IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
This fixes the computation of the HPTE index to use when the HPT
resizing code encounters a bolted HPTE which is stored in its
secondary HPTE group. The code inverts the HPTE group number, which
is correct, but doesn't then mask it with new_hash_mask. As a result,
new_pteg will be effectively negative, resulting in new_hptep
pointing before the new HPT, which will corrupt memory.
In addition, this removes two BUG_ON statements. The condition that
the BUG_ONs were testing -- that we have computed the hash value
incorrectly -- has never been observed in testing, and if it did
occur, would only affect the guest, not the host. Given that
BUG_ON should only be used in conditions where the kernel (i.e.
the host kernel, in this case) can't possibly continue execution,
it is not appropriate here.
Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Paul Mackerras <paulus@ozlabs.org>
Spectre v1 mitigation:
- back-end version of array_index_mask_nospec()
- masking of the syscall number to restrict speculation through the
syscall table
- masking of __user pointers prior to deference in uaccess routines
Spectre v2 mitigation update:
- using the new firmware SMC calling convention specification update
- removing the current PSCI GET_VERSION firmware call mitigation as
vendors are deploying new SMCCC-capable firmware
- additional branch predictor hardening for synchronous exceptions and
interrupts while in user mode
Meltdown v3 mitigation update for Cavium Thunder X: unaffected but
hardware erratum gets in the way. The kernel now starts with the page
tables mapped as global and switches to non-global if kpti needs to be
enabled.
Other:
- Theoretical trylock bug fixed
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEE5RElWfyWxS+3PLO2a9axLQDIXvEFAlp8lqcACgkQa9axLQDI
XvH2lxAAnsYqthpGQ11MtDJB+/UiBAFkg9QWPDkwrBDvNhgpll+J0VQuCN1QJ2GX
qQ8rkv8uV+y4Fqr8hORGJy5At+0aI63ZCJ72RGkZTzJAtbFbFGIDHP7RhAEIGJBS
Lk9kDZ7k39wLEx30UXIFYTTVzyHar397TdI7vkTcngiTzZ8MdFATfN/hiKO906q3
14pYnU9Um4aHUdcJ+FocL3dxvdgniuuMBWoNiYXyOCZXjmbQOnDNU2UrICroV8lS
mB+IHNEhX1Gl35QzNBtC0ET+aySfHBMJmM5oln+uVUljIGx6En1WLj6mrHYcx8U2
rIBm5qO/X/4iuzYPGkxwQtpjq3wPYxsSUnMdKJrsUZqAfy2QeIhFx6XUtJsZPB2J
/lgls5xSXMOS7oiOQtmVjcDLBURDmYXGwljXR4n4jLm4CT1V9qSLcKHu1gdFU9Mq
VuMUdPOnQub1vqKndi154IoYDTo21jAib2ktbcxpJfSJnDYoit4Gtnv7eWY+M3Pd
Toaxi8htM2HSRwbvslHYGW8ZcVpI79Jit+ti7CsFg7m9Lvgs0zxcnNui4uPYDymT
jh2JYxuirIJbX9aGGhnmkNhq9REaeZJg9LA2JM8S77FCHN3bnlSdaG6wy899J6EI
lK4anCuPQKKKhUia/dc1MeKwrmmC18EfPyGUkOzywg/jGwGCmZM=
=Y0TT
-----END PGP SIGNATURE-----
Merge tag 'arm64-upstream' of git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux
Pull more arm64 updates from Catalin Marinas:
"As I mentioned in the last pull request, there's a second batch of
security updates for arm64 with mitigations for Spectre/v1 and an
improved one for Spectre/v2 (via a newly defined firmware interface
API).
Spectre v1 mitigation:
- back-end version of array_index_mask_nospec()
- masking of the syscall number to restrict speculation through the
syscall table
- masking of __user pointers prior to deference in uaccess routines
Spectre v2 mitigation update:
- using the new firmware SMC calling convention specification update
- removing the current PSCI GET_VERSION firmware call mitigation as
vendors are deploying new SMCCC-capable firmware
- additional branch predictor hardening for synchronous exceptions
and interrupts while in user mode
Meltdown v3 mitigation update:
- Cavium Thunder X is unaffected but a hardware erratum gets in the
way. The kernel now starts with the page tables mapped as global
and switches to non-global if kpti needs to be enabled.
Other:
- Theoretical trylock bug fixed"
* tag 'arm64-upstream' of git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux: (38 commits)
arm64: Kill PSCI_GET_VERSION as a variant-2 workaround
arm64: Add ARM_SMCCC_ARCH_WORKAROUND_1 BP hardening support
arm/arm64: smccc: Implement SMCCC v1.1 inline primitive
arm/arm64: smccc: Make function identifiers an unsigned quantity
firmware/psci: Expose SMCCC version through psci_ops
firmware/psci: Expose PSCI conduit
arm64: KVM: Add SMCCC_ARCH_WORKAROUND_1 fast handling
arm64: KVM: Report SMCCC_ARCH_WORKAROUND_1 BP hardening support
arm/arm64: KVM: Turn kvm_psci_version into a static inline
arm/arm64: KVM: Advertise SMCCC v1.1
arm/arm64: KVM: Implement PSCI 1.0 support
arm/arm64: KVM: Add smccc accessors to PSCI code
arm/arm64: KVM: Add PSCI_VERSION helper
arm/arm64: KVM: Consolidate the PSCI include files
arm64: KVM: Increment PC after handling an SMC trap
arm: KVM: Fix SMCCC handling of unimplemented SMC/HVC calls
arm64: KVM: Fix SMCCC handling of unimplemented SMC/HVC calls
arm64: entry: Apply BP hardening for suspicious interrupts from EL0
arm64: entry: Apply BP hardening for high-priority synchronous exceptions
arm64: futex: Mask __user pointers prior to dereference
...
Includes only a small fix for some conflicting symbols, aligning CRIS
with other platforms.
-----BEGIN PGP SIGNATURE-----
iEYEABECAAYFAlp5frcACgkQ31LbvUHyf1e9rACbBugJIN2v+wHZ2+XmQOW27hDp
V/IAn1HkpGdwyxxCZ6JZnr/XAtCi1RhJ
=EP69
-----END PGP SIGNATURE-----
mergetag object 6e0377212c4e45d7350cff018f6a95633937c031
type commit
tag cris-for-4.16-urgent
tagger Jesper Nilsson <jesper@jni.nu> 1518084841 +0100
CRIS urgent breakage fix for 4.16
The main Makefile for the CRIS port was
overzealously scrubbed in 4.15-rc3,
breaking the build for all CRIS SoCs.
-----BEGIN PGP SIGNATURE-----
iEYEABECAAYFAlp8I9IACgkQ31LbvUHyf1dIiACeP/H/3asKo7JgidYmA1gkEk4A
oiwAn0QXaFm5ljxuBSd88FIr4E5vfwdD
=fjIf
-----END PGP SIGNATURE-----
Merge tags 'cris-for-4.16' and 'cris-for-4.16-urgent' of git://git.kernel.org/pub/scm/linux/kernel/git/jesper/cris
Pull CRIS updates and fixes from Jesper Nilsson:
- a small fix for some conflicting symbols, aligning CRIS with other
platforms.
- fix build breakage regression for all CRIS SoCs. The main Makefile
for the CRIS port was overzealously scrubbed in 4.15-rc3.
* tag 'cris-for-4.16' of git://git.kernel.org/pub/scm/linux/kernel/git/jesper/cris:
cris: Fix conflicting types for _etext, _edata, _end
* tag 'cris-for-4.16-urgent' of git://git.kernel.org/pub/scm/linux/kernel/git/jesper/cris:
CRIS: Restore mistakenly cleared kernel Makefile
Reading mips_cpc_base value from the DT allows each platform to
define it according to its needs. This is especially convenient
for MIPS_GENERIC kernel where this kind of information should be
determined in runtime.
Use mti,mips-cpc compatible string with just a reg property to
specify the register location for your platform.
Signed-off-by: Paul Burton <paul.burton@mips.com>
Signed-off-by: Miodrag Dinic <miodrag.dinic@mips.com>
Signed-off-by: Aleksandar Markovic <aleksandar.markovic@mips.com>
Cc: linux-mips@linux-mips.org
Cc: Ralf Baechle <ralf@linux-mips.org>
Patchwork: https://patchwork.linux-mips.org/patch/18513/
Signed-off-by: James Hogan <jhogan@kernel.org>
This patch splits the linear mapping if the hot-unplug range is
smaller than the mapping size. The code detects if the mapping needs
to be split into a smaller size and if so, uses the stop machine
infrastructure to clear the existing mapping and then remap the
remaining range using a smaller page size.
The code will skip any region of the mapping that overlaps with kernel
text and warn about it once. We don't want to remove a mapping where
the kernel text and the LMB we intend to remove overlap in the same
TLB mapping as it may affect the currently executing code.
I've tested these changes under a kvm guest with 2 vcpus, from a split
mapping point of view, some of the caveats mentioned above applied to
the testing I did.
Fixes: 4b5d62ca17a1 ("powerpc/mm: add radix__remove_section_mapping()")
Signed-off-by: Balbir Singh <bsingharora@gmail.com>
[mpe: Tweak change log to match updated behaviour]
Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
This change restores and formalises the behaviour that access to NULL
or other user addresses by the kernel during boot should fault rather
than succeed and modify memory. This was inadvertently broken when
fixing another bug, because it was previously not well defined and
only worked by chance.
powerpc/64s/radix uses high address bits to select an address space
"quadrant", which determines which PID and LPID are used to translate
the rest of the address (effective PID, effective LPID). The kernel
mapping at 0xC... selects quadrant 3, which uses PID=0 and LPID=0. So
the kernel page tables are installed in the PID 0 process table entry.
An address at 0x0... selects quadrant 0, which uses PID=PIDR for
translating the rest of the address (that is, it uses the value of the
PIDR register as the effective PID). If PIDR=0, then the translation
is performed with the PID 0 process table entry page tables. This is
the kernel mapping, so we effectively get another copy of the kernel
address space at 0. A NULL pointer access will access physical memory
address 0.
To prevent duplicating the kernel address space in quadrant 0, this
patch allocates a guard PID containing no translations, and
initializes PIDR with this during boot, before the MMU is switched on.
Any kernel access to quadrant 0 will use this guard PID for
translation and find no valid mappings, and therefore fault.
After boot, this PID will be switchd away to user context PIDs, but
those contain user mappings (and usually NULL pointer protection)
rather than kernel mapping, which is much safer (and by design). It
may be in future this is tightened further, which the guard PID could
be used for.
Commit 371b8044 ("powerpc/64s: Initialize ISAv3 MMU registers before
setting partition table"), introduced this problem because it zeroes
PIDR at boot. However previously the value was inherited from firmware
or kexec, which is not robust and can be zero (e.g., mambo).
Fixes: 371b80447ff3 ("powerpc/64s: Initialize ISAv3 MMU registers before setting partition table")
Cc: stable@vger.kernel.org # v4.15+
Reported-by: Florian Weimer <fweimer@redhat.com>
Tested-by: Mauricio Faria de Oliveira <mauricfo@linux.vnet.ibm.com>
Signed-off-by: Nicholas Piggin <npiggin@gmail.com>
Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
The soft IRQ masking code has to hard-disable interrupts in cases
where the exception is not cleared by the masked handler. External
interrupts used this approach for soft masking. Now recently PMU
interrupts do the same thing.
The soft IRQ masking code additionally allowed for interrupt handlers
to hard-enable interrupts after soft-disabling them. The idea is to
allow PMU interrupts through to profile interrupt handlers.
So when interrupts are being replayed when there is a pending
interrupt that requires hard-disabling, there is a test to prevent
those handlers from hard-enabling them if there is a pending external
interrupt. may_hard_irq_enable() handles this.
After f442d00480 ("powerpc/64s: Add support to mask perf interrupts
and replay them"), may_hard_irq_enable() could prematurely enable
MSR[EE] when a PMU exception exists, which would result in the
interrupt firing again while masked, and MSR[EE] being disabled again.
I haven't seen that this could cause a serious problem, but it's
more consistent to handle these soft-masked interrupts in the same
way. So introduce a define for all types of interrupts that require
MSR[EE] masking in their soft-disable handlers, and use that in
may_hard_irq_enable().
Fixes: f442d004806e ("powerpc/64s: Add support to mask perf interrupts and replay them")
Signed-off-by: Nicholas Piggin <npiggin@gmail.com>
Reviewed-by: Madhavan Srinivasan <maddy@linux.vnet.ibm.com>
Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
Commit f14e953b191f ("powerpc/64s: Add support to take additional
parameter in MASKABLE_* macro") messed up MASKABLE_RELON_EXCEPTION_HV_OOL
macro by adding the wrong SOFTEN test which caused guest kernel crash
at boot. Patch to fix the macro to use SOFTEN_TEST_HV instead of
SOFTEN_NOTEST_HV.
Fixes: f14e953b191f ("powerpc/64s: Add support to take additional parameter in MASKABLE_* macro")
Reported-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Fix-Suggested-by: Michael Ellerman <mpe@ellerman.id.au>
Signed-off-by: Madhavan Srinivasan <maddy@linux.vnet.ibm.com>
Tested-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
When DLPAR removing a CPU, the unmapping of the cpu from a node in
unmap_cpu_from_node() should also invalidate the CPUs entry in the
numa_cpu_lookup_table. There is not a guarantee that on a subsequent
DLPAR add of the CPU the associativity will be the same and thus
could be in a different node. Invalidating the entry in the
numa_cpu_lookup_table causes the associativity to be read from the
device tree at the time of the add.
The current behavior of not invalidating the CPUs entry in the
numa_cpu_lookup_table can result in scenarios where the the topology
layout of CPUs in the partition does not match the device tree
or the topology reported by the HMC.
This bug looks like it was introduced in 2004 in the commit titled
"ppc64: cpu hotplug notifier for numa", which is 6b15e4e87e32 in the
linux-fullhist tree. Hence tag it for all stable releases.
Cc: stable@vger.kernel.org
Signed-off-by: Nathan Fontenot <nfont@linux.vnet.ibm.com>
Reviewed-by: Tyrel Datwyler <tyreld@linux.vnet.ibm.com>
Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
The SHA-512 multibuffer code keeps track of the number of blocks pending
in each lane. The minimum of these values is used to identify the next
lane that will be completed. Unused lanes are set to a large number
(0xFFFFFFFF) so that they don't affect this calculation.
However, it was forgotten to set the lengths to this value in the
initial state, where all lanes are unused. As a result it was possible
for sha512_mb_mgr_get_comp_job_avx2() to select an unused lane, causing
a NULL pointer dereference. Specifically this could happen in the case
where ->update() was passed fewer than SHA512_BLOCK_SIZE bytes of data,
so it then called sha_complete_job() without having actually submitted
any blocks to the multi-buffer code. This hit a NULL pointer
dereference if another task happened to have submitted blocks
concurrently to the same CPU and the flush timer had not yet expired.
Fix this by initializing sha512_mb_mgr->lens correctly.
As usual, this bug was found by syzkaller.
Fixes: 45691e2d9b18 ("crypto: sha512-mb - submit/flush routines for AVX2")
Reported-by: syzbot <syzkaller@googlegroups.com>
Cc: <stable@vger.kernel.org> # v4.8+
Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Commit 0fbc0b67a89d7 ("cris: remove arch specific early DT functions")
was a bit overzealous in removing the CRIS DT handling,
and the complete contents of the Makefile was erased
instead of just the line for the devicetree file.
This lead to a complete link failure for all SoCs in
the CRIS port due to missing symbols.
Restore the contents except the line for the devicetree file.
Signed-off-by: Jesper Nilsson <jesper.nilsson@axis.com>
Fixes: 0fbc0b67a89d7
Commit 82616f9599a7 ("xen: remove tests for pvh mode in pure pv paths")
removed the check for autotranslation from {set,clear}_foreign_p2m_mapping
but those are called by grant-table.c also on PVH/HVM guests.
Cc: <stable@vger.kernel.org> # 4.14
Fixes: 82616f9599a7 ("xen: remove tests for pvh mode in pure pv paths")
Signed-off-by: Simon Gaiser <simon@invisiblethingslab.com>
Reviewed-by: Juergen Gross <jgross@suse.com>
Signed-off-by: Juergen Gross <jgross@suse.com>
* pm-cpufreq:
arm: imx: Add MODULE_ALIAS for cpufreq
cpufreq: Add and use cpufreq_for_each_{valid_,}entry_idx()
cpufreq: intel_pstate: Enable HWP during system resume on CPU0
cpufreq: scpi: fix error return code in scpi_cpufreq_init()
cpufreq: scpi: fix static checker warning cdev isn't an ERR_PTR
cpufreq: remove at32ap-cpufreq
cpufreq: AMD: Ignore the check for ProcFeedback in ST/CZ
cpufreq: Skip cpufreq resume if it's not suspended
* pm-cpuidle:
x86: PM: Make APM idle driver initialize polling state
* pm-domains:
PM / domains: Fix up domain-idle-states OF parsing
The ARCH_WANTS_PROT_NUMA_PROT_NONE symbol was removed by
commit 6a33979d5bd7 ("mm: remove misleading ARCH_USES_NUMA_PROT_NONE"),
but S390 still selects it.
Remove the ARCH_WANTS_PROT_NUMA_PROT_NONE select from the S390 symbol.
Discovered with the
https://github.com/ulfalizer/Kconfiglib/blob/master/examples/list_undefined.py
script.
Signed-off-by: Ulf Magnusson <ulfalizer@gmail.com>
Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
Commit 76d837a4c0f9 ("KVM: PPC: Book3S PR: Don't include SPAPR TCE code
on non-pseries platforms") added a reference to the globally undefined
symbol PPC_SERIES. Looking at the rest of the commit, PPC_PSERIES was
probably intended.
Change PPC_SERIES to PPC_PSERIES.
Discovered with the
https://github.com/ulfalizer/Kconfiglib/blob/master/examples/list_undefined.py
script.
Fixes: 76d837a4c0f9 ("KVM: PPC: Book3S PR: Don't include SPAPR TCE code on non-pseries platforms")
Cc: stable@vger.kernel.org # v4.12+
Signed-off-by: Ulf Magnusson <ulfalizer@gmail.com>
Signed-off-by: Paul Mackerras <paulus@ozlabs.org>
This tag contains the fixes we'd like to target for the 4.16 merge
window. It's not as much as I was originally hoping to do but between
glibc, the chip, and FOSDEM there just wasn't enough time to get
everything put together. As such, this merge window is essentially just
going to be small changes. This includes mostly cleanups:
* A build fix failure to the audit test cases. RISC-V doesn't have
renameat because the generic syscall ABI moved to renameat2 by the
time of our port. The syscall audit test cases don't understand this,
so I added a trivial fix. This went through mailing list review
during the 4.15 merge window, but nobody has picked it up so I think
it's best to just do this here.
* The removal of our command-line argument processing code. The
"mem_end" stuff was broken and the rest duplicated generic device tree
code. The generic code was already being called.
* Some unused/redundant code has been removed, including
__ARCH_HAVE_MMU, current_pgdir, and the initialization of init_mm.pgd.
* SUM is disabled upon taking a trap, which means that user memory is
protected during traps taking inside copy_{to,from}_user().
* The sptbr CSR has been renamed to satp in C code. We haven't changed
the assembly code in order to maintain compatibility with binutils
2.29, which doesn't understand the new name.
Additionally, we're adding some new features:
* Basic ftrace support, thanks to Alan Kao!
* Support for ZONE_DMA32. This is necessary for all the normal reasons,
but also to deal with a deficiency in the Xilinx PCIe controller we're
using on our FPGA-based systems. While the ZONE_DMA32 addition should
be sufficient for most uses, it doesn't complete the fix for the
Xilinx controller.
* TLB shootdowns now only target the harts where they're necessary,
instead of applying to all harts in the system.
These patches have all been sitting on our linux-next branch for a while
now. Due to time constraints this is all I feel comfortable submitting
during the 4.16 merge window, hopefully we'll do better next time!
-----BEGIN PGP SIGNATURE-----
iQJHBAABCAAxFiEEAM520YNJYN/OiG3470yhUCzLq0EFAlp7N2gTHHBhbG1lckBk
YWJiZWx0LmNvbQAKCRDvTKFQLMurQX8kD/4xxw6TuuESmDXxAQPQ+S8J98uKRfAF
9kMMzJJARcW5sT1vo3pKpE8+Ss0Hy2fIcaYsw5Je/Yl7vdAy/Dk7X3/mx7mxf5BP
8m2cSd7DFLLLhntZTbr1Y5fJ6awFLtzI46zn/SzTdTatLWKXNLS5wmPKE33ddq/C
iTi4k/as8E/vuNtuPy1GsOF0gICpZ2xB4YoMwTgWfpxTekBkUktO3EOHmZTwQEEM
U1muB+4WoqusbBt6cP3Q7cUF3b6aMVSevWnywZGkD+yWOGRXTVzMgT7R4YlKEOre
OQypZocYUbRmZQMZACKpgHIcOZpePaSTIQ2zzhXEPVGB0XAHtMRnAaVtwPxwG6c4
EThDCN9ldShutKqT4XilHrh5gf0sy7qG0PIidPhMmXH9LCeTSAU4VdISJP1jkq19
chiMHlf6+/DhikyiH0+lK/MX8vQMt6UJL1SlRKO/c2FxxKAZKnENJ+tuAlkAlwoC
gnvZsE5BUYw1ptRHXR0d5C4m8M2M9LPZfpWYcg+1mRO9EA+kt0XCupL7RsrdFuoa
FCVEhP/JMaiX0JtmAHfVIU0yNGjH3b5xi3FoGk2Aoj/c8O3F5YcwT5C5nO+jpv32
n9vyMR20/721+yA2dFIlq4DnelwdZczOTqrcDYJrLxXzk8OXUFFffbe4kbDCxp34
WniBxwnY9BF25g==
=cNRH
-----END PGP SIGNATURE-----
Merge tag 'riscv-for-linus-4.16-merge_window' of git://git.kernel.org/pub/scm/linux/kernel/git/palmer/riscv-linux
Pull RISC-V updates from Palmer Dabbelt:
"This contains the fixes we'd like to target for the 4.16 merge window.
It's not as much as I was originally hoping to do but between glibc,
the chip, and FOSDEM there just wasn't enough time to get everything
put together. As such, this merge window is essentially just going to
be small changes. This includes mostly cleanups:
- A build fix failure to the audit test cases.
RISC-V doesn't have renameat because the generic syscall ABI moved
to renameat2 by the time of our port. The syscall audit test cases
don't understand this, so I added a trivial fix. This went through
mailing list review during the 4.15 merge window, but nobody has
picked it up so I think it's best to just do this here.
- The removal of our command-line argument processing code. The
"mem_end" stuff was broken and the rest duplicated generic device
tree code. The generic code was already being called.
- Some unused/redundant code has been removed, including
__ARCH_HAVE_MMU, current_pgdir, and the initialization of
init_mm.pgd.
- SUM is disabled upon taking a trap, which means that user memory is
protected during traps taking inside copy_{to,from}_user().
- The sptbr CSR has been renamed to satp in C code. We haven't
changed the assembly code in order to maintain compatibility with
binutils 2.29, which doesn't understand the new name.
Additionally, we're adding some new features:
- Basic ftrace support, thanks to Alan Kao!
- Support for ZONE_DMA32.
This is necessary for all the normal reasons, but also to deal with
a deficiency in the Xilinx PCIe controller we're using on our
FPGA-based systems. While the ZONE_DMA32 addition should be
sufficient for most uses, it doesn't complete the fix for the
Xilinx controller.
- TLB shootdowns now only target the harts where they're necessary,
instead of applying to all harts in the system.
These patches have all been sitting on our linux-next branch for a
while now. Due to time constraints this is all I feel comfortable
submitting during the 4.16 merge window, hopefully we'll do better
next time!"
[ Note to self: "harts" is RISC-V speak for "hardware threads". I had
to look that up. - Linus ]
* tag 'riscv-for-linus-4.16-merge_window' of git://git.kernel.org/pub/scm/linux/kernel/git/palmer/riscv-linux:
riscv: inline set_pgdir into its only caller
riscv: rename sptbr to satp
riscv: don't read back satp in paging_init
riscv: remove the unused current_pgdir function
riscv: add ZONE_DMA32
RISC-V: Limit the scope of TLB shootdowns
riscv: disable SUM in the exception handler
riscv: remove redundant unlikely()
riscv: remove unused __ARCH_HAVE_MMU define
riscv/ftrace: Add basic support
RISC-V: Remove mem_end command line processing
RISC-V: Remove duplicate command-line parsing logic
audit: Avoid build failures on systems without renameat
A couple of MIPS fixes for 4.16-rc1, including an important regression
in 4.15 and a rather more longstanding corner case build fix.
- Fix CPS regression on older binutils due to MIPS_ISA_LEVEL_RAW fix
(4.15)
- Fix allmodconfig + CONFIG_MACH_TX49XX=y builds due to incorrect use of
IS_ENABLED() (2.6.28)
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEd80NauSabkiESfLYbAtpk944dnoFAlp6/k8ACgkQbAtpk944
dnoIjxAAqvovuVTJfTVn2MwDwIagfOOZo2PASvWrt5YRnPyCapFZEgPsDh0Qv8ca
dLugAMbz3uTk0xy+xzoKtbUowFJK65G15xn7a+UyHKFrEGflHd6lgb7SvGTNMWqJ
ru7xo/Plk8zdrF6NCjAh1a3vSn1aYEIBjb4pjai9TH8cNXFfPjlOvcxKUj7MqRZQ
/IyDAfWa87NAh8amJKoiCHfQk3u/awu0jn3Vcrjog6kLKDH0sxd09EPIcBkznUl+
CCO8vlvBvbsaMOV1Dwl6qxFFMQ3/OL+QEe3HrrDM/DURzwWGWnWktC6O9WXqgq8c
IJ3t84jMX/BoGqybS8rX9Uy+Qr7ieV7lNgSbd3QQYqA8PLPLrp1xqsAcUlXJm4pj
KVIpJ2bAtJF54y0o4x6KbtiVsjHIoVm9k1ftnGNfcS6HjbCWQgAoccj2HZfIdYaN
/9pnqU5HYRIOrOp165LgdGOUUotA9JWigco45/ywWrtztAITIh8hFR4IiIXqfl6L
xbfl8dsjQTuGBIjtwNI8PjKbeD8Dhz2/bEEj+2YmwtTI/l/iIXepTNszWZaE6G03
f0PfA9XVyej8BFPk/SQQy3rw1nvjWE+aFeKkwEZCwBQea9Nlhyrj/CvBFIagj9rQ
R6AV4Fn67SyACri8hy90KG+dyfALtppn+2rWLBEWQPcahg9FWds=
=jeJr
-----END PGP SIGNATURE-----
Merge tag 'mips_fixes_4.16_1' of git://git.kernel.org/pub/scm/linux/kernel/git/jhogan/mips
Pull MIPS fixes from James Hogan:
"A couple of MIPS fixes for 4.16-rc1, including an important regression
in 4.15 and a rather more longstanding corner case build fix.
These are separate from the main pull request as one of the bugs fixed
was only recently introduced in v4.15-rc8.
- Fix CPS regression on older binutils due to MIPS_ISA_LEVEL_RAW fix
(4.15)
- Fix allmodconfig + CONFIG_MACH_TX49XX=y builds due to incorrect use
of IS_ENABLED() (2.6.28)"
* tag 'mips_fixes_4.16_1' of git://git.kernel.org/pub/scm/linux/kernel/git/jhogan/mips:
MIPS: TXx9: use IS_BUILTIN() for CONFIG_LEDS_CLASS
MIPS: CPS: Fix MIPS_ISA_LEVEL_RAW fallout
These are the main MIPS changes for 4.16. Rough overview:
- Basic support for the Ingenic JZ4770 based GCW Zero open-source
handheld video game console
- Support for the Ranchu board (used by Android emulator)
- Various cleanups and misc improvements
Fixes:
- Fix generic platform's USB_*HCI_BIG_ENDIAN selects (4.9)
- Fix vmlinuz default build when ZBOOT selected
- Fix clean up of vmlinuz targets
- Fix command line duplication (in preparation for Ingenic JZ4770)
Miscellaneous:
- Allow Processor ID reads to be to be optimised away by the compiler
(improves performance when running in guest)
- Push ARCH_MIGHT_HAVE_PC_SERIO/PARPORT down to platform level to
disable on generic platform with Ranchu board support
- Add helpers for assembler macro instructions for older assemblers
- Use assembler macro instructions to support VZ, XPA & MSA operations
on older assemblers, removing C wrapper duplication
- Various improvements to VZ & XPA assembly wrappers
- Add drivers/platform/mips/ to MIPS MAINTAINERS entry
Minor cleanups:
- Misc FPU emulation cleanups (removal of unnecessary include, moving
macros to common header, checkpatch and sparse fixes)
- Remove duplicate assignment of core in play_dead()
- Remove duplication in watchpoint handling
- Remove mips_dma_mapping_error() stub
- Use NULL instead of 0 in prepare_ftrace_return()
- Use proper kernel-doc Return keyword for
__compute_return_epc_for_insn()
- Remove duplicate semicolon in csum_fold()
Platform support:
Broadcom:
- Enable ZBOOT on BCM47xx
Generic platform:
- Add Ranchu board support, used by Android emulator
- Fix machine compatible string matching for Ranchu
- Support GIC in EIC mode
Ingenic platforms:
- Add DT, defconfig and other support for JZ4770 SoC and GCW Zero
- Support dynamnic machine types (i.e. JZ4740 / JZ4770 / JZ4780)
- Add Ingenic JZ4770 CGU clocks
- General Ingenic clk changes to prepare for JZ4770 SoC support
- Use common command line handling code
- Add DT vendor prefix to GCW (Game Consoles Worldwide)
Loongson:
- Add MAINTAINERS entry for Loongson2 and Loongson3 platforms
- Drop 32-bit support for Loongson 2E/2F devices
- Fix build failures due to multiple use of "MEM_RESERVED"
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEd80NauSabkiESfLYbAtpk944dnoFAlp64ZUACgkQbAtpk944
dnrXrg//UPWeZMye/uHw0eEeJJjybyA0IWpJ6M94gbHxpduhQsjYU3CR9U4ZBmhs
feY53dahh0RCR0k28EF8DEPkoUbGFKmyYCnvqAuatq1XOjAZtlgS9+VVzbK+Iswm
XkZD1MBoZ49o0meyjQrH/2Ri/t6tHuzo0G2WtRJ8FnVruN9ymG6D5pR4Y31gDucb
6JkTXjNfRJIKd0qJgP+c3HdlKE7jlnCTJnzHdA+5FbZVwKbm2/6KxbQo5Gc1BXJX
4j7I4nJ0FIz0cB6fHbcccFSW9w3lPa9bQ4XpYPJYE6a36QldFvMWHRxvI6rxrACN
5mPqIB9uqvtW8sdUbJtNRXFlNnm8XZzvsNqP6WxGQPW70+q2camni9W/gC1ifQsF
+uVV54yj3Ky8xQNbbpfbDp/tFXRuLtj3DV4/a3dwA5J0YGEuMn1zzV5WTTzymFVn
3NKl62LDUlzBNw0d1lUPMY6P1oKcNnRhLxBq0cxaB7AdOLF0jlCQ/wYUhXPpblj6
CQB4cupR4IMvL7FZ1RS98e1RHaF8mXpaZBnGXT251DxZEre9OXCJxDdzqemedTVi
SaCcvQqApCQD8OihL+wHZLew8Vp4EvwGAa++Evu/Ot4rWjY/9MGLtewYk8jkOEf6
qk30dDn86ou29HNwpzfWadIq5Zew+QftifGOzTcuzgrJXXt+jH8=
=7iwT
-----END PGP SIGNATURE-----
Merge tag 'mips_4.16' of git://git.kernel.org/pub/scm/linux/kernel/git/jhogan/mips
Pull MIPS updates from James Hogan:
"These are the main MIPS changes for 4.16.
Rough overview:
(1) Basic support for the Ingenic JZ4770 based GCW Zero open-source
handheld video game console
(2) Support for the Ranchu board (used by Android emulator)
(3) Various cleanups and misc improvements
More detailed summary:
Fixes:
- Fix generic platform's USB_*HCI_BIG_ENDIAN selects (4.9)
- Fix vmlinuz default build when ZBOOT selected
- Fix clean up of vmlinuz targets
- Fix command line duplication (in preparation for Ingenic JZ4770)
Miscellaneous:
- Allow Processor ID reads to be to be optimised away by the compiler
(improves performance when running in guest)
- Push ARCH_MIGHT_HAVE_PC_SERIO/PARPORT down to platform level to
disable on generic platform with Ranchu board support
- Add helpers for assembler macro instructions for older assemblers
- Use assembler macro instructions to support VZ, XPA & MSA
operations on older assemblers, removing C wrapper duplication
- Various improvements to VZ & XPA assembly wrappers
- Add drivers/platform/mips/ to MIPS MAINTAINERS entry
Minor cleanups:
- Misc FPU emulation cleanups (removal of unnecessary include, moving
macros to common header, checkpatch and sparse fixes)
- Remove duplicate assignment of core in play_dead()
- Remove duplication in watchpoint handling
- Remove mips_dma_mapping_error() stub
- Use NULL instead of 0 in prepare_ftrace_return()
- Use proper kernel-doc Return keyword for
__compute_return_epc_for_insn()
- Remove duplicate semicolon in csum_fold()
Platform support:
Broadcom:
- Enable ZBOOT on BCM47xx
Generic platform:
- Add Ranchu board support, used by Android emulator
- Fix machine compatible string matching for Ranchu
- Support GIC in EIC mode
Ingenic platforms:
- Add DT, defconfig and other support for JZ4770 SoC and GCW Zero
- Support dynamnic machine types (i.e. JZ4740 / JZ4770 / JZ4780)
- Add Ingenic JZ4770 CGU clocks
- General Ingenic clk changes to prepare for JZ4770 SoC support
- Use common command line handling code
- Add DT vendor prefix to GCW (Game Consoles Worldwide)
Loongson:
- Add MAINTAINERS entry for Loongson2 and Loongson3 platforms
- Drop 32-bit support for Loongson 2E/2F devices
- Fix build failures due to multiple use of 'MEM_RESERVED'"
* tag 'mips_4.16' of git://git.kernel.org/pub/scm/linux/kernel/git/jhogan/mips: (53 commits)
MIPS: Malta: Sanitize mouse and keyboard configuration.
MIPS: Update defconfigs after previous patch.
MIPS: Push ARCH_MIGHT_HAVE_PC_SERIO down to platform level
MIPS: Push ARCH_MIGHT_HAVE_PC_PARPORT down to platform level
MIPS: SMP-CPS: Remove duplicate assignment of core in play_dead
MIPS: Generic: Support GIC in EIC mode
MIPS: generic: Fix Makefile alignment
MIPS: generic: Fix ranchu_of_match[] termination
MIPS: generic: Fix machine compatible matching
MIPS: Loongson fix name confict - MEM_RESERVED
MIPS: bcm47xx: enable ZBOOT support
MIPS: Fix trailing semicolon
MIPS: Watch: Avoid duplication of bits in mips_read_watch_registers
MIPS: Watch: Avoid duplication of bits in mips_install_watch_registers.
MIPS: MSA: Update helpers to use new asm macros
MIPS: XPA: Standardise readx/writex accessors
MIPS: XPA: Allow use of $0 (zero) to MTHC0
MIPS: XPA: Use XPA instructions in assembly
MIPS: VZ: Pass GC0 register names in $n format
MIPS: VZ: Update helpers to use new asm macros
...
Add CONFIG_EXPOLINE to enable the use of the new -mindirect-branch= and
-mfunction_return= compiler options to create a kernel fortified against
the specte v2 attack.
With CONFIG_EXPOLINE=y all indirect branches will be issued with an
execute type instruction. For z10 or newer the EXRL instruction will
be used, for older machines the EX instruction. The typical indirect
call
basr %r14,%r1
is replaced with a PC relative call to a new thunk
brasl %r14,__s390x_indirect_jump_r1
The thunk contains the EXRL/EX instruction to the indirect branch
__s390x_indirect_jump_r1:
exrl 0,0f
j .
0: br %r1
The detour via the execute type instruction has a performance impact.
To get rid of the detour the new kernel parameter "nospectre_v2" and
"spectre_v2=[on,off,auto]" can be used. If the parameter is specified
the kernel and module code will be patched at runtime.
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
The declaration for swsusp_arch_resume() marks it as 'asmlinkage',
but the definition in x86-32 does not, and it fails to include
the header with the declaration. This leads to a warning when
building with link-time-optimizations:
kernel/power/power.h:108:23: error: type of 'swsusp_arch_resume' does not match original declaration [-Werror=lto-type-mismatch]
extern asmlinkage int swsusp_arch_resume(void);
^
arch/x86/power/hibernate_32.c:148:0: note: 'swsusp_arch_resume' was previously declared here
int swsusp_arch_resume(void)
This moves the declaration into a globally visible header file
and fixes up both x86 definitions to match it.
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Signed-off-by: Rafael J. Wysocki <rafael.j.wysocki@intel.com>
SPCR is currently only enabled or ARM64 and x86 can use SPCR to setup
an early console.
General fixes include updating Documentation & Kconfig (for x86),
updating comments, and changing parse_spcr() to acpi_parse_spcr(),
and earlycon_init_is_deferred to earlycon_acpi_spcr_enable to be
more descriptive.
On x86, many systems have a valid SPCR table but the table version is
not 2 so the table version check must be a warning.
On ARM64 when the kernel parameter earlycon is used both the early console
and console are enabled. On x86, only the earlycon should be enabled by
by default. Modify acpi_parse_spcr() to allow options for initializing
the early console and console separately.
Signed-off-by: Prarit Bhargava <prarit@redhat.com>
Acked-by: Ingo Molnar <mingo@kernel.org>
Reviewed-by: Mark Salter <msalter@redhat.com>
Tested-by: Mark Salter <msalter@redhat.com>
Signed-off-by: Rafael J. Wysocki <rafael.j.wysocki@intel.com>
Pull scheduler updates from Ingo Molnar:
- membarrier updates (Mathieu Desnoyers)
- SMP balancing optimizations (Mel Gorman)
- stats update optimizations (Peter Zijlstra)
- RT scheduler race fixes (Steven Rostedt)
- misc fixes and updates
* 'sched-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
sched/fair: Use a recently used CPU as an idle candidate and the basis for SIS
sched/fair: Do not migrate if the prev_cpu is idle
sched/fair: Restructure wake_affine*() to return a CPU id
sched/fair: Remove unnecessary parameters from wake_affine_idle()
sched/rt: Make update_curr_rt() more accurate
sched/rt: Up the root domain ref count when passing it around via IPIs
sched/rt: Use container_of() to get root domain in rto_push_irq_work_func()
sched/core: Optimize update_stats_*()
sched/core: Optimize ttwu_stat()
membarrier/selftest: Test private expedited sync core command
membarrier/arm64: Provide core serializing command
membarrier/x86: Provide core serializing command
membarrier: Provide core serializing command, *_SYNC_CORE
lockin/x86: Implement sync_core_before_usermode()
locking: Introduce sync_core_before_usermode()
membarrier/selftest: Test global expedited command
membarrier: Provide GLOBAL_EXPEDITED command
membarrier: Document scheduler barrier requirements
powerpc, membarrier: Skip memory barrier in switch_mm()
membarrier/selftest: Test private expedited command
Some data were printed into a sequence by two separate function calls.
Print the same data by a single function call instead.
This issue was detected by using the Coccinelle software.
Link: http://lkml.kernel.org/r/ddcfff3a-9502-6ce0-b08a-365eb55ce958@users.sourceforge.net
Signed-off-by: Markus Elfring <elfring@users.sourceforge.net>
Cc: Chen Liqin <liqin.linux@gmail.com>
Cc: Lennox Wu <lennox.wu@gmail.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
There are several functions that do find_task_by_vpid() followed by
get_task_struct(). We can use a helper function instead.
Link: http://lkml.kernel.org/r/1509602027-11337-1-git-send-email-rppt@linux.vnet.ibm.com
Signed-off-by: Mike Rapoport <rppt@linux.vnet.ibm.com>
Acked-by: Oleg Nesterov <oleg@redhat.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
with bitmap_{from,to}_arr32 over the kernel. Additionally to it:
* __check_eq_bitmap() now takes single nbits argument.
* __check_eq_u32_array is not used in new test but may be used in
future. So I don't remove it here, but annotate as __used.
Tested on arm64 and 32-bit BE mips.
[arnd@arndb.de: perf: arm_dsu_pmu: convert to bitmap_from_arr32]
Link: http://lkml.kernel.org/r/20180201172508.5739-2-ynorov@caviumnetworks.com
[ynorov@caviumnetworks.com: fix net/core/ethtool.c]
Link: http://lkml.kernel.org/r/20180205071747.4ekxtsbgxkj5b2fz@yury-thinkpad
Link: http://lkml.kernel.org/r/20171228150019.27953-2-ynorov@caviumnetworks.com
Signed-off-by: Yury Norov <ynorov@caviumnetworks.com>
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Cc: Ben Hutchings <ben@decadent.org.uk>
Cc: David Decotigny <decot@googlers.com>,
Cc: David S. Miller <davem@davemloft.net>,
Cc: Geert Uytterhoeven <geert@linux-m68k.org>
Cc: Matthew Wilcox <mawilcox@microsoft.com>
Cc: Rasmus Villemoes <linux@rasmusvillemoes.dk>
Cc: Heiner Kallweit <hkallweit1@gmail.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Nearly all modern compilers support a stack-protector option, and nearly
all modern distributions enable the kernel stack-protector, so enabling
this by default in kernel builds would make sense. However, Kconfig does
not have knowledge of available compiler features, so it isn't safe to
force on, as this would unconditionally break builds for the compilers or
architectures that don't have support. Instead, this introduces a new
option, CONFIG_CC_STACKPROTECTOR_AUTO, which attempts to discover the best
possible stack-protector available, and will allow builds to proceed even
if the compiler doesn't support any stack-protector.
This option is made the default so that kernels built with modern
compilers will be protected-by-default against stack buffer overflows,
avoiding things like the recent BlueBorne attack. Selection of a specific
stack-protector option remains available, including disabling it.
Additionally, tiny.config is adjusted to use CC_STACKPROTECTOR_NONE, since
that's the option with the least code size (and it used to be the default,
so we have to explicitly choose it there now).
Link: http://lkml.kernel.org/r/1510076320-69931-4-git-send-email-keescook@chromium.org
Signed-off-by: Kees Cook <keescook@chromium.org>
Tested-by: Laura Abbott <labbott@redhat.com>
Cc: Masahiro Yamada <yamada.masahiro@socionext.com>
Cc: Arnd Bergmann <arnd@arndb.de>
Cc: Josh Triplett <josh@joshtriplett.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Various portions of the kernel, especially per-architecture pieces,
need to know if the compiler is building with the stack protector.
This was done in the arch/Kconfig with 'select', but this doesn't
allow a way to do auto-detected compiler support. In preparation for
creating an on-if-available default, move the logic for the definition of
CONFIG_CC_STACKPROTECTOR into the Makefile.
Link: http://lkml.kernel.org/r/1510076320-69931-3-git-send-email-keescook@chromium.org
Signed-off-by: Kees Cook <keescook@chromium.org>
Tested-by: Laura Abbott <labbott@redhat.com>
Cc: Masahiro Yamada <yamada.masahiro@socionext.com>
Cc: Arnd Bergmann <arnd@arndb.de>
Cc: Josh Triplett <josh@joshtriplett.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Right now the fact that KASAN uses a single shadow byte for 8 bytes of
memory is scattered all over the code.
This change defines KASAN_SHADOW_SCALE_SHIFT early in asm include files
and makes use of this constant where necessary.
[akpm@linux-foundation.org: coding-style fixes]
Link: http://lkml.kernel.org/r/34937ca3b90736eaad91b568edf5684091f662e3.1515775666.git.andreyknvl@google.com
Signed-off-by: Andrey Konovalov <andreyknvl@google.com>
Acked-by: Andrey Ryabinin <aryabinin@virtuozzo.com>
Cc: Dmitry Vyukov <dvyukov@google.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
New model support added for Dell, Ideapad, Acer, Asus, Thinkpad, and GPD
laptops. Improvements to the common intel-vbtn driver, including tablet
mode, rotate, and front button support. Intel CPU support added for
Cannonlake and platform support for Dollar Cove power button.
Overhaul of the mellanox platform driver, creating a new
platform/mellanox directory for the newly multi-architecture regmap
interface.
Significant Intel PMC update with CannonLake support, Coffeelake update,
CPUID enumeration, module support, new read64 API, refactoring and
cleanups.
Revert the apple-gmux iGP IO lock, addressing reported issues with
non-binary drivers, leaving Nvidia binary driver users to comment out
conflicting code.
Miscellaneous fixes and cleanups.
Previously merged during the 4.15-rc cycle:
- e20a8e771d platform/x86: dell-laptop: Fix keyboard max lighting for Dell Latitude E6410
- 9cd5cf3710 platform/x86: asus-wireless: send an EV_SYN/SYN_REPORT between state changes
- 91c73e8092 platform/x86: dell-wmi: check for kmalloc() errors
- 9a1a625918 platform/x86: wmi: Call acpi_wmi_init() later
The following is an automated git shortlog grouped by driver:
ACPI / LPIT:
- Export lpit_read_residency_count_address()
Input:
- add KEY_ROTATE_LOCK_TOGGLE
MAINTAINERS:
- Update tree for platform-drivers-x86
x86/cpu:
- Add Cannonlake to Intel family
acer-wireless:
- Add Acer Wireless Radio Control driver
intel_chtdc_ti_pwrbtn:
- Add support for Dollar Cove TI power button
GPD pocket fan:
- Add driver for GPD pocket custom fan controller
- Stop work on suspend
- Use a min-speed of 2 while charging
- Set speed to max on get_temp failure
apple-gmux:
- Revert: lock iGP IO to protect from vgaarb changes
alienware-wmi:
- lightbar LED support for Dell Inspiron 5675
asus-nb-wmi:
- Support ALS on the Zenbook UX430UQ
dell-laptop:
- Allocate buffer on heap rather than globally
- Add 2-in-1 devices to the DMI whitelist
- Filter out spurious keyboard backlight change events
- make some local functions static
- Use bool in struct quirk_entry for true/false fields
dell-smbios:
- Correct notation for filtering
dell-wmi:
- Add an event created by Dell Latitude 5495
Kconfig
- have ACPI_CMPC use depends instead of select for INPUT
ideapad-laptop:
- Add Y720-15IKB to no_hw_rfkill
- add lenovo RESCUER R720-15IKBN to no_hw_rfkill_list
- Use __func__ instead of write_ec_cmd in pr_err
- Remove unnecessary else
intel-hid:
- add a DMI quirk to support Wacom MobileStudio Pro
intel-vbtn:
- Replace License by SDPX identifier
- Remove redundant inclusions
- Support tablet mode switch
- Simplify autorelease logic
- support panel front button
- support KEY_ROTATE_LOCK_TOGGLE
- Support separate press/release events
- support SW_TABLET_MODE
intel_int0002_vgpio:
- Remove IRQF_NO_THREAD irq flag
intel_pmc_core:
- Special case for Coffeelake
- Add CannonLake PCH support
- Read base address from LPIT
- Remove unused header file
- Convert to ICPU macro
- Substitute PCI with CPUID enumeration
- Refactor debugfs entries
- Update Kconfig
- Fix file permission warnings
- Change driver to a module
- Fix kernel doc for pmc_dev
- Remove unused variable
- Remove unused EXPORTED API
intel_pmc_ipc:
- Add read64 API
intel_telemetry:
- Remove redundancies
- Improve S0ix logs
- Fix suspend stats
mlx-platform:
- Fix an ERR_PTR vs NULL issue
- Add hotplug device unregister to error path
- fix module aliases
- Add IO access verification callbacks
- Document pdev_hotplug field
- Allow compilation for 32 bit arch
platform/mellanox:
- mlxreg-hotplug: Add check for negative adapter number
- mlxreg-hotplug: Enable building for ARM
- mlxreg-hotplug: Modify to use a regmap interface
- Group create/destroy with attribute functions
- Rename i2c bus to nr
- mlxreg-hotplug: Remove unused wait.h include
- Move Mellanox platform hotplug driver to platform/mellanox
pmc_atom:
- introduce DEFINE_SHOW_ATTRIBUTE() macro
samsung-laptop:
- Grammar s/are can/can/
silead_dmi:
- Add Teclast X3 Plus tablet support
- Add entry for newer BIOS for Trekstor Surftab 7.0
- Add entry for the Teclast X98 Plus II
- Add entry for the Trekstor Primebook C13
- Add entry for the Chuwi Vi8 tablet
- add entry for Chuwi Hi8 tablet
- Add support for the Onda oBook 20 Plus tablet
- Add touchscreen info for SurfTab twin 10.1
thinkpad_acpi:
- suppress warning about palm detection
- Accept flat mode for type 4 multi mode status
-----BEGIN PGP SIGNATURE-----
iQEcBAABAgAGBQJaegMmAAoJEKbMaAwKp364TvUH/3D9qNtsbXpZuc3ZMNHjIysU
hdW6hOVfBN0Rk049mjw7nWv/udhWZ/6ChJDlXHX0ZugtNGnRnzbdtWGg4y38pDF1
LRuKjWfDeyMeJ11itD2xcxEaE6YsseWCKGZJ5D3T+sN4+1jgS4RLAa9cUJMl8QAo
xZsT1MKpmGuj5eTLf5GgOVL2yfMZhZHabt3kGRY0eQqNqZBgpJw/GQNI1l6v4nAH
MHPA7Gtj4HXHK8jGviZXpD9tg/iwahiUjGugG4HcxbMcpJ96a8CGyeaXmq2FlfNC
/PpmVvhVVqzLuXKWAI+DZFLAiwIvPpxzVfOKF2Lty5Rejxf7pdmHq7aCNcALys0=
=cKm9
-----END PGP SIGNATURE-----
Merge tag 'platform-drivers-x86-v4.16-1' of git://git.infradead.org/linux-platform-drivers-x86
Pull x86 platform-driver updates from Darren Hart:
"New model support added for Dell, Ideapad, Acer, Asus, Thinkpad, and
GPD laptops. Improvements to the common intel-vbtn driver, including
tablet mode, rotate, and front button support. Intel CPU support added
for Cannonlake and platform support for Dollar Cove power button.
Overhaul of the mellanox platform driver, creating a new
platform/mellanox directory for the newly multi-architecture regmap
interface.
Significant Intel PMC update with CannonLake support, Coffeelake
update, CPUID enumeration, module support, new read64 API, refactoring
and cleanups.
Revert the apple-gmux iGP IO lock, addressing reported issues with
non-binary drivers, leaving Nvidia binary driver users to comment out
conflicting code.
Miscellaneous fixes and cleanups"
* tag 'platform-drivers-x86-v4.16-1' of git://git.infradead.org/linux-platform-drivers-x86: (81 commits)
platform/x86: mlx-platform: Fix an ERR_PTR vs NULL issue
platform/x86: intel_pmc_core: Special case for Coffeelake
platform/x86: intel_pmc_core: Add CannonLake PCH support
x86/cpu: Add Cannonlake to Intel family
platform/x86: intel_pmc_core: Read base address from LPIT
ACPI / LPIT: Export lpit_read_residency_count_address()
platform/x86: intel-vbtn: Replace License by SDPX identifier
platform/x86: intel-vbtn: Remove redundant inclusions
platform/x86: intel-vbtn: Support tablet mode switch
platform/x86: dell-laptop: Allocate buffer on heap rather than globally
platform/x86: intel_pmc_core: Remove unused header file
platform/x86: mlx-platform: Add hotplug device unregister to error path
platform/x86: mlx-platform: fix module aliases
platform/mellanox: mlxreg-hotplug: Add check for negative adapter number
platform/x86: mlx-platform: Add IO access verification callbacks
platform/x86: mlx-platform: Document pdev_hotplug field
platform/x86: mlx-platform: Allow compilation for 32 bit arch
platform/mellanox: mlxreg-hotplug: Enable building for ARM
platform/mellanox: mlxreg-hotplug: Modify to use a regmap interface
platform/mellanox: Group create/destroy with attribute functions
...
Now that we've standardised on SMCCC v1.1 to perform the branch
prediction invalidation, let's drop the previous band-aid.
If vendors haven't updated their firmware to do SMCCC 1.1, they
haven't updated PSCI either, so we don't loose anything.
Tested-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Signed-off-by: Marc Zyngier <marc.zyngier@arm.com>
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
Add the detection and runtime code for ARM_SMCCC_ARCH_WORKAROUND_1.
It is lovely. Really.
Tested-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Signed-off-by: Marc Zyngier <marc.zyngier@arm.com>
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
We want SMCCC_ARCH_WORKAROUND_1 to be fast. As fast as possible.
So let's intercept it as early as we can by testing for the
function call number as soon as we've identified a HVC call
coming from the guest.
Tested-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Christoffer Dall <christoffer.dall@linaro.org>
Signed-off-by: Marc Zyngier <marc.zyngier@arm.com>
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
A new feature of SMCCC 1.1 is that it offers firmware-based CPU
workarounds. In particular, SMCCC_ARCH_WORKAROUND_1 provides
BP hardening for CVE-2017-5715.
If the host has some mitigation for this issue, report that
we deal with it using SMCCC_ARCH_WORKAROUND_1, as we apply the
host workaround on every guest exit.
Tested-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Christoffer Dall <christoffer.dall@linaro.org>
Signed-off-by: Marc Zyngier <marc.zyngier@arm.com>
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
We're about to need kvm_psci_version in HYP too. So let's turn it
into a static inline, and pass the kvm structure as a second
parameter (so that HYP can do a kern_hyp_va on it).
Tested-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Christoffer Dall <christoffer.dall@linaro.org>
Signed-off-by: Marc Zyngier <marc.zyngier@arm.com>
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
The new SMC Calling Convention (v1.1) allows for a reduced overhead
when calling into the firmware, and provides a new feature discovery
mechanism.
Make it visible to KVM guests.
Tested-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Christoffer Dall <christoffer.dall@linaro.org>
Signed-off-by: Marc Zyngier <marc.zyngier@arm.com>
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
As we're about to update the PSCI support, and because I'm lazy,
let's move the PSCI include file to include/kvm so that both
ARM architectures can find it.
Acked-by: Christoffer Dall <christoffer.dall@linaro.org>
Tested-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Signed-off-by: Marc Zyngier <marc.zyngier@arm.com>
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
When handling an SMC trap, the "preferred return address" is set
to that of the SMC, and not the next PC (which is a departure from
the behaviour of an SMC that isn't trapped).
Increment PC in the handler, as the guest is otherwise forever
stuck...
Cc: stable@vger.kernel.org
Fixes: acfb3b883f6d ("arm64: KVM: Fix SMCCC handling of unimplemented SMC/HVC calls")
Reviewed-by: Christoffer Dall <christoffer.dall@linaro.org>
Tested-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Signed-off-by: Marc Zyngier <marc.zyngier@arm.com>
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
KVM doesn't follow the SMCCC when it comes to unimplemented calls,
and inject an UNDEF instead of returning an error. Since firmware
calls are now used for security mitigation, they are becoming more
common, and the undef is counter productive.
Instead, let's follow the SMCCC which states that -1 must be returned
to the caller when getting an unknown function number.
Cc: <stable@vger.kernel.org>
Tested-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Signed-off-by: Marc Zyngier <marc.zyngier@arm.com>
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
KVM doesn't follow the SMCCC when it comes to unimplemented calls,
and inject an UNDEF instead of returning an error. Since firmware
calls are now used for security mitigation, they are becoming more
common, and the undef is counter productive.
Instead, let's follow the SMCCC which states that -1 must be returned
to the caller when getting an unknown function number.
Signed-off-by: Marc Zyngier <marc.zyngier@arm.com>
Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org>
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
It is possible to take an IRQ from EL0 following a branch to a kernel
address in such a way that the IRQ is prioritised over the instruction
abort. Whilst an attacker would need to get the stars to align here,
it might be sufficient with enough calibration so perform BP hardening
in the rare case that we see a kernel address in the ELR when handling
an IRQ from EL0.
Reported-by: Dan Hettena <dhettena@nvidia.com>
Reviewed-by: Marc Zyngier <marc.zyngier@arm.com>
Signed-off-by: Will Deacon <will.deacon@arm.com>
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
Software-step and PC alignment fault exceptions have higher priority than
instruction abort exceptions, so apply the BP hardening hooks there too
if the user PC appears to reside in kernel space.
Reported-by: Dan Hettena <dhettena@nvidia.com>
Reviewed-by: Marc Zyngier <marc.zyngier@arm.com>
Signed-off-by: Will Deacon <will.deacon@arm.com>
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
The arm64 futex code has some explicit dereferencing of user pointers
where performing atomic operations in response to a futex command. This
patch uses masking to limit any speculative futex operations to within
the user address space.
Signed-off-by: Will Deacon <will.deacon@arm.com>
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
Like we've done for get_user and put_user, ensure that user pointers
are masked before invoking the underlying __arch_{clear,copy_*}_user
operations.
Signed-off-by: Will Deacon <will.deacon@arm.com>
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
access_ok isn't an expensive operation once the addr_limit for the current
thread has been loaded into the cache. Given that the initial access_ok
check preceding a sequence of __{get,put}_user operations will take
the brunt of the miss, we can make the __* variants identical to the
full-fat versions, which brings with it the benefits of address masking.
The likely cost in these sequences will be from toggling PAN/UAO, which
we can address later by implementing the *_unsafe versions.
Reviewed-by: Robin Murphy <robin.murphy@arm.com>
Signed-off-by: Will Deacon <will.deacon@arm.com>
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
A mispredicted conditional call to set_fs could result in the wrong
addr_limit being forwarded under speculation to a subsequent access_ok
check, potentially forming part of a spectre-v1 attack using uaccess
routines.
This patch prevents this forwarding from taking place, but putting heavy
barriers in set_fs after writing the addr_limit.
Reviewed-by: Mark Rutland <mark.rutland@arm.com>
Signed-off-by: Will Deacon <will.deacon@arm.com>
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
In a similar manner to array_index_mask_nospec, this patch introduces an
assembly macro (mask_nospec64) which can be used to bound a value under
speculation. This macro is then used to ensure that the indirect branch
through the syscall table is bounded under speculation, with out-of-range
addresses speculating as calls to sys_io_setup (0).
Reviewed-by: Mark Rutland <mark.rutland@arm.com>
Signed-off-by: Will Deacon <will.deacon@arm.com>
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
Similarly to x86, mitigate speculation past an access_ok() check by
masking the pointer against the address limit before use.
Even if we don't expect speculative writes per se, it is plausible that
a CPU may still speculate at least as far as fetching a cache line for
writing, hence we also harden put_user() and clear_user() for peace of
mind.
Signed-off-by: Robin Murphy <robin.murphy@arm.com>
Signed-off-by: Will Deacon <will.deacon@arm.com>
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
