diff --git a/debian/patches/pve/0001-Make-mkcompile_h-accept-an-alternate-timestamp-strin.patch b/debian/patches/pve/0001-Make-mkcompile_h-accept-an-alternate-timestamp-strin.patch index 93dba9f..1963808 100644 --- a/debian/patches/pve/0001-Make-mkcompile_h-accept-an-alternate-timestamp-strin.patch +++ b/debian/patches/pve/0001-Make-mkcompile_h-accept-an-alternate-timestamp-strin.patch @@ -21,7 +21,7 @@ Signed-off-by: Thomas Lamprecht 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/init/Makefile b/init/Makefile -index cbac576c57d6..479b1253fcbe 100644 +index 10b652d33e872658f2d8c8ce3a0b45e9a473fd64..e4dabde27b90c12bd72c6239e15509f9a9448d80 100644 --- a/init/Makefile +++ b/init/Makefile @@ -29,7 +29,7 @@ preempt-flag-$(CONFIG_PREEMPT_DYNAMIC) := PREEMPT_DYNAMIC diff --git a/debian/patches/pve/0002-wireless-Add-Debian-wireless-regdb-certificates.patch b/debian/patches/pve/0002-wireless-Add-Debian-wireless-regdb-certificates.patch index 4c0ac0f..274b7ff 100644 --- a/debian/patches/pve/0002-wireless-Add-Debian-wireless-regdb-certificates.patch +++ b/debian/patches/pve/0002-wireless-Add-Debian-wireless-regdb-certificates.patch @@ -19,7 +19,7 @@ Signed-off-by: Thomas Lamprecht diff --git a/net/wireless/certs/debian.hex b/net/wireless/certs/debian.hex new file mode 100644 -index 000000000000..c5ab03f8c500 +index 0000000000000000000000000000000000000000..c5ab03f8c500d2f0e5b7931d5790bd22983c3660 --- /dev/null +++ b/net/wireless/certs/debian.hex @@ -0,0 +1,1426 @@ diff --git a/debian/patches/pve/0003-bridge-keep-MAC-of-first-assigned-port.patch b/debian/patches/pve/0003-bridge-keep-MAC-of-first-assigned-port.patch index 135d17c..efa47df 100644 --- a/debian/patches/pve/0003-bridge-keep-MAC-of-first-assigned-port.patch +++ b/debian/patches/pve/0003-bridge-keep-MAC-of-first-assigned-port.patch @@ -19,7 +19,7 @@ Signed-off-by: Thomas Lamprecht 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/net/bridge/br_stp_if.c b/net/bridge/br_stp_if.c -index 75204d36d7f9..1fb5ff73ec1e 100644 +index 75204d36d7f9062306dfc66c3c35448e16257215..1fb5ff73ec1ef3bd79960182c87a0ba312b3635d 100644 --- a/net/bridge/br_stp_if.c +++ b/net/bridge/br_stp_if.c @@ -265,10 +265,7 @@ bool br_stp_recalculate_bridge_id(struct net_bridge *br) diff --git a/debian/patches/pve/0004-pci-Enable-overrides-for-missing-ACS-capabilities-4..patch b/debian/patches/pve/0004-pci-Enable-overrides-for-missing-ACS-capabilities-4..patch index 0ff2916..41f0c7c 100644 --- a/debian/patches/pve/0004-pci-Enable-overrides-for-missing-ACS-capabilities-4..patch +++ b/debian/patches/pve/0004-pci-Enable-overrides-for-missing-ACS-capabilities-4..patch @@ -55,10 +55,10 @@ Signed-off-by: Thomas Lamprecht 2 files changed, 111 insertions(+) diff --git a/Documentation/admin-guide/kernel-parameters.txt b/Documentation/admin-guide/kernel-parameters.txt -index e58f3bbb7643..d574123d82bd 100644 +index 5ea6b2d54edaff9b7efa20235de92970cabcf769..e36ab4a38709f697860e785c1eb2e8c44f9f7b64 100644 --- a/Documentation/admin-guide/kernel-parameters.txt +++ b/Documentation/admin-guide/kernel-parameters.txt -@@ -4403,6 +4403,15 @@ +@@ -4422,6 +4422,15 @@ Also, it enforces the PCI Local Bus spec rule that those bits should be 0 in system reset events (useful for kexec/kdump cases). @@ -75,10 +75,10 @@ index e58f3bbb7643..d574123d82bd 100644 Safety option to keep boot IRQs enabled. This should never be necessary. diff --git a/drivers/pci/quirks.c b/drivers/pci/quirks.c -index ce469d84ebae..4f163ef55e7b 100644 +index bf02ee61a933403deba8ba7063d1732fc3ed540e..113e93b623616d787ad1b4d7619a2921069d587b 100644 --- a/drivers/pci/quirks.c +++ b/drivers/pci/quirks.c -@@ -287,6 +287,106 @@ static int __init pci_apply_final_quirks(void) +@@ -300,6 +300,106 @@ static int __init pci_apply_final_quirks(void) } fs_initcall_sync(pci_apply_final_quirks); @@ -185,7 +185,7 @@ index ce469d84ebae..4f163ef55e7b 100644 /* * Decoding should be disabled for a PCI device during BAR sizing to avoid * conflict. But doing so may cause problems on host bridge and perhaps other -@@ -5100,6 +5200,8 @@ static const struct pci_dev_acs_enabled { +@@ -5121,6 +5221,8 @@ static const struct pci_dev_acs_enabled { { PCI_VENDOR_ID_CAVIUM, 0xA060, pci_quirk_mf_endpoint_acs }, /* APM X-Gene */ { PCI_VENDOR_ID_AMCC, 0xE004, pci_quirk_xgene_acs }, diff --git a/debian/patches/pve/0005-kvm-disable-default-dynamic-halt-polling-growth.patch b/debian/patches/pve/0005-kvm-disable-default-dynamic-halt-polling-growth.patch index 8d590eb..cc9e8eb 100644 --- a/debian/patches/pve/0005-kvm-disable-default-dynamic-halt-polling-growth.patch +++ b/debian/patches/pve/0005-kvm-disable-default-dynamic-halt-polling-growth.patch @@ -13,10 +13,10 @@ Signed-off-by: Thomas Lamprecht 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/virt/kvm/kvm_main.c b/virt/kvm/kvm_main.c -index 6a56de7ff82e..96bd40a73e0e 100644 +index 16f0c3566f16141af8f5cfeb5dc6b15838ff6ecc..e232b463912db788345e0d38b3128cbee30948ae 100644 --- a/virt/kvm/kvm_main.c +++ b/virt/kvm/kvm_main.c -@@ -82,7 +82,7 @@ module_param(halt_poll_ns, uint, 0644); +@@ -80,7 +80,7 @@ module_param(halt_poll_ns, uint, 0644); EXPORT_SYMBOL_GPL(halt_poll_ns); /* Default doubles per-vcpu halt_poll_ns. */ diff --git a/debian/patches/pve/0006-net-core-downgrade-unregister_netdevice-refcount-lea.patch b/debian/patches/pve/0006-net-core-downgrade-unregister_netdevice-refcount-lea.patch index 50b02ce..c6906db 100644 --- a/debian/patches/pve/0006-net-core-downgrade-unregister_netdevice-refcount-lea.patch +++ b/debian/patches/pve/0006-net-core-downgrade-unregister_netdevice-refcount-lea.patch @@ -14,10 +14,10 @@ Signed-off-by: Fabian Grünbichler 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/net/core/dev.c b/net/core/dev.c -index a32811aebde5..15078ab81ec8 100644 +index 25f20c5cc8f55fca8c726df31d8433025e15ebb4..d0fa7a5768d555fce321533a2d46703d647d7474 100644 --- a/net/core/dev.c +++ b/net/core/dev.c -@@ -10471,7 +10471,7 @@ static struct net_device *netdev_wait_allrefs_any(struct list_head *list) +@@ -10680,7 +10680,7 @@ static struct net_device *netdev_wait_allrefs_any(struct list_head *list) if (time_after(jiffies, warning_time + READ_ONCE(netdev_unregister_timeout_secs) * HZ)) { list_for_each_entry(dev, list, todo_list) { diff --git a/debian/patches/pve/0007-Revert-fortify-Do-not-cast-to-unsigned-char.patch b/debian/patches/pve/0007-Revert-fortify-Do-not-cast-to-unsigned-char.patch index f6186d1..94e9f87 100644 --- a/debian/patches/pve/0007-Revert-fortify-Do-not-cast-to-unsigned-char.patch +++ b/debian/patches/pve/0007-Revert-fortify-Do-not-cast-to-unsigned-char.patch @@ -16,10 +16,10 @@ Signed-off-by: Thomas Lamprecht 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/linux/fortify-string.h b/include/linux/fortify-string.h -index e99dbc052575..9e9cdb198b82 100644 +index 0d99bf11d260a3482bbe46e35c7553c0ccfb8b94..fe04f7f9357506baf21a0c3cc070c37f00a24d5c 100644 --- a/include/linux/fortify-string.h +++ b/include/linux/fortify-string.h -@@ -18,7 +18,7 @@ void __write_overflow_field(size_t avail, size_t wanted) __compiletime_warning(" +@@ -62,7 +62,7 @@ void __write_overflow_field(size_t avail, size_t wanted) __compiletime_warning(" #define __compiletime_strlen(p) \ ({ \ diff --git a/debian/patches/pve/0008-kvm-xsave-set-mask-out-PKRU-bit-in-xfeatures-if-vCPU.patch b/debian/patches/pve/0008-kvm-xsave-set-mask-out-PKRU-bit-in-xfeatures-if-vCPU.patch index 233c666..03b078c 100644 --- a/debian/patches/pve/0008-kvm-xsave-set-mask-out-PKRU-bit-in-xfeatures-if-vCPU.patch +++ b/debian/patches/pve/0008-kvm-xsave-set-mask-out-PKRU-bit-in-xfeatures-if-vCPU.patch @@ -73,15 +73,15 @@ maintenance burden is high. Signed-off-by: Thomas Lamprecht --- arch/x86/kvm/cpuid.c | 6 ++++++ - arch/x86/kvm/cpuid.h | 2 ++ + arch/x86/kvm/cpuid.h | 3 +++ arch/x86/kvm/x86.c | 13 +++++++++++++ - 3 files changed, 21 insertions(+) + 3 files changed, 22 insertions(+) diff --git a/arch/x86/kvm/cpuid.c b/arch/x86/kvm/cpuid.c -index ce1499732cb8..d68c04bde5ed 100644 +index be2baf851ec7d63a2095247d828f390b9757f905..dc73965aa73b21d26b4cf039336da3ca38e89bc6 100644 --- a/arch/x86/kvm/cpuid.c +++ b/arch/x86/kvm/cpuid.c -@@ -262,6 +262,12 @@ static u64 cpuid_get_supported_xcr0(struct kvm_cpuid_entry2 *entries, int nent) +@@ -290,6 +290,12 @@ static u64 cpuid_get_supported_xcr0(struct kvm_cpuid_entry2 *entries, int nent) return (best->eax | ((u64)best->edx << 32)) & kvm_caps.supported_xcr0; } @@ -95,25 +95,27 @@ index ce1499732cb8..d68c04bde5ed 100644 int nent) { diff --git a/arch/x86/kvm/cpuid.h b/arch/x86/kvm/cpuid.h -index 23dbb9eb277c..07da153802e4 100644 +index ad479cfb91bc7bc5d400d2c098536abb4d4babe5..e55eecb2f3646ff7ef63c107c5cc5481fabb8a51 100644 --- a/arch/x86/kvm/cpuid.h +++ b/arch/x86/kvm/cpuid.h -@@ -32,6 +32,8 @@ int kvm_vcpu_ioctl_get_cpuid2(struct kvm_vcpu *vcpu, +@@ -32,7 +32,10 @@ int kvm_vcpu_ioctl_get_cpuid2(struct kvm_vcpu *vcpu, bool kvm_cpuid(struct kvm_vcpu *vcpu, u32 *eax, u32 *ebx, u32 *ecx, u32 *edx, bool exact_only); +bool vcpu_supports_xsave_pkru(struct kvm_vcpu *vcpu); ++ + void __init kvm_init_xstate_sizes(void); + u32 xstate_required_size(u64 xstate_bv, bool compacted); int cpuid_query_maxphyaddr(struct kvm_vcpu *vcpu); diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c -index 3750a0c688b7..706348cbde7c 100644 +index 3667ba359e63579eaff36fea92bf19a84e5df592..4d10fc1a9b4114d1e2edf133717f307043560263 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c -@@ -5580,6 +5580,19 @@ static int kvm_vcpu_ioctl_x86_set_xsave(struct kvm_vcpu *vcpu, +@@ -5633,6 +5633,19 @@ static int kvm_vcpu_ioctl_x86_set_xsave(struct kvm_vcpu *vcpu, if (fpstate_is_confidential(&vcpu->arch.guest_fpu)) - return 0; + return vcpu->kvm->arch.has_protected_state ? -EINVAL : 0; + if (!vcpu_supports_xsave_pkru(vcpu)) { + void *buf = guest_xsave->region; diff --git a/debian/patches/pve/0009-allow-opt-in-to-allow-pass-through-on-broken-hardwar.patch b/debian/patches/pve/0009-allow-opt-in-to-allow-pass-through-on-broken-hardwar.patch index a29f003..eb9d96e 100644 --- a/debian/patches/pve/0009-allow-opt-in-to-allow-pass-through-on-broken-hardwar.patch +++ b/debian/patches/pve/0009-allow-opt-in-to-allow-pass-through-on-broken-hardwar.patch @@ -11,18 +11,18 @@ Signed-off-by: Thomas Lamprecht 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/drivers/iommu/intel/iommu.c b/drivers/iommu/intel/iommu.c -index 31ff09cc5737..9e8cdd7298d3 100644 +index b857633622ea8550299554e211b84c48196bf902..5cb3b52b350c3d6bd627a29e6000ab10b58fd6e1 100644 --- a/drivers/iommu/intel/iommu.c +++ b/drivers/iommu/intel/iommu.c -@@ -234,6 +234,7 @@ static int dmar_map_gfx = 1; +@@ -228,6 +228,7 @@ EXPORT_SYMBOL_GPL(intel_iommu_enabled); static int dmar_map_ipu = 1; static int intel_iommu_superpage = 1; static int iommu_identity_mapping; +static int intel_relaxable_rmrr = 0; static int iommu_skip_te_disable; + static int disable_igfx_iommu; - #define IDENTMAP_GFX 2 -@@ -296,6 +297,9 @@ static int __init intel_iommu_setup(char *str) +@@ -290,6 +291,9 @@ static int __init intel_iommu_setup(char *str) } else if (!strncmp(str, "tboot_noforce", 13)) { pr_info("Intel-IOMMU: not forcing on after tboot. This could expose security risk for tboot\n"); intel_iommu_tboot_noforce = 1; @@ -32,7 +32,7 @@ index 31ff09cc5737..9e8cdd7298d3 100644 } else { pr_notice("Unknown option - '%s'\n", str); } -@@ -2470,7 +2474,7 @@ static bool device_rmrr_is_relaxable(struct device *dev) +@@ -2165,7 +2169,7 @@ static bool device_rmrr_is_relaxable(struct device *dev) return false; pdev = to_pci_dev(dev); diff --git a/debian/patches/pve/0010-KVM-nSVM-Advertise-support-for-flush-by-ASID.patch b/debian/patches/pve/0010-KVM-nSVM-Advertise-support-for-flush-by-ASID.patch index f248acc..2c382c5 100644 --- a/debian/patches/pve/0010-KVM-nSVM-Advertise-support-for-flush-by-ASID.patch +++ b/debian/patches/pve/0010-KVM-nSVM-Advertise-support-for-flush-by-ASID.patch @@ -24,10 +24,10 @@ Signed-off-by: Thomas Lamprecht 1 file changed, 1 insertion(+) diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c -index cf86607bc696..e2c080780d9a 100644 +index 22513133925e0ca5a889ae6105a829af3957778c..1435e5b0a7f604bd0146b7feb5dd06a4516925a1 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c -@@ -5102,6 +5102,7 @@ static __init void svm_set_cpu_caps(void) +@@ -5176,6 +5176,7 @@ static __init void svm_set_cpu_caps(void) if (nested) { kvm_cpu_cap_set(X86_FEATURE_SVM); kvm_cpu_cap_set(X86_FEATURE_VMCBCLEAN); diff --git a/debian/patches/pve/0011-revert-memfd-improve-userspace-warnings-for-missing-.patch b/debian/patches/pve/0011-revert-memfd-improve-userspace-warnings-for-missing-.patch index 5df98ce..ecb8185 100644 --- a/debian/patches/pve/0011-revert-memfd-improve-userspace-warnings-for-missing-.patch +++ b/debian/patches/pve/0011-revert-memfd-improve-userspace-warnings-for-missing-.patch @@ -30,10 +30,10 @@ Signed-off-by: Thomas Lamprecht 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mm/memfd.c b/mm/memfd.c -index d3a1ba4208c9..6a9de5d9105e 100644 +index c17c3ea701a17e9f3a652e77ba60ca9c58b0ca8e..63340d874f1e4aa139b3cce8e4fffcffc0106884 100644 --- a/mm/memfd.c +++ b/mm/memfd.c -@@ -282,7 +282,7 @@ static int check_sysctl_memfd_noexec(unsigned int *flags) +@@ -318,7 +318,7 @@ static int check_sysctl_memfd_noexec(unsigned int *flags) } if (!(*flags & MFD_NOEXEC_SEAL) && sysctl >= MEMFD_NOEXEC_SCOPE_NOEXEC_ENFORCED) { diff --git a/debian/patches/pve/0012-apparmor-expect-msg_namelen-0-for-recvmsg-calls.patch b/debian/patches/pve/0012-apparmor-expect-msg_namelen-0-for-recvmsg-calls.patch index 9bd7c79..36d67f1 100644 --- a/debian/patches/pve/0012-apparmor-expect-msg_namelen-0-for-recvmsg-calls.patch +++ b/debian/patches/pve/0012-apparmor-expect-msg_namelen-0-for-recvmsg-calls.patch @@ -17,7 +17,7 @@ Signed-off-by: Wolfgang Bumiller 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/security/apparmor/af_inet.c b/security/apparmor/af_inet.c -index 57b710054a76..35f905d9b960 100644 +index 57b710054a76582346f37671843f3f8d6e99331c..35f905d9b960f62fa2ecb80b5c1a8e9edecd9b5d 100644 --- a/security/apparmor/af_inet.c +++ b/security/apparmor/af_inet.c @@ -766,7 +766,7 @@ int aa_inet_msg_perm(const char *op, u32 request, struct socket *sock, diff --git a/debian/patches/pve/0013-cifs-fix-pagecache-leak-when-do-writepages.patch b/debian/patches/pve/0013-cifs-fix-pagecache-leak-when-do-writepages.patch deleted file mode 100644 index e7f0832..0000000 --- a/debian/patches/pve/0013-cifs-fix-pagecache-leak-when-do-writepages.patch +++ /dev/null @@ -1,108 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Yang Erkun -Date: Tue, 25 Jun 2024 11:43:32 +0800 -Subject: [PATCH] cifs: fix pagecache leak when do writepages - -After commit f3dc1bdb6b0b("cifs: Fix writeback data corruption"), the -writepages for cifs will find all folio needed writepage with two phase. -The first folio will be found in cifs_writepages_begin, and the latter -various folios will be found in cifs_extend_writeback. - -All those will first get folio, and for normal case, once we set page -writeback and after do really write, we should put the reference, folio -found in cifs_extend_writeback do this with folio_batch_release. But the -folio found in cifs_writepages_begin never get the chance do it. And -every writepages call, we will leak a folio(found this problem while do -xfstests over cifs, the latter show that we will leak about 600M+ every -we run generic/074). - -echo 3 > /proc/sys/vm/drop_caches ; cat /proc/meminfo | grep file -Active(file): 34092 kB -Inactive(file): 176192 kB -./check generic/074 (smb v1) -... -generic/074 50s ... 53s -Ran: generic/074 -Passed all 1 tests - -echo 3 > /proc/sys/vm/drop_caches ; cat /proc/meminfo | grep file -Active(file): 35036 kB -Inactive(file): 854708 kB - -Besides, the exist path seem never handle this folio correctly, fix it too -with this patch. - -The problem does not exist in mainline since writepages path for cifs -has changed to netfs(3ee1a1fc3981 ("cifs: Cut over to using netfslib")). -It's had to backport all related change, so try fix this problem with this -single patch. - -Fixes: f3dc1bdb6b0b ("cifs: Fix writeback data corruption") -Cc: stable@kernel.org # v6.6+ -Signed-off-by: Yang Erkun -(picked from https://lore.kernel.org/linux-cifs/20240625034332.750312-1-yangerkun@huawei.com/) -Signed-off-by: Fiona Ebner ---- - fs/smb/client/file.c | 16 +++++++++++++--- - 1 file changed, 13 insertions(+), 3 deletions(-) - -diff --git a/fs/smb/client/file.c b/fs/smb/client/file.c -index 438d68d681b1..dc5165b16956 100644 ---- a/fs/smb/client/file.c -+++ b/fs/smb/client/file.c -@@ -2845,17 +2845,21 @@ static ssize_t cifs_write_back_from_locked_folio(struct address_space *mapping, - rc = cifs_get_writable_file(CIFS_I(inode), FIND_WR_ANY, &cfile); - if (rc) { - cifs_dbg(VFS, "No writable handle in writepages rc=%d\n", rc); -+ folio_unlock(folio); - goto err_xid; - } - - rc = server->ops->wait_mtu_credits(server, cifs_sb->ctx->wsize, - &wsize, credits); -- if (rc != 0) -+ if (rc != 0) { -+ folio_unlock(folio); - goto err_close; -+ } - - wdata = cifs_writedata_alloc(cifs_writev_complete); - if (!wdata) { - rc = -ENOMEM; -+ folio_unlock(folio); - goto err_uncredit; - } - -@@ -3002,17 +3006,22 @@ static ssize_t cifs_writepages_begin(struct address_space *mapping, - lock_again: - if (wbc->sync_mode != WB_SYNC_NONE) { - ret = folio_lock_killable(folio); -- if (ret < 0) -+ if (ret < 0) { -+ folio_put(folio); - return ret; -+ } - } else { -- if (!folio_trylock(folio)) -+ if (!folio_trylock(folio)) { -+ folio_put(folio); - goto search_again; -+ } - } - - if (folio->mapping != mapping || - !folio_test_dirty(folio)) { - start += folio_size(folio); - folio_unlock(folio); -+ folio_put(folio); - goto search_again; - } - -@@ -3042,6 +3051,7 @@ static ssize_t cifs_writepages_begin(struct address_space *mapping, - out: - if (ret > 0) - *_start = start + ret; -+ folio_put(folio); - return ret; - } - diff --git a/debian/patches/pve/0018-netfs-reset-subreq-iov-iter-before-tail-clean.patch b/debian/patches/pve/0013-netfs-reset-subreq-iov-iter-before-tail-clean.patch similarity index 84% rename from debian/patches/pve/0018-netfs-reset-subreq-iov-iter-before-tail-clean.patch rename to debian/patches/pve/0013-netfs-reset-subreq-iov-iter-before-tail-clean.patch index 75270d8..d8003f9 100644 --- a/debian/patches/pve/0018-netfs-reset-subreq-iov-iter-before-tail-clean.patch +++ b/debian/patches/pve/0013-netfs-reset-subreq-iov-iter-before-tail-clean.patch @@ -15,10 +15,10 @@ Signed-off-by: Christian Ebner 1 file changed, 1 insertion(+) diff --git a/fs/netfs/io.c b/fs/netfs/io.c -index 4261ad6c55b6..27c9e441d21e 100644 +index d6ada4eba74455aad26273a63247356a3910dc4e..500119285346be28a87698dd6ac66b5e276a6c66 100644 --- a/fs/netfs/io.c +++ b/fs/netfs/io.c -@@ -516,6 +516,7 @@ void netfs_subreq_terminated(struct netfs_io_subrequest *subreq, +@@ -528,6 +528,7 @@ void netfs_subreq_terminated(struct netfs_io_subrequest *subreq, incomplete: if (test_bit(NETFS_SREQ_CLEAR_TAIL, &subreq->flags)) { diff --git a/debian/patches/pve/0014-Revert-UBUNTU-SAUCE-iommu-intel-disable-DMAR-for-SKL.patch b/debian/patches/pve/0014-Revert-UBUNTU-SAUCE-iommu-intel-disable-DMAR-for-SKL.patch new file mode 100644 index 0000000..24ab26d --- /dev/null +++ b/debian/patches/pve/0014-Revert-UBUNTU-SAUCE-iommu-intel-disable-DMAR-for-SKL.patch @@ -0,0 +1,97 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Stoiko Ivanov +Date: Mon, 25 Nov 2024 11:10:35 +0100 +Subject: [PATCH] Revert "UBUNTU: SAUCE: iommu/intel: disable DMAR for SKL + integrated gfx" + +Some of our users use the iGPU for PCI-passthrough on those +platforms, which seems broken with this commit added. +https://forum.proxmox.com/threads/.157266 + +This reverts both, commit b310f5f58c83 ("UBUNTU: SAUCE: iommu/intel: +disable DMAR for SKL integrated gfx") and also commit 252bf1619fd5 +("UBUNTU: SAUCE: iommu/intel: disable DMAR for KBL and CML integrated +gfx"). +--- + drivers/iommu/intel/iommu.c | 68 ------------------------------------- + 1 file changed, 68 deletions(-) + +diff --git a/drivers/iommu/intel/iommu.c b/drivers/iommu/intel/iommu.c +index 5cb3b52b350c3d6bd627a29e6000ab10b58fd6e1..9d2de5cdaeaf5f19d7fea14a21b018033e275ac7 100644 +--- a/drivers/iommu/intel/iommu.c ++++ b/drivers/iommu/intel/iommu.c +@@ -4780,74 +4780,6 @@ DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x1632, quirk_iommu_igfx); + DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x163A, quirk_iommu_igfx); + DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x163D, quirk_iommu_igfx); + +-/* SKL */ +-DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x1906, quirk_iommu_igfx); +-DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x1913, quirk_iommu_igfx); +-DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x190E, quirk_iommu_igfx); +-DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x1915, quirk_iommu_igfx); +-DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x1902, quirk_iommu_igfx); +-DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x190A, quirk_iommu_igfx); +-DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x190B, quirk_iommu_igfx); +-DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x1917, quirk_iommu_igfx); +-DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x1916, quirk_iommu_igfx); +-DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x1921, quirk_iommu_igfx); +-DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x191E, quirk_iommu_igfx); +-DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x1912, quirk_iommu_igfx); +-DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x191A, quirk_iommu_igfx); +-DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x191B, quirk_iommu_igfx); +-DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x191D, quirk_iommu_igfx); +-DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x1923, quirk_iommu_igfx); +-DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x1926, quirk_iommu_igfx); +-DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x1927, quirk_iommu_igfx); +-DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x192A, quirk_iommu_igfx); +-DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x192B, quirk_iommu_igfx); +-DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x192D, quirk_iommu_igfx); +-DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x1932, quirk_iommu_igfx); +-DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x193A, quirk_iommu_igfx); +-DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x193B, quirk_iommu_igfx); +-DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x193D, quirk_iommu_igfx); +- +-/* KBL */ +-DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x5902, quirk_iommu_igfx); +-DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x5906, quirk_iommu_igfx); +-DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x5908, quirk_iommu_igfx); +-DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x590A, quirk_iommu_igfx); +-DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x590B, quirk_iommu_igfx); +-DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x590E, quirk_iommu_igfx); +-DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x5912, quirk_iommu_igfx); +-DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x5913, quirk_iommu_igfx); +-DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x5915, quirk_iommu_igfx); +-DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x5916, quirk_iommu_igfx); +-DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x5917, quirk_iommu_igfx); +-DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x591A, quirk_iommu_igfx); +-DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x591B, quirk_iommu_igfx); +-DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x591D, quirk_iommu_igfx); +-DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x591E, quirk_iommu_igfx); +-DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x5921, quirk_iommu_igfx); +-DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x5923, quirk_iommu_igfx); +-DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x5926, quirk_iommu_igfx); +-DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x5927, quirk_iommu_igfx); +-DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x593B, quirk_iommu_igfx); +- +-/* CML */ +-DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x9B21, quirk_iommu_igfx); +-DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x9BA2, quirk_iommu_igfx); +-DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x9BA4, quirk_iommu_igfx); +-DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x9BA5, quirk_iommu_igfx); +-DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x9BA8, quirk_iommu_igfx); +-DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x9BAA, quirk_iommu_igfx); +-DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x9BAC, quirk_iommu_igfx); +-DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x9BC2, quirk_iommu_igfx); +-DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x9BC4, quirk_iommu_igfx); +-DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x9BC5, quirk_iommu_igfx); +-DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x9BC6, quirk_iommu_igfx); +-DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x9BC8, quirk_iommu_igfx); +-DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x9BE6, quirk_iommu_igfx); +-DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x9BF6, quirk_iommu_igfx); +-DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x9B41, quirk_iommu_igfx); +-DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x9BCA, quirk_iommu_igfx); +-DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x9BCC, quirk_iommu_igfx); +- + /* disable IPU dmar support */ + DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, PCI_ANY_ID, quirk_iommu_ipu); + diff --git a/debian/patches/pve/0014-drm-amdgpu-pm-Don-t-use-OD-table-on-Arcturus.patch b/debian/patches/pve/0014-drm-amdgpu-pm-Don-t-use-OD-table-on-Arcturus.patch deleted file mode 100644 index cd88e43..0000000 --- a/debian/patches/pve/0014-drm-amdgpu-pm-Don-t-use-OD-table-on-Arcturus.patch +++ /dev/null @@ -1,69 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Ma Jun -Date: Tue, 19 Mar 2024 11:02:29 +0800 -Subject: [PATCH] drm/amdgpu/pm: Don't use OD table on Arcturus - -OD is not supported on Arcturus, so the OD table -should not be used. - -Signed-off-by: Ma Jun -Acked-by: Alex Deucher -Signed-off-by: Alex Deucher -(cherry picked from commit bc55c344b06f7e6f99eb92d393ff0a84c1532514) -Signed-off-by: Fiona Ebner ---- - .../gpu/drm/amd/pm/swsmu/smu11/arcturus_ppt.c | 33 +++---------------- - 1 file changed, 5 insertions(+), 28 deletions(-) - -diff --git a/drivers/gpu/drm/amd/pm/swsmu/smu11/arcturus_ppt.c b/drivers/gpu/drm/amd/pm/swsmu/smu11/arcturus_ppt.c -index 40ba7227cca5..0c2d04f978ac 100644 ---- a/drivers/gpu/drm/amd/pm/swsmu/smu11/arcturus_ppt.c -+++ b/drivers/gpu/drm/amd/pm/swsmu/smu11/arcturus_ppt.c -@@ -1283,11 +1283,8 @@ static int arcturus_get_power_limit(struct smu_context *smu, - uint32_t *max_power_limit, - uint32_t *min_power_limit) - { -- struct smu_11_0_powerplay_table *powerplay_table = -- (struct smu_11_0_powerplay_table *)smu->smu_table.power_play_table; -- struct smu_11_0_overdrive_table *od_settings = smu->od_settings; - PPTable_t *pptable = smu->smu_table.driver_pptable; -- uint32_t power_limit, od_percent_upper = 0, od_percent_lower = 0; -+ uint32_t power_limit; - - if (smu_v11_0_get_current_power_limit(smu, &power_limit)) { - /* the last hope to figure out the ppt limit */ -@@ -1303,30 +1300,10 @@ static int arcturus_get_power_limit(struct smu_context *smu, - *current_power_limit = power_limit; - if (default_power_limit) - *default_power_limit = power_limit; -- -- if (powerplay_table) { -- if (smu->od_enabled && -- od_settings->cap[SMU_11_0_ODCAP_POWER_LIMIT]) { -- od_percent_upper = le32_to_cpu(powerplay_table->overdrive_table.max[SMU_11_0_ODSETTING_POWERPERCENTAGE]); -- od_percent_lower = le32_to_cpu(powerplay_table->overdrive_table.min[SMU_11_0_ODSETTING_POWERPERCENTAGE]); -- } else if (od_settings->cap[SMU_11_0_ODCAP_POWER_LIMIT]) { -- od_percent_upper = 0; -- od_percent_lower = le32_to_cpu(powerplay_table->overdrive_table.min[SMU_11_0_ODSETTING_POWERPERCENTAGE]); -- } -- } -- -- dev_dbg(smu->adev->dev, "od percent upper:%d, od percent lower:%d (default power: %d)\n", -- od_percent_upper, od_percent_lower, power_limit); -- -- if (max_power_limit) { -- *max_power_limit = power_limit * (100 + od_percent_upper); -- *max_power_limit /= 100; -- } -- -- if (min_power_limit) { -- *min_power_limit = power_limit * (100 - od_percent_lower); -- *min_power_limit /= 100; -- } -+ if (max_power_limit) -+ *max_power_limit = power_limit; -+ if (min_power_limit) -+ *min_power_limit = power_limit; - - return 0; - } diff --git a/debian/patches/pve/0015-apparmor-fix-possible-NULL-pointer-dereference.patch b/debian/patches/pve/0015-apparmor-fix-possible-NULL-pointer-dereference.patch deleted file mode 100644 index 36d4297..0000000 --- a/debian/patches/pve/0015-apparmor-fix-possible-NULL-pointer-dereference.patch +++ /dev/null @@ -1,101 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Leesoo Ahn -Date: Wed, 8 May 2024 01:12:29 +0900 -Subject: [PATCH] apparmor: fix possible NULL pointer dereference - -profile->parent->dents[AAFS_PROF_DIR] could be NULL only if its parent is made -from __create_missing_ancestors(..) and 'ent->old' is NULL in -aa_replace_profiles(..). -In that case, it must return an error code and the code, -ENOENT represents -its state that the path of its parent is not existed yet. - -BUG: kernel NULL pointer dereference, address: 0000000000000030 -PGD 0 P4D 0 -PREEMPT SMP PTI -CPU: 4 PID: 3362 Comm: apparmor_parser Not tainted 6.8.0-24-generic #24 -Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.15.0-1 04/01/2014 -RIP: 0010:aafs_create.constprop.0+0x7f/0x130 -Code: 4c 63 e0 48 83 c4 18 4c 89 e0 5b 41 5c 41 5d 41 5e 41 5f 5d 31 d2 31 c9 31 f6 31 ff 45 31 c0 45 31 c9 45 31 d2 c3 cc cc cc cc <4d> 8b 55 30 4d 8d ba a0 00 00 00 4c 89 55 c0 4c 89 ff e8 7a 6a ae -RSP: 0018:ffffc9000b2c7c98 EFLAGS: 00010246 -RAX: 0000000000000000 RBX: 00000000000041ed RCX: 0000000000000000 -RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 -RBP: ffffc9000b2c7cd8 R08: 0000000000000000 R09: 0000000000000000 -R10: 0000000000000000 R11: 0000000000000000 R12: ffffffff82baac10 -R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 -FS: 00007be9f22cf740(0000) GS:ffff88817bc00000(0000) knlGS:0000000000000000 -CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 -CR2: 0000000000000030 CR3: 0000000134b08000 CR4: 00000000000006f0 -Call Trace: - - ? show_regs+0x6d/0x80 - ? __die+0x24/0x80 - ? page_fault_oops+0x99/0x1b0 - ? kernelmode_fixup_or_oops+0xb2/0x140 - ? __bad_area_nosemaphore+0x1a5/0x2c0 - ? find_vma+0x34/0x60 - ? bad_area_nosemaphore+0x16/0x30 - ? do_user_addr_fault+0x2a2/0x6b0 - ? exc_page_fault+0x83/0x1b0 - ? asm_exc_page_fault+0x27/0x30 - ? aafs_create.constprop.0+0x7f/0x130 - ? aafs_create.constprop.0+0x51/0x130 - __aafs_profile_mkdir+0x3d6/0x480 - aa_replace_profiles+0x83f/0x1270 - policy_update+0xe3/0x180 - profile_load+0xbc/0x150 - ? rw_verify_area+0x47/0x140 - vfs_write+0x100/0x480 - ? __x64_sys_openat+0x55/0xa0 - ? syscall_exit_to_user_mode+0x86/0x260 - ksys_write+0x73/0x100 - __x64_sys_write+0x19/0x30 - x64_sys_call+0x7e/0x25c0 - do_syscall_64+0x7f/0x180 - entry_SYSCALL_64_after_hwframe+0x78/0x80 -RIP: 0033:0x7be9f211c574 -Code: c7 00 16 00 00 00 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 f3 0f 1e fa 80 3d d5 ea 0e 00 00 74 13 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 54 c3 0f 1f 00 55 48 89 e5 48 83 ec 20 48 89 -RSP: 002b:00007ffd26f2b8c8 EFLAGS: 00000202 ORIG_RAX: 0000000000000001 -RAX: ffffffffffffffda RBX: 00005d504415e200 RCX: 00007be9f211c574 -RDX: 0000000000001fc1 RSI: 00005d504418bc80 RDI: 0000000000000004 -RBP: 0000000000001fc1 R08: 0000000000001fc1 R09: 0000000080000000 -R10: 0000000000000000 R11: 0000000000000202 R12: 00005d504418bc80 -R13: 0000000000000004 R14: 00007ffd26f2b9b0 R15: 00007ffd26f2ba30 - -Modules linked in: snd_seq_dummy snd_hrtimer qrtr snd_hda_codec_generic snd_hda_intel snd_intel_dspcfg snd_intel_sdw_acpi snd_hda_codec snd_hda_core snd_hwdep snd_pcm snd_seq_midi snd_seq_midi_event snd_rawmidi snd_seq snd_seq_device i2c_i801 snd_timer i2c_smbus qxl snd soundcore drm_ttm_helper lpc_ich ttm joydev input_leds serio_raw mac_hid binfmt_misc msr parport_pc ppdev lp parport efi_pstore nfnetlink dmi_sysfs qemu_fw_cfg ip_tables x_tables autofs4 hid_generic usbhid hid ahci libahci psmouse virtio_rng xhci_pci xhci_pci_renesas -CR2: 0000000000000030 ----[ end trace 0000000000000000 ]--- -RIP: 0010:aafs_create.constprop.0+0x7f/0x130 -Code: 4c 63 e0 48 83 c4 18 4c 89 e0 5b 41 5c 41 5d 41 5e 41 5f 5d 31 d2 31 c9 31 f6 31 ff 45 31 c0 45 31 c9 45 31 d2 c3 cc cc cc cc <4d> 8b 55 30 4d 8d ba a0 00 00 00 4c 89 55 c0 4c 89 ff e8 7a 6a ae -RSP: 0018:ffffc9000b2c7c98 EFLAGS: 00010246 -RAX: 0000000000000000 RBX: 00000000000041ed RCX: 0000000000000000 -RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 -RBP: ffffc9000b2c7cd8 R08: 0000000000000000 R09: 0000000000000000 -R10: 0000000000000000 R11: 0000000000000000 R12: ffffffff82baac10 -R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 -FS: 00007be9f22cf740(0000) GS:ffff88817bc00000(0000) knlGS:0000000000000000 -CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 -CR2: 0000000000000030 CR3: 0000000134b08000 CR4: 00000000000006f0 - -Signed-off-by: Leesoo Ahn -Signed-off-by: John Johansen -(cherry picked from commit 3dd384108d53834002be5630132ad5c3f32166ad) -Signed-off-by: Fiona Ebner ---- - security/apparmor/apparmorfs.c | 4 ++++ - 1 file changed, 4 insertions(+) - -diff --git a/security/apparmor/apparmorfs.c b/security/apparmor/apparmorfs.c -index be6c3293c9e0..822f2e6a96a7 100644 ---- a/security/apparmor/apparmorfs.c -+++ b/security/apparmor/apparmorfs.c -@@ -1921,6 +1921,10 @@ int __aafs_profile_mkdir(struct aa_profile *profile, struct dentry *parent) - struct aa_profile *p; - p = aa_deref_parent(profile); - dent = prof_dir(p); -+ if (!dent) { -+ error = -ENOENT; -+ goto fail2; -+ } - /* adding to parent that previously didn't have children */ - dent = aafs_create_dir("profiles", dent); - if (IS_ERR(dent)) diff --git a/debian/patches/pve/0015-x86-mm-Don-t-disable-PCID-when-INVLPG-has-been-fixed.patch b/debian/patches/pve/0015-x86-mm-Don-t-disable-PCID-when-INVLPG-has-been-fixed.patch new file mode 100644 index 0000000..320714f --- /dev/null +++ b/debian/patches/pve/0015-x86-mm-Don-t-disable-PCID-when-INVLPG-has-been-fixed.patch @@ -0,0 +1,78 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Xi Ruoyao +Date: Wed, 22 May 2024 10:06:24 +0800 +Subject: [PATCH] x86/mm: Don't disable PCID when INVLPG has been fixed by + microcode + +Per the "Processor Specification Update" documentations referred by +the intel-microcode-20240312 release note, this microcode release has +fixed the issue for all affected models. + +So don't disable PCID if the microcode is new enough. The precise +minimum microcode revision fixing the issue was provided by Pawan +Intel. + +[ dhansen: comment and changelog tweaks ] + +Signed-off-by: Xi Ruoyao +Signed-off-by: Dave Hansen +Acked-by: Pawan Gupta +Link: https://lore.kernel.org/all/168436059559.404.13934972543631851306.tip-bot2@tip-bot2/ +Link: https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20240312 +Link: https://cdrdv2.intel.com/v1/dl/getContent/740518 # RPL042, rev. 13 +Link: https://cdrdv2.intel.com/v1/dl/getContent/682436 # ADL063, rev. 24 +Link: https://lore.kernel.org/all/20240325231300.qrltbzf6twm43ftb@desk/ +Link: https://lore.kernel.org/all/20240522020625.69418-1-xry111%40xry111.site + (cherry-picked from f24f669d03f884a6ef95cca84317d0f329e93961) +Signed-off-by: Thomas Lamprecht +--- + arch/x86/mm/init.c | 23 ++++++++++++++--------- + 1 file changed, 14 insertions(+), 9 deletions(-) + +diff --git a/arch/x86/mm/init.c b/arch/x86/mm/init.c +index eb503f53c3195ca4f299593c0112dab0fb09e7dd..101725c149c4294f22e337845e01c82dfe71cde5 100644 +--- a/arch/x86/mm/init.c ++++ b/arch/x86/mm/init.c +@@ -263,28 +263,33 @@ static void __init probe_page_size_mask(void) + } + + /* +- * INVLPG may not properly flush Global entries +- * on these CPUs when PCIDs are enabled. ++ * INVLPG may not properly flush Global entries on ++ * these CPUs. New microcode fixes the issue. + */ + static const struct x86_cpu_id invlpg_miss_ids[] = { +- X86_MATCH_VFM(INTEL_ALDERLAKE, 0), +- X86_MATCH_VFM(INTEL_ALDERLAKE_L, 0), +- X86_MATCH_VFM(INTEL_ATOM_GRACEMONT, 0), +- X86_MATCH_VFM(INTEL_RAPTORLAKE, 0), +- X86_MATCH_VFM(INTEL_RAPTORLAKE_P, 0), +- X86_MATCH_VFM(INTEL_RAPTORLAKE_S, 0), ++ X86_MATCH_VFM(INTEL_ALDERLAKE, 0x2e), ++ X86_MATCH_VFM(INTEL_ALDERLAKE_L, 0x42c), ++ X86_MATCH_VFM(INTEL_ATOM_GRACEMONT, 0x11), ++ X86_MATCH_VFM(INTEL_RAPTORLAKE, 0x118), ++ X86_MATCH_VFM(INTEL_RAPTORLAKE_P, 0x4117), ++ X86_MATCH_VFM(INTEL_RAPTORLAKE_S, 0x2e), + {} + }; + + static void setup_pcid(void) + { ++ const struct x86_cpu_id *invlpg_miss_match; ++ + if (!IS_ENABLED(CONFIG_X86_64)) + return; + + if (!boot_cpu_has(X86_FEATURE_PCID)) + return; + +- if (x86_match_cpu(invlpg_miss_ids)) { ++ invlpg_miss_match = x86_match_cpu(invlpg_miss_ids); ++ ++ if (invlpg_miss_match && ++ boot_cpu_data.microcode < invlpg_miss_match->driver_data) { + pr_info("Incomplete global flushes, disabling PCID"); + setup_clear_cpu_cap(X86_FEATURE_PCID); + return; diff --git a/debian/patches/pve/0016-PCI-pciehp-Retain-Power-Indicator-bits-for-userspace.patch b/debian/patches/pve/0016-PCI-pciehp-Retain-Power-Indicator-bits-for-userspace.patch deleted file mode 100644 index 7f29e5c..0000000 --- a/debian/patches/pve/0016-PCI-pciehp-Retain-Power-Indicator-bits-for-userspace.patch +++ /dev/null @@ -1,54 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Blazej Kucman -Date: Mon, 22 Jul 2024 16:14:40 +0200 -Subject: [PATCH] PCI: pciehp: Retain Power Indicator bits for userspace - indicators - -The sysfs "attention" file normally controls the Slot Control Attention -Indicator with 0 (off), 1 (on), 2 (blink) settings. - -576243b3f9ea ("PCI: pciehp: Allow exclusive userspace control of -indicators") added pciehp_set_raw_indicator_status() to allow userspace to -directly control all four bits in both the Attention Indicator and the -Power Indicator fields via the "attention" file. - -This is used on Intel VMD bridges so utilities like "ledmon" can use sysfs -"attention" to control up to 16 indicators for NVMe device RAID status. - -abaaac4845a0 ("PCI: hotplug: Use FIELD_GET/PREP()") broke this by masking -the sysfs data with PCI_EXP_SLTCTL_AIC, which discards the upper two bits -intended for the Power Indicator Control field (PCI_EXP_SLTCTL_PIC). - -For NVMe devices behind an Intel VMD, ledmon settings that use the -PCI_EXP_SLTCTL_PIC bits, i.e., ATTENTION_REBUILD (0x5), ATTENTION_LOCATE -(0x7), ATTENTION_FAILURE (0xD), ATTENTION_OFF (0xF), no longer worked -correctly. - -Mask with PCI_EXP_SLTCTL_AIC | PCI_EXP_SLTCTL_PIC to retain both the -Attention Indicator and the Power Indicator bits. - -Fixes: abaaac4845a0 ("PCI: hotplug: Use FIELD_GET/PREP()") -Link: https://lore.kernel.org/r/20240722141440.7210-1-blazej.kucman@intel.com -Signed-off-by: Blazej Kucman -[bhelgaas: commit log] -Signed-off-by: Bjorn Helgaas -Cc: stable@vger.kernel.org # v6.7+ ---- - drivers/pci/hotplug/pciehp_hpc.c | 4 +++- - 1 file changed, 3 insertions(+), 1 deletion(-) - -diff --git a/drivers/pci/hotplug/pciehp_hpc.c b/drivers/pci/hotplug/pciehp_hpc.c -index b1d0a1b3917d..9d3c249207c4 100644 ---- a/drivers/pci/hotplug/pciehp_hpc.c -+++ b/drivers/pci/hotplug/pciehp_hpc.c -@@ -485,7 +485,9 @@ int pciehp_set_raw_indicator_status(struct hotplug_slot *hotplug_slot, - struct pci_dev *pdev = ctrl_dev(ctrl); - - pci_config_pm_runtime_get(pdev); -- pcie_write_cmd_nowait(ctrl, FIELD_PREP(PCI_EXP_SLTCTL_AIC, status), -+ -+ /* Attention and Power Indicator Control bits are supported */ -+ pcie_write_cmd_nowait(ctrl, FIELD_PREP(PCI_EXP_SLTCTL_AIC | PCI_EXP_SLTCTL_PIC, status), - PCI_EXP_SLTCTL_AIC | PCI_EXP_SLTCTL_PIC); - pci_config_pm_runtime_put(pdev); - return 0; diff --git a/debian/patches/pve/0017-io_uring-rw-treat-EOPNOTSUPP-for-IOCB_NOWAIT-like-EA.patch b/debian/patches/pve/0017-io_uring-rw-treat-EOPNOTSUPP-for-IOCB_NOWAIT-like-EA.patch deleted file mode 100644 index 7187c94..0000000 --- a/debian/patches/pve/0017-io_uring-rw-treat-EOPNOTSUPP-for-IOCB_NOWAIT-like-EA.patch +++ /dev/null @@ -1,45 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Jens Axboe -Date: Tue, 10 Sep 2024 08:30:57 -0600 -Subject: [PATCH] io_uring/rw: treat -EOPNOTSUPP for IOCB_NOWAIT like -EAGAIN - -Some file systems, ocfs2 in this case, will return -EOPNOTSUPP for -an IOCB_NOWAIT read/write attempt. While this can be argued to be -correct, the usual return value for something that requires blocking -issue is -EAGAIN. - -A refactoring io_uring commit dropped calling kiocb_done() for -negative return values, which is otherwise where we already do that -transformation. To ensure we catch it in both spots, check it in -__io_read() itself as well. - -Reported-by: Robert Sander -Link: https://fosstodon.org/@gurubert@mastodon.gurubert.de/113112431889638440 -Cc: stable@vger.kernel.org -Fixes: a08d195b586a ("io_uring/rw: split io_read() into a helper") -Signed-off-by: Jens Axboe -(cherry picked from commit c0a9d496e0fece67db777bd48550376cf2960c47) -Signed-off-by: Daniel Kral ---- - io_uring/rw.c | 8 ++++++++ - 1 file changed, 8 insertions(+) - -diff --git a/io_uring/rw.c b/io_uring/rw.c -index c3c154790e45..ed7f67097572 100644 ---- a/io_uring/rw.c -+++ b/io_uring/rw.c -@@ -825,6 +825,14 @@ static int __io_read(struct io_kiocb *req, unsigned int issue_flags) - - ret = io_iter_do_read(rw, &s->iter); - -+ /* -+ * Some file systems like to return -EOPNOTSUPP for an IOCB_NOWAIT -+ * issue, even though they should be returning -EAGAIN. To be safe, -+ * retry from blocking context for either. -+ */ -+ if (ret == -EOPNOTSUPP && force_nonblock) -+ ret = -EAGAIN; -+ - if (ret == -EAGAIN || (req->flags & REQ_F_REISSUE)) { - req->flags &= ~REQ_F_REISSUE; - /* diff --git a/debian/patches/pve/0019-x86-CPU-AMD-Clear-virtualized-VMLOAD-VMSAVE-on-Zen4-.patch b/debian/patches/pve/0019-x86-CPU-AMD-Clear-virtualized-VMLOAD-VMSAVE-on-Zen4-.patch deleted file mode 100644 index 76957b6..0000000 --- a/debian/patches/pve/0019-x86-CPU-AMD-Clear-virtualized-VMLOAD-VMSAVE-on-Zen4-.patch +++ /dev/null @@ -1,44 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Mario Limonciello -Date: Tue, 5 Nov 2024 10:02:34 -0600 -Subject: [PATCH] x86/CPU/AMD: Clear virtualized VMLOAD/VMSAVE on Zen4 client - -A number of Zen4 client SoCs advertise the ability to use virtualized -VMLOAD/VMSAVE, but using these instructions is reported to be a cause -of a random host reboot. - -These instructions aren't intended to be advertised on Zen4 client -so clear the capability. - -Signed-off-by: Mario Limonciello -Signed-off-by: Borislav Petkov (AMD) -Cc: stable@vger.kernel.org -Link: https://bugzilla.kernel.org/show_bug.cgi?id=219009 -(cherry picked from commit a5ca1dc46a6b610dd4627d8b633d6c84f9724ef0) -Signed-off-by: Fiona Ebner ---- - arch/x86/kernel/cpu/amd.c | 11 +++++++++++ - 1 file changed, 11 insertions(+) - -diff --git a/arch/x86/kernel/cpu/amd.c b/arch/x86/kernel/cpu/amd.c -index 1e0fe5f8ab84..ee87f997d31f 100644 ---- a/arch/x86/kernel/cpu/amd.c -+++ b/arch/x86/kernel/cpu/amd.c -@@ -924,6 +924,17 @@ static void init_amd_zen4(struct cpuinfo_x86 *c) - { - if (!cpu_has(c, X86_FEATURE_HYPERVISOR)) - msr_set_bit(MSR_ZEN4_BP_CFG, MSR_ZEN4_BP_CFG_SHARED_BTB_FIX_BIT); -+ -+ /* -+ * These Zen4 SoCs advertise support for virtualized VMLOAD/VMSAVE -+ * in some BIOS versions but they can lead to random host reboots. -+ */ -+ switch (c->x86_model) { -+ case 0x18 ... 0x1f: -+ case 0x60 ... 0x7f: -+ clear_cpu_cap(c, X86_FEATURE_V_VMSAVE_VMLOAD); -+ break; -+ } - } - - static void init_amd_zen5(struct cpuinfo_x86 *c) diff --git a/debian/patches/series.linux b/debian/patches/series.linux index 889c1f6..d038dea 100644 --- a/debian/patches/series.linux +++ b/debian/patches/series.linux @@ -10,10 +10,6 @@ pve/0009-allow-opt-in-to-allow-pass-through-on-broken-hardwar.patch pve/0010-KVM-nSVM-Advertise-support-for-flush-by-ASID.patch pve/0011-revert-memfd-improve-userspace-warnings-for-missing-.patch pve/0012-apparmor-expect-msg_namelen-0-for-recvmsg-calls.patch -pve/0013-cifs-fix-pagecache-leak-when-do-writepages.patch -pve/0014-drm-amdgpu-pm-Don-t-use-OD-table-on-Arcturus.patch -pve/0015-apparmor-fix-possible-NULL-pointer-dereference.patch -pve/0016-PCI-pciehp-Retain-Power-Indicator-bits-for-userspace.patch -pve/0017-io_uring-rw-treat-EOPNOTSUPP-for-IOCB_NOWAIT-like-EA.patch -pve/0018-netfs-reset-subreq-iov-iter-before-tail-clean.patch -pve/0019-x86-CPU-AMD-Clear-virtualized-VMLOAD-VMSAVE-on-Zen4-.patch +pve/0013-netfs-reset-subreq-iov-iter-before-tail-clean.patch +pve/0014-Revert-UBUNTU-SAUCE-iommu-intel-disable-DMAR-for-SKL.patch +pve/0015-x86-mm-Don-t-disable-PCID-when-INVLPG-has-been-fixed.patch diff --git a/debian/patches/series.zfs b/debian/patches/series.zfs index 5fd3ae9..b82bc18 100644 --- a/debian/patches/series.zfs +++ b/debian/patches/series.zfs @@ -6,5 +6,4 @@ zfs/0005-Enable-zed-emails.patch zfs/0006-dont-symlink-zed-scripts.patch zfs/0007-Add-systemd-unit-for-importing-specific-pools.patch zfs/0008-Patch-move-manpage-arcstat-1-to-arcstat-8.patch -zfs/0009-arc-stat-summary-guard-access-to-l2arc-MFU-MRU-stats.patch zfs/0012-change-zfs-lic-cddl-to-gpl.patch