Linus Torvalds [Thu, 24 Dec 2020 20:40:07 +0000 (12:40 -0800)]
Merge tag 'efi_updates_for_v5.11' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
Pull EFI updates from Borislav Petkov:
"These got delayed due to a last minute ia64 build issue which got
fixed in the meantime.
EFI updates collected by Ard Biesheuvel:
- Don't move BSS section around pointlessly in the x86 decompressor
- Refactor helper for discovering the EFI secure boot mode
- Wire up EFI secure boot to IMA for arm64
- Some fixes for the capsule loader
- Expose the RT_PROP table via the EFI test module
- Relax DT and kernel placement restrictions on ARM
with a few followup fixes:
- fix the build breakage on IA64 caused by recent capsule loader
changes
- suppress a type mismatch build warning in the expansion of
EFI_PHYS_ALIGN on ARM"
* tag 'efi_updates_for_v5.11' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
efi: arm: force use of unsigned type for EFI_PHYS_ALIGN
efi: ia64: disable the capsule loader
efi: stub: get rid of efi_get_max_fdt_addr()
efi/efi_test: read RuntimeServicesSupported
efi: arm: reduce minimum alignment of uncompressed kernel
efi: capsule: clean scatter-gather entries from the D-cache
efi: capsule: use atomic kmap for transient sglist mappings
efi: x86/xen: switch to efi_get_secureboot_mode helper
arm64/ima: add ima_arch support
ima: generalize x86/EFI arch glue for other EFI architectures
efi: generalize efi_get_secureboot
efi/libstub: EFI_GENERIC_STUB_INITRD_CMDLINE_LOADER should not default to yes
efi/x86: Only copy the compressed kernel image in efi_relocate_kernel()
efi/libstub/x86: simplify efi_is_native()
Linus Torvalds [Thu, 24 Dec 2020 20:35:00 +0000 (12:35 -0800)]
Merge tag 'io_uring-5.11-2020-12-23' of git://git.kernel.dk/linux-block
Pull io_uring fixes from Jens Axboe:
"All straight fixes, or a prep patch for a fix, either bound for stable
or fixing issues from this merge window. In particular:
- Fix new shutdown op not breaking links on failure
- Hold mm->mmap_sem for mm->locked_vm manipulation
* tag 'io_uring-5.11-2020-12-23' of git://git.kernel.dk/linux-block:
io_uring: hold uring_lock while completing failed polled io in io_wq_submit_work()
io_uring: fix double io_uring free
io_uring: fix ignoring xa_store errors
io_uring: end waiting before task cancel attempts
io_uring: always progress task_work on task cancel
io-wq: kill now unused io_wq_cancel_all()
io_uring: make ctx cancel on exit targeted to actual ctx
io_uring: fix 0-iov read buffer select
io_uring: close a small race gap for files cancel
io_uring: fix io_wqe->work_list corruption
io_uring: limit {io|sq}poll submit locking scope
io_uring: inline io_cqring_mark_overflow()
io_uring: consolidate CQ nr events calculation
io_uring: remove racy overflow list fast checks
io_uring: cancel reqs shouldn't kill overflow list
io_uring: hold mmap_sem for mm->locked_vm manipulation
io_uring: break links on shutdown failure
Linus Torvalds [Thu, 24 Dec 2020 20:28:35 +0000 (12:28 -0800)]
Merge tag 'block-5.11-2020-12-23' of git://git.kernel.dk/linux-block
Pull block fixes from Jens Axboe:
"A few stragglers in here, but mostly just straight fixes. In
particular:
- Set of rnbd fixes for issues around changes for the merge window
(Gioh, Jack, Md Haris Iqbal)
- iocost tracepoint addition (Baolin)
- Copyright/maintainers update (Christoph)
- Remove old blk-mq fast path CPU warning (Daniel)
- loop max_part fix (Josh)
- Remote IPI threaded IRQ fix (Sebastian)
- dasd stable fixes (Stefan)
- bcache merge window fixup and style fixup (Yi, Zheng)"
* tag 'block-5.11-2020-12-23' of git://git.kernel.dk/linux-block:
md/bcache: convert comma to semicolon
bcache:remove a superfluous check in register_bcache
block: update some copyrights
block: remove a pointless self-reference in block_dev.c
MAINTAINERS: add fs/block_dev.c to the block section
blk-mq: Don't complete on a remote CPU in force threaded mode
s390/dasd: fix list corruption of lcu list
s390/dasd: fix list corruption of pavgroup group list
s390/dasd: prevent inconsistent LCU device data
s390/dasd: fix hanging device offline processing
blk-iocost: Add iocg idle state tracepoint
nbd: Respect max_part for all partition scans
block/rnbd-clt: Does not request pdu to rtrs-clt
block/rnbd-clt: Dynamically allocate sglist for rnbd_iu
block/rnbd: Set write-back cache and fua same to the target device
block/rnbd: Fix typos
block/rnbd-srv: Protect dev session sysfs removal
block/rnbd-clt: Fix possible memleak
block/rnbd-clt: Get rid of warning regarding size argument in strlcpy
blk-mq: Remove 'running from the wrong CPU' warning
Linus Torvalds [Thu, 24 Dec 2020 20:18:11 +0000 (12:18 -0800)]
Merge tag 'libnvdimm-for-5.11' of git://git.kernel.org/pub/scm/linux/kernel/git/nvdimm/nvdimm
Pull libnvdimm updates from Dan Williams:
"Twas the day before Christmas and the only thing stirring in libnvdimm
/ device-dax land is a pile of miscellaneous fixups and cleanups.
The bulk of it has appeared in -next save the last two patches to
device-dax that have passed my build and unit tests.
- Fix a long standing block-window-namespace issue surfaced by the
ndctl change to attempt to preserve the kernel device name over
a 'reconfigure'
- Fix a few error path memory leaks in nfit and device-dax
- Silence a smatch warning in the ioctl path
- Miscellaneous cleanups"
* tag 'libnvdimm-for-5.11' of git://git.kernel.org/pub/scm/linux/kernel/git/nvdimm/nvdimm:
device-dax: Avoid an unnecessary check in alloc_dev_dax_range()
device-dax: Fix range release
device-dax: delete a redundancy check in dev_dax_validate_align()
libnvdimm/label: Return -ENXIO for no slot in __blk_label_update
device-dax/core: Fix memory leak when rmmod dax.ko
device-dax/pmem: Convert comma to semicolon
libnvdimm: Cleanup include of badblocks.h
ACPI: NFIT: Fix input validation of bus-family
libnvdimm/namespace: Fix reaping of invalidated block-window-namespace labels
ACPI/nfit: avoid accessing uninitialized memory in acpi_nfit_ctl()
amdkfd:
- Properly require pcie atomics for gfx10"
* tag 'drm-next-2020-12-24' of git://anongit.freedesktop.org/drm/drm: (31 commits)
drm/amd/display: Fix memory leaks in S3 resume
drm/amdgpu: Fix a copy-pasta comment
drm/amdgpu: only set DP subconnector type on DP and eDP connectors
drm/amd/pm: bump Sienna Cichlid smu_driver_if version to match latest pmfw
drm/amd/display: add getter routine to retrieve mpcc mux
drm/amd/display: always program DPPDTO unless not safe to lower
drm/amd/display: [FW Promotion] Release 0.0.47
drm/amd/display: updated wm table for Renoir
drm/amd/display: Acquire DSC during split stream for ODM only if top_pipe
drm/amd/display: Multi-display underflow observed
drm/amd/display: Remove unnecessary NULL check
drm/amd/display: Update RN/VGH active display count workaround
drm/amd/display: change SMU repsonse timeout to 2s.
drm/amd/display: gradually ramp ABM intensity
drm/amd/display: To modify the condition in indicating branch device
drm/amd/display: Modify the hdcp device count check condition
drm/amd/display: Interfaces for hubp blank and soft reset
drm/amd/display: handler not correctly checked at remove_irq_handler
drm/amdgpu: check gfx pipe availability before toggling its interrupts
drm/amdgpu: remove unnecessary asic type check
...
Linus Torvalds [Thu, 24 Dec 2020 20:06:46 +0000 (12:06 -0800)]
Merge tag 'for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mst/vhost
Pull virtio updates from Michael Tsirkin:
- vdpa sim refactoring
- virtio mem: Big Block Mode support
- misc cleanus, fixes
* tag 'for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mst/vhost: (61 commits)
vdpa: Use simpler version of ida allocation
vdpa: Add missing comment for virtqueue count
uapi: virtio_ids: add missing device type IDs from OASIS spec
uapi: virtio_ids.h: consistent indentions
vhost scsi: fix error return code in vhost_scsi_set_endpoint()
virtio_ring: Fix two use after free bugs
virtio_net: Fix error code in probe()
virtio_ring: Cut and paste bugs in vring_create_virtqueue_packed()
tools/virtio: add barrier for aarch64
tools/virtio: add krealloc_array
tools/virtio: include asm/bug.h
vdpa/mlx5: Use write memory barrier after updating CQ index
vdpa: split vdpasim to core and net modules
vdpa_sim: split vdpasim_virtqueue's iov field in out_iov and in_iov
vdpa_sim: make vdpasim->buffer size configurable
vdpa_sim: use kvmalloc to allocate vdpasim->buffer
vdpa_sim: set vringh notify callback
vdpa_sim: add set_config callback in vdpasim_dev_attr
vdpa_sim: add get_config callback in vdpasim_dev_attr
vdpa_sim: make 'config' generic and usable for any device type
...
Zhen Lei [Sat, 19 Dec 2020 08:18:40 +0000 (16:18 +0800)]
device-dax: Avoid an unnecessary check in alloc_dev_dax_range()
Swap the calling sequence of krealloc() and __request_region(), call the
latter first. In this way, the value of dev_dax->nr_range does not need to
be considered when __request_region() failed.
Dan Williams [Sat, 19 Dec 2020 02:41:41 +0000 (18:41 -0800)]
device-dax: Fix range release
There are multiple locations that open-code the release of the last
range in a device-dax instance. Consolidate this into a new
dev_dax_trim_range() helper.
Dave Airlie [Thu, 24 Dec 2020 00:08:10 +0000 (10:08 +1000)]
Merge tag 'drm-misc-next-fixes-2020-12-22' of git://anongit.freedesktop.org/drm/drm-misc into drm-next
Short summary of fixes pull:
* dma-buf: Include <linux/vmalloc.h> for building on MIPS
* komeda: Fix order of operation in commit tail; Fix NULL-pointer and
out-of-bounds access; Cleanups
* ttm: Fix an unused-function warning
Linus Torvalds [Wed, 23 Dec 2020 23:11:08 +0000 (15:11 -0800)]
Merge tag 'sound-fix-5.11-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound
Pull sound fixes from Takashi Iwai:
"A collection of small fixes that came up recently for 5.11.
The majority of fixes are usual HD-audio and USB-audio quirks, with a
few PCM core fixes for addressing the information leak and yet more
UBSAN fixes in the core side"
* tag 'sound-fix-5.11-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound:
ALSA/hda: apply jack fixup for the Acer Veriton N4640G/N6640G/N2510G
ALSA: hda/realtek: Apply jack fixup for Quanta NL3
ALSA: usb-audio: Add implicit feeback support for the BOSS GT-1
ALSA: usb-audio: Add alias entry for ASUS PRIME TRX40 PRO-S
ALSA: core: Remove redundant comments
ALSA: hda/realtek: Add quirk for MSI-GP73
ALSA: pcm: oss: Fix a few more UBSAN fixes
ALSA: pcm: Clear the full allocated memory at hw_params
ALSA: memalloc: Align buffer allocations in page size
ALSA: usb-audio: Disable sample read check if firmware doesn't give back
ALSA: pcm: Remove snd_pcm_lib_preallocate_dma_free()
ALSA: usb-audio: Add VID to support native DSD reproduction on FiiO devices
ALSA: core: memalloc: add page alignment for iram
ALSA: hda/realtek - Supported Dell fixed type headset
ALSA: hda/realtek: Remove dummy lineout on Acer TravelMate P648/P658
Linus Torvalds [Wed, 23 Dec 2020 23:01:49 +0000 (15:01 -0800)]
Merge tag 'linux-watchdog-5.11-rc1' of git://www.linux-watchdog.org/linux-watchdog
Pull watchdog updates from Wim Van Sebroeck:
- Removal of the pnx83xx driver
- Add a binding for A100's watchdog controller
- Add Rockchip compatibles to snps,dw-wdt.yaml
- hpwdt: Disable NMI in Crash Kernel
- Fix potential dereferencing of null pointer in watchdog_core
- Several other small fixes and improvements
* tag 'linux-watchdog-5.11-rc1' of git://www.linux-watchdog.org/linux-watchdog: (23 commits)
watchdog: convert comma to semicolon
watchdog: iTCO_wdt: use dev_*() instead of pr_*() for logging
dt-binding: watchdog: add Rockchip compatibles to snps,dw-wdt.yaml
watchdog: coh901327: add COMMON_CLK dependency
dt-bindings: watchdog: sun4i: Add A100 compatible
watchdog: qcom: Avoid context switch in restart handler
watchdog: iTCO_wdt: use module_platform_device() macro
watchdog: Fix potential dereferencing of null pointer
watchdog: wdat_wdt: Fix missing kerneldoc reported by W=1
watchdog/hpwdt: Reflect changes
watchdog/hpwdt: Disable NMI in Crash Kernel
wdt: sp805: add watchdog_stop on reboot
watchdog: sbc_fitpc2_wdt: add __user annotations
watchdog: geodewdt: remove unneeded break
watchdog: rti-wdt: fix reference leak in rti_wdt_probe
watchdog: qcom_wdt: set WDOG_HW_RUNNING bit when appropriate
watchdog: remove pnx83xx driver
watchdog: stm32_iwdg: don't print an error on probe deferral
watchdog: sprd: change to use usleep_range() instead of busy loop
watchdog: sprd: check busy bit before new loading rather than after that
...
Stylon Wang [Tue, 10 Nov 2020 07:40:06 +0000 (15:40 +0800)]
drm/amd/display: Fix memory leaks in S3 resume
EDID parsing in S3 resume pushes new display modes
to probed_modes list but doesn't consolidate to actual
mode list. This creates a race condition when
amdgpu_dm_connector_ddc_get_modes() re-initializes the
list head without walking the list and results in memory leak.
Bug: https://bugzilla.kernel.org/show_bug.cgi?id=209987 Acked-by: Harry Wentland <harry.wentland@amd.com> Acked-by: Alex Deucher <alexander.deucher@amd.com> Reviewed-by: Nicholas Kazlauskas <nicholas.kazlauskas@amd.com> Signed-off-by: Stylon Wang <stylon.wang@amd.com> Signed-off-by: Alex Deucher <alexander.deucher@amd.com> Cc: stable@vger.kernel.org
Alex Deucher [Thu, 17 Dec 2020 17:11:36 +0000 (12:11 -0500)]
drm/amdgpu: only set DP subconnector type on DP and eDP connectors
Fixes a crash in drm_object_property_set_value() because the property
is not set for internal DP ports that connect to a bridge chips
(e.g., DP to VGA or DP to LVDS).
Bug: https://bugzilla.kernel.org/show_bug.cgi?id=210739 Fixes: 65bf2cf95d3ade ("drm/amdgpu: utilize subconnector property for DP through atombios") Tested-By: Kris Karas <bugs-a17@moonlit-rail.com> Cc: Oleg Vasilev <oleg.vasilev@intel.com> Signed-off-by: Alex Deucher <alexander.deucher@amd.com> Cc: stable@vger.kernel.org # 5.10.x
Jake Wang [Fri, 11 Dec 2020 21:53:57 +0000 (16:53 -0500)]
drm/amd/display: always program DPPDTO unless not safe to lower
[Why]
We defer clock updates to after pipes have been programmed. In
some instances we use DPPCLK that have been previously set to be
"unused". This results in a brief window of time where underflow
could occur.
[How]
During prepare bandwidth allow rn_update_clocks_update_dpp_dto
to check each instance and compare previous clock to new clock.
If new clock is higher than previous clock, program DPPDTO.
Signed-off-by: Jake Wang <haonan.wang2@amd.com> Acked-by: Bindu Ramamurthy <bindu.r@amd.com> Signed-off-by: Alex Deucher <alexander.deucher@amd.com>
Yongqiang Sun [Fri, 11 Dec 2020 20:34:30 +0000 (15:34 -0500)]
drm/amd/display: [FW Promotion] Release 0.0.47
- restore lvtma_pwrseq_delay2 from vbios integrated info table
- restore MVID/NVID after power up.
- Enable timer wake up mask when enable timer interrupt.
Signed-off-by: Yongqiang Sun <yongqiang.sun@amd.com> Acked-by: Bindu Ramamurthy <bindu.r@amd.com> Signed-off-by: Alex Deucher <alexander.deucher@amd.com>
Sung Lee [Wed, 9 Dec 2020 19:58:59 +0000 (14:58 -0500)]
drm/amd/display: Acquire DSC during split stream for ODM only if top_pipe
[WHY]
DSC should only be acquired per OPP. Therefore, DSC should only
be acquired for the top_pipe when ODM is enabled.
Not doing this check may lead to acquiring more DSC's than needed
when doing MPO + ODM Combine.
[HOW]
Only acquire DSC if pipe is top_pipe.
Signed-off-by: Sung Lee <sung.lee@amd.com> Acked-by: Bindu Ramamurthy <bindu.r@amd.com> Signed-off-by: Alex Deucher <alexander.deucher@amd.com>
Yongqiang Sun [Wed, 9 Dec 2020 21:56:51 +0000 (16:56 -0500)]
drm/amd/display: change SMU repsonse timeout to 2s.
[Why]
there is some garbage showing up during reboot test.
Reason:
SMU might handle display driver msg defered and driver will send
next msg to SMU after 10ms timeout, once SMU FW handle previous msg,
parameters are changed to next one, which result in a wrong value be programmed.
[How]
Extend timeout to 2s so SMU will have enough time to handle driver msg.
Signed-off-by: Yongqiang Sun <yongqiang.sun@amd.com> Acked-by: Bindu Ramamurthy <bindu.r@amd.com> Signed-off-by: Alex Deucher <alexander.deucher@amd.com>
Martin Tsai [Thu, 3 Dec 2020 02:47:11 +0000 (10:47 +0800)]
drm/amd/display: Modify the hdcp device count check condition
[why]
Some MST display may not report the internal panel to DEVICE_COUNT,
that makes the check condition always failed.
[how]
To update this condition with the reported device count + 1
(because the immediate repeater's internal panel is possibly
not included in DEVICE_COUNT)
Signed-off-by: Martin Tsai <martin.tsai@amd.com> Acked-by: Bindu Ramamurthy <bindu.r@amd.com> Signed-off-by: Alex Deucher <alexander.deucher@amd.com>
Wesley Chalmers [Mon, 7 Dec 2020 16:46:08 +0000 (11:46 -0500)]
drm/amd/display: Interfaces for hubp blank and soft reset
[WHY]
HUBP blanking sequence on DCN30 requires us to check if HUBP is in blank
and also toggle HUBP_DISABLE, which should instead be called
HUBP_SOFT_RESET for what it does in HW.
Qingqing Zhuo [Fri, 4 Dec 2020 15:55:13 +0000 (10:55 -0500)]
drm/amd/display: handler not correctly checked at remove_irq_handler
[why]
handler is supposedly passed in as a function pointer;
however, the entire struct amdgpu_dm_irq_handler_data
gets from the list is used to check match.
[how]
use the interrupt_handler within amdgpu_dm_irq_handler_data
for checking match.
Hawking Zhang [Sat, 21 Nov 2020 13:01:47 +0000 (21:01 +0800)]
drm/amdgpu: check number of gfx ring before init cp gfx
Check number of gfx ring, rather than asic type,
before cp gfx engine initialization so driver just
need to make sure number of gfx ring is initialized
correctly in gfx early_init phase. No need to add
additional asic type check everywhere when there is
new asic with gfx pipe removed.
Signed-off-by: Hawking Zhang <Hawking.Zhang@amd.com> Reviewed-by: Feifei Xu <Feifei.Xu@amd.com> Acked-by: Christian König <christian.koenig@amd.com> Reviewed-by: Alex Deucher <alexander.deucher@amd.com> Signed-off-by: Alex Deucher <alexander.deucher@amd.com>
Yi Li [Wed, 23 Dec 2020 15:04:21 +0000 (23:04 +0800)]
bcache:remove a superfluous check in register_bcache
There have no reassign the bdev after check It is IS_ERR.
the double check !IS_ERR(bdev) is superfluous.
After commit 4e7b5671c6a8 ("block: remove i_bdev"),
"Switch the block device lookup interfaces to directly work with a dev_t
so that struct block_device references are only acquired by the
blkdev_get variants (and the blk-cgroup special case). This means that
we now don't need an extra reference in the inode and can generally
simplify handling of struct block_device to keep the lookups contained
in the core block layer code."
so after lookup_bdev call, there no need to do bdput.
remove a superfluous check the bdev & don't call bdput after lookup_bdev.
Fixes: 4e7b5671c6a8("block: remove i_bdev") Signed-off-by: Yi Li <yili@winhong.com> Reviewed-by: Christoph Hellwig <hch@lst.de> Signed-off-by: Coly Li <colyli@suse.de> Signed-off-by: Jens Axboe <axboe@kernel.dk>
Rob Herring [Tue, 22 Dec 2020 04:01:21 +0000 (21:01 -0700)]
dt-bindings: net: qcom,ipa: Drop unnecessary type ref on 'memory-region'
'memory-region' is a common property, so it doesn't need a type ref here.
Cc: "David S. Miller" <davem@davemloft.net> Cc: Jakub Kicinski <kuba@kernel.org> Cc: Alex Elder <elder@kernel.org> Cc: netdev@vger.kernel.org Acked-by: Alex Elder <elder@linaro.org> Link: https://lore.kernel.org/r/20201222040121.1314370-1-robh@kernel.org Signed-off-by: Rob Herring <robh@kernel.org>
Xiaoguang Wang [Mon, 14 Dec 2020 15:49:41 +0000 (23:49 +0800)]
io_uring: hold uring_lock while completing failed polled io in io_wq_submit_work()
io_iopoll_complete() does not hold completion_lock to complete polled io,
so in io_wq_submit_work(), we can not call io_req_complete() directly, to
complete polled io, otherwise there maybe concurrent access to cqring,
defer_list, etc, which is not safe. Commit dad1b1242fd5 ("io_uring: always
let io_iopoll_complete() complete polled io") has fixed this issue, but
Pavel reported that IOPOLL apart from rw can do buf reg/unreg requests(
IORING_OP_PROVIDE_BUFFERS or IORING_OP_REMOVE_BUFFERS), so the fix is not
good.
Given that io_iopoll_complete() is always called under uring_lock, so here
for polled io, we can also get uring_lock to fix this issue.
Fixes: dad1b1242fd5 ("io_uring: always let io_iopoll_complete() complete polled io") Cc: <stable@vger.kernel.org> # 5.5+ Signed-off-by: Xiaoguang Wang <xiaoguang.wang@linux.alibaba.com> Reviewed-by: Pavel Begunkov <asml.silence@gmail.com>
[axboe: don't deref 'req' after completing it'] Signed-off-by: Jens Axboe <axboe@kernel.dk>
Linus Torvalds [Tue, 22 Dec 2020 22:19:21 +0000 (14:19 -0800)]
Merge tag 'acpi-5.11-rc1-2' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm
Pull more ACPI updates from Rafael Wysocki:
"These make the ACPI enumeration of devices take _DEP information into
account more aggressively, fix device IDs matching in the ACPI part of
the PNP devices framework and update the ACPI code related to
suspend-to-idle to take systems based on AMD hardware into account
properly.
Specifics:
- Modify the ACPI device enumeration code to defer the enumeration of
devices with an _HID whose lists of operation region dependencies
returned by _DEP are not empty after eliminating the entries
representing known-benign dependencies from them (Rafael Wysocki,
Hans de Goede).
- Make the ACPI PNP code mathing device IDs also take the length of
the given ID string into account (Hui Wang).
- Add AMD systems support to the ACPI code handling suspend-to-idle
via the PNP0D80 (System Power Management Controller) device _DSM
interface (Shyam Sundar).
- Move the suspend-to-idle handling code related to the PNP0D80
device _DSM interface, which is x86-specific, to a separate file in
the x86/ subdirectory (Rafael Wysocki)"
* tag 'acpi-5.11-rc1-2' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm:
ACPI: PM: s2idle: Move x86-specific code to the x86 directory
ACPI: scan: Add Intel Baytrail Mailbox Device to acpi_ignore_dep_ids
ACPI: scan: Avoid unnecessary second pass in acpi_bus_scan()
ACPI: scan: Defer enumeration of devices with _DEP lists
ACPI: scan: Evaluate _DEP before adding the device
ACPI: PM: s2idle: Add AMD support to handle _DSM
ACPI: PNP: compare the string length in the matching_id()
Linus Torvalds [Tue, 22 Dec 2020 22:12:10 +0000 (14:12 -0800)]
Merge tag 'pm-5.11-rc1-2' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm
Pull more power management updates from Rafael Wysocki:
"These update the CPPC cpufreq driver and intel_pstate (which involves
updating the cpufreq core and the schedutil governor) and make
janitorial changes in the ACPI code handling processor objects.
Specifics:
- Rework the passive-mode "fast switch" path in the intel_pstate
driver to allow it receive the minimum (required) and target
(desired) performance information from the schedutil governor so as
to avoid running some workloads too fast (Rafael Wysocki).
- Make the intel_pstate driver allow the policy max limit to be
increased after the guaranteed performance value for the given CPU
has increased (Rafael Wysocki).
- Clean up the handling of CPU coordination types in the CPPC cpufreq
driver and make it export frequency domains information to user
space via sysfs (Ionela Voinescu).
- Fix the ACPI code handling processor objects to use a correct
coordination type when it fails to map frequency domains and drop a
redundant CPU map initialization from it (Ionela Voinescu, Punit
Agrawal)"
* tag 'pm-5.11-rc1-2' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm:
cpufreq: intel_pstate: Use most recent guaranteed performance values
cpufreq: intel_pstate: Implement the ->adjust_perf() callback
cpufreq: Add special-purpose fast-switching callback for drivers
cpufreq: schedutil: Add util to struct sg_cpu
cppc_cpufreq: replace per-cpu data array with a list
cppc_cpufreq: expose information on frequency domains
cppc_cpufreq: clarify support for coordination types
cppc_cpufreq: use policy->cpu as driver of frequency setting
ACPI: processor: fix NONE coordination for domain mapping failure
Linus Torvalds [Tue, 22 Dec 2020 22:04:25 +0000 (14:04 -0800)]
Merge tag 'kconfig-v5.11' of git://git.kernel.org/pub/scm/linux/kernel/git/masahiroy/linux-kbuild
Pull Kconfig updates from Masahiro Yamada:
- Support only Qt5 for qconf
- Validate signal/slot connection at compile time of qconf
- Sanitize header includes
* tag 'kconfig-v5.11' of git://git.kernel.org/pub/scm/linux/kernel/git/masahiroy/linux-kbuild:
kconfig: doc: fix $(fileno) to $(filename)
kconfig: fix return value of do_error_if()
kconfig: clean up header inclusion
kconfig: qconf: show Qt version in the About dialog
kconfig: make lkc.h self-sufficient #include-wise
kconfig: qconf: convert to Qt5 new signal/slot connection syntax
kconfig: qconf: use a variable to pass packages to pkg-config
kconfig: qconf: drop Qt4 support
Linus Torvalds [Tue, 22 Dec 2020 21:38:17 +0000 (13:38 -0800)]
Merge branch 'akpm' (patches from Andrew)
Merge KASAN updates from Andrew Morton.
This adds a new hardware tag-based mode to KASAN. The new mode is
similar to the existing software tag-based KASAN, but relies on arm64
Memory Tagging Extension (MTE) to perform memory and pointer tagging
(instead of shadow memory and compiler instrumentation).
By Andrey Konovalov and Vincenzo Frascino.
* emailed patches from Andrew Morton <akpm@linux-foundation.org>: (60 commits)
kasan: update documentation
kasan, mm: allow cache merging with no metadata
kasan: sanitize objects when metadata doesn't fit
kasan: clarify comment in __kasan_kfree_large
kasan: simplify assign_tag and set_tag calls
kasan: don't round_up too much
kasan, mm: rename kasan_poison_kfree
kasan, mm: check kasan_enabled in annotations
kasan: add and integrate kasan boot parameters
kasan: inline (un)poison_range and check_invalid_free
kasan: open-code kasan_unpoison_slab
kasan: inline random_tag for HW_TAGS
kasan: inline kasan_reset_tag for tag-based modes
kasan: remove __kasan_unpoison_stack
kasan: allow VMAP_STACK for HW_TAGS mode
kasan, arm64: unpoison stack only with CONFIG_KASAN_STACK
kasan: introduce set_alloc_info
kasan: rename get_alloc/free_info
kasan: simplify quarantine_put call site
kselftest/arm64: check GCR_EL1 after context switch
...
Linus Torvalds [Tue, 22 Dec 2020 21:34:27 +0000 (13:34 -0800)]
Merge tag 'for-linus' of git://git.armlinux.org.uk/~rmk/linux
Pull ARM updates from Russell King:
- Rework phys/virt translation
- Add KASan support
- Move DT out of linear map region
- Use more PC-relative addressing in assembly
- Remove FP emulation handling while in kernel mode
- Link with '-z norelro'
- remove old check for GCC <= 4.2 in ARM unwinder code
- disable big endian if using clang's linker
* tag 'for-linus' of git://git.armlinux.org.uk/~rmk/linux-arm: (46 commits)
ARM: 9027/1: head.S: explicitly map DT even if it lives in the first physical section
ARM: 9038/1: Link with '-z norelro'
ARM: 9037/1: uncompress: Add OF_DT_MAGIC macro
ARM: 9036/1: uncompress: Fix dbgadtb size parameter name
ARM: 9035/1: uncompress: Add be32tocpu macro
ARM: 9033/1: arm/smp: Drop the macro S(x,s)
ARM: 9032/1: arm/mm: Convert PUD level pgtable helper macros into functions
ARM: 9031/1: hyp-stub: remove unused .L__boot_cpu_mode_offset symbol
ARM: 9044/1: vfp: use undef hook for VFP support detection
ARM: 9034/1: __div64_32(): straighten up inline asm constraints
ARM: 9030/1: entry: omit FP emulation for UND exceptions taken in kernel mode
ARM: 9029/1: Make iwmmxt.S support Clang's integrated assembler
ARM: 9028/1: disable KASAN in call stack capturing routines
ARM: 9026/1: unwind: remove old check for GCC <= 4.2
ARM: 9025/1: Kconfig: CPU_BIG_ENDIAN depends on !LD_IS_LLD
ARM: 9024/1: Drop useless cast of "u64" to "long long"
ARM: 9023/1: Spelling s/mmeory/memory/
ARM: 9022/1: Change arch/arm/lib/mem*.S to use WEAK instead of .weak
ARM: kvm: replace open coded VA->PA calculations with adr_l call
ARM: head.S: use PC relative insn sequence to calculate PHYS_OFFSET
...
Linus Torvalds [Tue, 22 Dec 2020 21:27:21 +0000 (13:27 -0800)]
Merge tag 'for-5.11/dm-changes' of git://git.kernel.org/pub/scm/linux/kernel/git/device-mapper/linux-dm
Pull device mapper updates from Mike Snitzer:
- Add DM verity support for signature verification with 2nd keyring
- Fix DM verity to skip verity work if IO completes with error while
system is shutting down
- Add new DM multipath "IO affinity" path selector that maps IO
destined to a given path to a specific CPU based on user provided
mapping
- Rename DM multipath path selector source files to have "dm-ps" prefix
- Add REQ_NOWAIT support to some other simple DM targets that don't
block in more elaborate ways waiting for IO
- Export DM crypt's kcryptd workqueue via sysfs (WQ_SYSFS)
- Fix error return code in DM's target_message() if empty message is
received
- A handful of other small cleanups
* tag 'for-5.11/dm-changes' of git://git.kernel.org/pub/scm/linux/kernel/git/device-mapper/linux-dm:
dm cache: simplify the return expression of load_mapping()
dm ebs: avoid double unlikely() notation when using IS_ERR()
dm verity: skip verity work if I/O error when system is shutting down
dm crypt: export sysfs of kcryptd workqueue
dm ioctl: fix error return code in target_message
dm crypt: Constify static crypt_iv_operations
dm: add support for REQ_NOWAIT to various targets
dm: rename multipath path selector source files to have "dm-ps" prefix
dm mpath: add IO affinity path selector
dm verity: Add support for signature verification with 2nd keyring
dm: remove unnecessary current->bio_list check when submitting split bio
Linus Torvalds [Tue, 22 Dec 2020 21:24:33 +0000 (13:24 -0800)]
Merge tag 'hwmon-for-v5.11-take2' of git://git.kernel.org/pub/scm/linux/kernel/git/groeck/linux-staging
Pull another hwmon update from Guenter Roeck:
"The only patch in this series is removal of voltage and current
reporting for AMD Zen CPUs.
Turns out that was not worth the trouble, because it's all
undocumented and not maintainable"
* tag 'hwmon-for-v5.11-take2' of git://git.kernel.org/pub/scm/linux/kernel/git/groeck/linux-staging:
hwmon: (k10temp) Remove support for displaying voltage and current on Zen CPUs
Linus Torvalds [Tue, 22 Dec 2020 21:19:43 +0000 (13:19 -0800)]
Merge tag 'dma-mapping-5.11' of git://git.infradead.org/users/hch/dma-mapping
Pull dma-mapping updates from Christoph Hellwig:
- support for a partial IOMMU bypass (Alexey Kardashevskiy)
- add a DMA API benchmark (Barry Song)
- misc fixes (Tiezhu Yang, tangjianqiang)
* tag 'dma-mapping-5.11' of git://git.infradead.org/users/hch/dma-mapping:
selftests/dma: add test application for DMA_MAP_BENCHMARK
dma-mapping: add benchmark support for streaming DMA APIs
dma-contiguous: fix a typo error in a comment
dma-pool: no need to check return value of debugfs_create functions
powerpc/dma: Fallback to dma_ops when persistent memory present
dma-mapping: Allow mixing bypass and mapped DMA operation
Andi Kleen [Tue, 22 Dec 2020 17:40:10 +0000 (09:40 -0800)]
x86/split-lock: Avoid returning with interrupts enabled
When a split lock is detected always make sure to disable interrupts
before returning from the trap handler.
The kernel exit code assumes that all exits run with interrupts
disabled, otherwise the SWAPGS sequence can race against interrupts and
cause recursing page faults and later panics.
The problem will only happen on CPUs with split lock disable
functionality, so Icelake Server, Tiger Lake, Snow Ridge, Jacobsville.
Fixes: ca4c6a9858c2 ("x86/traps: Make interrupt enable/disable symmetric in C code") Fixes: bce9b042ec73 ("x86/traps: Disable interrupts in exc_aligment_check()") # v5.8+ Signed-off-by: Andi Kleen <ak@linux.intel.com> Cc: Peter Zijlstra <peterz@infradead.org> Cc: Fenghua Yu <fenghua.yu@intel.com> Cc: Tony Luck <tony.luck@intel.com> Reviewed-by: Thomas Gleixner <tglx@linutronix.de> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Andrey Konovalov [Tue, 22 Dec 2020 20:03:35 +0000 (12:03 -0800)]
kasan: update documentation
This change updates KASAN documentation to reflect the addition of boot
parameters and also reworks and clarifies some of the existing sections,
in particular: defines what a memory granule is, mentions quarantine,
makes Kunit section more readable.
Andrey Konovalov [Tue, 22 Dec 2020 20:03:31 +0000 (12:03 -0800)]
kasan, mm: allow cache merging with no metadata
The reason cache merging is disabled with KASAN is because KASAN puts its
metadata right after the allocated object. When the merged caches have
slightly different sizes, the metadata ends up in different places, which
KASAN doesn't support.
It might be possible to adjust the metadata allocation algorithm and make
it friendly to the cache merging code. Instead this change takes a simpler
approach and allows merging caches when no metadata is present. Which is
the case for hardware tag-based KASAN with kasan.mode=prod.
Andrey Konovalov [Tue, 22 Dec 2020 20:03:28 +0000 (12:03 -0800)]
kasan: sanitize objects when metadata doesn't fit
KASAN marks caches that are sanitized with the SLAB_KASAN cache flag.
Currently if the metadata that is appended after the object (stores e.g.
stack trace ids) doesn't fit into KMALLOC_MAX_SIZE (can only happen with
SLAB, see the comment in the patch), KASAN turns off sanitization
completely.
With this change sanitization of the object data is always enabled.
However the metadata is only stored when it fits. Instead of checking for
SLAB_KASAN flag accross the code to find out whether the metadata is
there, use cache->kasan_info.alloc/free_meta_offset. As 0 can be a valid
value for free_meta_offset, introduce KASAN_NO_FREE_META as an indicator
that the free metadata is missing.
Without this change all sanitized KASAN objects would be put into
quarantine with generic KASAN. With this change, only the objects that
have metadata (i.e. when it fits) are put into quarantine, the rest is
freed right away.
Along the way rework __kasan_cache_create() and add claryfying comments.
Andrey Konovalov [Tue, 22 Dec 2020 20:03:20 +0000 (12:03 -0800)]
kasan: simplify assign_tag and set_tag calls
set_tag() already ignores the tag for the generic mode, so just call it
as is. Add a check for the generic mode to assign_tag(), and simplify its
call in ____kasan_kmalloc().
Andrey Konovalov [Tue, 22 Dec 2020 20:03:17 +0000 (12:03 -0800)]
kasan: don't round_up too much
For hardware tag-based mode kasan_poison_memory() already rounds up the
size. Do the same for software modes and remove round_up() from the common
code.
Andrey Konovalov [Tue, 22 Dec 2020 20:03:13 +0000 (12:03 -0800)]
kasan, mm: rename kasan_poison_kfree
Rename kasan_poison_kfree() to kasan_slab_free_mempool() as it better
reflects what this annotation does. Also add a comment that explains the
PageSlab() check.
Andrey Konovalov [Tue, 22 Dec 2020 20:03:10 +0000 (12:03 -0800)]
kasan, mm: check kasan_enabled in annotations
Declare the kasan_enabled static key in include/linux/kasan.h and in
include/linux/mm.h and check it in all kasan annotations. This allows to
avoid any slowdown caused by function calls when kasan_enabled is
disabled.
Andrey Konovalov [Tue, 22 Dec 2020 20:03:06 +0000 (12:03 -0800)]
kasan: add and integrate kasan boot parameters
Hardware tag-based KASAN mode is intended to eventually be used in
production as a security mitigation. Therefore there's a need for finer
control over KASAN features and for an existence of a kill switch.
This change adds a few boot parameters for hardware tag-based KASAN that
allow to disable or otherwise control particular KASAN features.
The features that can be controlled are:
1. Whether KASAN is enabled at all.
2. Whether KASAN collects and saves alloc/free stacks.
3. Whether KASAN panics on a detected bug or not.
With this change a new boot parameter kasan.mode allows to choose one of
three main modes:
- kasan.mode=off - KASAN is disabled, no tag checks are performed
- kasan.mode=prod - only essential production features are enabled
- kasan.mode=full - all KASAN features are enabled
The chosen mode provides default control values for the features mentioned
above. However it's also possible to override the default values by
providing:
- kasan.stacktrace=off/on - enable alloc/free stack collection
(default: on for mode=full, otherwise off)
- kasan.fault=report/panic - only report tag fault or also panic
(default: report)
If kasan.mode parameter is not provided, it defaults to full when
CONFIG_DEBUG_KERNEL is enabled, and to prod otherwise.
It is essential that switching between these modes doesn't require
rebuilding the kernel with different configs, as this is required by
the Android GKI (Generic Kernel Image) initiative [1].
Andrey Konovalov [Tue, 22 Dec 2020 20:03:03 +0000 (12:03 -0800)]
kasan: inline (un)poison_range and check_invalid_free
Using (un)poison_range() or check_invalid_free() currently results in
function calls. Move their definitions to mm/kasan/kasan.h and turn them
into static inline functions for hardware tag-based mode to avoid
unneeded function calls.
Andrey Konovalov [Tue, 22 Dec 2020 20:02:59 +0000 (12:02 -0800)]
kasan: open-code kasan_unpoison_slab
There's the external annotation kasan_unpoison_slab() that is currently
defined as static inline and uses kasan_unpoison_range(). Open-code this
function in mempool.c. Otherwise with an upcoming change this function
will result in an unnecessary function call.
Andrey Konovalov [Tue, 22 Dec 2020 20:02:56 +0000 (12:02 -0800)]
kasan: inline random_tag for HW_TAGS
Using random_tag() currently results in a function call. Move its
definition to mm/kasan/kasan.h and turn it into a static inline function
for hardware tag-based mode to avoid uneeded function calls.
Andrey Konovalov [Tue, 22 Dec 2020 20:02:52 +0000 (12:02 -0800)]
kasan: inline kasan_reset_tag for tag-based modes
Using kasan_reset_tag() currently results in a function call. As it's
called quite often from the allocator code, this leads to a noticeable
slowdown. Move it to include/linux/kasan.h and turn it into a static
inline function. Also remove the now unneeded reset_tag() internal KASAN
macro and use kasan_reset_tag() instead.
Andrey Konovalov [Tue, 22 Dec 2020 20:02:45 +0000 (12:02 -0800)]
kasan: allow VMAP_STACK for HW_TAGS mode
Even though hardware tag-based mode currently doesn't support checking
vmalloc allocations, it doesn't use shadow memory and works with
VMAP_STACK as is. Change VMAP_STACK definition accordingly.
Andrey Konovalov [Tue, 22 Dec 2020 20:02:42 +0000 (12:02 -0800)]
kasan, arm64: unpoison stack only with CONFIG_KASAN_STACK
There's a config option CONFIG_KASAN_STACK that has to be enabled for
KASAN to use stack instrumentation and perform validity checks for
stack variables.
There's no need to unpoison stack when CONFIG_KASAN_STACK is not enabled.
Only call kasan_unpoison_task_stack[_below]() when CONFIG_KASAN_STACK is
enabled.
Note, that CONFIG_KASAN_STACK is an option that is currently always
defined when CONFIG_KASAN is enabled, and therefore has to be tested
with #if instead of #ifdef.
Andrey Konovalov [Tue, 22 Dec 2020 20:02:34 +0000 (12:02 -0800)]
kasan: rename get_alloc/free_info
Rename get_alloc_info() and get_free_info() to kasan_get_alloc_meta() and
kasan_get_free_meta() to better reflect what those do and avoid confusion
with kasan_set_free_info().
Andrey Konovalov [Tue, 22 Dec 2020 20:02:31 +0000 (12:02 -0800)]
kasan: simplify quarantine_put call site
Patch series "kasan: boot parameters for hardware tag-based mode", v4.
=== Overview
Hardware tag-based KASAN mode [1] is intended to eventually be used in
production as a security mitigation. Therefore there's a need for finer
control over KASAN features and for an existence of a kill switch.
This patchset adds a few boot parameters for hardware tag-based KASAN that
allow to disable or otherwise control particular KASAN features, as well
as provides some initial optimizations for running KASAN in production.
There's another planned patchset what will further optimize hardware
tag-based KASAN, provide proper benchmarking and tests, and will fully
enable tag-based KASAN for production use.
Hardware tag-based KASAN relies on arm64 Memory Tagging Extension (MTE)
[2] to perform memory and pointer tagging. Please see [3] and [4] for
detailed analysis of how MTE helps to fight memory safety problems.
The features that can be controlled are:
1. Whether KASAN is enabled at all.
2. Whether KASAN collects and saves alloc/free stacks.
3. Whether KASAN panics on a detected bug or not.
The patch titled "kasan: add and integrate kasan boot parameters" of this
series adds a few new boot parameters.
kasan.mode allows to choose one of three main modes:
- kasan.mode=off - KASAN is disabled, no tag checks are performed
- kasan.mode=prod - only essential production features are enabled
- kasan.mode=full - all KASAN features are enabled
The chosen mode provides default control values for the features mentioned
above. However it's also possible to override the default values by
providing:
- kasan.stacktrace=off/on - enable stacks collection
(default: on for mode=full, otherwise off)
- kasan.fault=report/panic - only report tag fault or also panic
(default: report)
If kasan.mode parameter is not provided, it defaults to full when
CONFIG_DEBUG_KERNEL is enabled, and to prod otherwise.
It is essential that switching between these modes doesn't require
rebuilding the kernel with different configs, as this is required by
the Android GKI (Generic Kernel Image) initiative.
=== Benchmarks
For now I've only performed a few simple benchmarks such as measuring
kernel boot time and slab memory usage after boot. There's an upcoming
patchset which will optimize KASAN further and include more detailed
benchmarking results.
The benchmarks were performed in QEMU and the results below exclude the
slowdown caused by QEMU memory tagging emulation (as it's different from
the slowdown that will be introduced by hardware and is therefore
irrelevant).
KASAN_HW_TAGS=y + kasan.mode=off introduces no performance or memory
impact compared to KASAN_HW_TAGS=n.
kasan.mode=prod (manually excluding tagging) introduces 3% of performance
and no memory impact (except memory used by hardware to store tags)
compared to kasan.mode=off.
kasan.mode=full has about 40% performance and 30% memory impact over
kasan.mode=prod. Both come from alloc/free stack collection.
kselftest/arm64: check GCR_EL1 after context switch
This test is specific to MTE and verifies that the GCR_EL1 register is
context switched correctly.
It spawns 1024 processes and each process spawns 5 threads. Each thread
writes a random setting of GCR_EL1 through the prctl() system call and
reads it back verifying that it is the same. If the values are not the
same it reports a failure.
Note: The test has been extended to verify that even SYNC and ASYNC mode
setting is preserved correctly over context switching.
Andrey Konovalov [Tue, 22 Dec 2020 20:02:17 +0000 (12:02 -0800)]
kasan, mm: reset tags when accessing metadata
Kernel allocator code accesses metadata for slab objects, that may lie
out-of-bounds of the object itself, or be accessed when an object is
freed. Such accesses trigger tag faults and lead to false-positive
reports with hardware tag-based KASAN.
Software KASAN modes disable instrumentation for allocator code via
KASAN_SANITIZE Makefile macro, and rely on kasan_enable/disable_current()
annotations which are used to ignore KASAN reports.
With hardware tag-based KASAN neither of those options are available, as
it doesn't use compiler instrumetation, no tag faults are ignored, and MTE
is disabled after the first one.
Instead, reset tags when accessing metadata (currently only for SLUB).
Andrey Konovalov [Tue, 22 Dec 2020 20:02:13 +0000 (12:02 -0800)]
kasan, arm64: print report from tag fault handler
Add error reporting for hardware tag-based KASAN. When
CONFIG_KASAN_HW_TAGS is enabled, print KASAN report from the arm64 tag
fault handler.
SAS bits aren't set in ESR for all faults reported in EL1, so it's
impossible to find out the size of the access the caused the fault. Adapt
KASAN reporting code to handle this case.
Andrey Konovalov [Tue, 22 Dec 2020 20:02:10 +0000 (12:02 -0800)]
kasan, arm64: implement HW_TAGS runtime
Provide implementation of KASAN functions required for the hardware
tag-based mode. Those include core functions for memory and pointer
tagging (tags_hw.c) and bug reporting (report_tags_hw.c). Also adapt
common KASAN code to support the new mode.
Andrey Konovalov [Tue, 22 Dec 2020 20:02:06 +0000 (12:02 -0800)]
kasan, arm64: expand CONFIG_KASAN checks
Some #ifdef CONFIG_KASAN checks are only relevant for software KASAN modes
(either related to shadow memory or compiler instrumentation). Expand
those into CONFIG_KASAN_GENERIC || CONFIG_KASAN_SW_TAGS.
Andrey Konovalov [Tue, 22 Dec 2020 20:01:56 +0000 (12:01 -0800)]
arm64: kasan: add arch layer for memory tagging helpers
This patch add a set of arch_*() memory tagging helpers currently only
defined for arm64 when hardware tag-based KASAN is enabled. These helpers
will be used by KASAN runtime to implement the hardware tag-based mode.
The arch-level indirection level is introduced to simplify adding hardware
tag-based KASAN support for other architectures in the future by defining
the appropriate arch_*() macros.
Andrey Konovalov [Tue, 22 Dec 2020 20:01:52 +0000 (12:01 -0800)]
arm64: kasan: align allocations for HW_TAGS
Hardware tag-based KASAN uses the memory tagging approach, which requires
all allocations to be aligned to the memory granule size. Align the
allocations to MTE_GRANULE_SIZE via ARCH_SLAB_MINALIGN when
CONFIG_KASAN_HW_TAGS is enabled.
kasan, mm: untag page address in free_reserved_area
free_reserved_area() memsets the pages belonging to a given memory area.
As that memory hasn't been allocated via page_alloc, the KASAN tags that
those pages have are 0x00. As the result the memset might result in a tag
mismatch.
arm64: mte: switch GCR_EL1 in kernel entry and exit
When MTE is present, the GCR_EL1 register contains the tags mask that
allows to exclude tags from the random generation via the IRG instruction.
With the introduction of the new Tag-Based KASAN API that provides a
mechanism to reserve tags for special reasons, the MTE implementation has
to make sure that the GCR_EL1 setting for the kernel does not affect the
userspace processes and viceversa.
Save and restore the kernel/user mask in GCR_EL1 in kernel entry and exit.
The gcr_user mask is a per thread mask that represents the tags that are
excluded from random generation when the Memory Tagging Extension is
present and an 'irg' instruction is invoked.
gcr_user affects the behavior on EL0 only.
Currently that mask is an include mask and it is controlled by the user
via prctl() while GCR_EL1 accepts an exclude mask.
Convert the include mask into an exclude one to make it easier the
register setting.
Note: This change will affect gcr_kernel (for EL1) introduced with a
future patch.
Hardware tag-based KASAN relies on Memory Tagging Extension (MTE) feature
and requires it to be enabled. MTE supports
This patch adds a new mte_enable_kernel() helper, that enables MTE in
Synchronous mode in EL1 and is intended to be called from KASAN runtime
during initialization.
The Tag Checking operation causes a synchronous data abort as a
consequence of a tag check fault when MTE is configured in synchronous
mode.
As part of this change enable match-all tag for EL1 to allow the kernel to
access user pages without faulting. This is required because the kernel
does not have knowledge of the tags set by the user in a page.
Note: For MTE, the TCF bit field in SCTLR_EL1 affects only EL1 in a
similar way as TCF0 affects EL0.
MTE that is built on top of the Top Byte Ignore (TBI) feature hence we
enable it as part of this patch as well.
The hardware tag-based KASAN for compatibility with the other modes stores
the tag associated to a page in page->flags. Due to this the kernel
faults on access when it allocates a page with an initial tag and the user
changes the tags.
Reset the tag associated by the kernel to a page in all the meaningful
places to prevent kernel faults on access.
Note: An alternative to this approach could be to modify page_to_virt().
This though could end up being racy, in fact if a CPU checks the
PG_mte_tagged bit and decides that the page is not tagged but another CPU
maps the same with PROT_MTE and becomes tagged the subsequent kernel
access would fail.
Provide helper functions to manipulate allocation and pointer tags for
kernel addresses.
Low-level helper functions (mte_assign_*, written in assembly) operate tag
values from the [0x0, 0xF] range. High-level helper functions
(mte_get/set_*) use the [0xF0, 0xFF] range to preserve compatibility with
normal kernel pointers that have 0xFF in their top byte.
MTE_GRANULE_SIZE and related definitions are moved to mte-def.h header
that doesn't have any dependencies and is safe to include into any
low-level header.
Andrey Konovalov [Tue, 22 Dec 2020 20:01:20 +0000 (12:01 -0800)]
kasan: introduce CONFIG_KASAN_HW_TAGS
This patch adds a configuration option for a new KASAN mode called
hardware tag-based KASAN. This mode uses the memory tagging approach like
the software tag-based mode, but relies on arm64 Memory Tagging Extension
feature for tag management and access checking.
Andrey Konovalov [Tue, 22 Dec 2020 20:01:17 +0000 (12:01 -0800)]
kasan: separate metadata_fetch_row for each mode
This is a preparatory commit for the upcoming addition of a new hardware
tag-based (MTE-based) KASAN mode.
Rework print_memory_metadata() to make it agnostic with regard to the way
metadata is stored. Allow providing a separate metadata_fetch_row()
implementation for each KASAN mode. Hardware tag-based KASAN will provide
its own implementation that doesn't use shadow memory.
Andrey Konovalov [Tue, 22 Dec 2020 20:01:03 +0000 (12:01 -0800)]
kasan, arm64: rename kasan_init_tags and mark as __init
Rename kasan_init_tags() to kasan_init_sw_tags() as the upcoming hardware
tag-based KASAN mode will have its own initialization routine. Also
similarly to kasan_init() mark kasan_init_tags() as __init.
Andrey Konovalov [Tue, 22 Dec 2020 20:01:00 +0000 (12:01 -0800)]
kasan, arm64: move initialization message
Software tag-based KASAN mode is fully initialized with kasan_init_tags(),
while the generic mode only requires kasan_init(). Move the
initialization message for tag-based mode into kasan_init_tags().
Also fix pr_fmt() usage for KASAN code: generic.c doesn't need it as it
doesn't use any printing functions; tag-based mode should use "kasan:"
instead of KBUILD_MODNAME (which stands for file name).
projects / mirror_ubuntu-kernels.git / log