1. 08 Nov, 2019 11 commits
  2. 01 Nov, 2019 26 commits
  3. 25 Oct, 2019 3 commits
    • Mark Salter's avatar
      crypto: ccp - fix uninitialized list head · 691505a8
      Mark Salter authored
      A NULL-pointer dereference was reported in fedora bz#1762199 while
      reshaping a raid6 array after adding a fifth drive to an existing
      array.
      
      [   47.343549] md/raid:md0: raid level 6 active with 3 out of 5 devices, algorithm 2
      [   47.804017] md0: detected capacity change from 0 to 7885289422848
      [   47.822083] Unable to handle kernel read from unreadable memory at virtual address 0000000000000000
      ...
      [   47.940477] CPU: 1 PID: 14210 Comm: md0_raid6 Tainted: G        W         5.2.18-200.fc30.aarch64 #1
      [   47.949594] Hardware name: AMD Overdrive/Supercharger/To be filled by O.E.M., BIOS ROD1002C 04/08/2016
      [   47.958886] pstate: 00400085 (nzcv daIf +PAN -UAO)
      [   47.963668] pc : __list_del_entry_valid+0x2c/0xa8
      [   47.968366] lr : ccp_tx_submit+0x84/0x168 [ccp]
      [   47.972882] sp : ffff00001369b970
      [   47.976184] x29: ffff00001369b970 x28: ffff00001369bdb8
      [   47.981483] x27: 00000000ffffffff x26: ffff8003b758af70
      [   47.986782] x25: ffff8003b758b2d8 x24: ffff8003e6245818
      [   47.992080] x23: 0000000000000000 x22: ffff8003e62450c0
      [   47.997379] x21: ffff8003dfd6add8 x20: 0000000000000003
      [   48.002678] x19: ffff8003e6245100 x18: 0000000000000000
      [   48.007976] x17: 0000000000000000 x16: 0000000000000000
      [   48.013274] x15: 0000000000000000 x14: 0000000000000000
      [   48.018572] x13: ffff7e000ef83a00 x12: 0000000000000001
      [   48.023870] x11: ffff000010eff998 x10: 00000000000019a0
      [   48.029169] x9 : 0000000000000000 x8 : ffff8003e6245180
      [   48.034467] x7 : 0000000000000000 x6 : 000000000000003f
      [   48.039766] x5 : 0000000000000040 x4 : ffff8003e0145080
      [   48.045064] x3 : dead000000000200 x2 : 0000000000000000
      [   48.050362] x1 : 0000000000000000 x0 : ffff8003e62450c0
      [   48.055660] Call trace:
      [   48.058095]  __list_del_entry_valid+0x2c/0xa8
      [   48.062442]  ccp_tx_submit+0x84/0x168 [ccp]
      [   48.066615]  async_tx_submit+0x224/0x368 [async_tx]
      [   48.071480]  async_trigger_callback+0x68/0xfc [async_tx]
      [   48.076784]  ops_run_biofill+0x178/0x1e8 [raid456]
      [   48.081566]  raid_run_ops+0x248/0x818 [raid456]
      [   48.086086]  handle_stripe+0x864/0x1208 [raid456]
      [   48.090781]  handle_active_stripes.isra.0+0xb0/0x278 [raid456]
      [   48.096604]  raid5d+0x378/0x618 [raid456]
      [   48.100602]  md_thread+0xa0/0x150
      [   48.103905]  kthread+0x104/0x130
      [   48.107122]  ret_from_fork+0x10/0x18
      [   48.110686] Code: d2804003 f2fbd5a3 eb03003f 54000320 (f9400021)
      [   48.116766] ---[ end trace 23f390a527f7ad77 ]---
      
      ccp_tx_submit is passed a dma_async_tx_descriptor which is contained in
      a ccp_dma_desc and adds it to a ccp channel's pending list:
      
      	list_del(&desc->entry);
      	list_add_tail(&desc->entry, &chan->pending);
      
      The problem is that desc->entry may be uninitialized in the
      async_trigger_callback path where the descriptor was gotten
      from ccp_prep_dma_interrupt which got it from ccp_alloc_dma_desc
      which doesn't initialize the desc->entry list head. So, just
      initialize the list head to avoid the problem.
      
      Cc: <stable@vger.kernel.org>
      Reported-by: default avatarSahaj Sarup <sahajsarup@gmail.com>
      Signed-off-by: default avatarMark Salter <msalter@redhat.com>
      Acked-by: default avatarGary R Hook <gary.hook@amd.com>
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      691505a8
    • Geert Uytterhoeven's avatar
      crypto: nx - Improve debugfs_create_u{32,64}() handling for atomics · fe95938d
      Geert Uytterhoeven authored
      Variables of type atomic{,64}_t can be used fine with
      debugfs_create_u{32,64}, when passing a pointer to the embedded counter.
      This allows to get rid of the casts, which prevented compiler checks.
      Signed-off-by: default avatarGeert Uytterhoeven <geert+renesas@glider.be>
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      fe95938d
    • Hook, Gary's avatar
      crypto: ccp - Verify access to device registers before initializing · 03f008c5
      Hook, Gary authored
      Check early whether device registers can be accessed. Some BIOSes have
      a broken security policy that prevents access to the device registers,
      and return values from ioread() can be misinterpreted. If a read of
      a feature register returns a -1, we may not be able to access
      any device register, so report the problem and suggestion, and return.
      
      For the PSP, the feature register is checked. For the CCP, the queue
      register is checked.
      Signed-off-by: default avatarGary R Hook <gary.hook@amd.com>
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      03f008c5