From a4d68fc9ade9c1723d116092a2ada50be51fb8f1 Mon Sep 17 00:00:00 2001 From: David P Date: Thu, 26 Apr 2018 23:03:59 -0300 Subject: upgpkg: libre/linux-libre-hardened 4.16.5_gnu.a-1 Signed-off-by: David P --- libre/linux-libre-hardened/PKGBUILD | 47 +- .../change-console-loglevel-motormouth.patch | 13 + libre/linux-libre-hardened/config.x86_64 | 342 ++++++++----- ...vboxguest-on-guests-with-more-than-4G-RAM.patch | 549 +++++++++++++++++++++ ...tia-Regression-on-reset-with-1.x-firmware.patch | 68 +++ ...lly-revert-swiotlb-remove-various-exports.patch | 26 + 6 files changed, 900 insertions(+), 145 deletions(-) create mode 100644 libre/linux-libre-hardened/change-console-loglevel-motormouth.patch create mode 100644 libre/linux-libre-hardened/fix-vboxguest-on-guests-with-more-than-4G-RAM.patch create mode 100644 libre/linux-libre-hardened/net-aquantia-Regression-on-reset-with-1.x-firmware.patch create mode 100644 libre/linux-libre-hardened/partially-revert-swiotlb-remove-various-exports.patch (limited to 'libre/linux-libre-hardened') diff --git a/libre/linux-libre-hardened/PKGBUILD b/libre/linux-libre-hardened/PKGBUILD index bd57b75e4..51ee63163 100644 --- a/libre/linux-libre-hardened/PKGBUILD +++ b/libre/linux-libre-hardened/PKGBUILD @@ -7,11 +7,9 @@ # Contributor: Luke Shumaker # Contributor: Luke R. -# Based on linux-hardened package - pkgbase=linux-libre-hardened -_pkgbasever=4.15-gnu -_pkgver=4.15.18-gnu +_pkgbasever=4.16-gnu +_pkgver=4.16.5-gnu _hardenedver=a _replacesarchkernel=('linux%') # '%' gets replaced with _kernelname @@ -23,7 +21,7 @@ _archpkgver=${_pkgver%-*} pkgver=${_pkgver//-/_}.${_hardenedver} pkgrel=1 arch=('x86_64') -url="https://jxself.org/git/?p=linux-libre-hardened.git" +url="https://jxself.org/git/linux-libre-hardened.git" license=('GPL2') makedepends=('xmlto' 'kmod' 'inetutils' 'bc' 'libelf') makedepends_armv7h=('git') @@ -31,7 +29,7 @@ options=('!strip') source=( "https://linux-libre.fsfla.org/pub/linux-libre/releases/${_pkgbasever}/linux-libre-${_pkgbasever}.tar.xz"{,.sign} "https://linux-libre.fsfla.org/pub/linux-libre/releases/${_pkgver}/patch-${_pkgbasever}-${_pkgver}.xz"{,.sign} - "https://github.com/copperhead/linux-hardened/releases/download/${_pkgver%-*}.${_hardenedver}/linux-hardened-${_pkgver%-*}.${_hardenedver}.patch"{,.sig} + "https://github.com/anthraxx/linux-hardened/releases/download/${_pkgver%-*}.${_hardenedver}/linux-hardened-${_pkgver%-*}.${_hardenedver}.patch"{,.sig} "https://repo.parabola.nu/other/linux-libre/logos/logo_linux_clut224.ppm"{,.sig} "https://repo.parabola.nu/other/linux-libre/logos/logo_linux_mono.pbm"{,.sig} "https://repo.parabola.nu/other/linux-libre/logos/logo_linux_vga16.ppm"{,.sig} @@ -42,20 +40,25 @@ source=( # standard config files for mkinitcpio ramdisk 'linux.preset' # other patches + 'change-console-loglevel-motormouth.patch' '0001-usb-serial-gadget-no-TTY-hangup-on-USB-disconnect-WI.patch' '0002-fix-Atmel-maXTouch-touchscreen-support.patch' 'drm-i915-edp-Only-use-the-alternate-fixed-mode-if-its-asked-for.patch' + 'net-aquantia-Regression-on-reset-with-1.x-firmware.patch' + 'fix-vboxguest-on-guests-with-more-than-4G-RAM.patch' + 'partially-revert-swiotlb-remove-various-exports.patch' ) validpgpkeys=( '474402C8C582DAFBE389C427BCB7CF877E7D47A7' # Alexandre Oliva '65EEFE022108E2B708CBFCF7F9E712E59AF5F22A' # Daniel Micay '6DB9C4B4F0D8C0DC432CF6E4227CA7C556B2BA78' # David P. + 'E240B57E2C4630BA768E2F26FC1B547C8D8172C8' # Levente Polyak ) -sha512sums=('a55cc663c6fb1e1cfa7905282b368b5d5888bc2398f0acf37e5bb9a232ded04fd566b1980e654da26aaec005332e458581495184d6bd4cec669181085d4d78a5' +sha512sums=('c6805b3649cd71cfef272384958b33da23a00908e795592470bf711dd67886ab7d7610e7d4ae8a2230fa7483466636465ed9744444464a078de37b41c3db23e0' 'SKIP' - '28e585a1da5933c9b117f7159ab6ac15ac509b07a86a870c9f722c26183cb0bbcd739a73ea31c5d0018e622d808dd2e39c9371014ebb627c3dc7be3096cff4b1' + '0696f81eccf4c47acd4074f50a6f7dcae38171bbe91d3df14ddaa9692192dfcd9bfa715dfea714460ed3dc59683c7a1fbf9eca0982fffc23537942ad76f0bf72' 'SKIP' - '2fcae37b56805c66f9cc69a77a70b58a7b8ea6ffa3a348faa23f10a0e38e2eb6581cfffb1d66673d9659960e1d8269d342293a25b766b6d713edae023b7220c7' + 'e6f8a00cffb758925cddd7f1f40616c72cf1dce8f25d484b444b891b5cb1f308b87e0eb31478a6cfcf4a2968569a80f0d908b46eccfc55777ef991138f03c14c' 'SKIP' '13cb5bc42542e7b8bb104d5f68253f6609e463b6799800418af33eb0272cc269aaa36163c3e6f0aacbdaaa1d05e2827a4a7c4a08a029238439ed08b89c564bb3' 'SKIP' @@ -63,13 +66,17 @@ sha512sums=('a55cc663c6fb1e1cfa7905282b368b5d5888bc2398f0acf37e5bb9a232ded04fd56 'SKIP' '7a3716bfe3b9f546da309c7492f3e08f8f506813afeb1c737a474c83313d5c313cf4582b65215c2cfce3b74d9d1021c96e8badafe8f6e5b01fe28d2b5c61ae78' 'SKIP' - 'dc603826cb95bc6be3d590c53be5b77636fa116ea52c09742d890730f37cd33ed42f0064aa2d6d7a70636e4617224af687dddff762a411165002d3760905b65a' + '5643b3fc465a6f1e238cb32f037f04a8f4d11961a31962fac2c2f0a7e6c372575868d2491643076906de0fa4f51e4a8f051af19362cb2d7b8b1fd8209f18fe0a' '7ad5be75ee422dda3b80edd2eb614d8a9181e2c8228cd68b3881e2fb95953bf2dea6cbe7900ce1013c9de89b2802574b7b24869fc5d7a95d3cc3112c4d27063a' '4a8b324aee4cccf3a512ad04ce1a272d14e5b05c8de90feb82075f55ea3845948d817e1b0c6f298f5816834ddd3e5ce0a0e2619866289f3c1ab8fd2f35f04f44' '2dc6b0ba8f7dbf19d2446c5c5f1823587de89f4e28e9595937dd51a87755099656f2acec50e3e2546ea633ad1bfd1c722e0c2b91eef1d609103d8abdc0a7cbaf' + '0a1a18aa8a6cbf1bab406d356786d2c35fe52608c25bef8beefe440b8a015ba59375106f8b04051ae2225e158420875a82ee07d5b88a2f2087afeb102e8966c0' '02af4dd2a007e41db0c63822c8ab3b80b5d25646af1906dc85d0ad9bb8bbf5236f8e381d7f91cf99ed4b0978c50aee37cb9567cdeef65b7ec3d91b882852b1af' 'b8fe56e14006ab866970ddbd501c054ae37186ddc065bb869cf7d18db8c0d455118d5bda3255fb66a0dde38b544655cfe9040ffe46e41d19830b47959b2fb168' - '46f470d6f4df2b697db656e262d20c198e623da7332da5e35299834480a6f1ef9d3567b4827a4f3a3bd83ef4c3082d95045a437fea1f22f83a76e07bed508e2d') + '46f470d6f4df2b697db656e262d20c198e623da7332da5e35299834480a6f1ef9d3567b4827a4f3a3bd83ef4c3082d95045a437fea1f22f83a76e07bed508e2d' + 'f606cbdda4f7a6481d9eb7ffa47890aad8c813debb4bb26835c511aa9109604e45b511a73d0716da87e2bfe2f623ad4a7e8ff4aa9aa96eb40dcabd5313612d55' + '71408629596f01141ac45a9a8592dd91f4e3a6ed68c88cfe016fcc8128a3d770adedc4d0fe7f025d55afa67b8c0961d6d716256ef57e4aed473f788233244442' + '4905635c0d94dedcc098a902b731cbfb63b2cbcdf35404a769cb71f257aead0977a526887e8d55badf9fd029ed2d125c9b8c38b0980bda028a667be0ebc0821b') _kernelname=${pkgbase#linux-libre} _grsecname=-grsec @@ -99,7 +106,16 @@ prepare() { # https://bugs.archlinux.org/task/56711 patch -Np1 -i ../drm-i915-edp-Only-use-the-alternate-fixed-mode-if-its-asked-for.patch - + + # NVIDIA driver compat + patch -Np1 -i ../partially-revert-swiotlb-remove-various-exports.patch + + # https://bugs.archlinux.org/task/58153 + patch -Np1 -i ../fix-vboxguest-on-guests-with-more-than-4G-RAM.patch + + # https://bugs.archlinux.org/task/58174 + patch -Np1 -i ../net-aquantia-Regression-on-reset-with-1.x-firmware.patch + # maintain the TTY over USB disconnects # http://www.coreboot.org/EHCI_Gadget_Debug patch -p1 -i ../0001-usb-serial-gadget-no-TTY-hangup-on-USB-disconnect-WI.patch @@ -109,6 +125,10 @@ prepare() { # http://www.fsfla.org/pipermail/linux-libre/2015-November/003202.html patch -p1 -i ../0002-fix-Atmel-maXTouch-touchscreen-support.patch + # set CONSOLE_LOGLEVEL_MOTORMOUTH to 1 + # https://labs.parabola.nu/issues/1754 + patch -p1 -i ../change-console-loglevel-motormouth.patch + cat ../config.${CARCH} - >.config < +Date: Wed, 11 Apr 2018 21:27:44 +0200 +Subject: Fix vboxguest on guests with more than 4G RAM + +Squashed commit of the following: + +commit 042b191f6b98165d6bcca3ae09a0f9b289d6155e +Author: Hans de Goede +Date: Thu Mar 29 17:28:57 2018 +0200 + + virt: vbox: Log an error when we fail to get the host version + + This was the only error path during probe without a message being logged + about what went wrong, this fixes this. + + Signed-off-by: Hans de Goede + +commit e4111a6c617687f7cb414ddfa8176206910db76e +Author: Hans de Goede +Date: Thu Mar 29 17:28:56 2018 +0200 + + virt: vbox: Use __get_free_pages instead of kmalloc for DMA32 memory + + It is not possible to get DMA32 zone memory through kmalloc, causing + the vboxguest driver to malfunction due to getting memory above + 4G which the PCI device cannot handle. + + This commit changes the kmalloc calls where the 4G limit matters to + using __get_free_pages() fixing vboxguest not working on x86_64 guests + with more then 4G RAM. + + Cc: stable@vger.kernel.org + Reported-by: Eloy Coto Pereiro + Signed-off-by: Hans de Goede + +commit 2cb20368ce32e7275a351eadadd4c8f3da742a28 +Author: Hans de Goede +Date: Thu Mar 29 17:28:55 2018 +0200 + + virt: vbox: Add vbg_req_free() helper function + + This is a preparation patch for fixing issues on x86_64 virtual-machines + with more then 4G of RAM, atm we pass __GFP_DMA32 to kmalloc, but kmalloc + does not honor that, so we need to switch to get_pages, which means we + will not be able to use kfree to free memory allocated with vbg_alloc_req. + + While at it also remove a comment on a vbg_alloc_req call which talks + about Windows (inherited from the vbox upstream cross-platform code). + + Cc: stable@vger.kernel.org + Signed-off-by: Hans de Goede + +commit fa5c012bc9c3e1ada5cde0bfa3c6706be97b7cb0 +Author: Hans de Goede +Date: Thu Mar 29 17:28:54 2018 +0200 + + virt: vbox: Move declarations of vboxguest private functions to private header + + Move the declarations of functions from vboxguest_utils.c which are only + meant for vboxguest internal use from include/linux/vbox_utils.h to + drivers/virt/vboxguest/vboxguest_core.h. + + Cc: stable@vger.kernel.org + Signed-off-by: Hans de Goede +--- + drivers/virt/vboxguest/vboxguest_core.c | 70 +++++++++++++----------- + drivers/virt/vboxguest/vboxguest_core.h | 9 +++ + drivers/virt/vboxguest/vboxguest_linux.c | 19 ++++++- + drivers/virt/vboxguest/vboxguest_utils.c | 17 ++++-- + include/linux/vbox_utils.h | 23 -------- + 5 files changed, 76 insertions(+), 62 deletions(-) + +diff --git a/drivers/virt/vboxguest/vboxguest_core.c b/drivers/virt/vboxguest/vboxguest_core.c +index 190dbf8cfcb5..2f3856a95856 100644 +--- a/drivers/virt/vboxguest/vboxguest_core.c ++++ b/drivers/virt/vboxguest/vboxguest_core.c +@@ -114,7 +114,7 @@ static void vbg_guest_mappings_init(struct vbg_dev *gdev) + } + + out: +- kfree(req); ++ vbg_req_free(req, sizeof(*req)); + kfree(pages); + } + +@@ -144,7 +144,7 @@ static void vbg_guest_mappings_exit(struct vbg_dev *gdev) + + rc = vbg_req_perform(gdev, req); + +- kfree(req); ++ vbg_req_free(req, sizeof(*req)); + + if (rc < 0) { + vbg_err("%s error: %d\n", __func__, rc); +@@ -214,8 +214,8 @@ static int vbg_report_guest_info(struct vbg_dev *gdev) + ret = vbg_status_code_to_errno(rc); + + out_free: +- kfree(req2); +- kfree(req1); ++ vbg_req_free(req2, sizeof(*req2)); ++ vbg_req_free(req1, sizeof(*req1)); + return ret; + } + +@@ -245,7 +245,7 @@ static int vbg_report_driver_status(struct vbg_dev *gdev, bool active) + if (rc == VERR_NOT_IMPLEMENTED) /* Compatibility with older hosts. */ + rc = VINF_SUCCESS; + +- kfree(req); ++ vbg_req_free(req, sizeof(*req)); + + return vbg_status_code_to_errno(rc); + } +@@ -431,58 +431,52 @@ static int vbg_heartbeat_host_config(struct vbg_dev *gdev, bool enabled) + rc = vbg_req_perform(gdev, req); + do_div(req->interval_ns, 1000000); /* ns -> ms */ + gdev->heartbeat_interval_ms = req->interval_ns; +- kfree(req); ++ vbg_req_free(req, sizeof(*req)); + + return vbg_status_code_to_errno(rc); + } + + /** + * Initializes the heartbeat timer. This feature may be disabled by the host. + * Return: 0 or negative errno value. + * @gdev: The Guest extension device. + */ + static int vbg_heartbeat_init(struct vbg_dev *gdev) + { + int ret; + + /* Make sure that heartbeat checking is disabled if we fail. */ + ret = vbg_heartbeat_host_config(gdev, false); + if (ret < 0) + return ret; + + ret = vbg_heartbeat_host_config(gdev, true); + if (ret < 0) + return ret; + +- /* +- * Preallocate the request to use it from the timer callback because: +- * 1) on Windows vbg_req_alloc must be called at IRQL <= APC_LEVEL +- * and the timer callback runs at DISPATCH_LEVEL; +- * 2) avoid repeated allocations. +- */ + gdev->guest_heartbeat_req = vbg_req_alloc( + sizeof(*gdev->guest_heartbeat_req), + VMMDEVREQ_GUEST_HEARTBEAT); + if (!gdev->guest_heartbeat_req) + return -ENOMEM; + + vbg_info("%s: Setting up heartbeat to trigger every %d milliseconds\n", + __func__, gdev->heartbeat_interval_ms); + mod_timer(&gdev->heartbeat_timer, 0); + + return 0; + } + + /** + * Cleanup hearbeat code, stop HB timer and disable host heartbeat checking. + * @gdev: The Guest extension device. + */ + static void vbg_heartbeat_exit(struct vbg_dev *gdev) + { + del_timer_sync(&gdev->heartbeat_timer); + vbg_heartbeat_host_config(gdev, false); +- kfree(gdev->guest_heartbeat_req); +- ++ vbg_req_free(gdev->guest_heartbeat_req, ++ sizeof(*gdev->guest_heartbeat_req)); + } + + /** +@@ -543,7 +537,7 @@ static int vbg_reset_host_event_filter(struct vbg_dev *gdev, + if (rc < 0) + vbg_err("%s error, rc: %d\n", __func__, rc); + +- kfree(req); ++ vbg_req_free(req, sizeof(*req)); + return vbg_status_code_to_errno(rc); + } + +@@ -617,32 +611,32 @@ static int vbg_set_session_event_filter(struct vbg_dev *gdev, + + out: + mutex_unlock(&gdev->session_mutex); +- kfree(req); ++ vbg_req_free(req, sizeof(*req)); + + return ret; + } + + /** + * Init and termination worker for set guest capabilities to zero on the host. + * Return: 0 or negative errno value. + * @gdev: The Guest extension device. + */ + static int vbg_reset_host_capabilities(struct vbg_dev *gdev) + { + struct vmmdev_mask *req; + int rc; + + req = vbg_req_alloc(sizeof(*req), VMMDEVREQ_SET_GUEST_CAPABILITIES); + if (!req) + return -ENOMEM; + + req->not_mask = U32_MAX; + req->or_mask = 0; + rc = vbg_req_perform(gdev, req); + if (rc < 0) + vbg_err("%s error, rc: %d\n", __func__, rc); + +- kfree(req); ++ vbg_req_free(req, sizeof(*req)); + return vbg_status_code_to_errno(rc); + } + +@@ -712,44 +706,46 @@ static int vbg_set_session_capabilities(struct vbg_dev *gdev, + + out: + mutex_unlock(&gdev->session_mutex); +- kfree(req); ++ vbg_req_free(req, sizeof(*req)); + + return ret; + } + + /** + * vbg_query_host_version get the host feature mask and version information. + * Return: 0 or negative errno value. + * @gdev: The Guest extension device. + */ + static int vbg_query_host_version(struct vbg_dev *gdev) + { + struct vmmdev_host_version *req; + int rc, ret; + + req = vbg_req_alloc(sizeof(*req), VMMDEVREQ_GET_HOST_VERSION); + if (!req) + return -ENOMEM; + + rc = vbg_req_perform(gdev, req); + ret = vbg_status_code_to_errno(rc); +- if (ret) ++ if (ret) { ++ vbg_err("%s error: %d\n", __func__, rc); + goto out; ++ } + + snprintf(gdev->host_version, sizeof(gdev->host_version), "%u.%u.%ur%u", + req->major, req->minor, req->build, req->revision); + gdev->host_features = req->features; + + vbg_info("vboxguest: host-version: %s %#x\n", gdev->host_version, + gdev->host_features); + + if (!(req->features & VMMDEV_HVF_HGCM_PHYS_PAGE_LIST)) { + vbg_err("vboxguest: Error host too old (does not support page-lists)\n"); + ret = -ENODEV; + } + + out: +- kfree(req); ++ vbg_req_free(req, sizeof(*req)); + return ret; + } + +@@ -847,36 +843,46 @@ int vbg_core_init(struct vbg_dev *gdev, u32 fixed_events) + return 0; + + err_free_reqs: +- kfree(gdev->mouse_status_req); +- kfree(gdev->ack_events_req); +- kfree(gdev->cancel_req); +- kfree(gdev->mem_balloon.change_req); +- kfree(gdev->mem_balloon.get_req); ++ vbg_req_free(gdev->mouse_status_req, ++ sizeof(*gdev->mouse_status_req)); ++ vbg_req_free(gdev->ack_events_req, ++ sizeof(*gdev->ack_events_req)); ++ vbg_req_free(gdev->cancel_req, ++ sizeof(*gdev->cancel_req)); ++ vbg_req_free(gdev->mem_balloon.change_req, ++ sizeof(*gdev->mem_balloon.change_req)); ++ vbg_req_free(gdev->mem_balloon.get_req, ++ sizeof(*gdev->mem_balloon.get_req)); + return ret; + } + + /** + * Call this on exit to clean-up vboxguest-core managed resources. + * + * The native code should call this before the driver is loaded, + * but don't call this on shutdown. + * @gdev: The Guest extension device. + */ + void vbg_core_exit(struct vbg_dev *gdev) + { + vbg_heartbeat_exit(gdev); + vbg_guest_mappings_exit(gdev); + + /* Clear the host flags (mouse status etc). */ + vbg_reset_host_event_filter(gdev, 0); + vbg_reset_host_capabilities(gdev); + vbg_core_set_mouse_status(gdev, 0); + +- kfree(gdev->mouse_status_req); +- kfree(gdev->ack_events_req); +- kfree(gdev->cancel_req); +- kfree(gdev->mem_balloon.change_req); +- kfree(gdev->mem_balloon.get_req); ++ vbg_req_free(gdev->mouse_status_req, ++ sizeof(*gdev->mouse_status_req)); ++ vbg_req_free(gdev->ack_events_req, ++ sizeof(*gdev->ack_events_req)); ++ vbg_req_free(gdev->cancel_req, ++ sizeof(*gdev->cancel_req)); ++ vbg_req_free(gdev->mem_balloon.change_req, ++ sizeof(*gdev->mem_balloon.change_req)); ++ vbg_req_free(gdev->mem_balloon.get_req, ++ sizeof(*gdev->mem_balloon.get_req)); + } + + /** +@@ -1415,7 +1421,7 @@ static int vbg_ioctl_write_core_dump(struct vbg_dev *gdev, + req->flags = dump->u.in.flags; + dump->hdr.rc = vbg_req_perform(gdev, req); + +- kfree(req); ++ vbg_req_free(req, sizeof(*req)); + return 0; + } + +@@ -1513,7 +1519,7 @@ int vbg_core_set_mouse_status(struct vbg_dev *gdev, u32 features) + if (rc < 0) + vbg_err("%s error, rc: %d\n", __func__, rc); + +- kfree(req); ++ vbg_req_free(req, sizeof(*req)); + return vbg_status_code_to_errno(rc); + } + +diff --git a/drivers/virt/vboxguest/vboxguest_core.h b/drivers/virt/vboxguest/vboxguest_core.h +index 6c784bf4fa6d..7ad9ec45bfa9 100644 +--- a/drivers/virt/vboxguest/vboxguest_core.h ++++ b/drivers/virt/vboxguest/vboxguest_core.h +@@ -171,4 +171,13 @@ irqreturn_t vbg_core_isr(int irq, void *dev_id); + + void vbg_linux_mouse_event(struct vbg_dev *gdev); + ++/* Private (non exported) functions form vboxguest_utils.c */ ++void *vbg_req_alloc(size_t len, enum vmmdev_request_type req_type); ++void vbg_req_free(void *req, size_t len); ++int vbg_req_perform(struct vbg_dev *gdev, void *req); ++int vbg_hgcm_call32( ++ struct vbg_dev *gdev, u32 client_id, u32 function, u32 timeout_ms, ++ struct vmmdev_hgcm_function_parameter32 *parm32, u32 parm_count, ++ int *vbox_status); ++ + #endif +diff --git a/drivers/virt/vboxguest/vboxguest_linux.c b/drivers/virt/vboxguest/vboxguest_linux.c +index 82e280d38cc2..398d22693234 100644 +--- a/drivers/virt/vboxguest/vboxguest_linux.c ++++ b/drivers/virt/vboxguest/vboxguest_linux.c +@@ -87,52 +87,65 @@ static long vbg_misc_device_ioctl(struct file *filp, unsigned int req, + struct vbg_session *session = filp->private_data; + size_t returned_size, size; + struct vbg_ioctl_hdr hdr; ++ bool is_vmmdev_req; + int ret = 0; + void *buf; + + if (copy_from_user(&hdr, (void *)arg, sizeof(hdr))) + return -EFAULT; + + if (hdr.version != VBG_IOCTL_HDR_VERSION) + return -EINVAL; + + if (hdr.size_in < sizeof(hdr) || + (hdr.size_out && hdr.size_out < sizeof(hdr))) + return -EINVAL; + + size = max(hdr.size_in, hdr.size_out); + if (_IOC_SIZE(req) && _IOC_SIZE(req) != size) + return -EINVAL; + if (size > SZ_16M) + return -E2BIG; + +- /* __GFP_DMA32 because IOCTL_VMMDEV_REQUEST passes this to the host */ +- buf = kmalloc(size, GFP_KERNEL | __GFP_DMA32); ++ /* ++ * IOCTL_VMMDEV_REQUEST needs the buffer to be below 4G to avoid ++ * the need for a bounce-buffer and another copy later on. ++ */ ++ is_vmmdev_req = (req & ~IOCSIZE_MASK) == VBG_IOCTL_VMMDEV_REQUEST(0) || ++ req == VBG_IOCTL_VMMDEV_REQUEST_BIG; ++ ++ if (is_vmmdev_req) ++ buf = vbg_req_alloc(size, VBG_IOCTL_HDR_TYPE_DEFAULT); ++ else ++ buf = kmalloc(size, GFP_KERNEL); + if (!buf) + return -ENOMEM; + + if (copy_from_user(buf, (void *)arg, hdr.size_in)) { + ret = -EFAULT; + goto out; + } + if (hdr.size_in < size) + memset(buf + hdr.size_in, 0, size - hdr.size_in); + + ret = vbg_core_ioctl(session, req, buf); + if (ret) + goto out; + + returned_size = ((struct vbg_ioctl_hdr *)buf)->size_out; + if (returned_size > size) { + vbg_debug("%s: too much output data %zu > %zu\n", + __func__, returned_size, size); + returned_size = size; + } + if (copy_to_user((void *)arg, buf, returned_size) != 0) + ret = -EFAULT; + + out: +- kfree(buf); ++ if (is_vmmdev_req) ++ vbg_req_free(buf, size); ++ else ++ kfree(buf); + + return ret; + } +diff --git a/drivers/virt/vboxguest/vboxguest_utils.c b/drivers/virt/vboxguest/vboxguest_utils.c +index 0f0dab8023cf..bf4474214b4d 100644 +--- a/drivers/virt/vboxguest/vboxguest_utils.c ++++ b/drivers/virt/vboxguest/vboxguest_utils.c +@@ -65,23 +65,32 @@ VBG_LOG(vbg_debug, pr_debug); + void *vbg_req_alloc(size_t len, enum vmmdev_request_type req_type) + { + struct vmmdev_request_header *req; ++ int order = get_order(PAGE_ALIGN(len)); + +- req = kmalloc(len, GFP_KERNEL | __GFP_DMA32); ++ req = (void *)__get_free_pages(GFP_KERNEL | GFP_DMA32, order); + if (!req) + return NULL; + + memset(req, 0xaa, len); + + req->size = len; + req->version = VMMDEV_REQUEST_HEADER_VERSION; + req->request_type = req_type; + req->rc = VERR_GENERAL_FAILURE; + req->reserved1 = 0; + req->reserved2 = 0; + + return req; + } + ++void vbg_req_free(void *req, size_t len) ++{ ++ if (!req) ++ return; ++ ++ free_pages((unsigned long)req, get_order(PAGE_ALIGN(len))); ++} ++ + /* Note this function returns a VBox status code, not a negative errno!! */ + int vbg_req_perform(struct vbg_dev *gdev, void *req) + { +@@ -137,7 +146,7 @@ int vbg_hgcm_connect(struct vbg_dev *gdev, + rc = hgcm_connect->header.result; + } + +- kfree(hgcm_connect); ++ vbg_req_free(hgcm_connect, sizeof(*hgcm_connect)); + + *vbox_status = rc; + return 0; +@@ -166,7 +175,7 @@ int vbg_hgcm_disconnect(struct vbg_dev *gdev, u32 client_id, int *vbox_status) + if (rc >= 0) + rc = hgcm_disconnect->header.result; + +- kfree(hgcm_disconnect); ++ vbg_req_free(hgcm_disconnect, sizeof(*hgcm_disconnect)); + + *vbox_status = rc; + return 0; +@@ -623,7 +632,7 @@ int vbg_hgcm_call(struct vbg_dev *gdev, u32 client_id, u32 function, + } + + if (!leak_it) +- kfree(call); ++ vbg_req_free(call, size); + + free_bounce_bufs: + if (bounce_bufs) { +diff --git a/include/linux/vbox_utils.h b/include/linux/vbox_utils.h +index c71def6b310f..a240ed2a0372 100644 +--- a/include/linux/vbox_utils.h ++++ b/include/linux/vbox_utils.h +@@ -24,39 +24,16 @@ __printf(1, 2) void vbg_debug(const char *fmt, ...); + #define vbg_debug pr_debug + #endif + +-/** +- * Allocate memory for generic request and initialize the request header. +- * +- * Return: the allocated memory +- * @len: Size of memory block required for the request. +- * @req_type: The generic request type. +- */ +-void *vbg_req_alloc(size_t len, enum vmmdev_request_type req_type); +- +-/** +- * Perform a generic request. +- * +- * Return: VBox status code +- * @gdev: The Guest extension device. +- * @req: Pointer to the request structure. +- */ +-int vbg_req_perform(struct vbg_dev *gdev, void *req); +- + int vbg_hgcm_connect(struct vbg_dev *gdev, + struct vmmdev_hgcm_service_location *loc, + u32 *client_id, int *vbox_status); + + int vbg_hgcm_disconnect(struct vbg_dev *gdev, u32 client_id, int *vbox_status); + + int vbg_hgcm_call(struct vbg_dev *gdev, u32 client_id, u32 function, + u32 timeout_ms, struct vmmdev_hgcm_function_parameter *parms, + u32 parm_count, int *vbox_status); + +-int vbg_hgcm_call32( +- struct vbg_dev *gdev, u32 client_id, u32 function, u32 timeout_ms, +- struct vmmdev_hgcm_function_parameter32 *parm32, u32 parm_count, +- int *vbox_status); +- + /** + * Convert a VirtualBox status code to a standard Linux kernel return value. + * Return: 0 or negative errno value. +-- +2.17.0 + diff --git a/libre/linux-libre-hardened/net-aquantia-Regression-on-reset-with-1.x-firmware.patch b/libre/linux-libre-hardened/net-aquantia-Regression-on-reset-with-1.x-firmware.patch new file mode 100644 index 000000000..7dda10abf --- /dev/null +++ b/libre/linux-libre-hardened/net-aquantia-Regression-on-reset-with-1.x-firmware.patch @@ -0,0 +1,68 @@ +From: Igor Russkikh +Date: Wed, 11 Apr 2018 15:23:24 +0300 +Subject: net: aquantia: Regression on reset with 1.x firmware + +On ASUS XG-C100C with 1.5.44 firmware a special mode called "dirty wake" +is active. With this mode when motherboard gets powered (but no poweron +happens yet), NIC automatically enables powersave link and watches +for WOL packet. +This normally allows to powerup the PC after AC power failures. + +Not all motherboards or bios settings gives power to PCI slots, +so this mode is not enabled on all the hardware. + +4.16 linux driver introduced full hardware reset sequence +This is required since before that we had no NIC hardware +reset implemented and there were side effects of "not clean start". + +But this full reset is incompatible with "dirty wake" WOL feature +it keeps the PHY link in a special mode forever. As a consequence, +driver sees no link and no traffic. + +To fix this we forcibly change FW state to idle state before doing +the full reset. This makes FW to restore link state. + +Fixes: c8c82eb net: aquantia: Introduce global AQC hardware reset sequence +Signed-off-by: Igor Russkikh +Signed-off-by: David S. Miller +--- + .../aquantia/atlantic/hw_atl/hw_atl_utils.c | 16 ++++++++++++++++ + 1 file changed, 16 insertions(+) + +diff --git a/drivers/net/ethernet/aquantia/atlantic/hw_atl/hw_atl_utils.c b/drivers/net/ethernet/aquantia/atlantic/hw_atl/hw_atl_utils.c +index d3b847ec7465..c58b2c227260 100644 +--- a/drivers/net/ethernet/aquantia/atlantic/hw_atl/hw_atl_utils.c ++++ b/drivers/net/ethernet/aquantia/atlantic/hw_atl/hw_atl_utils.c +@@ -48,6 +48,8 @@ + #define FORCE_FLASHLESS 0 + + static int hw_atl_utils_ver_match(u32 ver_expected, u32 ver_actual); ++static int hw_atl_utils_mpi_set_state(struct aq_hw_s *self, ++ enum hal_atl_utils_fw_state_e state); + + int hw_atl_utils_initfw(struct aq_hw_s *self, const struct aq_fw_ops **fw_ops) + { +@@ -247,6 +249,20 @@ int hw_atl_utils_soft_reset(struct aq_hw_s *self) + + self->rbl_enabled = (boot_exit_code != 0); + ++ /* FW 1.x may bootup in an invalid POWER state (WOL feature). ++ * We should work around this by forcing its state back to DEINIT ++ */ ++ if (!hw_atl_utils_ver_match(HW_ATL_FW_VER_1X, ++ aq_hw_read_reg(self, ++ HW_ATL_MPI_FW_VERSION))) { ++ int err = 0; ++ ++ hw_atl_utils_mpi_set_state(self, MPI_DEINIT); ++ AQ_HW_WAIT_FOR((aq_hw_read_reg(self, HW_ATL_MPI_STATE_ADR) & ++ HW_ATL_MPI_STATE_MSK) == MPI_DEINIT, ++ 10, 1000U); ++ } ++ + if (self->rbl_enabled) + return hw_atl_utils_soft_reset_rbl(self); + else +-- +2.17.0 + diff --git a/libre/linux-libre-hardened/partially-revert-swiotlb-remove-various-exports.patch b/libre/linux-libre-hardened/partially-revert-swiotlb-remove-various-exports.patch new file mode 100644 index 000000000..3a0913527 --- /dev/null +++ b/libre/linux-libre-hardened/partially-revert-swiotlb-remove-various-exports.patch @@ -0,0 +1,26 @@ +From be536681bd2439bf8e95df124fa282cf4a2e7846 Mon Sep 17 00:00:00 2001 +From: "Jan Alexander Steffens (heftig)" +Date: Fri, 6 Apr 2018 16:19:38 +0200 +Subject: [PATCH 3/5] Partially revert "swiotlb: remove various exports" + +This partially reverts commit 4bd89ed39b2ab8dc4ac4b6c59b07d420b0213bec. +The proprietary NVIDIA driver needs one of the exports. +--- + lib/swiotlb.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/lib/swiotlb.c b/lib/swiotlb.c +index 44f7eb408fdb..0bb1bb65ad6b 100644 +--- a/lib/swiotlb.c ++++ b/lib/swiotlb.c +@@ -1016,6 +1016,7 @@ swiotlb_map_sg_attrs(struct device *hwdev, struct scatterlist *sgl, int nelems, + } + return nelems; + } ++EXPORT_SYMBOL(swiotlb_map_sg_attrs); + + /* + * Unmap a set of streaming mode DMA translations. Again, cpu read rules +-- +2.17.0 + -- cgit v1.2.3