Jump or branch target addresses have the first bit set. The
original mask did not take this into account and will cause
a field overflow warning for the target address when a jump
immediate instruction is built.
Signed-off-by: Steven J. Hill <Steven.Hill@imgtec.com>
Currently, the following instructions are translated:
- CACHE (indexed)
- CACHE (va based): translated to a SYNCI, overkill on D-CACHE operations,
but still much faster than a trap.
- mfc0/mtc0: the virtual COP0 registers for the guest are implemented as
2-D array.
[COP#][SEL] and this is mapped into the guest kernel address space @ VA 0x0.
mfc0/mtc0 operations are transformed to load/stores.
Signed-off-by: Sanjay Lal <sanjayl@kymasys.com>
Cc: kvm@vger.kernel.org
Cc: linux-mips@linux-mips.org
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
As ftrace_regex_write() reads the result of ftrace_process_regex()
which can sometimes return a positive number, only consider a
failure if the return is negative. Otherwise, it will skip possible
other registered probes and by returning a positive number that
wasn't read, it will confuse the user processes doing the writing.
Cc: Masami Hiramatsu <masami.hiramatsu.pt@hitachi.com>
Signed-off-by: Steven Rostedt <rostedt@goodmis.org>
register_ftrace_function_probe() returns the number of functions
it registered, which can be zero, it can also return a negative number
if something went wrong. But event_enable_func() only checks for
the case that it didn't register anything, it needs to also check
for the case that something went wrong and return that error code
as well.
Added some comments about the code as well, to make it more
understandable.
Cc: Masami Hiramatsu <masami.hiramatsu.pt@hitachi.com>
Signed-off-by: Steven Rostedt <rostedt@goodmis.org>
Return 0 instead of the number of activated ftrace function probes if
event_enable_func succeeded and return an error code if it failed or
did not register any functions. But it currently returns the number
of registered functions and if it didn't register anything, it returns 0,
but that is considered success.
This also fixes the return value. As if it succeeds, it returns the
number of functions that were enabled, which is returned back to
the user in ftrace_regex_write (the write() return code). If only
one function is enabled, then the return code of the write is one,
and this can confuse the user program in thinking it only wrote 1
byte.
Link: http://lkml.kernel.org/r/20130509054413.30398.55650.stgit@mhiramat-M0-7522
Cc: Srikar Dronamraju <srikar@linux.vnet.ibm.com>
Cc: Oleg Nesterov <oleg@redhat.com>
Cc: Frederic Weisbecker <fweisbec@gmail.com>
Cc: Ingo Molnar <mingo@redhat.com>
Cc: Tom Zanussi <tom.zanussi@intel.com>
Signed-off-by: Masami Hiramatsu <masami.hiramatsu.pt@hitachi.com>
[ Rewrote change log to reflect that this fixes two bugs - SR ]
Signed-off-by: Steven Rostedt <rostedt@goodmis.org>
I get the following warning on boot:
------------[ cut here ]------------
WARNING: at drivers/base/core.c:575 device_create_file+0x9a/0xa0()
Hardware name: -[8737R2A]-
Write permission without 'store'
...
</snip>
Drilling down, this is related to dynamic channel ce_count attribute
files sporting a S_IWUSR mode without a ->store() function. Looking
around, it appears that they aren't supposed to have a ->store()
function. So remove the bogus write permission to get rid of the
warning.
Signed-off-by: Srivatsa S. Bhat <srivatsa.bhat@linux.vnet.ibm.com>
Cc: Mauro Carvalho Chehab <mchehab@redhat.com>
Cc: <stable@vger.kernel.org> # 3.[89]
[ shorten commit message ]
Signed-off-by: Borislav Petkov <bp@suse.de>
nc_worker accesses the originator table during its periodic
work, but since the originator table is freed before
stopping the worker this leads to a global protection fault.
Fix this by killing the worker (in nc_free) before freeing
the originator table.
Moreover tidy up the entire clean up routine by running all
the subcomponents freeing procedures first and then killing
the TT and the originator tables at the end.
Signed-off-by: Antonio Quartulli <ordex@autistici.org>
Signed-off-by: Marek Lindner <lindner_marek@yahoo.de>
In the outgoing ARP request snooping routine in DAT, ARP
Request sent by local clients which are supposed to be
replied by other local clients can be silently dropped.
The destination host will reply by itself through the LAN
and therefore there is no need to involve DAT.
Reported-by: Carlos Quijano <carlos@crqgestion.es>
Signed-off-by: Antonio Quartulli <ordex@autistici.org>
Tested-by: Carlos Quijano <carlos@crqgestion.es>
Signed-off-by: Marek Lindner <lindner_marek@yahoo.de>
Reported-by: Sven Eckelmann <sven@narfation.org>
Signed-off-by: Marek Lindner <lindner_marek@yahoo.de>
Acked-by: Martin Hundebøll <martin@hundeboll.net>
Signed-off-by: Antonio Quartulli <ordex@autistici.org>
batadv_param_set_ra() strips the trailing '\n' from the supplied
string buffer without checking the length of the buffer first. This
patches avoids random memory access and associated potential
crashes.
Reported-by: Sasha Levin <sasha.levin@oracle.com>
Signed-off-by: Marek Lindner <lindner_marek@yahoo.de>
Signed-off-by: Antonio Quartulli <ordex@autistici.org>
This is an almost-undocumented instruction available in 32-bit mode.
I say "almost" undocumented because AMD documents it in their opcode
maps just to say that it is unavailable in 64-bit mode (sections
"A.2.1 One-Byte Opcodes" and "B.3 Invalid and Reassigned Instructions
in 64-Bit Mode").
It is roughly equivalent to "sbb %al, %al" except it does not
set the flags. Use fastop to emulate it, but do not use the opcode
directly because it would fail if the host is 64-bit!
Reported-by: Jun'ichi Nomura <j-nomura@ce.jp.nec.com>
Cc: stable@vger.kernel.org # 3.9
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Gleb Natapov <gleb@redhat.com>
This is used by SGABIOS, KVM breaks with emulate_invalid_guest_state=1.
It is just a MOV in disguise, with a funny source address.
Reported-by: Jun'ichi Nomura <j-nomura@ce.jp.nec.com>
Cc: stable@vger.kernel.org # 3.9
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Gleb Natapov <gleb@redhat.com>
This is used by SGABIOS, KVM breaks with emulate_invalid_guest_state=1.
AAM needs the source operand to be unsigned; do the same in AAD as well
for consistency, even though it does not affect the result.
Reported-by: Jun'ichi Nomura <j-nomura@ce.jp.nec.com>
Cc: stable@vger.kernel.org # 3.9
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Gleb Natapov <gleb@redhat.com>
Nothing semantical
* simplify the alignement code by using & operation only
* rename variables clearly as paddr
Signed-off-by: Vineet Gupta <vgupta@synopsys.com>
Microblaze requires to enable IRQ in cpu_idle loop.
It should be the part of this patch:
"microblaze: Use generic idle loop"
(sha1: e962bb9e9c)
Signed-off-by: Michal Simek <michal.simek@xilinx.com>
vaddr used to index the cache was clipped from the wrong end, and thus
would potentially fail to flush the correct lines.
The problem was dorment for so long because up until the recent
optimizations it was only used for ptrace break-point only flushes.
Signed-off-by: Vineet Gupta <vgupta@synopsys.com>
With the patch to support MMUv3, the base address for the loaded
binary image has changed, and a fix was applied to the U-Boot image.
This fixes the RedBoot image.
Signed-off-by: Chris Zankel <chris@zankel.net>
IRQ handlers are expected to run with IRQs disabled.
See e.g. http://lwn.net/Articles/380931/ for a longer story.
This was overlooked in the commit
2d1c645 xtensa: dispatch medium-priority interrupts
Revert to old behavior and simplify interrupt entry and exit code.
Interrupt handler still honours IRQ priority.
do_notify_resume/schedule must be called with interrupts enabled, enable
interrupts if we return from user exception.
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Chris Zankel <chris@zankel.net>
IRQs are disabled when PS.EXCM is set or PS.INTLEVEL is equal to or
higher than LOCKLEVEL.
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Chris Zankel <chris@zankel.net>
Definition of CALLER_ADDR* through __builtin_return_address makes
compiler insert calls to __xtensa_libgcc_window_spill, which in turn
makes fast_syscall_spill_registers syscall that clobbers registers when
called from the kernel mode, leading to invalid opcode exceptions on
return to userspace.
Provide definition for CALLER_ADDR0 as MAKE_PC_FROM_RA(a0, a1) and in
case CONFIG_FRAME_POINTER is enabled extract CALLER_ADDR{1-3} from
stack.
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Chris Zankel <chris@zankel.net>
- remove unused asm parameters;
- fix EXCM bit setting in the PS SR during _spill_registers call.
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Chris Zankel <chris@zankel.net>
To support FRAME_POINTER avoid using a7 in __simc (none of the existing
simcalls needs it). Replace calls to __simc with more specific
simc_read, simc_write and simc_lseek calls.
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Chris Zankel <chris@zankel.net>
This fixes the following build error:
arch/xtensa/kernel/built-in.o:(.init.literal+0xe8): undefined reference
to `platform_pcibios_init'
arch/xtensa/kernel/built-in.o: In function `setup_arch':
(.init.text+0x20e): undefined reference to `platform_pcibios_init'
and allows platform to omit definition of platform_pcibios_init if it's
empty.
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Chris Zankel <chris@zankel.net>
The Kconfig symbol KCORE_ELF was removed in v2.6.0, but reappeared in two
architectures. It is useless. Remove it again.
Signed-off-by: Paul Bolle <pebolle@tiscali.nl>
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Chris Zankel <chris@zankel.net>
Only set the register when there is at least one ibreak register,
otherwise the build fails:
arch/xtensa/kernel/head.S:105: Error: invalid register 'ibreakenable'
for 'wsr' instruction
arch/xtensa/platforms/iss/setup.c:67: Error: invalid register
'ibreakenable' for 'wsr' instruction
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Chris Zankel <chris@zankel.net>
Fix access_ok macro no to permit
case where user will try to access
the last address space which is equal
to segment address.
Example:
segment addr = 0xbfff ffff
address = 0xbfff fff0
size = 0x10
Current wrong implementation
0xbfff ffff >= (0xbfff fff0 | 0x10 | (0xbfff fff0 + 0x10))
0xbfff ffff >= (0xbfff fff0 | 0xc000 0000)
0xbfff ffff >= 0xf000 0000
return 0 which is access failed even the combination is valid.
because get_fs().seq returns the last valid address.
This patch fix this problem.
Size equals to zero is valid access.
Signed-off-by: Michal Simek <michal.simek@xilinx.com>
Register the irq_domain created during initialization as the default so
that device drivers can pass NULL to irq_create_mapping and get a
virtual irq to pass to request_irq.
Signed-off-by: Dan Christensen <opello@opello.org>
Signed-off-by: Michal Simek <michal.simek@xilinx.com>
A race condition exists when registering the first watchdog device.
Sequence of events:
- watchdog_register_device calls watchdog_dev_register
- watchdog_dev_register creates the watchdog misc device by calling
misc_register.
At that time, the matching character device (/dev/watchdog0) does not yet
exist, and old_wdd is not set either.
- Userspace gets an event and opens /dev/watchdog
- watchdog_open is called and sets wdd = old_wdd, which is still NULL,
and tries to dereference it. This causes the kernel to panic.
Seen with systemd trying to open /dev/watchdog immediately after
it was created.
Reported-by: Arkadiusz Miskiewicz <arekm@maven.pl>
Signed-off-by: Guenter Roeck <linux@roeck-us.net>
Tested-by: Arkadiusz Miskiewicz <arekm@maven.pl>
Signed-off-by: Wim Van Sebroeck <wim@iguana.be>
Use the newly introduced devm_ioremap_resource() instead of
devm_request_and_ioremap() which provides more consistent error handling.
devm_ioremap_resource() provides its own error messages; so all explicit
error messages can be removed from the failure code paths.
Signed-off-by: Sachin Kamat <sachin.kamat@linaro.org>
Reviewed-by: Thierry Reding <thierry.reding@avionic-design.de>
Cc: Gabor Juhos <juhosg@openwrt.org>
Cc: Paul Mundt <lethal@linux-sh.org>
Signed-off-by: Wim Van Sebroeck <wim@iguana.be>
The invalid guest state emulation loop does not check halt_request
which causes 100% cpu loop while guest is in halt and in invalid
state, but more serious issue is that this leaves halt_request set, so
random instruction emulated by vm86 #GP exit can be interpreted
as halt which causes guest hang. Fix both problems by handling
halt_request in emulation loop.
Reported-by: Tomas Papan <tomas.papan@gmail.com>
Tested-by: Tomas Papan <tomas.papan@gmail.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
CC: stable@vger.kernel.org
Signed-off-by: Gleb Natapov <gleb@redhat.com>
From: James Cosin <jkosin@intcomgrp.com>
fixes the number of digits to 6 after the decimal point to regain the
significant 0s in the frequency after the decimal point.
Signed-off-by: Steven Miao <realmz6@gmail.com>
The bootloader configures the pins, but has pull bits
set without pull enable bits. While this is harmless,
and won't do anything, it seems to cause confusion at
least for me every time looking at the pin configuration.
Fix it for DT based boot.
Signed-off-by: Tony Lindgren <tony@atomide.com>