From e70b4301e348eac39dfb322284be7e082f6cce54 Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman Date: Tue, 13 Jan 2015 13:32:52 -0800 Subject: [PATCH] 3.14-stable patches added patches: pci-restore-detection-of-read-only-bars.patch powerpc-book3s-fix-partial-invalidation-of-tlbs-in-mce-code.patch powerpc-fix-bad-null-pointer-check-in-udbg_uart_getc_poll.patch powerpc-powernv-switch-off-mmu-before-entering-nap-sleep-rvwinkle-mode.patch powerpc-secondary-cpus-must-set-cpu_callin_map-after-setting-active-and-online.patch --- ...-restore-detection-of-read-only-bars.patch | 64 ++++++++++++++++ ...ial-invalidation-of-tlbs-in-mce-code.patch | 42 ++++++++++ ...pointer-check-in-udbg_uart_getc_poll.patch | 40 ++++++++++ ...ore-entering-nap-sleep-rvwinkle-mode.patch | 76 +++++++++++++++++++ ..._map-after-setting-active-and-online.patch | 60 +++++++++++++++ queue-3.14/series | 5 ++ 6 files changed, 287 insertions(+) create mode 100644 queue-3.14/pci-restore-detection-of-read-only-bars.patch create mode 100644 queue-3.14/powerpc-book3s-fix-partial-invalidation-of-tlbs-in-mce-code.patch create mode 100644 queue-3.14/powerpc-fix-bad-null-pointer-check-in-udbg_uart_getc_poll.patch create mode 100644 queue-3.14/powerpc-powernv-switch-off-mmu-before-entering-nap-sleep-rvwinkle-mode.patch create mode 100644 queue-3.14/powerpc-secondary-cpus-must-set-cpu_callin_map-after-setting-active-and-online.patch diff --git a/queue-3.14/pci-restore-detection-of-read-only-bars.patch b/queue-3.14/pci-restore-detection-of-read-only-bars.patch new file mode 100644 index 00000000000..64029946cc1 --- /dev/null +++ b/queue-3.14/pci-restore-detection-of-read-only-bars.patch @@ -0,0 +1,64 @@ +From 36e8164882ca6d3c41cb91e6f09a3ed236841f80 Mon Sep 17 00:00:00 2001 +From: Myron Stowe +Date: Thu, 30 Oct 2014 11:54:37 -0600 +Subject: PCI: Restore detection of read-only BARs + +From: Myron Stowe + +commit 36e8164882ca6d3c41cb91e6f09a3ed236841f80 upstream. + +Commit 6ac665c63dca ("PCI: rewrite PCI BAR reading code") masked off +low-order bits from 'l', but not from 'sz'. Both are passed to pci_size(), +which compares 'base == maxbase' to check for read-only BARs. The masking +of 'l' means that comparison will never be 'true', so the check for +read-only BARs no longer works. + +Resolve this by also masking off the low-order bits of 'sz' before passing +it into pci_size() as 'maxbase'. With this change, pci_size() will once +again catch the problems that have been encountered to date: + + - AGP aperture BAR of AMD-7xx host bridges: if the AGP window is + disabled, this BAR is read-only and read as 0x00000008 [1] + + - BARs 0-4 of ALi IDE controllers can be non-zero and read-only [1] + + - Intel Sandy Bridge - Thermal Management Controller [8086:0103]; + BAR 0 returning 0xfed98004 [2] + + - Intel Xeon E5 v3/Core i7 Power Control Unit [8086:2fc0]; + Bar 0 returning 0x00001a [3] + +Link: [1] https://git.kernel.org/cgit/linux/kernel/git/tglx/history.git/commit/drivers/pci/probe.c?id=1307ef6621991f1c4bc3cec1b5a4ebd6fd3d66b9 ("PCI: probing read-only BARs" (pre-git)) +Link: [2] https://bugzilla.kernel.org/show_bug.cgi?id=43331 +Link: [3] https://bugzilla.kernel.org/show_bug.cgi?id=85991 +Reported-by: William Unruh +Reported-by: Martin Lucina +Signed-off-by: Myron Stowe +Signed-off-by: Bjorn Helgaas +CC: Matthew Wilcox +Signed-off-by: Greg Kroah-Hartman + +--- + drivers/pci/probe.c | 3 +++ + 1 file changed, 3 insertions(+) + +--- a/drivers/pci/probe.c ++++ b/drivers/pci/probe.c +@@ -214,14 +214,17 @@ int __pci_read_base(struct pci_dev *dev, + res->flags |= IORESOURCE_SIZEALIGN; + if (res->flags & IORESOURCE_IO) { + l &= PCI_BASE_ADDRESS_IO_MASK; ++ sz &= PCI_BASE_ADDRESS_IO_MASK; + mask = PCI_BASE_ADDRESS_IO_MASK & (u32) IO_SPACE_LIMIT; + } else { + l &= PCI_BASE_ADDRESS_MEM_MASK; ++ sz &= PCI_BASE_ADDRESS_MEM_MASK; + mask = (u32)PCI_BASE_ADDRESS_MEM_MASK; + } + } else { + res->flags |= (l & IORESOURCE_ROM_ENABLE); + l &= PCI_ROM_ADDRESS_MASK; ++ sz &= PCI_ROM_ADDRESS_MASK; + mask = (u32)PCI_ROM_ADDRESS_MASK; + } + diff --git a/queue-3.14/powerpc-book3s-fix-partial-invalidation-of-tlbs-in-mce-code.patch b/queue-3.14/powerpc-book3s-fix-partial-invalidation-of-tlbs-in-mce-code.patch new file mode 100644 index 00000000000..c789a17c7b0 --- /dev/null +++ b/queue-3.14/powerpc-book3s-fix-partial-invalidation-of-tlbs-in-mce-code.patch @@ -0,0 +1,42 @@ +From 682e77c861c4c60f79ffbeae5e1938ffed24a575 Mon Sep 17 00:00:00 2001 +From: Mahesh Salgaonkar +Date: Fri, 5 Dec 2014 10:01:15 +0530 +Subject: powerpc/book3s: Fix partial invalidation of TLBs in MCE code. + +From: Mahesh Salgaonkar + +commit 682e77c861c4c60f79ffbeae5e1938ffed24a575 upstream. + +The existing MCE code calls flush_tlb hook with IS=0 (single page) resulting +in partial invalidation of TLBs which is not right. This patch fixes +that by passing IS=0xc00 to invalidate whole TLB for successful recovery +from TLB and ERAT errors. + +Signed-off-by: Mahesh Salgaonkar +Signed-off-by: Michael Ellerman +Signed-off-by: Greg Kroah-Hartman + +--- + arch/powerpc/kernel/mce_power.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +--- a/arch/powerpc/kernel/mce_power.c ++++ b/arch/powerpc/kernel/mce_power.c +@@ -78,7 +78,7 @@ static long mce_handle_derror(uint64_t d + } + if (dsisr & P7_DSISR_MC_TLB_MULTIHIT_MFTLB) { + if (cur_cpu_spec && cur_cpu_spec->flush_tlb) +- cur_cpu_spec->flush_tlb(TLBIEL_INVAL_PAGE); ++ cur_cpu_spec->flush_tlb(TLBIEL_INVAL_SET); + /* reset error bits */ + dsisr &= ~P7_DSISR_MC_TLB_MULTIHIT_MFTLB; + } +@@ -109,7 +109,7 @@ static long mce_handle_common_ierror(uin + break; + case P7_SRR1_MC_IFETCH_TLB_MULTIHIT: + if (cur_cpu_spec && cur_cpu_spec->flush_tlb) { +- cur_cpu_spec->flush_tlb(TLBIEL_INVAL_PAGE); ++ cur_cpu_spec->flush_tlb(TLBIEL_INVAL_SET); + handled = 1; + } + break; diff --git a/queue-3.14/powerpc-fix-bad-null-pointer-check-in-udbg_uart_getc_poll.patch b/queue-3.14/powerpc-fix-bad-null-pointer-check-in-udbg_uart_getc_poll.patch new file mode 100644 index 00000000000..b8cf457569e --- /dev/null +++ b/queue-3.14/powerpc-fix-bad-null-pointer-check-in-udbg_uart_getc_poll.patch @@ -0,0 +1,40 @@ +From cd32e2dcc9de6c27ecbbfc0e2079fb64b42bad5f Mon Sep 17 00:00:00 2001 +From: Anton Blanchard +Date: Tue, 11 Nov 2014 09:12:28 +1100 +Subject: powerpc: Fix bad NULL pointer check in udbg_uart_getc_poll() + +From: Anton Blanchard + +commit cd32e2dcc9de6c27ecbbfc0e2079fb64b42bad5f upstream. + +We have some code in udbg_uart_getc_poll() that tries to protect +against a NULL udbg_uart_in, but gets it all wrong. + +Found with the LLVM static analyzer (scan-build). + +Fixes: 309257484cc1 ("powerpc: Cleanup udbg_16550 and add support for LPC PIO-only UARTs") +Signed-off-by: Anton Blanchard +[mpe: Add some newlines for readability while we're here] +Signed-off-by: Michael Ellerman +Signed-off-by: Greg Kroah-Hartman + +--- + arch/powerpc/kernel/udbg_16550.c | 6 +++++- + 1 file changed, 5 insertions(+), 1 deletion(-) + +--- a/arch/powerpc/kernel/udbg_16550.c ++++ b/arch/powerpc/kernel/udbg_16550.c +@@ -69,8 +69,12 @@ static void udbg_uart_putc(char c) + + static int udbg_uart_getc_poll(void) + { +- if (!udbg_uart_in || !(udbg_uart_in(UART_LSR) & LSR_DR)) ++ if (!udbg_uart_in) ++ return -1; ++ ++ if (!(udbg_uart_in(UART_LSR) & LSR_DR)) + return udbg_uart_in(UART_RBR); ++ + return -1; + } + diff --git a/queue-3.14/powerpc-powernv-switch-off-mmu-before-entering-nap-sleep-rvwinkle-mode.patch b/queue-3.14/powerpc-powernv-switch-off-mmu-before-entering-nap-sleep-rvwinkle-mode.patch new file mode 100644 index 00000000000..261f9e722a2 --- /dev/null +++ b/queue-3.14/powerpc-powernv-switch-off-mmu-before-entering-nap-sleep-rvwinkle-mode.patch @@ -0,0 +1,76 @@ +From 8117ac6a6c2fa0f847ff6a21a1f32c8d2c8501d0 Mon Sep 17 00:00:00 2001 +From: Paul Mackerras +Date: Wed, 10 Dec 2014 00:26:50 +0530 +Subject: powerpc/powernv: Switch off MMU before entering nap/sleep/rvwinkle mode + +From: Paul Mackerras + +commit 8117ac6a6c2fa0f847ff6a21a1f32c8d2c8501d0 upstream. + +Currently, when going idle, we set the flag indicating that we are in +nap mode (paca->kvm_hstate.hwthread_state) and then execute the nap +(or sleep or rvwinkle) instruction, all with the MMU on. This is bad +for two reasons: (a) the architecture specifies that those instructions +must be executed with the MMU off, and in fact with only the SF, HV, ME +and possibly RI bits set, and (b) this introduces a race, because as +soon as we set the flag, another thread can switch the MMU to a guest +context. If the race is lost, this thread will typically start looping +on relocation-on ISIs at 0xc...4400. + +This fixes it by setting the MSR as required by the architecture before +setting the flag or executing the nap/sleep/rvwinkle instruction. + +[ shreyas@linux.vnet.ibm.com: Edited to handle LE ] +Signed-off-by: Paul Mackerras +Signed-off-by: Shreyas B. Prabhu +Cc: Benjamin Herrenschmidt +Cc: Michael Ellerman +Cc: linuxppc-dev@lists.ozlabs.org +Signed-off-by: Michael Ellerman +Signed-off-by: Greg Kroah-Hartman + +--- + arch/powerpc/include/asm/reg.h | 2 ++ + arch/powerpc/kernel/idle_power7.S | 18 +++++++++++++++++- + 2 files changed, 19 insertions(+), 1 deletion(-) + +--- a/arch/powerpc/include/asm/reg.h ++++ b/arch/powerpc/include/asm/reg.h +@@ -118,8 +118,10 @@ + #define __MSR (MSR_ME | MSR_RI | MSR_IR | MSR_DR | MSR_ISF |MSR_HV) + #ifdef __BIG_ENDIAN__ + #define MSR_ __MSR ++#define MSR_IDLE (MSR_ME | MSR_SF | MSR_HV) + #else + #define MSR_ (__MSR | MSR_LE) ++#define MSR_IDLE (MSR_ME | MSR_SF | MSR_HV | MSR_LE) + #endif + #define MSR_KERNEL (MSR_ | MSR_64BIT) + #define MSR_USER32 (MSR_ | MSR_PR | MSR_EE) +--- a/arch/powerpc/kernel/idle_power7.S ++++ b/arch/powerpc/kernel/idle_power7.S +@@ -84,7 +84,23 @@ _GLOBAL(power7_nap) + std r9,_MSR(r1) + std r1,PACAR1(r13) + +-_GLOBAL(power7_enter_nap_mode) ++ /* ++ * Go to real mode to do the nap, as required by the architecture. ++ * Also, we need to be in real mode before setting hwthread_state, ++ * because as soon as we do that, another thread can switch ++ * the MMU context to the guest. ++ */ ++ LOAD_REG_IMMEDIATE(r5, MSR_IDLE) ++ li r6, MSR_RI ++ andc r6, r9, r6 ++ LOAD_REG_ADDR(r7, power7_enter_nap_mode) ++ mtmsrd r6, 1 /* clear RI before setting SRR0/1 */ ++ mtspr SPRN_SRR0, r7 ++ mtspr SPRN_SRR1, r5 ++ rfid ++ ++ .globl power7_enter_nap_mode ++power7_enter_nap_mode: + #ifdef CONFIG_KVM_BOOK3S_HV_POSSIBLE + /* Tell KVM we're napping */ + li r4,KVM_HWTHREAD_IN_NAP diff --git a/queue-3.14/powerpc-secondary-cpus-must-set-cpu_callin_map-after-setting-active-and-online.patch b/queue-3.14/powerpc-secondary-cpus-must-set-cpu_callin_map-after-setting-active-and-online.patch new file mode 100644 index 00000000000..99e486b23d4 --- /dev/null +++ b/queue-3.14/powerpc-secondary-cpus-must-set-cpu_callin_map-after-setting-active-and-online.patch @@ -0,0 +1,60 @@ +From 7c5c92ed56d932b2c19c3f8aea86369509407d33 Mon Sep 17 00:00:00 2001 +From: Anton Blanchard +Date: Tue, 9 Dec 2014 10:58:19 +1100 +Subject: powerpc: Secondary CPUs must set cpu_callin_map after setting active and online + +From: Anton Blanchard + +commit 7c5c92ed56d932b2c19c3f8aea86369509407d33 upstream. + +I have a busy ppc64le KVM box where guests sometimes hit the infamous +"kernel BUG at kernel/smpboot.c:134!" issue during boot: + + BUG_ON(td->cpu != smp_processor_id()); + +Basically a per CPU hotplug thread scheduled on the wrong CPU. The oops +output confirms it: + + CPU: 0 + Comm: watchdog/130 + +The problem is that we aren't ensuring the CPU active and online bits are set +before allowing the master to continue on. The master unparks the secondary +CPUs kthreads and the scheduler looks for a CPU to run on. It calls +select_task_rq and realises the suggested CPU is not in the cpus_allowed +mask. It then ends up in select_fallback_rq, and since the active and +online bits aren't set we choose some other CPU to run on. + +Signed-off-by: Anton Blanchard +Signed-off-by: Michael Ellerman +Signed-off-by: Greg Kroah-Hartman + +--- + arch/powerpc/kernel/smp.c | 9 ++++++++- + 1 file changed, 8 insertions(+), 1 deletion(-) + +--- a/arch/powerpc/kernel/smp.c ++++ b/arch/powerpc/kernel/smp.c +@@ -707,7 +707,6 @@ void start_secondary(void *unused) + smp_store_cpu_info(cpu); + set_dec(tb_ticks_per_jiffy); + preempt_disable(); +- cpu_callin_map[cpu] = 1; + + if (smp_ops->setup_cpu) + smp_ops->setup_cpu(cpu); +@@ -743,6 +742,14 @@ void start_secondary(void *unused) + notify_cpu_starting(cpu); + set_cpu_online(cpu, true); + ++ /* ++ * CPU must be marked active and online before we signal back to the ++ * master, because the scheduler needs to see the cpu_online and ++ * cpu_active bits set. ++ */ ++ smp_wmb(); ++ cpu_callin_map[cpu] = 1; ++ + local_irq_enable(); + + cpu_startup_entry(CPUHP_ONLINE); diff --git a/queue-3.14/series b/queue-3.14/series index f80436e07c7..d2ad9a08388 100644 --- a/queue-3.14/series +++ b/queue-3.14/series @@ -15,3 +15,8 @@ ath5k-fix-hardware-queue-index-assignment.patch asoc-sigmadsp-refuse-to-load-firmware-files-with-a-non-supported-version.patch asoc-max98090-fix-ill-defined-sidetone-route.patch asoc-dwc-ensure-fifos-are-flushed-to-prevent-channel-swap.patch +powerpc-fix-bad-null-pointer-check-in-udbg_uart_getc_poll.patch +powerpc-book3s-fix-partial-invalidation-of-tlbs-in-mce-code.patch +powerpc-secondary-cpus-must-set-cpu_callin_map-after-setting-active-and-online.patch +powerpc-powernv-switch-off-mmu-before-entering-nap-sleep-rvwinkle-mode.patch +pci-restore-detection-of-read-only-bars.patch -- 2.47.3