Vince's perf fuzzer uncovered the following issue on Alpha:
Unable to handle kernel paging request at virtual address fffffbfe4e46a0e8
CPU 0 perf_fuzzer(1278): Oops 0
pc = [<fffffc000031fbc0>] ra = [<fffffc000031ff54>] ps = 0007 Not tainted
pc is at alpha_perf_event_set_period+0x60/0xf0
ra is at alpha_pmu_enable+0x1a4/0x1c0
v0 = 0000000000000000 t0 = 00000000000fffff t1 = fffffc007b3f5800
t2 = fffffbff275faa94 t3 = ffffffffc9b9bd89 t4 = fffffbfe4e46a098
t5 = 0000000000000020 t6 = fffffbfe4e46a0b8 t7 = fffffc007f4c8000
s0 = 0000000000000000 s1 = fffffc0001b0c018 s2 = fffffc0001b0c020
s3 = fffffc007b3f5800 s4 = 0000000000000001 s5 = ffffffffc9b9bd85
s6 = 0000000000000001
a0 = 0000000000000006 a1 = fffffc007b3f5908 a2 = fffffbfe4e46a098
a3 = 00000005000108c0 a4 = 0000000000000000 a5 = 0000000000000000
t8 = 0000000000000001 t9 = 0000000000000001 t10= 0000000027829f6f
t11= 0000000000000020 pv = fffffc000031fb60 at = fffffc0000950900
gp = fffffc0000940900 sp = fffffc007f4cbca8
Disabling lock debugging due to kernel taint
Trace:
[<fffffc000031ff54>] alpha_pmu_enable+0x1a4/0x1c0
[<fffffc000039f4e8>] perf_pmu_enable+0x48/0x60
[<fffffc00003a0d6c>] __perf_install_in_context+0x15c/0x230
[<fffffc000039d1f0>] remote_function+0x80/0xa0
[<fffffc00003a0c10>] __perf_install_in_context+0x0/0x230
[<fffffc000037b7e4>] smp_call_function_single+0x1b4/0x1d0
[<fffffc000039bb70>] task_function_call+0x60/0x80
[<fffffc00003a0c10>] __perf_install_in_context+0x0/0x230
[<fffffc000039bb44>] task_function_call+0x34/0x80
[<fffffc000039d3fc>] perf_install_in_context+0x9c/0x150
[<fffffc00003a0c10>] __perf_install_in_context+0x0/0x230
[<fffffc00003a5100>] SYSC_perf_event_open+0x360/0xac0
[<fffffc00003110c4>] entSys+0xa4/0xc0
This is due to the raw event encoding being used as an index directly
into the ev67_mapping array, rather than being validated against the
ev67_pmc_event_type enumeration instead. Unlike other architectures,
which allow raw events to propagate into the hardware counters with
little interference, the limited number of events on Alpha and the
strict event <-> counter relationships mean that raw events actually
correspond to the Linux-specific Alpha events, rather than anything
defined by the architecture.
This patch adds a new callback to alpha_pmu_t for validating the raw
event encoding with the Linux event types for the PMU, preventing the
out-of-bounds array access.
Cc: Peter Zijlstra <a.p.zijlstra@chello.nl>
Acked-by: Michael Cree <mcree@orcon.net.nz>
Acked-by: Matt Turner <mattst88@gmail.com>
Signed-off-by: Will Deacon <will.deacon@arm.com>
QEMU provides a high-resolution timer and alarm; use this for
a clock source and clock event source when available.
Signed-off-by: Richard Henderson <rth@twiddle.net>
This allows us to get rid of some hacky code for SMP. Get rid of
some cycle counter hackery that's now handled by generic code via
clocksource + clock_event_device objects.
Signed-off-by: Richard Henderson <rth@twiddle.net>
Don't depend on SMP, just check the number of processors online.
This allows a single distribution kernel to use the clocksource
when run on a single processor machine. Do depend on whether or
not we're using WTINT.
Signed-off-by: Richard Henderson <rth@twiddle.net>
Discontinue use of GENERIC_CMOS_UPDATE; rely on the RTC subsystem.
The marvel platform requires that the rtc only be touched from the
boot cpu. This had been partially implemented with hooks for
get/set_rtc_time, but read/update_persistent_clock were not handled.
Move the hooks from the machine_vec to a special rtc_class_ops struct.
We had read_persistent_clock managing the epoch against which the
rtc hw is based, but this didn't apply to get_rtc_time or set_rtc_time.
This resulted in incorrect values when hwclock(8) gets involved.
Allow the epoch to be set from the kernel command-line, overriding
the autodetection, which is doomed to fail in 2020. Further, by
implementing the rtc ioctl function, we can expose this epoch to
userland.
Elide the alarm functions that RTC_DRV_CMOS implements. This was
highly questionable on Alpha, since the interrupt is used by the
system timer.
Signed-off-by: Richard Henderson <rth@twiddle.net>
Use WTINT to wait for the next interrupt. Squash the WTINT call
if the PALcode doesn't support it (e.g. MILO). No attempt is yet
made to skip clock ticks during normal scheduling in order to stay
in power down mode longer.
Signed-off-by: Richard Henderson <rth@twiddle.net>
When building a generic kernel, do a run-time check on the serial
number, like we do for MILO. When building a custom kernel, make
this a configure-time check.
Signed-off-by: Richard Henderson <rth@twiddle.net>
Compiling with GCC 4.8 yields several instances of
crypto/vmac.c: In function ‘vmac_final’:
crypto/vmac.c:616:9: warning: value computed is not used [-Wunused-value]
memset(&mac, 0, sizeof(vmac_t));
^
arch/alpha/include/asm/string.h:31:25: note: in definition of macro ‘memset’
? __builtin_memset((s),0,(n)) \
^
Converting the macro to an inline function eliminates this problem.
However, doing only that causes problems with the GCC 3.x series. The
inline function cannot be named "memset", as otherwise we wind up with
recursion via __builtin_memset. Solve this by adjusting the symbols
such that __memset is the inline, and ___memset is the real function.
Signed-off-by: Richard Henderson <rth@twiddle.net>
The code as written is correct, and will be used by QEMU emulation.
Signed-off-by: Matt Turner <mattst88@gmail.com>
Signed-off-by: Richard Henderson <rth@twiddle.net>
Having unwind info past the PALcode generated stack frame makes
debugging the kernel significantly easier.
Acked-by: Matt Turner <mattst88@gmail.com>
Signed-off-by: Matt Turner <mattst88@gmail.com>
Signed-off-by: Richard Henderson <rth@twiddle.net>
For sending message:
*(unsigned int *)&cpu->ipc_buffer[0] = len;
cp1 = (char *) &cpu->ipc_buffer[1];
But for receive message:
cnt = cpu->ipc_buffer[0] >> 32;
...
cp1 = (char *) &cpu->ipc_buffer[11];
They are not pairs, it is typo issue of the redundency '1'.
So need use '1' instead of '11'.
Reviewed-by: Matt Turner <mattst88@gmail.com>
Signed-off-by: Matt Turner <mattst88@gmail.com>
Signed-off-by: Chen Gang <gang.chen@asianux.com>
When sending message in send_secondary_console_msg(), the length is not
include the NUL byte, and also not copy NUL to 'ipc_buffer'.
When receive message in recv_secondary_console_msg(), the 'cnt' also
excludes NUL.
So when get string from ipc_buffer, it may not be NUL terminated.
Then use memcpy() instead of strcpy(), and set last byte NUL.
Reviewed-by: Matt Turner <mattst88@gmail.com>
Signed-off-by: Matt Turner <mattst88@gmail.com>
Signed-off-by: Chen Gang <gang.chen@asianux.com>
Use the new vsprintf extension to avoid any possible
message interleaving.
Reviewed-by: Matt Turner <mattst88@gmail.com>
Signed-off-by: Matt Turner <mattst88@gmail.com>
Signed-off-by: Joe Perches <joe@perches.com>
The __cpuinit type of throwaway sections might have made sense
some time ago when RAM was more constrained, but now the savings
do not offset the cost and complications. For example, the fix in
commit 5e427ec2d0 ("x86: Fix bit corruption at CPU resume time")
is a good example of the nasty type of bugs that can be created
with improper use of the various __init prefixes.
After a discussion on LKML[1] it was decided that cpuinit should go
the way of devinit and be phased out. Once all the users are gone,
we can then finally remove the macros themselves from linux/init.h.
This removes all the alpha uses of the __cpuinit macros.
[1] https://lkml.org/lkml/2013/5/20/589
Cc: Richard Henderson <rth@twiddle.net>
Cc: Ivan Kokshaysky <ink@jurassic.park.msu.ru>
Cc: Matt Turner <mattst88@gmail.com>
Signed-off-by: Paul Gortmaker <paul.gortmaker@windriver.com>
Change signature of free_reserved_area() according to Russell King's
suggestion to fix following build warnings:
arch/arm/mm/init.c: In function 'mem_init':
arch/arm/mm/init.c:603:2: warning: passing argument 1 of 'free_reserved_area' makes integer from pointer without a cast [enabled by default]
free_reserved_area(__va(PHYS_PFN_OFFSET), swapper_pg_dir, 0, NULL);
^
In file included from include/linux/mman.h:4:0,
from arch/arm/mm/init.c:15:
include/linux/mm.h:1301:22: note: expected 'long unsigned int' but argument is of type 'void *'
extern unsigned long free_reserved_area(unsigned long start, unsigned long end,
mm/page_alloc.c: In function 'free_reserved_area':
>> mm/page_alloc.c:5134:3: warning: passing argument 1 of 'virt_to_phys' makes pointer from integer without a cast [enabled by default]
In file included from arch/mips/include/asm/page.h:49:0,
from include/linux/mmzone.h:20,
from include/linux/gfp.h:4,
from include/linux/mm.h:8,
from mm/page_alloc.c:18:
arch/mips/include/asm/io.h:119:29: note: expected 'const volatile void *' but argument is of type 'long unsigned int'
mm/page_alloc.c: In function 'free_area_init_nodes':
mm/page_alloc.c:5030:34: warning: array subscript is below array bounds [-Warray-bounds]
Also address some minor code review comments.
Signed-off-by: Jiang Liu <jiang.liu@huawei.com>
Reported-by: Arnd Bergmann <arnd@arndb.de>
Cc: "H. Peter Anvin" <hpa@zytor.com>
Cc: "Michael S. Tsirkin" <mst@redhat.com>
Cc: <sworddragon2@aol.com>
Cc: Catalin Marinas <catalin.marinas@arm.com>
Cc: Chris Metcalf <cmetcalf@tilera.com>
Cc: David Howells <dhowells@redhat.com>
Cc: Geert Uytterhoeven <geert@linux-m68k.org>
Cc: Ingo Molnar <mingo@redhat.com>
Cc: Jeremy Fitzhardinge <jeremy@goop.org>
Cc: Jianguo Wu <wujianguo@huawei.com>
Cc: Joonsoo Kim <js1304@gmail.com>
Cc: Kamezawa Hiroyuki <kamezawa.hiroyu@jp.fujitsu.com>
Cc: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Cc: Marek Szyprowski <m.szyprowski@samsung.com>
Cc: Mel Gorman <mel@csn.ul.ie>
Cc: Michel Lespinasse <walken@google.com>
Cc: Minchan Kim <minchan@kernel.org>
Cc: Rik van Riel <riel@redhat.com>
Cc: Rusty Russell <rusty@rustcorp.com.au>
Cc: Tang Chen <tangchen@cn.fujitsu.com>
Cc: Tejun Heo <tj@kernel.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Wen Congyang <wency@cn.fujitsu.com>
Cc: Will Deacon <will.deacon@arm.com>
Cc: Yasuaki Ishimatsu <isimatu.yasuaki@jp.fujitsu.com>
Cc: Yinghai Lu <yinghai@kernel.org>
Cc: Russell King <rmk@arm.linux.org.uk>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Pull tty/serial updates from Greg KH:
"Here is the big TTY / Serial driver merge for 3.11-rc1.
It's not all that big, nothing major changed in the tty api, which is
a nice change, just a number of serial driver fixes and updates and
new drivers, along with some n_tty fixes to help resolve some reported
issues.
All of these have been in the linux-next releases for a while, with
the exception of the last revert patch, which was reported this past
weekend by two different people as being needed."
* tag 'tty-3.11-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty: (51 commits)
Revert "serial: 8250_pci: add support for another kind of NetMos Technology PCI 9835 Multi-I/O Controller"
pch_uart: Add uart_clk selection for the MinnowBoard
tty: atmel_serial: prepare clk before calling enable
tty: Reset itty for other pty
n_tty: Buffer work should not reschedule itself
n_tty: Fix unsafe update of available buffer space
n_tty: Untangle read completion variables
n_tty: Encapsulate minimum_to_wake within N_TTY
serial: omap: Fix device tree based PM runtime
serial: imx: Fix serial clock unbalance
serial/mpc52xx_uart: fix kernel panic when system reboot
serial: mfd: Add sysrq support
serial: imx: enable the clocks for console
tty: serial: add Freescale lpuart driver support
serial: imx: Improve Kconfig text
serial: imx: Allow module build
serial: imx: Fix warning when !CONFIG_SERIAL_IMX_CONSOLE
tty/serial/sirf: fix error propagation in sirfsoc_uart_probe()
serial: omap: fix potential NULL pointer dereference in serial_omap_runtime_suspend()
tty: serial: Enable uartlite for ARM zynq
...
iterate_dir(): new helper, replacing vfs_readdir().
struct dir_context: contains the readdir callback (and will get more stuff
in it), embedded into whatever data that callback wants to deal with;
eventually, we'll be passing it to ->readdir() replacement instead of
(data,filldir) pair.
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
