1. 15 Nov, 2017 10 commits
    • Allen Pais's avatar
      sparc64: Convert timers to user timer_setup() · ff029687
      Allen Pais authored
      Switch to using the new timer_setup() and from_timer()
      in LDOM Virtual I/O handshake.
      
      Cc: Kees Cook <keescook@chromium.org>
      Signed-off-by: default avatarAllen Pais <allen.pais@oracle.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      ff029687
    • Elena Reshetova's avatar
      sparc64: convert mdesc_handle.refcnt from atomic_t to refcount_t · cdf5976f
      Elena Reshetova authored
      atomic_t variables are currently used to implement reference
      counters with the following properties:
       - counter is initialized to 1 using atomic_set()
       - a resource is freed upon counter reaching zero
       - once counter reaches zero, its further
         increments aren't allowed
       - counter schema uses basic atomic operations
         (set, inc, inc_not_zero, dec_and_test, etc.)
      
      Such atomic variables should be converted to a newly provided
      refcount_t type and API that prevents accidental counter overflows
      and underflows. This is important since overflows and underflows
      can lead to use-after-free situation and be exploitable.
      
      The variable mdesc_handle.refcnt is used as pure reference counter.
      Convert it to refcount_t and fix up the operations.
      Suggested-by: default avatarKees Cook <keescook@chromium.org>
      Reviewed-by: default avatarDavid Windsor <dwindsor@gmail.com>
      Reviewed-by: default avatarHans Liljestrand <ishkamiel@gmail.com>
      Signed-off-by: default avatarElena Reshetova <elena.reshetova@intel.com>
      Acked-by: default avatarShannon Nelson <shannon.nelson@oracle.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      cdf5976f
    • Kees Cook's avatar
      sparc/led: Convert timers to use timer_setup() · 68fa10dc
      Kees Cook authored
      In preparation for unconditionally passing the struct timer_list pointer to
      all timer callbacks, switch to using the new timer_setup() and from_timer()
      to pass the timer pointer explicitly. Adds a static variable to hold timeout
      value.
      
      Cc: "David S. Miller" <davem@davemloft.net>
      Cc: Geliang Tang <geliangtang@gmail.com>
      Cc: Ingo Molnar <mingo@kernel.org>
      Cc: sparclinux@vger.kernel.org
      Signed-off-by: default avatarKees Cook <keescook@chromium.org>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      68fa10dc
    • David S. Miller's avatar
      Merge branch 'sparc64-optimized-fls' · a16036e9
      David S. Miller authored
      Vijay Kumar says:
      
      ====================
      sparc64: Optimize fls and __fls
      
      SPARC provides lzcnt instruction (with VIS3) which can be used to
      optimize fls, __fls and fls64 functions. For the systems that supports
      lzcnt instruction, we now do boot time patching to use sparc
      optimized fls, __fls and fls64 functions.
      
      v3->v4:
       -  Fixed a typo.
      v2->v3:
       -  Using ENTRY(), ENDPROC() for assembler functions.
       -  Removed BITS_PER_LONG from __fls.
       -  Using generic fls64().
       -  Replaced lzcnt instruction with .word directive.
      v1->v2:
       - Fixed delay slot issue.
      ====================
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      a16036e9
    • Vijay Kumar's avatar
      sparc64: Use sparc optimized fls and __fls for T4 and above · 46ad8d2d
      Vijay Kumar authored
      For T4 and above, patch fls and __fls functions
      at the boot time to use lzcnt instruction.
      Signed-off-by: default avatarVijay Kumar <vijay.ac.kumar@oracle.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      46ad8d2d
    • Vijay Kumar's avatar
      sparc64: SPARC optimized __fls function · 2b41ce5d
      Vijay Kumar authored
      Defined SPARC optimized __fls using lzcnt opcode.
      Signed-off-by: default avatarVijay Kumar <vijay.ac.kumar@oracle.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      2b41ce5d
    • Vijay Kumar's avatar
      sparc64: SPARC optimized fls function · 70cbec0c
      Vijay Kumar authored
      Defined SPARC optimized fls using lzcnt opcode.
      Signed-off-by: default avatarVijay Kumar <vijay.ac.kumar@oracle.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      70cbec0c
    • Vijay Kumar's avatar
      sparc64: Define SPARC default __fls function · be52bbe3
      Vijay Kumar authored
      __fls will now require a boot time patching on T4 and above.
      Redefining it under arch/sparc/lib.
      Signed-off-by: default avatarVijay Kumar <vijay.ac.kumar@oracle.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      be52bbe3
    • Vijay Kumar's avatar
      sparc64: Define SPARC default fls function · 41413a60
      Vijay Kumar authored
      fls will now require a boot time patching on T4 and above.
      Redefining it under arch/sparc/lib.
      Signed-off-by: default avatarVijay Kumar <vijay.ac.kumar@oracle.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      41413a60
    • Nagarathnam Muthusamy's avatar
      vDSO for sparc · 9a08862a
      Nagarathnam Muthusamy authored
      Following patch is based on work done by Nick Alcock on 64-bit vDSO for sparc
      in Oracle linux. I have extended it to include support for 32-bit vDSO for sparc
      on 64-bit kernel.
      
      vDSO for sparc is based on the X86 implementation. This patch
      provides vDSO support for both 64-bit and 32-bit programs on 64-bit kernel.
      vDSO will be disabled on 32-bit linux kernel on sparc.
      
      *) vclock_gettime.c contains all the vdso functions. Since data page is mapped
         before the vdso code page, the pointer to data page is got by subracting offset
         from an address in the vdso code page. The return address stored in
         %i7 is used for this purpose.
      *) During compilation, both 32-bit and 64-bit vdso images are compiled and are
         converted into raw bytes by vdso2c program to be ready for mapping into the
         process. 32-bit images are compiled only if CONFIG_COMPAT is enabled. vdso2c
         generates two files vdso-image-64.c and vdso-image-32.c which contains the
         respective vDSO image in C structure.
      *) During vdso initialization, required number of vdso pages are allocated and
         raw bytes are copied into the pages.
      *) During every exec, these pages are mapped into the process through
         arch_setup_additional_pages and the location of mapping is passed on to the
         process through aux vector AT_SYSINFO_EHDR which is used by glibc.
      *) A new update_vsyscall routine for sparc is added to keep the data page in
         vdso updated.
      *) As vDSO cannot contain dynamically relocatable references, a new version of
         cpu_relax is added for the use of vDSO.
      
      This change also requires a putback to glibc to use vDSO. For testing,
      programs planning to try vDSO can be compiled against the generated
      vdso(64/32).so in the source.
      
      Testing:
      
      ========
      [root@localhost ~]# cat vdso_test.c
      int main() {
              struct timespec tv_start, tv_end;
              struct timeval tv_tmp;
      	int i;
              int count = 1 * 1000 * 10000;
      	long long diff;
      
              clock_gettime(0, &tv_start);
              for (i = 0; i < count; i++)
                    gettimeofday(&tv_tmp, NULL);
              clock_gettime(0, &tv_end);
              diff = (long long)(tv_end.tv_sec -
      		tv_start.tv_sec)*(1*1000*1000*1000);
              diff += (tv_end.tv_nsec - tv_start.tv_nsec);
      	printf("Start sec: %d\n", tv_start.tv_sec);
      	printf("End sec  : %d\n", tv_end.tv_sec);
              printf("%d cycles in %lld ns = %f ns/cycle\n", count, diff,
      		(double)diff / (double)count);
              return 0;
      }
      
      [root@localhost ~]# cc vdso_test.c -o t32_without_fix -m32 -lrt
      [root@localhost ~]# ./t32_without_fix
      Start sec: 1502396130
      End sec  : 1502396140
      10000000 cycles in 9565148528 ns = 956.514853 ns/cycle
      [root@localhost ~]# cc vdso_test.c -o t32_with_fix -m32 ./vdso32.so.dbg
      [root@localhost ~]# ./t32_with_fix
      Start sec: 1502396168
      End sec  : 1502396169
      10000000 cycles in 798141262 ns = 79.814126 ns/cycle
      [root@localhost ~]# cc vdso_test.c -o t64_without_fix -m64 -lrt
      [root@localhost ~]# ./t64_without_fix
      Start sec: 1502396208
      End sec  : 1502396218
      10000000 cycles in 9846091800 ns = 984.609180 ns/cycle
      [root@localhost ~]# cc vdso_test.c -o t64_with_fix -m64 ./vdso64.so.dbg
      [root@localhost ~]# ./t64_with_fix
      Start sec: 1502396257
      End sec  : 1502396257
      10000000 cycles in 380984048 ns = 38.098405 ns/cycle
      
      V1 to V2 Changes:
      =================
      	Added hot patching code to switch the read stick instruction to read
      tick instruction based on the hardware.
      
      V2 to V3 Changes:
      =================
      	Merged latest changes from sparc-next and moved the initialization
      of clocksource_tick.archdata.vclock_mode to time_init_early. Disabled
      queued spinlock and rwlock configuration when simulating 32-bit config
      to compile 32-bit VDSO.
      
      V3 to V4 Changes:
      =================
      	Hardcoded the page size as 8192 in linker script for both 64-bit and
      32-bit binaries. Removed unused variables in vdso2c.h. Added -mv8plus flag to
      Makefile to prevent the generation of relocation entries for __lshrdi3 in 32-bit
      vdso binary.
      Signed-off-by: default avatarNick Alcock <nick.alcock@oracle.com>
      Signed-off-by: default avatarNagarathnam Muthusamy <nagarathnam.muthusamy@oracle.com>
      Reviewed-by: default avatarShannon Nelson <shannon.nelson@oracle.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      9a08862a
  2. 28 Sep, 2017 4 commits
  3. 27 Sep, 2017 4 commits
    • Linus Torvalds's avatar
      Merge branch 'for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jack/linux-fs · 9cd6681c
      Linus Torvalds authored
      Pull quota and isofs fixes from Jan Kara:
       "Two quota fixes (fallout of the quota locking changes) and an isofs
        build fix"
      
      * 'for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jack/linux-fs:
        quota: Fix quota corruption with generic/232 test
        isofs: fix build regression
        quota: add missing lock into __dquot_transfer()
      9cd6681c
    • Linus Torvalds's avatar
      Merge tag 'linux-kselftest-4.14-rc3-fixes' of... · 225d3b67
      Linus Torvalds authored
      Merge tag 'linux-kselftest-4.14-rc3-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/shuah/linux-kselftest
      
      Pull kselftest fixes from Shuah Khan:
       "This update consists of:
      
         - fixes to several existing tests
      
         - a test for regression introduced by b9470c27 ("inet: kill
           smallest_size and smallest_port")
      
         - seccomp support for glibc 2.26 siginfo_t.h
      
         - fixes to kselftest framework and tests to run make O=dir use-case
      
         - fixes to silence unnecessary test output to de-clutter test results"
      
      * tag 'linux-kselftest-4.14-rc3-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/shuah/linux-kselftest: (28 commits)
        selftests: timers: set-timer-lat: Fix hang when testing unsupported alarms
        selftests: timers: set-timer-lat: fix hang when std out/err are redirected
        selftests/memfd: correct run_tests.sh permission
        selftests/seccomp: Support glibc 2.26 siginfo_t.h
        selftests: futex: Makefile: fix for loops in targets to run silently
        selftests: Makefile: fix for loops in targets to run silently
        selftests: mqueue: Use full path to run tests from Makefile
        selftests: futex: copy sub-dir test scripts for make O=dir run
        selftests: lib.mk: copy test scripts and test files for make O=dir run
        selftests: sync: kselftest and kselftest-clean fail for make O=dir case
        selftests: sync: use TEST_CUSTOM_PROGS instead of TEST_PROGS
        selftests: lib.mk: add TEST_CUSTOM_PROGS to allow custom test run/install
        selftests: watchdog: fix to use TEST_GEN_PROGS and remove clean
        selftests: lib.mk: fix test executable status check to use full path
        selftests: Makefile: clear LDFLAGS for make O=dir use-case
        selftests: lib.mk: kselftest and kselftest-clean fail for make O=dir case
        Makefile: kselftest and kselftest-clean fail for make O=dir case
        selftests/net: msg_zerocopy enable build with older kernel headers
        selftests: actually run the various net selftests
        selftest: add a reuseaddr test
        ...
      225d3b67
    • Linus Torvalds's avatar
      Merge branch 'x86-fpu-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip · 7031b641
      Linus Torvalds authored
      Pull x86 fpu fixes and cleanups from Ingo Molnar:
       "This is _way_ more cleanups than fixes, but the bugs were subtle and
        hard to hit, and the primary reason for them existing was the
        unnecessary historical complexity of some of the x86/fpu interfaces.
      
        The first bunch of commits clean up and simplify the xstate user copy
        handling functions, in reaction to the collective head-scratching
        about the xstate user-copy handling code that leads up to the fix for
        this SkyLake xstate handling bug:
      
           0852b374: x86/fpu: Add FPU state copying quirk to handle XRSTOR failure on Intel Skylake CPUs
      
        The cleanups don't change any functionality, they just (hopefully)
        make it all clearer, more consistent, more debuggable and more robust.
      
        Note that most of the linecount increase comes from these commits,
        where we better split the user/kernel copy logic by having more
        variants, instead repeated fragile patterns of:
      
                     if (kbuf) {
                             memcpy(kbuf + pos, data, copy);
                     } else {
                             if (__copy_to_user(ubuf + pos, data, copy))
                                     return -EFAULT;
                     }
      
        The next bunch of commits simplify the FPU state-machine to get rid of
        old lazy-FPU idiosyncrasies - a defensive simplification to make all
        the code easier to review and fix. No change in functionality.
      
        Then there's a couple of additional debugging tweaks: static checker
        warning fix and move an FPU related warning to under WARN_ON_FPU(),
        followed by another bunch of commits that represent a finegrained
        split-up of the fixes from Eric Biggers to handle weird xstate bits
        properly.
      
        I did this finegrained split-up because some of these fixes also
        impact the ABI for weird xstate handling, for which we'd like to have
        good bisection results, should they cause any problems. (We also had
        one regression with the more monolithic fixes, so splitting it all up
        sounded prudent for robustness reasons as well.)
      
        About the whole series: the commits up to 03eaec81 have been in
        -next for months - but I've recently rebased them to remove a state
        machine clean-up commit that was objected to, and to make it more
        bisectable - so technically it's a new, rebased tree.
      
        Robustness history: this series had some regressions along the way,
        and all reported regressions have been fixed. All but one of the
        regressions manifested itself as easy to report warnings. The previous
        version of this latest series was also in linux-next, with one
        (warning-only) regression reported which is fixed in the latest
        version.
      
        Barring last minute brown paper bag bugs (and the commits are now
        older by a day which I'd hope helps paperbag reduction), I'm
        reasonably confident about its general robustness.
      
        Famous last words ..."
      
      * 'x86-fpu-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: (42 commits)
        x86/fpu: Use using_compacted_format() instead of open coded X86_FEATURE_XSAVES
        x86/fpu: Use validate_xstate_header() to validate the xstate_header in copy_user_to_xstate()
        x86/fpu: Eliminate the 'xfeatures' local variable in copy_user_to_xstate()
        x86/fpu: Copy the full header in copy_user_to_xstate()
        x86/fpu: Use validate_xstate_header() to validate the xstate_header in copy_kernel_to_xstate()
        x86/fpu: Eliminate the 'xfeatures' local variable in copy_kernel_to_xstate()
        x86/fpu: Copy the full state_header in copy_kernel_to_xstate()
        x86/fpu: Use validate_xstate_header() to validate the xstate_header in __fpu__restore_sig()
        x86/fpu: Use validate_xstate_header() to validate the xstate_header in xstateregs_set()
        x86/fpu: Introduce validate_xstate_header()
        x86/fpu: Rename fpu__activate_fpstate_read/write() to fpu__prepare_[read|write]()
        x86/fpu: Rename fpu__activate_curr() to fpu__initialize()
        x86/fpu: Simplify and speed up fpu__copy()
        x86/fpu: Fix stale comments about lazy FPU logic
        x86/fpu: Rename fpu::fpstate_active to fpu::initialized
        x86/fpu: Remove fpu__current_fpstate_write_begin/end()
        x86/fpu: Fix fpu__activate_fpstate_read() and update comments
        x86/fpu: Reinitialize FPU registers if restoring FPU state fails
        x86/fpu: Don't let userspace set bogus xcomp_bv
        x86/fpu: Turn WARN_ON() in context switch into WARN_ON_FPU()
        ...
      7031b641
    • Jan Kara's avatar
      quota: Fix quota corruption with generic/232 test · 4c6bb696
      Jan Kara authored
      Eric has reported that since commit d2faa415 "quota: Do not acquire
      dqio_sem for dquot overwrites in v2 format" test generic/232
      occasionally fails due to quota information being incorrect. Indeed that
      commit was too eager to remove dqio_sem completely from the path that
      just overwrites quota structure with updated information. Although that
      is innocent on its own, another process that inserts new quota structure
      to the same block can perform read-modify-write cycle of that block thus
      effectively discarding quota information update if they race in a wrong
      way.
      
      Fix the problem by acquiring dqio_sem for reading for overwrites of
      quota structure. Note that it *is* possible to completely avoid taking
      dqio_sem in the overwrite path however that will require modifying path
      inserting / deleting quota structures to avoid RMW cycles of the full
      block and for now it is not clear whether it is worth the hassle.
      
      Fixes: d2faa415Reported-and-tested-by: default avatarEric Whitney <enwlinux@gmail.com>
      Signed-off-by: default avatarJan Kara <jack@suse.cz>
      4c6bb696
  4. 26 Sep, 2017 22 commits
    • Linus Torvalds's avatar
      Merge tag 'mmc-v4.14-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/ulfh/mmc · dc972a67
      Linus Torvalds authored
      Pull MMC fixes from Ulf Hansson:
      
        - sdhci-pci: Fix voltage switch for some Intel host controllers
      
        - tmio: remove broken and noisy debug macro
      
      * tag 'mmc-v4.14-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/ulfh/mmc:
        mmc: sdhci-pci: Fix voltage switch for some Intel host controllers
        mmc: tmio: remove broken and noisy debug macro
      dc972a67
    • Andreas Gruenbacher's avatar
      vfs: Return -ENXIO for negative SEEK_HOLE / SEEK_DATA offsets · fc46820b
      Andreas Gruenbacher authored
      In generic_file_llseek_size, return -ENXIO for negative offsets as well
      as offsets beyond EOF.  This affects filesystems which don't implement
      SEEK_HOLE / SEEK_DATA internally, possibly because they don't support
      holes.
      
      Fixes xfstest generic/448.
      Signed-off-by: default avatarAndreas Gruenbacher <agruenba@redhat.com>
      Cc: stable@vger.kernel.org
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      fc46820b
    • Ingo Molnar's avatar
      8474c532
    • Eric Biggers's avatar
      x86/fpu: Use using_compacted_format() instead of open coded X86_FEATURE_XSAVES · 738f48cb
      Eric Biggers authored
      This is the canonical method to use.
      Signed-off-by: default avatarEric Biggers <ebiggers@google.com>
      Cc: Andrew Morton <akpm@linux-foundation.org>
      Cc: Andy Lutomirski <luto@amacapital.net>
      Cc: Andy Lutomirski <luto@kernel.org>
      Cc: Borislav Petkov <bp@alien8.de>
      Cc: Dave Hansen <dave.hansen@linux.intel.com>
      Cc: Dmitry Vyukov <dvyukov@google.com>
      Cc: Eric Biggers <ebiggers3@gmail.com>
      Cc: Fenghua Yu <fenghua.yu@intel.com>
      Cc: Kees Cook <keescook@chromium.org>
      Cc: Kevin Hao <haokexin@gmail.com>
      Cc: Linus Torvalds <torvalds@linux-foundation.org>
      Cc: Michael Halcrow <mhalcrow@google.com>
      Cc: Oleg Nesterov <oleg@redhat.com>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: Rik van Riel <riel@redhat.com>
      Cc: Thomas Gleixner <tglx@linutronix.de>
      Cc: Wanpeng Li <wanpeng.li@hotmail.com>
      Cc: Yu-cheng Yu <yu-cheng.yu@intel.com>
      Cc: kernel-hardening@lists.openwall.com
      Link: http://lkml.kernel.org/r/20170924105913.9157-11-mingo@kernel.orgSigned-off-by: default avatarIngo Molnar <mingo@kernel.org>
      738f48cb
    • Eric Biggers's avatar
      x86/fpu: Use validate_xstate_header() to validate the xstate_header in copy_user_to_xstate() · 98c0fad9
      Eric Biggers authored
      Tighten the checks in copy_user_to_xstate().
      Signed-off-by: default avatarEric Biggers <ebiggers@google.com>
      Cc: Andrew Morton <akpm@linux-foundation.org>
      Cc: Andy Lutomirski <luto@amacapital.net>
      Cc: Andy Lutomirski <luto@kernel.org>
      Cc: Borislav Petkov <bp@alien8.de>
      Cc: Dave Hansen <dave.hansen@linux.intel.com>
      Cc: Dmitry Vyukov <dvyukov@google.com>
      Cc: Eric Biggers <ebiggers3@gmail.com>
      Cc: Fenghua Yu <fenghua.yu@intel.com>
      Cc: Kees Cook <keescook@chromium.org>
      Cc: Kevin Hao <haokexin@gmail.com>
      Cc: Linus Torvalds <torvalds@linux-foundation.org>
      Cc: Michael Halcrow <mhalcrow@google.com>
      Cc: Oleg Nesterov <oleg@redhat.com>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: Rik van Riel <riel@redhat.com>
      Cc: Thomas Gleixner <tglx@linutronix.de>
      Cc: Wanpeng Li <wanpeng.li@hotmail.com>
      Cc: Yu-cheng Yu <yu-cheng.yu@intel.com>
      Cc: kernel-hardening@lists.openwall.com
      Link: http://lkml.kernel.org/r/20170924105913.9157-10-mingo@kernel.orgSigned-off-by: default avatarIngo Molnar <mingo@kernel.org>
      98c0fad9
    • Eric Biggers's avatar
      x86/fpu: Eliminate the 'xfeatures' local variable in copy_user_to_xstate() · 3d703477
      Eric Biggers authored
      We now have this field in hdr.xfeatures.
      Signed-off-by: default avatarEric Biggers <ebiggers@google.com>
      Cc: Andrew Morton <akpm@linux-foundation.org>
      Cc: Andy Lutomirski <luto@amacapital.net>
      Cc: Andy Lutomirski <luto@kernel.org>
      Cc: Borislav Petkov <bp@alien8.de>
      Cc: Dave Hansen <dave.hansen@linux.intel.com>
      Cc: Dmitry Vyukov <dvyukov@google.com>
      Cc: Eric Biggers <ebiggers3@gmail.com>
      Cc: Fenghua Yu <fenghua.yu@intel.com>
      Cc: Kees Cook <keescook@chromium.org>
      Cc: Kevin Hao <haokexin@gmail.com>
      Cc: Linus Torvalds <torvalds@linux-foundation.org>
      Cc: Michael Halcrow <mhalcrow@google.com>
      Cc: Oleg Nesterov <oleg@redhat.com>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: Rik van Riel <riel@redhat.com>
      Cc: Thomas Gleixner <tglx@linutronix.de>
      Cc: Wanpeng Li <wanpeng.li@hotmail.com>
      Cc: Yu-cheng Yu <yu-cheng.yu@intel.com>
      Cc: kernel-hardening@lists.openwall.com
      Link: http://lkml.kernel.org/r/20170924105913.9157-9-mingo@kernel.orgSigned-off-by: default avatarIngo Molnar <mingo@kernel.org>
      3d703477
    • Eric Biggers's avatar
      x86/fpu: Copy the full header in copy_user_to_xstate() · af2c4322
      Eric Biggers authored
      This is in preparation to verify the full xstate header as supplied by user-space.
      Signed-off-by: default avatarEric Biggers <ebiggers@google.com>
      Cc: Andrew Morton <akpm@linux-foundation.org>
      Cc: Andy Lutomirski <luto@amacapital.net>
      Cc: Andy Lutomirski <luto@kernel.org>
      Cc: Borislav Petkov <bp@alien8.de>
      Cc: Dave Hansen <dave.hansen@linux.intel.com>
      Cc: Dmitry Vyukov <dvyukov@google.com>
      Cc: Eric Biggers <ebiggers3@gmail.com>
      Cc: Fenghua Yu <fenghua.yu@intel.com>
      Cc: Kees Cook <keescook@chromium.org>
      Cc: Kevin Hao <haokexin@gmail.com>
      Cc: Linus Torvalds <torvalds@linux-foundation.org>
      Cc: Michael Halcrow <mhalcrow@google.com>
      Cc: Oleg Nesterov <oleg@redhat.com>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: Rik van Riel <riel@redhat.com>
      Cc: Thomas Gleixner <tglx@linutronix.de>
      Cc: Wanpeng Li <wanpeng.li@hotmail.com>
      Cc: Yu-cheng Yu <yu-cheng.yu@intel.com>
      Cc: kernel-hardening@lists.openwall.com
      Link: http://lkml.kernel.org/r/20170924105913.9157-8-mingo@kernel.orgSigned-off-by: default avatarIngo Molnar <mingo@kernel.org>
      af2c4322
    • Eric Biggers's avatar
      x86/fpu: Use validate_xstate_header() to validate the xstate_header in copy_kernel_to_xstate() · af95774b
      Eric Biggers authored
      Tighten the checks in copy_kernel_to_xstate().
      Signed-off-by: default avatarEric Biggers <ebiggers@google.com>
      Cc: Andrew Morton <akpm@linux-foundation.org>
      Cc: Andy Lutomirski <luto@amacapital.net>
      Cc: Andy Lutomirski <luto@kernel.org>
      Cc: Borislav Petkov <bp@alien8.de>
      Cc: Dave Hansen <dave.hansen@linux.intel.com>
      Cc: Dmitry Vyukov <dvyukov@google.com>
      Cc: Eric Biggers <ebiggers3@gmail.com>
      Cc: Fenghua Yu <fenghua.yu@intel.com>
      Cc: Kees Cook <keescook@chromium.org>
      Cc: Kevin Hao <haokexin@gmail.com>
      Cc: Linus Torvalds <torvalds@linux-foundation.org>
      Cc: Michael Halcrow <mhalcrow@google.com>
      Cc: Oleg Nesterov <oleg@redhat.com>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: Rik van Riel <riel@redhat.com>
      Cc: Thomas Gleixner <tglx@linutronix.de>
      Cc: Wanpeng Li <wanpeng.li@hotmail.com>
      Cc: Yu-cheng Yu <yu-cheng.yu@intel.com>
      Cc: kernel-hardening@lists.openwall.com
      Link: http://lkml.kernel.org/r/20170924105913.9157-7-mingo@kernel.orgSigned-off-by: default avatarIngo Molnar <mingo@kernel.org>
      af95774b
    • Eric Biggers's avatar
      x86/fpu: Eliminate the 'xfeatures' local variable in copy_kernel_to_xstate() · b89eda48
      Eric Biggers authored
      We have this information in the xstate_header.
      Signed-off-by: default avatarEric Biggers <ebiggers@google.com>
      Cc: Andrew Morton <akpm@linux-foundation.org>
      Cc: Andy Lutomirski <luto@amacapital.net>
      Cc: Andy Lutomirski <luto@kernel.org>
      Cc: Borislav Petkov <bp@alien8.de>
      Cc: Dave Hansen <dave.hansen@linux.intel.com>
      Cc: Dmitry Vyukov <dvyukov@google.com>
      Cc: Eric Biggers <ebiggers3@gmail.com>
      Cc: Fenghua Yu <fenghua.yu@intel.com>
      Cc: Kees Cook <keescook@chromium.org>
      Cc: Kevin Hao <haokexin@gmail.com>
      Cc: Linus Torvalds <torvalds@linux-foundation.org>
      Cc: Michael Halcrow <mhalcrow@google.com>
      Cc: Oleg Nesterov <oleg@redhat.com>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: Rik van Riel <riel@redhat.com>
      Cc: Thomas Gleixner <tglx@linutronix.de>
      Cc: Wanpeng Li <wanpeng.li@hotmail.com>
      Cc: Yu-cheng Yu <yu-cheng.yu@intel.com>
      Cc: kernel-hardening@lists.openwall.com
      Link: http://lkml.kernel.org/r/20170924105913.9157-6-mingo@kernel.orgSigned-off-by: default avatarIngo Molnar <mingo@kernel.org>
      b89eda48
    • Eric Biggers's avatar
      x86/fpu: Copy the full state_header in copy_kernel_to_xstate() · 80d8ae86
      Eric Biggers authored
      This is in preparation to verify the full xstate header as supplied by user-space.
      Signed-off-by: default avatarEric Biggers <ebiggers@google.com>
      Cc: Andrew Morton <akpm@linux-foundation.org>
      Cc: Andy Lutomirski <luto@amacapital.net>
      Cc: Andy Lutomirski <luto@kernel.org>
      Cc: Borislav Petkov <bp@alien8.de>
      Cc: Dave Hansen <dave.hansen@linux.intel.com>
      Cc: Dmitry Vyukov <dvyukov@google.com>
      Cc: Eric Biggers <ebiggers3@gmail.com>
      Cc: Fenghua Yu <fenghua.yu@intel.com>
      Cc: Kees Cook <keescook@chromium.org>
      Cc: Kevin Hao <haokexin@gmail.com>
      Cc: Linus Torvalds <torvalds@linux-foundation.org>
      Cc: Michael Halcrow <mhalcrow@google.com>
      Cc: Oleg Nesterov <oleg@redhat.com>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: Rik van Riel <riel@redhat.com>
      Cc: Thomas Gleixner <tglx@linutronix.de>
      Cc: Wanpeng Li <wanpeng.li@hotmail.com>
      Cc: Yu-cheng Yu <yu-cheng.yu@intel.com>
      Cc: kernel-hardening@lists.openwall.com
      Link: http://lkml.kernel.org/r/20170924105913.9157-5-mingo@kernel.orgSigned-off-by: default avatarIngo Molnar <mingo@kernel.org>
      80d8ae86
    • Eric Biggers's avatar
      x86/fpu: Use validate_xstate_header() to validate the xstate_header in __fpu__restore_sig() · b11e2e18
      Eric Biggers authored
      Tighten the checks in __fpu__restore_sig() and update comments.
      Signed-off-by: default avatarEric Biggers <ebiggers@google.com>
      Cc: Andrew Morton <akpm@linux-foundation.org>
      Cc: Andy Lutomirski <luto@amacapital.net>
      Cc: Andy Lutomirski <luto@kernel.org>
      Cc: Borislav Petkov <bp@alien8.de>
      Cc: Dave Hansen <dave.hansen@linux.intel.com>
      Cc: Dmitry Vyukov <dvyukov@google.com>
      Cc: Eric Biggers <ebiggers3@gmail.com>
      Cc: Fenghua Yu <fenghua.yu@intel.com>
      Cc: Kees Cook <keescook@chromium.org>
      Cc: Kevin Hao <haokexin@gmail.com>
      Cc: Linus Torvalds <torvalds@linux-foundation.org>
      Cc: Michael Halcrow <mhalcrow@google.com>
      Cc: Oleg Nesterov <oleg@redhat.com>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: Rik van Riel <riel@redhat.com>
      Cc: Thomas Gleixner <tglx@linutronix.de>
      Cc: Wanpeng Li <wanpeng.li@hotmail.com>
      Cc: Yu-cheng Yu <yu-cheng.yu@intel.com>
      Cc: kernel-hardening@lists.openwall.com
      Link: http://lkml.kernel.org/r/20170924105913.9157-4-mingo@kernel.orgSigned-off-by: default avatarIngo Molnar <mingo@kernel.org>
      b11e2e18
    • Eric Biggers's avatar
      x86/fpu: Use validate_xstate_header() to validate the xstate_header in xstateregs_set() · cf9df81b
      Eric Biggers authored
      Tighten the checks in xstateregs_set().
      Signed-off-by: default avatarEric Biggers <ebiggers@google.com>
      Cc: Andrew Morton <akpm@linux-foundation.org>
      Cc: Andy Lutomirski <luto@amacapital.net>
      Cc: Andy Lutomirski <luto@kernel.org>
      Cc: Borislav Petkov <bp@alien8.de>
      Cc: Dave Hansen <dave.hansen@linux.intel.com>
      Cc: Dmitry Vyukov <dvyukov@google.com>
      Cc: Eric Biggers <ebiggers3@gmail.com>
      Cc: Fenghua Yu <fenghua.yu@intel.com>
      Cc: Kees Cook <keescook@chromium.org>
      Cc: Kevin Hao <haokexin@gmail.com>
      Cc: Linus Torvalds <torvalds@linux-foundation.org>
      Cc: Michael Halcrow <mhalcrow@google.com>
      Cc: Oleg Nesterov <oleg@redhat.com>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: Rik van Riel <riel@redhat.com>
      Cc: Thomas Gleixner <tglx@linutronix.de>
      Cc: Wanpeng Li <wanpeng.li@hotmail.com>
      Cc: Yu-cheng Yu <yu-cheng.yu@intel.com>
      Cc: kernel-hardening@lists.openwall.com
      Link: http://lkml.kernel.org/r/20170924105913.9157-3-mingo@kernel.orgSigned-off-by: default avatarIngo Molnar <mingo@kernel.org>
      cf9df81b
    • Eric Biggers's avatar
      x86/fpu: Introduce validate_xstate_header() · e63e5d5c
      Eric Biggers authored
      Move validation of user-supplied xstate_header into a helper function,
      in preparation of calling it from both the ptrace and sigreturn syscall
      paths.
      
      The new function also considers it to be an error if *any* reserved bits
      are set, whereas before we were just clearing most of them silently.
      
      This should reduce the chance of bugs that fail to correctly validate
      user-supplied XSAVE areas.  It also will expose any broken userspace
      programs that set the other reserved bits; this is desirable because
      such programs will lose compatibility with future CPUs and kernels if
      those bits are ever used for anything.  (There shouldn't be any such
      programs, and in fact in the case where the compacted format is in use
      we were already validating xfeatures.  But you never know...)
      Signed-off-by: default avatarEric Biggers <ebiggers@google.com>
      Cc: Andrew Morton <akpm@linux-foundation.org>
      Cc: Andy Lutomirski <luto@amacapital.net>
      Cc: Andy Lutomirski <luto@kernel.org>
      Cc: Borislav Petkov <bp@alien8.de>
      Cc: Dave Hansen <dave.hansen@linux.intel.com>
      Cc: Dmitry Vyukov <dvyukov@google.com>
      Cc: Eric Biggers <ebiggers3@gmail.com>
      Cc: Fenghua Yu <fenghua.yu@intel.com>
      Cc: Kees Cook <keescook@chromium.org>
      Cc: Kevin Hao <haokexin@gmail.com>
      Cc: Linus Torvalds <torvalds@linux-foundation.org>
      Cc: Michael Halcrow <mhalcrow@google.com>
      Cc: Oleg Nesterov <oleg@redhat.com>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: Rik van Riel <riel@redhat.com>
      Cc: Thomas Gleixner <tglx@linutronix.de>
      Cc: Wanpeng Li <wanpeng.li@hotmail.com>
      Cc: Yu-cheng Yu <yu-cheng.yu@intel.com>
      Cc: kernel-hardening@lists.openwall.com
      Link: http://lkml.kernel.org/r/20170924105913.9157-2-mingo@kernel.orgSigned-off-by: default avatarIngo Molnar <mingo@kernel.org>
      e63e5d5c
    • Ingo Molnar's avatar
      x86/fpu: Rename fpu__activate_fpstate_read/write() to fpu__prepare_[read|write]() · 369a036d
      Ingo Molnar authored
      As per the new nomenclature we don't 'activate' the FPU state
      anymore, we initialize it. So drop the _activate_fpstate name
      from these functions, which were a bit of a mouthful anyway,
      and name them:
      
      	fpu__prepare_read()
      	fpu__prepare_write()
      
      Cc: Andy Lutomirski <luto@amacapital.net>
      Cc: Borislav Petkov <bp@alien8.de>
      Cc: Eric Biggers <ebiggers3@gmail.com>
      Cc: Fenghua Yu <fenghua.yu@intel.com>
      Cc: H. Peter Anvin <hpa@zytor.com>
      Cc: Linus Torvalds <torvalds@linux-foundation.org>
      Cc: Oleg Nesterov <oleg@redhat.com>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: Thomas Gleixner <tglx@linutronix.de>
      Signed-off-by: default avatarIngo Molnar <mingo@kernel.org>
      369a036d
    • Ingo Molnar's avatar
      x86/fpu: Rename fpu__activate_curr() to fpu__initialize() · 2ce03d85
      Ingo Molnar authored
      Rename this function to better express that it's all about
      initializing the FPU state of a task which goes hand in hand
      with the fpu::initialized field.
      
      Cc: Andrew Morton <akpm@linux-foundation.org>
      Cc: Andy Lutomirski <luto@amacapital.net>
      Cc: Borislav Petkov <bp@alien8.de>
      Cc: Dave Hansen <dave.hansen@linux.intel.com>
      Cc: Eric Biggers <ebiggers3@gmail.com>
      Cc: Fenghua Yu <fenghua.yu@intel.com>
      Cc: Linus Torvalds <torvalds@linux-foundation.org>
      Cc: Oleg Nesterov <oleg@redhat.com>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: Rik van Riel <riel@redhat.com>
      Cc: Thomas Gleixner <tglx@linutronix.de>
      Cc: Yu-cheng Yu <yu-cheng.yu@intel.com>
      Link: http://lkml.kernel.org/r/20170923130016.21448-33-mingo@kernel.orgSigned-off-by: default avatarIngo Molnar <mingo@kernel.org>
      2ce03d85
    • Ingo Molnar's avatar
      x86/fpu: Simplify and speed up fpu__copy() · e10078eb
      Ingo Molnar authored
      fpu__copy() has a preempt_disable()/enable() pair, which it had to do to
      be able to atomically unlazy the current task when doing an FNSAVE.
      
      But we don't unlazy tasks anymore, we always do direct saves/restores of
      FPU context.
      
      So remove both the unnecessary critical section, and update the comments.
      
      Cc: Andrew Morton <akpm@linux-foundation.org>
      Cc: Andy Lutomirski <luto@amacapital.net>
      Cc: Borislav Petkov <bp@alien8.de>
      Cc: Dave Hansen <dave.hansen@linux.intel.com>
      Cc: Eric Biggers <ebiggers3@gmail.com>
      Cc: Fenghua Yu <fenghua.yu@intel.com>
      Cc: Linus Torvalds <torvalds@linux-foundation.org>
      Cc: Oleg Nesterov <oleg@redhat.com>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: Rik van Riel <riel@redhat.com>
      Cc: Thomas Gleixner <tglx@linutronix.de>
      Cc: Yu-cheng Yu <yu-cheng.yu@intel.com>
      Link: http://lkml.kernel.org/r/20170923130016.21448-32-mingo@kernel.orgSigned-off-by: default avatarIngo Molnar <mingo@kernel.org>
      e10078eb
    • Ingo Molnar's avatar
      x86/fpu: Fix stale comments about lazy FPU logic · 7f1487c5
      Ingo Molnar authored
      We don't do any lazy restore anymore, what we have are two pieces of optimization:
      
       - no-FPU tasks that don't save/restore the FPU context (kernel threads are such)
      
       - cached FPU registers maintained via the fpu->last_cpu field. This means that
         if an FPU task context switches to a non-FPU task then we can maintain the
         FPU registers as an in-FPU copies (cache), and skip the restoration of them
         once we switch back to the original FPU-using task.
      
      Update all the comments that still referred to old 'lazy' and 'unlazy' concepts.
      
      Cc: Andrew Morton <akpm@linux-foundation.org>
      Cc: Andy Lutomirski <luto@amacapital.net>
      Cc: Borislav Petkov <bp@alien8.de>
      Cc: Dave Hansen <dave.hansen@linux.intel.com>
      Cc: Eric Biggers <ebiggers3@gmail.com>
      Cc: Fenghua Yu <fenghua.yu@intel.com>
      Cc: Linus Torvalds <torvalds@linux-foundation.org>
      Cc: Oleg Nesterov <oleg@redhat.com>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: Rik van Riel <riel@redhat.com>
      Cc: Thomas Gleixner <tglx@linutronix.de>
      Cc: Yu-cheng Yu <yu-cheng.yu@intel.com>
      Link: http://lkml.kernel.org/r/20170923130016.21448-31-mingo@kernel.orgSigned-off-by: default avatarIngo Molnar <mingo@kernel.org>
      7f1487c5
    • Ingo Molnar's avatar
      x86/fpu: Rename fpu::fpstate_active to fpu::initialized · e4a81bfc
      Ingo Molnar authored
      The x86 FPU code used to have a complex state machine where both the FPU
      registers and the FPU state context could be 'active' (or inactive)
      independently of each other - which enabled features like lazy FPU restore.
      
      Much of this complexity is gone in the current code: now we basically can
      have FPU-less tasks (kernel threads) that don't use (and save/restore) FPU
      state at all, plus full FPU users that save/restore directly with no laziness
      whatsoever.
      
      But the fpu::fpstate_active still carries bits of the old complexity - meanwhile
      this flag has become a simple flag that shows whether the FPU context saving
      area in the thread struct is initialized and used, or not.
      
      Rename it to fpu::initialized to express this simplicity in the name as well.
      
      Cc: Andrew Morton <akpm@linux-foundation.org>
      Cc: Andy Lutomirski <luto@amacapital.net>
      Cc: Borislav Petkov <bp@alien8.de>
      Cc: Dave Hansen <dave.hansen@linux.intel.com>
      Cc: Eric Biggers <ebiggers3@gmail.com>
      Cc: Fenghua Yu <fenghua.yu@intel.com>
      Cc: Linus Torvalds <torvalds@linux-foundation.org>
      Cc: Oleg Nesterov <oleg@redhat.com>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: Rik van Riel <riel@redhat.com>
      Cc: Thomas Gleixner <tglx@linutronix.de>
      Cc: Yu-cheng Yu <yu-cheng.yu@intel.com>
      Link: http://lkml.kernel.org/r/20170923130016.21448-30-mingo@kernel.orgSigned-off-by: default avatarIngo Molnar <mingo@kernel.org>
      e4a81bfc
    • Ingo Molnar's avatar
      x86/fpu: Remove fpu__current_fpstate_write_begin/end() · 685c930d
      Ingo Molnar authored
      These functions are not used anymore, so remove them.
      
      Cc: Andrew Morton <akpm@linux-foundation.org>
      Cc: Andy Lutomirski <luto@amacapital.net>
      Cc: Bobby Powers <bobbypowers@gmail.com>
      Cc: Borislav Petkov <bp@alien8.de>
      Cc: Dave Hansen <dave.hansen@linux.intel.com>
      Cc: Eric Biggers <ebiggers3@gmail.com>
      Cc: Fenghua Yu <fenghua.yu@intel.com>
      Cc: Linus Torvalds <torvalds@linux-foundation.org>
      Cc: Oleg Nesterov <oleg@redhat.com>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: Rik van Riel <riel@redhat.com>
      Cc: Thomas Gleixner <tglx@linutronix.de>
      Cc: Yu-cheng Yu <yu-cheng.yu@intel.com>
      Link: http://lkml.kernel.org/r/20170923130016.21448-29-mingo@kernel.orgSigned-off-by: default avatarIngo Molnar <mingo@kernel.org>
      685c930d
    • Ingo Molnar's avatar
      x86/fpu: Fix fpu__activate_fpstate_read() and update comments · 4618e909
      Ingo Molnar authored
      fpu__activate_fpstate_read() can be called for the current task
      when coredumping - or for stopped tasks when ptrace-ing.
      
      Implement this properly in the code and update the comments.
      
      This also fixes an incorrect (but harmless) warning introduced by
      one of the earlier patches.
      
      Cc: Andrew Morton <akpm@linux-foundation.org>
      Cc: Andy Lutomirski <luto@amacapital.net>
      Cc: Borislav Petkov <bp@alien8.de>
      Cc: Dave Hansen <dave.hansen@linux.intel.com>
      Cc: Eric Biggers <ebiggers3@gmail.com>
      Cc: Fenghua Yu <fenghua.yu@intel.com>
      Cc: Linus Torvalds <torvalds@linux-foundation.org>
      Cc: Oleg Nesterov <oleg@redhat.com>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: Rik van Riel <riel@redhat.com>
      Cc: Thomas Gleixner <tglx@linutronix.de>
      Cc: Yu-cheng Yu <yu-cheng.yu@intel.com>
      Link: http://lkml.kernel.org/r/20170923130016.21448-28-mingo@kernel.orgSigned-off-by: default avatarIngo Molnar <mingo@kernel.org>
      4618e909
    • Linus Torvalds's avatar
      Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs · e365806a
      Linus Torvalds authored
      Pull compat fix from Al Viro:
       "I really wish gcc warned about conversions from pointer to function
        into void *..."
      
      * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs:
        fix a typo in put_compat_shm_info()
      e365806a
    • Al Viro's avatar
      fix a typo in put_compat_shm_info() · b776e4b1
      Al Viro authored
      "uip" misspelled as "up"; unfortunately, the latter happens to be
      a function and gcc is happy to convert it to void *...
      Signed-off-by: default avatarAl Viro <viro@zeniv.linux.org.uk>
      b776e4b1