Commit Graph

17 Commits

Author SHA1 Message Date
Helge Deller 554bfeceb8 parisc: Fix access fault handling in pa_memcpy()
pa_memcpy() is the major memcpy implementation in the parisc kernel which is
used to do any kind of userspace/kernel memory copies.

Al Viro noticed various bugs in the implementation of pa_mempcy(), most notably
that in case of faults it may report back to have copied more bytes than it
actually did.

Fixing those bugs is quite hard in the C-implementation, because the compiler
is messing around with the registers and we are not guaranteed that specific
variables are always in the same processor registers. This makes proper fault
handling complicated.

This patch implements pa_memcpy() in assembler. That way we have correct fault
handling and adding a 64-bit copy routine was quite easy.

Runtime tested with 32- and 64bit kernels.

Reported-by: Al Viro <viro@ZenIV.linux.org.uk>
Cc: <stable@vger.kernel.org> # v4.9+
Signed-off-by: John David Anglin <dave.anglin@bell.net>
Signed-off-by: Helge Deller <deller@gmx.de>
2017-03-29 21:49:02 +02:00
Helge Deller 9e91db6b4a parisc: Add hardened usercopy feature
Add hardened usercopy checks to parisc architecture and clean up
indenting.

Signed-off-by: Helge Deller <deller@gmx.de>
2016-10-06 22:10:19 +02:00
Christoph Lameter 496252f787 parisc: Replace __get_cpu_var uses for address calculation
Convert to the use of this_cpu_ptr().

Cc: "James E.J. Bottomley" <jejb@parisc-linux.org>
Cc: Helge Deller <deller@gmx.de>
Cc: linux-parisc@vger.kernel.org
Signed-off-by: Christoph Lameter <cl@linux.com>
Signed-off-by: Helge Deller <deller@gmx.de>
2014-04-03 20:50:33 +02:00
Helge Deller 964f413323 parisc: size_t is unsigned, so comparison size < 0 doesn't make sense.
Signed-off-by: Helge Deller <deller@gmx.de>
CC: Mikulas Patocka <mpatocka@redhat.com>
2013-11-20 00:09:42 +01:00
Helge Deller 9af63aedb8 parisc: do not inline pa_memcpy() internal functions
gcc (4.8.x) creates wrong code when the pa_memcpy() functions are
inlined.  Especially in 32bit builds it calculates wrong return values
if we encounter a fault during execution of the memcpy.

Signed-off-by: Helge Deller <deller@gmx.de>
2013-11-19 23:36:16 +01:00
Helge Deller db080f9c53 parisc: let probe_kernel_read() capture access to page zero
Signed-off-by: Helge Deller <deller@gmx.de>
2013-10-13 17:46:31 +02:00
Helge Deller 5b879d78bc parisc: Fix gcc miscompilation in pa_memcpy()
When running the LTP testsuite one may hit this kernel BUG() with the
write06 testcase:

kernel BUG at mm/filemap.c:2023!
CPU: 1 PID: 8614 Comm: writev01 Not tainted 3.10.0-rc7-64bit-c3000+ #6
IASQ: 0000000000000000 0000000000000000 IAOQ: 00000000401e6e84 00000000401e6e88
 IIR: 03ffe01f    ISR: 0000000010340000  IOR: 000001fbe0380820
 CPU:        1   CR30: 00000000bef80000 CR31: ffffffffffffffff
 ORIG_R28: 00000000bdc192c0
 IAOQ[0]: iov_iter_advance+0x3c/0xc0
 IAOQ[1]: iov_iter_advance+0x40/0xc0
 RP(r2): generic_file_buffered_write+0x204/0x3f0
Backtrace:
 [<00000000401e764c>] generic_file_buffered_write+0x204/0x3f0
 [<00000000401eab24>] __generic_file_aio_write+0x244/0x448
 [<00000000401eadc0>] generic_file_aio_write+0x98/0x150
 [<000000004024f460>] do_sync_readv_writev+0xc0/0x130
 [<000000004025037c>] compat_do_readv_writev+0x12c/0x340
 [<00000000402505f8>] compat_writev+0x68/0xa0
 [<0000000040251d88>] compat_SyS_writev+0x98/0xf8

Reason for this crash is a gcc miscompilation in the fault handlers of
pa_memcpy() which return the fault address instead of the copied bytes.
Since this seems to be a generic problem with gcc-4.7.x (and below), it's
better to simplify the fault handlers in pa_memcpy to avoid this problem.

Here is a simple reproducer for the problem:

int main(int argc, char **argv)
{
	int fd, nbytes;
	struct iovec wr_iovec[] = {
		{ "TEST STRING                     ",32},
		{ (char*)0x40005000,32} }; // random memory.
	fd = open(DATA_FILE, O_RDWR | O_CREAT, 0666);
	nbytes = writev(fd, wr_iovec, 2);
	printf("return value = %d, errno %d (%s)\n",
		nbytes, errno, strerror(errno));
	return 0;
}

In addition, John David Anglin wrote:
There is no gcc PR as pa_memcpy is not legitimate C code. There is an
implicit assumption that certain variables will contain correct values
when an exception occurs and the code randomly jumps to one of the
exception blocks.  There is no guarantee of this.  If a PR was filed, it
would likely be marked as invalid.

Signed-off-by: Helge Deller <deller@gmx.de>
Signed-off-by: John David Anglin <dave.anglin@bell.net>
Cc: <stable@vger.kernel.org> # 3.8+
Signed-off-by: Helge Deller <deller@gmx.de>
2013-07-09 22:09:23 +02:00
Helge Deller d8d0524a39 parisc: avoid unitialized variable warning in pa_memcpy()
Avoid this warning, while still prevent gcc from optimizing away the exception code:
arch/parisc/lib/memcpy.c: In function ‘pa_memcpy’:
arch/parisc/lib/memcpy.c:256:2: warning: ‘dummy’ may be used uninitialized in this function [-Wuninitialized]

Signed-off-by: Helge Deller <deller@gmx.de>
2013-03-02 19:56:27 +01:00
Helge Deller 888c31fc83 parisc: add strict copy size checks (v2)
Add CONFIG_DEBUG_STRICT_USER_COPY_CHECKS, copied from the x86
implementation. Tested with 32 and 64bit kernel.

Signed-off-by: Helge Deller <deller@gmx.de>
Signed-off-by: Kyle McMartin <kyle@mcmartin.ca>
2010-03-06 22:54:09 +00:00
Randolph Chung 87451d850c parisc: fix mismatched parenthesis in memcpy.c
>>>> I think this is what was intended? Note that this patch may affect
>>>> profiling.
>>> it really should be
>>>
>>> -    if (likely(t1 & (sizeof(unsigned int)-1)) == 0) {
>>> +    if (likely((t1 & (sizeof(unsigned int)-1)) == 0)) {
>>>
>>> randolph

Reported-by: Roel Kluin <roel.kluin@gmail.com>
Signed-off-by: Randolph Chung <tausq@parisc-linux.org>
Signed-off-by: Kyle McMartin <kyle@mcmartin.ca>
2009-07-03 03:34:09 +00:00
Adrian Bunk 8f47cb87eb parisc: lib/: make code static
Make the following needlessly global code static:

- iomap.c: struct iomap_ops[]
- memcpy.c: pa_memcpy()

Signed-off-by: Adrian Bunk <bunk@kernel.org>
Cc: Matthew Wilcox <matthew@wil.cx>
Cc: Grant Grundler <grundler@parisc-linux.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Kyle McMartin <kyle@mcmartin.ca>
2009-01-05 18:15:24 +00:00
Harvey Harrison 91bae23ce1 parisc: replace remaining __FUNCTION__ occurrences
__FUNCTION__ is gcc-specific, use __func__

Signed-off-by: Harvey Harrison <harvey.harrison@gmail.com>
Cc: Kyle McMartin <kyle@mcmartin.ca>
Cc: Matthew Wilcox <willy@debian.org>
Cc: Grant Grundler <grundler@parisc-linux.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Kyle McMartin <kyle@mcmartin.ca>
2008-05-15 10:38:54 -04:00
Adrian Bunk f13cec8447 [PARISC] parisc: "extern inline" -> "static inline"
"extern inline" will have different semantics with gcc 4.3, and "static
inline" is correct here.

Signed-off-by: Adrian Bunk <bunk@stusta.de>
Cc: Matthew Wilcox <willy@debian.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Kyle McMartin <kyle@mcmartin.ca>
2007-10-18 00:58:41 -07:00
Helge Deller 0b3d643f9e [PARISC] add ASM_EXCEPTIONTABLE_ENTRY() macro
- this macro unifies the code to add exception table entries
- additionally use ENTRY()/ENDPROC() at more places

Signed-off-by: Helge Deller <deller@gmx.de>
Signed-off-by: Kyle McMartin <kyle@parisc-linux.org>
2007-02-17 01:16:26 -05:00
Jörn Engel 6ab3d5624e Remove obsolete #include <linux/config.h>
Signed-off-by: Jörn Engel <joern@wohnheim.fh-wedel.de>
Signed-off-by: Adrian Bunk <bunk@stusta.de>
2006-06-30 19:25:36 +02:00
Randolph Chung fa681a1800 [PARISC] Disable use of fpregs in pa_memcpy
Disable use of fpregs in pa_memcpy, and turn on the
-mdisable-fpregs flag.

Signed-off-by: Randolph Chung <tausq@parisc-linux.org>

Signed-off-by: Kyle McMartin <kyle@parisc-linux.org>
2005-10-21 22:48:34 -04:00
Linus Torvalds 1da177e4c3 Linux-2.6.12-rc2
Initial git repository build. I'm not bothering with the full history,
even though we have it. We can create a separate "historical" git
archive of that later if we want to, and in the meantime it's about
3.2GB when imported into git - space that would just make the early
git days unnecessarily complicated, when we don't have a lot of good
infrastructure for it.

Let it rip!
2005-04-16 15:20:36 -07:00