From 023a12a518f2e411a78e86498603e41111ee0bad Mon Sep 17 00:00:00 2001 From: Michal Kubecek Date: Jan 29 2024 05:17:41 +0000 Subject: Update to 6.8-rc2 - eliminate 1 patch - patches.suse/futex-Avoid-reusing-outdated-pi_state.patch (e626cb02ee83) - refresh configs --- diff --git a/config/i386/pae b/config/i386/pae index 8bdd917..d3dd320 100644 --- a/config/i386/pae +++ b/config/i386/pae @@ -1,6 +1,6 @@ # # Automatically generated file; DO NOT EDIT. -# Linux/i386 6.8.0-rc1 Kernel Configuration +# Linux/i386 6.8.0-rc2 Kernel Configuration # CONFIG_CC_VERSION_TEXT="gcc (scripts/dummy-tools/gcc)" CONFIG_CC_IS_GCC=y @@ -188,6 +188,8 @@ CONFIG_ARCH_WANT_BATCHED_UNMAP_TLB_FLUSH=y CONFIG_CC_IMPLICIT_FALLTHROUGH="-Wimplicit-fallthrough=5" CONFIG_GCC11_NO_ARRAY_BOUNDS=y CONFIG_CC_NO_ARRAY_BOUNDS=y +CONFIG_GCC11_NO_STRINGOP_OVERFLOW=y +CONFIG_CC_STRINGOP_OVERFLOW=y CONFIG_CGROUPS=y CONFIG_PAGE_COUNTER=y # CONFIG_CGROUP_FAVOR_DYNMODS is not set diff --git a/config/ppc64le/default b/config/ppc64le/default index b8086a7..aa9cc2c 100644 --- a/config/ppc64le/default +++ b/config/ppc64le/default @@ -1,6 +1,6 @@ # # Automatically generated file; DO NOT EDIT. -# Linux/powerpc 6.8.0-rc1 Kernel Configuration +# Linux/powerpc 6.8.0-rc2 Kernel Configuration # CONFIG_CC_VERSION_TEXT="gcc (scripts/dummy-tools/gcc)" CONFIG_CC_IS_GCC=y @@ -170,6 +170,8 @@ CONFIG_CC_HAS_INT128=y CONFIG_CC_IMPLICIT_FALLTHROUGH="-Wimplicit-fallthrough=5" CONFIG_GCC11_NO_ARRAY_BOUNDS=y CONFIG_CC_NO_ARRAY_BOUNDS=y +CONFIG_GCC11_NO_STRINGOP_OVERFLOW=y +CONFIG_CC_STRINGOP_OVERFLOW=y CONFIG_NUMA_BALANCING=y CONFIG_NUMA_BALANCING_DEFAULT_ENABLED=y CONFIG_CGROUPS=y diff --git a/config/riscv64/default b/config/riscv64/default index 21b6db6..b8915ce 100644 --- a/config/riscv64/default +++ b/config/riscv64/default @@ -1,6 +1,6 @@ # # Automatically generated file; DO NOT EDIT. -# Linux/riscv 6.8.0-rc1 Kernel Configuration +# Linux/riscv 6.8.0-rc2 Kernel Configuration # CONFIG_CC_VERSION_TEXT="gcc (scripts/dummy-tools/gcc)" CONFIG_CC_IS_GCC=y @@ -176,6 +176,8 @@ CONFIG_CC_HAS_INT128=y CONFIG_CC_IMPLICIT_FALLTHROUGH="-Wimplicit-fallthrough=5" CONFIG_GCC11_NO_ARRAY_BOUNDS=y CONFIG_CC_NO_ARRAY_BOUNDS=y +CONFIG_GCC11_NO_STRINGOP_OVERFLOW=y +CONFIG_CC_STRINGOP_OVERFLOW=y CONFIG_ARCH_SUPPORTS_INT128=y CONFIG_NUMA_BALANCING=y CONFIG_NUMA_BALANCING_DEFAULT_ENABLED=y diff --git a/config/s390x/default b/config/s390x/default index 35781b4..808d867 100644 --- a/config/s390x/default +++ b/config/s390x/default @@ -1,6 +1,6 @@ # # Automatically generated file; DO NOT EDIT. -# Linux/s390 6.8.0-rc1 Kernel Configuration +# Linux/s390 6.8.0-rc2 Kernel Configuration # CONFIG_CC_VERSION_TEXT="gcc (scripts/dummy-tools/gcc)" CONFIG_CC_IS_GCC=y @@ -167,6 +167,8 @@ CONFIG_CC_HAS_INT128=y CONFIG_CC_IMPLICIT_FALLTHROUGH="-Wimplicit-fallthrough=5" CONFIG_GCC11_NO_ARRAY_BOUNDS=y CONFIG_CC_NO_ARRAY_BOUNDS=y +CONFIG_GCC11_NO_STRINGOP_OVERFLOW=y +CONFIG_CC_STRINGOP_OVERFLOW=y CONFIG_NUMA_BALANCING=y # CONFIG_NUMA_BALANCING_DEFAULT_ENABLED is not set CONFIG_CGROUPS=y diff --git a/config/s390x/zfcpdump b/config/s390x/zfcpdump index 9ce9d65..a4efb9d 100644 --- a/config/s390x/zfcpdump +++ b/config/s390x/zfcpdump @@ -1,6 +1,6 @@ # # Automatically generated file; DO NOT EDIT. -# Linux/s390 6.8.0-rc1 Kernel Configuration +# Linux/s390 6.8.0-rc2 Kernel Configuration # CONFIG_CC_VERSION_TEXT="gcc (scripts/dummy-tools/gcc)" CONFIG_CC_IS_GCC=y @@ -147,6 +147,8 @@ CONFIG_CC_HAS_INT128=y CONFIG_CC_IMPLICIT_FALLTHROUGH="-Wimplicit-fallthrough=5" CONFIG_GCC11_NO_ARRAY_BOUNDS=y CONFIG_CC_NO_ARRAY_BOUNDS=y +CONFIG_GCC11_NO_STRINGOP_OVERFLOW=y +CONFIG_CC_STRINGOP_OVERFLOW=y # CONFIG_CGROUPS is not set CONFIG_NAMESPACES=y # CONFIG_UTS_NS is not set diff --git a/config/x86_64/default b/config/x86_64/default index 02f404e..d7d0a18 100644 --- a/config/x86_64/default +++ b/config/x86_64/default @@ -1,6 +1,6 @@ # # Automatically generated file; DO NOT EDIT. -# Linux/x86_64 6.8.0-rc1 Kernel Configuration +# Linux/x86_64 6.8.0-rc2 Kernel Configuration # CONFIG_CC_VERSION_TEXT="gcc (scripts/dummy-tools/gcc)" CONFIG_CC_IS_GCC=y @@ -198,6 +198,8 @@ CONFIG_CC_HAS_INT128=y CONFIG_CC_IMPLICIT_FALLTHROUGH="-Wimplicit-fallthrough=5" CONFIG_GCC11_NO_ARRAY_BOUNDS=y CONFIG_CC_NO_ARRAY_BOUNDS=y +CONFIG_GCC11_NO_STRINGOP_OVERFLOW=y +CONFIG_CC_STRINGOP_OVERFLOW=y CONFIG_ARCH_SUPPORTS_INT128=y CONFIG_NUMA_BALANCING=y CONFIG_NUMA_BALANCING_DEFAULT_ENABLED=y diff --git a/patches.suse/futex-Avoid-reusing-outdated-pi_state.patch b/patches.suse/futex-Avoid-reusing-outdated-pi_state.patch deleted file mode 100644 index 879c79c..0000000 --- a/patches.suse/futex-Avoid-reusing-outdated-pi_state.patch +++ /dev/null @@ -1,128 +0,0 @@ -From: Sebastian Andrzej Siewior -Date: Thu, 18 Jan 2024 12:54:51 +0100 -Subject: futex: Prevent the reuse of stale pi_state -Git-repo: https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git#locking/urgent -Git-commit: e626cb02ee8399fd42c415e542d031d185783903 -Patch-mainline: Queued in subsystem maintainer repository -References: bsc#1218841 - -Jiri Slaby reported a futex state inconsistency resulting in -EINVAL during -a lock operation for a PI futex. It requires that the a lock process is -interrupted by a timeout or signal: - - T1 Owns the futex in user space. - - T2 Tries to acquire the futex in kernel (futex_lock_pi()). Allocates a - pi_state and attaches itself to it. - - T2 Times out and removes its rt_waiter from the rt_mutex. Drops the - rtmutex lock and tries to acquire the hash bucket lock to remove - the futex_q. The lock is contended and T2 schedules out. - - T1 Unlocks the futex (futex_unlock_pi()). Finds a futex_q but no - rt_waiter. Unlocks the futex (do_uncontended) and makes it available - to user space. - - T3 Acquires the futex in user space. - - T4 Tries to acquire the futex in kernel (futex_lock_pi()). Finds the - existing futex_q of T2 and tries to attach itself to the existing - pi_state. This (attach_to_pi_state()) fails with -EINVAL because uval - contains the TID of T3 but pi_state points to T1. - -It's incorrect to unlock the futex and make it available for user space to -acquire as long as there is still an existing state attached to it in the -kernel. - -T1 cannot hand over the futex to T2 because T2 already gave up and started -to clean up and is blocked on the hash bucket lock, so T2's futex_q with -the pi_state pointing to T1 is still queued. - -T2 observes the futex_q, but ignores it as there is no waiter on the -corresponding rt_mutex and takes the uncontended path which allows the -subsequent caller of futex_lock_pi() (T4) to observe that stale state. - -To prevent this the unlock path must dequeue all futex_q entries which -point to the same pi_state when there is no waiter on the rt mutex. This -requires obviously to make the dequeue conditional in the locking path to -prevent a double dequeue. With that it's guaranteed that user space cannot -observe an uncontended futex which has kernel state attached. - -Fixes: fbeb558b0dd0d ("futex/pi: Fix recursive rt_mutex waiter state") -Reported-by: Jiri Slaby -Signed-off-by: Sebastian Andrzej Siewior -Signed-off-by: Thomas Gleixner -Tested-by: Jiri Slaby -Link: https://lore.kernel.org/r/20240118115451.0TkD_ZhB@linutronix.de -Closes: https://lore.kernel.org/all/4611bcf2-44d0-4c34-9b84-17406f881003@kernel.org -Signed-off-by: Jiri Slaby ---- - kernel/futex/core.c | 15 ++++++++++++--- - kernel/futex/pi.c | 11 ++++++++--- - 2 files changed, 20 insertions(+), 6 deletions(-) - ---- a/kernel/futex/core.c -+++ b/kernel/futex/core.c -@@ -626,12 +626,21 @@ retry: - } - - /* -- * PI futexes can not be requeued and must remove themselves from the -- * hash bucket. The hash bucket lock (i.e. lock_ptr) is held. -+ * PI futexes can not be requeued and must remove themselves from the hash -+ * bucket. The hash bucket lock (i.e. lock_ptr) is held. - */ - void futex_unqueue_pi(struct futex_q *q) - { -- __futex_unqueue(q); -+ /* -+ * If the lock was not acquired (due to timeout or signal) then the -+ * rt_waiter is removed before futex_q is. If this is observed by -+ * an unlocker after dropping the rtmutex wait lock and before -+ * acquiring the hash bucket lock, then the unlocker dequeues the -+ * futex_q from the hash bucket list to guarantee consistent state -+ * vs. userspace. Therefore the dequeue here must be conditional. -+ */ -+ if (!plist_node_empty(&q->list)) -+ __futex_unqueue(q); - - BUG_ON(!q->pi_state); - put_pi_state(q->pi_state); ---- a/kernel/futex/pi.c -+++ b/kernel/futex/pi.c -@@ -1135,6 +1135,7 @@ retry: - - hb = futex_hash(&key); - spin_lock(&hb->lock); -+retry_hb: - - /* - * Check waiters first. We do not trust user space values at -@@ -1177,12 +1178,17 @@ retry: - /* - * Futex vs rt_mutex waiter state -- if there are no rt_mutex - * waiters even though futex thinks there are, then the waiter -- * is leaving and the uncontended path is safe to take. -+ * is leaving. The entry needs to be removed from the list so a -+ * new futex_lock_pi() is not using this stale PI-state while -+ * the futex is available in user space again. -+ * There can be more than one task on its way out so it needs -+ * to retry. - */ - rt_waiter = rt_mutex_top_waiter(&pi_state->pi_mutex); - if (!rt_waiter) { -+ __futex_unqueue(top_waiter); - raw_spin_unlock_irq(&pi_state->pi_mutex.wait_lock); -- goto do_uncontended; -+ goto retry_hb; - } - - get_pi_state(pi_state); -@@ -1217,7 +1223,6 @@ retry: - return ret; - } - --do_uncontended: - /* - * We have no kernel internal state, i.e. no waiters in the - * kernel. Waiters which are about to queue themselves are stuck diff --git a/rpm/config.sh b/rpm/config.sh index 88082cf..5ec4d35 100644 --- a/rpm/config.sh +++ b/rpm/config.sh @@ -1,5 +1,5 @@ # The version of the main tarball to use -SRCVERSION=6.8-rc1 +SRCVERSION=6.8-rc2 # variant of the kernel-source package, either empty or "-rt" VARIANT= # enable kernel module compression diff --git a/series.conf b/series.conf index c948143..ba4c80b 100644 --- a/series.conf +++ b/series.conf @@ -72,7 +72,6 @@ # to area specific sections below. ######################################################## patches.suse/firmware-qemu_fw_cfg-Do-not-hard-depend-on-CONFIG_HA.patch - patches.suse/futex-Avoid-reusing-outdated-pi_state.patch patches.suse/mm-huge_memory-don-t-force-huge-page-alignment-on-32.patch ########################################################