1. 20 4月, 2017 4 次提交
    • P
      KVM: PPC: Emulation for more integer loads and stores · ceba57df
      Paul Mackerras 提交于
      This adds emulation for the following integer loads and stores,
      thus enabling them to be used in a guest for accessing emulated
      MMIO locations.
      
      - lhaux
      - lwaux
      - lwzux
      - ldu
      - lwa
      - stdux
      - stwux
      - stdu
      - ldbrx
      - stdbrx
      
      Previously, most of these would cause an emulation failure exit to
      userspace, though ldu and lwa got treated incorrectly as ld, and
      stdu got treated incorrectly as std.
      
      This also tidies up some of the formatting and updates the comment
      listing instructions that still need to be implemented.
      
      With this, all integer loads and stores that are defined in the Power
      ISA v2.07 are emulated, except for those that are permitted to trap
      when used on cache-inhibited or write-through mappings (and which do
      in fact trap on POWER8), that is, lmw/stmw, lswi/stswi, lswx/stswx,
      lq/stq, and l[bhwdq]arx/st[bhwdq]cx.
      Signed-off-by: NPaul Mackerras <paulus@ozlabs.org>
      ceba57df
    • A
      KVM: PPC: Add MMIO emulation for stdx (store doubleword indexed) · 91242fd1
      Alexey Kardashevskiy 提交于
      This adds missing stdx emulation for emulated MMIO accesses by KVM
      guests.  This allows the Mellanox mlx5_core driver from recent kernels
      to work when MMIO emulation is enforced by userspace.
      Signed-off-by: NAlexey Kardashevskiy <aik@ozlabs.ru>
      Signed-off-by: NPaul Mackerras <paulus@ozlabs.org>
      91242fd1
    • B
      KVM: PPC: Book3S: Add MMIO emulation for FP and VSX instructions · 6f63e81b
      Bin Lu 提交于
      This patch provides the MMIO load/store emulation for instructions
      of 'double & vector unsigned char & vector signed char & vector
      unsigned short & vector signed short & vector unsigned int & vector
      signed int & vector double '.
      
      The instructions that this adds emulation for are:
      
      - ldx, ldux, lwax,
      - lfs, lfsx, lfsu, lfsux, lfd, lfdx, lfdu, lfdux,
      - stfs, stfsx, stfsu, stfsux, stfd, stfdx, stfdu, stfdux, stfiwx,
      - lxsdx, lxsspx, lxsiwax, lxsiwzx, lxvd2x, lxvw4x, lxvdsx,
      - stxsdx, stxsspx, stxsiwx, stxvd2x, stxvw4x
      
      [paulus@ozlabs.org - some cleanups, fixes and rework, make it
       compile for Book E, fix build when PR KVM is built in]
      Signed-off-by: NBin Lu <lblulb@linux.vnet.ibm.com>
      Signed-off-by: NPaul Mackerras <paulus@ozlabs.org>
      6f63e81b
    • P
      KVM: PPC: Provide functions for queueing up FP/VEC/VSX unavailable interrupts · 307d9279
      Paul Mackerras 提交于
      This provides functions that can be used for generating interrupts
      indicating that a given functional unit (floating point, vector, or
      VSX) is unavailable.  These functions will be used in instruction
      emulation code.
      Signed-off-by: NPaul Mackerras <paulus@ozlabs.org>
      307d9279
  2. 07 4月, 2017 1 次提交
  3. 16 3月, 2017 1 次提交
  4. 10 3月, 2017 5 次提交
  5. 06 3月, 2017 2 次提交
    • M
      powerpc/64: Fix L1D cache shape vector reporting L1I values · 9c7a0086
      Michael Ellerman 提交于
      It seems we didn't pay quite enough attention when testing the new cache
      shape vectors, which means we didn't notice the bug where the vector for
      the L1D was using the L1I values. Fix it, resulting in eg:
      
        L1I  cache size:     0x8000      32768B         32K
        L1I  line size:        0x80       8-way associative
        L1D  cache size:    0x10000      65536B         64K
        L1D  line size:        0x80       8-way associative
      
      Fixes: 98a5f361 ("powerpc: Add new cache geometry aux vectors")
      Cut-and-paste-bug-by: NBenjamin Herrenschmidt <benh@kernel.crashing.org>
      Badly-reviewed-by: NMichael Ellerman <mpe@ellerman.id.au>
      Signed-off-by: NMichael Ellerman <mpe@ellerman.id.au>
      9c7a0086
    • S
      powerpc: Update to new option-vector-5 format for CAS · 014d02cb
      Suraj Jitindar Singh 提交于
      On POWER9 the ibm,client-architecture-support (CAS) negotiation process
      has been updated to change how the host to guest negotiation is done for
      the new hash/radix mmu as well as the nest mmu, process tables and guest
      translation shootdown (GTSE).
      
      This is documented in the unreleased PAPR ACR "CAS option vector
      additions for P9".
      
      The host tells the guest which options it supports in
      ibm,arch-vec-5-platform-support. The guest then chooses a subset of these
      to request in the CAS call and these are agreed to in the
      ibm,architecture-vec-5 property of the chosen node.
      
      Thus we read ibm,arch-vec-5-platform-support and make our selection before
      calling CAS. We then parse the ibm,architecture-vec-5 property of the
      chosen node to check whether we should run as hash or radix.
      
      ibm,arch-vec-5-platform-support format:
      
      index value pairs: <index, val> ... <index, val>
      
      index: Option vector 5 byte number
      val:   Some representation of supported values
      Signed-off-by: NSuraj Jitindar Singh <sjitindarsingh@gmail.com>
      Acked-by: NPaul Mackerras <paulus@ozlabs.org>
      [mpe: Don't print about unknown options, be consistent with OV5_FEAT]
      Signed-off-by: NMichael Ellerman <mpe@ellerman.id.au>
      014d02cb
  6. 04 3月, 2017 1 次提交
  7. 03 3月, 2017 3 次提交
    • L
      powerpc/booke: Fix boot crash due to null hugepd · 3fb66a70
      Laurentiu Tudor 提交于
      On 32-bit book-e machines, hugepd_ok() no longer takes into account null
      hugepd values, causing this crash at boot:
      
        Unable to handle kernel paging request for data at address 0x80000000
        ...
        NIP [c0018378] follow_huge_addr+0x38/0xf0
        LR [c001836c] follow_huge_addr+0x2c/0xf0
        Call Trace:
         follow_huge_addr+0x2c/0xf0 (unreliable)
         follow_page_mask+0x40/0x3e0
         __get_user_pages+0xc8/0x450
         get_user_pages_remote+0x8c/0x250
         copy_strings+0x110/0x390
         copy_strings_kernel+0x2c/0x50
         do_execveat_common+0x478/0x630
         do_execve+0x2c/0x40
         try_to_run_init_process+0x18/0x60
         kernel_init+0xbc/0x110
         ret_from_kernel_thread+0x5c/0x64
      
      This impacts all nxp (ex-freescale) 32-bit booke platforms.
      
      This was caused by the change of hugepd_t.pd from signed to unsigned,
      and the update to the nohash version of hugepd_ok(). Previously
      hugepd_ok() could exclude all non-huge and NULL pgds using > 0, whereas
      now we need to explicitly check that the value is not zero and also that
      PD_HUGE is *clear*.
      
      This isn't protected by the pgd_none() check in __find_linux_pte_or_hugepte()
      because on 32-bit we use pgtable-nopud.h, which causes the pgd_none()
      check to be always false.
      
      Fixes: 20717e1f ("powerpc/mm: Fix little-endian 4K hugetlb")
      Cc: stable@vger.kernel.org # v4.7+
      Reported-by: NMadalin-Cristian Bucur <madalin.bucur@nxp.com>
      Signed-off-by: NLaurentiu Tudor <laurentiu.tudor@nxp.com>
      [mpe: Flesh out change log details.]
      Signed-off-by: NMichael Ellerman <mpe@ellerman.id.au>
      3fb66a70
    • G
      powerpc/powernv: Fix bug due to labeling ambiguity in power_enter_stop · 424f8acd
      Gautham R. Shenoy 提交于
      Commit 09206b60 ("powernv: Pass PSSCR value and mask to
      power9_idle_stop") added additional code in power_enter_stop() to
      distinguish between stop requests whose PSSCR had ESL=EC=1 from those
      which did not. When ESL=EC=1, we do a forward-jump to a location
      labelled by "1", which had the code to handle the ESL=EC=1 case.
      
      Unfortunately just a couple of instructions before this label, is the
      macro IDLE_STATE_ENTER_SEQ() which also has a label "1" in its
      expansion.
      
      As a result, the current code can result in directly executing stop
      instruction for deep stop requests with PSSCR ESL=EC=1, without saving
      the hypervisor state.
      
      Fix this BUG by labeling the location that handles ESL=EC=1 case with
      a more descriptive label ".Lhandle_esl_ec_set" (local label suggestion
      a la .Lxx from Anton Blanchard).
      
      While at it, rename the label "2" labelling the location of the code
      handling entry into deep stop states with ".Lhandle_deep_stop".
      
      For a good measure, change the label in IDLE_STATE_ENTER_SEQ() macro
      to an not-so commonly used value in order to avoid similar mishaps in
      the future.
      
      Fixes: 09206b60 ("powernv: Pass PSSCR value and mask to power9_idle_stop")
      Signed-off-by: NGautham R. Shenoy <ego@linux.vnet.ibm.com>
      Signed-off-by: NMichael Ellerman <mpe@ellerman.id.au>
      424f8acd
    • R
      powerpc: emulate_step() tests for load/store instructions · 4ceae137
      Ravi Bangoria 提交于
      Add new selftest that test emulate_step for Normal, Floating Point,
      Vector and Vector Scalar - load/store instructions. Test should run
      at boot time if CONFIG_KPROBES_SANITY_TEST and CONFIG_PPC64 is set.
      
      Sample log:
      
        emulate_step_test: ld             : PASS
        emulate_step_test: lwz            : PASS
        emulate_step_test: lwzx           : PASS
        emulate_step_test: std            : PASS
        emulate_step_test: ldarx / stdcx. : PASS
        emulate_step_test: lfsx           : PASS
        emulate_step_test: stfsx          : PASS
        emulate_step_test: lfdx           : PASS
        emulate_step_test: stfdx          : PASS
        emulate_step_test: lvx            : PASS
        emulate_step_test: stvx           : PASS
        emulate_step_test: lxvd2x         : PASS
        emulate_step_test: stxvd2x        : PASS
      Signed-off-by: NRavi Bangoria <ravi.bangoria@linux.vnet.ibm.com>
      [mpe: Drop start/complete lines, make it all __init]
      Signed-off-by: NMichael Ellerman <mpe@ellerman.id.au>
      4ceae137
  8. 01 3月, 2017 1 次提交
    • P
      KVM: PPC: Book3S HV: Fix software walk of guest process page tables · 70cd4c10
      Paul Mackerras 提交于
      This fixes some bugs in the code that walks the guest's page tables.
      These bugs cause MMIO emulation to fail whenever the guest is in
      virtial mode (MMU on), leading to the guest hanging if it tried to
      access a virtio device.
      
      The first bug was that when reading the guest's process table, we were
      using the whole of arch->process_table, not just the field that contains
      the process table base address.  The second bug was that the mask used
      when reading the process table entry to get the radix tree base address,
      RPDB_MASK, had the wrong value.
      
      Fixes: 9e04ba69 ("KVM: PPC: Book3S HV: Add basic infrastructure for radix guests")
      Fixes: e9983344 ("powerpc/mm/radix: Add partition table format & callback")
      Signed-off-by: NPaul Mackerras <paulus@ozlabs.org>
      70cd4c10
  9. 28 2月, 2017 2 次提交
  10. 25 2月, 2017 1 次提交
  11. 23 2月, 2017 1 次提交
    • D
      powerpc: do not make the entire heap executable · 16e72e9b
      Denys Vlasenko 提交于
      On 32-bit powerpc the ELF PLT sections of binaries (built with
      --bss-plt, or with a toolchain which defaults to it) look like this:
      
        [17] .sbss             NOBITS          0002aff8 01aff8 000014 00  WA  0   0  4
        [18] .plt              NOBITS          0002b00c 01aff8 000084 00 WAX  0   0  4
        [19] .bss              NOBITS          0002b090 01aff8 0000a4 00  WA  0   0  4
      
      Which results in an ELF load header:
      
        Type           Offset   VirtAddr   PhysAddr   FileSiz MemSiz  Flg Align
        LOAD           0x019c70 0x00029c70 0x00029c70 0x01388 0x014c4 RWE 0x10000
      
      This is all correct, the load region containing the PLT is marked as
      executable.  Note that the PLT starts at 0002b00c but the file mapping
      ends at 0002aff8, so the PLT falls in the 0 fill section described by
      the load header, and after a page boundary.
      
      Unfortunately the generic ELF loader ignores the X bit in the load
      headers when it creates the 0 filled non-file backed mappings.  It
      assumes all of these mappings are RW BSS sections, which is not the case
      for PPC.
      
      gcc/ld has an option (--secure-plt) to not do this, this is said to
      incur a small performance penalty.
      
      Currently, to support 32-bit binaries with PLT in BSS kernel maps
      *entire brk area* with executable rights for all binaries, even
      --secure-plt ones.
      
      Stop doing that.
      
      Teach the ELF loader to check the X bit in the relevant load header and
      create 0 filled anonymous mappings that are executable if the load
      header requests that.
      
      Test program showing the difference in /proc/$PID/maps:
      
      int main() {
      	char buf[16*1024];
      	char *p = malloc(123); /* make "[heap]" mapping appear */
      	int fd = open("/proc/self/maps", O_RDONLY);
      	int len = read(fd, buf, sizeof(buf));
      	write(1, buf, len);
      	printf("%p\n", p);
      	return 0;
      }
      
      Compiled using: gcc -mbss-plt -m32 -Os test.c -otest
      
      Unpatched ppc64 kernel:
      00100000-00120000 r-xp 00000000 00:00 0                                  [vdso]
      0fe10000-0ffd0000 r-xp 00000000 fd:00 67898094                           /usr/lib/libc-2.17.so
      0ffd0000-0ffe0000 r--p 001b0000 fd:00 67898094                           /usr/lib/libc-2.17.so
      0ffe0000-0fff0000 rw-p 001c0000 fd:00 67898094                           /usr/lib/libc-2.17.so
      10000000-10010000 r-xp 00000000 fd:00 100674505                          /home/user/test
      10010000-10020000 r--p 00000000 fd:00 100674505                          /home/user/test
      10020000-10030000 rw-p 00010000 fd:00 100674505                          /home/user/test
      10690000-106c0000 rwxp 00000000 00:00 0                                  [heap]
      f7f70000-f7fa0000 r-xp 00000000 fd:00 67898089                           /usr/lib/ld-2.17.so
      f7fa0000-f7fb0000 r--p 00020000 fd:00 67898089                           /usr/lib/ld-2.17.so
      f7fb0000-f7fc0000 rw-p 00030000 fd:00 67898089                           /usr/lib/ld-2.17.so
      ffa90000-ffac0000 rw-p 00000000 00:00 0                                  [stack]
      0x10690008
      
      Patched ppc64 kernel:
      00100000-00120000 r-xp 00000000 00:00 0                                  [vdso]
      0fe10000-0ffd0000 r-xp 00000000 fd:00 67898094                           /usr/lib/libc-2.17.so
      0ffd0000-0ffe0000 r--p 001b0000 fd:00 67898094                           /usr/lib/libc-2.17.so
      0ffe0000-0fff0000 rw-p 001c0000 fd:00 67898094                           /usr/lib/libc-2.17.so
      10000000-10010000 r-xp 00000000 fd:00 100674505                          /home/user/test
      10010000-10020000 r--p 00000000 fd:00 100674505                          /home/user/test
      10020000-10030000 rw-p 00010000 fd:00 100674505                          /home/user/test
      10180000-101b0000 rw-p 00000000 00:00 0                                  [heap]
                        ^^^^ this has changed
      f7c60000-f7c90000 r-xp 00000000 fd:00 67898089                           /usr/lib/ld-2.17.so
      f7c90000-f7ca0000 r--p 00020000 fd:00 67898089                           /usr/lib/ld-2.17.so
      f7ca0000-f7cb0000 rw-p 00030000 fd:00 67898089                           /usr/lib/ld-2.17.so
      ff860000-ff890000 rw-p 00000000 00:00 0                                  [stack]
      0x10180008
      
      The patch was originally posted in 2012 by Jason Gunthorpe
      and apparently ignored:
      
      https://lkml.org/lkml/2012/9/30/138
      
      Lightly run-tested.
      
      Link: http://lkml.kernel.org/r/20161215131950.23054-1-dvlasenk@redhat.comSigned-off-by: NJason Gunthorpe <jgunthorpe@obsidianresearch.com>
      Signed-off-by: NDenys Vlasenko <dvlasenk@redhat.com>
      Acked-by: NKees Cook <keescook@chromium.org>
      Acked-by: NMichael Ellerman <mpe@ellerman.id.au>
      Tested-by: NJason Gunthorpe <jgunthorpe@obsidianresearch.com>
      Cc: Benjamin Herrenschmidt <benh@kernel.crashing.org>
      Cc: Paul Mackerras <paulus@samba.org>
      Cc: "Aneesh Kumar K.V" <aneesh.kumar@linux.vnet.ibm.com>
      Cc: Oleg Nesterov <oleg@redhat.com>
      Cc: Florian Weimer <fweimer@redhat.com>
      Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      16e72e9b
  12. 21 2月, 2017 1 次提交
    • M
      powerpc/pseries: Advertise Hot Plug Event support to firmware · 3dbbaf20
      Michael Roth 提交于
      With the inclusion of commit 333f7b76 ("powerpc/pseries: Implement
      indexed-count hotplug memory add") and commit 75384347
      ("powerpc/pseries: Implement indexed-count hotplug memory remove"), we
      now have complete handling of the RTAS hotplug event format as described
      by PAPR via ACR "PAPR Changes for Hotplug RTAS Events".
      
      This capability is indicated by byte 6, bit 2 (5 in IBM numbering) of
      architecture option vector 5, and allows for greater control over
      cpu/memory/pci hot plug/unplug operations.
      
      Existing pseries kernels will utilize this capability based on the
      existence of the /event-sources/hot-plug-events DT property, so we
      only need to advertise it via CAS and do not need a corresponding
      FW_FEATURE_* value to test for.
      Signed-off-by: NMichael Roth <mdroth@linux.vnet.ibm.com>
      Signed-off-by: NMichael Ellerman <mpe@ellerman.id.au>
      3dbbaf20
  13. 18 2月, 2017 1 次提交
    • N
      powerpc/64: Implement clear_bit_unlock_is_negative_byte() · d11914b2
      Nicholas Piggin 提交于
      Commit b91e1302 ("mm: optimize PageWaiters bit use for
      unlock_page()") added a special bitop function to speed up
      unlock_page(). Implement this for 64-bit powerpc.
      
      This improves the unlock_page() core code from this:
      
      	li	9,1
      	lwsync
      1:	ldarx	10,0,3,0
      	andc	10,10,9
      	stdcx.	10,0,3
      	bne-	1b
      	ori	2,2,0
      	ld	9,0(3)
      	andi.	10,9,0x80
      	beqlr
      	li	4,0
      	b	wake_up_page_bit
      
      To this:
      
      	li	10,1
      	lwsync
      1:	ldarx	9,0,3,0
      	andc	9,9,10
      	stdcx.	9,0,3
      	bne-	1b
      	andi.	10,9,0x80
      	beqlr
      	li	4,0
      	b	wake_up_page_bit
      
      In a test of elapsed time for dd writing into 16GB of already-dirty
      pagecache on a POWER8 with 4K pages, which has one unlock_page per 4kB
      this patch reduced overhead by 1.1%:
      
          N           Min           Max        Median           Avg        Stddev
      x  19         2.578         2.619         2.594         2.595         0.011
      +  19         2.552         2.592         2.564         2.565         0.008
      Difference at 95.0% confidence
      	-0.030  +/- 0.006
      	-1.142% +/- 0.243%
      Signed-off-by: NNicholas Piggin <npiggin@gmail.com>
      [mpe: Made 64-bit only until I can test it properly on 32-bit]
      Signed-off-by: NMichael Ellerman <mpe@ellerman.id.au>
      d11914b2
  14. 17 2月, 2017 1 次提交
  15. 15 2月, 2017 5 次提交
  16. 14 2月, 2017 1 次提交
  17. 10 2月, 2017 8 次提交
  18. 09 2月, 2017 1 次提交