# git rev-parse -q --verify c14cbef0319d21339a76247c3061230ae2950a7c^{commit} c14cbef0319d21339a76247c3061230ae2950a7c already have revision, skipping fetch # git checkout -q -f -B kisskb c14cbef0319d21339a76247c3061230ae2950a7c # git clean -qxdf # < git log -1 # commit c14cbef0319d21339a76247c3061230ae2950a7c # Author: Christophe Leroy # Date: Mon Jun 3 08:20:28 2019 +0000 # # powerpc: fix kexec failure on book3s/32 # # In the old days, _PAGE_EXEC didn't exist on 6xx aka book3s/32. # Therefore, allthough __mapin_ram_chunk() was already mapping kernel # text with PAGE_KERNEL_TEXT and the rest with PAGE_KERNEL, the entire # memory was executable. Part of the memory (first 512kbytes) was # mapped with BATs instead of page table, but it was also entirely # mapped as executable. # # In commit 385e89d5b20f ("powerpc/mm: add exec protection on # powerpc 603"), we started adding exec protection to some 6xx, namely # the 603, for pages mapped via pagetables. # # Then, in commit 63b2bc619565 ("powerpc/mm/32s: Use BATs for # STRICT_KERNEL_RWX"), the exec protection was extended to BAT mapped # memory, so that really only the kernel text could be executed. # # The problem here is that kexec is based on copying some code into # upper part of memory then executing it from there in order to install # a fresh new kernel at its definitive location. # # However, the code is position independant and first part of it is # just there to deactivate the MMU and jump to the second part. So it # is possible to run this first part inplace instead of running the # copy. Once the MMU is off, there is no protection anymore and the # second part of the code will just run as before. # # Reported-by: Aaro Koskinen # Fixes: 63b2bc619565 ("powerpc/mm/32s: Use BATs for STRICT_KERNEL_RWX") # Cc: stable@vger.kernel.org # Signed-off-by: Christophe Leroy # Tested-by: Aaro Koskinen # Signed-off-by: Michael Ellerman # < /opt/cross/kisskb/br-aarch64-glibc-2016.08-613-ge98b4dd/bin/aarch64-linux-gcc --version # < /opt/cross/kisskb/br-aarch64-glibc-2016.08-613-ge98b4dd/bin/aarch64-linux-ld --version # < git log --format=%s --max-count=1 c14cbef0319d21339a76247c3061230ae2950a7c # < make -s -j 48 ARCH=arm64 O=/kisskb/build/powerpc-fixes_arm64-defconfig_arm64-gcc5.4 CROSS_COMPILE=/opt/cross/kisskb/br-aarch64-glibc-2016.08-613-ge98b4dd/bin/aarch64-linux- defconfig # make -s -j 48 ARCH=arm64 O=/kisskb/build/powerpc-fixes_arm64-defconfig_arm64-gcc5.4 CROSS_COMPILE=/opt/cross/kisskb/br-aarch64-glibc-2016.08-613-ge98b4dd/bin/aarch64-linux- arch/arm64/Makefile:27: ld does not support --fix-cortex-a53-843419; kernel may be susceptible to erratum arch/arm64/Makefile:40: LSE atomics not supported by binutils /kisskb/src/net/ipv4/fib_semantics.c: In function 'fib_check_nh_v4_gw': /kisskb/src/net/ipv4/fib_semantics.c:1027:12: warning: 'err' may be used uninitialized in this function [-Wmaybe-uninitialized] if (!tbl || err) { ^ /kisskb/src/drivers/i2c/busses/i2c-sh_mobile.c: In function 'sh_mobile_i2c_isr': /kisskb/src/drivers/i2c/busses/i2c-sh_mobile.c:399:26: warning: 'data' may be used uninitialized in this function [-Wmaybe-uninitialized] pd->msg->buf[real_pos] = data; ^ /kisskb/src/drivers/i2c/busses/i2c-sh_mobile.c:372:16: note: 'data' was declared here unsigned char data; ^ In file included from /kisskb/src/include/linux/rwsem.h:16:0, from /kisskb/src/include/linux/notifier.h:15, from /kisskb/src/include/linux/clk.h:17, from /kisskb/src/drivers/tty/serial/sh-sci.c:24: /kisskb/src/drivers/tty/serial/sh-sci.c: In function 'sci_dma_rx_submit': /kisskb/src/include/linux/spinlock.h:288:3: warning: 'flags' may be used uninitialized in this function [-Wmaybe-uninitialized] _raw_spin_unlock_irqrestore(lock, flags); \ ^ /kisskb/src/drivers/tty/serial/sh-sci.c:1353:16: note: 'flags' was declared here unsigned long flags; ^ Completed OK # rm -rf /kisskb/build/powerpc-fixes_arm64-defconfig_arm64-gcc5.4 # Build took: 0:03:55.462525