<feed xmlns='http://www.w3.org/2005/Atom'>
<title>linux-stable.git/arch/x86/include, branch linux-3.7.y</title>
<subtitle>Linux kernel stable tree</subtitle>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/'/>
<entry>
<title>x86-32, mm: Remove reference to resume_map_numa_kva()</title>
<updated>2013-02-27T17:20:53+00:00</updated>
<author>
<name>H. Peter Anvin</name>
<email>hpa@linux.intel.com</email>
</author>
<published>2013-01-31T21:53:10+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=5d0acfb94c9fd79ec3ea10c249b8e707728f20fa'/>
<id>5d0acfb94c9fd79ec3ea10c249b8e707728f20fa</id>
<content type='text'>
commit bb112aec5ee41427e9b9726e3d57b896709598ed upstream.

Remove reference to removed function resume_map_numa_kva().

Signed-off-by: H. Peter Anvin &lt;hpa@linux.intel.com&gt;
Cc: Dave Hansen &lt;dave@linux.vnet.ibm.com&gt;
Link: http://lkml.kernel.org/r/20130131005616.1C79F411@kernel.stglabs.ibm.com
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@linuxfoundation.org&gt;

</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
commit bb112aec5ee41427e9b9726e3d57b896709598ed upstream.

Remove reference to removed function resume_map_numa_kva().

Signed-off-by: H. Peter Anvin &lt;hpa@linux.intel.com&gt;
Cc: Dave Hansen &lt;dave@linux.vnet.ibm.com&gt;
Link: http://lkml.kernel.org/r/20130131005616.1C79F411@kernel.stglabs.ibm.com
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@linuxfoundation.org&gt;

</pre>
</div>
</content>
</entry>
<entry>
<title>x86/mm: Check if PUD is large when validating a kernel address</title>
<updated>2013-02-17T18:53:12+00:00</updated>
<author>
<name>Mel Gorman</name>
<email>mgorman@suse.de</email>
</author>
<published>2013-02-11T14:52:36+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=d0944379e4915dd58835ba79d51173fa88c29b62'/>
<id>d0944379e4915dd58835ba79d51173fa88c29b62</id>
<content type='text'>
commit 0ee364eb316348ddf3e0dfcd986f5f13f528f821 upstream.

A user reported the following oops when a backup process reads
/proc/kcore:

 BUG: unable to handle kernel paging request at ffffbb00ff33b000
 IP: [&lt;ffffffff8103157e&gt;] kern_addr_valid+0xbe/0x110
 [...]

 Call Trace:
  [&lt;ffffffff811b8aaa&gt;] read_kcore+0x17a/0x370
  [&lt;ffffffff811ad847&gt;] proc_reg_read+0x77/0xc0
  [&lt;ffffffff81151687&gt;] vfs_read+0xc7/0x130
  [&lt;ffffffff811517f3&gt;] sys_read+0x53/0xa0
  [&lt;ffffffff81449692&gt;] system_call_fastpath+0x16/0x1b

Investigation determined that the bug triggered when reading
system RAM at the 4G mark. On this system, that was the first
address using 1G pages for the virt-&gt;phys direct mapping so the
PUD is pointing to a physical address, not a PMD page.

The problem is that the page table walker in kern_addr_valid() is
not checking pud_large() and treats the physical address as if
it was a PMD.  If it happens to look like pmd_none then it'll
silently fail, probably returning zeros instead of real data. If
the data happens to look like a present PMD though, it will be
walked resulting in the oops above.

This patch adds the necessary pud_large() check.

Unfortunately the problem was not readily reproducible and now
they are running the backup program without accessing
/proc/kcore so the patch has not been validated but I think it
makes sense.

Signed-off-by: Mel Gorman &lt;mgorman@suse.de&gt;
Reviewed-by: Rik van Riel &lt;riel@redhat.coM&gt;
Reviewed-by: Michal Hocko &lt;mhocko@suse.cz&gt;
Acked-by: Johannes Weiner &lt;hannes@cmpxchg.org&gt;
Cc: linux-mm@kvack.org
Link: http://lkml.kernel.org/r/20130211145236.GX21389@suse.de
Signed-off-by: Ingo Molnar &lt;mingo@kernel.org&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@linuxfoundation.org&gt;

</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
commit 0ee364eb316348ddf3e0dfcd986f5f13f528f821 upstream.

A user reported the following oops when a backup process reads
/proc/kcore:

 BUG: unable to handle kernel paging request at ffffbb00ff33b000
 IP: [&lt;ffffffff8103157e&gt;] kern_addr_valid+0xbe/0x110
 [...]

 Call Trace:
  [&lt;ffffffff811b8aaa&gt;] read_kcore+0x17a/0x370
  [&lt;ffffffff811ad847&gt;] proc_reg_read+0x77/0xc0
  [&lt;ffffffff81151687&gt;] vfs_read+0xc7/0x130
  [&lt;ffffffff811517f3&gt;] sys_read+0x53/0xa0
  [&lt;ffffffff81449692&gt;] system_call_fastpath+0x16/0x1b

Investigation determined that the bug triggered when reading
system RAM at the 4G mark. On this system, that was the first
address using 1G pages for the virt-&gt;phys direct mapping so the
PUD is pointing to a physical address, not a PMD page.

The problem is that the page table walker in kern_addr_valid() is
not checking pud_large() and treats the physical address as if
it was a PMD.  If it happens to look like pmd_none then it'll
silently fail, probably returning zeros instead of real data. If
the data happens to look like a present PMD though, it will be
walked resulting in the oops above.

This patch adds the necessary pud_large() check.

Unfortunately the problem was not readily reproducible and now
they are running the backup program without accessing
/proc/kcore so the patch has not been validated but I think it
makes sense.

Signed-off-by: Mel Gorman &lt;mgorman@suse.de&gt;
Reviewed-by: Rik van Riel &lt;riel@redhat.coM&gt;
Reviewed-by: Michal Hocko &lt;mhocko@suse.cz&gt;
Acked-by: Johannes Weiner &lt;hannes@cmpxchg.org&gt;
Cc: linux-mm@kvack.org
Link: http://lkml.kernel.org/r/20130211145236.GX21389@suse.de
Signed-off-by: Ingo Molnar &lt;mingo@kernel.org&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@linuxfoundation.org&gt;

</pre>
</div>
</content>
</entry>
<entry>
<title>efi: Make 'efi_enabled' a function to query EFI facilities</title>
<updated>2013-02-04T00:27:05+00:00</updated>
<author>
<name>Matt Fleming</name>
<email>matt.fleming@intel.com</email>
</author>
<published>2012-11-14T09:42:35+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=72b56e869fa2c058969e47da101a9e7d319f6062'/>
<id>72b56e869fa2c058969e47da101a9e7d319f6062</id>
<content type='text'>
commit 83e68189745ad931c2afd45d8ee3303929233e7f upstream.

Originally 'efi_enabled' indicated whether a kernel was booted from
EFI firmware. Over time its semantics have changed, and it now
indicates whether or not we are booted on an EFI machine with
bit-native firmware, e.g. 64-bit kernel with 64-bit firmware.

The immediate motivation for this patch is the bug report at,

    https://bugs.launchpad.net/ubuntu-cdimage/+bug/1040557

which details how running a platform driver on an EFI machine that is
designed to run under BIOS can cause the machine to become
bricked. Also, the following report,

    https://bugzilla.kernel.org/show_bug.cgi?id=47121

details how running said driver can also cause Machine Check
Exceptions. Drivers need a new means of detecting whether they're
running on an EFI machine, as sadly the expression,

    if (!efi_enabled)

hasn't been a sufficient condition for quite some time.

Users actually want to query 'efi_enabled' for different reasons -
what they really want access to is the list of available EFI
facilities.

For instance, the x86 reboot code needs to know whether it can invoke
the ResetSystem() function provided by the EFI runtime services, while
the ACPI OSL code wants to know whether the EFI config tables were
mapped successfully. There are also checks in some of the platform
driver code to simply see if they're running on an EFI machine (which
would make it a bad idea to do BIOS-y things).

This patch is a prereq for the samsung-laptop fix patch.

Signed-off-by: Matt Fleming &lt;matt.fleming@intel.com&gt;
Cc: David Airlie &lt;airlied@linux.ie&gt;
Cc: Corentin Chary &lt;corentincj@iksaif.net&gt;
Cc: Matthew Garrett &lt;mjg59@srcf.ucam.org&gt;
Cc: Dave Jiang &lt;dave.jiang@intel.com&gt;
Cc: Olof Johansson &lt;olof@lixom.net&gt;
Cc: Peter Jones &lt;pjones@redhat.com&gt;
Cc: Colin Ian King &lt;colin.king@canonical.com&gt;
Cc: Steve Langasek &lt;steve.langasek@canonical.com&gt;
Cc: Tony Luck &lt;tony.luck@intel.com&gt;
Cc: Konrad Rzeszutek Wilk &lt;konrad@kernel.org&gt;
Cc: Rafael J. Wysocki &lt;rjw@sisk.pl&gt;
Signed-off-by: H. Peter Anvin &lt;hpa@linux.intel.com&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@linuxfoundation.org&gt;

</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
commit 83e68189745ad931c2afd45d8ee3303929233e7f upstream.

Originally 'efi_enabled' indicated whether a kernel was booted from
EFI firmware. Over time its semantics have changed, and it now
indicates whether or not we are booted on an EFI machine with
bit-native firmware, e.g. 64-bit kernel with 64-bit firmware.

The immediate motivation for this patch is the bug report at,

    https://bugs.launchpad.net/ubuntu-cdimage/+bug/1040557

which details how running a platform driver on an EFI machine that is
designed to run under BIOS can cause the machine to become
bricked. Also, the following report,

    https://bugzilla.kernel.org/show_bug.cgi?id=47121

details how running said driver can also cause Machine Check
Exceptions. Drivers need a new means of detecting whether they're
running on an EFI machine, as sadly the expression,

    if (!efi_enabled)

hasn't been a sufficient condition for quite some time.

Users actually want to query 'efi_enabled' for different reasons -
what they really want access to is the list of available EFI
facilities.

For instance, the x86 reboot code needs to know whether it can invoke
the ResetSystem() function provided by the EFI runtime services, while
the ACPI OSL code wants to know whether the EFI config tables were
mapped successfully. There are also checks in some of the platform
driver code to simply see if they're running on an EFI machine (which
would make it a bad idea to do BIOS-y things).

This patch is a prereq for the samsung-laptop fix patch.

Signed-off-by: Matt Fleming &lt;matt.fleming@intel.com&gt;
Cc: David Airlie &lt;airlied@linux.ie&gt;
Cc: Corentin Chary &lt;corentincj@iksaif.net&gt;
Cc: Matthew Garrett &lt;mjg59@srcf.ucam.org&gt;
Cc: Dave Jiang &lt;dave.jiang@intel.com&gt;
Cc: Olof Johansson &lt;olof@lixom.net&gt;
Cc: Peter Jones &lt;pjones@redhat.com&gt;
Cc: Colin Ian King &lt;colin.king@canonical.com&gt;
Cc: Steve Langasek &lt;steve.langasek@canonical.com&gt;
Cc: Tony Luck &lt;tony.luck@intel.com&gt;
Cc: Konrad Rzeszutek Wilk &lt;konrad@kernel.org&gt;
Cc: Rafael J. Wysocki &lt;rjw@sisk.pl&gt;
Signed-off-by: H. Peter Anvin &lt;hpa@linux.intel.com&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@linuxfoundation.org&gt;

</pre>
</div>
</content>
</entry>
<entry>
<title>Merge branch 'perf-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip</title>
<updated>2012-12-01T21:07:48+00:00</updated>
<author>
<name>Linus Torvalds</name>
<email>torvalds@linux-foundation.org</email>
</author>
<published>2012-12-01T21:07:48+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=455e987c0c2eb2c9045dc854559474cf41509965'/>
<id>455e987c0c2eb2c9045dc854559474cf41509965</id>
<content type='text'>
Pull perf fixes from Ingo Molnar:
 "This is mostly about unbreaking architectures that took the UAPI
  changes in the v3.7 cycle, plus misc fixes."

* 'perf-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
  perf kvm: Fix building perf kvm on non x86 arches
  perf kvm: Rename perf_kvm to perf_kvm_stat
  perf: Make perf build for x86 with UAPI disintegration applied
  perf powerpc: Use uapi/unistd.h to fix build error
  tools: Pass the target in descend
  tools: Honour the O= flag when tool build called from a higher Makefile
  tools: Define a Makefile function to do subdir processing
  x86: Export asm/{svm.h,vmx.h,perf_regs.h}
  perf tools: Fix strbuf_addf() when the buffer needs to grow
  perf header: Fix numa topology printing
  perf, powerpc: Fix hw breakpoints returning -ENOSPC
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Pull perf fixes from Ingo Molnar:
 "This is mostly about unbreaking architectures that took the UAPI
  changes in the v3.7 cycle, plus misc fixes."

* 'perf-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
  perf kvm: Fix building perf kvm on non x86 arches
  perf kvm: Rename perf_kvm to perf_kvm_stat
  perf: Make perf build for x86 with UAPI disintegration applied
  perf powerpc: Use uapi/unistd.h to fix build error
  tools: Pass the target in descend
  tools: Honour the O= flag when tool build called from a higher Makefile
  tools: Define a Makefile function to do subdir processing
  x86: Export asm/{svm.h,vmx.h,perf_regs.h}
  perf tools: Fix strbuf_addf() when the buffer needs to grow
  perf header: Fix numa topology printing
  perf, powerpc: Fix hw breakpoints returning -ENOSPC
</pre>
</div>
</content>
</entry>
<entry>
<title>x86, fpu: Avoid FPU lazy restore after suspend</title>
<updated>2012-11-30T21:48:05+00:00</updated>
<author>
<name>Vincent Palatin</name>
<email>vpalatin@chromium.org</email>
</author>
<published>2012-11-30T20:15:32+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=644c154186386bb1fa6446bc5e037b9ed098db46'/>
<id>644c154186386bb1fa6446bc5e037b9ed098db46</id>
<content type='text'>
When a cpu enters S3 state, the FPU state is lost.
After resuming for S3, if we try to lazy restore the FPU for a process running
on the same CPU, this will result in a corrupted FPU context.

Ensure that "fpu_owner_task" is properly invalided when (re-)initializing a CPU,
so nobody will try to lazy restore a state which doesn't exist in the hardware.

Tested with a 64-bit kernel on a 4-core Ivybridge CPU with eagerfpu=off,
by doing thousands of suspend/resume cycles with 4 processes doing FPU
operations running. Without the patch, a process is killed after a
few hundreds cycles by a SIGFPE.

Cc: Duncan Laurie &lt;dlaurie@chromium.org&gt;
Cc: Olof Johansson &lt;olofj@chromium.org&gt;
Cc: &lt;stable@kernel.org&gt; v3.4+ # for 3.4 need to replace this_cpu_write by percpu_write
Signed-off-by: Vincent Palatin &lt;vpalatin@chromium.org&gt;
Link: http://lkml.kernel.org/r/1354306532-1014-1-git-send-email-vpalatin@chromium.org
Signed-off-by: H. Peter Anvin &lt;hpa@linux.intel.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
When a cpu enters S3 state, the FPU state is lost.
After resuming for S3, if we try to lazy restore the FPU for a process running
on the same CPU, this will result in a corrupted FPU context.

Ensure that "fpu_owner_task" is properly invalided when (re-)initializing a CPU,
so nobody will try to lazy restore a state which doesn't exist in the hardware.

Tested with a 64-bit kernel on a 4-core Ivybridge CPU with eagerfpu=off,
by doing thousands of suspend/resume cycles with 4 processes doing FPU
operations running. Without the patch, a process is killed after a
few hundreds cycles by a SIGFPE.

Cc: Duncan Laurie &lt;dlaurie@chromium.org&gt;
Cc: Olof Johansson &lt;olofj@chromium.org&gt;
Cc: &lt;stable@kernel.org&gt; v3.4+ # for 3.4 need to replace this_cpu_write by percpu_write
Signed-off-by: Vincent Palatin &lt;vpalatin@chromium.org&gt;
Link: http://lkml.kernel.org/r/1354306532-1014-1-git-send-email-vpalatin@chromium.org
Signed-off-by: H. Peter Anvin &lt;hpa@linux.intel.com&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>Merge branch 'x86-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip</title>
<updated>2012-11-24T06:03:14+00:00</updated>
<author>
<name>Linus Torvalds</name>
<email>torvalds@linux-foundation.org</email>
</author>
<published>2012-11-24T06:03:14+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=2654ad44b5f7a5f1b12d722a37d9b9df69d57899'/>
<id>2654ad44b5f7a5f1b12d722a37d9b9df69d57899</id>
<content type='text'>
Pull x86 arch fixes from Peter Anvin:
 "Here is a collection of fixes for 3.7-rc7.  This is a superset of
  tglx' earlier pull request."

* 'x86-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
  x86-64: Fix ordering of CFI directives and recent ASM_CLAC additions
  x86, microcode, AMD: Add support for family 16h processors
  x86-32: Export kernel_stack_pointer() for modules
  x86-32: Fix invalid stack address while in softirq
  x86, efi: Fix processor-specific memcpy() build error
  x86: remove dummy long from EFI stub
  x86, mm: Correct vmflag test for checking VM_HUGETLB
  x86, amd: Disable way access filter on Piledriver CPUs
  x86/mce: Do not change worker's running cpu in cmci_rediscover().
  x86/ce4100: Fix PCI configuration register access for devices without interrupts
  x86/ce4100: Fix reboot by forcing the reboot method to be KBD
  x86/ce4100: Fix pm_poweroff
  MAINTAINERS: Update email address for Robert Richter
  x86, microcode_amd: Change email addresses, MAINTAINERS entry
  MAINTAINERS: Change Boris' email address
  EDAC: Change Boris' email address
  x86, AMD: Change Boris' email address
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Pull x86 arch fixes from Peter Anvin:
 "Here is a collection of fixes for 3.7-rc7.  This is a superset of
  tglx' earlier pull request."

* 'x86-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
  x86-64: Fix ordering of CFI directives and recent ASM_CLAC additions
  x86, microcode, AMD: Add support for family 16h processors
  x86-32: Export kernel_stack_pointer() for modules
  x86-32: Fix invalid stack address while in softirq
  x86, efi: Fix processor-specific memcpy() build error
  x86: remove dummy long from EFI stub
  x86, mm: Correct vmflag test for checking VM_HUGETLB
  x86, amd: Disable way access filter on Piledriver CPUs
  x86/mce: Do not change worker's running cpu in cmci_rediscover().
  x86/ce4100: Fix PCI configuration register access for devices without interrupts
  x86/ce4100: Fix reboot by forcing the reboot method to be KBD
  x86/ce4100: Fix pm_poweroff
  MAINTAINERS: Update email address for Robert Richter
  x86, microcode_amd: Change email addresses, MAINTAINERS entry
  MAINTAINERS: Change Boris' email address
  EDAC: Change Boris' email address
  x86, AMD: Change Boris' email address
</pre>
</div>
</content>
</entry>
<entry>
<title>x86-32: Fix invalid stack address while in softirq</title>
<updated>2012-11-21T06:23:20+00:00</updated>
<author>
<name>Robert Richter</name>
<email>robert.richter@amd.com</email>
</author>
<published>2012-09-03T18:54:48+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=1022623842cb72ee4d0dbf02f6937f38c92c3f41'/>
<id>1022623842cb72ee4d0dbf02f6937f38c92c3f41</id>
<content type='text'>
In 32 bit the stack address provided by kernel_stack_pointer() may
point to an invalid range causing NULL pointer access or page faults
while in NMI (see trace below). This happens if called in softirq
context and if the stack is empty. The address at &amp;regs-&gt;sp is then
out of range.

Fixing this by checking if regs and &amp;regs-&gt;sp are in the same stack
context. Otherwise return the previous stack pointer stored in struct
thread_info. If that address is invalid too, return address of regs.

 BUG: unable to handle kernel NULL pointer dereference at 0000000a
 IP: [&lt;c1004237&gt;] print_context_stack+0x6e/0x8d
 *pde = 00000000
 Oops: 0000 [#1] SMP
 Modules linked in:
 Pid: 4434, comm: perl Not tainted 3.6.0-rc3-oprofile-i386-standard-g4411a05 #4 Hewlett-Packard HP xw9400 Workstation/0A1Ch
 EIP: 0060:[&lt;c1004237&gt;] EFLAGS: 00010093 CPU: 0
 EIP is at print_context_stack+0x6e/0x8d
 EAX: ffffe000 EBX: 0000000a ECX: f4435f94 EDX: 0000000a
 ESI: f4435f94 EDI: f4435f94 EBP: f5409ec0 ESP: f5409ea0
  DS: 007b ES: 007b FS: 00d8 GS: 0033 SS: 0068
 CR0: 8005003b CR2: 0000000a CR3: 34ac9000 CR4: 000007d0
 DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
 DR6: ffff0ff0 DR7: 00000400
 Process perl (pid: 4434, ti=f5408000 task=f5637850 task.ti=f4434000)
 Stack:
  000003e8 ffffe000 00001ffc f4e39b00 00000000 0000000a f4435f94 c155198c
  f5409ef0 c1003723 c155198c f5409f04 00000000 f5409edc 00000000 00000000
  f5409ee8 f4435f94 f5409fc4 00000001 f5409f1c c12dce1c 00000000 c155198c
 Call Trace:
  [&lt;c1003723&gt;] dump_trace+0x7b/0xa1
  [&lt;c12dce1c&gt;] x86_backtrace+0x40/0x88
  [&lt;c12db712&gt;] ? oprofile_add_sample+0x56/0x84
  [&lt;c12db731&gt;] oprofile_add_sample+0x75/0x84
  [&lt;c12ddb5b&gt;] op_amd_check_ctrs+0x46/0x260
  [&lt;c12dd40d&gt;] profile_exceptions_notify+0x23/0x4c
  [&lt;c1395034&gt;] nmi_handle+0x31/0x4a
  [&lt;c1029dc5&gt;] ? ftrace_define_fields_irq_handler_entry+0x45/0x45
  [&lt;c13950ed&gt;] do_nmi+0xa0/0x2ff
  [&lt;c1029dc5&gt;] ? ftrace_define_fields_irq_handler_entry+0x45/0x45
  [&lt;c13949e5&gt;] nmi_stack_correct+0x28/0x2d
  [&lt;c1029dc5&gt;] ? ftrace_define_fields_irq_handler_entry+0x45/0x45
  [&lt;c1003603&gt;] ? do_softirq+0x4b/0x7f
  &lt;IRQ&gt;
  [&lt;c102a06f&gt;] irq_exit+0x35/0x5b
  [&lt;c1018f56&gt;] smp_apic_timer_interrupt+0x6c/0x7a
  [&lt;c1394746&gt;] apic_timer_interrupt+0x2a/0x30
 Code: 89 fe eb 08 31 c9 8b 45 0c ff 55 ec 83 c3 04 83 7d 10 00 74 0c 3b 5d 10 73 26 3b 5d e4 73 0c eb 1f 3b 5d f0 76 1a 3b 5d e8 73 15 &lt;8b&gt; 13 89 d0 89 55 e0 e8 ad 42 03 00 85 c0 8b 55 e0 75 a6 eb cc
 EIP: [&lt;c1004237&gt;] print_context_stack+0x6e/0x8d SS:ESP 0068:f5409ea0
 CR2: 000000000000000a
 ---[ end trace 62afee3481b00012 ]---
 Kernel panic - not syncing: Fatal exception in interrupt

V2:
* add comments to kernel_stack_pointer()
* always return a valid stack address by falling back to the address
  of regs

Reported-by: Yang Wei &lt;wei.yang@windriver.com&gt;
Cc: &lt;stable@vger.kernel.org&gt;
Signed-off-by: Robert Richter &lt;robert.richter@amd.com&gt;
Link: http://lkml.kernel.org/r/20120912135059.GZ8285@erda.amd.com
Signed-off-by: H. Peter Anvin &lt;hpa@linux.intel.com&gt;
Cc: Jun Zhang &lt;jun.zhang@intel.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
In 32 bit the stack address provided by kernel_stack_pointer() may
point to an invalid range causing NULL pointer access or page faults
while in NMI (see trace below). This happens if called in softirq
context and if the stack is empty. The address at &amp;regs-&gt;sp is then
out of range.

Fixing this by checking if regs and &amp;regs-&gt;sp are in the same stack
context. Otherwise return the previous stack pointer stored in struct
thread_info. If that address is invalid too, return address of regs.

 BUG: unable to handle kernel NULL pointer dereference at 0000000a
 IP: [&lt;c1004237&gt;] print_context_stack+0x6e/0x8d
 *pde = 00000000
 Oops: 0000 [#1] SMP
 Modules linked in:
 Pid: 4434, comm: perl Not tainted 3.6.0-rc3-oprofile-i386-standard-g4411a05 #4 Hewlett-Packard HP xw9400 Workstation/0A1Ch
 EIP: 0060:[&lt;c1004237&gt;] EFLAGS: 00010093 CPU: 0
 EIP is at print_context_stack+0x6e/0x8d
 EAX: ffffe000 EBX: 0000000a ECX: f4435f94 EDX: 0000000a
 ESI: f4435f94 EDI: f4435f94 EBP: f5409ec0 ESP: f5409ea0
  DS: 007b ES: 007b FS: 00d8 GS: 0033 SS: 0068
 CR0: 8005003b CR2: 0000000a CR3: 34ac9000 CR4: 000007d0
 DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
 DR6: ffff0ff0 DR7: 00000400
 Process perl (pid: 4434, ti=f5408000 task=f5637850 task.ti=f4434000)
 Stack:
  000003e8 ffffe000 00001ffc f4e39b00 00000000 0000000a f4435f94 c155198c
  f5409ef0 c1003723 c155198c f5409f04 00000000 f5409edc 00000000 00000000
  f5409ee8 f4435f94 f5409fc4 00000001 f5409f1c c12dce1c 00000000 c155198c
 Call Trace:
  [&lt;c1003723&gt;] dump_trace+0x7b/0xa1
  [&lt;c12dce1c&gt;] x86_backtrace+0x40/0x88
  [&lt;c12db712&gt;] ? oprofile_add_sample+0x56/0x84
  [&lt;c12db731&gt;] oprofile_add_sample+0x75/0x84
  [&lt;c12ddb5b&gt;] op_amd_check_ctrs+0x46/0x260
  [&lt;c12dd40d&gt;] profile_exceptions_notify+0x23/0x4c
  [&lt;c1395034&gt;] nmi_handle+0x31/0x4a
  [&lt;c1029dc5&gt;] ? ftrace_define_fields_irq_handler_entry+0x45/0x45
  [&lt;c13950ed&gt;] do_nmi+0xa0/0x2ff
  [&lt;c1029dc5&gt;] ? ftrace_define_fields_irq_handler_entry+0x45/0x45
  [&lt;c13949e5&gt;] nmi_stack_correct+0x28/0x2d
  [&lt;c1029dc5&gt;] ? ftrace_define_fields_irq_handler_entry+0x45/0x45
  [&lt;c1003603&gt;] ? do_softirq+0x4b/0x7f
  &lt;IRQ&gt;
  [&lt;c102a06f&gt;] irq_exit+0x35/0x5b
  [&lt;c1018f56&gt;] smp_apic_timer_interrupt+0x6c/0x7a
  [&lt;c1394746&gt;] apic_timer_interrupt+0x2a/0x30
 Code: 89 fe eb 08 31 c9 8b 45 0c ff 55 ec 83 c3 04 83 7d 10 00 74 0c 3b 5d 10 73 26 3b 5d e4 73 0c eb 1f 3b 5d f0 76 1a 3b 5d e8 73 15 &lt;8b&gt; 13 89 d0 89 55 e0 e8 ad 42 03 00 85 c0 8b 55 e0 75 a6 eb cc
 EIP: [&lt;c1004237&gt;] print_context_stack+0x6e/0x8d SS:ESP 0068:f5409ea0
 CR2: 000000000000000a
 ---[ end trace 62afee3481b00012 ]---
 Kernel panic - not syncing: Fatal exception in interrupt

V2:
* add comments to kernel_stack_pointer()
* always return a valid stack address by falling back to the address
  of regs

Reported-by: Yang Wei &lt;wei.yang@windriver.com&gt;
Cc: &lt;stable@vger.kernel.org&gt;
Signed-off-by: Robert Richter &lt;robert.richter@amd.com&gt;
Link: http://lkml.kernel.org/r/20120912135059.GZ8285@erda.amd.com
Signed-off-by: H. Peter Anvin &lt;hpa@linux.intel.com&gt;
Cc: Jun Zhang &lt;jun.zhang@intel.com&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>Merge branch 'x86-pre-uapi' into perf-uapi</title>
<updated>2012-11-19T21:50:58+00:00</updated>
<author>
<name>David Howells</name>
<email>dhowells@redhat.com</email>
</author>
<published>2012-11-19T21:48:22+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=60606d42483feb118c555f3425bb31fdec6749b3'/>
<id>60606d42483feb118c555f3425bb31fdec6749b3</id>
<content type='text'>
David Howells (1):
      x86: Export asm/{svm.h,vmx.h,perf_regs.h}
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
David Howells (1):
      x86: Export asm/{svm.h,vmx.h,perf_regs.h}
</pre>
</div>
</content>
</entry>
<entry>
<title>Merge tag 'stable/for-linus-3.7-rc5-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/konrad/xen</title>
<updated>2012-11-10T05:56:21+00:00</updated>
<author>
<name>Linus Torvalds</name>
<email>torvalds@linux-foundation.org</email>
</author>
<published>2012-11-10T05:56:21+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=0020dd0b8c03c55a15c5bf372082be4a54d84622'/>
<id>0020dd0b8c03c55a15c5bf372082be4a54d84622</id>
<content type='text'>
Pull Xen fixes from Konrad Rzeszutek Wilk:
 "There are three ARM compile fixes (we forgot to export certain
  functions and if the drivers are built as an module - we go belly-up).

  There is also an mismatch of irq_enter() / exit_idle() calls sequence
  which were fixed some time ago in other piece of codes, but failed to
  appear in the Xen code.

  Lastly a fix for to help in the field with troubleshooting in case we
  cannot get the appropriate parameter and also fallback code when
  working with very old hypervisors."

Bug-fixes:
 - Fix compile issues on ARM.
 - Fix hypercall fallback code for old hypervisors.
 - Print out which HVM parameter failed if it fails.
 - Fix idle notifier call after irq_enter.

* tag 'stable/for-linus-3.7-rc5-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/konrad/xen:
  xen/arm: Fix compile errors when drivers are compiled as modules (export more).
  xen/arm: Fix compile errors when drivers are compiled as modules.
  xen/generic: Disable fallback build on ARM.
  xen/events: fix RCU warning, or Call idle notifier after irq_enter()
  xen/hvm: If we fail to fetch an HVM parameter print out which flag it is.
  xen/hypercall: fix hypercall fallback code for very old hypervisors
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Pull Xen fixes from Konrad Rzeszutek Wilk:
 "There are three ARM compile fixes (we forgot to export certain
  functions and if the drivers are built as an module - we go belly-up).

  There is also an mismatch of irq_enter() / exit_idle() calls sequence
  which were fixed some time ago in other piece of codes, but failed to
  appear in the Xen code.

  Lastly a fix for to help in the field with troubleshooting in case we
  cannot get the appropriate parameter and also fallback code when
  working with very old hypervisors."

Bug-fixes:
 - Fix compile issues on ARM.
 - Fix hypercall fallback code for old hypervisors.
 - Print out which HVM parameter failed if it fails.
 - Fix idle notifier call after irq_enter.

* tag 'stable/for-linus-3.7-rc5-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/konrad/xen:
  xen/arm: Fix compile errors when drivers are compiled as modules (export more).
  xen/arm: Fix compile errors when drivers are compiled as modules.
  xen/generic: Disable fallback build on ARM.
  xen/events: fix RCU warning, or Call idle notifier after irq_enter()
  xen/hvm: If we fail to fetch an HVM parameter print out which flag it is.
  xen/hypercall: fix hypercall fallback code for very old hypervisors
</pre>
</div>
</content>
</entry>
<entry>
<title>x86: Export asm/{svm.h,vmx.h,perf_regs.h}</title>
<updated>2012-11-08T11:38:44+00:00</updated>
<author>
<name>David Howells</name>
<email>dhowells@redhat.com</email>
</author>
<published>2012-11-08T11:26:34+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=6d369a09ccd8104b35646b507112d3ddca4344eb'/>
<id>6d369a09ccd8104b35646b507112d3ddca4344eb</id>
<content type='text'>
Export asm/{svm.h,vmx.h,perf_regs.h} so that they can be disintegrated.

It looks from previous commits that the first two should have been exported,
but the header-y lines weren't added to the Kbuild.

I'm guessing that asm/perf_regs.h should be exported too.

Signed-off-by: David Howells &lt;dhowells@redhat.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Export asm/{svm.h,vmx.h,perf_regs.h} so that they can be disintegrated.

It looks from previous commits that the first two should have been exported,
but the header-y lines weren't added to the Kbuild.

I'm guessing that asm/perf_regs.h should be exported too.

Signed-off-by: David Howells &lt;dhowells@redhat.com&gt;
</pre>
</div>
</content>
</entry>
</feed>
