Age | Commit message (Collapse) | Author |
|
|
|
1. "dm: optimize use SRCU and RCU" removes the use of dm_table_put.
2. "dm: remove request-based logic from make_request_fn wrapper" necessitates
calling dm_setup_md_queue or else the request_queue's make_request_fn
pointer ends being unset.
[ 7.711600] Internal error: Oops - bad mode: 0 [#1] PREEMPT SMP
[ 7.717519] CPU: 1 PID: 1 Comm: swapper/0 Tainted: G W 4.1.15-02273-gb057d16-dirty #33
[ 7.726559] Hardware name: HiKey Development Board (DT)
[ 7.731779] task: ffffffc005f8acc0 ti: ffffffc005f8c000 task.ti: ffffffc005f8c000
[ 7.739257] PC is at 0x0
[ 7.741787] LR is at generic_make_request+0x8c/0x108
....
[ 9.082931] Call trace:
[ 9.085372] [< (null)>] (null)
[ 9.090074] [<ffffffc0003f4ac0>] submit_bio+0x98/0x1e0
[ 9.095212] [<ffffffc0001e2618>] _submit_bh+0x120/0x1f0
[ 9.096165] cfg80211: Calling CRDA to update world regulatory domain
[ 9.106781] [<ffffffc0001e5450>] __bread_gfp+0x94/0x114
[ 9.112004] [<ffffffc00024a748>] ext4_fill_super+0x18c/0x2d64
[ 9.117750] [<ffffffc0001b275c>] mount_bdev+0x194/0x1c0
[ 9.122973] [<ffffffc0002450dc>] ext4_mount+0x14/0x1c
[ 9.128021] [<ffffffc0001b29a0>] mount_fs+0x3c/0x194
[ 9.132985] [<ffffffc0001d059c>] vfs_kern_mount+0x4c/0x134
[ 9.138467] [<ffffffc0001d2168>] do_mount+0x204/0xbbc
[ 9.143514] [<ffffffc0001d2ec4>] SyS_mount+0x94/0xe8
[ 9.148479] [<ffffffc000c54074>] mount_block_root+0x120/0x24c
[ 9.154222] [<ffffffc000c543e8>] mount_root+0x110/0x12c
[ 9.159443] [<ffffffc000c54574>] prepare_namespace+0x170/0x1b8
[ 9.165273] [<ffffffc000c53d98>] kernel_init_freeable+0x23c/0x260
[ 9.171365] [<ffffffc0009b1748>] kernel_init+0x10/0x118
[ 9.176589] Code: bad PC value
[ 9.179807] ---[ end trace 75e1bc52ba364d13 ]---
Bug: 27175947
Signed-off-by: Badhri Jagan Sridharan <Badhri@google.com>
Change-Id: I952d86fd1475f0825f9be1386e3497b36127abd0
|
|
Following CLs in upstream causes minor changes to dm-android-verity target.
1. keys: change asymmetric keys to use common hash definitions
2. block: Abstract out bvec iterator
Rebase dm-android-verity on top of these changes.
Bug: 27175947
Signed-off-by: Badhri Jagan Sridharan <Badhri@google.com>
Change-Id: Icfdc3e7b3ead5de335a059cade1aca70414db415
|
|
This device-mapper target is virtually a VERITY target. This
target is setup by reading the metadata contents piggybacked
to the actual data blocks in the block device. The signature
of the metadata contents are verified against the key included
in the system keyring. Upon success, the underlying verity
target is setup.
BUG: 27175947
Change-Id: I7e99644a0960ac8279f02c0158ed20999510ea97
Signed-off-by: Badhri Jagan Sridharan <Badhri@google.com>
|
|
Strings are sometimes sanitized by replacing a certain character (often
'/') by another (often '!'). In a few places, this is done the same way
Schlemiel the Painter would do it. Others are slightly smarter but still
do multiple strchr() calls. Introduce strreplace() to do this using a
single function call and a single pass over the string.
One would expect the return value to be one of three things: void, s, or
the number of replacements made. I chose the fourth, returning a pointer
to the end of the string. This is more likely to be useful (for example
allowing the caller to avoid a strlen call).
BUG: 27175947
Signed-off-by: Rasmus Villemoes <linux@rasmusvillemoes.dk>
Cc: "Theodore Ts'o" <tytso@mit.edu>
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Cc: Neil Brown <neilb@suse.de>
Cc: Steven Rostedt <rostedt@goodmis.org>
Cc: Joe Perches <joe@perches.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Change-Id: I1ddb88534a189f2e78ae1b5b074c0662781c7665
|
|
This is a wrap-up of three patches pending upstream approval.
I'm bundling them because they are interdependent, and it'll be
easier to drop it on rebase later.
1. dm: allow a dm-fs-style device to be shared via dm-ioctl
Integrates feedback from Alisdair, Mike, and Kiyoshi.
Two main changes occur here:
- One function is added which allows for a programmatically created
mapped device to be inserted into the dm-ioctl hash table. This binds
the device to a name and, optional, uuid which is needed by udev and
allows for userspace management of the mapped device.
- dm_table_complete() was extended to handle all of the final
functional changes required for the table to be operational once
called.
2. init: boot to device-mapper targets without an initr*
Add a dm= kernel parameter modeled after the md= parameter from
do_mounts_md. It allows for device-mapper targets to be configured at
boot time for use early in the boot process (as the root device or
otherwise). It also replaces /dev/XXX calls with major:minor opportunistically.
The format is dm="name uuid ro,table line 1,table line 2,...". The
parser expects the comma to be safe to use as a newline substitute but,
otherwise, uses the normal separator of space. Some attempt has been
made to make it forgiving of additional spaces (using skip_spaces()).
A mapped device created during boot will be assigned a minor of 0 and
may be access via /dev/dm-0.
An example dm-linear root with no uuid may look like:
root=/dev/dm-0 dm="lroot none ro, 0 4096 linear /dev/ubdb 0, 4096 4096 linear /dv/ubdc 0"
Once udev is started, /dev/dm-0 will become /dev/mapper/lroot.
Older upstream threads:
http://marc.info/?l=dm-devel&m=127429492521964&w=2
http://marc.info/?l=dm-devel&m=127429499422096&w=2
http://marc.info/?l=dm-devel&m=127429493922000&w=2
Latest upstream threads:
https://patchwork.kernel.org/patch/104859/
https://patchwork.kernel.org/patch/104860/
https://patchwork.kernel.org/patch/104861/
Bug: 27175947
Signed-off-by: Will Drewry <wad@chromium.org>
Review URL: http://codereview.chromium.org/2020011
Change-Id: I92bd53432a11241228d2e5ac89a3b20d19b05a31
|
|
If ignore_zero_blocks is enabled dm-verity will return zeroes for blocks
matching a zero hash without validating the content.
Bug: 27175947
Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
Signed-off-by: Mike Snitzer <snitzer@redhat.com>
Signed-off-by: Badhri Jagan Sridharan <badhri@google.com>
Change-Id: Id92e20a8347d4f7846dffbf5bcf326fad3265eca
|
|
Add support for correcting corrupted blocks using Reed-Solomon.
This code uses RS(255, N) interleaved across data and hash
blocks. Each error-correcting block covers N bytes evenly
distributed across the combined total data, so that each byte is a
maximum distance away from the others. This makes it possible to
recover from several consecutive corrupted blocks with relatively
small space overhead.
In addition, using verity hashes to locate erasures nearly doubles
the effectiveness of error correction. Being able to detect
corrupted blocks also improves performance, because only corrupted
blocks need to corrected.
For a 2 GiB partition, RS(255, 253) (two parity bytes for each
253-byte block) can correct up to 16 MiB of consecutive corrupted
blocks if erasures can be located, and 8 MiB if they cannot, with
16 MiB space overhead.
Merge conflicts in:
drivers/md/dm-verity-target.c
Bug: 27175947
Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
Signed-off-by: Mike Snitzer <snitzer@redhat.com>
Signed-off-by: Badhri Jagan Sridharan <badhri@google.com>
Change-Id: Ib597efc1da1fc84e9bf267bd312ab84d04f0efbe
|
|
verity_for_bv_block() will be re-used by optional dm-verity object.
Bug: 27175947
Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
Signed-off-by: Mike Snitzer <snitzer@redhat.com>
Signed-off-by: Badhri Jagan Sridharan <badhri@google.com>
Change-Id: Ibb92babd75f71a829a65cc63f28acaf2c3839de0
|
|
object
Prepare for an optional verity object to make use of existing dm-verity
structures and functions.
Merge conflicts in:
drivers/md/dm-verity-target.c
Bug: 27175947
Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
Signed-off-by: Mike Snitzer <snitzer@redhat.com>
Signed-off-by: Badhri Jagan Sridharan <badhri@google.com>
Change-Id: I06c5e22a7f90a136b40f91521061f445981b5872
|
|
Prepare for extending dm-verity with an optional object. Follows the
naming convention used by other DM targets (e.g. dm-cache and dm-era).
Bug: 27175947
Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
Signed-off-by: Mike Snitzer <snitzer@redhat.com>
Signed-off-by: Badhri Jagan Sridharan <badhri@google.com>
Change-Id: Icc5c2802ebf2fce303d085ab5e52d825776cc436
|
|
Move optional argument parsing into a separate function to make it
easier to add more of them without making verity_ctr even longer.
Bug: 27175947
Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
Reviewed-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Mike Snitzer <snitzer@redhat.com>
Signed-off-by: Badhri Jagan Sridharan <badhri@google.com>
Change-Id: I6426dc3ac7e95c3456205fdafa1078fbe9a26743
|
|
Handle dm-verity salting in one place to simplify the code.
Bug: 27175947
Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
Reviewed-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Mike Snitzer <snitzer@redhat.com>
Signed-off-by: Badhri Jagan Sridharan <badhri@google.com>
Change-Id: Iea337445fe4f8380cf1af0e491c7935b6db2092a
|
|
This reverts commit dde72f9e313fc52d467ef0aad41cecd2c9f9f212.
|
|
Patch mmc: core: Signal wakeup event at card insert/removal
provides wake lock for mmc_detect_change()
This reverts commit bdbc5cfe7c034175466285da10d4b2a84addd9c3.
|
|
(cherry picked from commit 011e507b413393eab8279dac8b778ad9b6e9971b)
Running mmcqd as a prio 120 thread forces it to compete with standard
user processes for IO performance, especially when the system is under
severe CPU load. Move it to a SCHED_FIFO thread to reduce the impact of
load on IO performance.
Signed-off-by: Tim Murray <timmurray@google.com>
Bug: 25392275
Change-Id: I1edfe73baa25e181367c30c1f40fee886e92b60d
|
|
(cherry picked from commit e56d82a116176f7af9d642b560abbbd3a2b68013)
We have a couple of CPU hotplug notifiers for resetting the CPU debug
state to a sane value when a CPU comes online.
This patch ensures that we mask out CPU_TASKS_FROZEN so that we don't
miss any online events occuring due to suspend/resume.
Acked-by: Lorenzo Pieralisi <lorenzo.pieralisi@arm.com>
Signed-off-by: Will Deacon <will.deacon@arm.com>
Signed-off-by: Pavel Labath <labath@google.com>
Bug: 27189927
Change-Id: I72549149b9bf1f0d05cb17a1db98f9a342c580c0
|
|
(cherry pick from commit 1d0f72986958c2bf3528cadf7d7acf0771465fd1)
Signed-off-by: Mark Salyzyn <salyzyn@google.com>
Bug: 19173869
Change-Id: I4ccd6161e87df7a87f3bd990cfe1de1f7567bf4c
|
|
CONFIG_TASKSTATS=y
CONFIG_TASK_DELAY_ACCT=y
CONFIG_TASK_XACCT=y
CONFIG_TASK_IO_ACCOUNTING=y
Signed-off-by: Mark Salyzyn <salyzyn@google.com>
Bug: 21334988
Bug: 26966375
Change-Id: Id54be2aad6acdb51040ba613d5d987dd693cd591
|
|
This reverts commit 4b749ddcb21c8cffd9989d200ef4a1bef7877e09.
We do not need this fix with Android ConfigFS gadgets.
Change-Id: I7dffb884a49ecb2f5d619150edfa3e51808ef8cc
Signed-off-by: Amit Pundir <amit.pundir@linaro.org>
|
|
New kernel should use get_unused_fd_flags instead of get_unused_fd.
Signed-off-by: Xinliang Liu <xinliang.liu@linaro.org>
|
|
Due to the irq domain code landing upstream in 3.19, the logic
for requesting irqs in the hikey platform code no longer works.
This patch tries to sovle the issue by using platform_irq_get
to fetch irq details from the DT entry (which properly sets up
the irq through the GIC), and then re-writes the static tables
so irq code gets the right irq number.
This patch cheats a bit, since it only calls platform_irq_get()
once on the first interrupt value in the DT, but that's because
the mali device shares interrupts.
Signed-off-by: John Stultz <john.stultz@linaro.org>
|
|
hikey don't specific the base of fbdev reserve memery.
The reserve mememery is allocate dymanic, so it doesn't
need a check.
Signed-off-by: xinliang.liu <xinliang.liu@linaro.org>
|
|
The following statement doesn't have consistent behaviour on all machines:
$(wildcard $(src)/linux/license/gpl/*)
On some it actually returns the name of the GPL header file, on others it is a blank string.
Since the driver is in-tree, we can assume GPL compliance.
|
|
Add Mali Utgard GPU driver platform files to support the
HiKey board (HI6220), based on the Balong platform.
Note: GPU DVFS is not implemented and a custom Device Tree
entry is needed by these platform files. This is a
first working version that needs to be improved.
Signed-off-by: Guillaume Tucker <guillaume.tucker@arm.com>
[jstultz: Build fixes]
Signed-off-by: John Stultz <john.stultz@linaro.org>
|
|
Add mali_hikey_hi6220_registers_gpu.h with the list of Hi6220 SoC
registers that are needed to use the Mali Utgard GPU.
Signed-off-by: Guillaume Tucker <guillaume.tucker@arm.com>
|
|
Some Mali 450 Utgard GPU platform integration files like
the HiKey need a custom Device Tree entry. This config
option is to disable the standard driver code that expects
things in the device tree which conflict with what the
platform files need.
This is only an interim solution, tne platform files should
really be tidied-up to enable the standard device tree
instead (would require adding more IRQ and other resources).
Signed-off-by: Guillaume Tucker <guillaume.tucker@arm.com>
|
|
Add ARM Mali Utgard driver from this release:
DX910-SW-99002-r6p0-01rel0
This is a direct file drop from the public release original archive.
Signed-off-by: Xinliang Liu <xinliang.liu@linaro.org>
|
|
This is a workaround for bootup blanking issue.
HDMI can detect dsi transfer error, when this error happened
reseting dsi can bring display to normal.
Signed-off-by: Xinliang Liu <xinliang.liu@linaro.org>
|
|
Signed-off-by: Xinliang Liu <xinliang.liu@linaro.org>
|
|
After chasing my tail for a bit, I realized my cheap 3rd party bt
keyboard was targetted as an ipad keyboard, and thus tries to
behave like an apple keyboard.
Adding support for HID_APPLE resolves the issues I was seeing with
bt keyboards not working.
Change-Id: I3112b32a7c1cd0ba1b8fea0c79268a9d3803cfdd
Signed-off-by: John Stultz <john.stultz@linaro.org>
|
|
This reverts commit ae06550aade22de89e84a69d543ade8b31dd9f10.
WIFI_CONTROL_FUNC config is not used anywhere in android-3.10+
kernels. Its usage can be last tracked to BCMDHD wireless driver
in android-3.4 kernel.
Change-Id: I8092bf10b70dd84a9bb3aade4aca80891742d504
Signed-off-by: Amit Pundir <amit.pundir@linaro.org>
|
|
Selinux file labeling of /dev is done by ueventd. Devtmpfs may also create
files in /dev without properly labeling - leading to a race condition
where files are accessed before labeling or created after labeling.
Disabling devtmpfs such that all file creation in /dev is done by ueventd
resolves these issues.
Addresses:
avc: denied { write } for name="/" dev="devtmpfs" ino=1025 scontext=u:r:kernel:s0 tcontext=u:object_r:device:s0 tclass=dir
avc: denied { mknod } for capability=27 scontext=u:r:kernel:s0 tcontext=u:r:kernel:s0 tclass=capability
avc: denied { add_name } for name="usb_accessory" scontext=u:r:kernel:s0 tcontext=u:object_r:device:s0 tclass=dir
avc: denied { create } for name="usb_accessory" scontext=u:r:kernel:s0 tcontext=u:object_r:device:s0 tclass=chr_file
avc: denied { setattr } for name="usb_accessory" dev="devtmpfs" ino=2082 scontext=u:r:kernel:s0 tcontext=u:object_r:device:s0 tclass=chr_file
Change-Id: Iccc06afb035339ba82a9bdd323b14a17d6ee864f
|
|
System V IPCs are not compliant with Android's application lifecycle
because allocated resources are not freeable by the low memory killer.
This lead to global kernel resource leakage.
For example, there is no way to automatically release a SysV
semaphore allocated in the kernel when:
- a buggy or malicious process exits
- a non-buggy and non-malicious process crashes or is explicitly
killed.
Killing processes automatically to make room for new ones is an
important part of Android's application lifecycle implementation.
This means that, even assuming only non-buggy and non-malicious
code, it is very likely that over time, the kernel global tables
used to implement SysV IPCs will fill up.
Bug: 22300191
Bug: 24551430
Signed-off-by: Jeff Vander Stoep <jeffv@google.com>
|
|
CONFIG_SQUASHFS_FILE_DIRECT=y
CONFIG_SQUASHFS_DECOMP_MULTI_PERCPU=y
CONFIG_SQUASHFS_XATTR=y
CONFIG_SQUASHFS_LZ4=y
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
|
|
The uaccess_with_memcpy() code is currently incompatible with the SW
PAN code: it takes locks within the region that we've changed the DACR,
potentially sleeping as a result. As we do not save and restore the
DACR across co-operative sleep events, can lead to an incorrect DACR
value later in this code path.
Reported-by: Peter Rosin <peda@axentia.se>
Tested-by: Peter Rosin <peda@axentia.se>
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
(cherry picked from commit c014953d84ec21a4df9a43be2378861ea6e9246e)
Change-Id: I9c9d1789cb69dcb6ecd1e4055833a5dfebe2045e
|
|
Jonathan Liu reports that the recent addition of CPU_SW_DOMAIN_PAN
causes wpa_supplicant to die due to the following kernel oops:
Unhandled fault: page domain fault (0x81b) at 0x001017a2
pgd = ee1b8000
[001017a2] *pgd=6ebee831, *pte=6c35475f, *ppte=6c354c7f
Internal error: : 81b [#1] SMP ARM
Modules linked in: rt2800usb rt2x00usb rt2800librt2x00lib crc_ccitt mac80211
CPU: 1 PID: 202 Comm: wpa_supplicant Not tainted 4.3.0-rc2 #1
Hardware name: Allwinner sun7i (A20) Family
task: ec872f80 ti: ee364000 task.ti: ee364000
PC is at do_alignment_ldmstm+0x1d4/0x238
LR is at 0x0
pc : [<c001d1d8>] lr : [<00000000>] psr: 600c0113
sp : ee365e18 ip : 00000000 fp : 00000002
r10: 001017a2 r9 : 00000002 r8 : 001017aa
r7 : ee365fb0 r6 : e8820018 r5 : 001017a2 r4 : 00000003
r3 : d49e30e0 r2 : 00000000 r1 : ee365fbc r0 : 00000000
Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none[ 34.393106] Control: 10c5387d Table: 6e1b806a DAC: 00000051
Process wpa_supplicant (pid: 202, stack limit = 0xee364210)
Stack: (0xee365e18 to 0xee366000)
...
[<c001d1d8>] (do_alignment_ldmstm) from [<c001d510>] (do_alignment+0x1f0/0x904)
[<c001d510>] (do_alignment) from [<c00092a0>] (do_DataAbort+0x38/0xb4)
[<c00092a0>] (do_DataAbort) from [<c0013d7c>] (__dabt_usr+0x3c/0x40)
Exception stack(0xee365fb0 to 0xee365ff8)
5fa0: 00000000 56c728c0 001017a2 d49e30e0
5fc0: 775448d2 597d4e74 00200800 7a9e1625 00802001 00000021 b6deec84 00000100
5fe0: 08020200 be9f4f20 0c0b0d0a b6d9b3e0 600c0010 ffffffff
Code: e1a0a005 e1a0000c 1affffe8 e5913000 (e4ea3001)
---[ end trace 0acd3882fcfdf9dd ]---
This is caused by the alignment handler not being fixed up for the
uaccess changes, and userspace issuing an unaligned LDM instruction.
So, fix the problem by adding the necessary fixups.
Reported-by: Jonathan Liu <net147@gmail.com>
Tested-by: Jonathan Liu <net147@gmail.com>
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
Bug: 25672827
Patchset: PAN emulation
(cherry picked from commit 274e91b81ed22957b510ad2988359584eea95dae)
Signed-off-by: Kees Cook <keescook@google.com>
Change-Id: I804b6a6d037ef1603565f98decee9190e19b03d6
|
|
Provide a software-based implementation of the priviledged no access
support found in ARMv8.1.
Userspace pages are mapped using a different domain number from the
kernel and IO mappings. If we switch the user domain to "no access"
when we enter the kernel, we can prevent the kernel from touching
userspace.
However, the kernel needs to be able to access userspace via the
various user accessor functions. With the wrapping in the previous
patch, we can temporarily enable access when the kernel needs user
access, and re-disable it afterwards.
This allows us to trap non-intended accesses to userspace, eg, caused
by an inadvertent dereference of the LIST_POISON* values, which, with
appropriate user mappings setup, can be made to succeed. This in turn
can allow use-after-free bugs to be further exploited than would
otherwise be possible.
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
Bug: 25672827
Patchset: PAN emulation
(cherry picked from commit a5e090acbf545c0a3b04080f8a488b17ec41fe02)
Signed-off-by: Kees Cook <keescook@google.com>
Change-Id: Ic57a2969ba8199fab04fc657f15777422be3b2fa
|
|
On old ARM chips, unaligned accesses to memory are not trapped and
fixed. On module load, symbols are relocated, and the relocation of
__bug_table symbols is done on a u32 basis. Yet the section is not
aligned to a multiple of 4 address, but to a multiple of 2.
This triggers an Oops on pxa architecture, where address 0xbf0021ea
is the first relocation in the __bug_table section :
apply_relocate(): pxa3xx_nand: section 13 reloc 0 sym ''
Unable to handle kernel paging request at virtual address bf0021ea
pgd = e1cd0000
[bf0021ea] *pgd=c1cce851, *pte=c1cde04f, *ppte=c1cde01f
Internal error: Oops: 23 [#1] ARM
Modules linked in:
CPU: 0 PID: 606 Comm: insmod Not tainted 4.2.0-rc8-next-20150828-cm-x300+ #887
Hardware name: CM-X300 module
task: e1c68700 ti: e1c3e000 task.ti: e1c3e000
PC is at apply_relocate+0x2f4/0x3d4
LR is at 0xbf0021ea
pc : [<c000e7c8>] lr : [<bf0021ea>] psr: 80000013
sp : e1c3fe30 ip : 60000013 fp : e49e8c60
r10: e49e8fa8 r9 : 00000000 r8 : e49e7c58
r7 : e49e8c38 r6 : e49e8a58 r5 : e49e8920 r4 : e49e8918
r3 : bf0021ea r2 : bf007034 r1 : 00000000 r0 : bf000000
Flags: Nzcv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none
Control: 0000397f Table: c1cd0018 DAC: 00000051
Process insmod (pid: 606, stack limit = 0xe1c3e198)
[<c000e7c8>] (apply_relocate) from [<c005ce5c>] (load_module+0x1248/0x1f5c)
[<c005ce5c>] (load_module) from [<c005dc54>] (SyS_init_module+0xe4/0x170)
[<c005dc54>] (SyS_init_module) from [<c000a420>] (ret_fast_syscall+0x0/0x38)
Fix this by ensuring entries in __bug_table are all aligned to at least
of multiple of 4. This transforms a module section __bug_table as :
- [12] __bug_table PROGBITS 00000000 002232 000018 00 A 0 0 1
+ [12] __bug_table PROGBITS 00000000 002232 000018 00 A 0 0 4
Signed-off-by: Robert Jarzmik <robert.jarzmik@free.fr>
Reviewed-by: Dave Martin <Dave.Martin@arm.com>
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
Bug: 25672827
Patchset: PAN emulation
(cherry picked from commit a4a5a7379e4ca03c192b732d61e446994eb67bbc)
Signed-off-by: Kees Cook <keescook@google.com>
Change-Id: I0ea8e41d6f71e177b37160487c8b26ff8bea37c5
|
|
We need to have memory dependencies on get_domain/set_domain to avoid
the compiler over-optimising these inline assembly instructions.
Loads/stores must not be reordered across a set_domain(), so introduce
a compiler barrier for that assembly.
The value of get_domain() must not be cached across a set_domain(), but
we still want to allow the compiler to optimise it away. Introduce a
dependency on current_thread_info()->cpu_domain to avoid this; the new
memory clobber in set_domain() should therefore cause the compiler to
re-load this. The other advantage of using this is we should have its
address in the register set already, or very soon after at most call
sites.
Tested-by: Robert Jarzmik <robert.jarzmik@free.fr>
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
Bug: 25672827
Patchset: PAN emulation
(cherry picked from commit 6e8f580d1fcc18e290713984c379cb97131c015a)
Signed-off-by: Kees Cook <keescook@google.com>
Change-Id: I44021c2e0af72a2f20bab4d5af7d67d20ca0a211
|
|
As of 1eef5d2f1b46 ("ARM: domains: switch to keeping domain value in
register") we no longer need to include asm/domains.h into
asm/thread_info.h. Remove it.
Tested-by: Robert Jarzmik <robert.jarzmik@free.fr>
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
Bug: 25672827
Patchset: PAN emulation
(cherry picked from commit 716ff1921a86c637b8875c7bb312fc6755fa9300)
Signed-off-by: Kees Cook <keescook@google.com>
Change-Id: I35ba6851bd5d1e688e8d16771efd3f738dbd5436
|
|
The use of get_domain() in copy_thread() results in an oops on
ARMv7M/noMMU systems. The thread cpu_domain value is only used when
CONFIG_CPU_USE_DOMAINS is enabled, so there's no need to save the
value in copy_thread() except when this is enabled, and this option
will never be enabled on these platforms.
Unhandled exception: IPSR = 00000006 LR = fffffff1
CPU: 0 PID: 0 Comm: swapper Not tainted 4.2.0-next-20150909-00001-gb8ec5ad #41
Hardware name: NXP LPC18xx/43xx (Device Tree)
task: 2823fbe0 ti: 2823c000 task.ti: 2823c000
PC is at copy_thread+0x18/0x92
LR is at copy_thread+0x19/0x92
pc : [<2800a46e>] lr : [<2800a46f>] psr: 4100000b
sp : 2823df00 ip : 00000000 fp : 287c81c0
r10: 00000000 r9 : 00800300 r8 : 287c8000
r7 : 287c8000 r6 : 2818908d r5 : 00000000 r4 : 287ca000
r3 : 00000000 r2 : 00000000 r1 : fffffff0 r0 : 287ca048
xPSR: 4100000b
Reported-by: Ariel D'Alessandro <ariel@vanguardiasur.com.ar>
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
Bug: 25672827
Patchset: PAN emulation
(cherry picked from commit af4cb25df93d2e7a97d65db2bfacaa4400988dea)
Signed-off-by: Kees Cook <keescook@google.com>
Change-Id: I2aa2bf6c1153732c68919ff465ada7878d327310
|
|
This macro is never referenced, remove it.
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
Bug: 25672827
Patchset: PAN emulation
(cherry picked from commit 296254f3223d201f2aa53f5f717eedfdc63f3db8)
Signed-off-by: Kees Cook <keescook@google.com>
Change-Id: I647251a8c51c81c2b89cc0cd35a5f60eba1a4855
|
|
NWFPE needs to access userspace to check whether the next instruction
is another FP instruction. Allow userspace access for this read.
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
Bug: 25672827
Patchset: PAN emulation
(cherry picked from commit 39dc53deff30d9b239ac36cfeb0ef2022d03a449)
Signed-off-by: Kees Cook <keescook@google.com>
Change-Id: Ia9a0fd707d14f8a8f4b181a210a8e27fabd9060d
|
|
DOMAIN_TABLE is not used; in any case, it aliases to the kernel domain.
Remove this definition.
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
Bug: 25672827
Patchset: PAN emulation
(cherry picked from commit 1fb6755f16872ad256c18cce2830f9087502dffd)
Signed-off-by: Kees Cook <keescook@google.com>
Change-Id: I87e5aabbd57de2f6b6d96ac1ed6d1e85ceda4ed6
|
|
Keep the machine vectors in its own domain to avoid software based
user access control from making the vector code inaccessible, and
thereby deadlocking the machine.
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
Bug: 25672827
Patchset: PAN emulation
(cherry picked from commit a02d8dfd54cdf3b1b0464ccc2c1c4afe2c003a35)
Signed-off-by: Kees Cook <keescook@google.com>
Change-Id: I2f912a55c606a08b9e123de2819bc77f8dac955b
|
|
Since we switched to early trap initialisation in 94e5a85b3be0
("ARM: earlier initialization of vectors page") we haven't been writing
directly to the vectors page, and so there's no need for this domain
to be in manager mode. Switch it to client mode.
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
Bug: 25672827
Patchset: PAN emulation
(cherry picked from commit 3c2aed5b28819564e1a07b4686bd89802bcc4d6b)
Signed-off-by: Kees Cook <keescook@google.com>
Change-Id: I6a31f15cd3cc8d431ee50fcc041e95becf2ed7df
|
|
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
Bug: 25672827
Patchset: PAN emulation
(cherry picked from commit 0171356a7708af01ad3224702b7f0aaa5b7a1399)
Signed-off-by: Kees Cook <keescook@google.com>
Conflicts:
arch/arm/kernel/head.S
Change-Id: If8fb66d8887e88c2e8a576b9855225df6ddb3471
|
|
Provide a macro to generate the mask for a domain, rather than using
domain_val(, DOMAIN_MANAGER) which won't work when CPU_USE_DOMAINS
is turned off.
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
Bug: 25672827
Patchset: PAN emulation
(cherry picked from commit 8e798706f7e9cd7f096aa194de90269dde83773e)
Signed-off-by: Kees Cook <keescook@google.com>
Change-Id: I3f732beb6f8d094648636c6030c47115382c6dd7
|
|
Rather than modifying both the domain access control register and our
per-thread copy, modify only the domain access control register, and
use the per-thread copy to save and restore the register over context
switches. We can also avoid the explicit initialisation of the
init thread_info structure.
This allows us to avoid needing to gain access to the thread information
at the uaccess control sites.
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
Bug: 25672827
Patchset: PAN emulation
(cherry picked from commit 1eef5d2f1b461c120bcd82077edee5ec706ac53b)
Signed-off-by: Kees Cook <keescook@google.com>
Change-Id: If903ec86006c4de1a440bf918c5d2491e34ade05
|