Commit Graph

855727 Commits

Author SHA1 Message Date
Vasily Gorbik 724dc336b7 s390/startup: add pgm check info printing
Try to print out startup pgm check info including exact linux kernel
version, pgm interruption code and ilc, psw and general registers. Like
the following:

Linux version 5.3.0-rc7-07282-ge7b4d41d61bd-dirty (gor@tuxmaker) #3 SMP PREEMPT Thu Sep 5 16:07:34 CEST 2019
Kernel fault: interruption code 0005 ilc:2
PSW : 0000000180000000 0000000000012e52
      R:0 T:0 IO:0 EX:0 Key:0 M:0 W:0 P:0 AS:0 CC:0 PM:0 RI:0 EA:3
GPRS: 0000000000000000 00ffffffffffffff 0000000000000000 0000000000019a58
      000000000000bf68 0000000000000000 0000000000000000 0000000000000000
      0000000000000000 0000000000000000 000000000001a041 0000000000000000
      0000000004c9c000 0000000000010070 0000000000012e42 000000000000beb0

This info makes it apparent that kernel startup failed and might help
to understand what went wrong without actual standalone dump.

Printing code runs on its own stack of 1 page (at unused 0x5000), which
should be sufficient for sclp_early_printk usage (typical stack usage
observed has been around 512 bytes).

The code has pgm check recursion prevention, despite pgm check info
printing failure (follow on pgm check) or success it restores original
faulty psw and gprs and does disabled wait.

Reviewed-by: Heiko Carstens <heiko.carstens@de.ibm.com>
Signed-off-by: Vasily Gorbik <gor@linux.ibm.com>
Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
2019-09-13 12:17:37 +02:00
Harald Freudenberger 9e323d45ba s390/crypto: xts-aes-s390 fix extra run-time crypto self tests finding
With 'extra run-time crypto self tests' enabled, the selftest
for s390-xts fails with

  alg: skcipher: xts-aes-s390 encryption unexpectedly succeeded on
  test vector "random: len=0 klen=64"; expected_error=-22,
  cfg="random: inplace use_digest nosimd src_divs=[2.61%@+4006,
  84.44%@+21, 1.55%@+13, 4.50%@+344, 4.26%@+21, 2.64%@+27]"

This special case with nbytes=0 is not handled correctly and this
fix now makes sure that -EINVAL is returned when there is en/decrypt
called with 0 bytes to en/decrypt.

Signed-off-by: Harald Freudenberger <freude@linux.ibm.com>
Signed-off-by: Vasily Gorbik <gor@linux.ibm.com>
2019-09-05 15:18:15 +02:00
Wei Yongjun 987ca7ca1f vfio-ccw: fix error return code in vfio_ccw_sch_init()
Fix to return negative error code -ENOMEM from the memory alloc failed
error handling case instead of 0, as done elsewhere in this function.

Fixes: 60e05d1cf0 ("vfio-ccw: add some logging")
Signed-off-by: Wei Yongjun <weiyongjun1@huawei.com>
Reviewed-by: Cornelia Huck <cohuck@redhat.com>
Link https://lore.kernel.org/kvm/20190904083315.105600-1-weiyongjun1@huawei.com/
Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
Signed-off-by: Vasily Gorbik <gor@linux.ibm.com>
2019-09-05 15:18:15 +02:00
Halil Pasic 024cdcdbf3 s390: vfio-ap: fix warning reset not completed
The intention seems to be to warn once when we don't wait enough for the
reset to complete. Let's use the right retry counter to accomplish that
semantic.

Signed-off-by: Halil Pasic <pasic@linux.ibm.com>
Link: https://lore.kernel.org/r/20190903133618.9122-1-pasic@linux.ibm.com
Reviewed-by: Cornelia Huck <cohuck@redhat.com>
Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
Signed-off-by: Vasily Gorbik <gor@linux.ibm.com>
2019-09-05 15:18:15 +02:00
Vasily Gorbik 512222789c s390/base: remove unused s390_base_mcck_handler
s390_base_mcck_handler was used during system reset if diag308 set was
not available. But after commit d485235b00 ("s390: assume diag308 set
always works") is a dead code and could be removed.

Acked-by: Heiko Carstens <heiko.carstens@de.ibm.com>
Signed-off-by: Vasily Gorbik <gor@linux.ibm.com>
2019-09-03 13:53:56 +02:00
Philipp Rudo 4df9a82549 s390/sclp: Fix bit checked for has_sipl
Fixes: c9896acc78 ("s390/ipl: Provide has_secure sysfs attribute")
Cc: stable@vger.kernel.org # 5.2+
Reviewed-by: Heiko Carstens <heiko.carstens@de.ibm.com>
Signed-off-by: Philipp Rudo <prudo@linux.ibm.com>
Signed-off-by: Vasily Gorbik <gor@linux.ibm.com>
2019-09-03 13:53:40 +02:00
Harald Freudenberger deffa48fb0 s390/zcrypt: fix wrong handling of cca cipher keygenflags
Tests showed that the keygenflags parameter is not handled
correctly within the zcrypt ccamisc generate cca cipher key
code. A similar code is used with cca cipher key value import
and there the flags are handled correctly. For unknown reason
these lines have not been updated for the generate function
and so this patch now introduces these two lines of code.

This affects only pkey with the use of CCA cipher keys and
the use of additional key generate flags.

Fixes: 4bc123b18c ("s390/zcrypt: Add low level functions for CCA AES cipher keys")
Signed-off-by: Harald Freudenberger <freude@linux.ibm.com>
Signed-off-by: Vasily Gorbik <gor@linux.ibm.com>
2019-08-29 16:31:44 +02:00
Vasily Gorbik 58879d468a Add some logging into the s390dbf.
-----BEGIN PGP SIGNATURE-----
 
 iQJGBAABCAAwFiEEw9DWbcNiT/aowBjO3s9rk8bwL68FAl1moVQSHGNvaHVja0By
 ZWRoYXQuY29tAAoJEN7Pa5PG8C+v/NQP/0q9qUrHEYuAgdsv4zREgZsc3kZt9lhu
 wuuYleh5tPD3jGMQp/mRPMj6YpfxulMy7UGr+yJHT1CVS9Fg77JeCjXAKIKd0vYQ
 QbvS3NK4loFV5kR3nu533thNG0wZoj6ZmqldsXUqmrF6D+D88EsGwY8iItbji34J
 bDFbM9FJsQpqZdPY8O9DlUONa71KzSh+qfWmiBrzYSsDdVntNtFcHMsD35H28SEJ
 9i33QWzN8aZun4yxnTQNpXmroL9HKOGPozvjvc4HjTkbW+JSi07yqLn9nBWuIOVr
 amnVhfh0qBkOchAl3L8S2r98Hl/u2ltACxdCke/QSEOVb3tee9skLFdyAiiNFU0Q
 MC7DXfRZjcDckhbH8UCl6/N16y1uxV3a2rB8eqprkH/Zf2gkVSNqevC/mezvZh+P
 kiqSvHRpsN/GAE30iOgBnUyGDLKk59xlBE9wdXNR5GPhsHi+YLVulNGiaFhiJjeY
 SctV4RLsAI7KEoOqYn6yKRVj85+VwnKvwgzoDf9+ygMPvcCrj5WsUqHgETusI7UT
 YAb6tCTc0zIemh+j4wYvrJiBj+BEKZCn5rhiQM/NLblDiV28DhwPOd7sYLOuXqYL
 ggaqk2sBz6cyILaWvv0dmlG+DG3UnJj4TH6BmtGI1Kmj6fzbW61LiE8T+smJ2grE
 7R6WKtHvwnFK
 =IVL8
 -----END PGP SIGNATURE-----

Merge tag 'vfio-ccw-20190828' of https://git.kernel.org/pub/scm/linux/kernel/git/kvms390/vfio-ccw into features

Add some logging into the s390dbf.

* tag 'vfio-ccw-20190828' of https://git.kernel.org/pub/scm/linux/kernel/git/kvms390/vfio-ccw:
  vfio-ccw: add some logging

Signed-off-by: Vasily Gorbik <gor@linux.ibm.com>
2019-08-29 15:38:40 +02:00
Vasily Gorbik 042c1d29de s390/kasan: add kdump support
If kasan enabled kernel is used as crash kernel it crashes itself with
program check loop during kdump execution. The reason for that is that
kasan shadow memory backed by pages beyond OLDMEM_SIZE. Make kasan memory
allocator respect physical memory limit imposed by kdump.

Signed-off-by: Vasily Gorbik <gor@linux.ibm.com>
2019-08-29 15:34:58 +02:00
Vasily Gorbik d0b319843b s390/setup: avoid using strncmp with hardcoded length
Replace strncmp usage in console mode setup code with simple strcmp.
Replace strncmp which is used for prefix comparison with str_has_prefix.

Signed-off-by: Vasily Gorbik <gor@linux.ibm.com>
2019-08-29 15:34:58 +02:00
Vasily Gorbik 54fb07d030 s390/sclp: avoid using strncmp with hardcoded length
"earlyprintk" option documentation does not clearly state which
platform supports which additional values (e.g. ",keep"). Preserve old
option behaviour and reuse str_has_prefix instead of strncmp for prefix
testing.

Signed-off-by: Vasily Gorbik <gor@linux.ibm.com>
2019-08-29 15:34:58 +02:00
Vasily Gorbik b29cd7c4c4 s390/module: avoid using strncmp with hardcoded length
Reuse str_has_prefix instead of strncmp with hardcoded length to
make the intent of a comparison more obvious.

Signed-off-by: Vasily Gorbik <gor@linux.ibm.com>
2019-08-29 15:34:57 +02:00
Vasily Gorbik 8dec6bd4ef s390/pci: avoid using strncmp with hardcoded length
Command line option values passed to __setup callbacks are always
null-terminated and "s390_iommu=" may only accept "strict" as value.
So replace strncmp with strcmp.

While at it also make s390_iommu_setup return 1, which means this
command line option is handled by this callback.

Signed-off-by: Vasily Gorbik <gor@linux.ibm.com>
2019-08-29 15:34:57 +02:00
Vasily Gorbik 759d4899d9 s390/kaslr: reserve memory for kasan usage
Sometimes the kernel fails to boot with:
"The Linux kernel failed to boot with the KernelAddressSanitizer:
out of memory during initialisation" even with big amounts of memory when
both kaslr and kasan are enabled.

The problem is that kasan initialization code requires 1/8 of physical
memory plus some for page tables. To keep as much code instrumented
as possible kasan avoids using memblock for memory allocations. Instead
kasan uses trivial memory allocator which simply chops off the memory
from the end of online physical memory. For that reason when kaslr is
enabled together with kasan avoid positioning kernel into upper memory
region which would be utilized during kasan initialization.

Reviewed-by: Gerald Schaefer <gerald.schaefer@de.ibm.com>
Signed-off-by: Vasily Gorbik <gor@linux.ibm.com>
2019-08-26 12:51:18 +02:00
Vasily Gorbik 9b692102d8 s390/mem_detect: provide single get_mem_detect_end
get_mem_detect_end is already used in couple of places with potential
to be utilized in more cases. Provide single get_mem_detect_end
implementation in asm/mem_detect.h to be used by kasan and startup code.

Signed-off-by: Vasily Gorbik <gor@linux.ibm.com>
2019-08-26 12:51:18 +02:00
Vasily Gorbik 5f0917a281 s390/cmma: reuse kstrtobool for option value parsing
"cmma" option setup already recognises some textual values. Yet kstrtobool
is a more common way to parse boolean values, reuse it to unify option
value parsing behavior and simplify code a bit.

While at it, __setup value parsing callbacks are expected to return
1 when an option is recognized, and returning any other value won't
trigger any error message currently, so simply return 1.

Reviewed-by: Philipp Rudo <prudo@linux.ibm.com>
Signed-off-by: Vasily Gorbik <gor@linux.ibm.com>
2019-08-26 12:51:18 +02:00
Vasily Gorbik 3d64436453 s390/vdso: reuse kstrtobool for option value parsing
"vdso" option setup already recognises integer and textual values. Yet
kstrtobool is a more common way to parse boolean values, reuse it to
unify option value parsing behavior and simplify code a bit.

While at it, __setup value parsing callbacks are expected to return
1 when an option is recognized, and returning any other value won't
trigger any error message currently, so simply return 1.

Also don't change default vdso_enabled value of 1 when "vdso" option
value is invalid.

Reviewed-by: Philipp Rudo <prudo@linux.ibm.com>
Signed-off-by: Vasily Gorbik <gor@linux.ibm.com>
2019-08-26 12:51:17 +02:00
Vasily Gorbik 227f52a43a s390/startup: correct command line options parsing
Check val is not NULL before accessing it. This might happen if
corresponding kernel command line options are used without specifying
values.

Signed-off-by: Vasily Gorbik <gor@linux.ibm.com>
2019-08-26 12:51:17 +02:00
Vasily Gorbik a45425d8a5 s390/vmcp: correct early_param handling
Check "p" is not NULL before passing it to memparse, which doesn't
handle that case explicitly.

Signed-off-by: Vasily Gorbik <gor@linux.ibm.com>
2019-08-26 12:51:17 +02:00
Vasily Gorbik 915ef7bda7 s390/numa: correct early_param handling
When command line options are used without specifying values
(e.g. "emu_size" instead of "emu_size="), the value is NULL. Check that
before performing string operations and further processing.

Signed-off-by: Vasily Gorbik <gor@linux.ibm.com>
2019-08-26 12:51:17 +02:00
Cornelia Huck 60e05d1cf0 vfio-ccw: add some logging
Usually, the common I/O layer logs various things into the s390
cio debug feature, which has been very helpful in the past when
looking at crash dumps. As vfio-ccw devices unbind from the
standard I/O subchannel driver, we lose some information there.

Let's introduce some vfio-ccw debug features and log some things
there. (Unfortunately we cannot reuse the cio debug feature from
a module.)

Message-Id: <20190816151505.9853-2-cohuck@redhat.com>
Reviewed-by: Eric Farman <farman@linux.ibm.com>
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
2019-08-23 12:53:32 +02:00
Harald Freudenberger 416f79c23d s390/paes: Prepare paes functions for large key blobs
The context used to store the key blob used a fixed 80 bytes
buffer. And all the set_key functions did not even check the given key
size. With CCA variable length AES cipher keys there come key blobs
with about 136 bytes and maybe in the future there will arise the need
to store even bigger key blobs.

This patch reworks the paes set_key functions and the context
buffers to work with small key blobs (<= 128 bytes) directly in the
context buffer and larger blobs by allocating additional memory and
storing the pointer in the context buffer. If there has been memory
allocated for storing a key blob, it also needs to be freed on release
of the tfm. So all the paes ciphers now have a init and exit function
implemented for this job.

Signed-off-by: Harald Freudenberger <freude@linux.ibm.com>
Reviewed-by: Ingo Franzki <ifranzki@linux.ibm.com>
Signed-off-by: Vasily Gorbik <gor@linux.ibm.com>
2019-08-21 12:58:54 +02:00
Harald Freudenberger f2bbc96e7c s390/pkey: add CCA AES cipher key support
Introduce new ioctls and structs to be used with these new ioctls
which are able to handle CCA AES secure keys and CCA AES cipher keys:

PKEY_GENSECK2: Generate secure key, version 2.
  Generate either a CCA AES secure key or a CCA AES cipher key.

PKEY_CLR2SECK2: Generate secure key from clear key value, version 2.
  Construct a CCA AES secure key or CCA AES cipher key from a given
  clear key value.

PKEY_VERIFYKEY2: Verify the given secure key, version 2.
  Check for correct key type. If cardnr and domain are given, also
  check if this apqn is able to handle this type of key. If cardnr and
  domain are 0xFFFF, on return these values are filled with an apqn
  able to handle this key. The function also checks for the master key
  verification patterns of the key matching to the current or
  alternate mkvp of the apqn. CCA AES cipher keys are also checked
  for CPACF export allowed (CPRTCPAC flag). Currently CCA AES secure
  keys and CCA AES cipher keys are supported (may get extended in the
  future).

PKEY_KBLOB2PROTK2: Transform a key blob (of any type) into
  a protected key, version 2. Difference to version 1 is only that
  this new ioctl has additional parameters to provide a list of
  apqns to be used for the transformation.

PKEY_APQNS4K: Generate a list of APQNs based on the key blob given.
  Is able to find out which type of secure key is given (CCA AES
  secure key or CCA AES cipher key) and tries to find all matching
  crypto cards based on the MKVP and maybe other criterias (like CCA
  AES cipher keys need a CEX6C or higher). The list of APQNs is
  further filtered by the key's mkvp which needs to match to either
  the current mkvp or the alternate mkvp (which is the old mkvp on CCA
  adapters) of the apqns. The flags argument may be used to limit the
  matching apqns. If the PKEY_FLAGS_MATCH_CUR_MKVP is given, only the
  current mkvp of each apqn is compared. Likewise with the
  PKEY_FLAGS_MATCH_ALT_MKVP. If both are given it is assumed to return
  apqns where either the current or the alternate mkvp matches. If no
  matching APQN is found, the ioctl returns with 0 but the
  apqn_entries value is 0.

PKEY_APQNS4KT: Generate a list of APQNs based on the key type given.
  Build a list of APQNs based on the given key type and maybe further
  restrict the list by given master key verification patterns.
  For different key types there may be different ways to match the
  master key verification patterns. For CCA keys (CCA data key and CCA
  cipher key) the first 8 bytes of cur_mkvp refer to the current mkvp
  value of the apqn and the first 8 bytes of the alt_mkvp refer to the
  old mkvp. The flags argument controls if the apqns current and/or
  alternate mkvp should match. If the PKEY_FLAGS_MATCH_CUR_MKVP is
  given, only the current mkvp of each apqn is compared. Likewise with
  the PKEY_FLAGS_MATCH_ALT_MKVP. If both are given, it is assumed to
  return apqns where either the current or the alternate mkvp
  matches. If no matching APQN is found, the ioctl returns with 0 but
  the apqn_entries value is 0.

These new ioctls are now prepared for another new type of secure key
blob which may come in the future. They all use a pointer to the key
blob and a key blob length information instead of some hardcoded byte
array. They all use the new enums pkey_key_type, pkey_key_size and
pkey_key_info for getting/setting key type, key size and additional
info about the key. All but the PKEY_VERIFY2 ioctl now work based on a
list of apqns. This list is walked through trying to perform the
operation on exactly this apqn without any further checking (like card
type or online state). If the apqn fails, simple the next one in the
list is tried until success (return 0) or the end of the list is
reached (return -1 with errno ENODEV). All apqns in the list need to
be exact apqns (0xFFFF as any card or domain is not allowed). There
are two new ioctls which can be used to build a list of apqns based on
a key or key type and maybe restricted by match to a current or
alternate master key verifcation pattern.

Signed-off-by: Harald Freudenberger <freude@linux.ibm.com>
Reviewed-by: Ingo Franzki <ifranzki@linux.ibm.com>
Signed-off-by: Vasily Gorbik <gor@linux.ibm.com>
2019-08-21 12:58:54 +02:00
Harald Freudenberger 4bc123b18c s390/zcrypt: Add low level functions for CCA AES cipher keys
This patch adds low level functions, structs and defines to support
CCA AES cipher keys:
- struct cipherkeytoken can be used for an inside view of the CCA AES
  cipher key token blob.
- function cca_cipher2protkey() derives an CPACF protected key from an
  CCA AES cipher key.
- function cca_gencipherkey() generates an CCA AES cipher key with
  random value.
- function cca_findcard2() constructs a list of apqns based on input
  constrains like min hardware type, mkvp values.
- cca_check_secaescipherkey() does a check on the given CCA AES cipher
  key blob.
- cca_clr2cipherkey() generates an CCA AES cipher key from a given
  clear key value.

Signed-off-by: Harald Freudenberger <freude@linux.ibm.com>
Reviewed-by: Ingo Franzki <ifranzki@linux.ibm.com>
Signed-off-by: Vasily Gorbik <gor@linux.ibm.com>
2019-08-21 12:58:54 +02:00
Harald Freudenberger 4da57a2fea s390/zcrypt: extend cca_findcard function and helper
Rework and extension of the cca_findcard function to be prepared for
other types of secure key blobs. Split the function and extract an
internal function which has no awareness of key blobs any
more. Improve this function and the helper code around to be able to
check for a minimal crypto card hardware level (Background: the newer
AES cipher keys need to match to the master key verification pattern
and need to have a crypto card CEX6 or higher).

No API change, neither for the in-kernel API nor the ioctl interface.

Signed-off-by: Harald Freudenberger <freude@linux.ibm.com>
Reviewed-by: Ingo Franzki <ifranzki@linux.ibm.com>
Signed-off-by: Vasily Gorbik <gor@linux.ibm.com>
2019-08-21 12:58:54 +02:00
Harald Freudenberger 183cb46954 s390/pkey: pkey cleanup: narrow in-kernel API, fix some variable types
There are a lot of pkey functions exported as in-kernel callable
API functions but not used at all. This patch narrows down the
pkey in-kernel API to what is currently only used and exploited.

Within the kernel just use u32 without any leading __u32. Also
functions declared in a header file in arch/s390/include/asm
don't need a comment 'In-kernel API', this is by definition,
otherwise the header file would be in arch/s390/include/uapi/asm.

Signed-off-by: Harald Freudenberger <freude@linux.ibm.com>
Reviewed-by: Ingo Franzki <ifranzki@linux.ibm.com>
Signed-off-by: Vasily Gorbik <gor@linux.ibm.com>
2019-08-21 12:58:53 +02:00
Vasily Gorbik 22a33c7e4e s390/startup: round down "mem" option to page boundary
Make a usable value out of "mem" option once and for all. Kasan memory
allocator just takes memory_end or online memory size as allocation
base. If memory_end is not aligned paging structures allocated in kasan
end up unaligned as well. So this change fixes potential kasan crash
as well.

Fixes: 78333d1f90 ("s390/kasan: add support for mem= kernel parameter")
Signed-off-by: Vasily Gorbik <gor@linux.ibm.com>
2019-08-21 12:58:53 +02:00
Vasily Gorbik 80ef517b01 s390/startup: adjust _sdma and _edma to page boundaries
Move .dma.text section alignment out of section description, otherwise
zeros used to align the section are included in the section itself (and
section is not really aligned by itself).
$ objdump -h arch/s390/boot/compressed/vmlinux
  5 .dma.text     00001e38  000000000001b1c8  000000000001b1c8  0001c1c8  2**2
                  CONTENTS, ALLOC, LOAD, READONLY, CODE
  6 .dma.ex_table 00000018  000000000001d000  000000000001d000  0001e000  2**2
                  CONTENTS, ALLOC, LOAD, READONLY, DATA
  7 .dma.data     00000240  000000000001d080  000000000001d080  0001e080  2**7
                  CONTENTS, ALLOC, LOAD, DATA
$ cat /sys/kernel/debug/memblock/reserved
   0: 0x0000000000000000..0x0000000000011fff
   1: 0x000000000001b1c8..0x000000000001d2bf
...

Also add alignment before _edma linker symbol definition, so that entire
.dma* region is rounded up to page boundaries.
$ objdump -h arch/s390/boot/compressed/vmlinux
  5 .dma.text     00001000  000000000001c000  000000000001c000  0001d000  2**2
                  CONTENTS, ALLOC, LOAD, READONLY, CODE
  6 .dma.ex_table 00000018  000000000001d000  000000000001d000  0001e000  2**2
                  CONTENTS, ALLOC, LOAD, READONLY, DATA
  7 .dma.data     00000240  000000000001d080  000000000001d080  0001e080  2**7
                  CONTENTS, ALLOC, LOAD, DATA
$ cat /sys/kernel/debug/memblock/reserved
   0: 0x0000000000000000..0x0000000000011fff
   1: 0x000000000001c000..0x000000000001dfff
...
$ cat /sys/kernel/debug/kernel_page_tables
---[ Identity Mapping ]---
0x0000000000000000-0x000000000001c000       112K PTE RW NX
0x000000000001c000-0x000000000001d000         4K PTE RO X
0x000000000001d000-0x0000000000100000       908K PTE RW NX
...

Reviewed-by: Gerald Schaefer <gerald.schaefer@de.ibm.com>
Signed-off-by: Vasily Gorbik <gor@linux.ibm.com>
2019-08-21 12:58:53 +02:00
Vasily Gorbik e991e5bb11 s390/stacktrace: use common arch_stack_walk infrastructure
Use common arch_stack_walk infrastructure to avoid duplicated code and
avoid taking care of the stack storage and filtering.

Common code also uses try_get_task_stack/put_task_stack when needed which
have been missing in our code, which also solves potential problem for us.

Signed-off-by: Vasily Gorbik <gor@linux.ibm.com>
2019-08-21 12:58:53 +02:00
Vasily Gorbik 2c7fa8a11c s390/kasan: avoid report in get_wchan
Reading other running task's stack can be a dangerous endeavor. Kasan
stack memory access instrumentation includes special prologue and epilogue
to mark/remove red zones in shadow memory between stack variables. For
that reason there is always a race between a task reading value in other
task's stack and that other task returning from a function and entering
another one generating different red zones pattern.

To avoid kasan reports simply perform uninstrumented memory reads.

Acked-by: Ilya Leoshkevich <iii@linux.ibm.com>
Signed-off-by: Vasily Gorbik <gor@linux.ibm.com>
2019-08-21 12:58:53 +02:00
Vasily Gorbik 8769f610fe s390/process: avoid potential reading of freed stack
With THREAD_INFO_IN_TASK (which is selected on s390) task's stack usage
is refcounted and should always be protected by get/put when touching
other task's stack to avoid race conditions with task's destruction code.

Fixes: d5c352cdd0 ("s390: move thread_info into task_struct")
Cc: stable@vger.kernel.org # v4.10+
Acked-by: Ilya Leoshkevich <iii@linux.ibm.com>
Signed-off-by: Vasily Gorbik <gor@linux.ibm.com>
2019-08-21 12:58:52 +02:00
Vasily Gorbik f45f7b5bda s390/kasan: provide uninstrumented __strlen
s390 kasan code uses sclp_early_printk to report initialization
failures. The code doing that should not be instrumented, because kasan
shadow memory has not been set up yet. Even though sclp_early_core.c is
compiled with instrumentation disabled it uses strlen function, which
is instrumented and would produce shadow memory access if used. To
avoid that, introduce uninstrumented __strlen function to be used
instead.

Before commit 7e0d92f002 ("s390/kasan: improve string/memory functions
checks") few string functions (including strlen) were escaping kasan
instrumentation due to usage of platform specific versions which are
implemented in inline assembly.

Fixes: 7e0d92f002 ("s390/kasan: improve string/memory functions checks")
Acked-by: Ilya Leoshkevich <iii@linux.ibm.com>
Signed-off-by: Vasily Gorbik <gor@linux.ibm.com>
2019-08-21 12:58:52 +02:00
Vasily Gorbik 2e83e0eb85 s390: clean .bss before running uncompressed kernel
Clean uncompressed kernel .bss section in the startup code before
the uncompressed kernel is executed. At this point of time initrd and
certificates have been already rescued. Uncompressed kernel .bss size
is known from vmlinux_info. It is also taken into consideration during
uncompressed kernel positioning by kaslr (so it is safe to clean it).

With that uncompressed kernel is starting with .bss section zeroed and
no .bss section usage restrictions apply. Which makes chkbss checks for
uncompressed kernel objects obsolete and they can be removed.

early_nobss.c is also not needed anymore. Parts of it which are still
relevant are moved to early.c. Kasan initialization code is now called
directly from head64 (early.c is instrumented and should not be
executed before kasan shadow memory is set up).

Reviewed-by: Philipp Rudo <prudo@linux.ibm.com>
Signed-off-by: Vasily Gorbik <gor@linux.ibm.com>
2019-08-21 12:58:52 +02:00
Vasily Gorbik 19413fe04f s390/startup: purge obsolete .gitignore patterns
sizes.h and vmlinux.scr.lds are not generated since commit 369f91c374
("s390/decompressor: rework uncompressed image info collection").

vmlinux.bin.full is not generated since commit 183ab05ff2 ("s390: get
rid of the first mb of uncompressed image").

Signed-off-by: Vasily Gorbik <gor@linux.ibm.com>
2019-08-21 12:41:43 +02:00
Vasily Gorbik da9ed30d29 s390/startup: add initial pgm check handler
The startup code is getting more complicated with features like kaslr and
secure boot in place. In a potential unexpected startup code crash case
the system would end up in a pgm check loop at address 0, overwriting
pgm check old psw value and just making debugging more complicated. To
avoid that introduce startup program check handler which is active
immediately after kernel start and until early_pgm_check_handler is set
in kernel/early.c. So it covers kernel relocation phase and transition
to it. This pgm check handler simply saves general/control registers and
psw in the save area which should guarantee that we still have something
to look at when standalone dumper is called without saving registers. And
it does disabled wait with a faulty address in the end.

Acked-by: Ilya Leoshkevich <iii@linux.ibm.com>
Signed-off-by: Vasily Gorbik <gor@linux.ibm.com>
2019-08-21 12:41:43 +02:00
Chuhong Yuan 40e90656c1 s390/mm: use refcount_t for refcount
Reference counters are preferred to use refcount_t instead of
atomic_t.
This is because the implementation of refcount_t can prevent
overflows and detect possible use-after-free.
So convert atomic_t ref counters to refcount_t.

Link: http://lkml.kernel.org/r/20190808071826.6649-1-hslester96@gmail.com
Signed-off-by: Chuhong Yuan <hslester96@gmail.com>
Reviewed-by: David Hildenbrand <david@redhat.com>
Reviewed-by: Cornelia Huck <cohuck@redhat.com>
Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
Signed-off-by: Vasily Gorbik <gor@linux.ibm.com>
2019-08-21 12:41:43 +02:00
Chuhong Yuan 3434caec5b s390/extmem: use refcount_t for refcount
Reference counters are preferred to use refcount_t instead of
atomic_t.
This is because the implementation of refcount_t can prevent
overflows and detect possible use-after-free.
So convert atomic_t ref counters to refcount_t.

Link: http://lkml.kernel.org/r/20190808071817.6595-1-hslester96@gmail.com
Signed-off-by: Chuhong Yuan <hslester96@gmail.com>
Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
Signed-off-by: Vasily Gorbik <gor@linux.ibm.com>
2019-08-21 12:41:43 +02:00
Denis Efremov c4c3772384 s390/pci: PCI_IOV_RESOURCES loop refactoring in zpci_map_resources
This patch alters the for loop iteration scheme in zpci_map_resources
to make it more usual. Thus, the patch generalizes the style for
PCI_IOV_RESOURCES iteration and improves readability.

Link: http://lkml.kernel.org/r/20190806160137.29275-1-efremov@linux.com
Signed-off-by: Denis Efremov <efremov@linux.com>
Signed-off-by: Sebastian Ott <sebott@linux.ibm.com>
Signed-off-by: Vasily Gorbik <gor@linux.ibm.com>
2019-08-21 12:41:43 +02:00
Vasily Gorbik 59793c5ab9 s390: move vmalloc option parsing to startup code
Few other crucial memory setup options are already handled in
the startup code. Those values are needed by kaslr and kasan
implementations. "vmalloc" is the last piece required for future
improvements such as early decision on kernel page levels depth required
for actual memory setup, as well as vmalloc memory area access monitoring
in kasan.

Reviewed-by: Heiko Carstens <heiko.carstens@de.ibm.com>
Signed-off-by: Vasily Gorbik <gor@linux.ibm.com>
2019-08-21 12:41:43 +02:00
Heiko Carstens f62f7dcbf0 Documentation/s390: remove outdated debugging390 documentation
This file would need a lot of work to make sense again. Thomas Huth
started working on that four years ago, but that wasn't finished.
Therefore remove this.

Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
Signed-off-by: Vasily Gorbik <gor@linux.ibm.com>
2019-08-21 12:41:43 +02:00
Heiko Carstens 8c72e0c852 Documentation/s390: remove outdated dasd documentation
The contents of the file is completely outdated - just remove it.

Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
Signed-off-by: Vasily Gorbik <gor@linux.ibm.com>
2019-08-21 12:41:42 +02:00
Harald Freudenberger 7c4e91c095 s390/zcrypt: new sysfs attributes serialnr and mkvps
This patch extends the sysfs interface with two new attributes for the
CEX4, CEX5 and CEX6 crypto cards/queues in coprocessor ('CCA') mode:
  /sys/devices/ap/cardxx/serialnr
  /sys/devices/ap/cardxx/xx.yyyy/mkvps

The serialnr attribute is card based and shows the 8 character ASCII
serial number string which should unique identify the card.

The mkvps is queue based and displays 3 lines of information about the
new, current and old master key register:
  AES NEW: <new_aes_mk_state> <new_aes_mk_mkvp>
  AES CUR: <cur_aes_mk_state> <cur_aes_mk_mkvp>
  AES OLD: <old_aes_mk_state> <old_aes_mk_mkvp>
with
  <new_aes_mk_state>: 'empty' or 'partial' or 'full'
  <cur_aes_mk_state>: 'valid' or 'invalid'
  <old_aes_mk_state>: 'valid' or 'invalid'
  <new_aes_mk_mkvp>, <cur_aes_mk_mkvp>, <old_aes_mk_mkvp>
    8 byte hex string with leading 0x
MKVP means Master Key Verification Pattern and is a folded hash over
the key value. Only the states 'full' and 'valid' result in displaying
a useful mkvp, otherwise a mkvp of all bytes zero is shown. If for any
reason the FQ fails and the (cached) information is not available, the
state '-' will be shown with the mkvp value also '-'. The values shown
here are the very same as the cca panel tools displays. As of now only
the AES master keys states and verification patterns are shown. A CCA
APQN also has similar master key registers for DES, RSA and ECC. So
the content of this attribute may get extended.

Reading the sysfs attribute automatically triggers an FQ CPRB to be
sent to the queue as long as the queue is (soft-) online. For the
serialnr attribute the queue with the default domain id is addressed
(if available and valid). This is reasonable as it is assumed that
this sysfs interface is not performance critical and on the other side
a master key change should be visiable as soon as possible. When a
queue is (soft-) offline however, the cached values are displayed. If
no cached values are available, the serial number string will be empty
and the mkvp lines will show state '-' and mkvp value '-'.

Signed-off-by: Harald Freudenberger <freude@linux.ibm.com>
Reviewed-by: Ingo Franzki <ifranzki@linux.ibm.com>
Signed-off-by: Vasily Gorbik <gor@linux.ibm.com>
2019-07-29 18:14:17 +02:00
Harald Freudenberger 94bbd34e51 s390/zcrypt: add base code for cca crypto card info support
This patch widens the information held for cca crypto apqns.
Currently the current and old master key verification pattern
is used by the existing code. Now the new master key registers
mkvp, the 8 byte serial number and state info about each master
key register is part of the cca info cache.

In a next step this information will be used to provide some
additional attributes in sysfs for each CCA crypto adapter.

Signed-off-by: Harald Freudenberger <freude@linux.ibm.com>
Reviewed-by: Ingo Franzki <ifranzki@linux.ibm.com>
Signed-off-by: Vasily Gorbik <gor@linux.ibm.com>
2019-07-29 18:14:17 +02:00
Harald Freudenberger efc598e6c8 s390/zcrypt: move cca misc functions to new code file
Rework of the pkey code. Moved all the cca generic code
away from pkey_api.c into a new file zcrypt_ccamisc.c.
This new file is now part of the zcrypt device driver
and exports a bunch of cca functions to pkey and may
be called from other kernel modules as well.

The pkey ioctl API is unchanged.

Signed-off-by: Harald Freudenberger <freude@linux.ibm.com>
Reviewed-by: Ingo Franzki <ifranzki@linux.ibm.com>
Signed-off-by: Vasily Gorbik <gor@linux.ibm.com>
2019-07-29 18:14:17 +02:00
Linus Torvalds 609488bc97 Linux 5.3-rc2 2019-07-28 12:47:02 -07:00
Linus Torvalds c622fc5f54 meminit fix
- Disable gcc-based stack variable auto-init under KASAN (Arnd Bergmann)
 -----BEGIN PGP SIGNATURE-----
 Comment: Kees Cook <kees@outflux.net>
 
 iQJKBAABCgA0FiEEpcP2jyKd1g9yPm4TiXL039xtwCYFAl099MsWHGtlZXNjb29r
 QGNocm9taXVtLm9yZwAKCRCJcvTf3G3AJr6GD/0Xl/YxeXPnKIHoafoqMCBAY12f
 OnRZ2N6YCikYfLwgBnTAAyQi3P0qU8ffjt4LjoPxzByUPBmZ+VkUBXU1eNUuU0mT
 4CX+ZakeWp5atbg7Ja7DAThBrJS4DYRzXiGB1Is8IACD/zkkRDoGU1tN+3nubtlk
 F2SYtmJBz/6pje2ksLDmuSS1sapaom7Cs4khB/oDb8HOsqydS0CpzN7Oa/Di3HoZ
 yUbyM3bcgmYECasGt7zVOLzr/EcI4T7rtLhMTnFBMbfckQJBPc7UpaLTt9pxMVqO
 Vo7SH/q8atmp3aThT3XbEYbSvx4kUdHZYcuMogPe8T+3Bx4i9gWGnmpqF94P0Kl8
 SZgY92JEhF92PwVTi7ztAfAZQDunVm60c/Lp44r0q/lGQKZLXP8jQXd7KmL6dnPI
 gDnispJnNdNxVSVDx/r3yjSRh0VCA3yv01ed/pusCrxX48sEw7ExwswEJBy12O3s
 rUY7Xx/U+eIP+E+4B7ddlzTFy+0t6HQ0q0LLtbiim1ELF+8ZBnAvCMnm49SQbpEQ
 UMgO/bCAGkGu88uR3sclIwUbaR9oCCxkZO0YuLvAnGoMJ7JaYQlDmDqe/lWP7VjV
 HEmJxDpJE9SgmVtYkfz3aOEds5nSspRQOQfQpnq/JxjRQTSfriSpDpl72d5qk1CH
 WHAM8lviqVg/uT6r2Q==
 =z0XP
 -----END PGP SIGNATURE-----

Merge tag 'meminit-v5.3-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux

Pull structleak fix from Kees Cook:
 "Disable gcc-based stack variable auto-init under KASAN (Arnd
  Bergmann).

  This fixes a bunch of build warnings under KASAN and the
  gcc-plugin-based stack auto-initialization features (which are
  arguably redundant, so better to let KASAN control this)"

* tag 'meminit-v5.3-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux:
  structleak: disable STRUCTLEAK_BYREF in combination with KASAN_STACK
2019-07-28 12:33:15 -07:00
Linus Torvalds 8e61ea11c2 Kbuild fixes for v5.3
- add compile_commands.json to .gitignore
 
  - fix false-positive warning from gen_compile_commands.py after
    allnoconfig build
 
  - remove unused code
 -----BEGIN PGP SIGNATURE-----
 
 iQJSBAABCgA8FiEEbmPs18K1szRHjPqEPYsBB53g2wYFAl09uOgeHHlhbWFkYS5t
 YXNhaGlyb0Bzb2Npb25leHQuY29tAAoJED2LAQed4NsGoEIP/3+yy7XoxR1aHL2g
 qDUBLVhe00rMqjqDTePxZOnCMRmlv2m00pCZzfokqrakbwnY1DyoDR9KP+RRDtwr
 0A3FLNsJXpEAHakGygkL7IMen9q5RqPWoer+AMulnl+GaX0yCeii5OYXZLgmhh/L
 YKTCYiOK7MvCYhSQcUEjgPpm2fQttnp+umynDm4XCqIEnY7pr0edCgK6de4mJc+7
 NEf6TkNsVCe1STCAp0lAuW+vNCjNhJ4ADlD9bV4mwdl1D5eYKaGSLHCEtp3s6QJe
 DXmRGS1NFV49fmKv9YFLdB4ap3B8gW2uQugkAQbeURs813Y5arOZbJ3E6htxh2Wq
 5ATCiEZMCxMQG8HzS0SmvvuWicEAvxseyTWVhVkV2Z1jo1BT8h7W8fifIsKrp0Oo
 fKo0H+f5B6hNv+MlzBIk4yHwEG2I2YygBujfektOK0/IPyQK3qQNRSlXSMdmzFRH
 2Z3ZbYOIXrHg5TohqgIVPtKuKbpGnyIge9Gqq4RqeVXWTgfOzge3B1a5ok3SqoQg
 GCGu6z6w2ch53QmzEOcT30SOQQpAQUNbim80/BYGsANE3myUafpEplqmlpEOVT1g
 yCRDkv26yvi5fuofpI96Yu9hQE/AidyLJZLT32Ow0wMAzpzV778jm3gmNKgyUzlW
 rqKgzYj6kZmpWMiLjTjnIafvdL6R
 =J7xL
 -----END PGP SIGNATURE-----

Merge tag 'kbuild-fixes-v5.3' of git://git.kernel.org/pub/scm/linux/kernel/git/masahiroy/linux-kbuild

Pull Kbuild fixes from Masahiro Yamada:

 - add compile_commands.json to .gitignore

 - fix false-positive warning from gen_compile_commands.py after
   allnoconfig build

 - remove unused code

* tag 'kbuild-fixes-v5.3' of git://git.kernel.org/pub/scm/linux/kernel/git/masahiroy/linux-kbuild:
  kbuild: remove unused single-used-m
  gen_compile_commands: lower the entry count threshold
  .gitignore: Add compilation database file
  kbuild: remove unused objectify macro
2019-07-28 10:35:04 -07:00
Linus Torvalds 04ce931889 Char/Misc driver fixes for 5.3-rc2
Here are some small char and misc driver fixes for 5.3-rc2 to resolve
 some reported issues.
 
 Nothing major at all, some binder bugfixes for issues found, some new
 mei device ids, firmware building warning fixes, habanalabs fixes, a few
 other build fixes, and a MAINTAINERS update.
 
 All of these have been in linux-next with no reported issues.
 
 Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 -----BEGIN PGP SIGNATURE-----
 
 iG0EABECAC0WIQT0tgzFv3jCIUoxPcsxR9QN2y37KQUCXT2L1g8cZ3JlZ0Brcm9h
 aC5jb20ACgkQMUfUDdst+ynVaQCfbYmj0QWJhL5rVvrUOcdXppa3qxgAn1Pi5+hf
 V3OH/1OmAnY8E07HA1Y3
 =qVrq
 -----END PGP SIGNATURE-----

Merge tag 'char-misc-5.3-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/char-misc

Pull char/misc driver fixes from Greg KH:
 "Here are some small char and misc driver fixes for 5.3-rc2 to resolve
  some reported issues.

  Nothing major at all, some binder bugfixes for issues found, some new
  mei device ids, firmware building warning fixes, habanalabs fixes, a
  few other build fixes, and a MAINTAINERS update.

  All of these have been in linux-next with no reported issues"

* tag 'char-misc-5.3-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/char-misc:
  test_firmware: fix a memory leak bug
  hpet: Fix division by zero in hpet_time_div()
  eeprom: make older eeprom drivers select NVMEM_SYSFS
  vmw_balloon: Remove Julien from the maintainers list
  fpga-manager: altera-ps-spi: Fix build error
  mei: me: add mule creek canyon (EHL) device ids
  binder: prevent transactions to context manager from its own process.
  binder: Set end of SG buffer area properly.
  firmware: Fix missing inline
  firmware: fix build errors in paged buffer handling code
  habanalabs: don't reset device when getting VRHOT
  habanalabs: use %pad for printing a dma_addr_t
2019-07-28 10:26:10 -07:00
Linus Torvalds 572782b213 TTY fixes for 5.3-rc2
Here are 2 tty/vt patches for 5.3-rc2
   - delete the netx-serial driver as the arch has been removed, no need
     to keep the serial driver for it around either.
   - vt console_lock fix to resolve a reported noisy warning at runtime
 
 Both of these have been in linux-next with no reported issues.
 
 Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 -----BEGIN PGP SIGNATURE-----
 
 iG0EABECAC0WIQT0tgzFv3jCIUoxPcsxR9QN2y37KQUCXT2MbA8cZ3JlZ0Brcm9h
 aC5jb20ACgkQMUfUDdst+yk0iACeOnBnhE1OKqIVsG11K619UtLb67sAoL9h6Rgk
 3PWLkB02N1ApgevMEOs5
 =V3Xf
 -----END PGP SIGNATURE-----

Merge tag 'tty-5.3-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty

Pull tty fixes from Greg KH:
 "Here are two tty/vt fixes:

   - delete the netx-serial driver as the arch has been removed, no need
     to keep the serial driver for it around either.

   - vt console_lock fix to resolve a reported noisy warning at runtime

  Both of these have been in linux-next with no reported issues"

* tag 'tty-5.3-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty:
  vt: Grab console_lock around con_is_bound in show_bind
  tty: serial: netx: Delete driver
2019-07-28 10:18:33 -07:00
Linus Torvalds ad28fd1cb2 SPDX fixes for 5.3-rc2
Here are some small SPDX fixes for 5.3-rc2 for things that came in
 during the 5.3-rc1 merge window that we previously missed.
 
 Only 3 small patches here:
 	- 2 uapi patches to resolve some SPDX tags that were not correct
 	- fix an invalid SPDX tag in the iomap Makefile file
 
 All have been properly reviewed on the public mailing lists.
 
 Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 -----BEGIN PGP SIGNATURE-----
 
 iG0EABECAC0WIQT0tgzFv3jCIUoxPcsxR9QN2y37KQUCXT2N9w8cZ3JlZ0Brcm9h
 aC5jb20ACgkQMUfUDdst+ylY9wCeJIYfs/eNf3tsjLQXxUBMYAJNqnsAn2IaMiTt
 cv2mck7JZm5KyHpP3f5N
 =RSZa
 -----END PGP SIGNATURE-----

Merge tag 'spdx-5.3-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/spdx

Pull SPDX fixes from Greg KH:
 "Here are some small SPDX fixes for 5.3-rc2 for things that came in
  during the 5.3-rc1 merge window that we previously missed.

  Only three small patches here:

   - two uapi patches to resolve some SPDX tags that were not correct

   - fix an invalid SPDX tag in the iomap Makefile file

  All have been properly reviewed on the public mailing lists"

* tag 'spdx-5.3-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/spdx:
  iomap: fix Invalid License ID
  treewide: remove SPDX "WITH Linux-syscall-note" from kernel-space headers again
  treewide: add "WITH Linux-syscall-note" to SPDX tag of uapi headers
2019-07-28 10:00:06 -07:00