Re: [PATCH v2] powerpc: fix boot on BOOK3S_32 with CONFIG_STRICT_KERNEL_RWX
From: Christophe LEROY <hidden>
Date: 2017-11-23 07:49:19
Also in:
lkml
Le 22/11/2017 à 12:48, Michael Ellerman a écrit :
Christophe LEROY [off-list ref] writes:quoted
Le 22/11/2017 à 00:07, Balbir Singh a écrit :quoted
On Wed, Nov 22, 2017 at 1:28 AM, Christophe Leroy [off-list ref] wrote:quoted
On powerpc32, patch_instruction() is called by apply_feature_fixups() which is called from early_init() There is the following note in front of early_init(): * Note that the kernel may be running at an address which is different * from the address that it was linked at, so we must use RELOC/PTRRELOC * to access static data (including strings). -- paulus Therefore, slab_is_available() cannot be called yet, and text_poke_area must be addressed with PTRRELOC() Fixes: 37bc3e5fd764f ("powerpc/lib/code-patching: Use alternate map for patch_instruction()") Reported-by: Meelis Roos <redacted> Cc: Balbir Singh <bsingharora@gmail.com> Signed-off-by: Christophe Leroy <redacted> --- v2: Added missing asm/setup.h arch/powerpc/lib/code-patching.c | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-)diff --git a/arch/powerpc/lib/code-patching.c b/arch/powerpc/lib/code-patching.c index c9de03e0c1f1..d469224c4ada 100644 --- a/arch/powerpc/lib/code-patching.c +++ b/arch/powerpc/lib/code-patching.c@@ -21,6 +21,7 @@ #include <asm/tlbflush.h> #include <asm/page.h> #include <asm/code-patching.h> +#include <asm/setup.h> static int __patch_instruction(unsigned int *addr, unsigned int instr) {@@ -146,11 +147,8 @@ int patch_instruction(unsigned int *addr, unsigned int instr) * During early early boot patch_instruction is called * when text_poke_area is not ready, but we still need * to allow patching. We just do the plain old patching - * We use slab_is_available and per cpu read * via this_cpu_read - * of text_poke_area. Per-CPU areas might not be up early - * this can create problems with just using this_cpu_read() */ - if (!slab_is_available() || !this_cpu_read(text_poke_area)) + if (!this_cpu_read(*PTRRELOC(&text_poke_area))) return __patch_instruction(addr, instr);On ppc64, we call apply_feature_fixups() in early_setup() after we've relocated ourselves. Sorry for missing the ppc32 case. I would like to avoid PTRRELOC when unnecessary.What do you suggest then ? Some #ifdef PPC32 around that ?No I don't think that improves anything. I think the comment about per-cpu not being up is wrong, you'll just get the static version of text_poke_area, which should be NULL. So we don't need the slab_available() check anyway. So I'll take this as-is. Having said that I absolutely hate PTRRELOC, so if it starts spreading we will have to come up with something less bug prone.
Would something like that be the solution ?
diff --git a/arch/powerpc/include/asm/code-patching.h b/arch/powerpc/include/asm/code-patching.h index abef812de7f8..1c8dd340f5fc 100644
--- a/arch/powerpc/include/asm/code-patching.h
+++ b/arch/powerpc/include/asm/code-patching.h@@ -30,7 +30,11 @@ unsigned int create_branch(const unsigned int *addr, unsigned int create_cond_branch(const unsigned int *addr, unsigned long target, int flags); int patch_branch(unsigned int *addr, unsigned long target, int flags); -int patch_instruction(unsigned int *addr, unsigned int instr); +int patch_instruction_early(unsigned int *addr, unsigned int instr,
bool early);
+static inline int patch_instruction(unsigned int *addr, unsigned int instr)
+{
+ return patch_instruction_early(addr, instr, false);
+}
int instr_is_relative_branch(unsigned int instr);
int instr_is_branch_to_addr(const unsigned int *instr, unsigned long
addr);diff --git a/arch/powerpc/lib/code-patching.c b/arch/powerpc/lib/code-patching.c index d469224c4ada..84ebf9203e40 100644
--- a/arch/powerpc/lib/code-patching.c
+++ b/arch/powerpc/lib/code-patching.c@@ -135,7 +135,7 @@ static inline int unmap_patch_area(unsigned long addr) return 0; } -int patch_instruction(unsigned int *addr, unsigned int instr) +int patch_instruction_early(unsigned int *addr, unsigned int instr,
bool early)
{
int err;
unsigned int *dest = NULL;@@ -148,7 +148,7 @@ int patch_instruction(unsigned int *addr, unsigned int instr) * when text_poke_area is not ready, but we still need * to allow patching. We just do the plain old patching */ - if (!this_cpu_read(*PTRRELOC(&text_poke_area))) + if (early || !this_cpu_read(text_poke_area)) return __patch_instruction(addr, instr); local_irq_save(flags);
@@ -182,13 +182,13 @@ int patch_instruction(unsigned int *addr, unsigned int instr)
}
#else /* !CONFIG_STRICT_KERNEL_RWX */
-int patch_instruction(unsigned int *addr, unsigned int instr)
+int patch_instruction_early(unsigned int *addr, unsigned int instr,
bool early)
{
return __patch_instruction(addr, instr);
}
#endif /* CONFIG_STRICT_KERNEL_RWX */
-NOKPROBE_SYMBOL(patch_instruction);
+NOKPROBE_SYMBOL(patch_instruction_early);
int patch_branch(unsigned int *addr, unsigned long target, int flags)
{diff --git a/arch/powerpc/lib/feature-fixups.c b/arch/powerpc/lib/feature-fixups.c index 41cf5ae273cf..4c98ece9e558 100644
--- a/arch/powerpc/lib/feature-fixups.c
+++ b/arch/powerpc/lib/feature-fixups.c@@ -45,7 +45,8 @@ static unsigned int *calc_addr(struct fixup_entry *fcur, long offset)
}
static int patch_alt_instruction(unsigned int *src, unsigned int *dest,
- unsigned int *alt_start, unsigned int *alt_end)
+ unsigned int *alt_start, unsigned int *alt_end,
+ bool early)
{
unsigned int instr;
@@ -62,12 +63,13 @@ static int patch_alt_instruction(unsigned int *src, unsigned int *dest,
}
}
- patch_instruction(dest, instr);
+ patch_instruction_early(dest, instr, early);
return 0;
}
-static int patch_feature_section(unsigned long value, struct
fixup_entry *fcur)
+static int __patch_feature_section(unsigned long value, struct
fixup_entry *fcur,
+ bool early)
{
unsigned int *start, *end, *alt_start, *alt_end, *src, *dest;
@@ -86,17 +88,18 @@ static int patch_feature_section(unsigned long value, struct fixup_entry *fcur)
dest = start;
for (; src < alt_end; src++, dest++) {
- if (patch_alt_instruction(src, dest, alt_start, alt_end))
+ if (patch_alt_instruction(src, dest, alt_start, alt_end, early))
return 1;
}
for (; dest < end; dest++)
- patch_instruction(dest, PPC_INST_NOP);
+ patch_instruction_early(dest, PPC_INST_NOP, early);
return 0;
}
-void do_feature_fixups(unsigned long value, void *fixup_start, void
*fixup_end)
+static void __do_feature_fixups(unsigned long value, void *fixup_start,
+ void *fixup_end, bool early)
{
struct fixup_entry *fcur, *fend;
@@ -104,7 +107,7 @@ void do_feature_fixups(unsigned long value, void *fixup_start, void *fixup_end)
fend = fixup_end;
for (; fcur < fend; fcur++) {
- if (patch_feature_section(value, fcur)) {
+ if (__patch_feature_section(value, fcur, early)) {
WARN_ON(1);
printk("Unable to patch feature section at %p - %p" \
" with %p - %p\n",@@ -116,7 +119,13 @@ void do_feature_fixups(unsigned long value, void *fixup_start, void *fixup_end)
}
}
-void do_lwsync_fixups(unsigned long value, void *fixup_start, void
*fixup_end)
+void do_feature_fixups(unsigned long value, void *fixup_start, void
*fixup_end)
+{
+ __do_feature_fixups(value, fixup_start, fixup_end, false);
+}
+
+static void __do_lwsync_fixups(unsigned long value, void *fixup_start,
+ void *fixup_end, bool early)
{
long *start, *end;
unsigned int *dest;@@ -129,10 +138,15 @@ void do_lwsync_fixups(unsigned long value, void *fixup_start, void *fixup_end)
for (; start < end; start++) {
dest = (void *)start + *start;
- patch_instruction(dest, PPC_INST_LWSYNC);
+ patch_instruction_early(dest, PPC_INST_LWSYNC, early);
}
}
+void do_lwsync_fixups(unsigned long value, void *fixup_start, void
*fixup_end)
+{
+ __do_lwsync_fixups(value, fixup_start, fixup_end, false);
+}
+
static void do_final_fixups(void)
{
#if defined(CONFIG_PPC64) && defined(CONFIG_RELOCATABLE)@@ -147,7 +161,7 @@ static void do_final_fixups(void) length = (__end_interrupts - _stext) / sizeof(int); while (length--) { - patch_instruction(dest, *src); + patch_instruction_early(dest, *src, true); src++; dest++; }
@@ -171,22 +185,23 @@ void __init apply_feature_fixups(void) * Apply the CPU-specific and firmware specific fixups to kernel text * (nop out sections not relevant to this CPU or this firmware). */ - do_feature_fixups(spec->cpu_features, + __do_feature_fixups(spec->cpu_features, PTRRELOC(&__start___ftr_fixup), - PTRRELOC(&__stop___ftr_fixup)); + PTRRELOC(&__stop___ftr_fixup), true); - do_feature_fixups(spec->mmu_features, + __do_feature_fixups(spec->mmu_features, PTRRELOC(&__start___mmu_ftr_fixup), - PTRRELOC(&__stop___mmu_ftr_fixup)); + PTRRELOC(&__stop___mmu_ftr_fixup), true); - do_lwsync_fixups(spec->cpu_features, + __do_lwsync_fixups(spec->cpu_features, PTRRELOC(&__start___lwsync_fixup), - PTRRELOC(&__stop___lwsync_fixup)); + PTRRELOC(&__stop___lwsync_fixup), true); #ifdef CONFIG_PPC64 saved_firmware_features = powerpc_firmware_features; do_feature_fixups(powerpc_firmware_features, - &__start___fw_ftr_fixup, &__stop___fw_ftr_fixup); + &__start___fw_ftr_fixup, &__stop___fw_ftr_fixup, + true); #endif do_final_fixups(); }
@@ -226,6 +241,11 @@ late_initcall(check_features); /* This must be after the text it fixes up, vmlinux.lds.S enforces
that atm */
static struct fixup_entry fixup;
+static int patch_feature_section(unsigned long value, struct
fixup_entry *fcur)
+{
+ return __patch_feature_section(value, fcur, false);
+}
+
static long calc_offset(struct fixup_entry *entry, unsigned int *p)
{
return (unsigned long)p - (unsigned long)entry;
Christophe