From 14d9845760960a925deaf6e6deb3bc29992a7a22 Mon Sep 17 00:00:00 2001 From: Romain Perier Date: Sun, 30 Sep 2018 16:00:39 +0200 Subject: [PATCH] Update to 4.18.10 This updates the debian changelog for listing changes of this stable update. It also removes patches applied upstream and refreshes a patch that is part of 4.18.7-rt5. --- debian/changelog | 204 +++++++++++++++++- ...-phandle-cache-outside-of-the-devtre.patch | 7 +- ...d-timeout-support-in-the-SEV-command.patch | 121 ----------- debian/patches/series | 1 - 4 files changed, 208 insertions(+), 125 deletions(-) delete mode 100644 debian/patches/bugfix/x86/crypto-ccp-add-timeout-support-in-the-SEV-command.patch diff --git a/debian/changelog b/debian/changelog index 51df3518b..87c97e08b 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,4 +1,4 @@ -linux (4.18.9-1) UNRELEASED; urgency=medium +linux (4.18.10-1) UNRELEASED; urgency=medium * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.18.9 @@ -148,6 +148,208 @@ linux (4.18.9-1) UNRELEASED; urgency=medium - clocksource: Revert "Remove kthread" - autofs: fix autofs_sbi() does not check super block type - mm: get rid of vmacache_flush_all() entirely (CVE-2018-17182) + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.18.10 + - be2net: Fix memory leak in be_cmd_get_profile_config() + - net/mlx5: Fix use-after-free in self-healing flow + - rds: fix two RCU related problems + - tipc: orphan sock in tipc_release() + - net/mlx5: E-Switch, Fix memory leak when creating switchdev mode FDB + tables + - net/tls: Set count of SG entries if sk_alloc_sg returns -ENOSPC + - net/mlx5: Check for error in mlx5_attach_interface + - net/mlx5: Fix debugfs cleanup in the device init/remove flow + - erspan: fix error handling for erspan tunnel + - erspan: return PACKET_REJECT when the appropriate tunnel is not found + - tcp: really ignore MSG_ZEROCOPY if no SO_ZEROCOPY + - net/mlx5: Fix not releasing read lock when adding flow rules + - net/mlx5: Fix possible deadlock from lockdep when adding fte to fg + - net/mlx5: Use u16 for Work Queue buffer fragment size + - [armhf, arm64] usb: dwc3: change stream event enable bit back to 13 + - [arm64] iommu/arm-smmu-v3: sync the OVACKFLG to PRIQ consumer register + - [armhf] iommu/io-pgtable-arm-v7s: Abort allocation when table address + overflows the PTE + - [armhf] iommu/io-pgtable-arm: Fix pgtable allocation in selftest + - ALSA: msnd: Fix the default sample sizes + - ALSA: usb-audio: Add support for Encore mDSD USB DAC + - ALSA: usb-audio: Fix multiple definitions in AU0828_DEVICE() macro + - xfrm: fix 'passing zero to ERR_PTR()' warning + - [amd64, arm64] amd-xgbe: use dma_mapping_error to check map errors + - nfp: don't fail probe on pci_sriov_set_totalvfs() errors + - iwlwifi: cancel the injective function between hw pointers to tfd entry + index + - gfs2: Special-case rindex for gfs2_grow + - [armhf] clk: imx6ul: fix missing of_node_put() + - [armhf] clk: imx6sll: fix missing of_node_put() + - [arm64] clk: mvebu: armada-37xx-periph: Fix wrong return value in + get_parent + - Input: pxrc - fix freeing URB on device teardown + - clk: core: Potentially free connection id + - clk: clk-fixed-factor: Clear OF_POPULATED flag in case of failure + - media: tw686x: Fix oops on buffer alloc failure + - [armhf] dmaengine: pl330: fix irq race with terminate_all + - [mips*] ath79: fix system restart + - media: videobuf2-core: check for q->error in vb2_core_qbuf() + - IB/rxe: Drop QP0 silently + - block: allow max_discard_segments to be stacked + - IB/ipoib: Fix error return code in ipoib_dev_init() + - mtd/maps: fix solutionengine.c printk format warnings + - gfs2: Don't reject a supposedly full bitmap if we have blocks reserved + - perf tools: Synthesize GROUP_DESC feature in pipe mode + - perf tools: Fix struct comm_str removal crash + - [powerpc*] perf: Fix callchain ip filtering when return address is in a + register + - fbdev: Distinguish between interlaced and progressive modes + - [armhf] exynos: Clear global variable on init error path + - [powerpc*] perf: Fix callchain ip filtering + - nvmet: fix file discard return status + - nvme-rdma: unquiesce queues when deleting the controller + - [armhf, arm64] KVM: vgic: Fix possible spectre-v1 write in + vgic_mmio_write_apr() + - [powerpc*] powerpc/powernv: opal_put_chars partial write fix + - perf script: Show correct offsets for DWARF-based unwinding + - ASoC: rt5514: Fix the issue of the delay volume applied + - [mips*] jz4740: Bump zload address + - mac80211: restrict delayed tailroom needed decrement + - Smack: Fix handling of IPv4 traffic received by PF_INET6 sockets + - wan/fsl_ucc_hdlc: use IS_ERR_VALUE() to check return value of + qe_muram_alloc + - [arm64] fix possible spectre-v1 write in ptrace_hbp_set_event() + - reset: imx7: Fix always writing bits as 0 + - efi/arm: preserve early mapping of UEFI memory map longer for BGRT + - ALSA: usb-audio: Generic DSD detection for Thesycon-based implementations + - nfp: avoid buffer leak when FW communication fails + - xen-netfront: fix queue name setting + - [arm64] dts: qcom: db410c: Fix Bluetooth LED trigger + - ARM: dts: qcom: msm8974-hammerhead: increase load on l20 for sdhci + - soc: qcom: smem: Correct check for global partition + - [s390x] qeth: fix race in used-buffer accounting + - [s390x] qeth: reset layer2 attribute on layer switch + - platform/x86: toshiba_acpi: Fix defined but not used build warnings + - KVM: arm/arm64: Fix vgic init race + - drivers/base: stop new probing during shutdown + - i2c: aspeed: Fix initial values of master and slave state + - drm/amd/pp: Set Max clock level to display by default + - regulator: qcom_spmi: Use correct regmap when checking for error + - regulator: qcom_spmi: Fix warning Bad of_node_put() + - iommu/ipmmu-vmsa: IMUCTRn.TTSEL needs a special usage on R-Car Gen3 + - dmaengine: mv_xor_v2: kill the tasklets upon exit + - crypto: sharah - Unregister correct algorithms for SAHARA 3 + - [x86] pti: Check the return value of pti_user_pagetable_walk_p4d() + - [x86] pti: Check the return value of pti_user_pagetable_walk_pmd() + - [x86} mm/pti: Add an overflow check to pti_clone_pmds() + - PCI/AER: Honor "pcie_ports=native" even if HEST sets FIRMWARE_FIRST + - xen-netfront: fix warn message as irq device name has '/' + - RDMA/cma: Protect cma dev list with lock + - pstore: Fix incorrect persistent ram buffer mapping + - xen/netfront: fix waiting for xenbus state change + - IB/ipoib: Avoid a race condition between start_xmit and cm_rep_handler + - [s390x] crypto: Fix return code checking in cbc_paes_crypt() + - [armhf] mmc: omap_hsmmc: fix wakeirq handling on removal + - ipmi: Rework SMI registration failure + - ipmi: Move BT capabilities detection to the detect call + - ipmi: Fix I2C client removal in the SSIF driver + - ovl: fix oopses in ovl_fill_super() failure paths + - vmbus: don't return values for uninitalized channels + - tools: hv: Fix a bug in the key delete code + - misc: ibmvsm: Fix wrong assignment of return code + - misc: hmc6352: fix potential Spectre v1 + - xhci: Fix use after free for URB cancellation on a reallocated endpoint + - usb: Don't die twice if PCI xhci host is not responding in resume + - usb: xhci: fix interrupt transfer error happened on MTK platforms + - usb: mtu3: fix error of xhci port id when enable U3 dual role + - mei: ignore not found client in the enumeration + - mei: bus: fix hw module get/put balance + - mei: bus: need to unlink client before freeing + - dm verity: fix crash on bufio buffer that was allocated with vmalloc + - usb: Add quirk to support DJI CineSSD + - usb: uas: add support for more quirk flags + - usb: Avoid use-after-free by flushing endpoints early in + usb_set_interface() + - usb: host: u132-hcd: Fix a sleep-in-atomic-context bug in u132_get_frame() + - usb: add quirk for WORLDE Controller KS49 or Prodipe MIDI 49C USB + controller + - usb: gadget: udc: renesas_usb3: fix maxpacket size of ep0 + - usb: net2280: Fix erroneous synchronization change + - usb: serial: io_ti: fix array underflow in completion handler + - usb: misc: uss720: Fix two sleep-in-atomic-context bugs + - usb: serial: ti_usb_3410_5052: fix array underflow in completion handler + - usb: yurex: Fix buffer over-read in yurex_write() + - usb: cdc-wdm: Fix a sleep-in-atomic-context bug in + service_outstanding_interrupt() + - Revert "cdc-acm: implement put_char() and flush_chars()" + - cifs: prevent integer overflow in nxt_dir_entry() + - CIFS: fix wrapping bugs in num_entries() + - cifs: integer overflow in in SMB2_ioctl() + - xtensa: ISS: don't allocate memory in platform_setup + - perf/core: Force USER_DS when recording user stack data + - perf tools: Fix maps__find_symbol_by_name() + - of: fix phandle cache creation for DTs with no phandles + - x86/EISA: Don't probe EISA bus for Xen PV guests + - NFSv4: Fix a tracepoint Oops in initiate_file_draining() + - NFSv4.1 fix infinite loop on I/O. + - of: add helper to lookup compatible child node + - mmc: meson-mx-sdio: fix OF child-node lookup + - binfmt_elf: Respect error return from `regset->active' + - net/mlx5: Add missing SET_DRIVER_VERSION command translation + - audit: fix use-after-free in audit_add_watch + - mtdchar: fix overflows in adjustment of `count` + - vfs: fix freeze protection in mnt_want_write_file() for overlayfs + - bpf: fix rcu annotations in compute_effective_progs() + - spi: dw: fix possible race condition + - Bluetooth: Use lock_sock_nested in bt_accept_enqueue + - evm: Don't deadlock if a crypto algorithm is unavailable + - [powerpc*] KVM: Book3S HV: Add of_node_put() in success path + - security: check for kstrdup() failure in lsm_append() + - PM / devfreq: use put_device() instead of kfree() + - [powerpc*] KVM: Book3S: Fix matching of hardware and emulated TCE tables + - configfs: fix registered group removal + - sched/core: Use smp_mb() in wake_woken_function() + - efi/esrt: Only call efi_mem_reserve() for boot services memory + - [arm64] net: hns3: Reset net device with rtnl_lock + - [arm64] net: hns3: Fix for reset_level default assignment probelm + - [arm64] hisi: handle of_iomap and fix missing of_node_put + - [arm64] hisi: fix error handling and missing of_node_put + - [arm64] net: hns3: Fix return value error in hns3_reset_notify_down_enet + - [arm64] hisi: check of_iomap and fix missing of_node_put + - liquidio: fix hang when re-binding VF host drv after running DPDK VF + driver + - [armhf] gpu: ipu-v3: csi: pass back mbus_code_to_bus_cfg error codes + - ASoC: hdmi-codec: fix routing + - serial: 8250: of: Correct of_platform_serial_setup() error handling + - tty: fix termios input-speed encoding when using BOTHER + - tty: fix termios input-speed encoding + - [armhf, arm64] mmc: tegra: prevent HS200 on Tegra 3 + - mmc: sdhci: do not try to use 3.3V signaling if not supported + - drm/nouveau: Fix runtime PM leak in drm_open() + - drm/nouveau/debugfs: Wake up GPU before doing any reclocking + - [armhf, arm64] drm/nouveau: tegra: Detach from ARM DMA/IOMMU mapping + - tls: Fix zerocopy_from_iter iov handling + - parport: sunbpp: fix error return code + - sched/fair: Fix util_avg of new tasks for asymmetric systems + - f2fs: do checkpoint in kill_sb + - drm/amd/display: support access ddc for mst branch + - gpiolib: Mark gpio_suffixes array with __maybe_unused + - [armhf, arm64] net: mvpp2: make sure we use single queue mode on PPv2.1 + - mfd: 88pm860x-i2c: switch to i2c_lock_bus(..., I2C_LOCK_SEGMENT) + - input: rohm_bu21023: switch to i2c_lock_bus(..., I2C_LOCK_SEGMENT) + - [x86] drm/amdkfd: Fix kernel queue 64 bit doorbell offset calculation + - [x86] drm/amdkfd: Fix error codes in kfd_get_process + - ALSA: pcm: Fix snd_interval_refine first/last with open min/max + - scsi: libfc: fixup 'sleeping function called from invalid context' + - scsi: lpfc: Fix NVME Target crash in defer rcv logic + - scsi: lpfc: Fix panic if driver unloaded when port is offline + - [arm64] perf: Disable PMU while processing counter overflows + - drm/amd/pp: Send khz clock values to DC for smu7/8 + - IB/mlx5: fix uaccess beyond "count" in debugfs read/write handlers + - blk-mq: only attempt to merge bio if there is rq in sw queue + - blk-mq: avoid to synchronize rcu inside blk_cleanup_queue() + - [arm64] pinctrl: msm: Fix msm_config_group_get() to be compliant + - [arm64] pinctrl: qcom: spmi-gpio: Fix pmic_gpio_config_get() to be + compliant + - [armhf, arm64] clk: tegra: bpmp: Don't crash when a clock fails to + register + - [x86] mei: bus: type promotion bug in mei_nfc_if_version() + - [x86] crypto: ccp - add timeout support in the SEV command [ Vagrant Cascadian ] * debian/rules.real: Generate linux-source tarball with root user and diff --git a/debian/patches-rt/of-allocate-free-phandle-cache-outside-of-the-devtre.patch b/debian/patches-rt/of-allocate-free-phandle-cache-outside-of-the-devtre.patch index b1d7f446a..19cc858d5 100644 --- a/debian/patches-rt/of-allocate-free-phandle-cache-outside-of-the-devtre.patch +++ b/debian/patches-rt/of-allocate-free-phandle-cache-outside-of-the-devtre.patch @@ -13,12 +13,12 @@ Cc: Frank Rowand Cc: devicetree@vger.kernel.org Signed-off-by: Sebastian Andrzej Siewior --- - drivers/of/base.c | 22 ++++++++++++++-------- + drivers/of/base.c | 22 ++++++++++++++-------- 1 file changed, 14 insertions(+), 8 deletions(-) --- a/drivers/of/base.c +++ b/drivers/of/base.c -@@ -108,43 +108,49 @@ void of_populate_phandle_cache(void) +@@ -108,46 +108,52 @@ void of_populate_phandle_cache(void) u32 cache_entries; struct device_node *np; u32 phandles = 0; @@ -36,6 +36,9 @@ Signed-off-by: Sebastian Andrzej Siewior + raw_spin_unlock_irqrestore(&devtree_lock, flags); + + if (!phandles) + goto out; + cache_entries = roundup_pow_of_two(phandles); phandle_cache_mask = cache_entries - 1; diff --git a/debian/patches/bugfix/x86/crypto-ccp-add-timeout-support-in-the-SEV-command.patch b/debian/patches/bugfix/x86/crypto-ccp-add-timeout-support-in-the-SEV-command.patch deleted file mode 100644 index e3a14c09f..000000000 --- a/debian/patches/bugfix/x86/crypto-ccp-add-timeout-support-in-the-SEV-command.patch +++ /dev/null @@ -1,121 +0,0 @@ -From: Brijesh Singh -Date: Wed, 15 Aug 2018 16:11:25 -0500 -Subject: [PATCH] crypto: ccp - add timeout support in the SEV command -Origin: https://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git/commit/?h=linus&id=3702a0585e64d70d5bf73bf3e943b8d6005b72c1 - -Currently, the CCP driver assumes that the SEV command issued to the PSP -will always return (i.e. it will never hang). But recently, firmware bugs -have shown that a command can hang. Since of the SEV commands are used -in probe routines, this can cause boot hangs and/or loss of virtualization -capabilities. - -To protect against firmware bugs, add a timeout in the SEV command -execution flow. If a command does not complete within the specified -timeout then return -ETIMEOUT and stop the driver from executing any -further commands since the state of the SEV firmware is unknown. - -Cc: Tom Lendacky -Cc: Gary Hook -Cc: Herbert Xu -Cc: linux-kernel@vger.kernel.org -Signed-off-by: Brijesh Singh -Signed-off-by: Herbert Xu ---- - drivers/crypto/ccp/psp-dev.c | 46 ++++++++++++++++++++++++++++++++---- - 1 file changed, 41 insertions(+), 5 deletions(-) - -diff --git a/drivers/crypto/ccp/psp-dev.c b/drivers/crypto/ccp/psp-dev.c -index 051b8c6bae64..19dde2e866c9 100644 ---- a/drivers/crypto/ccp/psp-dev.c -+++ b/drivers/crypto/ccp/psp-dev.c -@@ -38,6 +38,17 @@ static DEFINE_MUTEX(sev_cmd_mutex); - static struct sev_misc_dev *misc_dev; - static struct psp_device *psp_master; - -+static int psp_cmd_timeout = 100; -+module_param(psp_cmd_timeout, int, 0644); -+MODULE_PARM_DESC(psp_cmd_timeout, " default timeout value, in seconds, for PSP commands"); -+ -+static int psp_probe_timeout = 5; -+module_param(psp_probe_timeout, int, 0644); -+MODULE_PARM_DESC(psp_probe_timeout, " default timeout value, in seconds, during PSP device probe"); -+ -+static bool psp_dead; -+static int psp_timeout; -+ - static struct psp_device *psp_alloc_struct(struct sp_device *sp) - { - struct device *dev = sp->dev; -@@ -82,10 +93,19 @@ static irqreturn_t psp_irq_handler(int irq, void *data) - return IRQ_HANDLED; - } - --static void sev_wait_cmd_ioc(struct psp_device *psp, unsigned int *reg) -+static int sev_wait_cmd_ioc(struct psp_device *psp, -+ unsigned int *reg, unsigned int timeout) - { -- wait_event(psp->sev_int_queue, psp->sev_int_rcvd); -+ int ret; -+ -+ ret = wait_event_timeout(psp->sev_int_queue, -+ psp->sev_int_rcvd, timeout * HZ); -+ if (!ret) -+ return -ETIMEDOUT; -+ - *reg = ioread32(psp->io_regs + PSP_CMDRESP); -+ -+ return 0; - } - - static int sev_cmd_buffer_len(int cmd) -@@ -133,12 +153,15 @@ static int __sev_do_cmd_locked(int cmd, void *data, int *psp_ret) - if (!psp) - return -ENODEV; - -+ if (psp_dead) -+ return -EBUSY; -+ - /* Get the physical address of the command buffer */ - phys_lsb = data ? lower_32_bits(__psp_pa(data)) : 0; - phys_msb = data ? upper_32_bits(__psp_pa(data)) : 0; - -- dev_dbg(psp->dev, "sev command id %#x buffer 0x%08x%08x\n", -- cmd, phys_msb, phys_lsb); -+ dev_dbg(psp->dev, "sev command id %#x buffer 0x%08x%08x timeout %us\n", -+ cmd, phys_msb, phys_lsb, psp_timeout); - - print_hex_dump_debug("(in): ", DUMP_PREFIX_OFFSET, 16, 2, data, - sev_cmd_buffer_len(cmd), false); -@@ -154,8 +177,18 @@ static int __sev_do_cmd_locked(int cmd, void *data, int *psp_ret) - iowrite32(reg, psp->io_regs + PSP_CMDRESP); - - /* wait for command completion */ -- sev_wait_cmd_ioc(psp, ®); -+ ret = sev_wait_cmd_ioc(psp, ®, psp_timeout); -+ if (ret) { -+ if (psp_ret) -+ *psp_ret = 0; -+ -+ dev_err(psp->dev, "sev command %#x timed out, disabling PSP \n", cmd); -+ psp_dead = true; -+ -+ return ret; -+ } - -+ psp_timeout = psp_cmd_timeout; - if (psp_ret) - *psp_ret = reg & PSP_CMDRESP_ERR_MASK; - -@@ -886,6 +919,9 @@ void psp_pci_init(void) - - psp_master = sp->psp_data; - -+ psp_timeout = psp_probe_timeout; -+ -+ - if (sev_get_api_version()) - goto err; - --- -2.18.0 - diff --git a/debian/patches/series b/debian/patches/series index 33d2d9338..695f27d1b 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -71,7 +71,6 @@ bugfix/x86/perf-tools-fix-unwind-build-on-i386.patch bugfix/sh/sh-boot-do-not-use-hyphen-in-exported-variable-name.patch bugfix/x86/mmap-remember-the-map_fixed-flag-as-vm_fixed.patch bugfix/x86/mmap-add-an-exception-to-the-stack-gap-for-hotspot-jvm.patch -bugfix/x86/crypto-ccp-add-timeout-support-in-the-SEV-command.patch bugfix/powerpc/powerpc-lib-sstep-fix-building-for-powerpcspe.patch bugfix/powerpc/powerpc-lib-makefile-don-t-pull-in-quad.o-for-32-bit.patch bugfix/arm/arm-mm-export-__sync_icache_dcache-for-xen-privcmd.patch