linux-stable.git/arch, branch linux-2.6.16.y Linux kernel stable tree [IA64] Fix unaligned handler for floating point instructions with base update 2008-07-19T20:45:33+00:00 Tony Luck tony.luck@intel.com 2008-07-19T20:45:33+00:00 1cd89cf10141ba63da2696db80727e753331d0ab The compiler team did the hard work for this distilling a problem in large fortran application which showed up when applied to a 290MB input data set down to this instruction: ldfd f34=[r17],-8 Which they noticed incremented r17 by 0x10 rather than decrementing it by 8 when the value in r17 caused an unaligned data fault. I tracked it down to some bad instruction decoding in unaligned.c. The code assumes that the 'x' bit can determine whether the instruction is an "ldf" or "ldfp" ... which it is for opcode=6 (see table 4-29 on page 3:302 of the SDM). But for opcode=7 the 'x' bit is irrelevent, all variants are "ldf" instructions (see table 4-36 on page 3:306). Note also that interpreting the instruction as "ldfp" means that the "paired" floating point register (f35 in the example here) will also be corrupted. Signed-off-by: Tony Luck <tony.luck@intel.com> Signed-off-by: Adrian Bunk <bunk@kernel.org> 
The compiler team did the hard work for this distilling a problem in
large fortran application which showed up when applied to a 290MB input
data set down to this instruction:

        ldfd f34=[r17],-8

Which they noticed incremented r17 by 0x10 rather than decrementing it
by 8 when the value in r17 caused an unaligned data fault.  I tracked
it down to some bad instruction decoding in unaligned.c. The code
assumes that the 'x' bit can determine whether the instruction is
an "ldf" or "ldfp" ... which it is for opcode=6 (see table 4-29 on
page 3:302 of the SDM).  But for opcode=7 the 'x' bit is irrelevent,
all variants are "ldf" instructions (see table 4-36 on page 3:306).

Note also that interpreting the instruction as "ldfp" means that the
"paired" floating point register (f35 in the example here) will also
be corrupted.

Signed-off-by: Tony Luck <tony.luck@intel.com>
Signed-off-by: Adrian Bunk <bunk@kernel.org>
alpha: build fixes - force architecture 2008-07-19T13:15:43+00:00 Ivan Kokshaysky ink@jurassic.park.msu.ru 2008-07-19T13:15:43+00:00 30cf9e8ec698e2ae4c0d9aaa918dbf35c1f611f6 Override compiler .arch directive for generic kernel build. Signed-off-by: Ivan Kokshaysky <ink@jurassic.park.msu.ru> Signed-off-by: Richard Henderson <rth@twiddle.net> Signed-off-by: Adrian Bunk <bunk@kernel.org> 
Override compiler .arch directive for generic kernel build.

Signed-off-by: Ivan Kokshaysky <ink@jurassic.park.msu.ru>
Signed-off-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Adrian Bunk <bunk@kernel.org>
x86: Replace NSC/Cyrix specific chipset access macros by inlined functions. 2008-07-14T18:08:34+00:00 Juergen Beisert juergen@kreuzholzen.de 2008-07-06T15:17:23+00:00 69731ebbb3d2283c2c33a2bf262d785e2362b876 Due to index register access ordering problems, when using macros a line like this fails (and does nothing): setCx86(CX86_CCR2, getCx86(CX86_CCR2) | 0x88); With inlined functions this line will work as expected. Note about a side effect: Seems on Geode GX1 based systems the "suspend on halt power saving feature" was never enabled due to this wrong macro expansion. With inlined functions it will be enabled, but this will stop the TSC when the CPU runs into a HLT instruction. Kernel output something like this: Clocksource tsc unstable (delta = -472746897 ns) This is the 3rd version of this patch. - Adding missed arch/i386/kernel/cpu/mtrr/state.c Thanks to Andres Salomon - Adding some big fat comments into the new header file Suggested by Andi Kleen AK: fixed x86-64 compilation Adrian Bunk: Added workaround for x86_64 compilation. Signed-off-by: Juergen Beisert <juergen@kreuzholzen.de> Signed-off-by: Andi Kleen <ak@suse.de> Signed-off-by: Adrian Bunk <bunk@kernel.org> 
Due to index register access ordering problems, when using macros a line
like this fails (and does nothing):

    setCx86(CX86_CCR2, getCx86(CX86_CCR2) | 0x88);

With inlined functions this line will work as expected.

Note about a side effect: Seems on Geode GX1 based systems the
"suspend on halt power saving feature" was never enabled due to this
wrong macro expansion. With inlined functions it will be enabled, but
this will stop the TSC when the CPU runs into a HLT instruction.
Kernel output something like this:
    Clocksource tsc unstable (delta = -472746897 ns)

This is the 3rd version of this patch.

 - Adding missed arch/i386/kernel/cpu/mtrr/state.c
    Thanks to Andres Salomon
 - Adding some big fat comments into the new header file
    Suggested by Andi Kleen

AK: fixed x86-64 compilation

Adrian Bunk:
Added workaround for x86_64 compilation.

Signed-off-by: Juergen Beisert <juergen@kreuzholzen.de>
Signed-off-by: Andi Kleen <ak@suse.de>
Signed-off-by: Adrian Bunk <bunk@kernel.org>
[SPARC64]: Fix endless loop in cheetah_xcall_deliver(). 2008-01-15T23:11:38+00:00 David S. Miller davem@davemloft.net 2008-01-15T21:09:59+00:00 3902b59254456107f77820ad42c7f27640f648e9 [ Upsteam commit: 0de56d1ab83323d604d95ca193dcbd28388dbabb ] We need to mask out the proper bits when testing the dispatch status register else we can see unrelated NACK bits from previous cross call sends. Signed-off-by: David S. Miller <davem@davemloft.net> Signed-off-by: Adrian Bunk <bunk@kernel.org> 
[ Upsteam commit: 0de56d1ab83323d604d95ca193dcbd28388dbabb ]

We need to mask out the proper bits when testing the dispatch status
register else we can see unrelated NACK bits from previous cross call
sends.

Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Adrian Bunk <bunk@kernel.org>
i386: fixup TRACE_IRQ breakage 2007-11-13T07:46:02+00:00 Peter Zijlstra a.p.zijlstra@chello.nl 2007-11-13T07:46:02+00:00 9c78b87bdfc519a9b73300c288a70cd4ee9f79c3 The TRACE_IRQS_ON function in iret_exc: calls a C function without ensuring that the segments are set properly. Move the trace function and the enabling of interrupt into the C stub. Signed-off-by: Peter Zijlstra <a.p.zijlstra@chello.nl> Signed-off-by: Adrian Bunk <bunk@kernel.org> 
The TRACE_IRQS_ON function in iret_exc: calls a C function without
ensuring that the segments are set properly. Move the trace function and
the enabling of interrupt into the C stub.

Signed-off-by: Peter Zijlstra <a.p.zijlstra@chello.nl>
Signed-off-by: Adrian Bunk <bunk@kernel.org>
Handle bogus %cs selector in single-step instruction decoding (CVE-2007-3731) 2007-11-13T07:43:25+00:00 Roland McGrath roland@redhat.com 2007-11-13T07:43:25+00:00 08cdcb569ebc93e60861931f113e59814d0f8ef7 The code for LDT segment selectors was not robust in the face of a bogus selector set in %cs via ptrace before the single-step was done. Signed-off-by: Roland McGrath <roland@redhat.com> Signed-off-by: Adrian Bunk <bunk@kernel.org> 
The code for LDT segment selectors was not robust in the face of a bogus
selector set in %cs via ptrace before the single-step was done.

Signed-off-by: Roland McGrath <roland@redhat.com>
Signed-off-by: Adrian Bunk <bunk@kernel.org>
[SPARC64]: Fix show_stack() when stack argument is NULL. 2007-11-02T21:56:18+00:00 David S. Miller davem@davemloft.net 2007-11-02T21:56:18+00:00 a52dfa535d04a5246927b9863a5e6209c5832582 It didn't handle that case at all, and now dump_stack() can be implemented directly as show_stack(current, NULL) Signed-off-by: David S. Miller <davem@davemloft.net> Signed-off-by: Adrian Bunk <bunk@kernel.org> 
It didn't handle that case at all, and now dump_stack()
can be implemented directly as show_stack(current, NULL)

Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Adrian Bunk <bunk@kernel.org>
[SPARC64] pass correct addr in get_fb_unmapped_area(MAP_FIXED) 2007-11-01T02:57:51+00:00 Chris Wright chrisw@sous-sol.org 2007-10-24T19:54:41+00:00 9c456953203c95a8a9f959aa8d650a9be32d3e48 Looks like the MAP_FIXED case is using the wrong address hint. I'd expect the comment "don't mess with it" means pass the request straight on through, not change the address requested to -ENOMEM. Signed-off-by: Chris Wright <chrisw@sous-sol.org> Signed-off-by: David S. Miller <davem@davemloft.net> Signed-off-by: Adrian Bunk <bunk@kernel.org> 
Looks like the MAP_FIXED case is using the wrong address hint.  I'd
expect the comment "don't mess with it" means pass the request
straight on through, not change the address requested to -ENOMEM.

Signed-off-by: Chris Wright <chrisw@sous-sol.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Adrian Bunk <bunk@kernel.org>
[IA64] fix ia64 is_hugepage_only_range 2007-10-28T20:40:41+00:00 Ken Chen kenneth.w.chen@intel.com 2007-10-28T20:40:41+00:00 42ea9d4b9da1bb26d519f91c9464fd093c7a56a2 fix is_hugepage_only_range() definition to be "overlaps" instead of "within architectural restricted hugetlb address range". Simplify the ia64 specific code that used to use is_hugepage_only_range() to just check which region the address is in. Signed-off-by: Ken Chen <kenneth.w.chen@intel.com> Signed-off-by: Tony Luck <tony.luck@intel.com> Signed-off-by: Adrian Bunk <bunk@kernel.org> 
fix is_hugepage_only_range() definition to be "overlaps"
instead of "within architectural restricted hugetlb address
range".  Simplify the ia64 specific code that used to use
is_hugepage_only_range() to just check which region the
address is in.

Signed-off-by: Ken Chen <kenneth.w.chen@intel.com>
Signed-off-by: Tony Luck <tony.luck@intel.com>
Signed-off-by: Adrian Bunk <bunk@kernel.org>
x86: HUGETLBFS and DEBUG_PAGEALLOC are incompatible 2007-10-18T23:59:17+00:00 Ken Chen kenneth.w.chen@intel.com 2007-10-18T23:59:17+00:00 a5cfb0763d650c4d5b801338136ea64746d807f8 DEBUG_PAGEALLOC is not compatible with hugetlb page support. That debug option turns off PSE. Once it is turned off in CR4, the cpu will ignore pse bit in the pmd and causing infinite page-not- present faults. So disable DEBUG_PAGEALLOC if the user selected hugetlbfs. Signed-off-by: Ken Chen <kenneth.w.chen@intel.com> Signed-off-by: Adrian Bunk <bunk@kernel.org> 
DEBUG_PAGEALLOC is not compatible with hugetlb page support.  That debug
option turns off PSE.  Once it is turned off in CR4, the cpu will ignore
pse bit in the pmd and causing infinite page-not- present faults.

So disable DEBUG_PAGEALLOC if the user selected hugetlbfs.

Signed-off-by: Ken Chen <kenneth.w.chen@intel.com>
Signed-off-by: Adrian Bunk <bunk@kernel.org>