Kees Cook writes:
> On Fri, Jul 8, 2016 at 1:41 PM, Kees Cook wrote:
>> So, as found already, the position in the usercopy check needs to be
>> bumped down by red_left_pad, which is what Michael's fix does, so I'll
>> include it in the next version.
-Return type of 'qe_muram_alloc' is 'unsigned long', That Was trying to
assigned in ucc_fast_tx_virtual_fifo_base_offset and
ucc_fast_rx_virtual_fifo_base_offset. It will work on 32-bit architectures
But data can be loss on 64-bit architectures if 'qe_muram_alloc' will
return greater then MAX
On Fri, 2016-07-08 at 19:22 -0700, Laura Abbott wrote:
>
> Even with the SLUB fixup I'm still seeing this blow up on my arm64
> system. This is a
> Fedora rawhide kernel + the patches
>
> [0.666700] usercopy: kernel memory exposure attempt detected from
> fc0008b4dd58 () (8 bytes)
> [
On 07/08/2016 02:44 PM, Arvind Yadav wrote:
I would really suggest to read section 14 of Documentation/SubmittingPatches
and to follow the guidance it provides.
For the subject line: The subsystem/driver is still not listed,
and I am quite sure that this is not v1 of this patch.
It also does
As per you concern, I have submitted one more patch with some changes.
Please review it.
Thanks,
On Friday 08 July 2016 09:03 PM, Guenter Roeck wrote:
On Thu, Jul 07, 2016 at 10:31:11PM +0530, Arvind Yadav wrote:
-Return type of 'qe_muram_alloc' is 'unsigned long', That Was trying to
On 07/07/2016 06:48 PM, Daniel Walker wrote:
> On 07/07/2016 03:37 PM, Scott Wood wrote:
>> On 07/07/2016 05:01 PM, Daniel Walker wrote:
>>> On 07/07/2016 02:59 PM, Scott Wood wrote:
On 07/07/2016 04:49 PM, Daniel Walker wrote:
> On 07/07/2016 02:23 PM, Scott Wood wrote:
>> I suspect
On 07/08/2016 06:19 PM, Tyrel Datwyler wrote:
> PowerVM seems to only ever provide a single hotplug slot per PHB.
> The under lying slot hotplug registration code assumed multiple slots,
> but the actual implementation is broken for multiple slots. This went
> unnoticed for years due to the nature
PowerVM seems to only ever provide a single hotplug slot per PHB.
The under lying slot hotplug registration code assumed multiple slots,
but the actual implementation is broken for multiple slots. This went
unnoticed for years due to the nature of PowerVM as mentioned
previously. Under qemu/kvm
As per your concern, I have changed and submitted one more patch.
This answer of your all questions,
-Return type of 'qe_muram_alloc' is 'unsigned long', That Was trying to
assigned in ucc_fast_tx_virtual_fifo_base_offset and
ucc_fast_rx_virtual_fifo_base_offset. It will work on 32-bit
-Return type of 'qe_muram_alloc' is 'unsigned long', That Was trying to
assigned in ucc_fast_tx_virtual_fifo_base_offset and
ucc_fast_rx_virtual_fifo_base_offset. It will work on 32-bit architectures
But data can be loss on 64-bit architectures if 'qe_muram_alloc' will
return greater then MAX
On Thu, 2016-07-07 at 19:26 -0700, Michael Turquette wrote:
> Quoting Scott Wood (2016-07-06 21:13:23)
> >
> > On Wed, 2016-07-06 at 18:30 -0700, Michael Turquette wrote:
> > >
> > > Quoting Scott Wood (2016-06-15 23:21:25)
> > > >
> > > >
> > > > -static struct device_node
On Fri, Jul 8, 2016 at 1:41 PM, Kees Cook wrote:
> On Fri, Jul 8, 2016 at 12:20 PM, Christoph Lameter wrote:
>> On Fri, 8 Jul 2016, Kees Cook wrote:
>>
>>> Is check_valid_pointer() making sure the pointer is within the usable
>>> size? It seemed like it was
* Linus Torvalds wrote:
> On Fri, Jul 8, 2016 at 1:46 AM, Ingo Molnar wrote:
> >
> > Could you please try to find some syscall workload that does many small user
> > copies and thus excercises this code path aggressively?
>
> Any stat()-heavy
On Fri, Jul 8, 2016 at 12:20 PM, Christoph Lameter wrote:
> On Fri, 8 Jul 2016, Kees Cook wrote:
>
>> Is check_valid_pointer() making sure the pointer is within the usable
>> size? It seemed like it was checking that it was within the slub
>> object (checks against s->size, wants
On Fri, 8 Jul 2016, Kees Cook wrote:
> Is check_valid_pointer() making sure the pointer is within the usable
> size? It seemed like it was checking that it was within the slub
> object (checks against s->size, wants it above base after moving
> pointer to include redzone, etc).
On Fri, Jul 8, 2016 at 1:46 AM, Ingo Molnar wrote:
>
> Could you please try to find some syscall workload that does many small user
> copies and thus excercises this code path aggressively?
Any stat()-heavy path will hit cp_new_stat() very heavily. Think the
usual kind of
On Fri, Jul 8, 2016 at 9:45 AM, Christoph Lameter wrote:
> On Fri, 8 Jul 2016, Michael Ellerman wrote:
>
>> > I wonder if this code should be using size_from_object() instead of
>> > s->size?
BTW, I can't reproduce this on x86 yet...
>>
>> Hmm, not sure. Who's SLUB maintainer?
On Thu, Jul 07, 2016 at 10:31:11PM +0530, Arvind Yadav wrote:
> -Return type of 'qe_muram_alloc' is 'unsigned long', That Was trying to
> assigned in ucc_fast_tx_virtual_fifo_base_offset and
> ucc_fast_rx_virtual_fifo_base_offset. These variable are 'unsigned int'.
> So before assginment need a
Am Donnerstag, 07 Juli 2016, 14:12:45 schrieb Dave Young:
> If so maybe change a bit from your precious mentioned 7 args proposal like
> below?
>
> struct kexec_file_fd {
> enum kexec_file_type;
> int fd;
> }
>
> struct kexec_fdset {
> int nr_fd;
> struct kexec_file_fd
On Wed, 2016-06-07 at 05:18:55 UTC, Michael Ellerman wrote:
> Use "Delta" to refer to the difference between measurements, rather than
> "Error", so scripts that look for "Error" aren't confused into thinking
> there was a failure.
>
> Signed-off-by: Michael Ellerman
On Wed, 2016-29-06 at 11:25:33 UTC, Michael Ellerman wrote:
> Signed-off-by: Michael Ellerman
Applied to powerpc next.
https://git.kernel.org/powerpc/c/fc022fdf41b7f8c48714af154b
cheers
___
Linuxppc-dev mailing list
On Wed, 2016-29-06 at 18:14:22 UTC, "Guilherme G. Piccoli" wrote:
> The domain/PHB field of PCI addresses has its value obtained from a
> global variable, incremented each time a new domain (represented by
> struct pci_controller) is added on the system. The domain addition
> process happens
On Tue, 2016-05-07 at 05:07:54 UTC, Benjamin Herrenschmidt wrote:
> For memory hotplug to work, the MMU code needs to provide the functions
> create_section_mapping() and remove_section_mapping() to respectively
> map and unmap portions of the linear mapping.
>
> At the moment only hash64
On Tue, 2016-05-07 at 05:07:53 UTC, Benjamin Herrenschmidt wrote:
> Signed-off-by: Benjamin Herrenschmidt
Applied to powerpc next, thanks.
https://git.kernel.org/powerpc/c/d468fcafb7a42f4e5a73219692
cheers
___
Linuxppc-dev
On Tue, 2016-05-07 at 05:07:52 UTC, Benjamin Herrenschmidt wrote:
> Signed-off-by: Benjamin Herrenschmidt
Applied to powerpc next, thanks.
https://git.kernel.org/powerpc/c/e93d8e67737e5b1405792d0a5b
cheers
___
Linuxppc-dev
On Fri, 8 Jul 2016, Michael Ellerman wrote:
> > I wonder if this code should be using size_from_object() instead of s->size?
>
> Hmm, not sure. Who's SLUB maintainer? :)
Me.
s->size is the size of the whole object including debugging info etc.
ksize() gives you the actual usable size of an
On Wed, 2016-06-07 at 21:42:30 UTC, jba...@akamai.com wrote:
> The stringify_in_c() macro may not be included. Make the dependency
> explicit.
>
> Cc: Benjamin Herrenschmidt
> Cc: Paul Mackerras
> Cc: Michael Ellerman
> Cc:
Add support for the DMA_ATTR_NO_WARN attribute on powerpc iommu code.
Signed-off-by: Mauricio Faria de Oliveira
---
Changelog:
v3:
- powerpc: none
v2:
- all: address warnings from checkpatch.pl (line wrapping and typos)
arch/powerpc/kernel/iommu.c | 6 --
Use the DMA_ATTR_NO_WARN attribute on dma_map_sg() calls of nvme driver.
Signed-off-by: Mauricio Faria de Oliveira
Reviewed-by: Gabriel Krisman Bertazi
---
Changelog:
v3:
- nvme: use DMA_ATTR_NO_WARN when ret = BLK_MQ_RQ_QUEUE_BUSY (io
Introduce the DMA_ATTR_NO_WARN attribute, and document it.
Signed-off-by: Mauricio Faria de Oliveira
---
Changelog:
v3:
- dma: none.
v2:
- all: address warnings from checkpatch.pl (line wrapping and typos)
Documentation/DMA-attributes.txt | 17
This patchset introduces dma_attr DMA_ATTR_NO_WARN (just like __GFP_NOWARN),
which tells the DMA-mapping subsystem to suppress allocation failure reports.
On some architectures allocation failures are reported with error messages
to the system logs. Although this can help to identify and debug
On 07/08/2016 04:54 AM, Masayoshi Mizuma wrote:
Here, I think the error messages should not be suppressed because
the return value of nvme_map_data() is BLK_MQ_RQ_QUEUE_ERROR, so
the IO returns as -EIO.
Agree; good point. fixed in v3.
Thanks for reviewing.
--
Mauricio Faria de Oliveira
IBM
On Wed, 2016-06-07 at 06:05:54 UTC, Sam bobroff wrote:
> diff --git a/arch/powerpc/kvm/powerpc.c b/arch/powerpc/kvm/powerpc.c
> index 02416fe..06d79bc 100644
> --- a/arch/powerpc/kvm/powerpc.c
> +++ b/arch/powerpc/kvm/powerpc.c
> @@ -588,6 +588,10 @@ int kvm_vm_ioctl_check_extension(struct kvm
Kees Cook writes:
> On Thu, Jul 7, 2016 at 12:35 AM, Michael Ellerman wrote:
>> I gave this a quick spin on powerpc, it blew up immediately :)
>
> Wheee :) This series is rather easy to test: blows up REALLY quickly
> if it's wrong. ;)
Better than
Benjamin Herrenschmidt writes:
> On Thu, 2016-07-07 at 23:21 +1000, Benjamin Herrenschmidt wrote:
>>
>> I think the right fix is that if a restore_sigcontext() has the MSR
>> bits set,
>> it should set the corresponding used_* flag.
>
> Something like this:
>
>
From: Arvind Yadav
> Sent: 07 July 2016 19:38
> -Return type of 'qe_muram_alloc' is 'unsigned long', That Was trying to
> assigned in ucc_fast_tx_virtual_fifo_base_offset and
> ucc_fast_rx_virtual_fifo_base_offset. These variable are 'unsigned int'.
> So before assginment need a proper type
Greg Kurz writes:
> Ping ?
Thanks. It got lost in the flood.
It's in my testing tree and should show up in next soon.
cheers
___
Linuxppc-dev mailing list
Linuxppc-dev@lists.ozlabs.org
https://lists.ozlabs.org/listinfo/linuxppc-dev
On Thursday, July 7, 2016 1:37:43 PM CEST Kees Cook wrote:
> >
> >> + /* Allow kernel bss region (if not marked as Reserved). */
> >> + if (ptr >= (const void *)__bss_start &&
> >> + end <= (const void *)__bss_stop)
> >> + return NULL;
> >
> > accesses to
On Thu, 7 Jul 2016 09:45:08 -0300 Mauricio Faria De Oliveira wrote:
Use the DMA_ATTR_NO_WARN attribute on dma_map_sg() calls of nvme driver.
Signed-off-by: Mauricio Faria de Oliveira
Reviewed-by: Gabriel Krisman Bertazi
---
Changelog:
* Kees Cook wrote:
> - I couldn't detect a measurable performance change with these features
> enabled. Kernel build times were unchanged, hackbench was unchanged,
> etc. I think we could flip this to "on by default" at some point.
Could you please try to find some
Ravi Bangoria writes:
> On Wednesday 06 July 2016 03:38 PM, Michael Ellerman wrote:
>
> I've sent v4 which enables annotate for bctr' instructions.
>
> for 'bctr', it will show down arrow(indicate jump) and 'bctrl' will show
> right arrow(indicate call). But no
If we don't find registers for the PHB or don't know the model
specific invalidation method, use OPAL calls instead.
Signed-off-by: Benjamin Herrenschmidt
---
v2. Missed some new invalidation calls that went upstream since I
wrote the original patch.
Laurent Dufour writes:
> On 07/07/2016 15:21, Benjamin Herrenschmidt wrote:
>> On Thu, 2016-07-07 at 15:12 +0200, Laurent Dufour wrote:
>>> Most of the time this is fine, but in the case a thread which has really
>>> used those registers is catching a signal just after
On 04/07/16 17:12, Andrew Donnellan wrote:
Remove the CXL_KERNEL_API and CXL_EEH Kconfig options, as they were only
needed to coordinate the merging of the cxlflash driver. Also remove the
stub implementation of cxl_perst_reloads_same_image() in cxlflash which is
only used if CXL_EEH isn't
When we know we will reassign all resources, trying (and failing)
to allocate them initially is fairly pointless and leads to a lot
of scary messages in the kernel log
Signed-off-by: Benjamin Herrenschmidt
---
arch/powerpc/kernel/pci-common.c | 6 --
1 file
If the firmware encounters an error (internal or HW) during initialization
of a PHB, it might leave the device-node in the tree but mark it disabled
using the "status" property. We should check it.
Signed-off-by: Benjamin Herrenschmidt
---
M64's are the configurable 64-bit windows that cover the 64-bit MMIO
space. We used to hard code 16 windows. Newer chips might have a
variable number and might need to reserve some as well (for example
on PHB4/POWER9, M32 and M64 are actually unified and we use M64#0
to map the 32-bit space).
So
If we don't find registers for the PHB or don't know the model
specific invalidation method, use OPAL calls instead.
Signed-off-by: Benjamin Herrenschmidt
---
arch/powerpc/platforms/powernv/pci-ioda.c | 33 +++
1 file changed, 29
It's architected, always in a known place, so there is no need
to keep a separate pointer to it, we use the existing "regs",
and we complement it with a real mode variant.
Signed-off-by: Benjamin Herrenschmidt
# Conflicts:
#
We have some obsolete code in pnv_pci_p7ioc_tce_invalidate()
to handle some internal lab tools that have stopped being
useful a long time ago. Remove that along with the definition
and test for the TCE_PCI_SWINV_* flags whose value is basically
always the same.
Signed-off-by: Benjamin
The TCE invalidation functions are fairly implementation specific,
and while the IODA specs more/less describe the register, in practice
various implementation workarounds may be required. So name the
functions after the target PHB.
Note today and for the foreseeable future, there's a 1:1
Replace the old generic opal_call_realmode() with proper per-call
wrappers similar to the normal ones and convert callers.
Signed-off-by: Benjamin Herrenschmidt
---
arch/powerpc/include/asm/opal-api.h| 10 +++-
arch/powerpc/include/asm/opal.h
That was used by some old IBM internal bringup tools and is
no longer relevant.
Signed-off-by: Benjamin Herrenschmidt
---
arch/powerpc/platforms/pseries/iommu.c | 53 +-
1 file changed, 1 insertion(+), 52 deletions(-)
diff --git
We instanciate them as IODA2. We also change the MSI EOI hack
to only kick on PHB3 since it will not be needed on any new
implementation.
Signed-off-by: Benjamin Herrenschmidt
---
arch/powerpc/platforms/powernv/pci-ioda.c | 3 ++-
arch/powerpc/platforms/powernv/pci.c
This adds a new XICS backend that uses OPAL calls, which can be
used when we don't have native support for the platform interrupt
controller.
Signed-off-by: Benjamin Herrenschmidt
---
arch/powerpc/include/asm/xics.h| 8 +-
arch/powerpc/sysdev/xics/Makefile
Calling this function with interrupts soft-disabled will cause
a replay of the external interrupt vector when they are re-enabled.
This will be used by the OPAL XICS backend (and latter by the native
XIVE code) to handle EOI signaling that there are more interrupts to
fetch from the hardware
This will be delivering external interrupts from the XIVE to the
Hypervisor. We treat it as a normal external interrupt for the
lazy irq disable code (so it will be replayed as a 0x500) and
route it to do_IRQ.
Signed-off-by: Benjamin Herrenschmidt
---
OPAL provides an emulated XICS interrupt controller to
use as a fallback on newer processors that don't have a
XICS. It's meant as a way to provide backward compatibility
with future processors. Add the corresponding interfaces.
Signed-off-by: Benjamin Herrenschmidt
---
If hardware supports stop state, use the deepest stop state when
the cpu is offlined.
Reviewed-by: Gautham R. Shenoy
Signed-off-by: Shreyas B. Prabhu
---
- No changes since v1
arch/powerpc/platforms/powernv/idle.c| 15 +--
POWER ISA v3 defines a new idle processor core mechanism. In summary,
a) new instruction named stop is added.
b) new per thread SPR named PSSCR is added which controls the behavior
of stop instruction.
Supported idle states and value to be written to PSSCR register to enter
any idle
- Use stack instead of kzalloc'ed memory for variables while probing
device tree for idle states.
- Set cap for number of idle states that can be added to
cpuidle_state_table
- Minor change in way we check of_property_read_u32_array for error
for sake of consistency
- Drop unnecessary
Use cpuidle's CPUIDLE_STATE_MAX macro instead of powernv specific
MAX_POWERNV_IDLE_STATES.
Cc: Rafael J. Wysocki
Cc: Daniel Lezcano
Cc: linux...@vger.kernel.org
Acked-by: Daniel Lezcano
Signed-off-by: Shreyas B.
POWER ISA v3 defines a new idle processor core mechanism. In summary,
a) new instruction named stop is added. This instruction replaces
instructions like nap, sleep, rvwinkle.
b) new per thread SPR named Processor Stop Status and Control Register
(PSSCR) is added which controls
Create a function for saving SPRs before entering deep idle states.
This function can be reused for POWER9 deep idle states.
Reviewed-by: Gautham R. Shenoy
Signed-off-by: Shreyas B. Prabhu
---
- No changes since v3
Changes in v3:
pnv_powersave_common does common steps needed before entering idle
state and eventually changes MSR to MSR_IDLE and does rfid to
pnv_enter_arch207_idle_mode.
Move the updation of HSTATE_HWTHREAD_STATE to pnv_powersave_common
from pnv_enter_arch207_idle_mode and make it more generic by passing the
Functions like power7_wakeup_loss, power7_wakeup_noloss,
power7_wakeup_tb_loss are used by POWER7 and POWER8 hardware. They can
also be used by POWER9. Hence rename these functions hardware agnostic
names.
Suggested-by: Gautham R. Shenoy
Signed-off-by: Shreyas B. Prabhu
idle_power7.S handles idle entry/exit for POWER7, POWER8 and in next
patch for POWER9. Rename the file to a non-hardware specific
name.
Reviewed-by: Gautham R. Shenoy
Signed-off-by: Shreyas B. Prabhu
---
Changes in v7:
=
- File
In the current code, when the thread wakes up in reset vector, some
of the state restore code and check for whether a thread needs to
branch to kvm is duplicated. Reorder the code such that this
duplication is avoided.
At a higher level this is what the change looks like-
Before this patch -
Signed-off-by: Shreyas B. Prabhu
---
-No changes since v4
Changes in v4
=
- New in v4
arch/powerpc/kernel/idle_power7.S | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/arch/powerpc/kernel/idle_power7.S
POWER ISA v3 defines a new idle processor core mechanism. In summary,
a) new instruction named stop is added. This instruction replaces
instructions like nap, sleep, rvwinkle.
b) new per thread SPR named PSSCR is added which controls the behavior
of stop instruction.
70 matches
Mail list logo