# git rev-parse -q --verify c228d294f2040c3a5f5965ff04d4947d0bf6e7da^{commit} c228d294f2040c3a5f5965ff04d4947d0bf6e7da already have revision, skipping fetch # git checkout -q -f -B kisskb c228d294f2040c3a5f5965ff04d4947d0bf6e7da # git clean -qxdf # < git log -1 # commit c228d294f2040c3a5f5965ff04d4947d0bf6e7da # Author: Linus Torvalds # Date: Thu Jan 31 11:10:20 2019 -0800 # # x86: explicitly align IO accesses in memcpy_{to,from}io # # In commit 170d13ca3a2f ("x86: re-introduce non-generic memcpy_{to,from}io") # I made our copy from IO space use a separate copy routine rather than # rely on the generic memcpy. I did that because our generic memory copy # isn't actually well-defined when it comes to internal access ordering or # alignment, and will in fact depend on various CPUID flags. # # In particular, the default memcpy() for a modern Intel CPU will # generally be just a "rep movsb", which works reasonably well for # medium-sized memory copies of regular RAM, since the CPU will turn it # into fairly optimized microcode. # # However, for non-cached memory and IO, "rep movs" ends up being # horrendously slow and will just do the architectural "one byte at a # time" accesses implied by the movsb. # # At the other end of the spectrum, if you _don't_ end up using the "rep # movsb" code, you'd likely fall back to the software copy, which does # overlapping accesses for the tail, and may copy things backwards. # Again, for regular memory that's fine, for IO memory not so much. # # The thinking was that clearly nobody really cared (because things # worked), but some people had seen horrible performance due to the byte # accesses, so let's just revert back to our long ago version that dod # "rep movsl" for the bulk of the copy, and then fixed up the potentially # last few bytes of the tail with "movsw/b". # # Interestingly (and perhaps not entirely surprisingly), while that was # our original memory copy implementation, and had been used before for # IO, in the meantime many new users of memcpy_*io() had come about. And # while the access patterns for the memory copy weren't well-defined (so # arguably _any_ access pattern should work), in practice the "rep movsb" # case had been very common for the last several years. # # In particular Jarkko Sakkinen reported that the memcpy_*io() change # resuled in weird errors from his Geminilake NUC TPM module. # # And it turns out that the TPM TCG accesses according to spec require # that the accesses be # # (a) done strictly sequentially # # (b) be naturally aligned # # otherwise the TPM chip will abort the PCI transaction. # # And, in fact, the tpm_crb.c driver did this: # # memcpy_fromio(buf, priv->rsp, 6); # ... # memcpy_fromio(&buf[6], &priv->rsp[6], expected - 6); # # which really should never have worked in the first place, but back # before commit 170d13ca3a2f it *happened* to work, because the # memcpy_fromio() would be expanded to a regular memcpy, and # # (a) gcc would expand the first memcpy in-line, and turn it into a # 4-byte and a 2-byte read, and they happened to be in the right # order, and the alignment was right. # # (b) gcc would call "memcpy()" for the second one, and the machines that # had this TPM chip also apparently ended up always having ERMS # ("Enhanced REP MOVSB/STOSB instructions"), so we'd use the "rep # movbs" for that copy. # # In other words, basically by pure luck, the code happened to use the # right access sizes in the (two different!) memcpy() implementations to # make it all work. # # But after commit 170d13ca3a2f, both of the memcpy_fromio() calls # resulted in a call to the routine with the consistent memory accesses, # and in both cases it started out transferring with 4-byte accesses. # Which worked for the first copy, but resulted in the second copy doing a # 32-bit read at an address that was only 2-byte aligned. # # Jarkko is actually fixing the fragile code in the TPM driver, but since # this is an excellent example of why we absolutely must not use a generic # memcpy for IO accesses, _and_ an IO-specific one really should strive to # align the IO accesses, let's do exactly that. # # Side note: Jarkko also noted that the driver had been used on ARM # platforms, and had worked. That was because on 32-bit ARM, memcpy_*io() # ends up always doing byte accesses, and on 64-bit ARM it first does byte # accesses to align to 8-byte boundaries, and then does 8-byte accesses # for the bulk. # # So ARM actually worked by design, and the x86 case worked by pure luck. # # We *might* want to make x86-64 do the 8-byte case too. That should be a # pretty straightforward extension, but let's do one thing at a time. And # generally MMIO accesses aren't really all that performance-critical, as # shown by the fact that for a long time we just did them a byte at a # time, and very few people ever noticed. # # Reported-and-tested-by: Jarkko Sakkinen # Tested-by: Jerry Snitselaar # Cc: David Laight # Fixes: 170d13ca3a2f ("x86: re-introduce non-generic memcpy_{to,from}io") # Signed-off-by: Linus Torvalds # < /opt/cross/kisskb/gcc-4.6.3-nolibc/powerpc-linux/bin/powerpc-linux-gcc --version # < /opt/cross/kisskb/gcc-4.6.3-nolibc/powerpc-linux/bin/powerpc-linux-ld --version # < git log --format=%s --max-count=1 c228d294f2040c3a5f5965ff04d4947d0bf6e7da # < make -s -j 48 ARCH=powerpc O=/kisskb/build/linus_ppc44x_defconfig_powerpc-gcc4.6 CROSS_COMPILE=/opt/cross/kisskb/gcc-4.6.3-nolibc/powerpc-linux/bin/powerpc-linux- ppc44x_defconfig # make -s -j 48 ARCH=powerpc O=/kisskb/build/linus_ppc44x_defconfig_powerpc-gcc4.6 CROSS_COMPILE=/opt/cross/kisskb/gcc-4.6.3-nolibc/powerpc-linux/bin/powerpc-linux- /kisskb/src/kernel/printk/printk.c: In function 'devkmsg_sysctl_set_loglvl': /kisskb/src/kernel/printk/printk.c:186:16: warning: 'old' may be used uninitialized in this function [-Wuninitialized] /kisskb/src/drivers/i2c/i2c-core-base.c: In function 'i2c_generic_scl_recovery': /kisskb/src/drivers/i2c/i2c-core-base.c:235:5: warning: 'ret' may be used uninitialized in this function [-Wuninitialized] /kisskb/src/drivers/tty/serial/8250/8250_core.c: In function 'univ8250_release_irq': /kisskb/src/drivers/tty/serial/8250/8250_core.c:247:18: warning: 'i' may be used uninitialized in this function [-Wuninitialized] /kisskb/src/drivers/tty/serial/8250/8250_core.c:227:19: note: 'i' was declared here /kisskb/src/fs/proc/inode.c: In function 'proc_reg_open': /kisskb/src/include/linux/list.h:65:12: warning: 'pdeo' may be used uninitialized in this function [-Wuninitialized] /kisskb/src/fs/proc/inode.c:339:21: note: 'pdeo' was declared here /kisskb/src/net/bridge/br_netlink.c: In function 'br_afspec.isra.35': /kisskb/src/net/bridge/br_netlink.c:652:7: warning: 'err' may be used uninitialized in this function [-Wuninitialized] /kisskb/src/drivers/net/tun.c: In function 'tun_get_user': /kisskb/src/drivers/net/tun.c:1846:30: warning: 'copylen' may be used uninitialized in this function [-Wuninitialized] /kisskb/src/drivers/net/tun.c:1756:46: warning: 'linear' may be used uninitialized in this function [-Wuninitialized] /kisskb/src/arch/powerpc/boot/dts/katmai.dts:322.26-361.5: Warning (pci_bridge): /plb/pciex@d00000000: node name is not "pci" or "pcie" /kisskb/src/arch/powerpc/boot/dts/katmai.dts:363.26-402.5: Warning (pci_bridge): /plb/pciex@d20000000: node name is not "pci" or "pcie" /kisskb/src/arch/powerpc/boot/dts/katmai.dts:404.26-443.5: Warning (pci_bridge): /plb/pciex@d40000000: node name is not "pci" or "pcie" arch/powerpc/boot/dts/katmai.dtb: Warning (pci_device_bus_num): Failed prerequisite 'pci_bridge' INFO: Uncompressed kernel (size 0x55189c) overlaps the address of the wrapper(0x400000) INFO: Fixing the link_address of wrapper to (0x600000) INFO: Uncompressed kernel (size 0x55189c) overlaps the address of the wrapper(0x400000) INFO: Fixing the link_address of wrapper to (0x600000) INFO: Uncompressed kernel (size 0x55189c) overlaps the address of the wrapper(0x400000) INFO: Fixing the link_address of wrapper to (0x600000) INFO: Uncompressed kernel (size 0x55189c) overlaps the address of the wrapper(0x400000) INFO: Fixing the link_address of wrapper to (0x600000) INFO: Uncompressed kernel (size 0x55189c) overlaps the address of the wrapper(0x400000) INFO: Fixing the link_address of wrapper to (0x600000) INFO: Uncompressed kernel (size 0x55189c) overlaps the address of the wrapper(0x400000) INFO: Fixing the link_address of wrapper to (0x600000) INFO: Uncompressed kernel (size 0x55189c) overlaps the address of the wrapper(0x400000) INFO: Fixing the link_address of wrapper to (0x600000) INFO: Uncompressed kernel (size 0x55189c) overlaps the address of the wrapper(0x400000) INFO: Fixing the link_address of wrapper to (0x600000) INFO: Uncompressed kernel (size 0x55189c) overlaps the address of the wrapper(0x400000) INFO: Fixing the link_address of wrapper to (0x600000) INFO: Uncompressed kernel (size 0x5411f0) overlaps the address of the wrapper(0x400000) INFO: Fixing the link_address of wrapper to (0x600000) INFO: Uncompressed kernel (size 0x55189c) overlaps the address of the wrapper(0x400000) INFO: Fixing the link_address of wrapper to (0x600000) INFO: Uncompressed kernel (size 0x55189c) overlaps the address of the wrapper(0x400000) INFO: Fixing the link_address of wrapper to (0x600000) Image Name: Linux-5.0.0-rc4-gc228d294f204 Created: Sat Feb 2 05:45:31 2019 Image Type: PowerPC Linux Kernel Image (gzip compressed) Data Size: 2683812 Bytes = 2620.91 KiB = 2.56 MiB Load Address: 00000000 Entry Point: 00000000 Image Name: Linux-5.0.0-rc4-gc228d294f204 Created: Sat Feb 2 05:45:31 2019 Image Type: PowerPC Linux Kernel Image (gzip compressed) Data Size: 2715731 Bytes = 2652.08 KiB = 2.59 MiB Load Address: 00600000 Entry Point: 006014c0 Image Name: Linux-5.0.0-rc4-gc228d294f204 Created: Sat Feb 2 05:45:31 2019 Image Type: PowerPC Linux Kernel Image (gzip compressed) Data Size: 2714836 Bytes = 2651.21 KiB = 2.59 MiB Load Address: 00600000 Entry Point: 006014e0 Image Name: Linux-5.0.0-rc4-gc228d294f204 Created: Sat Feb 2 05:45:31 2019 Image Type: PowerPC Linux Kernel Image (gzip compressed) Data Size: 2715253 Bytes = 2651.61 KiB = 2.59 MiB Load Address: 00600000 Entry Point: 006014cc Image Name: Linux-5.0.0-rc4-gc228d294f204 Created: Sat Feb 2 05:45:31 2019 Image Type: PowerPC Linux Kernel Image (gzip compressed) Data Size: 2715296 Bytes = 2651.66 KiB = 2.59 MiB Load Address: 00600000 Entry Point: 006014e0 Image Name: Linux-5.0.0-rc4-gc228d294f204 Created: Sat Feb 2 05:45:31 2019 Image Type: PowerPC Linux Kernel Image (gzip compressed) Data Size: 2715545 Bytes = 2651.90 KiB = 2.59 MiB Load Address: 00600000 Entry Point: 006014d8 Image Name: Linux-5.0.0-rc4-gc228d294f204 Created: Sat Feb 2 05:45:31 2019 Image Type: PowerPC Linux Kernel Image (gzip compressed) Data Size: 2715137 Bytes = 2651.50 KiB = 2.59 MiB Load Address: 00600000 Entry Point: 006001bc Image Name: Linux-5.0.0-rc4-gc228d294f204 Created: Sat Feb 2 05:45:31 2019 Image Type: PowerPC Linux Kernel Image (gzip compressed) Data Size: 2715283 Bytes = 2651.64 KiB = 2.59 MiB Load Address: 00600000 Entry Point: 006014ec Image Name: Linux-5.0.0-rc4-gc228d294f204 Created: Sat Feb 2 05:45:31 2019 Image Type: PowerPC Linux Kernel Image (gzip compressed) Data Size: 2715706 Bytes = 2652.06 KiB = 2.59 MiB Load Address: 00600000 Entry Point: 006014e0 Image Name: Linux-5.0.0-rc4-gc228d294f204 Created: Sat Feb 2 05:45:31 2019 Image Type: PowerPC Linux Kernel Image (gzip compressed) Data Size: 2715561 Bytes = 2651.92 KiB = 2.59 MiB Load Address: 00600000 Entry Point: 006000c8 Completed OK # rm -rf /kisskb/build/linus_ppc44x_defconfig_powerpc-gcc4.6 # Build took: 0:00:41.895171