1. 15 Sep, 2017 8 commits
  2. 14 Sep, 2017 5 commits
  3. 13 Sep, 2017 8 commits
  4. 12 Sep, 2017 3 commits
    • Paul Mackerras's avatar
      KVM: PPC: Book3S HV: Fix bug causing host SLB to be restored incorrectly · 67f8a8c1
      Paul Mackerras authored
      Aneesh Kumar reported seeing host crashes when running recent kernels
      on POWER8.  The symptom was an oops like this:
      
      Unable to handle kernel paging request for data at address 0xf00000000786c620
      Faulting instruction address: 0xc00000000030e1e4
      Oops: Kernel access of bad area, sig: 11 [#1]
      LE SMP NR_CPUS=2048 NUMA PowerNV
      Modules linked in: powernv_op_panel
      CPU: 24 PID: 6663 Comm: qemu-system-ppc Tainted: G        W 4.13.0-rc7-43932-gfc36c59 #2
      task: c000000fdeadfe80 task.stack: c000000fdeb68000
      NIP:  c00000000030e1e4 LR: c00000000030de6c CTR: c000000000103620
      REGS: c000000fdeb6b450 TRAP: 0300   Tainted: G        W        (4.13.0-rc7-43932-gfc36c59)
      MSR:  9000000000009033 <SF,HV,EE,ME,IR,DR,RI,LE>  CR: 24044428  XER: 20000000
      CFAR: c00000000030e134 DAR: f00000000786c620 DSISR: 40000000 SOFTE: 0
      GPR00: 0000000000000000 c000000fdeb6b6d0 c0000000010bd000 000000000000e1b0
      GPR04: c00000000115e168 c000001fffa6e4b0 c00000000115d000 c000001e1b180386
      GPR08: f000000000000000 c000000f9a8913e0 f00000000786c600 00007fff587d0000
      GPR12: c000000fdeb68000 c00000000fb0f000 0000000000000001 00007fff587cffff
      GPR16: 0000000000000000 c000000000000000 00000000003fffff c000000fdebfe1f8
      GPR20: 0000000000000004 c000000fdeb6b8a8 0000000000000001 0008000000000040
      GPR24: 07000000000000c0 00007fff587cffff c000000fdec20bf8 00007fff587d0000
      GPR28: c000000fdeca9ac0 00007fff587d0000 00007fff587c0000 00007fff587d0000
      NIP [c00000000030e1e4] __get_user_pages_fast+0x434/0x1070
      LR [c00000000030de6c] __get_user_pages_fast+0xbc/0x1070
      Call Trace:
      [c000000fdeb6b6d0] [c00000000139dab8] lock_classes+0x0/0x35fe50 (unreliable)
      [c000000fdeb6b7e0] [c00000000030ef38] get_user_pages_fast+0xf8/0x120
      [c000000fdeb6b830] [c000000000112318] kvmppc_book3s_hv_page_fault+0x308/0xf30
      [c000000fdeb6b960] [c00000000010e10c] kvmppc_vcpu_run_hv+0xfdc/0x1f00
      [c000000fdeb6bb20] [c0000000000e915c] kvmppc_vcpu_run+0x2c/0x40
      [c000000fdeb6bb40] [c0000000000e5650] kvm_arch_vcpu_ioctl_run+0x110/0x300
      [c000000fdeb6bbe0] [c0000000000d6468] kvm_vcpu_ioctl+0x528/0x900
      [c000000fdeb6bd40] [c0000000003bc04c] do_vfs_ioctl+0xcc/0x950
      [c000000fdeb6bde0] [c0000000003bc930] SyS_ioctl+0x60/0x100
      [c000000fdeb6be30] [c00000000000b96c] system_call+0x58/0x6c
      Instruction dump:
      7ca81a14 2fa50000 41de0010 7cc8182a 68c60002 78c6ffe2 0b060000 3cc2000a
      794a3664 390610d8 e9080000 7d485214 <e90a0020> 7d435378 790507e1 408202f0
      ---[ end trace fad4a342d0414aa2 ]---
      
      It turns out that what has happened is that the SLB entry for the
      vmmemap region hasn't been reloaded on exit from a guest, and it has
      the wrong page size.  Then, when the host next accesses the vmemmap
      region, it gets a page fault.
      
      Commit a25bd72b ("powerpc/mm/radix: Workaround prefetch issue with
      KVM", 2017-07-24) modified the guest exit code so that it now only clears
      out the SLB for hash guest.  The code tests the radix flag and puts the
      result in a non-volatile CR field, CR2, and later branches based on CR2.
      
      Unfortunately, the kvmppc_save_tm function, which gets called between
      those two points, modifies all the user-visible registers in the case
      where the guest was in transactional or suspended state, except for a
      few which it restores (namely r1, r2, r9 and r13).  Thus the hash/radix indication in CR2 gets corrupted.
      
      This fixes the problem by re-doing the comparison just before the
      result is needed.  For good measure, this also adds comments next to
      the call sites of kvmppc_save_tm and kvmppc_restore_tm pointing out
      that non-volatile register state will be lost.
      
      Cc: stable@vger.kernel.org # v4.13
      Fixes: a25bd72b ("powerpc/mm/radix: Workaround prefetch issue with KVM")
      Tested-by: default avatarAneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
      Signed-off-by: default avatarPaul Mackerras <paulus@ozlabs.org>
      67f8a8c1
    • Paul Mackerras's avatar
      KVM: PPC: Book3S HV: Hold kvm->lock around call to kvmppc_update_lpcr · cf5f6f31
      Paul Mackerras authored
      Commit 468808bd ("KVM: PPC: Book3S HV: Set process table for HPT
      guests on POWER9", 2017-01-30) added a call to kvmppc_update_lpcr()
      which doesn't hold the kvm->lock mutex around the call, as required.
      This adds the lock/unlock pair, and for good measure, includes
      the kvmppc_setup_partition_table() call in the locked region, since
      it is altering global state of the VM.
      
      This error appears not to have any fatal consequences for the host;
      the consequences would be that the VCPUs could end up running with
      different LPCR values, or an update to the LPCR value by userspace
      using the one_reg interface could get overwritten, or the update
      done by kvmhv_configure_mmu() could get overwritten.
      
      Cc: stable@vger.kernel.org # v4.10+
      Fixes: 468808bd ("KVM: PPC: Book3S HV: Set process table for HPT guests on POWER9")
      Signed-off-by: default avatarPaul Mackerras <paulus@ozlabs.org>
      cf5f6f31
    • Benjamin Herrenschmidt's avatar
      KVM: PPC: Book3S HV: Don't access XIVE PIPR register using byte accesses · d222af07
      Benjamin Herrenschmidt authored
      The XIVE interrupt controller on POWER9 machines doesn't support byte
      accesses to any register in the thread management area other than the
      CPPR (current processor priority register).  In particular, when
      reading the PIPR (pending interrupt priority register), we need to
      do a 32-bit or 64-bit load.
      
      Cc: stable@vger.kernel.org # v4.13
      Fixes: 2c4fb78f ("KVM: PPC: Book3S HV: Workaround POWER9 DD1.0 bug causing IPB bit loss")
      Signed-off-by: default avatarBenjamin Herrenschmidt <benh@kernel.crashing.org>
      Signed-off-by: default avatarPaul Mackerras <paulus@ozlabs.org>
      d222af07
  5. 08 Sep, 2017 14 commits
    • Linus Torvalds's avatar
      Merge tag 'kvm-4.14-1' of git://git.kernel.org/pub/scm/virt/kvm/kvm · 0756b7fb
      Linus Torvalds authored
      Pull KVM updates from Radim Krčmář:
       "First batch of KVM changes for 4.14
      
        Common:
         - improve heuristic for boosting preempted spinlocks by ignoring
           VCPUs in user mode
      
        ARM:
         - fix for decoding external abort types from guests
      
         - added support for migrating the active priority of interrupts when
           running a GICv2 guest on a GICv3 host
      
         - minor cleanup
      
        PPC:
         - expose storage keys to userspace
      
         - merge kvm-ppc-fixes with a fix that missed 4.13 because of
           vacations
      
         - fixes
      
        s390:
         - merge of kvm/master to avoid conflicts with additional sthyi fixes
      
         - wire up the no-dat enhancements in KVM
      
         - multiple epoch facility (z14 feature)
      
         - Configuration z/Architecture Mode
      
         - more sthyi fixes
      
         - gdb server range checking fix
      
         - small code cleanups
      
        x86:
         - emulate Hyper-V TSC frequency MSRs
      
         - add nested INVPCID
      
         - emulate EPTP switching VMFUNC
      
         - support Virtual GIF
      
         - support 5 level page tables
      
         - speedup nested VM exits by packing byte operations
      
         - speedup MMIO by using hardware provided physical address
      
         - a lot of fixes and cleanups, especially nested"
      
      * tag 'kvm-4.14-1' of git://git.kernel.org/pub/scm/virt/kvm/kvm: (67 commits)
        KVM: arm/arm64: Support uaccess of GICC_APRn
        KVM: arm/arm64: Extract GICv3 max APRn index calculation
        KVM: arm/arm64: vITS: Drop its_ite->lpi field
        KVM: arm/arm64: vgic: constify seq_operations and file_operations
        KVM: arm/arm64: Fix guest external abort matching
        KVM: PPC: Book3S HV: Fix memory leak in kvm_vm_ioctl_get_htab_fd
        KVM: s390: vsie: cleanup mcck reinjection
        KVM: s390: use WARN_ON_ONCE only for checking
        KVM: s390: guestdbg: fix range check
        KVM: PPC: Book3S HV: Report storage key support to userspace
        KVM: PPC: Book3S HV: Fix case where HDEC is treated as 32-bit on POWER9
        KVM: PPC: Book3S HV: Fix invalid use of register expression
        KVM: PPC: Book3S HV: Fix H_REGISTER_VPA VPA size validation
        KVM: PPC: Book3S HV: Fix setting of storage key in H_ENTER
        KVM: PPC: e500mc: Fix a NULL dereference
        KVM: PPC: e500: Fix some NULL dereferences on error
        KVM: PPC: Book3S HV: Protect updates to spapr_tce_tables list
        KVM: s390: we are always in czam mode
        KVM: s390: expose no-DAT to guest and migration support
        KVM: s390: sthyi: remove invalid guest write access
        ...
      0756b7fb
    • Linus Torvalds's avatar
      Merge tag 'linux-kselftest-4.14-rc1-update' of... · 6d621897
      Linus Torvalds authored
      Merge tag 'linux-kselftest-4.14-rc1-update' of git://git.kernel.org/pub/scm/linux/kernel/git/shuah/linux-kselftest
      
      Pull kselftest updates from Shuah Khan:
      
       - TAP13 framework API and converting tests to TAP13 continues. A few
         more tests are converted and kselftest common RUN_TESTS in lib.mk is
         enhanced to print TAP13 to cover test shell scripts that won't be
         able to use kselftest API.
      
       - Several fixes to existing tests to not fail in unsupported cases.
         This has been an ongoing work based on the feedback from stable
         release kselftest users.
      
       - A new watchdog test and much needed cleanups to the existing tests
         from Eugeniu Rosca.
      
       - Changes to kselftest common lib.mk framework to make RUN_TESTS a
         function to be called from individual test make files to run stress
         and destructive sub-tests.
      
      * tag 'linux-kselftest-4.14-rc1-update' of git://git.kernel.org/pub/scm/linux/kernel/git/shuah/linux-kselftest: (41 commits)
        selftests: Enhance kselftest_harness.h to print which assert failed
        selftests: lib.mk: change RUN_TESTS to print messages in TAP13 format
        selftests: change lib.mk RUN_TESTS to take test list as an argument
        selftests: lib.mk: suppress "cd" output from run_tests target
        selftests: kselftest framework: change skip exit code to 0
        selftests/timers: make loop consistent with array size
        selftests: timers: remove rtctest_setdate from run_destructive_tests
        selftests: timers: Fix run_destructive_tests target to handle skipped tests
        kselftests: timers: leap-a-day: Change default arguments to help test runs
        selftests: timers: drop support for !KTEST case
        rtc: rtctest: Improve support detection
        selftests/cpu-hotplug: Skip test when there is only one online cpu
        selftests/cpu-hotplug: exit with failure when test occured unexpected behaviors
        selftests: futex: convert test to use ksft TAP13 framework
        selftests: capabilities: convert error output to TAP13 ksft framework
        selftests: memfd: Align STACK_SIZE for ARM AArch64 system
        selftests: warn if failure is due to lack of executable bit
        selftests: kselftest framework: add error counter
        selftests: capabilities: convert the test to use TAP13 ksft framework
        selftests: capabilities: fix to run Non-root +ia, sgidroot => i test
        ...
      6d621897
    • Linus Torvalds's avatar
      Merge tag 'trace-v4.14' of git://git.kernel.org/pub/scm/linux/kernel/git/rostedt/linux-trace · 42c8e86c
      Linus Torvalds authored
      Pull tracing updates from Steven Rostedt:
       "Nothing new in development for this release. These are mostly fixes
        that were found during development of changes for the next merge
        window and fixes that were sent to me late in the last cycle"
      
      * tag 'trace-v4.14' of git://git.kernel.org/pub/scm/linux/kernel/git/rostedt/linux-trace:
        tracing: Apply trace_clock changes to instance max buffer
        tracing: Fix clear of RECORDED_TGID flag when disabling trace event
        tracing: Add barrier to trace_printk() buffer nesting modification
        ftrace: Fix memleak when unregistering dynamic ops when tracing disabled
        ftrace: Fix selftest goto location on error
        ftrace: Zero out ftrace hashes when a module is removed
        tracing: Only have rmmod clear buffers that its events were active in
        ftrace: Fix debug preempt config name in stack_tracer_{en,dis}able
      42c8e86c
    • Linus Torvalds's avatar
      genksyms: fix gperf removal conversion · 3aea311c
      Linus Torvalds authored
      I had stupidly missed one special use of 'is_reserved_word()' when I
      converted the code to avoid gperf.
      
      I had changed that function to return the token ID directly rather than
      a pointer to the token descriptor structure, but that meant that the
      test for "is this a reserved word" changed from checking the return
      value against NULL, to checking that it wasn't negative.
      
      And while I had converted the main token parser over, I missed the
      special case of the typeof phrase handling.  And since our dependency
      chain for genksyms does not include the genksyms program itself
      changing, my kernel rebuild didn't show the problem.
      
      Fixes: bb3290d9 ("Remove gperf usage from toolchain")
      Reported-by: default avatarMasahiro Yamada <yamada.masahiro@socionext.com>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      3aea311c
    • Linus Torvalds's avatar
      RDMA/netlink: clean up message validity array initializer · 015a9e66
      Linus Torvalds authored
      The fix in the parent made me look at that function, and react to how
      illogical and illegible the array initializer was.
      
      Use named array indexes to make it clearer what is going on, and make
      the initializer not depend silently on the exact index numbers.
      
      [ The initializer now also shows an odd inconsistency in the naming:
        note the IWCM vs IWPM..   - Linus ]
      
      Cc: Leon Romanovsky <leonro@mellanox.com>
      Cc: Doug Ledford <dledford@redhat.com>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      015a9e66
    • Leon Romanovsky's avatar
      RDAM/netlink: Fix out-of-bound access while checking message validity · 8b2c7e7a
      Leon Romanovsky authored
      The netlink message sent with type == 0, which doesn't have any client
      behind it, caused to the overflow in max_num_ops array.
      
      Fix it by declaring zero number of ops for the first client.
      
      Fixes: c9901724 ("RDMA/netlink: Remove netlink clients infrastructure")
      Signed-off-by: default avatarLeon Romanovsky <leon@kernel.org>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      8b2c7e7a
    • Radim Krčmář's avatar
      Merge branch 'kvm-ppc-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/paulus/powerpc · 5f54c8b2
      Radim Krčmář authored
      This fix was intended for 4.13, but didn't get in because both
      maintainers were on vacation.
      
      Paul Mackerras:
       "It adds mutual exclusion between list_add_rcu and list_del_rcu calls
        on the kvm->arch.spapr_tce_tables list.  Without this, userspace could
        potentially trigger corruption of the list and cause a host crash or
        worse."
      5f54c8b2
    • Linus Torvalds's avatar
      Merge branch 'gperf-removal' · 5969d1bb
      Linus Torvalds authored
      Remove our use of 'gperf' for generating perfect hashes from some of our
      build tools.
      
      This removal was prompted by Masahiro Yamada sending out a patch that
      removes all our pre-generated files, and when I tested it, I noticed
      that the gperf version I have (3.1) apparently generates code that no
      longer works with out code-base because the function interfaces
      generated by gperf have changed.
      
      We really don't care that much, and the gperf people changed their
      interfaces in ways that makes it annoying to work with them.  Tools that
      make it hard to use them should not be used, and the kernel is not at
      all interested in some autoconf mess.  So remove the gperf dependency
      entirely.
      
      It turns out that if you ignore the pre-generated files, the use of
      gperf apparently saved us a whopping fifteen lines of code.  It
      obviously wasn't worth it, considering that the pre-generated files are
      about 500 lines.
      
      I sent this out as a patch about three weeks ago, and got absolutely
      zero responses.  So let's see if anybody notices now that I merge it.
      Because there might be serious bugs here, but it WorksForMe(tm).
      
      * gperf-removal:
        Remove gperf usage from toolchain
      5969d1bb
    • Linus Torvalds's avatar
      Merge tag 'scsi-misc' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi · 572c01ba
      Linus Torvalds authored
      Pull SCSI updates from James Bottomley:
       "This is mostly updates of the usual suspects: lpfc, qla2xxx, hisi_sas,
        megaraid_sas, zfcp and a host of minor updates.
      
        The major driver change here is the elimination of the block based
        cciss driver in favour of the SCSI based hpsa driver (which now drives
        all the legacy cases cciss used to be required for). Plus a reset
        handler clean up and the redo of the SAS SMP handler to use bsg lib"
      
      * tag 'scsi-misc' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi: (279 commits)
        scsi: scsi-mq: Always unprepare before requeuing a request
        scsi: Show .retries and .jiffies_at_alloc in debugfs
        scsi: Improve requeuing behavior
        scsi: Call scsi_initialize_rq() for filesystem requests
        scsi: qla2xxx: Reset the logo flag, after target re-login.
        scsi: qla2xxx: Fix slow mem alloc behind lock
        scsi: qla2xxx: Clear fc4f_nvme flag
        scsi: qla2xxx: add missing includes for qla_isr
        scsi: qla2xxx: Fix an integer overflow in sysfs code
        scsi: aacraid: report -ENOMEM to upper layer from aac_convert_sgraw2()
        scsi: aacraid: get rid of one level of indentation
        scsi: aacraid: fix indentation errors
        scsi: storvsc: fix memory leak on ring buffer busy
        scsi: scsi_transport_sas: switch to bsg-lib for SMP passthrough
        scsi: smartpqi: remove the smp_handler stub
        scsi: hpsa: remove the smp_handler stub
        scsi: bsg-lib: pass the release callback through bsg_setup_queue
        scsi: Rework handling of scsi_device.vpd_pg8[03]
        scsi: Rework the code for caching Vital Product Data (VPD)
        scsi: rcu: Introduce rcu_swap_protected()
        ...
      572c01ba
    • Linus Torvalds's avatar
      Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/pmladek/printk · cef5d0f9
      Linus Torvalds authored
      Pull printk updates from Petr Mladek:
      
       - Do not allow use of freed init data and code even when boot consoles
         are forced to stay. Also check for the init memory more precisely.
      
       - Some code clean up by starting contributors.
      
      * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/pmladek/printk:
        printk: Clean up do_syslog() error handling
        printk/console: Enhance the check for consoles using init memory
        printk/console: Always disable boot consoles that use init memory before it is freed
        printk: Modify operators of printed_len and text_len
      cef5d0f9
    • Linus Torvalds's avatar
      Merge tag 'audit-pr-20170907' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/audit · 0fb02e71
      Linus Torvalds authored
      Pull audit updates from Paul Moore:
       "A small pull request for audit this time, only four patches and only
        two with any real code changes.
      
        Those two changes are the removal of a pointless SELinux AVC
        initialization audit event and a fix to improve the audit timestamp
        overhead.
      
        The other two patches are comment cleanup and administrative updates,
        nothing very exciting.
      
        Everything passes our tests"
      
      * tag 'audit-pr-20170907' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/audit:
        audit: update the function comments
        selinux: remove AVC init audit log message
        audit: update the audit info in MAINTAINERS
        audit: Reduce overhead using a coarse clock
      0fb02e71
    • Linus Torvalds's avatar
      Merge tag 'secureexec-v4.14-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux · 828f4257
      Linus Torvalds authored
      Pull secureexec update from Kees Cook:
       "This series has the ultimate goal of providing a sane stack rlimit
        when running set*id processes.
      
        To do this, the bprm_secureexec LSM hook is collapsed into the
        bprm_set_creds hook so the secureexec-ness of an exec can be
        determined early enough to make decisions about rlimits and the
        resulting memory layouts. Other logic acting on the secureexec-ness of
        an exec is similarly consolidated. Capabilities needed some special
        handling, but the refactoring removed other special handling, so that
        was a wash"
      
      * tag 'secureexec-v4.14-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux:
        exec: Consolidate pdeath_signal clearing
        exec: Use sane stack rlimit under secureexec
        exec: Consolidate dumpability logic
        smack: Remove redundant pdeath_signal clearing
        exec: Use secureexec for clearing pdeath_signal
        exec: Use secureexec for setting dumpability
        LSM: drop bprm_secureexec hook
        commoncap: Move cap_elevated calculation into bprm_set_creds
        commoncap: Refactor to remove bprm_secureexec hook
        smack: Refactor to remove bprm_secureexec hook
        selinux: Refactor to remove bprm_secureexec hook
        apparmor: Refactor to remove bprm_secureexec hook
        binfmt: Introduce secureexec flag
        exec: Correct comments about "point of no return"
        exec: Rename bprm->cred_prepared to called_set_creds
      828f4257
    • Linus Torvalds's avatar
      Merge tag 'gcc-plugins-v4.14-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux · 44ccba3f
      Linus Torvalds authored
      Pull gcc plugins update from Kees Cook:
       "This finishes the porting work on randstruct, and introduces a new
        option to structleak, both noted below:
      
         - For the randstruct plugin, enable automatic randomization of
           structures that are entirely function pointers (along with a couple
           designated initializer fixes).
      
         - For the structleak plugin, provide an option to perform zeroing
           initialization of all otherwise uninitialized stack variables that
           are passed by reference (Ard Biesheuvel)"
      
      * tag 'gcc-plugins-v4.14-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux:
        gcc-plugins: structleak: add option to init all vars used as byref args
        randstruct: Enable function pointer struct detection
        drivers/net/wan/z85230.c: Use designated initializers
        drm/amd/powerplay: rv: Use designated initializers
      44ccba3f
    • Linus Torvalds's avatar
      Merge tag 'pstore-v4.14-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux · 21d236bf
      Linus Torvalds authored
      Pull pstore update from Kees Cook:
       "Make pstore permissions more versatile by removing CAP_SYSLOG
        requirement and defining more restrictive root directory DAC
        permissions default (0750, which can be adjust after boot unlike the
        CAP_SYSLOG check).
      
        Suggested by Nick Kralevich"
      
      * tag 'pstore-v4.14-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux:
        Revert "pstore: Honor dmesg_restrict sysctl on dmesg dumps"
        pstore: Make default pstorefs root dir perms 0750
      21d236bf
  6. 07 Sep, 2017 2 commits