From: Sasha Levin <sashal@kernel.org>
To: Hauke Mehrtens <hauke@hauke-m.de>
Cc: linux-kernel@vger.kernel.org, stable@vger.kernel.org,
Victor Kamensky <kamensky@cisco.com>,
Bruce Ashfield <bruce.ashfield@gmail.com>,
Paul Burton <paulburton@kernel.org>,
linux-mips@vger.kernel.org, Ralf Baechle <ralf@linux-mips.org>,
James Hogan <jhogan@kernel.org>,
Vincenzo Frascino <vincenzo.frascino@arm.com>,
richard.purdie@linuxfoundation.org,
Tony Ambardar <itugrok@yahoo.com>
Subject: Re: [PATCH AUTOSEL 5.4 10/58] mips: vdso: fix 'jalr t9' crash in vdso code
Date: Sat, 29 Aug 2020 22:23:30 -0400 [thread overview]
Message-ID: <20200830022330.GY8670@sasha-vm> (raw)
In-Reply-To: <3c275203-8df8-4746-0941-c142cf72bee4@hauke-m.de>
On Sat, Aug 29, 2020 at 04:37:32PM +0200, Hauke Mehrtens wrote:
>On 8/29/20 3:56 PM, Sasha Levin wrote:
>> On Sat, Aug 29, 2020 at 03:08:01PM +0200, Hauke Mehrtens wrote:
>>> On 3/5/20 6:13 PM, Sasha Levin wrote:
>>>> From: Victor Kamensky <kamensky@cisco.com>
>>>>
>>>> [ Upstream commit d3f703c4359ff06619b2322b91f69710453e6b6d ]
>>>>
>>>> Observed that when kernel is built with Yocto mips64-poky-linux-gcc,
>>>> and mips64-poky-linux-gnun32-gcc toolchain, resulting vdso contains
>>>> 'jalr t9' instructions in its code and since in vdso case nobody
>>>> sets GOT table code crashes when instruction reached. On other hand
>>>> observed that when kernel is built mips-poky-linux-gcc toolchain, the
>>>> same 'jalr t9' instruction are replaced with PC relative function
>>>> calls using 'bal' instructions.
>>>>
>>>> The difference boils down to -mrelax-pic-calls and -mexplicit-relocs
>>>> gcc options that gets different default values depending on gcc
>>>> target triplets and corresponding binutils. -mrelax-pic-calls got
>>>> enabled by default only in mips-poky-linux-gcc case. MIPS binutils
>>>> ld relies on R_MIPS_JALR relocation to convert 'jalr t9' into 'bal'
>>>> and such relocation is generated only if -mrelax-pic-calls option
>>>> is on.
>>>>
>>>> Please note 'jalr t9' conversion to 'bal' can happen only to static
>>>> functions. These static PIC calls use mips local GOT entries that
>>>> are supposed to be filled with start of DSO value by run-time linker
>>>> (missing in VDSO case) and they do not have dynamic relocations.
>>>> Global mips GOT entries must have dynamic relocations and they should
>>>> be prevented by cmd_vdso_check Makefile rule.
>>>>
>>>> Solution call out -mrelax-pic-calls and -mexplicit-relocs options
>>>> explicitly while compiling MIPS vdso code. That would get correct
>>>> and consistent between different toolchains behaviour.
>>>>
>>>> Reported-by: Bruce Ashfield <bruce.ashfield@gmail.com>
>>>> Signed-off-by: Victor Kamensky <kamensky@cisco.com>
>>>> Signed-off-by: Paul Burton <paulburton@kernel.org>
>>>> Cc: linux-mips@vger.kernel.org
>>>> Cc: Ralf Baechle <ralf@linux-mips.org>
>>>> Cc: James Hogan <jhogan@kernel.org>
>>>> Cc: Vincenzo Frascino <vincenzo.frascino@arm.com>
>>>> Cc: richard.purdie@linuxfoundation.org
>>>> Signed-off-by: Sasha Levin <sashal@kernel.org>
>>>> ---
>>>> arch/mips/vdso/Makefile | 1 +
>>>> 1 file changed, 1 insertion(+)
>>>>
>>>
>>> Hi Sasha,
>>>
>>> Why was this not added to the 5.4 stable branch?
>>>
>>> Some OpenWrt users ran into this problem with kernel 5.4 on MIPS64 [0].
>>> We backported this patch on our own in OpenWrt [1], but it should be
>>> added to the sable branch in my opinion as it fixes a real problem.
>>>
>>> @Sasha: Can you add it to the 5.4 stable branch or should I send some
>>> special email?
>>
>> It failed building on 5.4. If you'd like it included, please send me a
>> tested backport for 5.4.
>>
>
>I successfully compiled a kernel 5.4.61 with this patch on top with GCC
>8.4 for MIPS 64 big and little Endian.
>
>What was broken in your compile test?
See https://lore.kernel.org/stable/bfdce3ef-5fe9-8dab-1695-be3d33727529@roeck-us.net/
--
Thanks,
Sasha
next prev parent reply other threads:[~2020-08-30 2:23 UTC|newest]
Thread overview: 43+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-03-05 17:13 [PATCH AUTOSEL 5.4 01/58] ACPI: watchdog: Allow disabling WDAT at boot Sasha Levin
2020-03-05 17:13 ` [PATCH AUTOSEL 5.4 02/58] HID: apple: Add support for recent firmware on Magic Keyboards Sasha Levin
2020-03-05 17:13 ` [PATCH AUTOSEL 5.4 03/58] HID: core: fix off-by-one memset in hid_report_raw_event() Sasha Levin
2020-03-05 17:13 ` [PATCH AUTOSEL 5.4 04/58] HID: core: increase HID report buffer size to 8KiB Sasha Levin
2020-03-05 17:13 ` [PATCH AUTOSEL 5.4 05/58] HID: hiddev: Fix race in in hiddev_disconnect() Sasha Levin
2020-03-05 17:13 ` [PATCH AUTOSEL 5.4 06/58] HID: alps: Fix an error handling path in 'alps_input_configured()' Sasha Levin
2020-03-05 17:13 ` [PATCH AUTOSEL 5.4 07/58] i2c: altera: Fix potential integer overflow Sasha Levin
2020-03-05 17:13 ` [PATCH AUTOSEL 5.4 08/58] ACPI: watchdog: Set default timeout in probe Sasha Levin
2020-03-05 17:13 ` [PATCH AUTOSEL 5.4 09/58] HID: i2c-hid: add Trekstor Surfbook E11B to descriptor override Sasha Levin
2020-03-05 17:13 ` [PATCH AUTOSEL 5.4 10/58] mips: vdso: fix 'jalr t9' crash in vdso code Sasha Levin
2020-08-29 13:08 ` Hauke Mehrtens
2020-08-29 13:56 ` Sasha Levin
2020-08-29 14:37 ` Hauke Mehrtens
2020-08-30 2:23 ` Sasha Levin [this message]
2020-03-05 17:13 ` [PATCH AUTOSEL 5.4 11/58] MIPS: Disable VDSO time functionality on microMIPS Sasha Levin
2020-03-05 17:13 ` [PATCH AUTOSEL 5.4 12/58] mips: vdso: add build time check that no 'jalr t9' calls left Sasha Levin
2020-03-05 17:13 ` [PATCH AUTOSEL 5.4 13/58] MIPS: VPE: Fix a double free and a memory leak in 'release_vpe()' Sasha Levin
2020-03-05 17:13 ` [PATCH AUTOSEL 5.4 14/58] HID: hid-bigbenff: fix general protection fault caused by double kfree Sasha Levin
2020-03-05 17:13 ` [PATCH AUTOSEL 5.4 15/58] HID: hid-bigbenff: call hid_hw_stop() in case of error Sasha Levin
2020-03-05 17:13 ` [PATCH AUTOSEL 5.4 16/58] HID: hid-bigbenff: fix race condition for scheduled work during removal Sasha Levin
2020-03-05 17:13 ` [PATCH AUTOSEL 5.4 17/58] MIPS: vdso: Wrap -mexplicit-relocs in cc-option Sasha Levin
2020-03-05 17:13 ` [PATCH AUTOSEL 5.4 18/58] selftests/rseq: Fix out-of-tree compilation Sasha Levin
2020-03-05 17:13 ` [PATCH AUTOSEL 5.4 19/58] tracing: Fix number printing bug in print_synth_event() Sasha Levin
2020-03-05 17:13 ` [PATCH AUTOSEL 5.4 20/58] nl80211: fix potential leak in AP start Sasha Levin
2020-03-05 17:13 ` [PATCH AUTOSEL 5.4 21/58] cfg80211: check reg_rule for NULL in handle_channel_custom() Sasha Levin
2020-03-05 17:13 ` [PATCH AUTOSEL 5.4 22/58] mac80211: Remove a redundant mutex unlock Sasha Levin
2020-03-05 17:13 ` [PATCH AUTOSEL 5.4 23/58] scsi: libfc: free response frame from GPN_ID Sasha Levin
2020-03-05 17:13 ` [PATCH AUTOSEL 5.4 24/58] netfilter: ipset: Fix "INFO: rcu detected stall in hash_xxx" reports Sasha Levin
2020-03-05 17:13 ` [PATCH AUTOSEL 5.4 25/58] netfilter: ipset: Fix forceadd evaluation path Sasha Levin
2020-03-05 17:13 ` [PATCH AUTOSEL 5.4 26/58] vhost: Check docket sk_family instead of call getname Sasha Levin
2020-03-05 17:13 ` [PATCH AUTOSEL 5.4 27/58] net: usb: qmi_wwan: restore mtu min/max values after raw_ip switch Sasha Levin
2020-03-05 17:13 ` [PATCH AUTOSEL 5.4 28/58] hv_netvsc: Fix unwanted wakeup in netvsc_attach() Sasha Levin
2020-03-05 17:13 ` [PATCH AUTOSEL 5.4 29/58] net: ks8851-ml: Fix IRQ handling and locking Sasha Levin
2020-03-05 17:13 ` [PATCH AUTOSEL 5.4 30/58] mac80211: rx: avoid RCU list traversal under mutex Sasha Levin
2020-03-05 17:13 ` [PATCH AUTOSEL 5.4 31/58] net: ll_temac: Fix race condition causing TX hang Sasha Levin
2020-03-05 17:13 ` [PATCH AUTOSEL 5.4 32/58] net: ll_temac: Add more error handling of dma_map_single() calls Sasha Levin
2020-03-05 17:13 ` [PATCH AUTOSEL 5.4 33/58] net: ll_temac: Fix RX buffer descriptor handling on GFP_ATOMIC pressure Sasha Levin
2020-03-05 17:13 ` [PATCH AUTOSEL 5.4 34/58] net: ll_temac: Handle DMA halt condition caused by buffer underrun Sasha Levin
2020-03-05 17:13 ` [PATCH AUTOSEL 5.4 35/58] blk-mq: insert passthrough request into hctx->dispatch directly Sasha Levin
2020-03-05 17:13 ` [PATCH AUTOSEL 5.4 36/58] drm/amdgpu: fix memory leak during TDR test(v2) Sasha Levin
2020-03-05 17:13 ` [PATCH AUTOSEL 5.4 37/58] kbuild: fix DT binding schema rule to detect command line changes Sasha Levin
2020-03-05 17:13 ` [PATCH AUTOSEL 5.4 38/58] kbuild: add dtbs_check to PHONY Sasha Levin
2020-03-05 17:14 ` [PATCH AUTOSEL 5.4 39/58] kbuild: add dt_binding_check to PHONY in a correct place Sasha Levin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200830022330.GY8670@sasha-vm \
--to=sashal@kernel.org \
--cc=bruce.ashfield@gmail.com \
--cc=hauke@hauke-m.de \
--cc=itugrok@yahoo.com \
--cc=jhogan@kernel.org \
--cc=kamensky@cisco.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mips@vger.kernel.org \
--cc=paulburton@kernel.org \
--cc=ralf@linux-mips.org \
--cc=richard.purdie@linuxfoundation.org \
--cc=stable@vger.kernel.org \
--cc=vincenzo.frascino@arm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).