Linux v3.14-12812-g321d03c86732

This commit is contained in:
Josh Boyer 2014-04-13 16:50:45 -04:00
parent ba7f853382
commit 751ca08206
8 changed files with 7 additions and 347 deletions

View File

@ -1,43 +0,0 @@
From 396f1a08db212138418b38f784e4bbe516d2fdb2 Mon Sep 17 00:00:00 2001
From: Matt Fleming <matt.fleming@intel.com>
Date: Thu, 10 Apr 2014 13:30:13 +0100
Subject: [PATCH 1/3] x86/efi: Fix boot failure with EFI stub
commit 54b52d872680 ("x86/efi: Build our own EFI services pointer
table") introduced a regression because the 64-bit file_size()
implementation passed a pointer to a 32-bit data object, instead of a
pointer to a 64-bit object.
Because the firmware treats the object as 64-bits regardless it was
reading random values from the stack for the upper 32-bits.
This resulted in people being unable to boot their machines, after
seeing the following error messages,
Failed to get file info size
Failed to alloc highmem for files
Reported-by: Dzmitry Sledneu <dzmitry.sledneu@gmail.com>
Reported-by: Koen Kooi <koen@dominion.thruhere.net>
Tested-by: Koen Kooi <koen@dominion.thruhere.net>
Signed-off-by: Matt Fleming <matt.fleming@intel.com>
---
arch/x86/boot/compressed/eboot.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/arch/x86/boot/compressed/eboot.c b/arch/x86/boot/compressed/eboot.c
index 1e6146137f8e..280165524ee4 100644
--- a/arch/x86/boot/compressed/eboot.c
+++ b/arch/x86/boot/compressed/eboot.c
@@ -112,7 +112,7 @@ __file_size64(void *__fh, efi_char16_t *filename_16,
efi_file_info_t *info;
efi_status_t status;
efi_guid_t info_guid = EFI_FILE_INFO_ID;
- u32 info_sz;
+ u64 info_sz;
status = efi_early->call((unsigned long)fh->open, fh, &h, filename_16,
EFI_FILE_MODE_READ, (u64)0);
--
1.9.0

View File

@ -1,104 +0,0 @@
From 7e8213c1f3acc064aef37813a39f13cbfe7c3ce7 Mon Sep 17 00:00:00 2001
From: Matt Fleming <matt@console-pimps.org>
Date: Tue, 8 Apr 2014 13:14:00 +0100
Subject: [PATCH 2/3] x86/efi: Correct EFI boot stub use of code32_start
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
code32_start should point at the start of the protected mode code, and
*not* at the beginning of the bzImage. This is much easier to do in
assembly so document that callers of make_boot_params() need to fill out
code32_start.
The fallout from this bug is that we would end up relocating the image
but copying the image at some offset, resulting in what appeared to be
memory corruption.
Reported-by: Thomas Bächler <thomas@archlinux.org>
Signed-off-by: Matt Fleming <matt.fleming@intel.com>
---
arch/x86/boot/compressed/eboot.c | 5 +++--
arch/x86/boot/compressed/head_32.S | 8 ++------
arch/x86/boot/compressed/head_64.S | 9 +++------
3 files changed, 8 insertions(+), 14 deletions(-)
diff --git a/arch/x86/boot/compressed/eboot.c b/arch/x86/boot/compressed/eboot.c
index 280165524ee4..91d17007323b 100644
--- a/arch/x86/boot/compressed/eboot.c
+++ b/arch/x86/boot/compressed/eboot.c
@@ -1016,6 +1016,9 @@ void setup_graphics(struct boot_params *boot_params)
* Because the x86 boot code expects to be passed a boot_params we
* need to create one ourselves (usually the bootloader would create
* one for us).
+ *
+ * The caller is responsible for filling out ->code32_start in the
+ * returned boot_params.
*/
struct boot_params *make_boot_params(struct efi_config *c)
{
@@ -1081,8 +1084,6 @@ struct boot_params *make_boot_params(struct efi_config *c)
hdr->vid_mode = 0xffff;
hdr->boot_flag = 0xAA55;
- hdr->code32_start = (__u64)(unsigned long)image->image_base;
-
hdr->type_of_loader = 0x21;
/* Convert unicode cmdline to ascii */
diff --git a/arch/x86/boot/compressed/head_32.S b/arch/x86/boot/compressed/head_32.S
index de9d4200d305..cbed1407a5cd 100644
--- a/arch/x86/boot/compressed/head_32.S
+++ b/arch/x86/boot/compressed/head_32.S
@@ -59,6 +59,7 @@ ENTRY(efi_pe_entry)
call make_boot_params
cmpl $0, %eax
je fail
+ movl %esi, BP_code32_start(%eax)
popl %ecx
pushl %eax
pushl %ecx
@@ -90,12 +91,7 @@ fail:
hlt
jmp fail
2:
- call 3f
-3:
- popl %eax
- subl $3b, %eax
- subl BP_pref_address(%esi), %eax
- add BP_code32_start(%esi), %eax
+ movl BP_code32_start(%esi), %eax
leal preferred_addr(%eax), %eax
jmp *%eax
diff --git a/arch/x86/boot/compressed/head_64.S b/arch/x86/boot/compressed/head_64.S
index 57e58a5fa210..0d558ee899ae 100644
--- a/arch/x86/boot/compressed/head_64.S
+++ b/arch/x86/boot/compressed/head_64.S
@@ -261,6 +261,8 @@ ENTRY(efi_pe_entry)
cmpq $0,%rax
je fail
mov %rax, %rsi
+ leaq startup_32(%rip), %rax
+ movl %eax, BP_code32_start(%rsi)
jmp 2f /* Skip the relocation */
handover_entry:
@@ -284,12 +286,7 @@ fail:
hlt
jmp fail
2:
- call 3f
-3:
- popq %rax
- subq $3b, %rax
- subq BP_pref_address(%rsi), %rax
- add BP_code32_start(%esi), %eax
+ movl BP_code32_start(%esi), %eax
leaq preferred_addr(%rax), %rax
jmp *%rax
--
1.9.0

View File

@ -1,107 +0,0 @@
From 47514c996fac5e6f13ef3a4c5e23f1c5cffabb7b Mon Sep 17 00:00:00 2001
From: Matt Fleming <matt.fleming@intel.com>
Date: Thu, 10 Apr 2014 14:11:45 +0100
Subject: [PATCH 3/3] efi: Pass correct file handle to efi_file_{read,close}
We're currently passing the file handle for the root file system to
efi_file_read() and efi_file_close(), instead of the file handle for the
file we wish to read/close.
While this has worked up until now, it seems that it has only been by
pure luck. Olivier explains,
"The issue is the UEFI Fat driver might return the same function for
'fh->read()' and 'h->read()'. While in our case it does not work with
a different implementation of EFI_SIMPLE_FILE_SYSTEM_PROTOCOL. In our
case, we return a different pointer when reading a directory and
reading a file."
Fixing this actually clears up the two functions because we can drop one
of the arguments, and instead only pass a file 'handle' argument.
Reported-by: Olivier Martin <olivier.martin@arm.com>
Reviewed-by: Olivier Martin <olivier.martin@arm.com>
Reviewed-by: Mark Rutland <mark.rutland@arm.com>
Cc: Leif Lindholm <leif.lindholm@linaro.org>
Signed-off-by: Matt Fleming <matt.fleming@intel.com>
---
arch/x86/boot/compressed/eboot.c | 12 ++++++------
drivers/firmware/efi/efi-stub-helper.c | 6 +++---
2 files changed, 9 insertions(+), 9 deletions(-)
diff --git a/arch/x86/boot/compressed/eboot.c b/arch/x86/boot/compressed/eboot.c
index 91d17007323b..4703a6c4b8e3 100644
--- a/arch/x86/boot/compressed/eboot.c
+++ b/arch/x86/boot/compressed/eboot.c
@@ -167,31 +167,31 @@ efi_file_size(efi_system_table_t *sys_table, void *__fh,
}
static inline efi_status_t
-efi_file_read(void *__fh, void *handle, unsigned long *size, void *addr)
+efi_file_read(void *handle, unsigned long *size, void *addr)
{
unsigned long func;
if (efi_early->is64) {
- efi_file_handle_64_t *fh = __fh;
+ efi_file_handle_64_t *fh = handle;
func = (unsigned long)fh->read;
return efi_early->call(func, handle, size, addr);
} else {
- efi_file_handle_32_t *fh = __fh;
+ efi_file_handle_32_t *fh = handle;
func = (unsigned long)fh->read;
return efi_early->call(func, handle, size, addr);
}
}
-static inline efi_status_t efi_file_close(void *__fh, void *handle)
+static inline efi_status_t efi_file_close(void *handle)
{
if (efi_early->is64) {
- efi_file_handle_64_t *fh = __fh;
+ efi_file_handle_64_t *fh = handle;
return efi_early->call((unsigned long)fh->close, handle);
} else {
- efi_file_handle_32_t *fh = __fh;
+ efi_file_handle_32_t *fh = handle;
return efi_early->call((unsigned long)fh->close, handle);
}
diff --git a/drivers/firmware/efi/efi-stub-helper.c b/drivers/firmware/efi/efi-stub-helper.c
index ff50aeebf0d9..2c41eaece2c1 100644
--- a/drivers/firmware/efi/efi-stub-helper.c
+++ b/drivers/firmware/efi/efi-stub-helper.c
@@ -397,7 +397,7 @@ static efi_status_t handle_cmdline_files(efi_system_table_t *sys_table_arg,
else
chunksize = size;
- status = efi_file_read(fh, files[j].handle,
+ status = efi_file_read(files[j].handle,
&chunksize,
(void *)addr);
if (status != EFI_SUCCESS) {
@@ -408,7 +408,7 @@ static efi_status_t handle_cmdline_files(efi_system_table_t *sys_table_arg,
size -= chunksize;
}
- efi_file_close(fh, files[j].handle);
+ efi_file_close(files[j].handle);
}
}
@@ -425,7 +425,7 @@ free_file_total:
close_handles:
for (k = j; k < i; k++)
- efi_file_close(fh, files[k].handle);
+ efi_file_close(files[k].handle);
free_files:
efi_call_early(free_pool, files);
fail:
--
1.9.0

View File

@ -1,79 +0,0 @@
From patchwork Wed Mar 26 18:11:26 2014
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Subject: btrfs: fix lockdep warning with reclaim lock inversion
From: Jeff Mahoney <jeffm@suse.com>
X-Patchwork-Id: 3894781
Message-Id: <5333184E.3090609@suse.com>
To: linux-btrfs <linux-btrfs@vger.kernel.org>
Date: Wed, 26 Mar 2014 14:11:26 -0400
When encountering memory pressure, testers have run into the following
lockdep warning. It was caused by __link_block_group calling kobject_add
with the groups_sem held. kobject_add calls kvasprintf with GFP_KERNEL,
which gets us into reclaim context. The kobject doesn't actually need
to be added under the lock -- it just needs to ensure that it's only
added for the first block group to be linked.
=========================================================
[ INFO: possible irq lock inversion dependency detected ]
3.14.0-rc8-default #1 Not tainted
---------------------------------------------------------
kswapd0/169 just changed the state of lock:
(&delayed_node->mutex){+.+.-.}, at: [<ffffffffa018baea>] __btrfs_release_delayed_node+0x3a/0x200 [btrfs]
but this lock took another, RECLAIM_FS-unsafe lock in the past:
(&found->groups_sem){+++++.}
and interrupts could create inverse lock ordering between them.
other info that might help us debug this:
Possible interrupt unsafe locking scenario:
CPU0 CPU1
---- ----
lock(&found->groups_sem);
local_irq_disable();
lock(&delayed_node->mutex);
lock(&found->groups_sem);
<Interrupt>
lock(&delayed_node->mutex);
*** DEADLOCK ***
2 locks held by kswapd0/169:
#0: (shrinker_rwsem){++++..}, at: [<ffffffff81159e8a>] shrink_slab+0x3a/0x160
#1: (&type->s_umount_key#27){++++..}, at: [<ffffffff811bac6f>] grab_super_passive+0x3f/0x90
Signed-off-by: Jeff Mahoney <jeffm@suse.com>
---
fs/btrfs/extent-tree.c | 10 +++++++---
1 file changed, 7 insertions(+), 3 deletions(-)
--- a/fs/btrfs/extent-tree.c
+++ b/fs/btrfs/extent-tree.c
@@ -8343,9 +8343,15 @@ static void __link_block_group(struct bt
struct btrfs_block_group_cache *cache)
{
int index = get_block_group_index(cache);
+ bool first = false;
down_write(&space_info->groups_sem);
- if (list_empty(&space_info->block_groups[index])) {
+ if (list_empty(&space_info->block_groups[index]))
+ first = true;
+ list_add_tail(&cache->list, &space_info->block_groups[index]);
+ up_write(&space_info->groups_sem);
+
+ if (first) {
struct kobject *kobj = &space_info->block_group_kobjs[index];
int ret;
@@ -8357,8 +8363,6 @@ static void __link_block_group(struct bt
kobject_put(&space_info->kobj);
}
}
- list_add_tail(&cache->list, &space_info->block_groups[index]);
- up_write(&space_info->groups_sem);
}
static struct btrfs_block_group_cache *

View File

@ -16,6 +16,7 @@ CONFIG_POWERNV_MSI=y
CONFIG_PPC_POWERNV_RTAS=y
CONFIG_SENSORS_IBMPOWERNV=y
CONFIG_HW_RANDOM_POWERNV=m
CONFIG_POWERNV_CPUFREQ=m
CONFIG_SCOM_DEBUGFS=y
# CONFIG_PPC_PASEMI is not set
# CONFIG_PPC_PASEMI_IOMMU_DMA_FORCE is not set

View File

@ -12,6 +12,7 @@ CONFIG_POWERNV_MSI=y
CONFIG_PPC_POWERNV_RTAS=y
CONFIG_HW_RANDOM_POWERNV=m
CONFIG_SENSORS_IBMPOWERNV=y
CONFIG_POWERNV_CPUFREQ=m
CONFIG_SCOM_DEBUGFS=y
# CONFIG_PPC_PASEMI is not set
# CONFIG_PPC_PASEMI_IOMMU_DMA_FORCE is not set

View File

@ -61,7 +61,7 @@ Summary: The Linux kernel
# The rc snapshot level
%define rcrev 0
# The git snapshot level
%define gitrev 12
%define gitrev 13
# Set rpm version accordingly
%define rpmversion 3.%{upstream_sublevel}.0
%endif
@ -628,7 +628,6 @@ Patch22000: weird-root-dentry-name-debug.patch
Patch25047: drm-radeon-Disable-writeback-by-default-on-ppc.patch
Patch25058: net-cpts-Add-includes-for-ETH_HLEN-and-VLAN_HLEN-def.patch
Patch25059: btrfs-fix-lockdep-warning-with-reclaim-lock-inversion.patch
Patch25061: gpio-ACPI-Dont-crash-on-NULL-chip-dev.patch
#CVE-2014-0155 rhbz 1081589 1085016
@ -637,11 +636,6 @@ Patch25060: KVM-ioapic-fix-assignment-of-ioapic-rtc_status-pending_eoi.patch
#rhbz 1048314
Patch25062: 0001-HID-rmi-introduce-RMI-driver-for-Synaptics-touchpads.patch
#rhbz 1085349
Patch25063: 0001-x86-efi-Fix-boot-failure-with-EFI-stub.patch
Patch25064: 0002-x86-efi-Correct-EFI-boot-stub-use-of-code32_start.patch
Patch25065: 0003-efi-Pass-correct-file-handle-to-efi_file_-read-close.patch
# END OF PATCH DEFINITIONS
%endif
@ -1279,7 +1273,6 @@ ApplyPatch ath9k_rx_dma_stop_check.patch
ApplyPatch drm-radeon-Disable-writeback-by-default-on-ppc.patch
ApplyPatch net-cpts-Add-includes-for-ETH_HLEN-and-VLAN_HLEN-def.patch
ApplyPatch btrfs-fix-lockdep-warning-with-reclaim-lock-inversion.patch
ApplyPatch gpio-ACPI-Dont-crash-on-NULL-chip-dev.patch
#CVE-2014-0155 rhbz 1081589 1085016
@ -1288,11 +1281,6 @@ ApplyPatch KVM-ioapic-fix-assignment-of-ioapic-rtc_status-pending_eoi.patch
#rhbz 1048314
ApplyPatch 0001-HID-rmi-introduce-RMI-driver-for-Synaptics-touchpads.patch
#rhbz 1085349
ApplyPatch 0001-x86-efi-Fix-boot-failure-with-EFI-stub.patch
ApplyPatch 0002-x86-efi-Correct-EFI-boot-stub-use-of-code32_start.patch
ApplyPatch 0003-efi-Pass-correct-file-handle-to-efi_file_-read-close.patch
# END OF PATCH APPLICATIONS
%endif
@ -2072,6 +2060,9 @@ fi
# ||----w |
# || ||
%changelog
* Sun Apr 13 2014 Josh Boyer <jwboyer@fedoraproject.org> - 3.15.0-0.rc0.git13.1
- Linux v3.14-12812-g321d03c86732
* Fri Apr 11 2014 Josh Boyer <jwboyer@fedoraproject.org> - 3.15.0-0.rc0.git12.1
- Linux v3.14-12380-g9e897e13bd46
- Add queued urgent efi fixes (rhbz 1085349)

View File

@ -1,3 +1,3 @@
b621207b3f6ecbb67db18b13258f8ea8 linux-3.14.tar.xz
d36baf2d62de5aa61f10a976d00d2d2a perf-man-3.14.tar.gz
8dbc7d3d2602f2fa58571cd1626f21b8 patch-3.14-git12.xz
6e344ea5434bd203d95970ca30258570 patch-3.14-git13.xz