aboutsummaryrefslogtreecommitdiff
path: root/arch/arm/mm
AgeCommit message (Collapse)AuthorFilesLines
2018-05-31ARM: spectre-v2: harden user aborts in kernel spaceRussell King3-8/+76
In order to prevent aliasing attacks on the branch predictor, invalidate the BTB or instruction cache on CPUs that are known to be affected when taking an abort on a address that is outside of a user task limit: Cortex A8, A9, A12, A17, A73, A75: flush BTB. Cortex A15, Brahma B15: invalidate icache. If the IBE bit is not set, then there is little point to enabling the workaround. Signed-off-by: Russell King <[email protected]> Boot-tested-by: Tony Lindgren <[email protected]> Reviewed-by: Tony Lindgren <[email protected]>
2018-05-31ARM: spectre-v2: add Cortex A8 and A15 validation of the IBE bitRussell King3-3/+39
When the branch predictor hardening is enabled, firmware must have set the IBE bit in the auxiliary control register. If this bit has not been set, the Spectre workarounds will not be functional. Add validation that this bit is set, and print a warning at alert level if this is not the case. Signed-off-by: Russell King <[email protected]> Reviewed-by: Florian Fainelli <[email protected]> Boot-tested-by: Tony Lindgren <[email protected]> Reviewed-by: Tony Lindgren <[email protected]>
2018-05-31ARM: spectre-v2: harden branch predictor on context switchesRussell King3-35/+115
Harden the branch predictor against Spectre v2 attacks on context switches for ARMv7 and later CPUs. We do this by: Cortex A9, A12, A17, A73, A75: invalidating the BTB. Cortex A15, Brahma B15: invalidating the instruction cache. Cortex A57 and Cortex A72 are not addressed in this patch. Cortex R7 and Cortex R8 are also not addressed as we do not enforce memory protection on these cores. Signed-off-by: Russell King <[email protected]> Boot-tested-by: Tony Lindgren <[email protected]> Reviewed-by: Tony Lindgren <[email protected]> Acked-by: Marc Zyngier <[email protected]>
2018-05-31ARM: spectre: add Kconfig symbol for CPUs vulnerable to SpectreRussell King1-0/+4
Add a Kconfig symbol for CPUs which are vulnerable to the Spectre attacks. Signed-off-by: Russell King <[email protected]> Reviewed-by: Florian Fainelli <[email protected]> Boot-tested-by: Tony Lindgren <[email protected]> Reviewed-by: Tony Lindgren <[email protected]> Acked-by: Marc Zyngier <[email protected]>
2018-05-31ARM: bugs: add support for per-processor bug checkingRussell King1-1/+2
Add support for per-processor bug checking - each processor function descriptor gains a function pointer for this check, which must not be an __init function. If non-NULL, this will be called whenever a CPU enters the kernel via which ever path (boot CPU, secondary CPU startup, CPU resuming, etc.) This allows processor specific bug checks to validate that workaround bits are properly enabled by firmware via all entry paths to the kernel. Signed-off-by: Russell King <[email protected]> Reviewed-by: Florian Fainelli <[email protected]> Boot-tested-by: Tony Lindgren <[email protected]> Reviewed-by: Tony Lindgren <[email protected]> Acked-by: Marc Zyngier <[email protected]>
2018-05-24Revert "mm/cma: manage the memory of the CMA area by using the ZONE_MOVABLE"Joonsoo Kim1-15/+1
This reverts the following commits that change CMA design in MM. 3d2054ad8c2d ("ARM: CMA: avoid double mapping to the CMA area if CONFIG_HIGHMEM=y") 1d47a3ec09b5 ("mm/cma: remove ALLOC_CMA") bad8c6c0b114 ("mm/cma: manage the memory of the CMA area by using the ZONE_MOVABLE") Ville reported a following error on i386. Inode-cache hash table entries: 65536 (order: 6, 262144 bytes) microcode: microcode updated early to revision 0x4, date = 2013-06-28 Initializing CPU#0 Initializing HighMem for node 0 (000377fe:00118000) Initializing Movable for node 0 (00000001:00118000) BUG: Bad page state in process swapper pfn:377fe page:f53effc0 count:0 mapcount:-127 mapping:00000000 index:0x0 flags: 0x80000000() raw: 80000000 00000000 00000000 ffffff80 00000000 00000100 00000200 00000001 page dumped because: nonzero mapcount Modules linked in: CPU: 0 PID: 0 Comm: swapper Not tainted 4.17.0-rc5-elk+ #145 Hardware name: Dell Inc. Latitude E5410/03VXMC, BIOS A15 07/11/2013 Call Trace: dump_stack+0x60/0x96 bad_page+0x9a/0x100 free_pages_check_bad+0x3f/0x60 free_pcppages_bulk+0x29d/0x5b0 free_unref_page_commit+0x84/0xb0 free_unref_page+0x3e/0x70 __free_pages+0x1d/0x20 free_highmem_page+0x19/0x40 add_highpages_with_active_regions+0xab/0xeb set_highmem_pages_init+0x66/0x73 mem_init+0x1b/0x1d7 start_kernel+0x17a/0x363 i386_start_kernel+0x95/0x99 startup_32_smp+0x164/0x168 The reason for this error is that the span of MOVABLE_ZONE is extended to whole node span for future CMA initialization, and, normal memory is wrongly freed here. I submitted the fix and it seems to work, but, another problem happened. It's so late time to fix the later problem so I decide to reverting the series. Reported-by: Ville Syrjälä <[email protected]> Acked-by: Laura Abbott <[email protected]> Acked-by: Michal Hocko <[email protected]> Cc: Andrew Morton <[email protected]> Signed-off-by: Joonsoo Kim <[email protected]> Signed-off-by: Linus Torvalds <[email protected]>
2018-05-19ARM: 8763/1: dma-mapping: Use vma_pages()Fabio Estevam1-1/+1
Use vma_pages() function instead of open coding it. Generated by scripts/coccinelle/api/vma_pages.cocci. Signed-off-by: Fabio Estevam <[email protected]> Signed-off-by: Russell King <[email protected]>
2018-05-19ARM: 8757/1: NOMMU: Support PMSAv8 MPUVladimir Murzin3-1/+314
ARMv8R/M architecture defines new memory protection scheme - PMSAv8 which is not compatible with PMSAv7. Key differences to PMSAv7 are: - Region geometry is defined by base and limit addresses - Addresses need to be either 32 or 64 byte aligned - No region priority due to overlapping regions are not allowed - It is unified, i.e. no distinction between data/instruction regions - Memory attributes are controlled via MAIR This patch implements support for PMSAv8 MPU defined by ARMv8R/M architecture. Signed-off-by: Vladimir Murzin <[email protected]> Signed-off-by: Russell King <[email protected]>
2018-05-19ARM: 8754/1: NOMMU: Move PMSAv7 MPU under it's own namespaceVladimir Murzin2-35/+50
We are going to support different MPU which programming model is not compatible to PMSAv7, so move PMSAv7 MPU under it's own namespace. Tested-by: Szemz? András <[email protected]> Tested-by: Alexandre TORGUE <[email protected]> Signed-off-by: Vladimir Murzin <[email protected]> Signed-off-by: Russell King <[email protected]>
2018-05-09arch: define the ARCH_DMA_ADDR_T_64BIT config symbol in lib/KconfigChristoph Hellwig1-3/+0
Define this symbol if the architecture either uses 64-bit pointers or the PHYS_ADDR_T_64BIT is set. This covers 95% of the old arch magic. We only need an additional select for Xen on ARM (why anyway?), and we now always set ARCH_DMA_ADDR_T_64BIT on mips boards with 64-bit physical addressing instead of only doing it when highmem is set. Signed-off-by: Christoph Hellwig <[email protected]> Acked-by: James Hogan <[email protected]>
2018-05-09arch: remove the ARCH_PHYS_ADDR_T_64BIT config symbolChristoph Hellwig1-3/+1
Instead select the PHYS_ADDR_T_64BIT for 32-bit architectures that need a 64-bit phys_addr_t type directly. Signed-off-by: Christoph Hellwig <[email protected]> Acked-by: James Hogan <[email protected]>
2018-05-08dma-debug: move initialization to common codeChristoph Hellwig2-18/+0
Most mainstream architectures are using 65536 entries, so lets stick to that. If someone is really desperate to override it that can still be done through <asm/dma-mapping.h>, but I'd rather see a really good rationale for that. dma_debug_init is now called as a core_initcall, which for many architectures means much earlier, and provides dma-debug functionality earlier in the boot process. This should be safe as it only relies on the memory allocator already being available. Signed-off-by: Christoph Hellwig <[email protected]> Acked-by: Marek Szyprowski <[email protected]> Reviewed-by: Robin Murphy <[email protected]>
2018-04-25signal: Ensure every siginfo we send has all bits initializedEric W. Biederman2-0/+5
Call clear_siginfo to ensure every stack allocated siginfo is properly initialized before being passed to the signal sending functions. Note: It is not safe to depend on C initializers to initialize struct siginfo on the stack because C is allowed to skip holes when initializing a structure. The initialization of struct siginfo in tracehook_report_syscall_exit was moved from the helper user_single_step_siginfo into tracehook_report_syscall_exit itself, to make it clear that the local variable siginfo gets fully initialized. In a few cases the scope of struct siginfo has been reduced to make it clear that siginfo siginfo is not used on other paths in the function in which it is declared. Instances of using memset to initialize siginfo have been replaced with calls clear_siginfo for clarity. Signed-off-by: "Eric W. Biederman" <[email protected]>
2018-04-16ARM: B15: Update to support Brahma-B53Florian Fainelli1-4/+26
The B53 CPU design supports up to 8 processors, which moved the RAC_FLUSH_REG offset 0x4 bytes below to make room for a RAC_CONFIG2_REG to control RAC settings for CPU4-7. Lookup the processor type (B15 or B53) and adjust the RAC_FLUSH_REG offset accordingly, if we do not know the processor, bail out. Signed-off-by: Florian Fainelli <[email protected]>
2018-04-11exec: pass stack rlimit into mm layout functionsKees Cook1-7/+7
Patch series "exec: Pin stack limit during exec". Attempts to solve problems with the stack limit changing during exec continue to be frustrated[1][2]. In addition to the specific issues around the Stack Clash family of flaws, Andy Lutomirski pointed out[3] other places during exec where the stack limit is used and is assumed to be unchanging. Given the many places it gets used and the fact that it can be manipulated/raced via setrlimit() and prlimit(), I think the only way to handle this is to move away from the "current" view of the stack limit and instead attach it to the bprm, and plumb this down into the functions that need to know the stack limits. This series implements the approach. [1] 04e35f4495dd ("exec: avoid RLIMIT_STACK races with prlimit()") [2] 779f4e1c6c7c ("Revert "exec: avoid RLIMIT_STACK races with prlimit()"") [3] to [email protected], "Subject: existing rlimit races?" This patch (of 3): Since it is possible that the stack rlimit can change externally during exec (either via another thread calling setrlimit() or another process calling prlimit()), provide a way to pass the rlimit down into the per-architecture mm layout functions so that the rlimit can stay in the bprm structure instead of sitting in the signal structure until exec is finalized. Link: http://lkml.kernel.org/r/[email protected] Signed-off-by: Kees Cook <[email protected]> Cc: Michal Hocko <[email protected]> Cc: Ben Hutchings <[email protected]> Cc: Willy Tarreau <[email protected]> Cc: Hugh Dickins <[email protected]> Cc: Oleg Nesterov <[email protected]> Cc: "Jason A. Donenfeld" <[email protected]> Cc: Rik van Riel <[email protected]> Cc: Laura Abbott <[email protected]> Cc: Greg KH <[email protected]> Cc: Andy Lutomirski <[email protected]> Cc: Ben Hutchings <[email protected]> Cc: Brad Spengler <[email protected]> Signed-off-by: Andrew Morton <[email protected]> Signed-off-by: Linus Torvalds <[email protected]>
2018-04-11ARM: CMA: avoid double mapping to the CMA area if CONFIG_HIGHMEM=yJoonsoo Kim1-1/+15
CMA area is now managed by the separate zone, ZONE_MOVABLE, to fix many MM related problems. In this implementation, if CONFIG_HIGHMEM = y, then ZONE_MOVABLE is considered as HIGHMEM and the memory of the CMA area is also considered as HIGHMEM. That means that they are considered as the page without direct mapping. However, CMA area could be in a lowmem and the memory could have direct mapping. In ARM, when establishing a new mapping for DMA, direct mapping should be cleared since two mapping with different cache policy could cause unknown problem. With this patch, PageHighmem() for the CMA memory located in lowmem returns true so that the function for DMA mapping cannot notice whether it needs to clear direct mapping or not, correctly. To handle this situation, this patch always clears direct mapping for such CMA memory. Link: http://lkml.kernel.org/r/[email protected] Signed-off-by: Joonsoo Kim <[email protected]> Tested-by: Tony Lindgren <[email protected]> Cc: "Aneesh Kumar K . V" <[email protected]> Cc: Johannes Weiner <[email protected]> Cc: Laura Abbott <[email protected]> Cc: Marek Szyprowski <[email protected]> Cc: Mel Gorman <[email protected]> Cc: Michal Hocko <[email protected]> Cc: Michal Nazarewicz <[email protected]> Cc: Minchan Kim <[email protected]> Cc: Rik van Riel <[email protected]> Cc: Russell King <[email protected]> Cc: Vlastimil Babka <[email protected]> Cc: Will Deacon <[email protected]> Signed-off-by: Andrew Morton <[email protected]> Signed-off-by: Linus Torvalds <[email protected]>
2018-04-09Merge branch 'for-linus' of git://git.armlinux.org.uk/~rmk/linux-armLinus Torvalds2-11/+11
Pull ARM updates from Russell King: "A number of core ARM changes: - Refactoring linker script by Nicolas Pitre - Enable source fortification - Add support for Cortex R8" * 'for-linus' of git://git.armlinux.org.uk/~rmk/linux-arm: ARM: decompressor: fix warning introduced in fortify patch ARM: 8751/1: Add support for Cortex-R8 processor ARM: 8749/1: Kconfig: Add ARCH_HAS_FORTIFY_SOURCE ARM: simplify and fix linker script for TCM ARM: linker script: factor out TCM bits ARM: linker script: factor out vectors and stubs ARM: linker script: factor out unwinding table sections ARM: linker script: factor out stuff for the .text section ARM: linker script: factor out stuff for the DISCARD section ARM: linker script: factor out some common definitions between XIP and non-XIP
2018-04-09Merge branches 'devel-stable' and 'misc' into for-linusRussell King1-0/+11
2018-04-05mm: fix races between swapoff and flush dcacheHuang Ying5-7/+7
Thanks to commit 4b3ef9daa4fc ("mm/swap: split swap cache into 64MB trunks"), after swapoff the address_space associated with the swap device will be freed. So page_mapping() users which may touch the address_space need some kind of mechanism to prevent the address_space from being freed during accessing. The dcache flushing functions (flush_dcache_page(), etc) in architecture specific code may access the address_space of swap device for anonymous pages in swap cache via page_mapping() function. But in some cases there are no mechanisms to prevent the swap device from being swapoff, for example, CPU1 CPU2 __get_user_pages() swapoff() flush_dcache_page() mapping = page_mapping() ... exit_swap_address_space() ... kvfree(spaces) mapping_mapped(mapping) The address space may be accessed after being freed. But from cachetlb.txt and Russell King, flush_dcache_page() only care about file cache pages, for anonymous pages, flush_anon_page() should be used. The implementation of flush_dcache_page() in all architectures follows this too. They will check whether page_mapping() is NULL and whether mapping_mapped() is true to determine whether to flush the dcache immediately. And they will use interval tree (mapping->i_mmap) to find all user space mappings. While mapping_mapped() and mapping->i_mmap isn't used by anonymous pages in swap cache at all. So, to fix the race between swapoff and flush dcache, __page_mapping() is add to return the address_space for file cache pages and NULL otherwise. All page_mapping() invoking in flush dcache functions are replaced with page_mapping_file(). [[email protected]: simplify page_mapping_file(), per Mike] Link: http://lkml.kernel.org/r/[email protected] Signed-off-by: "Huang, Ying" <[email protected]> Reviewed-by: Andrew Morton <[email protected]> Cc: Minchan Kim <[email protected]> Cc: Michal Hocko <[email protected]> Cc: Johannes Weiner <[email protected]> Cc: Mel Gorman <[email protected]> Cc: Dave Hansen <[email protected]> Cc: Chen Liqin <[email protected]> Cc: Russell King <[email protected]> Cc: Yoshinori Sato <[email protected]> Cc: "James E.J. Bottomley" <[email protected]> Cc: Guan Xuetao <[email protected]> Cc: "David S. Miller" <[email protected]> Cc: Chris Zankel <[email protected]> Cc: Vineet Gupta <[email protected]> Cc: Ley Foon Tan <[email protected]> Cc: Ralf Baechle <[email protected]> Cc: Andi Kleen <[email protected]> Cc: Mike Rapoport <[email protected]> Signed-off-by: Andrew Morton <[email protected]> Signed-off-by: Linus Torvalds <[email protected]>
2018-03-28ARM: 8751/1: Add support for Cortex-R8 processorLuca Scalabrino1-0/+11
Cortex-R8 has identical initialisation requirements to Cortex-R7, so hook it up in proc-v7.S in the same way. Signed-off-by: Luca Scalabrino <[email protected]> Signed-off-by: Vladimir Murzin <[email protected]> Signed-off-by: Russell King <[email protected]>
2018-03-16perf: Fix sibling iterationPeter Zijlstra1-1/+1
Mark noticed that the change to sibling_list changed some iteration semantics; because previously we used group_list as list entry, sibling events would always have an empty sibling_list. But because we now use sibling_list for both list head and list entry, siblings will report as having siblings. Fix this with a custom for_each_sibling_event() iterator. Fixes: 8343aae66167 ("perf/core: Remove perf_event::group_entry") Reported-by: Mark Rutland <[email protected]> Suggested-by: Mark Rutland <[email protected]> Signed-off-by: Peter Zijlstra (Intel) <[email protected]> Signed-off-by: Thomas Gleixner <[email protected]> Cc: [email protected] Cc: [email protected] Cc: [email protected] Cc: [email protected] Cc: [email protected] Cc: [email protected] Cc: [email protected] Cc: [email protected] Cc: [email protected] Cc: [email protected] Cc: [email protected] Cc: [email protected] Link: https://lkml.kernel.org/r/[email protected]
2018-03-12perf/core: Remove perf_event::group_entryPeter Zijlstra1-1/+1
Now that all the grouping is done with RB trees, we no longer need group_entry and can replace the whole thing with sibling_list. Signed-off-by: Peter Zijlstra (Intel) <[email protected]> Acked-by: Mark Rutland <[email protected]> Cc: Alexander Shishkin <[email protected]> Cc: Alexey Budankov <[email protected]> Cc: Arnaldo Carvalho de Melo <[email protected]> Cc: David Carrillo-Cisneros <[email protected]> Cc: Dmitri Prokhorov <[email protected]> Cc: Jiri Olsa <[email protected]> Cc: Kan Liang <[email protected]> Cc: Linus Torvalds <[email protected]> Cc: Stephane Eranian <[email protected]> Cc: Thomas Gleixner <[email protected]> Cc: Valery Cherepennikov <[email protected]> Cc: Vince Weaver <[email protected]> Cc: [email protected] Signed-off-by: Ingo Molnar <[email protected]>
2018-03-09ARM: simplify and fix linker script for TCMNicolas Pitre1-11/+0
Let's put the TCM stuff in the __init section directly. No need for a separately freed memory area. Remove redundant linker sections, as well as comments that were more confusing than no comments at all. Finally make it XIP compatible by using LOAD_OFFSET in the section LMA specification. Signed-off-by: Nicolas Pitre <[email protected]> Tested-by: Chris Brandt <[email protected]>
2018-02-02Merge branch 'for-linus' of git://git.armlinux.org.uk/~rmk/linux-armLinus Torvalds12-57/+542
Pull ARM updates from Russell King: - StrongARM SA1111 updates to modernise and remove cruft - Add StrongARM gpio drivers for board GPIOs - Verify size of zImage is what we expect to avoid issues with appended DTB - nommu updates from Vladimir Murzin - page table read-write-execute checking from Jinbum Park - Broadcom Brahma-B15 cache updates from Florian Fainelli - Avoid failure with kprobes test caused by inappropriately placed kprobes - Remove __memzero optimisation (which was incorrectly being used directly by some drivers) * 'for-linus' of git://git.armlinux.org.uk/~rmk/linux-arm: (32 commits) ARM: 8745/1: get rid of __memzero() ARM: 8744/1: don't discard memblock for kexec ARM: 8743/1: bL_switcher: add MODULE_LICENSE tag ARM: 8742/1: Always use REFCOUNT_FULL ARM: 8741/1: B15: fix unused label warnings ARM: 8740/1: NOMMU: Make sure we do not hold stale data in mem[] array ARM: 8739/1: NOMMU: Setup VBAR/Hivecs for secondaries cores ARM: 8738/1: Disable CONFIG_DEBUG_VIRTUAL for NOMMU ARM: 8737/1: mm: dump: add checking for writable and executable ARM: 8736/1: mm: dump: make the page table dumping seq_file ARM: 8735/1: mm: dump: make page table dumping reusable ARM: sa1100/neponset: add GPIO drivers for control and modem registers ARM: sa1100/assabet: add BCR/BSR GPIO driver ARM: 8734/1: mm: idmap: Mark variables as ro_after_init ARM: 8733/1: hw_breakpoint: Mark variables as __ro_after_init ARM: 8732/1: NOMMU: Allow userspace to access background MPU region ARM: 8727/1: MAINTAINERS: Update brcmstb entries to cover B15 code ARM: 8728/1: B15: Register reboot notifier for KEXEC ARM: 8730/1: B15: Add suspend/resume hooks ARM: 8726/1: B15: Add CPU hotplug awareness ...
2018-01-21ARM: 8741/1: B15: fix unused label warningsArnd Bergmann1-15/+11
The new conditionally compiled code leaves some labels and one variable unreferenced when CONFIG_HOTPLUG_CPU and CONFIG_PM_SLEEP are disabled: arch/arm/mm/cache-b15-rac.c: In function 'b15_rac_init': arch/arm/mm/cache-b15-rac.c:353:1: error: label 'out_unmap' defined but not used [-Werror=unused-label] out_unmap: ^~~~~~~~~ arch/arm/mm/cache-b15-rac.c:351:1: error: label 'out_cpu_dead' defined but not used [-Werror=unused-label] out_cpu_dead: ^~~~~~~~~~~~ At top level: arch/arm/mm/cache-b15-rac.c:53:12: error: 'rac_config0_reg' defined but not used [-Werror=unused-variable] This replaces the existing #ifdef conditionals with IS_ENABLED() checks that let the compiler figure out for itself which code to drop. Fixes: 55de88778f4b ("ARM: 8726/1: B15: Add CPU hotplug awareness") Signed-off-by: Arnd Bergmann <[email protected]> Signed-off-by: Russell King <[email protected]>
2018-01-21ARM: 8740/1: NOMMU: Make sure we do not hold stale data in mem[] arrayVladimir Murzin1-0/+2
adjust_lowmem_bounds() called twice which can lead to stalled data (i.e. subreg) value in mem[] array after the first call. Zero out mem[] array before we allocate MPU regions for memory. Fixes: 5c9d9a1b3a54 ("ARM: 8712/1: NOMMU: Use more MPU regions to cover memory") Signed-off-by: Vladimir Murzin <[email protected]> Signed-off-by: Russell King <[email protected]>
2018-01-21ARM: 8739/1: NOMMU: Setup VBAR/Hivecs for secondaries coresVladimir Murzin1-2/+2
With switch to dynamic exception base address setting, VBAR/Hivecs set only for boot CPU, but secondaries stay unaware of that. That might lead to weird effects when trying up to bring up secondaries. Fixes: ad475117d201 ("ARM: 8649/2: nommu: remove Hivecs configuration is asm") Signed-off-by: Vladimir Murzin <[email protected]> Acked-by: afzal mohammed <[email protected]> Signed-off-by: Russell King <[email protected]>
2018-01-21ARM: 8737/1: mm: dump: add checking for writable and executableJinbum Park2-1/+59
Page mappings with full RWX permissions are a security risk. x86, arm64 has an option to walk the page tables and dump any bad pages. (1404d6f13e47 ("arm64: dump: Add checking for writable and exectuable pages")) Add a similar implementation for arm. Reviewed-by: Kees Cook <[email protected]> Tested-by: Laura Abbott <[email protected]> Reviewed-by: Laura Abbott <[email protected]> Signed-off-by: Jinbum Park <[email protected]> Signed-off-by: Russell King <[email protected]>
2018-01-21ARM: 8736/1: mm: dump: make the page table dumping seq_fileJinbum Park1-7/+21
This patch makes the page table dumping seq_file optional. It makes the page table dumping code usable for other cases. This patch refers below commit of arm64. (ae5d1cf358a5 ("arm64: dump: Make the page table dumping seq_file optional")) Reviewed-by: Kees Cook <[email protected]> Tested-by: Laura Abbott <[email protected]> Reviewed-by: Laura Abbott <[email protected]> Acked-by: Kees Cook <[email protected]> Signed-off-by: Jinbum Park <[email protected]> Signed-off-by: Russell King <[email protected]>
2018-01-21ARM: 8735/1: mm: dump: make page table dumping reusableJinbum Park3-38/+64
This patch refactors the arm page table dumping code, so multiple tables may be registered with the framework. This patch refers below commits of arm64. (4674fdb9f149 ("arm64: mm: dump: make page table dumping reusable")) (4ddb9bf83349 ("arm64: dump: Make ptdump debugfs a separate option")) Reviewed-by: Kees Cook <[email protected]> Tested-by: Laura Abbott <[email protected]> Reviewed-by: Laura Abbott <[email protected]> Signed-off-by: Jinbum Park <[email protected]> Signed-off-by: Russell King <[email protected]>
2018-01-15dma-direct: make dma_direct_{alloc,free} available to other implementationsChristoph Hellwig1-6/+3
So that they don't need to indirect through the operation vector. Signed-off-by: Christoph Hellwig <[email protected]> Reviewed-by: Vladimir Murzin <[email protected]>
2018-01-15dma-direct: rename dma_noop to dma_directChristoph Hellwig1-4/+4
The trivial direct mapping implementation already does a virtual to physical translation which isn't strictly a noop, and will soon learn to do non-direct but linear physical to dma translations through the device offset and a few small tricks. Rename it to a better fitting name. Signed-off-by: Christoph Hellwig <[email protected]> Reviewed-by: Vladimir Murzin <[email protected]>
2017-12-17ARM: 8734/1: mm: idmap: Mark variables as ro_after_initJinbum Park1-2/+2
idmap_pgd, arch_phys_to_idmap_offset are setup once while init stage, and never changed after that. so, it is good candidate for __ro_after_init. Reviewed-by: Kees Cook <[email protected]> Signed-off-by: Jinbum Park <[email protected]> Signed-off-by: Russell King <[email protected]>
2017-12-17ARM: 8732/1: NOMMU: Allow userspace to access background MPU regionVladimir Murzin1-1/+1
Currently, with MPU enabled, we prohibit userspace access to anything except RAM. Benjamin, reported that because of that his userspace application cannot access framebuffer's memory he reserved in device tree. It turns out we have no option other than to allow userspace access memory covered by background region. Reported-by: Benjamin Gaignard <[email protected]> Tested-by: Benjamin Gaignard <[email protected]> Signed-off-by: Vladimir Murzin <[email protected]> Signed-off-by: Russell King <[email protected]>
2017-12-17ARM: 8728/1: B15: Register reboot notifier for KEXECFlorian Fainelli1-0/+44
During kexec, we will go through kernel_kexec() -> syscore_suspend() if CONFIG_KEXEC_JUMP is set, if not, down the road we end-up calling kernel_restart_prepare() which invokes reboot notifiers with SYS_RESTART. We register a reboot notifier to make sure that the B15 read-ahead cache is disabled, since it is another level of instruction and data cache, and we want to avoid any potential side effects with booting a new kernel with such a cache still turned on. Signed-off-by: Florian Fainelli <[email protected]> Signed-off-by: Russell King <[email protected]>
2017-12-17ARM: 8730/1: B15: Add suspend/resume hooksFlorian Fainelli1-0/+48
The Broadcom Brahma-B15 CPU readahead cache registers will be restored to their Power-on-Reset values after a S3 suspend/resume cycles, so we want to restore what we had enabled before. Another thing we want to take care of is disabling the read-ahead cache prior to suspending to avoid any sort of side effect with the spinlock we need to grab to serialize register accesses. Signed-off-by: Florian Fainelli <[email protected]> Signed-off-by: Russell King <[email protected]>
2017-12-17ARM: 8726/1: B15: Add CPU hotplug awarenessFlorian Fainelli1-0/+91
The Broadcom Brahma-B15 readahead cache needs to be disabled, respectively re-enable during a CPU hotplug. In case we were not to do, CPU hotplug would occasionally fail with random crashes when a given CPU exits the coherency domain while the RAC is still enabled, as it would get stale data from the RAC. In order to avoid adding any specific B15 readahead-cache awareness to arch/arm/mach-bcm/hotplug-brcmstb.c we use a CPU hotplug state machine which allows us to catch CPU hotplug events and disable/flush enable the RAC accordingly. Signed-off-by: Alamy Liu <[email protected]> Signed-off-by: Florian Fainelli <[email protected]> Signed-off-by: Russell King <[email protected]>
2017-12-17ARM: 8729/1: Hook B15 readahead cache functions based on processorFlorian Fainelli2-1/+22
If we detect that we are running on a Broadcom Brahma-B15 CPU, and CONFIG_CACHE_B15_RAC is enabled, make sure that we pick-up the b15_cache_fns function operations. If CONFIG_CACHE_B15_RAC is enabled, but we are not running on a Broadcom Brahma-B15 CPU, we will fallback to calling into the regular v7_cache_fns with no cost. If CONFIG_CACHE_B15_RAC is disabled, there is no cost and we just use the regular v7_cache_fns. Signed-off-by: Florian Fainelli <[email protected]> Signed-off-by: Russell King <[email protected]>
2017-12-17ARM: 8725/1: Add Broadcom Brahma-B15 readahead cache supportFlorian Fainelli3-0/+186
This patch adds support for the Broadcom Brahma-B15 CPU readahead cache controller. This cache controller sits between the L2 and the memory bus and its purpose is to provide a friendler burst size towards the DDR interface than the native cache line size. The readahead cache is mostly transparent, except for flush_kern_cache_all, which is precisely what we are overriding here. The readahead cache only intercepts reads, and does invalidate on writes (IOW), as such, some data can remain stale in any of its buffers, such that we need to flush it, which is an operation that needs to happen in a particular order: - disable the readahead cache - flush it - call the appropriate cache-v7.S function - re-enable This patch tries to minimize the impact to the cache-v7.S file by only providing a stub in case CONFIG_CACHE_B15_RAC is enabled (default for ARCH_BRCMSTB since it is the current user). Signed-off-by: Alamy Liu <[email protected]> Signed-off-by: Florian Fainelli <[email protected]> Signed-off-by: Russell King <[email protected]>
2017-12-17ARM: 8724/1: v7: allow setting different cache functionsFlorian Fainelli1-2/+2
In preparation for adding support for the Broadcom Brahma-B15 read-ahead cache which requires a different set of cache functions, allow the __v7_proc macro to override the cache_fns settings, and default to v7_cache_fns unless specified otherwise. Signed-off-by: Florian Fainelli <[email protected]> Signed-off-by: Russell King <[email protected]>
2017-12-17ARM: probes: avoid adding kprobes to sensitive kernel-entry/exit codeRussell King1-3/+2
Avoid adding kprobes to any of the kernel entry/exit or startup assembly code, or code in the identity-mapped region. This code does not conform to the standard C conventions, which means that the expectations of the kprobes code is not forfilled. Placing kprobes at some of these locations results in the kernel trying to return to userspace addresses while retaining the CPU in kernel mode. Tested-by: Naresh Kamboju <[email protected]> Signed-off-by: Russell King <[email protected]>
2017-11-26Merge branch 'fixes' of git://git.armlinux.org.uk/~rmk/linux-armLinus Torvalds2-4/+4
Pull ARM fixes from Russell King: - LPAE fixes for kernel-readonly regions - Fix for get_user_pages_fast on LPAE systems - avoid tying decompressor to a particular platform if DEBUG_LL is enabled - BUG if we attempt to return to userspace but the to-be-restored PSR value keeps us in privileged mode (defeating an issue that ftracetest found) * 'fixes' of git://git.armlinux.org.uk/~rmk/linux-arm: ARM: BUG if jumping to usermode address in kernel mode ARM: 8722/1: mm: make STRICT_KERNEL_RWX effective for LPAE ARM: 8721/1: mm: dump: check hardware RO bit for LPAE ARM: make decompressor debug output user selectable ARM: fix get_user_pages_fast
2017-11-21ARM: 8722/1: mm: make STRICT_KERNEL_RWX effective for LPAEPhilip Derrin1-2/+2
Currently, for ARM kernels with CONFIG_ARM_LPAE and CONFIG_STRICT_KERNEL_RWX enabled, the 2MiB pages mapping the kernel code and rodata are writable. They are marked read-only in a software bit (L_PMD_SECT_RDONLY) but the hardware read-only bit is not set (PMD_SECT_AP2). For user mappings, the logic that propagates the software bit to the hardware bit is in set_pmd_at(); but for the kernel, section_update() writes the PMDs directly, skipping this logic. The fix is to set PMD_SECT_AP2 for read-only sections in section_update(), at the same time as L_PMD_SECT_RDONLY. Fixes: 1e3479225acb ("ARM: 8275/1: mm: fix PMD_SECT_RDONLY undeclared compile error") Signed-off-by: Philip Derrin <[email protected]> Reported-by: Neil Dick <[email protected]> Tested-by: Neil Dick <[email protected]> Tested-by: Laura Abbott <[email protected]> Reviewed-by: Kees Cook <[email protected]> Cc: [email protected] Signed-off-by: Russell King <[email protected]>
2017-11-21ARM: 8721/1: mm: dump: check hardware RO bit for LPAEPhilip Derrin1-2/+2
When CONFIG_ARM_LPAE is set, the PMD dump relies on the software read-only bit to determine whether a page is writable. This concealed a bug which left the kernel text section writable (AP2=0) while marked read-only in the software bit. In a kernel with the AP2 bug, the dump looks like this: ---[ Kernel Mapping ]--- 0xc0000000-0xc0200000 2M RW NX SHD 0xc0200000-0xc0600000 4M ro x SHD 0xc0600000-0xc0800000 2M ro NX SHD 0xc0800000-0xc4800000 64M RW NX SHD The fix is to check that the software and hardware bits are both set before displaying "ro". The dump then shows the true perms: ---[ Kernel Mapping ]--- 0xc0000000-0xc0200000 2M RW NX SHD 0xc0200000-0xc0600000 4M RW x SHD 0xc0600000-0xc0800000 2M RW NX SHD 0xc0800000-0xc4800000 64M RW NX SHD Fixes: ded947798469 ("ARM: 8109/1: mm: Modify pte_write and pmd_write logic for LPAE") Signed-off-by: Philip Derrin <[email protected]> Tested-by: Neil Dick <[email protected]> Reviewed-by: Kees Cook <[email protected]> Cc: [email protected] Signed-off-by: Russell King <[email protected]>
2017-11-16Merge branch 'for-linus' of git://git.armlinux.org.uk/~rmk/linux-armLinus Torvalds5-281/+489
Pull ARM updates from Russell King: - add support for ELF fdpic binaries on both MMU and noMMU platforms - linker script cleanups - support for compressed .data section for XIP images - discard memblock arrays when possible - various cleanups - atomic DMA pool updates - better diagnostics of missing/corrupt device tree - export information to allow userspace kexec tool to place images more inteligently, so that the device tree isn't overwritten by the booting kernel - make early_printk more efficient on semihosted systems - noMMU cleanups - SA1111 PCMCIA update in preparation for further cleanups * 'for-linus' of git://git.armlinux.org.uk/~rmk/linux-arm: (38 commits) ARM: 8719/1: NOMMU: work around maybe-uninitialized warning ARM: 8717/2: debug printch/printascii: translate '\n' to "\r\n" not "\n\r" ARM: 8713/1: NOMMU: Support MPU in XIP configuration ARM: 8712/1: NOMMU: Use more MPU regions to cover memory ARM: 8711/1: V7M: Add support for MPU to M-class ARM: 8710/1: Kconfig: Kill CONFIG_VECTORS_BASE ARM: 8709/1: NOMMU: Disallow MPU for XIP ARM: 8708/1: NOMMU: Rework MPU to be mostly done in C ARM: 8707/1: NOMMU: Update MPU accessors to use cp15 helpers ARM: 8706/1: NOMMU: Move out MPU setup in separate module ARM: 8702/1: head-common.S: Clear lr before jumping to start_kernel() ARM: 8705/1: early_printk: use printascii() rather than printch() ARM: 8703/1: debug.S: move hexbuf to a writable section ARM: add additional table to compressed kernel ARM: decompressor: fix BSS size calculation pcmcia: sa1111: remove special sa1111 mmio accessors pcmcia: sa1111: use sa1111_get_irq() to obtain IRQ resources ARM: better diagnostics with missing/corrupt dtb ARM: 8699/1: dma-mapping: Remove init_dma_coherent_pool_size() ARM: 8698/1: dma-mapping: Mark atomic_pool as __ro_after_init ..
2017-11-15mm: introduce wrappers to access mm->nr_ptesKirill A. Shutemov1-1/+1
Let's add wrappers for ->nr_ptes with the same interface as for nr_pmd and nr_pud. The patch also makes nr_ptes accounting dependent onto CONFIG_MMU. Page table accounting doesn't make sense if you don't have page tables. It's preparation for consolidation of page-table counters in mm_struct. Link: http://lkml.kernel.org/r/[email protected] Signed-off-by: Kirill A. Shutemov <[email protected]> Acked-by: Michal Hocko <[email protected]> Signed-off-by: Andrew Morton <[email protected]> Signed-off-by: Linus Torvalds <[email protected]>
2017-11-08Merge branch 'devel-stable' into for-nextRussell King3-253/+486
2017-11-08Merge branches 'fixes', 'misc' and 'sa1111-for-next' into for-nextRussell King2-28/+3
2017-11-06ARM: 8719/1: NOMMU: work around maybe-uninitialized warningArnd Bergmann1-1/+1
The reworked MPU code produces a new warning in some configurations, presumably starting with the code move after the compiler now makes different inlining decisions: arch/arm/mm/pmsa-v7.c: In function 'adjust_lowmem_bounds_mpu': arch/arm/mm/pmsa-v7.c:310:5: error: 'specified_mem_size' may be used uninitialized in this function [-Werror=maybe-uninitialized] This appears to be harmless, as we know that there is always at least one memblock, and the only way this could get triggered is if the for_each_memblock() loop was never entered. I could not come up with a better workaround than initializing the specified_mem_size to zero, but at least that is the value that the variable would have in the hypothetical case of no memblocks. Fixes: 877ec119dbbf ("ARM: 8706/1: NOMMU: Move out MPU setup in separate module") Signed-off-by: Arnd Bergmann <[email protected]> Reviewed-by: Vladimir Murzin <[email protected]> Signed-off-by: Russell King <[email protected]>
2017-11-02License cleanup: add SPDX GPL-2.0 license identifier to files with no licenseGreg Kroah-Hartman26-0/+26
Many source files in the tree are missing licensing information, which makes it harder for compliance tools to determine the correct license. By default all files without license information are under the default license of the kernel, which is GPL version 2. Update the files which contain no license information with the 'GPL-2.0' SPDX license identifier. The SPDX identifier is a legally binding shorthand, which can be used instead of the full boiler plate text. This patch is based on work done by Thomas Gleixner and Kate Stewart and Philippe Ombredanne. How this work was done: Patches were generated and checked against linux-4.14-rc6 for a subset of the use cases: - file had no licensing information it it. - file was a */uapi/* one with no licensing information in it, - file was a */uapi/* one with existing licensing information, Further patches will be generated in subsequent months to fix up cases where non-standard license headers were used, and references to license had to be inferred by heuristics based on keywords. The analysis to determine which SPDX License Identifier to be applied to a file was done in a spreadsheet of side by side results from of the output of two independent scanners (ScanCode & Windriver) producing SPDX tag:value files created by Philippe Ombredanne. Philippe prepared the base worksheet, and did an initial spot review of a few 1000 files. The 4.13 kernel was the starting point of the analysis with 60,537 files assessed. Kate Stewart did a file by file comparison of the scanner results in the spreadsheet to determine which SPDX license identifier(s) to be applied to the file. She confirmed any determination that was not immediately clear with lawyers working with the Linux Foundation. Criteria used to select files for SPDX license identifier tagging was: - Files considered eligible had to be source code files. - Make and config files were included as candidates if they contained >5 lines of source - File already had some variant of a license header in it (even if <5 lines). All documentation files were explicitly excluded. The following heuristics were used to determine which SPDX license identifiers to apply. - when both scanners couldn't find any license traces, file was considered to have no license information in it, and the top level COPYING file license applied. For non */uapi/* files that summary was: SPDX license identifier # files ---------------------------------------------------|------- GPL-2.0 11139 and resulted in the first patch in this series. If that file was a */uapi/* path one, it was "GPL-2.0 WITH Linux-syscall-note" otherwise it was "GPL-2.0". Results of that was: SPDX license identifier # files ---------------------------------------------------|------- GPL-2.0 WITH Linux-syscall-note 930 and resulted in the second patch in this series. - if a file had some form of licensing information in it, and was one of the */uapi/* ones, it was denoted with the Linux-syscall-note if any GPL family license was found in the file or had no licensing in it (per prior point). Results summary: SPDX license identifier # files ---------------------------------------------------|------ GPL-2.0 WITH Linux-syscall-note 270 GPL-2.0+ WITH Linux-syscall-note 169 ((GPL-2.0 WITH Linux-syscall-note) OR BSD-2-Clause) 21 ((GPL-2.0 WITH Linux-syscall-note) OR BSD-3-Clause) 17 LGPL-2.1+ WITH Linux-syscall-note 15 GPL-1.0+ WITH Linux-syscall-note 14 ((GPL-2.0+ WITH Linux-syscall-note) OR BSD-3-Clause) 5 LGPL-2.0+ WITH Linux-syscall-note 4 LGPL-2.1 WITH Linux-syscall-note 3 ((GPL-2.0 WITH Linux-syscall-note) OR MIT) 3 ((GPL-2.0 WITH Linux-syscall-note) AND MIT) 1 and that resulted in the third patch in this series. - when the two scanners agreed on the detected license(s), that became the concluded license(s). - when there was disagreement between the two scanners (one detected a license but the other didn't, or they both detected different licenses) a manual inspection of the file occurred. - In most cases a manual inspection of the information in the file resulted in a clear resolution of the license that should apply (and which scanner probably needed to revisit its heuristics). - When it was not immediately clear, the license identifier was confirmed with lawyers working with the Linux Foundation. - If there was any question as to the appropriate license identifier, the file was flagged for further research and to be revisited later in time. In total, over 70 hours of logged manual review was done on the spreadsheet to determine the SPDX license identifiers to apply to the source files by Kate, Philippe, Thomas and, in some cases, confirmation by lawyers working with the Linux Foundation. Kate also obtained a third independent scan of the 4.13 code base from FOSSology, and compared selected files where the other two scanners disagreed against that SPDX file, to see if there was new insights. The Windriver scanner is based on an older version of FOSSology in part, so they are related. Thomas did random spot checks in about 500 files from the spreadsheets for the uapi headers and agreed with SPDX license identifier in the files he inspected. For the non-uapi files Thomas did random spot checks in about 15000 files. In initial set of patches against 4.14-rc6, 3 files were found to have copy/paste license identifier errors, and have been fixed to reflect the correct identifier. Additionally Philippe spent 10 hours this week doing a detailed manual inspection and review of the 12,461 patched files from the initial patch version early this week with: - a full scancode scan run, collecting the matched texts, detected license ids and scores - reviewing anything where there was a license detected (about 500+ files) to ensure that the applied SPDX license was correct - reviewing anything where there was no detection but the patch license was not GPL-2.0 WITH Linux-syscall-note to ensure that the applied SPDX license was correct This produced a worksheet with 20 files needing minor correction. This worksheet was then exported into 3 different .csv files for the different types of files to be modified. These .csv files were then reviewed by Greg. Thomas wrote a script to parse the csv files and add the proper SPDX tag to the file, in the format that the file expected. This script was further refined by Greg based on the output to detect more types of files automatically and to distinguish between header and source .c files (which need different comment types.) Finally Greg ran the script using the .csv files to generate the patches. Reviewed-by: Kate Stewart <[email protected]> Reviewed-by: Philippe Ombredanne <[email protected]> Reviewed-by: Thomas Gleixner <[email protected]> Signed-off-by: Greg Kroah-Hartman <[email protected]>