1. 25 1月, 2017 1 次提交
    • D
      x86/boot: Fix KASLR and memmap= collision · f2844249
      Dave Jiang 提交于
      CONFIG_RANDOMIZE_BASE=y relocates the kernel to a random base address.
      
      However it does not take into account the memmap= parameter passed in from
      the kernel command line. This results in the kernel sometimes being put in
      the middle of memmap.
      
      Teach KASLR to not insert the kernel in memmap defined regions. We support
      up to 4 memmap regions: any additional regions will cause KASLR to disable.
      
      The mem_avoid set has been augmented to add up to 4 unusable regions of
      memmaps provided by the user to exclude those regions from the set of valid
      address range to insert the uncompressed kernel image.
      
      The nn@ss ranges will be skipped by the mem_avoid set since it indicates
      that memory is useable.
      Signed-off-by: NDave Jiang <dave.jiang@intel.com>
      Reviewed-by: NThomas Gleixner <tglx@linutronix.de>
      Acked-by: NKees Cook <keescook@chromium.org>
      Acked-by: NBaoquan He <bhe@redhat.com>
      Cc: Andy Lutomirski <luto@kernel.org>
      Cc: Borislav Petkov <bp@alien8.de>
      Cc: Brian Gerst <brgerst@gmail.com>
      Cc: Denys Vlasenko <dvlasenk@redhat.com>
      Cc: H. Peter Anvin <hpa@zytor.com>
      Cc: Josh Poimboeuf <jpoimboe@redhat.com>
      Cc: Linus Torvalds <torvalds@linux-foundation.org>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: dan.j.williams@intel.com
      Cc: david@fromorbit.com
      Cc: linux-nvdimm@lists.01.org
      Link: http://lkml.kernel.org/r/148417664156.131935.2248592164852799738.stgit@djiang5-desk3.ch.intel.comSigned-off-by: NIngo Molnar <mingo@kernel.org>
      f2844249
  2. 12 1月, 2017 1 次提交
    • A
      x86/e820/32: Fix e820_search_gap() error handling on x86-32 · c19a5f35
      Arnd Bergmann 提交于
      GCC correctly points out that on 32-bit kernels, e820_search_gap()
      not finding a start now leads to pci_mem_start ('gapstart') being set to an
      uninitialized value:
      
        arch/x86/kernel/e820.c: In function 'e820_setup_gap':
        arch/x86/kernel/e820.c:641:16: error: 'gapstart' may be used uninitialized in this function [-Werror=maybe-uninitialized]
      
      This restores the behavior from before this cleanup:
      
        b4ed1d15 ("x86/e820: Make e820_search_gap() static and remove unused variables")
      
      ... defaulting to address 0x10000000 if nothing was found.
      Signed-off-by: NArnd Bergmann <arnd@arndb.de>
      Cc: Dan Williams <dan.j.williams@intel.com>
      Cc: Denys Vlasenko <dvlasenk@redhat.com>
      Cc: Linus Torvalds <torvalds@linux-foundation.org>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: Thomas Gleixner <tglx@linutronix.de>
      Cc: Toshi Kani <toshi.kani@hpe.com>
      Cc: Wei Yang <richard.weiyang@gmail.com>
      Fixes: b4ed1d15 ("x86/e820: Make e820_search_gap() static and remove unused variables")
      Link: http://lkml.kernel.org/r/20170111144926.695369-1-arnd@arndb.deSigned-off-by: NIngo Molnar <mingo@kernel.org>
      c19a5f35
  3. 06 1月, 2017 1 次提交
  4. 28 12月, 2016 8 次提交
  5. 27 12月, 2016 5 次提交
    • T
      x86/mce/AMD: Make the init code more robust · 0dad3a30
      Thomas Gleixner 提交于
      If mce_device_init() fails then the mce device pointer is NULL and the
      AMD mce code happily dereferences it.
      
      Add a sanity check.
      Reported-by: NMarkus Trippelsdorf <markus@trippelsdorf.de>
      Reported-by: NBoris Ostrovsky <boris.ostrovsky@oracle.com>
      Signed-off-by: NThomas Gleixner <tglx@linutronix.de>
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      0dad3a30
    • T
      smp/hotplug: Undo tglxs brainfart · b9d9d691
      Thomas Gleixner 提交于
      The attempt to prevent overwriting an active state resulted in a
      disaster which effectively disables all dynamically allocated hotplug
      states.
      
      Cleanup the mess.
      
      Fixes: dc280d93 ("cpu/hotplug: Prevent overwriting of callbacks")
      Reported-by: NMarkus Trippelsdorf <markus@trippelsdorf.de>
      Reported-by: NBoris Ostrovsky <boris.ostrovsky@oracle.com>
      Signed-off-by: NThomas Gleixner <tglx@linutronix.de>
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      b9d9d691
    • A
      arm64: don't pull uaccess.h into *.S · b4b8664d
      Al Viro 提交于
      Split asm-only parts of arm64 uaccess.h into a new header and use that
      from *.S.
      Signed-off-by: NAl Viro <viro@zeniv.linux.org.uk>
      b4b8664d
    • F
      net: korina: Fix NAPI versus resources freeing · e6afb1ad
      Florian Fainelli 提交于
      Commit beb0babf ("korina: disable napi on close and restart")
      introduced calls to napi_disable() that were missing before,
      unfortunately this leaves a small window during which NAPI has a chance
      to run, yet we just freed resources since korina_free_ring() has been
      called:
      
      Fix this by disabling NAPI first then freeing resource, and make sure
      that we also cancel the restart task before doing the resource freeing.
      
      Fixes: beb0babf ("korina: disable napi on close and restart")
      Reported-by: NAlexandros C. Couloumbis <alex@ozo.com>
      Signed-off-by: NFlorian Fainelli <f.fainelli@gmail.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      e6afb1ad
    • D
      net, sched: fix soft lockup in tc_classify · 628185cf
      Daniel Borkmann 提交于
      Shahar reported a soft lockup in tc_classify(), where we run into an
      endless loop when walking the classifier chain due to tp->next == tp
      which is a state we should never run into. The issue only seems to
      trigger under load in the tc control path.
      
      What happens is that in tc_ctl_tfilter(), thread A allocates a new
      tp, initializes it, sets tp_created to 1, and calls into tp->ops->change()
      with it. In that classifier callback we had to unlock/lock the rtnl
      mutex and returned with -EAGAIN. One reason why we need to drop there
      is, for example, that we need to request an action module to be loaded.
      
      This happens via tcf_exts_validate() -> tcf_action_init/_1() meaning
      after we loaded and found the requested action, we need to redo the
      whole request so we don't race against others. While we had to unlock
      rtnl in that time, thread B's request was processed next on that CPU.
      Thread B added a new tp instance successfully to the classifier chain.
      When thread A returned grabbing the rtnl mutex again, propagating -EAGAIN
      and destroying its tp instance which never got linked, we goto replay
      and redo A's request.
      
      This time when walking the classifier chain in tc_ctl_tfilter() for
      checking for existing tp instances we had a priority match and found
      the tp instance that was created and linked by thread B. Now calling
      again into tp->ops->change() with that tp was successful and returned
      without error.
      
      tp_created was never cleared in the second round, thus kernel thinks
      that we need to link it into the classifier chain (once again). tp and
      *back point to the same object due to the match we had earlier on. Thus
      for thread B's already public tp, we reset tp->next to tp itself and
      link it into the chain, which eventually causes the mentioned endless
      loop in tc_classify() once a packet hits the data path.
      
      Fix is to clear tp_created at the beginning of each request, also when
      we replay it. On the paths that can cause -EAGAIN we already destroy
      the original tp instance we had and on replay we really need to start
      from scratch. It seems that this issue was first introduced in commit
      12186be7 ("net_cls: fix unconfigured struct tcf_proto keeps chaining
      and avoid kernel panic when we use cls_cgroup").
      
      Fixes: 12186be7 ("net_cls: fix unconfigured struct tcf_proto keeps chaining and avoid kernel panic when we use cls_cgroup")
      Reported-by: NShahar Klein <shahark@mellanox.com>
      Signed-off-by: NDaniel Borkmann <daniel@iogearbox.net>
      Cc: Cong Wang <xiyou.wangcong@gmail.com>
      Acked-by: NEric Dumazet <edumazet@google.com>
      Tested-by: NShahar Klein <shahark@mellanox.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      628185cf
  6. 26 12月, 2016 11 次提交
    • L
      Linux 4.10-rc1 · 7ce7d89f
      Linus Torvalds 提交于
      7ce7d89f
    • L
      powerpc: Fix build warning on 32-bit PPC · 8ae679c4
      Larry Finger 提交于
      I am getting the following warning when I build kernel 4.9-git on my
      PowerBook G4 with a 32-bit PPC processor:
      
          AS      arch/powerpc/kernel/misc_32.o
        arch/powerpc/kernel/misc_32.S:299:7: warning: "CONFIG_FSL_BOOKE" is not defined [-Wundef]
      
      This problem is evident after commit 989cea5c ("kbuild: prevent
      lib-ksyms.o rebuilds"); however, this change in kbuild only exposes an
      error that has been in the code since 2005 when this source file was
      created.  That was with commit 9994a338 ("powerpc: Introduce
      entry_{32,64}.S, misc_{32,64}.S, systbl.S").
      
      The offending line does not make a lot of sense.  This error does not
      seem to cause any errors in the executable, thus I am not recommending
      that it be applied to any stable versions.
      
      Thanks to Nicholas Piggin for suggesting this solution.
      
      Fixes: 9994a338 ("powerpc: Introduce entry_{32,64}.S, misc_{32,64}.S, systbl.S")
      Signed-off-by: NLarry Finger <Larry.Finger@lwfinger.net>
      Cc: Nicholas Piggin <npiggin@gmail.com>
      Cc: Benjamin Herrenschmidt <benh@kernel.crashing.org>
      Cc: Paul Mackerras <paulus@samba.org>
      Cc: Michael Ellerman <mpe@ellerman.id.au>
      Cc: linuxppc-dev@lists.ozlabs.org
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      8ae679c4
    • L
      avoid spurious "may be used uninitialized" warning · d33d5a6c
      Linus Torvalds 提交于
      The timer type simplifications caused a new gcc warning:
      
        drivers/base/power/domain.c: In function ‘genpd_runtime_suspend’:
        drivers/base/power/domain.c:562:14: warning: ‘time_start’ may be used uninitialized in this function [-Wmaybe-uninitialized]
           elapsed_ns = ktime_to_ns(ktime_sub(ktime_get(), time_start));
      
      despite the actual use of "time_start" not having changed in any way.
      It appears that simply changing the type of ktime_t from a union to a
      plain scalar type made gcc check the use.
      
      The variable wasn't actually used uninitialized, but gcc apparently
      failed to notice that the conditional around the use was exactly the
      same as the conditional around the initialization of that variable.
      
      Add an unnecessary initialization just to shut up the compiler.
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      d33d5a6c
    • L
      Merge branch 'timers-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip · 3ddc76df
      Linus Torvalds 提交于
      Pull timer type cleanups from Thomas Gleixner:
       "This series does a tree wide cleanup of types related to
        timers/timekeeping.
      
         - Get rid of cycles_t and use a plain u64. The type is not really
           helpful and caused more confusion than clarity
      
         - Get rid of the ktime union. The union has become useless as we use
           the scalar nanoseconds storage unconditionally now. The 32bit
           timespec alike storage got removed due to the Y2038 limitations
           some time ago.
      
           That leaves the odd union access around for no reason. Clean it up.
      
        Both changes have been done with coccinelle and a small amount of
        manual mopping up"
      
      * 'timers-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
        ktime: Get rid of ktime_equal()
        ktime: Cleanup ktime_set() usage
        ktime: Get rid of the union
        clocksource: Use a plain u64 instead of cycle_t
      3ddc76df
    • L
      Merge branch 'smp-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip · b272f732
      Linus Torvalds 提交于
      Pull SMP hotplug notifier removal from Thomas Gleixner:
       "This is the final cleanup of the hotplug notifier infrastructure. The
        series has been reintgrated in the last two days because there came a
        new driver using the old infrastructure via the SCSI tree.
      
        Summary:
      
         - convert the last leftover drivers utilizing notifiers
      
         - fixup for a completely broken hotplug user
      
         - prevent setup of already used states
      
         - removal of the notifiers
      
         - treewide cleanup of hotplug state names
      
         - consolidation of state space
      
        There is a sphinx based documentation pending, but that needs review
        from the documentation folks"
      
      * 'smp-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
        irqchip/armada-xp: Consolidate hotplug state space
        irqchip/gic: Consolidate hotplug state space
        coresight/etm3/4x: Consolidate hotplug state space
        cpu/hotplug: Cleanup state names
        cpu/hotplug: Remove obsolete cpu hotplug register/unregister functions
        staging/lustre/libcfs: Convert to hotplug state machine
        scsi/bnx2i: Convert to hotplug state machine
        scsi/bnx2fc: Convert to hotplug state machine
        cpu/hotplug: Prevent overwriting of callbacks
        x86/msr: Remove bogus cleanup from the error path
        bus: arm-ccn: Prevent hotplug callback leak
        perf/x86/intel/cstate: Prevent hotplug callback leak
        ARM/imx/mmcd: Fix broken cpu hotplug handling
        scsi: qedi: Convert to hotplug state machine
      b272f732
    • L
      Merge branch 'turbostat' of git://git.kernel.org/pub/scm/linux/kernel/git/lenb/linux · 10bbe759
      Linus Torvalds 提交于
      Pull turbostat updates from Len Brown.
      
      * 'turbostat' of git://git.kernel.org/pub/scm/linux/kernel/git/lenb/linux:
        tools/power turbostat: remove obsolete -M, -m, -C, -c options
        tools/power turbostat: Make extensible via the --add parameter
        tools/power turbostat: Denverton uses a 25 MHz crystal, not 19.2 MHz
        tools/power turbostat: line up headers when -M is used
        tools/power turbostat: fix SKX PKG_CSTATE_LIMIT decoding
        tools/power turbostat: Support Knights Mill (KNM)
        tools/power turbostat: Display HWP OOB status
        tools/power turbostat: fix Denverton BCLK
        tools/power turbostat: use intel-family.h model strings
        tools/power/turbostat: Add Denverton RAPL support
        tools/power/turbostat: Add Denverton support
        tools/power/turbostat: split core MSR support into status + limit
        tools/power turbostat: fix error case overflow read of slm_freq_table[]
        tools/power turbostat: Allocate correct amount of fd and irq entries
        tools/power turbostat: switch to tab delimited output
        tools/power turbostat: Gracefully handle ACPI S3
        tools/power turbostat: tidy up output on Joule counter overflow
      10bbe759
    • N
      mm: add PageWaiters indicating tasks are waiting for a page bit · 62906027
      Nicholas Piggin 提交于
      Add a new page flag, PageWaiters, to indicate the page waitqueue has
      tasks waiting. This can be tested rather than testing waitqueue_active
      which requires another cacheline load.
      
      This bit is always set when the page has tasks on page_waitqueue(page),
      and is set and cleared under the waitqueue lock. It may be set when
      there are no tasks on the waitqueue, which will cause a harmless extra
      wakeup check that will clears the bit.
      
      The generic bit-waitqueue infrastructure is no longer used for pages.
      Instead, waitqueues are used directly with a custom key type. The
      generic code was not flexible enough to have PageWaiters manipulation
      under the waitqueue lock (which simplifies concurrency).
      
      This improves the performance of page lock intensive microbenchmarks by
      2-3%.
      
      Putting two bits in the same word opens the opportunity to remove the
      memory barrier between clearing the lock bit and testing the waiters
      bit, after some work on the arch primitives (e.g., ensuring memory
      operand widths match and cover both bits).
      Signed-off-by: NNicholas Piggin <npiggin@gmail.com>
      Cc: Dave Hansen <dave.hansen@linux.intel.com>
      Cc: Bob Peterson <rpeterso@redhat.com>
      Cc: Steven Whitehouse <swhiteho@redhat.com>
      Cc: Andrew Lutomirski <luto@kernel.org>
      Cc: Andreas Gruenbacher <agruenba@redhat.com>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: Mel Gorman <mgorman@techsingularity.net>
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      62906027
    • N
      mm: Use owner_priv bit for PageSwapCache, valid when PageSwapBacked · 6326fec1
      Nicholas Piggin 提交于
      A page is not added to the swap cache without being swap backed,
      so PageSwapBacked mappings can use PG_owner_priv_1 for PageSwapCache.
      Signed-off-by: NNicholas Piggin <npiggin@gmail.com>
      Acked-by: NHugh Dickins <hughd@google.com>
      Cc: Dave Hansen <dave.hansen@linux.intel.com>
      Cc: Bob Peterson <rpeterso@redhat.com>
      Cc: Steven Whitehouse <swhiteho@redhat.com>
      Cc: Andrew Lutomirski <luto@kernel.org>
      Cc: Andreas Gruenbacher <agruenba@redhat.com>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: Mel Gorman <mgorman@techsingularity.net>
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      6326fec1
    • T
      ktime: Get rid of ktime_equal() · 1f3a8e49
      Thomas Gleixner 提交于
      No point in going through loops and hoops instead of just comparing the
      values.
      Signed-off-by: NThomas Gleixner <tglx@linutronix.de>
      Cc: Peter Zijlstra <peterz@infradead.org>
      1f3a8e49
    • T
      ktime: Cleanup ktime_set() usage · 8b0e1953
      Thomas Gleixner 提交于
      ktime_set(S,N) was required for the timespec storage type and is still
      useful for situations where a Seconds and Nanoseconds part of a time value
      needs to be converted. For anything where the Seconds argument is 0, this
      is pointless and can be replaced with a simple assignment.
      Signed-off-by: NThomas Gleixner <tglx@linutronix.de>
      Cc: Peter Zijlstra <peterz@infradead.org>
      8b0e1953
    • T
      ktime: Get rid of the union · 2456e855
      Thomas Gleixner 提交于
      ktime is a union because the initial implementation stored the time in
      scalar nanoseconds on 64 bit machine and in a endianess optimized timespec
      variant for 32bit machines. The Y2038 cleanup removed the timespec variant
      and switched everything to scalar nanoseconds. The union remained, but
      become completely pointless.
      
      Get rid of the union and just keep ktime_t as simple typedef of type s64.
      
      The conversion was done with coccinelle and some manual mopping up.
      Signed-off-by: NThomas Gleixner <tglx@linutronix.de>
      Cc: Peter Zijlstra <peterz@infradead.org>
      2456e855
  7. 25 12月, 2016 13 次提交