1. 18 Feb, 2016 2 commits
    • Ingo Molnar's avatar
      3a2f2ac9
    • Toshi Kani's avatar
      x86/mm: Fix vmalloc_fault() to handle large pages properly · f4eafd8b
      Toshi Kani authored
      A kernel page fault oops with the callstack below was observed
      when a read syscall was made to a pmem device after a huge amount
      (>512GB) of vmalloc ranges was allocated by ioremap() on a x86_64
      system:
      
           BUG: unable to handle kernel paging request at ffff880840000ff8
           IP: vmalloc_fault+0x1be/0x300
           PGD c7f03a067 PUD 0
           Oops: 0000 [#1] SM
           Call Trace:
              __do_page_fault+0x285/0x3e0
              do_page_fault+0x2f/0x80
              ? put_prev_entity+0x35/0x7a0
              page_fault+0x28/0x30
              ? memcpy_erms+0x6/0x10
              ? schedule+0x35/0x80
              ? pmem_rw_bytes+0x6a/0x190 [nd_pmem]
              ? schedule_timeout+0x183/0x240
              btt_log_read+0x63/0x140 [nd_btt]
               :
              ? __symbol_put+0x60/0x60
              ? kernel_read+0x50/0x80
              SyS_finit_module+0xb9/0xf0
              entry_SYSCALL_64_fastpath+0x1a/0xa4
      
      Since v4.1, ioremap() supports large page (pud/pmd) mappings in
      x86_64 and PAE.  vmalloc_fault() however assumes that the vmalloc
      range is limited to pte mappings.
      
      vmalloc faults do not normally happen in ioremap'd ranges since
      ioremap() sets up the kernel page tables, which are shared by
      user processes.  pgd_ctor() sets the kernel's PGD entries to
      user's during fork().  When allocation of the vmalloc ranges
      crosses a 512GB boundary, ioremap() allocates a new pud table
      and updates the kernel PGD entry to point it.  If user process's
      PGD entry does not have this update yet, a read/write syscall
      to the range will cause a vmalloc fault, which hits the Oops
      above as it does not handle a large page properly.
      
      Following changes are made to vmalloc_fault().
      
      64-bit:
      
       - No change for the PGD sync operation as it handles large
         pages already.
       - Add pud_huge() and pmd_huge() to the validation code to
         handle large pages.
       - Change pud_page_vaddr() to pud_pfn() since an ioremap range
         is not directly mapped (while the if-statement still works
         with a bogus addr).
       - Change pmd_page() to pmd_pfn() since an ioremap range is not
         backed by struct page (while the if-statement still works
         with a bogus addr).
      
      32-bit:
       - No change for the sync operation since the index3 PGD entry
         covers the entire vmalloc range, which is always valid.
         (A separate change to sync PGD entry is necessary if this
          memory layout is changed regardless of the page size.)
       - Add pmd_huge() to the validation code to handle large pages.
         This is for completeness since vmalloc_fault() won't happen
         in ioremap'd ranges as its PGD entry is always valid.
      Reported-by: default avatarHenning Schild <henning.schild@siemens.com>
      Signed-off-by: default avatarToshi Kani <toshi.kani@hpe.com>
      Acked-by: default avatarBorislav Petkov <bp@alien8.de>
      Cc: <stable@vger.kernel.org> # 4.1+
      Cc: Andrew Morton <akpm@linux-foundation.org>
      Cc: Andy Lutomirski <luto@amacapital.net>
      Cc: Brian Gerst <brgerst@gmail.com>
      Cc: Denys Vlasenko <dvlasenk@redhat.com>
      Cc: H. Peter Anvin <hpa@zytor.com>
      Cc: Linus Torvalds <torvalds@linux-foundation.org>
      Cc: Luis R. Rodriguez <mcgrof@suse.com>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: Thomas Gleixner <tglx@linutronix.de>
      Cc: Toshi Kani <toshi.kani@hp.com>
      Cc: linux-mm@kvack.org
      Cc: linux-nvdimm@lists.01.org
      Link: http://lkml.kernel.org/r/1455758214-24623-1-git-send-email-toshi.kani@hpe.comSigned-off-by: default avatarIngo Molnar <mingo@kernel.org>
      f4eafd8b
  2. 17 Feb, 2016 12 commits
    • Andy Lutomirski's avatar
      x86/entry/compat: Keep TS_COMPAT set during signal delivery · 4e79e182
      Andy Lutomirski authored
      Signal delivery needs to know the sign of an interrupted syscall's
      return value in order to detect -ERESTART variants.  Normally this
      works independently of bitness because syscalls internally return
      long.  Under ptrace, however, this can break, and syscall_get_error
      is supposed to sign-extend regs->ax if needed.
      
      We were clearing TS_COMPAT too early, though, and this prevented
      sign extension, which subtly broke syscall restart under ptrace.
      Reported-by: default avatarRobert O'Callahan <robert@ocallahan.org>
      Signed-off-by: default avatarAndy Lutomirski <luto@kernel.org>
      Cc: Al Viro <viro@zeniv.linux.org.uk>
      Cc: Andy Lutomirski <luto@amacapital.net>
      Cc: Borislav Petkov <bp@alien8.de>
      Cc: Brian Gerst <brgerst@gmail.com>
      Cc: Denys Vlasenko <dvlasenk@redhat.com>
      Cc: H. Peter Anvin <hpa@zytor.com>
      Cc: Linus Torvalds <torvalds@linux-foundation.org>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: Shuah Khan <shuahkh@osg.samsung.com>
      Cc: Thomas Gleixner <tglx@linutronix.de>
      Cc: stable@vger.kernel.org # 4.3.x-
      Fixes: c5c46f59 ("x86/entry: Add new, comprehensible entry and exit handlers written in C")
      Link: http://lkml.kernel.org/r/cbce3cf545522f64eb37f5478cb59746230db3b5.1455142412.git.luto@kernel.orgSigned-off-by: default avatarIngo Molnar <mingo@kernel.org>
      4e79e182
    • Andy Lutomirski's avatar
      selftests/x86: Add a test for syscall restart under ptrace · 40361343
      Andy Lutomirski authored
      This catches a regression from the compat syscall rework.  The
      32-bit variant of this test currently fails.  The issue is that, for
      a 32-bit tracer and a 32-bit tracee, GETREGS+SETREGS with no changes
      should be a no-op.  It currently isn't a no-op if RAX indicates
      signal restart, because the high bits get cleared and the kernel
      loses track of the restart state.
      Reported-by: default avatarRobert O'Callahan <robert@ocallahan.org>
      Signed-off-by: default avatarAndy Lutomirski <luto@kernel.org>
      Cc: Al Viro <viro@zeniv.linux.org.uk>
      Cc: Andy Lutomirski <luto@amacapital.net>
      Cc: Borislav Petkov <bp@alien8.de>
      Cc: Brian Gerst <brgerst@gmail.com>
      Cc: Denys Vlasenko <dvlasenk@redhat.com>
      Cc: H. Peter Anvin <hpa@zytor.com>
      Cc: Linus Torvalds <torvalds@linux-foundation.org>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: Shuah Khan <shuahkh@osg.samsung.com>
      Cc: Thomas Gleixner <tglx@linutronix.de>
      Link: http://lkml.kernel.org/r/c4040b40b5b4a37ed31375a69b683f753ec6788a.1455142412.git.luto@kernel.orgSigned-off-by: default avatarIngo Molnar <mingo@kernel.org>
      40361343
    • Andy Lutomirski's avatar
      selftests/x86: Fix some error messages in ptrace_syscall · adcfd23e
      Andy Lutomirski authored
      I had some obvious typos.
      Signed-off-by: default avatarAndy Lutomirski <luto@kernel.org>
      Cc: Al Viro <viro@zeniv.linux.org.uk>
      Cc: Andy Lutomirski <luto@amacapital.net>
      Cc: Borislav Petkov <bp@alien8.de>
      Cc: Brian Gerst <brgerst@gmail.com>
      Cc: Denys Vlasenko <dvlasenk@redhat.com>
      Cc: H. Peter Anvin <hpa@zytor.com>
      Cc: Linus Torvalds <torvalds@linux-foundation.org>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: Robert O'Callahan <robert@ocallahan.org>
      Cc: Shuah Khan <shuahkh@osg.samsung.com>
      Cc: Thomas Gleixner <tglx@linutronix.de>
      Link: http://lkml.kernel.org/r/e5e6772d4802986cf7df702e646fa24ac14f2204.1455142412.git.luto@kernel.orgSigned-off-by: default avatarIngo Molnar <mingo@kernel.org>
      adcfd23e
    • Michael S. Tsirkin's avatar
      hpet: Drop stale URLs · 4e7f9df2
      Michael S. Tsirkin authored
      Looks like the HPET spec at intel.com got moved.
      It isn't hard to find so drop the link, just mention
      the revision assumed.
      Suggested-by: default avatarThomas Gleixner <tglx@linutronix.de>
      Signed-off-by: default avatarMichael S. Tsirkin <mst@redhat.com>
      Acked-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
      Cc: Arnd Bergmann <arnd@arndb.de>
      Cc: Clemens Ladisch <clemens@ladisch.de>
      Cc: Jonathan Corbet <corbet@lwn.net>
      Cc: Linus Torvalds <torvalds@linux-foundation.org>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: linux-doc@vger.kernel.org
      Link: http://lkml.kernel.org/r/1455145462-3877-1-git-send-email-mst@redhat.comSigned-off-by: default avatarIngo Molnar <mingo@kernel.org>
      4e7f9df2
    • Toshi Kani's avatar
      x86/uaccess/64: Handle the caching of 4-byte nocache copies properly in __copy_user_nocache() · a82eee74
      Toshi Kani authored
      Data corruption issues were observed in tests which initiated
      a system crash/reset while accessing BTT devices.  This problem
      is reproducible.
      
      The BTT driver calls pmem_rw_bytes() to update data in pmem
      devices.  This interface calls __copy_user_nocache(), which
      uses non-temporal stores so that the stores to pmem are
      persistent.
      
      __copy_user_nocache() uses non-temporal stores when a request
      size is 8 bytes or larger (and is aligned by 8 bytes).  The
      BTT driver updates the BTT map table, which entry size is
      4 bytes.  Therefore, updates to the map table entries remain
      cached, and are not written to pmem after a crash.
      
      Change __copy_user_nocache() to use non-temporal store when
      a request size is 4 bytes.  The change extends the current
      byte-copy path for a less-than-8-bytes request, and does not
      add any overhead to the regular path.
      Reported-and-tested-by: default avatarMicah Parrish <micah.parrish@hpe.com>
      Reported-and-tested-by: default avatarBrian Boylston <brian.boylston@hpe.com>
      Signed-off-by: default avatarToshi Kani <toshi.kani@hpe.com>
      Cc: <stable@vger.kernel.org>
      Cc: Andrew Morton <akpm@linux-foundation.org>
      Cc: Andy Lutomirski <luto@amacapital.net>
      Cc: Borislav Petkov <bp@alien8.de>
      Cc: Borislav Petkov <bp@suse.de>
      Cc: Brian Gerst <brgerst@gmail.com>
      Cc: Dan Williams <dan.j.williams@intel.com>
      Cc: Denys Vlasenko <dvlasenk@redhat.com>
      Cc: H. Peter Anvin <hpa@zytor.com>
      Cc: Linus Torvalds <torvalds@linux-foundation.org>
      Cc: Luis R. Rodriguez <mcgrof@suse.com>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: Ross Zwisler <ross.zwisler@linux.intel.com>
      Cc: Thomas Gleixner <tglx@linutronix.de>
      Cc: Toshi Kani <toshi.kani@hp.com>
      Cc: Vishal Verma <vishal.l.verma@intel.com>
      Cc: linux-nvdimm@lists.01.org
      Link: http://lkml.kernel.org/r/1455225857-12039-3-git-send-email-toshi.kani@hpe.com
      [ Small readability edits. ]
      Signed-off-by: default avatarIngo Molnar <mingo@kernel.org>
      a82eee74
    • Toshi Kani's avatar
      x86/uaccess/64: Make the __copy_user_nocache() assembly code more readable · ee9737c9
      Toshi Kani authored
      Add comments to __copy_user_nocache() to clarify its procedures
      and alignment requirements.
      
      Also change numeric branch target labels to named local labels.
      
      No code changed:
      
       arch/x86/lib/copy_user_64.o:
      
          text    data     bss     dec     hex filename
          1239       0       0    1239     4d7 copy_user_64.o.before
          1239       0       0    1239     4d7 copy_user_64.o.after
      
       md5:
          58bed94c2db98c1ca9a2d46d0680aaae  copy_user_64.o.before.asm
          58bed94c2db98c1ca9a2d46d0680aaae  copy_user_64.o.after.asm
      Signed-off-by: default avatarToshi Kani <toshi.kani@hpe.com>
      Cc: <stable@vger.kernel.org>
      Cc: Andrew Morton <akpm@linux-foundation.org>
      Cc: Andy Lutomirski <luto@amacapital.net>
      Cc: Borislav Petkov <bp@alien8.de>
      Cc: Borislav Petkov <bp@suse.de>
      Cc: Brian Gerst <brgerst@gmail.com>
      Cc: Denys Vlasenko <dvlasenk@redhat.com>
      Cc: H. Peter Anvin <hpa@zytor.com>
      Cc: Linus Torvalds <torvalds@linux-foundation.org>
      Cc: Luis R. Rodriguez <mcgrof@suse.com>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: Thomas Gleixner <tglx@linutronix.de>
      Cc: Toshi Kani <toshi.kani@hp.com>
      Cc: brian.boylston@hpe.com
      Cc: dan.j.williams@intel.com
      Cc: linux-nvdimm@lists.01.org
      Cc: micah.parrish@hpe.com
      Cc: ross.zwisler@linux.intel.com
      Cc: vishal.l.verma@intel.com
      Link: http://lkml.kernel.org/r/1455225857-12039-2-git-send-email-toshi.kani@hpe.com
      [ Small readability edits and added object file comparison. ]
      Signed-off-by: default avatarIngo Molnar <mingo@kernel.org>
      ee9737c9
    • Borislav Petkov's avatar
      x86/msr: Document msr-index.h rule for addition · 053080a9
      Borislav Petkov authored
      In order to keep this file's size sensible and not cause too much
      unnecessary churn, make the rule explicit - similar to pci_ids.h - that
      only MSRs which are used in multiple compilation units, should get added
      to it.
      Signed-off-by: default avatarBorislav Petkov <bp@suse.de>
      Cc: Andy Lutomirski <luto@amacapital.net>
      Cc: Borislav Petkov <bp@alien8.de>
      Cc: Brian Gerst <brgerst@gmail.com>
      Cc: Denys Vlasenko <dvlasenk@redhat.com>
      Cc: H. Peter Anvin <hpa@zytor.com>
      Cc: Linus Torvalds <torvalds@linux-foundation.org>
      Cc: Paolo Bonzini <pbonzini@redhat.com>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: Suravee Suthikulpanit <Suravee.Suthikulpanit@amd.com>
      Cc: Thomas Gleixner <tglx@linutronix.de>
      Cc: alex.williamson@redhat.com
      Cc: gleb@kernel.org
      Cc: joro@8bytes.org
      Cc: kvm@vger.kernel.org
      Cc: sherry.hurwitz@amd.com
      Cc: wei@redhat.com
      Link: http://lkml.kernel.org/r/1455612202-14414-5-git-send-email-bp@alien8.deSigned-off-by: default avatarIngo Molnar <mingo@kernel.org>
      053080a9
    • Borislav Petkov's avatar
      x86/ftrace, x86/asm: Kill ftrace_caller_end label · f1b92bb6
      Borislav Petkov authored
      One of ftrace_caller_end and ftrace_return is redundant so unify them.
      Rename ftrace_return to ftrace_epilogue to mean that everything after
      that label represents, like an afterword, work which happens *after* the
      ftrace call, e.g., the function graph tracer for one.
      
      Steve wants this to rather mean "[a]n event which reflects meaningfully
      on a recently ended conflict or struggle." I can imagine that ftrace can
      be a struggle sometimes.
      
      Anyway, beef up the comment about the code contents and layout before
      ftrace_epilogue label.
      Signed-off-by: default avatarBorislav Petkov <bp@suse.de>
      Reviewed-by: default avatarSteven Rostedt <rostedt@goodmis.org>
      Cc: Andy Lutomirski <luto@amacapital.net>
      Cc: Borislav Petkov <bp@alien8.de>
      Cc: Brian Gerst <brgerst@gmail.com>
      Cc: Denys Vlasenko <dvlasenk@redhat.com>
      Cc: H. Peter Anvin <hpa@zytor.com>
      Cc: Linus Torvalds <torvalds@linux-foundation.org>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: Thomas Gleixner <tglx@linutronix.de>
      Link: http://lkml.kernel.org/r/1455612202-14414-4-git-send-email-bp@alien8.deSigned-off-by: default avatarIngo Molnar <mingo@kernel.org>
      f1b92bb6
    • Andy Lutomirski's avatar
      selftests/x86: Add tests for UC_SIGCONTEXT_SS and UC_STRICT_RESTORE_SS · 4f6c8938
      Andy Lutomirski authored
      This tests the two ABI-preserving cases that DOSEMU cares about, and
      it also explicitly tests the new UC_SIGCONTEXT_SS and
      UC_STRICT_RESTORE_SS flags.
      Signed-off-by: default avatarAndy Lutomirski <luto@kernel.org>
      Acked-by: default avatarBorislav Petkov <bp@alien8.de>
      Cc: Al Viro <viro@zeniv.linux.org.uk>
      Cc: Andy Lutomirski <luto@amacapital.net>
      Cc: Brian Gerst <brgerst@gmail.com>
      Cc: Cyrill Gorcunov <gorcunov@gmail.com>
      Cc: Denys Vlasenko <dvlasenk@redhat.com>
      Cc: H. Peter Anvin <hpa@zytor.com>
      Cc: Linus Torvalds <torvalds@linux-foundation.org>
      Cc: Oleg Nesterov <oleg@redhat.com>
      Cc: Pavel Emelyanov <xemul@parallels.com>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: Shuah Khan <shuahkh@osg.samsung.com>
      Cc: Stas Sergeev <stsp@list.ru>
      Cc: Thomas Gleixner <tglx@linutronix.de>
      Link: http://lkml.kernel.org/r/f3d08f98541d0bd3030ceb35e05e21f59e30232c.1455664054.git.luto@kernel.orgSigned-off-by: default avatarIngo Molnar <mingo@kernel.org>
      4f6c8938
    • Andy Lutomirski's avatar
      x86/signal/64: Re-add support for SS in the 64-bit signal context · 6c25da5a
      Andy Lutomirski authored
      This is a second attempt to make the improvements from c6f20629
      ("x86/signal/64: Fix SS handling for signals delivered to 64-bit
      programs"), which was reverted by 51adbfbba5c6 ("x86/signal/64: Add
      support for SS in the 64-bit signal context").
      
      This adds two new uc_flags flags.  UC_SIGCONTEXT_SS will be set for
      all 64-bit signals (including x32).  It indicates that the saved SS
      field is valid and that the kernel supports the new behavior.
      
      The goal is to fix a problems with signal handling in 64-bit tasks:
      SS wasn't saved in the 64-bit signal context, making it awkward to
      determine what SS was at the time of signal delivery and making it
      impossible to return to a non-flat SS (as calling sigreturn clobbers
      SS).
      
      This also made it extremely difficult for 64-bit tasks to return to
      fully-defined 16-bit contexts, because only the kernel can easily do
      espfix64, but sigreturn was unable to set a non-flag SS:ESP.
      (DOSEMU has a monstrous hack to partially work around this
      limitation.)
      
      If we could go back in time, the correct fix would be to make 64-bit
      signals work just like 32-bit signals with respect to SS: save it
      in signal context, reset it when delivering a signal, and restore
      it in sigreturn.
      
      Unfortunately, doing that (as I tried originally) breaks DOSEMU:
      DOSEMU wouldn't reset the signal context's SS when clearing the LDT
      and changing the saved CS to 64-bit mode, since it predates the SS
      context field existing in the first place.
      
      This patch is a bit more complicated, and it tries to balance a
      bunch of goals.  It makes most cases of changing ucontext->ss during
      signal handling work as expected.
      
      I do this by special-casing the interesting case.  On sigreturn,
      ucontext->ss will be honored by default, unless the ucontext was
      created from scratch by an old program and had a 64-bit CS
      (unfortunately, CRIU can do this) or was the result of changing a
      32-bit signal context to 64-bit without resetting SS (as DOSEMU
      does).
      
      For the benefit of new 64-bit software that uses segmentation (new
      versions of DOSEMU might), the new behavior can be detected with a
      new ucontext flag UC_SIGCONTEXT_SS.
      
      To avoid compilation issues, __pad0 is left as an alias for ss in
      ucontext.
      
      The nitty-gritty details are documented in the header file.
      
      This patch also re-enables the sigreturn_64 and ldt_gdt_64 selftests,
      as the kernel change allows both of them to pass.
      Tested-by: default avatarStas Sergeev <stsp@list.ru>
      Signed-off-by: default avatarAndy Lutomirski <luto@kernel.org>
      Acked-by: default avatarBorislav Petkov <bp@alien8.de>
      Cc: Al Viro <viro@zeniv.linux.org.uk>
      Cc: Andy Lutomirski <luto@amacapital.net>
      Cc: Brian Gerst <brgerst@gmail.com>
      Cc: Cyrill Gorcunov <gorcunov@gmail.com>
      Cc: Denys Vlasenko <dvlasenk@redhat.com>
      Cc: H. Peter Anvin <hpa@zytor.com>
      Cc: Linus Torvalds <torvalds@linux-foundation.org>
      Cc: Oleg Nesterov <oleg@redhat.com>
      Cc: Pavel Emelyanov <xemul@parallels.com>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: Thomas Gleixner <tglx@linutronix.de>
      Link: http://lkml.kernel.org/r/749149cbfc3e75cd7fcdad69a854b399d792cc6f.1455664054.git.luto@kernel.org
      [ Small readability edit. ]
      Signed-off-by: default avatarIngo Molnar <mingo@kernel.org>
      6c25da5a
    • Andy Lutomirski's avatar
      x86/signal/64: Fix SS if needed when delivering a 64-bit signal · 8ff5bd2e
      Andy Lutomirski authored
      Signals are always delivered to 64-bit tasks with CS set to a long
      mode segment.  In long mode, SS doesn't matter as long as it's a
      present writable segment.
      
      If SS starts out invalid (this can happen if the signal was caused
      by an IRET fault or was delivered on the way out of set_thread_area
      or modify_ldt), then IRET to the signal handler can fail, eventually
      killing the task.
      
      The straightforward fix would be to simply reset SS when delivering
      a signal.  That breaks DOSEMU, though: 64-bit builds of DOSEMU rely
      on SS being set to the faulting SS when signals are delivered.
      
      As a compromise, this patch leaves SS alone so long as it's valid.
      
      The net effect should be that the behavior of successfully delivered
      signals is unchanged.  Some signals that would previously have
      failed to be delivered will now be delivered successfully.
      
      This has no effect for x32 or 32-bit tasks: their signal handlers
      were already called with SS == __USER_DS.
      
      (On Xen, there's a slight hole: if a task sets SS to a writable
       *kernel* data segment, then we will fail to identify it as invalid
       and we'll still kill the task.  If anyone cares, this could be fixed
       with a new paravirt hook.)
      Signed-off-by: default avatarAndy Lutomirski <luto@kernel.org>
      Acked-by: default avatarBorislav Petkov <bp@alien8.de>
      Cc: Al Viro <viro@zeniv.linux.org.uk>
      Cc: Andy Lutomirski <luto@amacapital.net>
      Cc: Brian Gerst <brgerst@gmail.com>
      Cc: Cyrill Gorcunov <gorcunov@gmail.com>
      Cc: Denys Vlasenko <dvlasenk@redhat.com>
      Cc: H. Peter Anvin <hpa@zytor.com>
      Cc: Linus Torvalds <torvalds@linux-foundation.org>
      Cc: Oleg Nesterov <oleg@redhat.com>
      Cc: Pavel Emelyanov <xemul@parallels.com>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: Stas Sergeev <stsp@list.ru>
      Cc: Thomas Gleixner <tglx@linutronix.de>
      Link: http://lkml.kernel.org/r/163c6e1eacde41388f3ff4d2fe6769be651d7b6e.1455664054.git.luto@kernel.orgSigned-off-by: default avatarIngo Molnar <mingo@kernel.org>
      8ff5bd2e
    • Andy Lutomirski's avatar
      x86/signal/64: Add a comment about sigcontext->fs and gs · e54fdcca
      Andy Lutomirski authored
      These fields have a strange history.  This tries to document it.
      
      This borrows from 9a036b93 ("x86/signal/64: Remove 'fs' and 'gs'
      from sigcontext"), which was reverted by ed596cde ("Revert x86
      sigcontext cleanups").
      Signed-off-by: default avatarAndy Lutomirski <luto@kernel.org>
      Acked-by: default avatarBorislav Petkov <bp@alien8.de>
      Cc: Al Viro <viro@zeniv.linux.org.uk>
      Cc: Andy Lutomirski <luto@amacapital.net>
      Cc: Brian Gerst <brgerst@gmail.com>
      Cc: Cyrill Gorcunov <gorcunov@gmail.com>
      Cc: Denys Vlasenko <dvlasenk@redhat.com>
      Cc: H. Peter Anvin <hpa@zytor.com>
      Cc: Linus Torvalds <torvalds@linux-foundation.org>
      Cc: Oleg Nesterov <oleg@redhat.com>
      Cc: Pavel Emelyanov <xemul@parallels.com>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: Stas Sergeev <stsp@list.ru>
      Cc: Thomas Gleixner <tglx@linutronix.de>
      Link: http://lkml.kernel.org/r/baa78f3c84106fa5acbc319377b1850602f5deec.1455664054.git.luto@kernel.orgSigned-off-by: default avatarIngo Molnar <mingo@kernel.org>
      e54fdcca
  3. 16 Feb, 2016 5 commits
    • Ingo Molnar's avatar
      Merge tag 'efi-urgent' of... · 02a5f765
      Ingo Molnar authored
      Merge tag 'efi-urgent' of git://git.kernel.org/pub/scm/linux/kernel/git/mfleming/efi into x86/urgent
      
      Pull EFI bug fixes from Matt Fleming:
      
       * Fix bugs in our code that converts ucs2 strings to utf8 where we
         unintentionally drop bits from the original string (Jason Andryuk)
      
       * Add the efi-pstore variables to the variable whitelist so that
         users can continue to delete them via efivarfs without needing to
         manipulate the immutable flag (Matt Fleming)
      Signed-off-by: default avatarIngo Molnar <mingo@kernel.org>
      02a5f765
    • Jason Andryuk's avatar
      lib/ucs2_string: Correct ucs2 -> utf8 conversion · a6807590
      Jason Andryuk authored
      The comparisons should be >= since 0x800 and 0x80 require an additional bit
      to store.
      
      For the 3 byte case, the existing shift would drop off 2 more bits than
      intended.
      
      For the 2 byte case, there should be 5 bits bits in byte 1, and 6 bits in
      byte 2.
      Signed-off-by: default avatarJason Andryuk <jandryuk@gmail.com>
      Reviewed-by: default avatarLaszlo Ersek <lersek@redhat.com>
      Cc: Peter Jones <pjones@redhat.com>
      Cc: Matthew Garrett <mjg59@coreos.com>
      Cc: "Lee, Chun-Yi" <jlee@suse.com>
      Signed-off-by: default avatarMatt Fleming <matt@codeblueprint.co.uk>
      a6807590
    • Matt Fleming's avatar
      efi: Add pstore variables to the deletion whitelist · e246eb56
      Matt Fleming authored
      Laszlo explains why this is a good idea,
      
       'This is because the pstore filesystem can be backed by UEFI variables,
        and (for example) a crash might dump the last kilobytes of the dmesg
        into a number of pstore entries, each entry backed by a separate UEFI
        variable in the above GUID namespace, and with a variable name
        according to the above pattern.
      
        Please see "drivers/firmware/efi/efi-pstore.c".
      
        While this patch series will not prevent the user from deleting those
        UEFI variables via the pstore filesystem (i.e., deleting a pstore fs
        entry will continue to delete the backing UEFI variable), I think it
        would be nice to preserve the possibility for the sysadmin to delete
        Linux-created UEFI variables that carry portions of the crash log,
        *without* having to mount the pstore filesystem.'
      
      There's also no chance of causing machines to become bricked by
      deleting these variables, which is the whole purpose of excluding
      things from the whitelist.
      
      Use the LINUX_EFI_CRASH_GUID guid and a wildcard '*' for the match so
      that we don't have to update the string in the future if new variable
      name formats are created for crash dump variables.
      Reported-by: default avatarLaszlo Ersek <lersek@redhat.com>
      Acked-by: default avatarPeter Jones <pjones@redhat.com>
      Tested-by: default avatarPeter Jones <pjones@redhat.com>
      Cc: Matthew Garrett <mjg59@srcf.ucam.org>
      Cc: "Lee, Chun-Yi" <jlee@suse.com>
      Signed-off-by: default avatarMatt Fleming <matt@codeblueprint.co.uk>
      e246eb56
    • Ingo Molnar's avatar
      Merge tag 'efi-urgent' of... · 4682c211
      Ingo Molnar authored
      Merge tag 'efi-urgent' of git://git.kernel.org/pub/scm/linux/kernel/git/mfleming/efi into x86/urgent
      
      Pull EFI fixes from Matt Fleming:
      
       * Prevent accidental deletion of EFI variables through efivarfs that
         may brick machines. We use a whitelist of known-safe variables to
         allow things like installing distributions to work out of the box, and
         instead restrict vendor-specific variable deletion by making
         non-whitelist variables immutable (Peter Jones)
      Signed-off-by: default avatarIngo Molnar <mingo@kernel.org>
      4682c211
    • Borislav Petkov's avatar
      x86/cpufeature: Speed up cpu_feature_enabled() · f2cc8e07
      Borislav Petkov authored
      When GCC cannot do constant folding for this macro, it falls back to
      cpu_has(). But static_cpu_has() is optimal and it works at all times
      now. So use it and speedup the fallback case.
      
      Before we had this:
      
        mov    0x99d674(%rip),%rdx        # ffffffff81b0d9f4 <boot_cpu_data+0x34>
        shr    $0x2e,%rdx
        and    $0x1,%edx
        jne    ffffffff811704e9 <do_munmap+0x3f9>
      
      After alternatives patching, it turns into:
      
      		  jmp    0xffffffff81170390
      		  nopl   (%rax)
      		  ...
      		  callq  ffffffff81056e00 <mpx_notify_unmap>
      ffffffff81170390: mov    0x170(%r12),%rdi
      Signed-off-by: default avatarBorislav Petkov <bp@suse.de>
      Cc: Joerg Roedel <joro@8bytes.org>
      Cc: Linus Torvalds <torvalds@linux-foundation.org>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: Thomas Gleixner <tglx@linutronix.de>
      Link: http://lkml.kernel.org/r/1455578358-28347-1-git-send-email-bp@alien8.deSigned-off-by: default avatarIngo Molnar <mingo@kernel.org>
      f2cc8e07
  4. 15 Feb, 2016 2 commits
    • Simon Horman's avatar
      MAINTAINERS: Update mailing list for Renesas ARM64 SoC Development · 1926e54f
      Simon Horman authored
      Update the mailing list used for development of support for ARM64
      Renesas SoCs.
      
      This is a follow-up for a similar change for other Renesas SoCs and
      drivers uses by Renesas SoCs.  The ARM64 SoC entry was not updated in
      that patch as it was not yet present in mainline.
      
      The motivation for the mailing list update is that Renesas SoCs are now
      much wider than the SH architecture and there is some desire from some
      for the linux-sh list to refocus on discussion of the work on the SH
      architecture.
      Acked-by: default avatarMagnus Damm <damm@opensource.se>
      Acked-by: default avatarGeert Uytterhoeven <geert+renesas@glider.be>
      Signed-off-by: default avatarSimon Horman <horms+renesas@verge.net.au>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      1926e54f
    • Linus Torvalds's avatar
      Merge branch 'drm-fixes' of git://people.freedesktop.org/~airlied/linux · 631c0e84
      Linus Torvalds authored
      Pull i915 drm fixes from Dave Airlie:
       "Jani sent a bunch of i915 display fixes as my weekend started, but
        hopefully you can fit them in"
      
      * 'drm-fixes' of git://people.freedesktop.org/~airlied/linux:
        drm/i915: fix error path in intel_setup_gmbus()
        drm/i915/skl: Fix typo in DPLL_CFGCR1 definition
        drm/i915/skl: Don't skip mst encoders in skl_ddi_pll_select()
        drm/i915: Pretend cursor is always on for ILK-style WM calculations (v2)
        drm/i915/dp: reduce missing TPS3 support errors to debug logging
        drm/i915/dp: abstract training pattern selection
        drm/i915/dsi: skip gpio element execution when not supported
        drm/i915/dsi: don't pass arbitrary data to sideband
        drm/i915/dsi: defend gpio table against out of bounds access
        drm/i915/bxt: Don't save/restore eDP panel power during suspend (v3)
        drm/i915: Allow i915_gem_object_get_page() on userptr as well
      631c0e84
  5. 14 Feb, 2016 16 commits
    • Linus Torvalds's avatar
      Linux 4.5-rc4 · 18558cae
      Linus Torvalds authored
      18558cae
    • Dave Airlie's avatar
      Merge tag 'drm-intel-fixes-2016-02-12' of git://anongit.freedesktop.org/drm-intel into drm-fixes · bdbe58e6
      Dave Airlie authored
      i915 display fixes mostly.
      
      * tag 'drm-intel-fixes-2016-02-12' of git://anongit.freedesktop.org/drm-intel:
        drm/i915: fix error path in intel_setup_gmbus()
        drm/i915/skl: Fix typo in DPLL_CFGCR1 definition
        drm/i915/skl: Don't skip mst encoders in skl_ddi_pll_select()
        drm/i915: Pretend cursor is always on for ILK-style WM calculations (v2)
        drm/i915/dp: reduce missing TPS3 support errors to debug logging
        drm/i915/dp: abstract training pattern selection
        drm/i915/dsi: skip gpio element execution when not supported
        drm/i915/dsi: don't pass arbitrary data to sideband
        drm/i915/dsi: defend gpio table against out of bounds access
        drm/i915/bxt: Don't save/restore eDP panel power during suspend (v3)
        drm/i915: Allow i915_gem_object_get_page() on userptr as well
      bdbe58e6
    • Linus Torvalds's avatar
      Merge tag 'char-misc-4.5-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/char-misc · 58dd2b5b
      Linus Torvalds authored
      Pull char/misc driver fixes from Greg KH:
       "Here are 3 fixes for some reported issues.  Two nvmem driver fixes,
        and one mei fix.  All have been in linux-next just fine"
      
      * tag 'char-misc-4.5-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/char-misc:
        nvmem: qfprom: Specify LE device endianness
        nvmem: core: return error for non word aligned access
        mei: validate request value in client notify request ioctl
      58dd2b5b
    • Linus Torvalds's avatar
      Merge tag 'driver-core-4.5-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/driver-core · 60f40585
      Linus Torvalds authored
      Pull driver core fix from Greg KH:
       "Here is one driver core, well klist, fix for 4.5-rc4.
      
        It fixes a problem found in the scsi device list traversal that
        probably also could be triggered by other subsystems.
      
        The fix has been in linux-next for a while with no reported problems"
      
      * tag 'driver-core-4.5-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/driver-core:
        klist: fix starting point removed bug in klist iterators
      60f40585
    • Linus Torvalds's avatar
      Merge tag 'tty-4.5-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty · 779ee19d
      Linus Torvalds authored
      Pull tty/serial fixes from Greg KH:
       "Here are a number of small tty and serial driver fixes for 4.5-rc4
        that resolve some reported issues.
      
        One of them got reverted as it wasn't correct based on testing, and
        all have been in linux-next for a while"
      
      * tag 'tty-4.5-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty:
        Revert "8250: uniphier: allow modular build with 8250 console"
        pty: make sure super_block is still valid in final /dev/tty close
        pty: fix possible use after free of tty->driver_data
        tty: Add support for PCIe WCH382 2S multi-IO card
        serial/omap: mark wait_for_xmitr as __maybe_unused
        serial: omap: Prevent DoS using unprivileged ioctl(TIOCSRS485)
        8250: uniphier: allow modular build with 8250 console
        tty: Drop krefs for interrupted tty lock
      779ee19d
    • Linus Torvalds's avatar
      Merge tag 'usb-4.5-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb · 9db8cc1a
      Linus Torvalds authored
      Pull PHY fixes from Greg KH:
       "Here are a couple of PHY driver fixes for 4.5-rc4.
      
        A few small phy issues.  All have been in linux-next with no reported
        issues"
      
      * tag 'usb-4.5-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb:
        phy: twl4030-usb: Fix unbalanced pm_runtime_enable on module reload
        phy: twl4030-usb: Relase usb phy on unload
        phy: core: fix wrong err handle for phy_power_on
        phy: Restrict phy-hi6220-usb to HiSilicon arm64
      9db8cc1a
    • Linus Torvalds's avatar
      Merge branch 'perf-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip · 102a92ce
      Linus Torvalds authored
      Pull perf tooling fixes from Thomas Gleixner:
       "Another round of fixes for the perf tooling side:
      
         - Prevent a NULL pointer dereference in tracepoint error handling
      
         - Fix a thread handling bug in the intel_pt error handling code
      
         - Search both .eh_frame and .debug_frame sections as toolchains seem
           to have random choices of storing the CFI information
      
         - Fix the perf state interval output values, which got broken when
           fixing the overall output"
      
      * 'perf-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
        perf stat: Fix interval output values
        perf probe: Search both .eh_frame and .debug_frame sections for probe location
        perf tools: Fix thread lifetime related segfaut in intel_pt
        perf tools: tracepoint_error() can receive e=NULL, robustify it
      102a92ce
    • Linus Torvalds's avatar
      Merge branch 'locking-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip · cb490d63
      Linus Torvalds authored
      Pull lockdep fix from Thomas Gleixner:
       "A single fix for the stack trace caching logic in lockdep, where the
        duplicate avoidance managed to store no back trace at all"
      
      * 'locking-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
        locking/lockdep: Fix stack trace caching logic
      cb490d63
    • Linus Torvalds's avatar
      Merge branch 'timers-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip · 6a810945
      Linus Torvalds authored
      Pull timer fix from Thomas Gleixner:
       "A single fix preventing a 32bit overflow in timespec/val to cputime
        conversions on 32bit machines"
      
      * 'timers-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
        cputime: Prevent 32bit overflow in time[val|spec]_to_cputime()
      6a810945
    • Linus Torvalds's avatar
      Merge branch 'irq-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip · 8ab54ed6
      Linus Torvalds authored
      Pull irqchip fixes from Thomas Gleixner:
       "Another set of ARM SoC related irqchip fixes:
         - Plug a memory leak in gicv3-its
         - Limit features to the root gic interrupt controller
         - Add a missing barrier in the gic-v3 IAR access
         - Another compile test fix for sun4i"
      
      * 'irq-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
        irqchip/gic-v3: Make sure read from ICC_IAR1_EL1 is visible on redestributor
        irqchip/gic: Only set the EOImodeNS bit for the root controller
        irqchip/gic: Only populate set_affinity for the root controller
        irqchip/gicv3-its: Fix memory leak in its_free_tables()
        irqchip/sun4i: Fix compilation outside of arch/arm
      8ab54ed6
    • Linus Torvalds's avatar
      Merge branch 'x86-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip · 2d23e61f
      Linus Torvalds authored
      Pull x86 fixes from Thomas Gleixner:
       "Two small fixlets for x86:
      
         - Prevent a KASAN false positive in thread_saved_pc()
      
         - Fix a 32-bit truncation problem in the x86 numa code"
      
      * 'x86-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
        x86/mm/numa: Fix 32-bit memblock range truncation bug on 32-bit NUMA kernels
        x86: Fix KASAN false positives in thread_saved_pc()
      2d23e61f
    • Linus Torvalds's avatar
      Merge branch 'upstream' of git://git.linux-mips.org/pub/scm/ralf/upstream-linus · ab57a611
      Linus Torvalds authored
      Pull MIPS fixes from Ralf Baechle:
       "Here's the first round of MIPS fixes after the merge window:
      
         - Detect Octeon III's PCI correctly.
         - Fix return value of the MT7620 probing function.
         - Wire up the copy_file_range syscall.
         - Fix 64k page support on 32 bit kernels.
         - Fix the early Coherency Manager probe.
         - Allow only hardware-supported page sizes to be selected for R6000.
         - Fix corner cases for the RDHWR nstruction emulation on old hardware.
         - Fix FPU handling corner cases.
         - Remove stale entry for BCM33xx from the MAINTAINERS file.
         - 32 and 64 bit ELF headers are different, handle them correctly"
      
      * 'upstream' of git://git.linux-mips.org/pub/scm/ralf/upstream-linus:
        mips: Differentiate between 32 and 64 bit ELF header
        MIPS: Octeon: Update OCTEON_FEATURE_PCIE for Octeon III
        MIPS: pci-mt7620: Fix return value check in mt7620_pci_probe()
        MIPS: Fix early CM probing
        MIPS: Wire up copy_file_range syscall.
        MIPS: Fix 64k page support for 32 bit kernels.
        MIPS: R6000: Don't allow 64k pages for R6000.
        MIPS: traps.c: Correct microMIPS RDHWR emulation
        MIPS: traps.c: Don't emulate RDHWR in the CpU #0 exception handler
        MAINTAINERS: Remove stale entry for BCM33xx chips
        MIPS: Fix FPU disable with preemption
        MIPS: Properly disable FPU in start_thread()
        MIPS: Fix buffer overflow in syscall_get_arguments()
      ab57a611
    • Linus Torvalds's avatar
      Merge branch 'fixes' of git://ftp.arm.linux.org.uk/~rmk/linux-arm · be3f4e0f
      Linus Torvalds authored
      Pull ARM fixes from Russell King:
       "A couple of ARM fixes from Linus for the ICST clock generator code"
      
      [ "Linus" here is Linus Walleij.  Name-stealer.
      
             Linus "there can be only one" Torvalds ]
      
      * 'fixes' of git://ftp.arm.linux.org.uk/~rmk/linux-arm:
        ARM: 8519/1: ICST: try other dividends than 1
        ARM: 8517/1: ICST: avoid arithmetic overflow in icst_hz()
      be3f4e0f
    • Linus Torvalds's avatar
      Merge branch 'component' of git://ftp.arm.linux.org.uk/~rmk/linux-arm · 8b9f9ebe
      Linus Torvalds authored
      Pull component helper fixes from Russell King:
       "A few fixes for problems people have encountered with the recent
        update to the component helpers"
      
      * 'component' of git://ftp.arm.linux.org.uk/~rmk/linux-arm:
        component: remove device from master match list on failed add
        component: Detach components when deleting master struct
        component: fix crash on x86_64 with hda audio drivers
      8b9f9ebe
    • Linus Torvalds's avatar
      Merge tag 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/dledford/rdma · 7686e3c1
      Linus Torvalds authored
      Pull more rdma fixes from Doug Ledford:
       "I think we are getting pretty close to done now.  There are four
        one-off fixes in this update:
      
         - fix ipoib multicast joins
         - fix mlx4 error handling
         - fix mlx5 size computation
         - fix a thinko in core code"
      
      * tag 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/dledford/rdma:
        IB/mlx5: Fix RC transport send queue overhead computation
        IB/ipoib: fix for rare multicast join race condition
        IB/core: Fix reading capability mask of the port info class
        net/mlx4: fix some error handling in mlx4_multi_func_init()
      7686e3c1
    • Linus Torvalds's avatar
      Merge git://git.kernel.org/pub/scm/linux/kernel/git/nab/target-pending · 2f2e9f2d
      Linus Torvalds authored
      Pull SCSI target fixes from Nicholas Bellinger:
       "This includes the long awaited series to address a set of bugs around
        active I/O remote-port LUN_RESET, as well as properly handling this
        same case with concurrent fabric driver session disconnect ->
        reconnect.
      
        Note this set of LUN_RESET bug-fixes has been surviving extended
        testing on both v4.5-rc1 and v3.14.y code over the last weeks, and is
        CC'ed for stable as it's something folks using multiple ESX connected
        hosts with slow backends can certainly trigger.
      
        The highlights also include:
      
         - Fix WRITE_SAME/DISCARD emulation 4k sector conversion in
           target/iblock (Mike Christie)
      
         - Fix TMR abort interaction and AIO type TMR response in qla2xxx
           target (Quinn Tran + Swapnil Nagle)
      
         - Fix >= v3.17 stale descriptor pointer regression in qla2xxx target
           (Quinn Tran)
      
         - Fix >= v4.5-rc1 return regression with unmap_zeros_data_store new
           configfs store handler (nab)
      
         - Add CPU affinity flag + convert qla2xxx to use bit (Quinn + HCH +
           Bart)"
      
      * git://git.kernel.org/pub/scm/linux/kernel/git/nab/target-pending:
        qla2xxx: use TARGET_SCF_USE_CPUID flag to indiate CPU Affinity
        target/transport: add flag to indicate CPU Affinity is observed
        target: Fix incorrect unmap_zeroes_data_store return
        qla2xxx: Use ATIO type to send correct tmr response
        qla2xxx: Fix stale pointer access.
        target/user: Fix cast from pointer to phys_addr_t
        target: Drop legacy se_cmd->task_stop_comp + REQUEST_STOP usage
        target: Fix race with SCF_SEND_DELAYED_TAS handling
        target: Fix remote-port TMR ABORT + se_cmd fabric stop
        target: Fix TAS handling for multi-session se_node_acls
        target: Fix LUN_RESET active TMR descriptor handling
        target: Fix LUN_RESET active I/O handling for ACK_KREF
        qla2xxx: Fix TMR ABORT interaction issue between qla2xxx and TCM
        qla2xxx: Fix warning reported by static checker
        target: Fix WRITE_SAME/DISCARD conversion to linux 512b sectors
      2f2e9f2d
  6. 13 Feb, 2016 3 commits