- Linux-stable-mirror - lists.linaro.org

[Linux-stable-mirror] [PATCH v2 2/2] libnvdimm, btt: Fix an incompatibility in the log layout

by Vishal Verma

Due to a spec misinterpretation, the Linux implementation of the BTT log area had different padding scheme from other implementations, such as UEFI and NVML. This fixes the padding scheme, and defaults to it for new BTT layouts. We attempt to detect the padding scheme in use when probing for an existing BTT. If we detect the older/incompatible scheme, we continue using it. Reported-by: Juston Li <juston.li(a)intel.com> Cc: Dan Williams <dan.j.williams(a)intel.com> Cc: <stable(a)vger.kernel.org> Fixes: 5212e11fde4d ("nd_btt: atomic sector updates") Signed-off-by: Vishal Verma <vishal.l.verma(a)intel.com> --- drivers/nvdimm/btt.c | 201 ++++++++++++++++++++++++++++++++++++++++++--------- drivers/nvdimm/btt.h | 45 +++++++++++- 2 files changed, 211 insertions(+), 35 deletions(-) diff --git a/drivers/nvdimm/btt.c b/drivers/nvdimm/btt.c index e949e3302af4..c586bcdb5190 100644 --- a/drivers/nvdimm/btt.c +++ b/drivers/nvdimm/btt.c @@ -211,12 +211,12 @@ static int btt_map_read(struct arena_info *arena, u32 lba, u32 *mapping, return ret; } -static int btt_log_read_pair(struct arena_info *arena, u32 lane, - struct log_entry *ent) +static int btt_log_group_read(struct arena_info *arena, u32 lane, + struct log_group *log) { return arena_read_bytes(arena, - arena->logoff + (2 * lane * LOG_ENT_SIZE), ent, - 2 * LOG_ENT_SIZE, 0); + arena->logoff + (lane * LOG_GRP_SIZE), log, + LOG_GRP_SIZE, 0); } static struct dentry *debugfs_root; @@ -256,6 +256,8 @@ static void arena_debugfs_init(struct arena_info *a, struct dentry *parent, debugfs_create_x64("logoff", S_IRUGO, d, &a->logoff); debugfs_create_x64("info2off", S_IRUGO, d, &a->info2off); debugfs_create_x32("flags", S_IRUGO, d, &a->flags); + debugfs_create_u32("log_index_0", S_IRUGO, d, &a->log_index[0]); + debugfs_create_u32("log_index_1", S_IRUGO, d, &a->log_index[1]); } static void btt_debugfs_init(struct btt *btt) @@ -274,6 +276,11 @@ static void btt_debugfs_init(struct btt *btt) } } +static u32 log_seq(struct log_group *log, int log_idx) +{ + return le32_to_cpu(log->ent[log_idx].seq); +} + /* * This function accepts two log entries, and uses the * sequence number to find the 'older' entry. @@ -283,8 +290,10 @@ static void btt_debugfs_init(struct btt *btt) * * TODO The logic feels a bit kludge-y. make it better.. */ -static int btt_log_get_old(struct log_entry *ent) +static int btt_log_get_old(struct arena_info *a, struct log_group *log) { + int idx0 = a->log_index[0]; + int idx1 = a->log_index[1]; int old; /* @@ -292,23 +301,23 @@ static int btt_log_get_old(struct log_entry *ent) * the next time, the following logic works out to put this * (next) entry into [1] */ - if (ent[0].seq == 0) { - ent[0].seq = cpu_to_le32(1); + if (log_seq(log, idx0) == 0) { + log->ent[idx0].seq = cpu_to_le32(1); return 0; } - if (ent[0].seq == ent[1].seq) + if (log_seq(log, idx0) == log_seq(log, idx1)) return -EINVAL; - if (le32_to_cpu(ent[0].seq) + le32_to_cpu(ent[1].seq) > 5) + if (log_seq(log, idx0) + log_seq(log, idx1) > 5) return -EINVAL; - if (le32_to_cpu(ent[0].seq) < le32_to_cpu(ent[1].seq)) { - if (le32_to_cpu(ent[1].seq) - le32_to_cpu(ent[0].seq) == 1) + if (log_seq(log, idx0) < log_seq(log, idx1)) { + if ((log_seq(log, idx1) - log_seq(log, idx0)) == 1) old = 0; else old = 1; } else { - if (le32_to_cpu(ent[0].seq) - le32_to_cpu(ent[1].seq) == 1) + if ((log_seq(log, idx0) - log_seq(log, idx1)) == 1) old = 1; else old = 0; @@ -328,17 +337,18 @@ static int btt_log_read(struct arena_info *arena, u32 lane, { int ret; int old_ent, ret_ent; - struct log_entry log[2]; + struct log_group log; - ret = btt_log_read_pair(arena, lane, log); + ret = btt_log_group_read(arena, lane, &log); if (ret) return -EIO; - old_ent = btt_log_get_old(log); + old_ent = btt_log_get_old(arena, &log); if (old_ent < 0 || old_ent > 1) { dev_err(to_dev(arena), "log corruption (%d): lane %d seq [%d, %d]\n", - old_ent, lane, log[0].seq, log[1].seq); + old_ent, lane, log.ent[arena->log_index[0]].seq, + log.ent[arena->log_index[1]].seq); /* TODO set error state? */ return -EIO; } @@ -346,7 +356,7 @@ static int btt_log_read(struct arena_info *arena, u32 lane, ret_ent = (old_flag ? old_ent : (1 - old_ent)); if (ent != NULL) - memcpy(ent, &log[ret_ent], LOG_ENT_SIZE); + memcpy(ent, &log.ent[arena->log_index[ret_ent]], LOG_ENT_SIZE); return ret_ent; } @@ -360,17 +370,13 @@ static int __btt_log_write(struct arena_info *arena, u32 lane, u32 sub, struct log_entry *ent, unsigned long flags) { int ret; - /* - * Ignore the padding in log_entry for calculating log_half. - * The entry is 'committed' when we write the sequence number, - * and we want to ensure that that is the last thing written. - * We don't bother writing the padding as that would be extra - * media wear and write amplification - */ - unsigned int log_half = (LOG_ENT_SIZE - 2 * sizeof(u64)) / 2; - u64 ns_off = arena->logoff + (((2 * lane) + sub) * LOG_ENT_SIZE); + u32 group_slot = arena->log_index[sub]; + unsigned int log_half = LOG_ENT_SIZE / 2; void *src = ent; + u64 ns_off; + ns_off = arena->logoff + (lane * LOG_GRP_SIZE) + + (group_slot * LOG_ENT_SIZE); /* split the 16B write into atomic, durable halves */ ret = arena_write_bytes(arena, ns_off, src, log_half, flags); if (ret) @@ -453,7 +459,7 @@ static int btt_log_init(struct arena_info *arena) { size_t logsize = arena->info2off - arena->logoff; size_t chunk_size = SZ_4K, offset = 0; - struct log_entry log; + struct log_entry ent; void *zerobuf; int ret; u32 i; @@ -485,11 +491,11 @@ static int btt_log_init(struct arena_info *arena) } for (i = 0; i < arena->nfree; i++) { - log.lba = cpu_to_le32(i); - log.old_map = cpu_to_le32(arena->external_nlba + i); - log.new_map = cpu_to_le32(arena->external_nlba + i); - log.seq = cpu_to_le32(LOG_SEQ_INIT); - ret = __btt_log_write(arena, i, 0, &log, 0); + ent.lba = cpu_to_le32(i); + ent.old_map = cpu_to_le32(arena->external_nlba + i); + ent.new_map = cpu_to_le32(arena->external_nlba + i); + ent.seq = cpu_to_le32(LOG_SEQ_INIT); + ret = __btt_log_write(arena, i, 0, &ent, 0); if (ret) goto free; } @@ -594,6 +600,123 @@ static int btt_freelist_init(struct arena_info *arena) return 0; } +static bool ent_is_padding(struct log_entry *ent) +{ + return (ent->lba == 0) && (ent->old_map == 0) && (ent->new_map == 0) + && (ent->seq == 0); +} + +/* + * Detecting valid log indices: We read a log group (see the comments in btt.h + * for a description of a 'log_group' and its 'slots'), and iterate over its + * four slots. We expect that a padding slot will be all-zeroes, and use this + * to detect a padding slot vs. an actual entry. + * + * If a log_group is in the initial state, i.e. hasn't been used since the + * creation of this BTT layout, it will have three of the four slots with + * zeroes. We skip over these log_groups for the detection of log_index. If + * all log_groups are in the initial state (i.e. the BTT has never been + * written to), it is safe to assume the 'new format' of log entries in slots + * (0, 1). + */ +static int log_set_indices(struct arena_info *arena) +{ + bool idx_set = false, initial_state = true; + int ret, log_index[2] = {-1, -1}; + u32 i, j, next_idx = 0; + struct log_group log; + u32 pad_count = 0; + + for (i = 0; i < arena->nfree; i++) { + ret = btt_log_group_read(arena, i, &log); + if (ret < 0) + return ret; + + for (j = 0; j < 4; j++) { + if (!idx_set) { + if (ent_is_padding(&log.ent[j])) { + pad_count++; + continue; + } else { + /* Skip if index has been recorded */ + if ((next_idx == 1) && + (j == log_index[0])) + continue; + /* valid entry, record index */ + log_index[next_idx] = j; + next_idx++; + } + if (next_idx == 2) { + /* two valid entries found */ + idx_set = true; + } else if (next_idx > 2) { + /* too many valid indices */ + return -ENXIO; + } + } else { + /* + * once the indices have been set, just verify + * that all subsequent log groups are either in + * their initial state or follow the same + * indices. + */ + if (j == log_index[0]) { + /* entry must be 'valid' */ + if (ent_is_padding(&log.ent[j])) + return -ENXIO; + } else if (j == log_index[1]) { + ; + /* + * log_index[1] can be padding if the + * lane never got used and it is still + * in the initial state (three 'padding' + * entries) + */ + } else { + /* entry must be invalid (padding) */ + if (!ent_is_padding(&log.ent[j])) + return -ENXIO; + } + } + } + /* + * If any of the log_groups have more than one valid, + * non-padding entry, then the we are no longer in the + * initial_state + */ + if (pad_count < 3) + initial_state = false; + pad_count = 0; + } + + if (!initial_state && !idx_set) + return -ENXIO; + + /* + * If all the entries in the log were in the initial state, + * assume new padding scheme + */ + if (initial_state) + log_index[1] = 1; + + /* + * Only allow the known permutations of log/padding indices, + * i.e. (0, 1), and (0, 2) + */ + if ((log_index[0] == 0) && ((log_index[1] == 1) || (log_index[1] == 2))) + ; /* known index possibilities */ + else { + dev_err(to_dev(arena), "Found an unknown padding scheme\n"); + return -ENXIO; + } + + arena->log_index[0] = log_index[0]; + arena->log_index[1] = log_index[1]; + dev_dbg(to_dev(arena), "log_index_0 = %d\n", log_index[0]); + dev_dbg(to_dev(arena), "log_index_1 = %d\n", log_index[1]); + return 0; +} + static int btt_rtt_init(struct arena_info *arena) { arena->rtt = kcalloc(arena->nfree, sizeof(u32), GFP_KERNEL); @@ -650,8 +773,7 @@ static struct arena_info *alloc_arena(struct btt *btt, size_t size, available -= 2 * BTT_PG_SIZE; /* The log takes a fixed amount of space based on nfree */ - logsize = roundup(2 * arena->nfree * sizeof(struct log_entry), - BTT_PG_SIZE); + logsize = roundup(arena->nfree * LOG_GRP_SIZE, BTT_PG_SIZE); available -= logsize; /* Calculate optimal split between map and data area */ @@ -668,6 +790,10 @@ static struct arena_info *alloc_arena(struct btt *btt, size_t size, arena->mapoff = arena->dataoff + datasize; arena->logoff = arena->mapoff + mapsize; arena->info2off = arena->logoff + logsize; + + /* Default log indices are (0,1) */ + arena->log_index[0] = 0; + arena->log_index[1] = 1; return arena; } @@ -758,6 +884,13 @@ static int discover_arenas(struct btt *btt) arena->external_lba_start = cur_nlba; parse_arena_meta(arena, super, cur_off); + ret = log_set_indices(arena); + if (ret) { + dev_err(to_dev(arena), + "Unable to deduce log/padding indices\n"); + goto out; + } + mutex_init(&arena->err_lock); ret = btt_freelist_init(arena); if (ret) diff --git a/drivers/nvdimm/btt.h b/drivers/nvdimm/btt.h index 884fbbbdd18a..db3cb6d4d0d4 100644 --- a/drivers/nvdimm/btt.h +++ b/drivers/nvdimm/btt.h @@ -27,6 +27,7 @@ #define MAP_ERR_MASK (1 << MAP_ERR_SHIFT) #define MAP_LBA_MASK (~((1 << MAP_TRIM_SHIFT) | (1 << MAP_ERR_SHIFT))) #define MAP_ENT_NORMAL 0xC0000000 +#define LOG_GRP_SIZE sizeof(struct log_group) #define LOG_ENT_SIZE sizeof(struct log_entry) #define ARENA_MIN_SIZE (1UL << 24) /* 16 MB */ #define ARENA_MAX_SIZE (1ULL << 39) /* 512 GB */ @@ -50,12 +51,52 @@ enum btt_init_state { INIT_READY }; +/* + * A log group represents one log 'lane', and consists of four log entries. + * Two of the four entries are valid entries, and the remaining two are + * padding. Due to an old bug in the padding location, we need to perform a + * test to determine the padding scheme being used, and use that scheme + * thereafter. + * + * In kernels prior to 4.15, 'log group' would have actual log entries at + * indices (0, 2) and padding at indices (1, 3), where as the correct/updated + * format has log entries at indices (0, 1) and padding at indices (2, 3). + * + * Old (pre 4.15) format: + * +-----------------+-----------------+ + * | ent[0] | ent[1] | + * | 16B | 16B | + * | lba/old/new/seq | pad | + * +-----------------------------------+ + * | ent[2] | ent[3] | + * | 16B | 16B | + * | lba/old/new/seq | pad | + * +-----------------+-----------------+ + * + * New format: + * +-----------------+-----------------+ + * | ent[0] | ent[1] | + * | 16B | 16B | + * | lba/old/new/seq | lba/old/new/seq | + * +-----------------------------------+ + * | ent[2] | ent[3] | + * | 16B | 16B | + * | pad | pad | + * +-----------------+-----------------+ + * + * We detect during start-up which format is in use, and set + * arena->log_index[(0, 1)] with the detected format. + */ + struct log_entry { __le32 lba; __le32 old_map; __le32 new_map; __le32 seq; - __le64 padding[2]; +}; + +struct log_group { + struct log_entry ent[4]; }; struct btt_sb { @@ -126,6 +167,7 @@ struct aligned_lock { * @debugfs_dir: Debugfs dentry * @flags: Arena flags - may signify error states. * @err_lock: Mutex for synchronizing error clearing. + * @log_index: Indices of the valid log entries in a log_group * * arena_info is a per-arena handle. Once an arena is narrowed down for an * IO, this struct is passed around for the duration of the IO. @@ -158,6 +200,7 @@ struct arena_info { /* Arena flags */ u32 flags; struct mutex err_lock; + int log_index[2]; }; /** -- 2.14.3

7 years, 8 months

2
1
0 0

[Linux-stable-mirror] [PATCH] libnvdimm, pfn: fix start_pad handling for aligned namespaces

by Dan Williams

The alignment checks at pfn driver startup fail to properly account for the 'start_pad' in the case where the namespace is misaligned relative to its internal alignment. This is typically triggered in 1G aligned namespace, but could theoretically trigger with small namespace alignments. When this triggers the kernel reports messages of the form: dax2.1: bad offset: 0x3c000000 dax disabled align: 0x40000000 Cc: <stable(a)vger.kernel.org> Fixes: 1ee6667cd8d1 ("libnvdimm, pfn, dax: fix initialization vs autodetect...") Reported-by: Jane Chu <jane.chu(a)oracle.com> Signed-off-by: Dan Williams <dan.j.williams(a)intel.com> --- drivers/nvdimm/pfn_devs.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/drivers/nvdimm/pfn_devs.c b/drivers/nvdimm/pfn_devs.c index 65cc171c721d..db2fc7c02e01 100644 --- a/drivers/nvdimm/pfn_devs.c +++ b/drivers/nvdimm/pfn_devs.c @@ -364,9 +364,9 @@ struct device *nd_pfn_create(struct nd_region *nd_region) int nd_pfn_validate(struct nd_pfn *nd_pfn, const char *sig) { u64 checksum, offset; - unsigned long align; enum nd_pfn_mode mode; struct nd_namespace_io *nsio; + unsigned long align, start_pad; struct nd_pfn_sb *pfn_sb = nd_pfn->pfn_sb; struct nd_namespace_common *ndns = nd_pfn->ndns; const u8 *parent_uuid = nd_dev_to_uuid(&ndns->dev); @@ -410,6 +410,7 @@ int nd_pfn_validate(struct nd_pfn *nd_pfn, const char *sig) align = le32_to_cpu(pfn_sb->align); offset = le64_to_cpu(pfn_sb->dataoff); + start_pad = le32_to_cpu(pfn_sb->start_pad); if (align == 0) align = 1UL << ilog2(offset); mode = le32_to_cpu(pfn_sb->mode); @@ -468,7 +469,7 @@ int nd_pfn_validate(struct nd_pfn *nd_pfn, const char *sig) return -EBUSY; } - if ((align && !IS_ALIGNED(offset, align)) + if ((align && !IS_ALIGNED(nsio->res.start + offset + start_pad, align)) || !IS_ALIGNED(offset, PAGE_SIZE)) { dev_err(&nd_pfn->dev, "bad offset: %#llx dax disabled align: %#lx\n",

7 years, 8 months

1
0
0 0

[Linux-stable-mirror] Patch "percpu: don't forget to free the temporary struct pcpu_alloc_info" has been added to the 4.14-stable tree

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled percpu: don't forget to free the temporary struct pcpu_alloc_info to the 4.14-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… The filename of the patch is: percpu-don-t-forget-to-free-the-temporary-struct-pcpu_alloc_info.patch and it can be found in the queue-4.14 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable(a)vger.kernel.org> know about it. >From foo@baz Wed Dec 20 18:17:52 CET 2017 From: Nicolas Pitre <nicolas.pitre(a)linaro.org> Date: Tue, 3 Oct 2017 18:29:49 -0400 Subject: percpu: don't forget to free the temporary struct pcpu_alloc_info From: Nicolas Pitre <nicolas.pitre(a)linaro.org> [ Upstream commit 438a50618095061920d3a30d4c5ca1ef2e0ff860 ] Unlike the SMP case, the !SMP case does not free the memory for struct pcpu_alloc_info allocated in setup_per_cpu_areas(). And to give it a chance of being reused by the page allocator later, align it to a page boundary just like its size. Signed-off-by: Nicolas Pitre <nico(a)linaro.org> Acked-by: Dennis Zhou <dennisszhou(a)gmail.com> Signed-off-by: Tejun Heo <tj(a)kernel.org> Signed-off-by: Sasha Levin <alexander.levin(a)verizon.com> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- mm/percpu.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) --- a/mm/percpu.c +++ b/mm/percpu.c @@ -1856,7 +1856,7 @@ struct pcpu_alloc_info * __init pcpu_all __alignof__(ai->groups[0].cpu_map[0])); ai_size = base_size + nr_units * sizeof(ai->groups[0].cpu_map[0]); - ptr = memblock_virt_alloc_nopanic(PFN_ALIGN(ai_size), 0); + ptr = memblock_virt_alloc_nopanic(PFN_ALIGN(ai_size), PAGE_SIZE); if (!ptr) return NULL; ai = ptr; @@ -2719,6 +2719,7 @@ void __init setup_per_cpu_areas(void) if (pcpu_setup_first_chunk(ai, fc) < 0) panic("Failed to initialize percpu areas."); + pcpu_free_alloc_info(ai); } #endif /* CONFIG_SMP */ Patches currently in stable-queue which might be from nicolas.pitre(a)linaro.org are queue-4.14/percpu-don-t-forget-to-free-the-temporary-struct-pcpu_alloc_info.patch

7 years, 8 months

4
4
0 0

[Linux-stable-mirror] [PATCH v2] MIPS: fix incorrect mem=X@Y handling

by Mathieu Malaterre

From: Marcin Nowakowski <marcin.nowakowski(a)mips.com> Change 73fbc1eba7ff added a fix to ensure that the memory range between PHYS_OFFSET and low memory address specified by mem= cmdline argument is not later processed by free_all_bootmem. This change was incorrect for systems where the commandline specifies more than 1 mem argument, as it will cause all memory between PHYS_OFFSET and each of the memory offsets to be marked as reserved, which results in parts of the RAM marked as reserved (Creator CI20's u-boot has a default commandline argument 'mem=256M@0x0 mem=768M@0x30000000'). Change the behaviour to ensure that only the range between PHYS_OFFSET and the lowest start address of the memories is marked as protected. This change also ensures that the range is marked protected even if it's only defined through the devicetree and not only via commandline arguments. Reported-by: Mathieu Malaterre <mathieu.malaterre(a)gmail.com> Signed-off-by: Marcin Nowakowski <marcin.nowakowski(a)mips.com> Fixes: 73fbc1eba7ff ("MIPS: fix mem=X@Y commandline processing") Cc: <stable(a)vger.kernel.org> # v4.11 --- v2: Use updated email adress, add tag for stable. arch/mips/kernel/setup.c | 19 ++++++++++++++++--- 1 file changed, 16 insertions(+), 3 deletions(-) diff --git a/arch/mips/kernel/setup.c b/arch/mips/kernel/setup.c index 702c678de116..f19d61224c71 100644 --- a/arch/mips/kernel/setup.c +++ b/arch/mips/kernel/setup.c @@ -375,6 +375,7 @@ static void __init bootmem_init(void) unsigned long reserved_end; unsigned long mapstart = ~0UL; unsigned long bootmap_size; + phys_addr_t ramstart = ~0UL; bool bootmap_valid = false; int i; @@ -395,6 +396,21 @@ static void __init bootmem_init(void) max_low_pfn = 0; /* + * Reserve any memory between the start of RAM and PHYS_OFFSET + */ + for (i = 0; i < boot_mem_map.nr_map; i++) { + if (boot_mem_map.map[i].type != BOOT_MEM_RAM) + continue; + + ramstart = min(ramstart, boot_mem_map.map[i].addr); + } + + if (ramstart > PHYS_OFFSET) + add_memory_region(PHYS_OFFSET, ramstart - PHYS_OFFSET, + BOOT_MEM_RESERVED); + + + /* * Find the highest page frame number we have available. */ for (i = 0; i < boot_mem_map.nr_map; i++) { @@ -664,9 +680,6 @@ static int __init early_parse_mem(char *p) add_memory_region(start, size, BOOT_MEM_RAM); - if (start && start > PHYS_OFFSET) - add_memory_region(PHYS_OFFSET, start - PHYS_OFFSET, - BOOT_MEM_RESERVED); return 0; } early_param("mem", early_parse_mem); -- 2.11.0

7 years, 8 months

1
0
0 0

[Linux-stable-mirror] Patch "platform/x86: asus-wireless: send an EV_SYN/SYN_REPORT between state changes" has been added to the 4.9-stable tree

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled platform/x86: asus-wireless: send an EV_SYN/SYN_REPORT between state changes to the 4.9-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… The filename of the patch is: platform-x86-asus-wireless-send-an-ev_syn-syn_report-between-state-changes.patch and it can be found in the queue-4.9 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable(a)vger.kernel.org> know about it. >From bff5bf9db1c9453ffd0a78abed3e2d040c092fd9 Mon Sep 17 00:00:00 2001 From: Peter Hutterer <peter.hutterer(a)who-t.net> Date: Mon, 4 Dec 2017 10:26:17 +1000 Subject: platform/x86: asus-wireless: send an EV_SYN/SYN_REPORT between state changes From: Peter Hutterer <peter.hutterer(a)who-t.net> commit bff5bf9db1c9453ffd0a78abed3e2d040c092fd9 upstream. Sending the switch state change twice within the same frame is invalid evdev protocol and only works if the client handles keys immediately as well. Processing events immediately is incorrect, it forces a fake order of events that does not exist on the device. Recent versions of libinput changed to only process the device state and SYN_REPORT time, so now the key event is lost. https://bugs.freedesktop.org/show_bug.cgi?id=104041 Signed-off-by: Peter Hutterer <peter.hutterer(a)who-t.net> Signed-off-by: Darren Hart (VMware) <dvhart(a)infradead.org> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- drivers/platform/x86/asus-wireless.c | 1 + 1 file changed, 1 insertion(+) --- a/drivers/platform/x86/asus-wireless.c +++ b/drivers/platform/x86/asus-wireless.c @@ -97,6 +97,7 @@ static void asus_wireless_notify(struct return; } input_report_key(data->idev, KEY_RFKILL, 1); + input_sync(data->idev); input_report_key(data->idev, KEY_RFKILL, 0); input_sync(data->idev); } Patches currently in stable-queue which might be from peter.hutterer(a)who-t.net are queue-4.9/platform-x86-asus-wireless-send-an-ev_syn-syn_report-between-state-changes.patch

7 years, 8 months

1
0
0 0

[Linux-stable-mirror] Patch "platform/x86: asus-wireless: send an EV_SYN/SYN_REPORT between state changes" has been added to the 4.14-stable tree

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled platform/x86: asus-wireless: send an EV_SYN/SYN_REPORT between state changes to the 4.14-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… The filename of the patch is: platform-x86-asus-wireless-send-an-ev_syn-syn_report-between-state-changes.patch and it can be found in the queue-4.14 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable(a)vger.kernel.org> know about it. >From bff5bf9db1c9453ffd0a78abed3e2d040c092fd9 Mon Sep 17 00:00:00 2001 From: Peter Hutterer <peter.hutterer(a)who-t.net> Date: Mon, 4 Dec 2017 10:26:17 +1000 Subject: platform/x86: asus-wireless: send an EV_SYN/SYN_REPORT between state changes From: Peter Hutterer <peter.hutterer(a)who-t.net> commit bff5bf9db1c9453ffd0a78abed3e2d040c092fd9 upstream. Sending the switch state change twice within the same frame is invalid evdev protocol and only works if the client handles keys immediately as well. Processing events immediately is incorrect, it forces a fake order of events that does not exist on the device. Recent versions of libinput changed to only process the device state and SYN_REPORT time, so now the key event is lost. https://bugs.freedesktop.org/show_bug.cgi?id=104041 Signed-off-by: Peter Hutterer <peter.hutterer(a)who-t.net> Signed-off-by: Darren Hart (VMware) <dvhart(a)infradead.org> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- drivers/platform/x86/asus-wireless.c | 1 + 1 file changed, 1 insertion(+) --- a/drivers/platform/x86/asus-wireless.c +++ b/drivers/platform/x86/asus-wireless.c @@ -118,6 +118,7 @@ static void asus_wireless_notify(struct return; } input_report_key(data->idev, KEY_RFKILL, 1); + input_sync(data->idev); input_report_key(data->idev, KEY_RFKILL, 0); input_sync(data->idev); } Patches currently in stable-queue which might be from peter.hutterer(a)who-t.net are queue-4.14/platform-x86-asus-wireless-send-an-ev_syn-syn_report-between-state-changes.patch

7 years, 8 months

1
0
0 0

[Linux-stable-mirror] [PATCH 1/3] MIPS: c-r4k: instruction_hazard should immediately follow cache op

by Matt Redfearn

During ftrace initialisation, placeholder instructions in the prologue of every kernel function not marked "notrace" are replaced with nops. After the instructions are written (to the dcache), flush_icache_range() is used to ensure that the icache will be updated with these replaced instructions. Currently there is an instruction_hazard guard at the end of __r4k_flush_icache_range, since a hazard can be created if the CPU has already begun fetching the instructions that have have been replaced. The placement, however, ignores the calls to preempt_enable(), both in __r4k_flush_icache_range and r4k_on_each_cpu. When CONFIG_PREEMPT is enabled, these expand out to at least calls to preempt_count_sub(). The lack of an instruction hazard between icache invalidate and the execution of preempt_count_sub, in rare circumstances, was observed to cause weird crashes on Ci40, where the CPU would end up taking a kernel unaligned access exception from the middle of do_ade(), which it somehow reached from preempt_count_sub without executing the start of do_ade. Since the instruction hazard exists immediately after the dcache is written back and icache invalidated, place the instruction_hazard() within __local_r4k_flush_icache_range. The one at the end of __r4k_flush_icache_range is too late, since all of the functions in the call path of preempt_enable have already been executed, so remove it. This fixes the crashes during ftrace initialisation on Ci40. Signed-off-by: Matt Redfearn <matt.redfearn(a)mips.com> Cc: stable <stable(a)vger.kernel.org> # v4.9+ --- arch/mips/mm/c-r4k.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/arch/mips/mm/c-r4k.c b/arch/mips/mm/c-r4k.c index 6f534b209971..ce7a54223504 100644 --- a/arch/mips/mm/c-r4k.c +++ b/arch/mips/mm/c-r4k.c @@ -760,6 +760,8 @@ static inline void __local_r4k_flush_icache_range(unsigned long start, break; } } + /* Hazard to force new i-fetch */ + instruction_hazard(); } static inline void local_r4k_flush_icache_range(unsigned long start, @@ -817,7 +819,6 @@ static void __r4k_flush_icache_range(unsigned long start, unsigned long end, } r4k_on_each_cpu(args.type, local_r4k_flush_icache_range_ipi, &args); preempt_enable(); - instruction_hazard(); } static void r4k_flush_icache_range(unsigned long start, unsigned long end) -- 2.7.4

7 years, 8 months

2
7
0 0

[Linux-stable-mirror] Patch "xen, x86/entry/64: Add xen NMI trap entry" has been added to the 4.14-stable tree

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled xen, x86/entry/64: Add xen NMI trap entry to the 4.14-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… The filename of the patch is: xen-x86-entry-64-add-xen-nmi-trap-entry.patch and it can be found in the queue-4.14 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable(a)vger.kernel.org> know about it. >From 43e4111086a70c78bedb6ad990bee97f17b27a6e Mon Sep 17 00:00:00 2001 From: Juergen Gross <jgross(a)suse.com> Date: Thu, 2 Nov 2017 00:59:07 -0700 Subject: xen, x86/entry/64: Add xen NMI trap entry From: Juergen Gross <jgross(a)suse.com> commit 43e4111086a70c78bedb6ad990bee97f17b27a6e upstream. Instead of trying to execute any NMI via the bare metal's NMI trap handler use a Xen specific one for PV domains, like we do for e.g. debug traps. As in a PV domain the NMI is handled via the normal kernel stack this is the correct thing to do. This will enable us to get rid of the very fragile and questionable dependencies between the bare metal NMI handler and Xen assumptions believed to be broken anyway. Signed-off-by: Juergen Gross <jgross(a)suse.com> Signed-off-by: Andy Lutomirski <luto(a)kernel.org> Cc: Borislav Petkov <bpetkov(a)suse.de> Cc: Brian Gerst <brgerst(a)gmail.com> Cc: Dave Hansen <dave.hansen(a)intel.com> Cc: Linus Torvalds <torvalds(a)linux-foundation.org> Cc: Peter Zijlstra <peterz(a)infradead.org> Cc: Thomas Gleixner <tglx(a)linutronix.de> Link: http://lkml.kernel.org/r/5baf5c0528d58402441550c5770b98e7961e7680.150960930… Signed-off-by: Ingo Molnar <mingo(a)kernel.org> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- arch/x86/entry/entry_64.S | 2 +- arch/x86/include/asm/traps.h | 2 +- arch/x86/xen/enlighten_pv.c | 2 +- arch/x86/xen/xen-asm_64.S | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) --- a/arch/x86/entry/entry_64.S +++ b/arch/x86/entry/entry_64.S @@ -1079,6 +1079,7 @@ idtentry int3 do_int3 has_error_code idtentry stack_segment do_stack_segment has_error_code=1 #ifdef CONFIG_XEN +idtentry xennmi do_nmi has_error_code=0 idtentry xendebug do_debug has_error_code=0 idtentry xenint3 do_int3 has_error_code=0 #endif @@ -1241,7 +1242,6 @@ ENTRY(error_exit) END(error_exit) /* Runs on exception stack */ -/* XXX: broken on Xen PV */ ENTRY(nmi) UNWIND_HINT_IRET_REGS /* --- a/arch/x86/include/asm/traps.h +++ b/arch/x86/include/asm/traps.h @@ -38,9 +38,9 @@ asmlinkage void simd_coprocessor_error(v #if defined(CONFIG_X86_64) && defined(CONFIG_XEN_PV) asmlinkage void xen_divide_error(void); +asmlinkage void xen_xennmi(void); asmlinkage void xen_xendebug(void); asmlinkage void xen_xenint3(void); -asmlinkage void xen_nmi(void); asmlinkage void xen_overflow(void); asmlinkage void xen_bounds(void); asmlinkage void xen_invalid_op(void); --- a/arch/x86/xen/enlighten_pv.c +++ b/arch/x86/xen/enlighten_pv.c @@ -601,7 +601,7 @@ static struct trap_array_entry trap_arra #ifdef CONFIG_X86_MCE { machine_check, xen_machine_check, true }, #endif - { nmi, xen_nmi, true }, + { nmi, xen_xennmi, true }, { overflow, xen_overflow, false }, #ifdef CONFIG_IA32_EMULATION { entry_INT80_compat, xen_entry_INT80_compat, false }, --- a/arch/x86/xen/xen-asm_64.S +++ b/arch/x86/xen/xen-asm_64.S @@ -30,7 +30,7 @@ xen_pv_trap debug xen_pv_trap xendebug xen_pv_trap int3 xen_pv_trap xenint3 -xen_pv_trap nmi +xen_pv_trap xennmi xen_pv_trap overflow xen_pv_trap bounds xen_pv_trap invalid_op Patches currently in stable-queue which might be from jgross(a)suse.com are queue-4.14/x86-entry-64-move-the-ist-stacks-into-struct-cpu_entry_area.patch queue-4.14/x86-dumpstack-add-get_stack_info-support-for-the-sysenter-stack.patch queue-4.14/x86-virt-add-enum-for-hypervisors-to-replace-x86_hyper.patch queue-4.14/x86-xen-provide-pre-built-page-tables-only-for-config_xen_pv-y-and-config_xen_pvh-y.patch queue-4.14/x86-entry-remap-the-tss-into-the-cpu-entry-area.patch queue-4.14/x86-entry-64-paravirt-use-paravirt-safe-macro-to-access-eflags.patch queue-4.14/x86-mm-fixmap-generalize-the-gdt-fixmap-mechanism-introduce-struct-cpu_entry_area.patch queue-4.14/x86-xen-drop-5-level-paging-support-code-from-the-xen_pv-code.patch queue-4.14/x86-paravirt-dont-patch-flush_tlb_single.patch queue-4.14/x86-dumpstack-handle-stack-overflow-on-all-stacks.patch queue-4.14/x86-entry-64-return-to-userspace-from-the-trampoline-stack.patch queue-4.14/x86-paravirt-provide-a-way-to-check-for-hypervisors.patch queue-4.14/xen-x86-entry-64-add-xen-nmi-trap-entry.patch queue-4.14/x86-entry-64-create-a-per-cpu-syscall-entry-trampoline.patch queue-4.14/x86-xen-64-x86-entry-64-clean-up-sp-code-in-cpu_initialize_context.patch queue-4.14/x86-entry-64-de-xen-ify-our-nmi-code.patch queue-4.14/objtool-don-t-report-end-of-section-error-after-an-empty-unwind-hint.patch queue-4.14/x86-entry-64-use-a-per-cpu-trampoline-stack-for-idt-entries.patch queue-4.14/x86-cpufeatures-make-cpu-bugs-sticky.patch queue-4.14/x86-espfix-64-stop-assuming-that-pt_regs-is-on-the-entry-stack.patch queue-4.14/x86-xen-fix-xen-head-elf-annotations.patch queue-4.14/x86-entry-move-sysenter_stack-to-the-beginning-of-struct-tss_struct.patch queue-4.14/x86-entry-64-allocate-and-enable-the-sysenter-stack.patch queue-4.14/x86-unwinder-orc-dont-bail-on-stack-overflow.patch queue-4.14/x86-head-fix-head-elf-function-annotations.patch queue-4.14/x86-head-add-unwind-hint-annotations.patch queue-4.14/x86-head-remove-unused-bad_address-code.patch queue-4.14/x86-xen-add-unwind-hint-annotations.patch queue-4.14/x86-kasan-64-teach-kasan-about-the-cpu_entry_area.patch queue-4.14/x86-head-remove-confusing-comment.patch queue-4.14/x86-entry-64-remove-the-sysenter-stack-canary.patch queue-4.14/x86-entry-gdt-put-per-cpu-gdt-remaps-in-ascending-order.patch queue-4.14/x86-entry-fix-assumptions-that-the-hw-tss-is-at-the-beginning-of-cpu_tss.patch queue-4.14/x86-entry-64-make-cpu_entry_area.tss-read-only.patch queue-4.14/x86-virt-x86-platform-merge-struct-x86_hyper-into-struct-x86_platform-and-struct-x86_init.patch queue-4.14/x86-unwinder-handle-stack-overflows-more-gracefully.patch queue-4.14/x86-irq-64-print-the-offending-ip-in-the-stack-overflow-warning.patch queue-4.14/x86-entry-clean-up-the-sysenter_stack-code.patch queue-4.14/x86-entry-64-separate-cpu_current_top_of_stack-from-tss.sp0.patch queue-4.14/x86-boot-annotate-verify_cpu-as-a-callable-function.patch queue-4.14/x86-irq-remove-an-old-outdated-comment-about-context-tracking-races.patch

7 years, 8 months

1
0
0 0

[Linux-stable-mirror] Patch "x86/virt, x86/platform: Merge 'struct x86_hyper' into 'struct x86_platform' and 'struct x86_init'" has been added to the 4.14-stable tree

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled x86/virt, x86/platform: Merge 'struct x86_hyper' into 'struct x86_platform' and 'struct x86_init' to the 4.14-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… The filename of the patch is: x86-virt-x86-platform-merge-struct-x86_hyper-into-struct-x86_platform-and-struct-x86_init.patch and it can be found in the queue-4.14 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable(a)vger.kernel.org> know about it. >From f72e38e8ec8869ac0ba5a75d7d2f897d98a1454e Mon Sep 17 00:00:00 2001 From: Juergen Gross <jgross(a)suse.com> Date: Thu, 9 Nov 2017 14:27:35 +0100 Subject: x86/virt, x86/platform: Merge 'struct x86_hyper' into 'struct x86_platform' and 'struct x86_init' From: Juergen Gross <jgross(a)suse.com> commit f72e38e8ec8869ac0ba5a75d7d2f897d98a1454e upstream. Instead of x86_hyper being either NULL on bare metal or a pointer to a struct hypervisor_x86 in case of the kernel running as a guest merge the struct into x86_platform and x86_init. This will remove the need for wrappers making it hard to find out what is being called. With dummy functions added for all callbacks testing for a NULL function pointer can be removed, too. Suggested-by: Ingo Molnar <mingo(a)kernel.org> Signed-off-by: Juergen Gross <jgross(a)suse.com> Acked-by: Thomas Gleixner <tglx(a)linutronix.de> Cc: Linus Torvalds <torvalds(a)linux-foundation.org> Cc: Peter Zijlstra <peterz(a)infradead.org> Cc: akataria(a)vmware.com Cc: boris.ostrovsky(a)oracle.com Cc: devel(a)linuxdriverproject.org Cc: haiyangz(a)microsoft.com Cc: kvm(a)vger.kernel.org Cc: kys(a)microsoft.com Cc: pbonzini(a)redhat.com Cc: rkrcmar(a)redhat.com Cc: rusty(a)rustcorp.com.au Cc: sthemmin(a)microsoft.com Cc: virtualization(a)lists.linux-foundation.org Cc: xen-devel(a)lists.xenproject.org Link: http://lkml.kernel.org/r/20171109132739.23465-2-jgross@suse.com Signed-off-by: Ingo Molnar <mingo(a)kernel.org> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- arch/x86/include/asm/hypervisor.h | 25 +++------------- arch/x86/include/asm/x86_init.h | 24 ++++++++++++++++ arch/x86/kernel/apic/apic.c | 2 - arch/x86/kernel/cpu/hypervisor.c | 56 ++++++++++++++++++-------------------- arch/x86/kernel/cpu/mshyperv.c | 2 - arch/x86/kernel/cpu/vmware.c | 4 +- arch/x86/kernel/kvm.c | 2 - arch/x86/kernel/x86_init.c | 9 ++++++ arch/x86/mm/init.c | 2 - arch/x86/xen/enlighten_hvm.c | 8 ++--- arch/x86/xen/enlighten_pv.c | 2 - include/linux/hypervisor.h | 8 ++++- 12 files changed, 82 insertions(+), 62 deletions(-) --- a/arch/x86/include/asm/hypervisor.h +++ b/arch/x86/include/asm/hypervisor.h @@ -23,6 +23,7 @@ #ifdef CONFIG_HYPERVISOR_GUEST #include <asm/kvm_para.h> +#include <asm/x86_init.h> #include <asm/xen/hypervisor.h> /* @@ -35,17 +36,11 @@ struct hypervisor_x86 { /* Detection routine */ uint32_t (*detect)(void); - /* Platform setup (run once per boot) */ - void (*init_platform)(void); + /* init time callbacks */ + struct x86_hyper_init init; - /* X2APIC detection (run once per boot) */ - bool (*x2apic_available)(void); - - /* pin current vcpu to specified physical cpu (run rarely) */ - void (*pin_vcpu)(int); - - /* called during init_mem_mapping() to setup early mappings. */ - void (*init_mem_mapping)(void); + /* runtime callbacks */ + struct x86_hyper_runtime runtime; }; extern const struct hypervisor_x86 *x86_hyper; @@ -58,17 +53,7 @@ extern const struct hypervisor_x86 x86_h extern const struct hypervisor_x86 x86_hyper_kvm; extern void init_hypervisor_platform(void); -extern bool hypervisor_x2apic_available(void); -extern void hypervisor_pin_vcpu(int cpu); - -static inline void hypervisor_init_mem_mapping(void) -{ - if (x86_hyper && x86_hyper->init_mem_mapping) - x86_hyper->init_mem_mapping(); -} #else static inline void init_hypervisor_platform(void) { } -static inline bool hypervisor_x2apic_available(void) { return false; } -static inline void hypervisor_init_mem_mapping(void) { } #endif /* CONFIG_HYPERVISOR_GUEST */ #endif /* _ASM_X86_HYPERVISOR_H */ --- a/arch/x86/include/asm/x86_init.h +++ b/arch/x86/include/asm/x86_init.h @@ -115,6 +115,18 @@ struct x86_init_pci { }; /** + * struct x86_hyper_init - x86 hypervisor init functions + * @init_platform: platform setup + * @x2apic_available: X2APIC detection + * @init_mem_mapping: setup early mappings during init_mem_mapping() + */ +struct x86_hyper_init { + void (*init_platform)(void); + bool (*x2apic_available)(void); + void (*init_mem_mapping)(void); +}; + +/** * struct x86_init_ops - functions for platform specific setup * */ @@ -127,6 +139,7 @@ struct x86_init_ops { struct x86_init_timers timers; struct x86_init_iommu iommu; struct x86_init_pci pci; + struct x86_hyper_init hyper; }; /** @@ -200,6 +213,15 @@ struct x86_legacy_features { }; /** + * struct x86_hyper_runtime - x86 hypervisor specific runtime callbacks + * + * @pin_vcpu: pin current vcpu to specified physical cpu (run rarely) + */ +struct x86_hyper_runtime { + void (*pin_vcpu)(int cpu); +}; + +/** * struct x86_platform_ops - platform specific runtime functions * @calibrate_cpu: calibrate CPU * @calibrate_tsc: calibrate TSC, if different from CPU @@ -218,6 +240,7 @@ struct x86_legacy_features { * possible in x86_early_init_platform_quirks() by * only using the current x86_hardware_subarch * semantics. + * @hyper: x86 hypervisor specific runtime callbacks */ struct x86_platform_ops { unsigned long (*calibrate_cpu)(void); @@ -233,6 +256,7 @@ struct x86_platform_ops { void (*apic_post_init)(void); struct x86_legacy_features legacy; void (*set_legacy_features)(void); + struct x86_hyper_runtime hyper; }; struct pci_dev; --- a/arch/x86/kernel/apic/apic.c +++ b/arch/x86/kernel/apic/apic.c @@ -1645,7 +1645,7 @@ static __init void try_to_enable_x2apic( * under KVM */ if (max_physical_apicid > 255 || - !hypervisor_x2apic_available()) { + !x86_init.hyper.x2apic_available()) { pr_info("x2apic: IRQ remapping doesn't support X2APIC mode\n"); x2apic_disable(); return; --- a/arch/x86/kernel/cpu/hypervisor.c +++ b/arch/x86/kernel/cpu/hypervisor.c @@ -44,51 +44,49 @@ static const __initconst struct hypervis const struct hypervisor_x86 *x86_hyper; EXPORT_SYMBOL(x86_hyper); -static inline void __init +static inline const struct hypervisor_x86 * __init detect_hypervisor_vendor(void) { - const struct hypervisor_x86 *h, * const *p; + const struct hypervisor_x86 *h = NULL, * const *p; uint32_t pri, max_pri = 0; for (p = hypervisors; p < hypervisors + ARRAY_SIZE(hypervisors); p++) { - h = *p; - pri = h->detect(); - if (pri != 0 && pri > max_pri) { + pri = (*p)->detect(); + if (pri > max_pri) { max_pri = pri; - x86_hyper = h; + h = *p; } } - if (max_pri) - pr_info("Hypervisor detected: %s\n", x86_hyper->name); -} - -void __init init_hypervisor_platform(void) -{ - - detect_hypervisor_vendor(); + if (h) + pr_info("Hypervisor detected: %s\n", h->name); - if (!x86_hyper) - return; - - if (x86_hyper->init_platform) - x86_hyper->init_platform(); + return h; } -bool __init hypervisor_x2apic_available(void) +static void __init copy_array(const void *src, void *target, unsigned int size) { - return x86_hyper && - x86_hyper->x2apic_available && - x86_hyper->x2apic_available(); + unsigned int i, n = size / sizeof(void *); + const void * const *from = (const void * const *)src; + const void **to = (const void **)target; + + for (i = 0; i < n; i++) + if (from[i]) + to[i] = from[i]; } -void hypervisor_pin_vcpu(int cpu) +void __init init_hypervisor_platform(void) { - if (!x86_hyper) + const struct hypervisor_x86 *h; + + h = detect_hypervisor_vendor(); + + if (!h) return; - if (x86_hyper->pin_vcpu) - x86_hyper->pin_vcpu(cpu); - else - WARN_ONCE(1, "vcpu pinning requested but not supported!\n"); + copy_array(&h->init, &x86_init.hyper, sizeof(h->init)); + copy_array(&h->runtime, &x86_platform.hyper, sizeof(h->runtime)); + + x86_hyper = h; + x86_init.hyper.init_platform(); } --- a/arch/x86/kernel/cpu/mshyperv.c +++ b/arch/x86/kernel/cpu/mshyperv.c @@ -257,6 +257,6 @@ static void __init ms_hyperv_init_platfo const __refconst struct hypervisor_x86 x86_hyper_ms_hyperv = { .name = "Microsoft Hyper-V", .detect = ms_hyperv_platform, - .init_platform = ms_hyperv_init_platform, + .init.init_platform = ms_hyperv_init_platform, }; EXPORT_SYMBOL(x86_hyper_ms_hyperv); --- a/arch/x86/kernel/cpu/vmware.c +++ b/arch/x86/kernel/cpu/vmware.c @@ -208,7 +208,7 @@ static bool __init vmware_legacy_x2apic_ const __refconst struct hypervisor_x86 x86_hyper_vmware = { .name = "VMware", .detect = vmware_platform, - .init_platform = vmware_platform_setup, - .x2apic_available = vmware_legacy_x2apic_available, + .init.init_platform = vmware_platform_setup, + .init.x2apic_available = vmware_legacy_x2apic_available, }; EXPORT_SYMBOL(x86_hyper_vmware); --- a/arch/x86/kernel/kvm.c +++ b/arch/x86/kernel/kvm.c @@ -547,7 +547,7 @@ static uint32_t __init kvm_detect(void) const struct hypervisor_x86 x86_hyper_kvm __refconst = { .name = "KVM", .detect = kvm_detect, - .x2apic_available = kvm_para_available, + .init.x2apic_available = kvm_para_available, }; EXPORT_SYMBOL_GPL(x86_hyper_kvm); --- a/arch/x86/kernel/x86_init.c +++ b/arch/x86/kernel/x86_init.c @@ -28,6 +28,8 @@ void x86_init_noop(void) { } void __init x86_init_uint_noop(unsigned int unused) { } int __init iommu_init_noop(void) { return 0; } void iommu_shutdown_noop(void) { } +bool __init bool_x86_init_noop(void) { return false; } +void x86_op_int_noop(int cpu) { } /* * The platform setup functions are preset with the default functions @@ -81,6 +83,12 @@ struct x86_init_ops x86_init __initdata .init_irq = x86_default_pci_init_irq, .fixup_irqs = x86_default_pci_fixup_irqs, }, + + .hyper = { + .init_platform = x86_init_noop, + .x2apic_available = bool_x86_init_noop, + .init_mem_mapping = x86_init_noop, + }, }; struct x86_cpuinit_ops x86_cpuinit = { @@ -101,6 +109,7 @@ struct x86_platform_ops x86_platform __r .get_nmi_reason = default_get_nmi_reason, .save_sched_clock_state = tsc_save_sched_clock_state, .restore_sched_clock_state = tsc_restore_sched_clock_state, + .hyper.pin_vcpu = x86_op_int_noop, }; EXPORT_SYMBOL_GPL(x86_platform); --- a/arch/x86/mm/init.c +++ b/arch/x86/mm/init.c @@ -671,7 +671,7 @@ void __init init_mem_mapping(void) load_cr3(swapper_pg_dir); __flush_tlb_all(); - hypervisor_init_mem_mapping(); + x86_init.hyper.init_mem_mapping(); early_memtest(0, max_pfn_mapped << PAGE_SHIFT); } --- a/arch/x86/xen/enlighten_hvm.c +++ b/arch/x86/xen/enlighten_hvm.c @@ -229,9 +229,9 @@ static uint32_t __init xen_platform_hvm( const struct hypervisor_x86 x86_hyper_xen_hvm = { .name = "Xen HVM", .detect = xen_platform_hvm, - .init_platform = xen_hvm_guest_init, - .pin_vcpu = xen_pin_vcpu, - .x2apic_available = xen_x2apic_para_available, - .init_mem_mapping = xen_hvm_init_mem_mapping, + .init.init_platform = xen_hvm_guest_init, + .init.x2apic_available = xen_x2apic_para_available, + .init.init_mem_mapping = xen_hvm_init_mem_mapping, + .runtime.pin_vcpu = xen_pin_vcpu, }; EXPORT_SYMBOL(x86_hyper_xen_hvm); --- a/arch/x86/xen/enlighten_pv.c +++ b/arch/x86/xen/enlighten_pv.c @@ -1462,6 +1462,6 @@ static uint32_t __init xen_platform_pv(v const struct hypervisor_x86 x86_hyper_xen_pv = { .name = "Xen PV", .detect = xen_platform_pv, - .pin_vcpu = xen_pin_vcpu, + .runtime.pin_vcpu = xen_pin_vcpu, }; EXPORT_SYMBOL(x86_hyper_xen_pv); --- a/include/linux/hypervisor.h +++ b/include/linux/hypervisor.h @@ -7,8 +7,12 @@ * Juergen Gross <jgross(a)suse.com> */ -#ifdef CONFIG_HYPERVISOR_GUEST -#include <asm/hypervisor.h> +#ifdef CONFIG_X86 +#include <asm/x86_init.h> +static inline void hypervisor_pin_vcpu(int cpu) +{ + x86_platform.hyper.pin_vcpu(cpu); +} #else static inline void hypervisor_pin_vcpu(int cpu) { Patches currently in stable-queue which might be from jgross(a)suse.com are queue-4.14/x86-entry-64-move-the-ist-stacks-into-struct-cpu_entry_area.patch queue-4.14/x86-dumpstack-add-get_stack_info-support-for-the-sysenter-stack.patch queue-4.14/x86-virt-add-enum-for-hypervisors-to-replace-x86_hyper.patch queue-4.14/x86-xen-provide-pre-built-page-tables-only-for-config_xen_pv-y-and-config_xen_pvh-y.patch queue-4.14/x86-entry-remap-the-tss-into-the-cpu-entry-area.patch queue-4.14/x86-entry-64-paravirt-use-paravirt-safe-macro-to-access-eflags.patch queue-4.14/x86-mm-fixmap-generalize-the-gdt-fixmap-mechanism-introduce-struct-cpu_entry_area.patch queue-4.14/x86-xen-drop-5-level-paging-support-code-from-the-xen_pv-code.patch queue-4.14/x86-paravirt-dont-patch-flush_tlb_single.patch queue-4.14/x86-dumpstack-handle-stack-overflow-on-all-stacks.patch queue-4.14/x86-entry-64-return-to-userspace-from-the-trampoline-stack.patch queue-4.14/x86-paravirt-provide-a-way-to-check-for-hypervisors.patch queue-4.14/xen-x86-entry-64-add-xen-nmi-trap-entry.patch queue-4.14/x86-entry-64-create-a-per-cpu-syscall-entry-trampoline.patch queue-4.14/x86-xen-64-x86-entry-64-clean-up-sp-code-in-cpu_initialize_context.patch queue-4.14/x86-entry-64-de-xen-ify-our-nmi-code.patch queue-4.14/objtool-don-t-report-end-of-section-error-after-an-empty-unwind-hint.patch queue-4.14/x86-entry-64-use-a-per-cpu-trampoline-stack-for-idt-entries.patch queue-4.14/x86-cpufeatures-make-cpu-bugs-sticky.patch queue-4.14/x86-espfix-64-stop-assuming-that-pt_regs-is-on-the-entry-stack.patch queue-4.14/x86-xen-fix-xen-head-elf-annotations.patch queue-4.14/x86-entry-move-sysenter_stack-to-the-beginning-of-struct-tss_struct.patch queue-4.14/x86-entry-64-allocate-and-enable-the-sysenter-stack.patch queue-4.14/x86-unwinder-orc-dont-bail-on-stack-overflow.patch queue-4.14/x86-head-fix-head-elf-function-annotations.patch queue-4.14/x86-head-add-unwind-hint-annotations.patch queue-4.14/x86-head-remove-unused-bad_address-code.patch queue-4.14/x86-xen-add-unwind-hint-annotations.patch queue-4.14/x86-kasan-64-teach-kasan-about-the-cpu_entry_area.patch queue-4.14/x86-head-remove-confusing-comment.patch queue-4.14/x86-entry-64-remove-the-sysenter-stack-canary.patch queue-4.14/x86-entry-gdt-put-per-cpu-gdt-remaps-in-ascending-order.patch queue-4.14/x86-entry-fix-assumptions-that-the-hw-tss-is-at-the-beginning-of-cpu_tss.patch queue-4.14/x86-entry-64-make-cpu_entry_area.tss-read-only.patch queue-4.14/x86-virt-x86-platform-merge-struct-x86_hyper-into-struct-x86_platform-and-struct-x86_init.patch queue-4.14/x86-unwinder-handle-stack-overflows-more-gracefully.patch queue-4.14/x86-irq-64-print-the-offending-ip-in-the-stack-overflow-warning.patch queue-4.14/x86-entry-clean-up-the-sysenter_stack-code.patch queue-4.14/x86-entry-64-separate-cpu_current_top_of_stack-from-tss.sp0.patch queue-4.14/x86-boot-annotate-verify_cpu-as-a-callable-function.patch queue-4.14/x86-irq-remove-an-old-outdated-comment-about-context-tracking-races.patch

7 years, 8 months

1
0
0 0

[Linux-stable-mirror] Patch "x86/xen/64, x86/entry/64: Clean up SP code in cpu_initialize_context()" has been added to the 4.14-stable tree

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled x86/xen/64, x86/entry/64: Clean up SP code in cpu_initialize_context() to the 4.14-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… The filename of the patch is: x86-xen-64-x86-entry-64-clean-up-sp-code-in-cpu_initialize_context.patch and it can be found in the queue-4.14 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable(a)vger.kernel.org> know about it. >From f16b3da1dc936c0f8121741d0a1731bf242f2f56 Mon Sep 17 00:00:00 2001 From: Andy Lutomirski <luto(a)kernel.org> Date: Thu, 2 Nov 2017 00:59:12 -0700 Subject: x86/xen/64, x86/entry/64: Clean up SP code in cpu_initialize_context() From: Andy Lutomirski <luto(a)kernel.org> commit f16b3da1dc936c0f8121741d0a1731bf242f2f56 upstream. I'm removing thread_struct::sp0, and Xen's usage of it is slightly dubious and unnecessary. Use appropriate helpers instead. While we're at at, reorder the code slightly to make it more obvious what's going on. Signed-off-by: Andy Lutomirski <luto(a)kernel.org> Reviewed-by: Juergen Gross <jgross(a)suse.com> Cc: Boris Ostrovsky <boris.ostrovsky(a)oracle.com> Cc: Borislav Petkov <bpetkov(a)suse.de> Cc: Brian Gerst <brgerst(a)gmail.com> Cc: Dave Hansen <dave.hansen(a)intel.com> Cc: Juergen Gross <jgross(a)suse.com> Cc: Linus Torvalds <torvalds(a)linux-foundation.org> Cc: Peter Zijlstra <peterz(a)infradead.org> Cc: Thomas Gleixner <tglx(a)linutronix.de> Link: http://lkml.kernel.org/r/d5b9a3da2b47c68325bd2bbe8f82d9554dee0d0f.150960930… Signed-off-by: Ingo Molnar <mingo(a)kernel.org> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- arch/x86/xen/smp_pv.c | 17 ++++++++++++++--- 1 file changed, 14 insertions(+), 3 deletions(-) --- a/arch/x86/xen/smp_pv.c +++ b/arch/x86/xen/smp_pv.c @@ -14,6 +14,7 @@ * single-threaded. */ #include <linux/sched.h> +#include <linux/sched/task_stack.h> #include <linux/err.h> #include <linux/slab.h> #include <linux/smp.h> @@ -294,12 +295,19 @@ cpu_initialize_context(unsigned int cpu, #endif memset(&ctxt->fpu_ctxt, 0, sizeof(ctxt->fpu_ctxt)); + /* + * Bring up the CPU in cpu_bringup_and_idle() with the stack + * pointing just below where pt_regs would be if it were a normal + * kernel entry. + */ ctxt->user_regs.eip = (unsigned long)cpu_bringup_and_idle; ctxt->flags = VGCF_IN_KERNEL; ctxt->user_regs.eflags = 0x1000; /* IOPL_RING1 */ ctxt->user_regs.ds = __USER_DS; ctxt->user_regs.es = __USER_DS; ctxt->user_regs.ss = __KERNEL_DS; + ctxt->user_regs.cs = __KERNEL_CS; + ctxt->user_regs.esp = (unsigned long)task_pt_regs(idle); xen_copy_trap_info(ctxt->trap_ctxt); @@ -314,8 +322,13 @@ cpu_initialize_context(unsigned int cpu, ctxt->gdt_frames[0] = gdt_mfn; ctxt->gdt_ents = GDT_ENTRIES; + /* + * Set SS:SP that Xen will use when entering guest kernel mode + * from guest user mode. Subsequent calls to load_sp0() can + * change this value. + */ ctxt->kernel_ss = __KERNEL_DS; - ctxt->kernel_sp = idle->thread.sp0; + ctxt->kernel_sp = task_top_of_stack(idle); #ifdef CONFIG_X86_32 ctxt->event_callback_cs = __KERNEL_CS; @@ -327,10 +340,8 @@ cpu_initialize_context(unsigned int cpu, (unsigned long)xen_hypervisor_callback; ctxt->failsafe_callback_eip = (unsigned long)xen_failsafe_callback; - ctxt->user_regs.cs = __KERNEL_CS; per_cpu(xen_cr3, cpu) = __pa(swapper_pg_dir); - ctxt->user_regs.esp = idle->thread.sp0 - sizeof(struct pt_regs); ctxt->ctrlreg[3] = xen_pfn_to_cr3(virt_to_gfn(swapper_pg_dir)); if (HYPERVISOR_vcpu_op(VCPUOP_initialise, xen_vcpu_nr(cpu), ctxt)) BUG(); Patches currently in stable-queue which might be from luto(a)kernel.org are queue-4.14/x86-entry-64-simplify-reg-restore-code-in-the-standard-iret-paths.patch queue-4.14/x86-cpufeatures-fix-various-details-in-the-feature-definitions.patch queue-4.14/x86-entry-64-move-the-ist-stacks-into-struct-cpu_entry_area.patch queue-4.14/x86-dumpstack-add-get_stack_info-support-for-the-sysenter-stack.patch queue-4.14/x86-asm-don-t-use-the-confusing-.ifeq-directive.patch queue-4.14/selftests-x86-ldt_gdt-add-infrastructure-to-test-set_thread_area.patch queue-4.14/x86-entry-remap-the-tss-into-the-cpu-entry-area.patch queue-4.14/x86-entry-64-paravirt-use-paravirt-safe-macro-to-access-eflags.patch queue-4.14/x86-mm-fixmap-generalize-the-gdt-fixmap-mechanism-introduce-struct-cpu_entry_area.patch queue-4.14/x86-paravirt-dont-patch-flush_tlb_single.patch queue-4.14/x86-dumpstack-handle-stack-overflow-on-all-stacks.patch queue-4.14/x86-entry-64-use-pop-instead-of-movq-in-syscall_return_via_sysret.patch queue-4.14/x86-entry-64-return-to-userspace-from-the-trampoline-stack.patch queue-4.14/x86-paravirt-provide-a-way-to-check-for-hypervisors.patch queue-4.14/xen-x86-entry-64-add-xen-nmi-trap-entry.patch queue-4.14/x86-entry-64-remove-the-restore_c_regs_and_iret-label.patch queue-4.14/x86-entry-64-create-a-per-cpu-syscall-entry-trampoline.patch queue-4.14/x86-entry-64-remove-the-restore_..._regs-infrastructure.patch queue-4.14/x86-xen-64-x86-entry-64-clean-up-sp-code-in-cpu_initialize_context.patch queue-4.14/x86-entry-add-task_top_of_stack-to-find-the-top-of-a-task-s-stack.patch queue-4.14/x86-entry-64-remove-all-remaining-direct-thread_struct-sp0-reads.patch queue-4.14/x86-boot-relocate-definition-of-the-initial-state-of-cr0.patch queue-4.14/x86-entry-64-stop-initializing-tss.sp0-at-boot.patch queue-4.14/x86-entry-64-de-xen-ify-our-nmi-code.patch queue-4.14/objtool-don-t-report-end-of-section-error-after-an-empty-unwind-hint.patch queue-4.14/x86-entry-64-pass-sp0-directly-to-load_sp0.patch queue-4.14/x86-entry-64-use-a-per-cpu-trampoline-stack-for-idt-entries.patch queue-4.14/x86-entry-64-move-swapgs-into-the-common-iret-to-usermode-path.patch queue-4.14/x86-entry-64-shorten-test-instructions.patch queue-4.14/x86-cpufeature-add-user-mode-instruction-prevention-definitions.patch queue-4.14/x86-cpufeatures-make-cpu-bugs-sticky.patch queue-4.14/x86-espfix-64-stop-assuming-that-pt_regs-is-on-the-entry-stack.patch queue-4.14/x86-traps-use-a-new-on_thread_stack-helper-to-clean-up-an-assertion.patch queue-4.14/x86-xen-fix-xen-head-elf-annotations.patch queue-4.14/x86-entry-64-remove-thread_struct-sp0.patch queue-4.14/x86-entry-move-sysenter_stack-to-the-beginning-of-struct-tss_struct.patch queue-4.14/x86-entry-64-allocate-and-enable-the-sysenter-stack.patch queue-4.14/x86-unwinder-orc-dont-bail-on-stack-overflow.patch queue-4.14/x86-head-fix-head-elf-function-annotations.patch queue-4.14/selftests-x86-ldt_gdt-run-most-existing-ldt-test-cases-against-the-gdt-as-well.patch queue-4.14/x86-entry-32-pull-the-msr_ia32_sysenter_cs-update-code-out-of-native_load_sp0.patch queue-4.14/x86-entry-64-split-the-iret-to-user-and-iret-to-kernel-paths.patch queue-4.14/x86-entry-64-shrink-paranoid_exit_restore-and-make-labels-local.patch queue-4.14/x86-head-add-unwind-hint-annotations.patch queue-4.14/x86-head-remove-unused-bad_address-code.patch queue-4.14/x86-xen-add-unwind-hint-annotations.patch queue-4.14/x86-kasan-64-teach-kasan-about-the-cpu_entry_area.patch queue-4.14/x86-head-remove-confusing-comment.patch queue-4.14/x86-entry-64-remove-the-sysenter-stack-canary.patch queue-4.14/x86-mm-kasan-don-t-use-vmemmap_populate-to-initialize-shadow.patch queue-4.14/x86-entry-gdt-put-per-cpu-gdt-remaps-in-ascending-order.patch queue-4.14/x86-entry-fix-assumptions-that-the-hw-tss-is-at-the-beginning-of-cpu_tss.patch queue-4.14/x86-cpufeatures-re-tabulate-the-x86_feature-definitions.patch queue-4.14/x86-entry-32-fix-cpu_current_top_of_stack-initialization-at-boot.patch queue-4.14/ptrace-x86-make-user_64bit_mode-available-to-32-bit-builds.patch queue-4.14/x86-entry-64-make-cpu_entry_area.tss-read-only.patch queue-4.14/x86-mm-relocate-page-fault-error-codes-to-traps.h.patch queue-4.14/x86-unwinder-handle-stack-overflows-more-gracefully.patch queue-4.14/x86-entry-64-use-pop-instead-of-mov-to-restore-regs-on-nmi-return.patch queue-4.14/x86-irq-64-print-the-offending-ip-in-the-stack-overflow-warning.patch queue-4.14/x86-entry-clean-up-the-sysenter_stack-code.patch queue-4.14/x86-entry-64-merge-the-fast-and-slow-sysret-paths.patch queue-4.14/x86-entry-64-separate-cpu_current_top_of_stack-from-tss.sp0.patch queue-4.14/x86-boot-annotate-verify_cpu-as-a-callable-function.patch queue-4.14/x86-irq-remove-an-old-outdated-comment-about-context-tracking-races.patch

7 years, 8 months

1
0
0 0

[Linux-stable-mirror] Patch "x86/virt: Add enum for hypervisors to replace x86_hyper" has been added to the 4.14-stable tree

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled x86/virt: Add enum for hypervisors to replace x86_hyper to the 4.14-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… The filename of the patch is: x86-virt-add-enum-for-hypervisors-to-replace-x86_hyper.patch and it can be found in the queue-4.14 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable(a)vger.kernel.org> know about it. >From 03b2a320b19f1424e9ac9c21696be9c60b6d0d93 Mon Sep 17 00:00:00 2001 From: Juergen Gross <jgross(a)suse.com> Date: Thu, 9 Nov 2017 14:27:36 +0100 Subject: x86/virt: Add enum for hypervisors to replace x86_hyper From: Juergen Gross <jgross(a)suse.com> commit 03b2a320b19f1424e9ac9c21696be9c60b6d0d93 upstream. The x86_hyper pointer is only used for checking whether a virtual device is supporting the hypervisor the system is running on. Use an enum for that purpose instead and drop the x86_hyper pointer. Signed-off-by: Juergen Gross <jgross(a)suse.com> Acked-by: Thomas Gleixner <tglx(a)linutronix.de> Acked-by: Xavier Deguillard <xdeguillard(a)vmware.com> Cc: Linus Torvalds <torvalds(a)linux-foundation.org> Cc: Peter Zijlstra <peterz(a)infradead.org> Cc: akataria(a)vmware.com Cc: arnd(a)arndb.de Cc: boris.ostrovsky(a)oracle.com Cc: devel(a)linuxdriverproject.org Cc: dmitry.torokhov(a)gmail.com Cc: gregkh(a)linuxfoundation.org Cc: haiyangz(a)microsoft.com Cc: kvm(a)vger.kernel.org Cc: kys(a)microsoft.com Cc: linux-graphics-maintainer(a)vmware.com Cc: linux-input(a)vger.kernel.org Cc: moltmann(a)vmware.com Cc: pbonzini(a)redhat.com Cc: pv-drivers(a)vmware.com Cc: rkrcmar(a)redhat.com Cc: sthemmin(a)microsoft.com Cc: virtualization(a)lists.linux-foundation.org Cc: xen-devel(a)lists.xenproject.org Link: http://lkml.kernel.org/r/20171109132739.23465-3-jgross@suse.com Signed-off-by: Ingo Molnar <mingo(a)kernel.org> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- arch/x86/hyperv/hv_init.c | 2 +- arch/x86/include/asm/hypervisor.h | 23 ++++++++++++++--------- arch/x86/kernel/cpu/hypervisor.c | 12 +++++++++--- arch/x86/kernel/cpu/mshyperv.c | 4 ++-- arch/x86/kernel/cpu/vmware.c | 4 ++-- arch/x86/kernel/kvm.c | 4 ++-- arch/x86/xen/enlighten_hvm.c | 4 ++-- arch/x86/xen/enlighten_pv.c | 4 ++-- drivers/hv/vmbus_drv.c | 2 +- drivers/input/mouse/vmmouse.c | 10 ++++------ drivers/misc/vmw_balloon.c | 2 +- 11 files changed, 40 insertions(+), 31 deletions(-) --- a/arch/x86/hyperv/hv_init.c +++ b/arch/x86/hyperv/hv_init.c @@ -113,7 +113,7 @@ void hyperv_init(void) u64 guest_id; union hv_x64_msr_hypercall_contents hypercall_msr; - if (x86_hyper != &x86_hyper_ms_hyperv) + if (x86_hyper_type != X86_HYPER_MS_HYPERV) return; /* Allocate percpu VP index */ --- a/arch/x86/include/asm/hypervisor.h +++ b/arch/x86/include/asm/hypervisor.h @@ -29,6 +29,16 @@ /* * x86 hypervisor information */ + +enum x86_hypervisor_type { + X86_HYPER_NATIVE = 0, + X86_HYPER_VMWARE, + X86_HYPER_MS_HYPERV, + X86_HYPER_XEN_PV, + X86_HYPER_XEN_HVM, + X86_HYPER_KVM, +}; + struct hypervisor_x86 { /* Hypervisor name */ const char *name; @@ -36,6 +46,9 @@ struct hypervisor_x86 { /* Detection routine */ uint32_t (*detect)(void); + /* Hypervisor type */ + enum x86_hypervisor_type type; + /* init time callbacks */ struct x86_hyper_init init; @@ -43,15 +56,7 @@ struct hypervisor_x86 { struct x86_hyper_runtime runtime; }; -extern const struct hypervisor_x86 *x86_hyper; - -/* Recognized hypervisors */ -extern const struct hypervisor_x86 x86_hyper_vmware; -extern const struct hypervisor_x86 x86_hyper_ms_hyperv; -extern const struct hypervisor_x86 x86_hyper_xen_pv; -extern const struct hypervisor_x86 x86_hyper_xen_hvm; -extern const struct hypervisor_x86 x86_hyper_kvm; - +extern enum x86_hypervisor_type x86_hyper_type; extern void init_hypervisor_platform(void); #else static inline void init_hypervisor_platform(void) { } --- a/arch/x86/kernel/cpu/hypervisor.c +++ b/arch/x86/kernel/cpu/hypervisor.c @@ -26,6 +26,12 @@ #include <asm/processor.h> #include <asm/hypervisor.h> +extern const struct hypervisor_x86 x86_hyper_vmware; +extern const struct hypervisor_x86 x86_hyper_ms_hyperv; +extern const struct hypervisor_x86 x86_hyper_xen_pv; +extern const struct hypervisor_x86 x86_hyper_xen_hvm; +extern const struct hypervisor_x86 x86_hyper_kvm; + static const __initconst struct hypervisor_x86 * const hypervisors[] = { #ifdef CONFIG_XEN_PV @@ -41,8 +47,8 @@ static const __initconst struct hypervis #endif }; -const struct hypervisor_x86 *x86_hyper; -EXPORT_SYMBOL(x86_hyper); +enum x86_hypervisor_type x86_hyper_type; +EXPORT_SYMBOL(x86_hyper_type); static inline const struct hypervisor_x86 * __init detect_hypervisor_vendor(void) @@ -87,6 +93,6 @@ void __init init_hypervisor_platform(voi copy_array(&h->init, &x86_init.hyper, sizeof(h->init)); copy_array(&h->runtime, &x86_platform.hyper, sizeof(h->runtime)); - x86_hyper = h; + x86_hyper_type = h->type; x86_init.hyper.init_platform(); } --- a/arch/x86/kernel/cpu/mshyperv.c +++ b/arch/x86/kernel/cpu/mshyperv.c @@ -254,9 +254,9 @@ static void __init ms_hyperv_init_platfo #endif } -const __refconst struct hypervisor_x86 x86_hyper_ms_hyperv = { +const __initconst struct hypervisor_x86 x86_hyper_ms_hyperv = { .name = "Microsoft Hyper-V", .detect = ms_hyperv_platform, + .type = X86_HYPER_MS_HYPERV, .init.init_platform = ms_hyperv_init_platform, }; -EXPORT_SYMBOL(x86_hyper_ms_hyperv); --- a/arch/x86/kernel/cpu/vmware.c +++ b/arch/x86/kernel/cpu/vmware.c @@ -205,10 +205,10 @@ static bool __init vmware_legacy_x2apic_ (eax & (1 << VMWARE_PORT_CMD_LEGACY_X2APIC)) != 0; } -const __refconst struct hypervisor_x86 x86_hyper_vmware = { +const __initconst struct hypervisor_x86 x86_hyper_vmware = { .name = "VMware", .detect = vmware_platform, + .type = X86_HYPER_VMWARE, .init.init_platform = vmware_platform_setup, .init.x2apic_available = vmware_legacy_x2apic_available, }; -EXPORT_SYMBOL(x86_hyper_vmware); --- a/arch/x86/kernel/kvm.c +++ b/arch/x86/kernel/kvm.c @@ -544,12 +544,12 @@ static uint32_t __init kvm_detect(void) return kvm_cpuid_base(); } -const struct hypervisor_x86 x86_hyper_kvm __refconst = { +const __initconst struct hypervisor_x86 x86_hyper_kvm = { .name = "KVM", .detect = kvm_detect, + .type = X86_HYPER_KVM, .init.x2apic_available = kvm_para_available, }; -EXPORT_SYMBOL_GPL(x86_hyper_kvm); static __init int activate_jump_labels(void) { --- a/arch/x86/xen/enlighten_hvm.c +++ b/arch/x86/xen/enlighten_hvm.c @@ -226,12 +226,12 @@ static uint32_t __init xen_platform_hvm( return xen_cpuid_base(); } -const struct hypervisor_x86 x86_hyper_xen_hvm = { +const __initconst struct hypervisor_x86 x86_hyper_xen_hvm = { .name = "Xen HVM", .detect = xen_platform_hvm, + .type = X86_HYPER_XEN_HVM, .init.init_platform = xen_hvm_guest_init, .init.x2apic_available = xen_x2apic_para_available, .init.init_mem_mapping = xen_hvm_init_mem_mapping, .runtime.pin_vcpu = xen_pin_vcpu, }; -EXPORT_SYMBOL(x86_hyper_xen_hvm); --- a/arch/x86/xen/enlighten_pv.c +++ b/arch/x86/xen/enlighten_pv.c @@ -1459,9 +1459,9 @@ static uint32_t __init xen_platform_pv(v return 0; } -const struct hypervisor_x86 x86_hyper_xen_pv = { +const __initconst struct hypervisor_x86 x86_hyper_xen_pv = { .name = "Xen PV", .detect = xen_platform_pv, + .type = X86_HYPER_XEN_PV, .runtime.pin_vcpu = xen_pin_vcpu, }; -EXPORT_SYMBOL(x86_hyper_xen_pv); --- a/drivers/hv/vmbus_drv.c +++ b/drivers/hv/vmbus_drv.c @@ -1534,7 +1534,7 @@ static int __init hv_acpi_init(void) { int ret, t; - if (x86_hyper != &x86_hyper_ms_hyperv) + if (x86_hyper_type != X86_HYPER_MS_HYPERV) return -ENODEV; init_completion(&probe_event); --- a/drivers/input/mouse/vmmouse.c +++ b/drivers/input/mouse/vmmouse.c @@ -316,11 +316,9 @@ static int vmmouse_enable(struct psmouse /* * Array of supported hypervisors. */ -static const struct hypervisor_x86 *vmmouse_supported_hypervisors[] = { - &x86_hyper_vmware, -#ifdef CONFIG_KVM_GUEST - &x86_hyper_kvm, -#endif +static enum x86_hypervisor_type vmmouse_supported_hypervisors[] = { + X86_HYPER_VMWARE, + X86_HYPER_KVM, }; /** @@ -331,7 +329,7 @@ static bool vmmouse_check_hypervisor(voi int i; for (i = 0; i < ARRAY_SIZE(vmmouse_supported_hypervisors); i++) - if (vmmouse_supported_hypervisors[i] == x86_hyper) + if (vmmouse_supported_hypervisors[i] == x86_hyper_type) return true; return false; --- a/drivers/misc/vmw_balloon.c +++ b/drivers/misc/vmw_balloon.c @@ -1271,7 +1271,7 @@ static int __init vmballoon_init(void) * Check if we are running on VMware's hypervisor and bail out * if we are not. */ - if (x86_hyper != &x86_hyper_vmware) + if (x86_hyper_type != X86_HYPER_VMWARE) return -ENODEV; for (is_2m_pages = 0; is_2m_pages < VMW_BALLOON_NUM_PAGE_SIZES; Patches currently in stable-queue which might be from jgross(a)suse.com are queue-4.14/x86-entry-64-move-the-ist-stacks-into-struct-cpu_entry_area.patch queue-4.14/x86-dumpstack-add-get_stack_info-support-for-the-sysenter-stack.patch queue-4.14/x86-virt-add-enum-for-hypervisors-to-replace-x86_hyper.patch queue-4.14/x86-xen-provide-pre-built-page-tables-only-for-config_xen_pv-y-and-config_xen_pvh-y.patch queue-4.14/x86-entry-remap-the-tss-into-the-cpu-entry-area.patch queue-4.14/x86-entry-64-paravirt-use-paravirt-safe-macro-to-access-eflags.patch queue-4.14/x86-mm-fixmap-generalize-the-gdt-fixmap-mechanism-introduce-struct-cpu_entry_area.patch queue-4.14/x86-xen-drop-5-level-paging-support-code-from-the-xen_pv-code.patch queue-4.14/x86-paravirt-dont-patch-flush_tlb_single.patch queue-4.14/x86-dumpstack-handle-stack-overflow-on-all-stacks.patch queue-4.14/x86-entry-64-return-to-userspace-from-the-trampoline-stack.patch queue-4.14/x86-paravirt-provide-a-way-to-check-for-hypervisors.patch queue-4.14/xen-x86-entry-64-add-xen-nmi-trap-entry.patch queue-4.14/x86-entry-64-create-a-per-cpu-syscall-entry-trampoline.patch queue-4.14/x86-xen-64-x86-entry-64-clean-up-sp-code-in-cpu_initialize_context.patch queue-4.14/x86-entry-64-de-xen-ify-our-nmi-code.patch queue-4.14/objtool-don-t-report-end-of-section-error-after-an-empty-unwind-hint.patch queue-4.14/x86-entry-64-use-a-per-cpu-trampoline-stack-for-idt-entries.patch queue-4.14/x86-cpufeatures-make-cpu-bugs-sticky.patch queue-4.14/x86-espfix-64-stop-assuming-that-pt_regs-is-on-the-entry-stack.patch queue-4.14/x86-xen-fix-xen-head-elf-annotations.patch queue-4.14/x86-entry-move-sysenter_stack-to-the-beginning-of-struct-tss_struct.patch queue-4.14/x86-entry-64-allocate-and-enable-the-sysenter-stack.patch queue-4.14/x86-unwinder-orc-dont-bail-on-stack-overflow.patch queue-4.14/x86-head-fix-head-elf-function-annotations.patch queue-4.14/x86-head-add-unwind-hint-annotations.patch queue-4.14/x86-head-remove-unused-bad_address-code.patch queue-4.14/x86-xen-add-unwind-hint-annotations.patch queue-4.14/x86-kasan-64-teach-kasan-about-the-cpu_entry_area.patch queue-4.14/x86-head-remove-confusing-comment.patch queue-4.14/x86-entry-64-remove-the-sysenter-stack-canary.patch queue-4.14/x86-entry-gdt-put-per-cpu-gdt-remaps-in-ascending-order.patch queue-4.14/x86-entry-fix-assumptions-that-the-hw-tss-is-at-the-beginning-of-cpu_tss.patch queue-4.14/x86-entry-64-make-cpu_entry_area.tss-read-only.patch queue-4.14/x86-virt-x86-platform-merge-struct-x86_hyper-into-struct-x86_platform-and-struct-x86_init.patch queue-4.14/x86-unwinder-handle-stack-overflows-more-gracefully.patch queue-4.14/x86-irq-64-print-the-offending-ip-in-the-stack-overflow-warning.patch queue-4.14/x86-entry-clean-up-the-sysenter_stack-code.patch queue-4.14/x86-entry-64-separate-cpu_current_top_of_stack-from-tss.sp0.patch queue-4.14/x86-boot-annotate-verify_cpu-as-a-callable-function.patch queue-4.14/x86-irq-remove-an-old-outdated-comment-about-context-tracking-races.patch

7 years, 8 months

1
0
0 0

[Linux-stable-mirror] Patch "x86/unwinder/orc: Dont bail on stack overflow" has been added to the 4.14-stable tree

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled x86/unwinder/orc: Dont bail on stack overflow to the 4.14-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… The filename of the patch is: x86-unwinder-orc-dont-bail-on-stack-overflow.patch and it can be found in the queue-4.14 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable(a)vger.kernel.org> know about it. >From d3a09104018cf2ad5973dfa8a9c138ef9f5015a3 Mon Sep 17 00:00:00 2001 From: Andy Lutomirski <luto(a)kernel.org> Date: Mon, 4 Dec 2017 15:07:08 +0100 Subject: x86/unwinder/orc: Dont bail on stack overflow From: Andy Lutomirski <luto(a)kernel.org> commit d3a09104018cf2ad5973dfa8a9c138ef9f5015a3 upstream. If the stack overflows into a guard page and the ORC unwinder should work well: by construction, there can't be any meaningful data in the guard page because no writes to the guard page will have succeeded. But there is a bug that prevents unwinding from working correctly: if the starting register state has RSP pointing into a stack guard page, the ORC unwinder bails out immediately. Instead of bailing out immediately check whether the next page up is a valid check page and if so analyze that. As a result the ORC unwinder will start the unwind. Tested by intentionally overflowing the task stack. The result is an accurate call trace instead of a trace consisting purely of '?' entries. There are a few other bugs that are triggered if the unwinder encounters a stack overflow after the first step, but they are outside the scope of this fix. Signed-off-by: Andy Lutomirski <luto(a)kernel.org> Signed-off-by: Thomas Gleixner <tglx(a)linutronix.de> Cc: Boris Ostrovsky <boris.ostrovsky(a)oracle.com> Cc: Borislav Petkov <bp(a)alien8.de> Cc: Borislav Petkov <bpetkov(a)suse.de> Cc: Brian Gerst <brgerst(a)gmail.com> Cc: Dave Hansen <dave.hansen(a)intel.com> Cc: Dave Hansen <dave.hansen(a)linux.intel.com> Cc: David Laight <David.Laight(a)aculab.com> Cc: Denys Vlasenko <dvlasenk(a)redhat.com> Cc: Eduardo Valentin <eduval(a)amazon.com> Cc: Greg KH <gregkh(a)linuxfoundation.org> Cc: H. Peter Anvin <hpa(a)zytor.com> Cc: Josh Poimboeuf <jpoimboe(a)redhat.com> Cc: Juergen Gross <jgross(a)suse.com> Cc: Linus Torvalds <torvalds(a)linux-foundation.org> Cc: Peter Zijlstra <peterz(a)infradead.org> Cc: Rik van Riel <riel(a)redhat.com> Cc: Will Deacon <will.deacon(a)arm.com> Cc: aliguori(a)amazon.com Cc: daniel.gruss(a)iaik.tugraz.at Cc: hughd(a)google.com Cc: keescook(a)google.com Link: https://lkml.kernel.org/r/20171204150604.991389777@linutronix.de Signed-off-by: Ingo Molnar <mingo(a)kernel.org> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- arch/x86/kernel/unwind_orc.c | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) --- a/arch/x86/kernel/unwind_orc.c +++ b/arch/x86/kernel/unwind_orc.c @@ -553,8 +553,18 @@ void __unwind_start(struct unwind_state } if (get_stack_info((unsigned long *)state->sp, state->task, - &state->stack_info, &state->stack_mask)) - return; + &state->stack_info, &state->stack_mask)) { + /* + * We weren't on a valid stack. It's possible that + * we overflowed a valid stack into a guard page. + * See if the next page up is valid so that we can + * generate some kind of backtrace if this happens. + */ + void *next_page = (void *)PAGE_ALIGN((unsigned long)state->sp); + if (get_stack_info(next_page, state->task, &state->stack_info, + &state->stack_mask)) + return; + } /* * The caller can provide the address of the first frame directly Patches currently in stable-queue which might be from luto(a)kernel.org are queue-4.14/x86-entry-64-simplify-reg-restore-code-in-the-standard-iret-paths.patch queue-4.14/x86-cpufeatures-fix-various-details-in-the-feature-definitions.patch queue-4.14/x86-entry-64-move-the-ist-stacks-into-struct-cpu_entry_area.patch queue-4.14/x86-dumpstack-add-get_stack_info-support-for-the-sysenter-stack.patch queue-4.14/x86-asm-don-t-use-the-confusing-.ifeq-directive.patch queue-4.14/selftests-x86-ldt_gdt-add-infrastructure-to-test-set_thread_area.patch queue-4.14/x86-entry-remap-the-tss-into-the-cpu-entry-area.patch queue-4.14/x86-entry-64-paravirt-use-paravirt-safe-macro-to-access-eflags.patch queue-4.14/x86-mm-fixmap-generalize-the-gdt-fixmap-mechanism-introduce-struct-cpu_entry_area.patch queue-4.14/x86-paravirt-dont-patch-flush_tlb_single.patch queue-4.14/x86-dumpstack-handle-stack-overflow-on-all-stacks.patch queue-4.14/x86-entry-64-use-pop-instead-of-movq-in-syscall_return_via_sysret.patch queue-4.14/x86-entry-64-return-to-userspace-from-the-trampoline-stack.patch queue-4.14/x86-paravirt-provide-a-way-to-check-for-hypervisors.patch queue-4.14/xen-x86-entry-64-add-xen-nmi-trap-entry.patch queue-4.14/x86-entry-64-remove-the-restore_c_regs_and_iret-label.patch queue-4.14/x86-entry-64-create-a-per-cpu-syscall-entry-trampoline.patch queue-4.14/x86-entry-64-remove-the-restore_..._regs-infrastructure.patch queue-4.14/x86-xen-64-x86-entry-64-clean-up-sp-code-in-cpu_initialize_context.patch queue-4.14/x86-entry-add-task_top_of_stack-to-find-the-top-of-a-task-s-stack.patch queue-4.14/x86-entry-64-remove-all-remaining-direct-thread_struct-sp0-reads.patch queue-4.14/x86-boot-relocate-definition-of-the-initial-state-of-cr0.patch queue-4.14/x86-entry-64-stop-initializing-tss.sp0-at-boot.patch queue-4.14/x86-entry-64-de-xen-ify-our-nmi-code.patch queue-4.14/objtool-don-t-report-end-of-section-error-after-an-empty-unwind-hint.patch queue-4.14/x86-entry-64-pass-sp0-directly-to-load_sp0.patch queue-4.14/x86-entry-64-use-a-per-cpu-trampoline-stack-for-idt-entries.patch queue-4.14/x86-entry-64-move-swapgs-into-the-common-iret-to-usermode-path.patch queue-4.14/x86-entry-64-shorten-test-instructions.patch queue-4.14/x86-cpufeature-add-user-mode-instruction-prevention-definitions.patch queue-4.14/x86-cpufeatures-make-cpu-bugs-sticky.patch queue-4.14/x86-espfix-64-stop-assuming-that-pt_regs-is-on-the-entry-stack.patch queue-4.14/x86-traps-use-a-new-on_thread_stack-helper-to-clean-up-an-assertion.patch queue-4.14/x86-xen-fix-xen-head-elf-annotations.patch queue-4.14/x86-entry-64-remove-thread_struct-sp0.patch queue-4.14/x86-entry-move-sysenter_stack-to-the-beginning-of-struct-tss_struct.patch queue-4.14/x86-entry-64-allocate-and-enable-the-sysenter-stack.patch queue-4.14/x86-unwinder-orc-dont-bail-on-stack-overflow.patch queue-4.14/x86-head-fix-head-elf-function-annotations.patch queue-4.14/selftests-x86-ldt_gdt-run-most-existing-ldt-test-cases-against-the-gdt-as-well.patch queue-4.14/x86-entry-32-pull-the-msr_ia32_sysenter_cs-update-code-out-of-native_load_sp0.patch queue-4.14/x86-entry-64-split-the-iret-to-user-and-iret-to-kernel-paths.patch queue-4.14/x86-entry-64-shrink-paranoid_exit_restore-and-make-labels-local.patch queue-4.14/x86-head-add-unwind-hint-annotations.patch queue-4.14/x86-head-remove-unused-bad_address-code.patch queue-4.14/x86-xen-add-unwind-hint-annotations.patch queue-4.14/x86-kasan-64-teach-kasan-about-the-cpu_entry_area.patch queue-4.14/x86-head-remove-confusing-comment.patch queue-4.14/x86-entry-64-remove-the-sysenter-stack-canary.patch queue-4.14/x86-mm-kasan-don-t-use-vmemmap_populate-to-initialize-shadow.patch queue-4.14/x86-entry-gdt-put-per-cpu-gdt-remaps-in-ascending-order.patch queue-4.14/x86-entry-fix-assumptions-that-the-hw-tss-is-at-the-beginning-of-cpu_tss.patch queue-4.14/x86-cpufeatures-re-tabulate-the-x86_feature-definitions.patch queue-4.14/x86-entry-32-fix-cpu_current_top_of_stack-initialization-at-boot.patch queue-4.14/ptrace-x86-make-user_64bit_mode-available-to-32-bit-builds.patch queue-4.14/x86-entry-64-make-cpu_entry_area.tss-read-only.patch queue-4.14/x86-mm-relocate-page-fault-error-codes-to-traps.h.patch queue-4.14/x86-unwinder-handle-stack-overflows-more-gracefully.patch queue-4.14/x86-entry-64-use-pop-instead-of-mov-to-restore-regs-on-nmi-return.patch queue-4.14/x86-irq-64-print-the-offending-ip-in-the-stack-overflow-warning.patch queue-4.14/x86-entry-clean-up-the-sysenter_stack-code.patch queue-4.14/x86-entry-64-merge-the-fast-and-slow-sysret-paths.patch queue-4.14/x86-entry-64-separate-cpu_current_top_of_stack-from-tss.sp0.patch queue-4.14/x86-boot-annotate-verify_cpu-as-a-callable-function.patch queue-4.14/x86-irq-remove-an-old-outdated-comment-about-context-tracking-races.patch

7 years, 8 months

1
0
0 0

[Linux-stable-mirror] Patch "x86/unwinder: Handle stack overflows more gracefully" has been added to the 4.14-stable tree

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled x86/unwinder: Handle stack overflows more gracefully to the 4.14-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… The filename of the patch is: x86-unwinder-handle-stack-overflows-more-gracefully.patch and it can be found in the queue-4.14 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable(a)vger.kernel.org> know about it. >From b02fcf9ba1211097754b286043cd87a8b4907e75 Mon Sep 17 00:00:00 2001 From: Josh Poimboeuf <jpoimboe(a)redhat.com> Date: Mon, 4 Dec 2017 15:07:09 +0100 Subject: x86/unwinder: Handle stack overflows more gracefully From: Josh Poimboeuf <jpoimboe(a)redhat.com> commit b02fcf9ba1211097754b286043cd87a8b4907e75 upstream. There are at least two unwinder bugs hindering the debugging of stack-overflow crashes: - It doesn't deal gracefully with the case where the stack overflows and the stack pointer itself isn't on a valid stack but the to-be-dereferenced data *is*. - The ORC oops dump code doesn't know how to print partial pt_regs, for the case where if we get an interrupt/exception in *early* entry code before the full pt_regs have been saved. Fix both issues. http://lkml.kernel.org/r/20171126024031.uxi4numpbjm5rlbr@treble Signed-off-by: Josh Poimboeuf <jpoimboe(a)redhat.com> Signed-off-by: Thomas Gleixner <tglx(a)linutronix.de> Reviewed-by: Borislav Petkov <bpetkov(a)suse.de> Cc: Andy Lutomirski <luto(a)kernel.org> Cc: Boris Ostrovsky <boris.ostrovsky(a)oracle.com> Cc: Borislav Petkov <bp(a)alien8.de> Cc: Brian Gerst <brgerst(a)gmail.com> Cc: Dave Hansen <dave.hansen(a)intel.com> Cc: Dave Hansen <dave.hansen(a)linux.intel.com> Cc: David Laight <David.Laight(a)aculab.com> Cc: Denys Vlasenko <dvlasenk(a)redhat.com> Cc: Eduardo Valentin <eduval(a)amazon.com> Cc: Greg KH <gregkh(a)linuxfoundation.org> Cc: H. Peter Anvin <hpa(a)zytor.com> Cc: Juergen Gross <jgross(a)suse.com> Cc: Linus Torvalds <torvalds(a)linux-foundation.org> Cc: Peter Zijlstra <peterz(a)infradead.org> Cc: Rik van Riel <riel(a)redhat.com> Cc: Will Deacon <will.deacon(a)arm.com> Cc: aliguori(a)amazon.com Cc: daniel.gruss(a)iaik.tugraz.at Cc: hughd(a)google.com Cc: keescook(a)google.com Link: https://lkml.kernel.org/r/20171204150605.071425003@linutronix.de Signed-off-by: Ingo Molnar <mingo(a)kernel.org> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- arch/x86/include/asm/kdebug.h | 1 arch/x86/include/asm/unwind.h | 7 +++ arch/x86/kernel/dumpstack.c | 32 ++++++++++++++--- arch/x86/kernel/process_64.c | 11 ++---- arch/x86/kernel/unwind_orc.c | 76 ++++++++++++++---------------------------- 5 files changed, 66 insertions(+), 61 deletions(-) --- a/arch/x86/include/asm/kdebug.h +++ b/arch/x86/include/asm/kdebug.h @@ -26,6 +26,7 @@ extern void die(const char *, struct pt_ extern int __must_check __die(const char *, struct pt_regs *, long); extern void show_stack_regs(struct pt_regs *regs); extern void __show_regs(struct pt_regs *regs, int all); +extern void show_iret_regs(struct pt_regs *regs); extern unsigned long oops_begin(void); extern void oops_end(unsigned long, struct pt_regs *, int signr); --- a/arch/x86/include/asm/unwind.h +++ b/arch/x86/include/asm/unwind.h @@ -7,6 +7,9 @@ #include <asm/ptrace.h> #include <asm/stacktrace.h> +#define IRET_FRAME_OFFSET (offsetof(struct pt_regs, ip)) +#define IRET_FRAME_SIZE (sizeof(struct pt_regs) - IRET_FRAME_OFFSET) + struct unwind_state { struct stack_info stack_info; unsigned long stack_mask; @@ -52,6 +55,10 @@ void unwind_start(struct unwind_state *s } #if defined(CONFIG_UNWINDER_ORC) || defined(CONFIG_UNWINDER_FRAME_POINTER) +/* + * WARNING: The entire pt_regs may not be safe to dereference. In some cases, + * only the iret frame registers are accessible. Use with caution! + */ static inline struct pt_regs *unwind_get_entry_regs(struct unwind_state *state) { if (unwind_done(state)) --- a/arch/x86/kernel/dumpstack.c +++ b/arch/x86/kernel/dumpstack.c @@ -50,6 +50,28 @@ static void printk_stack_address(unsigne printk("%s %s%pB\n", log_lvl, reliable ? "" : "? ", (void *)address); } +void show_iret_regs(struct pt_regs *regs) +{ + printk(KERN_DEFAULT "RIP: %04x:%pS\n", (int)regs->cs, (void *)regs->ip); + printk(KERN_DEFAULT "RSP: %04x:%016lx EFLAGS: %08lx", (int)regs->ss, + regs->sp, regs->flags); +} + +static void show_regs_safe(struct stack_info *info, struct pt_regs *regs) +{ + if (on_stack(info, regs, sizeof(*regs))) + __show_regs(regs, 0); + else if (on_stack(info, (void *)regs + IRET_FRAME_OFFSET, + IRET_FRAME_SIZE)) { + /* + * When an interrupt or exception occurs in entry code, the + * full pt_regs might not have been saved yet. In that case + * just print the iret frame. + */ + show_iret_regs(regs); + } +} + void show_trace_log_lvl(struct task_struct *task, struct pt_regs *regs, unsigned long *stack, char *log_lvl) { @@ -94,8 +116,8 @@ void show_trace_log_lvl(struct task_stru if (stack_name) printk("%s <%s>\n", log_lvl, stack_name); - if (regs && on_stack(&stack_info, regs, sizeof(*regs))) - __show_regs(regs, 0); + if (regs) + show_regs_safe(&stack_info, regs); /* * Scan the stack, printing any text addresses we find. At the @@ -119,7 +141,7 @@ void show_trace_log_lvl(struct task_stru /* * Don't print regs->ip again if it was already printed - * by __show_regs() below. + * by show_regs_safe() below. */ if (regs && stack == &regs->ip) goto next; @@ -155,8 +177,8 @@ next: /* if the frame has entry regs, print them */ regs = unwind_get_entry_regs(&state); - if (regs && on_stack(&stack_info, regs, sizeof(*regs))) - __show_regs(regs, 0); + if (regs) + show_regs_safe(&stack_info, regs); } if (stack_name) --- a/arch/x86/kernel/process_64.c +++ b/arch/x86/kernel/process_64.c @@ -69,9 +69,8 @@ void __show_regs(struct pt_regs *regs, i unsigned int fsindex, gsindex; unsigned int ds, cs, es; - printk(KERN_DEFAULT "RIP: %04lx:%pS\n", regs->cs, (void *)regs->ip); - printk(KERN_DEFAULT "RSP: %04lx:%016lx EFLAGS: %08lx", regs->ss, - regs->sp, regs->flags); + show_iret_regs(regs); + if (regs->orig_ax != -1) pr_cont(" ORIG_RAX: %016lx\n", regs->orig_ax); else @@ -88,6 +87,9 @@ void __show_regs(struct pt_regs *regs, i printk(KERN_DEFAULT "R13: %016lx R14: %016lx R15: %016lx\n", regs->r13, regs->r14, regs->r15); + if (!all) + return; + asm("movl %%ds,%0" : "=r" (ds)); asm("movl %%cs,%0" : "=r" (cs)); asm("movl %%es,%0" : "=r" (es)); @@ -98,9 +100,6 @@ void __show_regs(struct pt_regs *regs, i rdmsrl(MSR_GS_BASE, gs); rdmsrl(MSR_KERNEL_GS_BASE, shadowgs); - if (!all) - return; - cr0 = read_cr0(); cr2 = read_cr2(); cr3 = __read_cr3(); --- a/arch/x86/kernel/unwind_orc.c +++ b/arch/x86/kernel/unwind_orc.c @@ -253,22 +253,15 @@ unsigned long *unwind_get_return_address return NULL; } -static bool stack_access_ok(struct unwind_state *state, unsigned long addr, +static bool stack_access_ok(struct unwind_state *state, unsigned long _addr, size_t len) { struct stack_info *info = &state->stack_info; + void *addr = (void *)_addr; - /* - * If the address isn't on the current stack, switch to the next one. - * - * We may have to traverse multiple stacks to deal with the possibility - * that info->next_sp could point to an empty stack and the address - * could be on a subsequent stack. - */ - while (!on_stack(info, (void *)addr, len)) - if (get_stack_info(info->next_sp, state->task, info, - &state->stack_mask)) - return false; + if (!on_stack(info, addr, len) && + (get_stack_info(addr, state->task, info, &state->stack_mask))) + return false; return true; } @@ -283,42 +276,32 @@ static bool deref_stack_reg(struct unwin return true; } -#define REGS_SIZE (sizeof(struct pt_regs)) -#define SP_OFFSET (offsetof(struct pt_regs, sp)) -#define IRET_REGS_SIZE (REGS_SIZE - offsetof(struct pt_regs, ip)) -#define IRET_SP_OFFSET (SP_OFFSET - offsetof(struct pt_regs, ip)) - static bool deref_stack_regs(struct unwind_state *state, unsigned long addr, - unsigned long *ip, unsigned long *sp, bool full) + unsigned long *ip, unsigned long *sp) { - size_t regs_size = full ? REGS_SIZE : IRET_REGS_SIZE; - size_t sp_offset = full ? SP_OFFSET : IRET_SP_OFFSET; - struct pt_regs *regs = (struct pt_regs *)(addr + regs_size - REGS_SIZE); - - if (IS_ENABLED(CONFIG_X86_64)) { - if (!stack_access_ok(state, addr, regs_size)) - return false; - - *ip = regs->ip; - *sp = regs->sp; + struct pt_regs *regs = (struct pt_regs *)addr; - return true; - } + /* x86-32 support will be more complicated due to the &regs->sp hack */ + BUILD_BUG_ON(IS_ENABLED(CONFIG_X86_32)); - if (!stack_access_ok(state, addr, sp_offset)) + if (!stack_access_ok(state, addr, sizeof(struct pt_regs))) return false; *ip = regs->ip; + *sp = regs->sp; + return true; +} - if (user_mode(regs)) { - if (!stack_access_ok(state, addr + sp_offset, - REGS_SIZE - SP_OFFSET)) - return false; - - *sp = regs->sp; - } else - *sp = (unsigned long)&regs->sp; +static bool deref_stack_iret_regs(struct unwind_state *state, unsigned long addr, + unsigned long *ip, unsigned long *sp) +{ + struct pt_regs *regs = (void *)addr - IRET_FRAME_OFFSET; + if (!stack_access_ok(state, addr, IRET_FRAME_SIZE)) + return false; + + *ip = regs->ip; + *sp = regs->sp; return true; } @@ -327,7 +310,6 @@ bool unwind_next_frame(struct unwind_sta unsigned long ip_p, sp, orig_ip, prev_sp = state->sp; enum stack_type prev_type = state->stack_info.type; struct orc_entry *orc; - struct pt_regs *ptregs; bool indirect = false; if (unwind_done(state)) @@ -435,7 +417,7 @@ bool unwind_next_frame(struct unwind_sta break; case ORC_TYPE_REGS: - if (!deref_stack_regs(state, sp, &state->ip, &state->sp, true)) { + if (!deref_stack_regs(state, sp, &state->ip, &state->sp)) { orc_warn("can't dereference registers at %p for ip %pB\n", (void *)sp, (void *)orig_ip); goto done; @@ -447,20 +429,14 @@ bool unwind_next_frame(struct unwind_sta break; case ORC_TYPE_REGS_IRET: - if (!deref_stack_regs(state, sp, &state->ip, &state->sp, false)) { + if (!deref_stack_iret_regs(state, sp, &state->ip, &state->sp)) { orc_warn("can't dereference iret registers at %p for ip %pB\n", (void *)sp, (void *)orig_ip); goto done; } - ptregs = container_of((void *)sp, struct pt_regs, ip); - if ((unsigned long)ptregs >= prev_sp && - on_stack(&state->stack_info, ptregs, REGS_SIZE)) { - state->regs = ptregs; - state->full_regs = false; - } else - state->regs = NULL; - + state->regs = (void *)sp - IRET_FRAME_OFFSET; + state->full_regs = false; state->signal = true; break; Patches currently in stable-queue which might be from jpoimboe(a)redhat.com are queue-4.14/x86-cpufeatures-fix-various-details-in-the-feature-definitions.patch queue-4.14/x86-entry-64-move-the-ist-stacks-into-struct-cpu_entry_area.patch queue-4.14/x86-dumpstack-add-get_stack_info-support-for-the-sysenter-stack.patch queue-4.14/x86-asm-don-t-use-the-confusing-.ifeq-directive.patch queue-4.14/x86-entry-remap-the-tss-into-the-cpu-entry-area.patch queue-4.14/x86-entry-64-paravirt-use-paravirt-safe-macro-to-access-eflags.patch queue-4.14/x86-mm-fixmap-generalize-the-gdt-fixmap-mechanism-introduce-struct-cpu_entry_area.patch queue-4.14/x86-paravirt-dont-patch-flush_tlb_single.patch queue-4.14/x86-dumpstack-handle-stack-overflow-on-all-stacks.patch queue-4.14/x86-entry-64-return-to-userspace-from-the-trampoline-stack.patch queue-4.14/x86-paravirt-provide-a-way-to-check-for-hypervisors.patch queue-4.14/x86-entry-64-create-a-per-cpu-syscall-entry-trampoline.patch queue-4.14/x86-boot-relocate-definition-of-the-initial-state-of-cr0.patch queue-4.14/objtool-don-t-report-end-of-section-error-after-an-empty-unwind-hint.patch queue-4.14/x86-entry-64-use-a-per-cpu-trampoline-stack-for-idt-entries.patch queue-4.14/x86-cpufeature-add-user-mode-instruction-prevention-definitions.patch queue-4.14/x86-cpufeatures-make-cpu-bugs-sticky.patch queue-4.14/x86-espfix-64-stop-assuming-that-pt_regs-is-on-the-entry-stack.patch queue-4.14/x86-xen-fix-xen-head-elf-annotations.patch queue-4.14/x86-entry-move-sysenter_stack-to-the-beginning-of-struct-tss_struct.patch queue-4.14/x86-entry-64-allocate-and-enable-the-sysenter-stack.patch queue-4.14/x86-unwinder-orc-dont-bail-on-stack-overflow.patch queue-4.14/x86-head-fix-head-elf-function-annotations.patch queue-4.14/objtool-print-top-level-commands-on-incorrect-usage.patch queue-4.14/x86-unwind-rename-unwinder-config-options-to-config_unwinder_.patch queue-4.14/x86-head-add-unwind-hint-annotations.patch queue-4.14/x86-head-remove-unused-bad_address-code.patch queue-4.14/x86-xen-add-unwind-hint-annotations.patch queue-4.14/x86-kasan-64-teach-kasan-about-the-cpu_entry_area.patch queue-4.14/x86-head-remove-confusing-comment.patch queue-4.14/x86-entry-64-remove-the-sysenter-stack-canary.patch queue-4.14/x86-unwinder-make-config_unwinder_orc-y-the-default-in-the-64-bit-defconfig.patch queue-4.14/x86-entry-gdt-put-per-cpu-gdt-remaps-in-ascending-order.patch queue-4.14/x86-entry-fix-assumptions-that-the-hw-tss-is-at-the-beginning-of-cpu_tss.patch queue-4.14/x86-cpufeatures-re-tabulate-the-x86_feature-definitions.patch queue-4.14/x86-entry-64-make-cpu_entry_area.tss-read-only.patch queue-4.14/x86-unwind-make-config_unwinder_orc-y-the-default-in-kconfig-for-64-bit.patch queue-4.14/x86-mm-relocate-page-fault-error-codes-to-traps.h.patch queue-4.14/x86-unwinder-handle-stack-overflows-more-gracefully.patch queue-4.14/x86-irq-64-print-the-offending-ip-in-the-stack-overflow-warning.patch queue-4.14/x86-entry-clean-up-the-sysenter_stack-code.patch queue-4.14/x86-entry-64-separate-cpu_current_top_of_stack-from-tss.sp0.patch queue-4.14/x86-boot-annotate-verify_cpu-as-a-callable-function.patch queue-4.14/x86-irq-remove-an-old-outdated-comment-about-context-tracking-races.patch

7 years, 8 months

1
0
0 0

[Linux-stable-mirror] Patch "x86/paravirt: Provide a way to check for hypervisors" has been added to the 4.14-stable tree

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled x86/paravirt: Provide a way to check for hypervisors to the 4.14-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… The filename of the patch is: x86-paravirt-provide-a-way-to-check-for-hypervisors.patch and it can be found in the queue-4.14 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable(a)vger.kernel.org> know about it. >From 79cc74155218316b9a5d28577c7077b2adba8e58 Mon Sep 17 00:00:00 2001 From: Thomas Gleixner <tglx(a)linutronix.de> Date: Mon, 4 Dec 2017 15:07:31 +0100 Subject: x86/paravirt: Provide a way to check for hypervisors From: Thomas Gleixner <tglx(a)linutronix.de> commit 79cc74155218316b9a5d28577c7077b2adba8e58 upstream. There is no generic way to test whether a kernel is running on a specific hypervisor. But that's required to prevent the upcoming user address space separation feature in certain guest modes. Make the hypervisor type enum unconditionally available and provide a helper function which allows to test for a specific type. Signed-off-by: Thomas Gleixner <tglx(a)linutronix.de> Reviewed-by: Juergen Gross <jgross(a)suse.com> Cc: Andy Lutomirski <luto(a)kernel.org> Cc: Boris Ostrovsky <boris.ostrovsky(a)oracle.com> Cc: Borislav Petkov <bp(a)alien8.de> Cc: Borislav Petkov <bpetkov(a)suse.de> Cc: Brian Gerst <brgerst(a)gmail.com> Cc: Dave Hansen <dave.hansen(a)intel.com> Cc: Dave Hansen <dave.hansen(a)linux.intel.com> Cc: David Laight <David.Laight(a)aculab.com> Cc: Denys Vlasenko <dvlasenk(a)redhat.com> Cc: Eduardo Valentin <eduval(a)amazon.com> Cc: Greg KH <gregkh(a)linuxfoundation.org> Cc: H. Peter Anvin <hpa(a)zytor.com> Cc: Josh Poimboeuf <jpoimboe(a)redhat.com> Cc: Linus Torvalds <torvalds(a)linux-foundation.org> Cc: Peter Zijlstra <peterz(a)infradead.org> Cc: Rik van Riel <riel(a)redhat.com> Cc: Will Deacon <will.deacon(a)arm.com> Cc: aliguori(a)amazon.com Cc: daniel.gruss(a)iaik.tugraz.at Cc: hughd(a)google.com Cc: keescook(a)google.com Link: https://lkml.kernel.org/r/20171204150606.912938129@linutronix.de Signed-off-by: Ingo Molnar <mingo(a)kernel.org> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- arch/x86/include/asm/hypervisor.h | 25 +++++++++++++++---------- 1 file changed, 15 insertions(+), 10 deletions(-) --- a/arch/x86/include/asm/hypervisor.h +++ b/arch/x86/include/asm/hypervisor.h @@ -20,16 +20,7 @@ #ifndef _ASM_X86_HYPERVISOR_H #define _ASM_X86_HYPERVISOR_H -#ifdef CONFIG_HYPERVISOR_GUEST - -#include <asm/kvm_para.h> -#include <asm/x86_init.h> -#include <asm/xen/hypervisor.h> - -/* - * x86 hypervisor information - */ - +/* x86 hypervisor types */ enum x86_hypervisor_type { X86_HYPER_NATIVE = 0, X86_HYPER_VMWARE, @@ -39,6 +30,12 @@ enum x86_hypervisor_type { X86_HYPER_KVM, }; +#ifdef CONFIG_HYPERVISOR_GUEST + +#include <asm/kvm_para.h> +#include <asm/x86_init.h> +#include <asm/xen/hypervisor.h> + struct hypervisor_x86 { /* Hypervisor name */ const char *name; @@ -58,7 +55,15 @@ struct hypervisor_x86 { extern enum x86_hypervisor_type x86_hyper_type; extern void init_hypervisor_platform(void); +static inline bool hypervisor_is_type(enum x86_hypervisor_type type) +{ + return x86_hyper_type == type; +} #else static inline void init_hypervisor_platform(void) { } +static inline bool hypervisor_is_type(enum x86_hypervisor_type type) +{ + return type == X86_HYPER_NATIVE; +} #endif /* CONFIG_HYPERVISOR_GUEST */ #endif /* _ASM_X86_HYPERVISOR_H */ Patches currently in stable-queue which might be from tglx(a)linutronix.de are queue-4.14/x86-entry-64-simplify-reg-restore-code-in-the-standard-iret-paths.patch queue-4.14/locking-barriers-add-implicit-smp_read_barrier_depends-to-read_once.patch queue-4.14/x86-cpufeatures-fix-various-details-in-the-feature-definitions.patch queue-4.14/cpuidle-fix-broadcast-control-when-broadcast-can-not-be-entered.patch queue-4.14/bitops-add-clear-set_bit32-to-linux-bitops.h.patch queue-4.14/x86-build-beautify-build-log-of-syscall-headers.patch queue-4.14/x86-make-x86_bug_fxsave_leak-detectable-in-cpuid-on-amd.patch queue-4.14/x86-entry-64-move-the-ist-stacks-into-struct-cpu_entry_area.patch queue-4.14/bitops-revert-cbe96375025e-bitops-add-clear-set_bit32-to-linux-bitops.h.patch queue-4.14/x86-dumpstack-add-get_stack_info-support-for-the-sysenter-stack.patch queue-4.14/x86-virt-add-enum-for-hypervisors-to-replace-x86_hyper.patch queue-4.14/x86-asm-don-t-use-the-confusing-.ifeq-directive.patch queue-4.14/selftests-x86-ldt_gdt-add-infrastructure-to-test-set_thread_area.patch queue-4.14/x86-xen-provide-pre-built-page-tables-only-for-config_xen_pv-y-and-config_xen_pvh-y.patch queue-4.14/x86-entry-remap-the-tss-into-the-cpu-entry-area.patch queue-4.14/x86-entry-64-paravirt-use-paravirt-safe-macro-to-access-eflags.patch queue-4.14/x86-mm-fixmap-generalize-the-gdt-fixmap-mechanism-introduce-struct-cpu_entry_area.patch queue-4.14/x86-fpu-remove-the-explicit-clearing-of-xsave-dependent-features.patch queue-4.14/x86-xen-drop-5-level-paging-support-code-from-the-xen_pv-code.patch queue-4.14/x86-paravirt-dont-patch-flush_tlb_single.patch queue-4.14/locking-barriers-convert-users-of-lockless_dereference-to-read_once.patch queue-4.14/x86-asm-remove-unnecessary-n-t-in-front-of-cc_set-from-asm-templates.patch queue-4.14/x86-dumpstack-handle-stack-overflow-on-all-stacks.patch queue-4.14/x86-entry-64-use-pop-instead-of-movq-in-syscall_return_via_sysret.patch queue-4.14/x86-entry-64-return-to-userspace-from-the-trampoline-stack.patch queue-4.14/x86-paravirt-provide-a-way-to-check-for-hypervisors.patch queue-4.14/xen-x86-entry-64-add-xen-nmi-trap-entry.patch queue-4.14/x86-cpuid-add-generic-table-for-cpuid-dependencies.patch queue-4.14/x86-entry-64-remove-the-restore_c_regs_and_iret-label.patch queue-4.14/x86-entry-64-create-a-per-cpu-syscall-entry-trampoline.patch queue-4.14/x86-entry-64-remove-the-restore_..._regs-infrastructure.patch queue-4.14/x86-xen-64-x86-entry-64-clean-up-sp-code-in-cpu_initialize_context.patch queue-4.14/x86-entry-add-task_top_of_stack-to-find-the-top-of-a-task-s-stack.patch queue-4.14/x86-entry-64-remove-all-remaining-direct-thread_struct-sp0-reads.patch queue-4.14/x86-boot-relocate-definition-of-the-initial-state-of-cr0.patch queue-4.14/x86-entry-64-stop-initializing-tss.sp0-at-boot.patch queue-4.14/x86-entry-64-de-xen-ify-our-nmi-code.patch queue-4.14/objtool-don-t-report-end-of-section-error-after-an-empty-unwind-hint.patch queue-4.14/x86-entry-64-pass-sp0-directly-to-load_sp0.patch queue-4.14/x86-entry-64-use-a-per-cpu-trampoline-stack-for-idt-entries.patch queue-4.14/x86-entry-64-move-swapgs-into-the-common-iret-to-usermode-path.patch queue-4.14/x86-entry-64-shorten-test-instructions.patch queue-4.14/x86-cpufeature-add-user-mode-instruction-prevention-definitions.patch queue-4.14/x86-cpufeatures-make-cpu-bugs-sticky.patch queue-4.14/x86-cpufeatures-enable-new-sse-avx-avx512-cpu-features.patch queue-4.14/x86-espfix-64-stop-assuming-that-pt_regs-is-on-the-entry-stack.patch queue-4.14/x86-traps-use-a-new-on_thread_stack-helper-to-clean-up-an-assertion.patch queue-4.14/x86-xen-fix-xen-head-elf-annotations.patch queue-4.14/x86-mm-define-_page_table-using-_kernpg_table.patch queue-4.14/drivers-misc-intel-pti-rename-the-header-file-to-free-up-the-namespace.patch queue-4.14/x86-entry-64-remove-thread_struct-sp0.patch queue-4.14/x86-entry-move-sysenter_stack-to-the-beginning-of-struct-tss_struct.patch queue-4.14/x86-entry-64-allocate-and-enable-the-sysenter-stack.patch queue-4.14/x86-unwinder-orc-dont-bail-on-stack-overflow.patch queue-4.14/x86-fpu-debug-remove-unused-x86_fpu_state-and-x86_fpu_deactivate_state-tracepoints.patch queue-4.14/x86-head-fix-head-elf-function-annotations.patch queue-4.14/x86-kasan-use-the-same-shadow-offset-for-4-and-5-level-paging.patch queue-4.14/x86-cpuid-prevent-out-of-bound-access-in-do_clear_cpu_cap.patch queue-4.14/selftests-x86-ldt_gdt-run-most-existing-ldt-test-cases-against-the-gdt-as-well.patch queue-4.14/x86-entry-32-pull-the-msr_ia32_sysenter_cs-update-code-out-of-native_load_sp0.patch queue-4.14/x86-entry-64-split-the-iret-to-user-and-iret-to-kernel-paths.patch queue-4.14/objtool-print-top-level-commands-on-incorrect-usage.patch queue-4.14/x86-unwind-rename-unwinder-config-options-to-config_unwinder_.patch queue-4.14/x86-entry-64-shrink-paranoid_exit_restore-and-make-labels-local.patch queue-4.14/x86-head-add-unwind-hint-annotations.patch queue-4.14/mm-sparsemem-allocate-mem_section-at-runtime-for-config_sparsemem_extreme-y.patch queue-4.14/x86-head-remove-unused-bad_address-code.patch queue-4.14/x86-xen-add-unwind-hint-annotations.patch queue-4.14/x86-kasan-64-teach-kasan-about-the-cpu_entry_area.patch queue-4.14/x86-platform-uv-convert-timers-to-use-timer_setup.patch queue-4.14/x86-head-remove-confusing-comment.patch queue-4.14/x86-entry-64-remove-the-sysenter-stack-canary.patch queue-4.14/x86-fpu-parse-clearcpuid-as-early-xsave-argument.patch queue-4.14/x86-mm-kasan-don-t-use-vmemmap_populate-to-initialize-shadow.patch queue-4.14/x86-unwinder-make-config_unwinder_orc-y-the-default-in-the-64-bit-defconfig.patch queue-4.14/x86-entry-gdt-put-per-cpu-gdt-remaps-in-ascending-order.patch queue-4.14/x86-entry-fix-assumptions-that-the-hw-tss-is-at-the-beginning-of-cpu_tss.patch queue-4.14/x86-cpufeatures-re-tabulate-the-x86_feature-definitions.patch queue-4.14/x86-entry-32-fix-cpu_current_top_of_stack-initialization-at-boot.patch queue-4.14/x86-fpu-make-xsave-check-the-base-cpuid-features-before-enabling.patch queue-4.14/ptrace-x86-make-user_64bit_mode-available-to-32-bit-builds.patch queue-4.14/x86-entry-64-make-cpu_entry_area.tss-read-only.patch queue-4.14/x86-unwind-make-config_unwinder_orc-y-the-default-in-kconfig-for-64-bit.patch queue-4.14/x86-mm-relocate-page-fault-error-codes-to-traps.h.patch queue-4.14/x86-virt-x86-platform-merge-struct-x86_hyper-into-struct-x86_platform-and-struct-x86_init.patch queue-4.14/x86-unwinder-handle-stack-overflows-more-gracefully.patch queue-4.14/x86-cpuid-replace-set-clear_bit32.patch queue-4.14/x86-mm-64-rename-the-register_page_bootmem_memmap-size-parameter-to-nr_pages.patch queue-4.14/x86-entry-64-use-pop-instead-of-mov-to-restore-regs-on-nmi-return.patch queue-4.14/perf-x86-enable-free-running-pebs-for-regs_user-intr.patch queue-4.14/x86-irq-64-print-the-offending-ip-in-the-stack-overflow-warning.patch queue-4.14/x86-entry-clean-up-the-sysenter_stack-code.patch queue-4.14/x86-entry-64-merge-the-fast-and-slow-sysret-paths.patch queue-4.14/x86-entry-64-separate-cpu_current_top_of_stack-from-tss.sp0.patch queue-4.14/x86-boot-annotate-verify_cpu-as-a-callable-function.patch queue-4.14/x86-irq-remove-an-old-outdated-comment-about-context-tracking-races.patch

7 years, 8 months

1
0
0 0

[Linux-stable-mirror] Patch "x86/traps: Use a new on_thread_stack() helper to clean up an assertion" has been added to the 4.14-stable tree

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled x86/traps: Use a new on_thread_stack() helper to clean up an assertion to the 4.14-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… The filename of the patch is: x86-traps-use-a-new-on_thread_stack-helper-to-clean-up-an-assertion.patch and it can be found in the queue-4.14 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable(a)vger.kernel.org> know about it. >From 3383642c2f9d4f5b4fa37436db4a109a1a10018c Mon Sep 17 00:00:00 2001 From: Andy Lutomirski <luto(a)kernel.org> Date: Thu, 2 Nov 2017 00:59:17 -0700 Subject: x86/traps: Use a new on_thread_stack() helper to clean up an assertion From: Andy Lutomirski <luto(a)kernel.org> commit 3383642c2f9d4f5b4fa37436db4a109a1a10018c upstream. Let's keep the stack-related logic together rather than open-coding a comparison in an assertion in the traps code. Signed-off-by: Andy Lutomirski <luto(a)kernel.org> Reviewed-by: Borislav Petkov <bp(a)suse.de> Cc: Borislav Petkov <bpetkov(a)suse.de> Cc: Brian Gerst <brgerst(a)gmail.com> Cc: Dave Hansen <dave.hansen(a)intel.com> Cc: Linus Torvalds <torvalds(a)linux-foundation.org> Cc: Peter Zijlstra <peterz(a)infradead.org> Cc: Thomas Gleixner <tglx(a)linutronix.de> Link: http://lkml.kernel.org/r/856b15bee1f55017b8f79d3758b0d51c48a08cf8.150960930… Signed-off-by: Ingo Molnar <mingo(a)kernel.org> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- arch/x86/include/asm/processor.h | 6 ++++++ arch/x86/kernel/traps.c | 3 +-- 2 files changed, 7 insertions(+), 2 deletions(-) --- a/arch/x86/include/asm/processor.h +++ b/arch/x86/include/asm/processor.h @@ -542,6 +542,12 @@ static inline unsigned long current_top_ #endif } +static inline bool on_thread_stack(void) +{ + return (unsigned long)(current_top_of_stack() - + current_stack_pointer) < THREAD_SIZE; +} + #ifdef CONFIG_PARAVIRT #include <asm/paravirt.h> #else --- a/arch/x86/kernel/traps.c +++ b/arch/x86/kernel/traps.c @@ -141,8 +141,7 @@ void ist_begin_non_atomic(struct pt_regs * will catch asm bugs and any attempt to use ist_preempt_enable * from double_fault. */ - BUG_ON((unsigned long)(current_top_of_stack() - - current_stack_pointer) >= THREAD_SIZE); + BUG_ON(!on_thread_stack()); preempt_enable_no_resched(); } Patches currently in stable-queue which might be from luto(a)kernel.org are queue-4.14/x86-entry-64-simplify-reg-restore-code-in-the-standard-iret-paths.patch queue-4.14/x86-cpufeatures-fix-various-details-in-the-feature-definitions.patch queue-4.14/x86-entry-64-move-the-ist-stacks-into-struct-cpu_entry_area.patch queue-4.14/x86-dumpstack-add-get_stack_info-support-for-the-sysenter-stack.patch queue-4.14/x86-asm-don-t-use-the-confusing-.ifeq-directive.patch queue-4.14/selftests-x86-ldt_gdt-add-infrastructure-to-test-set_thread_area.patch queue-4.14/x86-entry-remap-the-tss-into-the-cpu-entry-area.patch queue-4.14/x86-entry-64-paravirt-use-paravirt-safe-macro-to-access-eflags.patch queue-4.14/x86-mm-fixmap-generalize-the-gdt-fixmap-mechanism-introduce-struct-cpu_entry_area.patch queue-4.14/x86-paravirt-dont-patch-flush_tlb_single.patch queue-4.14/x86-dumpstack-handle-stack-overflow-on-all-stacks.patch queue-4.14/x86-entry-64-use-pop-instead-of-movq-in-syscall_return_via_sysret.patch queue-4.14/x86-entry-64-return-to-userspace-from-the-trampoline-stack.patch queue-4.14/x86-paravirt-provide-a-way-to-check-for-hypervisors.patch queue-4.14/xen-x86-entry-64-add-xen-nmi-trap-entry.patch queue-4.14/x86-entry-64-remove-the-restore_c_regs_and_iret-label.patch queue-4.14/x86-entry-64-create-a-per-cpu-syscall-entry-trampoline.patch queue-4.14/x86-entry-64-remove-the-restore_..._regs-infrastructure.patch queue-4.14/x86-xen-64-x86-entry-64-clean-up-sp-code-in-cpu_initialize_context.patch queue-4.14/x86-entry-add-task_top_of_stack-to-find-the-top-of-a-task-s-stack.patch queue-4.14/x86-entry-64-remove-all-remaining-direct-thread_struct-sp0-reads.patch queue-4.14/x86-boot-relocate-definition-of-the-initial-state-of-cr0.patch queue-4.14/x86-entry-64-stop-initializing-tss.sp0-at-boot.patch queue-4.14/x86-entry-64-de-xen-ify-our-nmi-code.patch queue-4.14/objtool-don-t-report-end-of-section-error-after-an-empty-unwind-hint.patch queue-4.14/x86-entry-64-pass-sp0-directly-to-load_sp0.patch queue-4.14/x86-entry-64-use-a-per-cpu-trampoline-stack-for-idt-entries.patch queue-4.14/x86-entry-64-move-swapgs-into-the-common-iret-to-usermode-path.patch queue-4.14/x86-entry-64-shorten-test-instructions.patch queue-4.14/x86-cpufeature-add-user-mode-instruction-prevention-definitions.patch queue-4.14/x86-cpufeatures-make-cpu-bugs-sticky.patch queue-4.14/x86-espfix-64-stop-assuming-that-pt_regs-is-on-the-entry-stack.patch queue-4.14/x86-traps-use-a-new-on_thread_stack-helper-to-clean-up-an-assertion.patch queue-4.14/x86-xen-fix-xen-head-elf-annotations.patch queue-4.14/x86-entry-64-remove-thread_struct-sp0.patch queue-4.14/x86-entry-move-sysenter_stack-to-the-beginning-of-struct-tss_struct.patch queue-4.14/x86-entry-64-allocate-and-enable-the-sysenter-stack.patch queue-4.14/x86-unwinder-orc-dont-bail-on-stack-overflow.patch queue-4.14/x86-head-fix-head-elf-function-annotations.patch queue-4.14/selftests-x86-ldt_gdt-run-most-existing-ldt-test-cases-against-the-gdt-as-well.patch queue-4.14/x86-entry-32-pull-the-msr_ia32_sysenter_cs-update-code-out-of-native_load_sp0.patch queue-4.14/x86-entry-64-split-the-iret-to-user-and-iret-to-kernel-paths.patch queue-4.14/x86-entry-64-shrink-paranoid_exit_restore-and-make-labels-local.patch queue-4.14/x86-head-add-unwind-hint-annotations.patch queue-4.14/x86-head-remove-unused-bad_address-code.patch queue-4.14/x86-xen-add-unwind-hint-annotations.patch queue-4.14/x86-kasan-64-teach-kasan-about-the-cpu_entry_area.patch queue-4.14/x86-head-remove-confusing-comment.patch queue-4.14/x86-entry-64-remove-the-sysenter-stack-canary.patch queue-4.14/x86-mm-kasan-don-t-use-vmemmap_populate-to-initialize-shadow.patch queue-4.14/x86-entry-gdt-put-per-cpu-gdt-remaps-in-ascending-order.patch queue-4.14/x86-entry-fix-assumptions-that-the-hw-tss-is-at-the-beginning-of-cpu_tss.patch queue-4.14/x86-cpufeatures-re-tabulate-the-x86_feature-definitions.patch queue-4.14/x86-entry-32-fix-cpu_current_top_of_stack-initialization-at-boot.patch queue-4.14/ptrace-x86-make-user_64bit_mode-available-to-32-bit-builds.patch queue-4.14/x86-entry-64-make-cpu_entry_area.tss-read-only.patch queue-4.14/x86-mm-relocate-page-fault-error-codes-to-traps.h.patch queue-4.14/x86-unwinder-handle-stack-overflows-more-gracefully.patch queue-4.14/x86-entry-64-use-pop-instead-of-mov-to-restore-regs-on-nmi-return.patch queue-4.14/x86-irq-64-print-the-offending-ip-in-the-stack-overflow-warning.patch queue-4.14/x86-entry-clean-up-the-sysenter_stack-code.patch queue-4.14/x86-entry-64-merge-the-fast-and-slow-sysret-paths.patch queue-4.14/x86-entry-64-separate-cpu_current_top_of_stack-from-tss.sp0.patch queue-4.14/x86-boot-annotate-verify_cpu-as-a-callable-function.patch queue-4.14/x86-irq-remove-an-old-outdated-comment-about-context-tracking-races.patch

7 years, 8 months

1
0
0 0

[Linux-stable-mirror] Patch "x86/paravirt: Dont patch flush_tlb_single" has been added to the 4.14-stable tree

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled x86/paravirt: Dont patch flush_tlb_single to the 4.14-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… The filename of the patch is: x86-paravirt-dont-patch-flush_tlb_single.patch and it can be found in the queue-4.14 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable(a)vger.kernel.org> know about it. >From a035795499ca1c2bd1928808d1a156eda1420383 Mon Sep 17 00:00:00 2001 From: Thomas Gleixner <tglx(a)linutronix.de> Date: Mon, 4 Dec 2017 15:07:30 +0100 Subject: x86/paravirt: Dont patch flush_tlb_single From: Thomas Gleixner <tglx(a)linutronix.de> commit a035795499ca1c2bd1928808d1a156eda1420383 upstream. native_flush_tlb_single() will be changed with the upcoming PAGE_TABLE_ISOLATION feature. This requires to have more code in there than INVLPG. Remove the paravirt patching for it. Signed-off-by: Thomas Gleixner <tglx(a)linutronix.de> Reviewed-by: Josh Poimboeuf <jpoimboe(a)redhat.com> Reviewed-by: Juergen Gross <jgross(a)suse.com> Acked-by: Peter Zijlstra <peterz(a)infradead.org> Cc: Andy Lutomirski <luto(a)kernel.org> Cc: Boris Ostrovsky <boris.ostrovsky(a)oracle.com> Cc: Borislav Petkov <bp(a)alien8.de> Cc: Borislav Petkov <bpetkov(a)suse.de> Cc: Brian Gerst <brgerst(a)gmail.com> Cc: Dave Hansen <dave.hansen(a)intel.com> Cc: Dave Hansen <dave.hansen(a)linux.intel.com> Cc: David Laight <David.Laight(a)aculab.com> Cc: Denys Vlasenko <dvlasenk(a)redhat.com> Cc: Eduardo Valentin <eduval(a)amazon.com> Cc: Greg KH <gregkh(a)linuxfoundation.org> Cc: H. Peter Anvin <hpa(a)zytor.com> Cc: Linus Torvalds <torvalds(a)linux-foundation.org> Cc: Rik van Riel <riel(a)redhat.com> Cc: Will Deacon <will.deacon(a)arm.com> Cc: aliguori(a)amazon.com Cc: daniel.gruss(a)iaik.tugraz.at Cc: hughd(a)google.com Cc: keescook(a)google.com Cc: linux-mm(a)kvack.org Cc: michael.schwarz(a)iaik.tugraz.at Cc: moritz.lipp(a)iaik.tugraz.at Cc: richard.fellner(a)student.tugraz.at Link: https://lkml.kernel.org/r/20171204150606.828111617@linutronix.de Signed-off-by: Ingo Molnar <mingo(a)kernel.org> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- arch/x86/kernel/paravirt_patch_64.c | 2 -- 1 file changed, 2 deletions(-) --- a/arch/x86/kernel/paravirt_patch_64.c +++ b/arch/x86/kernel/paravirt_patch_64.c @@ -10,7 +10,6 @@ DEF_NATIVE(pv_irq_ops, save_fl, "pushfq; DEF_NATIVE(pv_mmu_ops, read_cr2, "movq %cr2, %rax"); DEF_NATIVE(pv_mmu_ops, read_cr3, "movq %cr3, %rax"); DEF_NATIVE(pv_mmu_ops, write_cr3, "movq %rdi, %cr3"); -DEF_NATIVE(pv_mmu_ops, flush_tlb_single, "invlpg (%rdi)"); DEF_NATIVE(pv_cpu_ops, wbinvd, "wbinvd"); DEF_NATIVE(pv_cpu_ops, usergs_sysret64, "swapgs; sysretq"); @@ -60,7 +59,6 @@ unsigned native_patch(u8 type, u16 clobb PATCH_SITE(pv_mmu_ops, read_cr2); PATCH_SITE(pv_mmu_ops, read_cr3); PATCH_SITE(pv_mmu_ops, write_cr3); - PATCH_SITE(pv_mmu_ops, flush_tlb_single); PATCH_SITE(pv_cpu_ops, wbinvd); #if defined(CONFIG_PARAVIRT_SPINLOCKS) case PARAVIRT_PATCH(pv_lock_ops.queued_spin_unlock): Patches currently in stable-queue which might be from tglx(a)linutronix.de are queue-4.14/x86-entry-64-simplify-reg-restore-code-in-the-standard-iret-paths.patch queue-4.14/locking-barriers-add-implicit-smp_read_barrier_depends-to-read_once.patch queue-4.14/x86-cpufeatures-fix-various-details-in-the-feature-definitions.patch queue-4.14/cpuidle-fix-broadcast-control-when-broadcast-can-not-be-entered.patch queue-4.14/bitops-add-clear-set_bit32-to-linux-bitops.h.patch queue-4.14/x86-build-beautify-build-log-of-syscall-headers.patch queue-4.14/x86-make-x86_bug_fxsave_leak-detectable-in-cpuid-on-amd.patch queue-4.14/x86-entry-64-move-the-ist-stacks-into-struct-cpu_entry_area.patch queue-4.14/bitops-revert-cbe96375025e-bitops-add-clear-set_bit32-to-linux-bitops.h.patch queue-4.14/x86-dumpstack-add-get_stack_info-support-for-the-sysenter-stack.patch queue-4.14/x86-virt-add-enum-for-hypervisors-to-replace-x86_hyper.patch queue-4.14/x86-asm-don-t-use-the-confusing-.ifeq-directive.patch queue-4.14/selftests-x86-ldt_gdt-add-infrastructure-to-test-set_thread_area.patch queue-4.14/x86-xen-provide-pre-built-page-tables-only-for-config_xen_pv-y-and-config_xen_pvh-y.patch queue-4.14/x86-entry-remap-the-tss-into-the-cpu-entry-area.patch queue-4.14/x86-entry-64-paravirt-use-paravirt-safe-macro-to-access-eflags.patch queue-4.14/x86-mm-fixmap-generalize-the-gdt-fixmap-mechanism-introduce-struct-cpu_entry_area.patch queue-4.14/x86-fpu-remove-the-explicit-clearing-of-xsave-dependent-features.patch queue-4.14/x86-xen-drop-5-level-paging-support-code-from-the-xen_pv-code.patch queue-4.14/x86-paravirt-dont-patch-flush_tlb_single.patch queue-4.14/locking-barriers-convert-users-of-lockless_dereference-to-read_once.patch queue-4.14/x86-asm-remove-unnecessary-n-t-in-front-of-cc_set-from-asm-templates.patch queue-4.14/x86-dumpstack-handle-stack-overflow-on-all-stacks.patch queue-4.14/x86-entry-64-use-pop-instead-of-movq-in-syscall_return_via_sysret.patch queue-4.14/x86-entry-64-return-to-userspace-from-the-trampoline-stack.patch queue-4.14/x86-paravirt-provide-a-way-to-check-for-hypervisors.patch queue-4.14/xen-x86-entry-64-add-xen-nmi-trap-entry.patch queue-4.14/x86-cpuid-add-generic-table-for-cpuid-dependencies.patch queue-4.14/x86-entry-64-remove-the-restore_c_regs_and_iret-label.patch queue-4.14/x86-entry-64-create-a-per-cpu-syscall-entry-trampoline.patch queue-4.14/x86-entry-64-remove-the-restore_..._regs-infrastructure.patch queue-4.14/x86-xen-64-x86-entry-64-clean-up-sp-code-in-cpu_initialize_context.patch queue-4.14/x86-entry-add-task_top_of_stack-to-find-the-top-of-a-task-s-stack.patch queue-4.14/x86-entry-64-remove-all-remaining-direct-thread_struct-sp0-reads.patch queue-4.14/x86-boot-relocate-definition-of-the-initial-state-of-cr0.patch queue-4.14/x86-entry-64-stop-initializing-tss.sp0-at-boot.patch queue-4.14/x86-entry-64-de-xen-ify-our-nmi-code.patch queue-4.14/objtool-don-t-report-end-of-section-error-after-an-empty-unwind-hint.patch queue-4.14/x86-entry-64-pass-sp0-directly-to-load_sp0.patch queue-4.14/x86-entry-64-use-a-per-cpu-trampoline-stack-for-idt-entries.patch queue-4.14/x86-entry-64-move-swapgs-into-the-common-iret-to-usermode-path.patch queue-4.14/x86-entry-64-shorten-test-instructions.patch queue-4.14/x86-cpufeature-add-user-mode-instruction-prevention-definitions.patch queue-4.14/x86-cpufeatures-make-cpu-bugs-sticky.patch queue-4.14/x86-cpufeatures-enable-new-sse-avx-avx512-cpu-features.patch queue-4.14/x86-espfix-64-stop-assuming-that-pt_regs-is-on-the-entry-stack.patch queue-4.14/x86-traps-use-a-new-on_thread_stack-helper-to-clean-up-an-assertion.patch queue-4.14/x86-xen-fix-xen-head-elf-annotations.patch queue-4.14/x86-mm-define-_page_table-using-_kernpg_table.patch queue-4.14/drivers-misc-intel-pti-rename-the-header-file-to-free-up-the-namespace.patch queue-4.14/x86-entry-64-remove-thread_struct-sp0.patch queue-4.14/x86-entry-move-sysenter_stack-to-the-beginning-of-struct-tss_struct.patch queue-4.14/x86-entry-64-allocate-and-enable-the-sysenter-stack.patch queue-4.14/x86-unwinder-orc-dont-bail-on-stack-overflow.patch queue-4.14/x86-fpu-debug-remove-unused-x86_fpu_state-and-x86_fpu_deactivate_state-tracepoints.patch queue-4.14/x86-head-fix-head-elf-function-annotations.patch queue-4.14/x86-kasan-use-the-same-shadow-offset-for-4-and-5-level-paging.patch queue-4.14/x86-cpuid-prevent-out-of-bound-access-in-do_clear_cpu_cap.patch queue-4.14/selftests-x86-ldt_gdt-run-most-existing-ldt-test-cases-against-the-gdt-as-well.patch queue-4.14/x86-entry-32-pull-the-msr_ia32_sysenter_cs-update-code-out-of-native_load_sp0.patch queue-4.14/x86-entry-64-split-the-iret-to-user-and-iret-to-kernel-paths.patch queue-4.14/objtool-print-top-level-commands-on-incorrect-usage.patch queue-4.14/x86-unwind-rename-unwinder-config-options-to-config_unwinder_.patch queue-4.14/x86-entry-64-shrink-paranoid_exit_restore-and-make-labels-local.patch queue-4.14/x86-head-add-unwind-hint-annotations.patch queue-4.14/mm-sparsemem-allocate-mem_section-at-runtime-for-config_sparsemem_extreme-y.patch queue-4.14/x86-head-remove-unused-bad_address-code.patch queue-4.14/x86-xen-add-unwind-hint-annotations.patch queue-4.14/x86-kasan-64-teach-kasan-about-the-cpu_entry_area.patch queue-4.14/x86-platform-uv-convert-timers-to-use-timer_setup.patch queue-4.14/x86-head-remove-confusing-comment.patch queue-4.14/x86-entry-64-remove-the-sysenter-stack-canary.patch queue-4.14/x86-fpu-parse-clearcpuid-as-early-xsave-argument.patch queue-4.14/x86-mm-kasan-don-t-use-vmemmap_populate-to-initialize-shadow.patch queue-4.14/x86-unwinder-make-config_unwinder_orc-y-the-default-in-the-64-bit-defconfig.patch queue-4.14/x86-entry-gdt-put-per-cpu-gdt-remaps-in-ascending-order.patch queue-4.14/x86-entry-fix-assumptions-that-the-hw-tss-is-at-the-beginning-of-cpu_tss.patch queue-4.14/x86-cpufeatures-re-tabulate-the-x86_feature-definitions.patch queue-4.14/x86-entry-32-fix-cpu_current_top_of_stack-initialization-at-boot.patch queue-4.14/x86-fpu-make-xsave-check-the-base-cpuid-features-before-enabling.patch queue-4.14/ptrace-x86-make-user_64bit_mode-available-to-32-bit-builds.patch queue-4.14/x86-entry-64-make-cpu_entry_area.tss-read-only.patch queue-4.14/x86-unwind-make-config_unwinder_orc-y-the-default-in-kconfig-for-64-bit.patch queue-4.14/x86-mm-relocate-page-fault-error-codes-to-traps.h.patch queue-4.14/x86-virt-x86-platform-merge-struct-x86_hyper-into-struct-x86_platform-and-struct-x86_init.patch queue-4.14/x86-unwinder-handle-stack-overflows-more-gracefully.patch queue-4.14/x86-cpuid-replace-set-clear_bit32.patch queue-4.14/x86-mm-64-rename-the-register_page_bootmem_memmap-size-parameter-to-nr_pages.patch queue-4.14/x86-entry-64-use-pop-instead-of-mov-to-restore-regs-on-nmi-return.patch queue-4.14/perf-x86-enable-free-running-pebs-for-regs_user-intr.patch queue-4.14/x86-irq-64-print-the-offending-ip-in-the-stack-overflow-warning.patch queue-4.14/x86-entry-clean-up-the-sysenter_stack-code.patch queue-4.14/x86-entry-64-merge-the-fast-and-slow-sysret-paths.patch queue-4.14/x86-entry-64-separate-cpu_current_top_of_stack-from-tss.sp0.patch queue-4.14/x86-boot-annotate-verify_cpu-as-a-callable-function.patch queue-4.14/x86-irq-remove-an-old-outdated-comment-about-context-tracking-races.patch

7 years, 8 months

1
0
0 0

[Linux-stable-mirror] Patch "x86/mm/kasan: Don't use vmemmap_populate() to initialize shadow" has been added to the 4.14-stable tree

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled x86/mm/kasan: Don't use vmemmap_populate() to initialize shadow to the 4.14-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… The filename of the patch is: x86-mm-kasan-don-t-use-vmemmap_populate-to-initialize-shadow.patch and it can be found in the queue-4.14 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable(a)vger.kernel.org> know about it. >From 2aeb07365bcd489620f71390a7d2031cd4dfb83e Mon Sep 17 00:00:00 2001 From: Andrey Ryabinin <aryabinin(a)virtuozzo.com> Date: Wed, 15 Nov 2017 17:36:35 -0800 Subject: x86/mm/kasan: Don't use vmemmap_populate() to initialize shadow From: Andrey Ryabinin <aryabinin(a)virtuozzo.com> commit 2aeb07365bcd489620f71390a7d2031cd4dfb83e upstream. [ Note, this is a Git cherry-pick of the following commit: d17a1d97dc20: ("x86/mm/kasan: don't use vmemmap_populate() to initialize shadow") ... for easier x86 PTI code testing and back-porting. ] The KASAN shadow is currently mapped using vmemmap_populate() since that provides a semi-convenient way to map pages into init_top_pgt. However, since that no longer zeroes the mapped pages, it is not suitable for KASAN, which requires zeroed shadow memory. Add kasan_populate_shadow() interface and use it instead of vmemmap_populate(). Besides, this allows us to take advantage of gigantic pages and use them to populate the shadow, which should save us some memory wasted on page tables and reduce TLB pressure. Link: http://lkml.kernel.org/r/20171103185147.2688-2-pasha.tatashin@oracle.com Signed-off-by: Andrey Ryabinin <aryabinin(a)virtuozzo.com> Signed-off-by: Pavel Tatashin <pasha.tatashin(a)oracle.com> Cc: Andy Lutomirski <luto(a)kernel.org> Cc: Steven Sistare <steven.sistare(a)oracle.com> Cc: Daniel Jordan <daniel.m.jordan(a)oracle.com> Cc: Bob Picco <bob.picco(a)oracle.com> Cc: Michal Hocko <mhocko(a)suse.com> Cc: Alexander Potapenko <glider(a)google.com> Cc: Ard Biesheuvel <ard.biesheuvel(a)linaro.org> Cc: Catalin Marinas <catalin.marinas(a)arm.com> Cc: Christian Borntraeger <borntraeger(a)de.ibm.com> Cc: David S. Miller <davem(a)davemloft.net> Cc: Dmitry Vyukov <dvyukov(a)google.com> Cc: Heiko Carstens <heiko.carstens(a)de.ibm.com> Cc: "H. Peter Anvin" <hpa(a)zytor.com> Cc: Ingo Molnar <mingo(a)redhat.com> Cc: Mark Rutland <mark.rutland(a)arm.com> Cc: Matthew Wilcox <willy(a)infradead.org> Cc: Mel Gorman <mgorman(a)techsingularity.net> Cc: Michal Hocko <mhocko(a)kernel.org> Cc: Sam Ravnborg <sam(a)ravnborg.org> Cc: Thomas Gleixner <tglx(a)linutronix.de> Cc: Will Deacon <will.deacon(a)arm.com> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds(a)linux-foundation.org> Signed-off-by: Ingo Molnar <mingo(a)kernel.org> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- arch/x86/Kconfig | 2 arch/x86/mm/kasan_init_64.c | 143 +++++++++++++++++++++++++++++++++++++++++--- 2 files changed, 137 insertions(+), 8 deletions(-) --- a/arch/x86/Kconfig +++ b/arch/x86/Kconfig @@ -108,7 +108,7 @@ config X86 select HAVE_ARCH_AUDITSYSCALL select HAVE_ARCH_HUGE_VMAP if X86_64 || X86_PAE select HAVE_ARCH_JUMP_LABEL - select HAVE_ARCH_KASAN if X86_64 && SPARSEMEM_VMEMMAP + select HAVE_ARCH_KASAN if X86_64 select HAVE_ARCH_KGDB select HAVE_ARCH_KMEMCHECK select HAVE_ARCH_MMAP_RND_BITS if MMU --- a/arch/x86/mm/kasan_init_64.c +++ b/arch/x86/mm/kasan_init_64.c @@ -4,12 +4,14 @@ #include <linux/bootmem.h> #include <linux/kasan.h> #include <linux/kdebug.h> +#include <linux/memblock.h> #include <linux/mm.h> #include <linux/sched.h> #include <linux/sched/task.h> #include <linux/vmalloc.h> #include <asm/e820/types.h> +#include <asm/pgalloc.h> #include <asm/tlbflush.h> #include <asm/sections.h> #include <asm/pgtable.h> @@ -18,7 +20,134 @@ extern struct range pfn_mapped[E820_MAX_ static p4d_t tmp_p4d_table[PTRS_PER_P4D] __initdata __aligned(PAGE_SIZE); -static int __init map_range(struct range *range) +static __init void *early_alloc(size_t size, int nid) +{ + return memblock_virt_alloc_try_nid_nopanic(size, size, + __pa(MAX_DMA_ADDRESS), BOOTMEM_ALLOC_ACCESSIBLE, nid); +} + +static void __init kasan_populate_pmd(pmd_t *pmd, unsigned long addr, + unsigned long end, int nid) +{ + pte_t *pte; + + if (pmd_none(*pmd)) { + void *p; + + if (boot_cpu_has(X86_FEATURE_PSE) && + ((end - addr) == PMD_SIZE) && + IS_ALIGNED(addr, PMD_SIZE)) { + p = early_alloc(PMD_SIZE, nid); + if (p && pmd_set_huge(pmd, __pa(p), PAGE_KERNEL)) + return; + else if (p) + memblock_free(__pa(p), PMD_SIZE); + } + + p = early_alloc(PAGE_SIZE, nid); + pmd_populate_kernel(&init_mm, pmd, p); + } + + pte = pte_offset_kernel(pmd, addr); + do { + pte_t entry; + void *p; + + if (!pte_none(*pte)) + continue; + + p = early_alloc(PAGE_SIZE, nid); + entry = pfn_pte(PFN_DOWN(__pa(p)), PAGE_KERNEL); + set_pte_at(&init_mm, addr, pte, entry); + } while (pte++, addr += PAGE_SIZE, addr != end); +} + +static void __init kasan_populate_pud(pud_t *pud, unsigned long addr, + unsigned long end, int nid) +{ + pmd_t *pmd; + unsigned long next; + + if (pud_none(*pud)) { + void *p; + + if (boot_cpu_has(X86_FEATURE_GBPAGES) && + ((end - addr) == PUD_SIZE) && + IS_ALIGNED(addr, PUD_SIZE)) { + p = early_alloc(PUD_SIZE, nid); + if (p && pud_set_huge(pud, __pa(p), PAGE_KERNEL)) + return; + else if (p) + memblock_free(__pa(p), PUD_SIZE); + } + + p = early_alloc(PAGE_SIZE, nid); + pud_populate(&init_mm, pud, p); + } + + pmd = pmd_offset(pud, addr); + do { + next = pmd_addr_end(addr, end); + if (!pmd_large(*pmd)) + kasan_populate_pmd(pmd, addr, next, nid); + } while (pmd++, addr = next, addr != end); +} + +static void __init kasan_populate_p4d(p4d_t *p4d, unsigned long addr, + unsigned long end, int nid) +{ + pud_t *pud; + unsigned long next; + + if (p4d_none(*p4d)) { + void *p = early_alloc(PAGE_SIZE, nid); + + p4d_populate(&init_mm, p4d, p); + } + + pud = pud_offset(p4d, addr); + do { + next = pud_addr_end(addr, end); + if (!pud_large(*pud)) + kasan_populate_pud(pud, addr, next, nid); + } while (pud++, addr = next, addr != end); +} + +static void __init kasan_populate_pgd(pgd_t *pgd, unsigned long addr, + unsigned long end, int nid) +{ + void *p; + p4d_t *p4d; + unsigned long next; + + if (pgd_none(*pgd)) { + p = early_alloc(PAGE_SIZE, nid); + pgd_populate(&init_mm, pgd, p); + } + + p4d = p4d_offset(pgd, addr); + do { + next = p4d_addr_end(addr, end); + kasan_populate_p4d(p4d, addr, next, nid); + } while (p4d++, addr = next, addr != end); +} + +static void __init kasan_populate_shadow(unsigned long addr, unsigned long end, + int nid) +{ + pgd_t *pgd; + unsigned long next; + + addr = addr & PAGE_MASK; + end = round_up(end, PAGE_SIZE); + pgd = pgd_offset_k(addr); + do { + next = pgd_addr_end(addr, end); + kasan_populate_pgd(pgd, addr, next, nid); + } while (pgd++, addr = next, addr != end); +} + +static void __init map_range(struct range *range) { unsigned long start; unsigned long end; @@ -26,7 +155,7 @@ static int __init map_range(struct range start = (unsigned long)kasan_mem_to_shadow(pfn_to_kaddr(range->start)); end = (unsigned long)kasan_mem_to_shadow(pfn_to_kaddr(range->end)); - return vmemmap_populate(start, end, NUMA_NO_NODE); + kasan_populate_shadow(start, end, early_pfn_to_nid(range->start)); } static void __init clear_pgds(unsigned long start, @@ -189,16 +318,16 @@ void __init kasan_init(void) if (pfn_mapped[i].end == 0) break; - if (map_range(&pfn_mapped[i])) - panic("kasan: unable to allocate shadow!"); + map_range(&pfn_mapped[i]); } + kasan_populate_zero_shadow( kasan_mem_to_shadow((void *)PAGE_OFFSET + MAXMEM), kasan_mem_to_shadow((void *)__START_KERNEL_map)); - vmemmap_populate((unsigned long)kasan_mem_to_shadow(_stext), - (unsigned long)kasan_mem_to_shadow(_end), - NUMA_NO_NODE); + kasan_populate_shadow((unsigned long)kasan_mem_to_shadow(_stext), + (unsigned long)kasan_mem_to_shadow(_end), + early_pfn_to_nid(__pa(_stext))); kasan_populate_zero_shadow(kasan_mem_to_shadow((void *)MODULES_END), (void *)KASAN_SHADOW_END); Patches currently in stable-queue which might be from aryabinin(a)virtuozzo.com are queue-4.14/x86-kasan-use-the-same-shadow-offset-for-4-and-5-level-paging.patch queue-4.14/x86-kasan-64-teach-kasan-about-the-cpu_entry_area.patch queue-4.14/x86-mm-kasan-don-t-use-vmemmap_populate-to-initialize-shadow.patch

7 years, 8 months

1
0
0 0

[Linux-stable-mirror] Patch "x86/mm/fixmap: Generalize the GDT fixmap mechanism, introduce struct cpu_entry_area" has been added to the 4.14-stable tree

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled x86/mm/fixmap: Generalize the GDT fixmap mechanism, introduce struct cpu_entry_area to the 4.14-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… The filename of the patch is: x86-mm-fixmap-generalize-the-gdt-fixmap-mechanism-introduce-struct-cpu_entry_area.patch and it can be found in the queue-4.14 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable(a)vger.kernel.org> know about it. >From ef8813ab280507972bb57e4b1b502811ad4411e9 Mon Sep 17 00:00:00 2001 From: Andy Lutomirski <luto(a)kernel.org> Date: Mon, 4 Dec 2017 15:07:15 +0100 Subject: x86/mm/fixmap: Generalize the GDT fixmap mechanism, introduce struct cpu_entry_area From: Andy Lutomirski <luto(a)kernel.org> commit ef8813ab280507972bb57e4b1b502811ad4411e9 upstream. Currently, the GDT is an ad-hoc array of pages, one per CPU, in the fixmap. Generalize it to be an array of a new 'struct cpu_entry_area' so that we can cleanly add new things to it. Signed-off-by: Andy Lutomirski <luto(a)kernel.org> Signed-off-by: Thomas Gleixner <tglx(a)linutronix.de> Reviewed-by: Thomas Gleixner <tglx(a)linutronix.de> Reviewed-by: Borislav Petkov <bp(a)suse.de> Cc: Boris Ostrovsky <boris.ostrovsky(a)oracle.com> Cc: Borislav Petkov <bp(a)alien8.de> Cc: Borislav Petkov <bpetkov(a)suse.de> Cc: Brian Gerst <brgerst(a)gmail.com> Cc: Dave Hansen <dave.hansen(a)intel.com> Cc: Dave Hansen <dave.hansen(a)linux.intel.com> Cc: David Laight <David.Laight(a)aculab.com> Cc: Denys Vlasenko <dvlasenk(a)redhat.com> Cc: Eduardo Valentin <eduval(a)amazon.com> Cc: Greg KH <gregkh(a)linuxfoundation.org> Cc: H. Peter Anvin <hpa(a)zytor.com> Cc: Josh Poimboeuf <jpoimboe(a)redhat.com> Cc: Juergen Gross <jgross(a)suse.com> Cc: Linus Torvalds <torvalds(a)linux-foundation.org> Cc: Peter Zijlstra <peterz(a)infradead.org> Cc: Rik van Riel <riel(a)redhat.com> Cc: Will Deacon <will.deacon(a)arm.com> Cc: aliguori(a)amazon.com Cc: daniel.gruss(a)iaik.tugraz.at Cc: hughd(a)google.com Cc: keescook(a)google.com Link: https://lkml.kernel.org/r/20171204150605.563271721@linutronix.de Signed-off-by: Ingo Molnar <mingo(a)kernel.org> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- arch/x86/include/asm/desc.h | 9 +-------- arch/x86/include/asm/fixmap.h | 37 +++++++++++++++++++++++++++++++++++-- arch/x86/kernel/cpu/common.c | 14 +++++++------- arch/x86/xen/mmu_pv.c | 2 +- 4 files changed, 44 insertions(+), 18 deletions(-) --- a/arch/x86/include/asm/desc.h +++ b/arch/x86/include/asm/desc.h @@ -60,17 +60,10 @@ static inline struct desc_struct *get_cu return this_cpu_ptr(&gdt_page)->gdt; } -/* Get the fixmap index for a specific processor */ -static inline unsigned int get_cpu_gdt_ro_index(int cpu) -{ - return FIX_GDT_REMAP_END - cpu; -} - /* Provide the fixmap address of the remapped GDT */ static inline struct desc_struct *get_cpu_gdt_ro(int cpu) { - unsigned int idx = get_cpu_gdt_ro_index(cpu); - return (struct desc_struct *)__fix_to_virt(idx); + return (struct desc_struct *)&get_cpu_entry_area(cpu)->gdt; } /* Provide the current read-only GDT */ --- a/arch/x86/include/asm/fixmap.h +++ b/arch/x86/include/asm/fixmap.h @@ -44,6 +44,19 @@ extern unsigned long __FIXADDR_TOP; PAGE_SIZE) #endif +/* + * cpu_entry_area is a percpu region in the fixmap that contains things + * needed by the CPU and early entry/exit code. Real types aren't used + * for all fields here to avoid circular header dependencies. + * + * Every field is a virtual alias of some other allocated backing store. + * There is no direct allocation of a struct cpu_entry_area. + */ +struct cpu_entry_area { + char gdt[PAGE_SIZE]; +}; + +#define CPU_ENTRY_AREA_PAGES (sizeof(struct cpu_entry_area) / PAGE_SIZE) /* * Here we define all the compile-time 'special' virtual @@ -101,8 +114,8 @@ enum fixed_addresses { FIX_LNW_VRTC, #endif /* Fixmap entries to remap the GDTs, one per processor. */ - FIX_GDT_REMAP_BEGIN, - FIX_GDT_REMAP_END = FIX_GDT_REMAP_BEGIN + NR_CPUS - 1, + FIX_CPU_ENTRY_AREA_TOP, + FIX_CPU_ENTRY_AREA_BOTTOM = FIX_CPU_ENTRY_AREA_TOP + (CPU_ENTRY_AREA_PAGES * NR_CPUS) - 1, #ifdef CONFIG_ACPI_APEI_GHES /* Used for GHES mapping from assorted contexts */ @@ -191,5 +204,25 @@ void __init *early_memremap_decrypted_wp void __early_set_fixmap(enum fixed_addresses idx, phys_addr_t phys, pgprot_t flags); +static inline unsigned int __get_cpu_entry_area_page_index(int cpu, int page) +{ + BUILD_BUG_ON(sizeof(struct cpu_entry_area) % PAGE_SIZE != 0); + + return FIX_CPU_ENTRY_AREA_BOTTOM - cpu*CPU_ENTRY_AREA_PAGES - page; +} + +#define __get_cpu_entry_area_offset_index(cpu, offset) ({ \ + BUILD_BUG_ON(offset % PAGE_SIZE != 0); \ + __get_cpu_entry_area_page_index(cpu, offset / PAGE_SIZE); \ + }) + +#define get_cpu_entry_area_index(cpu, field) \ + __get_cpu_entry_area_offset_index((cpu), offsetof(struct cpu_entry_area, field)) + +static inline struct cpu_entry_area *get_cpu_entry_area(int cpu) +{ + return (struct cpu_entry_area *)__fix_to_virt(__get_cpu_entry_area_page_index(cpu, 0)); +} + #endif /* !__ASSEMBLY__ */ #endif /* _ASM_X86_FIXMAP_H */ --- a/arch/x86/kernel/cpu/common.c +++ b/arch/x86/kernel/cpu/common.c @@ -466,12 +466,12 @@ void load_percpu_segment(int cpu) load_stack_canary_segment(); } -/* Setup the fixmap mapping only once per-processor */ -static inline void setup_fixmap_gdt(int cpu) +/* Setup the fixmap mappings only once per-processor */ +static inline void setup_cpu_entry_area(int cpu) { #ifdef CONFIG_X86_64 /* On 64-bit systems, we use a read-only fixmap GDT. */ - pgprot_t prot = PAGE_KERNEL_RO; + pgprot_t gdt_prot = PAGE_KERNEL_RO; #else /* * On native 32-bit systems, the GDT cannot be read-only because @@ -482,11 +482,11 @@ static inline void setup_fixmap_gdt(int * On Xen PV, the GDT must be read-only because the hypervisor requires * it. */ - pgprot_t prot = boot_cpu_has(X86_FEATURE_XENPV) ? + pgprot_t gdt_prot = boot_cpu_has(X86_FEATURE_XENPV) ? PAGE_KERNEL_RO : PAGE_KERNEL; #endif - __set_fixmap(get_cpu_gdt_ro_index(cpu), get_cpu_gdt_paddr(cpu), prot); + __set_fixmap(get_cpu_entry_area_index(cpu, gdt), get_cpu_gdt_paddr(cpu), gdt_prot); } /* Load the original GDT from the per-cpu structure */ @@ -1589,7 +1589,7 @@ void cpu_init(void) if (is_uv_system()) uv_cpu_init(); - setup_fixmap_gdt(cpu); + setup_cpu_entry_area(cpu); load_fixmap_gdt(cpu); } @@ -1651,7 +1651,7 @@ void cpu_init(void) fpu__init_cpu(); - setup_fixmap_gdt(cpu); + setup_cpu_entry_area(cpu); load_fixmap_gdt(cpu); } #endif --- a/arch/x86/xen/mmu_pv.c +++ b/arch/x86/xen/mmu_pv.c @@ -2272,7 +2272,7 @@ static void xen_set_fixmap(unsigned idx, #endif case FIX_TEXT_POKE0: case FIX_TEXT_POKE1: - case FIX_GDT_REMAP_BEGIN ... FIX_GDT_REMAP_END: + case FIX_CPU_ENTRY_AREA_TOP ... FIX_CPU_ENTRY_AREA_BOTTOM: /* All local page mappings */ pte = pfn_pte(phys, prot); break; Patches currently in stable-queue which might be from luto(a)kernel.org are queue-4.14/x86-entry-64-simplify-reg-restore-code-in-the-standard-iret-paths.patch queue-4.14/x86-cpufeatures-fix-various-details-in-the-feature-definitions.patch queue-4.14/x86-entry-64-move-the-ist-stacks-into-struct-cpu_entry_area.patch queue-4.14/x86-dumpstack-add-get_stack_info-support-for-the-sysenter-stack.patch queue-4.14/x86-asm-don-t-use-the-confusing-.ifeq-directive.patch queue-4.14/selftests-x86-ldt_gdt-add-infrastructure-to-test-set_thread_area.patch queue-4.14/x86-entry-remap-the-tss-into-the-cpu-entry-area.patch queue-4.14/x86-entry-64-paravirt-use-paravirt-safe-macro-to-access-eflags.patch queue-4.14/x86-mm-fixmap-generalize-the-gdt-fixmap-mechanism-introduce-struct-cpu_entry_area.patch queue-4.14/x86-paravirt-dont-patch-flush_tlb_single.patch queue-4.14/x86-dumpstack-handle-stack-overflow-on-all-stacks.patch queue-4.14/x86-entry-64-use-pop-instead-of-movq-in-syscall_return_via_sysret.patch queue-4.14/x86-entry-64-return-to-userspace-from-the-trampoline-stack.patch queue-4.14/x86-paravirt-provide-a-way-to-check-for-hypervisors.patch queue-4.14/xen-x86-entry-64-add-xen-nmi-trap-entry.patch queue-4.14/x86-entry-64-remove-the-restore_c_regs_and_iret-label.patch queue-4.14/x86-entry-64-create-a-per-cpu-syscall-entry-trampoline.patch queue-4.14/x86-entry-64-remove-the-restore_..._regs-infrastructure.patch queue-4.14/x86-xen-64-x86-entry-64-clean-up-sp-code-in-cpu_initialize_context.patch queue-4.14/x86-entry-add-task_top_of_stack-to-find-the-top-of-a-task-s-stack.patch queue-4.14/x86-entry-64-remove-all-remaining-direct-thread_struct-sp0-reads.patch queue-4.14/x86-boot-relocate-definition-of-the-initial-state-of-cr0.patch queue-4.14/x86-entry-64-stop-initializing-tss.sp0-at-boot.patch queue-4.14/x86-entry-64-de-xen-ify-our-nmi-code.patch queue-4.14/objtool-don-t-report-end-of-section-error-after-an-empty-unwind-hint.patch queue-4.14/x86-entry-64-pass-sp0-directly-to-load_sp0.patch queue-4.14/x86-entry-64-use-a-per-cpu-trampoline-stack-for-idt-entries.patch queue-4.14/x86-entry-64-move-swapgs-into-the-common-iret-to-usermode-path.patch queue-4.14/x86-entry-64-shorten-test-instructions.patch queue-4.14/x86-cpufeature-add-user-mode-instruction-prevention-definitions.patch queue-4.14/x86-cpufeatures-make-cpu-bugs-sticky.patch queue-4.14/x86-espfix-64-stop-assuming-that-pt_regs-is-on-the-entry-stack.patch queue-4.14/x86-traps-use-a-new-on_thread_stack-helper-to-clean-up-an-assertion.patch queue-4.14/x86-xen-fix-xen-head-elf-annotations.patch queue-4.14/x86-entry-64-remove-thread_struct-sp0.patch queue-4.14/x86-entry-move-sysenter_stack-to-the-beginning-of-struct-tss_struct.patch queue-4.14/x86-entry-64-allocate-and-enable-the-sysenter-stack.patch queue-4.14/x86-unwinder-orc-dont-bail-on-stack-overflow.patch queue-4.14/x86-head-fix-head-elf-function-annotations.patch queue-4.14/selftests-x86-ldt_gdt-run-most-existing-ldt-test-cases-against-the-gdt-as-well.patch queue-4.14/x86-entry-32-pull-the-msr_ia32_sysenter_cs-update-code-out-of-native_load_sp0.patch queue-4.14/x86-entry-64-split-the-iret-to-user-and-iret-to-kernel-paths.patch queue-4.14/x86-entry-64-shrink-paranoid_exit_restore-and-make-labels-local.patch queue-4.14/x86-head-add-unwind-hint-annotations.patch queue-4.14/x86-head-remove-unused-bad_address-code.patch queue-4.14/x86-xen-add-unwind-hint-annotations.patch queue-4.14/x86-kasan-64-teach-kasan-about-the-cpu_entry_area.patch queue-4.14/x86-head-remove-confusing-comment.patch queue-4.14/x86-entry-64-remove-the-sysenter-stack-canary.patch queue-4.14/x86-mm-kasan-don-t-use-vmemmap_populate-to-initialize-shadow.patch queue-4.14/x86-entry-gdt-put-per-cpu-gdt-remaps-in-ascending-order.patch queue-4.14/x86-entry-fix-assumptions-that-the-hw-tss-is-at-the-beginning-of-cpu_tss.patch queue-4.14/x86-cpufeatures-re-tabulate-the-x86_feature-definitions.patch queue-4.14/x86-entry-32-fix-cpu_current_top_of_stack-initialization-at-boot.patch queue-4.14/ptrace-x86-make-user_64bit_mode-available-to-32-bit-builds.patch queue-4.14/x86-entry-64-make-cpu_entry_area.tss-read-only.patch queue-4.14/x86-mm-relocate-page-fault-error-codes-to-traps.h.patch queue-4.14/x86-unwinder-handle-stack-overflows-more-gracefully.patch queue-4.14/x86-entry-64-use-pop-instead-of-mov-to-restore-regs-on-nmi-return.patch queue-4.14/x86-irq-64-print-the-offending-ip-in-the-stack-overflow-warning.patch queue-4.14/x86-entry-clean-up-the-sysenter_stack-code.patch queue-4.14/x86-entry-64-merge-the-fast-and-slow-sysret-paths.patch queue-4.14/x86-entry-64-separate-cpu_current_top_of_stack-from-tss.sp0.patch queue-4.14/x86-boot-annotate-verify_cpu-as-a-callable-function.patch queue-4.14/x86-irq-remove-an-old-outdated-comment-about-context-tracking-races.patch

7 years, 8 months

1
0
0 0

[Linux-stable-mirror] Patch "x86: Make X86_BUG_FXSAVE_LEAK detectable in CPUID on AMD" has been added to the 4.14-stable tree

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled x86: Make X86_BUG_FXSAVE_LEAK detectable in CPUID on AMD to the 4.14-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… The filename of the patch is: x86-make-x86_bug_fxsave_leak-detectable-in-cpuid-on-amd.patch and it can be found in the queue-4.14 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable(a)vger.kernel.org> know about it. >From f2dbad36c55e5d3a91dccbde6e8cae345fe5632f Mon Sep 17 00:00:00 2001 From: Rudolf Marek <r.marek(a)assembler.cz> Date: Tue, 28 Nov 2017 22:01:06 +0100 Subject: x86: Make X86_BUG_FXSAVE_LEAK detectable in CPUID on AMD From: Rudolf Marek <r.marek(a)assembler.cz> commit f2dbad36c55e5d3a91dccbde6e8cae345fe5632f upstream. [ Note, this is a Git cherry-pick of the following commit: 2b67799bdf25 ("x86: Make X86_BUG_FXSAVE_LEAK detectable in CPUID on AMD") ... for easier x86 PTI code testing and back-porting. ] The latest AMD AMD64 Architecture Programmer's Manual adds a CPUID feature XSaveErPtr (CPUID_Fn80000008_EBX[2]). If this feature is set, the FXSAVE, XSAVE, FXSAVEOPT, XSAVEC, XSAVES / FXRSTOR, XRSTOR, XRSTORS always save/restore error pointers, thus making the X86_BUG_FXSAVE_LEAK workaround obsolete on such CPUs. Signed-Off-By: Rudolf Marek <r.marek(a)assembler.cz> Signed-off-by: Thomas Gleixner <tglx(a)linutronix.de> Reviewed-by: Borislav Petkov <bp(a)suse.de> Tested-by: Borislav Petkov <bp(a)suse.de> Cc: Andy Lutomirski <luto(a)amacapital.net> Link: https://lkml.kernel.org/r/bdcebe90-62c5-1f05-083c-eba7f08b2540@assembler.cz Signed-off-by: Ingo Molnar <mingo(a)kernel.org> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- arch/x86/include/asm/cpufeatures.h | 1 + arch/x86/kernel/cpu/amd.c | 7 +++++-- 2 files changed, 6 insertions(+), 2 deletions(-) --- a/arch/x86/include/asm/cpufeatures.h +++ b/arch/x86/include/asm/cpufeatures.h @@ -266,6 +266,7 @@ /* AMD-defined CPU features, CPUID level 0x80000008 (EBX), word 13 */ #define X86_FEATURE_CLZERO (13*32+ 0) /* CLZERO instruction */ #define X86_FEATURE_IRPERF (13*32+ 1) /* Instructions Retired Count */ +#define X86_FEATURE_XSAVEERPTR (13*32+ 2) /* Always save/restore FP error pointers */ /* Thermal and Power Management Leaf, CPUID level 0x00000006 (EAX), word 14 */ #define X86_FEATURE_DTHERM (14*32+ 0) /* Digital Thermal Sensor */ --- a/arch/x86/kernel/cpu/amd.c +++ b/arch/x86/kernel/cpu/amd.c @@ -804,8 +804,11 @@ static void init_amd(struct cpuinfo_x86 case 0x17: init_amd_zn(c); break; } - /* Enable workaround for FXSAVE leak */ - if (c->x86 >= 6) + /* + * Enable workaround for FXSAVE leak on CPUs + * without a XSaveErPtr feature + */ + if ((c->x86 >= 6) && (!cpu_has(c, X86_FEATURE_XSAVEERPTR))) set_cpu_bug(c, X86_BUG_FXSAVE_LEAK); cpu_detect_cache_sizes(c); Patches currently in stable-queue which might be from r.marek(a)assembler.cz are queue-4.14/x86-make-x86_bug_fxsave_leak-detectable-in-cpuid-on-amd.patch

7 years, 8 months

1
0
0 0

[Linux-stable-mirror] Patch "x86/mm: Define _PAGE_TABLE using _KERNPG_TABLE" has been added to the 4.14-stable tree

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled x86/mm: Define _PAGE_TABLE using _KERNPG_TABLE to the 4.14-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… The filename of the patch is: x86-mm-define-_page_table-using-_kernpg_table.patch and it can be found in the queue-4.14 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable(a)vger.kernel.org> know about it. >From c7da092a1f243bfd1bfb4124f538e69e941882da Mon Sep 17 00:00:00 2001 From: Borislav Petkov <bp(a)suse.de> Date: Fri, 3 Nov 2017 11:20:28 +0100 Subject: x86/mm: Define _PAGE_TABLE using _KERNPG_TABLE From: Borislav Petkov <bp(a)suse.de> commit c7da092a1f243bfd1bfb4124f538e69e941882da upstream. ... so that the difference is obvious. No functionality change. Signed-off-by: Borislav Petkov <bp(a)suse.de> Cc: Linus Torvalds <torvalds(a)linux-foundation.org> Cc: Peter Zijlstra <peterz(a)infradead.org> Cc: Thomas Gleixner <tglx(a)linutronix.de> Link: http://lkml.kernel.org/r/20171103102028.20284-1-bp@alien8.de Signed-off-by: Ingo Molnar <mingo(a)kernel.org> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- arch/x86/include/asm/pgtable_types.h | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) --- a/arch/x86/include/asm/pgtable_types.h +++ b/arch/x86/include/asm/pgtable_types.h @@ -200,10 +200,9 @@ enum page_cache_mode { #define _PAGE_ENC (_AT(pteval_t, sme_me_mask)) -#define _PAGE_TABLE (_PAGE_PRESENT | _PAGE_RW | _PAGE_USER | \ - _PAGE_ACCESSED | _PAGE_DIRTY | _PAGE_ENC) #define _KERNPG_TABLE (_PAGE_PRESENT | _PAGE_RW | _PAGE_ACCESSED | \ _PAGE_DIRTY | _PAGE_ENC) +#define _PAGE_TABLE (_KERNPG_TABLE | _PAGE_USER) #define __PAGE_KERNEL_ENC (__PAGE_KERNEL | _PAGE_ENC) #define __PAGE_KERNEL_ENC_WP (__PAGE_KERNEL_WP | _PAGE_ENC) Patches currently in stable-queue which might be from bp(a)suse.de are queue-4.14/x86-make-x86_bug_fxsave_leak-detectable-in-cpuid-on-amd.patch queue-4.14/x86-entry-64-move-the-ist-stacks-into-struct-cpu_entry_area.patch queue-4.14/x86-dumpstack-add-get_stack_info-support-for-the-sysenter-stack.patch queue-4.14/x86-xen-provide-pre-built-page-tables-only-for-config_xen_pv-y-and-config_xen_pvh-y.patch queue-4.14/x86-mm-fixmap-generalize-the-gdt-fixmap-mechanism-introduce-struct-cpu_entry_area.patch queue-4.14/x86-xen-drop-5-level-paging-support-code-from-the-xen_pv-code.patch queue-4.14/x86-dumpstack-handle-stack-overflow-on-all-stacks.patch queue-4.14/x86-entry-64-use-pop-instead-of-movq-in-syscall_return_via_sysret.patch queue-4.14/x86-entry-64-return-to-userspace-from-the-trampoline-stack.patch queue-4.14/x86-entry-64-remove-the-restore_c_regs_and_iret-label.patch queue-4.14/x86-entry-64-remove-all-remaining-direct-thread_struct-sp0-reads.patch queue-4.14/x86-boot-relocate-definition-of-the-initial-state-of-cr0.patch queue-4.14/x86-entry-64-de-xen-ify-our-nmi-code.patch queue-4.14/x86-entry-64-pass-sp0-directly-to-load_sp0.patch queue-4.14/x86-entry-64-use-a-per-cpu-trampoline-stack-for-idt-entries.patch queue-4.14/acpi-apei-remove-the-unused-dead-code-for-sea-nmi-notification-type.patch queue-4.14/x86-entry-64-shorten-test-instructions.patch queue-4.14/acpi-apei-replace-ioremap_page_range-with-fixmap.patch queue-4.14/x86-cpufeature-add-user-mode-instruction-prevention-definitions.patch queue-4.14/x86-cpufeatures-make-cpu-bugs-sticky.patch queue-4.14/x86-espfix-64-stop-assuming-that-pt_regs-is-on-the-entry-stack.patch queue-4.14/x86-traps-use-a-new-on_thread_stack-helper-to-clean-up-an-assertion.patch queue-4.14/x86-mm-define-_page_table-using-_kernpg_table.patch queue-4.14/x86-entry-move-sysenter_stack-to-the-beginning-of-struct-tss_struct.patch queue-4.14/x86-entry-64-allocate-and-enable-the-sysenter-stack.patch queue-4.14/x86-kasan-use-the-same-shadow-offset-for-4-and-5-level-paging.patch queue-4.14/mm-sparsemem-allocate-mem_section-at-runtime-for-config_sparsemem_extreme-y.patch queue-4.14/x86-entry-64-remove-the-sysenter-stack-canary.patch queue-4.14/x86-entry-gdt-put-per-cpu-gdt-remaps-in-ascending-order.patch queue-4.14/x86-entry-fix-assumptions-that-the-hw-tss-is-at-the-beginning-of-cpu_tss.patch queue-4.14/x86-entry-32-fix-cpu_current_top_of_stack-initialization-at-boot.patch queue-4.14/ptrace-x86-make-user_64bit_mode-available-to-32-bit-builds.patch queue-4.14/x86-mm-relocate-page-fault-error-codes-to-traps.h.patch queue-4.14/x86-irq-64-print-the-offending-ip-in-the-stack-overflow-warning.patch queue-4.14/x86-entry-64-separate-cpu_current_top_of_stack-from-tss.sp0.patch queue-4.14/x86-irq-remove-an-old-outdated-comment-about-context-tracking-races.patch queue-4.14/acpi-apei-adjust-a-local-variable-type-in-ghes_ioremap_pfn_irq.patch

7 years, 8 months

1
0
0 0

[Linux-stable-mirror] Patch "x86/kasan/64: Teach KASAN about the cpu_entry_area" has been added to the 4.14-stable tree

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled x86/kasan/64: Teach KASAN about the cpu_entry_area to the 4.14-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… The filename of the patch is: x86-kasan-64-teach-kasan-about-the-cpu_entry_area.patch and it can be found in the queue-4.14 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable(a)vger.kernel.org> know about it. >From 21506525fb8ddb0342f2a2370812d47f6a1f3833 Mon Sep 17 00:00:00 2001 From: Andy Lutomirski <luto(a)kernel.org> Date: Mon, 4 Dec 2017 15:07:16 +0100 Subject: x86/kasan/64: Teach KASAN about the cpu_entry_area From: Andy Lutomirski <luto(a)kernel.org> commit 21506525fb8ddb0342f2a2370812d47f6a1f3833 upstream. The cpu_entry_area will contain stacks. Make sure that KASAN has appropriate shadow mappings for them. Signed-off-by: Andy Lutomirski <luto(a)kernel.org> Signed-off-by: Andrey Ryabinin <aryabinin(a)virtuozzo.com> Signed-off-by: Thomas Gleixner <tglx(a)linutronix.de> Cc: Alexander Potapenko <glider(a)google.com> Cc: Boris Ostrovsky <boris.ostrovsky(a)oracle.com> Cc: Borislav Petkov <bp(a)alien8.de> Cc: Borislav Petkov <bpetkov(a)suse.de> Cc: Brian Gerst <brgerst(a)gmail.com> Cc: Dave Hansen <dave.hansen(a)intel.com> Cc: Dave Hansen <dave.hansen(a)linux.intel.com> Cc: David Laight <David.Laight(a)aculab.com> Cc: Denys Vlasenko <dvlasenk(a)redhat.com> Cc: Dmitry Vyukov <dvyukov(a)google.com> Cc: Eduardo Valentin <eduval(a)amazon.com> Cc: Greg KH <gregkh(a)linuxfoundation.org> Cc: H. Peter Anvin <hpa(a)zytor.com> Cc: Josh Poimboeuf <jpoimboe(a)redhat.com> Cc: Juergen Gross <jgross(a)suse.com> Cc: Linus Torvalds <torvalds(a)linux-foundation.org> Cc: Peter Zijlstra <peterz(a)infradead.org> Cc: Rik van Riel <riel(a)redhat.com> Cc: Will Deacon <will.deacon(a)arm.com> Cc: aliguori(a)amazon.com Cc: daniel.gruss(a)iaik.tugraz.at Cc: hughd(a)google.com Cc: kasan-dev(a)googlegroups.com Cc: keescook(a)google.com Link: https://lkml.kernel.org/r/20171204150605.642806442@linutronix.de Signed-off-by: Ingo Molnar <mingo(a)kernel.org> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- arch/x86/mm/kasan_init_64.c | 18 +++++++++++++++++- 1 file changed, 17 insertions(+), 1 deletion(-) --- a/arch/x86/mm/kasan_init_64.c +++ b/arch/x86/mm/kasan_init_64.c @@ -277,6 +277,7 @@ void __init kasan_early_init(void) void __init kasan_init(void) { int i; + void *shadow_cpu_entry_begin, *shadow_cpu_entry_end; #ifdef CONFIG_KASAN_INLINE register_die_notifier(&kasan_die_notifier); @@ -329,8 +330,23 @@ void __init kasan_init(void) (unsigned long)kasan_mem_to_shadow(_end), early_pfn_to_nid(__pa(_stext))); + shadow_cpu_entry_begin = (void *)__fix_to_virt(FIX_CPU_ENTRY_AREA_BOTTOM); + shadow_cpu_entry_begin = kasan_mem_to_shadow(shadow_cpu_entry_begin); + shadow_cpu_entry_begin = (void *)round_down((unsigned long)shadow_cpu_entry_begin, + PAGE_SIZE); + + shadow_cpu_entry_end = (void *)(__fix_to_virt(FIX_CPU_ENTRY_AREA_TOP) + PAGE_SIZE); + shadow_cpu_entry_end = kasan_mem_to_shadow(shadow_cpu_entry_end); + shadow_cpu_entry_end = (void *)round_up((unsigned long)shadow_cpu_entry_end, + PAGE_SIZE); + kasan_populate_zero_shadow(kasan_mem_to_shadow((void *)MODULES_END), - (void *)KASAN_SHADOW_END); + shadow_cpu_entry_begin); + + kasan_populate_shadow((unsigned long)shadow_cpu_entry_begin, + (unsigned long)shadow_cpu_entry_end, 0); + + kasan_populate_zero_shadow(shadow_cpu_entry_end, (void *)KASAN_SHADOW_END); load_cr3(init_top_pgt); __flush_tlb_all(); Patches currently in stable-queue which might be from luto(a)kernel.org are queue-4.14/x86-entry-64-simplify-reg-restore-code-in-the-standard-iret-paths.patch queue-4.14/x86-cpufeatures-fix-various-details-in-the-feature-definitions.patch queue-4.14/x86-entry-64-move-the-ist-stacks-into-struct-cpu_entry_area.patch queue-4.14/x86-dumpstack-add-get_stack_info-support-for-the-sysenter-stack.patch queue-4.14/x86-asm-don-t-use-the-confusing-.ifeq-directive.patch queue-4.14/selftests-x86-ldt_gdt-add-infrastructure-to-test-set_thread_area.patch queue-4.14/x86-entry-remap-the-tss-into-the-cpu-entry-area.patch queue-4.14/x86-entry-64-paravirt-use-paravirt-safe-macro-to-access-eflags.patch queue-4.14/x86-mm-fixmap-generalize-the-gdt-fixmap-mechanism-introduce-struct-cpu_entry_area.patch queue-4.14/x86-paravirt-dont-patch-flush_tlb_single.patch queue-4.14/x86-dumpstack-handle-stack-overflow-on-all-stacks.patch queue-4.14/x86-entry-64-use-pop-instead-of-movq-in-syscall_return_via_sysret.patch queue-4.14/x86-entry-64-return-to-userspace-from-the-trampoline-stack.patch queue-4.14/x86-paravirt-provide-a-way-to-check-for-hypervisors.patch queue-4.14/xen-x86-entry-64-add-xen-nmi-trap-entry.patch queue-4.14/x86-entry-64-remove-the-restore_c_regs_and_iret-label.patch queue-4.14/x86-entry-64-create-a-per-cpu-syscall-entry-trampoline.patch queue-4.14/x86-entry-64-remove-the-restore_..._regs-infrastructure.patch queue-4.14/x86-xen-64-x86-entry-64-clean-up-sp-code-in-cpu_initialize_context.patch queue-4.14/x86-entry-add-task_top_of_stack-to-find-the-top-of-a-task-s-stack.patch queue-4.14/x86-entry-64-remove-all-remaining-direct-thread_struct-sp0-reads.patch queue-4.14/x86-boot-relocate-definition-of-the-initial-state-of-cr0.patch queue-4.14/x86-entry-64-stop-initializing-tss.sp0-at-boot.patch queue-4.14/x86-entry-64-de-xen-ify-our-nmi-code.patch queue-4.14/objtool-don-t-report-end-of-section-error-after-an-empty-unwind-hint.patch queue-4.14/x86-entry-64-pass-sp0-directly-to-load_sp0.patch queue-4.14/x86-entry-64-use-a-per-cpu-trampoline-stack-for-idt-entries.patch queue-4.14/x86-entry-64-move-swapgs-into-the-common-iret-to-usermode-path.patch queue-4.14/x86-entry-64-shorten-test-instructions.patch queue-4.14/x86-cpufeature-add-user-mode-instruction-prevention-definitions.patch queue-4.14/x86-cpufeatures-make-cpu-bugs-sticky.patch queue-4.14/x86-espfix-64-stop-assuming-that-pt_regs-is-on-the-entry-stack.patch queue-4.14/x86-traps-use-a-new-on_thread_stack-helper-to-clean-up-an-assertion.patch queue-4.14/x86-xen-fix-xen-head-elf-annotations.patch queue-4.14/x86-entry-64-remove-thread_struct-sp0.patch queue-4.14/x86-entry-move-sysenter_stack-to-the-beginning-of-struct-tss_struct.patch queue-4.14/x86-entry-64-allocate-and-enable-the-sysenter-stack.patch queue-4.14/x86-unwinder-orc-dont-bail-on-stack-overflow.patch queue-4.14/x86-head-fix-head-elf-function-annotations.patch queue-4.14/selftests-x86-ldt_gdt-run-most-existing-ldt-test-cases-against-the-gdt-as-well.patch queue-4.14/x86-entry-32-pull-the-msr_ia32_sysenter_cs-update-code-out-of-native_load_sp0.patch queue-4.14/x86-entry-64-split-the-iret-to-user-and-iret-to-kernel-paths.patch queue-4.14/x86-entry-64-shrink-paranoid_exit_restore-and-make-labels-local.patch queue-4.14/x86-head-add-unwind-hint-annotations.patch queue-4.14/x86-head-remove-unused-bad_address-code.patch queue-4.14/x86-xen-add-unwind-hint-annotations.patch queue-4.14/x86-kasan-64-teach-kasan-about-the-cpu_entry_area.patch queue-4.14/x86-head-remove-confusing-comment.patch queue-4.14/x86-entry-64-remove-the-sysenter-stack-canary.patch queue-4.14/x86-mm-kasan-don-t-use-vmemmap_populate-to-initialize-shadow.patch queue-4.14/x86-entry-gdt-put-per-cpu-gdt-remaps-in-ascending-order.patch queue-4.14/x86-entry-fix-assumptions-that-the-hw-tss-is-at-the-beginning-of-cpu_tss.patch queue-4.14/x86-cpufeatures-re-tabulate-the-x86_feature-definitions.patch queue-4.14/x86-entry-32-fix-cpu_current_top_of_stack-initialization-at-boot.patch queue-4.14/ptrace-x86-make-user_64bit_mode-available-to-32-bit-builds.patch queue-4.14/x86-entry-64-make-cpu_entry_area.tss-read-only.patch queue-4.14/x86-mm-relocate-page-fault-error-codes-to-traps.h.patch queue-4.14/x86-unwinder-handle-stack-overflows-more-gracefully.patch queue-4.14/x86-entry-64-use-pop-instead-of-mov-to-restore-regs-on-nmi-return.patch queue-4.14/x86-irq-64-print-the-offending-ip-in-the-stack-overflow-warning.patch queue-4.14/x86-entry-clean-up-the-sysenter_stack-code.patch queue-4.14/x86-entry-64-merge-the-fast-and-slow-sysret-paths.patch queue-4.14/x86-entry-64-separate-cpu_current_top_of_stack-from-tss.sp0.patch queue-4.14/x86-boot-annotate-verify_cpu-as-a-callable-function.patch queue-4.14/x86-irq-remove-an-old-outdated-comment-about-context-tracking-races.patch

7 years, 8 months

1
0
0 0

[Linux-stable-mirror] Patch "x86/irq: Remove an old outdated comment about context tracking races" has been added to the 4.14-stable tree

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled x86/irq: Remove an old outdated comment about context tracking races to the 4.14-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… The filename of the patch is: x86-irq-remove-an-old-outdated-comment-about-context-tracking-races.patch and it can be found in the queue-4.14 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable(a)vger.kernel.org> know about it. >From 6669a692605547892a026445e460bf233958bd7f Mon Sep 17 00:00:00 2001 From: Andy Lutomirski <luto(a)kernel.org> Date: Mon, 4 Dec 2017 15:07:10 +0100 Subject: x86/irq: Remove an old outdated comment about context tracking races From: Andy Lutomirski <luto(a)kernel.org> commit 6669a692605547892a026445e460bf233958bd7f upstream. That race has been fixed and code cleaned up for a while now. Signed-off-by: Andy Lutomirski <luto(a)kernel.org> Signed-off-by: Thomas Gleixner <tglx(a)linutronix.de> Reviewed-by: Borislav Petkov <bp(a)suse.de> Reviewed-by: Thomas Gleixner <tglx(a)linutronix.de> Cc: Boris Ostrovsky <boris.ostrovsky(a)oracle.com> Cc: Borislav Petkov <bp(a)alien8.de> Cc: Borislav Petkov <bpetkov(a)suse.de> Cc: Brian Gerst <brgerst(a)gmail.com> Cc: Dave Hansen <dave.hansen(a)intel.com> Cc: Dave Hansen <dave.hansen(a)linux.intel.com> Cc: David Laight <David.Laight(a)aculab.com> Cc: Denys Vlasenko <dvlasenk(a)redhat.com> Cc: Eduardo Valentin <eduval(a)amazon.com> Cc: Greg KH <gregkh(a)linuxfoundation.org> Cc: H. Peter Anvin <hpa(a)zytor.com> Cc: Josh Poimboeuf <jpoimboe(a)redhat.com> Cc: Juergen Gross <jgross(a)suse.com> Cc: Linus Torvalds <torvalds(a)linux-foundation.org> Cc: Peter Zijlstra <peterz(a)infradead.org> Cc: Rik van Riel <riel(a)redhat.com> Cc: Will Deacon <will.deacon(a)arm.com> Cc: aliguori(a)amazon.com Cc: daniel.gruss(a)iaik.tugraz.at Cc: hughd(a)google.com Cc: keescook(a)google.com Link: https://lkml.kernel.org/r/20171204150605.150551639@linutronix.de Signed-off-by: Ingo Molnar <mingo(a)kernel.org> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- arch/x86/kernel/irq.c | 12 ------------ 1 file changed, 12 deletions(-) --- a/arch/x86/kernel/irq.c +++ b/arch/x86/kernel/irq.c @@ -219,18 +219,6 @@ __visible unsigned int __irq_entry do_IR /* high bit used in ret_from_ code */ unsigned vector = ~regs->orig_ax; - /* - * NB: Unlike exception entries, IRQ entries do not reliably - * handle context tracking in the low-level entry code. This is - * because syscall entries execute briefly with IRQs on before - * updating context tracking state, so we can take an IRQ from - * kernel mode with CONTEXT_USER. The low-level entry code only - * updates the context if we came from user mode, so we won't - * switch to CONTEXT_KERNEL. We'll fix that once the syscall - * code is cleaned up enough that we can cleanly defer enabling - * IRQs. - */ - entering_irq(); /* entering_irq() tells RCU that we're not quiescent. Check it. */ Patches currently in stable-queue which might be from luto(a)kernel.org are queue-4.14/x86-entry-64-simplify-reg-restore-code-in-the-standard-iret-paths.patch queue-4.14/x86-cpufeatures-fix-various-details-in-the-feature-definitions.patch queue-4.14/x86-entry-64-move-the-ist-stacks-into-struct-cpu_entry_area.patch queue-4.14/x86-dumpstack-add-get_stack_info-support-for-the-sysenter-stack.patch queue-4.14/x86-asm-don-t-use-the-confusing-.ifeq-directive.patch queue-4.14/selftests-x86-ldt_gdt-add-infrastructure-to-test-set_thread_area.patch queue-4.14/x86-entry-remap-the-tss-into-the-cpu-entry-area.patch queue-4.14/x86-entry-64-paravirt-use-paravirt-safe-macro-to-access-eflags.patch queue-4.14/x86-mm-fixmap-generalize-the-gdt-fixmap-mechanism-introduce-struct-cpu_entry_area.patch queue-4.14/x86-paravirt-dont-patch-flush_tlb_single.patch queue-4.14/x86-dumpstack-handle-stack-overflow-on-all-stacks.patch queue-4.14/x86-entry-64-use-pop-instead-of-movq-in-syscall_return_via_sysret.patch queue-4.14/x86-entry-64-return-to-userspace-from-the-trampoline-stack.patch queue-4.14/x86-paravirt-provide-a-way-to-check-for-hypervisors.patch queue-4.14/xen-x86-entry-64-add-xen-nmi-trap-entry.patch queue-4.14/x86-entry-64-remove-the-restore_c_regs_and_iret-label.patch queue-4.14/x86-entry-64-create-a-per-cpu-syscall-entry-trampoline.patch queue-4.14/x86-entry-64-remove-the-restore_..._regs-infrastructure.patch queue-4.14/x86-xen-64-x86-entry-64-clean-up-sp-code-in-cpu_initialize_context.patch queue-4.14/x86-entry-add-task_top_of_stack-to-find-the-top-of-a-task-s-stack.patch queue-4.14/x86-entry-64-remove-all-remaining-direct-thread_struct-sp0-reads.patch queue-4.14/x86-boot-relocate-definition-of-the-initial-state-of-cr0.patch queue-4.14/x86-entry-64-stop-initializing-tss.sp0-at-boot.patch queue-4.14/x86-entry-64-de-xen-ify-our-nmi-code.patch queue-4.14/objtool-don-t-report-end-of-section-error-after-an-empty-unwind-hint.patch queue-4.14/x86-entry-64-pass-sp0-directly-to-load_sp0.patch queue-4.14/x86-entry-64-use-a-per-cpu-trampoline-stack-for-idt-entries.patch queue-4.14/x86-entry-64-move-swapgs-into-the-common-iret-to-usermode-path.patch queue-4.14/x86-entry-64-shorten-test-instructions.patch queue-4.14/x86-cpufeature-add-user-mode-instruction-prevention-definitions.patch queue-4.14/x86-cpufeatures-make-cpu-bugs-sticky.patch queue-4.14/x86-espfix-64-stop-assuming-that-pt_regs-is-on-the-entry-stack.patch queue-4.14/x86-traps-use-a-new-on_thread_stack-helper-to-clean-up-an-assertion.patch queue-4.14/x86-xen-fix-xen-head-elf-annotations.patch queue-4.14/x86-entry-64-remove-thread_struct-sp0.patch queue-4.14/x86-entry-move-sysenter_stack-to-the-beginning-of-struct-tss_struct.patch queue-4.14/x86-entry-64-allocate-and-enable-the-sysenter-stack.patch queue-4.14/x86-unwinder-orc-dont-bail-on-stack-overflow.patch queue-4.14/x86-head-fix-head-elf-function-annotations.patch queue-4.14/selftests-x86-ldt_gdt-run-most-existing-ldt-test-cases-against-the-gdt-as-well.patch queue-4.14/x86-entry-32-pull-the-msr_ia32_sysenter_cs-update-code-out-of-native_load_sp0.patch queue-4.14/x86-entry-64-split-the-iret-to-user-and-iret-to-kernel-paths.patch queue-4.14/x86-entry-64-shrink-paranoid_exit_restore-and-make-labels-local.patch queue-4.14/x86-head-add-unwind-hint-annotations.patch queue-4.14/x86-head-remove-unused-bad_address-code.patch queue-4.14/x86-xen-add-unwind-hint-annotations.patch queue-4.14/x86-kasan-64-teach-kasan-about-the-cpu_entry_area.patch queue-4.14/x86-head-remove-confusing-comment.patch queue-4.14/x86-entry-64-remove-the-sysenter-stack-canary.patch queue-4.14/x86-mm-kasan-don-t-use-vmemmap_populate-to-initialize-shadow.patch queue-4.14/x86-entry-gdt-put-per-cpu-gdt-remaps-in-ascending-order.patch queue-4.14/x86-entry-fix-assumptions-that-the-hw-tss-is-at-the-beginning-of-cpu_tss.patch queue-4.14/x86-cpufeatures-re-tabulate-the-x86_feature-definitions.patch queue-4.14/x86-entry-32-fix-cpu_current_top_of_stack-initialization-at-boot.patch queue-4.14/ptrace-x86-make-user_64bit_mode-available-to-32-bit-builds.patch queue-4.14/x86-entry-64-make-cpu_entry_area.tss-read-only.patch queue-4.14/x86-mm-relocate-page-fault-error-codes-to-traps.h.patch queue-4.14/x86-unwinder-handle-stack-overflows-more-gracefully.patch queue-4.14/x86-entry-64-use-pop-instead-of-mov-to-restore-regs-on-nmi-return.patch queue-4.14/x86-irq-64-print-the-offending-ip-in-the-stack-overflow-warning.patch queue-4.14/x86-entry-clean-up-the-sysenter_stack-code.patch queue-4.14/x86-entry-64-merge-the-fast-and-slow-sysret-paths.patch queue-4.14/x86-entry-64-separate-cpu_current_top_of_stack-from-tss.sp0.patch queue-4.14/x86-boot-annotate-verify_cpu-as-a-callable-function.patch queue-4.14/x86-irq-remove-an-old-outdated-comment-about-context-tracking-races.patch

7 years, 8 months

1
0
0 0

[Linux-stable-mirror] Patch "x86/irq/64: Print the offending IP in the stack overflow warning" has been added to the 4.14-stable tree

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled x86/irq/64: Print the offending IP in the stack overflow warning to the 4.14-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… The filename of the patch is: x86-irq-64-print-the-offending-ip-in-the-stack-overflow-warning.patch and it can be found in the queue-4.14 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable(a)vger.kernel.org> know about it. >From 4f3789e792296e21405f708cf3cb409d7c7d5683 Mon Sep 17 00:00:00 2001 From: Andy Lutomirski <luto(a)kernel.org> Date: Mon, 4 Dec 2017 15:07:11 +0100 Subject: x86/irq/64: Print the offending IP in the stack overflow warning From: Andy Lutomirski <luto(a)kernel.org> commit 4f3789e792296e21405f708cf3cb409d7c7d5683 upstream. In case something goes wrong with unwind (not unlikely in case of overflow), print the offending IP where we detected the overflow. Signed-off-by: Andy Lutomirski <luto(a)kernel.org> Signed-off-by: Thomas Gleixner <tglx(a)linutronix.de> Reviewed-by: Borislav Petkov <bp(a)suse.de> Reviewed-by: Thomas Gleixner <tglx(a)linutronix.de> Cc: Boris Ostrovsky <boris.ostrovsky(a)oracle.com> Cc: Borislav Petkov <bp(a)alien8.de> Cc: Borislav Petkov <bpetkov(a)suse.de> Cc: Brian Gerst <brgerst(a)gmail.com> Cc: Dave Hansen <dave.hansen(a)intel.com> Cc: Dave Hansen <dave.hansen(a)linux.intel.com> Cc: David Laight <David.Laight(a)aculab.com> Cc: Denys Vlasenko <dvlasenk(a)redhat.com> Cc: Eduardo Valentin <eduval(a)amazon.com> Cc: Greg KH <gregkh(a)linuxfoundation.org> Cc: H. Peter Anvin <hpa(a)zytor.com> Cc: Josh Poimboeuf <jpoimboe(a)redhat.com> Cc: Juergen Gross <jgross(a)suse.com> Cc: Linus Torvalds <torvalds(a)linux-foundation.org> Cc: Peter Zijlstra <peterz(a)infradead.org> Cc: Rik van Riel <riel(a)redhat.com> Cc: Will Deacon <will.deacon(a)arm.com> Cc: aliguori(a)amazon.com Cc: daniel.gruss(a)iaik.tugraz.at Cc: hughd(a)google.com Cc: keescook(a)google.com Link: https://lkml.kernel.org/r/20171204150605.231677119@linutronix.de Signed-off-by: Ingo Molnar <mingo(a)kernel.org> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- arch/x86/kernel/irq_64.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) --- a/arch/x86/kernel/irq_64.c +++ b/arch/x86/kernel/irq_64.c @@ -57,10 +57,10 @@ static inline void stack_overflow_check( if (regs->sp >= estack_top && regs->sp <= estack_bottom) return; - WARN_ONCE(1, "do_IRQ(): %s has overflown the kernel stack (cur:%Lx,sp:%lx,irq stk top-bottom:%Lx-%Lx,exception stk top-bottom:%Lx-%Lx)\n", + WARN_ONCE(1, "do_IRQ(): %s has overflown the kernel stack (cur:%Lx,sp:%lx,irq stk top-bottom:%Lx-%Lx,exception stk top-bottom:%Lx-%Lx,ip:%pF)\n", current->comm, curbase, regs->sp, irq_stack_top, irq_stack_bottom, - estack_top, estack_bottom); + estack_top, estack_bottom, (void *)regs->ip); if (sysctl_panic_on_stackoverflow) panic("low stack detected by irq handler - check messages\n"); Patches currently in stable-queue which might be from luto(a)kernel.org are queue-4.14/x86-entry-64-simplify-reg-restore-code-in-the-standard-iret-paths.patch queue-4.14/x86-cpufeatures-fix-various-details-in-the-feature-definitions.patch queue-4.14/x86-entry-64-move-the-ist-stacks-into-struct-cpu_entry_area.patch queue-4.14/x86-dumpstack-add-get_stack_info-support-for-the-sysenter-stack.patch queue-4.14/x86-asm-don-t-use-the-confusing-.ifeq-directive.patch queue-4.14/selftests-x86-ldt_gdt-add-infrastructure-to-test-set_thread_area.patch queue-4.14/x86-entry-remap-the-tss-into-the-cpu-entry-area.patch queue-4.14/x86-entry-64-paravirt-use-paravirt-safe-macro-to-access-eflags.patch queue-4.14/x86-mm-fixmap-generalize-the-gdt-fixmap-mechanism-introduce-struct-cpu_entry_area.patch queue-4.14/x86-paravirt-dont-patch-flush_tlb_single.patch queue-4.14/x86-dumpstack-handle-stack-overflow-on-all-stacks.patch queue-4.14/x86-entry-64-use-pop-instead-of-movq-in-syscall_return_via_sysret.patch queue-4.14/x86-entry-64-return-to-userspace-from-the-trampoline-stack.patch queue-4.14/x86-paravirt-provide-a-way-to-check-for-hypervisors.patch queue-4.14/xen-x86-entry-64-add-xen-nmi-trap-entry.patch queue-4.14/x86-entry-64-remove-the-restore_c_regs_and_iret-label.patch queue-4.14/x86-entry-64-create-a-per-cpu-syscall-entry-trampoline.patch queue-4.14/x86-entry-64-remove-the-restore_..._regs-infrastructure.patch queue-4.14/x86-xen-64-x86-entry-64-clean-up-sp-code-in-cpu_initialize_context.patch queue-4.14/x86-entry-add-task_top_of_stack-to-find-the-top-of-a-task-s-stack.patch queue-4.14/x86-entry-64-remove-all-remaining-direct-thread_struct-sp0-reads.patch queue-4.14/x86-boot-relocate-definition-of-the-initial-state-of-cr0.patch queue-4.14/x86-entry-64-stop-initializing-tss.sp0-at-boot.patch queue-4.14/x86-entry-64-de-xen-ify-our-nmi-code.patch queue-4.14/objtool-don-t-report-end-of-section-error-after-an-empty-unwind-hint.patch queue-4.14/x86-entry-64-pass-sp0-directly-to-load_sp0.patch queue-4.14/x86-entry-64-use-a-per-cpu-trampoline-stack-for-idt-entries.patch queue-4.14/x86-entry-64-move-swapgs-into-the-common-iret-to-usermode-path.patch queue-4.14/x86-entry-64-shorten-test-instructions.patch queue-4.14/x86-cpufeature-add-user-mode-instruction-prevention-definitions.patch queue-4.14/x86-cpufeatures-make-cpu-bugs-sticky.patch queue-4.14/x86-espfix-64-stop-assuming-that-pt_regs-is-on-the-entry-stack.patch queue-4.14/x86-traps-use-a-new-on_thread_stack-helper-to-clean-up-an-assertion.patch queue-4.14/x86-xen-fix-xen-head-elf-annotations.patch queue-4.14/x86-entry-64-remove-thread_struct-sp0.patch queue-4.14/x86-entry-move-sysenter_stack-to-the-beginning-of-struct-tss_struct.patch queue-4.14/x86-entry-64-allocate-and-enable-the-sysenter-stack.patch queue-4.14/x86-unwinder-orc-dont-bail-on-stack-overflow.patch queue-4.14/x86-head-fix-head-elf-function-annotations.patch queue-4.14/selftests-x86-ldt_gdt-run-most-existing-ldt-test-cases-against-the-gdt-as-well.patch queue-4.14/x86-entry-32-pull-the-msr_ia32_sysenter_cs-update-code-out-of-native_load_sp0.patch queue-4.14/x86-entry-64-split-the-iret-to-user-and-iret-to-kernel-paths.patch queue-4.14/x86-entry-64-shrink-paranoid_exit_restore-and-make-labels-local.patch queue-4.14/x86-head-add-unwind-hint-annotations.patch queue-4.14/x86-head-remove-unused-bad_address-code.patch queue-4.14/x86-xen-add-unwind-hint-annotations.patch queue-4.14/x86-kasan-64-teach-kasan-about-the-cpu_entry_area.patch queue-4.14/x86-head-remove-confusing-comment.patch queue-4.14/x86-entry-64-remove-the-sysenter-stack-canary.patch queue-4.14/x86-mm-kasan-don-t-use-vmemmap_populate-to-initialize-shadow.patch queue-4.14/x86-entry-gdt-put-per-cpu-gdt-remaps-in-ascending-order.patch queue-4.14/x86-entry-fix-assumptions-that-the-hw-tss-is-at-the-beginning-of-cpu_tss.patch queue-4.14/x86-cpufeatures-re-tabulate-the-x86_feature-definitions.patch queue-4.14/x86-entry-32-fix-cpu_current_top_of_stack-initialization-at-boot.patch queue-4.14/ptrace-x86-make-user_64bit_mode-available-to-32-bit-builds.patch queue-4.14/x86-entry-64-make-cpu_entry_area.tss-read-only.patch queue-4.14/x86-mm-relocate-page-fault-error-codes-to-traps.h.patch queue-4.14/x86-unwinder-handle-stack-overflows-more-gracefully.patch queue-4.14/x86-entry-64-use-pop-instead-of-mov-to-restore-regs-on-nmi-return.patch queue-4.14/x86-irq-64-print-the-offending-ip-in-the-stack-overflow-warning.patch queue-4.14/x86-entry-clean-up-the-sysenter_stack-code.patch queue-4.14/x86-entry-64-merge-the-fast-and-slow-sysret-paths.patch queue-4.14/x86-entry-64-separate-cpu_current_top_of_stack-from-tss.sp0.patch queue-4.14/x86-boot-annotate-verify_cpu-as-a-callable-function.patch queue-4.14/x86-irq-remove-an-old-outdated-comment-about-context-tracking-races.patch

7 years, 8 months

1
0
0 0

[Linux-stable-mirror] Patch "x86/espfix/64: Stop assuming that pt_regs is on the entry stack" has been added to the 4.14-stable tree

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled x86/espfix/64: Stop assuming that pt_regs is on the entry stack to the 4.14-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… The filename of the patch is: x86-espfix-64-stop-assuming-that-pt_regs-is-on-the-entry-stack.patch and it can be found in the queue-4.14 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable(a)vger.kernel.org> know about it. >From 6d9256f0a89eaff97fca6006100bcaea8d1d8bdb Mon Sep 17 00:00:00 2001 From: Andy Lutomirski <luto(a)kernel.org> Date: Mon, 4 Dec 2017 15:07:22 +0100 Subject: x86/espfix/64: Stop assuming that pt_regs is on the entry stack From: Andy Lutomirski <luto(a)kernel.org> commit 6d9256f0a89eaff97fca6006100bcaea8d1d8bdb upstream. When we start using an entry trampoline, a #GP from userspace will be delivered on the entry stack, not on the task stack. Fix the espfix64 #DF fixup to set up #GP according to TSS.SP0, rather than assuming that pt_regs + 1 == SP0. This won't change anything without an entry stack, but it will make the code continue to work when an entry stack is added. While we're at it, improve the comments to explain what's actually going on. Signed-off-by: Andy Lutomirski <luto(a)kernel.org> Signed-off-by: Thomas Gleixner <tglx(a)linutronix.de> Reviewed-by: Thomas Gleixner <tglx(a)linutronix.de> Reviewed-by: Borislav Petkov <bp(a)suse.de> Cc: Boris Ostrovsky <boris.ostrovsky(a)oracle.com> Cc: Borislav Petkov <bp(a)alien8.de> Cc: Borislav Petkov <bpetkov(a)suse.de> Cc: Brian Gerst <brgerst(a)gmail.com> Cc: Dave Hansen <dave.hansen(a)intel.com> Cc: Dave Hansen <dave.hansen(a)linux.intel.com> Cc: David Laight <David.Laight(a)aculab.com> Cc: Denys Vlasenko <dvlasenk(a)redhat.com> Cc: Eduardo Valentin <eduval(a)amazon.com> Cc: Greg KH <gregkh(a)linuxfoundation.org> Cc: H. Peter Anvin <hpa(a)zytor.com> Cc: Josh Poimboeuf <jpoimboe(a)redhat.com> Cc: Juergen Gross <jgross(a)suse.com> Cc: Linus Torvalds <torvalds(a)linux-foundation.org> Cc: Peter Zijlstra <peterz(a)infradead.org> Cc: Rik van Riel <riel(a)redhat.com> Cc: Will Deacon <will.deacon(a)arm.com> Cc: aliguori(a)amazon.com Cc: daniel.gruss(a)iaik.tugraz.at Cc: hughd(a)google.com Cc: keescook(a)google.com Link: https://lkml.kernel.org/r/20171204150606.130778051@linutronix.de Signed-off-by: Ingo Molnar <mingo(a)kernel.org> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- arch/x86/kernel/traps.c | 37 ++++++++++++++++++++++++++++--------- 1 file changed, 28 insertions(+), 9 deletions(-) --- a/arch/x86/kernel/traps.c +++ b/arch/x86/kernel/traps.c @@ -348,9 +348,15 @@ dotraplinkage void do_double_fault(struc /* * If IRET takes a non-IST fault on the espfix64 stack, then we - * end up promoting it to a doublefault. In that case, modify - * the stack to make it look like we just entered the #GP - * handler from user space, similar to bad_iret. + * end up promoting it to a doublefault. In that case, take + * advantage of the fact that we're not using the normal (TSS.sp0) + * stack right now. We can write a fake #GP(0) frame at TSS.sp0 + * and then modify our own IRET frame so that, when we return, + * we land directly at the #GP(0) vector with the stack already + * set up according to its expectations. + * + * The net result is that our #GP handler will think that we + * entered from usermode with the bad user context. * * No need for ist_enter here because we don't use RCU. */ @@ -358,13 +364,26 @@ dotraplinkage void do_double_fault(struc regs->cs == __KERNEL_CS && regs->ip == (unsigned long)native_irq_return_iret) { - struct pt_regs *normal_regs = task_pt_regs(current); + struct pt_regs *gpregs = (struct pt_regs *)this_cpu_read(cpu_tss.x86_tss.sp0) - 1; - /* Fake a #GP(0) from userspace. */ - memmove(&normal_regs->ip, (void *)regs->sp, 5*8); - normal_regs->orig_ax = 0; /* Missing (lost) #GP error code */ + /* + * regs->sp points to the failing IRET frame on the + * ESPFIX64 stack. Copy it to the entry stack. This fills + * in gpregs->ss through gpregs->ip. + * + */ + memmove(&gpregs->ip, (void *)regs->sp, 5*8); + gpregs->orig_ax = 0; /* Missing (lost) #GP error code */ + + /* + * Adjust our frame so that we return straight to the #GP + * vector with the expected RSP value. This is safe because + * we won't enable interupts or schedule before we invoke + * general_protection, so nothing will clobber the stack + * frame we just set up. + */ regs->ip = (unsigned long)general_protection; - regs->sp = (unsigned long)&normal_regs->orig_ax; + regs->sp = (unsigned long)&gpregs->orig_ax; return; } @@ -389,7 +408,7 @@ dotraplinkage void do_double_fault(struc * * Processors update CR2 whenever a page fault is detected. If a * second page fault occurs while an earlier page fault is being - * deliv- ered, the faulting linear address of the second fault will + * delivered, the faulting linear address of the second fault will * overwrite the contents of CR2 (replacing the previous * address). These updates to CR2 occur even if the page fault * results in a double fault or occurs during the delivery of a Patches currently in stable-queue which might be from luto(a)kernel.org are queue-4.14/x86-entry-64-simplify-reg-restore-code-in-the-standard-iret-paths.patch queue-4.14/x86-cpufeatures-fix-various-details-in-the-feature-definitions.patch queue-4.14/x86-entry-64-move-the-ist-stacks-into-struct-cpu_entry_area.patch queue-4.14/x86-dumpstack-add-get_stack_info-support-for-the-sysenter-stack.patch queue-4.14/x86-asm-don-t-use-the-confusing-.ifeq-directive.patch queue-4.14/selftests-x86-ldt_gdt-add-infrastructure-to-test-set_thread_area.patch queue-4.14/x86-entry-remap-the-tss-into-the-cpu-entry-area.patch queue-4.14/x86-entry-64-paravirt-use-paravirt-safe-macro-to-access-eflags.patch queue-4.14/x86-mm-fixmap-generalize-the-gdt-fixmap-mechanism-introduce-struct-cpu_entry_area.patch queue-4.14/x86-paravirt-dont-patch-flush_tlb_single.patch queue-4.14/x86-dumpstack-handle-stack-overflow-on-all-stacks.patch queue-4.14/x86-entry-64-use-pop-instead-of-movq-in-syscall_return_via_sysret.patch queue-4.14/x86-entry-64-return-to-userspace-from-the-trampoline-stack.patch queue-4.14/x86-paravirt-provide-a-way-to-check-for-hypervisors.patch queue-4.14/xen-x86-entry-64-add-xen-nmi-trap-entry.patch queue-4.14/x86-entry-64-remove-the-restore_c_regs_and_iret-label.patch queue-4.14/x86-entry-64-create-a-per-cpu-syscall-entry-trampoline.patch queue-4.14/x86-entry-64-remove-the-restore_..._regs-infrastructure.patch queue-4.14/x86-xen-64-x86-entry-64-clean-up-sp-code-in-cpu_initialize_context.patch queue-4.14/x86-entry-add-task_top_of_stack-to-find-the-top-of-a-task-s-stack.patch queue-4.14/x86-entry-64-remove-all-remaining-direct-thread_struct-sp0-reads.patch queue-4.14/x86-boot-relocate-definition-of-the-initial-state-of-cr0.patch queue-4.14/x86-entry-64-stop-initializing-tss.sp0-at-boot.patch queue-4.14/x86-entry-64-de-xen-ify-our-nmi-code.patch queue-4.14/objtool-don-t-report-end-of-section-error-after-an-empty-unwind-hint.patch queue-4.14/x86-entry-64-pass-sp0-directly-to-load_sp0.patch queue-4.14/x86-entry-64-use-a-per-cpu-trampoline-stack-for-idt-entries.patch queue-4.14/x86-entry-64-move-swapgs-into-the-common-iret-to-usermode-path.patch queue-4.14/x86-entry-64-shorten-test-instructions.patch queue-4.14/x86-cpufeature-add-user-mode-instruction-prevention-definitions.patch queue-4.14/x86-cpufeatures-make-cpu-bugs-sticky.patch queue-4.14/x86-espfix-64-stop-assuming-that-pt_regs-is-on-the-entry-stack.patch queue-4.14/x86-traps-use-a-new-on_thread_stack-helper-to-clean-up-an-assertion.patch queue-4.14/x86-xen-fix-xen-head-elf-annotations.patch queue-4.14/x86-entry-64-remove-thread_struct-sp0.patch queue-4.14/x86-entry-move-sysenter_stack-to-the-beginning-of-struct-tss_struct.patch queue-4.14/x86-entry-64-allocate-and-enable-the-sysenter-stack.patch queue-4.14/x86-unwinder-orc-dont-bail-on-stack-overflow.patch queue-4.14/x86-head-fix-head-elf-function-annotations.patch queue-4.14/selftests-x86-ldt_gdt-run-most-existing-ldt-test-cases-against-the-gdt-as-well.patch queue-4.14/x86-entry-32-pull-the-msr_ia32_sysenter_cs-update-code-out-of-native_load_sp0.patch queue-4.14/x86-entry-64-split-the-iret-to-user-and-iret-to-kernel-paths.patch queue-4.14/x86-entry-64-shrink-paranoid_exit_restore-and-make-labels-local.patch queue-4.14/x86-head-add-unwind-hint-annotations.patch queue-4.14/x86-head-remove-unused-bad_address-code.patch queue-4.14/x86-xen-add-unwind-hint-annotations.patch queue-4.14/x86-kasan-64-teach-kasan-about-the-cpu_entry_area.patch queue-4.14/x86-head-remove-confusing-comment.patch queue-4.14/x86-entry-64-remove-the-sysenter-stack-canary.patch queue-4.14/x86-mm-kasan-don-t-use-vmemmap_populate-to-initialize-shadow.patch queue-4.14/x86-entry-gdt-put-per-cpu-gdt-remaps-in-ascending-order.patch queue-4.14/x86-entry-fix-assumptions-that-the-hw-tss-is-at-the-beginning-of-cpu_tss.patch queue-4.14/x86-cpufeatures-re-tabulate-the-x86_feature-definitions.patch queue-4.14/x86-entry-32-fix-cpu_current_top_of_stack-initialization-at-boot.patch queue-4.14/ptrace-x86-make-user_64bit_mode-available-to-32-bit-builds.patch queue-4.14/x86-entry-64-make-cpu_entry_area.tss-read-only.patch queue-4.14/x86-mm-relocate-page-fault-error-codes-to-traps.h.patch queue-4.14/x86-unwinder-handle-stack-overflows-more-gracefully.patch queue-4.14/x86-entry-64-use-pop-instead-of-mov-to-restore-regs-on-nmi-return.patch queue-4.14/x86-irq-64-print-the-offending-ip-in-the-stack-overflow-warning.patch queue-4.14/x86-entry-clean-up-the-sysenter_stack-code.patch queue-4.14/x86-entry-64-merge-the-fast-and-slow-sysret-paths.patch queue-4.14/x86-entry-64-separate-cpu_current_top_of_stack-from-tss.sp0.patch queue-4.14/x86-boot-annotate-verify_cpu-as-a-callable-function.patch queue-4.14/x86-irq-remove-an-old-outdated-comment-about-context-tracking-races.patch

7 years, 8 months

1
0
0 0

[Linux-stable-mirror] Patch "x86/entry: Move SYSENTER_stack to the beginning of struct tss_struct" has been added to the 4.14-stable tree

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled x86/entry: Move SYSENTER_stack to the beginning of struct tss_struct to the 4.14-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… The filename of the patch is: x86-entry-move-sysenter_stack-to-the-beginning-of-struct-tss_struct.patch and it can be found in the queue-4.14 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable(a)vger.kernel.org> know about it. >From 1a935bc3d4ea61556461a9e92a68ca3556232efd Mon Sep 17 00:00:00 2001 From: Andy Lutomirski <luto(a)kernel.org> Date: Mon, 4 Dec 2017 15:07:19 +0100 Subject: x86/entry: Move SYSENTER_stack to the beginning of struct tss_struct From: Andy Lutomirski <luto(a)kernel.org> commit 1a935bc3d4ea61556461a9e92a68ca3556232efd upstream. SYSENTER_stack should have reliable overflow detection, which means that it needs to be at the bottom of a page, not the top. Move it to the beginning of struct tss_struct and page-align it. Also add an assertion to make sure that the fixed hardware TSS doesn't cross a page boundary. Signed-off-by: Andy Lutomirski <luto(a)kernel.org> Signed-off-by: Thomas Gleixner <tglx(a)linutronix.de> Reviewed-by: Thomas Gleixner <tglx(a)linutronix.de> Reviewed-by: Borislav Petkov <bp(a)suse.de> Cc: Boris Ostrovsky <boris.ostrovsky(a)oracle.com> Cc: Borislav Petkov <bp(a)alien8.de> Cc: Borislav Petkov <bpetkov(a)suse.de> Cc: Brian Gerst <brgerst(a)gmail.com> Cc: Dave Hansen <dave.hansen(a)intel.com> Cc: Dave Hansen <dave.hansen(a)linux.intel.com> Cc: David Laight <David.Laight(a)aculab.com> Cc: Denys Vlasenko <dvlasenk(a)redhat.com> Cc: Eduardo Valentin <eduval(a)amazon.com> Cc: Greg KH <gregkh(a)linuxfoundation.org> Cc: H. Peter Anvin <hpa(a)zytor.com> Cc: Josh Poimboeuf <jpoimboe(a)redhat.com> Cc: Juergen Gross <jgross(a)suse.com> Cc: Linus Torvalds <torvalds(a)linux-foundation.org> Cc: Peter Zijlstra <peterz(a)infradead.org> Cc: Rik van Riel <riel(a)redhat.com> Cc: Will Deacon <will.deacon(a)arm.com> Cc: aliguori(a)amazon.com Cc: daniel.gruss(a)iaik.tugraz.at Cc: hughd(a)google.com Cc: keescook(a)google.com Link: https://lkml.kernel.org/r/20171204150605.881827433@linutronix.de Signed-off-by: Ingo Molnar <mingo(a)kernel.org> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- arch/x86/include/asm/processor.h | 21 ++++++++++++--------- arch/x86/kernel/cpu/common.c | 21 +++++++++++++++++++++ 2 files changed, 33 insertions(+), 9 deletions(-) --- a/arch/x86/include/asm/processor.h +++ b/arch/x86/include/asm/processor.h @@ -332,7 +332,16 @@ struct x86_hw_tss { struct tss_struct { /* - * The hardware state: + * Space for the temporary SYSENTER stack, used for SYSENTER + * and the entry trampoline as well. + */ + unsigned long SYSENTER_stack_canary; + unsigned long SYSENTER_stack[64]; + + /* + * The fixed hardware portion. This must not cross a page boundary + * at risk of violating the SDM's advice and potentially triggering + * errata. */ struct x86_hw_tss x86_tss; @@ -343,15 +352,9 @@ struct tss_struct { * be within the limit. */ unsigned long io_bitmap[IO_BITMAP_LONGS + 1]; +} __aligned(PAGE_SIZE); - /* - * Space for the temporary SYSENTER stack. - */ - unsigned long SYSENTER_stack_canary; - unsigned long SYSENTER_stack[64]; -} ____cacheline_aligned; - -DECLARE_PER_CPU_SHARED_ALIGNED(struct tss_struct, cpu_tss); +DECLARE_PER_CPU_PAGE_ALIGNED(struct tss_struct, cpu_tss); /* * sizeof(unsigned long) coming from an extra "long" at the end --- a/arch/x86/kernel/cpu/common.c +++ b/arch/x86/kernel/cpu/common.c @@ -487,6 +487,27 @@ static inline void setup_cpu_entry_area( #endif __set_fixmap(get_cpu_entry_area_index(cpu, gdt), get_cpu_gdt_paddr(cpu), gdt_prot); + + /* + * The Intel SDM says (Volume 3, 7.2.1): + * + * Avoid placing a page boundary in the part of the TSS that the + * processor reads during a task switch (the first 104 bytes). The + * processor may not correctly perform address translations if a + * boundary occurs in this area. During a task switch, the processor + * reads and writes into the first 104 bytes of each TSS (using + * contiguous physical addresses beginning with the physical address + * of the first byte of the TSS). So, after TSS access begins, if + * part of the 104 bytes is not physically contiguous, the processor + * will access incorrect information without generating a page-fault + * exception. + * + * There are also a lot of errata involving the TSS spanning a page + * boundary. Assert that we're not doing that. + */ + BUILD_BUG_ON((offsetof(struct tss_struct, x86_tss) ^ + offsetofend(struct tss_struct, x86_tss)) & PAGE_MASK); + } /* Load the original GDT from the per-cpu structure */ Patches currently in stable-queue which might be from luto(a)kernel.org are queue-4.14/x86-entry-64-simplify-reg-restore-code-in-the-standard-iret-paths.patch queue-4.14/x86-cpufeatures-fix-various-details-in-the-feature-definitions.patch queue-4.14/x86-entry-64-move-the-ist-stacks-into-struct-cpu_entry_area.patch queue-4.14/x86-dumpstack-add-get_stack_info-support-for-the-sysenter-stack.patch queue-4.14/x86-asm-don-t-use-the-confusing-.ifeq-directive.patch queue-4.14/selftests-x86-ldt_gdt-add-infrastructure-to-test-set_thread_area.patch queue-4.14/x86-entry-remap-the-tss-into-the-cpu-entry-area.patch queue-4.14/x86-entry-64-paravirt-use-paravirt-safe-macro-to-access-eflags.patch queue-4.14/x86-mm-fixmap-generalize-the-gdt-fixmap-mechanism-introduce-struct-cpu_entry_area.patch queue-4.14/x86-paravirt-dont-patch-flush_tlb_single.patch queue-4.14/x86-dumpstack-handle-stack-overflow-on-all-stacks.patch queue-4.14/x86-entry-64-use-pop-instead-of-movq-in-syscall_return_via_sysret.patch queue-4.14/x86-entry-64-return-to-userspace-from-the-trampoline-stack.patch queue-4.14/x86-paravirt-provide-a-way-to-check-for-hypervisors.patch queue-4.14/xen-x86-entry-64-add-xen-nmi-trap-entry.patch queue-4.14/x86-entry-64-remove-the-restore_c_regs_and_iret-label.patch queue-4.14/x86-entry-64-create-a-per-cpu-syscall-entry-trampoline.patch queue-4.14/x86-entry-64-remove-the-restore_..._regs-infrastructure.patch queue-4.14/x86-xen-64-x86-entry-64-clean-up-sp-code-in-cpu_initialize_context.patch queue-4.14/x86-entry-add-task_top_of_stack-to-find-the-top-of-a-task-s-stack.patch queue-4.14/x86-entry-64-remove-all-remaining-direct-thread_struct-sp0-reads.patch queue-4.14/x86-boot-relocate-definition-of-the-initial-state-of-cr0.patch queue-4.14/x86-entry-64-stop-initializing-tss.sp0-at-boot.patch queue-4.14/x86-entry-64-de-xen-ify-our-nmi-code.patch queue-4.14/objtool-don-t-report-end-of-section-error-after-an-empty-unwind-hint.patch queue-4.14/x86-entry-64-pass-sp0-directly-to-load_sp0.patch queue-4.14/x86-entry-64-use-a-per-cpu-trampoline-stack-for-idt-entries.patch queue-4.14/x86-entry-64-move-swapgs-into-the-common-iret-to-usermode-path.patch queue-4.14/x86-entry-64-shorten-test-instructions.patch queue-4.14/x86-cpufeature-add-user-mode-instruction-prevention-definitions.patch queue-4.14/x86-cpufeatures-make-cpu-bugs-sticky.patch queue-4.14/x86-espfix-64-stop-assuming-that-pt_regs-is-on-the-entry-stack.patch queue-4.14/x86-traps-use-a-new-on_thread_stack-helper-to-clean-up-an-assertion.patch queue-4.14/x86-xen-fix-xen-head-elf-annotations.patch queue-4.14/x86-entry-64-remove-thread_struct-sp0.patch queue-4.14/x86-entry-move-sysenter_stack-to-the-beginning-of-struct-tss_struct.patch queue-4.14/x86-entry-64-allocate-and-enable-the-sysenter-stack.patch queue-4.14/x86-unwinder-orc-dont-bail-on-stack-overflow.patch queue-4.14/x86-head-fix-head-elf-function-annotations.patch queue-4.14/selftests-x86-ldt_gdt-run-most-existing-ldt-test-cases-against-the-gdt-as-well.patch queue-4.14/x86-entry-32-pull-the-msr_ia32_sysenter_cs-update-code-out-of-native_load_sp0.patch queue-4.14/x86-entry-64-split-the-iret-to-user-and-iret-to-kernel-paths.patch queue-4.14/x86-entry-64-shrink-paranoid_exit_restore-and-make-labels-local.patch queue-4.14/x86-head-add-unwind-hint-annotations.patch queue-4.14/x86-head-remove-unused-bad_address-code.patch queue-4.14/x86-xen-add-unwind-hint-annotations.patch queue-4.14/x86-kasan-64-teach-kasan-about-the-cpu_entry_area.patch queue-4.14/x86-head-remove-confusing-comment.patch queue-4.14/x86-entry-64-remove-the-sysenter-stack-canary.patch queue-4.14/x86-mm-kasan-don-t-use-vmemmap_populate-to-initialize-shadow.patch queue-4.14/x86-entry-gdt-put-per-cpu-gdt-remaps-in-ascending-order.patch queue-4.14/x86-entry-fix-assumptions-that-the-hw-tss-is-at-the-beginning-of-cpu_tss.patch queue-4.14/x86-cpufeatures-re-tabulate-the-x86_feature-definitions.patch queue-4.14/x86-entry-32-fix-cpu_current_top_of_stack-initialization-at-boot.patch queue-4.14/ptrace-x86-make-user_64bit_mode-available-to-32-bit-builds.patch queue-4.14/x86-entry-64-make-cpu_entry_area.tss-read-only.patch queue-4.14/x86-mm-relocate-page-fault-error-codes-to-traps.h.patch queue-4.14/x86-unwinder-handle-stack-overflows-more-gracefully.patch queue-4.14/x86-entry-64-use-pop-instead-of-mov-to-restore-regs-on-nmi-return.patch queue-4.14/x86-irq-64-print-the-offending-ip-in-the-stack-overflow-warning.patch queue-4.14/x86-entry-clean-up-the-sysenter_stack-code.patch queue-4.14/x86-entry-64-merge-the-fast-and-slow-sysret-paths.patch queue-4.14/x86-entry-64-separate-cpu_current_top_of_stack-from-tss.sp0.patch queue-4.14/x86-boot-annotate-verify_cpu-as-a-callable-function.patch queue-4.14/x86-irq-remove-an-old-outdated-comment-about-context-tracking-races.patch

7 years, 8 months

1
0
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-stable-mirror