linux.git/arch/sh/kernel/entry-common.S, branch v4.19 Linux kernel source tree sh: fix debug trap failure to process signals before return to user 2018-04-12T23:47:52+00:00 Rich Felker dalias@libc.org 2018-03-16T00:01:36+00:00 96a598996f6ac518ac79839ecbb17c91af91f4f7 When responding to a debug trap (breakpoint) in userspace, the kernel's trap handler raised SIGTRAP but returned from the trap via a code path that ignored pending signals, resulting in an infinite loop re-executing the trapping instruction. Signed-off-by: Rich Felker <dalias@libc.org> 
When responding to a debug trap (breakpoint) in userspace, the
kernel's trap handler raised SIGTRAP but returned from the trap via a
code path that ignored pending signals, resulting in an infinite loop
re-executing the trapping instruction.

Signed-off-by: Rich Felker <dalias@libc.org>
sh: provide unified syscall trap compatible with all SH models 2016-03-17T19:46:06+00:00 Rich Felker dalias@libc.org 2015-12-17T01:04:25+00:00 3623d138213aedf0e2c89720f6a3cd0e164cb310 Historically SH-2 Linux (and originally uClinux) used a syscall calling convention incompatible with the established SH-3/4 Linux ABI. This choice was made because the trap range used by the existing ABI, 0x10-0x17, overlaps with the hardware exception/interrupt trap range reserved by SH-2, and in particular, with the SH-2A divide-by-zero and division-overflow exceptions. Despite the documented syscall convention using the low bits of the trap number to signal the number of arguments the kernel should expect, no version of the kernel has ever used this information, nor is it useful; all of the registers need to be saved anyway. Therefore, it is possible to pick a new trap number, 0x1f, that is both supported by all existing SH-3/4 kernels and unassigned as a hardware trap in the SH-2 range. This makes it possible to produce SH-2 application binaries that are forwards-compatible with running on SH-3/4 kernels and to treat SH as a unified platform with varying ISA support levels rather than multiple gratuitously-incompatible platforms. This patch adjusts the range checking SH-2 and SH-2A kernels make for the syscall trap to accept the range 0x1f-0x2f rather than just 0x20-0x2f. As a result, trap 0x1f now acts as a syscall for all SH models. Signed-off-by: Rich Felker <dalias@libc.org> 
Historically SH-2 Linux (and originally uClinux) used a syscall
calling convention incompatible with the established SH-3/4 Linux ABI.
This choice was made because the trap range used by the existing ABI,
0x10-0x17, overlaps with the hardware exception/interrupt trap range
reserved by SH-2, and in particular, with the SH-2A divide-by-zero and
division-overflow exceptions.

Despite the documented syscall convention using the low bits of the
trap number to signal the number of arguments the kernel should
expect, no version of the kernel has ever used this information, nor
is it useful; all of the registers need to be saved anyway. Therefore,
it is possible to pick a new trap number, 0x1f, that is both supported
by all existing SH-3/4 kernels and unassigned as a hardware trap in
the SH-2 range. This makes it possible to produce SH-2 application
binaries that are forwards-compatible with running on SH-3/4 kernels
and to treat SH as a unified platform with varying ISA support levels
rather than multiple gratuitously-incompatible platforms.

This patch adjusts the range checking SH-2 and SH-2A kernels make for
the syscall trap to accept the range 0x1f-0x2f rather than just
0x20-0x2f. As a result, trap 0x1f now acts as a syscall for all SH
models.

Signed-off-by: Rich Felker <dalias@libc.org>
sh: push extra copy of r0-r2 for syscall parameters 2014-04-03T23:20:52+00:00 Bobby Bingham koorogi@koorogi.info 2014-04-03T21:46:39+00:00 abafe5d9b04648a2f699202e9ae2d15ffe44c3a3 When invoking syscall handlers on sh32, the saved userspace registers are at the top of the stack. This seems to have been intentional, as it is an easy way to pass r0, r1, ... to the handler as parameters 5, 6, ... It causes problems, however, because the compiler is allowed to generate code for a function which clobbers that function's own parameters. For example, gcc generates the following code for clone: <SyS_clone>: mov.l 8c020714 <SyS_clone+0xc>,r1 ! 8c020540 <do_fork> mov.l r7,@r15 mov r6,r7 jmp @r1 mov #0,r6 nop .word 0x0540 .word 0x8c02 The `mov.l r7,@r15` clobbers the saved value of r0 passed from userspace. For most system calls, this might not be a problem, because we'll be overwriting r0 with the return value anyway. But in the case of clone, copy_thread will need the original value of r0 if the CLONE_SETTLS flag was specified. The first patch in this series fixes this issue for system calls by pushing to the stack and extra copy of r0-r2 before invoking the handler. We discard this copy before restoring the userspace registers, so it is not a problem if they are clobbered. Exception handlers also receive the userspace register values in a similar manner, and may hit the same problem. The second patch removes the do_fpu_error handler, which looks susceptible to this problem and which, as far as I can tell, has not been used in some time. The third patch addresses other exception handlers. This patch (of 3): The userspace registers are stored at the top of the stack when the syscall handler is invoked, which allows r0-r2 to act as parameters 5-7. Parameters passed on the stack may be clobbered by the syscall handler. The solution is to push an extra copy of the registers which might be used as syscall parameters to the stack, so that the authoritative set of saved register values does not get clobbered. A few system call handlers are also updated to get the userspace registers using current_pt_regs() instead of from the stack. Signed-off-by: Bobby Bingham <koorogi@koorogi.info> Cc: Paul Mundt <paul.mundt@gmail.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> 
When invoking syscall handlers on sh32, the saved userspace registers
are at the top of the stack.  This seems to have been intentional, as it
is an easy way to pass r0, r1, ...  to the handler as parameters 5, 6,
...

It causes problems, however, because the compiler is allowed to generate
code for a function which clobbers that function's own parameters.  For
example, gcc generates the following code for clone:

    <SyS_clone>:
        mov.l   8c020714 <SyS_clone+0xc>,r1  ! 8c020540 <do_fork>
        mov.l   r7,@r15
        mov     r6,r7
        jmp     @r1
        mov     #0,r6
        nop
        .word 0x0540
        .word 0x8c02

The `mov.l r7,@r15` clobbers the saved value of r0 passed from
userspace.  For most system calls, this might not be a problem, because
we'll be overwriting r0 with the return value anyway.  But in the case
of clone, copy_thread will need the original value of r0 if the
CLONE_SETTLS flag was specified.

The first patch in this series fixes this issue for system calls by
pushing to the stack and extra copy of r0-r2 before invoking the
handler.  We discard this copy before restoring the userspace registers,
so it is not a problem if they are clobbered.

Exception handlers also receive the userspace register values in a
similar manner, and may hit the same problem.  The second patch removes
the do_fpu_error handler, which looks susceptible to this problem and
which, as far as I can tell, has not been used in some time.  The third
patch addresses other exception handlers.

This patch (of 3):

The userspace registers are stored at the top of the stack when the
syscall handler is invoked, which allows r0-r2 to act as parameters 5-7.
Parameters passed on the stack may be clobbered by the syscall handler.
The solution is to push an extra copy of the registers which might be
used as syscall parameters to the stack, so that the authoritative set
of saved register values does not get clobbered.

A few system call handlers are also updated to get the userspace
registers using current_pt_regs() instead of from the stack.

Signed-off-by: Bobby Bingham <koorogi@koorogi.info>
Cc: Paul Mundt <paul.mundt@gmail.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
preempt: Make PREEMPT_ACTIVE generic 2013-11-13T19:21:47+00:00 Thomas Gleixner tglx@linutronix.de 2013-09-17T18:53:09+00:00 00d1a39e69d5afa7523dad515a05b21abd17c389 No point in having this bit defined by architecture. Signed-off-by: Thomas Gleixner <tglx@linutronix.de> Acked-by: Peter Zijlstra <peterz@infradead.org> Link: http://lkml.kernel.org/r/20130917183629.090698799@linutronix.de 
No point in having this bit defined by architecture.

Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Acked-by: Peter Zijlstra <peterz@infradead.org>
Link: http://lkml.kernel.org/r/20130917183629.090698799@linutronix.de
sh: switch to generic kernel_thread()/kernel_execve() 2012-10-23T02:31:01+00:00 Al Viro viro@zeniv.linux.org.uk 2012-10-14T05:41:42+00:00 7147e215480323bb2617fcebf585c447188ff760 Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> 
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
sh: Fix up TIF_NOTIFY_RESUME sans TIF_SIGPENDING handling. 2012-09-18T08:04:37+00:00 Al Viro viro@zeniv.linux.org.uk 2012-09-18T08:04:37+00:00 5e071e2b4b82599f07cce5e1d2d272feb462950c As Al notes, we missed a TIF_NOTIFY_RESUME check which caused any handlers without TIF_SIGPENDING also set to skip the notification: Looks like while it is in the relevant masks *and* checked in do_notify_resume() both on 32bit and 64bit variants since commit ab99c733ae73cce31f2a2434f7099564e5a73d95 ("sh: Make syscall tracer use tracehook notifiers, add TIF_NOTIFY_RESUME.") they are actually *not* reached without simulataneous SIGPENDING, since the actual glue in the callers had not been updated back then and still checks for _TIF_SIGPENDING alone when deciding whether to hit do_notify_resume() or not. Reported-by: Nobuhiro Iwamatsu <nobuhiro.iwamatsu.yj@renesas.com> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> Tested-by: Nobuhiro Iwamatsu <nobuhiro.iwamatsu.yj@renesas.com> Signed-off-by: Paul Mundt <lethal@linux-sh.org> 
As Al notes, we missed a TIF_NOTIFY_RESUME check which caused any
handlers without TIF_SIGPENDING also set to skip the notification:

	Looks like while it is in the relevant masks *and* checked in
	do_notify_resume() both on 32bit and 64bit variants since commit
	ab99c733ae73cce31f2a2434f7099564e5a73d95 ("sh: Make syscall tracer
	use tracehook notifiers, add TIF_NOTIFY_RESUME.") they are
	actually *not* reached without simulataneous SIGPENDING, since
	the actual glue in the callers had not been updated back then and
	still checks for _TIF_SIGPENDING alone when deciding whether to
	hit do_notify_resume() or not.

Reported-by: Nobuhiro Iwamatsu <nobuhiro.iwamatsu.yj@renesas.com>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Tested-by: Nobuhiro Iwamatsu <nobuhiro.iwamatsu.yj@renesas.com>
Signed-off-by: Paul Mundt <lethal@linux-sh.org>
sh: Ensure IRQs are enabled across do_notify_resume(). 2012-01-10T07:30:37+00:00 Paul Mundt lethal@linux-sh.org 2012-01-10T07:30:37+00:00 6330c04bb455e10eb6cc6d2552a593af54c6dd96 do_notify_resume() can trigger the freezer via the try_to_freeze() path (both explicitly through a redundant call in do_signal() or via get_signal_to_deliver()). That IRQs were disabled across this callsite became apparent with the might_sleep() introduction in try_to_freeze() by Tejun in a0acae0e886d44bd5ce6d2f173c1ace0fcf0d9f6, resulting in: BUG: sleeping function called from invalid context at include/linux/freezer.h:45 in_atomic(): 0, irqs_disabled(): 1, pid: 819, name: ntpd no locks held by ntpd/819. Stack: (0x9c81be80 to 0x9c81c000) ... Signed-off-by: Paul Mundt <lethal@linux-sh.org> 
do_notify_resume() can trigger the freezer via the try_to_freeze() path
(both explicitly through a redundant call in do_signal() or via
get_signal_to_deliver()). That IRQs were disabled across this callsite
became apparent with the might_sleep() introduction in try_to_freeze() by
Tejun in a0acae0e886d44bd5ce6d2f173c1ace0fcf0d9f6, resulting in:

	BUG: sleeping function called from invalid context at include/linux/freezer.h:45
	in_atomic(): 0, irqs_disabled(): 1, pid: 819, name: ntpd
	no locks held by ntpd/819.
	Stack: (0x9c81be80 to 0x9c81c000)
	...

Signed-off-by: Paul Mundt <lethal@linux-sh.org>
sh: Correct the offset of the return address in ret_from_exception 2010-02-08T01:46:46+00:00 Matt Fleming matt@console-pimps.org 2010-01-27T20:05:20+00:00 142698282ceb6811ad3482c218b7292037cb67ff The address that ret_from_exception and ret_from_irq will return to is found in the stack slot for SPC, not PR. This error was causing the DWARF unwinder to pick up the wrong return address on the stack and then unwind using the unwind tables for the wrong function. While I'm here I might as well add CFI annotations for the other registers since they could be useful when unwinding. Signed-off-by: Matt Fleming <matt@console-pimps.org> Signed-off-by: Paul Mundt <lethal@linux-sh.org> 
The address that ret_from_exception and ret_from_irq will return to is
found in the stack slot for SPC, not PR. This error was causing the
DWARF unwinder to pick up the wrong return address on the stack and then
unwind using the unwind tables for the wrong function.

While I'm here I might as well add CFI annotations for the other
registers since they could be useful when unwinding.

Signed-off-by: Matt Fleming <matt@console-pimps.org>
Signed-off-by: Paul Mundt <lethal@linux-sh.org>
sh: TS_RESTORE_SIGMASK conversion. 2009-10-14T07:05:42+00:00 Paul Mundt lethal@linux-sh.org 2009-10-14T07:05:42+00:00 56bfc42f6cba3e831094c01a23fbbb17a20bbdf8 Replace TIF_RESTORE_SIGMASK with TS_RESTORE_SIGMASK and define our own set_restore_sigmask() function. This saves the costly SMP-safe set_bit operation, which we do not need for the sigmask flag since TIF_SIGPENDING always has to be set too. Based on the x86 and powerpc change. Signed-off-by: Paul Mundt <lethal@linux-sh.org> 
Replace TIF_RESTORE_SIGMASK with TS_RESTORE_SIGMASK and define our own
set_restore_sigmask() function.  This saves the costly SMP-safe set_bit
operation, which we do not need for the sigmask flag since TIF_SIGPENDING
always has to be set too.

Based on the x86 and powerpc change.

Signed-off-by: Paul Mundt <lethal@linux-sh.org>
sh: Fix a TRACE_IRQS_OFF typo. 2009-10-14T06:50:28+00:00 Paul Mundt lethal@linux-sh.org 2009-10-14T06:50:28+00:00 457b646189e47f9d48588809da3e806ec363f219 The resume_userspace path had TRACE_IRQS_OFF written incorrectly and so never handled the transition properly. This was fixed once before but seems to have made it back in the tree. Fix it for good. Signed-off-by: Paul Mundt <lethal@linux-sh.org> 
The resume_userspace path had TRACE_IRQS_OFF written incorrectly and so
never handled the transition properly. This was fixed once before but
seems to have made it back in the tree. Fix it for good.

Signed-off-by: Paul Mundt <lethal@linux-sh.org>