Select Git revision
Search by author
- Any Author
- authors
-
72162444 72162444 gaochangning
-
Aakash Dave aakash.dave
-
Aaron Kim akim
-
Aaron Kloc akloc
-
Aaron Lan aaron.lan
-
Aaron Nabil aaronna
-
Aaron Pohle aaron.pohle
-
Abbott Chung chung.abbott
-
Abdallah Omar abdallah_omar
-
Abdessamii Chalbi abdessamii.chalbi
-
Abdul Hussain Sirajudeen abdul.hussain
-
Abdullah Alghamdi a.alghamdi
-
Abdullah Elmarghany abdullah_elmarghany
-
Abel Fang abel_fang
-
Abel Vesa
abel.vesa
-
Abhijeet Badurkar abhijeet.badurkar
-
Abhijit Adsule adsule
-
Abhijit Murthy abhijit
-
Abhi Khanal akhanal
-
Abhilash Sahoo abhilashsahoo
- May 10, 2022
-
-
Ondrej Mosnacek authored
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2083580 commit cbfcd13b Author: Ondrej Mosnacek <omosnace@redhat.com> Date: Wed Jul 28 16:03:13 2021 +0200 selinux: fix race condition when computing ocontext SIDs Current code contains a lot of racy patterns when converting an ocontext's context structure to an SID. This is being done in a "lazy" fashion, such that the SID is looked up in the SID table only when it's first needed and then cached in the "sid" field of the ocontext structure. However, this is done without any locking or memory barriers and is thus unsafe. Between commits 24ed7fda ("selinux: use separate table for initial SID lookup") and 66f8e2f0 ("selinux: sidtab reverse lookup hash table"), this race condition lead to an actual observable bug, because a pointer to the shared sid field was passed directly to sidtab_context_to_sid(), which was using this location to also store an intermediate value, which could have been read by other threads and interpreted as an SID. In practice this caused e.g. new mounts to get a wrong (seemingly random) filesystem context, leading to strange denials. This bug has been spotted in the wild at least twice, see [1] and [2]. Fix the race condition by making all the racy functions use a common helper that ensures the ocontext::sid accesses are made safely using the appropriate SMP constructs. Note that security_netif_sid() was populating the sid field of both contexts stored in the ocontext, but only the first one was actually used. The SELinux wiki's documentation on the "netifcon" policy statement [3] suggests that using only the first context is intentional. I kept only the handling of the first context here, as there is really no point in doing the SID lookup for the unused one. I wasn't able to reproduce the bug mentioned above on any kernel that includes commit 66f8e2f0, even though it has been reported that the issue occurs with that commit, too, just less frequently. Thus, I wasn't able to verify that this patch fixes the issue, but it makes sense to avoid the race condition regardless. [1] https://github.com/containers/container-selinux/issues/89 [2] https://lists.fedoraproject.org/archives/list/selinux@lists.fedoraproject.org/thread/6DMTAMHIOAOEMUAVTULJD45JZU7IBAFM/ [3] https://selinuxproject.org/page/NetworkStatements#netifcon Cc: stable@vger.kernel.org Cc: Xinjie Zheng <xinjie@google.com> Reported-by:
Sujithra Periasamy <sujithra@google.com> Fixes: 1da177e4 ("Linux-2.6.12-rc2") Signed-off-by:
Ondrej Mosnacek <omosnace@redhat.com> Signed-off-by:
Paul Moore <paul@paul-moore.com> Signed-off-by:
-
Ondrej Mosnacek authored
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2083580 commit 4342f705 Author: Florian Westphal <fw@strlen.de> Date: Mon Oct 11 22:22:29 2021 +0200 selinux: remove unneeded ipv6 hook wrappers Netfilter places the protocol number the hook function is getting called from in state->pf, so we can use that instead of an extra wrapper. While at it, remove one-line wrappers too and make selinux_ip_{out,forward,postroute} useable as hook function. Signed-off-by:
Florian Westphal <fw@strlen.de> Message-Id: <20211011202229.28289-1-fw@strlen.de> Signed-off-by:
-
Ondrej Mosnacek authored
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2083580 commit e052826f Author: Masahiro Yamada <masahiroy@kernel.org> Date: Sat May 29 03:01:40 2021 +0900 security: remove unneeded subdir-$(CONFIG_...) All of these are unneeded. The directories to descend are specified by obj-$(CONFIG_...). Signed-off-by:
Masahiro Yamada <masahiroy@kernel.org> Signed-off-by:
-
Ondrej Mosnacek authored
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2083580 commit 893c47d1 Author: Austin Kim <austin.kim@lge.com> Date: Wed Jul 14 01:11:27 2021 +0100 selinux: return early for possible NULL audit buffers audit_log_start() may return NULL in below cases: - when audit is not initialized. - when audit backlog limit exceeds. After the call to audit_log_start() is made and then possible NULL audit buffer argument is passed to audit_log_*() functions, audit_log_*() functions return immediately in case of a NULL audit buffer argument. But it is optimal to return early when audit_log_start() returns NULL, because it is not necessary for audit_log_*() functions to be called with NULL audit buffer argument. So add exception handling for possible NULL audit buffers where return value can be handled from callers. Signed-off-by:
Austin Kim <austin.kim@lge.com> [PM: tweak subject line] Signed-off-by:
-
- May 09, 2022
-
-
Patrick Talbert authored
Signed-off-by:Patrick Talbert <ptalbert@redhat.com>
-
Patrick Talbert authored
MR: https://gitlab.com/redhat/centos-stream/src/kernel/centos-stream-9/-/merge_requests/840 Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2065179 Signed-off-by:
Michael Petlan <mpetlan@redhat.com> Approved-by:
Vladis Dronov <vdronov@redhat.com> Approved-by:
Čestmír Kalina <ckalina@redhat.com> Signed-off-by:
-
Patrick Talbert authored
MR: https://gitlab.com/redhat/centos-stream/src/kernel/centos-stream-9/-/merge_requests/816 Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2081260 Tested: Just build... no functional change. - `254ec036 ("net: make use of helper netif_is_bridge_master()")` Signed-off-by:
Ivan Vecera <ivecera@redhat.com> Approved-by:
Petr Oros <poros@redhat.com> Approved-by:
Jarod Wilson <jarod@redhat.com> Signed-off-by:
-
Patrick Talbert authored
MR: https://gitlab.com/redhat/centos-stream/src/kernel/centos-stream-9/-/merge_requests/803 Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2080384 Tested: basic IPsec tests Signed-off-by:
Sabrina Dubroca <sdubroca@redhat.com> Approved-by:
Xin Long <lxin@redhat.com> Approved-by:
-
Patrick Talbert authored
MR: https://gitlab.com/redhat/centos-stream/src/kernel/centos-stream-9/-/merge_requests/800 Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2080356 Tested: selftests Signed-off-by:
-
Patrick Talbert authored
MR: https://gitlab.com/redhat/centos-stream/src/kernel/centos-stream-9/-/merge_requests/799 Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2080352 Tested: basic macsec tests Signed-off-by:
-
Patrick Talbert authored
MR: https://gitlab.com/redhat/centos-stream/src/kernel/centos-stream-9/-/merge_requests/790 Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2069957 Tested: compile only Signed-off-by:
Hangbin Liu <haliu@redhat.com> Signed-off-by:
-
Patrick Talbert authored
MR: https://gitlab.com/redhat/centos-stream/src/kernel/centos-stream-9/-/merge_requests/788 Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2054658 CVE: CVE-2022-0617 Tested: xfstests and reproducer Signed-off-by:
Carlos Maiolino <cmaiolino@redhat.com> Approved-by:
Ian Kent <ikent@redhat.com> Approved-by:
Eric Sandeen <esandeen@redhat.com> Signed-off-by:
-
Patrick Talbert authored
MR: https://gitlab.com/redhat/centos-stream/src/kernel/centos-stream-9/-/merge_requests/786 Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1997373 commit f5d0f921 because the copychunk_write might cover a region of the file that has not yet been sent to the server and thus fail. A simple way to reproduce this is: truncate -s 0 /mnt/testfile; strace -f -o x -ttT xfs_io -i -f -c 'pwrite 0k 128k' -c 'fcollapse 16k 24k' /mnt/testfile the issue is that the 'pwrite 0k 128k' becomes rearranged on the wire with the 'fcollapse 16k 24k' due to write-back caching. fcollapse is implemented in cifs.ko as a SMB2 IOCTL(COPYCHUNK_WRITE) call and it will fail serverside since the file is still 0b in size serverside until the writes have been destaged. To avoid this we must ensure that we destage any unwritten data to the server before calling COPYCHUNK_WRITE. Reported-by:
Xiaoli Feng <xifeng@redhat.com> Signed-off-by:
Ronnie Sahlberg <lsahlber@redhat.com> Signed-off-by:
Steve French <stfrench@microsoft.com> (cherry picked from commit f5d0f921) Signed-off-by:
Benjamin Coddington <bcodding@redhat.com> Approved-by:
Scott Mayhew <smayhew@redhat.com> Signed-off-by:
-
Patrick Talbert authored
MR: https://gitlab.com/redhat/centos-stream/src/kernel/centos-stream-9/-/merge_requests/784 Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2078894 Tested: Verified using xdpsock test program - `d1bc532e ("i40e: xsk: Move tmp desc array from driver to pool")` Signed-off-by:
Jiri Benc <jbenc@redhat.com> Approved-by:
Kamal Heib <kheib@redhat.com> Approved-by:
Íñigo Huguet <ihuguet@redhat.com> Approved-by:
José Ignacio Tornos Martínez <jtornosm@redhat.com> Signed-off-by:
-
Patrick Talbert authored
MR: https://gitlab.com/redhat/centos-stream/src/kernel/centos-stream-9/-/merge_requests/783 Bugzilla: https://bugzilla.redhat.com/2078897 kernel-rt requires these commits. These are straight forward commits that should not cause any differences in kernel behavior, and can be tested as "sanity only". Signed-off-by:
Prarit Bhargava <prarit@redhat.com> Approved-by:
David Arcari <darcari@redhat.com> Approved-by:
Fernando Pacheco <fpacheco@redhat.com> Approved-by:
Mark Langsdorf <mlangsdo@redhat.com> Signed-off-by:
-
Patrick Talbert authored
MR: https://gitlab.com/redhat/centos-stream/src/kernel/centos-stream-9/-/merge_requests/780 Description: Updates for intel_pstate Bugzilla: http://bugzilla.redhat.com/2072886 Build Info: https://brewweb.engineering.redhat.com/brew/taskinfo?taskID=44863298 Tested: I did sanity testing using platform engineering test suite on (intel-alderlake-s-iotg-02) system. Signed-off-by:
Steve Best <sbest@redhat.com> Approved-by:
-
Patrick Talbert authored
MR: https://gitlab.com/redhat/centos-stream/src/kernel/centos-stream-9/-/merge_requests/760 Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2077436 Tested: Under x86-64. Verified that /sys/device/system/memory*/valid_zones is as expected. Hot(un)plugged memory and verified that it works as expected and that "valid_zones" is updated accordingly. Conflicts: Cherry picks with some auto merges -- so essentially no real conflicts test_pages_in_a_zone() is just another nasty PFN walker that can easily stumble over ZONE_DEVICE memory ranges falling into the same memory block as ordinary system RAM: the memmap of parts of these ranges might possibly be uninitialized. In fact, we observed (on an older kernel) with UBSAN: UBSAN: Undefined behaviour in ./include/linux/mm.h:1133:50 index 7 is out of range for type 'zone [5]' CPU: 121 PID: 35603 Comm: read_all Kdump: loaded Tainted: [...] Hardware name: Dell Inc. PowerEdge R7425/08V001, BIOS 1.12.2 11/15/2019 Call Trace: dump_stack+0x9a/0xf0 ubsan_epilogue+0x9/0x7a __ubsan_handle_out_of_bounds+0x13a/0x181 test_pages_in_a_zone+0x3c4/0x500 show_valid_zones+0x1fa/0x380 dev_attr_show+0x43/0xb0 sysfs_kf_seq_show+0x1c5/0x440 seq_read+0x49d/0x1190 vfs_read+0xff/0x300 ksys_read+0xb8/0x170 do_syscall_64+0xa5/0x4b0 entry_SYSCALL_64_after_hwframe+0x6a/0xdf RIP: 0033:0x7f01f4439b52 Let's just get rid of this PFN walker and determine the single zone of a memory block -- if any -- for early memory blocks during boot. For memory onlining, we know the single zone already. Let's avoid any additional memmap scanning and just rely on the zone information available during boot. Signed-off-by:
David Hildenbrand <david@redhat.com> Approved-by:
Donald Dutile <ddutile@redhat.com> Approved-by:
-
Patrick Talbert authored
MR: https://gitlab.com/redhat/centos-stream/src/kernel/centos-stream-9/-/merge_requests/752 Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2075183 Tested: compile only CVE: CVE-2022-1353 commit 9a564bcc Author: Haimin Zhang <tcs_kernel@tencent.com> Date: Tue Mar 8 11:20:28 2022 +0800 af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register Add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register to initialize the buffer of supp_skb to fix a kernel-info-leak issue. 1) Function pfkey_register calls compose_sadb_supported to request a sk_buff. 2) compose_sadb_supported calls alloc_sbk to allocate a sk_buff, but it doesn't zero it. 3) If auth_len is greater 0, then compose_sadb_supported treats the memory as a struct sadb_supported and begins to initialize. But it just initializes the field sadb_supported_len and field sadb_supported_exttype without field sadb_supported_reserved. Reported-by:
TCS Robot <tcs_robot@tencent.com> Signed-off-by:
Haimin Zhang <tcs_kernel@tencent.com> Signed-off-by:
Steffen Klassert <steffen.klassert@secunet.com> Signed-off-by:
Marcelo Ricardo Leitner <mleitner@redhat.com> Approved-by:
-
Patrick Talbert authored
MR: https://gitlab.com/redhat/centos-stream/src/kernel/centos-stream-9/-/merge_requests/734 Bugzilla: https://bugzilla.redhat.com/2051908 Upstream: Linus's tree There's no conflict. This back ports upstream commits to synchronize upstream changes with rhel9 happened in fs/proc/vmcore.c. Signed-off-by:
Baoquan He <bhe@redhat.com> Approved-by:
Philipp Rudo <prudo@redhat.com> Approved-by:
-
Patrick Talbert authored
MR: https://gitlab.com/redhat/centos-stream/src/kernel/centos-stream-9/-/merge_requests/718 Bugzilla: http://bugzilla.redhat.com/2004230 Patches 1, 42 and 49 are preparatory patches. Patches 17, 54-56 are selftest patches. Patches 13-16, 21, 35, 38-41, 59, 69-72, 84 and 85 are documentation patches. Patch 86 enables the necessary configs Signed-off-by:
Chris von Recklinghausen <crecklin@redhat.com> Approved-by:
Torez Smith <torez@redhat.com> Approved-by:
John W. Linville <linville@redhat.com> Approved-by:
Waiman Long <longman@redhat.com> Approved-by:
Lyude Paul <lyude@redhat.com> Signed-off-by:
-
Patrick Talbert authored
MR: https://gitlab.com/redhat/centos-stream/src/kernel/centos-stream-9/-/merge_requests/690 Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2013413 MR: https://gitlab.com/redhat/centos-stream/src/kernel/centos-stream-9/-/merge_requests/690 Omitted-fix: b9663a6f ("tools: Add kmem_cache_alloc_lru()") The tools/include/linux/slab.h and the radix-tree tests have not been merged into CS9 yet. This MR backports the upstream patch series "Optimize list lru memory consumption" to reduce memory consumption of kmalloc-32 slab cache on systems with a large number of memory cgroups (containers). In the extreme case, this patch series can save GBs of memory. Signed-off-by:
Aristeu Rozanski <arozansk@redhat.com> Approved-by:
Rafael Aquini <aquini@redhat.com> Approved-by:
Phil Auld <pauld@redhat.com> Signed-off-by:
-
Patrick Talbert authored
MR: https://gitlab.com/redhat/centos-stream/src/kernel/centos-stream-9/-/merge_requests/682 Kfence allows for a low overhead memory error detection system that can be deployed in production. By enabling this feature we allow for better and quicker bug reporting/fixing. the Kscale team has done some performance testing and have concluded there is no noticable performance impact. Upstream-status: RHEL-only Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2072662 Signed-off-by:
Nico Pache <npache@redhat.com> Approved-by:
-
Patrick Talbert authored
MR: https://gitlab.com/redhat/centos-stream/src/kernel/centos-stream-9/-/merge_requests/632 Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2048823 Added two more patches for multichannel. Signed-off-by:
-
- May 06, 2022
-
-
Michael Petlan authored
Bugzilla: https://bugzilla.redhat.com/2065179 upstream ======== commit 3e6b43be Author: Michael Petlan <mpetlan@redhat.com> Date: Tue Apr 5 00:15:41 2022 +0200 description =========== The `perf --list-cmds` output prints only internal commands, although there is no reason for that from users' perspective. Adding the external commands to commands array with NULL function pointer allows printing all perf commands while not changing the logic of command handler selection. Link: https://lore.kernel.org/r/20220404221541.30312-2-mpetlan@redhat.com Signed-off-by:
-
Michael Petlan authored
Bugzilla: https://bugzilla.redhat.com/2065179 upstream ======== commit 0ff26efe Author: Michael Petlan <mpetlan@redhat.com> Date: Tue Apr 5 00:15:40 2022 +0200 description =========== Link: https://lore.kernel.org/r/20220404221541.30312-1-mpetlan@redhat.com Signed-off-by:
-
Patrick Talbert authored
Signed-off-by: -
Patrick Talbert authored
MR: https://gitlab.com/redhat/centos-stream/src/kernel/centos-stream-9/-/merge_requests/796 Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2070018 Upstream Status: RHEL only Tested: sanity only ark commit: ab617c91f52f842afb49f3a2e2f5dd4c921dd841 The config was enabled both in ark and RHEL8 for the following reason: If you have a Logitech gamepad with force feedback, RHEL or CentOS won't load it because LOGITECH_FF is disabled. I tried to initiate a fix upstream which went nowhere. Given that INPUT_FF_MEMLESS is already enabled for RHEL, there is no strong push back to enable it for Logitech devices too. Signed-off-by:
Benjamin Tissoires <benjamin.tissoires@redhat.com> Approved-by:
Tony Camuso <tcamuso@redhat.com> Signed-off-by:
-
Patrick Talbert authored
MR: https://gitlab.com/redhat/centos-stream/src/kernel/centos-stream-9/-/merge_requests/785 Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2040238 Upstream Status: linux.git commit 726e2c59 Author: Guillaume Nault <gnault@redhat.com> Date: Wed Apr 6 16:18:54 2022 +0200 veth: Ensure eth header is in skb's linear part After feeding a decapsulated packet to a veth device with act_mirred, skb_headlen() may be 0. But veth_xmit() calls __dev_forward_skb(), which expects at least ETH_HLEN byte of linear data (as __dev_forward_skb2() calls eth_type_trans(), which pulls ETH_HLEN bytes unconditionally). Use pskb_may_pull() to ensure veth_xmit() respects this constraint. kernel BUG at include/linux/skbuff.h:2328! RIP: 0010:eth_type_trans+0xcf/0x140 Call Trace: <IRQ> __dev_forward_skb2+0xe3/0x160 veth_xmit+0x6e/0x250 [veth] dev_hard_start_xmit+0xc7/0x200 __dev_queue_xmit+0x47f/0x520 ? skb_ensure_writable+0x85/0xa0 ? skb_mpls_pop+0x98/0x1c0 tcf_mirred_act+0x442/0x47e [act_mirred] tcf_action_exec+0x86/0x140 fl_classify+0x1d8/0x1e0 [cls_flower] ? dma_pte_clear_level+0x129/0x1a0 ? dma_pte_clear_level+0x129/0x1a0 ? prb_fill_curr_block+0x2f/0xc0 ? skb_copy_bits+0x11a/0x220 __tcf_classify+0x58/0x110 tcf_classify_ingress+0x6b/0x140 __netif_receive_skb_core.constprop.0+0x47d/0xfd0 ? __iommu_dma_unmap_swiotlb+0x44/0x90 __netif_receive_skb_one_core+0x3d/0xa0 netif_receive_skb+0x116/0x170 be_process_rx+0x22f/0x330 [be2net] be_poll+0x13c/0x370 [be2net] __napi_poll+0x2a/0x170 net_rx_action+0x22f/0x2f0 __do_softirq+0xca/0x2a8 __irq_exit_rcu+0xc1/0xe0 common_interrupt+0x83/0xa0 Fixes: e314dbdc ("[NET]: Virtual ethernet device driver.") Signed-off-by:
Guillaume Nault <gnault@redhat.com> Signed-off-by:
David S. Miller <davem@davemloft.net> Signed-off-by:
Davide Caratti <dcaratti@redhat.com> Approved-by:
-
Patrick Talbert authored
MR: https://gitlab.com/redhat/centos-stream/src/kernel/centos-stream-9/-/merge_requests/778 Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2078776 Tested: Just build... no relevant code change (new enums and structs) - `5bf84b29 ("virtchnl: Remove unused VIRTCHNL_VF_OFFLOAD_RSVD define")` - `4a15022f ("virtchnl: Use the BIT() macro for capability/offload flags")` - `bd0b536d ("virtchnl: Add support for new VLAN capabilities")` Signed-off-by:
Josef Oškera <joskera@redhat.com> Approved-by:
-
Patrick Talbert authored
MR: https://gitlab.com/redhat/centos-stream/src/kernel/centos-stream-9/-/merge_requests/777 Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2078759 Tested: Build-only (no way to test) - `13244ccc ("skbuff: introduce skb_pull_data")` Signed-off-by:
-
Patrick Talbert authored
MR: https://gitlab.com/redhat/centos-stream/src/kernel/centos-stream-9/-/merge_requests/750 Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2069070 Signed-off-by:
Yauheni Kaliuta <ykaliuta@redhat.com> Signed-off-by:
-
Patrick Talbert authored
MR: https://gitlab.com/redhat/centos-stream/src/kernel/centos-stream-9/-/merge_requests/715 Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2074302 Signed-off-by:
-
Patrick Talbert authored
MR: https://gitlab.com/redhat/centos-stream/src/kernel/centos-stream-9/-/merge_requests/704 Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2054023 Tested: compile only Signed-off-by:
Antoine Tenart <atenart@redhat.com> Approved-by:
-
Patrick Talbert authored
MR: https://gitlab.com/redhat/centos-stream/src/kernel/centos-stream-9/-/merge_requests/692 Bugzilla: https://bugzilla.redhat.com/1971962 Bugzilla: https://bugzilla.redhat.com/1973884 Bugzilla: https://bugzilla.redhat.com/2004573 Bugzilla: https://bugzilla.redhat.com/2040041 Bugzilla: https://bugzilla.redhat.com/2040044 Bugzilla: https://bugzilla.redhat.com/2040046 Bugzilla: https://bugzilla.redhat.com/2040048 Bugzilla: https://bugzilla.redhat.com/2040052 Bugzilla: https://bugzilla.redhat.com/2040496 Bugzilla: https://bugzilla.redhat.com/2046470 Bugzilla: https://bugzilla.redhat.com/2072168 Testing: ran dsa_user_test_runner.sh on sapphire rapids system. Intel is also testing. Conflicts: Should be noted in the individual commits. As with RHEL8 MR, the are a couple conflicts that were caused by having to deal with cleanups that were done in the upstream merge commits. One RH_KABI work around to task_struct. The end result was compared with upstream and the only difference is due to a patch changing a callback function to void not being backported, since the general kernel patch for that hasn't been backported. This patchset updates the idxd driver to 5.18, and also pulls in upstream fixes to re-enable ENQCMD feature support. Signed-off-by:
Jerry Snitselaar <jsnitsel@redhat.com> Approved-by:
Myron Stowe <mstowe@redhat.com> Approved-by:
Dean Nelson <dnelson@redhat.com> Approved-by:
-
Patrick Talbert authored
MR: https://gitlab.com/redhat/centos-stream/src/kernel/centos-stream-9/-/merge_requests/684 Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2069567 Tested: Sanity only, new unused macros ``` commit 3080ea55 Author: Kees Cook <keescook@chromium.org> Date: Mon Aug 9 11:21:23 2021 -0700 stddef: Introduce DECLARE_FLEX_ARRAY() helper There are many places where kernel code wants to have several different typed trailing flexible arrays. This would normally be done with multiple flexible arrays in a union, but since GCC and Clang don't (on the surface) allow this, there have been many open-coded workarounds, usually involving neighboring 0-element arrays at the end of a structure. For example, instead of something like this: struct thing { ... union { struct type1 foo[]; struct type2 bar[]; }; }; code works around the compiler with: struct thing { ... struct type1 foo[0]; struct type2 bar[]; }; Another case is when a flexible array is wanted as the single member within a struct (which itself is usually in a union). For example, this would be worked around as: union many { ... struct { struct type3 baz[0]; }; }; These kinds of work-arounds cause problems with size checks against such zero-element arrays (for example when building with -Warray-bounds and -Wzero-length-bounds, and with the coming FORTIFY_SOURCE improvements), so they must all be converted to "real" flexible arrays, avoiding warnings like this: fs/hpfs/anode.c: In function 'hpfs_add_sector_to_btree': fs/hpfs/anode.c:209:27: warning: array subscript 0 is outside the bounds of an interior zero-length array 'struct bplus_internal_node[0]' [-Wzero-length-bounds] 209 | anode->btree.u.internal[0].down = cpu_to_le32(a); | ~~~~~~~~~~~~~~~~~~~~~~~^~~ In file included from fs/hpfs/hpfs_fn.h:26, from fs/hpfs/anode.c:10: fs/hpfs/hpfs.h:412:32: note: while referencing 'internal' 412 | struct bplus_internal_node internal[0]; /* (internal) 2-word entries giving | ^~~~~~~~ drivers/net/can/usb/etas_es58x/es58x_fd.c: In function 'es58x_fd_tx_can_msg': drivers/net/can/usb/etas_es58x/es58x_fd.c:360:35: warning: array subscript 65535 is outside the bounds of an interior zero-length array 'u8[0]' {aka 'unsigned char[]'} [-Wzero-length-bounds] 360 | tx_can_msg = (typeof(tx_can_msg))&es58x_fd_urb_cmd->raw_msg[msg_len]; | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ In file included from drivers/net/can/usb/etas_es58x/es58x_core.h:22, from drivers/net/can/usb/etas_es58x/es58x_fd.c:17: drivers/net/can/usb/etas_es58x/es58x_fd.h:231:6: note: while referencing 'raw_msg' 231 | u8 raw_msg[0]; | ^~~~~~~ However, it _is_ entirely possible to have one or more flexible arrays in a struct or union: it just has to be in another struct. And since it cannot be alone in a struct, such a struct must have at least 1 other named member -- but that member can be zero sized. Wrap all this nonsense into the new DECLARE_FLEX_ARRAY() in support of having flexible arrays in unions (or alone in a struct). As with struct_group(), since this is needed in UAPI headers as well, implement the core there, with a non-UAPI wrapper. Additionally update kernel-doc to understand its existence. https://github.com/KSPP/linux/issues/137 Cc: Arnd Bergmann <arnd@arndb.de> Cc: "Gustavo A. R. Silva" <gustavoars@kernel.org> Signed-off-by:
Kees Cook <keescook@chromium.org> ``` Signed-off-by:
-
Patrick Talbert authored
MR: https://gitlab.com/redhat/centos-stream/src/kernel/centos-stream-9/-/merge_requests/641 Bugzilla: https://bugzilla.redhat.com/2068207 Testing: Booted debug kernel and verified intel iommu debugfs information is present. Enable debugfs for Intel iommu in debug kernels to aid in debugging. This MR also contains a patch to clean up a kasan warning noticed when booting the debug kernel. As Kees notes in the commit in this case it is harmless, but cleaning it up to get rid of the warning. Signed-off-by:
Luis Claudio R. Goncalves <lgoncalv@redhat.com> Approved-by:
-
- May 04, 2022
-
-
Patrick Talbert authored
Signed-off-by: -
Patrick Talbert authored
MR: https://gitlab.com/redhat/centos-stream/src/kernel/centos-stream-9/-/merge_requests/773 Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2064198 This patch add support for CQE_RX_TRUNCATED and another bug fix for the Microsoft Azure Network Adapter (MANA) driver Signed-off-by:
Mohamed Gamal Morsy <mgamal@redhat.com> Approved-by:
Vitaly Kuznetsov <vkuznets@redhat.com> Signed-off-by:
-
Patrick Talbert authored
MR: https://gitlab.com/redhat/centos-stream/src/kernel/centos-stream-9/-/merge_requests/771 Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2077372 All of them are fixups. Signed-off-by:
-
Patrick Talbert authored
MR: https://gitlab.com/redhat/centos-stream/src/kernel/centos-stream-9/-/merge_requests/694 Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2026319 Upstream Status: RHEL-only Performance testing has indicated no performance impact to the enablement of kstack offset randomization, so enable it by default. Signed-off-by:
Joel Savitz <jsavitz@redhat.com> Approved-by:
-
