1. 05 Dec, 2022 1 commit
    • Ard Biesheuvel's avatar
      efi: Put Linux specific magic number in the DOS header · 29636a5c
      Ard Biesheuvel authored
      GRUB currently relies on the magic number in the image header of ARM and
      arm64 EFI kernel images to decide whether or not the image in question
      is a bootable kernel.
      
      However, the purpose of the magic number is to identify the image as one
      that implements the bare metal boot protocol, and so GRUB, which only
      does EFI boot, is limited unnecessarily to booting images that could
      potentially be booted in a non-EFI manner as well.
      
      This is problematic for the new zboot decompressor image format, as it
      can only boot in EFI mode, and must therefore not use the bare metal
      boot magic number in its header.
      
      For this reason, the strict magic number was dropped from GRUB, to
      permit essentially any kind of EFI executable to be booted via the
      'linux' command, blurring the line between the linux loader and the
      chainloader.
      
      So let's use the same field in the DOS header that RISC-V and arm64
      already use for their 'bare metal' magic numbers to store a 'generic
      Linux kernel' magic number, which can be used to identify bootable
      kernel images in PE format which don't necessarily implement a bare
      metal boot protocol in the same binary. Note that, in the context of
      EFI, the MS-DOS header is only described in terms of the fields that it
      shares with the hybrid PE/COFF image format, (i.e., the MS-DOS EXE magic
      number at offset #0 and the PE header offset at byte offset #0x3c).
      Since we aim for compatibility with EFI only, and not with MS-DOS or
      MS-Windows, we can use the remaining space in the MS-DOS header however
      we want.
      
      Let's set the generic magic number for x86 images as well: existing
      bootloaders already have their own methods to identify x86 Linux images
      that can be booted in a non-EFI manner, and having the magic number in
      place there will ease any future transitions in loader implementations
      to merge the x86 and non-x86 EFI boot paths.
      
      Note that 32-bit ARM already uses the same location in the header for a
      different purpose, but the ARM support is already widely implemented and
      the EFI zboot decompressor is not available on ARM anyway, so we just
      disregard it here.
      Acked-by: default avatarLeif Lindholm <quic_llindhol@quicinc.com>
      Reviewed-by: default avatarDaniel Kiper <daniel.kiper@oracle.com>
      Signed-off-by: default avatarArd Biesheuvel <ardb@kernel.org>
      29636a5c
  2. 01 Dec, 2022 3 commits
  3. 18 Nov, 2022 16 commits
    • Ard Biesheuvel's avatar
      efi: random: combine bootloader provided RNG seed with RNG protocol output · 196dff27
      Ard Biesheuvel authored
      Instead of blindly creating the EFI random seed configuration table if
      the RNG protocol is implemented and works, check whether such a EFI
      configuration table was provided by an earlier boot stage and if so,
      concatenate the existing and the new seeds, leaving it up to the core
      code to mix it in and credit it the way it sees fit.
      
      This can be used for, e.g., systemd-boot, to pass an additional seed to
      Linux in a way that can be consumed by the kernel very early. In that
      case, the following definitions should be used to pass the seed to the
      EFI stub:
      
      struct linux_efi_random_seed {
            u32     size; // of the 'seed' array in bytes
            u8      seed[];
      };
      
      The memory for the struct must be allocated as EFI_ACPI_RECLAIM_MEMORY
      pool memory, and the address of the struct in memory should be installed
      as a EFI configuration table using the following GUID:
      
      LINUX_EFI_RANDOM_SEED_TABLE_GUID        1ce1e5bc-7ceb-42f2-81e5-8aadf180f57b
      
      Note that doing so is safe even on kernels that were built without this
      patch applied, but the seed will simply be overwritten with a seed
      derived from the EFI RNG protocol, if available. The recommended seed
      size is 32 bytes, and seeds larger than 512 bytes are considered
      corrupted and ignored entirely.
      
      In order to preserve forward secrecy, seeds from previous bootloaders
      are memzero'd out, and in order to preserve memory, those older seeds
      are also freed from memory. Freeing from memory without first memzeroing
      is not safe to do, as it's possible that nothing else will ever
      overwrite those pages used by EFI.
      Reviewed-by: default avatarJason A. Donenfeld <Jason@zx2c4.com>
      [ardb: incorporate Jason's followup changes to extend the maximum seed
             size on the consumer end, memzero() it and drop a needless printk]
      Signed-off-by: default avatarArd Biesheuvel <ardb@kernel.org>
      196dff27
    • Smita Koralahalli's avatar
      efi/cper, cxl: Decode CXL Error Log · 2fb6999d
      Smita Koralahalli authored
      Print the CXL Error Log field as found in CXL Protocol Error Section.
      
      The CXL RAS Capability structure will be reused by OS First Handling
      and the duplication/appropriate placement will be addressed eventually.
      Signed-off-by: default avatarSmita Koralahalli <Smita.KoralahalliChannabasappa@amd.com>
      Reviewed-by: default avatarJonathan Cameron <Jonathan.Cameron@huawei.com>
      Signed-off-by: default avatarArd Biesheuvel <ardb@kernel.org>
      2fb6999d
    • Smita Koralahalli's avatar
      efi/cper, cxl: Decode CXL Protocol Error Section · abdbf1a2
      Smita Koralahalli authored
      Add support for decoding CXL Protocol Error Section as defined in UEFI 2.10
      Section N.2.13.
      
      Do the section decoding in a new cper_cxl.c file. This new file will be
      used in the future for more CXL CPERs decode support. Add this to the
      existing UEFI_CPER config.
      Signed-off-by: default avatarSmita Koralahalli <Smita.KoralahalliChannabasappa@amd.com>
      Reviewed-by: default avatarJonathan Cameron <Jonathan.Cameron@huawei.com>
      Signed-off-by: default avatarArd Biesheuvel <ardb@kernel.org>
      abdbf1a2
    • Jialin Zhang's avatar
      efi: libstub: fix efi_load_initrd_dev_path() kernel-doc comment · d981a88c
      Jialin Zhang authored
      commit f4dc7fff ("efi: libstub: unify initrd loading between
      architectures") merge the first and the second parameters into a
      struct without updating the kernel-doc. Let's fix it.
      Signed-off-by: default avatarJialin Zhang <zhangjialin11@huawei.com>
      Signed-off-by: default avatarArd Biesheuvel <ardb@kernel.org>
      d981a88c
    • Ard Biesheuvel's avatar
      efi: x86: Move EFI runtime map sysfs code to arch/x86 · 1fff234d
      Ard Biesheuvel authored
      The EFI runtime map code is only wired up on x86, which is the only
      architecture that has a need for it in its implementation of kexec.
      
      So let's move this code under arch/x86 and drop all references to it
      from generic code. To ensure that the efi_runtime_map_init() is invoked
      at the appropriate time use a 'sync' subsys_initcall() that will be
      called right after the EFI initcall made from generic code where the
      original invocation of efi_runtime_map_init() resided.
      Signed-off-by: default avatarArd Biesheuvel <ardb@kernel.org>
      Reviewed-by: default avatarDave Young <dyoung@redhat.com>
      1fff234d
    • Ard Biesheuvel's avatar
      efi: runtime-maps: Clarify purpose and enable by default for kexec · 8dfac4d8
      Ard Biesheuvel authored
      The current Kconfig logic for CONFIG_EFI_RUNTIME_MAPS does not convey
      that without it, a kexec kernel is not able to boot in EFI mode at all.
      So clarify this, and make the option only configurable via the menu
      system if CONFIG_EXPERT is set.
      Signed-off-by: default avatarArd Biesheuvel <ardb@kernel.org>
      Reviewed-by: default avatarDave Young <dyoung@redhat.com>
      8dfac4d8
    • Guilherme G. Piccoli's avatar
      efi: pstore: Add module parameter for setting the record size · 36d5786a
      Guilherme G. Piccoli authored
      By default, the efi-pstore backend hardcode the UEFI variable size
      as 1024 bytes. The historical reasons for that were discussed by
      Ard in threads [0][1]:
      
      "there is some cargo cult from prehistoric EFI times going
      on here, it seems. Or maybe just misinterpretation of the maximum
      size for the variable *name* vs the variable itself.".
      
      "OVMF has
      OvmfPkg/OvmfPkgX64.dsc:
      gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize|0x2000
      OvmfPkg/OvmfPkgX64.dsc:
      gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize|0x8400
      
      where the first one is without secure boot and the second with secure
      boot. Interestingly, the default is
      
      gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize|0x400
      
      so this is probably where this 1k number comes from."
      
      With that, and since there is not such a limit in the UEFI spec, we
      have the confidence to hereby add a module parameter to enable advanced
      users to change the UEFI record size for efi-pstore data collection,
      this way allowing a much easier reading of the collected log, which
      wouldn't be scattered anymore among many small files.
      
      Through empirical analysis we observed that extreme low values (like 8
      bytes) could eventually cause writing issues, so given that and the OVMF
      default discussed, we limited the minimum value to 1024 bytes, which also
      is still the default.
      
      [0] https://lore.kernel.org/lkml/CAMj1kXF4UyRMh2Y_KakeNBHvkHhTtavASTAxXinDO1rhPe_wYg@mail.gmail.com/
      [1] https://lore.kernel.org/lkml/CAMj1kXFy-2KddGu+dgebAdU9v2sindxVoiHLWuVhqYw+R=kqng@mail.gmail.com/Signed-off-by: default avatarGuilherme G. Piccoli <gpiccoli@igalia.com>
      Signed-off-by: default avatarArd Biesheuvel <ardb@kernel.org>
      36d5786a
    • Ard Biesheuvel's avatar
      efi: xen: Set EFI_PARAVIRT for Xen dom0 boot on all architectures · d85e3e34
      Ard Biesheuvel authored
      Currently, the EFI_PARAVIRT flag is only used by Xen dom0 boot on x86,
      even though other architectures also support pseudo-EFI boot, where the
      core kernel is invoked directly and provided with a set of data tables
      that resemble the ones constructed by the EFI stub, which never actually
      runs in that case.
      
      Let's fix this inconsistency, and always set this flag when booting dom0
      via the EFI boot path. Note that Xen on x86 does not provide the EFI
      memory map in this case, whereas other architectures do, so move the
      associated EFI_PARAVIRT check into the x86 platform code.
      Signed-off-by: default avatarArd Biesheuvel <ardb@kernel.org>
      d85e3e34
    • Ard Biesheuvel's avatar
      efi: memmap: Move manipulation routines into x86 arch tree · fdc6d38d
      Ard Biesheuvel authored
      The EFI memory map is a description of the memory layout as provided by
      the firmware, and only x86 manipulates it in various different ways for
      its own memory bookkeeping. So let's move the memmap routines that are
      only used by x86 into the x86 arch tree.
      Signed-off-by: default avatarArd Biesheuvel <ardb@kernel.org>
      fdc6d38d
    • Ard Biesheuvel's avatar
      efi: memmap: Move EFI fake memmap support into x86 arch tree · 4059ba65
      Ard Biesheuvel authored
      The EFI fake memmap support is specific to x86, which manipulates the
      EFI memory map in various different ways after receiving it from the EFI
      stub. On other architectures, we have managed to push back on this, and
      the EFI memory map is kept pristine.
      
      So let's move the fake memmap code into the x86 arch tree, where it
      arguably belongs.
      Signed-off-by: default avatarArd Biesheuvel <ardb@kernel.org>
      4059ba65
    • Ard Biesheuvel's avatar
      efi: libstub: Undeprecate the command line initrd loader · 75e1a246
      Ard Biesheuvel authored
      The initrd= command line loader can be useful for development, but it
      was limited to loading files from the same file system as the loaded
      kernel (and it didn't work on x86 mixed mode).
      
      As both issues have been fixed, and the initrd= can now be used with
      files residing on any simple file system exposed by the EFI firmware,
      let's permit it to be enabled on RISC-V and LoongArch, which did not
      support it up to this point.
      
      Note that LoadFile2 remains the preferred option, as it is much simpler
      to use and implement, but generic loaders (including the UEFI shell) may
      not implement this so there, initrd= can now be used as well (if enabled
      in the build)
      Signed-off-by: default avatarArd Biesheuvel <ardb@kernel.org>
      75e1a246
    • Ard Biesheuvel's avatar
      efi: libstub: Add mixed mode support to command line initrd loader · f8a31244
      Ard Biesheuvel authored
      Now that we have support for calling protocols that need additional
      marshalling for mixed mode, wire up the initrd command line loader.
      Signed-off-by: default avatarArd Biesheuvel <ardb@kernel.org>
      f8a31244
    • Ard Biesheuvel's avatar
      efi: libstub: Permit mixed mode return types other than efi_status_t · a61962d8
      Ard Biesheuvel authored
      Rework the EFI stub macro wrappers around protocol method calls and
      other indirect calls in order to allow return types other than
      efi_status_t. This means the widening should be conditional on whether
      or not the return type is efi_status_t, and should be omitted otherwise.
      
      Also, switch to _Generic() to implement the type based compile time
      conditionals, which is more concise, and distinguishes between
      efi_status_t and u64 properly.
      Signed-off-by: default avatarArd Biesheuvel <ardb@kernel.org>
      a61962d8
    • Ard Biesheuvel's avatar
      efi: libstub: Implement devicepath support for initrd commandline loader · 70912985
      Ard Biesheuvel authored
      Currently, the initrd= command line option to the EFI stub only supports
      loading files that reside on the same volume as the loaded image, which
      is not workable for loaders like GRUB that don't even implement the
      volume abstraction (EFI_SIMPLE_FILE_SYSTEM_PROTOCOL), and load the
      kernel from an anonymous buffer in memory. For this reason, another
      method was devised that relies on the LoadFile2 protocol.
      
      However, the command line loader is rather useful when using the UEFI
      shell or other generic loaders that have no awareness of Linux specific
      protocols so let's make it a bit more flexible, by permitting textual
      device paths to be provided to initrd= as well, provided that they refer
      to a file hosted on a EFI_SIMPLE_FILE_SYSTEM_PROTOCOL volume. E.g.,
      
        initrd=PciRoot(0x0)/Pci(0x3,0x0)/HD(1,MBR,0xBE1AFDFA,0x3F,0xFBFC1)/rootfs.cpio.gz
      Signed-off-by: default avatarArd Biesheuvel <ardb@kernel.org>
      70912985
    • Ard Biesheuvel's avatar
      efi: libstub: use EFI_LOADER_CODE region when moving the kernel in memory · 9cf42bca
      Ard Biesheuvel authored
      The EFI spec is not very clear about which permissions are being given
      when allocating pages of a certain type. However, it is quite obvious
      that EFI_LOADER_CODE is more likely to permit execution than
      EFI_LOADER_DATA, which becomes relevant once we permit booting the
      kernel proper with the firmware's 1:1 mapping still active.
      
      Ostensibly, recent systems such as the Surface Pro X grant executable
      permissions to EFI_LOADER_CODE regions but not EFI_LOADER_DATA regions.
      Signed-off-by: default avatarArd Biesheuvel <ardb@kernel.org>
      9cf42bca
    • Ard Biesheuvel's avatar
      97712289
  4. 13 Nov, 2022 3 commits
  5. 12 Nov, 2022 6 commits
    • Linus Torvalds's avatar
      Merge tag 'scsi-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi · fef7fd48
      Linus Torvalds authored
      Pull SCSI fixes from James Bottomley:
       "Three small fixes, all in drivers.
      
        The sas one is in an unlikely error leg, the debug one is to make it
        more standards conformant and the ibmvfc one is to fix a user visible
        bug where a failover could lose all paths to the device"
      
      * tag 'scsi-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi:
        scsi: scsi_debug: Make the READ CAPACITY response compliant with ZBC
        scsi: scsi_transport_sas: Fix error handling in sas_phy_add()
        scsi: ibmvfc: Avoid path failures during live migration
      fef7fd48
    • Linus Torvalds's avatar
      Merge tag 'sound-fix-6.1-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound · f95077ac
      Linus Torvalds authored
      Pull additional sound fix from Takashi Iwai:
       "A regression fix for the latest memalloc helper change"
      
      * tag 'sound-fix-6.1-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound:
        ALSA: memalloc: Try dma_alloc_noncontiguous() at first
      f95077ac
    • Takashi Iwai's avatar
      ALSA: memalloc: Try dma_alloc_noncontiguous() at first · 9d8e536d
      Takashi Iwai authored
      The latest fix for the non-contiguous memalloc helper changed the
      allocation method for a non-IOMMU system to use only the fallback
      allocator.  This should have worked, but it caused a problem sometimes
      when too many non-contiguous pages are allocated that can't be treated
      by HD-audio controller.
      
      As a quirk workaround, go back to the original strategy: use
      dma_alloc_noncontiguous() at first, and apply the fallback only when
      it fails, but only for non-IOMMU case.
      
      We'll need a better fix in the fallback code as well, but this
      workaround should paper over most cases.
      
      Fixes: 9736a325 ("ALSA: memalloc: Don't fall back for SG-buffer with IOMMU")
      Reported-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      Link: https://lore.kernel.org/r/CAHk-=wgSH5ubdvt76gNwa004ooZAEJL_1Q-Fyw5M2FDdqL==dg@mail.gmail.com
      Link: https://lore.kernel.org/r/20221112084718.3305-1-tiwai@suse.deSigned-off-by: default avatarTakashi Iwai <tiwai@suse.de>
      9d8e536d
    • Linus Torvalds's avatar
      Merge tag 'ata-6.1-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/dlemoal/libata · 8f2975c2
      Linus Torvalds authored
      Pull ata fixes from Damien Le Moal:
       "Several libata generic code fixes for rc5:
      
         - Add missing translation of the SYNCHRONIZE CACHE 16 scsi command as
           this command is mandatory for host-managed ZBC drives.
      
           The lack of support for it in libata-scsi was causing issues with
           some passthrough applications using ZBC drives (from Shin'ichiro).
      
         - Fix the error path of libata-transport host, port, link and device
           attributes initialization (from Yingliang).
      
         - Prevent issuing new commands to a drive that is in the NCQ error
           state and undergoing recovery (From Niklas).
      
           This bug went unnoticed for a long time as commands issued to a
           drive in error state are aborted immediately and retried by the
           scsi layer, hiding the useless abort-and-retry sequence"
      
      * tag 'ata-6.1-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/dlemoal/libata:
        ata: libata-core: do not issue non-internal commands once EH is pending
        ata: libata-transport: fix error handling in ata_tdev_add()
        ata: libata-transport: fix error handling in ata_tlink_add()
        ata: libata-transport: fix error handling in ata_tport_add()
        ata: libata-transport: fix double ata_host_put() in ata_tport_add()
        ata: libata-scsi: fix SYNCHRONIZE CACHE (16) command failure
      8f2975c2
    • Linus Torvalds's avatar
      Merge tag 'mm-hotfixes-stable-2022-11-11' of git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm · d7c2b1f6
      Linus Torvalds authored
      Pull misc hotfixes from Andrew Morton:
       "22 hotfixes.
      
        Eight are cc:stable and the remainder address issues which were
        introduced post-6.0 or which aren't considered serious enough to
        justify a -stable backport"
      
      * tag 'mm-hotfixes-stable-2022-11-11' of git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm: (22 commits)
        docs: kmsan: fix formatting of "Example report"
        mm/damon/dbgfs: check if rm_contexts input is for a real context
        maple_tree: don't set a new maximum on the node when not reusing nodes
        maple_tree: fix depth tracking in maple_state
        arch/x86/mm/hugetlbpage.c: pud_huge() returns 0 when using 2-level paging
        fs: fix leaked psi pressure state
        nilfs2: fix use-after-free bug of ns_writer on remount
        x86/traps: avoid KMSAN bugs originating from handle_bug()
        kmsan: make sure PREEMPT_RT is off
        Kconfig.debug: ensure early check for KMSAN in CONFIG_KMSAN_WARN
        x86/uaccess: instrument copy_from_user_nmi()
        kmsan: core: kmsan_in_runtime() should return true in NMI context
        mm: hugetlb_vmemmap: include missing linux/moduleparam.h
        mm/shmem: use page_mapping() to detect page cache for uffd continue
        mm/memremap.c: map FS_DAX device memory as decrypted
        Partly revert "mm/thp: carry over dirty bit when thp splits on pmd"
        nilfs2: fix deadlock in nilfs_count_free_blocks()
        mm/mmap: fix memory leak in mmap_region()
        hugetlbfs: don't delete error page from pagecache
        maple_tree: reorganize testing to restore module testing
        ...
      d7c2b1f6
    • Linus Torvalds's avatar
      Merge tag 'arm64-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux · 5ad6e7ba
      Linus Torvalds authored
      Pull arm64 fixes from Catalin Marinas:
      
       - Another fix for rodata=full. Since rodata= is not a simple boolean on
         arm64 (accepting 'full' as well), it got inadvertently broken by
         changes in the core code. If rodata=on is the default and rodata=off
         is passed on the kernel command line, rodata_full is never disabled
      
       - Fix gcc compiler warning of shifting 0xc0 into bits 31:24 without an
         explicit conversion to u32 (triggered by the AMPERE1 MIDR definition)
      
       - Include asm/ptrace.h in asm/syscall_wrapper.h to fix an incomplete
         struct pt_regs type causing the BPF verifier to refuse to load a
         tracing program which accesses pt_regs
      
      * tag 'arm64-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux:
        arm64/syscall: Include asm/ptrace.h in syscall_wrapper header.
        arm64: Fix bit-shifting UB in the MIDR_CPU_MODEL() macro
        arm64: fix rodata=full again
      5ad6e7ba
  6. 11 Nov, 2022 11 commits
    • Niklas Cassel's avatar
      ata: libata-core: do not issue non-internal commands once EH is pending · e20e81a2
      Niklas Cassel authored
      While the ATA specification states that a device should return command
      aborted for all commands queued after the device has entered error state,
      since ATA only keeps the sense data for the latest command (in non-NCQ
      case), we really don't want to send block layer commands to the device
      after it has entered error state. (Only ATA EH commands should be sent,
      to read the sense data etc.)
      
      Currently, scsi_queue_rq() will check if scsi_host_in_recovery()
      (state is SHOST_RECOVERY), and if so, it will _not_ issue a command via:
      scsi_dispatch_cmd() -> host->hostt->queuecommand() (ata_scsi_queuecmd())
      -> __ata_scsi_queuecmd() -> ata_scsi_translate() -> ata_qc_issue()
      
      Before commit e494f6a7 ("[SCSI] improved eh timeout handler"),
      when receiving a TFES error IRQ, the call chain looked like this:
      ahci_error_intr() -> ata_port_abort() -> ata_do_link_abort() ->
      ata_qc_complete() -> ata_qc_schedule_eh() -> blk_abort_request() ->
      blk_rq_timed_out() -> q->rq_timed_out_fn() (scsi_times_out()) ->
      scsi_eh_scmd_add() -> scsi_host_set_state(shost, SHOST_RECOVERY)
      
      Which meant that as soon as an error IRQ was serviced, SHOST_RECOVERY
      would be set.
      
      However, after commit e494f6a7 ("[SCSI] improved eh timeout handler"),
      scsi_times_out() will instead call scsi_abort_command() which will queue
      delayed work, and the worker function scmd_eh_abort_handler() will call
      scsi_eh_scmd_add(), which calls scsi_host_set_state(shost, SHOST_RECOVERY).
      
      So now, after the TFES error IRQ has been serviced, we need to wait for
      the SCSI workqueue to run its work before SHOST_RECOVERY gets set.
      
      It is worth noting that, even before commit e494f6a7 ("[SCSI] improved
      eh timeout handler"), we could receive an error IRQ from the time when
      scsi_queue_rq() checks scsi_host_in_recovery(), to the time when
      ata_scsi_queuecmd() is actually called.
      
      In order to handle both the delayed setting of SHOST_RECOVERY and the
      window where we can receive an error IRQ, add a check against
      ATA_PFLAG_EH_PENDING (which gets set when servicing the error IRQ),
      inside ata_scsi_queuecmd() itself, while holding the ap->lock.
      (Since the ap->lock is held while servicing IRQs.)
      
      Fixes: e494f6a7 ("[SCSI] improved eh timeout handler")
      Signed-off-by: default avatarNiklas Cassel <niklas.cassel@wdc.com>
      Tested-by: default avatarJohn Garry <john.g.garry@oracle.com>
      Signed-off-by: default avatarDamien Le Moal <damien.lemoal@opensource.wdc.com>
      e20e81a2
    • Linus Torvalds's avatar
      Merge tag 'block-6.1-2022-11-11' of git://git.kernel.dk/linux · b0b6e2c9
      Linus Torvalds authored
      Pull block fixes from Jens Axboe:
      
       - NVMe pull request via Christoph:
              - Quiet user passthrough command errors (Keith Busch)
              - Fix memory leak in nvmet_subsys_attr_model_store_locked
              - Fix a memory leak in nvmet-auth (Sagi Grimberg)
      
       - Fix a potential NULL point deref in bfq (Yu)
      
       - Allocate command/response buffers separately for DMA for sed-opal,
         rather than rely on embedded alignment (Serge)
      
      * tag 'block-6.1-2022-11-11' of git://git.kernel.dk/linux:
        nvmet: fix a memory leak
        nvmet: fix memory leak in nvmet_subsys_attr_model_store_locked
        nvme: quiet user passthrough command errors
        block: sed-opal: kmalloc the cmd/resp buffers
        block, bfq: fix null pointer dereference in bfq_bio_bfqg()
      b0b6e2c9
    • Linus Torvalds's avatar
      Merge tag 'io_uring-6.1-2022-11-11' of git://git.kernel.dk/linux · 4e6b2b2e
      Linus Torvalds authored
      Pull io_uring fixes from Jens Axboe:
       "Nothing major, just a few minor tweaks:
      
         - Tweak for the TCP zero-copy io_uring self test (Pavel)
      
         - Rather than use our internal cached value of number of CQ events
           available, use what the user can see (Dylan)
      
         - Fix a typo in a comment, added in this release (me)
      
         - Don't allow wrapping while adding provided buffers (me)
      
         - Fix a double poll race, and add a lockdep assertion for it too
           (Pavel)"
      
      * tag 'io_uring-6.1-2022-11-11' of git://git.kernel.dk/linux:
        io_uring/poll: lockdep annote io_poll_req_insert_locked
        io_uring/poll: fix double poll req->flags races
        io_uring: check for rollover of buffer ID when providing buffers
        io_uring: calculate CQEs from the user visible value
        io_uring: fix typo in io_uring.h comment
        selftests/net: don't tests batched TCP io_uring zc
      4e6b2b2e
    • Linus Torvalds's avatar
      Merge tag 's390-6.1-4' of git://git.kernel.org/pub/scm/linux/kernel/git/s390/linux · f5020a08
      Linus Torvalds authored
      Pull s390 fixes from Alexander Gordeev:
      
       - fix memcpy warning about field-spanning write in zcrypt driver
      
       - minor updates to defconfigs
      
       - remove CONFIG_DEBUG_INFO_BTF from all defconfigs and add btf.config
         addon config file. It significantly decreases compile time and allows
         quickly enabling that option into the current kernel config
      
       - add kasan.config addon config file which allows to easily enable
         KASAN into the current kernel config
      
       - binutils commit 906f69cf65da ("IBM zSystems: Issue error for *DBL
         relocs on misaligned symbols") caused several link errors. Always
         build relocatable kernel to avoid this problem
      
       - raise the minimum clang version to 15.0.0 to avoid silent generation
         of a corrupted code
      
      * tag 's390-6.1-4' of git://git.kernel.org/pub/scm/linux/kernel/git/s390/linux:
        scripts/min-tool-version.sh: raise minimum clang version to 15.0.0 for s390
        s390: always build relocatable kernel
        s390/configs: add kasan.config addon config file
        s390/configs: move CONFIG_DEBUG_INFO_BTF into btf.config addon config
        s390: update defconfigs
        s390/zcrypt: fix warning about field-spanning write
      f5020a08
    • Linus Torvalds's avatar
      Merge tag 'hardening-v6.1-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux · df65494f
      Linus Torvalds authored
      Pull kernel hardening fix from Kees Cook:
      
       - Fix !SMP placement of '.data..decrypted' section (Nathan Chancellor)
      
      * tag 'hardening-v6.1-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux:
        vmlinux.lds.h: Fix placement of '.data..decrypted' section
      df65494f
    • Linus Torvalds's avatar
      Merge tag 'nfsd-6.1-4' of git://git.kernel.org/pub/scm/linux/kernel/git/cel/linux · f9bbe0c9
      Linus Torvalds authored
      Pull nfsd fixes from Chuck Lever:
      
       - Fix an export leak
      
       - Fix a potential tracepoint crash
      
      * tag 'nfsd-6.1-4' of git://git.kernel.org/pub/scm/linux/kernel/git/cel/linux:
        nfsd: put the export reference in nfsd4_verify_deleg_dentry
        nfsd: fix use-after-free in nfsd_file_do_acquire tracepoint
      f9bbe0c9
    • Linus Torvalds's avatar
      Merge tag 'fixes_for_v6.1-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/jack/linux-fs · e2559b79
      Linus Torvalds authored
      Pull UDF fix from Jan Kara:
       "Fix a possible memory corruption with UDF"
      
      * tag 'fixes_for_v6.1-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/jack/linux-fs:
        udf: Fix a slab-out-of-bounds write bug in udf_find_entry()
      e2559b79
    • Linus Torvalds's avatar
      Merge tag 'perf-tools-fixes-for-v6.1-2-2022-11-10' of... · eb037f16
      Linus Torvalds authored
      Merge tag 'perf-tools-fixes-for-v6.1-2-2022-11-10' of git://git.kernel.org/pub/scm/linux/kernel/git/acme/linux
      
      Pull perf tools fixes from Arnaldo Carvalho de Melo:
      
       - Fix 'perf stat' crash with --per-node --metric-only in CSV mode, due
         to the AGGR_NODE slot in the 'aggr_header_csv' array not being set.
      
       - Fix printing prefix in CSV output of 'perf stat' metrics in interval
         mode (-I), where an extra separator was being added to the start of
         some lines.
      
       - Fix skipping branch stack sampling 'perf test' entry, that was using
         both --branch-any and --branch-filter, which can't be used together.
      
      * tag 'perf-tools-fixes-for-v6.1-2-2022-11-10' of git://git.kernel.org/pub/scm/linux/kernel/git/acme/linux:
        perf tools: Add the include/perf/ directory to .gitignore
        perf test: Fix skipping branch stack sampling test
        perf stat: Fix printing os->prefix in CSV metrics output
        perf stat: Fix crash with --per-node --metric-only in CSV mode
      eb037f16
    • Linus Torvalds's avatar
      Merge tag 'riscv-for-linus-6.1-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/riscv/linux · 991f173c
      Linus Torvalds authored
      Pull RISC-V fixes from Palmer Dabbelt:
      
       - A fix to add the missing PWM LEDs into the SiFive HiFive Unleashed
         device tree.
      
       - A fix to fully clear a task's registers on creation, as they end up
         in userspace and thus leak kernel memory.
      
       - A pair of VDSO-related build fixes that manifest on recent LLVM-based
         toolchains.
      
       - A fix to our early init to ensure the DT is adequately processed
         before reserved memory nodes are processed.
      
      * tag 'riscv-for-linus-6.1-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/riscv/linux:
        RISC-V: vdso: Do not add missing symbols to version section in linker script
        riscv: fix reserved memory setup
        riscv: vdso: fix build with llvm
        riscv: process: fix kernel info leakage
        riscv: dts: sifive unleashed: Add PWM controlled LEDs
      991f173c
    • Linus Torvalds's avatar
      Merge tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm · 74bd160f
      Linus Torvalds authored
      Pull kvm
       "This is a pretty large diffstat for this time of the release. The main
        culprit is a reorganization of the AMD assembly trampoline, allowing
        percpu variables to be accessed early.
      
        This is needed for the return stack depth tracking retbleed mitigation
        that will be in 6.2, but it also makes it possible to tighten the IBRS
        restore on vmexit. The latter change is a long tail of the
        spectrev2/retbleed patches (the corresponding Intel change was simpler
        and went in already last June), which is why I am including it right
        now instead of sharing a topic branch with tip.
      
        Being assembly and being rich in comments makes the line count balloon
        a bit, but I am pretty confident in the change (famous last words)
        because the reorganization actually makes everything simpler and more
        understandable than before. It has also had external review and has
        been tested on the aforementioned 6.2 changes, which explode quite
        brutally without the fix.
      
        Apart from this, things are pretty normal.
      
        s390:
      
         - PCI fix
      
         - PV clock fix
      
        x86:
      
         - Fix clash between PMU MSRs and other MSRs
      
         - Prepare SVM assembly trampoline for 6.2 retbleed mitigation and
           for...
      
         - ... tightening IBRS restore on vmexit, moving it before the first
           RET or indirect branch
      
         - Fix log level for VMSA dump
      
         - Block all page faults during kvm_zap_gfn_range()
      
        Tools:
      
         - kvm_stat: fix incorrect detection of debugfs
      
         - kvm_stat: update vmexit definitions"
      
      * tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm:
        KVM: x86/mmu: Block all page faults during kvm_zap_gfn_range()
        KVM: x86/pmu: Limit the maximum number of supported AMD GP counters
        KVM: x86/pmu: Limit the maximum number of supported Intel GP counters
        KVM: x86/pmu: Do not speculatively query Intel GP PMCs that don't exist yet
        KVM: SVM: Only dump VMSA to klog at KERN_DEBUG level
        tools/kvm_stat: update exit reasons for vmx/svm/aarch64/userspace
        tools/kvm_stat: fix incorrect detection of debugfs
        x86, KVM: remove unnecessary argument to x86_virt_spec_ctrl and callers
        KVM: SVM: move MSR_IA32_SPEC_CTRL save/restore to assembly
        KVM: SVM: restore host save area from assembly
        KVM: SVM: move guest vmsave/vmload back to assembly
        KVM: SVM: do not allocate struct svm_cpu_data dynamically
        KVM: SVM: remove dead field from struct svm_cpu_data
        KVM: SVM: remove unused field from struct vcpu_svm
        KVM: SVM: retrieve VMCB from assembly
        KVM: SVM: adjust register allocation for __svm_vcpu_run()
        KVM: SVM: replace regs argument of __svm_vcpu_run() with vcpu_svm
        KVM: x86: use a separate asm-offsets.c file
        KVM: s390: pci: Fix allocation size of aift kzdev elements
        KVM: s390: pv: don't allow userspace to set the clock under PV
      74bd160f
    • Linus Torvalds's avatar
      Merge tag 'hyperv-fixes-signed-20221110' of... · 5be07b3f
      Linus Torvalds authored
      Merge tag 'hyperv-fixes-signed-20221110' of git://git.kernel.org/pub/scm/linux/kernel/git/hyperv/linux
      
      Pull hyperv fixes from Wei Liu:
      
       - Fix TSC MSR write for root partition (Anirudh Rayabharam)
      
       - Fix definition of vector in pci-hyperv driver (Dexuan Cui)
      
       - A few other misc patches
      
      * tag 'hyperv-fixes-signed-20221110' of git://git.kernel.org/pub/scm/linux/kernel/git/hyperv/linux:
        PCI: hv: Fix the definition of vector in hv_compose_msi_msg()
        MAINTAINERS: remove sthemmin
        x86/hyperv: fix invalid writes to MSRs during root partition kexec
        clocksource/drivers/hyperv: add data structure for reference TSC MSR
        Drivers: hv: fix repeated words in comments
        x86/hyperv: Remove BUG_ON() for kmap_local_page()
      5be07b3f