From 30c54df7cb9b15b222529a028390b9c9582dd65e Mon Sep 17 00:00:00 2001 From: Alexander Usyskin Date: Mon, 27 Jan 2014 22:27:23 +0200 Subject: [PATCH 01/16] mei: clear write cb from waiting list on reset Clear write callbacks sitting in write_waiting list on reset. Otherwise these callbacks are left dangling and cause memory leak. Signed-off-by: Alexander Usyskin Signed-off-by: Tomas Winkler Cc: stable Signed-off-by: Greg Kroah-Hartman --- drivers/misc/mei/client.c | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/drivers/misc/mei/client.c b/drivers/misc/mei/client.c index 1ee2b9492a82..ccdacb5fcd8b 100644 --- a/drivers/misc/mei/client.c +++ b/drivers/misc/mei/client.c @@ -942,8 +942,16 @@ void mei_cl_all_wakeup(struct mei_device *dev) void mei_cl_all_write_clear(struct mei_device *dev) { struct mei_cl_cb *cb, *next; + struct list_head *list; - list_for_each_entry_safe(cb, next, &dev->write_list.list, list) { + list = &dev->write_list.list; + list_for_each_entry_safe(cb, next, list, list) { + list_del(&cb->list); + mei_io_cb_free(cb); + } + + list = &dev->write_waiting_list.list; + list_for_each_entry_safe(cb, next, list, list) { list_del(&cb->list); mei_io_cb_free(cb); } From 5cb906c7035f03a3a44fecece9d3ff8fcc75d6e0 Mon Sep 17 00:00:00 2001 From: Alexander Usyskin Date: Mon, 27 Jan 2014 22:27:24 +0200 Subject: [PATCH 02/16] mei: don't unset read cb ptr on reset Don't set read callback to NULL during reset as this leads to memory leak of both cb and its buffer. The memory is correctly freed during mei_release. The memory leak is detectable by kmemleak if application has open read call while system is going through suspend/resume. unreferenced object 0xecead780 (size 64): comm "AsyncTask #1", pid 1018, jiffies 4294949621 (age 152.440s) hex dump (first 32 bytes): 00 01 10 00 00 02 20 00 00 bf 30 f1 00 00 00 00 ...... ...0..... 00 00 00 00 00 00 00 00 36 01 00 00 00 70 da e2 ........6....p.. backtrace: [] kmemleak_alloc+0x3c/0xa0 [] kmem_cache_alloc_trace+0xc6/0x190 [] mei_io_cb_init+0x29/0x50 [] mei_cl_read_start+0x102/0x360 [] mei_read+0x103/0x4e0 [] vfs_read+0x89/0x160 [] SyS_read+0x4f/0x80 [] syscall_call+0x7/0xb [] 0xffffffff unreferenced object 0xe2da7000 (size 512): comm "AsyncTask #1", pid 1018, jiffies 4294949621 (age 152.440s) hex dump (first 32 bytes): 00 6c da e2 7c 00 00 00 00 00 00 00 c0 eb 0c 59 .l..|..........Y 1b 00 00 00 01 00 00 00 02 10 00 00 01 00 00 00 ................ backtrace: [] kmemleak_alloc+0x3c/0xa0 [] __kmalloc+0xe7/0x1d0 [] mei_io_cb_alloc_resp_buf+0x2e/0x60 [] mei_cl_read_start+0x12c/0x360 [] mei_read+0x103/0x4e0 [] vfs_read+0x89/0x160 [] SyS_read+0x4f/0x80 [] syscall_call+0x7/0xb [] 0xffffffff Signed-off-by: Alexander Usyskin Signed-off-by: Tomas Winkler Cc: stable Signed-off-by: Greg Kroah-Hartman --- drivers/misc/mei/client.c | 1 - 1 file changed, 1 deletion(-) diff --git a/drivers/misc/mei/client.c b/drivers/misc/mei/client.c index ccdacb5fcd8b..9b809cfc2899 100644 --- a/drivers/misc/mei/client.c +++ b/drivers/misc/mei/client.c @@ -908,7 +908,6 @@ void mei_cl_all_disconnect(struct mei_device *dev) list_for_each_entry_safe(cl, next, &dev->file_list, link) { cl->state = MEI_FILE_DISCONNECTED; cl->mei_flow_ctrl_creds = 0; - cl->read_cb = NULL; cl->timer_count = 0; } } From f0342e66b397947ed8c3eef8c37b5ca2d5b1bb50 Mon Sep 17 00:00:00 2001 From: Martyn Welch Date: Fri, 7 Feb 2014 15:48:56 +0000 Subject: [PATCH 03/16] VME: Correct read/write alignment algorithm In order to ensure the correct width cycles on the VME bus, the VME bridge drivers implement an algorithm to utilise the largest possible width reads and writes whilst maintaining natural alignment constraints. The algorithm currently looks at the start address rather than the current read/write address when determining whether a 16-bit width cycle is required to get to 32-bit alignment. This results in incorrect alignment, Reported-by: Jim Strouth Tested-by: Jim Strouth Signed-off-by: Martyn Welch Cc: stable Signed-off-by: Greg Kroah-Hartman --- drivers/vme/bridges/vme_ca91cx42.c | 4 ++-- drivers/vme/bridges/vme_tsi148.c | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/drivers/vme/bridges/vme_ca91cx42.c b/drivers/vme/bridges/vme_ca91cx42.c index a06edbfa95ca..1b5d48c578e1 100644 --- a/drivers/vme/bridges/vme_ca91cx42.c +++ b/drivers/vme/bridges/vme_ca91cx42.c @@ -884,7 +884,7 @@ static ssize_t ca91cx42_master_read(struct vme_master_resource *image, if (done == count) goto out; } - if ((uintptr_t)addr & 0x2) { + if ((uintptr_t)(addr + done) & 0x2) { if ((count - done) < 2) { *(u8 *)(buf + done) = ioread8(addr + done); done += 1; @@ -938,7 +938,7 @@ static ssize_t ca91cx42_master_write(struct vme_master_resource *image, if (done == count) goto out; } - if ((uintptr_t)addr & 0x2) { + if ((uintptr_t)(addr + done) & 0x2) { if ((count - done) < 2) { iowrite8(*(u8 *)(buf + done), addr + done); done += 1; diff --git a/drivers/vme/bridges/vme_tsi148.c b/drivers/vme/bridges/vme_tsi148.c index 16830d8b777c..9911cd5fddb5 100644 --- a/drivers/vme/bridges/vme_tsi148.c +++ b/drivers/vme/bridges/vme_tsi148.c @@ -1289,7 +1289,7 @@ static ssize_t tsi148_master_read(struct vme_master_resource *image, void *buf, if (done == count) goto out; } - if ((uintptr_t)addr & 0x2) { + if ((uintptr_t)(addr + done) & 0x2) { if ((count - done) < 2) { *(u8 *)(buf + done) = ioread8(addr + done); done += 1; @@ -1371,7 +1371,7 @@ static ssize_t tsi148_master_write(struct vme_master_resource *image, void *buf, if (done == count) goto out; } - if ((uintptr_t)addr & 0x2) { + if ((uintptr_t)(addr + done) & 0x2) { if ((count - done) < 2) { iowrite8(*(u8 *)(buf + done), addr + done); done += 1; From e28bab4828354583bb66ac09021ca69b341a7db4 Mon Sep 17 00:00:00 2001 From: "K. Y. Srinivasan" Date: Wed, 15 Jan 2014 17:12:58 -0800 Subject: [PATCH 04/16] Drivers: hv: vmbus: Specify the target CPU that should receive notification During the initial VMBUS connect phase, starting with WS2012 R2, we should specify the VPCU in the guest that should receive the notification. Fix this issue. This fix is required to properly connect to the host in the kexeced kernel. Signed-off-by: K. Y. Srinivasan Cc: [3.9+] Signed-off-by: Greg Kroah-Hartman --- drivers/hv/connection.c | 2 ++ include/linux/hyperv.h | 2 +- 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/drivers/hv/connection.c b/drivers/hv/connection.c index af6edf9b1936..855bbda9964d 100644 --- a/drivers/hv/connection.c +++ b/drivers/hv/connection.c @@ -78,6 +78,8 @@ static int vmbus_negotiate_version(struct vmbus_channel_msginfo *msginfo, msg->interrupt_page = virt_to_phys(vmbus_connection.int_page); msg->monitor_page1 = virt_to_phys(vmbus_connection.monitor_pages[0]); msg->monitor_page2 = virt_to_phys(vmbus_connection.monitor_pages[1]); + if (version == VERSION_WIN8) + msg->target_vcpu = hv_context.vp_index[smp_processor_id()]; /* * Add to list before we send the request since we may diff --git a/include/linux/hyperv.h b/include/linux/hyperv.h index 15da677478dd..344883dce584 100644 --- a/include/linux/hyperv.h +++ b/include/linux/hyperv.h @@ -875,7 +875,7 @@ struct vmbus_channel_relid_released { struct vmbus_channel_initiate_contact { struct vmbus_channel_message_header header; u32 vmbus_version_requested; - u32 padding2; + u32 target_vcpu; /* The VCPU the host should respond to */ u64 interrupt_page; u64 monitor_page1; u64 monitor_page2; From 269f979467cf49f2ea8132316c1f00f8c9678f7c Mon Sep 17 00:00:00 2001 From: "K. Y. Srinivasan" Date: Thu, 16 Jan 2014 11:59:58 -0800 Subject: [PATCH 05/16] Drivers: hv: vmbus: Don't timeout during the initial connection with host When the guest attempts to connect with the host when there may already be a connection with the host (as would be the case during the kdump/kexec path), it is difficult to guarantee timely response from the host. Starting with WS2012 R2, the host supports this ability to re-connect with the host (explicitly to support kexec). Prior to responding to the guest, the host needs to ensure that device states based on the previous connection to the host have been properly torn down. This may introduce unbounded delays. To deal with this issue, don't do a timed wait during the initial connect with the host. Signed-off-by: K. Y. Srinivasan Cc: Signed-off-by: Greg Kroah-Hartman --- drivers/hv/connection.c | 11 +---------- 1 file changed, 1 insertion(+), 10 deletions(-) diff --git a/drivers/hv/connection.c b/drivers/hv/connection.c index 855bbda9964d..f2d7bf90c9fe 100644 --- a/drivers/hv/connection.c +++ b/drivers/hv/connection.c @@ -67,7 +67,6 @@ static int vmbus_negotiate_version(struct vmbus_channel_msginfo *msginfo, int ret = 0; struct vmbus_channel_initiate_contact *msg; unsigned long flags; - int t; init_completion(&msginfo->waitevent); @@ -102,15 +101,7 @@ static int vmbus_negotiate_version(struct vmbus_channel_msginfo *msginfo, } /* Wait for the connection response */ - t = wait_for_completion_timeout(&msginfo->waitevent, 5*HZ); - if (t == 0) { - spin_lock_irqsave(&vmbus_connection.channelmsg_lock, - flags); - list_del(&msginfo->msglistentry); - spin_unlock_irqrestore(&vmbus_connection.channelmsg_lock, - flags); - return -ETIMEDOUT; - } + wait_for_completion(&msginfo->waitevent); spin_lock_irqsave(&vmbus_connection.channelmsg_lock, flags); list_del(&msginfo->msglistentry); From 5bbb2ae3d6f896f8d2082d1eceb6131c2420b7cf Mon Sep 17 00:00:00 2001 From: Paul Bolle Date: Tue, 4 Feb 2014 23:23:12 +0100 Subject: [PATCH 06/16] raw: test against runtime value of max_raw_minors bind_get() checks the device number it is called with. It uses MAX_RAW_MINORS for the upper bound. But MAX_RAW_MINORS is set at compile time while the actual number of raw devices can be set at runtime. This means the test can either be too strict or too lenient. And if the test ends up being too lenient bind_get() might try to access memory beyond what was allocated for "raw_devices". So check against the runtime value (max_raw_minors) in this function. Signed-off-by: Paul Bolle Acked-by: Jan Kara Cc: stable Signed-off-by: Greg Kroah-Hartman --- drivers/char/raw.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/char/raw.c b/drivers/char/raw.c index f3223aac4df1..6e8d65e9b1d3 100644 --- a/drivers/char/raw.c +++ b/drivers/char/raw.c @@ -190,7 +190,7 @@ static int bind_get(int number, dev_t *dev) struct raw_device_data *rawdev; struct block_device *bdev; - if (number <= 0 || number >= MAX_RAW_MINORS) + if (number <= 0 || number >= max_raw_minors) return -EINVAL; rawdev = &raw_devices[number]; From 7143479a6a4f853881b19999310ada53b616d2ca Mon Sep 17 00:00:00 2001 From: Paul Bolle Date: Tue, 4 Feb 2014 23:23:40 +0100 Subject: [PATCH 07/16] raw: set range for MAX_RAW_DEVS The Kconfig symbol MAX_RAW_DEVS is meant to be between 1 and 65536. But those boundaries are not enforced by its Kconfig entry. Note that MAX_RAW_DEVS is used to set MAX_RAW_MINORS in drivers/char/raw.c. If one would accidentally set MAX_RAW_DEVS to an invalid value, that invalid value will actually end up being used in raw_init(). So add an appropriate range to this Kconfig entry. Signed-off-by: Paul Bolle Signed-off-by: Greg Kroah-Hartman --- drivers/char/Kconfig | 1 + 1 file changed, 1 insertion(+) diff --git a/drivers/char/Kconfig b/drivers/char/Kconfig index fa3243d71c76..1386749b48ff 100644 --- a/drivers/char/Kconfig +++ b/drivers/char/Kconfig @@ -499,6 +499,7 @@ config RAW_DRIVER config MAX_RAW_DEVS int "Maximum number of RAW devices to support (1-65536)" depends on RAW_DRIVER + range 1 65536 default "256" help The maximum number of RAW devices that are supported. From fa69c87232cd6dac4d7e33e376467724697c43b9 Mon Sep 17 00:00:00 2001 From: Fu Wei Date: Tue, 28 Jan 2014 20:36:44 +0800 Subject: [PATCH 08/16] Documentation:Chinese translation of Documentation/arm64/tagged-pointers.txt This is a Chinese translated version of Documentation/arm64/tagged-pointers.txt It is based on the modifications of Documentation/arm64/tagged-pointers.txt in submission: "d50240a5", "374ed9d1". Signed-off-by: Fu Wei Acked-by: Harry Wei Signed-off-by: Greg Kroah-Hartman --- Documentation/zh_CN/arm64/tagged-pointers.txt | 52 +++++++++++++++++++ 1 file changed, 52 insertions(+) create mode 100644 Documentation/zh_CN/arm64/tagged-pointers.txt diff --git a/Documentation/zh_CN/arm64/tagged-pointers.txt b/Documentation/zh_CN/arm64/tagged-pointers.txt new file mode 100644 index 000000000000..2664d1bd5a1c --- /dev/null +++ b/Documentation/zh_CN/arm64/tagged-pointers.txt @@ -0,0 +1,52 @@ +Chinese translated version of Documentation/arm64/tagged-pointers.txt + +If you have any comment or update to the content, please contact the +original document maintainer directly. However, if you have a problem +communicating in English you can also ask the Chinese maintainer for +help. Contact the Chinese maintainer if this translation is outdated +or if there is a problem with the translation. + +Maintainer: Will Deacon +Chinese maintainer: Fu Wei +--------------------------------------------------------------------- +Documentation/arm64/tagged-pointers.txt 的中文翻译 + +如果想评论或更新本文的内容,请直接联系原文档的维护者。如果你使用英文 +交流有困难的话,也可以向中文版维护者求助。如果本翻译更新不及时或者翻 +译存在问题,请联系中文版维护者。 + +英文版维护者: Will Deacon +中文版维护者: 傅炜 Fu Wei +中文版翻译者: 傅炜 Fu Wei +中文版校译者: 傅炜 Fu Wei + +以下为正文 +--------------------------------------------------------------------- + Linux 在 AArch64 中带标记的虚拟地址 + ================================= + +作者: Will Deacon +日期: 2013 年 06 月 12 日 + +本文档简述了在 AArch64 地址转换系统中提供的带标记的虚拟地址及其在 +AArch64 Linux 中的潜在用途。 + +内核提供的地址转换表配置使通过 TTBR0 完成的虚拟地址转换(即用户空间 +映射),其虚拟地址的最高 8 位(63:56)会被转换硬件所忽略。这种机制 +让这些位可供应用程序自由使用,其注意事项如下: + + (1) 内核要求所有传递到 EL1 的用户空间地址带有 0x00 标记。 + 这意味着任何携带用户空间虚拟地址的系统调用(syscall) + 参数 *必须* 在陷入内核前使它们的最高字节被清零。 + + (2) 非零标记在传递信号时不被保存。这意味着在应用程序中利用了 + 标记的信号处理函数无法依赖 siginfo_t 的用户空间虚拟 + 地址所携带的包含其内部域信息的标记。此规则的一个例外是 + 当信号是在调试观察点的异常处理程序中产生的,此时标记的 + 信息将被保存。 + + (3) 当使用带标记的指针时需特别留心,因为仅对两个虚拟地址 + 的高字节,C 编译器很可能无法判断它们是不同的。 + +此构架会阻止对带标记的 PC 指针的利用,因此在异常返回时,其高字节 +将被设置成一个为 “55” 的扩展符。 From b0ab8a9030b655e02c5532d1f78b9ba9d9ff4420 Mon Sep 17 00:00:00 2001 From: Fu Wei Date: Tue, 28 Jan 2014 20:28:29 +0800 Subject: [PATCH 09/16] Documentation:Update Documentation/zh_CN/arm64/booting.txt This is a update of Chinese documentation: Documentation/zh_CN/arm64/booting.txt It is based on the modifications of Documentation/arm64/booting.txt in submission: "4d5e0b15", "4370eec0", "4fcd6e14". Update maintainer's Email address. Signed-off-by: Fu Wei Acked-by: Harry Wei Signed-off-by: Greg Kroah-Hartman --- Documentation/zh_CN/arm64/booting.txt | 65 +++++++++++++++++++-------- 1 file changed, 46 insertions(+), 19 deletions(-) diff --git a/Documentation/zh_CN/arm64/booting.txt b/Documentation/zh_CN/arm64/booting.txt index 28fa325b7461..6f6d956ac1c9 100644 --- a/Documentation/zh_CN/arm64/booting.txt +++ b/Documentation/zh_CN/arm64/booting.txt @@ -7,7 +7,7 @@ help. Contact the Chinese maintainer if this translation is outdated or if there is a problem with the translation. Maintainer: Will Deacon -Chinese maintainer: Fu Wei +Chinese maintainer: Fu Wei --------------------------------------------------------------------- Documentation/arm64/booting.txt 的中文翻译 @@ -16,9 +16,9 @@ Documentation/arm64/booting.txt 的中文翻译 译存在问题,请联系中文版维护者。 英文版维护者: Will Deacon -中文版维护者: 傅炜 Fu Wei -中文版翻译者: 傅炜 Fu Wei -中文版校译者: 傅炜 Fu Wei +中文版维护者: 傅炜 Fu Wei +中文版翻译者: 傅炜 Fu Wei +中文版校译者: 傅炜 Fu Wei 以下为正文 --------------------------------------------------------------------- @@ -64,8 +64,8 @@ RAM,或可能使用对这个设备已知的 RAM 信息,还可能使用任何 必要性: 强制 -设备树数据块(dtb)大小必须不大于 2 MB,且位于从内核映像起始算起第一个 -512MB 内的 2MB 边界上。这使得内核可以通过初始页表中的单个节描述符来 +设备树数据块(dtb)必须 8 字节对齐,并位于从内核映像起始算起第一个 512MB +内,且不得跨越 2MB 对齐边界。这使得内核可以通过初始页表中的单个节描述符来 映射此数据块。 @@ -84,13 +84,23 @@ AArch64 内核当前没有提供自解压代码,因此如果使用了压缩内 必要性: 强制 -已解压的内核映像包含一个 32 字节的头,内容如下: +已解压的内核映像包含一个 64 字节的头,内容如下: - u32 magic = 0x14000008; /* 跳转到 stext, 小端 */ - u32 res0 = 0; /* 保留 */ + u32 code0; /* 可执行代码 */ + u32 code1; /* 可执行代码 */ u64 text_offset; /* 映像装载偏移 */ + u64 res0 = 0; /* 保留 */ u64 res1 = 0; /* 保留 */ u64 res2 = 0; /* 保留 */ + u64 res3 = 0; /* 保留 */ + u64 res4 = 0; /* 保留 */ + u32 magic = 0x644d5241; /* 魔数, 小端, "ARM\x64" */ + u32 res5 = 0; /* 保留 */ + + +映像头注释: + +- code0/code1 负责跳转到 stext. 映像必须位于系统 RAM 起始处的特定偏移(当前是 0x80000)。系统 RAM 的起始地址必须是以 2MB 对齐的。 @@ -118,9 +128,9 @@ AArch64 内核当前没有提供自解压代码,因此如果使用了压缩内 外部高速缓存(如果存在)必须配置并禁用。 - 架构计时器 - CNTFRQ 必须设定为计时器的频率。 - 如果在 EL1 模式下进入内核,则 CNTHCTL_EL2 中的 EL1PCTEN (bit 0) - 必须置位。 + CNTFRQ 必须设定为计时器的频率,且 CNTVOFF 必须设定为对所有 CPU + 都一致的值。如果在 EL1 模式下进入内核,则 CNTHCTL_EL2 中的 + EL1PCTEN (bit 0) 必须置位。 - 一致性 通过内核启动的所有 CPU 在内核入口地址上必须处于相同的一致性域中。 @@ -131,23 +141,40 @@ AArch64 内核当前没有提供自解压代码,因此如果使用了压缩内 在进入内核映像的异常级中,所有构架中可写的系统寄存器必须通过软件 在一个更高的异常级别下初始化,以防止在 未知 状态下运行。 +以上对于 CPU 模式、高速缓存、MMU、架构计时器、一致性、系统寄存器的 +必要条件描述适用于所有 CPU。所有 CPU 必须在同一异常级别跳入内核。 + 引导装载程序必须在每个 CPU 处于以下状态时跳入内核入口: - 主 CPU 必须直接跳入内核映像的第一条指令。通过此 CPU 传递的设备树 - 数据块必须在每个 CPU 节点中包含以下内容: - - 1、‘enable-method’属性。目前,此字段支持的值仅为字符串“spin-table”。 - - 2、‘cpu-release-addr’标识一个 64-bit、初始化为零的内存位置。 + 数据块必须在每个 CPU 节点中包含一个 ‘enable-method’ 属性,所 + 支持的 enable-method 请见下文。 引导装载程序必须生成这些设备树属性,并在跳入内核入口之前将其插入 数据块。 -- 任何辅助 CPU 必须在内存保留区(通过设备树中的 /memreserve/ 域传递 +- enable-method 为 “spin-table” 的 CPU 必须在它们的 CPU + 节点中包含一个 ‘cpu-release-addr’ 属性。这个属性标识了一个 + 64 位自然对齐且初始化为零的内存位置。 + + 这些 CPU 必须在内存保留区(通过设备树中的 /memreserve/ 域传递 给内核)中自旋于内核之外,轮询它们的 cpu-release-addr 位置(必须 包含在保留区中)。可通过插入 wfe 指令来降低忙循环开销,而主 CPU 将 发出 sev 指令。当对 cpu-release-addr 所指位置的读取操作返回非零值 - 时,CPU 必须直接跳入此值所指向的地址。 + 时,CPU 必须跳入此值所指向的地址。此值为一个单独的 64 位小端值, + 因此 CPU 须在跳转前将所读取的值转换为其本身的端模式。 + +- enable-method 为 “psci” 的 CPU 保持在内核外(比如,在 + memory 节点中描述为内核空间的内存区外,或在通过设备树 /memreserve/ + 域中描述为内核保留区的空间中)。内核将会发起在 ARM 文档(编号 + ARM DEN 0022A:用于 ARM 上的电源状态协调接口系统软件)中描述的 + CPU_ON 调用来将 CPU 带入内核。 + + *译者注:到文档翻译时,此文档已更新为 ARM DEN 0022B。 + + 设备树必须包含一个 ‘psci’ 节点,请参考以下文档: + Documentation/devicetree/bindings/arm/psci.txt + - 辅助 CPU 通用寄存器设置 x0 = 0 (保留,将来可能使用) From d0f2a808b2f0fa6e115cc6f6c84bb4f29aa8af49 Mon Sep 17 00:00:00 2001 From: Fu Wei Date: Tue, 28 Jan 2014 20:14:29 +0800 Subject: [PATCH 10/16] Documentation:Update Documentation/zh_CN/arm64/memory.txt This is a update of Chinese documentation:Documentation/zh_CN/arm64/memory.txt It is based on the modifications of Documentation/arm64/memory.txt in submission: "2475ff9d", "847264fb", "aa4a73a0", "e29a074b". Update maintainer's Email address. Signed-off-by: Fu Wei Acked-by: Harry Wei Signed-off-by: Greg Kroah-Hartman --- Documentation/zh_CN/arm64/memory.txt | 46 ++++++++++++++++++++++++---- 1 file changed, 40 insertions(+), 6 deletions(-) diff --git a/Documentation/zh_CN/arm64/memory.txt b/Documentation/zh_CN/arm64/memory.txt index a5f6283829f9..a782704c1cb5 100644 --- a/Documentation/zh_CN/arm64/memory.txt +++ b/Documentation/zh_CN/arm64/memory.txt @@ -7,7 +7,7 @@ help. Contact the Chinese maintainer if this translation is outdated or if there is a problem with the translation. Maintainer: Catalin Marinas -Chinese maintainer: Fu Wei +Chinese maintainer: Fu Wei --------------------------------------------------------------------- Documentation/arm64/memory.txt 的中文翻译 @@ -16,9 +16,9 @@ Documentation/arm64/memory.txt 的中文翻译 译存在问题,请联系中文版维护者。 英文版维护者: Catalin Marinas -中文版维护者: 傅炜 Fu Wei -中文版翻译者: 傅炜 Fu Wei -中文版校译者: 傅炜 Fu Wei +中文版维护者: 傅炜 Fu Wei +中文版翻译者: 傅炜 Fu Wei +中文版校译者: 傅炜 Fu Wei 以下为正文 --------------------------------------------------------------------- @@ -41,7 +41,7 @@ AArch64 Linux 使用页大小为 4KB 的 3 级转换表配置,对于用户和 TTBR1 中,且从不写入 TTBR0。 -AArch64 Linux 内存布局: +AArch64 Linux 在页大小为 4KB 时的内存布局: 起始地址 结束地址 大小 用途 ----------------------------------------------------------------------- @@ -55,15 +55,42 @@ ffffffbc00000000 ffffffbdffffffff 8GB vmemmap ffffffbe00000000 ffffffbffbbfffff ~8GB [防护页,未来用于 vmmemap] +ffffffbffbc00000 ffffffbffbdfffff 2MB earlyprintk 设备 + ffffffbffbe00000 ffffffbffbe0ffff 64KB PCI I/O 空间 -ffffffbbffff0000 ffffffbcffffffff ~2MB [防护页] +ffffffbffbe10000 ffffffbcffffffff ~2MB [防护页] ffffffbffc000000 ffffffbfffffffff 64MB 模块 ffffffc000000000 ffffffffffffffff 256GB 内核逻辑内存映射 +AArch64 Linux 在页大小为 64KB 时的内存布局: + +起始地址 结束地址 大小 用途 +----------------------------------------------------------------------- +0000000000000000 000003ffffffffff 4TB 用户空间 + +fffffc0000000000 fffffdfbfffeffff ~2TB vmalloc + +fffffdfbffff0000 fffffdfbffffffff 64KB [防护页] + +fffffdfc00000000 fffffdfdffffffff 8GB vmemmap + +fffffdfe00000000 fffffdfffbbfffff ~8GB [防护页,未来用于 vmmemap] + +fffffdfffbc00000 fffffdfffbdfffff 2MB earlyprintk 设备 + +fffffdfffbe00000 fffffdfffbe0ffff 64KB PCI I/O 空间 + +fffffdfffbe10000 fffffdfffbffffff ~2MB [防护页] + +fffffdfffc000000 fffffdffffffffff 64MB 模块 + +fffffe0000000000 ffffffffffffffff 2TB 内核逻辑内存映射 + + 4KB 页大小的转换表查找: +--------+--------+--------+--------+--------+--------+--------+--------+ @@ -91,3 +118,10 @@ ffffffc000000000 ffffffffffffffff 256GB 内核逻辑内存映射 | | +--------------------------> [41:29] L2 索引 (仅使用 38:29 ) | +-------------------------------> [47:42] L1 索引 (未使用) +-------------------------------------------------> [63] TTBR0/1 + +当使用 KVM 时, 管理程序(hypervisor)在 EL2 中通过相对内核虚拟地址的 +一个固定偏移来映射内核页(内核虚拟地址的高 24 位设为零): + +起始地址 结束地址 大小 用途 +----------------------------------------------------------------------- +0000004000000000 0000007fffffffff 256GB 在 HYP 中映射的内核对象 From d913c7439add288b50752186b306634df2ae21e7 Mon Sep 17 00:00:00 2001 From: Christian Engelmayer Date: Sat, 25 Jan 2014 22:47:44 +0100 Subject: [PATCH 11/16] misc: genwqe: Fix potential memory leak when pinning memory Fix a memory leak in the genwqe_pin_mem() error path as called by ioctl GENWQE_PIN_MEM. In case there is an error encountered when mapping memory, the already allocated dma_mapping struct needs to be freed correctly. Detected by Coverity: CID 1162606. Signed-off-by: Christian Engelmayer Acked-by: Frank Haverkamp Signed-off-by: Greg Kroah-Hartman --- drivers/misc/genwqe/card_dev.c | 1 + 1 file changed, 1 insertion(+) diff --git a/drivers/misc/genwqe/card_dev.c b/drivers/misc/genwqe/card_dev.c index 8f8a6b327cdb..2c2c9cc75231 100644 --- a/drivers/misc/genwqe/card_dev.c +++ b/drivers/misc/genwqe/card_dev.c @@ -787,6 +787,7 @@ static int genwqe_pin_mem(struct genwqe_file *cfile, struct genwqe_mem *m) if (rc != 0) { dev_err(&pci_dev->dev, "[%s] genwqe_user_vmap rc=%d\n", __func__, rc); + kfree(dma_map); return rc; } From f0de8e04a7201a2000f3c6d09732c11e7f35d42d Mon Sep 17 00:00:00 2001 From: Maxime Ripard Date: Sun, 2 Feb 2014 14:52:05 +0100 Subject: [PATCH 12/16] misc: eeprom: sunxi: Add new compatibles The Allwinner A10 compatibles were following a slightly different compatible patterns than the rest of the SoCs for historical reasons. Add compatibles matching the other pattern to the SID driver for consistency, and keep the older one for backward compatibility. Signed-off-by: Maxime Ripard Signed-off-by: Greg Kroah-Hartman --- .../devicetree/bindings/misc/allwinner,sunxi-sid.txt | 5 +++-- drivers/misc/eeprom/sunxi_sid.c | 5 ++++- 2 files changed, 7 insertions(+), 3 deletions(-) diff --git a/Documentation/devicetree/bindings/misc/allwinner,sunxi-sid.txt b/Documentation/devicetree/bindings/misc/allwinner,sunxi-sid.txt index 68ba37295565..c10a61ad5f95 100644 --- a/Documentation/devicetree/bindings/misc/allwinner,sunxi-sid.txt +++ b/Documentation/devicetree/bindings/misc/allwinner,sunxi-sid.txt @@ -1,12 +1,13 @@ Allwinner sunxi-sid Required properties: -- compatible: "allwinner,sun4i-sid" or "allwinner,sun7i-a20-sid". +- compatible: "allwinner,sun4i-a10-sid" or "allwinner,sun7i-a20-sid" + (Deprecated: "allwinner,sun4i-sid"). - reg: Should contain registers location and length Example for sun4i: sid@01c23800 { - compatible = "allwinner,sun4i-sid"; + compatible = "allwinner,sun4i-a10-sid"; reg = <0x01c23800 0x10> }; diff --git a/drivers/misc/eeprom/sunxi_sid.c b/drivers/misc/eeprom/sunxi_sid.c index 9c34e5704304..e137e75a89e5 100644 --- a/drivers/misc/eeprom/sunxi_sid.c +++ b/drivers/misc/eeprom/sunxi_sid.c @@ -96,8 +96,11 @@ static int sunxi_sid_remove(struct platform_device *pdev) } static const struct of_device_id sunxi_sid_of_match[] = { - { .compatible = "allwinner,sun4i-sid", .data = (void *)16}, + { .compatible = "allwinner,sun4i-a10-sid", .data = (void *)16}, { .compatible = "allwinner,sun7i-a20-sid", .data = (void *)512}, + + /* Deprecated */ + { .compatible = "allwinner,sun4i-sid", .data = (void *)16}, {/* sentinel */}, }; MODULE_DEVICE_TABLE(of, sunxi_sid_of_match); From 01ab1167cd2d861d20195eda08505652c536df97 Mon Sep 17 00:00:00 2001 From: Maxime Ripard Date: Sun, 2 Feb 2014 14:52:06 +0100 Subject: [PATCH 13/16] ARM: sunxi: dt: Convert to the new SID compatibles Switch the device tree to the new compatibles introduced in the SID drivers to have a common pattern accross all Allwinner SoCs. Signed-off-by: Maxime Ripard Signed-off-by: Greg Kroah-Hartman --- arch/arm/boot/dts/sun4i-a10.dtsi | 2 +- arch/arm/boot/dts/sun5i-a10s.dtsi | 2 +- arch/arm/boot/dts/sun5i-a13.dtsi | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/arch/arm/boot/dts/sun4i-a10.dtsi b/arch/arm/boot/dts/sun4i-a10.dtsi index 040bb0eba152..7b10f85ef988 100644 --- a/arch/arm/boot/dts/sun4i-a10.dtsi +++ b/arch/arm/boot/dts/sun4i-a10.dtsi @@ -421,7 +421,7 @@ rtc: rtc@01c20d00 { }; sid: eeprom@01c23800 { - compatible = "allwinner,sun4i-sid"; + compatible = "allwinner,sun4i-a10-sid"; reg = <0x01c23800 0x10>; }; diff --git a/arch/arm/boot/dts/sun5i-a10s.dtsi b/arch/arm/boot/dts/sun5i-a10s.dtsi index ea16054857a4..6d287a0dac5d 100644 --- a/arch/arm/boot/dts/sun5i-a10s.dtsi +++ b/arch/arm/boot/dts/sun5i-a10s.dtsi @@ -378,7 +378,7 @@ wdt: watchdog@01c20c90 { }; sid: eeprom@01c23800 { - compatible = "allwinner,sun4i-sid"; + compatible = "allwinner,sun4i-a10-sid"; reg = <0x01c23800 0x10>; }; diff --git a/arch/arm/boot/dts/sun5i-a13.dtsi b/arch/arm/boot/dts/sun5i-a13.dtsi index 320335abfccd..f49eb13c33c3 100644 --- a/arch/arm/boot/dts/sun5i-a13.dtsi +++ b/arch/arm/boot/dts/sun5i-a13.dtsi @@ -341,7 +341,7 @@ wdt: watchdog@01c20c90 { }; sid: eeprom@01c23800 { - compatible = "allwinner,sun4i-sid"; + compatible = "allwinner,sun4i-a10-sid"; reg = <0x01c23800 0x10>; }; From 3b1cc9b9622a022208ec95b1259b05bbdf712eb7 Mon Sep 17 00:00:00 2001 From: Sudeep Dutt Date: Mon, 3 Feb 2014 14:53:19 -0800 Subject: [PATCH 14/16] misc: mic: fix possible signed underflow (undefined behavior) in userspace API iovcnt is declared as a signed integer in both the userspace API and as a local variable in mic_virtio.c. The while() loop in mic_virtio.c iterates until the local variable iovcnt reaches the value 0. If userspace passes e.g. INT_MIN as iovcnt field, this loop then appears to depend on an undefined behavior (signed underflow) to complete. The fix is to use unsigned integers in both the userspace API and the local variable. This issue was reported @ https://lkml.org/lkml/2014/1/10/10 Reported-by: Mathieu Desnoyers Reviewed-by: Ashutosh Dixit Signed-off-by: Sudeep Dutt Cc: stable Signed-off-by: Greg Kroah-Hartman --- drivers/misc/mic/host/mic_virtio.c | 3 ++- include/uapi/linux/mic_ioctl.h | 2 +- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/drivers/misc/mic/host/mic_virtio.c b/drivers/misc/mic/host/mic_virtio.c index 752ff873f891..7e1ef0ebbb80 100644 --- a/drivers/misc/mic/host/mic_virtio.c +++ b/drivers/misc/mic/host/mic_virtio.c @@ -156,7 +156,8 @@ static int mic_vringh_copy(struct mic_vdev *mvdev, struct vringh_kiov *iov, static int _mic_virtio_copy(struct mic_vdev *mvdev, struct mic_copy_desc *copy) { - int ret = 0, iovcnt = copy->iovcnt; + int ret = 0; + u32 iovcnt = copy->iovcnt; struct iovec iov; struct iovec __user *u_iov = copy->iov; void __user *ubuf = NULL; diff --git a/include/uapi/linux/mic_ioctl.h b/include/uapi/linux/mic_ioctl.h index 7fabba5059cf..feb0b4c0814c 100644 --- a/include/uapi/linux/mic_ioctl.h +++ b/include/uapi/linux/mic_ioctl.h @@ -39,7 +39,7 @@ struct mic_copy_desc { #else struct iovec *iov; #endif - int iovcnt; + __u32 iovcnt; __u8 vr_idx; __u8 update_used; __u32 out_len; From 8c442794b2e7e3e2c7c15cc7d3a1b550ce99ac88 Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman Date: Fri, 14 Feb 2014 11:15:40 -0800 Subject: [PATCH 15/16] Revert "ARM: sunxi: dt: Convert to the new SID compatibles" This reverts commit 01ab1167cd2d861d20195eda08505652c536df97, it is incorrect, a future patch will fix this up properly. Cc: Maxime Ripard Signed-off-by: Greg Kroah-Hartman --- arch/arm/boot/dts/sun4i-a10.dtsi | 2 +- arch/arm/boot/dts/sun5i-a10s.dtsi | 2 +- arch/arm/boot/dts/sun5i-a13.dtsi | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/arch/arm/boot/dts/sun4i-a10.dtsi b/arch/arm/boot/dts/sun4i-a10.dtsi index 7b10f85ef988..040bb0eba152 100644 --- a/arch/arm/boot/dts/sun4i-a10.dtsi +++ b/arch/arm/boot/dts/sun4i-a10.dtsi @@ -421,7 +421,7 @@ rtc: rtc@01c20d00 { }; sid: eeprom@01c23800 { - compatible = "allwinner,sun4i-a10-sid"; + compatible = "allwinner,sun4i-sid"; reg = <0x01c23800 0x10>; }; diff --git a/arch/arm/boot/dts/sun5i-a10s.dtsi b/arch/arm/boot/dts/sun5i-a10s.dtsi index 6d287a0dac5d..ea16054857a4 100644 --- a/arch/arm/boot/dts/sun5i-a10s.dtsi +++ b/arch/arm/boot/dts/sun5i-a10s.dtsi @@ -378,7 +378,7 @@ wdt: watchdog@01c20c90 { }; sid: eeprom@01c23800 { - compatible = "allwinner,sun4i-a10-sid"; + compatible = "allwinner,sun4i-sid"; reg = <0x01c23800 0x10>; }; diff --git a/arch/arm/boot/dts/sun5i-a13.dtsi b/arch/arm/boot/dts/sun5i-a13.dtsi index f49eb13c33c3..320335abfccd 100644 --- a/arch/arm/boot/dts/sun5i-a13.dtsi +++ b/arch/arm/boot/dts/sun5i-a13.dtsi @@ -341,7 +341,7 @@ wdt: watchdog@01c20c90 { }; sid: eeprom@01c23800 { - compatible = "allwinner,sun4i-a10-sid"; + compatible = "allwinner,sun4i-sid"; reg = <0x01c23800 0x10>; }; From bf7471038840547c9328291b4d9d91c55581dcb8 Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman Date: Fri, 14 Feb 2014 11:16:08 -0800 Subject: [PATCH 16/16] Revert "misc: eeprom: sunxi: Add new compatibles" This reverts commit f0de8e04a7201a2000f3c6d09732c11e7f35d42d, it is incorrect, a future patch will fix this up properly. Cc: Maxime Ripard Signed-off-by: Greg Kroah-Hartman --- .../devicetree/bindings/misc/allwinner,sunxi-sid.txt | 5 ++--- drivers/misc/eeprom/sunxi_sid.c | 5 +---- 2 files changed, 3 insertions(+), 7 deletions(-) diff --git a/Documentation/devicetree/bindings/misc/allwinner,sunxi-sid.txt b/Documentation/devicetree/bindings/misc/allwinner,sunxi-sid.txt index c10a61ad5f95..68ba37295565 100644 --- a/Documentation/devicetree/bindings/misc/allwinner,sunxi-sid.txt +++ b/Documentation/devicetree/bindings/misc/allwinner,sunxi-sid.txt @@ -1,13 +1,12 @@ Allwinner sunxi-sid Required properties: -- compatible: "allwinner,sun4i-a10-sid" or "allwinner,sun7i-a20-sid" - (Deprecated: "allwinner,sun4i-sid"). +- compatible: "allwinner,sun4i-sid" or "allwinner,sun7i-a20-sid". - reg: Should contain registers location and length Example for sun4i: sid@01c23800 { - compatible = "allwinner,sun4i-a10-sid"; + compatible = "allwinner,sun4i-sid"; reg = <0x01c23800 0x10> }; diff --git a/drivers/misc/eeprom/sunxi_sid.c b/drivers/misc/eeprom/sunxi_sid.c index e137e75a89e5..9c34e5704304 100644 --- a/drivers/misc/eeprom/sunxi_sid.c +++ b/drivers/misc/eeprom/sunxi_sid.c @@ -96,11 +96,8 @@ static int sunxi_sid_remove(struct platform_device *pdev) } static const struct of_device_id sunxi_sid_of_match[] = { - { .compatible = "allwinner,sun4i-a10-sid", .data = (void *)16}, - { .compatible = "allwinner,sun7i-a20-sid", .data = (void *)512}, - - /* Deprecated */ { .compatible = "allwinner,sun4i-sid", .data = (void *)16}, + { .compatible = "allwinner,sun7i-a20-sid", .data = (void *)512}, {/* sentinel */}, }; MODULE_DEVICE_TABLE(of, sunxi_sid_of_match);