When live patching with STRICT_KERNEL_RWX, the CPU doing the patching
must temporarily remap the page(s) containing the patch site with +W
permissions. While this temporary mapping is in use another CPU could
write to the same mapping and maliciously alter kernel text. Implement a
LKDTM test to att
On 08/26/2020 02:58 PM, Michael Ellerman wrote:
Christophe Leroy writes:
diff --git a/arch/powerpc/kernel/vdso.c b/arch/powerpc/kernel/vdso.c
index daef14a284a3..bbb69832fd46 100644
--- a/arch/powerpc/kernel/vdso.c
+++ b/arch/powerpc/kernel/vdso.c
@@ -718,16 +710,14 @@ static int __init vdso
Hello guys. Do you have further comments on this version?
Thanks,
Pingfan
On Mon, Aug 10, 2020 at 4:53 PM Pingfan Liu wrote:
>
> A bug is observed on pseries by taking the following steps on rhel:
> -1. drmgr -c mem -r -q 5
> -2. echo c > /proc/sysrq-trigger
>
> And then, the failure looks like:
When compiled with CONFIG_STRICT_KERNEL_RWX, the kernel must create
temporary mappings when patching itself. These mappings temporarily
override the strict RWX text protections to permit a write. Currently,
powerpc allocates a per-CPU VM area for patching. Patching occurs as
follows:
1. Ma
Jordan Niethe writes:
> Update the CPU to ISA Version Mapping document to include Power10 and
> ISA v3.1.
>
> Signed-off-by: Jordan Niethe
> ---
> v2: Transactional Memory = No
> ---
> Documentation/powerpc/isa-versions.rst | 4
> 1 file changed, 4 insertions(+)
>
> diff --git a/Documentati
When live patching a STRICT_RWX kernel, a mapping is installed at a
"patching address" with temporary write permissions. Provide a
LKDTM-only accessor function for this address in preparation for a LKDTM
test which attempts to "hijack" this mapping by writing to it from
another CPU.
Signed-off-by:
Pratik Sampat writes:
> On 26/08/20 2:07 pm, Christophe Leroy wrote:
>> Le 26/08/2020 à 10:29, Pratik Rajesh Sampat a écrit :
>>> Cpuidle stop state implementation has minor optimizations for P10
>>> where hardware preserves more SPR registers compared to P9.
>>> The current P9 driver works for P1
Currently, code patching a STRICT_KERNEL_RWX exposes the temporary
mappings to other CPUs. These mappings should be kept local to the CPU
doing the patching. Use the pre-initialized temporary mm and patching
address for this purpose. Also add a check after patching to ensure the
patch succeeded.
T
When live patching a STRICT_RWX kernel, a mapping is installed at a
"patching address" with temporary write permissions. Provide a
LKDTM-only accessor function for this address in preparation for a LKDTM
test which attempts to "hijack" this mapping by writing to it from
another CPU.
Signed-off-by:
On Thu, Aug 27, 2020 at 2:49 PM Christophe Leroy
wrote:
>
>
>
> Le 27/08/2020 à 06:05, Jordan Niethe a écrit :
> > Update the CPU to ISA Version Mapping document to include Power10 and
> > ISA v3.1.
>
> Maybe Documentation/powerpc/cpu_families.rst should be updated as well.
Good idea it still need
Le 27/08/2020 à 06:09, Aneesh Kumar K.V a écrit :
This is in preparate to adding support for kuap with hash translation.
In preparation for that rename/move kuap related functions to
non radix names. Also move the feature bit closer to MMU_FTR_KUEP.
Signed-off-by: Aneesh Kumar K.V
---
arch
Le 27/08/2020 à 06:05, Jordan Niethe a écrit :
Update the CPU to ISA Version Mapping document to include Power10 and
ISA v3.1.
Maybe Documentation/powerpc/cpu_families.rst should be updated as well.
Christophe
Signed-off-by: Jordan Niethe
---
v2: Transactional Memory = No
---
Docume
If FTR_KUAP is disabled kernel will continue to run with the same AMR
value with which it was entered. Hence there is a high chance that
we can return without restoring the AMR value. This also helps the case
when applications are not using the pkey feature. In this case, different
applications wil
Make KUAP/KUEP key a variable and also check whether the platform
limit the max key such that we can't use the key for KUAP/KEUP.
Signed-off-by: Aneesh Kumar K.V
---
.../powerpc/include/asm/book3s/64/hash-pkey.h | 22 +---
arch/powerpc/include/asm/book3s/64/pkeys.h| 1 +
arch/powerpc/mm
Signed-off-by: Aneesh Kumar K.V
---
arch/powerpc/mm/book3s64/pkeys.c | 7 ++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/arch/powerpc/mm/book3s64/pkeys.c b/arch/powerpc/mm/book3s64/pkeys.c
index 16ea0b2f0ea5..b862d5cd78ff 100644
--- a/arch/powerpc/mm/book3s64/pkeys.c
+++ b/a
Signed-off-by: Aneesh Kumar K.V
---
arch/powerpc/mm/book3s64/pkeys.c | 7 ++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/arch/powerpc/mm/book3s64/pkeys.c b/arch/powerpc/mm/book3s64/pkeys.c
index 391230f93da2..16ea0b2f0ea5 100644
--- a/arch/powerpc/mm/book3s64/pkeys.c
+++ b/a
Radix use IAMR Key 0 and hash translation use IAMR key 3.
Signed-off-by: Aneesh Kumar K.V
---
arch/powerpc/include/asm/book3s/64/kup.h | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/arch/powerpc/include/asm/book3s/64/kup.h
b/arch/powerpc/include/asm/book3s/64/kup.h
index f3
Radix use AMR Key 0 and hash translation use AMR key 3.
Signed-off-by: Aneesh Kumar K.V
---
arch/powerpc/include/asm/book3s/64/kup.h | 9 -
1 file changed, 4 insertions(+), 5 deletions(-)
diff --git a/arch/powerpc/include/asm/book3s/64/kup.h
b/arch/powerpc/include/asm/book3s/64/kup.h
i
If an application has configured address protection such that read/write is
denied using pkey even the kernel should receive a FAULT on accessing the same.
This patch use user AMR value stored in pt_regs.kuap to achieve the same.
Signed-off-by: Aneesh Kumar K.V
---
arch/powerpc/include/asm/book
With hash translation use DSISR_KEYFAULT to identify a wrong access.
With Radix we look at the AMR value and type of fault.
Signed-off-by: Aneesh Kumar K.V
---
arch/powerpc/include/asm/book3s/32/kup.h | 4 +--
arch/powerpc/include/asm/book3s/64/kup.h | 27
arch/powe
Now that kernel correctly store/restore userspace AMR/IAMR values, avoid
manipulating AMR and IAMR from the kernel on behalf of userspace.
Signed-off-by: Aneesh Kumar K.V
---
arch/powerpc/include/asm/book3s/64/kup.h | 18
arch/powerpc/include/asm/processor.h | 4 --
arch/powerpc/ke
We will remove thread.amr/iamr/uamor in a later patch
Signed-off-by: Aneesh Kumar K.V
---
arch/powerpc/kernel/ptrace/ptrace-view.c | 7 ---
1 file changed, 4 insertions(+), 3 deletions(-)
diff --git a/arch/powerpc/kernel/ptrace/ptrace-view.c
b/arch/powerpc/kernel/ptrace/ptrace-view.c
index
On fork, we inherit from the parent and on exec, we should switch to
default_amr values.
Also, avoid changing the AMR register value within the kernel. The kernel now
runs with
different AMR values.
Signed-off-by: Aneesh Kumar K.V
---
arch/powerpc/include/asm/book3s/64/pkeys.h | 2 ++
arch/p
Child thread.kuap value is inherited from the parent in copy_thread_tls. We
still
need to make sure when the child returns from a fork in the kernel we start
with the kernel
default AMR value.
Signed-off-by: Aneesh Kumar K.V
---
arch/powerpc/kernel/process.c | 9 +
1 file changed, 9 in
This prepare kernel to operate with a different value than userspace AMR/IAMR.
For this, AMR/IAMR need to be saved and restored on entry and return from the
kernel.
With KUAP we modify kernel AMR when accessing user address from the kernel
via copy_to/from_user interfaces. We don't need to modify
In later patches during exec, we would like to access default regs.kuap to
control access to the user mapping. Having thread.regs set early makes the
code changes simpler.
Signed-off-by: Aneesh Kumar K.V
---
arch/powerpc/include/asm/thread_info.h | 2 --
arch/powerpc/kernel/process.c |
This is in preparate to adding support for kuap with hash translation.
In preparation for that rename/move kuap related functions to
non radix names. Also move the feature bit closer to MMU_FTR_KUEP.
Signed-off-by: Aneesh Kumar K.V
---
arch/powerpc/include/asm/book3s/64/kup.h | 18 +-
This patch updates kernel hash page table entries to use storage key 3
for its mapping. This implies all kernel access will now use key 3 to
control READ/WRITE. The patch also prevents the allocation of key 3 from
userspace and UAMOR value is updated such that userspace cannot modify key 3.
Signed
The next set of patches adds support for kuep with hash translation.
In preparation for that rename/move kuap related functions to
non radix names.
Also set MMU_FTR_KUEP and add the missing isync().
Signed-off-by: Aneesh Kumar K.V
---
arch/powerpc/include/asm/book3s/64/kup.h | 1 +
arch/powerp
Use CONFIG_PPC_BOOK3S_64 instead of CONFIG_PPC64. This avoid wrong inclusion
with other 64bit platforms. To fix booke 64 build error add macro
kuap_check_amr.
Signed-off-by: Aneesh Kumar K.V
---
arch/powerpc/include/asm/kup.h | 8
1 file changed, 8 insertions(+)
diff --git a/arch/powe
The next set of patches adds support for kuap with hash translation.
In preparation for that rename/move kuap related functions to
non radix names.
Signed-off-by: Aneesh Kumar K.V
---
.../asm/book3s/64/{kup-radix.h => kup.h} | 6 ++---
arch/powerpc/include/asm/kup.h| 2 +-
This patch consolidates UAMOR update across pkey, kuap and kuep features.
The boot cpu initialize UAMOR via pkey init and both radix/hash do the
secondary cpu UAMOR init in early_init_mmu_secondary.
We don't check for mmu_feature in radix secondary init because UAMOR
is a supported SPRN with all C
The next set of patches adds support for kuap with hash translation.
Hence make KUAP a BOOK3S_64 feature. Also make it a subfeature of
PPC_MEM_KEYS. Hash translation is going to use pkeys to support
KUAP/KUEP. Adding this dependency reduces the code complexity and
enables us to move some of the ini
With power7 and above we expect the cpu to support keys. The
number of keys are firmware controlled based on device tree.
PR KVM do not expose key details via device tree. Hence when running with PR KVM
we do run with MMU_FTR_KEY support disabled. But we can still
get updates on UAMOR. Hence ignore
This will be used by the following patches
Signed-off-by: Aneesh Kumar K.V
---
arch/powerpc/include/asm/feature-fixups.h | 3 +++
1 file changed, 3 insertions(+)
diff --git a/arch/powerpc/include/asm/feature-fixups.h
b/arch/powerpc/include/asm/feature-fixups.h
index b0af97add751..122c22161268
This patch series implements KUAP and KUEP with hash translation mode using
memory keys. The kernel now uses memory protection key 3 to control access
to the kernel. Kernel page table entries are now configured with key 3.
Access to locations configured with any other key value is denied when in
ke
Update the CPU to ISA Version Mapping document to include Power10 and
ISA v3.1.
Signed-off-by: Jordan Niethe
---
v2: Transactional Memory = No
---
Documentation/powerpc/isa-versions.rst | 4
1 file changed, 4 insertions(+)
diff --git a/Documentation/powerpc/isa-versions.rst
b/Documentatio
ISA v3.1 removes transactional memory and hence it should not be present
in cpu_features or cpu_user_features2. Remove CPU_FTR_TM_COMP from
CPU_FTRS_POWER10. Remove PPC_FEATURE2_HTM_COMP and
PPC_FEATURE2_HTM_NOSC_COMP from COMMON_USER2_POWER10.
Fixes: a3ea40d5c736 ("powerpc: Add POWER10 architecte
Hi Mark
在 2020/8/27 0:53, Mark Brown 写道:
On Wed, Aug 26, 2020 at 11:09:18PM +0800, Tang Bin wrote:
The function fsl_spdif_probe() is only called with an openfirmware
platform device. Therefore there is no need to check that the passed
in device is NULL.
Why is this an issue - the check will ma
Hi Ravi,
Thank you for the patch! Yet something to improve:
[auto build test ERROR on powerpc/next]
[also build test ERROR on v5.9-rc2 next-20200826]
[If your patch is applied to the wrong git tree, kindly drop us a note.
And when submitting patch, we suggest to use '--base' as doc
Hello Christophe,
Il giorno mer, 26/08/2020 alle 15.53 +0200, Christophe Leroy ha
scritto:
[...]
> If there is no warning, then the issue is something else, bad luck.
>
> Could you increase the loglevel and try again both with and without
> VMAP_STACK ? Maybe we'll get more information on where
(adding Nicholas)
On 26/08/20 6:38 pm, Heiner Kallweit wrote:
> On 26.08.2020 08:07, Chris Packham wrote:
>> On 26/08/20 1:48 pm, Chris Packham wrote:
>>> On 26/08/20 10:22 am, Chris Packham wrote:
On 25/08/20 7:22 pm, Heiner Kallweit wrote:
> I've been staring at spi-fsl-espi.
Hello Giuseppe,
Le 24/08/2020 à 22:48, Giuseppe Sacco a écrit :
Hello Christophe,
Il giorno lun, 24/08/2020 alle 07.17 +0200, Christophe Leroy ha
scritto:
Hello Giuseppe,
[...]
The Oopses in the video are fixed in 5.9-rc2, see my response to your
other mail.
Right, I just updated from git
On Wed, Aug 26, 2020 at 11:09:18PM +0800, Tang Bin wrote:
> The function fsl_spdif_probe() is only called with an openfirmware
> platform device. Therefore there is no need to check that the passed
> in device is NULL.
Why is this an issue - the check will make things more robust if someone
manage
Le 26/08/2020 à 16:58, Michael Ellerman a écrit :
Christophe Leroy writes:
diff --git a/arch/powerpc/kernel/vdso.c b/arch/powerpc/kernel/vdso.c
index daef14a284a3..bbb69832fd46 100644
--- a/arch/powerpc/kernel/vdso.c
+++ b/arch/powerpc/kernel/vdso.c
@@ -718,16 +710,14 @@ static int __init vd
The function fsl_spdif_probe() is only called with an openfirmware
platform device. Therefore there is no need to check that the passed
in device is NULL.
Signed-off-by: Zhang Shengju
Signed-off-by: Tang Bin
---
sound/soc/fsl/fsl_spdif.c | 3 ---
1 file changed, 3 deletions(-)
diff --git a/sou
Christophe Leroy writes:
> diff --git a/arch/powerpc/kernel/vdso.c b/arch/powerpc/kernel/vdso.c
> index daef14a284a3..bbb69832fd46 100644
> --- a/arch/powerpc/kernel/vdso.c
> +++ b/arch/powerpc/kernel/vdso.c
> @@ -718,16 +710,14 @@ static int __init vdso_init(void)
...
>
> -
> -#ifdef CONFIG_VDS
Cc: Michael Ellerman
Cc: Benjamin Herrenschmidt
Cc: Paul Mackerras
Cc: linuxppc-dev@lists.ozlabs.org
Signed-off-by: Nicholas Piggin
---
arch/powerpc/include/asm/mmu_context.h | 22 +++---
1 file changed, 7 insertions(+), 15 deletions(-)
diff --git a/arch/powerpc/include/asm/mm
https://bugzilla.kernel.org/show_bug.cgi?id=208957
Michael Ellerman (mich...@ellerman.id.au) changed:
What|Removed |Added
Status|RESOLVED|CLOSED
--
Yo
https://bugzilla.kernel.org/show_bug.cgi?id=208957
Michael Ellerman (mich...@ellerman.id.au) changed:
What|Removed |Added
CC||mich...@ellerm
Christophe Leroy writes:
> Le 04/08/2020 à 13:17, Christophe Leroy a écrit :
>> On 07/16/2020 02:59 AM, Michael Ellerman wrote:
>>> Christophe Leroy writes:
The VDSO datapage and the text pages are always located immediately
next to each other, so it can be hardcoded without an indirect
Hi
[This is an automated email]
This commit has been processed because it contains a -stable tag.
The stable tag indicates that it's relevant for the following trees: all
The bot has tested the following trees: v5.8.2, v5.7.16, v5.4.59, v4.19.140,
v4.14.193, v4.9.232, v4.4.232.
v5.8.2: Build O
Hi
[This is an automated email]
This commit has been processed because it contains a "Fixes:" tag
fixing commit: 79872e35469b ("powerpc/pseries: All events of
EPOW_SYSTEM_SHUTDOWN must initiate shutdown").
The bot has tested the following trees: v5.8.2, v5.7.16, v5.4.59, v4.19.140,
v4.14.193,
Hi
[This is an automated email]
This commit has been processed because it contains a -stable tag.
The stable tag indicates that it's relevant for the following trees: all
The bot has tested the following trees: v5.8.2, v5.7.16, v5.4.59, v4.19.140,
v4.14.193, v4.9.232, v4.4.232.
v5.8.2: Build O
Hi
[This is an automated email]
This commit has been processed because it contains a -stable tag.
The stable tag indicates that it's relevant for the following trees: all
The bot has tested the following trees: v5.8.2, v5.7.16, v5.4.59, v4.19.140,
v4.14.193, v4.9.232, v4.4.232.
v5.8.2: Build O
Hello Giuseppe,
Le 24/08/2020 à 22:48, Giuseppe Sacco a écrit :
Hello Christophe,
Il giorno lun, 24/08/2020 alle 07.17 +0200, Christophe Leroy ha
scritto:
Hello Giuseppe,
[...]
The Oopses in the video are fixed in 5.9-rc2, see my response to your
other mail.
Right, I just updated from git
Nicholas Piggin writes:
> This allows unsupported levels to be constant folded away, and so
> p4d_free_pud_page can be removed because it's no longer linked to.
>
> Cc: linuxppc-dev@lists.ozlabs.org
> Signed-off-by: Nicholas Piggin
> ---
>
> Ack or objection if this goes via the -mm tree?
Fine
Greg KH writes:
> On Tue, Aug 25, 2020 at 07:44:08PM -0300, Thadeu Lima de Souza Cascardo wrote:
>> After commit 912c0a7f2b5daa3cbb2bc10f303981e493de73bd ("powerpc/64s: Save
>> FSCR
>> to init_task.thread.fscr after feature init"), which has been applied to the
>> referred branches, when userspac
On Tue, Aug 25, 2020 at 07:44:08PM -0300, Thadeu Lima de Souza Cascardo wrote:
> After commit 912c0a7f2b5daa3cbb2bc10f303981e493de73bd ("powerpc/64s: Save FSCR
> to init_task.thread.fscr after feature init"), which has been applied to the
> referred branches, when userspace sets the user DSCR MSR,
On Wed, Aug 26, 2020 at 12:57:48AM +1000, Nicholas Piggin wrote:
> This allows unsupported levels to be constant folded away, and so
> p4d_free_pud_page can be removed because it's no longer linked to.
>
> Cc: Catalin Marinas
> Cc: Will Deacon
> Cc: linux-arm-ker...@lists.infradead.org
> Signed-
* Pratik Rajesh Sampat [2020-08-26 13:59:18]:
> Cpuidle stop state implementation has minor optimizations for P10
> where hardware preserves more SPR registers compared to P9.
> The current P9 driver works for P10, although does few extra
> save-restores. P9 driver can provide the required power
On 26/08/20 2:07 pm, Christophe Leroy wrote:
Le 26/08/2020 à 10:29, Pratik Rajesh Sampat a écrit :
Cpuidle stop state implementation has minor optimizations for P10
where hardware preserves more SPR registers compared to P9.
The current P9 driver works for P10, although does few extra
save-
Le 26/08/2020 à 10:29, Pratik Rajesh Sampat a écrit :
Cpuidle stop state implementation has minor optimizations for P10
where hardware preserves more SPR registers compared to P9.
The current P9 driver works for P10, although does few extra
save-restores. P9 driver can provide the required pow
Cpuidle stop state implementation has minor optimizations for P10
where hardware preserves more SPR registers compared to P9.
The current P9 driver works for P10, although does few extra
save-restores. P9 driver can provide the required power management
features like SMT thread folding and core lev
On Mon, Aug 24, 2020 at 11:12 PM Jordan Niethe wrote:
>
> The signal handler in the alignment handler self test has the ability to
> jump over the instruction that triggered the signal. It does this by
> incrementing the PT_NIP in the user context by 4. If it were a prefixed
> instruction this wil
65 matches
Mail list logo