Patches contributed by Eötvös Lorand University
commit b4ba0ba24b57ec975482f4ba2d350fbee7557240
Merge: a033c332e047 bce7f793daec
Author: Ingo Molnar <mingo@elte.hu>
Date: Mon Jul 14 10:31:59 2008 +0200
Merge commit 'v2.6.26' into core/locking
commit dbbcfb2211761fa69e831a78119c9288fb87eb9d
Merge: b0356cd0e749 9df2fe986770
Author: Ingo Molnar <mingo@elte.hu>
Date: Sun Jul 13 22:52:27 2008 +0200
Merge branch 'linus' into x86/pci-ioapic-boot-irq-quirks
Conflicts:
arch/x86/mm/ioremap.c
Signed-off-by: Ingo Molnar <mingo@elte.hu>
diff --cc arch/x86/mm/ioremap.c
index 45e546c4ba78,d1b867101e5f..115f13ee40c9
--- a/arch/x86/mm/ioremap.c
+++ b/arch/x86/mm/ioremap.c
@@@ -365,7 -388,7 +388,7 @@@ void *xlate_dev_mem_ptr(unsigned long p
if (page_is_ram(start >> PAGE_SHIFT))
return __va(phys);
- addr = (void __force *)ioremap(start, PAGE_SIZE);
- addr = (void *)ioremap_default(start, PAGE_SIZE);
++ addr = (void __force *)ioremap_default(start, PAGE_SIZE);
if (addr)
addr = (void *)((unsigned long)addr | (phys & ~PAGE_MASK));
commit 4f962d4d65923d7b722192e729840cfb79af0a5a
Author: Ingo Molnar <mingo@elte.hu>
Date: Sun Jul 13 21:42:44 2008 +0200
stackprotector: remove self-test
turns out gcc generates such stackprotector-failure sequences
in certain circumstances:
movq -8(%rbp), %rax # D.16032,
xorq %gs:40, %rax #,
jne .L17 #,
leave
ret
.L17:
call __stack_chk_fail #
.size __stack_chk_test_func, .-__stack_chk_test_func
.section .init.text,"ax",@progbits
.type panic_setup, @function
panic_setup:
pushq %rbp #
note that there's no jump back to the failing context after the
call to __stack_chk_fail - i.e. it has a ((noreturn)) attribute.
Which is fair enough in the normal case but kills the self-test.
(as we cannot reliably return in the self-test)
Signed-off-by: Ingo Molnar <mingo@elte.hu>
diff --git a/kernel/panic.c b/kernel/panic.c
index 87445a894c3a..c35c9eca3eb2 100644
--- a/kernel/panic.c
+++ b/kernel/panic.c
@@ -329,62 +329,15 @@ EXPORT_SYMBOL(warn_on_slowpath);
#warning You have selected the CONFIG_CC_STACKPROTECTOR option, but the gcc used does not support this.
#endif
-static unsigned long __stack_check_testing;
-
-/*
- * Self test function for the stack-protector feature.
- * This test requires that the local variable absolutely has
- * a stack slot.
- */
-static noinline void __stack_chk_test_func(void)
-{
- unsigned long dummy_buffer[64]; /* force gcc to use the canary */
-
- current->stack_canary = ~current->stack_canary;
- refresh_stack_canary();
- dummy_buffer[3] = 1; /* fool gcc into keeping the variable */
-}
-
-static int __stack_chk_test(void)
-{
- printk(KERN_INFO "Testing -fstack-protector-all feature\n");
- __stack_check_testing = (unsigned long)&__stack_chk_test_func;
- __stack_chk_test_func();
- if (__stack_check_testing) {
- printk(KERN_ERR "-fstack-protector-all test failed\n");
- WARN_ON(1);
- };
- current->stack_canary = ~current->stack_canary;
- refresh_stack_canary();
- return 0;
-}
/*
* Called when gcc's -fstack-protector feature is used, and
* gcc detects corruption of the on-stack canary value
*/
void __stack_chk_fail(void)
{
- if (__stack_check_testing == (unsigned long)&__stack_chk_test_func) {
- long delta;
-
- delta = (unsigned long)__builtin_return_address(0) -
- __stack_check_testing;
- /*
- * The test needs to happen inside the test function, so
- * check if the return address is close to that function.
- * The function is only 2 dozen bytes long, but keep a wide
- * safety margin to avoid panic()s for normal users regardless
- * of the quality of the compiler.
- */
- if (delta >= 0 && delta <= 400) {
- __stack_check_testing = 0;
- return;
- }
- }
panic("stack-protector: Kernel stack is corrupted in: %p\n",
__builtin_return_address(0));
}
EXPORT_SYMBOL(__stack_chk_fail);
-late_initcall(__stack_chk_test);
#endif
commit 54ef76f37bcccf8c16fbaaed13c3c40825195958
Merge: 032f82786f9b 9df2fe986770
Author: Ingo Molnar <mingo@elte.hu>
Date: Sun Jul 13 08:50:13 2008 +0200
Merge branch 'linus' into sched/devel
commit 1ba89386db0a3f39590b90b5dd20d7149ae52de0
Merge: a26929fb4891 ae94b8075a2e
Author: Ingo Molnar <mingo@elte.hu>
Date: Sat Jul 12 07:30:05 2008 +0200
Merge branch 'x86/core' into x86/x2apic
commit ae94b8075a2ed58d2318ef03827b25bc844f844e
Merge: eca91e7838ec a26929fb4891
Author: Ingo Molnar <mingo@elte.hu>
Date: Sat Jul 12 07:29:02 2008 +0200
Merge branch 'linus' into x86/core
Conflicts:
arch/x86/mm/ioremap.c
Signed-off-by: Ingo Molnar <mingo@elte.hu>
diff --cc arch/x86/mm/ioremap.c
index 45e546c4ba78,d1b867101e5f..115f13ee40c9
--- a/arch/x86/mm/ioremap.c
+++ b/arch/x86/mm/ioremap.c
@@@ -365,7 -388,7 +388,7 @@@ void *xlate_dev_mem_ptr(unsigned long p
if (page_is_ram(start >> PAGE_SHIFT))
return __va(phys);
- addr = (void __force *)ioremap(start, PAGE_SIZE);
- addr = (void *)ioremap_default(start, PAGE_SIZE);
++ addr = (void __force *)ioremap_default(start, PAGE_SIZE);
if (addr)
addr = (void *)((unsigned long)addr | (phys & ~PAGE_MASK));
commit 6c82a000a29b93541b5b7db597a083c069755cc9
Merge: 5b4d2386c23e 39415a440ecc
Author: Ingo Molnar <mingo@elte.hu>
Date: Fri Jul 11 21:22:18 2008 +0200
Merge branch 'x86/generalize-visws' into x86/core
commit d9fc3fd3fab186447b5d2e7db3c2ee149064cc7c
Author: Ingo Molnar <mingo@elte.hu>
Date: Fri Jul 11 19:41:19 2008 +0200
x86: fix savesegment() bug causing crashes on 64-bit
i spent a fair amount of time chasing a 64-bit bootup crash that manifested
itself as bootup segfaults:
S10network[1825]: segfault at 7f3e2b5d16b8 ip 00000031108748c9 sp 00007fffb9c14c70 error 4 in libc-2.7.so[3110800000+14d000]
eventually causing init to die and panic the system:
Kernel panic - not syncing: Attempted to kill init!
Pid: 1, comm: init Not tainted 2.6.26-rc9-tip #13878
after a maratonic bisection session, the bad commit turned out to be:
| b7675791859075418199c7af86a116ea34eaf5bd is first bad commit
| commit b7675791859075418199c7af86a116ea34eaf5bd
| Author: Jeremy Fitzhardinge <jeremy@goop.org>
| Date: Wed Jun 25 00:19:00 2008 -0400
|
| x86: remove open-coded save/load segment operations
|
| This removes a pile of buggy open-coded implementations of savesegment
| and loadsegment.
after some more bisection of this patch itself, it turns out that what
makes the difference are the savesegment() changes to __switch_to().
Taking a look at this portion of arch/x86/kernel/process_64.o revealed
this crutial difference:
| good: 99c: 8c e0 mov %fs,%eax
| 99e: 89 45 cc mov %eax,-0x34(%rbp)
|
| bad: 99c: 8c 65 cc mov %fs,-0x34(%rbp)
which is due to:
| unsigned fsindex;
| - asm volatile("movl %%fs,%0" : "=r" (fsindex));
| + savesegment(fs, fsindex);
savesegment() is implemented as:
#define savesegment(seg, value) \
asm("mov %%" #seg ",%0":"=rm" (value) : : "memory")
note the "m" modifier - it allows GCC to generate the segment move
into a memory operand as well.
But regarding segment operands there's a subtle detail in the x86
instruction set: the above 16-bit moves are zero-extend, but only
if it goes to a register.
If it goes to a memory operand, -0x34(%rbp) in the above case, there's
no zero-extend to 32-bit and the instruction will only save 16 bits
instead of the intended 32-bit.
The other 16 bits is random data - which can cause problems when that
value is used later on.
The solution is to only allow segment operands to go to registers.
This fix allows my test-system to boot up without crashing.
Signed-off-by: Ingo Molnar <mingo@elte.hu>
diff --git a/include/asm-x86/system.h b/include/asm-x86/system.h
index c4946c5964bf..983ce37c491f 100644
--- a/include/asm-x86/system.h
+++ b/include/asm-x86/system.h
@@ -160,7 +160,7 @@ extern void native_load_gs_index(unsigned);
* Save a segment register away
*/
#define savesegment(seg, value) \
- asm("mov %%" #seg ",%0":"=rm" (value) : : "memory")
+ asm("mov %%" #seg ",%0":"=r" (value) : : "memory")
static inline unsigned long get_limit(unsigned long segment)
{
commit b2613e370dbeb69edbff989382fa54f2395aa471
Author: Ingo Molnar <mingo@elte.hu>
Date: Fri Jul 11 16:44:27 2008 +0200
ftrace: build fix for ftraced_suspend
fix:
kernel/trace/ftrace.c:1615: error: 'ftraced_suspend' undeclared (first use in this function)
kernel/trace/ftrace.c:1615: error: (Each undeclared identifier is reported only once
kernel/trace/ftrace.c:1615: error: for each function it appears in.)
Signed-off-by: Ingo Molnar <mingo@elte.hu>
diff --git a/kernel/trace/ftrace.c b/kernel/trace/ftrace.c
index 1359632668a4..4231a3dc224a 100644
--- a/kernel/trace/ftrace.c
+++ b/kernel/trace/ftrace.c
@@ -1612,7 +1612,9 @@ void ftrace_kill_atomic(void)
{
ftrace_disabled = 1;
ftrace_enabled = 0;
+#ifdef CONFIG_DYNAMIC_FTRACE
ftraced_suspend = -1;
+#endif
clear_ftrace_function();
}
commit 3d0decc4f49e8645cd6369b02ed076bebd3d61ad
Author: Ingo Molnar <mingo@elte.hu>
Date: Fri Jul 11 15:09:15 2008 +0200
x86: fix tsc unification buglet with ftrace and stackprotector
Yinghai Lu reported crashes on 64-bit x86:
BUG: unable to handle kernel NULL pointer dereference at 0000000000000000
IP: [<ffffffff80253b17>] hrtick_start_fair+0x89/0x173
[...]
And with a long session of debugging and a lot of difficulty, tracked it down
to this commit:
--------------->
8fbbc4b45ce3e4c0eeb15004c79c72b6896a79c2 is first bad commit
commit 8fbbc4b45ce3e4c0eeb15004c79c72b6896a79c2
Author: Alok Kataria <akataria@vmware.com>
Date: Tue Jul 1 11:43:34 2008 -0700
x86: merge tsc_init and clocksource code
<--------------
The problem is that the TSC unification missed these Makefile rules
in arch/x86/kernel/Makefile:
# Do not profile debug and lowlevel utilities
CFLAGS_REMOVE_tsc_64.o = -pg
CFLAGS_REMOVE_tsc_32.o = -pg
...
CFLAGS_tsc_64.o := $(nostackp)
...
which rules make sure that various instrumentation and debugging
facilities are disabled for code that might end up in a VDSO - such as
the TSC code.
Reported-and-bisected-by: Yinghai Lu <yhlu.kernel@gmail.com>
Signed-off-by: Ingo Molnar <mingo@elte.hu>
Conflicts:
Signed-off-by: Ingo Molnar <mingo@elte.hu>
diff --git a/arch/x86/kernel/Makefile b/arch/x86/kernel/Makefile
index 59b14c940a28..4033d8dc745b 100644
--- a/arch/x86/kernel/Makefile
+++ b/arch/x86/kernel/Makefile
@@ -13,7 +13,7 @@ CPPFLAGS_vmlinux.lds += -U$(UTS_MACHINE)
nostackp := $(call cc-option, -fno-stack-protector)
CFLAGS_vsyscall_64.o := $(PROFILING) -g0 $(nostackp)
CFLAGS_hpet.o := $(nostackp)
-CFLAGS_tsc_64.o := $(nostackp)
+CFLAGS_tsc.o := $(nostackp)
obj-y := process_$(BITS).o signal_$(BITS).o entry_$(BITS).o
obj-y += traps_$(BITS).o irq_$(BITS).o