Update kernel to v5.10.198
This commit updates kernel to v5.10.198 to fix following CVE issues: 1.CVE-2023-4244: https://nvd.nist.gov/vuln/detail/CVE-2023-4244 2.CVE-2023-31085: https://nvd.nist.gov/vuln/detail/CVE-2023-31085 3.CVE-2023-45871: https://nvd.nist.gov/vuln/detail/CVE-2023-45871 4.CVE-2023-5197: https://nvd.nist.gov/vuln/detail/CVE-2023-5197 5.CVE-2023-39194: https://nvd.nist.gov/vuln/detail/CVE-2023-39194 6.CVE-2023-39192: https://nvd.nist.gov/vuln/detail/CVE-2023-39192 7.CVE-2023-39193: https://nvd.nist.gov/vuln/detail/CVE-2023-39193 8.CVE-2023-42756: https://nvd.nist.gov/vuln/detail/CVE-2023-42756 9.CVE-2023-42754: https://nvd.nist.gov/vuln/detail/CVE-2023-42754 10.CVE-2023-39189: https://nvd.nist.gov/vuln/detail/CVE-2023-39189 11.CVE-2023-31084: https://nvd.nist.gov/vuln/detail/CVE-2023-31084 12.CVE-2023-3389: https://nvd.nist.gov/vuln/detail/CVE-2023-3389 13.CVE-2022-45884: https://nvd.nist.gov/vuln/detail/CVE-2022-45884 14.CVE-2023-42755: https://nvd.nist.gov/vuln/detail/CVE-2023-42755 15.CVE-2023-42752: https://nvd.nist.gov/vuln/detail/CVE-2023-42752 16.CVE-2023-4622: https://nvd.nist.gov/vuln/detail/CVE-2023-4622 17.CVE-2023-37453: https://nvd.nist.gov/vuln/detail/CVE-2023-37453 18.CVE-2023-42753: https://nvd.nist.gov/vuln/detail/CVE-2023-42753 19.CVE-2023-4623: https://nvd.nist.gov/vuln/detail/CVE-2023-4623 20.CVE-2023-4921: https://nvd.nist.gov/vuln/detail/CVE-2023-4921 One of our source patches requires refresh against the new kernel source.It was deleted for content has been contained in the new kernel: 0072-kernel-fork-beware-of-__put_task_struct-calling-cont.patch. Under PREEMPT_RT, when kernel is upgraded to v5.10.198, raw_write_seqcount_t_begin function is still used by qdisc_run_begin function in include/net/sch_generic.h. While raw_write_seqcount_t_begin function is replaced by do_raw_write_seqcount_begin in include/linux/seqlock.h whose commit is a8dd21118b0f. Commit ID Title a8dd21118b0f seqlock: Prefix internal seqcount_t-only macros with a "do_" To fix implicit declaration of function raw_write_seqcount_t_begin, replace it with do_raw_write_seqcount_begin in the following patch: 0083-net-replace-raw_write_seqcount_t_begin-by-do_raw_wri.patch Verification: - Build kernel and out of tree modules success for rt and std. - Build iso success for rt and std. - Install success onto a AIO-DX lab with rt kernel. - Boot up successfully in the lab. - The sanity testing was done by our test team and no regression defect was found. - The cyclictest benchmark was also run on the starlingx lab, the result is "samples: 259200000 avg: 1610 max: 4658 99.9999th percentile: 2403 overflows: 0", It is not big difference with 5.10.192 for avg and percentile. Closes-Bug: 2038710 Change-Id: I7ed77309e83d4edd39623452c9348488f8db1523 Signed-off-by: Peng Zhang <Peng.Zhang2@windriver.com>
This commit is contained in:
parent
134d5d2fbd
commit
88eaffd00c
|
@ -0,0 +1,30 @@
|
|||
From db57ba772644f9b5ea9a14030b93bacb50a3c9c6 Mon Sep 17 00:00:00 2001
|
||||
From: Peng Zhang <Peng.Zhang2@windriver.com>
|
||||
Date: Mon, 16 Oct 2023 13:32:58 +0000
|
||||
Subject: [PATCH] Upgrade 5.10 kernel to 5.10.198
|
||||
|
||||
Update debian/changelog.
|
||||
|
||||
Signed-off-by: Peng Zhang <Peng.Zhang2@windriver.com>
|
||||
---
|
||||
debian/changelog | 7 +++++++
|
||||
1 file changed, 7 insertions(+)
|
||||
|
||||
diff --git a/debian/changelog b/debian/changelog
|
||||
index d47fe99e5..9647c7d4c 100644
|
||||
--- a/debian/changelog
|
||||
+++ b/debian/changelog
|
||||
@@ -1,3 +1,10 @@
|
||||
+linux-rt (5.10.198-1) unstable; urgency=medium
|
||||
+
|
||||
+ * New upstream update:
|
||||
+ https://git.yoctoproject.org/linux-yocto/log/?h=v5.10%2Fstandard%2Fpreempt-rt%2Fbase&qt=range&q=2da7024055c1fb827608ef2529c22356612f6ddd
|
||||
+
|
||||
+ -- Peng Zhang <Peng.Zhang2@windriver.com> Mon, 16 Oct 2023 13:21:32 +0000
|
||||
+
|
||||
linux-rt (5.10.192-1) unstable; urgency=medium
|
||||
|
||||
* New upstream update:
|
||||
--
|
||||
2.30.2
|
||||
|
|
@ -30,3 +30,4 @@
|
|||
0030-Upgrade-5.10-kernel-to-5.10.189.patch
|
||||
0031-kernel-rt-Add-pkgs-without-abiname-for-image-headers.patch
|
||||
0032-Upgrade-5.10-kernel-to-5.10.192.patch
|
||||
0033-Upgrade-5.10-kernel-to-5.10.198.patch
|
||||
|
|
|
@ -24,7 +24,7 @@
|
|||
# building.
|
||||
# Tools needed: tar/sed
|
||||
|
||||
KERNEL_HEAD_COMMIT=b56fef81989515b6107c389373158235efa26138
|
||||
KERNEL_HEAD_COMMIT=2da7024055c1fb827608ef2529c22356612f6ddd
|
||||
DEBIAN_FILE=linux_5.10.28-1.debian.tar.xz
|
||||
|
||||
tar xvf linux-yocto-${KERNEL_HEAD_COMMIT}.tar.gz
|
||||
|
|
|
@ -1,14 +1,14 @@
|
|||
---
|
||||
debver: 5.10.192
|
||||
debver: 5.10.198
|
||||
debname: linux-rt
|
||||
dl_hook: dl_hook
|
||||
dl_files:
|
||||
linux-yocto-b56fef81989515b6107c389373158235efa26138.tar.gz:
|
||||
linux-yocto-2da7024055c1fb827608ef2529c22356612f6ddd.tar.gz:
|
||||
topdir: null
|
||||
url:
|
||||
"https://git.yoctoproject.org/linux-yocto/snapshot/\
|
||||
linux-yocto-b56fef81989515b6107c389373158235efa26138.tar.gz"
|
||||
sha256sum: a43824687fb466e50f34c91bb86b7e9cb7ac9c2017128be205b3fbb64339d9fd
|
||||
linux-yocto-2da7024055c1fb827608ef2529c22356612f6ddd.tar.gz"
|
||||
sha256sum: d2557d9bae9e89adf3f0bd0a23d878a915c593a8e6a3e536fbe87b2efee51915
|
||||
linux_5.10.28-1.debian.tar.xz:
|
||||
topdir: null
|
||||
url:
|
||||
|
|
|
@ -1,126 +0,0 @@
|
|||
From 1aafe836ca8f801c0d9b6577ea9d5f598cec13f1 Mon Sep 17 00:00:00 2001
|
||||
From: Wander Lairson Costa <wander@redhat.com>
|
||||
Date: Wed, 14 Jun 2023 09:23:21 -0300
|
||||
Subject: [PATCH 69/74] kernel/fork: beware of __put_task_struct() calling
|
||||
context
|
||||
|
||||
Under PREEMPT_RT, __put_task_struct() indirectly acquires sleeping
|
||||
locks. Therefore, it can't be called from an non-preemptible context.
|
||||
|
||||
One practical example is splat inside inactive_task_timer(), which is
|
||||
called in a interrupt context:
|
||||
|
||||
CPU: 1 PID: 2848 Comm: life Kdump: loaded Tainted: G W ---------
|
||||
Hardware name: HP ProLiant DL388p Gen8, BIOS P70 07/15/2012
|
||||
Call Trace:
|
||||
dump_stack_lvl+0x57/0x7d
|
||||
mark_lock_irq.cold+0x33/0xba
|
||||
mark_lock+0x1e7/0x400
|
||||
mark_usage+0x11d/0x140
|
||||
__lock_acquire+0x30d/0x930
|
||||
lock_acquire.part.0+0x9c/0x210
|
||||
rt_spin_lock+0x27/0xe0
|
||||
refill_obj_stock+0x3d/0x3a0
|
||||
kmem_cache_free+0x357/0x560
|
||||
inactive_task_timer+0x1ad/0x340
|
||||
__run_hrtimer+0x8a/0x1a0
|
||||
__hrtimer_run_queues+0x91/0x130
|
||||
hrtimer_interrupt+0x10f/0x220
|
||||
__sysvec_apic_timer_interrupt+0x7b/0xd0
|
||||
sysvec_apic_timer_interrupt+0x4f/0xd0
|
||||
asm_sysvec_apic_timer_interrupt+0x12/0x20
|
||||
RIP: 0033:0x7fff196bf6f5
|
||||
|
||||
Instead of calling __put_task_struct() directly, we defer it using
|
||||
call_rcu(). A more natural approach would use a workqueue, but since
|
||||
in PREEMPT_RT, we can't allocate dynamic memory from atomic context,
|
||||
the code would become more complex because we would need to put the
|
||||
work_struct instance in the task_struct and initialize it when we
|
||||
allocate a new task_struct.
|
||||
|
||||
The issue is reproducible with stress-ng:
|
||||
|
||||
while true; do
|
||||
stress-ng --sched deadline --sched-period 1000000000 \
|
||||
--sched-runtime 800000000 --sched-deadline \
|
||||
1000000000 --mmapfork 23 -t 20
|
||||
done
|
||||
|
||||
Reported-by: Hu Chunyu <chuhu@redhat.com>
|
||||
Suggested-by: Oleg Nesterov <oleg@redhat.com>
|
||||
Suggested-by: Valentin Schneider <vschneid@redhat.com>
|
||||
Suggested-by: Peter Zijlstra <peterz@infradead.org>
|
||||
Signed-off-by: Wander Lairson Costa <wander@redhat.com>
|
||||
Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
|
||||
Link: https://lore.kernel.org/r/20230614122323.37957-2-wander@redhat.com
|
||||
(cherry picked from https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/commit/?id=d243b34459cea30cfe5f3a9b2feb44e7daff9938)
|
||||
Signed-off-by: Jiping Ma <jiping.ma2@windriver.com>
|
||||
---
|
||||
include/linux/sched/task.h | 28 +++++++++++++++++++++++++++-
|
||||
kernel/fork.c | 8 ++++++++
|
||||
2 files changed, 35 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/include/linux/sched/task.h b/include/linux/sched/task.h
|
||||
index 2832cc6be062..0485fc77edb8 100644
|
||||
--- a/include/linux/sched/task.h
|
||||
+++ b/include/linux/sched/task.h
|
||||
@@ -110,10 +110,36 @@ static inline struct task_struct *get_task_struct(struct task_struct *t)
|
||||
}
|
||||
|
||||
extern void __put_task_struct(struct task_struct *t);
|
||||
+extern void __put_task_struct_rcu_cb(struct rcu_head *rhp);
|
||||
|
||||
static inline void put_task_struct(struct task_struct *t)
|
||||
{
|
||||
- if (refcount_dec_and_test(&t->usage))
|
||||
+ if (!refcount_dec_and_test(&t->usage))
|
||||
+ return;
|
||||
+
|
||||
+ /*
|
||||
+ * under PREEMPT_RT, we can't call put_task_struct
|
||||
+ * in atomic context because it will indirectly
|
||||
+ * acquire sleeping locks.
|
||||
+ *
|
||||
+ * call_rcu() will schedule delayed_put_task_struct_rcu()
|
||||
+ * to be called in process context.
|
||||
+ *
|
||||
+ * __put_task_struct() is called when
|
||||
+ * refcount_dec_and_test(&t->usage) succeeds.
|
||||
+ *
|
||||
+ * This means that it can't "conflict" with
|
||||
+ * put_task_struct_rcu_user() which abuses ->rcu the same
|
||||
+ * way; rcu_users has a reference so task->usage can't be
|
||||
+ * zero after rcu_users 1 -> 0 transition.
|
||||
+ *
|
||||
+ * delayed_free_task() also uses ->rcu, but it is only called
|
||||
+ * when it fails to fork a process. Therefore, there is no
|
||||
+ * way it can conflict with put_task_struct().
|
||||
+ */
|
||||
+ if (IS_ENABLED(CONFIG_PREEMPT_RT) && !preemptible())
|
||||
+ call_rcu(&t->rcu, __put_task_struct_rcu_cb);
|
||||
+ else
|
||||
__put_task_struct(t);
|
||||
}
|
||||
|
||||
diff --git a/kernel/fork.c b/kernel/fork.c
|
||||
index ffbfef082b3e..a315080180b4 100644
|
||||
--- a/kernel/fork.c
|
||||
+++ b/kernel/fork.c
|
||||
@@ -768,6 +768,14 @@ void __put_task_struct(struct task_struct *tsk)
|
||||
}
|
||||
EXPORT_SYMBOL_GPL(__put_task_struct);
|
||||
|
||||
+void __put_task_struct_rcu_cb(struct rcu_head *rhp)
|
||||
+{
|
||||
+ struct task_struct *task = container_of(rhp, struct task_struct, rcu);
|
||||
+
|
||||
+ __put_task_struct(task);
|
||||
+}
|
||||
+EXPORT_SYMBOL_GPL(__put_task_struct_rcu_cb);
|
||||
+
|
||||
void __init __weak arch_task_cache_init(void) { }
|
||||
|
||||
/*
|
||||
--
|
||||
2.40.0
|
||||
|
|
@ -0,0 +1,40 @@
|
|||
From 2dccf008aa6513cfd0c437e844bc8c854165cc9f Mon Sep 17 00:00:00 2001
|
||||
From: "Luis Claudio R. Goncalves" <lgoncalv@redhat.com>
|
||||
Date: Thu, 26 Oct 2023 16:28:30 +0800
|
||||
Subject: [PATCH] net: replace raw_write_seqcount_t_begin by
|
||||
do_raw_write_seqcount_begin
|
||||
|
||||
commit 3b5b679fc12ca9aa310862d5f0a6e23d6151c6a4 linux-stable-rt v5.10-rt-next
|
||||
|
||||
Commit a8dd21118b0fa ("seqlock: Prefix internal seqcount_t-only macros with a
|
||||
"do_""), among other changes, renames the function raw_write_seqcount_t_begin
|
||||
to do_raw_write_seqcount_begin. That commit did not cover the changes from
|
||||
the RT-only commit 81ce24cd24a9e ("net: Properly annotate the try-lock for the
|
||||
seqlock"), which are fixed here.
|
||||
|
||||
Fixes: 81ce24cd24a9e ("net: Properly annotate the try-lock for the seqlock")
|
||||
Signed-off-by: Luis Claudio R. Goncalves <lgoncalv@redhat.com>
|
||||
Signed-off-by: Li Wang <li.wang@windriver.com>
|
||||
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||||
(cherry picked from commit 2dccf008aa6513cfd0c437e844bc8c854165cc9f)
|
||||
Signed-off-by: Peng Zhang <Peng.Zhang2@windriver.com>
|
||||
---
|
||||
include/net/sch_generic.h | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/include/net/sch_generic.h b/include/net/sch_generic.h
|
||||
index 72be68652bb8..eee11a1c9321 100644
|
||||
--- a/include/net/sch_generic.h
|
||||
+++ b/include/net/sch_generic.h
|
||||
@@ -195,7 +195,7 @@ static inline bool qdisc_run_begin(struct Qdisc *qdisc)
|
||||
* Variant of write_seqcount_t_begin() telling lockdep that a
|
||||
* trylock was attempted.
|
||||
*/
|
||||
- raw_write_seqcount_t_begin(s);
|
||||
+ do_raw_write_seqcount_begin(s);
|
||||
seqcount_acquire(&s->dep_map, 0, 1, _RET_IP_);
|
||||
return true;
|
||||
}
|
||||
--
|
||||
2.34.1
|
||||
|
|
@ -66,7 +66,6 @@
|
|||
0069-perf-x86-rapl-Only-check-lower-32bits-for-RAPL-energ.patch
|
||||
0070-perf-x86-rapl-Fix-psys-energy-event-on-Intel-SPR-pla.patch
|
||||
0071-perf-x86-rapl-Use-standard-Energy-Unit-for-SPR-Dram-.patch
|
||||
0072-kernel-fork-beware-of-__put_task_struct-calling-cont.patch
|
||||
0073-sched-avoid-false-lockdep-splat-in-put_task_struct.patch
|
||||
0074-locking-lockdep-Add-a-skip-function-to-__bfs.patch
|
||||
0075-locking-lockdep-Clean-up-check_redundant-a-bit.patch
|
||||
|
@ -77,3 +76,4 @@
|
|||
0080-perf-core-Fix-perf_cgroup_switch.patch
|
||||
0081-perf-core-Always-set-cpuctx-cgrp-when-enable-cgroup-.patch
|
||||
0082-Add-the-pci-reboot-quirk-in-DMI-table-for-Dell-Power.patch
|
||||
0083-net-replace-raw_write_seqcount_t_begin-by-do_raw_wri.patch
|
||||
|
|
|
@ -0,0 +1,30 @@
|
|||
From 5f955e3ab170e1b16bc7055bb30790b9948a319a Mon Sep 17 00:00:00 2001
|
||||
From: Peng Zhang <Peng.Zhang2@windriver.com>
|
||||
Date: Wed, 18 Oct 2023 08:40:44 +0000
|
||||
Subject: [PATCH] Upgrade 5.10 kernel to 5.10.198
|
||||
|
||||
Update debian/changelog.
|
||||
|
||||
Signed-off-by: Peng Zhang <Peng.Zhang2@windriver.com>
|
||||
---
|
||||
debian/changelog | 7 +++++++
|
||||
1 file changed, 7 insertions(+)
|
||||
|
||||
diff --git a/debian/changelog b/debian/changelog
|
||||
index a1f54166b..ab68b1363 100644
|
||||
--- a/debian/changelog
|
||||
+++ b/debian/changelog
|
||||
@@ -1,3 +1,10 @@
|
||||
+linux (5.10.198-1) unstable; urgency=medium
|
||||
+
|
||||
+ * New upstream update:
|
||||
+ https://git.yoctoproject.org/linux-yocto/log/?h=v5.10%2Fstandard%2Fbase&qt=range&q=5601201f60a8abb5bbb54da99da2a38bfb7a46dd
|
||||
+
|
||||
+ -- Peng Zhang <Peng.Zhang2@windriver.com> Wed, 18 Oct 2023 08:33:53 +0000
|
||||
+
|
||||
linux (5.10.192-1) unstable; urgency=medium
|
||||
|
||||
* New upstream update:
|
||||
--
|
||||
2.30.2
|
||||
|
|
@ -29,3 +29,4 @@
|
|||
0029-Upgrade-5.10-kernel-to-5.10.189.patch
|
||||
0030-kernel-std-Add-pkgs-without-abiname-for-image-header.patch
|
||||
0031-Upgrade-5.10-kernel-to-5.10.192.patch
|
||||
0032-Upgrade-5.10-kernel-to-5.10.198.patch
|
||||
|
|
|
@ -5,7 +5,7 @@
|
|||
# be put at the same path where this script is located.
|
||||
# Tools needed: tar
|
||||
|
||||
KERNEL_HEAD_COMMIT=11b247211e00c610587b27a762e4814f56723958
|
||||
KERNEL_HEAD_COMMIT=5601201f60a8abb5bbb54da99da2a38bfb7a46dd
|
||||
DEBIAN_FILE=linux_5.10.28-1.debian.tar.xz
|
||||
|
||||
tar xvf linux-yocto-${KERNEL_HEAD_COMMIT}.tar.gz
|
||||
|
|
|
@ -1,14 +1,14 @@
|
|||
---
|
||||
debver: 5.10.192
|
||||
debver: 5.10.198
|
||||
debname: linux
|
||||
dl_hook: dl_hook
|
||||
dl_files:
|
||||
linux-yocto-11b247211e00c610587b27a762e4814f56723958.tar.gz:
|
||||
linux-yocto-5601201f60a8abb5bbb54da99da2a38bfb7a46dd.tar.gz:
|
||||
topdir: null
|
||||
url:
|
||||
"https://git.yoctoproject.org/linux-yocto/snapshot/\
|
||||
linux-yocto-11b247211e00c610587b27a762e4814f56723958.tar.gz"
|
||||
sha256sum: dc858342d077ea172a87c7c0b31c20a5284cf63807527b3cc5a49c2f6bfe981a
|
||||
linux-yocto-5601201f60a8abb5bbb54da99da2a38bfb7a46dd.tar.gz"
|
||||
sha256sum: 52bab1d9080ca0389388dd522f03a0572ff69f8acee6ecf7f739386c4e2eddcd
|
||||
linux_5.10.28-1.debian.tar.xz:
|
||||
topdir: null
|
||||
url:
|
||||
|
|
Loading…
Reference in New Issue