January 2025 - Kernel - mailweb.openeuler.org

[PATCH OLK-6.6] x86/fpu: Ensure shadow stack is active before "getting" registers
by Xiongfeng Wang 24 Jan '25

24 Jan '25

From: Rick Edgecombe <rick.p.edgecombe(a)intel.com> stable inclusion from stable-v6.6.72 commit 0a3a872214188e4268d31581ed0cd44508e038cf category: bugfix bugzilla: https://gitee.com/src-openeuler/kernel/issues/IBIQSM CVE: CVE-2025-21632 Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id… -------------------------------- commit a9d9c33132d49329ada647e4514d210d15e31d81 upstream. The x86 shadow stack support has its own set of registers. Those registers are XSAVE-managed, but they are "supervisor state components" which means that userspace can not touch them with XSAVE/XRSTOR. It also means that they are not accessible from the existing ptrace ABI for XSAVE state. Thus, there is a new ptrace get/set interface for it. The regset code that ptrace uses provides an ->active() handler in addition to the get/set ones. For shadow stack this ->active() handler verifies that shadow stack is enabled via the ARCH_SHSTK_SHSTK bit in the thread struct. The ->active() handler is checked from some call sites of the regset get/set handlers, but not the ptrace ones. This was not understood when shadow stack support was put in place. As a result, both the set/get handlers can be called with XFEATURE_CET_USER in its init state, which would cause get_xsave_addr() to return NULL and trigger a WARN_ON(). The ssp_set() handler luckily has an ssp_active() check to avoid surprising the kernel with shadow stack behavior when the kernel is not ready for it (ARCH_SHSTK_SHSTK==0). That check just happened to avoid the warning. But the ->get() side wasn't so lucky. It can be called with shadow stacks disabled, triggering the warning in practice, as reported by Christina Schimpe: WARNING: CPU: 5 PID: 1773 at arch/x86/kernel/fpu/regset.c:198 ssp_get+0x89/0xa0 [...] Call Trace: <TASK> ? show_regs+0x6e/0x80 ? ssp_get+0x89/0xa0 ? __warn+0x91/0x150 ? ssp_get+0x89/0xa0 ? report_bug+0x19d/0x1b0 ? handle_bug+0x46/0x80 ? exc_invalid_op+0x1d/0x80 ? asm_exc_invalid_op+0x1f/0x30 ? __pfx_ssp_get+0x10/0x10 ? ssp_get+0x89/0xa0 ? ssp_get+0x52/0xa0 __regset_get+0xad/0xf0 copy_regset_to_user+0x52/0xc0 ptrace_regset+0x119/0x140 ptrace_request+0x13c/0x850 ? wait_task_inactive+0x142/0x1d0 ? do_syscall_64+0x6d/0x90 arch_ptrace+0x102/0x300 [...] Ensure that shadow stacks are active in a thread before looking them up in the XSAVE buffer. Since ARCH_SHSTK_SHSTK and user_ssp[SHSTK_EN] are set at the same time, the active check ensures that there will be something to find in the XSAVE buffer. [ dhansen: changelog/subject tweaks ] Fixes: 2fab02b25ae7 ("x86: Add PTRACE interface for shadow stack") Reported-by: Christina Schimpe <christina.schimpe(a)intel.com> Signed-off-by: Rick Edgecombe <rick.p.edgecombe(a)intel.com> Signed-off-by: Dave Hansen <dave.hansen(a)linux.intel.com> Tested-by: Christina Schimpe <christina.schimpe(a)intel.com> Cc:stable@vger.kernel.org Link: https://lore.kernel.org/all/20250107233056.235536-1-rick.p.edgecombe%40inte… Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Signed-off-by: Xiongfeng Wang <wangxiongfeng2(a)huawei.com> --- arch/x86/kernel/fpu/regset.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/arch/x86/kernel/fpu/regset.c b/arch/x86/kernel/fpu/regset.c index 6bc1eb2a21bd..887b0b8e21e3 100644 --- a/arch/x86/kernel/fpu/regset.c +++ b/arch/x86/kernel/fpu/regset.c @@ -190,7 +190,8 @@ int ssp_get(struct task_struct *target, const struct user_regset *regset, struct fpu *fpu = &target->thread.fpu; struct cet_user_state *cetregs; - if (!cpu_feature_enabled(X86_FEATURE_USER_SHSTK)) + if (!cpu_feature_enabled(X86_FEATURE_USER_SHSTK) || + !ssp_active(target, regset)) return -ENODEV; sync_fpstate(fpu); -- 2.20.1

2 1

[openeuler:OLK-6.6 1841/1841] include/trace/stages/init.h:2:23: warning: 'str__bonding__trace_system_name' defined but not used
by kernel test robot 24 Jan '25

24 Jan '25

Hi Wei, FYI, the error/warning still remains. tree: https://gitee.com/openeuler/kernel.git OLK-6.6 head: 1b973c5f4ead8093d8018eb8c3aad83f34724173 commit: 69ddcb21328bd29cfd2f64710bdac158f4c90bf6 [1841/1841] drivers: hooks: add bonding driver vendor hooks config: loongarch-allyesconfig (https://download.01.org/0day-ci/archive/20250124/202501241646.6wTHZP2L-lkp@…) compiler: loongarch64-linux-gcc (GCC) 14.2.0 reproduce (this is a W=1 build): (https://download.01.org/0day-ci/archive/20250124/202501241646.6wTHZP2L-lkp@…) If you fix the issue in a separate patch/commit (i.e. not just a new version of the same patch/commit), kindly add following tags | Reported-by: kernel test robot <lkp(a)intel.com> | Closes: https://lore.kernel.org/oe-kbuild-all/202501241646.6wTHZP2L-lkp@intel.com/ All warnings (new ones prefixed by >>): In file included from include/trace/trace_events.h:27, from include/trace/define_trace.h:102, from include/trace/hooks/bonding.h:27, from drivers/hooks/vendor_hooks.c:11: >> include/trace/stages/init.h:2:23: warning: 'str__bonding__trace_system_name' defined but not used [-Wunused-const-variable=] 2 | #define __app__(x, y) str__##x##y | ^~~~~ include/trace/stages/init.h:3:21: note: in expansion of macro '__app__' 3 | #define __app(x, y) __app__(x, y) | ^~~~~~~ include/trace/stages/init.h:5:29: note: in expansion of macro '__app' 5 | #define TRACE_SYSTEM_STRING __app(TRACE_SYSTEM_VAR,__trace_system_name) | ^~~~~ include/trace/stages/init.h:8:27: note: in expansion of macro 'TRACE_SYSTEM_STRING' 8 | static const char TRACE_SYSTEM_STRING[] = \ | ^~~~~~~~~~~~~~~~~~~ include/trace/stages/init.h:11:1: note: in expansion of macro 'TRACE_MAKE_SYSTEM_STR' 11 | TRACE_MAKE_SYSTEM_STR(); | ^~~~~~~~~~~~~~~~~~~~~ vim +/str__bonding__trace_system_name +2 include/trace/stages/init.h af6b9668e85ffd Steven Rostedt (Google 2022-03-03 @2) #define __app__(x, y) str__##x##y af6b9668e85ffd Steven Rostedt (Google 2022-03-03 3) #define __app(x, y) __app__(x, y) af6b9668e85ffd Steven Rostedt (Google 2022-03-03 4) :::::: The code at line 2 was first introduced by commit :::::: af6b9668e85ffd1502aada8036ccbf4dbd481708 tracing: Move the defines to create TRACE_EVENTS into their own files :::::: TO: Steven Rostedt (Google) <rostedt(a)goodmis.org> :::::: CC: Steven Rostedt (Google) <rostedt(a)goodmis.org> -- 0-DAY CI Kernel Test Service https://github.com/intel/lkp-tests/wiki

1 0

[PATCH OLK-6.6] BMA: Fix Oops and spin lock deadlock problem, and change the version number.
by Peng Zhang 24 Jan '25

24 Jan '25

From: Wujiahai <wujiahai(a)huawei.com> driver inclusion category: bugfix bugzilla: https://gitee.com/openeuler/kernel/issues/IBD74A CVE: NA ----------------------------------------- 1. Prevents iBMA driver from causing Oops problems. 2. The spin lock deadlock bug of the ibma iBMA is fixed. 3. Change the iBMA driver version. Fixes: f0db1bf58525 ("Huawei BMA: Adding Huawei BMA driver: host_edma_drv") Signed-off-by: Wujiahai <wujiahai(a)huawei.com> --- drivers/net/ethernet/huawei/bma/cdev_drv/bma_cdev.c | 2 +- drivers/net/ethernet/huawei/bma/edma_drv/bma_devintf.c | 9 ++++++++- drivers/net/ethernet/huawei/bma/edma_drv/bma_pci.h | 2 +- drivers/net/ethernet/huawei/bma/edma_drv/edma_host.c | 9 --------- drivers/net/ethernet/huawei/bma/kbox_drv/kbox_include.h | 2 +- drivers/net/ethernet/huawei/bma/veth_drv/veth_hb.h | 2 +- 6 files changed, 12 insertions(+), 14 deletions(-) diff --git a/drivers/net/ethernet/huawei/bma/cdev_drv/bma_cdev.c b/drivers/net/ethernet/huawei/bma/cdev_drv/bma_cdev.c index 4be8a4fc6cec..275c2cdfe5db 100644 --- a/drivers/net/ethernet/huawei/bma/cdev_drv/bma_cdev.c +++ b/drivers/net/ethernet/huawei/bma/cdev_drv/bma_cdev.c @@ -28,7 +28,7 @@ #ifdef DRV_VERSION #define CDEV_VERSION MICRO_TO_STR(DRV_VERSION) #else -#define CDEV_VERSION "0.3.8" +#define CDEV_VERSION "0.3.10" #endif #define CDEV_DEFAULT_NUM 4 diff --git a/drivers/net/ethernet/huawei/bma/edma_drv/bma_devintf.c b/drivers/net/ethernet/huawei/bma/edma_drv/bma_devintf.c index c3d836e44b00..3b5eb39d6da6 100644 --- a/drivers/net/ethernet/huawei/bma/edma_drv/bma_devintf.c +++ b/drivers/net/ethernet/huawei/bma/edma_drv/bma_devintf.c @@ -135,6 +135,7 @@ static void bma_priv_clean_up(struct bma_priv_data_s *bma_priv) int i = 0; struct bma_priv_data_s *priv = bma_priv; struct edma_recv_msg_s *msg = NULL; + unsigned long flags = 0; if (!priv) return; @@ -144,6 +145,7 @@ static void bma_priv_clean_up(struct bma_priv_data_s *bma_priv) return; } + spin_lock_irqsave(&priv->recv_msg_lock, flags); for (i = 0; i < priv->user.max_recvmsg_nums; i++) { ret = edma_host_recv_msg(&g_bma_dev->edma_host, priv, &msg); if (ret) @@ -151,6 +153,7 @@ static void bma_priv_clean_up(struct bma_priv_data_s *bma_priv) kfree(msg); } + spin_unlock_irqrestore(&priv->recv_msg_lock, flags); priv->user.type = TYPE_UNKNOWN; priv->user.sub_type = 0; @@ -419,7 +422,8 @@ EXPORT_SYMBOL(bma_intf_int_to_bmc); int bma_intf_is_link_ok(void) { - if (g_bma_dev->edma_host.statistics.remote_status == REGISTERED) + if (g_bma_dev && + g_bma_dev->edma_host.statistics.remote_status == REGISTERED) return 1; return 0; } @@ -431,6 +435,7 @@ int bma_cdev_recv_msg(void *handle, char __user *data, size_t count) struct edma_recv_msg_s *msg = NULL; int result = 0; int len = 0; + unsigned long flags = 0; if (!handle || !data || count == 0) { BMA_LOG(DLOG_DEBUG, "input NULL point!\n"); @@ -439,7 +444,9 @@ int bma_cdev_recv_msg(void *handle, char __user *data, size_t count) priv = (struct bma_priv_data_s *)handle; + spin_lock_irqsave(&priv->recv_msg_lock, flags); result = edma_host_recv_msg(&g_bma_dev->edma_host, priv, &msg); + spin_unlock_irqrestore(&priv->recv_msg_lock, flags); if (result != 0) return -ENODATA; diff --git a/drivers/net/ethernet/huawei/bma/edma_drv/bma_pci.h b/drivers/net/ethernet/huawei/bma/edma_drv/bma_pci.h index 5b33ae965529..a66724e2cb74 100644 --- a/drivers/net/ethernet/huawei/bma/edma_drv/bma_pci.h +++ b/drivers/net/ethernet/huawei/bma/edma_drv/bma_pci.h @@ -71,7 +71,7 @@ struct bma_pci_dev_s { #ifdef DRV_VERSION #define BMA_VERSION MICRO_TO_STR(DRV_VERSION) #else -#define BMA_VERSION "0.3.8" +#define BMA_VERSION "0.3.10" #endif #ifdef CONFIG_ARM64 diff --git a/drivers/net/ethernet/huawei/bma/edma_drv/edma_host.c b/drivers/net/ethernet/huawei/bma/edma_drv/edma_host.c index e1d5691797f1..be2f732ed9ed 100644 --- a/drivers/net/ethernet/huawei/bma/edma_drv/edma_host.c +++ b/drivers/net/ethernet/huawei/bma/edma_drv/edma_host.c @@ -1069,21 +1069,14 @@ int edma_host_recv_msg(struct edma_host_s *edma_host, struct bma_priv_data_s *priv, struct edma_recv_msg_s **msg) { - unsigned long flags = 0; struct list_head *entry = NULL; struct edma_recv_msg_s *msg_tmp = NULL; - struct bma_dev_s *bma_dev = NULL; if (!edma_host || !priv || !msg) return -EAGAIN; - bma_dev = list_entry(edma_host, struct bma_dev_s, edma_host); - - spin_lock_irqsave(&bma_dev->priv_list_lock, flags); - if (list_empty(&priv->recv_msgs)) { priv->user.cur_recvmsg_nums = 0; - spin_unlock_irqrestore(&bma_dev->priv_list_lock, flags); BMA_LOG(DLOG_DEBUG, "recv msgs empty\n"); return -EAGAIN; } @@ -1095,8 +1088,6 @@ int edma_host_recv_msg(struct edma_host_s *edma_host, if (priv->user.cur_recvmsg_nums > 0) priv->user.cur_recvmsg_nums--; - spin_unlock_irqrestore(&bma_dev->priv_list_lock, flags); - *msg = msg_tmp; BMA_LOG(DLOG_DEBUG, "msg->msg_len = %d\n", (int)msg_tmp->msg_len); diff --git a/drivers/net/ethernet/huawei/bma/kbox_drv/kbox_include.h b/drivers/net/ethernet/huawei/bma/kbox_drv/kbox_include.h index 8371903e2c33..0d82ee6f7c83 100644 --- a/drivers/net/ethernet/huawei/bma/kbox_drv/kbox_include.h +++ b/drivers/net/ethernet/huawei/bma/kbox_drv/kbox_include.h @@ -23,7 +23,7 @@ #ifdef DRV_VERSION #define KBOX_VERSION MICRO_TO_STR(DRV_VERSION) #else -#define KBOX_VERSION "0.3.8" +#define KBOX_VERSION "0.3.10" #endif #define UNUSED(x) (x = x) diff --git a/drivers/net/ethernet/huawei/bma/veth_drv/veth_hb.h b/drivers/net/ethernet/huawei/bma/veth_drv/veth_hb.h index f03e6eccde6c..242d3ec128d3 100644 --- a/drivers/net/ethernet/huawei/bma/veth_drv/veth_hb.h +++ b/drivers/net/ethernet/huawei/bma/veth_drv/veth_hb.h @@ -31,7 +31,7 @@ extern "C" { #ifdef DRV_VERSION #define VETH_VERSION MICRO_TO_STR(DRV_VERSION) #else -#define VETH_VERSION "0.3.8" +#define VETH_VERSION "0.3.10" #endif #define MODULE_NAME "veth" -- 2.25.1

2 1

[PATCH v2 OLK-6.6 0/2] fix CVE-2024-54193
by Xiangwei Li 24 Jan '25

24 Jan '25

Jacek Lawrynowicz (1): accel/ivpu: Fix WARN in ivpu_ipc_send_receive_internal() Krystian Pradzynski (1): accel/ivpu: Move set autosuspend delay to HW specific code drivers/accel/ivpu/ivpu_drv.h | 1 + drivers/accel/ivpu/ivpu_hw_37xx.c | 2 ++ drivers/accel/ivpu/ivpu_hw_40xx.c | 3 +++ drivers/accel/ivpu/ivpu_pm.c | 16 +++++++++------- 4 files changed, 15 insertions(+), 7 deletions(-) -- 2.25.1

2 4

[PATCH OLK-6.6] selinux: ignore unknown extended permissions
by GONG Ruiqi 24 Jan '25

24 Jan '25

From: Thiébaud Weksteen <tweek(a)google.com> stable inclusion from stable-v6.6.70 commit c1dbd28a079553de0023e1c938c713efeeee400f category: bugfix bugzilla: https://gitee.com/src-openeuler/kernel/issues/IBJ6OD CVE: CVE-2024-57931 Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id… -------------------------------- commit 900f83cf376bdaf798b6f5dcb2eae0c822e908b6 upstream. When evaluating extended permissions, ignore unknown permissions instead of calling BUG(). This commit ensures that future permissions can be added without interfering with older kernels. Cc: stable(a)vger.kernel.org Fixes: fa1aa143ac4a ("selinux: extended permissions for ioctls") Signed-off-by: Thiébaud Weksteen <tweek(a)google.com> Signed-off-by: Paul Moore <paul(a)paul-moore.com> Acked-by: Paul Moore <paul(a)paul-moore.com> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Signed-off-by: GONG Ruiqi <gongruiqi1(a)huawei.com> --- security/selinux/ss/services.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c index 379ac7b5c709..f5eead8af2e2 100644 --- a/security/selinux/ss/services.c +++ b/security/selinux/ss/services.c @@ -956,7 +956,10 @@ void services_compute_xperms_decision(struct extended_perms_decision *xpermd, xpermd->driver)) return; } else { - BUG(); + pr_warn_once( + "SELinux: unknown extended permission (%u) will be ignored\n", + node->datum.u.xperms->specified); + return; } if (node->key.specified == AVTAB_XPERMS_ALLOWED) { @@ -993,7 +996,8 @@ void services_compute_xperms_decision(struct extended_perms_decision *xpermd, node->datum.u.xperms->perms.p[i]; } } else { - BUG(); + pr_warn_once("SELinux: unknown specified key (%u)\n", + node->key.specified); } } -- 2.25.1

2 1

[PATCH OLK-6.6 0/2] fix CVE-2024-54193
by Xiangwei Li 24 Jan '25

24 Jan '25

Jacek Lawrynowicz (1): accel/ivpu: Fix WARN in ivpu_ipc_send_receive_internal() Krystian Pradzynski (1): accel/ivpu: Move set autosuspend delay to HW specific code drivers/accel/ivpu/ivpu_drv.h | 1 + drivers/accel/ivpu/ivpu_hw_37xx.c | 2 ++ drivers/accel/ivpu/ivpu_hw_40xx.c | 3 +++ drivers/accel/ivpu/ivpu_pm.c | 16 +++++++++------- 4 files changed, 15 insertions(+), 7 deletions(-) -- 2.25.1

2 3

[openeuler:openEuler-1.0-LTS 1414/1414] kismet: WARNING: unmet direct dependencies detected for UACCE when selected by CRYPTO_DEV_HISI_QM
by kernel test robot 24 Jan '25

24 Jan '25

tree: https://gitee.com/openeuler/kernel.git openEuler-1.0-LTS head: da51139d17e9d53d61a9877d9042e43b85d71ee1 commit: c89f49b5f6b23b319f338f7e9e7e9b077ec8f5ff [1414/1414] crypto: hisilicon delete invlaid api and config config: arm64-kismet-CONFIG_UACCE-CONFIG_CRYPTO_DEV_HISI_QM-0-0 (https://download.01.org/0day-ci/archive/20250124/202501241258.8qIBGGVy-lkp@…) reproduce: (https://download.01.org/0day-ci/archive/20250124/202501241258.8qIBGGVy-lkp@…) If you fix the issue in a separate patch/commit (i.e. not just a new version of the same patch/commit), kindly add following tags | Reported-by: kernel test robot <lkp(a)intel.com> | Closes: https://lore.kernel.org/oe-kbuild-all/202501241258.8qIBGGVy-lkp@intel.com/ kismet warnings: (new ones prefixed by >>) >> kismet: WARNING: unmet direct dependencies detected for UACCE when selected by CRYPTO_DEV_HISI_QM WARNING: unmet direct dependencies detected for UACCE Depends on [n]: IOMMU_API [=n] Selected by [y]: - CRYPTO_DEV_HISI_QM [=y] && CRYPTO [=y] && CRYPTO_HW [=y] && ARM64 [=y] && PCI [=y] -- 0-DAY CI Kernel Test Service https://github.com/intel/lkp-tests/wiki

1 0

[openeuler:OLK-5.10 2717/2717] include/trace/trace_events.h:27:23: warning: 'str__fs__trace_system_name' defined but not used
by kernel test robot 24 Jan '25

24 Jan '25

tree: https://gitee.com/openeuler/kernel.git OLK-5.10 head: 683824f7f33a10565e9afcc9358ed8004d851077 commit: fb8a60ca5cddddd060fa14bc7348fea7ac035d8d [2717/2717] vfs: add bare tracepoints for vfs read and release config: x86_64-randconfig-121-20250124 (https://download.01.org/0day-ci/archive/20250124/202501241230.GPAoTpQP-lkp@…) compiler: gcc-12 (Debian 12.2.0-14) 12.2.0 reproduce (this is a W=1 build): (https://download.01.org/0day-ci/archive/20250124/202501241230.GPAoTpQP-lkp@…) If you fix the issue in a separate patch/commit (i.e. not just a new version of the same patch/commit), kindly add following tags | Reported-by: kernel test robot <lkp(a)intel.com> | Closes: https://lore.kernel.org/oe-kbuild-all/202501241230.GPAoTpQP-lkp@intel.com/ All warnings (new ones prefixed by >>): In file included from include/trace/define_trace.h:102, from include/trace/events/fs.h:33, from fs/read_write.c:28: >> include/trace/trace_events.h:27:23: warning: 'str__fs__trace_system_name' defined but not used [-Wunused-const-variable=] 27 | #define __app__(x, y) str__##x##y | ^~~~~ include/trace/trace_events.h:28:21: note: in expansion of macro '__app__' 28 | #define __app(x, y) __app__(x, y) | ^~~~~~~ include/trace/trace_events.h:30:29: note: in expansion of macro '__app' 30 | #define TRACE_SYSTEM_STRING __app(TRACE_SYSTEM_VAR,__trace_system_name) | ^~~~~ include/trace/trace_events.h:33:27: note: in expansion of macro 'TRACE_SYSTEM_STRING' 33 | static const char TRACE_SYSTEM_STRING[] = \ | ^~~~~~~~~~~~~~~~~~~ include/trace/trace_events.h:36:1: note: in expansion of macro 'TRACE_MAKE_SYSTEM_STR' 36 | TRACE_MAKE_SYSTEM_STR(); | ^~~~~~~~~~~~~~~~~~~~~ vim +/str__fs__trace_system_name +27 include/trace/trace_events.h acd388fd3af350 include/trace/ftrace.h Steven Rostedt (Red Hat 2015-03-31 26) acd388fd3af350 include/trace/ftrace.h Steven Rostedt (Red Hat 2015-03-31 @27) #define __app__(x, y) str__##x##y acd388fd3af350 include/trace/ftrace.h Steven Rostedt (Red Hat 2015-03-31 28) #define __app(x, y) __app__(x, y) acd388fd3af350 include/trace/ftrace.h Steven Rostedt (Red Hat 2015-03-31 29) :::::: The code at line 27 was first introduced by commit :::::: acd388fd3af350ab24c6ab6f19b83fc4a4f3aa60 tracing: Give system name a pointer :::::: TO: Steven Rostedt (Red Hat) <rostedt(a)goodmis.org> :::::: CC: Steven Rostedt <rostedt(a)goodmis.org> -- 0-DAY CI Kernel Test Service https://github.com/intel/lkp-tests/wiki

1 0

[PATCH OLK-6.6] drm/amd/display: Add check for granularity in dml ceil/floor helpers
by Tong Tiangen 24 Jan '25

24 Jan '25

From: Roman Li <Roman.Li(a)amd.com> mainline inclusion from mainline-v6.13-rc7 commit 0881fbc4fd62e00a2b8e102725f76d10351b2ea8 category: bugfix bugzilla: https://gitee.com/src-openeuler/kernel/issues/IBIQVO CVE: CVE-2024-57922 Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?… -------------------------------- [Why] Wrapper functions for dcn_bw_ceil2() and dcn_bw_floor2() should check for granularity is non zero to avoid assert and divide-by-zero error in dcn_bw_ functions. [How] Add check for granularity 0. Cc: Mario Limonciello <mario.limonciello(a)amd.com> Reviewed-by: Alvin Lee <alvin.lee2(a)amd.com> Signed-off-by: Roman Li <Roman.Li(a)amd.com> Tested-by: Daniel Wheeler <daniel.wheeler(a)amd.com> Signed-off-by: Alex Deucher <alexander.deucher(a)amd.com> (cherry picked from commit f6e09701c3eb2ccb8cb0518e0b67f1c69742a4ec) Cc: stable(a)vger.kernel.org Signed-off-by: Tong Tiangen <tongtiangen(a)huawei.com> --- drivers/gpu/drm/amd/display/dc/dml/dml_inline_defs.h | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/drivers/gpu/drm/amd/display/dc/dml/dml_inline_defs.h b/drivers/gpu/drm/amd/display/dc/dml/dml_inline_defs.h index 072bd0539605..6b2ab4ec2b5f 100644 --- a/drivers/gpu/drm/amd/display/dc/dml/dml_inline_defs.h +++ b/drivers/gpu/drm/amd/display/dc/dml/dml_inline_defs.h @@ -66,11 +66,15 @@ static inline double dml_max5(double a, double b, double c, double d, double e) static inline double dml_ceil(double a, double granularity) { + if (granularity == 0) + return 0; return (double) dcn_bw_ceil2(a, granularity); } static inline double dml_floor(double a, double granularity) { + if (granularity == 0) + return 0; return (double) dcn_bw_floor2(a, granularity); } @@ -114,11 +118,15 @@ static inline double dml_ceil_2(double f) static inline double dml_ceil_ex(double x, double granularity) { + if (granularity == 0) + return 0; return (double) dcn_bw_ceil2(x, granularity); } static inline double dml_floor_ex(double x, double granularity) { + if (granularity == 0) + return 0; return (double) dcn_bw_floor2(x, granularity); } -- 2.25.1

2 1

[openeuler:OLK-6.6 1841/1841] kismet: WARNING: unmet direct dependencies detected for RESCTRL_FS when selected by ARM64_MPAM
by kernel test robot 24 Jan '25

24 Jan '25

tree: https://gitee.com/openeuler/kernel.git OLK-6.6 head: 0d8e54dc50aa0f24251fa184377667c7678ae510 commit: c5a4bf91167c714de74c47f5cd6d888c66e9860d [1841/1841] arm64: mpam: Select ARCH_HAS_CPU_RESCTRL config: arm64-kismet-CONFIG_RESCTRL_FS-CONFIG_ARM64_MPAM-0-0 (https://download.01.org/0day-ci/archive/20250124/202501241145.0VszUKpr-lkp@…) reproduce: (https://download.01.org/0day-ci/archive/20250124/202501241145.0VszUKpr-lkp@…) If you fix the issue in a separate patch/commit (i.e. not just a new version of the same patch/commit), kindly add following tags | Reported-by: kernel test robot <lkp(a)intel.com> | Closes: https://lore.kernel.org/oe-kbuild-all/202501241145.0VszUKpr-lkp@intel.com/ kismet warnings: (new ones prefixed by >>) >> kismet: WARNING: unmet direct dependencies detected for RESCTRL_FS when selected by ARM64_MPAM WARNING: unmet direct dependencies detected for RESCTRL_FS Depends on [n]: MISC_FILESYSTEMS [=n] && ARCH_HAS_CPU_RESCTRL [=y] Selected by [y]: - ARM64_MPAM [=y] -- 0-DAY CI Kernel Test Service https://github.com/intel/lkp-tests/wiki

1 0