Commit Graph

493666 Commits

Author SHA1 Message Date
Sebastian Ott 8ea55c95c3 s390/dasd: add locking for global_profile access
Access to DASDs global statistics is done without locking which
can lead to inconsistent data. Add locking to fix this. Also move
the relevant structs in a global dasd_profile struct.

Signed-off-by: Sebastian Ott <sebott@linux.vnet.ibm.com>
Reviewed-by: Stefan Haberland <stefan.haberland@de.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2015-01-29 09:19:27 +01:00
Heiko Carstens e6d60b368b s390/ftrace: hotpatch support for function tracing
Make use of gcc's hotpatch support to generate better code for ftrace
function tracing.
The generated code now contains only a six byte nop in each function
prologue instead of a 24 byte code block which will be runtime patched to
support function tracing.
With the new code generation the runtime overhead for supporting function
tracing is close to zero, while the original code did show a significant
performance impact.

Acked-by: Steven Rostedt <rostedt@goodmis.org>
Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2015-01-29 09:19:25 +01:00
Heiko Carstens 61f552141c ftrace: let notrace function attribute disable hotpatching if necessary
gcc supports an s390 specific function attribute called "hotpatch".
It can be used to specify the number of halfwords that shall be added before
and after a function and which shall be filled with nops for runtime patching.

s390 will use the hotpatch attribute for function tracing, therefore make
sure that the notrace function attribute either disables the mcount call
or in case of hotpatch nop generation.

Acked-by: Steven Rostedt <rostedt@goodmis.org>
Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2015-01-29 09:19:23 +01:00
Heiko Carstens c0a80c0c27 ftrace: allow architectures to specify ftrace compile options
If the kernel is compiled with function tracer support the -pg compile option
is passed to gcc to generate extra code into the prologue of each function.

This patch replaces the "open-coded" -pg compile flag with a CC_FLAGS_FTRACE
makefile variable which architectures can override if a different option
should be used for code generation.

Acked-by: Steven Rostedt <rostedt@goodmis.org>
Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2015-01-29 09:19:19 +01:00
Heiko Carstens 4d92f50249 s390: reintroduce diag 44 calls for cpu_relax()
Christian Borntraeger reported that the now missing diag 44 calls (voluntary
time slice end) does cause a performance regression for stop_machine() calls
if a machine has more virtual cpus than the host has physical cpus.

This patch mainly reverts 57f2ffe14f ("s390: remove diag 44 calls from
cpu_relax()") with the exception that we still do not issue diag 44 calls if
running with smt enabled. Due to group scheduling algorithms when running in
LPAR this would lead to significant latencies.
However, when running in LPAR we do not have more virtual than physical cpus.

Reported-and-tested-by: Christian Borntraeger <borntraeger@de.ibm.com>
Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2015-01-29 09:19:16 +01:00
Ingo Tuchscherer bdea1f1bb2 s390/zcrypt: Add support for new crypto express (CEX5S) adapter.
Extends the generic cryptographic device driver (zcrypt)
to support the Crypto Express 5S adapter.

Signed-off-by: Ingo Tuchscherer <ingo.tuchscherer@de.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2015-01-23 15:17:14 +01:00
Ingo Tuchscherer 5bc334bff9 s390/zcrypt: Number of supported ap domains is not retrievable.
Upcoming versions of secure key management facilities (CCA and
EP11) require information about the maximum number of supported
ap domains in order to service TKE requests properly. With IBM
z13 the number of available domains (so far 16) has increased up
to 85. This number varies depending on machine types and models.
Therefore the new sysfs attribute 'ap_max_domain_id' provides
this limit of supported ap domains.  Upcoming releases for CCA
and EP11 will use this new information. Without this problem fix
it is not possible to retrieve reliable information about the
maximum number of supported ap domains. Thus, customers are not
able to perform key management for CCA and EP11 coprocessor
adapters.

Signed-off-by: Ingo Tuchscherer <ingo.tuchscherer@de.ibm.com>
Signed-off-by: Harald Freudenberger <freude@linux.vnet.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2015-01-23 15:17:10 +01:00
Martin Schwidefsky 2c72a44ecd s390/spinlock: add compare-and-delay to lock wait loops
Add the compare-and-delay instruction to the spin-lock and rw-lock
retry loops. A CPU executing the compare-and-delay instruction stops
until the lock value has changed. This is done to make the locking
code for contended locks to behave better in regard to the multi-
hreading facility. A thread of a core executing a compare-and-delay
will allow the other threads of a core to get a larger share of the
core resources.

Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2015-01-23 15:17:04 +01:00
Martin Schwidefsky 55b5eb75e7 s390/tape: remove redundant if statement
The unit check handler for 3480 / 3490 tapes used to print a different
warning message for erpa code 0x57 dependent on the device type.
The warning messages have been remove in a cleanup, the if statement
is a left over. Remove it.

Reported-by: Fraser Brown <mlfbrown@stanford.edu>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2015-01-22 12:51:49 +01:00
Hendrik Brueckner 926a7336a7 s390/hvc_iucv: add simple wildcard matches to the iucv allow filter
Introduce a wildcard character to filter a range of z/VM user IDs with a single
filter entry.  Only the leading portion up to the wildcard of an filter entry
contributes to the match.

This reduces the filter size and avoids configuration updates when deploying
new terminal server instances.

Signed-off-by: Hendrik Brueckner <brueckner@linux.vnet.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2015-01-22 12:16:56 +01:00
Christophe Jaillet 2ec504934e s390/hmcdrv: free memory on error path
Free allocated page in case of error returned by hmcdrv_ftp_startup.

[heiko.carstens@de.ibm.com]: slightly changed Christophe's patch

Signed-off-by: Christophe Jaillet <christophe.jaillet@wanadoo.fr>
Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2015-01-22 12:16:11 +01:00
Martin Schwidefsky 93568d6fc5 s390: update default configuration
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2015-01-22 12:16:09 +01:00
Paul Bolle 032f1be056 s390/smp: remove check for CONFIG_ZFCPDUMP
Commit 725908110a1f ("s390: add SMT support") added a check for
CONFIG_ZFCPDUMP. But the Kconfig symbol ZFCPDUMP was removed in v3.16
through commit bf28a5970d ("s390/dump: Remove CONFIG_ZFCPDUMP"). So
this check will always evaluate to false. No one noticed probably
because the code also checks for CONFIG_CRASH_DUMP which "also enables
s390 zfcpdump".

Dump the unneeded check.

Signed-off-by: Paul Bolle <pebolle@tiscali.nl>
Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2015-01-22 12:16:06 +01:00
Gerald Schaefer 5be6fdc090 dcssblk: issue warning when trying to save SN/EN type DCSS
The content of a DCSS of type SN or EN cannot be saved. Issue a warning when
trying to save such a DCSS. Depending on the setup, this may be a user error
or intended behaviour e.g. with a multi-DCSS device.

Signed-off-by: Gerald Schaefer <gerald.schaefer@de.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2015-01-22 12:16:04 +01:00
Martin Schwidefsky 10ad34bc76 s390: add SMT support
The multi-threading facility is introduced with the z13 processor family.
This patch adds code to detect the multi-threading facility. With the
facility enabled each core will surface multiple hardware threads to the
system. Each hardware threads looks like a normal CPU to the operating
system with all its registers and properties.

The SCLP interface reports the SMT topology indirectly via the maximum
thread id. Each reported CPU in the result of a read-scp-information
is a core representing a number of hardware threads.

To reflect the reduced CPU capacity if two hardware threads run on a
single core the MT utilization counter set is used to normalize the
raw cputime obtained by the CPU timer deltas. This scaled cputime is
reported via the taskstats interface. The normal /proc/stat numbers
are based on the raw cputime and are not affected by the normalization.

Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2015-01-22 12:16:01 +01:00
Martin Schwidefsky 1f6b83e5e4 s390: avoid z13 cache aliasing
Avoid cache aliasing on z13 by aligning shared objects to multiples
of 512K. The virtual addresses of a page from a shared file needs
to have identical bits in the range 2^12 to 2^18.

Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2015-01-22 12:15:59 +01:00
Martin Schwidefsky f8b2dcbd9e s390: add z13 code generation support
Allow to generate code that only runs on z13 machines.

Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2015-01-22 12:15:57 +01:00
Syam Sidhardhan e982506730 s390/hmcdrv: remove unnecessary version.h inclusion
version.h inclusion is not necessary as detected by versioncheck.

Signed-off-by: Syam Sidhardhan <s.syam@samsung.com>
Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2015-01-15 11:11:16 +01:00
Thomas Huth fcb6bc9e9e s390/docs: Remove section about script debugging from Debugging390.txt
The section about debugging scripting languages has nothing to do with
s390 (and the example is even apparently taken from a i586 host instead),
so let's remove this chapter from the file.

Signed-off-by: Thomas Huth <thuth@linux.vnet.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2015-01-15 11:11:14 +01:00
Thomas Huth bae2a3cc4f s390/docs: Break long lines in Debugging390.txt
There are a lot of lines that are longer than 80 columns in this file,
rendering it hard to read in a terminal window. This patch fixes most
of these long lines, and while we're at it, also makes some sentences
more readable, e.g. by replacing "&" with "and", adding proper
punctuation, removing superfluous clauses, etc.

Signed-off-by: Thomas Huth <thuth@linux.vnet.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2015-01-15 11:11:12 +01:00
Sudeep Holla d97d929f06 s390: move cacheinfo sysfs to generic cacheinfo infrastructure
This patch removes the redundant sysfs cacheinfo code by reusing
the newly introduced generic cacheinfo infrastructure through the
commit 246246cbde ("drivers: base: support cpu cache information
interface to userspace via sysfs")

Signed-off-by: Sudeep Holla <sudeep.holla@arm.com>
Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2015-01-08 10:02:54 +01:00
Chen Gang e6a67ad0e2 s390/crypto: remove 'const' to avoid compiler warnings
In aes_encrypt() and aes_decrypt(), need let 'sctx->key' be modified,
so remove 'const' for it. The related warnings:

    CC [M]  arch/s390/crypto/aes_s390.o
  arch/s390/crypto/aes_s390.c: In function 'aes_encrypt':
  arch/s390/crypto/aes_s390.c:146:37: warning: passing argument 2 of 'crypt_s390_km' discards 'const' qualifier from pointer target type [-Wdiscarded-array-qualifiers]
     crypt_s390_km(KM_AES_128_ENCRYPT, &sctx->key, out, in,
                                       ^
  ...

  In file included from arch/s390/crypto/aes_s390.c:29:0:
  arch/s390/crypto/crypt_s390.h:154:19: note: expected 'void *' but argument is of type 'const u8 (*)[32] {aka const unsigned char (*)[32]}'
   static inline int crypt_s390_km(long func, void *param,
                     ^

Signed-off-by: Chen Gang <gang.chen.5i5j@gmail.com>
Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2015-01-08 10:02:53 +01:00
Joe Perches 91c0837e6d s390: remove unnecessary KERN_CONT
This has no effect as KERN_CONT is an empty string,

It's probably just a missing conversion artifact as the
other pr_cont uses in the same file don't have this prefix.

Signed-off-by: Joe Perches <joe@perches.com>
Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2015-01-08 10:02:52 +01:00
Heiko Carstens a7e75d434b s390/sclp: sign extend return value of _sclp_print_early()
_sclp_print_early() has a return value, but misses to sign extend it
if called from 64 bit code.
This is not really a bug, since currently no caller cares what the
return value is.

Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2015-01-08 10:02:52 +01:00
Chen Gang fbf87dff67 s390/sclp: fix declaration of _sclp_print_early()
_sclp_print_early() has return value: at present, return 0 for OK, 1 for
failure. It returns '%r2', so use 'long' as return value (upper caller
can check '%r2' directly). The related warning:

    CC      arch/s390/boot/compressed/misc.o
  arch/s390/boot/compressed/misc.c:66:8: warning: type defaults to 'int' in declaration of '_sclp_print_early' [-Wimplicit-int]
   extern _sclp_print_early(const char *);
          ^

At present, _sclp_print_early() is only used by puts(), so can still
remain its declaration in 'misc.c' file.

[heiko.carstens@de.ibm.com]: move declaration to sclp.h header file

Signed-off-by: Chen Gang <gang.chen.5i5j@gmail.com>
Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2015-01-08 10:02:51 +01:00
Heiko Carstens 47523c983f s390: keep Kconfig sorted
Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2015-01-08 10:02:50 +01:00
Rickard Strandqvist 8ebd51a705 s390/cio: idset.c: remove some unused functions
Removes some functions that are not used anywhere:
idset_clear() idset_sch_get_first()

This was partially found by using a static code analysis program called cppcheck.

Signed-off-by: Rickard Strandqvist <rickard_strandqvist@spectrumdigital.se>
Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2015-01-08 10:02:50 +01:00
Heiko Carstens e0a5054548 s390/signal: add sys_sigreturn and sys_rt_sigreturn declarations
Get rid of sparse warnings like this one:
arch/s390/kernel/signal.c:244:1:
  warning: symbol 'sys_sigreturn' was not declared. Should it be static?

Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
2015-01-08 10:02:49 +01:00
Heiko Carstens 925dfc020a s390/pgtable: add unsigned long casts
Get rid of warnings like this one:
warning: constant 0xffe0000000000000 is so big it is unsigned long

Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
2015-01-08 10:02:48 +01:00
Heiko Carstens 8d1f211ebb s390/disassembler: remove indentical initializer
Remove one of the two identical initializer entries.

Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
2015-01-08 10:02:47 +01:00
Heiko Carstens eba8452525 s390/pci: add missing address space annotation
Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
2015-01-08 10:02:47 +01:00
Heiko Carstens 58498ee3e5 s390/ftrace: add code replacement sanity checks
Always verify that the to be replaced code matches what we expect to see.

Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2015-01-08 10:02:46 +01:00
Martin Schwidefsky fbc89c952f s390/mm: avoid using pmd_to_page for !USE_SPLIT_PMD_PTLOCKS
pmd_to_page() is only available if USE_SPLIT_PMD_PTLOCKS is defined.
The use of pmd_to_page in the gmap code can cause compile errors if
NR_CPUS is smaller than SPLIT_PTLOCK_CPUS. Do not use pmd_to_page
outside of USE_SPLIT_PMD_PTLOCKS sections.

Reported-by: Mike Frysinger <vapier@gentoo.org>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2015-01-08 10:02:18 +01:00
Chen Gang e38f978133 s390/timex: fix get_tod_clock_ext() inline assembly
For C language, it treats array parameter as a pointer, so sizeof for an
array parameter is equal to sizeof for a pointer, which causes compiler
warning (with allmodconfig by gcc 5):

  ./arch/s390/include/asm/timex.h: In function 'get_tod_clock_ext':
  ./arch/s390/include/asm/timex.h:76:32: warning: 'sizeof' on array function parameter 'clk' will return size of 'char *' [-Wsizeof-array-argument]
    typedef struct { char _[sizeof(clk)]; } addrtype;
                                  ^
Can use macro CLOCK_STORE_SIZE instead of all related hard code numbers,
which also can avoid this warning. And also add a tab to CLOCK_TICK_RATE
definition to match coding styles.

[heiko.carstens@de.ibm.com]:
Chen's patch actually fixes a bug within the get_tod_clock_ext() inline assembly
where we incorrectly tell the compiler that only 8 bytes of memory get changed
instead of 16 bytes.
This would allow gcc to generate incorrect code. Right now this doesn't seem to
be the case.
Also slightly changed the patch a bit.
- renamed CLOCK_STORE_SIZE to STORE_CLOCK_EXT_SIZE
- changed get_tod_clock_ext() to receive a char pointer parameter

Signed-off-by: Chen Gang <gang.chen.5i5j@gmail.com>
Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2015-01-07 09:52:47 +01:00
Heiko Carstens 98590460d4 s390: wire up execveat syscall
Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2014-12-18 13:37:17 +01:00
Christian Borntraeger 81fc77fbfc s390/kernel: use stnsm 255 instead of stosm 0
On some models, stnsm 255 might be slightly faster than stosm 0.

Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2014-12-18 13:37:15 +01:00
Christian Borntraeger 032014bc04 s390/vtime: Get rid of redundant WARN_ON
in the cpu time accounting function vtime_account_irq_enter
(vtime_account_system) we use a WARN_ON_ONCE(!irqs_disabled()).
This is redundant as the function virt_timer_forward is always
called and has a BUG_ON(!irqs_disabled()).

This saves several nanoseconds in my specific testcase (KVM entry/exit)
and probably all other callers like (soft)irq entry/exit.

Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
Reviewed-by: Heiko Carstens <heiko.carstens@de.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2014-12-18 09:55:56 +01:00
Harald Freudenberger 099eae11a8 s390/zcrypt: kernel oops at insmod of the z90crypt device driver
Kernel oops caused by invalid parameter at TAPQ instruction:
On older systems where the QCI instruction is not available
all possible domains are probed via TAPQ instruction. The
range for the probe has been extended with the > 16 domain
support now leading to a possible specification exception
when this instruction is called for probing higher values
within the new range. This may happen during insmod and/or
ap bus reset only on machines without a QCI instruction (z10,
z196, z114), zEC12 and newer systems are not affected.
The fix modifies the domain checking function to limit the
allowed range if no QCI info is available.

Signed-off-by: Harald Freudenberger <freude@linux.vnet.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2014-12-18 09:55:55 +01:00
Linus Torvalds 44e8967d59 Ceph: remove left-over reject file
Neither Sage nor I noticed that Zheng Yan had mistakenly committed
fs/ceph/super.h.rej as part of commit 31c542a199 ("ceph: add inline
data to pagecache").

Remove it.

Requested-by: Yan, Zheng <ukernel@gmail.com>
Cc: Sage Weil <sweil@redhat.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2014-12-17 18:47:01 -08:00
Linus Torvalds 57666509b7 Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/sage/ceph-client
Pull ceph updates from Sage Weil:
 "The big item here is support for inline data for CephFS and for
  message signatures from Zheng.  There are also several bug fixes,
  including interrupted flock request handling, 0-length xattrs, mksnap,
  cached readdir results, and a message version compat field.  Finally
  there are several cleanups from Ilya, Dan, and Markus.

  Note that there is another series coming soon that fixes some bugs in
  the RBD 'lingering' requests, but it isn't quite ready yet"

* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/sage/ceph-client: (27 commits)
  ceph: fix setting empty extended attribute
  ceph: fix mksnap crash
  ceph: do_sync is never initialized
  libceph: fixup includes in pagelist.h
  ceph: support inline data feature
  ceph: flush inline version
  ceph: convert inline data to normal data before data write
  ceph: sync read inline data
  ceph: fetch inline data when getting Fcr cap refs
  ceph: use getattr request to fetch inline data
  ceph: add inline data to pagecache
  ceph: parse inline data in MClientReply and MClientCaps
  libceph: specify position of extent operation
  libceph: add CREATE osd operation support
  libceph: add SETXATTR/CMPXATTR osd operations support
  rbd: don't treat CEPH_OSD_OP_DELETE as extent op
  ceph: remove unused stringification macros
  libceph: require cephx message signature by default
  ceph: introduce global empty snap context
  ceph: message versioning fixes
  ...
2014-12-17 16:03:12 -08:00
Linus Torvalds 87c31b39ab Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace
Pull user namespace related fixes from Eric Biederman:
 "As these are bug fixes almost all of thes changes are marked for
  backporting to stable.

  The first change (implicitly adding MNT_NODEV on remount) addresses a
  regression that was created when security issues with unprivileged
  remount were closed.  I go on to update the remount test to make it
  easy to detect if this issue reoccurs.

  Then there are a handful of mount and umount related fixes.

  Then half of the changes deal with the a recently discovered design
  bug in the permission checks of gid_map.  Unix since the beginning has
  allowed setting group permissions on files to less than the user and
  other permissions (aka ---rwx---rwx).  As the unix permission checks
  stop as soon as a group matches, and setgroups allows setting groups
  that can not later be dropped, results in a situtation where it is
  possible to legitimately use a group to assign fewer privileges to a
  process.  Which means dropping a group can increase a processes
  privileges.

  The fix I have adopted is that gid_map is now no longer writable
  without privilege unless the new file /proc/self/setgroups has been
  set to permanently disable setgroups.

  The bulk of user namespace using applications even the applications
  using applications using user namespaces without privilege remain
  unaffected by this change.  Unfortunately this ix breaks a couple user
  space applications, that were relying on the problematic behavior (one
  of which was tools/selftests/mount/unprivileged-remount-test.c).

  To hopefully prevent needing a regression fix on top of my security
  fix I rounded folks who work with the container implementations mostly
  like to be affected and encouraged them to test the changes.

    > So far nothing broke on my libvirt-lxc test bed. :-)
    > Tested with openSUSE 13.2 and libvirt 1.2.9.
    > Tested-by: Richard Weinberger <richard@nod.at>

    > Tested on Fedora20 with libvirt 1.2.11, works fine.
    > Tested-by: Chen Hanxiao <chenhanxiao@cn.fujitsu.com>

    > Ok, thanks - yes, unprivileged lxc is working fine with your kernels.
    > Just to be sure I was testing the right thing I also tested using
    > my unprivileged nsexec testcases, and they failed on setgroup/setgid
    > as now expected, and succeeded there without your patches.
    > Tested-by: Serge Hallyn <serge.hallyn@ubuntu.com>

    > I tested this with Sandstorm.  It breaks as is and it works if I add
    > the setgroups thing.
    > Tested-by: Andy Lutomirski <luto@amacapital.net> # breaks things as designed :("

* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace:
  userns: Unbreak the unprivileged remount tests
  userns; Correct the comment in map_write
  userns: Allow setting gid_maps without privilege when setgroups is disabled
  userns: Add a knob to disable setgroups on a per user namespace basis
  userns: Rename id_map_mutex to userns_state_mutex
  userns: Only allow the creator of the userns unprivileged mappings
  userns: Check euid no fsuid when establishing an unprivileged uid mapping
  userns: Don't allow unprivileged creation of gid mappings
  userns: Don't allow setgroups until a gid mapping has been setablished
  userns: Document what the invariant required for safe unprivileged mappings.
  groups: Consolidate the setgroups permission checks
  mnt: Clear mnt_expire during pivot_root
  mnt: Carefully set CL_UNPRIVILEGED in clone_mnt
  mnt: Move the clear of MNT_LOCKED from copy_tree to it's callers.
  umount: Do not allow unmounting rootfs.
  umount: Disallow unprivileged mount force
  mnt: Update unprivileged remount test
  mnt: Implicitly add MNT_NODEV on remount when it was implicitly added by mount
2014-12-17 12:31:40 -08:00
Linus Torvalds f045bbb9fa mmu_gather: fix over-eager tlb_flush_mmu_free() calling
Dave Hansen reports that commit fb7332a9fe ("mmu_gather: move minimal
range calculations into generic code") caused a performance problem:

  "tlb_finish_mmu() goes up about 9x in the profiles (~0.4%->3.6%) and
   tlb_flush_mmu_free() takes about 3.1% of CPU time with the patch
   applied, but does not show up at all on the commit before"

and the reason is that Will moved the test for whether we need to flush
from tlb_flush_mmu() into tlb_flush_mmu_tlbonly().  But that meant that
tlb_flush_mmu_free() basically lost that check.

Move it back into tlb_flush_mmu() where it belongs, so that it covers
both tlb_flush_mmu_tlbonly() _and_ tlb_flush_mmu_free().

Reported-and-tested-by: Dave Hansen <dave@sr71.net>
Acked-by: Will Deacon <will.deacon@arm.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2014-12-17 11:59:04 -08:00
Linus Torvalds cf3c0a1579 x86: mm: fix VM_FAULT_RETRY handling
My commit 26178ec11e ("x86: mm: consolidate VM_FAULT_RETRY handling")
had a really stupid typo: the FAULT_FLAG_USER bit is in the 'flags'
variable, not the 'fault' variable. Duh,

The one silver lining in this is that Dave finding this at least
confirms that trinity actually triggers this special path easily, in a
way normal use does not.

Reported-by: Dave Jones <davej@redhat.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2014-12-17 11:52:37 -08:00
Linus Torvalds cc669743a3 VFIO updates for v3.19-rc1
- s390 support (Frank Blaschka)
  - Enable iommu-type1 for ARM SMMU (Will Deacon)
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIcBAABAgAGBQJUka+sAAoJECObm247sIsiiy0P/iqrQpv94Z7rUKRlV3K8YtJj
 8Oi5fLLnT2by9v5mS+KMElnQ5gLU/C5B/QGLMNrF2uQl8lguWSXJw37r7MkbIkpN
 RDLx1NhetLqbJ4CYLjyv/Jx3vl+Wr/2nNWRVIS5ajBmMjEgKVLvjYs4SaXELc3a8
 a3YzcGW10BrVFlCJgUYqYIFGS1BmKjf7fbD5YBocj8tPv6NAlCiNNYYr+0pzW8Lf
 GTi39JlZ2t06hDq33eiUkrySWNjrIBn4g4PfAl7HBAscsZKS1w18MD1qVw4UXXa2
 15+CBbsHU7ZLVo6G7vuZeJNCX9tdQ0WIZWQzHstQa914l86WYImTJ2tyH7Rn0ZcQ
 3Mu9fzef9JgjkI56ol2zDwuOs+qttOYaLWjhhHiW4jkIxdnljnesIFlvmM3XeDGz
 3Zowg09HzE3K+dt8265jVKkcNJbPLzspLvF27nPMudZNHBozcoPE0jKxU7QC3eMT
 Ij36+puQq+jccUic3Np6rxk5tzTHEat1a7w3IUwXCCUP5P5QW+kuuIjbd4hqQkHn
 VDRjnT6MWC3GguUCXR5VyO0zezpI20pTbWwE8u2qwnE349m0Eq/vxytj2lCLYLPR
 Jjtdduf1/Ppam7tATd3PwTu6KljY3dJiUUikyOc1J0KmkgkSMw+BtR6G7qytyW4q
 /fhClcsaNtxSheVh0N+b
 =1L2V
 -----END PGP SIGNATURE-----

Merge tag 'vfio-v3.19-rc1' of git://github.com/awilliam/linux-vfio

Pull VFIO updates from Alex Williamson:
 - s390 support (Frank Blaschka)
 - Enable iommu-type1 for ARM SMMU (Will Deacon)

* tag 'vfio-v3.19-rc1' of git://github.com/awilliam/linux-vfio:
  drivers/vfio: allow type-1 IOMMU instantiation on top of an ARM SMMU
  vfio: make vfio run on s390
2014-12-17 10:44:22 -08:00
Linus Torvalds 9f3e151299 A balloon enhancement, and a minor race-on-module-unload theoretical
bug which doesn't merit cc: stable.
 
 All the exciting stuff went via MST this cycle.
 
 Thanks,
 Rusty.
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIcBAABAgAGBQJUkPhtAAoJENkgDmzRrbjxnEoP/iXZ2d0pwbSQSSw12wXec7BO
 aT698KzTHg2naRqWEhRbE5ujGW9ZR1hbkH3r70R2BlM5wZTwCAEkJB4SRfIu6u0R
 fv9GUgZTdSIlN2+yBW1eYHa2QlB8V/jx3P2Vyw3/ejGQ2vC6B7JbNsdCZJoyuH5A
 jZojZUrltfEdPVO4JkZ9sSzo64fzyoHGj8YYilH8ygcyZOshAvKvP/gOsFyRzyaj
 OPCU1CImBj5i1w2dFSErhKPJp/WQl7La1dKwTVE4lEGKadKDmqnStV0JKuvcRPv6
 XB/9vwdRXtFIxRUKDH8Wj7DrkKRCsBh6DJUl+MC+c2TVLNu6v0D/WGOlmio2rvoZ
 6CGwNBQg4Ex/J8CkcYsgISn/jzDS+0oaZK0P+IYNJtv5e7D6jPJcDoZ1yPXh1uPn
 9ZYZlKa08o5/991f3HM2kJKWDP/OdzgHQH6w2exY01Zsz/6TATLvU7xoPQuHelWe
 mRd1kbW4ONIUAzIGPhd5PvtnmJ2L82+tN3VmYu50XAl2oSF8fzvQ/VHl9hgyu/vI
 WREA7/40e2DYkhRbu7focdEAFYo0HnuRq6Kwp5zYjbfgyBsiaY7DVvAUlnhwhMES
 kSFKejGUP00gofrXdffTYNu5LdKMN8eaVT7pMyxNXlQHSzXe3Vc6oqnpXzP17ii7
 ahqmeDZKNUF3GSOHc4IC
 =COY0
 -----END PGP SIGNATURE-----

Merge tag 'virtio-next-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/rusty/linux

Pull virtio updates from Rusty Russell:
 "A balloon enhancement, and a minor race-on-module-unload theoretical
  bug which doesn't merit cc: stable.

  All the exciting stuff went via MST this cycle"

* tag 'virtio-next-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/rusty/linux:
  virtio_balloon: free some memory from balloon on OOM
  virtio_balloon: return the amount of freed memory from leak_balloon()
  virtio_blk: fix race at module removal
  virtio: Fix comment typo 'CONFIG_S_FAILED'
2014-12-17 10:37:56 -08:00
Linus Torvalds 2efda9042d Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/rzhang/linux
Pull thermal management update from Zhang Rui:
 "Summary:

   - of-thermal extension to allow drivers to register and use its
     functionality in a better way, without exploiting thermal core.
     From Lukasz Majewski.

   - Fix a bug in intel_soc_dts_thermal driver which calls a sleep
     function in interrupt handler.  From Maurice Petallo.

   - add a thermal UAPI header file for exporting the thermal generic
     netlink information to user-space.  From Florian Fainelli.

   - First round of refactoring in Exynos driver.  Bartlomiej and Lukasz
     are attempting to make it lean and easier to understand.

   - New thermal driver for Rockchip (rk3288), with support for DT
     thermal.  From Caesar Wang.

   - New thermal driver for Nvidia, Tegra124 SOCTHERM driver, with
     support for DT thermal.  From Mikko Perttunen.

   - New cooling device, based on common clock framework.  From Eduardo
     Valentin.

   - a couple of small fixes in thermal core framework.  From Srinivas
     Pandruvada, Javi Merino, Luis Henriques.

   - Dropping Armada A375-Z1 SoC thermal support as the chip is not in
     the market, armada folks decided to drop its support.

   - a couple of small fixes and cleanups in int340x thermal driver"

* 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/rzhang/linux: (58 commits)
  thermal: provide an UAPI header file
  Thermal/int340x: Clear the error value of the last acpi_bus_get_device() call
  thermal/powerclamp: add id for braswell cpu
  thermal: Intel SoC DTS: Don't do thermal zone update inside spin_lock
  Thermal: fix platform_no_drv_owner.cocci warnings
  Thermal/int340x: avoid unnecessary pointer casting
  thermal: int3403: Delete a check before thermal_zone_device_unregister()
  thermal/int3400: export uuids
  thermal: of: Extend current of-thermal.c code to allow setting emulated temp
  thermal: of: Extend of-thermal to export table of trip points
  thermal: of: Rename struct __thermal_trip to struct thermal_trip
  thermal: of: Extend of-thermal.c to provide check if trip point is valid
  thermal: of: Extend of-thermal.c to provide number of trip points
  thermal: Fix error path in thermal_init()
  thermal: lock the thermal zone when switching governors
  thermal: core: ignore invalid trip temperature
  thermal: armada: Remove support for A375-Z1 SoC
  thermal: rockchip: add driver for thermal
  dt-bindings: document Rockchip thermal
  thermal: exynos: remove exynos_tmu_data.h include
  ...
2014-12-17 10:16:27 -08:00
Linus Torvalds 0b4954c469 pwm: Changes for v3.19-rc1
There are two new drivers, one for the BCM2835 (Raspberry Pi) and one
 used in conjunction with the LCD controller on various Atmel SoCs. The
 Samsung PWM driver can now be built for 64-bit ARM (Exynos7).
 
 A couple of fixes have been applied to the FTM PWM driver and system
 sleep support was added.
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2
 
 iQIcBAABAgAGBQJUkURIAAoJEN0jrNd/PrOhG6QQAIyoyd6eJfS+cN7+qHN9W6Wd
 X5qu60iwspn8TrzxnsyUPVNYndmKET5jbjmOL5BbHeh+L+Urnfo3BlkLeGN0jKC5
 LZiS7SzzLcFwYufcV22rycF97KO11LVd5vQ3WKhD/tJljTSVemiUZeCFddkWfuwr
 ngE3W3+2opmAepvkW3GyvaaLaRhYPDKgWYYvKkmtsH6jcqpikAxsn5+5Uzctu8aM
 MlU9/nSq4JmM2BUHEgwN76tFi6qrcY7uGKwkE80aO70rDLOWPhoM7T4L1XegSSI3
 DFURuvYo528L2hXC6CnShBZEsvjXmIdG/WxuxPtcKVZNfCAwfJqpDXBTQJz/MFlz
 fHykAZfjfNju+Y3iprc6QgnLQOv5+j0ZRRx55adVysXBqMAbaJjmKj0uCLsKZa3w
 tNt5YzuUs3FHI7UHq7L3+e2WhT0TtxJgTiSyP7Jvbt8iUY9GVJpEz5gmOx0KRYSz
 lS0MUBPNMIZjtBQqtotWfSb9f+mJPYxQkpbOfodiZnouLbqStrO/GZ+7O3+aJQ5Y
 8+yrj3PgqwSXQkf3d4Y72RnMjfCqO1RSg6a9Qe1Txz9aXBQlTPOZxylwZHiMYdxm
 yF1rzP1LWRlcHHroB/lLOJ4xNjUhLqvhFQT/hlRR8bygl+v67SCEX0gii0AwTYHU
 4bAM7asKUBnOfYcvsuaX
 =jD3K
 -----END PGP SIGNATURE-----

Merge tag 'pwm/for-3.19-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/thierry.reding/linux-pwm

Pull pwm updates from Thierry Reding:
 "There are two new drivers, one for the BCM2835 (Raspberry Pi) and one
  used in conjunction with the LCD controller on various Atmel SoCs.
  The Samsung PWM driver can now be built for 64-bit ARM (Exynos7).

  A couple of fixes have been applied to the FTM PWM driver and system
  sleep support was added"

* tag 'pwm/for-3.19-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/thierry.reding/linux-pwm:
  pwm: atmel-hlcdc: add at91sam9x5 and sama5d3 errata handling
  pwm: ftm: Add Power Management support for FTM PWM
  pwm: ftm: Add regmap rbtree type cache support
  pwm: ftm: Correctly track usage count
  pwm: samsung: Allow Samsung PWM driver to be enabled on Exynos7
  pwm: add DT bindings documentation for atmel-hlcdc-pwm driver
  pwm: add support for atmel-hlcdc-pwm device
  pwm: Add BCM2835 PWM driver
2014-12-17 10:10:51 -08:00
Linus Torvalds d797da41b2 Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/dtor/input
Pull input subsystem updates from Dmitry Torokhov:
 "Two new drivers for Elan hardware (for I2C touchpad and touchscreen
  found in several Chromebooks and other devices), a driver for Goodix
  touch panel, and small fixes to Cypress I2C trackpad and other input
  drivers.

  Also we switched to use __maybe_unused instead of gating suspend/
  resume code with #ifdef guards to get better compile coverage"

* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/dtor/input: (27 commits)
  Input: gpio_keys - fix warning regarding uninitialized 'button' variable
  Input: add support for Elan eKTH I2C touchscreens
  Input: gpio_keys - fix warning regarding uninitialized  'irq' variable
  Input: cyapa - use 'error' for error codes
  Input: cyapa - fix resuming the device
  Input: gpio_keys - add device tree support for interrupt only keys
  Input: amikbd - allocate temporary keymap buffer on the stack
  Input: amikbd - fix build if !CONFIG_HW_CONSOLE
  Input: lm8323 - missing error check in lm8323_set_disable()
  Input: initialize device counter variables with -1
  Input: initialize input_no to -1 to avoid subtraction
  Input: i8042 - do not try to load on Intel NUC D54250WYK
  Input: atkbd - correct MSC_SCAN events for force_release keys
  Input: cyapa - switch to using managed resources
  Input: lifebook - use "static inline" instead of "inline" in lifebook.h
  Input: touchscreen - use __maybe_unused instead of ifdef around suspend/resume
  Input: mouse - use __maybe_unused instead of ifdef around suspend/resume
  Input: misc - use __maybe_unused instead of ifdef around suspend/resume
  Input: cap11xx - support for irq-active-high option
  Input: cap11xx - add support for various cap11xx devices
  ...
2014-12-17 10:06:02 -08:00
Linus Torvalds d6666be6f0 MTD updates for 3.19:
* Add device tree support for DoC3
 
  * SPI NOR:
 
     Refactoring, for better layering between spi-nor.c and its driver users
     (e.g., m25p80.c)
 
     New flash device support
 
     Support 6-byte ID strings
 
  * NAND
 
     New NAND driver for Allwinner SoC's (sunxi)
 
     GPMI NAND: add support for raw (no ECC) access, for testing purposes
 
     Add ATO manufacturer ID
 
     A few odd driver fixes
 
  * MTD tests:
 
     Allow testers to compensate for OOB bitflips in oobtest
 
     Fix a torturetest regression
 
  * nandsim: Support longer ID byte strings
 
 And more.
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIcBAABAgAGBQJUj6PbAAoJEFySrpd9RFgtahcP/RGvknk9lnitaZI7+aZPP8Zs
 AopfiuisLNv3v87EEBAWGYjRYm6vuuhO1z3K55iOIlemBVzoMIP0jf68XGy9uXnL
 Ox6AHqxm55wwmc+CHry5/GssaqE6GzdPm8TBP+AGGNhHrhc+raJL55R0QJaoYVwX
 pUxkhWaa4lZ6CrOIMQ3n+MEnduilHZoFIcXSc1UtI0y9IXsf1m0Qs8M5jGN8BQ16
 HOVNJN9wOXF89swoi7bKsyAn+QFUYgdksAisncb6b9r5Ks5KHmcOuS1LM5X9YoUr
 KfeogHfDM68fcaHsSvMU1xmxjXGtE+HFJE52eYNPB1fNbT3JAC13FFj92GeSsZtE
 ekpCQh4OPLazT/2wCUHTQwC7T1dCilwyW7VJB9MSl7fSBo9P7jIiUHxVUdM43kez
 Di02/XWi4IULTwrgzZiTT8yplFrVdvkmKHAAFEIoaVWiF/l4DeSodLGUw7owmNYn
 rJPBPQulpPHRwKZY7gThJuOUXpgbT715GSbvmPYXimHBqmViiPkrhqQ/b/v4PRRs
 Nlfhwbswr7WBq6vmPkd6eOyfdFANmWcZQMp/++BCdI/7mhfaik72GWMTBSuJ7hN5
 PB+z95soHaKBWlbiDGGGPvuqJmPkOVq1R8itQdIYBWEh7eNSHecwVxyUJJ+V3oPv
 QkD7mEP2ZozZe3Ys2EJQ
 =gDW8
 -----END PGP SIGNATURE-----

Merge tag 'for-linus-20141215' of git://git.infradead.org/linux-mtd

Pull MTD updates from Brian Norris:
 "Summary:
   - Add device tree support for DoC3

   - SPI NOR:
        Refactoring, for better layering between spi-nor.c and its
        driver users (e.g., m25p80.c)

        New flash device support

        Support 6-byte ID strings

   - NAND:
        New NAND driver for Allwinner SoC's (sunxi)

        GPMI NAND: add support for raw (no ECC) access, for testing
        purposes

        Add ATO manufacturer ID

        A few odd driver fixes

   - MTD tests:
        Allow testers to compensate for OOB bitflips in oobtest

        Fix a torturetest regression

   - nandsim: Support longer ID byte strings

  And more"

* tag 'for-linus-20141215' of git://git.infradead.org/linux-mtd: (63 commits)
  mtd: tests: abort torturetest on erase errors
  mtd: physmap_of: fix potential NULL dereference
  mtd: spi-nor: allow NULL as chip name and try to auto detect it
  mtd: nand: gpmi: add raw oob access functions
  mtd: nand: gpmi: add proper raw access support
  mtd: nand: gpmi: add gpmi_copy_bits function
  mtd: spi-nor: factor out write_enable() for erase commands
  mtd: spi-nor: add support for s25fl128s
  mtd: spi-nor: remove the jedec_id/ext_id
  mtd: spi-nor: add id/id_len for flash_info{}
  mtd: nand: correct the comment of function nand_block_isreserved()
  jffs2: Drop bogus if in comment
  mtd: atmel_nand: replace memcpy32_toio/memcpy32_fromio with memcpy
  mtd: cafe_nand: drop duplicate .write_page implementation
  mtd: m25p80: Add support for serial flash Spansion S25FL132K
  MTD: m25p80: fix inconsistency in m25p_ids compared to spi_nor_ids
  mtd: spi-nor: improve wait-till-ready timeout loop
  mtd: delete unnecessary checks before two function calls
  mtd: nand: omap: Fix NAND enumeration on 3430 LDP
  mtd: nand: add ATO manufacturer info
  ...
2014-12-17 09:59:26 -08:00
Linus Torvalds 0ea90b9e79 Microblaze patches for 3.19-rc1
- Fix mmap for cache coherent memory
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.4.10 (GNU/Linux)
 
 iEYEABECAAYFAlSRcMAACgkQykllyylKDCE0zACfbg0I77YfF/2NZqb4w4VKNGr4
 +cMAn0xy2x+GkGbZkRwBf5kPNXC+IqDV
 =wYLz
 -----END PGP SIGNATURE-----

Merge tag 'microblaze-3.19-rc1' of git://git.monstr.eu/linux-2.6-microblaze

Pull Microblaze fix from Michal Simek:
 "Fix mmap for cache coherent memory"

* tag 'microblaze-3.19-rc1' of git://git.monstr.eu/linux-2.6-microblaze:
  microblaze: Fix mmap for cache coherent memory
2014-12-17 09:54:05 -08:00