rpms
/
kernel
9
1
Fork 4
Code Issues Pull Requests Releases Activity

Compare commits

base: rpms:changed/a8/kernel-4.18.0-477.27.2.el8_8
Branches Tags
rpms:c8
rpms:c9s
rpms:a8-ml
rpms:a8-lt
rpms:c8-lt
rpms:a9
rpms:c9
rpms:a9-ml
rpms:a9-lt
rpms:с9-ml
rpms:c8-ml
rpms:c9-lt
rpms:a9-beta
rpms:a8-beta
rpms:a8
rpms:c8-beta
rpms:c9-beta
rpms:a9-ppc64le
rpms:a8-gcp
rpms:a9-gcp
rpms:a9_new_sb
rpms:a8_new_sb
rpms:c8s
rpms:c9s-sig-altarch-lts-5-15
rpms:a8a
rpms:a8a-beta
rpms:changed/a9/kernel-5.14.0-427.16.1.el9_4
rpms:imports/c9/kernel-5.14.0-427.16.1.el9_4
rpms:changed/a9/kernel-5.14.0-427.13.1.el9_4
rpms:imports/c9/kernel-5.14.0-427.13.1.el9_4
rpms:changed/a9-lt/kernel-lt-6.1.88-1.el9
rpms:imports/c9-lt/kernel-lt-6.1.88-1.el9
rpms:changed/a8-beta/kernel-4.18.0-544.el8
rpms:changed/a9-beta/kernel-5.14.0-427.el9
rpms:changed/a8/kernel-4.18.0-513.24.1.el8_9
rpms:imports/c8/kernel-4.18.0-513.24.1.el8_9
rpms:changed/a8/kernel-4.18.0-513.18.2.el8_9
rpms:changed/a9/kernel-5.14.0-362.24.2.el9_3
rpms:changed/a9/kernel-5.14.0-362.24.1.el9_3
rpms:changed/a8/kernel-4.18.0-513.18.1.el8_9
rpms:imports/c8/kernel-4.18.0-513.18.1.el8_9
rpms:changed/a9/kernel-5.14.0-362.18.1.el9_3
rpms:changed/a9/kernel-5.14.0-362.13.2.el9_3
rpms:changed/a8/kernel-4.18.0-513.11.1.el8_9
rpms:imports/c8/kernel-4.18.0-513.11.1.el8_9
rpms:changed/a9/kernel-5.14.0-362.13.1.el9_3
rpms:imports/c9/kernel-5.14.0-362.13.1.el9_3
rpms:changed/a8/kernel-4.18.0-513.9.1.el8_9
rpms:imports/c8/kernel-4.18.0-513.9.1.el8_9
rpms:changed/a8/kernel-4.18.0-513.5.1.el8_9
rpms:imports/c8/kernel-4.18.0-513.5.1.el8_9
rpms:changed/a9/kernel-5.14.0-362.8.1.el9_3
rpms:imports/c9/kernel-5.14.0-362.8.1.el9_3
rpms:changed/a8-beta/kernel-4.18.0-513.el8
rpms:changed/a9-beta/kernel-5.14.0-362.2.1.el9_3
rpms:imports/c9-beta/kernel-5.14.0-362.2.1.el9_3
rpms:changed/a9-beta/kernel-5.14.0-362.el9
rpms:imports/c8-beta/kernel-4.18.0-513.el8
rpms:changed/a8/kernel-4.18.0-477.27.2.el8_8
rpms:imports/c9-beta/kernel-5.14.0-362.el9
rpms:changed/a8/kernel-4.18.0-477.27.1.el8_8
rpms:changed/a9/kernel-5.14.0-284.30.1.el9_2
rpms:imports/c9/kernel-5.14.0-284.30.1.el9_2
rpms:changed/a8/kernel-4.18.0-477.21.3.el8_8
rpms:changed/a8/kernel-4.18.0-477.21.2.el8_8
rpms:changed/a8/kernel-4.18.0-477.21.1.el8_8
rpms:changed/a9/kernel-5.14.0-284.25.1.el9_2
rpms:changed/a8/kernel-4.18.0-477.15.1.el8_8
rpms:changed/a9/kernel-5.14.0-284.18.1.el9_2
rpms:imports/c9/kernel-5.14.0-284.18.1.el9_2
rpms:changed/a8-gcp/kernel-4.18.0-477.13.1.el8_8.gcp
rpms:changed/a8/kernel-4.18.0-477.13.1.el8_8.alma
rpms:imports/c8/kernel-4.18.0-477.13.1.el8_8
rpms:changed/a8/kernel-4.18.0-477.10.1.el8_8.alma
rpms:imports/c8/kernel-4.18.0-477.10.1.el8_8
rpms:changed/a9/kernel-5.14.0-284.11.1.el9_2.alma
rpms:imports/c9/kernel-5.14.0-284.11.1.el9_2
rpms:changed/a8/kernel-4.18.0-425.19.2.el8_7.gcp
rpms:changed/a9/kernel-5.14.0-162.23.1.el9_1.gcp
rpms:changed/a9/kernel-5.14.0-162.23.1.el9_1.alma
rpms:imports/c9/kernel-5.14.0-162.23.1.el9_1
rpms:changed/a8/kernel-4.18.0-425.19.2.el8_7.alma
rpms:imports/c8/kernel-4.18.0-425.19.2.el8_7
rpms:changed/a9-beta/kernel-5.14.0-283.el9.alma
rpms:changed/a9-ppc64le/kernel-5.14.0-162.12.1.el9_1.kvm
rpms:changed/a9-ppc64le/kernel-5.14.0-162.22.2.el9_1.kvm
rpms:changed/a9-ppc64le/kernel-5.14.0-162.12.1.el9_1.kvm.1
rpms:changed/a8-beta/kernel-4.18.0-477.el8.alma
rpms:imports/c9-beta/kernel-5.14.0-283.el9
rpms:imports/c8-beta/kernel-4.18.0-477.el8
rpms:changed/a9/kernel-5.14.0-162.22.2.el9_1.alma
rpms:imports/c9/kernel-5.14.0-162.22.2.el9_1
rpms:changed/a9/kernel-5.14.0-162.18.1.el9_1.alma
rpms:imports/c9/kernel-5.14.0-162.18.1.el9_1
rpms:changed/a8/kernel-4.18.0-425.13.1.el8_7.alma
rpms:imports/c8/kernel-4.18.0-425.13.1.el8_7
rpms:changed/a9/kernel-5.14.0-162.12.1.el9_1.alma
rpms:imports/c9/kernel-5.14.0-162.12.1.el9_1
rpms:imports/c8s/kernel-4.18.0-448.el8
rpms:changed/a8/kernel-4.18.0-425.10.1.el8_7.alma
rpms:imports/c8/kernel-4.18.0-425.10.1.el8_7
rpms:changed/a9/kernel-5.14.0-162.6.1.el9_1.alma
rpms:changed/a8a/kernel-5.14.0-162.6.1.el9_1.alma
rpms:imports/c9/kernel-5.14.0-162.6.1.el9_1
rpms:changed/a8/kernel-4.18.0-425.3.1.el8
rpms:imports/c8/kernel-4.18.0-425.3.1.el8
rpms:changed/a8a/kernel-5.14.0-70.30.1.el9_0
rpms:changed/a9/kernel-5.14.0-70.30.1.el9_0
rpms:imports/c9/kernel-5.14.0-70.30.1.el9_0
rpms:changed/a8/kernel-4.18.0-372.32.1.el8_6.alma
rpms:imports/c8/kernel-4.18.0-372.32.1.el8_6
rpms:changed/a9-beta/kernel-5.14.0-160.el9
rpms:changed/a8-beta/kernel-4.18.0-423.el8
rpms:imports/c9-beta/kernel-5.14.0-160.el9
rpms:imports/c8-beta/kernel-4.18.0-423.el8
rpms:changed/a9/kernel-5.14.0-70.26.1.el9_0.alma
rpms:imports/c9/kernel-5.14.0-70.26.1.el9_0
rpms:changed/a8/kernel-4.18.0-372.26.1.el8_6.alma
rpms:imports/c8/kernel-4.18.0-372.26.1.el8_6
rpms:changed/a9/kernel-5.14.0-70.22.1.el9_0.alma
rpms:imports/c9/kernel-5.14.0-70.22.1.el9_0
rpms:changed/a8/kernel-4.18.0-372.19.1.el8_6.alma
rpms:imports/c8/kernel-4.18.0-372.19.1.el8_6
rpms:imports/c8s/kernel-4.18.0-408.el8
rpms:changed/a8/kernel-4.18.0-372.16.1.el8_6.alma
rpms:imports/c8/kernel-4.18.0-372.16.1.el8_6
rpms:changed/a9/kernel-5.14.0-70.17.1.el9_0.alma
rpms:changed/a8/kernel-4.18.0-372.13.1.el8_6.alma
rpms:imports/c9/kernel-5.14.0-70.17.1.el9_0
rpms:imports/c8/kernel-4.18.0-372.13.1.el8_6
rpms:imports/c8s/kernel-4.18.0-394.el8
rpms:changed/a9/kernel-5.14.0-70.13.1.el9_0
rpms:imports/c9/kernel-5.14.0-70.13.1.el9_0
rpms:changed/a8/kernel-4.18.0-372.9.1.el8.alma
rpms:imports/c8/kernel-4.18.0-372.9.1.el8
rpms:changed/a8/kernel-4.18.0-348.23.1.el8_5.alma
rpms:imports/c8/kernel-4.18.0-348.23.1.el8_5
rpms:imports/c8s/kernel-4.18.0-383.el8
rpms:changed/a9-beta/kernel-5.14.0-70.5.1.el9_0
rpms:imports/c9-beta/kernel-5.14.0-70.5.1.el9_0
rpms:changed/a9-beta/kernel-5.14.0-63.el9
rpms:changed/a8-beta/kernel-4.18.0-369.el8
rpms:imports/c8-beta/kernel-4.18.0-369.el8
rpms:imports/c8s/kernel-4.18.0-373.el8
rpms:changed/a8/kernel-4.18.0-348.20.1.el8_5.alma
rpms:imports/c8/kernel-4.18.0-348.20.1.el8_5
rpms:imports/c9-beta/kernel-5.14.0-63.el9
rpms:imports/c8s/kernel-4.18.0-365.el8
rpms:imports/c9-beta/kernel-5.14.0-42.el9
rpms:changed/a8/kernel-4.18.0-348.12.2.el8_5.alma
rpms:imports/c8/kernel-4.18.0-348.12.2.el8_5
rpms:imports/c9-beta/kernel-5.14.0-39.el9
rpms:imports/c8s/kernel-4.18.0-358.el8
rpms:changed/a8-beta/kernel-4.18.0-348.el8
rpms:changed/a8/kernel-4.18.0-348.7.1.el8_5
rpms:imports/c8/kernel-4.18.0-348.7.1.el8_5
rpms:imports/c9-beta/kernel-5.14.0-21.el9
rpms:imports/c9-beta/kernel-5.14.0-1.7.1.el9
rpms:changed/a8/kernel-4.18.0-348.2.1.el8_5
rpms:imports/c8/kernel-4.18.0-348.2.1.el8_5
rpms:imports/c8/kernel-4.18.0-348.el8
rpms:imports/c8/kernel-4.18.0-305.25.1.el8_4
rpms:changed/a8-beta/kernel-4.18.0-339.el8
rpms:imports/c8s/kernel-4.18.0-348.el8
rpms:imports/c8-beta/kernel-4.18.0-339.el8
rpms:imports/c8-beta/kernel-4.18.0-293.el8
rpms:imports/c8-beta/kernel-4.18.0-221.el8
rpms:imports/c8-beta/kernel-4.18.0-167.el8
rpms:imports/c8-beta/kernel-4.18.0-107.el8
rpms:changed/a8/kernel-4.18.0-305.19.1.el8_4
rpms:imports/c8s/kernel-4.18.0-338.el8
rpms:imports/c8s/kernel-4.18.0-331.el8
rpms:imports/c8s/kernel-4.18.0-326.el8
rpms:imports/c8s/kernel-4.18.0-315.el8
rpms:imports/c8s/kernel-4.18.0-310.el8
rpms:imports/c8/kernel-4.18.0-305.19.1.el8_4
rpms:imports/c8/kernel-4.18.0-305.17.1.el8_4
rpms:imports/c8/kernel-4.18.0-305.12.1.el8_4
rpms:imports/c8/kernel-4.18.0-305.10.2.el8_4
rpms:imports/c8/kernel-4.18.0-305.7.1.el8_4
..
compare: rpms:c8
Branches Tags
rpms:c9s
rpms:a8-ml
rpms:a8-lt
rpms:c8-lt
rpms:a9
rpms:c9
rpms:a9-ml
rpms:a9-lt
rpms:с9-ml
rpms:c8-ml
rpms:c9-lt
rpms:a9-beta
rpms:a8-beta
rpms:a8
rpms:c8
rpms:c8-beta
rpms:c9-beta
rpms:a9-ppc64le
rpms:a8-gcp
rpms:a9-gcp
rpms:a9_new_sb
rpms:a8_new_sb
rpms:c8s
rpms:c9s-sig-altarch-lts-5-15
rpms:a8a
rpms:a8a-beta
rpms:changed/a9/kernel-5.14.0-427.16.1.el9_4
rpms:imports/c9/kernel-5.14.0-427.16.1.el9_4
rpms:changed/a9/kernel-5.14.0-427.13.1.el9_4
rpms:imports/c9/kernel-5.14.0-427.13.1.el9_4
rpms:changed/a9-lt/kernel-lt-6.1.88-1.el9
rpms:imports/c9-lt/kernel-lt-6.1.88-1.el9
rpms:changed/a8-beta/kernel-4.18.0-544.el8
rpms:changed/a9-beta/kernel-5.14.0-427.el9
rpms:changed/a8/kernel-4.18.0-513.24.1.el8_9
rpms:imports/c8/kernel-4.18.0-513.24.1.el8_9
rpms:changed/a8/kernel-4.18.0-513.18.2.el8_9
rpms:changed/a9/kernel-5.14.0-362.24.2.el9_3
rpms:changed/a9/kernel-5.14.0-362.24.1.el9_3
rpms:changed/a8/kernel-4.18.0-513.18.1.el8_9
rpms:imports/c8/kernel-4.18.0-513.18.1.el8_9
rpms:changed/a9/kernel-5.14.0-362.18.1.el9_3
rpms:changed/a9/kernel-5.14.0-362.13.2.el9_3
rpms:changed/a8/kernel-4.18.0-513.11.1.el8_9
rpms:imports/c8/kernel-4.18.0-513.11.1.el8_9
rpms:changed/a9/kernel-5.14.0-362.13.1.el9_3
rpms:imports/c9/kernel-5.14.0-362.13.1.el9_3
rpms:changed/a8/kernel-4.18.0-513.9.1.el8_9
rpms:imports/c8/kernel-4.18.0-513.9.1.el8_9
rpms:changed/a8/kernel-4.18.0-513.5.1.el8_9
rpms:imports/c8/kernel-4.18.0-513.5.1.el8_9
rpms:changed/a9/kernel-5.14.0-362.8.1.el9_3
rpms:imports/c9/kernel-5.14.0-362.8.1.el9_3
rpms:changed/a8-beta/kernel-4.18.0-513.el8
rpms:changed/a9-beta/kernel-5.14.0-362.2.1.el9_3
rpms:imports/c9-beta/kernel-5.14.0-362.2.1.el9_3
rpms:changed/a9-beta/kernel-5.14.0-362.el9
rpms:imports/c8-beta/kernel-4.18.0-513.el8
rpms:changed/a8/kernel-4.18.0-477.27.2.el8_8
rpms:imports/c9-beta/kernel-5.14.0-362.el9
rpms:changed/a8/kernel-4.18.0-477.27.1.el8_8
rpms:changed/a9/kernel-5.14.0-284.30.1.el9_2
rpms:imports/c9/kernel-5.14.0-284.30.1.el9_2
rpms:changed/a8/kernel-4.18.0-477.21.3.el8_8
rpms:changed/a8/kernel-4.18.0-477.21.2.el8_8
rpms:changed/a8/kernel-4.18.0-477.21.1.el8_8
rpms:changed/a9/kernel-5.14.0-284.25.1.el9_2
rpms:changed/a8/kernel-4.18.0-477.15.1.el8_8
rpms:changed/a9/kernel-5.14.0-284.18.1.el9_2
rpms:imports/c9/kernel-5.14.0-284.18.1.el9_2
rpms:changed/a8-gcp/kernel-4.18.0-477.13.1.el8_8.gcp
rpms:changed/a8/kernel-4.18.0-477.13.1.el8_8.alma
rpms:imports/c8/kernel-4.18.0-477.13.1.el8_8
rpms:changed/a8/kernel-4.18.0-477.10.1.el8_8.alma
rpms:imports/c8/kernel-4.18.0-477.10.1.el8_8
rpms:changed/a9/kernel-5.14.0-284.11.1.el9_2.alma
rpms:imports/c9/kernel-5.14.0-284.11.1.el9_2
rpms:changed/a8/kernel-4.18.0-425.19.2.el8_7.gcp
rpms:changed/a9/kernel-5.14.0-162.23.1.el9_1.gcp
rpms:changed/a9/kernel-5.14.0-162.23.1.el9_1.alma
rpms:imports/c9/kernel-5.14.0-162.23.1.el9_1
rpms:changed/a8/kernel-4.18.0-425.19.2.el8_7.alma
rpms:imports/c8/kernel-4.18.0-425.19.2.el8_7
rpms:changed/a9-beta/kernel-5.14.0-283.el9.alma
rpms:changed/a9-ppc64le/kernel-5.14.0-162.12.1.el9_1.kvm
rpms:changed/a9-ppc64le/kernel-5.14.0-162.22.2.el9_1.kvm
rpms:changed/a9-ppc64le/kernel-5.14.0-162.12.1.el9_1.kvm.1
rpms:changed/a8-beta/kernel-4.18.0-477.el8.alma
rpms:imports/c9-beta/kernel-5.14.0-283.el9
rpms:imports/c8-beta/kernel-4.18.0-477.el8
rpms:changed/a9/kernel-5.14.0-162.22.2.el9_1.alma
rpms:imports/c9/kernel-5.14.0-162.22.2.el9_1
rpms:changed/a9/kernel-5.14.0-162.18.1.el9_1.alma
rpms:imports/c9/kernel-5.14.0-162.18.1.el9_1
rpms:changed/a8/kernel-4.18.0-425.13.1.el8_7.alma
rpms:imports/c8/kernel-4.18.0-425.13.1.el8_7
rpms:changed/a9/kernel-5.14.0-162.12.1.el9_1.alma
rpms:imports/c9/kernel-5.14.0-162.12.1.el9_1
rpms:imports/c8s/kernel-4.18.0-448.el8
rpms:changed/a8/kernel-4.18.0-425.10.1.el8_7.alma
rpms:imports/c8/kernel-4.18.0-425.10.1.el8_7
rpms:changed/a9/kernel-5.14.0-162.6.1.el9_1.alma
rpms:changed/a8a/kernel-5.14.0-162.6.1.el9_1.alma
rpms:imports/c9/kernel-5.14.0-162.6.1.el9_1
rpms:changed/a8/kernel-4.18.0-425.3.1.el8
rpms:imports/c8/kernel-4.18.0-425.3.1.el8
rpms:changed/a8a/kernel-5.14.0-70.30.1.el9_0
rpms:changed/a9/kernel-5.14.0-70.30.1.el9_0
rpms:imports/c9/kernel-5.14.0-70.30.1.el9_0
rpms:changed/a8/kernel-4.18.0-372.32.1.el8_6.alma
rpms:imports/c8/kernel-4.18.0-372.32.1.el8_6
rpms:changed/a9-beta/kernel-5.14.0-160.el9
rpms:changed/a8-beta/kernel-4.18.0-423.el8
rpms:imports/c9-beta/kernel-5.14.0-160.el9
rpms:imports/c8-beta/kernel-4.18.0-423.el8
rpms:changed/a9/kernel-5.14.0-70.26.1.el9_0.alma
rpms:imports/c9/kernel-5.14.0-70.26.1.el9_0
rpms:changed/a8/kernel-4.18.0-372.26.1.el8_6.alma
rpms:imports/c8/kernel-4.18.0-372.26.1.el8_6
rpms:changed/a9/kernel-5.14.0-70.22.1.el9_0.alma
rpms:imports/c9/kernel-5.14.0-70.22.1.el9_0
rpms:changed/a8/kernel-4.18.0-372.19.1.el8_6.alma
rpms:imports/c8/kernel-4.18.0-372.19.1.el8_6
rpms:imports/c8s/kernel-4.18.0-408.el8
rpms:changed/a8/kernel-4.18.0-372.16.1.el8_6.alma
rpms:imports/c8/kernel-4.18.0-372.16.1.el8_6
rpms:changed/a9/kernel-5.14.0-70.17.1.el9_0.alma
rpms:changed/a8/kernel-4.18.0-372.13.1.el8_6.alma
rpms:imports/c9/kernel-5.14.0-70.17.1.el9_0
rpms:imports/c8/kernel-4.18.0-372.13.1.el8_6
rpms:imports/c8s/kernel-4.18.0-394.el8
rpms:changed/a9/kernel-5.14.0-70.13.1.el9_0
rpms:imports/c9/kernel-5.14.0-70.13.1.el9_0
rpms:changed/a8/kernel-4.18.0-372.9.1.el8.alma
rpms:imports/c8/kernel-4.18.0-372.9.1.el8
rpms:changed/a8/kernel-4.18.0-348.23.1.el8_5.alma
rpms:imports/c8/kernel-4.18.0-348.23.1.el8_5
rpms:imports/c8s/kernel-4.18.0-383.el8
rpms:changed/a9-beta/kernel-5.14.0-70.5.1.el9_0
rpms:imports/c9-beta/kernel-5.14.0-70.5.1.el9_0
rpms:changed/a9-beta/kernel-5.14.0-63.el9
rpms:changed/a8-beta/kernel-4.18.0-369.el8
rpms:imports/c8-beta/kernel-4.18.0-369.el8
rpms:imports/c8s/kernel-4.18.0-373.el8
rpms:changed/a8/kernel-4.18.0-348.20.1.el8_5.alma
rpms:imports/c8/kernel-4.18.0-348.20.1.el8_5
rpms:imports/c9-beta/kernel-5.14.0-63.el9
rpms:imports/c8s/kernel-4.18.0-365.el8
rpms:imports/c9-beta/kernel-5.14.0-42.el9
rpms:changed/a8/kernel-4.18.0-348.12.2.el8_5.alma
rpms:imports/c8/kernel-4.18.0-348.12.2.el8_5
rpms:imports/c9-beta/kernel-5.14.0-39.el9
rpms:imports/c8s/kernel-4.18.0-358.el8
rpms:changed/a8-beta/kernel-4.18.0-348.el8
rpms:changed/a8/kernel-4.18.0-348.7.1.el8_5
rpms:imports/c8/kernel-4.18.0-348.7.1.el8_5
rpms:imports/c9-beta/kernel-5.14.0-21.el9
rpms:imports/c9-beta/kernel-5.14.0-1.7.1.el9
rpms:changed/a8/kernel-4.18.0-348.2.1.el8_5
rpms:imports/c8/kernel-4.18.0-348.2.1.el8_5
rpms:imports/c8/kernel-4.18.0-348.el8
rpms:imports/c8/kernel-4.18.0-305.25.1.el8_4
rpms:changed/a8-beta/kernel-4.18.0-339.el8
rpms:imports/c8s/kernel-4.18.0-348.el8
rpms:imports/c8-beta/kernel-4.18.0-339.el8
rpms:imports/c8-beta/kernel-4.18.0-293.el8
rpms:imports/c8-beta/kernel-4.18.0-221.el8
rpms:imports/c8-beta/kernel-4.18.0-167.el8
rpms:imports/c8-beta/kernel-4.18.0-107.el8
rpms:changed/a8/kernel-4.18.0-305.19.1.el8_4
rpms:imports/c8s/kernel-4.18.0-338.el8
rpms:imports/c8s/kernel-4.18.0-331.el8
rpms:imports/c8s/kernel-4.18.0-326.el8
rpms:imports/c8s/kernel-4.18.0-315.el8
rpms:imports/c8s/kernel-4.18.0-310.el8
rpms:imports/c8/kernel-4.18.0-305.19.1.el8_4
rpms:imports/c8/kernel-4.18.0-305.17.1.el8_4
rpms:imports/c8/kernel-4.18.0-305.12.1.el8_4
rpms:imports/c8/kernel-4.18.0-305.10.2.el8_4
rpms:imports/c8/kernel-4.18.0-305.7.1.el8_4

11 Commits
changed/a8 ... c8

Author SHA1 Message Date
Andrew Lukoshko a99463995f Revert EuroLinux modifications 2024-04-08 14:52:46 +00:00
Andrew Lukoshko 8287ea7af6 import EuroLinux kernel-4.18.0-513.24.1.el8_9 2024-04-08 14:52:40 +00:00
eabdullin 0e7eed8f6b Revert EuroLinux changes 2024-02-22 10:12:23 +03:00
eabdullin 5c12f03449 import EuroLinux 4.18.0-513.18.1.el8_9 2024-02-22 10:10:00 +03:00
eabdullin 567d198790 Revert EuroLinux changes 2024-01-16 16:09:31 +03:00
eabdullin bf55227155 Import EL kernel-4.18.0-513.11.1.el8_9 2024-01-16 16:04:40 +03:00
Andrew Lukoshko ecd26ad835 Revert EuroLinux modifications 2023-12-02 09:55:15 +00:00
Andrew Lukoshko f9b607962c import EuroLinux kernel-4.18.0-513.9.1.el8_9 2023-12-02 09:55:08 +00:00
Andrew Lukoshko 19b21fa491 Revert EuroLinux modifications 2023-11-19 20:46:16 +00:00
Andrew Lukoshko d4d23d98e2 import EuroLinux kernel-4.18.0-513.5.1.el8_9 2023-11-19 20:46:09 +00:00
Andrew Lukoshko 8fa2d4744d import CS kernel-4.18.0-513.el8 2023-11-19 20:40:51 +00:00
75 changed files with 8681 additions and 6578 deletions
Show Stats Expand all files Collapse all files

13
.gitignore vendored
View File

@ -1,5 +1,12 @@
SOURCES/kernel-abi-stablelists-4.18.0-477.tar.bz2
SOURCES/kernel-kabi-dw-4.18.0-477.tar.bz2
SOURCES/linux-4.18.0-477.13.1.el8_8.tar.xz
SOURCES/centossecureboot201.cer
SOURCES/centossecurebootca2.cer
SOURCES/kernel-abi-stablelists-4.18.0-513.tar.bz2
SOURCES/kernel-kabi-dw-4.18.0-513.tar.bz2
SOURCES/linux-4.18.0-513.24.1.el8_9.tar.xz
SOURCES/redhatsecureboot302.cer
SOURCES/redhatsecureboot303.cer
SOURCES/redhatsecureboot501.cer
SOURCES/redhatsecurebootca3.cer
SOURCES/redhatsecurebootca7.cer
SOURCES/rheldup3.x509
SOURCES/rhelkpatch1.x509

13
.kernel.metadata
View File

@ -1,5 +1,12 @@
e725ef0926373499de3a23fe92c993f5d9d7f021 SOURCES/kernel-abi-stablelists-4.18.0-477.tar.bz2
e5db84dd1b699a0ec6795e645cb9ea1d62acc739 SOURCES/kernel-kabi-dw-4.18.0-477.tar.bz2
03744e5ffb9fb64236ce0a2c6d425bb22c4f43af SOURCES/linux-4.18.0-477.13.1.el8_8.tar.xz
2ba40bf9138b48311e5aa1b737b7f0a8ad66066f SOURCES/centossecureboot201.cer
bfdb3d7cffc43f579655af5155d50c08671d95e5 SOURCES/centossecurebootca2.cer
c7f830cea6081a930009b1f964e7f9b70c47eeb3 SOURCES/kernel-abi-stablelists-4.18.0-513.tar.bz2
15094c92ff5c01bb04f3f9052561a774df6502c4 SOURCES/kernel-kabi-dw-4.18.0-513.tar.bz2
6a87768e60e51e5c1d227082dcbdd3ed5c98ce8e SOURCES/linux-4.18.0-513.24.1.el8_9.tar.xz
13e5cd3f856b472fde80a4deb75f4c18dfb5b255 SOURCES/redhatsecureboot302.cer
e89890ca0ded2f9058651cc5fa838b78db2e6cc2 SOURCES/redhatsecureboot303.cer
ba0b760e594ff668ee72ae348adf3e49b97f75fb SOURCES/redhatsecureboot501.cer
cf9230e69000076727e5b784ec871d22716dc5da SOURCES/redhatsecurebootca3.cer
905d91a282727c7f5ad433a49ac42a0772311c6a SOURCES/redhatsecurebootca7.cer
95b9b811c7b0a6c98b2eafc4e7d6d24f2cb63289 SOURCES/rheldup3.x509
d90885108d225a234a5a9d054fc80893a5bd54d0 SOURCES/rhelkpatch1.x509

83
SOURCES/1001-net-tls-fix-possible-race-condition-between-do_tls_g.patch
View File

@ -1,83 +0,0 @@
From f83f793e1fac3df2dda737ab857099e27b983440 Mon Sep 17 00:00:00 2001
From: Hangyu Hua <hbh25y@gmail.com>
Date: Wed, 19 Jul 2023 22:52:35 +0000
Subject: [PATCH 1/1] net: tls: fix possible race condition between
do_tls_getsockopt_conf() and do_tls_setsockopt_conf()
ctx->crypto_send.info is not protected by lock_sock in
do_tls_getsockopt_conf(). A race condition between do_tls_getsockopt_conf()
and error paths of do_tls_setsockopt_conf() may lead to a use-after-free
or null-deref.
More discussion: https://lore.kernel.org/all/Y/ht6gQL+u6fj3dG@hog/
Fixes: 3c4d7559159b ("tls: kernel TLS support")
Signed-off-by: Hangyu Hua <hbh25y@gmail.com>
Link: https://lore.kernel.org/r/20230228023344.9623-1-hbh25y@gmail.com
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
(commit 49c47cc21b5b7a3d8deb18fc57b0aa2ab1286962 upstream)
Conflicts:
net/tls/tls_main.c
CVE: CVE-2023-28466
Signed-off-by: Mridula Shastry <mridula.c.shastry@oracle.com>
Reviewed-by: Bert Barbe <bert.barbe@oracle.com>
---
net/tls/tls_main.c | 9 +++++----
1 file changed, 5 insertions(+), 4 deletions(-)
diff --git a/net/tls/tls_main.c b/net/tls/tls_main.c
index a4ca1bfaa..92909eeca 100644
--- a/net/tls/tls_main.c
+++ b/net/tls/tls_main.c
@@ -386,13 +386,11 @@ static int do_tls_getsockopt_conf(struct sock *sk, char __user *optval,
rc = -EINVAL;
goto out;
}
- lock_sock(sk);
memcpy(crypto_info_aes_gcm_128->iv,
cctx->iv + TLS_CIPHER_AES_GCM_128_SALT_SIZE,
TLS_CIPHER_AES_GCM_128_IV_SIZE);
memcpy(crypto_info_aes_gcm_128->rec_seq, cctx->rec_seq,
TLS_CIPHER_AES_GCM_128_REC_SEQ_SIZE);
- release_sock(sk);
if (copy_to_user(optval,
crypto_info_aes_gcm_128,
sizeof(*crypto_info_aes_gcm_128)))
@@ -410,13 +408,11 @@ static int do_tls_getsockopt_conf(struct sock *sk, char __user *optval,
rc = -EINVAL;
goto out;
}
- lock_sock(sk);
memcpy(crypto_info_aes_gcm_256->iv,
cctx->iv + TLS_CIPHER_AES_GCM_256_SALT_SIZE,
TLS_CIPHER_AES_GCM_256_IV_SIZE);
memcpy(crypto_info_aes_gcm_256->rec_seq, cctx->rec_seq,
TLS_CIPHER_AES_GCM_256_REC_SEQ_SIZE);
- release_sock(sk);
if (copy_to_user(optval,
crypto_info_aes_gcm_256,
sizeof(*crypto_info_aes_gcm_256)))
@@ -436,6 +432,8 @@ static int do_tls_getsockopt(struct sock *sk, int optname,
{
int rc = 0;
+ lock_sock(sk);
+
switch (optname) {
case TLS_TX:
case TLS_RX:
@@ -446,6 +444,9 @@ static int do_tls_getsockopt(struct sock *sk, int optname,
rc = -ENOPROTOOPT;
break;
}
+
+ release_sock(sk);
+
return rc;
}
--
2.39.3

77
SOURCES/1002-Bluetooth-L2CAP-Fix-accepting-connection-request.patch
View File

@ -1,77 +0,0 @@
From b19a194712d8f25e80d53803ccd0176f619b3fbc Mon Sep 17 00:00:00 2001
From: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Date: Tue, 8 Aug 2023 10:38:26 +0000
Subject: [PATCH 1/7] Bluetooth: L2CAP: Fix accepting connection request for
invalid SPSM
commit 711f8c3fb3db61897080468586b970c87c61d9e4 upstream
Author: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Date: Mon Oct 31 16:10:32 2022 -0700
Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM
The Bluetooth spec states that the valid range for SPSM is from
0x0001-0x00ff so it is invalid to accept values outside of this range:
BLUETOOTH CORE SPECIFICATION Version 5.3 | Vol 3, Part A
page 1059:
Table 4.15: L2CAP_LE_CREDIT_BASED_CONNECTION_REQ SPSM ranges
CVE: CVE-2022-42896
CC: stable@vger.kernel.org
Reported-by: Tamás Koczka <poprdi@google.com>
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Reviewed-by: Tedd Ho-Jeong An <tedd.an@intel.com>
Signed-off-by: Nagappan Ramasamy Palaniappan <nagappan.ramasamy.palaniappan@oracle.com>
Reviewed-by: Laurence Rochfort <laurence.rochfort@oracle.com>
---
net/bluetooth/l2cap_core.c | 25 +++++++++++++++++++++++++
1 file changed, 25 insertions(+)
diff --git a/net/bluetooth/l2cap_core.c b/net/bluetooth/l2cap_core.c
index 86ecd4ad4..4fed6d24a 100644
--- a/net/bluetooth/l2cap_core.c
+++ b/net/bluetooth/l2cap_core.c
@@ -5771,6 +5771,19 @@ static int l2cap_le_connect_req(struct l2cap_conn *conn,
BT_DBG("psm 0x%2.2x scid 0x%4.4x mtu %u mps %u", __le16_to_cpu(psm),
scid, mtu, mps);
+ /* BLUETOOTH CORE SPECIFICATION Version 5.3 | Vol 3, Part A
+ * page 1059:
+ *
+ * Valid range: 0x0001-0x00ff
+ *
+ * Table 4.15: L2CAP_LE_CREDIT_BASED_CONNECTION_REQ SPSM ranges
+ */
+ if (!psm || __le16_to_cpu(psm) > L2CAP_PSM_LE_DYN_END) {
+ result = L2CAP_CR_LE_BAD_PSM;
+ chan = NULL;
+ goto response;
+ }
+
/* Check if we have socket listening on psm */
pchan = l2cap_global_chan_by_psm(BT_LISTEN, psm, &conn->hcon->src,
&conn->hcon->dst, LE_LINK);
@@ -5958,6 +5971,18 @@ static inline int l2cap_ecred_conn_req(struct l2cap_conn *conn,
psm = req->psm;
+ /* BLUETOOTH CORE SPECIFICATION Version 5.3 | Vol 3, Part A
+ * page 1059:
+ *
+ * Valid range: 0x0001-0x00ff
+ *
+ * Table 4.15: L2CAP_LE_CREDIT_BASED_CONNECTION_REQ SPSM ranges
+ */
+ if (!psm || __le16_to_cpu(psm) > L2CAP_PSM_LE_DYN_END) {
+ result = L2CAP_CR_LE_BAD_PSM;
+ goto response;
+ }
+
BT_DBG("psm 0x%2.2x mtu %u mps %u", __le16_to_cpu(psm), mtu, mps);
memset(&pdu, 0, sizeof(pdu));
--
2.31.1

113
SOURCES/1003-net-sched-tcindex-update-imperfect-hash-filters-resp.patch
View File

@ -1,113 +0,0 @@
From a11b8451e966830bb9aeaf27a9464fe0ab59907d Mon Sep 17 00:00:00 2001
From: Jamal Hadi Salim <jhs@mojatatu.com>
Date: Tue, 8 Aug 2023 10:46:07 +0000
Subject: [PATCH 2/7] net/sched: tcindex: update imperfect hash filters
respecting rcu
commit ee059170b1f7e94e55fa6cadee544e176a6e59c2 upstream
Author: Pedro Tammela <pctammela@mojatatu.com>
Date: Thu Feb 9 11:37:39 2023 -0300
net/sched: tcindex: update imperfect hash filters respecting rcu
The imperfect hash area can be updated while packets are traversing,
which will cause a use-after-free when 'tcf_exts_exec()' is called
with the destroyed tcf_ext.
CPU 0: CPU 1:
tcindex_set_parms tcindex_classify
tcindex_lookup
tcindex_lookup
tcf_exts_change
tcf_exts_exec [UAF]
Stop operating on the shared area directly, by using a local copy,
and update the filter with 'rcu_replace_pointer()'. Delete the old
filter version only after a rcu grace period elapsed.
Fixes: 9b0d4446b569 ("net: sched: avoid atomic swap in tcf_exts_change")
Reported-by: valis <sec@valis.email>
Suggested-by: valis <sec@valis.email>
Signed-off-by: Jamal Hadi Salim <jhs@mojatatu.com>
Signed-off-by: Pedro Tammela <pctammela@mojatatu.com>
Link: https://lore.kernel.org/r/20230209143739.279867-1-pctammela@mojatatu.com
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
CVE: CVE-2023-1281
Signed-off-by: Nagappan Ramasamy Palaniappan <nagappan.ramasamy.palaniappan@oracle.com>
Reviewed-by: Reviewed-by: Venkat Venkatsubra <venkat.x.venkatsubra@oracle.com>
Reviewed-by: Laurence Rochfort <laurence.rochfort@oracle.com>
---
net/sched/cls_tcindex.c | 34 ++++++++++++++++++++++++++++++----
1 file changed, 30 insertions(+), 4 deletions(-)
diff --git a/net/sched/cls_tcindex.c b/net/sched/cls_tcindex.c
index df229a808..83042a101 100644
--- a/net/sched/cls_tcindex.c
+++ b/net/sched/cls_tcindex.c
@@ -11,6 +11,7 @@
#include <linux/errno.h>
#include <linux/slab.h>
#include <linux/refcount.h>
+#include <linux/rcupdate.h>
#include <net/act_api.h>
#include <net/netlink.h>
#include <net/pkt_cls.h>
@@ -337,6 +338,7 @@ tcindex_set_parms(struct net *net, struct tcf_proto *tp, unsigned long base,
struct tcf_result cr = {};
int err, balloc = 0;
struct tcf_exts e;
+ bool update_h = false;
err = tcf_exts_init(&e, net, TCA_TCINDEX_ACT, TCA_TCINDEX_POLICE);
if (err < 0)
@@ -454,10 +456,13 @@ tcindex_set_parms(struct net *net, struct tcf_proto *tp, unsigned long base,
}
}
- if (cp->perfect)
+ if (cp->perfect) {
r = cp->perfect + handle;
- else
- r = tcindex_lookup(cp, handle) ? : &new_filter_result;
+ } else {
+ /* imperfect area is updated in-place using rcu */
+ update_h = !!tcindex_lookup(cp, handle);
+ r = &new_filter_result;
+ }
if (r == &new_filter_result) {
f = kzalloc(sizeof(*f), GFP_KERNEL);
@@ -491,7 +496,28 @@ tcindex_set_parms(struct net *net, struct tcf_proto *tp, unsigned long base,
rcu_assign_pointer(tp->root, cp);
- if (r == &new_filter_result) {
+ if (update_h) {
+ struct tcindex_filter __rcu **fp;
+ struct tcindex_filter *cf;
+
+ f->result.res = r->res;
+ tcf_exts_change(&f->result.exts, &r->exts);
+
+ /* imperfect area bucket */
+ fp = cp->h + (handle % cp->hash);
+
+ /* lookup the filter, guaranteed to exist */
+ for (cf = rcu_dereference_bh_rtnl(*fp); cf;
+ fp = &cf->next, cf = rcu_dereference_bh_rtnl(*fp))
+ if (cf->key == handle)
+ break;
+
+ f->next = cf->next;
+
+ cf = rcu_replace_pointer(*fp, f, 1);
+ tcf_exts_get_net(&cf->result.exts);
+ tcf_queue_work(&cf->rwork, tcindex_destroy_fexts_work);
+ } else if (r == &new_filter_result) {
struct tcindex_filter *nfp;
struct tcindex_filter __rcu **fp;
--
2.31.1

87
SOURCES/1004-net-sched-tcindex-search-key-must-be-16-bits.patch
View File

@ -1,87 +0,0 @@
From ad24994e22b545703a710ae7928a160970ff72db Mon Sep 17 00:00:00 2001
From: Jamal Hadi Salim <jhs@mojatatu.com>
Date: Tue, 8 Aug 2023 11:07:16 +0000
Subject: [PATCH 3/7] net/sched: tcindex: search key must be 16 bits
commit 42018a322bd453e38b3ffee294982243e50a484f upstream
Author: Pedro Tammela <pctammela@mojatatu.com>
Date: Mon Feb 13 22:47:29 2023 -0300
net/sched: tcindex: search key must be 16 bits
Syzkaller found an issue where a handle greater than 16 bits would trigger
a null-ptr-deref in the imperfect hash area update.
general protection fault, probably for non-canonical address
0xdffffc0000000015: 0000 [#1] PREEMPT SMP KASAN
KASAN: null-ptr-deref in range [0x00000000000000a8-0x00000000000000af]
CPU: 0 PID: 5070 Comm: syz-executor456 Not tainted
6.2.0-rc7-syzkaller-00112-gc68f345b7c42 #0
Hardware name: Google Google Compute Engine/Google Compute Engine,
BIOS Google 01/21/2023
RIP: 0010:tcindex_set_parms+0x1a6a/0x2990 net/sched/cls_tcindex.c:509
Code: 01 e9 e9 fe ff ff 4c 8b bd 28 fe ff ff e8 0e 57 7d f9 48 8d bb
a8 00 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <80> 3c
02 00 0f 85 94 0c 00 00 48 8b 85 f8 fd ff ff 48 8b 9b a8 00
RSP: 0018:ffffc90003d3ef88 EFLAGS: 00010202
RAX: dffffc0000000000 RBX: 0000000000000000 RCX: 0000000000000000
RDX: 0000000000000015 RSI: ffffffff8803a102 RDI: 00000000000000a8
RBP: ffffc90003d3f1d8 R08: 0000000000000001 R09: 0000000000000000
R10: 0000000000000001 R11: 0000000000000000 R12: ffff88801e2b10a8
R13: dffffc0000000000 R14: 0000000000030000 R15: ffff888017b3be00
FS: 00005555569af300(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 000056041c6d2000 CR3: 000000002bfca000 CR4: 00000000003506f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
<TASK>
tcindex_change+0x1ea/0x320 net/sched/cls_tcindex.c:572
tc_new_tfilter+0x96e/0x2220 net/sched/cls_api.c:2155
rtnetlink_rcv_msg+0x959/0xca0 net/core/rtnetlink.c:6132
netlink_rcv_skb+0x165/0x440 net/netlink/af_netlink.c:2574
netlink_unicast_kernel net/netlink/af_netlink.c:1339 [inline]
netlink_unicast+0x547/0x7f0 net/netlink/af_netlink.c:1365
netlink_sendmsg+0x91b/0xe10 net/netlink/af_netlink.c:1942
sock_sendmsg_nosec net/socket.c:714 [inline]
sock_sendmsg+0xd3/0x120 net/socket.c:734
____sys_sendmsg+0x334/0x8c0 net/socket.c:2476
___sys_sendmsg+0x110/0x1b0 net/socket.c:2530
__sys_sendmmsg+0x18f/0x460 net/socket.c:2616
__do_sys_sendmmsg net/socket.c:2645 [inline]
__se_sys_sendmmsg net/socket.c:2642 [inline]
__x64_sys_sendmmsg+0x9d/0x100 net/socket.c:2642
do_syscall_x64 arch/x86/entry/common.c:50 [inline]
do_syscall_64+0x39/0xb0 arch/x86/entry/common.c:80
Fixes: ee059170b1f7 ("net/sched: tcindex: update imperfect hash filters respecting rcu")
Signed-off-by: Jamal Hadi Salim <jhs@mojatatu.com>
Signed-off-by: Pedro Tammela <pctammela@mojatatu.com>
Reported-by: syzbot <syzkaller@googlegroups.com>
Reviewed-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
CVE: CVE-2023-1281
Signed-off-by: Nagappan Ramasamy Palaniappan <nagappan.ramasamy.palaniappan@oracle.com>
Reviewed-by: Reviewed-by: Venkat Venkatsubra <venkat.x.venkatsubra@oracle.com>
Reviewed-by: Laurence Rochfort <laurence.rochfort@oracle.com>
---
net/sched/cls_tcindex.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/net/sched/cls_tcindex.c b/net/sched/cls_tcindex.c
index 83042a101..a021ba685 100644
--- a/net/sched/cls_tcindex.c
+++ b/net/sched/cls_tcindex.c
@@ -509,7 +509,7 @@ tcindex_set_parms(struct net *net, struct tcf_proto *tp, unsigned long base,
/* lookup the filter, guaranteed to exist */
for (cf = rcu_dereference_bh_rtnl(*fp); cf;
fp = &cf->next, cf = rcu_dereference_bh_rtnl(*fp))
- if (cf->key == handle)
+ if (cf->key == (u16)handle)
break;
f->next = cf->next;
--
2.31.1

836
SOURCES/1005-net-sched-Retire-tcindex-classifier.patch
View File

@ -1,836 +0,0 @@
From 4670364a13fccc328386157d820f6ff68619187c Mon Sep 17 00:00:00 2001
From: Jamal Hadi Salim <jhs@mojatatu.com>
Date: Tue, 8 Aug 2023 18:26:13 +0000
Subject: [PATCH 4/7] net/sched: Retire tcindex classifier
commit 8c710f75256bb3cf05ac7b1672c82b92c43f3d28 upstream
The tcindex classifier has served us well for about a quarter of a century
but has not been getting much TLC due to lack of known users. Most recently
it has become easy prey to syzkaller. For this reason, we are retiring it.
Signed-off-by: Jamal Hadi Salim <jhs@mojatatu.com>
Acked-by: Jiri Pirko <jiri@nvidia.com>
Signed-off-by: Paolo Abeni <pabeni@redhat.com>
Conflicts:
include/net/tc_wrapper.h
tools/testing/selftests/tc-testing/tc-tests/filters/tcindex.json
CVE: CVE-2023-1829
Signed-off-by: Mridula Shastry <mridula.c.shastry@oracle.com>
Reviewed-by: Reviewed-by: Venkat Venkatsubra <venkat.x.venkatsubra@oracle.com>
Reviewed-by: Laurence Rochfort <laurence.rochfort@oracle.com>
---
net/sched/Kconfig | 11 -
net/sched/Makefile | 1 -
net/sched/cls_tcindex.c | 763 ----------------------------------------
3 files changed, 775 deletions(-)
delete mode 100644 net/sched/cls_tcindex.c
diff --git a/net/sched/Kconfig b/net/sched/Kconfig
index afe1d506e..882446fce 100644
--- a/net/sched/Kconfig
+++ b/net/sched/Kconfig
@@ -502,17 +502,6 @@ config NET_CLS_BASIC
To compile this code as a module, choose M here: the
module will be called cls_basic.
-config NET_CLS_TCINDEX
- tristate "Traffic-Control Index (TCINDEX)"
- select NET_CLS
- help
- Say Y here if you want to be able to classify packets based on
- traffic control indices. You will want this feature if you want
- to implement Differentiated Services together with DSMARK.
-
- To compile this code as a module, choose M here: the
- module will be called cls_tcindex.
-
config NET_CLS_ROUTE4
tristate "Routing decision (ROUTE)"
depends on INET
diff --git a/net/sched/Makefile b/net/sched/Makefile
index dd14ef413..b7dbac5c5 100644
--- a/net/sched/Makefile
+++ b/net/sched/Makefile
@@ -70,7 +70,6 @@ obj-$(CONFIG_NET_CLS_U32) += cls_u32.o
obj-$(CONFIG_NET_CLS_ROUTE4) += cls_route.o
obj-$(CONFIG_NET_CLS_FW) += cls_fw.o
obj-$(CONFIG_NET_CLS_RSVP) += cls_rsvp.o
-obj-$(CONFIG_NET_CLS_TCINDEX) += cls_tcindex.o
obj-$(CONFIG_NET_CLS_RSVP6) += cls_rsvp6.o
obj-$(CONFIG_NET_CLS_BASIC) += cls_basic.o
obj-$(CONFIG_NET_CLS_FLOW) += cls_flow.o
diff --git a/net/sched/cls_tcindex.c b/net/sched/cls_tcindex.c
deleted file mode 100644
index a021ba685..000000000
--- a/net/sched/cls_tcindex.c
+++ /dev/null
@@ -1,763 +0,0 @@
-/*
- * net/sched/cls_tcindex.c Packet classifier for skb->tc_index
- *
- * Written 1998,1999 by Werner Almesberger, EPFL ICA
- */
-
-#include <linux/module.h>
-#include <linux/types.h>
-#include <linux/kernel.h>
-#include <linux/skbuff.h>
-#include <linux/errno.h>
-#include <linux/slab.h>
-#include <linux/refcount.h>
-#include <linux/rcupdate.h>
-#include <net/act_api.h>
-#include <net/netlink.h>
-#include <net/pkt_cls.h>
-#include <net/sch_generic.h>
-
-/*
- * Passing parameters to the root seems to be done more awkwardly than really
- * necessary. At least, u32 doesn't seem to use such dirty hacks. To be
- * verified. FIXME.
- */
-
-#define PERFECT_HASH_THRESHOLD 64 /* use perfect hash if not bigger */
-#define DEFAULT_HASH_SIZE 64 /* optimized for diffserv */
-
-
-struct tcindex_data;
-
-struct tcindex_filter_result {
- struct tcf_exts exts;
- struct tcf_result res;
- struct tcindex_data *p;
- struct rcu_work rwork;
-};
-
-struct tcindex_filter {
- u16 key;
- struct tcindex_filter_result result;
- struct tcindex_filter __rcu *next;
- struct rcu_work rwork;
-};
-
-
-struct tcindex_data {
- struct tcindex_filter_result *perfect; /* perfect hash; NULL if none */
- struct tcindex_filter __rcu **h; /* imperfect hash; */
- struct tcf_proto *tp;
- u16 mask; /* AND key with mask */
- u32 shift; /* shift ANDed key to the right */
- u32 hash; /* hash table size; 0 if undefined */
- u32 alloc_hash; /* allocated size */
- u32 fall_through; /* 0: only classify if explicit match */
- refcount_t refcnt; /* a temporary refcnt for perfect hash */
- struct rcu_work rwork;
-};
-
-static inline int tcindex_filter_is_set(struct tcindex_filter_result *r)
-{
- return tcf_exts_has_actions(&r->exts) || r->res.classid;
-}
-
-static void tcindex_data_get(struct tcindex_data *p)
-{
- refcount_inc(&p->refcnt);
-}
-
-static void tcindex_data_put(struct tcindex_data *p)
-{
- if (refcount_dec_and_test(&p->refcnt)) {
- kfree(p->perfect);
- kfree(p->h);
- kfree(p);
- }
-}
-
-static struct tcindex_filter_result *tcindex_lookup(struct tcindex_data *p,
- u16 key)
-{
- if (p->perfect) {
- struct tcindex_filter_result *f = p->perfect + key;
-
- return tcindex_filter_is_set(f) ? f : NULL;
- } else if (p->h) {
- struct tcindex_filter __rcu **fp;
- struct tcindex_filter *f;
-
- fp = &p->h[key % p->hash];
- for (f = rcu_dereference_bh_rtnl(*fp);
- f;
- fp = &f->next, f = rcu_dereference_bh_rtnl(*fp))
- if (f->key == key)
- return &f->result;
- }
-
- return NULL;
-}
-
-
-static int tcindex_classify(struct sk_buff *skb, const struct tcf_proto *tp,
- struct tcf_result *res)
-{
- struct tcindex_data *p = rcu_dereference_bh(tp->root);
- struct tcindex_filter_result *f;
- int key = (skb->tc_index & p->mask) >> p->shift;
-
- pr_debug("tcindex_classify(skb %p,tp %p,res %p),p %p\n",
- skb, tp, res, p);
-
- f = tcindex_lookup(p, key);
- if (!f) {
- struct Qdisc *q = tcf_block_q(tp->chain->block);
-
- if (!p->fall_through)
- return -1;
- res->classid = TC_H_MAKE(TC_H_MAJ(q->handle), key);
- res->class = 0;
- pr_debug("alg 0x%x\n", res->classid);
- return 0;
- }
- *res = f->res;
- pr_debug("map 0x%x\n", res->classid);
-
- return tcf_exts_exec(skb, &f->exts, res);
-}
-
-
-static void *tcindex_get(struct tcf_proto *tp, u32 handle)
-{
- struct tcindex_data *p = rtnl_dereference(tp->root);
- struct tcindex_filter_result *r;
-
- pr_debug("tcindex_get(tp %p,handle 0x%08x)\n", tp, handle);
- if (p->perfect && handle >= p->alloc_hash)
- return NULL;
- r = tcindex_lookup(p, handle);
- return r && tcindex_filter_is_set(r) ? r : NULL;
-}
-
-static int tcindex_init(struct tcf_proto *tp)
-{
- struct tcindex_data *p;
-
- pr_debug("tcindex_init(tp %p)\n", tp);
- p = kzalloc(sizeof(struct tcindex_data), GFP_KERNEL);
- if (!p)
- return -ENOMEM;
-
- p->mask = 0xffff;
- p->hash = DEFAULT_HASH_SIZE;
- p->fall_through = 1;
- refcount_set(&p->refcnt, 1); /* Paired with tcindex_destroy_work() */
-
- rcu_assign_pointer(tp->root, p);
- return 0;
-}
-
-static void __tcindex_destroy_rexts(struct tcindex_filter_result *r)
-{
- tcf_exts_destroy(&r->exts);
- tcf_exts_put_net(&r->exts);
- tcindex_data_put(r->p);
-}
-
-static void tcindex_destroy_rexts_work(struct work_struct *work)
-{
- struct tcindex_filter_result *r;
-
- r = container_of(to_rcu_work(work),
- struct tcindex_filter_result,
- rwork);
- rtnl_lock();
- __tcindex_destroy_rexts(r);
- rtnl_unlock();
-}
-
-static void __tcindex_destroy_fexts(struct tcindex_filter *f)
-{
- tcf_exts_destroy(&f->result.exts);
- tcf_exts_put_net(&f->result.exts);
- kfree(f);
-}
-
-static void tcindex_destroy_fexts_work(struct work_struct *work)
-{
- struct tcindex_filter *f = container_of(to_rcu_work(work),
- struct tcindex_filter,
- rwork);
-
- rtnl_lock();
- __tcindex_destroy_fexts(f);
- rtnl_unlock();
-}
-
-static int tcindex_delete(struct tcf_proto *tp, void *arg, bool *last,
- bool rtnl_held, struct netlink_ext_ack *extack)
-{
- struct tcindex_data *p = rtnl_dereference(tp->root);
- struct tcindex_filter_result *r = arg;
- struct tcindex_filter __rcu **walk;
- struct tcindex_filter *f = NULL;
-
- pr_debug("tcindex_delete(tp %p,arg %p),p %p\n", tp, arg, p);
- if (p->perfect) {
- if (!r->res.class)
- return -ENOENT;
- } else {
- int i;
-
- for (i = 0; i < p->hash; i++) {
- walk = p->h + i;
- for (f = rtnl_dereference(*walk); f;
- walk = &f->next, f = rtnl_dereference(*walk)) {
- if (&f->result == r)
- goto found;
- }
- }
- return -ENOENT;
-
-found:
- rcu_assign_pointer(*walk, rtnl_dereference(f->next));
- }
- tcf_unbind_filter(tp, &r->res);
- /* all classifiers are required to call tcf_exts_destroy() after rcu
- * grace period, since converted-to-rcu actions are relying on that
- * in cleanup() callback
- */
- if (f) {
- if (tcf_exts_get_net(&f->result.exts))
- tcf_queue_work(&f->rwork, tcindex_destroy_fexts_work);
- else
- __tcindex_destroy_fexts(f);
- } else {
- tcindex_data_get(p);
-
- if (tcf_exts_get_net(&r->exts))
- tcf_queue_work(&r->rwork, tcindex_destroy_rexts_work);
- else
- __tcindex_destroy_rexts(r);
- }
-
- *last = false;
- return 0;
-}
-
-static void tcindex_destroy_work(struct work_struct *work)
-{
- struct tcindex_data *p = container_of(to_rcu_work(work),
- struct tcindex_data,
- rwork);
-
- tcindex_data_put(p);
-}
-
-static inline int
-valid_perfect_hash(struct tcindex_data *p)
-{
- return p->hash > (p->mask >> p->shift);
-}
-
-static const struct nla_policy tcindex_policy[TCA_TCINDEX_MAX + 1] = {
- [TCA_TCINDEX_HASH] = { .type = NLA_U32 },
- [TCA_TCINDEX_MASK] = { .type = NLA_U16 },
- [TCA_TCINDEX_SHIFT] = { .type = NLA_U32 },
- [TCA_TCINDEX_FALL_THROUGH] = { .type = NLA_U32 },
- [TCA_TCINDEX_CLASSID] = { .type = NLA_U32 },
-};
-
-static int tcindex_filter_result_init(struct tcindex_filter_result *r,
- struct tcindex_data *p,
- struct net *net)
-{
- memset(r, 0, sizeof(*r));
- r->p = p;
- return tcf_exts_init(&r->exts, net, TCA_TCINDEX_ACT,
- TCA_TCINDEX_POLICE);
-}
-
-static void tcindex_free_perfect_hash(struct tcindex_data *cp);
-
-static void tcindex_partial_destroy_work(struct work_struct *work)
-{
- struct tcindex_data *p = container_of(to_rcu_work(work),
- struct tcindex_data,
- rwork);
-
- rtnl_lock();
- if (p->perfect)
- tcindex_free_perfect_hash(p);
- kfree(p);
- rtnl_unlock();
-}
-
-static void tcindex_free_perfect_hash(struct tcindex_data *cp)
-{
- int i;
-
- for (i = 0; i < cp->hash; i++)
- tcf_exts_destroy(&cp->perfect[i].exts);
- kfree(cp->perfect);
-}
-
-static int tcindex_alloc_perfect_hash(struct net *net, struct tcindex_data *cp)
-{
- int i, err = 0;
-
- cp->perfect = kcalloc(cp->hash, sizeof(struct tcindex_filter_result),
- GFP_KERNEL | __GFP_NOWARN);
- if (!cp->perfect)
- return -ENOMEM;
-
- for (i = 0; i < cp->hash; i++) {
- err = tcf_exts_init(&cp->perfect[i].exts, net,
- TCA_TCINDEX_ACT, TCA_TCINDEX_POLICE);
- if (err < 0)
- goto errout;
- cp->perfect[i].p = cp;
- }
-
- return 0;
-
-errout:
- tcindex_free_perfect_hash(cp);
- return err;
-}
-
-static int
-tcindex_set_parms(struct net *net, struct tcf_proto *tp, unsigned long base,
- u32 handle, struct tcindex_data *p,
- struct tcindex_filter_result *r, struct nlattr **tb,
- struct nlattr *est, u32 flags, struct netlink_ext_ack *extack)
-{
- struct tcindex_filter_result new_filter_result, *old_r = r;
- struct tcindex_data *cp = NULL, *oldp;
- struct tcindex_filter *f = NULL; /* make gcc behave */
- struct tcf_result cr = {};
- int err, balloc = 0;
- struct tcf_exts e;
- bool update_h = false;
-
- err = tcf_exts_init(&e, net, TCA_TCINDEX_ACT, TCA_TCINDEX_POLICE);
- if (err < 0)
- return err;
- err = tcf_exts_validate(net, tp, tb, est, &e, flags, extack);
- if (err < 0)
- goto errout;
-
- err = -ENOMEM;
- /* tcindex_data attributes must look atomic to classifier/lookup so
- * allocate new tcindex data and RCU assign it onto root. Keeping
- * perfect hash and hash pointers from old data.
- */
- cp = kzalloc(sizeof(*cp), GFP_KERNEL);
- if (!cp)
- goto errout;
-
- cp->mask = p->mask;
- cp->shift = p->shift;
- cp->hash = p->hash;
- cp->alloc_hash = p->alloc_hash;
- cp->fall_through = p->fall_through;
- cp->tp = tp;
- refcount_set(&cp->refcnt, 1); /* Paired with tcindex_destroy_work() */
-
- if (tb[TCA_TCINDEX_HASH])
- cp->hash = nla_get_u32(tb[TCA_TCINDEX_HASH]);
-
- if (tb[TCA_TCINDEX_MASK])
- cp->mask = nla_get_u16(tb[TCA_TCINDEX_MASK]);
-
- if (tb[TCA_TCINDEX_SHIFT]) {
- cp->shift = nla_get_u32(tb[TCA_TCINDEX_SHIFT]);
- if (cp->shift > 16) {
- err = -EINVAL;
- goto errout;
- }
- }
- if (!cp->hash) {
- /* Hash not specified, use perfect hash if the upper limit
- * of the hashing index is below the threshold.
- */
- if ((cp->mask >> cp->shift) < PERFECT_HASH_THRESHOLD)
- cp->hash = (cp->mask >> cp->shift) + 1;
- else
- cp->hash = DEFAULT_HASH_SIZE;
- }
-
- if (p->perfect) {
- int i;
-
- if (tcindex_alloc_perfect_hash(net, cp) < 0)
- goto errout;
- cp->alloc_hash = cp->hash;
- for (i = 0; i < min(cp->hash, p->hash); i++)
- cp->perfect[i].res = p->perfect[i].res;
- balloc = 1;
- }
- cp->h = p->h;
-
- err = tcindex_filter_result_init(&new_filter_result, cp, net);
- if (err < 0)
- goto errout_alloc;
- if (old_r)
- cr = r->res;
-
- err = -EBUSY;
-
- /* Hash already allocated, make sure that we still meet the
- * requirements for the allocated hash.
- */
- if (cp->perfect) {
- if (!valid_perfect_hash(cp) ||
- cp->hash > cp->alloc_hash)
- goto errout_alloc;
- } else if (cp->h && cp->hash != cp->alloc_hash) {
- goto errout_alloc;
- }
-
- err = -EINVAL;
- if (tb[TCA_TCINDEX_FALL_THROUGH])
- cp->fall_through = nla_get_u32(tb[TCA_TCINDEX_FALL_THROUGH]);
-
- if (!cp->perfect && !cp->h)
- cp->alloc_hash = cp->hash;
-
- /* Note: this could be as restrictive as if (handle & ~(mask >> shift))
- * but then, we'd fail handles that may become valid after some future
- * mask change. While this is extremely unlikely to ever matter,
- * the check below is safer (and also more backwards-compatible).
- */
- if (cp->perfect || valid_perfect_hash(cp))
- if (handle >= cp->alloc_hash)
- goto errout_alloc;
-
-
- err = -ENOMEM;
- if (!cp->perfect && !cp->h) {
- if (valid_perfect_hash(cp)) {
- if (tcindex_alloc_perfect_hash(net, cp) < 0)
- goto errout_alloc;
- balloc = 1;
- } else {
- struct tcindex_filter __rcu **hash;
-
- hash = kcalloc(cp->hash,
- sizeof(struct tcindex_filter *),
- GFP_KERNEL);
-
- if (!hash)
- goto errout_alloc;
-
- cp->h = hash;
- balloc = 2;
- }
- }
-
- if (cp->perfect) {
- r = cp->perfect + handle;
- } else {
- /* imperfect area is updated in-place using rcu */
- update_h = !!tcindex_lookup(cp, handle);
- r = &new_filter_result;
- }
-
- if (r == &new_filter_result) {
- f = kzalloc(sizeof(*f), GFP_KERNEL);
- if (!f)
- goto errout_alloc;
- f->key = handle;
- f->next = NULL;
- err = tcindex_filter_result_init(&f->result, cp, net);
- if (err < 0) {
- kfree(f);
- goto errout_alloc;
- }
- }
-
- if (tb[TCA_TCINDEX_CLASSID]) {
- cr.classid = nla_get_u32(tb[TCA_TCINDEX_CLASSID]);
- tcf_bind_filter(tp, &cr, base);
- }
-
- if (old_r && old_r != r) {
- err = tcindex_filter_result_init(old_r, cp, net);
- if (err < 0) {
- kfree(f);
- goto errout_alloc;
- }
- }
-
- oldp = p;
- r->res = cr;
- tcf_exts_change(&r->exts, &e);
-
- rcu_assign_pointer(tp->root, cp);
-
- if (update_h) {
- struct tcindex_filter __rcu **fp;
- struct tcindex_filter *cf;
-
- f->result.res = r->res;
- tcf_exts_change(&f->result.exts, &r->exts);
-
- /* imperfect area bucket */
- fp = cp->h + (handle % cp->hash);
-
- /* lookup the filter, guaranteed to exist */
- for (cf = rcu_dereference_bh_rtnl(*fp); cf;
- fp = &cf->next, cf = rcu_dereference_bh_rtnl(*fp))
- if (cf->key == (u16)handle)
- break;
-
- f->next = cf->next;
-
- cf = rcu_replace_pointer(*fp, f, 1);
- tcf_exts_get_net(&cf->result.exts);
- tcf_queue_work(&cf->rwork, tcindex_destroy_fexts_work);
- } else if (r == &new_filter_result) {
- struct tcindex_filter *nfp;
- struct tcindex_filter __rcu **fp;
-
- f->result.res = r->res;
- tcf_exts_change(&f->result.exts, &r->exts);
-
- fp = cp->h + (handle % cp->hash);
- for (nfp = rtnl_dereference(*fp);
- nfp;
- fp = &nfp->next, nfp = rtnl_dereference(*fp))
- ; /* nothing */
-
- rcu_assign_pointer(*fp, f);
- } else {
- tcf_exts_destroy(&new_filter_result.exts);
- }
-
- if (oldp)
- tcf_queue_work(&oldp->rwork, tcindex_partial_destroy_work);
- return 0;
-
-errout_alloc:
- if (balloc == 1)
- tcindex_free_perfect_hash(cp);
- else if (balloc == 2)
- kfree(cp->h);
- tcf_exts_destroy(&new_filter_result.exts);
-errout:
- kfree(cp);
- tcf_exts_destroy(&e);
- return err;
-}
-
-static int
-tcindex_change(struct net *net, struct sk_buff *in_skb,
- struct tcf_proto *tp, unsigned long base, u32 handle,
- struct nlattr **tca, void **arg, u32 flags,
- struct netlink_ext_ack *extack)
-{
- struct nlattr *opt = tca[TCA_OPTIONS];
- struct nlattr *tb[TCA_TCINDEX_MAX + 1];
- struct tcindex_data *p = rtnl_dereference(tp->root);
- struct tcindex_filter_result *r = *arg;
- int err;
-
- pr_debug("tcindex_change(tp %p,handle 0x%08x,tca %p,arg %p),opt %p,"
- "p %p,r %p,*arg %p\n",
- tp, handle, tca, arg, opt, p, r, *arg);
-
- if (!opt)
- return 0;
-
- err = nla_parse_nested_deprecated(tb, TCA_TCINDEX_MAX, opt,
- tcindex_policy, NULL);
- if (err < 0)
- return err;
-
- return tcindex_set_parms(net, tp, base, handle, p, r, tb,
- tca[TCA_RATE], flags, extack);
-}
-
-static void tcindex_walk(struct tcf_proto *tp, struct tcf_walker *walker,
- bool rtnl_held)
-{
- struct tcindex_data *p = rtnl_dereference(tp->root);
- struct tcindex_filter *f, *next;
- int i;
-
- pr_debug("tcindex_walk(tp %p,walker %p),p %p\n", tp, walker, p);
- if (p->perfect) {
- for (i = 0; i < p->hash; i++) {
- if (!p->perfect[i].res.class)
- continue;
- if (walker->count >= walker->skip) {
- if (walker->fn(tp, p->perfect + i, walker) < 0) {
- walker->stop = 1;
- return;
- }
- }
- walker->count++;
- }
- }
- if (!p->h)
- return;
- for (i = 0; i < p->hash; i++) {
- for (f = rtnl_dereference(p->h[i]); f; f = next) {
- next = rtnl_dereference(f->next);
- if (walker->count >= walker->skip) {
- if (walker->fn(tp, &f->result, walker) < 0) {
- walker->stop = 1;
- return;
- }
- }
- walker->count++;
- }
- }
-}
-
-static void tcindex_destroy(struct tcf_proto *tp, bool rtnl_held,
- struct netlink_ext_ack *extack)
-{
- struct tcindex_data *p = rtnl_dereference(tp->root);
- int i;
-
- pr_debug("tcindex_destroy(tp %p),p %p\n", tp, p);
-
- if (p->perfect) {
- for (i = 0; i < p->hash; i++) {
- struct tcindex_filter_result *r = p->perfect + i;
-
- /* tcf_queue_work() does not guarantee the ordering we
- * want, so we have to take this refcnt temporarily to
- * ensure 'p' is freed after all tcindex_filter_result
- * here. Imperfect hash does not need this, because it
- * uses linked lists rather than an array.
- */
- tcindex_data_get(p);
-
- tcf_unbind_filter(tp, &r->res);
- if (tcf_exts_get_net(&r->exts))
- tcf_queue_work(&r->rwork,
- tcindex_destroy_rexts_work);
- else
- __tcindex_destroy_rexts(r);
- }
- }
-
- for (i = 0; p->h && i < p->hash; i++) {
- struct tcindex_filter *f, *next;
- bool last;
-
- for (f = rtnl_dereference(p->h[i]); f; f = next) {
- next = rtnl_dereference(f->next);
- tcindex_delete(tp, &f->result, &last, rtnl_held, NULL);
- }
- }
-
- tcf_queue_work(&p->rwork, tcindex_destroy_work);
-}
-
-
-static int tcindex_dump(struct net *net, struct tcf_proto *tp, void *fh,
- struct sk_buff *skb, struct tcmsg *t, bool rtnl_held)
-{
- struct tcindex_data *p = rtnl_dereference(tp->root);
- struct tcindex_filter_result *r = fh;
- struct nlattr *nest;
-
- pr_debug("tcindex_dump(tp %p,fh %p,skb %p,t %p),p %p,r %p\n",
- tp, fh, skb, t, p, r);
- pr_debug("p->perfect %p p->h %p\n", p->perfect, p->h);
-
- nest = nla_nest_start_noflag(skb, TCA_OPTIONS);
- if (nest == NULL)
- goto nla_put_failure;
-
- if (!fh) {
- t->tcm_handle = ~0; /* whatever ... */
- if (nla_put_u32(skb, TCA_TCINDEX_HASH, p->hash) ||
- nla_put_u16(skb, TCA_TCINDEX_MASK, p->mask) ||
- nla_put_u32(skb, TCA_TCINDEX_SHIFT, p->shift) ||
- nla_put_u32(skb, TCA_TCINDEX_FALL_THROUGH, p->fall_through))
- goto nla_put_failure;
- nla_nest_end(skb, nest);
- } else {
- if (p->perfect) {
- t->tcm_handle = r - p->perfect;
- } else {
- struct tcindex_filter *f;
- struct tcindex_filter __rcu **fp;
- int i;
-
- t->tcm_handle = 0;
- for (i = 0; !t->tcm_handle && i < p->hash; i++) {
- fp = &p->h[i];
- for (f = rtnl_dereference(*fp);
- !t->tcm_handle && f;
- fp = &f->next, f = rtnl_dereference(*fp)) {
- if (&f->result == r)
- t->tcm_handle = f->key;
- }
- }
- }
- pr_debug("handle = %d\n", t->tcm_handle);
- if (r->res.class &&
- nla_put_u32(skb, TCA_TCINDEX_CLASSID, r->res.classid))
- goto nla_put_failure;
-
- if (tcf_exts_dump(skb, &r->exts) < 0)
- goto nla_put_failure;
- nla_nest_end(skb, nest);
-
- if (tcf_exts_dump_stats(skb, &r->exts) < 0)
- goto nla_put_failure;
- }
-
- return skb->len;
-
-nla_put_failure:
- nla_nest_cancel(skb, nest);
- return -1;
-}
-
-static void tcindex_bind_class(void *fh, u32 classid, unsigned long cl,
- void *q, unsigned long base)
-{
- struct tcindex_filter_result *r = fh;
-
- if (r && r->res.classid == classid) {
- if (cl)
- __tcf_bind_filter(q, &r->res, base);
- else
- __tcf_unbind_filter(q, &r->res);
- }
-}
-
-static struct tcf_proto_ops cls_tcindex_ops __read_mostly = {
- .kind = "tcindex",
- .classify = tcindex_classify,
- .init = tcindex_init,
- .destroy = tcindex_destroy,
- .get = tcindex_get,
- .change = tcindex_change,
- .delete = tcindex_delete,
- .walk = tcindex_walk,
- .dump = tcindex_dump,
- .bind_class = tcindex_bind_class,
- .owner = THIS_MODULE,
-};
-
-static int __init init_tcindex(void)
-{
- return register_tcf_proto_ops(&cls_tcindex_ops);
-}
-
-static void __exit exit_tcindex(void)
-{
- unregister_tcf_proto_ops(&cls_tcindex_ops);
-}
-
-module_init(init_tcindex)
-module_exit(exit_tcindex)
-MODULE_LICENSE("GPL");
--
2.31.1

119
SOURCES/1006-xfs-verify-buffer-contents-when-we-skip-log-replay.patch
View File

@ -1,119 +0,0 @@
From 124abc5a2d892bffaa2830d3d596f087555f0fd3 Mon Sep 17 00:00:00 2001
From: "Darrick J. Wong" <djwong@kernel.org>
Date: Tue, 8 Aug 2023 12:41:24 +0000
Subject: [PATCH 5/7] xfs: verify buffer contents when we skip log replay
commit 22ed903eee23a5b174e240f1cdfa9acf393a5210 upstream
Author: Darrick J. Wong <djwong@kernel.org>
Date: Wed Apr 12 15:49:23 2023 +1000
xfs: verify buffer contents when we skip log replay
syzbot detected a crash during log recovery:
XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
XFS (loop0): Torn write (CRC failure) detected at log block 0x180. Truncating head block from 0x200.
XFS (loop0): Starting recovery (logdev: internal)
==================================================================
BUG: KASAN: slab-out-of-bounds in xfs_btree_lookup_get_block+0x15c/0x6d0 fs/xfs/libxfs/xfs_btree.c:1813
Read of size 8 at addr ffff88807e89f258 by task syz-executor132/5074
CPU: 0 PID: 5074 Comm: syz-executor132 Not tainted 6.2.0-rc1-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
Call Trace:
<TASK>
__dump_stack lib/dump_stack.c:88 [inline]
dump_stack_lvl+0x1b1/0x290 lib/dump_stack.c:106
print_address_description+0x74/0x340 mm/kasan/report.c:306
print_report+0x107/0x1f0 mm/kasan/report.c:417
kasan_report+0xcd/0x100 mm/kasan/report.c:517
xfs_btree_lookup_get_block+0x15c/0x6d0 fs/xfs/libxfs/xfs_btree.c:1813
xfs_btree_lookup+0x346/0x12c0 fs/xfs/libxfs/xfs_btree.c:1913
xfs_btree_simple_query_range+0xde/0x6a0 fs/xfs/libxfs/xfs_btree.c:4713
xfs_btree_query_range+0x2db/0x380 fs/xfs/libxfs/xfs_btree.c:4953
xfs_refcount_recover_cow_leftovers+0x2d1/0xa60 fs/xfs/libxfs/xfs_refcount.c:1946
xfs_reflink_recover_cow+0xab/0x1b0 fs/xfs/xfs_reflink.c:930
xlog_recover_finish+0x824/0x920 fs/xfs/xfs_log_recover.c:3493
xfs_log_mount_finish+0x1ec/0x3d0 fs/xfs/xfs_log.c:829
xfs_mountfs+0x146a/0x1ef0 fs/xfs/xfs_mount.c:933
xfs_fs_fill_super+0xf95/0x11f0 fs/xfs/xfs_super.c:1666
get_tree_bdev+0x400/0x620 fs/super.c:1282
vfs_get_tree+0x88/0x270 fs/super.c:1489
do_new_mount+0x289/0xad0 fs/namespace.c:3145
do_mount fs/namespace.c:3488 [inline]
__do_sys_mount fs/namespace.c:3697 [inline]
__se_sys_mount+0x2d3/0x3c0 fs/namespace.c:3674
do_syscall_x64 arch/x86/entry/common.c:50 [inline]
do_syscall_64+0x3d/0xb0 arch/x86/entry/common.c:80
entry_SYSCALL_64_after_hwframe+0x63/0xcd
RIP: 0033:0x7f89fa3f4aca
Code: 83 c4 08 5b 5d c3 66 2e 0f 1f 84 00 00 00 00 00 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007fffd5fb5ef8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
RAX: ffffffffffffffda RBX: 00646975756f6e2c RCX: 00007f89fa3f4aca
RDX: 0000000020000100 RSI: 0000000020009640 RDI: 00007fffd5fb5f10
RBP: 00007fffd5fb5f10 R08: 00007fffd5fb5f50 R09: 000000000000970d
R10: 0000000000200800 R11: 0000000000000206 R12: 0000000000000004
R13: 0000555556c6b2c0 R14: 0000000000200800 R15: 00007fffd5fb5f50
</TASK>
The fuzzed image contains an AGF with an obviously garbage
agf_refcount_level value of 32, and a dirty log with a buffer log item
for that AGF. The ondisk AGF has a higher LSN than the recovered log
item. xlog_recover_buf_commit_pass2 reads the buffer, compares the
LSNs, and decides to skip replay because the ondisk buffer appears to be
newer.
Unfortunately, the ondisk buffer is corrupt, but recovery just read the
buffer with no buffer ops specified:
error = xfs_buf_read(mp->m_ddev_targp, buf_f->blf_blkno,
buf_f->blf_len, buf_flags, &bp, NULL);
Skipping the buffer leaves its contents in memory unverified. This sets
us up for a kernel crash because xfs_refcount_recover_cow_leftovers
reads the buffer (which is still around in XBF_DONE state, so no read
verification) and creates a refcountbt cursor of height 32. This is
impossible so we run off the end of the cursor object and crash.
Fix this by invoking the verifier on all skipped buffers and aborting
log recovery if the ondisk buffer is corrupt. It might be smarter to
force replay the log item atop the buffer and then see if it'll pass the
write verifier (like ext4 does) but for now let's go with the
conservative option where we stop immediately.
Link: https://syzkaller.appspot.com/bug?extid=7e9494b8b399902e994e
Signed-off-by: Darrick J. Wong <djwong@kernel.org>
Reviewed-by: Dave Chinner <dchinner@redhat.com>
Signed-off-by: Dave Chinner <david@fromorbit.com>
CVE: CVE-2023-2124
Signed-off-by: Nagappan Ramasamy Palaniappan <nagappan.ramasamy.palaniappan@oracle.com>
Reviewed-by: Laurence Rochfort <laurence.rochfort@oracle.com>
---
fs/xfs/xfs_buf_item_recover.c | 10 ++++++++++
1 file changed, 10 insertions(+)
diff --git a/fs/xfs/xfs_buf_item_recover.c b/fs/xfs/xfs_buf_item_recover.c
index aa4d45701..e8eeaf005 100644
--- a/fs/xfs/xfs_buf_item_recover.c
+++ b/fs/xfs/xfs_buf_item_recover.c
@@ -934,6 +934,16 @@ xlog_recover_buf_commit_pass2(
if (lsn && lsn != -1 && XFS_LSN_CMP(lsn, current_lsn) >= 0) {
trace_xfs_log_recover_buf_skip(log, buf_f);
xlog_recover_validate_buf_type(mp, bp, buf_f, NULLCOMMITLSN);
+
+ /*
+ * We're skipping replay of this buffer log item due to the log
+ * item LSN being behind the ondisk buffer. Verify the buffer
+ * contents since we aren't going to run the write verifier.
+ */
+ if (bp->b_ops) {
+ bp->b_ops->verify_read(bp);
+ error = bp->b_error;
+ }
goto out_release;
}
--
2.31.1

48
SOURCES/1007-i2c-xgene-slimpro-Fix-out-of-bounds-bug-in-xgene_sli.patch
View File

@ -1,48 +0,0 @@
From 24bbece0ab10a61da0356b7d56a07b0055ee143d Mon Sep 17 00:00:00 2001
From: Wei Chen <harperchen1110@gmail.com>
Date: Tue, 8 Aug 2023 12:46:05 +0000
Subject: [PATCH 6/7] i2c: xgene-slimpro: Fix out-of-bounds bug in
xgene_slimpro_i2c_xfer()
commit 92fbb6d1296f81f41f65effd7f5f8c0f74943d15 upstream
Author: Wei Chen <harperchen1110@gmail.com>
Date: Tue Mar 14 16:54:21 2023 +0000
i2c: xgene-slimpro: Fix out-of-bounds bug in xgene_slimpro_i2c_xfer()
The data->block[0] variable comes from user and is a number between
0-255. Without proper check, the variable may be very large to cause
an out-of-bounds when performing memcpy in slimpro_i2c_blkwr.
Fix this bug by checking the value of writelen.
Fixes: f6505fbabc42 ("i2c: add SLIMpro I2C device driver on APM X-Gene platform")
Signed-off-by: Wei Chen <harperchen1110@gmail.com>
Cc: stable@vger.kernel.org
Reviewed-by: Andi Shyti <andi.shyti@kernel.org>
Signed-off-by: Wolfram Sang <wsa@kernel.org>
CVE: CVE-2023-2194
Signed-off-by: Nagappan Ramasamy Palaniappan <nagappan.ramasamy.palaniappan@oracle.com>
Reviewed-by: Laurence Rochfort <laurence.rochfort@oracle.com>
---
drivers/i2c/busses/i2c-xgene-slimpro.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/drivers/i2c/busses/i2c-xgene-slimpro.c b/drivers/i2c/busses/i2c-xgene-slimpro.c
index f694b3c31..985ba3a3a 100644
--- a/drivers/i2c/busses/i2c-xgene-slimpro.c
+++ b/drivers/i2c/busses/i2c-xgene-slimpro.c
@@ -322,6 +322,9 @@ static int slimpro_i2c_blkwr(struct slimpro_i2c_dev *ctx, u32 chip,
u32 msg[3];
int rc;
+ if (writelen > I2C_SMBUS_BLOCK_MAX)
+ return -EINVAL;
+
memcpy(ctx->dma_buffer, data, writelen);
paddr = dma_map_single(ctx->dev, ctx->dma_buffer, writelen,
DMA_TO_DEVICE);
--
2.31.1

45
SOURCES/1008-perf-Fix-check-before-add_event_to_groups-in-perf_gr.patch
View File

@ -1,45 +0,0 @@
From 7dcc341e1a59f07dcd6ac591ecd90b41dcd28611 Mon Sep 17 00:00:00 2001
From: Budimir Markovic <markovicbudimir@gmail.com>
Date: Tue, 8 Aug 2023 12:48:54 +0000
Subject: [PATCH 7/7] perf: Fix check before add_event_to_groups() in
perf_group_detach()
commit fd0815f632c24878e325821943edccc7fde947a2 upstream
Author: Budimir Markovic <markovicbudimir@gmail.com>
Date: Wed Mar 15 00:29:01 2023 -0700
Events should only be added to a groups rb tree if they have not been
removed from their context by list_del_event(). Since remove_on_exec
made it possible to call list_del_event() on individual events before
they are detached from their group, perf_group_detach() should check each
sibling's attach_state before calling add_event_to_groups() on it.
Fixes: 2e498d0a74e5 ("perf: Add support for event removal on exec")
Signed-off-by: Budimir Markovic <markovicbudimir@gmail.com>
Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Link: https://lkml.kernel.org/r/ZBFzvQV9tEqoHEtH@gentoo
CVE: CVE-2023-2235
Signed-off-by: Nagappan Ramasamy Palaniappan <nagappan.ramasamy.palaniappan@oracle.com>
Reviewed-by: Laurence Rochfort <laurence.rochfort@oracle.com>
---
kernel/events/core.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/kernel/events/core.c b/kernel/events/core.c
index d2adc3cbf..182494495 100644
--- a/kernel/events/core.c
+++ b/kernel/events/core.c
@@ -2210,7 +2210,7 @@ static void perf_group_detach(struct perf_event *event)
/* Inherit group flags from the previous leader */
sibling->group_caps = event->group_caps;
- if (!RB_EMPTY_NODE(&event->group_node)) {
+ if (sibling->attach_state & PERF_ATTACH_CONTEXT) {
add_event_to_groups(sibling, event->ctx);
if (sibling->state == PERF_EVENT_STATE_ACTIVE)
--
2.31.1

56
SOURCES/1009-bluetooth-Perform-careful-capability-checks-in-hci_s.patch
View File

@ -1,56 +0,0 @@
From 5bdcf7f9a8e44d61d724943167c381611b02a5ff Mon Sep 17 00:00:00 2001
From: Ruihan Li <lrh2000@pku.edu.cn>
Date: Sun, 16 Apr 2023 16:14:04 +0800
Subject: [PATCH 1/6] bluetooth: Perform careful capability checks in
hci_sock_ioctl()
Previously, capability was checked using capable(), which verified that the
caller of the ioctl system call had the required capability. In addition,
the result of the check would be stored in the HCI_SOCK_TRUSTED flag,
making it persistent for the socket.
However, malicious programs can abuse this approach by deliberately sharing
an HCI socket with a privileged task. The HCI socket will be marked as
trusted when the privileged task occasionally makes an ioctl call.
This problem can be solved by using sk_capable() to check capability, which
ensures that not only the current task but also the socket opener has the
specified capability, thus reducing the risk of privilege escalation
through the previously identified vulnerability.
Cc: stable@vger.kernel.org
Fixes: f81f5b2db869 ("Bluetooth: Send control open and close messages for HCI raw sockets")
Signed-off-by: Ruihan Li <lrh2000@pku.edu.cn>
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
(cherry picked from commit 25c150ac103a4ebeed0319994c742a90634ddf18)
CVE: CVE-2023-2002
Signed-off-by: Mridula Shastry <mridula.c.shastry@oracle.com>
Reviewed-by: Venkat Venkatsubra <venkat.x.venkatsubra@oracle.com>
---
net/bluetooth/hci_sock.c | 9 ++++++++-
1 file changed, 8 insertions(+), 1 deletion(-)
diff --git a/net/bluetooth/hci_sock.c b/net/bluetooth/hci_sock.c
index d7c9ead69554..3cb8a2879ebb 100644
--- a/net/bluetooth/hci_sock.c
+++ b/net/bluetooth/hci_sock.c
@@ -1000,7 +1000,14 @@ static int hci_sock_ioctl(struct socket *sock, unsigned int cmd,
if (hci_sock_gen_cookie(sk)) {
struct sk_buff *skb;
- if (capable(CAP_NET_ADMIN))
+ /* Perform careful checks before setting the HCI_SOCK_TRUSTED
+ * flag. Make sure that not only the current task but also
+ * the socket opener has the required capability, since
+ * privileged programs can be tricked into making ioctl calls
+ * on HCI sockets, and the socket should not be marked as
+ * trusted simply because the ioctl caller is privileged.
+ */
+ if (sk_capable(sk, CAP_NET_ADMIN))
hci_sock_set_flag(sk, HCI_SOCK_TRUSTED);
/* Send event to monitor */
--
2.39.3

172
SOURCES/1010-ipvlan-Fix-out-of-bounds-caused-by-unclear-skb-cb.patch
View File

@ -1,172 +0,0 @@
From e594c8e25c5f6a3432c324cf8df93d34578825bb Mon Sep 17 00:00:00 2001
From: "t.feng" <fengtao40@huawei.com>
Date: Wed, 10 May 2023 11:50:44 +0800
Subject: [PATCH 2/6] ipvlan:Fix out-of-bounds caused by unclear skb->cb
If skb enqueue the qdisc, fq_skb_cb(skb)->time_to_send is changed which
is actually skb->cb, and IPCB(skb_in)->opt will be used in
__ip_options_echo. It is possible that memcpy is out of bounds and lead
to stack overflow.
We should clear skb->cb before ip_local_out or ip6_local_out.
v2:
1. clean the stack info
2. use IPCB/IP6CB instead of skb->cb
crash on stable-5.10(reproduce in kasan kernel).
Stack info:
[ 2203.651571] BUG: KASAN: stack-out-of-bounds in
__ip_options_echo+0x589/0x800
[ 2203.653327] Write of size 4 at addr ffff88811a388f27 by task
swapper/3/0
[ 2203.655460] CPU: 3 PID: 0 Comm: swapper/3 Kdump: loaded Not tainted
5.10.0-60.18.0.50.h856.kasan.eulerosv2r11.x86_64 #1
[ 2203.655466] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996),
BIOS rel-1.10.2-0-g5f4c7b1-20181220_000000-szxrtosci10000 04/01/2014
[ 2203.655475] Call Trace:
[ 2203.655481] <IRQ>
[ 2203.655501] dump_stack+0x9c/0xd3
[ 2203.655514] print_address_description.constprop.0+0x19/0x170
[ 2203.655530] __kasan_report.cold+0x6c/0x84
[ 2203.655586] kasan_report+0x3a/0x50
[ 2203.655594] check_memory_region+0xfd/0x1f0
[ 2203.655601] memcpy+0x39/0x60
[ 2203.655608] __ip_options_echo+0x589/0x800
[ 2203.655654] __icmp_send+0x59a/0x960
[ 2203.655755] nf_send_unreach+0x129/0x3d0 [nf_reject_ipv4]
[ 2203.655763] reject_tg+0x77/0x1bf [ipt_REJECT]
[ 2203.655772] ipt_do_table+0x691/0xa40 [ip_tables]
[ 2203.655821] nf_hook_slow+0x69/0x100
[ 2203.655828] __ip_local_out+0x21e/0x2b0
[ 2203.655857] ip_local_out+0x28/0x90
[ 2203.655868] ipvlan_process_v4_outbound+0x21e/0x260 [ipvlan]
[ 2203.655931] ipvlan_xmit_mode_l3+0x3bd/0x400 [ipvlan]
[ 2203.655967] ipvlan_queue_xmit+0xb3/0x190 [ipvlan]
[ 2203.655977] ipvlan_start_xmit+0x2e/0xb0 [ipvlan]
[ 2203.655984] xmit_one.constprop.0+0xe1/0x280
[ 2203.655992] dev_hard_start_xmit+0x62/0x100
[ 2203.656000] sch_direct_xmit+0x215/0x640
[ 2203.656028] __qdisc_run+0x153/0x1f0
[ 2203.656069] __dev_queue_xmit+0x77f/0x1030
[ 2203.656173] ip_finish_output2+0x59b/0xc20
[ 2203.656244] __ip_finish_output.part.0+0x318/0x3d0
[ 2203.656312] ip_finish_output+0x168/0x190
[ 2203.656320] ip_output+0x12d/0x220
[ 2203.656357] __ip_queue_xmit+0x392/0x880
[ 2203.656380] __tcp_transmit_skb+0x1088/0x11c0
[ 2203.656436] __tcp_retransmit_skb+0x475/0xa30
[ 2203.656505] tcp_retransmit_skb+0x2d/0x190
[ 2203.656512] tcp_retransmit_timer+0x3af/0x9a0
[ 2203.656519] tcp_write_timer_handler+0x3ba/0x510
[ 2203.656529] tcp_write_timer+0x55/0x180
[ 2203.656542] call_timer_fn+0x3f/0x1d0
[ 2203.656555] expire_timers+0x160/0x200
[ 2203.656562] run_timer_softirq+0x1f4/0x480
[ 2203.656606] __do_softirq+0xfd/0x402
[ 2203.656613] asm_call_irq_on_stack+0x12/0x20
[ 2203.656617] </IRQ>
[ 2203.656623] do_softirq_own_stack+0x37/0x50
[ 2203.656631] irq_exit_rcu+0x134/0x1a0
[ 2203.656639] sysvec_apic_timer_interrupt+0x36/0x80
[ 2203.656646] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 2203.656654] RIP: 0010:default_idle+0x13/0x20
[ 2203.656663] Code: 89 f0 5d 41 5c 41 5d 41 5e c3 cc cc cc cc cc cc cc
cc cc cc cc cc cc 0f 1f 44 00 00 0f 1f 44 00 00 0f 00 2d 9f 32 57 00 fb
f4 <c3> cc cc cc cc 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 41 54 be 08
[ 2203.656668] RSP: 0018:ffff88810036fe78 EFLAGS: 00000256
[ 2203.656676] RAX: ffffffffaf2a87f0 RBX: ffff888100360000 RCX:
ffffffffaf290191
[ 2203.656681] RDX: 0000000000098b5e RSI: 0000000000000004 RDI:
ffff88811a3c4f60
[ 2203.656686] RBP: 0000000000000000 R08: 0000000000000001 R09:
ffff88811a3c4f63
[ 2203.656690] R10: ffffed10234789ec R11: 0000000000000001 R12:
0000000000000003
[ 2203.656695] R13: ffff888100360000 R14: 0000000000000000 R15:
0000000000000000
[ 2203.656729] default_idle_call+0x5a/0x150
[ 2203.656735] cpuidle_idle_call+0x1c6/0x220
[ 2203.656780] do_idle+0xab/0x100
[ 2203.656786] cpu_startup_entry+0x19/0x20
[ 2203.656793] secondary_startup_64_no_verify+0xc2/0xcb
[ 2203.657409] The buggy address belongs to the page:
[ 2203.658648] page:0000000027a9842f refcount:1 mapcount:0
mapping:0000000000000000 index:0x0 pfn:0x11a388
[ 2203.658665] flags:
0x17ffffc0001000(reserved|node=0|zone=2|lastcpupid=0x1fffff)
[ 2203.658675] raw: 0017ffffc0001000 ffffea000468e208 ffffea000468e208
0000000000000000
[ 2203.658682] raw: 0000000000000000 0000000000000000 00000001ffffffff
0000000000000000
[ 2203.658686] page dumped because: kasan: bad access detected
To reproduce(ipvlan with IPVLAN_MODE_L3):
Env setting:
=======================================================
modprobe ipvlan ipvlan_default_mode=1
sysctl net.ipv4.conf.eth0.forwarding=1
iptables -t nat -A POSTROUTING -s 20.0.0.0/255.255.255.0 -o eth0 -j
MASQUERADE
ip link add gw link eth0 type ipvlan
ip -4 addr add 20.0.0.254/24 dev gw
ip netns add net1
ip link add ipv1 link eth0 type ipvlan
ip link set ipv1 netns net1
ip netns exec net1 ip link set ipv1 up
ip netns exec net1 ip -4 addr add 20.0.0.4/24 dev ipv1
ip netns exec net1 route add default gw 20.0.0.254
ip netns exec net1 tc qdisc add dev ipv1 root netem loss 10%
ifconfig gw up
iptables -t filter -A OUTPUT -p tcp --dport 8888 -j REJECT --reject-with
icmp-port-unreachable
=======================================================
And then excute the shell(curl any address of eth0 can reach):
for((i=1;i<=100000;i++))
do
ip netns exec net1 curl x.x.x.x:8888
done
=======================================================
Fixes: 2ad7bf363841 ("ipvlan: Initial check-in of the IPVLAN driver.")
Signed-off-by: "t.feng" <fengtao40@huawei.com>
Suggested-by: Florian Westphal <fw@strlen.de>
Reviewed-by: Paolo Abeni <pabeni@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
(cherry picked from commit 90cbed5247439a966b645b34eb0a2e037836ea8e)
CVE: CVE-2023-3090
Signed-off-by: Mridula Shastry <mridula.c.shastry@oracle.com>
Reviewed-by: Venkat Venkatsubra <venkat.x.venkatsubra@oracle.com>
---
drivers/net/ipvlan/ipvlan_core.c | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/drivers/net/ipvlan/ipvlan_core.c b/drivers/net/ipvlan/ipvlan_core.c
index 62c73a8ed0c3..f1ffe1800754 100644
--- a/drivers/net/ipvlan/ipvlan_core.c
+++ b/drivers/net/ipvlan/ipvlan_core.c
@@ -443,6 +443,9 @@ static int ipvlan_process_v4_outbound(struct sk_buff *skb)
goto err;
}
skb_dst_set(skb, &rt->dst);
+
+ memset(IPCB(skb), 0, sizeof(*IPCB(skb)));
+
err = ip_local_out(net, skb->sk, skb);
if (unlikely(net_xmit_eval(err)))
dev->stats.tx_errors++;
@@ -481,6 +484,9 @@ static int ipvlan_process_v6_outbound(struct sk_buff *skb)
goto err;
}
skb_dst_set(skb, dst);
+
+ memset(IP6CB(skb), 0, sizeof(*IP6CB(skb)));
+
err = ip6_local_out(net, skb->sk, skb);
if (unlikely(net_xmit_eval(err)))
dev->stats.tx_errors++;
--
2.39.3

62
SOURCES/1011-net-sched-cls_fw-Fix-improper-refcount-update-leads-.patch
View File

@ -1,62 +0,0 @@
From 0da574f21ad25aae92e8262b7636dc95cf12aacf Mon Sep 17 00:00:00 2001
From: M A Ramdhan <ramdhan@starlabs.sg>
Date: Wed, 5 Jul 2023 12:15:30 -0400
Subject: [PATCH 3/6] net/sched: cls_fw: Fix improper refcount update leads to
use-after-free
In the event of a failure in tcf_change_indev(), fw_set_parms() will
immediately return an error after incrementing or decrementing
reference counter in tcf_bind_filter(). If attacker can control
reference counter to zero and make reference freed, leading to
use after free.
In order to prevent this, move the point of possible failure above the
point where the TC_FW_CLASSID is handled.
Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2")
Reported-by: M A Ramdhan <ramdhan@starlabs.sg>
Signed-off-by: M A Ramdhan <ramdhan@starlabs.sg>
Acked-by: Jamal Hadi Salim <jhs@mojatatu.com>
Reviewed-by: Pedro Tammela <pctammela@mojatatu.com>
Message-ID: <20230705161530.52003-1-ramdhan@starlabs.sg>
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
(cherry picked from commit 0323bce598eea038714f941ce2b22541c46d488f)
CVE: CVE-2023-3776
Signed-off-by: Mridula Shastry <mridula.c.shastry@oracle.com>
Reviewed-by: Venkat Venkatsubra <venkat.x.venkatsubra@oracle.com>
---
net/sched/cls_fw.c | 10 +++++-----
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/net/sched/cls_fw.c b/net/sched/cls_fw.c
index 6a0d3ee00758..4240ca68cbc4 100644
--- a/net/sched/cls_fw.c
+++ b/net/sched/cls_fw.c
@@ -214,11 +214,6 @@ static int fw_set_parms(struct net *net, struct tcf_proto *tp,
if (err < 0)
return err;
- if (tb[TCA_FW_CLASSID]) {
- f->res.classid = nla_get_u32(tb[TCA_FW_CLASSID]);
- tcf_bind_filter(tp, &f->res, base);
- }
-
if (tb[TCA_FW_INDEV]) {
int ret;
ret = tcf_change_indev(net, tb[TCA_FW_INDEV], extack);
@@ -235,6 +230,11 @@ static int fw_set_parms(struct net *net, struct tcf_proto *tp,
} else if (head->mask != 0xFFFFFFFF)
return err;
+ if (tb[TCA_FW_CLASSID]) {
+ f->res.classid = nla_get_u32(tb[TCA_FW_CLASSID]);
+ tcf_bind_filter(tp, &f->res, base);
+ }
+
return 0;
}
--
2.39.3

63
SOURCES/1012-netfilter-nft_set_pipapo-fix-improper-element-remova.patch
View File

@ -1,63 +0,0 @@
From 036bd76b11980194badfb3b281a0307b4f6be7df Mon Sep 17 00:00:00 2001
From: Florian Westphal <fw@strlen.de>
Date: Wed, 19 Jul 2023 21:08:21 +0200
Subject: [PATCH 4/6] netfilter: nft_set_pipapo: fix improper element removal
end key should be equal to start unless NFT_SET_EXT_KEY_END is present.
Its possible to add elements that only have a start key
("{ 1.0.0.0 . 2.0.0.0 }") without an internval end.
Insertion treats this via:
if (nft_set_ext_exists(ext, NFT_SET_EXT_KEY_END))
end = (const u8 *)nft_set_ext_key_end(ext)->data;
else
end = start;
but removal side always uses nft_set_ext_key_end().
This is wrong and leads to garbage remaining in the set after removal
next lookup/insert attempt will give:
BUG: KASAN: slab-use-after-free in pipapo_get+0x8eb/0xb90
Read of size 1 at addr ffff888100d50586 by task nft-pipapo_uaf_/1399
Call Trace:
kasan_report+0x105/0x140
pipapo_get+0x8eb/0xb90
nft_pipapo_insert+0x1dc/0x1710
nf_tables_newsetelem+0x31f5/0x4e00
..
Fixes: 3c4287f62044 ("nf_tables: Add set type for arbitrary concatenation of ranges")
Reported-by: lonial con <kongln9170@gmail.com>
Reviewed-by: Stefano Brivio <sbrivio@redhat.com>
Signed-off-by: Florian Westphal <fw@strlen.de>
(cherry picked from commit 87b5a5c209405cb6b57424cdfa226a6dbd349232)
CVE: CVE-2023-4004
Signed-off-by: Mridula Shastry <mridula.c.shastry@oracle.com>
Reviewed-by: Venkat Venkatsubra <venkat.x.venkatsubra@oracle.com>
---
net/netfilter/nft_set_pipapo.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/net/netfilter/nft_set_pipapo.c b/net/netfilter/nft_set_pipapo.c
index 1eab335fb14b..0181617f9628 100644
--- a/net/netfilter/nft_set_pipapo.c
+++ b/net/netfilter/nft_set_pipapo.c
@@ -1797,7 +1797,11 @@ static void nft_pipapo_remove(const struct net *net, const struct nft_set *set,
int i, start, rules_fx;
match_start = data;
- match_end = (const u8 *)nft_set_ext_key_end(&e->ext)->data;
+
+ if (nft_set_ext_exists(&e->ext, NFT_SET_EXT_KEY_END))
+ match_end = (const u8 *)nft_set_ext_key_end(&e->ext)->data;
+ else
+ match_end = data;
start = first_rule;
rules_fx = rules_f0;
--
2.39.3

217
SOURCES/1013-netfilter-nf_tables-prevent-OOB-access-in-nft_byteor.patch
View File

@ -1,217 +0,0 @@
From b8f43f1b9945bb063ef0eae3bcdc6e04d8728d8f Mon Sep 17 00:00:00 2001
From: Thadeu Lima de Souza Cascardo <cascardo@canonical.com>
Date: Wed, 5 Jul 2023 18:05:35 -0300
Subject: [PATCH 5/6] netfilter: nf_tables: prevent OOB access in
nft_byteorder_eval
When evaluating byteorder expressions with size 2, a union with 32-bit and
16-bit members is used. Since the 16-bit members are aligned to 32-bit,
the array accesses will be out-of-bounds.
It may lead to a stack-out-of-bounds access like the one below:
[ 23.095215] ==================================================================
[ 23.095625] BUG: KASAN: stack-out-of-bounds in nft_byteorder_eval+0x13c/0x320
[ 23.096020] Read of size 2 at addr ffffc90000007948 by task ping/115
[ 23.096358]
[ 23.096456] CPU: 0 PID: 115 Comm: ping Not tainted 6.4.0+ #413
[ 23.096770] Call Trace:
[ 23.096910] <IRQ>
[ 23.097030] dump_stack_lvl+0x60/0xc0
[ 23.097218] print_report+0xcf/0x630
[ 23.097388] ? nft_byteorder_eval+0x13c/0x320
[ 23.097577] ? kasan_addr_to_slab+0xd/0xc0
[ 23.097760] ? nft_byteorder_eval+0x13c/0x320
[ 23.097949] kasan_report+0xc9/0x110
[ 23.098106] ? nft_byteorder_eval+0x13c/0x320
[ 23.098298] __asan_load2+0x83/0xd0
[ 23.098453] nft_byteorder_eval+0x13c/0x320
[ 23.098659] nft_do_chain+0x1c8/0xc50
[ 23.098852] ? __pfx_nft_do_chain+0x10/0x10
[ 23.099078] ? __kasan_check_read+0x11/0x20
[ 23.099295] ? __pfx___lock_acquire+0x10/0x10
[ 23.099535] ? __pfx___lock_acquire+0x10/0x10
[ 23.099745] ? __kasan_check_read+0x11/0x20
[ 23.099929] nft_do_chain_ipv4+0xfe/0x140
[ 23.100105] ? __pfx_nft_do_chain_ipv4+0x10/0x10
[ 23.100327] ? lock_release+0x204/0x400
[ 23.100515] ? nf_hook.constprop.0+0x340/0x550
[ 23.100779] nf_hook_slow+0x6c/0x100
[ 23.100977] ? __pfx_nft_do_chain_ipv4+0x10/0x10
[ 23.101223] nf_hook.constprop.0+0x334/0x550
[ 23.101443] ? __pfx_ip_local_deliver_finish+0x10/0x10
[ 23.101677] ? __pfx_nf_hook.constprop.0+0x10/0x10
[ 23.101882] ? __pfx_ip_rcv_finish+0x10/0x10
[ 23.102071] ? __pfx_ip_local_deliver_finish+0x10/0x10
[ 23.102291] ? rcu_read_lock_held+0x4b/0x70
[ 23.102481] ip_local_deliver+0xbb/0x110
[ 23.102665] ? __pfx_ip_rcv+0x10/0x10
[ 23.102839] ip_rcv+0x199/0x2a0
[ 23.102980] ? __pfx_ip_rcv+0x10/0x10
[ 23.103140] __netif_receive_skb_one_core+0x13e/0x150
[ 23.103362] ? __pfx___netif_receive_skb_one_core+0x10/0x10
[ 23.103647] ? mark_held_locks+0x48/0xa0
[ 23.103819] ? process_backlog+0x36c/0x380
[ 23.103999] __netif_receive_skb+0x23/0xc0
[ 23.104179] process_backlog+0x91/0x380
[ 23.104350] __napi_poll.constprop.0+0x66/0x360
[ 23.104589] ? net_rx_action+0x1cb/0x610
[ 23.104811] net_rx_action+0x33e/0x610
[ 23.105024] ? _raw_spin_unlock+0x23/0x50
[ 23.105257] ? __pfx_net_rx_action+0x10/0x10
[ 23.105485] ? mark_held_locks+0x48/0xa0
[ 23.105741] __do_softirq+0xfa/0x5ab
[ 23.105956] ? __dev_queue_xmit+0x765/0x1c00
[ 23.106193] do_softirq.part.0+0x49/0xc0
[ 23.106423] </IRQ>
[ 23.106547] <TASK>
[ 23.106670] __local_bh_enable_ip+0xf5/0x120
[ 23.106903] __dev_queue_xmit+0x789/0x1c00
[ 23.107131] ? __pfx___dev_queue_xmit+0x10/0x10
[ 23.107381] ? find_held_lock+0x8e/0xb0
[ 23.107585] ? lock_release+0x204/0x400
[ 23.107798] ? neigh_resolve_output+0x185/0x350
[ 23.108049] ? mark_held_locks+0x48/0xa0
[ 23.108265] ? neigh_resolve_output+0x185/0x350
[ 23.108514] neigh_resolve_output+0x246/0x350
[ 23.108753] ? neigh_resolve_output+0x246/0x350
[ 23.109003] ip_finish_output2+0x3c3/0x10b0
[ 23.109250] ? __pfx_ip_finish_output2+0x10/0x10
[ 23.109510] ? __pfx_nf_hook+0x10/0x10
[ 23.109732] __ip_finish_output+0x217/0x390
[ 23.109978] ip_finish_output+0x2f/0x130
[ 23.110207] ip_output+0xc9/0x170
[ 23.110404] ip_push_pending_frames+0x1a0/0x240
[ 23.110652] raw_sendmsg+0x102e/0x19e0
[ 23.110871] ? __pfx_raw_sendmsg+0x10/0x10
[ 23.111093] ? lock_release+0x204/0x400
[ 23.111304] ? __mod_lruvec_page_state+0x148/0x330
[ 23.111567] ? find_held_lock+0x8e/0xb0
[ 23.111777] ? find_held_lock+0x8e/0xb0
[ 23.111993] ? __rcu_read_unlock+0x7c/0x2f0
[ 23.112225] ? aa_sk_perm+0x18a/0x550
[ 23.112431] ? filemap_map_pages+0x4f1/0x900
[ 23.112665] ? __pfx_aa_sk_perm+0x10/0x10
[ 23.112880] ? find_held_lock+0x8e/0xb0
[ 23.113098] inet_sendmsg+0xa0/0xb0
[ 23.113297] ? inet_sendmsg+0xa0/0xb0
[ 23.113500] ? __pfx_inet_sendmsg+0x10/0x10
[ 23.113727] sock_sendmsg+0xf4/0x100
[ 23.113924] ? move_addr_to_kernel.part.0+0x4f/0xa0
[ 23.114190] __sys_sendto+0x1d4/0x290
[ 23.114391] ? __pfx___sys_sendto+0x10/0x10
[ 23.114621] ? __pfx_mark_lock.part.0+0x10/0x10
[ 23.114869] ? lock_release+0x204/0x400
[ 23.115076] ? find_held_lock+0x8e/0xb0
[ 23.115287] ? rcu_is_watching+0x23/0x60
[ 23.115503] ? __rseq_handle_notify_resume+0x6e2/0x860
[ 23.115778] ? __kasan_check_write+0x14/0x30
[ 23.116008] ? blkcg_maybe_throttle_current+0x8d/0x770
[ 23.116285] ? mark_held_locks+0x28/0xa0
[ 23.116503] ? do_syscall_64+0x37/0x90
[ 23.116713] __x64_sys_sendto+0x7f/0xb0
[ 23.116924] do_syscall_64+0x59/0x90
[ 23.117123] ? irqentry_exit_to_user_mode+0x25/0x30
[ 23.117387] ? irqentry_exit+0x77/0xb0
[ 23.117593] ? exc_page_fault+0x92/0x140
[ 23.117806] entry_SYSCALL_64_after_hwframe+0x6e/0xd8
[ 23.118081] RIP: 0033:0x7f744aee2bba
[ 23.118282] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb b8 0f 1f 00 f3 0f 1e fa 41 89 ca 64 8b 04 25 18 00 00 00 85 c0 75 15 b8 2c 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 7e c3 0f 1f 44 00 00 41 54 48 83 ec 30 44 89
[ 23.119237] RSP: 002b:00007ffd04a7c9f8 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[ 23.119644] RAX: ffffffffffffffda RBX: 00007ffd04a7e0a0 RCX: 00007f744aee2bba
[ 23.120023] RDX: 0000000000000040 RSI: 000056488e9e6300 RDI: 0000000000000003
[ 23.120413] RBP: 000056488e9e6300 R08: 00007ffd04a80320 R09: 0000000000000010
[ 23.120809] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000040
[ 23.121219] R13: 00007ffd04a7dc38 R14: 00007ffd04a7ca00 R15: 00007ffd04a7e0a0
[ 23.121617] </TASK>
[ 23.121749]
[ 23.121845] The buggy address belongs to the virtual mapping at
[ 23.121845] [ffffc90000000000, ffffc90000009000) created by:
[ 23.121845] irq_init_percpu_irqstack+0x1cf/0x270
[ 23.122707]
[ 23.122803] The buggy address belongs to the physical page:
[ 23.123104] page:0000000072ac19f0 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x24a09
[ 23.123609] flags: 0xfffffc0001000(reserved|node=0|zone=1|lastcpupid=0x1fffff)
[ 23.123998] page_type: 0xffffffff()
[ 23.124194] raw: 000fffffc0001000 ffffea0000928248 ffffea0000928248 0000000000000000
[ 23.124610] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[ 23.125023] page dumped because: kasan: bad access detected
[ 23.125326]
[ 23.125421] Memory state around the buggy address:
[ 23.125682] ffffc90000007800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 23.126072] ffffc90000007880: 00 00 00 00 00 f1 f1 f1 f1 f1 f1 00 00 f2 f2 00
[ 23.126455] >ffffc90000007900: 00 00 00 00 00 00 00 00 00 f2 f2 f2 f2 00 00 00
[ 23.126840] ^
[ 23.127138] ffffc90000007980: 00 00 00 00 00 00 00 00 00 00 00 00 00 f3 f3 f3
[ 23.127522] ffffc90000007a00: f3 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 f1
[ 23.127906] ==================================================================
[ 23.128324] Disabling lock debugging due to kernel taint
Using simple s16 pointers for the 16-bit accesses fixes the problem. For
the 32-bit accesses, src and dst can be used directly.
Fixes: 96518518cc41 ("netfilter: add nftables")
Cc: stable@vger.kernel.org
Reported-by: Tanguy DUBROCA (@SidewayRE) from @Synacktiv working with ZDI
Signed-off-by: Thadeu Lima de Souza Cascardo <cascardo@canonical.com>
Reviewed-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
(cherry picked from commit caf3ef7468f7534771b5c44cd8dbd6f7f87c2cbd)
CVE: CVE-2023-35001
Signed-off-by: Mridula Shastry <mridula.c.shastry@oracle.com>
Reviewed-by: Venkat Venkatsubra <venkat.x.venkatsubra@oracle.com>
---
net/netfilter/nft_byteorder.c | 14 +++++++-------
1 file changed, 7 insertions(+), 7 deletions(-)
diff --git a/net/netfilter/nft_byteorder.c b/net/netfilter/nft_byteorder.c
index 6fc6f2f45b0a..a752c98e97fb 100644
--- a/net/netfilter/nft_byteorder.c
+++ b/net/netfilter/nft_byteorder.c
@@ -33,11 +33,11 @@ void nft_byteorder_eval(const struct nft_expr *expr,
const struct nft_byteorder *priv = nft_expr_priv(expr);
u32 *src = &regs->data[priv->sreg];
u32 *dst = &regs->data[priv->dreg];
- union { u32 u32; u16 u16; } *s, *d;
+ u16 *s16, *d16;
unsigned int i;
- s = (void *)src;
- d = (void *)dst;
+ s16 = (void *)src;
+ d16 = (void *)dst;
switch (priv->size) {
case 8: {
@@ -64,11 +64,11 @@ void nft_byteorder_eval(const struct nft_expr *expr,
switch (priv->op) {
case NFT_BYTEORDER_NTOH:
for (i = 0; i < priv->len / 4; i++)
- d[i].u32 = ntohl((__force __be32)s[i].u32);
+ dst[i] = ntohl((__force __be32)src[i]);
break;
case NFT_BYTEORDER_HTON:
for (i = 0; i < priv->len / 4; i++)
- d[i].u32 = (__force __u32)htonl(s[i].u32);
+ dst[i] = (__force __u32)htonl(src[i]);
break;
}
break;
@@ -76,11 +76,11 @@ void nft_byteorder_eval(const struct nft_expr *expr,
switch (priv->op) {
case NFT_BYTEORDER_NTOH:
for (i = 0; i < priv->len / 2; i++)
- d[i].u16 = ntohs((__force __be16)s[i].u16);
+ d16[i] = ntohs((__force __be16)s16[i]);
break;
case NFT_BYTEORDER_HTON:
for (i = 0; i < priv->len / 2; i++)
- d[i].u16 = (__force __u16)htons(s[i].u16);
+ d16[i] = (__force __u16)htons(s16[i]);
break;
}
break;
--
2.39.3

44
SOURCES/1014-net-sched-flower-fix-possible-OOB-write-in-fl_set_ge.patch
View File

@ -1,44 +0,0 @@
From b07f2873225c6e16abd6ec352e9cd52a72fe7785 Mon Sep 17 00:00:00 2001
From: Hangyu Hua <hbh25y@gmail.com>
Date: Wed, 31 May 2023 18:28:04 +0800
Subject: [PATCH 6/6] net/sched: flower: fix possible OOB write in
fl_set_geneve_opt()
If we send two TCA_FLOWER_KEY_ENC_OPTS_GENEVE packets and their total
size is 252 bytes(key->enc_opts.len = 252) then
key->enc_opts.len = opt->length = data_len / 4 = 0 when the third
TCA_FLOWER_KEY_ENC_OPTS_GENEVE packet enters fl_set_geneve_opt. This
bypasses the next bounds check and results in an out-of-bounds.
Fixes: 0a6e77784f49 ("net/sched: allow flower to match tunnel options")
Signed-off-by: Hangyu Hua <hbh25y@gmail.com>
Reviewed-by: Simon Horman <simon.horman@corigine.com>
Reviewed-by: Pieter Jansen van Vuuren <pieter.jansen-van-vuuren@amd.com>
Link: https://lore.kernel.org/r/20230531102805.27090-1-hbh25y@gmail.com
Signed-off-by: Paolo Abeni <pabeni@redhat.com>
(cherry picked from commit 4d56304e5827c8cc8cc18c75343d283af7c4825c)
CVE: CVE-2023-35788
Signed-off-by: Mridula Shastry <mridula.c.shastry@oracle.com>
Reviewed-by: Venkat Venkatsubra <venkat.x.venkatsubra@oracle.com>
---
net/sched/cls_flower.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/net/sched/cls_flower.c b/net/sched/cls_flower.c
index b81abfcd2a19..ca232483cfab 100644
--- a/net/sched/cls_flower.c
+++ b/net/sched/cls_flower.c
@@ -1151,6 +1151,9 @@ static int fl_set_geneve_opt(const struct nlattr *nla, struct fl_flow_key *key,
if (option_len > sizeof(struct geneve_opt))
data_len = option_len - sizeof(struct geneve_opt);
+ if (key->enc_opts.len > FLOW_DIS_TUN_OPTS_MAX - 4)
+ return -ERANGE;
+
opt = (struct geneve_opt *)&key->enc_opts.data[key->enc_opts.len];
memset(opt, 0xff, option_len);
opt->length = data_len / 4;
--
2.39.3

243
SOURCES/1015-x86-microcode-intel-Expose-collect_cpu_info_early-fo.patch
View File

@ -1,243 +0,0 @@
From 38871bad2601515be96d1c3eb2ca1dbe2293bfff Mon Sep 17 00:00:00 2001
From: Jithu Joseph <jithu.joseph@intel.com>
Date: Fri, 6 May 2022 15:53:59 -0700
Subject: [PATCH 01/36] x86/microcode/intel: Expose collect_cpu_info_early()
for IFS
IFS is a CPU feature that allows a binary blob, similar to microcode,
to be loaded and consumed to perform low level validation of CPU
circuitry. In fact, it carries the same Processor Signature
(family/model/stepping) details that are contained in Intel microcode
blobs.
In support of an IFS driver to trigger loading, validation, and running
of these tests blobs, make the functionality of cpu_signatures_match()
and collect_cpu_info_early() available outside of the microcode driver.
Add an "intel_" prefix and drop the "_early" suffix from
collect_cpu_info_early() and EXPORT_SYMBOL_GPL() it. Add
declaration to x86 <asm/cpu.h>
Make cpu_signatures_match() an inline function in x86 <asm/cpu.h>,
and also give it an "intel_" prefix.
No functional change intended.
Reviewed-by: Dan Williams <dan.j.williams@intel.com>
Signed-off-by: Jithu Joseph <jithu.joseph@intel.com>
Co-developed-by: Tony Luck <tony.luck@intel.com>
Signed-off-by: Tony Luck <tony.luck@intel.com>
Reviewed-by: Thomas Gleixner <tglx@linutronix.de>
Acked-by: Borislav Petkov <bp@suse.de>
Reviewed-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Link: https://lore.kernel.org/r/20220506225410.1652287-2-tony.luck@intel.com
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
(cherry picked from commit d3287fb0d3c8afdfd4870a6cd4a852abc9008b3b)
Signed-off-by: Mridula Shastry <mridula.c.shastry@oracle.com>
Reviewed-by: Todd Vierling <todd.vierling@oracle.com>
---
arch/x86/include/asm/cpu.h | 19 +++++++++
arch/x86/kernel/cpu/intel.c | 32 +++++++++++++++
arch/x86/kernel/cpu/microcode/intel.c | 59 ++++-----------------------
3 files changed, 58 insertions(+), 52 deletions(-)
diff --git a/arch/x86/include/asm/cpu.h b/arch/x86/include/asm/cpu.h
index 21924730afae..2d62a3f122ee 100644
--- a/arch/x86/include/asm/cpu.h
+++ b/arch/x86/include/asm/cpu.h
@@ -73,4 +73,23 @@ static inline u8 get_this_hybrid_cpu_type(void)
return 0;
}
#endif
+
+struct ucode_cpu_info;
+
+int intel_cpu_collect_info(struct ucode_cpu_info *uci);
+
+static inline bool intel_cpu_signatures_match(unsigned int s1, unsigned int p1,
+ unsigned int s2, unsigned int p2)
+{
+ if (s1 != s2)
+ return false;
+
+ /* Processor flags are either both 0 ... */
+ if (!p1 && !p2)
+ return true;
+
+ /* ... or they intersect. */
+ return p1 & p2;
+}
+
#endif /* _ASM_X86_CPU_H */
diff --git a/arch/x86/kernel/cpu/intel.c b/arch/x86/kernel/cpu/intel.c
index 7579e773e29b..cf85431fb09a 100644
--- a/arch/x86/kernel/cpu/intel.c
+++ b/arch/x86/kernel/cpu/intel.c
@@ -217,6 +217,38 @@ static bool bad_spectre_microcode(struct cpuinfo_x86 *c)
return false;
}
+int intel_cpu_collect_info(struct ucode_cpu_info *uci)
+{
+ unsigned int val[2];
+ unsigned int family, model;
+ struct cpu_signature csig = { 0 };
+ unsigned int eax, ebx, ecx, edx;
+
+ memset(uci, 0, sizeof(*uci));
+
+ eax = 0x00000001;
+ ecx = 0;
+ native_cpuid(&eax, &ebx, &ecx, &edx);
+ csig.sig = eax;
+
+ family = x86_family(eax);
+ model = x86_model(eax);
+
+ if (model >= 5 || family > 6) {
+ /* get processor flags from MSR 0x17 */
+ native_rdmsr(MSR_IA32_PLATFORM_ID, val[0], val[1]);
+ csig.pf = 1 << ((val[1] >> 18) & 7);
+ }
+
+ csig.rev = intel_get_microcode_revision();
+
+ uci->cpu_sig = csig;
+ uci->valid = 1;
+
+ return 0;
+}
+EXPORT_SYMBOL_GPL(intel_cpu_collect_info);
+
static void early_init_intel(struct cpuinfo_x86 *c)
{
u64 misc_enable;
diff --git a/arch/x86/kernel/cpu/microcode/intel.c b/arch/x86/kernel/cpu/microcode/intel.c
index 6a99535d7f37..5f8223909db4 100644
--- a/arch/x86/kernel/cpu/microcode/intel.c
+++ b/arch/x86/kernel/cpu/microcode/intel.c
@@ -45,20 +45,6 @@ static struct microcode_intel *intel_ucode_patch;
/* last level cache size per core */
static int llc_size_per_core;
-static inline bool cpu_signatures_match(unsigned int s1, unsigned int p1,
- unsigned int s2, unsigned int p2)
-{
- if (s1 != s2)
- return false;
-
- /* Processor flags are either both 0 ... */
- if (!p1 && !p2)
- return true;
-
- /* ... or they intersect. */
- return p1 & p2;
-}
-
/*
* Returns 1 if update has been found, 0 otherwise.
*/
@@ -69,7 +55,7 @@ static int find_matching_signature(void *mc, unsigned int csig, int cpf)
struct extended_signature *ext_sig;
int i;
- if (cpu_signatures_match(csig, cpf, mc_hdr->sig, mc_hdr->pf))
+ if (intel_cpu_signatures_match(csig, cpf, mc_hdr->sig, mc_hdr->pf))
return 1;
/* Look for ext. headers: */
@@ -80,7 +66,7 @@ static int find_matching_signature(void *mc, unsigned int csig, int cpf)
ext_sig = (void *)ext_hdr + EXT_HEADER_SIZE;
for (i = 0; i < ext_hdr->count; i++) {
- if (cpu_signatures_match(csig, cpf, ext_sig->sig, ext_sig->pf))
+ if (intel_cpu_signatures_match(csig, cpf, ext_sig->sig, ext_sig->pf))
return 1;
ext_sig++;
}
@@ -385,37 +371,6 @@ next:
return patch;
}
-static int collect_cpu_info_early(struct ucode_cpu_info *uci)
-{
- unsigned int val[2];
- unsigned int family, model;
- struct cpu_signature csig = { 0 };
- unsigned int eax, ebx, ecx, edx;
-
- memset(uci, 0, sizeof(*uci));
-
- eax = 0x00000001;
- ecx = 0;
- native_cpuid(&eax, &ebx, &ecx, &edx);
- csig.sig = eax;
-
- family = x86_family(eax);
- model = x86_model(eax);
-
- if ((model >= 5) || (family > 6)) {
- /* get processor flags from MSR 0x17 */
- native_rdmsr(MSR_IA32_PLATFORM_ID, val[0], val[1]);
- csig.pf = 1 << ((val[1] >> 18) & 7);
- }
-
- csig.rev = intel_get_microcode_revision();
-
- uci->cpu_sig = csig;
- uci->valid = 1;
-
- return 0;
-}
-
static void show_saved_mc(void)
{
#ifdef DEBUG
@@ -429,7 +384,7 @@ static void show_saved_mc(void)
return;
}
- collect_cpu_info_early(&uci);
+ intel_cpu_collect_info(&uci);
sig = uci.cpu_sig.sig;
pf = uci.cpu_sig.pf;
@@ -538,7 +493,7 @@ void show_ucode_info_early(void)
struct ucode_cpu_info uci;
if (delay_ucode_info) {
- collect_cpu_info_early(&uci);
+ intel_cpu_collect_info(&uci);
print_ucode_info(&uci, current_mc_date);
delay_ucode_info = 0;
}
@@ -640,7 +595,7 @@ int __init save_microcode_in_initrd_intel(void)
if (!(cp.data && cp.size))
return 0;
- collect_cpu_info_early(&uci);
+ intel_cpu_collect_info(&uci);
scan_microcode(cp.data, cp.size, &uci, true);
@@ -673,7 +628,7 @@ static struct microcode_intel *__load_ucode_intel(struct ucode_cpu_info *uci)
if (!(cp.data && cp.size))
return NULL;
- collect_cpu_info_early(uci);
+ intel_cpu_collect_info(uci);
return scan_microcode(cp.data, cp.size, uci, false);
}
@@ -748,7 +703,7 @@ void reload_ucode_intel(void)
struct microcode_intel *p;
struct ucode_cpu_info uci;
- collect_cpu_info_early(&uci);
+ intel_cpu_collect_info(&uci);
p = find_patch(&uci);
if (!p)
--
2.39.3

129
SOURCES/1016-x86-cpu-Load-microcode-during-restore_processor_stat.patch
View File

@ -1,129 +0,0 @@
From be1cba911af4925ef0f42bdfee9682b01c94dfcb Mon Sep 17 00:00:00 2001
From: Borislav Petkov <bp@suse.de>
Date: Tue, 19 Apr 2022 09:52:41 -0700
Subject: [PATCH 02/36] x86/cpu: Load microcode during
restore_processor_state()
When resuming from system sleep state, restore_processor_state()
restores the boot CPU MSRs. These MSRs could be emulated by microcode.
If microcode is not loaded yet, writing to emulated MSRs leads to
unchecked MSR access error:
...
PM: Calling lapic_suspend+0x0/0x210
unchecked MSR access error: WRMSR to 0x10f (tried to write 0x0...0) at rIP: ... (native_write_msr)
Call Trace:
<TASK>
? restore_processor_state
x86_acpi_suspend_lowlevel
acpi_suspend_enter
suspend_devices_and_enter
pm_suspend.cold
state_store
kobj_attr_store
sysfs_kf_write
kernfs_fop_write_iter
new_sync_write
vfs_write
ksys_write
__x64_sys_write
do_syscall_64
entry_SYSCALL_64_after_hwframe
RIP: 0033:0x7fda13c260a7
To ensure microcode emulated MSRs are available for restoration, load
the microcode on the boot CPU before restoring these MSRs.
[ Pawan: write commit message and productize it. ]
Fixes: e2a1256b17b1 ("x86/speculation: Restore speculation related MSRs during S3 resume")
Reported-by: Kyle D. Pelton <kyle.d.pelton@intel.com>
Signed-off-by: Borislav Petkov <bp@suse.de>
Signed-off-by: Pawan Gupta <pawan.kumar.gupta@linux.intel.com>
Tested-by: Kyle D. Pelton <kyle.d.pelton@intel.com>
Cc: stable@vger.kernel.org
Link: https://bugzilla.kernel.org/show_bug.cgi?id=215841
Link: https://lore.kernel.org/r/4350dfbf785cd482d3fafa72b2b49c83102df3ce.1650386317.git.pawan.kumar.gupta@linux.intel.com
(cherry picked from commit f9e14dbbd454581061c736bf70bf5cbb15ac927c)
Signed-off-by: Mridula Shastry <mridula.c.shastry@oracle.com>
Reviewed-by: Todd Vierling <todd.vierling@oracle.com>
---
arch/x86/include/asm/microcode.h | 2 ++
arch/x86/kernel/cpu/microcode/core.c | 6 +++---
arch/x86/power/cpu.c | 8 ++++++++
3 files changed, 13 insertions(+), 3 deletions(-)
diff --git a/arch/x86/include/asm/microcode.h b/arch/x86/include/asm/microcode.h
index 2b7cc5397f80..a930a63d1260 100644
--- a/arch/x86/include/asm/microcode.h
+++ b/arch/x86/include/asm/microcode.h
@@ -133,6 +133,7 @@ extern void load_ucode_ap(void);
void reload_early_microcode(void);
extern bool get_builtin_firmware(struct cpio_data *cd, const char *name);
extern bool initrd_gone;
+void microcode_bsp_resume(void);
#else
static inline int __init microcode_init(void) { return 0; };
static inline void __init load_ucode_bsp(void) { }
@@ -140,6 +141,7 @@ static inline void load_ucode_ap(void) { }
static inline void reload_early_microcode(void) { }
static inline bool
get_builtin_firmware(struct cpio_data *cd, const char *name) { return false; }
+static inline void microcode_bsp_resume(void) { }
#endif
#endif /* _ASM_X86_MICROCODE_H */
diff --git a/arch/x86/kernel/cpu/microcode/core.c b/arch/x86/kernel/cpu/microcode/core.c
index e263da7247af..f0946658f885 100644
--- a/arch/x86/kernel/cpu/microcode/core.c
+++ b/arch/x86/kernel/cpu/microcode/core.c
@@ -778,9 +778,9 @@ static struct subsys_interface mc_cpu_interface = {
};
/**
- * mc_bp_resume - Update boot CPU microcode during resume.
+ * microcode_bsp_resume - Update boot CPU microcode during resume.
*/
-static void mc_bp_resume(void)
+void microcode_bsp_resume(void)
{
int cpu = smp_processor_id();
struct ucode_cpu_info *uci = ucode_cpu_info + cpu;
@@ -792,7 +792,7 @@ static void mc_bp_resume(void)
}
static struct syscore_ops mc_syscore_ops = {
- .resume = mc_bp_resume,
+ .resume = microcode_bsp_resume,
};
static int mc_cpu_starting(unsigned int cpu)
diff --git a/arch/x86/power/cpu.c b/arch/x86/power/cpu.c
index f48756c903d4..dd5a29553697 100644
--- a/arch/x86/power/cpu.c
+++ b/arch/x86/power/cpu.c
@@ -25,6 +25,7 @@
#include <asm/cpu.h>
#include <asm/mmu_context.h>
#include <linux/dmi.h>
+#include <asm/microcode.h>
#ifdef CONFIG_X86_32
__visible unsigned long saved_context_ebx;
@@ -266,6 +267,13 @@ static void notrace __restore_processor_state(struct saved_context *ctxt)
x86_platform.restore_sched_clock_state();
mtrr_bp_restore();
perf_restore_debug_store();
+
+ microcode_bsp_resume();
+
+ /*
+ * This needs to happen after the microcode has been updated upon resume
+ * because some of the MSRs are "emulated" in microcode.
+ */
msr_restore_context(ctxt);
}
--
2.39.3

51
SOURCES/1017-x86-microcode-Deprecate-MICROCODE_OLD_INTERFACE.patch
View File

@ -1,51 +0,0 @@
From b31d4c149df44c050b12b7aca2c535e06f1b1237 Mon Sep 17 00:00:00 2001
From: Borislav Petkov <bp@suse.de>
Date: Fri, 5 Apr 2019 06:28:11 +0200
Subject: [PATCH 03/36] x86/microcode: Deprecate MICROCODE_OLD_INTERFACE
This is the ancient loading interface which requires special tools to be
used. The bigger problem with it is that it is as inadequate for proper
loading of microcode as the late microcode loading interface is because
it happens just as late.
iucode_tool's manpage already warns people that it is deprecated.
Deprecate it and turn it off by default along with a big fat warning in
the Kconfig help. It will go away sometime in the future.
Signed-off-by: Borislav Petkov <bp@suse.de>
Reviewed-by: Thomas Gleixner <tglx@linutronix.de>
Cc: x86@kernel.org
Link: https://lkml.kernel.org/r/20190405133010.24249-4-bp@alien8.de
(cherry picked from commit c02f48e070bde326f55bd94544ca82291f7396e3)
Signed-off-by: Mridula Shastry <mridula.c.shastry@oracle.com>
Reviewed-by: Todd Vierling <todd.vierling@oracle.com>
---
arch/x86/Kconfig | 10 +++++++++-
1 file changed, 9 insertions(+), 1 deletion(-)
diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig
index f26d1d596e9a..4f762b807bd4 100644
--- a/arch/x86/Kconfig
+++ b/arch/x86/Kconfig
@@ -1361,8 +1361,16 @@ config MICROCODE_AMD
processors will be enabled.
config MICROCODE_OLD_INTERFACE
- def_bool y
+ bool "Ancient loading interface (DEPRECATED)"
+ default n
depends on MICROCODE
+ ---help---
+ DO NOT USE THIS! This is the ancient /dev/cpu/microcode interface
+ which was used by userspace tools like iucode_tool and microcode.ctl.
+ It is inadequate because it runs too late to be able to properly
+ load microcode on a machine and it needs special tools. Instead, you
+ should've switched to the early loading method with the initrd or
+ builtin microcode by now: Documentation/x86/microcode.txt
config X86_MSR
tristate "/dev/cpu/*/msr - Model-specific register support"
--
2.39.3

170
SOURCES/1018-x86-microcode-Rip-out-the-OLD_INTERFACE.patch
View File

@ -1,170 +0,0 @@
From c11a8e91d637901133fad441470d2240cc9d05e7 Mon Sep 17 00:00:00 2001
From: Borislav Petkov <bp@suse.de>
Date: Wed, 25 May 2022 18:12:29 +0200
Subject: [PATCH 04/36] x86/microcode: Rip out the OLD_INTERFACE
Everything should be using the early initrd loading by now.
Signed-off-by: Borislav Petkov <bp@suse.de>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Link: https://lore.kernel.org/r/20220525161232.14924-2-bp@alien8.de
(cherry picked from commit 181b6f40e9ea80c76756d4d0cdeed396016c487e)
Signed-off-by: Mridula Shastry <mridula.c.shastry@oracle.com>
Reviewed-by: Todd Vierling <todd.vierling@oracle.com>
---
arch/x86/Kconfig | 12 ----
arch/x86/kernel/cpu/microcode/core.c | 100 ---------------------------
2 files changed, 112 deletions(-)
diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig
index 4f762b807bd4..b9bcde5c538f 100644
--- a/arch/x86/Kconfig
+++ b/arch/x86/Kconfig
@@ -1360,18 +1360,6 @@ config MICROCODE_AMD
If you select this option, microcode patch loading support for AMD
processors will be enabled.
-config MICROCODE_OLD_INTERFACE
- bool "Ancient loading interface (DEPRECATED)"
- default n
- depends on MICROCODE
- ---help---
- DO NOT USE THIS! This is the ancient /dev/cpu/microcode interface
- which was used by userspace tools like iucode_tool and microcode.ctl.
- It is inadequate because it runs too late to be able to properly
- load microcode on a machine and it needs special tools. Instead, you
- should've switched to the early loading method with the initrd or
- builtin microcode by now: Documentation/x86/microcode.txt
-
config X86_MSR
tristate "/dev/cpu/*/msr - Model-specific register support"
---help---
diff --git a/arch/x86/kernel/cpu/microcode/core.c b/arch/x86/kernel/cpu/microcode/core.c
index f0946658f885..bbc262a5fc0d 100644
--- a/arch/x86/kernel/cpu/microcode/core.c
+++ b/arch/x86/kernel/cpu/microcode/core.c
@@ -392,98 +392,6 @@ static int apply_microcode_on_target(int cpu)
return ret;
}
-#ifdef CONFIG_MICROCODE_OLD_INTERFACE
-static int do_microcode_update(const void __user *buf, size_t size)
-{
- int error = 0;
- int cpu;
-
- for_each_online_cpu(cpu) {
- struct ucode_cpu_info *uci = ucode_cpu_info + cpu;
- enum ucode_state ustate;
-
- if (!uci->valid)
- continue;
-
- ustate = microcode_ops->request_microcode_user(cpu, buf, size);
- if (ustate == UCODE_ERROR) {
- error = -1;
- break;
- } else if (ustate == UCODE_NEW) {
- apply_microcode_on_target(cpu);
- }
- }
-
- return error;
-}
-
-static int microcode_open(struct inode *inode, struct file *file)
-{
- return capable(CAP_SYS_RAWIO) ? nonseekable_open(inode, file) : -EPERM;
-}
-
-static ssize_t microcode_write(struct file *file, const char __user *buf,
- size_t len, loff_t *ppos)
-{
- ssize_t ret = -EINVAL;
- unsigned long nr_pages = totalram_pages();
-
- if ((len >> PAGE_SHIFT) > nr_pages) {
- pr_err("too much data (max %ld pages)\n", nr_pages);
- return ret;
- }
-
- get_online_cpus();
- mutex_lock(&microcode_mutex);
-
- if (do_microcode_update(buf, len) == 0)
- ret = (ssize_t)len;
-
- if (ret > 0)
- perf_check_microcode();
-
- mutex_unlock(&microcode_mutex);
- put_online_cpus();
-
- return ret;
-}
-
-static const struct file_operations microcode_fops = {
- .owner = THIS_MODULE,
- .write = microcode_write,
- .open = microcode_open,
- .llseek = no_llseek,
-};
-
-static struct miscdevice microcode_dev = {
- .minor = MICROCODE_MINOR,
- .name = "microcode",
- .nodename = "cpu/microcode",
- .fops = &microcode_fops,
-};
-
-static int __init microcode_dev_init(void)
-{
- int error;
-
- error = misc_register(&microcode_dev);
- if (error) {
- pr_err("can't misc_register on minor=%d\n", MICROCODE_MINOR);
- return error;
- }
-
- return 0;
-}
-
-static void __exit microcode_dev_exit(void)
-{
- misc_deregister(&microcode_dev);
-}
-#else
-#define microcode_dev_init() 0
-#define microcode_dev_exit() do { } while (0)
-#endif
-
/* fake device for request_firmware */
static struct platform_device *microcode_pdev;
@@ -876,10 +784,6 @@ int __init microcode_init(void)
goto out_driver;
}
- error = microcode_dev_init();
- if (error)
- goto out_ucode_group;
-
register_syscore_ops(&mc_syscore_ops);
cpuhp_setup_state_nocalls(CPUHP_AP_MICROCODE_LOADER, "x86/microcode:starting",
mc_cpu_starting, NULL);
@@ -890,10 +794,6 @@ int __init microcode_init(void)
return 0;
- out_ucode_group:
- sysfs_remove_group(&cpu_subsys.dev_root->kobj,
- &cpu_root_microcode_group);
-
out_driver:
get_online_cpus();
mutex_lock(&microcode_mutex);
--
2.39.3

106
SOURCES/1019-x86-microcode-Default-disable-late-loading.patch
View File

@ -1,106 +0,0 @@
From 9cc01dc772e684b7864d8c8a1f526035c991aa76 Mon Sep 17 00:00:00 2001
From: Borislav Petkov <bp@suse.de>
Date: Wed, 25 May 2022 18:12:30 +0200
Subject: [PATCH 05/36] x86/microcode: Default-disable late loading
It is dangerous and it should not be used anyway - there's a nice early
loading already.
Requested-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Signed-off-by: Borislav Petkov <bp@suse.de>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Link: https://lore.kernel.org/r/20220525161232.14924-3-bp@alien8.de
(cherry picked from commit a77a94f86273ce42a39cb479217dd8d68acfe0ff)
Signed-off-by: Mridula Shastry <mridula.c.shastry@oracle.com>
Reviewed-by: Todd Vierling <todd.vierling@oracle.com>
---
arch/x86/Kconfig | 11 +++++++++++
arch/x86/kernel/cpu/common.c | 2 ++
arch/x86/kernel/cpu/microcode/core.c | 7 ++++++-
3 files changed, 19 insertions(+), 1 deletion(-)
diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig
index b9bcde5c538f..5af5427c50ae 100644
--- a/arch/x86/Kconfig
+++ b/arch/x86/Kconfig
@@ -1360,6 +1360,17 @@ config MICROCODE_AMD
If you select this option, microcode patch loading support for AMD
processors will be enabled.
+config MICROCODE_LATE_LOADING
+ bool "Late microcode loading (DANGEROUS)"
+ default n
+ depends on MICROCODE
+ help
+ Loading microcode late, when the system is up and executing instructions
+ is a tricky business and should be avoided if possible. Just the sequence
+ of synchronizing all cores and SMT threads is one fragile dance which does
+ not guarantee that cores might not softlock after the loading. Therefore,
+ use this at your own risk. Late loading taints the kernel too.
+
config X86_MSR
tristate "/dev/cpu/*/msr - Model-specific register support"
---help---
diff --git a/arch/x86/kernel/cpu/common.c b/arch/x86/kernel/cpu/common.c
index f59edeef14eb..7be057c7531c 100644
--- a/arch/x86/kernel/cpu/common.c
+++ b/arch/x86/kernel/cpu/common.c
@@ -2145,6 +2145,7 @@ void cpu_init_secondary(void)
}
#endif
+#ifdef CONFIG_MICROCODE_LATE_LOADING
/*
* The microcode loader calls this upon late microcode load to recheck features,
* only when microcode has been updated. Caller holds microcode_mutex and CPU
@@ -2174,6 +2175,7 @@ void microcode_check(void)
pr_warn("x86/CPU: CPU features have changed after loading microcode, but might not take effect.\n");
pr_warn("x86/CPU: Please consider either early loading through initrd/built-in or a potential BIOS update.\n");
}
+#endif
/*
* Invoked from core CPU hotplug code after hotplug operations
diff --git a/arch/x86/kernel/cpu/microcode/core.c b/arch/x86/kernel/cpu/microcode/core.c
index bbc262a5fc0d..c4d19f4b7afb 100644
--- a/arch/x86/kernel/cpu/microcode/core.c
+++ b/arch/x86/kernel/cpu/microcode/core.c
@@ -395,6 +395,7 @@ static int apply_microcode_on_target(int cpu)
/* fake device for request_firmware */
static struct platform_device *microcode_pdev;
+#ifdef CONFIG_MICROCODE_LATE_LOADING
/*
* Late loading dance. Why the heavy-handed stomp_machine effort?
*
@@ -563,6 +564,9 @@ put:
return ret;
}
+static DEVICE_ATTR_WO(reload);
+#endif
+
static ssize_t version_show(struct device *dev,
struct device_attribute *attr, char *buf)
{
@@ -579,7 +583,6 @@ static ssize_t pf_show(struct device *dev,
return sprintf(buf, "0x%x\n", uci->cpu_sig.pf);
}
-static DEVICE_ATTR_WO(reload);
static DEVICE_ATTR(version, 0444, version_show, NULL);
static DEVICE_ATTR(processor_flags, 0444, pf_show, NULL);
@@ -732,7 +735,9 @@ static int mc_cpu_down_prep(unsigned int cpu)
}
static struct attribute *cpu_root_microcode_attrs[] = {
+#ifdef CONFIG_MICROCODE_LATE_LOADING
&dev_attr_reload.attr,
+#endif
NULL
};
--
2.39.3

47
SOURCES/1020-x86-microcode-Taint-and-warn-on-late-loading.patch
View File

@ -1,47 +0,0 @@
From abfdcc849a720f36bbb075ee35d64e84314387fe Mon Sep 17 00:00:00 2001
From: Borislav Petkov <bp@suse.de>
Date: Wed, 25 May 2022 18:12:31 +0200
Subject: [PATCH 06/36] x86/microcode: Taint and warn on late loading
Warn before it is attempted and taint the kernel. Late loading microcode
can lead to malfunction of the kernel when the microcode update changes
behaviour. There is no way for the kernel to determine whether its safe or
not.
Signed-off-by: Borislav Petkov <bp@suse.de>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Link: https://lore.kernel.org/r/20220525161232.14924-4-bp@alien8.de
(cherry picked from commit d23d33ea0fcdc4bbb484990bf53867f99c63ccab)
Signed-off-by: Mridula Shastry <mridula.c.shastry@oracle.com>
Reviewed-by: Todd Vierling <todd.vierling@oracle.com>
---
arch/x86/kernel/cpu/microcode/core.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/arch/x86/kernel/cpu/microcode/core.c b/arch/x86/kernel/cpu/microcode/core.c
index c4d19f4b7afb..a803b839b16e 100644
--- a/arch/x86/kernel/cpu/microcode/core.c
+++ b/arch/x86/kernel/cpu/microcode/core.c
@@ -513,6 +513,9 @@ static int microcode_reload_late(void)
{
int ret;
+ pr_err("Attempting late microcode loading - it is dangerous and taints the kernel.\n");
+ pr_err("You should switch to early loading, if possible.\n");
+
atomic_set(&late_cpus_in, 0);
atomic_set(&late_cpus_out, 0);
@@ -561,6 +564,8 @@ put:
if (ret >= 0)
ret = size;
+ add_taint(TAINT_CPU_OUT_OF_SPEC, LOCKDEP_STILL_OK);
+
return ret;
}
--
2.39.3

45
SOURCES/1021-x86-microcode-Remove-unnecessary-perf-callback.patch
View File

@ -1,45 +0,0 @@
From 88686baf053310a4bd81088bd733c8be8a68db49 Mon Sep 17 00:00:00 2001
From: Borislav Petkov <bp@suse.de>
Date: Wed, 25 May 2022 18:12:32 +0200
Subject: [PATCH 07/36] x86/microcode: Remove unnecessary perf callback
c93dc84cbe32 ("perf/x86: Add a microcode revision check for SNB-PEBS")
checks whether the microcode revision has fixed PEBS issues.
This can happen either:
1. At PEBS init time, where the early microcode has been loaded already
2. During late loading, in the microcode_check() callback.
So remove the unnecessary call in the microcode loader init routine.
Signed-off-by: Borislav Petkov <bp@suse.de>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Link: https://lore.kernel.org/r/20220525161232.14924-5-bp@alien8.de
(cherry picked from commit 0c0fe08c76485fe0178ebb0fa1a2052c727abe94)
Signed-off-by: Mridula Shastry <mridula.c.shastry@oracle.com>
Reviewed-by: Todd Vierling <todd.vierling@oracle.com>
---
arch/x86/kernel/cpu/microcode/core.c | 3 ---
1 file changed, 3 deletions(-)
diff --git a/arch/x86/kernel/cpu/microcode/core.c b/arch/x86/kernel/cpu/microcode/core.c
index a803b839b16e..44bac17304ac 100644
--- a/arch/x86/kernel/cpu/microcode/core.c
+++ b/arch/x86/kernel/cpu/microcode/core.c
@@ -776,10 +776,7 @@ int __init microcode_init(void)
get_online_cpus();
mutex_lock(&microcode_mutex);
-
error = subsys_interface_register(&mc_cpu_interface);
- if (!error)
- perf_check_microcode();
mutex_unlock(&microcode_mutex);
put_online_cpus();
--
2.39.3

49
SOURCES/1022-x86-microcode-Print-previous-version-of-microcode-af.patch
View File

@ -1,49 +0,0 @@
From bdaca71f1e3ffeea24c2a02d4eb21879d4dece96 Mon Sep 17 00:00:00 2001
From: Ashok Raj <ashok.raj@intel.com>
Date: Mon, 29 Aug 2022 18:10:30 +0000
Subject: [PATCH 08/36] x86/microcode: Print previous version of microcode
after reload
Print both old and new versions of microcode after a reload is complete
because knowing the previous microcode version is sometimes important
from a debugging perspective.
[ bp: Massage commit message. ]
Signed-off-by: Ashok Raj <ashok.raj@intel.com>
Signed-off-by: Borislav Petkov <bp@suse.de>
Acked-by: Tony Luck <tony.luck@intel.com>
Link: https://lore.kernel.org/r/20220829181030.722891-1-ashok.raj@intel.com
(cherry picked from commit 7fce8d6eccbc31a561d07c79f359ad09f0424347)
Signed-off-by: Mridula Shastry <mridula.c.shastry@oracle.com>
Reviewed-by: Todd Vierling <todd.vierling@oracle.com>
---
arch/x86/kernel/cpu/microcode/core.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/arch/x86/kernel/cpu/microcode/core.c b/arch/x86/kernel/cpu/microcode/core.c
index 44bac17304ac..6affa814699d 100644
--- a/arch/x86/kernel/cpu/microcode/core.c
+++ b/arch/x86/kernel/cpu/microcode/core.c
@@ -511,7 +511,7 @@ wait_for_siblings:
*/
static int microcode_reload_late(void)
{
- int ret;
+ int old = boot_cpu_data.microcode, ret;
pr_err("Attempting late microcode loading - it is dangerous and taints the kernel.\n");
pr_err("You should switch to early loading, if possible.\n");
@@ -523,7 +523,8 @@ static int microcode_reload_late(void)
if (ret > 0)
microcode_check();
- pr_info("Reload completed, microcode revision: 0x%x\n", boot_cpu_data.microcode);
+ pr_info("Reload completed, microcode revision: 0x%x -> 0x%x\n",
+ old, boot_cpu_data.microcode);
return ret;
}
--
2.39.3

179
SOURCES/1023-x86-microcode-Rip-out-the-subsys-interface-gunk.patch
View File

@ -1,179 +0,0 @@
From 15a76d02ad4df4dbe37ed5bda874deeba2659843 Mon Sep 17 00:00:00 2001
From: Borislav Petkov <bp@suse.de>
Date: Wed, 19 Oct 2022 18:13:06 +0200
Subject: [PATCH 09/36] x86/microcode: Rip out the subsys interface gunk
This is a left-over from the old days when CPU hotplug wasn't as robust
as it is now. Currently, microcode gets loaded early on the CPU init
path and there's no need to attempt to load it again, which that subsys
interface callback is doing.
The only other thing that the subsys interface init path was doing is
adding the
/sys/devices/system/cpu/cpu*/microcode/
hierarchy.
So add a function which gets called on each CPU after all the necessary
driver setup has happened. Use schedule_on_each_cpu() which can block
because the sysfs creating code does kmem_cache_zalloc() which can block
too and the initial version of this where it did that setup in an IPI
handler of on_each_cpu() can cause a deadlock of the sort:
lock(fs_reclaim);
<Interrupt>
lock(fs_reclaim);
as the IPI handler runs in IRQ context.
Signed-off-by: Borislav Petkov <bp@suse.de>
Reviewed-by: Ashok Raj <ashok.raj@intel.com>
Link: https://lore.kernel.org/r/20221028142638.28498-2-bp@alien8.de
(cherry picked from commit b6f86689d5b740f2cc3ac3a1032c7374b24381cc)
Signed-off-by: Mridula Shastry <mridula.c.shastry@oracle.com>
Reviewed-by: Todd Vierling <todd.vierling@oracle.com>
---
arch/x86/kernel/cpu/microcode/core.c | 82 +++++++---------------------
1 file changed, 21 insertions(+), 61 deletions(-)
diff --git a/arch/x86/kernel/cpu/microcode/core.c b/arch/x86/kernel/cpu/microcode/core.c
index 6affa814699d..8a7fc5d8db6e 100644
--- a/arch/x86/kernel/cpu/microcode/core.c
+++ b/arch/x86/kernel/cpu/microcode/core.c
@@ -621,8 +621,8 @@ static enum ucode_state microcode_resume_cpu(int cpu)
static enum ucode_state microcode_init_cpu(int cpu, bool refresh_fw)
{
- enum ucode_state ustate;
struct ucode_cpu_info *uci = ucode_cpu_info + cpu;
+ enum ucode_state ustate;
if (uci->valid)
return UCODE_OK;
@@ -656,44 +656,6 @@ static enum ucode_state microcode_update_cpu(int cpu)
return microcode_init_cpu(cpu, false);
}
-static int mc_device_add(struct device *dev, struct subsys_interface *sif)
-{
- int err, cpu = dev->id;
-
- if (!cpu_online(cpu))
- return 0;
-
- pr_debug("CPU%d added\n", cpu);
-
- err = sysfs_create_group(&dev->kobj, &mc_attr_group);
- if (err)
- return err;
-
- if (microcode_init_cpu(cpu, true) == UCODE_ERROR)
- return -EINVAL;
-
- return err;
-}
-
-static void mc_device_remove(struct device *dev, struct subsys_interface *sif)
-{
- int cpu = dev->id;
-
- if (!cpu_online(cpu))
- return;
-
- pr_debug("CPU%d removed\n", cpu);
- microcode_fini_cpu(cpu);
- sysfs_remove_group(&dev->kobj, &mc_attr_group);
-}
-
-static struct subsys_interface mc_cpu_interface = {
- .name = "microcode",
- .subsys = &cpu_subsys,
- .add_dev = mc_device_add,
- .remove_dev = mc_device_remove,
-};
-
/**
* microcode_bsp_resume - Update boot CPU microcode during resume.
*/
@@ -733,6 +695,9 @@ static int mc_cpu_down_prep(unsigned int cpu)
struct device *dev;
dev = get_cpu_device(cpu);
+
+ microcode_fini_cpu(cpu);
+
/* Suspend is in progress, only remove the interface */
sysfs_remove_group(&dev->kobj, &mc_attr_group);
pr_debug("CPU%d removed\n", cpu);
@@ -740,6 +705,18 @@ static int mc_cpu_down_prep(unsigned int cpu)
return 0;
}
+static void setup_online_cpu(struct work_struct *work)
+{
+ int cpu = smp_processor_id();
+ struct ucode_cpu_info *uci = ucode_cpu_info + cpu;
+
+ memset(uci, 0, sizeof(*uci));
+
+ microcode_ops->collect_cpu_info(cpu, &uci->cpu_sig);
+
+ mc_cpu_online(cpu);
+}
+
static struct attribute *cpu_root_microcode_attrs[] = {
#ifdef CONFIG_MICROCODE_LATE_LOADING
&dev_attr_reload.attr,
@@ -771,27 +748,19 @@ int __init microcode_init(void)
return -ENODEV;
microcode_pdev = platform_device_register_simple("microcode", -1,
- NULL, 0);
- if (IS_ERR(microcode_pdev))
- return PTR_ERR(microcode_pdev);
-
- get_online_cpus();
- mutex_lock(&microcode_mutex);
- error = subsys_interface_register(&mc_cpu_interface);
- mutex_unlock(&microcode_mutex);
- put_online_cpus();
-
- if (error)
- goto out_pdev;
+ NULL, 0);
error = sysfs_create_group(&cpu_subsys.dev_root->kobj,
&cpu_root_microcode_group);
if (error) {
pr_err("Error creating microcode group!\n");
- goto out_driver;
+ goto out_pdev;
}
+ /* Do per-CPU setup */
+ schedule_on_each_cpu(setup_online_cpu);
+
register_syscore_ops(&mc_syscore_ops);
cpuhp_setup_state_nocalls(CPUHP_AP_MICROCODE_LOADER, "x86/microcode:starting",
mc_cpu_starting, NULL);
@@ -802,15 +771,6 @@ int __init microcode_init(void)
return 0;
- out_driver:
- get_online_cpus();
- mutex_lock(&microcode_mutex);
-
- subsys_interface_unregister(&mc_cpu_interface);
-
- mutex_unlock(&microcode_mutex);
- put_online_cpus();
-
out_pdev:
platform_device_unregister(microcode_pdev);
return error;
--
2.39.3

212
SOURCES/1024-x86-microcode-Simplify-init-path-even-more.patch
View File

@ -1,212 +0,0 @@
From 1a37aa866d76aaab6901bb331ea1be202ccad636 Mon Sep 17 00:00:00 2001
From: Borislav Petkov <bp@suse.de>
Date: Wed, 19 Oct 2022 19:07:30 +0200
Subject: [PATCH 10/36] x86/microcode: Simplify init path even more
Get rid of all the IPI-sending functions and their wrappers and use
those which are supposed to be called on each CPU.
Thus:
- microcode_init_cpu() gets called on each CPU on init, applying any new
microcode that the driver might've found on the filesystem.
- mc_cpu_starting() simply tries to apply cached microcode as this is
the cpuhp starting callback which gets called on CPU resume too.
Even if the driver init function is a late initcall, there is no
filesystem by then (not even a hdd driver has been loaded yet) so a new
firmware load attempt cannot simply be done.
It is pointless anyway - for that there's late loading if one really
needs it.
Signed-off-by: Borislav Petkov <bp@suse.de>
Reviewed-by: Ashok Raj <ashok.raj@intel.com>
Link: https://lore.kernel.org/r/20221028142638.28498-3-bp@alien8.de
(cherry picked from commit 2071c0aeda228107bf1b9e870b6187c90fbeef1d)
Signed-off-by: Mridula Shastry <mridula.c.shastry@oracle.com>
Reviewed-by: Todd Vierling <todd.vierling@oracle.com>
---
arch/x86/kernel/cpu/microcode/core.c | 120 ++++-----------------------
1 file changed, 16 insertions(+), 104 deletions(-)
diff --git a/arch/x86/kernel/cpu/microcode/core.c b/arch/x86/kernel/cpu/microcode/core.c
index 8a7fc5d8db6e..50321a43da01 100644
--- a/arch/x86/kernel/cpu/microcode/core.c
+++ b/arch/x86/kernel/cpu/microcode/core.c
@@ -338,60 +338,6 @@ void reload_early_microcode(void)
}
}
-static void collect_cpu_info_local(void *arg)
-{
- struct cpu_info_ctx *ctx = arg;
-
- ctx->err = microcode_ops->collect_cpu_info(smp_processor_id(),
- ctx->cpu_sig);
-}
-
-static int collect_cpu_info_on_target(int cpu, struct cpu_signature *cpu_sig)
-{
- struct cpu_info_ctx ctx = { .cpu_sig = cpu_sig, .err = 0 };
- int ret;
-
- ret = smp_call_function_single(cpu, collect_cpu_info_local, &ctx, 1);
- if (!ret)
- ret = ctx.err;
-
- return ret;
-}
-
-static int collect_cpu_info(int cpu)
-{
- struct ucode_cpu_info *uci = ucode_cpu_info + cpu;
- int ret;
-
- memset(uci, 0, sizeof(*uci));
-
- ret = collect_cpu_info_on_target(cpu, &uci->cpu_sig);
- if (!ret)
- uci->valid = 1;
-
- return ret;
-}
-
-static void apply_microcode_local(void *arg)
-{
- enum ucode_state *err = arg;
-
- *err = microcode_ops->apply_microcode(smp_processor_id());
-}
-
-static int apply_microcode_on_target(int cpu)
-{
- enum ucode_state err;
- int ret;
-
- ret = smp_call_function_single(cpu, apply_microcode_local, &err, 1);
- if (!ret) {
- if (err == UCODE_ERROR)
- ret = 1;
- }
- return ret;
-}
-
/* fake device for request_firmware */
static struct platform_device *microcode_pdev;
@@ -478,7 +424,7 @@ static int __reload_late(void *info)
* below.
*/
if (cpumask_first(topology_sibling_cpumask(cpu)) == cpu)
- apply_microcode_local(&err);
+ err = microcode_ops->apply_microcode(cpu);
else
goto wait_for_siblings;
@@ -500,7 +446,7 @@ wait_for_siblings:
* revision.
*/
if (cpumask_first(topology_sibling_cpumask(cpu)) != cpu)
- apply_microcode_local(&err);
+ err = microcode_ops->apply_microcode(cpu);
return ret;
}
@@ -609,51 +555,15 @@ static void microcode_fini_cpu(int cpu)
microcode_ops->microcode_fini_cpu(cpu);
}
-static enum ucode_state microcode_resume_cpu(int cpu)
-{
- if (apply_microcode_on_target(cpu))
- return UCODE_ERROR;
-
- pr_debug("CPU%d updated upon resume\n", cpu);
-
- return UCODE_OK;
-}
-
-static enum ucode_state microcode_init_cpu(int cpu, bool refresh_fw)
-{
- struct ucode_cpu_info *uci = ucode_cpu_info + cpu;
- enum ucode_state ustate;
-
- if (uci->valid)
- return UCODE_OK;
-
- if (collect_cpu_info(cpu))
- return UCODE_ERROR;
-
- /* --dimm. Trigger a delayed update? */
- if (system_state != SYSTEM_RUNNING)
- return UCODE_NFOUND;
-
- ustate = microcode_ops->request_microcode_fw(cpu, &microcode_pdev->dev, refresh_fw);
- if (ustate == UCODE_NEW) {
- pr_debug("CPU%d updated upon init\n", cpu);
- apply_microcode_on_target(cpu);
- }
-
- return ustate;
-}
-
-static enum ucode_state microcode_update_cpu(int cpu)
+static enum ucode_state microcode_init_cpu(int cpu)
{
struct ucode_cpu_info *uci = ucode_cpu_info + cpu;
- /* Refresh CPU microcode revision after resume. */
- collect_cpu_info(cpu);
+ memset(uci, 0, sizeof(*uci));
- if (uci->valid)
- return microcode_resume_cpu(cpu);
+ microcode_ops->collect_cpu_info(cpu, &uci->cpu_sig);
- return microcode_init_cpu(cpu, false);
+ return microcode_ops->apply_microcode(cpu);
}
/**
@@ -671,14 +581,14 @@ void microcode_bsp_resume(void)
}
static struct syscore_ops mc_syscore_ops = {
- .resume = microcode_bsp_resume,
+ .resume = microcode_bsp_resume,
};
static int mc_cpu_starting(unsigned int cpu)
{
- microcode_update_cpu(cpu);
- pr_debug("CPU%d added\n", cpu);
- return 0;
+ enum ucode_state err = microcode_ops->apply_microcode(cpu);
+
+ return err == UCODE_ERROR;
}
static int mc_cpu_online(unsigned int cpu)
@@ -708,11 +618,13 @@ static int mc_cpu_down_prep(unsigned int cpu)
static void setup_online_cpu(struct work_struct *work)
{
int cpu = smp_processor_id();
- struct ucode_cpu_info *uci = ucode_cpu_info + cpu;
-
- memset(uci, 0, sizeof(*uci));
+ enum ucode_state err;
- microcode_ops->collect_cpu_info(cpu, &uci->cpu_sig);
+ err = microcode_init_cpu(cpu);
+ if (err == UCODE_ERROR) {
+ pr_err("Error applying microcode on CPU%d\n", cpu);
+ return;
+ }
mc_cpu_online(cpu);
}
--
2.39.3

88
SOURCES/1025-x86-microcode-AMD-Rename-a-couple-of-functions.patch
View File

@ -1,88 +0,0 @@
From a385d6a4761819826f5fb234415f4f1ad43fc141 Mon Sep 17 00:00:00 2001
From: Borislav Petkov <bp@suse.de>
Date: Mon, 19 Dec 2022 22:06:55 +0100
Subject: [PATCH 11/36] x86/microcode/AMD: Rename a couple of functions
- Rename apply_microcode_early_amd() to early_apply_microcode():
simplify the name so that it is clear what it does and when does it do
it.
- Rename __load_ucode_amd() to find_blobs_in_containers(): the new name
actually explains what it does.
Document some.
No functional changes.
Signed-off-by: Borislav Petkov <bp@suse.de>
Signed-off-by: Borislav Petkov (AMD) <bp@alien8.de>
Link: https://lore.kernel.org/r/20221219210656.5140-1-bp@alien8.de
(cherry picked from commit 61de9b7036f26448a1916291c456f62dd6bf07ea)
Signed-off-by: Mridula Shastry <mridula.c.shastry@oracle.com>
Reviewed-by: Todd Vierling <todd.vierling@oracle.com>
---
arch/x86/kernel/cpu/microcode/amd.c | 14 +++++++-------
1 file changed, 7 insertions(+), 7 deletions(-)
diff --git a/arch/x86/kernel/cpu/microcode/amd.c b/arch/x86/kernel/cpu/microcode/amd.c
index 750889d77b56..0b557d04be22 100644
--- a/arch/x86/kernel/cpu/microcode/amd.c
+++ b/arch/x86/kernel/cpu/microcode/amd.c
@@ -415,8 +415,7 @@ static int __apply_microcode_amd(struct microcode_amd *mc)
*
* Returns true if container found (sets @desc), false otherwise.
*/
-static bool
-apply_microcode_early_amd(u32 cpuid_1_eax, void *ucode, size_t size, bool save_patch)
+static bool early_apply_microcode(u32 cpuid_1_eax, void *ucode, size_t size, bool save_patch)
{
struct cont_desc desc = { 0 };
u8 (*patch)[PATCH_MAX_SIZE];
@@ -476,7 +475,7 @@ static bool get_builtin_microcode(struct cpio_data *cp, unsigned int family)
#endif
}
-static void __load_ucode_amd(unsigned int cpuid_1_eax, struct cpio_data *ret)
+static void find_blobs_in_containers(unsigned int cpuid_1_eax, struct cpio_data *ret)
{
struct ucode_cpu_info *uci;
struct cpio_data cp;
@@ -506,11 +505,11 @@ void __init load_ucode_amd_bsp(unsigned int cpuid_1_eax)
{
struct cpio_data cp = { };
- __load_ucode_amd(cpuid_1_eax, &cp);
+ find_blobs_in_containers(cpuid_1_eax, &cp);
if (!(cp.data && cp.size))
return;
- apply_microcode_early_amd(cpuid_1_eax, cp.data, cp.size, true);
+ early_apply_microcode(cpuid_1_eax, cp.data, cp.size, true);
}
void load_ucode_amd_ap(unsigned int cpuid_1_eax)
@@ -541,11 +540,11 @@ void load_ucode_amd_ap(unsigned int cpuid_1_eax)
}
}
- __load_ucode_amd(cpuid_1_eax, &cp);
+ find_blobs_in_containers(cpuid_1_eax, &cp);
if (!(cp.data && cp.size))
return;
- apply_microcode_early_amd(cpuid_1_eax, cp.data, cp.size, false);
+ early_apply_microcode(cpuid_1_eax, cp.data, cp.size, false);
}
static enum ucode_state
@@ -810,6 +809,7 @@ static int verify_and_add_patch(u8 family, u8 *fw, unsigned int leftover,
return 0;
}
+/* Scan the blob in @data and add microcode patches to the cache. */
static enum ucode_state __load_microcode_amd(u8 family, const u8 *data,
size_t size)
{
--
2.39.3

79
SOURCES/1026-x86-microcode-Fix-return-value-for-microcode-late-lo.patch
View File

@ -1,79 +0,0 @@
From f19ca27f91db6320d02ba1cd28751a217616e282 Mon Sep 17 00:00:00 2001
From: Mihai Carabas <mihai.carabas@oracle.com>
Date: Tue, 21 Apr 2020 22:28:38 +0300
Subject: [PATCH 12/36] x86/microcode: Fix return value for microcode late
loading
The return value from stop_machine() might not be consistent.
stop_machine_cpuslocked() returns:
- zero if all functions have returned 0.
- a non-zero value if at least one of the functions returned
a non-zero value.
There is no way to know if it is negative or positive. So make
__reload_late() return 0 on success or negative otherwise.
[ bp: Unify ret val check and touch up. ]
Signed-off-by: Mihai Carabas <mihai.carabas@oracle.com>
Signed-off-by: Borislav Petkov <bp@suse.de>
Link: https://lkml.kernel.org/r/1587497318-4438-1-git-send-email-mihai.carabas@oracle.com
(cherry picked from commit 9adbf3c609af92a57a73000a3cb8f4c2d307dfa3)
Signed-off-by: Mridula Shastry <mridula.c.shastry@oracle.com>
Reviewed-by: Todd Vierling <todd.vierling@oracle.com>
---
arch/x86/kernel/cpu/microcode/core.c | 15 +++++++--------
1 file changed, 7 insertions(+), 8 deletions(-)
diff --git a/arch/x86/kernel/cpu/microcode/core.c b/arch/x86/kernel/cpu/microcode/core.c
index 50321a43da01..36f78ceca5f2 100644
--- a/arch/x86/kernel/cpu/microcode/core.c
+++ b/arch/x86/kernel/cpu/microcode/core.c
@@ -400,8 +400,7 @@ static int __wait_for_cpus(atomic_t *t, long long timeout)
/*
* Returns:
* < 0 - on error
- * 0 - no update done
- * 1 - microcode was updated
+ * 0 - success (no update done or microcode was updated)
*/
static int __reload_late(void *info)
{
@@ -428,11 +427,11 @@ static int __reload_late(void *info)
else
goto wait_for_siblings;
- if (err > UCODE_NFOUND) {
- pr_warn("Error reloading microcode on CPU %d\n", cpu);
+ if (err >= UCODE_NFOUND) {
+ if (err == UCODE_ERROR)
+ pr_warn("Error reloading microcode on CPU %d\n", cpu);
+
ret = -1;
- } else if (err == UCODE_UPDATED || err == UCODE_OK) {
- ret = 1;
}
wait_for_siblings:
@@ -466,7 +465,7 @@ static int microcode_reload_late(void)
atomic_set(&late_cpus_out, 0);
ret = stop_machine_cpuslocked(__reload_late, NULL, cpu_online_mask);
- if (ret > 0)
+ if (ret == 0)
microcode_check();
pr_info("Reload completed, microcode revision: 0x%x -> 0x%x\n",
@@ -508,7 +507,7 @@ static ssize_t reload_store(struct device *dev,
put:
put_online_cpus();
- if (ret >= 0)
+ if (ret == 0)
ret = size;
add_taint(TAINT_CPU_OUT_OF_SPEC, LOCKDEP_STILL_OK);
--
2.39.3

110
SOURCES/1027-x86-microcode-Add-a-parameter-to-microcode_check-to-.patch
View File

@ -1,110 +0,0 @@
From e298b1596a0ace2d3b272747a645856f6eb61128 Mon Sep 17 00:00:00 2001
From: Ashok Raj <ashok.raj@intel.com>
Date: Mon, 9 Jan 2023 07:35:50 -0800
Subject: [PATCH 13/36] x86/microcode: Add a parameter to microcode_check() to
store CPU capabilities
Add a parameter to store CPU capabilities before performing a microcode
update so that CPU capabilities can be compared before and after update.
[ bp: Massage. ]
Signed-off-by: Ashok Raj <ashok.raj@intel.com>
Signed-off-by: Borislav Petkov (AMD) <bp@alien8.de>
Link: https://lore.kernel.org/r/20230109153555.4986-2-ashok.raj@intel.com
(cherry picked from commit ab31c74455c64e69342ddab21fd9426fcbfefde7)
CVE: CVE-2023-20593
Signed-off-by: Mridula Shastry <mridula.c.shastry@oracle.com>
Reviewed-by: Todd Vierling <todd.vierling@oracle.com>
---
arch/x86/include/asm/processor.h | 2 +-
arch/x86/kernel/cpu/common.c | 21 +++++++++++++--------
arch/x86/kernel/cpu/microcode/core.c | 3 ++-
3 files changed, 16 insertions(+), 10 deletions(-)
diff --git a/arch/x86/include/asm/processor.h b/arch/x86/include/asm/processor.h
index 605740dfd017..9968d456d7e8 100644
--- a/arch/x86/include/asm/processor.h
+++ b/arch/x86/include/asm/processor.h
@@ -919,7 +919,7 @@ bool xen_set_default_idle(void);
void stop_this_cpu(void *dummy);
void df_debug(struct pt_regs *regs, long error_code);
-void microcode_check(void);
+void microcode_check(struct cpuinfo_x86 *prev_info);
enum l1tf_mitigations {
L1TF_MITIGATION_OFF,
diff --git a/arch/x86/kernel/cpu/common.c b/arch/x86/kernel/cpu/common.c
index 7be057c7531c..437fe55acce8 100644
--- a/arch/x86/kernel/cpu/common.c
+++ b/arch/x86/kernel/cpu/common.c
@@ -2146,30 +2146,35 @@ void cpu_init_secondary(void)
#endif
#ifdef CONFIG_MICROCODE_LATE_LOADING
-/*
+/**
+ * microcode_check() - Check if any CPU capabilities changed after an update.
+ * @prev_info: CPU capabilities stored before an update.
+ *
* The microcode loader calls this upon late microcode load to recheck features,
* only when microcode has been updated. Caller holds microcode_mutex and CPU
* hotplug lock.
+ *
+ * Return: None
*/
-void microcode_check(void)
+void microcode_check(struct cpuinfo_x86 *prev_info)
{
- struct cpuinfo_x86 info;
-
perf_check_microcode();
/* Reload CPUID max function as it might've changed. */
- info.cpuid_level = cpuid_eax(0);
+ prev_info->cpuid_level = cpuid_eax(0);
/*
* Copy all capability leafs to pick up the synthetic ones so that
* memcmp() below doesn't fail on that. The ones coming from CPUID will
* get overwritten in get_cpu_cap().
*/
- memcpy(&info.x86_capability, &boot_cpu_data.x86_capability, sizeof(info.x86_capability));
+ memcpy(&prev_info->x86_capability, &boot_cpu_data.x86_capability,
+ sizeof(prev_info->x86_capability));
- get_cpu_cap(&info);
+ get_cpu_cap(prev_info);
- if (!memcmp(&info.x86_capability, &boot_cpu_data.x86_capability, sizeof(info.x86_capability)))
+ if (!memcmp(&prev_info->x86_capability, &boot_cpu_data.x86_capability,
+ sizeof(prev_info->x86_capability)))
return;
pr_warn("x86/CPU: CPU features have changed after loading microcode, but might not take effect.\n");
diff --git a/arch/x86/kernel/cpu/microcode/core.c b/arch/x86/kernel/cpu/microcode/core.c
index 36f78ceca5f2..41a90074df21 100644
--- a/arch/x86/kernel/cpu/microcode/core.c
+++ b/arch/x86/kernel/cpu/microcode/core.c
@@ -457,6 +457,7 @@ wait_for_siblings:
static int microcode_reload_late(void)
{
int old = boot_cpu_data.microcode, ret;
+ struct cpuinfo_x86 prev_info;
pr_err("Attempting late microcode loading - it is dangerous and taints the kernel.\n");
pr_err("You should switch to early loading, if possible.\n");
@@ -466,7 +467,7 @@ static int microcode_reload_late(void)
ret = stop_machine_cpuslocked(__reload_late, NULL, cpu_online_mask);
if (ret == 0)
- microcode_check();
+ microcode_check(&prev_info);
pr_info("Reload completed, microcode revision: 0x%x -> 0x%x\n",
old, boot_cpu_data.microcode);
--
2.39.3

135
SOURCES/1028-x86-microcode-Check-CPU-capabilities-after-late-micr.patch
View File

@ -1,135 +0,0 @@
From a8cd7508b4dfd8cedd394da8cdb0253f18bdb1a8 Mon Sep 17 00:00:00 2001
From: Ashok Raj <ashok.raj@intel.com>
Date: Mon, 9 Jan 2023 07:35:51 -0800
Subject: [PATCH 14/36] x86/microcode: Check CPU capabilities after late
microcode update correctly
The kernel caches each CPU's feature bits at boot in an x86_capability[]
structure. However, the capabilities in the BSP's copy can be turned off
as a result of certain command line parameters or configuration
restrictions, for example the SGX bit. This can cause a mismatch when
comparing the values before and after the microcode update.
microcode_check() is called after an update to report any previously
cached CPUID bits which might have changed due to the update.
Therefore, store the cached CPU caps before the update and compare them
with the CPU caps after the microcode update has succeeded.
Thus, the comparison is done between the CPUID *hardware* bits before
and after the upgrade instead of using the cached, possibly runtime
modified values in BSP's boot_cpu_data copy.
As a result, false warnings about CPUID bits changes are avoided.
[ bp:
- Massage.
- Add SRBDS_CTRL example.
- Add kernel-doc.
- Incorporate forgotten review feedback from dhansen.
]
Fixes: 1008c52c09dc ("x86/CPU: Add a microcode loader callback")
Signed-off-by: Ashok Raj <ashok.raj@intel.com>
Signed-off-by: Borislav Petkov (AMD) <bp@alien8.de>
Link: https://lore.kernel.org/r/20230109153555.4986-3-ashok.raj@intel.com
(cherry picked from commit c0dd9245aa9e25a697181f6085692272c9ec61bc)
CVE: CVE-2023-20593
Signed-off-by: Mridula Shastry <mridula.c.shastry@oracle.com>
Reviewed-by: Todd Vierling <todd.vierling@oracle.com>
---
arch/x86/include/asm/processor.h | 1 +
arch/x86/kernel/cpu/common.c | 36 ++++++++++++++++++----------
arch/x86/kernel/cpu/microcode/core.c | 6 +++++
3 files changed, 30 insertions(+), 13 deletions(-)
diff --git a/arch/x86/include/asm/processor.h b/arch/x86/include/asm/processor.h
index 9968d456d7e8..820104bdee1f 100644
--- a/arch/x86/include/asm/processor.h
+++ b/arch/x86/include/asm/processor.h
@@ -920,6 +920,7 @@ bool xen_set_default_idle(void);
void stop_this_cpu(void *dummy);
void df_debug(struct pt_regs *regs, long error_code);
void microcode_check(struct cpuinfo_x86 *prev_info);
+void store_cpu_caps(struct cpuinfo_x86 *info);
enum l1tf_mitigations {
L1TF_MITIGATION_OFF,
diff --git a/arch/x86/kernel/cpu/common.c b/arch/x86/kernel/cpu/common.c
index 437fe55acce8..22763a691b7b 100644
--- a/arch/x86/kernel/cpu/common.c
+++ b/arch/x86/kernel/cpu/common.c
@@ -2146,6 +2146,25 @@ void cpu_init_secondary(void)
#endif
#ifdef CONFIG_MICROCODE_LATE_LOADING
+/**
+ * store_cpu_caps() - Store a snapshot of CPU capabilities
+ * @curr_info: Pointer where to store it
+ *
+ * Returns: None
+ */
+void store_cpu_caps(struct cpuinfo_x86 *curr_info)
+{
+ /* Reload CPUID max function as it might've changed. */
+ curr_info->cpuid_level = cpuid_eax(0);
+
+ /* Copy all capability leafs and pick up the synthetic ones. */
+ memcpy(&curr_info->x86_capability, &boot_cpu_data.x86_capability,
+ sizeof(curr_info->x86_capability));
+
+ /* Get the hardware CPUID leafs */
+ get_cpu_cap(curr_info);
+}
+
/**
* microcode_check() - Check if any CPU capabilities changed after an update.
* @prev_info: CPU capabilities stored before an update.
@@ -2158,22 +2177,13 @@ void cpu_init_secondary(void)
*/
void microcode_check(struct cpuinfo_x86 *prev_info)
{
- perf_check_microcode();
-
- /* Reload CPUID max function as it might've changed. */
- prev_info->cpuid_level = cpuid_eax(0);
+ struct cpuinfo_x86 curr_info;
- /*
- * Copy all capability leafs to pick up the synthetic ones so that
- * memcmp() below doesn't fail on that. The ones coming from CPUID will
- * get overwritten in get_cpu_cap().
- */
- memcpy(&prev_info->x86_capability, &boot_cpu_data.x86_capability,
- sizeof(prev_info->x86_capability));
+ perf_check_microcode();
- get_cpu_cap(prev_info);
+ store_cpu_caps(&curr_info);
- if (!memcmp(&prev_info->x86_capability, &boot_cpu_data.x86_capability,
+ if (!memcmp(&prev_info->x86_capability, &curr_info.x86_capability,
sizeof(prev_info->x86_capability)))
return;
diff --git a/arch/x86/kernel/cpu/microcode/core.c b/arch/x86/kernel/cpu/microcode/core.c
index 41a90074df21..9df2c40a4ddf 100644
--- a/arch/x86/kernel/cpu/microcode/core.c
+++ b/arch/x86/kernel/cpu/microcode/core.c
@@ -465,6 +465,12 @@ static int microcode_reload_late(void)
atomic_set(&late_cpus_in, 0);
atomic_set(&late_cpus_out, 0);
+ /*
+ * Take a snapshot before the microcode update in order to compare and
+ * check whether any bits changed after an update.
+ */
+ store_cpu_caps(&prev_info);
+
ret = stop_machine_cpuslocked(__reload_late, NULL, cpu_online_mask);
if (ret == 0)
microcode_check(&prev_info);
--
2.39.3

54
SOURCES/1029-x86-microcode-Adjust-late-loading-result-reporting-m.patch
View File

@ -1,54 +0,0 @@
From 527c5ac4a29d4b854b10586ea877c65174cbd40d Mon Sep 17 00:00:00 2001
From: Ashok Raj <ashok.raj@intel.com>
Date: Mon, 9 Jan 2023 07:35:52 -0800
Subject: [PATCH 15/36] x86/microcode: Adjust late loading result reporting
message
During late microcode loading, the "Reload completed" message is issued
unconditionally, regardless of success or failure.
Adjust the message to report the result of the update.
[ bp: Massage. ]
Fixes: 9bd681251b7c ("x86/microcode: Announce reload operation's completion")
Suggested-by: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: Ashok Raj <ashok.raj@intel.com>
Signed-off-by: Borislav Petkov (AMD) <bp@alien8.de>
Reviewed-by: Tony Luck <tony.luck@intel.com>
Link: https://lore.kernel.org/lkml/874judpqqd.ffs@tglx/
(cherry picked from commit 6eab3abac7043226e5375e9ead0c7607ced6767b)
CVE: CVE-2023-20593
Signed-off-by: Mridula Shastry <mridula.c.shastry@oracle.com>
Reviewed-by: Todd Vierling <todd.vierling@oracle.com>
---
arch/x86/kernel/cpu/microcode/core.c | 11 +++++++----
1 file changed, 7 insertions(+), 4 deletions(-)
diff --git a/arch/x86/kernel/cpu/microcode/core.c b/arch/x86/kernel/cpu/microcode/core.c
index 9df2c40a4ddf..fb383088bede 100644
--- a/arch/x86/kernel/cpu/microcode/core.c
+++ b/arch/x86/kernel/cpu/microcode/core.c
@@ -472,11 +472,14 @@ static int microcode_reload_late(void)
store_cpu_caps(&prev_info);
ret = stop_machine_cpuslocked(__reload_late, NULL, cpu_online_mask);
- if (ret == 0)
+ if (!ret) {
+ pr_info("Reload succeeded, microcode revision: 0x%x -> 0x%x\n",
+ old, boot_cpu_data.microcode);
microcode_check(&prev_info);
-
- pr_info("Reload completed, microcode revision: 0x%x -> 0x%x\n",
- old, boot_cpu_data.microcode);
+ } else {
+ pr_info("Reload failed, current microcode revision: 0x%x\n",
+ boot_cpu_data.microcode);
+ }
return ret;
}
--
2.39.3

148
SOURCES/1030-x86-amd-Cache-debug-register-values-in-percpu-variab.patch
View File

@ -1,148 +0,0 @@
From e167d6613aef8356261f97e2b50489142f8e1406 Mon Sep 17 00:00:00 2001
From: Alexey Kardashevskiy <aik@amd.com>
Date: Fri, 20 Jan 2023 14:10:45 +1100
Subject: [PATCH 16/36] x86/amd: Cache debug register values in percpu
variables
Reading DR[0-3]_ADDR_MASK MSRs takes about 250 cycles which is going to
be noticeable with the AMD KVM SEV-ES DebugSwap feature enabled. KVM is
going to store host's DR[0-3] and DR[0-3]_ADDR_MASK before switching to
a guest; the hardware is going to swap these on VMRUN and VMEXIT.
Store MSR values passed to set_dr_addr_mask() in percpu variables
(when changed) and return them via new amd_get_dr_addr_mask().
The gain here is about 10x.
As set_dr_addr_mask() uses the array too, change the @dr type to
unsigned to avoid checking for <0. And give it the amd_ prefix to match
the new helper as the whole DR_ADDR_MASK feature is AMD-specific anyway.
While at it, replace deprecated boot_cpu_has() with cpu_feature_enabled()
in set_dr_addr_mask().
Signed-off-by: Alexey Kardashevskiy <aik@amd.com>
Signed-off-by: Borislav Petkov (AMD) <bp@alien8.de>
Link: https://lore.kernel.org/r/20230120031047.628097-2-aik@amd.com
(cherry picked from commit 7914695743d598b189d549f2f57af24aa5633705)
The conflict is due to patch 84b6a34 which is not present
in this repo. This is an optimization/not a bug fix. Hence
not porting it.
CVE: CVE-2023-20593
Signed-off-by: Mridula Shastry <mridula.c.shastry@oracle.com>
Reviewed-by: Todd Vierling <todd.vierling@oracle.com>
---
arch/x86/include/asm/debugreg.h | 9 +++++--
arch/x86/kernel/cpu/amd.c | 47 +++++++++++++++++++++++----------
arch/x86/kernel/hw_breakpoint.c | 4 +--
3 files changed, 42 insertions(+), 18 deletions(-)
diff --git a/arch/x86/include/asm/debugreg.h b/arch/x86/include/asm/debugreg.h
index 1c964123f2dd..ccf6639c8df9 100644
--- a/arch/x86/include/asm/debugreg.h
+++ b/arch/x86/include/asm/debugreg.h
@@ -144,9 +144,14 @@ static __always_inline void local_db_restore(unsigned long dr7)
}
#ifdef CONFIG_CPU_SUP_AMD
-extern void set_dr_addr_mask(unsigned long mask, int dr);
+extern void amd_set_dr_addr_mask(unsigned long mask, unsigned int dr);
+extern unsigned long amd_get_dr_addr_mask(unsigned int dr);
#else
-static inline void set_dr_addr_mask(unsigned long mask, int dr) { }
+static inline void amd_set_dr_addr_mask(unsigned long mask, unsigned int dr) { }
+static inline unsigned long amd_get_dr_addr_mask(unsigned int dr)
+{
+ return 0;
+}
#endif
#endif /* _ASM_X86_DEBUGREG_H */
diff --git a/arch/x86/kernel/cpu/amd.c b/arch/x86/kernel/cpu/amd.c
index efa49b3f87b9..6eb7923f5f08 100644
--- a/arch/x86/kernel/cpu/amd.c
+++ b/arch/x86/kernel/cpu/amd.c
@@ -1146,24 +1146,43 @@ static bool cpu_has_amd_erratum(struct cpuinfo_x86 *cpu, const int *erratum)
return false;
}
-void set_dr_addr_mask(unsigned long mask, int dr)
+static DEFINE_PER_CPU_READ_MOSTLY(unsigned long[4], amd_dr_addr_mask);
+
+static unsigned int amd_msr_dr_addr_masks[] = {
+ MSR_F16H_DR0_ADDR_MASK,
+ MSR_F16H_DR1_ADDR_MASK,
+ MSR_F16H_DR1_ADDR_MASK + 1,
+ MSR_F16H_DR1_ADDR_MASK + 2
+};
+
+void amd_set_dr_addr_mask(unsigned long mask, unsigned int dr)
{
- if (!boot_cpu_has(X86_FEATURE_BPEXT))
+ int cpu = smp_processor_id();
+
+ if (!cpu_feature_enabled(X86_FEATURE_BPEXT))
return;
- switch (dr) {
- case 0:
- wrmsr(MSR_F16H_DR0_ADDR_MASK, mask, 0);
- break;
- case 1:
- case 2:
- case 3:
- wrmsr(MSR_F16H_DR1_ADDR_MASK - 1 + dr, mask, 0);
- break;
- default:
- break;
- }
+ if (WARN_ON_ONCE(dr >= ARRAY_SIZE(amd_msr_dr_addr_masks)))
+ return;
+
+ if (per_cpu(amd_dr_addr_mask, cpu)[dr] == mask)
+ return;
+
+ wrmsr(amd_msr_dr_addr_masks[dr], mask, 0);
+ per_cpu(amd_dr_addr_mask, cpu)[dr] = mask;
+}
+
+unsigned long amd_get_dr_addr_mask(unsigned int dr)
+{
+ if (!cpu_feature_enabled(X86_FEATURE_BPEXT))
+ return 0;
+
+ if (WARN_ON_ONCE(dr >= ARRAY_SIZE(amd_msr_dr_addr_masks)))
+ return 0;
+
+ return per_cpu(amd_dr_addr_mask[dr], smp_processor_id());
}
+EXPORT_SYMBOL_GPL(amd_get_dr_addr_mask);
u32 amd_get_highest_perf(void)
{
diff --git a/arch/x86/kernel/hw_breakpoint.c b/arch/x86/kernel/hw_breakpoint.c
index 3871950432d6..d38d4648512d 100644
--- a/arch/x86/kernel/hw_breakpoint.c
+++ b/arch/x86/kernel/hw_breakpoint.c
@@ -129,7 +129,7 @@ int arch_install_hw_breakpoint(struct perf_event *bp)
set_debugreg(*dr7, 7);
if (info->mask)
- set_dr_addr_mask(info->mask, i);
+ amd_set_dr_addr_mask(info->mask, i);
return 0;
}
@@ -166,7 +166,7 @@ void arch_uninstall_hw_breakpoint(struct perf_event *bp)
set_debugreg(*dr7, 7);
if (info->mask)
- set_dr_addr_mask(0, i);
+ amd_set_dr_addr_mask(0, i);
}
static int arch_bp_generic_len(int x86_len)
--
2.39.3

94
SOURCES/1031-x86-microcode-Remove-request_microcode_user.patch
View File

@ -1,94 +0,0 @@
From a53f36400559990c1a3716f11ecb46c03cc7cde7 Mon Sep 17 00:00:00 2001
From: Borislav Petkov <bp@suse.de>
Date: Thu, 25 Aug 2022 09:51:57 +0200
Subject: [PATCH 17/36] x86/microcode: Remove ->request_microcode_user()
181b6f40e9ea ("x86/microcode: Rip out the OLD_INTERFACE")
removed the old microcode loading interface but forgot to remove the
related ->request_microcode_user() functionality which it uses.
Rip it out now too.
Signed-off-by: Borislav Petkov <bp@suse.de>
Link: https://lore.kernel.org/r/20220825075445.28171-1-bp@alien8.de
(cherry picked from commit 8c61eafd22d7207039bff85c6e1d386f15abd17e)
Signed-off-by: Mridula Shastry <mridula.c.shastry@oracle.com>
Reviewed-by: Todd Vierling <todd.vierling@oracle.com>
---
arch/x86/include/asm/microcode.h | 3 ---
arch/x86/kernel/cpu/microcode/amd.c | 7 -------
arch/x86/kernel/cpu/microcode/intel.c | 17 -----------------
3 files changed, 27 deletions(-)
diff --git a/arch/x86/include/asm/microcode.h b/arch/x86/include/asm/microcode.h
index a930a63d1260..215ea340e7f9 100644
--- a/arch/x86/include/asm/microcode.h
+++ b/arch/x86/include/asm/microcode.h
@@ -32,9 +32,6 @@ enum ucode_state {
};
struct microcode_ops {
- enum ucode_state (*request_microcode_user) (int cpu,
- const void __user *buf, size_t size);
-
enum ucode_state (*request_microcode_fw) (int cpu, struct device *,
bool refresh_fw);
diff --git a/arch/x86/kernel/cpu/microcode/amd.c b/arch/x86/kernel/cpu/microcode/amd.c
index 0b557d04be22..9d15b7e5a13e 100644
--- a/arch/x86/kernel/cpu/microcode/amd.c
+++ b/arch/x86/kernel/cpu/microcode/amd.c
@@ -929,12 +929,6 @@ static enum ucode_state request_microcode_amd(int cpu, struct device *device,
return ret;
}
-static enum ucode_state
-request_microcode_user(int cpu, const void __user *buf, size_t size)
-{
- return UCODE_ERROR;
-}
-
static void microcode_fini_cpu_amd(int cpu)
{
struct ucode_cpu_info *uci = ucode_cpu_info + cpu;
@@ -943,7 +937,6 @@ static void microcode_fini_cpu_amd(int cpu)
}
static struct microcode_ops microcode_amd_ops = {
- .request_microcode_user = request_microcode_user,
.request_microcode_fw = request_microcode_amd,
.collect_cpu_info = collect_cpu_info_amd,
.apply_microcode = apply_microcode_amd,
diff --git a/arch/x86/kernel/cpu/microcode/intel.c b/arch/x86/kernel/cpu/microcode/intel.c
index 5f8223909db4..6fa667192bd9 100644
--- a/arch/x86/kernel/cpu/microcode/intel.c
+++ b/arch/x86/kernel/cpu/microcode/intel.c
@@ -952,24 +952,7 @@ static enum ucode_state request_microcode_fw(int cpu, struct device *device,
return ret;
}
-static enum ucode_state
-request_microcode_user(int cpu, const void __user *buf, size_t size)
-{
- struct iov_iter iter;
- struct iovec iov;
-
- if (is_blacklisted(cpu))
- return UCODE_NFOUND;
-
- iov.iov_base = (void __user *)buf;
- iov.iov_len = size;
- iov_iter_init(&iter, WRITE, &iov, 1, size);
-
- return generic_load_microcode(cpu, &iter);
-}
-
static struct microcode_ops microcode_intel_ops = {
- .request_microcode_user = request_microcode_user,
.request_microcode_fw = request_microcode_fw,
.collect_cpu_info = collect_cpu_info,
.apply_microcode = apply_microcode_intel,
--
2.39.3

88
SOURCES/1032-x86-microcode-Kill-refresh_fw.patch
View File

@ -1,88 +0,0 @@
From f93ce31159692d4be33e05f6a63361c7b9a29292 Mon Sep 17 00:00:00 2001
From: Borislav Petkov <bp@suse.de>
Date: Wed, 19 Oct 2022 19:16:20 +0200
Subject: [PATCH 18/36] x86/microcode: Kill refresh_fw
request_microcode_fw() can always request firmware now so drop this
superfluous argument.
Signed-off-by: Borislav Petkov <bp@suse.de>
Reviewed-by: Ashok Raj <ashok.raj@intel.com>
Link: https://lore.kernel.org/r/20221028142638.28498-4-bp@alien8.de
(cherry picked from commit a61ac80ae52ea349416472cd52005f9988537208)
Signed-off-by: Mridula Shastry <mridula.c.shastry@oracle.com>
Reviewed-by: Todd Vierling <todd.vierling@oracle.com>
---
arch/x86/include/asm/microcode.h | 3 +--
arch/x86/kernel/cpu/microcode/amd.c | 5 ++---
arch/x86/kernel/cpu/microcode/core.c | 2 +-
arch/x86/kernel/cpu/microcode/intel.c | 3 +--
4 files changed, 5 insertions(+), 8 deletions(-)
diff --git a/arch/x86/include/asm/microcode.h b/arch/x86/include/asm/microcode.h
index 215ea340e7f9..af1ba544c800 100644
--- a/arch/x86/include/asm/microcode.h
+++ b/arch/x86/include/asm/microcode.h
@@ -32,8 +32,7 @@ enum ucode_state {
};
struct microcode_ops {
- enum ucode_state (*request_microcode_fw) (int cpu, struct device *,
- bool refresh_fw);
+ enum ucode_state (*request_microcode_fw) (int cpu, struct device *);
void (*microcode_fini_cpu) (int cpu);
diff --git a/arch/x86/kernel/cpu/microcode/amd.c b/arch/x86/kernel/cpu/microcode/amd.c
index 9d15b7e5a13e..381addff7fc8 100644
--- a/arch/x86/kernel/cpu/microcode/amd.c
+++ b/arch/x86/kernel/cpu/microcode/amd.c
@@ -895,8 +895,7 @@ load_microcode_amd(bool save, u8 family, const u8 *data, size_t size)
*
* These might be larger than 2K.
*/
-static enum ucode_state request_microcode_amd(int cpu, struct device *device,
- bool refresh_fw)
+static enum ucode_state request_microcode_amd(int cpu, struct device *device)
{
char fw_name[36] = "amd-ucode/microcode_amd.bin";
struct cpuinfo_x86 *c = &cpu_data(cpu);
@@ -905,7 +904,7 @@ static enum ucode_state request_microcode_amd(int cpu, struct device *device,
const struct firmware *fw;
/* reload ucode container only on the boot cpu */
- if (!refresh_fw || !bsp)
+ if (!bsp)
return UCODE_OK;
if (c->x86 >= 0x15)
diff --git a/arch/x86/kernel/cpu/microcode/core.c b/arch/x86/kernel/cpu/microcode/core.c
index fb383088bede..3d4c2c1aae11 100644
--- a/arch/x86/kernel/cpu/microcode/core.c
+++ b/arch/x86/kernel/cpu/microcode/core.c
@@ -506,7 +506,7 @@ static ssize_t reload_store(struct device *dev,
if (ret)
goto put;
- tmp_ret = microcode_ops->request_microcode_fw(bsp, &microcode_pdev->dev, true);
+ tmp_ret = microcode_ops->request_microcode_fw(bsp, &microcode_pdev->dev);
if (tmp_ret != UCODE_NEW)
goto put;
diff --git a/arch/x86/kernel/cpu/microcode/intel.c b/arch/x86/kernel/cpu/microcode/intel.c
index 6fa667192bd9..818d5fa8ca20 100644
--- a/arch/x86/kernel/cpu/microcode/intel.c
+++ b/arch/x86/kernel/cpu/microcode/intel.c
@@ -921,8 +921,7 @@ static bool is_blacklisted(unsigned int cpu)
return false;
}
-static enum ucode_state request_microcode_fw(int cpu, struct device *device,
- bool refresh_fw)
+static enum ucode_state request_microcode_fw(int cpu, struct device *device)
{
struct cpuinfo_x86 *c = &cpu_data(cpu);
const struct firmware *firmware;
--
2.39.3

92
SOURCES/1033-x86-microcode-amd-Remove-load_microcode_amd-s-bsp-pa.patch
View File

@ -1,92 +0,0 @@
From cb425451860828e0ac0516f58a37b131f0476b3c Mon Sep 17 00:00:00 2001
From: "Borislav Petkov (AMD)" <bp@alien8.de>
Date: Tue, 17 Jan 2023 23:59:24 +0100
Subject: [PATCH 19/36] x86/microcode/amd: Remove load_microcode_amd()'s bsp
parameter
It is always the BSP.
No functional changes.
Signed-off-by: Borislav Petkov (AMD) <bp@alien8.de>
Link: https://lore.kernel.org/r/20230130161709.11615-2-bp@alien8.de
(cherry picked from commit 2355370cd941cbb20882cc3f34460f9f2b8f9a18)
CVE: CVE-2023-20593
Signed-off-by: Mridula Shastry <mridula.c.shastry@oracle.com>
Reviewed-by: Todd Vierling <todd.vierling@oracle.com>
---
arch/x86/kernel/cpu/microcode/amd.c | 19 ++++---------------
1 file changed, 4 insertions(+), 15 deletions(-)
diff --git a/arch/x86/kernel/cpu/microcode/amd.c b/arch/x86/kernel/cpu/microcode/amd.c
index 381addff7fc8..68643a68fa11 100644
--- a/arch/x86/kernel/cpu/microcode/amd.c
+++ b/arch/x86/kernel/cpu/microcode/amd.c
@@ -547,8 +547,7 @@ void load_ucode_amd_ap(unsigned int cpuid_1_eax)
early_apply_microcode(cpuid_1_eax, cp.data, cp.size, false);
}
-static enum ucode_state
-load_microcode_amd(bool save, u8 family, const u8 *data, size_t size);
+static enum ucode_state load_microcode_amd(u8 family, const u8 *data, size_t size);
int __init save_microcode_in_initrd_amd(unsigned int cpuid_1_eax)
{
@@ -566,7 +565,7 @@ int __init save_microcode_in_initrd_amd(unsigned int cpuid_1_eax)
if (!desc.mc)
return -EINVAL;
- ret = load_microcode_amd(true, x86_family(cpuid_1_eax), desc.data, desc.size);
+ ret = load_microcode_amd(x86_family(cpuid_1_eax), desc.data, desc.size);
if (ret > UCODE_UPDATED)
return -EINVAL;
@@ -844,8 +843,7 @@ static enum ucode_state __load_microcode_amd(u8 family, const u8 *data,
return UCODE_OK;
}
-static enum ucode_state
-load_microcode_amd(bool save, u8 family, const u8 *data, size_t size)
+static enum ucode_state load_microcode_amd(u8 family, const u8 *data, size_t size)
{
struct ucode_patch *p;
enum ucode_state ret;
@@ -869,10 +867,6 @@ load_microcode_amd(bool save, u8 family, const u8 *data, size_t size)
ret = UCODE_NEW;
}
- /* save BSP's matching patch for early load */
- if (!save)
- return ret;
-
memset(amd_ucode_patch, 0, PATCH_MAX_SIZE);
memcpy(amd_ucode_patch, p->data, min_t(u32, ksize(p->data), PATCH_MAX_SIZE));
@@ -899,14 +893,9 @@ static enum ucode_state request_microcode_amd(int cpu, struct device *device)
{
char fw_name[36] = "amd-ucode/microcode_amd.bin";
struct cpuinfo_x86 *c = &cpu_data(cpu);
- bool bsp = c->cpu_index == boot_cpu_data.cpu_index;
enum ucode_state ret = UCODE_NFOUND;
const struct firmware *fw;
- /* reload ucode container only on the boot cpu */
- if (!bsp)
- return UCODE_OK;
-
if (c->x86 >= 0x15)
snprintf(fw_name, sizeof(fw_name), "amd-ucode/microcode_amd_fam%.2xh.bin", c->x86);
@@ -919,7 +908,7 @@ static enum ucode_state request_microcode_amd(int cpu, struct device *device)
if (!verify_container(fw->data, fw->size, false))
goto fw_release;
- ret = load_microcode_amd(bsp, c->x86, fw->data, fw->size);
+ ret = load_microcode_amd(c->x86, fw->data, fw->size);
fw_release:
release_firmware(fw);
--
2.39.3

62
SOURCES/1034-x86-microcode-Drop-struct-ucode_cpu_info.valid.patch
View File

@ -1,62 +0,0 @@
From fbc8e41bf83779c3c6727075c5d131a3aa9f7a2b Mon Sep 17 00:00:00 2001
From: Borislav Petkov <bp@suse.de>
Date: Wed, 19 Oct 2022 19:25:27 +0200
Subject: [PATCH 20/36] x86/microcode: Drop struct ucode_cpu_info.valid
It is not needed anymore.
Signed-off-by: Borislav Petkov <bp@suse.de>
Reviewed-by: Ashok Raj <ashok.raj@intel.com>
Link: https://lore.kernel.org/r/20221028142638.28498-6-bp@alien8.de
(cherry picked from commit 254ed7cf4dd79a18bbc496ab53f6c82d45431c78)
Signed-off-by: Mridula Shastry <mridula.c.shastry@oracle.com>
Reviewed-by: Todd Vierling <todd.vierling@oracle.com>
---
arch/x86/include/asm/microcode.h | 1 -
arch/x86/kernel/cpu/intel.c | 1 -
arch/x86/kernel/cpu/microcode/core.c | 4 ++--
3 files changed, 2 insertions(+), 4 deletions(-)
diff --git a/arch/x86/include/asm/microcode.h b/arch/x86/include/asm/microcode.h
index af1ba544c800..e65c39a1f5fa 100644
--- a/arch/x86/include/asm/microcode.h
+++ b/arch/x86/include/asm/microcode.h
@@ -48,7 +48,6 @@ struct microcode_ops {
struct ucode_cpu_info {
struct cpu_signature cpu_sig;
- int valid;
void *mc;
};
extern struct ucode_cpu_info ucode_cpu_info[];
diff --git a/arch/x86/kernel/cpu/intel.c b/arch/x86/kernel/cpu/intel.c
index cf85431fb09a..c7935482c58a 100644
--- a/arch/x86/kernel/cpu/intel.c
+++ b/arch/x86/kernel/cpu/intel.c
@@ -243,7 +243,6 @@ int intel_cpu_collect_info(struct ucode_cpu_info *uci)
csig.rev = intel_get_microcode_revision();
uci->cpu_sig = csig;
- uci->valid = 1;
return 0;
}
diff --git a/arch/x86/kernel/cpu/microcode/core.c b/arch/x86/kernel/cpu/microcode/core.c
index 3d4c2c1aae11..6cd0db1e7b96 100644
--- a/arch/x86/kernel/cpu/microcode/core.c
+++ b/arch/x86/kernel/cpu/microcode/core.c
@@ -583,9 +583,9 @@ void microcode_bsp_resume(void)
int cpu = smp_processor_id();
struct ucode_cpu_info *uci = ucode_cpu_info + cpu;
- if (uci->valid && uci->mc)
+ if (uci->mc)
microcode_ops->apply_microcode(cpu);
- else if (!uci->mc)
+ else
reload_early_microcode();
}
--
2.39.3

110
SOURCES/1035-x86-microcode-AMD-Add-a-cpu-parameter-to-the-reloadi.patch
View File

@ -1,110 +0,0 @@
From 077f4f2e376a6489736ee5994db3539593941c0c Mon Sep 17 00:00:00 2001
From: "Borislav Petkov (AMD)" <bp@alien8.de>
Date: Thu, 26 Jan 2023 00:08:03 +0100
Subject: [PATCH 21/36] x86/microcode/AMD: Add a @cpu parameter to the
reloading functions
Will be used in a subsequent change.
Signed-off-by: Borislav Petkov (AMD) <bp@alien8.de>
Link: https://lore.kernel.org/r/20230130161709.11615-3-bp@alien8.de
(cherry picked from commit a5ad92134bd153a9ccdcddf09a95b088f36c3cce)
CVE: CVE-2023-20593
Signed-off-by: Mridula Shastry <mridula.c.shastry@oracle.com>
Reviewed-by: Todd Vierling <todd.vierling@oracle.com>
---
arch/x86/include/asm/microcode.h | 4 ++--
arch/x86/include/asm/microcode_amd.h | 4 ++--
arch/x86/kernel/cpu/microcode/amd.c | 2 +-
arch/x86/kernel/cpu/microcode/core.c | 6 +++---
4 files changed, 8 insertions(+), 8 deletions(-)
diff --git a/arch/x86/include/asm/microcode.h b/arch/x86/include/asm/microcode.h
index e65c39a1f5fa..67051a58a18b 100644
--- a/arch/x86/include/asm/microcode.h
+++ b/arch/x86/include/asm/microcode.h
@@ -125,7 +125,7 @@ static inline unsigned int x86_cpuid_family(void)
int __init microcode_init(void);
extern void __init load_ucode_bsp(void);
extern void load_ucode_ap(void);
-void reload_early_microcode(void);
+void reload_early_microcode(unsigned int cpu);
extern bool get_builtin_firmware(struct cpio_data *cd, const char *name);
extern bool initrd_gone;
void microcode_bsp_resume(void);
@@ -133,7 +133,7 @@ void microcode_bsp_resume(void);
static inline int __init microcode_init(void) { return 0; };
static inline void __init load_ucode_bsp(void) { }
static inline void load_ucode_ap(void) { }
-static inline void reload_early_microcode(void) { }
+static inline void reload_early_microcode(unsigned int cpu) { }
static inline bool
get_builtin_firmware(struct cpio_data *cd, const char *name) { return false; }
static inline void microcode_bsp_resume(void) { }
diff --git a/arch/x86/include/asm/microcode_amd.h b/arch/x86/include/asm/microcode_amd.h
index 7063b5a43220..a645b25ee442 100644
--- a/arch/x86/include/asm/microcode_amd.h
+++ b/arch/x86/include/asm/microcode_amd.h
@@ -47,12 +47,12 @@ struct microcode_amd {
extern void __init load_ucode_amd_bsp(unsigned int family);
extern void load_ucode_amd_ap(unsigned int family);
extern int __init save_microcode_in_initrd_amd(unsigned int family);
-void reload_ucode_amd(void);
+void reload_ucode_amd(unsigned int cpu);
#else
static inline void __init load_ucode_amd_bsp(unsigned int family) {}
static inline void load_ucode_amd_ap(unsigned int family) {}
static inline int __init
save_microcode_in_initrd_amd(unsigned int family) { return -EINVAL; }
-static inline void reload_ucode_amd(void) {}
+static inline void reload_ucode_amd(unsigned int cpu) {}
#endif
#endif /* _ASM_X86_MICROCODE_AMD_H */
diff --git a/arch/x86/kernel/cpu/microcode/amd.c b/arch/x86/kernel/cpu/microcode/amd.c
index 68643a68fa11..6ab27650f8a7 100644
--- a/arch/x86/kernel/cpu/microcode/amd.c
+++ b/arch/x86/kernel/cpu/microcode/amd.c
@@ -572,7 +572,7 @@ int __init save_microcode_in_initrd_amd(unsigned int cpuid_1_eax)
return 0;
}
-void reload_ucode_amd(void)
+void reload_ucode_amd(unsigned int cpu)
{
struct microcode_amd *mc;
u32 rev, dummy __always_unused;
diff --git a/arch/x86/kernel/cpu/microcode/core.c b/arch/x86/kernel/cpu/microcode/core.c
index 6cd0db1e7b96..681df41e5b69 100644
--- a/arch/x86/kernel/cpu/microcode/core.c
+++ b/arch/x86/kernel/cpu/microcode/core.c
@@ -317,7 +317,7 @@ struct cpio_data find_microcode_in_initrd(const char *path, bool use_pa)
#endif
}
-void reload_early_microcode(void)
+void reload_early_microcode(unsigned int cpu)
{
int vendor, family;
@@ -331,7 +331,7 @@ void reload_early_microcode(void)
break;
case X86_VENDOR_AMD:
if (family >= 0x10)
- reload_ucode_amd();
+ reload_ucode_amd(cpu);
break;
default:
break;
@@ -586,7 +586,7 @@ void microcode_bsp_resume(void)
if (uci->mc)
microcode_ops->apply_microcode(cpu);
else
- reload_early_microcode();
+ reload_early_microcode(cpu);
}
static struct syscore_ops mc_syscore_ops = {
--
2.39.3

63
SOURCES/1036-x86-microcode-AMD-Track-patch-allocation-size-explic.patch
View File

@ -1,63 +0,0 @@
From d9032189bbe791846b2c3e224ae164e106e2be1b Mon Sep 17 00:00:00 2001
From: Kees Cook <keescook@chromium.org>
Date: Wed, 21 Sep 2022 20:10:10 -0700
Subject: [PATCH 22/36] x86/microcode/AMD: Track patch allocation size
explicitly
In preparation for reducing the use of ksize(), record the actual
allocation size for later memcpy(). This avoids copying extra
(uninitialized!) bytes into the patch buffer when the requested
allocation size isn't exactly the size of a kmalloc bucket.
Additionally, fix potential future issues where runtime bounds checking
will notice that the buffer was allocated to a smaller value than
returned by ksize().
Fixes: 757885e94a22 ("x86, microcode, amd: Early microcode patch loading support for AMD")
Suggested-by: Daniel Micay <danielmicay@gmail.com>
Signed-off-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Borislav Petkov <bp@suse.de>
Link: https://lore.kernel.org/lkml/CA+DvKQ+bp7Y7gmaVhacjv9uF6Ar-o4tet872h4Q8RPYPJjcJQA@mail.gmail.com/
(cherry picked from commit 712f210a457d9c32414df246a72781550bc23ef6)
Signed-off-by: Mridula Shastry <mridula.c.shastry@oracle.com>
Reviewed-by: Todd Vierling <todd.vierling@oracle.com>
---
arch/x86/include/asm/microcode.h | 1 +
arch/x86/kernel/cpu/microcode/amd.c | 3 ++-
2 files changed, 3 insertions(+), 1 deletion(-)
diff --git a/arch/x86/include/asm/microcode.h b/arch/x86/include/asm/microcode.h
index 67051a58a18b..629330986955 100644
--- a/arch/x86/include/asm/microcode.h
+++ b/arch/x86/include/asm/microcode.h
@@ -9,6 +9,7 @@
struct ucode_patch {
struct list_head plist;
void *data; /* Intel uses only this one */
+ unsigned int size;
u32 patch_id;
u16 equiv_cpu;
};
diff --git a/arch/x86/kernel/cpu/microcode/amd.c b/arch/x86/kernel/cpu/microcode/amd.c
index 6ab27650f8a7..030f69f93c00 100644
--- a/arch/x86/kernel/cpu/microcode/amd.c
+++ b/arch/x86/kernel/cpu/microcode/amd.c
@@ -791,6 +791,7 @@ static int verify_and_add_patch(u8 family, u8 *fw, unsigned int leftover,
kfree(patch);
return -EINVAL;
}
+ patch->size = *patch_size;
mc_hdr = (struct microcode_header_amd *)(fw + SECTION_HDR_SIZE);
proc_id = mc_hdr->processor_rev_id;
@@ -868,7 +869,7 @@ static enum ucode_state load_microcode_amd(u8 family, const u8 *data, size_t siz
}
memset(amd_ucode_patch, 0, PATCH_MAX_SIZE);
- memcpy(amd_ucode_patch, p->data, min_t(u32, ksize(p->data), PATCH_MAX_SIZE));
+ memcpy(amd_ucode_patch, p->data, min_t(u32, p->size, PATCH_MAX_SIZE));
return ret;
}
--
2.39.3

111
SOURCES/1037-x86-microcode-AMD-Fix-mixed-steppings-support.patch
View File

@ -1,111 +0,0 @@
From 34d3d5458f58c88954bb3087219610f35e2b5c37 Mon Sep 17 00:00:00 2001
From: "Borislav Petkov (AMD)" <bp@alien8.de>
Date: Thu, 26 Jan 2023 16:26:17 +0100
Subject: [PATCH 23/36] x86/microcode/AMD: Fix mixed steppings support
The AMD side of the loader has always claimed to support mixed
steppings. But somewhere along the way, it broke that by assuming that
the cached patch blob is a single one instead of it being one per
*node*.
So turn it into a per-node one so that each node can stash the blob
relevant for it.
[ NB: Fixes tag is not really the exactly correct one but it is good
enough. ]
Fixes: fe055896c040 ("x86/microcode: Merge the early microcode loader")
Signed-off-by: Borislav Petkov (AMD) <bp@alien8.de>
Cc: <stable@kernel.org> # 2355370cd941 ("x86/microcode/amd: Remove load_microcode_amd()'s bsp parameter")
Cc: <stable@kernel.org> # a5ad92134bd1 ("x86/microcode/AMD: Add a @cpu parameter to the reloading functions")
Link: https://lore.kernel.org/r/20230130161709.11615-4-bp@alien8.de
(cherry picked from commit 7ff6edf4fef38ab404ee7861f257e28eaaeed35f)
CVE: CVE-2023-20593
Signed-off-by: Mridula Shastry <mridula.c.shastry@oracle.com>
Reviewed-by: Todd Vierling <todd.vierling@oracle.com>
---
arch/x86/kernel/cpu/microcode/amd.c | 34 ++++++++++++++++++-----------
1 file changed, 21 insertions(+), 13 deletions(-)
diff --git a/arch/x86/kernel/cpu/microcode/amd.c b/arch/x86/kernel/cpu/microcode/amd.c
index 030f69f93c00..d1d31011b8fa 100644
--- a/arch/x86/kernel/cpu/microcode/amd.c
+++ b/arch/x86/kernel/cpu/microcode/amd.c
@@ -55,7 +55,9 @@ struct cont_desc {
};
static u32 ucode_new_rev;
-static u8 amd_ucode_patch[PATCH_MAX_SIZE];
+
+/* One blob per node. */
+static u8 amd_ucode_patch[MAX_NUMNODES][PATCH_MAX_SIZE];
/*
* Microcode patch container file is prepended to the initrd in cpio
@@ -428,7 +430,7 @@ static bool early_apply_microcode(u32 cpuid_1_eax, void *ucode, size_t size, boo
patch = (u8 (*)[PATCH_MAX_SIZE])__pa_nodebug(&amd_ucode_patch);
#else
new_rev = &ucode_new_rev;
- patch = &amd_ucode_patch;
+ patch = &amd_ucode_patch[0];
#endif
desc.cpuid_1_eax = cpuid_1_eax;
@@ -574,10 +576,10 @@ int __init save_microcode_in_initrd_amd(unsigned int cpuid_1_eax)
void reload_ucode_amd(unsigned int cpu)
{
- struct microcode_amd *mc;
u32 rev, dummy __always_unused;
+ struct microcode_amd *mc;
- mc = (struct microcode_amd *)amd_ucode_patch;
+ mc = (struct microcode_amd *)amd_ucode_patch[cpu_to_node(cpu)];
rdmsr(MSR_AMD64_PATCH_LEVEL, rev, dummy);
@@ -846,6 +848,8 @@ static enum ucode_state __load_microcode_amd(u8 family, const u8 *data,
static enum ucode_state load_microcode_amd(u8 family, const u8 *data, size_t size)
{
+ struct cpuinfo_x86 *c;
+ unsigned int nid, cpu;
struct ucode_patch *p;
enum ucode_state ret;
@@ -858,18 +862,22 @@ static enum ucode_state load_microcode_amd(u8 family, const u8 *data, size_t siz
return ret;
}
- p = find_patch(0);
- if (!p) {
- return ret;
- } else {
- if (boot_cpu_data.microcode >= p->patch_id)
- return ret;
+ for_each_node(nid) {
+ cpu = cpumask_first(cpumask_of_node(nid));
+ c = &cpu_data(cpu);
+
+ p = find_patch(cpu);
+ if (!p)
+ continue;
+
+ if (c->microcode >= p->patch_id)
+ continue;
ret = UCODE_NEW;
- }
- memset(amd_ucode_patch, 0, PATCH_MAX_SIZE);
- memcpy(amd_ucode_patch, p->data, min_t(u32, p->size, PATCH_MAX_SIZE));
+ memset(&amd_ucode_patch[nid], 0, PATCH_MAX_SIZE);
+ memcpy(&amd_ucode_patch[nid], p->data, min_t(u32, p->size, PATCH_MAX_SIZE));
+ }
return ret;
}
--
2.39.3

40
SOURCES/1038-x86-microcode-core-Return-an-error-only-when-necessa.patch
View File

@ -1,40 +0,0 @@
From c6dc156a35536e30bb96df8a1b8c93cb16bd219b Mon Sep 17 00:00:00 2001
From: "Borislav Petkov (AMD)" <bp@alien8.de>
Date: Mon, 30 Jan 2023 13:48:04 +0100
Subject: [PATCH 24/36] x86/microcode/core: Return an error only when necessary
Return an error from the late loading function which is run on each CPU
only when an error has actually been encountered during the update.
Signed-off-by: Borislav Petkov (AMD) <bp@alien8.de>
Link: https://lore.kernel.org/r/20230130161709.11615-5-bp@alien8.de
(cherry picked from commit f33e0c893b22bf94d7985f1f2aa3872237560c74)
CVE: CVE-2023-20593
Signed-off-by: Mridula Shastry <mridula.c.shastry@oracle.com>
Reviewed-by: Todd Vierling <todd.vierling@oracle.com>
---
arch/x86/kernel/cpu/microcode/core.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/arch/x86/kernel/cpu/microcode/core.c b/arch/x86/kernel/cpu/microcode/core.c
index 681df41e5b69..23b88e66fa7c 100644
--- a/arch/x86/kernel/cpu/microcode/core.c
+++ b/arch/x86/kernel/cpu/microcode/core.c
@@ -428,10 +428,10 @@ static int __reload_late(void *info)
goto wait_for_siblings;
if (err >= UCODE_NFOUND) {
- if (err == UCODE_ERROR)
+ if (err == UCODE_ERROR) {
pr_warn("Error reloading microcode on CPU %d\n", cpu);
-
- ret = -1;
+ ret = -1;
+ }
}
wait_for_siblings:
--
2.39.3

225
SOURCES/1039-x86-apic-Don-t-disable-x2APIC-if-locked.patch
View File

@ -1,225 +0,0 @@
From ce57ab2e87f50d1176abea086f4aad38ba87886b Mon Sep 17 00:00:00 2001
From: Daniel Sneddon <daniel.sneddon@linux.intel.com>
Date: Tue, 16 Aug 2022 16:19:42 -0700
Subject: [PATCH 25/36] x86/apic: Don't disable x2APIC if locked
The APIC supports two modes, legacy APIC (or xAPIC), and Extended APIC
(or x2APIC). X2APIC mode is mostly compatible with legacy APIC, but
it disables the memory-mapped APIC interface in favor of one that uses
MSRs. The APIC mode is controlled by the EXT bit in the APIC MSR.
The MMIO/xAPIC interface has some problems, most notably the APIC LEAK
[1]. This bug allows an attacker to use the APIC MMIO interface to
extract data from the SGX enclave.
Introduce support for a new feature that will allow the BIOS to lock
the APIC in x2APIC mode. If the APIC is locked in x2APIC mode and the
kernel tries to disable the APIC or revert to legacy APIC mode a GP
fault will occur.
Introduce support for a new MSR (IA32_XAPIC_DISABLE_STATUS) and handle
the new locked mode when the LEGACY_XAPIC_DISABLED bit is set by
preventing the kernel from trying to disable the x2APIC.
On platforms with the IA32_XAPIC_DISABLE_STATUS MSR, if SGX or TDX are
enabled the LEGACY_XAPIC_DISABLED will be set by the BIOS. If
legacy APIC is required, then it SGX and TDX need to be disabled in the
BIOS.
[1]: https://aepicleak.com/aepicleak.pdf
Signed-off-by: Daniel Sneddon <daniel.sneddon@linux.intel.com>
Signed-off-by: Dave Hansen <dave.hansen@linux.intel.com>
Acked-by: Dave Hansen <dave.hansen@linux.intel.com>
Tested-by: Neelima Krishnan <neelima.krishnan@intel.com>
Link: https://lkml.kernel.org/r/20220816231943.1152579-1-daniel.sneddon@linux.intel.com
(cherry picked from commit b8d1d163604bd1e600b062fb00de5dc42baa355f)
Signed-off-by: Mridula Shastry <mridula.c.shastry@oracle.com>
Reviewed-by: Todd Vierling <todd.vierling@oracle.com>
---
.../admin-guide/kernel-parameters.txt | 4 ++
arch/x86/Kconfig | 7 ++-
arch/x86/include/asm/cpu.h | 2 +
arch/x86/include/asm/msr-index.h | 13 ++++++
arch/x86/kernel/apic/apic.c | 44 +++++++++++++++++--
5 files changed, 65 insertions(+), 5 deletions(-)
diff --git a/Documentation/admin-guide/kernel-parameters.txt b/Documentation/admin-guide/kernel-parameters.txt
index 25f0b3a543e9..73a92fb9e3c6 100644
--- a/Documentation/admin-guide/kernel-parameters.txt
+++ b/Documentation/admin-guide/kernel-parameters.txt
@@ -3355,6 +3355,10 @@
nox2apic [X86-64,APIC] Do not enable x2APIC mode.
+ NOTE: this parameter will be ignored on systems with the
+ LEGACY_XAPIC_DISABLED bit set in the
+ IA32_XAPIC_DISABLE_STATUS MSR.
+
cpu0_hotplug [X86] Turn on CPU0 hotplug feature when
CONFIG_BOOTPARAM_HOTPLUG_CPU0 is off.
Some features depend on CPU0. Known dependencies are:
diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig
index 5af5427c50ae..585893a349b6 100644
--- a/arch/x86/Kconfig
+++ b/arch/x86/Kconfig
@@ -449,6 +449,11 @@ config X86_X2APIC
This allows 32-bit apic IDs (so it can support very large systems),
and accesses the local apic via MSRs not via mmio.
+ Some Intel systems circa 2022 and later are locked into x2APIC mode
+ and can not fall back to the legacy APIC modes if SGX or TDX are
+ enabled in the BIOS. They will be unable to boot without enabling
+ this option.
+
If you don't know what to do here, say N.
config X86_MPPARSE
@@ -1979,7 +1984,7 @@ endchoice
config X86_SGX
bool "Software Guard eXtensions (SGX)"
- depends on X86_64 && CPU_SUP_INTEL
+ depends on X86_64 && CPU_SUP_INTEL && X86_X2APIC
depends on CRYPTO=y
depends on CRYPTO_SHA256=y
select SRCU
diff --git a/arch/x86/include/asm/cpu.h b/arch/x86/include/asm/cpu.h
index 2d62a3f122ee..66f9715b01c9 100644
--- a/arch/x86/include/asm/cpu.h
+++ b/arch/x86/include/asm/cpu.h
@@ -92,4 +92,6 @@ static inline bool intel_cpu_signatures_match(unsigned int s1, unsigned int p1,
return p1 & p2;
}
+extern u64 x86_read_arch_cap_msr(void);
+
#endif /* _ASM_X86_CPU_H */
diff --git a/arch/x86/include/asm/msr-index.h b/arch/x86/include/asm/msr-index.h
index e30f8e289deb..9b0d407dd1ae 100644
--- a/arch/x86/include/asm/msr-index.h
+++ b/arch/x86/include/asm/msr-index.h
@@ -153,6 +153,11 @@
* Return Stack Buffer Predictions.
*/
+#define ARCH_CAP_XAPIC_DISABLE BIT(21) /*
+ * IA32_XAPIC_DISABLE_STATUS MSR
+ * supported
+ */
+
#define MSR_IA32_FLUSH_CMD 0x0000010b
#define L1D_FLUSH BIT(0) /*
* Writeback and invalidate the
@@ -1015,4 +1020,12 @@
#define MSR_IA32_HW_FEEDBACK_PTR 0x17d0
#define MSR_IA32_HW_FEEDBACK_CONFIG 0x17d1
+/* x2APIC locked status */
+#define MSR_IA32_XAPIC_DISABLE_STATUS 0xBD
+#define LEGACY_XAPIC_DISABLED BIT(0) /*
+ * x2APIC mode is locked and
+ * disabling x2APIC will cause
+ * a #GP
+ */
+
#endif /* _ASM_X86_MSR_INDEX_H */
diff --git a/arch/x86/kernel/apic/apic.c b/arch/x86/kernel/apic/apic.c
index b191e575e53c..d73f1037961a 100644
--- a/arch/x86/kernel/apic/apic.c
+++ b/arch/x86/kernel/apic/apic.c
@@ -57,6 +57,7 @@
#include <asm/cpu_device_id.h>
#include <asm/intel-family.h>
#include <asm/irq_regs.h>
+#include <asm/cpu.h>
unsigned int num_processors;
@@ -1734,11 +1735,26 @@ EXPORT_SYMBOL_GPL(x2apic_mode);
enum {
X2APIC_OFF,
- X2APIC_ON,
X2APIC_DISABLED,
+ /* All states below here have X2APIC enabled */
+ X2APIC_ON,
+ X2APIC_ON_LOCKED
};
static int x2apic_state;
+static bool x2apic_hw_locked(void)
+{
+ u64 ia32_cap;
+ u64 msr;
+
+ ia32_cap = x86_read_arch_cap_msr();
+ if (ia32_cap & ARCH_CAP_XAPIC_DISABLE) {
+ rdmsrl(MSR_IA32_XAPIC_DISABLE_STATUS, msr);
+ return (msr & LEGACY_XAPIC_DISABLED);
+ }
+ return false;
+}
+
static void __x2apic_disable(void)
{
u64 msr;
@@ -1776,6 +1792,10 @@ static int __init setup_nox2apic(char *str)
apicid);
return 0;
}
+ if (x2apic_hw_locked()) {
+ pr_warn("APIC locked in x2apic mode, can't disable\n");
+ return 0;
+ }
pr_warn("x2apic already enabled.\n");
__x2apic_disable();
}
@@ -1790,10 +1810,18 @@ early_param("nox2apic", setup_nox2apic);
void x2apic_setup(void)
{
/*
- * If x2apic is not in ON state, disable it if already enabled
+ * Try to make the AP's APIC state match that of the BSP, but if the
+ * BSP is unlocked and the AP is locked then there is a state mismatch.
+ * Warn about the mismatch in case a GP fault occurs due to a locked AP
+ * trying to be turned off.
+ */
+ if (x2apic_state != X2APIC_ON_LOCKED && x2apic_hw_locked())
+ pr_warn("x2apic lock mismatch between BSP and AP.\n");
+ /*
+ * If x2apic is not in ON or LOCKED state, disable it if already enabled
* from BIOS.
*/
- if (x2apic_state != X2APIC_ON) {
+ if (x2apic_state < X2APIC_ON) {
__x2apic_disable();
return;
}
@@ -1814,6 +1842,11 @@ static __init void x2apic_disable(void)
if (x2apic_id >= 255)
panic("Cannot disable x2apic, id: %08x\n", x2apic_id);
+ if (x2apic_hw_locked()) {
+ pr_warn("Cannot disable locked x2apic, id: %08x\n", x2apic_id);
+ return;
+ }
+
__x2apic_disable();
register_lapic_address(mp_lapic_addr);
}
@@ -1872,7 +1905,10 @@ void __init check_x2apic(void)
if (x2apic_enabled()) {
pr_info("x2apic: enabled by BIOS, switching to x2apic ops\n");
x2apic_mode = 1;
- x2apic_state = X2APIC_ON;
+ if (x2apic_hw_locked())
+ x2apic_state = X2APIC_ON_LOCKED;
+ else
+ x2apic_state = X2APIC_ON;
} else if (!boot_cpu_has(X86_FEATURE_X2APIC)) {
x2apic_state = X2APIC_DISABLED;
}
--
2.39.3

186
SOURCES/1040-x86-cpu-amd-Move-the-errata-checking-functionality-u.patch
View File

@ -1,186 +0,0 @@
From 53173ac5885435f751b54a87710e6111a51a819c Mon Sep 17 00:00:00 2001
From: "Borislav Petkov (AMD)" <bp@alien8.de>
Date: Sat, 15 Jul 2023 13:31:32 +0200
Subject: [PATCH 26/36] x86/cpu/amd: Move the errata checking functionality up
Avoid new and remove old forward declarations.
No functional changes.
Signed-off-by: Borislav Petkov (AMD) <bp@alien8.de>
(cherry picked from commit 8b6f687743dacce83dbb0c7cfacf88bab00f808a)
CVE: CVE-2023-20593
Signed-off-by: Mridula Shastry <mridula.c.shastry@oracle.com>
Reviewed-by: Todd Vierling <todd.vierling@oracle.com>
---
arch/x86/kernel/cpu/amd.c | 139 ++++++++++++++++++--------------------
1 file changed, 67 insertions(+), 72 deletions(-)
diff --git a/arch/x86/kernel/cpu/amd.c b/arch/x86/kernel/cpu/amd.c
index 6eb7923f5f08..2406a71a1eb6 100644
--- a/arch/x86/kernel/cpu/amd.c
+++ b/arch/x86/kernel/cpu/amd.c
@@ -26,11 +26,6 @@
#include "cpu.h"
-static const int amd_erratum_383[];
-static const int amd_erratum_400[];
-static const int amd_erratum_1054[];
-static bool cpu_has_amd_erratum(struct cpuinfo_x86 *cpu, const int *erratum);
-
/*
* nodes_per_socket: Stores the number of nodes per socket.
* Refer to Fam15h Models 00-0fh BKDG - CPUID Fn8000_001E_ECX
@@ -38,6 +33,73 @@ static bool cpu_has_amd_erratum(struct cpuinfo_x86 *cpu, const int *erratum);
*/
static u32 nodes_per_socket = 1;
+/*
+ * AMD errata checking
+ *
+ * Errata are defined as arrays of ints using the AMD_LEGACY_ERRATUM() or
+ * AMD_OSVW_ERRATUM() macros. The latter is intended for newer errata that
+ * have an OSVW id assigned, which it takes as first argument. Both take a
+ * variable number of family-specific model-stepping ranges created by
+ * AMD_MODEL_RANGE().
+ *
+ * Example:
+ *
+ * const int amd_erratum_319[] =
+ * AMD_LEGACY_ERRATUM(AMD_MODEL_RANGE(0x10, 0x2, 0x1, 0x4, 0x2),
+ * AMD_MODEL_RANGE(0x10, 0x8, 0x0, 0x8, 0x0),
+ * AMD_MODEL_RANGE(0x10, 0x9, 0x0, 0x9, 0x0));
+ */
+
+#define AMD_LEGACY_ERRATUM(...) { -1, __VA_ARGS__, 0 }
+#define AMD_OSVW_ERRATUM(osvw_id, ...) { osvw_id, __VA_ARGS__, 0 }
+#define AMD_MODEL_RANGE(f, m_start, s_start, m_end, s_end) \
+ ((f << 24) | (m_start << 16) | (s_start << 12) | (m_end << 4) | (s_end))
+#define AMD_MODEL_RANGE_FAMILY(range) (((range) >> 24) & 0xff)
+#define AMD_MODEL_RANGE_START(range) (((range) >> 12) & 0xfff)
+#define AMD_MODEL_RANGE_END(range) ((range) & 0xfff)
+
+static const int amd_erratum_400[] =
+ AMD_OSVW_ERRATUM(1, AMD_MODEL_RANGE(0xf, 0x41, 0x2, 0xff, 0xf),
+ AMD_MODEL_RANGE(0x10, 0x2, 0x1, 0xff, 0xf));
+
+static const int amd_erratum_383[] =
+ AMD_OSVW_ERRATUM(3, AMD_MODEL_RANGE(0x10, 0, 0, 0xff, 0xf));
+
+/* #1054: Instructions Retired Performance Counter May Be Inaccurate */
+static const int amd_erratum_1054[] =
+ AMD_LEGACY_ERRATUM(AMD_MODEL_RANGE(0x17, 0, 0, 0x2f, 0xf));
+
+static bool cpu_has_amd_erratum(struct cpuinfo_x86 *cpu, const int *erratum)
+{
+ int osvw_id = *erratum++;
+ u32 range;
+ u32 ms;
+
+ if (osvw_id >= 0 && osvw_id < 65536 &&
+ cpu_has(cpu, X86_FEATURE_OSVW)) {
+ u64 osvw_len;
+
+ rdmsrl(MSR_AMD64_OSVW_ID_LENGTH, osvw_len);
+ if (osvw_id < osvw_len) {
+ u64 osvw_bits;
+
+ rdmsrl(MSR_AMD64_OSVW_STATUS + (osvw_id >> 6),
+ osvw_bits);
+ return osvw_bits & (1ULL << (osvw_id & 0x3f));
+ }
+ }
+
+ /* OSVW unavailable or ID unknown, match family-model-stepping range */
+ ms = (cpu->x86_model << 4) | cpu->x86_stepping;
+ while ((range = *erratum++))
+ if ((cpu->x86 == AMD_MODEL_RANGE_FAMILY(range)) &&
+ (ms >= AMD_MODEL_RANGE_START(range)) &&
+ (ms <= AMD_MODEL_RANGE_END(range)))
+ return true;
+
+ return false;
+}
+
static inline int rdmsrl_amd_safe(unsigned msr, unsigned long long *p)
{
u32 gprs[8] = { 0 };
@@ -1079,73 +1141,6 @@ static const struct cpu_dev amd_cpu_dev = {
cpu_dev_register(amd_cpu_dev);
-/*
- * AMD errata checking
- *
- * Errata are defined as arrays of ints using the AMD_LEGACY_ERRATUM() or
- * AMD_OSVW_ERRATUM() macros. The latter is intended for newer errata that
- * have an OSVW id assigned, which it takes as first argument. Both take a
- * variable number of family-specific model-stepping ranges created by
- * AMD_MODEL_RANGE().
- *
- * Example:
- *
- * const int amd_erratum_319[] =
- * AMD_LEGACY_ERRATUM(AMD_MODEL_RANGE(0x10, 0x2, 0x1, 0x4, 0x2),
- * AMD_MODEL_RANGE(0x10, 0x8, 0x0, 0x8, 0x0),
- * AMD_MODEL_RANGE(0x10, 0x9, 0x0, 0x9, 0x0));
- */
-
-#define AMD_LEGACY_ERRATUM(...) { -1, __VA_ARGS__, 0 }
-#define AMD_OSVW_ERRATUM(osvw_id, ...) { osvw_id, __VA_ARGS__, 0 }
-#define AMD_MODEL_RANGE(f, m_start, s_start, m_end, s_end) \
- ((f << 24) | (m_start << 16) | (s_start << 12) | (m_end << 4) | (s_end))
-#define AMD_MODEL_RANGE_FAMILY(range) (((range) >> 24) & 0xff)
-#define AMD_MODEL_RANGE_START(range) (((range) >> 12) & 0xfff)
-#define AMD_MODEL_RANGE_END(range) ((range) & 0xfff)
-
-static const int amd_erratum_400[] =
- AMD_OSVW_ERRATUM(1, AMD_MODEL_RANGE(0xf, 0x41, 0x2, 0xff, 0xf),
- AMD_MODEL_RANGE(0x10, 0x2, 0x1, 0xff, 0xf));
-
-static const int amd_erratum_383[] =
- AMD_OSVW_ERRATUM(3, AMD_MODEL_RANGE(0x10, 0, 0, 0xff, 0xf));
-
-/* #1054: Instructions Retired Performance Counter May Be Inaccurate */
-static const int amd_erratum_1054[] =
- AMD_LEGACY_ERRATUM(AMD_MODEL_RANGE(0x17, 0, 0, 0x2f, 0xf));
-
-static bool cpu_has_amd_erratum(struct cpuinfo_x86 *cpu, const int *erratum)
-{
- int osvw_id = *erratum++;
- u32 range;
- u32 ms;
-
- if (osvw_id >= 0 && osvw_id < 65536 &&
- cpu_has(cpu, X86_FEATURE_OSVW)) {
- u64 osvw_len;
-
- rdmsrl(MSR_AMD64_OSVW_ID_LENGTH, osvw_len);
- if (osvw_id < osvw_len) {
- u64 osvw_bits;
-
- rdmsrl(MSR_AMD64_OSVW_STATUS + (osvw_id >> 6),
- osvw_bits);
- return osvw_bits & (1ULL << (osvw_id & 0x3f));
- }
- }
-
- /* OSVW unavailable or ID unknown, match family-model-stepping range */
- ms = (cpu->x86_model << 4) | cpu->x86_stepping;
- while ((range = *erratum++))
- if ((cpu->x86 == AMD_MODEL_RANGE_FAMILY(range)) &&
- (ms >= AMD_MODEL_RANGE_START(range)) &&
- (ms <= AMD_MODEL_RANGE_END(range)))
- return true;
-
- return false;
-}
-
static DEFINE_PER_CPU_READ_MOSTLY(unsigned long[4], amd_dr_addr_mask);
static unsigned int amd_msr_dr_addr_masks[] = {
--
2.39.3

63
SOURCES/1041-x86-cpu-Remove-redundant-extern-x86_read_arch_cap_ms.patch
View File

@ -1,63 +0,0 @@
From d2d2944b80b99ecdcb1c10b0704bbdf78fbf5f79 Mon Sep 17 00:00:00 2001
From: Ashok Raj <ashok.raj@intel.com>
Date: Mon, 28 Nov 2022 09:24:51 -0800
Subject: [PATCH 27/36] x86/cpu: Remove redundant extern
x86_read_arch_cap_msr()
The prototype for the x86_read_arch_cap_msr() function has moved to
arch/x86/include/asm/cpu.h - kill the redundant definition in arch/x86/kernel/cpu.h
and include the header.
Signed-off-by: Ashok Raj <ashok.raj@intel.com>
Signed-off-by: Ingo Molnar <mingo@kernel.org>
Reviewed-by: Daniel Sneddon <daniel.sneddon@linux.intel.com>
Link: https://lore.kernel.org/r/20221128172451.792595-1-ashok.raj@intel.com
(cherry picked from commit bb5525a50601f8be7d0ffb04740e1714506e60c4)
Signed-off-by: Mridula Shastry <mridula.c.shastry@oracle.com>
Reviewed-by: Todd Vierling <todd.vierling@oracle.com>
---
arch/x86/kernel/cpu/bugs.c | 1 +
arch/x86/kernel/cpu/cpu.h | 2 --
arch/x86/kernel/cpu/tsx.c | 1 +
3 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c
index 848a0cce2243..5dc79427d047 100644
--- a/arch/x86/kernel/cpu/bugs.c
+++ b/arch/x86/kernel/cpu/bugs.c
@@ -33,6 +33,7 @@
#include <asm/e820/api.h>
#include <asm/hypervisor.h>
#include <asm/tlbflush.h>
+#include <asm/cpu.h>
#include "cpu.h"
diff --git a/arch/x86/kernel/cpu/cpu.h b/arch/x86/kernel/cpu/cpu.h
index 54afd004624b..1add3618f766 100644
--- a/arch/x86/kernel/cpu/cpu.h
+++ b/arch/x86/kernel/cpu/cpu.h
@@ -84,8 +84,6 @@ unsigned int aperfmperf_get_khz(int cpu);
extern void x86_spec_ctrl_setup_ap(void);
extern void update_srbds_msr(void);
-extern u64 x86_read_arch_cap_msr(void);
-
#ifdef CONFIG_IA32_FEAT_CTL
void init_ia32_feat_ctl(struct cpuinfo_x86 *c);
#endif
diff --git a/arch/x86/kernel/cpu/tsx.c b/arch/x86/kernel/cpu/tsx.c
index 39b3e65c9c8d..73b7226d042b 100644
--- a/arch/x86/kernel/cpu/tsx.c
+++ b/arch/x86/kernel/cpu/tsx.c
@@ -11,6 +11,7 @@
#include <linux/cpufeature.h>
#include <asm/cmdline.h>
+#include <asm/cpu.h>
#include "cpu.h"
--
2.39.3

77
SOURCES/1042-x86-cpu-kvm-Add-support-for-CPUID_80000021_EAX.patch
View File

@ -1,77 +0,0 @@
From 58f7b0c78ff579aef5a470804ff76e4ed913056b Mon Sep 17 00:00:00 2001
From: Kim Phillips <kim.phillips@amd.com>
Date: Tue, 10 Jan 2023 16:46:37 -0600
Subject: [PATCH 28/36] x86/cpu, kvm: Add support for CPUID_80000021_EAX
Add support for CPUID leaf 80000021, EAX. The majority of the features will be
used in the kernel and thus a separate leaf is appropriate.
Include KVM's reverse_cpuid entry because features are used by VM guests, too.
[ bp: Massage commit message. ]
Signed-off-by: Kim Phillips <kim.phillips@amd.com>
Signed-off-by: Borislav Petkov (AMD) <bp@alien8.de>
Acked-by: Sean Christopherson <seanjc@google.com>
Link: https://lore.kernel.org/r/20230124163319.2277355-2-kim.phillips@amd.com
(cherry picked from commit 8415a74852d7c24795007ee9862d25feb519007c)
The conflicts in arch/x86/include/asm/cpufeature.h,
arch/x86/include/asm/cpufeatures.h, arch/x86/include/asm/disabled-features.h
and arch/x86/include/asm/required-features.h are due to
the below commit added for kABI compatibility:
Repo: https://gitlab.com/redhat/centos-stream/src/kernel/centos-stream-9/:
commit: 219a085bc8ba328d65a1e12bc1886415525a38d9
The conflict in arch/x86/kvm/reverse_cpuid.h is due to
upstream commit 24d74b9f5f2a972ac9228372adeac62b2dc10ea2
Signed-off-by: Mridula Shastry <mridula.c.shastry@oracle.com>
Reviewed-by: Todd Vierling <todd.vierling@oracle.com>
---
arch/x86/include/asm/cpufeature.h | 1 +
arch/x86/kernel/cpu/common.c | 3 +++
arch/x86/kvm/reverse_cpuid.h | 1 +
3 files changed, 5 insertions(+)
diff --git a/arch/x86/include/asm/cpufeature.h b/arch/x86/include/asm/cpufeature.h
index 925722baef7c..3b2473cdf2ad 100644
--- a/arch/x86/include/asm/cpufeature.h
+++ b/arch/x86/include/asm/cpufeature.h
@@ -31,6 +31,7 @@ enum cpuid_leafs
CPUID_8000_0007_EBX,
CPUID_7_EDX,
CPUID_8000_001F_EAX,
+ CPUID_8000_0021_EAX,
};
#ifdef CONFIG_X86_FEATURE_NAMES
diff --git a/arch/x86/kernel/cpu/common.c b/arch/x86/kernel/cpu/common.c
index 22763a691b7b..a8dfd75588cd 100644
--- a/arch/x86/kernel/cpu/common.c
+++ b/arch/x86/kernel/cpu/common.c
@@ -962,6 +962,9 @@ void get_cpu_cap(struct cpuinfo_x86 *c)
if (c->extended_cpuid_level >= 0x8000001f)
c->x86_capability[CPUID_8000_001F_EAX] = cpuid_eax(0x8000001f);
+ if (c->extended_cpuid_level >= 0x80000021)
+ c->x86_capability[CPUID_8000_0021_EAX] = cpuid_eax(0x80000021);
+
init_scattered_cpuid_features(c);
init_speculation_control(c);
diff --git a/arch/x86/kvm/reverse_cpuid.h b/arch/x86/kvm/reverse_cpuid.h
index a19d473d0184..7eeade35a425 100644
--- a/arch/x86/kvm/reverse_cpuid.h
+++ b/arch/x86/kvm/reverse_cpuid.h
@@ -48,6 +48,7 @@ static const struct cpuid_reg reverse_cpuid[] = {
[CPUID_7_1_EAX] = { 7, 1, CPUID_EAX},
[CPUID_12_EAX] = {0x00000012, 0, CPUID_EAX},
[CPUID_8000_001F_EAX] = {0x8000001f, 0, CPUID_EAX},
+ [CPUID_8000_0021_EAX] = {0x80000021, 0, CPUID_EAX},
};
/*
--
2.39.3

43
SOURCES/1043-KVM-x86-Advertise-that-the-SMM_CTL-MSR-is-not-suppor.patch
View File

@ -1,43 +0,0 @@
From 35b7cde8ddf1c374c533ec0de2958d2cd74e587d Mon Sep 17 00:00:00 2001
From: Jim Mattson <jmattson@google.com>
Date: Fri, 7 Oct 2022 15:16:44 -0700
Subject: [PATCH 29/36] KVM: x86: Advertise that the SMM_CTL MSR is not
supported
CPUID.80000021H:EAX[bit 9] indicates that the SMM_CTL MSR (0xc0010116) is
not supported. This defeature can be advertised by KVM_GET_SUPPORTED_CPUID
regardless of whether or not the host enumerates it; currently it will be
included only if the host enumerates at least leaf 8000001DH, due to a
preexisting bug in QEMU that KVM has to work around (commit f751d8eac176,
"KVM: x86: work around QEMU issue with synthetic CPUID leaves", 2022-04-29).
Signed-off-by: Jim Mattson <jmattson@google.com>
Message-Id: <20221007221644.138355-1-jmattson@google.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
(cherry picked from commit 74bee0cad8dcd8ddec5e763c369239fc5990676a)
Signed-off-by: Mridula Shastry <mridula.c.shastry@oracle.com>
Reviewed-by: Todd Vierling <todd.vierling@oracle.com>
---
arch/x86/kvm/cpuid.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/arch/x86/kvm/cpuid.c b/arch/x86/kvm/cpuid.c
index 6e3f385a3648..3726861ae52a 100644
--- a/arch/x86/kvm/cpuid.c
+++ b/arch/x86/kvm/cpuid.c
@@ -1180,8 +1180,12 @@ static inline int __do_cpuid_func(struct kvm_cpuid_array *array, u32 function)
* Other defined bits are for MSRs that KVM does not expose:
* EAX 3 SPCL, SMM page configuration lock
* EAX 13 PCMSR, Prefetch control MSR
+ *
+ * KVM doesn't support SMM_CTL.
+ * EAX 9 SMM_CTL MSR is not supported
*/
entry->eax &= BIT(0) | BIT(2) | BIT(6);
+ entry->eax |= BIT(9);
if (static_cpu_has(X86_FEATURE_LFENCE_RDTSC))
entry->eax |= BIT(2);
if (!static_cpu_has_bug(X86_BUG_NULL_SEG))
--
2.39.3

84
SOURCES/1044-KVM-x86-Move-open-coded-CPUID-leaf-0x80000021-EAX-bi.patch
View File

@ -1,84 +0,0 @@
From d8cd9882c866de836235c5761b11e1bc4272508e Mon Sep 17 00:00:00 2001
From: Kim Phillips <kim.phillips@amd.com>
Date: Tue, 24 Jan 2023 10:33:13 -0600
Subject: [PATCH 30/36] KVM: x86: Move open-coded CPUID leaf 0x80000021 EAX bit
propagation code
Move code from __do_cpuid_func() to kvm_set_cpu_caps() in preparation for adding
the features in their native leaf.
Also drop the bit description comments as it will be more self-describing once
the individual features are added.
Whilst there, switch to using the more efficient cpu_feature_enabled() instead
of static_cpu_has().
Note, LFENCE_RDTSC and "NULL selector clears base" are currently synthetic,
Linux-defined feature flags as Linux tracking of the features predates AMD's
definition. Keep the manual propagation of the flags from their synthetic
counterparts until the kernel fully converts to AMD's definition, otherwise KVM
would stop synthesizing the flags as intended.
Signed-off-by: Kim Phillips <kim.phillips@amd.com>
Signed-off-by: Borislav Petkov (AMD) <bp@alien8.de>
Acked-by: Sean Christopherson <seanjc@google.com>
Link: https://lore.kernel.org/r/20230124163319.2277355-3-kim.phillips@amd.com
(cherry picked from commit c35ac8c4bf600ee23bacb20f863aa7830efb23fb)
Signed-off-by: Mridula Shastry <mridula.c.shastry@oracle.com>
Reviewed-by: Todd Vierling <todd.vierling@oracle.com>
---
arch/x86/kvm/cpuid.c | 31 ++++++++++++-------------------
1 file changed, 12 insertions(+), 19 deletions(-)
diff --git a/arch/x86/kvm/cpuid.c b/arch/x86/kvm/cpuid.c
index 3726861ae52a..2ca5ac683c44 100644
--- a/arch/x86/kvm/cpuid.c
+++ b/arch/x86/kvm/cpuid.c
@@ -682,6 +682,17 @@ void kvm_set_cpu_caps(void)
0 /* SME */ | F(SEV) | 0 /* VM_PAGE_FLUSH */ | F(SEV_ES) |
F(SME_COHERENT));
+ kvm_cpu_cap_mask(CPUID_8000_0021_EAX,
+ BIT(0) /* NO_NESTED_DATA_BP */ |
+ BIT(2) /* LFENCE Always serializing */ | 0 /* SmmPgCfgLock */ |
+ BIT(6) /* NULL_SEL_CLR_BASE */ | 0 /* PrefetchCtlMsr */
+ );
+ if (cpu_feature_enabled(X86_FEATURE_LFENCE_RDTSC))
+ kvm_cpu_caps[CPUID_8000_0021_EAX] |= BIT(2) /* LFENCE Always serializing */;
+ if (!static_cpu_has_bug(X86_BUG_NULL_SEG))
+ kvm_cpu_caps[CPUID_8000_0021_EAX] |= BIT(6) /* NULL_SEL_CLR_BASE */;
+ kvm_cpu_caps[CPUID_8000_0021_EAX] |= BIT(9) /* NO_SMM_CTL_MSR */;
+
kvm_cpu_cap_mask(CPUID_C000_0001_EDX,
F(XSTORE) | F(XSTORE_EN) | F(XCRYPT) | F(XCRYPT_EN) |
F(ACE2) | F(ACE2_EN) | F(PHE) | F(PHE_EN) |
@@ -1171,25 +1182,7 @@ static inline int __do_cpuid_func(struct kvm_cpuid_array *array, u32 function)
break;
case 0x80000021:
entry->ebx = entry->ecx = entry->edx = 0;
- /*
- * Pass down these bits:
- * EAX 0 NNDBP, Processor ignores nested data breakpoints
- * EAX 2 LAS, LFENCE always serializing
- * EAX 6 NSCB, Null selector clear base
- *
- * Other defined bits are for MSRs that KVM does not expose:
- * EAX 3 SPCL, SMM page configuration lock
- * EAX 13 PCMSR, Prefetch control MSR
- *
- * KVM doesn't support SMM_CTL.
- * EAX 9 SMM_CTL MSR is not supported
- */
- entry->eax &= BIT(0) | BIT(2) | BIT(6);
- entry->eax |= BIT(9);
- if (static_cpu_has(X86_FEATURE_LFENCE_RDTSC))
- entry->eax |= BIT(2);
- if (!static_cpu_has_bug(X86_BUG_NULL_SEG))
- entry->eax |= BIT(6);
+ cpuid_entry_override(entry, CPUID_8000_0021_EAX);
break;
/*Add support for Centaur's CPUID instruction*/
case 0xC0000000:
--
2.39.3

51
SOURCES/1045-x86-cpu-kvm-Add-the-NO_NESTED_DATA_BP-feature.patch
View File

@ -1,51 +0,0 @@
From a1116fd67a3178ce220ee6c2c8abe6bf792e26f2 Mon Sep 17 00:00:00 2001
From: Kim Phillips <kim.phillips@amd.com>
Date: Tue, 24 Jan 2023 10:33:14 -0600
Subject: [PATCH 31/36] x86/cpu, kvm: Add the NO_NESTED_DATA_BP feature
The "Processor ignores nested data breakpoints" feature was being
open-coded for KVM. Add the feature to its newly introduced CPUID leaf
0x80000021 EAX proper.
Signed-off-by: Kim Phillips <kim.phillips@amd.com>
Signed-off-by: Borislav Petkov (AMD) <bp@alien8.de>
Acked-by: Sean Christopherson <seanjc@google.com>
Link: https://lore.kernel.org/r/20230124163319.2277355-4-kim.phillips@amd.com
(cherry picked from commit a9dc9ec5a1fafc3d2fe7a7b594eefaeaccf89a6b)
Signed-off-by: Mridula Shastry <mridula.c.shastry@oracle.com>
Reviewed-by: Todd Vierling <todd.vierling@oracle.com>
---
arch/x86/include/asm/cpufeatures.h | 3 +++
arch/x86/kvm/cpuid.c | 2 +-
2 files changed, 4 insertions(+), 1 deletion(-)
diff --git a/arch/x86/include/asm/cpufeatures.h b/arch/x86/include/asm/cpufeatures.h
index ffc806d3a863..ac6e58a79fad 100644
--- a/arch/x86/include/asm/cpufeatures.h
+++ b/arch/x86/include/asm/cpufeatures.h
@@ -421,6 +421,9 @@
#define X86_FEATURE_IBRS_EXIT_SET (22*32+ 0) /* "" Set IBRS on kernel exit */
#define X86_FEATURE_IBRS_EXIT_SKIP (22*32+ 1) /* "" Skip SPEC_CTRL MSR write on exit */
+/* AMD-defined Extended Feature 2 EAX, CPUID level 0x80000021 (EAX), word 20 */
+#define X86_FEATURE_NO_NESTED_DATA_BP (20*32+ 0) /* "" No Nested Data Breakpoints */
+
/*
* BUG word(s)
*/
diff --git a/arch/x86/kvm/cpuid.c b/arch/x86/kvm/cpuid.c
index 2ca5ac683c44..1a8dbad7e2d9 100644
--- a/arch/x86/kvm/cpuid.c
+++ b/arch/x86/kvm/cpuid.c
@@ -683,7 +683,7 @@ void kvm_set_cpu_caps(void)
F(SME_COHERENT));
kvm_cpu_cap_mask(CPUID_8000_0021_EAX,
- BIT(0) /* NO_NESTED_DATA_BP */ |
+ F(NO_NESTED_DATA_BP) |
BIT(2) /* LFENCE Always serializing */ | 0 /* SmmPgCfgLock */ |
BIT(6) /* NULL_SEL_CLR_BASE */ | 0 /* PrefetchCtlMsr */
);
--
2.39.3

148
SOURCES/1046-x86-bugs-Make-sure-MSR_SPEC_CTRL-is-updated-properly.patch
View File

@ -1,148 +0,0 @@
From 97e9891f4f6253ec70fc870e639d7e4d07b9e361 Mon Sep 17 00:00:00 2001
From: Pawan Gupta <pawan.kumar.gupta@linux.intel.com>
Date: Wed, 30 Nov 2022 07:25:51 -0800
Subject: [PATCH 32/36] x86/bugs: Make sure MSR_SPEC_CTRL is updated properly
upon resume from S3
The "force" argument to write_spec_ctrl_current() is currently ambiguous
as it does not guarantee the MSR write. This is due to the optimization
that writes to the MSR happen only when the new value differs from the
cached value.
This is fine in most cases, but breaks for S3 resume when the cached MSR
value gets out of sync with the hardware MSR value due to S3 resetting
it.
When x86_spec_ctrl_current is same as x86_spec_ctrl_base, the MSR write
is skipped. Which results in SPEC_CTRL mitigations not getting restored.
Move the MSR write from write_spec_ctrl_current() to a new function that
unconditionally writes to the MSR. Update the callers accordingly and
rename functions.
[ bp: Rework a bit. ]
Fixes: caa0ff24d5d0 ("x86/bugs: Keep a per-CPU IA32_SPEC_CTRL value")
Suggested-by: Borislav Petkov <bp@alien8.de>
Signed-off-by: Pawan Gupta <pawan.kumar.gupta@linux.intel.com>
Signed-off-by: Borislav Petkov (AMD) <bp@alien8.de>
Reviewed-by: Thomas Gleixner <tglx@linutronix.de>
Cc: <stable@kernel.org>
Link: https://lore.kernel.org/r/806d39b0bfec2fe8f50dc5446dff20f5bb24a959.1669821572.git.pawan.kumar.gupta@linux.intel.com
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
(cherry picked from commit 66065157420c5b9b3f078f43d313c153e1ff7f83)
Signed-off-by: Mridula Shastry <mridula.c.shastry@oracle.com>
Reviewed-by: Todd Vierling <todd.vierling@oracle.com>
---
arch/x86/include/asm/nospec-branch.h | 2 +-
arch/x86/kernel/cpu/bugs.c | 21 ++++++++++++++-------
arch/x86/kernel/process.c | 2 +-
3 files changed, 16 insertions(+), 9 deletions(-)
diff --git a/arch/x86/include/asm/nospec-branch.h b/arch/x86/include/asm/nospec-branch.h
index 442e62e7be47..53e56fc9cf70 100644
--- a/arch/x86/include/asm/nospec-branch.h
+++ b/arch/x86/include/asm/nospec-branch.h
@@ -318,7 +318,7 @@ static inline void indirect_branch_prediction_barrier(void)
/* The Intel SPEC CTRL MSR base value cache */
extern u64 x86_spec_ctrl_base;
DECLARE_PER_CPU(u64, x86_spec_ctrl_current);
-extern void write_spec_ctrl_current(u64 val, bool force);
+extern void update_spec_ctrl_cond(u64 val);
extern u64 spec_ctrl_current(void);
/*
diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c
index 5dc79427d047..53623ea69873 100644
--- a/arch/x86/kernel/cpu/bugs.c
+++ b/arch/x86/kernel/cpu/bugs.c
@@ -60,11 +60,18 @@ EXPORT_SYMBOL_GPL(x86_spec_ctrl_current);
static DEFINE_MUTEX(spec_ctrl_mutex);
+/* Update SPEC_CTRL MSR and its cached copy unconditionally */
+static void update_spec_ctrl(u64 val)
+{
+ this_cpu_write(x86_spec_ctrl_current, val);
+ wrmsrl(MSR_IA32_SPEC_CTRL, val);
+}
+
/*
* Keep track of the SPEC_CTRL MSR value for the current task, which may differ
* from x86_spec_ctrl_base due to STIBP/SSB in __speculation_ctrl_update().
*/
-void write_spec_ctrl_current(u64 val, bool force)
+void update_spec_ctrl_cond(u64 val)
{
if (this_cpu_read(x86_spec_ctrl_current) == val)
return;
@@ -76,7 +83,7 @@ void write_spec_ctrl_current(u64 val, bool force)
* forced or the exit MSR write is skipped the update can be delayed
* until that time.
*/
- if (force || !cpu_feature_enabled(X86_FEATURE_KERNEL_IBRS) ||
+ if (!cpu_feature_enabled(X86_FEATURE_KERNEL_IBRS) ||
cpu_feature_enabled(X86_FEATURE_IBRS_EXIT_SKIP))
wrmsrl(MSR_IA32_SPEC_CTRL, val);
}
@@ -1308,7 +1315,7 @@ static void __init spec_ctrl_disable_kernel_rrsba(void)
if (ia32_cap & ARCH_CAP_RRSBA) {
x86_spec_ctrl_base |= SPEC_CTRL_RRSBA_DIS_S;
- write_spec_ctrl_current(x86_spec_ctrl_base, true);
+ update_spec_ctrl(x86_spec_ctrl_base);
}
}
@@ -1440,7 +1447,7 @@ static void __init spectre_v2_select_mitigation(void)
if (spectre_v2_in_ibrs_mode(mode)) {
x86_spec_ctrl_base |= SPEC_CTRL_IBRS;
- write_spec_ctrl_current(x86_spec_ctrl_base, true);
+ update_spec_ctrl(x86_spec_ctrl_base);
}
switch (mode) {
@@ -1565,7 +1572,7 @@ static void __init spectre_v2_select_mitigation(void)
static void update_stibp_msr(void * __unused)
{
u64 val = spec_ctrl_current() | (x86_spec_ctrl_base & SPEC_CTRL_STIBP);
- write_spec_ctrl_current(val, true);
+ update_spec_ctrl(val);
}
/* Update x86_spec_ctrl_base in case SMT state changed. */
@@ -1798,7 +1805,7 @@ static enum ssb_mitigation __init __ssb_select_mitigation(void)
x86_amd_ssb_disable();
} else {
x86_spec_ctrl_base |= SPEC_CTRL_SSBD;
- write_spec_ctrl_current(x86_spec_ctrl_base, true);
+ update_spec_ctrl(x86_spec_ctrl_base);
}
}
@@ -2016,7 +2023,7 @@ int arch_prctl_spec_ctrl_get(struct task_struct *task, unsigned long which)
void x86_spec_ctrl_setup_ap(void)
{
if (boot_cpu_has(X86_FEATURE_MSR_SPEC_CTRL))
- write_spec_ctrl_current(x86_spec_ctrl_base, true);
+ update_spec_ctrl(x86_spec_ctrl_base);
if (ssb_mode == SPEC_STORE_BYPASS_DISABLE)
x86_amd_ssb_disable();
diff --git a/arch/x86/kernel/process.c b/arch/x86/kernel/process.c
index 87bcb25ff8b2..a62f200aa736 100644
--- a/arch/x86/kernel/process.c
+++ b/arch/x86/kernel/process.c
@@ -583,7 +583,7 @@ static __always_inline void __speculation_ctrl_update(unsigned long tifp,
}
if (updmsr)
- write_spec_ctrl_current(msr, false);
+ update_spec_ctrl_cond(msr);
}
static unsigned long speculation_ctrl_update_tif(struct task_struct *tsk)
--
2.39.3

209
SOURCES/1047-x86-cpu-Support-AMD-Automatic-IBRS.patch
View File

@ -1,209 +0,0 @@
From 6b575d67beff6c1ce5f7643cb9326327170114a8 Mon Sep 17 00:00:00 2001
From: Kim Phillips <kim.phillips@amd.com>
Date: Tue, 24 Jan 2023 10:33:18 -0600
Subject: [PATCH 33/36] x86/cpu: Support AMD Automatic IBRS
The AMD Zen4 core supports a new feature called Automatic IBRS.
It is a "set-and-forget" feature that means that, like Intel's Enhanced IBRS,
h/w manages its IBRS mitigation resources automatically across CPL transitions.
The feature is advertised by CPUID_Fn80000021_EAX bit 8 and is enabled by
setting MSR C000_0080 (EFER) bit 21.
Enable Automatic IBRS by default if the CPU feature is present. It typically
provides greater performance over the incumbent generic retpolines mitigation.
Reuse the SPECTRE_V2_EIBRS spectre_v2_mitigation enum. AMD Automatic IBRS and
Intel Enhanced IBRS have similar enablement. Add NO_EIBRS_PBRSB to
cpu_vuln_whitelist, since AMD Automatic IBRS isn't affected by PBRSB-eIBRS.
The kernel command line option spectre_v2=eibrs is used to select AMD Automatic
IBRS, if available.
Signed-off-by: Kim Phillips <kim.phillips@amd.com>
Signed-off-by: Borislav Petkov (AMD) <bp@alien8.de>
Acked-by: Sean Christopherson <seanjc@google.com>
Acked-by: Dave Hansen <dave.hansen@linux.intel.com>
Link: https://lore.kernel.org/r/20230124163319.2277355-8-kim.phillips@amd.com
(cherry picked from commit e7862eda309ecfccc36bb5558d937ed3ace07f3f)
Also add fix 06cb31cc761823ef444ba4e1df11347342a6e745 upstream found
while resolving conflicts. It's a minor doc change.
Signed-off-by: Mridula Shastry <mridula.c.shastry@oracle.com>
Reviewed-by: Todd Vierling <todd.vierling@oracle.com>
---
Documentation/admin-guide/hw-vuln/spectre.rst | 7 ++++---
.../admin-guide/kernel-parameters.txt | 6 +++---
arch/x86/include/asm/cpufeatures.h | 1 +
arch/x86/include/asm/msr-index.h | 2 ++
arch/x86/kernel/cpu/bugs.c | 20 +++++++++++--------
arch/x86/kernel/cpu/common.c | 17 +++++++++-------
6 files changed, 32 insertions(+), 21 deletions(-)
diff --git a/Documentation/admin-guide/hw-vuln/spectre.rst b/Documentation/admin-guide/hw-vuln/spectre.rst
index fb2572ed9674..bf161b5aa98f 100644
--- a/Documentation/admin-guide/hw-vuln/spectre.rst
+++ b/Documentation/admin-guide/hw-vuln/spectre.rst
@@ -610,9 +610,10 @@ kernel command line.
retpoline,generic Retpolines
retpoline,lfence LFENCE; indirect branch
retpoline,amd alias for retpoline,lfence
- eibrs enhanced IBRS
- eibrs,retpoline enhanced IBRS + Retpolines
- eibrs,lfence enhanced IBRS + LFENCE
+ eibrs Enhanced/Auto IBRS
+ eibrs,retpoline Enhanced/Auto IBRS + Retpolines
+ eibrs,lfence Enhanced/Auto IBRS + LFENCE
+ ibrs use IBRS to protect kernel
Not specifying this option is equivalent to
spectre_v2=auto.
diff --git a/Documentation/admin-guide/kernel-parameters.txt b/Documentation/admin-guide/kernel-parameters.txt
index 73a92fb9e3c6..b6da8048f62c 100644
--- a/Documentation/admin-guide/kernel-parameters.txt
+++ b/Documentation/admin-guide/kernel-parameters.txt
@@ -4968,9 +4968,9 @@
retpoline,generic - Retpolines
retpoline,lfence - LFENCE; indirect branch
retpoline,amd - alias for retpoline,lfence
- eibrs - enhanced IBRS
- eibrs,retpoline - enhanced IBRS + Retpolines
- eibrs,lfence - enhanced IBRS + LFENCE
+ eibrs - Enhanced/Auto IBRS
+ eibrs,retpoline - Enhanced/Auto IBRS + Retpolines
+ eibrs,lfence - Enhanced/Auto IBRS + LFENCE
ibrs - use IBRS to protect kernel
ibrs_always - use IBRS to protect both kernel
and userland
diff --git a/arch/x86/include/asm/cpufeatures.h b/arch/x86/include/asm/cpufeatures.h
index ac6e58a79fad..316b11ea50ca 100644
--- a/arch/x86/include/asm/cpufeatures.h
+++ b/arch/x86/include/asm/cpufeatures.h
@@ -423,6 +423,7 @@
/* AMD-defined Extended Feature 2 EAX, CPUID level 0x80000021 (EAX), word 20 */
#define X86_FEATURE_NO_NESTED_DATA_BP (20*32+ 0) /* "" No Nested Data Breakpoints */
+#define X86_FEATURE_AUTOIBRS (20*32+ 8) /* "" Automatic IBRS */
/*
* BUG word(s)
diff --git a/arch/x86/include/asm/msr-index.h b/arch/x86/include/asm/msr-index.h
index 9b0d407dd1ae..bf54eb786776 100644
--- a/arch/x86/include/asm/msr-index.h
+++ b/arch/x86/include/asm/msr-index.h
@@ -30,6 +30,7 @@
#define _EFER_SVME 12 /* Enable virtualization */
#define _EFER_LMSLE 13 /* Long Mode Segment Limit Enable */
#define _EFER_FFXSR 14 /* Enable Fast FXSAVE/FXRSTOR */
+#define _EFER_AUTOIBRS 21 /* Enable Automatic IBRS */
#define EFER_SCE (1<<_EFER_SCE)
#define EFER_LME (1<<_EFER_LME)
@@ -38,6 +39,7 @@
#define EFER_SVME (1<<_EFER_SVME)
#define EFER_LMSLE (1<<_EFER_LMSLE)
#define EFER_FFXSR (1<<_EFER_FFXSR)
+#define EFER_AUTOIBRS (1<<_EFER_AUTOIBRS)
/* Intel MSRs. Some also available on other CPUs */
diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c
index 53623ea69873..43295a878b8f 100644
--- a/arch/x86/kernel/cpu/bugs.c
+++ b/arch/x86/kernel/cpu/bugs.c
@@ -1177,9 +1177,9 @@ static const char * const spectre_v2_strings[] = {
[SPECTRE_V2_NONE] = "Vulnerable",
[SPECTRE_V2_RETPOLINE] = "Mitigation: Retpolines",
[SPECTRE_V2_LFENCE] = "Mitigation: LFENCE",
- [SPECTRE_V2_EIBRS] = "Mitigation: Enhanced IBRS",
- [SPECTRE_V2_EIBRS_LFENCE] = "Mitigation: Enhanced IBRS + LFENCE",
- [SPECTRE_V2_EIBRS_RETPOLINE] = "Mitigation: Enhanced IBRS + Retpolines",
+ [SPECTRE_V2_EIBRS] = "Mitigation: Enhanced / Automatic IBRS",
+ [SPECTRE_V2_EIBRS_LFENCE] = "Mitigation: Enhanced / Automatic IBRS + LFENCE",
+ [SPECTRE_V2_EIBRS_RETPOLINE] = "Mitigation: Enhanced / Automatic IBRS + Retpolines",
[SPECTRE_V2_IBRS] = "Mitigation: IBRS",
[SPECTRE_V2_IBRS_ALWAYS] = "Mitigation: IBRS (kernel and user space)",
[SPECTRE_V2_RETPOLINE_IBRS_USER] = "Mitigation: Full retpoline and IBRS (user space)",
@@ -1253,7 +1253,7 @@ static enum spectre_v2_mitigation_cmd __init spectre_v2_parse_cmdline(void)
cmd == SPECTRE_V2_CMD_EIBRS_LFENCE ||
cmd == SPECTRE_V2_CMD_EIBRS_RETPOLINE) &&
!boot_cpu_has(X86_FEATURE_IBRS_ENHANCED)) {
- pr_err("%s selected but CPU doesn't have eIBRS. Switching to AUTO select\n",
+ pr_err("%s selected but CPU doesn't have Enhanced or Automatic IBRS. Switching to AUTO select\n",
mitigation_options[i].option);
return SPECTRE_V2_CMD_AUTO;
}
@@ -1446,8 +1446,12 @@ static void __init spectre_v2_select_mitigation(void)
pr_err(SPECTRE_V2_EIBRS_EBPF_MSG);
if (spectre_v2_in_ibrs_mode(mode)) {
- x86_spec_ctrl_base |= SPEC_CTRL_IBRS;
- update_spec_ctrl(x86_spec_ctrl_base);
+ if (boot_cpu_has(X86_FEATURE_AUTOIBRS)) {
+ msr_set_bit(MSR_EFER, _EFER_AUTOIBRS);
+ } else {
+ x86_spec_ctrl_base |= SPEC_CTRL_IBRS;
+ update_spec_ctrl(x86_spec_ctrl_base);
+ }
}
switch (mode) {
@@ -1542,8 +1546,8 @@ static void __init spectre_v2_select_mitigation(void)
/*
* Retpoline protects the kernel, but doesn't protect firmware. IBRS
* and Enhanced IBRS protect firmware too, so enable IBRS around
- * firmware calls only when IBRS / Enhanced IBRS aren't otherwise
- * enabled.
+ * firmware calls only when IBRS / Enhanced / Automatic IBRS aren't
+ * otherwise enabled.
*
* Use "mode" to check Enhanced IBRS instead of boot_cpu_has(), because
* the user might select retpoline on the kernel command line and if
diff --git a/arch/x86/kernel/cpu/common.c b/arch/x86/kernel/cpu/common.c
index a8dfd75588cd..c5c08a3ace2a 100644
--- a/arch/x86/kernel/cpu/common.c
+++ b/arch/x86/kernel/cpu/common.c
@@ -1091,7 +1091,7 @@ static const __initconst struct x86_cpu_id_v2 cpu_vuln_whitelist[] = {
VULNWL_AMD(0x12, NO_MELTDOWN | NO_SSB | NO_L1TF | NO_MDS | NO_SWAPGS | NO_ITLB_MULTIHIT | NO_MMIO),
/* FAMILY_ANY must be last, otherwise 0x0f - 0x12 matches won't work */
- VULNWL_AMD(X86_FAMILY_ANY, NO_MELTDOWN | NO_L1TF | NO_MDS | NO_SWAPGS | NO_ITLB_MULTIHIT | NO_MMIO),
+ VULNWL_AMD(X86_FAMILY_ANY, NO_MELTDOWN | NO_L1TF | NO_MDS | NO_SWAPGS | NO_ITLB_MULTIHIT | NO_MMIO | NO_EIBRS_PBRSB),
{}
};
@@ -1196,8 +1196,16 @@ static void __init cpu_set_bug_bits(struct cpuinfo_x86 *c)
!cpu_has(c, X86_FEATURE_AMD_SSB_NO))
setup_force_cpu_bug(X86_BUG_SPEC_STORE_BYPASS);
- if (ia32_cap & ARCH_CAP_IBRS_ALL)
+ /*
+ * AMD's AutoIBRS is equivalent to Intel's eIBRS - use the Intel feature
+ * flag and protect from vendor-specific bugs via the whitelist.
+ */
+ if ((ia32_cap & ARCH_CAP_IBRS_ALL) || cpu_has(c, X86_FEATURE_AUTOIBRS)) {
setup_force_cpu_cap(X86_FEATURE_IBRS_ENHANCED);
+ if (!cpu_matches(cpu_vuln_whitelist, NO_EIBRS_PBRSB) &&
+ !(ia32_cap & ARCH_CAP_PBRSB_NO))
+ setup_force_cpu_bug(X86_BUG_EIBRS_PBRSB);
+ }
if (!cpu_matches(cpu_vuln_whitelist, NO_MDS) &&
!(ia32_cap & ARCH_CAP_MDS_NO)) {
@@ -1259,11 +1267,6 @@ static void __init cpu_set_bug_bits(struct cpuinfo_x86 *c)
setup_force_cpu_bug(X86_BUG_RETBLEED);
}
- if (cpu_has(c, X86_FEATURE_IBRS_ENHANCED) &&
- !cpu_matches(cpu_vuln_whitelist, NO_EIBRS_PBRSB) &&
- !(ia32_cap & ARCH_CAP_PBRSB_NO))
- setup_force_cpu_bug(X86_BUG_EIBRS_PBRSB);
-
if (cpu_matches(cpu_vuln_whitelist, NO_MELTDOWN))
return;
--
2.39.3

86
SOURCES/1048-x86-CPU-AMD-Make-sure-EFER-AIBRSE-is-set.patch
View File

@ -1,86 +0,0 @@
From 373fedf7ca5674e2ab511685e183e6e6c6e00d91 Mon Sep 17 00:00:00 2001
From: "Borislav Petkov (AMD)" <bp@alien8.de>
Date: Sat, 25 Feb 2023 01:11:31 +0100
Subject: [PATCH 34/36] x86/CPU/AMD: Make sure EFER[AIBRSE] is set
The AutoIBRS bit gets set only on the BSP as part of determining which
mitigation to enable on AMD. Setting on the APs relies on the
circumstance that the APs get booted through the trampoline and EFER
- the MSR which contains that bit - gets replicated on every AP from the
BSP.
However, this can change in the future and considering the security
implications of this bit not being set on every CPU, make sure it is set
by verifying EFER later in the boot process and on every AP.
Reported-by: Josh Poimboeuf <jpoimboe@kernel.org>
Signed-off-by: Borislav Petkov (AMD) <bp@alien8.de>
Acked-by: Dave Hansen <dave.hansen@linux.intel.com>
Link: https://lore.kernel.org/r/20230224185257.o3mcmloei5zqu7wa@treble
(cherry picked from commit 8cc68c9c9e92dbaae51a711454c66eb668045508)
CVE: CVE-2023-20593
Signed-off-by: Mridula Shastry <mridula.c.shastry@oracle.com>
Reviewed-by: Todd Vierling <todd.vierling@oracle.com>
---
arch/x86/kernel/cpu/amd.c | 11 +++++++++++
arch/x86/kernel/cpu/bugs.c | 3 +--
arch/x86/kernel/cpu/cpu.h | 8 ++++++++
3 files changed, 20 insertions(+), 2 deletions(-)
diff --git a/arch/x86/kernel/cpu/amd.c b/arch/x86/kernel/cpu/amd.c
index 2406a71a1eb6..c2979e3bed04 100644
--- a/arch/x86/kernel/cpu/amd.c
+++ b/arch/x86/kernel/cpu/amd.c
@@ -1046,6 +1046,17 @@ static void init_amd(struct cpuinfo_x86 *c)
msr_set_bit(MSR_K7_HWCR, MSR_K7_HWCR_IRPERF_EN_BIT);
check_null_seg_clears_base(c);
+
+ /*
+ * Make sure EFER[AIBRSE - Automatic IBRS Enable] is set. The APs are brought up
+ * using the trampoline code and as part of it, MSR_EFER gets prepared there in
+ * order to be replicated onto them. Regardless, set it here again, if not set,
+ * to protect against any future refactoring/code reorganization which might
+ * miss setting this important bit.
+ */
+ if (spectre_v2_in_eibrs_mode(spectre_v2_enabled) &&
+ cpu_has(c, X86_FEATURE_AUTOIBRS))
+ WARN_ON_ONCE(msr_set_bit(MSR_EFER, _EFER_AUTOIBRS));
}
#ifdef CONFIG_X86_32
diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c
index 43295a878b8f..d8c1bbea4e90 100644
--- a/arch/x86/kernel/cpu/bugs.c
+++ b/arch/x86/kernel/cpu/bugs.c
@@ -748,8 +748,7 @@ static int __init nospectre_v1_cmdline(char *str)
}
early_param("nospectre_v1", nospectre_v1_cmdline);
-static enum spectre_v2_mitigation spectre_v2_enabled __ro_after_init =
- SPECTRE_V2_NONE;
+enum spectre_v2_mitigation spectre_v2_enabled __ro_after_init = SPECTRE_V2_NONE;
#undef pr_fmt
#define pr_fmt(fmt) "RETBleed: " fmt
diff --git a/arch/x86/kernel/cpu/cpu.h b/arch/x86/kernel/cpu/cpu.h
index 1add3618f766..0af870727bfa 100644
--- a/arch/x86/kernel/cpu/cpu.h
+++ b/arch/x86/kernel/cpu/cpu.h
@@ -88,4 +88,12 @@ extern void update_srbds_msr(void);
void init_ia32_feat_ctl(struct cpuinfo_x86 *c);
#endif
+extern enum spectre_v2_mitigation spectre_v2_enabled;
+
+static inline bool spectre_v2_in_eibrs_mode(enum spectre_v2_mitigation mode)
+{
+ return mode == SPECTRE_V2_EIBRS ||
+ mode == SPECTRE_V2_EIBRS_RETPOLINE ||
+ mode == SPECTRE_V2_EIBRS_LFENCE;
+}
#endif /* ARCH_X86_CPU_H */
--
2.39.3

175
SOURCES/1049-x86-cpu-amd-Add-a-Zenbleed-fix.patch
View File

@ -1,175 +0,0 @@
From 661c6baa7f0dd4ef365c1cfd5aee9e999304fab2 Mon Sep 17 00:00:00 2001
From: "Borislav Petkov (AMD)" <bp@alien8.de>
Date: Sat, 15 Jul 2023 13:41:28 +0200
Subject: [PATCH 35/36] x86/cpu/amd: Add a Zenbleed fix
Add a fix for the Zen2 VZEROUPPER data corruption bug where under
certain circumstances executing VZEROUPPER can cause register
corruption or leak data.
The optimal fix is through microcode but in the case the proper
microcode revision has not been applied, enable a fallback fix using
a chicken bit.
Signed-off-by: Borislav Petkov (AMD) <bp@alien8.de>
(cherry picked from commit 522b1d69219d8f083173819fde04f994aa051a98)
CVE: CVE-2023-20593
Signed-off-by: Mridula Shastry <mridula.c.shastry@oracle.com>
Reviewed-by: Todd Vierling <todd.vierling@oracle.com>
---
arch/x86/include/asm/microcode.h | 1 +
arch/x86/include/asm/microcode_amd.h | 2 +
arch/x86/include/asm/msr-index.h | 2 +
arch/x86/kernel/cpu/amd.c | 60 ++++++++++++++++++++++++++++
arch/x86/kernel/cpu/common.c | 2 +
5 files changed, 67 insertions(+)
diff --git a/arch/x86/include/asm/microcode.h b/arch/x86/include/asm/microcode.h
index 629330986955..2e23f658c69b 100644
--- a/arch/x86/include/asm/microcode.h
+++ b/arch/x86/include/asm/microcode.h
@@ -5,6 +5,7 @@
#include <asm/cpu.h>
#include <linux/earlycpio.h>
#include <linux/initrd.h>
+#include <asm/microcode_amd.h>
struct ucode_patch {
struct list_head plist;
diff --git a/arch/x86/include/asm/microcode_amd.h b/arch/x86/include/asm/microcode_amd.h
index a645b25ee442..403a8e76b310 100644
--- a/arch/x86/include/asm/microcode_amd.h
+++ b/arch/x86/include/asm/microcode_amd.h
@@ -48,11 +48,13 @@ extern void __init load_ucode_amd_bsp(unsigned int family);
extern void load_ucode_amd_ap(unsigned int family);
extern int __init save_microcode_in_initrd_amd(unsigned int family);
void reload_ucode_amd(unsigned int cpu);
+extern void amd_check_microcode(void);
#else
static inline void __init load_ucode_amd_bsp(unsigned int family) {}
static inline void load_ucode_amd_ap(unsigned int family) {}
static inline int __init
save_microcode_in_initrd_amd(unsigned int family) { return -EINVAL; }
static inline void reload_ucode_amd(unsigned int cpu) {}
+static inline void amd_check_microcode(void) {}
#endif
#endif /* _ASM_X86_MICROCODE_AMD_H */
diff --git a/arch/x86/include/asm/msr-index.h b/arch/x86/include/asm/msr-index.h
index bf54eb786776..bc38cbf0ac20 100644
--- a/arch/x86/include/asm/msr-index.h
+++ b/arch/x86/include/asm/msr-index.h
@@ -498,6 +498,8 @@
#define MSR_AMD_PPIN 0xc00102f1
#define MSR_AMD64_LS_CFG 0xc0011020
#define MSR_AMD64_DC_CFG 0xc0011022
+#define MSR_AMD64_DE_CFG_ZEN2_FP_BACKUP_FIX_BIT 9
+
#define MSR_AMD64_BU_CFG2 0xc001102a
#define MSR_AMD64_IBSFETCHCTL 0xc0011030
#define MSR_AMD64_IBSFETCHLINAD 0xc0011031
diff --git a/arch/x86/kernel/cpu/amd.c b/arch/x86/kernel/cpu/amd.c
index c2979e3bed04..384e484cbbdc 100644
--- a/arch/x86/kernel/cpu/amd.c
+++ b/arch/x86/kernel/cpu/amd.c
@@ -69,6 +69,11 @@ static const int amd_erratum_383[] =
static const int amd_erratum_1054[] =
AMD_LEGACY_ERRATUM(AMD_MODEL_RANGE(0x17, 0, 0, 0x2f, 0xf));
+static const int amd_zenbleed[] =
+ AMD_LEGACY_ERRATUM(AMD_MODEL_RANGE(0x17, 0x30, 0x0, 0x4f, 0xf),
+ AMD_MODEL_RANGE(0x17, 0x60, 0x0, 0x7f, 0xf),
+ AMD_MODEL_RANGE(0x17, 0xa0, 0x0, 0xaf, 0xf));
+
static bool cpu_has_amd_erratum(struct cpuinfo_x86 *cpu, const int *erratum)
{
int osvw_id = *erratum++;
@@ -957,6 +962,47 @@ static void init_amd_zn(struct cpuinfo_x86 *c)
}
}
+static bool cpu_has_zenbleed_microcode(void)
+{
+ u32 good_rev = 0;
+
+ switch (boot_cpu_data.x86_model) {
+ case 0x30 ... 0x3f: good_rev = 0x0830107a; break;
+ case 0x60 ... 0x67: good_rev = 0x0860010b; break;
+ case 0x68 ... 0x6f: good_rev = 0x08608105; break;
+ case 0x70 ... 0x7f: good_rev = 0x08701032; break;
+ case 0xa0 ... 0xaf: good_rev = 0x08a00008; break;
+
+ default:
+ return false;
+ break;
+ }
+
+ if (boot_cpu_data.microcode < good_rev)
+ return false;
+
+ return true;
+}
+
+static void zenbleed_check(struct cpuinfo_x86 *c)
+{
+ if (!cpu_has_amd_erratum(c, amd_zenbleed))
+ return;
+
+ if (cpu_has(c, X86_FEATURE_HYPERVISOR))
+ return;
+
+ if (!cpu_has(c, X86_FEATURE_AVX))
+ return;
+
+ if (!cpu_has_zenbleed_microcode()) {
+ pr_notice_once("Zenbleed: please update your microcode for the most optimal fix\n");
+ msr_set_bit(MSR_AMD64_DE_CFG, MSR_AMD64_DE_CFG_ZEN2_FP_BACKUP_FIX_BIT);
+ } else {
+ msr_clear_bit(MSR_AMD64_DE_CFG, MSR_AMD64_DE_CFG_ZEN2_FP_BACKUP_FIX_BIT);
+ }
+}
+
static void init_amd(struct cpuinfo_x86 *c)
{
early_init_amd(c);
@@ -1057,6 +1103,8 @@ static void init_amd(struct cpuinfo_x86 *c)
if (spectre_v2_in_eibrs_mode(spectre_v2_enabled) &&
cpu_has(c, X86_FEATURE_AUTOIBRS))
WARN_ON_ONCE(msr_set_bit(MSR_EFER, _EFER_AUTOIBRS));
+
+ zenbleed_check(c);
}
#ifdef CONFIG_X86_32
@@ -1205,3 +1253,15 @@ u32 amd_get_highest_perf(void)
return 255;
}
EXPORT_SYMBOL_GPL(amd_get_highest_perf);
+
+static void zenbleed_check_cpu(void *unused)
+{
+ struct cpuinfo_x86 *c = &cpu_data(smp_processor_id());
+
+ zenbleed_check(c);
+}
+
+void amd_check_microcode(void)
+{
+ on_each_cpu(zenbleed_check_cpu, NULL, 1);
+}
diff --git a/arch/x86/kernel/cpu/common.c b/arch/x86/kernel/cpu/common.c
index c5c08a3ace2a..61039cf3d6eb 100644
--- a/arch/x86/kernel/cpu/common.c
+++ b/arch/x86/kernel/cpu/common.c
@@ -2187,6 +2187,8 @@ void microcode_check(struct cpuinfo_x86 *prev_info)
perf_check_microcode();
+ amd_check_microcode();
+
store_cpu_caps(&curr_info);
if (!memcmp(&prev_info->x86_capability, &curr_info.x86_capability,
--
2.39.3

76
SOURCES/1050-netfilter-nf_tables-incorrect-error-path-handling-wi.patch
View File

@ -1,76 +0,0 @@
From 516c2ee4fa03f50738843aae224410f1c532ddd3 Mon Sep 17 00:00:00 2001
From: Pablo Neira Ayuso <pablo@netfilter.org>
Date: Thu, 8 Jun 2023 02:32:02 +0200
Subject: [PATCH 36/36] netfilter: nf_tables: incorrect error path handling with
NFT_MSG_NEWRULE
In case of error when adding a new rule that refers to an anonymous set,
deactivate expressions via NFT_TRANS_PREPARE state, not NFT_TRANS_RELEASE.
Thus, the lookup expression marks anonymous sets as inactive in the next
generation to ensure it is not reachable in this transaction anymore and
decrement the set refcount as introduced by c1592a89942e ("netfilter:
nf_tables: deactivate anonymous set from preparation phase"). The abort
step takes care of undoing the anonymous set.
This is also consistent with rule deletion, where NFT_TRANS_PREPARE is
used. Note that this error path is exercised in the preparation step of
the commit protocol. This patch replaces nf_tables_rule_release() by the
deactivate and destroy calls, this time with NFT_TRANS_PREPARE.
Due to this incorrect error handling, it is possible to access a
dangling pointer to the anonymous set that remains in the transaction
list.
[1009.379054] BUG: KASAN: use-after-free in nft_set_lookup_global+0x147/0x1a0 [nf_tables]
[1009.379106] Read of size 8 at addr ffff88816c4c8020 by task nft-rule-add/137110
[1009.379116] CPU: 7 PID: 137110 Comm: nft-rule-add Not tainted 6.4.0-rc4+ #256
[1009.379128] Call Trace:
[1009.379132] <TASK>
[1009.379135] dump_stack_lvl+0x33/0x50
[1009.379146] ? nft_set_lookup_global+0x147/0x1a0 [nf_tables]
[1009.379191] print_address_description.constprop.0+0x27/0x300
[1009.379201] kasan_report+0x107/0x120
[1009.379210] ? nft_set_lookup_global+0x147/0x1a0 [nf_tables]
[1009.379255] nft_set_lookup_global+0x147/0x1a0 [nf_tables]
[1009.379302] nft_lookup_init+0xa5/0x270 [nf_tables]
[1009.379350] nf_tables_newrule+0x698/0xe50 [nf_tables]
[1009.379397] ? nf_tables_rule_release+0xe0/0xe0 [nf_tables]
[1009.379441] ? kasan_unpoison+0x23/0x50
[1009.379450] nfnetlink_rcv_batch+0x97c/0xd90 [nfnetlink]
[1009.379470] ? nfnetlink_rcv_msg+0x480/0x480 [nfnetlink]
[1009.379485] ? __alloc_skb+0xb8/0x1e0
[1009.379493] ? __alloc_skb+0xb8/0x1e0
[1009.379502] ? entry_SYSCALL_64_after_hwframe+0x46/0xb0
[1009.379509] ? unwind_get_return_address+0x2a/0x40
[1009.379517] ? write_profile+0xc0/0xc0
[1009.379524] ? avc_lookup+0x8f/0xc0
[1009.379532] ? __rcu_read_unlock+0x43/0x60
Fixes: 958bee14d071 ("netfilter: nf_tables: use new transaction infrastructure to handle sets")
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
(cherry picked from commit 1240eb93f0616b21c675416516ff3d74798fdc97)
CVE: CVE-2023-3390
Signed-off-by: Mridula Shastry <mridula.c.shastry@oracle.com>
Reviewed-by: Venkat Venkatsubra <venkat.x.venkatsubra@oracle.com>
---
net/netfilter/nf_tables_api.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/net/netfilter/nf_tables_api.c b/net/netfilter/nf_tables_api.c
index c7d98b011cd6..f9bf6e156051 100644
--- a/net/netfilter/nf_tables_api.c
+++ b/net/netfilter/nf_tables_api.c
@@ -3260,7 +3260,8 @@ err_destroy_flow_rule:
if (flow)
nft_flow_rule_destroy(flow);
err_release_rule:
- nf_tables_rule_release(&ctx, rule);
+ nft_rule_expr_deactivate(&ctx, rule, NFT_TRANS_PREPARE);
+ nf_tables_rule_destroy(&ctx, rule);
err_release_expr:
for (i = 0; i < n; i++) {
if (info[i].ops) {
--
2.39.3

110
SOURCES/9001-x86-xen-Split-HVM-vector-callback-setup-and-interrup.patch
View File

@ -1,110 +0,0 @@
From a0bb51f2638e0810c347024679239fd10a8f7990 Mon Sep 17 00:00:00 2001
From: Vitaly Kuznetsov <vkuznets@redhat.com>
Date: Tue, 28 Apr 2020 11:38:22 +0200
Subject: [PATCH] x86/xen: Split HVM vector callback setup and interrupt gate
allocation
As a preparatory change for making alloc_intr_gate() __init split
xen_callback_vector() into callback vector setup via hypercall
(xen_setup_callback_vector()) and interrupt gate allocation
(xen_alloc_callback_vector()).
xen_setup_callback_vector() is being called twice: on init and upon
system resume from xen_hvm_post_suspend(). alloc_intr_gate() only
needs to be called once.
Suggested-by: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: Vitaly Kuznetsov <vkuznets@redhat.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Link: https://lkml.kernel.org/r/20200428093824.1451532-2-vkuznets@redhat.com
---
arch/x86/xen/suspend_hvm.c | 2 +-
arch/x86/xen/xen-ops.h | 2 +-
drivers/xen/events/events_base.c | 28 +++++++++++++++++-----------
3 files changed, 19 insertions(+), 13 deletions(-)
diff --git a/arch/x86/xen/suspend_hvm.c b/arch/x86/xen/suspend_hvm.c
index e666b614cf6d..5152afe16876 100644
--- a/arch/x86/xen/suspend_hvm.c
+++ b/arch/x86/xen/suspend_hvm.c
@@ -13,6 +13,6 @@ void xen_hvm_post_suspend(int suspend_cancelled)
xen_hvm_init_shared_info();
xen_vcpu_restore();
}
- xen_callback_vector();
+ xen_setup_callback_vector();
xen_unplug_emulated_devices();
}
diff --git a/arch/x86/xen/xen-ops.h b/arch/x86/xen/xen-ops.h
index 45a441c33d6d..1cc1568bfe04 100644
--- a/arch/x86/xen/xen-ops.h
+++ b/arch/x86/xen/xen-ops.h
@@ -55,7 +55,7 @@ void xen_enable_sysenter(void);
void xen_enable_syscall(void);
void xen_vcpu_restore(void);
-void xen_callback_vector(void);
+void xen_setup_callback_vector(void);
void xen_hvm_init_shared_info(void);
void xen_unplug_emulated_devices(void);
diff --git a/drivers/xen/events/events_base.c b/drivers/xen/events/events_base.c
index 3a791c8485d0..eb35c3cda9a6 100644
--- a/drivers/xen/events/events_base.c
+++ b/drivers/xen/events/events_base.c
@@ -1639,26 +1639,30 @@ EXPORT_SYMBOL_GPL(xen_set_callback_via);
/* Vector callbacks are better than PCI interrupts to receive event
* channel notifications because we can receive vector callbacks on any
* vcpu and we don't need PCI support or APIC interactions. */
-void xen_callback_vector(void)
+void xen_setup_callback_vector(void)
{
- int rc;
uint64_t callback_via;
if (xen_have_vector_callback) {
callback_via = HVM_CALLBACK_VECTOR(HYPERVISOR_CALLBACK_VECTOR);
- rc = xen_set_callback_via(callback_via);
- if (rc) {
+ if (xen_set_callback_via(callback_via)) {
pr_err("Request for Xen HVM callback vector failed\n");
xen_have_vector_callback = 0;
- return;
}
- pr_info("Xen HVM callback vector for event delivery is enabled\n");
- alloc_intr_gate(HYPERVISOR_CALLBACK_VECTOR,
- xen_hvm_callback_vector);
}
}
+
+static __init void xen_alloc_callback_vector(void)
+{
+ if (!xen_have_vector_callback)
+ return;
+
+ pr_info("Xen HVM callback vector for event delivery is enabled\n");
+ alloc_intr_gate(HYPERVISOR_CALLBACK_VECTOR, xen_hvm_callback_vector);
+}
#else
-void xen_callback_vector(void) {}
+void xen_setup_callback_vector(void) {}
+static inline void xen_alloc_callback_vector(void) {}
#endif
#undef MODULE_PARAM_PREFIX
@@ -1692,8 +1696,10 @@ void __init xen_init_IRQ(void)
if (xen_initial_domain())
pci_xen_initial_domain();
}
- if (xen_feature(XENFEAT_hvm_callback_vector))
- xen_callback_vector();
+ if (xen_feature(XENFEAT_hvm_callback_vector)) {
+ xen_setup_callback_vector();
+ xen_alloc_callback_vector();
+ }
if (xen_hvm_domain()) {
native_init_IRQ();
--
2.27.0

30
SOURCES/9002-x86-microcode-AMD-Load-late-on-both-threads-too.patch
View File

@ -1,30 +0,0 @@
From a32b0f0db3f396f1c9be2fe621e77c09ec3d8e7d Mon Sep 17 00:00:00 2001
From: "Borislav Petkov (AMD)" <bp@alien8.de>
Date: Tue, 2 May 2023 19:53:50 +0200
Subject: [PATCH] x86/microcode/AMD: Load late on both threads too
Do the same as early loading - load on both threads.
Signed-off-by: Borislav Petkov (AMD) <bp@alien8.de>
Cc: <stable@kernel.org>
Link: https://lore.kernel.org/r/20230605141332.25948-1-bp@alien8.de
---
arch/x86/kernel/cpu/microcode/amd.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/arch/x86/kernel/cpu/microcode/amd.c b/arch/x86/kernel/cpu/microcode/amd.c
index f14f4ea0b537..87208e46f7ed 100644
--- a/arch/x86/kernel/cpu/microcode/amd.c
+++ b/arch/x86/kernel/cpu/microcode/amd.c
@@ -700,7 +700,7 @@ static enum ucode_state apply_microcode_amd(int cpu)
rdmsr(MSR_AMD64_PATCH_LEVEL, rev, dummy);
/* need to apply patch? */
- if (rev >= mc_amd->hdr.patch_id) {
+ if (rev > mc_amd->hdr.patch_id) {
ret = UCODE_OK;
goto out;
}
--
2.27.0

40
SOURCES/Module.kabi_aarch64
View File

@ -168,6 +168,8 @@
0x7a9b37e8 blk_start_plug vmlinux EXPORT_SYMBOL
0x84502a47 blk_status_to_errno vmlinux EXPORT_SYMBOL_GPL
0x981874cb blk_verify_command vmlinux EXPORT_SYMBOL
0x640b8f93 blkdev_fsync vmlinux EXPORT_SYMBOL
0x098a2b82 blkdev_get vmlinux EXPORT_SYMBOL
0x57b3a714 blkdev_get_by_dev vmlinux EXPORT_SYMBOL
0x3a58ff8f blkdev_get_by_path vmlinux EXPORT_SYMBOL
0xa4e90f02 blkdev_issue_discard vmlinux EXPORT_SYMBOL
@ -221,11 +223,14 @@
0xc2ce4b1e d_make_root vmlinux EXPORT_SYMBOL
0x3b9ea1ae d_obtain_alias vmlinux EXPORT_SYMBOL
0xfa0f4c0f d_prune_aliases vmlinux EXPORT_SYMBOL
0x4bcdda9f deactivate_super vmlinux EXPORT_SYMBOL
0xa8a90b07 default_llseek vmlinux EXPORT_SYMBOL
0xaad8c7d6 default_wake_function vmlinux EXPORT_SYMBOL
0x74c32ea2 del_gendisk vmlinux EXPORT_SYMBOL
0xfa5223cc del_timer vmlinux EXPORT_SYMBOL
0xec02a35f del_timer_sync vmlinux EXPORT_SYMBOL
0x0c1c794e delayed_work_timer_fn vmlinux EXPORT_SYMBOL
0x3a484afa dentry_open vmlinux EXPORT_SYMBOL
0x8c03d20c destroy_workqueue vmlinux EXPORT_SYMBOL_GPL
0x862f1376 dev_get_by_index vmlinux EXPORT_SYMBOL
0x99c61367 dev_get_by_name vmlinux EXPORT_SYMBOL
@ -260,6 +265,7 @@
0x092f9801 ether_setup vmlinux EXPORT_SYMBOL
0xf12fd7b7 ethtool_op_get_link vmlinux EXPORT_SYMBOL
0x45f82af7 fc_remove_host drivers/scsi/scsi_transport_fc EXPORT_SYMBOL
0x8cdd7fee fget vmlinux EXPORT_SYMBOL
0x317eee7a filemap_fault vmlinux EXPORT_SYMBOL
0xadaabf62 filp_close vmlinux EXPORT_SYMBOL
0xf8c0da85 filp_open vmlinux EXPORT_SYMBOL
@ -272,6 +278,7 @@
0x42160169 flush_workqueue vmlinux EXPORT_SYMBOL
0xdfbfce13 force_sig vmlinux EXPORT_SYMBOL
0xcbd4898c fortify_panic vmlinux EXPORT_SYMBOL
0x3c7e0019 fput vmlinux EXPORT_SYMBOL
0xc1514a3b free_irq vmlinux EXPORT_SYMBOL
0xf276078f free_netdev vmlinux EXPORT_SYMBOL
0x4302d0eb free_pages vmlinux EXPORT_SYMBOL
@ -279,10 +286,15 @@
0x1c2073b0 from_kgid vmlinux EXPORT_SYMBOL
0x69d83b26 from_kuid vmlinux EXPORT_SYMBOL
0x02c7d7c5 fs_bio_set vmlinux EXPORT_SYMBOL
0x4da5d582 fsync_bdev vmlinux EXPORT_SYMBOL
0x871408e9 generic_end_io_acct vmlinux EXPORT_SYMBOL
0x9874466f generic_file_llseek vmlinux EXPORT_SYMBOL
0x9f289411 generic_file_open vmlinux EXPORT_SYMBOL
0xfce4eac3 generic_fillattr vmlinux EXPORT_SYMBOL
0x94a0b371 generic_make_request vmlinux EXPORT_SYMBOL
0x88de0238 generic_permission vmlinux EXPORT_SYMBOL
0xbf06c358 generic_read_dir vmlinux EXPORT_SYMBOL
0x1026d343 generic_shutdown_super vmlinux EXPORT_SYMBOL
0x941835d6 generic_start_io_acct vmlinux EXPORT_SYMBOL
0x8811191a genl_register_family vmlinux EXPORT_SYMBOL
0x9f39d33a genl_unregister_family vmlinux EXPORT_SYMBOL
@ -310,6 +322,8 @@
0x4cc8f9c8 init_timer_key vmlinux EXPORT_SYMBOL
0x2b91e0ef init_uts_ns vmlinux EXPORT_SYMBOL_GPL
0xfe487975 init_wait_entry vmlinux EXPORT_SYMBOL
0xbe04575e inode_init_always vmlinux EXPORT_SYMBOL
0x9274c33c inode_permission vmlinux EXPORT_SYMBOL
0x5ed90adc int_to_scsilun vmlinux EXPORT_SYMBOL
0x93b9824b invalidate_partition vmlinux EXPORT_SYMBOL
0x93a6e0b2 io_schedule vmlinux EXPORT_SYMBOL
@ -329,6 +343,7 @@
0xe4f4665b ipmi_validate_addr drivers/char/ipmi/ipmi_msghandler EXPORT_SYMBOL
0x872e8bfa iput vmlinux EXPORT_SYMBOL
0x8b3fdb57 irq_set_affinity_hint vmlinux EXPORT_SYMBOL_GPL
0xdc3a5af3 iterate_dir vmlinux EXPORT_SYMBOL
0x15ba50a6 jiffies vmlinux EXPORT_SYMBOL
0x055e77e8 jiffies_64 vmlinux EXPORT_SYMBOL
0x37befc70 jiffies_to_msecs vmlinux EXPORT_SYMBOL
@ -343,6 +358,8 @@
0x037a0cba kfree vmlinux EXPORT_SYMBOL
0x19f462ab kfree_call_rcu vmlinux EXPORT_SYMBOL_GPL
0x6aec8ba4 kfree_skb vmlinux EXPORT_SYMBOL
0x0e479cbd kill_anon_super vmlinux EXPORT_SYMBOL
0x768782f0 kill_block_super vmlinux EXPORT_SYMBOL
0xc30a389f kmalloc_caches vmlinux EXPORT_SYMBOL
0xa202a8e5 kmalloc_order_trace vmlinux EXPORT_SYMBOL
0x324a6217 kmem_cache_alloc vmlinux EXPORT_SYMBOL
@ -427,6 +444,8 @@
0x29367907 mmput vmlinux EXPORT_SYMBOL_GPL
0x1ccf7c3c mmu_notifier_register vmlinux EXPORT_SYMBOL_GPL
0x725826d8 mmu_notifier_unregister vmlinux EXPORT_SYMBOL_GPL
0x2360f588 mntget vmlinux EXPORT_SYMBOL
0x41cfedb6 mntput vmlinux EXPORT_SYMBOL
0xebca8b54 mod_delayed_work_on vmlinux EXPORT_SYMBOL_GPL
0x28985b9f mod_timer vmlinux EXPORT_SYMBOL
0xaac80d5b mod_timer_pending vmlinux EXPORT_SYMBOL
@ -452,6 +471,7 @@
0x155980d9 netif_rx vmlinux EXPORT_SYMBOL
0xf6ff1b05 netlink_broadcast vmlinux EXPORT_SYMBOL
0xf47829bd netlink_unicast vmlinux EXPORT_SYMBOL
0x6a3475c1 new_inode vmlinux EXPORT_SYMBOL
0xfdc1bd61 nla_put vmlinux EXPORT_SYMBOL
0xaa19fd49 node_data vmlinux EXPORT_SYMBOL
0xc19ac37a node_to_cpumask_map vmlinux EXPORT_SYMBOL
@ -513,11 +533,13 @@
0x65ee6e82 read_cache_pages vmlinux EXPORT_SYMBOL
0xfb6af58d recalc_sigpending vmlinux EXPORT_SYMBOL
0x71a50dbc register_blkdev vmlinux EXPORT_SYMBOL
0x7e2473d5 register_filesystem vmlinux EXPORT_SYMBOL
0x60352082 register_inet6addr_notifier vmlinux EXPORT_SYMBOL
0xf68285c0 register_inetaddr_notifier vmlinux EXPORT_SYMBOL
0x87026672 register_netdev vmlinux EXPORT_SYMBOL
0xd2da1048 register_netdevice_notifier vmlinux EXPORT_SYMBOL
0x3517383e register_reboot_notifier vmlinux EXPORT_SYMBOL
0xf97d7de2 register_sysctl_table vmlinux EXPORT_SYMBOL
0x44d786a5 release_sock vmlinux EXPORT_SYMBOL
0x5d291b26 remap_pfn_range vmlinux EXPORT_SYMBOL
0x37110088 remove_wait_queue vmlinux EXPORT_SYMBOL
@ -596,6 +618,7 @@
0x333c20bd shrink_dcache_parent vmlinux EXPORT_SYMBOL
0x40c7247c si_meminfo vmlinux EXPORT_SYMBOL
0x6a5fa363 sigprocmask vmlinux EXPORT_SYMBOL
0xf8d4a345 simple_statfs vmlinux EXPORT_SYMBOL
0x0b742fd7 simple_strtol vmlinux EXPORT_SYMBOL
0x20000329 simple_strtoul vmlinux EXPORT_SYMBOL
0x61b7b126 simple_strtoull vmlinux EXPORT_SYMBOL
@ -653,11 +676,13 @@
0x8d420dbb unmap_mapping_range vmlinux EXPORT_SYMBOL
0xb5a459dc unregister_blkdev vmlinux EXPORT_SYMBOL
0x6091b333 unregister_chrdev_region vmlinux EXPORT_SYMBOL
0x52f5f5a6 unregister_filesystem vmlinux EXPORT_SYMBOL
0x2fe252cc unregister_inet6addr_notifier vmlinux EXPORT_SYMBOL
0xfe029963 unregister_inetaddr_notifier vmlinux EXPORT_SYMBOL
0x326d489d unregister_netdev vmlinux EXPORT_SYMBOL
0x9d0d6206 unregister_netdevice_notifier vmlinux EXPORT_SYMBOL
0xac1a55be unregister_reboot_notifier vmlinux EXPORT_SYMBOL
0x6be0d38b unregister_sysctl_table vmlinux EXPORT_SYMBOL
0xc452a18b unuse_mm vmlinux EXPORT_SYMBOL_GPL
0xcf2a6966 up vmlinux EXPORT_SYMBOL
0x1e03a6e3 up_read vmlinux EXPORT_SYMBOL
@ -665,6 +690,20 @@
0x851e0ea2 use_mm vmlinux EXPORT_SYMBOL_GPL
0x12a38747 usleep_range vmlinux EXPORT_SYMBOL
0x999e8297 vfree vmlinux EXPORT_SYMBOL
0xc6b294ae vfs_create vmlinux EXPORT_SYMBOL
0x9c6cc0f4 vfs_fsync vmlinux EXPORT_SYMBOL
0xc1e09c95 vfs_fsync_range vmlinux EXPORT_SYMBOL
0x121cc4aa vfs_getattr vmlinux EXPORT_SYMBOL
0xee72c99b vfs_link vmlinux EXPORT_SYMBOL
0xf57ec227 vfs_llseek vmlinux EXPORT_SYMBOL
0x8ae7c58f vfs_mkdir vmlinux EXPORT_SYMBOL
0xa5d9c609 vfs_mknod vmlinux EXPORT_SYMBOL
0xda7d13b0 vfs_readlink vmlinux EXPORT_SYMBOL
0x0d95c03d vfs_rename vmlinux EXPORT_SYMBOL
0x8f65d07b vfs_rmdir vmlinux EXPORT_SYMBOL
0x6f6b401b vfs_statfs vmlinux EXPORT_SYMBOL
0x40872063 vfs_symlink vmlinux EXPORT_SYMBOL
0x5000a175 vfs_unlink vmlinux EXPORT_SYMBOL
0x09fb0f02 vm_mmap vmlinux EXPORT_SYMBOL
0x5b56860c vm_munmap vmlinux EXPORT_SYMBOL
0xd6ee688f vmalloc vmlinux EXPORT_SYMBOL
@ -684,5 +723,6 @@
0xa0fbac79 wake_up_bit vmlinux EXPORT_SYMBOL
0x8eab8b06 wake_up_process vmlinux EXPORT_SYMBOL
0xa2517116 write_cache_pages vmlinux EXPORT_SYMBOL
0x4a30eeac xattr_full_name vmlinux EXPORT_SYMBOL
0x760a0f4f yield vmlinux EXPORT_SYMBOL
0x931e0601 zap_vma_ptes vmlinux EXPORT_SYMBOL_GPL

40
SOURCES/Module.kabi_ppc64le
View File

@ -158,6 +158,8 @@
0x7a9b37e8 blk_start_plug vmlinux EXPORT_SYMBOL
0x84502a47 blk_status_to_errno vmlinux EXPORT_SYMBOL_GPL
0x22339412 blk_verify_command vmlinux EXPORT_SYMBOL
0xcf04e564 blkdev_fsync vmlinux EXPORT_SYMBOL
0x63a46f8f blkdev_get vmlinux EXPORT_SYMBOL
0xd441ce00 blkdev_get_by_dev vmlinux EXPORT_SYMBOL
0x729bbb38 blkdev_get_by_path vmlinux EXPORT_SYMBOL
0xe832978f blkdev_issue_discard vmlinux EXPORT_SYMBOL
@ -211,11 +213,14 @@
0x72abfd0d d_make_root vmlinux EXPORT_SYMBOL
0xaab920de d_obtain_alias vmlinux EXPORT_SYMBOL
0x8609823d d_prune_aliases vmlinux EXPORT_SYMBOL
0x6d32959a deactivate_super vmlinux EXPORT_SYMBOL
0x83290c21 default_llseek vmlinux EXPORT_SYMBOL
0xaad8c7d6 default_wake_function vmlinux EXPORT_SYMBOL
0xd63ecb11 del_gendisk vmlinux EXPORT_SYMBOL
0xfa5223cc del_timer vmlinux EXPORT_SYMBOL
0xec02a35f del_timer_sync vmlinux EXPORT_SYMBOL
0x0c1c794e delayed_work_timer_fn vmlinux EXPORT_SYMBOL
0x770d8b9a dentry_open vmlinux EXPORT_SYMBOL
0x8c03d20c destroy_workqueue vmlinux EXPORT_SYMBOL_GPL
0xc4c53c5a dev_get_by_index vmlinux EXPORT_SYMBOL
0x9b061ec6 dev_get_by_name vmlinux EXPORT_SYMBOL
@ -250,6 +255,7 @@
0x3c8d07f4 ether_setup vmlinux EXPORT_SYMBOL
0xf0819cd7 ethtool_op_get_link vmlinux EXPORT_SYMBOL
0x72ecfb60 fc_remove_host drivers/scsi/scsi_transport_fc EXPORT_SYMBOL
0x6f604080 fget vmlinux EXPORT_SYMBOL
0x1fce28b4 filemap_fault vmlinux EXPORT_SYMBOL
0x73ea0039 filp_close vmlinux EXPORT_SYMBOL
0xfa48c755 filp_open vmlinux EXPORT_SYMBOL
@ -262,6 +268,7 @@
0x42160169 flush_workqueue vmlinux EXPORT_SYMBOL
0x0318bd7c force_sig vmlinux EXPORT_SYMBOL
0xcbd4898c fortify_panic vmlinux EXPORT_SYMBOL
0x88e09c58 fput vmlinux EXPORT_SYMBOL
0xc1514a3b free_irq vmlinux EXPORT_SYMBOL
0x61ae3cb3 free_netdev vmlinux EXPORT_SYMBOL
0x4302d0eb free_pages vmlinux EXPORT_SYMBOL
@ -269,10 +276,15 @@
0x0d668bdf from_kgid vmlinux EXPORT_SYMBOL
0x412ea5ab from_kuid vmlinux EXPORT_SYMBOL
0xd8a1f9d7 fs_bio_set vmlinux EXPORT_SYMBOL
0x84e40240 fsync_bdev vmlinux EXPORT_SYMBOL
0xd781320c generic_end_io_acct vmlinux EXPORT_SYMBOL
0x95100200 generic_file_llseek vmlinux EXPORT_SYMBOL
0xe6c12425 generic_file_open vmlinux EXPORT_SYMBOL
0x9c6a77c2 generic_fillattr vmlinux EXPORT_SYMBOL
0x88da4ba6 generic_make_request vmlinux EXPORT_SYMBOL
0xe7e933d5 generic_permission vmlinux EXPORT_SYMBOL
0x12e610b2 generic_read_dir vmlinux EXPORT_SYMBOL
0xff731d53 generic_shutdown_super vmlinux EXPORT_SYMBOL
0xd14dd387 generic_start_io_acct vmlinux EXPORT_SYMBOL
0x13835e2c genl_register_family vmlinux EXPORT_SYMBOL
0xde4bc7e8 genl_unregister_family vmlinux EXPORT_SYMBOL
@ -300,6 +312,8 @@
0x4cc8f9c8 init_timer_key vmlinux EXPORT_SYMBOL
0xcd104c41 init_uts_ns vmlinux EXPORT_SYMBOL_GPL
0xfe487975 init_wait_entry vmlinux EXPORT_SYMBOL
0x0e0c42d5 inode_init_always vmlinux EXPORT_SYMBOL
0xc1062e70 inode_permission vmlinux EXPORT_SYMBOL
0x5ed90adc int_to_scsilun vmlinux EXPORT_SYMBOL
0x2a909b64 invalidate_partition vmlinux EXPORT_SYMBOL
0x93a6e0b2 io_schedule vmlinux EXPORT_SYMBOL
@ -319,6 +333,7 @@
0xe4f4665b ipmi_validate_addr drivers/char/ipmi/ipmi_msghandler EXPORT_SYMBOL
0xdde2e42b iput vmlinux EXPORT_SYMBOL
0x3fb2bd8a irq_set_affinity_hint vmlinux EXPORT_SYMBOL_GPL
0x6df086a9 iterate_dir vmlinux EXPORT_SYMBOL
0x02df50b0 jiffies vmlinux EXPORT_SYMBOL
0x23619cff jiffies_64 vmlinux EXPORT_SYMBOL
0x37befc70 jiffies_to_msecs vmlinux EXPORT_SYMBOL
@ -333,6 +348,8 @@
0x037a0cba kfree vmlinux EXPORT_SYMBOL
0x19f462ab kfree_call_rcu vmlinux EXPORT_SYMBOL_GPL
0xc4455496 kfree_skb vmlinux EXPORT_SYMBOL
0xb1b2910d kill_anon_super vmlinux EXPORT_SYMBOL
0x722787fb kill_block_super vmlinux EXPORT_SYMBOL
0x9fea59e6 kmalloc_caches vmlinux EXPORT_SYMBOL
0xa202a8e5 kmalloc_order_trace vmlinux EXPORT_SYMBOL
0x95d11f02 kmem_cache_alloc vmlinux EXPORT_SYMBOL
@ -417,6 +434,8 @@
0x74267b6a mmput vmlinux EXPORT_SYMBOL_GPL
0xe7bb9278 mmu_notifier_register vmlinux EXPORT_SYMBOL_GPL
0x108aece2 mmu_notifier_unregister vmlinux EXPORT_SYMBOL_GPL
0x55cf1d09 mntget vmlinux EXPORT_SYMBOL
0x19735022 mntput vmlinux EXPORT_SYMBOL
0xebca8b54 mod_delayed_work_on vmlinux EXPORT_SYMBOL_GPL
0x28985b9f mod_timer vmlinux EXPORT_SYMBOL
0xaac80d5b mod_timer_pending vmlinux EXPORT_SYMBOL
@ -442,6 +461,7 @@
0x6b481123 netif_rx vmlinux EXPORT_SYMBOL
0x7323b2b8 netlink_broadcast vmlinux EXPORT_SYMBOL
0xccb2f658 netlink_unicast vmlinux EXPORT_SYMBOL
0x3ed60697 new_inode vmlinux EXPORT_SYMBOL
0xfdc1bd61 nla_put vmlinux EXPORT_SYMBOL
0x21675c27 node_data vmlinux EXPORT_SYMBOL
0x7d9514c1 node_to_cpumask_map vmlinux EXPORT_SYMBOL
@ -503,11 +523,13 @@
0xacef9390 read_cache_pages vmlinux EXPORT_SYMBOL
0xfb6af58d recalc_sigpending vmlinux EXPORT_SYMBOL
0x71a50dbc register_blkdev vmlinux EXPORT_SYMBOL
0x21738ae4 register_filesystem vmlinux EXPORT_SYMBOL
0x60352082 register_inet6addr_notifier vmlinux EXPORT_SYMBOL
0xf68285c0 register_inetaddr_notifier vmlinux EXPORT_SYMBOL
0xece78940 register_netdev vmlinux EXPORT_SYMBOL
0xd2da1048 register_netdevice_notifier vmlinux EXPORT_SYMBOL
0x3517383e register_reboot_notifier vmlinux EXPORT_SYMBOL
0x8bded847 register_sysctl_table vmlinux EXPORT_SYMBOL
0xe5612323 release_sock vmlinux EXPORT_SYMBOL
0x45fbc758 remap_pfn_range vmlinux EXPORT_SYMBOL
0xec4fb493 remove_wait_queue vmlinux EXPORT_SYMBOL
@ -586,6 +608,7 @@
0xa0aa157a shrink_dcache_parent vmlinux EXPORT_SYMBOL
0x40c7247c si_meminfo vmlinux EXPORT_SYMBOL
0x6a5fa363 sigprocmask vmlinux EXPORT_SYMBOL
0xfa0c49b0 simple_statfs vmlinux EXPORT_SYMBOL
0x0b742fd7 simple_strtol vmlinux EXPORT_SYMBOL
0x20000329 simple_strtoul vmlinux EXPORT_SYMBOL
0x61b7b126 simple_strtoull vmlinux EXPORT_SYMBOL
@ -643,11 +666,13 @@
0xd35bbe96 unmap_mapping_range vmlinux EXPORT_SYMBOL
0xb5a459dc unregister_blkdev vmlinux EXPORT_SYMBOL
0x6091b333 unregister_chrdev_region vmlinux EXPORT_SYMBOL
0x831b341c unregister_filesystem vmlinux EXPORT_SYMBOL
0x2fe252cc unregister_inet6addr_notifier vmlinux EXPORT_SYMBOL
0xfe029963 unregister_inetaddr_notifier vmlinux EXPORT_SYMBOL
0xeb5b21c3 unregister_netdev vmlinux EXPORT_SYMBOL
0x9d0d6206 unregister_netdevice_notifier vmlinux EXPORT_SYMBOL
0xac1a55be unregister_reboot_notifier vmlinux EXPORT_SYMBOL
0x6c8ad3d4 unregister_sysctl_table vmlinux EXPORT_SYMBOL
0x18d33e2c unuse_mm vmlinux EXPORT_SYMBOL_GPL
0x5412c7c7 up vmlinux EXPORT_SYMBOL
0x77597a53 up_read vmlinux EXPORT_SYMBOL
@ -655,6 +680,20 @@
0x5840fc32 use_mm vmlinux EXPORT_SYMBOL_GPL
0x12a38747 usleep_range vmlinux EXPORT_SYMBOL
0x999e8297 vfree vmlinux EXPORT_SYMBOL
0x03672e30 vfs_create vmlinux EXPORT_SYMBOL
0x9dccbaed vfs_fsync vmlinux EXPORT_SYMBOL
0x0581dc22 vfs_fsync_range vmlinux EXPORT_SYMBOL
0x2077fb73 vfs_getattr vmlinux EXPORT_SYMBOL
0x21bd0da7 vfs_link vmlinux EXPORT_SYMBOL
0x185af989 vfs_llseek vmlinux EXPORT_SYMBOL
0xfb935b3b vfs_mkdir vmlinux EXPORT_SYMBOL
0xf3d2f054 vfs_mknod vmlinux EXPORT_SYMBOL
0x81340cfe vfs_readlink vmlinux EXPORT_SYMBOL
0x6b298fb1 vfs_rename vmlinux EXPORT_SYMBOL
0x881c0dab vfs_rmdir vmlinux EXPORT_SYMBOL
0xe280d43c vfs_statfs vmlinux EXPORT_SYMBOL
0x3649bcdb vfs_symlink vmlinux EXPORT_SYMBOL
0xc679b268 vfs_unlink vmlinux EXPORT_SYMBOL
0x847551c6 vm_mmap vmlinux EXPORT_SYMBOL
0x5b56860c vm_munmap vmlinux EXPORT_SYMBOL
0xd6ee688f vmalloc vmlinux EXPORT_SYMBOL
@ -674,5 +713,6 @@
0xa0fbac79 wake_up_bit vmlinux EXPORT_SYMBOL
0xfaa3e0a8 wake_up_process vmlinux EXPORT_SYMBOL
0xe1c693c4 write_cache_pages vmlinux EXPORT_SYMBOL
0xbfb4dace xattr_full_name vmlinux EXPORT_SYMBOL
0x760a0f4f yield vmlinux EXPORT_SYMBOL
0xcebd81ba zap_vma_ptes vmlinux EXPORT_SYMBOL_GPL

40
SOURCES/Module.kabi_s390x
View File

@ -134,6 +134,8 @@
0x7a9b37e8 blk_start_plug vmlinux EXPORT_SYMBOL
0x84502a47 blk_status_to_errno vmlinux EXPORT_SYMBOL_GPL
0x60974d6e blk_verify_command vmlinux EXPORT_SYMBOL
0xc26bf351 blkdev_fsync vmlinux EXPORT_SYMBOL
0xda63e54f blkdev_get vmlinux EXPORT_SYMBOL
0xd1359f12 blkdev_get_by_dev vmlinux EXPORT_SYMBOL
0x91f4afca blkdev_get_by_path vmlinux EXPORT_SYMBOL
0xb189071a blkdev_issue_discard vmlinux EXPORT_SYMBOL
@ -184,11 +186,14 @@
0x2d87fabb d_make_root vmlinux EXPORT_SYMBOL
0x16f35807 d_obtain_alias vmlinux EXPORT_SYMBOL
0xf230dd2b d_prune_aliases vmlinux EXPORT_SYMBOL
0x40a680b6 deactivate_super vmlinux EXPORT_SYMBOL
0xd8710616 default_llseek vmlinux EXPORT_SYMBOL
0xaad8c7d6 default_wake_function vmlinux EXPORT_SYMBOL
0x88d17e92 del_gendisk vmlinux EXPORT_SYMBOL
0xfa5223cc del_timer vmlinux EXPORT_SYMBOL
0xec02a35f del_timer_sync vmlinux EXPORT_SYMBOL
0x0c1c794e delayed_work_timer_fn vmlinux EXPORT_SYMBOL
0x1789c7ec dentry_open vmlinux EXPORT_SYMBOL
0x8c03d20c destroy_workqueue vmlinux EXPORT_SYMBOL_GPL
0xc4d675c0 dev_get_by_index vmlinux EXPORT_SYMBOL
0x7197f660 dev_get_by_name vmlinux EXPORT_SYMBOL
@ -223,6 +228,7 @@
0x40d650b4 ether_setup vmlinux EXPORT_SYMBOL
0x6871deb1 ethtool_op_get_link vmlinux EXPORT_SYMBOL
0xc85dc1e1 fc_remove_host drivers/scsi/scsi_transport_fc EXPORT_SYMBOL
0xb695aff6 fget vmlinux EXPORT_SYMBOL
0xcb8d3ac5 filemap_fault vmlinux EXPORT_SYMBOL
0xc1fa776a filp_close vmlinux EXPORT_SYMBOL
0x8f77bbce filp_open vmlinux EXPORT_SYMBOL
@ -237,6 +243,7 @@
0x42160169 flush_workqueue vmlinux EXPORT_SYMBOL
0xc32e7dec force_sig vmlinux EXPORT_SYMBOL
0xcbd4898c fortify_panic vmlinux EXPORT_SYMBOL
0xa12dd047 fput vmlinux EXPORT_SYMBOL
0xc1514a3b free_irq vmlinux EXPORT_SYMBOL
0x80143ea4 free_netdev vmlinux EXPORT_SYMBOL
0x4302d0eb free_pages vmlinux EXPORT_SYMBOL
@ -244,10 +251,15 @@
0x705b4edc from_kgid vmlinux EXPORT_SYMBOL
0x8f257cbf from_kuid vmlinux EXPORT_SYMBOL
0x8f2c4377 fs_bio_set vmlinux EXPORT_SYMBOL
0xb4130f62 fsync_bdev vmlinux EXPORT_SYMBOL
0x7e5b69ce generic_end_io_acct vmlinux EXPORT_SYMBOL
0x3e7ce286 generic_file_llseek vmlinux EXPORT_SYMBOL
0x617a01ed generic_file_open vmlinux EXPORT_SYMBOL
0xcb60911f generic_fillattr vmlinux EXPORT_SYMBOL
0x999daaf9 generic_make_request vmlinux EXPORT_SYMBOL
0xfd725913 generic_permission vmlinux EXPORT_SYMBOL
0x7dfa4df6 generic_read_dir vmlinux EXPORT_SYMBOL
0x2b6e0767 generic_shutdown_super vmlinux EXPORT_SYMBOL
0xf7db95bf generic_start_io_acct vmlinux EXPORT_SYMBOL
0x3fe85dc0 genl_register_family vmlinux EXPORT_SYMBOL
0x676ece90 genl_unregister_family vmlinux EXPORT_SYMBOL
@ -275,6 +287,8 @@
0x4cc8f9c8 init_timer_key vmlinux EXPORT_SYMBOL
0x40bcb35a init_uts_ns vmlinux EXPORT_SYMBOL_GPL
0xfe487975 init_wait_entry vmlinux EXPORT_SYMBOL
0x3755fb24 inode_init_always vmlinux EXPORT_SYMBOL
0x411abede inode_permission vmlinux EXPORT_SYMBOL
0x5ed90adc int_to_scsilun vmlinux EXPORT_SYMBOL
0x5778b8b4 invalidate_partition vmlinux EXPORT_SYMBOL
0x93a6e0b2 io_schedule vmlinux EXPORT_SYMBOL
@ -283,6 +297,7 @@
0xedc03953 iounmap vmlinux EXPORT_SYMBOL
0x08c0bc0e iput vmlinux EXPORT_SYMBOL
0xca7903a1 irq_set_affinity_hint vmlinux EXPORT_SYMBOL_GPL
0xdc270fdf iterate_dir vmlinux EXPORT_SYMBOL
0xe798236d jiffies vmlinux EXPORT_SYMBOL
0x402a960a jiffies_64 vmlinux EXPORT_SYMBOL
0x37befc70 jiffies_to_msecs vmlinux EXPORT_SYMBOL
@ -297,6 +312,8 @@
0x037a0cba kfree vmlinux EXPORT_SYMBOL
0x19f462ab kfree_call_rcu vmlinux EXPORT_SYMBOL_GPL
0x0a9ea67d kfree_skb vmlinux EXPORT_SYMBOL
0xca2b0f47 kill_anon_super vmlinux EXPORT_SYMBOL
0x17015d84 kill_block_super vmlinux EXPORT_SYMBOL
0x1c1c79d3 kmalloc_caches vmlinux EXPORT_SYMBOL
0x4b5814ef kmalloc_order_trace vmlinux EXPORT_SYMBOL
0x44398388 kmem_cache_alloc vmlinux EXPORT_SYMBOL
@ -378,6 +395,8 @@
0xc7582579 misc_deregister vmlinux EXPORT_SYMBOL
0x5fe7b349 misc_register vmlinux EXPORT_SYMBOL
0xe0612783 mmput vmlinux EXPORT_SYMBOL_GPL
0x3202ca78 mntget vmlinux EXPORT_SYMBOL
0xabf9f6ee mntput vmlinux EXPORT_SYMBOL
0xebca8b54 mod_delayed_work_on vmlinux EXPORT_SYMBOL_GPL
0x28985b9f mod_timer vmlinux EXPORT_SYMBOL
0xaac80d5b mod_timer_pending vmlinux EXPORT_SYMBOL
@ -403,6 +422,7 @@
0xd0c1d4a8 netif_rx vmlinux EXPORT_SYMBOL
0x7bdf7b5b netlink_broadcast vmlinux EXPORT_SYMBOL
0x65047620 netlink_unicast vmlinux EXPORT_SYMBOL
0x5ffa0429 new_inode vmlinux EXPORT_SYMBOL
0xfdc1bd61 nla_put vmlinux EXPORT_SYMBOL
0x5c223e9e node_data vmlinux EXPORT_SYMBOL
0xfd1a7baf node_to_cpumask_map vmlinux EXPORT_SYMBOL
@ -463,11 +483,13 @@
0xbeabc0e4 read_cache_pages vmlinux EXPORT_SYMBOL
0xfb6af58d recalc_sigpending vmlinux EXPORT_SYMBOL
0x71a50dbc register_blkdev vmlinux EXPORT_SYMBOL
0xfca908d7 register_filesystem vmlinux EXPORT_SYMBOL
0x60352082 register_inet6addr_notifier vmlinux EXPORT_SYMBOL
0xf68285c0 register_inetaddr_notifier vmlinux EXPORT_SYMBOL
0x48276cbc register_netdev vmlinux EXPORT_SYMBOL
0xd2da1048 register_netdevice_notifier vmlinux EXPORT_SYMBOL
0x3517383e register_reboot_notifier vmlinux EXPORT_SYMBOL
0xd4e9d05d register_sysctl_table vmlinux EXPORT_SYMBOL
0xb286f9d0 release_sock vmlinux EXPORT_SYMBOL
0x58525886 remap_pfn_range vmlinux EXPORT_SYMBOL
0x6c60994e remove_wait_queue vmlinux EXPORT_SYMBOL
@ -546,6 +568,7 @@
0x0645e9e8 shrink_dcache_parent vmlinux EXPORT_SYMBOL
0x40c7247c si_meminfo vmlinux EXPORT_SYMBOL
0x6a5fa363 sigprocmask vmlinux EXPORT_SYMBOL
0xfcffa6d7 simple_statfs vmlinux EXPORT_SYMBOL
0x0b742fd7 simple_strtol vmlinux EXPORT_SYMBOL
0x20000329 simple_strtoul vmlinux EXPORT_SYMBOL
0x61b7b126 simple_strtoull vmlinux EXPORT_SYMBOL
@ -602,11 +625,13 @@
0xb34392eb unmap_mapping_range vmlinux EXPORT_SYMBOL
0xb5a459dc unregister_blkdev vmlinux EXPORT_SYMBOL
0x6091b333 unregister_chrdev_region vmlinux EXPORT_SYMBOL
0xc12a1b70 unregister_filesystem vmlinux EXPORT_SYMBOL
0x2fe252cc unregister_inet6addr_notifier vmlinux EXPORT_SYMBOL
0xfe029963 unregister_inetaddr_notifier vmlinux EXPORT_SYMBOL
0x5fa27294 unregister_netdev vmlinux EXPORT_SYMBOL
0x9d0d6206 unregister_netdevice_notifier vmlinux EXPORT_SYMBOL
0xac1a55be unregister_reboot_notifier vmlinux EXPORT_SYMBOL
0xf86e6516 unregister_sysctl_table vmlinux EXPORT_SYMBOL
0x2ab3699d unuse_mm vmlinux EXPORT_SYMBOL_GPL
0xc6b443e8 up vmlinux EXPORT_SYMBOL
0xd04fd10e up_read vmlinux EXPORT_SYMBOL
@ -614,6 +639,20 @@
0x971439a2 use_mm vmlinux EXPORT_SYMBOL_GPL
0x12a38747 usleep_range vmlinux EXPORT_SYMBOL
0x999e8297 vfree vmlinux EXPORT_SYMBOL
0x24d60dbd vfs_create vmlinux EXPORT_SYMBOL
0x1fd86893 vfs_fsync vmlinux EXPORT_SYMBOL
0x654184d4 vfs_fsync_range vmlinux EXPORT_SYMBOL
0x2cd2d936 vfs_getattr vmlinux EXPORT_SYMBOL
0x24b3ee3b vfs_link vmlinux EXPORT_SYMBOL
0x7065754b vfs_llseek vmlinux EXPORT_SYMBOL
0xd0864432 vfs_mkdir vmlinux EXPORT_SYMBOL
0x30a84afc vfs_mknod vmlinux EXPORT_SYMBOL
0xdf8efe5b vfs_readlink vmlinux EXPORT_SYMBOL
0x69be471b vfs_rename vmlinux EXPORT_SYMBOL
0x86654f49 vfs_rmdir vmlinux EXPORT_SYMBOL
0x4f101148 vfs_statfs vmlinux EXPORT_SYMBOL
0x278ed099 vfs_symlink vmlinux EXPORT_SYMBOL
0xb2ac7eb1 vfs_unlink vmlinux EXPORT_SYMBOL
0x4903aa79 vm_mmap vmlinux EXPORT_SYMBOL
0x29391e7d vm_munmap vmlinux EXPORT_SYMBOL
0xd6ee688f vmalloc vmlinux EXPORT_SYMBOL
@ -633,5 +672,6 @@
0xa0fbac79 wake_up_bit vmlinux EXPORT_SYMBOL
0x08d39e7d wake_up_process vmlinux EXPORT_SYMBOL
0xcf64b4bb write_cache_pages vmlinux EXPORT_SYMBOL
0x9032ee34 xattr_full_name vmlinux EXPORT_SYMBOL
0x760a0f4f yield vmlinux EXPORT_SYMBOL
0x2185519c zap_vma_ptes vmlinux EXPORT_SYMBOL_GPL

40
SOURCES/Module.kabi_x86_64
View File

@ -200,6 +200,8 @@
0x7a9b37e8 blk_start_plug vmlinux EXPORT_SYMBOL
0x84502a47 blk_status_to_errno vmlinux EXPORT_SYMBOL_GPL
0xc6a7a9d4 blk_verify_command vmlinux EXPORT_SYMBOL
0xf981545f blkdev_fsync vmlinux EXPORT_SYMBOL
0x8edf9bbe blkdev_get vmlinux EXPORT_SYMBOL
0x91c306c1 blkdev_get_by_dev vmlinux EXPORT_SYMBOL
0xf80e4f97 blkdev_get_by_path vmlinux EXPORT_SYMBOL
0xead69937 blkdev_issue_discard vmlinux EXPORT_SYMBOL
@ -263,11 +265,14 @@
0xb7c36a6c d_make_root vmlinux EXPORT_SYMBOL
0x9ec574bb d_obtain_alias vmlinux EXPORT_SYMBOL
0x4cfdc2d3 d_prune_aliases vmlinux EXPORT_SYMBOL
0x27dee34f deactivate_super vmlinux EXPORT_SYMBOL
0x384172fd default_llseek vmlinux EXPORT_SYMBOL
0xaad8c7d6 default_wake_function vmlinux EXPORT_SYMBOL
0xb6a81801 del_gendisk vmlinux EXPORT_SYMBOL
0xfa5223cc del_timer vmlinux EXPORT_SYMBOL
0xec02a35f del_timer_sync vmlinux EXPORT_SYMBOL
0x0c1c794e delayed_work_timer_fn vmlinux EXPORT_SYMBOL
0xbb81a0da dentry_open vmlinux EXPORT_SYMBOL
0x8c03d20c destroy_workqueue vmlinux EXPORT_SYMBOL_GPL
0x9c00a37e dev_get_by_index vmlinux EXPORT_SYMBOL
0xb6fc7fb2 dev_get_by_name vmlinux EXPORT_SYMBOL
@ -305,6 +310,7 @@
0xf654831f ex_handler_default vmlinux EXPORT_SYMBOL
0xb348a850 ex_handler_refcount vmlinux EXPORT_SYMBOL
0x9620f845 fc_remove_host drivers/scsi/scsi_transport_fc EXPORT_SYMBOL
0x6e314ecb fget vmlinux EXPORT_SYMBOL
0x851d26ac filemap_fault vmlinux EXPORT_SYMBOL
0xa92e474e filp_close vmlinux EXPORT_SYMBOL
0x2a35269e filp_open vmlinux EXPORT_SYMBOL
@ -319,6 +325,7 @@
0x42160169 flush_workqueue vmlinux EXPORT_SYMBOL
0x01ae6893 force_sig vmlinux EXPORT_SYMBOL
0xcbd4898c fortify_panic vmlinux EXPORT_SYMBOL
0x5813db4b fput vmlinux EXPORT_SYMBOL
0x8cac8c08 free_cpumask_var vmlinux EXPORT_SYMBOL
0xc1514a3b free_irq vmlinux EXPORT_SYMBOL
0xef045c19 free_netdev vmlinux EXPORT_SYMBOL
@ -327,10 +334,15 @@
0x57de7efd from_kgid vmlinux EXPORT_SYMBOL
0x7eba1fd6 from_kuid vmlinux EXPORT_SYMBOL
0x661aea07 fs_bio_set vmlinux EXPORT_SYMBOL
0xd89530c1 fsync_bdev vmlinux EXPORT_SYMBOL
0x3c6053a8 generic_end_io_acct vmlinux EXPORT_SYMBOL
0xc27ffb37 generic_file_llseek vmlinux EXPORT_SYMBOL
0x1908824a generic_file_open vmlinux EXPORT_SYMBOL
0x1a4cfafb generic_fillattr vmlinux EXPORT_SYMBOL
0x8847e7c2 generic_make_request vmlinux EXPORT_SYMBOL
0xb3785816 generic_permission vmlinux EXPORT_SYMBOL
0x653e71c5 generic_read_dir vmlinux EXPORT_SYMBOL
0x36692a80 generic_shutdown_super vmlinux EXPORT_SYMBOL
0x1fc190b2 generic_start_io_acct vmlinux EXPORT_SYMBOL
0x8c3e547c genl_register_family vmlinux EXPORT_SYMBOL
0xf9388c43 genl_unregister_family vmlinux EXPORT_SYMBOL
@ -358,6 +370,8 @@
0x4cc8f9c8 init_timer_key vmlinux EXPORT_SYMBOL
0x70d5fdae init_uts_ns vmlinux EXPORT_SYMBOL_GPL
0xfe487975 init_wait_entry vmlinux EXPORT_SYMBOL
0xaf73b8cd inode_init_always vmlinux EXPORT_SYMBOL
0x7aec6520 inode_permission vmlinux EXPORT_SYMBOL
0x5ed90adc int_to_scsilun vmlinux EXPORT_SYMBOL
0x06640311 invalidate_partition vmlinux EXPORT_SYMBOL
0x93a6e0b2 io_schedule vmlinux EXPORT_SYMBOL
@ -380,6 +394,7 @@
0x23daa267 iput vmlinux EXPORT_SYMBOL
0x263074f8 irq_set_affinity_hint vmlinux EXPORT_SYMBOL_GPL
0x12e285ec is_uv_system vmlinux EXPORT_SYMBOL_GPL
0x0ac8de99 iterate_dir vmlinux EXPORT_SYMBOL
0x15ba50a6 jiffies vmlinux EXPORT_SYMBOL
0x055e77e8 jiffies_64 vmlinux EXPORT_SYMBOL
0x37befc70 jiffies_to_msecs vmlinux EXPORT_SYMBOL
@ -394,6 +409,8 @@
0x037a0cba kfree vmlinux EXPORT_SYMBOL
0x19f462ab kfree_call_rcu vmlinux EXPORT_SYMBOL_GPL
0x67b4bbab kfree_skb vmlinux EXPORT_SYMBOL
0x9de2b11d kill_anon_super vmlinux EXPORT_SYMBOL
0x1036efcc kill_block_super vmlinux EXPORT_SYMBOL
0xf4b9b193 kmalloc_caches vmlinux EXPORT_SYMBOL
0xa202a8e5 kmalloc_order_trace vmlinux EXPORT_SYMBOL
0xf159fe55 kmem_cache_alloc vmlinux EXPORT_SYMBOL
@ -477,6 +494,8 @@
0x2aa7dddc mmput vmlinux EXPORT_SYMBOL_GPL
0x87b0fc1b mmu_notifier_register vmlinux EXPORT_SYMBOL_GPL
0x9f147e1c mmu_notifier_unregister vmlinux EXPORT_SYMBOL_GPL
0xb4234478 mntget vmlinux EXPORT_SYMBOL
0x44bd1620 mntput vmlinux EXPORT_SYMBOL
0xebca8b54 mod_delayed_work_on vmlinux EXPORT_SYMBOL_GPL
0x28985b9f mod_timer vmlinux EXPORT_SYMBOL
0xaac80d5b mod_timer_pending vmlinux EXPORT_SYMBOL
@ -502,6 +521,7 @@
0x591e6107 netif_rx vmlinux EXPORT_SYMBOL
0x7c119fd5 netlink_broadcast vmlinux EXPORT_SYMBOL
0x22afdba8 netlink_unicast vmlinux EXPORT_SYMBOL
0x84698f00 new_inode vmlinux EXPORT_SYMBOL
0xfdc1bd61 nla_put vmlinux EXPORT_SYMBOL
0x1d5ad689 node_data vmlinux EXPORT_SYMBOL
0x81348cf2 node_to_cpumask_map vmlinux EXPORT_SYMBOL
@ -568,11 +588,13 @@
0x082ed22e read_cache_pages vmlinux EXPORT_SYMBOL
0xfb6af58d recalc_sigpending vmlinux EXPORT_SYMBOL
0x71a50dbc register_blkdev vmlinux EXPORT_SYMBOL
0x921b5d72 register_filesystem vmlinux EXPORT_SYMBOL
0x60352082 register_inet6addr_notifier vmlinux EXPORT_SYMBOL
0xf68285c0 register_inetaddr_notifier vmlinux EXPORT_SYMBOL
0x6aee3d4e register_netdev vmlinux EXPORT_SYMBOL
0xd2da1048 register_netdevice_notifier vmlinux EXPORT_SYMBOL
0x3517383e register_reboot_notifier vmlinux EXPORT_SYMBOL
0xf97d7de2 register_sysctl_table vmlinux EXPORT_SYMBOL
0x14072f0b release_sock vmlinux EXPORT_SYMBOL
0x72e90816 remap_pfn_range vmlinux EXPORT_SYMBOL
0x37110088 remove_wait_queue vmlinux EXPORT_SYMBOL
@ -651,6 +673,7 @@
0xad0cae96 shrink_dcache_parent vmlinux EXPORT_SYMBOL
0x40c7247c si_meminfo vmlinux EXPORT_SYMBOL
0x6a5fa363 sigprocmask vmlinux EXPORT_SYMBOL
0x8ae0340b simple_statfs vmlinux EXPORT_SYMBOL
0x0b742fd7 simple_strtol vmlinux EXPORT_SYMBOL
0x20000329 simple_strtoul vmlinux EXPORT_SYMBOL
0x61b7b126 simple_strtoull vmlinux EXPORT_SYMBOL
@ -713,12 +736,14 @@
0x74f7f012 unmap_mapping_range vmlinux EXPORT_SYMBOL
0xb5a459dc unregister_blkdev vmlinux EXPORT_SYMBOL
0x6091b333 unregister_chrdev_region vmlinux EXPORT_SYMBOL
0xa9c55461 unregister_filesystem vmlinux EXPORT_SYMBOL
0x2fe252cc unregister_inet6addr_notifier vmlinux EXPORT_SYMBOL
0xfe029963 unregister_inetaddr_notifier vmlinux EXPORT_SYMBOL
0x51adffd1 unregister_netdev vmlinux EXPORT_SYMBOL
0x9d0d6206 unregister_netdevice_notifier vmlinux EXPORT_SYMBOL
0xe64ad8ea unregister_nmi_handler vmlinux EXPORT_SYMBOL_GPL
0xac1a55be unregister_reboot_notifier vmlinux EXPORT_SYMBOL
0x6be0d38b unregister_sysctl_table vmlinux EXPORT_SYMBOL
0x51a26dee unuse_mm vmlinux EXPORT_SYMBOL_GPL
0xcf2a6966 up vmlinux EXPORT_SYMBOL
0xb862f611 up_read vmlinux EXPORT_SYMBOL
@ -729,6 +754,20 @@
0x67dcd76b uv_setup_irq vmlinux EXPORT_SYMBOL_GPL
0x5d9317d7 uv_teardown_irq vmlinux EXPORT_SYMBOL_GPL
0x999e8297 vfree vmlinux EXPORT_SYMBOL
0x9829a737 vfs_create vmlinux EXPORT_SYMBOL
0xf4b30abf vfs_fsync vmlinux EXPORT_SYMBOL
0xc6e940e2 vfs_fsync_range vmlinux EXPORT_SYMBOL
0x32552b0a vfs_getattr vmlinux EXPORT_SYMBOL
0x48f23811 vfs_link vmlinux EXPORT_SYMBOL
0xae8ef654 vfs_llseek vmlinux EXPORT_SYMBOL
0xaabee7af vfs_mkdir vmlinux EXPORT_SYMBOL
0x642efa64 vfs_mknod vmlinux EXPORT_SYMBOL
0xc210437a vfs_readlink vmlinux EXPORT_SYMBOL
0xf534550d vfs_rename vmlinux EXPORT_SYMBOL
0x92c0adbe vfs_rmdir vmlinux EXPORT_SYMBOL
0xaff59a24 vfs_statfs vmlinux EXPORT_SYMBOL
0x318693f3 vfs_symlink vmlinux EXPORT_SYMBOL
0x8eddea79 vfs_unlink vmlinux EXPORT_SYMBOL
0x3e6a0c09 vm_mmap vmlinux EXPORT_SYMBOL
0x5b56860c vm_munmap vmlinux EXPORT_SYMBOL
0xd6ee688f vmalloc vmlinux EXPORT_SYMBOL
@ -751,6 +790,7 @@
0xc00d5473 wake_up_process vmlinux EXPORT_SYMBOL
0xded5cc67 write_cache_pages vmlinux EXPORT_SYMBOL
0xa50bcff0 x86_cpu_to_apicid vmlinux EXPORT_SYMBOL
0xabfa477a xattr_full_name vmlinux EXPORT_SYMBOL
0x760a0f4f yield vmlinux EXPORT_SYMBOL
0x0525c1ee zalloc_cpumask_var vmlinux EXPORT_SYMBOL
0x6de864bf zap_vma_ptes vmlinux EXPORT_SYMBOL_GPL

46
SOURCES/almalinux.pem
View File

@ -1,46 +0,0 @@
-----BEGIN CERTIFICATE-----
MIID3zCCAsegAwIBAgIQY4iebPtuT3OKR2M/jWZWEzANBgkqhkiG9w0BAQsFADBg
MSUwIwYJKoZIhvcNAQkBFhZzZWN1cml0eUBhbG1hbGludXgub3JnMRIwEAYDVQQK
EwlBbG1hTGludXgxIzAhBgNVBAMTGkFsbWFMaW51eCBTZWN1cmUgQm9vdCBDQSAx
MB4XDTIxMDExNDIxMDcxOVoXDTM2MDExMTIxMDcxOVowaTElMCMGCSqGSIb3DQEJ
ARYWc2VjdXJpdHlAYWxtYWxpbnV4Lm9yZzESMBAGA1UEChMJQWxtYUxpbnV4MSww
KgYDVQQDEyNBbG1hTGludXggRHJpdmVyIHVwZGF0ZSBzaWduaW5nIGtleTCCASIw
DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAK7kGZShKo5uegg6T4U/wR9UeyCa
qTtx+OvzUMKT8l5+R5WfBgQU8sDrIqX3Vv3tD6UeOUyFIQ40iGESdDhWnAFynJX4
v0k81KxJ+rVFAt5EJBeGw7U2qdpn8hzJG2dVANZ1gXJWGhC95Muif5q8fL7BJdU4
RufixfKWq6WHAalwHaiTCbA+/Ft6TLyZcA62glKkmBn7uWn83tlMfVqC4EN2NfQb
//C2MFCbm43BoKmgrMV0J3Pu8un3QZ4ukDDhJJ9eHfSqscq9SHPjqd0RM6TRcFXW
BzmTpG7MOJRvk4ypQSHxxc4jK5MVOqzel+2UPB2ihkvvnK9hdsvvI/bal/sCAwEA
AaOBizCBiDAfBgNVHSMEGDAWgBSY0u339QWy5Y/vkiTSvJ6Ffy5GkzAVBglghkgB
hvhCAQEBAf8EBQMDAPABMB8GA1UdJQQYMBYGCCsGAQUFBwMDBgorBgEEAZIIEAEC
MA4GA1UdDwEB/wQEAwIEsDAdBgNVHQ4EFgQUe4Y+AkDtIIq2uBuKbyhgwPTox9Yw
DQYJKoZIhvcNAQELBQADggEBAHoPojMTRdFO050Ihrmr8jkdOweiOSBtlAZkLGd2
lTybNp2Xi1lQ8SqsqU/NFs/KUPVFykmjmLeqNWC9QoKdrVGzoD9MOHprRxe6gC8k
sHzBCFqdx3B+qbeSxBUN2QLIydzM6C23qf1TjBCeEDtRrvcvupFTlOBxiOJrIwbp
dJD1JfjbgxfvLzg7PaJPi5Ev6B3gY4ybCnKQmor029Z3R4zw3miPpZVA04xt3Z9e
m45Jjv86u10wjLmGRgfMmYT43jiMbOwlG1N8OikvgIHwlZtWxUpL1t/mEYtMMkTv
R//lA5z5dqXiDCPdTwHhSjEfBFWGLl7ciYt6rYkpdlqnYdk=
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIID2DCCAsCgAwIBAgIQHDEXJMuZQ/m5MXRiSmLMljANBgkqhkiG9w0BAQsFADBg
MSUwIwYJKoZIhvcNAQkBFhZzZWN1cml0eUBhbG1hbGludXgub3JnMRIwEAYDVQQK
EwlBbG1hTGludXgxIzAhBgNVBAMTGkFsbWFMaW51eCBTZWN1cmUgQm9vdCBDQSAx
MB4XDTIxMDExNDIxMDgwMFoXDTM2MDExMTIxMDgwMFowYjElMCMGCSqGSIb3DQEJ
ARYWc2VjdXJpdHlAYWxtYWxpbnV4Lm9yZzESMBAGA1UEChMJQWxtYUxpbnV4MSUw
IwYDVQQDExxBbG1hTGludXgga3BhdGNoIHNpZ25pbmcga2V5MIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxncKQ7a49o5IUwqPB1axIzopNdGoSoERVuUd
hdHAZLB2MGIuU2fGCuZ4iD2Pwk+t2KsgR1y58pmHyRBCLi2tYfEdDB8LUzUY3P+8
Wxm2+zz8TPJUIcvPE4rHEb0vV4nTzwjpG4BTBwLkYRj+AxGbzWEy5Eetxzq5Ji+V
TMuTzRKshHEGNs3tFRPbSssc50NH+OuVKpzJAIqBmz7Gca9RqhK9ARK1p3aDEoR+
pYw4zRjIczc3s57WeuQxRMvFK5j48U0hpEUh+eQn1m40Bus3e7i4YTskwgKN5Vq3
lGlEdBoK4utuoHPj3JYh97hOii/kulOa9j5xeNe5z/6QByMxpwIDAQABo4GLMIGI
MB8GA1UdIwQYMBaAFJjS7ff1BbLlj++SJNK8noV/LkaTMBUGCWCGSAGG+EIBAQEB
/wQFAwMA8AEwHwYDVR0lBBgwFgYIKwYBBQUHAwMGCisGAQQBkggQAQIwDgYDVR0P
AQH/BAQDAgSwMB0GA1UdDgQWBBRpptnu0/Yg1cLhOh0hHEZRClrZ9TANBgkqhkiG
9w0BAQsFAAOCAQEAMDiuS0CD31MtO1Sn4HRYvai2LFdKpUKAEXVy9hsN+AfbcMcl
2sF/w49o43cMNIFoWKhMWZMOjCj/DGQY7ehNH3DRaTl7DNCu6y7mBNJPU+iPcE4r
92SBWIxUNi7YVbsc1evKBOnrtq6xd5BUJQx1cVGmSBI9dnd4tDBB2+KjpmdhzZK5
V1KQz1ilz5g2FNyEj6L7hnpkGUeMYnuM49YL7JP8QNtaKUBBA3BR4S7de+Tu070h
pEhvE539I6B+wmgV/bio20TUpQ5W2eH+5YUHVIZa5pZ30tVkm21iNB7eccbM4NYc
IRmwIsesuROtaM1e0lHoxKdW0N2xOSkhSY6oyQ==
-----END CERTIFICATE-----

BIN
SOURCES/almalinuxsecurebootca0.cer
View File

Binary file not shown.

11
SOURCES/debrand-rh-i686-cpu.patch
View File

@ -1,11 +0,0 @@
--- a/arch/x86/boot/main.c 2019-03-13 04:04:53.000000000 -0700
+++ b/arch/x86/boot/main.c 2019-05-25 14:31:21.043272496 -0700
@@ -147,7 +147,7 @@ void main(void)
/* Make sure we have all the proper CPU support */
if (validate_cpu()) {
- puts("This processor is not supported in this version of RHEL.\n");
+ puts("This processor is not supported in this version of AlmaLinux.\n");
die();
}

81
SOURCES/debrand-rh_taint.patch
View File

@ -1,81 +0,0 @@
--- a/kernel/rh_taint.c 2020-10-16 10:41:51.000000000 -0500
+++ b/kernel/rh_taint.c 2020-11-19 10:50:24.853039167 -0600
@@ -2,12 +2,12 @@
#include <linux/module.h>
/*
- * The following functions are used by Red Hat to indicate to users that
- * hardware and drivers are unsupported, or have limited support in RHEL major
+ * The following functions are used by AlmaLinux to indicate to users that
+ * hardware and drivers are unsupported, or have limited support in AlmaLinux major
* and minor releases. These functions output loud warning messages to the end
* user and should be USED WITH CAUTION.
*
- * Any use of these functions _MUST_ be documented in the RHEL Release Notes,
+ * Any use of these functions _MUST_ be documented in the AlmaLinux Release Notes,
* and have approval of management.
*/
@@ -16,15 +16,15 @@
* @msg: Hardware name, class, or type
*
* Called to mark a device, class of devices, or types of devices as not having
- * support in any RHEL minor release. This does not TAINT the kernel. Red Hat
- * will not fix bugs against this hardware in this minor release. Red Hat may
+ * support in any AlmaLinux minor release. This does not TAINT the kernel. AlmaLinux
+ * will not fix bugs against this hardware in this minor release. AlmaLinux may
* declare support in a future major or minor update release. This cannot be
* used to mark drivers unsupported.
*/
void mark_hardware_unsupported(const char *msg)
{
/* Print one single message */
- pr_crit("Warning: %s - this hardware has not undergone testing by Red Hat and might not be certified. Please consult https://catalog.redhat.com for certified hardware.\n", msg);
+ pr_crit("Warning: %s - this hardware has not undergone testing by AlmaLinux and might not be certified.\n", msg);
}
EXPORT_SYMBOL(mark_hardware_unsupported);
@@ -35,12 +35,12 @@ EXPORT_SYMBOL(mark_hardware_unsupported)
* Called to minimize the support status of a previously supported device in
* a minor release. This does not TAINT the kernel. Marking hardware
* deprecated is usually done in conjunction with the hardware vendor. Future
- * RHEL major releases may not include this driver. Driver updates and fixes
+ * AlmaLinux major releases may not include this driver. Driver updates and fixes
* for this device will be limited to critical issues in future minor releases.
*/
void mark_hardware_deprecated(const char *msg)
{
- pr_crit("Warning: %s - this hardware is not recommended for new deployments. It continues to be supported in this RHEL release, but it is likely to be removed in the next major release. Driver updates and fixes for this device will be limited to critical issues. Please contact Red Hat Support or your device's hardware vendor for additional information.\n", msg);
+ pr_crit("Warning: %s - this hardware is not recommended for new deployments. It continues to be supported in this AlmaLinux release, but it is likely to be removed in the next major release. Driver updates and fixes for this device will be limited to critical issues. Please contact AlmaLinux Support or your device's hardware vendor for additional information.\n", msg);
}
EXPORT_SYMBOL(mark_hardware_deprecated);
@@ -50,9 +50,9 @@ EXPORT_SYMBOL(mark_hardware_deprecated);
*
* Called to minimize the support status of a new driver. This does TAINT the
* kernel. Calling this function indicates that the driver or subsystem has
- * had limited testing and is not marked for full support within this RHEL
- * minor release. The next RHEL minor release may contain full support for
- * this driver. Red Hat does not guarantee that bugs reported against this
+ * had limited testing and is not marked for full support within this AlmaLinux
+ * minor release. The next AlmaLinux minor release may contain full support for
+ * this driver. AlmaLinux does not guarantee that bugs reported against this
* driver or subsystem will be resolved.
*/
void mark_tech_preview(const char *msg, struct module *mod)
@@ -81,13 +81,13 @@ EXPORT_SYMBOL(mark_tech_preview);
* mark_driver_unsupported - drivers that we know we don't want to support
* @name: the name of the driver
*
- * In some cases Red Hat has chosen to build a driver for internal QE
+ * In some cases AlmaLinux has chosen to build a driver for internal QE
* use. Use this function to mark those drivers as unsupported for
* customers.
*/
void mark_driver_unsupported(const char *name)
{
- pr_crit("Warning: %s - This driver has not undergone sufficient testing by Red Hat for this release and therefore cannot be used in production systems.\n",
+ pr_crit("Warning: %s - This driver has not undergone sufficient testing by AlmaLinux for this release and therefore cannot be used in production systems.\n",
name ? name : "kernel");
}
EXPORT_SYMBOL(mark_driver_unsupported);

11
SOURCES/debrand-single-cpu.patch
View File

@ -1,11 +0,0 @@
--- a/arch/x86/kernel/setup.c 2019-03-13 04:04:53.000000000 -0700
+++ b/arch/x86/kernel/setup.c 2019-05-27 08:35:54.580595314 -0700
@@ -900,7 +900,7 @@ static void rh_check_supported(void)
if (((boot_cpu_data.x86_max_cores * smp_num_siblings) == 1) &&
!guest && is_kdump_kernel()) {
pr_crit("Detected single cpu native boot.\n");
- pr_crit("Important: In Red Hat Enterprise Linux 8, single threaded, single CPU 64-bit physical systems are unsupported by Red Hat. Please contact your Red Hat support representative for a list of certified and supported systems.");
+ pr_crit("Important: In AlmaLinux 8, single threaded, single CPU 64-bit physical systems are unsupported. Please see https://www.almalinux.org for more information");
}
/*

43
SOURCES/kernel-aarch64-debug.config
View File

@ -136,7 +136,6 @@
# CONFIG_ARM64_4K_PAGES is not set
# CONFIG_ARM64_DEBUG_PRIORITY_MASKING is not set
# CONFIG_ARM64_PA_BITS_48 is not set
# CONFIG_ARM64_PSEUDO_NMI is not set
# CONFIG_ARM64_PTDUMP_DEBUGFS is not set
# CONFIG_ARM64_PTR_AUTH is not set
# CONFIG_ARM64_RANDOMIZE_TEXT_OFFSET is not set
@ -245,9 +244,7 @@
# CONFIG_BOOTPARAM_HUNG_TASK_PANIC is not set
# CONFIG_BOOTPARAM_SOFTLOCKUP_PANIC is not set
# CONFIG_BPFILTER is not set
# CONFIG_BRCMDBG is not set
# CONFIG_BRCMSTB_GISB_ARB is not set
# CONFIG_BRCM_TRACING is not set
# CONFIG_BT is not set
# CONFIG_BTRFS_FS is not set
# CONFIG_BT_6LOWPAN is not set
@ -495,6 +492,7 @@
# CONFIG_DRM_TINYDRM is not set
# CONFIG_DRM_TI_TFP410 is not set
# CONFIG_DRM_TOSHIBA_TC358767 is not set
# CONFIG_DRM_USE_DYNAMIC_DEBUG is not set
# CONFIG_DRM_VGEM is not set
# CONFIG_DRM_VMWGFX is not set
# CONFIG_DRM_XEN is not set
@ -813,7 +811,6 @@
# CONFIG_IMA_NG_TEMPLATE is not set
# CONFIG_IMA_TEMPLATE is not set
# CONFIG_INA2XX_ADC is not set
# CONFIG_INET_DIAG_DESTROY is not set
# CONFIG_INFINIBAND_EXP_LEGACY_VERBS_NEW_UAPI is not set
# CONFIG_INFINIBAND_HFI1 is not set
# CONFIG_INFINIBAND_HNS is not set
@ -1642,6 +1639,9 @@
# CONFIG_RTL8XXXU_UNTESTED is not set
# CONFIG_RTLLIB is not set
# CONFIG_RTS5208 is not set
# CONFIG_RTW88_8821CS is not set
# CONFIG_RTW88_8822BS is not set
# CONFIG_RTW88_8822CS is not set
# CONFIG_RTW89_8852CE is not set
# CONFIG_SAMPLE_CONFIGFS is not set
# CONFIG_SAMPLE_CONNECTOR is not set
@ -1932,6 +1932,7 @@
# CONFIG_SND_DESIGNWARE_I2S is not set
# CONFIG_SND_ES1938 is not set
# CONFIG_SND_FM801 is not set
# CONFIG_SND_HDA_CTL_DEV_ID is not set
# CONFIG_SND_I2S_HI6210_I2S is not set
# CONFIG_SND_MIXER_OSS is not set
# CONFIG_SND_MTS64 is not set
@ -1958,27 +1959,34 @@
# CONFIG_SND_SOC_ALC5623 is not set
# CONFIG_SND_SOC_AMD_ACP is not set
# CONFIG_SND_SOC_AW8738 is not set
# CONFIG_SND_SOC_AW88395 is not set
# CONFIG_SND_SOC_BD28623 is not set
# CONFIG_SND_SOC_BT_SCO is not set
# CONFIG_SND_SOC_CS35L32 is not set
# CONFIG_SND_SOC_CS35L33 is not set
# CONFIG_SND_SOC_CS35L34 is not set
# CONFIG_SND_SOC_CS35L35 is not set
# CONFIG_SND_SOC_CS35L56_I2C is not set
# CONFIG_SND_SOC_CS35L56_SDW is not set
# CONFIG_SND_SOC_CS35L56_SPI is not set
# CONFIG_SND_SOC_CS4265 is not set
# CONFIG_SND_SOC_CS4270 is not set
# CONFIG_SND_SOC_CS4271_I2C is not set
# CONFIG_SND_SOC_CS4271_SPI is not set
# CONFIG_SND_SOC_CS42L42 is not set
# CONFIG_SND_SOC_CS42L42_SDW is not set
# CONFIG_SND_SOC_CS42L51_I2C is not set
# CONFIG_SND_SOC_CS42L52 is not set
# CONFIG_SND_SOC_CS42L56 is not set
# CONFIG_SND_SOC_CS42L73 is not set
# CONFIG_SND_SOC_CS42L83 is not set
# CONFIG_SND_SOC_CS42XX8_I2C is not set
# CONFIG_SND_SOC_CS43130 is not set
# CONFIG_SND_SOC_CS4349 is not set
# CONFIG_SND_SOC_CS53L30 is not set
# CONFIG_SND_SOC_DIO2125 is not set
# CONFIG_SND_SOC_ES7134 is not set
# CONFIG_SND_SOC_ES8326 is not set
# CONFIG_SND_SOC_ES8328_I2C is not set
# CONFIG_SND_SOC_ES8328_SPI is not set
# CONFIG_SND_SOC_FSL_ASRC is not set
@ -1987,12 +1995,16 @@
# CONFIG_SND_SOC_FSL_SPDIF is not set
# CONFIG_SND_SOC_FSL_SSI is not set
# CONFIG_SND_SOC_GTM601 is not set
# CONFIG_SND_SOC_IDT821034 is not set
# CONFIG_SND_SOC_IMG is not set
# CONFIG_SND_SOC_IMX_AUDMUX is not set
# CONFIG_SND_SOC_INNO_RK3036 is not set
# CONFIG_SND_SOC_INTEL_AVS is not set
# CONFIG_SND_SOC_INTEL_AVS_MACH_MAX98927 is not set
# CONFIG_SND_SOC_INTEL_AVS_MACH_PROBE is not set
# CONFIG_SND_SOC_INTEL_SOF_SSP_AMP_MACH is not set
# CONFIG_SND_SOC_MAX9759 is not set
# CONFIG_SND_SOC_MAX98363 is not set
# CONFIG_SND_SOC_MAX98504 is not set
# CONFIG_SND_SOC_MAX9860 is not set
# CONFIG_SND_SOC_MAX9867 is not set
@ -2009,12 +2021,19 @@
# CONFIG_SND_SOC_PCM186X_SPI is not set
# CONFIG_SND_SOC_PCM3168A_I2C is not set
# CONFIG_SND_SOC_PCM3168A_SPI is not set
# CONFIG_SND_SOC_PEB2466 is not set
# CONFIG_SND_SOC_RT5616 is not set
# CONFIG_SND_SOC_RT5631 is not set
# CONFIG_SND_SOC_RT712_SDCA_DMIC_SDW is not set
# CONFIG_SND_SOC_SGTL5000 is not set
# CONFIG_SND_SOC_SIRF_AUDIO_CODEC is not set
# CONFIG_SND_SOC_SMA1303 is not set
# CONFIG_SND_SOC_SOF_AMD_REMBRANDT is not set
# CONFIG_SND_SOC_SOF_AMD_TOPLEVEL is not set
# CONFIG_SND_SOC_SOF_KABYLAKE is not set
# CONFIG_SND_SOC_SOF_SKYLAKE is not set
# CONFIG_SND_SOC_SPDIF is not set
# CONFIG_SND_SOC_SRC4XXX_I2C is not set
# CONFIG_SND_SOC_SSM2305 is not set
# CONFIG_SND_SOC_SSM2602_I2C is not set
# CONFIG_SND_SOC_SSM2602_SPI is not set
@ -2057,6 +2076,7 @@
# CONFIG_SND_SOC_WM8804_SPI is not set
# CONFIG_SND_SOC_WM8903 is not set
# CONFIG_SND_SOC_WM8960 is not set
# CONFIG_SND_SOC_WM8961 is not set
# CONFIG_SND_SOC_WM8962 is not set
# CONFIG_SND_SOC_WM8974 is not set
# CONFIG_SND_SOC_WM8978 is not set
@ -2074,6 +2094,7 @@
# CONFIG_SOC_TI is not set
# CONFIG_SOLARIS_X86_PARTITION is not set
# CONFIG_SOUNDWIRE is not set
# CONFIG_SOUNDWIRE_AMD is not set
# CONFIG_SOUNDWIRE_QCOM is not set
# CONFIG_SPEAKUP is not set
# CONFIG_SPI_ALTERA is not set
@ -2442,6 +2463,7 @@ CONFIG_64BIT=y
CONFIG_8139CP=m
CONFIG_8139TOO=m
CONFIG_8139TOO_8129=y
CONFIG_A64FX_DIAG=y
CONFIG_ACPI=y
CONFIG_ACPI_APEI=y
CONFIG_ACPI_APEI_EINJ=m
@ -2485,6 +2507,7 @@ CONFIG_ALIM7101_WDT=m
CONFIG_ALX=m
CONFIG_AMD_PHY=m
CONFIG_AMD_XGBE=m
CONFIG_AMPERE_ERRATUM_AC03_CPU_38=y
CONFIG_ANON_INODES=y
CONFIG_AQUANTIA_PHY=m
CONFIG_ARCH_BCM_IPROC=y
@ -2520,6 +2543,7 @@ CONFIG_ARM64_LSE_ATOMICS=y
CONFIG_ARM64_PAN=y
CONFIG_ARM64_PA_BITS_52=y
CONFIG_ARM64_PMEM=y
CONFIG_ARM64_PSEUDO_NMI=y
CONFIG_ARM64_RAS_EXTN=y
CONFIG_ARM64_SVE=y
CONFIG_ARM64_UAO=y
@ -2661,11 +2685,13 @@ CONFIG_BPF_SYSCALL=y
CONFIG_BPF_UNPRIV_DEFAULT_OFF=y
CONFIG_BQL=y
CONFIG_BRANCH_PROFILE_NONE=y
CONFIG_BRCMDBG=y
CONFIG_BRCMFMAC=m
CONFIG_BRCMFMAC_PCIE=y
CONFIG_BRCMFMAC_SDIO=y
CONFIG_BRCMFMAC_USB=y
CONFIG_BRCMSMAC=m
CONFIG_BRCM_TRACING=y
CONFIG_BRIDGE=m
CONFIG_BRIDGE_EBT_802_3=m
CONFIG_BRIDGE_EBT_AMONG=m
@ -2711,6 +2737,7 @@ CONFIG_BT_HCIBTSDIO=m
CONFIG_BT_HCIBTUSB=m
CONFIG_BT_HCIBTUSB_AUTOSUSPEND=y
CONFIG_BT_HCIBTUSB_BCM=y
CONFIG_BT_HCIBTUSB_MTK=y
CONFIG_BT_HCIBTUSB_RTL=y
CONFIG_BT_HCIUART=m
CONFIG_BT_HCIUART_3WIRE=y
@ -2919,7 +2946,7 @@ CONFIG_CRYPTO_ECHAINIV=m
CONFIG_CRYPTO_ESSIV=y
CONFIG_CRYPTO_FCRYPT=m
CONFIG_CRYPTO_FIPS=y
CONFIG_CRYPTO_FIPS_NAME="AlmaLinux 8 - Kernel Cryptographic API"
CONFIG_CRYPTO_FIPS_NAME="Red Hat Enterprise Linux 8 - Kernel Cryptographic API"
CONFIG_CRYPTO_GCM=y
CONFIG_CRYPTO_GF128MUL=y
CONFIG_CRYPTO_GHASH=y
@ -2981,7 +3008,7 @@ CONFIG_DEBUG_KERNEL=y
CONFIG_DEBUG_KMEMLEAK=y
CONFIG_DEBUG_KMEMLEAK_DEFAULT_OFF=y
CONFIG_DEBUG_KMEMLEAK_EARLY_LOG_SIZE=1024
CONFIG_DEBUG_KMEMLEAK_MEM_POOL_SIZE=20000
CONFIG_DEBUG_KMEMLEAK_MEM_POOL_SIZE=40000
CONFIG_DEBUG_LIST=y
CONFIG_DEBUG_LOCK_ALLOC=y
CONFIG_DEBUG_MUTEXES=y
@ -3570,6 +3597,7 @@ CONFIG_INET6_XFRM_MODE_TUNNEL=m
CONFIG_INET=y
CONFIG_INET_AH=m
CONFIG_INET_DIAG=m
CONFIG_INET_DIAG_DESTROY=y
CONFIG_INET_ESP=m
CONFIG_INET_ESPINTCP=y
CONFIG_INET_ESP_OFFLOAD=m
@ -3629,6 +3657,7 @@ CONFIG_INPUT_YEALINK=m
CONFIG_INTEGRITY_AUDIT=y
CONFIG_INTEGRITY_PLATFORM_KEYRING=y
CONFIG_INTEGRITY_TRUSTED_KEYRING=y
CONFIG_INTEL_IOMMU_PERF_EVENTS=y
CONFIG_INTEL_XWAY_PHY=m
CONFIG_IOMMU_SUPPORT=y
CONFIG_IONIC=m
@ -5270,7 +5299,7 @@ CONFIG_TREE_RCU=y
CONFIG_TRUSTED_KEYS=m
CONFIG_TUN=m
CONFIG_TYPEC=y
CONFIG_TYPEC_DP_ALTMODE=y
CONFIG_TYPEC_DP_ALTMODE=m
CONFIG_TYPEC_FUSB302=m
CONFIG_TYPEC_MUX_PI3USB30532=m
CONFIG_TYPEC_RT1711H=y

37
SOURCES/kernel-aarch64.config
View File

@ -141,7 +141,6 @@
# CONFIG_ARM64_16K_PAGES is not set
# CONFIG_ARM64_4K_PAGES is not set
# CONFIG_ARM64_PA_BITS_48 is not set
# CONFIG_ARM64_PSEUDO_NMI is not set
# CONFIG_ARM64_PTDUMP_DEBUGFS is not set
# CONFIG_ARM64_PTR_AUTH is not set
# CONFIG_ARM64_RANDOMIZE_TEXT_OFFSET is not set
@ -533,6 +532,7 @@
# CONFIG_DRM_TINYDRM is not set
# CONFIG_DRM_TI_TFP410 is not set
# CONFIG_DRM_TOSHIBA_TC358767 is not set
# CONFIG_DRM_USE_DYNAMIC_DEBUG is not set
# CONFIG_DRM_VGEM is not set
# CONFIG_DRM_VMWGFX is not set
# CONFIG_DRM_XEN is not set
@ -864,7 +864,6 @@
# CONFIG_IMA_NG_TEMPLATE is not set
# CONFIG_IMA_TEMPLATE is not set
# CONFIG_INA2XX_ADC is not set
# CONFIG_INET_DIAG_DESTROY is not set
# CONFIG_INFINIBAND_EXP_LEGACY_VERBS_NEW_UAPI is not set
# CONFIG_INFINIBAND_HFI1 is not set
# CONFIG_INFINIBAND_HNS is not set
@ -1712,6 +1711,9 @@
# CONFIG_RTLLIB is not set
# CONFIG_RTLWIFI_DEBUG is not set
# CONFIG_RTS5208 is not set
# CONFIG_RTW88_8821CS is not set
# CONFIG_RTW88_8822BS is not set
# CONFIG_RTW88_8822CS is not set
# CONFIG_RTW89_8852CE is not set
# CONFIG_SAMPLE_CONFIGFS is not set
# CONFIG_SAMPLE_CONNECTOR is not set
@ -2003,6 +2005,7 @@
# CONFIG_SND_DESIGNWARE_I2S is not set
# CONFIG_SND_ES1938 is not set
# CONFIG_SND_FM801 is not set
# CONFIG_SND_HDA_CTL_DEV_ID is not set
# CONFIG_SND_I2S_HI6210_I2S is not set
# CONFIG_SND_MIXER_OSS is not set
# CONFIG_SND_MTS64 is not set
@ -2030,27 +2033,34 @@
# CONFIG_SND_SOC_ALC5623 is not set
# CONFIG_SND_SOC_AMD_ACP is not set
# CONFIG_SND_SOC_AW8738 is not set
# CONFIG_SND_SOC_AW88395 is not set
# CONFIG_SND_SOC_BD28623 is not set
# CONFIG_SND_SOC_BT_SCO is not set
# CONFIG_SND_SOC_CS35L32 is not set
# CONFIG_SND_SOC_CS35L33 is not set
# CONFIG_SND_SOC_CS35L34 is not set
# CONFIG_SND_SOC_CS35L35 is not set
# CONFIG_SND_SOC_CS35L56_I2C is not set
# CONFIG_SND_SOC_CS35L56_SDW is not set
# CONFIG_SND_SOC_CS35L56_SPI is not set
# CONFIG_SND_SOC_CS4265 is not set
# CONFIG_SND_SOC_CS4270 is not set
# CONFIG_SND_SOC_CS4271_I2C is not set
# CONFIG_SND_SOC_CS4271_SPI is not set
# CONFIG_SND_SOC_CS42L42 is not set
# CONFIG_SND_SOC_CS42L42_SDW is not set
# CONFIG_SND_SOC_CS42L51_I2C is not set
# CONFIG_SND_SOC_CS42L52 is not set
# CONFIG_SND_SOC_CS42L56 is not set
# CONFIG_SND_SOC_CS42L73 is not set
# CONFIG_SND_SOC_CS42L83 is not set
# CONFIG_SND_SOC_CS42XX8_I2C is not set
# CONFIG_SND_SOC_CS43130 is not set
# CONFIG_SND_SOC_CS4349 is not set
# CONFIG_SND_SOC_CS53L30 is not set
# CONFIG_SND_SOC_DIO2125 is not set
# CONFIG_SND_SOC_ES7134 is not set
# CONFIG_SND_SOC_ES8326 is not set
# CONFIG_SND_SOC_ES8328_I2C is not set
# CONFIG_SND_SOC_ES8328_SPI is not set
# CONFIG_SND_SOC_FSL_ASRC is not set
@ -2059,12 +2069,16 @@
# CONFIG_SND_SOC_FSL_SPDIF is not set
# CONFIG_SND_SOC_FSL_SSI is not set
# CONFIG_SND_SOC_GTM601 is not set
# CONFIG_SND_SOC_IDT821034 is not set
# CONFIG_SND_SOC_IMG is not set
# CONFIG_SND_SOC_IMX_AUDMUX is not set
# CONFIG_SND_SOC_INNO_RK3036 is not set
# CONFIG_SND_SOC_INTEL_AVS is not set
# CONFIG_SND_SOC_INTEL_AVS_MACH_MAX98927 is not set
# CONFIG_SND_SOC_INTEL_AVS_MACH_PROBE is not set
# CONFIG_SND_SOC_INTEL_SOF_SSP_AMP_MACH is not set
# CONFIG_SND_SOC_MAX9759 is not set
# CONFIG_SND_SOC_MAX98363 is not set
# CONFIG_SND_SOC_MAX98504 is not set
# CONFIG_SND_SOC_MAX9860 is not set
# CONFIG_SND_SOC_MAX9867 is not set
@ -2081,12 +2095,19 @@
# CONFIG_SND_SOC_PCM186X_SPI is not set
# CONFIG_SND_SOC_PCM3168A_I2C is not set
# CONFIG_SND_SOC_PCM3168A_SPI is not set
# CONFIG_SND_SOC_PEB2466 is not set
# CONFIG_SND_SOC_RT5616 is not set
# CONFIG_SND_SOC_RT5631 is not set
# CONFIG_SND_SOC_RT712_SDCA_DMIC_SDW is not set
# CONFIG_SND_SOC_SGTL5000 is not set
# CONFIG_SND_SOC_SIRF_AUDIO_CODEC is not set
# CONFIG_SND_SOC_SMA1303 is not set
# CONFIG_SND_SOC_SOF_AMD_REMBRANDT is not set
# CONFIG_SND_SOC_SOF_AMD_TOPLEVEL is not set
# CONFIG_SND_SOC_SOF_KABYLAKE is not set
# CONFIG_SND_SOC_SOF_SKYLAKE is not set
# CONFIG_SND_SOC_SPDIF is not set
# CONFIG_SND_SOC_SRC4XXX_I2C is not set
# CONFIG_SND_SOC_SSM2305 is not set
# CONFIG_SND_SOC_SSM2602_I2C is not set
# CONFIG_SND_SOC_SSM2602_SPI is not set
@ -2129,6 +2150,7 @@
# CONFIG_SND_SOC_WM8804_SPI is not set
# CONFIG_SND_SOC_WM8903 is not set
# CONFIG_SND_SOC_WM8960 is not set
# CONFIG_SND_SOC_WM8961 is not set
# CONFIG_SND_SOC_WM8962 is not set
# CONFIG_SND_SOC_WM8974 is not set
# CONFIG_SND_SOC_WM8978 is not set
@ -2147,6 +2169,7 @@
# CONFIG_SOC_TI is not set
# CONFIG_SOLARIS_X86_PARTITION is not set
# CONFIG_SOUNDWIRE is not set
# CONFIG_SOUNDWIRE_AMD is not set
# CONFIG_SOUNDWIRE_QCOM is not set
# CONFIG_SPEAKUP is not set
# CONFIG_SPI_ALTERA is not set
@ -2519,6 +2542,7 @@ CONFIG_64BIT=y
CONFIG_8139CP=m
CONFIG_8139TOO=m
CONFIG_8139TOO_8129=y
CONFIG_A64FX_DIAG=y
CONFIG_ACPI=y
CONFIG_ACPI_APEI=y
CONFIG_ACPI_APEI_EINJ=m
@ -2556,6 +2580,7 @@ CONFIG_ALIM7101_WDT=m
CONFIG_ALX=m
CONFIG_AMD_PHY=m
CONFIG_AMD_XGBE=m
CONFIG_AMPERE_ERRATUM_AC03_CPU_38=y
CONFIG_ANON_INODES=y
CONFIG_AQUANTIA_PHY=m
CONFIG_ARCH_BCM_IPROC=y
@ -2591,6 +2616,7 @@ CONFIG_ARM64_LSE_ATOMICS=y
CONFIG_ARM64_PAN=y
CONFIG_ARM64_PA_BITS_52=y
CONFIG_ARM64_PMEM=y
CONFIG_ARM64_PSEUDO_NMI=y
CONFIG_ARM64_RAS_EXTN=y
CONFIG_ARM64_SVE=y
CONFIG_ARM64_UAO=y
@ -2779,6 +2805,7 @@ CONFIG_BT_HCIBTSDIO=m
CONFIG_BT_HCIBTUSB=m
CONFIG_BT_HCIBTUSB_AUTOSUSPEND=y
CONFIG_BT_HCIBTUSB_BCM=y
CONFIG_BT_HCIBTUSB_MTK=y
CONFIG_BT_HCIBTUSB_RTL=y
CONFIG_BT_HCIUART=m
CONFIG_BT_HCIUART_3WIRE=y
@ -2982,7 +3009,7 @@ CONFIG_CRYPTO_ECHAINIV=m
CONFIG_CRYPTO_ESSIV=y
CONFIG_CRYPTO_FCRYPT=m
CONFIG_CRYPTO_FIPS=y
CONFIG_CRYPTO_FIPS_NAME="AlmaLinux 8 - Kernel Cryptographic API"
CONFIG_CRYPTO_FIPS_NAME="Red Hat Enterprise Linux 8 - Kernel Cryptographic API"
CONFIG_CRYPTO_GCM=y
CONFIG_CRYPTO_GF128MUL=y
CONFIG_CRYPTO_GHASH=y
@ -3586,6 +3613,7 @@ CONFIG_INET6_XFRM_MODE_TUNNEL=m
CONFIG_INET=y
CONFIG_INET_AH=m
CONFIG_INET_DIAG=m
CONFIG_INET_DIAG_DESTROY=y
CONFIG_INET_ESP=m
CONFIG_INET_ESPINTCP=y
CONFIG_INET_ESP_OFFLOAD=m
@ -3645,6 +3673,7 @@ CONFIG_INPUT_YEALINK=m
CONFIG_INTEGRITY_AUDIT=y
CONFIG_INTEGRITY_PLATFORM_KEYRING=y
CONFIG_INTEGRITY_TRUSTED_KEYRING=y
CONFIG_INTEL_IOMMU_PERF_EVENTS=y
CONFIG_INTEL_XWAY_PHY=m
CONFIG_IOMMU_SUPPORT=y
CONFIG_IONIC=m
@ -5248,7 +5277,7 @@ CONFIG_TREE_RCU=y
CONFIG_TRUSTED_KEYS=m
CONFIG_TUN=m
CONFIG_TYPEC=y
CONFIG_TYPEC_DP_ALTMODE=y
CONFIG_TYPEC_DP_ALTMODE=m
CONFIG_TYPEC_FUSB302=m
CONFIG_TYPEC_MUX_PI3USB30532=m
CONFIG_TYPEC_RT1711H=y

39
SOURCES/kernel-ppc64le-debug.config
View File

@ -191,8 +191,6 @@
# CONFIG_BOOTPARAM_HUNG_TASK_PANIC is not set
# CONFIG_BOOTPARAM_SOFTLOCKUP_PANIC is not set
# CONFIG_BPFILTER is not set
# CONFIG_BRCMDBG is not set
# CONFIG_BRCM_TRACING is not set
# CONFIG_BTRFS_FS is not set
# CONFIG_BT_6LOWPAN is not set
# CONFIG_BT_HCIUART_AG6XX is not set
@ -416,6 +414,7 @@
# CONFIG_DRM_TINYDRM is not set
# CONFIG_DRM_TI_TFP410 is not set
# CONFIG_DRM_TOSHIBA_TC358767 is not set
# CONFIG_DRM_USE_DYNAMIC_DEBUG is not set
# CONFIG_DRM_VGEM is not set
# CONFIG_DRM_XEN is not set
# CONFIG_DS1682 is not set
@ -727,7 +726,6 @@
# CONFIG_IMA_NG_TEMPLATE is not set
# CONFIG_IMA_TEMPLATE is not set
# CONFIG_INA2XX_ADC is not set
# CONFIG_INET_DIAG_DESTROY is not set
# CONFIG_INFINIBAND_EFA is not set
# CONFIG_INFINIBAND_EXP_LEGACY_VERBS_NEW_UAPI is not set
# CONFIG_INFINIBAND_HFI1 is not set
@ -1503,6 +1501,9 @@
# CONFIG_RTL8XXXU_UNTESTED is not set
# CONFIG_RTLLIB is not set
# CONFIG_RTS5208 is not set
# CONFIG_RTW88_8821CS is not set
# CONFIG_RTW88_8822BS is not set
# CONFIG_RTW88_8822CS is not set
# CONFIG_RTW89_8852CE is not set
# CONFIG_SAMPLE_CONFIGFS is not set
# CONFIG_SAMPLE_CONNECTOR is not set
@ -1697,6 +1698,7 @@
# CONFIG_SND_DESIGNWARE_I2S is not set
# CONFIG_SND_ES1938 is not set
# CONFIG_SND_FM801 is not set
# CONFIG_SND_HDA_CTL_DEV_ID is not set
# CONFIG_SND_HDA_INTEL is not set
# CONFIG_SND_I2S_HI6210_I2S is not set
# CONFIG_SND_MIXER_OSS is not set
@ -1724,27 +1726,34 @@
# CONFIG_SND_SOC_ALC5623 is not set
# CONFIG_SND_SOC_AMD_ACP is not set
# CONFIG_SND_SOC_AW8738 is not set
# CONFIG_SND_SOC_AW88395 is not set
# CONFIG_SND_SOC_BD28623 is not set
# CONFIG_SND_SOC_BT_SCO is not set
# CONFIG_SND_SOC_CS35L32 is not set
# CONFIG_SND_SOC_CS35L33 is not set
# CONFIG_SND_SOC_CS35L34 is not set
# CONFIG_SND_SOC_CS35L35 is not set
# CONFIG_SND_SOC_CS35L56_I2C is not set
# CONFIG_SND_SOC_CS35L56_SDW is not set
# CONFIG_SND_SOC_CS35L56_SPI is not set
# CONFIG_SND_SOC_CS4265 is not set
# CONFIG_SND_SOC_CS4270 is not set
# CONFIG_SND_SOC_CS4271_I2C is not set
# CONFIG_SND_SOC_CS4271_SPI is not set
# CONFIG_SND_SOC_CS42L42 is not set
# CONFIG_SND_SOC_CS42L42_SDW is not set
# CONFIG_SND_SOC_CS42L51_I2C is not set
# CONFIG_SND_SOC_CS42L52 is not set
# CONFIG_SND_SOC_CS42L56 is not set
# CONFIG_SND_SOC_CS42L73 is not set
# CONFIG_SND_SOC_CS42L83 is not set
# CONFIG_SND_SOC_CS42XX8_I2C is not set
# CONFIG_SND_SOC_CS43130 is not set
# CONFIG_SND_SOC_CS4349 is not set
# CONFIG_SND_SOC_CS53L30 is not set
# CONFIG_SND_SOC_DIO2125 is not set
# CONFIG_SND_SOC_ES7134 is not set
# CONFIG_SND_SOC_ES8326 is not set
# CONFIG_SND_SOC_ES8328_I2C is not set
# CONFIG_SND_SOC_ES8328_SPI is not set
# CONFIG_SND_SOC_FSL_ASRC is not set
@ -1753,12 +1762,16 @@
# CONFIG_SND_SOC_FSL_SPDIF is not set
# CONFIG_SND_SOC_FSL_SSI is not set
# CONFIG_SND_SOC_GTM601 is not set
# CONFIG_SND_SOC_IDT821034 is not set
# CONFIG_SND_SOC_IMG is not set
# CONFIG_SND_SOC_IMX_AUDMUX is not set
# CONFIG_SND_SOC_INNO_RK3036 is not set
# CONFIG_SND_SOC_INTEL_AVS is not set
# CONFIG_SND_SOC_INTEL_AVS_MACH_MAX98927 is not set
# CONFIG_SND_SOC_INTEL_AVS_MACH_PROBE is not set
# CONFIG_SND_SOC_INTEL_SOF_SSP_AMP_MACH is not set
# CONFIG_SND_SOC_MAX9759 is not set
# CONFIG_SND_SOC_MAX98363 is not set
# CONFIG_SND_SOC_MAX98504 is not set
# CONFIG_SND_SOC_MAX9860 is not set
# CONFIG_SND_SOC_MAX9867 is not set
@ -1775,12 +1788,19 @@
# CONFIG_SND_SOC_PCM186X_SPI is not set
# CONFIG_SND_SOC_PCM3168A_I2C is not set
# CONFIG_SND_SOC_PCM3168A_SPI is not set
# CONFIG_SND_SOC_PEB2466 is not set
# CONFIG_SND_SOC_RT5616 is not set
# CONFIG_SND_SOC_RT5631 is not set
# CONFIG_SND_SOC_RT712_SDCA_DMIC_SDW is not set
# CONFIG_SND_SOC_SGTL5000 is not set
# CONFIG_SND_SOC_SIRF_AUDIO_CODEC is not set
# CONFIG_SND_SOC_SMA1303 is not set
# CONFIG_SND_SOC_SOF_AMD_REMBRANDT is not set
# CONFIG_SND_SOC_SOF_AMD_TOPLEVEL is not set
# CONFIG_SND_SOC_SOF_KABYLAKE is not set
# CONFIG_SND_SOC_SOF_SKYLAKE is not set
# CONFIG_SND_SOC_SPDIF is not set
# CONFIG_SND_SOC_SRC4XXX_I2C is not set
# CONFIG_SND_SOC_SSM2305 is not set
# CONFIG_SND_SOC_SSM2602_I2C is not set
# CONFIG_SND_SOC_SSM2602_SPI is not set
@ -1823,6 +1843,7 @@
# CONFIG_SND_SOC_WM8804_SPI is not set
# CONFIG_SND_SOC_WM8903 is not set
# CONFIG_SND_SOC_WM8960 is not set
# CONFIG_SND_SOC_WM8961 is not set
# CONFIG_SND_SOC_WM8962 is not set
# CONFIG_SND_SOC_WM8974 is not set
# CONFIG_SND_SOC_WM8978 is not set
@ -1839,6 +1860,7 @@
# CONFIG_SOC_TI is not set
# CONFIG_SONY_FF is not set
# CONFIG_SOUNDWIRE is not set
# CONFIG_SOUNDWIRE_AMD is not set
# CONFIG_SOUNDWIRE_QCOM is not set
# CONFIG_SPEAKUP is not set
# CONFIG_SPI is not set
@ -2354,11 +2376,13 @@ CONFIG_BPF_STREAM_PARSER=y
CONFIG_BPF_SYSCALL=y
CONFIG_BPF_UNPRIV_DEFAULT_OFF=y
CONFIG_BRANCH_PROFILE_NONE=y
CONFIG_BRCMDBG=y
CONFIG_BRCMFMAC=m
CONFIG_BRCMFMAC_PCIE=y
CONFIG_BRCMFMAC_SDIO=y
CONFIG_BRCMFMAC_USB=y
CONFIG_BRCMSMAC=m
CONFIG_BRCM_TRACING=y
CONFIG_BRIDGE=m
CONFIG_BRIDGE_EBT_802_3=m
CONFIG_BRIDGE_EBT_AMONG=m
@ -2405,6 +2429,7 @@ CONFIG_BT_HCIBTSDIO=m
CONFIG_BT_HCIBTUSB=m
CONFIG_BT_HCIBTUSB_AUTOSUSPEND=y
CONFIG_BT_HCIBTUSB_BCM=y
CONFIG_BT_HCIBTUSB_MTK=y
CONFIG_BT_HCIBTUSB_RTL=y
CONFIG_BT_HCIUART=m
CONFIG_BT_HCIUART_3WIRE=y
@ -2593,7 +2618,7 @@ CONFIG_CRYPTO_ECHAINIV=m
CONFIG_CRYPTO_ESSIV=y
CONFIG_CRYPTO_FCRYPT=m
CONFIG_CRYPTO_FIPS=y
CONFIG_CRYPTO_FIPS_NAME="AlmaLinux 8 - Kernel Cryptographic API"
CONFIG_CRYPTO_FIPS_NAME="Red Hat Enterprise Linux 8 - Kernel Cryptographic API"
CONFIG_CRYPTO_GCM=y
CONFIG_CRYPTO_GF128MUL=y
CONFIG_CRYPTO_GHASH=y
@ -2657,7 +2682,7 @@ CONFIG_DEBUG_KERNEL=y
CONFIG_DEBUG_KMEMLEAK=y
CONFIG_DEBUG_KMEMLEAK_DEFAULT_OFF=y
CONFIG_DEBUG_KMEMLEAK_EARLY_LOG_SIZE=1024
CONFIG_DEBUG_KMEMLEAK_MEM_POOL_SIZE=20000
CONFIG_DEBUG_KMEMLEAK_MEM_POOL_SIZE=40000
CONFIG_DEBUG_LIST=y
CONFIG_DEBUG_LOCK_ALLOC=y
CONFIG_DEBUG_MUTEXES=y
@ -3219,6 +3244,7 @@ CONFIG_INET6_XFRM_MODE_TUNNEL=m
CONFIG_INET=y
CONFIG_INET_AH=m
CONFIG_INET_DIAG=m
CONFIG_INET_DIAG_DESTROY=y
CONFIG_INET_ESP=m
CONFIG_INET_ESPINTCP=y
CONFIG_INET_ESP_OFFLOAD=m
@ -3282,6 +3308,7 @@ CONFIG_INTEGRITY_AUDIT=y
CONFIG_INTEGRITY_PLATFORM_KEYRING=y
CONFIG_INTEGRITY_SIGNATURE=y
CONFIG_INTEGRITY_TRUSTED_KEYRING=y
CONFIG_INTEL_IOMMU_PERF_EVENTS=y
CONFIG_INTEL_XWAY_PHY=m
CONFIG_IOMMU_SUPPORT=y
CONFIG_IONIC=m
@ -5007,7 +5034,7 @@ CONFIG_TRUSTED_KEYS=y
CONFIG_TUN=m
CONFIG_TUN_VNET_CROSS_LE=y
CONFIG_TYPEC=y
CONFIG_TYPEC_DP_ALTMODE=y
CONFIG_TYPEC_DP_ALTMODE=m
CONFIG_TYPEC_FUSB302=m
CONFIG_TYPEC_MUX_PI3USB30532=m
CONFIG_TYPEC_RT1711H=y

33
SOURCES/kernel-ppc64le.config
View File

@ -457,6 +457,7 @@
# CONFIG_DRM_TINYDRM is not set
# CONFIG_DRM_TI_TFP410 is not set
# CONFIG_DRM_TOSHIBA_TC358767 is not set
# CONFIG_DRM_USE_DYNAMIC_DEBUG is not set
# CONFIG_DRM_VGEM is not set
# CONFIG_DRM_XEN is not set
# CONFIG_DS1682 is not set
@ -781,7 +782,6 @@
# CONFIG_IMA_NG_TEMPLATE is not set
# CONFIG_IMA_TEMPLATE is not set
# CONFIG_INA2XX_ADC is not set
# CONFIG_INET_DIAG_DESTROY is not set
# CONFIG_INFINIBAND_EFA is not set
# CONFIG_INFINIBAND_EXP_LEGACY_VERBS_NEW_UAPI is not set
# CONFIG_INFINIBAND_HFI1 is not set
@ -1574,6 +1574,9 @@
# CONFIG_RTLLIB is not set
# CONFIG_RTLWIFI_DEBUG is not set
# CONFIG_RTS5208 is not set
# CONFIG_RTW88_8821CS is not set
# CONFIG_RTW88_8822BS is not set
# CONFIG_RTW88_8822CS is not set
# CONFIG_RTW89_8852CE is not set
# CONFIG_SAMPLE_CONFIGFS is not set
# CONFIG_SAMPLE_CONNECTOR is not set
@ -1769,6 +1772,7 @@
# CONFIG_SND_DESIGNWARE_I2S is not set
# CONFIG_SND_ES1938 is not set
# CONFIG_SND_FM801 is not set
# CONFIG_SND_HDA_CTL_DEV_ID is not set
# CONFIG_SND_HDA_INTEL is not set
# CONFIG_SND_I2S_HI6210_I2S is not set
# CONFIG_SND_MIXER_OSS is not set
@ -1797,27 +1801,34 @@
# CONFIG_SND_SOC_ALC5623 is not set
# CONFIG_SND_SOC_AMD_ACP is not set
# CONFIG_SND_SOC_AW8738 is not set
# CONFIG_SND_SOC_AW88395 is not set
# CONFIG_SND_SOC_BD28623 is not set
# CONFIG_SND_SOC_BT_SCO is not set
# CONFIG_SND_SOC_CS35L32 is not set
# CONFIG_SND_SOC_CS35L33 is not set
# CONFIG_SND_SOC_CS35L34 is not set
# CONFIG_SND_SOC_CS35L35 is not set
# CONFIG_SND_SOC_CS35L56_I2C is not set
# CONFIG_SND_SOC_CS35L56_SDW is not set
# CONFIG_SND_SOC_CS35L56_SPI is not set
# CONFIG_SND_SOC_CS4265 is not set
# CONFIG_SND_SOC_CS4270 is not set
# CONFIG_SND_SOC_CS4271_I2C is not set
# CONFIG_SND_SOC_CS4271_SPI is not set
# CONFIG_SND_SOC_CS42L42 is not set
# CONFIG_SND_SOC_CS42L42_SDW is not set
# CONFIG_SND_SOC_CS42L51_I2C is not set
# CONFIG_SND_SOC_CS42L52 is not set
# CONFIG_SND_SOC_CS42L56 is not set
# CONFIG_SND_SOC_CS42L73 is not set
# CONFIG_SND_SOC_CS42L83 is not set
# CONFIG_SND_SOC_CS42XX8_I2C is not set
# CONFIG_SND_SOC_CS43130 is not set
# CONFIG_SND_SOC_CS4349 is not set
# CONFIG_SND_SOC_CS53L30 is not set
# CONFIG_SND_SOC_DIO2125 is not set
# CONFIG_SND_SOC_ES7134 is not set
# CONFIG_SND_SOC_ES8326 is not set
# CONFIG_SND_SOC_ES8328_I2C is not set
# CONFIG_SND_SOC_ES8328_SPI is not set
# CONFIG_SND_SOC_FSL_ASRC is not set
@ -1826,12 +1837,16 @@
# CONFIG_SND_SOC_FSL_SPDIF is not set
# CONFIG_SND_SOC_FSL_SSI is not set
# CONFIG_SND_SOC_GTM601 is not set
# CONFIG_SND_SOC_IDT821034 is not set
# CONFIG_SND_SOC_IMG is not set
# CONFIG_SND_SOC_IMX_AUDMUX is not set
# CONFIG_SND_SOC_INNO_RK3036 is not set
# CONFIG_SND_SOC_INTEL_AVS is not set
# CONFIG_SND_SOC_INTEL_AVS_MACH_MAX98927 is not set
# CONFIG_SND_SOC_INTEL_AVS_MACH_PROBE is not set
# CONFIG_SND_SOC_INTEL_SOF_SSP_AMP_MACH is not set
# CONFIG_SND_SOC_MAX9759 is not set
# CONFIG_SND_SOC_MAX98363 is not set
# CONFIG_SND_SOC_MAX98504 is not set
# CONFIG_SND_SOC_MAX9860 is not set
# CONFIG_SND_SOC_MAX9867 is not set
@ -1848,12 +1863,19 @@
# CONFIG_SND_SOC_PCM186X_SPI is not set
# CONFIG_SND_SOC_PCM3168A_I2C is not set
# CONFIG_SND_SOC_PCM3168A_SPI is not set
# CONFIG_SND_SOC_PEB2466 is not set
# CONFIG_SND_SOC_RT5616 is not set
# CONFIG_SND_SOC_RT5631 is not set
# CONFIG_SND_SOC_RT712_SDCA_DMIC_SDW is not set
# CONFIG_SND_SOC_SGTL5000 is not set
# CONFIG_SND_SOC_SIRF_AUDIO_CODEC is not set
# CONFIG_SND_SOC_SMA1303 is not set
# CONFIG_SND_SOC_SOF_AMD_REMBRANDT is not set
# CONFIG_SND_SOC_SOF_AMD_TOPLEVEL is not set
# CONFIG_SND_SOC_SOF_KABYLAKE is not set
# CONFIG_SND_SOC_SOF_SKYLAKE is not set
# CONFIG_SND_SOC_SPDIF is not set
# CONFIG_SND_SOC_SRC4XXX_I2C is not set
# CONFIG_SND_SOC_SSM2305 is not set
# CONFIG_SND_SOC_SSM2602_I2C is not set
# CONFIG_SND_SOC_SSM2602_SPI is not set
@ -1896,6 +1918,7 @@
# CONFIG_SND_SOC_WM8804_SPI is not set
# CONFIG_SND_SOC_WM8903 is not set
# CONFIG_SND_SOC_WM8960 is not set
# CONFIG_SND_SOC_WM8961 is not set
# CONFIG_SND_SOC_WM8962 is not set
# CONFIG_SND_SOC_WM8974 is not set
# CONFIG_SND_SOC_WM8978 is not set
@ -1913,6 +1936,7 @@
# CONFIG_SOC_TI is not set
# CONFIG_SONY_FF is not set
# CONFIG_SOUNDWIRE is not set
# CONFIG_SOUNDWIRE_AMD is not set
# CONFIG_SOUNDWIRE_QCOM is not set
# CONFIG_SPEAKUP is not set
# CONFIG_SPI is not set
@ -2471,6 +2495,7 @@ CONFIG_BT_HCIBTSDIO=m
CONFIG_BT_HCIBTUSB=m
CONFIG_BT_HCIBTUSB_AUTOSUSPEND=y
CONFIG_BT_HCIBTUSB_BCM=y
CONFIG_BT_HCIBTUSB_MTK=y
CONFIG_BT_HCIBTUSB_RTL=y
CONFIG_BT_HCIUART=m
CONFIG_BT_HCIUART_3WIRE=y
@ -2653,7 +2678,7 @@ CONFIG_CRYPTO_ECHAINIV=m
CONFIG_CRYPTO_ESSIV=y
CONFIG_CRYPTO_FCRYPT=m
CONFIG_CRYPTO_FIPS=y
CONFIG_CRYPTO_FIPS_NAME="AlmaLinux 8 - Kernel Cryptographic API"
CONFIG_CRYPTO_FIPS_NAME="Red Hat Enterprise Linux 8 - Kernel Cryptographic API"
CONFIG_CRYPTO_GCM=y
CONFIG_CRYPTO_GF128MUL=y
CONFIG_CRYPTO_GHASH=y
@ -3232,6 +3257,7 @@ CONFIG_INET6_XFRM_MODE_TUNNEL=m
CONFIG_INET=y
CONFIG_INET_AH=m
CONFIG_INET_DIAG=m
CONFIG_INET_DIAG_DESTROY=y
CONFIG_INET_ESP=m
CONFIG_INET_ESPINTCP=y
CONFIG_INET_ESP_OFFLOAD=m
@ -3295,6 +3321,7 @@ CONFIG_INTEGRITY_AUDIT=y
CONFIG_INTEGRITY_PLATFORM_KEYRING=y
CONFIG_INTEGRITY_SIGNATURE=y
CONFIG_INTEGRITY_TRUSTED_KEYRING=y
CONFIG_INTEL_IOMMU_PERF_EVENTS=y
CONFIG_INTEL_XWAY_PHY=m
CONFIG_IOMMU_SUPPORT=y
CONFIG_IONIC=m
@ -4986,7 +5013,7 @@ CONFIG_TRUSTED_KEYS=y
CONFIG_TUN=m
CONFIG_TUN_VNET_CROSS_LE=y
CONFIG_TYPEC=y
CONFIG_TYPEC_DP_ALTMODE=y
CONFIG_TYPEC_DP_ALTMODE=m
CONFIG_TYPEC_FUSB302=m
CONFIG_TYPEC_MUX_PI3USB30532=m
CONFIG_TYPEC_RT1711H=y

39
SOURCES/kernel-s390x-debug.config
View File

@ -200,8 +200,6 @@
# CONFIG_BOOTPARAM_HUNG_TASK_PANIC is not set
# CONFIG_BOOTPARAM_SOFTLOCKUP_PANIC is not set
# CONFIG_BPFILTER is not set
# CONFIG_BRCMDBG is not set
# CONFIG_BRCM_TRACING is not set
# CONFIG_BROADCOM_PHY is not set
# CONFIG_BT is not set
# CONFIG_BTRFS_FS is not set
@ -442,6 +440,7 @@
# CONFIG_DRM_TINYDRM is not set
# CONFIG_DRM_TI_TFP410 is not set
# CONFIG_DRM_TOSHIBA_TC358767 is not set
# CONFIG_DRM_USE_DYNAMIC_DEBUG is not set
# CONFIG_DRM_VGEM is not set
# CONFIG_DRM_XEN is not set
# CONFIG_DS1682 is not set
@ -766,7 +765,6 @@
# CONFIG_IMA_NG_TEMPLATE is not set
# CONFIG_IMA_TEMPLATE is not set
# CONFIG_INA2XX_ADC is not set
# CONFIG_INET_DIAG_DESTROY is not set
# CONFIG_INFINIBAND_BNXT_RE is not set
# CONFIG_INFINIBAND_EFA is not set
# CONFIG_INFINIBAND_EXP_LEGACY_VERBS_NEW_UAPI is not set
@ -1589,6 +1587,9 @@
# CONFIG_RTL8XXXU_UNTESTED is not set
# CONFIG_RTLLIB is not set
# CONFIG_RTS5208 is not set
# CONFIG_RTW88_8821CS is not set
# CONFIG_RTW88_8822BS is not set
# CONFIG_RTW88_8822CS is not set
# CONFIG_RTW89_8852CE is not set
# CONFIG_S390_PTDUMP is not set
# CONFIG_SAMPLE_CONFIGFS is not set
@ -1808,6 +1809,7 @@
# CONFIG_SND_DESIGNWARE_I2S is not set
# CONFIG_SND_ES1938 is not set
# CONFIG_SND_FM801 is not set
# CONFIG_SND_HDA_CTL_DEV_ID is not set
# CONFIG_SND_I2S_HI6210_I2S is not set
# CONFIG_SND_MIXER_OSS is not set
# CONFIG_SND_MTS64 is not set
@ -1834,27 +1836,34 @@
# CONFIG_SND_SOC_ALC5623 is not set
# CONFIG_SND_SOC_AMD_ACP is not set
# CONFIG_SND_SOC_AW8738 is not set
# CONFIG_SND_SOC_AW88395 is not set
# CONFIG_SND_SOC_BD28623 is not set
# CONFIG_SND_SOC_BT_SCO is not set
# CONFIG_SND_SOC_CS35L32 is not set
# CONFIG_SND_SOC_CS35L33 is not set
# CONFIG_SND_SOC_CS35L34 is not set
# CONFIG_SND_SOC_CS35L35 is not set
# CONFIG_SND_SOC_CS35L56_I2C is not set
# CONFIG_SND_SOC_CS35L56_SDW is not set
# CONFIG_SND_SOC_CS35L56_SPI is not set
# CONFIG_SND_SOC_CS4265 is not set
# CONFIG_SND_SOC_CS4270 is not set
# CONFIG_SND_SOC_CS4271_I2C is not set
# CONFIG_SND_SOC_CS4271_SPI is not set
# CONFIG_SND_SOC_CS42L42 is not set
# CONFIG_SND_SOC_CS42L42_SDW is not set
# CONFIG_SND_SOC_CS42L51_I2C is not set
# CONFIG_SND_SOC_CS42L52 is not set
# CONFIG_SND_SOC_CS42L56 is not set
# CONFIG_SND_SOC_CS42L73 is not set
# CONFIG_SND_SOC_CS42L83 is not set
# CONFIG_SND_SOC_CS42XX8_I2C is not set
# CONFIG_SND_SOC_CS43130 is not set
# CONFIG_SND_SOC_CS4349 is not set
# CONFIG_SND_SOC_CS53L30 is not set
# CONFIG_SND_SOC_DIO2125 is not set
# CONFIG_SND_SOC_ES7134 is not set
# CONFIG_SND_SOC_ES8326 is not set
# CONFIG_SND_SOC_ES8328_I2C is not set
# CONFIG_SND_SOC_ES8328_SPI is not set
# CONFIG_SND_SOC_FSL_ASRC is not set
@ -1863,12 +1872,16 @@
# CONFIG_SND_SOC_FSL_SPDIF is not set
# CONFIG_SND_SOC_FSL_SSI is not set
# CONFIG_SND_SOC_GTM601 is not set
# CONFIG_SND_SOC_IDT821034 is not set
# CONFIG_SND_SOC_IMG is not set
# CONFIG_SND_SOC_IMX_AUDMUX is not set
# CONFIG_SND_SOC_INNO_RK3036 is not set
# CONFIG_SND_SOC_INTEL_AVS is not set
# CONFIG_SND_SOC_INTEL_AVS_MACH_MAX98927 is not set
# CONFIG_SND_SOC_INTEL_AVS_MACH_PROBE is not set
# CONFIG_SND_SOC_INTEL_SOF_SSP_AMP_MACH is not set
# CONFIG_SND_SOC_MAX9759 is not set
# CONFIG_SND_SOC_MAX98363 is not set
# CONFIG_SND_SOC_MAX98504 is not set
# CONFIG_SND_SOC_MAX9860 is not set
# CONFIG_SND_SOC_MAX9867 is not set
@ -1885,12 +1898,19 @@
# CONFIG_SND_SOC_PCM186X_SPI is not set
# CONFIG_SND_SOC_PCM3168A_I2C is not set
# CONFIG_SND_SOC_PCM3168A_SPI is not set
# CONFIG_SND_SOC_PEB2466 is not set
# CONFIG_SND_SOC_RT5616 is not set
# CONFIG_SND_SOC_RT5631 is not set
# CONFIG_SND_SOC_RT712_SDCA_DMIC_SDW is not set
# CONFIG_SND_SOC_SGTL5000 is not set
# CONFIG_SND_SOC_SIRF_AUDIO_CODEC is not set
# CONFIG_SND_SOC_SMA1303 is not set
# CONFIG_SND_SOC_SOF_AMD_REMBRANDT is not set
# CONFIG_SND_SOC_SOF_AMD_TOPLEVEL is not set
# CONFIG_SND_SOC_SOF_KABYLAKE is not set
# CONFIG_SND_SOC_SOF_SKYLAKE is not set
# CONFIG_SND_SOC_SPDIF is not set
# CONFIG_SND_SOC_SRC4XXX_I2C is not set
# CONFIG_SND_SOC_SSM2305 is not set
# CONFIG_SND_SOC_SSM2602_I2C is not set
# CONFIG_SND_SOC_SSM2602_SPI is not set
@ -1933,6 +1953,7 @@
# CONFIG_SND_SOC_WM8804_SPI is not set
# CONFIG_SND_SOC_WM8903 is not set
# CONFIG_SND_SOC_WM8960 is not set
# CONFIG_SND_SOC_WM8961 is not set
# CONFIG_SND_SOC_WM8962 is not set
# CONFIG_SND_SOC_WM8974 is not set
# CONFIG_SND_SOC_WM8978 is not set
@ -1949,6 +1970,7 @@
# CONFIG_SOC_TI is not set
# CONFIG_SOUND is not set
# CONFIG_SOUNDWIRE is not set
# CONFIG_SOUNDWIRE_AMD is not set
# CONFIG_SOUNDWIRE_QCOM is not set
# CONFIG_SPEAKUP is not set
# CONFIG_SPI is not set
@ -2482,11 +2504,13 @@ CONFIG_BPF_STREAM_PARSER=y
CONFIG_BPF_SYSCALL=y
CONFIG_BPF_UNPRIV_DEFAULT_OFF=y
CONFIG_BRANCH_PROFILE_NONE=y
CONFIG_BRCMDBG=y
CONFIG_BRCMFMAC=m
CONFIG_BRCMFMAC_PCIE=y
CONFIG_BRCMFMAC_SDIO=y
CONFIG_BRCMFMAC_USB=y
CONFIG_BRCMSMAC=m
CONFIG_BRCM_TRACING=y
CONFIG_BRIDGE=m
CONFIG_BRIDGE_EBT_802_3=m
CONFIG_BRIDGE_EBT_AMONG=m
@ -2531,6 +2555,7 @@ CONFIG_BT_HCIBTSDIO=m
CONFIG_BT_HCIBTUSB=m
CONFIG_BT_HCIBTUSB_AUTOSUSPEND=y
CONFIG_BT_HCIBTUSB_BCM=y
CONFIG_BT_HCIBTUSB_MTK=y
CONFIG_BT_HCIBTUSB_RTL=y
CONFIG_BT_HCIUART=m
CONFIG_BT_HCIUART_3WIRE=y
@ -2714,7 +2739,7 @@ CONFIG_CRYPTO_ECHAINIV=m
CONFIG_CRYPTO_ESSIV=y
CONFIG_CRYPTO_FCRYPT=m
CONFIG_CRYPTO_FIPS=y
CONFIG_CRYPTO_FIPS_NAME="AlmaLinux 8 - Kernel Cryptographic API"
CONFIG_CRYPTO_FIPS_NAME="Red Hat Enterprise Linux 8 - Kernel Cryptographic API"
CONFIG_CRYPTO_GCM=y
CONFIG_CRYPTO_GF128MUL=y
CONFIG_CRYPTO_GHASH=y
@ -2787,7 +2812,7 @@ CONFIG_DEBUG_KERNEL=y
CONFIG_DEBUG_KMEMLEAK=y
CONFIG_DEBUG_KMEMLEAK_DEFAULT_OFF=y
CONFIG_DEBUG_KMEMLEAK_EARLY_LOG_SIZE=1024
CONFIG_DEBUG_KMEMLEAK_MEM_POOL_SIZE=20000
CONFIG_DEBUG_KMEMLEAK_MEM_POOL_SIZE=40000
CONFIG_DEBUG_LIST=y
CONFIG_DEBUG_LOCK_ALLOC=y
CONFIG_DEBUG_MUTEXES=y
@ -3282,6 +3307,7 @@ CONFIG_INET6_XFRM_MODE_TUNNEL=m
CONFIG_INET=y
CONFIG_INET_AH=m
CONFIG_INET_DIAG=m
CONFIG_INET_DIAG_DESTROY=y
CONFIG_INET_ESP=m
CONFIG_INET_ESPINTCP=y
CONFIG_INET_ESP_OFFLOAD=m
@ -3330,6 +3356,7 @@ CONFIG_INTEGRITY_AUDIT=y
CONFIG_INTEGRITY_PLATFORM_KEYRING=y
CONFIG_INTEGRITY_SIGNATURE=y
CONFIG_INTEGRITY_TRUSTED_KEYRING=y
CONFIG_INTEL_IOMMU_PERF_EVENTS=y
CONFIG_INTEL_XWAY_PHY=m
CONFIG_IOMMU_SUPPORT=y
CONFIG_IONIC=m
@ -4914,7 +4941,7 @@ CONFIG_TRUSTED_KEYS=m
CONFIG_TUN=m
CONFIG_TUNE_Z14=y
CONFIG_TYPEC=y
CONFIG_TYPEC_DP_ALTMODE=y
CONFIG_TYPEC_DP_ALTMODE=m
CONFIG_TYPEC_FUSB302=m
CONFIG_TYPEC_MUX_PI3USB30532=m
CONFIG_TYPEC_RT1711H=y

33
SOURCES/kernel-s390x-zfcpdump.config
View File

@ -532,6 +532,7 @@
# CONFIG_DRM_TINYDRM is not set
# CONFIG_DRM_TI_TFP410 is not set
# CONFIG_DRM_TOSHIBA_TC358767 is not set
# CONFIG_DRM_USE_DYNAMIC_DEBUG is not set
# CONFIG_DRM_VGEM is not set
# CONFIG_DRM_XEN is not set
# CONFIG_DS1682 is not set
@ -889,7 +890,6 @@
# CONFIG_IMA_TEMPLATE is not set
# CONFIG_INA2XX_ADC is not set
# CONFIG_INET is not set
# CONFIG_INET_DIAG_DESTROY is not set
# CONFIG_INFINIBAND_BNXT_RE is not set
# CONFIG_INFINIBAND_EFA is not set
# CONFIG_INFINIBAND_EXP_LEGACY_VERBS_NEW_UAPI is not set
@ -1796,6 +1796,9 @@
# CONFIG_RTLLIB is not set
# CONFIG_RTLWIFI_DEBUG is not set
# CONFIG_RTS5208 is not set
# CONFIG_RTW88_8821CS is not set
# CONFIG_RTW88_8822BS is not set
# CONFIG_RTW88_8822CS is not set
# CONFIG_RTW89_8852CE is not set
# CONFIG_S390_GUEST is not set
# CONFIG_S390_HYPFS_FS is not set
@ -2034,6 +2037,7 @@
# CONFIG_SND_DESIGNWARE_I2S is not set
# CONFIG_SND_ES1938 is not set
# CONFIG_SND_FM801 is not set
# CONFIG_SND_HDA_CTL_DEV_ID is not set
# CONFIG_SND_I2S_HI6210_I2S is not set
# CONFIG_SND_MIXER_OSS is not set
# CONFIG_SND_MTS64 is not set
@ -2061,27 +2065,34 @@
# CONFIG_SND_SOC_ALC5623 is not set
# CONFIG_SND_SOC_AMD_ACP is not set
# CONFIG_SND_SOC_AW8738 is not set
# CONFIG_SND_SOC_AW88395 is not set
# CONFIG_SND_SOC_BD28623 is not set
# CONFIG_SND_SOC_BT_SCO is not set
# CONFIG_SND_SOC_CS35L32 is not set
# CONFIG_SND_SOC_CS35L33 is not set
# CONFIG_SND_SOC_CS35L34 is not set
# CONFIG_SND_SOC_CS35L35 is not set
# CONFIG_SND_SOC_CS35L56_I2C is not set
# CONFIG_SND_SOC_CS35L56_SDW is not set
# CONFIG_SND_SOC_CS35L56_SPI is not set
# CONFIG_SND_SOC_CS4265 is not set
# CONFIG_SND_SOC_CS4270 is not set
# CONFIG_SND_SOC_CS4271_I2C is not set
# CONFIG_SND_SOC_CS4271_SPI is not set
# CONFIG_SND_SOC_CS42L42 is not set
# CONFIG_SND_SOC_CS42L42_SDW is not set
# CONFIG_SND_SOC_CS42L51_I2C is not set
# CONFIG_SND_SOC_CS42L52 is not set
# CONFIG_SND_SOC_CS42L56 is not set
# CONFIG_SND_SOC_CS42L73 is not set
# CONFIG_SND_SOC_CS42L83 is not set
# CONFIG_SND_SOC_CS42XX8_I2C is not set
# CONFIG_SND_SOC_CS43130 is not set
# CONFIG_SND_SOC_CS4349 is not set
# CONFIG_SND_SOC_CS53L30 is not set
# CONFIG_SND_SOC_DIO2125 is not set
# CONFIG_SND_SOC_ES7134 is not set
# CONFIG_SND_SOC_ES8326 is not set
# CONFIG_SND_SOC_ES8328_I2C is not set
# CONFIG_SND_SOC_ES8328_SPI is not set
# CONFIG_SND_SOC_FSL_ASRC is not set
@ -2090,12 +2101,16 @@
# CONFIG_SND_SOC_FSL_SPDIF is not set
# CONFIG_SND_SOC_FSL_SSI is not set
# CONFIG_SND_SOC_GTM601 is not set
# CONFIG_SND_SOC_IDT821034 is not set
# CONFIG_SND_SOC_IMG is not set
# CONFIG_SND_SOC_IMX_AUDMUX is not set
# CONFIG_SND_SOC_INNO_RK3036 is not set
# CONFIG_SND_SOC_INTEL_AVS is not set
# CONFIG_SND_SOC_INTEL_AVS_MACH_MAX98927 is not set
# CONFIG_SND_SOC_INTEL_AVS_MACH_PROBE is not set
# CONFIG_SND_SOC_INTEL_SOF_SSP_AMP_MACH is not set
# CONFIG_SND_SOC_MAX9759 is not set
# CONFIG_SND_SOC_MAX98363 is not set
# CONFIG_SND_SOC_MAX98504 is not set
# CONFIG_SND_SOC_MAX9860 is not set
# CONFIG_SND_SOC_MAX9867 is not set
@ -2112,12 +2127,19 @@
# CONFIG_SND_SOC_PCM186X_SPI is not set
# CONFIG_SND_SOC_PCM3168A_I2C is not set
# CONFIG_SND_SOC_PCM3168A_SPI is not set
# CONFIG_SND_SOC_PEB2466 is not set
# CONFIG_SND_SOC_RT5616 is not set
# CONFIG_SND_SOC_RT5631 is not set
# CONFIG_SND_SOC_RT712_SDCA_DMIC_SDW is not set
# CONFIG_SND_SOC_SGTL5000 is not set
# CONFIG_SND_SOC_SIRF_AUDIO_CODEC is not set
# CONFIG_SND_SOC_SMA1303 is not set
# CONFIG_SND_SOC_SOF_AMD_REMBRANDT is not set
# CONFIG_SND_SOC_SOF_AMD_TOPLEVEL is not set
# CONFIG_SND_SOC_SOF_KABYLAKE is not set
# CONFIG_SND_SOC_SOF_SKYLAKE is not set
# CONFIG_SND_SOC_SPDIF is not set
# CONFIG_SND_SOC_SRC4XXX_I2C is not set
# CONFIG_SND_SOC_SSM2305 is not set
# CONFIG_SND_SOC_SSM2602_I2C is not set
# CONFIG_SND_SOC_SSM2602_SPI is not set
@ -2160,6 +2182,7 @@
# CONFIG_SND_SOC_WM8804_SPI is not set
# CONFIG_SND_SOC_WM8903 is not set
# CONFIG_SND_SOC_WM8960 is not set
# CONFIG_SND_SOC_WM8961 is not set
# CONFIG_SND_SOC_WM8962 is not set
# CONFIG_SND_SOC_WM8974 is not set
# CONFIG_SND_SOC_WM8978 is not set
@ -2178,6 +2201,7 @@
# CONFIG_SOLARIS_X86_PARTITION is not set
# CONFIG_SOUND is not set
# CONFIG_SOUNDWIRE is not set
# CONFIG_SOUNDWIRE_AMD is not set
# CONFIG_SOUNDWIRE_QCOM is not set
# CONFIG_SPEAKUP is not set
# CONFIG_SPI is not set
@ -2762,6 +2786,7 @@ CONFIG_BT_HCIBTSDIO=m
CONFIG_BT_HCIBTUSB=m
CONFIG_BT_HCIBTUSB_AUTOSUSPEND=y
CONFIG_BT_HCIBTUSB_BCM=y
CONFIG_BT_HCIBTUSB_MTK=y
CONFIG_BT_HCIBTUSB_RTL=y
CONFIG_BT_HCIUART=m
CONFIG_BT_HCIUART_3WIRE=y
@ -2925,7 +2950,7 @@ CONFIG_CRYPTO_ECHAINIV=y
CONFIG_CRYPTO_ESSIV=y
CONFIG_CRYPTO_FCRYPT=y
CONFIG_CRYPTO_FIPS=y
CONFIG_CRYPTO_FIPS_NAME="AlmaLinux 8 - Kernel Cryptographic API"
CONFIG_CRYPTO_FIPS_NAME="Red Hat Enterprise Linux 8 - Kernel Cryptographic API"
CONFIG_CRYPTO_GCM=y
CONFIG_CRYPTO_GF128MUL=y
CONFIG_CRYPTO_GHASH=y
@ -3424,6 +3449,7 @@ CONFIG_INET6_XFRM_MODE_TRANSPORT=m
CONFIG_INET6_XFRM_MODE_TUNNEL=m
CONFIG_INET_AH=m
CONFIG_INET_DIAG=m
CONFIG_INET_DIAG_DESTROY=y
CONFIG_INET_ESP=m
CONFIG_INET_ESPINTCP=y
CONFIG_INET_ESP_OFFLOAD=m
@ -3471,6 +3497,7 @@ CONFIG_INPUT_YEALINK=m
CONFIG_INTEGRITY=y
CONFIG_INTEGRITY_AUDIT=y
CONFIG_INTEGRITY_TRUSTED_KEYRING=y
CONFIG_INTEL_IOMMU_PERF_EVENTS=y
CONFIG_INTEL_XWAY_PHY=m
CONFIG_IONIC=m
CONFIG_IOSCHED_BFQ=y
@ -4943,7 +4970,7 @@ CONFIG_TREE_RCU=y
CONFIG_TRUSTED_KEYS=m
CONFIG_TUNE_Z14=y
CONFIG_TYPEC=y
CONFIG_TYPEC_DP_ALTMODE=y
CONFIG_TYPEC_DP_ALTMODE=m
CONFIG_TYPEC_FUSB302=m
CONFIG_TYPEC_MUX_PI3USB30532=m
CONFIG_TYPEC_RT1711H=y

33
SOURCES/kernel-s390x.config
View File

@ -482,6 +482,7 @@
# CONFIG_DRM_TINYDRM is not set
# CONFIG_DRM_TI_TFP410 is not set
# CONFIG_DRM_TOSHIBA_TC358767 is not set
# CONFIG_DRM_USE_DYNAMIC_DEBUG is not set
# CONFIG_DRM_VGEM is not set
# CONFIG_DRM_XEN is not set
# CONFIG_DS1682 is not set
@ -819,7 +820,6 @@
# CONFIG_IMA_NG_TEMPLATE is not set
# CONFIG_IMA_TEMPLATE is not set
# CONFIG_INA2XX_ADC is not set
# CONFIG_INET_DIAG_DESTROY is not set
# CONFIG_INFINIBAND_BNXT_RE is not set
# CONFIG_INFINIBAND_EFA is not set
# CONFIG_INFINIBAND_EXP_LEGACY_VERBS_NEW_UAPI is not set
@ -1662,6 +1662,9 @@
# CONFIG_RTLLIB is not set
# CONFIG_RTLWIFI_DEBUG is not set
# CONFIG_RTS5208 is not set
# CONFIG_RTW88_8821CS is not set
# CONFIG_RTW88_8822BS is not set
# CONFIG_RTW88_8822CS is not set
# CONFIG_RTW89_8852CE is not set
# CONFIG_S390_PTDUMP is not set
# CONFIG_SAMPLE_CONFIGFS is not set
@ -1882,6 +1885,7 @@
# CONFIG_SND_DESIGNWARE_I2S is not set
# CONFIG_SND_ES1938 is not set
# CONFIG_SND_FM801 is not set
# CONFIG_SND_HDA_CTL_DEV_ID is not set
# CONFIG_SND_I2S_HI6210_I2S is not set
# CONFIG_SND_MIXER_OSS is not set
# CONFIG_SND_MTS64 is not set
@ -1909,27 +1913,34 @@
# CONFIG_SND_SOC_ALC5623 is not set
# CONFIG_SND_SOC_AMD_ACP is not set
# CONFIG_SND_SOC_AW8738 is not set
# CONFIG_SND_SOC_AW88395 is not set
# CONFIG_SND_SOC_BD28623 is not set
# CONFIG_SND_SOC_BT_SCO is not set
# CONFIG_SND_SOC_CS35L32 is not set
# CONFIG_SND_SOC_CS35L33 is not set
# CONFIG_SND_SOC_CS35L34 is not set
# CONFIG_SND_SOC_CS35L35 is not set
# CONFIG_SND_SOC_CS35L56_I2C is not set
# CONFIG_SND_SOC_CS35L56_SDW is not set
# CONFIG_SND_SOC_CS35L56_SPI is not set
# CONFIG_SND_SOC_CS4265 is not set
# CONFIG_SND_SOC_CS4270 is not set
# CONFIG_SND_SOC_CS4271_I2C is not set
# CONFIG_SND_SOC_CS4271_SPI is not set
# CONFIG_SND_SOC_CS42L42 is not set
# CONFIG_SND_SOC_CS42L42_SDW is not set
# CONFIG_SND_SOC_CS42L51_I2C is not set
# CONFIG_SND_SOC_CS42L52 is not set
# CONFIG_SND_SOC_CS42L56 is not set
# CONFIG_SND_SOC_CS42L73 is not set
# CONFIG_SND_SOC_CS42L83 is not set
# CONFIG_SND_SOC_CS42XX8_I2C is not set
# CONFIG_SND_SOC_CS43130 is not set
# CONFIG_SND_SOC_CS4349 is not set
# CONFIG_SND_SOC_CS53L30 is not set
# CONFIG_SND_SOC_DIO2125 is not set
# CONFIG_SND_SOC_ES7134 is not set
# CONFIG_SND_SOC_ES8326 is not set
# CONFIG_SND_SOC_ES8328_I2C is not set
# CONFIG_SND_SOC_ES8328_SPI is not set
# CONFIG_SND_SOC_FSL_ASRC is not set
@ -1938,12 +1949,16 @@
# CONFIG_SND_SOC_FSL_SPDIF is not set
# CONFIG_SND_SOC_FSL_SSI is not set
# CONFIG_SND_SOC_GTM601 is not set
# CONFIG_SND_SOC_IDT821034 is not set
# CONFIG_SND_SOC_IMG is not set
# CONFIG_SND_SOC_IMX_AUDMUX is not set
# CONFIG_SND_SOC_INNO_RK3036 is not set
# CONFIG_SND_SOC_INTEL_AVS is not set
# CONFIG_SND_SOC_INTEL_AVS_MACH_MAX98927 is not set
# CONFIG_SND_SOC_INTEL_AVS_MACH_PROBE is not set
# CONFIG_SND_SOC_INTEL_SOF_SSP_AMP_MACH is not set
# CONFIG_SND_SOC_MAX9759 is not set
# CONFIG_SND_SOC_MAX98363 is not set
# CONFIG_SND_SOC_MAX98504 is not set
# CONFIG_SND_SOC_MAX9860 is not set
# CONFIG_SND_SOC_MAX9867 is not set
@ -1960,12 +1975,19 @@
# CONFIG_SND_SOC_PCM186X_SPI is not set
# CONFIG_SND_SOC_PCM3168A_I2C is not set
# CONFIG_SND_SOC_PCM3168A_SPI is not set
# CONFIG_SND_SOC_PEB2466 is not set
# CONFIG_SND_SOC_RT5616 is not set
# CONFIG_SND_SOC_RT5631 is not set
# CONFIG_SND_SOC_RT712_SDCA_DMIC_SDW is not set
# CONFIG_SND_SOC_SGTL5000 is not set
# CONFIG_SND_SOC_SIRF_AUDIO_CODEC is not set
# CONFIG_SND_SOC_SMA1303 is not set
# CONFIG_SND_SOC_SOF_AMD_REMBRANDT is not set
# CONFIG_SND_SOC_SOF_AMD_TOPLEVEL is not set
# CONFIG_SND_SOC_SOF_KABYLAKE is not set
# CONFIG_SND_SOC_SOF_SKYLAKE is not set
# CONFIG_SND_SOC_SPDIF is not set
# CONFIG_SND_SOC_SRC4XXX_I2C is not set
# CONFIG_SND_SOC_SSM2305 is not set
# CONFIG_SND_SOC_SSM2602_I2C is not set
# CONFIG_SND_SOC_SSM2602_SPI is not set
@ -2008,6 +2030,7 @@
# CONFIG_SND_SOC_WM8804_SPI is not set
# CONFIG_SND_SOC_WM8903 is not set
# CONFIG_SND_SOC_WM8960 is not set
# CONFIG_SND_SOC_WM8961 is not set
# CONFIG_SND_SOC_WM8962 is not set
# CONFIG_SND_SOC_WM8974 is not set
# CONFIG_SND_SOC_WM8978 is not set
@ -2025,6 +2048,7 @@
# CONFIG_SOC_TI is not set
# CONFIG_SOUND is not set
# CONFIG_SOUNDWIRE is not set
# CONFIG_SOUNDWIRE_AMD is not set
# CONFIG_SOUNDWIRE_QCOM is not set
# CONFIG_SPEAKUP is not set
# CONFIG_SPI is not set
@ -2598,6 +2622,7 @@ CONFIG_BT_HCIBTSDIO=m
CONFIG_BT_HCIBTUSB=m
CONFIG_BT_HCIBTUSB_AUTOSUSPEND=y
CONFIG_BT_HCIBTUSB_BCM=y
CONFIG_BT_HCIBTUSB_MTK=y
CONFIG_BT_HCIBTUSB_RTL=y
CONFIG_BT_HCIUART=m
CONFIG_BT_HCIUART_3WIRE=y
@ -2776,7 +2801,7 @@ CONFIG_CRYPTO_ECHAINIV=m
CONFIG_CRYPTO_ESSIV=y
CONFIG_CRYPTO_FCRYPT=m
CONFIG_CRYPTO_FIPS=y
CONFIG_CRYPTO_FIPS_NAME="AlmaLinux 8 - Kernel Cryptographic API"
CONFIG_CRYPTO_FIPS_NAME="Red Hat Enterprise Linux 8 - Kernel Cryptographic API"
CONFIG_CRYPTO_GCM=y
CONFIG_CRYPTO_GF128MUL=y
CONFIG_CRYPTO_GHASH=y
@ -3297,6 +3322,7 @@ CONFIG_INET6_XFRM_MODE_TUNNEL=m
CONFIG_INET=y
CONFIG_INET_AH=m
CONFIG_INET_DIAG=m
CONFIG_INET_DIAG_DESTROY=y
CONFIG_INET_ESP=m
CONFIG_INET_ESPINTCP=y
CONFIG_INET_ESP_OFFLOAD=m
@ -3345,6 +3371,7 @@ CONFIG_INTEGRITY_AUDIT=y
CONFIG_INTEGRITY_PLATFORM_KEYRING=y
CONFIG_INTEGRITY_SIGNATURE=y
CONFIG_INTEGRITY_TRUSTED_KEYRING=y
CONFIG_INTEL_IOMMU_PERF_EVENTS=y
CONFIG_INTEL_XWAY_PHY=m
CONFIG_IOMMU_SUPPORT=y
CONFIG_IONIC=m
@ -4892,7 +4919,7 @@ CONFIG_TRUSTED_KEYS=m
CONFIG_TUN=m
CONFIG_TUNE_Z14=y
CONFIG_TYPEC=y
CONFIG_TYPEC_DP_ALTMODE=y
CONFIG_TYPEC_DP_ALTMODE=m
CONFIG_TYPEC_FUSB302=m
CONFIG_TYPEC_MUX_PI3USB30532=m
CONFIG_TYPEC_RT1711H=y

47
SOURCES/kernel-x86_64-debug.config
View File

@ -198,8 +198,6 @@
# CONFIG_BOOTPARAM_HUNG_TASK_PANIC is not set
# CONFIG_BOOTPARAM_SOFTLOCKUP_PANIC is not set
# CONFIG_BPFILTER is not set
# CONFIG_BRCMDBG is not set
# CONFIG_BRCM_TRACING is not set
# CONFIG_BTRFS_FS is not set
# CONFIG_BT_6LOWPAN is not set
# CONFIG_BT_HCIUART_AG6XX is not set
@ -424,6 +422,7 @@
# CONFIG_DRM_TINYDRM is not set
# CONFIG_DRM_TI_TFP410 is not set
# CONFIG_DRM_TOSHIBA_TC358767 is not set
# CONFIG_DRM_USE_DYNAMIC_DEBUG is not set
# CONFIG_DRM_VGEM is not set
# CONFIG_DRM_XEN is not set
# CONFIG_DS1682 is not set
@ -728,7 +727,6 @@
# CONFIG_IMA_NG_TEMPLATE is not set
# CONFIG_IMA_TEMPLATE is not set
# CONFIG_INA2XX_ADC is not set
# CONFIG_INET_DIAG_DESTROY is not set
# CONFIG_INFINIBAND_EXP_LEGACY_VERBS_NEW_UAPI is not set
# CONFIG_INFINIBAND_HNS is not set
# CONFIG_INFINIBAND_HNS_HIP08 is not set
@ -1051,6 +1049,7 @@
# CONFIG_MFD_WM8400 is not set
# CONFIG_MFD_WM8994 is not set
# CONFIG_MHI_BUS_EP is not set
# CONFIG_MICROCODE_LATE_LOADING is not set
# CONFIG_MINIX_FS is not set
# CONFIG_MK8 is not set
# CONFIG_MLX4_CORE_GEN2 is not set
@ -1482,6 +1481,9 @@
# CONFIG_RTL8XXXU_UNTESTED is not set
# CONFIG_RTLLIB is not set
# CONFIG_RTS5208 is not set
# CONFIG_RTW88_8821CS is not set
# CONFIG_RTW88_8822BS is not set
# CONFIG_RTW88_8822CS is not set
# CONFIG_RTW89_8852CE is not set
# CONFIG_SAMPLE_CONFIGFS is not set
# CONFIG_SAMPLE_CONNECTOR is not set
@ -1675,6 +1677,7 @@
# CONFIG_SND_DESIGNWARE_I2S is not set
# CONFIG_SND_ES1938 is not set
# CONFIG_SND_FM801 is not set
# CONFIG_SND_HDA_CTL_DEV_ID is not set
# CONFIG_SND_I2S_HI6210_I2S is not set
# CONFIG_SND_MIXER_OSS is not set
# CONFIG_SND_MTS64 is not set
@ -1700,21 +1703,27 @@
# CONFIG_SND_SOC_ALC5623 is not set
# CONFIG_SND_SOC_AMD_ACP is not set
# CONFIG_SND_SOC_AW8738 is not set
# CONFIG_SND_SOC_AW88395 is not set
# CONFIG_SND_SOC_BD28623 is not set
# CONFIG_SND_SOC_BT_SCO is not set
# CONFIG_SND_SOC_CS35L32 is not set
# CONFIG_SND_SOC_CS35L33 is not set
# CONFIG_SND_SOC_CS35L34 is not set
# CONFIG_SND_SOC_CS35L35 is not set
# CONFIG_SND_SOC_CS35L56_I2C is not set
# CONFIG_SND_SOC_CS35L56_SDW is not set
# CONFIG_SND_SOC_CS35L56_SPI is not set
# CONFIG_SND_SOC_CS4265 is not set
# CONFIG_SND_SOC_CS4270 is not set
# CONFIG_SND_SOC_CS4271_I2C is not set
# CONFIG_SND_SOC_CS4271_SPI is not set
# CONFIG_SND_SOC_CS42L42 is not set
# CONFIG_SND_SOC_CS42L42_SDW is not set
# CONFIG_SND_SOC_CS42L51_I2C is not set
# CONFIG_SND_SOC_CS42L52 is not set
# CONFIG_SND_SOC_CS42L56 is not set
# CONFIG_SND_SOC_CS42L73 is not set
# CONFIG_SND_SOC_CS42L83 is not set
# CONFIG_SND_SOC_CS42XX8_I2C is not set
# CONFIG_SND_SOC_CS43130 is not set
# CONFIG_SND_SOC_CS4349 is not set
@ -1729,10 +1738,14 @@
# CONFIG_SND_SOC_FSL_SPDIF is not set
# CONFIG_SND_SOC_FSL_SSI is not set
# CONFIG_SND_SOC_GTM601 is not set
# CONFIG_SND_SOC_IDT821034 is not set
# CONFIG_SND_SOC_IMG is not set
# CONFIG_SND_SOC_IMX_AUDMUX is not set
# CONFIG_SND_SOC_INNO_RK3036 is not set
# CONFIG_SND_SOC_INTEL_AVS_MACH_MAX98927 is not set
# CONFIG_SND_SOC_INTEL_AVS_MACH_PROBE is not set
# CONFIG_SND_SOC_MAX9759 is not set
# CONFIG_SND_SOC_MAX98363 is not set
# CONFIG_SND_SOC_MAX98504 is not set
# CONFIG_SND_SOC_MAX9860 is not set
# CONFIG_SND_SOC_MAX9867 is not set
@ -1750,11 +1763,17 @@
# CONFIG_SND_SOC_PCM3168A_I2C is not set
# CONFIG_SND_SOC_PCM3168A_SPI is not set
# CONFIG_SND_SOC_PCM512x_SPI is not set
# CONFIG_SND_SOC_PEB2466 is not set
# CONFIG_SND_SOC_RT5616 is not set
# CONFIG_SND_SOC_RT5631 is not set
# CONFIG_SND_SOC_RT712_SDCA_DMIC_SDW is not set
# CONFIG_SND_SOC_SGTL5000 is not set
# CONFIG_SND_SOC_SIRF_AUDIO_CODEC is not set
# CONFIG_SND_SOC_SMA1303 is not set
# CONFIG_SND_SOC_SOF_KABYLAKE is not set
# CONFIG_SND_SOC_SOF_SKYLAKE is not set
# CONFIG_SND_SOC_SPDIF is not set
# CONFIG_SND_SOC_SRC4XXX_I2C is not set
# CONFIG_SND_SOC_SSM2305 is not set
# CONFIG_SND_SOC_SSM2602_I2C is not set
# CONFIG_SND_SOC_SSM2602_SPI is not set
@ -1796,6 +1815,7 @@
# CONFIG_SND_SOC_WM8804_SPI is not set
# CONFIG_SND_SOC_WM8903 is not set
# CONFIG_SND_SOC_WM8960 is not set
# CONFIG_SND_SOC_WM8961 is not set
# CONFIG_SND_SOC_WM8962 is not set
# CONFIG_SND_SOC_WM8974 is not set
# CONFIG_SND_SOC_WM8978 is not set
@ -2395,11 +2415,13 @@ CONFIG_BPF_STREAM_PARSER=y
CONFIG_BPF_SYSCALL=y
CONFIG_BPF_UNPRIV_DEFAULT_OFF=y
CONFIG_BRANCH_PROFILE_NONE=y
CONFIG_BRCMDBG=y
CONFIG_BRCMFMAC=m
CONFIG_BRCMFMAC_PCIE=y
CONFIG_BRCMFMAC_SDIO=y
CONFIG_BRCMFMAC_USB=y
CONFIG_BRCMSMAC=m
CONFIG_BRCM_TRACING=y
CONFIG_BRIDGE=m
CONFIG_BRIDGE_EBT_802_3=m
CONFIG_BRIDGE_EBT_AMONG=m
@ -2446,6 +2468,7 @@ CONFIG_BT_HCIBTSDIO=m
CONFIG_BT_HCIBTUSB=m
CONFIG_BT_HCIBTUSB_AUTOSUSPEND=y
CONFIG_BT_HCIBTUSB_BCM=y
CONFIG_BT_HCIBTUSB_MTK=y
CONFIG_BT_HCIBTUSB_RTL=y
CONFIG_BT_HCIUART=m
CONFIG_BT_HCIUART_3WIRE=y
@ -2654,7 +2677,7 @@ CONFIG_CRYPTO_ECHAINIV=m
CONFIG_CRYPTO_ESSIV=y
CONFIG_CRYPTO_FCRYPT=m
CONFIG_CRYPTO_FIPS=y
CONFIG_CRYPTO_FIPS_NAME="AlmaLinux 8 - Kernel Cryptographic API"
CONFIG_CRYPTO_FIPS_NAME="Red Hat Enterprise Linux 8 - Kernel Cryptographic API"
CONFIG_CRYPTO_GCM=y
CONFIG_CRYPTO_GF128MUL=y
CONFIG_CRYPTO_GHASH=y
@ -2731,7 +2754,7 @@ CONFIG_DEBUG_KERNEL=y
CONFIG_DEBUG_KMEMLEAK=y
CONFIG_DEBUG_KMEMLEAK_DEFAULT_OFF=y
CONFIG_DEBUG_KMEMLEAK_EARLY_LOG_SIZE=1024
CONFIG_DEBUG_KMEMLEAK_MEM_POOL_SIZE=20000
CONFIG_DEBUG_KMEMLEAK_MEM_POOL_SIZE=40000
CONFIG_DEBUG_LIST=y
CONFIG_DEBUG_LOCK_ALLOC=y
CONFIG_DEBUG_MUTEXES=y
@ -3384,6 +3407,7 @@ CONFIG_INET6_XFRM_MODE_TUNNEL=m
CONFIG_INET=y
CONFIG_INET_AH=m
CONFIG_INET_DIAG=m
CONFIG_INET_DIAG_DESTROY=y
CONFIG_INET_ESP=m
CONFIG_INET_ESPINTCP=y
CONFIG_INET_ESP_OFFLOAD=m
@ -3461,10 +3485,12 @@ CONFIG_INTEL_IDMA64=m
CONFIG_INTEL_IDXD=m
CONFIG_INTEL_IDXD_PERFMON=y
CONFIG_INTEL_IDXD_SVM=y
CONFIG_INTEL_IFS=m
CONFIG_INTEL_IOATDMA=m
CONFIG_INTEL_IOMMU=y
CONFIG_INTEL_IOMMU_DEBUGFS=y
CONFIG_INTEL_IOMMU_FLOPPY_WA=y
CONFIG_INTEL_IOMMU_PERF_EVENTS=y
CONFIG_INTEL_IOMMU_SVM=y
CONFIG_INTEL_IPS=m
CONFIG_INTEL_ISHTP_ECLITE=m
@ -3493,6 +3519,7 @@ CONFIG_INTEL_TH_PTI=m
CONFIG_INTEL_TH_STH=m
CONFIG_INTEL_TURBO_MAX_3=y
CONFIG_INTEL_TXT=y
CONFIG_INTEL_UNCORE_FREQ_CONTROL=m
CONFIG_INTEL_VBTN=m
CONFIG_INTEL_VSEC=m
CONFIG_INTEL_WMI_THUNDERBOLT=m
@ -3822,6 +3849,7 @@ CONFIG_MAGIC_SYSRQ=y
CONFIG_MAGIC_SYSRQ_DEFAULT_ENABLE=0x1
CONFIG_MAGIC_SYSRQ_SERIAL=y
CONFIG_MAILBOX=y
CONFIG_MANA_INFINIBAND=m
CONFIG_MANTIS_CORE=m
CONFIG_MAPPING_DIRTY_HELPERS=y
CONFIG_MARVELL_10G_PHY=m
@ -4517,6 +4545,7 @@ CONFIG_PINCTRL_EMMITSBURG=m
CONFIG_PINCTRL_GEMINILAKE=m
CONFIG_PINCTRL_ICELAKE=m
CONFIG_PINCTRL_LEWISBURG=m
CONFIG_PINCTRL_METEORLAKE=m
CONFIG_PINCTRL_SUNRISEPOINT=m
CONFIG_PINCTRL_TIGERLAKE=m
CONFIG_PM=y
@ -5125,6 +5154,7 @@ CONFIG_SND_SOC_AMD_VANGOGH_MACH=m
CONFIG_SND_SOC_AMD_YC_MACH=m
CONFIG_SND_SOC_CS35L41_I2C=m
CONFIG_SND_SOC_CS35L41_SPI=m
CONFIG_SND_SOC_ES8326=m
CONFIG_SND_SOC_INTEL_AVS=m
CONFIG_SND_SOC_INTEL_BDW_RT5650_MACH=m
CONFIG_SND_SOC_INTEL_BDW_RT5677_MACH=m
@ -5171,14 +5201,17 @@ CONFIG_SND_SOC_INTEL_SOF_WM8804_MACH=m
CONFIG_SND_SOC_INTEL_SOUNDWIRE_SOF_MACH=m
CONFIG_SND_SOC_INTEL_SST_TOPLEVEL=y
CONFIG_SND_SOC_INTEL_USER_FRIENDLY_LONG_NAMES=y
CONFIG_SND_SOC_NAU8315=m
CONFIG_SND_SOC_NAU8821=m
CONFIG_SND_SOC_PCM512x_I2C=m
CONFIG_SND_SOC_RT1308_SDW=m
CONFIG_SND_SOC_RT700_SDW=m
CONFIG_SND_SOC_RT711_SDW=m
CONFIG_SND_SOC_RT712_SDCA_SDW=m
CONFIG_SND_SOC_RT715_SDW=m
CONFIG_SND_SOC_SOF=m
CONFIG_SND_SOC_SOF_ACPI=m
CONFIG_SND_SOC_SOF_AMD_REMBRANDT=m
CONFIG_SND_SOC_SOF_AMD_RENOIR=m
CONFIG_SND_SOC_SOF_AMD_TOPLEVEL=m
CONFIG_SND_SOC_SOF_APOLLOLAKE_SUPPORT=y
@ -5245,6 +5278,7 @@ CONFIG_SONY_FF=y
CONFIG_SONY_LAPTOP=m
CONFIG_SOUND=m
CONFIG_SOUNDWIRE=m
CONFIG_SOUNDWIRE_AMD=m
CONFIG_SOUNDWIRE_INTEL=m
CONFIG_SOUND_OSS_CORE_PRECLAIM=y
CONFIG_SP5100_TCO=m
@ -5388,7 +5422,7 @@ CONFIG_TREE_RCU=y
CONFIG_TRUSTED_KEYS=y
CONFIG_TUN=m
CONFIG_TYPEC=y
CONFIG_TYPEC_DP_ALTMODE=y
CONFIG_TYPEC_DP_ALTMODE=m
CONFIG_TYPEC_FUSB302=m
CONFIG_TYPEC_HD3SS3220=m
CONFIG_TYPEC_MT6360=y
@ -5717,6 +5751,7 @@ CONFIG_VIRTIO_BLK=m
CONFIG_VIRTIO_CONSOLE=m
CONFIG_VIRTIO_FS=m
CONFIG_VIRTIO_INPUT=m
CONFIG_VIRTIO_MEM=m
CONFIG_VIRTIO_MENU=y
CONFIG_VIRTIO_NET=m
CONFIG_VIRTIO_PCI=y

41
SOURCES/kernel-x86_64.config
View File

@ -464,6 +464,7 @@
# CONFIG_DRM_TINYDRM is not set
# CONFIG_DRM_TI_TFP410 is not set
# CONFIG_DRM_TOSHIBA_TC358767 is not set
# CONFIG_DRM_USE_DYNAMIC_DEBUG is not set
# CONFIG_DRM_VGEM is not set
# CONFIG_DRM_XEN is not set
# CONFIG_DS1682 is not set
@ -780,7 +781,6 @@
# CONFIG_IMA_NG_TEMPLATE is not set
# CONFIG_IMA_TEMPLATE is not set
# CONFIG_INA2XX_ADC is not set
# CONFIG_INET_DIAG_DESTROY is not set
# CONFIG_INFINIBAND_EXP_LEGACY_VERBS_NEW_UAPI is not set
# CONFIG_INFINIBAND_HNS is not set
# CONFIG_INFINIBAND_HNS_HIP08 is not set
@ -1108,6 +1108,7 @@
# CONFIG_MFD_WM8400 is not set
# CONFIG_MFD_WM8994 is not set
# CONFIG_MHI_BUS_EP is not set
# CONFIG_MICROCODE_LATE_LOADING is not set
# CONFIG_MINIX_FS is not set
# CONFIG_MK8 is not set
# CONFIG_MLX4_CORE_GEN2 is not set
@ -1551,6 +1552,9 @@
# CONFIG_RTLLIB is not set
# CONFIG_RTLWIFI_DEBUG is not set
# CONFIG_RTS5208 is not set
# CONFIG_RTW88_8821CS is not set
# CONFIG_RTW88_8822BS is not set
# CONFIG_RTW88_8822CS is not set
# CONFIG_RTW89_8852CE is not set
# CONFIG_SAMPLE_CONFIGFS is not set
# CONFIG_SAMPLE_CONNECTOR is not set
@ -1745,6 +1749,7 @@
# CONFIG_SND_DESIGNWARE_I2S is not set
# CONFIG_SND_ES1938 is not set
# CONFIG_SND_FM801 is not set
# CONFIG_SND_HDA_CTL_DEV_ID is not set
# CONFIG_SND_I2S_HI6210_I2S is not set
# CONFIG_SND_MIXER_OSS is not set
# CONFIG_SND_MTS64 is not set
@ -1771,21 +1776,27 @@
# CONFIG_SND_SOC_ALC5623 is not set
# CONFIG_SND_SOC_AMD_ACP is not set
# CONFIG_SND_SOC_AW8738 is not set
# CONFIG_SND_SOC_AW88395 is not set
# CONFIG_SND_SOC_BD28623 is not set
# CONFIG_SND_SOC_BT_SCO is not set
# CONFIG_SND_SOC_CS35L32 is not set
# CONFIG_SND_SOC_CS35L33 is not set
# CONFIG_SND_SOC_CS35L34 is not set
# CONFIG_SND_SOC_CS35L35 is not set
# CONFIG_SND_SOC_CS35L56_I2C is not set
# CONFIG_SND_SOC_CS35L56_SDW is not set
# CONFIG_SND_SOC_CS35L56_SPI is not set
# CONFIG_SND_SOC_CS4265 is not set
# CONFIG_SND_SOC_CS4270 is not set
# CONFIG_SND_SOC_CS4271_I2C is not set
# CONFIG_SND_SOC_CS4271_SPI is not set
# CONFIG_SND_SOC_CS42L42 is not set
# CONFIG_SND_SOC_CS42L42_SDW is not set
# CONFIG_SND_SOC_CS42L51_I2C is not set
# CONFIG_SND_SOC_CS42L52 is not set
# CONFIG_SND_SOC_CS42L56 is not set
# CONFIG_SND_SOC_CS42L73 is not set
# CONFIG_SND_SOC_CS42L83 is not set
# CONFIG_SND_SOC_CS42XX8_I2C is not set
# CONFIG_SND_SOC_CS43130 is not set
# CONFIG_SND_SOC_CS4349 is not set
@ -1800,10 +1811,14 @@
# CONFIG_SND_SOC_FSL_SPDIF is not set
# CONFIG_SND_SOC_FSL_SSI is not set
# CONFIG_SND_SOC_GTM601 is not set
# CONFIG_SND_SOC_IDT821034 is not set
# CONFIG_SND_SOC_IMG is not set
# CONFIG_SND_SOC_IMX_AUDMUX is not set
# CONFIG_SND_SOC_INNO_RK3036 is not set
# CONFIG_SND_SOC_INTEL_AVS_MACH_MAX98927 is not set
# CONFIG_SND_SOC_INTEL_AVS_MACH_PROBE is not set
# CONFIG_SND_SOC_MAX9759 is not set
# CONFIG_SND_SOC_MAX98363 is not set
# CONFIG_SND_SOC_MAX98504 is not set
# CONFIG_SND_SOC_MAX9860 is not set
# CONFIG_SND_SOC_MAX9867 is not set
@ -1821,11 +1836,17 @@
# CONFIG_SND_SOC_PCM3168A_I2C is not set
# CONFIG_SND_SOC_PCM3168A_SPI is not set
# CONFIG_SND_SOC_PCM512x_SPI is not set
# CONFIG_SND_SOC_PEB2466 is not set
# CONFIG_SND_SOC_RT5616 is not set
# CONFIG_SND_SOC_RT5631 is not set
# CONFIG_SND_SOC_RT712_SDCA_DMIC_SDW is not set
# CONFIG_SND_SOC_SGTL5000 is not set
# CONFIG_SND_SOC_SIRF_AUDIO_CODEC is not set
# CONFIG_SND_SOC_SMA1303 is not set
# CONFIG_SND_SOC_SOF_KABYLAKE is not set
# CONFIG_SND_SOC_SOF_SKYLAKE is not set
# CONFIG_SND_SOC_SPDIF is not set
# CONFIG_SND_SOC_SRC4XXX_I2C is not set
# CONFIG_SND_SOC_SSM2305 is not set
# CONFIG_SND_SOC_SSM2602_I2C is not set
# CONFIG_SND_SOC_SSM2602_SPI is not set
@ -1867,6 +1888,7 @@
# CONFIG_SND_SOC_WM8804_SPI is not set
# CONFIG_SND_SOC_WM8903 is not set
# CONFIG_SND_SOC_WM8960 is not set
# CONFIG_SND_SOC_WM8961 is not set
# CONFIG_SND_SOC_WM8962 is not set
# CONFIG_SND_SOC_WM8974 is not set
# CONFIG_SND_SOC_WM8978 is not set
@ -2513,6 +2535,7 @@ CONFIG_BT_HCIBTSDIO=m
CONFIG_BT_HCIBTUSB=m
CONFIG_BT_HCIBTUSB_AUTOSUSPEND=y
CONFIG_BT_HCIBTUSB_BCM=y
CONFIG_BT_HCIBTUSB_MTK=y
CONFIG_BT_HCIBTUSB_RTL=y
CONFIG_BT_HCIUART=m
CONFIG_BT_HCIUART_3WIRE=y
@ -2716,7 +2739,7 @@ CONFIG_CRYPTO_ECHAINIV=m
CONFIG_CRYPTO_ESSIV=y
CONFIG_CRYPTO_FCRYPT=m
CONFIG_CRYPTO_FIPS=y
CONFIG_CRYPTO_FIPS_NAME="AlmaLinux 8 - Kernel Cryptographic API"
CONFIG_CRYPTO_FIPS_NAME="Red Hat Enterprise Linux 8 - Kernel Cryptographic API"
CONFIG_CRYPTO_GCM=y
CONFIG_CRYPTO_GF128MUL=y
CONFIG_CRYPTO_GHASH=y
@ -3399,6 +3422,7 @@ CONFIG_INET6_XFRM_MODE_TUNNEL=m
CONFIG_INET=y
CONFIG_INET_AH=m
CONFIG_INET_DIAG=m
CONFIG_INET_DIAG_DESTROY=y
CONFIG_INET_ESP=m
CONFIG_INET_ESPINTCP=y
CONFIG_INET_ESP_OFFLOAD=m
@ -3476,9 +3500,11 @@ CONFIG_INTEL_IDMA64=m
CONFIG_INTEL_IDXD=m
CONFIG_INTEL_IDXD_PERFMON=y
CONFIG_INTEL_IDXD_SVM=y
CONFIG_INTEL_IFS=m
CONFIG_INTEL_IOATDMA=m
CONFIG_INTEL_IOMMU=y
CONFIG_INTEL_IOMMU_FLOPPY_WA=y
CONFIG_INTEL_IOMMU_PERF_EVENTS=y
CONFIG_INTEL_IOMMU_SVM=y
CONFIG_INTEL_IPS=m
CONFIG_INTEL_ISHTP_ECLITE=m
@ -3507,6 +3533,7 @@ CONFIG_INTEL_TH_PTI=m
CONFIG_INTEL_TH_STH=m
CONFIG_INTEL_TURBO_MAX_3=y
CONFIG_INTEL_TXT=y
CONFIG_INTEL_UNCORE_FREQ_CONTROL=m
CONFIG_INTEL_VBTN=m
CONFIG_INTEL_VSEC=m
CONFIG_INTEL_WMI_THUNDERBOLT=m
@ -3823,6 +3850,7 @@ CONFIG_MAGIC_SYSRQ=y
CONFIG_MAGIC_SYSRQ_DEFAULT_ENABLE=0x1
CONFIG_MAGIC_SYSRQ_SERIAL=y
CONFIG_MAILBOX=y
CONFIG_MANA_INFINIBAND=m
CONFIG_MANTIS_CORE=m
CONFIG_MAPPING_DIRTY_HELPERS=y
CONFIG_MARVELL_10G_PHY=m
@ -4513,6 +4541,7 @@ CONFIG_PINCTRL_EMMITSBURG=m
CONFIG_PINCTRL_GEMINILAKE=m
CONFIG_PINCTRL_ICELAKE=m
CONFIG_PINCTRL_LEWISBURG=m
CONFIG_PINCTRL_METEORLAKE=m
CONFIG_PINCTRL_SUNRISEPOINT=m
CONFIG_PINCTRL_TIGERLAKE=m
CONFIG_PM=y
@ -5105,6 +5134,7 @@ CONFIG_SND_SOC_AMD_VANGOGH_MACH=m
CONFIG_SND_SOC_AMD_YC_MACH=m
CONFIG_SND_SOC_CS35L41_I2C=m
CONFIG_SND_SOC_CS35L41_SPI=m
CONFIG_SND_SOC_ES8326=m
CONFIG_SND_SOC_INTEL_AVS=m
CONFIG_SND_SOC_INTEL_BDW_RT5650_MACH=m
CONFIG_SND_SOC_INTEL_BDW_RT5677_MACH=m
@ -5151,14 +5181,17 @@ CONFIG_SND_SOC_INTEL_SOF_WM8804_MACH=m
CONFIG_SND_SOC_INTEL_SOUNDWIRE_SOF_MACH=m
CONFIG_SND_SOC_INTEL_SST_TOPLEVEL=y
CONFIG_SND_SOC_INTEL_USER_FRIENDLY_LONG_NAMES=y
CONFIG_SND_SOC_NAU8315=m
CONFIG_SND_SOC_NAU8821=m
CONFIG_SND_SOC_PCM512x_I2C=m
CONFIG_SND_SOC_RT1308_SDW=m
CONFIG_SND_SOC_RT700_SDW=m
CONFIG_SND_SOC_RT711_SDW=m
CONFIG_SND_SOC_RT712_SDCA_SDW=m
CONFIG_SND_SOC_RT715_SDW=m
CONFIG_SND_SOC_SOF=m
CONFIG_SND_SOC_SOF_ACPI=m
CONFIG_SND_SOC_SOF_AMD_REMBRANDT=m
CONFIG_SND_SOC_SOF_AMD_RENOIR=m
CONFIG_SND_SOC_SOF_AMD_TOPLEVEL=m
CONFIG_SND_SOC_SOF_APOLLOLAKE_SUPPORT=y
@ -5221,6 +5254,7 @@ CONFIG_SONY_FF=y
CONFIG_SONY_LAPTOP=m
CONFIG_SOUND=m
CONFIG_SOUNDWIRE=m
CONFIG_SOUNDWIRE_AMD=m
CONFIG_SOUNDWIRE_INTEL=m
CONFIG_SOUND_OSS_CORE_PRECLAIM=y
CONFIG_SP5100_TCO=m
@ -5362,7 +5396,7 @@ CONFIG_TREE_RCU=y
CONFIG_TRUSTED_KEYS=y
CONFIG_TUN=m
CONFIG_TYPEC=y
CONFIG_TYPEC_DP_ALTMODE=y
CONFIG_TYPEC_DP_ALTMODE=m
CONFIG_TYPEC_FUSB302=m
CONFIG_TYPEC_HD3SS3220=m
CONFIG_TYPEC_MT6360=y
@ -5689,6 +5723,7 @@ CONFIG_VIRTIO_BLK=m
CONFIG_VIRTIO_CONSOLE=m
CONFIG_VIRTIO_FS=m
CONFIG_VIRTIO_INPUT=m
CONFIG_VIRTIO_MEM=m
CONFIG_VIRTIO_MENU=y
CONFIG_VIRTIO_NET=m
CONFIG_VIRTIO_PCI=y

21
SOURCES/mod-internal.list
View File

@ -12,6 +12,7 @@ property-entry-test
qos-test
resource_kunit
soc-topology-test
soc-utils-test
string-stream-test
test_linear_ranges
test_bits
@ -20,6 +21,26 @@ fat_test
test_list_sort
slub_kunit
memcpy_kunit
time_test
drm_format_helper_test
drm_damage_helper_test
drm_cmdline_parser_test
drm_kunit_helpers
drm_rect_test
drm_format_test
drm_plane_helper_test
drm_dp_mst_helper_test
drm_framebuffer_test
drm_buddy_test
drm_mm_test
drm_connector_test
drm_managed_test
drm_modes_test
drm_probe_helper_test
lib_test
dev_addr_lists_test
rational-test
test_hash
locktorture
mac80211_hwsim
netdevsim

6
SOURCES/x509.genkey
View File

@ -5,9 +5,9 @@ prompt = no
x509_extensions = myexts
[ req_distinguished_name ]
O = AlmaLinux
CN = AlmaLinux kernel signing key
emailAddress = security@almalinux.org
O = Red Hat
CN = Red Hat Enterprise Linux kernel signing key
emailAddress = secalert@redhat.com
[ myexts ]
basicConstraints=critical,CA:FALSE

8462
SPECS/kernel.spec
View File

File diff suppressed because it is too large Load Diff