1. 23 3月, 2016 1 次提交
    • S
      tracing: Fix trace_printk() to print when not using bprintk() · 3debb0a9
      Steven Rostedt (Red Hat) 提交于
      The trace_printk() code will allocate extra buffers if the compile detects
      that a trace_printk() is used. To do this, the format of the trace_printk()
      is saved to the __trace_printk_fmt section, and if that section is bigger
      than zero, the buffers are allocated (along with a message that this has
      happened).
      
      If trace_printk() uses a format that is not a constant, and thus something
      not guaranteed to be around when the print happens, the compiler optimizes
      the fmt out, as it is not used, and the __trace_printk_fmt section is not
      filled. This means the kernel will not allocate the special buffers needed
      for the trace_printk() and the trace_printk() will not write anything to the
      tracing buffer.
      
      Adding a "__used" to the variable in the __trace_printk_fmt section will
      keep it around, even though it is set to NULL. This will keep the string
      from being printed in the debugfs/tracing/printk_formats section as it is
      not needed.
      Reported-by: NVlastimil Babka <vbabka@suse.cz>
      Fixes: 07d777fe "tracing: Add percpu buffers for trace_printk()"
      Cc: stable@vger.kernel.org # v3.5+
      Signed-off-by: NSteven Rostedt <rostedt@goodmis.org>
      3debb0a9
  2. 17 1月, 2016 1 次提交
    • M
      include/linux/kernel.h: change abs() macro so it uses consistent return type · 8f57e4d9
      Michal Nazarewicz 提交于
      Rewrite abs() so that its return type does not depend on the
      architecture and no unexpected type conversion happen inside of it.  The
      only conversion is from unsigned to signed type.  char is left as a
      return type but treated as a signed type regradless of it's actual
      signedness.
      
      With the old version, int arguments were promoted to long and depending
      on architecture a long argument might result in s64 or long return type
      (which may or may not be the same).
      
      This came after some back and forth with Nicolas.  The current macro has
      different return type (for the same input type) depending on
      architecture which might be midly iritating.
      
      An alternative version would promote to int like so:
      
      	#define abs(x)	__abs_choose_expr(x, long long,			\
      			__abs_choose_expr(x, long,			\
      			__builtin_choose_expr(				\
      				sizeof(x) <= sizeof(int),		\
      				({ int __x = (x); __x<0?-__x:__x; }),	\
      				((void)0))))
      
      I have no preference but imagine Linus might.  :] Nicolas argument against
      is that promoting to int causes iconsistent behaviour:
      
      	int main(void) {
      		unsigned short a = 0, b = 1, c = a - b;
      		unsigned short d = abs(a - b);
      		unsigned short e = abs(c);
      		printf("%u %u\n", d, e);  // prints: 1 65535
      	}
      
      Then again, no sane person expects consistent behaviour from C integer
      arithmetic.  ;)
      
      Note:
      
        __builtin_types_compatible_p(unsigned char, char) is always false, and
        __builtin_types_compatible_p(signed char, char) is also always false.
      Signed-off-by: NMichal Nazarewicz <mina86@mina86.com>
      Reviewed-by: NNicolas Pitre <nico@linaro.org>
      Cc: Srinivas Pandruvada <srinivas.pandruvada@linux.intel.com>
      Cc: Wey-Yi Guy <wey-yi.w.guy@intel.com>
      Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      8f57e4d9
  3. 19 12月, 2015 2 次提交
    • H
      panic, x86: Allow CPUs to save registers even if looping in NMI context · 58c5661f
      Hidehiro Kawai 提交于
      Currently, kdump_nmi_shootdown_cpus(), a subroutine of crash_kexec(),
      sends an NMI IPI to CPUs which haven't called panic() to stop them,
      save their register information and do some cleanups for crash dumping.
      However, if such a CPU is infinitely looping in NMI context, we fail to
      save its register information into the crash dump.
      
      For example, this can happen when unknown NMIs are broadcast to all
      CPUs as follows:
      
        CPU 0                             CPU 1
        ===========================       ==========================
        receive an unknown NMI
        unknown_nmi_error()
          panic()                         receive an unknown NMI
            spin_trylock(&panic_lock)     unknown_nmi_error()
            crash_kexec()                   panic()
                                              spin_trylock(&panic_lock)
                                              panic_smp_self_stop()
                                                infinite loop
              kdump_nmi_shootdown_cpus()
                issue NMI IPI -----------> blocked until IRET
                                                infinite loop...
      
      Here, since CPU 1 is in NMI context, the second NMI from CPU 0 is
      blocked until CPU 1 executes IRET. However, CPU 1 never executes IRET,
      so the NMI is not handled and the callback function to save registers is
      never called.
      
      In practice, this can happen on some servers which broadcast NMIs to all
      CPUs when the NMI button is pushed.
      
      To save registers in this case, we need to:
      
        a) Return from NMI handler instead of looping infinitely
        or
        b) Call the callback function directly from the infinite loop
      
      Inherently, a) is risky because NMI is also used to prevent corrupted
      data from being propagated to devices.  So, we chose b).
      
      This patch does the following:
      
      1. Move the infinite looping of CPUs which haven't called panic() in NMI
         context (actually done by panic_smp_self_stop()) outside of panic() to
         enable us to refer pt_regs. Please note that panic_smp_self_stop() is
         still used for normal context.
      
      2. Call a callback of kdump_nmi_shootdown_cpus() directly to save
         registers and do some cleanups after setting waiting_for_crash_ipi which
         is used for counting down the number of CPUs which handled the callback
      Signed-off-by: NHidehiro Kawai <hidehiro.kawai.ez@hitachi.com>
      Acked-by: NMichal Hocko <mhocko@suse.com>
      Cc: Aaron Tomlin <atomlin@redhat.com>
      Cc: Andrew Morton <akpm@linux-foundation.org>
      Cc: Andy Lutomirski <luto@kernel.org>
      Cc: Baoquan He <bhe@redhat.com>
      Cc: Chris Metcalf <cmetcalf@ezchip.com>
      Cc: Dave Young <dyoung@redhat.com>
      Cc: David Hildenbrand <dahi@linux.vnet.ibm.com>
      Cc: Don Zickus <dzickus@redhat.com>
      Cc: Eric Biederman <ebiederm@xmission.com>
      Cc: Frederic Weisbecker <fweisbec@gmail.com>
      Cc: Gobinda Charan Maji <gobinda.cemk07@gmail.com>
      Cc: HATAYAMA Daisuke <d.hatayama@jp.fujitsu.com>
      Cc: Hidehiro Kawai <hidehiro.kawai.ez@hitachi.com>
      Cc: "H. Peter Anvin" <hpa@zytor.com>
      Cc: Ingo Molnar <mingo@kernel.org>
      Cc: Javi Merino <javi.merino@arm.com>
      Cc: Jiang Liu <jiang.liu@linux.intel.com>
      Cc: Jonathan Corbet <corbet@lwn.net>
      Cc: kexec@lists.infradead.org
      Cc: linux-doc@vger.kernel.org
      Cc: lkml <linux-kernel@vger.kernel.org>
      Cc: Masami Hiramatsu <masami.hiramatsu.pt@hitachi.com>
      Cc: Michal Nazarewicz <mina86@mina86.com>
      Cc: Nicolas Iooss <nicolas.iooss_linux@m4x.org>
      Cc: Oleg Nesterov <oleg@redhat.com>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: Prarit Bhargava <prarit@redhat.com>
      Cc: Rasmus Villemoes <linux@rasmusvillemoes.dk>
      Cc: Seth Jennings <sjenning@redhat.com>
      Cc: Stefan Lippers-Hollmann <s.l-h@gmx.de>
      Cc: Steven Rostedt <rostedt@goodmis.org>
      Cc: Thomas Gleixner <tglx@linutronix.de>
      Cc: Ulrich Obergfell <uobergfe@redhat.com>
      Cc: Vitaly Kuznetsov <vkuznets@redhat.com>
      Cc: Vivek Goyal <vgoyal@redhat.com>
      Cc: Yasuaki Ishimatsu <isimatu.yasuaki@jp.fujitsu.com>
      Link: http://lkml.kernel.org/r/20151210014628.25437.75256.stgit@softrs
      [ Cleanup comments, fixup formatting. ]
      Signed-off-by: NBorislav Petkov <bp@suse.de>
      Signed-off-by: NThomas Gleixner <tglx@linutronix.de>
      58c5661f
    • H
      panic, x86: Fix re-entrance problem due to panic on NMI · 1717f209
      Hidehiro Kawai 提交于
      If panic on NMI happens just after panic() on the same CPU, panic() is
      recursively called. Kernel stalls, as a result, after failing to acquire
      panic_lock.
      
      To avoid this problem, don't call panic() in NMI context if we've
      already entered panic().
      
      For that, introduce nmi_panic() macro to reduce code duplication. In
      the case of panic on NMI, don't return from NMI handlers if another CPU
      already panicked.
      Signed-off-by: NHidehiro Kawai <hidehiro.kawai.ez@hitachi.com>
      Acked-by: NMichal Hocko <mhocko@suse.com>
      Cc: Aaron Tomlin <atomlin@redhat.com>
      Cc: Andrew Morton <akpm@linux-foundation.org>
      Cc: Andy Lutomirski <luto@kernel.org>
      Cc: Baoquan He <bhe@redhat.com>
      Cc: Chris Metcalf <cmetcalf@ezchip.com>
      Cc: David Hildenbrand <dahi@linux.vnet.ibm.com>
      Cc: Don Zickus <dzickus@redhat.com>
      Cc: "Eric W. Biederman" <ebiederm@xmission.com>
      Cc: Frederic Weisbecker <fweisbec@gmail.com>
      Cc: Gobinda Charan Maji <gobinda.cemk07@gmail.com>
      Cc: HATAYAMA Daisuke <d.hatayama@jp.fujitsu.com>
      Cc: "H. Peter Anvin" <hpa@zytor.com>
      Cc: Ingo Molnar <mingo@kernel.org>
      Cc: Javi Merino <javi.merino@arm.com>
      Cc: Jonathan Corbet <corbet@lwn.net>
      Cc: kexec@lists.infradead.org
      Cc: linux-doc@vger.kernel.org
      Cc: lkml <linux-kernel@vger.kernel.org>
      Cc: Masami Hiramatsu <masami.hiramatsu.pt@hitachi.com>
      Cc: Michal Nazarewicz <mina86@mina86.com>
      Cc: Nicolas Iooss <nicolas.iooss_linux@m4x.org>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: Prarit Bhargava <prarit@redhat.com>
      Cc: Rasmus Villemoes <linux@rasmusvillemoes.dk>
      Cc: Rusty Russell <rusty@rustcorp.com.au>
      Cc: Seth Jennings <sjenning@redhat.com>
      Cc: Steven Rostedt <rostedt@goodmis.org>
      Cc: Thomas Gleixner <tglx@linutronix.de>
      Cc: Ulrich Obergfell <uobergfe@redhat.com>
      Cc: Vitaly Kuznetsov <vkuznets@redhat.com>
      Cc: Vivek Goyal <vgoyal@redhat.com>
      Link: http://lkml.kernel.org/r/20151210014626.25437.13302.stgit@softrs
      [ Cleanup comments, fixup formatting. ]
      Signed-off-by: NBorislav Petkov <bp@suse.de>
      Signed-off-by: NThomas Gleixner <tglx@linutronix.de>
      1717f209
  4. 10 11月, 2015 2 次提交
    • A
      remove abs64() · 79211c8e
      Andrew Morton 提交于
      Switch everything to the new and more capable implementation of abs().
      Mainly to give the new abs() a bit of a workout.
      
      Cc: Michal Nazarewicz <mina86@mina86.com>
      Cc: John Stultz <john.stultz@linaro.org>
      Cc: Ingo Molnar <mingo@kernel.org>
      Cc: Steven Rostedt <rostedt@goodmis.org>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: Masami Hiramatsu <masami.hiramatsu.pt@hitachi.com>
      Cc: Peter Zijlstra <a.p.zijlstra@chello.nl>
      Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      79211c8e
    • M
      kernel.h: make abs() work with 64-bit types · c8299cb6
      Michal Nazarewicz 提交于
      For 64-bit arguments, the abs macro casts it to an int which leads to
      lost precision and may cause incorrect results.  To deal with 64-bit
      types abs64 macro has been introduced but still there are places where
      abs macro is used incorrectly.
      
      To deal with the problem, expand abs macro such that it operates on s64
      type when dealing with 64-bit types while still returning long when
      dealing with smaller types.
      
      This fixes one known bug (per John):
      
      The internal clocksteering done for fine-grained error correction uses a
      : logarithmic approximation, so any time adjtimex() adjusts the clock
      : steering, timekeeping_freqadjust() quickly approximates the correct clock
      : frequency over a series of ticks.
      :
      : Unfortunately, the logic in timekeeping_freqadjust(), introduced in commit
      : dc491596 (Rework frequency adjustments to work better w/ nohz),
      : used the abs() function with a s64 error value to calculate the size of
      : the approximated adjustment to be made.
      :
      : Per include/linux/kernel.h: "abs() should not be used for 64-bit types
      : (s64, u64, long long) - use abs64()".
      :
      : Thus on 32-bit platforms, this resulted in the clocksteering to take a
      : quite dampended random walk trying to converge on the proper frequency,
      : which caused the adjustments to be made much slower then intended (most
      : easily observed when large adjustments are made).
      Signed-off-by: NMichal Nazarewicz <mina86@mina86.com>
      Reported-by: NJohn Stultz <john.stultz@linaro.org>
      Tested-by: NJohn Stultz <john.stultz@linaro.org>
      Cc: Ingo Molnar <mingo@kernel.org>
      Cc: Steven Rostedt <rostedt@goodmis.org>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: Masami Hiramatsu <masami.hiramatsu.pt@hitachi.com>
      Cc: Peter Zijlstra <a.p.zijlstra@chello.nl>
      Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      c8299cb6
  5. 07 11月, 2015 1 次提交
    • R
      lib/kasprintf.c: introduce kvasprintf_const · 0a9df786
      Rasmus Villemoes 提交于
      This adds kvasprintf_const which tries to use kstrdup_const if possible:
      If the format string contains no % characters, or if the format string is
      exactly "%s", we delegate to kstrdup_const.  Otherwise, we fall back to
      kvasprintf.
      
      Just as for kstrdup_const, the main motivation is to save memory by
      reusing .rodata when possible.
      
      The return value should be freed by kfree_const, just like for
      kstrdup_const.
      
      There is deliberately no kasprintf_const: In the vast majority of cases,
      the format string argument is a literal, so one can determine statically
      whether one could instead use kstrdup_const directly (which would also
      require one to change all corresponding kfree calls to kfree_const).
      Signed-off-by: NRasmus Villemoes <linux@rasmusvillemoes.dk>
      Cc: Greg KH <greg@kroah.com>
      Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      0a9df786
  6. 18 7月, 2015 1 次提交
    • N
      include, lib: add __printf attributes to several function prototypes · 8db14860
      Nicolas Iooss 提交于
      Using __printf attributes helps to detect several format string issues
      at compile time (even though -Wformat-security is currently disabled in
      Makefile).  For example it can detect when formatting a pointer as a
      number, like the issue fixed in commit a3fa71c4 ("wl18xx: show
      rx_frames_per_rates as an array as it really is"), or when the arguments
      do not match the format string, c.f.  for example commit 5ce1aca8
      ("reiserfs: fix __RASSERT format string").
      
      To prevent similar bugs in the future, add a __printf attribute to every
      function prototype which needs one in include/linux/ and lib/.  These
      functions were mostly found by using gcc's -Wsuggest-attribute=format
      flag.
      Signed-off-by: NNicolas Iooss <nicolas.iooss_linux@m4x.org>
      Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
      Cc: Felipe Balbi <balbi@ti.com>
      Cc: Joel Becker <jlbec@evilplan.org>
      Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      8db14860
  7. 01 7月, 2015 1 次提交
  8. 29 5月, 2015 1 次提交
    • S
      ring-buffer: Remove useless unused tracing_off_permanent() · 3c6296f7
      Steven Rostedt (Red Hat) 提交于
      The tracing_off_permanent() call is a way to disable all ring_buffers.
      Nothing uses it and nothing should use it, as tracing_off() and
      friends are better, as they disable the ring buffers related to
      tracing. The tracing_off_permanent() even disabled non tracing
      ring buffers. This is a bit drastic, and was added to handle NMIs
      doing outputs that could corrupt the ring buffer when only tracing
      used them. It is now obsolete and adds a little overhead, it should
      be removed.
      Signed-off-by: NSteven Rostedt <rostedt@goodmis.org>
      3c6296f7
  9. 28 5月, 2015 1 次提交
    • G
      sysfs: tightened sysfs permission checks · 28b8d0c8
      Gobinda Charan Maji 提交于
      There were some inconsistency in restriction to VERIFY_OCTAL_PERMISSIONS().
      Previously the test was "User perms >= group perms >= other perms". The
      permission field of User, Group or Other consists of three bits. LSB is
      EXECUTE permission, MSB is READ permission and the middle bit is WRITE
      permission. But logically WRITE is "more privileged" than READ.
      
      Say for example, permission value is "0430". Here User has only READ
      permission whereas Group has both WRITE and EXECUTE permission.
      
      So, the checks could be tightened and the tests are separated to
      USER_READABLE >= GROUP_READABLE >= OTHER_READABLE,
      USER_WRITABLE >= GROUP_WRITABLE and OTHER_WRITABLE is not permitted.
      Signed-off-by: NGobinda Charan Maji <gobinda.cemk07@gmail.com>
      Signed-off-by: NRusty Russell <rusty@rustcorp.com.au>
      28b8d0c8
  10. 19 5月, 2015 1 次提交
    • D
      sched/preempt, mm/fault: Trigger might_sleep() in might_fault() with disabled pagefaults · 9ec23531
      David Hildenbrand 提交于
      Commit 662bbcb2 ("mm, sched: Allow uaccess in atomic with
      pagefault_disable()") removed might_sleep() checks for all user access
      code (that uses might_fault()).
      
      The reason was to disable wrong "sleep in atomic" warnings in the
      following scenario:
      
          pagefault_disable()
          rc = copy_to_user(...)
          pagefault_enable()
      
      Which is valid, as pagefault_disable() increments the preempt counter
      and therefore disables the pagefault handler. copy_to_user() will not
      sleep and return an error code if a page is not available.
      
      However, as all might_sleep() checks are removed,
      CONFIG_DEBUG_ATOMIC_SLEEP would no longer detect the following scenario:
      
          spin_lock(&lock);
          rc = copy_to_user(...)
          spin_unlock(&lock)
      
      If the kernel is compiled with preemption turned on, preempt_disable()
      will make in_atomic() detect disabled preemption. The fault handler would
      correctly never sleep on user access.
      However, with preemption turned off, preempt_disable() is usually a NOP
      (with !CONFIG_PREEMPT_COUNT), therefore in_atomic() will not be able to
      detect disabled preemption nor disabled pagefaults. The fault handler
      could sleep.
      We really want to enable CONFIG_DEBUG_ATOMIC_SLEEP checks for user access
      functions again, otherwise we can end up with horrible deadlocks.
      
      Root of all evil is that pagefault_disable() acts almost as
      preempt_disable(), depending on preemption being turned on/off.
      
      As we now have pagefault_disabled(), we can use it to distinguish
      whether user acces functions might sleep.
      
      Convert might_fault() into a makro that calls __might_fault(), to
      allow proper file + line messages in case of a might_sleep() warning.
      Reviewed-and-tested-by: NThomas Gleixner <tglx@linutronix.de>
      Signed-off-by: NDavid Hildenbrand <dahi@linux.vnet.ibm.com>
      Signed-off-by: NPeter Zijlstra (Intel) <peterz@infradead.org>
      Cc: David.Laight@ACULAB.COM
      Cc: Linus Torvalds <torvalds@linux-foundation.org>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: Thomas Gleixner <tglx@linutronix.de>
      Cc: airlied@linux.ie
      Cc: akpm@linux-foundation.org
      Cc: benh@kernel.crashing.org
      Cc: bigeasy@linutronix.de
      Cc: borntraeger@de.ibm.com
      Cc: daniel.vetter@intel.com
      Cc: heiko.carstens@de.ibm.com
      Cc: herbert@gondor.apana.org.au
      Cc: hocko@suse.cz
      Cc: hughd@google.com
      Cc: mst@redhat.com
      Cc: paulus@samba.org
      Cc: ralf@linux-mips.org
      Cc: schwidefsky@de.ibm.com
      Cc: yang.shi@windriver.com
      Link: http://lkml.kernel.org/r/1431359540-32227-3-git-send-email-dahi@linux.vnet.ibm.comSigned-off-by: NIngo Molnar <mingo@kernel.org>
      9ec23531
  11. 17 4月, 2015 1 次提交
  12. 13 2月, 2015 1 次提交
  13. 02 2月, 2015 1 次提交
    • L
      sched: don't cause task state changes in nested sleep debugging · 00845eb9
      Linus Torvalds 提交于
      Commit 8eb23b9f ("sched: Debug nested sleeps") added code to report
      on nested sleep conditions, which we generally want to avoid because the
      inner sleeping operation can re-set the thread state to TASK_RUNNING,
      but that will then cause the outer sleep loop not actually sleep when it
      calls schedule.
      
      However, that's actually valid traditional behavior, with the inner
      sleep being some fairly rare case (like taking a sleeping lock that
      normally doesn't actually need to sleep).
      
      And the debug code would actually change the state of the task to
      TASK_RUNNING internally, which makes that kind of traditional and
      working code not work at all, because now the nested sleep doesn't just
      sometimes cause the outer one to not block, but will cause it to happen
      every time.
      
      In particular, it will cause the cardbus kernel daemon (pccardd) to
      basically busy-loop doing scheduling, converting a laptop into a heater,
      as reported by Bruno Prémont.  But there may be other legacy uses of
      that nested sleep model in other drivers that are also likely to never
      get converted to the new model.
      
      This fixes both cases:
      
       - don't set TASK_RUNNING when the nested condition happens (note: even
         if WARN_ONCE() only _warns_ once, the return value isn't whether the
         warning happened, but whether the condition for the warning was true.
         So despite the warning only happening once, the "if (WARN_ON(..))"
         would trigger for every nested sleep.
      
       - in the cases where we knowingly disable the warning by using
         "sched_annotate_sleep()", don't change the task state (that is used
         for all core scheduling decisions), instead use '->task_state_change'
         that is used for the debugging decision itself.
      
      (Credit for the second part of the fix goes to Oleg Nesterov: "Can't we
      avoid this subtle change in behaviour DEBUG_ATOMIC_SLEEP adds?" with the
      suggested change to use 'task_state_change' as part of the test)
      Reported-and-bisected-by: NBruno Prémont <bonbons@linux-vserver.org>
      Tested-by: NRafael J Wysocki <rjw@rjwysocki.net>
      Acked-by: NOleg Nesterov <oleg@redhat.com>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: Thomas Gleixner <tglx@linutronix.de>,
      Cc: Ilya Dryomov <ilya.dryomov@inktank.com>,
      Cc: Mike Galbraith <umgwanakikbuti@gmail.com>
      Cc: Ingo Molnar <mingo@kernel.org>
      Cc: Peter Hurley <peter@hurleysoftware.com>,
      Cc: Davidlohr Bueso <dave@stgolabs.net>,
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      00845eb9
  14. 22 12月, 2014 1 次提交
  15. 11 12月, 2014 1 次提交
    • P
      kernel: add panic_on_warn · 9e3961a0
      Prarit Bhargava 提交于
      There have been several times where I have had to rebuild a kernel to
      cause a panic when hitting a WARN() in the code in order to get a crash
      dump from a system.  Sometimes this is easy to do, other times (such as
      in the case of a remote admin) it is not trivial to send new images to
      the user.
      
      A much easier method would be a switch to change the WARN() over to a
      panic.  This makes debugging easier in that I can now test the actual
      image the WARN() was seen on and I do not have to engage in remote
      debugging.
      
      This patch adds a panic_on_warn kernel parameter and
      /proc/sys/kernel/panic_on_warn calls panic() in the
      warn_slowpath_common() path.  The function will still print out the
      location of the warning.
      
      An example of the panic_on_warn output:
      
      The first line below is from the WARN_ON() to output the WARN_ON()'s
      location.  After that the panic() output is displayed.
      
          WARNING: CPU: 30 PID: 11698 at /home/prarit/dummy_module/dummy-module.c:25 init_dummy+0x1f/0x30 [dummy_module]()
          Kernel panic - not syncing: panic_on_warn set ...
      
          CPU: 30 PID: 11698 Comm: insmod Tainted: G        W  OE  3.17.0+ #57
          Hardware name: Intel Corporation S2600CP/S2600CP, BIOS RMLSDP.86I.00.29.D696.1311111329 11/11/2013
           0000000000000000 000000008e3f87df ffff88080f093c38 ffffffff81665190
           0000000000000000 ffffffff818aea3d ffff88080f093cb8 ffffffff8165e2ec
           ffffffff00000008 ffff88080f093cc8 ffff88080f093c68 000000008e3f87df
          Call Trace:
           [<ffffffff81665190>] dump_stack+0x46/0x58
           [<ffffffff8165e2ec>] panic+0xd0/0x204
           [<ffffffffa038e05f>] ? init_dummy+0x1f/0x30 [dummy_module]
           [<ffffffff81076b90>] warn_slowpath_common+0xd0/0xd0
           [<ffffffffa038e040>] ? dummy_greetings+0x40/0x40 [dummy_module]
           [<ffffffff81076c8a>] warn_slowpath_null+0x1a/0x20
           [<ffffffffa038e05f>] init_dummy+0x1f/0x30 [dummy_module]
           [<ffffffff81002144>] do_one_initcall+0xd4/0x210
           [<ffffffff811b52c2>] ? __vunmap+0xc2/0x110
           [<ffffffff810f8889>] load_module+0x16a9/0x1b30
           [<ffffffff810f3d30>] ? store_uevent+0x70/0x70
           [<ffffffff810f49b9>] ? copy_module_from_fd.isra.44+0x129/0x180
           [<ffffffff810f8ec6>] SyS_finit_module+0xa6/0xd0
           [<ffffffff8166cf29>] system_call_fastpath+0x12/0x17
      
      Successfully tested by me.
      
      hpa said: There is another very valid use for this: many operators would
      rather a machine shuts down than being potentially compromised either
      functionally or security-wise.
      Signed-off-by: NPrarit Bhargava <prarit@redhat.com>
      Cc: Jonathan Corbet <corbet@lwn.net>
      Cc: Rusty Russell <rusty@rustcorp.com.au>
      Cc: "H. Peter Anvin" <hpa@zytor.com>
      Cc: Andi Kleen <ak@linux.intel.com>
      Cc: Masami Hiramatsu <masami.hiramatsu.pt@hitachi.com>
      Acked-by: NYasuaki Ishimatsu <isimatu.yasuaki@jp.fujitsu.com>
      Cc: Fabian Frederick <fabf@skynet.be>
      Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      9e3961a0
  16. 06 11月, 2014 1 次提交
  17. 28 10月, 2014 2 次提交
    • P
      sched: Exclude cond_resched() from nested sleep test · 3427445a
      Peter Zijlstra 提交于
      cond_resched() is a preemption point, not strictly a blocking
      primitive, so exclude it from the ->state test.
      
      In particular, preemption preserves task_struct::state.
      Signed-off-by: NPeter Zijlstra (Intel) <peterz@infradead.org>
      Cc: tglx@linutronix.de
      Cc: ilya.dryomov@inktank.com
      Cc: umgwanakikbuti@gmail.com
      Cc: oleg@redhat.com
      Cc: Alex Elder <alex.elder@linaro.org>
      Cc: Andrew Morton <akpm@linux-foundation.org>
      Cc: Axel Lin <axel.lin@ingics.com>
      Cc: Daniel Borkmann <dborkman@redhat.com>
      Cc: Dave Jones <davej@redhat.com>
      Cc: Jason Baron <jbaron@akamai.com>
      Cc: Linus Torvalds <torvalds@linux-foundation.org>
      Cc: Rusty Russell <rusty@rustcorp.com.au>
      Cc: Steven Rostedt <rostedt@goodmis.org>
      Link: http://lkml.kernel.org/r/20140924082242.656559952@infradead.orgSigned-off-by: NIngo Molnar <mingo@kernel.org>
      3427445a
    • P
      sched, exit: Deal with nested sleeps · 1029a2b5
      Peter Zijlstra 提交于
      do_wait() is a big wait loop, but we set TASK_RUNNING too late; we end
      up calling potential sleeps before we reset it.
      
      Not strictly a bug since we're guaranteed to exit the loop and not
      call schedule(); put in annotations to quiet might_sleep().
      
       WARNING: CPU: 0 PID: 1 at ../kernel/sched/core.c:7123 __might_sleep+0x7e/0x90()
       do not call blocking ops when !TASK_RUNNING; state=1 set at [<ffffffff8109a788>] do_wait+0x88/0x270
      
       Call Trace:
        [<ffffffff81694991>] dump_stack+0x4e/0x7a
        [<ffffffff8109877c>] warn_slowpath_common+0x8c/0xc0
        [<ffffffff8109886c>] warn_slowpath_fmt+0x4c/0x50
        [<ffffffff810bca6e>] __might_sleep+0x7e/0x90
        [<ffffffff811a1c15>] might_fault+0x55/0xb0
        [<ffffffff8109a3fb>] wait_consider_task+0x90b/0xc10
        [<ffffffff8109a804>] do_wait+0x104/0x270
        [<ffffffff8109b837>] SyS_wait4+0x77/0x100
        [<ffffffff8169d692>] system_call_fastpath+0x16/0x1b
      Signed-off-by: NPeter Zijlstra (Intel) <peterz@infradead.org>
      Cc: tglx@linutronix.de
      Cc: umgwanakikbuti@gmail.com
      Cc: ilya.dryomov@inktank.com
      Cc: Alex Elder <alex.elder@linaro.org>
      Cc: Andrew Morton <akpm@linux-foundation.org>
      Cc: Axel Lin <axel.lin@ingics.com>
      Cc: Daniel Borkmann <dborkman@redhat.com>
      Cc: Dave Jones <davej@redhat.com>
      Cc: Guillaume Morin <guillaume@morinfr.org>
      Cc: Ionut Alexa <ionut.m.alexa@gmail.com>
      Cc: Jason Baron <jbaron@akamai.com>
      Cc: Linus Torvalds <torvalds@linux-foundation.org>
      Cc: Michal Hocko <mhocko@suse.cz>
      Cc: Michal Schmidt <mschmidt@redhat.com>
      Cc: Oleg Nesterov <oleg@redhat.com>
      Cc: Paul E. McKenney <paulmck@linux.vnet.ibm.com>
      Cc: Rik van Riel <riel@redhat.com>
      Cc: Rusty Russell <rusty@rustcorp.com.au>
      Cc: Steven Rostedt <rostedt@goodmis.org>
      Link: http://lkml.kernel.org/r/20140924082242.186408915@infradead.orgSigned-off-by: NIngo Molnar <mingo@kernel.org>
      1029a2b5
  18. 14 10月, 2014 1 次提交
  19. 10 10月, 2014 2 次提交
    • M
      include/linux/kernel.h: deduplicate code implementing clamp* macros · c185b07f
      Michal Nazarewicz 提交于
      Instead of open-coding clamp_t macro min_t and max_t the way clamp macro
      does and instead of open-coding clamp_val simply use clamp_t.
      Furthermore, normalise argument naming in the macros to be lo and hi.
      Signed-off-by: NMichal Nazarewicz <mina86@mina86.com>
      Cc: Mark Rustad <mark.d.rustad@intel.com>
      Cc: "Kirsher, Jeffrey T" <jeffrey.t.kirsher@intel.com>
      Cc: Hagen Paul Pfeifer <hagen@jauu.net>
      Cc: Steven Rostedt <rostedt@goodmis.org>
      Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      c185b07f
    • M
      include/linux/kernel.h: rewrite min3, max3 and clamp using min and max · 2e1d06e1
      Michal Nazarewicz 提交于
      It appears that gcc is better at optimising a double call to min and max
      rather than open coded min3 and max3.  This can be observed here:
      
          $ cat min-max.c
          #define min(x, y) ({				\
          	typeof(x) _min1 = (x);			\
          	typeof(y) _min2 = (y);			\
          	(void) (&_min1 == &_min2);		\
          	_min1 < _min2 ? _min1 : _min2; })
          #define min3(x, y, z) ({			\
          	typeof(x) _min1 = (x);			\
          	typeof(y) _min2 = (y);			\
          	typeof(z) _min3 = (z);			\
          	(void) (&_min1 == &_min2);		\
          	(void) (&_min1 == &_min3);		\
          	_min1 < _min2 ? (_min1 < _min3 ? _min1 : _min3) : \
          		(_min2 < _min3 ? _min2 : _min3); })
      
          int fmin3(int x, int y, int z) { return min3(x, y, z); }
          int fmin2(int x, int y, int z) { return min(min(x, y), z); }
      
          $ gcc -O2 -o min-max.s -S min-max.c; cat min-max.s
          	.file	"min-max.c"
          	.text
          	.p2align 4,,15
          	.globl	fmin3
          	.type	fmin3, @function
          fmin3:
          .LFB0:
          	.cfi_startproc
          	cmpl	%esi, %edi
          	jl	.L5
          	cmpl	%esi, %edx
          	movl	%esi, %eax
          	cmovle	%edx, %eax
          	ret
          	.p2align 4,,10
          	.p2align 3
          .L5:
          	cmpl	%edi, %edx
          	movl	%edi, %eax
          	cmovle	%edx, %eax
          	ret
          	.cfi_endproc
          .LFE0:
          	.size	fmin3, .-fmin3
          	.p2align 4,,15
          	.globl	fmin2
          	.type	fmin2, @function
          fmin2:
          .LFB1:
          	.cfi_startproc
          	cmpl	%edi, %esi
          	movl	%edx, %eax
          	cmovle	%esi, %edi
          	cmpl	%edx, %edi
          	cmovle	%edi, %eax
          	ret
          	.cfi_endproc
          .LFE1:
          	.size	fmin2, .-fmin2
          	.ident	"GCC: (Ubuntu/Linaro 4.6.3-1ubuntu5) 4.6.3"
          	.section	.note.GNU-stack,"",@progbits
      
      fmin3 function, which uses open-coded min3 macro, is compiled into total
      of ten instructions including a conditional branch, whereas fmin2
      function, which uses two calls to min2 macro, is compiled into six
      instructions with no branches.
      
      Similarly, open-coded clamp produces the same code as clamp using min and
      max macros, but the latter is much shorter:
      
          $ cat clamp.c
          #define clamp(val, min, max) ({			\
          	typeof(val) __val = (val);		\
          	typeof(min) __min = (min);		\
          	typeof(max) __max = (max);		\
          	(void) (&__val == &__min);		\
          	(void) (&__val == &__max);		\
          	__val = __val < __min ? __min: __val;	\
          	__val > __max ? __max: __val; })
          #define min(x, y) ({				\
          	typeof(x) _min1 = (x);			\
          	typeof(y) _min2 = (y);			\
          	(void) (&_min1 == &_min2);		\
          	_min1 < _min2 ? _min1 : _min2; })
          #define max(x, y) ({				\
          	typeof(x) _max1 = (x);			\
          	typeof(y) _max2 = (y);			\
          	(void) (&_max1 == &_max2);		\
          	_max1 > _max2 ? _max1 : _max2; })
      
          int fclamp(int v, int min, int max) { return clamp(v, min, max); }
          int fclampmm(int v, int min, int max) { return min(max(v, min), max); }
      
          $ gcc -O2 -o clamp.s -S clamp.c; cat clamp.s
          	.file	"clamp.c"
          	.text
          	.p2align 4,,15
          	.globl	fclamp
          	.type	fclamp, @function
          fclamp:
          .LFB0:
          	.cfi_startproc
          	cmpl	%edi, %esi
          	movl	%edx, %eax
          	cmovge	%esi, %edi
          	cmpl	%edx, %edi
          	cmovle	%edi, %eax
          	ret
          	.cfi_endproc
          .LFE0:
          	.size	fclamp, .-fclamp
          	.p2align 4,,15
          	.globl	fclampmm
          	.type	fclampmm, @function
          fclampmm:
          .LFB1:
          	.cfi_startproc
          	cmpl	%edi, %esi
          	cmovge	%esi, %edi
          	cmpl	%edi, %edx
          	movl	%edi, %eax
          	cmovle	%edx, %eax
          	ret
          	.cfi_endproc
          .LFE1:
          	.size	fclampmm, .-fclampmm
          	.ident	"GCC: (Ubuntu/Linaro 4.6.3-1ubuntu5) 4.6.3"
          	.section	.note.GNU-stack,"",@progbits
      
          Linux mpn-glaptop 3.13.0-29-generic #53~precise1-Ubuntu SMP Wed Jun 4 22:06:25 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux
          gcc (Ubuntu/Linaro 4.6.3-1ubuntu5) 4.6.3
          Copyright (C) 2011 Free Software Foundation, Inc.
          This is free software; see the source for copying conditions.  There is NO
          warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
      
          -rwx------ 1 mpn eng 51224656 Jun 17 14:15 vmlinux.before
          -rwx------ 1 mpn eng 51224608 Jun 17 13:57 vmlinux.after
      
      48 bytes reduction.  The do_fault_around was a few instruction shorter
      and as far as I can tell saved 12 bytes on the stack, i.e.:
      
          $ grep -e rsp -e pop -e push do_fault_around.*
          do_fault_around.before.s:push   %rbp
          do_fault_around.before.s:mov    %rsp,%rbp
          do_fault_around.before.s:push   %r13
          do_fault_around.before.s:push   %r12
          do_fault_around.before.s:push   %rbx
          do_fault_around.before.s:sub    $0x38,%rsp
          do_fault_around.before.s:add    $0x38,%rsp
          do_fault_around.before.s:pop    %rbx
          do_fault_around.before.s:pop    %r12
          do_fault_around.before.s:pop    %r13
          do_fault_around.before.s:pop    %rbp
      
          do_fault_around.after.s:push   %rbp
          do_fault_around.after.s:mov    %rsp,%rbp
          do_fault_around.after.s:push   %r12
          do_fault_around.after.s:push   %rbx
          do_fault_around.after.s:sub    $0x30,%rsp
          do_fault_around.after.s:add    $0x30,%rsp
          do_fault_around.after.s:pop    %rbx
          do_fault_around.after.s:pop    %r12
          do_fault_around.after.s:pop    %rbp
      
      or here side-by-side:
      
          Before                    After
          push   %rbp               push   %rbp
          mov    %rsp,%rbp          mov    %rsp,%rbp
          push   %r13
          push   %r12               push   %r12
          push   %rbx               push   %rbx
          sub    $0x38,%rsp         sub    $0x30,%rsp
          add    $0x38,%rsp         add    $0x30,%rsp
          pop    %rbx               pop    %rbx
          pop    %r12               pop    %r12
          pop    %r13
          pop    %rbp               pop    %rbp
      
      There are also fewer branches:
      
          $ grep ^j do_fault_around.*
          do_fault_around.before.s:jae    ffffffff812079b7
          do_fault_around.before.s:jmp    ffffffff812079c5
          do_fault_around.before.s:jmp    ffffffff81207a14
          do_fault_around.before.s:ja     ffffffff812079f9
          do_fault_around.before.s:jb     ffffffff81207a10
          do_fault_around.before.s:jmp    ffffffff81207a63
          do_fault_around.before.s:jne    ffffffff812079df
      
          do_fault_around.after.s:jmp    ffffffff812079fd
          do_fault_around.after.s:ja     ffffffff812079e2
          do_fault_around.after.s:jb     ffffffff812079f9
          do_fault_around.after.s:jmp    ffffffff81207a4c
          do_fault_around.after.s:jne    ffffffff812079c8
      
      And here's with allyesconfig on a different machine:
      
          $ uname -a; gcc --version; ls -l vmlinux.*
          Linux erwin 3.14.7-mn #54 SMP Sun Jun 15 11:25:08 CEST 2014 x86_64 AMD Phenom(tm) II X3 710 Processor AuthenticAMD GNU/Linux
          gcc (GCC) 4.8.3
          Copyright (C) 2013 Free Software Foundation, Inc.
          This is free software; see the source for copying conditions.  There is NO
          warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
      
          -rwx------ 1 mpn eng 437027411 Jun 20 16:04 vmlinux.before
          -rwx------ 1 mpn eng 437026881 Jun 20 15:30 vmlinux.after
      
      530 bytes reduction.
      Signed-off-by: NMichal Nazarewicz <mina86@mina86.com>
      Signed-off-by: NHagen Paul Pfeifer <hagen@jauu.net>
      Acked-by: NSteven Rostedt <rostedt@goodmis.org>
      Cc: Hagen Paul Pfeifer <hagen@jauu.net>
      Cc: David Rientjes <rientjes@google.com>
      Cc: "Rustad, Mark D" <mark.d.rustad@intel.com>
      Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      2e1d06e1
  20. 04 10月, 2014 1 次提交
  21. 17 9月, 2014 1 次提交
  22. 09 8月, 2014 1 次提交
  23. 07 8月, 2014 1 次提交
  24. 27 7月, 2014 1 次提交
    • R
      sysfs: disallow world-writable files. · 37549e94
      Rusty Russell 提交于
      This check was introduced in 2006 by Alexey Dobriyan (9774a1f5)
      for module parameters; we removed it when we unified the check into
      VERIFY_OCTAL_PERMISSIONS() as sysfs didn't have the same requirement.
      Now all those users are fixed, reintroduce it.
      
      Cc: Alexey Dobriyan <adobriyan@gmail.com>
      Cc: Dave Jones <davej@redhat.com>
      Cc: Joe Perches <joe@perches.com>
      Signed-off-by: NRusty Russell <rusty@rustcorp.com.au>
      37549e94
  25. 26 6月, 2014 1 次提交
  26. 24 3月, 2014 1 次提交
  27. 21 3月, 2014 1 次提交
  28. 13 3月, 2014 1 次提交
    • M
      Fix: module signature vs tracepoints: add new TAINT_UNSIGNED_MODULE · 66cc69e3
      Mathieu Desnoyers 提交于
      Users have reported being unable to trace non-signed modules loaded
      within a kernel supporting module signature.
      
      This is caused by tracepoint.c:tracepoint_module_coming() refusing to
      take into account tracepoints sitting within force-loaded modules
      (TAINT_FORCED_MODULE). The reason for this check, in the first place, is
      that a force-loaded module may have a struct module incompatible with
      the layout expected by the kernel, and can thus cause a kernel crash
      upon forced load of that module on a kernel with CONFIG_TRACEPOINTS=y.
      
      Tracepoints, however, specifically accept TAINT_OOT_MODULE and
      TAINT_CRAP, since those modules do not lead to the "very likely system
      crash" issue cited above for force-loaded modules.
      
      With kernels having CONFIG_MODULE_SIG=y (signed modules), a non-signed
      module is tainted re-using the TAINT_FORCED_MODULE taint flag.
      Unfortunately, this means that Tracepoints treat that module as a
      force-loaded module, and thus silently refuse to consider any tracepoint
      within this module.
      
      Since an unsigned module does not fit within the "very likely system
      crash" category of tainting, add a new TAINT_UNSIGNED_MODULE taint flag
      to specifically address this taint behavior, and accept those modules
      within Tracepoints. We use the letter 'X' as a taint flag character for
      a module being loaded that doesn't know how to sign its name (proposed
      by Steven Rostedt).
      
      Also add the missing 'O' entry to trace event show_module_flags() list
      for the sake of completeness.
      Signed-off-by: NMathieu Desnoyers <mathieu.desnoyers@efficios.com>
      Acked-by: NSteven Rostedt <rostedt@goodmis.org>
      NAKed-by: NIngo Molnar <mingo@redhat.com>
      CC: Thomas Gleixner <tglx@linutronix.de>
      CC: David Howells <dhowells@redhat.com>
      CC: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
      Signed-off-by: NRusty Russell <rusty@rustcorp.com.au>
      66cc69e3
  29. 24 1月, 2014 1 次提交
  30. 22 1月, 2014 1 次提交
  31. 13 12月, 2013 1 次提交
  32. 26 11月, 2013 1 次提交
    • J
      panic: Make panic_timeout configurable · 5800dc3c
      Jason Baron 提交于
      The panic_timeout value can be set via the command line option
      'panic=x', or via /proc/sys/kernel/panic, however that is not
      sufficient when the panic occurs before we are able to set up
      these values. Thus, add a CONFIG_PANIC_TIMEOUT so that we can
      set the desired value from the .config.
      
      The default panic_timeout value continues to be 0 - wait
      forever. Also adds set_arch_panic_timeout(new_timeout,
      arch_default_timeout), which is intended to be used by arches in
      arch_setup(). The idea being that the new_timeout is only set if
      the user hasn't changed from the arch_default_timeout.
      Signed-off-by: NJason Baron <jbaron@akamai.com>
      Cc: benh@kernel.crashing.org
      Cc: paulus@samba.org
      Cc: ralf@linux-mips.org
      Cc: mpe@ellerman.id.au
      Cc: felipe.contreras@gmail.com
      Cc: Linus Torvalds <torvalds@linux-foundation.org>
      Cc: Andrew Morton <akpm@linux-foundation.org>
      Cc: Peter Zijlstra <a.p.zijlstra@chello.nl>
      Cc: Thomas Gleixner <tglx@linutronix.de>
      Link: http://lkml.kernel.org/r/1a1674daec27c534df409697025ac568ebcee91e.1385418410.git.jbaron@akamai.comSigned-off-by: NIngo Molnar <mingo@kernel.org>
      5800dc3c
  33. 07 11月, 2013 1 次提交
  34. 21 9月, 2013 1 次提交
  35. 03 8月, 2013 1 次提交
  36. 06 6月, 2013 1 次提交