linux-stable.git/arch/xtensa/kernel, branch v3.18.76 Linux kernel stable tree mm: larger stack guard gap, between vmas 2017-06-26T05:10:54+00:00 Hugh Dickins hughd@google.com 2017-06-19T11:03:24+00:00 d4712eb79b17d85c9e354efa2d3156ce50736128 commit 1be7107fbe18eed3e319a6c3e83c78254b693acb upstream. Stack guard page is a useful feature to reduce a risk of stack smashing into a different mapping. We have been using a single page gap which is sufficient to prevent having stack adjacent to a different mapping. But this seems to be insufficient in the light of the stack usage in userspace. E.g. glibc uses as large as 64kB alloca() in many commonly used functions. Others use constructs liks gid_t buffer[NGROUPS_MAX] which is 256kB or stack strings with MAX_ARG_STRLEN. This will become especially dangerous for suid binaries and the default no limit for the stack size limit because those applications can be tricked to consume a large portion of the stack and a single glibc call could jump over the guard page. These attacks are not theoretical, unfortunatelly. Make those attacks less probable by increasing the stack guard gap to 1MB (on systems with 4k pages; but make it depend on the page size because systems with larger base pages might cap stack allocations in the PAGE_SIZE units) which should cover larger alloca() and VLA stack allocations. It is obviously not a full fix because the problem is somehow inherent, but it should reduce attack space a lot. One could argue that the gap size should be configurable from userspace, but that can be done later when somebody finds that the new 1MB is wrong for some special case applications. For now, add a kernel command line option (stack_guard_gap) to specify the stack gap size (in page units). Implementation wise, first delete all the old code for stack guard page: because although we could get away with accounting one extra page in a stack vma, accounting a larger gap can break userspace - case in point, a program run with "ulimit -S -v 20000" failed when the 1MB gap was counted for RLIMIT_AS; similar problems could come with RLIMIT_MLOCK and strict non-overcommit mode. Instead of keeping gap inside the stack vma, maintain the stack guard gap as a gap between vmas: using vm_start_gap() in place of vm_start (or vm_end_gap() in place of vm_end if VM_GROWSUP) in just those few places which need to respect the gap - mainly arch_get_unmapped_area(), and and the vma tree's subtree_gap support for that. Original-patch-by: Oleg Nesterov <oleg@redhat.com> Original-patch-by: Michal Hocko <mhocko@suse.com> Signed-off-by: Hugh Dickins <hughd@google.com> Acked-by: Michal Hocko <mhocko@suse.com> Tested-by: Helge Deller <deller@gmx.de> # parisc Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> [wt: backport to 4.11: adjust context] [wt: backport to 4.9: adjust context ; kernel doc was not in admin-guide] [wt: backport to 4.4: adjust context ; drop ppc hugetlb_radix changes] [wt: backport to 3.18: adjust context ; no FOLL_POPULATE ; s390 uses generic arch_get_unmapped_area()] Signed-off-by: Willy Tarreau <w@1wt.eu> [gkh: minor build fixes for 3.18] Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 
commit 1be7107fbe18eed3e319a6c3e83c78254b693acb upstream.

Stack guard page is a useful feature to reduce a risk of stack smashing
into a different mapping. We have been using a single page gap which
is sufficient to prevent having stack adjacent to a different mapping.
But this seems to be insufficient in the light of the stack usage in
userspace. E.g. glibc uses as large as 64kB alloca() in many commonly
used functions. Others use constructs liks gid_t buffer[NGROUPS_MAX]
which is 256kB or stack strings with MAX_ARG_STRLEN.

This will become especially dangerous for suid binaries and the default
no limit for the stack size limit because those applications can be
tricked to consume a large portion of the stack and a single glibc call
could jump over the guard page. These attacks are not theoretical,
unfortunatelly.

Make those attacks less probable by increasing the stack guard gap
to 1MB (on systems with 4k pages; but make it depend on the page size
because systems with larger base pages might cap stack allocations in
the PAGE_SIZE units) which should cover larger alloca() and VLA stack
allocations. It is obviously not a full fix because the problem is
somehow inherent, but it should reduce attack space a lot.

One could argue that the gap size should be configurable from userspace,
but that can be done later when somebody finds that the new 1MB is wrong
for some special case applications.  For now, add a kernel command line
option (stack_guard_gap) to specify the stack gap size (in page units).

Implementation wise, first delete all the old code for stack guard page:
because although we could get away with accounting one extra page in a
stack vma, accounting a larger gap can break userspace - case in point,
a program run with "ulimit -S -v 20000" failed when the 1MB gap was
counted for RLIMIT_AS; similar problems could come with RLIMIT_MLOCK
and strict non-overcommit mode.

Instead of keeping gap inside the stack vma, maintain the stack guard
gap as a gap between vmas: using vm_start_gap() in place of vm_start
(or vm_end_gap() in place of vm_end if VM_GROWSUP) in just those few
places which need to respect the gap - mainly arch_get_unmapped_area(),
and and the vma tree's subtree_gap support for that.

Original-patch-by: Oleg Nesterov <oleg@redhat.com>
Original-patch-by: Michal Hocko <mhocko@suse.com>
Signed-off-by: Hugh Dickins <hughd@google.com>
Acked-by: Michal Hocko <mhocko@suse.com>
Tested-by: Helge Deller <deller@gmx.de> # parisc
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
[wt: backport to 4.11: adjust context]
[wt: backport to 4.9: adjust context ; kernel doc was not in admin-guide]
[wt: backport to 4.4: adjust context ; drop ppc hugetlb_radix changes]
[wt: backport to 3.18: adjust context ; no FOLL_POPULATE ;
     s390 uses generic arch_get_unmapped_area()]
Signed-off-by: Willy Tarreau <w@1wt.eu>
[gkh: minor build fixes for 3.18]
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
xtensa: move parse_tag_fdt out of #ifdef CONFIG_BLK_DEV_INITRD 2017-04-18T05:55:49+00:00 Max Filippov jcmvbkbc@gmail.com 2017-01-03T17:37:34+00:00 b05814a7b4552d54cbb6e32cfc4beef35b9bbc52 commit 4ab18701c66552944188dbcd0ce0012729baab84 upstream. FDT tag parsing is not related to whether BLK_DEV_INITRD is configured or not, move it out of the corresponding #ifdef/#endif block. This fixes passing external FDT to the kernel configured w/o BLK_DEV_INITRD support. Signed-off-by: Max Filippov <jcmvbkbc@gmail.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 
commit 4ab18701c66552944188dbcd0ce0012729baab84 upstream.

FDT tag parsing is not related to whether BLK_DEV_INITRD is configured
or not, move it out of the corresponding #ifdef/#endif block.
This fixes passing external FDT to the kernel configured w/o
BLK_DEV_INITRD support.

Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
xtensa: clear all DBREAKC registers on start 2016-04-18T12:49:28+00:00 Max Filippov jcmvbkbc@gmail.com 2016-03-03T15:34:29+00:00 a4e6ab6425bda36516505a15afa96f76ffa64cb7 [ Upstream commit 7de7ac785ae18a2cdc78d7560f48e3213d9ea0ab ] There are XCHAL_NUM_DBREAK registers, clear them all. This also fixes cryptic assembler error message with binutils 2.25 when XCHAL_NUM_DBREAK is 0: as: out of memory allocating 18446744073709551575 bytes after a total of 495616 bytes Cc: stable@vger.kernel.org Signed-off-by: Max Filippov <jcmvbkbc@gmail.com> Signed-off-by: Sasha Levin <sasha.levin@oracle.com> 
[ Upstream commit 7de7ac785ae18a2cdc78d7560f48e3213d9ea0ab ]

There are XCHAL_NUM_DBREAK registers, clear them all.
This also fixes cryptic assembler error message with binutils 2.25 when
XCHAL_NUM_DBREAK is 0:

  as: out of memory allocating 18446744073709551575 bytes after a total
  of 495616 bytes

Cc: stable@vger.kernel.org
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Sasha Levin <sasha.levin@oracle.com>
xtensa: fix kernel register spilling 2015-10-28T02:14:47+00:00 Max Filippov jcmvbkbc@gmail.com 2015-07-16T07:41:02+00:00 ab0a85f0cb4fcf6390d223d53bddf9478a8a27f9 [ Upstream commit 77d6273e79e3a86552fcf10cdd31a69b46ed2ce6 ] call12 can't be safely used as the first call in the inline function, because the compiler does not extend the stack frame of the bounding function accordingly, which may result in corruption of local variables. If a call needs to be done, do call8 first followed by call12. For pure assembly code in _switch_to increase stack frame size of the bounding function. Cc: stable@vger.kernel.org Signed-off-by: Max Filippov <jcmvbkbc@gmail.com> Signed-off-by: Sasha Levin <sasha.levin@oracle.com> 
[ Upstream commit 77d6273e79e3a86552fcf10cdd31a69b46ed2ce6 ]

call12 can't be safely used as the first call in the inline function,
because the compiler does not extend the stack frame of the bounding
function accordingly, which may result in corruption of local variables.

If a call needs to be done, do call8 first followed by call12.

For pure assembly code in _switch_to increase stack frame size of the
bounding function.

Cc: stable@vger.kernel.org
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Sasha Levin <sasha.levin@oracle.com>
xtensa: fix threadptr reload on return to userspace 2015-10-28T02:14:46+00:00 Max Filippov jcmvbkbc@gmail.com 2015-07-04T12:27:39+00:00 b8a64ee186718fd0cd6616c907a89254f6583d3a [ Upstream commit 4229fb12a03e5da5882b420b0aa4a02e77447b86 ] Userspace return code may skip restoring THREADPTR register if there are no registers that need to be zeroed. This leads to spurious failures in libc NPTL tests. Always restore THREADPTR on return to userspace. Cc: stable@vger.kernel.org Signed-off-by: Max Filippov <jcmvbkbc@gmail.com> Signed-off-by: Sasha Levin <sasha.levin@oracle.com> 
[ Upstream commit 4229fb12a03e5da5882b420b0aa4a02e77447b86 ]

Userspace return code may skip restoring THREADPTR register if there are
no registers that need to be zeroed. This leads to spurious failures in
libc NPTL tests.

Always restore THREADPTR on return to userspace.

Cc: stable@vger.kernel.org
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Sasha Levin <sasha.levin@oracle.com>
Merge git://git.infradead.org/users/eparis/audit 2014-10-19T23:25:56+00:00 Linus Torvalds torvalds@linux-foundation.org 2014-10-19T23:25:56+00:00 ab074ade9c33b3585da86d62e87bcb3e897a3f54 Pull audit updates from Eric Paris: "So this change across a whole bunch of arches really solves one basic problem. We want to audit when seccomp is killing a process. seccomp hooks in before the audit syscall entry code. audit_syscall_entry took as an argument the arch of the given syscall. Since the arch is part of what makes a syscall number meaningful it's an important part of the record, but it isn't available when seccomp shoots the syscall... For most arch's we have a better way to get the arch (syscall_get_arch) So the solution was two fold: Implement syscall_get_arch() everywhere there is audit which didn't have it. Use syscall_get_arch() in the seccomp audit code. Having syscall_get_arch() everywhere meant it was a useless flag on the stack and we could get rid of it for the typical syscall entry. The other changes inside the audit system aren't grand, fixed some records that had invalid spaces. Better locking around the task comm field. Removing some dead functions and structs. Make some things static. Really minor stuff" * git://git.infradead.org/users/eparis/audit: (31 commits) audit: rename audit_log_remove_rule to disambiguate for trees audit: cull redundancy in audit_rule_change audit: WARN if audit_rule_change called illegally audit: put rule existence check in canonical order next: openrisc: Fix build audit: get comm using lock to avoid race in string printing audit: remove open_arg() function that is never used audit: correct AUDIT_GET_FEATURE return message type audit: set nlmsg_len for multicast messages. audit: use union for audit_field values since they are mutually exclusive audit: invalid op= values for rules audit: use atomic_t to simplify audit_serial() kernel/audit.c: use ARRAY_SIZE instead of sizeof/sizeof[0] audit: reduce scope of audit_log_fcaps audit: reduce scope of audit_net_id audit: arm64: Remove the audit arch argument to audit_syscall_entry arm64: audit: Add audit hook in syscall_trace_enter/exit() audit: x86: drop arch from __audit_syscall_entry() interface sparc: implement is_32bit_task sparc: properly conditionalize use of TIF_32BIT ... 
Pull audit updates from Eric Paris:
 "So this change across a whole bunch of arches really solves one basic
  problem.  We want to audit when seccomp is killing a process.  seccomp
  hooks in before the audit syscall entry code.  audit_syscall_entry
  took as an argument the arch of the given syscall.  Since the arch is
  part of what makes a syscall number meaningful it's an important part
  of the record, but it isn't available when seccomp shoots the
  syscall...

  For most arch's we have a better way to get the arch (syscall_get_arch)
  So the solution was two fold: Implement syscall_get_arch() everywhere
  there is audit which didn't have it.  Use syscall_get_arch() in the
  seccomp audit code.  Having syscall_get_arch() everywhere meant it was
  a useless flag on the stack and we could get rid of it for the typical
  syscall entry.

  The other changes inside the audit system aren't grand, fixed some
  records that had invalid spaces.  Better locking around the task comm
  field.  Removing some dead functions and structs.  Make some things
  static.  Really minor stuff"

* git://git.infradead.org/users/eparis/audit: (31 commits)
  audit: rename audit_log_remove_rule to disambiguate for trees
  audit: cull redundancy in audit_rule_change
  audit: WARN if audit_rule_change called illegally
  audit: put rule existence check in canonical order
  next: openrisc: Fix build
  audit: get comm using lock to avoid race in string printing
  audit: remove open_arg() function that is never used
  audit: correct AUDIT_GET_FEATURE return message type
  audit: set nlmsg_len for multicast messages.
  audit: use union for audit_field values since they are mutually exclusive
  audit: invalid op= values for rules
  audit: use atomic_t to simplify audit_serial()
  kernel/audit.c: use ARRAY_SIZE instead of sizeof/sizeof[0]
  audit: reduce scope of audit_log_fcaps
  audit: reduce scope of audit_net_id
  audit: arm64: Remove the audit arch argument to audit_syscall_entry
  arm64: audit: Add audit hook in syscall_trace_enter/exit()
  audit: x86: drop arch from __audit_syscall_entry() interface
  sparc: implement is_32bit_task
  sparc: properly conditionalize use of TIF_32BIT
  ...
ARCH: AUDIT: audit_syscall_entry() should not require the arch 2014-09-23T20:21:26+00:00 Eric Paris eparis@redhat.com 2014-03-11T17:29:28+00:00 91397401bb5072f71e8ce8744ad0bdec3e875a91 We have a function where the arch can be queried, syscall_get_arch(). So rather than have every single piece of arch specific code use and/or duplicate syscall_get_arch(), just have the audit code use the syscall_get_arch() code. Based-on-patch-by: Richard Briggs <rgb@redhat.com> Signed-off-by: Eric Paris <eparis@redhat.com> Cc: linux-alpha@vger.kernel.org Cc: linux-arm-kernel@lists.infradead.org Cc: linux-ia64@vger.kernel.org Cc: microblaze-uclinux@itee.uq.edu.au Cc: linux-mips@linux-mips.org Cc: linux@lists.openrisc.net Cc: linux-parisc@vger.kernel.org Cc: linuxppc-dev@lists.ozlabs.org Cc: linux-s390@vger.kernel.org Cc: linux-sh@vger.kernel.org Cc: sparclinux@vger.kernel.org Cc: user-mode-linux-devel@lists.sourceforge.net Cc: linux-xtensa@linux-xtensa.org Cc: x86@kernel.org 
We have a function where the arch can be queried, syscall_get_arch().
So rather than have every single piece of arch specific code use and/or
duplicate syscall_get_arch(), just have the audit code use the
syscall_get_arch() code.

Based-on-patch-by: Richard Briggs <rgb@redhat.com>
Signed-off-by: Eric Paris <eparis@redhat.com>
Cc: linux-alpha@vger.kernel.org
Cc: linux-arm-kernel@lists.infradead.org
Cc: linux-ia64@vger.kernel.org
Cc: microblaze-uclinux@itee.uq.edu.au
Cc: linux-mips@linux-mips.org
Cc: linux@lists.openrisc.net
Cc: linux-parisc@vger.kernel.org
Cc: linuxppc-dev@lists.ozlabs.org
Cc: linux-s390@vger.kernel.org
Cc: linux-sh@vger.kernel.org
Cc: sparclinux@vger.kernel.org
Cc: user-mode-linux-devel@lists.sourceforge.net
Cc: linux-xtensa@linux-xtensa.org
Cc: x86@kernel.org
Merge tag 'xtensa-20140830' of git://github.com/czankel/xtensa-linux 2014-09-01T00:08:42+00:00 Linus Torvalds torvalds@linux-foundation.org 2014-09-01T00:08:42+00:00 05bdb8c90e9973ca5f1d338a697f9582b11a27e2 Pull Xtensa updates from Chris Zankel: "Xtensa improvements for 3.17: - support highmem on cores with aliasing data cache. Enable highmem on kc705 by default - simplify addition of new core variants (no need to modify Kconfig / Makefiles) - improve robustness of unaligned access handler and its interaction with window overflow/underflow exception handlers - deprecate atomic and spill registers syscalls - clean up Kconfig: remove orphan MATH_EMULATION, sort 'select' statements - wire up renameat2 syscall. Various fixes: - fix address checks in dma_{alloc,free}_coherent (runtime BUG) - fix access to THREAD_RA/THREAD_SP/THREAD_DS (debug build breakage) - fix TLBTEMP_BASE_2 region handling in fast_second_level_miss (runtime unrecoverable exception) - fix a6 and a7 handling in fast_syscall_xtensa (runtime userspace register clobbering) - fix kernel/user jump out of fast_unaligned (potential runtime unrecoverabl exception) - replace termios IOCTL code definitions with constants (userspace build breakage)" * tag 'xtensa-20140830' of git://github.com/czankel/xtensa-linux: (25 commits) xtensa: deprecate fast_xtensa and fast_spill_registers syscalls xtensa: don't allow overflow/underflow on unaligned stack xtensa: fix a6 and a7 handling in fast_syscall_xtensa xtensa: allow single-stepping through unaligned load/store xtensa: move invalid unaligned instruction handler closer to its users xtensa: make fast_unaligned store restartable xtensa: add double exception fixup handler for fast_unaligned xtensa: fix kernel/user jump out of fast_unaligned xtensa: configure kc705 for highmem xtensa: support highmem in aliasing cache flushing code xtensa: support aliasing cache in kmap xtensa: support aliasing cache in k[un]map_atomic xtensa: implement clear_user_highpage and copy_user_highpage xtensa: fix TLBTEMP_BASE_2 region handling in fast_second_level_miss xtensa: allow fixmap and kmap span more than one page table xtensa: make fixmap region addressing grow with index xtensa: fix access to THREAD_RA/THREAD_SP/THREAD_DS xtensa: add renameat2 syscall xtensa: fix address checks in dma_{alloc,free}_coherent xtensa: replace IOCTL code definitions with constants ... 
Pull Xtensa updates from Chris Zankel:
 "Xtensa improvements for 3.17:
   - support highmem on cores with aliasing data cache.  Enable highmem
     on kc705 by default
   - simplify addition of new core variants (no need to modify Kconfig /
     Makefiles)
   - improve robustness of unaligned access handler and its interaction
     with window overflow/underflow exception handlers
   - deprecate atomic and spill registers syscalls
   - clean up Kconfig: remove orphan MATH_EMULATION, sort 'select'
     statements
   - wire up renameat2 syscall.

  Various fixes:
   - fix address checks in dma_{alloc,free}_coherent (runtime BUG)
   - fix access to THREAD_RA/THREAD_SP/THREAD_DS (debug build breakage)
   - fix TLBTEMP_BASE_2 region handling in fast_second_level_miss
     (runtime unrecoverable exception)
   - fix a6 and a7 handling in fast_syscall_xtensa (runtime userspace
     register clobbering)
   - fix kernel/user jump out of fast_unaligned (potential runtime
     unrecoverabl exception)
   - replace termios IOCTL code definitions with constants (userspace
     build breakage)"

* tag 'xtensa-20140830' of git://github.com/czankel/xtensa-linux: (25 commits)
  xtensa: deprecate fast_xtensa and fast_spill_registers syscalls
  xtensa: don't allow overflow/underflow on unaligned stack
  xtensa: fix a6 and a7 handling in fast_syscall_xtensa
  xtensa: allow single-stepping through unaligned load/store
  xtensa: move invalid unaligned instruction handler closer to its users
  xtensa: make fast_unaligned store restartable
  xtensa: add double exception fixup handler for fast_unaligned
  xtensa: fix kernel/user jump out of fast_unaligned
  xtensa: configure kc705 for highmem
  xtensa: support highmem in aliasing cache flushing code
  xtensa: support aliasing cache in kmap
  xtensa: support aliasing cache in k[un]map_atomic
  xtensa: implement clear_user_highpage and copy_user_highpage
  xtensa: fix TLBTEMP_BASE_2 region handling in fast_second_level_miss
  xtensa: allow fixmap and kmap span more than one page table
  xtensa: make fixmap region addressing grow with index
  xtensa: fix access to THREAD_RA/THREAD_SP/THREAD_DS
  xtensa: add renameat2 syscall
  xtensa: fix address checks in dma_{alloc,free}_coherent
  xtensa: replace IOCTL code definitions with constants
  ...
flush_icache_range: export symbol to fix build errors 2014-08-29T23:28:17+00:00 Pranith Kumar bobby.prani@gmail.com 2014-08-29T22:19:09+00:00 e3560305192cd51b3c07206c85eb4231594dd58b Fix building errors occuring due to a missing export of flush_icache_range() in kisskb.ellerman.id.au/kisskb/buildresult/11677809/ ERROR: "flush_icache_range" [drivers/misc/lkdtm.ko] undefined! Signed-off-by: Pranith Kumar <bobby.prani@gmail.com> Reported-by: Geert Uytterhoeven <geert@linux-m68k.org> Acked-by: Vineet Gupta <vgupta@synopsys.com> [arc] Acked-by: Richard Kuo <rkuo@codeaurora.org> [hexagon] Cc: Chris Metcalf <cmetcalf@tilera.com> Cc: Chris Zankel <chris@zankel.net> Acked-by: Max Filippov <jcmvbkbc@gmail.com> [xtensa] Cc: Noam Camus <noamc@ezchip.com> Cc: Masami Hiramatsu <masami.hiramatsu.pt@hitachi.com> Acked-by: Zhigang Lu <zlu@tilera.com> [tile] Cc: Kirill Tkhai <tkhai@yandex.ru> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> 
Fix building errors occuring due to a missing export of
flush_icache_range() in

kisskb.ellerman.id.au/kisskb/buildresult/11677809/

ERROR: "flush_icache_range" [drivers/misc/lkdtm.ko] undefined!

Signed-off-by: Pranith Kumar <bobby.prani@gmail.com>
Reported-by: Geert Uytterhoeven <geert@linux-m68k.org>
Acked-by: Vineet Gupta <vgupta@synopsys.com>	[arc]
Acked-by: Richard Kuo <rkuo@codeaurora.org>	[hexagon]
Cc: Chris Metcalf <cmetcalf@tilera.com>
Cc: Chris Zankel <chris@zankel.net>
Acked-by: Max Filippov <jcmvbkbc@gmail.com>	[xtensa]
Cc: Noam Camus <noamc@ezchip.com>
Cc: Masami Hiramatsu <masami.hiramatsu.pt@hitachi.com>
Acked-by: Zhigang Lu <zlu@tilera.com>		[tile]
Cc: Kirill Tkhai <tkhai@yandex.ru>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Merge tag 'xtensa-for-next-20140815' into for_next 2014-08-19T00:30:24+00:00 Chris Zankel chris@zankel.net 2014-08-19T00:30:24+00:00 e792290be763932d1b8cdf8a36d7015482a49d07 Xtensa improvements for 3.17: - support highmem on cores with aliasing data cache. Enable highmem on kc705 by default; - simplify addition of new core variants (no need to modify Kconfig / Makefiles); - improve robustness of unaligned access handler and its interaction with window overflow/underflow exception handlers; - deprecate atomic and spill registers syscalls; - clean up Kconfig: remove orphan MATH_EMULATION, sort 'select' statements; - wire up renameat2 syscall. Various fixes: - fix address checks in dma_{alloc,free}_coherent (runtime BUG); - fix access to THREAD_RA/THREAD_SP/THREAD_DS (debug build breakage); - fix TLBTEMP_BASE_2 region handling in fast_second_level_miss (runtime unrecoverable exception); - fix a6 and a7 handling in fast_syscall_xtensa (runtime userspace register clobbering); - fix kernel/user jump out of fast_unaligned (potential runtime unrecoverable exception); - replace termios IOCTL code definitions with constants (userspace build breakage). Signed-off-by: Chris Zankel <chris@zankel.net> 
Xtensa improvements for 3.17:
- support highmem on cores with aliasing data cache. Enable highmem on kc705
  by default;
- simplify addition of new core variants (no need to modify Kconfig /
  Makefiles);
- improve robustness of unaligned access handler and its interaction with
  window overflow/underflow exception handlers;
- deprecate atomic and spill registers syscalls;
- clean up Kconfig: remove orphan MATH_EMULATION, sort 'select' statements;
- wire up renameat2 syscall.

Various fixes:
- fix address checks in dma_{alloc,free}_coherent (runtime BUG);
- fix access to THREAD_RA/THREAD_SP/THREAD_DS (debug build breakage);
- fix TLBTEMP_BASE_2 region handling in fast_second_level_miss (runtime
  unrecoverable exception);
- fix a6 and a7 handling in fast_syscall_xtensa (runtime userspace register
  clobbering);
- fix kernel/user jump out of fast_unaligned (potential runtime unrecoverable
  exception);
- replace termios IOCTL code definitions with constants (userspace build
  breakage).

Signed-off-by: Chris Zankel <chris@zankel.net>