18 Oct, 2018
1 commit
-
commit 24abf2901b18bf941b9f21ea2ce5791f61097ae4 upstream.
We have two nested loops to check the entries within the pfn_array_table
arrays. But we mistakenly use the outer array as an index in our check,
and completely ignore the indexing performed by the inner loop.Cc: stable@vger.kernel.org
Signed-off-by: Eric Farman
Message-Id:
Signed-off-by: Cornelia Huck
Signed-off-by: Greg Kroah-Hartman
05 Sep, 2018
1 commit
-
commit 64e03ff72623b8c2ea89ca3cb660094e019ed4ae upstream.
When allocating a new AOB fails, handle_outbound() is still capable of
transmitting the selected buffer (just without async completion).But if a previous transfer on this queue slot used async completion, its
sbal_state flags field is still set to QDIO_OUTBUF_STATE_FLAG_PENDING.
So when the upper layer driver sees this stale flag, it expects an async
completion that never happens.Fix this by unconditionally clearing the flags field.
Fixes: 104ea556ee7f ("qdio: support asynchronous delivery of storage blocks")
Cc: #v3.2+
Signed-off-by: Julian Wiedmann
Signed-off-by: Martin Schwidefsky
Signed-off-by: Greg Kroah-Hartman
24 Aug, 2018
1 commit
-
[ Upstream commit 2c861d89ccda2fbcea9358eff9cc5f8fae548be5 ]
If the device has not been registered, or there is work pending,
we should reschedule a sch_event call again.Signed-off-by: Dong Jia Shi
Message-Id:
Reviewed-by: Cornelia Huck
Signed-off-by: Cornelia Huck
Signed-off-by: Sasha Levin
Signed-off-by: Greg Kroah-Hartman
30 May, 2018
4 commits
-
[ Upstream commit 9851bc77e62499957567e7c39a5beba7d6de6296 ]
vfio-ccw only supports command mode for channel programs, not transport
mode. User space is supposed to already take care of that and pass us
command-mode ORBs only, but better make sure and return an error to
the caller instead of trying to process tcws as ccws.Reviewed-by: Dong Jia Shi
Acked-by: Halil Pasic
Signed-off-by: Cornelia Huck
Signed-off-by: Sasha Levin
Signed-off-by: Greg Kroah-Hartman -
[ Upstream commit 410d5e13e7638bc146321671e223d56495fbf3c7 ]
When we terminate driver I/O (because we need to stop using a certain
channel path) we also need to ensure that a timer (which may have been
set up using ccw_device_start_timeout) is cleared.Signed-off-by: Sebastian Ott
Signed-off-by: Martin Schwidefsky
Signed-off-by: Sasha Levin
Signed-off-by: Greg Kroah-Hartman -
[ Upstream commit 770b55c995d171f026a9efb85e71e3b1ea47b93d ]
When a timeout occurs for users of ccw_device_start_timeout
we will stop the IO and call the drivers int handler with
the irb pointer set to ERR_PTR(-ETIMEDOUT). Sometimes
however we'd set the irb pointer to ERR_PTR(-EIO) which is
not intended. Just set the correct value in all codepaths.Reported-by: Julian Wiedmann
Signed-off-by: Sebastian Ott
Signed-off-by: Martin Schwidefsky
Signed-off-by: Sasha Levin
Signed-off-by: Greg Kroah-Hartman -
[ Upstream commit f97a6b6c47d2f329a24f92cc0ca3c6df5727ba73 ]
There are cases a device driver can't start IO because the device is
currently in use by cio. In this case the device driver is notified
when the device is usable again.Using ccw_device_start_timeout we would set the timeout (and change
an existing timeout) before we test for internal usage. Worst case
this could lead to an unexpected timer deletion.Fix this by setting the timeout after we test for internal usage.
Signed-off-by: Sebastian Ott
Signed-off-by: Martin Schwidefsky
Signed-off-by: Sasha Levin
Signed-off-by: Greg Kroah-Hartman
23 May, 2018
3 commits
-
commit 2e68adcd2fb21b7188ba449f0fab3bee2910e500 upstream.
Calling qdio_release_memory() on error is just plain wrong. It frees
the main qdio_irq struct, when following code still uses it.Also, no other error path in qdio_establish() does this. So trust
callers to clean up via qdio_free() if some step of the QDIO
initialization fails.Fixes: 779e6e1c724d ("[S390] qdio: new qdio driver.")
Cc: #v2.6.27+
Signed-off-by: Julian Wiedmann
Signed-off-by: Martin Schwidefsky
Signed-off-by: Greg Kroah-Hartman -
commit e521813468f786271a87e78e8644243bead48fad upstream.
Ever since CQ/QAOB support was added, calling qdio_free() straight after
qdio_alloc() results in qdio_release_memory() accessing uninitialized
memory (ie. q->u.out.use_cq and q->u.out.aobs). Followed by a
kmem_cache_free() on the random AOB addresses.For older kernels that don't have 6e30c549f6ca, the same applies if
qdio_establish() fails in the DEV_STATE_ONLINE check.While initializing q->u.out.use_cq would be enough to fix this
particular bug, the more future-proof change is to just zero-alloc the
whole struct.Fixes: 104ea556ee7f ("qdio: support asynchronous delivery of storage blocks")
Cc: #v3.2+
Signed-off-by: Julian Wiedmann
Signed-off-by: Martin Schwidefsky
Signed-off-by: Greg Kroah-Hartman -
commit d66a7355717ec903d455277a550d930ba13df4a8 upstream.
If the translation of a channel program fails, we may end up attempting
to clean up (free, unpin) stuff that never got translated (and allocated,
pinned) in the first place.By adjusting the lengths of the chains accordingly (so the element that
failed, and all subsequent elements are excluded) cleanup activities
based on false assumptions can be avoided.Let's make sure cp_free works properly after cp_prefetch returns with an
error by setting ch_len of a ccw chain to the number of the translated
CCWs on that chain.Cc: stable@vger.kernel.org #v4.12+
Acked-by: Pierre Morel
Reviewed-by: Dong Jia Shi
Signed-off-by: Halil Pasic
Signed-off-by: Dong Jia Shi
Message-Id:
[CH: fixed typos]
Signed-off-by: Cornelia Huck
Signed-off-by: Martin Schwidefsky
Signed-off-by: Greg Kroah-Hartman
02 May, 2018
1 commit
-
commit 3368e547c52b96586f0edf9657ca12b94d8e61a7 upstream.
When we call ssch, an interrupt might already be pending once we
return from the START SUBCHANNEL instruction. Therefore we need to
make sure interrupts are disabled while holding the subchannel lock
until after we're done with our processing.Cc: stable@vger.kernel.org #v4.12+
Reviewed-by: Dong Jia Shi
Acked-by: Halil Pasic
Acked-by: Pierre Morel
Signed-off-by: Cornelia Huck
Signed-off-by: Martin Schwidefsky
Signed-off-by: Greg Kroah-Hartman
29 Apr, 2018
1 commit
-
commit af2e460ade0b0180d0f3812ca4f4f59cc9597f3e upstream.
Channel path descriptors have been seen as something stable (as
long as the chpid is configured). Recent tests have shown that the
descriptor can also be altered when the link state of a channel path
changes. Thus it is necessary to update the descriptor during
handling of resource accessibility events.Cc:
Signed-off-by: Sebastian Ott
Reviewed-by: Peter Oberparleiter
Signed-off-by: Martin Schwidefsky
Signed-off-by: Greg Kroah-Hartman
19 Apr, 2018
2 commits
-
commit 0cf1e05157b9e5530dcc3ca9fec9bf617fc93375 upstream.
On an Output queue, both EMPTY and PENDING buffer states imply that the
buffer is ready for completion-processing by the upper-layer drivers.So for a non-QEBSM Output queue, get_buf_states() merges mixed
batches of PENDING and EMPTY buffers into one large batch of EMPTY
buffers. The upper-layer driver (ie. qeth) later distuingishes PENDING
from EMPTY by inspecting the slsb_state for
QDIO_OUTBUF_STATE_FLAG_PENDING.But the merge logic in get_buf_states() contains a bug that causes us to
erronously also merge ERROR buffers into such a batch of EMPTY buffers
(ERROR is 0xaf, EMPTY is 0xa1; so ERROR & EMPTY == EMPTY).
Effectively, most outbound ERROR buffers are currently discarded
silently and processed as if they had succeeded.Note that this affects _all_ non-QEBSM device types, not just IQD with CQ.
Fix it by explicitly spelling out the exact conditions for merging.
For extracting the "get initial state" part out of the loop, this relies
on the fact that get_buf_states() is never called with a count of 0. The
QEBSM path already strictly requires this, and the two callers with
variable 'count' make sure of it.Fixes: 104ea556ee7f ("qdio: support asynchronous delivery of storage blocks")
Cc: #v3.2+
Signed-off-by: Julian Wiedmann
Reviewed-by: Ursula Braun
Reviewed-by: Benjamin Block
Signed-off-by: Martin Schwidefsky
Signed-off-by: Greg Kroah-Hartman -
commit dae55b6fef58530c13df074bcc182c096609339e upstream.
Immediate retry of EQBS after CCQ 96 means that we potentially misreport
the state of buffers inspected during the first EQBS call.This occurs when
1. the first EQBS finds all inspected buffers still in the initial state
set by the driver (ie INPUT EMPTY or OUTPUT PRIMED),
2. the EQBS terminates early with CCQ 96, and
3. by the time that the second EQBS comes around, the state of those
previously inspected buffers has changed.If the state reported by the second EQBS is 'driver-owned', all we know
is that the previous buffers are driver-owned now as well. But we can't
tell if they all have the same state. So for instance
- the second EQBS reports OUTPUT EMPTY, but any number of the previous
buffers could be OUTPUT ERROR by now,
- the second EQBS reports OUTPUT ERROR, but any number of the previous
buffers could be OUTPUT EMPTY by now.Effectively, this can result in both over- and underreporting of errors.
If the state reported by the second EQBS is 'HW-owned', that doesn't
guarantee that the previous buffers have not been switched to
driver-owned in the mean time. So for instance
- the second EQBS reports INPUT EMPTY, but any number of the previous
buffers could be INPUT PRIMED (or INPUT ERROR) by now.This would result in failure to process pending work on the queue. If
it's the final check before yielding initiative, this can cause
a (temporary) queue stall due to IRQ avoidance.Fixes: 25f269f17316 ("[S390] qdio: EQBS retry after CCQ 96")
Cc: #v3.2+
Signed-off-by: Julian Wiedmann
Reviewed-by: Benjamin Block
Signed-off-by: Martin Schwidefsky
Signed-off-by: Greg Kroah-Hartman
10 Dec, 2017
1 commit
-
[ Upstream commit 408358b50deaf59b07c82a7bff8c7e7cce031fae ]
Because we do not make use of the cda (channel data address) for test,
no-op ccws no address translation takes place. This means cda could
contain a guest address which we do not want to attempt to free. Let's
check the command type and skip cda free when it is not needed.For a TIC ccw, ccw->cda points to either a ccw in an existing chain or
it points to a whole new allocated chain. In either case the data will
be freed when the owning chain is freed.Signed-off-by: Jason J. Herne
Reviewed-by: Dong Jia Shi
Reviewed-by: Pierre Morel
Message-Id:
Reviewed-by: Halil Pasic
Acked-by: Christian Borntraeger
Signed-off-by: Cornelia Huck
Signed-off-by: Sasha Levin
Signed-off-by: Greg Kroah-Hartman
02 Nov, 2017
1 commit
-
Many source files in the tree are missing licensing information, which
makes it harder for compliance tools to determine the correct license.By default all files without license information are under the default
license of the kernel, which is GPL version 2.Update the files which contain no license information with the 'GPL-2.0'
SPDX license identifier. The SPDX identifier is a legally binding
shorthand, which can be used instead of the full boiler plate text.This patch is based on work done by Thomas Gleixner and Kate Stewart and
Philippe Ombredanne.How this work was done:
Patches were generated and checked against linux-4.14-rc6 for a subset of
the use cases:
- file had no licensing information it it.
- file was a */uapi/* one with no licensing information in it,
- file was a */uapi/* one with existing licensing information,Further patches will be generated in subsequent months to fix up cases
where non-standard license headers were used, and references to license
had to be inferred by heuristics based on keywords.The analysis to determine which SPDX License Identifier to be applied to
a file was done in a spreadsheet of side by side results from of the
output of two independent scanners (ScanCode & Windriver) producing SPDX
tag:value files created by Philippe Ombredanne. Philippe prepared the
base worksheet, and did an initial spot review of a few 1000 files.The 4.13 kernel was the starting point of the analysis with 60,537 files
assessed. Kate Stewart did a file by file comparison of the scanner
results in the spreadsheet to determine which SPDX license identifier(s)
to be applied to the file. She confirmed any determination that was not
immediately clear with lawyers working with the Linux Foundation.Criteria used to select files for SPDX license identifier tagging was:
- Files considered eligible had to be source code files.
- Make and config files were included as candidates if they contained >5
lines of source
- File already had some variant of a license header in it (even if
Reviewed-by: Philippe Ombredanne
Reviewed-by: Thomas Gleixner
Signed-off-by: Greg Kroah-Hartman
19 Sep, 2017
1 commit
-
In some situations we don't receive notification from firmware that
a previously unusable channelpath is usable again.Schedule recovery for devices that return from path verification
without using all potentially usable paths. The recovery thread will
periodically trigger a path verification on the affected devices.Signed-off-by: Sebastian Ott
Suggested-by: Peter Oberparleiter
Reviewed-by: Peter Oberparleiter
Signed-off-by: Martin Schwidefsky
03 Aug, 2017
1 commit
-
Add const to bin_attribute structures as they are only passed to the
functions device_{remove/create}_bin_file. The corresponding arguments
are of type const, so declare the structures to be const.Cross compiled for s390 architecture.
Signed-off-by: Bhumika Goyal
Signed-off-by: Martin Schwidefsky
26 Jul, 2017
2 commits
-
…vms390/vfio-ccw into features
Pull vfio-ccw fix from Cornelia Huck:
"A bugfix in the ccw translation code." -
attribute_group are not supposed to change at runtime. All functions
working with attribute_group provided by work
with const attribute_group. So mark the non-const structs as const.Signed-off-by: Arvind Yadav
Signed-off-by: Martin Schwidefsky
24 Jul, 2017
1 commit
-
When we are translating channel data addresses from guest to host
address space for TIC instructions we are getting incorrect
addresses because of a pointer arithmetic error.We currently calculate the offset of the TIC's cda from the start
of the channel program chain (ccw->cda - ccw_head). We then add
that to the address of the ccw chain in host memory (iter->ch_ccw).
The problem is that iter->ch_ccw is a pointer to struct ccw1 so
when we increment it we are actually incrementing by the size of
struct ccw1 which is 8 bytes. The intent was to increment by
n-bytes, not n*8.The fix: cast iter->ch_ccw to char* so it will be incremented by
n*1.Reviewed-by: Dong Jia Shi
Signed-off-by: Jason J. Herne
Signed-off-by: Dong Jia Shi
Message-Id:
Signed-off-by: Cornelia Huck
13 Jul, 2017
1 commit
-
When channel path is identified as the report source code (RSC)
of a CRW, and initialized (CRW_ERC_INIT) is recognized as the
error recovery code (ERC) by the channel subsystem, it indicates
a "path has come" event.Let's handle this case in chp_process_crw().
Reviewed-by: Sebastian Ott
Signed-off-by: Dong Jia Shi
Signed-off-by: Martin Schwidefsky
05 Jul, 2017
1 commit
-
Fix this set but not used warning:
drivers/s390/cio/vfio_ccw_drv.c: In function 'vfio_ccw_sch_io_todo':
drivers/s390/cio/vfio_ccw_drv.c:72:21: warning: variable 'sch' set but not used [-Wunused-but-set-variable]
struct subchannel *sch;
^Signed-off-by: Sebastian Ott
Reviewed-by: Dong Jia Shi
Acked-by: Cornelia Huck
Signed-off-by: Martin Schwidefsky
04 Jul, 2017
1 commit
-
Pull s390 updates from Martin Schwidefsky:
"The bulk of the s390 patches for 4.13. Some new things but mostly bug
fixes and cleanups. Noteworthy changes:- The SCM block driver is converted to blk-mq
- Switch s390 to 5 level page tables. The virtual address space for a
user space process can now have up to 16EB-4KB.- Introduce a ELF phdr flag for qemu to avoid the global
vm.alloc_pgste which forces all processes to large page tables- A couple of PCI improvements to improve error recovery
- Included is the merge of the base support for proper machine checks
for KVM"* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/s390/linux: (52 commits)
s390/dasd: Fix faulty ENODEV for RO sysfs attribute
s390/pci: recognize name clashes with uids
s390/pci: provide more debug information
s390/pci: fix handling of PEC 306
s390/pci: improve pci hotplug
s390/pci: introduce clp_get_state
s390/pci: improve error handling during fmb (de)registration
s390/pci: improve unreg_ioat error handling
s390/pci: improve error handling during interrupt deregistration
s390/pci: don't cleanup in arch_setup_msi_irqs
KVM: s390: Backup the guest's machine check info
s390/nmi: s390: New low level handling for machine check happening in guest
s390/fpu: export save_fpu_regs for all configs
s390/kvm: avoid global config of vm.alloc_pgste=1
s390: rename struct psw_bits members
s390: rename psw_bits enums
s390/mm: use correct address space when enabling DAT
s390/cio: introduce io_subchannel_type
s390/ipl: revert Load Normal semantics for LPAR CCW-type re-IPL
s390/dumpstack: remove raw stack dump
...
23 Jun, 2017
1 commit
-
Pull in the fix for shared tags, as it conflicts with the pending
changes in for-4.13/block. We already pulled in v4.12-rc5 to solve
other conflicts or get fixes that went into 4.12, so not a lot
of changes in this merge.Signed-off-by: Jens Axboe
12 Jun, 2017
1 commit
-
The sysfs attributes implemented by the vfio_ccw driver are also implemented by
the io_subchannel driver. Move these into a device_type which is set by the
css bus.Signed-off-by: Sebastian Ott
Reviewed-by: Dong Jia Shi
Reviewed-by: Cornelia Huck
Signed-off-by: Martin Schwidefsky
09 Jun, 2017
1 commit
-
Currently we use nornal Linux errno values in the block layer, and while
we accept any error a few have overloaded magic meanings. This patch
instead introduces a new blk_status_t value that holds block layer specific
status codes and explicitly explains their meaning. Helpers to convert from
and to the previous special meanings are provided for now, but I suspect
we want to get rid of them in the long run - those drivers that have a
errno input (e.g. networking) usually get errnos that don't know about
the special block layer overloads, and similarly returning them to userspace
will usually return somethings that strictly speaking isn't correct
for file system operations, but that's left as an exercise for later.For now the set of errors is a very limited set that closely corresponds
to the previous overloaded errno values, but there is some low hanging
fruite to improve it.blk_status_t (ab)uses the sparse __bitwise annotations to allow for sparse
typechecking, so that we can easily catch places passing the wrong values.Signed-off-by: Christoph Hellwig
Signed-off-by: Jens Axboe
23 May, 2017
1 commit
-
…vms390/vfio-ccw into fixes
Pull vfio-ccw fix from Conelia Huck:
"vfio-ccw: one patch"* Make some symbols in vfio-ccw static, as detected by sparse.
22 May, 2017
1 commit
-
Make some symbols static to fix sparse warnings like:
drivers/s390/cio/vfio_ccw_ops.c:73:1: warning: symbol 'mdev_type_attr_name' was not declared. Should it be static?Signed-off-by: Sebastian Ott
Reviewed-by: Dong Jia Shi
Signed-off-by: Cornelia Huck
09 May, 2017
2 commits
-
Avoid false positive warnings like this with gcc 7.1:
drivers/s390/cio/qdio_debug.h:63:4:
note: 'snprintf' output between 8 and 17 bytes into a destination of size 16
snprintf(debug_buffer, QDIO_DBF_LEN, text);and simply increase the size of the string buffer.
Reviewed-by: Sebastian Ott
Signed-off-by: Heiko Carstens
Signed-off-by: Martin Schwidefsky -
Avoid false positive warnings like this with gcc 7.1:
drivers/s390/cio/ccwgroup.c:41:21:
warning: '%d' directive writing between 1 and 10 bytes into a region of size 4
sprintf(str, "cdev%d", i);and simply increase the size of the string buffer.
Reviewed-by: Sebastian Ott
Signed-off-by: Heiko Carstens
Signed-off-by: Martin Schwidefsky
12 Apr, 2017
2 commits
-
When vfio_ccw_mdev_reset fails during the remove process of the mdev,
the current implementation simply returns.The failure indicates that the subchannel device is in a NOT_OPER state,
thus the right thing to do should be removing the mdev.While we are at here, reverse the condition check to make the code more
concise and readable.Signed-off-by: Dong Jia Shi
Message-Id:
Signed-off-by: Cornelia Huck -
Remove several unnecessary checks for the @private pointer, since it
can never be NULL in these places.Reported-by: Dan Carpenter
Signed-off-by: Dong Jia Shi
Message-Id:
Signed-off-by: Cornelia Huck
31 Mar, 2017
7 commits
-
Although Linux does not use format-0 channel command words (CCW0)
these are a non-optional part of the platform spec, and for the sake
of platform compliance, and possibly some non-Linux guests, we have
to support CCW0.Making the kernel execute a format 0 channel program is too much hassle
because we would need to allocate and use memory which can be addressed
by 24 bit physical addresses (because of CCW0.cda). So we implement CCW0
support by translating the channel program into an equivalent CCW1
program instead.Based upon an orginal patch by Kai Yue Wang.
Signed-off-by: Dong Jia Shi
Message-Id:
Signed-off-by: Cornelia Huck -
The current implementation doesn't check if the subchannel is in a
proper device state when handling an event. Let's introduce
a finite state machine to manage the state/event change.Signed-off-by: Dong Jia Shi
Message-Id:
Signed-off-by: Cornelia Huck -
Introduce a singlethreaded workqueue to handle the I/O interrupts.
With the work added to this queue, we store the I/O results to the
io_region of the subchannel, then signal the userspace program to
handle the results.Signed-off-by: Dong Jia Shi
Message-Id:
Signed-off-by: Cornelia Huck -
Realize VFIO_DEVICE_GET_IRQ_INFO ioctl to retrieve
VFIO_CCW_IO_IRQ information.Realize VFIO_DEVICE_SET_IRQS ioctl to set an eventfd fd for
VFIO_CCW_IO_IRQ. Once a write operation to the ccw_io_region
was performed, trigger a signal on this fd.Reviewed-by: Pierre Morel
Signed-off-by: Dong Jia Shi
Acked-by: Alex Williamson
Message-Id:
Signed-off-by: Cornelia Huck -
Introduce VFIO_DEVICE_RESET ioctl for vfio-ccw to make it possible
to hot-reset the device.We try to achieve a reset by first disabling the subchannel and
then enabling it again: this should clear all state at the subchannel.Signed-off-by: Dong Jia Shi
Message-Id:
Signed-off-by: Cornelia Huck -
Introduce device information about vfio-ccw: VFIO_DEVICE_FLAGS_CCW.
Realize VFIO_DEVICE_GET_REGION_INFO ioctl for vfio-ccw.Reviewed-by: Pierre Morel
Signed-off-by: Dong Jia Shi
Acked-by: Alex Williamson
Message-Id:
Signed-off-by: Cornelia Huck -
We implement the basic ccw command handling infrastructure
here:
1. Translate the ccw commands.
2. Issue the translated ccw commands to the device.
3. Once we get the execution result, update the guest SCSW
with it.Acked-by: Pierre Morel
Signed-off-by: Dong Jia Shi
Message-Id:
Signed-off-by: Cornelia Huck