Commit Graph

88032 Commits

Author SHA1 Message Date
Helge Deller
54e181e073 parisc: Do not crash 64bit SMP kernels on machines with >= 4GB RAM
Since the beginning of the parisc-linux port, sometimes 64bit SMP kernels were
not able to bring up other CPUs than the monarch CPU and instead crashed the
kernel.  The reason was unclear, esp. since it involved various machines (e.g.
J5600, J6750 and SuperDome). Testing showed, that those crashes didn't happened
when less than 4GB were installed, or if a 32bit Linux kernel was booted.

In the end, the fix for those SMP problems is trivial:
During the early phase of the initialization of the CPUs, including the monarch
CPU, the PDC_PSW firmware function to enable WIDE (=64bit) mode is called.
It's documented that this firmware function may clobber various registers, and
one one of those possibly clobbered registers is %cr30 which holds the task
thread info pointer.

Now, if %cr30 would always have been clobbered, then this bug would have been
detected much earlier. But lots of testing finally showed, that - at least for
%cr30 - on some machines only the upper 32bits of the 64bit register suddenly
turned zero after the firmware call.

So, after finding the root cause, the explanation for the various crashes
became clear:
- On 32bit SMP Linux kernels all upper 32bit were zero, so we didn't faced this
  problem.
- Monarch CPUs in 64bit mode always booted sucessfully, because the inital task
  thread info pointer was below 4GB.
- Secondary CPUs booted sucessfully on machines with less than 4GB RAM because
  the upper 32bit were zero anyay.
- Secondary CPus failed to boot if we had more than 4GB RAM and the task thread
  info pointer was located above the 4GB boundary.

Finally, the patch to fix this problem is trivial by saving the %cr30 register
before the firmware call and restoring it afterwards.

Signed-off-by: Helge Deller <deller@gmx.de>
Signed-off-by: John David Anglin <dave.anglin@bell.net>
Cc: <stable@vger.kernel.org> # 2.6.12+
Signed-off-by: Helge Deller <deller@gmx.de>
2013-10-27 15:58:44 +01:00
Linus Torvalds
4208c47199 ARM: SoC fixes for 3.12-rc
There's really only one bugfix in this branch, which is a fix for timers on
 the integrator platform. Since Linus Walleij is resurrecting support for
 the platform it seems valuable to get the fix into 3.12 even though the
 regression has been around a while.
 
 The rest are a handful of maintainers updates. If you prefer to hold those
 until 3.13 then just merge the first patch on the branch which is the fix.
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.4.11 (GNU/Linux)
 
 iQIcBAABAgAGBQJSakNMAAoJEIwa5zzehBx3KscQAJPKB+kZac8rFi/n/yVrJh0P
 125QnjrkzK8jIaC3u91sJxYxro54/lH272Joz/TwLWr3ppfJRshZsDZeU164+VlF
 9kgHPKGTJU//5R07uFdI29oDVoPbaCX70KaZ31Sevk8VVGsJYasaLeO0422bp4We
 xn7WXb6XySRaV1HrwIp8/TVtwvFP2zDet6A/2G8s0tmDP0Ls3pJM1BJHfDnDN5ZY
 xkrJwRO1BwJMeHpDO5Jo7i33Wvb27ORF6x31Lrs7JL/nUdge+we/VLTwElpyyTjU
 3cqpW84Mc2HLyKy3kg8339qVxQTRvWOcXY6A1yQKH/FGL8EuBu6UjfzNsrb3aQsZ
 GzrXaM0lTLTE5dSEodnKnctllJS6u4pW6HSYnaUzAD897L7gNNny/FTYq5N7zWsj
 lssFu93m/2JMY6sc//1u08cG3nPCj3R76Q/MDtG6sWOesbHw1WgPk3YRDF6IVP5R
 FEJxEeEWp/BVAXS9Na4833rDFruyfVfUxOvXkt9sBq2tb/B2dlw7em+agWJ50fQd
 JiQTJLnCJaIu7ee7+r/XtQVtTrIBhWPpB1DlTBJs/DXU4xmKGqtih0hyJD9oNkfn
 3dmfwFruJE/qaV3Y7PEI3dbBZsLY6UrQXED4+FMqD2XaOJqV0KQC35b6nXc1BNnS
 Q8NWToYnaeFAQIfakS3s
 =7MQ0
 -----END PGP SIGNATURE-----

Merge tag 'fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/arm/arm-soc

Pull ARM SoC fixes from Olof Johansson:
 "There's really only one bugfix in this branch, which is a fix for
  timers on the integrator platform.  Since Linus Walleij is
  resurrecting support for the platform it seems valuable to get the fix
  into 3.12 even though the regression has been around a while.

  The rest are a handful of maintainers updates.  If you prefer to hold
  those until 3.13 then just merge the first patch on the branch which
  is the fix"

* tag 'fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/arm/arm-soc:
  MAINTAINERS: Add maintainers entry for Rockchip SoCs
  MAINTAINERS: Tegra updates, and driver ownership
  MAINTAINERS: ARM: mvebu: add Sebastian Hesselbarth
  ARM: integrator: deactivate timer0 on the Integrator/CP
2013-10-25 11:49:23 +01:00
Linus Torvalds
320437af95 Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/s390/linux
Pull s390 fixes from Martin Schwidefsky:
 "Several last minute bug fixes.

  Two of them are on the larger side for rc7, the dasd format patch for
  older storage devices and the store-clock-fast patch where we have
  been to optimistic with an optimization"

* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/s390/linux:
  s390/time: correct use of store clock fast
  s390/vmlogrdr: fix array access in vmlogrdr_open()
  s390/compat,signal: fix return value of copy_siginfo_(to|from)_user32()
  s390/dasd: check for availability of prefix command during format
  s390/mm,kvm: fix software dirty bits vs. kvm for old machines
2013-10-23 08:10:25 +01:00
Linus Torvalds
db10accfd2 Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
Pull networking fixes from David Miller:
 "Sorry I let so much accumulate, I was in Buffalo and wanted a few
  things to cook in my tree for a while before sending to you.  Anyways,
  it's a lot of little things as usual at this stage in the game"

 1) Make bonding MAINTAINERS entry reflect reality, from Andy
    Gospodarek.

 2) Fix accidental sock_put() on timewait mini sockets, from Eric
    Dumazet.

 3) Fix crashes in l2tp due to mis-handling of ipv4 mapped ipv6
    addresses, from François CACHEREUL.

 4) Fix heap overflow in __audit_sockaddr(), from the eagle eyed Dan
    Carpenter.

 5) tcp_shifted_skb() doesn't take handle FINs properly, from Eric
    Dumazet.

 6) SFC driver bug fixes from Ben Hutchings.

 7) Fix TX packet scheduling wedge after channel change in ath9k driver,
    from Felix Fietkau.

 8) Fix user after free in BPF JIT code, from Alexei Starovoitov.

 9) Source address selection test is reversed in
    __ip_route_output_key(), fix from Jiri Benc.

10) VLAN and CAN layer mis-size netlink attributes, from Marc
    Kleine-Budde.

11) Fix permission checks in sysctls to use current_euid() instead of
    current_uid().  From Eric W Biederman.

12) IPSEC policies can go away while a timer is still pending for them,
    add appropriate ref-counting to fix, from Steffen Klassert.

13) Fix mis-programming of FDR and RMCR registers on R8A7740 sh_eth
    chips, from Nguyen Hong Ky and Simon Horman.

14) MLX4 forgets to DMA unmap pages on RX, fix from Amir Vadai.

15) IPV6 GRE tunnel MTU upper limit is miscalculated, from Oussama
    Ghorbel.

16) Fix typo in fq_change(), we were assigning "initial quantum" to
    "quantum".  From Eric Dumazet.

17) Set a more appropriate sk_pacing_rate for non-TCP sockets, otherwise
    FQ packet scheduler does not pace those flows properly.  Also from
    Eric Dumazet.

18) rtlwifi miscalculates packet pointers, from Mark Cave-Ayland.

19) l2tp_xmit_skb() can be called from process context, not just softirq
    context, so we must always make sure to BH disable around it.  From
    Eric Dumazet.

20) On qdisc reset, we forget to purge the RB tree of SKBs in netem
    packet scheduler.  From Stephen Hemminger.

21) Fix info leak in farsync WAN driver ioctl() handler, from Dan
    Carpenter and Salva Peiró.

22) Fix PHY reset and other issues in dm9000 driver, from Nikita
    Kiryanov and Michael Abbott.

23) When hardware can do SCTP crc32 checksums, we accidently don't
    disable the csum offload when IPSEC transformations have been
    applied.  From Fan Du and Vlad Yasevich.

24) Tail loss probing in TCP leaves the socket in the wrong congestion
    avoidance state.  From Yuchung Cheng.

25) In CPSW driver, enable NAPI before interrupts are turned on, from
    Markus Pargmann.

26) Integer underflow and dual-assignment in YAM hamradio driver, from
    Dan Carpenter.

27) If we are going to mangle a packet in tcp_set_skb_tso_segs() we must
    unclone it.  This fixes various hard to track down crashes in
    drivers where the SKBs ->gso_segs was changing right from underneath
    the driver during TX queueing.  From Eric Dumazet.

28) Fix the handling of VLAN IDs, and in particular the special IDs 0
    and 4095, in the bridging layer.  From Toshiaki Makita.

29) Another info leak, this time in wanxl WAN driver, from Salva Peiró.

30) Fix race in socket credential passing, from Daniel Borkmann.

31) WHen NETLABEL is disabled, we don't validate CIPSO packets properly,
    from Seif Mazareeb.

32) Fix identification of fragmented frames in ipv4/ipv6 UDP
    Fragmentation Offload output paths, from Jiri Pirko.

33) Virtual Function fixes in bnx2x driver from Yuval Mintz and Ariel
    Elior.

34) When we removed the explicit neighbour pointer from ipv6 routes a
    slight regression was introduced for users such as IPVS, xt_TEE, and
    raw sockets.  We mix up the users requested destination address with
    the routes assigned nexthop/gateway.  From Julian Anastasov and
    Simon Horman.

35) Fix stack overruns in rt6_probe(), the issue is that can end up
    doing two full packet xmit paths at the same time when emitting
    neighbour discovery messages.  From Hannes Frederic Sowa.

36) davinci_emac driver doesn't handle IFF_ALLMULTI correctly, from
    Mariusz Ceier.

37) Make sure to set TCP sk_pacing_rate after the first legitimate RTT
    sample, from Neal Cardwell.

38) Wrong netlink attribute passed to xfrm_replay_verify_len(), from
    Steffen Klassert.

* git://git.kernel.org/pub/scm/linux/kernel/git/davem/net: (152 commits)
  ax88179_178a: Add VID:DID for Samsung USB Ethernet Adapter
  ax88179_178a: Correct the RX error definition in RX header
  Revert "bridge: only expire the mdb entry when query is received"
  tcp: initialize passive-side sk_pacing_rate after 3WHS
  davinci_emac.c: Fix IFF_ALLMULTI setup
  mac802154: correct a typo in ieee802154_alloc_device() prototype
  ipv6: probe routes asynchronous in rt6_probe
  netfilter: nf_conntrack: fix rt6i_gateway checks for H.323 helper
  ipv6: fill rt6i_gateway with nexthop address
  ipv6: always prefer rt6i_gateway if present
  bnx2x: Set NETIF_F_HIGHDMA unconditionally
  bnx2x: Don't pretend during register dump
  bnx2x: Lock DMAE when used by statistic flow
  bnx2x: Prevent null pointer dereference on error flow
  bnx2x: Fix config when SR-IOV and iSCSI are enabled
  bnx2x: Fix Coalescing configuration
  bnx2x: Unlock VF-PF channel on MAC/VLAN config error
  bnx2x: Prevent an illegal pointer dereference during panic
  bnx2x: Fix Maximum CoS estimation for VFs
  drivers: net: cpsw: fix kernel warn during iperf test with interrupt pacing
  ...
2013-10-23 07:47:42 +01:00
Martin Schwidefsky
8c071b0f19 s390/time: correct use of store clock fast
The result of the store-clock-fast (STCKF) instruction is a bit fuzzy.
It can happen that the value stored on one CPU is smaller than the value
stored on another CPU, although the order of the stores is the other
way around. This can cause deltas of get_tod_clock() values to become
negative when they should not be.

We need to be more careful with store-clock-fast, this patch partially
reverts git commit e4b7b4238e666682555461fa52eecd74652f36bb "time:
always use stckf instead of stck if available". The get_tod_clock()
function now uses the store-clock-extended (STCKE) instruction.
get_tod_clock_fast() can be used if the fuzziness of store-clock-fast
is acceptable e.g. for wait loops local to a CPU.

Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2013-10-22 09:16:40 +02:00
Helge Deller
c1b14041aa parisc: enable DEVTMPFS, DEVTMPFS_MOUNT and BLK_DEV_INITRD in defconfigs
Latest udev requires that DEVTMPFS and DEVTMPFS_MOUNT are enabled, else
initrd will fail to find root filesystem. Enable missing BLK_DEV_INITRD
for B180 and C3000 machines.

Signed-off-by: Helge Deller <deller@gmx.de>
2013-10-19 21:37:52 +02:00
Helge Deller
a446e72bc1 Revert "parisc: Export flush_cache_page() (needed by lustre)"
This reverts commit 320c90be7b.

Christoph Hellwig <hch@infradead.org> commented:
This one shouldn't go in - Geert sent it a bit prematurely, as Lustre
shouldn't use it just to reimplement core VM functionality (which it
shouldn't use either, but that's a separate story).

Signed-off-by: Helge Deller <deller@gmx.de>
2013-10-19 21:37:40 +02:00
Linus Torvalds
9219cec5f2 Merge branch 'x86-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
Pull x86 fixes from Ingo Molnar:
 "Two fixlets:

   - fix a (rare-config) build bug
   - fix a next-gen SGI/UV hw/firmware enumeration bug"

* 'x86-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
  x86: Update UV3 hub revision ID
  x86/microcode: Correct Kconfig dependencies
2013-10-18 12:25:11 -07:00
Linus Torvalds
34ec4de42b Device tree fixes and reverts for v3.12-rc5
One bug fix and three reverts. The reverts back out the slightly
 controversial feeding the entire device tree into the random pool and
 the reserved-memory binding which isn't fully baked yet. Expect the
 reserved-memory patches at least to resurface for v3.13. The bug fixes
 removes a scary but harmless warning on SPARC that was introduced in the
 v3.12 merge window. v3.13 will contain a proper fix that makes the new
 code work on SPARC.
 
 On the plus side, the diffstat looks *awesome*. I love removing lines of code.
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.4.12 (GNU/Linux)
 
 iQEcBAABAgAGBQJSXbO9AAoJEJZcAETA+ZUxuH4IAI/KF71fq0/O7en7GHo6ofcZ
 3nA3fUyYpnjehaqmKDXxix4TUgKTYU1ZP6tn8VfM6fn0QthR2YXPYAqiIaRot3ab
 arCPvJ9N52CU04Ug8dqMPEuFlSqRfTYc0EVPTbdgv8GYWX+rjP4qmOWS13exorai
 hJSRFmbyvwOVvRAl7KtkBPEZ3ri40mfkTrMs61v55GajhaZFyoTQgMMNhboUskI7
 qztWiecw1stlvbfQEoN+BA11ohp5kDf4d5jeTCMNFx81liBbZHYfwWbmwYPCH7/z
 6s4gX6PQeCuygdhQK65q1tYebTmRbFxkuf8P/tO7lEpmR3fKIVBr+oMJff0q9ww=
 =8W6e
 -----END PGP SIGNATURE-----

Merge tag 'devicetree-for-linus' of git://git.secretlab.ca/git/linux

Pull device tree fixes and reverts from Grant Likely:
 "One bug fix and three reverts.  The reverts back out the slightly
  controversial feeding the entire device tree into the random pool and
  the reserved-memory binding which isn't fully baked yet.  Expect the
  reserved-memory patches at least to resurface for v3.13.

  The bug fixes removes a scary but harmless warning on SPARC that was
  introduced in the v3.12 merge window.  v3.13 will contain a proper fix
  that makes the new code work on SPARC.

  On the plus side, the diffstat looks *awesome*.  I love removing lines
  of code"

* tag 'devicetree-for-linus' of git://git.secretlab.ca/git/linux:
  Revert "drivers: of: add initialization code for dma reserved memory"
  Revert "ARM: init: add support for reserved memory defined by device tree"
  Revert "of: Feed entire flattened device tree into the random pool"
  of: fix unnecessary warning on missing /cpus node
2013-10-15 17:14:13 -07:00
Linus Torvalds
ba0a062ef5 Merge branch 'fixes-for-v3.12' of git://git.linaro.org/people/mszyprowski/linux-dma-mapping
Pull DMA-mapping fix from Marek Szyprowski:
 "A bugfix for the IOMMU-based implementation of dma-mapping subsystem
  for ARM architecture"

* 'fixes-for-v3.12' of git://git.linaro.org/people/mszyprowski/linux-dma-mapping:
  ARM: dma-mapping: Always pass proper prot flags to iommu_map()
2013-10-15 17:13:34 -07:00
Linus Torvalds
b83aea88d3 Merge git://git.kernel.org/pub/scm/virt/kvm/kvm
Pull kvm fix from Gleb Natapov.

* git://git.kernel.org/pub/scm/virt/kvm/kvm:
  KVM: Enable pvspinlock after jump_label_init() to avoid VM hang
2013-10-15 16:22:51 -07:00
Linus Torvalds
36704263f1 A small fix for Xen on x86_32 and a build fix for xen-tpmfront on arm64.
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.4.10 (GNU/Linux)
 
 iQIcBAABAgAGBQJSXSSbAAoJEIlPj0hw4a6QkIoQAMe69LtP8x4l7ZfgqT/QxwHK
 COGw+KpPXZPxASpCJO9aTXW/Mr54X9BpC4if6OmpRA6BXyU2sTrp2TIeuPbZCFvg
 DjFy4g6Snd9yvb0FPbIcUbMbUZUWmLA05PstUZV+FNub2l9ie7WWzfjyVNQv/izA
 AJ6J5GDSPxHegoygeBCCrn0Qc5rgN6soxhRDndmVGLxlBNRs71ORojRMGUrWY2X/
 OhxSj97hCXZHZyaQBI2JfuNzmFAVGvdLVN3NGzROKK1u8zKGn1I1kL39OU1QkCHZ
 iUmBeJt7jzetS85XcDxCzcErWs6K6HjFqiSF1tC6GGOtX73oqNqV4weIzNSdO+lc
 tLUGDfJSJdaVB6tNoGsywqx380CHyJi6WjUR21o2RSW8TtsNrzkpqLE0Aqv84tnl
 dyTgykzmpKhtmchjHHO4mGDioCRDYLcok3gol2IRc6P+BYXzHgwvWkH/TWMhvVjK
 IHGTd+cuUqrs7MmuxGZ/kQiqV6OegdFZYrW6E6vulITUMWNPxUaXFBu9njzrMxGt
 2bLeC+xDTi2BW9ihaln+zVUxmHZ2TLq6fHMZ/XTWrwGNNdUhKU/jNIWqC25MxSX8
 vOVnCLvT+AqqSU82ng3JL5LvnZFGlAd/cUdVEdo723xRNz6OgWLbrhi7Pq/OkjIJ
 9VKoA3zX8mgiMl1Wgp9t
 =wJOk
 -----END PGP SIGNATURE-----

Merge tag 'stable/for-linus-3.12-rc4-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/xen/tip

Pull Xen fixes from Stefano Stabellini:
 "A small fix for Xen on x86_32 and a build fix for xen-tpmfront on
  arm64"

* tag 'stable/for-linus-3.12-rc4-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/xen/tip:
  xen: Fix possible user space selector corruption
  tpm: xen-tpmfront: fix missing declaration of xen_domain
2013-10-15 16:22:11 -07:00
Heiko Carstens
0ebfd313fd s390/compat,signal: fix return value of copy_siginfo_(to|from)_user32()
The return value of copy_siginfo_(to|from)_user32() gets passed to
user space, however we do not convert a positive return value from
copy_(to|from)_user to -EFAULT.
Therefore these functions (and the calling system calls) my incorrectly
return a positive number (bytes not copied) instead of -EFAULT.

Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2013-10-15 13:47:59 +02:00
Martin Schwidefsky
af0ebc40a8 s390/mm,kvm: fix software dirty bits vs. kvm for old machines
For machines without enhanced supression on protection the software
dirty bit code forces the pte dirty bit and clears the page protection
bit in pgste_set_pte. This is done for all pte types, the check for
present ptes is missing. As a result swap ptes and other not-present
ptes can get corrupted.
Add a check for the _PAGE_PRESENT bit to pgste_set_pte before modifying
the pte value.

Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2013-10-15 13:47:57 +02:00
Raghavendra K T
3dbef3e3bf KVM: Enable pvspinlock after jump_label_init() to avoid VM hang
We use jump label to enable pv-spinlock. With the changes in (442e0973e9
Merge branch 'x86/jumplabel'), the jump label behaviour has changed
that would result in eventual hang of the VM since we would end up in a
situation where slow path locks would halt the vcpus but we will not be
able to wakeup the vcpu by lock releaser using unlock kick.

Similar problem in Xen and more detailed description is available in
a945928ea2 (xen: Do not enable spinlocks before jump_label_init()
has executed)

This patch splits kvm_spinlock_init to separate jump label changes with
pvops patching and also make jump label enabling after jump_label_init().

Signed-off-by: Raghavendra K T <raghavendra.kt@linux.vnet.ibm.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Steven Rostedt <rostedt@goodmis.org>
Signed-off-by: Gleb Natapov <gleb@redhat.com>
2013-10-15 14:15:54 +03:00
Marek Szyprowski
cebf3e40b0 Revert "ARM: init: add support for reserved memory defined by device tree"
This reverts commit 10bcdfb8ba. There is
no consensus on the bindings for the reserved memory, so the code for
handing it will be reverted.

Signed-off-by: Marek Szyprowski <m.szyprowski@samsung.com>
Signed-off-by: Grant Likely <grant.likely@linaro.org>
2013-10-15 09:25:53 +01:00
Russ Anderson
dd3c9c4b60 x86: Update UV3 hub revision ID
The UV3 hub revision ID is different than expected.  The first
revision was supposed to start at 1 but instead will start at 0.

Signed-off-by: Russ Anderson <rja@sgi.com>
Cc: <stable@kernel.org> # v3.9, v3.10, v3.11
Link: http://lkml.kernel.org/r/20131014161733.GA6274@sgi.com
Signed-off-by: Ingo Molnar <mingo@kernel.org>
2013-10-15 08:44:46 +02:00
Linus Torvalds
d6099aeb4a Merge branch 'fixes' of git://git.linaro.org/people/rmk/linux-arm
Pull ARM fixes from Russell King:
 "Some more ARM fixes, nothing particularly major here.  The biggest
  change is to fix the SMP_ON_UP code so that it works with TI's Aegis
  cores"

* 'fixes' of git://git.linaro.org/people/rmk/linux-arm:
  ARM: 7851/1: check for number of arguments in syscall_get/set_arguments()
  ARM: 7846/1: Update SMP_ON_UP code to detect A9MPCore with 1 CPU devices
  ARM: 7845/1: sharpsl_param.c: fix invalid memory access for pxa devices
  ARM: 7843/1: drop asm/types.h from generic-y
  ARM: 7842/1: MCPM: don't explode if invoked without being initialized first
2013-10-14 10:02:23 -07:00
Borislav Petkov
80030e3d8e x86/microcode: Correct Kconfig dependencies
I have a randconfig here which has enabled only

  CONFIG_MICROCODE=y
  CONFIG_MICROCODE_OLD_INTERFACE=y

with both

  # CONFIG_MICROCODE_INTEL is not set
  # CONFIG_MICROCODE_AMD is not set

off. Which makes building the microcode functionality a little
pointless. Don't do that in such cases then.

Signed-off-by: Borislav Petkov <bp@suse.de>
Link: http://lkml.kernel.org/r/1381682189-14470-1-git-send-email-bp@alien8.de
Signed-off-by: Ingo Molnar <mingo@kernel.org>
2013-10-14 09:24:27 +02:00
Linus Walleij
29114fd7db ARM: integrator: deactivate timer0 on the Integrator/CP
This fixes a long-standing Integrator/CP regression from
commit 870e2928cf
"ARM: integrator-cp: convert use CLKSRC_OF for timer init"

When this code was introduced, the both aliases pointing the
system to use timer1 as primary (clocksource) and timer2
as secondary (clockevent) was ignored, and the system would
simply use the first two timers found as clocksource and
clockevent.

However this made the system timeline accelerate by a
factor x25, as it turns out that the way the clocking
actually works (totally undocumented and found after some
trial-and-error) is that timer0 runs @ 25MHz and timer1
and timer2 runs @ 1MHz. Presumably this divider setting
is a boot-on default and configurable albeit the way to
configure it is not documented.

So as a quick fix to the problem, let's mark timer0 as
disabled, so the code will chose timer1 and timer2 as it
used to.

This also deletes the two aliases for the primary and
secondary timer as they have been superceded by the
auto-selection

Cc: stable@vger.kernel.org
Cc: Rob Herring <rob.herring@calxeda.com>
Cc: Russell King <linux@arm.linux.org.uk>
Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
Signed-off-by: Olof Johansson <olof@lixom.net>
2013-10-13 14:07:21 -07:00
AKASHI Takahiro
3c1532df5c ARM: 7851/1: check for number of arguments in syscall_get/set_arguments()
In ftrace_syscall_enter(),
    syscall_get_arguments(..., 0, n, ...)
        if (i == 0) { <handle ORIG_r0> ...; n--;}
        memcpy(..., n * sizeof(args[0]));
If 'number of arguments(n)' is zero and 'argument index(i)' is also zero in
syscall_get_arguments(), none of arguments should be copied by memcpy().
Otherwise 'n--' can be a big positive number and unexpected amount of data
will be copied. Tracing system calls which take no argument, say sync(void),
may hit this case and eventually make the system corrupted.
This patch fixes the issue both in syscall_get_arguments() and
syscall_set_arguments().

Cc: <stable@vger.kernel.org>
Acked-by: Will Deacon <will.deacon@arm.com>
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Signed-off-by: Will Deacon <will.deacon@arm.com>
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
2013-10-13 18:54:33 +01:00
Linus Torvalds
3552570a21 ARM: SoC fixes for 3.12-rc
A small batch of fixes this week, mostly OMAP related. Nothing stands out
 as particularly controversial.
 
 Also a fix for a 3.12-rc1 timer regression for Exynos platforms, including
 the Chromebooks.
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.4.11 (GNU/Linux)
 
 iQIcBAABAgAGBQJSWs1jAAoJEIwa5zzehBx3OLEQAKQCQxbZ+LatgSK3Usk7I9s8
 BXsAvzb26e1frZBQqN8V2o3Mz7sIDwOLJE9pPMgm/Q63+7+EAGR4S1ZO9fLHk7l8
 vSHm/KJicTFtYZkppjnxyULN9biuhBxXJZUwqqNdrC6rmee/OiE4llKpbgPsU3k0
 ZWLwFiPL6ZLgfezsOQNOP7exC48oex1aRok9glAExmryqsk2Cj6l+o8iV8T7Lpok
 mvdoKnCHfhYX8hB+NBlSpedvCOWMwos10+JuXC5MbpewqE7xpX8zLWuGhB3my33a
 EQPQGvpbi9qhcaXX/Bwe3ybnLDA6yi2GCeRA/5wb7uTxCTR/vWzLYWLDpgV0lcv1
 EunPa79U2qj1mcyUNno0tRkjSCefJy7ruW53h4xRWdrBqUbGWVsZ62JKK7hNJP1V
 5oIdEidFnOfXsPxiBg1o/WtjPk9DelSn9zz82l81Vqew+H9Dj684nssCJRXwUxaB
 X2AT+nlxSskQmhK05ZSn8qejQueV7LeUL17Xh9WNFVDsg7YYqi24npg/6gwpfkzC
 i+Pxvk3UseTyThOoUVGWOZy1aeyLHDQO9VccEzrRZRjWtOfpc/ubYVZpGyvgHOY0
 QSaPfLZxsDPoa8bUY/qKiZP/tSSR4GqUzEB3aLYrvuXhasrR5txHbOQtIMEQR4tQ
 udb80OrLAt/vVl5vhDJh
 =HpMx
 -----END PGP SIGNATURE-----

Merge tag 'fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/arm/arm-soc

Pull ARM SoC fixes from Olof Johansson:
 "A small batch of fixes this week, mostly OMAP related.  Nothing stands
  out as particularly controversial.

  Also a fix for a 3.12-rc1 timer regression for Exynos platforms,
  including the Chromebooks"

* tag 'fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/arm/arm-soc:
  ARM: exynos: dts: Update 5250 arch timer node with clock frequency
  ARM: OMAP2: RX-51: Add missing max_current to rx51_lp5523_led_config
  ARM: mach-omap2: board-generic: fix undefined symbol
  ARM: dts: Fix pinctrl mask for omap3
  ARM: OMAP3: Fix hardware detection for omap3630 when booted with device tree
  ARM: OMAP2: gpmc-onenand: fix sync mode setup with DT
2013-10-13 09:59:10 -07:00
Yuvaraj Kumar C D
4d594dd302 ARM: exynos: dts: Update 5250 arch timer node with clock frequency
Without the "clock-frequency" property in arch timer node, could able
to see the below crash dump.

[<c0014e28>] (unwind_backtrace+0x0/0xf4) from [<c0011808>] (show_stack+0x10/0x14)
[<c0011808>] (show_stack+0x10/0x14) from [<c036ac1c>] (dump_stack+0x7c/0xb0)
[<c036ac1c>] (dump_stack+0x7c/0xb0) from [<c01ab760>] (Ldiv0_64+0x8/0x18)
[<c01ab760>] (Ldiv0_64+0x8/0x18) from [<c0062f60>] (clockevents_config.part.2+0x1c/0x74)
[<c0062f60>] (clockevents_config.part.2+0x1c/0x74) from [<c0062fd8>] (clockevents_config_and_register+0x20/0x2c)
[<c0062fd8>] (clockevents_config_and_register+0x20/0x2c) from [<c02b8e8c>] (arch_timer_setup+0xa8/0x134)
[<c02b8e8c>] (arch_timer_setup+0xa8/0x134) from [<c04b47b4>] (arch_timer_init+0x1f4/0x24c)
[<c04b47b4>] (arch_timer_init+0x1f4/0x24c) from [<c04b40d8>] (clocksource_of_init+0x34/0x58)
[<c04b40d8>] (clocksource_of_init+0x34/0x58) from [<c049ed8c>] (time_init+0x20/0x2c)
[<c049ed8c>] (time_init+0x20/0x2c) from [<c049b95c>] (start_kernel+0x1e0/0x39c)

THis is because the Exynos u-boot, for example on the Chromebooks, doesn't set
up the CNTFRQ register as expected by arch_timer. Instead, we have to specify
the frequency in the device tree like this.

Signed-off-by: Yuvaraj Kumar C D <yuvaraj.cd@samsung.com>
[olof: Changed subject, added comment, elaborated on commit message]
Signed-off-by: Olof Johansson <olof@lixom.net>
2013-10-13 09:33:54 -07:00
Olof Johansson
98ead6e001 Few fixes for omap3 related hangs and errors that people have
noticed now that people are actually using the device tree
 based booting for omap3.
 
 Also one regression fix for timer compile for dra7xx when
 omap5 is not selected, and a LED regression fix for n900.
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.4.14 (GNU/Linux)
 
 iQIcBAABAgAGBQJSVFFqAAoJEBvUPslcq6VzmMwP+wYGQ1a0Dyq/nHvHFbsm8Ny2
 QQJBcz2QqiOUk3gCENl5MJ2CWeKr9vsB9JoC+BAWbaJ2qc20ru/LcT8vrd1bvFFm
 qfvQzdSQubV+6//aTTjWc0pCfNw5ElpfjVztR3NbA6r1x4N3UISsLhLM20UOlq7v
 aS6tIcP66H2haJRX5SIQkow8/zT1/YRZ3w368JDRCUWD+Lj+ceDasgyJVpPkIscV
 q15EFSi4RWboxY6d6u5LkQwdxnX4cBL5/TWD/jHP2OGtDwdpg3aXW9uLrewETXlT
 4OGh7igHe7mBXnUpWgOB5vjElp3i7zN81//hIe7rNys4hj4ED7t71n/qy90EOJWm
 fH2mou/lOmqIXhEB68vOT88BeGlrELBRu6hrA56aem7LWOZKkIRIPEhC2qE/r18l
 YIcBMsNlxxWY0ebmJvmvYCDxUyJpMIxePZ3k1xwybNojbSI0CRGd1qZMQoDWV6Yd
 dbnvs+f0sCy7lOjrg9u/miCZJnc+wrkoKDQUfFiP2gHWQpQyBswOFO76VD7zW4DX
 zLZs4oGml+Tc3LyLlTFdoMKeeW2AmQHKBNEupUzWhL0AjndTTetD4S3YwU8EfAVS
 hPkzT0gI5oum3TypIdCr9Wmobn0tzJGI/rLxe5UJCeVbWpDfwqyccEy1wF/ET4FO
 bVvy4NsDCHOSeDbAi8Xe
 =yVzH
 -----END PGP SIGNATURE-----

Merge tag 'fixes-against-v3.12-rc3-take2' of git://git.kernel.org/pub/scm/linux/kernel/git/tmlind/linux-omap into fixes

From Tony Lindgren:

Few fixes for omap3 related hangs and errors that people have
noticed now that people are actually using the device tree
based booting for omap3.

Also one regression fix for timer compile for dra7xx when
omap5 is not selected, and a LED regression fix for n900.

* tag 'fixes-against-v3.12-rc3-take2' of git://git.kernel.org/pub/scm/linux/kernel/git/tmlind/linux-omap:
  ARM: OMAP2: RX-51: Add missing max_current to rx51_lp5523_led_config
  ARM: mach-omap2: board-generic: fix undefined symbol
  ARM: dts: Fix pinctrl mask for omap3
  ARM: OMAP3: Fix hardware detection for omap3630 when booted with device tree
  ARM: OMAP2: gpmc-onenand: fix sync mode setup with DT

Signed-off-by: Olof Johansson <olof@lixom.net>
2013-10-13 09:33:32 -07:00
Helge Deller
db080f9c53 parisc: let probe_kernel_read() capture access to page zero
Signed-off-by: Helge Deller <deller@gmx.de>
2013-10-13 17:46:31 +02:00
John David Anglin
2d8b22de6e parisc: optimize variable initialization in do_page_fault
The attached change defers the initialization of the variables tsk, mm
and flags until they are needed. As a result, the code won't crash if a
kernel probe is done with a corrupt context and the code will be better
optimized.

Signed-off-by: John David Anglin  <dave.anglin@bell.net>
Signed-off-by: Helge Deller <deller@gmx.de>
2013-10-13 17:45:40 +02:00
Helge Deller
59b33f148c parisc: fix interruption handler to respect pagefault_disable()
Running an "echo t > /proc/sysrq-trigger" crashes the parisc kernel.  The
problem is, that in print_worker_info() we try to read the workqueue info via
the probe_kernel_read() functions which use pagefault_disable() to avoid
crashes like this:
    probe_kernel_read(&pwq, &worker->current_pwq, sizeof(pwq));
    probe_kernel_read(&wq, &pwq->wq, sizeof(wq));
    probe_kernel_read(name, wq->name, sizeof(name) - 1);

The problem here is, that the first probe_kernel_read(&pwq) might return zero
in pwq and as such the following probe_kernel_reads() try to access contents of
the page zero which is read protected and generate a kernel segfault.

With this patch we fix the interruption handler to call parisc_terminate()
directly only if pagefault_disable() was not called (in which case
preempt_count()==0).  Otherwise we hand over to the pagefault handler which
will try to look up the faulting address in the fixup tables.

Signed-off-by: Helge Deller <deller@gmx.de>
Cc: <stable@vger.kernel.org> # v3.0+
Signed-off-by: John David Anglin  <dave.anglin@bell.net>
Signed-off-by: Helge Deller <deller@gmx.de>
2013-10-13 17:45:20 +02:00
Helge Deller
a60ac4b5f0 parisc: mark parisc_terminate() noreturn and cold.
Signed-off-by: Helge Deller <deller@gmx.de>
2013-10-13 17:44:49 +02:00
Helge Deller
ec7c241953 parisc: remove unused syscall_ipi() function.
Signed-off-by: Helge Deller <deller@gmx.de>
2013-10-13 17:44:39 +02:00
Jiang Liu
528d8eb20a parisc: kill SMP single function call interrupt
Commit 9a46ad6d6d "smp: make smp_call_function_many() use logic
similar to smp_call_function_single()" has unified the way to handle
single and multiple cross-CPU function calls. Now only one interrupt
is needed for architecture specific code to support generic SMP function
call interfaces, so kill the redundant single function call interrupt.

Signed-off-by: Jiang Liu <jiang.liu@huawei.com>
Cc: Jiang Liu <liuj97@gmail.com>
Signed-off-by: Helge Deller <deller@gmx.de>
2013-10-13 17:44:29 +02:00
Geert Uytterhoeven
320c90be7b parisc: Export flush_cache_page() (needed by lustre)
ERROR: "flush_cache_page" [drivers/staging/lustre/lustre/libcfs/libcfs.ko] undefined!

Signed-off-by: Geert Uytterhoeven <geert@linux-m68k.org>
Signed-off-by: Helge Deller <deller@gmx.de>
2013-10-13 17:44:17 +02:00
Linus Torvalds
c786e90bb2 Merge branch 'core-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
Pull gcc "asm goto" miscompilation workaround from Ingo Molnar:
 "This is the fix for the GCC miscompilation discussed in the following
  lkml thread:

    [x86] BUG: unable to handle kernel paging request at 00740060

  The bug in GCC has been fixed by Jakub and the fix will be part of the
  GCC 4.8.2 release expected to be released next week - so the quirk's
  version test checks for <= 4.8.1.

  The quirk is only added to compiler-gcc4.h and not to the higher level
  compiler.h because all asm goto uses are behind a feature check"

* 'core-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
  compiler/gcc4: Add quirk for 'asm goto' miscompilation bug
2013-10-12 11:06:18 -07:00
Linus Torvalds
71ac3d1938 Merge branch 'x86-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
Pull x86 fixes from Ingo Molnar:
 "A build fix and a reboot quirk"

* 'x86-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
  x86/reboot: Add reboot quirk for Dell Latitude E5410
  x86, build, pci: Fix PCI_MSI build on !SMP
2013-10-12 10:36:03 -07:00
Linus Torvalds
ccaa8be886 Fix for broken gdb "jump"
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.4.12 (GNU/Linux)
 
 iQIcBAABAgAGBQJSWPNjAAoJEGnX8d3iisJec5sQAKxYMTwgJm41r2WgoBWNdHGr
 syoHIHFT17Rx/4EQ7R9oGxNtWS5l4UpP1fuhPqYGJos1lmwlVuWC1qSGP/5QA7RF
 waQMDh57yMUAKM/M0zMNkwoD40zbNTbO7PS4dNs7sJGVTwY0gWdDPHyCS1cTfm6v
 V8gt6ed92jMIUyacCkH23uEGCEXqb/zc5O4XA/BVhBS5erWcL+RzELkxd5eADupy
 NZiQEZFlaSrh5YxwlvLxNnYLXBM7pRJMU57QjwzVkvZIcyTGEULCXyB3uBu9Du8U
 X976o4xgSA1/TV8Iu1s6hsBmOEIcY+bCBSLyw34vzUfJQtmgw2QBp2M3oTELhqfL
 63it/kaG10eoXxaeD2NOGK6uy0XgOsmVYY9kL0fOY50Y2jW3dLtcyNTqcGLSRnN/
 XvCUzt/lI32R8p5OL1D+qEZs3EdGPfWVoIjx8XQT2s4+gFjc/N2hgCRYGu/UhJCH
 ci4FSvlsfDdHDv1StzSTAi5hJOE5P5lDqYLwN+kmvx84AOkeYNIzF2vg0JJ5NfKB
 bTZvJun0YXS9LojbC6WTL3xlsazs/z1OQoJbpnYo+QJipKRaeMD/HEjghvsouSut
 rFQ6N4uNzQ7Z3J1aPLmWc56IK8lxcwfxU5lhVZSZNj80BGX0l4sXVfHrA0xisjmc
 iF40lyM/pSHMQgIEe1KH
 =bljX
 -----END PGP SIGNATURE-----

Merge tag 'arc-fixes-for-3.12-part3' of git://git.kernel.org/pub/scm/linux/kernel/git/vgupta/arc

Pull ARC fix from Vineet Gupta:
 "Fix for broken gdb 'jump'"

* tag 'arc-fixes-for-3.12-part3' of git://git.kernel.org/pub/scm/linux/kernel/git/vgupta/arc:
  ARC: Ignore ptrace SETREGSET request for synthetic register "stop_pc"
2013-10-12 10:34:14 -07:00
Vineet Gupta
5b24282846 ARC: Ignore ptrace SETREGSET request for synthetic register "stop_pc"
ARCompact TRAP_S insn used for breakpoints, commits before exception is
taken (updating architectural PC). So ptregs->ret contains next-PC and
not the breakpoint PC itself. This is different from other restartable
exceptions such as TLB Miss where ptregs->ret has exact faulting PC.
gdb needs to know exact-PC hence ARC ptrace GETREGSET provides for
@stop_pc which returns ptregs->ret vs. EFA depending on the
situation.

However, writing stop_pc (SETREGSET request), which updates ptregs->ret
doesn't makes sense stop_pc doesn't always correspond to that reg as
described above.

This was not an issue so far since user_regs->ret / user_regs->stop_pc
had same value and both writing to ptregs->ret was OK, needless, but NOT
broken, hence not observed.

With gdb "jump", they diverge, and user_regs->ret updating ptregs is
overwritten immediately with stop_pc, which this patch fixes.

Reported-by: Anton Kolesov <akolesov@synopsys.com>
Signed-off-by: Vineet Gupta <vgupta@synopsys.com>
2013-10-12 12:00:36 +05:30
Linus Torvalds
46f37519cf Merge branch 'upstream' of git://git.linux-mips.org/pub/scm/ralf/upstream-linus
Pull MIPS fix from Ralf Baechle:
 "Just one fix.  The stack protector was loading the value of the canary
  instead of its address"

* 'upstream' of git://git.linux-mips.org/pub/scm/ralf/upstream-linus:
  MIPS: stack protector: Fix per-task canary switch
2013-10-11 11:24:58 -07:00
Ingo Molnar
3f0116c323 compiler/gcc4: Add quirk for 'asm goto' miscompilation bug
Fengguang Wu, Oleg Nesterov and Peter Zijlstra tracked down
a kernel crash to a GCC bug: GCC miscompiles certain 'asm goto'
constructs, as outlined here:

  http://gcc.gnu.org/bugzilla/show_bug.cgi?id=58670

Implement a workaround suggested by Jakub Jelinek.

Reported-and-tested-by: Fengguang Wu <fengguang.wu@intel.com>
Reported-by: Oleg Nesterov <oleg@redhat.com>
Reported-by: Peter Zijlstra <a.p.zijlstra@chello.nl>
Suggested-by: Jakub Jelinek <jakub@redhat.com>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Andrew Morton <akpm@linux-foundation.org>
Cc: <stable@kernel.org>
Signed-off-by: Ingo Molnar <mingo@kernel.org>
2013-10-11 07:39:14 +02:00
Linus Torvalds
2d9d028283 Merge branch 'rc-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/mmarek/kbuild
Pull kbuild fix from Michal Marek:
 "Here is an ARM Makefile fix that you even acked.  After nobody wanted
  to take it, it ended up in the kbuild tree"

* 'rc-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/mmarek/kbuild:
  arm, kbuild: make "make install" not depend on vmlinux
2013-10-10 18:15:23 -07:00
Linus Torvalds
8273548c54 Fixes for 3.12-rc5. Two old PPC bugs and one new (3.12-rc2) x86 bug.
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.4.14 (GNU/Linux)
 
 iQIcBAABAgAGBQJSVndRAAoJEBvWZb6bTYby/SIP/26s8gh/TkTa6eYVXAOIq2PE
 0T2rCN2KYT/huDuoH5SJ1dMUweWwmwaXsZVD8iNVuvbZSIUcC7j6hlPg+IIl7uD4
 EEKFPsCehCumleCsoeyYu14YPFApp8CTbx2nXre2fT3z82bEdFbdAF8i0nwCWsBF
 7yvQYMl/qDhWotNFnn9D9i3VaiJwn4BrQxWsGkSssOr1+YRD7o718qErmqwliECv
 m25QQCr+kX7O5Le9kaQ0LsMMzUWnR63VHsBArXsLP+bKozC2AgyTCku3QVYGk3K3
 uYeen0wbErhZB2JDZq4NUYVltvF0gNoOWwgfRGuOm4ZRfP5g1Paeu1xDDs3TYXkG
 9/fkeJRsFpPm+o783IhZaTwTh8EOIcpSyrAq/mC9fCRYf0u50aKOexjV+Sj0Lsya
 jC9MkGYB6sT3q+XmYKntVqmkemjgr6ku1TLMS7zouR0g8IsnJ9oEKzxE/0PXgIr0
 IkOD6rceSmG8KR5r57GYO1zdCyfaPgKAgAzeifBHnCaWQiX/Id9rO1nk9mzMIa70
 xQw7LcUC0rzN6t+zS236wrfCzDAh/trZep+WTU+98WC4fqxyo8vlPNhEu/In56jw
 mhNTb3UCsPyzUEXDdkeZN/Hy4RZ/WbMAeuh8ZcQzn+grK8h5Rura07B4zKluhjvx
 DLAjE/JmEzfBuhpoXsZn
 =O6an
 -----END PGP SIGNATURE-----

Merge tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm

Pull kvm fixes from Paolo Bonzini:
 "Fixes for 3.12-rc5: two old PPC bugs and one new (3.12-rc2) x86 bug"

* tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm:
  kvm: ppc: booke: check range page invalidation progress on page setup
  KVM: PPC: Book3S HV: Fix typo in saving DSCR
  KVM: nVMX: fix shadow on EPT
2013-10-10 11:33:48 -07:00
Frediano Ziglio
7cde9b27e7 xen: Fix possible user space selector corruption
Due to the way kernel is initialized under Xen is possible that the
ring1 selector used by the kernel for the boot cpu end up to be copied
to userspace leading to segmentation fault in the userspace.

Xen code in the kernel initialize no-boot cpus with correct selectors (ds
and es set to __USER_DS) but the boot one keep the ring1 (passed by Xen).
On task context switch (switch_to) we assume that ds, es and cs already
point to __USER_DS and __KERNEL_CSso these selector are not changed.

If processor is an Intel that support sysenter instruction sysenter/sysexit
is used so ds and es are not restored switching back from kernel to
userspace. In the case the selectors point to a ring1 instead of __USER_DS
the userspace code will crash on first memory access attempt (to be
precise Xen on the emulated iret used to do sysexit will detect and set ds
and es to zero which lead to GPF anyway).

Now if an userspace process call kernel using sysenter and get rescheduled
(for me it happen on a specific init calling wait4) could happen that the
ring1 selector is set to ds and es.

This is quite hard to detect cause after a while these selectors are fixed
(__USER_DS seems sticky).

Bisecting the code commit 7076aada10 appears
to be the first one that have this issue.

Signed-off-by: Frediano Ziglio <frediano.ziglio@citrix.com>
Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com>
2013-10-10 14:39:37 +00:00
Bharat Bhushan
40fde70d0d kvm: ppc: booke: check range page invalidation progress on page setup
When the MM code is invalidating a range of pages, it calls the KVM
kvm_mmu_notifier_invalidate_range_start() notifier function, which calls
kvm_unmap_hva_range(), which arranges to flush all the TLBs for guest pages.
However, the Linux PTEs for the range being flushed are still valid at
that point.  We are not supposed to establish any new references to pages
in the range until the ...range_end() notifier gets called.
The PPC-specific KVM code doesn't get any explicit notification of that;
instead, we are supposed to use mmu_notifier_retry() to test whether we
are or have been inside a range flush notifier pair while we have been
referencing a page.

This patch calls the mmu_notifier_retry() while mapping the guest
page to ensure we are not referencing a page when in range invalidation.

This call is inside a region locked with kvm->mmu_lock, which is the
same lock that is called by the KVM MMU notifier functions, thus
ensuring that no new notification can proceed while we are in the
locked region.

Signed-off-by: Bharat Bhushan <bharat.bhushan@freescale.com>
Acked-by: Alexander Graf <agraf@suse.de>
[Backported to 3.12 - Paolo]
Reviewed-by: Bharat Bhushan <bharat.bhushan@freescale.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-10-10 11:40:08 +02:00
Paul Mackerras
cfc860253a KVM: PPC: Book3S HV: Fix typo in saving DSCR
This fixes a typo in the code that saves the guest DSCR (Data Stream
Control Register) into the kvm_vcpu_arch struct on guest exit.  The
effect of the typo was that the DSCR value was saved in the wrong place,
so changes to the DSCR by the guest didn't persist across guest exit
and entry, and some host kernel memory got corrupted.

Cc: stable@vger.kernel.org [v3.1+]
Signed-off-by: Paul Mackerras <paulus@samba.org>
Acked-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-10-10 11:40:07 +02:00
Gleb Natapov
d0d538b9d1 KVM: nVMX: fix shadow on EPT
72f857950f broke shadow on EPT. This patch reverts it and fixes PAE
on nEPT (which reverted commit fixed) in other way.

Shadow on EPT is now broken because while L1 builds shadow page table
for L2 (which is PAE while L2 is in real mode) it never loads L2's
GUEST_PDPTR[0-3].  They do not need to be loaded because without nested
virtualization HW does this during guest entry if EPT is disabled,
but in our case L0 emulates L2's vmentry while EPT is enables, so we
cannot rely on vmcs12->guest_pdptr[0-3] to contain up-to-date values
and need to re-read PDPTEs from L2 memory. This is what kvm_set_cr3()
is doing, but by clearing cache bits during L2 vmentry we drop values
that kvm_set_cr3() read from memory.

So why the same code does not work for PAE on nEPT? kvm_set_cr3()
reads pdptes into vcpu->arch.walk_mmu->pdptrs[]. walk_mmu points to
vcpu->arch.nested_mmu while nested guest is running, but ept_load_pdptrs()
uses vcpu->arch.mmu which contain incorrect values. Fix that by using
walk_mmu in ept_(load|save)_pdptrs.

Signed-off-by: Gleb Natapov <gleb@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Tested-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-10-10 11:39:57 +02:00
Pali Rohár
d1f1ca36b5 ARM: OMAP2: RX-51: Add missing max_current to rx51_lp5523_led_config
File drivers/leds/leds-lp55xx-common.c refuse to change led_current sysfs
attribute if value is higher than max_current specified in board file. By default
global C variables are zero, so changing always failed. This patch adding missing
max_current and setting it to max safe value 100 (10 mA).

It is unclear which commit exactly caused this regression as the lp5523
driver was broken and was hiding the platform data breakage. Now
the driver is fixed so this should be fixed as well.

Signed-off-by: Pali Rohár <pali.rohar@gmail.com>
Signed-off-by: Joerg Reisenweber <joerg@openmoko.org>
[tony@atomide.com: updated comments to describe regression]
Signed-off-by: Tony Lindgren <tony@atomide.com>
2013-10-08 11:22:43 -07:00
Simon Barth
0b8214fe18 ARM: mach-omap2: board-generic: fix undefined symbol
Since dra7 reuses the  function 'omap5_realtime_timer_init' in
arch/arm/mach-omap2/board-generic.c as timer init function, it has to be
built for this SoC as well.

Signed-off-by: Simon Barth <Simon.Pe.Barth@gmail.com>
Signed-off-by: Tony Lindgren <tony@atomide.com>
2013-10-08 10:40:36 -07:00
Tony Lindgren
d623a0e19d ARM: dts: Fix pinctrl mask for omap3
The wake-up interrupt bit is available on omap3/4/5 processors
unlike what we claim. Without fixing it we cannot use it on
omap3 and the system configured for wake-up events will just
hang on wake-up.

Cc: Grygorii Strashko <grygorii.strashko@ti.com>
Cc: Benoît Cousson <bcousson@baylibre.com>
Cc: devicetree@vger.kernel.org
Signed-off-by: Tony Lindgren <tony@atomide.com>
2013-10-08 10:37:29 -07:00
Nishanth Menon
016c12d2fb ARM: OMAP3: Fix hardware detection for omap3630 when booted with device tree
SoC family definitions at the moment are reactive to board needs
as a result, beagle-xm would matchup with ti,omap3 which invokes
omap3430_init_early instead of omap3630_init_early. Obviously, this is
the wrong behavior.

With clock node dts conversion, we get the following warnings before
system hangs as a result and 3630 based platforms fails to boot
(uart4 clocks are only present in OMAP3630 and not present in
OMAP3430):

...
omap_hwmod: uart4: cannot clk_get main_clk uart4_fck
omap_hwmod: uart4: cannot _init_clocks

WARNING: CPU: 0 PID: 1 at arch/arm/mach-omap2/omap_hwmod.c:2434
_init+0x6c/0x80()
omap_hwmod: uart4: couldn't init clocks
...

WARNING: CPU: 0 PID: 1 at arch/arm/mach-omap2/omap_hwmod.c:2126
_enable+0x254/0x280()
omap_hwmod: timer12: enabled state can only be entered from
initialized, idle, or disabled state
...

WARNING: CPU: 0 PID: 46 at arch/arm/mach-omap2/omap_hwmod.c:2224
_idle+0xd4/0xf8()
omap_hwmod: timer12: idle state can only be entered from enabled state

WARNING: CPU: 0 PID: 1 at arch/arm/mach-omap2/omap_hwmod.c:2126
_enable+0x254/0x280()
omap_hwmod: uart4: enabled state can only be entered from
initialized, idle, or disabled state

So, add specific compatiblity for 3630 to allow match for Beagle-XM
platform.

Signed-off-by: Nishanth Menon <nm@ti.com>
[tony@atomide.com: left out ti,omap343x, updated comments]
Signed-off-by: Tony Lindgren <tony@atomide.com>
2013-10-08 10:32:24 -07:00
Linus Torvalds
0e7a3ed04f Merge branch 'perf-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
Pull perf fixes from Ingo Molnar:
 "Various fixlets:

  On the kernel side:

   - fix a race
   - fix a bug in the handling of the perf ring-buffer data page

  On the tooling side:

   - fix the handling of certain corrupted perf.data files
   - fix a bug in 'perf probe'
   - fix a bug in 'perf record + perf sched'
   - fix a bug in 'make install'
   - fix a bug in libaudit feature-detection on certain distros"

* 'perf-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
  perf session: Fix infinite loop on invalid perf.data file
  perf tools: Fix installation of libexec components
  perf probe: Fix to find line information for probe list
  perf tools: Fix libaudit test
  perf stat: Set child_pid after perf_evlist__prepare_workload()
  perf tools: Add default handler for mmap2 events
  perf/x86: Clean up cap_user_time* setting
  perf: Fix perf_pmu_migrate_context
2013-10-08 09:23:12 -07:00
Benjamin Herrenschmidt
8b5ede69d2 powerpc/irq: Don't switch to irq stack from softirq stack
irq_exit() is now called on the irq stack, which can trigger a switch to
the softirq stack from the irq stack.  If an interrupt happens at that
point, we will not properly detect the re-entrancy and clobber the
original return context on the irq stack.

This fixes it.  The side effect is to prevent all nesting from softirq
stack to irq stack even in the "safe" case but it's simpler that way and
matches what x86_64 does.

Reported-by: Cédric Le Goater <clg@fr.ibm.com>
Tested-by: Cédric Le Goater <clg@fr.ibm.com>
Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2013-10-07 14:19:39 -07:00
Alexei Starovoitov
d45ed4a4e3 net: fix unsafe set_memory_rw from softirq
on x86 system with net.core.bpf_jit_enable = 1

sudo tcpdump -i eth1 'tcp port 22'

causes the warning:
[   56.766097]  Possible unsafe locking scenario:
[   56.766097]
[   56.780146]        CPU0
[   56.786807]        ----
[   56.793188]   lock(&(&vb->lock)->rlock);
[   56.799593]   <Interrupt>
[   56.805889]     lock(&(&vb->lock)->rlock);
[   56.812266]
[   56.812266]  *** DEADLOCK ***
[   56.812266]
[   56.830670] 1 lock held by ksoftirqd/1/13:
[   56.836838]  #0:  (rcu_read_lock){.+.+..}, at: [<ffffffff8118f44c>] vm_unmap_aliases+0x8c/0x380
[   56.849757]
[   56.849757] stack backtrace:
[   56.862194] CPU: 1 PID: 13 Comm: ksoftirqd/1 Not tainted 3.12.0-rc3+ #45
[   56.868721] Hardware name: System manufacturer System Product Name/P8Z77 WS, BIOS 3007 07/26/2012
[   56.882004]  ffffffff821944c0 ffff88080bbdb8c8 ffffffff8175a145 0000000000000007
[   56.895630]  ffff88080bbd5f40 ffff88080bbdb928 ffffffff81755b14 0000000000000001
[   56.909313]  ffff880800000001 ffff880800000000 ffffffff8101178f 0000000000000001
[   56.923006] Call Trace:
[   56.929532]  [<ffffffff8175a145>] dump_stack+0x55/0x76
[   56.936067]  [<ffffffff81755b14>] print_usage_bug+0x1f7/0x208
[   56.942445]  [<ffffffff8101178f>] ? save_stack_trace+0x2f/0x50
[   56.948932]  [<ffffffff810cc0a0>] ? check_usage_backwards+0x150/0x150
[   56.955470]  [<ffffffff810ccb52>] mark_lock+0x282/0x2c0
[   56.961945]  [<ffffffff810ccfed>] __lock_acquire+0x45d/0x1d50
[   56.968474]  [<ffffffff810cce6e>] ? __lock_acquire+0x2de/0x1d50
[   56.975140]  [<ffffffff81393bf5>] ? cpumask_next_and+0x55/0x90
[   56.981942]  [<ffffffff810cef72>] lock_acquire+0x92/0x1d0
[   56.988745]  [<ffffffff8118f52a>] ? vm_unmap_aliases+0x16a/0x380
[   56.995619]  [<ffffffff817628f1>] _raw_spin_lock+0x41/0x50
[   57.002493]  [<ffffffff8118f52a>] ? vm_unmap_aliases+0x16a/0x380
[   57.009447]  [<ffffffff8118f52a>] vm_unmap_aliases+0x16a/0x380
[   57.016477]  [<ffffffff8118f44c>] ? vm_unmap_aliases+0x8c/0x380
[   57.023607]  [<ffffffff810436b0>] change_page_attr_set_clr+0xc0/0x460
[   57.030818]  [<ffffffff810cfb8d>] ? trace_hardirqs_on+0xd/0x10
[   57.037896]  [<ffffffff811a8330>] ? kmem_cache_free+0xb0/0x2b0
[   57.044789]  [<ffffffff811b59c3>] ? free_object_rcu+0x93/0xa0
[   57.051720]  [<ffffffff81043d9f>] set_memory_rw+0x2f/0x40
[   57.058727]  [<ffffffff8104e17c>] bpf_jit_free+0x2c/0x40
[   57.065577]  [<ffffffff81642cba>] sk_filter_release_rcu+0x1a/0x30
[   57.072338]  [<ffffffff811108e2>] rcu_process_callbacks+0x202/0x7c0
[   57.078962]  [<ffffffff81057f17>] __do_softirq+0xf7/0x3f0
[   57.085373]  [<ffffffff81058245>] run_ksoftirqd+0x35/0x70

cannot reuse jited filter memory, since it's readonly,
so use original bpf insns memory to hold work_struct

defer kfree of sk_filter until jit completed freeing

tested on x86_64 and i386

Signed-off-by: Alexei Starovoitov <ast@plumgrid.com>
Acked-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2013-10-07 15:16:45 -04:00