From patchwork Thu Feb 25 09:53:37 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Greg KH X-Patchwork-Id: 387647 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-18.8 required=3.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER, INCLUDES_PATCH, MAILING_LIST_MULTI, SPF_HELO_NONE, SPF_PASS, URIBL_BLOCKED, USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 50B78C433DB for ; Thu, 25 Feb 2021 09:57:57 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id E3E0364F0A for ; Thu, 25 Feb 2021 09:57:56 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234869AbhBYJ5x (ORCPT ); Thu, 25 Feb 2021 04:57:53 -0500 Received: from mail.kernel.org ([198.145.29.99]:33384 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S235279AbhBYJzr (ORCPT ); Thu, 25 Feb 2021 04:55:47 -0500 Received: by mail.kernel.org (Postfix) with ESMTPSA id 71C4D64EFA; Thu, 25 Feb 2021 09:54:08 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org; s=korg; t=1614246849; bh=BViO87cLdkLb4nnIj22hLyjnw+zpQKuNU92oSogE66s=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=aZ4qqPVQjpFLIrKw0tELFCBgmdSSDxxvgsFrHeI8uL3dkajeFxaBKr7wC/2j65Ayi tAiZbyNbxq0KJKA/kRa0EXDI0Q8+4ELV1sf3Bjbr/R3mHYYW7BXU+uK8GGp4S743az dhRgbLt3h+aGUc8KoXR474sh9bDLGHz6V3jVEfm4= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Johan Hovold Subject: [PATCH 5.11 03/12] USB: quirks: sort quirk entries Date: Thu, 25 Feb 2021 10:53:37 +0100 Message-Id: <20210225092515.182454523@linuxfoundation.org> X-Mailer: git-send-email 2.30.1 In-Reply-To: <20210225092515.015261674@linuxfoundation.org> References: <20210225092515.015261674@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: stable@vger.kernel.org From: Johan Hovold commit 43861d29c0810a70792bf69d37482efb7bb6677d upstream. Move the last entry to its proper place to maintain the VID/PID sort order. Cc: stable@vger.kernel.org Signed-off-by: Johan Hovold Link: https://lore.kernel.org/r/20210210111746.13360-1-johan@kernel.org Signed-off-by: Greg Kroah-Hartman --- drivers/usb/core/quirks.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) --- a/drivers/usb/core/quirks.c +++ b/drivers/usb/core/quirks.c @@ -415,6 +415,9 @@ static const struct usb_device_id usb_qu { USB_DEVICE(0x10d6, 0x2200), .driver_info = USB_QUIRK_STRING_FETCH_255 }, + /* novation SoundControl XL */ + { USB_DEVICE(0x1235, 0x0061), .driver_info = USB_QUIRK_RESET_RESUME }, + /* Huawei 4G LTE module */ { USB_DEVICE(0x12d1, 0x15bb), .driver_info = USB_QUIRK_DISCONNECT_SUSPEND }, @@ -495,9 +498,6 @@ static const struct usb_device_id usb_qu /* INTEL VALUE SSD */ { USB_DEVICE(0x8086, 0xf1a5), .driver_info = USB_QUIRK_RESET_RESUME }, - /* novation SoundControl XL */ - { USB_DEVICE(0x1235, 0x0061), .driver_info = USB_QUIRK_RESET_RESUME }, - { } /* terminating entry must be last */ }; From patchwork Thu Feb 25 09:53:38 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Greg KH X-Patchwork-Id: 387646 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-18.8 required=3.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER, INCLUDES_PATCH, MAILING_LIST_MULTI, SPF_HELO_NONE, SPF_PASS, URIBL_BLOCKED, USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 74335C433DB for ; Thu, 25 Feb 2021 09:58:01 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 2C80C64F0A for ; Thu, 25 Feb 2021 09:58:01 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S235425AbhBYJ54 (ORCPT ); Thu, 25 Feb 2021 04:57:56 -0500 Received: from mail.kernel.org ([198.145.29.99]:33482 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S235442AbhBYJzu (ORCPT ); Thu, 25 Feb 2021 04:55:50 -0500 Received: by mail.kernel.org (Postfix) with ESMTPSA id 2DEAC64F06; Thu, 25 Feb 2021 09:54:11 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org; s=korg; t=1614246851; bh=DZ0xcnks63hkG0sZOQbcAvAOYB9mcIuUFP7X3UMXmCU=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=X2Gu1+/aPkTkc4eRedMmAn8LoyJHx/AfxwSNUPrgoi0eq9QKvQJ+JPZczHFEi9JE2 WjS6Prattk8EvLkX4gSq+yM0yLgOERgU5JVM8z5D0HE+p6VUvSXLu3/TAZjyZ767vy rL1i6A7kuUKypBgSPF0qh4FVgJtPyaDDDkxhC0b8= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Stefan Ursella Subject: [PATCH 5.11 04/12] usb: quirks: add quirk to start video capture on ELMO L-12F document camera reliable Date: Thu, 25 Feb 2021 10:53:38 +0100 Message-Id: <20210225092515.222204941@linuxfoundation.org> X-Mailer: git-send-email 2.30.1 In-Reply-To: <20210225092515.015261674@linuxfoundation.org> References: <20210225092515.015261674@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: stable@vger.kernel.org From: Stefan Ursella commit 1ebe718bb48278105816ba03a0408ecc2d6cf47f upstream. Without this quirk starting a video capture from the device often fails with kernel: uvcvideo: Failed to set UVC probe control : -110 (exp. 34). Signed-off-by: Stefan Ursella Link: https://lore.kernel.org/r/20210210140713.18711-1-stefan.ursella@wolfvision.net Cc: stable Signed-off-by: Greg Kroah-Hartman --- drivers/usb/core/quirks.c | 3 +++ 1 file changed, 3 insertions(+) --- a/drivers/usb/core/quirks.c +++ b/drivers/usb/core/quirks.c @@ -391,6 +391,9 @@ static const struct usb_device_id usb_qu /* X-Rite/Gretag-Macbeth Eye-One Pro display colorimeter */ { USB_DEVICE(0x0971, 0x2000), .driver_info = USB_QUIRK_NO_SET_INTF }, + /* ELMO L-12F document camera */ + { USB_DEVICE(0x09a1, 0x0028), .driver_info = USB_QUIRK_DELAY_CTRL_MSG }, + /* Broadcom BCM92035DGROM BT dongle */ { USB_DEVICE(0x0a5c, 0x2021), .driver_info = USB_QUIRK_RESET_RESUME }, From patchwork Thu Feb 25 09:53:40 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Greg KH X-Patchwork-Id: 387645 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-18.8 required=3.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER, INCLUDES_PATCH, MAILING_LIST_MULTI, SPF_HELO_NONE, SPF_PASS, URIBL_BLOCKED, USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 4EA2DC433E0 for ; Thu, 25 Feb 2021 09:58:55 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id F177864EDB for ; Thu, 25 Feb 2021 09:58:54 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233693AbhBYJ6r (ORCPT ); Thu, 25 Feb 2021 04:58:47 -0500 Received: from mail.kernel.org ([198.145.29.99]:34110 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234158AbhBYJ4i (ORCPT ); Thu, 25 Feb 2021 04:56:38 -0500 Received: by mail.kernel.org (Postfix) with ESMTPSA id EEF9364F0D; Thu, 25 Feb 2021 09:54:16 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org; s=korg; t=1614246857; bh=AM0VwAM248I11PFNRkNnsugVBeUvdAPwU4cg/Y93yy4=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=UTJLlPEC4M4mmFa0u4UVXOgnW4CAtSY41E7X62T6zxwXcstaL1bxAO/1F7QgnoEQY j582yPUaPvKJshLTg9aIRNzGeXRlZsONSo+3cy3oJVk8SK5bzfKKjU7umdWaGafEuT K6BahUTSdVp4KjNZna94PYpef5jZvblnE/dVvXy4= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Hui Wang , Marcel Holtmann , Salvatore Bonaccorso Subject: [PATCH 5.11 06/12] Bluetooth: btusb: Some Qualcomm Bluetooth adapters stop working Date: Thu, 25 Feb 2021 10:53:40 +0100 Message-Id: <20210225092515.298883603@linuxfoundation.org> X-Mailer: git-send-email 2.30.1 In-Reply-To: <20210225092515.015261674@linuxfoundation.org> References: <20210225092515.015261674@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: stable@vger.kernel.org From: Hui Wang commit 234f414efd1164786269849b4fbb533d6c9cdbbf upstream. This issue starts from linux-5.10-rc1, I reproduced this issue on my Dell Inspiron 7447 with BT adapter 0cf3:e005, the kernel will print out: "Bluetooth: hci0: don't support firmware rome 0x31010000", and someone else also reported the similar issue to bugzilla #211571. I found this is a regression introduced by 'commit b40f58b97386 ("Bluetooth: btusb: Add Qualcomm Bluetooth SoC WCN6855 support"), the patch assumed that if high ROM version is not zero, it is an adapter on WCN6855, but many old adapters don't need to load rampatch or nvm, and they have non-zero high ROM version. To fix it, let the driver match the rom_version in the qca_devices_table first, if there is no entry matched, check the high ROM version, if it is not zero, we assume this adapter is ready to work and no need to load rampatch and nvm like previously. BugLink: https://bugzilla.kernel.org/show_bug.cgi?id=211571 Fixes: b40f58b97386 ("Bluetooth: btusb: Add Qualcomm Bluetooth SoC WCN6855 support") Signed-off-by: Hui Wang Signed-off-by: Marcel Holtmann Cc: Salvatore Bonaccorso Signed-off-by: Greg Kroah-Hartman --- drivers/bluetooth/btusb.c | 7 +++++++ 1 file changed, 7 insertions(+) --- a/drivers/bluetooth/btusb.c +++ b/drivers/bluetooth/btusb.c @@ -4065,6 +4065,13 @@ static int btusb_setup_qca(struct hci_de info = &qca_devices_table[i]; } if (!info) { + /* If the rom_version is not matched in the qca_devices_table + * and the high ROM version is not zero, we assume this chip no + * need to load the rampatch and nvm. + */ + if (ver_rom & ~0xffffU) + return 0; + bt_dev_err(hdev, "don't support firmware rome 0x%x", ver_rom); return -ENODEV; } From patchwork Thu Feb 25 09:53:43 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Greg KH X-Patchwork-Id: 387644 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-18.8 required=3.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER, INCLUDES_PATCH, MAILING_LIST_MULTI, SPF_HELO_NONE, SPF_PASS, URIBL_BLOCKED, USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 692DBC433DB for ; Thu, 25 Feb 2021 09:59:21 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 0D7C864F06 for ; Thu, 25 Feb 2021 09:59:20 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234469AbhBYJ6z (ORCPT ); Thu, 25 Feb 2021 04:58:55 -0500 Received: from mail.kernel.org ([198.145.29.99]:34226 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S235601AbhBYJ4q (ORCPT ); Thu, 25 Feb 2021 04:56:46 -0500 Received: by mail.kernel.org (Postfix) with ESMTPSA id 048B664F12; Thu, 25 Feb 2021 09:54:26 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org; s=korg; t=1614246867; bh=UEDpM2iNq1Jh298bEQH9lI2lZIkdVnRfLGHTU/RCeyE=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=1LbII0DNa6xFsmVvp8/WvfEadQvdCuoC0KdqHPR4W03PmfI3340uIzyCp7ZHfmeYL 6wMAZmYdO2d42VYC8SiWihflvW1tSIPRFhUX5q/OlToAxI52BJn4nXBPa++RuLqrmi tA//1ZEBt5NmCOu6l4pqbICXcMIBaJ4xUhBLC5lE= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Zdenek Kaspar , Sean Christopherson , Paolo Bonzini Subject: [PATCH 5.11 09/12] KVM: x86: Zap the oldest MMU pages, not the newest Date: Thu, 25 Feb 2021 10:53:43 +0100 Message-Id: <20210225092515.434032433@linuxfoundation.org> X-Mailer: git-send-email 2.30.1 In-Reply-To: <20210225092515.015261674@linuxfoundation.org> References: <20210225092515.015261674@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: stable@vger.kernel.org From: Sean Christopherson commit 8fc517267fb28576dfca2380cc2497a2454b8fae upstream. Walk the list of MMU pages in reverse in kvm_mmu_zap_oldest_mmu_pages(). The list is FIFO, meaning new pages are inserted at the head and thus the oldest pages are at the tail. Using a "forward" iterator causes KVM to zap MMU pages that were just added, which obliterates guest performance once the max number of shadow MMU pages is reached. Fixes: 6b82ef2c9cf1 ("KVM: x86/mmu: Batch zap MMU pages when recycling oldest pages") Reported-by: Zdenek Kaspar Cc: stable@vger.kernel.org Signed-off-by: Sean Christopherson Message-Id: <20210113205030.3481307-1-seanjc@google.com> Signed-off-by: Paolo Bonzini Signed-off-by: Greg Kroah-Hartman --- arch/x86/kvm/mmu/mmu.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) --- a/arch/x86/kvm/mmu/mmu.c +++ b/arch/x86/kvm/mmu/mmu.c @@ -2417,7 +2417,7 @@ static unsigned long kvm_mmu_zap_oldest_ return 0; restart: - list_for_each_entry_safe(sp, tmp, &kvm->arch.active_mmu_pages, link) { + list_for_each_entry_safe_reverse(sp, tmp, &kvm->arch.active_mmu_pages, link) { /* * Don't zap active root pages, the page itself can't be freed * and zapping it will just force vCPUs to realloc and reload. From patchwork Thu Feb 25 09:53:44 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Greg KH X-Patchwork-Id: 387649 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-18.8 required=3.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER, INCLUDES_PATCH, MAILING_LIST_MULTI, SPF_HELO_NONE, SPF_PASS, URIBL_BLOCKED, USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id C4C94C433E0 for ; Thu, 25 Feb 2021 09:56:06 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 70E2D64EF1 for ; Thu, 25 Feb 2021 09:56:06 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S235475AbhBYJ4A (ORCPT ); Thu, 25 Feb 2021 04:56:00 -0500 Received: from mail.kernel.org ([198.145.29.99]:60932 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S235489AbhBYJyi (ORCPT ); Thu, 25 Feb 2021 04:54:38 -0500 Received: by mail.kernel.org (Postfix) with ESMTPSA id A9D1664ECE; Thu, 25 Feb 2021 09:53:56 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org; s=korg; t=1614246837; bh=XbJE3ajrQhiIyoghJaJ8dsQbDIkBCIFomDioDXnxT4w=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=DtLoh3rytclzlm4cgCqr0RjQvEjc5XBAn6Yb/XzFgBIPTfUxH3G/JesuKEuZ6wx3M KeRPnS2HifimzlP9RcaSCEWH6OiMvZGNj1QOO5Ej0/9btw126spebF0ybA33kMhBrW Q5WDERaXgrQKv+awZqKPbQVwCWheuTuNlxtvfEd4= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, David Stevens , 3pvd@google.com, Jann Horn , Jason Gunthorpe , Paolo Bonzini Subject: [PATCH 5.11 10/12] KVM: do not assume PTE is writable after follow_pfn Date: Thu, 25 Feb 2021 10:53:44 +0100 Message-Id: <20210225092515.478386370@linuxfoundation.org> X-Mailer: git-send-email 2.30.1 In-Reply-To: <20210225092515.015261674@linuxfoundation.org> References: <20210225092515.015261674@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: stable@vger.kernel.org From: Paolo Bonzini commit bd2fae8da794b55bf2ac02632da3a151b10e664c upstream. In order to convert an HVA to a PFN, KVM usually tries to use the get_user_pages family of functinso. This however is not possible for VM_IO vmas; in that case, KVM instead uses follow_pfn. In doing this however KVM loses the information on whether the PFN is writable. That is usually not a problem because the main use of VM_IO vmas with KVM is for BARs in PCI device assignment, however it is a bug. To fix it, use follow_pte and check pte_write while under the protection of the PTE lock. The information can be used to fail hva_to_pfn_remapped or passed back to the caller via *writable. Usage of follow_pfn was introduced in commit add6a0cd1c5b ("KVM: MMU: try to fix up page faults before giving up", 2016-07-05); however, even older version have the same issue, all the way back to commit 2e2e3738af33 ("KVM: Handle vma regions with no backing page", 2008-07-20), as they also did not check whether the PFN was writable. Fixes: 2e2e3738af33 ("KVM: Handle vma regions with no backing page") Reported-by: David Stevens Cc: 3pvd@google.com Cc: Jann Horn Cc: Jason Gunthorpe Cc: stable@vger.kernel.org Signed-off-by: Paolo Bonzini Signed-off-by: Greg Kroah-Hartman --- virt/kvm/kvm_main.c | 15 ++++++++++++--- 1 file changed, 12 insertions(+), 3 deletions(-) --- a/virt/kvm/kvm_main.c +++ b/virt/kvm/kvm_main.c @@ -1904,9 +1904,11 @@ static int hva_to_pfn_remapped(struct vm kvm_pfn_t *p_pfn) { unsigned long pfn; + pte_t *ptep; + spinlock_t *ptl; int r; - r = follow_pfn(vma, addr, &pfn); + r = follow_pte(vma->vm_mm, addr, NULL, &ptep, NULL, &ptl); if (r) { /* * get_user_pages fails for VM_IO and VM_PFNMAP vmas and does @@ -1921,14 +1923,19 @@ static int hva_to_pfn_remapped(struct vm if (r) return r; - r = follow_pfn(vma, addr, &pfn); + r = follow_pte(vma->vm_mm, addr, NULL, &ptep, NULL, &ptl); if (r) return r; + } + if (write_fault && !pte_write(*ptep)) { + pfn = KVM_PFN_ERR_RO_FAULT; + goto out; } if (writable) - *writable = true; + *writable = pte_write(*ptep); + pfn = pte_pfn(*ptep); /* * Get a reference here because callers of *hva_to_pfn* and @@ -1943,6 +1950,8 @@ static int hva_to_pfn_remapped(struct vm */ kvm_get_pfn(pfn); +out: + pte_unmap_unlock(ptep, ptl); *p_pfn = pfn; return 0; } From patchwork Thu Feb 25 09:53:46 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Greg KH X-Patchwork-Id: 387648 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-18.8 required=3.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER, INCLUDES_PATCH, MAILING_LIST_MULTI, SPF_HELO_NONE, SPF_PASS, URIBL_BLOCKED, USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 6355BC433E0 for ; Thu, 25 Feb 2021 09:56:37 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 0998964F36 for ; Thu, 25 Feb 2021 09:56:36 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S235493AbhBYJ4M (ORCPT ); Thu, 25 Feb 2021 04:56:12 -0500 Received: from mail.kernel.org ([198.145.29.99]:32772 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S235494AbhBYJyo (ORCPT ); Thu, 25 Feb 2021 04:54:44 -0500 Received: by mail.kernel.org (Postfix) with ESMTPSA id B3FF964EF5; Thu, 25 Feb 2021 09:54:02 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org; s=korg; t=1614246843; bh=iBNOvr58JQz924Lz8whUfoQyHyI302JA1X7nNfhZi04=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=EKoLLHcZEJJC4KJl4T/DJzipKsIWmulD/UNqWhOiH5X+KVOjGmvGBwsvI2OIUMRLd rnBiUCPVUr64QvWSX9hINUMBmRi/oT3qWTM2SxAYi5G1lJksMGVdhivzP7gJ5LaCQ8 hl845N330VO3oUW9mpwmJJ7rBRzg8UcmNx2a+XYs= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Sean Christopherson , Paolo Bonzini Subject: [PATCH 5.11 12/12] KVM: Use kvm_pfn_t for local PFN variable in hva_to_pfn_remapped() Date: Thu, 25 Feb 2021 10:53:46 +0100 Message-Id: <20210225092515.573855820@linuxfoundation.org> X-Mailer: git-send-email 2.30.1 In-Reply-To: <20210225092515.015261674@linuxfoundation.org> References: <20210225092515.015261674@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: stable@vger.kernel.org From: Sean Christopherson commit a9545779ee9e9e103648f6f2552e73cfe808d0f4 upstream. Use kvm_pfn_t, a.k.a. u64, for the local 'pfn' variable when retrieving a so called "remapped" hva/pfn pair. In theory, the hva could resolve to a pfn in high memory on a 32-bit kernel. This bug was inadvertantly exposed by commit bd2fae8da794 ("KVM: do not assume PTE is writable after follow_pfn"), which added an error PFN value to the mix, causing gcc to comlain about overflowing the unsigned long. arch/x86/kvm/../../../virt/kvm/kvm_main.c: In function ‘hva_to_pfn_remapped’: include/linux/kvm_host.h:89:30: error: conversion from ‘long long unsigned int’ to ‘long unsigned int’ changes value from ‘9218868437227405314’ to ‘2’ [-Werror=overflow] 89 | #define KVM_PFN_ERR_RO_FAULT (KVM_PFN_ERR_MASK + 2) | ^ virt/kvm/kvm_main.c:1935:9: note: in expansion of macro ‘KVM_PFN_ERR_RO_FAULT’ Cc: stable@vger.kernel.org Fixes: add6a0cd1c5b ("KVM: MMU: try to fix up page faults before giving up") Signed-off-by: Sean Christopherson Message-Id: <20210208201940.1258328-1-seanjc@google.com> Signed-off-by: Paolo Bonzini Signed-off-by: Greg Kroah-Hartman --- virt/kvm/kvm_main.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) --- a/virt/kvm/kvm_main.c +++ b/virt/kvm/kvm_main.c @@ -1903,7 +1903,7 @@ static int hva_to_pfn_remapped(struct vm bool write_fault, bool *writable, kvm_pfn_t *p_pfn) { - unsigned long pfn; + kvm_pfn_t pfn; pte_t *ptep; spinlock_t *ptl; int r;