1. 01 5月, 2014 1 次提交
    • H
      x86-64, espfix: Don't leak bits 31:16 of %esp returning to 16-bit stack · 3891a04a
      H. Peter Anvin 提交于
      The IRET instruction, when returning to a 16-bit segment, only
      restores the bottom 16 bits of the user space stack pointer.  This
      causes some 16-bit software to break, but it also leaks kernel state
      to user space.  We have a software workaround for that ("espfix") for
      the 32-bit kernel, but it relies on a nonzero stack segment base which
      is not available in 64-bit mode.
      
      In checkin:
      
          b3b42ac2 x86-64, modify_ldt: Ban 16-bit segments on 64-bit kernels
      
      we "solved" this by forbidding 16-bit segments on 64-bit kernels, with
      the logic that 16-bit support is crippled on 64-bit kernels anyway (no
      V86 support), but it turns out that people are doing stuff like
      running old Win16 binaries under Wine and expect it to work.
      
      This works around this by creating percpu "ministacks", each of which
      is mapped 2^16 times 64K apart.  When we detect that the return SS is
      on the LDT, we copy the IRET frame to the ministack and use the
      relevant alias to return to userspace.  The ministacks are mapped
      readonly, so if IRET faults we promote #GP to #DF which is an IST
      vector and thus has its own stack; we then do the fixup in the #DF
      handler.
      
      (Making #GP an IST exception would make the msr_safe functions unsafe
      in NMI/MC context, and quite possibly have other effects.)
      
      Special thanks to:
      
      - Andy Lutomirski, for the suggestion of using very small stack slots
        and copy (as opposed to map) the IRET frame there, and for the
        suggestion to mark them readonly and let the fault promote to #DF.
      - Konrad Wilk for paravirt fixup and testing.
      - Borislav Petkov for testing help and useful comments.
      Reported-by: NBrian Gerst <brgerst@gmail.com>
      Signed-off-by: NH. Peter Anvin <hpa@linux.intel.com>
      Link: http://lkml.kernel.org/r/1398816946-3351-1-git-send-email-hpa@linux.intel.com
      Cc: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
      Cc: Borislav Petkov <bp@alien8.de>
      Cc: Andrew Lutomriski <amluto@gmail.com>
      Cc: Linus Torvalds <torvalds@linux-foundation.org>
      Cc: Dirk Hohndel <dirk@hohndel.org>
      Cc: Arjan van de Ven <arjan.van.de.ven@intel.com>
      Cc: comex <comexk@gmail.com>
      Cc: Alexander van Heukelum <heukelum@fastmail.fm>
      Cc: Boris Ostrovsky <boris.ostrovsky@oracle.com>
      Cc: <stable@vger.kernel.org> # consider after upstream merge
      3891a04a
  2. 26 4月, 2014 3 次提交
  3. 25 4月, 2014 9 次提交
  4. 24 4月, 2014 8 次提交
  5. 23 4月, 2014 10 次提交
  6. 22 4月, 2014 4 次提交
    • J
      locks: rename file-private locks to "open file description locks" · 0d3f7a2d
      Jeff Layton 提交于
      File-private locks have been merged into Linux for v3.15, and *now*
      people are commenting that the name and macro definitions for the new
      file-private locks suck.
      
      ...and I can't even disagree. The names and command macros do suck.
      
      We're going to have to live with these for a long time, so it's
      important that we be happy with the names before we're stuck with them.
      The consensus on the lists so far is that they should be rechristened as
      "open file description locks".
      
      The name isn't a big deal for the kernel, but the command macros are not
      visually distinct enough from the traditional POSIX lock macros. The
      glibc and documentation folks are recommending that we change them to
      look like F_OFD_{GETLK|SETLK|SETLKW}. That lessens the chance that a
      programmer will typo one of the commands wrong, and also makes it easier
      to spot this difference when reading code.
      
      This patch makes the following changes that I think are necessary before
      v3.15 ships:
      
      1) rename the command macros to their new names. These end up in the uapi
         headers and so are part of the external-facing API. It turns out that
         glibc doesn't actually use the fcntl.h uapi header, but it's hard to
         be sure that something else won't. Changing it now is safest.
      
      2) make the the /proc/locks output display these as type "OFDLCK"
      
      Cc: Michael Kerrisk <mtk.manpages@gmail.com>
      Cc: Christoph Hellwig <hch@infradead.org>
      Cc: Carlos O'Donell <carlos@redhat.com>
      Cc: Stefan Metzmacher <metze@samba.org>
      Cc: Andy Lutomirski <luto@amacapital.net>
      Cc: Frank Filz <ffilzlnx@mindspring.com>
      Cc: Theodore Ts'o <tytso@mit.edu>
      Signed-off-by: NJeff Layton <jlayton@redhat.com>
      0d3f7a2d
    • S
    • S
      ARM: zynq: DT: Add 'clock-latency' property · b2bf5d48
      Soren Brinkmann 提交于
      Specify the 'clock-latency' property to avoid certain cpufreq governors
      from refusing to work with the following error:
        ondemand governor failed, too long transition latency of HW, fallback to performance governor
      Reported-by: NMike Looijmans <mike.looijmans@topic.nl>
      Signed-off-by: NSoren Brinkmann <soren.brinkmann@xilinx.com>
      Tested-by: NMike Looijmans <mike.looijmans@topic.nl>
      Signed-off-by: NMichal Simek <michal.simek@xilinx.com>
      b2bf5d48
    • T
      ARM: OMAP2+: Fix oops for GPMC free · efe80723
      Tony Lindgren 提交于
      If gpmc_cs_remap() fails we will get an error because we are calling
      release_resource() on an uninitialized resource. Let's fix that by
      checking the resource flags. And while at it, let's also make
      gpmc_cs_delete_mem() use the res pointer that we already have to
      avoid confusion.
      
      Without this patch we can get the following error:
      
      omap-gpmc 6e000000.gpmc: cannot remap GPMC CS 1 to 0x01000300
      Unable to handle kernel NULL pointer dereference at virtual address 00000018
      ...
      (gpmc_cs_free+0x94/0xc8)
      (gpmc_probe_generic_child+0x178/0x1ec)
      (gpmc_probe_dt+0x1bc/0x2cc)
      (gpmc_probe+0x250/0x44c)
      (platform_drv_probe+0x3c/0x6c)
      (really_probe+0x74/0x208)
      (driver_probe_device+0x34/0x50)
      (bus_for_each_drv+0x60/0x8c)
      (device_attach+0x80/0xa4)
      (bus_probe_device+0x88/0xb0)
      (device_add+0x320/0x450)
      (of_platform_device_create_pdata+0x80/0x9c)
      (of_platform_bus_create+0xd0/0x170)
      (of_platform_bus_create+0x12c/0x170)
      (of_platform_populate+0x60/0x98)
      (pdata_quirks_init+0x30/0x48)
      (customize_machine+0x20/0x48)
      (do_one_initcall+0x2c/0x14c)
      (do_basic_setup+0x98/0xd8)
      (kernel_init_freeable+0x12c/0x1e0)
      (kernel_init+0x8/0xf0)
      (ret_from_fork+0x14/0x2c)
      Code: e1a04000 e59f0070 eb195136 e5942010 (e5923018)
      
      Cc: Pekon Gupta <pekon@ti.com>
      Reviewed-by: NJavier Martinez Canillas <javier@dowhile0.org>
      Signed-off-by: Ntony Lindgren <tony@atomide.com>
      efe80723
  7. 21 4月, 2014 3 次提交
    • A
      um: Memory corruption on startup · 0565103d
      Anton Ivanov 提交于
      The reverse case of this race (you must msync before read) is
      well known. This is the not so common one.
      
      It can be triggered only on systems which do a lot of task
      switching and only at UML startup. If you are starting 200+ UMLs
      ~ 0.5% will always die without this fix.
      Signed-off-by: NAnton Ivanov <antivano@cisco.com>
      [rw: minor whitespace fixes]
      Signed-off-by: NRichard Weinberger <richard@nod.at>
      0565103d
    • A
      um: Missing pipe handling · 9fcb663b
      Anton Ivanov 提交于
      UML does not handle sigpipe. As a result when running it under
      expect or redirecting the IO from the console to an external program
      it will crash if the program stops or exits.
      Signed-off-by: NAnton Ivanov <antivano@cisco.com>
      Signed-off-by: NRichard Weinberger <richard@nod.at>
      9fcb663b
    • T
      uml: Simplify tempdir logic. · 0d71832e
      Tristan Schmelcher 提交于
      Inferring the mount hierarchy correctly from /proc/mounts is hard when MS_MOVE
      may have been used, and the previous code did it wrongly. This change simplifies
      the logic to only require that /dev/shm be _on_ tmpfs (which can be checked
      trivially with statfs) rather than that it be a _mountpoint_ of tmpfs, since
      there isn't a compelling reason to be that strict. We also now check for tmpfs
      on whatever directory we ultimately use so that the user is better informed.
      
      This change also moves the more standard TMPDIR environment variable check ahead
      of the others.
      
      Applies to 3.12.
      Signed-off-by: NTristan Schmelcher <tschmelcher@google.com>
      Signed-off-by: NRichard Weinberger <richard@nod.at>
      0d71832e
  8. 19 4月, 2014 2 次提交