Commit 1459718d authored by Linus Torvalds's avatar Linus Torvalds

Merge tag 'powerpc-5.14-2' of git://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux

Pull powerpc fixes from Michael Ellerman:
 "Fix crashes on 64-bit Book3E due to use of Book3S only mtmsrd
  instruction.

  Fix "scheduling while atomic" warnings at boot due to preempt count
  underflow.

  Two commits fixing our handling of BPF atomic instructions.

  Fix error handling in xive when allocating an IPI.

  Fix lockup on kernel exec fault on 603.

  Thanks to Bharata B Rao, Cédric Le Goater, Christian Zigotzky,
  Christophe Leroy, Guenter Roeck, Jiri Olsa, Naveen N. Rao, Nicholas
  Piggin, and Valentin Schneider"

* tag 'powerpc-5.14-2' of git://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux:
  powerpc/preempt: Don't touch the idle task's preempt_count during hotplug
  powerpc/64e: Fix system call illegal mtmsrd instruction
  powerpc/xive: Fix error handling when allocating an IPI
  powerpc/bpf: Reject atomic ops in ppc32 JIT
  powerpc/bpf: Fix detecting BPF atomic instructions
  powerpc/mm: Fix lockup on kernel exec fault
parents dcf3c935 2c669ef6
...@@ -311,9 +311,13 @@ END_BTB_FLUSH_SECTION ...@@ -311,9 +311,13 @@ END_BTB_FLUSH_SECTION
* trace_hardirqs_off(). * trace_hardirqs_off().
*/ */
li r11,IRQS_ALL_DISABLED li r11,IRQS_ALL_DISABLED
li r12,-1 /* Set MSR_EE and MSR_RI */
stb r11,PACAIRQSOFTMASK(r13) stb r11,PACAIRQSOFTMASK(r13)
#ifdef CONFIG_PPC_BOOK3S
li r12,-1 /* Set MSR_EE and MSR_RI */
mtmsrd r12,1 mtmsrd r12,1
#else
wrteei 1
#endif
/* Calling convention has r9 = orig r0, r10 = regs */ /* Calling convention has r9 = orig r0, r10 = regs */
mr r9,r0 mr r9,r0
......
...@@ -199,9 +199,7 @@ static bool bad_kernel_fault(struct pt_regs *regs, unsigned long error_code, ...@@ -199,9 +199,7 @@ static bool bad_kernel_fault(struct pt_regs *regs, unsigned long error_code,
{ {
int is_exec = TRAP(regs) == INTERRUPT_INST_STORAGE; int is_exec = TRAP(regs) == INTERRUPT_INST_STORAGE;
/* NX faults set DSISR_PROTFAULT on the 8xx, DSISR_NOEXEC_OR_G on others */ if (is_exec) {
if (is_exec && (error_code & (DSISR_NOEXEC_OR_G | DSISR_KEYFAULT |
DSISR_PROTFAULT))) {
pr_crit_ratelimited("kernel tried to execute %s page (%lx) - exploit attempt? (uid: %d)\n", pr_crit_ratelimited("kernel tried to execute %s page (%lx) - exploit attempt? (uid: %d)\n",
address >= TASK_SIZE ? "exec-protected" : "user", address >= TASK_SIZE ? "exec-protected" : "user",
address, address,
......
...@@ -773,9 +773,17 @@ int bpf_jit_build_body(struct bpf_prog *fp, u32 *image, struct codegen_context * ...@@ -773,9 +773,17 @@ int bpf_jit_build_body(struct bpf_prog *fp, u32 *image, struct codegen_context *
break; break;
/* /*
* BPF_STX XADD (atomic_add) * BPF_STX ATOMIC (atomic ops)
*/ */
case BPF_STX | BPF_XADD | BPF_W: /* *(u32 *)(dst + off) += src */ case BPF_STX | BPF_ATOMIC | BPF_W:
if (imm != BPF_ADD) {
pr_err_ratelimited("eBPF filter atomic op code %02x (@%d) unsupported\n",
code, i);
return -ENOTSUPP;
}
/* *(u32 *)(dst + off) += src */
bpf_set_seen_register(ctx, tmp_reg); bpf_set_seen_register(ctx, tmp_reg);
/* Get offset into TMP_REG */ /* Get offset into TMP_REG */
EMIT(PPC_RAW_LI(tmp_reg, off)); EMIT(PPC_RAW_LI(tmp_reg, off));
...@@ -789,7 +797,7 @@ int bpf_jit_build_body(struct bpf_prog *fp, u32 *image, struct codegen_context * ...@@ -789,7 +797,7 @@ int bpf_jit_build_body(struct bpf_prog *fp, u32 *image, struct codegen_context *
PPC_BCC_SHORT(COND_NE, (ctx->idx - 3) * 4); PPC_BCC_SHORT(COND_NE, (ctx->idx - 3) * 4);
break; break;
case BPF_STX | BPF_XADD | BPF_DW: /* *(u64 *)(dst + off) += src */ case BPF_STX | BPF_ATOMIC | BPF_DW: /* *(u64 *)(dst + off) += src */
return -EOPNOTSUPP; return -EOPNOTSUPP;
/* /*
......
...@@ -667,7 +667,7 @@ int bpf_jit_build_body(struct bpf_prog *fp, u32 *image, struct codegen_context * ...@@ -667,7 +667,7 @@ int bpf_jit_build_body(struct bpf_prog *fp, u32 *image, struct codegen_context *
* BPF_STX ATOMIC (atomic ops) * BPF_STX ATOMIC (atomic ops)
*/ */
case BPF_STX | BPF_ATOMIC | BPF_W: case BPF_STX | BPF_ATOMIC | BPF_W:
if (insn->imm != BPF_ADD) { if (imm != BPF_ADD) {
pr_err_ratelimited( pr_err_ratelimited(
"eBPF filter atomic op code %02x (@%d) unsupported\n", "eBPF filter atomic op code %02x (@%d) unsupported\n",
code, i); code, i);
...@@ -689,7 +689,7 @@ int bpf_jit_build_body(struct bpf_prog *fp, u32 *image, struct codegen_context * ...@@ -689,7 +689,7 @@ int bpf_jit_build_body(struct bpf_prog *fp, u32 *image, struct codegen_context *
PPC_BCC_SHORT(COND_NE, tmp_idx); PPC_BCC_SHORT(COND_NE, tmp_idx);
break; break;
case BPF_STX | BPF_ATOMIC | BPF_DW: case BPF_STX | BPF_ATOMIC | BPF_DW:
if (insn->imm != BPF_ADD) { if (imm != BPF_ADD) {
pr_err_ratelimited( pr_err_ratelimited(
"eBPF filter atomic op code %02x (@%d) unsupported\n", "eBPF filter atomic op code %02x (@%d) unsupported\n",
code, i); code, i);
......
...@@ -78,9 +78,6 @@ static inline int smp_startup_cpu(unsigned int lcpu) ...@@ -78,9 +78,6 @@ static inline int smp_startup_cpu(unsigned int lcpu)
pcpu = get_hard_smp_processor_id(lcpu); pcpu = get_hard_smp_processor_id(lcpu);
/* Fixup atomic count: it exited inside IRQ handler. */
task_thread_info(paca_ptrs[lcpu]->__current)->preempt_count = 0;
/* /*
* If the RTAS start-cpu token does not exist then presume the * If the RTAS start-cpu token does not exist then presume the
* cpu is already spinning. * cpu is already spinning.
......
...@@ -105,9 +105,6 @@ static inline int smp_startup_cpu(unsigned int lcpu) ...@@ -105,9 +105,6 @@ static inline int smp_startup_cpu(unsigned int lcpu)
return 1; return 1;
} }
/* Fixup atomic count: it exited inside IRQ handler. */
task_thread_info(paca_ptrs[lcpu]->__current)->preempt_count = 0;
/* /*
* If the RTAS start-cpu token does not exist then presume the * If the RTAS start-cpu token does not exist then presume the
* cpu is already spinning. * cpu is already spinning.
......
...@@ -1153,11 +1153,10 @@ static int __init xive_request_ipi(void) ...@@ -1153,11 +1153,10 @@ static int __init xive_request_ipi(void)
* Since the HW interrupt number doesn't have any meaning, * Since the HW interrupt number doesn't have any meaning,
* simply use the node number. * simply use the node number.
*/ */
xid->irq = irq_domain_alloc_irqs(ipi_domain, 1, node, &info); ret = irq_domain_alloc_irqs(ipi_domain, 1, node, &info);
if (xid->irq < 0) { if (ret < 0)
ret = xid->irq;
goto out_free_xive_ipis; goto out_free_xive_ipis;
} xid->irq = ret;
snprintf(xid->name, sizeof(xid->name), "IPI-%d", node); snprintf(xid->name, sizeof(xid->name), "IPI-%d", node);
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment