aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorBuddy Liong2018-03-23 17:03:38 -0500
committerBuddy Liong2018-03-23 17:04:02 -0500
commit03cce97d4f914d4b8bc071df6eedc4a0f510ffab (patch)
treee7f0c6d8aae5b4b81501c1c66e84b548bc38036f
parentb43fa3b965b034a7e390989a6294b597e188fb62 (diff)
parenteb496200efeb6c580f386523062b0ccc80325315 (diff)
downloadkernel-omap-6AO.1.0.tar.gz
kernel-omap-6AO.1.0.tar.xz
kernel-omap-6AO.1.0.zip
Merge branch 'p-ti-android-linux-4.4.y' of git://git.omapzoom.org/kernel/omap into 6AO.1.06AO.1.0
* 'p-ti-android-linux-4.4.y' of git://git.omapzoom.org/kernel/omap: (752 commits) ARM: dts: dra76-evm: Add wilink8 wlan support ARM: dts: dra7-evm: move MMC4 description to common file usb: otg: Fix crash on shutdown ARM: DTS: DRA76-EVM: Set powerhold property for tps65917 ti_config_fragments: android_omap: enable MCAN Linux 4.4.117 media: r820t: fix r820t_write_reg for KASAN ARM: dts: s5pv210: add interrupt-parent for ohci ARM: pxa/tosa-bt: add MODULE_LICENSE tag vfs: don't do RCU lookup of empty pathnames x86: fix build warnign with 32-bit PAE dm: correctly handle chained bios in dec_pending() mvpp2: fix multicast address filter ALSA: seq: Fix racy pool initializations ALSA: usb-audio: add implicit fb quirk for Behringer UFX1204 ALSA: hda/realtek: PCI quirk for Fujitsu U7x7 ALSA: usb-audio: Fix UAC2 get_ctl request with a RANGE attribute ALSA: hda - Fix headset mic detection problem for two Dell machines Btrfs: fix unexpected -EEXIST when creating new inode Btrfs: fix crash due to not cleaning up tree log block's dirty bits ... Signed-off-by: Buddy Liong <a0270631@ti.com>
-rw-r--r--Documentation/ABI/testing/sysfs-devices-system-cpu16
-rw-r--r--Documentation/devicetree/bindings/dma/snps-dma.txt2
-rw-r--r--Documentation/filesystems/ext4.txt2
-rw-r--r--Documentation/kdump/gdbmacros.txt96
-rw-r--r--Documentation/kernel-parameters.txt47
-rw-r--r--Documentation/x86/pti.txt186
-rw-r--r--Makefile5
-rw-r--r--arch/alpha/include/asm/mmu_context.h1
-rw-r--r--arch/alpha/kernel/pci_impl.h3
-rw-r--r--arch/alpha/kernel/process.c3
-rw-r--r--arch/arc/include/asm/uaccess.h5
-rw-r--r--arch/arm/boot/dts/Makefile3
-rw-r--r--arch/arm/boot/dts/dra7-evm-common.dtsi16
-rw-r--r--arch/arm/boot/dts/dra7-evm.dts13
-rw-r--r--arch/arm/boot/dts/dra7.dtsi22
-rw-r--r--arch/arm/boot/dts/dra76-evm-tfp410.dts105
-rw-r--r--arch/arm/boot/dts/dra76-evm.dts22
-rw-r--r--arch/arm/boot/dts/kirkwood-openblocks_a7.dts10
-rw-r--r--arch/arm/boot/dts/s5pv210.dtsi1
-rw-r--r--arch/arm/boot/dts/spear1310-evb.dts2
-rw-r--r--arch/arm/boot/dts/spear1340.dtsi4
-rw-r--r--arch/arm/boot/dts/spear13xx.dtsi6
-rw-r--r--arch/arm/boot/dts/spear600.dtsi1
-rw-r--r--arch/arm/boot/dts/stih407.dtsi3
-rw-r--r--arch/arm/boot/dts/stih410.dtsi3
-rw-r--r--arch/arm/include/asm/kvm_arm.h9
-rw-r--r--arch/arm/include/asm/mmu_context.h2
-rw-r--r--arch/arm/kvm/handle_exit.c13
-rw-r--r--arch/arm/kvm/mmio.c6
-rw-r--r--arch/arm/mach-pxa/tosa-bt.c4
-rw-r--r--arch/arm/mm/dma-mapping.c20
-rw-r--r--arch/arm/probes/kprobes/core.c24
-rw-r--r--arch/arm/probes/kprobes/test-core.c11
-rw-r--r--arch/arm64/Kconfig13
-rw-r--r--arch/arm64/include/asm/assembler.h13
-rw-r--r--arch/arm64/include/asm/cpufeature.h7
-rw-r--r--arch/arm64/include/asm/efi.h12
-rw-r--r--arch/arm64/include/asm/esr.h40
-rw-r--r--arch/arm64/include/asm/fixmap.h5
-rw-r--r--arch/arm64/include/asm/kernel-pgtable.h12
-rw-r--r--arch/arm64/include/asm/mmu.h12
-rw-r--r--arch/arm64/include/asm/mmu_context.h14
-rw-r--r--arch/arm64/include/asm/pgtable-hwdef.h2
-rw-r--r--arch/arm64/include/asm/pgtable.h18
-rw-r--r--arch/arm64/include/asm/proc-fns.h6
-rw-r--r--arch/arm64/include/asm/tlbflush.h50
-rw-r--r--arch/arm64/include/asm/uaccess.h62
-rw-r--r--arch/arm64/kernel/asm-offsets.c15
-rw-r--r--arch/arm64/kernel/cpufeature.c39
-rw-r--r--arch/arm64/kernel/entry.S229
-rw-r--r--arch/arm64/kernel/process.c14
-rw-r--r--arch/arm64/kernel/traps.c33
-rw-r--r--arch/arm64/kernel/vmlinux.lds.S26
-rw-r--r--arch/arm64/kvm/handle_exit.c4
-rw-r--r--arch/arm64/lib/clear_user.S4
-rw-r--r--arch/arm64/lib/copy_from_user.S4
-rw-r--r--arch/arm64/lib/copy_in_user.S4
-rw-r--r--arch/arm64/lib/copy_to_user.S4
-rw-r--r--arch/arm64/mm/cache.S4
-rw-r--r--arch/arm64/mm/context.c34
-rw-r--r--arch/arm64/mm/init.c2
-rw-r--r--arch/arm64/mm/mmu.c31
-rw-r--r--arch/arm64/mm/proc.S15
-rw-r--r--arch/arm64/xen/hypercall.S4
-rw-r--r--arch/mips/ar7/platform.c2
-rw-r--r--arch/mips/kernel/process.c12
-rw-r--r--arch/mips/kernel/ptrace.c147
-rw-r--r--arch/mips/math-emu/cp1emu.c28
-rw-r--r--arch/mn10300/mm/misalignment.c2
-rw-r--r--arch/openrisc/kernel/traps.c10
-rw-r--r--arch/parisc/include/asm/ldcw.h2
-rw-r--r--arch/parisc/kernel/entry.S13
-rw-r--r--arch/parisc/kernel/pacache.S9
-rw-r--r--arch/powerpc/Kconfig3
-rw-r--r--arch/powerpc/include/asm/exception-64e.h6
-rw-r--r--arch/powerpc/include/asm/exception-64s.h55
-rw-r--r--arch/powerpc/include/asm/feature-fixups.h15
-rw-r--r--arch/powerpc/include/asm/hvcall.h18
-rw-r--r--arch/powerpc/include/asm/paca.h10
-rw-r--r--arch/powerpc/include/asm/plpar_wrappers.h14
-rw-r--r--arch/powerpc/include/asm/ppc_asm.h12
-rw-r--r--arch/powerpc/include/asm/setup.h13
-rw-r--r--arch/powerpc/kernel/asm-offsets.c4
-rw-r--r--arch/powerpc/kernel/entry_64.S44
-rw-r--r--arch/powerpc/kernel/exceptions-64s.S126
-rw-r--r--arch/powerpc/kernel/misc_64.S32
-rw-r--r--arch/powerpc/kernel/module_64.c12
-rw-r--r--arch/powerpc/kernel/process.c5
-rw-r--r--arch/powerpc/kernel/setup_64.c139
-rw-r--r--arch/powerpc/kernel/vmlinux.lds.S9
-rw-r--r--arch/powerpc/kvm/book3s_hv_rmhandlers.S7
-rw-r--r--arch/powerpc/kvm/book3s_rmhandlers.S7
-rw-r--r--arch/powerpc/kvm/book3s_segment.S4
-rw-r--r--arch/powerpc/lib/feature-fixups.c42
-rw-r--r--arch/powerpc/perf/core-book3s.c8
-rw-r--r--arch/powerpc/platforms/powernv/setup.c50
-rw-r--r--arch/powerpc/platforms/pseries/setup.c37
-rw-r--r--arch/s390/Kconfig1
-rw-r--r--arch/s390/kernel/compat_linux.c9
-rw-r--r--arch/s390/kernel/machine_kexec.c28
-rw-r--r--arch/sh/kernel/traps_32.c3
-rw-r--r--arch/um/Makefile2
-rw-r--r--arch/x86/Kconfig18
-rw-r--r--arch/x86/Makefile8
-rw-r--r--arch/x86/boot/compressed/misc.h1
-rw-r--r--arch/x86/crypto/aesni-intel_asm.S5
-rw-r--r--arch/x86/crypto/aesni-intel_glue.c2
-rw-r--r--arch/x86/crypto/camellia-aesni-avx-asm_64.S3
-rw-r--r--arch/x86/crypto/camellia-aesni-avx2-asm_64.S3
-rw-r--r--arch/x86/crypto/crc32c-pcl-intel-asm_64.S3
-rw-r--r--arch/x86/crypto/poly1305_glue.c1
-rw-r--r--arch/x86/entry/entry_32.S11
-rw-r--r--arch/x86/entry/entry_64.S180
-rw-r--r--arch/x86/entry/entry_64_compat.S7
-rw-r--r--arch/x86/entry/vdso/vclock_gettime.c99
-rw-r--r--arch/x86/entry/vdso/vdso-layout.lds.S3
-rw-r--r--arch/x86/entry/vdso/vdso2c.c3
-rw-r--r--arch/x86/entry/vdso/vma.c14
-rw-r--r--arch/x86/entry/vsyscall/vsyscall_64.c12
-rw-r--r--arch/x86/include/asm/alternative.h8
-rw-r--r--arch/x86/include/asm/asm-prototypes.h41
-rw-r--r--arch/x86/include/asm/asm.h15
-rw-r--r--arch/x86/include/asm/cmdline.h2
-rw-r--r--arch/x86/include/asm/cpufeature.h12
-rw-r--r--arch/x86/include/asm/desc.h2
-rw-r--r--arch/x86/include/asm/disabled-features.h4
-rw-r--r--arch/x86/include/asm/hardirq.h6
-rw-r--r--arch/x86/include/asm/hw_irq.h2
-rw-r--r--arch/x86/include/asm/intel-family.h68
-rw-r--r--arch/x86/include/asm/kaiser.h151
-rw-r--r--arch/x86/include/asm/kvm_host.h3
-rw-r--r--arch/x86/include/asm/mmu.h6
-rw-r--r--arch/x86/include/asm/mmu_context.h103
-rw-r--r--arch/x86/include/asm/msr-index.h3
-rw-r--r--arch/x86/include/asm/nospec-branch.h198
-rw-r--r--arch/x86/include/asm/pgtable.h28
-rw-r--r--arch/x86/include/asm/pgtable_64.h25
-rw-r--r--arch/x86/include/asm/pgtable_types.h29
-rw-r--r--arch/x86/include/asm/processor.h10
-rw-r--r--arch/x86/include/asm/pvclock.h9
-rw-r--r--arch/x86/include/asm/switch_to.h38
-rw-r--r--arch/x86/include/asm/thread_info.h11
-rw-r--r--arch/x86/include/asm/tlbflush.h232
-rw-r--r--arch/x86/include/asm/traps.h1
-rw-r--r--arch/x86/include/asm/vdso.h1
-rw-r--r--arch/x86/include/asm/vsyscall.h3
-rw-r--r--arch/x86/include/asm/xen/hypercall.h5
-rw-r--r--arch/x86/include/uapi/asm/processor-flags.h3
-rw-r--r--arch/x86/kernel/acpi/boot.c61
-rw-r--r--arch/x86/kernel/alternative.c7
-rw-r--r--arch/x86/kernel/apic/io_apic.c2
-rw-r--r--arch/x86/kernel/apic/vector.c7
-rw-r--r--arch/x86/kernel/cpu/Makefile4
-rw-r--r--arch/x86/kernel/cpu/amd.c28
-rw-r--r--arch/x86/kernel/cpu/bugs.c247
-rw-r--r--arch/x86/kernel/cpu/bugs_64.c33
-rw-r--r--arch/x86/kernel/cpu/common.c125
-rw-r--r--arch/x86/kernel/cpu/intel_cacheinfo.c2
-rw-r--r--arch/x86/kernel/cpu/mcheck/mce.c5
-rw-r--r--arch/x86/kernel/cpu/microcode/amd.c4
-rw-r--r--arch/x86/kernel/cpu/microcode/core.c47
-rw-r--r--arch/x86/kernel/cpu/microcode/intel.c29
-rw-r--r--arch/x86/kernel/cpu/perf_event_intel_bts.c44
-rw-r--r--arch/x86/kernel/cpu/perf_event_intel_ds.c57
-rw-r--r--arch/x86/kernel/cpu/proc.c4
-rw-r--r--arch/x86/kernel/espfix_64.c10
-rw-r--r--arch/x86/kernel/head_64.S35
-rw-r--r--arch/x86/kernel/irq.c3
-rw-r--r--arch/x86/kernel/irq_32.c15
-rw-r--r--arch/x86/kernel/irqinit.c2
-rw-r--r--arch/x86/kernel/kprobes/opt.c23
-rw-r--r--arch/x86/kernel/kvmclock.c5
-rw-r--r--arch/x86/kernel/ldt.c25
-rw-r--r--arch/x86/kernel/machine_kexec_64.c45
-rw-r--r--arch/x86/kernel/mcount_64.S7
-rw-r--r--arch/x86/kernel/paravirt_patch_64.c2
-rw-r--r--arch/x86/kernel/process.c2
-rw-r--r--arch/x86/kernel/reboot.c4
-rw-r--r--arch/x86/kernel/setup.c7
-rw-r--r--arch/x86/kernel/smpboot.c9
-rw-r--r--arch/x86/kernel/tboot.c10
-rw-r--r--arch/x86/kernel/tracepoint.c2
-rw-r--r--arch/x86/kernel/traps.c2
-rw-r--r--arch/x86/kernel/vm86_32.c2
-rw-r--r--arch/x86/kernel/vmlinux.lds.S7
-rw-r--r--arch/x86/kvm/emulate.c39
-rw-r--r--arch/x86/kvm/ioapic.c20
-rw-r--r--arch/x86/kvm/mmu.c10
-rw-r--r--arch/x86/kvm/svm.c23
-rw-r--r--arch/x86/kvm/vmx.c48
-rw-r--r--arch/x86/kvm/x86.c17
-rw-r--r--arch/x86/lib/Makefile1
-rw-r--r--arch/x86/lib/checksum_32.S7
-rw-r--r--arch/x86/lib/cmdline.c105
-rw-r--r--arch/x86/lib/delay.c7
-rw-r--r--arch/x86/lib/retpoline.S49
-rw-r--r--arch/x86/mm/Makefile4
-rw-r--r--arch/x86/mm/init.c6
-rw-r--r--arch/x86/mm/init_64.c10
-rw-r--r--arch/x86/mm/kaiser.c484
-rw-r--r--arch/x86/mm/kasan_init_64.c17
-rw-r--r--arch/x86/mm/pageattr.c63
-rw-r--r--arch/x86/mm/pat.c5
-rw-r--r--arch/x86/mm/pgtable.c16
-rw-r--r--arch/x86/mm/tlb.c198
-rw-r--r--arch/x86/net/bpf_jit_comp.c13
-rw-r--r--arch/x86/realmode/init.c4
-rw-r--r--arch/x86/realmode/rm/trampoline_64.S3
-rw-r--r--arch/x86/xen/enlighten.c6
-rw-r--r--arch/xtensa/include/asm/futex.h23
-rw-r--r--crypto/af_alg.c10
-rw-r--r--crypto/ahash.c11
-rw-r--r--crypto/algapi.c12
-rw-r--r--crypto/chacha20poly1305.c6
-rw-r--r--crypto/cryptd.c3
-rw-r--r--crypto/mcryptd.c23
-rw-r--r--crypto/pcrypt.c19
-rw-r--r--crypto/poly1305_generic.c17
-rw-r--r--crypto/tcrypt.c6
-rw-r--r--drivers/acpi/acpi_processor.c9
-rw-r--r--drivers/acpi/acpica/nsutils.c23
-rw-r--r--drivers/acpi/apei/erst.c2
-rw-r--r--drivers/acpi/device_sysfs.c4
-rw-r--r--drivers/acpi/glue.c12
-rw-r--r--drivers/acpi/processor_throttling.c9
-rw-r--r--drivers/acpi/sbshc.c4
-rw-r--r--drivers/android/binder_alloc.c30
-rw-r--r--drivers/ata/ahci.c37
-rw-r--r--drivers/ata/libata-core.c1
-rw-r--r--drivers/base/Kconfig3
-rw-r--r--drivers/base/cacheinfo.c15
-rw-r--r--drivers/base/cpu.c48
-rw-r--r--drivers/base/power/trace.c4
-rw-r--r--drivers/block/loop.c10
-rw-r--r--drivers/block/pktcdvd.c4
-rw-r--r--drivers/block/rbd.c2
-rw-r--r--drivers/bluetooth/btsdio.c9
-rw-r--r--drivers/bluetooth/btusb.c24
-rw-r--r--drivers/bus/sunxi-rsb.c1
-rw-r--r--drivers/char/hw_random/core.c6
-rw-r--r--drivers/char/mem.c6
-rw-r--r--drivers/clocksource/Kconfig8
-rw-r--r--drivers/clocksource/arm_arch_timer.c5
-rw-r--r--drivers/cpufreq/Kconfig2
-rw-r--r--drivers/cpuidle/cpuidle-powernv.c18
-rw-r--r--drivers/cpuidle/cpuidle.c1
-rw-r--r--drivers/cpuidle/sysfs.c12
-rw-r--r--drivers/crypto/amcc/crypto4xx_core.h10
-rw-r--r--drivers/crypto/caam/ctrl.c8
-rw-r--r--drivers/crypto/n2_core.c3
-rw-r--r--drivers/devfreq/devfreq.c2
-rw-r--r--drivers/dma/dmatest.c2
-rw-r--r--drivers/dma/edma.c7
-rw-r--r--drivers/dma/omap-dma.c2
-rw-r--r--drivers/dma/virt-dma.c5
-rw-r--r--drivers/dma/virt-dma.h44
-rw-r--r--drivers/edac/octeon_edac-lmc.c1
-rw-r--r--drivers/gpio/gpio-ath79.c3
-rw-r--r--drivers/gpio/gpio-iop.c4
-rw-r--r--drivers/gpu/drm/amd/amdgpu/amdgpu_amdkfd_gfx_v7.c47
-rw-r--r--drivers/gpu/drm/amd/amdkfd/kfd_mqd_manager_cik.c4
-rw-r--r--drivers/gpu/drm/amd/amdkfd/kfd_process_queue_manager.c18
-rw-r--r--drivers/gpu/drm/omapdrm/dss/dispc.c59
-rw-r--r--drivers/gpu/drm/omapdrm/omap_dmm_tiler.c3
-rw-r--r--drivers/gpu/drm/omapdrm/omap_wb.c23
-rw-r--r--drivers/gpu/drm/omapdrm/omap_wb.h5
-rw-r--r--drivers/gpu/drm/omapdrm/omap_wb_cap.c47
-rw-r--r--drivers/gpu/drm/omapdrm/omap_wb_m2m.c55
-rw-r--r--drivers/gpu/drm/radeon/radeon_uvd.c2
-rw-r--r--drivers/gpu/drm/rcar-du/rcar_du_crtc.c56
-rw-r--r--drivers/gpu/drm/rcar-du/rcar_du_crtc.h8
-rw-r--r--drivers/gpu/drm/tilcdc/tilcdc_tfp410.c2
-rw-r--r--drivers/gpu/drm/vmwgfx/vmwgfx_execbuf.c2
-rw-r--r--drivers/hid/hid-core.c13
-rw-r--r--drivers/hid/hid-ids.h1
-rw-r--r--drivers/hid/hid-xinmo.c1
-rw-r--r--drivers/hv/hv.c11
-rw-r--r--drivers/hwmon/asus_atk0110.c3
-rw-r--r--drivers/hwmon/pmbus/pmbus_core.c21
-rw-r--r--drivers/infiniband/hw/cxgb4/cq.c6
-rw-r--r--drivers/infiniband/hw/mlx4/main.c13
-rw-r--r--drivers/infiniband/ulp/iser/iscsi_iser.h2
-rw-r--r--drivers/infiniband/ulp/iser/iser_verbs.c8
-rw-r--r--drivers/infiniband/ulp/srpt/ib_srpt.c3
-rw-r--r--drivers/input/misc/twl4030-vibra.c6
-rw-r--r--drivers/input/misc/twl6040-vibra.c2
-rw-r--r--drivers/input/mouse/elantech.c2
-rw-r--r--drivers/input/mouse/trackpoint.c3
-rw-r--r--drivers/input/touchscreen/88pm860x-ts.c16
-rw-r--r--drivers/iommu/arm-smmu-v3.c8
-rw-r--r--drivers/isdn/capi/kcapi.c1
-rw-r--r--drivers/md/bcache/btree.c5
-rw-r--r--drivers/md/dm-bufio.c7
-rw-r--r--drivers/md/dm-thin-metadata.c6
-rw-r--r--drivers/md/dm.c3
-rw-r--r--drivers/md/persistent-data/dm-btree.c19
-rw-r--r--drivers/media/dvb-frontends/ts2020.c4
-rw-r--r--drivers/media/platform/soc_camera/soc_scale_crop.c4
-rw-r--r--drivers/media/tuners/r820t.c13
-rw-r--r--drivers/media/usb/dvb-usb-v2/lmedm04.c39
-rw-r--r--drivers/media/usb/dvb-usb/cxusb.c2
-rw-r--r--drivers/media/usb/dvb-usb/dib0700_devices.c1
-rw-r--r--drivers/media/usb/usbtv/usbtv-core.c1
-rw-r--r--drivers/media/usb/usbvision/usbvision-video.c7
-rw-r--r--drivers/media/v4l2-core/v4l2-compat-ioctl32.c1023
-rw-r--r--drivers/media/v4l2-core/v4l2-ioctl.c5
-rw-r--r--drivers/media/v4l2-core/videobuf2-v4l2.c6
-rw-r--r--drivers/mfd/cros_ec_spi.c1
-rw-r--r--drivers/mfd/palmas.c9
-rw-r--r--drivers/mfd/twl4030-audio.c9
-rw-r--r--drivers/mfd/twl6040.c12
-rw-r--r--drivers/misc/cxl/pci.c13
-rw-r--r--drivers/mmc/host/sdhci-of-esdhc.c10
-rw-r--r--drivers/mtd/nand/brcmnand/brcmnand.c13
-rw-r--r--drivers/mtd/nand/denali_pci.c4
-rw-r--r--drivers/mtd/nand/nand_base.c5
-rw-r--r--drivers/mtd/nand/sunxi_nand.c8
-rw-r--r--drivers/mtd/ubi/block.c42
-rw-r--r--drivers/net/can/usb/gs_usb.c2
-rw-r--r--drivers/net/can/usb/peak_usb/pcan_usb_fd.c21
-rw-r--r--drivers/net/ethernet/broadcom/bnxt/bnxt.c13
-rw-r--r--drivers/net/ethernet/broadcom/tg3.c4
-rw-r--r--drivers/net/ethernet/brocade/bna/bfa_ioc.c10
-rw-r--r--drivers/net/ethernet/brocade/bna/bnad_debugfs.c2
-rw-r--r--drivers/net/ethernet/intel/e1000e/ich8lan.c11
-rw-r--r--drivers/net/ethernet/intel/fm10k/fm10k_iov.c3
-rw-r--r--drivers/net/ethernet/intel/i40e/i40e_main.c16
-rw-r--r--drivers/net/ethernet/intel/igb/igb_main.c4
-rw-r--r--drivers/net/ethernet/intel/ixgbe/ixgbe_common.c4
-rw-r--r--drivers/net/ethernet/intel/ixgbe/ixgbe_x550.c2
-rw-r--r--drivers/net/ethernet/marvell/mvmdio.c3
-rw-r--r--drivers/net/ethernet/marvell/mvneta.c4
-rw-r--r--drivers/net/ethernet/marvell/mvpp2.c11
-rw-r--r--drivers/net/ethernet/mellanox/mlx4/qp.c3
-rw-r--r--drivers/net/ethernet/qlogic/qlcnic/qlcnic_83xx_hw.c18
-rw-r--r--drivers/net/ethernet/realtek/r8169.c13
-rw-r--r--drivers/net/ethernet/renesas/sh_eth.c29
-rw-r--r--drivers/net/ethernet/stmicro/stmmac/stmmac_main.c6
-rw-r--r--drivers/net/ethernet/xilinx/Kconfig1
-rw-r--r--drivers/net/irda/vlsi_ir.c8
-rw-r--r--drivers/net/phy/at803x.c2
-rw-r--r--drivers/net/phy/micrel.c1
-rw-r--r--drivers/net/ppp/pppoe.c11
-rw-r--r--drivers/net/usb/cdc_ncm.c6
-rw-r--r--drivers/net/usb/cx82310_eth.c7
-rw-r--r--drivers/net/usb/lan78xx.c10
-rw-r--r--drivers/net/usb/qmi_wwan.c5
-rw-r--r--drivers/net/usb/r8152.c151
-rw-r--r--drivers/net/usb/smsc75xx.c8
-rw-r--r--drivers/net/usb/sr9700.c9
-rw-r--r--drivers/net/vmxnet3/vmxnet3_drv.c2
-rw-r--r--drivers/net/wireless/realtek/rtlwifi/rtl8821ae/hw.c5
-rw-r--r--drivers/net/wireless/realtek/rtlwifi/wifi.h1
-rw-r--r--drivers/net/xen-netfront.c18
-rw-r--r--drivers/nvme/host/pci.c13
-rw-r--r--drivers/parisc/lba_pci.c33
-rw-r--r--drivers/pci/controller/pci-layerscape.c22
-rw-r--r--drivers/pci/iov.c3
-rw-r--r--drivers/pci/pci-driver.c7
-rw-r--r--drivers/pci/pci.c4
-rw-r--r--drivers/pci/pcie/aer/aerdrv_core.c9
-rw-r--r--drivers/phy/phy-core.c4
-rw-r--r--drivers/pinctrl/pinctrl-st.c30
-rw-r--r--drivers/power/reset/zx-reboot.c4
-rw-r--r--drivers/rtc/interface.c2
-rw-r--r--drivers/rtc/rtc-opal.c12
-rw-r--r--drivers/rtc/rtc-pl031.c14
-rw-r--r--drivers/s390/net/qeth_l3_main.c15
-rw-r--r--drivers/scsi/aacraid/commsup.c2
-rw-r--r--drivers/scsi/cxgbi/cxgb4i/cxgb4i.c1
-rw-r--r--drivers/scsi/hpsa.c1
-rw-r--r--drivers/scsi/libiscsi.c2
-rw-r--r--drivers/scsi/lpfc/lpfc_els.c3
-rw-r--r--drivers/scsi/lpfc/lpfc_hbadisc.c3
-rw-r--r--drivers/scsi/lpfc/lpfc_hw4.h2
-rw-r--r--drivers/scsi/mpt3sas/mpt3sas_scsih.c5
-rw-r--r--drivers/scsi/sg.c30
-rw-r--r--drivers/scsi/ufs/ufshcd.c7
-rw-r--r--drivers/spi/spi-imx.c15
-rw-r--r--drivers/spi/spi-xilinx.c11
-rw-r--r--drivers/staging/android/ashmem.c2
-rw-r--r--drivers/staging/rtl8188eu/os_dep/ioctl_linux.c14
-rw-r--r--drivers/target/iscsi/iscsi_target.c20
-rw-r--r--drivers/target/target_core_tmr.c9
-rw-r--r--drivers/target/target_core_transport.c2
-rw-r--r--drivers/thermal/hisi_thermal.c5
-rw-r--r--drivers/tty/n_tty.c4
-rw-r--r--drivers/tty/serial/8250/8250_omap.c4
-rw-r--r--drivers/tty/serial/imx.c14
-rw-r--r--drivers/tty/sysrq.c6
-rw-r--r--drivers/usb/class/cdc-acm.c5
-rw-r--r--drivers/usb/common/usb-otg.c57
-rw-r--r--drivers/usb/core/config.c2
-rw-r--r--drivers/usb/core/hcd.c7
-rw-r--r--drivers/usb/core/quirks.c6
-rw-r--r--drivers/usb/gadget/composite.c7
-rw-r--r--drivers/usb/gadget/function/f_fs.c3
-rw-r--r--drivers/usb/gadget/function/f_uvc.c8
-rw-r--r--drivers/usb/gadget/function/uvc_configfs.c16
-rw-r--r--drivers/usb/gadget/udc/pch_udc.c1
-rw-r--r--drivers/usb/host/xhci-mem.c3
-rw-r--r--drivers/usb/host/xhci-pci.c3
-rw-r--r--drivers/usb/host/xhci-plat.c1
-rw-r--r--drivers/usb/misc/usb3503.c2
-rw-r--r--drivers/usb/mon/mon_bin.c8
-rw-r--r--drivers/usb/musb/ux500.c7
-rw-r--r--drivers/usb/serial/Kconfig1
-rw-r--r--drivers/usb/serial/cp210x.c2
-rw-r--r--drivers/usb/serial/ftdi_sio.c1
-rw-r--r--drivers/usb/serial/ftdi_sio_ids.h6
-rw-r--r--drivers/usb/serial/io_edgeport.c1
-rw-r--r--drivers/usb/serial/option.c22
-rw-r--r--drivers/usb/serial/pl2303.c1
-rw-r--r--drivers/usb/serial/pl2303.h1
-rw-r--r--drivers/usb/serial/qcserial.c3
-rw-r--r--drivers/usb/serial/usb-serial-simple.c7
-rw-r--r--drivers/usb/storage/uas.c7
-rw-r--r--drivers/usb/storage/unusual_uas.h7
-rw-r--r--drivers/usb/usbip/stub_dev.c3
-rw-r--r--drivers/usb/usbip/stub_main.c5
-rw-r--r--drivers/usb/usbip/stub_rx.c53
-rw-r--r--drivers/usb/usbip/stub_tx.c4
-rw-r--r--drivers/usb/usbip/usbip_common.c32
-rw-r--r--drivers/usb/usbip/usbip_common.h1
-rw-r--r--drivers/usb/usbip/usbip_event.c5
-rw-r--r--drivers/usb/usbip/vhci_hcd.c102
-rw-r--r--drivers/usb/usbip/vhci_rx.c53
-rw-r--r--drivers/usb/usbip/vhci_sysfs.c45
-rw-r--r--drivers/usb/usbip/vhci_tx.c17
-rw-r--r--drivers/vhost/net.c1
-rw-r--r--drivers/video/backlight/pwm_bl.c7
-rw-r--r--drivers/video/console/dummycon.c1
-rw-r--r--drivers/video/fbdev/atmel_lcdfb.c8
-rw-r--r--drivers/watchdog/imx2_wdt.c20
-rw-r--r--fs/btrfs/free-space-cache.c3
-rw-r--r--fs/btrfs/inode.c15
-rw-r--r--fs/btrfs/tree-log.c27
-rw-r--r--fs/cifs/cifsencrypt.c3
-rw-r--r--fs/cifs/connect.c6
-rw-r--r--fs/cifs/file.c26
-rw-r--r--fs/cifs/misc.c14
-rw-r--r--fs/cifs/smb2pdu.c3
-rw-r--r--fs/ext2/acl.c36
-rw-r--r--fs/ext4/inode.c1
-rw-r--r--fs/ext4/namei.c1
-rw-r--r--fs/ext4/super.c1
-rw-r--r--fs/ext4/symlink.c10
-rw-r--r--fs/f2fs/inode.c1
-rw-r--r--fs/f2fs/namei.c5
-rw-r--r--fs/fcntl.c4
-rw-r--r--fs/inode.c6
-rw-r--r--fs/kernfs/file.c2
-rw-r--r--fs/locks.c16
-rw-r--r--fs/namei.c3
-rw-r--r--fs/namespace.c4
-rw-r--r--fs/nfs/direct.c4
-rw-r--r--fs/nfs/nfs4idmap.c6
-rw-r--r--fs/nfs/pnfs.c4
-rw-r--r--fs/nfs/write.c2
-rw-r--r--fs/nfs_common/grace.c10
-rw-r--r--fs/nfsd/auth.c4
-rw-r--r--fs/nfsd/nfs4state.c34
-rw-r--r--fs/nsfs.c1
-rw-r--r--fs/overlayfs/readdir.c6
-rw-r--r--fs/pipe.c18
-rw-r--r--fs/quota/dquot.c3
-rw-r--r--fs/reiserfs/bitmap.c14
-rw-r--r--fs/reiserfs/xattr_acl.c12
-rw-r--r--fs/select.c14
-rw-r--r--fs/xfs/xfs_aops.c6
-rw-r--r--include/asm-generic/asm-prototypes.h7
-rw-r--r--include/asm-generic/export.h94
-rw-r--r--include/asm-generic/vmlinux.lds.h7
-rw-r--r--include/crypto/internal/hash.h2
-rw-r--r--include/crypto/mcryptd.h1
-rw-r--r--include/crypto/poly1305.h2
-rw-r--r--include/linux/bpf.h18
-rw-r--r--include/linux/cacheinfo.h1
-rw-r--r--include/linux/cpu.h7
-rw-r--r--include/linux/cred.h1
-rw-r--r--include/linux/filter.h3
-rw-r--r--include/linux/fs.h1
-rw-r--r--include/linux/fscache.h2
-rw-r--r--include/linux/ipv6.h3
-rw-r--r--include/linux/kaiser.h52
-rw-r--r--include/linux/kconfig.h11
-rw-r--r--include/linux/kexec.h4
-rw-r--r--include/linux/ktime.h7
-rw-r--r--include/linux/mfd/palmas.h3
-rw-r--r--include/linux/mmu_context.h7
-rw-r--r--include/linux/mmzone.h3
-rw-r--r--include/linux/mtd/map.h130
-rw-r--r--include/linux/netfilter/x_tables.h10
-rw-r--r--include/linux/percpu-defs.h32
-rw-r--r--include/linux/phy.h11
-rw-r--r--include/linux/sched.h1
-rw-r--r--include/linux/sh_eth.h1
-rw-r--r--include/linux/tcp.h7
-rw-r--r--include/linux/usb/otg.h6
-rw-r--r--include/linux/vm_event_item.h2
-rw-r--r--include/net/arp.h3
-rw-r--r--include/net/ip.h2
-rw-r--r--include/net/ipv6.h1
-rw-r--r--include/net/net_namespace.h10
-rw-r--r--include/net/netfilter/nf_queue.h4
-rw-r--r--include/net/netns/netfilter.h2
-rw-r--r--include/scsi/sg.h1
-rw-r--r--include/target/target_core_base.h1
-rw-r--r--include/trace/events/kvm.h7
-rw-r--r--include/uapi/linux/eventpoll.h13
-rw-r--r--init/Kconfig7
-rw-r--r--init/main.c2
-rw-r--r--ipc/msg.c5
-rw-r--r--kernel/acct.c2
-rw-r--r--kernel/async.c20
-rw-r--r--kernel/bpf/arraymap.c37
-rw-r--r--kernel/bpf/core.c101
-rw-r--r--kernel/bpf/syscall.c54
-rw-r--r--kernel/bpf/verifier.c283
-rw-r--r--kernel/fork.c6
-rw-r--r--kernel/futex.c11
-rw-r--r--kernel/gcov/Kconfig1
-rw-r--r--kernel/groups.c5
-rw-r--r--kernel/kexec.c109
-rw-r--r--kernel/kexec_core.c9
-rw-r--r--kernel/kexec_file.c8
-rw-r--r--kernel/locking/mutex.c5
-rw-r--r--kernel/module.c26
-rw-r--r--kernel/sched/core.c19
-rw-r--r--kernel/sched/deadline.c100
-rw-r--r--kernel/sched/fair.c48
-rw-r--r--kernel/sched/rt.c24
-rw-r--r--kernel/sched/sched.h2
-rw-r--r--kernel/signal.c18
-rw-r--r--kernel/time/hrtimer.c5
-rw-r--r--kernel/time/posix-timers.c34
-rw-r--r--kernel/time/tick-sched.c19
-rw-r--r--kernel/time/timer.c9
-rw-r--r--kernel/trace/ftrace.c1
-rw-r--r--kernel/trace/ring_buffer.c6
-rw-r--r--kernel/trace/trace.c13
-rw-r--r--kernel/trace/trace_events.c16
-rw-r--r--kernel/uid16.c1
-rw-r--r--lib/test_bpf.c13
-rw-r--r--mm/cma.c15
-rw-r--r--mm/compaction.c50
-rw-r--r--mm/kmemleak.c2
-rw-r--r--mm/memcontrol.c2
-rw-r--r--mm/memory-failure.c7
-rw-r--r--mm/memory.c2
-rw-r--r--mm/mmap.c6
-rw-r--r--mm/mmu_context.c2
-rw-r--r--mm/page-writeback.c11
-rw-r--r--mm/page_alloc.c6
-rw-r--r--mm/rmap.c28
-rw-r--r--mm/vmstat.c5
-rw-r--r--mm/zswap.c24
-rw-r--r--net/8021q/vlan.c7
-rw-r--r--net/Kconfig3
-rw-r--r--net/bluetooth/l2cap_core.c20
-rw-r--r--net/bridge/br_netlink.c11
-rw-r--r--net/can/af_can.c22
-rw-r--r--net/core/dev.c19
-rw-r--r--net/core/filter.c8
-rw-r--r--net/core/flow_dissector.c3
-rw-r--r--net/core/neighbour.c4
-rw-r--r--net/core/net_namespace.c2
-rw-r--r--net/core/skbuff.c6
-rw-r--r--net/core/sock_diag.c2
-rw-r--r--net/core/sysctl_net_core.c12
-rw-r--r--net/dccp/ccids/ccid2.c3
-rw-r--r--net/dccp/proto.c5
-rw-r--r--net/ipv4/arp.c7
-rw-r--r--net/ipv4/devinet.c2
-rw-r--r--net/ipv4/fib_frontend.c9
-rw-r--r--net/ipv4/igmp.c48
-rw-r--r--net/ipv4/ip_fragment.c25
-rw-r--r--net/ipv4/ip_tunnel.c4
-rw-r--r--net/ipv4/netfilter/arp_tables.c57
-rw-r--r--net/ipv4/netfilter/ip_tables.c51
-rw-r--r--net/ipv4/netfilter/nf_nat_snmp_basic.c19
-rw-r--r--net/ipv4/netfilter/nf_reject_ipv4.c2
-rw-r--r--net/ipv4/raw.c15
-rw-r--r--net/ipv4/tcp.c9
-rw-r--r--net/ipv4/tcp_ipv4.c2
-rw-r--r--net/ipv4/tcp_timer.c15
-rw-r--r--net/ipv4/tcp_vegas.c2
-rw-r--r--net/ipv6/af_inet6.c1
-rw-r--r--net/ipv6/ip6_output.c23
-rw-r--r--net/ipv6/ip6_tunnel.c9
-rw-r--r--net/ipv6/ip6mr.c1
-rw-r--r--net/ipv6/ipv6_sockglue.c3
-rw-r--r--net/ipv6/mcast.c25
-rw-r--r--net/ipv6/netfilter/ip6_tables.c51
-rw-r--r--net/ipv6/netfilter/nf_dup_ipv6.c1
-rw-r--r--net/ipv6/netfilter/nf_reject_ipv6.c3
-rw-r--r--net/ipv6/tcp_ipv6.c2
-rw-r--r--net/key/af_key.c8
-rw-r--r--net/mac80211/debugfs.c7
-rw-r--r--net/mac80211/mesh_hwmp.c15
-rw-r--r--net/netfilter/nf_conntrack_core.c7
-rw-r--r--net/netfilter/nf_conntrack_expect.c2
-rw-r--r--net/netfilter/nf_conntrack_sip.c5
-rw-r--r--net/netfilter/nf_queue.c17
-rw-r--r--net/netfilter/nfnetlink_cthelper.c277
-rw-r--r--net/netfilter/nfnetlink_queue.c33
-rw-r--r--net/netfilter/x_tables.c50
-rw-r--r--net/netfilter/xt_osf.c7
-rw-r--r--net/netfilter/xt_qtaguid.c20
-rw-r--r--net/netlink/af_netlink.c44
-rw-r--r--net/openvswitch/flow_netlink.c16
-rw-r--r--net/rds/rdma.c4
-rw-r--r--net/sched/sch_dsmark.c10
-rw-r--r--net/sctp/socket.c34
-rw-r--r--net/socket.c9
-rw-r--r--net/sunrpc/auth_gss/gss_rpc_xdr.c1
-rw-r--r--net/sunrpc/auth_gss/svcauth_gss.c1
-rw-r--r--net/sunrpc/svcauth_unix.c2
-rw-r--r--net/sunrpc/xprtsock.c1
-rw-r--r--scripts/Makefile.build87
-rw-r--r--scripts/genksyms/genksyms.c6
-rw-r--r--scripts/mod/modpost.c3
-rw-r--r--security/Kconfig10
-rw-r--r--security/keys/encrypted-keys/encrypted.c31
-rw-r--r--security/selinux/hooks.c2
-rw-r--r--sound/core/oss/pcm_oss.c41
-rw-r--r--sound/core/oss/pcm_plugin.c14
-rw-r--r--sound/core/pcm_lib.c5
-rw-r--r--sound/core/rawmidi.c15
-rw-r--r--sound/core/seq/seq_clientmgr.c15
-rw-r--r--sound/core/seq/seq_clientmgr.h1
-rw-r--r--sound/drivers/aloop.c98
-rw-r--r--sound/hda/hdac_i915.c6
-rw-r--r--sound/pci/hda/hda_intel.c6
-rw-r--r--sound/pci/hda/patch_cirrus.c1
-rw-r--r--sound/pci/hda/patch_conexant.c11
-rw-r--r--sound/pci/hda/patch_realtek.c48
-rw-r--r--sound/soc/codecs/pcm512x-spi.c4
-rw-r--r--sound/soc/codecs/twl4030.c4
-rw-r--r--sound/soc/fsl/fsl_ssi.c18
-rw-r--r--sound/soc/generic/simple-card.c8
-rw-r--r--sound/soc/sh/rcar/rsnd.h2
-rw-r--r--sound/soc/sh/rcar/ssi.c5
-rw-r--r--sound/usb/mixer.c45
-rw-r--r--sound/usb/pcm.c9
-rw-r--r--ti_config_fragments/android_omap.cfg4
-rw-r--r--ti_config_fragments/audio_display.cfg2
-rw-r--r--tools/testing/selftests/vm/Makefile4
-rw-r--r--tools/testing/selftests/x86/Makefile3
-rw-r--r--tools/testing/selftests/x86/test_vsyscall.c500
-rw-r--r--tools/usb/usbip/libsrc/usbip_common.c9
-rw-r--r--tools/usb/usbip/libsrc/usbip_host_driver.c27
-rw-r--r--tools/usb/usbip/libsrc/vhci_driver.c8
-rw-r--r--tools/usb/usbip/src/usbip.c2
-rw-r--r--tools/usb/usbip/src/usbip_bind.c9
-rw-r--r--tools/usb/usbip/src/usbip_list.c9
-rw-r--r--tools/usb/usbip/src/utils.c9
-rw-r--r--virt/kvm/kvm_main.c2
658 files changed, 10248 insertions, 3272 deletions
diff --git a/Documentation/ABI/testing/sysfs-devices-system-cpu b/Documentation/ABI/testing/sysfs-devices-system-cpu
index b683e8ee69ec..ea6a043f5beb 100644
--- a/Documentation/ABI/testing/sysfs-devices-system-cpu
+++ b/Documentation/ABI/testing/sysfs-devices-system-cpu
@@ -271,3 +271,19 @@ Description: Parameters for the CPU cache attributes
271 - WriteBack: data is written only to the cache line and 271 - WriteBack: data is written only to the cache line and
272 the modified cache line is written to main 272 the modified cache line is written to main
273 memory only when it is replaced 273 memory only when it is replaced
274
275What: /sys/devices/system/cpu/vulnerabilities
276 /sys/devices/system/cpu/vulnerabilities/meltdown
277 /sys/devices/system/cpu/vulnerabilities/spectre_v1
278 /sys/devices/system/cpu/vulnerabilities/spectre_v2
279Date: January 2018
280Contact: Linux kernel mailing list <linux-kernel@vger.kernel.org>
281Description: Information about CPU vulnerabilities
282
283 The files are named after the code names of CPU
284 vulnerabilities. The output of those files reflects the
285 state of the CPUs in the system. Possible output values:
286
287 "Not affected" CPU is not affected by the vulnerability
288 "Vulnerable" CPU is affected and no mitigation in effect
289 "Mitigation: $M" CPU is affected and mitigation $M is in effect
diff --git a/Documentation/devicetree/bindings/dma/snps-dma.txt b/Documentation/devicetree/bindings/dma/snps-dma.txt
index c261598164a7..17d43ca27f41 100644
--- a/Documentation/devicetree/bindings/dma/snps-dma.txt
+++ b/Documentation/devicetree/bindings/dma/snps-dma.txt
@@ -58,6 +58,6 @@ Example:
58 interrupts = <0 35 0x4>; 58 interrupts = <0 35 0x4>;
59 status = "disabled"; 59 status = "disabled";
60 dmas = <&dmahost 12 0 1>, 60 dmas = <&dmahost 12 0 1>,
61 <&dmahost 13 0 1 0>; 61 <&dmahost 13 1 0>;
62 dma-names = "rx", "rx"; 62 dma-names = "rx", "rx";
63 }; 63 };
diff --git a/Documentation/filesystems/ext4.txt b/Documentation/filesystems/ext4.txt
index 6c0108eb0137..2139ea253142 100644
--- a/Documentation/filesystems/ext4.txt
+++ b/Documentation/filesystems/ext4.txt
@@ -233,7 +233,7 @@ data_err=ignore(*) Just print an error message if an error occurs
233data_err=abort Abort the journal if an error occurs in a file 233data_err=abort Abort the journal if an error occurs in a file
234 data buffer in ordered mode. 234 data buffer in ordered mode.
235 235
236grpid Give objects the same group ID as their creator. 236grpid New objects have the group ID of their parent.
237bsdgroups 237bsdgroups
238 238
239nogrpid (*) New objects have the group ID of their creator. 239nogrpid (*) New objects have the group ID of their creator.
diff --git a/Documentation/kdump/gdbmacros.txt b/Documentation/kdump/gdbmacros.txt
index 9b9b454b048a..35f6a982a0d5 100644
--- a/Documentation/kdump/gdbmacros.txt
+++ b/Documentation/kdump/gdbmacros.txt
@@ -15,15 +15,16 @@
15 15
16define bttnobp 16define bttnobp
17 set $tasks_off=((size_t)&((struct task_struct *)0)->tasks) 17 set $tasks_off=((size_t)&((struct task_struct *)0)->tasks)
18 set $pid_off=((size_t)&((struct task_struct *)0)->pids[1].pid_list.next) 18 set $pid_off=((size_t)&((struct task_struct *)0)->thread_group.next)
19 set $init_t=&init_task 19 set $init_t=&init_task
20 set $next_t=(((char *)($init_t->tasks).next) - $tasks_off) 20 set $next_t=(((char *)($init_t->tasks).next) - $tasks_off)
21 set var $stacksize = sizeof(union thread_union)
21 while ($next_t != $init_t) 22 while ($next_t != $init_t)
22 set $next_t=(struct task_struct *)$next_t 23 set $next_t=(struct task_struct *)$next_t
23 printf "\npid %d; comm %s:\n", $next_t.pid, $next_t.comm 24 printf "\npid %d; comm %s:\n", $next_t.pid, $next_t.comm
24 printf "===================\n" 25 printf "===================\n"
25 set var $stackp = $next_t.thread.esp 26 set var $stackp = $next_t.thread.sp
26 set var $stack_top = ($stackp & ~4095) + 4096 27 set var $stack_top = ($stackp & ~($stacksize - 1)) + $stacksize
27 28
28 while ($stackp < $stack_top) 29 while ($stackp < $stack_top)
29 if (*($stackp) > _stext && *($stackp) < _sinittext) 30 if (*($stackp) > _stext && *($stackp) < _sinittext)
@@ -31,13 +32,13 @@ define bttnobp
31 end 32 end
32 set $stackp += 4 33 set $stackp += 4
33 end 34 end
34 set $next_th=(((char *)$next_t->pids[1].pid_list.next) - $pid_off) 35 set $next_th=(((char *)$next_t->thread_group.next) - $pid_off)
35 while ($next_th != $next_t) 36 while ($next_th != $next_t)
36 set $next_th=(struct task_struct *)$next_th 37 set $next_th=(struct task_struct *)$next_th
37 printf "\npid %d; comm %s:\n", $next_t.pid, $next_t.comm 38 printf "\npid %d; comm %s:\n", $next_t.pid, $next_t.comm
38 printf "===================\n" 39 printf "===================\n"
39 set var $stackp = $next_t.thread.esp 40 set var $stackp = $next_t.thread.sp
40 set var $stack_top = ($stackp & ~4095) + 4096 41 set var $stack_top = ($stackp & ~($stacksize - 1)) + stacksize
41 42
42 while ($stackp < $stack_top) 43 while ($stackp < $stack_top)
43 if (*($stackp) > _stext && *($stackp) < _sinittext) 44 if (*($stackp) > _stext && *($stackp) < _sinittext)
@@ -45,7 +46,7 @@ define bttnobp
45 end 46 end
46 set $stackp += 4 47 set $stackp += 4
47 end 48 end
48 set $next_th=(((char *)$next_th->pids[1].pid_list.next) - $pid_off) 49 set $next_th=(((char *)$next_th->thread_group.next) - $pid_off)
49 end 50 end
50 set $next_t=(char *)($next_t->tasks.next) - $tasks_off 51 set $next_t=(char *)($next_t->tasks.next) - $tasks_off
51 end 52 end
@@ -54,42 +55,44 @@ document bttnobp
54 dump all thread stack traces on a kernel compiled with !CONFIG_FRAME_POINTER 55 dump all thread stack traces on a kernel compiled with !CONFIG_FRAME_POINTER
55end 56end
56 57
58define btthreadstack
59 set var $pid_task = $arg0
60
61 printf "\npid %d; comm %s:\n", $pid_task.pid, $pid_task.comm
62 printf "task struct: "
63 print $pid_task
64 printf "===================\n"
65 set var $stackp = $pid_task.thread.sp
66 set var $stacksize = sizeof(union thread_union)
67 set var $stack_top = ($stackp & ~($stacksize - 1)) + $stacksize
68 set var $stack_bot = ($stackp & ~($stacksize - 1))
69
70 set $stackp = *((unsigned long *) $stackp)
71 while (($stackp < $stack_top) && ($stackp > $stack_bot))
72 set var $addr = *(((unsigned long *) $stackp) + 1)
73 info symbol $addr
74 set $stackp = *((unsigned long *) $stackp)
75 end
76end
77document btthreadstack
78 dump a thread stack using the given task structure pointer
79end
80
81
57define btt 82define btt
58 set $tasks_off=((size_t)&((struct task_struct *)0)->tasks) 83 set $tasks_off=((size_t)&((struct task_struct *)0)->tasks)
59 set $pid_off=((size_t)&((struct task_struct *)0)->pids[1].pid_list.next) 84 set $pid_off=((size_t)&((struct task_struct *)0)->thread_group.next)
60 set $init_t=&init_task 85 set $init_t=&init_task
61 set $next_t=(((char *)($init_t->tasks).next) - $tasks_off) 86 set $next_t=(((char *)($init_t->tasks).next) - $tasks_off)
62 while ($next_t != $init_t) 87 while ($next_t != $init_t)
63 set $next_t=(struct task_struct *)$next_t 88 set $next_t=(struct task_struct *)$next_t
64 printf "\npid %d; comm %s:\n", $next_t.pid, $next_t.comm 89 btthreadstack $next_t
65 printf "===================\n"
66 set var $stackp = $next_t.thread.esp
67 set var $stack_top = ($stackp & ~4095) + 4096
68 set var $stack_bot = ($stackp & ~4095)
69
70 set $stackp = *($stackp)
71 while (($stackp < $stack_top) && ($stackp > $stack_bot))
72 set var $addr = *($stackp + 4)
73 info symbol $addr
74 set $stackp = *($stackp)
75 end
76 90
77 set $next_th=(((char *)$next_t->pids[1].pid_list.next) - $pid_off) 91 set $next_th=(((char *)$next_t->thread_group.next) - $pid_off)
78 while ($next_th != $next_t) 92 while ($next_th != $next_t)
79 set $next_th=(struct task_struct *)$next_th 93 set $next_th=(struct task_struct *)$next_th
80 printf "\npid %d; comm %s:\n", $next_t.pid, $next_t.comm 94 btthreadstack $next_th
81 printf "===================\n" 95 set $next_th=(((char *)$next_th->thread_group.next) - $pid_off)
82 set var $stackp = $next_t.thread.esp
83 set var $stack_top = ($stackp & ~4095) + 4096
84 set var $stack_bot = ($stackp & ~4095)
85
86 set $stackp = *($stackp)
87 while (($stackp < $stack_top) && ($stackp > $stack_bot))
88 set var $addr = *($stackp + 4)
89 info symbol $addr
90 set $stackp = *($stackp)
91 end
92 set $next_th=(((char *)$next_th->pids[1].pid_list.next) - $pid_off)
93 end 96 end
94 set $next_t=(char *)($next_t->tasks.next) - $tasks_off 97 set $next_t=(char *)($next_t->tasks.next) - $tasks_off
95 end 98 end
@@ -101,7 +104,7 @@ end
101define btpid 104define btpid
102 set var $pid = $arg0 105 set var $pid = $arg0
103 set $tasks_off=((size_t)&((struct task_struct *)0)->tasks) 106 set $tasks_off=((size_t)&((struct task_struct *)0)->tasks)
104 set $pid_off=((size_t)&((struct task_struct *)0)->pids[1].pid_list.next) 107 set $pid_off=((size_t)&((struct task_struct *)0)->thread_group.next)
105 set $init_t=&init_task 108 set $init_t=&init_task
106 set $next_t=(((char *)($init_t->tasks).next) - $tasks_off) 109 set $next_t=(((char *)($init_t->tasks).next) - $tasks_off)
107 set var $pid_task = 0 110 set var $pid_task = 0
@@ -113,29 +116,18 @@ define btpid
113 set $pid_task = $next_t 116 set $pid_task = $next_t
114 end 117 end
115 118
116 set $next_th=(((char *)$next_t->pids[1].pid_list.next) - $pid_off) 119 set $next_th=(((char *)$next_t->thread_group.next) - $pid_off)
117 while ($next_th != $next_t) 120 while ($next_th != $next_t)
118 set $next_th=(struct task_struct *)$next_th 121 set $next_th=(struct task_struct *)$next_th
119 if ($next_th.pid == $pid) 122 if ($next_th.pid == $pid)
120 set $pid_task = $next_th 123 set $pid_task = $next_th
121 end 124 end
122 set $next_th=(((char *)$next_th->pids[1].pid_list.next) - $pid_off) 125 set $next_th=(((char *)$next_th->thread_group.next) - $pid_off)
123 end 126 end
124 set $next_t=(char *)($next_t->tasks.next) - $tasks_off 127 set $next_t=(char *)($next_t->tasks.next) - $tasks_off
125 end 128 end
126 129
127 printf "\npid %d; comm %s:\n", $pid_task.pid, $pid_task.comm 130 btthreadstack $pid_task
128 printf "===================\n"
129 set var $stackp = $pid_task.thread.esp
130 set var $stack_top = ($stackp & ~4095) + 4096
131 set var $stack_bot = ($stackp & ~4095)
132
133 set $stackp = *($stackp)
134 while (($stackp < $stack_top) && ($stackp > $stack_bot))
135 set var $addr = *($stackp + 4)
136 info symbol $addr
137 set $stackp = *($stackp)
138 end
139end 131end
140document btpid 132document btpid
141 backtrace of pid 133 backtrace of pid
@@ -145,7 +137,7 @@ end
145define trapinfo 137define trapinfo
146 set var $pid = $arg0 138 set var $pid = $arg0
147 set $tasks_off=((size_t)&((struct task_struct *)0)->tasks) 139 set $tasks_off=((size_t)&((struct task_struct *)0)->tasks)
148 set $pid_off=((size_t)&((struct task_struct *)0)->pids[1].pid_list.next) 140 set $pid_off=((size_t)&((struct task_struct *)0)->thread_group.next)
149 set $init_t=&init_task 141 set $init_t=&init_task
150 set $next_t=(((char *)($init_t->tasks).next) - $tasks_off) 142 set $next_t=(((char *)($init_t->tasks).next) - $tasks_off)
151 set var $pid_task = 0 143 set var $pid_task = 0
@@ -157,13 +149,13 @@ define trapinfo
157 set $pid_task = $next_t 149 set $pid_task = $next_t
158 end 150 end
159 151
160 set $next_th=(((char *)$next_t->pids[1].pid_list.next) - $pid_off) 152 set $next_th=(((char *)$next_t->thread_group.next) - $pid_off)
161 while ($next_th != $next_t) 153 while ($next_th != $next_t)
162 set $next_th=(struct task_struct *)$next_th 154 set $next_th=(struct task_struct *)$next_th
163 if ($next_th.pid == $pid) 155 if ($next_th.pid == $pid)
164 set $pid_task = $next_th 156 set $pid_task = $next_th
165 end 157 end
166 set $next_th=(((char *)$next_th->pids[1].pid_list.next) - $pid_off) 158 set $next_th=(((char *)$next_th->thread_group.next) - $pid_off)
167 end 159 end
168 set $next_t=(char *)($next_t->tasks.next) - $tasks_off 160 set $next_t=(char *)($next_t->tasks.next) - $tasks_off
169 end 161 end
diff --git a/Documentation/kernel-parameters.txt b/Documentation/kernel-parameters.txt
index 21321b9acfb0..9fee3a90deaa 100644
--- a/Documentation/kernel-parameters.txt
+++ b/Documentation/kernel-parameters.txt
@@ -2458,6 +2458,11 @@ bytes respectively. Such letter suffixes can also be entirely omitted.
2458 2458
2459 nohugeiomap [KNL,x86] Disable kernel huge I/O mappings. 2459 nohugeiomap [KNL,x86] Disable kernel huge I/O mappings.
2460 2460
2461 nospectre_v2 [X86] Disable all mitigations for the Spectre variant 2
2462 (indirect branch prediction) vulnerability. System may
2463 allow data leaks with this option, which is equivalent
2464 to spectre_v2=off.
2465
2461 noxsave [BUGS=X86] Disables x86 extended register state save 2466 noxsave [BUGS=X86] Disables x86 extended register state save
2462 and restore using xsave. The kernel will fallback to 2467 and restore using xsave. The kernel will fallback to
2463 enabling legacy floating-point and sse state. 2468 enabling legacy floating-point and sse state.
@@ -2525,6 +2530,8 @@ bytes respectively. Such letter suffixes can also be entirely omitted.
2525 2530
2526 nointroute [IA-64] 2531 nointroute [IA-64]
2527 2532
2533 noinvpcid [X86] Disable the INVPCID cpu feature.
2534
2528 nojitter [IA-64] Disables jitter checking for ITC timers. 2535 nojitter [IA-64] Disables jitter checking for ITC timers.
2529 2536
2530 no-kvmclock [X86,KVM] Disable paravirtualized KVM clock driver 2537 no-kvmclock [X86,KVM] Disable paravirtualized KVM clock driver
@@ -2559,6 +2566,8 @@ bytes respectively. Such letter suffixes can also be entirely omitted.
2559 nopat [X86] Disable PAT (page attribute table extension of 2566 nopat [X86] Disable PAT (page attribute table extension of
2560 pagetables) support. 2567 pagetables) support.
2561 2568
2569 nopcid [X86-64] Disable the PCID cpu feature.
2570
2562 norandmaps Don't use address space randomization. Equivalent to 2571 norandmaps Don't use address space randomization. Equivalent to
2563 echo 0 > /proc/sys/kernel/randomize_va_space 2572 echo 0 > /proc/sys/kernel/randomize_va_space
2564 2573
@@ -3056,6 +3065,21 @@ bytes respectively. Such letter suffixes can also be entirely omitted.
3056 pt. [PARIDE] 3065 pt. [PARIDE]
3057 See Documentation/blockdev/paride.txt. 3066 See Documentation/blockdev/paride.txt.
3058 3067
3068 pti= [X86_64] Control Page Table Isolation of user and
3069 kernel address spaces. Disabling this feature
3070 removes hardening, but improves performance of
3071 system calls and interrupts.
3072
3073 on - unconditionally enable
3074 off - unconditionally disable
3075 auto - kernel detects whether your CPU model is
3076 vulnerable to issues that PTI mitigates
3077
3078 Not specifying this option is equivalent to pti=auto.
3079
3080 nopti [X86_64]
3081 Equivalent to pti=off
3082
3059 pty.legacy_count= 3083 pty.legacy_count=
3060 [KNL] Number of legacy pty's. Overwrites compiled-in 3084 [KNL] Number of legacy pty's. Overwrites compiled-in
3061 default number. 3085 default number.
@@ -3585,6 +3609,29 @@ bytes respectively. Such letter suffixes can also be entirely omitted.
3585 sonypi.*= [HW] Sony Programmable I/O Control Device driver 3609 sonypi.*= [HW] Sony Programmable I/O Control Device driver
3586 See Documentation/laptops/sonypi.txt 3610 See Documentation/laptops/sonypi.txt
3587 3611
3612 spectre_v2= [X86] Control mitigation of Spectre variant 2
3613 (indirect branch speculation) vulnerability.
3614
3615 on - unconditionally enable
3616 off - unconditionally disable
3617 auto - kernel detects whether your CPU model is
3618 vulnerable
3619
3620 Selecting 'on' will, and 'auto' may, choose a
3621 mitigation method at run time according to the
3622 CPU, the available microcode, the setting of the
3623 CONFIG_RETPOLINE configuration option, and the
3624 compiler with which the kernel was built.
3625
3626 Specific mitigations can also be selected manually:
3627
3628 retpoline - replace indirect branches
3629 retpoline,generic - google's original retpoline
3630 retpoline,amd - AMD-specific minimal thunk
3631
3632 Not specifying this option is equivalent to
3633 spectre_v2=auto.
3634
3588 spia_io_base= [HW,MTD] 3635 spia_io_base= [HW,MTD]
3589 spia_fio_base= 3636 spia_fio_base=
3590 spia_pedr= 3637 spia_pedr=
diff --git a/Documentation/x86/pti.txt b/Documentation/x86/pti.txt
new file mode 100644
index 000000000000..5cd58439ad2d
--- /dev/null
+++ b/Documentation/x86/pti.txt
@@ -0,0 +1,186 @@
1Overview
2========
3
4Page Table Isolation (pti, previously known as KAISER[1]) is a
5countermeasure against attacks on the shared user/kernel address
6space such as the "Meltdown" approach[2].
7
8To mitigate this class of attacks, we create an independent set of
9page tables for use only when running userspace applications. When
10the kernel is entered via syscalls, interrupts or exceptions, the
11page tables are switched to the full "kernel" copy. When the system
12switches back to user mode, the user copy is used again.
13
14The userspace page tables contain only a minimal amount of kernel
15data: only what is needed to enter/exit the kernel such as the
16entry/exit functions themselves and the interrupt descriptor table
17(IDT). There are a few strictly unnecessary things that get mapped
18such as the first C function when entering an interrupt (see
19comments in pti.c).
20
21This approach helps to ensure that side-channel attacks leveraging
22the paging structures do not function when PTI is enabled. It can be
23enabled by setting CONFIG_PAGE_TABLE_ISOLATION=y at compile time.
24Once enabled at compile-time, it can be disabled at boot with the
25'nopti' or 'pti=' kernel parameters (see kernel-parameters.txt).
26
27Page Table Management
28=====================
29
30When PTI is enabled, the kernel manages two sets of page tables.
31The first set is very similar to the single set which is present in
32kernels without PTI. This includes a complete mapping of userspace
33that the kernel can use for things like copy_to_user().
34
35Although _complete_, the user portion of the kernel page tables is
36crippled by setting the NX bit in the top level. This ensures
37that any missed kernel->user CR3 switch will immediately crash
38userspace upon executing its first instruction.
39
40The userspace page tables map only the kernel data needed to enter
41and exit the kernel. This data is entirely contained in the 'struct
42cpu_entry_area' structure which is placed in the fixmap which gives
43each CPU's copy of the area a compile-time-fixed virtual address.
44
45For new userspace mappings, the kernel makes the entries in its
46page tables like normal. The only difference is when the kernel
47makes entries in the top (PGD) level. In addition to setting the
48entry in the main kernel PGD, a copy of the entry is made in the
49userspace page tables' PGD.
50
51This sharing at the PGD level also inherently shares all the lower
52layers of the page tables. This leaves a single, shared set of
53userspace page tables to manage. One PTE to lock, one set of
54accessed bits, dirty bits, etc...
55
56Overhead
57========
58
59Protection against side-channel attacks is important. But,
60this protection comes at a cost:
61
621. Increased Memory Use
63 a. Each process now needs an order-1 PGD instead of order-0.
64 (Consumes an additional 4k per process).
65 b. The 'cpu_entry_area' structure must be 2MB in size and 2MB
66 aligned so that it can be mapped by setting a single PMD
67 entry. This consumes nearly 2MB of RAM once the kernel
68 is decompressed, but no space in the kernel image itself.
69
702. Runtime Cost
71 a. CR3 manipulation to switch between the page table copies
72 must be done at interrupt, syscall, and exception entry
73 and exit (it can be skipped when the kernel is interrupted,
74 though.) Moves to CR3 are on the order of a hundred
75 cycles, and are required at every entry and exit.
76 b. A "trampoline" must be used for SYSCALL entry. This
77 trampoline depends on a smaller set of resources than the
78 non-PTI SYSCALL entry code, so requires mapping fewer
79 things into the userspace page tables. The downside is
80 that stacks must be switched at entry time.
81 c. Global pages are disabled for all kernel structures not
82 mapped into both kernel and userspace page tables. This
83 feature of the MMU allows different processes to share TLB
84 entries mapping the kernel. Losing the feature means more
85 TLB misses after a context switch. The actual loss of
86 performance is very small, however, never exceeding 1%.
87 d. Process Context IDentifiers (PCID) is a CPU feature that
88 allows us to skip flushing the entire TLB when switching page
89 tables by setting a special bit in CR3 when the page tables
90 are changed. This makes switching the page tables (at context
91 switch, or kernel entry/exit) cheaper. But, on systems with
92 PCID support, the context switch code must flush both the user
93 and kernel entries out of the TLB. The user PCID TLB flush is
94 deferred until the exit to userspace, minimizing the cost.
95 See intel.com/sdm for the gory PCID/INVPCID details.
96 e. The userspace page tables must be populated for each new
97 process. Even without PTI, the shared kernel mappings
98 are created by copying top-level (PGD) entries into each
99 new process. But, with PTI, there are now *two* kernel
100 mappings: one in the kernel page tables that maps everything
101 and one for the entry/exit structures. At fork(), we need to
102 copy both.
103 f. In addition to the fork()-time copying, there must also
104 be an update to the userspace PGD any time a set_pgd() is done
105 on a PGD used to map userspace. This ensures that the kernel
106 and userspace copies always map the same userspace
107 memory.
108 g. On systems without PCID support, each CR3 write flushes
109 the entire TLB. That means that each syscall, interrupt
110 or exception flushes the TLB.
111 h. INVPCID is a TLB-flushing instruction which allows flushing
112 of TLB entries for non-current PCIDs. Some systems support
113 PCIDs, but do not support INVPCID. On these systems, addresses
114 can only be flushed from the TLB for the current PCID. When
115 flushing a kernel address, we need to flush all PCIDs, so a
116 single kernel address flush will require a TLB-flushing CR3
117 write upon the next use of every PCID.
118
119Possible Future Work
120====================
1211. We can be more careful about not actually writing to CR3
122 unless its value is actually changed.
1232. Allow PTI to be enabled/disabled at runtime in addition to the
124 boot-time switching.
125
126Testing
127========
128
129To test stability of PTI, the following test procedure is recommended,
130ideally doing all of these in parallel:
131
1321. Set CONFIG_DEBUG_ENTRY=y
1332. Run several copies of all of the tools/testing/selftests/x86/ tests
134 (excluding MPX and protection_keys) in a loop on multiple CPUs for
135 several minutes. These tests frequently uncover corner cases in the
136 kernel entry code. In general, old kernels might cause these tests
137 themselves to crash, but they should never crash the kernel.
1383. Run the 'perf' tool in a mode (top or record) that generates many
139 frequent performance monitoring non-maskable interrupts (see "NMI"
140 in /proc/interrupts). This exercises the NMI entry/exit code which
141 is known to trigger bugs in code paths that did not expect to be
142 interrupted, including nested NMIs. Using "-c" boosts the rate of
143 NMIs, and using two -c with separate counters encourages nested NMIs
144 and less deterministic behavior.
145
146 while true; do perf record -c 10000 -e instructions,cycles -a sleep 10; done
147
1484. Launch a KVM virtual machine.
1495. Run 32-bit binaries on systems supporting the SYSCALL instruction.
150 This has been a lightly-tested code path and needs extra scrutiny.
151
152Debugging
153=========
154
155Bugs in PTI cause a few different signatures of crashes
156that are worth noting here.
157
158 * Failures of the selftests/x86 code. Usually a bug in one of the
159 more obscure corners of entry_64.S
160 * Crashes in early boot, especially around CPU bringup. Bugs
161 in the trampoline code or mappings cause these.
162 * Crashes at the first interrupt. Caused by bugs in entry_64.S,
163 like screwing up a page table switch. Also caused by
164 incorrectly mapping the IRQ handler entry code.
165 * Crashes at the first NMI. The NMI code is separate from main
166 interrupt handlers and can have bugs that do not affect
167 normal interrupts. Also caused by incorrectly mapping NMI
168 code. NMIs that interrupt the entry code must be very
169 careful and can be the cause of crashes that show up when
170 running perf.
171 * Kernel crashes at the first exit to userspace. entry_64.S
172 bugs, or failing to map some of the exit code.
173 * Crashes at first interrupt that interrupts userspace. The paths
174 in entry_64.S that return to userspace are sometimes separate
175 from the ones that return to the kernel.
176 * Double faults: overflowing the kernel stack because of page
177 faults upon page faults. Caused by touching non-pti-mapped
178 data in the entry code, or forgetting to switch to kernel
179 CR3 before calling into C functions which are not pti-mapped.
180 * Userspace segfaults early in boot, sometimes manifesting
181 as mount(8) failing to mount the rootfs. These have
182 tended to be TLB invalidation issues. Usually invalidating
183 the wrong PCID, or otherwise missing an invalidation.
184
1851. https://gruss.cc/files/kaiser.pdf
1862. https://meltdownattack.com/meltdown.pdf
diff --git a/Makefile b/Makefile
index 2801b2b4df2e..82e25459fdf9 100644
--- a/Makefile
+++ b/Makefile
@@ -1,6 +1,6 @@
1VERSION = 4 1VERSION = 4
2PATCHLEVEL = 4 2PATCHLEVEL = 4
3SUBLEVEL = 107 3SUBLEVEL = 117
4EXTRAVERSION = 4EXTRAVERSION =
5NAME = Blurry Fish Butt 5NAME = Blurry Fish Butt
6 6
@@ -782,6 +782,9 @@ KBUILD_CFLAGS += $(call cc-disable-warning, pointer-sign)
782# disable invalid "can't wrap" optimizations for signed / pointers 782# disable invalid "can't wrap" optimizations for signed / pointers
783KBUILD_CFLAGS += $(call cc-option,-fno-strict-overflow) 783KBUILD_CFLAGS += $(call cc-option,-fno-strict-overflow)
784 784
785# Make sure -fstack-check isn't enabled (like gentoo apparently did)
786KBUILD_CFLAGS += $(call cc-option,-fno-stack-check,)
787
785# conserve stack if available 788# conserve stack if available
786KBUILD_CFLAGS += $(call cc-option,-fconserve-stack) 789KBUILD_CFLAGS += $(call cc-option,-fconserve-stack)
787 790
diff --git a/arch/alpha/include/asm/mmu_context.h b/arch/alpha/include/asm/mmu_context.h
index 4c51c05333c6..4cafffa80e2c 100644
--- a/arch/alpha/include/asm/mmu_context.h
+++ b/arch/alpha/include/asm/mmu_context.h
@@ -7,6 +7,7 @@
7 * Copyright (C) 1996, Linus Torvalds 7 * Copyright (C) 1996, Linus Torvalds
8 */ 8 */
9 9
10#include <linux/sched.h>
10#include <asm/machvec.h> 11#include <asm/machvec.h>
11#include <asm/compiler.h> 12#include <asm/compiler.h>
12#include <asm-generic/mm_hooks.h> 13#include <asm-generic/mm_hooks.h>
diff --git a/arch/alpha/kernel/pci_impl.h b/arch/alpha/kernel/pci_impl.h
index 2b0ac429f5eb..412bb3c24f36 100644
--- a/arch/alpha/kernel/pci_impl.h
+++ b/arch/alpha/kernel/pci_impl.h
@@ -143,7 +143,8 @@ struct pci_iommu_arena
143}; 143};
144 144
145#if defined(CONFIG_ALPHA_SRM) && \ 145#if defined(CONFIG_ALPHA_SRM) && \
146 (defined(CONFIG_ALPHA_CIA) || defined(CONFIG_ALPHA_LCA)) 146 (defined(CONFIG_ALPHA_CIA) || defined(CONFIG_ALPHA_LCA) || \
147 defined(CONFIG_ALPHA_AVANTI))
147# define NEED_SRM_SAVE_RESTORE 148# define NEED_SRM_SAVE_RESTORE
148#else 149#else
149# undef NEED_SRM_SAVE_RESTORE 150# undef NEED_SRM_SAVE_RESTORE
diff --git a/arch/alpha/kernel/process.c b/arch/alpha/kernel/process.c
index 84d13263ce46..8095fb2c5c94 100644
--- a/arch/alpha/kernel/process.c
+++ b/arch/alpha/kernel/process.c
@@ -273,12 +273,13 @@ copy_thread(unsigned long clone_flags, unsigned long usp,
273 application calling fork. */ 273 application calling fork. */
274 if (clone_flags & CLONE_SETTLS) 274 if (clone_flags & CLONE_SETTLS)
275 childti->pcb.unique = regs->r20; 275 childti->pcb.unique = regs->r20;
276 else
277 regs->r20 = 0; /* OSF/1 has some strange fork() semantics. */
276 childti->pcb.usp = usp ?: rdusp(); 278 childti->pcb.usp = usp ?: rdusp();
277 *childregs = *regs; 279 *childregs = *regs;
278 childregs->r0 = 0; 280 childregs->r0 = 0;
279 childregs->r19 = 0; 281 childregs->r19 = 0;
280 childregs->r20 = 1; /* OSF/1 has some strange fork() semantics. */ 282 childregs->r20 = 1; /* OSF/1 has some strange fork() semantics. */
281 regs->r20 = 0;
282 stack = ((struct switch_stack *) regs) - 1; 283 stack = ((struct switch_stack *) regs) - 1;
283 *childstack = *stack; 284 *childstack = *stack;
284 childstack->r26 = (unsigned long) ret_from_fork; 285 childstack->r26 = (unsigned long) ret_from_fork;
diff --git a/arch/arc/include/asm/uaccess.h b/arch/arc/include/asm/uaccess.h
index d4d8df706efa..57387b567f34 100644
--- a/arch/arc/include/asm/uaccess.h
+++ b/arch/arc/include/asm/uaccess.h
@@ -673,6 +673,7 @@ __arc_strncpy_from_user(char *dst, const char __user *src, long count)
673 return 0; 673 return 0;
674 674
675 __asm__ __volatile__( 675 __asm__ __volatile__(
676 " mov lp_count, %5 \n"
676 " lp 3f \n" 677 " lp 3f \n"
677 "1: ldb.ab %3, [%2, 1] \n" 678 "1: ldb.ab %3, [%2, 1] \n"
678 " breq.d %3, 0, 3f \n" 679 " breq.d %3, 0, 3f \n"
@@ -689,8 +690,8 @@ __arc_strncpy_from_user(char *dst, const char __user *src, long count)
689 " .word 1b, 4b \n" 690 " .word 1b, 4b \n"
690 " .previous \n" 691 " .previous \n"
691 : "+r"(res), "+r"(dst), "+r"(src), "=r"(val) 692 : "+r"(res), "+r"(dst), "+r"(src), "=r"(val)
692 : "g"(-EFAULT), "l"(count) 693 : "g"(-EFAULT), "r"(count)
693 : "memory"); 694 : "lp_count", "lp_start", "lp_end", "memory");
694 695
695 return res; 696 return res;
696} 697}
diff --git a/arch/arm/boot/dts/Makefile b/arch/arm/boot/dts/Makefile
index 155255ed8e2a..84aec2d729cf 100644
--- a/arch/arm/boot/dts/Makefile
+++ b/arch/arm/boot/dts/Makefile
@@ -528,7 +528,8 @@ dtb-$(CONFIG_SOC_DRA7XX) += \
528 dra7-evm-late-attach.dtb \ 528 dra7-evm-late-attach.dtb \
529 dra72-evm-late-attach.dtb \ 529 dra72-evm-late-attach.dtb \
530 dra71-evm-late-attach.dtb \ 530 dra71-evm-late-attach.dtb \
531 dra76-evm-late-attach.dtb 531 dra76-evm-late-attach.dtb \
532 dra76-evm-tfp410.dtb
532dtb-$(CONFIG_ARCH_ORION5X) += \ 533dtb-$(CONFIG_ARCH_ORION5X) += \
533 orion5x-lacie-d2-network.dtb \ 534 orion5x-lacie-d2-network.dtb \
534 orion5x-lacie-ethernet-disk-mini-v2.dtb \ 535 orion5x-lacie-ethernet-disk-mini-v2.dtb \
diff --git a/arch/arm/boot/dts/dra7-evm-common.dtsi b/arch/arm/boot/dts/dra7-evm-common.dtsi
index 1f9008d8e14e..c1bee515079f 100644
--- a/arch/arm/boot/dts/dra7-evm-common.dtsi
+++ b/arch/arm/boot/dts/dra7-evm-common.dtsi
@@ -292,3 +292,19 @@
292&pcie1_rc { 292&pcie1_rc {
293 status = "okay"; 293 status = "okay";
294}; 294};
295
296&mmc4 {
297 bus-width = <4>;
298 cap-power-off-card;
299 keep-power-in-suspend;
300 ti,non-removable;
301
302 #address-cells = <1>;
303 #size-cells = <0>;
304 wlcore: wlcore@2 {
305 compatible = "ti,wl1835";
306 reg = <2>;
307 interrupt-parent = <&gpio5>;
308 interrupts = <7 IRQ_TYPE_EDGE_RISING>;
309 };
310};
diff --git a/arch/arm/boot/dts/dra7-evm.dts b/arch/arm/boot/dts/dra7-evm.dts
index 3f27909b7b46..25070a073a94 100644
--- a/arch/arm/boot/dts/dra7-evm.dts
+++ b/arch/arm/boot/dts/dra7-evm.dts
@@ -907,10 +907,6 @@ i2c_p3_exp: &i2c2 {
907&mmc4 { 907&mmc4 {
908 status = "okay"; 908 status = "okay";
909 vmmc-supply = <&vmmcwl_fixed>; 909 vmmc-supply = <&vmmcwl_fixed>;
910 bus-width = <4>;
911 cap-power-off-card;
912 keep-power-in-suspend;
913 ti,non-removable;
914 910
915 pinctrl-names = "default-rev11", "default", "hs-rev11", "hs", "sdr12-rev11", "sdr12", "sdr25-rev11", "sdr25"; 911 pinctrl-names = "default-rev11", "default", "hs-rev11", "hs", "sdr12-rev11", "sdr12", "sdr25-rev11", "sdr25";
916 pinctrl-0 = <&mmc4_pins_default &mmc4_iodelay_ds_rev11_conf>; 912 pinctrl-0 = <&mmc4_pins_default &mmc4_iodelay_ds_rev11_conf>;
@@ -921,15 +917,6 @@ i2c_p3_exp: &i2c2 {
921 pinctrl-5 = <&mmc4_pins_sdr12 &mmc4_iodelay_sdr12_hs_sdr25_rev20_conf>; 917 pinctrl-5 = <&mmc4_pins_sdr12 &mmc4_iodelay_sdr12_hs_sdr25_rev20_conf>;
922 pinctrl-6 = <&mmc4_pins_sdr25 &mmc4_iodelay_sdr12_hs_sdr25_rev11_conf>; 918 pinctrl-6 = <&mmc4_pins_sdr25 &mmc4_iodelay_sdr12_hs_sdr25_rev11_conf>;
923 pinctrl-7 = <&mmc4_pins_sdr25 &mmc4_iodelay_sdr12_hs_sdr25_rev20_conf>; 919 pinctrl-7 = <&mmc4_pins_sdr25 &mmc4_iodelay_sdr12_hs_sdr25_rev20_conf>;
924
925 #address-cells = <1>;
926 #size-cells = <0>;
927 wlcore: wlcore@2 {
928 compatible = "ti,wl1835";
929 reg = <2>;
930 interrupt-parent = <&gpio5>;
931 interrupts = <7 IRQ_TYPE_LEVEL_HIGH>;
932 };
933}; 920};
934 921
935&oppdm_mpu { 922&oppdm_mpu {
diff --git a/arch/arm/boot/dts/dra7.dtsi b/arch/arm/boot/dts/dra7.dtsi
index 4fa2eedc71f4..9f49f96e6f93 100644
--- a/arch/arm/boot/dts/dra7.dtsi
+++ b/arch/arm/boot/dts/dra7.dtsi
@@ -308,6 +308,7 @@
308 device_type = "pci"; 308 device_type = "pci";
309 ranges = <0x81000000 0 0 0x03000 0 0x00010000 309 ranges = <0x81000000 0 0 0x03000 0 0x00010000
310 0x82000000 0 0x20013000 0x13000 0 0xffed000>; 310 0x82000000 0 0x20013000 0x13000 0 0xffed000>;
311 bus-range = <0x00 0xff>;
311 #interrupt-cells = <1>; 312 #interrupt-cells = <1>;
312 num-lanes = <1>; 313 num-lanes = <1>;
313 linux,pci-domain = <0>; 314 linux,pci-domain = <0>;
@@ -360,6 +361,7 @@
360 device_type = "pci"; 361 device_type = "pci";
361 ranges = <0x81000000 0 0 0x03000 0 0x00010000 362 ranges = <0x81000000 0 0 0x03000 0 0x00010000
362 0x82000000 0 0x30013000 0x13000 0 0xffed000>; 363 0x82000000 0 0x30013000 0x13000 0 0xffed000>;
364 bus-range = <0x00 0xff>;
363 #interrupt-cells = <1>; 365 #interrupt-cells = <1>;
364 num-lanes = <1>; 366 num-lanes = <1>;
365 linux,pci-domain = <1>; 367 linux,pci-domain = <1>;
@@ -2386,4 +2388,24 @@
2386 polling-delay = <500>; /* milliseconds */ 2388 polling-delay = <500>; /* milliseconds */
2387}; 2389};
2388 2390
2391&cpu_crit {
2392 temperature = <120000>; /* milli Celsius */
2393};
2394
2395&core_crit {
2396 temperature = <120000>; /* milli Celsius */
2397};
2398
2399&gpu_crit {
2400 temperature = <120000>; /* milli Celsius */
2401};
2402
2403&dspeve_crit {
2404 temperature = <120000>; /* milli Celsius */
2405};
2406
2407&iva_crit {
2408 temperature = <120000>; /* milli Celsius */
2409};
2410
2389/include/ "dra7xx-clocks.dtsi" 2411/include/ "dra7xx-clocks.dtsi"
diff --git a/arch/arm/boot/dts/dra76-evm-tfp410.dts b/arch/arm/boot/dts/dra76-evm-tfp410.dts
new file mode 100644
index 000000000000..77390c0277ce
--- /dev/null
+++ b/arch/arm/boot/dts/dra76-evm-tfp410.dts
@@ -0,0 +1,105 @@
1/*
2 * Copyright (C) 2017 Texas Instruments Incorporated - http://www.ti.com/
3 *
4 * This program is free software; you can redistribute it and/or modify
5 * it under the terms of the GNU General Public License version 2 as
6 * published by the Free Software Foundation.
7 */
8#include <dra76-evm.dts>
9
10/ {
11 tfp410: encoder@0 {
12 compatible = "ti,tfp410";
13
14 ports {
15 #address-cells = <1>;
16 #size-cells = <0>;
17
18 port@0 {
19 reg = <0>;
20 tfp410_in: endpoint@0 {
21 remote-endpoint = <&dpi_out>;
22 };
23 };
24
25 port@1 {
26 reg = <1>;
27
28 tfp410_out: endpoint@0 {
29 remote-endpoint = <&dvi_connector_in>;
30 };
31 };
32 };
33 };
34
35 dvi0: connector@0 {
36 compatible = "dvi-connector";
37 label = "dvi";
38
39 digital;
40
41 ddc-i2c-bus = <&i2c3>;
42
43 hpd-gpios = <&gpio1 2 GPIO_ACTIVE_HIGH>; /* wakeup2/sys_nirq2/gpio1_2 HPD */
44
45 port {
46 dvi_connector_in: endpoint {
47 remote-endpoint = <&tfp410_out>;
48 };
49 };
50 };
51};
52
53&dss {
54 status = "ok";
55 ports {
56 #address-cells = <1>;
57 #size-cells = <0>;
58 status = "ok";
59
60 port {
61 reg = <0>;
62
63 dpi_out: endpoint {
64 remote-endpoint = <&tfp410_in>;
65 data-lines = <24>;
66 };
67 };
68 };
69};
70
71&gpio3 {
72 p1 {
73 /* GPIO3_1 CON_LCD_PWR_DN */
74 /* This affects the TFP410 and the USB */
75 gpio-hog;
76 gpios = <1 GPIO_ACTIVE_HIGH>;
77 output-low;
78 line-name = "CON_LCD_PWR_DN";
79 };
80};
81
82&i2c3 {
83 clock-frequency = <100000>;
84
85 pcf_tfp: pcf8757@20 {
86 compatible = "ti,pcf8575", "nxp,pcf8575";
87 reg = <0x27>;
88 gpio-controller;
89 #gpio-cells = <2>;
90
91 p2 {
92 gpio-hog;
93 gpios = <2 GPIO_ACTIVE_HIGH>;
94 output-high;
95 line-name = "ct_hpd";
96 };
97
98 p3 {
99 gpio-hog;
100 gpios = <3 GPIO_ACTIVE_HIGH>;
101 output-high;
102 line-name = "ls_oe";
103 };
104 };
105};
diff --git a/arch/arm/boot/dts/dra76-evm.dts b/arch/arm/boot/dts/dra76-evm.dts
index c852a76ec21d..9012e7677e52 100644
--- a/arch/arm/boot/dts/dra76-evm.dts
+++ b/arch/arm/boot/dts/dra76-evm.dts
@@ -119,6 +119,16 @@
119 vin-supply = <&smps5_reg>; 119 vin-supply = <&smps5_reg>;
120 }; 120 };
121 121
122 vmmcwl_fixed: fixedregulator-mmcwl {
123 compatible = "regulator-fixed";
124 regulator-name = "vmmcwl_fixed";
125 regulator-min-microvolt = <1800000>;
126 regulator-max-microvolt = <1800000>;
127 gpio = <&gpio5 8 0>; /* gpio5_8 */
128 startup-delay-us = <70000>;
129 enable-active-high;
130 };
131
122 vtt_fixed: fixedregulator-vtt { 132 vtt_fixed: fixedregulator-vtt {
123 compatible = "regulator-fixed"; 133 compatible = "regulator-fixed";
124 regulator-name = "vtt_fixed"; 134 regulator-name = "vtt_fixed";
@@ -147,6 +157,7 @@
147 compatible = "ti,tps65917"; 157 compatible = "ti,tps65917";
148 reg = <0x58>; 158 reg = <0x58>;
149 ti,system-power-controller; 159 ti,system-power-controller;
160 ti,palmas-override-powerhold;
150 interrupt-controller; 161 interrupt-controller;
151 #interrupt-cells = <2>; 162 #interrupt-cells = <2>;
152 163
@@ -427,6 +438,17 @@
427 pinctrl-3 = <&mmc2_pins_hs200 &mmc2_iodelay_hs200_conf>; 438 pinctrl-3 = <&mmc2_pins_hs200 &mmc2_iodelay_hs200_conf>;
428}; 439};
429 440
441&mmc4 {
442 status = "okay";
443 vmmc-supply = <&vmmcwl_fixed>;
444
445 pinctrl-names = "default", "hs", "sdr12", "sdr25";
446 pinctrl-0 = <&mmc4_pins_hs &mmc4_iodelay_default_conf>;
447 pinctrl-1 = <&mmc4_pins_hs &mmc4_iodelay_manual1_conf>;
448 pinctrl-2 = <&mmc4_pins_hs &mmc4_iodelay_manual1_conf>;
449 pinctrl-3 = <&mmc4_pins_hs &mmc4_iodelay_manual1_conf>;
450};
451
430&oppdm_mpu { 452&oppdm_mpu {
431 vdd-supply = <&buck10_reg>; 453 vdd-supply = <&buck10_reg>;
432}; 454};
diff --git a/arch/arm/boot/dts/kirkwood-openblocks_a7.dts b/arch/arm/boot/dts/kirkwood-openblocks_a7.dts
index d5e3bc518968..d57f48543f76 100644
--- a/arch/arm/boot/dts/kirkwood-openblocks_a7.dts
+++ b/arch/arm/boot/dts/kirkwood-openblocks_a7.dts
@@ -53,7 +53,8 @@
53 }; 53 };
54 54
55 pinctrl: pin-controller@10000 { 55 pinctrl: pin-controller@10000 {
56 pinctrl-0 = <&pmx_dip_switches &pmx_gpio_header>; 56 pinctrl-0 = <&pmx_dip_switches &pmx_gpio_header
57 &pmx_gpio_header_gpo>;
57 pinctrl-names = "default"; 58 pinctrl-names = "default";
58 59
59 pmx_uart0: pmx-uart0 { 60 pmx_uart0: pmx-uart0 {
@@ -85,11 +86,16 @@
85 * ground. 86 * ground.
86 */ 87 */
87 pmx_gpio_header: pmx-gpio-header { 88 pmx_gpio_header: pmx-gpio-header {
88 marvell,pins = "mpp17", "mpp7", "mpp29", "mpp28", 89 marvell,pins = "mpp17", "mpp29", "mpp28",
89 "mpp35", "mpp34", "mpp40"; 90 "mpp35", "mpp34", "mpp40";
90 marvell,function = "gpio"; 91 marvell,function = "gpio";
91 }; 92 };
92 93
94 pmx_gpio_header_gpo: pxm-gpio-header-gpo {
95 marvell,pins = "mpp7";
96 marvell,function = "gpo";
97 };
98
93 pmx_gpio_init: pmx-init { 99 pmx_gpio_init: pmx-init {
94 marvell,pins = "mpp38"; 100 marvell,pins = "mpp38";
95 marvell,function = "gpio"; 101 marvell,function = "gpio";
diff --git a/arch/arm/boot/dts/s5pv210.dtsi b/arch/arm/boot/dts/s5pv210.dtsi
index 8344a0ee2b86..b03fe747b98c 100644
--- a/arch/arm/boot/dts/s5pv210.dtsi
+++ b/arch/arm/boot/dts/s5pv210.dtsi
@@ -461,6 +461,7 @@
461 compatible = "samsung,exynos4210-ohci"; 461 compatible = "samsung,exynos4210-ohci";
462 reg = <0xec300000 0x100>; 462 reg = <0xec300000 0x100>;
463 interrupts = <23>; 463 interrupts = <23>;
464 interrupt-parent = <&vic1>;
464 clocks = <&clocks CLK_USB_HOST>; 465 clocks = <&clocks CLK_USB_HOST>;
465 clock-names = "usbhost"; 466 clock-names = "usbhost";
466 #address-cells = <1>; 467 #address-cells = <1>;
diff --git a/arch/arm/boot/dts/spear1310-evb.dts b/arch/arm/boot/dts/spear1310-evb.dts
index e48857249ce7..3d83992efd90 100644
--- a/arch/arm/boot/dts/spear1310-evb.dts
+++ b/arch/arm/boot/dts/spear1310-evb.dts
@@ -349,7 +349,7 @@
349 spi0: spi@e0100000 { 349 spi0: spi@e0100000 {
350 status = "okay"; 350 status = "okay";
351 num-cs = <3>; 351 num-cs = <3>;
352 cs-gpios = <&gpio1 7 0>, <&spics 0>, <&spics 1>; 352 cs-gpios = <&gpio1 7 0>, <&spics 0 0>, <&spics 1 0>;
353 353
354 stmpe610@0 { 354 stmpe610@0 {
355 compatible = "st,stmpe610"; 355 compatible = "st,stmpe610";
diff --git a/arch/arm/boot/dts/spear1340.dtsi b/arch/arm/boot/dts/spear1340.dtsi
index df2232d767ed..6361cbfcbe5e 100644
--- a/arch/arm/boot/dts/spear1340.dtsi
+++ b/arch/arm/boot/dts/spear1340.dtsi
@@ -141,8 +141,8 @@
141 reg = <0xb4100000 0x1000>; 141 reg = <0xb4100000 0x1000>;
142 interrupts = <0 105 0x4>; 142 interrupts = <0 105 0x4>;
143 status = "disabled"; 143 status = "disabled";
144 dmas = <&dwdma0 0x600 0 0 1>, /* 0xC << 11 */ 144 dmas = <&dwdma0 12 0 1>,
145 <&dwdma0 0x680 0 1 0>; /* 0xD << 7 */ 145 <&dwdma0 13 1 0>;
146 dma-names = "tx", "rx"; 146 dma-names = "tx", "rx";
147 }; 147 };
148 148
diff --git a/arch/arm/boot/dts/spear13xx.dtsi b/arch/arm/boot/dts/spear13xx.dtsi
index 14594ce8c18a..8fd8a3328acb 100644
--- a/arch/arm/boot/dts/spear13xx.dtsi
+++ b/arch/arm/boot/dts/spear13xx.dtsi
@@ -100,7 +100,7 @@
100 reg = <0xb2800000 0x1000>; 100 reg = <0xb2800000 0x1000>;
101 interrupts = <0 29 0x4>; 101 interrupts = <0 29 0x4>;
102 status = "disabled"; 102 status = "disabled";
103 dmas = <&dwdma0 0 0 0 0>; 103 dmas = <&dwdma0 0 0 0>;
104 dma-names = "data"; 104 dma-names = "data";
105 }; 105 };
106 106
@@ -288,8 +288,8 @@
288 #size-cells = <0>; 288 #size-cells = <0>;
289 interrupts = <0 31 0x4>; 289 interrupts = <0 31 0x4>;
290 status = "disabled"; 290 status = "disabled";
291 dmas = <&dwdma0 0x2000 0 0 0>, /* 0x4 << 11 */ 291 dmas = <&dwdma0 4 0 0>,
292 <&dwdma0 0x0280 0 0 0>; /* 0x5 << 7 */ 292 <&dwdma0 5 0 0>;
293 dma-names = "tx", "rx"; 293 dma-names = "tx", "rx";
294 }; 294 };
295 295
diff --git a/arch/arm/boot/dts/spear600.dtsi b/arch/arm/boot/dts/spear600.dtsi
index 9f60a7b6a42b..bd379034993c 100644
--- a/arch/arm/boot/dts/spear600.dtsi
+++ b/arch/arm/boot/dts/spear600.dtsi
@@ -194,6 +194,7 @@
194 rtc@fc900000 { 194 rtc@fc900000 {
195 compatible = "st,spear600-rtc"; 195 compatible = "st,spear600-rtc";
196 reg = <0xfc900000 0x1000>; 196 reg = <0xfc900000 0x1000>;
197 interrupt-parent = <&vic0>;
197 interrupts = <10>; 198 interrupts = <10>;
198 status = "disabled"; 199 status = "disabled";
199 }; 200 };
diff --git a/arch/arm/boot/dts/stih407.dtsi b/arch/arm/boot/dts/stih407.dtsi
index d60f0d8add26..e4b508ce38a2 100644
--- a/arch/arm/boot/dts/stih407.dtsi
+++ b/arch/arm/boot/dts/stih407.dtsi
@@ -8,6 +8,7 @@
8 */ 8 */
9#include "stih407-clock.dtsi" 9#include "stih407-clock.dtsi"
10#include "stih407-family.dtsi" 10#include "stih407-family.dtsi"
11#include <dt-bindings/gpio/gpio.h>
11/ { 12/ {
12 soc { 13 soc {
13 sti-display-subsystem { 14 sti-display-subsystem {
@@ -112,7 +113,7 @@
112 <&clk_s_d2_quadfs 0>, 113 <&clk_s_d2_quadfs 0>,
113 <&clk_s_d2_quadfs 1>; 114 <&clk_s_d2_quadfs 1>;
114 115
115 hdmi,hpd-gpio = <&pio5 3>; 116 hdmi,hpd-gpio = <&pio5 3 GPIO_ACTIVE_LOW>;
116 reset-names = "hdmi"; 117 reset-names = "hdmi";
117 resets = <&softreset STIH407_HDMI_TX_PHY_SOFTRESET>; 118 resets = <&softreset STIH407_HDMI_TX_PHY_SOFTRESET>;
118 ddc = <&hdmiddc>; 119 ddc = <&hdmiddc>;
diff --git a/arch/arm/boot/dts/stih410.dtsi b/arch/arm/boot/dts/stih410.dtsi
index 40318869c733..3c32fb8cdcac 100644
--- a/arch/arm/boot/dts/stih410.dtsi
+++ b/arch/arm/boot/dts/stih410.dtsi
@@ -9,6 +9,7 @@
9#include "stih410-clock.dtsi" 9#include "stih410-clock.dtsi"
10#include "stih407-family.dtsi" 10#include "stih407-family.dtsi"
11#include "stih410-pinctrl.dtsi" 11#include "stih410-pinctrl.dtsi"
12#include <dt-bindings/gpio/gpio.h>
12/ { 13/ {
13 aliases { 14 aliases {
14 bdisp0 = &bdisp0; 15 bdisp0 = &bdisp0;
@@ -203,7 +204,7 @@
203 <&clk_s_d2_quadfs 0>, 204 <&clk_s_d2_quadfs 0>,
204 <&clk_s_d2_quadfs 1>; 205 <&clk_s_d2_quadfs 1>;
205 206
206 hdmi,hpd-gpio = <&pio5 3>; 207 hdmi,hpd-gpio = <&pio5 3 GPIO_ACTIVE_LOW>;
207 reset-names = "hdmi"; 208 reset-names = "hdmi";
208 resets = <&softreset STIH407_HDMI_TX_PHY_SOFTRESET>; 209 resets = <&softreset STIH407_HDMI_TX_PHY_SOFTRESET>;
209 ddc = <&hdmiddc>; 210 ddc = <&hdmiddc>;
diff --git a/arch/arm/include/asm/kvm_arm.h b/arch/arm/include/asm/kvm_arm.h
index 31d33ee41e28..48e6ee2d4f5c 100644
--- a/arch/arm/include/asm/kvm_arm.h
+++ b/arch/arm/include/asm/kvm_arm.h
@@ -162,13 +162,8 @@
162#define VTTBR_X (5 - KVM_T0SZ) 162#define VTTBR_X (5 - KVM_T0SZ)
163#endif 163#endif
164#define VTTBR_BADDR_MASK (((1LLU << (40 - VTTBR_X)) - 1) << VTTBR_X) 164#define VTTBR_BADDR_MASK (((1LLU << (40 - VTTBR_X)) - 1) << VTTBR_X)
165#define VTTBR_VMID_SHIFT (48LLU) 165#define VTTBR_VMID_SHIFT _AC(48, ULL)
166#define VTTBR_VMID_MASK (0xffLLU << VTTBR_VMID_SHIFT) 166#define VTTBR_VMID_MASK(size) (_AT(u64, (1 << size) - 1) << VTTBR_VMID_SHIFT)
167
168/* Hyp Syndrome Register (HSR) bits */
169#define HSR_EC_SHIFT (26)
170#define VTTBR_VMID_SHIFT (48LLU)
171#define VTTBR_VMID_MASK (0xffLLU << VTTBR_VMID_SHIFT)
172 167
173/* Hyp Syndrome Register (HSR) bits */ 168/* Hyp Syndrome Register (HSR) bits */
174#define HSR_EC_SHIFT (26) 169#define HSR_EC_SHIFT (26)
diff --git a/arch/arm/include/asm/mmu_context.h b/arch/arm/include/asm/mmu_context.h
index 9b32f76bb0dd..10f662498eb7 100644
--- a/arch/arm/include/asm/mmu_context.h
+++ b/arch/arm/include/asm/mmu_context.h
@@ -61,6 +61,7 @@ static inline void check_and_switch_context(struct mm_struct *mm,
61 cpu_switch_mm(mm->pgd, mm); 61 cpu_switch_mm(mm->pgd, mm);
62} 62}
63 63
64#ifndef MODULE
64#define finish_arch_post_lock_switch \ 65#define finish_arch_post_lock_switch \
65 finish_arch_post_lock_switch 66 finish_arch_post_lock_switch
66static inline void finish_arch_post_lock_switch(void) 67static inline void finish_arch_post_lock_switch(void)
@@ -82,6 +83,7 @@ static inline void finish_arch_post_lock_switch(void)
82 preempt_enable_no_resched(); 83 preempt_enable_no_resched();
83 } 84 }
84} 85}
86#endif /* !MODULE */
85 87
86#endif /* CONFIG_MMU */ 88#endif /* CONFIG_MMU */
87 89
diff --git a/arch/arm/kvm/handle_exit.c b/arch/arm/kvm/handle_exit.c
index f36b5b1acd1f..05b2f8294968 100644
--- a/arch/arm/kvm/handle_exit.c
+++ b/arch/arm/kvm/handle_exit.c
@@ -45,7 +45,7 @@ static int handle_hvc(struct kvm_vcpu *vcpu, struct kvm_run *run)
45 45
46 ret = kvm_psci_call(vcpu); 46 ret = kvm_psci_call(vcpu);
47 if (ret < 0) { 47 if (ret < 0) {
48 kvm_inject_undefined(vcpu); 48 vcpu_set_reg(vcpu, 0, ~0UL);
49 return 1; 49 return 1;
50 } 50 }
51 51
@@ -54,7 +54,16 @@ static int handle_hvc(struct kvm_vcpu *vcpu, struct kvm_run *run)
54 54
55static int handle_smc(struct kvm_vcpu *vcpu, struct kvm_run *run) 55static int handle_smc(struct kvm_vcpu *vcpu, struct kvm_run *run)
56{ 56{
57 kvm_inject_undefined(vcpu); 57 /*
58 * "If an SMC instruction executed at Non-secure EL1 is
59 * trapped to EL2 because HCR_EL2.TSC is 1, the exception is a
60 * Trap exception, not a Secure Monitor Call exception [...]"
61 *
62 * We need to advance the PC after the trap, as it would
63 * otherwise return to the same address...
64 */
65 vcpu_set_reg(vcpu, 0, ~0UL);
66 kvm_skip_instr(vcpu, kvm_vcpu_trap_il_is32bit(vcpu));
58 return 1; 67 return 1;
59} 68}
60 69
diff --git a/arch/arm/kvm/mmio.c b/arch/arm/kvm/mmio.c
index 3a10c9f1d0a4..387ee2a11e36 100644
--- a/arch/arm/kvm/mmio.c
+++ b/arch/arm/kvm/mmio.c
@@ -113,7 +113,7 @@ int kvm_handle_mmio_return(struct kvm_vcpu *vcpu, struct kvm_run *run)
113 } 113 }
114 114
115 trace_kvm_mmio(KVM_TRACE_MMIO_READ, len, run->mmio.phys_addr, 115 trace_kvm_mmio(KVM_TRACE_MMIO_READ, len, run->mmio.phys_addr,
116 data); 116 &data);
117 data = vcpu_data_host_to_guest(vcpu, data, len); 117 data = vcpu_data_host_to_guest(vcpu, data, len);
118 vcpu_set_reg(vcpu, vcpu->arch.mmio_decode.rt, data); 118 vcpu_set_reg(vcpu, vcpu->arch.mmio_decode.rt, data);
119 } 119 }
@@ -189,14 +189,14 @@ int io_mem_abort(struct kvm_vcpu *vcpu, struct kvm_run *run,
189 data = vcpu_data_guest_to_host(vcpu, vcpu_get_reg(vcpu, rt), 189 data = vcpu_data_guest_to_host(vcpu, vcpu_get_reg(vcpu, rt),
190 len); 190 len);
191 191
192 trace_kvm_mmio(KVM_TRACE_MMIO_WRITE, len, fault_ipa, data); 192 trace_kvm_mmio(KVM_TRACE_MMIO_WRITE, len, fault_ipa, &data);
193 mmio_write_buf(data_buf, len, data); 193 mmio_write_buf(data_buf, len, data);
194 194
195 ret = kvm_io_bus_write(vcpu, KVM_MMIO_BUS, fault_ipa, len, 195 ret = kvm_io_bus_write(vcpu, KVM_MMIO_BUS, fault_ipa, len,
196 data_buf); 196 data_buf);
197 } else { 197 } else {
198 trace_kvm_mmio(KVM_TRACE_MMIO_READ_UNSATISFIED, len, 198 trace_kvm_mmio(KVM_TRACE_MMIO_READ_UNSATISFIED, len,
199 fault_ipa, 0); 199 fault_ipa, NULL);
200 200
201 ret = kvm_io_bus_read(vcpu, KVM_MMIO_BUS, fault_ipa, len, 201 ret = kvm_io_bus_read(vcpu, KVM_MMIO_BUS, fault_ipa, len,
202 data_buf); 202 data_buf);
diff --git a/arch/arm/mach-pxa/tosa-bt.c b/arch/arm/mach-pxa/tosa-bt.c
index e0a53208880a..b59a7a2df4e3 100644
--- a/arch/arm/mach-pxa/tosa-bt.c
+++ b/arch/arm/mach-pxa/tosa-bt.c
@@ -132,3 +132,7 @@ static struct platform_driver tosa_bt_driver = {
132 }, 132 },
133}; 133};
134module_platform_driver(tosa_bt_driver); 134module_platform_driver(tosa_bt_driver);
135
136MODULE_LICENSE("GPL");
137MODULE_AUTHOR("Dmitry Baryshkov");
138MODULE_DESCRIPTION("Bluetooth built-in chip control");
diff --git a/arch/arm/mm/dma-mapping.c b/arch/arm/mm/dma-mapping.c
index 9bfd334f6e9b..fb86f4d89db1 100644
--- a/arch/arm/mm/dma-mapping.c
+++ b/arch/arm/mm/dma-mapping.c
@@ -815,13 +815,31 @@ static void arm_coherent_dma_free(struct device *dev, size_t size, void *cpu_add
815 __arm_dma_free(dev, size, cpu_addr, handle, attrs, true); 815 __arm_dma_free(dev, size, cpu_addr, handle, attrs, true);
816} 816}
817 817
818/*
819 * The whole dma_get_sgtable() idea is fundamentally unsafe - it seems
820 * that the intention is to allow exporting memory allocated via the
821 * coherent DMA APIs through the dma_buf API, which only accepts a
822 * scattertable. This presents a couple of problems:
823 * 1. Not all memory allocated via the coherent DMA APIs is backed by
824 * a struct page
825 * 2. Passing coherent DMA memory into the streaming APIs is not allowed
826 * as we will try to flush the memory through a different alias to that
827 * actually being used (and the flushes are redundant.)
828 */
818int arm_dma_get_sgtable(struct device *dev, struct sg_table *sgt, 829int arm_dma_get_sgtable(struct device *dev, struct sg_table *sgt,
819 void *cpu_addr, dma_addr_t handle, size_t size, 830 void *cpu_addr, dma_addr_t handle, size_t size,
820 struct dma_attrs *attrs) 831 struct dma_attrs *attrs)
821{ 832{
822 struct page *page = pfn_to_page(dma_to_pfn(dev, handle)); 833 unsigned long pfn = dma_to_pfn(dev, handle);
834 struct page *page;
823 int ret; 835 int ret;
824 836
837 /* If the PFN is not valid, we do not have a struct page */
838 if (!pfn_valid(pfn))
839 return -ENXIO;
840
841 page = pfn_to_page(pfn);
842
825 ret = sg_alloc_table(sgt, 1, GFP_KERNEL); 843 ret = sg_alloc_table(sgt, 1, GFP_KERNEL);
826 if (unlikely(ret)) 844 if (unlikely(ret))
827 return ret; 845 return ret;
diff --git a/arch/arm/probes/kprobes/core.c b/arch/arm/probes/kprobes/core.c
index a4ec240ee7ba..3eb018fa1a1f 100644
--- a/arch/arm/probes/kprobes/core.c
+++ b/arch/arm/probes/kprobes/core.c
@@ -433,6 +433,7 @@ static __used __kprobes void *trampoline_handler(struct pt_regs *regs)
433 struct hlist_node *tmp; 433 struct hlist_node *tmp;
434 unsigned long flags, orig_ret_address = 0; 434 unsigned long flags, orig_ret_address = 0;
435 unsigned long trampoline_address = (unsigned long)&kretprobe_trampoline; 435 unsigned long trampoline_address = (unsigned long)&kretprobe_trampoline;
436 kprobe_opcode_t *correct_ret_addr = NULL;
436 437
437 INIT_HLIST_HEAD(&empty_rp); 438 INIT_HLIST_HEAD(&empty_rp);
438 kretprobe_hash_lock(current, &head, &flags); 439 kretprobe_hash_lock(current, &head, &flags);
@@ -455,14 +456,34 @@ static __used __kprobes void *trampoline_handler(struct pt_regs *regs)
455 /* another task is sharing our hash bucket */ 456 /* another task is sharing our hash bucket */
456 continue; 457 continue;
457 458
459 orig_ret_address = (unsigned long)ri->ret_addr;
460
461 if (orig_ret_address != trampoline_address)
462 /*
463 * This is the real return address. Any other
464 * instances associated with this task are for
465 * other calls deeper on the call stack
466 */
467 break;
468 }
469
470 kretprobe_assert(ri, orig_ret_address, trampoline_address);
471
472 correct_ret_addr = ri->ret_addr;
473 hlist_for_each_entry_safe(ri, tmp, head, hlist) {
474 if (ri->task != current)
475 /* another task is sharing our hash bucket */
476 continue;
477
478 orig_ret_address = (unsigned long)ri->ret_addr;
458 if (ri->rp && ri->rp->handler) { 479 if (ri->rp && ri->rp->handler) {
459 __this_cpu_write(current_kprobe, &ri->rp->kp); 480 __this_cpu_write(current_kprobe, &ri->rp->kp);
460 get_kprobe_ctlblk()->kprobe_status = KPROBE_HIT_ACTIVE; 481 get_kprobe_ctlblk()->kprobe_status = KPROBE_HIT_ACTIVE;
482 ri->ret_addr = correct_ret_addr;
461 ri->rp->handler(ri, regs); 483 ri->rp->handler(ri, regs);
462 __this_cpu_write(current_kprobe, NULL); 484 __this_cpu_write(current_kprobe, NULL);
463 } 485 }
464 486
465 orig_ret_address = (unsigned long)ri->ret_addr;
466 recycle_rp_inst(ri, &empty_rp); 487 recycle_rp_inst(ri, &empty_rp);
467 488
468 if (orig_ret_address != trampoline_address) 489 if (orig_ret_address != trampoline_address)
@@ -474,7 +495,6 @@ static __used __kprobes void *trampoline_handler(struct pt_regs *regs)
474 break; 495 break;
475 } 496 }
476 497
477 kretprobe_assert(ri, orig_ret_address, trampoline_address);
478 kretprobe_hash_unlock(current, &flags); 498 kretprobe_hash_unlock(current, &flags);
479 499
480 hlist_for_each_entry_safe(ri, tmp, &empty_rp, hlist) { 500 hlist_for_each_entry_safe(ri, tmp, &empty_rp, hlist) {
diff --git a/arch/arm/probes/kprobes/test-core.c b/arch/arm/probes/kprobes/test-core.c
index 9775de22e2ff..a48354de1aa1 100644
--- a/arch/arm/probes/kprobes/test-core.c
+++ b/arch/arm/probes/kprobes/test-core.c
@@ -976,7 +976,10 @@ static void coverage_end(void)
976void __naked __kprobes_test_case_start(void) 976void __naked __kprobes_test_case_start(void)
977{ 977{
978 __asm__ __volatile__ ( 978 __asm__ __volatile__ (
979 "stmdb sp!, {r4-r11} \n\t" 979 "mov r2, sp \n\t"
980 "bic r3, r2, #7 \n\t"
981 "mov sp, r3 \n\t"
982 "stmdb sp!, {r2-r11} \n\t"
980 "sub sp, sp, #"__stringify(TEST_MEMORY_SIZE)"\n\t" 983 "sub sp, sp, #"__stringify(TEST_MEMORY_SIZE)"\n\t"
981 "bic r0, lr, #1 @ r0 = inline data \n\t" 984 "bic r0, lr, #1 @ r0 = inline data \n\t"
982 "mov r1, sp \n\t" 985 "mov r1, sp \n\t"
@@ -996,7 +999,8 @@ void __naked __kprobes_test_case_end_32(void)
996 "movne pc, r0 \n\t" 999 "movne pc, r0 \n\t"
997 "mov r0, r4 \n\t" 1000 "mov r0, r4 \n\t"
998 "add sp, sp, #"__stringify(TEST_MEMORY_SIZE)"\n\t" 1001 "add sp, sp, #"__stringify(TEST_MEMORY_SIZE)"\n\t"
999 "ldmia sp!, {r4-r11} \n\t" 1002 "ldmia sp!, {r2-r11} \n\t"
1003 "mov sp, r2 \n\t"
1000 "mov pc, r0 \n\t" 1004 "mov pc, r0 \n\t"
1001 ); 1005 );
1002} 1006}
@@ -1012,7 +1016,8 @@ void __naked __kprobes_test_case_end_16(void)
1012 "bxne r0 \n\t" 1016 "bxne r0 \n\t"
1013 "mov r0, r4 \n\t" 1017 "mov r0, r4 \n\t"
1014 "add sp, sp, #"__stringify(TEST_MEMORY_SIZE)"\n\t" 1018 "add sp, sp, #"__stringify(TEST_MEMORY_SIZE)"\n\t"
1015 "ldmia sp!, {r4-r11} \n\t" 1019 "ldmia sp!, {r2-r11} \n\t"
1020 "mov sp, r2 \n\t"
1016 "bx r0 \n\t" 1021 "bx r0 \n\t"
1017 ); 1022 );
1018} 1023}
diff --git a/arch/arm64/Kconfig b/arch/arm64/Kconfig
index 190471794853..e8c8d5b69886 100644
--- a/arch/arm64/Kconfig
+++ b/arch/arm64/Kconfig
@@ -59,6 +59,7 @@ config ARM64
59 select HAVE_ARCH_SECCOMP_FILTER 59 select HAVE_ARCH_SECCOMP_FILTER
60 select HAVE_ARCH_TRACEHOOK 60 select HAVE_ARCH_TRACEHOOK
61 select HAVE_BPF_JIT 61 select HAVE_BPF_JIT
62 select HAVE_EBPF_JIT
62 select HAVE_C_RECORDMCOUNT 63 select HAVE_C_RECORDMCOUNT
63 select HAVE_CC_STACKPROTECTOR 64 select HAVE_CC_STACKPROTECTOR
64 select HAVE_CMPXCHG_DOUBLE 65 select HAVE_CMPXCHG_DOUBLE
@@ -687,6 +688,18 @@ config FORCE_MAX_ZONEORDER
687 However for 4K, we choose a higher default value, 11 as opposed to 10, giving us 688 However for 4K, we choose a higher default value, 11 as opposed to 10, giving us
688 4M allocations matching the default size used by generic code. 689 4M allocations matching the default size used by generic code.
689 690
691config UNMAP_KERNEL_AT_EL0
692 bool "Unmap kernel when running in userspace (aka \"KAISER\")" if EXPERT
693 default y
694 help
695 Speculation attacks against some high-performance processors can
696 be used to bypass MMU permission checks and leak kernel data to
697 userspace. This can be defended against by unmapping the kernel
698 when running in userspace, mapping it back in on exception entry
699 via a trampoline page in the vector table.
700
701 If unsure, say Y.
702
690menuconfig ARMV8_DEPRECATED 703menuconfig ARMV8_DEPRECATED
691 bool "Emulate deprecated/obsolete ARMv8 instructions" 704 bool "Emulate deprecated/obsolete ARMv8 instructions"
692 depends on COMPAT 705 depends on COMPAT
diff --git a/arch/arm64/include/asm/assembler.h b/arch/arm64/include/asm/assembler.h
index e450bb6d21bd..5f6c8345c0e6 100644
--- a/arch/arm64/include/asm/assembler.h
+++ b/arch/arm64/include/asm/assembler.h
@@ -398,17 +398,4 @@ alternative_endif
398 mrs \rd, sp_el0 398 mrs \rd, sp_el0
399 .endm 399 .endm
400 400
401/*
402 * Errata workaround post TTBR0_EL1 update.
403 */
404 .macro post_ttbr0_update_workaround
405#ifdef CONFIG_CAVIUM_ERRATUM_27456
406alternative_if ARM64_WORKAROUND_CAVIUM_27456
407 ic iallu
408 dsb nsh
409 isb
410alternative_else_nop_endif
411#endif
412 .endm
413
414#endif /* __ASM_ASSEMBLER_H */ 401#endif /* __ASM_ASSEMBLER_H */
diff --git a/arch/arm64/include/asm/cpufeature.h b/arch/arm64/include/asm/cpufeature.h
index 8e1f826caf99..2c6497a042b1 100644
--- a/arch/arm64/include/asm/cpufeature.h
+++ b/arch/arm64/include/asm/cpufeature.h
@@ -33,10 +33,11 @@
33#define ARM64_HAS_NO_HW_PREFETCH 8 33#define ARM64_HAS_NO_HW_PREFETCH 8
34#define ARM64_HAS_UAO 9 34#define ARM64_HAS_UAO 9
35#define ARM64_ALT_PAN_NOT_UAO 10 35#define ARM64_ALT_PAN_NOT_UAO 10
36#define ARM64_HAS_VIRT_HOST_EXTN 11
37#define ARM64_WORKAROUND_CAVIUM_27456 12
38#define ARM64_UNMAP_KERNEL_AT_EL0 23
36 39
37#define ARM64_WORKAROUND_CAVIUM_27456 11 40#define ARM64_NCAPS 24
38#define ARM64_HAS_VIRT_HOST_EXTN 12
39#define ARM64_NCAPS 13
40 41
41#ifndef __ASSEMBLY__ 42#ifndef __ASSEMBLY__
42 43
diff --git a/arch/arm64/include/asm/efi.h b/arch/arm64/include/asm/efi.h
index 932f5a56d1a6..48e317e4a32d 100644
--- a/arch/arm64/include/asm/efi.h
+++ b/arch/arm64/include/asm/efi.h
@@ -76,12 +76,14 @@ static inline void efi_set_pgd(struct mm_struct *mm)
76 if (mm != current->active_mm) { 76 if (mm != current->active_mm) {
77 /* 77 /*
78 * Update the current thread's saved ttbr0 since it is 78 * Update the current thread's saved ttbr0 since it is
79 * restored as part of a return from exception. Set 79 * restored as part of a return from exception. Enable
80 * the hardware TTBR0_EL1 using cpu_switch_mm() 80 * access to the valid TTBR0_EL1 and invoke the errata
81 * directly to enable potential errata workarounds. 81 * workaround directly since there is no return from
82 * exception when invoking the EFI run-time services.
82 */ 83 */
83 update_saved_ttbr0(current, mm); 84 update_saved_ttbr0(current, mm);
84 cpu_switch_mm(mm->pgd, mm); 85 uaccess_ttbr0_enable();
86 post_ttbr_update_workaround();
85 } else { 87 } else {
86 /* 88 /*
87 * Defer the switch to the current thread's TTBR0_EL1 89 * Defer the switch to the current thread's TTBR0_EL1
@@ -89,7 +91,7 @@ static inline void efi_set_pgd(struct mm_struct *mm)
89 * thread's saved ttbr0 corresponding to its active_mm 91 * thread's saved ttbr0 corresponding to its active_mm
90 * (if different from init_mm). 92 * (if different from init_mm).
91 */ 93 */
92 cpu_set_reserved_ttbr0(); 94 uaccess_ttbr0_disable();
93 if (current->active_mm != &init_mm) 95 if (current->active_mm != &init_mm)
94 update_saved_ttbr0(current, current->active_mm); 96 update_saved_ttbr0(current, current->active_mm);
95 } 97 }
diff --git a/arch/arm64/include/asm/esr.h b/arch/arm64/include/asm/esr.h
index f772e15c4766..2d4e9c26f8f6 100644
--- a/arch/arm64/include/asm/esr.h
+++ b/arch/arm64/include/asm/esr.h
@@ -109,6 +109,46 @@
109 ((ESR_ELx_EC_BRK64 << ESR_ELx_EC_SHIFT) | ESR_ELx_IL | \ 109 ((ESR_ELx_EC_BRK64 << ESR_ELx_EC_SHIFT) | ESR_ELx_IL | \
110 ((imm) & 0xffff)) 110 ((imm) & 0xffff))
111 111
112/* ISS field definitions for System instruction traps */
113#define ESR_ELx_SYS64_ISS_RES0_SHIFT 22
114#define ESR_ELx_SYS64_ISS_RES0_MASK (UL(0x7) << ESR_ELx_SYS64_ISS_RES0_SHIFT)
115#define ESR_ELx_SYS64_ISS_DIR_MASK 0x1
116#define ESR_ELx_SYS64_ISS_DIR_READ 0x1
117#define ESR_ELx_SYS64_ISS_DIR_WRITE 0x0
118
119#define ESR_ELx_SYS64_ISS_RT_SHIFT 5
120#define ESR_ELx_SYS64_ISS_RT_MASK (UL(0x1f) << ESR_ELx_SYS64_ISS_RT_SHIFT)
121#define ESR_ELx_SYS64_ISS_CRM_SHIFT 1
122#define ESR_ELx_SYS64_ISS_CRM_MASK (UL(0xf) << ESR_ELx_SYS64_ISS_CRM_SHIFT)
123#define ESR_ELx_SYS64_ISS_CRN_SHIFT 10
124#define ESR_ELx_SYS64_ISS_CRN_MASK (UL(0xf) << ESR_ELx_SYS64_ISS_CRN_SHIFT)
125#define ESR_ELx_SYS64_ISS_OP1_SHIFT 14
126#define ESR_ELx_SYS64_ISS_OP1_MASK (UL(0x7) << ESR_ELx_SYS64_ISS_OP1_SHIFT)
127#define ESR_ELx_SYS64_ISS_OP2_SHIFT 17
128#define ESR_ELx_SYS64_ISS_OP2_MASK (UL(0x7) << ESR_ELx_SYS64_ISS_OP2_SHIFT)
129#define ESR_ELx_SYS64_ISS_OP0_SHIFT 20
130#define ESR_ELx_SYS64_ISS_OP0_MASK (UL(0x3) << ESR_ELx_SYS64_ISS_OP0_SHIFT)
131#define ESR_ELx_SYS64_ISS_SYS_MASK (ESR_ELx_SYS64_ISS_OP0_MASK | \
132 ESR_ELx_SYS64_ISS_OP1_MASK | \
133 ESR_ELx_SYS64_ISS_OP2_MASK | \
134 ESR_ELx_SYS64_ISS_CRN_MASK | \
135 ESR_ELx_SYS64_ISS_CRM_MASK)
136#define ESR_ELx_SYS64_ISS_SYS_VAL(op0, op1, op2, crn, crm) \
137 (((op0) << ESR_ELx_SYS64_ISS_OP0_SHIFT) | \
138 ((op1) << ESR_ELx_SYS64_ISS_OP1_SHIFT) | \
139 ((op2) << ESR_ELx_SYS64_ISS_OP2_SHIFT) | \
140 ((crn) << ESR_ELx_SYS64_ISS_CRN_SHIFT) | \
141 ((crm) << ESR_ELx_SYS64_ISS_CRM_SHIFT))
142
143#define ESR_ELx_SYS64_ISS_SYS_OP_MASK (ESR_ELx_SYS64_ISS_SYS_MASK | \
144 ESR_ELx_SYS64_ISS_DIR_MASK)
145
146#define ESR_ELx_SYS64_ISS_SYS_CNTVCT (ESR_ELx_SYS64_ISS_SYS_VAL(3, 3, 2, 14, 0) | \
147 ESR_ELx_SYS64_ISS_DIR_READ)
148
149#define ESR_ELx_SYS64_ISS_SYS_CNTFRQ (ESR_ELx_SYS64_ISS_SYS_VAL(3, 3, 0, 14, 0) | \
150 ESR_ELx_SYS64_ISS_DIR_READ)
151
112#ifndef __ASSEMBLY__ 152#ifndef __ASSEMBLY__
113#include <asm/types.h> 153#include <asm/types.h>
114 154
diff --git a/arch/arm64/include/asm/fixmap.h b/arch/arm64/include/asm/fixmap.h
index 1a617d46fce9..03a1e908b8e9 100644
--- a/arch/arm64/include/asm/fixmap.h
+++ b/arch/arm64/include/asm/fixmap.h
@@ -50,6 +50,11 @@ enum fixed_addresses {
50 50
51 FIX_EARLYCON_MEM_BASE, 51 FIX_EARLYCON_MEM_BASE,
52 FIX_TEXT_POKE0, 52 FIX_TEXT_POKE0,
53#ifdef CONFIG_UNMAP_KERNEL_AT_EL0
54 FIX_ENTRY_TRAMP_DATA,
55 FIX_ENTRY_TRAMP_TEXT,
56#define TRAMP_VALIAS (__fix_to_virt(FIX_ENTRY_TRAMP_TEXT))
57#endif /* CONFIG_UNMAP_KERNEL_AT_EL0 */
53 __end_of_permanent_fixed_addresses, 58 __end_of_permanent_fixed_addresses,
54 59
55 /* 60 /*
diff --git a/arch/arm64/include/asm/kernel-pgtable.h b/arch/arm64/include/asm/kernel-pgtable.h
index 7803343e5881..77a27af01371 100644
--- a/arch/arm64/include/asm/kernel-pgtable.h
+++ b/arch/arm64/include/asm/kernel-pgtable.h
@@ -78,8 +78,16 @@
78/* 78/*
79 * Initial memory map attributes. 79 * Initial memory map attributes.
80 */ 80 */
81#define SWAPPER_PTE_FLAGS (PTE_TYPE_PAGE | PTE_AF | PTE_SHARED) 81#define _SWAPPER_PTE_FLAGS (PTE_TYPE_PAGE | PTE_AF | PTE_SHARED)
82#define SWAPPER_PMD_FLAGS (PMD_TYPE_SECT | PMD_SECT_AF | PMD_SECT_S) 82#define _SWAPPER_PMD_FLAGS (PMD_TYPE_SECT | PMD_SECT_AF | PMD_SECT_S)
83
84#ifdef CONFIG_UNMAP_KERNEL_AT_EL0
85#define SWAPPER_PTE_FLAGS (_SWAPPER_PTE_FLAGS | PTE_NG)
86#define SWAPPER_PMD_FLAGS (_SWAPPER_PMD_FLAGS | PMD_SECT_NG)
87#else
88#define SWAPPER_PTE_FLAGS _SWAPPER_PTE_FLAGS
89#define SWAPPER_PMD_FLAGS _SWAPPER_PMD_FLAGS
90#endif
83 91
84#if ARM64_SWAPPER_USES_SECTION_MAPS 92#if ARM64_SWAPPER_USES_SECTION_MAPS
85#define SWAPPER_MM_MMUFLAGS (PMD_ATTRINDX(MT_NORMAL) | SWAPPER_PMD_FLAGS) 93#define SWAPPER_MM_MMUFLAGS (PMD_ATTRINDX(MT_NORMAL) | SWAPPER_PMD_FLAGS)
diff --git a/arch/arm64/include/asm/mmu.h b/arch/arm64/include/asm/mmu.h
index 5472251c8e6c..f7448b6afe58 100644
--- a/arch/arm64/include/asm/mmu.h
+++ b/arch/arm64/include/asm/mmu.h
@@ -16,6 +16,11 @@
16#ifndef __ASM_MMU_H 16#ifndef __ASM_MMU_H
17#define __ASM_MMU_H 17#define __ASM_MMU_H
18 18
19#define USER_ASID_FLAG (UL(1) << 48)
20#define TTBR_ASID_MASK (UL(0xffff) << 48)
21
22#ifndef __ASSEMBLY__
23
19typedef struct { 24typedef struct {
20 atomic64_t id; 25 atomic64_t id;
21 void *vdso; 26 void *vdso;
@@ -28,6 +33,12 @@ typedef struct {
28 */ 33 */
29#define ASID(mm) ((mm)->context.id.counter & 0xffff) 34#define ASID(mm) ((mm)->context.id.counter & 0xffff)
30 35
36static inline bool arm64_kernel_unmapped_at_el0(void)
37{
38 return IS_ENABLED(CONFIG_UNMAP_KERNEL_AT_EL0) &&
39 cpus_have_cap(ARM64_UNMAP_KERNEL_AT_EL0);
40}
41
31extern void paging_init(void); 42extern void paging_init(void);
32extern void __iomem *early_io_map(phys_addr_t phys, unsigned long virt); 43extern void __iomem *early_io_map(phys_addr_t phys, unsigned long virt);
33extern void init_mem_pgprot(void); 44extern void init_mem_pgprot(void);
@@ -36,4 +47,5 @@ extern void create_pgd_mapping(struct mm_struct *mm, phys_addr_t phys,
36 pgprot_t prot, bool allow_block_mappings); 47 pgprot_t prot, bool allow_block_mappings);
37extern void *fixmap_remap_fdt(phys_addr_t dt_phys); 48extern void *fixmap_remap_fdt(phys_addr_t dt_phys);
38 49
50#endif /* !__ASSEMBLY__ */
39#endif 51#endif
diff --git a/arch/arm64/include/asm/mmu_context.h b/arch/arm64/include/asm/mmu_context.h
index e53d30c6f779..5c1b168a3c22 100644
--- a/arch/arm64/include/asm/mmu_context.h
+++ b/arch/arm64/include/asm/mmu_context.h
@@ -59,6 +59,13 @@ static inline void cpu_set_reserved_ttbr0(void)
59 : "r" (ttbr)); 59 : "r" (ttbr));
60} 60}
61 61
62static inline void cpu_switch_mm(pgd_t *pgd, struct mm_struct *mm)
63{
64 BUG_ON(pgd == swapper_pg_dir);
65 cpu_set_reserved_ttbr0();
66 cpu_do_switch_mm(virt_to_phys(pgd),mm);
67}
68
62/* 69/*
63 * TCR.T0SZ value to use when the ID map is active. Usually equals 70 * TCR.T0SZ value to use when the ID map is active. Usually equals
64 * TCR_T0SZ(VA_BITS), unless system RAM is positioned very high in 71 * TCR_T0SZ(VA_BITS), unless system RAM is positioned very high in
@@ -179,9 +186,10 @@ static inline void update_saved_ttbr0(struct task_struct *tsk,
179 struct mm_struct *mm) 186 struct mm_struct *mm)
180{ 187{
181 if (system_uses_ttbr0_pan()) { 188 if (system_uses_ttbr0_pan()) {
189 u64 ttbr;
182 BUG_ON(mm->pgd == swapper_pg_dir); 190 BUG_ON(mm->pgd == swapper_pg_dir);
183 task_thread_info(tsk)->ttbr0 = 191 ttbr = virt_to_phys(mm->pgd) | ASID(mm) << 48;
184 virt_to_phys(mm->pgd) | ASID(mm) << 48; 192 WRITE_ONCE(task_thread_info(tsk)->ttbr0, ttbr);
185 } 193 }
186} 194}
187#else 195#else
@@ -228,4 +236,6 @@ switch_mm(struct mm_struct *prev, struct mm_struct *next,
228#define deactivate_mm(tsk,mm) do { } while (0) 236#define deactivate_mm(tsk,mm) do { } while (0)
229#define activate_mm(prev,next) switch_mm(prev, next, current) 237#define activate_mm(prev,next) switch_mm(prev, next, current)
230 238
239void post_ttbr_update_workaround(void);
240
231#endif 241#endif
diff --git a/arch/arm64/include/asm/pgtable-hwdef.h b/arch/arm64/include/asm/pgtable-hwdef.h
index 9786f770088d..d7890c0f2d3d 100644
--- a/arch/arm64/include/asm/pgtable-hwdef.h
+++ b/arch/arm64/include/asm/pgtable-hwdef.h
@@ -224,6 +224,8 @@
224#define TCR_TG1_16K (UL(1) << 30) 224#define TCR_TG1_16K (UL(1) << 30)
225#define TCR_TG1_4K (UL(2) << 30) 225#define TCR_TG1_4K (UL(2) << 30)
226#define TCR_TG1_64K (UL(3) << 30) 226#define TCR_TG1_64K (UL(3) << 30)
227
228#define TCR_A1 (UL(1) << 22)
227#define TCR_ASID16 (UL(1) << 36) 229#define TCR_ASID16 (UL(1) << 36)
228#define TCR_TBI0 (UL(1) << 37) 230#define TCR_TBI0 (UL(1) << 37)
229#define TCR_HA (UL(1) << 39) 231#define TCR_HA (UL(1) << 39)
diff --git a/arch/arm64/include/asm/pgtable.h b/arch/arm64/include/asm/pgtable.h
index 9a09ccf7122d..7519016e9846 100644
--- a/arch/arm64/include/asm/pgtable.h
+++ b/arch/arm64/include/asm/pgtable.h
@@ -61,8 +61,16 @@ extern void __pmd_error(const char *file, int line, unsigned long val);
61extern void __pud_error(const char *file, int line, unsigned long val); 61extern void __pud_error(const char *file, int line, unsigned long val);
62extern void __pgd_error(const char *file, int line, unsigned long val); 62extern void __pgd_error(const char *file, int line, unsigned long val);
63 63
64#define PROT_DEFAULT (PTE_TYPE_PAGE | PTE_AF | PTE_SHARED) 64#define _PROT_DEFAULT (PTE_TYPE_PAGE | PTE_AF | PTE_SHARED)
65#define PROT_SECT_DEFAULT (PMD_TYPE_SECT | PMD_SECT_AF | PMD_SECT_S) 65#define _PROT_SECT_DEFAULT (PMD_TYPE_SECT | PMD_SECT_AF | PMD_SECT_S)
66
67#ifdef CONFIG_UNMAP_KERNEL_AT_EL0
68#define PROT_DEFAULT (_PROT_DEFAULT | PTE_NG)
69#define PROT_SECT_DEFAULT (_PROT_SECT_DEFAULT | PMD_SECT_NG)
70#else
71#define PROT_DEFAULT _PROT_DEFAULT
72#define PROT_SECT_DEFAULT _PROT_SECT_DEFAULT
73#endif /* CONFIG_UNMAP_KERNEL_AT_EL0 */
66 74
67#define PROT_DEVICE_nGnRnE (PROT_DEFAULT | PTE_PXN | PTE_UXN | PTE_DIRTY | PTE_WRITE | PTE_ATTRINDX(MT_DEVICE_nGnRnE)) 75#define PROT_DEVICE_nGnRnE (PROT_DEFAULT | PTE_PXN | PTE_UXN | PTE_DIRTY | PTE_WRITE | PTE_ATTRINDX(MT_DEVICE_nGnRnE))
68#define PROT_DEVICE_nGnRE (PROT_DEFAULT | PTE_PXN | PTE_UXN | PTE_DIRTY | PTE_WRITE | PTE_ATTRINDX(MT_DEVICE_nGnRE)) 76#define PROT_DEVICE_nGnRE (PROT_DEFAULT | PTE_PXN | PTE_UXN | PTE_DIRTY | PTE_WRITE | PTE_ATTRINDX(MT_DEVICE_nGnRE))
@@ -75,6 +83,7 @@ extern void __pgd_error(const char *file, int line, unsigned long val);
75#define PROT_SECT_NORMAL_EXEC (PROT_SECT_DEFAULT | PMD_SECT_UXN | PMD_ATTRINDX(MT_NORMAL)) 83#define PROT_SECT_NORMAL_EXEC (PROT_SECT_DEFAULT | PMD_SECT_UXN | PMD_ATTRINDX(MT_NORMAL))
76 84
77#define _PAGE_DEFAULT (PROT_DEFAULT | PTE_ATTRINDX(MT_NORMAL)) 85#define _PAGE_DEFAULT (PROT_DEFAULT | PTE_ATTRINDX(MT_NORMAL))
86#define _HYP_PAGE_DEFAULT (_PAGE_DEFAULT & ~PTE_NG)
78 87
79#define PAGE_KERNEL __pgprot(_PAGE_DEFAULT | PTE_PXN | PTE_UXN | PTE_DIRTY | PTE_WRITE) 88#define PAGE_KERNEL __pgprot(_PAGE_DEFAULT | PTE_PXN | PTE_UXN | PTE_DIRTY | PTE_WRITE)
80#define PAGE_KERNEL_RO __pgprot(_PAGE_DEFAULT | PTE_PXN | PTE_UXN | PTE_DIRTY | PTE_RDONLY) 89#define PAGE_KERNEL_RO __pgprot(_PAGE_DEFAULT | PTE_PXN | PTE_UXN | PTE_DIRTY | PTE_RDONLY)
@@ -82,13 +91,13 @@ extern void __pgd_error(const char *file, int line, unsigned long val);
82#define PAGE_KERNEL_EXEC __pgprot(_PAGE_DEFAULT | PTE_UXN | PTE_DIRTY | PTE_WRITE) 91#define PAGE_KERNEL_EXEC __pgprot(_PAGE_DEFAULT | PTE_UXN | PTE_DIRTY | PTE_WRITE)
83#define PAGE_KERNEL_EXEC_CONT __pgprot(_PAGE_DEFAULT | PTE_UXN | PTE_DIRTY | PTE_WRITE | PTE_CONT) 92#define PAGE_KERNEL_EXEC_CONT __pgprot(_PAGE_DEFAULT | PTE_UXN | PTE_DIRTY | PTE_WRITE | PTE_CONT)
84 93
85#define PAGE_HYP __pgprot(_PAGE_DEFAULT | PTE_HYP) 94#define PAGE_HYP __pgprot(_HYP_PAGE_DEFAULT | PTE_HYP)
86#define PAGE_HYP_DEVICE __pgprot(PROT_DEVICE_nGnRE | PTE_HYP) 95#define PAGE_HYP_DEVICE __pgprot(PROT_DEVICE_nGnRE | PTE_HYP)
87 96
88#define PAGE_S2 __pgprot(PROT_DEFAULT | PTE_S2_MEMATTR(MT_S2_NORMAL) | PTE_S2_RDONLY) 97#define PAGE_S2 __pgprot(PROT_DEFAULT | PTE_S2_MEMATTR(MT_S2_NORMAL) | PTE_S2_RDONLY)
89#define PAGE_S2_DEVICE __pgprot(PROT_DEFAULT | PTE_S2_MEMATTR(MT_S2_DEVICE_nGnRE) | PTE_S2_RDONLY | PTE_UXN) 98#define PAGE_S2_DEVICE __pgprot(PROT_DEFAULT | PTE_S2_MEMATTR(MT_S2_DEVICE_nGnRE) | PTE_S2_RDONLY | PTE_UXN)
90 99
91#define PAGE_NONE __pgprot(((_PAGE_DEFAULT) & ~PTE_VALID) | PTE_PROT_NONE | PTE_PXN | PTE_UXN) 100#define PAGE_NONE __pgprot(((_PAGE_DEFAULT) & ~PTE_VALID) | PTE_PROT_NONE | PTE_NG | PTE_PXN | PTE_UXN)
92#define PAGE_SHARED __pgprot(_PAGE_DEFAULT | PTE_USER | PTE_NG | PTE_PXN | PTE_UXN | PTE_WRITE) 101#define PAGE_SHARED __pgprot(_PAGE_DEFAULT | PTE_USER | PTE_NG | PTE_PXN | PTE_UXN | PTE_WRITE)
93#define PAGE_SHARED_EXEC __pgprot(_PAGE_DEFAULT | PTE_USER | PTE_NG | PTE_PXN | PTE_WRITE) 102#define PAGE_SHARED_EXEC __pgprot(_PAGE_DEFAULT | PTE_USER | PTE_NG | PTE_PXN | PTE_WRITE)
94#define PAGE_COPY __pgprot(_PAGE_DEFAULT | PTE_USER | PTE_NG | PTE_PXN | PTE_UXN) 103#define PAGE_COPY __pgprot(_PAGE_DEFAULT | PTE_USER | PTE_NG | PTE_PXN | PTE_UXN)
@@ -706,6 +715,7 @@ static inline void pmdp_set_wrprotect(struct mm_struct *mm,
706 715
707extern pgd_t swapper_pg_dir[PTRS_PER_PGD]; 716extern pgd_t swapper_pg_dir[PTRS_PER_PGD];
708extern pgd_t idmap_pg_dir[PTRS_PER_PGD]; 717extern pgd_t idmap_pg_dir[PTRS_PER_PGD];
718extern pgd_t tramp_pg_dir[PTRS_PER_PGD];
709 719
710/* 720/*
711 * Encode and decode a swap entry: 721 * Encode and decode a swap entry:
diff --git a/arch/arm64/include/asm/proc-fns.h b/arch/arm64/include/asm/proc-fns.h
index 14ad6e4e87d1..16cef2e8449e 100644
--- a/arch/arm64/include/asm/proc-fns.h
+++ b/arch/arm64/include/asm/proc-fns.h
@@ -35,12 +35,6 @@ extern u64 cpu_do_resume(phys_addr_t ptr, u64 idmap_ttbr);
35 35
36#include <asm/memory.h> 36#include <asm/memory.h>
37 37
38#define cpu_switch_mm(pgd,mm) \
39do { \
40 BUG_ON(pgd == swapper_pg_dir); \
41 cpu_do_switch_mm(virt_to_phys(pgd),mm); \
42} while (0)
43
44#endif /* __ASSEMBLY__ */ 38#endif /* __ASSEMBLY__ */
45#endif /* __KERNEL__ */ 39#endif /* __KERNEL__ */
46#endif /* __ASM_PROCFNS_H */ 40#endif /* __ASM_PROCFNS_H */
diff --git a/arch/arm64/include/asm/tlbflush.h b/arch/arm64/include/asm/tlbflush.h
index b460ae28e346..ad6bd8b26ada 100644
--- a/arch/arm64/include/asm/tlbflush.h
+++ b/arch/arm64/include/asm/tlbflush.h
@@ -23,6 +23,30 @@
23 23
24#include <linux/sched.h> 24#include <linux/sched.h>
25#include <asm/cputype.h> 25#include <asm/cputype.h>
26#include <asm/mmu.h>
27
28/*
29 * Raw TLBI operations.
30 *
31 * Where necessary, use the __tlbi() macro to avoid asm()
32 * boilerplate. Drivers and most kernel code should use the TLB
33 * management routines in preference to the macro below.
34 *
35 * The macro can be used as __tlbi(op) or __tlbi(op, arg), depending
36 * on whether a particular TLBI operation takes an argument or
37 * not. The macros handles invoking the asm with or without the
38 * register argument as appropriate.
39 */
40#define __TLBI_0(op, arg) asm ("tlbi " #op)
41#define __TLBI_1(op, arg) asm ("tlbi " #op ", %0" : : "r" (arg))
42#define __TLBI_N(op, arg, n, ...) __TLBI_##n(op, arg)
43
44#define __tlbi(op, ...) __TLBI_N(op, ##__VA_ARGS__, 1, 0)
45
46#define __tlbi_user(op, arg) do { \
47 if (arm64_kernel_unmapped_at_el0()) \
48 __tlbi(op, (arg) | USER_ASID_FLAG); \
49} while (0)
26 50
27/* 51/*
28 * TLB Management 52 * TLB Management
@@ -66,7 +90,7 @@
66static inline void local_flush_tlb_all(void) 90static inline void local_flush_tlb_all(void)
67{ 91{
68 dsb(nshst); 92 dsb(nshst);
69 asm("tlbi vmalle1"); 93 __tlbi(vmalle1);
70 dsb(nsh); 94 dsb(nsh);
71 isb(); 95 isb();
72} 96}
@@ -74,7 +98,7 @@ static inline void local_flush_tlb_all(void)
74static inline void flush_tlb_all(void) 98static inline void flush_tlb_all(void)
75{ 99{
76 dsb(ishst); 100 dsb(ishst);
77 asm("tlbi vmalle1is"); 101 __tlbi(vmalle1is);
78 dsb(ish); 102 dsb(ish);
79 isb(); 103 isb();
80} 104}
@@ -84,7 +108,8 @@ static inline void flush_tlb_mm(struct mm_struct *mm)
84 unsigned long asid = ASID(mm) << 48; 108 unsigned long asid = ASID(mm) << 48;
85 109
86 dsb(ishst); 110 dsb(ishst);
87 asm("tlbi aside1is, %0" : : "r" (asid)); 111 __tlbi(aside1is, asid);
112 __tlbi_user(aside1is, asid);
88 dsb(ish); 113 dsb(ish);
89} 114}
90 115
@@ -94,7 +119,8 @@ static inline void flush_tlb_page(struct vm_area_struct *vma,
94 unsigned long addr = uaddr >> 12 | (ASID(vma->vm_mm) << 48); 119 unsigned long addr = uaddr >> 12 | (ASID(vma->vm_mm) << 48);
95 120
96 dsb(ishst); 121 dsb(ishst);
97 asm("tlbi vale1is, %0" : : "r" (addr)); 122 __tlbi(vale1is, addr);
123 __tlbi_user(vale1is, addr);
98 dsb(ish); 124 dsb(ish);
99} 125}
100 126
@@ -121,10 +147,13 @@ static inline void __flush_tlb_range(struct vm_area_struct *vma,
121 147
122 dsb(ishst); 148 dsb(ishst);
123 for (addr = start; addr < end; addr += 1 << (PAGE_SHIFT - 12)) { 149 for (addr = start; addr < end; addr += 1 << (PAGE_SHIFT - 12)) {
124 if (last_level) 150 if (last_level) {
125 asm("tlbi vale1is, %0" : : "r"(addr)); 151 __tlbi(vale1is, addr);
126 else 152 __tlbi_user(vale1is, addr);
127 asm("tlbi vae1is, %0" : : "r"(addr)); 153 } else {
154 __tlbi(vae1is, addr);
155 __tlbi_user(vae1is, addr);
156 }
128 } 157 }
129 dsb(ish); 158 dsb(ish);
130} 159}
@@ -149,7 +178,7 @@ static inline void flush_tlb_kernel_range(unsigned long start, unsigned long end
149 178
150 dsb(ishst); 179 dsb(ishst);
151 for (addr = start; addr < end; addr += 1 << (PAGE_SHIFT - 12)) 180 for (addr = start; addr < end; addr += 1 << (PAGE_SHIFT - 12))
152 asm("tlbi vaae1is, %0" : : "r"(addr)); 181 __tlbi(vaae1is, addr);
153 dsb(ish); 182 dsb(ish);
154 isb(); 183 isb();
155} 184}
@@ -163,7 +192,8 @@ static inline void __flush_tlb_pgtable(struct mm_struct *mm,
163{ 192{
164 unsigned long addr = uaddr >> 12 | (ASID(mm) << 48); 193 unsigned long addr = uaddr >> 12 | (ASID(mm) << 48);
165 194
166 asm("tlbi vae1is, %0" : : "r" (addr)); 195 __tlbi(vae1is, addr);
196 __tlbi_user(vae1is, addr);
167 dsb(ish); 197 dsb(ish);
168} 198}
169 199
diff --git a/arch/arm64/include/asm/uaccess.h b/arch/arm64/include/asm/uaccess.h
index 064cef9ae2d1..d39d8bde42d7 100644
--- a/arch/arm64/include/asm/uaccess.h
+++ b/arch/arm64/include/asm/uaccess.h
@@ -20,6 +20,7 @@
20 20
21#include <asm/alternative.h> 21#include <asm/alternative.h>
22#include <asm/kernel-pgtable.h> 22#include <asm/kernel-pgtable.h>
23#include <asm/mmu.h>
23#include <asm/sysreg.h> 24#include <asm/sysreg.h>
24 25
25#ifndef __ASSEMBLY__ 26#ifndef __ASSEMBLY__
@@ -142,17 +143,23 @@ static inline void set_fs(mm_segment_t fs)
142#ifdef CONFIG_ARM64_SW_TTBR0_PAN 143#ifdef CONFIG_ARM64_SW_TTBR0_PAN
143static inline void __uaccess_ttbr0_disable(void) 144static inline void __uaccess_ttbr0_disable(void)
144{ 145{
145 unsigned long ttbr; 146 unsigned long flags, ttbr;
146 147
148 local_irq_save(flags);
149 ttbr = read_sysreg(ttbr1_el1);
150 ttbr &= ~TTBR_ASID_MASK;
147 /* reserved_ttbr0 placed at the end of swapper_pg_dir */ 151 /* reserved_ttbr0 placed at the end of swapper_pg_dir */
148 ttbr = read_sysreg(ttbr1_el1) + SWAPPER_DIR_SIZE; 152 write_sysreg(ttbr + SWAPPER_DIR_SIZE, ttbr0_el1);
149 write_sysreg(ttbr, ttbr0_el1); 153 isb();
154 /* Set reserved ASID */
155 write_sysreg(ttbr, ttbr1_el1);
150 isb(); 156 isb();
157 local_irq_restore(flags);
151} 158}
152 159
153static inline void __uaccess_ttbr0_enable(void) 160static inline void __uaccess_ttbr0_enable(void)
154{ 161{
155 unsigned long flags; 162 unsigned long flags, ttbr0, ttbr1;
156 163
157 /* 164 /*
158 * Disable interrupts to avoid preemption between reading the 'ttbr0' 165 * Disable interrupts to avoid preemption between reading the 'ttbr0'
@@ -160,7 +167,17 @@ static inline void __uaccess_ttbr0_enable(void)
160 * roll-over and an update of 'ttbr0'. 167 * roll-over and an update of 'ttbr0'.
161 */ 168 */
162 local_irq_save(flags); 169 local_irq_save(flags);
163 write_sysreg(current_thread_info()->ttbr0, ttbr0_el1); 170 ttbr0 = READ_ONCE(current_thread_info()->ttbr0);
171
172 /* Restore active ASID */
173 ttbr1 = read_sysreg(ttbr1_el1);
174 ttbr1 &= ~TTBR_ASID_MASK; /* safety measure */
175 ttbr1 |= ttbr0 & TTBR_ASID_MASK;
176 write_sysreg(ttbr1, ttbr1_el1);
177 isb();
178
179 /* Restore user page table */
180 write_sysreg(ttbr0, ttbr0_el1);
164 isb(); 181 isb();
165 local_irq_restore(flags); 182 local_irq_restore(flags);
166} 183}
@@ -439,51 +456,62 @@ extern __must_check long strnlen_user(const char __user *str, long n);
439#ifdef CONFIG_ARM64_SW_TTBR0_PAN 456#ifdef CONFIG_ARM64_SW_TTBR0_PAN
440 .macro __uaccess_ttbr0_disable, tmp1 457 .macro __uaccess_ttbr0_disable, tmp1
441 mrs \tmp1, ttbr1_el1 // swapper_pg_dir 458 mrs \tmp1, ttbr1_el1 // swapper_pg_dir
459 bic \tmp1, \tmp1, #TTBR_ASID_MASK
442 add \tmp1, \tmp1, #SWAPPER_DIR_SIZE // reserved_ttbr0 at the end of swapper_pg_dir 460 add \tmp1, \tmp1, #SWAPPER_DIR_SIZE // reserved_ttbr0 at the end of swapper_pg_dir
443 msr ttbr0_el1, \tmp1 // set reserved TTBR0_EL1 461 msr ttbr0_el1, \tmp1 // set reserved TTBR0_EL1
444 isb 462 isb
463 sub \tmp1, \tmp1, #SWAPPER_DIR_SIZE
464 msr ttbr1_el1, \tmp1 // set reserved ASID
465 isb
445 .endm 466 .endm
446 467
447 .macro __uaccess_ttbr0_enable, tmp1 468 .macro __uaccess_ttbr0_enable, tmp1, tmp2
448 get_thread_info \tmp1 469 get_thread_info \tmp1
449 ldr \tmp1, [\tmp1, #TSK_TI_TTBR0] // load saved TTBR0_EL1 470 ldr \tmp1, [\tmp1, #TSK_TI_TTBR0] // load saved TTBR0_EL1
471 mrs \tmp2, ttbr1_el1
472 extr \tmp2, \tmp2, \tmp1, #48
473 ror \tmp2, \tmp2, #16
474 msr ttbr1_el1, \tmp2 // set the active ASID
475 isb
450 msr ttbr0_el1, \tmp1 // set the non-PAN TTBR0_EL1 476 msr ttbr0_el1, \tmp1 // set the non-PAN TTBR0_EL1
451 isb 477 isb
452 .endm 478 .endm
453 479
454 .macro uaccess_ttbr0_disable, tmp1 480 .macro uaccess_ttbr0_disable, tmp1, tmp2
455alternative_if_not ARM64_HAS_PAN 481alternative_if_not ARM64_HAS_PAN
482 save_and_disable_irq \tmp2 // avoid preemption
456 __uaccess_ttbr0_disable \tmp1 483 __uaccess_ttbr0_disable \tmp1
484 restore_irq \tmp2
457alternative_else_nop_endif 485alternative_else_nop_endif
458 .endm 486 .endm
459 487
460 .macro uaccess_ttbr0_enable, tmp1, tmp2 488 .macro uaccess_ttbr0_enable, tmp1, tmp2, tmp3
461alternative_if_not ARM64_HAS_PAN 489alternative_if_not ARM64_HAS_PAN
462 save_and_disable_irq \tmp2 // avoid preemption 490 save_and_disable_irq \tmp3 // avoid preemption
463 __uaccess_ttbr0_enable \tmp1 491 __uaccess_ttbr0_enable \tmp1, \tmp2
464 restore_irq \tmp2 492 restore_irq \tmp3
465alternative_else_nop_endif 493alternative_else_nop_endif
466 .endm 494 .endm
467#else 495#else
468 .macro uaccess_ttbr0_disable, tmp1 496 .macro uaccess_ttbr0_disable, tmp1, tmp2
469 .endm 497 .endm
470 498
471 .macro uaccess_ttbr0_enable, tmp1, tmp2 499 .macro uaccess_ttbr0_enable, tmp1, tmp2, tmp3
472 .endm 500 .endm
473#endif 501#endif
474 502
475/* 503/*
476 * These macros are no-ops when UAO is present. 504 * These macros are no-ops when UAO is present.
477 */ 505 */
478 .macro uaccess_disable_not_uao, tmp1 506 .macro uaccess_disable_not_uao, tmp1, tmp2
479 uaccess_ttbr0_disable \tmp1 507 uaccess_ttbr0_disable \tmp1, \tmp2
480alternative_if ARM64_ALT_PAN_NOT_UAO 508alternative_if ARM64_ALT_PAN_NOT_UAO
481 SET_PSTATE_PAN(1) 509 SET_PSTATE_PAN(1)
482alternative_else_nop_endif 510alternative_else_nop_endif
483 .endm 511 .endm
484 512
485 .macro uaccess_enable_not_uao, tmp1, tmp2 513 .macro uaccess_enable_not_uao, tmp1, tmp2, tmp3
486 uaccess_ttbr0_enable \tmp1, \tmp2 514 uaccess_ttbr0_enable \tmp1, \tmp2, \tmp3
487alternative_if ARM64_ALT_PAN_NOT_UAO 515alternative_if ARM64_ALT_PAN_NOT_UAO
488 SET_PSTATE_PAN(0) 516 SET_PSTATE_PAN(0)
489alternative_else_nop_endif 517alternative_else_nop_endif
diff --git a/arch/arm64/kernel/asm-offsets.c b/arch/arm64/kernel/asm-offsets.c
index 67ebe708e30c..4e6331562d7c 100644
--- a/arch/arm64/kernel/asm-offsets.c
+++ b/arch/arm64/kernel/asm-offsets.c
@@ -22,7 +22,7 @@
22#include <linux/mm.h> 22#include <linux/mm.h>
23#include <linux/dma-mapping.h> 23#include <linux/dma-mapping.h>
24#include <linux/kvm_host.h> 24#include <linux/kvm_host.h>
25#include <linux/suspend.h> 25#include <asm/fixmap.h>
26#include <asm/thread_info.h> 26#include <asm/thread_info.h>
27#include <asm/memory.h> 27#include <asm/memory.h>
28#include <asm/smp_plat.h> 28#include <asm/smp_plat.h>
@@ -152,14 +152,13 @@ int main(void)
152 DEFINE(CPU_CTX_SP, offsetof(struct cpu_suspend_ctx, sp)); 152 DEFINE(CPU_CTX_SP, offsetof(struct cpu_suspend_ctx, sp));
153 DEFINE(MPIDR_HASH_MASK, offsetof(struct mpidr_hash, mask)); 153 DEFINE(MPIDR_HASH_MASK, offsetof(struct mpidr_hash, mask));
154 DEFINE(MPIDR_HASH_SHIFTS, offsetof(struct mpidr_hash, shift_aff)); 154 DEFINE(MPIDR_HASH_SHIFTS, offsetof(struct mpidr_hash, shift_aff));
155 DEFINE(SLEEP_STACK_DATA_SYSTEM_REGS, offsetof(struct sleep_stack_data, system_regs)); 155 DEFINE(SLEEP_SAVE_SP_SZ, sizeof(struct sleep_save_sp));
156 DEFINE(SLEEP_STACK_DATA_CALLEE_REGS, offsetof(struct sleep_stack_data, callee_saved_regs)); 156 DEFINE(SLEEP_SAVE_SP_PHYS, offsetof(struct sleep_save_sp, save_ptr_stash_phys));
157 DEFINE(SLEEP_SAVE_SP_VIRT, offsetof(struct sleep_save_sp, save_ptr_stash));
157#endif 158#endif
158 DEFINE(ARM_SMCCC_RES_X0_OFFS, offsetof(struct arm_smccc_res, a0));
159 DEFINE(ARM_SMCCC_RES_X2_OFFS, offsetof(struct arm_smccc_res, a2));
160 BLANK(); 159 BLANK();
161 DEFINE(HIBERN_PBE_ORIG, offsetof(struct pbe, orig_address)); 160#ifdef CONFIG_UNMAP_KERNEL_AT_EL0
162 DEFINE(HIBERN_PBE_ADDR, offsetof(struct pbe, address)); 161 DEFINE(TRAMP_VALIAS, TRAMP_VALIAS);
163 DEFINE(HIBERN_PBE_NEXT, offsetof(struct pbe, next)); 162#endif
164 return 0; 163 return 0;
165} 164}
diff --git a/arch/arm64/kernel/cpufeature.c b/arch/arm64/kernel/cpufeature.c
index 53fab76d3c39..590dde2d014b 100644
--- a/arch/arm64/kernel/cpufeature.c
+++ b/arch/arm64/kernel/cpufeature.c
@@ -650,10 +650,38 @@ static bool has_no_hw_prefetch(const struct arm64_cpu_capabilities *entry)
650 return MIDR_IS_CPU_MODEL_RANGE(midr, MIDR_THUNDERX, rv_min, rv_max); 650 return MIDR_IS_CPU_MODEL_RANGE(midr, MIDR_THUNDERX, rv_min, rv_max);
651} 651}
652 652
653static bool runs_at_el2(const struct arm64_cpu_capabilities *entry) 653#ifdef CONFIG_UNMAP_KERNEL_AT_EL0
654static int __kpti_forced; /* 0: not forced, >0: forced on, <0: forced off */
655
656static bool unmap_kernel_at_el0(const struct arm64_cpu_capabilities *entry)
657{
658 /* Forced on command line? */
659 if (__kpti_forced) {
660 pr_info_once("kernel page table isolation forced %s by command line option\n",
661 __kpti_forced > 0 ? "ON" : "OFF");
662 return __kpti_forced > 0;
663 }
664
665 /* Useful for KASLR robustness */
666 if (IS_ENABLED(CONFIG_RANDOMIZE_BASE))
667 return true;
668
669 return false;
670}
671
672static int __init parse_kpti(char *str)
654{ 673{
655 return is_kernel_in_hyp_mode(); 674 bool enabled;
675 int ret = strtobool(str, &enabled);
676
677 if (ret)
678 return ret;
679
680 __kpti_forced = enabled ? 1 : -1;
681 return 0;
656} 682}
683__setup("kpti=", parse_kpti);
684#endif /* CONFIG_UNMAP_KERNEL_AT_EL0 */
657 685
658static const struct arm64_cpu_capabilities arm64_features[] = { 686static const struct arm64_cpu_capabilities arm64_features[] = {
659 { 687 {
@@ -707,11 +735,12 @@ static const struct arm64_cpu_capabilities arm64_features[] = {
707 .matches = cpufeature_pan_not_uao, 735 .matches = cpufeature_pan_not_uao,
708 }, 736 },
709#endif /* CONFIG_ARM64_PAN */ 737#endif /* CONFIG_ARM64_PAN */
738#ifdef CONFIG_UNMAP_KERNEL_AT_EL0
710 { 739 {
711 .desc = "Virtualization Host Extensions", 740 .capability = ARM64_UNMAP_KERNEL_AT_EL0,
712 .capability = ARM64_HAS_VIRT_HOST_EXTN, 741 .matches = unmap_kernel_at_el0,
713 .matches = runs_at_el2,
714 }, 742 },
743#endif
715 {}, 744 {},
716}; 745};
717 746
diff --git a/arch/arm64/kernel/entry.S b/arch/arm64/kernel/entry.S
index 9ff717d93653..739ec3b359b0 100644
--- a/arch/arm64/kernel/entry.S
+++ b/arch/arm64/kernel/entry.S
@@ -29,6 +29,7 @@
29#include <asm/esr.h> 29#include <asm/esr.h>
30#include <asm/irq.h> 30#include <asm/irq.h>
31#include <asm/memory.h> 31#include <asm/memory.h>
32#include <asm/mmu.h>
32#include <asm/ptrace.h> 33#include <asm/ptrace.h>
33#include <asm/thread_info.h> 34#include <asm/thread_info.h>
34#include <asm/uaccess.h> 35#include <asm/uaccess.h>
@@ -70,8 +71,31 @@
70#define BAD_FIQ 2 71#define BAD_FIQ 2
71#define BAD_ERROR 3 72#define BAD_ERROR 3
72 73
73 .macro kernel_entry, el, regsize = 64 74 .macro kernel_ventry, el, label, regsize = 64
75 .align 7
76#ifdef CONFIG_UNMAP_KERNEL_AT_EL0
77alternative_if ARM64_UNMAP_KERNEL_AT_EL0
78 .if \el == 0
79 .if \regsize == 64
80 mrs x30, tpidrro_el0
81 msr tpidrro_el0, xzr
82 .else
83 mov x30, xzr
84 .endif
85 .endif
86alternative_else_nop_endif
87#endif
88
74 sub sp, sp, #S_FRAME_SIZE 89 sub sp, sp, #S_FRAME_SIZE
90 b el\()\el\()_\label
91 .endm
92
93 .macro tramp_alias, dst, sym
94 mov_q \dst, TRAMP_VALIAS
95 add \dst, \dst, #(\sym - .entry.tramp.text)
96 .endm
97
98 .macro kernel_entry, el, regsize = 64
75 .if \regsize == 32 99 .if \regsize == 32
76 mov w0, w0 // zero upper 32 bits of x0 100 mov w0, w0 // zero upper 32 bits of x0
77 .endif 101 .endif
@@ -141,7 +165,7 @@ alternative_else_nop_endif
141 165
142 .if \el != 0 166 .if \el != 0
143 mrs x21, ttbr0_el1 167 mrs x21, ttbr0_el1
144 tst x21, #0xffff << 48 // Check for the reserved ASID 168 tst x21, #TTBR_ASID_MASK // Check for the reserved ASID
145 orr x23, x23, #PSR_PAN_BIT // Set the emulated PAN in the saved SPSR 169 orr x23, x23, #PSR_PAN_BIT // Set the emulated PAN in the saved SPSR
146 b.eq 1f // TTBR0 access already disabled 170 b.eq 1f // TTBR0 access already disabled
147 and x23, x23, #~PSR_PAN_BIT // Clear the emulated PAN in the saved SPSR 171 and x23, x23, #~PSR_PAN_BIT // Clear the emulated PAN in the saved SPSR
@@ -208,7 +232,7 @@ alternative_else_nop_endif
208 tbnz x22, #22, 1f // Skip re-enabling TTBR0 access if the PSR_PAN_BIT is set 232 tbnz x22, #22, 1f // Skip re-enabling TTBR0 access if the PSR_PAN_BIT is set
209 .endif 233 .endif
210 234
211 __uaccess_ttbr0_enable x0 235 __uaccess_ttbr0_enable x0, x1
212 236
213 .if \el == 0 237 .if \el == 0
214 /* 238 /*
@@ -217,7 +241,7 @@ alternative_else_nop_endif
217 * Cavium erratum 27456 (broadcast TLBI instructions may cause I-cache 241 * Cavium erratum 27456 (broadcast TLBI instructions may cause I-cache
218 * corruption). 242 * corruption).
219 */ 243 */
220 post_ttbr0_update_workaround 244 bl post_ttbr_update_workaround
221 .endif 245 .endif
2221: 2461:
223 .if \el != 0 247 .if \el != 0
@@ -229,24 +253,20 @@ alternative_else_nop_endif
229 .if \el == 0 253 .if \el == 0
230 ldr x23, [sp, #S_SP] // load return stack pointer 254 ldr x23, [sp, #S_SP] // load return stack pointer
231 msr sp_el0, x23 255 msr sp_el0, x23
256 tst x22, #PSR_MODE32_BIT // native task?
257 b.eq 3f
258
232#ifdef CONFIG_ARM64_ERRATUM_845719 259#ifdef CONFIG_ARM64_ERRATUM_845719
233alternative_if_not ARM64_WORKAROUND_845719 260alternative_if ARM64_WORKAROUND_845719
234 nop
235 nop
236#ifdef CONFIG_PID_IN_CONTEXTIDR
237 nop
238#endif
239alternative_else
240 tbz x22, #4, 1f
241#ifdef CONFIG_PID_IN_CONTEXTIDR 261#ifdef CONFIG_PID_IN_CONTEXTIDR
242 mrs x29, contextidr_el1 262 mrs x29, contextidr_el1
243 msr contextidr_el1, x29 263 msr contextidr_el1, x29
244#else 264#else
245 msr contextidr_el1, xzr 265 msr contextidr_el1, xzr
246#endif 266#endif
2471: 267alternative_else_nop_endif
248alternative_endif
249#endif 268#endif
2693:
250 .endif 270 .endif
251 271
252 msr elr_el1, x21 // set up the return data 272 msr elr_el1, x21 // set up the return data
@@ -268,7 +288,21 @@ alternative_endif
268 ldp x28, x29, [sp, #16 * 14] 288 ldp x28, x29, [sp, #16 * 14]
269 ldr lr, [sp, #S_LR] 289 ldr lr, [sp, #S_LR]
270 add sp, sp, #S_FRAME_SIZE // restore sp 290 add sp, sp, #S_FRAME_SIZE // restore sp
271 eret // return to kernel 291
292 .if \el == 0
293alternative_insn eret, nop, ARM64_UNMAP_KERNEL_AT_EL0
294#ifdef CONFIG_UNMAP_KERNEL_AT_EL0
295 bne 4f
296 msr far_el1, x30
297 tramp_alias x30, tramp_exit_native
298 br x30
2994:
300 tramp_alias x30, tramp_exit_compat
301 br x30
302#endif
303 .else
304 eret
305 .endif
272 .endm 306 .endm
273 307
274 .macro irq_stack_entry 308 .macro irq_stack_entry
@@ -346,31 +380,31 @@ tsk .req x28 // current thread_info
346 380
347 .align 11 381 .align 11
348ENTRY(vectors) 382ENTRY(vectors)
349 ventry el1_sync_invalid // Synchronous EL1t 383 kernel_ventry 1, sync_invalid // Synchronous EL1t
350 ventry el1_irq_invalid // IRQ EL1t 384 kernel_ventry 1, irq_invalid // IRQ EL1t
351 ventry el1_fiq_invalid // FIQ EL1t 385 kernel_ventry 1, fiq_invalid // FIQ EL1t
352 ventry el1_error_invalid // Error EL1t 386 kernel_ventry 1, error_invalid // Error EL1t
353 387
354 ventry el1_sync // Synchronous EL1h 388 kernel_ventry 1, sync // Synchronous EL1h
355 ventry el1_irq // IRQ EL1h 389 kernel_ventry 1, irq // IRQ EL1h
356 ventry el1_fiq_invalid // FIQ EL1h 390 kernel_ventry 1, fiq_invalid // FIQ EL1h
357 ventry el1_error_invalid // Error EL1h 391 kernel_ventry 1, error_invalid // Error EL1h
358 392
359 ventry el0_sync // Synchronous 64-bit EL0 393 kernel_ventry 0, sync // Synchronous 64-bit EL0
360 ventry el0_irq // IRQ 64-bit EL0 394 kernel_ventry 0, irq // IRQ 64-bit EL0
361 ventry el0_fiq_invalid // FIQ 64-bit EL0 395 kernel_ventry 0, fiq_invalid // FIQ 64-bit EL0
362 ventry el0_error_invalid // Error 64-bit EL0 396 kernel_ventry 0, error_invalid // Error 64-bit EL0
363 397
364#ifdef CONFIG_COMPAT 398#ifdef CONFIG_COMPAT
365 ventry el0_sync_compat // Synchronous 32-bit EL0 399 kernel_ventry 0, sync_compat, 32 // Synchronous 32-bit EL0
366 ventry el0_irq_compat // IRQ 32-bit EL0 400 kernel_ventry 0, irq_compat, 32 // IRQ 32-bit EL0
367 ventry el0_fiq_invalid_compat // FIQ 32-bit EL0 401 kernel_ventry 0, fiq_invalid_compat, 32 // FIQ 32-bit EL0
368 ventry el0_error_invalid_compat // Error 32-bit EL0 402 kernel_ventry 0, error_invalid_compat, 32 // Error 32-bit EL0
369#else 403#else
370 ventry el0_sync_invalid // Synchronous 32-bit EL0 404 kernel_ventry 0, sync_invalid, 32 // Synchronous 32-bit EL0
371 ventry el0_irq_invalid // IRQ 32-bit EL0 405 kernel_ventry 0, irq_invalid, 32 // IRQ 32-bit EL0
372 ventry el0_fiq_invalid // FIQ 32-bit EL0 406 kernel_ventry 0, fiq_invalid, 32 // FIQ 32-bit EL0
373 ventry el0_error_invalid // Error 32-bit EL0 407 kernel_ventry 0, error_invalid, 32 // Error 32-bit EL0
374#endif 408#endif
375END(vectors) 409END(vectors)
376 410
@@ -572,7 +606,7 @@ el0_sync:
572 cmp x24, #ESR_ELx_EC_FP_EXC64 // FP/ASIMD exception 606 cmp x24, #ESR_ELx_EC_FP_EXC64 // FP/ASIMD exception
573 b.eq el0_fpsimd_exc 607 b.eq el0_fpsimd_exc
574 cmp x24, #ESR_ELx_EC_SYS64 // configurable trap 608 cmp x24, #ESR_ELx_EC_SYS64 // configurable trap
575 b.eq el0_undef 609 b.eq el0_sys
576 cmp x24, #ESR_ELx_EC_SP_ALIGN // stack alignment exception 610 cmp x24, #ESR_ELx_EC_SP_ALIGN // stack alignment exception
577 b.eq el0_sp_pc 611 b.eq el0_sp_pc
578 cmp x24, #ESR_ELx_EC_PC_ALIGN // pc alignment exception 612 cmp x24, #ESR_ELx_EC_PC_ALIGN // pc alignment exception
@@ -700,6 +734,16 @@ el0_undef:
700 mov x0, sp 734 mov x0, sp
701 bl do_undefinstr 735 bl do_undefinstr
702 b ret_to_user 736 b ret_to_user
737el0_sys:
738 /*
739 * System instructions, for trapped cache maintenance instructions
740 */
741 enable_dbg_and_irq
742 ct_user_exit
743 mov x0, x25
744 mov x1, sp
745 bl do_sysinstr
746 b ret_to_user
703el0_dbg: 747el0_dbg:
704 /* 748 /*
705 * Debug exception handling 749 * Debug exception handling
@@ -911,7 +955,118 @@ __ni_sys_trace:
911 bl do_ni_syscall 955 bl do_ni_syscall
912 b __sys_trace_return 956 b __sys_trace_return
913 957
914 .popsection // .entry.text 958#ifdef CONFIG_UNMAP_KERNEL_AT_EL0
959/*
960 * Exception vectors trampoline.
961 */
962 .pushsection ".entry.tramp.text", "ax"
963
964 .macro tramp_map_kernel, tmp
965 mrs \tmp, ttbr1_el1
966 sub \tmp, \tmp, #(SWAPPER_DIR_SIZE + RESERVED_TTBR0_SIZE)
967 bic \tmp, \tmp, #USER_ASID_FLAG
968 msr ttbr1_el1, \tmp
969#ifdef CONFIG_ARCH_MSM8996
970 /* ASID already in \tmp[63:48] */
971 movk \tmp, #:abs_g2_nc:(TRAMP_VALIAS >> 12)
972 movk \tmp, #:abs_g1_nc:(TRAMP_VALIAS >> 12)
973 /* 2MB boundary containing the vectors, so we nobble the walk cache */
974 movk \tmp, #:abs_g0_nc:((TRAMP_VALIAS & ~(SZ_2M - 1)) >> 12)
975 isb
976 tlbi vae1, \tmp
977 dsb nsh
978#endif /* CONFIG_ARCH_MSM8996 */
979 .endm
980
981 .macro tramp_unmap_kernel, tmp
982 mrs \tmp, ttbr1_el1
983 add \tmp, \tmp, #(SWAPPER_DIR_SIZE + RESERVED_TTBR0_SIZE)
984 orr \tmp, \tmp, #USER_ASID_FLAG
985 msr ttbr1_el1, \tmp
986 /*
987 * We avoid running the post_ttbr_update_workaround here because the
988 * user and kernel ASIDs don't have conflicting mappings, so any
989 * "blessing" as described in:
990 *
991 * http://lkml.kernel.org/r/56BB848A.6060603@caviumnetworks.com
992 *
993 * will not hurt correctness. Whilst this may partially defeat the
994 * point of using split ASIDs in the first place, it avoids
995 * the hit of invalidating the entire I-cache on every return to
996 * userspace.
997 */
998 .endm
999
1000 .macro tramp_ventry, regsize = 64
1001 .align 7
10021:
1003 .if \regsize == 64
1004 msr tpidrro_el0, x30 // Restored in kernel_ventry
1005 .endif
1006 bl 2f
1007 b .
10082:
1009 tramp_map_kernel x30
1010#ifdef CONFIG_RANDOMIZE_BASE
1011 adr x30, tramp_vectors + PAGE_SIZE
1012#ifndef CONFIG_ARCH_MSM8996
1013 isb
1014#endif
1015 ldr x30, [x30]
1016#else
1017 ldr x30, =vectors
1018#endif
1019 prfm plil1strm, [x30, #(1b - tramp_vectors)]
1020 msr vbar_el1, x30
1021 add x30, x30, #(1b - tramp_vectors)
1022 isb
1023 ret
1024 .endm
1025
1026 .macro tramp_exit, regsize = 64
1027 adr x30, tramp_vectors
1028 msr vbar_el1, x30
1029 tramp_unmap_kernel x30
1030 .if \regsize == 64
1031 mrs x30, far_el1
1032 .endif
1033 eret
1034 .endm
1035
1036 .align 11
1037ENTRY(tramp_vectors)
1038 .space 0x400
1039
1040 tramp_ventry
1041 tramp_ventry
1042 tramp_ventry
1043 tramp_ventry
1044
1045 tramp_ventry 32
1046 tramp_ventry 32
1047 tramp_ventry 32
1048 tramp_ventry 32
1049END(tramp_vectors)
1050
1051ENTRY(tramp_exit_native)
1052 tramp_exit
1053END(tramp_exit_native)
1054
1055ENTRY(tramp_exit_compat)
1056 tramp_exit 32
1057END(tramp_exit_compat)
1058
1059 .ltorg
1060 .popsection // .entry.tramp.text
1061#ifdef CONFIG_RANDOMIZE_BASE
1062 .pushsection ".rodata", "a"
1063 .align PAGE_SHIFT
1064 .globl __entry_tramp_data_start
1065__entry_tramp_data_start:
1066 .quad vectors
1067 .popsection // .rodata
1068#endif /* CONFIG_RANDOMIZE_BASE */
1069#endif /* CONFIG_UNMAP_KERNEL_AT_EL0 */
915 1070
916/* 1071/*
917 * Special system call wrappers. 1072 * Special system call wrappers.
diff --git a/arch/arm64/kernel/process.c b/arch/arm64/kernel/process.c
index 5ac462f222f8..dfbabc0e274b 100644
--- a/arch/arm64/kernel/process.c
+++ b/arch/arm64/kernel/process.c
@@ -376,19 +376,17 @@ int copy_thread(unsigned long clone_flags, unsigned long stack_start,
376 376
377static void tls_thread_switch(struct task_struct *next) 377static void tls_thread_switch(struct task_struct *next)
378{ 378{
379 unsigned long tpidr, tpidrro; 379 unsigned long tpidr;
380 380
381 asm("mrs %0, tpidr_el0" : "=r" (tpidr)); 381 asm("mrs %0, tpidr_el0" : "=r" (tpidr));
382 *task_user_tls(current) = tpidr; 382 *task_user_tls(current) = tpidr;
383 383
384 tpidr = *task_user_tls(next); 384 if (is_compat_thread(task_thread_info(next)))
385 tpidrro = is_compat_thread(task_thread_info(next)) ? 385 write_sysreg(next->thread.tp_value, tpidrro_el0);
386 next->thread.tp_value : 0; 386 else if (!arm64_kernel_unmapped_at_el0())
387 write_sysreg(0, tpidrro_el0);
387 388
388 asm( 389 write_sysreg(*task_user_tls(next), tpidr_el0);
389 " msr tpidr_el0, %0\n"
390 " msr tpidrro_el0, %1"
391 : : "r" (tpidr), "r" (tpidrro));
392} 390}
393 391
394/* Restore the UAO state depending on next's addr_limit */ 392/* Restore the UAO state depending on next's addr_limit */
diff --git a/arch/arm64/kernel/traps.c b/arch/arm64/kernel/traps.c
index 9278a2bf9596..d421b5681754 100644
--- a/arch/arm64/kernel/traps.c
+++ b/arch/arm64/kernel/traps.c
@@ -33,6 +33,7 @@
33#include <linux/syscalls.h> 33#include <linux/syscalls.h>
34 34
35#include <asm/atomic.h> 35#include <asm/atomic.h>
36#include <asm/barrier.h>
36#include <asm/bug.h> 37#include <asm/bug.h>
37#include <asm/debug-monitors.h> 38#include <asm/debug-monitors.h>
38#include <asm/esr.h> 39#include <asm/esr.h>
@@ -404,6 +405,38 @@ asmlinkage void __exception do_undefinstr(struct pt_regs *regs)
404 arm64_notify_die("Oops - undefined instruction", regs, &info, 0); 405 arm64_notify_die("Oops - undefined instruction", regs, &info, 0);
405} 406}
406 407
408static void cntvct_read_handler(unsigned int esr, struct pt_regs *regs)
409{
410 int rt = (esr & ESR_ELx_SYS64_ISS_RT_MASK) >> ESR_ELx_SYS64_ISS_RT_SHIFT;
411
412 isb();
413 if (rt != 31)
414 regs->regs[rt] = arch_counter_get_cntvct();
415 regs->pc += 4;
416}
417
418static void cntfrq_read_handler(unsigned int esr, struct pt_regs *regs)
419{
420 int rt = (esr & ESR_ELx_SYS64_ISS_RT_MASK) >> ESR_ELx_SYS64_ISS_RT_SHIFT;
421
422 if (rt != 31)
423 regs->regs[rt] = read_sysreg(cntfrq_el0);
424 regs->pc += 4;
425}
426
427asmlinkage void __exception do_sysinstr(unsigned int esr, struct pt_regs *regs)
428{
429 if ((esr & ESR_ELx_SYS64_ISS_SYS_OP_MASK) == ESR_ELx_SYS64_ISS_SYS_CNTVCT) {
430 cntvct_read_handler(esr, regs);
431 return;
432 } else if ((esr & ESR_ELx_SYS64_ISS_SYS_OP_MASK) == ESR_ELx_SYS64_ISS_SYS_CNTFRQ) {
433 cntfrq_read_handler(esr, regs);
434 return;
435 }
436
437 do_undefinstr(regs);
438}
439
407long compat_arm_syscall(struct pt_regs *regs); 440long compat_arm_syscall(struct pt_regs *regs);
408 441
409asmlinkage long do_ni_syscall(struct pt_regs *regs) 442asmlinkage long do_ni_syscall(struct pt_regs *regs)
diff --git a/arch/arm64/kernel/vmlinux.lds.S b/arch/arm64/kernel/vmlinux.lds.S
index eb8a7ebe31c3..c49760d5b6c9 100644
--- a/arch/arm64/kernel/vmlinux.lds.S
+++ b/arch/arm64/kernel/vmlinux.lds.S
@@ -46,14 +46,15 @@ jiffies = jiffies_64;
46 *(.idmap.text) \ 46 *(.idmap.text) \
47 VMLINUX_SYMBOL(__idmap_text_end) = .; 47 VMLINUX_SYMBOL(__idmap_text_end) = .;
48 48
49#ifdef CONFIG_HIBERNATION 49#ifdef CONFIG_UNMAP_KERNEL_AT_EL0
50#define HIBERNATE_TEXT \ 50#define TRAMP_TEXT \
51 . = ALIGN(SZ_4K); \ 51 . = ALIGN(PAGE_SIZE); \
52 VMLINUX_SYMBOL(__hibernate_exit_text_start) = .;\ 52 VMLINUX_SYMBOL(__entry_tramp_text_start) = .; \
53 *(.hibernate_exit.text) \ 53 *(.entry.tramp.text) \
54 VMLINUX_SYMBOL(__hibernate_exit_text_end) = .; 54 . = ALIGN(PAGE_SIZE); \
55 VMLINUX_SYMBOL(__entry_tramp_text_end) = .;
55#else 56#else
56#define HIBERNATE_TEXT 57#define TRAMP_TEXT
57#endif 58#endif
58 59
59/* 60/*
@@ -125,7 +126,7 @@ SECTIONS
125 KPROBES_TEXT 126 KPROBES_TEXT
126 HYPERVISOR_TEXT 127 HYPERVISOR_TEXT
127 IDMAP_TEXT 128 IDMAP_TEXT
128 HIBERNATE_TEXT 129 TRAMP_TEXT
129 *(.fixup) 130 *(.fixup)
130 *(.gnu.warning) 131 *(.gnu.warning)
131 . = ALIGN(16); 132 . = ALIGN(16);
@@ -200,6 +201,11 @@ SECTIONS
200 . += RESERVED_TTBR0_SIZE; 201 . += RESERVED_TTBR0_SIZE;
201#endif 202#endif
202 203
204#ifdef CONFIG_UNMAP_KERNEL_AT_EL0
205 tramp_pg_dir = .;
206 . += PAGE_SIZE;
207#endif
208
203 _end = .; 209 _end = .;
204 210
205 STABS_DEBUG 211 STABS_DEBUG
@@ -220,6 +226,10 @@ ASSERT(__hibernate_exit_text_end - (__hibernate_exit_text_start & ~(SZ_4K - 1))
220 <= SZ_4K, "Hibernate exit text too big or misaligned") 226 <= SZ_4K, "Hibernate exit text too big or misaligned")
221#endif 227#endif
222 228
229#ifdef CONFIG_UNMAP_KERNEL_AT_EL0
230ASSERT((__entry_tramp_text_end - __entry_tramp_text_start) == PAGE_SIZE,
231 "Entry trampoline text too big")
232#endif
223/* 233/*
224 * If padding is applied before .head.text, virt<->phys conversions will fail. 234 * If padding is applied before .head.text, virt<->phys conversions will fail.
225 */ 235 */
diff --git a/arch/arm64/kvm/handle_exit.c b/arch/arm64/kvm/handle_exit.c
index e47f9bc71079..51abbd1d98e3 100644
--- a/arch/arm64/kvm/handle_exit.c
+++ b/arch/arm64/kvm/handle_exit.c
@@ -43,7 +43,7 @@ static int handle_hvc(struct kvm_vcpu *vcpu, struct kvm_run *run)
43 43
44 ret = kvm_psci_call(vcpu); 44 ret = kvm_psci_call(vcpu);
45 if (ret < 0) { 45 if (ret < 0) {
46 kvm_inject_undefined(vcpu); 46 vcpu_set_reg(vcpu, 0, ~0UL);
47 return 1; 47 return 1;
48 } 48 }
49 49
@@ -52,7 +52,7 @@ static int handle_hvc(struct kvm_vcpu *vcpu, struct kvm_run *run)
52 52
53static int handle_smc(struct kvm_vcpu *vcpu, struct kvm_run *run) 53static int handle_smc(struct kvm_vcpu *vcpu, struct kvm_run *run)
54{ 54{
55 kvm_inject_undefined(vcpu); 55 vcpu_set_reg(vcpu, 0, ~0UL);
56 return 1; 56 return 1;
57} 57}
58 58
diff --git a/arch/arm64/lib/clear_user.S b/arch/arm64/lib/clear_user.S
index d7150e30438a..07c7ad97ee28 100644
--- a/arch/arm64/lib/clear_user.S
+++ b/arch/arm64/lib/clear_user.S
@@ -30,7 +30,7 @@
30 * Alignment fixed up by hardware. 30 * Alignment fixed up by hardware.
31 */ 31 */
32ENTRY(__clear_user) 32ENTRY(__clear_user)
33 uaccess_enable_not_uao x2, x3 33 uaccess_enable_not_uao x2, x3, x4
34 mov x2, x1 // save the size for fixup return 34 mov x2, x1 // save the size for fixup return
35 subs x1, x1, #8 35 subs x1, x1, #8
36 b.mi 2f 36 b.mi 2f
@@ -50,7 +50,7 @@ uao_user_alternative 9f, strh, sttrh, wzr, x0, 2
50 b.mi 5f 50 b.mi 5f
51uao_user_alternative 9f, strb, sttrb, wzr, x0, 0 51uao_user_alternative 9f, strb, sttrb, wzr, x0, 0
525: mov x0, #0 525: mov x0, #0
53 uaccess_disable_not_uao x2 53 uaccess_disable_not_uao x2, x3
54 ret 54 ret
55ENDPROC(__clear_user) 55ENDPROC(__clear_user)
56 56
diff --git a/arch/arm64/lib/copy_from_user.S b/arch/arm64/lib/copy_from_user.S
index 90154f3f7f2a..683adc358be7 100644
--- a/arch/arm64/lib/copy_from_user.S
+++ b/arch/arm64/lib/copy_from_user.S
@@ -64,10 +64,10 @@
64 64
65end .req x5 65end .req x5
66ENTRY(__arch_copy_from_user) 66ENTRY(__arch_copy_from_user)
67 uaccess_enable_not_uao x3, x4 67 uaccess_enable_not_uao x3, x4, x5
68 add end, x0, x2 68 add end, x0, x2
69#include "copy_template.S" 69#include "copy_template.S"
70 uaccess_disable_not_uao x3 70 uaccess_disable_not_uao x3, x4
71 mov x0, #0 // Nothing to copy 71 mov x0, #0 // Nothing to copy
72 ret 72 ret
73ENDPROC(__arch_copy_from_user) 73ENDPROC(__arch_copy_from_user)
diff --git a/arch/arm64/lib/copy_in_user.S b/arch/arm64/lib/copy_in_user.S
index 718b1c4e2f85..e8bfaf19f778 100644
--- a/arch/arm64/lib/copy_in_user.S
+++ b/arch/arm64/lib/copy_in_user.S
@@ -65,10 +65,10 @@
65 65
66end .req x5 66end .req x5
67ENTRY(__copy_in_user) 67ENTRY(__copy_in_user)
68 uaccess_enable_not_uao x3, x4 68 uaccess_enable_not_uao x3, x4, x5
69 add end, x0, x2 69 add end, x0, x2
70#include "copy_template.S" 70#include "copy_template.S"
71 uaccess_disable_not_uao x3 71 uaccess_disable_not_uao x3, x4
72 mov x0, #0 72