Commit Graph

451 Commits

Author SHA1 Message Date
Vineet Gupta
daaf40e53b ARC: unbork !LLSC build
Fixes: f7d11e93ee locking,arch,arc: Fold atomic_ops
Cc: <stable@kernel.vger.org> # 3.18
Signed-off-by: Vineet Gupta <vgupta@synopsys.com>
2015-05-10 12:06:57 +05:30
Linus Torvalds
c76397e930 ARC changes for 4.1-rc1:
- perf fixes/improvements
 - miscll cleanups
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIcBAABAgAGBQJVOHi0AAoJEGnX8d3iisJe/LEP/0CZi32TvcLZks0d/euGUjrQ
 izY3/acjuCiBXTIXpEgbe7qikUgNUTuJjyXN4BCrwsjQ1diFt2v9/iH3bh/iNFMm
 s0Ykq2SW5T/owKSOOqpf7lPdFkuitogITnjZIF85kMQczzGDVz6FGj16UQ9jDdsK
 rxb21QBkyywBwh3usWZtV2DM8UGjnjWWV7mO9rJR1bl7BVJ9vnUU4pD6TDUnC+mx
 np+tqJAQ0GpXrXeZRjLYY2VlrWmj29//yZcOrAwhQpz6cSMa4IaIaD516AOY1ybo
 UOiepa6B9+rpXdKhM6+CQ564ga5S/lsldnPK3IQyrV3fzBG65BBWHysowGiGXMeo
 kzkiBMMnnxh1Xg74yn4WTeSHMIdQ8ilXi6zrewvQC7jvsvHGLF+rJ+75GNOeYzaV
 eK9dKAzsxvPpE23OknK/oLO9nVu+nxvllCWXobkASTwdzjKLj8csmUvVJbuy/hH+
 C6KSuVwuNXU7SBWvqJGdH6Iv0acZaueM32B8zkQ2d89ZDHRCLBLRq4vkhoKIJ8u4
 rm3ZUwn+TyXlO/RY7pr2tDUb9dsVx/qxGiFvow+o73jA1XMgEp60RpmgesK32mis
 veTeuplmq+I7ZjPyuHCWvSTM9nRXNSdCm2WIxirGliFzKbUIqouhondA076J9eU2
 AkCgh2TPG5h1SLTl/7Cs
 =No6A
 -----END PGP SIGNATURE-----

Merge tag 'arc-4.1-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/vgupta/arc

Pull ARC updates from Vineet Gupta:

 - perf fixes/improvements

 - misc cleanups

* tag 'arc-4.1-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/vgupta/arc:
  ARC: perf: don't add code for impossible case
  ARC: perf: Rename DT binding to not confuse with power mgmt
  ARC: perf: add user space attribution in callchains
  ARC: perf: Add kernel callchain support
  ARC: perf: support cache hit/miss ratio
  ARC: perf: Add some comments/debug stuff
  ARC: perf: make @arc_pmu static global
  ARC: mem init spring cleaning - No functional changes
  ARC: Fix RTT boot printing
  ARC: fold __builtin_constant_p() into test_bit()
  ARC: rename unhandled exception handler
  ARC: cosmetic: Remove unused ECR bitfield masks
  ARC: Fix WRITE_BCR
  ARC: [nsimosci] Update defconfig
  arc: copy_thread(): rename 'arg' argument to 'kthread_arg'
2015-04-24 07:55:54 -07:00
Vineet Gupta
d8f6ad85cb ARC: perf: don't add code for impossible case
Signed-off-by: Vineet Gupta <vgupta@synopsys.com>
2015-04-20 18:27:55 +05:30
Vineet Gupta
30fdd373f2 ARC: perf: Rename DT binding to not confuse with power mgmt
Signed-off-by: Vineet Gupta <vgupta@synopsys.com>
2015-04-20 18:27:36 +05:30
Vineet Gupta
22f6b89912 ARC: perf: add user space attribution in callchains
The actual user space unwinding is more involved, so simply capture the
user space PC

Signed-off-by: Vineet Gupta <vgupta@synopsys.com>
2015-04-20 18:27:35 +05:30
Vineet Gupta
389e3160b9 ARC: perf: Add kernel callchain support
Signed-off-by: Mischa Jonker <mjonker@synopsys.com>
Signed-off-by: Vineet Gupta <vgupta@synopsys.com>
2015-04-20 18:27:35 +05:30
Vineet Gupta
0a8a476793 ARC: perf: support cache hit/miss ratio
Signed-off-by: Vineet Gupta <vgupta@synopsys.com>
2015-04-20 18:27:34 +05:30
Vineet Gupta
bde80c237e ARC: perf: Add some comments/debug stuff
Signed-off-by: Vineet Gupta <vgupta@synopsys.com>
2015-04-20 18:27:30 +05:30
Vineet Gupta
03c94fcf95 ARC: perf: make @arc_pmu static global
Signed-off-by: Vineet Gupta <vgupta@synopsys.com>
2015-04-20 17:21:17 +05:30
Davidlohr Bueso
be2a7fce39 arc: do not export symbols in troubleshoot.c
print_task_path_n_nm() is local to this file, its only user being
show_regs().  Mark the function static and avoid the EXPORT_SYMBOL.

Signed-off-by: Davidlohr Bueso <dbueso@suse.de>
Acked-by: Vineet Gupta <vgupta@synoipsys.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2015-04-17 09:04:09 -04:00
Linus Torvalds
fa2e5c073a Merge branch 'exec_domain_rip_v2' of git://git.kernel.org/pub/scm/linux/kernel/git/rw/misc
Pull exec domain removal from Richard Weinberger:
 "This series removes execution domain support from Linux.

  The idea behind exec domains was to support different ABIs.  The
  feature was never complete nor stable.  Let's rip it out and make the
  kernel signal handling code less complicated"

* 'exec_domain_rip_v2' of git://git.kernel.org/pub/scm/linux/kernel/git/rw/misc: (27 commits)
  arm64: Removed unused variable
  sparc: Fix execution domain removal
  Remove rest of exec domains.
  arch: Remove exec_domain from remaining archs
  arc: Remove signal translation and exec_domain
  xtensa: Remove signal translation and exec_domain
  xtensa: Autogenerate offsets in struct thread_info
  x86: Remove signal translation and exec_domain
  unicore32: Remove signal translation and exec_domain
  um: Remove signal translation and exec_domain
  tile: Remove signal translation and exec_domain
  sparc: Remove signal translation and exec_domain
  sh: Remove signal translation and exec_domain
  s390: Remove signal translation and exec_domain
  mn10300: Remove signal translation and exec_domain
  microblaze: Remove signal translation and exec_domain
  m68k: Remove signal translation and exec_domain
  m32r: Remove signal translation and exec_domain
  m32r: Autogenerate offsets in struct thread_info
  frv: Remove signal translation and exec_domain
  ...
2015-04-15 13:53:55 -07:00
Linus Torvalds
ca2ec32658 Merge branch 'for-linus-1' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
Pull vfs update from Al Viro:
 "Part one:

   - struct filename-related cleanups

   - saner iov_iter_init() replacements (and switching the syscalls to
     use of those)

   - ntfs switch to ->write_iter() (Anton)

   - aio cleanups and splitting iocb into common and async parts
     (Christoph)

   - assorted fixes (me, bfields, Andrew Elble)

  There's a lot more, including the completion of switchover to
  ->{read,write}_iter(), d_inode/d_backing_inode annotations, f_flags
  race fixes, etc, but that goes after #for-davem merge.  David has
  pulled it, and once it's in I'll send the next vfs pull request"

* 'for-linus-1' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs: (35 commits)
  sg_start_req(): use import_iovec()
  sg_start_req(): make sure that there's not too many elements in iovec
  blk_rq_map_user(): use import_single_range()
  sg_io(): use import_iovec()
  process_vm_access: switch to {compat_,}import_iovec()
  switch keyctl_instantiate_key_common() to iov_iter
  switch {compat_,}do_readv_writev() to {compat_,}import_iovec()
  aio_setup_vectored_rw(): switch to {compat_,}import_iovec()
  vmsplice_to_user(): switch to import_iovec()
  kill aio_setup_single_vector()
  aio: simplify arguments of aio_setup_..._rw()
  aio: lift iov_iter_init() into aio_setup_..._rw()
  lift iov_iter into {compat_,}do_readv_writev()
  NFS: fix BUG() crash in notify_change() with patch to chown_common()
  dcache: return -ESTALE not -EBUSY on distributed fs race
  NTFS: Version 2.1.32 - Update file write from aio_write to write_iter.
  VFS: Add iov_iter_fault_in_multipages_readable()
  drop bogus check in file_open_root()
  switch security_inode_getattr() to struct path *
  constify tomoyo_realpath_from_path()
  ...
2015-04-14 15:31:03 -07:00
Linus Torvalds
d0bbe0dd35 Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/trivial
Pull trivial tree from Jiri Kosina:
 "Usual trivial tree updates.  Nothing outstanding -- mostly printk()
  and comment fixes and unused identifier removals"

* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/trivial:
  goldfish: goldfish_tty_probe() is not using 'i' any more
  powerpc: Fix comment in smu.h
  qla2xxx: Fix printks in ql_log message
  lib: correct link to the original source for div64_u64
  si2168, tda10071, m88ds3103: Fix firmware wording
  usb: storage: Fix printk in isd200_log_config()
  qla2xxx: Fix printk in qla25xx_setup_mode
  init/main: fix reset_device comment
  ipwireless: missing assignment
  goldfish: remove unreachable line of code
  coredump: Fix do_coredump() comment
  stacktrace.h: remove duplicate declaration task_struct
  smpboot.h: Remove unused function prototype
  treewide: Fix typo in printk messages
  treewide: Fix typo in printk messages
  mod_devicetable: fix comment for match_flags
2015-04-14 09:50:27 -07:00
Vineet Gupta
f2e2013f75 ARC: mem init spring cleaning - No functional changes
Signed-off-by: Vineet Gupta <vgupta@synopsys.com>
2015-04-13 15:16:29 +05:30
Vineet Gupta
a44ec8bd2a ARC: Fix RTT boot printing
Signed-off-by: Vineet Gupta <vgupta@synopsys.com>
2015-04-13 15:15:17 +05:30
Vineet Gupta
de60c1a184 ARC: fold __builtin_constant_p() into test_bit()
This makes test_bit() more like its siblings *_bit() routines.
Also add some comments about the constant @nr micro-optimization

Signed-off-by: Vineet Gupta <vgupta@synopsys.com>
2015-04-13 15:14:57 +05:30
Vineet Gupta
0dfb8ec70f ARC: rename unhandled exception handler
Signed-off-by: Vineet Gupta <vgupta@synopsys.com>
2015-04-13 15:14:57 +05:30
Vineet Gupta
dc9e234f91 ARC: cosmetic: Remove unused ECR bitfield masks
Signed-off-by: Vineet Gupta <vgupta@synopsys.com>
2015-04-13 15:14:57 +05:30
Vineet Gupta
1425d5e72c ARC: Fix WRITE_BCR
* There was obvious bit rot due to lack of use
* Old naming was confusing since BCR are read only

Signed-off-by: Vineet Gupta <vgupta@synopsys.com>
2015-04-13 15:14:56 +05:30
Mischa Jonker
5971d81517 ARC: [nsimosci] Update defconfig
Signed-off-by: Mischa Jonker <mjonker@synopsys.com>
2015-04-13 15:14:56 +05:30
Richard Weinberger
e6de3ca91c arc: Remove signal translation and exec_domain
As execution domain support is gone we can remove
signal translation from the signal code and remove
exec_domain from thread_info.

Signed-off-by: Richard Weinberger <richard@nod.at>
2015-04-12 21:03:30 +02:00
Al Viro
a555ad450f whack-a-mole: no need to set_fs(USER_DS) in {start,flush}_thread()
flush_old_exec() has already done that.  Back on 2011 a bunch of
instances like that had been kicked out, but that hadn't taken
care of then-out-of-tree architectures, obviously, and they served
as reinfection vector...

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2015-04-11 22:24:31 -04:00
Alex Dowad
18e1d1b115 arc: copy_thread(): rename 'arg' argument to 'kthread_arg'
The 'arg' argument to copy_thread() is only ever used when forking a new
kernel thread. Hence, rename it to 'kthread_arg' for clarity.

Signed-off-by: Alex Dowad <alexinbeijing@gmail.com>
Signed-off-by: Vineet Gupta <vgupta@synopsys.com>
2015-03-31 11:20:51 +05:30
Vineet Gupta
e4140819da ARC: signal handling robustify
A malicious signal handler / restorer can DOS the system by fudging the
user regs saved on stack, causing weird things such as sigreturn returning
to user mode PC but cpu state still being kernel mode....

Ensure that in sigreturn path status32 always has U bit; any other bogosity
(gargbage PC etc) will be taken care of by normal user mode exceptions mechanisms.

Reproducer signal handler:

    void handle_sig(int signo, siginfo_t *info, void *context)
    {
	ucontext_t *uc = context;
	struct user_regs_struct *regs = &(uc->uc_mcontext.regs);

	regs->scratch.status32 = 0;
    }

Before the fix, kernel would go off to weeds like below:

    --------->8-----------
    [ARCLinux]$ ./signal-test
    Path: /signal-test
    CPU: 0 PID: 61 Comm: signal-test Not tainted 4.0.0-rc5+ #65
    task: 8f177880 ti: 5ffe6000 task.ti: 8f15c000

    [ECR   ]: 0x00220200 => Invalid Write @ 0x00000010 by insn @ 0x00010698
    [EFA   ]: 0x00000010
    [BLINK ]: 0x2007c1ee
    [ERET  ]: 0x10698
    [STAT32]: 0x00000000 :                                   <--------
    BTA: 0x00010680	 SP: 0x5ffe7e48	 FP: 0x00000000
    LPS: 0x20003c6c	LPE: 0x20003c70	LPC: 0x00000000
    ...
    --------->8-----------

Reported-by: Alexey Brodkin <abrodkin@synopsys.com>
Cc: <stable@vger.kernel.org>
Signed-off-by: Vineet Gupta <vgupta@synopsys.com>
2015-03-26 11:19:36 +05:30
Vineet Gupta
6914e1e3f6 ARC: SA_SIGINFO ucontext regs off-by-one
The regfile provided to SA_SIGINFO signal handler as ucontext was off by
one due to pt_regs gutter cleanups in 2013.

Before handling signal, user pt_regs are copied onto user_regs_struct and copied
back later. Both structs are binary compatible. This was all fine until
commit 2fa919045b (ARC: pt_regs update #2) which removed the empty stack slot
at top of pt_regs (corresponding to first pad) and made the corresponding
fixup in struct user_regs_struct (the pad in there was moved out of
@scratch - not removed altogether as it is part of ptrace ABI)

 struct user_regs_struct {
+       long pad;
        struct {
-               long pad;
                long bta, lp_start, lp_end,....
        } scratch;
 ...
 }

This meant that now user_regs_struct was off by 1 reg w.r.t pt_regs and
signal code needs to user_regs_struct.scratch to reflect it as pt_regs,
which is what this commit does.

This problem was hidden for 2 years, because both save/restore, despite
using wrong location, were using the same location. Only an interim
inspection (reproducer below) exposed the issue.

     void handle_segv(int signo, siginfo_t *info, void *context)
     {
 	ucontext_t *uc = context;
	struct user_regs_struct *regs = &(uc->uc_mcontext.regs);

	printf("regs %x %x\n",               <=== prints 7 8 (vs. 8 9)
               regs->scratch.r8, regs->scratch.r9);
     }

     int main()
     {
	struct sigaction sa;

	sa.sa_sigaction = handle_segv;
	sa.sa_flags = SA_SIGINFO;
	sigemptyset(&sa.sa_mask);
	sigaction(SIGSEGV, &sa, NULL);

	asm volatile(
	"mov	r7, 7	\n"
	"mov	r8, 8	\n"
	"mov	r9, 9	\n"
	"mov	r10, 10	\n"
	:::"r7","r8","r9","r10");

	*((unsigned int*)0x10) = 0;
     }

Fixes: 2fa919045b "ARC: pt_regs update #2: Remove unused gutter at start of pt_regs"
CC: <stable@vger.kernel.org>
Signed-off-by: Vineet Gupta <vgupta@synopsys.com>
2015-03-26 09:38:00 +05:30
Masanari Iida
d939be3add treewide: Fix typo in printk messages
This patch fix spelling typo in printk messages.

Signed-off-by: Masanari Iida <standby24x7@gmail.com>
Acked-by: Randy Dunlap <rdunlap@infradead.org>
Signed-off-by: Jiri Kosina <jkosina@suse.cz>
2015-03-06 23:05:39 +01:00
Vineet Gupta
3240dd57e5 ARC: Fix thread_saved_pc()
The old implementation assumed that SP at the time of __switch_to() is
right above pt_regs which is almost certainly not the case as there will
be some stack build up between entry into kernel and leading up to
__switch_to

Signed-off-by: Vineet Gupta <vgupta@synopsys.com>
2015-02-27 10:59:34 +05:30
Vineet Gupta
13648b0118 ARC: Fix KSTK_ESP()
/proc/<pid>/maps currently don't annotate stack vma with "[stack]"
This is because KSTK_ESP ie expected to return usermode SP of tsk while
currently it returns the kernel mode SP of a sleeping tsk.

While the fix is trivial, we also need to adjust the ARC kernel stack
unwinder to not use KSTK_SP and friends any more.

Cc: <stable@vger.kernel.org>
Reported-and-suggested-by: Alexey Brodkin <abrodkin@synopsys.com>
Signed-off-by: Vineet Gupta <vgupta@synopsys.com>
2015-02-27 10:48:23 +05:30
Vineet Gupta
ceed97ab4f ARC: perf: Enable generic software events
Signed-off-by: Vineet Gupta <vgupta@synopsys.com>
2015-02-27 10:15:01 +05:30
Vineet Gupta
3a51d50f42 ARC: Make arc_unwind_core accessible externally
The arc unwinder can also be used for perf callchains.

Signed-off-by: Mischa Jonker <mjonker@synopsys.com>
Signed-off-by: Vineet Gupta <vgupta@synopsys.com>
2015-02-27 10:15:00 +05:30
Linus Torvalds
ce1d3fde87 Merge branch 'for-linus' of git://git.infradead.org/users/vkoul/slave-dma
Pull dmaengine updates from Vinod Koul:
 "This update brings:

   - the big cleanup up by Maxime for device control and slave
     capabilities.  This makes the API much cleaner.

   - new IMG MDC driver by Andrew

   - new Renesas R-Car Gen2 DMA Controller driver by Laurent along with
     bunch of fixes on rcar drivers

   - odd fixes and updates spread over driver"

* 'for-linus' of git://git.infradead.org/users/vkoul/slave-dma: (130 commits)
  dmaengine: pl330: add DMA_PAUSE feature
  dmaengine: pl330: improve pl330_tx_status() function
  dmaengine: rcar-dmac: Disable channel 0 when using IOMMU
  dmaengine: rcar-dmac: Work around descriptor mode IOMMU errata
  dmaengine: rcar-dmac: Allocate hardware descriptors with DMAC device
  dmaengine: rcar-dmac: Fix oops due to unintialized list in error ISR
  dmaengine: rcar-dmac: Fix spinlock issues in interrupt
  dmaenegine: edma: fix sparse warnings
  dmaengine: rcar-dmac: Fix uninitialized variable usage
  dmaengine: shdmac: extend PM methods
  dmaengine: shdmac: use SET_RUNTIME_PM_OPS()
  dmaengine: pl330: fix bug that cause start the same descs in cyclic
  dmaengine: at_xdmac: allow muliple dwidths when doing slave transfers
  dmaengine: at_xdmac: simplify channel configuration stuff
  dmaengine: at_xdmac: introduce save_cc field
  dmaengine: at_xdmac: wait for in-progress transaction to complete after pausing a channel
  ioat: fail self-test if wait_for_completion times out
  dmaengine: dw: define DW_DMA_MAX_NR_MASTERS
  dmaengine: dw: amend description of dma_dev field
  dmatest: move src_off, dst_off, len inside loop
  ...
2015-02-18 08:49:20 -08:00
Linus Torvalds
a68fb48380 ARC updates for 3.20
Some fixes, nothing too exciting this time as well...
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIcBAABAgAGBQJU4cZEAAoJEGnX8d3iisJeBCUQAI1nYhR3tMZzYdotCPIFdFHM
 KYHx+9fyrVqg1S4clyp6rLMICAlhLOsiYDmJ8/i2rileZGFdmHQqZXLm7GzRSZ6X
 ZPLolJ0ETlbRhLf91jz/3s2A2rr32aw+oHpIZ1HAgmIUB3mwpcrpNqNVNLmzcyg/
 3NkPFxlmFwrX/NPLOx9v9/RpKRd5EGF9MvSaxJ7NT6R3qvGfDFRtzieFugCbhz85
 SUW/V0jGIfVyj+eB4NTs1jxZeNEPuAKguRkWcdE9+98fLMaticOvuFZ4pvVS4zwQ
 ziNGY2XngZCl0GjAIijwG730f6SeEF2VxrDGco2CgAxwKr/lm2cRubgULzEBZlyr
 SzH1a8oixIEg4il59ZvvqnI5iouBBz+ykXe7TD4B1HLaMvQGhrXg2kRj7O80t8UA
 CpuuskyTWBBLZR7ypIG93UNbe64I8L7Xd5bCQsXx5sIDVXIvdeIDvM9PbK9LNg+7
 Qkm1ONepdSkFdpayzXjEowjfADAZjSmJcvybGZQ4lT3+0dh0hIJiKUk25eA4oV6y
 Ue1T/yvJXh0Xlso4Oo8Xp8qsVe8oM3FrorTYKwvhKegN5Gd61mUob31tHMQnvRjO
 O3aEF2Pe+r3qUxI7tTyFXBXDmCjay/uRLa7ltOyfP4aZXrgI3aEVpk12OEf5S3G1
 10p/ofrH9+KJ47rWNCOz
 =8o17
 -----END PGP SIGNATURE-----

Merge tag 'arc-3.20-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/vgupta/arc

Pull ARC updates from Vineet Gupta:
 "Some fixes, nothing too exciting this time as well..."

* tag 'arc-3.20-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/vgupta/arc:
  ARC: fix page address calculation if PAGE_OFFSET != LINUX_LINK_BASE
  ARC: Fix earlycon build breakage
  ARC: Dynamically determine BASE_BAUD from DeviceTree
  arc: Remove unused prepare_to_copy()
  ARC: use ACCESS_ONCE in cmpxchg loop
  ARC: add some more comments to ret_from_fork
  ARC: fix /proc/cpuinfo for offline cpus
2015-02-16 14:56:52 -08:00
Alexey Brodkin
06f34e1c28 ARC: fix page address calculation if PAGE_OFFSET != LINUX_LINK_BASE
We used to calculate page address differently in 2 cases:

1. In virt_to_page(x) we do
 --->8---
 mem_map + (x - CONFIG_LINUX_LINK_BASE) >> PAGE_SHIFT
 --->8---

2. In in pte_page(x) we do
 --->8---
 mem_map + (pte_val(x) - PAGE_OFFSET) >> PAGE_SHIFT
 --->8---

That leads to problems in case PAGE_OFFSET != CONFIG_LINUX_LINK_BASE -
different pages will be selected depending on where and how we calculate
page address.

In particular in the STAR 9000853582 when gdb attempted to read memory
of another process it got improper page in get_user_pages() because this
is exactly one of the places where we search for a page by pte_page().

The fix is trivial - we need to calculate page address similarly in both
cases.

Cc: <stable@vger.kernel.org>
Signed-off-by: Alexey Brodkin <abrodkin@synopsys.com>
Signed-off-by: Vineet Gupta <vgupta@synopsys.com>
2015-02-13 18:01:12 +05:30
Andy Lutomirski
f56141e3e2 all arches, signal: move restart_block to struct task_struct
If an attacker can cause a controlled kernel stack overflow, overwriting
the restart block is a very juicy exploit target.  This is because the
restart_block is held in the same memory allocation as the kernel stack.

Moving the restart block to struct task_struct prevents this exploit by
making the restart_block harder to locate.

Note that there are other fields in thread_info that are also easy
targets, at least on some architectures.

It's also a decent simplification, since the restart code is more or less
identical on all architectures.

[james.hogan@imgtec.com: metag: align thread_info::supervisor_stack]
Signed-off-by: Andy Lutomirski <luto@amacapital.net>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Al Viro <viro@zeniv.linux.org.uk>
Cc: "H. Peter Anvin" <hpa@zytor.com>
Cc: Ingo Molnar <mingo@kernel.org>
Cc: Kees Cook <keescook@chromium.org>
Cc: David Miller <davem@davemloft.net>
Acked-by: Richard Weinberger <richard@nod.at>
Cc: Richard Henderson <rth@twiddle.net>
Cc: Ivan Kokshaysky <ink@jurassic.park.msu.ru>
Cc: Matt Turner <mattst88@gmail.com>
Cc: Vineet Gupta <vgupta@synopsys.com>
Cc: Russell King <rmk@arm.linux.org.uk>
Cc: Catalin Marinas <catalin.marinas@arm.com>
Cc: Will Deacon <will.deacon@arm.com>
Cc: Haavard Skinnemoen <hskinnemoen@gmail.com>
Cc: Hans-Christian Egtvedt <egtvedt@samfundet.no>
Cc: Steven Miao <realmz6@gmail.com>
Cc: Mark Salter <msalter@redhat.com>
Cc: Aurelien Jacquiot <a-jacquiot@ti.com>
Cc: Mikael Starvik <starvik@axis.com>
Cc: Jesper Nilsson <jesper.nilsson@axis.com>
Cc: David Howells <dhowells@redhat.com>
Cc: Richard Kuo <rkuo@codeaurora.org>
Cc: "Luck, Tony" <tony.luck@intel.com>
Cc: Geert Uytterhoeven <geert@linux-m68k.org>
Cc: Michal Simek <monstr@monstr.eu>
Cc: Ralf Baechle <ralf@linux-mips.org>
Cc: Jonas Bonn <jonas@southpole.se>
Cc: "James E.J. Bottomley" <jejb@parisc-linux.org>
Cc: Helge Deller <deller@gmx.de>
Cc: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Cc: Paul Mackerras <paulus@samba.org>
Acked-by: Michael Ellerman <mpe@ellerman.id.au> (powerpc)
Tested-by: Michael Ellerman <mpe@ellerman.id.au> (powerpc)
Cc: Martin Schwidefsky <schwidefsky@de.ibm.com>
Cc: Heiko Carstens <heiko.carstens@de.ibm.com>
Cc: Chen Liqin <liqin.linux@gmail.com>
Cc: Lennox Wu <lennox.wu@gmail.com>
Cc: Chris Metcalf <cmetcalf@ezchip.com>
Cc: Guan Xuetao <gxt@mprc.pku.edu.cn>
Cc: Chris Zankel <chris@zankel.net>
Cc: Max Filippov <jcmvbkbc@gmail.com>
Cc: Oleg Nesterov <oleg@redhat.com>
Cc: Guenter Roeck <linux@roeck-us.net>
Signed-off-by: James Hogan <james.hogan@imgtec.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2015-02-12 18:54:12 -08:00
Kirill A. Shutemov
d016bf7ece mm: make FIRST_USER_ADDRESS unsigned long on all archs
LKP has triggered a compiler warning after my recent patch "mm: account
pmd page tables to the process":

    mm/mmap.c: In function 'exit_mmap':
 >> mm/mmap.c:2857:2: warning: right shift count >= width of type [enabled by default]

The code:

 > 2857                WARN_ON(mm_nr_pmds(mm) >
   2858                                round_up(FIRST_USER_ADDRESS, PUD_SIZE) >> PUD_SHIFT);

In this, on tile, we have FIRST_USER_ADDRESS defined as 0.  round_up() has
the same type -- int.  PUD_SHIFT.

I think the best way to fix it is to define FIRST_USER_ADDRESS as unsigned
long.  On every arch for consistency.

Signed-off-by: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
Reported-by: Wu Fengguang <fengguang.wu@intel.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2015-02-11 17:06:03 -08:00
Kirill A. Shutemov
1874715130 arc: drop _PAGE_FILE and pte_file()-related helpers
We've replaced remap_file_pages(2) implementation with emulation.  Nobody
creates non-linear mapping anymore.

Signed-off-by: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
Acked-by: Vineet Gupta <vgupta@synopsys.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2015-02-10 14:30:31 -08:00
Andy Shevchenko
d8ded50f8b dmaengine: dw: define DW_DMA_MAX_NR_MASTERS
Instead of using magic number in the code the patch provides
DW_DMA_MAX_NR_MASTERS constant.

While here, restrict the reading of data width array by amount of the actual
number of AHB masters.

Signed-off-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
Signed-off-by: Vinod Koul <vinod.koul@intel.com>
2015-02-04 22:39:44 -08:00
Peter Hurley
091f56be10 ARC: Fix earlycon build breakage
Commit ffb7fcd66f ("ARC: Dynamically determine BASE_BAUD from DeviceTree")
breaks arc:defconfig build:

       drivers/built-in.o: In function `of_setup_earlycon':
       (.init.text+0xb3e): undefined reference to `arc_early_base_baud'
       drivers/built-in.o: In function `setup_earlycon':
       (.init.text+0xcd0): undefined reference to `arc_early_base_baud'
       make: *** [vmlinux] Error 1

BASE_BAUD is only required for earlycon, which should depend on
CONFIG_SERIAL_EARLYCON.

Reported-by: Guenter Roeck <linux@roeck-us.net>
Tested-by: Guenter Roeck <linux@roeck-us.net>
Signed-off-by: Peter Hurley <peter@hurleysoftware.com>
Signed-off-by: Vineet Gupta <vgupta@synopsys.com>
2015-02-04 10:38:15 +05:30
Vineet Gupta
ffb7fcd66f ARC: Dynamically determine BASE_BAUD from DeviceTree
8250 earlycon is broken on multi-platform ARC because the UART clk
value (BASE_BAUD) is fixed at build time.

Instead, determine the appropriate UART clk at runtime; parse the
devicetree early for platforms requiring alternate UART clk values
(currently only the TB10X platform).

Cc: Jiri Slaby <jslaby@suse.cz>
Cc: linux-serial@vger.kernel.org
Cc: linux-kernel@vger.kernel.org
Cc: Rob Herring <robh@kernel.org>
Cc: Arnd Bergmann <arnd@arndb.de>
Reviewed-by: Peter Hurley <peter@hurleysoftware.com>
Acked-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: Vineet Gupta <vgupta@synopsys.com>
2015-02-02 17:08:37 +05:30
Tobias Klauser
7bf6df575f arc: Remove unused prepare_to_copy()
prepare_to_copy() was removed from all architectures supported at that
time in commit 55ccf3fe3f ("fork: move the real prepare_to_copy()
users to arch_dup_task_struct()"). Remove it from arc as well.

Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
Signed-off-by: Vineet Gupta <vgupta@synopsys.com>
2015-02-02 17:08:37 +05:30
Vineet Gupta
7082a29c22 ARC: use ACCESS_ONCE in cmpxchg loop
Signed-off-by: Vineet Gupta <vgupta@synopsys.com>
2015-02-02 17:08:37 +05:30
Vineet Gupta
98edfab4c1 ARC: add some more comments to ret_from_fork
Signed-off-by: Vineet Gupta <vgupta@synopsys.com>
2015-02-02 17:08:37 +05:30
Vineet Gupta
4c86231c14 ARC: fix /proc/cpuinfo for offline cpus
Signed-off-by: Vineet Gupta <vgupta@synopsys.com>
2015-02-02 17:08:37 +05:30
Guenter Roeck
e262eb9381 arc: mm: Fix build failure
Fix misspelled define.

Fixes: 33692f2759 ("vm: add VM_FAULT_SIGSEGV handling support")
Signed-off-by: Guenter Roeck <linux@roeck-us.net>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2015-01-30 10:31:14 -08:00
Linus Torvalds
33692f2759 vm: add VM_FAULT_SIGSEGV handling support
The core VM already knows about VM_FAULT_SIGBUS, but cannot return a
"you should SIGSEGV" error, because the SIGSEGV case was generally
handled by the caller - usually the architecture fault handler.

That results in lots of duplication - all the architecture fault
handlers end up doing very similar "look up vma, check permissions, do
retries etc" - but it generally works.  However, there are cases where
the VM actually wants to SIGSEGV, and applications _expect_ SIGSEGV.

In particular, when accessing the stack guard page, libsigsegv expects a
SIGSEGV.  And it usually got one, because the stack growth is handled by
that duplicated architecture fault handler.

However, when the generic VM layer started propagating the error return
from the stack expansion in commit fee7e49d45 ("mm: propagate error
from stack expansion even for guard page"), that now exposed the
existing VM_FAULT_SIGBUS result to user space.  And user space really
expected SIGSEGV, not SIGBUS.

To fix that case, we need to add a VM_FAULT_SIGSEGV, and teach all those
duplicate architecture fault handlers about it.  They all already have
the code to handle SIGSEGV, so it's about just tying that new return
value to the existing code, but it's all a bit annoying.

This is the mindless minimal patch to do this.  A more extensive patch
would be to try to gather up the mostly shared fault handling logic into
one generic helper routine, and long-term we really should do that
cleanup.

Just from this patch, you can generally see that most architectures just
copied (directly or indirectly) the old x86 way of doing things, but in
the meantime that original x86 model has been improved to hold the VM
semaphore for shorter times etc and to handle VM_FAULT_RETRY and other
"newer" things, so it would be a good idea to bring all those
improvements to the generic case and teach other architectures about
them too.

Reported-and-tested-by: Takashi Iwai <tiwai@suse.de>
Tested-by: Jan Engelhardt <jengelh@inai.de>
Acked-by: Heiko Carstens <heiko.carstens@de.ibm.com> # "s390 still compiles and boots"
Cc: linux-arch@vger.kernel.org
Cc: stable@vger.kernel.org
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2015-01-29 10:51:32 -08:00
Linus Torvalds
22943a6a6b Minor updates for ARC for 3.19
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.4.14 (GNU/Linux)
 
 iQIcBAABAgAGBQJUkrnWAAoJEGnX8d3iisJenj4P/30RohNJG6Apu2bPFcFOrDz5
 yc8TbKEh8VLgxm28e5MDEOUKvNV84noXrD+835Y1Ch5K9G9yDOiw7z3auargVCB1
 NXEy8zVQboOQJahL0WnlKoUQxz6zTV7BjC6b5TICQtzxCniQ86inh0w7n6GtUfI4
 cGuE+gthf+gWLENsoFE6OpMqidA2NTvs//qFZA/26xNvZHuL4/kBcMh1Jyp1Oa37
 xZewIA9wdD2n9P2escFgzyzORf5GBEfG4r2StIol0XFKPzDZugkCwS9+dsLFTJdf
 e/5y/JFOhZ2vlIppvHTqEpCXzWF6Llnyg6s2uWkwlajxGgqciZzkVOVq6dFJf99t
 PBSMs4DNDQDCUBgO4PT8X9YC9U3N2B3wGSTNSsEykh/0aJpxHEWpQp2MXrW8lin7
 SzwmVS5bapjlE3NI2tHw5lyfGgxYXiEqTs77rqXJfVmdsBehCBE6hvJELHPlHTd5
 Ng/12NsJJqUh5sNX+wSEgwkTEX31WtZbQq9BpdYixP5kmgu0ptahRBMfJuHzjtL/
 wWwVu9mOOWiVGIGPYL2uq+lLts4Ytb+p7WOEbS+jL+En8vheUKxi8cE3vYI7tjwn
 d8N/Q7fp9wHQCB1EzE9pKR02g/++IxEmTCAfWsMIv9BnECp/kgugx7yul9NAdU5D
 dq63tGI0Uoz9nt6n/khi
 =Q9WJ
 -----END PGP SIGNATURE-----

Merge tag 'arc-3.19-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/vgupta/arc

Pull arch/arc updates from Vineet Gupta:
 "Minor updates for ARC for 3.19"

* tag 'arc-3.19-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/vgupta/arc:
  ARC: rename default defconfig
  ARC: [nsimosci] move peripherals to match model to FPGA
  ARC: document memory clobber in irq control macros
  ARC: R-M-W assist locks only needed for !LLSC
  ARC: add power management options
2014-12-18 16:26:41 -08:00
Vineet Gupta
7a70bf797a ARC: rename default defconfig
Signed-off-by: Vineet Gupta <vgupta@synopsys.com>
2014-12-17 15:23:56 +05:30
Vineet Gupta
e8ef060b37 ARC: [nsimosci] move peripherals to match model to FPGA
This allows the sdplite/Zebu images to run on OSCI simulation platform

Signed-off-by: Vineet Gupta <vgupta@synopsys.com>
Cc: <stable@vger.kernel.org> #3.10, 3.12, 3.14, 3.16
2014-12-15 11:24:58 +05:30
Vineet Gupta
88ec11b0f8 ARC: document memory clobber in irq control macros
Signed-off-by: Vineet Gupta <vgupta@synopsys.com>
2014-12-12 16:02:46 +05:30
Vineet Gupta
9fb92eb116 ARC: R-M-W assist locks only needed for !LLSC
Signed-off-by: Vineet Gupta <vgupta@synopsys.com>
2014-12-12 16:02:34 +05:30