- 08 Feb, 2019 1 commit
-
-
Linus Walleij authored
As I am adding a PLD GPIO driver for Gateworks, we need their prefix among the vendors. Cc: Imre Kaloz <kaloz@openwrt.org> Cc: Tim Harvey <tharvey@gateworks.com> Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
-
- 04 Feb, 2019 2 commits
-
-
Brian Masney authored
Select IRQ_DOMAIN_HIERARCHY for spmi-gpio in Kconfig since this driver is now setup as a hierarchical IRQ chip. Signed-off-by: Brian Masney <masneyb@onstation.org> Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
-
Brian Masney authored
Export the irq_chip_set_wake_parent symbol so that drivers with hierarchical IRQ chips can be built as a module. Signed-off-by: Brian Masney <masneyb@onstation.org> Reported-by: Mark Brown <broonie@kernel.org> Acked-by: Marc Zyngier <marc.zyngier@arm.com> Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
-
- 28 Jan, 2019 3 commits
-
-
Andy Shevchenko authored
The checker complains during build gpiolib-acpi.c:45: warning: Function parameter or member 'irq_requested' not described in 'acpi_gpio_event' because the typo in the field description. Fix the name to have documentation up-to-date. Signed-off-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com> Acked-by: Mika Westerberg <mika.westerberg@linux.intel.com> Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
-
Andrew Lunn authored
Some TQ-Systems ComExpress modules contain an IO controller with 8 GPIO lines. Signed-off-by: Andrew Lunn <andrew@lunn.ch> Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
-
Phil Reid authored
Add missing '*' char to the start of the comment lines. Signed-off-by: Phil Reid <preid@electromag.com.au> Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
-
- 24 Jan, 2019 13 commits
-
-
Linus Walleij authored
-
Brian Masney authored
Now that spmi-gpio is a proper hierarchical IRQ chip, and all in-tree users of device tree have been updated, we can now drop the hack that was introduced to disassociate the old Linux virq if a hwirq mapping already exists. That patch was introduced to not break git bisect for any existing boards. Driver was tested using gpio-keys and iadc/vadc on the LG Nexus 5 (hammerhead) phone. Signed-off-by: Brian Masney <masneyb@onstation.org> Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
-
Brian Masney authored
qpnpint_irq_domain_map did not validate the IRQ type and this can cause IRQs to not work as expected if an unsupported type (such as IRQ_TYPE_NONE) is passed in. Now that spmi-gpio is a hierarchical IRQ controller, and all device tree bindings have been updated, add additional validation to the type field. Signed-off-by: Brian Masney <masneyb@onstation.org> Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
-
Brian Masney authored
Add interrupt controller properties now that spmi-gpio is a proper hierarchical IRQ chip. The interrupts property is no longer needed so remove it. This change was not tested on any hardware but the same change was tested on qcom-pm8941.dtsi using a LG Nexus 5 (hammerhead) phone with no issues. Signed-off-by: Brian Masney <masneyb@onstation.org> Reviewed-by: Stephen Boyd <sboyd@kernel.org> Reviewed-by: Bjorn Andersson <bjorn.andersson@linaro.org> Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
-
Brian Masney authored
Add interrupt controller properties now that spmi-gpio is a proper hierarchical IRQ chip. The interrupts property is no longer needed so remove it. This change was not tested on any hardware but the same change was tested on qcom-pm8941.dtsi using a LG Nexus 5 (hammerhead) phone with no issues. Signed-off-by: Brian Masney <masneyb@onstation.org> Reviewed-by: Stephen Boyd <sboyd@kernel.org> Reviewed-by: Bjorn Andersson <bjorn.andersson@linaro.org> Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
-
Brian Masney authored
Add interrupt controller properties now that spmi-gpio is a proper hierarchical IRQ chip. The interrupts property is no longer needed so remove it. This change was not tested on any hardware but the same change was tested on qcom-pm8941.dtsi using a LG Nexus 5 (hammerhead) phone with no issues. Signed-off-by: Brian Masney <masneyb@onstation.org> Reviewed-by: Stephen Boyd <sboyd@kernel.org> Reviewed-by: Bjorn Andersson <bjorn.andersson@linaro.org> Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
-
Brian Masney authored
Add interrupt controller properties now that spmi-gpio is a proper hierarchical IRQ chip. The interrupts property is no longer needed so remove it. This change was not tested on any hardware but the same change was tested on qcom-pm8941.dtsi using a LG Nexus 5 (hammerhead) phone with no issues. Signed-off-by: Brian Masney <masneyb@onstation.org> Reviewed-by: Stephen Boyd <sboyd@kernel.org> Reviewed-by: Bjorn Andersson <bjorn.andersson@linaro.org> Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
-
Brian Masney authored
Add interrupt controller properties now that spmi-gpio is a proper hierarchical IRQ chip. The interrupts property is no longer needed so remove it. This change was not tested on any hardware but the same change was tested on qcom-pm8941.dtsi using a LG Nexus 5 (hammerhead) phone with no issues. Signed-off-by: Brian Masney <masneyb@onstation.org> Reviewed-by: Stephen Boyd <sboyd@kernel.org> Reviewed-by: Bjorn Andersson <bjorn.andersson@linaro.org> Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
-
Brian Masney authored
Add interrupt controller properties now that spmi-gpio is a proper hierarchical IRQ chip. The interrupts property is no longer needed so remove it. Code was tested on the LG Nexus 5 (hammerhead) phone. Signed-off-by: Brian Masney <masneyb@onstation.org> Reviewed-by: Stephen Boyd <sboyd@kernel.org> Reviewed-by: Bjorn Andersson <bjorn.andersson@linaro.org> Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
-
Brian Masney authored
spmi-gpio did not have any irqchip support so consumers of this in device tree would need to call gpio[d]_to_irq() in order to get the proper IRQ on the underlying PMIC. IRQ chips in device tree should be usable from the start without the consumer having to make an additional call to get the proper IRQ on the parent. This patch adds hierarchical IRQ chip support to the spmi-gpio code to correct this issue. Driver was tested using the volume buttons (via gpio-keys) on the LG Nexus 5 (hammerhead) phone with the following two configurations. volume-up { interrupts-extended = <&pm8941_gpios 2 IRQ_TYPE_EDGE_BOTH>; ... }; volume-up { gpios = <&pm8941_gpios 2 GPIO_ACTIVE_LOW>; ... }; Both configurations now show that spmi-gpio is the IRQ domain and that the IRQ is setup in a hierarchy. $ grep volume_up /proc/interrupts 72: 6 0 spmi-gpio 1 Edge volume_up $ cat /sys/kernel/debug/irq/irqs/72 handler: handle_edge_irq device: (null) status: 0x00000403 _IRQ_NOPROBE istate: 0x00000000 ddepth: 0 wdepth: 0 dstate: 0x02400203 IRQ_TYPE_EDGE_RISING IRQ_TYPE_EDGE_FALLING IRQD_ACTIVATED IRQD_IRQ_STARTED node: 0 affinity: 0-3 effectiv: domain: :soc:spmi@fc4cf000:pm8941@0:gpios@c000 hwirq: 0x1 chip: spmi-gpio flags: 0x4 IRQCHIP_MASK_ON_SUSPEND parent: domain: :soc:spmi@fc4cf000 hwirq: 0xc100057 chip: pmic_arb flags: 0x4 IRQCHIP_MASK_ON_SUSPEND Signed-off-by: Brian Masney <masneyb@onstation.org> Reviewed-by: Stephen Boyd <sboyd@kernel.org> Reviewed-by: Marc Zyngier <marc.zyngier@arm.com> Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
-
Brian Masney authored
Check to see if the hwirq is already associated with another virq on this IRQ domain. If so, then disassociate it before associating the hwirq with the new virq. This is a temporary hack that is needed in order to not break git bisect for existing boards. The next patch in this series converts spmi-gpio to be a hierarchical IRQ chip, then there are several patches to update all of the device tree files, and finally this patch will be reverted within the same patch series. IRQs for spmi-gpio are all initially setup without an IRQ hierarchy on pmic-arb when mfd/qcom-spmi-pmic.c is probed (via the devm_of_platform_populate call) due to the interrupts property in device tree. Once spmi-gpio is converted to be a hierarchical IRQ chip in the next patch, existing users of gpio[d]_to_irq() will call pmic_gpio_to_irq(), and that will use the new IRQ chip code in spmi-gpio that sets up the IRQ in an IRQ hierarchy. The hwirq is now associated with two Linux virqs and interrupts will not work as expected. This patch corrects that issue. Driver was tested using gpio-keys and iadc/vadc on the LG Nexus 5 (hammerhead) phone. Signed-off-by: Brian Masney <masneyb@onstation.org> Reviewed-by: Stephen Boyd <sboyd@kernel.org> Acked-by: Bjorn Andersson <bjorn.andersson@linaro.org> Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
-
Brian Masney authored
This adds the two new functions gpiochip_irq_domain_activate and gpiochip_irq_domain_deactivate that can be used as the activate and deactivate functions in the struct irq_domain_ops. This is for situations where only gpiochip_{lock,unlock}_as_irq needs to be called. SPMI and SSBI GPIO are two users that will initially use these functions. Signed-off-by: Brian Masney <masneyb@onstation.org> Suggested-by: Stephen Boyd <sboyd@kernel.org> Reviewed-by: Stephen Boyd <sboyd@kernel.org> Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
-
Brian Masney authored
Convert the spmi-pmic-arb IRQ code to use the version 2 IRQ interface in order to support hierarchical IRQ chips. This is necessary so that spmi-gpio can be setup as a hierarchical IRQ chip with pmic-arb as the parent. IRQ chips in device tree should be usable from the start without the consumer having to make an additional call to gpio[d]_to_irq() to get the proper IRQ on the parent. The old qpnpint_irq_domain_map function would hardcode the handler as handle_level_irq, however qpnpint_irq_set_type would later override the handler. Properly set the handler when the IRQ is mapped. This new code doesn't return an error for IRQ_TYPE_NONE and preserves the existing behavior of using handle_level_irq since there are some broken device tree bindings that need to be corrected first. Driver was tested on a LG Nexus 5 (hammerhead) phone. Signed-off-by: Brian Masney <masneyb@onstation.org> Reviewed-by: Marc Zyngier <marc.zyngier@arm.com> Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
-
- 22 Jan, 2019 1 commit
-
-
Steffen Kothe authored
Basic implementation of driver is used to support Fintek F81804 & F81966 gpios with custom register set. Signed-off-by: Steffen Kothe <steffen.kothe.gc1993@googlemail.com> Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
-
- 21 Jan, 2019 10 commits
-
-
Vladimir Zapolskiy authored
R-Car GPIO controller provides two interfaces to set GPIO line output signal state, and for a particular GPIO line the selected interface is determined by OUTDTSEL bit value. At the moment the driver supports only one of two interfaces, namely OUTDT General Output Register is used to control the output signal. While this selection is the default one on reset, it is not explicitly configured on probe, thus it might be possible that kernel and userspace consumers of a GPIO won't be able to set the wanted GPIO output signal. Below is a simple test case to reproduce the described problem and verify this fix in the kernel on H3 ULCB by setting non-default OUTDTSEL configuration from a bootloader: u-boot > mw.l 0xe6055440 0x3000 1 ... userspace > echo default-on > /sys/devices/platform/leds/leds/led5/trigger userspace > echo default-on > /sys/devices/platform/leds/leds/led6/trigger Signed-off-by: Vladimir Zapolskiy <vladimir_zapolskiy@mentor.com> Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
-
Souptick Joarder authored
Remove linux/gpio/machine.h which is included more than once. Signed-off-by: Souptick Joarder <jrdr.linux@gmail.com> Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
-
Jonathan Neuschäfer authored
Like the Spreadtrum EIC driver[1], this driver needs to emulate edge triggered interrupts to support the generic gpio-keys driver. [1]: https://www.spinics.net/lists/kernel/msg2764576.htmlSigned-off-by: Jonathan Neuschäfer <j.neuschaefer@gmx.net> Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
-
Jonathan Neuschäfer authored
This patch implements level-triggered IRQs in the Hollywood GPIO driver. Edge triggered interrupts are not supported in this GPIO controller, so I moved their emulation into a separate patch. Signed-off-by: Jonathan Neuschäfer <j.neuschaefer@gmx.net> Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
-
Thomas Petazzoni authored
When a system has two PCA953x GPIO expanders, the kernel complains with: gpio gpiochip2: (0-0021): detected irqchip that is shared with multiple gpiochips: please fix the driver. Indeed, there is a single instance of "struct irq_chip" that gets re-used for both PCA953x instance. This commit moves the "struct irq_chip" to be part of the "struct pca953x_chip", so that we have one "struct irq_chip" per PCA953X instance. As part of this, the name of the irq_chip is also made different on a per-instance basis, now using the dev_name() of the I2C device. This changes what is visible in /proc/interrupts. Before: 47: 0 0 pca953x 10 Edge e0100000.sdhci cd 48: 0 0 pca953x 6 Edge e0101000.sdhci cd After: 47: 0 0 0-0020 10 Edge e0100000.sdhci cd 48: 2 0 0-0020 6 Edge e0101000.sdhci cd Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com> Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
-
Thomas Petazzoni authored
The current design of pca953x_irq_setup() is: if (all conditions to support IRQ are met) { lots of code to support IRQs, which goes to a serious indentation level. } return 0; It makes more sense to handle this like this: if (!all conditions to support IRQ are met) return 0; handle IRQ support This commit does just this change, reducing by one tab the indentation level of the IRQ setup code. Thanks to this reduced indentation level, we are less restricted by the 80-column limit, and we can have more function arguments on the same line. Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com> Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
-
Brian Masney authored
The probing of this driver calls platform_irq_count, which will setup all of the IRQs that are configured in device tree. In preparation for converting this driver to be a hierarchical IRQ chip, hardcode the IRQ count based on the hardware type so that all the IRQs are not configured immediately and are configured on an as-needed basis later in the boot process. This change will also allow for the removal of the interrupts property later in this patch series once the hierarchical IRQ chip support is in. This patch also removes the generic qcom,spmi-gpio OF match since we don't know the number of pins. All of the existing upstream bindings already include the more-specific binding. The pm8941 code was tested on a LG Nexus 5 (hammerhead) phone. Signed-off-by: Brian Masney <masneyb@onstation.org> Reviewed-by: Stephen Boyd <sboyd@kernel.org> Reviewed-by: Bjorn Andersson <bjorn.andersson@linaro.org> Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
-
Brian Masney authored
Add support for qcom,pm8005-gpio, qcom,pm8998-gpio, and qcom,pmi8998-gpio. These three variants are already in use in some arm64 dtsi files. Those boards work since the generic binding qcom,spmi-gpio is also specified. Signed-off-by: Brian Masney <masneyb@onstation.org> Reviewed-by: Stephen Boyd <sboyd@kernel.org> Reviewed-by: Bjorn Andersson <bjorn.andersson@linaro.org> Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
-
Brian Masney authored
Add support for the PMI8998 GPIO variant to the Qualcomm PMIC GPIO binding document. Signed-off-by: Brian Masney <masneyb@onstation.org> Reviewed-by: Stephen Boyd <sboyd@kernel.org> Reviewed-by: Bjorn Andersson <bjorn.andersson@linaro.org> Reviewed-by: Rob Herring <robh@kernel.org> Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
-
Baolin Wang authored
The Spreadtrum PMIC interrupt controller has no registers to set irq trigger type, since it is always high level trigger. That means the PMIC EIC controller as a child device of PMIC INTC does not need to set the trigger type, so remove it. Signed-off-by: Baolin Wang <baolin.wang@linaro.org> Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
-
- 11 Jan, 2019 1 commit
-
-
Axel Lin authored
Set proper output level base on the argument of direction_output. Also remove sama5d2_piobu_set_direction() as there is only one caller now. Signed-off-by: Axel Lin <axel.lin@ingics.com> Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
-
- 10 Jan, 2019 2 commits
-
-
Hans de Goede authored
__acpi_gpio_update_gpiod_flags purpose is to make the gpiod_flags used when requesting a GPIO match the restrictions from the ACPI resource, as stored in acpi_gpio_info.flags. But acpi_gpio_info.flags only contains direction info, and the requester may have passed in special non-direction flags like GPIOD_FLAGS_BIT_NONEXCLUSIVE, which we currently clobber. This commit modifies __acpi_gpio_update_gpiod_flags to preserve these special flags, so that a requested of an ACPI GPIO can e.g. pass GPIOD_FLAGS_BIT_NONEXCLUSIV and have it work as intended. Acked-by: Mika Westerberg <mika.westerberg@linux.intel.com> Reviewed-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com> Signed-off-by: Hans de Goede <hdegoede@redhat.com> Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
-
Baruch Siach authored
struct gpio_chip documentation recommends to always implement this callback function. A more concrete motivation is to be able (in combination with GPIOD_ASIS) to detect whether the bootloader has changed the state of a GPIO signal. Signed-off-by: Baruch Siach <baruch@tkos.co.il> Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
-
- 07 Jan, 2019 3 commits
-
-
Linus Torvalds authored
-
git://git.kernel.org/pub/scm/linux/kernel/git/masahiroy/linux-kbuildLinus Torvalds authored
Pull more Kbuild updates from Masahiro Yamada: - improve boolinit.cocci and use_after_iter.cocci semantic patches - fix alignment for kallsyms - move 'asm goto' compiler test to Kconfig and clean up jump_label CONFIG option - generate asm-generic wrappers automatically if arch does not implement mandatory UAPI headers - remove redundant generic-y defines - misc cleanups * tag 'kbuild-v4.21-3' of git://git.kernel.org/pub/scm/linux/kernel/git/masahiroy/linux-kbuild: kconfig: rename generated .*conf-cfg to *conf-cfg kbuild: remove unnecessary stubs for archheader and archscripts kbuild: use assignment instead of define ... endef for filechk_* rules arch: remove redundant UAPI generic-y defines kbuild: generate asm-generic wrappers if mandatory headers are missing arch: remove stale comments "UAPI Header export list" riscv: remove redundant kernel-space generic-y kbuild: change filechk to surround the given command with { } kbuild: remove redundant target cleaning on failure kbuild: clean up rule_dtc_dt_yaml kbuild: remove UIMAGE_IN and UIMAGE_OUT jump_label: move 'asm goto' support test to Kconfig kallsyms: lower alignment on ARM scripts: coccinelle: boolinit: drop warnings on named constants scripts: coccinelle: check for redeclaration kconfig: remove unused "file" field of yylval union nds32: remove redundant kernel-space generic-y nios2: remove unneeded HAS_DMA define
-
git://git.kernel.org/pub/scm/linux/kernel/git/tip/tipLinus Torvalds authored
Pull perf tooling updates form Ingo Molnar: "A final batch of perf tooling changes: mostly fixes and small improvements" * 'perf-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: (29 commits) perf session: Add comment for perf_session__register_idle_thread() perf thread-stack: Fix thread stack processing for the idle task perf thread-stack: Allocate an array of thread stacks perf thread-stack: Factor out thread_stack__init() perf thread-stack: Allow for a thread stack array perf thread-stack: Avoid direct reference to the thread's stack perf thread-stack: Tidy thread_stack__bottom() usage perf thread-stack: Simplify some code in thread_stack__process() tools gpio: Allow overriding CFLAGS tools power turbostat: Override CFLAGS assignments and add LDFLAGS to build command tools thermal tmon: Allow overriding CFLAGS assignments tools power x86_energy_perf_policy: Override CFLAGS assignments and add LDFLAGS to build command perf c2c: Increase the HITM ratio limit for displayed cachelines perf c2c: Change the default coalesce setup perf trace beauty ioctl: Beautify USBDEVFS_ commands perf trace beauty: Export function to get the files for a thread perf trace: Wire up ioctl's USBDEBFS_ cmd table generator perf beauty ioctl: Add generator for USBDEVFS_ ioctl commands tools headers uapi: Grab a copy of usbdevice_fs.h perf trace: Store the major number for a file when storing its pathname ...
-
- 06 Jan, 2019 4 commits
-
-
Linus Torvalds authored
The semantics of what "in core" means for the mincore() system call are somewhat unclear, but Linux has always (since 2.3.52, which is when mincore() was initially done) treated it as "page is available in page cache" rather than "page is mapped in the mapping". The problem with that traditional semantic is that it exposes a lot of system cache state that it really probably shouldn't, and that users shouldn't really even care about. So let's try to avoid that information leak by simply changing the semantics to be that mincore() counts actual mapped pages, not pages that might be cheaply mapped if they were faulted (note the "might be" part of the old semantics: being in the cache doesn't actually guarantee that you can access them without IO anyway, since things like network filesystems may have to revalidate the cache before use). In many ways the old semantics were somewhat insane even aside from the information leak issue. From the very beginning (and that beginning is a long time ago: 2.3.52 was released in March 2000, I think), the code had a comment saying Later we can get more picky about what "in core" means precisely. and this is that "later". Admittedly it is much later than is really comfortable. NOTE! This is a real semantic change, and it is for example known to change the output of "fincore", since that program literally does a mmmap without populating it, and then doing "mincore()" on that mapping that doesn't actually have any pages in it. I'm hoping that nobody actually has any workflow that cares, and the info leak is real. We may have to do something different if it turns out that people have valid reasons to want the old semantics, and if we can limit the information leak sanely. Cc: Kevin Easton <kevin@guarana.org> Cc: Jiri Kosina <jikos@kernel.org> Cc: Masatake YAMATO <yamato@redhat.com> Cc: Andrew Morton <akpm@linux-foundation.org> Cc: Greg KH <gregkh@linuxfoundation.org> Cc: Peter Zijlstra <peterz@infradead.org> Cc: Michal Hocko <mhocko@suse.com> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
-
Linus Torvalds authored
Commit 594cc251 ("make 'user_access_begin()' do 'access_ok()'") broke both alpha and SH booting in qemu, as noticed by Guenter Roeck. It turns out that the bug wasn't actually in that commit itself (which would have been surprising: it was mostly a no-op), but in how the addition of access_ok() to the strncpy_from_user() and strnlen_user() functions now triggered the case where those functions would test the access of the very last byte of the user address space. The string functions actually did that user range test before too, but they did it manually by just comparing against user_addr_max(). But with user_access_begin() doing the check (using "access_ok()"), it now exposed problems in the architecture implementations of that function. For example, on alpha, the access_ok() helper macro looked like this: #define __access_ok(addr, size) \ ((get_fs().seg & (addr | size | (addr+size))) == 0) and what it basically tests is of any of the high bits get set (the USER_DS masking value is 0xfffffc0000000000). And that's completely wrong for the "addr+size" check. Because it's off-by-one for the case where we check to the very end of the user address space, which is exactly what the strn*_user() functions do. Why? Because "addr+size" will be exactly the size of the address space, so trying to access the last byte of the user address space will fail the __access_ok() check, even though it shouldn't. As a result, the user string accessor functions failed consistently - because they literally don't know how long the string is going to be, and the max access is going to be that last byte of the user address space. Side note: that alpha macro is buggy for another reason too - it re-uses the arguments twice. And SH has another version of almost the exact same bug: #define __addr_ok(addr) \ ((unsigned long __force)(addr) < current_thread_info()->addr_limit.seg) so far so good: yes, a user address must be below the limit. But then: #define __access_ok(addr, size) \ (__addr_ok((addr) + (size))) is wrong with the exact same off-by-one case: the case when "addr+size" is exactly _equal_ to the limit is actually perfectly fine (think "one byte access at the last address of the user address space") The SH version is actually seriously buggy in another way: it doesn't actually check for overflow, even though it did copy the _comment_ that talks about overflow. So it turns out that both SH and alpha actually have completely buggy implementations of access_ok(), but they happened to work in practice (although the SH overflow one is a serious serious security bug, not that anybody likely cares about SH security). This fixes the problems by using a similar macro on both alpha and SH. It isn't trying to be clever, the end address is based on this logic: unsigned long __ao_end = __ao_a + __ao_b - !!__ao_b; which basically says "add start and length, and then subtract one unless the length was zero". We can't subtract one for a zero length, or we'd just hit an underflow instead. For a lot of access_ok() users the length is a constant, so this isn't actually as expensive as it initially looks. Reported-and-tested-by: Guenter Roeck <linux@roeck-us.net> Cc: Matt Turner <mattst88@gmail.com> Cc: Yoshinori Sato <ysato@users.sourceforge.jp> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
-
git://git.kernel.org/pub/scm/linux/kernel/git/tytso/fscryptLinus Torvalds authored
Pull fscrypt updates from Ted Ts'o: "Add Adiantum support for fscrypt" * tag 'fscrypt_for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tytso/fscrypt: fscrypt: add Adiantum support
-
git://git.kernel.org/pub/scm/linux/kernel/git/tytso/ext4Linus Torvalds authored
Pull ext4 bug fixes from Ted Ts'o: "Fix a number of ext4 bugs" * tag 'ext4_for_linus_stable' of git://git.kernel.org/pub/scm/linux/kernel/git/tytso/ext4: ext4: fix special inode number checks in __ext4_iget() ext4: track writeback errors using the generic tracking infrastructure ext4: use ext4_write_inode() when fsyncing w/o a journal ext4: avoid kernel warning when writing the superblock to a dead device ext4: fix a potential fiemap/page fault deadlock w/ inline_data ext4: make sure enough credits are reserved for dioread_nolock writes
-