When invoking syscall handlers on sh32, the saved userspace registers
are at the top of the stack. This seems to have been intentional, as it
is an easy way to pass r0, r1, ... to the handler as parameters 5, 6,
...
It causes problems, however, because the compiler is allowed to generate
code for a function which clobbers that function's own parameters. For
example, gcc generates the following code for clone:
<SyS_clone>:
mov.l 8c020714 <SyS_clone+0xc>,r1 ! 8c020540 <do_fork>
mov.l r7,@r15
mov r6,r7
jmp @r1
mov #0,r6
nop
.word 0x0540
.word 0x8c02
The `mov.l r7,@r15` clobbers the saved value of r0 passed from
userspace. For most system calls, this might not be a problem, because
we'll be overwriting r0 with the return value anyway. But in the case
of clone, copy_thread will need the original value of r0 if the
CLONE_SETTLS flag was specified.
The first patch in this series fixes this issue for system calls by
pushing to the stack and extra copy of r0-r2 before invoking the
handler. We discard this copy before restoring the userspace registers,
so it is not a problem if they are clobbered.
Exception handlers also receive the userspace register values in a
similar manner, and may hit the same problem. The second patch removes
the do_fpu_error handler, which looks susceptible to this problem and
which, as far as I can tell, has not been used in some time. The third
patch addresses other exception handlers.
This patch (of 3):
The userspace registers are stored at the top of the stack when the
syscall handler is invoked, which allows r0-r2 to act as parameters 5-7.
Parameters passed on the stack may be clobbered by the syscall handler.
The solution is to push an extra copy of the registers which might be
used as syscall parameters to the stack, so that the authoritative set
of saved register values does not get clobbered.
A few system call handlers are also updated to get the userspace
registers using current_pt_regs() instead of from the stack.
Signed-off-by: Bobby Bingham <koorogi@koorogi.info>
Cc: Paul Mundt <paul.mundt@gmail.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
As Al notes, we missed a TIF_NOTIFY_RESUME check which caused any
handlers without TIF_SIGPENDING also set to skip the notification:
Looks like while it is in the relevant masks *and* checked in
do_notify_resume() both on 32bit and 64bit variants since commit
ab99c733ae ("sh: Make syscall tracer
use tracehook notifiers, add TIF_NOTIFY_RESUME.") they are
actually *not* reached without simulataneous SIGPENDING, since
the actual glue in the callers had not been updated back then and
still checks for _TIF_SIGPENDING alone when deciding whether to
hit do_notify_resume() or not.
Reported-by: Nobuhiro Iwamatsu <nobuhiro.iwamatsu.yj@renesas.com>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Tested-by: Nobuhiro Iwamatsu <nobuhiro.iwamatsu.yj@renesas.com>
Signed-off-by: Paul Mundt <lethal@linux-sh.org>
do_notify_resume() can trigger the freezer via the try_to_freeze() path
(both explicitly through a redundant call in do_signal() or via
get_signal_to_deliver()). That IRQs were disabled across this callsite
became apparent with the might_sleep() introduction in try_to_freeze() by
Tejun in a0acae0e88, resulting in:
BUG: sleeping function called from invalid context at include/linux/freezer.h:45
in_atomic(): 0, irqs_disabled(): 1, pid: 819, name: ntpd
no locks held by ntpd/819.
Stack: (0x9c81be80 to 0x9c81c000)
...
Signed-off-by: Paul Mundt <lethal@linux-sh.org>
The address that ret_from_exception and ret_from_irq will return to is
found in the stack slot for SPC, not PR. This error was causing the
DWARF unwinder to pick up the wrong return address on the stack and then
unwind using the unwind tables for the wrong function.
While I'm here I might as well add CFI annotations for the other
registers since they could be useful when unwinding.
Signed-off-by: Matt Fleming <matt@console-pimps.org>
Signed-off-by: Paul Mundt <lethal@linux-sh.org>
Replace TIF_RESTORE_SIGMASK with TS_RESTORE_SIGMASK and define our own
set_restore_sigmask() function. This saves the costly SMP-safe set_bit
operation, which we do not need for the sigmask flag since TIF_SIGPENDING
always has to be set too.
Based on the x86 and powerpc change.
Signed-off-by: Paul Mundt <lethal@linux-sh.org>
The resume_userspace path had TRACE_IRQS_OFF written incorrectly and so
never handled the transition properly. This was fixed once before but
seems to have made it back in the tree. Fix it for good.
Signed-off-by: Paul Mundt <lethal@linux-sh.org>
The SH instruction set has several instructions which accept an 8 bit
immediate operand. For logical instructions this operand is zero extended,
for arithmetic instructions the operand is sign extended. After adding an
option to the assembler to check this, it was found that several pieces
of assembly code were assuming this behaviour, and in one case
getting it wrong.
So this patch explicitly sign extends any immediate operands, which makes
it obvious what is happening, and fixes the one case which got it wrong.
Signed-off-by: Stuart Menefy <stuart.menefy@st.com>
Signed-off-by: Paul Mundt <lethal@linux-sh.org>
save_regs contains an SR modification without an irqflags annotation,
which resulted in a missing TRACE_IRQS_OFF in the interrupt exception
path on SH-3/SH4.
I've also moved the TRACE_IRQS_OFF/ON annotation when returning from the
interrupt to just before we call __restore_all. This seems like the most
logical place to put this because the annotation is for when we restore
the SR register so we should delay the annotation until as last as
possible.
We were also missing a TRACE_IRQS_OFF in resume_kernel when
CONFIG_PREEMPT is enabled.
The end result is that this fixes up the lockdep engine debugging support
with CONFIG_PREEMPT enabled on all SH-3/4 parts.
Signed-off-by: Matt Fleming <matt@console-pimps.org>
Signed-off-by: Paul Mundt <lethal@linux-sh.org>
Annotate various assembly code paths with CFI assembler directives so
that DWARF unwind info is available for the unwinder.
Signed-off-by: Matt Fleming <matt@console-pimps.org>
Signed-off-by: Paul Mundt <lethal@linux-sh.org>
In order to use DWARF unwinder info the frame register has to contain a
valid value. Whilst GCC takes care of this for C code, we have to do it
ourselves for assembly.
Signed-off-by: Matt Fleming <matt@console-pimps.org>
Signed-off-by: Paul Mundt <lethal@linux-sh.org>
This cleans up the irqflags tracing code quite a bit and ties it
in to various missing callsites that caused an imbalance when
CONFIG_PROVE_LOCKING was enabled.
Previously this was catching on:
987 #ifdef CONFIG_PROVE_LOCKING
988 DEBUG_LOCKS_WARN_ON(!p->hardirqs_enabled);
989 DEBUG_LOCKS_WARN_ON(!p->softirqs_enabled);
990 #endif
991 retval = -EAGAIN;
with hardirqs being doubly enabled, and subsequently bailing out
with the following call trace:
Call trace:
[<88035224>] __lock_acquire+0x616/0x6a6
[<88015a8c>] do_fork+0xf8/0x2b0
[<880331ec>] trace_hardirqs_on_caller+0xd4/0x114
[<88241074>] _spin_unlock_irq+0x20/0x64
[<88035224>] __lock_acquire+0x616/0x6a6
[<8800386c>] kernel_thread+0x48/0x70
[<88024ecc>] ____call_usermodehelper+0x0/0x110
[<88024ecc>] ____call_usermodehelper+0x0/0x110
[<88003894>] kernel_thread_helper+0x0/0x14
[<88024bac>] __call_usermodehelper+0x38/0x70
[<88025dc0>] worker_thread+0x150/0x274
[<88035b9c>] lock_release+0x0/0x198
[<88024b74>] __call_usermodehelper+0x0/0x70
[<88028cf0>] autoremove_wake_function+0x0/0x30
[<88028bf2>] kthread+0x3e/0x70
[<88025c70>] worker_thread+0x0/0x274
[<8800389c>] kernel_thread_helper+0x8/0x14
[<88028bb4>] kthread+0x0/0x70
[<88003894>] kernel_thread_helper+0x0/0x14
Reported-by: Nobuhiro Iwamatsu <iwamatsu.nobuhiro@renesas.com>
Signed-off-by: Stuart Menefy <stuart.menefy@st.com>
Signed-off-by: Matt Fleming <matt@console-pimps.org>
Signed-off-by: Paul Mundt <lethal@linux-sh.org>
Now that I've added TIF_SYSCALL_FTRACE the thread flags do not fit into
a single byte any more. Code testing them now needs to be aware of the
upper and lower bytes.
Signed-off-by: Matt Fleming <matt@console-pimps.org>
Signed-off-by: Paul Mundt <lethal@linux-sh.org>
This migrates from the old bitrotted kgdb stub implementation and moves
to the generic stub. In the process support for SH-2/SH-2A is also added,
which the old stub never provided.
Signed-off-by: Paul Mundt <lethal@linux-sh.org>
This adds support for ftrace to SH. This only includes CONFIG_FTRACE,
and does not handle dynamic ftrace presently.
Signed-off-by: Paul Mundt <lethal@linux-sh.org>
This patch fixes a problem within the SH implementation of resume_kernel code,
that implements in assembly the bulk of preempt_schedule_irq function without
taking care of the extra code needed to handle the BKL preemptible.
The patch basically consists of removing this asm code and calling the common
C implementation (see kernel/sched.c) as other archs do.
Another change is the missing 'cli' macro invocation at the beginning of
the resume_kernel.
Signed-off-by: Giuseppe Cavallaro <peppe.cavallaro@st.com>
Signed-off-by: Carmelo Amoroso <carmelo.amoroso@st.com>
Signed-off-by: Paul Mundt <lethal@linux-sh.org>
This follows the changes in commits:
7d6d637dac4f72c4279e
on powerpc. Adding in TIF_NOTIFY_RESUME, and cleaning up the syscall
tracing to be more generic. This is an incremental step to turning
on tracehook, as well as unifying more of the ptrace and signal code
across the 32/64 split.
Signed-off-by: Paul Mundt <lethal@linux-sh.org>
Without this patch, signals sent during architecture specific signal
handling (typically as a result of the user's stack being inaccessible)
are ignored.
This is the SH version of commit c3ff8ec31c
which was for the i386.
Signed-off-by: Stuart Menefy <stuart.menefy@st.com>
Signed-off-by: Paul Mundt <lethal@linux-sh.org>
There are a few different types of debug trap exceptions, though now
that they are all going through a special jump table, the restorer needs
to be unified as well.
Presently this is falling through the ret_from_fork path, which more or
less does the right thing on SH-3/4 whilst being completely unsuitable on
MMU-less targets.
Ultimately what we want here is a branch through the platform's
restore_all directly, without worrying about the retval being clobbered.
We can accomplish that through a branch to __restore_all directly, so
switch it so we come back from the jump table and branch to the restorer.
This fixes up a recursion in the nommu WARN_ON() path, as well as some
other userspace nastiness where said recursion caused serious stack
corruption.
Signed-off-by: Paul Mundt <lethal@linux-sh.org>
Entry to resume_userspace expects r8 to contain current_thread_info,
which happens in all paths except for syscall_badsys, where r8 was
being inadvertently trampled. Reload it before the branch.
Signed-off-by: Hideo Saito <saito@densan.co.jp>
Signed-off-by: Paul Mundt <lethal@linux-sh.org>
This implements kernel-level atomic rollback built on top of gUSA,
as an alternative non-IRQ based atomicity method. This is generally
a faster method for platforms that are lacking the LL/SC pairs that
SH-4A and later use, and is only supportable on legacy cores.
Signed-off-by: Stuart Menefy <stuart.menefy@st.com>
Signed-off-by: Paul Mundt <lethal@linux-sh.org>
This conditionalizes gUSA support. gUSA is not supported on
SMP configurations, and it's not necessary there anyways due
to having other atomicity options (ie, movli.l/movco.l).
Anything implementing the LL/SC semantics (all SH-4A CPUs)
can switch to userspace atomicity implementations without
requiring gUSA. This is left default-enabled on all UP so
that glibc doesn't break.
Those that know what they are doing can disable this explicitly.
Signed-off-by: Paul Mundt <lethal@linux-sh.org>
This takes care of tearing down the UBC so it's not inadvertently
left configured at the next context switch time. Failure to do
this results in spurious SIGTRAPs in certain debug sequences.
Signed-off-by: Stuart Menefy <stuart.menefy@st.com>
Signed-off-by: Paul Mundt <lethal@linux-sh.org>
This rips out most of the needlessly complicated sh_bios and kgdb
trap handling, and forces it all through a common fast dispatch path.
As more debug traps are inserted, it's important to keep them in sync
for all of the parts, not just SH-3/4.
As the SH-2 parts are unable to do traps in the >= 0x40 range, we
restrict the debug traps to the 0x30-0x3f range on all parts, and
also bump the kgdb breakpoint trap down in to this range (from 0xff
to 0x3c) so it's possible to use for nommu.
Optionally, this table can be padded out to catch spurious traps for
SH-3/4, but we don't do that yet..
Signed-off-by: Paul Mundt <lethal@linux-sh.org>
This was inadvertently broken when the entry.S code split up,
restore the missing branch and get subsequent traps working
under debug again. This manifested itself as a lockup when
attempting to reload the VBR base.
Signed-off-by: Paul Mundt <lethal@linux-sh.org>
The implementation of system call tracing in the kernel has a
couple of ordering problems:
- the validity of the system call number is checked before
calling out to system call tracing code, and should be
done after
- the system call number used when tracing is the one the
system call was invoked with, while the system call tracing
code can legitimatly change the call number (for example
strace permutes fork into clone)
This patch fixes both of these problems, and also reoders the
code slightly to make the direct path through the code the
common case.
Signed-off-by: Stuart Menefy <stuart.menefy@st.com>
Signed-off-by: Paul Mundt <lethal@linux-sh.org>
This splits out common bits from the existing exception handler for
use between SH-2/SH-2A and SH-3/4, and adds support for the SH-2/2A
exceptions.
Signed-off-by: Yoshinori Sato <ysato@users.sourceforge.jp>
Signed-off-by: Paul Mundt <lethal@linux-sh.org>
