1. 22 Oct, 2017 8 commits
  2. 20 Oct, 2017 6 commits
    • Michael Neuling's avatar
      powerpc/tm: P9 disable transactionally suspended sigcontexts · 92fb8690
      Michael Neuling authored
      Unfortunately userspace can construct a sigcontext which enables
      suspend. Thus userspace can force Linux into a path where trechkpt is
      executed.
      
      This patch blocks this from happening on POWER9 by sanity checking
      sigcontexts passed in.
      
      ptrace doesn't have this problem as only MSR SE and BE can be changed
      via ptrace.
      
      This patch also adds a number of WARN_ON()s in case we ever enter
      suspend when we shouldn't. This should not happen, but if it does the
      symptoms are soft lockup warnings which are not obviously TM related,
      so the WARN_ON()s should make it obvious what's happening.
      Signed-off-by: default avatarMichael Neuling <mikey@neuling.org>
      Signed-off-by: default avatarCyril Bur <cyrilbur@gmail.com>
      Signed-off-by: default avatarMichael Ellerman <mpe@ellerman.id.au>
      92fb8690
    • Michael Ellerman's avatar
      powerpc/powernv: Enable TM without suspend if possible · 54820530
      Michael Ellerman authored
      Some Power9 revisions can run in a mode where TM operates without
      suspended state. If we find ourself on a CPU that might be in this
      mode, we query OPAL to check, and if so we reenable TM in CPU
      features, and enable a new user feature to signal to userspace that we
      are in this mode.
      
      We do not enable the "normal" user feature, PPC_FEATURE2_HTM, but we
      do enable PPC_FEATURE2_HTM_NOSC because that indicates to userspace
      that the kernel will abort transactions on syscall entry, which is
      true regardless of the suspend mode.
      Signed-off-by: default avatarMichael Ellerman <mpe@ellerman.id.au>
      54820530
    • Michael Ellerman's avatar
      powerpc: Add PPC_FEATURE2_HTM_NO_SUSPEND · cba6ac48
      Michael Ellerman authored
      Some CPUs can operate in a mode where TM (Transactional Memory) is
      enabled but the suspended state of TM is disabled. In this mode
      tsuspend does not enter suspended state, instead the transaction is
      aborted. Similarly any other event that would lead to suspended state
      instead aborts the transaction.
      
      There is also an ABI change, in that in this mode processes are not
      allowed to sigreturn with an MSR that would lead to suspended state,
      Linux will instead return an error to the sigreturn syscall.
      Signed-off-by: default avatarMichael Ellerman <mpe@ellerman.id.au>
      cba6ac48
    • Cyril Bur's avatar
      powerpc/tm: Add commandline option to disable hardware transactional memory · 07fd1761
      Cyril Bur authored
      Currently the kernel relies on firmware to inform it whether or not the
      CPU supports HTM and as long as the kernel was built with
      CONFIG_PPC_TRANSACTIONAL_MEM=y then it will allow userspace to make
      use of the facility.
      
      There may be situations where it would be advantageous for the kernel
      to not allow userspace to use HTM, currently the only way to achieve
      this is to recompile the kernel with CONFIG_PPC_TRANSACTIONAL_MEM=n.
      
      This patch adds a simple commandline option so that HTM can be
      disabled at boot time.
      Signed-off-by: default avatarCyril Bur <cyrilbur@gmail.com>
      [mpe: Simplify to a bool, move to prom.c, put doco in the right place.
       Always disable, regardless of initial state, to avoid user confusion.]
      Signed-off-by: default avatarMichael Ellerman <mpe@ellerman.id.au>
      07fd1761
    • Michael Ellerman's avatar
      Merge branch 'topic/ppc-kvm' into next · ddd46ed2
      Michael Ellerman authored
      Bring in some KVM commits we need (the TM one in particular).
      ddd46ed2
    • Michael Ellerman's avatar
      KVM: PPC: Tie KVM_CAP_PPC_HTM to the user-visible TM feature · 2a3d6553
      Michael Ellerman authored
      Currently we use CPU_FTR_TM to decide if the CPU/kernel can support
      TM (Transactional Memory), and if it's true we advertise that to
      Qemu (or similar) via KVM_CAP_PPC_HTM.
      
      PPC_FEATURE2_HTM is the user-visible feature bit, which indicates that
      the CPU and kernel can support TM. Currently CPU_FTR_TM and
      PPC_FEATURE2_HTM always have the same value, either true or false, so
      using the former for KVM_CAP_PPC_HTM is correct.
      
      However some Power9 CPUs can operate in a mode where TM is enabled but
      TM suspended state is disabled. In this mode CPU_FTR_TM is true, but
      PPC_FEATURE2_HTM is false. Instead a different PPC_FEATURE2 bit is
      set, to indicate that this different mode of TM is available.
      
      It is not safe to let guests use TM as-is, when the CPU is in this
      mode. So to prevent that from happening, use PPC_FEATURE2_HTM to
      determine the value of KVM_CAP_PPC_HTM.
      Signed-off-by: default avatarMichael Ellerman <mpe@ellerman.id.au>
      2a3d6553
  3. 19 Oct, 2017 1 commit
  4. 16 Oct, 2017 9 commits
  5. 13 Oct, 2017 3 commits
  6. 10 Oct, 2017 1 commit
  7. 06 Oct, 2017 7 commits
  8. 05 Oct, 2017 2 commits
    • Naveen N. Rao's avatar
      powerpc/jprobes: Validate break handler invocation as being due to a jprobe_return() · 3368f569
      Naveen N. Rao authored
      Fix a circa 2005 FIXME by implementing a check to ensure that we
      actually got into the jprobe break handler() due to the trap in
      jprobe_return().
      Acked-by: default avatarMasami Hiramatsu <mhiramat@kernel.org>
      Signed-off-by: default avatarNaveen N. Rao <naveen.n.rao@linux.vnet.ibm.com>
      Signed-off-by: default avatarMichael Ellerman <mpe@ellerman.id.au>
      3368f569
    • Naveen N. Rao's avatar
      powerpc/jprobes: Disable preemption when triggered through ftrace · 6baea433
      Naveen N. Rao authored
      KPROBES_SANITY_TEST throws the below splat when CONFIG_PREEMPT is
      enabled:
      
        Kprobe smoke test: started
        DEBUG_LOCKS_WARN_ON(val > preempt_count())
        ------------[ cut here ]------------
        WARNING: CPU: 19 PID: 1 at kernel/sched/core.c:3094 preempt_count_sub+0xcc/0x140
        Modules linked in:
        CPU: 19 PID: 1 Comm: swapper/0 Not tainted 4.13.0-rc7-nnr+ #97
        task: c0000000fea80000 task.stack: c0000000feb00000
        NIP:  c00000000011d3dc LR: c00000000011d3d8 CTR: c000000000a090d0
        REGS: c0000000feb03400 TRAP: 0700   Not tainted  (4.13.0-rc7-nnr+)
        MSR:  8000000000021033 <SF,ME,IR,DR,RI,LE>  CR: 28000282  XER: 00000000
        CFAR: c00000000015aa18 SOFTE: 0
        <snip>
        NIP preempt_count_sub+0xcc/0x140
        LR  preempt_count_sub+0xc8/0x140
        Call Trace:
          preempt_count_sub+0xc8/0x140 (unreliable)
          kprobe_handler+0x228/0x4b0
          program_check_exception+0x58/0x3b0
          program_check_common+0x16c/0x170
          --- interrupt: 0 at kprobe_target+0x8/0x20
                           LR = init_test_probes+0x248/0x7d0
          kp+0x0/0x80 (unreliable)
          livepatch_handler+0x38/0x74
          init_kprobes+0x1d8/0x208
          do_one_initcall+0x68/0x1d0
          kernel_init_freeable+0x298/0x374
          kernel_init+0x24/0x160
          ret_from_kernel_thread+0x5c/0x70
        Instruction dump:
        419effdc 3d22001b 39299240 81290000 2f890000 409effc8 3c82ffcb 3c62ffcb
        3884bc68 3863bc18 4803d5fd 60000000 <0fe00000> 4bffffa8 60000000 60000000
        ---[ end trace 432dd46b4ce3d29f ]---
        Kprobe smoke test: passed successfully
      
      The issue is that we aren't disabling preemption in
      kprobe_ftrace_handler(). Disable it.
      
      Fixes: ead514d5 ("powerpc/kprobes: Add support for KPROBES_ON_FTRACE")
      Acked-by: default avatarMasami Hiramatsu <mhiramat@kernel.org>
      Signed-off-by: default avatarNaveen N. Rao <naveen.n.rao@linux.vnet.ibm.com>
      [mpe: Trim oops a little for formatting]
      Signed-off-by: default avatarMichael Ellerman <mpe@ellerman.id.au>
      6baea433
  9. 04 Oct, 2017 3 commits
    • Naveen N. Rao's avatar
      powerpc/kprobes: Fix warnings from __this_cpu_read() on preempt kernels · c179ea27
      Naveen N. Rao authored
      Kamalesh pointed out that we are getting the below call traces with
      livepatched functions when we enable CONFIG_PREEMPT:
      
      [  495.470721] BUG: using __this_cpu_read() in preemptible [00000000] code: cat/8394
      [  495.471167] caller is is_current_kprobe_addr+0x30/0x90
      [  495.471171] CPU: 4 PID: 8394 Comm: cat Tainted: G              K 4.13.0-rc7-nnr+ #95
      [  495.471173] Call Trace:
      [  495.471178] [c00000008fd9b960] [c0000000009f039c] dump_stack+0xec/0x160 (unreliable)
      [  495.471184] [c00000008fd9b9a0] [c00000000059169c] check_preemption_disabled+0x15c/0x170
      [  495.471187] [c00000008fd9ba30] [c000000000046460] is_current_kprobe_addr+0x30/0x90
      [  495.471191] [c00000008fd9ba60] [c00000000004e9a0] ftrace_call+0x1c/0xb8
      [  495.471195] [c00000008fd9bc30] [c000000000376fd8] seq_read+0x238/0x5c0
      [  495.471199] [c00000008fd9bcd0] [c0000000003cfd78] proc_reg_read+0x88/0xd0
      [  495.471203] [c00000008fd9bd00] [c00000000033e5d4] __vfs_read+0x44/0x1b0
      [  495.471206] [c00000008fd9bd90] [c0000000003402ec] vfs_read+0xbc/0x1b0
      [  495.471210] [c00000008fd9bde0] [c000000000342138] SyS_read+0x68/0x110
      [  495.471214] [c00000008fd9be30] [c00000000000bc6c] system_call+0x58/0x6c
      
      Commit c05b8c44 ("powerpc/kprobes: Skip livepatch_handler() for
      jprobes") introduced a helper is_current_kprobe_addr() to help determine
      if the current function has been livepatched or if it has a jprobe
      installed, both of which modify the NIP. This was subsequently renamed
      to __is_active_jprobe().
      
      In the case of a jprobe, kprobe_ftrace_handler() disables pre-emption
      before calling into setjmp_pre_handler() which returns without disabling
      pre-emption. This is done to ensure that the jprobe handler won't
      disappear beneath us if the jprobe is unregistered between the
      setjmp_pre_handler() and the subsequent longjmp_break_handler() called
      from the jprobe handler. Due to this, we can use __this_cpu_read() in
      __is_active_jprobe() with the pre-emption check as we know that
      pre-emption will be disabled.
      
      However, if this function has been livepatched, we are still doing this
      check and when we do so, pre-emption won't necessarily be disabled. This
      results in the call trace shown above.
      
      Fix this by only invoking __is_active_jprobe() when pre-emption is
      disabled. And since we now guard this within a pre-emption check, we can
      instead use raw_cpu_read() to get the current_kprobe value skipping the
      check done by __this_cpu_read().
      
      Fixes: c05b8c44 ("powerpc/kprobes: Skip livepatch_handler() for jprobes")
      Reported-by: default avatarKamalesh Babulal <kamalesh@linux.vnet.ibm.com>
      Tested-by: default avatarKamalesh Babulal <kamalesh@linux.vnet.ibm.com>
      Signed-off-by: default avatarNaveen N. Rao <naveen.n.rao@linux.vnet.ibm.com>
      Signed-off-by: default avatarMichael Ellerman <mpe@ellerman.id.au>
      c179ea27
    • Naveen N. Rao's avatar
      powerpc/kprobes: Clean up jprobe detection in livepatch handler · bf3a9125
      Naveen N. Rao authored
      In commit c05b8c44 ("powerpc/kprobes: Skip livepatch_handler() for
      jprobes"), we added a helper is_current_kprobe_addr() to help detect if
      the modified regs->nip was due to a jprobe or livepatch. Masami felt
      that the function name was not quite clear. To that end, this patch
      renames is_current_kprobe_addr() to __is_active_jprobe() and adds a
      comment to (hopefully) better clarify the purpose of this helper. The
      helper has also now been moved to kprobes-ftrace.c so that it is only
      available for KPROBES_ON_FTRACE.
      Signed-off-by: default avatarNaveen N. Rao <naveen.n.rao@linux.vnet.ibm.com>
      Signed-off-by: default avatarMichael Ellerman <mpe@ellerman.id.au>
      bf3a9125
    • Naveen N. Rao's avatar
      powerpc/kprobes: Do not suppress instruction emulation if a single run failed · a7b44038
      Naveen N. Rao authored
      Currently, we disable instruction emulation if emulate_step() fails for
      any reason. However, such failures could be transient and specific to a
      particular run. Instead, only disable instruction emulation if we have
      never been able to emulate this. If we had emulated this instruction
      successfully at least once, then we single step only this probe hit and
      continue to try emulating the instruction in subsequent probe hits.
      Signed-off-by: default avatarNaveen N. Rao <naveen.n.rao@linux.vnet.ibm.com>
      Signed-off-by: default avatarMichael Ellerman <mpe@ellerman.id.au>
      a7b44038