Rebase NILRT x86_64 commits on latest devel-rt/linux-5.16.y-rt#48
Closed
gratian wants to merge 82 commits intoni:rebase/devel-rt/linux-5.16.y-rtfrom
Closed
Rebase NILRT x86_64 commits on latest devel-rt/linux-5.16.y-rt#48gratian wants to merge 82 commits intoni:rebase/devel-rt/linux-5.16.y-rtfrom
gratian wants to merge 82 commits intoni:rebase/devel-rt/linux-5.16.y-rtfrom
Conversation
Signed-off-by: Ben Shelton <ben.shelton@ni.com> Acked-by: Scot Salmon <scot.salmon@ni.com> Acked-by: Terry Wilcox <terry.wilcox@ni.com> Natinst-ReviewBoard-ID: 69848 [gratian: convert to new syscall table format for arm] Signed-off-by: Gratian Crisan <gratian.crisan@ni.com> [bstreiff: update the number for this painful out-of-tree syscall] Signed-off-by: Brandon Streiff <brandon.streiff@ni.com> [gratian: update due to new syscall introduced by ecb8ac8 ("mm/madvise: introduce process_madvise() syscall: an external memory hinting AP")] Signed-off-by: Gratian Crisan <gratian.crisan@ni.com> [gratian: update syscall numbers to account for upstream additions; dropped arm bits] Signed-off-by: Gratian Crisan <gratian.crisan@ni.com> [gratian: bump syscall number to account for upstream process_mrelease addition] Signed-off-by: Gratian Crisan <gratian.crisan@ni.com> [gratian: bump syscall number to account for upstream futex_waitv addition] Signed-off-by: Gratian Crisan <gratian.crisan@ni.com>
… warm reboot Another group is requesting that we provide an API to allow them to signal that the next reboot should be "cold". They need this to guarantee that the FPGA will not be running and cause the system to reboot at a bad time. This change creates a RW file at /sys/kernel/ni_requested_reboot_type. The default value is 0. - If when we reboot the value is 0 then we do the normal reset behavior. - If the value is 1 we attempt to do a PCI reboot (using the CF9 register) and fall back to the normal reboot method if that fails. - If the value is 2 we attempt to do an ACPI reboot and fall back to the normal reboot method if that fails. We selected a reboot using the CF9 register over attempting to do an EFI reboot because we don't have much time to test this feature and we've found EFI features to be fairly buggy. For next release the plan is to do an EFI cold reboot, but put it in early enough to properly test it. Rebooting using the CF9 register should work on all x64 hardware that we will support for 2014 (smasher and hammerhead). Signed-off-by: Terry Wilcox <terry.wilcox@ni.com> Acked-by: Brad Mouring <brad.mouring@ni.com> Natinst-ReviewBoard-ID: 68018
Currently, we provide NI cold boot support on x64 targets. However, at some future point, we may wish to provide this support on other targets as well. Adding a config option to specify that a target supports NI cold boot functionality; this fixes the build for Zynq targets and doesn't paint us into a corner later. Signed-off-by: Ben Shelton <ben.shelton@ni.com>
This patch allows configuring priority for different irq threads through the /proc/irq/ system (much same as the existing mechanism to configure the core affinity for irqs). Priority of an already running irq thread can be changed also, however, the new priority will take into effect when the irq thread is scheduled to run the next time. An irq thread that gets created will use the priority specified in the /proc/irq/../priority file. Thanks Josh Cartwright for suggesting this idea. Also fix up the original commit by moving the code out from under the CONFIG_SMP conditional to allow building a uniprocessor kernel. Signed-off-by: Sankara S Muthukrishnan <sankara.m@ni.com> Signed-off-by: Josh Cartwright <josh.cartwright@ni.com> Acked-by: Josh Cartwright <josh.cartwright@ni.com> Acked-by: Jeff Westfahl <jeff.westfahl@ni.com> Acked-by: Gratian Crisan <gratian.crisan@ni.com> [gratian: rename setup_affinity() to irq_setup_affinity() per commit 43564bd ("genirq: Rename setup_affinity() to irq_setup_affinity()")] Signed-off-by: Gratian Crisan <gratian.crisan@ni.com> [bstreiff: drop dependency on reverted commit 87fdb9b ("boot: add kernel boot parameters for kernel thread priorities")] [bstreiff: convert from file_operations to proc_ops] Signed-off-by: Brandon Streiff <brandon.streiff@ni.com> [gratian: convert MAX_USER_RT_PRIO to MAX_RT_PRIO following commit ae18ad2 ("sched: Remove MAX_USER_RT_PRIO")] Signed-off-by: Gratian Crisan <gratian.crisan@ni.com>
Implement polling on procfs' "interrupts" file which observes changes to IRQ action handlers. The poll fires each time an action handler is registered or unregistered. This change enables daemons to watch for changes and apply certain system policies relating to IRQ processing. For example, modify execution priority of dedicated IRQ tasks after they're created. include/linux/interrupt.h kernel/irq/manage.c Add change counter for handler registrations and a wait queue to notify tasks on updates. fs/proc/interrupts.c Add polling callback on aforementioned counter and wait queue. Signed-off-by: Haris Okanovic <haris.okanovic@ni.com> Signed-off-by: Ovidiu-Adrian Vancea <ovidiu.vancea@ni.com> Signed-off-by: Brad Mouring <brad.mouring@ni.com> Natinst-ReviewBoard-ID: 111860, 163902 [gratian: fixed small rebase conflict] Signed-off-by: Gratian Crisan <gratian.crisan@ni.com> [bstreiff: un-trivialize from changes in fddda2b ("proc: introduce proc_create_seq{,_data}") and convert file_operations to proc_ops] Signed-off-by: Brandon Streiff <brandon.streiff@ni.com>
Added an NI RT features driver. This is an ACPI device that exposes LEDs, switches, and other hardware features of the Smasher controllers. Not all of the proposed features of the device work as expected, and some features may be removed in the future. Development work on this device by the hardware team is currently not a high priority. These issues will be addressed once the hardware team gets back to this device. Signed-off-by: Jeff Westfahl <jeff.westfahl@ni.com> [gratian: fix conflict with 7a6ff4c ("misc: hisi_hikey_usb: Driver to support onboard USB gpio hub on Hikey960")] Signed-off-by: Gratian Crisan <gratian.crisan@ni.com> [gratian: fix conflict with bb3b655 ("staging: hikey9xx: split hi6421v600 irq into a separate driver")] Signed-off-by: Gratian Crisan <gratian.crisan@ni.com>
On our Zynq targets, we expose the power-on reset status of the controller via a soft_reset sysfs file. The same underlying bit in the CPLD is exposed as hard_boot on our Smasher targets. In this commit we change the Smasher implementation to match Zynq. Signed-off-by: Jeff Westfahl <jeff.westfahl@ni.com>
On systems where FPGA autoload is controlled by software, we need a way to determine if a system has just had power applied. This is necessary to implement the autoload on every power-on feature. Once the FPGA has been autloaded after power-on, software sets a bit in the CPLD so that subsequent (non power-on) resets don't cause the FPGA to be autoloaded again. The CPLD provides the HARD_BOOT_N bit for this purpose. On systems where FPGA autoload is controlled by hardware, such as Smasher, we need to set this bit at some point after power-on so that software can correctly determine the reset state of the controller. Since software has no insight into the status of FPGA autoload on these systems, we can just set this bit if necessary when the driver loads. Signed-off-by: Jeff Westfahl <jeff.westfahl@ni.com>
Changed the strings returned by the reset_source sysfs file to match those returned on Zynq. Changed the algorithm used to determine the reset source to match Zynq. Signed-off-by: Jeff Westfahl <jeff.westfahl@ni.com> (Note that the Smasher CPLD currently returns incorrect values for the reset source in some cases. See CARs 458093 and 458094.)
In nirtfeatures_acpi_add, we create several sysfs files. As currently implemented, there is a window where access to a sysfs file may cause our spinlock to be used before it's been initialized, or may cause us to write an incorrect value to an I/O port. We can close this window by moving the creation of the sysfs files closer to the end of the function. Signed-off-by: Jeff Westfahl <jeff.westfahl@ni.com>
The Smasher CPLD has recently exposed some new registers. In this commit we display the values of these registers in the output of the register_dump sysfs file. Signed-off-by: Jeff Westfahl <jeff.westfahl@ni.com>
When we built Hammerhead, we used ID 4 instead of 1. We don't want to rework all of the boards to match the documentation, so we're just changing the documentation and driver to match what we built. Signed-off-by: Jeff Westfahl <jeff.westfahl@ni.com>
Signed-off-by: Jeff Westfahl <jeff.westfahl@ni.com>
The existing recovery_mode and no_fpga bits are now read only. A new bit, no_fpga_sw, exists for software to tell the CPLD to assert NO_FPGA at the next reset. Signed-off-by: Jeff Westfahl <jeff.westfahl@ni.com>
The driver currently returns an error from init if it doesn't recognize the backplane ID. This causes the kernel to hang on boot. Although this is probably a bug somewhere else in the kernel, there's no real benefit to returning an error in this case. It's sufficient to print an error message to the console and return "Unknown" as the backplane ID. Signed-off-by: Jeff Westfahl <jeff.westfahl@ni.com>
The BIOS will set the HARD_BOOT_N bit at post, so the driver no longer needs to do this. Signed-off-by: Jeff Westfahl <jeff.westfahl@ni.com>
Remove the unused NI_HW_REBOOT config option. We're not going to use this. Signed-off-by: Jeff Westfahl <jeff.westfahl@ni.com>
Updated registers to match the latest CPLD documentation, removed several sysfs files that were only used for development debugging, and removed several now unused constants. Signed-off-by: Jeff Westfahl <jeff.westfahl@ni.com>
These changes add support for PIEs (physical interface elements), which
are defined as physical elements fixed to a controller/chassis with
which a user can interact (e.g. LEDs and switches) and whose meaning
is user-defined and implementation-specific.
The support for these elements, in terms of enumerating and interacting
with them (i.e. retrieving the list of elements, getting/setting their
current state, enabling notifications, etc.) is embedded within the
BIOS as a set of ACPI methods. The changes to the CPLD driver act as a
bridge between these methods and existing Linux kernel facilities as
described below to expose the elements and any applicable metadata to
user mode. The metadata or knowledge needed for the interpretation
thereof is not a prerequisite to interacting with the elements--it is
there for upper-level value add software to use to improve the user
experience. In other words, Linux users familiar with the class drivers
by which the elements are surfaced should not have any issues
interfacing with them without knowing the meaning of the attached
metadata.
Output elements, which consist currently of LEDs, are surfaced via the
LED class driver. Each LED and color becomes its own LED class device
with the naming convention 'nilrt:{name}:{color}'. Any additional
attributes/metadata intended for upper-level software are appended to
the name, each separated by colons, as suggested by the LED class driver
documentation in the Linux kernel proper, except where there is already
a standard way to communicate a specific piece of metadata (e.g.,
maximum brightness, which is exposed via the /sys/class/leds/.../
max_brightness attribute node).
Input elements as surfaced via the input class driver. As with output
elements, each input element registers its own separate driver whose
name and associated metadata are transmitted via the name attribute
attached to the input device, retrievable via the EVIOCGNAME ioctl,
using the same convention as described above for output elements. The
input class driver model is that events are pushed (i.e. reported) to
indicate state changes, so to facilitate this, the CPLD driver has an
ACPI notify callback that is invoked when an input element changes state
and its BIOS support generates a general purpose event per the ACPI
GPE model. The notify callback checks the instantaneous state of the
input element and reports a keyboard event on its particular device with
a scan code of 256 (BTN_0), where a key down event means that the input
element is in the '1' state (down, engaged, on, pressed, etc.) and a key
up event means that the input element is in the '0' state (off,
disengaged, released, etc.). User mode software can then monitor for
these specific events to determine when the state of the element has
changed, or can use the EVIOCGKEY ioctl on the appropriate input device
to retrieve the instantaneous state of the element.
Signed-off-by: Aaron Rossetto <aaron.rossetto@ni.com>
(joshc: fixed up strnicmp -> strncasecmp for 4.0)
Signed-off-by: Josh Cartwright <joshc@ni.com>
For compatibility with myRIO, don't change the name of the wireless PIE LEDs. Signed-off-by: Nathan Sullivan <nathan.sullivan@ni.com> Reviewed-by: Jaeden Amero <jaeden.amero@ni.com> Reviewed-by: Josh Cartwright <joshc@ni.com> Natinst-ReviewBoard-ID: 107067 Natinst-CAR-ID: 540272
The MMC driver will enable/disable external regulators as part of enabling/disabling the SD Host Controller. The WLAN_PWD_L line (controlled from the CPLD) must be enabled/disabled at the same time that the controller is enabled/disabled. Allow the MMC driver to just control that pin directly via the regulator framework. Signed-off-by: James Minor <james.minor@ni.com>
Add the new Fire Eagle backplane ID so we stop complaining on boot. Signed-off-by: Kyle Roeschley <kyle.roeschley@ni.com> Signed-off-by: Brad Mouring <brad.mouring@ni.com> Acked-by: Xander Huff <xander.huff@ni.com> Natinst-ReviewBoard-ID: 152156
Fix checkpatch warnings: Block comments use * on subsequent lines Block comments use a trailing */ on a separate line Comparisons should place the constant on the right side of the test break is not useful after a goto or return Signed-off-by: Xander Huff <xander.huff@ni.com> Natinst-ReviewBoard-ID: 157395
This commit assumes that BIOS will implement a change to add a new field to PIEC capability structure. Also bumping the capabilities version by 1. Adding IRQ mechanism for user Push button instead of GPIO This change registers and requests an IRQ for User push button.Adds a new handler pushbutton_interrupt_handler() to handle the interrupt when the button is pressed or released. Adds a new field to struct nirtfeatures_pie_descriptor called notification_method. If this field is 1, it indicates interrupt mechanism. We check this field only for caps version=3 and pie_type=switch. Also bumps the MAX_PIE_CAPS_VERSION to 3. The kernel and BIOS have to be updated at the same time in order for this change to be successful. If kernel is updated first on a controller, user button will simply not function but will have no other side effects. If BIOS is updated first, then system will end in kernel panic and reboot constantly. Signed-off-by: Akash Mankar <akash.mankar@ni.com> Signed-off-by: Brad Mouring <brad.mouring@ni.com> Acked-by: Zach Hindes <zach.hindes@ni.com> Acked-by: Aaron Rossetto <aaron.rossetto@ni.com> Natinst-ReviewBoard-ID: 174593
On Fire Eagle, the Ironclad ASIC has an internal watchdog which will reset the chip if the its firmware hangs. Unless we're in button- directed safemode, this will also reset the whole system. Add this reset reason to our strings so we can tell when this happens. Signed-off-by: Kyle Roeschley <kyle.roeschley@ni.com> Signed-off-by: Brad Mouring <brad.mouring@ni.com> Acked-by: James Minor <james.minor@ni.com> Acked-by: Zach Brown <zach.brown@ni.com> Acked-by: Akash Mankar <akash.mankar@ni.com> Natinst-ReviewBoard-ID: 176049
Adding a new ACPI resource to device BIOS exposed the fact that our error handling on a failed device probe is very broken. To fix this, use managed allocation (devm_*) for all resources which support it. Signed-off-by: Kyle Roeschley <kyle.roeschley@ni.com> Signed-off-by: Brad Mouring <brad.mouring@ni.com> Acked-by: James Minor <james.minor@ni.com> Acked-by: Zach Brown <zach.brown@ni.com> Acked-by: Akash Mankar <akash.mankar@ni.com> Natinst-ReviewBoard-ID: 176049
Add the new Swordfish backplane ID to stop errors on boot. Signed-off-by: Kyle Roeschley <kyle.roeschley@ni.com> Signed-off-by: Brad Mouring <brad.mouring@ni.co> Acked-by: Zach Brown <zach.brown@ni.com> Acked-by: Nathan Sullivan <nathan.sullivan@ni.com> Acked-by: Julia Cartwright <julia@ni.com> Natinst-ReviewBoard-ID: 227200
Unlike all previous controllers, Swordfish targets do not have bi-color power and status LEDs. Check our backplane ID and don't register the second color if we're on a Swordfish. Signed-off-by: Kyle Roeschley <kyle.roeschley@ni.com> Signed-off-by: Brad Mouring <brad.mouring@ni.co> Acked-by: Zach Brown <zach.brown@ni.com> Acked-by: Nathan Sullivan <nathan.sullivan@ni.com> Acked-by: Julia Cartwright <julia@ni.com> Natinst-ReviewBoard-ID: 227200 Natinst-CAR-ID: 691081
Prior to commit 7142f92 ("wireless: carl9170: fix LEDS build errors & warnings") support for MAC80211_LEDS, NEW_LEDS and LEDS_CLASS config options was automatically enabled by having CONFIG_CARL9170=m in nati_x86_64_defconfig. The aforementioned commit removed the automatic selection in favor of CARL9170_LEDS config option declaring a dependency on MAC80211_LEDS. This results in linker errors if the nirtfeatures driver is enabled via CONFIG_NI_RT_FEATURES since this driver makes use of functionality provided by the NEW_LEDS and LEDS_CLASS configuration options: LD .tmp_vmlinux.kallsyms1 ld: drivers/misc/nirtfeatures.o: in function `nirtfeatures_parse_led_pie.isra.0': nirtfeatures.c:(.text+0x103b): undefined reference to `devm_led_classdev_register_ext' ld: drivers/misc/nirtfeatures.o: in function `nirtfeatures_acpi_add': nirtfeatures.c:(.text+0x14ad): undefined reference to `devm_led_classdev_register_ext' make: *** [Makefile:1179: vmlinux] Error 1 Automatically select support for NEW_LEDS and by extension LEDS_CLASS if NI_RT_FEATURES is enabled. Signed-off-by: Gratian Crisan <gratian.crisan@ni.com>
This family uses the same monochrome LEDs as Swordfish. Signed-off-by: Kyle Roeschley <kyle.roeschley@ni.com> Acked-by: Brandon Streiff <brandon.streiff@ni.com> Acked-by: Gratian Crisan <gratian.crisan@ni.com> Acked-by: Julia Cartwright <julia.cartwright@ni.com> Natinst-ReviewBoard-ID: 273119
Some firmwares offer the ability to directly set the RSN with WMI_SET_RSN_CAP_CMDID instead of using WMI_SET_IE_CMDID. Add the flags and functions to make that work. Signed-off-by: James Minor <james.minor@ni.com> Signed-off-by: Brad Mouring <brad.mouring@ni.com Acked-by: Nathan Sullivan <nathan.sullivan@ni.com> Natinst-ReviewBoard-ID: 133028 Natinst-CAR-ID: 577496
Silex uses different command IDs for the commands WMI_SET_APPIE_CMDID and WMI_SET_RSN_CAP_SILEX_CMDID. In case of the Silex firmware, remap them to the correct command ID. Signed-off-by: James Minor <james.minor@ni.com> Signed-off-by: Brad Mouring <brad.mouring@ni.com Acked-by: Nathan Sullivan <nathan.sullivan@ni.com> Natinst-ReviewBoard-ID: 133028 Natinst-CAR-ID: 577496
Sometimes the devices will fail to boot the first time, but will work fine when retried. Retry the initialization a few times before failing (and reset the hardware properly when it fails). Signed-off-by: James Minor <james.minor@ni.com> Signed-off-by: Brad Mouring <brad.mouring@ni.com> Natinst-ReviewBoard-ID: 130170 Natinst-CAR-ID: 566029
Sometimes the AR6234 gives us a error "ath6kl: Unable to enable sdio func: -62". This indicates that the enable bit for the function did not result in the function's status bit in the SDIO_CCCR_IORx register getting set within a reasonable period of time (like 400ms). The guess at this point is that the radio is coming up in some strange state and the power-on reset did not clean things up as it should have. This occurs about once every thousand or so reboots. Experimentation has shown that resetting the device after this has happened allows the function enable to correctly set the function's bit in the SDIO_CCCR_IORx. This change will reset the AR6234 and try the function enable again if the module parameter boot_attempts is set to >0. This has been tested over several thousand reboots, and the driver will recover correctly when it would have otherwise failed to initialize. Signed-off-by: James Minor <james.minor@ni.com> Signed-off-by: Brad Mouring <brad.mouring@ni.com> Acked-by: Nathan Sullivan <nathan.sullivan@ni.com> Acked-by: Xander Huff <xander.huff@ni.com> Natinst-ReviewBoard-ID: 135864 Natinst-CAR-ID: 579000
Linux upstream had accepted the load of different board file using DTS method with board file name format of "bdata.XX.bin". Hence, we need to modify BIOS code to use same board file name format to match with the upstream code. Signed-off-by: Wilson Lee <wilson.lee@ni.com> Signed-off-by: Brad Mouring <brad.mouring@ni.com> Acked-by: Keng Soon Cheah <keng.soon.cheah@ni.com> Acked-by: Joseph Hershberger <joseph.hershberger@ni.com> Acked-by: Chen Yee Chew <chen.yee.chew@ni.com> Natinst-ReviewBoard-ID: 203623 Perforce-ReviewBoard-ID: 203621
To support the single antenna board files for products with 1 antenna, separate out the selection of the region from the selection of the board file. On OF platforms, there will now be 2 device tree entries: atheros,region-code - The region code (like US) atheros,board-id - The board file code (like 00, 10, etc) In the process, do a small refactor of the CONFIG_ATH6KL_NI_BIOS_DOMAIN case to be more consistent with the device tree case. Signed-off-by: James Minor <james.minor@ni.com> Signed-off-by: Brad Mouring <brad.mouring@ni.com> Acked-by: Nathan Sullivan <nathan.sullivan@ni.com> Acked-by: Kyle Roeschley <kyle.roeschley@ni.com> Natinst-ReviewBoard-ID: 223288 Natinst-CAR-ID: 686866
This will prevent SD card from doing SD high-speed timing. It will not do SD high-speed timing for high-speed or standard-speed card. Signed-off-by: Chen Yee Chew <chen.yee.chew@ni.com> Reviewed-by: Keng Soon Cheah <keng.soon.cheah@ni.com> Reviewed-by: Joe Hershberger <joe.hershberger@ni.com> Natinst-CAR-ID: 519438 Natinst-ReviewBoard-ID: 99036 [bstreiff: convert to device_property_present as per 8199d31 ("mmc: sdhci-pltfm: Convert DT properties to generic device properties")] Signed-off-by: Brandon Streiff <brandon.streiff@ni.com>
The SD spec version 6.0 section 6.4.1.5 requires that Vdd must be lowered to less than 0.5V for a minimum of 1 ms when powering off a card. Increase our wait to 15 ms so that voltage has time to drain down to 0.5V. Signed-off-by: Kyle Roeschley <kyle.roeschley@ni.com> Signed-off-by: Brad Mouring <brad.mouring@ni.com> Acked-by: James Minor <james.minor@ni.com> Acked-by: Brandon Streiff <brandon.streiff@ni.com> Natinst-ReviewBoard-ID: 203804
Per the SD Host Controller Simplified Specification v4.20 §3.2.3, change the SD card clock parameters only after first disabling the external card clock. Doing this fixes a spurious clock pulse on Baytrail and Apollo Lake SD controllers which otherwise breaks voltage switching with a specific Swissbit SD card. Signed-off-by: Kyle Roeschley <kyle.roeschley@ni.com> Signed-off-by: Brad Mouring <brad.mouring@ni.com> Acked-by: Tony Liechty <tony.liechty@ni.com> Acked-by: Nathan Sullivan <nathan.sullivan@ni.com> Natinst-ReviewBoard-ID: 236135 Natinst-CAR-ID: 694815
Some SD controllers require a delay between clearing SDHCI_CLOCK_CARD_EN and changing the SD clock dividers in order to avoid a runt clock pulse which can otherwise cause problems with some SD cards. Signed-off-by: Kyle Roeschley <kyle.roeschley@ni.com> Signed-off-by: Brad Mouring <brad.mouring@ni.com> Acked-by: Tony Liechty <tony.liechty@ni.com> Acked-by: Nathan Sullivan <nathan.sullivan@ni.com> Natinst-ReviewBoard-ID: 236135 [bstreiff: minor fix to renumber flag bit] Signed-off-by: Brandon Streiff <brandon.streiff@ni.com>
On some SD host controllers, we can see two SD card insert interrupts when inserting a card. This causes mmc_rescan() to be called twice in quick succession and generate one or two SD card clock pulses, which can cause some SD cards to become unresponsive. Signed-off-by: Kyle Roeschley <kyle.roeschley@ni.com> Signed-off-by: Brad Mouring <brad.mouring@ni.com> Acked-by: Tony Liechty <tony.liechty@ni.com> Acked-by: Nathan Sullivan <nathan.sullivan@ni.com> Natinst-ReviewBoard-ID: 236135 [gratian: fix conflict with fec7967 ("mmc: sdhci: Factor out sdhci_enable_clk")] Signed-off-by: Gratian Crisan <gratian.crisan@ni.com> [bstreiff: minor change to renumber flag bit] Signed-off-by: Brandon Streiff <brandon.streiff@ni.com>
With the Baytrail SD controllers on cRIO-905x, we can run into two conditions which cause functional problems with the NI-recommended microSD card. The first is a runt pulse after SD card clock disable, which is fixed by using SDHCI_QUIRK2_NEED_DELAY_AFTER_CLK_DISABLE to wait after disabling the clock. The second is receiving two SDHCI_INT_CARD_INSERT interrupts, which causes us to set up the card twice a make our recommended microSD card unresponsive. Work around this by using SDHCI_QUIRK2_SPURIOUS_CARD_INSERT_INTERRUPT. Signed-off-by: Kyle Roeschley <kyle.roeschley@ni.com> Signed-off-by: Brad Mouring <brad.mouring@ni.com> Acked-by: Tony Liechty <tony.liechty@ni.com> Acked-by: Nathan Sullivan <nathan.sullivan@ni.com> Natinst-ReviewBoard-ID: 236135 Natinst-CAR-ID: 696865 Natinst-CAR-ID: 694815
Per the §2.2.19 of the SD Host Controller Simplified Specification Version 4.20, the Tuning Error interrupt is set when an unrecoverable error is detected by the host controller in the tuning circuit when not executing the tuning procedure. Handle this interrupt by printing a useful error message and re-tuning (also per the spec). Signed-off-by: Kyle Roeschley <kyle.roeschley@ni.com> Signed-off-by: Brad Mouring <brad.mouring@ni.com> Acked-by: Tony Liechty <tony.liechty@ni.com> Acked-by: Nathan Sullivan <nathan.sullivan@ni.com> Natinst-ReviewBoard-ID: 236135 Natinst-CAR-ID: 696866 [gratian: adjust includes for 5857b29 ("mmc: core: Move public functions from host.h to private headers")] Signed-off-by: Gratian Crisan <gratian.crisan@ni.com>
Upstream removed spin lock usage in the set_ios path with commit d1e4f74 ("mmc: sdhci: Do not use spin lock in set_ios paths"), which means that our calls to spin_(un)lock_irq() in sdhci_set_clock() now cause an error on boot if a card is not present or a crash if one is present. Remove these calls so we don't do that and to match upstream's change. Fixes: 815777e ("mmc: sdhci: Add quirk for delay between clock disable and param change") Fixes: 30d2f45 ("mmc: sdhci: Add quirk work around double rescan") Signed-off-by: Kyle Roeschley <kyle.roeschley@ni.com> Acked-by: Gratian Crisan <gratian.crisan@ni.com> Acked-by: Brandon Streiff <brandon.streiff@ni.com> Natinst-ReviewBoard-ID: 264712 Natinst-CAR-ID: 720310
Add Kconfig option to enable EFI runtime services by default on !PREEMPT_RT_BASE kernels, unless otherwise configured. This change refactors Sebastian Siewior's commit 55544e1d (efi: Disable runtime services on RT) as a Kconfig token, so that default behavior may be toggled at build time. There's no behavioral change. Signed-off-by: Haris Okanovic <haris.okanovic@ni.com> Acked-by: Julia Cartwright <julia.cartwright@ni.com> Acked-by: Gratian Crisan <gratian.crisan@ni.com> [bstreiff: change from PREEMPT_RT_BASE to PREEMPT_RT as per upstream commit change 987d608 ("efi: Disable runtime services on RT")] Signed-off-by: Brandon Streiff <brandon.streiff@ni.com>
The issue is, if core soft reset is issued while Intel Apollo Lake
USB mux is in Host role mode, it takes close to 7 minutes before we
are able to switch USB mux from Host mode to Device mode. This is
due to RTL bug.
The workaround is to let BIOS issue the core soft reset via _DSM
method. It will ensure that USB mux is in Device role mode before
issuing core soft reset, and will inform the driver whether the
reset is success within the timeout value, or the timeout is exceeded.
commit cd78b8067c6e ("usb: dwc3: call _DSM for core soft reset")
originated from http://git.yoctoproject.org/cgit/cgit.cgi/linux-yocto-4.1/
Signed-off-by: Wan Ahmad Zainie <wan.ahmad.zainie.wan.mohamad@intel.com>
[akash.mankar@ni.com: changed the way has_dsm_for_softreset property is
set in dwc3-pci.c and read in core.c]
Signed-off-by: Akash Mankar <akash.mankar@ni.com>
Signed-off-by: Brad Mouring <brad.mouring@ni.com>
Acked-by: Gratian Crisan <gratian.crisan@ni.com>
Acked-by: Brandon Streiff <brandon.streif@ni.com>
Natinst-ReviewBoard-ID: 178124
[gratian: fixed merge conflicts, mainly due to dwc3_soft_reset removal]
Signed-off-by: Gratian Crisan <gratian.crisan@ni.com>
[bstreiff: fixed merge conflicts due to property refactor by 1a7b12f
("usb: dwc3: pci: Supply device properties via driver data")]
[gratian: fix merge conflict with f580170
("usb: dwc3: Add splitdisable quirk for Hisilicon Kirin Soc")]
Signed-off-by: Gratian Crisan <gratian.crisan@ni.com>
Signed-off-by: Richard Tollerton <rich.tollerton@ni.com> [gratian: fix conflict with fa32e85 ("tracing: Add new trace_marker_raw"); rename NI specific implementation until we can replace it] Signed-off-by: Gratian Crisan <gratian.crisan@ni.com> [bstreiff: fixups due to struct member renames in 1329249 ("tracing: Make struct ring_buffer less ambiguous")] Signed-off-by: Brandon Streiff <brandon.streiff@ni.com> [gratian: update for 22c36b1 ("tracing: make tracing_init_dentry() returns an integer instead of a d_entry pointer")] Signed-off-by: Gratian Crisan <gratian.crisan@ni.com> [gratian: fixups due to tracing contex introduction in edbaaa1 ("tracing: Merge irqflags + preemt counter, add RT bits")] Signed-off-by: Gratian Crisan <gratian.crisan@ni.com> [gratian: fixups due to tracing_gen_ctx_flags() API change in 8cac5db ("tracing: Merge irqflags + preemt counter, add RT bits")] Signed-off-by: Gratian Crisan <gratian.crisan@ni.com> [gratian: use always_inlined __trace_buffer_lock_reserve() introduced by 3e9a8aa ("tracing: Create a always_inlined __trace_buffer_lock_reserve()")] Signed-off-by: Gratian Crisan <gratian.crisan@ni.com>
The clocksource watchdog is used to detect instabilities in the current clocksource. This is a beneficial feature on new/unknown hardware however it can create problems by falsely triggering when the watchdog wraps. The reason is that an interrupt storm and/or high priority (FIFO/RR) tasks can preempt the timer softirq long enough for the watchdog to wrap if it has a limited number of bits available by comparison with the main clocksource. One observed example is on a Intel Baytrail platform where TSC is the main clocksource, HPET is disabled due to a hardware bug and acpi_pm gets selected as the watchdog clocksource. Provide the option to disable the clocksource watchdog for hardware where the clocksource stability has been validated. Signed-off-by: Gratian Crisan <gratian.crisan@ni.com>
This reverts commit 4324f6d. The SD Physical Layer Simplified Specification Version 6.00 §4.2.4.5 says that tuning is only supported for SDR50 and SDR104 modes, not DDR50 mode. As a result, tuning always fails for DDR50 cards. Remove "support" for this in the kernel, as it only adds unnecessary error prints. This was tested with a variety of industrial and consumer microSD cards from Swissbit, Unirex, Patriot, SanDisk, and Link Depot. None of the cards were able to execute tuning in DDR50 mode. Signed-off-by: Kyle Roeschley <kyle.roeschley@ni.com> Signed-off-by: Brad Mouring <brad.mouring@ni.com> Acked-by: Tony Liechty <tony.liechty@ni.com> Acked-by: Nathan Sullivan <nathan.sullivan@ni.com> Natinst-ReviewBoard-ID: 236135
This reverts commit e1d7ba8. NI has a use case that involves distributed networked Linux devices that need to share the same concept of time using a mechanism like IEEE-1588 or 802.1AS. The “master” device (ie. the device with the time all other devices will be synchronized to) is often a device that boots up set to the Posix Epoch, mainly because it lacks a battery-backed RTC. (note: the existence of an RTC does not prevent a device from booting up at or very near the Posix Epoch, it just greatly reduces the likelihood). If a slave device attempted to synchronize its CLOCK_REALTIME to that of the master – and the master’s time was < Epoch+slave uptime, that slave would not be able to synchronize. This use case is believed to be very common among embedded devices, especially those without RTCs. Long term: We (NI Timing & Sync) are planning on engaging with the upstream community to educate them on our use case and hopefully put a different solution in place which solves the original problem (preventing a negative boot time representation) while also allowing our use case to continue working as it did prior to the change we’re reverting. Once that happens, we can drop this revert. Signed-off-by: Brad Mouring <brad.mouring@ni.com> Reported-by: Vineeth Acharya <vineeth.acharya@ni.com> Tested-by: Rick Ratzel <rick.ratzel@ni.com> Natinst-CAR-ID: 629499 [bstreiff: reduced control flow in do_settimeofday64 due to unassigned 'ret'] Signed-off-by: Brandon Streiff <brandon.streiff@ni.com>
The cRIO-903x architecture is sort of special, we do not connect
a dimm to the SPD because we use flash instead, but the SPD is still
present because the processor expects it. However, enumerating and
registering the SPD i2c bus is causing interrupt storms, so for now
we skip the registration on all 903x devices.
Fixes: 01590f3 ("i2c: i801: Instantiate SPD EEPROMs automatically")
Signed-off-by: Bill Pittman <bill.pittman@ni.com>
Natinst-AZDO-ID: 1573148
(cherry picked from commit 4de019e)
[gratian: squashed all defconfig commits accumulated up to 5.16.0-rc6] Signed-off-by: Gratian Crisan <gratian.crisan@ni.com>
Author
|
Submitted as nilrt/master/5.16 |
xhuff
pushed a commit
to xhuff/linux
that referenced
this pull request
Jan 3, 2024
[ Upstream commit fe57575 ] The `cgrp_local_storage` test triggers a kernel panic like: # ./test_progs -t cgrp_local_storage Can't find bpf_testmod.ko kernel module: -2 WARNING! Selftests relying on bpf_testmod.ko will be skipped. [ 550.930632] CPU 1 Unable to handle kernel paging request at virtual address 0000000000000080, era == ffff80000200be34, ra == ffff80000200be00 [ 550.931781] Oops[ni#1]: [ 550.931966] CPU: 1 PID: 1303 Comm: test_progs Not tainted 6.7.0-rc2-loong-devel-g2f56bb0d2327 ni#35 a896aca3f4164f09cc346f89f2e09832e07be5f6 [ 550.932215] Hardware name: QEMU QEMU Virtual Machine, BIOS unknown 2/2/2022 [ 550.932403] pc ffff80000200be34 ra ffff80000200be00 tp 9000000108350000 sp 9000000108353dc0 [ 550.932545] a0 0000000000000000 a1 0000000000000517 a2 0000000000000118 a3 00007ffffbb15558 [ 550.932682] a4 00007ffffbb15620 a5 90000001004e7700 a6 0000000000000021 a7 0000000000000118 [ 550.932824] t0 ffff80000200bdc0 t1 0000000000000517 t2 0000000000000517 t3 00007ffff1c06ee0 [ 550.932961] t4 0000555578ae04d0 t5 fffffffffffffff8 t6 0000000000000004 t7 0000000000000020 [ 550.933097] t8 0000000000000040 u0 00000000000007b8 s9 9000000108353e00 s0 90000001004e7700 [ 550.933241] s1 9000000004005000 s2 0000000000000001 s3 0000000000000000 s4 0000555555eb2ec8 [ 550.933379] s5 00007ffffbb15bb8 s6 00007ffff1dafd60 s7 000055555663f610 s8 00007ffff1db0050 [ 550.933520] ra: ffff80000200be00 bpf_prog_98f1b9e767be2a84_on_enter+0x40/0x200 [ 550.933911] ERA: ffff80000200be34 bpf_prog_98f1b9e767be2a84_on_enter+0x74/0x200 [ 550.934105] CRMD: 000000b0 (PLV0 -IE -DA +PG DACF=CC DACM=CC -WE) [ 550.934596] PRMD: 00000004 (PPLV0 +PIE -PWE) [ 550.934712] EUEN: 00000003 (+FPE +SXE -ASXE -BTE) [ 550.934836] ECFG: 00071c1c (LIE=2-4,10-12 VS=7) [ 550.934976] ESTAT: 00010000 [PIL] (IS= ECode=1 EsubCode=0) [ 550.935097] BADV: 0000000000000080 [ 550.935181] PRID: 0014c010 (Loongson-64bit, Loongson-3A5000) [ 550.935291] Modules linked in: [ 550.935391] Process test_progs (pid: 1303, threadinfo=000000006c3b1c41, task=0000000061f84a55) [ 550.935643] Stack : 00007ffffbb15bb8 0000555555eb2ec8 0000000000000000 0000000000000001 [ 550.935844] 9000000004005000 ffff80001b864000 00007ffffbb15450 90000000029aa034 [ 550.935990] 0000000000000000 9000000108353ec0 0000000000000118 d07d9dfb09721a09 [ 550.936175] 0000000000000001 0000000000000000 9000000108353ec0 0000000000000118 [ 550.936314] 9000000101d46ad0 900000000290abf0 000055555663f610 0000000000000000 [ 550.936479] 0000000000000003 9000000108353ec0 00007ffffbb15450 90000000029d7288 [ 550.936635] 00007ffff1dafd60 000055555663f610 0000000000000000 0000000000000003 [ 550.936779] 9000000108353ec0 90000000035dd1f0 00007ffff1dafd58 9000000002841c5c [ 550.936939] 0000000000000119 0000555555eea5a8 00007ffff1d78780 00007ffffbb153e0 [ 550.937083] ffffffffffffffda 00007ffffbb15518 0000000000000040 00007ffffbb15558 [ 550.937224] ... [ 550.937299] Call Trace: [ 550.937521] [<ffff80000200be34>] bpf_prog_98f1b9e767be2a84_on_enter+0x74/0x200 [ 550.937910] [<90000000029aa034>] bpf_trace_run2+0x90/0x154 [ 550.938105] [<900000000290abf0>] syscall_trace_enter.isra.0+0x1cc/0x200 [ 550.938224] [<90000000035dd1f0>] do_syscall+0x48/0x94 [ 550.938319] [<9000000002841c5c>] handle_syscall+0xbc/0x158 [ 550.938477] [ 550.938607] Code: 580009ae 50016000 262402e4 <28c20085> 14092084 03a00084 16000024 03240084 00150006 [ 550.938851] [ 550.939021] ---[ end trace 0000000000000000 ]--- Further investigation shows that this panic is triggered by memory load operations: ptr = bpf_cgrp_storage_get(&map_a, task->cgroups->dfl_cgrp, 0, BPF_LOCAL_STORAGE_GET_F_CREATE); The expression `task->cgroups->dfl_cgrp` involves two memory load. Since the field offset fits in imm12 or imm14, we use ldd or ldptrd instructions. But both instructions have the side effect that it will signed-extended the imm operand. Finally, we got the wrong addresses and panics is inevitable. Use a generic ldxd instruction to avoid this kind of issues. With this change, we have: # ./test_progs -t cgrp_local_storage Can't find bpf_testmod.ko kernel module: -2 WARNING! Selftests relying on bpf_testmod.ko will be skipped. test_cgrp_local_storage:PASS:join_cgroup /cgrp_local_storage 0 nsec ni#48/1 cgrp_local_storage/tp_btf:OK test_attach_cgroup:PASS:skel_open 0 nsec test_attach_cgroup:PASS:prog_attach 0 nsec test_attach_cgroup:PASS:prog_attach 0 nsec libbpf: prog 'update_cookie_tracing': failed to attach: ERROR: strerror_r(-524)=22 test_attach_cgroup:FAIL:prog_attach unexpected error: -524 ni#48/2 cgrp_local_storage/attach_cgroup:FAIL test_recursion:PASS:skel_open_and_load 0 nsec libbpf: prog 'on_lookup': failed to attach: ERROR: strerror_r(-524)=22 libbpf: prog 'on_lookup': failed to auto-attach: -524 test_recursion:FAIL:skel_attach unexpected error: -524 (errno 524) ni#48/3 cgrp_local_storage/recursion:FAIL ni#48/4 cgrp_local_storage/negative:OK ni#48/5 cgrp_local_storage/cgroup_iter_sleepable:OK test_yes_rcu_lock:PASS:skel_open 0 nsec test_yes_rcu_lock:PASS:skel_load 0 nsec libbpf: prog 'yes_rcu_lock': failed to attach: ERROR: strerror_r(-524)=22 libbpf: prog 'yes_rcu_lock': failed to auto-attach: -524 test_yes_rcu_lock:FAIL:skel_attach unexpected error: -524 (errno 524) ni#48/6 cgrp_local_storage/yes_rcu_lock:FAIL ni#48/7 cgrp_local_storage/no_rcu_lock:OK ni#48 cgrp_local_storage:FAIL All error logs: test_cgrp_local_storage:PASS:join_cgroup /cgrp_local_storage 0 nsec test_attach_cgroup:PASS:skel_open 0 nsec test_attach_cgroup:PASS:prog_attach 0 nsec test_attach_cgroup:PASS:prog_attach 0 nsec libbpf: prog 'update_cookie_tracing': failed to attach: ERROR: strerror_r(-524)=22 test_attach_cgroup:FAIL:prog_attach unexpected error: -524 ni#48/2 cgrp_local_storage/attach_cgroup:FAIL test_recursion:PASS:skel_open_and_load 0 nsec libbpf: prog 'on_lookup': failed to attach: ERROR: strerror_r(-524)=22 libbpf: prog 'on_lookup': failed to auto-attach: -524 test_recursion:FAIL:skel_attach unexpected error: -524 (errno 524) ni#48/3 cgrp_local_storage/recursion:FAIL test_yes_rcu_lock:PASS:skel_open 0 nsec test_yes_rcu_lock:PASS:skel_load 0 nsec libbpf: prog 'yes_rcu_lock': failed to attach: ERROR: strerror_r(-524)=22 libbpf: prog 'yes_rcu_lock': failed to auto-attach: -524 test_yes_rcu_lock:FAIL:skel_attach unexpected error: -524 (errno 524) ni#48/6 cgrp_local_storage/yes_rcu_lock:FAIL ni#48 cgrp_local_storage:FAIL Summary: 0/4 PASSED, 0 SKIPPED, 1 FAILED No panics any more (The test still failed because lack of BPF trampoline which I am actively working on). Fixes: 5dc6155 ("LoongArch: Add BPF JIT support") Signed-off-by: Hengqi Chen <hengqi.chen@gmail.com> Signed-off-by: Huacai Chen <chenhuacai@loongson.cn> Signed-off-by: Sasha Levin <sashal@kernel.org>
gratian
pushed a commit
that referenced
this pull request
Dec 6, 2024
[ Upstream commit 60f07e2 ] We use uprobe in aarch64_be, which we found the tracee task would exit due to SIGILL when we enable the uprobe trace. We can see the replace inst from uprobe is not correct in aarch big-endian. As in Armv8-A, instruction fetches are always treated as little-endian, we should treat the UPROBE_SWBP_INSN as little-endian。 The test case is as following。 bash-4.4# ./mqueue_test_aarchbe 1 1 2 1 10 > /dev/null & bash-4.4# cd /sys/kernel/debug/tracing/ bash-4.4# echo 'p:test /mqueue_test_aarchbe:0xc30 %x0 %x1' > uprobe_events bash-4.4# echo 1 > events/uprobes/enable bash-4.4# bash-4.4# ps PID TTY TIME CMD 140 ? 00:00:01 bash 237 ? 00:00:00 ps [1]+ Illegal instruction ./mqueue_test_aarchbe 1 1 2 1 100 > /dev/null which we debug use gdb as following: bash-4.4# gdb attach 155 (gdb) disassemble send Dump of assembler code for function send: 0x0000000000400c30 <+0>: .inst 0xa00020d4 ; undefined 0x0000000000400c34 <+4>: mov x29, sp 0x0000000000400c38 <+8>: str w0, [sp, #28] 0x0000000000400c3c <+12>: strb w1, [sp, #27] 0x0000000000400c40 <+16>: str xzr, [sp, #40] 0x0000000000400c44 <+20>: str xzr, [sp, #48] 0x0000000000400c48 <+24>: add x0, sp, #0x1b 0x0000000000400c4c <+28>: mov w3, #0x0 // #0 0x0000000000400c50 <+32>: mov x2, #0x1 // #1 0x0000000000400c54 <+36>: mov x1, x0 0x0000000000400c58 <+40>: ldr w0, [sp, #28] 0x0000000000400c5c <+44>: bl 0x405e10 <mq_send> 0x0000000000400c60 <+48>: str w0, [sp, #60] 0x0000000000400c64 <+52>: ldr w0, [sp, #60] 0x0000000000400c68 <+56>: ldp x29, x30, [sp], #64 0x0000000000400c6c <+60>: ret End of assembler dump. (gdb) info b No breakpoints or watchpoints. (gdb) c Continuing. Program received signal SIGILL, Illegal instruction. 0x0000000000400c30 in send () (gdb) x/10x 0x400c30 0x400c30 <send>: 0xd42000a0 0xfd030091 0xe01f00b9 0xe16f0039 0x400c40 <send+16>: 0xff1700f9 0xff1b00f9 0xe06f0091 0x03008052 0x400c50 <send+32>: 0x220080d2 0xe10300aa (gdb) disassemble 0x400c30 Dump of assembler code for function send: => 0x0000000000400c30 <+0>: .inst 0xa00020d4 ; undefined 0x0000000000400c34 <+4>: mov x29, sp 0x0000000000400c38 <+8>: str w0, [sp, #28] 0x0000000000400c3c <+12>: strb w1, [sp, #27] 0x0000000000400c40 <+16>: str xzr, [sp, #40] Signed-off-by: junhua huang <huang.junhua@zte.com.cn> Link: https://lore.kernel.org/r/202212021511106844809@zte.com.cn Signed-off-by: Will Deacon <will@kernel.org> Stable-dep-of: 13f8f1e ("arm64: probes: Fix uprobes for big-endian kernels") Signed-off-by: Sasha Levin <sashal@kernel.org>
usercw88
pushed a commit
to usercw88/linux
that referenced
this pull request
Feb 4, 2025
commit 86e6ca5 upstream. blkcg_unpin_online() walks up the blkcg hierarchy putting the online pin. To walk up, it uses blkcg_parent(blkcg) but it was calling that after blkcg_destroy_blkgs(blkcg) which could free the blkcg, leading to the following UAF: ================================================================== BUG: KASAN: slab-use-after-free in blkcg_unpin_online+0x15a/0x270 Read of size 8 at addr ffff8881057678c0 by task kworker/9:1/117 CPU: 9 UID: 0 PID: 117 Comm: kworker/9:1 Not tainted 6.13.0-rc1-work-00182-gb8f52214c61a-dirty ni#48 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS unknown 02/02/2022 Workqueue: cgwb_release cgwb_release_workfn Call Trace: <TASK> dump_stack_lvl+0x27/0x80 print_report+0x151/0x710 kasan_report+0xc0/0x100 blkcg_unpin_online+0x15a/0x270 cgwb_release_workfn+0x194/0x480 process_scheduled_works+0x71b/0xe20 worker_thread+0x82a/0xbd0 kthread+0x242/0x2c0 ret_from_fork+0x33/0x70 ret_from_fork_asm+0x1a/0x30 </TASK> ... Freed by task 1944: kasan_save_track+0x2b/0x70 kasan_save_free_info+0x3c/0x50 __kasan_slab_free+0x33/0x50 kfree+0x10c/0x330 css_free_rwork_fn+0xe6/0xb30 process_scheduled_works+0x71b/0xe20 worker_thread+0x82a/0xbd0 kthread+0x242/0x2c0 ret_from_fork+0x33/0x70 ret_from_fork_asm+0x1a/0x30 Note that the UAF is not easy to trigger as the free path is indirected behind a couple RCU grace periods and a work item execution. I could only trigger it with artifical msleep() injected in blkcg_unpin_online(). Fix it by reading the parent pointer before destroying the blkcg's blkg's. Signed-off-by: Tejun Heo <tj@kernel.org> Reported-by: Abagail ren <renzezhongucas@gmail.com> Suggested-by: Linus Torvalds <torvalds@linuxfoundation.org> Fixes: 4308a43 ("blkcg: don't offline parent blkcg first") Cc: stable@vger.kernel.org # v5.7+ Signed-off-by: Jens Axboe <axboe@kernel.dk> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
erickshepherdNI
pushed a commit
to erickshepherdNI/linux
that referenced
this pull request
May 29, 2025
… prevent wrong idmap generation commit 363cd2b upstream. The PTE_MAYBE_NG macro sets the nG page table bit according to the value of "arm64_use_ng_mappings". This variable is currently placed in the .bss section. create_init_idmap() is called before the .bss section initialisation which is done in early_map_kernel(). Therefore, data/test_prot in create_init_idmap() could be set incorrectly through the PAGE_KERNEL -> PROT_DEFAULT -> PTE_MAYBE_NG macros. # llvm-objdump-21 --syms vmlinux-gcc | grep arm64_use_ng_mappings ffff800082f242a8 g O .bss 0000000000000001 arm64_use_ng_mappings The create_init_idmap() function disassembly compiled with llvm-21: // create_init_idmap() ffff80008255c058: d10103ff sub sp, sp, #0x40 ffff80008255c05c: a9017bfd stp x29, x30, [sp, #0x10] ffff80008255c060: a90257f6 stp x22, x21, [sp, #0x20] ffff80008255c064: a9034ff4 stp x20, x19, [sp, #0x30] ffff80008255c068: 910043fd add x29, sp, #0x10 ffff80008255c06c: 90003fc8 adrp x8, 0xffff800082d54000 ffff80008255c070: d280e06a mov x10, #0x703 // =1795 ffff80008255c074: 91400409 add x9, x0, #0x1, lsl ni#12 // =0x1000 ffff80008255c078: 394a4108 ldrb w8, [x8, #0x290] ------------- (1) ffff80008255c07c: f2e00d0a movk x10, #0x68, lsl ni#48 ffff80008255c080: f90007e9 str x9, [sp, #0x8] ffff80008255c084: aa0103f3 mov x19, x1 ffff80008255c088: aa0003f4 mov x20, x0 ffff80008255c08c: 14000000 b 0xffff80008255c08c <__pi_create_init_idmap+0x34> ffff80008255c090: aa082d56 orr x22, x10, x8, lsl ni#11 -------- (2) Note (1) is loading the arm64_use_ng_mappings value in w8 and (2) is set the text or data prot with the w8 value to set PTE_NG bit. If the .bss section isn't initialized, x8 could include a garbage value and generate an incorrect mapping. Annotate arm64_use_ng_mappings as __read_mostly so that it is placed in the .data section. Fixes: 84b04d3 ("arm64: kernel: Create initial ID map from C code") Cc: stable@vger.kernel.org # 6.9.x Tested-by: Nathan Chancellor <nathan@kernel.org> Signed-off-by: Yeoreum Yun <yeoreum.yun@arm.com> Link: https://lore.kernel.org/r/20250502180412.3774883-1-yeoreum.yun@arm.com [catalin.marinas@arm.com: use __read_mostly instead of __ro_after_init] [catalin.marinas@arm.com: slight tweaking of the code comment] Signed-off-by: Catalin Marinas <catalin.marinas@arm.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
11 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This is a rebase of our commits from nilrt/master/5.15 to the latest devel-rt/linux-5.16.y-rt branch for development and testing purposes.
During the rebase the only troublesome commit was resolved in place:
Additional clean-up:
Testing (in-progress):
[procedural note: We will want to complete this pull request outside the github UI to create the proper nilrt/master/5.16 branch]