Commit Graph

132134 Commits

Author SHA1 Message Date
Linus Torvalds
72c33734b5 Merge branch 'regset' (PTRACE_SETREGSET data leakage)
Merge PTRACE_SETREGSET leakage fixes from Dave Martin:
 "This series is the collection of fixes I proposed on this topic, that
  have not yet appeared upstream or in the stable branches,

  The issue can leak kernel stack, but doesn't appear to allow userspace
  to attack the kernel directly.  The affected architectures are c6x,
  h8300, metag, mips and sparc.

  [ Mark Salter points out that c6x has no MMU or other mechanism to
    prevent userspace access to kernel code or data on c6x, but it
    doesn't hurt to clean that case up too. ]

  The bugs arise from use of user_regset_copyin(). Users of
  user_regset_copyin() can work in one of two ways:

   1) Copy directly to thread_struct or equivalent. (This seems to be
      the design assumption of the regset API, and is the most common
      approach.)

   2) Copy to a local variable and then transfer to thread_struct. (A
      significant minority of cases.)

  Buggy code typically involves approach 2"

* emailed patches from Dave Martin <Dave.Martin@arm.com>:
  sparc/ptrace: Preserve previous registers for short regset write
  mips/ptrace: Preserve previous registers for short regset write
  metag/ptrace: Reject partial NT_METAG_RPIPE writes
  metag/ptrace: Provide default TXSTATUS for short NT_PRSTATUS
  metag/ptrace: Preserve previous registers for short regset write
  h8300/ptrace: Fix incorrect register transfer count
  c6x/ptrace: Remove useless PTRACE_SETREGSET implementation
2017-03-29 08:55:25 -07:00
Dave Martin
d3805c546b sparc/ptrace: Preserve previous registers for short regset write
Ensure that if userspace supplies insufficient data to PTRACE_SETREGSET
to fill all the registers, the thread's old registers are preserved.

Signed-off-by: Dave Martin <Dave.Martin@arm.com>
Acked-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2017-03-29 08:54:17 -07:00
Dave Martin
d614fd58a2 mips/ptrace: Preserve previous registers for short regset write
Ensure that if userspace supplies insufficient data to PTRACE_SETREGSET
to fill all the registers, the thread's old registers are preserved.

Signed-off-by: Dave Martin <Dave.Martin@arm.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2017-03-29 08:54:17 -07:00
Dave Martin
7195ee3120 metag/ptrace: Reject partial NT_METAG_RPIPE writes
It's not clear what behaviour is sensible when doing partial write of
NT_METAG_RPIPE, so just don't bother.

This patch assumes that userspace will never rely on a partial SETREGSET
in this case, since it's not clear what should happen anyway.

Signed-off-by: Dave Martin <Dave.Martin@arm.com>
Acked-by: James Hogan <james.hogan@imgtec.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2017-03-29 08:54:17 -07:00
Dave Martin
5fe81fe981 metag/ptrace: Provide default TXSTATUS for short NT_PRSTATUS
Ensure that if userspace supplies insufficient data to PTRACE_SETREGSET
to fill TXSTATUS, a well-defined default value is used, based on the
task's current value.

Suggested-by: James Hogan <james.hogan@imgtec.com>
Signed-off-by: Dave Martin <Dave.Martin@arm.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2017-03-29 08:54:17 -07:00
Dave Martin
a78ce80d2c metag/ptrace: Preserve previous registers for short regset write
Ensure that if userspace supplies insufficient data to PTRACE_SETREGSET
to fill all the registers, the thread's old registers are preserved.

Signed-off-by: Dave Martin <Dave.Martin@arm.com>
Acked-by: James Hogan <james.hogan@imgtec.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2017-03-29 08:54:17 -07:00
Dave Martin
502585c755 h8300/ptrace: Fix incorrect register transfer count
regs_set() and regs_get() are vulnerable to an off-by-1 buffer overrun
if CONFIG_CPU_H8S is set, since this adds an extra entry to
register_offset[] but not to user_regs_struct.

So, iterate over user_regs_struct based on its actual size, not based on
the length of register_offset[].

Signed-off-by: Dave Martin <Dave.Martin@arm.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2017-03-29 08:54:17 -07:00
Dave Martin
fb411b837b c6x/ptrace: Remove useless PTRACE_SETREGSET implementation
gpr_set won't work correctly and can never have been tested, and the
correct behaviour is not clear due to the endianness-dependent task
layout.

So, just remove it.  The core code will now return -EOPNOTSUPPORT when
trying to set NT_PRSTATUS on this architecture until/unless a correct
implementation is supplied.

Signed-off-by: Dave Martin <Dave.Martin@arm.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2017-03-29 08:54:17 -07:00
Linus Torvalds
050fc52d83 All x86-specific, apart from some arch-independent syzkaller fixes.
v1->v2: added one more Reviewed-by
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.22 (GNU/Linux)
 
 iQEbBAABAgAGBQJY2lUOAAoJEL/70l94x66D8awH9joMSpLQV2xoJfq4MbAAevpe
 UvSjeffFxdEzmUcBH8p23l3Fp4jik9wklXSquxQPXf8TgQ7Lgu1Pan6+UFpB8Aaq
 sZNdYyaydYumZpnEVUUtgzIY/fpgifechCqXzizu/EmQDZBrbLCJ7Pr86WSLZX5m
 8fBfOKtymu9sP9SRbDL5Wsx/V5YHnV0oU6iBwd2wWnoOyn7LF2dLtjqW55jE8910
 ZkhnJ2r+nhvxAXe/Qr9GrLGtp2bJQFgzJ6Qx19U5a3u3DEMAJV3NMorum9YLQPTq
 J/jl+1fSERspRuJC/Lr0/+EAF7rGLfpJIa1nNNJi5uFbV0ABnMDBNL3Vsp0x2Q==
 =aR3K
 -----END PGP SIGNATURE-----

Merge tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm

Pull KVM fixes from Paolo Bonzini:
 "All x86-specific, apart from some arch-independent syzkaller fixes"

* tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm:
  KVM: x86: cleanup the page tracking SRCU instance
  KVM: nVMX: fix nested EPT detection
  KVM: pci-assign: do not map smm memory slot pages in vt-d page tables
  KVM: kvm_io_bus_unregister_dev() should never fail
  KVM: VMX: Fix enable VPID conditions
  KVM: nVMX: Fix nested VPID vmx exec control
  KVM: x86: correct async page present tracepoint
  kvm: vmx: Flush TLB when the APIC-access address changes
  KVM: x86: use pic/ioapic destructor when destroy vm
  KVM: x86: check existance before destroy
  KVM: x86: clear bus pointer when destroyed
  KVM: Documentation: document MCE ioctls
  KVM: nVMX: don't reset kvm mmu twice
  PTP: fix ptr_ret.cocci warnings
  kvm: fix usage of uninit spinlock in avic_vm_destroy()
  KVM: VMX: downgrade warning on unexpected exit code
2017-03-28 11:33:34 -07:00
Paolo Bonzini
2beb6dad2e KVM: x86: cleanup the page tracking SRCU instance
SRCU uses a delayed work item.  Skip cleaning it up, and
the result is use-after-free in the work item callbacks.

Reported-by: Dmitry Vyukov <dvyukov@google.com>
Suggested-by: Dmitry Vyukov <dvyukov@google.com>
Cc: stable@vger.kernel.org
Fixes: 0eb05bf290
Reviewed-by: Xiao Guangrong <xiaoguangrong.eric@gmail.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2017-03-28 14:08:02 +02:00
Ladi Prosek
7ad658b693 KVM: nVMX: fix nested EPT detection
The nested_ept_enabled flag introduced in commit 7ca29de213 was not
computed correctly. We are interested only in L1's EPT state, not the
the combined L0+L1 value.

In particular, if L0 uses EPT but L1 does not, nested_ept_enabled must
be false to make sure that PDPSTRs are loaded based on CR3 as usual,
because the special case described in 26.3.2.4 Loading Page-Directory-
Pointer-Table Entries does not apply.

Fixes: 7ca29de213 ("KVM: nVMX: fix CR3 load if L2 uses PAE paging and EPT")
Cc: qemu-stable@nongnu.org
Reported-by: Wanpeng Li <wanpeng.li@hotmail.com>
Reviewed-by: David Hildenbrand <david@redhat.com>
Signed-off-by: Ladi Prosek <lprosek@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2017-03-28 10:10:15 +02:00
Linus Torvalds
d3e68cef89 m68k updates for 4.11 (take two)
- Build warning fix,
   - Defconfig updates,
   - New syscall statx.
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIcBAABAgAGBQJY2M19AAoJEEgEtLw/Ve779GcP/2DT8GlkvuDFQZrGgS1+hZ8V
 74IT7rR9yzO8F1WElzr0aZ2UAOvIM8duPUIc21f6zb/GzhqN8X5qAEfcYWPM6GOB
 zc7oNorjI7VbvVL6+VxUTzphtQPGTAax+e4gGnGb95axyuNUfxtX+dJRp3qKg98i
 ZZi2xOY7XFlq+6MKL0gU83q/tpvSAnV5C9lyqtPpqCeGdx52VY6/HE+kfrEYHOpR
 cg61F7Aj58VI0pnePD484wI1uSecbmZVCGWoBtymk/vk3COaCoO+/lDh9K6G7LsU
 TuGUJfTbl6atgdfGmjTCALgYC5kSVUlwvrW2nL4ubRh2HC4GRsiBeNEGPcrBDr4S
 71f33tmEVOofBwx3nkTQmTy9k7qM27p+JEGjIxq6Voa/hleODS1eZWek+O27EIdM
 rcykSQCmHqZ8yDVuxfpIgErkTgIGt5BNKKDeGcLMvZbZ1/yspq6tyFLIrYIxoqX2
 zdh6PdOSrqQ2v+GzkLy+0dmppvFHV0s56gfMz4b5xpoCQCH9jcHvstDe97ZmtftT
 psQYkTZ+0JAbNjS8Xl3h3O+y7T/N4pk1RwjJFVBiTheJxAeTYCc2tolnoXSoE4OF
 P0FqIiu0mgBdt/Dpiu9FVz05nrFUaRO957qILoCUCC14Z2obUGMODZLTD034leXy
 eAslFQ+DKd1h7+2k3EVn
 =5sXn
 -----END PGP SIGNATURE-----

Merge tag 'm68k-for-v4.11-tag2' of git://git.kernel.org/pub/scm/linux/kernel/git/geert/linux-m68k

Pull m68k updates from Geert Uytterhoeven:

  - build warning fix

  - defconfig updates

  - wire up new statx syscall

* tag 'm68k-for-v4.11-tag2' of git://git.kernel.org/pub/scm/linux/kernel/git/geert/linux-m68k:
  m68k: Wire up statx
  m68k/defconfig: Update defconfigs for v4.11-rc1
  m68k/bitops: Correct signature of test_bit()
2017-03-27 10:44:51 -07:00
Linus Torvalds
42234bf832 powerpc fixes for 4.11 #6
- cxl: Route eeh events to all slices for pci_channel_io_perm_failure state
  - powerpc/64s: Fix idle wakeup potential to clobber registers
  - Revert "powerpc/64: Disable use of radix under a hypervisor"
  - gcc-plugins: update architecture list in documentation
 
 Thanks to:
   Andrew Donnellan, Nicholas Piggin, Paul Mackerras, Vaibhav Jain.
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIcBAABAgAGBQJY1ySvAAoJEFHr6jzI4aWAYx8QAJHHLYvBc8Tl2kxXJRQos182
 6Dhff1dp8OJNNBSwPalJPPd/4SkJ4UTFP3CSobuhRmj5ZZ3qzQ3ONvZSC+9NtXFj
 yw2qGagabmGcInnHupVMTd13rrhveHOgC+7SabsnbjUeAqpoccv675P2MYLq0xYQ
 JILOTzbghVlwDhQD3e3/BBkqSSgWibMegGwO8rX8Z+Bw0c7X7tfz4Dpa5d5rnBzc
 jUgbzoBE9E9AQ0BJmp5Nqc8UwMvkWgFHwQ4/D5a+GEaE7rJmxG7twbYHJoGhgLkb
 ceB2iMfZDdagmCUrw179JmgKcSWBLoN9v/uykDrejdaEQCj+M8HTRFLZXccGd/1h
 p7FNr3z7lqLi9GxQnYDFtoOWbR4wK8Wirk45He5b9JSCqWYQxaxJcPqRx/IAG33O
 xXoMjdN79rrljerVnE1JZHB8WRXFEs4fEkGiahCnX8hC7VNIcSvMtgss2nsGgyHq
 vuMfdFvRhGfqKX6AL4cBukotCEvI1pPvo5LYpF6HiHxLM6+g/dX7ZlWrIOoEup1P
 5FhDk/pirRQurVI7Tvmiz3bUCqbloqhZBZ4vec0wz2lfHJ2+5cdoNM0+OGJkHJrN
 Jr7NvdlhH35Awz9Cf358oVpWlHNuPuJrmWnZSpWM+3/FTv7UM6WgComuzl9olF40
 jdqp+aUODC6gQH6sWlhP
 =4CFb
 -----END PGP SIGNATURE-----

Merge tag 'powerpc-4.11-6' of git://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux

Pull more powerpc fixes from Michael Ellerman:
 "These are all pretty minor. The fix for idle wakeup would be a bad bug
  but has not been observed in practice.

  The update to the gcc-plugins docs was Cc'ed to Kees and Jon, Kees
  OK'ed it going via powerpc and I didn't hear from Jon.

   - cxl: Route eeh events to all slices for pci_channel_io_perm_failure state

   - powerpc/64s: Fix idle wakeup potential to clobber registers

   - Revert "powerpc/64: Disable use of radix under a hypervisor"

   - gcc-plugins: update architecture list in documentation

  Thanks to: Andrew Donnellan, Nicholas Piggin, Paul Mackerras, Vaibhav
  Jain"

* tag 'powerpc-4.11-6' of git://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux:
  gcc-plugins: update architecture list in documentation
  Revert "powerpc/64: Disable use of radix under a hypervisor"
  powerpc/64s: Fix idle wakeup potential to clobber registers
  cxl: Route eeh events to all slices for pci_channel_io_perm_failure state
2017-03-26 10:34:10 -07:00
Linus Torvalds
2056b7c7df ARM: SoC fixes for v4.11
- A couple of OMAP 4.11 regression fixes, including a boot regression for
   SmartReflex, hypervisor mode in thumb2 mode, and reference counting of
   device nodes
 
 - A fix for cpu_idle on at91
 
 - Minor DT fixes on across several platforms:
   sunxi, bcm53xx, at91, nsp, ns2, ux500, omap
 
 - A fix to correct an API change in the reset controllers
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIVAwUAWNWBrGCrR//JCVInAQJE/xAArSDx+6i7On53k3QfxkR1mONHrEOlXhlP
 VbTeBfkYtYB08Pgq99QVJE5qYK2N5w2664UNbgs+KKYnYJTNl0G6EW1l7oj+21M+
 xg3e6ctdfeztYeU34q7D2TxzP/EBRHdbpEuT+JHuQOWFYNfGAj2vSt2cdPUael/Q
 D4s4BgeM1dIOzN3z3AvuQpqIhLedVRFAGYAaalKXiwREYUVDgnqhHCPWChVnSQMR
 gnNDYcb5ZxCaELH9gkdVqyfdlScw9juKMg5v7e7KizhBUqOGBT0bguLC9Kfh3mDO
 tIJGwkuqWvc5tAKuAcGklIVOzP8Wtcq0ObrFzLczy6Waf+6aaQl5J8Uw85UR/zg4
 44AHzk++apXTCDlrRzQZIkvaN9TmOBr65qrW1rnqVN72FRS3arDuMV1rEFRdZy2x
 riXmJmENWo+sakst4fTS0QY+/GlPDB8Md4X++Vkl3DgWFgiiBTcPbJCEazsFVip+
 QQzWfXTSB98bCVUuYr5eZgMlPYHrd1ZQIbgzlzIkdUuZ4XCe4MGw88km6TqviBwf
 dduNKnFctkrLAgM3V8rXZBQsZqJHRDmpOfSZ+9XtGYggy83g5FLbkp9h6Ws66SbI
 KCgLzV0THCs/gKLMeDqFerO1xQzxN84pd+YKetnD1RU+5bo98DMUkqgFn+cZyCFA
 dlImlZcN7Pc=
 =zKIg
 -----END PGP SIGNATURE-----

Merge tag 'armsoc-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/arm/arm-soc

Pull ARM SoC fixes from Arnd Bergmann:

 - a couple of OMAP 4.11 regression fixes, including a boot regression
   for SmartReflex, hypervisor mode in thumb2 mode, and reference
   counting of device nodes

 - a fix for cpu_idle on at91

 - minor DT fixes on across several platforms: sunxi, bcm53xx, at91,
   nsp, ns2, ux500, omap

 - a fix to correct an API change in the reset controllers

* tag 'armsoc-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/arm/arm-soc: (22 commits)
  arm64: dts: NS2: Add dma-coherent to relevant DT entries
  reset: fix optional reset_control_get stubs to return NULL
  ARM: sun8i: a23/a33: drop bl_en_pin GPIO pinmux in reference design DTSI
  ARM: dts: sun7i: lamobo-r1: Fix CPU port RGMII settings
  ARM: dts: NSP: GPIO reboot open-source
  ARM: at91: pm: cpu_idle: switch DDR to power-down mode
  ARM: dts: add the AB8500 clocks to the device tree
  ARM: dts: imx6sx-udoo-neo: Fix reboot hang
  ARM: sun8i: Fix the mali clock rate
  ARM: dts: BCM5301X: Correct GIC_PPI interrupt flags
  ARM: dts: BCM5301X: Fix memory start address
  ARM: dts: BCM5301X: Fix UARTs on bcm953012k
  Revert "ARM: at91/dt: sama5d2: Use new compatible for ohci node"
  ARM: OMAP2+: Release device node after it is no longer needed.
  ARM: OMAP2+: Fix device node reference counts
  ARM: OMAP2+: Remove legacy gpmc-nand.c
  ARM: OMAP2+: gpmc-onenand: propagate error on initialization failure
  ARM: dts: am335x-pcm953: Fix legacy wakeup source binding
  ARM: omap2plus_defconfig: Enable INPUT_MOUSEDEV as loadable modules
  ARM: dts: am57xx-idk: tpic2810 is on I2C bus, not SPI
  ...
2017-03-24 14:32:21 -07:00
Arnd Bergmann
0fa974b8b6 This pull request contains Broadcom ARM64-based SoCs Device Tree fixes for 4.11,
please pull the following:
 
 - Jon adds missing "dma-coherent" property to the Northstar 2 DTS include file
   in order to fix both performance and cache problems for: PCIe, Ethernet,
   PDC/mailbox, SATA3 and SDHCI
 -----BEGIN PGP SIGNATURE-----
 
 iQIcBAABCAAGBQJY0rXOAAoJEIfQlpxEBwcEcCwQAI6nyawZL32CW5cRKcDqHeVG
 l7bZJEdfcYA6TojvIGhdWh4VGSb2sLJsB7cU+eAtdHxI55sp1YR1HMEv5GBNthiq
 JKtwnVKWpaM6lbJGJnQwvGCzrGWSIXJH7KjPHh+Krb8ZV7GWQiJ3neEe3jh7Pp5u
 KEWIin22AowWo/5Hk8reEOoei9E+zer6Bo8YI2SVQ426epXnCocHzfaVIMq28310
 xzlhR8xFACoJTPJBJ8keyjL/9UYoge4Q1PM4VH89ti3juF4ELNGJP2yZyTbXWjOg
 gHDbQ13KWxE6xvCZbRLkiyBkIL5MZ8xKsP6ePqFtNU4STnPvnenWoEpBuY+8+lmz
 YOCoWf+TzyfvFV6BsnbnvBPE09tzeqtY43+kLOAsizqPY1+MzflDNW1MLBKRzQBV
 yGI6NhNB8wgKtCrYAGAd4O+Mb1GkGigw/C7l+/L68aBNqwy3pfPEM1zkobX7sBUi
 T+CjYQoF5ZUNx+p6cQfZFnr7ygC/iUyo7jODY9fTbCQ51PiTw1uMcOUmaV2DbQ2T
 Fq4jZRTVRubzBlCTNG1hRPqycGoXzjRS/uGKOLX5+XqRNKUBfFzy+XNoGqRlSO9n
 E6ef1ZbCO5GwxG6otgmlARHgCigSusKvfccQ9WWcB+1CegeCFSbyG1YzYkhQZ281
 te/nPRCmU/Uq0YvUoogd
 =5KXs
 -----END PGP SIGNATURE-----

Merge tag 'arm-soc/for-4.11/devicetree-arm64-fixes' of http://github.com/Broadcom/stblinux into fixes

Pull "Broadcom arm64 Device Tree fixes for 4.11" from Florian Fainelli:

This pull request contains Broadcom ARM64-based SoCs Device Tree fixes for 4.11,
please pull the following:

- Jon adds missing "dma-coherent" property to the Northstar 2 DTS include file
  in order to fix both performance and cache problems for: PCIe, Ethernet,
  PDC/mailbox, SATA3 and SDHCI

* tag 'arm-soc/for-4.11/devicetree-arm64-fixes' of http://github.com/Broadcom/stblinux:
  arm64: dts: NS2: Add dma-coherent to relevant DT entries
2017-03-24 17:51:50 +01:00
Arnd Bergmann
bf3f53089c This pull request contains Broadcom ARM-based SoCs Device Tree fixes for 4.11,
please pull the following:
 
 - Jon fixes a reboot issue on most Northstar Plus platforms by adding the
   "open-source" property to the "gpio-restart" Device Tree nodes
 -----BEGIN PGP SIGNATURE-----
 
 iQIcBAABCAAGBQJY0rfzAAoJEIfQlpxEBwcEzCAQALNT1HOloxI7D+Ki1w5/ANum
 IsZIfzffFV/gJW1tZDhbLnNcPU+H8W9hGi3veAOihlbJSMHkEV5ECYzx9CImwLyg
 0le6H68w4eZwJQ4ZCyyu3qXPjhic6v3Dtzw2nqvWytRAbcyGh8k8z6riVRucCXJU
 wvzjARTga1u2UffvVsQEw6o7MQE0B+1KcqGh+g069IQVQzTjTxPGOvQF2hfqabUt
 45x2w5wlUKGX+SodqweDzFQu1tKErjkt8EH5zvqjeMRGFxHaDFXw4FuRWrkzp9ic
 gE+3d/IuHxYivNsPg90y029e+ihTTxPfT1cLRJkN7kbzBKYngH+/T1HLb7EFJbcO
 /haqnevKaWp3MCwkpH4LDQ3akKIaZvbo16qdxCNvQ80biTwHqOo5e+roMyk9Y9Ka
 vYw22yW0LfeRHPnkQBIBOwS9b31r2D9FePKRrkNFZXy0247w0TW4lSUovvnIdwTq
 awBBBkTS56ovnjmU08/72DVj4JE2/3mwqkYHUfEXls4RA8oYF4maHSEZI/FF16/2
 YiMVE9fBaRjLKXthxuVaMsGUz94QR2W9gaOq8UV5E/ZM9YCckR+J28mhHehV+S2U
 jsDv3iXgLpnYOnBqdoXLbcHr9QFx0OtItgACs3AlYP0SMmUryXrPdzVUY9cQBjJR
 drXgohtIcxX1j0CHxDWf
 =CKev
 -----END PGP SIGNATURE-----

Merge tag 'arm-soc/for-4.11/devicetree-fixes-2' of http://github.com/Broadcom/stblinux into fixes

Pull "Broadcom arm Device Tree fixes for 4.11 (part 2)" from Florian Fainelli:

This pull request contains Broadcom ARM-based SoCs Device Tree fixes for 4.11,
please pull the following:

- Jon fixes a reboot issue on most Northstar Plus platforms by adding the
  "open-source" property to the "gpio-restart" Device Tree nodes

* tag 'arm-soc/for-4.11/devicetree-fixes-2' of http://github.com/Broadcom/stblinux:
  ARM: dts: NSP: GPIO reboot open-source
2017-03-24 17:49:40 +01:00
Wanpeng Li
08d839c4b1 KVM: VMX: Fix enable VPID conditions
This can be reproduced by running L2 on L1, and disable VPID on L0
if w/o commit "KVM: nVMX: Fix nested VPID vmx exec control", the L2
crash as below:

KVM: entry failed, hardware error 0x7
EAX=00000000 EBX=00000000 ECX=00000000 EDX=000306c3
ESI=00000000 EDI=00000000 EBP=00000000 ESP=00000000
EIP=0000fff0 EFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 00000000 0000ffff 00009300
CS =f000 ffff0000 0000ffff 00009b00
SS =0000 00000000 0000ffff 00009300
DS =0000 00000000 0000ffff 00009300
FS =0000 00000000 0000ffff 00009300
GS =0000 00000000 0000ffff 00009300
LDT=0000 00000000 0000ffff 00008200
TR =0000 00000000 0000ffff 00008b00
GDT=     00000000 0000ffff
IDT=     00000000 0000ffff
CR0=60000010 CR2=00000000 CR3=00000000 CR4=00000000
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000000

Reference SDM 30.3 INVVPID:

Protected Mode Exceptions
- #UD
  - If not in VMX operation.
  - If the logical processor does not support VPIDs (IA32_VMX_PROCBASED_CTLS2[37]=0).
  - If the logical processor supports VPIDs (IA32_VMX_PROCBASED_CTLS2[37]=1) but does
    not support the INVVPID instruction (IA32_VMX_EPT_VPID_CAP[32]=0).

So we should check both VPID enable bit in vmx exec control and INVVPID support bit
in vmx capability MSRs to enable VPID. This patch adds the guarantee to not enable
VPID if either INVVPID or single-context/all-context invalidation is not exposed in
vmx capability MSRs.

Reviewed-by: David Hildenbrand <david@redhat.com>
Reviewed-by: Jim Mattson <jmattson@google.com>
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Radim Krčmář <rkrcmar@redhat.com>
Signed-off-by: Wanpeng Li <wanpeng.li@hotmail.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2017-03-23 19:02:22 +01:00
Wanpeng Li
63cb6d5f00 KVM: nVMX: Fix nested VPID vmx exec control
This can be reproduced by running kvm-unit-tests/vmx.flat on L0 w/ vpid disabled.

Test suite: VPID
Unhandled exception 6 #UD at ip 00000000004051a6
error_code=0000      rflags=00010047      cs=00000008
rax=0000000000000000 rcx=0000000000000001 rdx=0000000000000047 rbx=0000000000402f79
rbp=0000000000456240 rsi=0000000000000001 rdi=0000000000000000
r8=000000000000000a  r9=00000000000003f8 r10=0000000080010011 r11=0000000000000000
r12=0000000000000003 r13=0000000000000708 r14=0000000000000000 r15=0000000000000000
cr0=0000000080010031 cr2=0000000000000000 cr3=0000000007fff000 cr4=0000000000002020
cr8=0000000000000000
STACK: @4051a6 40523e 400f7f 402059 40028f

We should hide and forbid VPID in L1 if it is disabled on L0. However, nested VPID
enable bit is set unconditionally during setup nested vmx exec controls though VPID
is not exposed through nested VMX capablity. This patch fixes it by don't set nested
VPID enable bit if it is disabled on L0.

Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Radim Krčmář <rkrcmar@redhat.com>
Cc: stable@vger.kernel.org
Fixes: 5c614b3583 (KVM: nVMX: nested VPID emulation)
Signed-off-by: Wanpeng Li <wanpeng.li@hotmail.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2017-03-23 19:02:14 +01:00
Wanpeng Li
24dccf83a1 KVM: x86: correct async page present tracepoint
After async pf setup successfully, there is a broadcast wakeup w/ special
token 0xffffffff which tells vCPU that it should wake up all processes
waiting for APFs though there is no real process waiting at the moment.

The async page present tracepoint print prematurely and fails to catch the
special token setup. This patch fixes it by moving the async page present
tracepoint after the special token setup.

Before patch:

qemu-system-x86-8499  [006] ...1  5973.473292: kvm_async_pf_ready: token 0x0 gva 0x0

After patch:

qemu-system-x86-8499  [006] ...1  5973.473292: kvm_async_pf_ready: token 0xffffffff gva 0x0

Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Radim Krčmář <rkrcmar@redhat.com>
Signed-off-by: Wanpeng Li <wanpeng.li@hotmail.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2017-03-23 19:02:07 +01:00
Jim Mattson
fb6c819843 kvm: vmx: Flush TLB when the APIC-access address changes
Quoting from the Intel SDM, volume 3, section 28.3.3.4: Guidelines for
Use of the INVEPT Instruction:

If EPT was in use on a logical processor at one time with EPTP X, it
is recommended that software use the INVEPT instruction with the
"single-context" INVEPT type and with EPTP X in the INVEPT descriptor
before a VM entry on the same logical processor that enables EPT with
EPTP X and either (a) the "virtualize APIC accesses" VM-execution
control was changed from 0 to 1; or (b) the value of the APIC-access
address was changed.

In the nested case, the burden falls on L1, unless L0 enables EPT in
vmcs02 when L1 doesn't enable EPT in vmcs12.

Signed-off-by: Jim Mattson <jmattson@google.com>
Signed-off-by: Radim Krčmář <rkrcmar@redhat.com>
2017-03-23 19:02:06 +01:00
Peter Xu
c761159cf8 KVM: x86: use pic/ioapic destructor when destroy vm
We have specific destructors for pic/ioapic, we'd better use them when
destroying the VM as well.

Signed-off-by: Peter Xu <peterx@redhat.com>
Signed-off-by: Radim Krčmář <rkrcmar@redhat.com>
2017-03-23 19:02:06 +01:00
Peter Xu
950712eb8e KVM: x86: check existance before destroy
Mostly used for split irqchip mode. In that case, these two things are
not inited at all, so no need to release.

Signed-off-by: Peter Xu <peterx@redhat.com>
Signed-off-by: Radim Krčmář <rkrcmar@redhat.com>
2017-03-23 19:02:03 +01:00
Jon Mason
f0c0cb99f7 arm64: dts: NS2: Add dma-coherent to relevant DT entries
Cache related issues with DMA rings and performance issues related to
caching are being caused by not properly setting the "dma-coherent" flag
in the device tree entries.  Adding it here to correct the issue.

Signed-off-by: Jon Mason <jon.mason@broadcom.com>
Fixes: fd5e5dd56 ("arm64: dts: Add PCIe0 and PCIe4 DT nodes for NS2")
Fixes: dddc3c9d7 ("arm64: dts: NS2: add AMAC ethernet support")
Fixes: e79249143 ("arm64: dts: Add Broadcom Northstar2 device tree entries for PDC driver")
Fixes: ac9aae00f ("arm64: dts: Add SATA3 AHCI and SATA3 PHY DT nodes for NS2")
Fixes: efc877676 ("arm64: dts: Add SDHCI DT node for NS2")
Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
2017-03-22 10:14:14 -07:00
Neeraj Upadhyay
afd0e5a876 arm64: kaslr: Fix up the kernel image alignment
If kernel image extends across alignment boundary, existing
code increases the KASLR offset by size of kernel image. The
offset is masked after resizing. There are cases, where after
masking, we may still have kernel image extending across
boundary. This eventually results in only 2MB block getting
mapped while creating the page tables. This results in data aborts
while accessing unmapped regions during second relocation (with
kaslr offset) in __primary_switch. To fix this problem, round up the
kernel image size, by swapper block size, before adding it for
correction.

For example consider below case, where kernel image still crosses
1GB alignment boundary, after masking the offset, which is fixed
by rounding up kernel image size.

SWAPPER_TABLE_SHIFT = 30
Swapper using section maps with section size 2MB.
CONFIG_PGTABLE_LEVELS = 3
VA_BITS = 39

_text  : 0xffffff8008080000
_end   : 0xffffff800aa1b000
offset : 0x1f35600000
mask = ((1UL << (VA_BITS - 2)) - 1) & ~(SZ_2M - 1)

(_text + offset) >> SWAPPER_TABLE_SHIFT = 0x3fffffe7c
(_end + offset) >> SWAPPER_TABLE_SHIFT  = 0x3fffffe7d

offset after existing correction (before mask) = 0x1f37f9b000
(_text + offset) >> SWAPPER_TABLE_SHIFT = 0x3fffffe7d
(_end + offset) >> SWAPPER_TABLE_SHIFT  = 0x3fffffe7d

offset (after mask) = 0x1f37e00000
(_text + offset) >> SWAPPER_TABLE_SHIFT = 0x3fffffe7c
(_end + offset) >> SWAPPER_TABLE_SHIFT  = 0x3fffffe7d

new offset w/ rounding up = 0x1f38000000
(_text + offset) >> SWAPPER_TABLE_SHIFT = 0x3fffffe7d
(_end + offset) >> SWAPPER_TABLE_SHIFT  = 0x3fffffe7d

Fixes: f80fb3a3d5 ("arm64: add support for kernel ASLR")
Cc: <stable@vger.kernel.org>
Reviewed-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Signed-off-by: Neeraj Upadhyay <neeraju@codeaurora.org>
Signed-off-by: Srinivas Ramana <sramana@codeaurora.org>
Signed-off-by: Will Deacon <will.deacon@arm.com>
2017-03-22 15:43:11 +00:00
Olof Johansson
6479ca8e59 Fixes for 4.11:
- Fix USB host for sama5d2
  - Fix cpuidle on sama5
 -----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCgAdFiEEl0I5XWmUIrwBfFMm2KKDO9oT4sIFAljHyXAACgkQ2KKDO9oT
 4sLnVQ/+N3u4elYWkrnZL6ek7JkR/PXTfA9etzCdFmOkFSDrgbBnKW8n+zmeTzJS
 R3sxzr5X6eN0OKDDSxopJz12gDSWdm+dNn/ZbDowAtwHTtBPyLnBq4W9nOY8TgVY
 Dfs2cfTor62WXyC3Nn5QQCEr5iSIeZPNIaBys4GW1WucCvcXbFuRUMp2vw5p1ECC
 eMo5yhslTgD78DMDUDo6/tsxTJNoXNfQFl1vP/K4x7Q1NcUYAMQ4EkqzW++JhCuC
 OKk2zmpZo/0FUNKmvwZwE4AFGZLdSBZZsk49DA8PP8hGlCI7rcXtrrdsx9yBzcfL
 Ue/YG6BJh1Iu7EhBcpc3dRwfwf5mEd7x2HnuMD3n6ox1QLrY7S8Xv+MOgPKjYmWu
 DrzhtXCKe5YZxXWeKcnGsvzrHzjDRoYb1vXN+193YaH/NXGRWwN4wWjDOmbwJGVC
 5w1R6MBEIcw/B6PTwOg5+XvnE6zQvrdqIZX3Q+Tf/ybUyf9CPPrRjfMZTxTyHPNk
 0O2jB0YdahYlcYzdzwRx3FBRB2LLQ6XjkWPF06Kp3ZCI2WMKxH2Im7Y04VC5kHPF
 ABG509bSRxScBDerQbJwz0teeJaAC9CRTgsvyF5hComl3Sg0o06FkuDOgS1b864M
 gbsOoRMLY1kq7LZyBSa4Snj+KEwgRQGliaTJOqeZpMZEf5tnEtM=
 =XXBm
 -----END PGP SIGNATURE-----

Merge tag 'at91-ab-4.11-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/abelloni/linux into fixes

Fixes for 4.11:

 - Fix USB host for sama5d2
 - Fix cpuidle on sama5

* tag 'at91-ab-4.11-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/abelloni/linux:
  ARM: at91: pm: cpu_idle: switch DDR to power-down mode
  Revert "ARM: at91/dt: sama5d2: Use new compatible for ohci node"

Signed-off-by: Olof Johansson <olof@lixom.net>
2017-03-21 17:32:54 -07:00
Olof Johansson
2b259300d2 Allwinner fixes for 4.11
A bunch of device tree fixes for various boards / SoCs.
 -----BEGIN PGP SIGNATURE-----
 
 iQIcBAABCAAGBQJYz6jpAAoJEBx+YmzsjxAg2agP/RVoD/o3JctGCUfqgRog5kCJ
 A8wUi63bAG52XVccYm2NFdEMhYoGpnuiljIytSW6v0JewzRblnpJHnJu+W60t+2p
 x1dcqwPCfObRAkPZLaGHIJmsJuJcDa3hD1s6kqxNYqnaqjTKldbnuDycbV2IPI1i
 0M6p4yVVWaZAVSdgew0hwUTx2C3JKaZNRfWFddVl8lf6iBRBCWJq7POKH1wttdsz
 Da5wzHtLnMHk5EO9G6i/VDQAoc7EUCJeQ84/ZDgFREfbRJokefWvtz+LEWh9KYQK
 fK5O8rsNrJTcgCHERL61fz4hbc8knWP2WvxbQ7wVNXTc9R3VZW9lBpovxgHzjXc+
 8qY5mMGmU9jr4Xli/3q5fS/b7Tw2w8DT043vKhg7oFrpeEwh5a+hfWPjqcRPObAi
 XxxN9ixnfbV3CC0DMIdk+ghu+FxOzUVa8Dmg7P0rrZ5j5iFBbBIWyTLqdsA/t5Hz
 bNOW4XSHlja8Xqkpr4Ebp4nxUbTxVNdWLwann5w5Ty5w7RRsN60iZJdwl8VZTPHp
 OgEuIbZcKTBIBAJNINgeTUNhBDspL9MunteTXKjvWr8EwayuU2/kcWCieyb9ar8D
 3Bf8WghlM3roiHDqdfaAxxMD56nVGhMgwVa6I42uvCFQz5/xrtF9cMLelOuR0NPX
 cNirP1PVVeEjgRIiSO1F
 =fo5j
 -----END PGP SIGNATURE-----

Merge tag 'sunxi-fixes-for-4.11' of https://git.kernel.org/pub/scm/linux/kernel/git/mripard/linux into fixes

Allwinner fixes for 4.11

A bunch of device tree fixes for various boards / SoCs.

* tag 'sunxi-fixes-for-4.11' of https://git.kernel.org/pub/scm/linux/kernel/git/mripard/linux:
  ARM: sun8i: a23/a33: drop bl_en_pin GPIO pinmux in reference design DTSI
  ARM: dts: sun7i: lamobo-r1: Fix CPU port RGMII settings
  ARM: sun8i: Fix the mali clock rate

Signed-off-by: Olof Johansson <olof@lixom.net>
2017-03-21 17:30:16 -07:00
Olof Johansson
fe64ccb2f5 i.MX fixes for 4.11:
- A fix to reboot hang seen on imx6sx-udoo-neo board, by removing
    arm-supply and soc-supply and using LDO enabled mode.
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQEcBAABAgAGBQJYz5T0AAoJEFBXWFqHsHzOiUwH/1S1b6Si8fbG0g11BQm+2N0u
 mHf3Z41f+F81xuFFt/6ZX5ICiOXDlAdcga3QXUCNCWfYnFLJyDSoF6Z1JSUkGeEa
 kVCmi+WWUOYtyU7QYfaBzPtZqqUurqwBu8WwOO/IW81yKpNMNflATKYreutki2oI
 z3BW3WGlOEJXIJeyea3EjTClQLhP0qdEn08StneHUdA+YS9nd6/jreHhta4r7gQs
 Z4B2yBap7P4a5glOzCafuIAdpPscKS096ND1k3APsiJPGaNjYtxhig5MGo89LK7e
 JNfw1KroAmifGVmrgDVwKI3MFLrvSh74phFXwnIAX5iK2U2wB/fiMQjVKmvY9tw=
 =NSw6
 -----END PGP SIGNATURE-----

Merge tag 'imx-fixes-4.11' of git://git.kernel.org/pub/scm/linux/kernel/git/shawnguo/linux into fixes

i.MX fixes for 4.11:
 - A fix to reboot hang seen on imx6sx-udoo-neo board, by removing
   arm-supply and soc-supply and using LDO enabled mode.

* tag 'imx-fixes-4.11' of git://git.kernel.org/pub/scm/linux/kernel/git/shawnguo/linux:
  ARM: dts: imx6sx-udoo-neo: Fix reboot hang

Signed-off-by: Olof Johansson <olof@lixom.net>
2017-03-21 17:29:50 -07:00
Will Deacon
713cc9df64 arm64: compat: Update compat syscalls
Hook up three pkey syscalls (which we don't implement) and the new statx
syscall, as has been done for arch/arm/.

Signed-off-by: Will Deacon <will.deacon@arm.com>
2017-03-21 18:10:40 +00:00
Paul Mackerras
fc36a90326 Revert "powerpc/64: Disable use of radix under a hypervisor"
This reverts commit 3f91a89d42.

Now that we do have the machinery for using the radix MMU under a
hypervisor, the extra check and comment introduced in 3f91a89d42 are
no longer correct.  The result is that when booted under a hypervisor
that only allows use of radix, we clear the MMU_FTR_TYPE_RADIX and
then set it again, and print a warning about ignoring the
disable_radix command line option, even though the command line does
not include "disable_radix".

Signed-off-by: Paul Mackerras <paulus@ozlabs.org>
Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
2017-03-21 16:50:28 +11:00
Wanpeng Li
6d1b3ad2cd KVM: nVMX: don't reset kvm mmu twice
kvm mmu is reset once successfully loading CR3 as part of emulating vmentry
in nested_vmx_load_cr3(). We should not reset kvm mmu twice.

Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Radim Krčmář <rkrcmar@redhat.com>
Signed-off-by: Wanpeng Li <wanpeng.li@hotmail.com>
Signed-off-by: Radim Krčmář <rkrcmar@redhat.com>
2017-03-20 16:25:06 +01:00
Dmitry Vyukov
3863dff0c3 kvm: fix usage of uninit spinlock in avic_vm_destroy()
If avic is not enabled, avic_vm_init() does nothing and returns early.
However, avic_vm_destroy() still tries to destroy what hasn't been created.
The only bad consequence of this now is that avic_vm_destroy() uses
svm_vm_data_hash_lock that hasn't been initialized (and is not meant
to be used at all if avic is not enabled).

Return early from avic_vm_destroy() if avic is not enabled.
It has nothing to destroy.

Signed-off-by: Dmitry Vyukov <dvyukov@google.com>
Cc: Joerg Roedel <joro@8bytes.org>
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: "Radim Krčmář" <rkrcmar@redhat.com>
Cc: David Hildenbrand <david@redhat.com>
Cc: kvm@vger.kernel.org
Cc: syzkaller@googlegroups.com
Reviewed-by: David Hildenbrand <david@redhat.com>
Signed-off-by: Radim Krčmář <rkrcmar@redhat.com>
2017-03-20 16:25:05 +01:00
Radim Krčmář
6c6c5e0311 KVM: VMX: downgrade warning on unexpected exit code
We never needed the call trace and we better rate-limit if it can be
triggered by a guest.

Signed-off-by: Radim Krčmář <rkrcmar@redhat.com>
2017-03-20 16:25:05 +01:00
Geert Uytterhoeven
e3b1ebd673 m68k: Wire up statx
Signed-off-by: Geert Uytterhoeven <geert@linux-m68k.org>
2017-03-20 11:27:28 +01:00
Geert Uytterhoeven
3820ed470e m68k/defconfig: Update defconfigs for v4.11-rc1
Signed-off-by: Geert Uytterhoeven <geert@linux-m68k.org>
2017-03-20 11:27:27 +01:00
Geert Uytterhoeven
066def56dc m68k/bitops: Correct signature of test_bit()
mm/filemap.c: In function ‘clear_bit_unlock_is_negative_byte’:
mm/filemap.c:933: warning: passing argument 2 of ‘test_bit’ discards qualifiers from pointer target type

Make the bitmask pointed to by the "vaddr" parameter volatile to fix
this, like is done on other architectures.

Signed-off-by: Geert Uytterhoeven <geert@linux-m68k.org>
2017-03-20 11:25:15 +01:00
Nicholas Piggin
6d98ce0be5 powerpc/64s: Fix idle wakeup potential to clobber registers
We concluded there may be a window where the idle wakeup code could get
to pnv_wakeup_tb_loss() (which clobbers non-volatile GPRs), but the
hardware may set SRR1[46:47] to 01b (no state loss) which would result
in the wakeup code failing to restore non-volatile GPRs.

I was not able to trigger this condition with trivial tests on real
hardware or simulator, but the ISA (at least 2.07) seems to allow for
it, and Gautham says that it can happen if there is an exception pending
when the sleep/winkle instruction is executed.

Fixes: 1706567117 ("powerpc/kvm: make hypervisor state restore a function")
Cc: stable@vger.kernel.org # v4.8+
Signed-off-by: Nicholas Piggin <npiggin@gmail.com>
Acked-by: Gautham R. Shenoy <ego@linux.vnet.ibm.com>
Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
2017-03-20 20:35:12 +11:00
Icenowy Zheng
9693219aa6 ARM: sun8i: a23/a33: drop bl_en_pin GPIO pinmux in reference design DTSI
The bl_en_pin GPIO pinmux is configured as "gpio_in", which makes it
conflicts with the real GPIO usage (out), and makes the backlight not
usable.

Drop the GPIO pinmux for it, thus this GPIO can be correctly used.

Signed-off-by: Icenowy Zheng <icenowy@aosc.xyz>
Signed-off-by: Maxime Ripard <maxime.ripard@free-electrons.com>
2017-03-20 09:31:42 +01:00
Florian Fainelli
0cdefd5b54 ARM: dts: sun7i: lamobo-r1: Fix CPU port RGMII settings
The CPU port of the BCM53125 is configured with RGMII (no delays) but
this should actually be RGMII with transmit delay (rgmii-txid) because
STMMAC takes care of inserting the transmitter delay. This fixes
occasional packet loss encountered.

Fixes: d7b9eaff5f ("ARM: dts: sun7i: Add BCM53125 switch nodes to the lamobo-r1 board")
Reported-by: Hartmut Knaack <knaack.h@gmx.de>
Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
Signed-off-by: Maxime Ripard <maxime.ripard@free-electrons.com>
2017-03-20 09:30:39 +01:00
Linus Torvalds
a07a6e4121 powerpc fixes for 4.11 #5
- Wire up statx() syscall
  - Don't print a warning on memory hotplug when HPT resizing isn't available
 
 Thanks to:
   David Gibson, Chandan Rajendra.
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIcBAABAgAGBQJYzjnLAAoJEFHr6jzI4aWAwcAQAIeOYvCaoxQg6IEFoWJVc+hv
 YfMy86TotkWFojQDV6OUddlz7S14AypjniegVq9aWOPIVwGqmDfp+W8qRfhUh3ab
 S+uorqmXzAFhIUpzVpVpX/nnK6C3eFQdaKCLOxM0Ev413AWUMu70cPmXlCR+x0Kx
 GxeV+nfIfBdyIL4yhK/aDHSItfUwNTmTPSyaUj17/cwLu7DwMjcwKWjrCYCzgBZW
 1hQeWo+yrfvJ1U4yMEGdnDfuTPnWQZsHMw3qSuPzPCnVMgV6YS3HC7/ZEUvBSSBJ
 Bwr6vVEsniLkHDgyFu3665y4abfvqw2iojXKuTpUQMp40T3RCZlT1FQoMvIoJQGC
 FSMUsqnEudjliURi92zq4ImSbPbezB2bG3EsK1jKOOQ9gGbQa2qjXc2CSJiCtZwE
 zsUCcwRFo8Pl1D/KYMTl52nQG3oOMQV/2ceX73HxajsdShXcyJxFEpMPv6aEKi1E
 YT5i2KUXq3sfFPNWe/4gtfOYX9j+tSqi+CRvnwDNZG+a3XLUk/VRptCeIyntH965
 8GYs28CxLz1qljBeAA7czo+1gpNhl1h6FNl1nhqyWRM6jdcLucMeEml0RYCYPmnk
 +jLO6CkYYpIraM0mRqAolM7fYAtm6dOphaeeezCJIMvD/NTdk+pH86JoA64GQZvE
 v1HXCc4lYyUFlvASrCNl
 =TfiW
 -----END PGP SIGNATURE-----

Merge tag 'powerpc-4.11-5' of git://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux

Pull more powerpc fixes from Michael Ellerman:
 "A couple of minor powerpc fixes for 4.11:

   - wire up statx() syscall

   - don't print a warning on memory hotplug when HPT resizing isn't
     available

  Thanks to: David Gibson, Chandan Rajendra"

* tag 'powerpc-4.11-5' of git://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux:
  powerpc/pseries: Don't give a warning when HPT resizing isn't available
  powerpc: Wire up statx() syscall
2017-03-19 18:49:28 -07:00
Linus Torvalds
4571bc5abf Merge branch 'parisc-4.11-2' of git://git.kernel.org/pub/scm/linux/kernel/git/deller/parisc-linux
Pull parisc fixes from Helge Deller:

 - Mikulas Patocka added support for R_PARISC_SECREL32 relocations in
   modules with CONFIG_MODVERSIONS.

 - Dave Anglin optimized the cache flushing for vmap ranges.

 - Arvind Yadav provided a fix for a potential NULL pointer dereference
   in the parisc perf code (and some code cleanups).

 - I wired up the new statx system call, fixed some compiler warnings
   with the access_ok() macro and fixed shutdown code to really halt a
   system at shutdown instead of crashing & rebooting.

* 'parisc-4.11-2' of git://git.kernel.org/pub/scm/linux/kernel/git/deller/parisc-linux:
  parisc: Fix system shutdown halt
  parisc: perf: Fix potential NULL pointer dereference
  parisc: Avoid compiler warnings with access_ok()
  parisc: Wire up statx system call
  parisc: Optimize flush_kernel_vmap_range and invalidate_kernel_vmap_range
  parisc: support R_PARISC_SECREL32 relocation in modules
2017-03-19 18:11:13 -07:00
Linus Torvalds
93afaa4513 OpenRISC fixes for 4.11
-----BEGIN PGP SIGNATURE-----
 
 iQIcBAABAgAGBQJYy4GpAAoJEMOzHC1eZifkRm8P/jD5fc3XqdBy9hHX2x5p0mtz
 UNO+tHIO5wjadsf6iMcS/2Ozc8SOXdAietnCK8khodn0RvXBUEW+samSxGKNY8zO
 0Oz3EcUEN3SEJ03sfMwE0G+O+LTUIgdSQ/2galTy6WqrrHVZV5Gp/z9JjDm19kUW
 j5U2/rqVBENSPb+nhOgeq59KpUep7RacXXLDCl34vmQKtFY2fMHa2ddOdtTEBJQh
 HXi7js0EfWeU6LNhMzcuUk1gwitfgNl85up2XBZmgxqe9J7Ysbosv8yH4GyrNjZU
 7TOM4NTUM+LHfVQHCemJ0Ie4CJqMzafY4cdrXC6YMIB86bbLZSMw64FBINcqg8XF
 +RASeFbzUZO38dRccepfRxmSoOPjrN4Nsj83pzdh/4jyD1gDVuQgIPwLONZag3sU
 g9W7bBPPTPaRXn4MA1iyqyLwck2RIpjSMW867LXrgs6cmZXLpccW/psh/c8w08h8
 8c4e++6IoiEuOp4TN0Z38TVT82apfQyfUkHepL26nI5YYgilfM8/9oPAM9l7WRSR
 Zyn7i3TEDX0kmt29ImUjf1ZBGIHzP3krepDkFi+gP5Xycf4sYLXjTffoqlbx9s4U
 8FVdXdiXJGAE3tm+H0DvbS+oTC3eW175SfJ88GZiYog3eWWPnYyMysk/Iv2qAZuE
 KUR4aVx5Rb5+gJAfga2/
 =lNoR
 -----END PGP SIGNATURE-----

Merge tag 'openrisc-for-linus' of git://github.com/openrisc/linux

Pull OpenRISC fixes from Stafford Horne:
 "OpenRISC fixes for build issues that were exposed by kbuild robots
  after 4.11 merge. All from allmodconfig builds. This includes:

   - bug in the handling of 8-byte get_user() calls

   - module build failure due to multile missing symbol exports"

* tag 'openrisc-for-linus' of git://github.com/openrisc/linux:
  openrisc: Export symbols needed by modules
  openrisc: fix issue handling 8 byte get_user calls
  openrisc: xchg: fix `computed is not used` warning
2017-03-18 15:50:39 -07:00
Helge Deller
73580dac76 parisc: Fix system shutdown halt
On those parisc machines which don't provide a software power off
function, the system currently kills the init process at the end of a
shutdown and unexpectedly restarts insteads of halting.
Fix it by adding a loop which will not return.

Signed-off-by: Helge Deller <deller@gmx.de>
Cc: stable@vger.kernel.org # 4.9+
2017-03-18 17:27:45 +01:00
Arvind Yadav
74e3f6e63d parisc: perf: Fix potential NULL pointer dereference
Fix potential NULL pointer dereference and clean up
coding style errors (code indent, trailing whitespaces).

Signed-off-by: Arvind Yadav <arvind.yadav.cs@gmail.com>
Signed-off-by: Helge Deller <deller@gmx.de>
2017-03-18 17:24:43 +01:00
Linus Torvalds
eab60d4e5b Merge branch 'x86-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
Pull x86 fixes from Thomas Gleixner:
 "An assorted pile of fixes along with some hardware enablement:

   - a fix for a KASAN / branch profiling related boot failure

   - some more fallout of the PUD rework

   - a fix for the Always Running Timer which is not initialized when
     the TSC frequency is known at boot time (via MSR/CPUID)

   - a resource leak fix for the RDT filesystem

   - another unwinder corner case fixup

   - removal of the warning for duplicate NMI handlers because there are
     legitimate cases where more than one handler can be registered at
     the last level

   - make a function static - found by sparse

   - a set of updates for the Intel MID platform which got delayed due
     to merge ordering constraints. It's hardware enablement for a non
     mainstream platform, so there is no risk"

* 'x86-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
  x86/mpx: Make unnecessarily global function static
  x86/intel_rdt: Put group node in rdtgroup_kn_unlock
  x86/unwind: Fix last frame check for aligned function stacks
  mm, x86: Fix native_pud_clear build error
  x86/kasan: Fix boot with KASAN=y and PROFILE_ANNOTATED_BRANCHES=y
  x86/platform/intel-mid: Add power button support for Merrifield
  x86/platform/intel-mid: Use common power off sequence
  x86/platform: Remove warning message for duplicate NMI handlers
  x86/tsc: Fix ART for TSC_KNOWN_FREQ
  x86/platform/intel-mid: Correct MSI IRQ line for watchdog device
2017-03-17 14:05:03 -07:00
Linus Torvalds
ae13373319 Merge branch 'x86-acpi-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
Pull x86 acpi fixes from Thomas Gleixner:
 "This update deals with the fallout of the recent work to make
  cpuid/node mappings persistent.

  It turned out that the boot time ACPI based mapping tripped over ACPI
  inconsistencies and caused regressions. It's partially reverted and
  the fragile part replaced by an implementation which makes the mapping
  persistent when a CPU goes online for the first time"

* 'x86-acpi-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
  acpi/processor: Check for duplicate processor ids at hotplug time
  acpi/processor: Implement DEVICE operator for processor enumeration
  x86/acpi: Restore the order of CPU IDs
  Revert"x86/acpi: Enable MADT APIs to return disabled apicids"
  Revert "x86/acpi: Set persistent cpuid <-> nodeid mapping when booting"
2017-03-17 14:01:40 -07:00
Linus Torvalds
a7fc726bb2 Merge branch 'perf-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
Pull perf fixes from Thomas Gleixner:
 "A set of perf related fixes:

   - fix a CR4.PCE propagation issue caused by usage of mm instead of
     active_mm and therefore propagated the wrong value.

   - perf core fixes, which plug a use-after-free issue and make the
     event inheritance on fork more robust.

   - a tooling fix for symbol handling"

* 'perf-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
  perf symbols: Fix symbols__fixup_end heuristic for corner cases
  x86/perf: Clarify why x86_pmu_event_mapped() isn't racy
  x86/perf: Fix CR4.PCE propagation to use active_mm instead of mm
  perf/core: Better explain the inherit magic
  perf/core: Simplify perf_event_free_task()
  perf/core: Fix event inheritance on fork()
  perf/core: Fix use-after-free in perf_release()
2017-03-17 13:59:52 -07:00
Linus Torvalds
c79d5ff0e2 Merge branch 'fixes' of git://git.armlinux.org.uk/~rmk/linux-arm
Pull ARM fix from Russell King:
 "Just one change to add the statx syscall this time around"

* 'fixes' of git://git.armlinux.org.uk/~rmk/linux-arm:
  ARM: wire up statx syscall
2017-03-17 12:14:49 -07:00
Andy Lutomirski
4b07372a32 x86/perf: Clarify why x86_pmu_event_mapped() isn't racy
Naively, it looks racy, but ->mmap_sem saves it.  Add a comment and a
lockdep assertion.

Signed-off-by: Andy Lutomirski <luto@kernel.org>
Cc: Alexander Shishkin <alexander.shishkin@linux.intel.com>
Cc: Arnaldo Carvalho de Melo <acme@redhat.com>
Cc: Borislav Petkov <bpetkov@suse.de>
Cc: H. Peter Anvin <hpa@zytor.com>
Cc: Jiri Olsa <jolsa@redhat.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Stephane Eranian <eranian@google.com>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Vince Weaver <vincent.weaver@maine.edu>
Link: http://lkml.kernel.org/r/03a1e629063899168dfc4707f3bb6e581e21f5c6.1489694270.git.luto@kernel.org
Signed-off-by: Ingo Molnar <mingo@kernel.org>
2017-03-17 08:28:26 +01:00
Andy Lutomirski
5dc855d44c x86/perf: Fix CR4.PCE propagation to use active_mm instead of mm
If one thread mmaps a perf event while another thread in the same mm
is in some context where active_mm != mm (which can happen in the
scheduler, for example), refresh_pce() would write the wrong value
to CR4.PCE.  This broke some PAPI tests.

Reported-and-tested-by: Vince Weaver <vincent.weaver@maine.edu>
Signed-off-by: Andy Lutomirski <luto@kernel.org>
Cc: Alexander Shishkin <alexander.shishkin@linux.intel.com>
Cc: Arnaldo Carvalho de Melo <acme@redhat.com>
Cc: Borislav Petkov <bpetkov@suse.de>
Cc: H. Peter Anvin <hpa@zytor.com>
Cc: Jiri Olsa <jolsa@redhat.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Stephane Eranian <eranian@google.com>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: stable@vger.kernel.org
Fixes: 7911d3f7af ("perf/x86: Only allow rdpmc if a perf_event is mapped")
Link: http://lkml.kernel.org/r/0c5b38a76ea50e405f9abe07a13dfaef87c173a1.1489694270.git.luto@kernel.org
Signed-off-by: Ingo Molnar <mingo@kernel.org>
2017-03-17 08:28:26 +01:00
Michael Ellerman
8971e1c79d powerpc/pseries: Don't give a warning when HPT resizing isn't available
As of commit 438cc81a41 ("powerpc/pseries: Automatically resize HPT
for memory hot add/remove"), when running on the pseries platform, we
always attempt to use the PAPR extension to resize the hashed page
table (HPT) when we add or remove memory.

This is fine, but when the extension is not available we'll give a
harmless, but scary warning. Instead check if the firmware supports HPT
resizing before populating the mmu_hash_ops.resize_hpt pointer.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
2017-03-17 16:10:58 +11:00