From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
stable@vger.kernel.org, Paul Mackerras <paulus@ozlabs.org>
Subject: [PATCH 4.14 18/62] KVM: PPC: Book3S HV: Fix trap number return from __kvmppc_vcore_entry
Date: Mon, 14 May 2018 08:48:34 +0200 [thread overview]
Message-ID: <20180514064817.413157098@linuxfoundation.org> (raw)
In-Reply-To: <20180514064816.436958006@linuxfoundation.org>
4.14-stable review patch. If anyone has any objections, please let me know.
------------------
From: Paul Mackerras <paulus@ozlabs.org>
commit a8b48a4dccea77e29462e59f1dbf0d5aa1ff167c upstream.
This fixes a bug where the trap number that is returned by
__kvmppc_vcore_entry gets corrupted. The effect of the corruption
is that IPIs get ignored on POWER9 systems when the IPI is sent via
a doorbell interrupt to a CPU which is executing in a KVM guest.
The effect of the IPI being ignored is often that another CPU locks
up inside smp_call_function_many() (and if that CPU is holding a
spinlock, other CPUs then lock up inside raw_spin_lock()).
The trap number is currently held in register r12 for most of the
assembly-language part of the guest exit path. In that path, we
call kvmppc_subcore_exit_guest(), which is a C function, without
restoring r12 afterwards. Depending on the kernel config and the
compiler, it may modify r12 or it may not, so some config/compiler
combinations see the bug and others don't.
To fix this, we arrange for the trap number to be stored on the
stack from the 'guest_bypass:' label until the end of the function,
then the trap number is loaded and returned in r12 as before.
Cc: stable@vger.kernel.org # v4.8+
Fixes: fd7bacbca47a ("KVM: PPC: Book3S HV: Fix TB corruption in guest exit path on HMI interrupt")
Signed-off-by: Paul Mackerras <paulus@ozlabs.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
arch/powerpc/kvm/book3s_hv_rmhandlers.S | 8 +++++---
1 file changed, 5 insertions(+), 3 deletions(-)
--- a/arch/powerpc/kvm/book3s_hv_rmhandlers.S
+++ b/arch/powerpc/kvm/book3s_hv_rmhandlers.S
@@ -308,7 +308,6 @@ kvm_novcpu_exit:
stw r12, STACK_SLOT_TRAP(r1)
bl kvmhv_commence_exit
nop
- lwz r12, STACK_SLOT_TRAP(r1)
b kvmhv_switch_to_host
/*
@@ -1136,6 +1135,7 @@ END_FTR_SECTION_IFSET(CPU_FTR_ARCH_300)
secondary_too_late:
li r12, 0
+ stw r12, STACK_SLOT_TRAP(r1)
cmpdi r4, 0
beq 11f
stw r12, VCPU_TRAP(r4)
@@ -1445,12 +1445,12 @@ mc_cont:
1:
#endif /* CONFIG_KVM_XICS */
+ stw r12, STACK_SLOT_TRAP(r1)
mr r3, r12
/* Increment exit count, poke other threads to exit */
bl kvmhv_commence_exit
nop
ld r9, HSTATE_KVM_VCPU(r13)
- lwz r12, VCPU_TRAP(r9)
/* Stop others sending VCPU interrupts to this physical CPU */
li r0, -1
@@ -1816,6 +1816,7 @@ END_FTR_SECTION_IFSET(CPU_FTR_POWER9_DD1
* POWER7/POWER8 guest -> host partition switch code.
* We don't have to lock against tlbies but we do
* have to coordinate the hardware threads.
+ * Here STACK_SLOT_TRAP(r1) contains the trap number.
*/
kvmhv_switch_to_host:
/* Secondary threads wait for primary to do partition switch */
@@ -1868,11 +1869,11 @@ BEGIN_FTR_SECTION
END_FTR_SECTION_IFSET(CPU_FTR_ARCH_207S)
/* If HMI, call kvmppc_realmode_hmi_handler() */
+ lwz r12, STACK_SLOT_TRAP(r1)
cmpwi r12, BOOK3S_INTERRUPT_HMI
bne 27f
bl kvmppc_realmode_hmi_handler
nop
- li r12, BOOK3S_INTERRUPT_HMI
/*
* At this point kvmppc_realmode_hmi_handler would have resync-ed
* the TB. Hence it is not required to subtract guest timebase
@@ -1950,6 +1951,7 @@ END_MMU_FTR_SECTION_IFSET(MMU_FTR_TYPE_R
li r0, KVM_GUEST_MODE_NONE
stb r0, HSTATE_IN_GUEST(r13)
+ lwz r12, STACK_SLOT_TRAP(r1) /* return trap # in r12 */
ld r0, SFS+PPC_LR_STKOFF(r1)
addi r1, r1, SFS
mtlr r0
next prev parent reply other threads:[~2018-05-14 6:48 UTC|newest]
Thread overview: 71+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-05-14 6:48 [PATCH 4.14 00/62] 4.14.41-stable review Greg Kroah-Hartman
2018-05-14 6:48 ` [PATCH 4.14 01/62] ipvs: fix rtnl_lock lockups caused by start_sync_thread Greg Kroah-Hartman
2018-05-14 6:48 ` [PATCH 4.14 02/62] netfilter: ebtables: dont attempt to allocate 0-sized compat array Greg Kroah-Hartman
2018-05-14 6:48 ` [PATCH 4.14 03/62] kcm: Call strp_stop before strp_done in kcm_attach Greg Kroah-Hartman
2018-05-14 6:48 ` [PATCH 4.14 04/62] crypto: af_alg - fix possible uninit-value in alg_bind() Greg Kroah-Hartman
2018-05-14 6:48 ` [PATCH 4.14 05/62] netlink: fix uninit-value in netlink_sendmsg Greg Kroah-Hartman
2018-05-14 6:48 ` [PATCH 4.14 06/62] net: fix rtnh_ok() Greg Kroah-Hartman
2018-05-14 6:48 ` [PATCH 4.14 07/62] net: initialize skb->peeked when cloning Greg Kroah-Hartman
2018-05-14 6:48 ` [PATCH 4.14 08/62] net: fix uninit-value in __hw_addr_add_ex() Greg Kroah-Hartman
2018-05-14 6:48 ` [PATCH 4.14 09/62] dccp: initialize ireq->ir_mark Greg Kroah-Hartman
2018-05-14 6:48 ` [PATCH 4.14 10/62] ipv4: fix uninit-value in ip_route_output_key_hash_rcu() Greg Kroah-Hartman
2018-05-14 6:48 ` [PATCH 4.14 11/62] soreuseport: initialise timewait reuseport field Greg Kroah-Hartman
2018-05-14 6:48 ` [PATCH 4.14 12/62] inetpeer: fix uninit-value in inet_getpeer Greg Kroah-Hartman
2018-05-14 6:48 ` [PATCH 4.14 13/62] memcg: fix per_node_info cleanup Greg Kroah-Hartman
2018-05-14 6:48 ` [PATCH 4.14 14/62] perf: Remove superfluous allocation error check Greg Kroah-Hartman
2018-05-14 6:48 ` [PATCH 4.14 15/62] tcp: fix TCP_REPAIR_QUEUE bound checking Greg Kroah-Hartman
2018-05-14 6:48 ` [PATCH 4.14 16/62] bdi: wake up concurrent wb_shutdown() callers Greg Kroah-Hartman
2018-05-14 6:48 ` [PATCH 4.14 17/62] bdi: Fix oops in wb_workfn() Greg Kroah-Hartman
2018-05-14 6:48 ` Greg Kroah-Hartman [this message]
2018-05-14 6:48 ` [PATCH 4.14 19/62] KVM: PPC: Book3S HV: Fix guest time accounting with VIRT_CPU_ACCOUNTING_GEN Greg Kroah-Hartman
2018-05-14 6:48 ` [PATCH 4.14 20/62] KVM: PPC: Book3S HV: Fix VRMA initialization with 2MB or 1GB memory backing Greg Kroah-Hartman
2018-05-14 6:48 ` [PATCH 4.14 21/62] arm64: Add work around for Arm Cortex-A55 Erratum 1024718 Greg Kroah-Hartman
2018-05-14 6:48 ` [PATCH 4.14 22/62] compat: fix 4-byte infoleak via uninitialized struct field Greg Kroah-Hartman
2018-05-14 6:48 ` [PATCH 4.14 23/62] gpioib: do not free unrequested descriptors Greg Kroah-Hartman
2018-05-14 6:48 ` [PATCH 4.14 24/62] gpio: fix aspeed_gpio unmask irq Greg Kroah-Hartman
2018-05-14 6:48 ` [PATCH 4.14 25/62] gpio: fix error path in lineevent_create Greg Kroah-Hartman
2018-05-14 6:48 ` [PATCH 4.14 26/62] rfkill: gpio: fix memory leak in probe error path Greg Kroah-Hartman
2018-05-14 6:48 ` [PATCH 4.14 27/62] libata: Apply NOLPM quirk for SanDisk SD7UB3Q*G1001 SSDs Greg Kroah-Hartman
2018-05-14 6:48 ` [PATCH 4.14 28/62] dm integrity: use kvfree for kvmallocd memory Greg Kroah-Hartman
2018-05-14 6:48 ` [PATCH 4.14 29/62] tracing: Fix regex_match_front() to not over compare the test string Greg Kroah-Hartman
2018-05-14 6:48 ` [PATCH 4.14 30/62] z3fold: fix reclaim lock-ups Greg Kroah-Hartman
2018-05-14 6:48 ` [PATCH 4.14 31/62] mm: sections are not offlined during memory hotremove Greg Kroah-Hartman
2018-05-14 6:48 ` [PATCH 4.14 32/62] mm, oom: fix concurrent munlock and oom reaper unmap, v3 Greg Kroah-Hartman
2018-05-14 6:48 ` [PATCH 4.14 33/62] ceph: fix rsize/wsize capping in ceph_direct_read_write() Greg Kroah-Hartman
2018-05-14 6:48 ` [PATCH 4.14 34/62] can: kvaser_usb: Increase correct stats counter in kvaser_usb_rx_can_msg() Greg Kroah-Hartman
2018-05-14 6:48 ` [PATCH 4.14 35/62] can: hi311x: Acquire SPI lock on ->do_get_berr_counter Greg Kroah-Hartman
2018-05-14 6:48 ` [PATCH 4.14 36/62] can: hi311x: Work around TX complete interrupt erratum Greg Kroah-Hartman
2018-05-14 6:48 ` [PATCH 4.14 37/62] drm/vc4: Fix scaling of uni-planar formats Greg Kroah-Hartman
2018-05-14 6:48 ` [PATCH 4.14 38/62] drm/i915: Fix drm:intel_enable_lvds ERROR message in kernel log Greg Kroah-Hartman
2018-05-14 6:48 ` [PATCH 4.14 39/62] drm/nouveau: Fix deadlock in nv50_mstm_register_connector() Greg Kroah-Hartman
2018-05-14 6:48 ` [PATCH 4.14 40/62] drm/atomic: Clean old_state/new_state in drm_atomic_state_default_clear() Greg Kroah-Hartman
2018-05-14 6:48 ` [PATCH 4.14 41/62] drm/atomic: Clean private obj " Greg Kroah-Hartman
2018-05-14 6:48 ` [PATCH 4.14 42/62] net: atm: Fix potential Spectre v1 Greg Kroah-Hartman
2018-05-14 6:48 ` [PATCH 4.14 43/62] atm: zatm: " Greg Kroah-Hartman
2018-05-14 6:49 ` [PATCH 4.14 44/62] PCI / PM: Always check PME wakeup capability for runtime wakeup support Greg Kroah-Hartman
2018-05-14 6:49 ` [PATCH 4.14 45/62] PCI / PM: Check device_may_wakeup() in pci_enable_wake() Greg Kroah-Hartman
2018-05-14 6:49 ` [PATCH 4.14 46/62] cpufreq: schedutil: Avoid using invalid next_freq Greg Kroah-Hartman
2018-05-14 6:49 ` [PATCH 4.14 47/62] Revert "Bluetooth: btusb: Fix quirk for Atheros 1525/QCA6174" Greg Kroah-Hartman
2018-05-14 6:49 ` [PATCH 4.14 48/62] Bluetooth: btusb: Add Dell XPS 13 9360 to btusb_needs_reset_resume_table Greg Kroah-Hartman
2018-05-14 6:49 ` [PATCH 4.14 49/62] Bluetooth: btusb: Only check needs_reset_resume DMI table for QCA rome chipsets Greg Kroah-Hartman
2018-05-15 17:07 ` Brian Norris
2018-05-15 19:42 ` Guenter Roeck
2018-05-16 7:57 ` gregkh
2018-05-14 6:49 ` [PATCH 4.14 50/62] thermal: exynos: Reading temperature makes sense only when TMU is turned on Greg Kroah-Hartman
2018-05-14 6:49 ` [PATCH 4.14 51/62] thermal: exynos: Propagate error value from tmu_read() Greg Kroah-Hartman
2018-05-14 6:49 ` [PATCH 4.14 52/62] nvme: add quirk to force medium priority for SQ creation Greg Kroah-Hartman
2018-05-14 6:49 ` [PATCH 4.14 53/62] smb3: directory sync should not return an error Greg Kroah-Hartman
2018-05-14 6:49 ` [PATCH 4.14 54/62] sched/autogroup: Fix possible Spectre-v1 indexing for sched_prio_to_weight[] Greg Kroah-Hartman
2018-05-14 6:49 ` [PATCH 4.14 55/62] tracing/uprobe_event: Fix strncpy corner case Greg Kroah-Hartman
2018-05-14 6:49 ` [PATCH 4.14 56/62] perf/x86: Fix possible Spectre-v1 indexing for hw_perf_event cache_* Greg Kroah-Hartman
2018-05-14 6:49 ` [PATCH 4.14 57/62] perf/x86/cstate: Fix possible Spectre-v1 indexing for pkg_msr Greg Kroah-Hartman
2018-05-14 6:49 ` [PATCH 4.14 58/62] perf/x86/msr: Fix possible Spectre-v1 indexing in the MSR driver Greg Kroah-Hartman
2018-05-14 6:49 ` [PATCH 4.14 59/62] perf/core: Fix possible Spectre-v1 indexing for ->aux_pages[] Greg Kroah-Hartman
2018-05-14 6:49 ` [PATCH 4.14 60/62] perf/x86: Fix possible Spectre-v1 indexing for x86_pmu::event_map() Greg Kroah-Hartman
2018-05-14 6:49 ` [PATCH 4.14 61/62] KVM: PPC: Book3S HV: Fix handling of large pages in radix page fault handler Greg Kroah-Hartman
2018-05-14 6:49 ` [PATCH 4.14 62/62] KVM: x86: remove APIC Timer periodic/oneshot spikes Greg Kroah-Hartman
2018-05-14 8:28 ` [PATCH 4.14 00/62] 4.14.41-stable review Nathan Chancellor
2018-05-14 12:45 ` kernelci.org bot
2018-05-14 16:21 ` Guenter Roeck
2018-05-14 22:02 ` Shuah Khan
2018-05-15 5:36 ` Naresh Kamboju
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180514064817.413157098@linuxfoundation.org \
--to=gregkh@linuxfoundation.org \
--cc=linux-kernel@vger.kernel.org \
--cc=paulus@ozlabs.org \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.