* [Bug 203125] Kernel 5.1-rc1 fails to boot on a PowerMac G4 3,6: Caused by (from SRR1=141020): Transfer error ack signal
From: bugzilla-daemon @ 2019-05-22 20:18 UTC (permalink / raw)
To: linuxppc-dev
In-Reply-To: <bug-203125-206035@https.bugzilla.kernel.org/>
https://bugzilla.kernel.org/show_bug.cgi?id=203125
Erhard F. (erhard_f@mailbox.org) changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution|--- |CODE_FIX
--- Comment #11 from Erhard F. (erhard_f@mailbox.org) ---
Your fix landed in 5.1.4 stable now, the G4 boots fine again. Thanks!
--
You are receiving this mail because:
You are watching the assignee of the bug.
^ permalink raw reply
* Re: [BISECTED] kexec regression on PowerBook G4
From: LEROY Christophe @ 2019-05-22 20:33 UTC (permalink / raw)
To: Aaro Koskinen; +Cc: linuxppc-dev
In-Reply-To: <20190522201310.GB456@darkstar.musicnaut.iki.fi>
Aaro Koskinen <aaro.koskinen@iki.fi> a écrit :
> Hi,
>
> On Wed, May 22, 2019 at 07:44:56AM +0000, Christophe Leroy wrote:
>> On 05/22/2019 06:14 AM, Christophe Leroy wrote:
>> >Le 22/05/2019 à 00:18, Aaro Koskinen a écrit :
>> >>I was trying to upgrade from v5.0 -> v5.1 on PowerBook G4, but when
>> >>trying
>> >>to kexec a kernel the system gets stuck (no errors seen on the console).
>> >
>> >Do you mean you are trying to kexec a v5.1 kernel from a v5.0 kernel, or
>> >do you have a working v5.1 kernel, but kexec doesn't work with it ?
>> >
>> >>
>> >>Bisected to: 93c4a162b014 ("powerpc/6xx: Store PGDIR physical address
>> >>in a SPRG"). This commit doesn't revert cleanly anymore but I tested
>> >>that the one before works OK.
>> >
>> >Not sure that's the problem. There was a problem with that commit, but it
>> >was fixed by 4622a2d43101 ("powerpc/6xx: fix setup and use of
>> >SPRN_SPRG_PGDIR for hash32").
>> >You probably hit some commit between those two during bisect, that's
>> >likely the reason why you ended here.
>> >
>> >Can you restart your bisect from 4622a2d43101 ?
>> >
>> >If you have CONFIG_SMP, maybe you should also consider taking 397d2300b08c
>> >("powerpc/32s: fix flush_hash_pages() on SMP"). Stable 5.1.4 includes it.
>> >
>> >>
>> >>With current Linus HEAD (9c7db5004280), it gets a bit further but still
>> >>doesn't work: now I get an error on the console after kexec "Starting
>> >>new kernel! ... Bye!":
>> >>
>> >> kernel tried to execute exec-protected page (...) - exploit attempt?
>> >
>> >Interesting.
>> >
>> >Do you have CONFIG_STRICT_KERNEL_RWX=y in your .config ? If so, can you
>> >retry without it ?
>>
>> After looking at the code, I don't thing CONFIG_STRICT_KERNEL_RWX will make
>> any difference. Can you try the patch below ?
>
> Doesn't help (git refuses the patch as corrupted, so I had to do those
> changes manually, but I'm pretty sure I got it right).
>
> I still get the "kernel tried to execute exec-protected page...". What
> should I try next?
Can you provide full details of the Oops you get ? And also your System.map ?
K
Also build with CONFIG_PPC_PTDUMP and mount /sys/kernel/debug and give
content of /sys/kernel/debug/powerpc/block_address_translation and
.../segment_registers before the failing kexec, and also
/sys/kernel/debug/kernel_page_tables
Thx
Christophe
>
> A.
>
>> From 8c1039da0d0f26cdf995156a905fc97fe7bda36c Mon Sep 17 00:00:00 2001
>> From: Christophe Leroy <christophe.leroy@c-s.fr>
>> Date: Wed, 22 May 2019 07:28:42 +0000
>> Subject: [PATCH] Fix Kexec
>>
>> ---
>> arch/powerpc/include/asm/pgtable.h | 2 ++
>> arch/powerpc/kernel/machine_kexec_32.c | 4 ++++
>> arch/powerpc/mm/pgtable_32.c | 2 +-
>> 3 files changed, 7 insertions(+), 1 deletion(-)
>>
>> diff --git a/arch/powerpc/include/asm/pgtable.h
>> b/arch/powerpc/include/asm/pgtable.h
>> index 3f53be60fb01..642eea937229 100644
>> --- a/arch/powerpc/include/asm/pgtable.h
>> +++ b/arch/powerpc/include/asm/pgtable.h
>> @@ -140,6 +140,8 @@ static inline void pte_frag_set(mm_context_t *ctx, void
>> *p)
>> }
>> #endif
>>
>> +int change_page_attr(struct page *page, int numpages, pgprot_t prot);
>> +
>> #endif /* __ASSEMBLY__ */
>>
>> #endif /* _ASM_POWERPC_PGTABLE_H */
>> diff --git a/arch/powerpc/kernel/machine_kexec_32.c
>> b/arch/powerpc/kernel/machine_kexec_32.c
>> index affe5dcce7f4..4f719501e6ae 100644
>> --- a/arch/powerpc/kernel/machine_kexec_32.c
>> +++ b/arch/powerpc/kernel/machine_kexec_32.c
>> @@ -54,6 +54,10 @@ void default_machine_kexec(struct kimage *image)
>> memcpy((void *)reboot_code_buffer, relocate_new_kernel,
>> relocate_new_kernel_size);
>>
>> + change_page_attr(image->control_code_page,
>> + ALIGN(KEXEC_CONTROL_PAGE_SIZE, PAGE_SIZE) >> PAGE_SHIFT,
>> + PAGE_KERNEL_TEXT);
>> +
>> flush_icache_range(reboot_code_buffer,
>> reboot_code_buffer + KEXEC_CONTROL_PAGE_SIZE);
>> printk(KERN_INFO "Bye!\n");
>> diff --git a/arch/powerpc/mm/pgtable_32.c b/arch/powerpc/mm/pgtable_32.c
>> index 16ada373b32b..0e4651d803fc 100644
>> --- a/arch/powerpc/mm/pgtable_32.c
>> +++ b/arch/powerpc/mm/pgtable_32.c
>> @@ -340,7 +340,7 @@ static int __change_page_attr_noflush(struct page *page,
>> pgprot_t prot)
>> *
>> * THIS DOES NOTHING WITH BAT MAPPINGS, DEBUG USE ONLY
>> */
>> -static int change_page_attr(struct page *page, int numpages, pgprot_t prot)
>> +int change_page_attr(struct page *page, int numpages, pgprot_t prot)
>> {
>> int i, err = 0;
>> unsigned long flags;
>> --
>> 2.13.3
^ permalink raw reply
* Re: [PATCH] misc: remove redundant 'default n' from Kconfig-s
From: Arnd Bergmann @ 2019-05-22 21:20 UTC (permalink / raw)
To: Bartlomiej Zolnierkiewicz
Cc: Eric Piel, Andrew Donnellan, Greg Kroah-Hartman, Frank Haverkamp,
Linux Kernel Mailing List, Michał Mirosław,
Frederic Barrat, linuxppc-dev
In-Reply-To: <1ab818ae-4d9f-d17a-f11f-7caaa5bf98bc@samsung.com>
On Mon, May 20, 2019 at 4:10 PM Bartlomiej Zolnierkiewicz
<b.zolnierkie@samsung.com> wrote:
>
> 'default n' is the default value for any bool or tristate Kconfig
> setting so there is no need to write it explicitly.
>
> Also since commit f467c5640c29 ("kconfig: only write '# CONFIG_FOO
> is not set' for visible symbols") the Kconfig behavior is the same
> regardless of 'default n' being present or not:
>
> ...
> One side effect of (and the main motivation for) this change is making
> the following two definitions behave exactly the same:
>
> config FOO
> bool
>
> config FOO
> bool
> default n
>
> With this change, neither of these will generate a
> '# CONFIG_FOO is not set' line (assuming FOO isn't selected/implied).
> That might make it clearer to people that a bare 'default n' is
> redundant.
> ...
>
> Signed-off-by: Bartlomiej Zolnierkiewicz <b.zolnierkie@samsung.com>
Acked-by: Arnd Bergmann <arnd@arndb.de>
^ permalink raw reply
* [PATCH] powerpc: Fix loading of kernel + initramfs with kexec_file_load()
From: Thiago Jung Bauermann @ 2019-05-22 22:01 UTC (permalink / raw)
To: linuxppc-dev
Cc: kexec, linux-kernel, Mimi Zohar, AKASHI Takahiro,
Thiago Jung Bauermann
Commit b6664ba42f14 ("s390, kexec_file: drop arch_kexec_mem_walk()")
changed kexec_add_buffer() to skip searching for a memory location if
kexec_buf.mem is already set, and use the address that is there.
In powerpc code we reuse a kexec_buf variable for loading both the kernel
and the initramfs by resetting some of the fields between those uses, but
not mem. This causes kexec_add_buffer() to try to load the kernel at the
same address where initramfs will be loaded, which is naturally rejected:
# kexec -s -l --initrd initramfs vmlinuz
kexec_file_load failed: Invalid argument
Setting the mem field before every call to kexec_add_buffer() fixes this
regression.
Fixes: b6664ba42f14 ("s390, kexec_file: drop arch_kexec_mem_walk()")
Signed-off-by: Thiago Jung Bauermann <bauerman@linux.ibm.com>
---
arch/powerpc/kernel/kexec_elf_64.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/arch/powerpc/kernel/kexec_elf_64.c b/arch/powerpc/kernel/kexec_elf_64.c
index ba4f18a43ee8..52a29fc73730 100644
--- a/arch/powerpc/kernel/kexec_elf_64.c
+++ b/arch/powerpc/kernel/kexec_elf_64.c
@@ -547,6 +547,7 @@ static int elf_exec_load(struct kimage *image, struct elfhdr *ehdr,
kbuf.memsz = phdr->p_memsz;
kbuf.buf_align = phdr->p_align;
kbuf.buf_min = phdr->p_paddr + base;
+ kbuf.mem = KEXEC_BUF_MEM_UNKNOWN;
ret = kexec_add_buffer(&kbuf);
if (ret)
goto out;
@@ -581,7 +582,8 @@ static void *elf64_load(struct kimage *image, char *kernel_buf,
struct kexec_buf kbuf = { .image = image, .buf_min = 0,
.buf_max = ppc64_rma_size };
struct kexec_buf pbuf = { .image = image, .buf_min = 0,
- .buf_max = ppc64_rma_size, .top_down = true };
+ .buf_max = ppc64_rma_size, .top_down = true,
+ .mem = KEXEC_BUF_MEM_UNKNOWN };
ret = build_elf_exec_info(kernel_buf, kernel_len, &ehdr, &elf_info);
if (ret)
@@ -606,6 +608,7 @@ static void *elf64_load(struct kimage *image, char *kernel_buf,
kbuf.bufsz = kbuf.memsz = initrd_len;
kbuf.buf_align = PAGE_SIZE;
kbuf.top_down = false;
+ kbuf.mem = KEXEC_BUF_MEM_UNKNOWN;
ret = kexec_add_buffer(&kbuf);
if (ret)
goto out;
@@ -638,6 +641,7 @@ static void *elf64_load(struct kimage *image, char *kernel_buf,
kbuf.bufsz = kbuf.memsz = fdt_size;
kbuf.buf_align = PAGE_SIZE;
kbuf.top_down = true;
+ kbuf.mem = KEXEC_BUF_MEM_UNKNOWN;
ret = kexec_add_buffer(&kbuf);
if (ret)
goto out;
^ permalink raw reply related
* [PATCH] powerpc: pseries/hvconsole: fix stack overread
From: Daniel Axtens @ 2019-05-23 1:57 UTC (permalink / raw)
To: linuxppc-dev; +Cc: Dmitry Vyukov, Daniel Axtens
While developing kasan for 64-bit book3s, I hit the following stack
over-read.
It occurs because the hypercall to put characters onto the terminal
takes 2 longs (128 bits/16 bytes) of characters at a time, and so
hvc_put_chars would unconditionally copy 16 bytes from the argument
buffer, regardless of supplied length. However, sometimes
hvc_put_chars is called with less than 16 characters, leading to the
error.
Use memcpy to copy the correct length.
==================================================================
BUG: KASAN: stack-out-of-bounds in hvc_put_chars+0x44/0xc0
Read of size 8 at addr c00000000169fac0 by task swapper/0
CPU: 0 PID: 0 Comm: swapper Not tainted 5.1.0-rc2-00065-g7e26a58cb076 #43
Call Trace:
[c00000000169f770] [c000000000e83900] dump_stack+0xc4/0x114 (unreliable)
[c00000000169f7c0] [c0000000003f3034] print_address_description+0xd0/0x3cc
[c00000000169f850] [c0000000003f2c0c] kasan_report+0x20c/0x224
[c00000000169f920] [c0000000003f4808] __asan_load8+0x198/0x330
[c00000000169f9c0] [c0000000000d7264] hvc_put_chars+0x44/0xc0
[c00000000169fa40] [c00000000089b998] hvterm_raw_put_chars+0x78/0xb0
[c00000000169fa80] [c00000000089bff0] udbg_hvc_putc+0x110/0x1a0
[c00000000169fb30] [c000000000036610] udbg_write+0xa0/0x1a0
[c00000000169fb80] [c0000000001b9cd4] console_unlock+0x694/0x810
[c00000000169fc80] [c0000000001bc5ec] vprintk_emit+0x24c/0x310
[c00000000169fcf0] [c0000000001bde04] vprintk_func+0xd4/0x250
[c00000000169fd40] [c0000000001bd088] printk+0x38/0x4c
[c00000000169fd60] [c0000000012ec4a0] kasan_init+0x330/0x350
[c00000000169fde0] [c0000000012dc304] setup_arch+0x4b4/0x504
[c00000000169fe70] [c0000000012d3e50] start_kernel+0x10c/0x868
[c00000000169ff90] [c00000000000b360] start_here_common+0x1c/0x53c
Memory state around the buggy address:
c00000000169f980: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
c00000000169fa00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
>c00000000169fa80: 00 00 00 00 f1 f1 f1 f1 01 f2 f2 f2 00 00 00 00
^
c00000000169fb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
c00000000169fb80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
==================================================================
CC: Dmitry Vyukov <dvyukov@google.com>
Signed-off-by: Daniel Axtens <dja@axtens.net>
---
arch/powerpc/platforms/pseries/hvconsole.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/arch/powerpc/platforms/pseries/hvconsole.c b/arch/powerpc/platforms/pseries/hvconsole.c
index 74da18de853a..c39907b635eb 100644
--- a/arch/powerpc/platforms/pseries/hvconsole.c
+++ b/arch/powerpc/platforms/pseries/hvconsole.c
@@ -67,9 +67,10 @@ EXPORT_SYMBOL(hvc_get_chars);
*/
int hvc_put_chars(uint32_t vtermno, const char *buf, int count)
{
- unsigned long *lbuf = (unsigned long *) buf;
+ unsigned long lbuf[2];
long ret;
+ memcpy(lbuf, buf, count);
/* hcall will ret H_PARAMETER if 'count' exceeds firmware max.*/
if (count > MAX_VIO_PUT_CHARS)
--
2.19.1
^ permalink raw reply related
* [PATCH] powerpc/powernv: fix variable "c" set but not used
From: Qian Cai @ 2019-05-23 2:31 UTC (permalink / raw)
To: benh, paulus, mpe; +Cc: aik, Qian Cai, linuxppc-dev, linux-kernel
The commit 58629c0dc349 ("powerpc/powernv/npu: Fault user page into the
hypervisor's pagetable") introduced a variable "c" to be used in
__get_user() and __get_user_nocheck() which need to stay as macros for
performance reasons, and "c" is not actually used in
pnv_npu2_handle_fault(),
arch/powerpc/platforms/powernv/npu-dma.c: In function 'pnv_npu2_handle_fault':
arch/powerpc/platforms/powernv/npu-dma.c:1122:7: warning: variable 'c'
set but not used [-Wunused-but-set-variable]
Fixed it by appending the __maybe_unused attribute, so compilers would
ignore it.
Signed-off-by: Qian Cai <cai@lca.pw>
---
arch/powerpc/platforms/powernv/npu-dma.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/arch/powerpc/platforms/powernv/npu-dma.c b/arch/powerpc/platforms/powernv/npu-dma.c
index 495550432f3d..5bbe59573ee6 100644
--- a/arch/powerpc/platforms/powernv/npu-dma.c
+++ b/arch/powerpc/platforms/powernv/npu-dma.c
@@ -1119,7 +1119,8 @@ int pnv_npu2_handle_fault(struct npu_context *context, uintptr_t *ea,
int i, is_write;
struct page *page[1];
const char __user *u;
- char c;
+ /* To silence a -Wunused-but-set-variable warning. */
+ char c __maybe_unused;
/* mmap_sem should be held so the struct_mm must be present */
struct mm_struct *mm = context->mm;
--
2.20.1 (Apple Git-117)
^ permalink raw reply related
* Re: [PATCH] powerpc: Fix loading of kernel + initramfs with kexec_file_load()
From: Dave Young @ 2019-05-23 3:23 UTC (permalink / raw)
To: Thiago Jung Bauermann
Cc: kexec, linux-kernel, Mimi Zohar, AKASHI Takahiro, linuxppc-dev
In-Reply-To: <20190522220158.18479-1-bauerman@linux.ibm.com>
On 05/22/19 at 07:01pm, Thiago Jung Bauermann wrote:
> Commit b6664ba42f14 ("s390, kexec_file: drop arch_kexec_mem_walk()")
> changed kexec_add_buffer() to skip searching for a memory location if
> kexec_buf.mem is already set, and use the address that is there.
>
> In powerpc code we reuse a kexec_buf variable for loading both the kernel
> and the initramfs by resetting some of the fields between those uses, but
> not mem. This causes kexec_add_buffer() to try to load the kernel at the
> same address where initramfs will be loaded, which is naturally rejected:
>
> # kexec -s -l --initrd initramfs vmlinuz
> kexec_file_load failed: Invalid argument
>
> Setting the mem field before every call to kexec_add_buffer() fixes this
> regression.
>
> Fixes: b6664ba42f14 ("s390, kexec_file: drop arch_kexec_mem_walk()")
> Signed-off-by: Thiago Jung Bauermann <bauerman@linux.ibm.com>
> ---
> arch/powerpc/kernel/kexec_elf_64.c | 6 +++++-
> 1 file changed, 5 insertions(+), 1 deletion(-)
>
> diff --git a/arch/powerpc/kernel/kexec_elf_64.c b/arch/powerpc/kernel/kexec_elf_64.c
> index ba4f18a43ee8..52a29fc73730 100644
> --- a/arch/powerpc/kernel/kexec_elf_64.c
> +++ b/arch/powerpc/kernel/kexec_elf_64.c
> @@ -547,6 +547,7 @@ static int elf_exec_load(struct kimage *image, struct elfhdr *ehdr,
> kbuf.memsz = phdr->p_memsz;
> kbuf.buf_align = phdr->p_align;
> kbuf.buf_min = phdr->p_paddr + base;
> + kbuf.mem = KEXEC_BUF_MEM_UNKNOWN;
> ret = kexec_add_buffer(&kbuf);
> if (ret)
> goto out;
> @@ -581,7 +582,8 @@ static void *elf64_load(struct kimage *image, char *kernel_buf,
> struct kexec_buf kbuf = { .image = image, .buf_min = 0,
> .buf_max = ppc64_rma_size };
> struct kexec_buf pbuf = { .image = image, .buf_min = 0,
> - .buf_max = ppc64_rma_size, .top_down = true };
> + .buf_max = ppc64_rma_size, .top_down = true,
> + .mem = KEXEC_BUF_MEM_UNKNOWN };
>
> ret = build_elf_exec_info(kernel_buf, kernel_len, &ehdr, &elf_info);
> if (ret)
> @@ -606,6 +608,7 @@ static void *elf64_load(struct kimage *image, char *kernel_buf,
> kbuf.bufsz = kbuf.memsz = initrd_len;
> kbuf.buf_align = PAGE_SIZE;
> kbuf.top_down = false;
> + kbuf.mem = KEXEC_BUF_MEM_UNKNOWN;
> ret = kexec_add_buffer(&kbuf);
> if (ret)
> goto out;
> @@ -638,6 +641,7 @@ static void *elf64_load(struct kimage *image, char *kernel_buf,
> kbuf.bufsz = kbuf.memsz = fdt_size;
> kbuf.buf_align = PAGE_SIZE;
> kbuf.top_down = true;
> + kbuf.mem = KEXEC_BUF_MEM_UNKNOWN;
> ret = kexec_add_buffer(&kbuf);
> if (ret)
> goto out;
>
>
> _______________________________________________
> kexec mailing list
> kexec@lists.infradead.org
> http://lists.infradead.org/mailman/listinfo/kexec
Reviewed-by: Dave Young <dyoung@redhat.com>
Thanks
Dave
^ permalink raw reply
* Re: [PATCH] powerpc: Fix loading of kernel + initramfs with kexec_file_load()
From: Thiago Jung Bauermann @ 2019-05-23 4:43 UTC (permalink / raw)
To: Dave Young; +Cc: kexec, linux-kernel, Mimi Zohar, AKASHI Takahiro, linuxppc-dev
In-Reply-To: <20190523032302.GD8174@dhcp-128-65.nay.redhat.com>
Dave Young <dyoung@redhat.com> writes:
> On 05/22/19 at 07:01pm, Thiago Jung Bauermann wrote:
>> Commit b6664ba42f14 ("s390, kexec_file: drop arch_kexec_mem_walk()")
>> changed kexec_add_buffer() to skip searching for a memory location if
>> kexec_buf.mem is already set, and use the address that is there.
>>
>> In powerpc code we reuse a kexec_buf variable for loading both the kernel
>> and the initramfs by resetting some of the fields between those uses, but
>> not mem. This causes kexec_add_buffer() to try to load the kernel at the
>> same address where initramfs will be loaded, which is naturally rejected:
>>
>> # kexec -s -l --initrd initramfs vmlinuz
>> kexec_file_load failed: Invalid argument
>>
>> Setting the mem field before every call to kexec_add_buffer() fixes this
>> regression.
>>
>> Fixes: b6664ba42f14 ("s390, kexec_file: drop arch_kexec_mem_walk()")
>> Signed-off-by: Thiago Jung Bauermann <bauerman@linux.ibm.com>
>> ---
>> arch/powerpc/kernel/kexec_elf_64.c | 6 +++++-
>> 1 file changed, 5 insertions(+), 1 deletion(-)
>
> Reviewed-by: Dave Young <dyoung@redhat.com>
Thanks!
--
Thiago Jung Bauermann
IBM Linux Technology Center
^ permalink raw reply
* Re: [PATCH 11/12] powerpc/pseries/svm: Force SWIOTLB for secure guests
From: Thiago Jung Bauermann @ 2019-05-23 5:15 UTC (permalink / raw)
To: Christoph Hellwig
Cc: Anshuman Khandual, Alexey Kardashevskiy, Mike Anderson, Ram Pai,
linux-kernel, Claudio Carvalho, Paul Mackerras, linuxppc-dev,
Anshuman Khandual
In-Reply-To: <20190521051507.GD29120@lst.de>
Hello Christoph,
Thanks for reviewing the patch!
Christoph Hellwig <hch@lst.de> writes:
>> diff --git a/arch/powerpc/include/asm/mem_encrypt.h b/arch/powerpc/include/asm/mem_encrypt.h
>> new file mode 100644
>> index 000000000000..45d5e4d0e6e0
>> --- /dev/null
>> +++ b/arch/powerpc/include/asm/mem_encrypt.h
>> @@ -0,0 +1,19 @@
>> +/* SPDX-License-Identifier: GPL-2.0+ */
>> +/*
>> + * SVM helper functions
>> + *
>> + * Copyright 2019 IBM Corporation
>> + */
>> +
>> +#ifndef _ASM_POWERPC_MEM_ENCRYPT_H
>> +#define _ASM_POWERPC_MEM_ENCRYPT_H
>> +
>> +#define sme_me_mask 0ULL
>> +
>> +static inline bool sme_active(void) { return false; }
>> +static inline bool sev_active(void) { return false; }
>> +
>> +int set_memory_encrypted(unsigned long addr, int numpages);
>> +int set_memory_decrypted(unsigned long addr, int numpages);
>> +
>> +#endif /* _ASM_POWERPC_MEM_ENCRYPT_H */
>
> S/390 seems to be adding a stub header just like this. Can you please
> clean up the Kconfig and generic headers bits for memory encryption so
> that we don't need all this boilerplate code?
Yes, that's a good idea. Will do.
>> config PPC_SVM
>> bool "Secure virtual machine (SVM) support for POWER"
>> depends on PPC_PSERIES
>> + select SWIOTLB
>> + select ARCH_HAS_MEM_ENCRYPT
>> default n
>
> n is the default default, no need to explictly specify it.
Indeed. Changed for the next version.
--
Thiago Jung Bauermann
IBM Linux Technology Center
^ permalink raw reply
* [RFC PATCH 0/7] powerpc: KASAN for 64-bit 3s radix
From: Daniel Axtens @ 2019-05-23 5:21 UTC (permalink / raw)
To: aneesh.kumar, christophe.leroy, bsingharora
Cc: linuxppc-dev, kasan-dev, Daniel Axtens
Building on the work of Christophe, Aneesh and Balbir, I've ported
KASAN to Book3S radix.
It builds on top Christophe's work on 32bit, and includes my work for
64-bit Book3E (3S doesn't really depend on 3E, but it was handy to
have around when developing and debugging).
This provides full inline instrumentation on radix, but does require
that you be able to specify the amount of memory on the system at
compile time. More details in patch 7.
Regards,
Daniel
Daniel Axtens (7):
kasan: do not open-code addr_has_shadow
kasan: allow architectures to manage the memory-to-shadow mapping
kasan: allow architectures to provide an outline readiness check
powerpc: KASAN for 64bit Book3E
kasan: allow arches to provide their own early shadow setup
kasan: allow arches to hook into global registration
powerpc: Book3S 64-bit "heavyweight" KASAN support
arch/powerpc/Kconfig | 2 +
arch/powerpc/Kconfig.debug | 17 ++-
arch/powerpc/Makefile | 7 ++
arch/powerpc/include/asm/kasan.h | 116 +++++++++++++++++++
arch/powerpc/kernel/prom.c | 40 +++++++
arch/powerpc/mm/kasan/Makefile | 2 +
arch/powerpc/mm/kasan/kasan_init_book3e_64.c | 50 ++++++++
arch/powerpc/mm/kasan/kasan_init_book3s_64.c | 67 +++++++++++
arch/powerpc/mm/nohash/Makefile | 5 +
include/linux/kasan.h | 13 +++
mm/kasan/generic.c | 9 +-
mm/kasan/generic_report.c | 2 +-
mm/kasan/init.c | 10 ++
mm/kasan/kasan.h | 6 +-
mm/kasan/report.c | 6 +-
mm/kasan/tags.c | 3 +-
16 files changed, 345 insertions(+), 10 deletions(-)
create mode 100644 arch/powerpc/mm/kasan/kasan_init_book3e_64.c
create mode 100644 arch/powerpc/mm/kasan/kasan_init_book3s_64.c
--
2.19.1
^ permalink raw reply
* [RFC PATCH 1/7] kasan: do not open-code addr_has_shadow
From: Daniel Axtens @ 2019-05-23 5:21 UTC (permalink / raw)
To: aneesh.kumar, christophe.leroy, bsingharora
Cc: linuxppc-dev, kasan-dev, Daniel Axtens
In-Reply-To: <20190523052120.18459-1-dja@axtens.net>
We have a couple of places checking for the existence of a shadow
mapping for an address by open-coding the inverse of the check in
addr_has_shadow.
Replace the open-coded versions with the helper. This will be
needed in future to allow architectures to override the layout
of the shadow mapping.
Reviewed-by: Andrew Donnellan <andrew.donnellan@au1.ibm.com>
Reviewed-by: Dmitry Vyukov <dvyukov@google.com>
Signed-off-by: Daniel Axtens <dja@axtens.net>
Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr>
---
mm/kasan/generic.c | 3 +--
mm/kasan/tags.c | 3 +--
2 files changed, 2 insertions(+), 4 deletions(-)
diff --git a/mm/kasan/generic.c b/mm/kasan/generic.c
index 504c79363a34..9e5c989dab8c 100644
--- a/mm/kasan/generic.c
+++ b/mm/kasan/generic.c
@@ -173,8 +173,7 @@ static __always_inline void check_memory_region_inline(unsigned long addr,
if (unlikely(size == 0))
return;
- if (unlikely((void *)addr <
- kasan_shadow_to_mem((void *)KASAN_SHADOW_START))) {
+ if (unlikely(!addr_has_shadow((void *)addr))) {
kasan_report(addr, size, write, ret_ip);
return;
}
diff --git a/mm/kasan/tags.c b/mm/kasan/tags.c
index 63fca3172659..87ebee0a6aea 100644
--- a/mm/kasan/tags.c
+++ b/mm/kasan/tags.c
@@ -109,8 +109,7 @@ void check_memory_region(unsigned long addr, size_t size, bool write,
return;
untagged_addr = reset_tag((const void *)addr);
- if (unlikely(untagged_addr <
- kasan_shadow_to_mem((void *)KASAN_SHADOW_START))) {
+ if (unlikely(!addr_has_shadow(untagged_addr))) {
kasan_report(addr, size, write, ret_ip);
return;
}
--
2.19.1
^ permalink raw reply related
* [RFC PATCH 2/7] kasan: allow architectures to manage the memory-to-shadow mapping
From: Daniel Axtens @ 2019-05-23 5:21 UTC (permalink / raw)
To: aneesh.kumar, christophe.leroy, bsingharora
Cc: linuxppc-dev, kasan-dev, Daniel Axtens
In-Reply-To: <20190523052120.18459-1-dja@axtens.net>
Currently, shadow addresses are always addr >> shift + offset.
However, for powerpc, the virtual address space is fragmented in
ways that make this simple scheme impractical.
Allow architectures to override:
- kasan_shadow_to_mem
- kasan_mem_to_shadow
- addr_has_shadow
Rename addr_has_shadow to kasan_addr_has_shadow as if it is
overridden it will be available in more places, increasing the
risk of collisions.
If architectures do not #define their own versions, the generic
code will continue to run as usual.
Reviewed-by: Dmitry Vyukov <dvyukov@google.com>
Signed-off-by: Daniel Axtens <dja@axtens.net>
Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr>
---
include/linux/kasan.h | 2 ++
mm/kasan/generic.c | 2 +-
mm/kasan/generic_report.c | 2 +-
mm/kasan/kasan.h | 6 +++++-
mm/kasan/report.c | 6 +++---
mm/kasan/tags.c | 2 +-
6 files changed, 13 insertions(+), 7 deletions(-)
diff --git a/include/linux/kasan.h b/include/linux/kasan.h
index b40ea104dd36..f6261840f94c 100644
--- a/include/linux/kasan.h
+++ b/include/linux/kasan.h
@@ -23,11 +23,13 @@ extern p4d_t kasan_early_shadow_p4d[MAX_PTRS_PER_P4D];
int kasan_populate_early_shadow(const void *shadow_start,
const void *shadow_end);
+#ifndef kasan_mem_to_shadow
static inline void *kasan_mem_to_shadow(const void *addr)
{
return (void *)((unsigned long)addr >> KASAN_SHADOW_SCALE_SHIFT)
+ KASAN_SHADOW_OFFSET;
}
+#endif
/* Enable reporting bugs after kasan_disable_current() */
extern void kasan_enable_current(void);
diff --git a/mm/kasan/generic.c b/mm/kasan/generic.c
index 9e5c989dab8c..a5b28e3ceacb 100644
--- a/mm/kasan/generic.c
+++ b/mm/kasan/generic.c
@@ -173,7 +173,7 @@ static __always_inline void check_memory_region_inline(unsigned long addr,
if (unlikely(size == 0))
return;
- if (unlikely(!addr_has_shadow((void *)addr))) {
+ if (unlikely(!kasan_addr_has_shadow((void *)addr))) {
kasan_report(addr, size, write, ret_ip);
return;
}
diff --git a/mm/kasan/generic_report.c b/mm/kasan/generic_report.c
index 36c645939bc9..6caafd61fc3a 100644
--- a/mm/kasan/generic_report.c
+++ b/mm/kasan/generic_report.c
@@ -107,7 +107,7 @@ static const char *get_wild_bug_type(struct kasan_access_info *info)
const char *get_bug_type(struct kasan_access_info *info)
{
- if (addr_has_shadow(info->access_addr))
+ if (kasan_addr_has_shadow(info->access_addr))
return get_shadow_bug_type(info);
return get_wild_bug_type(info);
}
diff --git a/mm/kasan/kasan.h b/mm/kasan/kasan.h
index 3ce956efa0cb..8fcbe4027929 100644
--- a/mm/kasan/kasan.h
+++ b/mm/kasan/kasan.h
@@ -110,16 +110,20 @@ struct kasan_alloc_meta *get_alloc_info(struct kmem_cache *cache,
struct kasan_free_meta *get_free_info(struct kmem_cache *cache,
const void *object);
+#ifndef kasan_shadow_to_mem
static inline const void *kasan_shadow_to_mem(const void *shadow_addr)
{
return (void *)(((unsigned long)shadow_addr - KASAN_SHADOW_OFFSET)
<< KASAN_SHADOW_SCALE_SHIFT);
}
+#endif
-static inline bool addr_has_shadow(const void *addr)
+#ifndef kasan_addr_has_shadow
+static inline bool kasan_addr_has_shadow(const void *addr)
{
return (addr >= kasan_shadow_to_mem((void *)KASAN_SHADOW_START));
}
+#endif
void kasan_poison_shadow(const void *address, size_t size, u8 value);
diff --git a/mm/kasan/report.c b/mm/kasan/report.c
index 03a443579386..a713b64c232b 100644
--- a/mm/kasan/report.c
+++ b/mm/kasan/report.c
@@ -298,7 +298,7 @@ void __kasan_report(unsigned long addr, size_t size, bool is_write, unsigned lon
untagged_addr = reset_tag(tagged_addr);
info.access_addr = tagged_addr;
- if (addr_has_shadow(untagged_addr))
+ if (kasan_addr_has_shadow(untagged_addr))
info.first_bad_addr = find_first_bad_addr(tagged_addr, size);
else
info.first_bad_addr = untagged_addr;
@@ -309,11 +309,11 @@ void __kasan_report(unsigned long addr, size_t size, bool is_write, unsigned lon
start_report(&flags);
print_error_description(&info);
- if (addr_has_shadow(untagged_addr))
+ if (kasan_addr_has_shadow(untagged_addr))
print_tags(get_tag(tagged_addr), info.first_bad_addr);
pr_err("\n");
- if (addr_has_shadow(untagged_addr)) {
+ if (kasan_addr_has_shadow(untagged_addr)) {
print_address_description(untagged_addr);
pr_err("\n");
print_shadow_for_address(info.first_bad_addr);
diff --git a/mm/kasan/tags.c b/mm/kasan/tags.c
index 87ebee0a6aea..661c23dd5340 100644
--- a/mm/kasan/tags.c
+++ b/mm/kasan/tags.c
@@ -109,7 +109,7 @@ void check_memory_region(unsigned long addr, size_t size, bool write,
return;
untagged_addr = reset_tag((const void *)addr);
- if (unlikely(!addr_has_shadow(untagged_addr))) {
+ if (unlikely(!kasan_addr_has_shadow(untagged_addr))) {
kasan_report(addr, size, write, ret_ip);
return;
}
--
2.19.1
^ permalink raw reply related
* [RFC PATCH 3/7] kasan: allow architectures to provide an outline readiness check
From: Daniel Axtens @ 2019-05-23 5:21 UTC (permalink / raw)
To: aneesh.kumar, christophe.leroy, bsingharora
Cc: linuxppc-dev, Aneesh Kumar K . V, kasan-dev, Daniel Axtens
In-Reply-To: <20190523052120.18459-1-dja@axtens.net>
In powerpc (as I understand it), we spend a lot of time in boot
running in real mode before MMU paging is initialised. During
this time we call a lot of generic code, including printk(). If
we try to access the shadow region during this time, things fail.
My attempts to move early init before the first printk have not
been successful. (Both previous RFCs for ppc64 - by 2 different
people - have needed this trick too!)
So, allow architectures to define a kasan_arch_is_ready()
hook that bails out of check_memory_region_inline() unless the
arch has done all of the init.
Link: https://lore.kernel.org/patchwork/patch/592820/ # ppc64 hash series
Link: https://patchwork.ozlabs.org/patch/795211/ # ppc radix series
Originally-by: Balbir Singh <bsingharora@gmail.com>
Cc: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
Signed-off-by: Daniel Axtens <dja@axtens.net>
[check_return_arch_not_ready() ==> static inline kasan_arch_is_ready()]
Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr>
---
include/linux/kasan.h | 4 ++++
mm/kasan/generic.c | 3 +++
2 files changed, 7 insertions(+)
diff --git a/include/linux/kasan.h b/include/linux/kasan.h
index f6261840f94c..a630d53f1a36 100644
--- a/include/linux/kasan.h
+++ b/include/linux/kasan.h
@@ -14,6 +14,10 @@ struct task_struct;
#include <asm/kasan.h>
#include <asm/pgtable.h>
+#ifndef kasan_arch_is_ready
+static inline bool kasan_arch_is_ready(void) { return true; }
+#endif
+
extern unsigned char kasan_early_shadow_page[PAGE_SIZE];
extern pte_t kasan_early_shadow_pte[PTRS_PER_PTE];
extern pmd_t kasan_early_shadow_pmd[PTRS_PER_PMD];
diff --git a/mm/kasan/generic.c b/mm/kasan/generic.c
index a5b28e3ceacb..0336f31bbae3 100644
--- a/mm/kasan/generic.c
+++ b/mm/kasan/generic.c
@@ -170,6 +170,9 @@ static __always_inline void check_memory_region_inline(unsigned long addr,
size_t size, bool write,
unsigned long ret_ip)
{
+ if (!kasan_arch_is_ready())
+ return;
+
if (unlikely(size == 0))
return;
--
2.19.1
^ permalink raw reply related
* [RFC PATCH 4/7] powerpc: KASAN for 64bit Book3E
From: Daniel Axtens @ 2019-05-23 5:21 UTC (permalink / raw)
To: aneesh.kumar, christophe.leroy, bsingharora
Cc: linuxppc-dev, Aneesh Kumar K . V, kasan-dev, Daniel Axtens
In-Reply-To: <20190523052120.18459-1-dja@axtens.net>
Wire up KASAN. Only outline instrumentation is supported.
The KASAN shadow area is mapped into vmemmap space:
0x8000 0400 0000 0000 to 0x8000 0600 0000 0000.
To do this we require that vmemmap be disabled. (This is the default
in the kernel config that QorIQ provides for the machine in their
SDK anyway - they use flat memory.)
Only the kernel linear mapping (0xc000...) is checked. The vmalloc and
ioremap areas (also in 0x800...) are all mapped to the zero page. As
with the Book3S hash series, this requires overriding the memory <->
shadow mapping.
Also, as with both previous 64-bit series, early instrumentation is not
supported. It would allow us to drop the check_return_arch_not_ready()
hook in the KASAN core, but it's tricky to get it set up early enough:
we need it setup before the first call to instrumented code like printk().
Perhaps in the future.
Only KASAN_MINIMAL works.
Tested on e6500. KVM, kexec and xmon have not been tested.
The test_kasan module fires warnings as expected, except for the
following tests:
- Expected/by design:
kasan test: memcg_accounted_kmem_cache allocate memcg accounted object
- Due to only supporting KASAN_MINIMAL:
kasan test: kasan_stack_oob out-of-bounds on stack
kasan test: kasan_global_oob out-of-bounds global variable
kasan test: kasan_alloca_oob_left out-of-bounds to left on alloca
kasan test: kasan_alloca_oob_right out-of-bounds to right on alloca
kasan test: use_after_scope_test use-after-scope on int
kasan test: use_after_scope_test use-after-scope on array
Thanks to those who have done the heavy lifting over the past several
years:
- Christophe's 32 bit series: https://lists.ozlabs.org/pipermail/linuxppc-dev/2019-February/185379.html
- Aneesh's Book3S hash series: https://lwn.net/Articles/655642/
- Balbir's Book3S radix series: https://patchwork.ozlabs.org/patch/795211/
Cc: Christophe Leroy <christophe.leroy@c-s.fr>
Cc: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
Cc: Balbir Singh <bsingharora@gmail.com>
Signed-off-by: Daniel Axtens <dja@axtens.net>
[- Removed EXPORT_SYMBOL of the static key
- Fixed most checkpatch problems
- Replaced kasan_zero_page[] by kasan_early_shadow_page[]
- Reduced casting mess by using intermediate locals
- Fixed build failure on pmac32_defconfig]
Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr>
---
arch/powerpc/Kconfig | 1 +
arch/powerpc/Kconfig.debug | 2 +-
arch/powerpc/include/asm/kasan.h | 71 ++++++++++++++++++++
arch/powerpc/mm/kasan/Makefile | 1 +
arch/powerpc/mm/kasan/kasan_init_book3e_64.c | 50 ++++++++++++++
arch/powerpc/mm/nohash/Makefile | 5 ++
6 files changed, 129 insertions(+), 1 deletion(-)
create mode 100644 arch/powerpc/mm/kasan/kasan_init_book3e_64.c
diff --git a/arch/powerpc/Kconfig b/arch/powerpc/Kconfig
index 6a66a2da5b1a..4e266b019dd7 100644
--- a/arch/powerpc/Kconfig
+++ b/arch/powerpc/Kconfig
@@ -170,6 +170,7 @@ config PPC
select HAVE_ARCH_AUDITSYSCALL
select HAVE_ARCH_JUMP_LABEL
select HAVE_ARCH_KASAN if PPC32
+ select HAVE_ARCH_KASAN if PPC_BOOK3E_64 && !SPARSEMEM_VMEMMAP
select HAVE_ARCH_KGDB
select HAVE_ARCH_MMAP_RND_BITS
select HAVE_ARCH_MMAP_RND_COMPAT_BITS if COMPAT
diff --git a/arch/powerpc/Kconfig.debug b/arch/powerpc/Kconfig.debug
index c59920920ddc..23a37facc854 100644
--- a/arch/powerpc/Kconfig.debug
+++ b/arch/powerpc/Kconfig.debug
@@ -396,5 +396,5 @@ config PPC_FAST_ENDIAN_SWITCH
config KASAN_SHADOW_OFFSET
hex
- depends on KASAN
+ depends on KASAN && PPC32
default 0xe0000000
diff --git a/arch/powerpc/include/asm/kasan.h b/arch/powerpc/include/asm/kasan.h
index 296e51c2f066..ae410f0e060d 100644
--- a/arch/powerpc/include/asm/kasan.h
+++ b/arch/powerpc/include/asm/kasan.h
@@ -21,12 +21,15 @@
#define KASAN_SHADOW_START (KASAN_SHADOW_OFFSET + \
(PAGE_OFFSET >> KASAN_SHADOW_SCALE_SHIFT))
+#ifdef CONFIG_PPC32
#define KASAN_SHADOW_OFFSET ASM_CONST(CONFIG_KASAN_SHADOW_OFFSET)
#define KASAN_SHADOW_END 0UL
#define KASAN_SHADOW_SIZE (KASAN_SHADOW_END - KASAN_SHADOW_START)
+#endif /* CONFIG_PPC32 */
+
#ifdef CONFIG_KASAN
void kasan_early_init(void);
void kasan_mmu_init(void);
@@ -36,5 +39,73 @@ static inline void kasan_init(void) { }
static inline void kasan_mmu_init(void) { }
#endif
+#ifdef CONFIG_PPC_BOOK3E_64
+#include <asm/pgtable.h>
+#include <linux/jump_label.h>
+
+/*
+ * We don't put this in Kconfig as we only support KASAN_MINIMAL, and
+ * that will be disabled if the symbol is available in Kconfig
+ */
+#define KASAN_SHADOW_OFFSET ASM_CONST(0x6800040000000000)
+
+#define KASAN_SHADOW_SIZE (KERN_VIRT_SIZE >> KASAN_SHADOW_SCALE_SHIFT)
+
+extern struct static_key_false powerpc_kasan_enabled_key;
+extern unsigned char kasan_early_shadow_page[];
+
+static inline bool kasan_arch_is_ready_book3e(void)
+{
+ if (static_branch_likely(&powerpc_kasan_enabled_key))
+ return true;
+ return false;
+}
+#define kasan_arch_is_ready kasan_arch_is_ready_book3e
+
+static inline void *kasan_mem_to_shadow_book3e(const void *ptr)
+{
+ unsigned long addr = (unsigned long)ptr;
+
+ if (addr >= KERN_VIRT_START && addr < KERN_VIRT_START + KERN_VIRT_SIZE)
+ return kasan_early_shadow_page;
+
+ return (void *)(addr >> KASAN_SHADOW_SCALE_SHIFT) + KASAN_SHADOW_OFFSET;
+}
+#define kasan_mem_to_shadow kasan_mem_to_shadow_book3e
+
+static inline void *kasan_shadow_to_mem_book3e(const void *shadow_addr)
+{
+ /*
+ * We map the entire non-linear virtual mapping onto the zero page so if
+ * we are asked to map the zero page back just pick the beginning of that
+ * area.
+ */
+ if (shadow_addr >= (void *)kasan_early_shadow_page &&
+ shadow_addr < (void *)(kasan_early_shadow_page + PAGE_SIZE))
+ return (void *)KERN_VIRT_START;
+
+ return (void *)(((unsigned long)shadow_addr - KASAN_SHADOW_OFFSET) <<
+ KASAN_SHADOW_SCALE_SHIFT);
+}
+#define kasan_shadow_to_mem kasan_shadow_to_mem_book3e
+
+static inline bool kasan_addr_has_shadow_book3e(const void *ptr)
+{
+ unsigned long addr = (unsigned long)ptr;
+
+ /*
+ * We want to specifically assert that the addresses in the 0x8000...
+ * region have a shadow, otherwise they are considered by the kasan
+ * core to be wild pointers
+ */
+ if (addr >= KERN_VIRT_START && addr < (KERN_VIRT_START + KERN_VIRT_SIZE))
+ return true;
+
+ return (ptr >= kasan_shadow_to_mem((void *)KASAN_SHADOW_START));
+}
+#define kasan_addr_has_shadow kasan_addr_has_shadow_book3e
+
+#endif /* CONFIG_PPC_BOOK3E_64 */
+
#endif /* __ASSEMBLY */
#endif
diff --git a/arch/powerpc/mm/kasan/Makefile b/arch/powerpc/mm/kasan/Makefile
index 6577897673dd..f8f164ad8ade 100644
--- a/arch/powerpc/mm/kasan/Makefile
+++ b/arch/powerpc/mm/kasan/Makefile
@@ -3,3 +3,4 @@
KASAN_SANITIZE := n
obj-$(CONFIG_PPC32) += kasan_init_32.o
+obj-$(CONFIG_PPC_BOOK3E_64) += kasan_init_book3e_64.o
diff --git a/arch/powerpc/mm/kasan/kasan_init_book3e_64.c b/arch/powerpc/mm/kasan/kasan_init_book3e_64.c
new file mode 100644
index 000000000000..f116c211d83c
--- /dev/null
+++ b/arch/powerpc/mm/kasan/kasan_init_book3e_64.c
@@ -0,0 +1,50 @@
+// SPDX-License-Identifier: GPL-2.0
+
+#define DISABLE_BRANCH_PROFILING
+
+#include <linux/kasan.h>
+#include <linux/printk.h>
+#include <linux/memblock.h>
+#include <linux/sched/task.h>
+#include <asm/pgalloc.h>
+
+DEFINE_STATIC_KEY_FALSE(powerpc_kasan_enabled_key);
+
+static void __init kasan_init_region(struct memblock_region *reg)
+{
+ void *start = __va(reg->base);
+ void *end = __va(reg->base + reg->size);
+ unsigned long k_start, k_end, k_cur;
+
+ if (start >= end)
+ return;
+
+ k_start = (unsigned long)kasan_mem_to_shadow(start);
+ k_end = (unsigned long)kasan_mem_to_shadow(end);
+
+ for (k_cur = k_start; k_cur < k_end; k_cur += PAGE_SIZE) {
+ void *va = memblock_alloc(PAGE_SIZE, PAGE_SIZE);
+
+ map_kernel_page(k_cur, __pa(va), PAGE_KERNEL);
+ }
+ flush_tlb_kernel_range(k_start, k_end);
+}
+
+void __init kasan_init(void)
+{
+ struct memblock_region *reg;
+
+ for_each_memblock(memory, reg)
+ kasan_init_region(reg);
+
+ /* map the zero page RO */
+ map_kernel_page((unsigned long)kasan_early_shadow_page,
+ __pa(kasan_early_shadow_page), PAGE_KERNEL_RO);
+
+ /* Turn on checking */
+ static_branch_inc(&powerpc_kasan_enabled_key);
+
+ /* Enable error messages */
+ init_task.kasan_depth = 0;
+ pr_info("KASAN init done (64-bit Book3E)\n");
+}
diff --git a/arch/powerpc/mm/nohash/Makefile b/arch/powerpc/mm/nohash/Makefile
index 33b6f6f29d3f..310149f217d7 100644
--- a/arch/powerpc/mm/nohash/Makefile
+++ b/arch/powerpc/mm/nohash/Makefile
@@ -16,3 +16,8 @@ endif
# This is necessary for booting with kcov enabled on book3e machines
KCOV_INSTRUMENT_tlb.o := n
KCOV_INSTRUMENT_fsl_booke.o := n
+
+ifdef CONFIG_KASAN
+CFLAGS_fsl_booke_mmu.o += -DDISABLE_BRANCH_PROFILING
+CFLAGS_tlb.o += -DDISABLE_BRANCH_PROFILING
+endif
--
2.19.1
^ permalink raw reply related
* [RFC PATCH 5/7] kasan: allow arches to provide their own early shadow setup
From: Daniel Axtens @ 2019-05-23 5:21 UTC (permalink / raw)
To: aneesh.kumar, christophe.leroy, bsingharora
Cc: linuxppc-dev, kasan-dev, Daniel Axtens
In-Reply-To: <20190523052120.18459-1-dja@axtens.net>
powerpc supports several different MMUs. In particular, book3s
machines support both a hash-table based MMU and a radix MMU.
These MMUs support different numbers of entries per directory
level: PTES_PER_* reference variables. This leads to complier
errors as global variables must have constant sizes.
Allow architectures to manage their own early shadow variables
so we can work around this on powerpc.
Signed-off-by: Daniel Axtens <dja@axtens.net>
---
include/linux/kasan.h | 2 ++
mm/kasan/init.c | 10 ++++++++++
2 files changed, 12 insertions(+)
diff --git a/include/linux/kasan.h b/include/linux/kasan.h
index a630d53f1a36..dfee2b42d799 100644
--- a/include/linux/kasan.h
+++ b/include/linux/kasan.h
@@ -18,11 +18,13 @@ struct task_struct;
static inline bool kasan_arch_is_ready(void) { return true; }
#endif
+#ifndef ARCH_HAS_KASAN_EARLY_SHADOW
extern unsigned char kasan_early_shadow_page[PAGE_SIZE];
extern pte_t kasan_early_shadow_pte[PTRS_PER_PTE];
extern pmd_t kasan_early_shadow_pmd[PTRS_PER_PMD];
extern pud_t kasan_early_shadow_pud[PTRS_PER_PUD];
extern p4d_t kasan_early_shadow_p4d[MAX_PTRS_PER_P4D];
+#endif
int kasan_populate_early_shadow(const void *shadow_start,
const void *shadow_end);
diff --git a/mm/kasan/init.c b/mm/kasan/init.c
index ce45c491ebcd..2522382bf374 100644
--- a/mm/kasan/init.c
+++ b/mm/kasan/init.c
@@ -31,10 +31,14 @@
* - Latter it reused it as zero shadow to cover large ranges of memory
* that allowed to access, but not handled by kasan (vmalloc/vmemmap ...).
*/
+#ifndef ARCH_HAS_KASAN_EARLY_SHADOW
unsigned char kasan_early_shadow_page[PAGE_SIZE] __page_aligned_bss;
+#endif
#if CONFIG_PGTABLE_LEVELS > 4
+#ifndef ARCH_HAS_KASAN_EARLY_SHADOW
p4d_t kasan_early_shadow_p4d[MAX_PTRS_PER_P4D] __page_aligned_bss;
+#endif
static inline bool kasan_p4d_table(pgd_t pgd)
{
return pgd_page(pgd) == virt_to_page(lm_alias(kasan_early_shadow_p4d));
@@ -46,7 +50,9 @@ static inline bool kasan_p4d_table(pgd_t pgd)
}
#endif
#if CONFIG_PGTABLE_LEVELS > 3
+#ifndef ARCH_HAS_KASAN_EARLY_SHADOW
pud_t kasan_early_shadow_pud[PTRS_PER_PUD] __page_aligned_bss;
+#endif
static inline bool kasan_pud_table(p4d_t p4d)
{
return p4d_page(p4d) == virt_to_page(lm_alias(kasan_early_shadow_pud));
@@ -58,7 +64,9 @@ static inline bool kasan_pud_table(p4d_t p4d)
}
#endif
#if CONFIG_PGTABLE_LEVELS > 2
+#ifndef ARCH_HAS_KASAN_EARLY_SHADOW
pmd_t kasan_early_shadow_pmd[PTRS_PER_PMD] __page_aligned_bss;
+#endif
static inline bool kasan_pmd_table(pud_t pud)
{
return pud_page(pud) == virt_to_page(lm_alias(kasan_early_shadow_pmd));
@@ -69,7 +77,9 @@ static inline bool kasan_pmd_table(pud_t pud)
return false;
}
#endif
+#ifndef ARCH_HAS_KASAN_EARLY_SHADOW
pte_t kasan_early_shadow_pte[PTRS_PER_PTE] __page_aligned_bss;
+#endif
static inline bool kasan_pte_table(pmd_t pmd)
{
--
2.19.1
^ permalink raw reply related
* [RFC PATCH 6/7] kasan: allow arches to hook into global registration
From: Daniel Axtens @ 2019-05-23 5:21 UTC (permalink / raw)
To: aneesh.kumar, christophe.leroy, bsingharora
Cc: linuxppc-dev, kasan-dev, Daniel Axtens
In-Reply-To: <20190523052120.18459-1-dja@axtens.net>
Not all arches have a specific space carved out for modules -
some, such as powerpc, just use regular vmalloc space. Therefore,
globals in these modules cannot be backed by real shadow memory.
In order to allow arches to perform this check, add a hook.
Signed-off-by: Daniel Axtens <dja@axtens.net>
---
include/linux/kasan.h | 5 +++++
mm/kasan/generic.c | 3 +++
2 files changed, 8 insertions(+)
diff --git a/include/linux/kasan.h b/include/linux/kasan.h
index dfee2b42d799..4752749e4797 100644
--- a/include/linux/kasan.h
+++ b/include/linux/kasan.h
@@ -18,6 +18,11 @@ struct task_struct;
static inline bool kasan_arch_is_ready(void) { return true; }
#endif
+#ifndef kasan_arch_can_register_global
+static inline bool kasan_arch_can_register_global(const void * addr) { return true; }
+#endif
+
+
#ifndef ARCH_HAS_KASAN_EARLY_SHADOW
extern unsigned char kasan_early_shadow_page[PAGE_SIZE];
extern pte_t kasan_early_shadow_pte[PTRS_PER_PTE];
diff --git a/mm/kasan/generic.c b/mm/kasan/generic.c
index 0336f31bbae3..935b06f659a0 100644
--- a/mm/kasan/generic.c
+++ b/mm/kasan/generic.c
@@ -208,6 +208,9 @@ static void register_global(struct kasan_global *global)
{
size_t aligned_size = round_up(global->size, KASAN_SHADOW_SCALE_SIZE);
+ if (!kasan_arch_can_register_global(global->beg))
+ return;
+
kasan_unpoison_shadow(global->beg, global->size);
kasan_poison_shadow(global->beg + aligned_size,
--
2.19.1
^ permalink raw reply related
* [RFC PATCH 7/7] powerpc: Book3S 64-bit "heavyweight" KASAN support
From: Daniel Axtens @ 2019-05-23 5:21 UTC (permalink / raw)
To: aneesh.kumar, christophe.leroy, bsingharora
Cc: linuxppc-dev, kasan-dev, Daniel Axtens
In-Reply-To: <20190523052120.18459-1-dja@axtens.net>
KASAN support on powerpc64 is interesting:
- We want to be able to support inline instrumentation so as to be
able to catch global and stack issues.
- We run a lot of code at boot in real mode. This includes stuff like
printk(), so it's not feasible to just disable instrumentation
around it.
[For those not immersed in ppc64, in real mode, the top nibble or
byte (depending on radix/hash mmu) of the address is ignored. To
make things work, we put the linear mapping at
0xc000000000000000. This means that a pointer to part of the linear
mapping will work both in real mode, where it will be interpreted
as a physical address of the form 0x000..., and out of real mode,
where it will go via the linear mapping.]
- Inline instrumentation requires a fixed offset.
- Because of our running things in real mode, the offset has to
point to valid memory both in and out of real mode.
This makes finding somewhere to put the KASAN shadow region a bit fun.
One approach is just to give up on inline instrumentation; and this is
what the 64 bit book3e code does. This way we can delay all checks
until after we get everything set up to our satisfaction. However,
we'd really like to do better.
What we can do - if we know _at compile time_ how much physical memory
we have - is to set aside the top 1/8th of the memory and use that.
This is a big hammer (hence the "heavyweight" name) and comes with 2
big consequences:
- kernels will simply fail to boot on machines with less memory than
specified when compiling.
- kernels running on machines with more memory than specified when
compiling will simply ignore the extra memory.
If you can bear this consequence, you get pretty full support for
KASAN.
This is still pretty WIP but I wanted to get it out there sooner
rather than later. Ongoing work:
- Currently incompatible with KUAP (top priority to fix)
- Currently incompatible with ftrace (no idea why yet)
- Only supports radix at the moment
- Very minimal testing (boots a Ubuntu VM, test_kasan runs)
- Extend 'lightweight' outline support from book3e that will work
without requring memory to be known at compile time.
- It assumes physical memory is contiguous. I don't really think
we can get around this, so we should try to ensure it.
Despite the limitations, it can still find bugs,
e.g. http://patchwork.ozlabs.org/patch/1103775/
Massive thanks to mpe, who had the idea for the initial design.
Signed-off-by: Daniel Axtens <dja@axtens.net>
---
Tested on qemu-pseries and qemu-powernv, seems to work on both
of those. Does not work on the talos that I tested on, no idea
why yet.
---
arch/powerpc/Kconfig | 1 +
arch/powerpc/Kconfig.debug | 15 +++++
arch/powerpc/Makefile | 7 ++
arch/powerpc/include/asm/kasan.h | 45 +++++++++++++
arch/powerpc/kernel/prom.c | 40 ++++++++++++
arch/powerpc/mm/kasan/Makefile | 1 +
arch/powerpc/mm/kasan/kasan_init_book3s_64.c | 67 ++++++++++++++++++++
7 files changed, 176 insertions(+)
create mode 100644 arch/powerpc/mm/kasan/kasan_init_book3s_64.c
diff --git a/arch/powerpc/Kconfig b/arch/powerpc/Kconfig
index 4e266b019dd7..203cd07cf6e0 100644
--- a/arch/powerpc/Kconfig
+++ b/arch/powerpc/Kconfig
@@ -171,6 +171,7 @@ config PPC
select HAVE_ARCH_JUMP_LABEL
select HAVE_ARCH_KASAN if PPC32
select HAVE_ARCH_KASAN if PPC_BOOK3E_64 && !SPARSEMEM_VMEMMAP
+ select HAVE_ARCH_KASAN if PPC_BOOK3S_64 && !CONFIG_FTRACE && !PPC_KUAP
select HAVE_ARCH_KGDB
select HAVE_ARCH_MMAP_RND_BITS
select HAVE_ARCH_MMAP_RND_COMPAT_BITS if COMPAT
diff --git a/arch/powerpc/Kconfig.debug b/arch/powerpc/Kconfig.debug
index 23a37facc854..c0916408668c 100644
--- a/arch/powerpc/Kconfig.debug
+++ b/arch/powerpc/Kconfig.debug
@@ -394,6 +394,21 @@ config PPC_FAST_ENDIAN_SWITCH
help
If you're unsure what this is, say N.
+config PHYS_MEM_SIZE_FOR_KASAN
+ int "Physical memory size for KASAN (MB)"
+ depends on KASAN && PPC_BOOK3S_64
+ help
+ To get inline instrumentation support for KASAN on 64-bit Book3S
+ machines, you need to specify how much physical memory your system
+ has. A shadow offset will be calculated based on this figure, which
+ will be compiled in to the kernel. KASAN will use this offset to
+ access its shadow region, which is used to verify memory accesses.
+
+ If you attempt to boot on a system with less memory than you specify
+ here, your system will fail to boot very early in the process. If you
+ boot on a system with more memory than you specify, the extra memory
+ will wasted - it will be reserved and not used.
+
config KASAN_SHADOW_OFFSET
hex
depends on KASAN && PPC32
diff --git a/arch/powerpc/Makefile b/arch/powerpc/Makefile
index c345b79414a9..33e7bba4c8db 100644
--- a/arch/powerpc/Makefile
+++ b/arch/powerpc/Makefile
@@ -229,6 +229,13 @@ ifdef CONFIG_476FPE_ERR46
-T $(srctree)/arch/powerpc/platforms/44x/ppc476_modules.lds
endif
+ifdef CONFIG_KASAN
+ifdef CONFIG_PPC_BOOK3S_64
+# 0xa800000000000000 = 12105675798371893248
+KASAN_SHADOW_OFFSET = $(shell echo 7 \* 1024 \* 1024 \* $(CONFIG_PHYS_MEM_SIZE_FOR_KASAN) / 8 + 12105675798371893248 | bc)
+endif
+endif
+
# No AltiVec or VSX instructions when building kernel
KBUILD_CFLAGS += $(call cc-option,-mno-altivec)
KBUILD_CFLAGS += $(call cc-option,-mno-vsx)
diff --git a/arch/powerpc/include/asm/kasan.h b/arch/powerpc/include/asm/kasan.h
index ae410f0e060d..7f75f904998b 100644
--- a/arch/powerpc/include/asm/kasan.h
+++ b/arch/powerpc/include/asm/kasan.h
@@ -107,5 +107,50 @@ static inline bool kasan_addr_has_shadow_book3e(const void *ptr)
#endif /* CONFIG_PPC_BOOK3E_64 */
+#ifdef CONFIG_PPC_BOOK3S_64
+#include <asm/pgtable.h>
+#include <linux/jump_label.h>
+
+/*
+ * The KASAN shadow offset is such that the linear map (0xc000...) is
+ * shadowed by the last 8th of physical memory. This way, if the code
+ * uses 0xc addresses throughout, accesses work both in in real mode
+ * (where the top nibble is ignored) and outside of real mode.
+ */
+#define KASAN_SHADOW_OFFSET ((u64)CONFIG_PHYS_MEM_SIZE_FOR_KASAN * \
+ 1024 * 1024 * 7 / 8 + 0xa800000000000000UL)
+
+#define KASAN_SHADOW_SIZE ((u64)CONFIG_PHYS_MEM_SIZE_FOR_KASAN * \
+ 1024 * 1024 * 1 / 8)
+
+static inline bool kasan_arch_can_register_global_book3s(const void * addr) {
+
+ /*
+ * We don't define a particular area for modules, we just put them in
+ * vmalloc space. This means that they live in an area backed entirely
+ * by our read-only zero page. The global registration system is not
+ * smart enough to deal with this and attempts to poison it, which
+ * blows up. Unless we want to split out an area of vmalloc space for
+ * modules and back it with real shadow memory, just refuse to register
+ * globals in vmalloc space.
+ */
+
+ return ((unsigned long)addr < VMALLOC_START);
+}
+#define kasan_arch_can_register_global kasan_arch_can_register_global_book3s
+
+#define ARCH_HAS_KASAN_EARLY_SHADOW
+extern unsigned char kasan_early_shadow_page[PAGE_SIZE];
+
+#define R_PTRS_PER_PTE (1 << RADIX_PTE_INDEX_SIZE)
+#define R_PTRS_PER_PMD (1 << RADIX_PMD_INDEX_SIZE)
+#define R_PTRS_PER_PUD (1 << RADIX_PUD_INDEX_SIZE)
+extern pte_t kasan_early_shadow_pte[R_PTRS_PER_PTE];
+extern pmd_t kasan_early_shadow_pmd[R_PTRS_PER_PMD];
+extern pud_t kasan_early_shadow_pud[R_PTRS_PER_PUD];
+extern p4d_t kasan_early_shadow_p4d[MAX_PTRS_PER_P4D];
+
+#endif
+
#endif /* __ASSEMBLY */
#endif
diff --git a/arch/powerpc/kernel/prom.c b/arch/powerpc/kernel/prom.c
index 4221527b082f..7ae90942d52f 100644
--- a/arch/powerpc/kernel/prom.c
+++ b/arch/powerpc/kernel/prom.c
@@ -75,6 +75,7 @@ unsigned long tce_alloc_start, tce_alloc_end;
u64 ppc64_rma_size;
#endif
static phys_addr_t first_memblock_size;
+static phys_addr_t top_phys_addr;
static int __initdata boot_cpu_count;
static int __init early_parse_mem(char *p)
@@ -573,6 +574,9 @@ void __init early_init_dt_add_memory_arch(u64 base, u64 size)
first_memblock_size = size;
}
+ if (base + size > top_phys_addr)
+ top_phys_addr = base + size;
+
/* Add the chunk to the MEMBLOCK list */
if (add_mem_to_memblock) {
if (validate_mem_limit(base, &size))
@@ -616,6 +620,8 @@ static void __init early_reserve_mem_dt(void)
static void __init early_reserve_mem(void)
{
__be64 *reserve_map;
+ phys_addr_t kasan_shadow_start __maybe_unused;
+ phys_addr_t kasan_memory_size __maybe_unused;
reserve_map = (__be64 *)(((unsigned long)initial_boot_params) +
fdt_off_mem_rsvmap(initial_boot_params));
@@ -654,6 +660,40 @@ static void __init early_reserve_mem(void)
return;
}
#endif
+
+#if defined(CONFIG_KASAN) && defined(CONFIG_PPC_BOOK3S_64)
+ kasan_memory_size = (unsigned long long)CONFIG_PHYS_MEM_SIZE_FOR_KASAN
+ * 1024 * 1024;
+ if (top_phys_addr < kasan_memory_size) {
+ /*
+ * We are doomed. Attempts to call e.g. panic() are likely to
+ * fail because they call out into instrumented code, which
+ * will almost certainly access memory beyond the end of
+ * physical memory. Hang here so that at least the NIP points
+ * somewhere that will help you debug it if you look at it in
+ * qemu.
+ */
+ while (true) ;
+ } else if (top_phys_addr > kasan_memory_size) {
+ /* print a biiiig warning in hopes people notice */
+ pr_err("==================================================\n"
+ "Physical memory exceeds compiled-in maximum!\n"
+ "This kernel was compiled for KASAN with %u MB physical"
+ "memory\n"
+ "The actual physical memory detected is %llu MB\n"
+ "Memory above the compiled limit will be ignored!\n"
+ "==================================================\n",
+ CONFIG_PHYS_MEM_SIZE_FOR_KASAN,
+ top_phys_addr / (1024 * 1024));
+ }
+
+ kasan_shadow_start = _ALIGN_DOWN(kasan_memory_size * 7 / 8, PAGE_SIZE);
+ DBG("reserving %llx -> %llx for KASAN",
+ kasan_shadow_start, top_phys_addr);
+ memblock_reserve(kasan_shadow_start,
+ top_phys_addr - kasan_shadow_start);
+#endif
+
}
#ifdef CONFIG_PPC_TRANSACTIONAL_MEM
diff --git a/arch/powerpc/mm/kasan/Makefile b/arch/powerpc/mm/kasan/Makefile
index f8f164ad8ade..1f52f688751d 100644
--- a/arch/powerpc/mm/kasan/Makefile
+++ b/arch/powerpc/mm/kasan/Makefile
@@ -4,3 +4,4 @@ KASAN_SANITIZE := n
obj-$(CONFIG_PPC32) += kasan_init_32.o
obj-$(CONFIG_PPC_BOOK3E_64) += kasan_init_book3e_64.o
+obj-$(CONFIG_PPC_BOOK3S_64) += kasan_init_book3s_64.o
diff --git a/arch/powerpc/mm/kasan/kasan_init_book3s_64.c b/arch/powerpc/mm/kasan/kasan_init_book3s_64.c
new file mode 100644
index 000000000000..dce34120959b
--- /dev/null
+++ b/arch/powerpc/mm/kasan/kasan_init_book3s_64.c
@@ -0,0 +1,67 @@
+// SPDX-License-Identifier: GPL-2.0
+/*
+ * KASAN for 64-bit Book3S powerpc
+ *
+ * Copyright (C) 2019 IBM Corporation
+ * Author: Daniel Axtens <dja@axtens.net>
+ */
+
+#define DISABLE_BRANCH_PROFILING
+
+#include <linux/kasan.h>
+#include <linux/printk.h>
+#include <linux/sched/task.h>
+#include <asm/pgalloc.h>
+
+unsigned char kasan_early_shadow_page[PAGE_SIZE] __page_aligned_bss;
+
+pte_t kasan_early_shadow_pte[R_PTRS_PER_PTE] __page_aligned_bss;
+pmd_t kasan_early_shadow_pmd[R_PTRS_PER_PMD] __page_aligned_bss;
+pud_t kasan_early_shadow_pud[R_PTRS_PER_PUD] __page_aligned_bss;
+p4d_t kasan_early_shadow_p4d[MAX_PTRS_PER_P4D] __page_aligned_bss;
+
+void __init kasan_init(void)
+{
+ int i;
+ void * k_start = kasan_mem_to_shadow((void *)RADIX_KERN_VIRT_START);
+ void * k_end = kasan_mem_to_shadow((void *)RADIX_VMEMMAP_END);
+
+ unsigned long pte_val = __pa(kasan_early_shadow_page)
+ | pgprot_val(PAGE_KERNEL) | _PAGE_PTE;
+
+ if (!early_radix_enabled())
+ panic("KASAN requires radix!");
+
+ for (i = 0; i < PTRS_PER_PTE; i++)
+ kasan_early_shadow_pte[i] = __pte(pte_val);
+
+ for (i = 0; i < PTRS_PER_PMD; i++)
+ pmd_populate_kernel(&init_mm, &kasan_early_shadow_pmd[i],
+ kasan_early_shadow_pte);
+
+ for (i = 0; i < PTRS_PER_PUD; i++)
+ pud_populate(&init_mm, &kasan_early_shadow_pud[i],
+ kasan_early_shadow_pmd);
+
+
+ memset(kasan_mem_to_shadow((void*)PAGE_OFFSET), KASAN_SHADOW_INIT,
+ KASAN_SHADOW_SIZE);
+
+ kasan_populate_early_shadow(k_start, k_end);
+ flush_tlb_kernel_range((unsigned long)k_start, (unsigned long)k_end);
+
+ /* mark early shadow region as RO and wipe */
+ for (i = 0; i < PTRS_PER_PTE; i++)
+ __set_pte_at(&init_mm, (unsigned long)kasan_early_shadow_page,
+ &kasan_early_shadow_pte[i],
+ pfn_pte(virt_to_pfn(kasan_early_shadow_page),
+ __pgprot(_PAGE_PTE | _PAGE_KERNEL_RO | _PAGE_BASE)),
+ 0);
+ memset(kasan_early_shadow_page, 0, PAGE_SIZE);
+
+ kasan_init_tags();
+
+ /* Enable error messages */
+ init_task.kasan_depth = 0;
+ pr_info("KASAN init done (64-bit Book3S heavyweight mode)\n");
+}
--
2.19.1
^ permalink raw reply related
* [RFC PATCH] powerpc: fix kexec failure on book3s/32
From: Christophe Leroy @ 2019-05-23 5:24 UTC (permalink / raw)
To: Aaro Koskinen; +Cc: linuxppc-dev
In-Reply-To: <20190522211724.GC456@darkstar.musicnaut.iki.fi>
Fixes: 63b2bc619565 ("powerpc/mm/32s: Use BATs for STRICT_KERNEL_RWX")
Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr>
---
arch/powerpc/kernel/machine_kexec_32.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/arch/powerpc/kernel/machine_kexec_32.c b/arch/powerpc/kernel/machine_kexec_32.c
index affe5dcce7f4..b6a4250b9ee0 100644
--- a/arch/powerpc/kernel/machine_kexec_32.c
+++ b/arch/powerpc/kernel/machine_kexec_32.c
@@ -54,6 +54,8 @@ void default_machine_kexec(struct kimage *image)
memcpy((void *)reboot_code_buffer, relocate_new_kernel,
relocate_new_kernel_size);
+ mtsrin(mfsrin(reboot_code_buffer) & ~SR_NX, reboot_code_buffer);
+
flush_icache_range(reboot_code_buffer,
reboot_code_buffer + KEXEC_CONTROL_PAGE_SIZE);
printk(KERN_INFO "Bye!\n");
--
2.13.3
^ permalink raw reply related
* Re: [BISECTED] kexec regression on PowerBook G4
From: Christophe Leroy @ 2019-05-23 5:33 UTC (permalink / raw)
To: Aaro Koskinen; +Cc: linuxppc-dev
In-Reply-To: <20190522211724.GC456@darkstar.musicnaut.iki.fi>
Hi,
Le 22/05/2019 à 23:17, Aaro Koskinen a écrit :
> Hi,
>
> On Wed, May 22, 2019 at 10:33:35PM +0200, LEROY Christophe wrote:
>> Can you provide full details of the Oops you get ? And also your System.map ?
>
> System.map is below. The oops log is attached as jpeg (crappy camera
> shoot, apologies, I hope it gets through) as the only way I can see it
> is the frame buffer display.
>
>> Also build with CONFIG_PPC_PTDUMP and mount /sys/kernel/debug and give
>> content of /sys/kernel/debug/powerpc/block_address_translation and
>> .../segment_registers before the failing kexec, and also
>> /sys/kernel/debug/kernel_page_tables
>
> The kernel that fails is essentially headless without any input access. I
> could probably do this if needed, but it's going to take a while...
>
Ok, the Oops confirms that the error is due to executing the kexec
control code which is located outside the kernel text area.
My yesterday's proposed change doesn't work because on book3S/32, NX
protection is based on setting segments to NX, and using IBATs for
kernel text.
Can you try the patch I sent out a few minutes ago ?
(https://patchwork.ozlabs.org/patch/1103827/)
Thanks
Christophe
^ permalink raw reply
* Re: [RFC PATCH 0/7] powerpc: KASAN for 64-bit 3s radix
From: Christophe Leroy @ 2019-05-23 6:10 UTC (permalink / raw)
To: Daniel Axtens, aneesh.kumar, bsingharora; +Cc: linuxppc-dev, kasan-dev
In-Reply-To: <20190523052120.18459-1-dja@axtens.net>
Hi Daniel,
Le 23/05/2019 à 07:21, Daniel Axtens a écrit :
> Building on the work of Christophe, Aneesh and Balbir, I've ported
> KASAN to Book3S radix.
>
> It builds on top Christophe's work on 32bit, and includes my work for
> 64-bit Book3E (3S doesn't really depend on 3E, but it was handy to
> have around when developing and debugging).
>
> This provides full inline instrumentation on radix, but does require
> that you be able to specify the amount of memory on the system at
> compile time. More details in patch 7.
>
> Regards,
> Daniel
>
> Daniel Axtens (7):
> kasan: do not open-code addr_has_shadow
> kasan: allow architectures to manage the memory-to-shadow mapping
> kasan: allow architectures to provide an outline readiness check
> powerpc: KASAN for 64bit Book3E
I see you are still hacking the core part of KASAN.
Did you have a look at my RFC patch
(https://patchwork.ozlabs.org/patch/1068260/) which demonstrate that
full KASAN can be implemented on book3E/64 without those hacks ?
Christophe
> kasan: allow arches to provide their own early shadow setup
> kasan: allow arches to hook into global registration
> powerpc: Book3S 64-bit "heavyweight" KASAN support
>
> arch/powerpc/Kconfig | 2 +
> arch/powerpc/Kconfig.debug | 17 ++-
> arch/powerpc/Makefile | 7 ++
> arch/powerpc/include/asm/kasan.h | 116 +++++++++++++++++++
> arch/powerpc/kernel/prom.c | 40 +++++++
> arch/powerpc/mm/kasan/Makefile | 2 +
> arch/powerpc/mm/kasan/kasan_init_book3e_64.c | 50 ++++++++
> arch/powerpc/mm/kasan/kasan_init_book3s_64.c | 67 +++++++++++
> arch/powerpc/mm/nohash/Makefile | 5 +
> include/linux/kasan.h | 13 +++
> mm/kasan/generic.c | 9 +-
> mm/kasan/generic_report.c | 2 +-
> mm/kasan/init.c | 10 ++
> mm/kasan/kasan.h | 6 +-
> mm/kasan/report.c | 6 +-
> mm/kasan/tags.c | 3 +-
> 16 files changed, 345 insertions(+), 10 deletions(-)
> create mode 100644 arch/powerpc/mm/kasan/kasan_init_book3e_64.c
> create mode 100644 arch/powerpc/mm/kasan/kasan_init_book3s_64.c
>
^ permalink raw reply
* Re: [RFC PATCH 3/7] kasan: allow architectures to provide an outline readiness check
From: Christophe Leroy @ 2019-05-23 6:14 UTC (permalink / raw)
To: Daniel Axtens, aneesh.kumar, bsingharora
Cc: linuxppc-dev, Aneesh Kumar K . V, kasan-dev
In-Reply-To: <20190523052120.18459-4-dja@axtens.net>
Le 23/05/2019 à 07:21, Daniel Axtens a écrit :
> In powerpc (as I understand it), we spend a lot of time in boot
> running in real mode before MMU paging is initialised. During
> this time we call a lot of generic code, including printk(). If
> we try to access the shadow region during this time, things fail.
>
> My attempts to move early init before the first printk have not
> been successful. (Both previous RFCs for ppc64 - by 2 different
> people - have needed this trick too!)
I have been able to do it successfully for BOOK3E/64, see
https://patchwork.ozlabs.org/patch/1068260/ for the details.
Christophe
>
> So, allow architectures to define a kasan_arch_is_ready()
> hook that bails out of check_memory_region_inline() unless the
> arch has done all of the init.
>
> Link: https://lore.kernel.org/patchwork/patch/592820/ # ppc64 hash series
> Link: https://patchwork.ozlabs.org/patch/795211/ # ppc radix series
> Originally-by: Balbir Singh <bsingharora@gmail.com>
> Cc: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
> Signed-off-by: Daniel Axtens <dja@axtens.net>
> [check_return_arch_not_ready() ==> static inline kasan_arch_is_ready()]
> Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr>
> ---
> include/linux/kasan.h | 4 ++++
> mm/kasan/generic.c | 3 +++
> 2 files changed, 7 insertions(+)
>
> diff --git a/include/linux/kasan.h b/include/linux/kasan.h
> index f6261840f94c..a630d53f1a36 100644
> --- a/include/linux/kasan.h
> +++ b/include/linux/kasan.h
> @@ -14,6 +14,10 @@ struct task_struct;
> #include <asm/kasan.h>
> #include <asm/pgtable.h>
>
> +#ifndef kasan_arch_is_ready
> +static inline bool kasan_arch_is_ready(void) { return true; }
> +#endif
> +
> extern unsigned char kasan_early_shadow_page[PAGE_SIZE];
> extern pte_t kasan_early_shadow_pte[PTRS_PER_PTE];
> extern pmd_t kasan_early_shadow_pmd[PTRS_PER_PMD];
> diff --git a/mm/kasan/generic.c b/mm/kasan/generic.c
> index a5b28e3ceacb..0336f31bbae3 100644
> --- a/mm/kasan/generic.c
> +++ b/mm/kasan/generic.c
> @@ -170,6 +170,9 @@ static __always_inline void check_memory_region_inline(unsigned long addr,
> size_t size, bool write,
> unsigned long ret_ip)
> {
> + if (!kasan_arch_is_ready())
> + return;
> +
> if (unlikely(size == 0))
> return;
>
>
^ permalink raw reply
* Re: [PATCH v3 14/16] powerpc/32: implement fast entry for syscalls on BOOKE
From: Paul Mackerras @ 2019-05-23 6:14 UTC (permalink / raw)
To: Christophe Leroy; +Cc: linuxppc-dev, linux-kernel, Nicholas Piggin
In-Reply-To: <3e254178a157e7eaeef48f983880f71f97d1f296.1556627571.git.christophe.leroy@c-s.fr>
On Tue, Apr 30, 2019 at 12:39:03PM +0000, Christophe Leroy wrote:
> This patch implements a fast entry for syscalls.
>
> Syscalls don't have to preserve non volatile registers except LR.
>
> This patch then implement a fast entry for syscalls, where
> volatile registers get clobbered.
>
> As this entry is dedicated to syscall it always sets MSR_EE
> and warns in case MSR_EE was previously off
>
> It also assumes that the call is always from user, system calls are
> unexpected from kernel.
This is now upstream as commit 1a4b739bbb4f. On the e500mc test
config that I use, I'm getting this build failure:
arch/powerpc/kernel/head_fsl_booke.o: In function `SystemCall':
arch/powerpc/kernel/head_fsl_booke.S:416: undefined reference to `kvmppc_handler_BOOKE_INTERRUPT_SYSCALL_SPRN_SRR1'
Makefile:1052: recipe for target 'vmlinux' failed
> +.macro SYSCALL_ENTRY trapno intno
> + mfspr r10, SPRN_SPRG_THREAD
> +#ifdef CONFIG_KVM_BOOKE_HV
> +BEGIN_FTR_SECTION
> + mtspr SPRN_SPRG_WSCRATCH0, r10
> + stw r11, THREAD_NORMSAVE(0)(r10)
> + stw r13, THREAD_NORMSAVE(2)(r10)
> + mfcr r13 /* save CR in r13 for now */
> + mfspr r11, SPRN_SRR1
> + mtocrf 0x80, r11 /* check MSR[GS] without clobbering reg */
> + bf 3, 1975f
> + b kvmppc_handler_BOOKE_INTERRUPT_\intno\()_SPRN_SRR1
It seems to me that the "_SPRN_SRR1" on the end of this line
isn't meant to be there... However, it still fails to link with that
removed.
Paul.
^ permalink raw reply
* Re: [RFC PATCH 4/7] powerpc: KASAN for 64bit Book3E
From: Christophe Leroy @ 2019-05-23 6:15 UTC (permalink / raw)
To: Daniel Axtens, aneesh.kumar, bsingharora
Cc: linuxppc-dev, Aneesh Kumar K . V, kasan-dev
In-Reply-To: <20190523052120.18459-5-dja@axtens.net>
Le 23/05/2019 à 07:21, Daniel Axtens a écrit :
> Wire up KASAN. Only outline instrumentation is supported.
>
> The KASAN shadow area is mapped into vmemmap space:
> 0x8000 0400 0000 0000 to 0x8000 0600 0000 0000.
> To do this we require that vmemmap be disabled. (This is the default
> in the kernel config that QorIQ provides for the machine in their
> SDK anyway - they use flat memory.)
>
> Only the kernel linear mapping (0xc000...) is checked. The vmalloc and
> ioremap areas (also in 0x800...) are all mapped to the zero page. As
> with the Book3S hash series, this requires overriding the memory <->
> shadow mapping.
>
> Also, as with both previous 64-bit series, early instrumentation is not
> supported. It would allow us to drop the check_return_arch_not_ready()
> hook in the KASAN core, but it's tricky to get it set up early enough:
> we need it setup before the first call to instrumented code like printk().
> Perhaps in the future.
>
> Only KASAN_MINIMAL works.
See https://patchwork.ozlabs.org/patch/1068260/ for a full implementation
Christophe
>
> Tested on e6500. KVM, kexec and xmon have not been tested.
>
> The test_kasan module fires warnings as expected, except for the
> following tests:
>
> - Expected/by design:
> kasan test: memcg_accounted_kmem_cache allocate memcg accounted object
>
> - Due to only supporting KASAN_MINIMAL:
> kasan test: kasan_stack_oob out-of-bounds on stack
> kasan test: kasan_global_oob out-of-bounds global variable
> kasan test: kasan_alloca_oob_left out-of-bounds to left on alloca
> kasan test: kasan_alloca_oob_right out-of-bounds to right on alloca
> kasan test: use_after_scope_test use-after-scope on int
> kasan test: use_after_scope_test use-after-scope on array
>
> Thanks to those who have done the heavy lifting over the past several
> years:
> - Christophe's 32 bit series: https://lists.ozlabs.org/pipermail/linuxppc-dev/2019-February/185379.html
> - Aneesh's Book3S hash series: https://lwn.net/Articles/655642/
> - Balbir's Book3S radix series: https://patchwork.ozlabs.org/patch/795211/
>
> Cc: Christophe Leroy <christophe.leroy@c-s.fr>
> Cc: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
> Cc: Balbir Singh <bsingharora@gmail.com>
> Signed-off-by: Daniel Axtens <dja@axtens.net>
> [- Removed EXPORT_SYMBOL of the static key
> - Fixed most checkpatch problems
> - Replaced kasan_zero_page[] by kasan_early_shadow_page[]
> - Reduced casting mess by using intermediate locals
> - Fixed build failure on pmac32_defconfig]
> Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr>
> ---
> arch/powerpc/Kconfig | 1 +
> arch/powerpc/Kconfig.debug | 2 +-
> arch/powerpc/include/asm/kasan.h | 71 ++++++++++++++++++++
> arch/powerpc/mm/kasan/Makefile | 1 +
> arch/powerpc/mm/kasan/kasan_init_book3e_64.c | 50 ++++++++++++++
> arch/powerpc/mm/nohash/Makefile | 5 ++
> 6 files changed, 129 insertions(+), 1 deletion(-)
> create mode 100644 arch/powerpc/mm/kasan/kasan_init_book3e_64.c
>
> diff --git a/arch/powerpc/Kconfig b/arch/powerpc/Kconfig
> index 6a66a2da5b1a..4e266b019dd7 100644
> --- a/arch/powerpc/Kconfig
> +++ b/arch/powerpc/Kconfig
> @@ -170,6 +170,7 @@ config PPC
> select HAVE_ARCH_AUDITSYSCALL
> select HAVE_ARCH_JUMP_LABEL
> select HAVE_ARCH_KASAN if PPC32
> + select HAVE_ARCH_KASAN if PPC_BOOK3E_64 && !SPARSEMEM_VMEMMAP
> select HAVE_ARCH_KGDB
> select HAVE_ARCH_MMAP_RND_BITS
> select HAVE_ARCH_MMAP_RND_COMPAT_BITS if COMPAT
> diff --git a/arch/powerpc/Kconfig.debug b/arch/powerpc/Kconfig.debug
> index c59920920ddc..23a37facc854 100644
> --- a/arch/powerpc/Kconfig.debug
> +++ b/arch/powerpc/Kconfig.debug
> @@ -396,5 +396,5 @@ config PPC_FAST_ENDIAN_SWITCH
>
> config KASAN_SHADOW_OFFSET
> hex
> - depends on KASAN
> + depends on KASAN && PPC32
> default 0xe0000000
> diff --git a/arch/powerpc/include/asm/kasan.h b/arch/powerpc/include/asm/kasan.h
> index 296e51c2f066..ae410f0e060d 100644
> --- a/arch/powerpc/include/asm/kasan.h
> +++ b/arch/powerpc/include/asm/kasan.h
> @@ -21,12 +21,15 @@
> #define KASAN_SHADOW_START (KASAN_SHADOW_OFFSET + \
> (PAGE_OFFSET >> KASAN_SHADOW_SCALE_SHIFT))
>
> +#ifdef CONFIG_PPC32
> #define KASAN_SHADOW_OFFSET ASM_CONST(CONFIG_KASAN_SHADOW_OFFSET)
>
> #define KASAN_SHADOW_END 0UL
>
> #define KASAN_SHADOW_SIZE (KASAN_SHADOW_END - KASAN_SHADOW_START)
>
> +#endif /* CONFIG_PPC32 */
> +
> #ifdef CONFIG_KASAN
> void kasan_early_init(void);
> void kasan_mmu_init(void);
> @@ -36,5 +39,73 @@ static inline void kasan_init(void) { }
> static inline void kasan_mmu_init(void) { }
> #endif
>
> +#ifdef CONFIG_PPC_BOOK3E_64
> +#include <asm/pgtable.h>
> +#include <linux/jump_label.h>
> +
> +/*
> + * We don't put this in Kconfig as we only support KASAN_MINIMAL, and
> + * that will be disabled if the symbol is available in Kconfig
> + */
> +#define KASAN_SHADOW_OFFSET ASM_CONST(0x6800040000000000)
> +
> +#define KASAN_SHADOW_SIZE (KERN_VIRT_SIZE >> KASAN_SHADOW_SCALE_SHIFT)
> +
> +extern struct static_key_false powerpc_kasan_enabled_key;
> +extern unsigned char kasan_early_shadow_page[];
> +
> +static inline bool kasan_arch_is_ready_book3e(void)
> +{
> + if (static_branch_likely(&powerpc_kasan_enabled_key))
> + return true;
> + return false;
> +}
> +#define kasan_arch_is_ready kasan_arch_is_ready_book3e
> +
> +static inline void *kasan_mem_to_shadow_book3e(const void *ptr)
> +{
> + unsigned long addr = (unsigned long)ptr;
> +
> + if (addr >= KERN_VIRT_START && addr < KERN_VIRT_START + KERN_VIRT_SIZE)
> + return kasan_early_shadow_page;
> +
> + return (void *)(addr >> KASAN_SHADOW_SCALE_SHIFT) + KASAN_SHADOW_OFFSET;
> +}
> +#define kasan_mem_to_shadow kasan_mem_to_shadow_book3e
> +
> +static inline void *kasan_shadow_to_mem_book3e(const void *shadow_addr)
> +{
> + /*
> + * We map the entire non-linear virtual mapping onto the zero page so if
> + * we are asked to map the zero page back just pick the beginning of that
> + * area.
> + */
> + if (shadow_addr >= (void *)kasan_early_shadow_page &&
> + shadow_addr < (void *)(kasan_early_shadow_page + PAGE_SIZE))
> + return (void *)KERN_VIRT_START;
> +
> + return (void *)(((unsigned long)shadow_addr - KASAN_SHADOW_OFFSET) <<
> + KASAN_SHADOW_SCALE_SHIFT);
> +}
> +#define kasan_shadow_to_mem kasan_shadow_to_mem_book3e
> +
> +static inline bool kasan_addr_has_shadow_book3e(const void *ptr)
> +{
> + unsigned long addr = (unsigned long)ptr;
> +
> + /*
> + * We want to specifically assert that the addresses in the 0x8000...
> + * region have a shadow, otherwise they are considered by the kasan
> + * core to be wild pointers
> + */
> + if (addr >= KERN_VIRT_START && addr < (KERN_VIRT_START + KERN_VIRT_SIZE))
> + return true;
> +
> + return (ptr >= kasan_shadow_to_mem((void *)KASAN_SHADOW_START));
> +}
> +#define kasan_addr_has_shadow kasan_addr_has_shadow_book3e
> +
> +#endif /* CONFIG_PPC_BOOK3E_64 */
> +
> #endif /* __ASSEMBLY */
> #endif
> diff --git a/arch/powerpc/mm/kasan/Makefile b/arch/powerpc/mm/kasan/Makefile
> index 6577897673dd..f8f164ad8ade 100644
> --- a/arch/powerpc/mm/kasan/Makefile
> +++ b/arch/powerpc/mm/kasan/Makefile
> @@ -3,3 +3,4 @@
> KASAN_SANITIZE := n
>
> obj-$(CONFIG_PPC32) += kasan_init_32.o
> +obj-$(CONFIG_PPC_BOOK3E_64) += kasan_init_book3e_64.o
> diff --git a/arch/powerpc/mm/kasan/kasan_init_book3e_64.c b/arch/powerpc/mm/kasan/kasan_init_book3e_64.c
> new file mode 100644
> index 000000000000..f116c211d83c
> --- /dev/null
> +++ b/arch/powerpc/mm/kasan/kasan_init_book3e_64.c
> @@ -0,0 +1,50 @@
> +// SPDX-License-Identifier: GPL-2.0
> +
> +#define DISABLE_BRANCH_PROFILING
> +
> +#include <linux/kasan.h>
> +#include <linux/printk.h>
> +#include <linux/memblock.h>
> +#include <linux/sched/task.h>
> +#include <asm/pgalloc.h>
> +
> +DEFINE_STATIC_KEY_FALSE(powerpc_kasan_enabled_key);
> +
> +static void __init kasan_init_region(struct memblock_region *reg)
> +{
> + void *start = __va(reg->base);
> + void *end = __va(reg->base + reg->size);
> + unsigned long k_start, k_end, k_cur;
> +
> + if (start >= end)
> + return;
> +
> + k_start = (unsigned long)kasan_mem_to_shadow(start);
> + k_end = (unsigned long)kasan_mem_to_shadow(end);
> +
> + for (k_cur = k_start; k_cur < k_end; k_cur += PAGE_SIZE) {
> + void *va = memblock_alloc(PAGE_SIZE, PAGE_SIZE);
> +
> + map_kernel_page(k_cur, __pa(va), PAGE_KERNEL);
> + }
> + flush_tlb_kernel_range(k_start, k_end);
> +}
> +
> +void __init kasan_init(void)
> +{
> + struct memblock_region *reg;
> +
> + for_each_memblock(memory, reg)
> + kasan_init_region(reg);
> +
> + /* map the zero page RO */
> + map_kernel_page((unsigned long)kasan_early_shadow_page,
> + __pa(kasan_early_shadow_page), PAGE_KERNEL_RO);
> +
> + /* Turn on checking */
> + static_branch_inc(&powerpc_kasan_enabled_key);
> +
> + /* Enable error messages */
> + init_task.kasan_depth = 0;
> + pr_info("KASAN init done (64-bit Book3E)\n");
> +}
> diff --git a/arch/powerpc/mm/nohash/Makefile b/arch/powerpc/mm/nohash/Makefile
> index 33b6f6f29d3f..310149f217d7 100644
> --- a/arch/powerpc/mm/nohash/Makefile
> +++ b/arch/powerpc/mm/nohash/Makefile
> @@ -16,3 +16,8 @@ endif
> # This is necessary for booting with kcov enabled on book3e machines
> KCOV_INSTRUMENT_tlb.o := n
> KCOV_INSTRUMENT_fsl_booke.o := n
> +
> +ifdef CONFIG_KASAN
> +CFLAGS_fsl_booke_mmu.o += -DDISABLE_BRANCH_PROFILING
> +CFLAGS_tlb.o += -DDISABLE_BRANCH_PROFILING
> +endif
>
^ permalink raw reply
* Re: [RFC PATCH 0/7] powerpc: KASAN for 64-bit 3s radix
From: Daniel Axtens @ 2019-05-23 6:18 UTC (permalink / raw)
To: Christophe Leroy, aneesh.kumar, bsingharora; +Cc: linuxppc-dev, kasan-dev
In-Reply-To: <584b6b5b-7051-e2de-ca4e-a686c5491aad@c-s.fr>
Christophe Leroy <christophe.leroy@c-s.fr> writes:
> Hi Daniel,
>
> Le 23/05/2019 à 07:21, Daniel Axtens a écrit :
>> Building on the work of Christophe, Aneesh and Balbir, I've ported
>> KASAN to Book3S radix.
>>
>> It builds on top Christophe's work on 32bit, and includes my work for
>> 64-bit Book3E (3S doesn't really depend on 3E, but it was handy to
>> have around when developing and debugging).
>>
>> This provides full inline instrumentation on radix, but does require
>> that you be able to specify the amount of memory on the system at
>> compile time. More details in patch 7.
>>
>> Regards,
>> Daniel
>>
>> Daniel Axtens (7):
>> kasan: do not open-code addr_has_shadow
>> kasan: allow architectures to manage the memory-to-shadow mapping
>> kasan: allow architectures to provide an outline readiness check
>> powerpc: KASAN for 64bit Book3E
>
> I see you are still hacking the core part of KASAN.
>
> Did you have a look at my RFC patch
> (https://patchwork.ozlabs.org/patch/1068260/) which demonstrate that
> full KASAN can be implemented on book3E/64 without those hacks ?
I haven't gone back and looked at the book3e patches as I've just been
working on the 3s stuff. I will have a look at that for the next version
for sure. I just wanted to get the 3s stuff out into the world sooner
rather than later! I don't think 3s uses those hacks so we can probably
drop them entirely.
Regards,
Daniel
>
> Christophe
>
>> kasan: allow arches to provide their own early shadow setup
>> kasan: allow arches to hook into global registration
>> powerpc: Book3S 64-bit "heavyweight" KASAN support
>>
>> arch/powerpc/Kconfig | 2 +
>> arch/powerpc/Kconfig.debug | 17 ++-
>> arch/powerpc/Makefile | 7 ++
>> arch/powerpc/include/asm/kasan.h | 116 +++++++++++++++++++
>> arch/powerpc/kernel/prom.c | 40 +++++++
>> arch/powerpc/mm/kasan/Makefile | 2 +
>> arch/powerpc/mm/kasan/kasan_init_book3e_64.c | 50 ++++++++
>> arch/powerpc/mm/kasan/kasan_init_book3s_64.c | 67 +++++++++++
>> arch/powerpc/mm/nohash/Makefile | 5 +
>> include/linux/kasan.h | 13 +++
>> mm/kasan/generic.c | 9 +-
>> mm/kasan/generic_report.c | 2 +-
>> mm/kasan/init.c | 10 ++
>> mm/kasan/kasan.h | 6 +-
>> mm/kasan/report.c | 6 +-
>> mm/kasan/tags.c | 3 +-
>> 16 files changed, 345 insertions(+), 10 deletions(-)
>> create mode 100644 arch/powerpc/mm/kasan/kasan_init_book3e_64.c
>> create mode 100644 arch/powerpc/mm/kasan/kasan_init_book3s_64.c
>>
^ permalink raw reply
* Re: Failure to boot G4: dt_headr_start=0x01501000
From: Mathieu Malaterre @ 2019-05-23 6:24 UTC (permalink / raw)
To: Christophe Leroy; +Cc: linuxppc-dev
In-Reply-To: <33ab57c7-294a-6ae4-d678-1490ce5b97f1@c-s.fr>
Salut Christophe,
On Wed, May 22, 2019 at 2:20 PM Christophe Leroy
<christophe.leroy@c-s.fr> wrote:
>
>
>
> Le 22/05/2019 à 14:15, Mathieu Malaterre a écrit :
> > Hi all,
> >
> > I have not boot my G4 in a while, today using master here is what I see:
> >
> > done
> > Setting btext !
> > W=640 H=488 LB=768 addr=0x9c008000
> > copying OF device tree...
> > starting device tree allocs at 01401000
> > otloc_up(00100000, 0013d948)
> > trying: 0x01401000
> > trying: 0x01501000
> > -› 01501000
> > alloc_bottom : 01601000
> > alloc_top : 20000000
> > alloc_top_hi : 20000000
> > nmo_top : 20000000
> > ram_top : 20000000
> > Building dt strings...
> > Building dt structure...
> > reserved memory map:
> > 00d40000 - 006c1000
> > Device tree strings 0x01502000 -> 0x00000007
> > Device tree struct 0x01503000 -> 0x00000007
> > Quiescing Open Firmware ...
> > Booting Linux via __start() @ 0x001400000
> > ->dt_headr_start=0x01501000
> >
> > Any suggestions before I start a bisect ?
> >
>
> Have you tried without CONFIG_PPC_KUEP and CONFIG_PPC_KUAP ?
Using locally:
diff --git a/arch/powerpc/configs/g4_defconfig
b/arch/powerpc/configs/g4_defconfig
index 14d0376f637d..916bce8ce9c3 100644
--- a/arch/powerpc/configs/g4_defconfig
+++ b/arch/powerpc/configs/g4_defconfig
@@ -32,6 +32,8 @@ CONFIG_USERFAULTFD=y
# CONFIG_COMPAT_BRK is not set
CONFIG_PROFILING=y
CONFIG_G4_CPU=y
+# CONFIG_PPC_KUEP is not set
+# CONFIG_PPC_KUAP is not set
CONFIG_PANIC_TIMEOUT=0
# CONFIG_PPC_CHRP is not set
CONFIG_CPU_FREQ=y
Leads to almost the same error (some values have changed):
done
Setting btext !
W=640 H=488 LB=768 addr=0x9c008000
copying OF device tree...
starting device tree allocs at 01300000
alloc_up(00100000, 0013d948)
trying: 0x01300000
trying: 0x01400000
-› 01400000
alloc_bottom : 01500000
alloc_top : 20000000
alloc_top_hi : 20000000
nmo_top : 20000000
ram_top : 20000000
Building dt strings...
Building dt structure...
reserved memory map:
00c40000 - 006c0000
Device tree strings 0x01401000 -> 0x00000007
Device tree struct 0x01402000 -> 0x00000007
Quiescing Open Firmware ...
Booting Linux via __start() @ 0x001400000
->dt_headr_start=0x01400000
Thanks anyway,
^ permalink raw reply related
page: next (older) | prev (newer) | latest
- recent:[subjects (threaded)|topics (new)|topics (active)]
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox