1. 12 Dec, 2022 1 commit
  2. 30 Nov, 2022 1 commit
  3. 06 Jul, 2021 4 commits
    • Tong Tiangen's avatar
      riscv: add VMAP_STACK overflow detection · 31da94c2
      Tong Tiangen authored
      This patch adds stack overflow detection to riscv, usable when
      CONFIG_VMAP_STACK=y.
      
      Overflow is detected in kernel exception entry(kernel/entry.S), if the
      kernel stack is overflow and been detected, the overflow handler is
      invoked on a per-cpu overflow stack. This approach preserves GPRs and
      the original exception information.
      
      The overflow detect is performed before any attempt is made to access
      the stack and the principle of stack overflow detection: kernel stacks
      are aligned to double their size, enabling overflow to be detected with
      a single bit test. For example, a 16K stack is aligned to 32K, ensuring
      that bit 14 of the SP must be zero. On an overflow (or underflow), this
      bit is flipped. Thus, overflow (of less than the size of the stack) can
      be detected by testing whether this bit is set.
      
      This gives us a useful error message on stack overflow, as can be
      trigger with the LKDTM overflow test:
      
      [  388.053267] lkdtm: Performing direct entry EXHAUST_STACK
      [  388.053663] lkdtm: Calling function with 1024 frame size to depth 32 ...
      [  388.054016] lkdtm: loop 32/32 ...
      [  388.054186] lkdtm: loop 31/32 ...
      [  388.054491] lkdtm: loop 30/32 ...
      [  388.054672] lkdtm: loop 29/32 ...
      [  388.054859] lkdtm: loop 28/32 ...
      [  388.055010] lkdtm: loop 27/32 ...
      [  388.055163] lkdtm: loop 26/32 ...
      [  388.055309] lkdtm: loop 25/32 ...
      [  388.055481] lkdtm: loop 24/32 ...
      [  388.055653] lkdtm: loop 23/32 ...
      [  388.055837] lkdtm: loop 22/32 ...
      [  388.056015] lkdtm: loop 21/32 ...
      [  388.056188] lkdtm: loop 20/32 ...
      [  388.058145] Insufficient stack space to handle exception!
      [  388.058153] Task stack:     [0xffffffd014260000..0xffffffd014264000]
      [  388.058160] Overflow stack: [0xffffffe1f8d2c220..0xffffffe1f8d2d220]
      [  388.058168] CPU: 0 PID: 89 Comm: bash Not tainted 5.12.0-rc8-dirty #90
      [  388.058175] Hardware name: riscv-virtio,qemu (DT)
      [  388.058187] epc : number+0x32/0x2c0
      [  388.058247]  ra : vsnprintf+0x2ae/0x3f0
      [  388.058255] epc : ffffffe0002d38f6 ra : ffffffe0002d814e sp : ffffffd01425ffc0
      [  388.058263]  gp : ffffffe0012e4010 tp : ffffffe08014da00 t0 : ffffffd0142606e8
      [  388.058271]  t1 : 0000000000000000 t2 : 0000000000000000 s0 : ffffffd014260070
      [  388.058303]  s1 : ffffffd014260158 a0 : ffffffd01426015e a1 : ffffffd014260158
      [  388.058311]  a2 : 0000000000000013 a3 : ffff0a01ffffff10 a4 : ffffffe000c398e0
      [  388.058319]  a5 : 511b02ec65f3e300 a6 : 0000000000a1749a a7 : 0000000000000000
      [  388.058327]  s2 : ffffffff000000ff s3 : 00000000ffff0a01 s4 : ffffffe0012e50a8
      [  388.058335]  s5 : 0000000000ffff0a s6 : ffffffe0012e50a8 s7 : ffffffe000da1cc0
      [  388.058343]  s8 : ffffffffffffffff s9 : ffffffd0142602b0 s10: ffffffd0142602a8
      [  388.058351]  s11: ffffffd01426015e t3 : 00000000000f0000 t4 : ffffffffffffffff
      [  388.058359]  t5 : 000000000000002f t6 : ffffffd014260158
      [  388.058366] status: 0000000000000100 badaddr: ffffffd01425fff8 cause: 000000000000000f
      [  388.058374] Kernel panic - not syncing: Kernel stack overflow
      [  388.058381] CPU: 0 PID: 89 Comm: bash Not tainted 5.12.0-rc8-dirty #90
      [  388.058387] Hardware name: riscv-virtio,qemu (DT)
      [  388.058393] Call Trace:
      [  388.058400] [<ffffffe000004944>] walk_stackframe+0x0/0xce
      [  388.058406] [<ffffffe0006f0b28>] dump_backtrace+0x38/0x46
      [  388.058412] [<ffffffe0006f0b46>] show_stack+0x10/0x18
      [  388.058418] [<ffffffe0006f3690>] dump_stack+0x74/0x8e
      [  388.058424] [<ffffffe0006f0d52>] panic+0xfc/0x2b2
      [  388.058430] [<ffffffe0006f0acc>] print_trace_address+0x0/0x24
      [  388.058436] [<ffffffe0002d814e>] vsnprintf+0x2ae/0x3f0
      [  388.058956] SMP: stopping secondary CPUs
      Signed-off-by: default avatarTong Tiangen <tongtiangen@huawei.com>
      Reviewed-by: default avatarKefeng Wang <wangkefeng.wang@huawei.com>
      Signed-off-by: default avatarPalmer Dabbelt <palmerdabbelt@google.com>
      31da94c2
    • Jeff Xie's avatar
      riscv: ptrace: add argn syntax · 70eee556
      Jeff Xie authored
      This enables ftrace kprobe events to access kernel function
      arguments via $argN syntax.
      Signed-off-by: default avatarJeff Xie <huan.xie@suse.com>
      Signed-off-by: default avatarPalmer Dabbelt <palmerdabbelt@google.com>
      70eee556
    • Nanyong Sun's avatar
      riscv: mm: fix build errors caused by mk_pmd() · 9eb4fcff
      Nanyong Sun authored
      With "riscv: mm: add THP support on 64-bit", mk_pmd() function
      introduce build errors,
      1.build with CONFIG_ARCH_RV32I=y:
      arch/riscv/include/asm/pgtable.h: In function 'mk_pmd':
      arch/riscv/include/asm/pgtable.h:513:9: error: implicit declaration of function 'pfn_pmd';
       did you mean 'pfn_pgd'? [-Werror=implicit-function-declaration]
      
      2.build with CONFIG_SPARSEMEM=y && CONFIG_SPARSEMEM_VMEMMAP=n
      arch/riscv/include/asm/pgtable.h: In function 'mk_pmd':
      include/asm-generic/memory_model.h:64:14: error: implicit declaration of function 'page_to_section';
       did you mean 'present_section'? [-Werror=implicit-function-declaration]
      
      Move the definition of mk_pmd to pgtable-64.h to fix the first error.
      Use macro definition instead of inline function for mk_pmd
      to fix the second problem. It is similar to the mk_pte macro.
      Reported-by: default avatarkernel test robot <lkp@intel.com>
      Signed-off-by: default avatarNanyong Sun <sunnanyong@huawei.com>
      Tested-by: default avatarGeert Uytterhoeven <geert@linux-m68k.org>
      Signed-off-by: default avatarPalmer Dabbelt <palmerdabbelt@google.com>
      9eb4fcff
    • Alexandre Ghiti's avatar
      riscv: Introduce structure that group all variables regarding kernel mapping · 658e2c51
      Alexandre Ghiti authored
      We have a lot of variables that are used to hold kernel mapping addresses,
      offsets between physical and virtual mappings and some others used for XIP
      kernels: they are all defined at different places in mm/init.c, so group
      them into a single structure with, for some of them, more explicit and concise
      names.
      Signed-off-by: default avatarAlexandre Ghiti <alex@ghiti.fr>
      Signed-off-by: default avatarPalmer Dabbelt <palmerdabbelt@google.com>
      658e2c51
  4. 01 Jul, 2021 7 commits
  5. 15 Jun, 2021 1 commit
  6. 11 Jun, 2021 3 commits
  7. 09 Jun, 2021 4 commits
  8. 02 Jun, 2021 1 commit
    • Jisheng Zhang's avatar
      riscv: mm: Fix W+X mappings at boot · 8a4102a0
      Jisheng Zhang authored
      When the kernel mapping was moved the last 2GB of the address space,
      (__va(PFN_PHYS(max_low_pfn))) is much smaller than the .data section
      start address, the last set_memory_nx() in protect_kernel_text_data()
      will fail, thus the .data section is still mapped as W+X. This results
      in below W+X mapping waring at boot. Fix it by passing the correct
      .data section page num to the set_memory_nx().
      
      [    0.396516] ------------[ cut here ]------------
      [    0.396889] riscv/mm: Found insecure W+X mapping at address (____ptrval____)/0xffffffff80c00000
      [    0.398347] WARNING: CPU: 0 PID: 1 at arch/riscv/mm/ptdump.c:258 note_page+0x244/0x24a
      [    0.398964] Modules linked in:
      [    0.399459] CPU: 0 PID: 1 Comm: swapper/0 Not tainted 5.13.0-rc1+ #14
      [    0.400003] Hardware name: riscv-virtio,qemu (DT)
      [    0.400591] epc : note_page+0x244/0x24a
      [    0.401368]  ra : note_page+0x244/0x24a
      [    0.401772] epc : ffffffff80007c86 ra : ffffffff80007c86 sp : ffffffe000e7bc30
      [    0.402304]  gp : ffffffff80caae88 tp : ffffffe000e70000 t0 : ffffffff80cb80cf
      [    0.402800]  t1 : ffffffff80cb80c0 t2 : 0000000000000000 s0 : ffffffe000e7bc80
      [    0.403310]  s1 : ffffffe000e7bde8 a0 : 0000000000000053 a1 : ffffffff80c83ff0
      [    0.403805]  a2 : 0000000000000010 a3 : 0000000000000000 a4 : 6c7e7a5137233100
      [    0.404298]  a5 : 6c7e7a5137233100 a6 : 0000000000000030 a7 : ffffffffffffffff
      [    0.404849]  s2 : ffffffff80e00000 s3 : 0000000040000000 s4 : 0000000000000000
      [    0.405393]  s5 : 0000000000000000 s6 : 0000000000000003 s7 : ffffffe000e7bd48
      [    0.405935]  s8 : ffffffff81000000 s9 : ffffffffc0000000 s10: ffffffe000e7bd48
      [    0.406476]  s11: 0000000000001000 t3 : 0000000000000072 t4 : ffffffffffffffff
      [    0.407016]  t5 : 0000000000000002 t6 : ffffffe000e7b978
      [    0.407435] status: 0000000000000120 badaddr: 0000000000000000 cause: 0000000000000003
      [    0.408052] Call Trace:
      [    0.408343] [<ffffffff80007c86>] note_page+0x244/0x24a
      [    0.408855] [<ffffffff8010c5a6>] ptdump_hole+0x14/0x1e
      [    0.409263] [<ffffffff800f65c6>] walk_pgd_range+0x2a0/0x376
      [    0.409690] [<ffffffff800f6828>] walk_page_range_novma+0x4e/0x6e
      [    0.410146] [<ffffffff8010c5f8>] ptdump_walk_pgd+0x48/0x78
      [    0.410570] [<ffffffff80007d66>] ptdump_check_wx+0xb4/0xf8
      [    0.410990] [<ffffffff80006738>] mark_rodata_ro+0x26/0x2e
      [    0.411407] [<ffffffff8031961e>] kernel_init+0x44/0x108
      [    0.411814] [<ffffffff80002312>] ret_from_exception+0x0/0xc
      [    0.412309] ---[ end trace 7ec3459f2547ea83 ]---
      [    0.413141] Checked W+X mappings: failed, 512 W+X pages found
      
      Fixes: 2bfc6cd8 ("riscv: Move kernel mapping outside of linear mapping")
      Signed-off-by: default avatarJisheng Zhang <jszhang@kernel.org>
      Signed-off-by: default avatarPalmer Dabbelt <palmerdabbelt@google.com>
      8a4102a0
  9. 30 May, 2021 2 commits
  10. 29 May, 2021 3 commits
  11. 26 May, 2021 7 commits
  12. 22 May, 2021 4 commits
  13. 09 May, 2021 2 commits
    • Linus Torvalds's avatar
      Linux 5.13-rc1 · 6efb943b
      Linus Torvalds authored
      6efb943b
    • Linus Torvalds's avatar
      fbmem: fix horribly incorrect placement of __maybe_unused · 6dae40ae
      Linus Torvalds authored
      Commit b9d79e4c ("fbmem: Mark proc_fb_seq_ops as __maybe_unused")
      places the '__maybe_unused' in an entirely incorrect location between
      the "struct" keyword and the structure name.
      
      It's a wonder that gcc accepts that silently, but clang quite reasonably
      warns about it:
      
          drivers/video/fbdev/core/fbmem.c:736:21: warning: attribute declaration must precede definition [-Wignored-attributes]
          static const struct __maybe_unused seq_operations proc_fb_seq_ops = {
                              ^
      
      Fix it.
      
      Cc: Guenter Roeck <linux@roeck-us.net>
      Cc: Daniel Vetter <daniel.vetter@ffwll.ch>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      6dae40ae