KVM_GET_SUPPORTED_CPUID should reflect these host CPUID bits. The bits
are already cached in word 12. Give the bits X86_FEATURE names, so
that they can be easily referenced. Hide these bits from
/proc/cpuinfo, since the host kernel makes no use of them at present.
Signed-off-by: Jim Mattson <email address hidden>
Reviewed-by: Sean Christopherson <email address hidden>
Link: https://<email address hidden>
Signed-off-by: Sean Christopherson <email address hidden>
(cherry picked from commit f8df91e73a6827a4569bb56cd53e55b4ea2f5b1f)
Signed-off-by: Michael Reed <email address hidden>
Acked-by: Tim Gardner <email address hidden>
Acked-by: Manuel Diewald <email address hidden>
Signed-off-by: Roxana Nicolescu <email address hidden>
1379331...
by
Linus Torvalds <email address hidden>
x86: don't use REP_GOOD or ERMS for small memory clearing
The modern target to use is FSRS (Fast Short REP STOS), and the other
cases should only be used for bigger areas (ie mainly things like page
clearing).
Signed-off-by: Linus Torvalds <email address hidden>
(cherry picked from commit 20f3337d350c4e1b4ac66d731fd4e98565bf6cc0)
Signed-off-by: Michael Reed <email address hidden>
Acked-by: Tim Gardner <email address hidden>
Acked-by: Manuel Diewald <email address hidden>
Signed-off-by: Roxana Nicolescu <email address hidden>
This reverts commit 40613da52b13fb21c5566f10b287e0ca8c12c4e9 and the
subsequent fix to it:
cc22522fd55e ("PCI: acpiphp: Use pci_assign_unassigned_bridge_resources() only for non-root bus")
40613da52b13 fixed a problem where hot-adding a device with large BARs
failed if the bridge windows programmed by firmware were not large enough.
cc22522fd55e ("PCI: acpiphp: Use pci_assign_unassigned_bridge_resources()
only for non-root bus") fixed a problem with 40613da52b13: an ACPI hot-add
of a device on a PCI root bus (common in the virt world) or firmware
sending ACPI Bus Check to non-existent Root Ports (e.g., on Dell Inspiron
7352/0W6WV0) caused a NULL pointer dereference and suspend/resume hangs.
Unfortunately the combination of 40613da52b13 and cc22522fd55e caused other
problems:
- Fiona reported that hot-add of SCSI disks in QEMU virtual machine fails
sometimes.
- Dongli reported a similar problem with hot-add of SCSI disks.
- Jonathan reported a console freeze during boot on bare metal due to an
error in radeon GPU initialization.
Revert both patches to avoid adding these problems. This means we will
again see the problems with hot-adding devices with large BARs and the NULL
pointer dereferences and suspend/resume issues that 40613da52b13 and
cc22522fd55e were intended to fix.
Fixes: 40613da52b13 ("PCI: acpiphp: Reassign resources on bridge if necessary")
Fixes: cc22522fd55e ("PCI: acpiphp: Use pci_assign_unassigned_bridge_resources() only for non-root bus")
Reported-by: Fiona Ebner <email address hidden>
Closes: https://<email address hidden>
Reported-by: Dongli Zhang <email address hidden>
Closes: https://<email address hidden>
Reported-by: Jonathan Woithe <email address hidden>
Closes: https://<email address hidden>
Signed-off-by: Bjorn Helgaas <email address hidden>
Acked-by: Michael S. Tsirkin <email address hidden>
Acked-by: Igor Mammedov <email address hidden>
Cc: <email address hidden>
(cherry picked from commit 5df12742b7e3aae2594a30a9d14d5d6e9e7699f4)
Signed-off-by: Chengen Du <email address hidden>
Acked-by: Tim Gardner <email address hidden>
Acked-by: Manuel Diewald <email address hidden>
Signed-off-by: Roxana Nicolescu <email address hidden>
7c60097...
by
Pablo Neira Ayuso <email address hidden>
netfilter: nf_tables: bail out on mismatching dynset and set expressions
If dynset expressions provided by userspace is larger than the declared
set expressions, then bail out.
Fixes: 48b0ae046ee9 ("netfilter: nftables: netlink support for several set element expressions")
Reported-by: Xingyuan Mo <email address hidden>
Signed-off-by: Pablo Neira Ayuso <email address hidden>
(cherry picked from commit 3701cd390fd731ee7ae8b8006246c8db82c72bea)
CVE-2023-6622
Signed-off-by: Yuxuan Luo <email address hidden>
Acked-by: Roxana Nicolescu <email address hidden>
Acked-by: Manuel Diewald <email address hidden>
Signed-off-by: Roxana Nicolescu <email address hidden>
61de6f3...
by
Pablo Neira Ayuso <email address hidden>
netfilter: nf_tables: remove catchall element in GC sync path
The expired catchall element is not deactivated and removed from GC sync
path. This path holds mutex so just call nft_setelem_data_deactivate()
and nft_setelem_catchall_remove() before queueing the GC work.
Fixes: 4a9e12ea7e70 ("netfilter: nft_set_pipapo: call nft_trans_gc_queue_sync() in catchall GC")
Reported-by: lonial con <email address hidden>
Signed-off-by: Pablo Neira Ayuso <email address hidden>
(backported from commit 93995bf4af2c5a99e2a87f0cd5ce547d31eb7630)
[yuxuan.luo: the prerequisite commit 0e1ea651c971 ("netfilter:
nf_tables: shrink memory consumption of set elements") can be ignored
by keeping nft_set_elem struct type and substitute nft_elem_priv
variables with old elem->priv.
]
CVE-2023-6111
Signed-off-by: Yuxuan Luo <email address hidden>
Signed-off-by: Thadeu Lima de Souza Cascardo <email address hidden>
Acked-by: Roxana Nicolescu <email address hidden>
Acked-by: Manuel Diewald <email address hidden>
Signed-off-by: Roxana Nicolescu <email address hidden>
1e3b4a8...
by
Pablo Neira Ayuso <email address hidden>
netfilter: nf_tables: skip set commit for deleted/destroyed sets
NFT_MSG_DELSET deactivates all elements in the set, skip
set->ops->commit() to avoid the unnecessary clone (for the pipapo case)
as well as the sync GC cycle, which could deactivate again expired
elements in such set.
Fixes: 5f68718b34a5 ("netfilter: nf_tables: GC transaction API to avoid race with control plane")
Reported-by: Kevin Rich <email address hidden>
Signed-off-by: Pablo Neira Ayuso <email address hidden>
(cherry picked from commit 7315dc1e122c85ffdfc8defffbb8f8b616c2eb1a netfilter/nf.git)
CVE-2024-0193
Signed-off-by: Thadeu Lima de Souza Cascardo <email address hidden>
Acked-by: Roxana Nicolescu <email address hidden>
Acked-by: Manuel Diewald <email address hidden>
Signed-off-by: Roxana Nicolescu <email address hidden>
