diff options
author | Thorsten Leemhuis <fedora@leemhuis.info> | 2020-02-21 16:54:22 +0100 |
---|---|---|
committer | Thorsten Leemhuis <fedora@leemhuis.info> | 2020-02-21 16:54:22 +0100 |
commit | 8fc61f124d50c9b7359898c2d1365eb50f21ced3 (patch) | |
tree | ce9bb085594ca79e0bf8edacb0934dc401834783 | |
parent | 424d383ff882e4473c32a374574afe36ae8e855d (diff) | |
parent | 4f1980456ed199c0ea6aaea5ff907f98471df4d6 (diff) | |
download | kernel-8fc61f124d50c9b7359898c2d1365eb50f21ced3.tar.gz kernel-8fc61f124d50c9b7359898c2d1365eb50f21ced3.tar.xz kernel-8fc61f124d50c9b7359898c2d1365eb50f21ced3.zip |
Merge remote-tracking branch 'origin/master' into rawhide-user-thl-vanilla-fedorakernel-5.6.0-0.rc2.git3.1.vanilla.knurd.1.fc33kernel-5.6.0-0.rc2.git3.1.vanilla.knurd.1.fc32kernel-5.6.0-0.rc2.git3.1.vanilla.knurd.1.fc31kernel-5.6.0-0.rc2.git3.1.vanilla.knurd.1.fc30
-rw-r--r-- | 0001-include-uapi-Fix-invalid-use-of-BITS_PER_LONG-in-__s.patch | 47 | ||||
-rw-r--r-- | 0001-mm-Avoid-creating-virtual-address-aliases-in-brk-mma.patch | 95 | ||||
-rw-r--r-- | gitrev | 2 | ||||
-rw-r--r-- | kernel.spec | 16 | ||||
-rw-r--r-- | sources | 2 |
5 files changed, 159 insertions, 3 deletions
diff --git a/0001-include-uapi-Fix-invalid-use-of-BITS_PER_LONG-in-__s.patch b/0001-include-uapi-Fix-invalid-use-of-BITS_PER_LONG-in-__s.patch new file mode 100644 index 000000000..2cb6a85ae --- /dev/null +++ b/0001-include-uapi-Fix-invalid-use-of-BITS_PER_LONG-in-__s.patch @@ -0,0 +1,47 @@ +From 8eab168ae074431ddd05e6478582c4dbc0847c44 Mon Sep 17 00:00:00 2001 +From: Torsten Hilbrich <torsten.hilbrich@secunet.com> +Date: Wed, 12 Feb 2020 08:51:06 +0100 +Subject: [PATCH] include/uapi: Fix invalid use of BITS_PER_LONG in __swab +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +This caused compile problems in user-space application using that +header. Seen with systemd: + +In file included from /build/client/devel/kernel/_/usr/include/linux/byteorder/little_endian.h:13, + from /build/client/devel/kernel/_/usr/include/asm/byteorder.h: , + from /build/client/devel/kernel/_/usr/include/linux/icmpv6.h:6, + from ../src/network/networkd-route.c:3: +/build/client/devel/kernel/_/usr/include/linux/swab.h: In function ‘__swab’: +/build/client/devel/kernel/_/usr/include/linux/swab.h:138:5: error: "BITS_PER_LONG" is not defined, evaluates to 0 [-Werror=undef] + #if BITS_PER_LONG == 64 + ^~~~~~~~~~~~~ +cc1: some warnings being treated as errors +[181/1207] Generating sys with a custom command. +ninja: build stopped: subcommand failed. + +Signed-off-by: Torsten Hilbrich <torsten.hilbrich@secunet.com> +--- + include/uapi/linux/swab.h | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/include/uapi/linux/swab.h b/include/uapi/linux/swab.h +index fa7f97da5b76..7272f85d6d6a 100644 +--- a/include/uapi/linux/swab.h ++++ b/include/uapi/linux/swab.h +@@ -135,9 +135,9 @@ static inline __attribute_const__ __u32 __fswahb32(__u32 val) + + static __always_inline unsigned long __swab(const unsigned long y) + { +-#if BITS_PER_LONG == 64 ++#if __BITS_PER_LONG == 64 + return __swab64(y); +-#else /* BITS_PER_LONG == 32 */ ++#else /* __BITS_PER_LONG == 32 */ + return __swab32(y); + #endif + } +-- +2.24.1 + diff --git a/0001-mm-Avoid-creating-virtual-address-aliases-in-brk-mma.patch b/0001-mm-Avoid-creating-virtual-address-aliases-in-brk-mma.patch new file mode 100644 index 000000000..6f3bd3c72 --- /dev/null +++ b/0001-mm-Avoid-creating-virtual-address-aliases-in-brk-mma.patch @@ -0,0 +1,95 @@ +From a34309d16f41c48ffd90e56a6f865d6a1a8c49f0 Mon Sep 17 00:00:00 2001 +From: Catalin Marinas <catalin.marinas@arm.com> +Date: Wed, 19 Feb 2020 12:31:56 +0000 +Subject: [PATCH] mm: Avoid creating virtual address aliases in + brk()/mmap()/mremap() + +Currently the arm64 kernel ignores the top address byte passed to brk(), +mmap() and mremap(). When the user is not aware of the 56-bit address +limit or relies on the kernel to return an error, untagging such +pointers has the potential to create address aliases in user-space. +Passing a tagged address to munmap(), madvise() is permitted since the +tagged pointer is expected to be inside an existing mapping. + +The current behaviour breaks the existing glibc malloc() implementation +which relies on brk() with an address beyond 56-bit to be rejected by +the kernel. + +Remove untagging in the above functions by partially reverting commit +ce18d171cb73 ("mm: untag user pointers in mmap/munmap/mremap/brk"). In +addition, update the arm64 tagged-address-abi.rst document accordingly. + +Link: https://bugzilla.redhat.com/1797052 +Fixes: ce18d171cb73 ("mm: untag user pointers in mmap/munmap/mremap/brk") +Cc: <stable@vger.kernel.org> # 5.4.x- +Cc: Andrew Morton <akpm@linux-foundation.org> +Cc: Florian Weimer <fweimer@redhat.com> +Reported-by: Victor Stinner <vstinner@redhat.com> +Acked-by: Will Deacon <will@kernel.org> +Acked-by: Andrey Konovalov <andreyknvl@google.com> +Signed-off-by: Catalin Marinas <catalin.marinas@arm.com> +--- + Documentation/arm64/tagged-address-abi.rst | 11 +++++++++-- + mm/mmap.c | 4 ---- + mm/mremap.c | 1 - + 3 files changed, 9 insertions(+), 7 deletions(-) + +diff --git a/Documentation/arm64/tagged-address-abi.rst b/Documentation/arm64/tagged-address-abi.rst +index d4a85d535bf9..f6289116893c 100644 +--- a/Documentation/arm64/tagged-address-abi.rst ++++ b/Documentation/arm64/tagged-address-abi.rst +@@ -44,8 +44,15 @@ The AArch64 Tagged Address ABI has two stages of relaxation depending + how the user addresses are used by the kernel: + + 1. User addresses not accessed by the kernel but used for address space +- management (e.g. ``mmap()``, ``mprotect()``, ``madvise()``). The use +- of valid tagged pointers in this context is always allowed. ++ management (e.g. ``mprotect()``, ``madvise()``). The use of valid ++ tagged pointers in this context is allowed with the exception of ++ ``brk()``, ``mmap()`` and the ``new_address`` argument to ++ ``mremap()`` as these have the potential of aliasing with existing ++ user addresses. ++ ++ NOTE: This behaviour changed in v5.6 and so some earlier kernels may ++ incorrectly accept valid tagged pointers for the ``brk()``, ++ ``mmap()`` and ``mremap()`` system calls. + + 2. User addresses accessed by the kernel (e.g. ``write()``). This ABI + relaxation is disabled by default and the application thread needs to +diff --git a/mm/mmap.c b/mm/mmap.c +index 4390dbea4aa5..514cc19c5916 100644 +--- a/mm/mmap.c ++++ b/mm/mmap.c +@@ -195,8 +195,6 @@ SYSCALL_DEFINE1(brk, unsigned long, brk) + bool downgraded = false; + LIST_HEAD(uf); + +- brk = untagged_addr(brk); +- + if (down_write_killable(&mm->mmap_sem)) + return -EINTR; + +@@ -1583,8 +1581,6 @@ unsigned long ksys_mmap_pgoff(unsigned long addr, unsigned long len, + struct file *file = NULL; + unsigned long retval; + +- addr = untagged_addr(addr); +- + if (!(flags & MAP_ANONYMOUS)) { + audit_mmap_fd(fd, flags); + file = fget(fd); +diff --git a/mm/mremap.c b/mm/mremap.c +index 1fc8a29fbe3f..1d98281f7204 100644 +--- a/mm/mremap.c ++++ b/mm/mremap.c +@@ -607,7 +607,6 @@ SYSCALL_DEFINE5(mremap, unsigned long, addr, unsigned long, old_len, + LIST_HEAD(uf_unmap); + + addr = untagged_addr(addr); +- new_addr = untagged_addr(new_addr); + + if (flags & ~(MREMAP_FIXED | MREMAP_MAYMOVE)) + return ret; +-- +2.24.1 + @@ -1 +1 @@ -b1da3acc781ce445445d959b41064d209a27bc2d +ca7e1fd1026c5af6a533b4b5447e1d2f153e28f2 diff --git a/kernel.spec b/kernel.spec index b316cd796..90441f786 100644 --- a/kernel.spec +++ b/kernel.spec @@ -115,7 +115,7 @@ Summary: The Linux kernel # The rc snapshot level %global rcrev 2 # The git snapshot level -%define gitrev 1 +%define gitrev 3 # Set rpm version accordingly %define rpmversion 5.%{upstream_sublevel}.0 %endif @@ -885,6 +885,11 @@ Patch529: 0001-Include-kvm_asm.h-and-kvm_arm.h-in-kvm-arm-trace.h.patch Patch530: 0001-Replace-.ioctl-with-.compat_ioctl-in-three-appropria.patch +Patch531: 0001-mm-Avoid-creating-virtual-address-aliases-in-brk-mma.patch + +# https://bugzilla.redhat.com/show_bug.cgi?id=1804330 +Patch532: 0001-include-uapi-Fix-invalid-use-of-BITS_PER_LONG-in-__s.patch + # END OF PATCH DEFINITIONS %endif @@ -2917,6 +2922,15 @@ fi # # %changelog +* Fri Feb 21 2020 Jeremy Cline <jcline@redhat.com> - 5.6.0-0.rc2.git3.1 +- Linux v5.6-rc2-55-gca7e1fd1026c + +* Wed Feb 19 2020 Jeremy Cline <jcline@redhat.com> +- Pick up a uapi fix for qemu (rhbz 1804330) + +* Wed Feb 19 2020 Jeremy Cline <jcline@redhat.com> - 5.6.0-0.rc2.git2.1 +- Linux v5.6-rc2-47-g4b205766d8fc + * Tue Feb 18 2020 Jeremy Cline <jcline@redhat.com> - 5.6.0-0.rc2.git1.1 - Linux v5.6-rc2-8-gb1da3acc781c - Enable CONFIG_INET_ESPINTCP (rhbz 1804255) @@ -1,3 +1,3 @@ SHA512 (linux-5.5.tar.xz) = fa74fdabb5e63384a39e54da05b86a9ae9ea16179524b041fbbdffc7177e80b53600ae98d76be127ba216148f9dc55fe07ab20637e22c6d6030cb4aa09eb2f86 SHA512 (patch-5.6-rc2.xz) = b49dfa43e7dcdf90bd68e582eb676f3cac53f7212d8abde6e41e18f8bd0eecc3ae2384639f8aaef8925c8e4385e75b0b49ec54e5bcfc23dec5fe2169cbce1af2 -SHA512 (patch-5.6-rc2-git1.xz) = ead71bb0efb09750beee0d3880571673f5d9063909aec055f8ab9158142ea2764d7faf421290090bdc2f7304375d08cd98d930be7db6ebff12569d0ec73495d4 +SHA512 (patch-5.6-rc2-git3.xz) = 78d5d74a3819453bc84cec371eafdf4cc0bba2e097c686b5e8f546fb5f29917daf64a4fb61fc615f60d1c56da96d54dd2f5663046d339cf5ebddafbc831188e9 |