From d9dd421fd6ed17af55d27c8d93a9f561be0ff50f Mon Sep 17 00:00:00 2001 From: Jeremy Kerr Date: Wed, 13 Aug 2008 11:29:31 +1000 Subject: [PATCH 1/6] powerpc/spufs: fix npc setting for NOSCHED contexts Currently, spu_run ignores the npc argument for contexts created with SPU_CREATE_NOSCHED. While this is correct for isolated contexts, there's no need to enforce the npc restriction on non-isolated NOSCHED contexts. This means that NOSCHED contexts can only ever run with an entry point of 0x0. This change to spu_run_init allows setting of the npc (and, while we're at it, the privcntl) for non-isolated NOSCHED contexts. This allows us to run NOSCHED contexts from any entry point. Signed-off-by: Jeremy Kerr --- arch/powerpc/platforms/cell/spufs/run.c | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/arch/powerpc/platforms/cell/spufs/run.c b/arch/powerpc/platforms/cell/spufs/run.c index f7edba6cb795..c9bb7cfd3dca 100644 --- a/arch/powerpc/platforms/cell/spufs/run.c +++ b/arch/powerpc/platforms/cell/spufs/run.c @@ -206,11 +206,6 @@ static int spu_run_init(struct spu_context *ctx, u32 *npc) (SPU_RUNCNTL_RUNNABLE | SPU_RUNCNTL_ISOLATE); if (runcntl == 0) runcntl = SPU_RUNCNTL_RUNNABLE; - } - - if (ctx->flags & SPU_CREATE_NOSCHED) { - spuctx_switch_state(ctx, SPU_UTIL_USER); - ctx->ops->runcntl_write(ctx, runcntl); } else { unsigned long privcntl; @@ -219,9 +214,15 @@ static int spu_run_init(struct spu_context *ctx, u32 *npc) else privcntl = SPU_PRIVCNTL_MODE_NORMAL; - ctx->ops->npc_write(ctx, *npc); ctx->ops->privcntl_write(ctx, privcntl); - ctx->ops->runcntl_write(ctx, runcntl); + ctx->ops->npc_write(ctx, *npc); + } + + ctx->ops->runcntl_write(ctx, runcntl); + + if (ctx->flags & SPU_CREATE_NOSCHED) { + spuctx_switch_state(ctx, SPU_UTIL_USER); + } else { if (ctx->state == SPU_STATE_SAVED) { ret = spu_activate(ctx, 0); From 8d5636fbca202f61fdb808fc9e20c0142291d802 Mon Sep 17 00:00:00 2001 From: Jeremy Kerr Date: Thu, 14 Aug 2008 14:59:12 +1000 Subject: [PATCH 2/6] powerpc/spufs: reference context while dropping state mutex in scheduler Based on an original patch from Christoph Hellwig . Currently, there is a possible reference-after-free in the spusched code - contexts may be freed after we have released their state_mutex in spusched_tick and find_victim. This change takes a reference to the context before releasing the mutex, so that the context doesn't get destroyed. Signed-off-by: Jeremy Kerr --- arch/powerpc/platforms/cell/spufs/sched.c | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/arch/powerpc/platforms/cell/spufs/sched.c b/arch/powerpc/platforms/cell/spufs/sched.c index 2deeeba7eccf..4b6b0c3a8c95 100644 --- a/arch/powerpc/platforms/cell/spufs/sched.c +++ b/arch/powerpc/platforms/cell/spufs/sched.c @@ -641,8 +641,10 @@ static struct spu *find_victim(struct spu_context *ctx) if (tmp && tmp->prio > ctx->prio && !(tmp->flags & SPU_CREATE_NOSCHED) && - (!victim || tmp->prio > victim->prio)) + (!victim || tmp->prio > victim->prio)) { victim = spu->ctx; + get_spu_context(victim); + } } mutex_unlock(&cbe_spu_info[node].list_mutex); @@ -658,6 +660,7 @@ static struct spu *find_victim(struct spu_context *ctx) * look at another context or give up after X retries. */ if (!mutex_trylock(&victim->state_mutex)) { + put_spu_context(victim); victim = NULL; goto restart; } @@ -670,6 +673,7 @@ static struct spu *find_victim(struct spu_context *ctx) * restart the search. */ mutex_unlock(&victim->state_mutex); + put_spu_context(victim); victim = NULL; goto restart; } @@ -687,6 +691,7 @@ static struct spu *find_victim(struct spu_context *ctx) spu_add_to_rq(victim); mutex_unlock(&victim->state_mutex); + put_spu_context(victim); return spu; } @@ -985,9 +990,11 @@ static int spusched_thread(void *unused) struct spu_context *ctx = spu->ctx; if (ctx) { + get_spu_context(ctx); mutex_unlock(mtx); spusched_tick(ctx); mutex_lock(mtx); + put_spu_context(ctx); } } mutex_unlock(mtx); From cb9808d3d0cb0ed97197decadcf0431140b9e231 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ilpo=20J=C3=A4rvinen?= Date: Tue, 19 Aug 2008 08:48:57 +0300 Subject: [PATCH 3/6] powerpc/spufs: Remove invalid semicolon after if statement MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Ilpo Järvinen Signed-off-by: Jeremy Kerr --- arch/powerpc/platforms/cell/spufs/sched.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/powerpc/platforms/cell/spufs/sched.c b/arch/powerpc/platforms/cell/spufs/sched.c index 4b6b0c3a8c95..1c1b627ee843 100644 --- a/arch/powerpc/platforms/cell/spufs/sched.c +++ b/arch/powerpc/platforms/cell/spufs/sched.c @@ -1037,7 +1037,7 @@ void spuctx_switch_state(struct spu_context *ctx, node = spu->node; if (old_state == SPU_UTIL_USER) atomic_dec(&cbe_spu_info[node].busy_spus); - if (new_state == SPU_UTIL_USER); + if (new_state == SPU_UTIL_USER) atomic_inc(&cbe_spu_info[node].busy_spus); } } From 7230ced4925b07c259a62b515d8278c6bb1ad98c Mon Sep 17 00:00:00 2001 From: Michael Ellerman Date: Thu, 31 Jul 2008 16:54:28 +1000 Subject: [PATCH 4/6] powerpc: Fix /dev/oldmem interface for kdump A change to __ioremap() broke reading /dev/oldmem because we're no longer able to ioremap pfn 0 (d177c207, "[PATCH] powerpc: IOMMU: don't ioremap null addresses"). We actually don't need to ioremap for anything that's part of the linear mapping, so just read it directly. Also make sure we're only reading one page or less at a time. Signed-off-by: Michael Ellerman Signed-off-by: Sachin Sant Signed-off-by: Paul Mackerras --- arch/powerpc/kernel/crash_dump.c | 31 ++++++++++++++++++++++--------- 1 file changed, 22 insertions(+), 9 deletions(-) diff --git a/arch/powerpc/kernel/crash_dump.c b/arch/powerpc/kernel/crash_dump.c index e0debcca0bfa..a323c9b32ee1 100644 --- a/arch/powerpc/kernel/crash_dump.c +++ b/arch/powerpc/kernel/crash_dump.c @@ -86,6 +86,19 @@ static int __init parse_savemaxmem(char *p) } __setup("savemaxmem=", parse_savemaxmem); + +static size_t copy_oldmem_vaddr(void *vaddr, char *buf, size_t csize, + unsigned long offset, int userbuf) +{ + if (userbuf) { + if (copy_to_user((char __user *)buf, (vaddr + offset), csize)) + return -EFAULT; + } else + memcpy(buf, (vaddr + offset), csize); + + return csize; +} + /** * copy_oldmem_page - copy one page from "oldmem" * @pfn: page frame number to be copied @@ -107,16 +120,16 @@ ssize_t copy_oldmem_page(unsigned long pfn, char *buf, if (!csize) return 0; - vaddr = __ioremap(pfn << PAGE_SHIFT, PAGE_SIZE, 0); + csize = min(csize, PAGE_SIZE); - if (userbuf) { - if (copy_to_user((char __user *)buf, (vaddr + offset), csize)) { - iounmap(vaddr); - return -EFAULT; - } - } else - memcpy(buf, (vaddr + offset), csize); + if (pfn < max_pfn) { + vaddr = __va(pfn << PAGE_SHIFT); + csize = copy_oldmem_vaddr(vaddr, buf, csize, offset, userbuf); + } else { + vaddr = __ioremap(pfn << PAGE_SHIFT, PAGE_SIZE, 0); + csize = copy_oldmem_vaddr(vaddr, buf, csize, offset, userbuf); + iounmap(vaddr); + } - iounmap(vaddr); return csize; } From 4589f1fe570c2c786b72eff146b2f168821882c6 Mon Sep 17 00:00:00 2001 From: Joachim Fenkes Date: Wed, 6 Aug 2008 00:30:18 +1000 Subject: [PATCH 5/6] powerpc/ibmebus: Restore "name" sysfs attribute on ibmebus devices Recent of_platform changes made of_bus_type_init() overwrite the bus type's .dev_attrs list, meaning that the "name" attribute that ibmebus devices previously had is no longer present. This is a user-visible regression which breaks the userspace eHCA support, since the eHCA userspace driver relies on the name attribute to check for valid adapters. This fixes it by providing the "name" attribute in the generic OF device code instead. Tested on POWER. Signed-off-by: Joachim Fenkes Signed-off-by: Paul Mackerras --- arch/powerpc/kernel/ibmebus.c | 12 ------------ drivers/of/device.c | 10 ++++++++++ 2 files changed, 10 insertions(+), 12 deletions(-) diff --git a/arch/powerpc/kernel/ibmebus.c b/arch/powerpc/kernel/ibmebus.c index 9d42eb57aea3..a06362223f8d 100644 --- a/arch/powerpc/kernel/ibmebus.c +++ b/arch/powerpc/kernel/ibmebus.c @@ -233,17 +233,6 @@ void ibmebus_free_irq(u32 ist, void *dev_id) } EXPORT_SYMBOL(ibmebus_free_irq); -static ssize_t name_show(struct device *dev, - struct device_attribute *attr, char *buf) -{ - return sprintf(buf, "%s\n", to_of_device(dev)->node->name); -} - -static struct device_attribute ibmebus_dev_attrs[] = { - __ATTR_RO(name), - __ATTR_NULL -}; - static char *ibmebus_chomp(const char *in, size_t count) { char *out = kmalloc(count + 1, GFP_KERNEL); @@ -327,7 +316,6 @@ static struct bus_attribute ibmebus_bus_attrs[] = { struct bus_type ibmebus_bus_type = { .uevent = of_device_uevent, - .dev_attrs = ibmebus_dev_attrs, .bus_attrs = ibmebus_bus_attrs }; EXPORT_SYMBOL(ibmebus_bus_type); diff --git a/drivers/of/device.c b/drivers/of/device.c index 8a1d93a2bb81..51e5214071da 100644 --- a/drivers/of/device.c +++ b/drivers/of/device.c @@ -57,6 +57,15 @@ static ssize_t devspec_show(struct device *dev, return sprintf(buf, "%s\n", ofdev->node->full_name); } +static ssize_t name_show(struct device *dev, + struct device_attribute *attr, char *buf) +{ + struct of_device *ofdev; + + ofdev = to_of_device(dev); + return sprintf(buf, "%s\n", ofdev->node->name); +} + static ssize_t modalias_show(struct device *dev, struct device_attribute *attr, char *buf) { @@ -71,6 +80,7 @@ static ssize_t modalias_show(struct device *dev, struct device_attribute of_platform_device_attrs[] = { __ATTR_RO(devspec), + __ATTR_RO(name), __ATTR_RO(modalias), __ATTR_NULL }; From cd5aeb9f6cf7ada6baa218e01b4299e201497cde Mon Sep 17 00:00:00 2001 From: Brian King Date: Wed, 13 Aug 2008 05:21:45 +1000 Subject: [PATCH 6/6] powerpc: Fix vio_bus_probe oops on probe error When CMO is enabled and booted on a non CMO system and the VIO device's probe function fails, an oops can result since vio_cmo_bus_remove is called when it should not. This fixes it by avoiding the vio_cmo_bus_remove call on platforms that don't implement CMO. cpu 0x0: Vector: 300 (Data Access) at [c00000000e13b3d0] pc: c000000000020d34: .vio_cmo_bus_remove+0xc0/0x1f4 lr: c000000000020ca4: .vio_cmo_bus_remove+0x30/0x1f4 sp: c00000000e13b650 msr: 8000000000009032 dar: 0 dsisr: 40000000 current = 0xc00000000e0566c0 paca = 0xc0000000006f9b80 pid = 2428, comm = modprobe enter ? for help [c00000000e13b6e0] c000000000021d94 .vio_bus_probe+0x2f8/0x33c [c00000000e13b7a0] c00000000029fc88 .driver_probe_device+0x13c/0x200 [c00000000e13b830] c00000000029fdac .__driver_attach+0x60/0xa4 [c00000000e13b8c0] c00000000029f050 .bus_for_each_dev+0x80/0xd8 [c00000000e13b980] c00000000029f9ec .driver_attach+0x28/0x40 [c00000000e13ba00] c00000000029f630 .bus_add_driver+0xd4/0x284 [c00000000e13baa0] c0000000002a01bc .driver_register+0xc4/0x198 [c00000000e13bb50] c00000000002168c .vio_register_driver+0x40/0x5c [c00000000e13bbe0] d0000000003b3f1c .ibmvfc_module_init+0x70/0x109c [ibmvfc] [c00000000e13bc70] c0000000000acf08 .sys_init_module+0x184c/0x1a10 [c00000000e13be30] c000000000008748 syscall_exit+0x0/0x40 Signed-off-by: Brian King Signed-off-by: Paul Mackerras --- arch/powerpc/kernel/vio.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/powerpc/kernel/vio.c b/arch/powerpc/kernel/vio.c index 22a3c33fd751..2750fbab1975 100644 --- a/arch/powerpc/kernel/vio.c +++ b/arch/powerpc/kernel/vio.c @@ -1113,7 +1113,7 @@ static int vio_bus_probe(struct device *dev) return error; } error = viodrv->probe(viodev, id); - if (error) + if (error && firmware_has_feature(FW_FEATURE_CMO)) vio_cmo_bus_remove(viodev); }