From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id AF739158011 for ; Sun, 21 Aug 2022 16:54:27 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id F1139E0A02; Sun, 21 Aug 2022 16:54:26 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [IPv6:2001:470:ea4a:1:5054:ff:fec7:86e4]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id D6D3EE0A02 for ; Sun, 21 Aug 2022 16:54:26 +0000 (UTC) Received: from oystercatcher.gentoo.org (oystercatcher.gentoo.org [148.251.78.52]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTPS id E788234104A for ; Sun, 21 Aug 2022 16:54:25 +0000 (UTC) Received: from localhost.localdomain (localhost [IPv6:::1]) by oystercatcher.gentoo.org (Postfix) with ESMTP id 582FF52B for ; Sun, 21 Aug 2022 16:54:24 +0000 (UTC) From: "Mike Pagano" To: gentoo-commits@lists.gentoo.org Content-Transfer-Encoding: 8bit Content-type: text/plain; charset=UTF-8 Reply-To: gentoo-dev@lists.gentoo.org, "Mike Pagano" Message-ID: <1661100852.e6bb58bd953cb5e5e6168c1e1c5bce5383c507a7.mpagano@gentoo> Subject: [gentoo-commits] proj/linux-patches:5.18 commit in: / X-VCS-Repository: proj/linux-patches X-VCS-Files: 0000_README 1018_linux-5.18.19.patch X-VCS-Directories: / X-VCS-Committer: mpagano X-VCS-Committer-Name: Mike Pagano X-VCS-Revision: e6bb58bd953cb5e5e6168c1e1c5bce5383c507a7 X-VCS-Branch: 5.18 Date: Sun, 21 Aug 2022 16:54:24 +0000 (UTC) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-commits@lists.gentoo.org X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply X-Archives-Salt: e6eef534-82d6-485c-949d-e2e105b88746 X-Archives-Hash: 1266a94e64f0ccce05105543c4328ba1 commit: e6bb58bd953cb5e5e6168c1e1c5bce5383c507a7 Author: Mike Pagano gentoo org> AuthorDate: Sun Aug 21 16:54:12 2022 +0000 Commit: Mike Pagano gentoo org> CommitDate: Sun Aug 21 16:54:12 2022 +0000 URL: https://gitweb.gentoo.org/proj/linux-patches.git/commit/?id=e6bb58bd Linux patch 5.18.19 Signed-off-by: Mike Pagano gentoo.org> 0000_README | 4 + 1018_linux-5.18.19.patch | 331 +++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 335 insertions(+) diff --git a/0000_README b/0000_README index c9212ac7..b8b0f1ff 100644 --- a/0000_README +++ b/0000_README @@ -115,6 +115,10 @@ Patch: 1017_linux-5.18.18.patch From: http://www.kernel.org Desc: Linux 5.18.18 +Patch: 1018_linux-5.18.19.patch +From: http://www.kernel.org +Desc: Linux 5.18.19 + Patch: 1500_XATTR_USER_PREFIX.patch From: https://bugs.gentoo.org/show_bug.cgi?id=470644 Desc: Support for namespace user.pax.* on tmpfs. diff --git a/1018_linux-5.18.19.patch b/1018_linux-5.18.19.patch new file mode 100644 index 00000000..bb0c4371 --- /dev/null +++ b/1018_linux-5.18.19.patch @@ -0,0 +1,331 @@ +diff --git a/Makefile b/Makefile +index 23162e2bdf140..fc7efcdab0a27 100644 +--- a/Makefile ++++ b/Makefile +@@ -1,7 +1,7 @@ + # SPDX-License-Identifier: GPL-2.0 + VERSION = 5 + PATCHLEVEL = 18 +-SUBLEVEL = 18 ++SUBLEVEL = 19 + EXTRAVERSION = + NAME = Superb Owl + +diff --git a/arch/arm64/kernel/kexec_image.c b/arch/arm64/kernel/kexec_image.c +index 9ec34690e2551..5ed6a585f21fd 100644 +--- a/arch/arm64/kernel/kexec_image.c ++++ b/arch/arm64/kernel/kexec_image.c +@@ -14,7 +14,6 @@ + #include + #include + #include +-#include + #include + #include + #include +@@ -130,18 +129,10 @@ static void *image_load(struct kimage *image, + return NULL; + } + +-#ifdef CONFIG_KEXEC_IMAGE_VERIFY_SIG +-static int image_verify_sig(const char *kernel, unsigned long kernel_len) +-{ +- return verify_pefile_signature(kernel, kernel_len, NULL, +- VERIFYING_KEXEC_PE_SIGNATURE); +-} +-#endif +- + const struct kexec_file_ops kexec_image_ops = { + .probe = image_probe, + .load = image_load, + #ifdef CONFIG_KEXEC_IMAGE_VERIFY_SIG +- .verify_sig = image_verify_sig, ++ .verify_sig = kexec_kernel_verify_pe_sig, + #endif + }; +diff --git a/arch/x86/kernel/kexec-bzimage64.c b/arch/x86/kernel/kexec-bzimage64.c +index 170d0fd68b1f4..f299b48f9c9f0 100644 +--- a/arch/x86/kernel/kexec-bzimage64.c ++++ b/arch/x86/kernel/kexec-bzimage64.c +@@ -17,7 +17,6 @@ + #include + #include + #include +-#include + + #include + #include +@@ -528,28 +527,11 @@ static int bzImage64_cleanup(void *loader_data) + return 0; + } + +-#ifdef CONFIG_KEXEC_BZIMAGE_VERIFY_SIG +-static int bzImage64_verify_sig(const char *kernel, unsigned long kernel_len) +-{ +- int ret; +- +- ret = verify_pefile_signature(kernel, kernel_len, +- VERIFY_USE_SECONDARY_KEYRING, +- VERIFYING_KEXEC_PE_SIGNATURE); +- if (ret == -ENOKEY && IS_ENABLED(CONFIG_INTEGRITY_PLATFORM_KEYRING)) { +- ret = verify_pefile_signature(kernel, kernel_len, +- VERIFY_USE_PLATFORM_KEYRING, +- VERIFYING_KEXEC_PE_SIGNATURE); +- } +- return ret; +-} +-#endif +- + const struct kexec_file_ops kexec_bzImage64_ops = { + .probe = bzImage64_probe, + .load = bzImage64_load, + .cleanup = bzImage64_cleanup, + #ifdef CONFIG_KEXEC_BZIMAGE_VERIFY_SIG +- .verify_sig = bzImage64_verify_sig, ++ .verify_sig = kexec_kernel_verify_pe_sig, + #endif + }; +diff --git a/drivers/tee/tee_shm.c b/drivers/tee/tee_shm.c +index f31e29e8f1cac..b55d4c733fa8a 100644 +--- a/drivers/tee/tee_shm.c ++++ b/drivers/tee/tee_shm.c +@@ -311,6 +311,9 @@ struct tee_shm *tee_shm_register_user_buf(struct tee_context *ctx, + void *ret; + int id; + ++ if (!access_ok((void __user *)addr, length)) ++ return ERR_PTR(-EFAULT); ++ + mutex_lock(&teedev->mutex); + id = idr_alloc(&teedev->idr, NULL, 1, 0, GFP_KERNEL); + mutex_unlock(&teedev->mutex); +diff --git a/fs/btrfs/raid56.c b/fs/btrfs/raid56.c +index 0e239a4c3b264..39c4c513bf979 100644 +--- a/fs/btrfs/raid56.c ++++ b/fs/btrfs/raid56.c +@@ -323,6 +323,9 @@ static void merge_rbio(struct btrfs_raid_bio *dest, + { + bio_list_merge(&dest->bio_list, &victim->bio_list); + dest->bio_list_bytes += victim->bio_list_bytes; ++ /* Also inherit the bitmaps from @victim. */ ++ bitmap_or(dest->dbitmap, victim->dbitmap, dest->dbitmap, ++ dest->stripe_npages); + dest->generic_bio_cnt += victim->generic_bio_cnt; + bio_list_init(&victim->bio_list); + } +@@ -864,6 +867,12 @@ static void rbio_orig_end_io(struct btrfs_raid_bio *rbio, blk_status_t err) + + if (rbio->generic_bio_cnt) + btrfs_bio_counter_sub(rbio->bioc->fs_info, rbio->generic_bio_cnt); ++ /* ++ * Clear the data bitmap, as the rbio may be cached for later usage. ++ * do this before before unlock_stripe() so there will be no new bio ++ * for this bio. ++ */ ++ bitmap_clear(rbio->dbitmap, 0, rbio->stripe_npages); + + /* + * At this moment, rbio->bio_list is empty, however since rbio does not +@@ -1195,6 +1204,9 @@ static noinline void finish_rmw(struct btrfs_raid_bio *rbio) + else + BUG(); + ++ /* We should have at least one data sector. */ ++ ASSERT(bitmap_weight(rbio->dbitmap, rbio->stripe_npages)); ++ + /* at this point we either have a full stripe, + * or we've read the full stripe from the drive. + * recalculate the parity and write the new results. +@@ -1266,6 +1278,11 @@ static noinline void finish_rmw(struct btrfs_raid_bio *rbio) + for (stripe = 0; stripe < rbio->real_stripes; stripe++) { + for (pagenr = 0; pagenr < rbio->stripe_npages; pagenr++) { + struct page *page; ++ ++ /* This vertical stripe has no data, skip it. */ ++ if (!test_bit(pagenr, rbio->dbitmap)) ++ continue; ++ + if (stripe < rbio->nr_data) { + page = page_in_rbio(rbio, stripe, pagenr, 1); + if (!page) +@@ -1290,6 +1307,11 @@ static noinline void finish_rmw(struct btrfs_raid_bio *rbio) + + for (pagenr = 0; pagenr < rbio->stripe_npages; pagenr++) { + struct page *page; ++ ++ /* This vertical stripe has no data, skip it. */ ++ if (!test_bit(pagenr, rbio->dbitmap)) ++ continue; ++ + if (stripe < rbio->nr_data) { + page = page_in_rbio(rbio, stripe, pagenr, 1); + if (!page) +@@ -1713,6 +1735,33 @@ static void btrfs_raid_unplug(struct blk_plug_cb *cb, bool from_schedule) + run_plug(plug); + } + ++/* Add the original bio into rbio->bio_list, and update rbio::dbitmap. */ ++static void rbio_add_bio(struct btrfs_raid_bio *rbio, struct bio *orig_bio) ++{ ++ const struct btrfs_fs_info *fs_info = rbio->bioc->fs_info; ++ const u64 orig_logical = orig_bio->bi_iter.bi_sector << SECTOR_SHIFT; ++ const u64 full_stripe_start = rbio->bioc->raid_map[0]; ++ const u32 orig_len = orig_bio->bi_iter.bi_size; ++ const u32 sectorsize = fs_info->sectorsize; ++ u64 cur_logical; ++ ++ ASSERT(orig_logical >= full_stripe_start && ++ orig_logical + orig_len <= full_stripe_start + ++ rbio->nr_data * rbio->stripe_len); ++ ++ bio_list_add(&rbio->bio_list, orig_bio); ++ rbio->bio_list_bytes += orig_bio->bi_iter.bi_size; ++ ++ /* Update the dbitmap. */ ++ for (cur_logical = orig_logical; cur_logical < orig_logical + orig_len; ++ cur_logical += sectorsize) { ++ int bit = ((u32)(cur_logical - full_stripe_start) >> ++ fs_info->sectorsize_bits) % rbio->stripe_npages; ++ ++ set_bit(bit, rbio->dbitmap); ++ } ++} ++ + /* + * our main entry point for writes from the rest of the FS. + */ +@@ -1730,9 +1779,8 @@ int raid56_parity_write(struct bio *bio, struct btrfs_io_context *bioc, + btrfs_put_bioc(bioc); + return PTR_ERR(rbio); + } +- bio_list_add(&rbio->bio_list, bio); +- rbio->bio_list_bytes = bio->bi_iter.bi_size; + rbio->operation = BTRFS_RBIO_WRITE; ++ rbio_add_bio(rbio, bio); + + btrfs_bio_counter_inc_noblocked(fs_info); + rbio->generic_bio_cnt = 1; +@@ -2036,9 +2084,12 @@ static int __raid56_parity_recover(struct btrfs_raid_bio *rbio) + atomic_set(&rbio->error, 0); + + /* +- * read everything that hasn't failed. Thanks to the +- * stripe cache, it is possible that some or all of these +- * pages are going to be uptodate. ++ * Read everything that hasn't failed. However this time we will ++ * not trust any cached sector. ++ * As we may read out some stale data but higher layer is not reading ++ * that stale part. ++ * ++ * So here we always re-read everything in recovery path. + */ + for (stripe = 0; stripe < rbio->real_stripes; stripe++) { + if (rbio->faila == stripe || rbio->failb == stripe) { +@@ -2047,16 +2098,6 @@ static int __raid56_parity_recover(struct btrfs_raid_bio *rbio) + } + + for (pagenr = 0; pagenr < rbio->stripe_npages; pagenr++) { +- struct page *p; +- +- /* +- * the rmw code may have already read this +- * page in +- */ +- p = rbio_stripe_page(rbio, stripe, pagenr); +- if (PageUptodate(p)) +- continue; +- + ret = rbio_add_io_page(rbio, &bio_list, + rbio_stripe_page(rbio, stripe, pagenr), + stripe, pagenr, rbio->stripe_len); +@@ -2134,8 +2175,7 @@ int raid56_parity_recover(struct bio *bio, struct btrfs_io_context *bioc, + } + + rbio->operation = BTRFS_RBIO_READ_REBUILD; +- bio_list_add(&rbio->bio_list, bio); +- rbio->bio_list_bytes = bio->bi_iter.bi_size; ++ rbio_add_bio(rbio, bio); + + rbio->faila = find_logical_bio_stripe(rbio, bio); + if (rbio->faila == -1) { +diff --git a/include/linux/kexec.h b/include/linux/kexec.h +index f3e7680befcc4..6a349ef1619f6 100644 +--- a/include/linux/kexec.h ++++ b/include/linux/kexec.h +@@ -19,6 +19,7 @@ + #include + + #include ++#include + + /* Location of a reserved region to hold the crash kernel. + */ +@@ -212,6 +213,12 @@ static inline void *arch_kexec_kernel_image_load(struct kimage *image) + } + #endif + ++#ifdef CONFIG_KEXEC_SIG ++#ifdef CONFIG_SIGNED_PE_FILE_VERIFICATION ++int kexec_kernel_verify_pe_sig(const char *kernel, unsigned long kernel_len); ++#endif ++#endif ++ + extern int kexec_add_buffer(struct kexec_buf *kbuf); + int kexec_locate_mem_hole(struct kexec_buf *kbuf); + +diff --git a/kernel/kexec_file.c b/kernel/kexec_file.c +index ad005cd184a47..cc3179140a9f9 100644 +--- a/kernel/kexec_file.c ++++ b/kernel/kexec_file.c +@@ -123,6 +123,23 @@ void kimage_file_post_load_cleanup(struct kimage *image) + } + + #ifdef CONFIG_KEXEC_SIG ++#ifdef CONFIG_SIGNED_PE_FILE_VERIFICATION ++int kexec_kernel_verify_pe_sig(const char *kernel, unsigned long kernel_len) ++{ ++ int ret; ++ ++ ret = verify_pefile_signature(kernel, kernel_len, ++ VERIFY_USE_SECONDARY_KEYRING, ++ VERIFYING_KEXEC_PE_SIGNATURE); ++ if (ret == -ENOKEY && IS_ENABLED(CONFIG_INTEGRITY_PLATFORM_KEYRING)) { ++ ret = verify_pefile_signature(kernel, kernel_len, ++ VERIFY_USE_PLATFORM_KEYRING, ++ VERIFYING_KEXEC_PE_SIGNATURE); ++ } ++ return ret; ++} ++#endif ++ + static int kexec_image_verify_sig(struct kimage *image, void *buf, + unsigned long buf_len) + { +diff --git a/net/sched/cls_route.c b/net/sched/cls_route.c +index 3f935cbbaff66..48712bc51bda7 100644 +--- a/net/sched/cls_route.c ++++ b/net/sched/cls_route.c +@@ -424,6 +424,11 @@ static int route4_set_parms(struct net *net, struct tcf_proto *tp, + return -EINVAL; + } + ++ if (!nhandle) { ++ NL_SET_ERR_MSG(extack, "Replacing with handle of 0 is invalid"); ++ return -EINVAL; ++ } ++ + h1 = to_hash(nhandle); + b = rtnl_dereference(head->table[h1]); + if (!b) { +@@ -477,6 +482,11 @@ static int route4_change(struct net *net, struct sk_buff *in_skb, + int err; + bool new = true; + ++ if (!handle) { ++ NL_SET_ERR_MSG(extack, "Creating with handle of 0 is invalid"); ++ return -EINVAL; ++ } ++ + if (opt == NULL) + return handle ? -EINVAL : 0; +