- Kernel - mailweb.openeuler.org

[PATCH] net: hns3: fix ping failed after S3 since removing HNAE3_RESTORE_CLIENT
by Yonglong Liu 09 Sep '20

09 Sep '20

commit: 412c29318f9b ("net: hns3: refactor the MAC address configure") removed the operation of HNAE3_RESTORE_CLIENT, so after S3 or S4, the MAC address is missing, then cause ping failed. According to the commit, need to assign a reset type to restore the MAC address. Signed-off-by: Yonglong Liu <liuyonglong(a)huawei.com> --- drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_main.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_main.c b/drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_main.c index 823f161..ac1789e 100644 --- a/drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_main.c +++ b/drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_main.c @@ -3850,6 +3850,11 @@ static int hclge_resume(struct hnae3_ae_dev *ae_dev) rtnl_lock(); + memset(hdev->vlan_table, 0, sizeof(hdev->vlan_table)); + memset(hdev->vf_vlan_full, 0, sizeof(hdev->vf_vlan_full)); + bitmap_set(hdev->vport_config_block, 0, hdev->num_alloc_vport); + hclge_reset_umv_space(hdev); + ret = hclge_reset_ae_dev(hdev->ae_dev); if (ret) goto err_reset_lock; -- 2.8.1

1 0

[PATCH] net: hns3: fix ping failed after S3 since removing HNAE3_RESTORE_CLIENT
by Yonglong Liu 08 Sep '20

08 Sep '20

commit: 412c29318f9b ("net: hns3: refactor the MAC address configure") removed the operation of HNAE3_RESTORE_CLIENT, so after S3 or S4, the MAC address is missing, then cause ping failed. According to the commit, need to assign a reset type to restore the MAC address. Signed-off-by: Yonglong Liu <liuyonglong(a)huawei.com> --- drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_main.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_main.c b/drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_main.c index 823f161..25aee93 100644 --- a/drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_main.c +++ b/drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_main.c @@ -3850,6 +3850,8 @@ static int hclge_resume(struct hnae3_ae_dev *ae_dev) rtnl_lock(); + hdev->reset_type = HNAE3_GLOBAL_RESET; + ret = hclge_reset_ae_dev(hdev->ae_dev); if (ret) goto err_reset_lock; -- 2.8.1

1 1

[PATCH 00/72] backport stable-4.19.142
by Yang Yingliang 08 Sep '20

08 Sep '20

Al Viro (1): do_epoll_ctl(): clean the failure exits up a bit Alex Williamson (1): vfio/type1: Add proper error unwind for vfio_iommu_replay() Bodo Stroesser (1): scsi: target: tcmu: Fix crash in tcmu_flush_dcache_range on ARM Charan Teja Reddy (1): mm, page_alloc: fix core hung in free_pcppages_bulk() Chris Wilson (1): drm/vgem: Replace opencoded version of drm_gem_dumb_map_offset() Chuck Lever (1): svcrdma: Fix another Receive buffer leak Chuhong Yuan (1): media: budget-core: Improve exception handling in budget_register() Cong Wang (1): bonding: fix a potential double-unregister Darrick J. Wong (1): xfs: fix inode quota reservation checks David Howells (1): afs: Fix NULL deref in afs_dynroot_depopulate() Dinghao Liu (1): ASoC: intel: Fix memleak in sst_media_open Doug Berger (1): mm: include CMA pages in lowmem_reserve at boot Eiichi Tsukata (1): xfs: Fix UBSAN null-ptr-deref in xfs_sysfs_init Eric Sandeen (1): ext4: fix potential negative array index in do_split() Evgeny Novikov (1): media: vpss: clean up resources in init Fugang Duan (1): net: fec: correct the error path for regulator disable in probe Gaurav Singh (1): tools/testing/selftests/cgroup/cgroup_util.c: cg_read_strcmp: fix null pointer dereference Greg Kroah-Hartman (1): Linux 4.19.142 Greg Ungerer (1): m68knommu: fix overwriting of bits in ColdFire V3 cache control Grzegorz Szczurek (1): i40e: Fix crash during removing i40e driver Haiyang Zhang (1): hv_netvsc: Fix the queue_mapping in netvsc_vf_xmit() Heiko Carstens (2): s390/runtime_instrumentation: fix storage key handling s390/ptrace: fix storage key handling Helge Deller (1): fs/signalfd.c: fix inconsistent return codes for signalfd4 Huacai Chen (1): rtc: goldfish: Enable interrupt in set_alarm() when necessary Hugh Dickins (2): khugepaged: khugepaged_test_exit() check mmget_still_valid() khugepaged: adjust VM_BUG_ON_MM() in __khugepaged_enter() Jan Kara (1): ext4: fix checking of directory entry validity for inline directories Jann Horn (1): romfs: fix uninitialized memory leak in romfs_dev_read() Jarod Wilson (1): bonding: show saner speed for broadcast mode Javed Hasan (1): scsi: libfc: Free skb in fc_disc_gpn_id_resp() for valid cases Jim Mattson (2): kvm: x86: Toggling CR4.SMAP does not load PDPTEs in PAE mode kvm: x86: Toggling CR4.PKE does not load PDPTEs in PAE mode Jiri Wiesner (1): bonding: fix active-backup failover for current ARP slave Josef Bacik (2): btrfs: don't show full path of bind mounts in subvol= btrfs: sysfs: use NOFS for device creation Juergen Gross (2): efi: avoid error message when booting under Xen xen: don't reschedule in preemption off sections Krunoslav Kovac (1): drm/amd/display: fix pow() crashing when given base 0 Li Heng (1): efi: add missed destroy_workqueue when efisubsys_init fails Liang Chen (1): kthread: Do not preempt current task if it is going to call schedule() Luc Van Oostenryck (1): alpha: fix annotation of io{read,write}{16,32}be() Lukas Wunner (1): spi: Prevent adding devices below an unregistering controller Mao Wenan (1): virtio_ring: Avoid loop when vq is broken in virtqueue_poll Marc Zyngier (1): epoll: Keep a reference on files added to the check list Marcos Paulo de Souza (1): btrfs: export helpers for subvolume name/id resolution Masahiro Yamada (2): kconfig: qconf: do not limit the pop-up menu to the first row kconfig: qconf: fix signal connection to invalid slots Masami Hiramatsu (1): perf probe: Fix memory leakage when the probe point is not found Nikolay Borisov (1): btrfs: Move free_pages_out label in inline extent handling branch in compress_file_range Peter Xu (1): mm/hugetlb: fix calculation of adjust_range_if_pmd_sharing_possible Przemyslaw Patynowski (1): i40e: Set RX_ONLY mode for unicast promiscuous on VLAN Qu Wenruo (1): btrfs: inode: fix NULL pointer dereference if inode doesn't need compression Randy Dunlap (1): Fix build error when CONFIG_ACPI is not set/enabled: Selvin Xavier (1): RDMA/bnxt_re: Do not add user qps to flushlist Shay Agroskin (1): net: ena: Prevent reset after device destruction Srinivas Kandagatla (2): ASoC: q6routing: add dummy register read/write function ASoC: msm8916-wcd-analog: fix register Interrupt offset Srinivas Pandruvada (1): cpufreq: intel_pstate: Fix cpuinfo_max_freq when MSR_TURBO_RATIO_LIMIT is 0 Stanley Chu (1): scsi: ufs: Add DELAY_BEFORE_LPM quirk for Micron devices Steffen Maier (1): scsi: zfcp: Fix use-after-free in request timeout handlers Stephen Boyd (1): clk: Evict unregistered clks from parent caches Tom Rix (1): net: dsa: b53: check for timeout Vasant Hegde (1): powerpc/pseries: Do not initiate shutdown when system is running on UPS Wang Hai (1): net: gemini: Fix missing free_netdev() in error path of gemini_ethernet_port_probe() Wei Yongjun (1): kernel/relay.c: fix memleak on destroy relay channel Will Deacon (2): KVM: Pass MMU notifier range flags to kvm_unmap_hva_range() KVM: arm64: Only reschedule if MMU_NOTIFIER_RANGE_BLOCKABLE is not set Xiongfeng Wang (1): Input: psmouse - add a newline when printing 'proto' by sysfs Xiubo Li (1): ceph: fix use-after-free for fsc->mdsc Zhe Li (1): jffs2: fix UAF problem zhangyi (F) (1): jbd2: add the missing unlock_buffer() in the error path of jbd2_write_superblock() Makefile | 2 +- arch/alpha/include/asm/io.h | 8 +-- arch/arm/include/asm/kvm_host.h | 2 +- arch/arm64/include/asm/kvm_host.h | 2 +- arch/m68k/include/asm/m53xxacr.h | 6 +- arch/mips/include/asm/kvm_host.h | 2 +- arch/mips/kvm/mmu.c | 3 +- arch/powerpc/include/asm/kvm_host.h | 3 +- arch/powerpc/kvm/book3s.c | 3 +- arch/powerpc/kvm/e500_mmu_host.c | 3 +- arch/powerpc/platforms/pseries/ras.c | 1 - arch/s390/kernel/ptrace.c | 7 +- arch/s390/kernel/runtime_instr.c | 2 +- arch/x86/include/asm/kvm_host.h | 3 +- arch/x86/kvm/mmu.c | 3 +- arch/x86/kvm/x86.c | 2 +- arch/x86/pci/xen.c | 1 + drivers/clk/clk.c | 52 +++++++++++--- drivers/cpufreq/intel_pstate.c | 1 + drivers/firmware/efi/efi.c | 2 + .../gpu/drm/amd/display/include/fixed31_32.h | 3 + drivers/gpu/drm/vgem/vgem_drv.c | 27 ------- drivers/infiniband/hw/bnxt_re/main.c | 3 +- drivers/input/mouse/psmouse-base.c | 2 +- drivers/media/pci/ttpci/budget-core.c | 11 ++- drivers/media/platform/davinci/vpss.c | 20 ++++-- drivers/net/bonding/bond_main.c | 42 +++++++++-- drivers/net/dsa/b53/b53_common.c | 2 + drivers/net/ethernet/amazon/ena/ena_netdev.c | 19 ++--- drivers/net/ethernet/cortina/gemini.c | 4 +- drivers/net/ethernet/freescale/fec_main.c | 4 +- .../net/ethernet/intel/i40e/i40e_adminq_cmd.h | 2 +- drivers/net/ethernet/intel/i40e/i40e_common.c | 35 ++++++--- drivers/net/ethernet/intel/i40e/i40e_main.c | 3 + drivers/net/hyperv/netvsc_drv.c | 2 +- drivers/rtc/rtc-goldfish.c | 1 + drivers/s390/scsi/zfcp_fsf.c | 4 +- drivers/scsi/libfc/fc_disc.c | 12 +++- drivers/scsi/ufs/ufs_quirks.h | 1 + drivers/scsi/ufs/ufshcd.c | 2 + drivers/spi/Kconfig | 3 + drivers/spi/spi.c | 21 +++++- drivers/target/target_core_user.c | 2 +- drivers/vfio/vfio_iommu_type1.c | 71 +++++++++++++++++-- drivers/video/fbdev/efifb.c | 2 +- drivers/virtio/virtio_ring.c | 3 + drivers/xen/preempt.c | 2 +- fs/afs/dynroot.c | 20 +++--- fs/btrfs/ctree.h | 2 + fs/btrfs/export.c | 8 +-- fs/btrfs/export.h | 5 ++ fs/btrfs/inode.c | 23 +++--- fs/btrfs/super.c | 18 +++-- fs/btrfs/sysfs.c | 4 ++ fs/ceph/mds_client.c | 3 +- fs/eventpoll.c | 19 ++--- fs/ext4/namei.c | 22 ++++-- fs/jbd2/journal.c | 4 +- fs/jffs2/dir.c | 6 +- fs/romfs/storage.c | 4 +- fs/signalfd.c | 10 +-- fs/xfs/xfs_sysfs.h | 6 +- fs/xfs/xfs_trans_dquot.c | 2 +- kernel/kthread.c | 17 ++++- kernel/relay.c | 1 + mm/hugetlb.c | 24 +++---- mm/khugepaged.c | 7 +- mm/page_alloc.c | 7 +- net/sunrpc/xprtrdma/svc_rdma_recvfrom.c | 2 + scripts/kconfig/qconf.cc | 70 +++++++++--------- sound/soc/codecs/msm8916-wcd-analog.c | 4 +- sound/soc/intel/atom/sst-mfld-platform-pcm.c | 5 +- sound/soc/qcom/qdsp6/q6routing.c | 16 +++++ tools/perf/util/probe-finder.c | 2 +- tools/testing/selftests/cgroup/cgroup_util.c | 2 +- virt/kvm/arm/mmu.c | 18 +++-- virt/kvm/kvm_main.c | 2 +- 77 files changed, 508 insertions(+), 236 deletions(-) -- 2.25.1

1 72

[PATCH 1/6] can: j1939: fix kernel-infoleak in j1939_sk_sock2sockaddr_can()
by Yang Yingliang 08 Sep '20

08 Sep '20

From: Eric Dumazet <edumazet(a)google.com> mainline inclusion from mainline-v5.9-rc2 commit 38ba8b9241f5848a49b80fddac9ab5f4692e434e category: bugfix bugzilla: 38684 CVE: NA --------------------------- syzbot found that at least 2 bytes of kernel information were leaked during getsockname() on AF_CAN CAN_J1939 socket. Since struct sockaddr_can has in fact two holes, simply clear the whole area before filling it with useful data. BUG: KMSAN: kernel-infoleak in kmsan_copy_to_user+0x81/0x90 mm/kmsan/kmsan_hooks.c:253 CPU: 0 PID: 8466 Comm: syz-executor511 Not tainted 5.8.0-rc5-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x21c/0x280 lib/dump_stack.c:118 kmsan_report+0xf7/0x1e0 mm/kmsan/kmsan_report.c:121 kmsan_internal_check_memory+0x238/0x3d0 mm/kmsan/kmsan.c:423 kmsan_copy_to_user+0x81/0x90 mm/kmsan/kmsan_hooks.c:253 instrument_copy_to_user include/linux/instrumented.h:91 [inline] _copy_to_user+0x18e/0x260 lib/usercopy.c:39 copy_to_user include/linux/uaccess.h:186 [inline] move_addr_to_user+0x3de/0x670 net/socket.c:237 __sys_getsockname+0x407/0x5e0 net/socket.c:1909 __do_sys_getsockname net/socket.c:1920 [inline] __se_sys_getsockname+0x91/0xb0 net/socket.c:1917 __x64_sys_getsockname+0x4a/0x70 net/socket.c:1917 do_syscall_64+0xad/0x160 arch/x86/entry/common.c:386 entry_SYSCALL_64_after_hwframe+0x44/0xa9 RIP: 0033:0x440219 Code: Bad RIP value. RSP: 002b:00007ffe5ee150c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000033 RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 0000000000440219 RDX: 0000000020000240 RSI: 0000000020000100 RDI: 0000000000000003 RBP: 00000000006ca018 R08: 0000000000000000 R09: 00000000004002c8 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000401a20 R13: 0000000000401ab0 R14: 0000000000000000 R15: 0000000000000000 Local variable ----address@__sys_getsockname created at: __sys_getsockname+0x91/0x5e0 net/socket.c:1894 __sys_getsockname+0x91/0x5e0 net/socket.c:1894 Bytes 2-3 of 24 are uninitialized Memory access of size 24 starts at ffff8880ba2c7de8 Data copied to user address 0000000020000100 Fixes: 9d71dd0c7009 ("can: add support of SAE J1939 protocol") Signed-off-by: Eric Dumazet <edumazet(a)google.com> Reported-by: syzbot <syzkaller(a)googlegroups.com> Cc: Robin van der Gracht <robin(a)protonic.nl> Cc: Oleksij Rempel <o.rempel(a)pengutronix.de> Cc: Pengutronix Kernel Team <kernel(a)pengutronix.de> Cc: linux-can(a)vger.kernel.org Acked-by: Oleksij Rempel <o.rempel(a)pengutronix.de> Link: https://lore.kernel.org/r/20200813161834.4021638-1-edumazet@google.com Signed-off-by: Marc Kleine-Budde <mkl(a)pengutronix.de> Signed-off-by: Zhang Changzhong <zhangchangzhong(a)huawei.com> Reviewed-by: Yue Haibing <yuehaibing(a)huawei.com> Signed-off-by: Yang Yingliang <yangyingliang(a)huawei.com> --- net/can/j1939/socket.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/net/can/j1939/socket.c b/net/can/j1939/socket.c index f7587428febdd..2f4e2142ef268 100644 --- a/net/can/j1939/socket.c +++ b/net/can/j1939/socket.c @@ -553,6 +553,11 @@ static int j1939_sk_connect(struct socket *sock, struct sockaddr *uaddr, static void j1939_sk_sock2sockaddr_can(struct sockaddr_can *addr, const struct j1939_sock *jsk, int peer) { + /* There are two holes (2 bytes and 3 bytes) to clear to avoid + * leaking kernel information to user space. + */ + memset(addr, 0, J1939_MIN_NAMELEN); + addr->can_family = AF_CAN; addr->can_ifindex = jsk->ifindex; addr->can_addr.j1939.pgn = jsk->addr.pgn; -- 2.25.1

1 5

[PATCH 0/4] Support Common Not Private
by Yang Yingliang 08 Sep '20

08 Sep '20

Cheng Jian (1): config: arm64: set defalut value of config CNP Vladimir Murzin (3): arm64: mm: Support Common Not Private translations arm64: KVM: Enable Common Not Private translations arm64: Introduce command line parameter to disable CNP .../admin-guide/kernel-parameters.txt | 4 ++ arch/arm/include/asm/kvm_arm.h | 1 + arch/arm/include/asm/kvm_mmu.h | 5 +++ arch/arm64/Kconfig | 14 ++++++ arch/arm64/configs/euleros_defconfig | 1 + arch/arm64/configs/hulk_defconfig | 1 + arch/arm64/configs/openeuler_defconfig | 1 + arch/arm64/configs/storage_ci_defconfig | 1 + arch/arm64/configs/syzkaller_defconfig | 1 + arch/arm64/include/asm/cpucaps.h | 3 +- arch/arm64/include/asm/cpufeature.h | 6 +++ arch/arm64/include/asm/kvm_arm.h | 1 + arch/arm64/include/asm/kvm_mmu.h | 5 +++ arch/arm64/include/asm/mmu_context.h | 17 +++++++- arch/arm64/include/asm/pgtable-hwdef.h | 2 + arch/arm64/kernel/cpufeature.c | 43 +++++++++++++++++++ arch/arm64/kernel/suspend.c | 4 ++ arch/arm64/kvm/hyp-init.S | 3 ++ arch/arm64/mm/context.c | 3 ++ arch/arm64/mm/proc.S | 11 +++-- virt/kvm/arm/arm.c | 4 +- 21 files changed, 123 insertions(+), 8 deletions(-) -- 2.25.1

1 4

[PATCH 1/8] posix-cpu-timers: Stop disabling timers on mt-exec
by Yang Yingliang 08 Sep '20

08 Sep '20

From: "Eric W. Biederman" <ebiederm(a)xmission.com> mainline inclusion from mainline-v5.6 commit b95e31c07c5eb4f5c0769f12b38b0343d7961040 category: bugfix bugzilla: 32426 CVE: NA ------------------------ The reasons why the extra posix_cpu_timers_exit_group() invocation has been added are not entirely clear from the commit message. Today all that posix_cpu_timers_exit_group() does is stop timers that are tracking the task from firing. Every other operation on those timers is still allowed. The practical implication of this is posix_cpu_timer_del() which could not get the siglock after the thread group leader has exited (because sighand == NULL) would be able to run successfully because the timer was already dequeued. With that locking issue fixed there is no point in disabling all of the timers. So remove this ``tempoary'' hack. Fixes: e0a70217107e ("posix-cpu-timers: workaround to suppress the problems with mt exec") Signed-off-by: "Eric W. Biederman" <ebiederm(a)xmission.com> Signed-off-by: Thomas Gleixner <tglx(a)linutronix.de> Link: https://lkml.kernel.org/r/87o8tityzs.fsf@x220.int.ebiederm.org Reviewed-by: Xiongfeng Wang <wangxiongfeng2(a)huawei.com> Signed-off-by: Yang Yingliang <yangyingliang(a)huawei.com> --- kernel/exit.c | 11 +---------- 1 file changed, 1 insertion(+), 10 deletions(-) diff --git a/kernel/exit.c b/kernel/exit.c index 35adc3b1e9be9..891d65e3ffd51 100644 --- a/kernel/exit.c +++ b/kernel/exit.c @@ -102,17 +102,8 @@ static void __exit_signal(struct task_struct *tsk) #ifdef CONFIG_POSIX_TIMERS posix_cpu_timers_exit(tsk); - if (group_dead) { + if (group_dead) posix_cpu_timers_exit_group(tsk); - } else { - /* - * This can only happen if the caller is de_thread(). - * FIXME: this is the temporary hack, we should teach - * posix-cpu-timers to handle this case correctly. - */ - if (unlikely(has_group_leader_pid(tsk))) - posix_cpu_timers_exit_group(tsk); - } #endif if (group_dead) { -- 2.25.1

1 7

[PATCH] defconfig: update the defconfigs to support NVDIMM
by Yang Yingliang 08 Sep '20

08 Sep '20

From: Hanjun Guo <guohanjun(a)huawei.com> hulk inclusion category: feature bugzilla: NA CVE: NA --------------------------- openEuler wants NVDIMM support, update the defconfig. Signed-off-by: Hanjun Guo <guohanjun(a)huawei.com> Signed-off-by: Yang Yingliang <yangyingliang(a)huawei.com> --- arch/arm64/configs/hulk_defconfig | 2 +- arch/arm64/configs/openeuler_defconfig | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/arch/arm64/configs/hulk_defconfig b/arch/arm64/configs/hulk_defconfig index 809f808363616..a696b55daaae0 100644 --- a/arch/arm64/configs/hulk_defconfig +++ b/arch/arm64/configs/hulk_defconfig @@ -644,7 +644,7 @@ CONFIG_ACPI_HED=y # CONFIG_ACPI_CUSTOM_METHOD is not set # CONFIG_ACPI_BGRT is not set CONFIG_ACPI_REDUCED_HARDWARE_ONLY=y -# CONFIG_ACPI_NFIT is not set +CONFIG_ACPI_NFIT=m CONFIG_HAVE_ACPI_APEI=y CONFIG_ACPI_APEI=y CONFIG_ACPI_APEI_GHES=y diff --git a/arch/arm64/configs/openeuler_defconfig b/arch/arm64/configs/openeuler_defconfig index d3144ca393452..91bef6fcdbf88 100644 --- a/arch/arm64/configs/openeuler_defconfig +++ b/arch/arm64/configs/openeuler_defconfig @@ -640,7 +640,7 @@ CONFIG_ACPI_HED=y # CONFIG_ACPI_CUSTOM_METHOD is not set # CONFIG_ACPI_BGRT is not set CONFIG_ACPI_REDUCED_HARDWARE_ONLY=y -# CONFIG_ACPI_NFIT is not set +CONFIG_ACPI_NFIT=m CONFIG_HAVE_ACPI_APEI=y CONFIG_ACPI_APEI=y CONFIG_ACPI_APEI_GHES=y -- 2.25.1

1 0

[PATCH 1/5] net: hns3: check cmdq message parameters sent from VF
by Yang Yingliang 08 Sep '20

08 Sep '20

From: Yufeng Mo <moyufeng(a)huawei.com> driver inclusion category: bugfix bugzilla: NA CVE: NA ----------------------------------- The parameters sent from VF may be unreliable. If these parameters are used directly, memory overwriting may occur. Therefore, we need to check parameters before using. Signed-off-by: Yufeng Mo <moyufeng(a)huawei.com> Reviewed-by: Peng Li <lipeng321(a)huawei.com> Reviewed-by: Weiwei Deng <dengweiwei(a)huawei.com> Reviewed-by: Zhaohui Zhong <zhongzhaohui(a)huawei.com> Reviewed-by: Junxin Chen <chenjunxin1(a)huawei.com> Signed-off-by: Shengzui You <youshengzui(a)huawei.com> Signed-off-by: Yang Yingliang <yangyingliang(a)huawei.com> --- .../hisilicon/hns3/hns3pf/hclge_main.c | 7 +++++ .../hisilicon/hns3/hns3pf/hclge_mbx.c | 26 ++++++++++--------- 2 files changed, 21 insertions(+), 12 deletions(-) diff --git a/drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_main.c b/drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_main.c index 24b86d704e038..9c3ee09a67d7c 100644 --- a/drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_main.c +++ b/drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_main.c @@ -9542,12 +9542,19 @@ int hclge_reset_tqp(struct hnae3_handle *handle, u16 queue_id) void hclge_reset_vf_queue(struct hclge_vport *vport, u16 queue_id) { + struct hnae3_handle *handle = &vport->nic; struct hclge_dev *hdev = vport->back; int reset_try_times = 0; int reset_status; u16 queue_gid; int ret; + if (queue_id >= handle->kinfo.num_tqps) { + dev_warn(&hdev->pdev->dev, "Invalid vf queue id(%u)\n", + queue_id); + return; + } + queue_gid = hclge_covert_handle_qid_global(&vport->nic, queue_id); ret = hclge_send_reset_tqp_cmd(hdev, queue_gid, true); diff --git a/drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_mbx.c b/drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_mbx.c index 72fd997576016..33ca01408cfcb 100644 --- a/drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_mbx.c +++ b/drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_mbx.c @@ -167,21 +167,31 @@ static int hclge_get_ring_chain_from_mbx( struct hclge_vport *vport) { struct hnae3_ring_chain_node *cur_chain, *new_chain; + struct hclge_dev *hdev = vport->back; int ring_num; - int i = 0; + int i; ring_num = req->msg.ring_num; if (ring_num > HCLGE_MBX_MAX_RING_CHAIN_PARAM_NUM) return -ENOMEM; + for (i = 0; i < ring_num; i++) { + if (req->msg.param[i].tqp_index >= vport->nic.kinfo.rss_size) { + dev_err(&hdev->pdev->dev, "tqp index(%u) is out of range(0-%u)\n", + req->msg.param[i].tqp_index, + vport->nic.kinfo.rss_size - 1); + return -EINVAL; + } + } + hnae3_set_bit(ring_chain->flag, HNAE3_RING_TYPE_B, - req->msg.param[i].ring_type); + req->msg.param[0].ring_type); ring_chain->tqp_index = hclge_get_queue_id(vport->nic.kinfo.tqp - [req->msg.param[i].tqp_index]); + [req->msg.param[0].tqp_index]); hnae3_set_field(ring_chain->int_gl_idx, HNAE3_RING_GL_IDX_M, - HNAE3_RING_GL_IDX_S, req->msg.param[i].int_gl_index); + HNAE3_RING_GL_IDX_S, req->msg.param[0].int_gl_index); cur_chain = ring_chain; @@ -270,7 +280,6 @@ static int hclge_get_vf_ring_vector_map(struct hclge_vport *vport, #define HCLGE_VECTOR_ID_OFFSET 3 #define HCLGE_RING_VECTOR_MAP_INFO_LEN 4 struct hnae3_ring_chain_node ring_chain; - struct hclge_dev *hdev = vport->back; struct hclge_desc desc; struct hclge_ctrl_vector_chain_cmd *data = (struct hclge_ctrl_vector_chain_cmd *)desc.data; @@ -278,13 +287,6 @@ static int hclge_get_vf_ring_vector_map(struct hclge_vport *vport, u8 int_gl_index; int ret; - if (req->msg.param[0].tqp_index >= vport->nic.kinfo.rss_size) { - dev_err(&hdev->pdev->dev, "tqp index(%u) is out of range(0-%u)\n", - req->msg.param[0].tqp_index, - vport->nic.kinfo.rss_size - 1); - return -EINVAL; - } - req->msg.ring_num = HCLGE_LIMIT_RING_NUM; memset(&ring_chain, 0, sizeof(ring_chain)); -- 2.25.1

1 4

[PATCH 1/2] config: add certs dir to CONFIG_MODULE_SIG_KEY
by Yang Yingliang 08 Sep '20

08 Sep '20

hulk inclusion category: bugfix bugzilla: NA CVE: NA --------------------------- make[1]: *** No rule to make target 'signing_key.pem', needed by 'certs/signing_key.x509'. Stop. Fix the compile error by add certs dir to CONFIG_MODULE_SIG_KEY. Reviewed-by: Xie XiuQi <xiexiuqi(a)huawei.com> Signed-off-by: Yang Yingliang <yangyingliang(a)huawei.com> --- arch/arm64/configs/euleros_defconfig | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/arm64/configs/euleros_defconfig b/arch/arm64/configs/euleros_defconfig index c0ec409e48ac7..6b8a71fd4f846 100644 --- a/arch/arm64/configs/euleros_defconfig +++ b/arch/arm64/configs/euleros_defconfig @@ -5317,7 +5317,7 @@ CONFIG_SIGNED_PE_FILE_VERIFICATION=y # # Certificates for signature checking # -CONFIG_MODULE_SIG_KEY="./signing_key.pem" +CONFIG_MODULE_SIG_KEY="certs/signing_key.pem" CONFIG_SYSTEM_TRUSTED_KEYRING=y CONFIG_SYSTEM_TRUSTED_KEYS="" # CONFIG_SYSTEM_EXTRA_CERTIFICATE is not set -- 2.25.1

1 1

[PATCH] Revert "net: hns3: fix for ping failed when resume from s3 or s4"
by Yonglong Liu 08 Sep '20

08 Sep '20

This reverts commit 4c6d4e21ed9b2309f15ef9074e80c7fc1c09ccfc. Because commit: 412c29318f9b ("net: hns3: refactor the MAC address configure") removed the operation of HNAE3_RESTORE_CLIENT. --- drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_main.c | 4 ---- 1 file changed, 4 deletions(-) diff --git a/drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_main.c b/drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_main.c index 6ee6b4e..823f161 100644 --- a/drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_main.c +++ b/drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_main.c @@ -3858,10 +3858,6 @@ static int hclge_resume(struct hnae3_ae_dev *ae_dev) if (ret) goto err_reset_lock; - ret = hclge_notify_client(hdev, HNAE3_RESTORE_CLIENT); - if (ret) - goto err_reset_lock; - rtnl_unlock(); ret = hclge_notify_roce_client(hdev, HNAE3_INIT_CLIENT); -- 2.8.1

1 0

2024

2023

2022

2021

2020

2019

Kernel