1. 18 4月, 2019 1 次提交
    • L
      Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net · 2a3a028f
      Linus Torvalds 提交于
      Pull networking fixes from David Miller:
      
       1) Handle init flow failures properly in iwlwifi driver, from Shahar S
          Matityahu.
      
       2) mac80211 TXQs need to be unscheduled on powersave start, from Felix
          Fietkau.
      
       3) SKB memory accounting fix in A-MDSU aggregation, from Felix Fietkau.
      
       4) Increase RCU lock hold time in mlx5 FPGA code, from Saeed Mahameed.
      
       5) Avoid checksum complete with XDP in mlx5, also from Saeed.
      
       6) Fix netdev feature clobbering in ibmvnic driver, from Thomas Falcon.
      
       7) Partial sent TLS record leak fix from Jakub Kicinski.
      
       8) Reject zero size iova range in vhost, from Jason Wang.
      
       9) Allow pending work to complete before clcsock release from Karsten
          Graul.
      
      10) Fix XDP handling max MTU in thunderx, from Matteo Croce.
      
      11) A lot of protocols look at the sa_family field of a sockaddr before
          validating it's length is large enough, from Tetsuo Handa.
      
      12) Don't write to free'd pointer in qede ptp error path, from Colin Ian
          King.
      
      13) Have to recompile IP options in ipv4_link_failure because it can be
          invoked from ARP, from Stephen Suryaputra.
      
      14) Doorbell handling fixes in qed from Denis Bolotin.
      
      15) Revert net-sysfs kobject register leak fix, it causes new problems.
          From Wang Hai.
      
      16) Spectre v1 fix in ATM code, from Gustavo A. R. Silva.
      
      17) Fix put of BROPT_VLAN_STATS_PER_PORT in bridging code, from Nikolay
          Aleksandrov.
      
      * git://git.kernel.org/pub/scm/linux/kernel/git/davem/net: (111 commits)
        socket: fix compat SO_RCVTIMEO_NEW/SO_SNDTIMEO_NEW
        tcp: tcp_grow_window() needs to respect tcp_space()
        ocelot: Clean up stats update deferred work
        ocelot: Don't sleep in atomic context (irqs_disabled())
        net: bridge: fix netlink export of vlan_stats_per_port option
        qed: fix spelling mistake "faspath" -> "fastpath"
        tipc: set sysctl_tipc_rmem and named_timeout right range
        tipc: fix link established but not in session
        net: Fix missing meta data in skb with vlan packet
        net: atm: Fix potential Spectre v1 vulnerabilities
        net/core: work around section mismatch warning for ptp_classifier
        net: bridge: fix per-port af_packet sockets
        bnx2x: fix spelling mistake "dicline" -> "decline"
        route: Avoid crash from dereferencing NULL rt->from
        MAINTAINERS: normalize Woojung Huh's email address
        bonding: fix event handling for stacked bonds
        Revert "net-sysfs: Fix memory leak in netdev_register_kobject"
        rtnetlink: fix rtnl_valid_stats_req() nlmsg_len check
        qed: Fix the DORQ's attentions handling
        qed: Fix missing DORQ attentions
        ...
      2a3a028f
  2. 17 4月, 2019 13 次提交
  3. 16 4月, 2019 26 次提交
    • L
      Merge tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm · b5de3c50
      Linus Torvalds 提交于
      Pull KVM fixes from Paolo Bonzini:
       "5.1 keeps its reputation as a big bugfix release for KVM x86.
      
         - Fix for a memory leak introduced during the merge window
      
         - Fixes for nested VMX with ept=0
      
         - Fixes for AMD (APIC virtualization, NMI injection)
      
         - Fixes for Hyper-V under KVM and KVM under Hyper-V
      
         - Fixes for 32-bit SMM and tests for SMM virtualization
      
         - More array_index_nospec peppering"
      
      * tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm: (21 commits)
        KVM: x86: avoid misreporting level-triggered irqs as edge-triggered in tracing
        KVM: fix spectrev1 gadgets
        KVM: x86: fix warning Using plain integer as NULL pointer
        selftests: kvm: add a selftest for SMM
        selftests: kvm: fix for compilers that do not support -no-pie
        selftests: kvm/evmcs_test: complete I/O before migrating guest state
        KVM: x86: Always use 32-bit SMRAM save state for 32-bit kernels
        KVM: x86: Don't clear EFER during SMM transitions for 32-bit vCPU
        KVM: x86: clear SMM flags before loading state while leaving SMM
        KVM: x86: Open code kvm_set_hflags
        KVM: x86: Load SMRAM in a single shot when leaving SMM
        KVM: nVMX: Expose RDPMC-exiting only when guest supports PMU
        KVM: x86: Raise #GP when guest vCPU do not support PMU
        x86/kvm: move kvm_load/put_guest_xcr0 into atomic context
        KVM: x86: svm: make sure NMI is injected after nmi_singlestep
        svm/avic: Fix invalidate logical APIC id entry
        Revert "svm: Fix AVIC incomplete IPI emulation"
        kvm: mmu: Fix overflow on kvm mmu page limit calculation
        KVM: nVMX: always use early vmcs check when EPT is disabled
        KVM: nVMX: allow tests to use bad virtual-APIC page address
        ...
      b5de3c50
    • V
      KVM: x86: avoid misreporting level-triggered irqs as edge-triggered in tracing · 7a223e06
      Vitaly Kuznetsov 提交于
      In __apic_accept_irq() interface trig_mode is int and actually on some code
      paths it is set above u8:
      
      kvm_apic_set_irq() extracts it from 'struct kvm_lapic_irq' where trig_mode
      is u16. This is done on purpose as e.g. kvm_set_msi_irq() sets it to
      (1 << 15) & e->msi.data
      
      kvm_apic_local_deliver sets it to reg & (1 << 15).
      
      Fix the immediate issue by making 'tm' into u16. We may also want to adjust
      __apic_accept_irq() interface and use proper sizes for vector, level,
      trig_mode but this is not urgent.
      Signed-off-by: NVitaly Kuznetsov <vkuznets@redhat.com>
      Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
      7a223e06
    • P
      KVM: fix spectrev1 gadgets · 1d487e9b
      Paolo Bonzini 提交于
      These were found with smatch, and then generalized when applicable.
      Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
      1d487e9b
    • H
      KVM: x86: fix warning Using plain integer as NULL pointer · be43c440
      Hariprasad Kelam 提交于
      Changed passing argument as "0 to NULL" which resolves below sparse warning
      
      arch/x86/kvm/x86.c:3096:61: warning: Using plain integer as NULL pointer
      Signed-off-by: NHariprasad Kelam <hariprasad.kelam@gmail.com>
      Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
      be43c440
    • V
      selftests: kvm: add a selftest for SMM · 79904c9d
      Vitaly Kuznetsov 提交于
      Add a simple test for SMM, based on VMX.  The test implements its own
      sync between the guest and the host as using our ucall library seems to
      be too cumbersome: SMI handler is happening in real-address mode.
      
      This patch also fixes KVM_SET_NESTED_STATE to happen after
      KVM_SET_VCPU_EVENTS, in fact it places it last.  This is because
      KVM needs to know whether the processor is in SMM or not.
      Signed-off-by: NVitaly Kuznetsov <vkuznets@redhat.com>
      Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
      79904c9d
    • P
      selftests: kvm: fix for compilers that do not support -no-pie · c2390f16
      Paolo Bonzini 提交于
      -no-pie was added to GCC at the same time as their configuration option
      --enable-default-pie.  Compilers that were built before do not have
      -no-pie, but they also do not need it.  Detect the option at build
      time.
      Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
      c2390f16
    • P
      selftests: kvm/evmcs_test: complete I/O before migrating guest state · c68c21ca
      Paolo Bonzini 提交于
      Starting state migration after an IO exit without first completing IO
      may result in test failures.  We already have two tests that need this
      (this patch in fact fixes evmcs_test, similar to what was fixed for
      state_test in commit 0f73bbc8, "KVM: selftests: complete IO before
      migrating guest state", 2019-03-13) and a third is coming.  So, move the
      code to vcpu_save_state, and while at it do not access register state
      until after I/O is complete.
      Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
      c68c21ca
    • S
      KVM: x86: Always use 32-bit SMRAM save state for 32-bit kernels · b68f3cc7
      Sean Christopherson 提交于
      Invoking the 64-bit variation on a 32-bit kenrel will crash the guest,
      trigger a WARN, and/or lead to a buffer overrun in the host, e.g.
      rsm_load_state_64() writes r8-r15 unconditionally, but enum kvm_reg and
      thus x86_emulate_ctxt._regs only define r8-r15 for CONFIG_X86_64.
      
      KVM allows userspace to report long mode support via CPUID, even though
      the guest is all but guaranteed to crash if it actually tries to enable
      long mode.  But, a pure 32-bit guest that is ignorant of long mode will
      happily plod along.
      
      SMM complicates things as 64-bit CPUs use a different SMRAM save state
      area.  KVM handles this correctly for 64-bit kernels, e.g. uses the
      legacy save state map if userspace has hid long mode from the guest,
      but doesn't fare well when userspace reports long mode support on a
      32-bit host kernel (32-bit KVM doesn't support 64-bit guests).
      
      Since the alternative is to crash the guest, e.g. by not loading state
      or explicitly requesting shutdown, unconditionally use the legacy SMRAM
      save state map for 32-bit KVM.  If a guest has managed to get far enough
      to handle SMIs when running under a weird/buggy userspace hypervisor,
      then don't deliberately crash the guest since there are no downsides
      (from KVM's perspective) to allow it to continue running.
      
      Fixes: 660a5d51 ("KVM: x86: save/load state on SMM switch")
      Cc: stable@vger.kernel.org
      Signed-off-by: NSean Christopherson <sean.j.christopherson@intel.com>
      Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
      b68f3cc7
    • S
      KVM: x86: Don't clear EFER during SMM transitions for 32-bit vCPU · 8f4dc2e7
      Sean Christopherson 提交于
      Neither AMD nor Intel CPUs have an EFER field in the legacy SMRAM save
      state area, i.e. don't save/restore EFER across SMM transitions.  KVM
      somewhat models this, e.g. doesn't clear EFER on entry to SMM if the
      guest doesn't support long mode.  But during RSM, KVM unconditionally
      clears EFER so that it can get back to pure 32-bit mode in order to
      start loading CRs with their actual non-SMM values.
      
      Clear EFER only when it will be written when loading the non-SMM state
      so as to preserve bits that can theoretically be set on 32-bit vCPUs,
      e.g. KVM always emulates EFER_SCE.
      
      And because CR4.PAE is cleared only to play nice with EFER, wrap that
      code in the long mode check as well.  Note, this may result in a
      compiler warning about cr4 being consumed uninitialized.  Re-read CR4
      even though it's technically unnecessary, as doing so allows for more
      readable code and RSM emulation is not a performance critical path.
      
      Fixes: 660a5d51 ("KVM: x86: save/load state on SMM switch")
      Cc: stable@vger.kernel.org
      Signed-off-by: NSean Christopherson <sean.j.christopherson@intel.com>
      Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
      8f4dc2e7
    • S
      KVM: x86: clear SMM flags before loading state while leaving SMM · 9ec19493
      Sean Christopherson 提交于
      RSM emulation is currently broken on VMX when the interrupted guest has
      CR4.VMXE=1.  Stop dancing around the issue of HF_SMM_MASK being set when
      loading SMSTATE into architectural state, e.g. by toggling it for
      problematic flows, and simply clear HF_SMM_MASK prior to loading
      architectural state (from SMRAM save state area).
      Reported-by: NJon Doron <arilou@gmail.com>
      Cc: Jim Mattson <jmattson@google.com>
      Cc: Liran Alon <liran.alon@oracle.com>
      Cc: Vitaly Kuznetsov <vkuznets@redhat.com>
      Fixes: 5bea5123 ("KVM: VMX: check nested state and CR4.VMXE against SMM")
      Signed-off-by: NSean Christopherson <sean.j.christopherson@intel.com>
      Tested-by: NVitaly Kuznetsov <vkuznets@redhat.com>
      Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
      9ec19493
    • S
      KVM: x86: Open code kvm_set_hflags · c5833c7a
      Sean Christopherson 提交于
      Prepare for clearing HF_SMM_MASK prior to loading state from the SMRAM
      save state map, i.e. kvm_smm_changed() needs to be called after state
      has been loaded and so cannot be done automatically when setting
      hflags from RSM.
      Signed-off-by: NSean Christopherson <sean.j.christopherson@intel.com>
      Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
      c5833c7a
    • S
      KVM: x86: Load SMRAM in a single shot when leaving SMM · ed19321f
      Sean Christopherson 提交于
      RSM emulation is currently broken on VMX when the interrupted guest has
      CR4.VMXE=1.  Rather than dance around the issue of HF_SMM_MASK being set
      when loading SMSTATE into architectural state, ideally RSM emulation
      itself would be reworked to clear HF_SMM_MASK prior to loading non-SMM
      architectural state.
      
      Ostensibly, the only motivation for having HF_SMM_MASK set throughout
      the loading of state from the SMRAM save state area is so that the
      memory accesses from GET_SMSTATE() are tagged with role.smm.  Load
      all of the SMRAM save state area from guest memory at the beginning of
      RSM emulation, and load state from the buffer instead of reading guest
      memory one-by-one.
      
      This paves the way for clearing HF_SMM_MASK prior to loading state,
      and also aligns RSM with the enter_smm() behavior, which fills a
      buffer and writes SMRAM save state in a single go.
      Signed-off-by: NSean Christopherson <sean.j.christopherson@intel.com>
      Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
      ed19321f
    • L
      KVM: nVMX: Expose RDPMC-exiting only when guest supports PMU · e51bfdb6
      Liran Alon 提交于
      Issue was discovered when running kvm-unit-tests on KVM running as L1 on
      top of Hyper-V.
      
      When vmx_instruction_intercept unit-test attempts to run RDPMC to test
      RDPMC-exiting, it is intercepted by L1 KVM which it's EXIT_REASON_RDPMC
      handler raise #GP because vCPU exposed by Hyper-V doesn't support PMU.
      Instead of unit-test expectation to be reflected with EXIT_REASON_RDPMC.
      
      The reason vmx_instruction_intercept unit-test attempts to run RDPMC
      even though Hyper-V doesn't support PMU is because L1 expose to L2
      support for RDPMC-exiting. Which is reasonable to assume that is
      supported only in case CPU supports PMU to being with.
      
      Above issue can easily be simulated by modifying
      vmx_instruction_intercept config in x86/unittests.cfg to run QEMU with
      "-cpu host,+vmx,-pmu" and run unit-test.
      
      To handle issue, change KVM to expose RDPMC-exiting only when guest
      supports PMU.
      Reported-by: NSaar Amar <saaramar@microsoft.com>
      Reviewed-by: NMihai Carabas <mihai.carabas@oracle.com>
      Reviewed-by: NJim Mattson <jmattson@google.com>
      Signed-off-by: NLiran Alon <liran.alon@oracle.com>
      Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
      e51bfdb6
    • L
      KVM: x86: Raise #GP when guest vCPU do not support PMU · 672ff6cf
      Liran Alon 提交于
      Before this change, reading a VMware pseduo PMC will succeed even when
      PMU is not supported by guest. This can easily be seen by running
      kvm-unit-test vmware_backdoors with "-cpu host,-pmu" option.
      Reviewed-by: NMihai Carabas <mihai.carabas@oracle.com>
      Signed-off-by: NLiran Alon <liran.alon@oracle.com>
      Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
      672ff6cf
    • W
      x86/kvm: move kvm_load/put_guest_xcr0 into atomic context · 1811d979
      WANG Chao 提交于
      guest xcr0 could leak into host when MCE happens in guest mode. Because
      do_machine_check() could schedule out at a few places.
      
      For example:
      
      kvm_load_guest_xcr0
      ...
      kvm_x86_ops->run(vcpu) {
        vmx_vcpu_run
          vmx_complete_atomic_exit
            kvm_machine_check
              do_machine_check
                do_memory_failure
                  memory_failure
                    lock_page
      
      In this case, host_xcr0 is 0x2ff, guest vcpu xcr0 is 0xff. After schedule
      out, host cpu has guest xcr0 loaded (0xff).
      
      In __switch_to {
           switch_fpu_finish
             copy_kernel_to_fpregs
               XRSTORS
      
      If any bit i in XSTATE_BV[i] == 1 and xcr0[i] == 0, XRSTORS will
      generate #GP (In this case, bit 9). Then ex_handler_fprestore kicks in
      and tries to reinitialize fpu by restoring init fpu state. Same story as
      last #GP, except we get DOUBLE FAULT this time.
      
      Cc: stable@vger.kernel.org
      Signed-off-by: NWANG Chao <chao.wang@ucloud.cn>
      Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
      1811d979
    • V
      KVM: x86: svm: make sure NMI is injected after nmi_singlestep · 99c22179
      Vitaly Kuznetsov 提交于
      I noticed that apic test from kvm-unit-tests always hangs on my EPYC 7401P,
      the hanging test nmi-after-sti is trying to deliver 30000 NMIs and tracing
      shows that we're sometimes able to deliver a few but never all.
      
      When we're trying to inject an NMI we may fail to do so immediately for
      various reasons, however, we still need to inject it so enable_nmi_window()
      arms nmi_singlestep mode. #DB occurs as expected, but we're not checking
      for pending NMIs before entering the guest and unless there's a different
      event to process, the NMI will never get delivered.
      
      Make KVM_REQ_EVENT request on the vCPU from db_interception() to make sure
      pending NMIs are checked and possibly injected.
      Signed-off-by: NVitaly Kuznetsov <vkuznets@redhat.com>
      Cc: stable@vger.kernel.org
      Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
      99c22179
    • S
      svm/avic: Fix invalidate logical APIC id entry · e44e3eac
      Suthikulpanit, Suravee 提交于
      Only clear the valid bit when invalidate logical APIC id entry.
      The current logic clear the valid bit, but also set the rest of
      the bits (including reserved bits) to 1.
      
      Fixes: 98d90582 ('svm: Fix AVIC DFR and LDR handling')
      Signed-off-by: NSuravee Suthikulpanit <suravee.suthikulpanit@amd.com>
      Cc: stable@vger.kernel.org
      Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
      e44e3eac
    • S
      Revert "svm: Fix AVIC incomplete IPI emulation" · 4a58038b
      Suthikulpanit, Suravee 提交于
      This reverts commit bb218fbc.
      
      As Oren Twaig pointed out the old discussion:
      
        https://patchwork.kernel.org/patch/8292231/
      
      that the change coud potentially cause an extra IPI to be sent to
      the destination vcpu because the AVIC hardware already set the IRR bit
      before the incomplete IPI #VMEXIT with id=1 (target vcpu is not running).
      Since writting to ICR and ICR2 will also set the IRR. If something triggers
      the destination vcpu to get scheduled before the emulation finishes, then
      this could result in an additional IPI.
      
      Also, the issue mentioned in the commit bb218fbc was misdiagnosed.
      
      Cc: Radim Krčmář <rkrcmar@redhat.com>
      Cc: Paolo Bonzini <pbonzini@redhat.com>
      Reported-by: NOren Twaig <oren@scalemp.com>
      Signed-off-by: NSuravee Suthikulpanit <suravee.suthikulpanit@amd.com>
      Cc: stable@vger.kernel.org
      Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
      4a58038b
    • B
      kvm: mmu: Fix overflow on kvm mmu page limit calculation · bc8a3d89
      Ben Gardon 提交于
      KVM bases its memory usage limits on the total number of guest pages
      across all memslots. However, those limits, and the calculations to
      produce them, use 32 bit unsigned integers. This can result in overflow
      if a VM has more guest pages that can be represented by a u32. As a
      result of this overflow, KVM can use a low limit on the number of MMU
      pages it will allocate. This makes KVM unable to map all of guest memory
      at once, prompting spurious faults.
      
      Tested: Ran all kvm-unit-tests on an Intel Haswell machine. This patch
      	introduced no new failures.
      Signed-off-by: NBen Gardon <bgardon@google.com>
      Cc: stable@vger.kernel.org
      Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
      bc8a3d89
    • P
      KVM: nVMX: always use early vmcs check when EPT is disabled · 2b27924b
      Paolo Bonzini 提交于
      The remaining failures of vmx.flat when EPT is disabled are caused by
      incorrectly reflecting VMfails to the L1 hypervisor.  What happens is
      that nested_vmx_restore_host_state corrupts the guest CR3, reloading it
      with the host's shadow CR3 instead, because it blindly loads GUEST_CR3
      from the vmcs01.
      
      For simplicity let's just always use hardware VMCS checks when EPT is
      disabled.  This way, nested_vmx_restore_host_state is not reached at
      all (or at least shouldn't be reached).
      Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
      2b27924b
    • P
      KVM: nVMX: allow tests to use bad virtual-APIC page address · 69090810
      Paolo Bonzini 提交于
      As mentioned in the comment, there are some special cases where we can simply
      clear the TPR shadow bit from the CPU-based execution controls in the vmcs02.
      Handle them so that we can remove some XFAILs from vmx.flat.
      Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
      69090810
    • C
      bnx2x: fix spelling mistake "dicline" -> "decline" · 614c70f3
      Colin Ian King 提交于
      There is a spelling mistake in a BNX2X_ERR message, fix it.
      Signed-off-by: NColin Ian King <colin.king@canonical.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      614c70f3
    • L
      Merge tag 'libnvdimm-fixes-5.1-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/nvdimm/nvdimm · 618d919c
      Linus Torvalds 提交于
      Pull libnvdimm fixes from Dan Williams:
       "I debated holding this back for the v5.2 merge window due to the size
        of the "zero-key" changes, but affected users would benefit from
        having the fixes sooner. It did not make sense to change the zero-key
        semantic in isolation for the "secure-erase" command, but instead
        include it for all security commands.
      
        The short background on the need for these changes is that some NVDIMM
        platforms enable security with a default zero-key rather than let the
        OS specify the initial key. This makes the security enabling that
        landed in v5.0 unusable for some users.
      
        Summary:
      
         - Compatibility fix for nvdimm-security implementations with a
           default zero-key.
      
         - Miscellaneous small fixes for out-of-bound accesses, cleanup after
           initialization failures, and missing debug messages"
      
      * tag 'libnvdimm-fixes-5.1-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/nvdimm/nvdimm:
        tools/testing/nvdimm: Retain security state after overwrite
        libnvdimm/pmem: fix a possible OOB access when read and write pmem
        libnvdimm/security, acpi/nfit: unify zero-key for all security commands
        libnvdimm/security: provide fix for secure-erase to use zero-key
        libnvdimm/btt: Fix a kmemdup failure check
        libnvdimm/namespace: Fix a potential NULL pointer dereference
        acpi/nfit: Always dump _DSM output payload
      618d919c
    • L
      Merge tag 'fsdax-fix-5.1-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/nvdimm/nvdimm · 5512320c
      Linus Torvalds 提交于
      Pull fsdax fix from Dan Williams:
       "A single filesystem-dax fix. It has been lingering in -next for a long
        while and there are no other fsdax fixes on the horizon:
      
         - Avoid a crash scenario with architectures like powerpc that require
           'pgtable_deposit' for the zero page"
      
      * tag 'fsdax-fix-5.1-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/nvdimm/nvdimm:
        fs/dax: Deposit pagetable even when installing zero page
      5512320c
    • J
      route: Avoid crash from dereferencing NULL rt->from · 9c69a132
      Jonathan Lemon 提交于
      When __ip6_rt_update_pmtu() is called, rt->from is RCU dereferenced, but is
      never checked for null - rt6_flush_exceptions() may have removed the entry.
      
      [ 1913.989004] RIP: 0010:ip6_rt_cache_alloc+0x13/0x170
      [ 1914.209410] Call Trace:
      [ 1914.214798]  <IRQ>
      [ 1914.219226]  __ip6_rt_update_pmtu+0xb0/0x190
      [ 1914.228649]  ip6_tnl_xmit+0x2c2/0x970 [ip6_tunnel]
      [ 1914.239223]  ? ip6_tnl_parse_tlv_enc_lim+0x32/0x1a0 [ip6_tunnel]
      [ 1914.252489]  ? __gre6_xmit+0x148/0x530 [ip6_gre]
      [ 1914.262678]  ip6gre_tunnel_xmit+0x17e/0x3c7 [ip6_gre]
      [ 1914.273831]  dev_hard_start_xmit+0x8d/0x1f0
      [ 1914.283061]  sch_direct_xmit+0xfa/0x230
      [ 1914.291521]  __qdisc_run+0x154/0x4b0
      [ 1914.299407]  net_tx_action+0x10e/0x1f0
      [ 1914.307678]  __do_softirq+0xca/0x297
      [ 1914.315567]  irq_exit+0x96/0xa0
      [ 1914.322494]  smp_apic_timer_interrupt+0x68/0x130
      [ 1914.332683]  apic_timer_interrupt+0xf/0x20
      [ 1914.341721]  </IRQ>
      
      Fixes: a68886a6 ("net/ipv6: Make from in rt6_info rcu protected")
      Signed-off-by: NJonathan Lemon <jonathan.lemon@gmail.com>
      Reviewed-by: NEric Dumazet <edumazet@google.com>
      Reviewed-by: NDavid Ahern <dsahern@gmail.com>
      Reviewed-by: NMartin KaFai Lau <kafai@fb.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      9c69a132
    • L
      MAINTAINERS: normalize Woojung Huh's email address · 789445b9
      Lukas Bulwahn 提交于
      MAINTAINERS contains a lower-case and upper-case variant of
      Woojung Huh' s email address.
      
      Only keep the lower-case variant in MAINTAINERS.
      Signed-off-by: NLukas Bulwahn <lukas.bulwahn@gmail.com>
      Acked-by: NWoojung Huh <woojung.huh@microchip.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      789445b9