| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
James Hogan has become inactive for a long time and leaves KVM for MIPS
orphan. I'm working on KVM/Loongson and attempt to make it upstream both
in kernel and QEMU, while Aleksandar Markovic is already a maintainer of
QEMU/MIPS. We are both interested in QEMU/KVM/MIPS, and we have already
made some contributions in kernel and QEMU. If possible, we want to take
the KVM/MIPS maintainership.
Reviewed-by: Jiaxun Yang <jiaxun.yang@flygoat.com>
Reviewed-by: Aleksandar Markovic <aleksandar.qemu.devel@gmail.com>
Signed-off-by: Huacai Chen <chenhc@lemote.com>
Signed-off-by: Thomas Bogendoerfer <tsbogend@alpha.franken.de>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Update Loongson-3's default config file:
1, Adjust NR_CPUS to 16;
2, Add a built-in cmdline "ieee754=relaxed";
3, Enable MSA, CGROUPS, NAMESPACES, KVM, and XFS support;
4, Enable all possible virtio drivers to support KVM Host/Guest;
5, Enable all necessary netfilter modules to support virtual network;
Signed-off-by: Huacai Chen <chenhc@lemote.com>
Signed-off-by: Thomas Bogendoerfer <tsbogend@alpha.franken.de>
|
| |
|
|
|
|
|
|
| |
Loongson-3 KVM guest is based on virtio, it use liointc as its interrupt
controller and use GPEX as the pci controller.
Signed-off-by: Huacai Chen <chenhc@lemote.com>
Signed-off-by: Thomas Bogendoerfer <tsbogend@alpha.franken.de>
|
| |
|
|
|
|
|
|
|
| |
Document loongson64v-4core-virtio, a virtio based kvm guest board for
Loongson-3.
Signed-off-by: Huacai Chen <chenhc@lemote.com>
Signed-off-by: Jiaxun Yang <jiaxun.yang@flygoat.com>
Signed-off-by: Thomas Bogendoerfer <tsbogend@alpha.franken.de>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Newer Loongson cores (Loongson-3A R2 and newer) use the
implementation-dependent ExcCode 16 to signal Loongson-specific
exceptions. The extended cause is put in the non-standard CP0.Diag1
register which is CP0 Register 22 Select 1, called GSCause in Loongson
manuals. Inside is an exception code bitfield called GSExcCode, only
codes 0 to 6 inclusive are documented (so far, in the Loongson 3A3000
User Manual, Volume 2).
During experiments, it was found that some undocumented unprivileged
instructions can trigger the also-undocumented GSExcCode 8 on Loongson
3A4000. Processor state is not corrupted, but we cannot continue without
further knowledge, and Loongson is not providing that information as of
this writing. So we send SIGILL on seeing this exception code to thwart
easy local DoS attacks.
Other exception codes are made fatal, partly because of insufficient
knowledge, also partly because they are not as easily reproduced. None
of them are encountered in the wild with upstream kernels and userspace
so far.
Some older cores (Loongson-3A1000 and Loongson-3B1500) have ExcCode 16
too, but the semantic is equivalent to GSExcCode 0. Because the
respective manuals did not mention the CP0.Diag1 register or its read
behavior, these cores are not covered in this patch, as MFC0 from
non-existent CP0 registers is UNDEFINED according to the MIPS
architecture spec.
Reviewed-by: Huacai Chen <chenhc@lemote.com>
Signed-off-by: WANG Xuerui <git@xen0n.name>
Cc: Huacai Chen <chenhc@lemote.com>
Cc: Jiaxun Yang <jiaxun.yang@flygoat.com>
Cc: Tiezhu Yang <yangtiezhu@loongson.cn>
Signed-off-by: Thomas Bogendoerfer <tsbogend@alpha.franken.de>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
This 32-bit CP0 register is named GSCause in Loongson manuals. It carries
Loongson extended exception information. We name it Diag1 because we
fear the "GSCause" name might get changed in the future.
Reviewed-by: Huacai Chen <chenhc@lemote.com>
Signed-off-by: WANG Xuerui <git@xen0n.name>
Cc: Huacai Chen <chenhc@lemote.com>
Cc: Jiaxun Yang <jiaxun.yang@flygoat.com>
Cc: Tiezhu Yang <yangtiezhu@loongson.cn>
Signed-off-by: Thomas Bogendoerfer <tsbogend@alpha.franken.de>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Previously ExcCode 16 is unconditionally treated as the FTLB parity
exception (FTLBPar), but in fact its semantic is implementation-
dependent. Looking at various manuals it seems the FTLBPar exception is
only present on some recent MIPS Technologies cores, so only register
the handler on these.
Fixes: 75b5b5e0a262790f ("MIPS: Add support for FTLBs")
Reviewed-by: Huacai Chen <chenhc@lemote.com>
Signed-off-by: WANG Xuerui <git@xen0n.name>
Cc: Paul Burton <paulburton@kernel.org>
Signed-off-by: Thomas Bogendoerfer <tsbogend@alpha.franken.de>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Old Device Tree for the qi,lb60 (aka. Ben Nanonote) did not have a
'memory' node. The kernel would then read the memory controller
registers to know how much RAM was available.
Since every other supported board has had a 'memory' node from the
beginning, we can just hardcode a RAM size of 32 MiB when running with
an old Device Tree without the 'memory' node.
Signed-off-by: Paul Cercueil <paul@crapouillou.net>
Signed-off-by: Thomas Bogendoerfer <tsbogend@alpha.franken.de>
|
| |
|
|
|
|
|
|
|
| |
Add a memory node, which was missing until now, and use the retail name
"Ben Nanonote" as the model, as it is way more known under that name
than under the name "LB60".
Signed-off-by: Paul Cercueil <paul@crapouillou.net>
Signed-off-by: Thomas Bogendoerfer <tsbogend@alpha.franken.de>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
The fw_passed_dtb is now properly initialized even when
CONFIG_BUILTIN_DTB is used, so there's no need to handle it in any
particular way here.
Note that the behaviour is slightly different, as the previous code used
the built-in Device Tree unconditionally, while now the built-in Device
Tree is only used when the bootloader did not provide one.
Signed-off-by: Paul Cercueil <paul@crapouillou.net>
Signed-off-by: Thomas Bogendoerfer <tsbogend@alpha.franken.de>
|
| |
|
|
|
|
|
|
| |
Init the 'fw_passed_dtb' pointer to the buit-in Device Tree blob when it
has been compiled in with CONFIG_BUILTIN_DTB.
Signed-off-by: Paul Cercueil <paul@crapouillou.net>
Signed-off-by: Thomas Bogendoerfer <tsbogend@alpha.franken.de>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
bus->count_cells() parses cells starting from the node's parent. This is
not good enough for parser_init() which is generally parsing a bus node.
Revert to previous behavior using of_bus_n_*_cells().
Fixes: 2f96593ecc37 ("of_address: Add bus type match for pci ranges parser")
Reported-by: Nathan Chancellor <natechancellor@gmail.com>
Signed-off-by: Nicolas Saenz Julienne <nsaenzjulienne@suse.de>
Acked-by: Rob Herring <robh@kernel.org>
Signed-off-by: Thomas Bogendoerfer <tsbogend@alpha.franken.de>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
After 2f96593ecc37 ("of_address: Add bus type match for pci ranges parser"),
the last user of of_bus_pci_get_flags when CONFIG_PCI is disabled had gone.
This caused unused function warning when compiling without CONFIG_PCI.
Fix by guarding it with CONFIG_PCI.
Signed-off-by: Jiaxun Yang <jiaxun.yang@flygoat.com>
Reported-by: Stephen Rothwell <sfr@canb.auug.org.au>
Fixes: 2f96593ecc37 ("of_address: Add bus type match for pci ranges parser")
Acked-by: Rob Herring <robh@kernel.org>
Signed-off-by: Thomas Bogendoerfer <tsbogend@alpha.franken.de>
|
| |
|
|
|
|
|
|
|
|
| |
HT irqs vectors are 8 groups, each group has 32 irqs, Loongson64C CPUs
can use only 4 groups and Loongson64G CPUs can use all 8 groups. So the
number of msi vectors of Loongson64G is 192 (32*8 - 64 = 192).
Fixes: 24af105962c8004edb9f5bf84 ("MIPS: Loongson64: DeviceTree for LS7A PCH")
Signed-off-by: Huacai Chen <chenhc@lemote.com>
Signed-off-by: Thomas Bogendoerfer <tsbogend@alpha.franken.de>
|
| |
|
|
|
|
|
|
|
| |
Although currently we're not enabling any ISA device in devicetree,
but this node is required to express the ranges of address reserved
for ISA.
Signed-off-by: Jiaxun Yang <jiaxun.yang@flygoat.com>
Signed-off-by: Thomas Bogendoerfer <tsbogend@alpha.franken.de>
|
| |
|
|
|
|
|
|
| |
Ranges should express the actual physical address on bus.
Also enlarge the PCI I/O size to the actual hardware limit.
Signed-off-by: Jiaxun Yang <jiaxun.yang@flygoat.com>
Signed-off-by: Thomas Bogendoerfer <tsbogend@alpha.franken.de>
|
| |
|
|
|
|
|
| |
It can be very big on LS7A PCH systems.
Signed-off-by: Jiaxun Yang <jiaxun.yang@flygoat.com>
Signed-off-by: Thomas Bogendoerfer <tsbogend@alpha.franken.de>
|
| |
|
|
|
|
|
|
|
|
| |
Previously, we're hardcoding reserved ISA I/O Space in, now
we're processing it I/O via DeviceTree directly.
The ranges property if ISA node is used to determine the size and address
of reserved I/O space.
Signed-off-by: Jiaxun Yang <jiaxun.yang@flygoat.com>
Signed-off-by: Thomas Bogendoerfer <tsbogend@alpha.franken.de>
|
| |
|
|
|
|
|
|
|
|
|
| |
So the parser can be used to parse range property of ISA bus.
As they're all using PCI-like method of range property, there is no need
start a new parser.
Signed-off-by: Jiaxun Yang <jiaxun.yang@flygoat.com>
Reviewed-by: Rob Herring <robh@kernel.org>
Signed-off-by: Thomas Bogendoerfer <tsbogend@alpha.franken.de>
|
| |
|
|
|
|
|
|
|
| |
Enabling the JZ4780_NEMC driver makes sense only for specific hardware -
the Ingenic SoC architecture. It is not an essential driver for the SoC
support so do not enable it by default.
Signed-off-by: Krzysztof Kozlowski <krzk@kernel.org>
Signed-off-by: Thomas Bogendoerfer <tsbogend@alpha.franken.de>
|
| |
|
|
|
|
|
|
|
|
| |
The CONFIG_JZ4780_NEMC was previously a default on MIPS but now it has
to be enabled manually.
Signed-off-by: Krzysztof Kozlowski <krzk@kernel.org>
Reviewed-by: Paul Cercueil <paul@crapouillou.net>
Acked-by: Thomas Bogendoerfer <tsbogend@alpha.franken.de>
Signed-off-by: Thomas Bogendoerfer <tsbogend@alpha.franken.de>
|
| |
|
|
|
|
|
|
|
|
|
| |
The ROUT (right channel output of audio codec) was connected to INL
(left channel of audio amplifier) instead of INR (right channel of audio
amplifier).
Fixes: 8ddebad15e9b ("MIPS: qi_lb60: Migrate to devicetree")
Cc: stable@vger.kernel.org # v5.3
Signed-off-by: Paul Cercueil <paul@crapouillou.net>
Signed-off-by: Thomas Bogendoerfer <tsbogend@alpha.franken.de>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The CONFIG_MIPS_MACHINE option is dead code that hasn't been used in
years. The Kconfig option is not selected anywhere, and the
<asm/mips_machine.h> is not included anywhere either.
To make things worse, for years it co-existed with a separate MIPS
machine implementation as <asm/machine.h>. The two defined the
'mips_machine' structure with different fields, and the 'MIPS_MACHINE'
macro with different parameters. The two used the same memory area
(defined by the linker script) to store data, and you could totally use
the two at the same time for all kinds of funny results.
Signed-off-by: Paul Cercueil <paul@crapouillou.net>
Signed-off-by: Thomas Bogendoerfer <tsbogend@alpha.franken.de>
|
| |
|
|
|
|
|
|
| |
Since commit 3a77e0d75eed ("MIPS: ath79: drop machfiles"), this header
is not used anymore.
Signed-off-by: Paul Cercueil <paul@crapouillou.net>
Signed-off-by: Thomas Bogendoerfer <tsbogend@alpha.franken.de>
|
| |
|
|
|
|
| |
Clean up cpu-feature-overrides, which only repeat the default.
Signed-off-by: Thomas Bogendoerfer <tsbogend@alpha.franken.de>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Use 0 as the align parameter in memblock_find_in_range() is
incorrect when we reserve memory for Crash kernel.
The environment as follows:
[ 0.000000] MIPS: machine is loongson,loongson64c-4core-rs780e
...
[ 1.951016] crashkernel=64M@128M
The warning as follows:
[ 0.000000] Invalid memory region reserved for crash kernel
And the iomem as follows:
00200000-0effffff : System RAM
04000000-0484009f : Kernel code
048400a0-04ad7fff : Kernel data
04b40000-05c4c6bf : Kernel bss
1a000000-1bffffff : pci@1a000000
...
The align parameter may be finally used by round_down() or round_up().
Like the following call tree:
mips-next: mm/memblock.c
memblock_find_in_range
└── memblock_find_in_range_node
├── __memblock_find_range_bottom_up
│ └── round_up
└── __memblock_find_range_top_down
└── round_down
\#define round_up(x, y) ((((x)-1) | __round_mask(x, y))+1)
\#define round_down(x, y) ((x) & ~__round_mask(x, y))
\#define __round_mask(x, y) ((__typeof__(x))((y)-1))
The round_down(or round_up)'s second parameter must be a power of 2.
If the second parameter is 0, it both will return 0.
Use 1 as the parameter to fix the bug and the iomem as follows:
00200000-0effffff : System RAM
04000000-0484009f : Kernel code
048400a0-04ad7fff : Kernel data
04b40000-05c4c6bf : Kernel bss
08000000-0bffffff : Crash kernel
1a000000-1bffffff : pci@1a000000
...
Signed-off-by: Jinyang He <hejinyang@loongson.cn>
Reviewed-by: Jiaxun Yang <jiaxun.yang@flygoat.com>
Signed-off-by: Thomas Bogendoerfer <tsbogend@alpha.franken.de>
|
| |
|
|
|
|
|
|
|
| |
Now CPU#0 is not hotpluggable on MIPS, so prevent to create /sys/devices
/system/cpu/cpu0/online which confuses some user-space tools.
Cc: stable@vger.kernel.org
Signed-off-by: Huacai Chen <chenhc@lemote.com>
Signed-off-by: Thomas Bogendoerfer <tsbogend@alpha.franken.de>
|
| |
|
|
|
|
|
|
|
|
| |
Add a devicetree node for the Image Processing Unit (IPU) found in the
JZ4725B. Connect it with graph nodes to the LCD node. The LCD driver
will expect the IPU node to be accessed through graph port #8, as stated
in the bindings documentation.
Signed-off-by: Paul Cercueil <paul@crapouillou.net>
Signed-off-by: Thomas Bogendoerfer <tsbogend@alpha.franken.de>
|
| |
|
|
|
|
|
|
|
| |
Delete the repeated word "as".
Signed-off-by: Randy Dunlap <rdunlap@infradead.org>
Cc: Thomas Bogendoerfer <tsbogend@alpha.franken.de>
Cc: linux-mips@vger.kernel.org
Signed-off-by: Thomas Bogendoerfer <tsbogend@alpha.franken.de>
|
| |
|
|
|
|
|
|
|
|
| |
Delete the repeated words "Returns" and convert to kernel-doc
notation by adding a ':'.
Signed-off-by: Randy Dunlap <rdunlap@infradead.org>
Cc: Thomas Bogendoerfer <tsbogend@alpha.franken.de>
Cc: linux-mips@vger.kernel.org
Signed-off-by: Thomas Bogendoerfer <tsbogend@alpha.franken.de>
|
| |
|
|
|
|
|
|
|
|
|
| |
Delete the repeated word "command".
Delete the repeated words "returns" and convert to kernel-doc notation
by adding a ':'.
Signed-off-by: Randy Dunlap <rdunlap@infradead.org>
Cc: Thomas Bogendoerfer <tsbogend@alpha.franken.de>
Cc: linux-mips@vger.kernel.org
Signed-off-by: Thomas Bogendoerfer <tsbogend@alpha.franken.de>
|
| |
|
|
|
|
|
|
|
| |
Delete the repeated word "the".
Signed-off-by: Randy Dunlap <rdunlap@infradead.org>
Cc: Thomas Bogendoerfer <tsbogend@alpha.franken.de>
Cc: linux-mips@vger.kernel.org
Signed-off-by: Thomas Bogendoerfer <tsbogend@alpha.franken.de>
|
| |
|
|
|
|
|
|
|
| |
Delete the repeated word "Returns".
Signed-off-by: Randy Dunlap <rdunlap@infradead.org>
Cc: Thomas Bogendoerfer <tsbogend@alpha.franken.de>
Cc: linux-mips@vger.kernel.org
Signed-off-by: Thomas Bogendoerfer <tsbogend@alpha.franken.de>
|
| |
|
|
|
|
|
|
|
| |
Delete the repeated word "on".
Signed-off-by: Randy Dunlap <rdunlap@infradead.org>
Cc: Thomas Bogendoerfer <tsbogend@alpha.franken.de>
Cc: linux-mips@vger.kernel.org
Signed-off-by: Thomas Bogendoerfer <tsbogend@alpha.franken.de>
|
| |
|
|
|
|
|
|
|
|
|
| |
It references __initdata and is called only from an __init function:
trap_init. This avoids section mismatches (which I am seeing with gcc
10).
Signed-off-by: Jiri Slaby <jslaby@suse.cz>
Cc: Thomas Bogendoerfer <tsbogend@alpha.franken.de>
Cc: linux-mips@vger.kernel.org
Signed-off-by: Thomas Bogendoerfer <tsbogend@alpha.franken.de>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
There are some CFE variants that start with 'cfe-vd' instead of 'cfe-v', such
as the one used in the Huawei HG556a: "cfe-vd081.5003". In this case, the CFE
version is stored as is (string vs number bytes).
Some newer devices have an additional version number, such as the Comtrend
VR-3032u: "1.0.38-112.118-11".
Finally, print the string as is if the version doesn't start with "cfe-v" or
"cfe-vd", but starts with "cfe-".
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
Signed-off-by: Thomas Bogendoerfer <tsbogend@alpha.franken.de>
|
| |
|
|
|
|
|
|
| |
1.Add "PRID_COMP_INGENIC_13" and "PRID_IMP_XBURST2" for X2000.
2.Add X2000 system type for cat /proc/cpuinfo to give out X2000.
Signed-off-by: 周琰杰 (Zhou Yanjie) <zhouyanjie@wanyeetech.com>
Signed-off-by: Thomas Bogendoerfer <tsbogend@alpha.franken.de>
|
| |
|
|
|
|
|
|
|
|
| |
if of_find_device_by_node() succeed, dwc3_octeon_device_init() doesn't have
a corresponding put_device(). Thus add put_device() to fix the exception
handling for this function implementation.
Fixes: 93e502b3c2d4 ("MIPS: OCTEON: Platform support for OCTEON III USB controller")
Signed-off-by: Yu Kuai <yukuai3@huawei.com>
Signed-off-by: Thomas Bogendoerfer <tsbogend@alpha.franken.de>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
paravirt machine was introduced for Cavium's partial virtualization
technology, however, it's host side support and QEMU support never
landed in upstream.
As Cavium was acquired by Marvel and they have no intention to maintain
their MIPS product line, also paravirt is unlikely to be utilized by
community users, it's time to retire it if nobody steps in to maintain
it.
Signed-off-by: Jiaxun Yang <jiaxun.yang@flygoat.com>
Signed-off-by: Thomas Bogendoerfer <tsbogend@alpha.franken.de>
|
| |
|
|
|
|
|
|
|
|
| |
Add Thomas and myself as maintainers of the MIPS CPU and GIC IRQchip, MIPS
GIC timer and MIPS CPS CPUidle drivers.
Signed-off-by: Serge Semin <Sergey.Semin@baikalelectronics.ru>
Acked-by: Marc Zyngier <maz@kernel.org>
Acked-by: Daniel Lezcano <daniel.lezcano@linaro.org>
Signed-off-by: Thomas Bogendoerfer <tsbogend@alpha.franken.de>
|
| |
|
|
|
|
|
|
|
|
| |
CDMM may be available not only on MIPS R2 architectures, but also on
newer MIPS R5 chips. For instance our P5600 chip has one. Let's mark
the CDMM bus being supported for that MIPS arch too.
Signed-off-by: Serge Semin <Sergey.Semin@baikalelectronics.ru>
Reviewed-by: Thomas Bogendoerfer <tsbogend@alpha.franken.de>
Signed-off-by: Thomas Bogendoerfer <tsbogend@alpha.franken.de>
|
| |
|
|
|
|
|
|
|
|
|
| |
Since having and mapping the CDMM block is platform specific, then
instead of just returning a zero-address, lets make the default CDMM
base address search method (mips_cdmm_phys_base()) to do something
useful. For instance to find the address in a dedicated dtb-node in
order to support of-based platforms by default.
Signed-off-by: Serge Semin <Sergey.Semin@baikalelectronics.ru>
Signed-off-by: Thomas Bogendoerfer <tsbogend@alpha.franken.de>
|
| |
|
|
|
|
|
|
|
| |
It's a Common Device Memory Map controller embedded into the MIPS IP
cores, which dts node is supposed to have compatible and reg properties.
Signed-off-by: Serge Semin <Sergey.Semin@baikalelectronics.ru>
Reviewed-by: Rob Herring <robh@kernel.org>
Signed-off-by: Thomas Bogendoerfer <tsbogend@alpha.franken.de>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Modern device tree bindings are supposed to be created as YAML-files
in accordance with DT schema. This commit replaces MIPS GIC legacy bare
text binding with YAML file. As before the binding file states that the
corresponding dts node is supposed to be compatible with MIPS Global
Interrupt Controller indicated by the "mti,gic" compatible string and
to provide a mandatory interrupt-controller and '#interrupt-cells'
properties. There might be optional registers memory range,
"mti,reserved-cpu-vectors" and "mti,reserved-ipi-vectors" properties
specified.
MIPS GIC also includes a free-running global timer, per-CPU count/compare
timers, and a watchdog. Since currently the GIC Timer is only supported the
DT schema expects an IRQ and clock-phandler charged timer sub-node with
"mti,mips-gic-timer" compatible string.
Signed-off-by: Serge Semin <Sergey.Semin@baikalelectronics.ru>
Reviewed-by: Rob Herring <robh@kernel.org>
Signed-off-by: Thomas Bogendoerfer <tsbogend@alpha.franken.de>
|
| |
|
|
|
|
|
|
|
|
|
| |
It's a Cluster Power Controller embedded into the MIPS IP cores.
Currently the corresponding dts node is supposed to have compatible
and reg properties.
Signed-off-by: Serge Semin <Sergey.Semin@baikalelectronics.ru>
Reviewed-by: Rob Herring <robh@kernel.org>
Cc: Alexey Malahov <Alexey.Malahov@baikalelectronics.ru>
Signed-off-by: Thomas Bogendoerfer <tsbogend@alpha.franken.de>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In the MIPS architecture, we should clear the security-relevant
flag READ_IMPLIES_EXEC in the function SET_PERSONALITY2() of the
file arch/mips/include/asm/elf.h.
Otherwise, with this flag set, PROT_READ implies PROT_EXEC for
mmap to make memory executable that is not safe, because this
condition allows an attacker to simply jump to and execute bytes
that are considered to be just data [1].
In mm/mmap.c:
unsigned long do_mmap(struct file *file, unsigned long addr,
unsigned long len, unsigned long prot,
unsigned long flags, vm_flags_t vm_flags,
unsigned long pgoff, unsigned long *populate,
struct list_head *uf)
{
[...]
if ((prot & PROT_READ) && (current->personality & READ_IMPLIES_EXEC))
if (!(file && path_noexec(&file->f_path)))
prot |= PROT_EXEC;
[...]
}
By the way, x86 and ARM64 have done the similar thing.
After commit 250c22777fe1 ("x86_64: move kernel"), in the file
arch/x86/kernel/process_64.c:
void set_personality_64bit(void)
{
[...]
current->personality &= ~READ_IMPLIES_EXEC;
}
After commit 48f99c8ec0b2 ("arm64: Preventing READ_IMPLIES_EXEC
propagation"), in the file arch/arm64/include/asm/elf.h:
#define SET_PERSONALITY(ex) \
({ \
clear_thread_flag(TIF_32BIT); \
current->personality &= ~READ_IMPLIES_EXEC; \
})
[1] https://insights.sei.cmu.edu/cert/2014/02/feeling-insecure-blame-your-parent.html
Reported-by: Juxin Gao <gaojuxin@loongson.cn>
Co-developed-by: Juxin Gao <gaojuxin@loongson.cn>
Signed-off-by: Juxin Gao <gaojuxin@loongson.cn>
Signed-off-by: Tiezhu Yang <yangtiezhu@loongson.cn>
Reviewed-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Thomas Bogendoerfer <tsbogend@alpha.franken.de>
|
| |
|
|
|
|
|
|
| |
Close "fd" before the return of map_vdso() and close "out_file"
in main().
Signed-off-by: Peng Fan <fanpeng@loongson.cn>
Signed-off-by: Thomas Bogendoerfer <tsbogend@alpha.franken.de>
|
| |
|
|
|
|
|
|
| |
Refresh CU1000-Neo's defconfig to support LED.
Tested-by: 周正 (Zhou Zheng) <sernia.zhou@foxmail.com>
Signed-off-by: 周琰杰 (Zhou Yanjie) <zhouyanjie@wanyeetech.com>
Signed-off-by: Thomas Bogendoerfer <tsbogend@alpha.franken.de>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
1.The CU1000-Neo board actually uses X1000E instead of X1000,
so the wrongly written "ingenic,x1000" in compatible should
be changed to "ingenic,x1000e".
2.Adjust the order of nodes according to the corresponding
address value.
3.Drop unnecessary node in "wlan_pwrseq".
4.Add the leds node to "cu1000-neo.dts".
Tested-by: 周正 (Zhou Zheng) <sernia.zhou@foxmail.com>
Signed-off-by: 周琰杰 (Zhou Yanjie) <zhouyanjie@wanyeetech.com>
Signed-off-by: Thomas Bogendoerfer <tsbogend@alpha.franken.de>
|
| |
|
|
|
|
|
|
|
| |
Add a device tree and a defconfig for the Ingenic X1830 based
YSH & ATIL CU Neo board.
Tested-by: 周正 (Zhou Zheng) <sernia.zhou@foxmail.com>
Signed-off-by: 周琰杰 (Zhou Yanjie) <zhouyanjie@wanyeetech.com>
Signed-off-by: Thomas Bogendoerfer <tsbogend@alpha.franken.de>
|
