2005-04-16 15:20:36 -07:00
/*
* Copyright ( C ) 2001 Andrea Arcangeli < andrea @ suse . de > SuSE
* Copyright 2003 Andi Kleen , SuSE Labs .
*
2011-06-05 13:50:24 -04:00
* [ NOTE : this mechanism is now deprecated in favor of the vDSO . ]
*
2005-04-16 15:20:36 -07:00
* Thanks to hpa @ transmeta . com for some useful hint .
* Special thanks to Ingo Molnar for his early experience with
* a different vsyscall implementation for Linux / IA32 and for the name .
*
* vsyscall 1 is located at - 10 Mbyte , vsyscall 2 is located
* at virtual address - 10 Mbyte + 1024 bytes etc . . . There are at max 4
* vsyscalls . One vsyscall can reserve more than 1 slot to avoid
* jumping out of line if necessary . We cannot add more with this
* mechanism because older kernels won ' t return - ENOSYS .
*
2011-06-05 13:50:24 -04:00
* Note : the concept clashes with user mode linux . UML users should
* use the vDSO .
2005-04-16 15:20:36 -07:00
*/
2012-05-21 19:50:07 -07:00
# define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
2005-04-16 15:20:36 -07:00
# include <linux/time.h>
# include <linux/init.h>
# include <linux/kernel.h>
# include <linux/timer.h>
# include <linux/seqlock.h>
# include <linux/jiffies.h>
# include <linux/sysctl.h>
2011-05-26 12:33:18 -04:00
# include <linux/topology.h>
2012-09-04 15:27:48 -04:00
# include <linux/timekeeper_internal.h>
2006-09-26 10:52:28 +02:00
# include <linux/getcpu.h>
2006-11-14 16:57:46 +01:00
# include <linux/cpu.h>
# include <linux/smp.h>
# include <linux/notifier.h>
2011-06-05 13:50:24 -04:00
# include <linux/syscalls.h>
# include <linux/ratelimit.h>
2005-04-16 15:20:36 -07:00
# include <asm/vsyscall.h>
# include <asm/pgtable.h>
2011-07-13 09:24:09 -04:00
# include <asm/compat.h>
2005-04-16 15:20:36 -07:00
# include <asm/page.h>
2007-02-16 01:28:21 -08:00
# include <asm/unistd.h>
2005-04-16 15:20:36 -07:00
# include <asm/fixmap.h>
# include <asm/errno.h>
# include <asm/io.h>
2006-09-26 10:52:28 +02:00
# include <asm/segment.h>
# include <asm/desc.h>
# include <asm/topology.h>
2011-06-05 13:50:24 -04:00
# include <asm/traps.h>
2005-04-16 15:20:36 -07:00
2011-08-03 09:31:54 -04:00
# define CREATE_TRACE_POINTS
# include "vsyscall_trace.h"
2011-05-23 09:31:24 -04:00
DEFINE_VVAR ( int , vgetcpu_mode ) ;
2005-04-16 15:20:36 -07:00
2011-11-07 16:33:41 -08:00
static enum { EMULATE , NATIVE , NONE } vsyscall_mode = EMULATE ;
2011-08-10 11:15:32 -04:00
static int __init vsyscall_setup ( char * str )
{
if ( str ) {
if ( ! strcmp ( " emulate " , str ) )
vsyscall_mode = EMULATE ;
else if ( ! strcmp ( " native " , str ) )
vsyscall_mode = NATIVE ;
else if ( ! strcmp ( " none " , str ) )
vsyscall_mode = NONE ;
else
return - EINVAL ;
return 0 ;
}
return - EINVAL ;
}
early_param ( " vsyscall " , vsyscall_setup ) ;
2011-06-05 13:50:24 -04:00
static void warn_bad_vsyscall ( const char * level , struct pt_regs * regs ,
const char * message )
2005-04-16 15:20:36 -07:00
{
2012-05-21 19:50:07 -07:00
if ( ! show_unhandled_signals )
2011-06-05 13:50:24 -04:00
return ;
2005-04-16 15:20:36 -07:00
2012-05-21 19:50:07 -07:00
pr_notice_ratelimited ( " %s%s[%d] %s ip:%lx cs:%lx sp:%lx ax:%lx si:%lx di:%lx \n " ,
level , current - > comm , task_pid_nr ( current ) ,
message , regs - > ip , regs - > cs ,
regs - > sp , regs - > ax , regs - > si , regs - > di ) ;
2011-07-13 09:24:09 -04:00
}
static int addr_to_vsyscall_nr ( unsigned long addr )
{
int nr ;
if ( ( addr & ~ 0xC00UL ) ! = VSYSCALL_START )
return - EINVAL ;
nr = ( addr & 0xC00UL ) > > 10 ;
if ( nr > = 3 )
return - EINVAL ;
return nr ;
2005-04-16 15:20:36 -07:00
}
2011-11-07 16:33:40 -08:00
static bool write_ok_or_segv ( unsigned long ptr , size_t size )
{
/*
* XXX : if access_ok , get_user , and put_user handled
* sig_on_uaccess_error , this could go away .
*/
if ( ! access_ok ( VERIFY_WRITE , ( void __user * ) ptr , size ) ) {
siginfo_t info ;
struct thread_struct * thread = & current - > thread ;
thread - > error_code = 6 ; /* user fault, no page, write */
thread - > cr2 = ptr ;
2012-03-12 14:55:55 +05:30
thread - > trap_nr = X86_TRAP_PF ;
2011-11-07 16:33:40 -08:00
memset ( & info , 0 , sizeof ( info ) ) ;
info . si_signo = SIGSEGV ;
info . si_errno = 0 ;
info . si_code = SEGV_MAPERR ;
info . si_addr = ( void __user * ) ptr ;
force_sig_info ( SIGSEGV , & info , current ) ;
return false ;
} else {
return true ;
}
}
2011-08-10 11:15:32 -04:00
bool emulate_vsyscall ( struct pt_regs * regs , unsigned long address )
2005-04-16 15:20:36 -07:00
{
2011-06-05 13:50:24 -04:00
struct task_struct * tsk ;
unsigned long caller ;
2012-10-01 11:40:45 -07:00
int vsyscall_nr , syscall_nr , tmp ;
2011-11-07 16:33:40 -08:00
int prev_sig_on_uaccess_error ;
2011-06-05 13:50:24 -04:00
long ret ;
2011-08-10 11:15:32 -04:00
/*
* No point in checking CS - - the only way to get here is a user mode
* trap to a high address , which means that we ' re in 64 - bit user code .
*/
2011-06-05 13:50:24 -04:00
2011-08-10 11:15:32 -04:00
WARN_ON_ONCE ( address ! = regs - > ip ) ;
2011-07-13 09:24:09 -04:00
2011-08-10 11:15:32 -04:00
if ( vsyscall_mode = = NONE ) {
warn_bad_vsyscall ( KERN_INFO , regs ,
" vsyscall attempted with vsyscall=none " ) ;
return false ;
2011-07-13 09:24:09 -04:00
}
2011-08-10 11:15:32 -04:00
vsyscall_nr = addr_to_vsyscall_nr ( address ) ;
2011-08-03 09:31:54 -04:00
trace_emulate_vsyscall ( vsyscall_nr ) ;
2011-07-13 09:24:09 -04:00
if ( vsyscall_nr < 0 ) {
warn_bad_vsyscall ( KERN_WARNING , regs ,
2011-08-10 11:15:32 -04:00
" misaligned vsyscall (exploit attempt or buggy program) -- look up the vsyscall kernel parameter if you need a workaround " ) ;
2011-06-05 13:50:24 -04:00
goto sigsegv ;
}
2007-05-21 14:31:52 +02:00
2011-06-05 13:50:24 -04:00
if ( get_user ( caller , ( unsigned long __user * ) regs - > sp ) ! = 0 ) {
2011-08-10 11:15:32 -04:00
warn_bad_vsyscall ( KERN_WARNING , regs ,
" vsyscall with bad stack (exploit attempt?) " ) ;
2011-06-05 13:50:24 -04:00
goto sigsegv ;
}
2010-07-13 17:56:18 -07:00
2011-06-05 13:50:24 -04:00
tsk = current ;
2011-11-07 16:33:40 -08:00
/*
2012-10-01 11:40:45 -07:00
* Check for access_ok violations and find the syscall nr .
*
2012-04-01 20:48:04 +02:00
* NULL is a valid user pointer ( in the access_ok sense ) on 32 - bit and
2011-11-07 16:33:40 -08:00
* 64 - bit , so we don ' t need to special - case it here . For all the
2012-04-01 20:48:04 +02:00
* vsyscalls , NULL means " don't write anything " not " write it at
2011-11-07 16:33:40 -08:00
* address 0 " .
*/
2011-06-05 13:50:24 -04:00
switch ( vsyscall_nr ) {
case 0 :
2011-11-07 16:33:40 -08:00
if ( ! write_ok_or_segv ( regs - > di , sizeof ( struct timeval ) ) | |
2012-10-01 11:40:45 -07:00
! write_ok_or_segv ( regs - > si , sizeof ( struct timezone ) ) ) {
ret = - EFAULT ;
goto check_fault ;
}
2011-11-07 16:33:40 -08:00
2012-10-01 11:40:45 -07:00
syscall_nr = __NR_gettimeofday ;
break ;
case 1 :
if ( ! write_ok_or_segv ( regs - > di , sizeof ( time_t ) ) ) {
ret = - EFAULT ;
goto check_fault ;
}
syscall_nr = __NR_time ;
break ;
case 2 :
if ( ! write_ok_or_segv ( regs - > di , sizeof ( unsigned ) ) | |
! write_ok_or_segv ( regs - > si , sizeof ( unsigned ) ) ) {
ret = - EFAULT ;
goto check_fault ;
}
syscall_nr = __NR_getcpu ;
break ;
}
/*
* Handle seccomp . regs - > ip must be the original value .
* See seccomp_send_sigsys and Documentation / prctl / seccomp_filter . txt .
*
* We could optimize the seccomp disabled case , but performance
* here doesn ' t matter .
*/
regs - > orig_ax = syscall_nr ;
regs - > ax = - ENOSYS ;
tmp = secure_computing ( syscall_nr ) ;
if ( ( ! tmp & & regs - > orig_ax ! = syscall_nr ) | | regs - > ip ! = address ) {
warn_bad_vsyscall ( KERN_DEBUG , regs ,
" seccomp tried to change syscall nr or ip " ) ;
do_exit ( SIGSYS ) ;
}
if ( tmp )
goto do_ret ; /* skip requested */
/*
* With a real vsyscall , page faults cause SIGSEGV . We want to
* preserve that behavior to make writing exploits harder .
*/
prev_sig_on_uaccess_error = current_thread_info ( ) - > sig_on_uaccess_error ;
current_thread_info ( ) - > sig_on_uaccess_error = 1 ;
ret = - EFAULT ;
switch ( vsyscall_nr ) {
case 0 :
2011-06-05 13:50:24 -04:00
ret = sys_gettimeofday (
( struct timeval __user * ) regs - > di ,
( struct timezone __user * ) regs - > si ) ;
break ;
case 1 :
ret = sys_time ( ( time_t __user * ) regs - > di ) ;
break ;
case 2 :
ret = sys_getcpu ( ( unsigned __user * ) regs - > di ,
( unsigned __user * ) regs - > si ,
2012-04-01 20:48:04 +02:00
NULL ) ;
2011-06-05 13:50:24 -04:00
break ;
}
2010-07-13 17:56:18 -07:00
2011-11-07 16:33:40 -08:00
current_thread_info ( ) - > sig_on_uaccess_error = prev_sig_on_uaccess_error ;
2012-10-01 11:40:45 -07:00
check_fault :
2011-06-05 13:50:24 -04:00
if ( ret = = - EFAULT ) {
2011-11-07 16:33:40 -08:00
/* Bad news -- userspace fed a bad pointer to a vsyscall. */
2011-06-05 13:50:24 -04:00
warn_bad_vsyscall ( KERN_INFO , regs ,
" vsyscall fault (exploit attempt?) " ) ;
2011-11-07 16:33:40 -08:00
/*
* If we failed to generate a signal for any reason ,
* generate one here . ( This should be impossible . )
*/
if ( WARN_ON_ONCE ( ! sigismember ( & tsk - > pending . signal , SIGBUS ) & &
! sigismember ( & tsk - > pending . signal , SIGSEGV ) ) )
goto sigsegv ;
return true ; /* Don't emulate the ret. */
2011-06-05 13:50:24 -04:00
}
2010-07-13 17:56:18 -07:00
2011-06-05 13:50:24 -04:00
regs - > ax = ret ;
2005-04-16 15:20:36 -07:00
2012-07-13 12:06:35 -05:00
do_ret :
2011-06-05 13:50:24 -04:00
/* Emulate a ret instruction. */
regs - > ip = caller ;
regs - > sp + = 8 ;
2011-08-10 11:15:32 -04:00
return true ;
2011-06-05 13:50:24 -04:00
sigsegv :
force_sig ( SIGSEGV , current ) ;
2011-08-10 11:15:32 -04:00
return true ;
2005-04-16 15:20:36 -07:00
}
2011-06-05 13:50:24 -04:00
/*
* Assume __initcall executes before all user space . Hopefully kmod
* doesn ' t violate that . We ' ll find out if it does .
*/
x86: delete __cpuinit usage from all x86 files
The __cpuinit type of throwaway sections might have made sense
some time ago when RAM was more constrained, but now the savings
do not offset the cost and complications. For example, the fix in
commit 5e427ec2d0 ("x86: Fix bit corruption at CPU resume time")
is a good example of the nasty type of bugs that can be created
with improper use of the various __init prefixes.
After a discussion on LKML[1] it was decided that cpuinit should go
the way of devinit and be phased out. Once all the users are gone,
we can then finally remove the macros themselves from linux/init.h.
Note that some harmless section mismatch warnings may result, since
notify_cpu_starting() and cpu_up() are arch independent (kernel/cpu.c)
are flagged as __cpuinit -- so if we remove the __cpuinit from
arch specific callers, we will also get section mismatch warnings.
As an intermediate step, we intend to turn the linux/init.h cpuinit
content into no-ops as early as possible, since that will get rid
of these warnings. In any case, they are temporary and harmless.
This removes all the arch/x86 uses of the __cpuinit macros from
all C files. x86 only had the one __CPUINIT used in assembly files,
and it wasn't paired off with a .previous or a __FINIT, so we can
delete it directly w/o any corresponding additional change there.
[1] https://lkml.org/lkml/2013/5/20/589
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Ingo Molnar <mingo@redhat.com>
Cc: "H. Peter Anvin" <hpa@zytor.com>
Cc: x86@kernel.org
Acked-by: Ingo Molnar <mingo@kernel.org>
Acked-by: Thomas Gleixner <tglx@linutronix.de>
Acked-by: H. Peter Anvin <hpa@linux.intel.com>
Signed-off-by: Paul Gortmaker <paul.gortmaker@windriver.com>
2013-06-18 18:23:59 -04:00
static void vsyscall_set_cpu ( int cpu )
2006-09-26 10:52:28 +02:00
{
2008-06-25 00:19:01 -04:00
unsigned long d ;
2006-09-26 10:52:28 +02:00
unsigned long node = 0 ;
# ifdef CONFIG_NUMA
x86: fix cpu_to_node references
In x86_64 and i386 architectures most arrays that are sized using
NR_CPUS lay in local memory on node 0. Not only will most (99%?) of the
systems not use all the slots in these arrays, particularly when NR_CPUS
is increased to accommodate future very high cpu count systems, but a
number of cache lines are passed unnecessarily on the system bus when
these arrays are referenced by cpus on other nodes.
Typically, the values in these arrays are referenced by the cpu
accessing it's own values, though when passing IPI interrupts, the cpu
does access the data relevant to the targeted cpu/node. Of course, if
the referencing cpu is not on node 0, then the reference will still
require cross node exchanges of cache lines. A common use of this is
for an interrupt service routine to pass the interrupt to other cpus
local to that node.
Ideally, all the elements in these arrays should be moved to the per_cpu
data area. In some cases (such as x86_cpu_to_apicid) the array is
referenced before the per_cpu data areas are setup. In this case, a
static array is declared in the __initdata area and initialized by the
booting cpu (BSP). The values are then moved to the per_cpu area after
it is initialized and the original static array is freed with the rest
of the __initdata.
This patch:
Fix four instances where cpu_to_node is referenced by array instead of
via the cpu_to_node macro. This is preparation to moving it to the
per_cpu data area.
Signed-off-by: Mike Travis <travis@sgi.com>
Cc: Andi Kleen <ak@suse.de>
Cc: Christoph Lameter <clameter@sgi.com>
Cc: "Siddha, Suresh B" <suresh.b.siddha@intel.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Ingo Molnar <mingo@elte.hu>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
2007-10-17 18:04:39 +02:00
node = cpu_to_node ( cpu ) ;
2006-09-26 10:52:28 +02:00
# endif
2007-10-19 20:35:04 +02:00
if ( cpu_has ( & cpu_data ( cpu ) , X86_FEATURE_RDTSCP ) )
2006-11-14 16:57:46 +01:00
write_rdtscp_aux ( ( node < < 12 ) | cpu ) ;
2006-09-26 10:52:28 +02:00
2011-06-05 13:50:24 -04:00
/*
* Store cpu number in limit so that it can be loaded quickly
* in user space in vgetcpu . ( 12 bits for the CPU and 8 bits for the node )
*/
2008-06-25 00:19:01 -04:00
d = 0x0f40000000000ULL ;
d | = cpu ;
d | = ( node & 0xf ) < < 12 ;
d | = ( node > > 4 ) < < 48 ;
2011-06-05 13:50:24 -04:00
2008-06-25 00:19:01 -04:00
write_gdt_entry ( get_cpu_gdt_table ( cpu ) , GDT_ENTRY_PER_CPU , & d , DESCTYPE_S ) ;
2006-09-26 10:52:28 +02:00
}
x86: delete __cpuinit usage from all x86 files
The __cpuinit type of throwaway sections might have made sense
some time ago when RAM was more constrained, but now the savings
do not offset the cost and complications. For example, the fix in
commit 5e427ec2d0 ("x86: Fix bit corruption at CPU resume time")
is a good example of the nasty type of bugs that can be created
with improper use of the various __init prefixes.
After a discussion on LKML[1] it was decided that cpuinit should go
the way of devinit and be phased out. Once all the users are gone,
we can then finally remove the macros themselves from linux/init.h.
Note that some harmless section mismatch warnings may result, since
notify_cpu_starting() and cpu_up() are arch independent (kernel/cpu.c)
are flagged as __cpuinit -- so if we remove the __cpuinit from
arch specific callers, we will also get section mismatch warnings.
As an intermediate step, we intend to turn the linux/init.h cpuinit
content into no-ops as early as possible, since that will get rid
of these warnings. In any case, they are temporary and harmless.
This removes all the arch/x86 uses of the __cpuinit macros from
all C files. x86 only had the one __CPUINIT used in assembly files,
and it wasn't paired off with a .previous or a __FINIT, so we can
delete it directly w/o any corresponding additional change there.
[1] https://lkml.org/lkml/2013/5/20/589
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Ingo Molnar <mingo@redhat.com>
Cc: "H. Peter Anvin" <hpa@zytor.com>
Cc: x86@kernel.org
Acked-by: Ingo Molnar <mingo@kernel.org>
Acked-by: Thomas Gleixner <tglx@linutronix.de>
Acked-by: H. Peter Anvin <hpa@linux.intel.com>
Signed-off-by: Paul Gortmaker <paul.gortmaker@windriver.com>
2013-06-18 18:23:59 -04:00
static void cpu_vsyscall_init ( void * arg )
2006-11-14 16:57:46 +01:00
{
/* preemption should be already off */
vsyscall_set_cpu ( raw_smp_processor_id ( ) ) ;
}
x86: delete __cpuinit usage from all x86 files
The __cpuinit type of throwaway sections might have made sense
some time ago when RAM was more constrained, but now the savings
do not offset the cost and complications. For example, the fix in
commit 5e427ec2d0 ("x86: Fix bit corruption at CPU resume time")
is a good example of the nasty type of bugs that can be created
with improper use of the various __init prefixes.
After a discussion on LKML[1] it was decided that cpuinit should go
the way of devinit and be phased out. Once all the users are gone,
we can then finally remove the macros themselves from linux/init.h.
Note that some harmless section mismatch warnings may result, since
notify_cpu_starting() and cpu_up() are arch independent (kernel/cpu.c)
are flagged as __cpuinit -- so if we remove the __cpuinit from
arch specific callers, we will also get section mismatch warnings.
As an intermediate step, we intend to turn the linux/init.h cpuinit
content into no-ops as early as possible, since that will get rid
of these warnings. In any case, they are temporary and harmless.
This removes all the arch/x86 uses of the __cpuinit macros from
all C files. x86 only had the one __CPUINIT used in assembly files,
and it wasn't paired off with a .previous or a __FINIT, so we can
delete it directly w/o any corresponding additional change there.
[1] https://lkml.org/lkml/2013/5/20/589
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Ingo Molnar <mingo@redhat.com>
Cc: "H. Peter Anvin" <hpa@zytor.com>
Cc: x86@kernel.org
Acked-by: Ingo Molnar <mingo@kernel.org>
Acked-by: Thomas Gleixner <tglx@linutronix.de>
Acked-by: H. Peter Anvin <hpa@linux.intel.com>
Signed-off-by: Paul Gortmaker <paul.gortmaker@windriver.com>
2013-06-18 18:23:59 -04:00
static int
2006-11-14 16:57:46 +01:00
cpu_vsyscall_notifier ( struct notifier_block * n , unsigned long action , void * arg )
{
long cpu = ( long ) arg ;
2011-06-05 13:50:24 -04:00
2007-05-09 02:35:10 -07:00
if ( action = = CPU_ONLINE | | action = = CPU_ONLINE_FROZEN )
2008-06-06 11:18:06 +02:00
smp_call_function_single ( cpu , cpu_vsyscall_init , NULL , 1 ) ;
2011-06-05 13:50:24 -04:00
2006-11-14 16:57:46 +01:00
return NOTIFY_DONE ;
}
2008-01-30 13:32:39 +01:00
void __init map_vsyscall ( void )
2005-04-16 15:20:36 -07:00
{
2011-08-10 11:15:32 -04:00
extern char __vsyscall_page ;
unsigned long physaddr_vsyscall = __pa_symbol ( & __vsyscall_page ) ;
2011-06-05 13:50:19 -04:00
unsigned long physaddr_vvar_page = __pa_symbol ( & __vvar_page ) ;
2005-04-16 15:20:36 -07:00
2011-08-10 11:15:32 -04:00
__set_fixmap ( VSYSCALL_FIRST_PAGE , physaddr_vsyscall ,
vsyscall_mode = = NATIVE
? PAGE_KERNEL_VSYSCALL
: PAGE_KERNEL_VVAR ) ;
BUILD_BUG_ON ( ( unsigned long ) __fix_to_virt ( VSYSCALL_FIRST_PAGE ) ! =
( unsigned long ) VSYSCALL_START ) ;
2011-06-05 13:50:19 -04:00
__set_fixmap ( VVAR_PAGE , physaddr_vvar_page , PAGE_KERNEL_VVAR ) ;
2011-08-10 11:15:32 -04:00
BUILD_BUG_ON ( ( unsigned long ) __fix_to_virt ( VVAR_PAGE ) ! =
( unsigned long ) VVAR_ADDRESS ) ;
2005-04-16 15:20:36 -07:00
}
static int __init vsyscall_init ( void )
{
2011-06-05 13:50:24 -04:00
BUG_ON ( VSYSCALL_ADDR ( 0 ) ! = __fix_to_virt ( VSYSCALL_FIRST_PAGE ) ) ;
2014-03-11 02:06:50 +05:30
cpu_notifier_register_begin ( ) ;
2008-05-09 09:39:44 +02:00
on_each_cpu ( cpu_vsyscall_init , NULL , 1 ) ;
2009-12-18 16:48:45 +08:00
/* notifier priority > KVM */
2014-03-11 02:06:50 +05:30
__hotcpu_notifier ( cpu_vsyscall_notifier , 30 ) ;
cpu_notifier_register_done ( ) ;
2011-06-05 13:50:24 -04:00
2005-04-16 15:20:36 -07:00
return 0 ;
}
__initcall ( vsyscall_init ) ;