- Kernel - mailweb.openeuler.org

[PATCH OLK-5.10] netrom: Fix data-races around sysctl_net_busy_read
by Hongbo Li 22 May '24

22 May '24

From: Jason Xing <kernelxing(a)tencent.com> stable inclusion from stable-v5.10.213 commit bbf950a6e96a91cf8cf0c71117b94ed3fafc9dd3 category: bugfix bugzilla: https://gitee.com/src-openeuler/kernel/issues/I9Q94D CVE: CVE-2024-27419 Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id… -------------------------------- [ Upstream commit d380ce70058a4ccddc3e5f5c2063165dc07672c6 ] We need to protect the reader reading the sysctl value because the value can be changed concurrently. Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2") Signed-off-by: Jason Xing <kernelxing(a)tencent.com> Signed-off-by: Paolo Abeni <pabeni(a)redhat.com> Signed-off-by: Sasha Levin <sashal(a)kernel.org> Signed-off-by: Hongbo Li <lihongbo22(a)huawei.com> --- net/netrom/af_netrom.c | 2 +- net/netrom/nr_in.c | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/net/netrom/af_netrom.c b/net/netrom/af_netrom.c index 24747163122b..7ff5940f5b96 100644 --- a/net/netrom/af_netrom.c +++ b/net/netrom/af_netrom.c @@ -954,7 +954,7 @@ int nr_rx_frame(struct sk_buff *skb, struct net_device *dev) * G8PZT's Xrouter which is sending packets with command type 7 * as an extension of the protocol. */ - if (sysctl_netrom_reset_circuit && + if (READ_ONCE(sysctl_netrom_reset_circuit) && (frametype != NR_RESET || flags != 0)) nr_transmit_reset(skb, 1); diff --git a/net/netrom/nr_in.c b/net/netrom/nr_in.c index 69e58906c32b..034f79d11ae1 100644 --- a/net/netrom/nr_in.c +++ b/net/netrom/nr_in.c @@ -97,7 +97,7 @@ static int nr_state1_machine(struct sock *sk, struct sk_buff *skb, break; case NR_RESET: - if (sysctl_netrom_reset_circuit) + if (READ_ONCE(sysctl_netrom_reset_circuit)) nr_disconnect(sk, ECONNRESET); break; @@ -128,7 +128,7 @@ static int nr_state2_machine(struct sock *sk, struct sk_buff *skb, break; case NR_RESET: - if (sysctl_netrom_reset_circuit) + if (READ_ONCE(sysctl_netrom_reset_circuit)) nr_disconnect(sk, ECONNRESET); break; @@ -263,7 +263,7 @@ static int nr_state3_machine(struct sock *sk, struct sk_buff *skb, int frametype break; case NR_RESET: - if (sysctl_netrom_reset_circuit) + if (READ_ONCE(sysctl_netrom_reset_circuit)) nr_disconnect(sk, ECONNRESET); break; -- 2.34.1

2 1

[PATCH openEuler-1.0-LTS] netrom: Fix data-races around sysctl_net_busy_read
by Hongbo Li 22 May '24

22 May '24

From: Jason Xing <kernelxing(a)tencent.com> stable inclusion from stable-v5.10.213 commit bbf950a6e96a91cf8cf0c71117b94ed3fafc9dd3 category: bugfix bugzilla: https://gitee.com/src-openeuler/kernel/issues/I9Q94D CVE: CVE-2024-27419 Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id… -------------------------------- [ Upstream commit d380ce70058a4ccddc3e5f5c2063165dc07672c6 ] We need to protect the reader reading the sysctl value because the value can be changed concurrently. Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2") Signed-off-by: Jason Xing <kernelxing(a)tencent.com> Signed-off-by: Paolo Abeni <pabeni(a)redhat.com> Signed-off-by: Sasha Levin <sashal(a)kernel.org> Signed-off-by: Hongbo Li <lihongbo22(a)huawei.com> --- net/netrom/af_netrom.c | 2 +- net/netrom/nr_in.c | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/net/netrom/af_netrom.c b/net/netrom/af_netrom.c index a5d819fa7c89..8f18fea17cfc 100644 --- a/net/netrom/af_netrom.c +++ b/net/netrom/af_netrom.c @@ -952,7 +952,7 @@ int nr_rx_frame(struct sk_buff *skb, struct net_device *dev) * G8PZT's Xrouter which is sending packets with command type 7 * as an extension of the protocol. */ - if (sysctl_netrom_reset_circuit && + if (READ_ONCE(sysctl_netrom_reset_circuit) && (frametype != NR_RESET || flags != 0)) nr_transmit_reset(skb, 1); diff --git a/net/netrom/nr_in.c b/net/netrom/nr_in.c index fbfdae452ff9..01ccd00d1c00 100644 --- a/net/netrom/nr_in.c +++ b/net/netrom/nr_in.c @@ -100,7 +100,7 @@ static int nr_state1_machine(struct sock *sk, struct sk_buff *skb, break; case NR_RESET: - if (sysctl_netrom_reset_circuit) + if (READ_ONCE(sysctl_netrom_reset_circuit)) nr_disconnect(sk, ECONNRESET); break; @@ -131,7 +131,7 @@ static int nr_state2_machine(struct sock *sk, struct sk_buff *skb, break; case NR_RESET: - if (sysctl_netrom_reset_circuit) + if (READ_ONCE(sysctl_netrom_reset_circuit)) nr_disconnect(sk, ECONNRESET); break; @@ -266,7 +266,7 @@ static int nr_state3_machine(struct sock *sk, struct sk_buff *skb, int frametype break; case NR_RESET: - if (sysctl_netrom_reset_circuit) + if (READ_ONCE(sysctl_netrom_reset_circuit)) nr_disconnect(sk, ECONNRESET); break; -- 2.34.1

2 1

[PATCH OLK-5.10] ipv4: check for NULL idev in ip_route_use_hint()
by Zhengchao Shao 22 May '24

22 May '24

From: Eric Dumazet <edumazet(a)google.com> stable inclusion from stable-v5.10.216 commit 7da0f91681c4902bc5c210356fdd963b04d5d1d4 category: bugfix bugzilla: https://gitee.com/src-openeuler/kernel/issues/I9QRDG CVE: CVE-2024-36008 Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id… -------------------------------- [ Upstream commit 58a4c9b1e5a3e53c9148e80b90e1e43897ce77d1 ] syzbot was able to trigger a NULL deref in fib_validate_source() in an old tree [1]. It appears the bug exists in latest trees. All calls to __in_dev_get_rcu() must be checked for a NULL result. [1] general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] SMP KASAN KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007] CPU: 2 PID: 3257 Comm: syz-executor.3 Not tainted 5.10.0-syzkaller #0 Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 RIP: 0010:fib_validate_source+0xbf/0x15a0 net/ipv4/fib_frontend.c:425 Code: 18 f2 f2 f2 f2 42 c7 44 20 23 f3 f3 f3 f3 48 89 44 24 78 42 c6 44 20 27 f3 e8 5d 88 48 fc 4c 89 e8 48 c1 e8 03 48 89 44 24 18 <42> 80 3c 20 00 74 08 4c 89 ef e8 d2 15 98 fc 48 89 5c 24 10 41 bf RSP: 0018:ffffc900015fee40 EFLAGS: 00010246 RAX: 0000000000000000 RBX: ffff88800f7a4000 RCX: ffff88800f4f90c0 RDX: 0000000000000000 RSI: 0000000004001eac RDI: ffff8880160c64c0 RBP: ffffc900015ff060 R08: 0000000000000000 R09: ffff88800f7a4000 R10: 0000000000000002 R11: ffff88800f4f90c0 R12: dffffc0000000000 R13: 0000000000000000 R14: 0000000000000000 R15: ffff88800f7a4000 FS: 00007f938acfe6c0(0000) GS:ffff888058c00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007f938acddd58 CR3: 000000001248e000 CR4: 0000000000352ef0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: ip_route_use_hint+0x410/0x9b0 net/ipv4/route.c:2231 ip_rcv_finish_core+0x2c4/0x1a30 net/ipv4/ip_input.c:327 ip_list_rcv_finish net/ipv4/ip_input.c:612 [inline] ip_sublist_rcv+0x3ed/0xe50 net/ipv4/ip_input.c:638 ip_list_rcv+0x422/0x470 net/ipv4/ip_input.c:673 __netif_receive_skb_list_ptype net/core/dev.c:5572 [inline] __netif_receive_skb_list_core+0x6b1/0x890 net/core/dev.c:5620 __netif_receive_skb_list net/core/dev.c:5672 [inline] netif_receive_skb_list_internal+0x9f9/0xdc0 net/core/dev.c:5764 netif_receive_skb_list+0x55/0x3e0 net/core/dev.c:5816 xdp_recv_frames net/bpf/test_run.c:257 [inline] xdp_test_run_batch net/bpf/test_run.c:335 [inline] bpf_test_run_xdp_live+0x1818/0x1d00 net/bpf/test_run.c:363 bpf_prog_test_run_xdp+0x81f/0x1170 net/bpf/test_run.c:1376 bpf_prog_test_run+0x349/0x3c0 kernel/bpf/syscall.c:3736 __sys_bpf+0x45c/0x710 kernel/bpf/syscall.c:5115 __do_sys_bpf kernel/bpf/syscall.c:5201 [inline] __se_sys_bpf kernel/bpf/syscall.c:5199 [inline] __x64_sys_bpf+0x7c/0x90 kernel/bpf/syscall.c:5199 Fixes: 02b24941619f ("ipv4: use dst hint for ipv4 list receive") Reported-by: syzbot <syzkaller(a)googlegroups.com> Signed-off-by: Eric Dumazet <edumazet(a)google.com> Acked-by: Paolo Abeni <pabeni(a)redhat.com> Link: https://lore.kernel.org/r/20240421184326.1704930-1-edumazet@google.com Signed-off-by: Jakub Kicinski <kuba(a)kernel.org> Signed-off-by: Sasha Levin <sashal(a)kernel.org> Signed-off-by: Zhengchao Shao <shaozhengchao(a)huawei.com> --- net/ipv4/route.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/net/ipv4/route.c b/net/ipv4/route.c index 6260963775d5..81ccad22a904 100644 --- a/net/ipv4/route.c +++ b/net/ipv4/route.c @@ -2081,6 +2081,9 @@ int ip_route_use_hint(struct sk_buff *skb, __be32 daddr, __be32 saddr, int err = -EINVAL; u32 tag = 0; + if (!in_dev) + return -EINVAL; + if (ipv4_is_multicast(saddr) || ipv4_is_lbcast(saddr)) goto martian_source; -- 2.34.1

2 1

[PATCH OLK-5.10] wifi: iwlwifi: dbg-tlv: ensure NUL termination
by Zheng Yejian 22 May '24

22 May '24

From: Johannes Berg <johannes.berg(a)intel.com> stable inclusion from stable-v5.10.214 commit fabe2db7de32a881e437ee69db32e0de785a6209 category: bugfix bugzilla: https://gitee.com/src-openeuler/kernel/issues/I9Q9E2 Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id… -------------------------------- [ Upstream commit ea1d166fae14e05d49ffb0ea9fcd4658f8d3dcea ] The iwl_fw_ini_debug_info_tlv is used as a string, so we must ensure the string is terminated correctly before using it. Fixes: a9248de42464 ("iwlwifi: dbg_ini: add TLV allocation new API support") Signed-off-by: Johannes Berg <johannes.berg(a)intel.com> Reviewed-by: Gregory Greenman <gregory.greenman(a)intel.com> Signed-off-by: Miri Korenblit <miriam.rachel.korenblit(a)intel.com> Link: https://msgid.link/20240128084842.be15e858ee89.Ibff93429cf999eafc7b26f3eef4… Signed-off-by: Johannes Berg <johannes.berg(a)intel.com> Signed-off-by: Sasha Levin <sashal(a)kernel.org> Signed-off-by: Zheng Yejian <zhengyejian1(a)huawei.com> --- drivers/net/wireless/intel/iwlwifi/iwl-dbg-tlv.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/drivers/net/wireless/intel/iwlwifi/iwl-dbg-tlv.c b/drivers/net/wireless/intel/iwlwifi/iwl-dbg-tlv.c index bcaec8a184cd..299819d2d190 100644 --- a/drivers/net/wireless/intel/iwlwifi/iwl-dbg-tlv.c +++ b/drivers/net/wireless/intel/iwlwifi/iwl-dbg-tlv.c @@ -155,6 +155,12 @@ static int iwl_dbg_tlv_alloc_debug_info(struct iwl_trans *trans, if (le32_to_cpu(tlv->length) != sizeof(*debug_info)) return -EINVAL; + /* we use this as a string, ensure input was NUL terminated */ + if (strnlen(debug_info->debug_cfg_name, + sizeof(debug_info->debug_cfg_name)) == + sizeof(debug_info->debug_cfg_name)) + return -EINVAL; + IWL_DEBUG_FW(trans, "WRT: Loading debug cfg: %s\n", debug_info->debug_cfg_name); -- 2.25.1

2 1

[PATCH openEuler-22.03-LTS-SP2] x86/fpu: Keep xfd_state in sync with MSR_IA32_XFD
by Yang Yingliang 22 May '24

22 May '24

From: Adamos Ttofari <attofari(a)amazon.de> mainline inclusion from mainline-v6.9-rc1 commit 10e4b5166df9ff7a2d5316138ca668b42d004422 category: bugfix bugzilla: https://gitee.com/openeuler/kernel/issues/I9NZ3E Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?… -------------------------------- Commit 672365477ae8 ("x86/fpu: Update XFD state where required") and commit 8bf26758ca96 ("x86/fpu: Add XFD state to fpstate") introduced a per CPU variable xfd_state to keep the MSR_IA32_XFD value cached, in order to avoid unnecessary writes to the MSR. On CPU hotplug MSR_IA32_XFD is reset to the init_fpstate.xfd, which wipes out any stale state. But the per CPU cached xfd value is not reset, which brings them out of sync. As a consequence a subsequent xfd_update_state() might fail to update the MSR which in turn can result in XRSTOR raising a #NM in kernel space, which crashes the kernel. To fix this, introduce xfd_set_state() to write xfd_state together with MSR_IA32_XFD, and use it in all places that set MSR_IA32_XFD. Fixes: 672365477ae8 ("x86/fpu: Update XFD state where required") Signed-off-by: Adamos Ttofari <attofari(a)amazon.de> Signed-off-by: Chang S. Bae <chang.seok.bae(a)intel.com> Signed-off-by: Ingo Molnar <mingo(a)kernel.org> Reviewed-by: Thomas Gleixner <tglx(a)linutronix.de> Link: https://lore.kernel.org/r/20240322230439.456571-1-chang.seok.bae@intel.com Closes: https://lore.kernel.org/lkml/20230511152818.13839-1-attofari@amazon.de Signed-off-by: Yang Yingliang <yangyingliang(a)huawei.com> --- arch/x86/kernel/fpu/xstate.c | 5 +++-- arch/x86/kernel/fpu/xstate.h | 14 ++++++++++---- 2 files changed, 13 insertions(+), 6 deletions(-) diff --git a/arch/x86/kernel/fpu/xstate.c b/arch/x86/kernel/fpu/xstate.c index 6ceb0996e23a..78dcdf348218 100644 --- a/arch/x86/kernel/fpu/xstate.c +++ b/arch/x86/kernel/fpu/xstate.c @@ -176,10 +176,11 @@ void fpu__init_cpu_xstate(void) * Must happen after CR4 setup and before xsetbv() to allow KVM * lazy passthrough. Write independent of the dynamic state static * key as that does not work on the boot CPU. This also ensures - * that any stale state is wiped out from XFD. + * that any stale state is wiped out from XFD. Reset the per CPU + * xfd cache too. */ if (cpu_feature_enabled(X86_FEATURE_XFD)) - wrmsrl(MSR_IA32_XFD, init_fpstate.xfd); + xfd_set_state(init_fpstate.xfd); /* * XCR_XFEATURE_ENABLED_MASK (aka. XCR0) sets user features diff --git a/arch/x86/kernel/fpu/xstate.h b/arch/x86/kernel/fpu/xstate.h index 8707ba0f1a8b..6536c416ba2e 100644 --- a/arch/x86/kernel/fpu/xstate.h +++ b/arch/x86/kernel/fpu/xstate.h @@ -151,20 +151,26 @@ static inline void xfd_validate_state(struct fpstate *fpstate, u64 mask, bool rs #endif #ifdef CONFIG_X86_64 +static inline void xfd_set_state(u64 xfd) +{ + wrmsrl(MSR_IA32_XFD, xfd); + __this_cpu_write(xfd_state, xfd); +} + static inline void xfd_update_state(struct fpstate *fpstate) { if (fpu_state_size_dynamic()) { u64 xfd = fpstate->xfd; - if (__this_cpu_read(xfd_state) != xfd) { - wrmsrl(MSR_IA32_XFD, xfd); - __this_cpu_write(xfd_state, xfd); - } + if (__this_cpu_read(xfd_state) != xfd) + xfd_set_state(xfd); } } extern int __xfd_enable_feature(u64 which, struct fpu_guest *guest_fpu); #else +static inline void xfd_set_state(u64 xfd) { } + static inline void xfd_update_state(struct fpstate *fpstate) { } static inline int __xfd_enable_feature(u64 which, struct fpu_guest *guest_fpu) { -- 2.25.1

2 1

[PATCH openEuler-22.03-LTS-SP1] x86/fpu: Keep xfd_state in sync with MSR_IA32_XFD
by Yang Yingliang 22 May '24

22 May '24

From: Adamos Ttofari <attofari(a)amazon.de> mainline inclusion from mainline-v6.9-rc1 commit 10e4b5166df9ff7a2d5316138ca668b42d004422 category: bugfix bugzilla: https://gitee.com/openeuler/kernel/issues/I9NZ3E Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?… -------------------------------- Commit 672365477ae8 ("x86/fpu: Update XFD state where required") and commit 8bf26758ca96 ("x86/fpu: Add XFD state to fpstate") introduced a per CPU variable xfd_state to keep the MSR_IA32_XFD value cached, in order to avoid unnecessary writes to the MSR. On CPU hotplug MSR_IA32_XFD is reset to the init_fpstate.xfd, which wipes out any stale state. But the per CPU cached xfd value is not reset, which brings them out of sync. As a consequence a subsequent xfd_update_state() might fail to update the MSR which in turn can result in XRSTOR raising a #NM in kernel space, which crashes the kernel. To fix this, introduce xfd_set_state() to write xfd_state together with MSR_IA32_XFD, and use it in all places that set MSR_IA32_XFD. Fixes: 672365477ae8 ("x86/fpu: Update XFD state where required") Signed-off-by: Adamos Ttofari <attofari(a)amazon.de> Signed-off-by: Chang S. Bae <chang.seok.bae(a)intel.com> Signed-off-by: Ingo Molnar <mingo(a)kernel.org> Reviewed-by: Thomas Gleixner <tglx(a)linutronix.de> Link: https://lore.kernel.org/r/20240322230439.456571-1-chang.seok.bae@intel.com Closes: https://lore.kernel.org/lkml/20230511152818.13839-1-attofari@amazon.de Signed-off-by: Yang Yingliang <yangyingliang(a)huawei.com> --- arch/x86/kernel/fpu/xstate.c | 5 +++-- arch/x86/kernel/fpu/xstate.h | 14 ++++++++++---- 2 files changed, 13 insertions(+), 6 deletions(-) diff --git a/arch/x86/kernel/fpu/xstate.c b/arch/x86/kernel/fpu/xstate.c index 6ceb0996e23a..78dcdf348218 100644 --- a/arch/x86/kernel/fpu/xstate.c +++ b/arch/x86/kernel/fpu/xstate.c @@ -176,10 +176,11 @@ void fpu__init_cpu_xstate(void) * Must happen after CR4 setup and before xsetbv() to allow KVM * lazy passthrough. Write independent of the dynamic state static * key as that does not work on the boot CPU. This also ensures - * that any stale state is wiped out from XFD. + * that any stale state is wiped out from XFD. Reset the per CPU + * xfd cache too. */ if (cpu_feature_enabled(X86_FEATURE_XFD)) - wrmsrl(MSR_IA32_XFD, init_fpstate.xfd); + xfd_set_state(init_fpstate.xfd); /* * XCR_XFEATURE_ENABLED_MASK (aka. XCR0) sets user features diff --git a/arch/x86/kernel/fpu/xstate.h b/arch/x86/kernel/fpu/xstate.h index 8707ba0f1a8b..6536c416ba2e 100644 --- a/arch/x86/kernel/fpu/xstate.h +++ b/arch/x86/kernel/fpu/xstate.h @@ -151,20 +151,26 @@ static inline void xfd_validate_state(struct fpstate *fpstate, u64 mask, bool rs #endif #ifdef CONFIG_X86_64 +static inline void xfd_set_state(u64 xfd) +{ + wrmsrl(MSR_IA32_XFD, xfd); + __this_cpu_write(xfd_state, xfd); +} + static inline void xfd_update_state(struct fpstate *fpstate) { if (fpu_state_size_dynamic()) { u64 xfd = fpstate->xfd; - if (__this_cpu_read(xfd_state) != xfd) { - wrmsrl(MSR_IA32_XFD, xfd); - __this_cpu_write(xfd_state, xfd); - } + if (__this_cpu_read(xfd_state) != xfd) + xfd_set_state(xfd); } } extern int __xfd_enable_feature(u64 which, struct fpu_guest *guest_fpu); #else +static inline void xfd_set_state(u64 xfd) { } + static inline void xfd_update_state(struct fpstate *fpstate) { } static inline int __xfd_enable_feature(u64 which, struct fpu_guest *guest_fpu) { -- 2.25.1

2 1

[PATCH OLK-5.10] mlxsw: spectrum_acl_tcam: Fix incorrect list API usage
by Zhengchao Shao 22 May '24

22 May '24

From: Ido Schimmel <idosch(a)nvidia.com> stable inclusion from stable-v5.10.216 commit 09846c2309b150b8ce4e0ce96f058197598fc530 category: bugfix bugzilla: https://gitee.com/src-openeuler/kernel/issues/I9QRA8 CVE: CVE-2024-36006 Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id… -------------------------------- [ Upstream commit b377add0f0117409c418ddd6504bd682ebe0bf79 ] Both the function that migrates all the chunks within a region and the function that migrates all the entries within a chunk call list_first_entry() on the respective lists without checking that the lists are not empty. This is incorrect usage of the API, which leads to the following warning [1]. Fix by returning if the lists are empty as there is nothing to migrate in this case. [1] WARNING: CPU: 0 PID: 6437 at drivers/net/ethernet/mellanox/mlxsw/spectrum_acl_tcam.c:1266 mlxsw_sp_acl_tcam_vchunk_migrate_all+0x1f1/0> Modules linked in: CPU: 0 PID: 6437 Comm: kworker/0:37 Not tainted 6.9.0-rc3-custom-00883-g94a65f079ef6 #39 Hardware name: Mellanox Technologies Ltd. MSN3700/VMOD0005, BIOS 5.11 01/06/2019 Workqueue: mlxsw_core mlxsw_sp_acl_tcam_vregion_rehash_work RIP: 0010:mlxsw_sp_acl_tcam_vchunk_migrate_all+0x1f1/0x2c0 [...] Call Trace: <TASK> mlxsw_sp_acl_tcam_vregion_rehash_work+0x6c/0x4a0 process_one_work+0x151/0x370 worker_thread+0x2cb/0x3e0 kthread+0xd0/0x100 ret_from_fork+0x34/0x50 ret_from_fork_asm+0x1a/0x30 </TASK> Fixes: 6f9579d4e302 ("mlxsw: spectrum_acl: Remember where to continue rehash migration") Signed-off-by: Ido Schimmel <idosch(a)nvidia.com> Tested-by: Alexander Zubkov <green(a)qrator.net> Reviewed-by: Petr Machata <petrm(a)nvidia.com> Signed-off-by: Petr Machata <petrm(a)nvidia.com> Reviewed-by: Simon Horman <horms(a)kernel.org> Link: https://lore.kernel.org/r/4628e9a22d1d84818e28310abbbc498e7bc31bc9.17137971… Signed-off-by: Jakub Kicinski <kuba(a)kernel.org> Signed-off-by: Sasha Levin <sashal(a)kernel.org> Signed-off-by: Zhengchao Shao <shaozhengchao(a)huawei.com> --- drivers/net/ethernet/mellanox/mlxsw/spectrum_acl_tcam.c | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/drivers/net/ethernet/mellanox/mlxsw/spectrum_acl_tcam.c b/drivers/net/ethernet/mellanox/mlxsw/spectrum_acl_tcam.c index d3f99c6b3cae..6f3e82675cc2 100644 --- a/drivers/net/ethernet/mellanox/mlxsw/spectrum_acl_tcam.c +++ b/drivers/net/ethernet/mellanox/mlxsw/spectrum_acl_tcam.c @@ -1263,6 +1263,9 @@ mlxsw_sp_acl_tcam_vchunk_migrate_one(struct mlxsw_sp *mlxsw_sp, return 0; } + if (list_empty(&vchunk->ventry_list)) + goto out; + /* If the migration got interrupted, we have the ventry to start from * stored in context. */ @@ -1312,6 +1315,7 @@ mlxsw_sp_acl_tcam_vchunk_migrate_one(struct mlxsw_sp *mlxsw_sp, } } +out: mlxsw_sp_acl_tcam_vchunk_migrate_end(mlxsw_sp, vchunk, ctx); return 0; } @@ -1325,6 +1329,9 @@ mlxsw_sp_acl_tcam_vchunk_migrate_all(struct mlxsw_sp *mlxsw_sp, struct mlxsw_sp_acl_tcam_vchunk *vchunk; int err; + if (list_empty(&vregion->vchunk_list)) + return 0; + /* If the migration got interrupted, we have the vchunk * we are working on stored in context. */ -- 2.34.1

2 1

[openeuler:OLK-6.6 7647/9681] kernel/livepatch/core.c:216:13: warning: no previous prototype for function 'arch_klp_skip_resolve'
by kernel test robot 22 May '24

22 May '24

tree: https://gitee.com/openeuler/kernel.git OLK-6.6 head: f3f9407325616af0ea4e2399d86d31f8571fa55f commit: b8f3220637be1736c165c289c634f27841ac4e01 [7647/9681] livepatch: add arch hook before doing klp_resolve_symbols config: x86_64-randconfig-073-20240521 (https://download.01.org/0day-ci/archive/20240522/202405220709.iFr8nwBK-lkp@…) compiler: clang version 18.1.5 (https://github.com/llvm/llvm-project 617a15a9eac96088ae5e9134248d8236e34b91b1) reproduce (this is a W=1 build): (https://download.01.org/0day-ci/archive/20240522/202405220709.iFr8nwBK-lkp@…) If you fix the issue in a separate patch/commit (i.e. not just a new version of the same patch/commit), kindly add following tags | Reported-by: kernel test robot <lkp(a)intel.com> | Closes: https://lore.kernel.org/oe-kbuild-all/202405220709.iFr8nwBK-lkp@intel.com/ All warnings (new ones prefixed by >>): kernel/livepatch/core.c:97:12: warning: no previous prototype for function 'arch_klp_init_func' [-Wmissing-prototypes] 97 | int __weak arch_klp_init_func(struct klp_object *obj, struct klp_func *func) | ^ kernel/livepatch/core.c:97:1: note: declare 'static' if the function is not intended to be used outside of this translation unit 97 | int __weak arch_klp_init_func(struct klp_object *obj, struct klp_func *func) | ^ | static >> kernel/livepatch/core.c:216:13: warning: no previous prototype for function 'arch_klp_skip_resolve' [-Wmissing-prototypes] 216 | bool __weak arch_klp_skip_resolve(unsigned int type) | ^ kernel/livepatch/core.c:216:1: note: declare 'static' if the function is not intended to be used outside of this translation unit 216 | bool __weak arch_klp_skip_resolve(unsigned int type) | ^ | static kernel/livepatch/core.c:1767:12: warning: no previous prototype for function 'arch_klp_check_activeness_func' [-Wmissing-prototypes] 1767 | int __weak arch_klp_check_activeness_func(struct klp_func *func, int enable, | ^ kernel/livepatch/core.c:1767:1: note: declare 'static' if the function is not intended to be used outside of this translation unit 1767 | int __weak arch_klp_check_activeness_func(struct klp_func *func, int enable, | ^ | static kernel/livepatch/core.c:2022:14: warning: no previous prototype for function 'arch_klp_mem_alloc' [-Wmissing-prototypes] 2022 | void __weak *arch_klp_mem_alloc(size_t size) | ^ kernel/livepatch/core.c:2022:1: note: declare 'static' if the function is not intended to be used outside of this translation unit 2022 | void __weak *arch_klp_mem_alloc(size_t size) | ^ | static kernel/livepatch/core.c:2027:13: warning: no previous prototype for function 'arch_klp_mem_free' [-Wmissing-prototypes] 2027 | void __weak arch_klp_mem_free(void *mem) | ^ kernel/livepatch/core.c:2027:1: note: declare 'static' if the function is not intended to be used outside of this translation unit 2027 | void __weak arch_klp_mem_free(void *mem) | ^ | static kernel/livepatch/core.c:2063:13: warning: no previous prototype for function 'arch_klp_set_brk_func' [-Wmissing-prototypes] 2063 | void __weak arch_klp_set_brk_func(struct klp_func_node *func_node, void *new_func) | ^ kernel/livepatch/core.c:2063:1: note: declare 'static' if the function is not intended to be used outside of this translation unit 2063 | void __weak arch_klp_set_brk_func(struct klp_func_node *func_node, void *new_func) | ^ | static 6 warnings generated. Kconfig warnings: (for reference only) WARNING: unmet direct dependencies detected for DRM_I915_DEBUG_GEM Depends on [n]: HAS_IOMEM [=y] && DRM_I915 [=m] && EXPERT [=y] && DRM_I915_WERROR [=n] Selected by [m]: - DRM_I915_DEBUG [=y] && HAS_IOMEM [=y] && DRM_I915 [=m] && EXPERT [=y] && !COMPILE_TEST [=n] vim +/arch_klp_skip_resolve +216 kernel/livepatch/core.c 214 215 #ifdef CONFIG_LIVEPATCH_WO_FTRACE > 216 bool __weak arch_klp_skip_resolve(unsigned int type) 217 { 218 return false; 219 } 220 #endif 221 -- 0-DAY CI Kernel Test Service https://github.com/intel/lkp-tests/wiki

1 0

[openeuler:OLK-6.6 9639/9681] iommu.c:undefined reference to `iova_reserve_domain_addr'
by kernel test robot 22 May '24

22 May '24

tree: https://gitee.com/openeuler/kernel.git OLK-6.6 head: f3f9407325616af0ea4e2399d86d31f8571fa55f commit: 40c9fc02b0564bbcbc3fc6e14f3aea3639f0afa6 [9639/9681] iommu/vt-d: Add support for detecting ACPI namespace device in RMRR config: x86_64-buildonly-randconfig-006-20240521 (https://download.01.org/0day-ci/archive/20240522/202405220526.7luJhPRs-lkp@…) compiler: gcc-12 (Ubuntu 12.3.0-9ubuntu2) 12.3.0 reproduce (this is a W=1 build): (https://download.01.org/0day-ci/archive/20240522/202405220526.7luJhPRs-lkp@…) If you fix the issue in a separate patch/commit (i.e. not just a new version of the same patch/commit), kindly add following tags | Reported-by: kernel test robot <lkp(a)intel.com> | Closes: https://lore.kernel.org/oe-kbuild-all/202405220526.7luJhPRs-lkp@intel.com/ All errors (new ones prefixed by >>): ld: vmlinux.o: in function `iommu_create_device_direct_mappings': >> iommu.c:(.text+0x668a92): undefined reference to `iova_reserve_domain_addr' -- 0-DAY CI Kernel Test Service https://github.com/intel/lkp-tests/wiki

1 0

[openeuler:OLK-6.6 9619/9677] arch/x86/kernel/zhaoxin_kh40000.c:87:33: warning: initialization of 'struct iommu_domain *' from 'int' makes pointer from integer without a cast
by kernel test robot 22 May '24

22 May '24

tree: https://gitee.com/openeuler/kernel.git OLK-6.6 head: f3f9407325616af0ea4e2399d86d31f8571fa55f commit: 4332dbb07181359cccca3ba757ef54e434fb1296 [9619/9677] Add kh40000_direct_dma_ops for KH-40000 platform config: x86_64-randconfig-102-20240521 (https://download.01.org/0day-ci/archive/20240522/202405220034.VMppwRxc-lkp@…) compiler: gcc-10 (Ubuntu 10.5.0-1ubuntu1) 10.5.0 reproduce (this is a W=1 build): (https://download.01.org/0day-ci/archive/20240522/202405220034.VMppwRxc-lkp@…) If you fix the issue in a separate patch/commit (i.e. not just a new version of the same patch/commit), kindly add following tags | Reported-by: kernel test robot <lkp(a)intel.com> | Closes: https://lore.kernel.org/oe-kbuild-all/202405220034.VMppwRxc-lkp@intel.com/ All warnings (new ones prefixed by >>): arch/x86/kernel/zhaoxin_kh40000.c: In function 'kh40000_sync_single_dma_for_cpu': arch/x86/kernel/zhaoxin_kh40000.c:87:33: error: implicit declaration of function 'iommu_get_dma_domain'; did you mean 'iommu_is_dma_domain'? [-Werror=implicit-function-declaration] 87 | struct iommu_domain *domain = iommu_get_dma_domain(dev); | ^~~~~~~~~~~~~~~~~~~~ | iommu_is_dma_domain >> arch/x86/kernel/zhaoxin_kh40000.c:87:33: warning: initialization of 'struct iommu_domain *' from 'int' makes pointer from integer without a cast [-Wint-conversion] cc1: some warnings being treated as errors vim +87 arch/x86/kernel/zhaoxin_kh40000.c 64 65 static void kh40000_sync_single_dma_for_cpu(struct device *dev, dma_addr_t paddr, 66 enum dma_data_direction dir, bool is_iommu) 67 { 68 u8 vid; 69 struct pci_dev *pci; 70 u64 dma_mask = *dev->dma_mask; 71 72 /* check direction */ 73 if ((dir != DMA_FROM_DEVICE) && (dir != DMA_BIDIRECTIONAL)) 74 return; 75 76 /* check dma capability */ 77 if (dma_mask <= DMA_BIT_MASK(32)) 78 return; 79 80 /* check device type */ 81 pci = kh40000_get_pci_dev(dev); 82 if (pci == NULL) 83 return; 84 85 /* get real physical address */ 86 if (is_iommu) { > 87 struct iommu_domain *domain = iommu_get_dma_domain(dev); 88 89 paddr = iommu_iova_to_phys(domain, paddr); 90 if (!paddr) 91 return; 92 } 93 94 /* check node or not */ 95 if ((zhaoxin_patch_code & ZHAOXIN_P2CW_NODE_CHECK) 96 && pfn_to_nid(PFN_DOWN(paddr)) == dev_to_node(dev)) 97 return; 98 99 /* flush data by one pci read cycle */ 100 pci_read_config_byte(pci, PCI_VENDOR_ID, &vid); 101 } 102 -- 0-DAY CI Kernel Test Service https://github.com/intel/lkp-tests/wiki

1 0