1. 05 Nov, 2019 9 commits
    • Geert Uytterhoeven's avatar
      powerpc/security: Fix debugfs data leak on 32-bit · 3b05a1e5
      Geert Uytterhoeven authored
      "powerpc_security_features" is "unsigned long", i.e. 32-bit or 64-bit,
      depending on the platform (PPC_FSL_BOOK3E or PPC_BOOK3S_64).  Hence
      casting its address to "u64 *", and calling debugfs_create_x64() is
      wrong, and leaks 32-bit of nearby data to userspace on 32-bit platforms.
      
      While all currently defined SEC_FTR_* security feature flags fit in
      32-bit, they all have "ULL" suffixes to make them 64-bit constants.
      Hence fix the leak by changing the type of "powerpc_security_features"
      (and the parameter types of its accessors) to "u64".  This also allows
      to drop the cast.
      
      Fixes: 398af571 ("powerpc/security: Show powerpc_security_features in debugfs")
      Signed-off-by: default avatarGeert Uytterhoeven <geert+renesas@glider.be>
      Signed-off-by: default avatarMichael Ellerman <mpe@ellerman.id.au>
      Link: https://lore.kernel.org/r/20191021142309.28105-1-geert+renesas@glider.be
      3b05a1e5
    • Aneesh Kumar K.V's avatar
      powerpc/book3s64/hash: Add cond_resched to avoid soft lockup warning · 16f6b67c
      Aneesh Kumar K.V authored
      With large memory (8TB and more) hotplug, we can get soft lockup
      warnings as below. These were caused by a long loop without any
      explicit cond_resched which is a problem for !PREEMPT kernels.
      
      Avoid this using cond_resched() while inserting hash page table
      entries. We already do similar cond_resched() in __add_pages(), see
      commit f64ac5e6 ("mm, memory_hotplug: add scheduling point to
      __add_pages").
      
        rcu:     3-....: (24002 ticks this GP) idle=13e/1/0x4000000000000002 softirq=722/722 fqs=12001
         (t=24003 jiffies g=4285 q=2002)
        NMI backtrace for cpu 3
        CPU: 3 PID: 3870 Comm: ndctl Not tainted 5.3.0-197.18-default+ #2
        Call Trace:
          dump_stack+0xb0/0xf4 (unreliable)
          nmi_cpu_backtrace+0x124/0x130
          nmi_trigger_cpumask_backtrace+0x1ac/0x1f0
          arch_trigger_cpumask_backtrace+0x28/0x3c
          rcu_dump_cpu_stacks+0xf8/0x154
          rcu_sched_clock_irq+0x878/0xb40
          update_process_times+0x48/0x90
          tick_sched_handle.isra.16+0x4c/0x80
          tick_sched_timer+0x68/0xe0
          __hrtimer_run_queues+0x180/0x430
          hrtimer_interrupt+0x110/0x300
          timer_interrupt+0x108/0x2f0
          decrementer_common+0x114/0x120
        --- interrupt: 901 at arch_add_memory+0xc0/0x130
            LR = arch_add_memory+0x74/0x130
          memremap_pages+0x494/0x650
          devm_memremap_pages+0x3c/0xa0
          pmem_attach_disk+0x188/0x750
          nvdimm_bus_probe+0xac/0x2c0
          really_probe+0x148/0x570
          driver_probe_device+0x19c/0x1d0
          device_driver_attach+0xcc/0x100
          bind_store+0x134/0x1c0
          drv_attr_store+0x44/0x60
          sysfs_kf_write+0x64/0x90
          kernfs_fop_write+0x1a0/0x270
          __vfs_write+0x3c/0x70
          vfs_write+0xd0/0x260
          ksys_write+0xdc/0x130
          system_call+0x5c/0x68
      Signed-off-by: default avatarAneesh Kumar K.V <aneesh.kumar@linux.ibm.com>
      Signed-off-by: default avatarMichael Ellerman <mpe@ellerman.id.au>
      Link: https://lore.kernel.org/r/20191001084656.31277-1-aneesh.kumar@linux.ibm.com
      16f6b67c
    • Aneesh Kumar K.V's avatar
      powerpc/mm/book3s64/radix: Flush the full mm even when need_flush_all is set · 864edb75
      Aneesh Kumar K.V authored
      With the previous patch, we should now not be using need_flush_all for
      powerpc. But then make sure we force a PID tlbie flush with RIC=2 if
      we ever find need_flush_all set. Also don't reset it after a mmu
      gather flush.
      Signed-off-by: default avatarAneesh Kumar K.V <aneesh.kumar@linux.ibm.com>
      Signed-off-by: default avatarMichael Ellerman <mpe@ellerman.id.au>
      Link: https://lore.kernel.org/r/20191024075801.22434-3-aneesh.kumar@linux.ibm.com
      864edb75
    • Aneesh Kumar K.V's avatar
      powerpc/mm/book3s64/radix: Use freed_tables instead of need_flush_all · 52162ec7
      Aneesh Kumar K.V authored
      With commit 22a61c3c ("asm-generic/tlb: Track freeing of
      page-table directories in struct mmu_gather") we now track whether we
      freed page table in mmu_gather. Use that to decide whether to flush
      Page Walk Cache.
      Signed-off-by: default avatarAneesh Kumar K.V <aneesh.kumar@linux.ibm.com>
      Signed-off-by: default avatarMichael Ellerman <mpe@ellerman.id.au>
      Link: https://lore.kernel.org/r/20191024075801.22434-2-aneesh.kumar@linux.ibm.com
      52162ec7
    • Aneesh Kumar K.V's avatar
      powerpc/mm/book3s64/radix: Remove unused code. · a42d6ba8
      Aneesh Kumar K.V authored
      mm_tlb_flush_nested change was added in the mmu gather tlb flush to
      handle the case of parallel pte invalidate happening with mmap_sem
      held in read mode. This fix was done by commit
      02390f66 ("powerpc/64s/radix: Fix MADV_[FREE|DONTNEED] TLB flush
      miss problem with THP") and the problem is explained in detail in
      commit 99baac21 ("mm: fix MADV_[FREE|DONTNEED] TLB flush miss
      problem")
      
      This was later updated by commit 7a30df49 ("mm: mmu_gather: remove
      __tlb_reset_range() for force flush") to do a full mm flush rather
      than a range flush. By commit dd2283f2 ("mm: mmap: zap pages with
      read mmap_sem in munmap") we are also now allowing a page table free
      in mmap_sem read mode which means we should do a PWC flush too. Our
      current full mm flush imply a PWC flush.
      
      With all the above change the mm_tlb_flush_nested(mm) branch in
      radix__tlb_flush will never be taken because for the nested case we
      would have taken the if (tlb->fullmm) branch. This patch removes the
      unused code. Also, remove the gflush change in
      __radix__flush_tlb_range that was added to handle the range tlb flush
      code. We only check for THP there because hugetlb is flushed via a
      different code path where page size is explicitly specified.
      
      This is a partial revert of commit 02390f66 ("powerpc/64s/radix:
      Fix MADV_[FREE|DONTNEED] TLB flush miss problem with THP")
      Signed-off-by: default avatarAneesh Kumar K.V <aneesh.kumar@linux.ibm.com>
      Signed-off-by: default avatarMichael Ellerman <mpe@ellerman.id.au>
      Link: https://lore.kernel.org/r/20191024075801.22434-1-aneesh.kumar@linux.ibm.com
      a42d6ba8
    • Anthony Steinhauser's avatar
      powerpc/security/book3s64: Report L1TF status in sysfs · 8e6b6da9
      Anthony Steinhauser authored
      Some PowerPC CPUs are vulnerable to L1TF to the same extent as to
      Meltdown. It is also mitigated by flushing the L1D on privilege
      transition.
      
      Currently the sysfs gives a false negative on L1TF on CPUs that I
      verified to be vulnerable, a Power9 Talos II Boston 004e 1202, PowerNV
      T2P9D01.
      Signed-off-by: default avatarAnthony Steinhauser <asteinhauser@google.com>
      Signed-off-by: default avatarMichael Ellerman <mpe@ellerman.id.au>
      [mpe: Just have cpu_show_l1tf() call cpu_show_meltdown() directly]
      Link: https://lore.kernel.org/r/20191029190759.84821-1-asteinhauser@google.com
      8e6b6da9
    • Nathan Lynch's avatar
      powerpc/pseries: safely roll back failed DLPAR cpu add · 80c78428
      Nathan Lynch authored
      dlpar_online_cpu() attempts to online all threads of a core that has
      been added to an LPAR. If onlining a non-primary thread
      fails (e.g. due to an allocation failure), the core is left with at
      least one thread online. dlpar_cpu_add() attempts to roll back the
      whole operation, releasing the core back to the platform. However,
      since some threads of the core being removed are still online, the
      BUG_ON(cpu_online(cpu)) in pseries_remove_processor() strikes:
      
      LE PAGE_SIZE=64K MMU=Hash SMP NR_CPUS=2048 NUMA pSeries
      Modules linked in:
      CPU: 3 PID: 8587 Comm: drmgr Not tainted 5.3.0-rc2-00190-g9b123d1e-dirty #46
      NIP:  c0000000000eeb2c LR: c0000000000eeac4 CTR: c0000000000ee9e0
      REGS: c0000001f745b6c0 TRAP: 0700   Not tainted  (5.3.0-rc2-00190-g9b123d1e-dirty)
      MSR:  800000010282b033 <SF,VEC,VSX,EE,FP,ME,IR,DR,RI,LE,TM[E]>  CR: 44002448  XER: 00000000
      CFAR: c00000000195d718 IRQMASK: 0
      GPR00: c0000000000eeac4 c0000001f745b950 c0000000032f6200 0000000000000008
      GPR04: 0000000000000008 c000000003349c78 0000000000000040 00000000000001ff
      GPR08: 0000000000000008 0000000000000000 0000000000000001 0007ffffffffffff
      GPR12: 0000000084002844 c00000001ecacb80 0000000000000000 0000000000000000
      GPR16: 0000000000000000 0000000000000000 0000000000000000 0000000000000000
      GPR20: 0000000000000000 0000000000000000 0000000000000000 0000000000000008
      GPR24: c000000003349ee0 c00000000334a2e4 c0000000fca4d7a8 c000000001d20048
      GPR28: 0000000000000001 ffffffffffffffff ffffffffffffffff c0000000fca4d7c4
      NIP [c0000000000eeb2c] pseries_smp_notifier+0x14c/0x2e0
      LR [c0000000000eeac4] pseries_smp_notifier+0xe4/0x2e0
      Call Trace:
      [c0000001f745b950] [c0000000000eeac4] pseries_smp_notifier+0xe4/0x2e0 (unreliable)
      [c0000001f745ba10] [c0000000001ac774] notifier_call_chain+0xb4/0x190
      [c0000001f745bab0] [c0000000001ad62c] blocking_notifier_call_chain+0x7c/0xb0
      [c0000001f745baf0] [c00000000167bda0] of_detach_node+0xc0/0x110
      [c0000001f745bb50] [c0000000000e7ae4] dlpar_detach_node+0x64/0xa0
      [c0000001f745bb80] [c0000000000edefc] dlpar_cpu_add+0x31c/0x360
      [c0000001f745bc10] [c0000000000ee980] dlpar_cpu_probe+0x50/0xb0
      [c0000001f745bc50] [c00000000002cf70] arch_cpu_probe+0x40/0x70
      [c0000001f745bc70] [c000000000ccd808] cpu_probe_store+0x48/0x80
      [c0000001f745bcb0] [c000000000cbcef8] dev_attr_store+0x38/0x60
      [c0000001f745bcd0] [c00000000059c980] sysfs_kf_write+0x70/0xb0
      [c0000001f745bd10] [c00000000059afb8] kernfs_fop_write+0xf8/0x280
      [c0000001f745bd60] [c0000000004b437c] __vfs_write+0x3c/0x70
      [c0000001f745bd80] [c0000000004b8710] vfs_write+0xd0/0x220
      [c0000001f745bdd0] [c0000000004b8acc] ksys_write+0x7c/0x140
      [c0000001f745be20] [c00000000000bbd8] system_call+0x5c/0x68
      
      Move dlpar_offline_cpu() up in the file so that dlpar_online_cpu() can
      use it to re-offline any threads that have been onlined when an error
      is encountered.
      Signed-off-by: default avatarNathan Lynch <nathanl@linux.ibm.com>
      Fixes: e666ae0b ("powerpc/pseries: Update CPU hotplug error recovery")
      Signed-off-by: default avatarMichael Ellerman <mpe@ellerman.id.au>
      Link: https://lore.kernel.org/r/20191016183611.10867-3-nathanl@linux.ibm.com
      80c78428
    • Nathan Lynch's avatar
      powerpc/pseries: address checkpatch warnings in dlpar_offline_cpu · 3366ebe9
      Nathan Lynch authored
      Remove some stray blank lines, convert a printk to pr_warn, and
      address a line length violation.
      
      One functional change: use WARN_ON instead of BUG_ON in case H_PROD of
      a ceded thread yields an unexpected result from the platform. We can
      expect this code path to get uninterruptibly stuck in __cpu_die() if
      this happens, but that's more desirable than crashing.
      Signed-off-by: default avatarNathan Lynch <nathanl@linux.ibm.com>
      Fixes: b6db63d1 ("pseries/pseries: Add code to online/offline CPUs of a DLPAR node")
      Signed-off-by: default avatarMichael Ellerman <mpe@ellerman.id.au>
      Link: https://lore.kernel.org/r/20191016183611.10867-2-nathanl@linux.ibm.com
      3366ebe9
    • Michael Ellerman's avatar
      selftests/powerpc: Skip tm-signal-sigreturn-nt if TM not available · 50512706
      Michael Ellerman authored
      On systems where TM (Transactional Memory) is disabled the
      tm-signal-sigreturn-nt test causes a SIGILL:
      
        test: tm_signal_sigreturn_nt
        tags: git_version:7c202575
        !! child died by signal 4
        failure: tm_signal_sigreturn_nt
      
      We should skip the test if TM is not available.
      
      Fixes: 34642d70 ("selftests/powerpc: Add checks for transactional sigreturn")
      Signed-off-by: default avatarMichael Ellerman <mpe@ellerman.id.au>
      Link: https://lore.kernel.org/r/20191104233524.24348-1-mpe@ellerman.id.au
      50512706
  2. 04 Nov, 2019 1 commit
  3. 30 Oct, 2019 4 commits
    • Michael Ellerman's avatar
      powerpc/tools: Don't quote $objdump in scripts · e44ff9ea
      Michael Ellerman authored
      Some of our scripts are passed $objdump and then call it as
      "$objdump". This doesn't work if it contains spaces because we're
      using ccache, for example you get errors such as:
      
        ./arch/powerpc/tools/relocs_check.sh: line 48: ccache ppc64le-objdump: No such file or directory
        ./arch/powerpc/tools/unrel_branch_check.sh: line 26: ccache ppc64le-objdump: No such file or directory
      
      Fix it by not quoting the string when we expand it, allowing the shell
      to do the right thing for us.
      
      Fixes: a71aa05e ("powerpc: Convert relocs_check to a shell script using grep")
      Fixes: 4ea80652 ("powerpc/64s: Tool to flag direct branches from unrelocated interrupt vectors")
      Signed-off-by: default avatarMichael Ellerman <mpe@ellerman.id.au>
      Signed-off-by: default avatarMichael Ellerman <mpe@ellerman.id.au>
      Link: https://lore.kernel.org/r/20191024004730.32135-1-mpe@ellerman.id.au
      e44ff9ea
    • Michael Ellerman's avatar
      powerpc: Add build-time check of ptrace PT_xx defines · b9e0805a
      Michael Ellerman authored
      As part of the uapi we export a lot of PT_xx defines for each register
      in struct pt_regs. These are expressed as an index from gpr[0], in
      units of unsigned long.
      
      Currently there's nothing tying the values of those defines to the
      actual layout of the struct.
      
      But we *don't* want to change the uapi defines to derive the PT_xx
      values based on the layout of the struct, those values are ABI and
      must never change.
      
      Instead we want to do the reverse, make sure that the layout of the
      struct never changes vs the PT_xx defines. So add build time checks of
      that.
      
      This probably seems paranoid, but at least once in the past someone
      has sent a patch that would have broken the ABI if it hadn't been
      spotted. Although it probably would have been detected via testing,
      it's preferable to just quash any issues at the source.
      Signed-off-by: default avatarMichael Ellerman <mpe@ellerman.id.au>
      Signed-off-by: default avatarMichael Ellerman <mpe@ellerman.id.au>
      Link: https://lore.kernel.org/r/20191030111231.22720-1-mpe@ellerman.id.au
      b9e0805a
    • Mathieu Malaterre's avatar
      powerpc/ptrace: Add prototype for function pt_regs_check · 5c74f799
      Mathieu Malaterre authored
      `pt_regs_check` is a dummy function, its purpose is to break the build
      if struct pt_regs and struct user_pt_regs don't match.
      
      This function has no functionnal purpose, and will get eliminated at
      link time or after init depending on CONFIG_LD_DEAD_CODE_DATA_ELIMINATION
      
      This commit adds a prototype to fix warning at W=1:
      
        arch/powerpc/kernel/ptrace.c:3339:13: error: no previous prototype for ‘pt_regs_check’ [-Werror=missing-prototypes]
      Suggested-by: default avatarChristophe Leroy <christophe.leroy@c-s.fr>
      Signed-off-by: default avatarMathieu Malaterre <malat@debian.org>
      Signed-off-by: default avatarMichael Ellerman <mpe@ellerman.id.au>
      Link: https://lore.kernel.org/r/20181208154624.6504-1-malat@debian.org
      5c74f799
    • Michael Ellerman's avatar
      selftests/powerpc: Add a test of spectre_v2 mitigations · c790c3d2
      Michael Ellerman authored
      This test uses the PMU to count branch prediction hits/misses for a
      known loop, and compare the result to the reported spectre v2
      mitigation.
      
      This gives us a way of sanity checking that the reported mitigation is
      actually in effect.
      
      Sample output for some cases, eg:
      
        Power9:
          sysfs reports: 'Vulnerable'
           PM_BR_PRED_CCACHE: result        368 running/enabled 5792777124
          PM_BR_MPRED_CCACHE: result        319 running/enabled 5792775546
           PM_BR_PRED_PCACHE: result 2147483281 running/enabled 5792773128
          PM_BR_MPRED_PCACHE: result  213604201 running/enabled 5792771640
          Miss percent 9 %
          OK - Measured branch prediction rates match reported spectre v2 mitigation.
      
          sysfs reports: 'Mitigation: Indirect branch serialisation (kernel only)'
           PM_BR_PRED_CCACHE: result        895 running/enabled 5780320920
          PM_BR_MPRED_CCACHE: result        822 running/enabled 5780312414
           PM_BR_PRED_PCACHE: result 2147482754 running/enabled 5780308836
          PM_BR_MPRED_PCACHE: result  213639731 running/enabled 5780307912
          Miss percent 9 %
          OK - Measured branch prediction rates match reported spectre v2 mitigation.
      
          sysfs reports: 'Mitigation: Indirect branch cache disabled'
           PM_BR_PRED_CCACHE: result 2147483649 running/enabled 20540186160
          PM_BR_MPRED_CCACHE: result 2147483649 running/enabled 20540180056
           PM_BR_PRED_PCACHE: result          0 running/enabled 20540176090
          PM_BR_MPRED_PCACHE: result          0 running/enabled 20540174182
          Miss percent 100 %
          OK - Measured branch prediction rates match reported spectre v2 mitigation.
      
        Power8:
          sysfs reports: 'Vulnerable'
           PM_BR_PRED_CCACHE: result 2147483649 running/enabled 3505888142
          PM_BR_MPRED_CCACHE: result          9 running/enabled 3505882788
          Miss percent 0 %
          OK - Measured branch prediction rates match reported spectre v2 mitigation.
      
          sysfs reports: 'Mitigation: Indirect branch cache disabled'
           PM_BR_PRED_CCACHE: result 2147483649 running/enabled 16931421988
          PM_BR_MPRED_CCACHE: result 2147483649 running/enabled 16931416478
          Miss percent 100 %
          OK - Measured branch prediction rates match reported spectre v2 mitigation.
          success: spectre_v2
      Signed-off-by: default avatarMichael Ellerman <mpe@ellerman.id.au>
      Signed-off-by: default avatarMichael Ellerman <mpe@ellerman.id.au>
      Link: https://lore.kernel.org/r/20190520105520.22274-1-mpe@ellerman.id.au
      c790c3d2
  4. 29 Oct, 2019 3 commits
  5. 28 Oct, 2019 9 commits
  6. 25 Oct, 2019 1 commit
    • Frederic Barrat's avatar
      powerpc/powernv/eeh: Fix oops when probing cxl devices · a8a30219
      Frederic Barrat authored
      Recent cleanup in the way EEH support is added to a device causes a
      kernel oops when the cxl driver probes a device and creates virtual
      devices discovered on the FPGA:
      
        BUG: Kernel NULL pointer dereference at 0x000000a0
        Faulting instruction address: 0xc000000000048070
        Oops: Kernel access of bad area, sig: 7 [#1]
        ...
        NIP eeh_add_device_late.part.9+0x50/0x1e0
        LR  eeh_add_device_late.part.9+0x3c/0x1e0
        Call Trace:
          _dev_info+0x5c/0x6c (unreliable)
          pnv_pcibios_bus_add_device+0x60/0xb0
          pcibios_bus_add_device+0x40/0x60
          pci_bus_add_device+0x30/0x100
          pci_bus_add_devices+0x64/0xd0
          cxl_pci_vphb_add+0xe0/0x130 [cxl]
          cxl_probe+0x504/0x5b0 [cxl]
          local_pci_probe+0x6c/0x110
          work_for_cpu_fn+0x38/0x60
      
      The root cause is that those cxl virtual devices don't have a
      representation in the device tree and therefore no associated pci_dn
      structure. In eeh_add_device_late(), pdn is NULL, so edev is NULL and
      we oops.
      
      We never had explicit support for EEH for those virtual devices.
      Instead, EEH events are reported to the (real) pci device and handled
      by the cxl driver. Which can then forward to the virtual devices and
      handle dependencies. The fact that we try adding EEH support for the
      virtual devices is new and a side-effect of the recent cleanup.
      
      This patch fixes it by skipping adding EEH support on powernv for
      devices which don't have a pci_dn structure.
      
      The cxl driver doesn't create virtual devices on pseries so this patch
      doesn't fix it there intentionally.
      
      Fixes: b905f8cd ("powerpc/eeh: EEH for pSeries hot plug")
      Signed-off-by: default avatarFrederic Barrat <fbarrat@linux.ibm.com>
      Reviewed-by: default avatarSam Bobroff <sbobroff@linux.ibm.com>
      Signed-off-by: default avatarMichael Ellerman <mpe@ellerman.id.au>
      Link: https://lore.kernel.org/r/20191016162833.22509-1-fbarrat@linux.ibm.com
      a8a30219
  7. 24 Oct, 2019 1 commit
  8. 16 Oct, 2019 1 commit
  9. 13 Oct, 2019 1 commit
  10. 11 Oct, 2019 7 commits
  11. 10 Oct, 2019 1 commit
  12. 09 Oct, 2019 2 commits