From 256d7bf619e84b948489fad7273e31c7d2798f33 Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman Date: Thu, 2 Oct 2014 17:06:42 -0700 Subject: [PATCH] 3.10-stable patches added patches: arm-7897-1-kexec-use-the-right-isa-for-relocate_new_kernel.patch arm-8128-1-abort-don-t-clear-the-exclusive-monitors.patch arm-8133-1-use-irq_set_affinity-with-force-false-when-migrating-irqs.patch arm-8165-1-alignment-don-t-break-misaligned-neon-load-store.patch --- ...he-right-isa-for-relocate_new_kernel.patch | 105 ++++++++++++++++++ ...t-don-t-clear-the-exclusive-monitors.patch | 72 ++++++++++++ ...with-force-false-when-migrating-irqs.patch | 57 ++++++++++ ...n-t-break-misaligned-neon-load-store.patch | 42 +++++++ queue-3.10/series | 4 + 5 files changed, 280 insertions(+) create mode 100644 queue-3.10/arm-7897-1-kexec-use-the-right-isa-for-relocate_new_kernel.patch create mode 100644 queue-3.10/arm-8128-1-abort-don-t-clear-the-exclusive-monitors.patch create mode 100644 queue-3.10/arm-8133-1-use-irq_set_affinity-with-force-false-when-migrating-irqs.patch create mode 100644 queue-3.10/arm-8165-1-alignment-don-t-break-misaligned-neon-load-store.patch diff --git a/queue-3.10/arm-7897-1-kexec-use-the-right-isa-for-relocate_new_kernel.patch b/queue-3.10/arm-7897-1-kexec-use-the-right-isa-for-relocate_new_kernel.patch new file mode 100644 index 00000000000..953902ecaed --- /dev/null +++ b/queue-3.10/arm-7897-1-kexec-use-the-right-isa-for-relocate_new_kernel.patch @@ -0,0 +1,105 @@ +From e2ccba49085ab5d71b092de2a5176eb9b19cc876 Mon Sep 17 00:00:00 2001 +From: Dave Martin +Date: Mon, 25 Nov 2013 14:54:47 +0100 +Subject: ARM: 7897/1: kexec: Use the right ISA for relocate_new_kernel + +From: Dave Martin + +commit e2ccba49085ab5d71b092de2a5176eb9b19cc876 upstream. + +Copying a function with memcpy() and then trying to execute the +result isn't trivially portable to Thumb. + +This patch modifies the kexec soft restart code to copy its +assembler trampoline relocate_new_kernel() using fncpy() instead, +so that relocate_new_kernel can be in the same ISA as the rest of +the kernel without problems. + +Signed-off-by: Dave Martin +Acked-by: Will Deacon +Reported-by: Taras Kondratiuk +Tested-by: Taras Kondratiuk +Signed-off-by: Russell King +Integrated-by: Liu Hua +Signed-off-by: Liu Hua +Signed-off-by: Greg Kroah-Hartman +--- + arch/arm/kernel/machine_kexec.c | 17 ++++++++++------- + arch/arm/kernel/relocate_kernel.S | 8 ++++++-- + 2 files changed, 16 insertions(+), 9 deletions(-) + +--- a/arch/arm/kernel/machine_kexec.c ++++ b/arch/arm/kernel/machine_kexec.c +@@ -14,10 +14,11 @@ + #include + #include + #include ++#include + #include + #include + +-extern const unsigned char relocate_new_kernel[]; ++extern void relocate_new_kernel(void); + extern const unsigned int relocate_new_kernel_size; + + extern unsigned long kexec_start_address; +@@ -133,6 +134,8 @@ void machine_kexec(struct kimage *image) + { + unsigned long page_list; + unsigned long reboot_code_buffer_phys; ++ unsigned long reboot_entry = (unsigned long)relocate_new_kernel; ++ unsigned long reboot_entry_phys; + void *reboot_code_buffer; + + if (num_online_cpus() > 1) { +@@ -156,18 +159,18 @@ void machine_kexec(struct kimage *image) + + + /* copy our kernel relocation code to the control code page */ +- memcpy(reboot_code_buffer, +- relocate_new_kernel, relocate_new_kernel_size); ++ reboot_entry = fncpy(reboot_code_buffer, ++ reboot_entry, ++ relocate_new_kernel_size); ++ reboot_entry_phys = (unsigned long)reboot_entry + ++ (reboot_code_buffer_phys - (unsigned long)reboot_code_buffer); + +- +- flush_icache_range((unsigned long) reboot_code_buffer, +- (unsigned long) reboot_code_buffer + KEXEC_CONTROL_PAGE_SIZE); + printk(KERN_INFO "Bye!\n"); + + if (kexec_reinit) + kexec_reinit(); + +- soft_restart(reboot_code_buffer_phys); ++ soft_restart(reboot_entry_phys); + } + + void arch_crash_save_vmcoreinfo(void) +--- a/arch/arm/kernel/relocate_kernel.S ++++ b/arch/arm/kernel/relocate_kernel.S +@@ -2,10 +2,12 @@ + * relocate_kernel.S - put the kernel image in place to boot + */ + ++#include + #include + +- .globl relocate_new_kernel +-relocate_new_kernel: ++ .align 3 /* not needed for this code, but keeps fncpy() happy */ ++ ++ENTRY(relocate_new_kernel) + + ldr r0,kexec_indirection_page + ldr r1,kexec_start_address +@@ -79,6 +81,8 @@ kexec_mach_type: + kexec_boot_atags: + .long 0x0 + ++ENDPROC(relocate_new_kernel) ++ + relocate_new_kernel_end: + + .globl relocate_new_kernel_size diff --git a/queue-3.10/arm-8128-1-abort-don-t-clear-the-exclusive-monitors.patch b/queue-3.10/arm-8128-1-abort-don-t-clear-the-exclusive-monitors.patch new file mode 100644 index 00000000000..903236d1337 --- /dev/null +++ b/queue-3.10/arm-8128-1-abort-don-t-clear-the-exclusive-monitors.patch @@ -0,0 +1,72 @@ +From 85868313177700d20644263a782351262d2aff84 Mon Sep 17 00:00:00 2001 +From: Mark Rutland +Date: Fri, 15 Aug 2014 12:11:49 +0100 +Subject: ARM: 8128/1: abort: don't clear the exclusive monitors + +From: Mark Rutland + +commit 85868313177700d20644263a782351262d2aff84 upstream. + +The ARMv6 and ARMv7 early abort handlers clear the exclusive monitors +upon entry to the kernel, but this is redundant: + + - We clear the monitors on every exception return since commit + 200b812d0084 ("Clear the exclusive monitor when returning from an + exception"), so this is not necessary to ensure the monitors are + cleared before returning from a fault handler. + + - Any dummy STREX will target a temporary scratch area in memory, and + may succeed or fail without corrupting useful data. Its status value + will not be used. + + - Any other STREX in the kernel must be preceded by an LDREX, which + will initialise the monitors consistently and will not depend on the + earlier state of the monitors. + +Therefore we have no reason to care about the initial state of the +exclusive monitors when a data abort is taken, and clearing the monitors +prior to exception return (as we already do) is sufficient. + +This patch removes the redundant clearing of the exclusive monitors from +the early abort handlers. + +Signed-off-by: Mark Rutland +Acked-by: Will Deacon +Signed-off-by: Russell King +Signed-off-by: Greg Kroah-Hartman + +--- + arch/arm/mm/abort-ev6.S | 6 ------ + arch/arm/mm/abort-ev7.S | 6 ------ + 2 files changed, 12 deletions(-) + +--- a/arch/arm/mm/abort-ev6.S ++++ b/arch/arm/mm/abort-ev6.S +@@ -17,12 +17,6 @@ + */ + .align 5 + ENTRY(v6_early_abort) +-#ifdef CONFIG_CPU_V6 +- sub r1, sp, #4 @ Get unused stack location +- strex r0, r1, [r1] @ Clear the exclusive monitor +-#elif defined(CONFIG_CPU_32v6K) +- clrex +-#endif + mrc p15, 0, r1, c5, c0, 0 @ get FSR + mrc p15, 0, r0, c6, c0, 0 @ get FAR + /* +--- a/arch/arm/mm/abort-ev7.S ++++ b/arch/arm/mm/abort-ev7.S +@@ -13,12 +13,6 @@ + */ + .align 5 + ENTRY(v7_early_abort) +- /* +- * The effect of data aborts on on the exclusive access monitor are +- * UNPREDICTABLE. Do a CLREX to clear the state +- */ +- clrex +- + mrc p15, 0, r1, c5, c0, 0 @ get FSR + mrc p15, 0, r0, c6, c0, 0 @ get FAR + diff --git a/queue-3.10/arm-8133-1-use-irq_set_affinity-with-force-false-when-migrating-irqs.patch b/queue-3.10/arm-8133-1-use-irq_set_affinity-with-force-false-when-migrating-irqs.patch new file mode 100644 index 00000000000..895afa8b694 --- /dev/null +++ b/queue-3.10/arm-8133-1-use-irq_set_affinity-with-force-false-when-migrating-irqs.patch @@ -0,0 +1,57 @@ +From a040803a9d6b8c1876d3487a5cb69602ebcbb82c Mon Sep 17 00:00:00 2001 +From: Sudeep Holla +Date: Mon, 1 Sep 2014 17:14:29 +0100 +Subject: ARM: 8133/1: use irq_set_affinity with force=false when migrating irqs + +From: Sudeep Holla + +commit a040803a9d6b8c1876d3487a5cb69602ebcbb82c upstream. + +Since commit 1dbfa187dad ("ARM: irq migration: force migration off CPU +going down") the ARM interrupt migration code on cpu offline calls +irqchip.irq_set_affinity() with the argument force=true. At the point +of this change the argument had no effect because it was not used by +any interrupt chip driver and there was no semantics defined. + +This changed with commit 01f8fa4f01d8 ("genirq: Allow forcing cpu +affinity of interrupts") which made the force argument useful to route +interrupts to not yet online cpus without checking the target cpu +against the cpu online mask. The following commit ffde1de64012 +("irqchip: gic: Support forced affinity setting") implemented this for +the GIC interrupt controller. + +As a consequence the ARM cpu offline irq migration fails if CPU0 is +offlined, because CPU0 is still set in the affinity mask and the +validataion against cpu online mask is skipped to the force argument +being true. The following first_cpu(mask) selection always selects +CPU0 as the target. + +Solve the issue by calling irq_set_affinity() with force=false from +the CPU offline irq migration code so the GIC driver validates the +affinity mask against CPU online mask and therefore removes CPU0 from +the possible target candidates. + +Tested on TC2 hotpluging CPU0 in and out. Without this patch the system +locks up as the IRQs are not migrated away from CPU0. + +Signed-off-by: Sudeep Holla +Acked-by: Thomas Gleixner +Acked-by: Mark Rutland +Signed-off-by: Russell King +Signed-off-by: Greg Kroah-Hartman + +--- + arch/arm/kernel/irq.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/arch/arm/kernel/irq.c ++++ b/arch/arm/kernel/irq.c +@@ -163,7 +163,7 @@ static bool migrate_one_irq(struct irq_d + c = irq_data_get_irq_chip(d); + if (!c->irq_set_affinity) + pr_debug("IRQ%u: unable to set affinity\n", d->irq); +- else if (c->irq_set_affinity(d, affinity, true) == IRQ_SET_MASK_OK && ret) ++ else if (c->irq_set_affinity(d, affinity, false) == IRQ_SET_MASK_OK && ret) + cpumask_copy(d->affinity, affinity); + + return ret; diff --git a/queue-3.10/arm-8165-1-alignment-don-t-break-misaligned-neon-load-store.patch b/queue-3.10/arm-8165-1-alignment-don-t-break-misaligned-neon-load-store.patch new file mode 100644 index 00000000000..59f0cf2b657 --- /dev/null +++ b/queue-3.10/arm-8165-1-alignment-don-t-break-misaligned-neon-load-store.patch @@ -0,0 +1,42 @@ +From 5ca918e5e3f9df4634077c06585c42bc6a8d699a Mon Sep 17 00:00:00 2001 +From: Robin Murphy +Date: Thu, 25 Sep 2014 11:56:19 +0100 +Subject: ARM: 8165/1: alignment: don't break misaligned NEON load/store + +From: Robin Murphy + +commit 5ca918e5e3f9df4634077c06585c42bc6a8d699a upstream. + +The alignment fixup incorrectly decodes faulting ARM VLDn/VSTn +instructions (where the optional alignment hint is given but incorrect) +as LDR/STR, leading to register corruption. Detect these and correctly +treat them as unhandled, so that userspace gets the fault it expects. + +Reported-by: Simon Hosie +Signed-off-by: Robin Murphy +Signed-off-by: Russell King +Signed-off-by: Greg Kroah-Hartman + +--- + arch/arm/mm/alignment.c | 3 +++ + 1 file changed, 3 insertions(+) + +--- a/arch/arm/mm/alignment.c ++++ b/arch/arm/mm/alignment.c +@@ -39,6 +39,7 @@ + * This code is not portable to processors with late data abort handling. + */ + #define CODING_BITS(i) (i & 0x0e000000) ++#define COND_BITS(i) (i & 0xf0000000) + + #define LDST_I_BIT(i) (i & (1 << 26)) /* Immediate constant */ + #define LDST_P_BIT(i) (i & (1 << 24)) /* Preindex */ +@@ -812,6 +813,8 @@ do_alignment(unsigned long addr, unsigne + break; + + case 0x04000000: /* ldr or str immediate */ ++ if (COND_BITS(instr) == 0xf0000000) /* NEON VLDn, VSTn */ ++ goto bad; + offset.un = OFFSET_BITS(instr); + handler = do_alignment_ldrstr; + break; diff --git a/queue-3.10/series b/queue-3.10/series index 385cfc1f5c0..52598294e7f 100644 --- a/queue-3.10/series +++ b/queue-3.10/series @@ -61,3 +61,7 @@ usb-dwc3-omap-fix-ordering-for-runtime-pm-calls.patch usb-hub-set-hub-change_bits-when-over-current-happens.patch nfsv4-nfs4_state_manager-vs.-nfs_server_remove_lists.patch nfsv4-fix-another-bug-in-the-close-open_downgrade-code.patch +arm-8128-1-abort-don-t-clear-the-exclusive-monitors.patch +arm-8133-1-use-irq_set_affinity-with-force-false-when-migrating-irqs.patch +arm-7897-1-kexec-use-the-right-isa-for-relocate_new_kernel.patch +arm-8165-1-alignment-don-t-break-misaligned-neon-load-store.patch -- 2.47.3