From 8c447d62676edaa269045234ff77f897cd98865c Mon Sep 17 00:00:00 2001
From: Tony Jones <tonyj@suse.de>
Date: Jun 02 2025 19:39:18 +0000
Subject: Merge remote-tracking branch 'origin/users/pmladek/SLE15-SP6/for-next' into SLE15-SP6


---

diff --git a/patches.suse/objtool-panic-Disable-SMAP-in-__stack_chk_fail.patch b/patches.suse/objtool-panic-Disable-SMAP-in-__stack_chk_fail.patch
new file mode 100644
index 0000000..253a1d7
--- /dev/null
+++ b/patches.suse/objtool-panic-Disable-SMAP-in-__stack_chk_fail.patch
@@ -0,0 +1,69 @@
+From: Josh Poimboeuf <jpoimboe@kernel.org>
+Date: Mon, 24 Mar 2025 14:56:07 -0700
+Subject: objtool, panic: Disable SMAP in __stack_chk_fail()
+Git-commit: 72c774aa9d1e16bfd247096935e7dae194d84929
+Patch-mainline: v6.15-rc1
+References: bsc#1243963
+
+__stack_chk_fail() can be called from uaccess-enabled code.  Make sure
+uaccess gets disabled before calling panic().
+
+Fixes the following warning:
+
+  kernel/trace/trace_branch.o: error: objtool: ftrace_likely_update+0x1ea: call to __stack_chk_fail() with UACCESS enabled
+
+Signed-off-by: Josh Poimboeuf <jpoimboe@kernel.org>
+Signed-off-by: Ingo Molnar <mingo@kernel.org>
+Cc: Kees Cook <keescook@chromium.org>
+Cc: Andrew Morton <akpm@linux-foundation.org>
+Cc: Linus Torvalds <torvalds@linux-foundation.org>
+Link: https://lore.kernel.org/r/a3e97e0119e1b04c725a8aa05f7bc83d98e657eb.1742852847.git.jpoimboe@kernel.org
+
+Acked-by: Petr Mladek <pmladek@suse.com>
+---
+ kernel/panic.c        | 6 ++++++
+ tools/objtool/check.c | 5 ++++-
+ 2 files changed, 10 insertions(+), 1 deletion(-)
+
+diff --git a/kernel/panic.c b/kernel/panic.c
+index d8635d5cecb2..f9f0c5148f6a 100644
+--- a/kernel/panic.c
++++ b/kernel/panic.c
+@@ -832,9 +832,15 @@ device_initcall(register_warn_debugfs);
+  */
+ __visible noinstr void __stack_chk_fail(void)
+ {
++	unsigned long flags;
++
+ 	instrumentation_begin();
++	flags = user_access_save();
++
+ 	panic("stack-protector: Kernel stack is corrupted in: %pB",
+ 		__builtin_return_address(0));
++
++	user_access_restore(flags);
+ 	instrumentation_end();
+ }
+ EXPORT_SYMBOL(__stack_chk_fail);
+diff --git a/tools/objtool/check.c b/tools/objtool/check.c
+index 0caabf0e8faf..3bf29923d5c0 100644
+--- a/tools/objtool/check.c
++++ b/tools/objtool/check.c
+@@ -1194,12 +1194,15 @@ static const char *uaccess_safe_builtin[] = {
+ 	"__ubsan_handle_load_invalid_value",
+ 	/* STACKLEAK */
+ 	"stackleak_track_stack",
++	/* TRACE_BRANCH_PROFILING */
++	"ftrace_likely_update",
++	/* STACKPROTECTOR */
++	"__stack_chk_fail",
+ 	/* misc */
+ 	"csum_partial_copy_generic",
+ 	"copy_mc_fragile",
+ 	"copy_mc_fragile_handle_tail",
+ 	"copy_mc_enhanced_fast_string",
+-	"ftrace_likely_update", /* CONFIG_TRACE_BRANCH_PROFILING */
+ 	"rep_stos_alternative",
+ 	"rep_movs_alternative",
+ 	"__copy_user_nocache",
+
diff --git a/series.conf b/series.conf
index 92a0b79..4804999 100644
--- a/series.conf
+++ b/series.conf
@@ -31461,6 +31461,7 @@
 	patches.suse/selftests-mptcp-close-fd_in-before-returning-in-main.patch
 	patches.suse/objtool-spi-amd-Fix-out-of-bounds-stack-access-in-am.patch
 	patches.suse/objtool-media-dib8000-Prevent-divide-by-zero-in-dib8.patch
+	patches.suse/objtool-panic-Disable-SMAP-in-__stack_chk_fail.patch
 	patches.suse/objtool-Fix-segfault-in-ignore_unreachable_insn.patch
 	patches.suse/x86-paravirt-Move-halt-paravirt-calls-under-CONFIG_PARAVIR.patch
 	patches.suse/x86-tdx-Fix-arch_safe_halt-execution-for-TDX-VMs.patch