Linux kernel mirror (for testing)
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
tjh.dev
kernel
os
linux
Merge branch 'for-linus' of git://git390.marist.edu/pub/scm/linux-2.6
* 'for-linus' of git://git390.marist.edu/pub/scm/linux-2.6:
[S390] kprobes: Fix the return address of multiple kretprobes
[S390] kprobes: disable interrupts throughout
[S390] ftrace: build without frame pointers on s390
[S390] mm: add devmem_is_allowed() for STRICT_DEVMEM checking
[S390] vmlogrdr: purge after recording is switched off
[S390] cio: fix incorrect ccw_device_init_count
[S390] tape: add medium state notifications
[S390] fix get_user_pages_fast
+12
arch/s390/Kconfig.debug
+12
arch/s390/Kconfig.debug
···
6
7
source "lib/Kconfig.debug"
8
9
+
config STRICT_DEVMEM
10
+
def_bool y
11
+
prompt "Filter access to /dev/mem"
12
+
---help---
13
+
This option restricts access to /dev/mem. If this option is
14
+
disabled, you allow userspace access to all memory, including
15
+
kernel and userspace memory. Accidental memory access is likely
16
+
to be disastrous.
17
+
Memory access is required for experts who want to debug the kernel.
18
+
19
+
If you are unsure, say Y.
20
+
21
config DEBUG_STRICT_USER_COPY_CHECKS
22
bool "Strict user copy size checks"
23
---help---
+5
arch/s390/include/asm/page.h
+5
arch/s390/include/asm/page.h
+53
-17
arch/s390/kernel/kprobes.c
+53
-17
arch/s390/kernel/kprobes.c
···
30
#include <asm/sections.h>
31
#include <linux/module.h>
32
#include <linux/slab.h>
33
34
DEFINE_PER_CPU(struct kprobe *, current_kprobe) = NULL;
35
DEFINE_PER_CPU(struct kprobe_ctlblk, kprobe_ctlblk);
···
213
/* Set the PER control regs, turns on single step for this address */
214
__ctl_load(kprobe_per_regs, 9, 11);
215
regs->psw.mask |= PSW_MASK_PER;
216
-
regs->psw.mask &= ~(PSW_MASK_IO | PSW_MASK_EXT | PSW_MASK_MCHECK);
217
}
218
219
static void __kprobes save_previous_kprobe(struct kprobe_ctlblk *kcb)
···
240
__get_cpu_var(current_kprobe) = p;
241
/* Save the interrupt and per flags */
242
kcb->kprobe_saved_imask = regs->psw.mask &
243
-
(PSW_MASK_PER | PSW_MASK_IO | PSW_MASK_EXT | PSW_MASK_MCHECK);
244
/* Save the control regs that govern PER */
245
__ctl_store(kcb->kprobe_saved_ctl, 9, 11);
246
}
···
317
return 1;
318
319
ss_probe:
320
-
if (regs->psw.mask & (PSW_MASK_PER | PSW_MASK_IO))
321
-
local_irq_disable();
322
prepare_singlestep(p, regs);
323
kcb->kprobe_status = KPROBE_HIT_SS;
324
return 1;
···
349
struct hlist_node *node, *tmp;
350
unsigned long flags, orig_ret_address = 0;
351
unsigned long trampoline_address = (unsigned long)&kretprobe_trampoline;
352
353
INIT_HLIST_HEAD(&empty_rp);
354
kretprobe_hash_lock(current, &head, &flags);
···
372
/* another task is sharing our hash bucket */
373
continue;
374
375
-
if (ri->rp && ri->rp->handler)
376
-
ri->rp->handler(ri, regs);
377
378
orig_ret_address = (unsigned long)ri->ret_addr;
379
recycle_rp_inst(ri, &empty_rp);
380
381
if (orig_ret_address != trampoline_address) {
···
409
break;
410
}
411
}
412
-
kretprobe_assert(ri, orig_ret_address, trampoline_address);
413
regs->psw.addr = orig_ret_address | PSW_ADDR_AMODE;
414
415
reset_current_kprobe();
···
487
goto out;
488
}
489
reset_current_kprobe();
490
-
if (regs->psw.mask & (PSW_MASK_PER | PSW_MASK_IO))
491
-
local_irq_enable();
492
out:
493
preempt_enable_no_resched();
494
···
502
return 1;
503
}
504
505
-
int __kprobes kprobe_fault_handler(struct pt_regs *regs, int trapnr)
506
{
507
struct kprobe *cur = kprobe_running();
508
struct kprobe_ctlblk *kcb = get_kprobe_ctlblk();
···
528
restore_previous_kprobe(kcb);
529
else {
530
reset_current_kprobe();
531
-
if (regs->psw.mask & (PSW_MASK_PER | PSW_MASK_IO))
532
-
local_irq_enable();
533
}
534
preempt_enable_no_resched();
535
break;
···
571
return 0;
572
}
573
574
/*
575
* Wrapper routine to for handling exceptions.
576
*/
···
590
unsigned long val, void *data)
591
{
592
struct die_args *args = (struct die_args *)data;
593
int ret = NOTIFY_DONE;
594
595
switch (val) {
596
case DIE_BPT:
···
606
ret = NOTIFY_STOP;
607
break;
608
case DIE_TRAP:
609
-
/* kprobe_running() needs smp_processor_id() */
610
-
preempt_disable();
611
-
if (kprobe_running() &&
612
-
kprobe_fault_handler(args->regs, args->trapnr))
613
ret = NOTIFY_STOP;
614
-
preempt_enable();
615
break;
616
default:
617
break;
618
}
619
return ret;
620
}
621
···
630
631
/* setup return addr to the jprobe handler routine */
632
regs->psw.addr = (unsigned long)(jp->entry) | PSW_ADDR_AMODE;
633
634
/* r14 is the function return address */
635
kcb->jprobe_saved_r14 = (unsigned long)regs->gprs[14];
···
30
#include <asm/sections.h>
31
#include <linux/module.h>
32
#include <linux/slab.h>
33
+
#include <linux/hardirq.h>
34
35
DEFINE_PER_CPU(struct kprobe *, current_kprobe) = NULL;
36
DEFINE_PER_CPU(struct kprobe_ctlblk, kprobe_ctlblk);
···
212
/* Set the PER control regs, turns on single step for this address */
213
__ctl_load(kprobe_per_regs, 9, 11);
214
regs->psw.mask |= PSW_MASK_PER;
215
+
regs->psw.mask &= ~(PSW_MASK_IO | PSW_MASK_EXT);
216
}
217
218
static void __kprobes save_previous_kprobe(struct kprobe_ctlblk *kcb)
···
239
__get_cpu_var(current_kprobe) = p;
240
/* Save the interrupt and per flags */
241
kcb->kprobe_saved_imask = regs->psw.mask &
242
+
(PSW_MASK_PER | PSW_MASK_IO | PSW_MASK_EXT);
243
/* Save the control regs that govern PER */
244
__ctl_store(kcb->kprobe_saved_ctl, 9, 11);
245
}
···
316
return 1;
317
318
ss_probe:
319
prepare_singlestep(p, regs);
320
kcb->kprobe_status = KPROBE_HIT_SS;
321
return 1;
···
350
struct hlist_node *node, *tmp;
351
unsigned long flags, orig_ret_address = 0;
352
unsigned long trampoline_address = (unsigned long)&kretprobe_trampoline;
353
+
kprobe_opcode_t *correct_ret_addr = NULL;
354
355
INIT_HLIST_HEAD(&empty_rp);
356
kretprobe_hash_lock(current, &head, &flags);
···
372
/* another task is sharing our hash bucket */
373
continue;
374
375
+
orig_ret_address = (unsigned long)ri->ret_addr;
376
+
377
+
if (orig_ret_address != trampoline_address)
378
+
/*
379
+
* This is the real return address. Any other
380
+
* instances associated with this task are for
381
+
* other calls deeper on the call stack
382
+
*/
383
+
break;
384
+
}
385
+
386
+
kretprobe_assert(ri, orig_ret_address, trampoline_address);
387
+
388
+
correct_ret_addr = ri->ret_addr;
389
+
hlist_for_each_entry_safe(ri, node, tmp, head, hlist) {
390
+
if (ri->task != current)
391
+
/* another task is sharing our hash bucket */
392
+
continue;
393
394
orig_ret_address = (unsigned long)ri->ret_addr;
395
+
396
+
if (ri->rp && ri->rp->handler) {
397
+
ri->ret_addr = correct_ret_addr;
398
+
ri->rp->handler(ri, regs);
399
+
}
400
+
401
recycle_rp_inst(ri, &empty_rp);
402
403
if (orig_ret_address != trampoline_address) {
···
387
break;
388
}
389
}
390
+
391
regs->psw.addr = orig_ret_address | PSW_ADDR_AMODE;
392
393
reset_current_kprobe();
···
465
goto out;
466
}
467
reset_current_kprobe();
468
out:
469
preempt_enable_no_resched();
470
···
482
return 1;
483
}
484
485
+
static int __kprobes kprobe_trap_handler(struct pt_regs *regs, int trapnr)
486
{
487
struct kprobe *cur = kprobe_running();
488
struct kprobe_ctlblk *kcb = get_kprobe_ctlblk();
···
508
restore_previous_kprobe(kcb);
509
else {
510
reset_current_kprobe();
511
}
512
preempt_enable_no_resched();
513
break;
···
553
return 0;
554
}
555
556
+
int __kprobes kprobe_fault_handler(struct pt_regs *regs, int trapnr)
557
+
{
558
+
int ret;
559
+
560
+
if (regs->psw.mask & (PSW_MASK_IO | PSW_MASK_EXT))
561
+
local_irq_disable();
562
+
ret = kprobe_trap_handler(regs, trapnr);
563
+
if (regs->psw.mask & (PSW_MASK_IO | PSW_MASK_EXT))
564
+
local_irq_restore(regs->psw.mask & ~PSW_MASK_PER);
565
+
return ret;
566
+
}
567
+
568
/*
569
* Wrapper routine to for handling exceptions.
570
*/
···
560
unsigned long val, void *data)
561
{
562
struct die_args *args = (struct die_args *)data;
563
+
struct pt_regs *regs = args->regs;
564
int ret = NOTIFY_DONE;
565
+
566
+
if (regs->psw.mask & (PSW_MASK_IO | PSW_MASK_EXT))
567
+
local_irq_disable();
568
569
switch (val) {
570
case DIE_BPT:
···
572
ret = NOTIFY_STOP;
573
break;
574
case DIE_TRAP:
575
+
if (!preemptible() && kprobe_running() &&
576
+
kprobe_trap_handler(args->regs, args->trapnr))
577
ret = NOTIFY_STOP;
578
break;
579
default:
580
break;
581
}
582
+
583
+
if (regs->psw.mask & (PSW_MASK_IO | PSW_MASK_EXT))
584
+
local_irq_restore(regs->psw.mask & ~PSW_MASK_PER);
585
+
586
return ret;
587
}
588
···
595
596
/* setup return addr to the jprobe handler routine */
597
regs->psw.addr = (unsigned long)(jp->entry) | PSW_ADDR_AMODE;
598
+
regs->psw.mask &= ~(PSW_MASK_IO | PSW_MASK_EXT);
599
600
/* r14 is the function return address */
601
kcb->jprobe_saved_r14 = (unsigned long)regs->gprs[14];
+3
-4
arch/s390/mm/gup.c
+3
-4
arch/s390/mm/gup.c
···
20
static inline int gup_pte_range(pmd_t *pmdp, pmd_t pmd, unsigned long addr,
21
unsigned long end, int write, struct page **pages, int *nr)
22
{
23
-
unsigned long mask, result;
24
pte_t *ptep, pte;
25
struct page *page;
26
27
-
result = write ? 0 : _PAGE_RO;
28
-
mask = result | _PAGE_INVALID | _PAGE_SPECIAL;
29
30
ptep = ((pte_t *) pmd_deref(pmd)) + pte_index(addr);
31
do {
32
pte = *ptep;
33
barrier();
34
-
if ((pte_val(pte) & mask) != result)
35
return 0;
36
VM_BUG_ON(!pfn_valid(pte_pfn(pte)));
37
page = pte_page(pte);
···
20
static inline int gup_pte_range(pmd_t *pmdp, pmd_t pmd, unsigned long addr,
21
unsigned long end, int write, struct page **pages, int *nr)
22
{
23
+
unsigned long mask;
24
pte_t *ptep, pte;
25
struct page *page;
26
27
+
mask = (write ? _PAGE_RO : 0) | _PAGE_INVALID | _PAGE_SPECIAL;
28
29
ptep = ((pte_t *) pmd_deref(pmd)) + pte_index(addr);
30
do {
31
pte = *ptep;
32
barrier();
33
+
if ((pte_val(pte) & mask) != 0)
34
return 0;
35
VM_BUG_ON(!pfn_valid(pte_pfn(pte)));
36
page = pte_page(pte);
+59
-9
drivers/s390/char/tape_core.c
+59
-9
drivers/s390/char/tape_core.c
···
209
wake_up(&device->state_change_wq);
210
}
211
212
void
213
tape_med_state_set(struct tape_device *device, enum tape_medium_state newstate)
214
{
215
-
if (device->medium_state == newstate)
216
return;
217
switch(newstate){
218
case MS_UNLOADED:
219
device->tape_generic_status |= GMT_DR_OPEN(~0);
220
-
if (device->medium_state == MS_LOADED)
221
-
pr_info("%s: The tape cartridge has been successfully "
222
-
"unloaded\n", dev_name(&device->cdev->dev));
223
break;
224
case MS_LOADED:
225
device->tape_generic_status &= ~GMT_DR_OPEN(~0);
226
-
if (device->medium_state == MS_UNLOADED)
227
-
pr_info("%s: A tape cartridge has been mounted\n",
228
-
dev_name(&device->cdev->dev));
229
break;
230
default:
231
-
// print nothing
232
break;
233
}
234
-
device->medium_state = newstate;
235
wake_up(&device->state_change_wq);
236
}
237
···
209
wake_up(&device->state_change_wq);
210
}
211
212
+
struct tape_med_state_work_data {
213
+
struct tape_device *device;
214
+
enum tape_medium_state state;
215
+
struct work_struct work;
216
+
};
217
+
218
+
static void
219
+
tape_med_state_work_handler(struct work_struct *work)
220
+
{
221
+
static char env_state_loaded[] = "MEDIUM_STATE=LOADED";
222
+
static char env_state_unloaded[] = "MEDIUM_STATE=UNLOADED";
223
+
struct tape_med_state_work_data *p =
224
+
container_of(work, struct tape_med_state_work_data, work);
225
+
struct tape_device *device = p->device;
226
+
char *envp[] = { NULL, NULL };
227
+
228
+
switch (p->state) {
229
+
case MS_UNLOADED:
230
+
pr_info("%s: The tape cartridge has been successfully "
231
+
"unloaded\n", dev_name(&device->cdev->dev));
232
+
envp[0] = env_state_unloaded;
233
+
kobject_uevent_env(&device->cdev->dev.kobj, KOBJ_CHANGE, envp);
234
+
break;
235
+
case MS_LOADED:
236
+
pr_info("%s: A tape cartridge has been mounted\n",
237
+
dev_name(&device->cdev->dev));
238
+
envp[0] = env_state_loaded;
239
+
kobject_uevent_env(&device->cdev->dev.kobj, KOBJ_CHANGE, envp);
240
+
break;
241
+
default:
242
+
break;
243
+
}
244
+
tape_put_device(device);
245
+
kfree(p);
246
+
}
247
+
248
+
static void
249
+
tape_med_state_work(struct tape_device *device, enum tape_medium_state state)
250
+
{
251
+
struct tape_med_state_work_data *p;
252
+
253
+
p = kzalloc(sizeof(*p), GFP_ATOMIC);
254
+
if (p) {
255
+
INIT_WORK(&p->work, tape_med_state_work_handler);
256
+
p->device = tape_get_device(device);
257
+
p->state = state;
258
+
schedule_work(&p->work);
259
+
}
260
+
}
261
+
262
void
263
tape_med_state_set(struct tape_device *device, enum tape_medium_state newstate)
264
{
265
+
enum tape_medium_state oldstate;
266
+
267
+
oldstate = device->medium_state;
268
+
if (oldstate == newstate)
269
return;
270
+
device->medium_state = newstate;
271
switch(newstate){
272
case MS_UNLOADED:
273
device->tape_generic_status |= GMT_DR_OPEN(~0);
274
+
if (oldstate == MS_LOADED)
275
+
tape_med_state_work(device, MS_UNLOADED);
276
break;
277
case MS_LOADED:
278
device->tape_generic_status &= ~GMT_DR_OPEN(~0);
279
+
if (oldstate == MS_UNLOADED)
280
+
tape_med_state_work(device, MS_LOADED);
281
break;
282
default:
283
break;
284
}
285
wake_up(&device->state_change_wq);
286
}
287
+24
-12
drivers/s390/char/vmlogrdr.c
+24
-12
drivers/s390/char/vmlogrdr.c
···
249
char cp_command[80];
250
char cp_response[160];
251
char *onoff, *qid_string;
252
253
-
memset(cp_command, 0x00, sizeof(cp_command));
254
-
memset(cp_response, 0x00, sizeof(cp_response));
255
-
256
-
onoff = ((action == 1) ? "ON" : "OFF");
257
qid_string = ((recording_class_AB == 1) ? " QID * " : "");
258
259
-
/*
260
* The recording commands needs to be called with option QID
261
* for guests that have previlege classes A or B.
262
* Purging has to be done as separate step, because recording
263
* can't be switched on as long as records are on the queue.
264
* Doing both at the same time doesn't work.
265
*/
266
-
267
-
if (purge) {
268
snprintf(cp_command, sizeof(cp_command),
269
"RECORDING %s PURGE %s",
270
logptr->recording_name,
271
qid_string);
272
-
273
cpcmd(cp_command, cp_response, sizeof(cp_response), NULL);
274
}
275
···
277
logptr->recording_name,
278
onoff,
279
qid_string);
280
-
281
cpcmd(cp_command, cp_response, sizeof(cp_response), NULL);
282
/* The recording command will usually answer with 'Command complete'
283
* on success, but when the specific service was never connected
284
* before then there might be an additional informational message
285
* 'HCPCRC8072I Recording entry not found' before the
286
-
* 'Command complete'. So I use strstr rather then the strncmp.
287
*/
288
if (strstr(cp_response,"Command complete"))
289
-
return 0;
290
else
291
-
return -EIO;
292
293
}
294
295
···
249
char cp_command[80];
250
char cp_response[160];
251
char *onoff, *qid_string;
252
+
int rc;
253
254
+
onoff = ((action == 1) ? "ON" : "OFF");
255
qid_string = ((recording_class_AB == 1) ? " QID * " : "");
256
257
+
/*
258
* The recording commands needs to be called with option QID
259
* for guests that have previlege classes A or B.
260
* Purging has to be done as separate step, because recording
261
* can't be switched on as long as records are on the queue.
262
* Doing both at the same time doesn't work.
263
*/
264
+
if (purge && (action == 1)) {
265
+
memset(cp_command, 0x00, sizeof(cp_command));
266
+
memset(cp_response, 0x00, sizeof(cp_response));
267
snprintf(cp_command, sizeof(cp_command),
268
"RECORDING %s PURGE %s",
269
logptr->recording_name,
270
qid_string);
271
cpcmd(cp_command, cp_response, sizeof(cp_response), NULL);
272
}
273
···
279
logptr->recording_name,
280
onoff,
281
qid_string);
282
cpcmd(cp_command, cp_response, sizeof(cp_response), NULL);
283
/* The recording command will usually answer with 'Command complete'
284
* on success, but when the specific service was never connected
285
* before then there might be an additional informational message
286
* 'HCPCRC8072I Recording entry not found' before the
287
+
* 'Command complete'. So I use strstr rather then the strncmp.
288
*/
289
if (strstr(cp_response,"Command complete"))
290
+
rc = 0;
291
else
292
+
rc = -EIO;
293
+
/*
294
+
* If we turn recording off, we have to purge any remaining records
295
+
* afterwards, as a large number of queued records may impact z/VM
296
+
* performance.
297
+
*/
298
+
if (purge && (action == 0)) {
299
+
memset(cp_command, 0x00, sizeof(cp_command));
300
+
memset(cp_response, 0x00, sizeof(cp_response));
301
+
snprintf(cp_command, sizeof(cp_command),
302
+
"RECORDING %s PURGE %s",
303
+
logptr->recording_name,
304
+
qid_string);
305
+
cpcmd(cp_command, cp_response, sizeof(cp_response), NULL);
306
+
}
307
308
+
return rc;
309
}
310
311
+10
-1
drivers/s390/cio/device.c
+10
-1
drivers/s390/cio/device.c
···
1455
break;
1456
case IO_SCH_UNREG_ATTACH:
1457
case IO_SCH_UNREG:
1458
+
if (!cdev)
1459
+
break;
1460
+
if (cdev->private->state == DEV_STATE_SENSE_ID) {
1461
+
/*
1462
+
* Note: delayed work triggered by this event
1463
+
* and repeated calls to sch_event are synchronized
1464
+
* by the above check for work_pending(cdev).
1465
+
*/
1466
+
dev_fsm_event(cdev, DEV_EVENT_NOTOPER);
1467
+
} else
1468
ccw_device_set_notoper(cdev);
1469
break;
1470
case IO_SCH_NOP:
+1
-1
kernel/trace/Kconfig
+1
-1
kernel/trace/Kconfig