There are no .bootstrap or .ResetVector.text sections linked to the
vmlinux image, drop these sections from vmlinux.ld.S. Drop
RESET_VECTOR_VADDR definition only used for .ResetVector.text.
Drop remapped copies of primary and secondary reset vectors, as modern
gdb don't have problems stepping through instructions at arbitrary
locations. Drop corresponding sections from the corresponding linker
scripts.
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
There are multiple factors adding to the issue in different
configurations:
- commit 17290231df ("xtensa: add fixup for double exception raised
in window overflow") added function window_overflow_restore_a0_fixup to
double exception vector overlapping reset vector location of secondary
processor cores.
- on MMUv2 cores RESET_VECTOR1_VADDR may point to uncached kernel memory
making code overlapping depend on cache type and size, so that without
cache or with WT cache reset vector code overwrites double exception
code, making issue even harder to detect.
- on MMUv3 cores RESET_VECTOR1_VADDR may point to unmapped area, as
MMUv3 cores change virtual address map to match MMUv2 layout, but
reset vector virtual address is given for the original MMUv3 mapping.
- physical memory region of the secondary reset vector is not reserved
in the physical memory map, and thus may be allocated and overwritten
at arbitrary moment.
Fix it as follows:
- move window_overflow_restore_a0_fixup code to .text section.
- define RESET_VECTOR1_VADDR so that it points to reset vector in the
cacheable MMUv2 map for cores with MMU.
- reserve reset vector region in the physical memory map. Drop separate
literal section and build mxhead.S with text section literals.
Cc: <stable@vger.kernel.org>
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
KIO region location is different for noMMU cores. Provide different
default physical address and make KIO virtual address equal to physical.
Move xtensa_get_kio_paddr function close to XCHAL_KIO_PADDR definition
and define it not only for MMUv3, but for all MMU options except MMUv2.
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Build-time fixes:
- make lbeg/lend/lcount save/restore conditional on kernel entry;
- don't clear lcount in platform_restart functions unconditionally.
Run-time fixes:
- use correct end of range register in __endla paired with __loopt, not
the unused temporary register. This fixes .bss zero-initialization.
Update comments in asmmacro.h;
- don't clobber a10 in the usercopy that leads to access to unmapped
memory.
Cc: <stable@vger.kernel.org>
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Revert dff22d2054 ("PCI: Call pci_read_bridge_bases() from core instead
of arch code").
Reading PCI bridge windows is not arch-specific in itself, but there is PCI
core code that doesn't work correctly if we read them too early. For
example, Hannes found this case on an ARM Freescale i.mx6 board:
pci_bus 0000:00: root bus resource [mem 0x01000000-0x01efffff]
pci 0000:00:00.0: PCI bridge to [bus 01-ff]
pci 0000:00:00.0: BAR 8: no space for [mem size 0x01000000] (mem window)
pci 0000:01:00.0: BAR 2: failed to assign [mem size 0x00200000]
pci 0000:01:00.0: BAR 1: failed to assign [mem size 0x00004000]
pci 0000:01:00.0: BAR 0: failed to assign [mem size 0x00000100]
The 00:00.0 mem window needs to be at least 3MB: the 01:00.0 device needs
0x204100 of space, and mem windows are megabyte-aligned.
Bus sizing can increase a bridge window size, but never *decrease* it (see
d65245c329 ("PCI: don't shrink bridge resources")). Prior to
dff22d2054, ARM didn't read bridge windows at all, so the "original size"
was zero, and we assigned a 3MB window.
After dff22d2054, we read the bridge windows before sizing the bus. The
firmware programmed a 16MB window (size 0x01000000) in 00:00.0, and since
we never decrease the size, we kept 16MB even though we only needed 3MB.
But 16MB doesn't fit in the host bridge aperture, so we failed to assign
space for the window and the downstream devices.
I think this is a defect in the PCI core: we shouldn't rely on the firmware
to assign sensible windows.
Ray reported a similar problem, also on ARM, with Broadcom iProc.
Issues like this are too hard to fix right now, so revert dff22d2054.
Reported-by: Hannes <oe5hpm@gmail.com>
Reported-by: Ray Jui <rjui@broadcom.com>
Link: http://lkml.kernel.org/r/CAAa04yFQEUJm7Jj1qMT57-LG7ZGtnhNDBe=PpSRa70Mj+XhW-A@mail.gmail.com
Link: http://lkml.kernel.org/r/55F75BB8.4070405@broadcom.com
Signed-off-by: Bjorn Helgaas <bhelgaas@google.com>
Acked-by: Yinghai Lu <yinghai@kernel.org>
Acked-by: Lorenzo Pieralisi <lorenzo.pieralisi@arm.com>
Pull irq updates from Thomas Gleixner:
"This updated pull request does not contain the last few GIC related
patches which were reported to cause a regression. There is a fix
available, but I let it breed for a couple of days first.
The irq departement provides:
- new infrastructure to support non PCI based MSI interrupts
- a couple of new irq chip drivers
- the usual pile of fixlets and updates to irq chip drivers
- preparatory changes for removal of the irq argument from interrupt
flow handlers
- preparatory changes to remove IRQF_VALID"
* 'irq-core-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: (129 commits)
irqchip/imx-gpcv2: IMX GPCv2 driver for wakeup sources
irqchip: Add bcm2836 interrupt controller for Raspberry Pi 2
irqchip: Add documentation for the bcm2836 interrupt controller
irqchip/bcm2835: Add support for being used as a second level controller
irqchip/bcm2835: Refactor handle_IRQ() calls out of MAKE_HWIRQ
PCI: xilinx: Fix typo in function name
irqchip/gic: Ensure gic_cpu_if_up/down() programs correct GIC instance
irqchip/gic: Only allow the primary GIC to set the CPU map
PCI/MSI: pci-xgene-msi: Consolidate chained IRQ handler install/remove
unicore32/irq: Prepare puv3_gpio_handler for irq argument removal
tile/pci_gx: Prepare trio_handle_level_irq for irq argument removal
m68k/irq: Prepare irq handlers for irq argument removal
C6X/megamode-pic: Prepare megamod_irq_cascade for irq argument removal
blackfin: Prepare irq handlers for irq argument removal
arc/irq: Prepare idu_cascade_isr for irq argument removal
sparc/irq: Use access helper irq_data_get_affinity_mask()
sparc/irq: Use helper irq_data_get_irq_handler_data()
parisc/irq: Use access helper irq_data_get_affinity_mask()
mn10300/irq: Use access helper irq_data_get_affinity_mask()
irqchip/i8259: Prepare i8259_irq_dispatch for irq argument removal
...
Pull timer updates from Thomas Gleixner:
"Rather large, but nothing exiting:
- new range check for settimeofday() to prevent that boot time
becomes negative.
- fix for file time rounding
- a few simplifications of the hrtimer code
- fix for the proc/timerlist code so the output of clock realtime
timers is accurate
- more y2038 work
- tree wide conversion of clockevent drivers to the new callbacks"
* 'timers-core-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: (88 commits)
hrtimer: Handle failure of tick_init_highres() gracefully
hrtimer: Unconfuse switch_hrtimer_base() a bit
hrtimer: Simplify get_target_base() by returning current base
hrtimer: Drop return code of hrtimer_switch_to_hres()
time: Introduce timespec64_to_jiffies()/jiffies_to_timespec64()
time: Introduce current_kernel_time64()
time: Introduce struct itimerspec64
time: Add the common weak version of update_persistent_clock()
time: Always make sure wall_to_monotonic isn't positive
time: Fix nanosecond file time rounding in timespec_trunc()
timer_list: Add the base offset so remaining nsecs are accurate for non monotonic timers
cris/time: Migrate to new 'set-state' interface
kernel: broadcast-hrtimer: Migrate to new 'set-state' interface
xtensa/time: Migrate to new 'set-state' interface
unicore/time: Migrate to new 'set-state' interface
um/time: Migrate to new 'set-state' interface
sparc/time: Migrate to new 'set-state' interface
sh/localtimer: Migrate to new 'set-state' interface
score/time: Migrate to new 'set-state' interface
s390/time: Migrate to new 'set-state' interface
...
Current sed script makes assumptions about the structure of rules that
group .text sections in the vmlinux linker script. These assumptions
get broken occasionally, e.g.: 779c88c94c "ARM: 8321/1: asm-generic:
introduce.text.fixup input section", or 9bebe9e5b0 "kbuild: Fix
.text.unlikely placement".
Rewrite sed rules so that they don't depend on number/arrangement of text
sections in *(...) blocks.
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
In case perf IRQ is the highest of the medium-level IRQs, and is alone
on its level, it may be treated as NMI:
- LOCKLEVEL is defined to be one level less than EXCM level,
- IRQ masking never lowers current IRQ level,
- new fake exception cause code, EXCCAUSE_MAPPED_NMI is assigned to that
IRQ; new second level exception handler, do_nmi, assigned to it
handles it as NMI,
- atomic operations in configurations without s32c1i still need to mask
all interrupts.
Cc: Peter Zijlstra <a.p.zijlstra@chello.nl>
Acked-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
There's no way _switch_to can produce double exceptions now, don't
enter/leave EXC_TABLE_FIXUP critical section.
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
call12 can't be safely used as the first call in the inline function,
because the compiler does not extend the stack frame of the bounding
function accordingly, which may result in corruption of local variables.
If a call needs to be done, do call8 first followed by call12.
For pure assembly code in _switch_to increase stack frame size of the
bounding function.
Cc: stable@vger.kernel.org
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
entry.s only disables IRQs on hardware IRQ, move trace_hardirqs_off call
into do_interrupt. Check actual intlevel that will be restored on return
from exception handler to decide if trace_hardirqs_on should be called.
Annotate IRQ on/off points in the TIF_* handling loop on return from
exception handler.
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Xtensa Performance Monitor Module has up to 8 32 bit wide performance
counters. Each counter may be enabled independently and can count any
single type of hardware performance events. Event counting may be enabled
and disabled globally (per PMM).
Each counter has status register with bits indicating if the counter has
been overflown and may be programmed to raise profiling IRQ on overflow.
This IRQ is used to rewind counters and allow for counting more than 2^32
samples for counting events and to report samples for sampling events.
For more details see Tensilica Debug User's Guide, chapter 8
"Performance monitor module".
Cc: Peter Zijlstra <a.p.zijlstra@chello.nl>
Cc: Paul Mackerras <paulus@samba.org>
Cc: Ingo Molnar <mingo@redhat.com>
Cc: Arnaldo Carvalho de Melo <acme@kernel.org>
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Old oprofile interface will share user stack tracing with new perf
interface. Move oprofile user/kernel stack tracing to stacktrace.c to
make it possible.
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Restore original a0 in the kernel exception stack frame. This way it
looks like the frame that got interrupt/exception did alloca (copy a0 and
a1 spilled under old stack to the new location as well) to save registers
and then did a call to handler.
The point where interrupt/exception was taken is not in the stack chain,
only in pt_regs (call4 from that address can be simulated to keep it in
the stack trace).
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Migrate xtensa driver to the new 'set-state' interface provided by
clockevents core, the earlier 'set-mode' interface is marked obsolete
now.
This also enables us to implement callbacks for new states of clockevent
devices, for example: ONESHOT_STOPPED.
Cc: Chris Zankel <chris@zankel.net>
Cc: Max Filippov <jcmvbkbc@gmail.com>
Cc: linux-xtensa@linux-xtensa.org
Signed-off-by: Viresh Kumar <viresh.kumar@linaro.org>
Signed-off-by: Daniel Lezcano <daniel.lezcano@linaro.org>
This is a preparatory patch for moving irq_data struct members.
Signed-off-by: Jiang Liu <jiang.liu@linux.intel.com>
Cc: Chris Zankel <chris@zankel.net>
Link: http://lkml.kernel.org/r/20150713172018.264485572@linutronix.de
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: Ingo Molnar <mingo@kernel.org>
When we scan a PCI bus, we read PCI-PCI bridge window registers with
pci_read_bridge_bases() so we can validate the resource hierarchy. Most
architectures call pci_read_bridge_bases() from pcibios_fixup_bus(), but
PCI-PCI bridges are not arch-specific, so this doesn't need to be in
arch-specific code.
Call pci_read_bridge_bases() directly from the PCI core instead of from
arch code.
For alpha and mips, we now call pci_read_bridge_bases() always; previously
we only called it if PCI_PROBE_ONLY was set.
[bhelgaas: changelog]
Signed-off-by: Lorenzo Pieralisi <lorenzo.pieralisi@arm.com>
Signed-off-by: Bjorn Helgaas <bhelgaas@google.com>
CC: Ralf Baechle <ralf@linux-mips.org>
CC: James E.J. Bottomley <jejb@parisc-linux.org>
CC: Michael Ellerman <mpe@ellerman.id.au>
CC: Bjorn Helgaas <bhelgaas@google.com>
CC: Richard Henderson <rth@twiddle.net>
CC: Benjamin Herrenschmidt <benh@kernel.crashing.org>
CC: David Howells <dhowells@redhat.com>
CC: Russell King <linux@arm.linux.org.uk>
CC: Tony Luck <tony.luck@intel.com>
CC: David S. Miller <davem@davemloft.net>
CC: Ingo Molnar <mingo@redhat.com>
CC: Guenter Roeck <linux@roeck-us.net>
CC: Michal Simek <monstr@monstr.eu>
CC: Chris Zankel <chris@zankel.net>
Userspace return code may skip restoring THREADPTR register if there are
no registers that need to be zeroed. This leads to spurious failures in
libc NPTL tests.
Always restore THREADPTR on return to userspace.
Cc: stable@vger.kernel.org
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
- fix linker script transformation for .text / .text.fixup
- wire bpf and execveat syscalls;
- provide __NR_sync_file_range2 instead of __NR_sync_file_range, as that's
what xtensa uses.
- make xtfpgs LCD driver functional and configurable. This fixes hardware
lockup on KC705/ML605 boot;
- add audio subsystem bits to xtfpga DTS and provide sample KC705 config
with audio features enabled.
- add CY7C67300 USB controller support to XTFPGA.
- fix locking issues in ISS network driver;
- document PIC and MX interrupt distributor device tree bindings;
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAABAgAGBQJVLzRJAAoJEI9vqH3mFV2sfzgQAKDUeAlMbq78vvz10dThU5I2
bRM2z3nfH1pOz8MToYGJ2UQMUAX09EFcLvhgy61e6bHECvT4Pgrq7QPizD7kAXv4
nHPFX5syHCy6ASKXYGrZj1+moaufkhYgA7hPAggaDtUA7v5fbWPRiHbYWgk4By/f
oWkmKtd2Jv+YXyfi0zA1ccD5eh885UPfaC396UAq5PvD6SafjGYWSHci67TRTrIw
Ejc+e+MWC+yS/6TWtpYUUCeV1YkeYPj+w9JJXCCHRBebtTNv4HHdjyE5DLyTH3+0
3I+T5m8F07VYJ9Q2CZwfTQfU2/3vtxivw2EPcGa8UdubjLlxtIyhEZlJzg4HZn9W
KkCaDMMPoLeuyYYlTtudQVXpAKuactTq0DUGGYUIbkdHbADCP9PVrOk6zsyQwa+B
u4iW2KPyVHIHkOOHG8F7qPAkAYKvJYEZO/JXycmTBMDU4evE2zQHXEujU5PyW2FZ
3CA5I0DxqsYK+PG0geDq+aZxdLYD44SiA6yD/P2YrBXRTDz/AaiBi0MhDT3taBYV
0ttXdKyYM0QWNaLmqs/7HMG7X9daVG5qqv0IllkyXf8luDZMeA5LfCG+4flO8lZz
oSHzDUj8HPZE2q9Mko66AH1UYbV8g3YkPUcS48/d7ZCOE2lkwlG/6T+IAxnPncIv
NKGyz0J/m+D7YBVCDC8p
=wl+K
-----END PGP SIGNATURE-----
Merge tag 'xtensa-20150416' of git://github.com/czankel/xtensa-linux
Pull Xtensa updates from Chris Zankel:
- fix linker script transformation for .text / .text.fixup
- wire bpf and execveat syscalls
- provide __NR_sync_file_range2 instead of __NR_sync_file_range, as
that's what xtensa uses.
- make xtfpgs LCD driver functional and configurable. This fixes
hardware lockup on KC705/ML605 boot
- add audio subsystem bits to xtfpga DTS and provide sample KC705
config with audio features enabled
- add CY7C67300 USB controller support to XTFPGA
- fix locking issues in ISS network driver
- document PIC and MX interrupt distributor device tree bindings
* tag 'xtensa-20150416' of git://github.com/czankel/xtensa-linux:
xtensa: xtfpga: add CY7C67300 USB controller support
irqchip: xtensa-pic: xtensa-mx: document DT bindings
xtensa: ISS: fix locking in TAP network adapter
xtensa: Fix fix linker script transformation for .text / .text.fixup
xtensa: provide __NR_sync_file_range2 instead of __NR_sync_file_range
xtensa: wire bpf and execveat syscalls
xtensa: xtfpga: fix hardware lockup caused by LCD driver
xtensa: xtfpga: provide defconfig with audio subsystem
xtensa: xtfpga: add audio card to xtfpga DTS
Pull exec domain removal from Richard Weinberger:
"This series removes execution domain support from Linux.
The idea behind exec domains was to support different ABIs. The
feature was never complete nor stable. Let's rip it out and make the
kernel signal handling code less complicated"
* 'exec_domain_rip_v2' of git://git.kernel.org/pub/scm/linux/kernel/git/rw/misc: (27 commits)
arm64: Removed unused variable
sparc: Fix execution domain removal
Remove rest of exec domains.
arch: Remove exec_domain from remaining archs
arc: Remove signal translation and exec_domain
xtensa: Remove signal translation and exec_domain
xtensa: Autogenerate offsets in struct thread_info
x86: Remove signal translation and exec_domain
unicore32: Remove signal translation and exec_domain
um: Remove signal translation and exec_domain
tile: Remove signal translation and exec_domain
sparc: Remove signal translation and exec_domain
sh: Remove signal translation and exec_domain
s390: Remove signal translation and exec_domain
mn10300: Remove signal translation and exec_domain
microblaze: Remove signal translation and exec_domain
m68k: Remove signal translation and exec_domain
m32r: Remove signal translation and exec_domain
m32r: Autogenerate offsets in struct thread_info
frv: Remove signal translation and exec_domain
...
Pull vfs update from Al Viro:
"Part one:
- struct filename-related cleanups
- saner iov_iter_init() replacements (and switching the syscalls to
use of those)
- ntfs switch to ->write_iter() (Anton)
- aio cleanups and splitting iocb into common and async parts
(Christoph)
- assorted fixes (me, bfields, Andrew Elble)
There's a lot more, including the completion of switchover to
->{read,write}_iter(), d_inode/d_backing_inode annotations, f_flags
race fixes, etc, but that goes after #for-davem merge. David has
pulled it, and once it's in I'll send the next vfs pull request"
* 'for-linus-1' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs: (35 commits)
sg_start_req(): use import_iovec()
sg_start_req(): make sure that there's not too many elements in iovec
blk_rq_map_user(): use import_single_range()
sg_io(): use import_iovec()
process_vm_access: switch to {compat_,}import_iovec()
switch keyctl_instantiate_key_common() to iov_iter
switch {compat_,}do_readv_writev() to {compat_,}import_iovec()
aio_setup_vectored_rw(): switch to {compat_,}import_iovec()
vmsplice_to_user(): switch to import_iovec()
kill aio_setup_single_vector()
aio: simplify arguments of aio_setup_..._rw()
aio: lift iov_iter_init() into aio_setup_..._rw()
lift iov_iter into {compat_,}do_readv_writev()
NFS: fix BUG() crash in notify_change() with patch to chown_common()
dcache: return -ESTALE not -EBUSY on distributed fs race
NTFS: Version 2.1.32 - Update file write from aio_write to write_iter.
VFS: Add iov_iter_fault_in_multipages_readable()
drop bogus check in file_open_root()
switch security_inode_getattr() to struct path *
constify tomoyo_realpath_from_path()
...
As execution domain support is gone we can remove
signal translation from the signal code and remove
exec_domain from thread_info.
Signed-off-by: Richard Weinberger <richard@nod.at>
Commit 779c88c94c ("ARM: 8321/1: asm-generic: introduce .text.fixup
input section") introduced a new .text.fixup section which is merged
with .text at link time. This causes xtensa builds to fail with lots
of error messages similar to the following.
lib/lib.a(kobject.o): In function `kobject_create':
(.text+0x498): dangerous relocation: l32r: literal placed after use:
(.literal+0x150)
Linker script transformation needs to be updated to detect and handle
the new section.
Fixes: 779c88c94c ("ARM: 8321/1: asm-generic: introduce .text.fixup
input section")
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Arnd Bergmann <arnd@arndb.de>
Signed-off-by: Guenter Roeck <linux@roeck-us.net>
Signed-off-by: Chris Zankel <chris@zankel.net>
Previously, pci_scan_root_bus() created a root PCI bus, enumerated the
devices on it, and called pci_bus_add_devices(), which made the devices
available for drivers to claim them.
Most callers assigned resources to devices after pci_scan_root_bus()
returns, which may be after drivers have claimed the devices. This is
incorrect; the PCI core should not change device resources while a driver
is managing the device.
Remove pci_bus_add_devices() from pci_scan_root_bus() and do it after any
resource assignment in the callers.
Note that ARM's pci_common_init_dev() already called pci_bus_add_devices()
after pci_scan_root_bus(), so we only need to remove the first call:
pci_common_init_dev
pcibios_init_hw
pci_scan_root_bus
pci_bus_add_devices # first call
pci_bus_assign_resources
pci_bus_add_devices # second call
[bhelgaas: changelog, drop "root_bus" var in alpha common_init_pci(),
return failure earlier in mn10300, add "return" in x86 pcibios_scan_root(),
return early if xtensa platform_pcibios_fixup() fails]
Signed-off-by: Yijing Wang <wangyijing@huawei.com>
Signed-off-by: Bjorn Helgaas <bhelgaas@google.com>
CC: Richard Henderson <rth@twiddle.net>
CC: Ivan Kokshaysky <ink@jurassic.park.msu.ru>
CC: Matt Turner <mattst88@gmail.com>
CC: David Howells <dhowells@redhat.com>
CC: Tony Luck <tony.luck@intel.com>
CC: Michal Simek <monstr@monstr.eu>
CC: Ralf Baechle <ralf@linux-mips.org>
CC: Koichi Yasutake <yasutake.koichi@jp.panasonic.com>
CC: Sebastian Ott <sebott@linux.vnet.ibm.com>
CC: "David S. Miller" <davem@davemloft.net>
CC: Chris Metcalf <cmetcalf@ezchip.com>
CC: Chris Zankel <chris@zankel.net>
CC: Max Filippov <jcmvbkbc@gmail.com>
CC: Thomas Gleixner <tglx@linutronix.de>
printk and friends can now format bitmaps using '%*pb[l]'. cpumask
and nodemask also provide cpumask_pr_args() and nodemask_pr_args()
respectively which can be used to generate the two printf arguments
necessary to format the specified cpu/nodemask.
Signed-off-by: Tejun Heo <tj@kernel.org>
Cc: Chris Zankel <chris@zankel.net>
Cc: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
If an attacker can cause a controlled kernel stack overflow, overwriting
the restart block is a very juicy exploit target. This is because the
restart_block is held in the same memory allocation as the kernel stack.
Moving the restart block to struct task_struct prevents this exploit by
making the restart_block harder to locate.
Note that there are other fields in thread_info that are also easy
targets, at least on some architectures.
It's also a decent simplification, since the restart code is more or less
identical on all architectures.
[james.hogan@imgtec.com: metag: align thread_info::supervisor_stack]
Signed-off-by: Andy Lutomirski <luto@amacapital.net>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Al Viro <viro@zeniv.linux.org.uk>
Cc: "H. Peter Anvin" <hpa@zytor.com>
Cc: Ingo Molnar <mingo@kernel.org>
Cc: Kees Cook <keescook@chromium.org>
Cc: David Miller <davem@davemloft.net>
Acked-by: Richard Weinberger <richard@nod.at>
Cc: Richard Henderson <rth@twiddle.net>
Cc: Ivan Kokshaysky <ink@jurassic.park.msu.ru>
Cc: Matt Turner <mattst88@gmail.com>
Cc: Vineet Gupta <vgupta@synopsys.com>
Cc: Russell King <rmk@arm.linux.org.uk>
Cc: Catalin Marinas <catalin.marinas@arm.com>
Cc: Will Deacon <will.deacon@arm.com>
Cc: Haavard Skinnemoen <hskinnemoen@gmail.com>
Cc: Hans-Christian Egtvedt <egtvedt@samfundet.no>
Cc: Steven Miao <realmz6@gmail.com>
Cc: Mark Salter <msalter@redhat.com>
Cc: Aurelien Jacquiot <a-jacquiot@ti.com>
Cc: Mikael Starvik <starvik@axis.com>
Cc: Jesper Nilsson <jesper.nilsson@axis.com>
Cc: David Howells <dhowells@redhat.com>
Cc: Richard Kuo <rkuo@codeaurora.org>
Cc: "Luck, Tony" <tony.luck@intel.com>
Cc: Geert Uytterhoeven <geert@linux-m68k.org>
Cc: Michal Simek <monstr@monstr.eu>
Cc: Ralf Baechle <ralf@linux-mips.org>
Cc: Jonas Bonn <jonas@southpole.se>
Cc: "James E.J. Bottomley" <jejb@parisc-linux.org>
Cc: Helge Deller <deller@gmx.de>
Cc: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Cc: Paul Mackerras <paulus@samba.org>
Acked-by: Michael Ellerman <mpe@ellerman.id.au> (powerpc)
Tested-by: Michael Ellerman <mpe@ellerman.id.au> (powerpc)
Cc: Martin Schwidefsky <schwidefsky@de.ibm.com>
Cc: Heiko Carstens <heiko.carstens@de.ibm.com>
Cc: Chen Liqin <liqin.linux@gmail.com>
Cc: Lennox Wu <lennox.wu@gmail.com>
Cc: Chris Metcalf <cmetcalf@ezchip.com>
Cc: Guan Xuetao <gxt@mprc.pku.edu.cn>
Cc: Chris Zankel <chris@zankel.net>
Cc: Max Filippov <jcmvbkbc@gmail.com>
Cc: Oleg Nesterov <oleg@redhat.com>
Cc: Guenter Roeck <linux@roeck-us.net>
Signed-off-by: James Hogan <james.hogan@imgtec.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Instead of initializing vecbase in initialize_mmu macro, which may be
expanded either in Image.elf reset vector hadler or in the kernel
head.S, both times only when CONFIG_MMU is enabled, do this
initialization once in _startup function.
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Pull audit updates from Eric Paris:
"So this change across a whole bunch of arches really solves one basic
problem. We want to audit when seccomp is killing a process. seccomp
hooks in before the audit syscall entry code. audit_syscall_entry
took as an argument the arch of the given syscall. Since the arch is
part of what makes a syscall number meaningful it's an important part
of the record, but it isn't available when seccomp shoots the
syscall...
For most arch's we have a better way to get the arch (syscall_get_arch)
So the solution was two fold: Implement syscall_get_arch() everywhere
there is audit which didn't have it. Use syscall_get_arch() in the
seccomp audit code. Having syscall_get_arch() everywhere meant it was
a useless flag on the stack and we could get rid of it for the typical
syscall entry.
The other changes inside the audit system aren't grand, fixed some
records that had invalid spaces. Better locking around the task comm
field. Removing some dead functions and structs. Make some things
static. Really minor stuff"
* git://git.infradead.org/users/eparis/audit: (31 commits)
audit: rename audit_log_remove_rule to disambiguate for trees
audit: cull redundancy in audit_rule_change
audit: WARN if audit_rule_change called illegally
audit: put rule existence check in canonical order
next: openrisc: Fix build
audit: get comm using lock to avoid race in string printing
audit: remove open_arg() function that is never used
audit: correct AUDIT_GET_FEATURE return message type
audit: set nlmsg_len for multicast messages.
audit: use union for audit_field values since they are mutually exclusive
audit: invalid op= values for rules
audit: use atomic_t to simplify audit_serial()
kernel/audit.c: use ARRAY_SIZE instead of sizeof/sizeof[0]
audit: reduce scope of audit_log_fcaps
audit: reduce scope of audit_net_id
audit: arm64: Remove the audit arch argument to audit_syscall_entry
arm64: audit: Add audit hook in syscall_trace_enter/exit()
audit: x86: drop arch from __audit_syscall_entry() interface
sparc: implement is_32bit_task
sparc: properly conditionalize use of TIF_32BIT
...
- support highmem on cores with aliasing data cache. Enable highmem on kc705
by default;
- simplify addition of new core variants (no need to modify Kconfig /
Makefiles);
- improve robustness of unaligned access handler and its interaction with
window overflow/underflow exception handlers;
- deprecate atomic and spill registers syscalls;
- clean up Kconfig: remove orphan MATH_EMULATION, sort 'select' statements;
- wire up renameat2 syscall.
Various fixes:
- fix address checks in dma_{alloc,free}_coherent (runtime BUG);
- fix access to THREAD_RA/THREAD_SP/THREAD_DS (debug build breakage);
- fix TLBTEMP_BASE_2 region handling in fast_second_level_miss (runtime
unrecoverable exception);
- fix a6 and a7 handling in fast_syscall_xtensa (runtime userspace register
clobbering);
- fix kernel/user jump out of fast_unaligned (potential runtime unrecoverabl
exception);
- replace termios IOCTL code definitions with constants (userspace build
breakage).
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iQIcBAABAgAGBQJUA2nrAAoJEI9vqH3mFV2sqS4P/j6+wtuPHhvNLmpzlIJ1//OP
zr6o4eRC77HDS0ArqFq+mteU8MH2CXoiMOFvUzXSyistSrQyENJ5Mg8f5vY9sqeJ
PQtHzBIg7gBpJTiI66n5k+Av65KdcLdz3JE9j1IHXy+Ovlv+BVAOBWfb6Mx59a5i
4rk+ovSrKbAOI50RBL4p/YpCgxu0hdpnpVJ0Ng7ApSXq18o9uxLdgekn11ZJFtob
hFgdh4i5Rg+hL+HV8ehE7K5xwxVaqU//dgdbCVB2g3gcNGaDINiEwyJBxWszln4W
wKr9kSCnHihSevDNby/AIw01d1HS18wZdIjTn10/jRnz9PzIET14K2lmqaU6+RyC
un8EZW3R0jabMMJ7DqKCiLK6Adz+lNuhs4hx7oGNJIuvyILiSrgqVQEDtwTJDNPk
43lcBYVgpaFviP0exMl9AUb12s8aIhN7D9vFguyuV7Rl8vgUIsEhE67CrIjvi2Hp
FV4s1+tVylFYCLbBITPtztfDKiJH4WUbaUGmiK27ReE8L7fAU2jicTau31r0L3ca
66FdInbchvl4TgZBi2ndEsVOmqKc7V8o0Xb+Cmgdda5mgZRw5y8KGnSi9I1YhPc0
xNZq1P6W5HcWbH0kFIRtnRJmGJjtHu+T5Z12yZ+o9EmMXfCePtUSUrMq8YkW/lMg
tJCSbnosd4z498k7hFHY
=mAYX
-----END PGP SIGNATURE-----
Merge tag 'xtensa-20140830' of git://github.com/czankel/xtensa-linux
Pull Xtensa updates from Chris Zankel:
"Xtensa improvements for 3.17:
- support highmem on cores with aliasing data cache. Enable highmem
on kc705 by default
- simplify addition of new core variants (no need to modify Kconfig /
Makefiles)
- improve robustness of unaligned access handler and its interaction
with window overflow/underflow exception handlers
- deprecate atomic and spill registers syscalls
- clean up Kconfig: remove orphan MATH_EMULATION, sort 'select'
statements
- wire up renameat2 syscall.
Various fixes:
- fix address checks in dma_{alloc,free}_coherent (runtime BUG)
- fix access to THREAD_RA/THREAD_SP/THREAD_DS (debug build breakage)
- fix TLBTEMP_BASE_2 region handling in fast_second_level_miss
(runtime unrecoverable exception)
- fix a6 and a7 handling in fast_syscall_xtensa (runtime userspace
register clobbering)
- fix kernel/user jump out of fast_unaligned (potential runtime
unrecoverabl exception)
- replace termios IOCTL code definitions with constants (userspace
build breakage)"
* tag 'xtensa-20140830' of git://github.com/czankel/xtensa-linux: (25 commits)
xtensa: deprecate fast_xtensa and fast_spill_registers syscalls
xtensa: don't allow overflow/underflow on unaligned stack
xtensa: fix a6 and a7 handling in fast_syscall_xtensa
xtensa: allow single-stepping through unaligned load/store
xtensa: move invalid unaligned instruction handler closer to its users
xtensa: make fast_unaligned store restartable
xtensa: add double exception fixup handler for fast_unaligned
xtensa: fix kernel/user jump out of fast_unaligned
xtensa: configure kc705 for highmem
xtensa: support highmem in aliasing cache flushing code
xtensa: support aliasing cache in kmap
xtensa: support aliasing cache in k[un]map_atomic
xtensa: implement clear_user_highpage and copy_user_highpage
xtensa: fix TLBTEMP_BASE_2 region handling in fast_second_level_miss
xtensa: allow fixmap and kmap span more than one page table
xtensa: make fixmap region addressing grow with index
xtensa: fix access to THREAD_RA/THREAD_SP/THREAD_DS
xtensa: add renameat2 syscall
xtensa: fix address checks in dma_{alloc,free}_coherent
xtensa: replace IOCTL code definitions with constants
...
- support highmem on cores with aliasing data cache. Enable highmem on kc705
by default;
- simplify addition of new core variants (no need to modify Kconfig /
Makefiles);
- improve robustness of unaligned access handler and its interaction with
window overflow/underflow exception handlers;
- deprecate atomic and spill registers syscalls;
- clean up Kconfig: remove orphan MATH_EMULATION, sort 'select' statements;
- wire up renameat2 syscall.
Various fixes:
- fix address checks in dma_{alloc,free}_coherent (runtime BUG);
- fix access to THREAD_RA/THREAD_SP/THREAD_DS (debug build breakage);
- fix TLBTEMP_BASE_2 region handling in fast_second_level_miss (runtime
unrecoverable exception);
- fix a6 and a7 handling in fast_syscall_xtensa (runtime userspace register
clobbering);
- fix kernel/user jump out of fast_unaligned (potential runtime unrecoverable
exception);
- replace termios IOCTL code definitions with constants (userspace build
breakage).
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAABAgAGBQJT7YTeAAoJEFH5zJH4P6BEnOYQAJ716CslOAM96DyMWilpSHmn
y9Ei5UDorzm7Qiqeg3h0t8BafjDKobAAV+9YP29wPXU5+CKCQTWG8u4n+2BjMyM5
4OyG9SiAJnHpTnySiASmvMiG3slL34VXCyDhWMmF2dQ8CX4+GFm7RSHNy62l4fYR
x9iySEtZPD7Uv7aKVfUfIPpY926S+kL3mhOUwlDwMEuDJQhS4oqxc+JL1xoG5XwQ
qoCjAEDvoyPgSPKg9dmLpAlbhERe20KPD6biraJ3gW/gAvIMxmeC88rybzF01RbL
bf5J93UHay5mQhheAz25Gg2k0DoQHgONsnqmlMOgNk0u/hFJGqnz54DONVzBplVR
16VEHdDmUwO5+cuFDyfcZTtU0u0yV9l+Rr+NLUekyxhjVlL7o5648rZufLLBrnNK
SQ+ueI3rp1thnHR+L5iB/E+abjGoUK6TsWJGNYvY6kOPArz9OEKHQkFOhEYip9t2
vT7qfz/YKX0dc8ZwCeSwif/haeChHOvuJU2MKqKBz0McwXv7QxcadYR1o3mP87BL
Lp9vibaVaBUT9SkZFtNJwEgJ7WeSV5EN1faakATFRR7H/qhMtUDDFRXAZLcGwUV/
yF60YQuFW0jdwKaEtI1TI1zmckFxPxLwfTXWKob+T4E8KE+k5ZXq1Vcl9FoB5pWG
Jcxn92MhHKKl7EAXeveo
=q9be
-----END PGP SIGNATURE-----
Merge tag 'xtensa-for-next-20140815' into for_next
Xtensa improvements for 3.17:
- support highmem on cores with aliasing data cache. Enable highmem on kc705
by default;
- simplify addition of new core variants (no need to modify Kconfig /
Makefiles);
- improve robustness of unaligned access handler and its interaction with
window overflow/underflow exception handlers;
- deprecate atomic and spill registers syscalls;
- clean up Kconfig: remove orphan MATH_EMULATION, sort 'select' statements;
- wire up renameat2 syscall.
Various fixes:
- fix address checks in dma_{alloc,free}_coherent (runtime BUG);
- fix access to THREAD_RA/THREAD_SP/THREAD_DS (debug build breakage);
- fix TLBTEMP_BASE_2 region handling in fast_second_level_miss (runtime
unrecoverable exception);
- fix a6 and a7 handling in fast_syscall_xtensa (runtime userspace register
clobbering);
- fix kernel/user jump out of fast_unaligned (potential runtime unrecoverable
exception);
- replace termios IOCTL code definitions with constants (userspace build
breakage).
Signed-off-by: Chris Zankel <chris@zankel.net>
These syscalls are not used by userspace tools for some time now, and
they have issues when called with invalid arguments. It's not worth
changing signal delivery mechanism as we don't expect any new users for
these syscalls. Let's keep them for backwards compatibility under #ifdef,
disabled by default.
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Double exceptions that happen during register window overflow/underflow
are handled in the topmost stack frame, as if it was the only exception
that occured. However unaligned access exception handler is special
because it needs to analyze instruction that caused the exception, but
the userspace instruction that triggered window exception is completely
irrelevant. Unaligned data access is rather normal in the generic
userspace code, but stack pointer manipulation must always be done by
architecture-aware code and thus unaligned stack means a serious problem
anyway.
Use the default unaligned access handler that raises SIGBUS in case
of unaligned access in window overflow/underflow handler.
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Remove restoring a6 on some return paths and instead modify and restore
it in a single place, using symbolic name.
Correctly restore a7 from PT_AREG7 in case of illegal a6 value.
Cc: stable@vger.kernel.org
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Update icount when icountlevel is non-zero but not greater than EXCM level
when load/store instruction is successfully emulated. This allows
single-stepping over such instruction in userspace debugger.
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
With this change a threaded jump from .Linvalid_instruction_load to
.Linvalid_instruction can be removed and more code may be added to
common load/store exit path.
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
fast_unaligned may encounter DTLB miss or SEGFAULT during the store
emulation. Don't update epc1 and lcount until after the store emulation
is complete, so that the faulting store instruction could be replayed.
Remove duplicate code handling zero overhead loops and calculate new
epc1 and lcount in one place.
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
fast_unaligned_fixup restores user registers and runs normal exception
handler in the current stack frame. Unaligned load/store is retried
after that.
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>