RFC: ARM: fix the uaccess crash on PB11MPCore

Message ID	1468256893-12811-1-git-send-email-linus.walleij@linaro.org
State	Superseded
Headers	show Delivered-To: patch@linaro.org Received-SPF: pass (google.com: best guess record for domain of linux-arm-kernel-bounces+patch=linaro.org@lists.infradead.org designates 2001:1868:205::9 as permitted sender) client-ip=2001:1868:205::9; From: Linus Walleij <linus.walleij@linaro.org> To: linux-arm-kernel@lists.infradead.org, Neil Armstrong <narmstrong@baylibre.com>, Russell King <linux@armlinux.org.uk> Subject: [PATCH] RFC: ARM: fix the uaccess crash on PB11MPCore Date: Mon, 11 Jul 2016 19:08:13 +0200 Message-Id: <1468256893-12811-1-git-send-email-linus.walleij@linaro.org> summary: Content analysis details: (-2.7 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at http://www.dnswl.org/, low trust [2a00:1450:4010:c07:0:0:0:22d listed in] [list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record -1.9 BAYES_00 BODY: Bayes spam probability is 0 to 1% [score: 0.0000] -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid Precedence: list Cc: Linus Walleij <linus.walleij@linaro.org>, Will Deacon <will.deacon@arm.com> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: "linux-arm-kernel" <linux-arm-kernel-bounces@lists.infradead.org> Errors-To: linux-arm-kernel-bounces+patch=linaro.org@lists.infradead.org

Linus Walleij July 11, 2016, 5:08 p.m. UTC

The following patch was sketched by Russell in response to my
crashes on the PB11MPCore after the patch for software-based
priviledged no access support for ARMv8.1. See this thread:
http://marc.info/?l=linux-arm-kernel&m=144051749807214&w=2

I am unsure what is going on, I suspect everyone involved in
the discussion is. I just want to repost this to get the
discussion restarted, as I still have to apply this patch
with every kernel iteration to get my PB11MPCore Realview
running.

I also know that Oxnas has actual, mass-deployed NAS (PogoPlug
Pro variants) using PB11MPCore, and that they may or may not
be seeing the same issue so I want their feedback on this: do
you or do you not see this with mainline, or have you not even
tested?

Cc: Russell King <linux@armlinux.org.uk>
Cc: Will Deacon <will.deacon@arm.com>
Cc: Neil Armstrong <narmstrong@baylibre.com>
Fixes: a5e090acbf54 ("ARM: software-based priviledged-no-access support")
Signed-off-by: Linus Walleij <linus.walleij@linaro.org>

---
 arch/arm/kernel/smp_tlb.c | 7 +++++++
 1 file changed, 7 insertions(+)

-- 
2.7.4


_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel

Neil Armstrong July 12, 2016, 11:27 a.m. UTC | #1

2016-07-11 19:08 GMT+02:00 Linus Walleij <linus.walleij@linaro.org>:
> The following patch was sketched by Russell in response to my

> crashes on the PB11MPCore after the patch for software-based

> priviledged no access support for ARMv8.1. See this thread:

> http://marc.info/?l=linux-arm-kernel&m=144051749807214&w=2

>

> I am unsure what is going on, I suspect everyone involved in

> the discussion is. I just want to repost this to get the

> discussion restarted, as I still have to apply this patch

> with every kernel iteration to get my PB11MPCore Realview

> running.

>

> I also know that Oxnas has actual, mass-deployed NAS (PogoPlug

> Pro variants) using PB11MPCore, and that they may or may not

> be seeing the same issue so I want their feedback on this: do

> you or do you not see this with mainline, or have you not even

> tested?


Hi Linus,

Actually the last off-tree support of the OX820 is on 4.4, and I do
not personally own a OX820 based device,
but I'm in he process of finding one to achieve upstream support along
the Ox810.

My comment over this patch is like yours, isn't there a way to narrow
such changes to ARMv6+SMP enabled kernels ? It would be a pity to have
such workaround enabled for V7 only kernels.

Neil

>

> Cc: Russell King <linux@armlinux.org.uk>

> Cc: Will Deacon <will.deacon@arm.com>

> Cc: Neil Armstrong <narmstrong@baylibre.com>

> Fixes: a5e090acbf54 ("ARM: software-based priviledged-no-access support")

> Signed-off-by: Linus Walleij <linus.walleij@linaro.org>

> ---

>  arch/arm/kernel/smp_tlb.c | 7 +++++++

>  1 file changed, 7 insertions(+)

>

> diff --git a/arch/arm/kernel/smp_tlb.c b/arch/arm/kernel/smp_tlb.c

> index 2e72be4f623e..7cb079e74010 100644

> --- a/arch/arm/kernel/smp_tlb.c

> +++ b/arch/arm/kernel/smp_tlb.c

> @@ -9,6 +9,7 @@

>   */

>  #include <linux/preempt.h>

>  #include <linux/smp.h>

> +#include <linux/uaccess.h>

>

>  #include <asm/smp_plat.h>

>  #include <asm/tlbflush.h>

> @@ -40,8 +41,11 @@ static inline void ipi_flush_tlb_mm(void *arg)

>  static inline void ipi_flush_tlb_page(void *arg)

>  {

>         struct tlb_args *ta = (struct tlb_args *)arg;

> +       unsigned int __ua_flags = uaccess_save_and_enable();

>

>         local_flush_tlb_page(ta->ta_vma, ta->ta_start);

> +

> +       uaccess_restore(__ua_flags);

>  }

>

>  static inline void ipi_flush_tlb_kernel_page(void *arg)

> @@ -54,8 +58,11 @@ static inline void ipi_flush_tlb_kernel_page(void *arg)

>  static inline void ipi_flush_tlb_range(void *arg)

>  {

>         struct tlb_args *ta = (struct tlb_args *)arg;

> +       unsigned int __ua_flags = uaccess_save_and_enable();

>

>         local_flush_tlb_range(ta->ta_vma, ta->ta_start, ta->ta_end);

> +

> +       uaccess_restore(__ua_flags);

>  }

>

>  static inline void ipi_flush_tlb_kernel_range(void *arg)

> --

> 2.7.4

>




-- 
Neil Armstrong
Embedded Linux Software Engineer
BayLibre - At the Heart of Embedded Linux
www.baylibre.com

_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel

Arnd Bergmann July 12, 2016, 11:53 a.m. UTC | #2

On Tuesday, July 12, 2016 1:27:11 PM CEST Neil Armstrong wrote:
> 2016-07-11 19:08 GMT+02:00 Linus Walleij <linus.walleij@linaro.org>:

> > The following patch was sketched by Russell in response to my

> > crashes on the PB11MPCore after the patch for software-based

> > priviledged no access support for ARMv8.1. See this thread:

> > http://marc.info/?l=linux-arm-kernel&m=144051749807214&w=2

> >

> > I am unsure what is going on, I suspect everyone involved in

> > the discussion is. I just want to repost this to get the

> > discussion restarted, as I still have to apply this patch

> > with every kernel iteration to get my PB11MPCore Realview

> > running.

> >

> > I also know that Oxnas has actual, mass-deployed NAS (PogoPlug

> > Pro variants) using PB11MPCore, and that they may or may not

> > be seeing the same issue so I want their feedback on this: do

> > you or do you not see this with mainline, or have you not even

> > tested?

> 

> Hi Linus,

> 

> Actually the last off-tree support of the OX820 is on 4.4, and I do

> not personally own a OX820 based device,

> but I'm in he process of finding one to achieve upstream support along

> the Ox810.

> 


The Aldi NAS boxes (NAS-212) are widely available on ebay in Germany,
there is even a shop that sells both the Pogoplug and the Medion
machine with Debian preinstalled: http://www.ebay.de/sch/it-shop-rm/m.html

If you need help getting one, you can send it to me and I forward
it to your French address.

	Arnd

_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel

Neil Armstrong July 20, 2016, 8:08 a.m. UTC | #3

On 07/12/2016 01:53 PM, Arnd Bergmann wrote:
> On Tuesday, July 12, 2016 1:27:11 PM CEST Neil Armstrong wrote:

>> 2016-07-11 19:08 GMT+02:00 Linus Walleij <linus.walleij@linaro.org>:

>>> The following patch was sketched by Russell in response to my

>>> crashes on the PB11MPCore after the patch for software-based

>>> priviledged no access support for ARMv8.1. See this thread:

>>> http://marc.info/?l=linux-arm-kernel&m=144051749807214&w=2

>>>

>>> I am unsure what is going on, I suspect everyone involved in

>>> the discussion is. I just want to repost this to get the

>>> discussion restarted, as I still have to apply this patch

>>> with every kernel iteration to get my PB11MPCore Realview

>>> running.

>>>

>>> I also know that Oxnas has actual, mass-deployed NAS (PogoPlug

>>> Pro variants) using PB11MPCore, and that they may or may not

>>> be seeing the same issue so I want their feedback on this: do

>>> you or do you not see this with mainline, or have you not even

>>> tested?

>>

>> Hi Linus,

>>

>> Actually the last off-tree support of the OX820 is on 4.4, and I do

>> not personally own a OX820 based device,

>> but I'm in he process of finding one to achieve upstream support along

>> the Ox810.

>>

> 

> The Aldi NAS boxes (NAS-212) are widely available on ebay in Germany,

> there is even a shop that sells both the Pogoplug and the Medion

> machine with Debian preinstalled: http://www.ebay.de/sch/it-shop-rm/m.html

> 

> If you need help getting one, you can send it to me and I forward

> it to your French address.

> 

> 	Arnd

> 


Arnd,

Thanks, I got a Pogoplug V3 and have access to the serial line, I will
forward port the 4.4 openwrt kernel to 4.7 ASAP and try to reproduce the bug
encountered by Linus.

Neil

_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel

Neil Armstrong Sept. 9, 2016, 7:57 a.m. UTC | #4

On 07/11/2016 07:08 PM, Linus Walleij wrote:
> The following patch was sketched by Russell in response to my

> crashes on the PB11MPCore after the patch for software-based

> priviledged no access support for ARMv8.1. See this thread:

> http://marc.info/?l=linux-arm-kernel&m=144051749807214&w=2

> 

> I am unsure what is going on, I suspect everyone involved in

> the discussion is. I just want to repost this to get the

> discussion restarted, as I still have to apply this patch

> with every kernel iteration to get my PB11MPCore Realview

> running.

> 

> I also know that Oxnas has actual, mass-deployed NAS (PogoPlug

> Pro variants) using PB11MPCore, and that they may or may not

> be seeing the same issue so I want their feedback on this: do

> you or do you not see this with mainline, or have you not even

> tested?

> 

> Cc: Russell King <linux@armlinux.org.uk>

> Cc: Will Deacon <will.deacon@arm.com>

> Cc: Neil Armstrong <narmstrong@baylibre.com>

> Fixes: a5e090acbf54 ("ARM: software-based priviledged-no-access support")

> Signed-off-by: Linus Walleij <linus.walleij@linaro.org>

> ---

>  arch/arm/kernel/smp_tlb.c | 7 +++++++

>  1 file changed, 7 insertions(+)


Hi Linus, Russell, Arnd,

I made a quick port ox OX820 over v4.8-rc4 and when enabling CONFIG_CPU_SW_DOMAIN_PAN
I get the following trace at boot time :
[    1.690000] Unable to handle kernel paging request at virtual address b6f23684
[    1.690000] Unable to handle kernel paging request at virtual address b6f95ef4
[    1.690000] pgd = c281c000
[    1.690000] [b6f95ef4] *pgd=62821831, *pte=00000000, *ppte=00000000
[    1.690000] Internal error: Oops: 81f [#1] SMP ARM
[    1.690000] Modules linked in:
[    1.690000] CPU: 1 PID: 65 Comm: mount Not tainted 4.8.0-rc4-00001-g0e9c45d-dirty #22
[    1.690000] Hardware name: Generic DT based system
[    1.690000] task: c2aad860 task.stack: c2814000
[    1.690000] PC is at ipi_flush_tlb_page+0x34/0x44
[    1.690000] LR is at on_each_cpu_mask+0x58/0x60
[    1.690000] pc : [<c010d3dc>]    lr : [<c017d584>]    psr: 20000193
[    1.690000] sp : c2815da0  ip : 00000002  fp : 00067c40
[    1.690000] r10: c0702744  r9 : 67c4079f  r8 : 67c9e75f
[    1.690000] r7 : c2815dbc  r6 : c010d3a8  r5 : c2816164  r4 : 20000113
[    1.690000] r3 : 00000000  r2 : b6f95003  r1 : 00000003  r0 : 00000003
[    1.690000] Flags: nzCv  IRQs off  FIQs on  Mode SVC_32  ISA ARM  Segment none
[    1.690000] Control: 00c5787d  Table: 6281c00a  DAC: 00000051
[    1.690000] Process mount (pid: 65, stack limit = 0xc2814190)
[    1.690000] Stack: (0xc2815da0 to 0xc2816000)
[...]
[    1.690000] ---[ end trace 8f1207a6d611da09 ]---

When applying this patch, it solved the issue.

Tested-by: Neil Armstrong <narmstrong@baylibre.com>


Neil


_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel

Linus Walleij Sept. 12, 2016, 1:36 p.m. UTC | #5

On Fri, Sep 9, 2016 at 9:57 AM, Neil Armstrong <narmstrong@baylibre.com> wrote:
> On 07/11/2016 07:08 PM, Linus Walleij wrote:


>> The following patch was sketched by Russell in response to my

>> crashes on the PB11MPCore after the patch for software-based

>> priviledged no access support for ARMv8.1. See this thread:

>> http://marc.info/?l=linux-arm-kernel&m=144051749807214&w=2

>>

>> I am unsure what is going on, I suspect everyone involved in

>> the discussion is. I just want to repost this to get the

>> discussion restarted, as I still have to apply this patch

>> with every kernel iteration to get my PB11MPCore Realview

>> running.

>>

>> I also know that Oxnas has actual, mass-deployed NAS (PogoPlug

>> Pro variants) using PB11MPCore, and that they may or may not

>> be seeing the same issue so I want their feedback on this: do

>> you or do you not see this with mainline, or have you not even

>> tested?

>>

>> Cc: Russell King <linux@armlinux.org.uk>

>> Cc: Will Deacon <will.deacon@arm.com>

>> Cc: Neil Armstrong <narmstrong@baylibre.com>

>> Fixes: a5e090acbf54 ("ARM: software-based priviledged-no-access support")

>> Signed-off-by: Linus Walleij <linus.walleij@linaro.org>

>> ---

>>  arch/arm/kernel/smp_tlb.c | 7 +++++++

>>  1 file changed, 7 insertions(+)

>

> Hi Linus, Russell, Arnd,

>

> I made a quick port ox OX820 over v4.8-rc4 and when enabling CONFIG_CPU_SW_DOMAIN_PAN

> I get the following trace at boot time :

> [    1.690000] Unable to handle kernel paging request at virtual address b6f23684

> [    1.690000] Unable to handle kernel paging request at virtual address b6f95ef4

> [    1.690000] pgd = c281c000

> [    1.690000] [b6f95ef4] *pgd=62821831, *pte=00000000, *ppte=00000000

> [    1.690000] Internal error: Oops: 81f [#1] SMP ARM

> [    1.690000] Modules linked in:

> [    1.690000] CPU: 1 PID: 65 Comm: mount Not tainted 4.8.0-rc4-00001-g0e9c45d-dirty #22

> [    1.690000] Hardware name: Generic DT based system

> [    1.690000] task: c2aad860 task.stack: c2814000

> [    1.690000] PC is at ipi_flush_tlb_page+0x34/0x44

> [    1.690000] LR is at on_each_cpu_mask+0x58/0x60

> [    1.690000] pc : [<c010d3dc>]    lr : [<c017d584>]    psr: 20000193

> [    1.690000] sp : c2815da0  ip : 00000002  fp : 00067c40

> [    1.690000] r10: c0702744  r9 : 67c4079f  r8 : 67c9e75f

> [    1.690000] r7 : c2815dbc  r6 : c010d3a8  r5 : c2816164  r4 : 20000113

> [    1.690000] r3 : 00000000  r2 : b6f95003  r1 : 00000003  r0 : 00000003

> [    1.690000] Flags: nzCv  IRQs off  FIQs on  Mode SVC_32  ISA ARM  Segment none

> [    1.690000] Control: 00c5787d  Table: 6281c00a  DAC: 00000051

> [    1.690000] Process mount (pid: 65, stack limit = 0xc2814190)

> [    1.690000] Stack: (0xc2815da0 to 0xc2816000)

> [...]

> [    1.690000] ---[ end trace 8f1207a6d611da09 ]---

>

> When applying this patch, it solved the issue.

>

> Tested-by: Neil Armstrong <narmstrong@baylibre.com>


So this problem appears on all ARM11MPcore, not just the RealView.

Yours,
Linus Walleij

_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel

Neil Armstrong Oct. 17, 2016, 8:30 a.m. UTC | #6

On 09/12/2016 03:36 PM, Linus Walleij wrote:
> On Fri, Sep 9, 2016 at 9:57 AM, Neil Armstrong <narmstrong@baylibre.com> wrote:

>> On 07/11/2016 07:08 PM, Linus Walleij wrote:

> 

>>> The following patch was sketched by Russell in response to my

>>> crashes on the PB11MPCore after the patch for software-based

>>> priviledged no access support for ARMv8.1. See this thread:

>>> http://marc.info/?l=linux-arm-kernel&m=144051749807214&w=2

>>>

>>> I am unsure what is going on, I suspect everyone involved in

>>> the discussion is. I just want to repost this to get the

>>> discussion restarted, as I still have to apply this patch

>>> with every kernel iteration to get my PB11MPCore Realview

>>> running.

>>>

>>> I also know that Oxnas has actual, mass-deployed NAS (PogoPlug

>>> Pro variants) using PB11MPCore, and that they may or may not

>>> be seeing the same issue so I want their feedback on this: do

>>> you or do you not see this with mainline, or have you not even

>>> tested?

>>>

>>> Cc: Russell King <linux@armlinux.org.uk>

>>> Cc: Will Deacon <will.deacon@arm.com>

>>> Cc: Neil Armstrong <narmstrong@baylibre.com>

>>> Fixes: a5e090acbf54 ("ARM: software-based priviledged-no-access support")

>>> Signed-off-by: Linus Walleij <linus.walleij@linaro.org>

>>> ---

>>>  arch/arm/kernel/smp_tlb.c | 7 +++++++

>>>  1 file changed, 7 insertions(+)

>>

>> Hi Linus, Russell, Arnd,

>>

>> I made a quick port ox OX820 over v4.8-rc4 and when enabling CONFIG_CPU_SW_DOMAIN_PAN

>> I get the following trace at boot time :

>> [    1.690000] Unable to handle kernel paging request at virtual address b6f23684

>> [    1.690000] Unable to handle kernel paging request at virtual address b6f95ef4

>> [    1.690000] pgd = c281c000

>> [    1.690000] [b6f95ef4] *pgd=62821831, *pte=00000000, *ppte=00000000

>> [    1.690000] Internal error: Oops: 81f [#1] SMP ARM

>> [    1.690000] Modules linked in:

>> [    1.690000] CPU: 1 PID: 65 Comm: mount Not tainted 4.8.0-rc4-00001-g0e9c45d-dirty #22

>> [    1.690000] Hardware name: Generic DT based system

>> [    1.690000] task: c2aad860 task.stack: c2814000

>> [    1.690000] PC is at ipi_flush_tlb_page+0x34/0x44

>> [    1.690000] LR is at on_each_cpu_mask+0x58/0x60

>> [    1.690000] pc : [<c010d3dc>]    lr : [<c017d584>]    psr: 20000193

>> [    1.690000] sp : c2815da0  ip : 00000002  fp : 00067c40

>> [    1.690000] r10: c0702744  r9 : 67c4079f  r8 : 67c9e75f

>> [    1.690000] r7 : c2815dbc  r6 : c010d3a8  r5 : c2816164  r4 : 20000113

>> [    1.690000] r3 : 00000000  r2 : b6f95003  r1 : 00000003  r0 : 00000003

>> [    1.690000] Flags: nzCv  IRQs off  FIQs on  Mode SVC_32  ISA ARM  Segment none

>> [    1.690000] Control: 00c5787d  Table: 6281c00a  DAC: 00000051

>> [    1.690000] Process mount (pid: 65, stack limit = 0xc2814190)

>> [    1.690000] Stack: (0xc2815da0 to 0xc2816000)

>> [...]

>> [    1.690000] ---[ end trace 8f1207a6d611da09 ]---

>>

>> When applying this patch, it solved the issue.

>>

>> Tested-by: Neil Armstrong <narmstrong@baylibre.com>

> 

> So this problem appears on all ARM11MPcore, not just the RealView.

> 

> Yours,

> Linus Walleij

> 


Hi Russell,

Is there a plan to push this fix as it appears to break the Realview platform and the OX820 I am currently pushing ?

Thanks,
Neil


_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel

RFC: ARM: fix the uaccess crash on PB11MPCore

Commit Message

Comments

Patch