Skip to content

R
raspberrypi-kernel

openeuler / raspberrypi-kernel

通知 13
Star 1
Fork 0
R
raspberrypi-kernel
切换分支/标签
  1. 08 5月, 2007 7 次提交
  3. 28 3月, 2007 1 次提交
    • J
      [PATCH] uml: use correct register file size everywhere · b92c4f92
      Jeff Dike 提交于 
      This patch uses MAX_REG_NR consistently to refer to the register file size.
 FRAME_SIZE isn't sufficient because on x86_64, it is smaller than the
ptrace register file size.  MAX_REG_NR was introduced as a consistent way
to get the number of registers, but wasn't used everywhere it should be.

When this causes a problem, it makes PTRACE_SETREGS fail on x86_64 because
of a corrupted segment register value in the known-good register file.  The
patch also adds a register dump at that point in case there are any future
problems here.
Signed-off-by: NJeff Dike <jdike@linux.intel.com>
Cc: Paolo 'Blaisorblade' Giarrusso <blaisorblade@yahoo.it>
Cc: <stable@kernel.org>
Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      b92c4f92
  5. 07 3月, 2007 1 次提交
  7. 04 11月, 2006 1 次提交
    • J
      [PATCH] uml: include tidying · 1f6f6164
      Jeff Dike 提交于 
      In order to get the __NR_* constants, we need sys/syscall.h.
linux/unistd.h works as well since it includes syscall.h, however syscall.h
is more parsimonious.  We were inconsistent in this, and this patch adds
syscall.h includes where necessary and removes linux/unistd.h includes
where they are not needed.

asm/unistd.h also includes the __NR_* constants, but these are not the
glibc-sanctioned ones, so this also removes one such inclusion.
Signed-off-by: NJeff Dike <jdike@addtoit.com>
Cc: Paolo 'Blaisorblade' Giarrusso <blaisorblade@yahoo.it>
Signed-off-by: NAndrew Morton <akpm@osdl.org>
Signed-off-by: NLinus Torvalds <torvalds@osdl.org>
      1f6f6164
  9. 27 9月, 2006 1 次提交
    • J
      [PATCH] uml: thread creation tidying · 3c917350
      Jeff Dike 提交于 
      fork on UML has always somewhat subtle.  The underlying cause has been the
need to initialize a stack for the new process.  The only portable way to
initialize a new stack is to set it as the alternate signal stack and take a
signal.  The signal handler does whatever initialization is needed and jumps
back to the original stack, where the fork processing is finished.  The basic
context switching mechanism is a jmp_buf for each process.  You switch to a
new process by longjmping to its jmp_buf.

Now that UML has its own implementation of setjmp and longjmp, and I can poke
around inside a jmp_buf without fear that libc will change the structure, a
much simpler mechanism is possible.  The jmpbuf can simply be initialized by
hand.

This eliminates -
	the need to set up and remove the alternate signal stack
	sending and handling a signal
	the signal blocking needed around the stack switching, since
there is no stack switching
	setting up the jmp_buf needed to jump back to the original
stack after the new one is set up

In addition, since jmp_buf is now defined by UML, and not by libc, it can be
embedded in the thread struct.  This makes it unnecessary to have it exist on
the stack, where it used to be.  It also simplifies interfaces, since the
switch jmp_buf used to be a void * inside the thread struct, and functions
which took it as an argument needed to define a jmp_buf variable and assign it
from the void *.
Signed-off-by: NJeff Dike <jdike@addtoit.com>
Cc: Paolo 'Blaisorblade' Giarrusso <blaisorblade@yahoo.it>
Signed-off-by: NAndrew Morton <akpm@osdl.org>
Signed-off-by: NLinus Torvalds <torvalds@osdl.org>
      3c917350
  11. 26 9月, 2006 3 次提交
    • J
      [PATCH] uml: timer cleanups · 537ae946
      Jeff Dike 提交于 
      set_interval returns an error instead of panicing if setitimer fails.  Some of
its callers now check the return.

enable_timer is largely tt-mode-specific, so it is marked as such, and the
only skas-mode caller is made to call set-interval instead.

user_time_init was a no-value-added wrapper around set_interval, so it is
gone.

Since set_interval is now called from kernel code, callers no longer pass
ITIMER_* to it.  Instead, they pass a flag which is converted into ITIMER_REAL
or ITIMER_VIRTUAL.
Signed-off-by: NJeff Dike <jdike@addtoit.com>
Signed-off-by: NAndrew Morton <akpm@osdl.org>
Signed-off-by: NLinus Torvalds <torvalds@osdl.org>
      537ae946
    • J
      [PATCH] uml: Move signal handlers to arch code · 4b84c69b
      Jeff Dike 提交于 
      Have most signals go through an arch-provided handler which recovers the
sigcontext and then calls a generic handler.  This replaces the
ARCH_GET_SIGCONTEXT macro, which was somewhat fragile.  On x86_64, recovering
%rdx (which holds the sigcontext pointer) must be the first thing that
happens.  sig_handler duly invokes that first, but there is no guarantee that
I can see that instructions won't be reordered such that %rdx is used before
that.  Having the arch provide the handler seems much more robust.

Some signals in some parts of UML require their own handlers - these places
don't call set_handler any more.  They call sigaction or signal themselves.
Signed-off-by: NJeff Dike <jdike@addtoit.com>
Signed-off-by: NAndrew Morton <akpm@osdl.org>
Signed-off-by: NLinus Torvalds <torvalds@osdl.org>
      4b84c69b
    • J
      [PATCH] uml: Use klibc setjmp/longjmp · 13c06be3
      Jeff Dike 提交于 
      This patch adds an implementation of setjmp and longjmp to UML, allowing
access to the inside of a jmpbuf without needing the access macros formerly
provided by libc.

The implementation is stolen from klibc.  I copy the relevant files into
arch/um.  I have another patch which avoids the copying, but requires klibc be
in the tree.

setjmp and longjmp users required some tweaking.  Includes of <setjmp.h> were
removed and includes of the UML longjmp.h were added where necessary.  There
are also replacements of siglongjmp with UML_LONGJMP which I somehow missed
earlier.
Signed-off-by: NJeff Dike <jdike@addtoit.com>
Signed-off-by: NAndrew Morton <akpm@osdl.org>
Signed-off-by: NLinus Torvalds <torvalds@osdl.org>
      13c06be3
  13. 15 7月, 2006 1 次提交
  15. 11 7月, 2006 1 次提交
  17. 02 5月, 2006 1 次提交
  19. 20 4月, 2006 1 次提交
  21. 11 4月, 2006 1 次提交
  23. 08 2月, 2006 1 次提交
  25. 19 1月, 2006 4 次提交
  27. 12 1月, 2006 1 次提交
  29. 09 1月, 2006 1 次提交
  31. 07 11月, 2005 2 次提交
  33. 05 9月, 2005 1 次提交
  35. 19 8月, 2005 1 次提交
  37. 29 7月, 2005 1 次提交
  39. 08 7月, 2005 2 次提交
    • B
      [PATCH] uml: Proper clone support for skas0 · 9786a8f3
      Bodo Stroesser 提交于 
      This patch implements the clone-stub mechanism, which allows skas0 to run
with proc_mm==0, even if the clib in UML uses modify_ldt.

Note: There is a bug in skas3.v7 host patch, that avoids UML-skas from
running properly on a SMP-box.  In full skas3, I never really saw problems,
but in skas0 they showed up.

More commentary by jdike - What this patch does is makes sure that the host
parent of each new host process matches the UML parent of the corresponding
UML process.  This ensures that any changed LDTs are inherited.  This is
done by having clone actually called by the UML process from its stub,
rather than by the kernel.  We have special syscall stubs that are loaded
onto the stub code page because that code must be completely
self-contained.  These stubs are given C interfaces, and used like normal C
functions, but there are subtleties.  Principally, we have to be careful
about stack variables in stub_clone_handler after the clone.  The code is
written so that there aren't any - everything boils down to a fixed
address.  If there were any locals, references to them after the clone
would be wrong because the stack just changed.
Signed-off-by: NBodo Stroesser <bstroesser@fujitsu-siemens.com>
Signed-off-by: NJeff Dike <jdike@addtoit.com>
Signed-off-by: NAndrew Morton <akpm@osdl.org>
Signed-off-by: NLinus Torvalds <torvalds@osdl.org>
      9786a8f3
    • J
      [PATCH] uml: skas0 - separate kernel address space on stock hosts · d67b569f
      Jeff Dike 提交于 
      UML has had two modes of operation - an insecure, slow mode (tt mode) in
which the kernel is mapped into every process address space which requires
no host kernel modifications, and a secure, faster mode (skas mode) in
which the UML kernel is in a separate host address space, which requires a
patch to the host kernel.

This patch implements something very close to skas mode for hosts which
don't support skas - I'm calling this skas0.  It provides the security of
the skas host patch, and some of the performance gains.

The two main things that are provided by the skas patch, /proc/mm and
PTRACE_FAULTINFO, are implemented in a way that require no host patch.

For the remote address space changing stuff (mmap, munmap, and mprotect),
we set aside two pages in the process above its stack, one of which
contains a little bit of code which can call mmap et al.

To update the address space, the system call information (system call
number and arguments) are written to the stub page above the code.  The
%esp is set to the beginning of the data, the %eip is set the the start of
the stub, and it repeatedly pops the information into its registers and
makes the system call until it sees a system call number of zero.  This is
to amortize the cost of the context switch across multiple address space
updates.

When the updates are done, it SIGSTOPs itself, and the kernel process
continues what it was doing.

For a PTRACE_FAULTINFO replacement, we set up a SIGSEGV handler in the
child, and let it handle segfaults rather than nullifying them.  The
handler is in the same page as the mmap stub.  The second page is used as
the stack.  The handler reads cr2 and err from the sigcontext, sticks them
at the base of the stack in a faultinfo struct, and SIGSTOPs itself.  The
kernel then reads the faultinfo and handles the fault.

A complication on x86_64 is that this involves resetting the registers to
the segfault values when the process is inside the kill system call.  This
breaks on x86_64 because %rcx will contain %rip because you tell SYSRET
where to return to by putting the value in %rcx.  So, this corrupts $rcx on
return from the segfault.  To work around this, I added an
arch_finish_segv, which on x86 does nothing, but which on x86_64 ptraces
the child back through the sigreturn.  This causes %rcx to be restored by
sigreturn and avoids the corruption.  Ultimately, I think I will replace
this with the trick of having it send itself a blocked signal which will be
unblocked by the sigreturn.  This will allow it to be stopped just after
the sigreturn, and PTRACE_SYSCALLed without all the back-and-forth of
PTRACE_SYSCALLing it through sigreturn.

This runs on a stock host, so theoretically (and hopefully), tt mode isn't
needed any more.  We need to make sure that this is better in every way
than tt mode, though.  I'm concerned about the speed of address space
updates and page fault handling, since they involve extra round-trips to
the child.  We can amortize the round-trip cost for large address space
updates by writing all of the operations to the data page and having the
child execute them all at the same time.  This will help fork and exec, but
not page faults, since they involve only one page.

I can't think of any way to help page faults, except to add something like
PTRACE_FAULTINFO to the host.  There is PTRACE_SIGINFO, but UML doesn't use
siginfo for SIGSEGV (or anything else) because there isn't enough
information in the siginfo struct to handle page faults (the faulting
operation type is missing).  Adding that would make PTRACE_SIGINFO a usable
equivalent to PTRACE_FAULTINFO.

As for the code itself:

- The system call stub is in arch/um/kernel/sys-$(SUBARCH)/stub.S.  It is
  put in its own section of the binary along with stub_segv_handler in
  arch/um/kernel/skas/process.c.  This is manipulated with run_syscall_stub
  in arch/um/kernel/skas/mem_user.c.  syscall_stub will execute any system
  call at all, but it's only used for mmap, munmap, and mprotect.

- The x86_64 stub calls sigreturn by hand rather than allowing the normal
  sigreturn to happen, because the normal sigreturn is a SA_RESTORER in
  UML's address space provided by libc.  Needless to say, this is not
  available in the child's address space.  Also, it does a couple of odd
  pops before that which restore the stack to the state it was in at the
  time the signal handler was called.

- There is a new field in the arch mmu_context, which is now a union.
  This is the pid to be manipulated rather than the /proc/mm file
  descriptor.  Code which deals with this now checks proc_mm to see whether
  it should use the usual skas code or the new code.

- userspace_tramp is now used to create a new host process for every UML
  process, rather than one per UML processor.  It checks proc_mm and
  ptrace_faultinfo to decide whether to map in the pages above its stack.

- start_userspace now makes CLONE_VM conditional on proc_mm since we need
  separate address spaces now.

- switch_mm_skas now just sets userspace_pid[0] to the new pid rather
  than PTRACE_SWITCH_MM.  There is an addition to userspace which updates
  its idea of the pid being manipulated each time around the loop.  This is
  important on exec, when the pid will change underneath userspace().

- The stub page has a pte, but it can't be mapped in using tlb_flush
  because it is part of tlb_flush.  This is why it's required for it to be
  mapped in by userspace_tramp.

Other random things:

- The stub section in uml.lds.S is page aligned.  This page is written
  out to the backing vm file in setup_physmem because it is mapped from
  there into user processes.

- There's some confusion with TASK_SIZE now that there are a couple of
  extra pages that the process can't use.  TASK_SIZE is considered by the
  elf code to be the usable process memory, which is reasonable, so it is
  decreased by two pages.  This confuses the definition of
  USER_PGDS_IN_LAST_PML4, making it too small because of the rounding down
  of the uneven division.  So we round it to the nearest PGDIR_SIZE rather
  than the lower one.

- I added a missing PT_SYSCALL_ARG6_OFFSET macro.

- um_mmu.h was made into a userspace-usable file.

- proc_mm and ptrace_faultinfo are globals which say whether the host
  supports these features.

- There is a bad interaction between the mm.nr_ptes check at the end of
  exit_mmap, stack randomization, and skas0.  exit_mmap will stop freeing
  pages at the PGDIR_SIZE boundary after the last vma.  If the stack isn't
  on the last page table page, the last pte page won't be freed, as it
  should be since the stub ptes are there, and exit_mmap will BUG because
  there is an unfreed page.  To get around this, TASK_SIZE is set to the
  next lowest PGDIR_SIZE boundary and mm->nr_ptes is decremented after the
  calls to init_stub_pte.  This ensures that we know the process stack (and
  all other process mappings) will be below the top page table page, and
  thus we know that mm->nr_ptes will be one too many, and can be
  decremented.

Things that need fixing:

- We may need better assurrences that the stub code is PIC.

- The stub pte is set up in init_new_context_skas.

- alloc_pgdir is probably the right place.
Signed-off-by: NJeff Dike <jdike@addtoit.com>
Signed-off-by: NAndrew Morton <akpm@osdl.org>
Signed-off-by: NLinus Torvalds <torvalds@osdl.org>
      d67b569f
  41. 07 5月, 2005 1 次提交
  43. 06 5月, 2005 2 次提交
    • J
      [PATCH] uml: Fix SIGWINCH relaying · cd2ee4a3
      Jeff Dike 提交于 
      This makes SIGWINCH work again, and fixes a couple of SIGWINCH-associated
crashes.  First, the sigio thread disables SIGWINCH because all hell breaks
loose if it ever gets one and tries to call the signal handling code.  Second,
there was a problem with deferencing tty structs after they were freed.  The
SIGWINCH support for a tty wasn't being turned off or freed after the tty went
away.
Signed-off-by: NJeff Dike <jdike@addtoit.com>
Signed-off-by: NAndrew Morton <akpm@osdl.org>
Signed-off-by: NLinus Torvalds <torvalds@osdl.org>
      cd2ee4a3
    • B
      [PATCH] uml: S390 preparation, abstract host page fault data · c578455a
      Bodo Stroesser 提交于 
      This patch removes the arch-specific fault/trap-infos from thread and
skas-regs.

It adds a new struct faultinfo, that is arch-specific defined in
sysdep/faultinfo.h.

The structure is inserted in thread.arch and thread.regs.skas and
thread.regs.tt

Now, segv and other trap-handlers can copy the contents from regs.X.faultinfo
to thread.arch.faultinfo with one simple assignment.

Also, the number of macros necessary is reduced to

FAULT_ADDRESS(struct faultinfo)
    extracts the faulting address from faultinfo

FAULT_WRITE(struct faultinfo)
    extracts the "is_write" flag

SEGV_IS_FIXABLE(struct faultinfo)
    is true for the fixable segvs, i.e. (TRAP == 14)
    on i386

UPT_FAULTINFO(regs)
    result is (struct faultinfo *) to the faultinfo
    in regs->skas.faultinfo

GET_FAULTINFO_FROM_SC(struct faultinfo, struct sigcontext *)
    copies the relevant parts of the sigcontext to
    struct faultinfo.

On SIGSEGV, call user_signal() instead of handle_segv(), if the architecture
provides the information needed in PTRACE_FAULTINFO, or if PTRACE_FAULTINFO is
missing, because segv-stub will provide the info.

The benefit of the change is, that in case of a non-fixable SIGSEGV, we can
give user processes a SIGSEGV, instead of possibly looping on pagefault
handling.

Since handle_segv() sikked arch_fixup() implicitly by passing ip==0 to segv(),
I changed segv() to call arch_fixup() only, if !is_user.
Signed-off-by: NBodo Stroesser <bstroesser@fujitsu-siemens.com>
Signed-off-by: NJeff Dike <jdike@addtoit.com>
Signed-off-by: NAndrew Morton <akpm@osdl.org>
Signed-off-by: NLinus Torvalds <torvalds@osdl.org>
      c578455a
  45. 17 4月, 2005 1 次提交
    • L
      Linux-2.6.12-rc2 · 1da177e4
      Linus Torvalds 提交于 
      Initial git repository build. I'm not bothering with the full history,
even though we have it. We can create a separate "historical" git
archive of that later if we want to, and in the meantime it's about
3.2GB when imported into git - space that would just make the early
git days unnecessarily complicated, when we don't have a lot of good
infrastructure for it.

Let it rip!
      1da177e4