1. 02 12月, 2016 2 次提交
    • M
      powerpc/64: Define ILLEGAL_POINTER_VALUE for 64-bit · f6853eb5
      Michael Ellerman 提交于
      This is used in poison.h to offset poison values so that they don't
      point directly into user space.
      
      The value we choose sits roughly between user and kernel space, which
      means on their own the poison values don't point anywhere useful. If an
      attacker can cause an access at some offset from the poison value then
      we may still be in trouble, but by putting the poison values between
      user and kernel space we maximise the required size of that offset.
      Signed-off-by: NMichael Ellerman <mpe@ellerman.id.au>
      f6853eb5
    • B
      powerpc Don't print misleading facility name in facility unavailable exception · 93c2ec0f
      Balbir Singh 提交于
      The current facility_strings[] are correct when the trap address is
      0xf80 (hypervisor facility unavailable). When the trap address is
      0xf60 (facility unavailable) IC (Interruption Cause) a.k.a status in the
      code is undefined for values 0 and 1.
      
      Add a check to prevent printing the (misleading) facility name for IC 0
      and 1 when we came in via 0xf60. In all cases, print the actual IC
      value, to avoid any confusion.
      
      This hasn't been seen on real hardware, on only qemu which was
      misreporting an exception.
      Signed-off-by: NBalbir Singh <bsingharora@gmail.com>
      [mpe: Fix indentation, combine printks(), massage change log]
      Signed-off-by: NMichael Ellerman <mpe@ellerman.id.au>
      93c2ec0f
  2. 01 12月, 2016 4 次提交
    • M
      powerpc: Make selects of IBM_EMAC_* depend on IBM_EMAC · 33596727
      Michael Ellerman 提交于
      We have a bunch of Kconfig symbols which select various IBM_EMAC_*
      symbols. These all cause warnings when IBM_EMAC is not selected.
      
      eg.
      
        warning: (PPC_CELL_NATIVE && BLUESTONE && CANYONLANDS && GLACIER &&
        EIGER && 440EPX && 440GRX && 440GX && 460SX && 405EX) selects
        IBM_EMAC_RGMII which has unmet direct dependencies (NETDEVICES &&
        ETHERNET && NET_VENDOR_IBM)
      
      So make them all depend on IBM_EMAC being enabled first.
      Signed-off-by: NMichael Ellerman <mpe@ellerman.id.au>
      33596727
    • M
      powerpc/cell: Drop select of MEMORY_HOTPLUG · 577ec789
      Michael Ellerman 提交于
      SPU_FS selects MEMORY_HOTPLUG, which is problematic because
      MEMORY_HOTPLUG is user selectable, meaning we can end up with a broken
      .config where MEMORY_HOTPLUG is enabled but its dependencies are not,
      leading to build breakages.
      
      The select of MEMORY_HOTPLUG for SPU_FS was added back in 2006, in
      commit 4da30d15 ("[POWERPC] spufs: fix memory hotplug dependency").
      
      However we reworked the spufs code and removed the dependency on memory
      hotplug in 2007 in commit 78bde53e ("[POWERPC] spufs: remove need
      for struct page for SPEs").
      
      So drop the select as it's no longer needed and causes problems.
      Signed-off-by: NMichael Ellerman <mpe@ellerman.id.au>
      577ec789
    • N
      powerpc/pseries: Use lmb_is_removable() to check removability · 2db029ef
      Nathan Fontenot 提交于
      We should be using lmb_is_removable() to validate that enough LMBs
      are available to remove when doing a remove by count. This will check
      that the LMB is owned by the system and it is considered removable.
      This patch also adds a pr_info() notification to report the LMB count
      to remove was not satisfied.
      
      What we do now is just check that there are enough LMBs owned by the
      system when validating there are enough LMBs to remove. This can
      lead to situations where there are enough LMBs owned by the system
      but not enough that are considered removable. This results in having
      to bail out of the remove operation instead of just failing the request
      that we should have known wouldn't succeed.
      Signed-off-by: NNathan Fontenot <nfont@linux.vnet.ibm.com>
      Signed-off-by: NMichael Ellerman <mpe@ellerman.id.au>
      2db029ef
    • M
      powerpc/mm: Fix page table dump build on non-Book3S · dd5ac03e
      Michael Ellerman 提交于
      In the recent commit 1515ab93 ("powerpc/mm: Dump hash table") we
      added code to dump the hage page table. Currently this can be selected
      to build on any platform. However it breaks the build if we're building
      for a non-Book3S platform, because none of the hash page table related
      defines and so on exist. So restrict it to building only on Book3S.
      
      Similarly in commit 8eb07b18 ("powerpc/mm: Dump linux pagetables")
      we added code to dump the Linux page tables, which uses some constants
      which are only defined on Book3S - so guard those with an #ifdef.
      
      Fixes: 1515ab93 ("powerpc/mm: Dump hash table")
      Fixes: 8eb07b18 ("powerpc/mm: Dump linux pagetables")
      Signed-off-by: NMichael Ellerman <mpe@ellerman.id.au>
      dd5ac03e
  3. 30 11月, 2016 13 次提交
  4. 29 11月, 2016 3 次提交
    • M
      powerpc/boot: Fix rebuild when changing kernel endian · f0f7fe1a
      Michael Ellerman 提交于
      Now that we don't set ARCH incorrectly when calling the boot Makefile,
      we can use the generic cpp_lds_S rule for converting our zImage.lds.S
      into zImage.lds.
      
      The main advantage of using the generic rule is that it correctly uses
      if_changed, which means we correctly regenerate the linker script when
      switching endian. Fixing that means we are finally able to build one
      endian and then rebuild the other endian without requiring to clean
      between builds.
      Signed-off-by: NMichael Ellerman <mpe@ellerman.id.au>
      f0f7fe1a
    • M
      powerpc/boot: All uses of if_changed should depend on FORCE · 42d0c932
      Michael Ellerman 提交于
      If we're using if_changed then we must depend on FORCE, so that
      if_changed gets a chance to check if something changed.
      Signed-off-by: NMichael Ellerman <mpe@ellerman.id.au>
      42d0c932
    • M
      powerpc: Stop passing ARCH=ppc64 to boot Makefile · 1196d7aa
      Michael Ellerman 提交于
      Back in 2005 when the ppc/ppc64 merge started, we used to build the
      kernel code in arch/powerpc but use the boot code from arch/ppc or
      arch/ppc64 depending on whether we were building for 32 or 64-bit.
      
      Originally we called the boot Makefile passing ARCH=$(OLDARCH), where
      OLDARCH was ppc or ppc64.
      
      In commit 20f62954 ("powerpc: Make building the boot image work for
      both 32-bit and 64-bit") (2005-10-11) we split the call for 32/64-bit
      using an ifeq check, because the two Makefiles took different targets,
      and explicitly passed ARCH=ppc64 for the 64-bit case and ARCH=ppc for
      the 32-bit case.
      
      Then in commit 94b212c2 ("powerpc: Move ppc64 boot wrapper code over
      to arch/powerpc") (2005-11-16) we moved the boot code into arch/powerpc
      and dropped the ppc case, but kept passing ARCH=ppc64 to
      arch/powerpc/boot/Makefile.
      
      Since then there have been several more boot targets added, all of which
      have copied the ARCH=ppc64 setting, such that now we have four targets
      using it.
      
      Currently it seems that nothing actually uses the ARCH value, but that's
      basically just luck, and in particular it prevents us from using the
      generic cpp_lds_S rule. It's also clearly wrong, ARCH=ppc64 is dead,
      buried and cremated.
      
      Fix it by dropping the setting of ARCH completely, the correct value is
      exported by the top level Makefile.
      Signed-off-by: NMichael Ellerman <mpe@ellerman.id.au>
      1196d7aa
  5. 28 11月, 2016 9 次提交
  6. 26 11月, 2016 1 次提交
    • B
      powerpc/mm/radix: Prevent kernel execution of user space · 3b10d009
      Balbir Singh 提交于
      ISA 3 defines new encoded access authority that allows instruction
      access prevention in privileged mode and allows normal access
      to problem state. This patch just enables IAMR (Instruction Authority
      Mask Register), enabling AMR would require more work.
      
      I've tested this with a buggy driver and a simple payload. The payload
      is specific to the build I've tested.
      
      mpe: Also tested with LKDTM:
      
        # echo EXEC_USERSPACE > /sys/kernel/debug/provoke-crash/DIRECT
        lkdtm: Performing direct entry EXEC_USERSPACE
        lkdtm: attempting ok execution at c0000000005bf560
        lkdtm: attempting bad execution at 00003fff8d940000
        Unable to handle kernel paging request for instruction fetch
        Faulting instruction address: 0x3fff8d940000
        Oops: Kernel access of bad area, sig: 11 [#1]
        NIP: 00003fff8d940000 LR: c0000000005bfa58 CTR: 00003fff8d940000
        REGS: c0000000f1fcf900 TRAP: 0400   Not tainted  (4.9.0-rc5-compiler_gcc-6.2.0-00109-g956dbc06232a)
        MSR: 9000000010009033 <SF,HV,EE,ME,IR,DR,RI,LE>  CR: 48002222  XER: 00000000
        ...
        Call Trace:
          lkdtm_EXEC_USERSPACE+0x104/0x120 (unreliable)
          lkdtm_do_action+0x3c/0x80
          direct_entry+0x100/0x1b0
          full_proxy_write+0x94/0x100
          __vfs_write+0x3c/0x1b0
          vfs_write+0xcc/0x230
          SyS_write+0x60/0x110
          system_call+0x38/0xfc
      Signed-off-by: NBalbir Singh <bsingharora@gmail.com>
      Signed-off-by: NMichael Ellerman <mpe@ellerman.id.au>
      3b10d009
  7. 25 11月, 2016 7 次提交
  8. 24 11月, 2016 1 次提交