1. 29 Sep, 2016 12 commits
    • Paul Burton's avatar
      MIPS: Fix detection of unsupported highmem with cache aliases · 058effe7
      Paul Burton authored
      The paging_init() function contains code which detects that highmem is
      in use but unsupported due to dcache aliasing. However this code was
      ineffective because it was being run before the caches are probed,
      meaning that cpu_has_dc_aliases would always evaluate to false (unless a
      platform overrides it to a compile-time constant) and the detection of
      the unsupported case is never triggered. The kernel would then go on to
      attempt to use highmem & either hit coherency issues or trigger the
      BUG_ON in flush_kernel_dcache_page().
      
      Fix this by running paging_init() later than cpu_cache_init(), such that
      the cpu_has_dc_aliases macro will evaluate correctly & the unsupported
      highmem case will be detected successfully.
      
      This then leads to a formerly hidden issue in that
      mem_init_free_highmem() will attempt to free all highmem pages, even
      though we're avoiding use of them & don't have valid page structs for
      them. This leads to an invalid pointer dereference & a TLB exception.
      Avoid this by skipping the loop in mem_init_free_highmem() if
      cpu_has_dc_aliases evaluates true.
      Signed-off-by: default avatarPaul Burton <paul.burton@imgtec.com>
      Cc: Rabin Vincent <rabinv@axis.com>
      Cc: Matt Redfearn <matt.redfearn@imgtec.com>
      Cc: Jerome Marchand <jmarchan@redhat.com>
      Cc: Alexander Sverdlin <alexander.sverdlin@gmail.com>
      Cc: Aurelien Jarno <aurelien@aurel32.net>
      Cc: Jaedon Shin <jaedon.shin@gmail.com>
      Cc: Toshi Kani <toshi.kani@hpe.com>
      Cc: James Hogan <james.hogan@imgtec.com>
      Cc: Sergey Ryazanov <ryazanov.s.a@gmail.com>
      Cc: Jonas Gorski <jogo@openwrt.org>
      Cc: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
      Cc: linux-mips@linux-mips.org
      Cc: linux-kernel@vger.kernel.org
      Patchwork: https://patchwork.linux-mips.org/patch/14184/Signed-off-by: default avatarRalf Baechle <ralf@linux-mips.org>
      058effe7
    • Paul Burton's avatar
      MIPS: Malta: Fix IOCU disable switch read for MIPS64 · 305723ab
      Paul Burton authored
      Malta boards used with CPU emulators feature a switch to disable use of
      an IOCU. Software has to check this switch & ignore any present IOCU if
      the switch is closed. The read used to do this was unsafe for 64 bit
      kernels, as it simply casted the address 0xbf403000 to a pointer &
      dereferenced it. Whilst in a 32 bit kernel this would access kseg1, in a
      64 bit kernel this attempts to access xuseg & results in an address
      error exception.
      
      Fix by accessing a correctly formed ckseg1 address generated using the
      CKSEG1ADDR macro.
      
      Whilst modifying this code, define the name of the register and the bit
      we care about within it, which indicates whether PCI DMA is routed to
      the IOCU or straight to DRAM. The code previously checked that bit 0 was
      also set, but the least significant 7 bits of the CONFIG_GEN0 register
      contain the value of the MReqInfo signal provided to the IOCU OCP bus,
      so singling out bit 0 makes little sense & that part of the check is
      dropped.
      Signed-off-by: default avatarPaul Burton <paul.burton@imgtec.com>
      Fixes: b6d92b4a ("MIPS: Add option to disable software I/O coherency.")
      Cc: Matt Redfearn <matt.redfearn@imgtec.com>
      Cc: Masahiro Yamada <yamada.masahiro@socionext.com>
      Cc: Kees Cook <keescook@chromium.org>
      Cc: linux-mips@linux-mips.org
      Cc: linux-kernel@vger.kernel.org
      Patchwork: https://patchwork.linux-mips.org/patch/14187/Signed-off-by: default avatarRalf Baechle <ralf@linux-mips.org>
      305723ab
    • Paul Burton's avatar
      MIPS: Fix BUILD_ROLLBACK_PROLOGUE for microMIPS · 1eefcbc8
      Paul Burton authored
      When the kernel is built for microMIPS, branches targets need to be
      known to be microMIPS code in order to result in bit 0 of the PC being
      set. The branch target in the BUILD_ROLLBACK_PROLOGUE macro was simply
      the end of the macro, which may be pointing at padding rather than at
      code. This results in recent enough GNU linkers complaining like so:
      
          mips-img-linux-gnu-ld: arch/mips/built-in.o: .text+0x3e3c: Unsupported branch between ISA modes.
          mips-img-linux-gnu-ld: final link failed: Bad value
          Makefile:936: recipe for target 'vmlinux' failed
          make: *** [vmlinux] Error 1
      
      Fix this by changing the branch target to be the start of the
      appropriate handler, skipping over any padding.
      Signed-off-by: default avatarPaul Burton <paul.burton@imgtec.com>
      Cc: linux-mips@linux-mips.org
      Patchwork: https://patchwork.linux-mips.org/patch/14019/Signed-off-by: default avatarRalf Baechle <ralf@linux-mips.org>
      1eefcbc8
    • Paul Burton's avatar
      MIPS: clear execution hazard after changing FTLB enable · 67acd8d5
      Paul Burton authored
      On current P-series cores from Imagination the FTLB can be enabled or
      disabled via a bit in the Config6 register, and an execution hazard is
      created by changing the value of bit. The ftlb_disable function already
      cleared that hazard but that does no good for other callers. Clear the
      hazard in the set_ftlb_enable function that creates it, and only for the
      cores where it applies.
      
      This has the effect of reverting c982c6d6 ("MIPS: cpu-probe: Remove
      cp0 hazard barrier when enabling the FTLB") which was incorrect.
      Signed-off-by: default avatarPaul Burton <paul.burton@imgtec.com>
      Fixes: c982c6d6 ("MIPS: cpu-probe: Remove cp0 hazard barrier when enabling the FTLB")
      Cc: linux-mips@linux-mips.org
      Patchwork: https://patchwork.linux-mips.org/patch/14023/Signed-off-by: default avatarRalf Baechle <ralf@linux-mips.org>
      67acd8d5
    • Paul Burton's avatar
      MIPS: Configure FTLB after probing TLB sizes from config4 · ebd0e0f5
      Paul Burton authored
      On some cores (proAptiv, P5600) we make use of the sizes of the TLBs
      to determine the desired FTLB:VTLB write ratio. However set_ftlb_enable
      & thus calculate_ftlb_probability is called before decode_config4. This
      results in us calculating a probability based on zero sizes, and we end
      up setting FTLBP=3 for a 3:1 FTLB:VTLB write ratio in all cases. This
      will make abysmal use of the available FTLB resources in the affected
      cores.
      
      Fix this by configuring the FTLB probability after having decoded
      config4. However we do need to have enabled the FTLB before that point
      such that fields in config4 actually reflect that an FTLB is present. So
      set_ftlb_enable is now called twice, with flags indicating that it
      should configure the write probability only the second time.
      Signed-off-by: default avatarPaul Burton <paul.burton@imgtec.com>
      Fixes: cf0a8aa0 ("MIPS: cpu-probe: Set the FTLB probability bit on supported cores")
      Cc: linux-mips@linux-mips.org
      Patchwork: https://patchwork.linux-mips.org/patch/14022/Signed-off-by: default avatarRalf Baechle <ralf@linux-mips.org>
      ebd0e0f5
    • Paul Burton's avatar
      MIPS: Stop setting I6400 FTLBP · 72c70f01
      Paul Burton authored
      The FTLBP field in Config7 for the I6400 is intended as chicken bits for
      debugging rather than as a field that software actually makes use of.
      For best performance, FTLBP should be left at its default value of 0
      with all TLB writes hitting the FTLB by default.
      
      Additionally, since set_ftlb_enable is called from decode_configs before
      decode_config4 which determines the size of the TLBs, this was
      previously always setting FTLBP=3 for a 3:1 FTLB:VTLB write ratio which
      makes abysmal use of the available FTLB resources.
      
      This effectively reverts b0c4e1b79d8a ("MIPS: Set up FTLB probability
      for I6400").
      Signed-off-by: default avatarPaul Burton <paul.burton@imgtec.com>
      Fixes: b0c4e1b79d8a ("MIPS: Set up FTLB probability for I6400")
      Cc: linux-mips@linux-mips.org
      Patchwork: https://patchwork.linux-mips.org/patch/14021/Signed-off-by: default avatarRalf Baechle <ralf@linux-mips.org>
      72c70f01
    • Ralf Baechle's avatar
      MIPS: DEC: Avoid la pseudo-instruction in delay slots · 3021773c
      Ralf Baechle authored
      When expanding the la or dla pseudo-instruction in a delay slot the GNU
      assembler will complain should the pseudo-instruction expand to multiple
      actual instructions, since only the first of them will be in the delay
      slot leading to the pseudo-instruction being only partially executed if
      the branch is taken. Use of PTR_LA in the dec int-handler.S leads to
      such warnings:
      
        arch/mips/dec/int-handler.S: Assembler messages:
        arch/mips/dec/int-handler.S:149: Warning: macro instruction expanded into multiple instructions in a branch delay slot
        arch/mips/dec/int-handler.S:198: Warning: macro instruction expanded into multiple instructions in a branch delay slot
      
      Avoid this by open coding the PTR_LA macros.
      Signed-off-by: default avatarRalf Baechle <ralf@linux-mips.org>
      3021773c
    • Steven J. Hill's avatar
      MIPS: Octeon: mark GPIO controller node not populated after IRQ init. · 0a900553
      Steven J. Hill authored
      We clear the OF_POPULATED flag for the GPIO controller node on Octeon
      processors. Otherwise, none of the devices hanging on the GPIO lines
      are probed. The 'gpio-leds' driver on OCTEON failed to probe in addition
      to other devices on Cavium 71xx and 78xx development boards.
      
      Fixes: 15cc2ed6 ("of/irq: Mark initialised interrupt controllers as populated")
      Signed-off-by: default avatarSteven J. Hill <steven.hill@cavium.com>
      Tested-by: default avatarAaro Koskinen <aaro.koskinen@iki.fi>
      Cc: David Daney <david.daney@cavium.com>
      Cc: Rob Herring <robh@kernel.org>
      Cc: linux-mips@linux-mips.org
      Cc: devicetree@vger.kernel.org
      Patchwork: https://patchwork.linux-mips.org/patch/14091/Signed-off-by: default avatarRalf Baechle <ralf@linux-mips.org>
      0a900553
    • Marcin Nowakowski's avatar
      MIPS: uprobes: fix use of uninitialised variable · ca86c9ef
      Marcin Nowakowski authored
      arch_uprobe_pre_xol needs to emulate a branch if a branch instruction
      has been replaced with a breakpoint, but in fact an uninitialised local
      variable was passed to the emulator routine instead of the original
      instruction
      Signed-off-by: default avatarMarcin Nowakowski <marcin.nowakowski@imgtec.com>
      Fixes: 40e084a5 ('MIPS: Add uprobes support.')
      Cc: linux-mips@linux-mips.org
      Patchwork: https://patchwork.linux-mips.org/patch/14300/Signed-off-by: default avatarRalf Baechle <ralf@linux-mips.org>
      ca86c9ef
    • Marcin Nowakowski's avatar
      MIPS: uprobes: remove incorrect set_orig_insn · ddabfa5c
      Marcin Nowakowski authored
      Generic kernel code implements a weak version of set_orig_insn that
      moves cached 'insn' from arch_uprobe to the original code location when
      the trap is removed.
      MIPS variant used arch_uprobe->orig_inst which was never initialised
      properly, so this code only inserted a nop instead of the original
      instruction. With that change orig_inst can also be safely removed.
      Signed-off-by: default avatarMarcin Nowakowski <marcin.nowakowski@imgtec.com>
      Fixes: 40e084a5 ('MIPS: Add uprobes support.')
      Cc: linux-mips@linux-mips.org
      Patchwork: https://patchwork.linux-mips.org/patch/14299/Signed-off-by: default avatarRalf Baechle <ralf@linux-mips.org>
      ddabfa5c
    • Marcin Nowakowski's avatar
      MIPS: fix uretprobe implementation · db06068a
      Marcin Nowakowski authored
      arch_uretprobe_hijack_return_addr should replace the return address for
      a call with a trampoline address.
      Signed-off-by: default avatarMarcin Nowakowski <marcin.nowakowski@imgtec.com>
      Fixes: 40e084a5 ('MIPS: Add uprobes support.')
      Cc: linux-mips@linux-mips.org
      Patchwork: https://patchwork.linux-mips.org/patch/14298/Signed-off-by: default avatarRalf Baechle <ralf@linux-mips.org>
      db06068a
    • Matt Redfearn's avatar
      MIPS: smp-cps: Avoid BUG() when offlining pre-r6 CPUs · 6ca8ac77
      Matt Redfearn authored
      Commit 0d2808f3 ("MIPS: smp-cps: Add support for CPU hotplug of
      MIPSr6 processors") added a call to mips_cm_lock_other in order to lock
      the CPC in CPUs containing a version 3 or higher Coherence Manager,
      which use the general CM core other register, where previous CMs had a
      dedicated core other register for the CPC.
      
      A kernel BUG() is triggered, however, if mips_cm_lock_other is called
      with a VP other than 0 on a CPU with CM < 3, a condition introduced by
      0d2808f3.
      
      Avoid the BUG() by always locking VP0 when locking the CPC, since the
      required register, cpc_stat_conf, is shared by all vps in a core.
      
      Fixes: 0d2808f3 ("MIPS: smp-cps: Add support for CPU hotplug...)
      Signed-off-by: default avatarMatt Redfearn <matt.redfearn@imgtec.com>
      Cc: Qais Yousef <qsyousef@gmail.com>
      Cc: Masahiro Yamada <yamada.masahiro@socionext.com>
      Cc: James Hogan <james.hogan@imgtec.com>
      Cc: Paul Burton <paul.burton@imgtec.com>
      Cc: Andrew Morton <akpm@linux-foundation.org>
      Cc: linux-mips@linux-mips.org
      Cc: linux-kernel@vger.kernel.org
      Patchwork: https://patchwork.linux-mips.org/patch/14297/Signed-off-by: default avatarRalf Baechle <ralf@linux-mips.org>
      6ca8ac77
  2. 26 Sep, 2016 3 commits
  3. 25 Sep, 2016 7 commits
    • Lorenzo Stoakes's avatar
      mm: check VMA flags to avoid invalid PROT_NONE NUMA balancing · 38e08854
      Lorenzo Stoakes authored
      The NUMA balancing logic uses an arch-specific PROT_NONE page table flag
      defined by pte_protnone() or pmd_protnone() to mark PTEs or huge page
      PMDs respectively as requiring balancing upon a subsequent page fault.
      User-defined PROT_NONE memory regions which also have this flag set will
      not normally invoke the NUMA balancing code as do_page_fault() will send
      a segfault to the process before handle_mm_fault() is even called.
      
      However if access_remote_vm() is invoked to access a PROT_NONE region of
      memory, handle_mm_fault() is called via faultin_page() and
      __get_user_pages() without any access checks being performed, meaning
      the NUMA balancing logic is incorrectly invoked on a non-NUMA memory
      region.
      
      A simple means of triggering this problem is to access PROT_NONE mmap'd
      memory using /proc/self/mem which reliably results in the NUMA handling
      functions being invoked when CONFIG_NUMA_BALANCING is set.
      
      This issue was reported in bugzilla (issue 99101) which includes some
      simple repro code.
      
      There are BUG_ON() checks in do_numa_page() and do_huge_pmd_numa_page()
      added at commit c0e7cad9 to avoid accidentally provoking strange
      behaviour by attempting to apply NUMA balancing to pages that are in
      fact PROT_NONE.  The BUG_ON()'s are consistently triggered by the repro.
      
      This patch moves the PROT_NONE check into mm/memory.c rather than
      invoking BUG_ON() as faulting in these pages via faultin_page() is a
      valid reason for reaching the NUMA check with the PROT_NONE page table
      flag set and is therefore not always a bug.
      
      Link: https://bugzilla.kernel.org/show_bug.cgi?id=99101Reported-by: default avatarTrevor Saunders <tbsaunde@tbsaunde.org>
      Signed-off-by: default avatarLorenzo Stoakes <lstoakes@gmail.com>
      Acked-by: default avatarRik van Riel <riel@redhat.com>
      Cc: Andrew Morton <akpm@linux-foundation.org>
      Cc: Mel Gorman <mgorman@techsingularity.net>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      38e08854
    • Linus Torvalds's avatar
      Merge branch 'upstream' of git://git.linux-mips.org/pub/scm/ralf/upstream-linus · 831e45d8
      Linus Torvalds authored
      Pull MIPS fixes from Ralf Baechle:
       "A round of 4.8 fixes:
      
        MIPS generic code:
         - Add a missing ".set pop" in an early commit
         - Fix memory regions reaching top of physical
         - MAAR: Fix address alignment
         - vDSO: Fix Malta EVA mapping to vDSO page structs
         - uprobes: fix incorrect uprobe brk handling
         - uprobes: select HAVE_REGS_AND_STACK_ACCESS_API
         - Avoid a BUG warning during PR_SET_FP_MODE prctl
         - SMP: Fix possibility of deadlock when bringing CPUs online
         - R6: Remove compact branch policy Kconfig entries
         - Fix size calc when avoiding IPIs for small icache flushes
         - Fix pre-r6 emulation FPU initialisation
         - Fix delay slot emulation count in debugfs
      
        ATH79:
         - Fix test for error return of clk_register_fixed_factor.
      
        Octeon:
         - Fix kernel header to work for VDSO build.
         - Fix initialization of platform device probing.
      
        paravirt:
         - Fix undefined reference to smp_bootstrap"
      
      * 'upstream' of git://git.linux-mips.org/pub/scm/ralf/upstream-linus:
        MIPS: Fix delay slot emulation count in debugfs
        MIPS: SMP: Fix possibility of deadlock when bringing CPUs online
        MIPS: Fix pre-r6 emulation FPU initialisation
        MIPS: vDSO: Fix Malta EVA mapping to vDSO page structs
        MIPS: Select HAVE_REGS_AND_STACK_ACCESS_API
        MIPS: Octeon: Fix platform bus probing
        MIPS: Octeon: mangle-port: fix build failure with VDSO code
        MIPS: Avoid a BUG warning during prctl(PR_SET_FP_MODE, ...)
        MIPS: c-r4k: Fix size calc when avoiding IPIs for small icache flushes
        MIPS: Add a missing ".set pop" in an early commit
        MIPS: paravirt: Fix undefined reference to smp_bootstrap
        MIPS: Remove compact branch policy Kconfig entries
        MIPS: MAAR: Fix address alignment
        MIPS: Fix memory regions reaching top of physical
        MIPS: uprobes: fix incorrect uprobe brk handling
        MIPS: ath79: Fix test for error return of clk_register_fixed_factor().
      831e45d8
    • Linus Torvalds's avatar
      Merge tag 'powerpc-4.8-7' of git://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux · 751b9a5d
      Linus Torvalds authored
      Pull one more powerpc fix from Michael Ellerman:
       "powernv/pci: Fix m64 checks for SR-IOV and window alignment from
        Russell Currey"
      
      * tag 'powerpc-4.8-7' of git://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux:
        powerpc/powernv/pci: Fix m64 checks for SR-IOV and window alignment
      751b9a5d
    • Linus Torvalds's avatar
      radix tree: fix sibling entry handling in radix_tree_descend() · 8d2c0d36
      Linus Torvalds authored
      The fixes to the radix tree test suite show that the multi-order case is
      broken.  The basic reason is that the radix tree code uses tagged
      pointers with the "internal" bit in the low bits, and calculating the
      pointer indices was supposed to mask off those bits.  But gcc will
      notice that we then use the index to re-create the pointer, and will
      avoid doing the arithmetic and use the tagged pointer directly.
      
      This cleans the code up, using the existing is_sibling_entry() helper to
      validate the sibling pointer range (instead of open-coding it), and
      using entry_to_node() to mask off the low tag bit from the pointer.  And
      once you do that, you might as well just use the now cleaned-up pointer
      directly.
      
      [ Side note: the multi-order code isn't actually ever used in the kernel
        right now, and the only reason I didn't just delete all that code is
        that Kirill Shutemov piped up and said:
      
          "Well, my ext4-with-huge-pages patchset[1] uses multi-order entries.
           It also converts shmem-with-huge-pages and hugetlb to them.
      
           I'm okay with converting it to other mechanism, but I need
           something.  (I looked into Konstantin's RFC patchset[2].  It looks
           okay, but I don't feel myself qualified to review it as I don't
           know much about radix-tree internals.)"
      
        [1] http://lkml.kernel.org/r/20160915115523.29737-1-kirill.shutemov@linux.intel.com
        [2] http://lkml.kernel.org/r/147230727479.9957.1087787722571077339.stgit@zurg ]
      Reported-by: default avatarMatthew Wilcox <mawilcox@microsoft.com>
      Cc: Andrew Morton <akpm@linux-foundation.org>
      Cc: Ross Zwisler <ross.zwisler@linux.intel.com>
      Cc: Johannes Weiner <hannes@cmpxchg.org>
      Cc: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
      Cc: Konstantin Khlebnikov <koct9i@gmail.com>
      Cc: Cedric Blancher <cedric.blancher@gmail.com>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      8d2c0d36
    • Matthew Wilcox's avatar
      radix tree test suite: Test radix_tree_replace_slot() for multiorder entries · 62fd5258
      Matthew Wilcox authored
      When we replace a multiorder entry, check that all indices reflect the
      new value.
      
      Also, compile the test suite with -O2, which shows other problems with
      the code due to some dodgy pointer operations in the radix tree code.
      Signed-off-by: default avatarMatthew Wilcox <mawilcox@microsoft.com>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      62fd5258
    • Al Viro's avatar
      fix memory leaks in tracing_buffers_splice_read() · 1ae2293d
      Al Viro authored
      Cc: stable@vger.kernel.org
      Signed-off-by: default avatarAl Viro <viro@zeniv.linux.org.uk>
      1ae2293d
    • Steven Rostedt (Red Hat)'s avatar
      tracing: Move mutex to protect against resetting of seq data · 1245800c
      Steven Rostedt (Red Hat) authored
      The iter->seq can be reset outside the protection of the mutex. So can
      reading of user data. Move the mutex up to the beginning of the function.
      
      Fixes: d7350c3f ("tracing/core: make the read callbacks reentrants")
      Cc: stable@vger.kernel.org # 2.6.30+
      Reported-by: default avatarAl Viro <viro@ZenIV.linux.org.uk>
      Signed-off-by: default avatarSteven Rostedt <rostedt@goodmis.org>
      1245800c
  4. 24 Sep, 2016 10 commits
  5. 23 Sep, 2016 8 commits