1. 13 Sep, 2020 4 commits
    • Linus Torvalds's avatar
      Merge tag 'staging-5.9-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/staging · 6c7247f6
      Linus Torvalds authored
      Pull staging/IIO driver fixes from Greg KH:
       "Here are a number of staging and IIO driver fixes for 5.9-rc5.
      
        The majority of these are IIO driver fixes, to resolve a timestamp
        issue that was recently found to affect a bunch of IIO drivers.
      
        The other fixes in here are:
      
         - small IIO driver fixes
      
         - greybus driver fix
      
         - counter driver fix (came in through the IIO fixes tree)
      
        All of these have been in linux-next for a while with no reported
        issues"
      
      * tag 'staging-5.9-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/staging: (23 commits)
        iio: adc: mcp3422: fix locking on error path
        iio: adc: mcp3422: fix locking scope
        iio: adc: meson-saradc: Use the parent device to look up the calib data
        iio:adc:max1118 Fix alignment of timestamp and data leak issues
        iio:adc:ina2xx Fix timestamp alignment issue.
        iio:adc:ti-adc084s021 Fix alignment and data leak issues.
        iio:adc:ti-adc081c Fix alignment and data leak issues
        iio:magnetometer:ak8975 Fix alignment and data leak issues.
        iio:light:ltr501 Fix timestamp alignment issue.
        iio:light:max44000 Fix timestamp alignment and prevent data leak.
        iio:chemical:ccs811: Fix timestamp alignment and prevent data leak.
        iio:proximity:mb1232: Fix timestamp alignment and prevent data leak.
        iio:accel:mma7455: Fix timestamp alignment and prevent data leak.
        iio:accel:bmc150-accel: Fix timestamp alignment and prevent data leak.
        iio:accel:mma8452: Fix timestamp alignment and prevent data leak.
        iio: accel: kxsd9: Fix alignment of local buffer.
        iio: adc: rockchip_saradc: select IIO_TRIGGERED_BUFFER
        iio: adc: ti-ads1015: fix conversion when CONFIG_PM is not set
        counter: microchip-tcb-capture: check the correct variable
        iio: cros_ec: Set Gyroscope default frequency to 25Hz
        ...
      6c7247f6
    • Linus Torvalds's avatar
      Merge tag 'driver-core-5.9-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/driver-core · 20a7b6be
      Linus Torvalds authored
      Pull driver core fixes from Greg KH:
       "Here are some small driver core and debugfs fixes for 5.9-rc5
      
        Included in here are:
      
         - firmware loader memory leak fix
      
         - firmware loader testing fixes for non-EFI systems
      
         - device link locking fixes found by lockdep
      
         - kobject_del() bugfix that has been affecting some callers
      
         - debugfs minor fix
      
        All of these have been in linux-next for a while with no reported
        issues"
      
      * tag 'driver-core-5.9-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/driver-core:
        test_firmware: Test platform fw loading on non-EFI systems
        PM: <linux/device.h>: fix @em_pd kernel-doc warning
        kobject: Drop unneeded conditional in __kobject_del()
        driver core: Fix device_pm_lock() locking for device links
        MAINTAINERS: Add the security document to SECURITY CONTACT
        driver code: print symbolic error code
        debugfs: Fix module state check condition
        kobject: Restore old behaviour of kobject_del(NULL)
        firmware_loader: fix memory leak for paged buffer
      20a7b6be
    • Linus Torvalds's avatar
      Merge tag 'char-misc-5.9-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/char-misc · 2a1a4bee
      Linus Torvalds authored
      Pull char / misc driver fixes from Greg KH:
       "Here are a number of small driver fixes for 5.9-rc5
      
        Included in here are:
      
         - habanalabs driver fixes
      
         - interconnect driver fixes
      
         - soundwire driver fixes
      
         - dyndbg fixes for reported issues, and then reverts to fix it all up
           to a sane state.
      
         - phy driver fixes
      
        All of these have been in linux-next for a while with no reported
        issues"
      
      * tag 'char-misc-5.9-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/char-misc:
        Revert "dyndbg: accept query terms like file=bar and module=foo"
        Revert "dyndbg: fix problem parsing format="foo bar""
        scripts/tags.sh: exclude tools directory from tags generation
        video: fbdev: fix OOB read in vga_8planes_imageblit()
        dyndbg: fix problem parsing format="foo bar"
        dyndbg: refine export, rename to dynamic_debug_exec_queries()
        dyndbg: give %3u width in pr-format, cosmetic only
        interconnect: qcom: Fix small BW votes being truncated to zero
        soundwire: fix double free of dangling pointer
        interconnect: Show bandwidth for disabled paths as zero in debugfs
        habanalabs: fix report of RAZWI initiator coordinates
        habanalabs: prevent user buff overflow
        phy: omap-usb2-phy: disable PHY charger detect
        phy: qcom-qmp: Use correct values for ipq8074 PCIe Gen2 PHY init
        soundwire: bus: fix typo in comment on INTSTAT registers
        phy: qualcomm: fix return value check in qcom_ipq806x_usb_phy_probe()
        phy: qualcomm: fix platform_no_drv_owner.cocci warnings
      2a1a4bee
    • Linus Torvalds's avatar
      Merge tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm · 84b13499
      Linus Torvalds authored
      Pull kvm fixes from Paolo Bonzini:
       "A bit on the bigger side, mostly due to me being on vacation, then
        busy, then on parental leave, but there's nothing worrisome.
      
        ARM:
         - Multiple stolen time fixes, with a new capability to match x86
         - Fix for hugetlbfs mappings when PUD and PMD are the same level
         - Fix for hugetlbfs mappings when PTE mappings are enforced (dirty
           logging, for example)
         - Fix tracing output of 64bit values
      
        x86:
         - nSVM state restore fixes
         - Async page fault fixes
         - Lots of small fixes everywhere"
      
      * tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm: (25 commits)
        KVM: emulator: more strict rsm checks.
        KVM: nSVM: more strict SMM checks when returning to nested guest
        SVM: nSVM: setup nested msr permission bitmap on nested state load
        SVM: nSVM: correctly restore GIF on vmexit from nesting after migration
        x86/kvm: don't forget to ACK async PF IRQ
        x86/kvm: properly use DEFINE_IDTENTRY_SYSVEC() macro
        KVM: VMX: Don't freeze guest when event delivery causes an APIC-access exit
        KVM: SVM: avoid emulation with stale next_rip
        KVM: x86: always allow writing '0' to MSR_KVM_ASYNC_PF_EN
        KVM: SVM: Periodically schedule when unregistering regions on destroy
        KVM: MIPS: Change the definition of kvm type
        kvm x86/mmu: use KVM_REQ_MMU_SYNC to sync when needed
        KVM: nVMX: Fix the update value of nested load IA32_PERF_GLOBAL_CTRL control
        KVM: fix memory leak in kvm_io_bus_unregister_dev()
        KVM: Check the allocation of pv cpu mask
        KVM: nVMX: Update VMCS02 when L2 PAE PDPTE updates detected
        KVM: arm64: Update page shift if stage 2 block mapping not supported
        KVM: arm64: Fix address truncation in traces
        KVM: arm64: Do not try to map PUDs when they are folded into PMD
        arm64/x86: KVM: Introduce steal-time cap
        ...
      84b13499
  2. 12 Sep, 2020 14 commits
  3. 11 Sep, 2020 20 commits
    • Linus Torvalds's avatar
      Merge tag 'ceph-for-5.9-rc5' of git://github.com/ceph/ceph-client · 729e3d09
      Linus Torvalds authored
      Pull ceph fix from Ilya Dryomov:
       "Add missing capability checks in rbd, marked for stable"
      
      * tag 'ceph-for-5.9-rc5' of git://github.com/ceph/ceph-client:
        rbd: require global CAP_SYS_ADMIN for mapping and unmapping
      729e3d09
    • Linus Torvalds's avatar
      Merge branch 'i2c/for-current' of git://git.kernel.org/pub/scm/linux/kernel/git/wsa/linux · e9287bd2
      Linus Torvalds authored
      Pull i2c updates from Wolfram Sang:
       "Usual driver bugfixes for the I2C subsystem"
      
      * 'i2c/for-current' of git://git.kernel.org/pub/scm/linux/kernel/git/wsa/linux:
        i2c: algo: pca: Reapply i2c bus settings after reset
        i2c: npcm7xx: Fix timeout calculation
        misc: eeprom: at24: register nvmem only after eeprom is ready to use
      e9287bd2
    • Linus Torvalds's avatar
      Merge tag 'pm-5.9-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm · 566e24ee
      Linus Torvalds authored
      Pull power management fixes from Rafael Wysocki:
       "These fix three pieces of documentation and add new CPU IDs to the
        Intel RAPL power capping driver.
      
        Specifics:
      
         - Add CPU IDs of the TigerLake Desktop, RocketLake and AlderLake
           chips to the Intel RAPL power capping driver (Zhang Rui).
      
         - Add the missing energy model performance domain item to the struct
           device kerneldoc comment (Randy Dunlap).
      
         - Fix the struct powercap_control_type kerneldoc comment to match the
           actual definition of that structure and add missing item to the
           struct powercap_zone_ops kerneldoc comment (Amit Kucheria)"
      
      * tag 'pm-5.9-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm:
        powercap: make documentation reflect code
        PM: <linux/device.h>: fix @em_pd kernel-doc warning
        powercap/intel_rapl: add support for AlderLake
        powercap/intel_rapl: add support for RocketLake
        powercap/intel_rapl: add support for TigerLake Desktop
      566e24ee
    • Linus Torvalds's avatar
      Merge tag 'block-5.9-2020-09-11' of git://git.kernel.dk/linux-block · 7b8731d9
      Linus Torvalds authored
      Pull block fixes from Jens Axboe:
      
       - Fix a regression in bdev partition locking (Christoph)
      
       - NVMe pull request from Christoph:
            - cancel async events before freeing them (David Milburn)
            - revert a broken race fix (James Smart)
            - fix command processing during resets (Sagi Grimberg)
      
       - Fix a kyber crash with requeued flushes (Omar)
      
       - Fix __bio_try_merge_page() same_page error for no merging (Ritesh)
      
      * tag 'block-5.9-2020-09-11' of git://git.kernel.dk/linux-block:
        block: Set same_page to false in __bio_try_merge_page if ret is false
        nvme-fabrics: allow to queue requests for live queues
        block: only call sched requeue_request() for scheduled requests
        nvme-tcp: cancel async events before freeing event struct
        nvme-rdma: cancel async events before freeing event struct
        nvme-fc: cancel async events before freeing event struct
        nvme: Revert: Fix controller creation races with teardown flow
        block: restore a specific error code in bdev_del_partition
      7b8731d9
    • Linus Torvalds's avatar
      Merge tag 'spi-fix-v5.9-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/broonie/spi · e8878ab8
      Linus Torvalds authored
      Pull spi fixes from Mark Brown:
       "There's some driver specific fixes here plus one core fix for memory
        leaks that could be triggered by a potential race condition when
        cleaning up after we have split transfers to fit into what the
        controller can support"
      
      * tag 'spi-fix-v5.9-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/broonie/spi:
        spi: stm32: fix pm_runtime_get_sync() error checking
        spi: Fix memory leak on splited transfers
        spi: spi-cadence-quadspi: Fix mapping of buffers for DMA reads
        spi: stm32: Rate-limit the 'Communication suspended' message
        spi: spi-loopback-test: Fix out-of-bounds read
        spi: spi-cadence-quadspi: Populate get_name() interface
        MAINTAINERS: add myself as maintainer for spi-fsl-dspi driver
      e8878ab8
    • Linus Torvalds's avatar
      Merge tag 'regulator-fix-v5.9-rc4' of... · 8b6ce251
      Linus Torvalds authored
      Merge tag 'regulator-fix-v5.9-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/broonie/regulator
      
      Pull regulator fixes from Mark Brown:
       "The biggest set of fixes here is those from Michał Mirosław fixing
        some locking issues with coupled regulators that are triggered in
        cases where a coupled regulator is used by a device involved in
        fs_reclaim like eMMC storage.
      
        These are relatively serious for the affected systems, though the
        circumstances where they trigger are very rare"
      
      * tag 'regulator-fix-v5.9-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/broonie/regulator:
        regulator: pwm: Fix machine constraints application
        regulator: core: Fix slab-out-of-bounds in regulator_unlock_recursive()
        regulator: remove superfluous lock in regulator_resolve_coupling()
        regulator: cleanup regulator_ena_gpio_free()
        regulator: plug of_node leak in regulator_register()'s error path
        regulator: push allocation in set_consumer_device_supply() out of lock
        regulator: push allocations in create_regulator() outside of lock
        regulator: push allocation in regulator_ena_gpio_request() out of lock
        regulator: push allocation in regulator_init_coupling() outside of lock
        regulator: fix spelling mistake "Cant" -> "Can't"
        regulator: cros-ec-regulator: Add NULL test for devm_kmemdup call
      8b6ce251
    • Vitaly Kuznetsov's avatar
      KVM: x86: always allow writing '0' to MSR_KVM_ASYNC_PF_EN · d831de17
      Vitaly Kuznetsov authored
      Even without in-kernel LAPIC we should allow writing '0' to
      MSR_KVM_ASYNC_PF_EN as we're not enabling the mechanism. In
      particular, QEMU with 'kernel-irqchip=off' fails to start
      a guest with
      
      qemu-system-x86_64: error: failed to set MSR 0x4b564d02 to 0x0
      
      Fixes: 9d3c447c ("KVM: X86: Fix async pf caused null-ptr-deref")
      Reported-by: default avatarDr. David Alan Gilbert <dgilbert@redhat.com>
      Signed-off-by: default avatarVitaly Kuznetsov <vkuznets@redhat.com>
      Message-Id: <20200911093147.484565-1-vkuznets@redhat.com>
      [Actually commit the version proposed by Sean Christopherson. - Paolo]
      Signed-off-by: default avatarPaolo Bonzini <pbonzini@redhat.com>
      d831de17
    • David Rientjes's avatar
      KVM: SVM: Periodically schedule when unregistering regions on destroy · 7be74942
      David Rientjes authored
      There may be many encrypted regions that need to be unregistered when a
      SEV VM is destroyed.  This can lead to soft lockups.  For example, on a
      host running 4.15:
      
      watchdog: BUG: soft lockup - CPU#206 stuck for 11s! [t_virtual_machi:194348]
      CPU: 206 PID: 194348 Comm: t_virtual_machi
      RIP: 0010:free_unref_page_list+0x105/0x170
      ...
      Call Trace:
       [<0>] release_pages+0x159/0x3d0
       [<0>] sev_unpin_memory+0x2c/0x50 [kvm_amd]
       [<0>] __unregister_enc_region_locked+0x2f/0x70 [kvm_amd]
       [<0>] svm_vm_destroy+0xa9/0x200 [kvm_amd]
       [<0>] kvm_arch_destroy_vm+0x47/0x200
       [<0>] kvm_put_kvm+0x1a8/0x2f0
       [<0>] kvm_vm_release+0x25/0x30
       [<0>] do_exit+0x335/0xc10
       [<0>] do_group_exit+0x3f/0xa0
       [<0>] get_signal+0x1bc/0x670
       [<0>] do_signal+0x31/0x130
      
      Although the CLFLUSH is no longer issued on every encrypted region to be
      unregistered, there are no other changes that can prevent soft lockups for
      very large SEV VMs in the latest kernel.
      
      Periodically schedule if necessary.  This still holds kvm->lock across the
      resched, but since this only happens when the VM is destroyed this is
      assumed to be acceptable.
      Signed-off-by: default avatarDavid Rientjes <rientjes@google.com>
      Message-Id: <alpine.DEB.2.23.453.2008251255240.2987727@chino.kir.corp.google.com>
      Signed-off-by: default avatarPaolo Bonzini <pbonzini@redhat.com>
      7be74942
    • Huacai Chen's avatar
      KVM: MIPS: Change the definition of kvm type · 15e9e35c
      Huacai Chen authored
      MIPS defines two kvm types:
      
       #define KVM_VM_MIPS_TE          0
       #define KVM_VM_MIPS_VZ          1
      
      In Documentation/virt/kvm/api.rst it is said that "You probably want to
      use 0 as machine type", which implies that type 0 be the "automatic" or
      "default" type. And, in user-space libvirt use the null-machine (with
      type 0) to detect the kvm capability, which returns "KVM not supported"
      on a VZ platform.
      
      I try to fix it in QEMU but it is ugly:
      https://lists.nongnu.org/archive/html/qemu-devel/2020-08/msg05629.html
      
      And Thomas Huth suggests me to change the definition of kvm type:
      https://lists.nongnu.org/archive/html/qemu-devel/2020-09/msg03281.html
      
      So I define like this:
      
       #define KVM_VM_MIPS_AUTO        0
       #define KVM_VM_MIPS_VZ          1
       #define KVM_VM_MIPS_TE          2
      
      Since VZ and TE cannot co-exists, using type 0 on a TE platform will
      still return success (so old user-space tools have no problems on new
      kernels); the advantage is that using type 0 on a VZ platform will not
      return failure. So, the only problem is "new user-space tools use type
      2 on old kernels", but if we treat this as a kernel bug, we can backport
      this patch to old stable kernels.
      Signed-off-by: default avatarHuacai Chen <chenhc@lemote.com>
      Message-Id: <1599734031-28746-1-git-send-email-chenhc@lemote.com>
      Signed-off-by: default avatarPaolo Bonzini <pbonzini@redhat.com>
      15e9e35c
    • Linus Torvalds's avatar
      Merge tag 'mmc-v5.9-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/ulfh/mmc · 063d6a4c
      Linus Torvalds authored
      Pull MMC fixes from Ulf Hansson:
       "MMC core:
         - sdio: Restore ~20% performance drop for SDHCI drivers, by using
           mmc_pre_req() and mmc_post_req() for SDIO requests.
      
        MMC host:
         - sdhci-of-esdhc: Fix support for erratum eSDHC7
         - mmc_spi: Allow the driver to be built when CONFIG_HAS_DMA is unset
         - sdhci-msm: Use retries to fix tuning
         - sdhci-acpi: Fix resume for eMMC HS400 mode"
      
      * tag 'mmc-v5.9-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/ulfh/mmc:
        mmc: sdio: Use mmc_pre_req() / mmc_post_req()
        mmc: sdhci-of-esdhc: Don't walk device-tree on every interrupt
        mmc: mmc_spi: Allow the driver to be built when CONFIG_HAS_DMA is unset
        mmc: sdhci-msm: Add retries when all tuning phases are found valid
        mmc: sdhci-acpi: Clear amd_sdhci_host on reset
      063d6a4c
    • Lai Jiangshan's avatar
      kvm x86/mmu: use KVM_REQ_MMU_SYNC to sync when needed · f6f6195b
      Lai Jiangshan authored
      When kvm_mmu_get_page() gets a page with unsynced children, the spt
      pagetable is unsynchronized with the guest pagetable. But the
      guest might not issue a "flush" operation on it when the pagetable
      entry is changed from zero or other cases. The hypervisor has the
      responsibility to synchronize the pagetables.
      
      KVM behaved as above for many years, But commit 8c8560b8
      ("KVM: x86/mmu: Use KVM_REQ_TLB_FLUSH_CURRENT for MMU specific flushes")
      inadvertently included a line of code to change it without giving any
      reason in the changelog. It is clear that the commit's intention was to
      change KVM_REQ_TLB_FLUSH -> KVM_REQ_TLB_FLUSH_CURRENT, so we don't
      needlessly flush other contexts; however, one of the hunks changed
      a nearby KVM_REQ_MMU_SYNC instead.  This patch changes it back.
      
      Link: https://lore.kernel.org/lkml/20200320212833.3507-26-sean.j.christopherson@intel.com/
      Cc: Sean Christopherson <sean.j.christopherson@intel.com>
      Cc: Vitaly Kuznetsov <vkuznets@redhat.com>
      Signed-off-by: default avatarLai Jiangshan <laijs@linux.alibaba.com>
      Message-Id: <20200902135421.31158-1-jiangshanlai@gmail.com>
      fixes: 8c8560b8 ("KVM: x86/mmu: Use KVM_REQ_TLB_FLUSH_CURRENT for MMU specific flushes")
      Cc: stable@vger.kernel.org
      Signed-off-by: default avatarPaolo Bonzini <pbonzini@redhat.com>
      f6f6195b
    • Chenyi Qiang's avatar
      KVM: nVMX: Fix the update value of nested load IA32_PERF_GLOBAL_CTRL control · c6b177a3
      Chenyi Qiang authored
      A minor fix for the update of VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL field
      in exit_ctls_high.
      
      Fixes: 03a8871a ("KVM: nVMX: Expose load IA32_PERF_GLOBAL_CTRL
      VM-{Entry,Exit} control")
      Signed-off-by: default avatarChenyi Qiang <chenyi.qiang@intel.com>
      Reviewed-by: default avatarXiaoyao Li <xiaoyao.li@intel.com>
      Message-Id: <20200828085622.8365-5-chenyi.qiang@intel.com>
      Reviewed-by: default avatarJim Mattson <jmattson@google.com>
      Signed-off-by: default avatarPaolo Bonzini <pbonzini@redhat.com>
      c6b177a3
    • Rustam Kovhaev's avatar
      KVM: fix memory leak in kvm_io_bus_unregister_dev() · f6588660
      Rustam Kovhaev authored
      when kmalloc() fails in kvm_io_bus_unregister_dev(), before removing
      the bus, we should iterate over all other devices linked to it and call
      kvm_iodevice_destructor() for them
      
      Fixes: 90db1043 ("KVM: kvm_io_bus_unregister_dev() should never fail")
      Cc: stable@vger.kernel.org
      Reported-and-tested-by: syzbot+f196caa45793d6374707@syzkaller.appspotmail.com
      Link: https://syzkaller.appspot.com/bug?extid=f196caa45793d6374707Signed-off-by: default avatarRustam Kovhaev <rkovhaev@gmail.com>
      Reviewed-by: default avatarVitaly Kuznetsov <vkuznets@redhat.com>
      Message-Id: <20200907185535.233114-1-rkovhaev@gmail.com>
      Signed-off-by: default avatarPaolo Bonzini <pbonzini@redhat.com>
      f6588660
    • Haiwei Li's avatar
      KVM: Check the allocation of pv cpu mask · 0f990222
      Haiwei Li authored
      check the allocation of per-cpu __pv_cpu_mask. Initialize ops only when
      successful.
      Signed-off-by: default avatarHaiwei Li <lihaiwei@tencent.com>
      Message-Id: <d59f05df-e6d3-3d31-a036-cc25a2b2f33f@gmail.com>
      Signed-off-by: default avatarPaolo Bonzini <pbonzini@redhat.com>
      0f990222
    • Peter Shier's avatar
      KVM: nVMX: Update VMCS02 when L2 PAE PDPTE updates detected · 43fea4e4
      Peter Shier authored
      When L2 uses PAE, L0 intercepts of L2 writes to CR0/CR3/CR4 call
      load_pdptrs to read the possibly updated PDPTEs from the guest
      physical address referenced by CR3.  It loads them into
      vcpu->arch.walk_mmu->pdptrs and sets VCPU_EXREG_PDPTR in
      vcpu->arch.regs_dirty.
      
      At the subsequent assumed reentry into L2, the mmu will call
      vmx_load_mmu_pgd which calls ept_load_pdptrs. ept_load_pdptrs sees
      VCPU_EXREG_PDPTR set in vcpu->arch.regs_dirty and loads
      VMCS02.GUEST_PDPTRn from vcpu->arch.walk_mmu->pdptrs[]. This all works
      if the L2 CRn write intercept always resumes L2.
      
      The resume path calls vmx_check_nested_events which checks for
      exceptions, MTF, and expired VMX preemption timers. If
      vmx_check_nested_events finds any of these conditions pending it will
      reflect the corresponding exit into L1. Live migration at this point
      would also cause a missed immediate reentry into L2.
      
      After L1 exits, vmx_vcpu_run calls vmx_register_cache_reset which
      clears VCPU_EXREG_PDPTR in vcpu->arch.regs_dirty.  When L2 next
      resumes, ept_load_pdptrs finds VCPU_EXREG_PDPTR clear in
      vcpu->arch.regs_dirty and does not load VMCS02.GUEST_PDPTRn from
      vcpu->arch.walk_mmu->pdptrs[]. prepare_vmcs02 will then load
      VMCS02.GUEST_PDPTRn from vmcs12->pdptr0/1/2/3 which contain the stale
      values stored at last L2 exit. A repro of this bug showed L2 entering
      triple fault immediately due to the bad VMCS02.GUEST_PDPTRn values.
      
      When L2 is in PAE paging mode add a call to ept_load_pdptrs before
      leaving L2. This will update VMCS02.GUEST_PDPTRn if they are dirty in
      vcpu->arch.walk_mmu->pdptrs[].
      
      Tested:
      kvm-unit-tests with new directed test: vmx_mtf_pdpte_test.
      Verified that test fails without the fix.
      
      Also ran Google internal VMM with an Ubuntu 16.04 4.4.0-83 guest running a
      custom hypervisor with a 32-bit Windows XP L2 guest using PAE. Prior to fix
      would repro readily. Ran 14 simultaneous L2s for 140 iterations with no
      failures.
      Signed-off-by: default avatarPeter Shier <pshier@google.com>
      Reviewed-by: default avatarJim Mattson <jmattson@google.com>
      Message-Id: <20200820230545.2411347-1-pshier@google.com>
      Signed-off-by: default avatarPaolo Bonzini <pbonzini@redhat.com>
      43fea4e4
    • Paolo Bonzini's avatar
      Merge tag 'kvmarm-fixes-5.9-1' of... · 1b67fd08
      Paolo Bonzini authored
      Merge tag 'kvmarm-fixes-5.9-1' of git://git.kernel.org/pub/scm/linux/kernel/git/kvmarm/kvmarm into HEAD
      
      KVM/arm64 fixes for Linux 5.9, take #1
      
      - Multiple stolen time fixes, with a new capability to match x86
      - Fix for hugetlbfs mappings when PUD and PMD are the same level
      - Fix for hugetlbfs mappings when PTE mappings are enforced
        (dirty logging, for example)
      - Fix tracing output of 64bit values
      1b67fd08
    • Linus Torvalds's avatar
      Merge tag 'drm-fixes-2020-09-11' of git://anongit.freedesktop.org/drm/drm · d67f2ec1
      Linus Torvalds authored
      Pull drm fixes from Dave Airlie:
       "Regular fixes, not much a major amount. One thing though is Laurent
        fixed some Kconfig issues, and I'm carrying the rapidio kconfig change
        so the drm one for xlnx driver works. He hadn't got a response from
        rapidio maintainers.
      
        Otherwise, virtio, sun4i, tve200, ingenic have some fixes, one audio
        fix for i915 and a core docs fix.
      
        kconfig:
         - rapidio/xlnx kconfig fix
      
        core:
         - Documentation fix
      
        i915:
         - audio regression fix
      
        virtio:
         - Fix double free in virtio
         - Fix virtio unblank
         - Remove output->enabled from virtio, as it should use crtc_state
      
        sun4i:
         - Add missing put_device in sun4i, and other fixes
         - Handle sun4i alpha on lowest plane correctly
      
        tv200:
         - Fix tve200 enable/disable
      
        ingenic
         - Small ingenic fixes"
      
      * tag 'drm-fixes-2020-09-11' of git://anongit.freedesktop.org/drm/drm:
        drm/i915: fix regression leading to display audio probe failure on GLK
        drm: xlnx: dpsub: Fix DMADEVICES Kconfig dependency
        rapidio: Replace 'select' DMAENGINES 'with depends on'
        drm/virtio: drop virtio_gpu_output->enabled
        drm/sun4i: backend: Disable alpha on the lowest plane on the A20
        drm/sun4i: backend: Support alpha property on lowest plane
        drm/sun4i: Fix DE2 YVU handling
        drm/tve200: Stabilize enable/disable
        dma-buf: fence-chain: Document missing dma_fence_chain_init() parameter in kerneldoc
        dma-buf: Fix kerneldoc of dma_buf_set_name()
        drm/virtio: fix unblank
        Documentation: fix dma-buf.rst underline length warning
        drm/sun4i: Fix dsi dcs long write function
        drm/ingenic: Fix driver not probing when IPU port is missing
        drm/ingenic: Fix leak of device_node pointer
        drm/sun4i: add missing put_device() call in sun8i_r40_tcon_tv_set_mux()
        drm/virtio: Revert "drm/virtio: Call the right shmem helpers"
      d67f2ec1
    • Linus Torvalds's avatar
      Merge tag 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/rdma/rdma · b1df2a07
      Linus Torvalds authored
      Pull rdma fixes from Jason Gunthorpe:
       "A number of driver bug fixes and a few recent regressions:
      
         - Several bug fixes for bnxt_re. Crashing, incorrect data reported,
           and corruption on new HW
      
         - Memory leak and crash in rxe
      
         - Fix sysfs corruption in rxe if the netdev name is too long
      
         - Fix a crash on error unwind in the new cq_pool code
      
         - Fix kobject panics in rtrs by working device lifetime properly
      
         - Fix a data corruption bug in iser target related to misaligned
           buffers"
      
      * tag 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/rdma/rdma:
        IB/isert: Fix unaligned immediate-data handling
        RDMA/rtrs-srv: Set .release function for rtrs srv device during device init
        RDMA/bnxt_re: Remove set but not used variable 'qplib_ctx'
        RDMA/core: Fix reported speed and width
        RDMA/core: Fix unsafe linked list traversal after failing to allocate CQ
        RDMA/bnxt_re: Remove the qp from list only if the qp destroy succeeds
        RDMA/bnxt_re: Fix driver crash on unaligned PSN entry address
        RDMA/bnxt_re: Restrict the max_gids to 256
        RDMA/bnxt_re: Static NQ depth allocation
        RDMA/bnxt_re: Fix the qp table indexing
        RDMA/bnxt_re: Do not report transparent vlan from QP1
        RDMA/mlx4: Read pkey table length instead of hardcoded value
        RDMA/rxe: Fix panic when calling kmem_cache_create()
        RDMA/rxe: Fix memleak in rxe_mem_init_user
        RDMA/rxe: Fix the parent sysfs read when the interface has 15 chars
        RDMA/rtrs-srv: Replace device_register with device_initialize and device_add
      b1df2a07
    • Peter Oberparleiter's avatar
      gcov: add support for GCC 10.1 · 40249c69
      Peter Oberparleiter authored
      Using gcov to collect coverage data for kernels compiled with GCC 10.1
      causes random malfunctions and kernel crashes.  This is the result of a
      changed GCOV_COUNTERS value in GCC 10.1 that causes a mismatch between
      the layout of the gcov_info structure created by GCC profiling code and
      the related structure used by the kernel.
      
      Fix this by updating the in-kernel GCOV_COUNTERS value.  Also re-enable
      config GCOV_KERNEL for use with GCC 10.
      Reported-by: default avatarColin Ian King <colin.king@canonical.com>
      Reported-by: default avatarLeon Romanovsky <leonro@nvidia.com>
      Signed-off-by: default avatarPeter Oberparleiter <oberpar@linux.ibm.com>
      Tested-by: default avatarLeon Romanovsky <leonro@nvidia.com>
      Tested-and-Acked-by: default avatarColin Ian King <colin.king@canonical.com>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      40249c69
    • Rafael J. Wysocki's avatar
      Merge branch 'powercap' · d64e6906
      Rafael J. Wysocki authored
      * powercap:
        powercap: make documentation reflect code
        powercap/intel_rapl: add support for AlderLake
        powercap/intel_rapl: add support for RocketLake
        powercap/intel_rapl: add support for TigerLake Desktop
      d64e6906
  4. 10 Sep, 2020 2 commits