Evolution-X-Devices/kernel_xiaomi_taoyao
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge 5.4.167 into android11-5.4-lts

Browse Source 
Changes in 5.4.167
	nfc: fix segfault in nfc_genl_dump_devices_done
	drm/msm/dsi: set default num_data_lanes
	net/mlx4_en: Update reported link modes for 1/10G
	parisc/agp: Annotate parisc agp init functions with __init
	i2c: rk3x: Handle a spurious start completion interrupt flag
	net: netlink: af_netlink: Prevent empty skb by adding a check on len.
	drm/amd/display: Fix for the no Audio bug with Tiled Displays
	drm/amd/display: add connector type check for CRC source set
	tracing: Fix a kmemleak false positive in tracing_map
	KVM: x86: Ignore sparse banks size for an "all CPUs", non-sparse IPI req
	selinux: fix race condition when computing ocontext SIDs
	bpf: Fix integer overflow in argument calculation for bpf_map_area_alloc
	hwmon: (dell-smm) Fix warning on /proc/i8k creation error
	memblock: free_unused_memmap: use pageblock units instead of MAX_ORDER
	memblock: align freed memory map on pageblock boundaries with SPARSEMEM
	memblock: ensure there is no overflow in memblock_overlaps_region()
	arm: extend pfn_valid to take into account freed memory map alignment
	arm: ioremap: don't abuse pfn_valid() to check if pfn is in RAM
	Linux 5.4.167

Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I1b912710dd31dba153eb6d859856462ea4c01ddd
This commit is contained in:
Greg Kroah-Hartman
2021-12-17 13:06:33 +01:00
parent 4a68bf4833 e8ef940326
commit 5ba000444a
18 changed files with 171 additions and 101 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
Makefile
View File

@@ -1,7 +1,7 @@
# SPDX-License-Identifier: GPL-2.0
VERSION = 5
PATCHLEVEL = 4
SUBLEVEL = 166
SUBLEVEL = 167
EXTRAVERSION =
NAME = Kleptomaniac Octopus

39
arch/arm/mm/init.c
View File

@@ -176,11 +176,22 @@ static void __init zone_sizes_init(unsigned long min, unsigned long max_low,
int pfn_valid(unsigned long pfn)
{
phys_addr_t addr = __pfn_to_phys(pfn);
unsigned long pageblock_size = PAGE_SIZE * pageblock_nr_pages;
if (__phys_to_pfn(addr) != pfn)
return 0;
return memblock_is_map_memory(__pfn_to_phys(pfn));
/*
* If address less than pageblock_size bytes away from a present
* memory chunk there still will be a memory map entry for it
* because we round freed memory map to the pageblock boundaries.
*/
if (memblock_overlaps_region(&memblock.memory,
ALIGN_DOWN(addr, pageblock_size),
pageblock_size))
return 1;
return 0;
}
EXPORT_SYMBOL(pfn_valid);
#endif
@@ -371,14 +382,14 @@ static void __init free_unused_memmap(void)
*/
start = min(start,
ALIGN(prev_end, PAGES_PER_SECTION));
#else
/*
* Align down here since the VM subsystem insists that the
* memmap entries are valid from the bank start aligned to
* MAX_ORDER_NR_PAGES.
*/
start = round_down(start, MAX_ORDER_NR_PAGES);
#endif
/*
* Align down here since many operations in VM subsystem
* presume that there are no holes in the memory map inside
* a pageblock
*/
start = round_down(start, pageblock_nr_pages);
/*
* If we had a previous bank, and there is a space
* between the current bank and the previous, free it.
@@ -387,18 +398,20 @@ static void __init free_unused_memmap(void)
free_memmap(prev_end, start);
/*
* Align up here since the VM subsystem insists that the
* memmap entries are valid from the bank end aligned to
* MAX_ORDER_NR_PAGES.
* Align up here since many operations in VM subsystem
* presume that there are no holes in the memory map inside
* a pageblock
*/
prev_end = ALIGN(memblock_region_memory_end_pfn(reg),
MAX_ORDER_NR_PAGES);
pageblock_nr_pages);
}
#ifdef CONFIG_SPARSEMEM
if (!IS_ALIGNED(prev_end, PAGES_PER_SECTION))
if (!IS_ALIGNED(prev_end, PAGES_PER_SECTION)) {
prev_end = ALIGN(prev_end, pageblock_nr_pages);
free_memmap(prev_end,
ALIGN(prev_end, PAGES_PER_SECTION));
}
#endif
}

4
arch/arm/mm/ioremap.c
View File

@@ -27,6 +27,7 @@
#include <linux/vmalloc.h>
#include <linux/io.h>
#include <linux/sizes.h>
#include <linux/memblock.h>
#include <asm/cp15.h>
#include <asm/cputype.h>
@@ -301,7 +302,8 @@ static void __iomem * __arm_ioremap_pfn_caller(unsigned long pfn,
* Don't allow RAM to be mapped with mismatched attributes - this
* causes problems with ARMv6+
*/
if (WARN_ON(pfn_valid(pfn) && mtype != MT_MEMORY_RW))
if (WARN_ON(memblock_is_map_memory(PFN_PHYS(pfn)) &&
mtype != MT_MEMORY_RW))
return NULL;
area = get_vm_area_caller(size, VM_IOREMAP, caller);

7
arch/x86/kvm/hyperv.c
View File

@@ -1501,11 +1501,13 @@ static u64 kvm_hv_send_ipi(struct kvm_vcpu *current_vcpu, u64 ingpa, u64 outgpa,
all_cpus = send_ipi_ex.vp_set.format == HV_GENERIC_SET_ALL;
if (all_cpus)
goto check_and_send_ipi;
if (!sparse_banks_len)
goto ret_success;
if (!all_cpus &&
kvm_read_guest(kvm,
if (kvm_read_guest(kvm,
ingpa + offsetof(struct hv_send_ipi_ex,
vp_set.bank_contents),
sparse_banks,
@@ -1513,6 +1515,7 @@ static u64 kvm_hv_send_ipi(struct kvm_vcpu *current_vcpu, u64 ingpa, u64 outgpa,
return HV_STATUS_INVALID_HYPERCALL_INPUT;
}
check_and_send_ipi:
if ((vector < HV_IPI_LOW_VECTOR) || (vector > HV_IPI_HIGH_VECTOR))
return HV_STATUS_INVALID_HYPERCALL_INPUT;

6
drivers/char/agp/parisc-agp.c
View File

@@ -281,7 +281,7 @@ agp_ioc_init(void __iomem *ioc_regs)
return 0;
}
static int
static int __init
lba_find_capability(int cap)
{
struct _parisc_agp_info *info = &parisc_agp_info;
@@ -366,7 +366,7 @@ fail:
return error;
}
static int
static int __init
find_quicksilver(struct device *dev, void *data)
{
struct parisc_device **lba = data;
@@ -378,7 +378,7 @@ find_quicksilver(struct device *dev, void *data)
return 0;
}
static int
static int __init
parisc_agp_init(void)
{
extern struct sba_device *sba_list;

8
drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_crc.c
View File

@@ -221,6 +221,14 @@ int amdgpu_dm_crtc_set_crc_source(struct drm_crtc *crtc, const char *src_name)
ret = -EINVAL;
goto cleanup;
}
if ((aconn->base.connector_type != DRM_MODE_CONNECTOR_DisplayPort) &&
(aconn->base.connector_type != DRM_MODE_CONNECTOR_eDP)) {
DRM_DEBUG_DRIVER("No DP connector available for CRC source\n");
ret = -EINVAL;
goto cleanup;
}
}
if (amdgpu_dm_crtc_configure_crc_source(crtc, crtc_state, source)) {

4
drivers/gpu/drm/amd/display/dc/core/dc_resource.c
View File

@@ -1546,6 +1546,10 @@ bool dc_is_stream_unchanged(
if (old_stream->ignore_msa_timing_param != stream->ignore_msa_timing_param)
return false;
// Only Have Audio left to check whether it is same or not. This is a corner case for Tiled sinks
if (old_stream->audio_info.mode_count != stream->audio_info.mode_count)
return false;
return true;
}

2
drivers/gpu/drm/msm/dsi/dsi_host.c
View File

@@ -1669,6 +1669,8 @@ static int dsi_host_parse_lane_data(struct msm_dsi_host *msm_host,
if (!prop) {
DRM_DEV_DEBUG(dev,
"failed to find data lane mapping, using default\n");
/* Set the number of date lanes to 4 by default. */
msm_host->num_data_lanes = 4;
return 0;
}

7
drivers/hwmon/dell-smm-hwmon.c
View File

@@ -588,15 +588,18 @@ static const struct file_operations i8k_fops = {
.unlocked_ioctl = i8k_ioctl,
};
static struct proc_dir_entry *entry;
static void __init i8k_init_procfs(void)
{
/* Register the proc entry */
proc_create("i8k", 0, NULL, &i8k_fops);
entry = proc_create("i8k", 0, NULL, &i8k_fops);
}
static void __exit i8k_exit_procfs(void)
{
remove_proc_entry("i8k", NULL);
if (entry)
remove_proc_entry("i8k", NULL);
}
#else

4
drivers/i2c/busses/i2c-rk3x.c
View File

@@ -422,8 +422,8 @@ static void rk3x_i2c_handle_read(struct rk3x_i2c *i2c, unsigned int ipd)
if (!(ipd & REG_INT_MBRF))
return;
/* ack interrupt */
i2c_writel(i2c, REG_INT_MBRF, REG_IPD);
/* ack interrupt (read also produces a spurious START flag, clear it too) */
i2c_writel(i2c, REG_INT_MBRF | REG_INT_START, REG_IPD);
/* Can only handle a maximum of 32 bytes at a time */
if (len > 32)

6
drivers/net/ethernet/mellanox/mlx4/en_ethtool.c
View File

@@ -663,7 +663,7 @@ void __init mlx4_en_init_ptys2ethtool_map(void)
MLX4_BUILD_PTYS2ETHTOOL_CONFIG(MLX4_1000BASE_T, SPEED_1000,
ETHTOOL_LINK_MODE_1000baseT_Full_BIT);
MLX4_BUILD_PTYS2ETHTOOL_CONFIG(MLX4_1000BASE_CX_SGMII, SPEED_1000,
ETHTOOL_LINK_MODE_1000baseKX_Full_BIT);
ETHTOOL_LINK_MODE_1000baseX_Full_BIT);
MLX4_BUILD_PTYS2ETHTOOL_CONFIG(MLX4_1000BASE_KX, SPEED_1000,
ETHTOOL_LINK_MODE_1000baseKX_Full_BIT);
MLX4_BUILD_PTYS2ETHTOOL_CONFIG(MLX4_10GBASE_T, SPEED_10000,
@@ -675,9 +675,9 @@ void __init mlx4_en_init_ptys2ethtool_map(void)
MLX4_BUILD_PTYS2ETHTOOL_CONFIG(MLX4_10GBASE_KR, SPEED_10000,
ETHTOOL_LINK_MODE_10000baseKR_Full_BIT);
MLX4_BUILD_PTYS2ETHTOOL_CONFIG(MLX4_10GBASE_CR, SPEED_10000,
ETHTOOL_LINK_MODE_10000baseKR_Full_BIT);
ETHTOOL_LINK_MODE_10000baseCR_Full_BIT);
MLX4_BUILD_PTYS2ETHTOOL_CONFIG(MLX4_10GBASE_SR, SPEED_10000,
ETHTOOL_LINK_MODE_10000baseKR_Full_BIT);
ETHTOOL_LINK_MODE_10000baseSR_Full_BIT);
MLX4_BUILD_PTYS2ETHTOOL_CONFIG(MLX4_20GBASE_KR2, SPEED_20000,
ETHTOOL_LINK_MODE_20000baseMLD2_Full_BIT,
ETHTOOL_LINK_MODE_20000baseKR2_Full_BIT);

4
kernel/bpf/devmap.c
View File

@@ -94,7 +94,7 @@ static struct hlist_head *dev_map_create_hash(unsigned int entries,
int i;
struct hlist_head *hash;
hash = bpf_map_area_alloc(entries * sizeof(*hash), numa_node);
hash = bpf_map_area_alloc((u64) entries * sizeof(*hash), numa_node);
if (hash != NULL)
for (i = 0; i < entries; i++)
INIT_HLIST_HEAD(&hash[i]);
@@ -159,7 +159,7 @@ static int dev_map_init_map(struct bpf_dtab *dtab, union bpf_attr *attr)
spin_lock_init(&dtab->index_lock);
} else {
dtab->netdev_map = bpf_map_area_alloc(dtab->map.max_entries *
dtab->netdev_map = bpf_map_area_alloc((u64) dtab->map.max_entries *
sizeof(struct bpf_dtab_netdev *),
dtab->map.numa_node);
if (!dtab->netdev_map)

3
kernel/trace/tracing_map.c
View File

@@ -15,6 +15,7 @@
#include <linux/jhash.h>
#include <linux/slab.h>
#include <linux/sort.h>
#include <linux/kmemleak.h>
#include "tracing_map.h"
#include "trace.h"
@@ -307,6 +308,7 @@ void tracing_map_array_free(struct tracing_map_array *a)
for (i = 0; i < a->n_pages; i++) {
if (!a->pages[i])
break;
kmemleak_free(a->pages[i]);
free_page((unsigned long)a->pages[i]);
}
@@ -342,6 +344,7 @@ struct tracing_map_array *tracing_map_array_alloc(unsigned int n_elts,
a->pages[i] = (void *)get_zeroed_page(GFP_KERNEL);
if (!a->pages[i])
goto free;
kmemleak_alloc(a->pages[i], PAGE_SIZE, 1, GFP_KERNEL);
}
out:
return a;

3
mm/memblock.c
View File

@@ -164,6 +164,8 @@ bool __init_memblock memblock_overlaps_region(struct memblock_type *type,
{
unsigned long i;
memblock_cap_size(base, &size);
for (i = 0; i < type->cnt; i++)
if (memblock_addrs_overlap(base, size, type->regions[i].base,
type->regions[i].size))
@@ -1764,7 +1766,6 @@ bool __init_memblock memblock_is_region_memory(phys_addr_t base, phys_addr_t siz
*/
bool __init_memblock memblock_is_region_reserved(phys_addr_t base, phys_addr_t size)
{
memblock_cap_size(base, &size);
return memblock_overlaps_region(&memblock.reserved, base, size);
}

2
net/core/sock_map.c
View File

@@ -48,7 +48,7 @@ static struct bpf_map *sock_map_alloc(union bpf_attr *attr)
if (err)
goto free_stab;
stab->sks = bpf_map_area_alloc(stab->map.max_entries *
stab->sks = bpf_map_area_alloc((u64) stab->map.max_entries *
sizeof(struct sock *),
stab->map.numa_node);
if (stab->sks)

5
net/netlink/af_netlink.c
View File

@@ -1862,6 +1862,11 @@ static int netlink_sendmsg(struct socket *sock, struct msghdr *msg, size_t len)
if (msg->msg_flags&MSG_OOB)
return -EOPNOTSUPP;
if (len == 0) {
pr_warn_once("Zero length message leads to an empty skb\n");
return -ENODATA;
}
err = scm_send(sock, msg, &scm, true);
if (err < 0)
return err;

6
net/nfc/netlink.c
View File

@@ -644,8 +644,10 @@ static int nfc_genl_dump_devices_done(struct netlink_callback *cb)
{
struct class_dev_iter *iter = (struct class_dev_iter *) cb->args[0];
nfc_device_iter_exit(iter);
kfree(iter);
if (iter) {
nfc_device_iter_exit(iter);
kfree(iter);
}
return 0;
}

160
security/selinux/ss/services.c
View File

@@ -2313,6 +2313,43 @@ size_t security_policydb_len(struct selinux_state *state)
return len;
}
/**
* ocontext_to_sid - Helper to safely get sid for an ocontext
* @sidtab: SID table
* @c: ocontext structure
* @index: index of the context entry (0 or 1)
* @out_sid: pointer to the resulting SID value
*
* For all ocontexts except OCON_ISID the SID fields are populated
* on-demand when needed. Since updating the SID value is an SMP-sensitive
* operation, this helper must be used to do that safely.
*
* WARNING: This function may return -ESTALE, indicating that the caller
* must retry the operation after re-acquiring the policy pointer!
*/
static int ocontext_to_sid(struct sidtab *sidtab, struct ocontext *c,
size_t index, u32 *out_sid)
{
int rc;
u32 sid;
/* Ensure the associated sidtab entry is visible to this thread. */
sid = smp_load_acquire(&c->sid[index]);
if (!sid) {
rc = sidtab_context_to_sid(sidtab, &c->context[index], &sid);
if (rc)
return rc;
/*
* Ensure the new sidtab entry is visible to other threads
* when they see the SID.
*/
smp_store_release(&c->sid[index], sid);
}
*out_sid = sid;
return 0;
}
/**
* security_port_sid - Obtain the SID for a port.
* @protocol: protocol number
@@ -2325,10 +2362,12 @@ int security_port_sid(struct selinux_state *state,
struct policydb *policydb;
struct sidtab *sidtab;
struct ocontext *c;
int rc = 0;
int rc;
read_lock(&state->ss->policy_rwlock);
retry:
rc = 0;
policydb = &state->ss->policydb;
sidtab = state->ss->sidtab;
@@ -2342,13 +2381,11 @@ int security_port_sid(struct selinux_state *state,
}
if (c) {
if (!c->sid[0]) {
rc = context_struct_to_sid(state, &c->context[0],
&c->sid[0]);
if (rc)
goto out;
}
*out_sid = c->sid[0];
rc = ocontext_to_sid(sidtab, c, 0, out_sid);
if (rc == -ESTALE)
goto retry;
if (rc)
goto out;
} else {
*out_sid = SECINITSID_PORT;
}
@@ -2368,12 +2405,16 @@ int security_ib_pkey_sid(struct selinux_state *state,
u64 subnet_prefix, u16 pkey_num, u32 *out_sid)
{
struct policydb *policydb;
struct sidtab *sidtab;
struct ocontext *c;
int rc = 0;
int rc;
read_lock(&state->ss->policy_rwlock);
retry:
rc = 0;
policydb = &state->ss->policydb;
sidtab = state->ss->sidtab;
c = policydb->ocontexts[OCON_IBPKEY];
while (c) {
@@ -2386,14 +2427,11 @@ int security_ib_pkey_sid(struct selinux_state *state,
}
if (c) {
if (!c->sid[0]) {
rc = context_struct_to_sid(state,
&c->context[0],
&c->sid[0]);
if (rc)
goto out;
}
*out_sid = c->sid[0];
rc = ocontext_to_sid(sidtab, c, 0, out_sid);
if (rc == -ESTALE)
goto retry;
if (rc)
goto out;
} else
*out_sid = SECINITSID_UNLABELED;
@@ -2414,10 +2452,12 @@ int security_ib_endport_sid(struct selinux_state *state,
struct policydb *policydb;
struct sidtab *sidtab;
struct ocontext *c;
int rc = 0;
int rc;
read_lock(&state->ss->policy_rwlock);
retry:
rc = 0;
policydb = &state->ss->policydb;
sidtab = state->ss->sidtab;
@@ -2433,13 +2473,11 @@ int security_ib_endport_sid(struct selinux_state *state,
}
if (c) {
if (!c->sid[0]) {
rc = context_struct_to_sid(state, &c->context[0],
&c->sid[0]);
if (rc)
goto out;
}
*out_sid = c->sid[0];
rc = ocontext_to_sid(sidtab, c, 0, out_sid);
if (rc == -ESTALE)
goto retry;
if (rc)
goto out;
} else
*out_sid = SECINITSID_UNLABELED;
@@ -2458,11 +2496,13 @@ int security_netif_sid(struct selinux_state *state,
{
struct policydb *policydb;
struct sidtab *sidtab;
int rc = 0;
int rc;
struct ocontext *c;
read_lock(&state->ss->policy_rwlock);
retry:
rc = 0;
policydb = &state->ss->policydb;
sidtab = state->ss->sidtab;
@@ -2474,17 +2514,11 @@ int security_netif_sid(struct selinux_state *state,
}
if (c) {
if (!c->sid[0] || !c->sid[1]) {
rc = context_struct_to_sid(state, &c->context[0],
&c->sid[0]);
if (rc)
goto out;
rc = context_struct_to_sid(state, &c->context[1],
&c->sid[1]);
if (rc)
goto out;
}
*if_sid = c->sid[0];
rc = ocontext_to_sid(sidtab, c, 0, if_sid);
if (rc == -ESTALE)
goto retry;
if (rc)
goto out;
} else
*if_sid = SECINITSID_NETIF;
@@ -2520,12 +2554,15 @@ int security_node_sid(struct selinux_state *state,
u32 *out_sid)
{
struct policydb *policydb;
struct sidtab *sidtab;
int rc;
struct ocontext *c;
read_lock(&state->ss->policy_rwlock);
retry:
policydb = &state->ss->policydb;
sidtab = state->ss->sidtab;
switch (domain) {
case AF_INET: {
@@ -2566,14 +2603,11 @@ int security_node_sid(struct selinux_state *state,
}
if (c) {
if (!c->sid[0]) {
rc = context_struct_to_sid(state,
&c->context[0],
&c->sid[0]);
if (rc)
goto out;
}
*out_sid = c->sid[0];
rc = ocontext_to_sid(sidtab, c, 0, out_sid);
if (rc == -ESTALE)
goto retry;
if (rc)
goto out;
} else {
*out_sid = SECINITSID_NODE;
}
@@ -2732,11 +2766,12 @@ static inline int __security_genfs_sid(struct selinux_state *state,
u32 *sid)
{
struct policydb *policydb = &state->ss->policydb;
struct sidtab *sidtab = state->ss->sidtab;
int len;
u16 sclass;
struct genfs *genfs;
struct ocontext *c;
int rc, cmp = 0;
int cmp = 0;
while (path[0] == '/' && path[1] == '/')
path++;
@@ -2750,9 +2785,8 @@ static inline int __security_genfs_sid(struct selinux_state *state,
break;
}
rc = -ENOENT;
if (!genfs || cmp)
goto out;
return -ENOENT;
for (c = genfs->head; c; c = c->next) {
len = strlen(c->u.name);
@@ -2761,20 +2795,10 @@ static inline int __security_genfs_sid(struct selinux_state *state,
break;
}
rc = -ENOENT;
if (!c)
goto out;
return -ENOENT;
if (!c->sid[0]) {
rc = context_struct_to_sid(state, &c->context[0], &c->sid[0]);
if (rc)
goto out;
}
*sid = c->sid[0];
rc = 0;
out:
return rc;
return ocontext_to_sid(sidtab, c, 0, sid);
}
/**
@@ -2809,13 +2833,15 @@ int security_fs_use(struct selinux_state *state, struct super_block *sb)
{
struct policydb *policydb;
struct sidtab *sidtab;
int rc = 0;
int rc;
struct ocontext *c;
struct superblock_security_struct *sbsec = sb->s_security;
const char *fstype = sb->s_type->name;
read_lock(&state->ss->policy_rwlock);
retry:
rc = 0;
policydb = &state->ss->policydb;
sidtab = state->ss->sidtab;
@@ -2828,13 +2854,11 @@ int security_fs_use(struct selinux_state *state, struct super_block *sb)
if (c) {
sbsec->behavior = c->v.behavior;
if (!c->sid[0]) {
rc = context_struct_to_sid(state, &c->context[0],
&c->sid[0]);
if (rc)
goto out;
}
sbsec->sid = c->sid[0];
rc = ocontext_to_sid(sidtab, c, 0, &sbsec->sid);
if (rc == -ESTALE)
goto retry;
if (rc)
goto out;
} else {
rc = __security_genfs_sid(state, fstype, "/", SECCLASS_DIR,
&sbsec->sid);