Linux v4.0-rc1-178-g023a6007a08d
This commit is contained in:
Josh Boyer
parent
2939fc47bc
commit
3b35d75b8c
@ -1,68 +0,0 @@
|
||||
From a79ebe4eb65331733803df4a7fd634d3b709af7b Mon Sep 17 00:00:00 2001
|
||||
From: Marc Zyngier <marc.zyngier@arm.com>
|
||||
Date: Tue, 24 Feb 2015 16:30:21 +0000
|
||||
Subject: [PATCH] arm64: Fix text patching logic when using fixmap
|
||||
|
||||
Patch 2f896d586610 ("arm64: use fixmap for text patching") changed
|
||||
the way we patch the kernel text, using a fixmap when the kernel or
|
||||
modules are flagged as read only.
|
||||
|
||||
Unfortunately, a flaw in the logic makes it fall over when patching
|
||||
modules without CONFIG_DEBUG_SET_MODULE_RONX enabled:
|
||||
|
||||
[...]
|
||||
[ 32.032636] Call trace:
|
||||
[ 32.032716] [<fffffe00003da0dc>] __copy_to_user+0x2c/0x60
|
||||
[ 32.032837] [<fffffe0000099f08>] __aarch64_insn_write+0x94/0xf8
|
||||
[ 32.033027] [<fffffe000009a0a0>] aarch64_insn_patch_text_nosync+0x18/0x58
|
||||
[ 32.033200] [<fffffe000009c3ec>] ftrace_modify_code+0x58/0x84
|
||||
[ 32.033363] [<fffffe000009c4e4>] ftrace_make_nop+0x3c/0x58
|
||||
[ 32.033532] [<fffffe0000164420>] ftrace_process_locs+0x3d0/0x5c8
|
||||
[ 32.033709] [<fffffe00001661cc>] ftrace_module_init+0x28/0x34
|
||||
[ 32.033882] [<fffffe0000135148>] load_module+0xbb8/0xfc4
|
||||
[ 32.034044] [<fffffe0000135714>] SyS_finit_module+0x94/0xc4
|
||||
[...]
|
||||
|
||||
This is triggered by the use of virt_to_page() on a module address,
|
||||
which ends to pointing to Nowhereland if you're lucky, or corrupt
|
||||
your precious data if not.
|
||||
|
||||
This patch fixes the logic by mimicking what is done on arm:
|
||||
- If we're patching a module and CONFIG_DEBUG_SET_MODULE_RONX is set,
|
||||
use vmalloc_to_page().
|
||||
- If we're patching the kernel and CONFIG_DEBUG_RODATA is set,
|
||||
use virt_to_page().
|
||||
- Otherwise, use the provided address, as we can write to it directly.
|
||||
|
||||
Tested on 4.0-rc1 as a KVM guest.
|
||||
|
||||
Reported-by: Richard W.M. Jones <rjones@redhat.com>
|
||||
Cc: Kees Cook <keescook@chromium.org>
|
||||
Cc: Mark Rutland <mark.rutland@arm.com>
|
||||
Cc: Laura Abbott <lauraa@codeaurora.org>
|
||||
Cc: Catalin Marinas <catalin.marinas@arm.com>
|
||||
Cc: Will Deacon <will.deacon@arm.com>
|
||||
Signed-off-by: Marc Zyngier <marc.zyngier@arm.com>
|
||||
---
|
||||
arch/arm64/kernel/insn.c | 4 +++-
|
||||
1 file changed, 3 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/arch/arm64/kernel/insn.c b/arch/arm64/kernel/insn.c
|
||||
index 27d4864..c8eca88 100644
|
||||
--- a/arch/arm64/kernel/insn.c
|
||||
+++ b/arch/arm64/kernel/insn.c
|
||||
@@ -87,8 +87,10 @@ static void __kprobes *patch_map(void *addr, int fixmap)
|
||||
|
||||
if (module && IS_ENABLED(CONFIG_DEBUG_SET_MODULE_RONX))
|
||||
page = vmalloc_to_page(addr);
|
||||
- else
|
||||
+ else if (!module && IS_ENABLED(CONFIG_DEBUG_RODATA))
|
||||
page = virt_to_page(addr);
|
||||
+ else
|
||||
+ return addr;
|
||||
|
||||
BUG_ON(!page);
|
||||
set_fixmap(fixmap, page_to_phys(page));
|
||||
--
|
||||
2.3.0
|
||||
|
||||
@ -9,7 +9,7 @@ Signed-off-by: Robert Nelson <robertcnelson@gmail.com>
|
||||
1 file changed, 21 insertions(+)
|
||||
|
||||
diff --git a/arch/arm/boot/dts/am335x-bone-common.dtsi b/arch/arm/boot/dts/am335x-bone-common.dtsi
|
||||
index 4991a1664773..096ddbe4c4b3 100644
|
||||
index db880bf46135..c931ec7201c0 100644
|
||||
--- a/arch/arm/boot/dts/am335x-bone-common.dtsi
|
||||
+++ b/arch/arm/boot/dts/am335x-bone-common.dtsi
|
||||
@@ -102,6 +102,27 @@
|
||||
|
||||
@ -8,7 +8,7 @@ Signed-off-by: Robert Nelson <robertcnelson@gmail.com>
|
||||
1 file changed, 39 insertions(+)
|
||||
|
||||
diff --git a/arch/arm/boot/dts/am335x-bone-common.dtsi b/arch/arm/boot/dts/am335x-bone-common.dtsi
|
||||
index 6cc25ed912ee..754b96c5dbb1 100644
|
||||
index 2c6248d9a9ef..ec755eeb78ee 100644
|
||||
--- a/arch/arm/boot/dts/am335x-bone-common.dtsi
|
||||
+++ b/arch/arm/boot/dts/am335x-bone-common.dtsi
|
||||
@@ -81,6 +81,13 @@
|
||||
@ -25,7 +25,7 @@ index 6cc25ed912ee..754b96c5dbb1 100644
|
||||
uart0_pins: pinmux_uart0_pins {
|
||||
pinctrl-single,pins = <
|
||||
0x170 (PIN_INPUT_PULLUP | MUX_MODE0) /* uart0_rxd.uart0_rxd */
|
||||
@@ -217,6 +224,38 @@
|
||||
@@ -218,6 +225,38 @@
|
||||
reg = <0x24>;
|
||||
};
|
||||
|
||||
|
||||
@ -9,7 +9,7 @@ Signed-off-by: Robert Nelson <robertcnelson@gmail.com>
|
||||
1 file changed, 130 insertions(+)
|
||||
|
||||
diff --git a/arch/arm/boot/dts/am335x-bone-common.dtsi b/arch/arm/boot/dts/am335x-bone-common.dtsi
|
||||
index 754b96c5dbb1..4991a1664773 100644
|
||||
index ec755eeb78ee..db880bf46135 100644
|
||||
--- a/arch/arm/boot/dts/am335x-bone-common.dtsi
|
||||
+++ b/arch/arm/boot/dts/am335x-bone-common.dtsi
|
||||
@@ -95,6 +95,13 @@
|
||||
@ -74,7 +74,7 @@ index 754b96c5dbb1..4991a1664773 100644
|
||||
&usb {
|
||||
status = "okay";
|
||||
};
|
||||
@@ -258,6 +299,56 @@
|
||||
@@ -259,6 +300,56 @@
|
||||
};
|
||||
};
|
||||
|
||||
@ -131,7 +131,7 @@ index 754b96c5dbb1..4991a1664773 100644
|
||||
/include/ "tps65217.dtsi"
|
||||
|
||||
&tps {
|
||||
@@ -339,3 +430,42 @@
|
||||
@@ -340,3 +431,42 @@
|
||||
cd-gpios = <&gpio0 6 GPIO_ACTIVE_HIGH>;
|
||||
cd-inverted;
|
||||
};
|
||||
|
||||
@ -14,10 +14,10 @@ Upstream-status: http://lists.freedesktop.org/archives/intel-gfx/2013-November/0
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/drivers/gpu/drm/i915/intel_display.c b/drivers/gpu/drm/i915/intel_display.c
|
||||
index 3d220a67f865..8e18e0575d52 100644
|
||||
index 3117679299a6..ff781dc0535a 100644
|
||||
--- a/drivers/gpu/drm/i915/intel_display.c
|
||||
+++ b/drivers/gpu/drm/i915/intel_display.c
|
||||
@@ -10870,7 +10870,7 @@ check_crtc_state(struct drm_device *dev)
|
||||
@@ -10885,7 +10885,7 @@ check_crtc_state(struct drm_device *dev)
|
||||
|
||||
if (active &&
|
||||
!intel_pipe_config_compare(dev, crtc->config, &pipe_config)) {
|
||||
|
||||
16
kernel.spec
16
kernel.spec
@ -70,7 +70,7 @@ Summary: The Linux kernel
|
||||
# The rc snapshot level
|
||||
%define rcrev 1
|
||||
# The git snapshot level
|
||||
%define gitrev 2
|
||||
%define gitrev 3
|
||||
# Set rpm version accordingly
|
||||
%define rpmversion 4.%{upstream_sublevel}.0
|
||||
%endif
|
||||
@ -613,8 +613,6 @@ Patch26059: i8042-Add-notimeout-quirk-for-Fujitsu-Lifebook-A544-.patch
|
||||
#rhbz 1094948
|
||||
Patch26131: acpi-video-Add-disable_native_backlight-quirk-for-Sa.patch
|
||||
|
||||
Patch26134: perf-tools-Define-_GNU_SOURCE-on-pthread_attr_setaff.patch
|
||||
|
||||
Patch26137: fifo-nv04-remove-the-loop-from-the-interrupt-handler.patch
|
||||
|
||||
#CVE-2015-0275 rhbz 1193907 1195178
|
||||
@ -633,9 +631,6 @@ Patch26141: NFS-fix-clp-cl_revoked-list-deletion-causing-softloc.patch
|
||||
Patch30000: kernel-arm64.patch
|
||||
Patch30001: kernel-arm64-fix-psci-when-pg.patch
|
||||
|
||||
# Not yet upstream, for https://bugzilla.redhat.com/show_bug.cgi?id=1194366#c12
|
||||
Patch30002: 0001-arm64-Fix-text-patching-logic-when-using-fixmap.patch
|
||||
|
||||
# END OF PATCH DEFINITIONS
|
||||
|
||||
%endif
|
||||
@ -1351,8 +1346,6 @@ ApplyPatch i8042-Add-notimeout-quirk-for-Fujitsu-Lifebook-A544-.patch
|
||||
#rhbz 1094948
|
||||
ApplyPatch acpi-video-Add-disable_native_backlight-quirk-for-Sa.patch
|
||||
|
||||
ApplyPatch perf-tools-Define-_GNU_SOURCE-on-pthread_attr_setaff.patch
|
||||
|
||||
ApplyPatch fifo-nv04-remove-the-loop-from-the-interrupt-handler.patch
|
||||
|
||||
#CVE-2015-0275 rhbz 1193907 1195178
|
||||
@ -1373,9 +1366,7 @@ ApplyPatch kernel-arm64.patch
|
||||
ApplyPatch kernel-arm64.patch -R
|
||||
%endif
|
||||
%endif
|
||||
ApplyPatch kernel-arm64-fix-psci-when-pg.patch
|
||||
# Not yet upstream, for https://bugzilla.redhat.com/show_bug.cgi?id=1194366#c12
|
||||
ApplyPatch 0001-arm64-Fix-text-patching-logic-when-using-fixmap.patch
|
||||
# pplyPatch kernel-arm64-fix-psci-when-pg.patch
|
||||
|
||||
# END OF PATCH APPLICATIONS
|
||||
|
||||
@ -2227,6 +2218,9 @@ fi
|
||||
#
|
||||
#
|
||||
%changelog
|
||||
* Tue Mar 03 2015 Josh Boyer <jwboyer@fedoraproject.org> - 4.0.0-0.rc1.git3.1
|
||||
- Linux v4.0-rc1-178-g023a6007a08d
|
||||
|
||||
* Mon Mar 02 2015 Josh Boyer <jwboyer@fedoraproject.org>
|
||||
- Add patch to fix nfsd soft lockup (rhbz 1185519)
|
||||
- Enable ET131X driver (rhbz 1197842)
|
||||
|
||||
@ -1,30 +0,0 @@
|
||||
From: Josh Boyer <jwboyer@fedoraproject.org>
|
||||
Date: Wed, 11 Feb 2015 10:30:58 -0500
|
||||
Subject: [PATCH] perf tools: Define _GNU_SOURCE on pthread_attr_setaffinity_np
|
||||
feature check
|
||||
|
||||
The man page for pthread_attr_set_affinity_np states that _GNU_SOURCE must
|
||||
be defined before pthread.h is included in order to get the proper function
|
||||
declaration. Define this in the Makefile.
|
||||
|
||||
Signed-off-by: Josh Boyer <jwboyer@fedoraproject.org>
|
||||
---
|
||||
tools/perf/config/feature-checks/Makefile | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/tools/perf/config/feature-checks/Makefile b/tools/perf/config/feature-checks/Makefile
|
||||
index 42ac05aaf8ac..b32ff3372514 100644
|
||||
--- a/tools/perf/config/feature-checks/Makefile
|
||||
+++ b/tools/perf/config/feature-checks/Makefile
|
||||
@@ -49,7 +49,7 @@ test-hello.bin:
|
||||
$(BUILD)
|
||||
|
||||
test-pthread-attr-setaffinity-np.bin:
|
||||
- $(BUILD) -Werror -lpthread
|
||||
+ $(BUILD) -D_GNU_SOURCE -Werror -lpthread
|
||||
|
||||
test-stackprotector-all.bin:
|
||||
$(BUILD) -Werror -fstack-protector-all
|
||||
--
|
||||
2.1.0
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user