May 2024 - Kernel - mailweb.openeuler.org

[PATCH OLK-5.10] SUNRPC: fix a memleak in gss_import_v2_context
by Dong Chenchen 10 May '24

10 May '24

From: Zhipeng Lu <alexious(a)zju.edu.cn> mainline inclusion from mainline-v6.9-rc1 commit e67b652d8e8591d3b1e569dbcdfcee15993e91fa category: bugfix bugzilla: 189914, https://gitee.com/src-openeuler/kernel/issues/I9L9IF CVE: CVE-2023-52653 Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?… -------------------------------- The ctx->mech_used.data allocated by kmemdup is not freed in neither gss_import_v2_context nor it only caller gss_krb5_import_sec_context, which frees ctx on error. Thus, this patch reform the last call of gss_import_v2_context to the gss_krb5_import_ctx_v2, preventing the memleak while keepping the return formation. Fixes: 47d848077629 ("gss_krb5: handle new context format from gssd") Signed-off-by: Zhipeng Lu <alexious(a)zju.edu.cn> Reviewed-by: Jeff Layton <jlayton(a)kernel.org> Signed-off-by: Chuck Lever <chuck.lever(a)oracle.com> Conflicts: net/sunrpc/auth_gss/gss_krb5_mech.c [commit 279a67cdd491 was not merged] Signed-off-by: Dong Chenchen <dongchenchen2(a)huawei.com> --- net/sunrpc/auth_gss/gss_krb5_mech.c | 18 +++++++++++++++--- 1 file changed, 15 insertions(+), 3 deletions(-) diff --git a/net/sunrpc/auth_gss/gss_krb5_mech.c b/net/sunrpc/auth_gss/gss_krb5_mech.c index 1c092b05c2bb..232d31111e4f 100644 --- a/net/sunrpc/auth_gss/gss_krb5_mech.c +++ b/net/sunrpc/auth_gss/gss_krb5_mech.c @@ -471,6 +471,7 @@ gss_import_v2_context(const void *p, const void *end, struct krb5_ctx *ctx, u64 seq_send64; int keylen; u32 time32; + int ret; p = simple_get_bytes(p, end, &ctx->flags, sizeof(ctx->flags)); if (IS_ERR(p)) @@ -528,14 +529,25 @@ gss_import_v2_context(const void *p, const void *end, struct krb5_ctx *ctx, switch (ctx->enctype) { case ENCTYPE_DES3_CBC_RAW: - return context_derive_keys_des3(ctx, gfp_mask); + ret = context_derive_keys_des3(ctx, gfp_mask); + break; case ENCTYPE_AES128_CTS_HMAC_SHA1_96: case ENCTYPE_AES256_CTS_HMAC_SHA1_96: - return context_derive_keys_new(ctx, gfp_mask); + ret = context_derive_keys_new(ctx, gfp_mask); + break; default: - return -EINVAL; + ret = -EINVAL; + } + + if (ret) { + p = ERR_PTR(ret); + goto out_free; } + return 0; + +out_free: + kfree(ctx->mech_used.data); out_err: return PTR_ERR(p); } -- 2.25.1

2 1

[PATCH OLK-6.6] openeuler_defconfig: update oedefconfig for the minimum set
by Peng Zhang 10 May '24

10 May '24

From: YGN-NDWD-Official <liuyanze1(a)huawei.com> hulk inclusion category: feature bugzilla: https://gitee.com/openeuler/kernel/issues/I9NSB7 ---------------------------------------------- The minimum set of kconfig configuration items is different from that defined by the openEuler community. For details about the modification and reason, see the issue. Signed-off-by: YGN-NDWD-Official <liuyanze1(a)huawei.com> --- arch/arm64/configs/openeuler_defconfig | 138 ++++++++++++++----------- arch/x86/configs/openeuler_defconfig | 17 ++- 2 files changed, 94 insertions(+), 61 deletions(-) diff --git a/arch/arm64/configs/openeuler_defconfig b/arch/arm64/configs/openeuler_defconfig index baf9159c9826..4932a6be9d6f 100644 --- a/arch/arm64/configs/openeuler_defconfig +++ b/arch/arm64/configs/openeuler_defconfig @@ -2,6 +2,7 @@ # Automatically generated file; DO NOT EDIT. # Linux/arm64 6.6.0 Kernel Configuration # +CONFIG_GCC_ASM_GOTO_OUTPUT_WORKAROUND=y CONFIG_IRQ_WORK=y CONFIG_BUILDTIME_TABLE_SORT=y CONFIG_THREAD_INFO_IN_TASK=y @@ -96,7 +97,6 @@ CONFIG_PREEMPT_NONE=y # CONFIG_PREEMPT_VOLUNTARY is not set # CONFIG_PREEMPT is not set # CONFIG_PREEMPT_DYNAMIC is not set -# CONFIG_SCHED_CORE is not set # # CPU/Task time and stats accounting @@ -153,7 +153,8 @@ CONFIG_GENERIC_SCHED_CLOCK=y CONFIG_ARCH_SUPPORTS_NUMA_BALANCING=y CONFIG_ARCH_WANT_BATCHED_UNMAP_TLB_FLUSH=y CONFIG_CC_IMPLICIT_FALLTHROUGH="-Wimplicit-fallthrough=5" -CONFIG_GCC11_NO_ARRAY_BOUNDS=y +CONFIG_GCC10_NO_ARRAY_BOUNDS=y +CONFIG_CC_NO_ARRAY_BOUNDS=y CONFIG_ARCH_SUPPORTS_INT128=y CONFIG_NUMA_BALANCING=y CONFIG_NUMA_BALANCING_DEFAULT_ENABLED=y @@ -171,14 +172,14 @@ CONFIG_CGROUP_WRITEBACK=y CONFIG_CGROUP_V1_WRITEBACK=y CONFIG_CGROUP_SCHED=y CONFIG_QOS_SCHED=y -CONFIG_QOS_SCHED_MULTILEVEL=y +CONFIG_QOS_SCHED_SMT_EXPELLER=y CONFIG_QOS_SCHED_PRIO_LB=y +CONFIG_QOS_SCHED_MULTILEVEL=y CONFIG_FAIR_GROUP_SCHED=y -CONFIG_QOS_SCHED_SMT_EXPELLER=y CONFIG_CFS_BANDWIDTH=y CONFIG_RT_GROUP_SCHED=y -CONFIG_SCHED_MM_CID=y CONFIG_QOS_SCHED_DYNAMIC_AFFINITY=y +CONFIG_SCHED_MM_CID=y CONFIG_QOS_SCHED_SMART_GRID=y CONFIG_CGROUP_PIDS=y CONFIG_CGROUP_RDMA=y @@ -274,6 +275,8 @@ CONFIG_DEBUG_PERF_USE_VMALLOC=y CONFIG_SYSTEM_DATA_VERIFICATION=y CONFIG_PROFILING=y CONFIG_TRACEPOINTS=y +CONFIG_KABI_RESERVE=y +CONFIG_KABI_SIZE_ALIGN_CHECKS=y # # Kexec and crash features @@ -419,6 +422,7 @@ CONFIG_ARM64_ERRATUM_2038923=y CONFIG_ARM64_ERRATUM_1902691=y CONFIG_ARM64_ERRATUM_2457168=y CONFIG_ARM64_ERRATUM_2645198=y +CONFIG_ARM64_WORKAROUND_SPECULATIVE_UNPRIV_LOAD=y CONFIG_ARM64_ERRATUM_2966298=y CONFIG_ARM64_ERRATUM_3117295=y CONFIG_CAVIUM_ERRATUM_22375=y @@ -430,10 +434,10 @@ CONFIG_CAVIUM_TX2_ERRATUM_219=y CONFIG_FUJITSU_ERRATUM_010001=y CONFIG_HISILICON_ERRATUM_161600802=y CONFIG_HISILICON_ERRATUM_162100125=y -CONFIG_HISILICON_ERRATUM_162102203=y # CONFIG_HISILICON_ERRATUM_1980005 is not set CONFIG_HISILICON_ERRATUM_162100801=y CONFIG_HISILICON_ERRATUM_162100602=y +CONFIG_HISILICON_ERRATUM_162102203=y CONFIG_QCOM_FALKOR_ERRATUM_1003=y CONFIG_QCOM_FALKOR_ERRATUM_1009=y CONFIG_QCOM_QDF2400_ERRATUM_0065=y @@ -473,6 +477,7 @@ CONFIG_HZ=250 CONFIG_SCHED_HRTICK=y CONFIG_ARCH_SPARSEMEM_ENABLE=y CONFIG_HW_PERF_EVENTS=y +CONFIG_CC_HAVE_SHADOW_CALL_STACK=y CONFIG_PARAVIRT=y CONFIG_PARAVIRT_SCHED=y CONFIG_PARAVIRT_TIME_ACCOUNTING=y @@ -528,8 +533,8 @@ CONFIG_ARM64_PTR_AUTH_KERNEL=y # ARMv8.4 architectural features # CONFIG_ARM64_AMU_EXTN=y -CONFIG_ARM64_MPAM=y CONFIG_ARM64_TLB_RANGE=y +CONFIG_ARM64_MPAM=y # end of ARMv8.4 architectural features # @@ -567,8 +572,8 @@ CONFIG_IPI_AS_NMI=y CONFIG_NON_NMI_IPI_BACKTRACE=y CONFIG_RELOCATABLE=y CONFIG_RANDOMIZE_BASE=y -CONFIG_KASLR_SKIP_MEM_RANGE=y CONFIG_RANDOMIZE_MODULE_REGION_FULL=y +CONFIG_KASLR_SKIP_MEM_RANGE=y CONFIG_CC_HAVE_STACKPROTECTOR_SYSREG=y CONFIG_STACKPROTECTOR_PER_TASK=y CONFIG_ARM64_CONTPTE=y @@ -580,7 +585,7 @@ CONFIG_CLEAR_USER_WORKAROUND=y # CONFIG_ARM64_ACPI_PARKING_PROTOCOL=y CONFIG_CMDLINE="console=ttyAMA0" -# CONFIG_CMDLINE_FROM_BOOTLOADER is not set +CONFIG_CMDLINE_FROM_BOOTLOADER=y # CONFIG_CMDLINE_FORCE is not set CONFIG_EFI_STUB=y CONFIG_EFI=y @@ -666,7 +671,7 @@ CONFIG_CPU_FREQ_GOV_SCHEDUTIL=y # # CONFIG_CPUFREQ_DT is not set # CONFIG_CPUFREQ_DT_PLATDEV is not set -CONFIG_ACPI_CPPC_CPUFREQ=y +CONFIG_ACPI_CPPC_CPUFREQ=m CONFIG_ACPI_CPPC_CPUFREQ_FIE=y CONFIG_ARM_SCPI_CPUFREQ=m # CONFIG_ARM_QCOM_CPUFREQ_HW is not set @@ -694,7 +699,6 @@ CONFIG_ACPI_MCFG=y CONFIG_ACPI_CPPC_LIB=y CONFIG_ACPI_PROCESSOR=y CONFIG_ACPI_IPMI=m -CONFIG_ACPI_HOTPLUG_CPU=y CONFIG_ACPI_THERMAL=y CONFIG_ARCH_HAS_ACPI_TABLE_UPGRADE=y CONFIG_ACPI_TABLE_UPGRADE=y @@ -725,6 +729,7 @@ CONFIG_ACPI_IORT=y CONFIG_ACPI_GTDT=y CONFIG_ACPI_AGDI=y CONFIG_ACPI_APMT=y +CONFIG_ACPI_MPAM=y CONFIG_ACPI_PPTT=y CONFIG_ACPI_PCC=y CONFIG_ACPI_FFH=y @@ -746,13 +751,16 @@ CONFIG_KVM_VFIO=y CONFIG_KVM_GENERIC_DIRTYLOG_READ_PROTECT=y CONFIG_HAVE_KVM_IRQ_BYPASS=y CONFIG_HAVE_KVM_VCPU_RUN_PID_CHANGE=y -CONFIG_KVM_HISI_VIRT=y CONFIG_KVM_XFER_TO_GUEST_WORK=y CONFIG_KVM_GENERIC_HARDWARE_ENABLING=y +CONFIG_KVM_HISI_VIRT=y CONFIG_VIRTUALIZATION=y CONFIG_KVM=y -CONFIG_KVM_ARM_MULTI_LPI_TRANSLATE_CACHE=y # CONFIG_NVHE_EL2_DEBUG is not set +CONFIG_KVM_ARM_MULTI_LPI_TRANSLATE_CACHE=y +CONFIG_ARCH_VCPU_STAT=y +CONFIG_VIRT_VTIMER_IRQ_BYPASS=y +CONFIG_CPU_MITIGATIONS=y # # General architecture-dependent options @@ -813,6 +821,8 @@ CONFIG_HAVE_ARCH_STACKLEAK=y CONFIG_HAVE_STACKPROTECTOR=y CONFIG_STACKPROTECTOR=y CONFIG_STACKPROTECTOR_STRONG=y +CONFIG_ARCH_SUPPORTS_SHADOW_CALL_STACK=y +# CONFIG_SHADOW_CALL_STACK is not set CONFIG_ARCH_SUPPORTS_LTO_CLANG=y CONFIG_ARCH_SUPPORTS_LTO_CLANG_THIN=y CONFIG_LTO_NONE=y @@ -852,6 +862,7 @@ CONFIG_ARCH_HAS_STRICT_KERNEL_RWX=y CONFIG_STRICT_KERNEL_RWX=y CONFIG_ARCH_HAS_STRICT_MODULE_RWX=y CONFIG_STRICT_MODULE_RWX=y +CONFIG_ARCH_HAS_CPU_RESCTRL=y CONFIG_HAVE_ARCH_COMPILER_H=y CONFIG_HAVE_ARCH_PREL32_RELOCATIONS=y CONFIG_ARCH_USE_MEMREMAP_PROT=y @@ -917,6 +928,7 @@ CONFIG_BLK_ICQ=y CONFIG_BLK_DEV_BSGLIB=y CONFIG_BLK_DEV_INTEGRITY=y CONFIG_BLK_DEV_INTEGRITY_T10=m +CONFIG_BLK_DEV_WRITE_MOUNTED=y CONFIG_BLK_DEV_ZONED=y CONFIG_BLK_DEV_THROTTLING=y # CONFIG_BLK_DEV_THROTTLING_LOW is not set @@ -932,7 +944,6 @@ CONFIG_BLK_DEBUG_FS=y CONFIG_BLK_DEBUG_FS_ZONED=y # CONFIG_BLK_SED_OPAL is not set # CONFIG_BLK_INLINE_ENCRYPTION is not set -CONFIG_BLK_DEV_WRITE_MOUNTED=y CONFIG_BLK_DEV_DETECT_WRITING_PART0=y CONFIG_BLK_DEV_WRITE_MOUNTED_DUMP=y @@ -1043,7 +1054,6 @@ CONFIG_ARCH_HAS_NON_OVERLAPPING_ADDRESS_SPACE=y CONFIG_ARCH_HAS_SYSCALL_WRAPPER=y CONFIG_PID_MAX_PER_NAMESPACE=y CONFIG_FREEZER=y -CONFIG_KWORKER_NUMA_AFFINITY=y # # Executable file formats @@ -1185,8 +1195,8 @@ CONFIG_LRU_GEN=y CONFIG_ARCH_SUPPORTS_PER_VMA_LOCK=y CONFIG_PER_VMA_LOCK=y CONFIG_LOCK_MM_AND_FIND_VMA=y +CONFIG_IOMMU_MM_DATA=y # CONFIG_ASCEND_FEATURES is not set -# CONFIG_ASCEND_OOM is not set CONFIG_PAGE_CACHE_LIMIT=y # CONFIG_CLEAR_FREELIST_PAGE is not set CONFIG_MEMORY_RELIABLE=y @@ -1336,6 +1346,7 @@ CONFIG_IPV6_PIMSM_V2=y # CONFIG_IPV6_IOAM6_LWTUNNEL is not set CONFIG_NETLABEL=y CONFIG_MPTCP=y +CONFIG_INET_MPTCP_DIAG=m CONFIG_MPTCP_IPV6=y CONFIG_NETWORK_SECMARK=y CONFIG_NET_PTP_CLASSIFY=y @@ -1772,7 +1783,7 @@ CONFIG_NET_SCH_MQPRIO=m CONFIG_NET_SCH_CHOKE=m CONFIG_NET_SCH_QFQ=m CONFIG_NET_SCH_CODEL=m -CONFIG_NET_SCH_FQ_CODEL=m +CONFIG_NET_SCH_FQ_CODEL=y # CONFIG_NET_SCH_CAKE is not set CONFIG_NET_SCH_FQ=m CONFIG_NET_SCH_HHF=m @@ -2100,6 +2111,7 @@ CONFIG_WANT_DEV_COREDUMP=y # CONFIG_DEBUG_TEST_DRIVER_REMOVE is not set CONFIG_HMEM_REPORTING=y # CONFIG_TEST_ASYNC_DRIVER_PROBE is not set +CONFIG_GENERIC_CPU_DEVICES=y CONFIG_GENERIC_CPU_AUTOPROBE=y CONFIG_GENERIC_CPU_VULNERABILITIES=y CONFIG_SOC_BUS=y @@ -2431,9 +2443,9 @@ CONFIG_SENSORS_APDS990X=m # CONFIG_XILINX_SDFEC is not set CONFIG_MISC_RTSX=m # CONFIG_HISI_HIKEY_USB is not set +CONFIG_VIRT_PLAT_DEV=y # CONFIG_OPEN_DICE is not set # CONFIG_VCPU_STALL_DETECTOR is not set -CONFIG_VIRT_PLAT_DEV=y # CONFIG_C2PORT is not set # @@ -2927,12 +2939,6 @@ CONFIG_ICE=m CONFIG_ICE_SWITCHDEV=y CONFIG_FM10K=m # CONFIG_IGC is not set -# CONFIG_JME is not set -CONFIG_NET_VENDOR_ADI=y -# CONFIG_ADIN1110 is not set -CONFIG_NET_VENDOR_LITEX=y -# CONFIG_LITEX_LITEETH is not set -# CONFIG_NET_VENDOR_MARVELL is not set CONFIG_NET_VENDOR_MUCSE=y CONFIG_MXGBE=m CONFIG_MXGBE_FIX_VF_QUEUE=y @@ -2952,6 +2958,15 @@ CONFIG_MGBE=m CONFIG_MGBE_MSIX_COUNT=26 CONFIG_MGBEVF=m # CONFIG_MGBEVF_OPTM_WITH_LARGE is not set +CONFIG_NET_VENDOR_YUNSILICON=y +CONFIG_YUNSILICON_XSC_ETH=m +CONFIG_YUNSILICON_XSC_PCI=m +# CONFIG_JME is not set +CONFIG_NET_VENDOR_ADI=y +# CONFIG_ADIN1110 is not set +CONFIG_NET_VENDOR_LITEX=y +# CONFIG_LITEX_LITEETH is not set +# CONFIG_NET_VENDOR_MARVELL is not set CONFIG_NET_VENDOR_MELLANOX=y CONFIG_MLX4_EN=m CONFIG_MLX4_EN_DCB=y @@ -3057,9 +3072,6 @@ CONFIG_SMSC9420=m # CONFIG_NET_VENDOR_SYNOPSYS is not set # CONFIG_NET_VENDOR_TEHUTI is not set # CONFIG_NET_VENDOR_TI is not set -CONFIG_NET_VENDOR_YUNSILICON=y -CONFIG_YUNSILICON_XSC_ETH=m -CONFIG_YUNSILICON_XSC_PCI=m CONFIG_NET_VENDOR_VERTEXCOM=y # CONFIG_MSE102X is not set # CONFIG_NET_VENDOR_VIA is not set @@ -3885,8 +3897,8 @@ CONFIG_PTP_1588_CLOCK_KVM=y # CONFIG_PTP_1588_CLOCK_IDTCM is not set # CONFIG_PTP_1588_CLOCK_MOCK is not set # CONFIG_PTP_1588_CLOCK_OCP is not set -# end of PTP clock support CONFIG_PTP_HISI=m +# end of PTP clock support CONFIG_PINCTRL=y CONFIG_PINMUX=y @@ -4339,7 +4351,7 @@ CONFIG_CPU_THERMAL=y CONFIG_CPU_FREQ_THERMAL=y CONFIG_THERMAL_EMULATION=y # CONFIG_THERMAL_MMIO is not set -CONFIG_HISI_THERMAL=y +CONFIG_HISI_THERMAL=m # # Qualcomm thermal drivers @@ -4483,7 +4495,6 @@ CONFIG_MFD_CORE=m # CONFIG_MFD_SKY81452 is not set # CONFIG_MFD_STMPE is not set CONFIG_MFD_SYSCON=y -# CONFIG_MFD_TI_AM335X_TSCADC is not set # CONFIG_MFD_LP3943 is not set # CONFIG_MFD_LP8788 is not set # CONFIG_MFD_TI_LMU is not set @@ -5287,9 +5298,8 @@ CONFIG_AUXDISPLAY=y # CONFIG_CHARLCD_BL_OFF is not set # CONFIG_CHARLCD_BL_ON is not set CONFIG_CHARLCD_BL_FLASH=y -CONFIG_DRM=y -# CONFIG_DRM_DEBUG_MM is not set -CONFIG_DRM_KMS_HELPER=y +CONFIG_DRM=m +CONFIG_DRM_KMS_HELPER=m # CONFIG_DRM_DEBUG_DP_MST_TOPOLOGY_REFS is not set # CONFIG_DRM_DEBUG_MODESET_LOCK is not set CONFIG_DRM_FBDEV_EMULATION=y @@ -6045,8 +6055,6 @@ CONFIG_MMC_CQHCI=m CONFIG_MMC_TOSHIBA_PCI=m CONFIG_MMC_MTK=m CONFIG_MMC_SDHCI_XENON=m -# CONFIG_MMC_SDHCI_OMAP is not set -# CONFIG_MMC_SDHCI_AM654 is not set # CONFIG_SCSI_UFSHCD is not set CONFIG_MEMSTICK=m # CONFIG_MEMSTICK_DEBUG is not set @@ -6207,7 +6215,8 @@ CONFIG_RTC_LIB=y CONFIG_RTC_CLASS=y CONFIG_RTC_HCTOSYS=y CONFIG_RTC_HCTOSYS_DEVICE="rtc0" -# CONFIG_RTC_SYSTOHC is not set +CONFIG_RTC_SYSTOHC=y +CONFIG_RTC_SYSTOHC_DEVICE="rtc0" # CONFIG_RTC_DEBUG is not set CONFIG_RTC_NVMEM=y @@ -6434,7 +6443,7 @@ CONFIG_VIRTIO_PCI_LEGACY=y # CONFIG_VIRTIO_VDPA is not set # CONFIG_VIRTIO_PMEM is not set CONFIG_VIRTIO_BALLOON=m -# CONFIG_VIRTIO_MEM is not set +CONFIG_VIRTIO_MEM=m CONFIG_VIRTIO_INPUT=m CONFIG_VIRTIO_MMIO=m # CONFIG_VIRTIO_MMIO_CMDLINE_DEVICES is not set @@ -6475,6 +6484,7 @@ CONFIG_CHROME_PLATFORMS=y # CONFIG_CROS_HPS_I2C is not set # CONFIG_CHROMEOS_PRIVACY_SCREEN is not set # CONFIG_MELLANOX_PLATFORM is not set +CONFIG_ARM_CPU_RESCTRL=y CONFIG_SURFACE_PLATFORMS=y # CONFIG_SURFACE_3_POWER_OPREGION is not set # CONFIG_SURFACE_GPE is not set @@ -6578,6 +6588,7 @@ CONFIG_IOMMU_DEFAULT_DMA_STRICT=y CONFIG_OF_IOMMU=y CONFIG_IOMMU_DMA=y CONFIG_IOMMU_SVA=y +CONFIG_IOMMU_IOPF=y CONFIG_IOMMUFD=m CONFIG_ARM_SMMU=y # CONFIG_ARM_SMMU_LEGACY_DT_BINDINGS is not set @@ -6702,7 +6713,15 @@ CONFIG_EXTCON_GPIO=m # CONFIG_EXTCON_USBC_TUSB320 is not set # CONFIG_MEMORY is not set # CONFIG_IIO is not set -# CONFIG_NTB is not set +CONFIG_NTB=m +# CONFIG_NTB_MSI is not set +# CONFIG_NTB_IDT is not set +# CONFIG_NTB_EPF is not set +# CONFIG_NTB_SWITCHTEC is not set +# CONFIG_NTB_PINGPONG is not set +# CONFIG_NTB_TOOL is not set +# CONFIG_NTB_PERF is not set +# CONFIG_NTB_TRANSPORT is not set CONFIG_PWM=y CONFIG_PWM_SYSFS=y # CONFIG_PWM_DEBUG is not set @@ -6728,7 +6747,6 @@ CONFIG_ARM_GIC_PHYTIUM_2500=y # CONFIG_AL_FIC is not set CONFIG_HISILICON_IRQ_MBIGEN=y CONFIG_IRQ_MBIGEN_ENABLE_SPI=y -CONFIG_VIRT_VTIMER_IRQ_BYPASS=y # CONFIG_XILINX_INTC is not set CONFIG_PARTITION_PERCPU=y CONFIG_QCOM_IRQ_COMBINER=y @@ -6806,14 +6824,14 @@ CONFIG_ARM_CCN=y # CONFIG_ARM_CMN is not set CONFIG_ARM_PMU=y CONFIG_ARM_PMU_ACPI=y -CONFIG_ARM_SMMU_V3_PMU=y +CONFIG_ARM_SMMU_V3_PMU=m CONFIG_ARM_PMUV3=y # CONFIG_ARM_DSU_PMU is not set CONFIG_QCOM_L2_PMU=y CONFIG_QCOM_L3_PMU=y CONFIG_THUNDERX2_PMU=m CONFIG_XGENE_PMU=y -CONFIG_ARM_SPE_PMU=y +CONFIG_ARM_SPE_PMU=m # CONFIG_ARM_DMC620_PMU is not set # CONFIG_MARVELL_CN10K_TAD_PMU is not set # CONFIG_ALIBABA_UNCORE_DRW_PMU is not set @@ -6925,8 +6943,8 @@ CONFIG_EXT4_FS=m CONFIG_EXT4_USE_FOR_EXT2=y CONFIG_EXT4_FS_POSIX_ACL=y CONFIG_EXT4_FS_SECURITY=y -CONFIG_EXT4_ERROR_REPORT=y # CONFIG_EXT4_DEBUG is not set +CONFIG_EXT4_ERROR_REPORT=y CONFIG_JBD2=m # CONFIG_JBD2_DEBUG is not set CONFIG_FS_MBCACHE=m @@ -7044,6 +7062,7 @@ CONFIG_PROC_VMCORE=y CONFIG_PROC_SYSCTL=y CONFIG_PROC_PAGE_MONITOR=y CONFIG_PROC_CHILDREN=y +CONFIG_PROC_CPU_RESCTRL=y CONFIG_KERNFS=y CONFIG_SYSFS=y CONFIG_DIRTY_PAGES=y @@ -7101,6 +7120,8 @@ CONFIG_SQUASHFS_FRAGMENT_CACHE_SIZE=3 # CONFIG_HPFS_FS is not set # CONFIG_QNX4FS_FS is not set # CONFIG_QNX6FS_FS is not set +CONFIG_RESCTRL_FS=y +CONFIG_RESCTRL_RMID_DEPENDS_ON_CLOSID=y # CONFIG_ROMFS_FS is not set CONFIG_PSTORE=y CONFIG_PSTORE_DEFAULT_KMSG_BYTES=10240 @@ -7328,6 +7349,10 @@ CONFIG_IMA_APPRAISE_MODSIG=y CONFIG_IMA_LOAD_X509=y CONFIG_IMA_X509_PATH="/etc/keys/x509_ima.der" # CONFIG_IMA_APPRAISE_SIGNED_INIT is not set +CONFIG_IMA_MEASURE_ASYMMETRIC_KEYS=y +CONFIG_IMA_QUEUE_EARLY_BOOT_KEYS=y +# CONFIG_IMA_SECURE_AND_OR_TRUSTED_BOOT is not set +# CONFIG_IMA_DISABLE_HTABLE is not set CONFIG_IMA_DIGEST_LIST=y CONFIG_IMA_DIGEST_LISTS_DIR="/etc/ima/digest_lists" CONFIG_IMA_STANDARD_DIGEST_DB_SIZE=y @@ -7335,14 +7360,11 @@ CONFIG_IMA_STANDARD_DIGEST_DB_SIZE=y # CONFIG_IMA_CUSTOM_DIGEST_DB_SIZE is not set CONFIG_IMA_DIGEST_DB_MEGABYTES=16 CONFIG_IMA_PARSER_BINARY_PATH="/usr/bin/upload_digest_lists" -CONFIG_IMA_MEASURE_ASYMMETRIC_KEYS=y -CONFIG_IMA_QUEUE_EARLY_BOOT_KEYS=y -# CONFIG_IMA_SECURE_AND_OR_TRUSTED_BOOT is not set -# CONFIG_IMA_DISABLE_HTABLE is not set CONFIG_EVM=y -CONFIG_EVM_DEFAULT_HASH_SHA1=n +# CONFIG_EVM_DEFAULT_HASH_SHA1 is not set CONFIG_EVM_DEFAULT_HASH_SHA256=y -CONFIG_EVM_DEFAULT_HASH_SHA512=n +# CONFIG_EVM_DEFAULT_HASH_SHA512 is not set +CONFIG_EVM_DEFAULT_HASH="sha256" CONFIG_EVM_ATTR_FSUUID=y # CONFIG_EVM_ADD_XATTRS is not set CONFIG_EVM_LOAD_X509=y @@ -7360,8 +7382,11 @@ CONFIG_LSM="lockdown,yama,loadpin,safesetid,integrity,selinux,smack,tomoyo,appar # Memory initialization # CONFIG_INIT_STACK_NONE=y +# CONFIG_INIT_STACK_ALL_PATTERN is not set +# CONFIG_INIT_STACK_ALL_ZERO is not set # CONFIG_INIT_ON_ALLOC_DEFAULT_ON is not set # CONFIG_INIT_ON_FREE_DEFAULT_ON is not set +# CONFIG_ZERO_CALL_USED_REGS is not set # end of Memory initialization # @@ -7617,7 +7642,6 @@ CONFIG_CAVIUM_CPT=m # CONFIG_CRYPTO_DEV_QAT_DH895xCCVF is not set # CONFIG_CRYPTO_DEV_QAT_C3XXXVF is not set # CONFIG_CRYPTO_DEV_QAT_C62XVF is not set -# CONFIG_CRYPTO_DEV_QAT_ERROR_INJECTION is not set CONFIG_CRYPTO_DEV_CAVIUM_ZIP=m # CONFIG_CRYPTO_DEV_QCE is not set # CONFIG_CRYPTO_DEV_QCOM_RNG is not set @@ -7769,7 +7793,6 @@ CONFIG_BTREE=y CONFIG_INTERVAL_TREE=y CONFIG_INTERVAL_TREE_SPAN_ITER=y CONFIG_XARRAY_MULTI=y -CONFIG_ARCH_VCPU_STAT=y CONFIG_ASSOCIATIVE_ARRAY=y CONFIG_HAS_IOMEM=y CONFIG_HAS_IOPORT=y @@ -7836,6 +7859,7 @@ CONFIG_SG_POOL=y CONFIG_ARCH_HAS_PMEM_API=y CONFIG_MEMREGION=y CONFIG_ARCH_HAS_UACCESS_FLUSHCACHE=y +CONFIG_ARCH_HAS_COPY_MC=y CONFIG_ARCH_STACKWALK=y CONFIG_STACKDEPOT=y CONFIG_SBITMAP=y @@ -7882,9 +7906,6 @@ CONFIG_DEBUG_INFO_COMPRESSED_NONE=y # CONFIG_DEBUG_INFO_COMPRESSED_ZLIB is not set # CONFIG_DEBUG_INFO_SPLIT is not set CONFIG_DEBUG_INFO_BTF=y -CONFIG_PAHOLE_HAS_SPLIT_BTF=y -CONFIG_DEBUG_INFO_BTF_MODULES=y -# CONFIG_MODULE_ALLOW_BTF_MISMATCH is not set # CONFIG_GDB_SCRIPTS is not set CONFIG_FRAME_WARN=2048 CONFIG_STRIP_ASM_SYMS=y @@ -7924,6 +7945,8 @@ CONFIG_KDB_CONTINUE_CATASTROPHIC=0 CONFIG_ARCH_HAS_UBSAN_SANITIZE_ALL=y # CONFIG_UBSAN is not set CONFIG_HAVE_ARCH_KCSAN=y +CONFIG_HAVE_KCSAN_COMPILER=y +# CONFIG_KCSAN is not set # end of Generic Kernel Debugging Instruments # @@ -7984,6 +8007,7 @@ CONFIG_LOCKUP_DETECTOR=y CONFIG_SOFTLOCKUP_DETECTOR=y # CONFIG_BOOTPARAM_SOFTLOCKUP_PANIC is not set CONFIG_HAVE_HARDLOCKUP_DETECTOR_BUDDY=y +CONFIG_SDEI_WATCHDOG=y CONFIG_HARDLOCKUP_DETECTOR=y # CONFIG_HARDLOCKUP_DETECTOR_PREFER_BUDDY is not set CONFIG_HARDLOCKUP_DETECTOR_PERF=y @@ -7991,7 +8015,6 @@ CONFIG_HARDLOCKUP_DETECTOR_PERF=y # CONFIG_HARDLOCKUP_DETECTOR_ARCH is not set CONFIG_HARDLOCKUP_DETECTOR_COUNTS_HRTIMER=y CONFIG_BOOTPARAM_HARDLOCKUP_PANIC=y -CONFIG_SDEI_WATCHDOG=y CONFIG_DETECT_HUNG_TASK=y CONFIG_DEFAULT_HUNG_TASK_TIMEOUT=120 # CONFIG_BOOTPARAM_HUNG_TASK_PANIC is not set @@ -8045,8 +8068,6 @@ CONFIG_DEBUG_LIST=y # CONFIG_DEBUG_MAPLE_TREE is not set # end of Debug kernel data structures -# CONFIG_DEBUG_CREDENTIALS is not set - # # RCU Debugging # @@ -8170,6 +8191,7 @@ CONFIG_ULTRASOC_SMB=m CONFIG_FUNCTION_ERROR_INJECTION=y # CONFIG_FAULT_INJECTION is not set CONFIG_ARCH_HAS_KCOV=y +# CONFIG_KCOV is not set # CONFIG_RUNTIME_TESTING_MENU is not set CONFIG_ARCH_USE_MEMTEST=y # CONFIG_MEMTEST is not set @@ -8180,5 +8202,5 @@ CONFIG_ARCH_USE_MEMTEST=y # # end of Rust hacking # end of Kernel hacking -CONFIG_KABI_SIZE_ALIGN_CHECKS=y -CONFIG_KABI_RESERVE=y + +CONFIG_KWORKER_NUMA_AFFINITY=y diff --git a/arch/x86/configs/openeuler_defconfig b/arch/x86/configs/openeuler_defconfig index e68707028ddd..9b5df8585310 100644 --- a/arch/x86/configs/openeuler_defconfig +++ b/arch/x86/configs/openeuler_defconfig @@ -2,6 +2,8 @@ # Automatically generated file; DO NOT EDIT. # Linux/x86 6.6.0 Kernel Configuration # +CONFIG_GCC_ASM_GOTO_OUTPUT_WORKAROUND=y +CONFIG_TOOLS_SUPPORT_RELR=y CONFIG_IRQ_WORK=y CONFIG_BUILDTIME_TABLE_SORT=y CONFIG_THREAD_INFO_IN_TASK=y @@ -170,6 +172,7 @@ CONFIG_ARCH_SUPPORTS_NUMA_BALANCING=y CONFIG_ARCH_WANT_BATCHED_UNMAP_TLB_FLUSH=y CONFIG_CC_IMPLICIT_FALLTHROUGH="-Wimplicit-fallthrough=5" CONFIG_GCC10_NO_ARRAY_BOUNDS=y +CONFIG_CC_NO_ARRAY_BOUNDS=y CONFIG_ARCH_SUPPORTS_INT128=y CONFIG_NUMA_BALANCING=y CONFIG_NUMA_BALANCING_DEFAULT_ENABLED=y @@ -546,6 +549,7 @@ CONFIG_CALL_DEPTH_TRACKING=y CONFIG_CPU_IBPB_ENTRY=y CONFIG_CPU_IBRS_ENTRY=y CONFIG_CPU_SRSO=y +# CONFIG_SLS is not set # CONFIG_GDS_FORCE_MITIGATION is not set CONFIG_MITIGATION_RFDS=y CONFIG_MITIGATION_SPECTRE_BHI=y @@ -2005,7 +2009,7 @@ CONFIG_PCIEASPM_DEFAULT=y CONFIG_PCIE_PME=y CONFIG_PCIE_DPC=y # CONFIG_PCIE_PTM is not set -# CONFIG_PCIE_EDR is not set +CONFIG_PCIE_EDR=y CONFIG_PCI_MSI=y CONFIG_PCI_QUIRKS=y # CONFIG_PCI_DEBUG is not set @@ -6905,7 +6909,8 @@ CONFIG_RTC_MC146818_LIB=y CONFIG_RTC_CLASS=y CONFIG_RTC_HCTOSYS=y CONFIG_RTC_HCTOSYS_DEVICE="rtc0" -# CONFIG_RTC_SYSTOHC is not set +CONFIG_RTC_SYSTOHC=y +CONFIG_RTC_SYSTOHC_DEVICE="rtc0" # CONFIG_RTC_DEBUG is not set CONFIG_RTC_NVMEM=y @@ -7106,7 +7111,8 @@ CONFIG_VIRTIO_PCI_LEGACY=y CONFIG_VIRTIO_BALLOON=m CONFIG_VIRTIO_MEM=m CONFIG_VIRTIO_INPUT=m -# CONFIG_VIRTIO_MMIO is not set +CONFIG_VIRTIO_MMIO=m +# CONFIG_VIRTIO_MMIO_CMDLINE_DEVICES is not set CONFIG_VIRTIO_DMA_SHARED_BUFFER=m # CONFIG_VDPA is not set CONFIG_VHOST_IOTLB=m @@ -8530,8 +8536,11 @@ CONFIG_LSM="lockdown,yama,loadpin,safesetid,integrity,selinux,smack,tomoyo,appar # Memory initialization # CONFIG_INIT_STACK_NONE=y +# CONFIG_INIT_STACK_ALL_PATTERN is not set +# CONFIG_INIT_STACK_ALL_ZERO is not set # CONFIG_INIT_ON_ALLOC_DEFAULT_ON is not set # CONFIG_INIT_ON_FREE_DEFAULT_ON is not set +# CONFIG_ZERO_CALL_USED_REGS is not set # end of Memory initialization # @@ -9068,6 +9077,8 @@ CONFIG_ARCH_HAS_EARLY_DEBUG=y CONFIG_ARCH_HAS_UBSAN_SANITIZE_ALL=y # CONFIG_UBSAN is not set CONFIG_HAVE_ARCH_KCSAN=y +CONFIG_HAVE_KCSAN_COMPILER=y +# CONFIG_KCSAN is not set # end of Generic Kernel Debugging Instruments # -- 2.43.0

2 1

[PATCH openEuler-1.0-LTS] SUNRPC: fix a memleak in gss_import_v2_context
by Dong Chenchen 10 May '24

10 May '24

From: Zhipeng Lu <alexious(a)zju.edu.cn> mainline inclusion from mainline-v6.9-rc1 commit e67b652d8e8591d3b1e569dbcdfcee15993e91fa category: bugfix bugzilla: 189914, https://gitee.com/src-openeuler/kernel/issues/I9L9IF CVE: CVE-2023-52653 Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?… -------------------------------- The ctx->mech_used.data allocated by kmemdup is not freed in neither gss_import_v2_context nor it only caller gss_krb5_import_sec_context, which frees ctx on error. Thus, this patch reform the last call of gss_import_v2_context to the gss_krb5_import_ctx_v2, preventing the memleak while keepping the return formation. Fixes: 47d848077629 ("gss_krb5: handle new context format from gssd") Signed-off-by: Zhipeng Lu <alexious(a)zju.edu.cn> Reviewed-by: Jeff Layton <jlayton(a)kernel.org> Signed-off-by: Chuck Lever <chuck.lever(a)oracle.com> Conflicts: net/sunrpc/auth_gss/gss_krb5_mech.c [commit 279a67cdd491 was not merged] Signed-off-by: Dong Chenchen <dongchenchen2(a)huawei.com> --- net/sunrpc/auth_gss/gss_krb5_mech.c | 21 +++++++++++++++++---- 1 file changed, 17 insertions(+), 4 deletions(-) diff --git a/net/sunrpc/auth_gss/gss_krb5_mech.c b/net/sunrpc/auth_gss/gss_krb5_mech.c index 893d8a480592..a296690e5947 100644 --- a/net/sunrpc/auth_gss/gss_krb5_mech.c +++ b/net/sunrpc/auth_gss/gss_krb5_mech.c @@ -588,6 +588,7 @@ gss_import_v2_context(const void *p, const void *end, struct krb5_ctx *ctx, { int keylen; u32 time32; + int ret; p = simple_get_bytes(p, end, &ctx->flags, sizeof(ctx->flags)); if (IS_ERR(p)) @@ -644,16 +645,28 @@ gss_import_v2_context(const void *p, const void *end, struct krb5_ctx *ctx, switch (ctx->enctype) { case ENCTYPE_DES3_CBC_RAW: - return context_derive_keys_des3(ctx, gfp_mask); + ret = context_derive_keys_des3(ctx, gfp_mask); + break; case ENCTYPE_ARCFOUR_HMAC: - return context_derive_keys_rc4(ctx); + ret = context_derive_keys_rc4(ctx); + break; case ENCTYPE_AES128_CTS_HMAC_SHA1_96: case ENCTYPE_AES256_CTS_HMAC_SHA1_96: - return context_derive_keys_new(ctx, gfp_mask); + ret = context_derive_keys_new(ctx, gfp_mask); + break; default: - return -EINVAL; + ret -EINVAL; } + if (ret) { + p = ERR_PTR(ret); + goto out_free; + } + + return 0; + +out_free: + kfree(ctx->mech_used.data); out_err: return PTR_ERR(p); } -- 2.25.1

2 1

[PATCH OLK-6.6] tick/broadcast-hrtimer: Prevent the timer device on broadcast duty CPU from being disabled
by Yu Liao 10 May '24

10 May '24

hulk inclusion category: bugfix bugzilla: https://gitee.com/openeuler/kernel/issues/I8PL17 CVE: NA ---------------------------------------- It was found that running the LTP hotplug stress test on a aarch64 system could produce rcu_sched stall warnings. The issue is the following: CPU1 (owns the broadcast hrtimer) CPU2 tick_broadcast_enter() //shut down local timer device ... tick_broadcast_exit() //exits with tick_broadcast_force_mask set, timer device remains disabled initiates offlining of CPU1 take_cpu_down() //CPU1 shuts down and does not send broadcast IPI anymore takedown_cpu() hotplug_cpu__broadcast_tick_pull() //move broadcast hrtimer to this CPU clockevents_program_event() bc_set_next() hrtimer_start() //does not call hrtimer_reprogram() to program timer device if expires equals dev->next_event, so the timer device remains disabled. CPU2 takes over the broadcast duty but local timer device is disabled, causing many CPUs to become stuck. Fix this by calling tick_program_event() to reprogram the local timer device in this scenario. Signed-off-by: Yu Liao <liaoyu15(a)huawei.com> --- kernel/time/tick-broadcast-hrtimer.c | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/kernel/time/tick-broadcast-hrtimer.c b/kernel/time/tick-broadcast-hrtimer.c index e28f9210f8a1..0dc78744fce6 100644 --- a/kernel/time/tick-broadcast-hrtimer.c +++ b/kernel/time/tick-broadcast-hrtimer.c @@ -42,6 +42,19 @@ static int bc_shutdown(struct clock_event_device *evt) */ static int bc_set_next(ktime_t expires, struct clock_event_device *bc) { + struct clock_event_device *dev = __this_cpu_read(tick_cpu_device.evtdev); + + /* + * This can be called from CPU offline operation to move broadcast + * assignment. If tick_broadcast_force_mask is set, the CPU local + * timer device may be disabled. And hrtimer_reprogram() will not + * called if the timer is not the first expiring timer. Reprogram + * the cpu local timer device to ensure we can take over the + * broadcast duty. + */ + if (tick_check_broadcast_expired() && expires >= dev->next_event) + clockevents_program_event(dev, dev->next_event, 1); + /* * This is called either from enter/exit idle code or from the * broadcast handler. In all cases tick_broadcast_lock is held. -- 2.25.1

2 1

[PATCH OLK-5.10 v2] clk: zynq: Prevent null pointer dereference caused by kmalloc failure
by Yu Liao 10 May '24

10 May '24

From: Duoming Zhou <duoming(a)zju.edu.cn> mainline inclusion from mainline-v6.9-rc1 commit 7938e9ce39d6779d2f85d822cc930f73420e54a6 category: bugfix bugzilla: https://gitee.com/src-openeuler/kernel/issues/I9L9NB CVE: CVE-2024-27037 Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?… -------------------------------- The kmalloc() in zynq_clk_setup() will return null if the physical memory has run out. As a result, if we use snprintf() to write data to the null address, the null pointer dereference bug will happen. This patch uses a stack variable to replace the kmalloc(). Fixes: 0ee52b157b8e ("clk: zynq: Add clock controller driver") Suggested-by: Michal Simek <michal.simek(a)amd.com> Suggested-by: Stephen Boyd <sboyd(a)kernel.org> Signed-off-by: Duoming Zhou <duoming(a)zju.edu.cn> Link: https://lore.kernel.org/r/20240301084437.16084-1-duoming@zju.edu.cn Acked-by: Michal Simek <michal.simek(a)amd.com> Signed-off-by: Stephen Boyd <sboyd(a)kernel.org> Conflicts: drivers/clk/zynq/clkc.c [The conflicts were caused by not merged bf2244ba9d85("clk: zynq: clkc: Remove various instances of an unused variable 'clk'")] Signed-off-by: Yu Liao <liaoyu15(a)huawei.com> --- drivers/clk/zynq/clkc.c | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/drivers/clk/zynq/clkc.c b/drivers/clk/zynq/clkc.c index ffbb9008c1c9..15320945bedc 100644 --- a/drivers/clk/zynq/clkc.c +++ b/drivers/clk/zynq/clkc.c @@ -42,6 +42,7 @@ static void __iomem *zynq_clkc_base; #define SLCR_SWDT_CLK_SEL (zynq_clkc_base + 0x204) #define NUM_MIO_PINS 54 +#define CLK_NAME_LEN 16 #define DBG_CLK_CTRL_CLKACT_TRC BIT(0) #define DBG_CLK_CTRL_CPU_1XCLKACT BIT(1) @@ -218,7 +219,7 @@ static void __init zynq_clk_setup(struct device_node *np) u32 tmp; int ret; struct clk *clk; - char *clk_name; + char clk_name[CLK_NAME_LEN]; unsigned int fclk_enable = 0; const char *clk_output_name[clk_max]; const char *cpu_parents[4]; @@ -428,12 +429,10 @@ static void __init zynq_clk_setup(struct device_node *np) "gem1_emio_mux", CLK_SET_RATE_PARENT, SLCR_GEM1_CLK_CTRL, 0, 0, &gem1clk_lock); - tmp = strlen("mio_clk_00x"); - clk_name = kmalloc(tmp, GFP_KERNEL); for (i = 0; i < NUM_MIO_PINS; i++) { int idx; - snprintf(clk_name, tmp, "mio_clk_%2.2d", i); + snprintf(clk_name, CLK_NAME_LEN, "mio_clk_%2.2d", i); idx = of_property_match_string(np, "clock-names", clk_name); if (idx >= 0) can_mio_mux_parents[i] = of_clk_get_parent_name(np, @@ -441,7 +440,6 @@ static void __init zynq_clk_setup(struct device_node *np) else can_mio_mux_parents[i] = dummy_nm; } - kfree(clk_name); clk = clk_register_mux(NULL, "can_mux", periph_parents, 4, CLK_SET_RATE_NO_REPARENT, SLCR_CAN_CLK_CTRL, 4, 2, 0, &canclk_lock); -- 2.25.1

2 1

[PATCH openEuler-1.0-LTS v2] clk: zynq: Prevent null pointer dereference caused by kmalloc failure
by Yu Liao 10 May '24

10 May '24

From: Duoming Zhou <duoming(a)zju.edu.cn> mainline inclusion from mainline-v6.9-rc1 commit 7938e9ce39d6779d2f85d822cc930f73420e54a6 category: bugfix bugzilla: https://gitee.com/src-openeuler/kernel/issues/I9L9NB CVE: CVE-2024-27037 Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?… -------------------------------- The kmalloc() in zynq_clk_setup() will return null if the physical memory has run out. As a result, if we use snprintf() to write data to the null address, the null pointer dereference bug will happen. This patch uses a stack variable to replace the kmalloc(). Fixes: 0ee52b157b8e ("clk: zynq: Add clock controller driver") Suggested-by: Michal Simek <michal.simek(a)amd.com> Suggested-by: Stephen Boyd <sboyd(a)kernel.org> Signed-off-by: Duoming Zhou <duoming(a)zju.edu.cn> Link: https://lore.kernel.org/r/20240301084437.16084-1-duoming@zju.edu.cn Acked-by: Michal Simek <michal.simek(a)amd.com> Signed-off-by: Stephen Boyd <sboyd(a)kernel.org> Conflicts: drivers/clk/zynq/clkc.c [The conflicts were caused by not merged bf2244ba9d85("clk: zynq: clkc: Remove various instances of an unused variable 'clk'")] Signed-off-by: Yu Liao <liaoyu15(a)huawei.com> --- drivers/clk/zynq/clkc.c | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/drivers/clk/zynq/clkc.c b/drivers/clk/zynq/clkc.c index 88a2cab37f62..35c855708741 100644 --- a/drivers/clk/zynq/clkc.c +++ b/drivers/clk/zynq/clkc.c @@ -53,6 +53,7 @@ static void __iomem *zynq_clkc_base; #define SLCR_SWDT_CLK_SEL (zynq_clkc_base + 0x204) #define NUM_MIO_PINS 54 +#define CLK_NAME_LEN 16 #define DBG_CLK_CTRL_CLKACT_TRC BIT(0) #define DBG_CLK_CTRL_CPU_1XCLKACT BIT(1) @@ -229,7 +230,7 @@ static void __init zynq_clk_setup(struct device_node *np) u32 tmp; int ret; struct clk *clk; - char *clk_name; + char clk_name[CLK_NAME_LEN]; unsigned int fclk_enable = 0; const char *clk_output_name[clk_max]; const char *cpu_parents[4]; @@ -439,12 +440,10 @@ static void __init zynq_clk_setup(struct device_node *np) "gem1_emio_mux", CLK_SET_RATE_PARENT, SLCR_GEM1_CLK_CTRL, 0, 0, &gem1clk_lock); - tmp = strlen("mio_clk_00x"); - clk_name = kmalloc(tmp, GFP_KERNEL); for (i = 0; i < NUM_MIO_PINS; i++) { int idx; - snprintf(clk_name, tmp, "mio_clk_%2.2d", i); + snprintf(clk_name, CLK_NAME_LEN, "mio_clk_%2.2d", i); idx = of_property_match_string(np, "clock-names", clk_name); if (idx >= 0) can_mio_mux_parents[i] = of_clk_get_parent_name(np, @@ -452,7 +451,6 @@ static void __init zynq_clk_setup(struct device_node *np) else can_mio_mux_parents[i] = dummy_nm; } - kfree(clk_name); clk = clk_register_mux(NULL, "can_mux", periph_parents, 4, CLK_SET_RATE_NO_REPARENT, SLCR_CAN_CLK_CTRL, 4, 2, 0, &canclk_lock); -- 2.25.1

2 1

[PATCH OLK-6.6] mm: multi-gen LRU: reuse some legacy trace events
by Zhao Mengmeng 10 May '24

10 May '24

From: Jaewon Kim <jaewon31.kim(a)samsung.com> mainline inclusion from mainline-v6.7-rc1 commit 8c2214fc9a470aee0c615aeb14d8c7ce98e45a08 catogory: bugfix bugzilla: https://gitee.com/openeuler/kernel/issues/I9O1OT Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?… -------------------------------- As the legacy lru provides, the mglru needs some trace events for debugging. Let's reuse following legacy events for the mglru. trace_mm_vmscan_lru_isolate trace_mm_vmscan_lru_shrink_inactive Here's an example mm_vmscan_lru_isolate: classzone=2 order=0 nr_requested=4096 nr_scanned=64 nr_skipped=0 nr_taken=64 lru=inactive_file mm_vmscan_lru_shrink_inactive: nid=0 nr_scanned=64 nr_reclaimed=63 nr_dirty=0 nr_writeback=0 nr_congested=0 nr_immediate=0 nr_activate_anon=0 nr_activate_file=1 nr_ref_keep=0 nr_unmap_fail=0 priority=2 flags=RECLAIM_WB_FILE|RECLAIM_WB_ASYNC Link: https://lkml.kernel.org/r/20231003114155.21869-1-jaewon31.kim@samsung.com Signed-off-by: Jaewon Kim <jaewon31.kim(a)samsung.com> Acked-by: Yu Zhao <yuzhao(a)google.com> Cc: Johannes Weiner <hannes(a)cmpxchg.org> Cc: Kalesh Singh <kaleshsingh(a)google.com> Cc: SeongJae Park <sj(a)kernel.org> Cc: Steven Rostedt (Google) <rostedt(a)goodmis.org> Cc: T.J. Mercier <tjmercier(a)google.com> Cc: Vlastimil Babka <vbabka(a)suse.cz> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> Signed-off-by: Zhao Mengmeng <zhaomengmeng(a)kylinos.cn> --- mm/vmscan.c | 18 +++++++++++++----- 1 file changed, 13 insertions(+), 5 deletions(-) diff --git a/mm/vmscan.c b/mm/vmscan.c index 95a845905624..95a3e1e7dbb1 100644 --- a/mm/vmscan.c +++ b/mm/vmscan.c @@ -5030,6 +5030,7 @@ static int scan_folios(struct lruvec *lruvec, struct scan_control *sc, int sorted = 0; int scanned = 0; int isolated = 0; + int skipped = 0; int remaining = MAX_LRU_BATCH; struct lru_gen_folio *lrugen = &lruvec->lrugen; struct mem_cgroup *memcg = lruvec_memcg(lruvec); @@ -5043,7 +5044,7 @@ static int scan_folios(struct lruvec *lruvec, struct scan_control *sc, for (i = MAX_NR_ZONES; i > 0; i--) { LIST_HEAD(moved); - int skipped = 0; + int skipped_zone = 0; int zone = (sc->reclaim_idx + i) % MAX_NR_ZONES; struct list_head *head = &lrugen->folios[gen][type][zone]; @@ -5065,16 +5066,17 @@ static int scan_folios(struct lruvec *lruvec, struct scan_control *sc, isolated += delta; } else { list_move(&folio->lru, &moved); - skipped += delta; + skipped_zone += delta; } - if (!--remaining || max(isolated, skipped) >= MIN_LRU_BATCH) + if (!--remaining || max(isolated, skipped_zone) >= MIN_LRU_BATCH) break; } - if (skipped) { + if (skipped_zone) { list_splice(&moved, head); - __count_zid_vm_events(PGSCAN_SKIP, zone, skipped); + __count_zid_vm_events(PGSCAN_SKIP, zone, skipped_zone); + skipped += skipped_zone; } if (!remaining || isolated >= MIN_LRU_BATCH) @@ -5089,6 +5091,9 @@ static int scan_folios(struct lruvec *lruvec, struct scan_control *sc, __count_memcg_events(memcg, item, isolated); __count_memcg_events(memcg, PGREFILL, sorted); __count_vm_events(PGSCAN_ANON + type, isolated); + trace_mm_vmscan_lru_isolate(sc->reclaim_idx, sc->order, MAX_LRU_BATCH, + scanned, skipped, isolated, + type ? LRU_INACTIVE_FILE : LRU_INACTIVE_ANON); /* * There might not be eligible folios due to reclaim_idx. Check the @@ -5219,6 +5224,9 @@ static int evict_folios(struct lruvec *lruvec, struct scan_control *sc, int swap retry: reclaimed = shrink_folio_list(&list, pgdat, sc, &stat, false); sc->nr_reclaimed += reclaimed; + trace_mm_vmscan_lru_shrink_inactive(pgdat->node_id, + scanned, reclaimed, &stat, sc->priority, + type ? LRU_INACTIVE_FILE : LRU_INACTIVE_ANON); list_for_each_entry_safe_reverse(folio, next, &list, lru) { if (!folio_evictable(folio)) { -- 2.33.0

2 1

[PATCH openEuler-1.0-LTS] drm/radeon: add a force flush to delay work when radeon
by Zhang Zekun 10 May '24

10 May '24

From: Zhenneng Li <lizhenneng(a)kylinos.cn> stable inclusion from stable-v4.19.258 commit c0a45f41fde4a0f2c900f719817493ee5c4a5aa3 category: bugfix bugzilla: https://gitee.com/src-openeuler/kernel/issues/I9LKDS CVE: CVE-2022-48704 Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id… -------------------------------- [ Upstream commit f461950fdc374a3ada5a63c669d997de4600dffe ] Although radeon card fence and wait for gpu to finish processing current batch rings, there is still a corner case that radeon lockup work queue may not be fully flushed, and meanwhile the radeon_suspend_kms() function has called pci_set_power_state() to put device in D3hot state. Per PCI spec rev 4.0 on 5.3.1.4.1 D3hot State. > Configuration and Message requests are the only TLPs accepted by a Function in > the D3hot state. All other received Requests must be handled as Unsupported Requests, > and all received Completions may optionally be handled as Unexpected Completions. This issue will happen in following logs: Unable to handle kernel paging request at virtual address 00008800e0008010 CPU 0 kworker/0:3(131): Oops 0 pc = [<ffffffff811bea5c>] ra = [<ffffffff81240844>] ps = 0000 Tainted: G W pc is at si_gpu_check_soft_reset+0x3c/0x240 ra is at si_dma_is_lockup+0x34/0xd0 v0 = 0000000000000000 t0 = fff08800e0008010 t1 = 0000000000010000 t2 = 0000000000008010 t3 = fff00007e3c00000 t4 = fff00007e3c00258 t5 = 000000000000ffff t6 = 0000000000000001 t7 = fff00007ef078000 s0 = fff00007e3c016e8 s1 = fff00007e3c00000 s2 = fff00007e3c00018 s3 = fff00007e3c00000 s4 = fff00007fff59d80 s5 = 0000000000000000 s6 = fff00007ef07bd98 a0 = fff00007e3c00000 a1 = fff00007e3c016e8 a2 = 0000000000000008 a3 = 0000000000000001 a4 = 8f5c28f5c28f5c29 a5 = ffffffff810f4338 t8 = 0000000000000275 t9 = ffffffff809b66f8 t10 = ff6769c5d964b800 t11= 000000000000b886 pv = ffffffff811bea20 at = 0000000000000000 gp = ffffffff81d89690 sp = 00000000aa814126 Disabling lock debugging due to kernel taint Trace: [<ffffffff81240844>] si_dma_is_lockup+0x34/0xd0 [<ffffffff81119610>] radeon_fence_check_lockup+0xd0/0x290 [<ffffffff80977010>] process_one_work+0x280/0x550 [<ffffffff80977350>] worker_thread+0x70/0x7c0 [<ffffffff80977410>] worker_thread+0x130/0x7c0 [<ffffffff80982040>] kthread+0x200/0x210 [<ffffffff809772e0>] worker_thread+0x0/0x7c0 [<ffffffff80981f8c>] kthread+0x14c/0x210 [<ffffffff80911658>] ret_from_kernel_thread+0x18/0x20 [<ffffffff80981e40>] kthread+0x0/0x210 Code: ad3e0008 43f0074a ad7e0018 ad9e0020 8c3001e8 40230101 <88210000> 4821ed21 So force lockup work queue flush to fix this problem. Acked-by: Christian König <christian.koenig(a)amd.com> Signed-off-by: Zhenneng Li <lizhenneng(a)kylinos.cn> Signed-off-by: Alex Deucher <alexander.deucher(a)amd.com> Signed-off-by: Sasha Levin <sashal(a)kernel.org> Signed-off-by: Zhang Zekun <zhangzekun11(a)huawei.com> --- drivers/gpu/drm/radeon/radeon_device.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/drivers/gpu/drm/radeon/radeon_device.c b/drivers/gpu/drm/radeon/radeon_device.c index 59c8a6647ff2..cc1c07963116 100644 --- a/drivers/gpu/drm/radeon/radeon_device.c +++ b/drivers/gpu/drm/radeon/radeon_device.c @@ -1625,6 +1625,9 @@ int radeon_suspend_kms(struct drm_device *dev, bool suspend, if (r) { /* delay GPU reset to resume */ radeon_fence_driver_force_completion(rdev, i); + } else { + /* finish executing delayed work */ + flush_delayed_work(&rdev->fence_drv[i].lockup_work); } } -- 2.17.1

2 1

[PATCH v2 openEuler-1.0-LTS 0/3] backport patch for thp deferred list for 4.19
by Wupeng Ma 10 May '24

10 May '24

From: Ma Wupeng <mawupeng1(a)huawei.com> backport patch for thp deferred list for 4.19. changelog since v1: - remove data_race since 4.19 does not have it Jianxing Wang (1): mm/mmu_gather: limit free batch count and add schedule point in tlb_batch_pages_flush Kirill A. Shutemov (1): mm, thp: do not queue fully unmapped pages for deferred split Yin Fengwei (1): THP: avoid lock when check whether THP is in deferred list mm/huge_memory.c | 15 +++++++++++---- mm/mmu_gather.c | 16 ++++++++++++++-- mm/rmap.c | 14 ++++++++++---- 3 files changed, 35 insertions(+), 10 deletions(-) -- 2.25.1

2 4

[PATCH openEuler-1.0-LTS] clk: zynq: Prevent null pointer dereference caused by kmalloc failure
by Yu Liao 10 May '24

10 May '24

From: Duoming Zhou <duoming(a)zju.edu.cn> mainline inclusion from mainline-v6.9.rc1 commit 7938e9ce39d6779d2f85d822cc930f73420e54a6 category: bugfix bugzilla: https://gitee.com/src-openeuler/kernel/issues/I9L9NB CVE: CVE-2024-27037 Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?… -------------------------------- The kmalloc() in zynq_clk_setup() will return null if the physical memory has run out. As a result, if we use snprintf() to write data to the null address, the null pointer dereference bug will happen. This patch uses a stack variable to replace the kmalloc(). Fixes: 0ee52b157b8e ("clk: zynq: Add clock controller driver") Suggested-by: Michal Simek <michal.simek(a)amd.com> Suggested-by: Stephen Boyd <sboyd(a)kernel.org> Signed-off-by: Duoming Zhou <duoming(a)zju.edu.cn> Link: https://lore.kernel.org/r/20240301084437.16084-1-duoming@zju.edu.cn Acked-by: Michal Simek <michal.simek(a)amd.com> Signed-off-by: Stephen Boyd <sboyd(a)kernel.org> Conflicts: drivers/clk/zynq/clkc.c [The conflicts were caused by not merged bf2244ba9d85("clk: zynq: clkc: Remove various instances of an unused variable 'clk'")] Signed-off-by: Yu Liao <liaoyu15(a)huawei.com> --- drivers/clk/zynq/clkc.c | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/drivers/clk/zynq/clkc.c b/drivers/clk/zynq/clkc.c index 88a2cab37f62..35c855708741 100644 --- a/drivers/clk/zynq/clkc.c +++ b/drivers/clk/zynq/clkc.c @@ -53,6 +53,7 @@ static void __iomem *zynq_clkc_base; #define SLCR_SWDT_CLK_SEL (zynq_clkc_base + 0x204) #define NUM_MIO_PINS 54 +#define CLK_NAME_LEN 16 #define DBG_CLK_CTRL_CLKACT_TRC BIT(0) #define DBG_CLK_CTRL_CPU_1XCLKACT BIT(1) @@ -229,7 +230,7 @@ static void __init zynq_clk_setup(struct device_node *np) u32 tmp; int ret; struct clk *clk; - char *clk_name; + char clk_name[CLK_NAME_LEN]; unsigned int fclk_enable = 0; const char *clk_output_name[clk_max]; const char *cpu_parents[4]; @@ -439,12 +440,10 @@ static void __init zynq_clk_setup(struct device_node *np) "gem1_emio_mux", CLK_SET_RATE_PARENT, SLCR_GEM1_CLK_CTRL, 0, 0, &gem1clk_lock); - tmp = strlen("mio_clk_00x"); - clk_name = kmalloc(tmp, GFP_KERNEL); for (i = 0; i < NUM_MIO_PINS; i++) { int idx; - snprintf(clk_name, tmp, "mio_clk_%2.2d", i); + snprintf(clk_name, CLK_NAME_LEN, "mio_clk_%2.2d", i); idx = of_property_match_string(np, "clock-names", clk_name); if (idx >= 0) can_mio_mux_parents[i] = of_clk_get_parent_name(np, @@ -452,7 +451,6 @@ static void __init zynq_clk_setup(struct device_node *np) else can_mio_mux_parents[i] = dummy_nm; } - kfree(clk_name); clk = clk_register_mux(NULL, "can_mux", periph_parents, 4, CLK_SET_RATE_NO_REPARENT, SLCR_CAN_CLK_CTRL, 4, 2, 0, &canclk_lock); -- 2.25.1

2 1