fix a recently introduced regression related to logout"
scsi: Revert "target: iscsi: Wait for all commands to finish before freeing a session"
ecryptfs: replace BUG_ON with error handling code
ALSA: rawmidi: Avoid bit fields for state flags
ALSA: seq: Avoid concurrent access to queue flags
ALSA: seq: Fix concurrent access to queue current tick/time
xen: Enable interrupts when calling _cond_resched()
Linux 4.4.215
Change-Id: I32c4136741a79ab940022d590d5ace780290acbb
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
commit 51dede9c05df2b78acd6dcf6a17d21f0877d2d7b upstream.
Accessing the MCA thresholding controls in sysfs concurrently with CPU
hotplug can lead to a couple of KASAN-reported issues:
BUG: KASAN: use-after-free in sysfs_file_ops+0x155/0x180
Read of size 8 at addr ffff888367578940 by task grep/4019
and
BUG: KASAN: use-after-free in show_error_count+0x15c/0x180
Read of size 2 at addr ffff888368a05514 by task grep/4454
for example. Both result from the fact that the threshold block
creation/teardown code frees the descriptor memory itself instead of
defining proper ->release function and leaving it to the driver core to
take care of that, after all sysfs accesses have completed.
Do that and get rid of the custom freeing code, fixing the above UAFs in
the process.
[ bp: write commit message. ]
Fixes: 95268664390b ("[PATCH] x86_64: mce_amd support for family 0x10 processors")
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: Borislav Petkov <bp@suse.de>
Cc: <stable@vger.kernel.org>
Link: https://lkml.kernel.org/r/20200214082801.13836-1-bp@alien8.de
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
| |\|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Changes in 4.4.214
media: iguanair: fix endpoint sanity check
x86/cpu: Update cached HLE state on write to TSX_CTRL_CPUID_CLEAR
sparc32: fix struct ipc64_perm type definition
ASoC: qcom: Fix of-node refcount unbalance to link->codec_of_node
cls_rsvp: fix rsvp_policy
net: hsr: fix possible NULL deref in hsr_handle_frame()
net_sched: fix an OOB access in cls_tcindex
tcp: clear tp->total_retrans in tcp_disconnect()
tcp: clear tp->segs_{in|out} in tcp_disconnect()
media: uvcvideo: Avoid cyclic entity chains due to malformed USB descriptors
mfd: dln2: More sanity checking for endpoints
brcmfmac: Fix memory leak in brcmf_usbdev_qinit
usb: gadget: legacy: set max_speed to super-speed
usb: gadget: f_ncm: Use atomic_t to track in-flight request
usb: gadget: f_ecm: Use atomic_t to track in-flight request
ALSA: dummy: Fix PCM format loop in proc output
lib/test_kasan.c: fix memory leak in kmalloc_oob_krealloc_more()
powerpc/pseries: Advance pfn if section is not present in lmb_is_removable()
mmc: spi: Toggle SPI polarity, do not hardcode it
PCI: keystone: Fix link training retries initiation
crypto: api - Check spawn->alg under lock in crypto_drop_spawn
scsi: qla2xxx: Fix mtcp dump collection failure
power: supply: ltc2941-battery-gauge: fix use-after-free
Revert "ovl: modify ovl_permission() to do checks on two inodes"
of: Add OF_DMA_DEFAULT_COHERENT & select it on powerpc
dm space map common: fix to ensure new block isn't already in use
crypto: pcrypt - Do not clear MAY_SLEEP flag in original request
crypto: api - Fix race condition in crypto_spawn_alg
crypto: picoxcell - adjust the position of tasklet_init and fix missed tasklet_kill
btrfs: set trans->drity in btrfs_commit_transaction
ARM: tegra: Enable PLLP bypass during Tegra124 LP1
mwifiex: fix unbalanced locking in mwifiex_process_country_ie()
sunrpc: expiry_time should be seconds not timeval
KVM: x86: Refactor prefix decoding to prevent Spectre-v1/L1TF attacks
KVM: x86: Protect DR-based index computations from Spectre-v1/L1TF attacks
KVM: x86: Protect kvm_hv_msr_[get|set]_crash_data() from Spectre-v1/L1TF attacks
KVM: x86: Protect ioapic_write_indirect() from Spectre-v1/L1TF attacks
KVM: x86: Protect MSR-based index computations in pmu.h from Spectre-v1/L1TF attacks
KVM: x86: Protect ioapic_read_indirect() from Spectre-v1/L1TF attacks
KVM: x86: Protect MSR-based index computations from Spectre-v1/L1TF attacks in x86.c
KVM: x86: Protect x86_decode_insn from Spectre-v1/L1TF attacks
KVM: x86: Protect MSR-based index computations in fixed_msr_to_seg_unit() from Spectre-v1/L1TF attacks
KVM: PPC: Book3S HV: Uninit vCPU if vcore creation fails
KVM: PPC: Book3S PR: Free shared page if mmu initialization fails
KVM: x86: Free wbinvd_dirty_mask if vCPU creation fails
scsi: qla2xxx: Fix the endianness of the qla82xx_get_fw_size() return type
scsi: csiostor: Adjust indentation in csio_device_reset
scsi: qla4xxx: Adjust indentation in qla4xxx_mem_free
ext2: Adjust indentation in ext2_fill_super
powerpc/44x: Adjust indentation in ibm4xx_denali_fixup_memsize
NFC: pn544: Adjust indentation in pn544_hci_check_presence
ppp: Adjust indentation into ppp_async_input
net: smc911x: Adjust indentation in smc911x_phy_configure
net: tulip: Adjust indentation in {dmfe, uli526x}_init_module
mfd: da9062: Fix watchdog compatible string
mfd: rn5t618: Mark ADC control register volatile
net: systemport: Avoid RBUF stuck in Wake-on-LAN mode
bonding/alb: properly access headers in bond_alb_xmit()
NFS: Fix memory leaks and corruption in readdir
NFS: Fix bool initialization/comparison
NFS: Directory page cache pages need to be locked when read
Btrfs: fix assertion failure on fsync with NO_HOLES enabled
btrfs: remove trivial locking wrappers of tree mod log
Btrfs: fix race between adding and putting tree mod seq elements and nodes
drm: atmel-hlcdc: enable clock before configuring timing engine
KVM: x86: drop picdev_in_range()
KVM: x86: Refactor picdev_write() to prevent Spectre-v1/L1TF attacks
KVM: x86: Protect pmu_intel.c from Spectre-v1/L1TF attacks
KVM: x86: Protect kvm_lapic_reg_write() from Spectre-v1/L1TF attacks
btrfs: flush write bio if we loop in extent_write_cache_pages
KVM: x86/mmu: Apply max PA check for MMIO sptes to 32-bit KVM
KVM: VMX: Add non-canonical check on writes to RTIT address MSRs
KVM: nVMX: vmread should not set rflags to specify success in case of #PF
cifs: fail i/o on soft mounts if sessionsetup errors out
clocksource: Prevent double add_timer_on() for watchdog_timer
perf/core: Fix mlock accounting in perf_mmap()
ASoC: pcm: update FE/BE trigger order based on the command
scsi: ufs: Fix ufshcd_probe_hba() reture value in case ufshcd_scsi_add_wlus() fails
rtc: hym8563: Return -EINVAL if the time is known to be invalid
ARC: [plat-axs10x]: Add missing multicast filter number to GMAC node
ARM: dts: at91: sama5d3: fix maximum peripheral clock rates
ARM: dts: at91: sama5d3: define clock rate range for tcb1
powerpc/pseries: Allow not having ibm, hypertas-functions::hcall-multi-tce for DDW
pinctrl: sh-pfc: r8a7778: Fix duplicate SDSELF_B and SD1_CLK_B
mwifiex: Fix possible buffer overflows in mwifiex_ret_wmm_get_status()
mwifiex: Fix possible buffer overflows in mwifiex_cmd_append_vsie_tlv()
libertas: don't exit from lbs_ibss_join_existing() with RCU read lock held
libertas: make lbs_ibss_join_existing() return error code on rates overflow
dm: fix potential for q->make_request_fn NULL pointer
Linux 4.4.214
Change-Id: I4c59fc6feb5cc34402bc8bbaf29f3d1debfe6951
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
[ Upstream commit 5efc6fa9044c3356d6046c6e1da6d02572dbed6b ]
/proc/cpuinfo currently reports Hardware Lock Elision (HLE) feature to
be present on boot cpu even if it was disabled during the bootup. This
is because cpuinfo_x86->x86_capability HLE bit is not updated after TSX
state is changed via the new MSR IA32_TSX_CTRL.
Update the cached HLE bit also since it is expected to change after an
update to CPUID_CLEAR bit in MSR IA32_TSX_CTRL.
Fixes: 95c5824f75f3 ("x86/cpu: Add a "tsx=" cmdline option with TSX disabled by default")
Signed-off-by: Pawan Gupta <pawan.kumar.gupta@linux.intel.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Tested-by: Neelima Krishnan <neelima.krishnan@intel.com>
Reviewed-by: Dave Hansen <dave.hansen@linux.intel.com>
Reviewed-by: Josh Poimboeuf <jpoimboe@redhat.com>
Cc: stable@vger.kernel.org
Link: https://lore.kernel.org/r/2529b99546294c893dfa1c89e2b3e46da3369a59.1578685425.git.pawan.kumar.gupta@linux.intel.com
Signed-off-by: Sasha Levin <sashal@kernel.org>
|
| |\|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Changes in 4.4.207
x86/apic/32: Avoid bogus LDR warnings
usb: gadget: u_serial: add missing port entry locking
tty: serial: msm_serial: Fix flow control
x86/PCI: Avoid AMD FCH XHCI USB PME# from D0 defect
serial: serial_core: Perform NULL checks for break_ctl ops
serial: ifx6x60: add missed pm_runtime_disable
autofs: fix a leak in autofs_expire_indirect()
NFC: nxp-nci: Fix NULL pointer dereference after I2C communication error
Input: cyttsp4_core - fix use after free bug
ALSA: pcm: Fix stream lock usage in snd_pcm_period_elapsed()
rsxx: add missed destroy_workqueue calls in remove
net: ep93xx_eth: fix mismatch of request_mem_region in remove
serial: core: Allow processing sysrq at port unlock time
iwlwifi: mvm: Send non offchannel traffic via AP sta
ARM: 8813/1: Make aligned 2-byte getuser()/putuser() atomic on ARMv6+
extcon: max8997: Fix lack of path setting in USB device mode
clk: rockchip: fix rk3188 sclk_smc gate data
clk: rockchip: fix rk3188 sclk_mac_lbtest parameter ordering
dlm: fix missing idr_destroy for recover_idr
MIPS: SiByte: Enable ZONE_DMA32 for LittleSur
scsi: zfcp: drop default switch case which might paper over missing case
pinctrl: qcom: ssbi-gpio: fix gpio-hog related boot issues
Staging: iio: adt7316: Fix i2c data reading, set the data field
regulator: Fix return value of _set_load() stub
MIPS: OCTEON: octeon-platform: fix typing
math-emu/soft-fp.h: (_FP_ROUND_ZERO) cast 0 to void to fix warning
rtc: max8997: Fix the returned value in case of error in 'max8997_rtc_read_alarm()'
rtc: dt-binding: abx80x: fix resistance scale
ARM: dts: exynos: Use Samsung SoC specific compatible for DWC2 module
dmaengine: coh901318: Fix a double-lock bug
dmaengine: coh901318: Remove unused variable
ACPI: fix acpi_find_child_device() invocation in acpi_preset_companion()
dma-mapping: fix return type of dma_set_max_seg_size()
altera-stapl: check for a null key before strcasecmp'ing it
serial: imx: fix error handling in console_setup
i2c: imx: don't print error message on probe defer
dlm: NULL check before kmem_cache_destroy is not needed
nfsd: fix a warning in __cld_pipe_upcall()
ARM: OMAP1/2: fix SoC name printing
net/x25: fix called/calling length calculation in x25_parse_address_block
net/x25: fix null_x25_address handling
ARM: dts: mmp2: fix the gpio interrupt cell number
tcp: fix off-by-one bug on aborting window-probing socket
modpost: skip ELF local symbols during section mismatch check
kbuild: fix single target build for external module
ARM: dts: pxa: clean up USB controller nodes
dlm: fix invalid cluster name warning
powerpc/math-emu: Update macros from GCC
MIPS: OCTEON: cvmx_pko_mem_debug8: use oldest forward compatible definition
nfsd: Return EPERM, not EACCES, in some SETATTR cases
mlx4: Use snprintf instead of complicated strcpy
ARM: dts: sunxi: Fix PMU compatible strings
sched/fair: Scale bandwidth quota and period without losing quota/period ratio precision
fuse: verify nlink
fuse: verify attributes
ALSA: pcm: oss: Avoid potential buffer overflows
Input: goodix - add upside-down quirk for Teclast X89 tablet
CIFS: Fix NULL-pointer dereference in smb2_push_mandatory_locks
CIFS: Fix SMB2 oplock break processing
tty: vt: keyboard: reject invalid keycodes
can: slcan: Fix use-after-free Read in slcan_open
jbd2: Fix possible overflow in jbd2_log_space_left()
drm/i810: Prevent underflow in ioctl
KVM: x86: do not modify masked bits of shared MSRs
KVM: x86: fix presentation of TSX feature in ARCH_CAPABILITIES
crypto: crypto4xx - fix double-free in crypto4xx_destroy_sdr
crypto: user - fix memory leak in crypto_report
spi: atmel: Fix CS high support
RDMA/qib: Validate ->show()/store() callbacks before calling them
thermal: Fix deadlock in thermal thermal_zone_device_check
KVM: x86: fix out-of-bounds write in KVM_GET_EMULATED_CPUID (CVE-2019-19332)
appletalk: Fix potential NULL pointer dereference in unregister_snap_client
appletalk: Set error code if register_snap_client failed
ALSA: hda - Fix pending unsol events at shutdown
sched/core: Allow putting thread_info into task_struct
sched/core: Add try_get_task_stack() and put_task_stack()
sched/core, x86: Make struct thread_info arch specific again
fs/proc: Stop reporting eip and esp in /proc/PID/stat
fs/proc: Report eip/esp in /prod/PID/stat for coredumping
proc: fix coredump vs read /proc/*/stat race
fs/proc/array.c: allow reporting eip/esp for all coredumping threads
usb: gadget: configfs: Fix missing spin_lock_init()
usb: Allow USB device to be warm reset in suspended state
staging: rtl8188eu: fix interface sanity check
staging: rtl8712: fix interface sanity check
staging: gigaset: fix general protection fault on probe
staging: gigaset: fix illegal free on probe errors
staging: gigaset: add endpoint-type sanity check
xhci: Increase STS_HALT timeout in xhci_suspend()
iio: humidity: hdc100x: fix IIO_HUMIDITYRELATIVE channel reporting
USB: atm: ueagle-atm: add missing endpoint check
USB: idmouse: fix interface sanity checks
USB: serial: io_edgeport: fix epic endpoint lookup
USB: adutux: fix interface sanity check
usb: core: urb: fix URB structure initialization function
usb: mon: Fix a deadlock in usbmon between mmap and read
mtd: spear_smi: Fix Write Burst mode
virtio-balloon: fix managed page counts when migrating pages between zones
btrfs: check page->mapping when loading free space cache
btrfs: Remove btrfs_bio::flags member
rtlwifi: rtl8192de: Fix missing code to retrieve RX buffer address
rtlwifi: rtl8192de: Fix missing callback that tests for hw release of buffer
rtlwifi: rtl8192de: Fix missing enable interrupt flag
lib: raid6: fix awk build warnings
workqueue: Fix spurious sanity check failures in destroy_workqueue()
workqueue: Fix pwq ref leak in rescuer_thread()
ASoC: Jack: Fix NULL pointer dereference in snd_soc_jack_report
blk-mq: avoid sysfs buffer overflow with too many CPU cores
cgroup: pids: use atomic64_t for pids->limit
ar5523: check NULL before memcpy() in ar5523_cmd()
media: bdisp: fix memleak on release
media: radio: wl1273: fix interrupt masking on release
cpuidle: Do not unset the driver if it is there already
ACPI: OSL: only free map once in osl.c
ACPI: bus: Fix NULL pointer check in acpi_bus_get_private_data()
ACPI: PM: Avoid attaching ACPI PM domain to certain devices
pinctrl: samsung: Fix device node refcount leaks in S3C24xx wakeup controller init
pinctrl: samsung: Fix device node refcount leaks in init code
powerpc: Allow 64bit VDSO __kernel_sync_dicache to work across ranges >4GB
video/hdmi: Fix AVI bar unpack
quota: Check that quota is not dirty before release
quota: fix livelock in dquot_writeback_dquots
scsi: zfcp: trace channel log even for FCP command responses
usb: xhci: only set D3hot for pci device
xhci: Fix memory leak in xhci_add_in_port()
xhci: make sure interrupts are restored to correct state
iio: adis16480: Add debugfs_reg_access entry
Btrfs: fix negative subv_writers counter and data space leak after buffered write
scsi: lpfc: Cap NPIV vports to 256
e100: Fix passing zero to 'PTR_ERR' warning in e100_load_ucode_wait
x86/MCE/AMD: Turn off MC4_MISC thresholding on all family 0x15 models
ARM: dts: omap3-tao3530: Fix incorrect MMC card detection GPIO polarity
pinctrl: samsung: Fix device node refcount leaks in S3C64xx wakeup controller init
scsi: qla2xxx: Fix DMA unmap leak
scsi: qla2xxx: Fix qla24xx_process_bidir_cmd()
scsi: qla2xxx: Always check the qla2x00_wait_for_hba_online() return value
powerpc: Fix vDSO clock_getres()
mm/shmem.c: cast the type of unmap_start to u64
blk-mq: make sure that line break can be printed
workqueue: Fix missing kfree(rescuer) in destroy_workqueue()
sunrpc: fix crash when cache_head become valid before update
kernel/module.c: wakeup processes in module_wq on module unload
net: bridge: deny dev_set_mac_address() when unregistering
tcp: md5: fix potential overestimation of TCP option space
tipc: fix ordering of tipc module init and exit routine
inet: protect against too small mtu values.
tcp: fix rejected syncookies due to stale timestamps
tcp: tighten acceptance of ACKs not matching a child socket
tcp: Protect accesses to .ts_recent_stamp with {READ,WRITE}_ONCE()
net: ethernet: ti: cpsw: fix extra rx interrupt
PCI: Fix Intel ACS quirk UPDCR register address
PCI/MSI: Fix incorrect MSI-X masking on resume
xtensa: fix TLB sanity checker
CIFS: Respect O_SYNC and O_DIRECT flags during reconnect
ARM: dts: s3c64xx: Fix init order of clock providers
ARM: tegra: Fix FLOW_CTLR_HALT register clobbering by tegra_resume()
vfio/pci: call irq_bypass_unregister_producer() before freeing irq
dm btree: increase rebalance threshold in __rebalance2()
drm/radeon: fix r1xx/r2xx register checker for POT textures
xhci: fix USB3 device initiated resume race with roothub autosuspend
net: stmmac: use correct DMA buffer size in the RX descriptor
net: stmmac: don't stop NAPI processing when dropping a packet
Linux 4.4.207
Change-Id: I2505ee1dcf004c7f28e711cd71977ea33150e733
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
[ Upstream commit c95b323dcd3598dd7ef5005d6723c1ba3b801093 ]
MC4_MISC thresholding is not supported on all family 0x15 processors,
hence skip the x86_model check when applying the quirk.
[ bp: massage commit message. ]
Signed-off-by: Shirish S <shirish.s@amd.com>
Signed-off-by: Borislav Petkov <bp@suse.de>
Cc: "H. Peter Anvin" <hpa@zytor.com>
Cc: Ingo Molnar <mingo@redhat.com>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Tony Luck <tony.luck@intel.com>
Cc: Vishal Verma <vishal.l.verma@intel.com>
Cc: x86-ml <x86@kernel.org>
Link: https://lkml.kernel.org/r/1547106849-3476-2-git-send-email-shirish.s@amd.com
Signed-off-by: Sasha Levin <sashal@kernel.org>
|
| |\|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Changes in 4.4.204
net/mlx4_en: fix mlx4 ethtool -N insertion
sfc: Only cancel the PPS workqueue if it exists
net/sched: act_pedit: fix WARN() in the traffic path
net: rtnetlink: prevent underflows in do_setvfinfo()
Revert "fs: ocfs2: fix possible null-pointer dereferences in ocfs2_xa_prepare_entry()"
mm/ksm.c: don't WARN if page is still mapped in remove_stable_node()
asus-wmi: Create quirk for airplane_mode LED
asus-wmi: Add quirk_no_rfkill_wapf4 for the Asus X456UF
asus-wmi: Add quirk_no_rfkill for the Asus N552VW
asus-wmi: Add quirk_no_rfkill for the Asus U303LB
asus-wmi: Add quirk_no_rfkill for the Asus Z550MA
platform/x86: asus-wmi: Filter buggy scan codes on ASUS Q500A
platform/x86: asus-wmi: fix asus ux303ub brightness issue
platform/x86: asus-wmi: Set specified XUSB2PR value for X550LB
asus-wmi: provide access to ALS control
platform/x86: asus-wmi: try to set als by default
platform/x86: asus-nb-wmi: Support ALS on the Zenbook UX430UQ
platform/x86: asus-wmi: Only Tell EC the OS will handle display hotkeys from asus_nb_wmi
platform/x86: asus-wmi: add SERIO_I8042 dependency
mwifiex: Fix NL80211_TX_POWER_LIMITED
ALSA: isight: fix leak of reference to firewire unit in error path of .probe callback
printk: fix integer overflow in setup_log_buf()
gfs2: Fix marking bitmaps non-full
synclink_gt(): fix compat_ioctl()
powerpc: Fix signedness bug in update_flash_db()
powerpc/eeh: Fix use of EEH_PE_KEEP on wrong field
brcmsmac: AP mode: update beacon when TIM changes
spi: sh-msiof: fix deferred probing
mmc: mediatek: fix cannot receive new request when msdc_cmd_is_ready fail
btrfs: handle error of get_old_root
gsmi: Fix bug in append_to_eventlog sysfs handler
misc: mic: fix a DMA pool free failure
amiflop: clean up on errors during setup
scsi: ips: fix missing break in switch
KVM/x86: Fix invvpid and invept register operand size in 64-bit mode
scsi: isci: Use proper enumerated type in atapi_d2h_reg_frame_handler
scsi: isci: Change sci_controller_start_task's return type to sci_status
scsi: iscsi_tcp: Explicitly cast param in iscsi_sw_tcp_host_get_param
clk: mmp2: fix the clock id for sdh2_clk and sdh3_clk
scsi: dc395x: fix dma API usage in srb_done
scsi: dc395x: fix DMA API usage in sg_update_list
net: fix warning in af_unix
kprobes, x86/ptrace.h: Make regs_get_kernel_stack_nth() not fault on bad stack
ALSA: i2c/cs8427: Fix int to char conversion
macintosh/windfarm_smu_sat: Fix debug output
USB: misc: appledisplay: fix backlight update_status return code
SUNRPC: Fix a compile warning for cmpxchg64()
atm: zatm: Fix empty body Clang warnings
s390/perf: Return error when debug_register fails
spi: omap2-mcspi: Set FIFO DMA trigger level to word length
sparc: Fix parport build warnings.
ceph: fix dentry leak in ceph_readdir_prepopulate
rtc: s35390a: Change buf's type to u8 in s35390a_init
mISDN: Fix type of switch control variable in ctrl_teimanager
qlcnic: fix a return in qlcnic_dcb_get_capability()
mfd: mc13xxx-core: Fix PMIC shutdown when reading ADC values
mfd: max8997: Enale irq-wakeup unconditionally
selftests/ftrace: Fix to test kprobe $comm arg only if available
thermal: rcar_thermal: Prevent hardware access during system suspend
sparc64: Rework xchg() definition to avoid warnings.
fs/ocfs2/dlm/dlmdebug.c: fix a sleep-in-atomic-context bug in dlm_print_one_mle()
mm/page-writeback.c: fix range_cyclic writeback vs writepages deadlock
um: Make line/tty semantics use true write IRQ
linux/bitmap.h: handle constant zero-size bitmaps correctly
linux/bitmap.h: fix type of nbits in bitmap_shift_right()
hfsplus: fix BUG on bnode parent update
hfs: fix BUG on bnode parent update
hfsplus: prevent btree data loss on ENOSPC
hfs: prevent btree data loss on ENOSPC
hfsplus: fix return value of hfsplus_get_block()
hfs: fix return value of hfs_get_block()
fs/hfs/extent.c: fix array out of bounds read of array extent
igb: shorten maximum PHC timecounter update interval
ntb_netdev: fix sleep time mismatch
ntb: intel: fix return value for ndev_vec_mask()
ocfs2: don't put and assigning null to bh allocated outside
ocfs2: fix clusters leak in ocfs2_defrag_extent()
net: do not abort bulk send on BQL status
sched/fair: Don't increase sd->balance_interval on newidle balance
audit: print empty EXECVE args
wlcore: Fix the return value in case of error in 'wlcore_vendor_cmd_smart_config_start()'
rtl8xxxu: Fix missing break in switch
brcmsmac: never log "tid x is not agg'able" by default
wireless: airo: potential buffer overflow in sprintf()
rtlwifi: rtl8192de: Fix misleading REG_MCUFWDL information
scsi: mpt3sas: Fix Sync cache command failure during driver unload
scsi: mpt3sas: Fix driver modifying persistent data in Manufacturing page11
scsi: megaraid_sas: Fix msleep granularity
scsi: lpfc: fcoe: Fix link down issue after 1000+ link bounces
dlm: fix invalid free
dlm: don't leak kernel pointer to userspace
net: bcmgenet: return correct value 'ret' from bcmgenet_power_down
sock: Reset dst when changing sk_mark via setsockopt
pinctrl: qcom: spmi-gpio: fix gpio-hog related boot issues
pinctrl: zynq: Use define directive for PIN_CONFIG_IO_STANDARD
PCI: keystone: Use quirk to limit MRRS for K2G
spi: omap2-mcspi: Fix DMA and FIFO event trigger size mismatch
IB/hfi1: Ensure full Gen3 speed in a Gen4 system
Bluetooth: Fix invalid-free in bcsp_close()
ath9k_hw: fix uninitialized variable data
dm: use blk_set_queue_dying() in __dm_destroy()
arm64: fix for bad_mode() handler to always result in panic
cpufreq: Skip cpufreq resume if it's not suspended
ocfs2: remove ocfs2_is_o2cb_active()
mmc: block: Fix tag condition with packed writes
ARC: perf: Accommodate big-endian CPU
x86/insn: Fix awk regexp warnings
x86/speculation: Fix incorrect MDS/TAA mitigation status
x86/speculation: Fix redundant MDS mitigation message
media: vivid: Set vid_cap_streaming and vid_out_streaming to true
media: vivid: Fix wrong locking that causes race conditions on streaming stop
cpufreq: Add NULL checks to show() and store() methods of cpufreq
media: b2c2-flexcop-usb: add sanity checking
media: cxusb: detect cxusb_ctrl_msg error in query
media: imon: invalid dereference in imon_touch_event
virtio_console: reset on out of memory
virtio_console: don't tie bufs to a vq
virtio_console: allocate inbufs in add_port() only if it is needed
virtio_console: fix uninitialized variable use
virtio_console: drop custom control queue cleanup
virtio_console: move removal code
usb-serial: cp201x: support Mark-10 digital force gauge
appledisplay: fix error handling in the scheduled work
USB: serial: mos7840: add USB ID to support Moxa UPort 2210
USB: serial: mos7720: fix remote wakeup
USB: serial: mos7840: fix remote wakeup
USB: serial: option: add support for DW5821e with eSIM support
USB: serial: option: add support for Foxconn T77W968 LTE modules
staging: comedi: usbduxfast: usbduxfast_ai_cmdtest rounding error
powerpc/64s: support nospectre_v2 cmdline option
powerpc/book3s64: Fix link stack flush on context switch
KVM: PPC: Book3S HV: Flush link stack on guest exit to host kernel
Linux 4.4.204
Change-Id: I63f64a109a8797f479bc7226be23ca591fa01b1c
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
commit cd5a2aa89e847bdda7b62029d94e95488d73f6b2 upstream.
Since MDS and TAA mitigations are inter-related for processors that are
affected by both vulnerabilities, the followiing confusing messages can
be printed in the kernel log:
MDS: Vulnerable
MDS: Mitigation: Clear CPU buffers
To avoid the first incorrect message, defer the printing of MDS
mitigation after the TAA mitigation selection has been done. However,
that has the side effect of printing TAA mitigation first before MDS
mitigation.
[ bp: Check box is affected/mitigations are disabled first before
printing and massage. ]
Suggested-by: Pawan Gupta <pawan.kumar.gupta@linux.intel.com>
Signed-off-by: Waiman Long <longman@redhat.com>
Signed-off-by: Borislav Petkov <bp@suse.de>
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Cc: "H. Peter Anvin" <hpa@zytor.com>
Cc: Ingo Molnar <mingo@redhat.com>
Cc: Josh Poimboeuf <jpoimboe@redhat.com>
Cc: Mark Gross <mgross@linux.intel.com>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Tim Chen <tim.c.chen@linux.intel.com>
Cc: Tony Luck <tony.luck@intel.com>
Cc: Tyler Hicks <tyhicks@canonical.com>
Cc: x86-ml <x86@kernel.org>
Link: https://lkml.kernel.org/r/20191115161445.30809-3-longman@redhat.com
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
commit 64870ed1b12e235cfca3f6c6da75b542c973ff78 upstream.
For MDS vulnerable processors with TSX support, enabling either MDS or
TAA mitigations will enable the use of VERW to flush internal processor
buffers at the right code path. IOW, they are either both mitigated
or both not. However, if the command line options are inconsistent,
the vulnerabilites sysfs files may not report the mitigation status
correctly.
For example, with only the "mds=off" option:
vulnerabilities/mds:Vulnerable; SMT vulnerable
vulnerabilities/tsx_async_abort:Mitigation: Clear CPU buffers; SMT vulnerable
The mds vulnerabilities file has wrong status in this case. Similarly,
the taa vulnerability file will be wrong with mds mitigation on, but
taa off.
Change taa_select_mitigation() to sync up the two mitigation status
and have them turned off if both "mds=off" and "tsx_async_abort=off"
are present.
Update documentation to emphasize the fact that both "mds=off" and
"tsx_async_abort=off" have to be specified together for processors that
are affected by both TAA and MDS to be effective.
[ bp: Massage and add kernel-parameters.txt change too. ]
Fixes: 1b42f017415b ("x86/speculation/taa: Add mitigation for TSX Async Abort")
Signed-off-by: Waiman Long <longman@redhat.com>
Signed-off-by: Borislav Petkov <bp@suse.de>
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Cc: "H. Peter Anvin" <hpa@zytor.com>
Cc: Ingo Molnar <mingo@redhat.com>
Cc: Jiri Kosina <jkosina@suse.cz>
Cc: Jonathan Corbet <corbet@lwn.net>
Cc: Josh Poimboeuf <jpoimboe@redhat.com>
Cc: linux-doc@vger.kernel.org
Cc: Mark Gross <mgross@linux.intel.com>
Cc: <stable@vger.kernel.org>
Cc: Pawan Gupta <pawan.kumar.gupta@linux.intel.com>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Tim Chen <tim.c.chen@linux.intel.com>
Cc: Tony Luck <tony.luck@intel.com>
Cc: Tyler Hicks <tyhicks@canonical.com>
Cc: x86-ml <x86@kernel.org>
Link: https://lkml.kernel.org/r/20191115161445.30809-2-longman@redhat.com
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
| |\|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Changes in 4.4.203
slip: Fix memory leak in slip_open error path
ax88172a: fix information leak on short answers
ALSA: usb-audio: Fix missing error check at mixer resolution test
ALSA: usb-audio: not submit urb for stopped endpoint
Input: ff-memless - kill timer in destroy()
ecryptfs_lookup_interpose(): lower_dentry->d_inode is not stable
ecryptfs_lookup_interpose(): lower_dentry->d_parent is not stable either
iommu/vt-d: Fix QI_DEV_IOTLB_PFSID and QI_DEV_EIOTLB_PFSID macros
mm: memcg: switch to css_tryget() in get_mem_cgroup_from_mm()
mm: hugetlb: switch to css_tryget() in hugetlb_cgroup_charge_cgroup()
mmc: sdhci-of-at91: fix quirk2 overwrite
iio: dac: mcp4922: fix error handling in mcp4922_write_raw
ALSA: pcm: signedness bug in snd_pcm_plug_alloc()
ARM: dts: at91/trivial: Fix USART1 definition for at91sam9g45
ALSA: seq: Do error checks at creating system ports
gfs2: Don't set GFS2_RDF_UPTODATE when the lvb is updated
ASoC: dpcm: Properly initialise hw->rate_max
MIPS: BCM47XX: Enable USB power on Netgear WNDR3400v3
ARM: dts: exynos: Fix sound in Snow-rev5 Chromebook
i40e: use correct length for strncpy
i40e: hold the rtnl lock on clearing interrupt scheme
i40e: Prevent deleting MAC address from VF when set by PF
ARM: dts: pxa: fix power i2c base address
rtl8187: Fix warning generated when strncpy() destination length matches the sixe argument
net: lan78xx: Bail out if lan78xx_get_endpoints fails
ASoC: sgtl5000: avoid division by zero if lo_vag is zero
ath10k: wmi: disable softirq's while calling ieee80211_rx
mips: txx9: fix iounmap related issue
of: make PowerMac cache node search conditional on CONFIG_PPC_PMAC
ARM: dts: omap3-gta04: give spi_lcd node a label so that we can overwrite in other DTS files
ARM: dts: omap3-gta04: tvout: enable as display1 alias
ARM: dts: omap3-gta04: make NAND partitions compatible with recent U-Boot
ARM: dts: omap3-gta04: keep vpll2 always on
dmaengine: dma-jz4780: Further residue status fix
signal: Always ignore SIGKILL and SIGSTOP sent to the global init
signal: Properly deliver SIGILL from uprobes
signal: Properly deliver SIGSEGV from x86 uprobes
scsi: sym53c8xx: fix NULL pointer dereference panic in sym_int_sir()
ARM: imx6: register pm_power_off handler if "fsl,pmic-stby-poweroff" is set
scsi: pm80xx: Corrected dma_unmap_sg() parameter
scsi: pm80xx: Fixed system hang issue during kexec boot
kprobes: Don't call BUG_ON() if there is a kprobe in use on free list
nvmem: core: return error code instead of NULL from nvmem_device_get
media: fix: media: pci: meye: validate offset to avoid arbitrary access
ALSA: intel8x0m: Register irq handler after register initializations
pinctrl: at91-pio4: fix has_config check in atmel_pctl_dt_subnode_to_map()
llc: avoid blocking in llc_sap_close()
powerpc/vdso: Correct call frame information
ARM: dts: socfpga: Fix I2C bus unit-address error
pinctrl: at91: don't use the same irqchip with multiple gpiochips
cxgb4: Fix endianness issue in t4_fwcache()
power: supply: ab8500_fg: silence uninitialized variable warnings
power: supply: max8998-charger: Fix platform data retrieval
kernfs: Fix range checks in kernfs_get_target_path
s390/qeth: invoke softirqs after napi_schedule()
PCI/ACPI: Correct error message for ASPM disabling
serial: mxs-auart: Fix potential infinite loop
powerpc/iommu: Avoid derefence before pointer check
powerpc/64s/hash: Fix stab_rr off by one initialization
powerpc/pseries: Disable CPU hotplug across migrations
libfdt: Ensure INT_MAX is defined in libfdt_env.h
power: supply: twl4030_charger: fix charging current out-of-bounds
power: supply: twl4030_charger: disable eoc interrupt on linear charge
net: toshiba: fix return type of ndo_start_xmit function
net: xilinx: fix return type of ndo_start_xmit function
net: broadcom: fix return type of ndo_start_xmit function
net: amd: fix return type of ndo_start_xmit function
usb: chipidea: Fix otg event handler
ARM: dts: am335x-evm: fix number of cpsw
ARM: dts: ux500: Correct SCU unit address
ARM: dts: ux500: Fix LCDA clock line muxing
ARM: dts: ste: Fix SPI controller node names
cpufeature: avoid warning when compiling with clang
bnx2x: Ignore bandwidth attention in single function mode
net: micrel: fix return type of ndo_start_xmit function
x86/CPU: Use correct macros for Cyrix calls
MIPS: kexec: Relax memory restriction
media: pci: ivtv: Fix a sleep-in-atomic-context bug in ivtv_yuv_init()
media: davinci: Fix implicit enum conversion warning
usb: gadget: uvc: configfs: Drop leaked references to config items
usb: gadget: uvc: configfs: Prevent format changes after linking header
usb: gadget: uvc: Factor out video USB request queueing
usb: gadget: uvc: Only halt video streaming endpoint in bulk mode
misc: kgdbts: Fix restrict error
misc: genwqe: should return proper error value.
vfio/pci: Fix potential memory leak in vfio_msi_cap_len
scsi: libsas: always unregister the old device if going to discover new
ARM: dts: tegra30: fix xcvr-setup-use-fuses
ARM: tegra: apalis_t30: fix mmc1 cmd pull-up
net: smsc: fix return type of ndo_start_xmit function
EDAC: Raise the maximum number of memory controllers
Bluetooth: L2CAP: Detect if remote is not able to use the whole MPS
arm64: dts: amd: Fix SPI bus warnings
fuse: use READ_ONCE on congestion_threshold and max_background
Bluetooth: hci_ldisc: Fix null pointer derefence in case of early data
Bluetooth: hci_ldisc: Postpone HCI_UART_PROTO_READY bit set in hci_uart_set_proto()
memfd: Use radix_tree_deref_slot_protected to avoid the warning.
slcan: Fix memory leak in error path
net: cdc_ncm: Signedness bug in cdc_ncm_set_dgram_size()
x86/atomic: Fix smp_mb__{before,after}_atomic()
apparmor: fix uninitialized lsm_audit member
apparmor: fix update the mtime of the profile file on replacement
apparmor: fix module parameters can be changed after policy is locked
kprobes/x86: Prohibit probing on exception masking instructions
uprobes/x86: Prohibit probing on MOV SS instruction
fbdev: Remove unused SH-Mobile HDMI driver
fbdev: Ditch fb_edid_add_monspecs
block: introduce blk_rq_is_passthrough
libata: have ata_scsi_rw_xlat() fail invalid passthrough requests
net: ovs: fix return type of ndo_start_xmit function
f2fs: return correct errno in f2fs_gc
SUNRPC: Fix priority queue fairness
ath10k: fix vdev-start timeout on error
ath9k: fix reporting calculated new FFT upper max
usb: gadget: udc: fotg210-udc: Fix a sleep-in-atomic-context bug in fotg210_get_status()
nl80211: Fix a GET_KEY reply attribute
dmaengine: ep93xx: Return proper enum in ep93xx_dma_chan_direction
dmaengine: timb_dma: Use proper enum in td_prep_slave_sg
mei: samples: fix a signedness bug in amt_host_if_call()
cxgb4: Use proper enum in cxgb4_dcb_handle_fw_update
cxgb4: Use proper enum in IEEE_FAUX_SYNC
powerpc/pseries: Fix DTL buffer registration
powerpc/pseries: Fix how we iterate over the DTL entries
mtd: rawnand: sh_flctl: Use proper enum for flctl_dma_fifo0_transfer
ixgbe: Fix crash with VFs and flow director on interface flap
IB/mthca: Fix error return code in __mthca_init_one()
ata: ep93xx: Use proper enums for directions
ALSA: hda/sigmatel - Disable automute for Elo VuPoint
KVM: PPC: Book3S PR: Exiting split hack mode needs to fixup both PC and LR
USB: serial: cypress_m8: fix interrupt-out transfer length
mtd: physmap_of: Release resources on error
brcmfmac: fix full timeout waiting for action frame on-channel tx
NFSv4.x: fix lock recovery during delegation recall
dmaengine: ioat: fix prototype of ioat_enumerate_channels
Input: st1232 - set INPUT_PROP_DIRECT property
x86/olpc: Fix build error with CONFIG_MFD_CS5535=m
crypto: mxs-dcp - Fix SHA null hashes and output length
crypto: mxs-dcp - Fix AES issues
ACPI / SBS: Fix rare oops when removing modules
fbdev: sbuslib: use checked version of put_user()
fbdev: sbuslib: integer overflow in sbusfb_ioctl_helper()
bcache: recal cached_dev_sectors on detach
proc/vmcore: Fix i386 build error of missing copy_oldmem_page_encrypted()
backlight: lm3639: Unconditionally call led_classdev_unregister
printk: Give error on attempt to set log buffer length to over 2G
media: isif: fix a NULL pointer dereference bug
GFS2: Flush the GFS2 delete workqueue before stopping the kernel threads
media: cx231xx: fix potential sign-extension overflow on large shift
x86/kexec: Correct KEXEC_BACKUP_SRC_END off-by-one error
gpio: syscon: Fix possible NULL ptr usage
spi: spidev: Fix OF tree warning logic
ARM: 8802/1: Call syscall_trace_exit even when system call skipped
hwmon: (pwm-fan) Silence error on probe deferral
mac80211: minstrel: fix CCK rate group streams value
spi: rockchip: initialize dma_slave_config properly
arm64: uaccess: Ensure PAN is re-enabled after unhandled uaccess fault
Linux 4.4.203
Change-Id: Icba08e9fbb6f47274ee6fcf1023a1469cd8550d3
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
[ Upstream commit 03b099bdcdf7125d4a63dc9ddeefdd454e05123d ]
There are comments in processor-cyrix.h advising you to _not_ make calls
using the deprecated macros in this style:
setCx86_old(CX86_CCR4, getCx86_old(CX86_CCR4) | 0x80);
This is because it expands the macro into a non-functioning calling
sequence. The calling order must be:
outb(CX86_CCR2, 0x22);
inb(0x23);
From the comments:
* When using the old macros a line like
* setCx86(CX86_CCR2, getCx86(CX86_CCR2) | 0x88);
* gets expanded to:
* do {
* outb((CX86_CCR2), 0x22);
* outb((({
* outb((CX86_CCR2), 0x22);
* inb(0x23);
* }) | 0x88), 0x23);
* } while (0);
The new macros fix this problem, so use them instead.
Signed-off-by: Matthew Whitehead <tedheadster@gmail.com>
Signed-off-by: Borislav Petkov <bp@suse.de>
Reviewed-by: Andy Lutomirski <luto@amacapital.net>
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Cc: "H. Peter Anvin" <hpa@zytor.com>
Cc: Ingo Molnar <mingo@kernel.org>
Cc: Jia Zhang <qianyue.zj@alibaba-inc.com>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Philippe Ombredanne <pombredanne@nexb.com>
Cc: Thomas Gleixner <tglx@linutronix.de>
Link: http://lkml.kernel.org/r/20180921212041.13096-2-tedheadster@gmail.com
Signed-off-by: Sasha Levin <sashal@kernel.org>
|
| |\|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Changes in 4.4.202
kvm: mmu: Don't read PDPTEs when paging is not enabled
MIPS: BCM63XX: fix switch core reset on BCM6368
powerpc/Makefile: Use cflags-y/aflags-y for setting endian options
powerpc: Fix compiling a BE kernel with a powerpc64le toolchain
powerpc/boot: Request no dynamic linker for boot wrapper
KVM: Introduce kvm_get_arch_capabilities()
KVM: x86: Emulate MSR_IA32_ARCH_CAPABILITIES on AMD hosts
kvm: x86: IA32_ARCH_CAPABILITIES is always supported
KVM: x86: use Intel speculation bugs and features as derived in generic x86 code
x86/msr: Add the IA32_TSX_CTRL MSR
x86/cpu: Add a helper function x86_read_arch_cap_msr()
x86/cpu: Add a "tsx=" cmdline option with TSX disabled by default
x86/speculation/taa: Add mitigation for TSX Async Abort
x86/speculation/taa: Add sysfs reporting for TSX Async Abort
kvm/x86: Export MDS_NO=0 to guests when TSX is enabled
x86/tsx: Add "auto" option to the tsx= cmdline parameter
x86/speculation/taa: Add documentation for TSX Async Abort
x86/tsx: Add config options to set tsx=on|off|auto
x86/speculation/taa: Fix printing of TAA_MSG_SMT on IBRS_ALL CPUs
x86/bugs: Add ITLB_MULTIHIT bug infrastructure
Linux 4.4.202
Change-Id: I0c8187a61060810c9a2e56c09ba17768939de271
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
commit db4d30fbb71b47e4ecb11c4efa5d8aad4b03dfae upstream.
Some processors may incur a machine check error possibly resulting in an
unrecoverable CPU lockup when an instruction fetch encounters a TLB
multi-hit in the instruction TLB. This can occur when the page size is
changed along with either the physical address or cache type. The relevant
erratum can be found here:
https://bugzilla.kernel.org/show_bug.cgi?id=205195
There are other processors affected for which the erratum does not fully
disclose the impact.
This issue affects both bare-metal x86 page tables and EPT.
It can be mitigated by either eliminating the use of large pages or by
using careful TLB invalidations when changing the page size in the page
tables.
Just like Spectre, Meltdown, L1TF and MDS, a new bit has been allocated in
MSR_IA32_ARCH_CAPABILITIES (PSCHANGE_MC_NO) and will be set on CPUs which
are mitigated against this issue.
Signed-off-by: Vineela Tummalapalli <vineela.tummalapalli@intel.com>
Co-developed-by: Pawan Gupta <pawan.kumar.gupta@linux.intel.com>
Signed-off-by: Pawan Gupta <pawan.kumar.gupta@linux.intel.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
[bwh: Backported to 4.4:
- No support for X86_VENDOR_HYGON, ATOM_AIRMONT_NP
- Adjust context, indentation]
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
commit 012206a822a8b6ac09125bfaa210a95b9eb8f1c1 upstream.
For new IBRS_ALL CPUs, the Enhanced IBRS check at the beginning of
cpu_bugs_smt_update() causes the function to return early, unintentionally
skipping the MDS and TAA logic.
This is not a problem for MDS, because there appears to be no overlap
between IBRS_ALL and MDS-affected CPUs. So the MDS mitigation would be
disabled and nothing would need to be done in this function anyway.
But for TAA, the TAA_MSG_SMT string will never get printed on Cascade
Lake and newer.
The check is superfluous anyway: when 'spectre_v2_enabled' is
SPECTRE_V2_IBRS_ENHANCED, 'spectre_v2_user' is always
SPECTRE_V2_USER_NONE, and so the 'spectre_v2_user' switch statement
handles it appropriately by doing nothing. So just remove the check.
Fixes: 1b42f017415b ("x86/speculation/taa: Add mitigation for TSX Async Abort")
Signed-off-by: Josh Poimboeuf <jpoimboe@redhat.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Reviewed-by: Tyler Hicks <tyhicks@canonical.com>
Reviewed-by: Borislav Petkov <bp@suse.de>
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
commit db616173d787395787ecc93eef075fa975227b10 upstream.
There is a general consensus that TSX usage is not largely spread while
the history shows there is a non trivial space for side channel attacks
possible. Therefore the tsx is disabled by default even on platforms
that might have a safe implementation of TSX according to the current
knowledge. This is a fair trade off to make.
There are, however, workloads that really do benefit from using TSX and
updating to a newer kernel with TSX disabled might introduce a
noticeable regressions. This would be especially a problem for Linux
distributions which will provide TAA mitigations.
Introduce config options X86_INTEL_TSX_MODE_OFF, X86_INTEL_TSX_MODE_ON
and X86_INTEL_TSX_MODE_AUTO to control the TSX feature. The config
setting can be overridden by the tsx cmdline options.
[ bp: Text cleanups from Josh. ]
Suggested-by: Borislav Petkov <bpetkov@suse.de>
Signed-off-by: Michal Hocko <mhocko@suse.com>
Signed-off-by: Pawan Gupta <pawan.kumar.gupta@linux.intel.com>
Signed-off-by: Borislav Petkov <bp@suse.de>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Reviewed-by: Josh Poimboeuf <jpoimboe@redhat.com>
[bwh: Backported to 4.4: adjust doc filename]
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
commit 7531a3596e3272d1f6841e0d601a614555dc6b65 upstream.
Platforms which are not affected by X86_BUG_TAA may want the TSX feature
enabled. Add "auto" option to the TSX cmdline parameter. When tsx=auto
disable TSX when X86_BUG_TAA is present, otherwise enable TSX.
More details on X86_BUG_TAA can be found here:
https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/tsx_async_abort.html
[ bp: Extend the arg buffer to accommodate "auto\0". ]
Signed-off-by: Pawan Gupta <pawan.kumar.gupta@linux.intel.com>
Signed-off-by: Borislav Petkov <bp@suse.de>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Reviewed-by: Tony Luck <tony.luck@intel.com>
Reviewed-by: Josh Poimboeuf <jpoimboe@redhat.com>
[bwh: Backported to 4.4: adjust filename]
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
commit 6608b45ac5ecb56f9e171252229c39580cc85f0f upstream.
Add the sysfs reporting file for TSX Async Abort. It exposes the
vulnerability and the mitigation state similar to the existing files for
the other hardware vulnerabilities.
Sysfs file path is:
/sys/devices/system/cpu/vulnerabilities/tsx_async_abort
Signed-off-by: Pawan Gupta <pawan.kumar.gupta@linux.intel.com>
Signed-off-by: Borislav Petkov <bp@suse.de>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Tested-by: Neelima Krishnan <neelima.krishnan@intel.com>
Reviewed-by: Mark Gross <mgross@linux.intel.com>
Reviewed-by: Tony Luck <tony.luck@intel.com>
Reviewed-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Reviewed-by: Josh Poimboeuf <jpoimboe@redhat.com>
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
commit 1b42f017415b46c317e71d41c34ec088417a1883 upstream.
TSX Async Abort (TAA) is a side channel vulnerability to the internal
buffers in some Intel processors similar to Microachitectural Data
Sampling (MDS). In this case, certain loads may speculatively pass
invalid data to dependent operations when an asynchronous abort
condition is pending in a TSX transaction.
This includes loads with no fault or assist condition. Such loads may
speculatively expose stale data from the uarch data structures as in
MDS. Scope of exposure is within the same-thread and cross-thread. This
issue affects all current processors that support TSX, but do not have
ARCH_CAP_TAA_NO (bit 8) set in MSR_IA32_ARCH_CAPABILITIES.
On CPUs which have their IA32_ARCH_CAPABILITIES MSR bit MDS_NO=0,
CPUID.MD_CLEAR=1 and the MDS mitigation is clearing the CPU buffers
using VERW or L1D_FLUSH, there is no additional mitigation needed for
TAA. On affected CPUs with MDS_NO=1 this issue can be mitigated by
disabling the Transactional Synchronization Extensions (TSX) feature.
A new MSR IA32_TSX_CTRL in future and current processors after a
microcode update can be used to control the TSX feature. There are two
bits in that MSR:
* TSX_CTRL_RTM_DISABLE disables the TSX sub-feature Restricted
Transactional Memory (RTM).
* TSX_CTRL_CPUID_CLEAR clears the RTM enumeration in CPUID. The other
TSX sub-feature, Hardware Lock Elision (HLE), is unconditionally
disabled with updated microcode but still enumerated as present by
CPUID(EAX=7).EBX{bit4}.
The second mitigation approach is similar to MDS which is clearing the
affected CPU buffers on return to user space and when entering a guest.
Relevant microcode update is required for the mitigation to work. More
details on this approach can be found here:
https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/mds.html
The TSX feature can be controlled by the "tsx" command line parameter.
If it is force-enabled then "Clear CPU buffers" (MDS mitigation) is
deployed. The effective mitigation state can be read from sysfs.
[ bp:
- massage + comments cleanup
- s/TAA_MITIGATION_TSX_DISABLE/TAA_MITIGATION_TSX_DISABLED/g - Josh.
- remove partial TAA mitigation in update_mds_branch_idle() - Josh.
- s/tsx_async_abort_cmdline/tsx_async_abort_parse_cmdline/g
]
Signed-off-by: Pawan Gupta <pawan.kumar.gupta@linux.intel.com>
Signed-off-by: Borislav Petkov <bp@suse.de>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Reviewed-by: Josh Poimboeuf <jpoimboe@redhat.com>
[bwh: Backported to 4.4:
- Add #include "cpu.h" in bugs.c
- Drop __ro_after_init attribute
- Drop "nosmt" support
- Adjust context, indentation]
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
commit 95c5824f75f3ba4c9e8e5a4b1a623c95390ac266 upstream.
Add a kernel cmdline parameter "tsx" to control the Transactional
Synchronization Extensions (TSX) feature. On CPUs that support TSX
control, use "tsx=on|off" to enable or disable TSX. Not specifying this
option is equivalent to "tsx=off". This is because on certain processors
TSX may be used as a part of a speculative side channel attack.
Carve out the TSX controlling functionality into a separate compilation
unit because TSX is a CPU feature while the TSX async abort control
machinery will go to cpu/bugs.c.
[ bp: - Massage, shorten and clear the arg buffer.
- Clarifications of the tsx= possible options - Josh.
- Expand on TSX_CTRL availability - Pawan. ]
Signed-off-by: Pawan Gupta <pawan.kumar.gupta@linux.intel.com>
Signed-off-by: Borislav Petkov <bp@suse.de>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Reviewed-by: Josh Poimboeuf <jpoimboe@redhat.com>
[bwh: Backported to 4.4:
- Drop __ro_after_init attribute
- Adjust filenames, context]
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
