mirror of
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
synced 2026-05-22 20:15:27 -04:00
Merge tag 'riscv-for-linus-7.1-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/riscv/linux
Pull RISC-V fixes from Paul Walmsley:
"Relatively low-impact fixes. Probably the most notable one is that we
no longer ask the monitor-mode firmware to delegate misaligned access
handling to the kernel by default, since the kernel code needs
significant improvement to match the functionality of the firmware.
This change avoids functional problems at some cost in performance,
but shouldn't affect any system with misaligned access handling in
hardware.
- Disable satp register probing when no5lvl is specified on the
kernel command line
- Fix a CFI-related issue with the misaligned access speed
measurement code
- Reduce the CFI shadow stack size limit from 4GB to 2GB (following
ARM64 GCS)
- Prevent the kernel from requesting delegation of misaligned access
faults unless a new Kconfig option, RISCV_SBI_FWFT_DELEGATE_MISALIGNED,
is enabled. This will depend on CONFIG_NONPORTABLE until the
deficiencies of the kernel misaligned access fixup code are fixed
- Fix some potential uninitialized memory accesses in error paths in
compat_riscv_gpr_set() and compat_restore_sigcontext()
- Fix a bug in the RISC-V MIPS vendor errata patching code where a
logical-and was used in place of a bitwise-and
- Drop some unnecessary code in riscv_fill_hwcap_from_isa_string()
- Use macros for isa2hwcap indices in riscv_fill_hwcap(), rather than
open-coding them
- Fix some documentation typos (one affecting 'make htmldocs')"
* tag 'riscv-for-linus-7.1-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/riscv/linux:
riscv: misaligned: Make enabling delegation depend on NONPORTABLE
riscv: Docs: fix unmatched quote warning
riscv: cfi: reduce shadow stack size limit from 4GB to 2GB
riscv: cpufeature: Use pre-defined ISA ext macros to index isa2hwcap
riscv: mm: Fixup no5lvl failure when vaddr is invalid
riscv: Fix register corruption from uninitialized cregs on error
riscv: errata: Fix bitwise vs logical AND in MIPS errata patching
Documentation: riscv: cmodx: fix typos
riscv: cpufeature: Drop this_hwcap clear in T-Head vector workaround
riscv: Define __riscv_copy_{,vec_}{words,bytes}_unaligned() using SYM_TYPED_FUNC_START
This commit is contained in:
Linus Torvalds
@@ -21,13 +21,13 @@ call at each patchable function entry, and patches it dynamically at runtime to
|
||||
enable or disable the redirection. In the case of RISC-V, 2 instructions,
|
||||
AUIPC + JALR, are required to compose a function call. However, it is impossible
|
||||
to patch 2 instructions and expect that a concurrent read-side executes them
|
||||
without a race condition. This series makes atmoic code patching possible in
|
||||
without a race condition. This series makes atomic code patching possible in
|
||||
RISC-V ftrace. Kernel preemption makes things even worse as it allows the old
|
||||
state to persist across the patching process with stop_machine().
|
||||
|
||||
In order to get rid of stop_machine() and run dynamic ftrace with full kernel
|
||||
preemption, we partially initialize each patchable function entry at boot-time,
|
||||
setting the first instruction to AUIPC, and the second to NOP. Now, atmoic
|
||||
setting the first instruction to AUIPC, and the second to NOP. Now, atomic
|
||||
patching is possible because the kernel only has to update one instruction.
|
||||
According to Ziccif, as long as an instruction is naturally aligned, the ISA
|
||||
guarantee an atomic update.
|
||||
@@ -36,8 +36,8 @@ By fixing down the first instruction, AUIPC, the range of the ftrace trampoline
|
||||
is limited to +-2K from the predetermined target, ftrace_caller, due to the lack
|
||||
of immediate encoding space in RISC-V. To address the issue, we introduce
|
||||
CALL_OPS, where an 8B naturally align metadata is added in front of each
|
||||
pacthable function. The metadata is resolved at the first trampoline, then the
|
||||
execution can be derect to another custom trampoline.
|
||||
patchable function. The metadata is resolved at the first trampoline, then the
|
||||
execution can be directed to another custom trampoline.
|
||||
|
||||
CMODX in the User Space
|
||||
-----------------------
|
||||
|
||||
@@ -78,7 +78,7 @@ the program.
|
||||
|
||||
Per-task indirect branch tracking state can be monitored and
|
||||
controlled via the :c:macro:`PR_GET_CFI` and :c:macro:`PR_SET_CFI`
|
||||
``prctl()` arguments (respectively), by supplying
|
||||
``prctl()`` arguments (respectively), by supplying
|
||||
:c:macro:`PR_CFI_BRANCH_LANDING_PADS` as the second argument. These
|
||||
are architecture-agnostic, and will return -EINVAL if the underlying
|
||||
functionality is not supported.
|
||||
|
||||
@@ -937,6 +937,28 @@ config RISCV_VECTOR_MISALIGNED
|
||||
help
|
||||
Enable detecting support for vector misaligned loads and stores.
|
||||
|
||||
config RISCV_SBI_FWFT_DELEGATE_MISALIGNED
|
||||
bool "Request firmware delegation of unaligned access exceptions"
|
||||
depends on RISCV_SBI
|
||||
depends on NONPORTABLE
|
||||
help
|
||||
Use SBI FWFT to request delegation of load address misaligned and
|
||||
store address misaligned exceptions, if possible, and prefer Linux
|
||||
kernel emulation of these accesses to firmware emulation.
|
||||
|
||||
Unfortunately, Linux's emulation is still incomplete. Namely, it
|
||||
currently does not handle vector instructions and KVM guest accesses.
|
||||
On platforms where these accesses would have been handled by firmware,
|
||||
enabling this causes unexpected kernel oopses, userspaces crashes and
|
||||
KVM guest crashes. If you are sure that these are not a problem for
|
||||
your platform, you can say Y here, which may improve performance.
|
||||
|
||||
Saying N here will not worsen emulation support for unaligned accesses
|
||||
even in the case where the firmware also has incomplete support. It
|
||||
simply keeps the firmware's emulation enabled.
|
||||
|
||||
If you don't know what to do here, say N.
|
||||
|
||||
choice
|
||||
prompt "Unaligned Accesses Support"
|
||||
default RISCV_PROBE_UNALIGNED_ACCESS
|
||||
|
||||
@@ -57,7 +57,7 @@ void mips_errata_patch_func(struct alt_entry *begin, struct alt_entry *end,
|
||||
}
|
||||
|
||||
tmp = (1U << alt->patch_id);
|
||||
if (cpu_req_errata && tmp) {
|
||||
if (cpu_req_errata & tmp) {
|
||||
mutex_lock(&text_mutex);
|
||||
patch_text_nosync(ALT_OLD_PTR(alt), ALT_ALT_PTR(alt),
|
||||
alt->alt_len);
|
||||
|
||||
@@ -107,6 +107,8 @@ static long compat_restore_sigcontext(struct pt_regs *regs,
|
||||
|
||||
/* sc_regs is structured the same as the start of pt_regs */
|
||||
err = __copy_from_user(&cregs, &sc->sc_regs, sizeof(sc->sc_regs));
|
||||
if (unlikely(err))
|
||||
return err;
|
||||
|
||||
cregs_to_regs(&cregs, regs);
|
||||
|
||||
|
||||
@@ -1,6 +1,7 @@
|
||||
/* SPDX-License-Identifier: GPL-2.0 */
|
||||
/* Copyright (C) 2023 Rivos Inc. */
|
||||
|
||||
#include <linux/cfi_types.h>
|
||||
#include <linux/linkage.h>
|
||||
#include <asm/asm.h>
|
||||
|
||||
@@ -9,7 +10,7 @@
|
||||
/* void __riscv_copy_words_unaligned(void *, const void *, size_t) */
|
||||
/* Performs a memcpy without aligning buffers, using word loads and stores. */
|
||||
/* Note: The size is truncated to a multiple of 8 * SZREG */
|
||||
SYM_FUNC_START(__riscv_copy_words_unaligned)
|
||||
SYM_TYPED_FUNC_START(__riscv_copy_words_unaligned)
|
||||
andi a4, a2, ~((8*SZREG)-1)
|
||||
beqz a4, 2f
|
||||
add a3, a1, a4
|
||||
@@ -41,7 +42,7 @@ SYM_FUNC_END(__riscv_copy_words_unaligned)
|
||||
/* void __riscv_copy_bytes_unaligned(void *, const void *, size_t) */
|
||||
/* Performs a memcpy without aligning buffers, using only byte accesses. */
|
||||
/* Note: The size is truncated to a multiple of 8 */
|
||||
SYM_FUNC_START(__riscv_copy_bytes_unaligned)
|
||||
SYM_TYPED_FUNC_START(__riscv_copy_bytes_unaligned)
|
||||
andi a4, a2, ~(8-1)
|
||||
beqz a4, 2f
|
||||
add a3, a1, a4
|
||||
|
||||
@@ -896,10 +896,8 @@ static void __init riscv_fill_hwcap_from_isa_string(unsigned long *isa2hwcap)
|
||||
* CPU cores with the ratified spec will contain non-zero
|
||||
* marchid.
|
||||
*/
|
||||
if (acpi_disabled && boot_vendorid == THEAD_VENDOR_ID && boot_archid == 0x0) {
|
||||
this_hwcap &= ~isa2hwcap[RISCV_ISA_EXT_v];
|
||||
if (acpi_disabled && boot_vendorid == THEAD_VENDOR_ID && boot_archid == 0x0)
|
||||
clear_bit(RISCV_ISA_EXT_v, source_isa);
|
||||
}
|
||||
|
||||
riscv_resolve_isa(source_isa, isainfo->isa, &this_hwcap, isa2hwcap);
|
||||
|
||||
@@ -1104,16 +1102,16 @@ early_param("riscv_isa_fallback", riscv_isa_fallback_setup);
|
||||
void __init riscv_fill_hwcap(void)
|
||||
{
|
||||
char print_str[NUM_ALPHA_EXTS + 1];
|
||||
unsigned long isa2hwcap[26] = {0};
|
||||
unsigned long isa2hwcap[RISCV_ISA_EXT_BASE] = {0};
|
||||
int i, j;
|
||||
|
||||
isa2hwcap['i' - 'a'] = COMPAT_HWCAP_ISA_I;
|
||||
isa2hwcap['m' - 'a'] = COMPAT_HWCAP_ISA_M;
|
||||
isa2hwcap['a' - 'a'] = COMPAT_HWCAP_ISA_A;
|
||||
isa2hwcap['f' - 'a'] = COMPAT_HWCAP_ISA_F;
|
||||
isa2hwcap['d' - 'a'] = COMPAT_HWCAP_ISA_D;
|
||||
isa2hwcap['c' - 'a'] = COMPAT_HWCAP_ISA_C;
|
||||
isa2hwcap['v' - 'a'] = COMPAT_HWCAP_ISA_V;
|
||||
isa2hwcap[RISCV_ISA_EXT_i] = COMPAT_HWCAP_ISA_I;
|
||||
isa2hwcap[RISCV_ISA_EXT_m] = COMPAT_HWCAP_ISA_M;
|
||||
isa2hwcap[RISCV_ISA_EXT_a] = COMPAT_HWCAP_ISA_A;
|
||||
isa2hwcap[RISCV_ISA_EXT_f] = COMPAT_HWCAP_ISA_F;
|
||||
isa2hwcap[RISCV_ISA_EXT_d] = COMPAT_HWCAP_ISA_D;
|
||||
isa2hwcap[RISCV_ISA_EXT_c] = COMPAT_HWCAP_ISA_C;
|
||||
isa2hwcap[RISCV_ISA_EXT_v] = COMPAT_HWCAP_ISA_V;
|
||||
|
||||
if (!acpi_disabled) {
|
||||
riscv_fill_hwcap_from_isa_string(isa2hwcap);
|
||||
|
||||
@@ -577,8 +577,8 @@ static int compat_riscv_gpr_set(struct task_struct *target,
|
||||
struct compat_user_regs_struct cregs;
|
||||
|
||||
ret = user_regset_copyin(&pos, &count, &kbuf, &ubuf, &cregs, 0, -1);
|
||||
|
||||
cregs_to_regs(&cregs, task_pt_regs(target));
|
||||
if (!ret)
|
||||
cregs_to_regs(&cregs, task_pt_regs(target));
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
||||
@@ -584,7 +584,7 @@ static int cpu_online_check_unaligned_access_emulated(unsigned int cpu)
|
||||
|
||||
static bool misaligned_traps_delegated;
|
||||
|
||||
#ifdef CONFIG_RISCV_SBI
|
||||
#if defined(CONFIG_RISCV_SBI_FWFT_DELEGATE_MISALIGNED)
|
||||
|
||||
static int cpu_online_sbi_unaligned_setup(unsigned int cpu)
|
||||
{
|
||||
|
||||
@@ -109,15 +109,16 @@ void set_indir_lp_lock(struct task_struct *task, bool lock)
|
||||
task->thread_info.user_cfi_state.ufcfi_locked = lock;
|
||||
}
|
||||
/*
|
||||
* If size is 0, then to be compatible with regular stack we want it to be as big as
|
||||
* regular stack. Else PAGE_ALIGN it and return back
|
||||
* The shadow stack only stores the return address and not any variables
|
||||
* this should be more than sufficient for most applications.
|
||||
* Else PAGE_ALIGN it and return back
|
||||
*/
|
||||
static unsigned long calc_shstk_size(unsigned long size)
|
||||
{
|
||||
if (size)
|
||||
return PAGE_ALIGN(size);
|
||||
|
||||
return PAGE_ALIGN(min_t(unsigned long long, rlimit(RLIMIT_STACK), SZ_4G));
|
||||
return PAGE_ALIGN(min(rlimit(RLIMIT_STACK) / 2, SZ_2G));
|
||||
}
|
||||
|
||||
/*
|
||||
|
||||
@@ -2,6 +2,7 @@
|
||||
/* Copyright (C) 2024 Rivos Inc. */
|
||||
|
||||
#include <linux/args.h>
|
||||
#include <linux/cfi_types.h>
|
||||
#include <linux/linkage.h>
|
||||
#include <asm/asm.h>
|
||||
|
||||
@@ -16,7 +17,7 @@
|
||||
/* void __riscv_copy_vec_words_unaligned(void *, const void *, size_t) */
|
||||
/* Performs a memcpy without aligning buffers, using word loads and stores. */
|
||||
/* Note: The size is truncated to a multiple of WORD_EEW */
|
||||
SYM_FUNC_START(__riscv_copy_vec_words_unaligned)
|
||||
SYM_TYPED_FUNC_START(__riscv_copy_vec_words_unaligned)
|
||||
andi a4, a2, ~(WORD_EEW-1)
|
||||
beqz a4, 2f
|
||||
add a3, a1, a4
|
||||
@@ -38,7 +39,7 @@ SYM_FUNC_END(__riscv_copy_vec_words_unaligned)
|
||||
/* void __riscv_copy_vec_bytes_unaligned(void *, const void *, size_t) */
|
||||
/* Performs a memcpy without aligning buffers, using only byte accesses. */
|
||||
/* Note: The size is truncated to a multiple of 8 */
|
||||
SYM_FUNC_START(__riscv_copy_vec_bytes_unaligned)
|
||||
SYM_TYPED_FUNC_START(__riscv_copy_vec_bytes_unaligned)
|
||||
andi a4, a2, ~(8-1)
|
||||
beqz a4, 2f
|
||||
add a3, a1, a4
|
||||
|
||||
@@ -792,6 +792,27 @@ static void __init set_mmap_rnd_bits_max(void)
|
||||
mmap_rnd_bits_max = MMAP_VA_BITS - PAGE_SHIFT - 3;
|
||||
}
|
||||
|
||||
static bool __init is_vaddr_valid(unsigned long va)
|
||||
{
|
||||
unsigned long up = 0;
|
||||
|
||||
switch (satp_mode) {
|
||||
case SATP_MODE_39:
|
||||
up = 1UL << 38;
|
||||
break;
|
||||
case SATP_MODE_48:
|
||||
up = 1UL << 47;
|
||||
break;
|
||||
case SATP_MODE_57:
|
||||
up = 1UL << 56;
|
||||
break;
|
||||
default:
|
||||
return false;
|
||||
}
|
||||
|
||||
return (va < up) || (va >= (ULONG_MAX - up + 1));
|
||||
}
|
||||
|
||||
/*
|
||||
* There is a simple way to determine if 4-level is supported by the
|
||||
* underlying hardware: establish 1:1 mapping in 4-level page table mode
|
||||
@@ -833,6 +854,9 @@ static __init void set_satp_mode(uintptr_t dtb_pa)
|
||||
set_satp_mode_pmd + PMD_SIZE,
|
||||
PMD_SIZE, PAGE_KERNEL_EXEC);
|
||||
retry:
|
||||
if (!is_vaddr_valid(set_satp_mode_pmd))
|
||||
goto out;
|
||||
|
||||
create_pgd_mapping(early_pg_dir,
|
||||
set_satp_mode_pmd,
|
||||
pgtable_l5_enabled ?
|
||||
@@ -855,6 +879,7 @@ static __init void set_satp_mode(uintptr_t dtb_pa)
|
||||
disable_pgtable_l4();
|
||||
}
|
||||
|
||||
out:
|
||||
memset(early_pg_dir, 0, PAGE_SIZE);
|
||||
memset(early_p4d, 0, PAGE_SIZE);
|
||||
memset(early_pud, 0, PAGE_SIZE);
|
||||
|
||||
Reference in New Issue
Block a user