[PATCH 0/2] Fixes for HV KVM on PPC for 3.14

[PATCH 0/2] Fixes for HV KVM on PPC for 3.14

[Paul Mackerras]

These two patches fix two things in hypervisor-mode KVM for the IBM
POWER server processors.  The first patch removes a hunk of extraneous
code that got in as a result of a mistake I made in cleaning up after
rebasing a patch.  The second fixes a bug that causes host memory
corruption.  Both patches fix things that cause host crashes, so I'd
like them in 3.14 if possible.  The two patches only touch one file,
arch/powerpc/kvm/book3s_hv_rmhandlers.S, so they can't possibly cause
any problems for other architectures or other PPC platforms.

The patches are against the master branch of the kvm tree but should
apply equally on Linus' current master branch.

Scott, please ack.

Paolo, I meant to get these out earlier, but a personal emergency
arose this week and delayed me.

Thanks,
Paul.

[PATCH 0/2] Fixes for HV KVM on PPC for 3.14

[Paul Mackerras]

These two patches fix two things in hypervisor-mode KVM for the IBM
POWER server processors.  The first patch removes a hunk of extraneous
code that got in as a result of a mistake I made in cleaning up after
rebasing a patch.  The second fixes a bug that causes host memory
corruption.  Both patches fix things that cause host crashes, so I'd
like them in 3.14 if possible.  The two patches only touch one file,
arch/powerpc/kvm/book3s_hv_rmhandlers.S, so they can't possibly cause
any problems for other architectures or other PPC platforms.

The patches are against the master branch of the kvm tree but should
apply equally on Linus' current master branch.

Scott, please ack.

Paolo, I meant to get these out earlier, but a personal emergency
arose this week and delayed me.

Thanks,
Paul.

[PATCH 1/2] KVM: PPC: Book3S HV: Remove bogus duplicate code

[Paul Mackerras]

Commit 7b490411c37f ("KVM: PPC: Book3S HV: Add new state for
transactional memory") incorrectly added some duplicate code to the
guest exit path because I didn't manage to clean up after a rebase
correctly.  This removes the extraneous material.  The presence of
this extraneous code causes host crashes whenever a guest is run.

Signed-off-by: Paul Mackerras <paulus@samba.org>
---
 arch/powerpc/kvm/book3s_hv_rmhandlers.S | 67 ---------------------------------
 1 file changed, 67 deletions(-)

diff --git a/arch/powerpc/kvm/book3s_hv_rmhandlers.S b/arch/powerpc/kvm/book3s_hv_rmhandlers.S
index e66d4ec..781e6bf 100644
--- a/arch/powerpc/kvm/book3s_hv_rmhandlers.S
+++ b/arch/powerpc/kvm/book3s_hv_rmhandlers.S
@@ -1504,73 +1504,6 @@ END_FTR_SECTION_IFSET(CPU_FTR_ARCH_207S)
 1:	addi	r8,r8,16
 	.endr
 
-	/* Save DEC */
-	mfspr	r5,SPRN_DEC
-	mftb	r6
-	extsw	r5,r5
-	add	r5,r5,r6
-	std	r5,VCPU_DEC_EXPIRES(r9)
-
-BEGIN_FTR_SECTION
-	b	8f
-END_FTR_SECTION_IFCLR(CPU_FTR_ARCH_207S)
-	/* Turn on TM so we can access TFHAR/TFIAR/TEXASR */
-	mfmsr	r8
-	li	r0, 1
-	rldimi	r8, r0, MSR_TM_LG, 63-MSR_TM_LG
-	mtmsrd	r8
-
-	/* Save POWER8-specific registers */
-	mfspr	r5, SPRN_IAMR
-	mfspr	r6, SPRN_PSPB
-	mfspr	r7, SPRN_FSCR
-	std	r5, VCPU_IAMR(r9)
-	stw	r6, VCPU_PSPB(r9)
-	std	r7, VCPU_FSCR(r9)
-	mfspr	r5, SPRN_IC
-	mfspr	r6, SPRN_VTB
-	mfspr	r7, SPRN_TAR
-	std	r5, VCPU_IC(r9)
-	std	r6, VCPU_VTB(r9)
-	std	r7, VCPU_TAR(r9)
-#ifdef CONFIG_PPC_TRANSACTIONAL_MEM
-	mfspr	r5, SPRN_TFHAR
-	mfspr	r6, SPRN_TFIAR
-	mfspr	r7, SPRN_TEXASR
-	std	r5, VCPU_TFHAR(r9)
-	std	r6, VCPU_TFIAR(r9)
-	std	r7, VCPU_TEXASR(r9)
-#endif
-	mfspr	r8, SPRN_EBBHR
-	std	r8, VCPU_EBBHR(r9)
-	mfspr	r5, SPRN_EBBRR
-	mfspr	r6, SPRN_BESCR
-	mfspr	r7, SPRN_CSIGR
-	mfspr	r8, SPRN_TACR
-	std	r5, VCPU_EBBRR(r9)
-	std	r6, VCPU_BESCR(r9)
-	std	r7, VCPU_CSIGR(r9)
-	std	r8, VCPU_TACR(r9)
-	mfspr	r5, SPRN_TCSCR
-	mfspr	r6, SPRN_ACOP
-	mfspr	r7, SPRN_PID
-	mfspr	r8, SPRN_WORT
-	std	r5, VCPU_TCSCR(r9)
-	std	r6, VCPU_ACOP(r9)
-	stw	r7, VCPU_GUEST_PID(r9)
-	std	r8, VCPU_WORT(r9)
-8:
-
-	/* Save and reset AMR and UAMOR before turning on the MMU */
-BEGIN_FTR_SECTION
-	mfspr	r5,SPRN_AMR
-	mfspr	r6,SPRN_UAMOR
-	std	r5,VCPU_AMR(r9)
-	std	r6,VCPU_UAMOR(r9)
-	li	r6,0
-	mtspr	SPRN_AMR,r6
-END_FTR_SECTION_IFSET(CPU_FTR_ARCH_206)
-
 	/* Unset guest mode */
 	li	r0, KVM_GUEST_MODE_NONE
 	stb	r0, HSTATE_IN_GUEST(r13)
-- 
1.9.rc1

[PATCH 1/2] KVM: PPC: Book3S HV: Remove bogus duplicate code

[Paul Mackerras]

Commit 7b490411c37f ("KVM: PPC: Book3S HV: Add new state for
transactional memory") incorrectly added some duplicate code to the
guest exit path because I didn't manage to clean up after a rebase
correctly.  This removes the extraneous material.  The presence of
this extraneous code causes host crashes whenever a guest is run.

Signed-off-by: Paul Mackerras <paulus@samba.org>
---
 arch/powerpc/kvm/book3s_hv_rmhandlers.S | 67 ---------------------------------
 1 file changed, 67 deletions(-)

diff --git a/arch/powerpc/kvm/book3s_hv_rmhandlers.S b/arch/powerpc/kvm/book3s_hv_rmhandlers.S
index e66d4ec..781e6bf 100644
--- a/arch/powerpc/kvm/book3s_hv_rmhandlers.S
+++ b/arch/powerpc/kvm/book3s_hv_rmhandlers.S
@@ -1504,73 +1504,6 @@ END_FTR_SECTION_IFSET(CPU_FTR_ARCH_207S)
 1:	addi	r8,r8,16
 	.endr
 
-	/* Save DEC */
-	mfspr	r5,SPRN_DEC
-	mftb	r6
-	extsw	r5,r5
-	add	r5,r5,r6
-	std	r5,VCPU_DEC_EXPIRES(r9)
-
-BEGIN_FTR_SECTION
-	b	8f
-END_FTR_SECTION_IFCLR(CPU_FTR_ARCH_207S)
-	/* Turn on TM so we can access TFHAR/TFIAR/TEXASR */
-	mfmsr	r8
-	li	r0, 1
-	rldimi	r8, r0, MSR_TM_LG, 63-MSR_TM_LG
-	mtmsrd	r8
-
-	/* Save POWER8-specific registers */
-	mfspr	r5, SPRN_IAMR
-	mfspr	r6, SPRN_PSPB
-	mfspr	r7, SPRN_FSCR
-	std	r5, VCPU_IAMR(r9)
-	stw	r6, VCPU_PSPB(r9)
-	std	r7, VCPU_FSCR(r9)
-	mfspr	r5, SPRN_IC
-	mfspr	r6, SPRN_VTB
-	mfspr	r7, SPRN_TAR
-	std	r5, VCPU_IC(r9)
-	std	r6, VCPU_VTB(r9)
-	std	r7, VCPU_TAR(r9)
-#ifdef CONFIG_PPC_TRANSACTIONAL_MEM
-	mfspr	r5, SPRN_TFHAR
-	mfspr	r6, SPRN_TFIAR
-	mfspr	r7, SPRN_TEXASR
-	std	r5, VCPU_TFHAR(r9)
-	std	r6, VCPU_TFIAR(r9)
-	std	r7, VCPU_TEXASR(r9)
-#endif
-	mfspr	r8, SPRN_EBBHR
-	std	r8, VCPU_EBBHR(r9)
-	mfspr	r5, SPRN_EBBRR
-	mfspr	r6, SPRN_BESCR
-	mfspr	r7, SPRN_CSIGR
-	mfspr	r8, SPRN_TACR
-	std	r5, VCPU_EBBRR(r9)
-	std	r6, VCPU_BESCR(r9)
-	std	r7, VCPU_CSIGR(r9)
-	std	r8, VCPU_TACR(r9)
-	mfspr	r5, SPRN_TCSCR
-	mfspr	r6, SPRN_ACOP
-	mfspr	r7, SPRN_PID
-	mfspr	r8, SPRN_WORT
-	std	r5, VCPU_TCSCR(r9)
-	std	r6, VCPU_ACOP(r9)
-	stw	r7, VCPU_GUEST_PID(r9)
-	std	r8, VCPU_WORT(r9)
-8:
-
-	/* Save and reset AMR and UAMOR before turning on the MMU */
-BEGIN_FTR_SECTION
-	mfspr	r5,SPRN_AMR
-	mfspr	r6,SPRN_UAMOR
-	std	r5,VCPU_AMR(r9)
-	std	r6,VCPU_UAMOR(r9)
-	li	r6,0
-	mtspr	SPRN_AMR,r6
-END_FTR_SECTION_IFSET(CPU_FTR_ARCH_206)
-
 	/* Unset guest mode */
 	li	r0, KVM_GUEST_MODE_NONE
 	stb	r0, HSTATE_IN_GUEST(r13)
-- 
1.9.rc1

[PATCH 2/2] KVM: PPC: Book3S HV: Fix register usage when loading/saving VRSAVE

[Paul Mackerras]

Commit 595e4f7e697e ("KVM: PPC: Book3S HV: Use load/store_fp_state
functions in HV guest entry/exit") changed the register usage in
kvmppc_save_fp() and kvmppc_load_fp() but omitted changing the
instructions that load and save VRSAVE.  The result is that the
VRSAVE value was loaded from a constant address, and saved to a
location past the end of the vcpu struct, causing host kernel
memory corruption and various kinds of host kernel crashes.

This fixes the problem by using register r31, which contains the
vcpu pointer, instead of r3 and r4.

Signed-off-by: Paul Mackerras <paulus@samba.org>
---
 arch/powerpc/kvm/book3s_hv_rmhandlers.S | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/arch/powerpc/kvm/book3s_hv_rmhandlers.S b/arch/powerpc/kvm/book3s_hv_rmhandlers.S
index 781e6bf..818dce3 100644
--- a/arch/powerpc/kvm/book3s_hv_rmhandlers.S
+++ b/arch/powerpc/kvm/book3s_hv_rmhandlers.S
@@ -2136,7 +2136,7 @@ BEGIN_FTR_SECTION
 END_FTR_SECTION_IFSET(CPU_FTR_ALTIVEC)
 #endif
 	mfspr	r6,SPRN_VRSAVE
-	stw	r6,VCPU_VRSAVE(r3)
+	stw	r6,VCPU_VRSAVE(r31)
 	mtlr	r30
 	mtmsrd	r5
 	isync
@@ -2173,7 +2173,7 @@ BEGIN_FTR_SECTION
 	bl	.load_vr_state
 END_FTR_SECTION_IFSET(CPU_FTR_ALTIVEC)
 #endif
-	lwz	r7,VCPU_VRSAVE(r4)
+	lwz	r7,VCPU_VRSAVE(r31)
 	mtspr	SPRN_VRSAVE,r7
 	mtlr	r30
 	mr	r4,r31
-- 
1.9.rc1

[PATCH 2/2] KVM: PPC: Book3S HV: Fix register usage when loading/saving VRSAVE

[Paul Mackerras]

Commit 595e4f7e697e ("KVM: PPC: Book3S HV: Use load/store_fp_state
functions in HV guest entry/exit") changed the register usage in
kvmppc_save_fp() and kvmppc_load_fp() but omitted changing the
instructions that load and save VRSAVE.  The result is that the
VRSAVE value was loaded from a constant address, and saved to a
location past the end of the vcpu struct, causing host kernel
memory corruption and various kinds of host kernel crashes.

This fixes the problem by using register r31, which contains the
vcpu pointer, instead of r3 and r4.

Signed-off-by: Paul Mackerras <paulus@samba.org>
---
 arch/powerpc/kvm/book3s_hv_rmhandlers.S | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/arch/powerpc/kvm/book3s_hv_rmhandlers.S b/arch/powerpc/kvm/book3s_hv_rmhandlers.S
index 781e6bf..818dce3 100644
--- a/arch/powerpc/kvm/book3s_hv_rmhandlers.S
+++ b/arch/powerpc/kvm/book3s_hv_rmhandlers.S
@@ -2136,7 +2136,7 @@ BEGIN_FTR_SECTION
 END_FTR_SECTION_IFSET(CPU_FTR_ALTIVEC)
 #endif
 	mfspr	r6,SPRN_VRSAVE
-	stw	r6,VCPU_VRSAVE(r3)
+	stw	r6,VCPU_VRSAVE(r31)
 	mtlr	r30
 	mtmsrd	r5
 	isync
@@ -2173,7 +2173,7 @@ BEGIN_FTR_SECTION
 	bl	.load_vr_state
 END_FTR_SECTION_IFSET(CPU_FTR_ALTIVEC)
 #endif
-	lwz	r7,VCPU_VRSAVE(r4)
+	lwz	r7,VCPU_VRSAVE(r31)
 	mtspr	SPRN_VRSAVE,r7
 	mtlr	r30
 	mr	r4,r31
-- 
1.9.rc1

Re: [PATCH 0/2] Fixes for HV KVM on PPC for 3.14

[Paolo Bonzini]

Il 13/03/2014 10:01, Paul Mackerras ha scritto:
> These two patches fix two things in hypervisor-mode KVM for the IBM
> POWER server processors.  The first patch removes a hunk of extraneous
> code that got in as a result of a mistake I made in cleaning up after
> rebasing a patch.  The second fixes a bug that causes host memory
> corruption.  Both patches fix things that cause host crashes, so I'd
> like them in 3.14 if possible.  The two patches only touch one file,
> arch/powerpc/kvm/book3s_hv_rmhandlers.S, so they can't possibly cause
> any problems for other architectures or other PPC platforms.
>
> The patches are against the master branch of the kvm tree but should
> apply equally on Linus' current master branch.
>
> Scott, please ack.

I had to do some conflict resolution when applying Alex's 3.14 pull 
request, I'm glad it wasn't me who introduced the bug! :)  Phew.

This means that kvm/next is also broken right now for PPC.  I can merge 
the patches into kvm/next too (in addition to sending them to Linus for 
3.14).  Would that help in any way?

Paolo

Re: [PATCH 0/2] Fixes for HV KVM on PPC for 3.14

[Paolo Bonzini]

Il 13/03/2014 10:01, Paul Mackerras ha scritto:
> These two patches fix two things in hypervisor-mode KVM for the IBM
> POWER server processors.  The first patch removes a hunk of extraneous
> code that got in as a result of a mistake I made in cleaning up after
> rebasing a patch.  The second fixes a bug that causes host memory
> corruption.  Both patches fix things that cause host crashes, so I'd
> like them in 3.14 if possible.  The two patches only touch one file,
> arch/powerpc/kvm/book3s_hv_rmhandlers.S, so they can't possibly cause
> any problems for other architectures or other PPC platforms.
>
> The patches are against the master branch of the kvm tree but should
> apply equally on Linus' current master branch.
>
> Scott, please ack.

I had to do some conflict resolution when applying Alex's 3.14 pull 
request, I'm glad it wasn't me who introduced the bug! :)  Phew.

This means that kvm/next is also broken right now for PPC.  I can merge 
the patches into kvm/next too (in addition to sending them to Linus for 
3.14).  Would that help in any way?

Paolo

Re: [PATCH 0/2] Fixes for HV KVM on PPC for 3.14

[Paul Mackerras]

On Thu, Mar 13, 2014 at 10:50:29AM +0100, Paolo Bonzini wrote:
> Il 13/03/2014 10:01, Paul Mackerras ha scritto:
> >These two patches fix two things in hypervisor-mode KVM for the IBM
> >POWER server processors.  The first patch removes a hunk of extraneous
> >code that got in as a result of a mistake I made in cleaning up after
> >rebasing a patch.  The second fixes a bug that causes host memory
> >corruption.  Both patches fix things that cause host crashes, so I'd
> >like them in 3.14 if possible.  The two patches only touch one file,
> >arch/powerpc/kvm/book3s_hv_rmhandlers.S, so they can't possibly cause
> >any problems for other architectures or other PPC platforms.
> >
> >The patches are against the master branch of the kvm tree but should
> >apply equally on Linus' current master branch.
> >
> >Scott, please ack.
> 
> I had to do some conflict resolution when applying Alex's 3.14 pull
> request, I'm glad it wasn't me who introduced the bug! :)  Phew.
> 
> This means that kvm/next is also broken right now for PPC.  I can
> merge the patches into kvm/next too (in addition to sending them to
> Linus for 3.14).  Would that help in any way?

Yes, that would be great, thanks.

Paul.

Re: [PATCH 0/2] Fixes for HV KVM on PPC for 3.14

[Paul Mackerras]

On Thu, Mar 13, 2014 at 10:50:29AM +0100, Paolo Bonzini wrote:
> Il 13/03/2014 10:01, Paul Mackerras ha scritto:
> >These two patches fix two things in hypervisor-mode KVM for the IBM
> >POWER server processors.  The first patch removes a hunk of extraneous
> >code that got in as a result of a mistake I made in cleaning up after
> >rebasing a patch.  The second fixes a bug that causes host memory
> >corruption.  Both patches fix things that cause host crashes, so I'd
> >like them in 3.14 if possible.  The two patches only touch one file,
> >arch/powerpc/kvm/book3s_hv_rmhandlers.S, so they can't possibly cause
> >any problems for other architectures or other PPC platforms.
> >
> >The patches are against the master branch of the kvm tree but should
> >apply equally on Linus' current master branch.
> >
> >Scott, please ack.
> 
> I had to do some conflict resolution when applying Alex's 3.14 pull
> request, I'm glad it wasn't me who introduced the bug! :)  Phew.
> 
> This means that kvm/next is also broken right now for PPC.  I can
> merge the patches into kvm/next too (in addition to sending them to
> Linus for 3.14).  Would that help in any way?

Yes, that would be great, thanks.

Paul.

Re: [PATCH 0/2] Fixes for HV KVM on PPC for 3.14

[Scott Wood]

On Thu, 2014-03-13 at 20:01 +1100, Paul Mackerras wrote:
> These two patches fix two things in hypervisor-mode KVM for the IBM
> POWER server processors.  The first patch removes a hunk of extraneous
> code that got in as a result of a mistake I made in cleaning up after
> rebasing a patch.  The second fixes a bug that causes host memory
> corruption.  Both patches fix things that cause host crashes, so I'd
> like them in 3.14 if possible.  The two patches only touch one file,
> arch/powerpc/kvm/book3s_hv_rmhandlers.S, so they can't possibly cause
> any problems for other architectures or other PPC platforms.
> 
> The patches are against the master branch of the kvm tree but should
> apply equally on Linus' current master branch.
> 
> Scott, please ack.
> 
> Paolo, I meant to get these out earlier, but a personal emergency
> arose this week and delayed me.

Acked-by: Scott Wood <scottwood@freescale.com>

-Scott

Re: [PATCH 0/2] Fixes for HV KVM on PPC for 3.14

[Scott Wood]

On Thu, 2014-03-13 at 20:01 +1100, Paul Mackerras wrote:
> These two patches fix two things in hypervisor-mode KVM for the IBM
> POWER server processors.  The first patch removes a hunk of extraneous
> code that got in as a result of a mistake I made in cleaning up after
> rebasing a patch.  The second fixes a bug that causes host memory
> corruption.  Both patches fix things that cause host crashes, so I'd
> like them in 3.14 if possible.  The two patches only touch one file,
> arch/powerpc/kvm/book3s_hv_rmhandlers.S, so they can't possibly cause
> any problems for other architectures or other PPC platforms.
> 
> The patches are against the master branch of the kvm tree but should
> apply equally on Linus' current master branch.
> 
> Scott, please ack.
> 
> Paolo, I meant to get these out earlier, but a personal emergency
> arose this week and delayed me.

Acked-by: Scott Wood <scottwood@freescale.com>

-Scott