1. 01 5月, 2014 1 次提交
    • H
      x86-64, espfix: Don't leak bits 31:16 of %esp returning to 16-bit stack · 3891a04a
      H. Peter Anvin 提交于
      The IRET instruction, when returning to a 16-bit segment, only
      restores the bottom 16 bits of the user space stack pointer.  This
      causes some 16-bit software to break, but it also leaks kernel state
      to user space.  We have a software workaround for that ("espfix") for
      the 32-bit kernel, but it relies on a nonzero stack segment base which
      is not available in 64-bit mode.
      
      In checkin:
      
          b3b42ac2 x86-64, modify_ldt: Ban 16-bit segments on 64-bit kernels
      
      we "solved" this by forbidding 16-bit segments on 64-bit kernels, with
      the logic that 16-bit support is crippled on 64-bit kernels anyway (no
      V86 support), but it turns out that people are doing stuff like
      running old Win16 binaries under Wine and expect it to work.
      
      This works around this by creating percpu "ministacks", each of which
      is mapped 2^16 times 64K apart.  When we detect that the return SS is
      on the LDT, we copy the IRET frame to the ministack and use the
      relevant alias to return to userspace.  The ministacks are mapped
      readonly, so if IRET faults we promote #GP to #DF which is an IST
      vector and thus has its own stack; we then do the fixup in the #DF
      handler.
      
      (Making #GP an IST exception would make the msr_safe functions unsafe
      in NMI/MC context, and quite possibly have other effects.)
      
      Special thanks to:
      
      - Andy Lutomirski, for the suggestion of using very small stack slots
        and copy (as opposed to map) the IRET frame there, and for the
        suggestion to mark them readonly and let the fault promote to #DF.
      - Konrad Wilk for paravirt fixup and testing.
      - Borislav Petkov for testing help and useful comments.
      Reported-by: NBrian Gerst <brgerst@gmail.com>
      Signed-off-by: NH. Peter Anvin <hpa@linux.intel.com>
      Link: http://lkml.kernel.org/r/1398816946-3351-1-git-send-email-hpa@linux.intel.com
      Cc: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
      Cc: Borislav Petkov <bp@alien8.de>
      Cc: Andrew Lutomriski <amluto@gmail.com>
      Cc: Linus Torvalds <torvalds@linux-foundation.org>
      Cc: Dirk Hohndel <dirk@hohndel.org>
      Cc: Arjan van de Ven <arjan.van.de.ven@intel.com>
      Cc: comex <comexk@gmail.com>
      Cc: Alexander van Heukelum <heukelum@fastmail.fm>
      Cc: Boris Ostrovsky <boris.ostrovsky@oracle.com>
      Cc: <stable@vger.kernel.org> # consider after upstream merge
      3891a04a
  2. 28 2月, 2014 1 次提交
  3. 14 1月, 2014 1 次提交
  4. 18 10月, 2013 1 次提交
  5. 07 8月, 2013 1 次提交
  6. 15 12月, 2012 1 次提交
  7. 18 12月, 2011 1 次提交
  8. 17 5月, 2011 2 次提交
  9. 16 3月, 2011 1 次提交
    • D
      x86: Introduce pci_map_biosrom() · 5d94e81f
      Dan Williams 提交于
      The isci driver needs to retrieve its preboot OROM image which contains
      necessary runtime parameters like platform specific sas addresses and
      phy configuration.  There is no ROM BAR associated with this area,
      instead we will need to scan legacy expansion ROM space.
      
      1/ Promote the probe_roms_32 implementation to x86-64
      2/ Add a facility to find and map an adapter rom by pci device (according to
         PCI Firmware Specification Revision 3.0)
      Signed-off-by: NDave Jiang <dave.jiang@intel.com>
      LKML-Reference: <20110308183226.6246.90354.stgit@localhost6.localdomain6>
      Signed-off-by: NDan Williams <dan.j.williams@intel.com>
      Signed-off-by: NH. Peter Anvin <hpa@linux.intel.com>
      5d94e81f
  10. 12 11月, 2010 1 次提交
  11. 23 10月, 2010 1 次提交
  12. 06 10月, 2010 1 次提交
  13. 28 7月, 2010 1 次提交
  14. 20 2月, 2010 1 次提交
    • T
      x86: Move pci init function to x86_init · b72d0db9
      Thomas Gleixner 提交于
      The PCI initialization in pci_subsys_init() is a mess. pci_numaq_init,
      pci_acpi_init, pci_visws_init and pci_legacy_init are called and each
      implementation checks and eventually modifies the global variable
      pcibios_scanned.
      
      x86_init functions allow us to do this more elegant. The pci.init
      function pointer is preset to pci_legacy_init. numaq, acpi and visws
      can modify the pointer in their early setup functions. The functions
      return 0 when they did the full initialization including bus scan. A
      non zero return value indicates that pci_legacy_init needs to be
      called either because the selected function failed or wants the
      generic bus scan in pci_legacy_init to happen (e.g. visws).
      Signed-off-by: NThomas Gleixner <tglx@linutronix.de>
      LKML-Reference: <43F901BD926A4E43B106BF17856F07559FB80CFE@orsmsx508.amr.corp.intel.com>
      Acked-by: NJesse Barnes <jbarnes@virtuousgeek.org>
      Signed-off-by: NJacob Pan <jacob.jun.pan@intel.com>
      Signed-off-by: NH. Peter Anvin <hpa@zytor.com>
      b72d0db9
  15. 31 8月, 2009 7 次提交
  16. 27 8月, 2009 9 次提交
    • T
      x86: Move oem_bus_info to x86_init_ops · 90e1c696
      Thomas Gleixner 提交于
      Signed-off-by: NThomas Gleixner <tglx@linutronix.de>
      90e1c696
    • T
      x86: Move mpc_oem_pci_bus to x86_init_ops · 52fdb568
      Thomas Gleixner 提交于
      Signed-off-by: NThomas Gleixner <tglx@linutronix.de>
      52fdb568
    • T
      x86: Move smp_read_mpc_oem to x86_init_ops. · 72302142
      Thomas Gleixner 提交于
      Move smp_read_mpc_oem from quirks to x86_init.
      Signed-off-by: NThomas Gleixner <tglx@linutronix.de>
      72302142
    • T
      x86: Move mpc_apic_id to x86_init_ops · fd6c6661
      Thomas Gleixner 提交于
      The mpc_apic_id setup is handled by a x86_quirk. Make it a
      x86_init_ops function with a default implementation.
      Signed-off-by: NThomas Gleixner <tglx@linutronix.de>
      fd6c6661
    • T
      x86: Move ioapic_ids_setup to x86_init_ops · de934103
      Thomas Gleixner 提交于
      32bit and also the numaq code have special requirements on the
      ioapic_id setup. Convert it to a x86_init_ops function and get rid
      of the quirks and #ifdefs
      Signed-off-by: NThomas Gleixner <tglx@linutronix.de>
      de934103
    • T
      x86: Sanitize smp_record and move it to x86_init_ops · f4848472
      Thomas Gleixner 提交于
      The x86 quirkification introduced an extra ugly hackery with a
      variable pointer in the mpparse code. If the pointer is initialized
      then it is dereferenced and the variable set to 0 or incremented.
      
      Create a x86_init_ops function and let the affected numaq code
      hold the function. Default init is a setup noop.
      Signed-off-by: NThomas Gleixner <tglx@linutronix.de>
      f4848472
    • T
      x86: Move memory_setup to x86_init_ops · 6b18ae3e
      Thomas Gleixner 提交于
      memory_setup is overridden by x86_quirks and by paravirts with weak
      functions and quirks. Unify the whole mess and make it an
      unconditional x86_init_ops function which defaults to the standard
      function and can be overridden by the early platform code.
      Signed-off-by: NThomas Gleixner <tglx@linutronix.de>
      6b18ae3e
    • T
      x86: Add request_standard_resources to x86_init · 8fee697d
      Thomas Gleixner 提交于
      The 32bit and the 64bit code are slighty different in the reservation
      of standard resources. Also the upcoming Moorestown support needs its
      own version of that.
      
      Add it to x86_init_ops and initialize it with the 64bit default. 32bit
      overrides it in early boot. Now moorestown can add it's own override
      w/o sprinkling the code with more #ifdefs
      Signed-off-by: NThomas Gleixner <tglx@linutronix.de>
      8fee697d
    • T
      x86: Add x86_init infrastructure · 57844a8f
      Thomas Gleixner 提交于
      The upcoming Moorestown support brings the embedded world to x86. The
      setup code of x86 has already a couple of hooks which are either
      x86_quirks or paravirt ops. Some of those setup hooks are pretty
      convoluted like the timer setup and the tsc calibration code. But
      there are other places which could do with a cleanup.
      
      Instead of having inline functions/macros which are modified at
      compile time I decided to introduce x86_init ops which are
      unconditional in the code and make it clear that they can be changed
      either during compile time or in the early boot process. The function
      pointers are initialized by default functions which can be noops so
      that the pointer can be called unconditionally in the most cases. This
      also allows us to remove 32bit/64bit, paravirt and other #ifdeffery.
      
      paravirt guests are just a hardware platform in the setup code, so we
      should treat them as such and not hide all behind multiple layers of
      indirection and compile time dependencies.
      
      It's more obvious that x86_init.timers.timer_init() is a function
      pointer than the late_time_init = choose_time_init() obscurity. It's
      also way simpler to grep for x86_init.timers.timer_init and find all
      the places which modify that function pointer instead of analyzing
      weak functions, macros and paravirt indirections.
      
      Note. This is not a general paravirt_ops replacement. It just will
      move setup related hooks which are potentially useful for other
      platform setup purposes as well out of the paravirt domain.
      
      Add the base infrastructure without any functionality.
      Signed-off-by: NThomas Gleixner <tglx@linutronix.de>
      57844a8f
  17. 10 4月, 2009 1 次提交
  18. 27 3月, 2009 1 次提交
  19. 26 3月, 2009 1 次提交
  20. 18 3月, 2009 1 次提交
  21. 15 3月, 2009 3 次提交
    • J
      x86: allow extend_brk users to reserve brk space · 796216a5
      Jeremy Fitzhardinge 提交于
      Impact: new interface; remove hard-coded limit
      
      Add RESERVE_BRK(name, size) macro to reserve space in the brk
      area.  This should be a conservative (ie, larger) estimate of
      how much space might possibly be required from the brk area.
      Any unused space will be freed, so there's no real downside
      on making the reservation too large (within limits).
      
      The name should be unique within a given file, and somewhat
      descriptive.
      
      The C definition of RESERVE_BRK() ends up being more complex than
      one would expect to work around a cluster of gcc infelicities:
      
        The first attempt was to simply try putting __section(.brk_reservation)
        on a variable.  This doesn't work because it ends up making it a
        @progbits section, which gets actual space allocated in the vmlinux
        executable.
      
        The second attempt was to emit the space into a section using asm,
        but gcc doesn't allow arguments to be passed to file-level asm()
        statements, making it hard to pass in the size.
      
        The final attempt is to wrap the asm() in a function to allow
        it to have arguments, and put the function itself into the
        .discard section, which vmlinux*.lds drops entirely from the
        emitted vmlinux.
      Signed-off-by: NJeremy Fitzhardinge <jeremy.fitzhardinge@citrix.com>
      Signed-off-by: NH. Peter Anvin <hpa@zytor.com>
      796216a5
    • J
      x86-32: use brk segment for allocating initial kernel pagetable · ccf3fe02
      Jeremy Fitzhardinge 提交于
      Impact: use new interface instead of previous ad hoc implementation
      
      Rather than having special purpose init_pg_table_start/end variables
      to delimit the kernel pagetable built by head_32.S, just use the brk
      mechanism to extend the bss for the new pagetable.
      
      This patch removes init_pg_table_start/end and pg0, defines __brk_base
      (which is page-aligned and immediately follows _end), initializes
      the brk region to start there, and uses it for the 32-bit pagetable.
      Signed-off-by: NJeremy Fitzhardinge <jeremy.fitzhardinge@citrix.com>
      Signed-off-by: NH. Peter Anvin <hpa@zytor.com>
      ccf3fe02
    • J
      x86: add brk allocation for very, very early allocations · 93dbda7c
      Jeremy Fitzhardinge 提交于
      Impact: new interface
      
      Add a brk()-like allocator which effectively extends the bss in order
      to allow very early code to do dynamic allocations.  This is better than
      using statically allocated arrays for data in subsystems which may never
      get used.
      
      The space for brk allocations is in the bss ELF segment, so that the
      space is mapped properly by the code which maps the kernel, and so
      that bootloaders keep the space free rather than putting a ramdisk or
      something into it.
      
      The bss itself, delimited by __bss_stop, ends before the brk area
      (__brk_base to __brk_limit).  The kernel text, data and bss is reserved
      up to __bss_stop.
      
      Any brk-allocated data is reserved separately just before the kernel
      pagetable is built, as that code allocates from unreserved spaces
      in the e820 map, potentially allocating from any unused brk memory.
      Ultimately any unused memory in the brk area is used in the general
      kernel memory pool.
      
      Initially the brk space is set to 1MB, which is probably much larger
      than any user needs (the largest current user is i386 head_32.S's code
      to build the pagetables to map the kernel, which can get fairly large
      with a big kernel image and no PSE support).  So long as the system
      has sufficient memory for the bootloader to reserve the kernel+1MB brk,
      there are no bad effects resulting from an over-large brk.
      Signed-off-by: NJeremy Fitzhardinge <jeremy.fitzhardinge@citrix.com>
      Signed-off-by: NH. Peter Anvin <hpa@zytor.com>
      93dbda7c
  22. 26 2月, 2009 2 次提交