This was reworked some time ago to go through fixmaps instead, leaving
the range itself unused. As such, kill off the remaining references and
hand over the remaining space for fixmaps directly. This also makes it
possible to simplify the vmalloc fault case as we no longer have to care
about the special section.
Signed-off-by: NPaul Mundt <lethal@linux-sh.org>

At the moment the top of the fixmap space is calculated from P4SEG, which
places it at the end of the store queue space when that API is enabled.
Make sure we use P3_ADDR_MAX here instead to find the proper address
limit. With this done, it's also possible to switch to the generic
vmalloc address range check now that VMALLOC_START/END encapsulate the
translatable areas that we care about.
Signed-off-by: NPaul Mundt <lethal@linux-sh.org>

This plugs in fault code encoding for the sh64 page fault, too.
Signed-off-by: NPaul Mundt <lethal@linux-sh.org>

This provides a simple interface modelled after sparc64/m32r to encode
the error code in the upper byte of thread_info for finer-grained
handling in the page fault path.
Signed-off-by: NPaul Mundt <lethal@linux-sh.org>

We need a lookup_exception_vector() helper for sh64 in order to use the
common page fault code.
Signed-off-by: NPaul Mundt <lethal@linux-sh.org>

This follows the x86 changes for tidying up the page fault error paths.
We'll build on top of this for _32/_64 unification.
Signed-off-by: NPaul Mundt <lethal@linux-sh.org>

The build complains about a /* nested within a comment block, so just
tidy up the formatting.
Signed-off-by: NPaul Mundt <lethal@linux-sh.org>

Signed-off-by: NPhil Edworthy <phil.edworthy@renesas.com>
Signed-off-by: NPaul Mundt <lethal@linux-sh.org>

The RSK2+SH7269 board uses the SH7269 processor. It is often
referred to as just rsk7269. NOR Flash, SDRAM, serial, USB Host and
ethernet are working.
Signed-off-by: NPhil Edworthy <phil.edworthy@renesas.com>
Signed-off-by: NPaul Mundt <lethal@linux-sh.org>

This is an sh2a device (max 266MHz) with FPU, video display
controller (VDC), 8 serial ports, 4 I2C channels, 3 CAN ports,
SD and on-chip USB.
Signed-off-by: NPhil Edworthy <phil.edworthy@renesas.com>
Signed-off-by: NPaul Mundt <lethal@linux-sh.org>

Too many drivers fail at IOPORT vs IOMEM checking before blindly calling
in to the API, so we may as well just provide basic stubs to get more
build coverage. Other platforms already do this, too (tile, parisc, etc.)
Signed-off-by: NPaul Mundt <lethal@linux-sh.org>

Signed-off-by: NPhil Edworthy <phil.edworthy@renesas.com>
Signed-off-by: NPaul Mundt <lethal@linux-sh.org>

The RSK2+SH7264 board uses the sh7264 processor. It is often
referred to as just rsk7264. NOR Flash, SDRAM, serial, USB Host and
ethernet are working.
Signed-off-by: NPhil Edworthy <phil.edworthy@renesas.com>
Signed-off-by: NPaul Mundt <lethal@linux-sh.org>

This is an sh2a device with FPU, video display controller (VDC),
8 serial ports, 3 I2C channels, 2 CAN ports, SD and on-chip USB.
Signed-off-by: NPhil Edworthy <phil.edworthy@renesas.com>
Signed-off-by: NPaul Mundt <lethal@linux-sh.org>

id 0 is already used and causes errors at boot:

WARNING: at fs/sysfs/dir.c:508 sysfs_add_one+0x9c/0xac()
sysfs: cannot create duplicate filename '/devices/platform/reg-fixed-voltage.0'

Fix it by using the next available one (id=1).

This was caused by 5b3689f4 (ARM: OMAP2+: smsc911x: Add fixed
board regulators) that did not account for some regulators
already being used.
Signed-off-by: NEnrico Butera <ebutera@users.berlios.de>
[tony@atomide.com: updated comments for regression causing commit]
Signed-off-by: NTony Lindgren <tony@atomide.com>

s/kcm/kvm/.
Signed-off-by: NMarcelo Tosatti <mtosatti@redhat.com>
Signed-off-by: NAvi Kivity <avi@redhat.com>

Alignment was the last user of the ENABLE_INTS macro, which we can
now remove. All non-syscall exceptions now disable interrupts on
entry, they get re-enabled conditionally from C code. Don't
unconditionally re-enable in program check either, check the
original context.
Signed-off-by: NBenjamin Herrenschmidt <benh@kernel.crashing.org>

We had a case where we could turn on hard interrupts while
leaving the PACA_IRQ_HARD_DIS bit set in the PACA. This can
in turn cause a BUG_ON() to hit in __check_irq_replay() due
to interrupt state getting out of sync.

The assembly code was also way too convoluted. Instead, we
now leave it to the C code to do the right thing which ends
up being smaller and more readable.
Signed-off-by: NBenjamin Herrenschmidt <benh@kernel.crashing.org>

Commit 554cdaef ('ARM: orion5x: Refactor
mpp code to use common orion platform mpp.') seems to have accidentally
inverted the GPIO valid bits for MPP9 (only).  For the mv2120 platform
which uses MPP9 as a GPIO LED device, this results in the error:

[   12.711476] leds-gpio: probe of leds-gpio failed with error -22
Reported-by: NHenry von Tresckow <hvontres@gmail.com>
References: http://bugs.debian.org/667446Signed-off-by: NBen Hutchings <ben@decadent.org.uk>
Cc: stable@vger.kernel.org [v3.0+]
Tested-by: NHans Henry von Tresckow <hvontres@gmail.com>
Signed-off-by: NJason Cooper <jason@lakedaemon.net>

Fixes the following build error when CONFIG_KEXEC is enabled:
  CC      arch/arm/mach-kirkwood/board-dt.o
arch/arm/mach-kirkwood/board-dt.c: In function 'kirkwood_dt_init':
arch/arm/mach-kirkwood/board-dt.c:52:2: error: 'kexec_reinit' undeclared (first use in this function)
arch/arm/mach-kirkwood/board-dt.c:52:2: note: each undeclared identifier is reported only once for each function it appears in
Signed-off-by: NIan Campbell <ijc@hellion.org.uk>
[v4, rebase onto recent Linus for repost]
[v3, speak actual English in the commit message, thanks Sergei Shtylyov]
[v2, using linux/kexec.h not asm/kexec.h]
Signed-off-by: NJason Cooper <jason@lakedaemon.net>

With the embed percpu first chunk allocator, x86 uses either PAGE_SIZE
or PMD_SIZE for atom_size.  PMD_SIZE is used when CPU supports PSE so
that percpu areas are aligned to PMD mappings and possibly allow using
PMD mappings in vmalloc areas in the future.  Using larger atom_size
doesn't waste actual memory; however, it does require larger vmalloc
space allocation later on for !first chunks.

With reasonably sized vmalloc area, PMD_SIZE shouldn't be a problem
but x86_32 at this point is anything but reasonable in terms of
address space and using larger atom_size reportedly leads to frequent
percpu allocation failures on certain setups.

As there is no reason to not use PMD_SIZE on x86_64 as vmalloc space
is aplenty and most x86_64 configurations support PSE, fix the issue
by always using PMD_SIZE on x86_64 and PAGE_SIZE on x86_32.

v2: drop cpu_has_pse test and make x86_64 always use PMD_SIZE and
    x86_32 PAGE_SIZE as suggested by hpa.
Signed-off-by: NTejun Heo <tj@kernel.org>
Reported-by: NYanmin Zhang <yanmin.zhang@intel.com>
Reported-by: NShuoX Liu <shuox.liu@intel.com>
Acked-by: NH. Peter Anvin <hpa@zytor.com>
LKML-Reference: <4F97BA98.6010001@intel.com>
Cc: stable@vger.kernel.org

The H_REGISTER_VPA hcall implementation in HV Power KVM needs to pin some
guest memory pages into host memory so that they can be safely accessed
from usermode.  It does this used get_user_pages_fast().  When the VPA is
unregistered, or the VCPUs are cleaned up, these pages are released using
put_page().

However, the get_user_pages() is invoked on the specific memory are of the
VPA which could lie within hugepages.  In case the pinned page is huge,
we explicitly find the head page of the compound page before calling
put_page() on it.

At least with the latest kernel, this is not correct.  put_page() already
handles finding the correct head page of a compound, and also deals with
various counts on the individual tail page which are important for
transparent huge pages.  We don't support transparent hugepages on Power,
but even so, bypassing this count maintenance can lead (when the VM ends)
to a hugepage being released back to the pool with a non-zero mapcount on
one of the tail pages.  This can then lead to a bad_page() when the page
is released from the hugepage pool.

This removes the explicit compound_head() call to correct this bug.
Signed-off-by: NDavid Gibson <david@gibson.dropbear.id.au>
Signed-off-by: NPaul Mackerras <paulus@samba.org>
Acked-by: NAlexander Graf <agraf@suse.de>
Signed-off-by: NAvi Kivity <avi@redhat.com>

The accessing PCI configuration space with the PCI BIOS32 service does
not work in PV guests.

On systems without MMCONFIG or where the BIOS hasn't marked the
MMCONFIG region as reserved in the e820 map, the BIOS service is
probed (even though direct access is preferred) and this hangs.

CC: stable@kernel.org
Acked-by: NJan Beulich <jbeulich@suse.com>
Signed-off-by: NDavid Vrabel <david.vrabel@citrix.com>
[v1: Fixed compile error when CONFIG_PCI is not set]
Signed-off-by: NKonrad Rzeszutek Wilk <konrad.wilk@oracle.com>

If I try to do "cat /sys/kernel/debug/kernel_page_tables"
I end up with:

BUG: unable to handle kernel paging request at ffffc7fffffff000
IP: [<ffffffff8106aa51>] ptdump_show+0x221/0x480
PGD 0
Oops: 0000 [#1] SMP
CPU 0
.. snip..
RAX: 0000000000000000 RBX: ffffc00000000fff RCX: 0000000000000000
RDX: 0000800000000000 RSI: 0000000000000000 RDI: ffffc7fffffff000

which is due to the fact we are trying to access a PFN that is not
accessible to us. The reason (at least in this case) was that
PGD[256] is set to __HYPERVISOR_VIRT_START which was setup (by the
hypervisor) to point to a read-only linear map of the MFN->PFN array.
During our parsing we would get the MFN (a valid one), try to look
it up in the MFN->PFN tree and find it invalid and return ~0 as PFN.
Then pte_mfn_to_pfn would happilly feed that in, attach the flags
and return it back to the caller. 'ptdump_show' bitshifts it and
gets and invalid value that it tries to dereference.

Instead of doing all of that, we detect the ~0 case and just
return !_PAGE_PRESENT.

This bug has been in existence .. at least until 2.6.37 (yikes!)

CC: stable@kernel.org
Signed-off-by: NKonrad Rzeszutek Wilk <konrad.wilk@oracle.com>

On x86_64 on AMD machines where the first APIC_ID is not zero, we get:

ACPI: LAPIC (acpi_id[0x01] lapic_id[0x10] enabled)
BIOS bug: APIC version is 0 for CPU 1/0x10, fixing up to 0x10
BIOS bug: APIC version mismatch, boot CPU: 0, CPU 1: version 10

which means that when the ACPI processor driver loads and
tries to parse the _Pxx states it fails to do as, as it
ends up calling acpi_get_cpuid which does this:

for_each_possible_cpu(i) {
        if (cpu_physical_id(i) == apic_id)
                return i;
}

And the bootup CPU, has not been found so it fails and returns -1
for the first CPU - which then subsequently in the loop that
"acpi_processor_get_info" does results in returning an error, which
means that "acpi_processor_add" failing and per_cpu(processor)
is never set (and is NULL).

That means that when xen-acpi-processor tries to load (much much
later on) and parse the P-states it gets -ENODEV from
acpi_processor_register_performance() (which tries to read
the per_cpu(processor)) and fails to parse the data.
Reported-by-and-Tested-by: NStefan Bader <stefan.bader@canonical.com>
Suggested-by: NBoris Ostrovsky <boris.ostrovsky@amd.com>
[v2: Bit-shift APIC ID by 24 bits]
Signed-off-by: NKonrad Rzeszutek Wilk <konrad.wilk@oracle.com>

Commit ce7e5d2d ("x86: fix broken TASK_SIZE for ia32_aout") breaks
kernel builds when "CONFIG_IA32_AOUT=m" with

  ERROR: "set_personality_ia32" [arch/x86/ia32/ia32_aout.ko] undefined!
  make[1]: *** [__modpost] Error 1

The entry point needs to be exported.
Signed-off-by: NLarry Finger <Larry.Finger@lwfinger.net>
Acked-by: NAl Viro <viro@zeniv.linux.org>
Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>

Setting TIF_IA32 in load_aout_binary() used to be enough; these days
TASK_SIZE is controlled by TIF_ADDR32 and that one doesn't get set
there.  Switch to use of set_personality_ia32()...
Signed-off-by: NAl Viro <viro@zeniv.linux.org.uk>
Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>

It turned to be totally unneeded. The reason the code was introduced is
so that KVM can prefault swapped in page, but prefault can fail even
if mm is pinned since page table can change anyway. KVM handles this
situation correctly though and does not inject spurious page faults.

Fixes:
 "INFO: SOFTIRQ-safe -> SOFTIRQ-unsafe lock order detected" warning while
 running LTP inside a KVM guest using the recent -next kernel.
Reported-by: NSasha Levin <levinsasha928@gmail.com>
Signed-off-by: NGleb Natapov <gleb@redhat.com>
Signed-off-by: NAvi Kivity <avi@redhat.com>

If vcpu executes hlt instruction while async PF is waiting to be delivered
vcpu can block and deliver async PF only after another even wakes it
up. This happens because kvm_check_async_pf_completion() will remove
completion event from vcpu->async_pf.done before entering kvm_vcpu_block()
and this will make kvm_arch_vcpu_runnable() return false. The solution
is to make vcpu runnable when processing completion.
Signed-off-by: NGleb Natapov <gleb@redhat.com>
Signed-off-by: NAvi Kivity <avi@redhat.com>

Commit 4e8ee7de (ARM: SMP: use
idmap_pgd for mapping MMU enable during secondary booting)
switched secondary boot to use idmap_pgd, which is initialized
during early_initcall, instead of a page table initialized during
__cpu_up.  This causes idmap_pgd to contain the static mappings
but be missing all dynamic mappings.

If a console is registered that creates a dynamic mapping, the
printk in secondary_start_kernel will trigger a data abort on
the missing mapping before the exception handlers have been
initialized, leading to a hang.  Initial boot is not affected
because no consoles have been registered, and resume is usually
not affected because the offending console is suspended.
Onlining a cpu with hotplug triggers the problem.

A workaround is to the printk in secondary_start_kernel until
after the page tables have been switched back to init_mm.

Cc: <stable@vger.kernel.org>
Signed-off-by: NColin Cross <ccross@android.com>
Signed-off-by: NRussell King <rmk+kernel@arm.linux.org.uk>

The test in pdc_console_tty_close '!tty->count' was always wrong
because tty->count is decremented after tty->ops->close is called and
thus can never be zero. Hence the 'then' branch was never executed and
the timer never deleted.

This did not matter until commit 5dd5bc40 ("TTY: pdc_cons, use
tty_port").  There we needed to set TTY in tty_port to NULL, but this
never happened due to the bug above.

So change the test to really trigger at the last close by changing the
condition to 'tty->count == 1'.

Well, the driver should not touch tty->count at all.  It should use
tty_port->count and count open count there itself.
Signed-off-by: NJiri Slaby <jslaby@suse.cz>
Reported-and-tested-by: NMikulas Patocka <mpatocka@redhat.com>
Cc: Kyle McMartin <kyle@mcmartin.ca>
Cc: Helge Deller <deller@gmx.de>
Cc: "James E.J. Bottomley" <jejb@parisc-linux.org>
Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>

The machine endianness has no direct correspondence to the syscall ABI,
so use only AUDIT_ARCH_ARM when identifying the ABI to the audit tools
in userspace.

Cc: stable@vger.kernel.org
Signed-off-by: NWill Deacon <will.deacon@arm.com>
Signed-off-by: NRussell King <rmk+kernel@arm.linux.org.uk>

The ARM audit code incorrectly uses the saved application ip register
value to infer syscall entry or exit. Additionally, the saved value will
be clobbered if the current task is not being traced, which can lead to
libc corruption if ip is live (apparently glibc uses it for the TLS
pointer).

This patch fixes the syscall tracing code so that the why parameter is
used to infer the syscall direction and the saved ip is only updated if
we know that we will be signalling a ptrace trap.
Reported-and-Tested-by: NJon Masters <jcm@jonmasters.org>

Cc: stable@vger.kernel.org
Cc: Eric Paris <eparis@redhat.com>
Signed-off-by: NWill Deacon <will.deacon@arm.com>
Signed-off-by: NRussell King <rmk+kernel@arm.linux.org.uk>

The inline assembly in kernel_execve() uses r8 and r9.  Since this
code sequence does not return, it usually doesn't matter if the
register clobber list is accurate.  However, I saw a case where a
particular version of gcc used r8 as an intermediate for the value
eventually passed to r9.  Because r8 is used in the inline
assembly, and not mentioned in the clobber list, r9 was set
to an incorrect value.

This resulted in a kernel panic on execution of the first user-space
program in the system.  r9 is used in ret_to_user as the thread_info
pointer, and if it's wrong, bad things happen.

Cc: <stable@vger.kernel.org>
Signed-off-by: NTim Bird <tim.bird@am.sony.com>
Signed-off-by: NRussell King <rmk+kernel@arm.linux.org.uk>

It seems that there was an error with the active_low = 1 for the
LED, since it should be set to 0 (meaning that active is high,
since 0 is false, hence the confusion.

The wiki article about it confuses it, since it contradicts itself,
regarding what turns on the LED.

I have tested 3.4-rc2 on my net5501 with this patch, and it makes the LED
behave correctly, where "none" turns it off, and "default-on" turns it on,
when echoed onto the trigger "file" in /sys/class/leds.
Signed-off-by: NBjarke Istrup Pedersen <gurligebis@gentoo.org>
Link: http://lkml.kernel.org/r/20120504210146.62186A018B@akpm.mtv.corp.google.com
Cc: Philip Prindeville <philipp@redfish-solutions.com>
Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
Signed-off-by: NH. Peter Anvin <hpa@zytor.com>

This reverts commit 46f8c3c7.

The commit above swapped the DSI1_PPID and DSI2_PPID register fields in
CONTROL_DSIPHY to be in sync with the newer public OMAP TRMs(after version V).

With this commit, contention errors were reported on DSI lanes some OMAP4 SDPs.
After probing the DSI lanes on OMAP4 SDP, it was seen that setting bits in the
DSI2_PPID field was pulling up voltage on DSI1 lanes, and DSI1_PPID field was
pulling up voltage on DSI2 lanes.

This proves that the current version of OMAP4 TRM is incorrect, swap the
position of register fields according to the older TRM versions as they were
correct.

Cc: stable@vger.kernel.org # v3.2+
Acked-by: NTomi Valkeinen <tomi.valkeinen@ti.com>
Signed-off-by: NArchit Taneja <archit@ti.com>
Signed-off-by: NTony Lindgren <tony@atomide.com>

Commit 384ebe1c, "gpio/omap: Add DT
support to GPIO driver", introduced dynamic IRQ numbering of OMAP GPIO
interrupts, breaking all IH_GPIO_BASE based IRQ number calculations.
This issue was corrected in the OMAP GPIO driver and the related header
file with commit 25db711d, "gpio/omap:
Fix IRQ handling for SPARSE_IRQ".

However, the Amstrad Delta FIQ handler, which replaces the gpio-omap
driver in serving GPIO interrupts on this board, still uses that
outdated method. Fix it.
Signed-off-by: NJanusz Krzysztofik <jkrzyszt@tis.icnet.pl>
Signed-off-by: NTony Lindgren <tony@atomide.com>

It turns out that there are more cases than CONFIG_DEBUG_PAGEALLOC that
can have holes in the kernel address space: it seems to happen easily
with Xen, and it looks like the AMD gart64 code will also punch holes
dynamically.

Actually hitting that case is still very unlikely, so just do the
access, and take an exception and fix it up for the very unlikely case
of it being a page-crosser with no next page.

And hey, this abstraction might even help other architectures that have
other issues with unaligned word accesses than the possible missing next
page.  IOW, this could do the byte order magic too.

Peter Anvin fixed a thinko in the shifting for the exception case.
Reported-and-tested-by: NJana Saout <jana@saout.de>
Cc:  Peter Anvin <hpa@zytor.com>
Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>

warning: passing argument 1 of 'pci_find_capability' discards 'const' qualifier from pointer target type
Signed-off-by: NMatt Turner <mattst88@gmail.com>

Signed-off-by: NJim Faulkner <jfaulkne@ccs.neu.edu>
Signed-off-by: NMatt Turner <mattst88@gmail.com>