| 1 |
commit: b1527d2ab69f961e9d3ddd25f7374ddc16162bcd |
| 2 |
Author: Mike Pagano <mpagano <AT> gentoo <DOT> org> |
| 3 |
AuthorDate: Fri Nov 23 12:47:52 2018 +0000 |
| 4 |
Commit: Mike Pagano <mpagano <AT> gentoo <DOT> org> |
| 5 |
CommitDate: Fri Nov 23 12:47:52 2018 +0000 |
| 6 |
URL: https://gitweb.gentoo.org/proj/linux-patches.git/commit/?id=b1527d2a |
| 7 |
|
| 8 |
proj/linux-patches: Linux patch 4.9.140 |
| 9 |
|
| 10 |
Signed-off-by: Mike Pagano <mpagano <AT> gentoo.org> |
| 11 |
|
| 12 |
0000_README | 4 + |
| 13 |
1139_linux-4.9.140.patch | 192 +++++++++++++++++++++++++++++++++++++++++++++++ |
| 14 |
2 files changed, 196 insertions(+) |
| 15 |
|
| 16 |
diff --git a/0000_README b/0000_README |
| 17 |
index 56d5a98..316dfbb 100644 |
| 18 |
--- a/0000_README |
| 19 |
+++ b/0000_README |
| 20 |
@@ -599,6 +599,10 @@ Patch: 1138_linux-4.9.139.patch |
| 21 |
From: http://www.kernel.org |
| 22 |
Desc: Linux 4.9.139 |
| 23 |
|
| 24 |
+Patch: 1139_linux-4.9.140.patch |
| 25 |
+From: http://www.kernel.org |
| 26 |
+Desc: Linux 4.9.140 |
| 27 |
+ |
| 28 |
Patch: 1500_XATTR_USER_PREFIX.patch |
| 29 |
From: https://bugs.gentoo.org/show_bug.cgi?id=470644 |
| 30 |
Desc: Support for namespace user.pax.* on tmpfs. |
| 31 |
|
| 32 |
diff --git a/1139_linux-4.9.140.patch b/1139_linux-4.9.140.patch |
| 33 |
new file mode 100644 |
| 34 |
index 0000000..623b8ab |
| 35 |
--- /dev/null |
| 36 |
+++ b/1139_linux-4.9.140.patch |
| 37 |
@@ -0,0 +1,192 @@ |
| 38 |
+diff --git a/Makefile b/Makefile |
| 39 |
+index a6959d96316d..a9aed2326233 100644 |
| 40 |
+--- a/Makefile |
| 41 |
++++ b/Makefile |
| 42 |
+@@ -1,6 +1,6 @@ |
| 43 |
+ VERSION = 4 |
| 44 |
+ PATCHLEVEL = 9 |
| 45 |
+-SUBLEVEL = 139 |
| 46 |
++SUBLEVEL = 140 |
| 47 |
+ EXTRAVERSION = |
| 48 |
+ NAME = Roaring Lionus |
| 49 |
+ |
| 50 |
+diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c |
| 51 |
+index 647a702c29dc..6221166e3fca 100644 |
| 52 |
+--- a/arch/x86/kernel/cpu/bugs.c |
| 53 |
++++ b/arch/x86/kernel/cpu/bugs.c |
| 54 |
+@@ -33,10 +33,12 @@ static void __init spectre_v2_select_mitigation(void); |
| 55 |
+ static void __init ssb_select_mitigation(void); |
| 56 |
+ static void __init l1tf_select_mitigation(void); |
| 57 |
+ |
| 58 |
+-/* The base value of the SPEC_CTRL MSR that always has to be preserved. */ |
| 59 |
+-u64 x86_spec_ctrl_base; |
| 60 |
++/* |
| 61 |
++ * Our boot-time value of the SPEC_CTRL MSR. We read it once so that any |
| 62 |
++ * writes to SPEC_CTRL contain whatever reserved bits have been set. |
| 63 |
++ */ |
| 64 |
++u64 __ro_after_init x86_spec_ctrl_base; |
| 65 |
+ EXPORT_SYMBOL_GPL(x86_spec_ctrl_base); |
| 66 |
+-static DEFINE_MUTEX(spec_ctrl_mutex); |
| 67 |
+ |
| 68 |
+ /* |
| 69 |
+ * The vendor and possibly platform specific bits which can be modified in |
| 70 |
+@@ -320,46 +322,6 @@ static enum spectre_v2_mitigation_cmd __init spectre_v2_parse_cmdline(void) |
| 71 |
+ return cmd; |
| 72 |
+ } |
| 73 |
+ |
| 74 |
+-static bool stibp_needed(void) |
| 75 |
+-{ |
| 76 |
+- if (spectre_v2_enabled == SPECTRE_V2_NONE) |
| 77 |
+- return false; |
| 78 |
+- |
| 79 |
+- if (!boot_cpu_has(X86_FEATURE_STIBP)) |
| 80 |
+- return false; |
| 81 |
+- |
| 82 |
+- return true; |
| 83 |
+-} |
| 84 |
+- |
| 85 |
+-static void update_stibp_msr(void *info) |
| 86 |
+-{ |
| 87 |
+- wrmsrl(MSR_IA32_SPEC_CTRL, x86_spec_ctrl_base); |
| 88 |
+-} |
| 89 |
+- |
| 90 |
+-void arch_smt_update(void) |
| 91 |
+-{ |
| 92 |
+- u64 mask; |
| 93 |
+- |
| 94 |
+- if (!stibp_needed()) |
| 95 |
+- return; |
| 96 |
+- |
| 97 |
+- mutex_lock(&spec_ctrl_mutex); |
| 98 |
+- mask = x86_spec_ctrl_base; |
| 99 |
+- if (cpu_smt_control == CPU_SMT_ENABLED) |
| 100 |
+- mask |= SPEC_CTRL_STIBP; |
| 101 |
+- else |
| 102 |
+- mask &= ~SPEC_CTRL_STIBP; |
| 103 |
+- |
| 104 |
+- if (mask != x86_spec_ctrl_base) { |
| 105 |
+- pr_info("Spectre v2 cross-process SMT mitigation: %s STIBP\n", |
| 106 |
+- cpu_smt_control == CPU_SMT_ENABLED ? |
| 107 |
+- "Enabling" : "Disabling"); |
| 108 |
+- x86_spec_ctrl_base = mask; |
| 109 |
+- on_each_cpu(update_stibp_msr, NULL, 1); |
| 110 |
+- } |
| 111 |
+- mutex_unlock(&spec_ctrl_mutex); |
| 112 |
+-} |
| 113 |
+- |
| 114 |
+ static void __init spectre_v2_select_mitigation(void) |
| 115 |
+ { |
| 116 |
+ enum spectre_v2_mitigation_cmd cmd = spectre_v2_parse_cmdline(); |
| 117 |
+@@ -459,9 +421,6 @@ specv2_set_mode: |
| 118 |
+ setup_force_cpu_cap(X86_FEATURE_USE_IBRS_FW); |
| 119 |
+ pr_info("Enabling Restricted Speculation for firmware calls\n"); |
| 120 |
+ } |
| 121 |
+- |
| 122 |
+- /* Enable STIBP if appropriate */ |
| 123 |
+- arch_smt_update(); |
| 124 |
+ } |
| 125 |
+ |
| 126 |
+ #undef pr_fmt |
| 127 |
+@@ -854,8 +813,6 @@ static ssize_t l1tf_show_state(char *buf) |
| 128 |
+ static ssize_t cpu_show_common(struct device *dev, struct device_attribute *attr, |
| 129 |
+ char *buf, unsigned int bug) |
| 130 |
+ { |
| 131 |
+- int ret; |
| 132 |
+- |
| 133 |
+ if (!boot_cpu_has_bug(bug)) |
| 134 |
+ return sprintf(buf, "Not affected\n"); |
| 135 |
+ |
| 136 |
+@@ -870,12 +827,10 @@ static ssize_t cpu_show_common(struct device *dev, struct device_attribute *attr |
| 137 |
+ return sprintf(buf, "Mitigation: __user pointer sanitization\n"); |
| 138 |
+ |
| 139 |
+ case X86_BUG_SPECTRE_V2: |
| 140 |
+- ret = sprintf(buf, "%s%s%s%s%s\n", spectre_v2_strings[spectre_v2_enabled], |
| 141 |
++ return sprintf(buf, "%s%s%s%s\n", spectre_v2_strings[spectre_v2_enabled], |
| 142 |
+ boot_cpu_has(X86_FEATURE_USE_IBPB) ? ", IBPB" : "", |
| 143 |
+ boot_cpu_has(X86_FEATURE_USE_IBRS_FW) ? ", IBRS_FW" : "", |
| 144 |
+- (x86_spec_ctrl_base & SPEC_CTRL_STIBP) ? ", STIBP" : "", |
| 145 |
+ spectre_v2_module_string()); |
| 146 |
+- return ret; |
| 147 |
+ |
| 148 |
+ case X86_BUG_SPEC_STORE_BYPASS: |
| 149 |
+ return sprintf(buf, "%s\n", ssb_strings[ssb_mode]); |
| 150 |
+diff --git a/kernel/cpu.c b/kernel/cpu.c |
| 151 |
+index 8d7bace9a7b2..b5a0165b7300 100644 |
| 152 |
+--- a/kernel/cpu.c |
| 153 |
++++ b/kernel/cpu.c |
| 154 |
+@@ -1970,12 +1970,6 @@ static void cpuhp_online_cpu_device(unsigned int cpu) |
| 155 |
+ kobject_uevent(&dev->kobj, KOBJ_ONLINE); |
| 156 |
+ } |
| 157 |
+ |
| 158 |
+-/* |
| 159 |
+- * Architectures that need SMT-specific errata handling during SMT hotplug |
| 160 |
+- * should override this. |
| 161 |
+- */ |
| 162 |
+-void __weak arch_smt_update(void) { }; |
| 163 |
+- |
| 164 |
+ static int cpuhp_smt_disable(enum cpuhp_smt_control ctrlval) |
| 165 |
+ { |
| 166 |
+ int cpu, ret = 0; |
| 167 |
+@@ -2002,10 +1996,8 @@ static int cpuhp_smt_disable(enum cpuhp_smt_control ctrlval) |
| 168 |
+ */ |
| 169 |
+ cpuhp_offline_cpu_device(cpu); |
| 170 |
+ } |
| 171 |
+- if (!ret) { |
| 172 |
++ if (!ret) |
| 173 |
+ cpu_smt_control = ctrlval; |
| 174 |
+- arch_smt_update(); |
| 175 |
+- } |
| 176 |
+ cpu_maps_update_done(); |
| 177 |
+ return ret; |
| 178 |
+ } |
| 179 |
+@@ -2016,7 +2008,6 @@ static int cpuhp_smt_enable(void) |
| 180 |
+ |
| 181 |
+ cpu_maps_update_begin(); |
| 182 |
+ cpu_smt_control = CPU_SMT_ENABLED; |
| 183 |
+- arch_smt_update(); |
| 184 |
+ for_each_present_cpu(cpu) { |
| 185 |
+ /* Skip online CPUs and CPUs on offline nodes */ |
| 186 |
+ if (cpu_online(cpu) || !node_online(cpu_to_node(cpu))) |
| 187 |
+diff --git a/net/ipv6/route.c b/net/ipv6/route.c |
| 188 |
+index 0db120d2a4fe..b0a72677b7e5 100644 |
| 189 |
+--- a/net/ipv6/route.c |
| 190 |
++++ b/net/ipv6/route.c |
| 191 |
+@@ -2292,7 +2292,6 @@ static void rt6_do_redirect(struct dst_entry *dst, struct sock *sk, struct sk_bu |
| 192 |
+ if (on_link) |
| 193 |
+ nrt->rt6i_flags &= ~RTF_GATEWAY; |
| 194 |
+ |
| 195 |
+- nrt->rt6i_protocol = RTPROT_REDIRECT; |
| 196 |
+ nrt->rt6i_gateway = *(struct in6_addr *)neigh->primary_key; |
| 197 |
+ |
| 198 |
+ if (ip6_ins_rt(nrt)) |
| 199 |
+@@ -2397,7 +2396,6 @@ static struct rt6_info *rt6_add_route_info(struct net *net, |
| 200 |
+ .fc_dst_len = prefixlen, |
| 201 |
+ .fc_flags = RTF_GATEWAY | RTF_ADDRCONF | RTF_ROUTEINFO | |
| 202 |
+ RTF_UP | RTF_PREF(pref), |
| 203 |
+- .fc_protocol = RTPROT_RA, |
| 204 |
+ .fc_nlinfo.portid = 0, |
| 205 |
+ .fc_nlinfo.nlh = NULL, |
| 206 |
+ .fc_nlinfo.nl_net = net, |
| 207 |
+@@ -2450,7 +2448,6 @@ struct rt6_info *rt6_add_dflt_router(const struct in6_addr *gwaddr, |
| 208 |
+ .fc_ifindex = dev->ifindex, |
| 209 |
+ .fc_flags = RTF_GATEWAY | RTF_ADDRCONF | RTF_DEFAULT | |
| 210 |
+ RTF_UP | RTF_EXPIRES | RTF_PREF(pref), |
| 211 |
+- .fc_protocol = RTPROT_RA, |
| 212 |
+ .fc_nlinfo.portid = 0, |
| 213 |
+ .fc_nlinfo.nlh = NULL, |
| 214 |
+ .fc_nlinfo.nl_net = dev_net(dev), |
| 215 |
+@@ -3247,6 +3244,14 @@ static int rt6_fill_node(struct net *net, |
| 216 |
+ } |
| 217 |
+ rtm->rtm_scope = RT_SCOPE_UNIVERSE; |
| 218 |
+ rtm->rtm_protocol = rt->rt6i_protocol; |
| 219 |
++ if (rt->rt6i_flags & RTF_DYNAMIC) |
| 220 |
++ rtm->rtm_protocol = RTPROT_REDIRECT; |
| 221 |
++ else if (rt->rt6i_flags & RTF_ADDRCONF) { |
| 222 |
++ if (rt->rt6i_flags & (RTF_DEFAULT | RTF_ROUTEINFO)) |
| 223 |
++ rtm->rtm_protocol = RTPROT_RA; |
| 224 |
++ else |
| 225 |
++ rtm->rtm_protocol = RTPROT_KERNEL; |
| 226 |
++ } |
| 227 |
+ |
| 228 |
+ if (rt->rt6i_flags & RTF_CACHE) |
| 229 |
+ rtm->rtm_flags |= RTM_F_CLONED; |
Archives