commit 2ebc8ec86fe0f3f3acf9ba9b41a368f819e7807e · tjh.dev/kernel

tjh.dev / kernel

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

Merge branch 'for-linus' of git://git390.marist.edu/pub/scm/linux-2.6

* 'for-linus' of git://git390.marist.edu/pub/scm/linux-2.6:
[S390] kprobes: Fix the return address of multiple kretprobes
[S390] kprobes: disable interrupts throughout
[S390] ftrace: build without frame pointers on s390
[S390] mm: add devmem_is_allowed() for STRICT_DEVMEM checking
[S390] vmlogrdr: purge after recording is switched off
[S390] cio: fix incorrect ccw_device_init_count
[S390] tape: add medium state notifications
[S390] fix get_user_pages_fast

Linus Torvalds 15 years ago 2ebc8ec8 df6e61d4

+167 -44

8 changed files

expand all

unified split

arch

s390

Kconfig.debug

include

asm

page.h

kernel

kprobes.c

gup.c

drivers

s390

char

tape_core.c

vmlogrdr.c

cio

device.c

kernel

trace

Kconfig

+12

arch/s390/Kconfig.debug

··· 6 6 7 7 source "lib/Kconfig.debug" 8 8 9 + config STRICT_DEVMEM 10 + def_bool y 11 + prompt "Filter access to /dev/mem" 12 + ---help--- 13 + This option restricts access to /dev/mem. If this option is 14 + disabled, you allow userspace access to all memory, including 15 + kernel and userspace memory. Accidental memory access is likely 16 + to be disastrous. 17 + Memory access is required for experts who want to debug the kernel. 18 + 19 + If you are unsure, say Y. 20 + 9 21 config DEBUG_STRICT_USER_COPY_CHECKS 10 22 bool "Strict user copy size checks" 11 23 ---help---

arch/s390/include/asm/page.h

··· 130 130 void arch_free_page(struct page *page, int order); 131 131 void arch_alloc_page(struct page *page, int order); 132 132 133 + static inline int devmem_is_allowed(unsigned long pfn) 134 + { 135 + return 0; 136 + } 137 + 133 138 #define HAVE_ARCH_FREE_PAGE 134 139 #define HAVE_ARCH_ALLOC_PAGE 135 140

+53 -17

arch/s390/kernel/kprobes.c

··· 30 30 #include <asm/sections.h> 31 31 #include <linux/module.h> 32 32 #include <linux/slab.h> 33 + #include <linux/hardirq.h> 33 34 34 35 DEFINE_PER_CPU(struct kprobe *, current_kprobe) = NULL; 35 36 DEFINE_PER_CPU(struct kprobe_ctlblk, kprobe_ctlblk); ··· 213 212 /* Set the PER control regs, turns on single step for this address */ 214 213 __ctl_load(kprobe_per_regs, 9, 11); 215 214 regs->psw.mask |= PSW_MASK_PER; 216 - regs->psw.mask &= ~(PSW_MASK_IO | PSW_MASK_EXT | PSW_MASK_MCHECK); 215 + regs->psw.mask &= ~(PSW_MASK_IO | PSW_MASK_EXT); 217 216 } 218 217 219 218 static void __kprobes save_previous_kprobe(struct kprobe_ctlblk *kcb) ··· 240 239 __get_cpu_var(current_kprobe) = p; 241 240 /* Save the interrupt and per flags */ 242 241 kcb->kprobe_saved_imask = regs->psw.mask & 243 - (PSW_MASK_PER | PSW_MASK_IO | PSW_MASK_EXT | PSW_MASK_MCHECK); 242 + (PSW_MASK_PER | PSW_MASK_IO | PSW_MASK_EXT); 244 243 /* Save the control regs that govern PER */ 245 244 __ctl_store(kcb->kprobe_saved_ctl, 9, 11); 246 245 } ··· 317 316 return 1; 318 317 319 318 ss_probe: 320 - if (regs->psw.mask & (PSW_MASK_PER | PSW_MASK_IO)) 321 - local_irq_disable(); 322 319 prepare_singlestep(p, regs); 323 320 kcb->kprobe_status = KPROBE_HIT_SS; 324 321 return 1; ··· 349 350 struct hlist_node *node, *tmp; 350 351 unsigned long flags, orig_ret_address = 0; 351 352 unsigned long trampoline_address = (unsigned long)&kretprobe_trampoline; 353 + kprobe_opcode_t *correct_ret_addr = NULL; 352 354 353 355 INIT_HLIST_HEAD(&empty_rp); 354 356 kretprobe_hash_lock(current, &head, &flags); ··· 372 372 /* another task is sharing our hash bucket */ 373 373 continue; 374 374 375 - if (ri->rp && ri->rp->handler) 376 - ri->rp->handler(ri, regs); 375 + orig_ret_address = (unsigned long)ri->ret_addr; 376 + 377 + if (orig_ret_address != trampoline_address) 378 + /* 379 + * This is the real return address. Any other 380 + * instances associated with this task are for 381 + * other calls deeper on the call stack 382 + */ 383 + break; 384 + } 385 + 386 + kretprobe_assert(ri, orig_ret_address, trampoline_address); 387 + 388 + correct_ret_addr = ri->ret_addr; 389 + hlist_for_each_entry_safe(ri, node, tmp, head, hlist) { 390 + if (ri->task != current) 391 + /* another task is sharing our hash bucket */ 392 + continue; 377 393 378 394 orig_ret_address = (unsigned long)ri->ret_addr; 395 + 396 + if (ri->rp && ri->rp->handler) { 397 + ri->ret_addr = correct_ret_addr; 398 + ri->rp->handler(ri, regs); 399 + } 400 + 379 401 recycle_rp_inst(ri, &empty_rp); 380 402 381 403 if (orig_ret_address != trampoline_address) { ··· 409 387 break; 410 388 } 411 389 } 412 - kretprobe_assert(ri, orig_ret_address, trampoline_address); 390 + 413 391 regs->psw.addr = orig_ret_address | PSW_ADDR_AMODE; 414 392 415 393 reset_current_kprobe(); ··· 487 465 goto out; 488 466 } 489 467 reset_current_kprobe(); 490 - if (regs->psw.mask & (PSW_MASK_PER | PSW_MASK_IO)) 491 - local_irq_enable(); 492 468 out: 493 469 preempt_enable_no_resched(); 494 470 ··· 502 482 return 1; 503 483 } 504 484 505 - int __kprobes kprobe_fault_handler(struct pt_regs *regs, int trapnr) 485 + static int __kprobes kprobe_trap_handler(struct pt_regs *regs, int trapnr) 506 486 { 507 487 struct kprobe *cur = kprobe_running(); 508 488 struct kprobe_ctlblk *kcb = get_kprobe_ctlblk(); ··· 528 508 restore_previous_kprobe(kcb); 529 509 else { 530 510 reset_current_kprobe(); 531 - if (regs->psw.mask & (PSW_MASK_PER | PSW_MASK_IO)) 532 - local_irq_enable(); 533 511 } 534 512 preempt_enable_no_resched(); 535 513 break; ··· 571 553 return 0; 572 554 } 573 555 556 + int __kprobes kprobe_fault_handler(struct pt_regs *regs, int trapnr) 557 + { 558 + int ret; 559 + 560 + if (regs->psw.mask & (PSW_MASK_IO | PSW_MASK_EXT)) 561 + local_irq_disable(); 562 + ret = kprobe_trap_handler(regs, trapnr); 563 + if (regs->psw.mask & (PSW_MASK_IO | PSW_MASK_EXT)) 564 + local_irq_restore(regs->psw.mask & ~PSW_MASK_PER); 565 + return ret; 566 + } 567 + 574 568 /* 575 569 * Wrapper routine to for handling exceptions. 576 570 */ ··· 590 560 unsigned long val, void *data) 591 561 { 592 562 struct die_args *args = (struct die_args *)data; 563 + struct pt_regs *regs = args->regs; 593 564 int ret = NOTIFY_DONE; 565 + 566 + if (regs->psw.mask & (PSW_MASK_IO | PSW_MASK_EXT)) 567 + local_irq_disable(); 594 568 595 569 switch (val) { 596 570 case DIE_BPT: ··· 606 572 ret = NOTIFY_STOP; 607 573 break; 608 574 case DIE_TRAP: 609 - /* kprobe_running() needs smp_processor_id() */ 610 - preempt_disable(); 611 - if (kprobe_running() && 612 - kprobe_fault_handler(args->regs, args->trapnr)) 575 + if (!preemptible() && kprobe_running() && 576 + kprobe_trap_handler(args->regs, args->trapnr)) 613 577 ret = NOTIFY_STOP; 614 - preempt_enable(); 615 578 break; 616 579 default: 617 580 break; 618 581 } 582 + 583 + if (regs->psw.mask & (PSW_MASK_IO | PSW_MASK_EXT)) 584 + local_irq_restore(regs->psw.mask & ~PSW_MASK_PER); 585 + 619 586 return ret; 620 587 } 621 588 ··· 630 595 631 596 /* setup return addr to the jprobe handler routine */ 632 597 regs->psw.addr = (unsigned long)(jp->entry) | PSW_ADDR_AMODE; 598 + regs->psw.mask &= ~(PSW_MASK_IO | PSW_MASK_EXT); 633 599 634 600 /* r14 is the function return address */ 635 601 kcb->jprobe_saved_r14 = (unsigned long)regs->gprs[14];

+3 -4

arch/s390/mm/gup.c

··· 20 20 static inline int gup_pte_range(pmd_t *pmdp, pmd_t pmd, unsigned long addr, 21 21 unsigned long end, int write, struct page **pages, int *nr) 22 22 { 23 - unsigned long mask, result; 23 + unsigned long mask; 24 24 pte_t *ptep, pte; 25 25 struct page *page; 26 26 27 - result = write ? 0 : _PAGE_RO; 28 - mask = result | _PAGE_INVALID | _PAGE_SPECIAL; 27 + mask = (write ? _PAGE_RO : 0) | _PAGE_INVALID | _PAGE_SPECIAL; 29 28 30 29 ptep = ((pte_t *) pmd_deref(pmd)) + pte_index(addr); 31 30 do { 32 31 pte = *ptep; 33 32 barrier(); 34 - if ((pte_val(pte) & mask) != result) 33 + if ((pte_val(pte) & mask) != 0) 35 34 return 0; 36 35 VM_BUG_ON(!pfn_valid(pte_pfn(pte))); 37 36 page = pte_page(pte);

+59 -9

drivers/s390/char/tape_core.c

··· 209 209 wake_up(&device->state_change_wq); 210 210 } 211 211 212 + struct tape_med_state_work_data { 213 + struct tape_device *device; 214 + enum tape_medium_state state; 215 + struct work_struct work; 216 + }; 217 + 218 + static void 219 + tape_med_state_work_handler(struct work_struct *work) 220 + { 221 + static char env_state_loaded[] = "MEDIUM_STATE=LOADED"; 222 + static char env_state_unloaded[] = "MEDIUM_STATE=UNLOADED"; 223 + struct tape_med_state_work_data *p = 224 + container_of(work, struct tape_med_state_work_data, work); 225 + struct tape_device *device = p->device; 226 + char *envp[] = { NULL, NULL }; 227 + 228 + switch (p->state) { 229 + case MS_UNLOADED: 230 + pr_info("%s: The tape cartridge has been successfully " 231 + "unloaded\n", dev_name(&device->cdev->dev)); 232 + envp[0] = env_state_unloaded; 233 + kobject_uevent_env(&device->cdev->dev.kobj, KOBJ_CHANGE, envp); 234 + break; 235 + case MS_LOADED: 236 + pr_info("%s: A tape cartridge has been mounted\n", 237 + dev_name(&device->cdev->dev)); 238 + envp[0] = env_state_loaded; 239 + kobject_uevent_env(&device->cdev->dev.kobj, KOBJ_CHANGE, envp); 240 + break; 241 + default: 242 + break; 243 + } 244 + tape_put_device(device); 245 + kfree(p); 246 + } 247 + 248 + static void 249 + tape_med_state_work(struct tape_device *device, enum tape_medium_state state) 250 + { 251 + struct tape_med_state_work_data *p; 252 + 253 + p = kzalloc(sizeof(*p), GFP_ATOMIC); 254 + if (p) { 255 + INIT_WORK(&p->work, tape_med_state_work_handler); 256 + p->device = tape_get_device(device); 257 + p->state = state; 258 + schedule_work(&p->work); 259 + } 260 + } 261 + 212 262 void 213 263 tape_med_state_set(struct tape_device *device, enum tape_medium_state newstate) 214 264 { 215 - if (device->medium_state == newstate) 265 + enum tape_medium_state oldstate; 266 + 267 + oldstate = device->medium_state; 268 + if (oldstate == newstate) 216 269 return; 270 + device->medium_state = newstate; 217 271 switch(newstate){ 218 272 case MS_UNLOADED: 219 273 device->tape_generic_status |= GMT_DR_OPEN(~0); 220 - if (device->medium_state == MS_LOADED) 221 - pr_info("%s: The tape cartridge has been successfully " 222 - "unloaded\n", dev_name(&device->cdev->dev)); 274 + if (oldstate == MS_LOADED) 275 + tape_med_state_work(device, MS_UNLOADED); 223 276 break; 224 277 case MS_LOADED: 225 278 device->tape_generic_status &= ~GMT_DR_OPEN(~0); 226 - if (device->medium_state == MS_UNLOADED) 227 - pr_info("%s: A tape cartridge has been mounted\n", 228 - dev_name(&device->cdev->dev)); 279 + if (oldstate == MS_UNLOADED) 280 + tape_med_state_work(device, MS_LOADED); 229 281 break; 230 282 default: 231 - // print nothing 232 283 break; 233 284 } 234 - device->medium_state = newstate; 235 285 wake_up(&device->state_change_wq); 236 286 } 237 287

+24 -12

drivers/s390/char/vmlogrdr.c

··· 249 249 char cp_command[80]; 250 250 char cp_response[160]; 251 251 char *onoff, *qid_string; 252 + int rc; 252 253 253 - memset(cp_command, 0x00, sizeof(cp_command)); 254 - memset(cp_response, 0x00, sizeof(cp_response)); 255 - 256 - onoff = ((action == 1) ? "ON" : "OFF"); 254 + onoff = ((action == 1) ? "ON" : "OFF"); 257 255 qid_string = ((recording_class_AB == 1) ? " QID * " : ""); 258 256 259 - /* 257 + /* 260 258 * The recording commands needs to be called with option QID 261 259 * for guests that have previlege classes A or B. 262 260 * Purging has to be done as separate step, because recording 263 261 * can't be switched on as long as records are on the queue. 264 262 * Doing both at the same time doesn't work. 265 263 */ 266 - 267 - if (purge) { 264 + if (purge && (action == 1)) { 265 + memset(cp_command, 0x00, sizeof(cp_command)); 266 + memset(cp_response, 0x00, sizeof(cp_response)); 268 267 snprintf(cp_command, sizeof(cp_command), 269 268 "RECORDING %s PURGE %s", 270 269 logptr->recording_name, 271 270 qid_string); 272 - 273 271 cpcmd(cp_command, cp_response, sizeof(cp_response), NULL); 274 272 } 275 273 ··· 277 279 logptr->recording_name, 278 280 onoff, 279 281 qid_string); 280 - 281 282 cpcmd(cp_command, cp_response, sizeof(cp_response), NULL); 282 283 /* The recording command will usually answer with 'Command complete' 283 284 * on success, but when the specific service was never connected 284 285 * before then there might be an additional informational message 285 286 * 'HCPCRC8072I Recording entry not found' before the 286 - * 'Command complete'. So I use strstr rather then the strncmp. 287 + * 'Command complete'. So I use strstr rather then the strncmp. 287 288 */ 288 289 if (strstr(cp_response,"Command complete")) 289 - return 0; 290 + rc = 0; 290 291 else 291 - return -EIO; 292 + rc = -EIO; 293 + /* 294 + * If we turn recording off, we have to purge any remaining records 295 + * afterwards, as a large number of queued records may impact z/VM 296 + * performance. 297 + */ 298 + if (purge && (action == 0)) { 299 + memset(cp_command, 0x00, sizeof(cp_command)); 300 + memset(cp_response, 0x00, sizeof(cp_response)); 301 + snprintf(cp_command, sizeof(cp_command), 302 + "RECORDING %s PURGE %s", 303 + logptr->recording_name, 304 + qid_string); 305 + cpcmd(cp_command, cp_response, sizeof(cp_response), NULL); 306 + } 292 307 308 + return rc; 293 309 } 294 310 295 311

+10 -1

drivers/s390/cio/device.c

··· 1455 1455 break; 1456 1456 case IO_SCH_UNREG_ATTACH: 1457 1457 case IO_SCH_UNREG: 1458 - if (cdev) 1458 + if (!cdev) 1459 + break; 1460 + if (cdev->private->state == DEV_STATE_SENSE_ID) { 1461 + /* 1462 + * Note: delayed work triggered by this event 1463 + * and repeated calls to sch_event are synchronized 1464 + * by the above check for work_pending(cdev). 1465 + */ 1466 + dev_fsm_event(cdev, DEV_EVENT_NOTOPER); 1467 + } else 1459 1468 ccw_device_set_notoper(cdev); 1460 1469 break; 1461 1470 case IO_SCH_NOP:

+1 -1

kernel/trace/Kconfig

··· 126 126 config FUNCTION_TRACER 127 127 bool "Kernel Function Tracer" 128 128 depends on HAVE_FUNCTION_TRACER 129 - select FRAME_POINTER if (!ARM_UNWIND) 129 + select FRAME_POINTER if !ARM_UNWIND && !S390 130 130 select KALLSYMS 131 131 select GENERIC_TRACER 132 132 select CONTEXT_SWITCH_TRACER