License cleanup: add SPDX GPL-2.0 license identifier to files with no license
Many source files in the tree are missing licensing information, which
makes it harder for compliance tools to determine the correct license.
By default all files without license information are under the default
license of the kernel, which is GPL version 2.
Update the files which contain no license information with the 'GPL-2.0'
SPDX license identifier. The SPDX identifier is a legally binding
shorthand, which can be used instead of the full boiler plate text.
This patch is based on work done by Thomas Gleixner and Kate Stewart and
Philippe Ombredanne.
How this work was done:
Patches were generated and checked against linux-4.14-rc6 for a subset of
the use cases:
- file had no licensing information it it.
- file was a */uapi/* one with no licensing information in it,
- file was a */uapi/* one with existing licensing information,
Further patches will be generated in subsequent months to fix up cases
where non-standard license headers were used, and references to license
had to be inferred by heuristics based on keywords.
The analysis to determine which SPDX License Identifier to be applied to
a file was done in a spreadsheet of side by side results from of the
output of two independent scanners (ScanCode & Windriver) producing SPDX
tag:value files created by Philippe Ombredanne. Philippe prepared the
base worksheet, and did an initial spot review of a few 1000 files.
The 4.13 kernel was the starting point of the analysis with 60,537 files
assessed. Kate Stewart did a file by file comparison of the scanner
results in the spreadsheet to determine which SPDX license identifier(s)
to be applied to the file. She confirmed any determination that was not
immediately clear with lawyers working with the Linux Foundation.
Criteria used to select files for SPDX license identifier tagging was:
- Files considered eligible had to be source code files.
- Make and config files were included as candidates if they contained >5
lines of source
- File already had some variant of a license header in it (even if <5
lines).
All documentation files were explicitly excluded.
The following heuristics were used to determine which SPDX license
identifiers to apply.
- when both scanners couldn't find any license traces, file was
considered to have no license information in it, and the top level
COPYING file license applied.
For non */uapi/* files that summary was:
SPDX license identifier # files
---------------------------------------------------|-------
GPL-2.0 11139
and resulted in the first patch in this series.
If that file was a */uapi/* path one, it was "GPL-2.0 WITH
Linux-syscall-note" otherwise it was "GPL-2.0". Results of that was:
SPDX license identifier # files
---------------------------------------------------|-------
GPL-2.0 WITH Linux-syscall-note 930
and resulted in the second patch in this series.
- if a file had some form of licensing information in it, and was one
of the */uapi/* ones, it was denoted with the Linux-syscall-note if
any GPL family license was found in the file or had no licensing in
it (per prior point). Results summary:
SPDX license identifier # files
---------------------------------------------------|------
GPL-2.0 WITH Linux-syscall-note 270
GPL-2.0+ WITH Linux-syscall-note 169
((GPL-2.0 WITH Linux-syscall-note) OR BSD-2-Clause) 21
((GPL-2.0 WITH Linux-syscall-note) OR BSD-3-Clause) 17
LGPL-2.1+ WITH Linux-syscall-note 15
GPL-1.0+ WITH Linux-syscall-note 14
((GPL-2.0+ WITH Linux-syscall-note) OR BSD-3-Clause) 5
LGPL-2.0+ WITH Linux-syscall-note 4
LGPL-2.1 WITH Linux-syscall-note 3
((GPL-2.0 WITH Linux-syscall-note) OR MIT) 3
((GPL-2.0 WITH Linux-syscall-note) AND MIT) 1
and that resulted in the third patch in this series.
- when the two scanners agreed on the detected license(s), that became
the concluded license(s).
- when there was disagreement between the two scanners (one detected a
license but the other didn't, or they both detected different
licenses) a manual inspection of the file occurred.
- In most cases a manual inspection of the information in the file
resulted in a clear resolution of the license that should apply (and
which scanner probably needed to revisit its heuristics).
- When it was not immediately clear, the license identifier was
confirmed with lawyers working with the Linux Foundation.
- If there was any question as to the appropriate license identifier,
the file was flagged for further research and to be revisited later
in time.
In total, over 70 hours of logged manual review was done on the
spreadsheet to determine the SPDX license identifiers to apply to the
source files by Kate, Philippe, Thomas and, in some cases, confirmation
by lawyers working with the Linux Foundation.
Kate also obtained a third independent scan of the 4.13 code base from
FOSSology, and compared selected files where the other two scanners
disagreed against that SPDX file, to see if there was new insights. The
Windriver scanner is based on an older version of FOSSology in part, so
they are related.
Thomas did random spot checks in about 500 files from the spreadsheets
for the uapi headers and agreed with SPDX license identifier in the
files he inspected. For the non-uapi files Thomas did random spot checks
in about 15000 files.
In initial set of patches against 4.14-rc6, 3 files were found to have
copy/paste license identifier errors, and have been fixed to reflect the
correct identifier.
Additionally Philippe spent 10 hours this week doing a detailed manual
inspection and review of the 12,461 patched files from the initial patch
version early this week with:
- a full scancode scan run, collecting the matched texts, detected
license ids and scores
- reviewing anything where there was a license detected (about 500+
files) to ensure that the applied SPDX license was correct
- reviewing anything where there was no detection but the patch license
was not GPL-2.0 WITH Linux-syscall-note to ensure that the applied
SPDX license was correct
This produced a worksheet with 20 files needing minor correction. This
worksheet was then exported into 3 different .csv files for the
different types of files to be modified.
These .csv files were then reviewed by Greg. Thomas wrote a script to
parse the csv files and add the proper SPDX tag to the file, in the
format that the file expected. This script was further refined by Greg
based on the output to detect more types of files automatically and to
distinguish between header and source .c files (which need different
comment types.) Finally Greg ran the script using the .csv files to
generate the patches.
Reviewed-by: Kate Stewart <kstewart@linuxfoundation.org>
Reviewed-by: Philippe Ombredanne <pombredanne@nexb.com>
Reviewed-by: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2017-11-01 17:07:57 +03:00
|
|
|
// SPDX-License-Identifier: GPL-2.0
|
2005-04-17 02:20:36 +04:00
|
|
|
/*
|
|
|
|
* linux/arch/alpha/mm/fault.c
|
|
|
|
*
|
|
|
|
* Copyright (C) 1995 Linus Torvalds
|
|
|
|
*/
|
|
|
|
|
2017-02-08 20:51:30 +03:00
|
|
|
#include <linux/sched/signal.h>
|
2005-04-17 02:20:36 +04:00
|
|
|
#include <linux/kernel.h>
|
|
|
|
#include <linux/mm.h>
|
|
|
|
#include <asm/io.h>
|
|
|
|
|
|
|
|
#define __EXTERN_INLINE inline
|
|
|
|
#include <asm/mmu_context.h>
|
|
|
|
#include <asm/tlbflush.h>
|
|
|
|
#undef __EXTERN_INLINE
|
|
|
|
|
|
|
|
#include <linux/signal.h>
|
|
|
|
#include <linux/errno.h>
|
|
|
|
#include <linux/string.h>
|
|
|
|
#include <linux/types.h>
|
|
|
|
#include <linux/ptrace.h>
|
|
|
|
#include <linux/mman.h>
|
|
|
|
#include <linux/smp.h>
|
|
|
|
#include <linux/interrupt.h>
|
2016-07-23 21:01:45 +03:00
|
|
|
#include <linux/extable.h>
|
2015-05-11 18:52:11 +03:00
|
|
|
#include <linux/uaccess.h>
|
2020-08-12 04:37:49 +03:00
|
|
|
#include <linux/perf_event.h>
|
2005-04-17 02:20:36 +04:00
|
|
|
|
|
|
|
extern void die_if_kernel(char *,struct pt_regs *,long, unsigned long *);
|
|
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Force a new ASN for a task.
|
|
|
|
*/
|
|
|
|
|
|
|
|
#ifndef CONFIG_SMP
|
|
|
|
unsigned long last_asn = ASN_FIRST_VERSION;
|
|
|
|
#endif
|
|
|
|
|
|
|
|
void
|
|
|
|
__load_new_mm_context(struct mm_struct *next_mm)
|
|
|
|
{
|
|
|
|
unsigned long mmc;
|
|
|
|
struct pcb_struct *pcb;
|
|
|
|
|
|
|
|
mmc = __get_new_mm_context(next_mm, smp_processor_id());
|
|
|
|
next_mm->context[smp_processor_id()] = mmc;
|
|
|
|
|
|
|
|
pcb = ¤t_thread_info()->pcb;
|
|
|
|
pcb->asn = mmc & HARDWARE_ASN_MASK;
|
|
|
|
pcb->ptbr = ((unsigned long) next_mm->pgd - IDENT_ADDR) >> PAGE_SHIFT;
|
|
|
|
|
|
|
|
__reload_thread(pcb);
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
* This routine handles page faults. It determines the address,
|
|
|
|
* and the problem, and then passes it off to handle_mm_fault().
|
|
|
|
*
|
|
|
|
* mmcsr:
|
|
|
|
* 0 = translation not valid
|
|
|
|
* 1 = access violation
|
|
|
|
* 2 = fault-on-read
|
|
|
|
* 3 = fault-on-execute
|
|
|
|
* 4 = fault-on-write
|
|
|
|
*
|
|
|
|
* cause:
|
|
|
|
* -1 = instruction fetch
|
|
|
|
* 0 = load
|
|
|
|
* 1 = store
|
|
|
|
*
|
|
|
|
* Registers $9 through $15 are saved in a block just prior to `regs' and
|
|
|
|
* are saved and restored around the call to allow exception code to
|
|
|
|
* modify them.
|
|
|
|
*/
|
|
|
|
|
|
|
|
/* Macro for exception fixup code to access integer registers. */
|
|
|
|
#define dpf_reg(r) \
|
|
|
|
(((unsigned long *)regs)[(r) <= 8 ? (r) : (r) <= 15 ? (r)-16 : \
|
alpha: fix page fault handling for r16-r18 targets
Fix page fault handling code to fixup r16-r18 registers.
Before the patch code had off-by-two registers bug.
This bug caused overwriting of ps,pc,gp registers instead
of fixing intended r16,r17,r18 (see `struct pt_regs`).
More details:
Initially Dmitry noticed a kernel bug as a failure
on strace test suite. Test passes unmapped userspace
pointer to io_submit:
```c
#include <err.h>
#include <unistd.h>
#include <sys/mman.h>
#include <asm/unistd.h>
int main(void)
{
unsigned long ctx = 0;
if (syscall(__NR_io_setup, 1, &ctx))
err(1, "io_setup");
const size_t page_size = sysconf(_SC_PAGESIZE);
const size_t size = page_size * 2;
void *ptr = mmap(NULL, size, PROT_READ | PROT_WRITE,
MAP_PRIVATE | MAP_ANONYMOUS, -1, 0);
if (MAP_FAILED == ptr)
err(1, "mmap(%zu)", size);
if (munmap(ptr, size))
err(1, "munmap");
syscall(__NR_io_submit, ctx, 1, ptr + page_size);
syscall(__NR_io_destroy, ctx);
return 0;
}
```
Running this test causes kernel to crash when handling page fault:
```
Unable to handle kernel paging request at virtual address ffffffffffff9468
CPU 3
aio(26027): Oops 0
pc = [<fffffc00004eddf8>] ra = [<fffffc00004edd5c>] ps = 0000 Not tainted
pc is at sys_io_submit+0x108/0x200
ra is at sys_io_submit+0x6c/0x200
v0 = fffffc00c58e6300 t0 = fffffffffffffff2 t1 = 000002000025e000
t2 = fffffc01f159fef8 t3 = fffffc0001009640 t4 = fffffc0000e0f6e0
t5 = 0000020001002e9e t6 = 4c41564e49452031 t7 = fffffc01f159c000
s0 = 0000000000000002 s1 = 000002000025e000 s2 = 0000000000000000
s3 = 0000000000000000 s4 = 0000000000000000 s5 = fffffffffffffff2
s6 = fffffc00c58e6300
a0 = fffffc00c58e6300 a1 = 0000000000000000 a2 = 000002000025e000
a3 = 00000200001ac260 a4 = 00000200001ac1e8 a5 = 0000000000000001
t8 = 0000000000000008 t9 = 000000011f8bce30 t10= 00000200001ac440
t11= 0000000000000000 pv = fffffc00006fd320 at = 0000000000000000
gp = 0000000000000000 sp = 00000000265fd174
Disabling lock debugging due to kernel taint
Trace:
[<fffffc0000311404>] entSys+0xa4/0xc0
```
Here `gp` has invalid value. `gp is s overwritten by a fixup for the
following page fault handler in `io_submit` syscall handler:
```
__se_sys_io_submit
...
ldq a1,0(t1)
bne t0,4280 <__se_sys_io_submit+0x180>
```
After a page fault `t0` should contain -EFALUT and `a1` is 0.
Instead `gp` was overwritten in place of `a1`.
This happens due to a off-by-two bug in `dpf_reg()` for `r16-r18`
(aka `a0-a2`).
I think the bug went unnoticed for a long time as `gp` is one
of scratch registers. Any kernel function call would re-calculate `gp`.
Dmitry tracked down the bug origin back to 2.1.32 kernel version
where trap_a{0,1,2} fields were inserted into struct pt_regs.
And even before that `dpf_reg()` contained off-by-one error.
Cc: Richard Henderson <rth@twiddle.net>
Cc: Ivan Kokshaysky <ink@jurassic.park.msu.ru>
Cc: linux-alpha@vger.kernel.org
Cc: linux-kernel@vger.kernel.org
Reported-and-reviewed-by: "Dmitry V. Levin" <ldv@altlinux.org>
Cc: stable@vger.kernel.org # v2.1.32+
Bug: https://bugs.gentoo.org/672040
Signed-off-by: Sergei Trofimovich <slyfox@gentoo.org>
Signed-off-by: Matt Turner <mattst88@gmail.com>
2018-12-31 14:53:55 +03:00
|
|
|
(r) <= 18 ? (r)+10 : (r)-10])
|
2005-04-17 02:20:36 +04:00
|
|
|
|
|
|
|
asmlinkage void
|
|
|
|
do_page_fault(unsigned long address, unsigned long mmcsr,
|
|
|
|
long cause, struct pt_regs *regs)
|
|
|
|
{
|
|
|
|
struct vm_area_struct * vma;
|
|
|
|
struct mm_struct *mm = current->mm;
|
|
|
|
const struct exception_table_entry *fixup;
|
2018-08-18 01:44:47 +03:00
|
|
|
int si_code = SEGV_MAPERR;
|
|
|
|
vm_fault_t fault;
|
2020-04-02 07:08:37 +03:00
|
|
|
unsigned int flags = FAULT_FLAG_DEFAULT;
|
2005-04-17 02:20:36 +04:00
|
|
|
|
|
|
|
/* As of EV6, a load into $31/$f31 is a prefetch, and never faults
|
|
|
|
(or is suppressed by the PALcode). Support that for older CPUs
|
|
|
|
by ignoring such an instruction. */
|
|
|
|
if (cause == 0) {
|
|
|
|
unsigned int insn;
|
|
|
|
__get_user(insn, (unsigned int __user *)regs->pc);
|
|
|
|
if ((insn >> 21 & 0x1f) == 0x1f &&
|
|
|
|
/* ldq ldl ldt lds ldg ldf ldwu ldbu */
|
|
|
|
(1ul << (insn >> 26) & 0x30f00001400ul)) {
|
|
|
|
regs->pc += 4;
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
/* If we're in an interrupt context, or have no user context,
|
|
|
|
we must not take the fault. */
|
2015-05-11 18:52:11 +03:00
|
|
|
if (!mm || faulthandler_disabled())
|
2005-04-17 02:20:36 +04:00
|
|
|
goto no_context;
|
|
|
|
|
|
|
|
#ifdef CONFIG_ALPHA_LARGE_VMALLOC
|
|
|
|
if (address >= TASK_SIZE)
|
|
|
|
goto vmalloc_fault;
|
|
|
|
#endif
|
2013-09-13 02:13:39 +04:00
|
|
|
if (user_mode(regs))
|
|
|
|
flags |= FAULT_FLAG_USER;
|
2020-08-12 04:37:49 +03:00
|
|
|
perf_sw_event(PERF_COUNT_SW_PAGE_FAULTS, 1, regs, address);
|
2012-08-19 06:41:01 +04:00
|
|
|
retry:
|
2020-06-09 07:33:25 +03:00
|
|
|
mmap_read_lock(mm);
|
2005-04-17 02:20:36 +04:00
|
|
|
vma = find_vma(mm, address);
|
|
|
|
if (!vma)
|
|
|
|
goto bad_area;
|
|
|
|
if (vma->vm_start <= address)
|
|
|
|
goto good_area;
|
|
|
|
if (!(vma->vm_flags & VM_GROWSDOWN))
|
|
|
|
goto bad_area;
|
|
|
|
if (expand_stack(vma, address))
|
|
|
|
goto bad_area;
|
|
|
|
|
|
|
|
/* Ok, we have a good vm_area for this memory access, so
|
|
|
|
we can handle it. */
|
|
|
|
good_area:
|
|
|
|
si_code = SEGV_ACCERR;
|
|
|
|
if (cause < 0) {
|
|
|
|
if (!(vma->vm_flags & VM_EXEC))
|
|
|
|
goto bad_area;
|
|
|
|
} else if (!cause) {
|
|
|
|
/* Allow reads even for write-only mappings */
|
|
|
|
if (!(vma->vm_flags & (VM_READ | VM_WRITE)))
|
|
|
|
goto bad_area;
|
|
|
|
} else {
|
|
|
|
if (!(vma->vm_flags & VM_WRITE))
|
|
|
|
goto bad_area;
|
2013-09-13 02:13:39 +04:00
|
|
|
flags |= FAULT_FLAG_WRITE;
|
2005-04-17 02:20:36 +04:00
|
|
|
}
|
|
|
|
|
|
|
|
/* If for any reason at all we couldn't handle the fault,
|
|
|
|
make sure we exit gracefully rather than endlessly redo
|
|
|
|
the fault. */
|
2020-08-12 04:37:49 +03:00
|
|
|
fault = handle_mm_fault(vma, address, flags, regs);
|
2012-08-19 06:41:01 +04:00
|
|
|
|
2023-01-31 07:34:16 +03:00
|
|
|
if (fault_signal_pending(fault, regs)) {
|
|
|
|
if (!user_mode(regs))
|
|
|
|
goto no_context;
|
2012-08-19 06:41:01 +04:00
|
|
|
return;
|
2023-01-31 07:34:16 +03:00
|
|
|
}
|
2012-08-19 06:41:01 +04:00
|
|
|
|
mm: avoid unnecessary page fault retires on shared memory types
I observed that for each of the shared file-backed page faults, we're very
likely to retry one more time for the 1st write fault upon no page. It's
because we'll need to release the mmap lock for dirty rate limit purpose
with balance_dirty_pages_ratelimited() (in fault_dirty_shared_page()).
Then after that throttling we return VM_FAULT_RETRY.
We did that probably because VM_FAULT_RETRY is the only way we can return
to the fault handler at that time telling it we've released the mmap lock.
However that's not ideal because it's very likely the fault does not need
to be retried at all since the pgtable was well installed before the
throttling, so the next continuous fault (including taking mmap read lock,
walk the pgtable, etc.) could be in most cases unnecessary.
It's not only slowing down page faults for shared file-backed, but also add
more mmap lock contention which is in most cases not needed at all.
To observe this, one could try to write to some shmem page and look at
"pgfault" value in /proc/vmstat, then we should expect 2 counts for each
shmem write simply because we retried, and vm event "pgfault" will capture
that.
To make it more efficient, add a new VM_FAULT_COMPLETED return code just to
show that we've completed the whole fault and released the lock. It's also
a hint that we should very possibly not need another fault immediately on
this page because we've just completed it.
This patch provides a ~12% perf boost on my aarch64 test VM with a simple
program sequentially dirtying 400MB shmem file being mmap()ed and these are
the time it needs:
Before: 650.980 ms (+-1.94%)
After: 569.396 ms (+-1.38%)
I believe it could help more than that.
We need some special care on GUP and the s390 pgfault handler (for gmap
code before returning from pgfault), the rest changes in the page fault
handlers should be relatively straightforward.
Another thing to mention is that mm_account_fault() does take this new
fault as a generic fault to be accounted, unlike VM_FAULT_RETRY.
I explicitly didn't touch hmm_vma_fault() and break_ksm() because they do
not handle VM_FAULT_RETRY even with existing code, so I'm literally keeping
them as-is.
Link: https://lkml.kernel.org/r/20220530183450.42886-1-peterx@redhat.com
Signed-off-by: Peter Xu <peterx@redhat.com>
Acked-by: Geert Uytterhoeven <geert@linux-m68k.org>
Acked-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Acked-by: Johannes Weiner <hannes@cmpxchg.org>
Acked-by: Vineet Gupta <vgupta@kernel.org>
Acked-by: Guo Ren <guoren@kernel.org>
Acked-by: Max Filippov <jcmvbkbc@gmail.com>
Acked-by: Christian Borntraeger <borntraeger@linux.ibm.com>
Acked-by: Michael Ellerman <mpe@ellerman.id.au> (powerpc)
Acked-by: Catalin Marinas <catalin.marinas@arm.com>
Reviewed-by: Alistair Popple <apopple@nvidia.com>
Reviewed-by: Ingo Molnar <mingo@kernel.org>
Acked-by: Russell King (Oracle) <rmk+kernel@armlinux.org.uk> [arm part]
Acked-by: Heiko Carstens <hca@linux.ibm.com>
Cc: Vasily Gorbik <gor@linux.ibm.com>
Cc: Stafford Horne <shorne@gmail.com>
Cc: David S. Miller <davem@davemloft.net>
Cc: Johannes Berg <johannes@sipsolutions.net>
Cc: Brian Cain <bcain@quicinc.com>
Cc: Richard Henderson <rth@twiddle.net>
Cc: Richard Weinberger <richard@nod.at>
Cc: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Janosch Frank <frankja@linux.ibm.com>
Cc: Albert Ou <aou@eecs.berkeley.edu>
Cc: Anton Ivanov <anton.ivanov@cambridgegreys.com>
Cc: Dave Hansen <dave.hansen@linux.intel.com>
Cc: Borislav Petkov <bp@alien8.de>
Cc: Sven Schnelle <svens@linux.ibm.com>
Cc: Andrea Arcangeli <aarcange@redhat.com>
Cc: James Bottomley <James.Bottomley@HansenPartnership.com>
Cc: Al Viro <viro@zeniv.linux.org.uk>
Cc: Alexander Gordeev <agordeev@linux.ibm.com>
Cc: Jonas Bonn <jonas@southpole.se>
Cc: Will Deacon <will@kernel.org>
Cc: Vlastimil Babka <vbabka@suse.cz>
Cc: Michal Simek <monstr@monstr.eu>
Cc: Matt Turner <mattst88@gmail.com>
Cc: Paul Mackerras <paulus@samba.org>
Cc: David Hildenbrand <david@redhat.com>
Cc: Nicholas Piggin <npiggin@gmail.com>
Cc: Palmer Dabbelt <palmer@dabbelt.com>
Cc: Stefan Kristiansson <stefan.kristiansson@saunalahti.fi>
Cc: Paul Walmsley <paul.walmsley@sifive.com>
Cc: Ivan Kokshaysky <ink@jurassic.park.msu.ru>
Cc: Chris Zankel <chris@zankel.net>
Cc: Hugh Dickins <hughd@google.com>
Cc: Dinh Nguyen <dinguyen@kernel.org>
Cc: Rich Felker <dalias@libc.org>
Cc: H. Peter Anvin <hpa@zytor.com>
Cc: Andy Lutomirski <luto@kernel.org>
Cc: Thomas Bogendoerfer <tsbogend@alpha.franken.de>
Cc: Helge Deller <deller@gmx.de>
Cc: Yoshinori Sato <ysato@users.osdn.me>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
2022-05-30 21:34:50 +03:00
|
|
|
/* The fault is fully completed (including releasing mmap lock) */
|
|
|
|
if (fault & VM_FAULT_COMPLETED)
|
|
|
|
return;
|
|
|
|
|
2007-07-19 12:47:05 +04:00
|
|
|
if (unlikely(fault & VM_FAULT_ERROR)) {
|
|
|
|
if (fault & VM_FAULT_OOM)
|
|
|
|
goto out_of_memory;
|
vm: add VM_FAULT_SIGSEGV handling support
The core VM already knows about VM_FAULT_SIGBUS, but cannot return a
"you should SIGSEGV" error, because the SIGSEGV case was generally
handled by the caller - usually the architecture fault handler.
That results in lots of duplication - all the architecture fault
handlers end up doing very similar "look up vma, check permissions, do
retries etc" - but it generally works. However, there are cases where
the VM actually wants to SIGSEGV, and applications _expect_ SIGSEGV.
In particular, when accessing the stack guard page, libsigsegv expects a
SIGSEGV. And it usually got one, because the stack growth is handled by
that duplicated architecture fault handler.
However, when the generic VM layer started propagating the error return
from the stack expansion in commit fee7e49d4514 ("mm: propagate error
from stack expansion even for guard page"), that now exposed the
existing VM_FAULT_SIGBUS result to user space. And user space really
expected SIGSEGV, not SIGBUS.
To fix that case, we need to add a VM_FAULT_SIGSEGV, and teach all those
duplicate architecture fault handlers about it. They all already have
the code to handle SIGSEGV, so it's about just tying that new return
value to the existing code, but it's all a bit annoying.
This is the mindless minimal patch to do this. A more extensive patch
would be to try to gather up the mostly shared fault handling logic into
one generic helper routine, and long-term we really should do that
cleanup.
Just from this patch, you can generally see that most architectures just
copied (directly or indirectly) the old x86 way of doing things, but in
the meantime that original x86 model has been improved to hold the VM
semaphore for shorter times etc and to handle VM_FAULT_RETRY and other
"newer" things, so it would be a good idea to bring all those
improvements to the generic case and teach other architectures about
them too.
Reported-and-tested-by: Takashi Iwai <tiwai@suse.de>
Tested-by: Jan Engelhardt <jengelh@inai.de>
Acked-by: Heiko Carstens <heiko.carstens@de.ibm.com> # "s390 still compiles and boots"
Cc: linux-arch@vger.kernel.org
Cc: stable@vger.kernel.org
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2015-01-29 21:51:32 +03:00
|
|
|
else if (fault & VM_FAULT_SIGSEGV)
|
|
|
|
goto bad_area;
|
2007-07-19 12:47:05 +04:00
|
|
|
else if (fault & VM_FAULT_SIGBUS)
|
|
|
|
goto do_sigbus;
|
2005-04-17 02:20:36 +04:00
|
|
|
BUG();
|
|
|
|
}
|
2012-08-19 06:41:01 +04:00
|
|
|
|
2022-01-15 01:05:51 +03:00
|
|
|
if (fault & VM_FAULT_RETRY) {
|
|
|
|
flags |= FAULT_FLAG_TRIED;
|
2012-08-19 06:41:01 +04:00
|
|
|
|
2022-01-15 01:05:51 +03:00
|
|
|
/* No need to mmap_read_unlock(mm) as we would
|
|
|
|
* have already released it in __lock_page_or_retry
|
|
|
|
* in mm/filemap.c.
|
|
|
|
*/
|
2012-08-19 06:41:01 +04:00
|
|
|
|
2022-01-15 01:05:51 +03:00
|
|
|
goto retry;
|
2012-08-19 06:41:01 +04:00
|
|
|
}
|
|
|
|
|
2020-06-09 07:33:25 +03:00
|
|
|
mmap_read_unlock(mm);
|
2012-08-19 06:41:01 +04:00
|
|
|
|
2005-04-17 02:20:36 +04:00
|
|
|
return;
|
|
|
|
|
|
|
|
/* Something tried to access memory that isn't in our memory map.
|
|
|
|
Fix it, but check if it's kernel or user first. */
|
|
|
|
bad_area:
|
2020-06-09 07:33:25 +03:00
|
|
|
mmap_read_unlock(mm);
|
2005-04-17 02:20:36 +04:00
|
|
|
|
|
|
|
if (user_mode(regs))
|
|
|
|
goto do_sigsegv;
|
|
|
|
|
|
|
|
no_context:
|
|
|
|
/* Are we prepared to handle this fault as an exception? */
|
|
|
|
if ((fixup = search_exception_tables(regs->pc)) != 0) {
|
|
|
|
unsigned long newpc;
|
|
|
|
newpc = fixup_exception(dpf_reg, fixup, regs->pc);
|
|
|
|
regs->pc = newpc;
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Oops. The kernel tried to access some bad page. We'll have to
|
|
|
|
terminate things with extreme prejudice. */
|
|
|
|
printk(KERN_ALERT "Unable to handle kernel paging request at "
|
|
|
|
"virtual address %016lx\n", address);
|
|
|
|
die_if_kernel("Oops", regs, cause, (unsigned long*)regs - 16);
|
2021-06-28 22:52:01 +03:00
|
|
|
make_task_dead(SIGKILL);
|
2005-04-17 02:20:36 +04:00
|
|
|
|
|
|
|
/* We ran out of memory, or some other thing happened to us that
|
|
|
|
made us unable to handle the page fault gracefully. */
|
|
|
|
out_of_memory:
|
2020-06-09 07:33:25 +03:00
|
|
|
mmap_read_unlock(mm);
|
2005-04-17 02:20:36 +04:00
|
|
|
if (!user_mode(regs))
|
|
|
|
goto no_context;
|
2010-04-30 01:48:18 +04:00
|
|
|
pagefault_out_of_memory();
|
|
|
|
return;
|
2005-04-17 02:20:36 +04:00
|
|
|
|
|
|
|
do_sigbus:
|
2020-06-09 07:33:25 +03:00
|
|
|
mmap_read_unlock(mm);
|
2005-04-17 02:20:36 +04:00
|
|
|
/* Send a sigbus, regardless of whether we were in kernel
|
|
|
|
or user mode. */
|
2021-05-28 22:15:51 +03:00
|
|
|
force_sig_fault(SIGBUS, BUS_ADRERR, (void __user *) address);
|
2005-04-17 02:20:36 +04:00
|
|
|
if (!user_mode(regs))
|
|
|
|
goto no_context;
|
|
|
|
return;
|
|
|
|
|
|
|
|
do_sigsegv:
|
2021-05-28 22:15:51 +03:00
|
|
|
force_sig_fault(SIGSEGV, si_code, (void __user *) address);
|
2005-04-17 02:20:36 +04:00
|
|
|
return;
|
|
|
|
|
|
|
|
#ifdef CONFIG_ALPHA_LARGE_VMALLOC
|
|
|
|
vmalloc_fault:
|
|
|
|
if (user_mode(regs))
|
|
|
|
goto do_sigsegv;
|
|
|
|
else {
|
|
|
|
/* Synchronize this task's top level page-table
|
|
|
|
with the "reference" page table from init. */
|
|
|
|
long index = pgd_index(address);
|
|
|
|
pgd_t *pgd, *pgd_k;
|
|
|
|
|
|
|
|
pgd = current->active_mm->pgd + index;
|
|
|
|
pgd_k = swapper_pg_dir + index;
|
|
|
|
if (!pgd_present(*pgd) && pgd_present(*pgd_k)) {
|
|
|
|
pgd_val(*pgd) = pgd_val(*pgd_k);
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
goto no_context;
|
|
|
|
}
|
|
|
|
#endif
|
|
|
|
}
|