1. 07 Aug, 2018 18 commits
  2. 03 Aug, 2018 4 commits
    • Reza Arbab's avatar
      powerpc/powernv: Fix concurrency issue with npu->mmio_atsd_usage · 9eab9901
      Reza Arbab authored
      We've encountered a performance issue when multiple processors stress
      {get,put}_mmio_atsd_reg(). These functions contend for
      mmio_atsd_usage, an unsigned long used as a bitmask.
      
      The accesses to mmio_atsd_usage are done using test_and_set_bit_lock()
      and clear_bit_unlock(). As implemented, both of these will require
      a (successful) stwcx to that same cache line.
      
      What we end up with is thread A, attempting to unlock, being slowed by
      other threads repeatedly attempting to lock. A's stwcx instructions
      fail and retry because the memory reservation is lost every time a
      different thread beats it to the punch.
      
      There may be a long-term way to fix this at a larger scale, but for
      now resolve the immediate problem by gating our call to
      test_and_set_bit_lock() with one to test_bit(), which is obviously
      implemented without using a store.
      
      Fixes: 1ab66d1f ("powerpc/powernv: Introduce address translation services for Nvlink2")
      Signed-off-by: default avatarReza Arbab <arbab@linux.ibm.com>
      Acked-by: default avatarAlistair Popple <alistair@popple.id.au>
      Signed-off-by: default avatarMichael Ellerman <mpe@ellerman.id.au>
      9eab9901
    • Christoph Hellwig's avatar
      powerpc: Do not redefine NEED_DMA_MAP_STATE · 06832fc0
      Christoph Hellwig authored
      kernel/dma/Kconfig already defines NEED_DMA_MAP_STATE, just select it
      from CONFIG_PPC using the same condition as an if guard.
      Signed-off-by: default avatarChristoph Hellwig <hch@lst.de>
      [mpe: Move it under PPC]
      Signed-off-by: default avatarMichael Ellerman <mpe@ellerman.id.au>
      06832fc0
    • Guenter Roeck's avatar
      powerpc/4xx: Fix error return path in ppc4xx_msi_probe() · 6e0495c2
      Guenter Roeck authored
      An arbitrary error in ppc4xx_msi_probe() quite likely results in a
      crash similar to the following, seen after dma_alloc_coherent()
      returned an error.
      
        Unable to handle kernel paging request for data at address 0x00000000
        Faulting instruction address: 0xc001bff0
        Oops: Kernel access of bad area, sig: 11 [#1]
        BE Canyonlands
        Modules linked in:
        CPU: 0 PID: 1 Comm: swapper Tainted: G        W
        4.18.0-rc6-00010-gff33d1030a6c #1
        NIP:  c001bff0 LR: c001c418 CTR: c01faa7c
        REGS: cf82db40 TRAP: 0300   Tainted: G        W
        (4.18.0-rc6-00010-gff33d1030a6c)
        MSR:  00029000 <CE,EE,ME>  CR: 28002024  XER: 00000000
        DEAR: 00000000 ESR: 00000000
        GPR00: c001c418 cf82dbf0 cf828000 cf8de400 00000000 00000000 000000c4 000000c4
        GPR08: c0481ea4 00000000 00000000 000000c4 22002024 00000000 c00025e8 00000000
        GPR16: 00000000 00000000 00000000 00000000 00000000 00000000 c0492380 0000004a
        GPR24: 00029000 0000000c 00000000 cf8de410 c0494d60 c0494d60 cf8bebc0 00000001
        NIP [c001bff0] ppc4xx_of_msi_remove+0x48/0xa0
        LR [c001c418] ppc4xx_msi_probe+0x294/0x3b8
        Call Trace:
        [cf82dbf0] [00029000] 0x29000 (unreliable)
        [cf82dc10] [c001c418] ppc4xx_msi_probe+0x294/0x3b8
        [cf82dc70] [c0209fbc] platform_drv_probe+0x40/0x9c
        [cf82dc90] [c0208240] driver_probe_device+0x2a8/0x350
        [cf82dcc0] [c0206204] bus_for_each_drv+0x60/0xac
        [cf82dcf0] [c0207e88] __device_attach+0xe8/0x160
        [cf82dd20] [c02071e0] bus_probe_device+0xa0/0xbc
        [cf82dd40] [c02050c8] device_add+0x404/0x5c4
        [cf82dd90] [c0288978] of_platform_device_create_pdata+0x88/0xd8
        [cf82ddb0] [c0288b70] of_platform_bus_create+0x134/0x220
        [cf82de10] [c0288bcc] of_platform_bus_create+0x190/0x220
        [cf82de70] [c0288cf4] of_platform_bus_probe+0x98/0xec
        [cf82de90] [c0449650] __machine_initcall_canyonlands_ppc460ex_device_probe+0x38/0x54
        [cf82dea0] [c0002404] do_one_initcall+0x40/0x188
        [cf82df00] [c043daec] kernel_init_freeable+0x130/0x1d0
        [cf82df30] [c0002600] kernel_init+0x18/0x104
        [cf82df40] [c000c23c] ret_from_kernel_thread+0x14/0x1c
        Instruction dump:
        90010024 813d0024 2f890000 83c30058 41bd0014 48000038 813d0024 7f89f800
        409d002c 813e000c 57ea103a 3bff0001 <7c69502e> 2f830000 419effe0 4803b26d
        ---[ end trace 8cf551077ecfc42a ]---
      
      Fix it up. Specifically,
      
      - Return valid error codes from ppc4xx_setup_pcieh_hw(), have it clean
        up after itself, and only access hardware after all possible error
        conditions have been handled.
      - Use devm_kzalloc() instead of kzalloc() in ppc4xx_msi_probe()
      Signed-off-by: default avatarGuenter Roeck <linux@roeck-us.net>
      Reviewed-by: default avatarChristoph Hellwig <hch@lst.de>
      Signed-off-by: default avatarMichael Ellerman <mpe@ellerman.id.au>
      6e0495c2
    • Nicholas Piggin's avatar
      powernv/cpuidle: Fix idle states all being marked invalid · 3127692d
      Nicholas Piggin authored
      Commit 9c7b185a ("powernv/cpuidle: Parse dt idle properties into
      global structure") parses dt idle states into structs, but never marks
      them valid. This results in all idle states being lost.
      
      Fixes: 9c7b185a ("powernv/cpuidle: Parse dt idle properties into global structure")
      Signed-off-by: default avatarNicholas Piggin <npiggin@gmail.com>
      Acked-by: default avatarAkshay Adiga <akshay.adiga@linux.vnet.ibm.com>
      Signed-off-by: default avatarMichael Ellerman <mpe@ellerman.id.au>
      3127692d
  3. 31 Jul, 2018 16 commits
  4. 30 Jul, 2018 2 commits
    • Alexey Spirkov's avatar
      powerpc/44x: Mark mmu_init_secondary() as __init · f7e2a152
      Alexey Spirkov authored
      mmu_init_secondary() calls ppc44x_pin_tlb() which is marked __init,
      leading to a warning:
      
        The function mmu_init_secondary() references
        the function __init ppc44x_pin_tlb().
      
      There's no CPU hotplug support on 44x so mmu_init_secondary() will
      only be called at boot. Therefore we should mark it as __init.
      Signed-off-by: default avatarAlexey Spirkov <alexeis@astrosoft.ru>
      [mpe: Flesh out change log details]
      Signed-off-by: default avatarMichael Ellerman <mpe@ellerman.id.au>
      f7e2a152
    • Michael Ellerman's avatar
      powerpc/mm: Don't report PUDs as memory leaks when using kmemleak · a984506c
      Michael Ellerman authored
      Paul Menzel reported that kmemleak was producing reports such as:
      
        unreferenced object 0xc0000000f8b80000 (size 16384):
          comm "init", pid 1, jiffies 4294937416 (age 312.240s)
          hex dump (first 32 bytes):
            00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
            00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
          backtrace:
            [<00000000d997deb7>] __pud_alloc+0x80/0x190
            [<0000000087f2e8a3>] move_page_tables+0xbac/0xdc0
            [<00000000091e51c2>] shift_arg_pages+0xc0/0x210
            [<00000000ab88670c>] setup_arg_pages+0x22c/0x2a0
            [<0000000060871529>] load_elf_binary+0x41c/0x1648
            [<00000000ecd9d2d4>] search_binary_handler.part.11+0xbc/0x280
            [<0000000034e0cdd7>] __do_execve_file.isra.13+0x73c/0x940
            [<000000005f953a6e>] sys_execve+0x58/0x70
            [<000000009700a858>] system_call+0x5c/0x70
      
      Indicating that a PUD was being leaked.
      
      However what's really happening is that kmemleak is not able to
      recognise the references from the PGD to the PUD, because they are not
      fully qualified pointers.
      
      We can confirm that in xmon, eg:
      
      Find the task struct for pid 1 "init":
        0:mon> P
             task_struct     ->thread.ksp    PID   PPID S  P CMD
        c0000001fe7c0000 c0000001fe803960      1      0 S 13 systemd
      
      Dump virtual address 0 to find the PGD:
        0:mon> dv 0 c0000001fe7c0000
        pgd  @ 0xc0000000f8b01000
      
      Dump the memory of the PGD:
        0:mon> d c0000000f8b01000
        c0000000f8b01000 00000000f8b90000 0000000000000000  |................|
        c0000000f8b01010 0000000000000000 0000000000000000  |................|
        c0000000f8b01020 0000000000000000 0000000000000000  |................|
        c0000000f8b01030 0000000000000000 00000000f8b80000  |................|
                                          ^^^^^^^^^^^^^^^^
      
      There we can see the reference to our supposedly leaked PUD. But
      because it's missing the leading 0xc, kmemleak won't recognise it.
      
      We can confirm it's still in use by translating an address that is
      mapped via it:
        0:mon> dv 7fff94000000 c0000001fe7c0000
        pgd  @ 0xc0000000f8b01000
        pgdp @ 0xc0000000f8b01038 = 0x00000000f8b80000 <--
        pudp @ 0xc0000000f8b81ff8 = 0x00000000037c4000
        pmdp @ 0xc0000000037c5ca0 = 0x00000000fbd89000
        ptep @ 0xc0000000fbd89000 = 0xc0800001d5ce0386
        Maps physical address = 0x00000001d5ce0000
        Flags = Accessed Dirty Read Write
      
      The fix is fairly simple. We need to tell kmemleak to ignore PUD
      allocations and never report them as leaks. We can also tell it not to
      scan the PGD, because it will never find pointers in there. However it
      will still notice if we allocate a PGD and then leak it.
      Reported-by: default avatarPaul Menzel <pmenzel@molgen.mpg.de>
      Signed-off-by: default avatarMichael Ellerman <mpe@ellerman.id.au>
      Tested-by: default avatarPaul Menzel <pmenzel@molgen.mpg.de>
      Signed-off-by: default avatarMichael Ellerman <mpe@ellerman.id.au>
      a984506c