- 14 Mar, 2018 2 commits
-
-
Christian Brauner authored
Most libcs will still look at /dev/ptmx when opening the master fd of a pty device. When /dev/ptmx is a bind-mount of /dev/pts/ptmx and the TIOCGPTPEER ioctl() is used to safely retrieve a file descriptor for the slave side of the pty based on the master fd, the /proc/self/fd/{0,1,2} symlinks will point to /. A very simply reproducer for this issue presupposing a libc that uses TIOCGPTPEER in its openpty() implementation is: unshare --mount mount --bind /dev/pts/ptmx /dev/ptmx chmod 666 /dev/ptmx script ls -al /proc/self/fd/0 Having bind-mounts of /dev/pts/ptmx to /dev/ptmx not working correctly is a regression. In addition, it is also a fairly common scenario in containers employing user namespaces. The reason for the current failure is that the kernel tries to verify the useability of the devpts filesystem without resolving the /dev/ptmx bind-mount first. This will lead it to detect that the dentry is escaping its bind-mount. The reason is that while the devpts filesystem mounted at /dev/pts has the devtmpfs mounted at /dev as its parent mount: 21 -- -- / /dev -- 21 -- / /dev/pts devtmpfs and devpts are on different devices -- -- 0:6 / /dev -- -- 0:20 / /dev/pts This has the consequence that the pathname of the parent directory of the devpts filesystem mount at /dev/pts is /. So if /dev/ptmx is a bind-mount of /dev/pts/ptmx then the /dev/ptmx bind-mount and the devpts mount at /dev/pts will end up being located on the same device which is recorded in the superblock of their vfsmount. This means the parent directory of the /dev/ptmx bind-mount will be /ptmx: -- -- ---- /ptmx /dev/ptmx Without the bind-mount resolution patch the kernel will now perform the bind-mount escape check directly on /dev/ptmx. The function responsible for this is devpts_ptmx_path() which calls pts_path() which in turn calls path_parent_directory(). Based on the above explanation, path_parent_directory() will yield / as the parent directory for the /dev/ptmx bind-mount and not the expected /dev. Thus, the kernel detects that /dev/ptmx is escaping its bind-mount and will set /proc/<pid>/fd/<nr> to /. This patch changes the logic to first resolve any bind-mounts. After the bind-mounts have been resolved (i.e. we have traced it back to the associated devpts mount) devpts_ptmx_path() can be called. In order to guarantee correct path generation for the slave file descriptor the kernel now requires that a pts directory is found in the parent directory of the ptmx bind-mount. This implies that when doing bind-mounts the ptmx bind-mount and the devpts mount should have a common parent directory. A valid example is: mount -t devpts devpts /dev/pts mount --bind /dev/pts/ptmx /dev/ptmx an invalid example is: mount -t devpts devpts /dev/pts mount --bind /dev/pts/ptmx /ptmx This allows us to support: - calling open on ptmx devices located inside non-standard devpts mounts: mount -t devpts devpts /mnt master = open("/mnt/ptmx", ...); slave = ioctl(master, TIOCGPTPEER, ...); - calling open on ptmx devices located outside the devpts mount with a common ancestor directory: mount -t devpts devpts /dev/pts mount --bind /dev/pts/ptmx /dev/ptmx master = open("/dev/ptmx", ...); slave = ioctl(master, TIOCGPTPEER, ...); while failing on ptmx devices located outside the devpts mount without a common ancestor directory: mount -t devpts devpts /dev/pts mount --bind /dev/pts/ptmx /ptmx master = open("/ptmx", ...); slave = ioctl(master, TIOCGPTPEER, ...); in which case save path generation cannot be guaranteed. Signed-off-by:Christian Brauner <christian.brauner@ubuntu.com> Suggested-by:
Eric Biederman <ebiederm@xmission.com> Suggested-by:
Linus Torvalds <torvalds@linux-foundation.org> Reviewed-by:
Greg Kroah-Hartman <gregkh@linuxfoundation.org>
-
Christian Brauner authored
Hoist the check whether we have already found a suitable devpts filesystem out of devpts_ptmx_path() in preparation for the devpts bind-mount resolution patch. This is a non-functional change. Signed-off-by:
-
- 09 Mar, 2018 16 commits
-
-
Joel Stanley authored
The Nuvoton UART is almost compatible with the 8250 driver when probed via the 8250_of driver, however it requires some extra configuration at startup. Reviewed-by:
Rob Herring <robh@kernel.org> Signed-off-by:
Joel Stanley <joel@jms.id.au> Cc: stable <stable@vger.kernel.org> Signed-off-by:
-
Alexey Khoroshilov authored
In case of Alphascale ASM9260 probe() enables s->clk and s->clk_ahb via mxs_get_clks(), but there is no disable of the clocks. The patch adds it to error paths and to mxs_auart_remove(). Found by Linux Driver Verification project (linuxtesting.org). Signed-off-by:
Alexey Khoroshilov <khoroshilov@ispras.ru> Fixes: 254da0d7 ("serial: mxs-auart: add Alphascale ASM9260 support") Signed-off-by:
-
Andy Shevchenko authored
Special settings for APMC0D08 are applied when device is present in the system. To check its presence we may use acpi_dev_present() instead of current open coded variant. Cc: Feng Kan <fkan@apm.com> Signed-off-by:
Andy Shevchenko <andriy.shevchenko@linux.intel.com> Signed-off-by:
-
Uwe Kleine-König authored
Having a fixed prefix helps at several places. It ensures that another driver doesn't use the same function name which confuses the linker and tools like ctags. It simplifies working with function tracing and dynamic printk() support which can filter on function names. And last but not least it helps the human source code reader to understand if a given function belongs to a driver or a more general part of the kernel. Signed-off-by:
Uwe Kleine-König <u.kleine-koenig@pengutronix.de> Signed-off-by:
-
Uwe Kleine-König authored
serial_core might call the .start_tx callback without any data being available to send. In this case return early instead of going through all the setup needed for sending which might include disabling RX in RS485 half-duplex mode. Signed-off-by:
-
Uwe Kleine-König authored
When using RS485 half duplex the Transmitter Complete irq is needed to determine the moment when the transmitter can be disabled. When using DMA this irq must only be enabled when DMA has completed to transfer all data. Otherwise the CPU might busily trigger this irq which is not properly handled and so the also pending irq for the DMA transfer cannot trigger. Signed-off-by:
-
Uwe Kleine-König authored
This allows to increase the RX waterlevel which allows to delay the RRDY irq. The desired effect is that less irqs are needed to handle characters and so reduce irq count of the system. Signed-off-by:
-
Uwe Kleine-König authored
Make sure that UCR1.RXDMAEN and UCR1.ATDMAEN (for the DMA case) and UCR1.RRDYEN (for the PIO case) are off iff UCR1.RXEN is disabled. This ensures that the fifo isn't read with RX disabled which results in an exception. Signed-off-by:
-
Uwe Kleine-König authored
When the UART is used in DMA mode, .stop_rx() does nothing if the port isn't suspended. This is wrong as .stop_rx() should stop receiving characters unconditionally. When the port is about to be closed the DMA channel is stopped in .shutdown(), so this isn't necessary to be in .stop_rx() here, too. Signed-off-by:
-
Uwe Kleine-König authored
The aging timer fires if there are characters in the RX fifo but the water level isn't reached yet. Make sure that the waterlevel is configured before the aging timer is enabled to trigger a DMA request (UCR1_ATDMAEN). Signed-off-by:
-
Uwe Kleine-König authored
The serial/imx driver is full of inconsistently named and typed variables that hold different register values. Consistently use u32 as type (matching what readl and writel use) and name the variables after the register whose value they are holding. This makes it easier to notice when UCR2_RTSEN is written to UCR1. The only difference introduced by this commit in the compiled driver is that twice the second argument to warn_slowpath_null() changed because the two WARN_ON in dma_rx_callback() pass __LINE__ to warn_slowpath_null(). Signed-off-by:
-
Uwe Kleine-König authored
The original code looks as follows: if (sport->dma_is_enabled) { ... make sure TX DMA is running, i.e. .dma_is_txing = 1 } if (sport->dma_is_txing) return; As .dma_is_txing can only be true if .dma_is_enabled is, the return can go at the end of the first if body without an additional check. Signed-off-by: -
Uwe Kleine-König authored
Neither .dma_is_txing nor .dma_is_rxing can evaluate to true if .dma_is_enabled evaluates to false: The only function that sets .dma_is_txing to a non-zero value is imx_dma_tx() which is only called if .dma_is_enabled is true. Same for .dma_is_rxing and start_rx_dma(). And before .dma_is_enabled is set to 0 when imx_shutdown calls imx_disable_dma(), .dma_is_rxing and .dma_is_txing are reset to zero before, too. For this reason sport->dma_is_enabled && sport->dma_is_rxing has the same value as sport->dma_is_rxing which allows to simplify three if conditions. Signed-off-by:
-
Uwe Kleine-König authored
This reduces the amount of read accesses to the register space by shadowing the values for five registers that only change on writing them. There is a single bit in UCR2 that might change without being written to it, this is handled accordingly. Signed-off-by:
-
Uwe Kleine-König authored
This prepares implementing shadow copies for the control registers and additionally provides a good place to hook in debug code to trace register usage. Most of this patch was done using pattern substitution: perl -p -i -e ' s/\breadl(?:_relaxed)?\((?:sport->port\.|port->)membase \+/imx_uart_readl(sport,/; s/\bwritel(?:_relaxed)?\(([^,]*), (sport->port\.|port->)membase \+/imx_uart_writel(sport, $1,/; ' drivers/tty/serial/imx.c Signed-off-by:
-
Palmer Dabbelt authored
The RISC-V ISA defines a simple console that is availiable via SBI calls on all systems. The SBI console is designed to be availiable at all times, so while it's most natural to use this as an early printk target it's also possible to use this as the system console when there isn't a better one availiable. This patch adds support for the RISC-V SBI console via the HVC infastructure. It's entirely independent from our early printk support, which results in early boot messages appearing twice over the SBI console. As far as I can tell that's the fault of our early printk support (we should support earlycon) as opposed to this driver. There is one checkpatch.pl warning here: to check the MAINTAINERS file. They're all matched by the "K: riscv" line. Signed-off-by:
Palmer Dabbelt <palmer@sifive.com> Signed-off-by:
-
- 28 Feb, 2018 22 commits
-
-
Uwe Kleine-König authored
Consistently indicate being called with irqs off and the port lock taken for all functions that this applies to. Signed-off-by:
-
Uwe Kleine-König authored
Only the reference manual for the i.MX1 (I have MC9328MX1RM/D Rev 5 from 2004) uses TDMAEN and RDMAEN for these. All reference manuals for the newer chips use TXDMAEN and RXDMAEN. Update to the newer name with the assumption that most imx users don't use an imx1 any more. Signed-off-by:
-
Andy Shevchenko authored
PCI ID database is for IDs used across several drivers. Here is the case for SUNIX combo cards. No functional change intended. Signed-off-by:
-
Geert Uytterhoeven authored
The cdns_uart_port[] array is indexed using a value derived from the "serialN" alias in DT, which may lead to an out-of-bounds access. Fix this by adding a range check. Fixes: 928e9263 ("tty: xuartps: Initialize ports according to aliases") Signed-off-by:
Geert Uytterhoeven <geert+renesas@glider.be> Reviewed-by:
Michal Simek <michal.simek@xilinx.com> Signed-off-by:
-
Geert Uytterhoeven authored
The sirf_ports[] array is indexed using a value derived from the "serialN" alias in DT, which may lead to an out-of-bounds access. Fix this by adding a range check. Fixes: a6ffe896 ("serial: sirf: use dynamic method allocate uart structure") Signed-off-by:
-
Geert Uytterhoeven authored
The sci_ports[] array is indexed using a value derived from the "serialN" alias in DT, which may lead to an out-of-bounds access. Fix this by adding a range check. Note that the array size is defined by a Kconfig symbol (CONFIG_SERIAL_SH_SCI_NR_UARTS), so this can even be triggered using a legitimate DTB. Fixes: 97ed9790 ("serial: sh-sci: Remove unused platform data capabilities field") Signed-off-by:
-
Geert Uytterhoeven authored
The s3c24xx_serial_ports[] array is indexed using a value derived from the "serialN" alias in DT, or from an incrementing probe index, which may lead to an out-of-bounds access. Fix this by adding a range check. Note that the array size is defined by a Kconfig symbol (CONFIG_SERIAL_SAMSUNG_UARTS), so this can even be triggered using a legitimate DTB or legitimate board code. Fixes: 13a9f6c6 ("serial: samsung: Consider DT alias when probing ports") Signed-off-by:
-
Geert Uytterhoeven authored
The serial_pxa_ports[] array is indexed using a value derived from the "serialN" alias in DT, or from platform data, which may lead to an out-of-bounds access. Fix this by adding a range check. Fixes: 699c20f3 ("serial: pxa: add OF support") Signed-off-by:
-
Geert Uytterhoeven authored
The auart_port[] array is indexed using a value derived from the "serialN" alias in DT, or from platform data, which may lead to an out-of-bounds access. Fix this by adding a range check. Fixes: 1ea6607d ("serial: mxs-auart: Allow device tree probing") Signed-off-by:
-
Geert Uytterhoeven authored
The imx_ports[] array is indexed using a value derived from the "serialN" alias in DT, or from platform data, which may lead to an out-of-bounds access. Fix this by adding a range check. Fixes: ff05967a ("serial/imx: add of_alias_get_id() reference back") Signed-off-by:
-
Geert Uytterhoeven authored
The lpuart_ports[] array is indexed using a value derived from the "serialN" alias in DT, which may lead to an out-of-bounds access. Fix this by adding a range check. Fixes: c9e2e946 ("tty: serial: add Freescale lpuart driver support") Signed-off-by:
-
Geert Uytterhoeven authored
The arc_uart_ports[] array is indexed using a value derived from the "serialN" alias in DT, which may lead to an out-of-bounds access. Fix this by adding a range check. Note that the array size is defined by a Kconfig symbol (CONFIG_SERIAL_ARC_NR_PORTS), so this can even be triggered using a legitimate DTB. Fixes: ea28fd56 ("serial/arc-uart: switch to devicetree based probing") Signed-off-by:
-
Uwe Kleine-König authored
imx_shutdown() calls imx_disable_dma if .dma_is_enabled. So after imx_shudown() completes, .dma_is_enabled is zero. For this reason .dma_is_enabled is also zero when imx_startup() is called. So the check for this variable being zero can be dropped. Signed-off-by:
Shawn Guo <shawnguo@kernel.org> Signed-off-by:
-
Uwe Kleine-König authored
The .dma_is_inited member is only set to a value != 0 when the port's startup function calls imx_uart_dma_init(). On shutdown of the port imx_uart_dma_exit is called which sets the value back to 0. So .dma_is_inited is always 0 when imx_startup() is called (assuming .startup() and .shutdown() are correctly balanced) and the check for !sport->dma_is_inited can go away. This allows to replace .dma_is_inited by a variable local to imx_startup. Signed-off-by:
-
Uwe Kleine-König authored
Handling an irq that isn't enabled can have some undesired side effects. Some of these are mentioned in the newly introduced code comment. Some of the irq sources already had their handling right, some don't. Handle them all in the same consistent way. The change for USR1_RRDY and USR1_AGTIM drops the check for dma_is_enabled. This is correct as UCR1_RRDYEN and UCR2_ATEN are always off if dma is enabled. Signed-off-by:
-
Uwe Kleine-König authored
Now the variable holding the value of register USR1 is called usr1 instead of sts which is more straight forward. The same is also done for sts2 which is called usr2 now. Signed-off-by:
-
Uwe Kleine-König authored
The check sts & USR1_DTRD was just evaluated to true two lines above. So this change doesn't have any effect on the semantic of the driver. Fixes: 27e16501 ("serial: imx: implement DSR irq handling for DTE mode") Signed-off-by:
-
Colin Ian King authored
Bit pattern STAT_FRM_ERR is being bit-wise or'd twice; remove the redundant 2nd STAT_FRM_ERR Signed-off-by:
Colin Ian King <colin.king@canonical.com> Signed-off-by:
-
Troy Kisky authored
This allows me to login after sending a break when service serial-getty@ttymxc0.service is running The "tty_insert_flip_char(port, 0, TTY_BREAK)" in clear_rx_errors fixes this by allowing the higher layers to see a break. Also, call uart_handle_break to handle possible "secure attention key." FYI: Martin said the ROM sdma firmware works with this patch, but external sdma firmware still does not send breaks on a i.mx6UL Signed-off-by:
Troy Kisky <troy.kisky@boundarydevices.com> Tested-by:
Martin Hicks <mort@bork.org> Reviewed-by:
Fabio Estevam <fabio.estevam@nxp.com> Acked-by:
-
Joshua Scott authored
An issue has been observed on the Marvell Armada 38x serial port. Writes to UART_LCR can result in characters that are currently held in the TX FIFO being lost rather than sent, even if the userspace process has attempted to flush them. This is most visible when using the "resize" command (tested on Busybox), where we have observed the escape code for restoring cursor position becoming mangled. Signed-off-by:
Joshua Scott <joshua.scott@alliedtelesis.co.nz> Signed-off-by:
-
Ulrich Hecht authored
High latencies of classic timers cause performance issues for high- speed serial transmissions. This patch transforms rx_timer into an hrtimer to reduce the minimum latency. Signed-off-by:
Ulrich Hecht <ulrich.hecht+renesas@gmail.com> Signed-off-by:
-
Vignesh R authored
omap_8250_throttle() is called when tty RX buffer is about to overflow and can no longer keep up with the rate at which UART is receiving data. So, the expectation of this callback, is that UART stops RX and asserts HW flow control to signal the sender to stop sending more data. omap_8250_throttle() disables RX FIFO interrupts thus FIFO is no longer serviced, leading to assertion of flow control once RX FIFO is full. But, this does not work when DMA is enabled as driver keeps queuing new RX DMA request in completion handler without brothering about throttling request made by the higher layer. This patch introduces a flag that can be used to determine whether or not to queue next RX DMA request based on throttling request. Without this patch, tty buffer overflows are reported at higher baudrates. Signed-off-by:
Vignesh R <vigneshr@ti.com> Signed-off-by:
-
