diff options
author | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | 2024-03-04 08:37:52 +0100 |
---|---|---|
committer | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | 2024-03-04 08:37:52 +0100 |
commit | 2e9e3c5aa12611c0887803eca622021d53ce170e (patch) | |
tree | ae6b7731a6c4c3a4fe5d816ed1ccb4ddf416b96a /queue-5.4 | |
parent | 2d302195dc3f0672a7535711bf0b03b42d93b2b2 (diff) | |
download | stable-queue-2e9e3c5aa12611c0887803eca622021d53ce170e.tar.gz |
5.4-stable patches
added patches:
fs-aio-make-io_cancel-generate-completions-again.patch
x86-cpu-intel-detect-tme-keyid-bits-before-setting-mtrr-mask-registers.patch
Diffstat (limited to 'queue-5.4')
3 files changed, 330 insertions, 0 deletions
diff --git a/queue-5.4/fs-aio-make-io_cancel-generate-completions-again.patch b/queue-5.4/fs-aio-make-io_cancel-generate-completions-again.patch new file mode 100644 index 0000000000..75218fca82 --- /dev/null +++ b/queue-5.4/fs-aio-make-io_cancel-generate-completions-again.patch @@ -0,0 +1,85 @@ +From 54cbc058d86beca3515c994039b5c0f0a34f53dd Mon Sep 17 00:00:00 2001 +From: Bart Van Assche <bvanassche@acm.org> +Date: Thu, 15 Feb 2024 12:47:39 -0800 +Subject: fs/aio: Make io_cancel() generate completions again + +From: Bart Van Assche <bvanassche@acm.org> + +commit 54cbc058d86beca3515c994039b5c0f0a34f53dd upstream. + +The following patch accidentally removed the code for delivering +completions for cancelled reads and writes to user space: "[PATCH 04/33] +aio: remove retry-based AIO" +(https://lore.kernel.org/all/1363883754-27966-5-git-send-email-koverstreet@google.com/) +>From that patch: + +- if (kiocbIsCancelled(iocb)) { +- ret = -EINTR; +- aio_complete(iocb, ret, 0); +- /* must not access the iocb after this */ +- goto out; +- } + +This leads to a leak in user space of a struct iocb. Hence this patch +that restores the code that reports to user space that a read or write +has been cancelled successfully. + +Fixes: 41003a7bcfed ("aio: remove retry-based AIO") +Cc: Christoph Hellwig <hch@lst.de> +Cc: Avi Kivity <avi@scylladb.com> +Cc: Sandeep Dhavale <dhavale@google.com> +Cc: Jens Axboe <axboe@kernel.dk> +Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org> +Cc: Kent Overstreet <kent.overstreet@linux.dev> +Cc: stable@vger.kernel.org +Signed-off-by: Bart Van Assche <bvanassche@acm.org> +Link: https://lore.kernel.org/r/20240215204739.2677806-3-bvanassche@acm.org +Signed-off-by: Christian Brauner <brauner@kernel.org> +Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> +--- + fs/aio.c | 27 +++++++++++---------------- + 1 file changed, 11 insertions(+), 16 deletions(-) + +--- a/fs/aio.c ++++ b/fs/aio.c +@@ -2126,14 +2126,11 @@ COMPAT_SYSCALL_DEFINE3(io_submit, compat + #endif + + /* sys_io_cancel: +- * Attempts to cancel an iocb previously passed to io_submit. If +- * the operation is successfully cancelled, the resulting event is +- * copied into the memory pointed to by result without being placed +- * into the completion queue and 0 is returned. May fail with +- * -EFAULT if any of the data structures pointed to are invalid. +- * May fail with -EINVAL if aio_context specified by ctx_id is +- * invalid. May fail with -EAGAIN if the iocb specified was not +- * cancelled. Will fail with -ENOSYS if not implemented. ++ * Attempts to cancel an iocb previously passed to io_submit(). If the ++ * operation is successfully cancelled 0 is returned. May fail with ++ * -EFAULT if any of the data structures pointed to are invalid. May ++ * fail with -EINVAL if aio_context specified by ctx_id is invalid. Will ++ * fail with -ENOSYS if not implemented. + */ + SYSCALL_DEFINE3(io_cancel, aio_context_t, ctx_id, struct iocb __user *, iocb, + struct io_event __user *, result) +@@ -2164,14 +2161,12 @@ SYSCALL_DEFINE3(io_cancel, aio_context_t + } + spin_unlock_irq(&ctx->ctx_lock); + +- if (!ret) { +- /* +- * The result argument is no longer used - the io_event is +- * always delivered via the ring buffer. -EINPROGRESS indicates +- * cancellation is progress: +- */ +- ret = -EINPROGRESS; +- } ++ /* ++ * The result argument is no longer used - the io_event is always ++ * delivered via the ring buffer. ++ */ ++ if (ret == 0 && kiocb->rw.ki_flags & IOCB_AIO_RW) ++ aio_complete_rw(&kiocb->rw, -EINTR); + + percpu_ref_put(&ctx->users); + diff --git a/queue-5.4/series b/queue-5.4/series index 868fb15692..ce40813a81 100644 --- a/queue-5.4/series +++ b/queue-5.4/series @@ -19,3 +19,5 @@ btrfs-dev-replace-properly-validate-device-names.patch dmaengine-fsl-qdma-fix-soc-may-hang-on-16-byte-unaligned-read.patch dmaengine-fsl-qdma-init-irq-after-reg-initialization.patch mmc-core-fix-emmc-initialization-with-1-bit-bus-connection.patch +fs-aio-make-io_cancel-generate-completions-again.patch +x86-cpu-intel-detect-tme-keyid-bits-before-setting-mtrr-mask-registers.patch diff --git a/queue-5.4/x86-cpu-intel-detect-tme-keyid-bits-before-setting-mtrr-mask-registers.patch b/queue-5.4/x86-cpu-intel-detect-tme-keyid-bits-before-setting-mtrr-mask-registers.patch new file mode 100644 index 0000000000..396da55079 --- /dev/null +++ b/queue-5.4/x86-cpu-intel-detect-tme-keyid-bits-before-setting-mtrr-mask-registers.patch @@ -0,0 +1,243 @@ +From 6890cb1ace350b4386c8aee1343dc3b3ddd214da Mon Sep 17 00:00:00 2001 +From: Paolo Bonzini <pbonzini@redhat.com> +Date: Thu, 1 Feb 2024 00:09:02 +0100 +Subject: x86/cpu/intel: Detect TME keyid bits before setting MTRR mask registers + +From: Paolo Bonzini <pbonzini@redhat.com> + +commit 6890cb1ace350b4386c8aee1343dc3b3ddd214da upstream. + +MKTME repurposes the high bit of physical address to key id for encryption +key and, even though MAXPHYADDR in CPUID[0x80000008] remains the same, +the valid bits in the MTRR mask register are based on the reduced number +of physical address bits. + +detect_tme() in arch/x86/kernel/cpu/intel.c detects TME and subtracts +it from the total usable physical bits, but it is called too late. +Move the call to early_init_intel() so that it is called in setup_arch(), +before MTRRs are setup. + +This fixes boot on TDX-enabled systems, which until now only worked with +"disable_mtrr_cleanup". Without the patch, the values written to the +MTRRs mask registers were 52-bit wide (e.g. 0x000fffff_80000800) and +the writes failed; with the patch, the values are 46-bit wide, which +matches the reduced MAXPHYADDR that is shown in /proc/cpuinfo. + +Reported-by: Zixi Chen <zixchen@redhat.com> +Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> +Signed-off-by: Dave Hansen <dave.hansen@linux.intel.com> +Cc:stable@vger.kernel.org +Link: https://lore.kernel.org/all/20240131230902.1867092-3-pbonzini%40redhat.com +Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> +--- + arch/x86/kernel/cpu/intel.c | 178 ++++++++++++++++++++++---------------------- + 1 file changed, 91 insertions(+), 87 deletions(-) + +--- a/arch/x86/kernel/cpu/intel.c ++++ b/arch/x86/kernel/cpu/intel.c +@@ -187,6 +187,90 @@ static bool bad_spectre_microcode(struct + return false; + } + ++#define MSR_IA32_TME_ACTIVATE 0x982 ++ ++/* Helpers to access TME_ACTIVATE MSR */ ++#define TME_ACTIVATE_LOCKED(x) (x & 0x1) ++#define TME_ACTIVATE_ENABLED(x) (x & 0x2) ++ ++#define TME_ACTIVATE_POLICY(x) ((x >> 4) & 0xf) /* Bits 7:4 */ ++#define TME_ACTIVATE_POLICY_AES_XTS_128 0 ++ ++#define TME_ACTIVATE_KEYID_BITS(x) ((x >> 32) & 0xf) /* Bits 35:32 */ ++ ++#define TME_ACTIVATE_CRYPTO_ALGS(x) ((x >> 48) & 0xffff) /* Bits 63:48 */ ++#define TME_ACTIVATE_CRYPTO_AES_XTS_128 1 ++ ++/* Values for mktme_status (SW only construct) */ ++#define MKTME_ENABLED 0 ++#define MKTME_DISABLED 1 ++#define MKTME_UNINITIALIZED 2 ++static int mktme_status = MKTME_UNINITIALIZED; ++ ++static void detect_tme_early(struct cpuinfo_x86 *c) ++{ ++ u64 tme_activate, tme_policy, tme_crypto_algs; ++ int keyid_bits = 0, nr_keyids = 0; ++ static u64 tme_activate_cpu0 = 0; ++ ++ rdmsrl(MSR_IA32_TME_ACTIVATE, tme_activate); ++ ++ if (mktme_status != MKTME_UNINITIALIZED) { ++ if (tme_activate != tme_activate_cpu0) { ++ /* Broken BIOS? */ ++ pr_err_once("x86/tme: configuration is inconsistent between CPUs\n"); ++ pr_err_once("x86/tme: MKTME is not usable\n"); ++ mktme_status = MKTME_DISABLED; ++ ++ /* Proceed. We may need to exclude bits from x86_phys_bits. */ ++ } ++ } else { ++ tme_activate_cpu0 = tme_activate; ++ } ++ ++ if (!TME_ACTIVATE_LOCKED(tme_activate) || !TME_ACTIVATE_ENABLED(tme_activate)) { ++ pr_info_once("x86/tme: not enabled by BIOS\n"); ++ mktme_status = MKTME_DISABLED; ++ return; ++ } ++ ++ if (mktme_status != MKTME_UNINITIALIZED) ++ goto detect_keyid_bits; ++ ++ pr_info("x86/tme: enabled by BIOS\n"); ++ ++ tme_policy = TME_ACTIVATE_POLICY(tme_activate); ++ if (tme_policy != TME_ACTIVATE_POLICY_AES_XTS_128) ++ pr_warn("x86/tme: Unknown policy is active: %#llx\n", tme_policy); ++ ++ tme_crypto_algs = TME_ACTIVATE_CRYPTO_ALGS(tme_activate); ++ if (!(tme_crypto_algs & TME_ACTIVATE_CRYPTO_AES_XTS_128)) { ++ pr_err("x86/mktme: No known encryption algorithm is supported: %#llx\n", ++ tme_crypto_algs); ++ mktme_status = MKTME_DISABLED; ++ } ++detect_keyid_bits: ++ keyid_bits = TME_ACTIVATE_KEYID_BITS(tme_activate); ++ nr_keyids = (1UL << keyid_bits) - 1; ++ if (nr_keyids) { ++ pr_info_once("x86/mktme: enabled by BIOS\n"); ++ pr_info_once("x86/mktme: %d KeyIDs available\n", nr_keyids); ++ } else { ++ pr_info_once("x86/mktme: disabled by BIOS\n"); ++ } ++ ++ if (mktme_status == MKTME_UNINITIALIZED) { ++ /* MKTME is usable */ ++ mktme_status = MKTME_ENABLED; ++ } ++ ++ /* ++ * KeyID bits effectively lower the number of physical address ++ * bits. Update cpuinfo_x86::x86_phys_bits accordingly. ++ */ ++ c->x86_phys_bits -= keyid_bits; ++} ++ + static void early_init_intel(struct cpuinfo_x86 *c) + { + u64 misc_enable; +@@ -339,6 +423,13 @@ static void early_init_intel(struct cpui + */ + if (detect_extended_topology_early(c) < 0) + detect_ht_early(c); ++ ++ /* ++ * Adjust the number of physical bits early because it affects the ++ * valid bits of the MTRR mask registers. ++ */ ++ if (cpu_has(c, X86_FEATURE_TME)) ++ detect_tme_early(c); + } + + #ifdef CONFIG_X86_32 +@@ -540,90 +631,6 @@ static void detect_vmx_virtcap(struct cp + } + } + +-#define MSR_IA32_TME_ACTIVATE 0x982 +- +-/* Helpers to access TME_ACTIVATE MSR */ +-#define TME_ACTIVATE_LOCKED(x) (x & 0x1) +-#define TME_ACTIVATE_ENABLED(x) (x & 0x2) +- +-#define TME_ACTIVATE_POLICY(x) ((x >> 4) & 0xf) /* Bits 7:4 */ +-#define TME_ACTIVATE_POLICY_AES_XTS_128 0 +- +-#define TME_ACTIVATE_KEYID_BITS(x) ((x >> 32) & 0xf) /* Bits 35:32 */ +- +-#define TME_ACTIVATE_CRYPTO_ALGS(x) ((x >> 48) & 0xffff) /* Bits 63:48 */ +-#define TME_ACTIVATE_CRYPTO_AES_XTS_128 1 +- +-/* Values for mktme_status (SW only construct) */ +-#define MKTME_ENABLED 0 +-#define MKTME_DISABLED 1 +-#define MKTME_UNINITIALIZED 2 +-static int mktme_status = MKTME_UNINITIALIZED; +- +-static void detect_tme(struct cpuinfo_x86 *c) +-{ +- u64 tme_activate, tme_policy, tme_crypto_algs; +- int keyid_bits = 0, nr_keyids = 0; +- static u64 tme_activate_cpu0 = 0; +- +- rdmsrl(MSR_IA32_TME_ACTIVATE, tme_activate); +- +- if (mktme_status != MKTME_UNINITIALIZED) { +- if (tme_activate != tme_activate_cpu0) { +- /* Broken BIOS? */ +- pr_err_once("x86/tme: configuration is inconsistent between CPUs\n"); +- pr_err_once("x86/tme: MKTME is not usable\n"); +- mktme_status = MKTME_DISABLED; +- +- /* Proceed. We may need to exclude bits from x86_phys_bits. */ +- } +- } else { +- tme_activate_cpu0 = tme_activate; +- } +- +- if (!TME_ACTIVATE_LOCKED(tme_activate) || !TME_ACTIVATE_ENABLED(tme_activate)) { +- pr_info_once("x86/tme: not enabled by BIOS\n"); +- mktme_status = MKTME_DISABLED; +- return; +- } +- +- if (mktme_status != MKTME_UNINITIALIZED) +- goto detect_keyid_bits; +- +- pr_info("x86/tme: enabled by BIOS\n"); +- +- tme_policy = TME_ACTIVATE_POLICY(tme_activate); +- if (tme_policy != TME_ACTIVATE_POLICY_AES_XTS_128) +- pr_warn("x86/tme: Unknown policy is active: %#llx\n", tme_policy); +- +- tme_crypto_algs = TME_ACTIVATE_CRYPTO_ALGS(tme_activate); +- if (!(tme_crypto_algs & TME_ACTIVATE_CRYPTO_AES_XTS_128)) { +- pr_err("x86/mktme: No known encryption algorithm is supported: %#llx\n", +- tme_crypto_algs); +- mktme_status = MKTME_DISABLED; +- } +-detect_keyid_bits: +- keyid_bits = TME_ACTIVATE_KEYID_BITS(tme_activate); +- nr_keyids = (1UL << keyid_bits) - 1; +- if (nr_keyids) { +- pr_info_once("x86/mktme: enabled by BIOS\n"); +- pr_info_once("x86/mktme: %d KeyIDs available\n", nr_keyids); +- } else { +- pr_info_once("x86/mktme: disabled by BIOS\n"); +- } +- +- if (mktme_status == MKTME_UNINITIALIZED) { +- /* MKTME is usable */ +- mktme_status = MKTME_ENABLED; +- } +- +- /* +- * KeyID bits effectively lower the number of physical address +- * bits. Update cpuinfo_x86::x86_phys_bits accordingly. +- */ +- c->x86_phys_bits -= keyid_bits; +-} +- + static void init_cpuid_fault(struct cpuinfo_x86 *c) + { + u64 msr; +@@ -758,9 +765,6 @@ static void init_intel(struct cpuinfo_x8 + if (cpu_has(c, X86_FEATURE_VMX)) + detect_vmx_virtcap(c); + +- if (cpu_has(c, X86_FEATURE_TME)) +- detect_tme(c); +- + init_intel_misc_features(c); + + if (tsx_ctrl_state == TSX_CTRL_ENABLE) |