From b0c34f6155e2d8bbe096a85a770d63ee6be6c726 Mon Sep 17 00:00:00 2001 From: Ralf Baechle Date: Wed, 17 Dec 2014 11:39:30 +0100 Subject: [PATCH 01/23] MIPS: Do not fiddle with FRE unless FRE is actually available. Commit 4227a2d4efc9c84f35826dc4d1e6dc183f6c1c05 (MIPS: Support for hybrid FPRs) changes the kernel to execute read_c0_config5() even on processors that don't have a Config5 register. According to the arch spec the behaviour of trying to read or write this register is UNDEFINED where this register doesn't exist, that is merely looking at this register is already cruel because that might kill a kitten. In case of Qemu older than v2.2 Qemu has elected to implement this UNDEFINED behaviour by taking a RI exception - which then fries the kernel: [...] Freeing YAMON memory: 956k freed Freeing unused kernel memory: 240K (80674000 - 806b0000) Reserved instruction in kernel code[#1]: CPU: 0 PID: 1 Comm: init Not tainted 3.18.0-rc6-00058-g4227a2d #26 task: 86047588 ti: 86048000 task.ti: 86048000 $ 0 : 00000000 77a638cc 00000000 00000000 [...] For qemu v2.2.0 commit f31b035a9f10dc9b57f01c426110af845d453ce2 (target-mips: correctly handle access to unimplemented CP0 register) changed the behaviour to returning zero on read and ignoring writes which more matches how typical hardware implementations actually behave. Signed-off-by: Ralf Baechle --- arch/mips/include/asm/fpu.h | 43 +++++++++++++++++++++++-------------- 1 file changed, 27 insertions(+), 16 deletions(-) diff --git a/arch/mips/include/asm/fpu.h b/arch/mips/include/asm/fpu.h index 994d21939676..5528f4e2af6a 100644 --- a/arch/mips/include/asm/fpu.h +++ b/arch/mips/include/asm/fpu.h @@ -74,8 +74,10 @@ static inline int __enable_fpu(enum fpu_mode mode) #endif /* fall through */ case FPU_32BIT: - /* clear FRE */ - write_c0_config5(read_c0_config5() & ~MIPS_CONF5_FRE); + if (cpu_has_fre) { + /* clear FRE */ + write_c0_config5(read_c0_config5() & ~MIPS_CONF5_FRE); + } fr_common: /* set CU1 & change FR appropriately */ fr = (int)mode & FPU_FR_MASK; @@ -182,25 +184,34 @@ static inline int init_fpu(void) int ret = 0; if (cpu_has_fpu) { + unsigned int config5; + ret = __own_fpu(); - if (!ret) { - unsigned int config5 = read_c0_config5(); - - /* - * Ensure FRE is clear whilst running _init_fpu, since - * single precision FP instructions are used. If FRE - * was set then we'll just end up initialising all 32 - * 64b registers. - */ - write_c0_config5(config5 & ~MIPS_CONF5_FRE); - enable_fpu_hazard(); + if (ret) + return ret; + if (!cpu_has_fre) { _init_fpu(); - /* Restore FRE */ - write_c0_config5(config5); - enable_fpu_hazard(); + return 0; } + + config5 = read_c0_config5(); + + /* + * Ensure FRE is clear whilst running _init_fpu, since + * single precision FP instructions are used. If FRE + * was set then we'll just end up initialising all 32 + * 64b registers. + */ + write_c0_config5(config5 & ~MIPS_CONF5_FRE); + enable_fpu_hazard(); + + _init_fpu(); + + /* Restore FRE */ + write_c0_config5(config5); + enable_fpu_hazard(); } else fpu_emulator_init_fpu(); From d33e6fe3ca74108e8e6ea1f5560b21c834b579a5 Mon Sep 17 00:00:00 2001 From: Ralf Baechle Date: Wed, 17 Dec 2014 11:46:40 +0100 Subject: [PATCH 02/23] MIPS: FRE: Use set/clear_c0_config5 instead of open coded sequences. Signed-off-by: Ralf Baechle --- arch/mips/include/asm/fpu.h | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/arch/mips/include/asm/fpu.h b/arch/mips/include/asm/fpu.h index 5528f4e2af6a..affebb78f5d6 100644 --- a/arch/mips/include/asm/fpu.h +++ b/arch/mips/include/asm/fpu.h @@ -64,7 +64,7 @@ static inline int __enable_fpu(enum fpu_mode mode) return SIGFPE; /* set FRE */ - write_c0_config5(read_c0_config5() | MIPS_CONF5_FRE); + set_c0_config5(MIPS_CONF5_FRE); goto fr_common; case FPU_64BIT: @@ -76,7 +76,7 @@ static inline int __enable_fpu(enum fpu_mode mode) case FPU_32BIT: if (cpu_has_fre) { /* clear FRE */ - write_c0_config5(read_c0_config5() & ~MIPS_CONF5_FRE); + clear_c0_config5(MIPS_CONF5_FRE); } fr_common: /* set CU1 & change FR appropriately */ @@ -196,15 +196,13 @@ static inline int init_fpu(void) return 0; } - config5 = read_c0_config5(); - /* * Ensure FRE is clear whilst running _init_fpu, since * single precision FP instructions are used. If FRE * was set then we'll just end up initialising all 32 * 64b registers. */ - write_c0_config5(config5 & ~MIPS_CONF5_FRE); + config5 = clear_c0_config5(MIPS_CONF5_FRE); enable_fpu_hazard(); _init_fpu(); From b8e7d196f1b6c8045c39ff300295969c087ec3f0 Mon Sep 17 00:00:00 2001 From: Ralf Baechle Date: Wed, 17 Dec 2014 12:13:52 +0100 Subject: [PATCH 03/23] MIPS: Update malta_defconfig to something that works out of the box. In particular the use of the antiquated PIX PATA drivers was a nuiscance since most userland has switched to the new /dev/sda drivers as well as the lack of EXT4. Signed-off-by: Ralf Baechle --- arch/mips/configs/malta_defconfig | 16 ++++------------ 1 file changed, 4 insertions(+), 12 deletions(-) diff --git a/arch/mips/configs/malta_defconfig b/arch/mips/configs/malta_defconfig index f57b96dcf7df..61a4460d67d3 100644 --- a/arch/mips/configs/malta_defconfig +++ b/arch/mips/configs/malta_defconfig @@ -132,7 +132,6 @@ CONFIG_IP_NF_MATCH_ECN=m CONFIG_IP_NF_MATCH_TTL=m CONFIG_IP_NF_FILTER=m CONFIG_IP_NF_TARGET_REJECT=m -CONFIG_IP_NF_TARGET_ULOG=m CONFIG_IP_NF_MANGLE=m CONFIG_IP_NF_TARGET_CLUSTERIP=m CONFIG_IP_NF_TARGET_ECN=m @@ -175,7 +174,6 @@ CONFIG_BRIDGE_EBT_MARK_T=m CONFIG_BRIDGE_EBT_REDIRECT=m CONFIG_BRIDGE_EBT_SNAT=m CONFIG_BRIDGE_EBT_LOG=m -CONFIG_BRIDGE_EBT_ULOG=m CONFIG_BRIDGE_EBT_NFLOG=m CONFIG_IP_SCTP=m CONFIG_BRIDGE=m @@ -220,8 +218,6 @@ CONFIG_NET_ACT_SKBEDIT=m CONFIG_NET_CLS_IND=y CONFIG_CFG80211=m CONFIG_MAC80211=m -CONFIG_MAC80211_RC_PID=y -CONFIG_MAC80211_RC_DEFAULT_PID=y CONFIG_MAC80211_MESH=y CONFIG_RFKILL=m CONFIG_UEVENT_HELPER_PATH="/sbin/hotplug" @@ -248,19 +244,13 @@ CONFIG_ATA_OVER_ETH=m CONFIG_IDE=y CONFIG_BLK_DEV_IDECD=y CONFIG_IDE_GENERIC=y -CONFIG_BLK_DEV_GENERIC=y -CONFIG_BLK_DEV_PIIX=y -CONFIG_BLK_DEV_IT8213=m -CONFIG_BLK_DEV_TC86C001=m CONFIG_RAID_ATTRS=m -CONFIG_SCSI=m -CONFIG_BLK_DEV_SD=m +CONFIG_BLK_DEV_SD=y CONFIG_CHR_DEV_ST=m CONFIG_CHR_DEV_OSST=m CONFIG_BLK_DEV_SR=m CONFIG_BLK_DEV_SR_VENDOR=y CONFIG_CHR_DEV_SG=m -CONFIG_SCSI_MULTI_LUN=y CONFIG_SCSI_CONSTANTS=y CONFIG_SCSI_LOGGING=y CONFIG_SCSI_SCAN_ASYNC=y @@ -273,6 +263,8 @@ CONFIG_SCSI_AACRAID=m CONFIG_SCSI_AIC7XXX=m CONFIG_AIC7XXX_RESET_DELAY_MS=15000 # CONFIG_AIC7XXX_DEBUG_ENABLE is not set +CONFIG_ATA=y +CONFIG_ATA_PIIX=y CONFIG_MD=y CONFIG_BLK_DEV_MD=m CONFIG_MD_LINEAR=m @@ -340,6 +332,7 @@ CONFIG_UIO=m CONFIG_UIO_CIF=m CONFIG_EXT2_FS=y CONFIG_EXT3_FS=y +CONFIG_EXT4_FS=y CONFIG_REISERFS_FS=m CONFIG_REISERFS_PROC_INFO=y CONFIG_REISERFS_FS_XATTR=y @@ -441,4 +434,3 @@ CONFIG_CRYPTO_SERPENT=m CONFIG_CRYPTO_TEA=m CONFIG_CRYPTO_TWOFISH=m # CONFIG_CRYPTO_ANSI_CPRNG is not set -CONFIG_CRC16=m From 389cdc5d359c48c36c3512645ec2533370aa6eb3 Mon Sep 17 00:00:00 2001 From: Ralf Baechle Date: Wed, 17 Dec 2014 12:34:04 +0100 Subject: [PATCH 04/23] MIPS: Wire up execveat(2). Signed-off-by: Ralf Baechle --- arch/mips/include/uapi/asm/unistd.h | 15 +++++++++------ arch/mips/kernel/scall32-o32.S | 1 + arch/mips/kernel/scall64-64.S | 1 + arch/mips/kernel/scall64-n32.S | 1 + arch/mips/kernel/scall64-o32.S | 1 + 5 files changed, 13 insertions(+), 6 deletions(-) diff --git a/arch/mips/include/uapi/asm/unistd.h b/arch/mips/include/uapi/asm/unistd.h index d001bb1ad177..c03088f9f514 100644 --- a/arch/mips/include/uapi/asm/unistd.h +++ b/arch/mips/include/uapi/asm/unistd.h @@ -376,16 +376,17 @@ #define __NR_getrandom (__NR_Linux + 353) #define __NR_memfd_create (__NR_Linux + 354) #define __NR_bpf (__NR_Linux + 355) +#define __NR_execveat (__NR_Linux + 356) /* * Offset of the last Linux o32 flavoured syscall */ -#define __NR_Linux_syscalls 355 +#define __NR_Linux_syscalls 356 #endif /* _MIPS_SIM == _MIPS_SIM_ABI32 */ #define __NR_O32_Linux 4000 -#define __NR_O32_Linux_syscalls 355 +#define __NR_O32_Linux_syscalls 356 #if _MIPS_SIM == _MIPS_SIM_ABI64 @@ -709,16 +710,17 @@ #define __NR_getrandom (__NR_Linux + 313) #define __NR_memfd_create (__NR_Linux + 314) #define __NR_bpf (__NR_Linux + 315) +#define __NR_execveat (__NR_Linux + 316) /* * Offset of the last Linux 64-bit flavoured syscall */ -#define __NR_Linux_syscalls 315 +#define __NR_Linux_syscalls 316 #endif /* _MIPS_SIM == _MIPS_SIM_ABI64 */ #define __NR_64_Linux 5000 -#define __NR_64_Linux_syscalls 315 +#define __NR_64_Linux_syscalls 316 #if _MIPS_SIM == _MIPS_SIM_NABI32 @@ -1046,15 +1048,16 @@ #define __NR_getrandom (__NR_Linux + 317) #define __NR_memfd_create (__NR_Linux + 318) #define __NR_bpf (__NR_Linux + 319) +#define __NR_execveat (__NR_Linux + 320) /* * Offset of the last N32 flavoured syscall */ -#define __NR_Linux_syscalls 319 +#define __NR_Linux_syscalls 320 #endif /* _MIPS_SIM == _MIPS_SIM_NABI32 */ #define __NR_N32_Linux 6000 -#define __NR_N32_Linux_syscalls 319 +#define __NR_N32_Linux_syscalls 320 #endif /* _UAPI_ASM_UNISTD_H */ diff --git a/arch/mips/kernel/scall32-o32.S b/arch/mips/kernel/scall32-o32.S index 00cad1005a16..c5bf845c7dd4 100644 --- a/arch/mips/kernel/scall32-o32.S +++ b/arch/mips/kernel/scall32-o32.S @@ -580,3 +580,4 @@ EXPORT(sys_call_table) PTR sys_getrandom PTR sys_memfd_create PTR sys_bpf /* 4355 */ + PTR sys_execveat diff --git a/arch/mips/kernel/scall64-64.S b/arch/mips/kernel/scall64-64.S index 5251565e344b..ad4d44635c76 100644 --- a/arch/mips/kernel/scall64-64.S +++ b/arch/mips/kernel/scall64-64.S @@ -435,4 +435,5 @@ EXPORT(sys_call_table) PTR sys_getrandom PTR sys_memfd_create PTR sys_bpf /* 5315 */ + PTR sys_execveat .size sys_call_table,.-sys_call_table diff --git a/arch/mips/kernel/scall64-n32.S b/arch/mips/kernel/scall64-n32.S index 77e74398b828..446cc654da56 100644 --- a/arch/mips/kernel/scall64-n32.S +++ b/arch/mips/kernel/scall64-n32.S @@ -428,4 +428,5 @@ EXPORT(sysn32_call_table) PTR sys_getrandom PTR sys_memfd_create PTR sys_bpf + PTR compat_sys_execveat /* 6320 */ .size sysn32_call_table,.-sysn32_call_table diff --git a/arch/mips/kernel/scall64-o32.S b/arch/mips/kernel/scall64-o32.S index 6f8db9f728e8..4fdca4fb7943 100644 --- a/arch/mips/kernel/scall64-o32.S +++ b/arch/mips/kernel/scall64-o32.S @@ -565,4 +565,5 @@ EXPORT(sys32_call_table) PTR sys_getrandom PTR sys_memfd_create PTR sys_bpf /* 4355 */ + PTR compat_sys_execveat .size sys32_call_table,.-sys32_call_table From 942e22dff290d244051fc67d169958f241fd8df0 Mon Sep 17 00:00:00 2001 From: Brian Norris Date: Wed, 17 Dec 2014 18:39:01 -0800 Subject: [PATCH 05/23] MIPS: JZ4740: Fixup #include's (sparse) Fixes sparse warnings: arch/mips/jz4740/irq.c:63:6: warning: symbol 'jz4740_irq_suspend' was not declared. Should it be static? arch/mips/jz4740/irq.c:69:6: warning: symbol 'jz4740_irq_resume' was not declared. Should it be static? Also, I've seen some elusive build errors on my automated build test where JZ4740_IRQ_BASE and NR_IRQS are missing, but I can't reproduce them manually for some reason. Anyway, mach-jz4740/irq.h should help us avoid relying on some implicit include. Signed-off-by: Brian Norris Cc: linux-mips@linux-mips.org Patchwork: https://patchwork.linux-mips.org/patch/8724/ Acked-by: Lars-Peter Clausen Signed-off-by: Ralf Baechle --- arch/mips/jz4740/irq.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/arch/mips/jz4740/irq.c b/arch/mips/jz4740/irq.c index 2531da1d3add..97206b3deb97 100644 --- a/arch/mips/jz4740/irq.c +++ b/arch/mips/jz4740/irq.c @@ -30,6 +30,9 @@ #include #include +#include + +#include "irq.h" static void __iomem *jz_intc_base; From 78aaf956ba3ae0bfabbadc0393395cc4f7a7070f Mon Sep 17 00:00:00 2001 From: Ralf Baechle Date: Fri, 19 Dec 2014 01:18:03 +0100 Subject: [PATCH 06/23] MIPS: Compat: Fix build error if CONFIG_MIPS32_COMPAT but no compat ABI. In that case nor __NR_seccomp_*_32 symbols will be defined in so the attempt to use it in kernel.seccomp.c will fail with: kernel/seccomp.c:565:2: error: '__NR_seccomp_read_32' undeclared here (not in a function) __NR_seccomp_read_32, __NR_seccomp_write_32, __NR_seccomp_exit_32, __NR_seccomp_sigreturn_32, ^ kernel/seccomp.c:565:24: error: '__NR_seccomp_write_32' undeclared here (not in a function) __NR_seccomp_read_32, __NR_seccomp_write_32, __NR_seccomp_exit_32, __NR_seccomp_sigreturn_32, ^ kernel/seccomp.c:565:47: error: '__NR_seccomp_exit_32' undeclared here (not in a function) __NR_seccomp_read_32, __NR_seccomp_write_32, __NR_seccomp_exit_32, __NR_seccomp_sigreturn_32, ^ kernel/seccomp.c:565:69: error: '__NR_seccomp_sigreturn_32' undeclared here (not in a function) __NR_seccomp_read_32, __NR_seccomp_write_32, __NR_seccomp_exit_32, __NR_seccomp_sigreturn_32, Solved by changing the compat ABIs in kconfig to select MIPS32_COMPAT directly. This also means the user no longer has to select MIPS32_COMPAT before being able to see the ABI options. Signed-off-by: Ralf Baechle --- arch/mips/Kconfig | 21 +++++++++------------ 1 file changed, 9 insertions(+), 12 deletions(-) diff --git a/arch/mips/Kconfig b/arch/mips/Kconfig index 3289969ee423..f4d6616877f2 100644 --- a/arch/mips/Kconfig +++ b/arch/mips/Kconfig @@ -2656,27 +2656,21 @@ config TRAD_SIGNALS bool config MIPS32_COMPAT - bool "Kernel support for Linux/MIPS 32-bit binary compatibility" - depends on 64BIT - help - Select this option if you want Linux/MIPS 32-bit binary - compatibility. Since all software available for Linux/MIPS is - currently 32-bit you should say Y here. + bool config COMPAT bool - depends on MIPS32_COMPAT - select ARCH_WANT_OLD_COMPAT_IPC - default y config SYSVIPC_COMPAT bool - depends on COMPAT && SYSVIPC - default y config MIPS32_O32 bool "Kernel support for o32 binaries" - depends on MIPS32_COMPAT + depends on 64BIT + select ARCH_WANT_OLD_COMPAT_IPC + select COMPAT + select MIPS32_COMPAT + select SYSVIPC_COMPAT if SYSVIPC help Select this option if you want to run o32 binaries. These are pure 32-bit binaries as used by the 32-bit Linux/MIPS port. Most of @@ -2687,6 +2681,9 @@ config MIPS32_O32 config MIPS32_N32 bool "Kernel support for n32 binaries" depends on MIPS32_COMPAT + select COMPAT + select MIPS32_COMPAT + select SYSVIPC_COMPAT if SYSVIPC help Select this option if you want to run n32 binaries. These are 64-bit binaries using 32-bit quantities for addressing and certain From c22eacfe82f9c98408f6e7336a2b500a45c9f732 Mon Sep 17 00:00:00 2001 From: Ralf Baechle Date: Sat, 3 Jan 2015 12:10:23 +0100 Subject: [PATCH 07/23] MIPS: Kconfig: Fix recursive dependency. [...] HOSTCC scripts/kconfig/zconf.tab.o HOSTLD scripts/kconfig/conf arch/mips/Kconfig:2681:error: recursive dependency detected! arch/mips/Kconfig:2681: symbol MIPS32_N32 depends on MIPS32_COMPAT arch/mips/Kconfig:2658: symbol MIPS32_COMPAT is selected by MIPS32_N32 Introduced by d74473bdf7a4c1ef7ae2b75f585fe5649ac2dcea (MIPS: Compat: Fix build error if CONFIG_MIPS32_COMPAT but no compat ABI.) Signed-off-by: Ralf Baechle --- arch/mips/Kconfig | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/mips/Kconfig b/arch/mips/Kconfig index f4d6616877f2..843713c05b79 100644 --- a/arch/mips/Kconfig +++ b/arch/mips/Kconfig @@ -2680,7 +2680,7 @@ config MIPS32_O32 config MIPS32_N32 bool "Kernel support for n32 binaries" - depends on MIPS32_COMPAT + depends on 64BIT select COMPAT select MIPS32_COMPAT select SYSVIPC_COMPAT if SYSVIPC From 50083928bcb38bc847cb885fd70f79a63cabd9b5 Mon Sep 17 00:00:00 2001 From: James Hogan Date: Mon, 5 Jan 2015 15:45:30 +0000 Subject: [PATCH 08/23] MIPS: mips-cm: Fix sparse warnings Sparse emits a bunch of warnings in mips-cm.h due to casting away of __iomem by the addr_gcr_*() functions: arch/mips/include/asm/mips-cm.h:134:1: warning: cast removes address space of expression And subsequent passing of the return values to __raw_readl() and __raw_writel() in the read_gcr_*() and write_gcr_*() functions: arch/mips/include/asm/mips-cm.h:134:1: warning: incorrect type in argument 2 (different address spaces) arch/mips/include/asm/mips-cm.h:134:1: expected void volatile [noderef] *mem arch/mips/include/asm/mips-cm.h:134:1: got unsigned int [usertype] * arch/mips/include/asm/mips-cm.h:134:1: warning: incorrect type in argument 1 (different address spaces) arch/mips/include/asm/mips-cm.h:134:1: expected void const volatile [noderef] *mem arch/mips/include/asm/mips-cm.h:134:1: got unsigned int [usertype] * Fix by adding __iomem to the addr_gcr_*() return type and cast. Signed-off-by: James Hogan Cc: Paul Burton Cc: linux-mips@linux-mips.org Patchwork: https://patchwork.linux-mips.org/patch/8874/ Signed-off-by: Ralf Baechle --- arch/mips/include/asm/mips-cm.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/arch/mips/include/asm/mips-cm.h b/arch/mips/include/asm/mips-cm.h index b95a827d763e..59c0901bdd84 100644 --- a/arch/mips/include/asm/mips-cm.h +++ b/arch/mips/include/asm/mips-cm.h @@ -89,9 +89,9 @@ static inline bool mips_cm_has_l2sync(void) /* Macros to ease the creation of register access functions */ #define BUILD_CM_R_(name, off) \ -static inline u32 *addr_gcr_##name(void) \ +static inline u32 __iomem *addr_gcr_##name(void) \ { \ - return (u32 *)(mips_cm_base + (off)); \ + return (u32 __iomem *)(mips_cm_base + (off)); \ } \ \ static inline u32 read_gcr_##name(void) \ From fd75a33e0002d2f850c67c775df47c4d479c20c1 Mon Sep 17 00:00:00 2001 From: James Cowgill Date: Wed, 14 Jan 2015 16:37:14 +0000 Subject: [PATCH 09/23] MIPS: ELF: fix loading o32 binaries on 64-bit kernels Commit 90cee759f08a ("MIPS: ELF: Set FP mode according to .MIPS.abiflags") introduced checking of the .MIPS.abiflags ELF section but did so through the native sized "elfhdr" and "elf_phdr" structures regardless whether the ELF was actually 32-bit or 64-bit. This produces wrong results when trying to use a 64-bit kernel to load o32 ELF files. Change the uses of the generic elf structures to their 32-bit versions. Since the code bails out on any 64-bit cases, this is OK until they are implemented. Fixes: 90cee759f08a ("MIPS: ELF: Set FP mode according to .MIPS.abiflags") Signed-off-by: James Cowgill Cc: linux-mips@linux-mips.org Cc: Paul Burton Reviewed-by: Maciej W. Rozycki Patchwork: https://patchwork.linux-mips.org/patch/8932/ Signed-off-by: Ralf Baechle --- arch/mips/kernel/elf.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/arch/mips/kernel/elf.c b/arch/mips/kernel/elf.c index c92b15df6893..a5b5b56485c1 100644 --- a/arch/mips/kernel/elf.c +++ b/arch/mips/kernel/elf.c @@ -19,8 +19,8 @@ enum { int arch_elf_pt_proc(void *_ehdr, void *_phdr, struct file *elf, bool is_interp, struct arch_elf_state *state) { - struct elfhdr *ehdr = _ehdr; - struct elf_phdr *phdr = _phdr; + struct elf32_hdr *ehdr = _ehdr; + struct elf32_phdr *phdr = _phdr; struct mips_elf_abiflags_v0 abiflags; int ret; @@ -48,7 +48,7 @@ int arch_elf_pt_proc(void *_ehdr, void *_phdr, struct file *elf, return 0; } -static inline unsigned get_fp_abi(struct elfhdr *ehdr, int in_abi) +static inline unsigned get_fp_abi(struct elf32_hdr *ehdr, int in_abi) { /* If the ABI requirement is provided, simply return that */ if (in_abi != -1) @@ -65,7 +65,7 @@ static inline unsigned get_fp_abi(struct elfhdr *ehdr, int in_abi) int arch_check_elf(void *_ehdr, bool has_interpreter, struct arch_elf_state *state) { - struct elfhdr *ehdr = _ehdr; + struct elf32_hdr *ehdr = _ehdr; unsigned fp_abi, interp_fp_abi, abi0, abi1; /* Ignore non-O32 binaries */ From e967ef022e00bb7c2e5b1a42007abfdd52055050 Mon Sep 17 00:00:00 2001 From: Ed Swierk Date: Mon, 12 Jan 2015 21:10:30 -0800 Subject: [PATCH 10/23] MIPS: Fix restart of indirect syscalls When 32-bit MIPS userspace invokes a syscall indirectly via syscall(number, arg1, ..., arg7), the kernel looks up the actual syscall based on the given number, shifts the other arguments to the left, and jumps to the syscall. If the syscall is interrupted by a signal and indicates it needs to be restarted by the kernel (by returning ERESTARTNOINTR for example), the syscall must be called directly, since the number is no longer the first argument, and the other arguments are now staged for a direct call. Before shifting the arguments, store the syscall number in pt_regs->regs[2]. This gets copied temporarily into pt_regs->regs[0] after the syscall returns. If the syscall needs to be restarted, handle_signal()/do_signal() copies the number back to pt_regs->reg[2], which ends up in $v0 once control returns to userspace. Signed-off-by: Ed Swierk Cc: linux-mips@linux-mips.org Patchwork: https://patchwork.linux-mips.org/patch/8929/ Signed-off-by: Ralf Baechle --- arch/mips/kernel/scall32-o32.S | 1 + arch/mips/kernel/scall64-o32.S | 1 + 2 files changed, 2 insertions(+) diff --git a/arch/mips/kernel/scall32-o32.S b/arch/mips/kernel/scall32-o32.S index c5bf845c7dd4..6e8de80bb446 100644 --- a/arch/mips/kernel/scall32-o32.S +++ b/arch/mips/kernel/scall32-o32.S @@ -181,6 +181,7 @@ illegal_syscall: sll t1, t0, 2 beqz v0, einval lw t2, sys_call_table(t1) # syscall routine + sw a0, PT_R2(sp) # call routine directly on restart /* Some syscalls like execve get their arguments from struct pt_regs and claim zero arguments in the syscall table. Thus we have to diff --git a/arch/mips/kernel/scall64-o32.S b/arch/mips/kernel/scall64-o32.S index 4fdca4fb7943..d07b210fbeff 100644 --- a/arch/mips/kernel/scall64-o32.S +++ b/arch/mips/kernel/scall64-o32.S @@ -186,6 +186,7 @@ LEAF(sys32_syscall) dsll t1, t0, 3 beqz v0, einval ld t2, sys32_call_table(t1) # syscall routine + sd a0, PT_R2(sp) # call routine directly on restart move a0, a1 # shift argument registers move a1, a2 From c3f134fb395d3903f4c7cad53a9a844b2673ce9f Mon Sep 17 00:00:00 2001 From: James Hogan Date: Fri, 16 Jan 2015 11:10:46 +0000 Subject: [PATCH 11/23] MIPS: smp-mt,smp-cmp: Enable all HW IRQs on secondary CPUs Commit 18743d2781d0 ("irqchip: mips-gic: Stop using per-platform mapping tables") in v3.19-rc1 changed the routing of IPIs through the GIC to go to the HW0 IRQ pin along with the rest of the GIC interrupts, rather than to HW1 and HW2 pins. This breaks SMP boot using the CMP or MT SMP implementations because HW0 doesn't get unmasked when secondary CPUs are initialised so the IPIs will never interrupt secondary CPUs (nor any other interrupts routed through the GIC). Commit ff1e29ade4c6 ("MIPS: smp-cps: Enable all hardware interrupts on secondary CPUs") fixed this in advance for the CPS SMP implementation by unmasking all hardware interrupt lines for secondary CPUs, so lets do the same for the CMP and MT implementations. Fixes: 18743d2781d0 ("irqchip: mips-gic: Stop using per-platform mapping tables") Signed-off-by: James Hogan Cc: Andrew Bresticker Cc: Qais Yousef Cc: linux-mips@linux-mips.org Patchwork: https://patchwork.linux-mips.org/patch/9025/ Signed-off-by: Ralf Baechle --- arch/mips/kernel/smp-cmp.c | 4 ++-- arch/mips/kernel/smp-mt.c | 3 ++- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/arch/mips/kernel/smp-cmp.c b/arch/mips/kernel/smp-cmp.c index 1e0a93c5a3e7..e36a859af666 100644 --- a/arch/mips/kernel/smp-cmp.c +++ b/arch/mips/kernel/smp-cmp.c @@ -44,8 +44,8 @@ static void cmp_init_secondary(void) struct cpuinfo_mips *c __maybe_unused = ¤t_cpu_data; /* Assume GIC is present */ - change_c0_status(ST0_IM, STATUSF_IP3 | STATUSF_IP4 | STATUSF_IP6 | - STATUSF_IP7); + change_c0_status(ST0_IM, STATUSF_IP2 | STATUSF_IP3 | STATUSF_IP4 | + STATUSF_IP5 | STATUSF_IP6 | STATUSF_IP7); /* Enable per-cpu interrupts: platform specific */ diff --git a/arch/mips/kernel/smp-mt.c b/arch/mips/kernel/smp-mt.c index ad86951b73bd..17ea705f6c40 100644 --- a/arch/mips/kernel/smp-mt.c +++ b/arch/mips/kernel/smp-mt.c @@ -161,7 +161,8 @@ static void vsmp_init_secondary(void) #ifdef CONFIG_MIPS_GIC /* This is Malta specific: IPI,performance and timer interrupts */ if (gic_present) - change_c0_status(ST0_IM, STATUSF_IP3 | STATUSF_IP4 | + change_c0_status(ST0_IM, STATUSF_IP2 | STATUSF_IP3 | + STATUSF_IP4 | STATUSF_IP5 | STATUSF_IP6 | STATUSF_IP7); else #endif From a3e6c1eff54878506b2dddcc202df9cc8180facb Mon Sep 17 00:00:00 2001 From: Felix Fietkau Date: Thu, 15 Jan 2015 19:05:28 +0100 Subject: [PATCH 12/23] MIPS: IRQ: Fix disable_irq on CPU IRQs If the irq_chip does not define .irq_disable, any call to disable_irq will defer disabling the IRQ until it fires while marked as disabled. This assumes that the handler function checks for this condition, which handle_percpu_irq does not. In this case, calling disable_irq leads to an IRQ storm, if the interrupt fires while disabled. This optimization is only useful when disabling the IRQ is slow, which is not true for the MIPS CPU IRQ. Disable this optimization by implementing .irq_disable and .irq_enable Signed-off-by: Felix Fietkau Cc: stable@vger.kernel.org Cc: linux-mips@linux-mips.org Patchwork: https://patchwork.linux-mips.org/patch/8949/ Signed-off-by: Ralf Baechle --- arch/mips/kernel/irq_cpu.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/arch/mips/kernel/irq_cpu.c b/arch/mips/kernel/irq_cpu.c index 590c2c980fd3..6eb7a3f515fc 100644 --- a/arch/mips/kernel/irq_cpu.c +++ b/arch/mips/kernel/irq_cpu.c @@ -57,6 +57,8 @@ static struct irq_chip mips_cpu_irq_controller = { .irq_mask_ack = mask_mips_irq, .irq_unmask = unmask_mips_irq, .irq_eoi = unmask_mips_irq, + .irq_disable = mask_mips_irq, + .irq_enable = unmask_mips_irq, }; /* @@ -93,6 +95,8 @@ static struct irq_chip mips_mt_cpu_irq_controller = { .irq_mask_ack = mips_mt_cpu_irq_ack, .irq_unmask = unmask_mips_irq, .irq_eoi = unmask_mips_irq, + .irq_disable = mask_mips_irq, + .irq_enable = unmask_mips_irq, }; asmlinkage void __weak plat_irq_dispatch(void) From 93000719491581990a8a1094eaadbf3bdccf2a5f Mon Sep 17 00:00:00 2001 From: Ralf Baechle Date: Mon, 19 Jan 2015 12:53:49 +0100 Subject: [PATCH 13/23] MIPS: ARC: Fix build error. [...] struct component { ^ In file included from ./arch/mips/include/asm/sn/klconfig.h:58:0, from ./arch/mips/include/asm/sn/module.h:12, from ./arch/mips/include/asm/sn/node.h:8, from ./arch/mips/include/asm/mach-ip35/mmzone.h:4, from ./arch/mips/include/asm/mmzone.h:9, from ./arch/mips/include/asm/mach-ip35/topology.h:7, from ./arch/mips/include/asm/topology.h:11, from include/linux/topology.h:35, from include/linux/gfp.h:8, from include/linux/device.h:29, from drivers/base/component.c:14: ./arch/mips/include/asm/fw/arc/hinv.h:122:16: note: originally defined here typedef struct component { ^ make[2]: *** [drivers/base/component.o] Error 1 make[2]: Target `__build' not remade because of errors. make[1]: *** [drivers/base] Error 2 make[1]: Target `__build' not remade because of errors. Fix by using an nameless struct definition in the COMPONENT definition. Which is what the ARC spec uses anyway. While at it, do the same thing for two other typedefs. Signed-off-by: Ralf Baechle --- arch/mips/include/asm/fw/arc/hinv.h | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/arch/mips/include/asm/fw/arc/hinv.h b/arch/mips/include/asm/fw/arc/hinv.h index f8d37d1df5de..9fac64a26353 100644 --- a/arch/mips/include/asm/fw/arc/hinv.h +++ b/arch/mips/include/asm/fw/arc/hinv.h @@ -119,7 +119,7 @@ union key_u { #define SGI_ARCS_REV 10 /* rev .10, 3/04/92 */ #endif -typedef struct component { +typedef struct { CONFIGCLASS Class; CONFIGTYPE Type; IDENTIFIERFLAG Flags; @@ -140,7 +140,7 @@ struct cfgdata { }; /* System ID */ -typedef struct systemid { +typedef struct { CHAR VendorId[8]; CHAR ProductId[8]; } SYSTEMID; @@ -166,7 +166,7 @@ typedef enum memorytype { #endif /* _NT_PROM */ } MEMORYTYPE; -typedef struct memorydescriptor { +typedef struct { MEMORYTYPE Type; LONG BasePage; LONG PageCount; From 63a87fe0d0de2ce126a8cec9a299a133cfd5658e Mon Sep 17 00:00:00 2001 From: Aaro Koskinen Date: Thu, 15 Jan 2015 23:01:58 +0200 Subject: [PATCH 14/23] MIPS: OCTEON: fix kernel crash when offlining a CPU octeon_cpu_disable() will unconditionally enable interrupts when called. We can assume that the routine is always called with interrupts disabled, so just delete the incorrect local_irq_disable/enable(). The patch fixes the following crash when offlining a CPU: [ 93.818785] ------------[ cut here ]------------ [ 93.823421] WARNING: CPU: 1 PID: 10 at kernel/smp.c:231 flush_smp_call_function_queue+0x1c4/0x1d0() [ 93.836215] Modules linked in: [ 93.839287] CPU: 1 PID: 10 Comm: migration/1 Not tainted 3.19.0-rc4-octeon-los_b5f0 #1 [ 93.847212] Stack : 0000000000000001 ffffffff81b2cf90 0000000000000004 ffffffff81630000 0000000000000000 0000000000000000 0000000000000000 000000000000004a 0000000000000006 ffffffff8117e550 0000000000000000 0000000000000000 ffffffff81b30000 ffffffff81b26808 8000000032c77748 ffffffff81627e07 ffffffff81595ec8 ffffffff81b26808 000000000000000a 0000000000000001 0000000000000001 0000000000000003 0000000010008ce1 ffffffff815030c8 8000000032cbbb38 ffffffff8113d42c 0000000010008ce1 ffffffff8117f36c 8000000032c77300 8000000032cbba50 0000000000000001 ffffffff81503984 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff81121668 0000000000000000 0000000000000000 ... [ 93.912819] Call Trace: [ 93.915273] [] show_stack+0x68/0x80 [ 93.920335] [] dump_stack+0x6c/0x90 [ 93.925395] [] warn_slowpath_common+0x94/0xd8 [ 93.931324] [] flush_smp_call_function_queue+0x1c4/0x1d0 [ 93.938208] [] hotplug_cfd+0xf0/0x108 [ 93.943444] [] notifier_call_chain+0x5c/0xb8 [ 93.949286] [] cpu_notify+0x24/0x60 [ 93.954348] [] take_cpu_down+0x38/0x58 [ 93.959670] [] multi_cpu_stop+0x154/0x180 [ 93.965250] [] cpu_stopper_thread+0xd8/0x160 [ 93.971093] [] smpboot_thread_fn+0x1ec/0x1f8 [ 93.976936] [] kthread+0xd4/0xf0 [ 93.981735] [] ret_from_kernel_thread+0x14/0x1c [ 93.987835] [ 93.989326] ---[ end trace c9e3815ee655bda9 ]--- [ 93.993951] Kernel bug detected[#1]: [ 93.997533] CPU: 1 PID: 10 Comm: migration/1 Tainted: G W 3.19.0-rc4-octeon-los_b5f0 #1 [ 94.006591] task: 8000000032c77300 ti: 8000000032cb8000 task.ti: 8000000032cb8000 [ 94.014081] $ 0 : 0000000000000000 0000000010000ce1 0000000000000001 ffffffff81620000 [ 94.022146] $ 4 : 8000000002c72ac0 0000000000000000 00000000000001a7 ffffffff813b06f0 [ 94.030210] $ 8 : ffffffff813b20d8 0000000000000000 0000000000000000 ffffffff81630000 [ 94.038275] $12 : 0000000000000087 0000000000000000 0000000000000086 0000000000000000 [ 94.046339] $16 : ffffffff81623168 0000000000000001 0000000000000000 0000000000000008 [ 94.054405] $20 : 0000000000000001 0000000000000001 0000000000000001 0000000000000003 [ 94.062470] $24 : 0000000000000038 ffffffff813b7f10 [ 94.070536] $28 : 8000000032cb8000 8000000032cbbc20 0000000010008ce1 ffffffff811bcaf4 [ 94.078601] Hi : 0000000000f188e8 [ 94.082179] Lo : d4fdf3b646c09d55 [ 94.085760] epc : ffffffff811bc9d0 irq_work_run_list+0x8/0xf8 [ 94.091686] Tainted: G W [ 94.095613] ra : ffffffff811bcaf4 irq_work_run+0x34/0x60 [ 94.101192] Status: 10000ce3 KX SX UX KERNEL EXL IE [ 94.106235] Cause : 40808034 [ 94.109119] PrId : 000d9301 (Cavium Octeon II) [ 94.113653] Modules linked in: [ 94.116721] Process migration/1 (pid: 10, threadinfo=8000000032cb8000, task=8000000032c77300, tls=0000000000000000) [ 94.127168] Stack : 8000000002c74c80 ffffffff811a4128 0000000000000001 ffffffff81635720 fffffffffffffff2 ffffffff8115bacc 80000000320fbce0 80000000320fbca4 80000000320fbc80 0000000000000002 0000000000000004 ffffffff8113d704 80000000320fbce0 ffffffff81501738 0000000000000003 ffffffff811b343c 8000000002c72aa0 8000000002c72aa8 ffffffff8159cae8 ffffffff8159caa0 ffffffff81650000 80000000320fbbf0 80000000320fbc80 ffffffff811b32e8 0000000000000000 ffffffff811b3768 ffffffff81622b80 ffffffff815148a8 8000000032c77300 8000000002c73e80 ffffffff815148a8 8000000032c77300 ffffffff81622b80 ffffffff815148a8 8000000032c77300 ffffffff81503f48 ffffffff8115ea0c ffffffff81620000 0000000000000000 ffffffff81174d64 ... [ 94.192771] Call Trace: [ 94.195222] [] irq_work_run_list+0x8/0xf8 [ 94.200802] [] irq_work_run+0x34/0x60 [ 94.206036] [] hotplug_cfd+0xf0/0x108 [ 94.211269] [] notifier_call_chain+0x5c/0xb8 [ 94.217111] [] cpu_notify+0x24/0x60 [ 94.222171] [] take_cpu_down+0x38/0x58 [ 94.227491] [] multi_cpu_stop+0x154/0x180 [ 94.233072] [] cpu_stopper_thread+0xd8/0x160 [ 94.238914] [] smpboot_thread_fn+0x1ec/0x1f8 [ 94.244757] [] kthread+0xd4/0xf0 [ 94.249555] [] ret_from_kernel_thread+0x14/0x1c [ 94.255654] [ 94.257146] Code: a2423c40 40026000 30420001 <00020336> dc820000 10400037 00000000 0000010f 0000010f [ 94.267183] ---[ end trace c9e3815ee655bdaa ]--- [ 94.271804] Fatal exception: panic in 5 seconds Reported-by: Hemmo Nieminen Signed-off-by: Aaro Koskinen Acked-by: David Daney Cc: stable@vger.kernel.org # v3.18+ Cc: linux-mips@linux-mips.org Cc: linux-kernel@vger.kernel.org Patchwork: https://patchwork.linux-mips.org/patch/8952/ Signed-off-by: Ralf Baechle --- arch/mips/cavium-octeon/smp.c | 2 -- 1 file changed, 2 deletions(-) diff --git a/arch/mips/cavium-octeon/smp.c b/arch/mips/cavium-octeon/smp.c index ecd903dd1c45..8b1eeffa12ed 100644 --- a/arch/mips/cavium-octeon/smp.c +++ b/arch/mips/cavium-octeon/smp.c @@ -240,9 +240,7 @@ static int octeon_cpu_disable(void) set_cpu_online(cpu, false); cpu_clear(cpu, cpu_callin_map); - local_irq_disable(); octeon_fixup_irqs(); - local_irq_enable(); flush_cache_all(); local_flush_tlb_all(); From c7754e75100ed5e3068ac5085747f2bfc386c8d6 Mon Sep 17 00:00:00 2001 From: Hemmo Nieminen Date: Thu, 15 Jan 2015 23:01:59 +0200 Subject: [PATCH 15/23] MIPS: Fix kernel lockup or crash after CPU offline/online As printk() invocation can cause e.g. a TLB miss, printk() cannot be called before the exception handlers have been properly initialized. This can happen e.g. when netconsole has been loaded as a kernel module and the TLB table has been cleared when a CPU was offline. Call cpu_report() in start_secondary() only after the exception handlers have been initialized to fix this. Without the patch the kernel will randomly either lockup or crash after a CPU is onlined and the console driver is a module. Signed-off-by: Hemmo Nieminen Signed-off-by: Aaro Koskinen Cc: stable@vger.kernel.org Cc: David Daney Cc: linux-mips@linux-mips.org Cc: linux-kernel@vger.kernel.org Patchwork: https://patchwork.linux-mips.org/patch/8953/ Signed-off-by: Ralf Baechle --- arch/mips/kernel/smp.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/mips/kernel/smp.c b/arch/mips/kernel/smp.c index c94c4e92e17d..1c0d8c50b7e1 100644 --- a/arch/mips/kernel/smp.c +++ b/arch/mips/kernel/smp.c @@ -123,10 +123,10 @@ asmlinkage void start_secondary(void) unsigned int cpu; cpu_probe(); - cpu_report(); per_cpu_trap_init(false); mips_clockevent_init(); mp_ops->init_secondary(); + cpu_report(); /* * XXX parity protection should be folded in here when it's converted From 5e32033e14ca9c7f7341cb383f5a05699b0b5382 Mon Sep 17 00:00:00 2001 From: James Hogan Date: Fri, 30 Jan 2015 15:40:19 +0000 Subject: [PATCH 16/23] MIPS: mipsregs.h: Add write_32bit_cp1_register() Add a write_32bit_cp1_register() macro to compliment the read_32bit_cp1_register() macro. This is to abstract whether .set hardfloat needs to be used based on GAS_HAS_SET_HARDFLOAT. The implementation of _read_32bit_cp1_register() .sets mips1 due to failure of gas v2.19 to assemble cfc1 for Octeon (see commit 25c300030016 ("MIPS: Override assembler target architecture for octeon.")). I haven't copied this over to _write_32bit_cp1_register() as I'm uncertain whether it applies to ctc1 too, or whether anybody cares about that version of binutils any longer. Signed-off-by: James Hogan Cc: Ralf Baechle Cc: Paul Burton Cc: David Daney Cc: linux-mips@linux-mips.org Patchwork: https://patchwork.linux-mips.org/patch/9172/ Signed-off-by: Ralf Baechle --- arch/mips/include/asm/mipsregs.h | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/arch/mips/include/asm/mipsregs.h b/arch/mips/include/asm/mipsregs.h index 5e4aef304b02..5b720d8c2745 100644 --- a/arch/mips/include/asm/mipsregs.h +++ b/arch/mips/include/asm/mipsregs.h @@ -1386,12 +1386,27 @@ do { \ __res; \ }) +#define _write_32bit_cp1_register(dest, val, gas_hardfloat) \ +do { \ + __asm__ __volatile__( \ + " .set push \n" \ + " .set reorder \n" \ + " "STR(gas_hardfloat)" \n" \ + " ctc1 %0,"STR(dest)" \n" \ + " .set pop \n" \ + : : "r" (val)); \ +} while (0) + #ifdef GAS_HAS_SET_HARDFLOAT #define read_32bit_cp1_register(source) \ _read_32bit_cp1_register(source, .set hardfloat) +#define write_32bit_cp1_register(dest, val) \ + _write_32bit_cp1_register(dest, val, .set hardfloat) #else #define read_32bit_cp1_register(source) \ _read_32bit_cp1_register(source, ) +#define write_32bit_cp1_register(dest, val) \ + _write_32bit_cp1_register(dest, val, ) #endif #ifdef HAVE_AS_DSP From d76e9b9fc5de7e8fc4fd0e72a94e8c723929ffea Mon Sep 17 00:00:00 2001 From: James Hogan Date: Fri, 30 Jan 2015 15:40:20 +0000 Subject: [PATCH 17/23] MIPS: traps: Fix inline asm ctc1 missing .set hardfloat Commit 842dfc11ea9a ("MIPS: Fix build with binutils 2.24.51+") in v3.18 enabled -msoft-float and sprinkled ".set hardfloat" where necessary to use FP instructions. However it missed enable_restore_fp_context() which since v3.17 does a ctc1 with inline assembly, causing the following assembler errors on Mentor's 2014.05 toolchain: {standard input}: Assembler messages: {standard input}:2913: Error: opcode not supported on this processor: mips32r2 (mips32r2) `ctc1 $2,$31' scripts/Makefile.build:257: recipe for target 'arch/mips/kernel/traps.o' failed Fix that to use the new write_32bit_cp1_register() macro so that ".set hardfloat" is automatically added when -msoft-float is in use. Fixes 842dfc11ea9a ("MIPS: Fix build with binutils 2.24.51+") Signed-off-by: James Hogan Cc: Ralf Baechle Cc: Paul Burton Cc: linux-mips@linux-mips.org Cc: # 3.18+, depends on "MIPS: mipsregs.h: Add write_32bit_cp1_register()" Patchwork: https://patchwork.linux-mips.org/patch/9173/ Signed-off-by: Ralf Baechle --- arch/mips/kernel/traps.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/arch/mips/kernel/traps.c b/arch/mips/kernel/traps.c index ad3d2031c327..c3b41e24c05a 100644 --- a/arch/mips/kernel/traps.c +++ b/arch/mips/kernel/traps.c @@ -1231,7 +1231,8 @@ static int enable_restore_fp_context(int msa) /* Restore the scalar FP control & status register */ if (!was_fpu_owner) - asm volatile("ctc1 %0, $31" : : "r"(current->thread.fpu.fcr31)); + write_32bit_cp1_register(CP1_STATUS, + current->thread.fpu.fcr31); } out: From 9ead8632bbf454cfc709b6205dc9cd8582fb0d64 Mon Sep 17 00:00:00 2001 From: David Daney Date: Tue, 6 Jan 2015 10:42:23 -0800 Subject: [PATCH 18/23] MIPS: Fix C0_Pagegrain[IEC] support. The following commits: 5890f70f15c52d (MIPS: Use dedicated exception handler if CPU supports RI/XI exceptions) 6575b1d4173eae (MIPS: kernel: cpu-probe: Detect unique RI/XI exceptions) break the kernel for *all* existing MIPS CPUs that implement the CP0_PageGrain[IEC] bit. They cause the TLB exception handlers to be generated without the legacy execute-inhibit handling, but never set the CP0_PageGrain[IEC] bit to activate the use of dedicated exception vectors for execute-inhibit exceptions. The result is that upon detection of an execute-inhibit violation, we loop forever in the TLB exception handlers instead of sending SIGSEGV to the task. If we are generating TLB exception handlers expecting separate vectors, we must also enable the CP0_PageGrain[IEC] feature. The bug was introduced in kernel version 3.17. Signed-off-by: David Daney Cc: Cc: Leonid Yegoshin Cc: linux-mips@linux-mips.org Patchwork: http://patchwork.linux-mips.org/patch/8880/ Signed-off-by: Ralf Baechle --- arch/mips/mm/tlb-r4k.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/arch/mips/mm/tlb-r4k.c b/arch/mips/mm/tlb-r4k.c index e90b2e899291..30639a6e9b8c 100644 --- a/arch/mips/mm/tlb-r4k.c +++ b/arch/mips/mm/tlb-r4k.c @@ -489,6 +489,8 @@ static void r4k_tlb_configure(void) #ifdef CONFIG_64BIT pg |= PG_ELPA; #endif + if (cpu_has_rixiex) + pg |= PG_IEC; write_c0_pagegrain(pg); } From 39148e94e3e1f0477ce8ed3fda00123722681f3a Mon Sep 17 00:00:00 2001 From: James Hogan Date: Mon, 19 Jan 2015 10:30:54 +0000 Subject: [PATCH 19/23] MIPS: fork: Fix MSA/FPU/DSP context duplication race There is a race in the MIPS fork code which allows the child to get a stale copy of parent MSA/FPU/DSP state that is active in hardware registers when the fork() is called. This is because copy_thread() saves the live register state into the child context only if the hardware is currently in use, apparently on the assumption that the hardware state cannot have been saved and disabled since the initial duplication of the task_struct. However preemption is certainly possible during this window. An example sequence of events is as follows: 1) The parent userland process puts important data into saved floating point registers ($f20-$f31), which are then dirty compared to the process' stored context. 2) The parent process calls fork() which does a clone system call. 3) In the kernel, do_fork() -> copy_process() -> dup_task_struct() -> arch_dup_task_struct() (which uses the weakly defined default implementation). This duplicates the parent process' task context, which includes a stale version of its FP context from when it was last saved, probably some time before (1). 4) At some point before copy_process() calls copy_thread(), such as when duplicating the memory map, the process is desceduled. Perhaps it is preempted asynchronously, or perhaps it sleeps while blocked on a mutex. The dirty FP state in the FP registers is saved to the parent process' context and the FPU is disabled. 5) When the process is rescheduled again it continues copying state until it gets to copy_thread(), which checks whether the FPU is in use, so that it can copy that dirty state to the child process' task context. Because of the deschedule however the FPU is not in use, so the child process' context is left with stale FP context from the last time the parent saved it (some time before (1)). 6) When the new child process is scheduled it reads the important data from the saved floating point register, and ends up doing a NULL pointer dereference as a result of the stale data. This use of saved floating point registers across function calls can be triggered fairly easily by explicitly using inline asm with a current (MIPS R2) compiler, but is far more likely to happen unintentionally with a MIPS R6 compiler where the FP registers are more likely to get used as scratch registers for storing non-fp data. It is easily fixed, in the same way that other architectures do it, by overriding the implementation of arch_dup_task_struct() to sync the dirty hardware state to the parent process' task context *prior* to duplicating it, rather than copying straight to the child process' task context in copy_thread(). Note, the FPU hardware is not disabled so the parent process may continue executing with the live register context, but now the child process is guaranteed to have an identical copy of it at that point. Signed-off-by: James Hogan Reported-by: Matthew Fortune Tested-by: Markos Chandras Cc: Ralf Baechle Cc: Paul Burton Cc: linux-mips@linux-mips.org Patchwork: https://patchwork.linux-mips.org/patch/9075/ Signed-off-by: Ralf Baechle --- arch/mips/kernel/process.c | 36 ++++++++++++++++++++++++------------ 1 file changed, 24 insertions(+), 12 deletions(-) diff --git a/arch/mips/kernel/process.c b/arch/mips/kernel/process.c index eb76434828e8..85bff5d513e5 100644 --- a/arch/mips/kernel/process.c +++ b/arch/mips/kernel/process.c @@ -82,6 +82,30 @@ void flush_thread(void) { } +int arch_dup_task_struct(struct task_struct *dst, struct task_struct *src) +{ + /* + * Save any process state which is live in hardware registers to the + * parent context prior to duplication. This prevents the new child + * state becoming stale if the parent is preempted before copy_thread() + * gets a chance to save the parent's live hardware registers to the + * child context. + */ + preempt_disable(); + + if (is_msa_enabled()) + save_msa(current); + else if (is_fpu_owner()) + _save_fp(current); + + save_dsp(current); + + preempt_enable(); + + *dst = *src; + return 0; +} + int copy_thread(unsigned long clone_flags, unsigned long usp, unsigned long arg, struct task_struct *p) { @@ -92,18 +116,6 @@ int copy_thread(unsigned long clone_flags, unsigned long usp, childksp = (unsigned long)task_stack_page(p) + THREAD_SIZE - 32; - preempt_disable(); - - if (is_msa_enabled()) - save_msa(p); - else if (is_fpu_owner()) - save_fp(p); - - if (cpu_has_dsp) - save_dsp(p); - - preempt_enable(); - /* set up new TSS. */ childregs = (struct pt_regs *) childksp - 1; /* Put the stack after the struct pt_regs. */ From 06a40ed1866ebedf336bcea90300785cc682d1c3 Mon Sep 17 00:00:00 2001 From: Ralf Baechle Date: Mon, 2 Feb 2015 01:01:46 +0100 Subject: [PATCH 20/23] MIPS: elf2ecoff: Rewrite main processing loop to switch. The if construct was getting hard to read and would be getting even more complex with the next bug fix. Signed-off-by: Ralf Baechle --- arch/mips/boot/elf2ecoff.c | 60 +++++++++++++++++++++----------------- 1 file changed, 33 insertions(+), 27 deletions(-) diff --git a/arch/mips/boot/elf2ecoff.c b/arch/mips/boot/elf2ecoff.c index 8585078ae50e..0b0f3cab068b 100644 --- a/arch/mips/boot/elf2ecoff.c +++ b/arch/mips/boot/elf2ecoff.c @@ -349,39 +349,45 @@ int main(int argc, char *argv[]) for (i = 0; i < ex.e_phnum; i++) { /* Section types we can ignore... */ - if (ph[i].p_type == PT_NULL || ph[i].p_type == PT_NOTE || - ph[i].p_type == PT_PHDR - || ph[i].p_type == PT_MIPS_REGINFO) + switch (ph[i].p_type) { + case PT_NULL: + case PT_NOTE: + case PT_PHDR: + case PT_MIPS_REGINFO: continue; - /* Section types we can't handle... */ - else if (ph[i].p_type != PT_LOAD) { + + case PT_LOAD: + /* Writable (data) segment? */ + if (ph[i].p_flags & PF_W) { + struct sect ndata, nbss; + + ndata.vaddr = ph[i].p_vaddr; + ndata.len = ph[i].p_filesz; + nbss.vaddr = ph[i].p_vaddr + ph[i].p_filesz; + nbss.len = ph[i].p_memsz - ph[i].p_filesz; + + combine(&data, &ndata, 0); + combine(&bss, &nbss, 1); + } else { + struct sect ntxt; + + ntxt.vaddr = ph[i].p_vaddr; + ntxt.len = ph[i].p_filesz; + + combine(&text, &ntxt, 0); + } + /* Remember the lowest segment start address. */ + if (ph[i].p_vaddr < cur_vma) + cur_vma = ph[i].p_vaddr; + break; + + default: + /* Section types we can't handle... */ fprintf(stderr, "Program header %d type %d can't be converted.\n", ex.e_phnum, ph[i].p_type); exit(1); } - /* Writable (data) segment? */ - if (ph[i].p_flags & PF_W) { - struct sect ndata, nbss; - - ndata.vaddr = ph[i].p_vaddr; - ndata.len = ph[i].p_filesz; - nbss.vaddr = ph[i].p_vaddr + ph[i].p_filesz; - nbss.len = ph[i].p_memsz - ph[i].p_filesz; - - combine(&data, &ndata, 0); - combine(&bss, &nbss, 1); - } else { - struct sect ntxt; - - ntxt.vaddr = ph[i].p_vaddr; - ntxt.len = ph[i].p_filesz; - - combine(&text, &ntxt, 0); - } - /* Remember the lowest segment start address. */ - if (ph[i].p_vaddr < cur_vma) - cur_vma = ph[i].p_vaddr; } /* Sections must be in order to be converted... */ From 26f7c4bd05cf34e63a4a794150ab66a40a5a84a9 Mon Sep 17 00:00:00 2001 From: Ralf Baechle Date: Wed, 4 Feb 2015 12:59:43 +0100 Subject: [PATCH 21/23] MIPS: elf2ecoff: Ignore PT_MIPS_ABIFLAGS program headers. These are generated by very recent toolchains and result in an error message when attenpting to convert a kernel from ELF to ECOFF. Signed-off-by: Ralf Baechle --- arch/mips/boot/elf2ecoff.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/arch/mips/boot/elf2ecoff.c b/arch/mips/boot/elf2ecoff.c index 0b0f3cab068b..2a4c52e27f41 100644 --- a/arch/mips/boot/elf2ecoff.c +++ b/arch/mips/boot/elf2ecoff.c @@ -49,7 +49,8 @@ /* * Some extra ELF definitions */ -#define PT_MIPS_REGINFO 0x70000000 /* Register usage information */ +#define PT_MIPS_REGINFO 0x70000000 /* Register usage information */ +#define PT_MIPS_ABIFLAGS 0x70000003 /* Records ABI related flags */ /* -------------------------------------------------------------------- */ @@ -354,6 +355,7 @@ int main(int argc, char *argv[]) case PT_NOTE: case PT_PHDR: case PT_MIPS_REGINFO: + case PT_MIPS_ABIFLAGS: continue; case PT_LOAD: From c2d9f17757310484ab4fd65954f5f9850f6a1349 Mon Sep 17 00:00:00 2001 From: Lars Persson Date: Tue, 3 Feb 2015 17:08:17 +0100 Subject: [PATCH 22/23] MIPS: Fix syscall_get_nr for the syscall exit tracing. Register 2 is alredy overwritten by the return value when syscall_trace_leave() is called. Signed-off-by: Lars Persson Cc: linux-mips@linux-mips.org Patchwork: https://patchwork.linux-mips.org/patch/9187/ Signed-off-by: Ralf Baechle --- arch/mips/include/asm/syscall.h | 8 +------- arch/mips/include/asm/thread_info.h | 1 + arch/mips/kernel/ptrace.c | 2 ++ 3 files changed, 4 insertions(+), 7 deletions(-) diff --git a/arch/mips/include/asm/syscall.h b/arch/mips/include/asm/syscall.h index bb7963753730..6499d93ae68d 100644 --- a/arch/mips/include/asm/syscall.h +++ b/arch/mips/include/asm/syscall.h @@ -29,13 +29,7 @@ static inline long syscall_get_nr(struct task_struct *task, struct pt_regs *regs) { - /* O32 ABI syscall() - Either 64-bit with O32 or 32-bit */ - if ((config_enabled(CONFIG_32BIT) || - test_tsk_thread_flag(task, TIF_32BIT_REGS)) && - (regs->regs[2] == __NR_syscall)) - return regs->regs[4]; - else - return regs->regs[2]; + return current_thread_info()->syscall; } static inline unsigned long mips_get_syscall_arg(unsigned long *arg, diff --git a/arch/mips/include/asm/thread_info.h b/arch/mips/include/asm/thread_info.h index 99eea59604e9..e4440f92b366 100644 --- a/arch/mips/include/asm/thread_info.h +++ b/arch/mips/include/asm/thread_info.h @@ -36,6 +36,7 @@ struct thread_info { */ struct restart_block restart_block; struct pt_regs *regs; + long syscall; /* syscall number */ }; /* diff --git a/arch/mips/kernel/ptrace.c b/arch/mips/kernel/ptrace.c index 9d1487d83293..510452812594 100644 --- a/arch/mips/kernel/ptrace.c +++ b/arch/mips/kernel/ptrace.c @@ -770,6 +770,8 @@ asmlinkage long syscall_trace_enter(struct pt_regs *regs, long syscall) long ret = 0; user_exit(); + current_thread_info()->syscall = syscall; + if (secure_computing() == -1) return -1; From 1b6af71a8f50f59a96f65ad90e4d20612d2a2526 Mon Sep 17 00:00:00 2001 From: James Hogan Date: Mon, 19 Jan 2015 15:38:24 +0000 Subject: [PATCH 23/23] IRQCHIP: mips-gic: Avoid rerouting timer IRQs for smp-cmp Commit e9de688dac65 ("irqchip: mips-gic: Support local interrupts") changed the GIC irqchip driver so that all local interrupts were routed to the same CPU pin used for external interrupts. Unfortunately this causes a regression when smp-cmp is used. The CPUs are started by the bootloader and put in a timer based waiting poll loop, but when their timer interrupts are rerouted to a different IRQ pin which is not unmasked they never wake up. Since smp-cmp support is deprecated and everybody who was using it should be switching to smp-cps which brings up the secondary CPUs without bootloader assistance, I've gone for the simple fix which can be easily removed once smp-cmp is removed, rather than a fully generic fix. In __gic_init() the local GIC_VPE_TIMER_MAP register is read to find the boot-time routing of the local timer interrupt, and a chained handler is added to that CPU pin as well as the normal one. Signed-off-by: James Hogan Fixes: e9de688dac65 ("irqchip: mips-gic: Support local interrupts") Cc: Andrew Bresticker Cc: Qais Yousef Cc: Paul Burton Cc: Jason Cooper Cc: Thomas Gleixner Cc: linux-mips@linux-mips.org Reviewed-by: Andrew Bresticker Patchwork: https://patchwork.linux-mips.org/patch/9081/ Signed-off-by: Ralf Baechle --- drivers/irqchip/irq-mips-gic.c | 27 +++++++++++++++++++++++++++ 1 file changed, 27 insertions(+) diff --git a/drivers/irqchip/irq-mips-gic.c b/drivers/irqchip/irq-mips-gic.c index 2b0468e3df6a..56b96c63dc4b 100644 --- a/drivers/irqchip/irq-mips-gic.c +++ b/drivers/irqchip/irq-mips-gic.c @@ -37,6 +37,7 @@ static struct irq_domain *gic_irq_domain; static int gic_shared_intrs; static int gic_vpes; static unsigned int gic_cpu_pin; +static unsigned int timer_cpu_pin; static struct irq_chip gic_level_irq_controller, gic_edge_irq_controller; static void __gic_irq_dispatch(void); @@ -616,6 +617,8 @@ static int gic_local_irq_domain_map(struct irq_domain *d, unsigned int virq, gic_write(GIC_REG(VPE_OTHER, GIC_VPE_COMPARE_MAP), val); break; case GIC_LOCAL_INT_TIMER: + /* CONFIG_MIPS_CMP workaround (see __gic_init) */ + val = GIC_MAP_TO_PIN_MSK | timer_cpu_pin; gic_write(GIC_REG(VPE_OTHER, GIC_VPE_TIMER_MAP), val); break; case GIC_LOCAL_INT_PERFCTR: @@ -713,12 +716,36 @@ static void __init __gic_init(unsigned long gic_base_addr, if (cpu_has_veic) { /* Always use vector 1 in EIC mode */ gic_cpu_pin = 0; + timer_cpu_pin = gic_cpu_pin; set_vi_handler(gic_cpu_pin + GIC_PIN_TO_VEC_OFFSET, __gic_irq_dispatch); } else { gic_cpu_pin = cpu_vec - GIC_CPU_PIN_OFFSET; irq_set_chained_handler(MIPS_CPU_IRQ_BASE + cpu_vec, gic_irq_dispatch); + /* + * With the CMP implementation of SMP (deprecated), other CPUs + * are started by the bootloader and put into a timer based + * waiting poll loop. We must not re-route those CPU's local + * timer interrupts as the wait instruction will never finish, + * so just handle whatever CPU interrupt it is routed to by + * default. + * + * This workaround should be removed when CMP support is + * dropped. + */ + if (IS_ENABLED(CONFIG_MIPS_CMP) && + gic_local_irq_is_routable(GIC_LOCAL_INT_TIMER)) { + timer_cpu_pin = gic_read(GIC_REG(VPE_LOCAL, + GIC_VPE_TIMER_MAP)) & + GIC_MAP_MSK; + irq_set_chained_handler(MIPS_CPU_IRQ_BASE + + GIC_CPU_PIN_OFFSET + + timer_cpu_pin, + gic_irq_dispatch); + } else { + timer_cpu_pin = gic_cpu_pin; + } } gic_irq_domain = irq_domain_add_simple(node, GIC_NUM_LOCAL_INTRS +