summaryrefslogtreecommitdiff
path: root/arch
AgeCommit message (Collapse)AuthorFilesLines
2012-09-23Merge branch 'rc-fixes' of ↵Linus Torvalds1-1/+1
git://git.kernel.org/pub/scm/linux/kernel/git/mmarek/kbuild Pull kbuild fixes from Michal Marek: "There are two more kbuild fixes for 3.6. One fixes a race between x86's archscripts target and the rule (re)building scripts/basic/fixdep. The second is a fix for the previous attempt at fixing make firmware_install with make 3.82. This new solution should work with any version of GNU make" * 'rc-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/mmarek/kbuild: x86/kbuild: archscripts depends on scripts_basic firmware: fix directory creation rule matching with make 3.80
2012-09-22Merge branch 'upstream' of git://git.linux-mips.org/pub/scm/ralf/upstream-linusLinus Torvalds4-9/+9
Pull MIPS fixes from Ralf Baechle: "Random fixes across arch/mips, essentially. One fix for an issue in get_user_pages_fast() which previously was discovered on x86, a miscalculation in the support for the MIPS MT hardware multithreading support, the RTC support for the Malta and a fix for a spurious interrupt issue that seems to bite only very special Malta configurations." * 'upstream' of git://git.linux-mips.org/pub/scm/ralf/upstream-linus: MIPS: Malta: Don't crash on spurious interrupt. MIPS: Malta: Remove RTC Data Mode bootstrap breakage MIPS: mm: Add compound tail page _mapcount when mapped MIPS: CMP/SMTC: Fix tc_id calculation
2012-09-22Merge branch 'fixes' of git://git.linaro.org/people/rmk/linux-armLinus Torvalds5-8/+50
Pull ARM and clkdev fixes from Russell King: "Two patches for clkdev which resolve the long standing issue that the devm_* versions were dependent on clkdev, which they shouldn't have been. Instead, they're dependent on HAVE_CLK instead, which implies that you're providing clk_get() and clk_put(). A small fix to the ARM decompressor to ensure that the page tables are properly interpreted by the CPU, and reserve syscall 378 for kcmp (the checksyscalls.sh script is unfortunately currently broken so arch maintainers aren't getting notified of new syscalls...) Lastly, a larger fix for an issue between the common clk subsystem and smp_twd which causes warnings to be spat out." * 'fixes' of git://git.linaro.org/people/rmk/linux-arm: ARM: reserve syscall 378 for kcmp ARM: 7535/1: Reprogram smp_twd based on new common clk framework notifiers ARM: 7537/1: clk: Fix release in devm_clk_put() ARM: 7532/1: decompressor: reset SCTLR.TRE for VMSA ARMv7 cores ARM: 7534/1: clk: Make the managed clk functions generically available
2012-09-21Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/sparcLinus Torvalds1-8/+5
Pull sparc updates from David Miller: 1) Debugging builds on 32-bit sparc need to handle the R_SPARC_DISP32 relocation, not just 64-bit sparc. From Andreas Larsson. 2) Wei Yongjun noticed that module_alloc() on sparc can return an error pointer, but that's not allowed. module_alloc() should return only a valid pointer, or NULL. * git://git.kernel.org/pub/scm/linux/kernel/git/davem/sparc: sparc: fix the return value of module_alloc() sparc32: Enable the relocation target R_SPARC_DISP32 for sparc32
2012-09-21Merge branch 'x86-urgent-for-linus' of ↵Linus Torvalds2-5/+5
git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip Pull x86 fixes from Ingo Molnar: "Small fixlets" * 'x86-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: x86/mm/init.c: Fix devmem_is_allowed() off by one x86/kconfig: Remove outdated reference to Intel CPUs in CONFIG_SWIOTLB
2012-09-21Merge branch 'perf-urgent-for-linus' of ↵Linus Torvalds5-1/+57
git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip Pull perf fixes from Ingo Molnar: "Small perf fixlets" * 'perf-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: tracing: Don't call page_to_pfn() if page is NULL perf/x86: Fix Intel Ivy Bridge support perf/x86/ibs: Check syscall attribute flags perf/x86: Export Sandy Bridge uncore clockticks event in sysfs
2012-09-21Merge tag 'fixes-for-linus' of ↵Linus Torvalds10-8/+33
git://git.kernel.org/pub/scm/linux/kernel/git/arm/arm-soc Pull arm-soc bug fixes from Olof Johansson: "A couple of samsung clock locking fixes, at91 device tree gpio configuration fix and a couple more for shmobile and i.MX. All small targeted fixes." * tag 'fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/arm/arm-soc: ARM i.MX25: Make timer irq work again ARM: imx: armadillo5x0: Fix illegal register access ARM: shmobile: kzm9g: bugfix: correct mmcif interrupt settings ARM: SAMSUNG: Use spin_lock_{irqsave,irqrestore} in clk_set_rate ARM: at91: fix missing #interrupt-cells on gpio-controller ARM: SAMSUNG: use spin_lock_irqsave() in clk_set_parent
2012-09-21sparc: fix the return value of module_alloc()Wei Yongjun1-3/+1
In case of error, function module_alloc() in other platform never returns ERR_PTR(), and all of the user only check for NULL, so we'd better return NULL instead of ERR_PTR(). dpatch engine is used to auto generated this patch. (https://github.com/weiyj/dpatch) Signed-off-by: Wei Yongjun <yongjun_wei@trendmicro.com.cn> Signed-off-by: David S. Miller <davem@davemloft.net>
2012-09-21sparc32: Enable the relocation target R_SPARC_DISP32 for sparc32Andreas Larsson1-5/+4
GNU Binutils 2.20.1 generates .eh_frame sections that uses R_SPARC_DISP32. Signed-off-by: Andreas Larsson <andreas@gaisler.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2012-09-21Merge branch 'for-linus' of ↵Linus Torvalds4-95/+75
git://git.kernel.org/pub/scm/linux/kernel/git/s390/linux Pull s390 fixes from Martin Schwidefsky: "Bug fixes for 3.6-rc7, including some important patches for large page related memory management issues." * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/s390/linux: s390/dasd: fix read unit address configuration loop s390/dasd: fix pathgroup race s390/mm: fix user access page-table walk code s390/hwcaps: do not report high gprs for 31 bit kernel s390/cio: invalidate cdev pointer before deregistration s390/cio: fix IO subchannel event race s390/dasd: move wake_up call s390/hugetlb: use direct TLB flushing for hugetlbfs pages s390/mm: fix deadlock in unmap_hugepage_range()
2012-09-21Merge tag 'stable/for-linus-3.6-rc6-tag' of ↵Linus Torvalds3-17/+17
git://git.kernel.org/pub/scm/linux/kernel/git/konrad/xen Pull Xen bug-fixes from Konrad Rzeszutek Wilk: - Fix M2P batching re-using the incorrect structure field. In v3.5 we added batching for M2P override (Machine Frame Number -> Physical Frame Number), but the original MFN was saved in an incorrect structure - and we would oops/restore when restoring with the old MFN. - Disable BIOS SMP MP table search. A bootup issue that we had ignored until we found that on DL380 G6 it was needed. * tag 'stable/for-linus-3.6-rc6-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/konrad/xen: xen/boot: Disable BIOS SMP MP table search. xen/m2p: do not reuse kmap_op->dev_bus_addr
2012-09-21ARM: reserve syscall 378 for kcmpRussell King2-0/+3
kcmp has appeared on x86, but has not been noticed because checksyscalls.sh is broken at the moment. Reserve ARM syscall 378 for this should we ever need it, and add an __IGNORE entry for this unimplemented syscall. Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
2012-09-21x86/kbuild: archscripts depends on scripts_basicJeff Mahoney1-1/+1
While building the SUSE kernel packages, which build the scripts, make clean, and then build everything, we have been running into spurious build failures. We tracked them down to a simple dependency issue: $ make mrproper CLEAN arch/x86/tools CLEAN scripts/basic $ cp patches/config/x86_64/desktop .config $ make archscripts HOSTCC arch/x86/tools/relocs /bin/sh: scripts/basic/fixdep: No such file or directory make[3]: *** [arch/x86/tools/relocs] Error 1 make[2]: *** [archscripts] Error 2 make[1]: *** [sub-make] Error 2 make: *** [all] Error 2 This was introduced by commit 6520fe55 (x86, realmode: 16-bit real-mode code support for relocs), which added the archscripts dependency to archprepare. This patch adds the scripts_basic dependency to the x86 archscripts. Signed-off-by: Jeff Mahoney <jeffm@suse.com> Signed-off-by: Michal Marek <mmarek@suse.cz>
2012-09-19Merge branch 'clkdev' into fixesRussell King1-6/+0
2012-09-19ARM: 7535/1: Reprogram smp_twd based on new common clk framework notifiersMike Turquette1-2/+46
Running cpufreq driver on imx6q, the following warning is seen. $ BUG: sleeping function called from invalid context at kernel/mutex.c:269 <snip> stack backtrace: Backtrace: [<80011d64>] (dump_backtrace+0x0/0x10c) from [<803fc164>] (dump_stack+0x18/0x1c) r6:bf8142e0 r5:bf814000 r4:806ac794 r3:bf814000 [<803fc14c>] (dump_stack+0x0/0x1c) from [<803fd444>] (print_usage_bug+0x250/0x2b 8) [<803fd1f4>] (print_usage_bug+0x0/0x2b8) from [<80060f90>] (mark_lock+0x56c/0x67 0) [<80060a24>] (mark_lock+0x0/0x670) from [<80061a20>] (__lock_acquire+0x98c/0x19b 4) [<80061094>] (__lock_acquire+0x0/0x19b4) from [<80062f14>] (lock_acquire+0x68/0x 7c) [<80062eac>] (lock_acquire+0x0/0x7c) from [<80400f28>] (mutex_lock_nested+0x78/0 x344) r7:00000000 r6:bf872000 r5:805cc858 r4:805c2a04 [<80400eb0>] (mutex_lock_nested+0x0/0x344) from [<803089ac>] (clk_get_rate+0x1c/ 0x58) [<80308990>] (clk_get_rate+0x0/0x58) from [<80013c48>] (twd_update_frequency+0x1 8/0x50) r5:bf253d04 r4:805cadf4 [<80013c30>] (twd_update_frequency+0x0/0x50) from [<80068e20>] (generic_smp_call _function_single_interrupt+0xd4/0x13c) r4:bf873ee0 r3:80013c30 [<80068d4c>] (generic_smp_call_function_single_interrupt+0x0/0x13c) from [<80013 34c>] (handle_IPI+0xc0/0x194) r8:00000001 r7:00000000 r6:80574e48 r5:bf872000 r4:80593958 [<8001328c>] (handle_IPI+0x0/0x194) from [<800084e8>] (gic_handle_irq+0x58/0x60) r8:00000000 r7:bf873f8c r6:bf873f58 r5:80593070 r4:f4000100 r3:00000005 [<80008490>] (gic_handle_irq+0x0/0x60) from [<8000e124>] (__irq_svc+0x44/0x60) Exception stack(0xbf873f58 to 0xbf873fa0) 3f40: 00000001 00000001 3f60: 00000000 bf814000 bf872000 805cab48 80405aa4 80597648 00000000 412fc09a 3f80: bf872000 bf873fac bf873f70 bf873fa0 80063844 8000f1f8 20000013 ffffffff r6:ffffffff r5:20000013 r4:8000f1f8 r3:bf814000 [<8000f1b8>] (default_idle+0x0/0x4c) from [<8000f428>] (cpu_idle+0x98/0x114) [<8000f390>] (cpu_idle+0x0/0x114) from [<803f9834>] (secondary_start_kernel+0x11 c/0x140) [<803f9718>] (secondary_start_kernel+0x0/0x140) from [<103f9234>] (0x103f9234) r6:10c03c7d r5:0000001f r4:4f86806a r3:803f921c It looks that the warning is caused by that twd_update_frequency() gets called from an atomic context while it calls clk_get_rate() where a mutex gets held. To fix the warning, let's convert common clk users over to clk notifiers in place of CPUfreq notifiers. This works out nicely for Cortex-A9 MPcore designs that scale all CPUs at the same frequency. Platforms that have not been converted to the common clk framework and support CPUfreq will rely on the old mechanism. Once these platforms are converted over fully then we can remove the CPUfreq-specific bits for good. Signed-off-by: Mike Turquette <mturquette@linaro.org> Signed-off-by: Shawn Guo <shawn.guo@linaro.org> Reviewed-by: Linus Walleij <linus.walleij@linaro.org> Reviewed-by: Ulf Hansson <ulf.hansson@linaro.org> Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
2012-09-19xen/boot: Disable BIOS SMP MP table search.Konrad Rzeszutek Wilk1-0/+4
As the initial domain we are able to search/map certain regions of memory to harvest configuration data. For all low-level we use ACPI tables - for interrupts we use exclusively ACPI _PRT (so DSDT) and MADT for INT_SRC_OVR. The SMP MP table is not used at all. As a matter of fact we do not even support machines that only have SMP MP but no ACPI tables. Lets follow how Moorestown does it and just disable searching for BIOS SMP tables. This also fixes an issue on HP Proliant BL680c G5 and DL380 G6: 9f->100 for 1:1 PTE Freeing 9f-100 pfn range: 97 pages freed 1-1 mapping on 9f->100 .. snip.. e820: BIOS-provided physical RAM map: Xen: [mem 0x0000000000000000-0x000000000009efff] usable Xen: [mem 0x000000000009f400-0x00000000000fffff] reserved Xen: [mem 0x0000000000100000-0x00000000cfd1dfff] usable .. snip.. Scan for SMP in [mem 0x00000000-0x000003ff] Scan for SMP in [mem 0x0009fc00-0x0009ffff] Scan for SMP in [mem 0x000f0000-0x000fffff] found SMP MP-table at [mem 0x000f4fa0-0x000f4faf] mapped at [ffff8800000f4fa0] (XEN) mm.c:908:d0 Error getting mfn 100 (pfn 5555555555555555) from L1 entry 0000000000100461 for l1e_owner=0, pg_owner=0 (XEN) mm.c:4995:d0 ptwr_emulate: could not get_page_from_l1e() BUG: unable to handle kernel NULL pointer dereference at (null) IP: [<ffffffff81ac07e2>] xen_set_pte_init+0x66/0x71 . snip.. Pid: 0, comm: swapper Not tainted 3.6.0-rc6upstream-00188-gb6fb969-dirty #2 HP ProLiant BL680c G5 .. snip.. Call Trace: [<ffffffff81ad31c6>] __early_ioremap+0x18a/0x248 [<ffffffff81624731>] ? printk+0x48/0x4a [<ffffffff81ad32ac>] early_ioremap+0x13/0x15 [<ffffffff81acc140>] get_mpc_size+0x2f/0x67 [<ffffffff81acc284>] smp_scan_config+0x10c/0x136 [<ffffffff81acc2e4>] default_find_smp_config+0x36/0x5a [<ffffffff81ac3085>] setup_arch+0x5b3/0xb5b [<ffffffff81624731>] ? printk+0x48/0x4a [<ffffffff81abca7f>] start_kernel+0x90/0x390 [<ffffffff81abc356>] x86_64_start_reservations+0x131/0x136 [<ffffffff81abfa83>] xen_start_kernel+0x65f/0x661 (XEN) Domain 0 crashed: 'noreboot' set - not rebooting. which is that ioremap would end up mapping 0xff using _PAGE_IOMAP (which is what early_ioremap sticks as a flag) - which meant we would get MFN 0xFF (pte ff461, which is OK), and then it would also map 0x100 (b/c ioremap tries to get page aligned request, and it was trying to map 0xf4fa0 + PAGE_SIZE - so it mapped the next page) as _PAGE_IOMAP. Since 0x100 is actually a RAM page, and the _PAGE_IOMAP bypasses the P2M lookup we would happily set the PTE to 1000461. Xen would deny the request since we do not have access to the Machine Frame Number (MFN) of 0x100. The P2M[0x100] is for example 0x80140. CC: stable@vger.kernel.org Fixes-Oracle-Bugzilla: https://bugzilla.oracle.com/bugzilla/show_bug.cgi?id=13665 Acked-by: Jan Beulich <jbeulich@suse.com> Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
2012-09-19Merge tag 'sh-for-linus' of git://github.com/pmundt/linux-shLinus Torvalds2-2/+2
Pull SuperH fixes from Paul Mundt. * tag 'sh-for-linus' of git://github.com/pmundt/linux-sh: sh: Fix up TIF_NOTIFY_RESUME sans TIF_SIGPENDING handling. sh: pfc: Release spinlock in sh_pfc_gpio_request_enable() error path sh: intc: Fix up multi-evt irq association.
2012-09-19perf/x86: Fix Intel Ivy Bridge supportStephane Eranian3-1/+39
This patch updates the existing Intel IvyBridge (model 58) support with proper PEBS event constraints. It cannot reuse the same as SandyBridge because some events (0xd3) are specific to IvyBridge. Also there is no UOPS_DISPATCHED.THREAD on IVB, so do not populate the PERF_COUNT_HW_STALLED_CYCLES_BACKEND mapping. Signed-off-by: Stephane Eranian <eranian@google.com> Cc: peterz@infradead.org Cc: ak@linux.intel.com Link: http://lkml.kernel.org/r/20120910230701.GA5898@quad Signed-off-by: Ingo Molnar <mingo@kernel.org>
2012-09-18Merge tag 'imx-fixes' of git://git.pengutronix.de/git/imx/linux-2.6 into fixesOlof Johansson3-2/+4
From Sascha Hauer: ARM i.MX: Two fixes for i.MX - armadillo5x0 board broken since v3.5 (stable material) - i.MX25 Architecture broken since v3.6-rc1 * tag 'imx-fixes' of git://git.pengutronix.de/git/imx/linux-2.6: ARM i.MX25: Make timer irq work again ARM: imx: armadillo5x0: Fix illegal register access
2012-09-18ARM i.MX25: Make timer irq work againSascha Hauer2-1/+2
Since i.MX has SPARSE_IRQ enabled the i.MX25 timer is broken. This is because the internal irqs now start at an offset of NR_IRQS_LEGACY. The patch fixed this up, but missed the i.MX25 timer which used a hardcoded value instead of a define. This patch introduces a define for the timer irq and uses it. This is broken since introduced with 3.6-rc1: | commit 8842a9e2869cae14bbb8184004a42fc3070587fb | Author: Shawn Guo <shawn.guo@linaro.org> | Date: Thu Jun 14 11:16:14 2012 +0800 | | ARM: imx: enable SPARSE_IRQ for imx platform Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de> Acked-by: Shawn Guo <shawn.guo@linaro.org>
2012-09-18ARM: imx: armadillo5x0: Fix illegal register accessFabio Estevam1-1/+2
Since commit eb92044eb (ARM i.MX3: Make ccm base address a variable ) it is necessary to pass the CCM register base as a variable. Fix the CCM register access in mach-armadillo5x0 by passing mx3_ccm_base and avoid illegal accesses. Also applies to v3.5 Reported-by: Arnd Bergmann <arnd@arndb.de> Signed-off-by: Fabio Estevam <fabio.estevam@freescale.com> Acked-by: Arnd Bergmann <arnd@arndb.de> Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de> Cc: stable@vger.kernel.org
2012-09-18Merge tag 'at91-fixes' of git://github.com/at91linux/linux-at91 into fixesOlof Johansson5-0/+21
From Nicolas Ferre: Modify AT91 device tree files for making the GPIO interrupts work. * tag 'at91-fixes' of git://github.com/at91linux/linux-at91: ARM: at91: fix missing #interrupt-cells on gpio-controller
2012-09-18Merge branch 'fixes' of ↵Olof Johansson1-2/+2
git://git.kernel.org/pub/scm/linux/kernel/git/horms/renesas into fixes * 'fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/horms/renesas: ARM: shmobile: kzm9g: bugfix: correct mmcif interrupt settings
2012-09-18Merge branch 'v3.6-samsung-fixes-3' of ↵Olof Johansson1-4/+6
git://git.kernel.org/pub/scm/linux/kernel/git/kgene/linux-samsung into fixes * 'v3.6-samsung-fixes-3' of git://git.kernel.org/pub/scm/linux/kernel/git/kgene/linux-samsung: ARM: SAMSUNG: Use spin_lock_{irqsave,irqrestore} in clk_set_rate ARM: SAMSUNG: use spin_lock_irqsave() in clk_set_parent
2012-09-18sh: Fix up TIF_NOTIFY_RESUME sans TIF_SIGPENDING handling.Al Viro2-2/+2
As Al notes, we missed a TIF_NOTIFY_RESUME check which caused any handlers without TIF_SIGPENDING also set to skip the notification: Looks like while it is in the relevant masks *and* checked in do_notify_resume() both on 32bit and 64bit variants since commit ab99c733ae73cce31f2a2434f7099564e5a73d95 ("sh: Make syscall tracer use tracehook notifiers, add TIF_NOTIFY_RESUME.") they are actually *not* reached without simulataneous SIGPENDING, since the actual glue in the callers had not been updated back then and still checks for _TIF_SIGPENDING alone when deciding whether to hit do_notify_resume() or not. Reported-by: Nobuhiro Iwamatsu <nobuhiro.iwamatsu.yj@renesas.com> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> Tested-by: Nobuhiro Iwamatsu <nobuhiro.iwamatsu.yj@renesas.com> Signed-off-by: Paul Mundt <lethal@linux-sh.org>
2012-09-18ARM: shmobile: kzm9g: bugfix: correct mmcif interrupt settingsTetsuyuki Kobayashi1-2/+2
Correct interrupt settings of sh_mmc:int and sh_mmc:error in board-kzm9g.c. Signed-off-by: Tetsuyuki Kobayashi <koba@kmckk.co.jp> Acked-by: Kuninori Morimoto <kuninori.morimoto.gx@renesas.com> Signed-off-by: Simon Horman <horms@verge.net.au>
2012-09-18ARM: SAMSUNG: Use spin_lock_{irqsave,irqrestore} in clk_set_rateTushar Behera1-2/+3
The spinlock clocks_lock can be held during ISR, hence it is not safe to hold that lock with disabling interrupts. It fixes following potential deadlock. ========================================================= [ INFO: possible irq lock inversion dependency detected ] 3.6.0-rc4+ #2 Not tainted --------------------------------------------------------- swapper/0/1 just changed the state of lock: (&(&host->lock)->rlock){-.....}, at: [<c027fb0d>] sdhci_irq+0x15/0x564 but this lock took another, HARDIRQ-unsafe lock in the past: (clocks_lock){+.+...} and interrupts could create inverse lock ordering between them. other info that might help us debug this: Possible interrupt unsafe locking scenario: CPU0 CPU1 ---- ---- lock(clocks_lock); local_irq_disable(); lock(&(&host->lock)->rlock); lock(clocks_lock); <Interrupt> lock(&(&host->lock)->rlock); *** DEADLOCK *** Signed-off-by: Tushar Behera <tushar.behera@linaro.org> Signed-off-by: Kukjin Kim <kgene.kim@samsung.com>
2012-09-17ARM: at91: fix missing #interrupt-cells on gpio-controllerJean-Christophe PLAGNIOL-VILLARD5-0/+21
Signed-off-by: Jean-Christophe PLAGNIOL-VILLARD <plagnioj@jcrosoft.com> Tested-by: Bo Shen <voice.shen@atmel.com> Signed-off-by: Nicolas Ferre <nicolas.ferre@atmel.com>
2012-09-17s390/mm: fix user access page-table walk codeGerald Schaefer1-79/+63
The s390 page-table walk code, used for user copy and futex, currently cannot handle huge pages. As far as user copy is concerned, that is not really a problem because those functions will only be used on old hardware that has no huge page support. But the futex code will also use pagetable walk functions on current hardware when user space runs in primary space mode. So, if a futex sits in a huge page, the futex operation on it will result in a page fault loop or even data corruption. This patch adds the code for resolving huge page mappings in the user access pagetable walk code on s390. Signed-off-by: Gerald Schaefer <gerald.schaefer@de.ibm.com> Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2012-09-17ARM: SAMSUNG: use spin_lock_irqsave() in clk_set_parentMandeep Singh Baines1-2/+3
From 0cdf3aff, "ARM: SAMSUNG: use spin_lock_irqsave() in clk_{enable,disable}": The clk_enable()and clk_disable() can be used process and ISR either. And actually it is used for real product and other platforms use it now. So spin_lock_irqsave() should be used instead. We need to make a similar change in clk_set_parent(). Otherwise, you can potentially get spinlock recursion: BUG: spinlock recursion on CPU#0, kinteractive/68 lock: 807832a8, .magic: dead4ead, .owner: kinteractive/68, .owner_cpu: 0 [<80015f54>] (unwind_backtrace+0x0/0x128) from [<804f2914>] (dump_stack+0x20/0x24) [<804f2914>] (dump_stack+0x20/0x24) from [<804f57b8>] (spin_dump+0x80/0x94) [<804f57b8>] (spin_dump+0x80/0x94) from [<804f57f8>] (spin_bug+0x2c/0x30) [<804f57f8>] (spin_bug+0x2c/0x30) from [<80222730>] (do_raw_spin_lock+0x54/0x150) [<80222730>] (do_raw_spin_lock+0x54/0x150) from [<804f96ec>] (_raw_spin_lock_irqsave+0x20/0x28) [<804f96ec>] (_raw_spin_lock_irqsave+0x20/0x28) from [<80022ea4>] (clk_enable+0x3c/0x84) [<80022ea4>] (clk_enable+0x3c/0x84) from [<8038336c>] (s5p_mfc_clock_on+0x60/0x74) [<8038336c>] (s5p_mfc_clock_on+0x60/0x74) from [<8038645c>] (s5p_mfc_read_info+0x20/0x38) [<8038645c>] (s5p_mfc_read_info+0x20/0x38) from [<8037ca3c>] (s5p_mfc_handle_frame+0x2e4/0x4bc) [<8037ca3c>] (s5p_mfc_handle_frame+0x2e4/0x4bc) from [<8037d420>] (s5p_mfc_irq+0x1ec/0x6cc) [<8037d420>] (s5p_mfc_irq+0x1ec/0x6cc) from [<8007fc74>] (handle_irq_event_percpu+0x8c/0x244) [<8007fc74>] (handle_irq_event_percpu+0x8c/0x244) from [<8007fe78>] (handle_irq_event+0x4c/0x6c) [<8007fe78>] (handle_irq_event+0x4c/0x6c) from [<80082dd8>] (handle_fasteoi_irq+0xe4/0x150) [<80082dd8>] (handle_fasteoi_irq+0xe4/0x150) from [<8007f424>] (generic_handle_irq+0x3c/0x50) [<8007f424>] (generic_handle_irq+0x3c/0x50) from [<8000f7c4>] (handle_IRQ+0x88/0xc8) [<8000f7c4>] (handle_IRQ+0x88/0xc8) from [<80008564>] (gic_handle_irq+0x44/0x68) [<80008564>] (gic_handle_irq+0x44/0x68) from [<8000e400>] (__irq_svc+0x40/0x60) Exception stack(0xef3cbe68 to 0xef3cbeb0) [<8000e400>] (__irq_svc+0x40/0x60) from [<80022cfc>] (clk_set_parent+0x30/0x74) [<80022cfc>] (clk_set_parent+0x30/0x74) from [<803ac7f8>] (set_apll.isra.0+0x28/0xb0) [<803ac7f8>] (set_apll.isra.0+0x28/0xb0) from [<803ac8e4>] (exynos5250_set_frequency+0x64/0xb8) [<803ac8e4>] (exynos5250_set_frequency+0x64/0xb8) from [<803ac280>] (exynos_target+0x1b0/0x220) [<803ac280>] (exynos_target+0x1b0/0x220) from [<803a4a0c>] (__cpufreq_driver_target+0xb0/0xd4) [<803a4a0c>] (__cpufreq_driver_target+0xb0/0xd4) from [<803aab80>] (cpufreq_interactive_updown_task+0x214/0x264) [<803aab80>] (cpufreq_interactive_updown_task+0x214/0x264) from [<80047d04>] (kthread+0x9c/0xa8) [<80047d04>] (kthread+0x9c/0xa8) from [<8000fa48>] (kernel_thread_exit+0x0/0x8) Signed-off-by: Mandeep Singh Baines <msb@chromium.org> Suggested-by: Sunil Mazhavanchery <sunilm@samsung.com> Cc: linux-arm-kernel@lists.infradead.org Cc: linux-samsung-soc@vger.kernel.org Cc: Ben Dooks <ben-linux@fluff.org> Cc: Russell King <linux@arm.linux.org.uk> Cc: Minho Ban <mhban@samsung.com> Cc: Jaecheol Lee <jc.lee@samsung.com> Cc: Sunyoung Kang <sy0816.kang@samsung.com> Cc: Olof Johansson <olofj@chromium.org> Signed-off-by: Kukjin Kim <kgene.kim@samsung.com>
2012-09-17MIPS: Malta: Don't crash on spurious interrupt.Ralf Baechle1-3/+6
48d480b0bde794781fcae9501fb043c1bac0e523 [[MIPS] Malta: Fix off by one bug in interrupt handler.] did not take in account that irq_ffs() will also return 0 if for some reason the set of pending interrupts happens to be empty. This is trivial to trigger with a RM5261 CPU module running a 64-bit kernel and results in something like the following: CPU 0 Unable to handle kernel paging request at virtual address 0000000000000000, epc == ffffffff801772d0, ra == ffffffff8017ad24 Oops[#1]: Cpu 0 $ 0 : 0000000000000000 ffffffff9000a4e0 ffffffff9000a4e0 ffffffff9000a4e0 $ 4 : ffffffff80592be0 0000000000000000 00000000000000d6 ffffffff80322ed0 $ 8 : ffffffff805fe538 0000000000000000 ffffffff9000a4e0 ffffffff80590000 $12 : 00000000000000d6 0000000000000000 ffffffff80600000 ffffffff805fe538 $16 : 0000000000000000 0000000000000010 ffffffff80592be0 0000000000000010 $20 : 0000000000000000 0000000000500001 0000000000000000 ffffffff8051e078 $24 : 0000000000000028 ffffffff803226e8 $28 : 9800000003828000 980000000382b900 ffffffff8051e060 ffffffff8017ad24 Hi : 0000000000000000 Lo : 0000006388974000 epc : ffffffff801772d0 handle_irq_event_percpu+0x70/0x2f0 Not tainted ra : ffffffff8017ad24 handle_percpu_irq+0x54/0x88 Status: 9000a4e2 KX SX UX KERNEL EXL Cause : 00808008 BadVA : 0000000000000000 PrId : 000028a0 (Nevada) Modules linked in: Process init (pid: 1, threadinfo=9800000003828000, task=9800000003827968, tls=0000000077087490) Stack : ffffffff80592be0 ffffffff8058d248 0000000000000040 0000000000000000 ffffffff80613340 0000000000500001 ffffffff805a0000 0000000000000882 9800000003b89000 ffffffff8017ad24 00000000000000d5 0000000000000010 ffffffff9000a4e1 ffffffff801769f4 ffffffff9000a4e0 ffffffff801037f8 0000000000000000 ffffffff80101c44 0000000000000000 ffffffff9000a4e0 0000000000000000 9000000018000000 90000000180003f9 0000000000000001 0000000000000000 00000000000000ff 0000000000000018 0000000000000001 0000000000000001 00000000003fffff 0000000000000020 ffffffff802cf7ac ffffffff80208918 000000007fdadf08 ffffffff80612d88 ffffffff9000a4e1 0000000000000040 0000000000000000 ffffffff80613340 0000000000500001 ... Call Trace: [<ffffffff801772d0>] handle_irq_event_percpu+0x70/0x2f0 [<ffffffff8017ad24>] handle_percpu_irq+0x54/0x88 [<ffffffff801769f4>] generic_handle_irq+0x44/0x60 [<ffffffff801037f8>] do_IRQ+0x48/0x70 [<ffffffff80101c44>] ret_from_irq+0x0/0x4 [<ffffffff80326170>] serial8250_startup+0x310/0x870 [<ffffffff8032175c>] uart_startup.part.7+0x9c/0x330 [<ffffffff80321b4c>] uart_open+0x15c/0x1b0 [<ffffffff80302034>] tty_open+0x1fc/0x720 [<ffffffff801bffac>] chrdev_open+0x7c/0x180 [<ffffffff801b9ab8>] do_dentry_open.isra.14+0x288/0x390 [<ffffffff801bac5c>] nameidata_to_filp+0x5c/0xc0 [<ffffffff801ca700>] do_last.isra.33+0x330/0x8f0 [<ffffffff801caf3c>] path_openat+0xbc/0x440 [<ffffffff801cb3c8>] do_filp_open+0x38/0xa8 [<ffffffff801bade4>] do_sys_open+0x124/0x218 [<ffffffff80110538>] handle_sys+0x118/0x13c Code: 02d5a825 12800012 02a0b02d <de820000> de850008 0040f809 0220202d 0040a82d 40026000 ---[ end trace 5d8e7b9a86badd2d ]--- Kernel panic - not syncing: Fatal exception in interrupt Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
2012-09-16ARM: 7532/1: decompressor: reset SCTLR.TRE for VMSA ARMv7 coresMatthew Leach1-0/+1
This patch zeroes the SCTLR.TRE bit prior to setting the mapping as cacheable for ARMv7 cores in the decompressor, ensuring that the memory region attributes are obtained from the C and B bits, not from the page tables. Cc: Nicolas Pitre <nico@fluxnic.net> Reviewed-by: Will Deacon <will.deacon@arm.com> Signed-off-by: Matthew Leach <matthew.leach@arm.com> Signed-off-by: Will Deacon <will.deacon@arm.com> Cc: <stable@vger.kernel.org> Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
2012-09-15ARM: 7534/1: clk: Make the managed clk functions generically availableLars-Peter Clausen1-6/+0
The managed clk functions are currently only available when the generic clk lookup framework is build. But the managed clk functions are merely wrappers around clk_get and clk_put and do not depend on any specifics of the generic lookup functions and there are still quite a few custom implementations of the clk API. So make the managed functions available whenever the clk API is implemented. The patch also removes the custom implementation of devm_clk_get for the coldfire platform. Signed-off-by: Lars-Peter Clausen <lars@metafoo.de> Acked-by: Greg Ungerer <gerg@uclinux.org> Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
2012-09-14Merge branch 'fixes-for-3.6' of ↵Linus Torvalds1-1/+1
git://git.linaro.org/people/mszyprowski/linux-dma-mapping Pull one more DMA-mapping fix from Marek Szyprowski: "This patch fixes very subtle bug (typical off-by-one error) which might appear in very rare circumstances." * 'fixes-for-3.6' of git://git.linaro.org/people/mszyprowski/linux-dma-mapping: arm: mm: fix DMA pool affiliation check
2012-09-14Merge branch 'perf-urgent-for-linus' of ↵Linus Torvalds4-6/+11
git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip Pull perf fixes from Ingo Molnar: "This tree includes various fixes" Ingo really needs to improve on the whole "explain git pull" part. "Various fixes" indeed. * 'perf-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: perf/hwpb: Invoke __perf_event_disable() if interrupts are already disabled perf/x86: Enable Intel Cedarview Atom suppport perf_event: Switch to internal refcount, fix race with close() oprofile, s390: Fix uninitialized memory access when writing to oprofilefs perf/x86: Fix microcode revision check for SNB-PEBS
2012-09-14MIPS: Malta: Remove RTC Data Mode bootstrap breakageMaciej W. Rozycki1-5/+0
YAMON requires and enforces the RTC Data Mode (Register B, DM bit) to binary, that is the bit is set every time the board goes through the firmware bootstrap sequence. Likewise its calendar manipulation commands interpret or set the RTC registers unconditionally as binary, never actually checking what the value of the DM bit is, under the (correct) assumption that it has been previously set, to indicate the binary mode. A change to Linux a while ago however introduced a platform-specific tweak that clears that bit and therefore forces the data mode to BCD. This causes clock corruption and misinterpretation that has to be fixed up by user-mode tools in system startup scripts as the initial clock is often incorrect according to the BCD interpretation forced. This change removes the hack; a comment included refers to alarm code, but even if it was broken at one point by requiring the BCD mode, it should have been trivially corrected and even if not, given how rarely the alarm feature is used, that was not really a reasonable justification to break the system clock that is indeed used by virtually everything. And either way the alarm code has been since fixed anyway. Signed-off-by: Maciej W. Rozycki <macro@codesourcery.com> Cc: linux-mips@linux-mips.org Patchwork: https://patchwork.linux-mips.org/patch/4336/ Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
2012-09-13x86/mm/init.c: Fix devmem_is_allowed() off by oneT Makphaibulchoke1-1/+1
Fixing an off-by-one error in devmem_is_allowed(), which allows accesses to physical addresses 0x100000-0x100fff, an extra page past 1MB. Signed-off-by: T Makphaibulchoke <tmac@hp.com> Acked-by: H. Peter Anvin <hpa@zytor.com> Cc: yinghai@kernel.org Cc: tiwai@suse.de Cc: dhowells@redhat.com Link: http://lkml.kernel.org/r/1346210503-14276-1-git-send-email-tmac@hp.com Signed-off-by: Ingo Molnar <mingo@kernel.org>
2012-09-13perf/x86/ibs: Check syscall attribute flagsRobert Richter1-0/+12
Current implementation simply ignores attribute flags. Thus, there is no notification to userland of unsupported features. Check syscall's attribute flags to let userland know if a feature is supported by the kernel. This is also needed to distinguish between future kernels what might support a feature. Cc: <stable@vger.kernel.org> v3.5.. Signed-off-by: Robert Richter <robert.richter@amd.com> Signed-off-by: Peter Zijlstra <a.p.zijlstra@chello.nl> Link: http://lkml.kernel.org/r/20120910093018.GO8285@erda.amd.com Signed-off-by: Ingo Molnar <mingo@kernel.org>
2012-09-13perf/x86: Export Sandy Bridge uncore clockticks event in sysfsStephane Eranian1-0/+6
This patch exports the clockticks event and its encoding to user level. The clockticks event was exported for Nehalem/Westmere but not for Sandy Bridge (client). Given that it uses a special encoding, it needs to be exported to user tools, so users can do: # perf stat -a -C 0 -e uncore_cbox_0/clockticks/ sleep 1 Signed-off-by: Stephane Eranian <eranian@google.com> Acked-by: Yan, Zheng <zheng.z.yan@intel.com> Signed-off-by: Peter Zijlstra <a.p.zijlstra@chello.nl> Link: http://lkml.kernel.org/r/20120829130122.GA32336@quad Signed-off-by: Ingo Molnar <mingo@kernel.org>
2012-09-13Merge tag 'fixes-for-linus' of ↵Linus Torvalds13-32/+98
git://git.kernel.org/pub/scm/linux/kernel/git/arm/arm-soc Pull arm-soc bug fixes from Olof Johansson: - A set of OMAP fixes, about half of them PM/clock related, the rest scattered over the platform code but all small and targeted to real bugs. - Two small i.MX fixes for SSI device clock setup. * tag 'fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/arm/arm-soc: ARM: clk-imx35: Fix SSI clock registration ARM: clk-imx25: Fix SSI clock registration ARM: OMAP4: Fix array size for irq_target_cpu ARM: OMAP4: hwmod data: temporarily comment out data for the sl2if IP block ARM: OMAP: hwmod code: Disable module when hwmod enable fails ARM: OMAP3: hwmod data: fix iva2 reset info ARM: OMAP3xxx: clockdomain: fix software supervised wakeup/sleep ARM: OMAP2+: am33xx: Fix the timer fck clock naming convention ARM: OMAP: Config fix for omap3-touchbook board ARM: OMAP: sram: skip the first 16K on OMAP3 HS ARM: OMAP: sram: fix OMAP4 errata handling ARM: OMAP: timer: obey the !CONFIG_OMAP_32K_TIMER
2012-09-12Merge tag 'imx-fixes' of git://git.pengutronix.de/git/imx/linux-2.6 into fixesOlof Johansson8-21/+125
ARM: i.MX: Fix SSI clock associations for i.MX25/i.MX35 * tag 'imx-fixes' of git://git.pengutronix.de/git/imx/linux-2.6: ARM: clk-imx35: Fix SSI clock registration ARM: clk-imx25: Fix SSI clock registration + Linux 3.6-rc5
2012-09-13Merge branch 'fixes' of git://git.linaro.org/people/rmk/linux-armLinus Torvalds15-57/+151
Pull ARM fixes from Russell King: "It's been a while... so there's a little more here than normal. Mostly updates from Will for the breakpoint stuff, and plugging a few holes in the user access functions which crept in when domain support was disabled for ARMv7 CPUs." * 'fixes' of git://git.linaro.org/people/rmk/linux-arm: ARM: 7529/1: delay: set loops_per_jiffy when moving to timer-based loop ARM: 7528/1: uaccess: annotate [__]{get,put}_user functions with might_fault() ARM: 7527/1: uaccess: explicitly check __user pointer when !CPU_USE_DOMAINS ARM: 7526/1: traps: send SIGILL if get_user fails on undef handling path ARM: 7521/1: Fix semihosting Kconfig text ARM: 7513/1: Make sure dtc is built before running it ARM: 7512/1: Fix XIP build due to PHYS_OFFSET definition moving ARM: 7499/1: mm: Fix vmalloc overlap check for !HIGHMEM ARM: 7503/1: mm: only flush both pmd entries for classic MMU ARM: 7502/1: contextidr: avoid using bfi instruction during notifier ARM: 7501/1: decompressor: reset ttbcr for VMSA ARMv7 cores ARM: 7497/1: hw_breakpoint: allow single-byte watchpoints on all addresses ARM: 7496/1: hw_breakpoint: don't rely on dfsr to show watchpoint access type ARM: Fix ioremap() of address zero
2012-09-12xen/m2p: do not reuse kmap_op->dev_bus_addrStefano Stabellini2-17/+13
If the caller passes a valid kmap_op to m2p_add_override, we use kmap_op->dev_bus_addr to store the original mfn, but dev_bus_addr is part of the interface with Xen and if we are batching the hypercalls it might not have been written by the hypervisor yet. That means that later on Xen will write to it and we'll think that the original mfn is actually what Xen has written to it. Rather than "stealing" struct members from kmap_op, keep using page->index to store the original mfn and add another parameter to m2p_remove_override to get the corresponding kmap_op instead. It is now responsibility of the caller to keep track of which kmap_op corresponds to a particular page in the m2p_override (gntdev, the only user of this interface that passes a valid kmap_op, is already doing that). CC: stable@kernel.org Reported-and-Tested-By: Sander Eikelenboom <linux@eikelenboom.it> Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com> Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
2012-09-12Merge branch 'for-linus' of ↵Linus Torvalds4-158/+69
git://git.kernel.org/pub/scm/linux/kernel/git/lliubbo/blackfin Pull blackfin updates from Bob Liu: "One kbuild and a smp build fix." * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/lliubbo/blackfin: kbuild: add symbol prefix arg to kallsyms blackfin: smp: adapt to generic smp helpers
2012-09-11ARM: clk-imx35: Fix SSI clock registrationFabio Estevam1-4/+2
SSI block has two types of clock: ipg: bus clock, the clock needed for accessing registers. per: peripheral clock, the clock needed for generating the bit rate. Currently SSI driver only supports slave mode and only need to handle the ipg clock, because the peripheral clock comes from the master codec. Only register the ipg clock and do not register the peripheral clock for ssi. Signed-off-by: Fabio Estevam <fabio.estevam@freescale.com> Tested-by: Mark Brown <broonie@opensource.wolfsonmicro.com> Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de> Cc: stable@vger.kernel.org
2012-09-11ARM: clk-imx25: Fix SSI clock registrationFabio Estevam1-4/+2
SSI block has two types of clock: ipg: bus clock, the clock needed for accessing registers. per: peripheral clock, the clock needed for generating the bit rate. Currently SSI driver only supports slave mode and only need to handle the ipg clock, because the peripheral clock comes from the master codec. Only register the ipg clock and do not register the peripheral clock for ssi. Signed-off-by: Fabio Estevam <fabio.estevam@freescale.com> Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de> Cc: stable@vger.kernel.org
2012-09-11kbuild: add symbol prefix arg to kallsymsJames Hogan1-1/+0
Commit 1f2bfbd00e466ff3489b2ca5cc75b1cccd14c123 ("kbuild: link of vmlinux moved to a script") introduced in v3.5-rc1 broke kallsyms on architectures which have symbol prefixes. The --symbol-prefix argument used to be added to the KALLSYMS command line from the architecture Makefile, however this isn't picked up by the new scripts/link-vmlinux.sh. This resulted in symbols like kallsyms_addresses being added which weren't correctly overriding the weak symbols such as _kallsyms_addresses. These could then trigger BUG_ONs in kallsyms code. This is fixed by removing the KALLSYMS addition from the architecture Makefile, and using CONFIG_SYMBOL_PREFIX in the link-vmlinux.sh script to determine whether to add the --symbol-prefix argument. Signed-off-by: James Hogan <james.hogan@imgtec.com> Signed-off-by: Bob Liu <lliubbo@gmail.com>
2012-09-11Merge tag 'kvm-3.6-2' of git://git.kernel.org/pub/scm/virt/kvm/kvmLinus Torvalds3-9/+29
Pull KVM updates from Avi Kivity: "A trio of KVM fixes: incorrect lookup of guest cpuid, an uninitialized variable fix, and error path cleanup fix." * tag 'kvm-3.6-2' of git://git.kernel.org/pub/scm/virt/kvm/kvm: KVM: fix error paths for failed gfn_to_page() calls KVM: x86: Check INVPCID feature bit in EBX of leaf 7 KVM: PIC: fix use of uninitialised variable.
2012-09-10arm: mm: fix DMA pool affiliation checkThomas Petazzoni1-1/+1
The __free_from_pool() function was changed in e9da6e9905e639b0f842a244bc770b48ad0523e9. Unfortunately, the test that checks whether the provided (start,size) is within the DMA pool has been improperly modified. It used to be: if (start < coherent_head.vm_start || end > coherent_head.vm_end) Where coherent_head.vm_end was non-inclusive (i.e, it did not include the first byte after the pool). The test has been changed to: if (start < pool->vaddr || start > pool->vaddr + pool->size) So now pool->vaddr + pool->size is inclusive (i.e, it includes the first byte after the pool), so the test should be >= instead of >. This bug causes the following message when freeing the *first* DMA coherent buffer that has been allocated, because its virtual address is exactly equal to pool->vaddr + pool->size : WARNING: at /home/thomas/projets/linux-2.6/arch/arm/mm/dma-mapping.c:463 __free_from_pool+0xa4/0xc0() freeing wrong coherent size from pool Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> Cc: Marek Szyprowski <m.szyprowski@samsung.com> Cc: Russell King <linux@arm.linux.org.uk> Cc: Lior Amsalem <alior@marvell.com> Cc: Maen Suleiman <maen@marvell.com> Cc: Tawfik Bayouk <tawfik@marvell.com> Cc: Shadi Ammouri <shadi@marvell.com> Cc: Eran Ben-Avi <benavi@marvell.com> Cc: Yehuda Yitschak <yehuday@marvell.com> Cc: Nadav Haklai <nadavh@marvell.com> [m.szyprowski: rebased onto v3.6-rc5 and resolved conflict] Signed-off-by: Marek Szyprowski <m.szyprowski@samsung.com>
2012-09-10KVM: fix error paths for failed gfn_to_page() callsXiao Guangrong2-6/+26
This bug was triggered: [ 4220.198458] BUG: unable to handle kernel paging request at fffffffffffffffe [ 4220.203907] IP: [<ffffffff81104d85>] put_page+0xf/0x34 ...... [ 4220.237326] Call Trace: [ 4220.237361] [<ffffffffa03830d0>] kvm_arch_destroy_vm+0xf9/0x101 [kvm] [ 4220.237382] [<ffffffffa036fe53>] kvm_put_kvm+0xcc/0x127 [kvm] [ 4220.237401] [<ffffffffa03702bc>] kvm_vcpu_release+0x18/0x1c [kvm] [ 4220.237407] [<ffffffff81145425>] __fput+0x111/0x1ed [ 4220.237411] [<ffffffff8114550f>] ____fput+0xe/0x10 [ 4220.237418] [<ffffffff81063511>] task_work_run+0x5d/0x88 [ 4220.237424] [<ffffffff8104c3f7>] do_exit+0x2bf/0x7ca The test case: printf(fmt, ##args); \ exit(-1);} while (0) static int create_vm(void) { int sys_fd, vm_fd; sys_fd = open("/dev/kvm", O_RDWR); if (sys_fd < 0) die("open /dev/kvm fail.\n"); vm_fd = ioctl(sys_fd, KVM_CREATE_VM, 0); if (vm_fd < 0) die("KVM_CREATE_VM fail.\n"); return vm_fd; } static int create_vcpu(int vm_fd) { int vcpu_fd; vcpu_fd = ioctl(vm_fd, KVM_CREATE_VCPU, 0); if (vcpu_fd < 0) die("KVM_CREATE_VCPU ioctl.\n"); printf("Create vcpu.\n"); return vcpu_fd; } static void *vcpu_thread(void *arg) { int vm_fd = (int)(long)arg; create_vcpu(vm_fd); return NULL; } int main(int argc, char *argv[]) { pthread_t thread; int vm_fd; (void)argc; (void)argv; vm_fd = create_vm(); pthread_create(&thread, NULL, vcpu_thread, (void *)(long)vm_fd); printf("Exit.\n"); return 0; } It caused by release kvm->arch.ept_identity_map_addr which is the error page. The parent thread can send KILL signal to the vcpu thread when it was exiting which stops faulting pages and potentially allocating memory. So gfn_to_pfn/gfn_to_page may fail at this time Fixed by checking the page before it is used Signed-off-by: Xiao Guangrong <xiaoguangrong@linux.vnet.ibm.com> Signed-off-by: Avi Kivity <avi@redhat.com>