Home Home > GIT Browse
summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMichal Suchanek <msuchanek@suse.de>2018-10-31 12:36:54 +0100
committerMichal Suchanek <msuchanek@suse.de>2018-10-31 23:28:36 +0100
commitfab18b76e3df85b5a220a4005ab254d3d57d84bf (patch)
tree7d1c20fe9e132f4b3e1feb9e059e4dc3f496851a
parent3ad507847c90092dc8959ce9f27922f871b72c19 (diff)
KVM: PPC: Book3S HV: Fix handling of secondary HPTEG in HPT
resizing code (bsc#1061840).
-rw-r--r--patches.arch/KVM-PPC-Book3S-HV-Fix-handling-of-secondary-HPTEG-in.patch54
-rw-r--r--series.conf1
2 files changed, 55 insertions, 0 deletions
diff --git a/patches.arch/KVM-PPC-Book3S-HV-Fix-handling-of-secondary-HPTEG-in.patch b/patches.arch/KVM-PPC-Book3S-HV-Fix-handling-of-secondary-HPTEG-in.patch
new file mode 100644
index 0000000000..8eaa2665e6
--- /dev/null
+++ b/patches.arch/KVM-PPC-Book3S-HV-Fix-handling-of-secondary-HPTEG-in.patch
@@ -0,0 +1,54 @@
+From 05f2bb0313a2855e491dadfc8319b7da261d7074 Mon Sep 17 00:00:00 2001
+From: Paul Mackerras <paulus@ozlabs.org>
+Date: Wed, 7 Feb 2018 19:49:54 +1100
+Subject: [PATCH] KVM: PPC: Book3S HV: Fix handling of secondary HPTEG in HPT
+ resizing code
+
+References: bsc#1061840
+Patch-mainline: v4.16-rc1
+Git-commit: 05f2bb0313a2855e491dadfc8319b7da261d7074
+
+This fixes the computation of the HPTE index to use when the HPT
+resizing code encounters a bolted HPTE which is stored in its
+secondary HPTE group. The code inverts the HPTE group number, which
+is correct, but doesn't then mask it with new_hash_mask. As a result,
+new_pteg will be effectively negative, resulting in new_hptep
+pointing before the new HPT, which will corrupt memory.
+
+In addition, this removes two BUG_ON statements. The condition that
+the BUG_ONs were testing -- that we have computed the hash value
+incorrectly -- has never been observed in testing, and if it did
+occur, would only affect the guest, not the host. Given that
+BUG_ON should only be used in conditions where the kernel (i.e.
+the host kernel, in this case) can't possibly continue execution,
+it is not appropriate here.
+
+Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
+Signed-off-by: Paul Mackerras <paulus@ozlabs.org>
+Acked-by: Michal Suchanek <msuchanek@suse.de>
+---
+ arch/powerpc/kvm/book3s_64_mmu_hv.c | 8 ++------
+ 1 file changed, 2 insertions(+), 6 deletions(-)
+
+diff --git a/arch/powerpc/kvm/book3s_64_mmu_hv.c b/arch/powerpc/kvm/book3s_64_mmu_hv.c
+index 966097232d21..d19649960bbf 100644
+--- a/arch/powerpc/kvm/book3s_64_mmu_hv.c
++++ b/arch/powerpc/kvm/book3s_64_mmu_hv.c
+@@ -1329,12 +1329,8 @@ static unsigned long resize_hpt_rehash_hpte(struct kvm_resize_hpt *resize,
+ }
+
+ new_pteg = hash & new_hash_mask;
+- if (vpte & HPTE_V_SECONDARY) {
+- BUG_ON(~pteg != (hash & old_hash_mask));
+- new_pteg = ~new_pteg;
+- } else {
+- BUG_ON(pteg != (hash & old_hash_mask));
+- }
++ if (vpte & HPTE_V_SECONDARY)
++ new_pteg = ~hash & new_hash_mask;
+
+ new_idx = new_pteg * HPTES_PER_GROUP + (idx % HPTES_PER_GROUP);
+ new_hptep = (__be64 *)(new->virt + (new_idx << 4));
+--
+2.13.7
+
diff --git a/series.conf b/series.conf
index d72fa887d8..cb77b56cb2 100644
--- a/series.conf
+++ b/series.conf
@@ -13239,6 +13239,7 @@
patches.arch/KVM-PPC-Book3S-HV-Drop-locks-before-reading-guest-me.patch
patches.fixes/KVM-PPC-Book3S-PR-Fix-svcpu-copying-with-preemption-.patch
patches.arch/KVM-PPC-Book3S-PR-Fix-broken-select-due-to-misspelli.patch
+ patches.arch/KVM-PPC-Book3S-HV-Fix-handling-of-secondary-HPTEG-in.patch
patches.suse/KVM-PPC-Book3S-HV-Branch-inside-feature-section.patch
patches.drivers/cros_ec-fix-nul-termination-for-firmware-build-info
patches.drivers/platform-chrome-cros_ec_lpc-remove-redundant-pointer