linux-stable.git/arch/arm/kernel, branch v4.17.2 Linux kernel stable tree ARM: 8771/1: kprobes: Prohibit kprobes on do_undefinstr 2018-05-19T10:35:56+00:00 Masami Hiramatsu mhiramat@kernel.org 2018-05-13T04:04:16+00:00 eb0146daefdde65665b7f076fbff7b49dade95b9 Prohibit kprobes on do_undefinstr because kprobes on arm is implemented by undefined instruction. This means if we probe do_undefinstr(), it can cause infinit recursive exception. Fixes: 24ba613c9d6c ("ARM kprobes: core code") Signed-off-by: Masami Hiramatsu <mhiramat@kernel.org> Cc: stable@vger.kernel.org Signed-off-by: Russell King <rmk+kernel@armlinux.org.uk> 
Prohibit kprobes on do_undefinstr because kprobes on
arm is implemented by undefined instruction. This means
if we probe do_undefinstr(), it can cause infinit
recursive exception.

Fixes: 24ba613c9d6c ("ARM kprobes: core code")
Signed-off-by: Masami Hiramatsu <mhiramat@kernel.org>
Cc: stable@vger.kernel.org
Signed-off-by: Russell King <rmk+kernel@armlinux.org.uk>
ARM: kexec: record parent context registers for non-crash CPUs 2018-05-19T10:35:56+00:00 Russell King rmk+kernel@armlinux.org.uk 2018-04-11T18:35:19+00:00 1c37963b1a1600b9686c4a99857ddcb6028be884 How we got to machine_crash_nonpanic_core() (iow, from an IPI, etc) is not interesting for debugging a crash. The more interesting context is the parent context prior to the IPI being received. Record the parent context register state rather than the register state in machine_crash_nonpanic_core(), which is more relevant to the failing condition. Signed-off-by: Russell King <rmk+kernel@armlinux.org.uk> 
How we got to machine_crash_nonpanic_core() (iow, from an IPI, etc) is
not interesting for debugging a crash.  The more interesting context
is the parent context prior to the IPI being received.

Record the parent context register state rather than the register state
in machine_crash_nonpanic_core(), which is more relevant to the failing
condition.

Signed-off-by: Russell King <rmk+kernel@armlinux.org.uk>
ARM: kexec: fix kdump register saving on panic() 2018-05-19T10:35:56+00:00 Russell King rmk+kernel@armlinux.org.uk 2018-04-11T17:24:01+00:00 2d7b3c64431245c95b05a441669c074da10db943 When a panic() occurs, the kexec code uses smp_send_stop() to stop the other CPUs, but this results in the CPU register state not being saved, and gdb is unable to inspect the state of other CPUs. Commit 0ee59413c967 ("x86/panic: replace smp_send_stop() with kdump friendly version in panic path") addressed the issue on x86, but ignored other architectures. Address the issue on ARM by splitting out the crash stop implementation to crash_smp_send_stop() and adding the necessary protection. Signed-off-by: Russell King <rmk+kernel@armlinux.org.uk> 
When a panic() occurs, the kexec code uses smp_send_stop() to stop
the other CPUs, but this results in the CPU register state not being
saved, and gdb is unable to inspect the state of other CPUs.

Commit 0ee59413c967 ("x86/panic: replace smp_send_stop() with kdump
friendly version in panic path") addressed the issue on x86, but
ignored other architectures.  Address the issue on ARM by splitting
out the crash stop implementation to crash_smp_send_stop() and
adding the necessary protection.

Signed-off-by: Russell King <rmk+kernel@armlinux.org.uk>
Merge branch 'for-linus' of git://git.armlinux.org.uk/~rmk/linux-arm 2018-04-09T16:19:30+00:00 Linus Torvalds torvalds@linux-foundation.org 2018-04-09T16:19:30+00:00 4a1e00524cbdd38567e36f9c54a0444deebd864a Pull ARM updates from Russell King: "A number of core ARM changes: - Refactoring linker script by Nicolas Pitre - Enable source fortification - Add support for Cortex R8" * 'for-linus' of git://git.armlinux.org.uk/~rmk/linux-arm: ARM: decompressor: fix warning introduced in fortify patch ARM: 8751/1: Add support for Cortex-R8 processor ARM: 8749/1: Kconfig: Add ARCH_HAS_FORTIFY_SOURCE ARM: simplify and fix linker script for TCM ARM: linker script: factor out TCM bits ARM: linker script: factor out vectors and stubs ARM: linker script: factor out unwinding table sections ARM: linker script: factor out stuff for the .text section ARM: linker script: factor out stuff for the DISCARD section ARM: linker script: factor out some common definitions between XIP and non-XIP 
Pull ARM updates from Russell King:
 "A number of core ARM changes:

   - Refactoring linker script by Nicolas Pitre

   - Enable source fortification

   - Add support for Cortex R8"

* 'for-linus' of git://git.armlinux.org.uk/~rmk/linux-arm:
  ARM: decompressor: fix warning introduced in fortify patch
  ARM: 8751/1: Add support for Cortex-R8 processor
  ARM: 8749/1: Kconfig: Add ARCH_HAS_FORTIFY_SOURCE
  ARM: simplify and fix linker script for TCM
  ARM: linker script: factor out TCM bits
  ARM: linker script: factor out vectors and stubs
  ARM: linker script: factor out unwinding table sections
  ARM: linker script: factor out stuff for the .text section
  ARM: linker script: factor out stuff for the DISCARD section
  ARM: linker script: factor out some common definitions between XIP and non-XIP
Merge branch 'syscalls-next' of git://git.kernel.org/pub/scm/linux/kernel/git/brodo/linux 2018-04-03T04:22:12+00:00 Linus Torvalds torvalds@linux-foundation.org 2018-04-03T04:22:12+00:00 642e7fd23353e22290e3d51719fcb658dc252342 Pull removal of in-kernel calls to syscalls from Dominik Brodowski: "System calls are interaction points between userspace and the kernel. Therefore, system call functions such as sys_xyzzy() or compat_sys_xyzzy() should only be called from userspace via the syscall table, but not from elsewhere in the kernel. At least on 64-bit x86, it will likely be a hard requirement from v4.17 onwards to not call system call functions in the kernel: It is better to use use a different calling convention for system calls there, where struct pt_regs is decoded on-the-fly in a syscall wrapper which then hands processing over to the actual syscall function. This means that only those parameters which are actually needed for a specific syscall are passed on during syscall entry, instead of filling in six CPU registers with random user space content all the time (which may cause serious trouble down the call chain). Those x86-specific patches will be pushed through the x86 tree in the near future. Moreover, rules on how data may be accessed may differ between kernel data and user data. This is another reason why calling sys_xyzzy() is generally a bad idea, and -- at most -- acceptable in arch-specific code. This patchset removes all in-kernel calls to syscall functions in the kernel with the exception of arch/. On top of this, it cleans up the three places where many syscalls are referenced or prototyped, namely kernel/sys_ni.c, include/linux/syscalls.h and include/linux/compat.h" * 'syscalls-next' of git://git.kernel.org/pub/scm/linux/kernel/git/brodo/linux: (109 commits) bpf: whitelist all syscalls for error injection kernel/sys_ni: remove {sys_,sys_compat} from cond_syscall definitions kernel/sys_ni: sort cond_syscall() entries syscalls/x86: auto-create compat_sys_*() prototypes syscalls: sort syscall prototypes in include/linux/compat.h net: remove compat_sys_*() prototypes from net/compat.h syscalls: sort syscall prototypes in include/linux/syscalls.h kexec: move sys_kexec_load() prototype to syscalls.h x86/sigreturn: use SYSCALL_DEFINE0 x86: fix sys_sigreturn() return type to be long, not unsigned long x86/ioport: add ksys_ioperm() helper; remove in-kernel calls to sys_ioperm() mm: add ksys_readahead() helper; remove in-kernel calls to sys_readahead() mm: add ksys_mmap_pgoff() helper; remove in-kernel calls to sys_mmap_pgoff() mm: add ksys_fadvise64_64() helper; remove in-kernel call to sys_fadvise64_64() fs: add ksys_fallocate() wrapper; remove in-kernel calls to sys_fallocate() fs: add ksys_p{read,write}64() helpers; remove in-kernel calls to syscalls fs: add ksys_truncate() wrapper; remove in-kernel calls to sys_truncate() fs: add ksys_sync_file_range helper(); remove in-kernel calls to syscall kernel: add ksys_setsid() helper; remove in-kernel call to sys_setsid() kernel: add ksys_unshare() helper; remove in-kernel calls to sys_unshare() ... 
Pull removal of in-kernel calls to syscalls from Dominik Brodowski:
 "System calls are interaction points between userspace and the kernel.
  Therefore, system call functions such as sys_xyzzy() or
  compat_sys_xyzzy() should only be called from userspace via the
  syscall table, but not from elsewhere in the kernel.

  At least on 64-bit x86, it will likely be a hard requirement from
  v4.17 onwards to not call system call functions in the kernel: It is
  better to use use a different calling convention for system calls
  there, where struct pt_regs is decoded on-the-fly in a syscall wrapper
  which then hands processing over to the actual syscall function. This
  means that only those parameters which are actually needed for a
  specific syscall are passed on during syscall entry, instead of
  filling in six CPU registers with random user space content all the
  time (which may cause serious trouble down the call chain). Those
  x86-specific patches will be pushed through the x86 tree in the near
  future.

  Moreover, rules on how data may be accessed may differ between kernel
  data and user data. This is another reason why calling sys_xyzzy() is
  generally a bad idea, and -- at most -- acceptable in arch-specific
  code.

  This patchset removes all in-kernel calls to syscall functions in the
  kernel with the exception of arch/. On top of this, it cleans up the
  three places where many syscalls are referenced or prototyped, namely
  kernel/sys_ni.c, include/linux/syscalls.h and include/linux/compat.h"

* 'syscalls-next' of git://git.kernel.org/pub/scm/linux/kernel/git/brodo/linux: (109 commits)
  bpf: whitelist all syscalls for error injection
  kernel/sys_ni: remove {sys_,sys_compat} from cond_syscall definitions
  kernel/sys_ni: sort cond_syscall() entries
  syscalls/x86: auto-create compat_sys_*() prototypes
  syscalls: sort syscall prototypes in include/linux/compat.h
  net: remove compat_sys_*() prototypes from net/compat.h
  syscalls: sort syscall prototypes in include/linux/syscalls.h
  kexec: move sys_kexec_load() prototype to syscalls.h
  x86/sigreturn: use SYSCALL_DEFINE0
  x86: fix sys_sigreturn() return type to be long, not unsigned long
  x86/ioport: add ksys_ioperm() helper; remove in-kernel calls to sys_ioperm()
  mm: add ksys_readahead() helper; remove in-kernel calls to sys_readahead()
  mm: add ksys_mmap_pgoff() helper; remove in-kernel calls to sys_mmap_pgoff()
  mm: add ksys_fadvise64_64() helper; remove in-kernel call to sys_fadvise64_64()
  fs: add ksys_fallocate() wrapper; remove in-kernel calls to sys_fallocate()
  fs: add ksys_p{read,write}64() helpers; remove in-kernel calls to syscalls
  fs: add ksys_truncate() wrapper; remove in-kernel calls to sys_truncate()
  fs: add ksys_sync_file_range helper(); remove in-kernel calls to syscall
  kernel: add ksys_setsid() helper; remove in-kernel call to sys_setsid()
  kernel: add ksys_unshare() helper; remove in-kernel calls to sys_unshare()
  ...
mm: add ksys_fadvise64_64() helper; remove in-kernel call to sys_fadvise64_64() 2018-04-02T18:16:10+00:00 Dominik Brodowski linux@dominikbrodowski.net 2018-03-11T10:34:45+00:00 9d5b7c956b09daab955fb2a42447d5d89ff15093 Using the ksys_fadvise64_64() helper allows us to avoid the in-kernel calls to the sys_fadvise64_64() syscall. The ksys_ prefix denotes that this function is meant as a drop-in replacement for the syscall. In particular, it uses the same calling convention as ksys_fadvise64_64(). Some compat stubs called sys_fadvise64(), which then just passed through the arguments to sys_fadvise64_64(). Get rid of this indirection, and call ksys_fadvise64_64() directly. This patch is part of a series which removes in-kernel calls to syscalls. On this basis, the syscall entry path can be streamlined. For details, see http://lkml.kernel.org/r/20180325162527.GA17492@light.dominikbrodowski.net Cc: Andrew Morton <akpm@linux-foundation.org> Cc: linux-mm@kvack.org Signed-off-by: Dominik Brodowski <linux@dominikbrodowski.net> 
Using the ksys_fadvise64_64() helper allows us to avoid the in-kernel
calls to the sys_fadvise64_64() syscall. The ksys_ prefix denotes that
this function is meant as a drop-in replacement for the syscall. In
particular, it uses the same calling convention as ksys_fadvise64_64().

Some compat stubs called sys_fadvise64(), which then just passed through
the arguments to sys_fadvise64_64(). Get rid of this indirection, and call
ksys_fadvise64_64() directly.

This patch is part of a series which removes in-kernel calls to syscalls.
On this basis, the syscall entry path can be streamlined. For details, see
http://lkml.kernel.org/r/20180325162527.GA17492@light.dominikbrodowski.net

Cc: Andrew Morton <akpm@linux-foundation.org>
Cc: linux-mm@kvack.org
Signed-off-by: Dominik Brodowski <linux@dominikbrodowski.net>
Merge branch 'fixes' of git://git.armlinux.org.uk/~rmk/linux-arm 2018-03-28T00:28:40+00:00 Linus Torvalds torvalds@linux-foundation.org 2018-03-28T00:28:40+00:00 d2b35e0042681791815a2fa90213fd4d21992c56 Pull ARM fixes from Russell King: "A small number of small fixes for ARM, mostly for some build issues. One fix for a regression caused by the cpu hotplug conversion from a few kernel versions ago" * 'fixes' of git://git.armlinux.org.uk/~rmk/linux-arm: ARM: 8750/1: deflate_xip_data.sh: minor fixes ARM: 8748/1: mm: Define vdso_start, vdso_end as array ARM: 8747/1: make CONFIG_DEBUG_WX depend on MMU ARM: 8746/1: vfp: Go back to clearing vfp_current_hw_state[] 
Pull ARM fixes from Russell King:
 "A small number of small fixes for ARM, mostly for some build issues.

  One fix for a regression caused by the cpu hotplug conversion from a
  few kernel versions ago"

* 'fixes' of git://git.armlinux.org.uk/~rmk/linux-arm:
  ARM: 8750/1: deflate_xip_data.sh: minor fixes
  ARM: 8748/1: mm: Define vdso_start, vdso_end as array
  ARM: 8747/1: make CONFIG_DEBUG_WX depend on MMU
  ARM: 8746/1: vfp: Go back to clearing vfp_current_hw_state[]
ARM: 8748/1: mm: Define vdso_start, vdso_end as array 2018-03-24T14:27:49+00:00 Jinbum Park jinb.park7@gmail.com 2018-03-06T00:37:21+00:00 73b9160d0dfe44dfdaffd6465dc1224c38a4a73c Define vdso_start, vdso_end as array to avoid compile-time analysis error for the case of built with CONFIG_FORTIFY_SOURCE. and, since vdso_start, vdso_end are used in vdso.c only, move extern-declaration from vdso.h to vdso.c. If kernel is built with CONFIG_FORTIFY_SOURCE, compile-time error happens at this code. - if (memcmp(&vdso_start, "177ELF", 4)) The size of "&vdso_start" is recognized as 1 byte, but n is 4, So that compile-time error is reported. Acked-by: Kees Cook <keescook@chromium.org> Signed-off-by: Jinbum Park <jinb.park7@gmail.com> Signed-off-by: Russell King <rmk+kernel@armlinux.org.uk> 
Define vdso_start, vdso_end as array to avoid compile-time analysis error
for the case of built with CONFIG_FORTIFY_SOURCE.

and, since vdso_start, vdso_end are used in vdso.c only,
move extern-declaration from vdso.h to vdso.c.

If kernel is built with CONFIG_FORTIFY_SOURCE,
compile-time error happens at this code.
- if (memcmp(&vdso_start, "177ELF", 4))

The size of "&vdso_start" is recognized as 1 byte, but n is 4,
So that compile-time error is reported.

Acked-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Jinbum Park <jinb.park7@gmail.com>
Signed-off-by: Russell King <rmk+kernel@armlinux.org.uk>
ARM: simplify and fix linker script for TCM 2018-03-10T01:20:43+00:00 Nicolas Pitre nicolas.pitre@linaro.org 2018-03-09T02:12:04+00:00 b54290e51accea4f696f5dacef8e609d0ccbe54a Let's put the TCM stuff in the __init section directly. No need for a separately freed memory area. Remove redundant linker sections, as well as comments that were more confusing than no comments at all. Finally make it XIP compatible by using LOAD_OFFSET in the section LMA specification. Signed-off-by: Nicolas Pitre <nico@linaro.org> Tested-by: Chris Brandt <Chris.Brandt@renesas.com> 
Let's put the TCM stuff in the __init section directly. No need for
a separately freed memory area.

Remove redundant linker sections, as well as comments that were more
confusing than no comments at all. Finally make it XIP compatible by
using LOAD_OFFSET in the section LMA specification.

Signed-off-by: Nicolas Pitre <nico@linaro.org>
Tested-by: Chris Brandt <Chris.Brandt@renesas.com>
ARM: linker script: factor out TCM bits 2018-03-10T01:20:22+00:00 Nicolas Pitre nicolas.pitre@linaro.org 2018-03-09T01:19:48+00:00 c3146c43db4974f4571bd9d42b172ca03a9137c6 This is a plain move with identical results, and therefore still broken in the XIP case. Signed-off-by: Nicolas Pitre <nico@linaro.org> Tested-by: Chris Brandt <Chris.Brandt@renesas.com> 
This is a plain move with identical results, and therefore
still broken in the XIP case.

Signed-off-by: Nicolas Pitre <nico@linaro.org>
Tested-by: Chris Brandt <Chris.Brandt@renesas.com>