leandrof/linux
1
0
Fork 0
forked from Minki/linux
Code Issues Pull Requests Packages Projects Releases Wiki Activity
c2101c9039
linux/arch/powerpc/kernel
History
Michael Neuling 6bcb80143e powerpc/tm: Fix stack pointer corruption in __tm_recheckpoint() 
At the start of __tm_recheckpoint() we save the kernel stack pointer
(r1) in SPRG SCRATCH0 (SPRG2) so that we can restore it after the
trecheckpoint.

Unfortunately, the same SPRG is used in the SLB miss handler.  If an
SLB miss is taken between the save and restore of r1 to the SPRG, the
SPRG is changed and hence r1 is also corrupted.  We can end up with
the following crash when we start using r1 again after the restore
from the SPRG:

  Oops: Bad kernel stack pointer, sig: 6 [#1]
  SMP NR_CPUS=2048 NUMA pSeries
  CPU: 658 PID: 143777 Comm: htm_demo Tainted: G            EL   X 4.4.13-0-default #1
  task: c0000b56993a7810 ti: c00000000cfec000 task.ti: c0000b56993bc000
  NIP: c00000000004f188 LR: 00000000100040b8 CTR: 0000000010002570
  REGS: c00000000cfefd40 TRAP: 0300   Tainted: G            EL   X  (4.4.13-0-default)
  MSR: 8000000300001033 <SF,ME,IR,DR,RI,LE>  CR: 02000424  XER: 20000000
  CFAR: c000000000008468 DAR: 00003ffd84e66880 DSISR: 40000000 SOFTE: 0
  PACATMSCRATCH: 00003ffbc865e680
  GPR00: fffffffcfabc4268 00003ffd84e667a0 00000000100d8c38 000000030544bb80
  GPR04: 0000000000000002 00000000100cf200 0000000000000449 00000000100cf100
  GPR08: 000000000000c350 0000000000002569 0000000000002569 00000000100d6c30
  GPR12: 00000000100d6c28 c00000000e6a6b00 00003ffd84660000 0000000000000000
  GPR16: 0000000000000003 0000000000000449 0000000010002570 0000010009684f20
  GPR20: 0000000000800000 00003ffd84e5f110 00003ffd84e5f7a0 00000000100d0f40
  GPR24: 0000000000000000 0000000000000000 0000000000000000 00003ffff0673f50
  GPR28: 00003ffd84e5e960 00000000003d0f00 00003ffd84e667a0 00003ffd84e5e680
  NIP [c00000000004f188] restore_gprs+0x110/0x17c
  LR [00000000100040b8] 0x100040b8
  Call Trace:
  Instruction dump:
  f8a1fff0 e8e700a8 38a00000 7ca10164 e8a1fff8 e821fff0 7c0007dd 7c421378
  7db142a6 7c3242a6 38800002 7c810164 <e9c100e0> e9e100e8 ea0100f0 ea2100f8

We hit this on large memory machines (> 2TB) but it can also be hit on
smaller machines when 1TB segments are disabled.

To hit this, you also need to be virtualised to ensure SLBs are
periodically removed by the hypervisor.

This patches moves the saving of r1 to the SPRG to the region where we
are guaranteed not to take any further SLB misses.

Fixes: 98ae22e15b ("powerpc: Add helper functions for transactional memory context switching")
Cc: stable@vger.kernel.org # v3.9+
Signed-off-by: Michael Neuling <mikey@neuling.org>
Acked-by: Cyril Bur <cyrilbur@gmail.com>
Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
2016-07-15 15:00:18 +10:00
..
vdso32 powerpc: enable UBSAN support 2016-01-20 17:09:18 -08:00
vdso64 powerpc: enable UBSAN support 2016-01-20 17:09:18 -08:00
.gitignore
align.c powerpc: Send SIGBUS on unaligned copy and paste 2016-07-05 23:49:51 +10:00
asm-offsets.c powerpc/asm: Remove unused symbols in asm-offsets.c 2016-06-16 15:11:25 +10:00
audit.c
btext.c powerpc/mm: Use a helper for finding pte bits mapping I/O area 2016-05-01 18:32:32 +10:00
cacheinfo.c powerpc: Fix missing L2 cache size in /sys/devices/system/cpu 2015-04-11 20:49:28 +10:00
cacheinfo.h
compat_audit.c
cpu_setup_6xx.S powerpc: Various typo fixes 2016-06-14 13:58:26 +10:00
cpu_setup_44x.S
cpu_setup_fsl_booke.S powerpc/cache: add cache flush operation for various e500 2016-03-04 23:44:51 -06:00
cpu_setup_pa6t.S
cpu_setup_power.S powerpc/perf: factor out power8 __init_pmu code 2016-07-05 23:49:47 +10:00
cpu_setup_ppc970.S
cputable.c powerpc: Remove unused remnants from A2 cpu 2016-05-11 21:54:00 +10:00
crash_dump.c powerpc: Remove superfluous bootmem includes 2014-11-10 09:59:26 +11:00
crash.c powerpc/crash: Rearrange loop condition to avoid out of bounds array access 2016-07-14 20:26:22 +10:00
dbell.c powerpc/powernv: Fixes for hypervisor doorbell handling 2015-03-20 14:51:53 +11:00
dma-iommu.c powerpc/iommu: Support "hybrid" iommu/direct DMA ops for coherent_mask < dma_mask 2015-07-13 10:10:55 +10:00
dma-swiotlb.c powerpc/iommu: Support "hybrid" iommu/direct DMA ops for coherent_mask < dma_mask 2015-07-13 10:10:55 +10:00
dma.c powerpc/dma: dma_set_coherent_mask() should not be GPL only 2015-10-28 14:20:50 +09:00
eeh_cache.c powerpc/eeh: Fix pr_debug()s in eeh_cache.c 2016-07-08 22:09:50 +10:00
eeh_dev.c powerpc/pci: Delay populating pdn 2016-06-21 15:30:56 +10:00
eeh_driver.c powerpc fixes for 4.7 #5 2016-07-15 14:57:47 +10:00
eeh_event.c powerpc: sparse: static-ify some things 2016-04-12 21:05:18 +10:00
eeh_pe.c powerpc/eeh: fix misleading indentation 2016-04-27 09:19:37 +10:00
eeh_sysfs.c powerpc/eeh: Fix PE state format 2014-11-27 09:32:58 +11:00
eeh.c Revert "powerpc/eeh: Fix crash in eeh_add_device_early() on Cell" 2016-05-12 19:52:21 +10:00
entry_32.S powerpc/kernel: Change the do_syscall_trace_enter() API 2015-07-29 11:56:11 +10:00
entry_64.S powerpc: Define and use PPC64_ELF_ABI_v2/v1 2016-06-14 13:58:27 +10:00
epapr_hcalls.S
epapr_paravirt.c Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/benh/powerpc 2014-06-10 18:54:22 -07:00
exceptions-64e.S powerpc: Various typo fixes 2016-06-14 13:58:26 +10:00
exceptions-64s.S powerpc: Fix faults caused by radix patching of SLB miss handler 2016-06-23 09:58:17 +10:00
fadump.c powerpc/fadump: Fix build error introduced by recent cleanup 2016-07-05 23:49:46 +10:00
firmware.c
fpu.S powerpc: Add the ability to save FPU without giving it up 2016-03-02 23:34:49 +11:00
fsl_booke_entry_mapping.S powerpc/fsl: Force coherent memory on e500mc derivatives 2015-08-07 23:00:01 -05:00
ftrace.c powerpc: Define and use PPC64_ELF_ABI_v2/v1 2016-06-14 13:58:27 +10:00
head_8xx.S powerpc/8xx: rewrite set_context() in C 2016-03-11 17:20:11 -06:00
head_32.S
head_40x.S powerpc: Remove check for CONFIG_SERIAL_TEXT_DEBUG 2014-06-11 16:31:21 +10:00
head_44x.S powerpc: Fix misspellings in comments. 2016-03-01 19:27:20 +11:00
head_64.S powerpc: Define and use PPC64_ELF_ABI_v2/v1 2016-06-14 13:58:27 +10:00
head_booke.h
head_fsl_booke.S powerpc/cache: add cache flush operation for various e500 2016-03-04 23:44:51 -06:00
hw_breakpoint.c powerpc/hw_breakpoint: Fix oops when destroying hw_breakpoint event 2016-03-03 22:06:08 +11:00
ibmebus.c powerpc: sparse: static-ify some things 2016-04-12 21:05:18 +10:00
idle_6xx.S
idle_book3e.S
idle_e500.S powerpc/e500mc: Remove dead L2 flushing code in idle_e500.S 2015-06-02 21:37:19 -05:00
idle_power4.S
idle_power7.S powerpc/mm: Move hash related mmu-*.h headers to book3s/ 2016-03-03 21:19:21 +11:00
idle.c
io-workarounds.c powerpc/mm: Differentiate between hugetlb and THP during page walk 2015-10-12 15:30:09 +11:00
io.c
iomap.c powerpc/kerenl: Enable EEH for IO accessors 2014-06-24 12:43:13 +10:00
iommu.c powerpc/iommu/powernv: Release replaced TCE 2015-06-11 15:16:49 +10:00
irq.c powerpc: Fix typo in comment reference to CONFIG_TRACE_IRQFLAGS 2016-07-08 22:10:03 +10:00
isa-bridge.c powerpc/mm: Use a helper for finding pte bits mapping I/O area 2016-05-01 18:32:32 +10:00
jump_label.c jump_label: Rename JUMP_LABEL_{EN,DIS}ABLE to JUMP_LABEL_{JMP,NOP} 2015-08-03 11:34:12 +02:00
kgdb.c powerpc: Fix kgdb on little endian ppc64le 2016-02-18 00:03:26 +11:00
kprobes.c powerpc/kprobes: Remove kretprobe_trampoline_holder. 2016-06-21 15:30:49 +10:00
kvm_emul.S
kvm.c powerpc: Remove redundant breaks 2015-08-06 15:10:20 +10:00
l2cr_6xx.S
legacy_serial.c powerpc: make of_device_ids const 2014-09-25 23:14:46 +10:00
machine_kexec_32.c
machine_kexec_64.c powerpc: Introduce asm-prototypes.h 2016-06-16 22:39:54 +10:00
machine_kexec.c powerpc: Update of_remove_property() call sites to remove null checking 2016-05-11 21:54:04 +10:00
Makefile powerpc/ftrace: Use $(CC_FLAGS_FTRACE) when disabling ftrace 2016-03-07 14:53:55 +11:00
mce_power.c powerpc/mm/radix: Fix CONFIG_PPC_MMU_STD_64 typo 2016-05-11 21:53:59 +10:00
mce.c powerpc updates for 4.7 2016-05-20 10:12:41 -07:00
misc_32.S powerpc/32: Get rid of sub_reloc_offset() 2016-06-14 13:58:26 +10:00
misc_64.S powerpc: Define and use PPC64_ELF_ABI_v2/v1 2016-06-14 13:58:27 +10:00
misc.S powerpc: Rename __get_SP() to current_stack_pointer() 2014-10-15 11:23:20 +11:00
module_32.c powerpc/module: Only try to generate the ftrace_caller() stub once 2016-03-07 14:53:53 +11:00
module_64.c powerpc: Define and use PPC64_ELF_ABI_v2/v1 2016-06-14 13:58:27 +10:00
module.c powerpc/module: Only try to generate the ftrace_caller() stub once 2016-03-07 14:53:53 +11:00
msi.c powerpc: Remove MSI-related PCI controller ops from ppc_md 2015-06-02 11:47:45 +10:00
nvram_64.c powerpc: make kernel/nvram_64.c explicitly non-modular 2016-04-11 20:30:43 +10:00
of_platform.c powerpc/eeh: Do probe on pci_dn 2015-03-24 13:15:52 +11:00
paca.c powerpc: Create a helper for getting the kernel toc value 2016-03-07 14:53:52 +11:00
pci_32.c powerpc: Remove more traces of bootmem 2014-11-19 21:41:51 +11:00
pci_64.c powerpc fixes for 4.7 #5 2016-07-15 14:57:47 +10:00
pci_dn.c powerpc/pci: Fix build with PCI_IOV=y and EEH=n 2016-07-07 16:33:27 +10:00
pci_of_scan.c PCI/MSI: Initialize MSI capability for all architectures 2015-11-24 17:45:18 -06:00
pci-common.c powerpc/pci: Assign fixed PHB number based on device-tree properties 2016-07-07 22:06:55 +10:00
pci-hotplug.c powerpc/pci: Don't scan empty slot 2016-05-11 21:54:26 +10:00
pmc.c
ppc32.h
ppc_ksyms_32.c powerpc32: Remove clear_pages() and define clear_page() inline 2016-03-11 17:20:11 -06:00
ppc_ksyms.c powerpc32: move xxxxx_dcache_range() functions inline 2016-03-11 17:20:12 -06:00
ppc_save_regs.S
proc_powerpc.c
process.c powerpc fixes for 4.7 #5 2016-07-15 14:57:47 +10:00
prom_init_check.sh powerpc: Simplify symbol check in prom_init_check.sh 2014-09-25 23:14:46 +10:00
prom_init.c powerpc/pseries: Fix IBM_ARCH_VEC_NRCORES_OFFSET since POWER8NVL was added 2016-06-08 10:40:05 +10:00
prom_parse.c
prom.c powerpc: Move epapr_paravirt_early_init() to early_init_devtree() 2016-07-11 20:09:40 +10:00
ptrace32.c
ptrace.c powerpc/ptrace: Fix out of bounds array access warning 2016-06-06 10:48:07 +10:00
reloc_32.S
reloc_64.S
rtas_flash.c powerpc: Fix endianness of flash_block_list in rtas_flash 2014-07-28 11:30:54 +10:00
rtas_pci.c powerpc: move find_and_init_phbs() to pSeries specific code 2015-04-11 20:49:09 +10:00
rtas-proc.c powerpc: Various typo fixes 2016-06-14 13:58:26 +10:00
rtas-rtc.c
rtas.c powerpc: Make ppc_md.{halt, restart} __noreturn 2016-07-14 21:12:06 +10:00
rtasd.c powerpc/pseries: start rtasd before PCI probing 2016-07-08 19:22:15 +10:00
setup_32.c powerpc: Move epapr_paravirt_early_init() to early_init_devtree() 2016-07-11 20:09:40 +10:00
setup_64.c powerpc: Move epapr_paravirt_early_init() to early_init_devtree() 2016-07-11 20:09:40 +10:00
setup-common.c powerpc: Don't test for machine type in smp_setup_cpu_maps() 2016-07-13 18:15:38 +10:00
signal_32.c powerpc fixes for 4.4 #2 2015-12-14 20:40:32 +11:00
signal_64.c powerpc: Avoid load hit store in setup_sigcontext() 2016-06-14 13:58:25 +10:00
signal.c powerpc: Fix misspellings in comments. 2016-03-01 19:27:20 +11:00
signal.h powerpc: Fix misspellings in comments. 2016-03-01 19:27:20 +11:00
smp-tbsync.c
smp.c powerpc: export cpu_to_core_id() 2016-06-21 15:30:51 +10:00
stacktrace.c powerpc: Implement save_stack_trace_regs() to enable kprobe stack tracing 2016-01-11 14:27:28 +11:00
suspend.c nosave: consolidate __nosave_{begin,end} in <asm/sections.h> 2014-10-09 22:26:04 -04:00
swsusp_32.S
swsusp_64.c
swsusp_asm64.S
swsusp_booke.S
swsusp.c powerpc/mm: Abstraction for switch_mmu_context() 2016-05-01 18:33:04 +10:00
sys_ppc32.c
syscalls.c powerpc: Add a proper syscall for switching endianness 2015-03-28 22:03:40 +11:00
sysfs.c powerpc/sparse: make some things static 2016-06-16 22:23:11 +10:00
systbl_chk.c powerpc: Standardise on NR_syscalls rather than __NR_syscalls. 2015-11-26 22:11:17 +11:00
systbl_chk.sh powerpc: Standardise on NR_syscalls rather than __NR_syscalls. 2015-11-26 22:11:17 +11:00
systbl.S powerpc: Add a proper syscall for switching endianness 2015-03-28 22:03:40 +11:00
tau_6xx.c
time.c powerpc/timer: Large Decrementer support 2016-07-05 23:58:53 +10:00
tm.S powerpc/tm: Fix stack pointer corruption in __tm_recheckpoint() 2016-07-15 15:00:18 +10:00
trace_clock.c powerpc/ftrace: add powerpc timebase as a trace clock source 2015-08-06 16:36:23 +10:00
traps.c powerpc: Load Monitor Register Support 2016-06-21 15:30:50 +10:00
udbg_16550.c powerpc: Fix bad NULL pointer check in udbg_uart_getc_poll() 2014-11-12 13:47:20 +11:00
udbg.c powerpc: Remove the celleb support 2015-04-07 17:15:13 +10:00
uprobes.c
vdso.c vdso: make arch_setup_additional_pages wait for mmap_sem for write killable 2016-05-23 17:04:14 -07:00
vecemu.c
vector.S powerpc: Add the ability to save VSX without giving it up 2016-03-02 23:34:50 +11:00
vio.c powerpc: sparse: static-ify some things 2016-04-12 21:05:18 +10:00
vmlinux.lds.S arch, ftrace: for KASAN put hard/soft IRQ entries into separate sections 2016-03-25 16:37:42 -07:00