rebase patches on top of Ubuntu-6.2.0-34.34

(generated with debian/scripts/import-upstream-tag) Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2023-09-18 15:19:28 +02:00 · 2023-09-18 15:19:28 +02:00 · 8ff596f2d3
commit 8ff596f2d3
parent b3aeb8dba9
9 changed files with 19 additions and 95 deletions
--- a/patches/kernel/0004-pci-Enable-overrides-for-missing-ACS-capabilities-4..patch
+++ b/patches/kernel/0004-pci-Enable-overrides-for-missing-ACS-capabilities-4..patch
@ -55,7 +55,7 @@ Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
 2 files changed, 111 insertions(+)

 diff --git a/Documentation/admin-guide/kernel-parameters.txt b/Documentation/admin-guide/kernel-parameters.txt
-index 2698999c2aed..5fef2f65f634 100644
+index fa73bbcb0c8d..4964bb2e931e 100644
 --- a/Documentation/admin-guide/kernel-parameters.txt
 +++ b/Documentation/admin-guide/kernel-parameters.txt
@@ -4209,6 +4209,15 @@
--- a/patches/kernel/0006-net-core-downgrade-unregister_netdevice-refcount-lea.patch
+++ b/patches/kernel/0006-net-core-downgrade-unregister_netdevice-refcount-lea.patch
@ -14,10 +14,10 @@ Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
 1 file changed, 1 insertion(+), 1 deletion(-)

 diff --git a/net/core/dev.c b/net/core/dev.c
-index e1ea81afe37f..6ae53bede3b2 100644
+index 555bbe774734..de2e0d0185fc 100644
 --- a/net/core/dev.c
 +++ b/net/core/dev.c
-@@ -10260,7 +10260,7 @@ static struct net_device *netdev_wait_allrefs_any(struct list_head *list)
+@@ -10262,7 +10262,7 @@ static struct net_device *netdev_wait_allrefs_any(struct list_head *list)
 		if (time_after(jiffies, warning_time +
 			       READ_ONCE(netdev_unregister_timeout_secs) * HZ)) {
 			list_for_each_entry(dev, list, todo_list) {
--- a/patches/kernel/0008-kvm-xsave-set-mask-out-PKRU-bit-in-xfeatures-if-vCPU.patch
+++ b/patches/kernel/0008-kvm-xsave-set-mask-out-PKRU-bit-in-xfeatures-if-vCPU.patch
@ -78,7 +78,7 @@ Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
 3 files changed, 21 insertions(+)

 diff --git a/arch/x86/kvm/cpuid.c b/arch/x86/kvm/cpuid.c
-index 596061c1610e..9cbf12eca1d9 100644
+index 7ccdf991d18e..61aefeb3fdbc 100644
 --- a/arch/x86/kvm/cpuid.c
 +++ b/arch/x86/kvm/cpuid.c
@@ -251,6 +251,12 @@ static u64 cpuid_get_supported_xcr0(struct kvm_cpuid_entry2 *entries, int nent)
@ -108,10 +108,10 @@ index b1658c0de847..12a02851ff57 100644
 
 int cpuid_query_maxphyaddr(struct kvm_vcpu *vcpu);
 diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
-index ef53767fb7c8..7d8b14f8807e 100644
+index eb905af3ee90..16d7a881cae5 100644
 --- a/arch/x86/kvm/x86.c
 +++ b/arch/x86/kvm/x86.c
-@@ -5335,6 +5335,19 @@ static int kvm_vcpu_ioctl_x86_set_xsave(struct kvm_vcpu *vcpu,
+@@ -5333,6 +5333,19 @@ static int kvm_vcpu_ioctl_x86_set_xsave(struct kvm_vcpu *vcpu,
 	if (fpstate_is_confidential(&vcpu->arch.guest_fpu))
 		return 0;
 
--- a/patches/kernel/0009-KVM-x86-mmu-Grab-memslot-for-correct-address-space-i.patch
+++ b/patches/kernel/0009-KVM-x86-mmu-Grab-memslot-for-correct-address-space-i.patch
@ -1,82 +0,0 @@
-From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
-From: Sean Christopherson <seanjc@google.com>
-Date: Thu, 1 Jun 2023 18:01:37 -0700
-Subject: [PATCH] KVM: x86/mmu: Grab memslot for correct address space in NX
- recovery worker
-
-commit 817fa998362d6ea9fabd5e97af8e9e2eb5f0e6f2 upstream.
-
-Factor in the address space (non-SMM vs. SMM) of the target shadow page
-when recovering potential NX huge pages, otherwise KVM will retrieve the
-wrong memslot when zapping shadow pages that were created for SMM.  The
-bug most visibly manifests as a WARN on the memslot being non-NULL, but
-the worst case scenario is that KVM could unaccount the shadow page
-without ensuring KVM won't install a huge page, i.e. if the non-SMM slot
-is being dirty logged, but the SMM slot is not.
-
- ------------[ cut here ]------------
- WARNING: CPU: 1 PID: 3911 at arch/x86/kvm/mmu/mmu.c:7015
- kvm_nx_huge_page_recovery_worker+0x38c/0x3d0 [kvm]
- CPU: 1 PID: 3911 Comm: kvm-nx-lpage-re
- RIP: 0010:kvm_nx_huge_page_recovery_worker+0x38c/0x3d0 [kvm]
- RSP: 0018:ffff99b284f0be68 EFLAGS: 00010246
- RAX: 0000000000000000 RBX: ffff99b284edd000 RCX: 0000000000000000
- RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
- RBP: ffff9271397024e0 R08: 0000000000000000 R09: ffff927139702450
- R10: 0000000000000000 R11: 0000000000000001 R12: ffff99b284f0be98
- R13: 0000000000000000 R14: ffff9270991fcd80 R15: 0000000000000003
- FS:  0000000000000000(0000) GS:ffff927f9f640000(0000) knlGS:0000000000000000
- CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
- CR2: 00007f0aacad3ae0 CR3: 000000088fc2c005 CR4: 00000000003726e0
- Call Trace:
-  <TASK>
-__pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10 [kvm]
-  kvm_vm_worker_thread+0x106/0x1c0 [kvm]
-  kthread+0xd9/0x100
-  ret_from_fork+0x2c/0x50
-  </TASK>
- ---[ end trace 0000000000000000 ]---
-
-This bug was exposed by commit edbdb43fc96b ("KVM: x86: Preserve TDP MMU
-roots until they are explicitly invalidated"), which allowed KVM to retain
-SMM TDP MMU roots effectively indefinitely.  Before commit edbdb43fc96b,
-KVM would zap all SMM TDP MMU roots and thus all SMM TDP MMU shadow pages
-once all vCPUs exited SMM, which made the window where this bug (recovering
-an SMM NX huge page) could be encountered quite tiny.  To hit the bug, the
-NX recovery thread would have to run while at least one vCPU was in SMM.
-Most VMs typically only use SMM during boot, and so the problematic shadow
-pages were gone by the time the NX recovery thread ran.
-
-Now that KVM preserves TDP MMU roots until they are explicitly invalidated
-(e.g. by a memslot deletion), the window to trigger the bug is effectively
-never closed because most VMMs don't delete memslots after boot (except
-for a handful of special scenarios).
-
-Fixes: eb298605705a ("KVM: x86/mmu: Do not recover dirty-tracked NX Huge Pages")
-Reported-by: Fabio Coatti <fabio.coatti@gmail.com>
-Closes: https://lore.kernel.org/all/CADpTngX9LESCdHVu_2mQkNGena_Ng2CphWNwsRGSMxzDsTjU2A@mail.gmail.com
-Cc: stable@vger.kernel.org
-Link: https://lore.kernel.org/r/20230602010137.784664-1-seanjc@google.com
-Signed-off-by: Sean Christopherson <seanjc@google.com>
-Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
-Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
---
- arch/x86/kvm/mmu/mmu.c | 5 ++++-
- 1 file changed, 4 insertions(+), 1 deletion(-)
-
-diff --git a/arch/x86/kvm/mmu/mmu.c b/arch/x86/kvm/mmu/mmu.c
-index dcca08a08bd0..3220c1285984 100644
--- a/arch/x86/kvm/mmu/mmu.c
-+++ b/arch/x86/kvm/mmu/mmu.c
-@@ -6945,7 +6945,10 @@ static void kvm_recover_nx_huge_pages(struct kvm *kvm)
- 		 */
- 		slot = NULL;
- 		if (atomic_read(&kvm->nr_memslots_dirty_logging)) {
-			slot = gfn_to_memslot(kvm, sp->gfn);
-+			struct kvm_memslots *slots;
-+
-+			slots = kvm_memslots_for_spte_role(kvm, sp->role);
-+			slot = __gfn_to_memslot(slots, sp->gfn);
- 			WARN_ON_ONCE(!slot);
- 		}
- 
--- a/patches/kernel/0009-nvme-don-t-reject-probe-due-to-duplicate-IDs-for-sin.patch
+++ b/patches/kernel/0009-nvme-don-t-reject-probe-due-to-duplicate-IDs-for-sin.patch
@ -27,10 +27,10 @@ Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
 1 file changed, 33 insertions(+), 3 deletions(-)

 diff --git a/drivers/nvme/host/core.c b/drivers/nvme/host/core.c
-index d567762545b0..f350df252d27 100644
+index e2618d2b57bf..56d13d9e08ed 100644
 --- a/drivers/nvme/host/core.c
 +++ b/drivers/nvme/host/core.c
-@@ -4162,10 +4162,40 @@ static int nvme_init_ns_head(struct nvme_ns *ns, struct nvme_ns_info *info)
+@@ -4165,10 +4165,40 @@ static int nvme_init_ns_head(struct nvme_ns *ns, struct nvme_ns_info *info)
 
 	ret = nvme_global_check_duplicate_ids(ctrl->subsys, &info->ids);
 	if (ret) {
--- a/patches/kernel/0010-igc-Fix-Kernel-Panic-during-ndo_tx_timeout-callback.patch
+++ b/patches/kernel/0010-igc-Fix-Kernel-Panic-during-ndo_tx_timeout-callback.patch
--- a/patches/kernel/0011-mm-suppress-mm-fault-logging-if-fatal-signal-already.patch
+++ b/patches/kernel/0011-mm-suppress-mm-fault-logging-if-fatal-signal-already.patch
--- a/patches/kernel/0012-KVM-x86-mmu-Fix-an-sign-extension-bug-with-mmu_seq-t.patch
+++ b/patches/kernel/0012-KVM-x86-mmu-Fix-an-sign-extension-bug-with-mmu_seq-t.patch
--- a/patches/kernel/0013-allow-opt-in-to-allow-pass-through-on-broken-hardwar.patch
+++ b/patches/kernel/0013-allow-opt-in-to-allow-pass-through-on-broken-hardwar.patch
@ -1,12 +1,18 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
 From: kiler129 <grzegorz@noflash.pl>
-
-allow opt-in to allow pass-through on broken hardware..
+Date: Mon, 18 Sep 2023 15:19:26 +0200
+Subject: [PATCH] allow opt-in to allow pass-through on broken hardware..

 adapted from https://github.com/kiler129/relax-intel-rmrr , licensed under MIT or GPL 2.0+
+---
+ drivers/iommu/intel/iommu.c | 6 +++++-
+ 1 file changed, 5 insertions(+), 1 deletion(-)

+diff --git a/drivers/iommu/intel/iommu.c b/drivers/iommu/intel/iommu.c
+index 1c5ba4dbfe78..887667218e3b 100644
 --- a/drivers/iommu/intel/iommu.c
 +++ b/drivers/iommu/intel/iommu.c
-@@ -297,6 +297,7 @@
+@@ -297,6 +297,7 @@ static int dmar_map_gfx = 1;
 static int dmar_map_ipu = 1;
 static int intel_iommu_superpage = 1;
 static int iommu_identity_mapping;
@ -14,7 +20,7 @@ adapted from https://github.com/kiler129/relax-intel-rmrr , licensed under MIT o
 static int iommu_skip_te_disable;
 
 #define IDENTMAP_GFX		2
-@@ -358,6 +359,9 @@
+@@ -358,6 +359,9 @@ static int __init intel_iommu_setup(char *str)
 		} else if (!strncmp(str, "tboot_noforce", 13)) {
 			pr_info("Intel-IOMMU: not forcing on after tboot. This could expose security risk for tboot\n");
 			intel_iommu_tboot_noforce = 1;
@ -24,7 +30,7 @@ adapted from https://github.com/kiler129/relax-intel-rmrr , licensed under MIT o
 		} else {
 			pr_notice("Unknown option - '%s'\n", str);
 		}
-@@ -2538,7 +2542,7 @@
+@@ -2538,7 +2542,7 @@ static bool device_rmrr_is_relaxable(struct device *dev)
 		return false;
 
 	pdev = to_pci_dev(dev);