1. 30 Jan, 2018 17 commits
  2. 28 Jan, 2018 8 commits
  3. 27 Jan, 2018 6 commits
    • Borislav Petkov's avatar
      x86/speculation: Simplify indirect_branch_prediction_barrier() · 64e16720
      Borislav Petkov authored
      Make it all a function which does the WRMSR instead of having a hairy
      inline asm.
      
      [dwmw2: export it, fix CONFIG_RETPOLINE issues]
      Signed-off-by: default avatarBorislav Petkov <bp@suse.de>
      Signed-off-by: default avatarDavid Woodhouse <dwmw@amazon.co.uk>
      Signed-off-by: default avatarThomas Gleixner <tglx@linutronix.de>
      Cc: ak@linux.intel.com
      Cc: dave.hansen@intel.com
      Cc: karahmed@amazon.de
      Cc: arjan@linux.intel.com
      Cc: torvalds@linux-foundation.org
      Cc: peterz@infradead.org
      Cc: bp@alien8.de
      Cc: pbonzini@redhat.com
      Cc: tim.c.chen@linux.intel.com
      Cc: gregkh@linux-foundation.org
      Link: https://lkml.kernel.org/r/1517070274-12128-4-git-send-email-dwmw@amazon.co.uk
      64e16720
    • Borislav Petkov's avatar
      x86/retpoline: Simplify vmexit_fill_RSB() · 1dde7415
      Borislav Petkov authored
      Simplify it to call an asm-function instead of pasting 41 insn bytes at
      every call site. Also, add alignment to the macro as suggested here:
      
        https://support.google.com/faqs/answer/7625886
      
      [dwmw2: Clean up comments, let it clobber %ebx and just tell the compiler]
      Signed-off-by: default avatarBorislav Petkov <bp@suse.de>
      Signed-off-by: default avatarDavid Woodhouse <dwmw@amazon.co.uk>
      Signed-off-by: default avatarThomas Gleixner <tglx@linutronix.de>
      Cc: ak@linux.intel.com
      Cc: dave.hansen@intel.com
      Cc: karahmed@amazon.de
      Cc: arjan@linux.intel.com
      Cc: torvalds@linux-foundation.org
      Cc: peterz@infradead.org
      Cc: bp@alien8.de
      Cc: pbonzini@redhat.com
      Cc: tim.c.chen@linux.intel.com
      Cc: gregkh@linux-foundation.org
      Link: https://lkml.kernel.org/r/1517070274-12128-3-git-send-email-dwmw@amazon.co.uk
      1dde7415
    • David Woodhouse's avatar
      x86/cpufeatures: Clean up Spectre v2 related CPUID flags · 2961298e
      David Woodhouse authored
      We want to expose the hardware features simply in /proc/cpuinfo as "ibrs",
      "ibpb" and "stibp". Since AMD has separate CPUID bits for those, use them
      as the user-visible bits.
      
      When the Intel SPEC_CTRL bit is set which indicates both IBRS and IBPB
      capability, set those (AMD) bits accordingly. Likewise if the Intel STIBP
      bit is set, set the AMD STIBP that's used for the generic hardware
      capability.
      
      Hide the rest from /proc/cpuinfo by putting "" in the comments. Including
      RETPOLINE and RETPOLINE_AMD which shouldn't be visible there. There are
      patches to make the sysfs vulnerabilities information non-readable by
      non-root, and the same should apply to all information about which
      mitigations are actually in use. Those *shouldn't* appear in /proc/cpuinfo.
      
      The feature bit for whether IBPB is actually used, which is needed for
      ALTERNATIVEs, is renamed to X86_FEATURE_USE_IBPB.
      Originally-by: default avatarBorislav Petkov <bp@suse.de>
      Signed-off-by: default avatarDavid Woodhouse <dwmw@amazon.co.uk>
      Signed-off-by: default avatarThomas Gleixner <tglx@linutronix.de>
      Cc: ak@linux.intel.com
      Cc: dave.hansen@intel.com
      Cc: karahmed@amazon.de
      Cc: arjan@linux.intel.com
      Cc: torvalds@linux-foundation.org
      Cc: peterz@infradead.org
      Cc: bp@alien8.de
      Cc: pbonzini@redhat.com
      Cc: tim.c.chen@linux.intel.com
      Cc: gregkh@linux-foundation.org
      Link: https://lkml.kernel.org/r/1517070274-12128-2-git-send-email-dwmw@amazon.co.uk
      2961298e
    • Thomas Gleixner's avatar
      x86/cpu/bugs: Make retpoline module warning conditional · e383095c
      Thomas Gleixner authored
      If sysfs is disabled and RETPOLINE not defined:
      
      arch/x86/kernel/cpu/bugs.c:97:13: warning: ‘spectre_v2_bad_module’ defined but not used
      [-Wunused-variable]
       static bool spectre_v2_bad_module;
      
      Hide it.
      
      Fixes: caf7501a ("module/retpoline: Warn about missing retpoline in module")
      Reported-by: default avatarBorislav Petkov <bp@alien8.de>
      Signed-off-by: default avatarThomas Gleixner <tglx@linutronix.de>
      Cc: Andi Kleen <ak@linux.intel.com>
      Cc: David Woodhouse <dwmw2@infradead.org>
      e383095c
    • Thomas Gleixner's avatar
      hrtimer: Reset hrtimer cpu base proper on CPU hotplug · d5421ea4
      Thomas Gleixner authored
      The hrtimer interrupt code contains a hang detection and mitigation
      mechanism, which prevents that a long delayed hrtimer interrupt causes a
      continous retriggering of interrupts which prevent the system from making
      progress. If a hang is detected then the timer hardware is programmed with
      a certain delay into the future and a flag is set in the hrtimer cpu base
      which prevents newly enqueued timers from reprogramming the timer hardware
      prior to the chosen delay. The subsequent hrtimer interrupt after the delay
      clears the flag and resumes normal operation.
      
      If such a hang happens in the last hrtimer interrupt before a CPU is
      unplugged then the hang_detected flag is set and stays that way when the
      CPU is plugged in again. At that point the timer hardware is not armed and
      it cannot be armed because the hang_detected flag is still active, so
      nothing clears that flag. As a consequence the CPU does not receive hrtimer
      interrupts and no timers expire on that CPU which results in RCU stalls and
      other malfunctions.
      
      Clear the flag along with some other less critical members of the hrtimer
      cpu base to ensure starting from a clean state when a CPU is plugged in.
      
      Thanks to Paul, Sebastian and Anna-Maria for their help to get down to the
      root cause of that hard to reproduce heisenbug. Once understood it's
      trivial and certainly justifies a brown paperbag.
      
      Fixes: 41d2e494 ("hrtimer: Tune hrtimer_interrupt hang logic")
      Reported-by: default avatarPaul E. McKenney <paulmck@linux.vnet.ibm.com>
      Signed-off-by: default avatarThomas Gleixner <tglx@linutronix.de>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: Sebastian Sewior <bigeasy@linutronix.de>
      Cc: Anna-Maria Gleixner <anna-maria@linutronix.de>
      Cc: stable@vger.kernel.org
      Link: https://lkml.kernel.org/r/alpine.DEB.2.20.1801261447590.2067@nanos
      d5421ea4
    • H. Peter Anvin's avatar
      x86: Mark hpa as a "Designated Reviewer" for the time being · 8a95b74d
      H. Peter Anvin authored
      Due to some unfortunate events, I have not been directly involved in
      the x86 kernel patch flow for a while now.  I have also not been able
      to ramp back up by now like I had hoped to, and after reviewing what I
      will need to work on both internally at Intel and elsewhere in the near
      term, it is clear that I am not going to be able to ramp back up until
      late 2018 at the very earliest.
      
      It is not acceptable to not recognize that this load is currently
      taken by Ingo and Thomas without my direct participation, so I mark
      myself as R: (designated reviewer) rather than M: (maintainer) until
      further notice.  This is in fact recognizing the de facto situation
      for the past few years.
      
      I have obviously no intention of going away, and I will do everything
      within my power to improve Linux on x86 and x86 for Linux.  This,
      however, puts credit where it is due and reflects a change of focus.
      
      This patch also removes stale entries for portions of the x86
      architecture which have not been maintained separately from arch/x86
      for a long time.  If there is a reason to re-introduce them then that
      can happen later.
      Signed-off-by: default avatarH. Peter Anvin <h.peter.anvin@intel.com>
      Signed-off-by: default avatarThomas Gleixner <tglx@linutronix.de>
      Cc: Bruce Schlobohm <bruce.schlobohm@intel.com>
      Cc: Linus Torvalds <torvalds@linux-foundation.org>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Link: http://lkml.kernel.org/r/20180125195934.5253-1-hpa@zytor.comSigned-off-by: default avatarIngo Molnar <mingo@kernel.org>
      8a95b74d
  4. 26 Jan, 2018 9 commits
    • Linus Torvalds's avatar
      Merge tag 'riscv-for-linus-4.15-maintainers' of... · c4e0ca7f
      Linus Torvalds authored
      Merge tag 'riscv-for-linus-4.15-maintainers' of git://git.kernel.org/pub/scm/linux/kernel/git/palmer/riscv-linux
      
      Pull RISC-V update from Palmer Dabbelt:
       "RISC-V: We have a new mailing list and git repo!
      
        Sorry to send something essentially as late as possible (Friday after
        an rc9), but we managed to get a mailing list for the RISC-V Linux
        port. We've been using patches@groups.riscv.org for a while, but that
        list has some problems (it's Google Groups and it's shared over all
        RISC-V software projects). The new infaread.org list is much better.
        We just got it on Wednesday but I used it a bit on Thursday to shake
        out all the configuration problems and it appears to be in working
        order.
      
        When I updated the mailing list I noticed that the MAINTAINERS file
        was pointing to our github repo, but now that we have a kernel.org
        repo I'd like to point to that instead so I changed that as well.
        We'll be centralizing all RISC-V Linux related development here as
        that seems to be the saner way to go about it.
      
        I can understand if it's too late to get this into 4.15, but given
        that it's not a code change I was hoping it'd still be OK. It would be
        nice to have the new mailing list and git repo in the release tarballs
        so when people start to find bugs they'll get to the right place"
      
      * tag 'riscv-for-linus-4.15-maintainers' of git://git.kernel.org/pub/scm/linux/kernel/git/palmer/riscv-linux:
        Update the RISC-V MAINTAINERS file
      c4e0ca7f
    • Linus Torvalds's avatar
      Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net · ba804bb4
      Linus Torvalds authored
      Pull networking fixes from David Miller:
      
       1) The per-network-namespace loopback device, and thus its namespace,
          can have its teardown deferred for a long time if a kernel created
          TCP socket closes and the namespace is exiting meanwhile. The kernel
          keeps trying to finish the close sequence until it times out (which
          takes quite some time).
      
          Fix this by forcing the socket closed in this situation, from Dan
          Streetman.
      
       2) Fix regression where we're trying to invoke the update_pmtu method
          on route types (in this case metadata tunnel routes) that don't
          implement the dst_ops method. Fix from Nicolas Dichtel.
      
       3) Fix long standing memory corruption issues in r8169 driver by
          performing the chip statistics DMA programming more correctly. From
          Francois Romieu.
      
       4) Handle local broadcast sends over VRF routes properly, from David
          Ahern.
      
       5) Don't refire the DCCP CCID2 timer endlessly, otherwise the socket
          can never be released. From Alexey Kodanev.
      
       6) Set poll flags properly in VSOCK protocol layer, from Stefan
          Hajnoczi.
      
      * git://git.kernel.org/pub/scm/linux/kernel/git/davem/net:
        VSOCK: set POLLOUT | POLLWRNORM for TCP_CLOSING
        dccp: don't restart ccid2_hc_tx_rto_expire() if sk in closed state
        net: vrf: Add support for sends to local broadcast address
        r8169: fix memory corruption on retrieval of hardware statistics.
        net: don't call update_pmtu unconditionally
        net: tcp: close sock if net namespace is exiting
      ba804bb4
    • Linus Torvalds's avatar
      Merge tag 'drm-fixes-for-v4.15-rc10-2' of git://people.freedesktop.org/~airlied/linux · db218549
      Linus Torvalds authored
      Pull drm fixes from Dave Airlie:
       "A fairly urgent nouveau regression fix for broken irqs across
        suspend/resume came in. This was broken before but a patch in 4.15 has
        made it much more obviously broken and now s/r fails a lot more often.
      
        The fix removes freeing the irq across s/r which never should have
        been done anyways.
      
        Also two vc4 fixes for a NULL deference and some misrendering /
        flickering on screen"
      
      * tag 'drm-fixes-for-v4.15-rc10-2' of git://people.freedesktop.org/~airlied/linux:
        drm/nouveau: Move irq setup/teardown to pci ctor/dtor
        drm/vc4: Fix NULL pointer dereference in vc4_save_hang_state()
        drm/vc4: Flush the caches before the bin jobs, as well.
      db218549
    • Stefan Hajnoczi's avatar
      VSOCK: set POLLOUT | POLLWRNORM for TCP_CLOSING · ba3169fc
      Stefan Hajnoczi authored
      select(2) with wfds but no rfds must return when the socket is shut down
      by the peer.  This way userspace notices socket activity and gets -EPIPE
      from the next write(2).
      
      Currently select(2) does not return for virtio-vsock when a SEND+RCV
      shutdown packet is received.  This is because vsock_poll() only sets
      POLLOUT | POLLWRNORM for TCP_CLOSE, not the TCP_CLOSING state that the
      socket is in when the shutdown is received.
      Signed-off-by: default avatarStefan Hajnoczi <stefanha@redhat.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      ba3169fc
    • Alexey Kodanev's avatar
      dccp: don't restart ccid2_hc_tx_rto_expire() if sk in closed state · dd5684ec
      Alexey Kodanev authored
      ccid2_hc_tx_rto_expire() timer callback always restarts the timer
      again and can run indefinitely (unless it is stopped outside), and after
      commit 120e9dab ("dccp: defer ccid_hc_tx_delete() at dismantle time"),
      which moved ccid_hc_tx_delete() (also includes sk_stop_timer()) from
      dccp_destroy_sock() to sk_destruct(), this started to happen quite often.
      The timer prevents releasing the socket, as a result, sk_destruct() won't
      be called.
      
      Found with LTP/dccp_ipsec tests running on the bonding device,
      which later couldn't be unloaded after the tests were completed:
      
        unregister_netdevice: waiting for bond0 to become free. Usage count = 148
      
      Fixes: 2a91aa39 ("[DCCP] CCID2: Initial CCID2 (TCP-Like) implementation")
      Signed-off-by: default avatarAlexey Kodanev <alexey.kodanev@oracle.com>
      Reviewed-by: default avatarEric Dumazet <edumazet@google.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      dd5684ec
    • Palmer Dabbelt's avatar
      Update the RISC-V MAINTAINERS file · 6572cc2b
      Palmer Dabbelt authored
      Now that we're upstream in Linux we've been able to make some
      infrastructure changes so our port works a bit more like other ports.
      Specifically:
      
      * We now have a mailing list specific to the RISC-V Linux port, hosted
        at lists.infreadead.org.
      * We now have a kernel.org git tree where work on our port is
        coordinated.
      
      This patch changes the RISC-V maintainers entry to reflect these new
      bits of infrastructure.
      Reviewed-by: default avatarChristoph Hellwig <hch@lst.de>
      Signed-off-by: default avatarPalmer Dabbelt <palmer@sifive.com>
      6572cc2b
    • Andy Lutomirski's avatar
      x86/mm/64: Tighten up vmalloc_fault() sanity checks on 5-level kernels · 36b3a772
      Andy Lutomirski authored
      On a 5-level kernel, if a non-init mm has a top-level entry, it needs to
      match init_mm's, but the vmalloc_fault() code skipped over the BUG_ON()
      that would have checked it.
      
      While we're at it, get rid of the rather confusing 4-level folded "pgd"
      logic.
      
      Cleans-up: b50858ce ("x86/mm/vmalloc: Add 5-level paging support")
      Signed-off-by: default avatarAndy Lutomirski <luto@kernel.org>
      Signed-off-by: default avatarThomas Gleixner <tglx@linutronix.de>
      Cc: Konstantin Khlebnikov <khlebnikov@yandex-team.ru>
      Cc: Dave Hansen <dave.hansen@intel.com>
      Cc: Borislav Petkov <bp@alien8.de>
      Cc: Neil Berrington <neil.berrington@datacore.com>
      Link: https://lkml.kernel.org/r/2ae598f8c279b0a29baf75df207e6f2fdddc0a1b.1516914529.git.luto@kernel.org
      36b3a772
    • Andy Lutomirski's avatar
      x86/mm/64: Fix vmapped stack syncing on very-large-memory 4-level systems · 5beda7d5
      Andy Lutomirski authored
      Neil Berrington reported a double-fault on a VM with 768GB of RAM that uses
      large amounts of vmalloc space with PTI enabled.
      
      The cause is that load_new_mm_cr3() was never fixed to take the 5-level pgd
      folding code into account, so, on a 4-level kernel, the pgd synchronization
      logic compiles away to exactly nothing.
      
      Interestingly, the problem doesn't trigger with nopti.  I assume this is
      because the kernel is mapped with global pages if we boot with nopti.  The
      sequence of operations when we create a new task is that we first load its
      mm while still running on the old stack (which crashes if the old stack is
      unmapped in the new mm unless the TLB saves us), then we call
      prepare_switch_to(), and then we switch to the new stack.
      prepare_switch_to() pokes the new stack directly, which will populate the
      mapping through vmalloc_fault().  I assume that we're getting lucky on
      non-PTI systems -- the old stack's TLB entry stays alive long enough to
      make it all the way through prepare_switch_to() and switch_to() so that we
      make it to a valid stack.
      
      Fixes: b50858ce ("x86/mm/vmalloc: Add 5-level paging support")
      Reported-and-tested-by: default avatarNeil Berrington <neil.berrington@datacore.com>
      Signed-off-by: default avatarAndy Lutomirski <luto@kernel.org>
      Signed-off-by: default avatarThomas Gleixner <tglx@linutronix.de>
      Cc: Konstantin Khlebnikov <khlebnikov@yandex-team.ru>
      Cc: stable@vger.kernel.org
      Cc: Dave Hansen <dave.hansen@intel.com>
      Cc: Borislav Petkov <bp@alien8.de>
      Link: https://lkml.kernel.org/r/346541c56caed61abbe693d7d2742b4a380c5001.1516914529.git.luto@kernel.org
      5beda7d5
    • Borislav Petkov's avatar
      x86/bugs: Drop one "mitigation" from dmesg · 55fa19d3
      Borislav Petkov authored
      Make
      
      [    0.031118] Spectre V2 mitigation: Mitigation: Full generic retpoline
      
      into
      
      [    0.031118] Spectre V2: Mitigation: Full generic retpoline
      
      to reduce the mitigation mitigations strings.
      Signed-off-by: default avatarBorislav Petkov <bp@suse.de>
      Signed-off-by: default avatarThomas Gleixner <tglx@linutronix.de>
      Reviewed-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
      Cc: riel@redhat.com
      Cc: ak@linux.intel.com
      Cc: peterz@infradead.org
      Cc: David Woodhouse <dwmw2@infradead.org>
      Cc: jikos@kernel.org
      Cc: luto@amacapital.net
      Cc: dave.hansen@intel.com
      Cc: torvalds@linux-foundation.org
      Cc: keescook@google.com
      Cc: Josh Poimboeuf <jpoimboe@redhat.com>
      Cc: tim.c.chen@linux.intel.com
      Cc: pjt@google.com
      Link: https://lkml.kernel.org/r/20180126121139.31959-5-bp@alien8.de
      55fa19d3