From: Greg Kroah-Hartman Date: Tue, 19 Oct 2021 11:21:37 +0000 (+0200) Subject: drop some ppc kvm patches from 5.4, 5.10, and 5.14 X-Git-Tag: v4.14.252~1 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=12c2890ddb1be2d7c584a68def6be366661a1102;p=thirdparty%2Fkernel%2Fstable-queue.git drop some ppc kvm patches from 5.4, 5.10, and 5.14 --- diff --git a/queue-5.10/kvm-ppc-book3s-hv-fix-stack-handling-in-idle_kvm_start_guest.patch b/queue-5.10/kvm-ppc-book3s-hv-fix-stack-handling-in-idle_kvm_start_guest.patch deleted file mode 100644 index 26345499222..00000000000 --- a/queue-5.10/kvm-ppc-book3s-hv-fix-stack-handling-in-idle_kvm_start_guest.patch +++ /dev/null @@ -1,105 +0,0 @@ -From 9b4416c5095c20e110c82ae602c254099b83b72f Mon Sep 17 00:00:00 2001 -From: Michael Ellerman -Date: Fri, 15 Oct 2021 23:01:48 +1100 -Subject: KVM: PPC: Book3S HV: Fix stack handling in idle_kvm_start_guest() - -From: Michael Ellerman - -commit 9b4416c5095c20e110c82ae602c254099b83b72f upstream. - -In commit 10d91611f426 ("powerpc/64s: Reimplement book3s idle code in -C") kvm_start_guest() became idle_kvm_start_guest(). The old code -allocated a stack frame on the emergency stack, but didn't use the -frame to store anything, and also didn't store anything in its caller's -frame. - -idle_kvm_start_guest() on the other hand is written more like a normal C -function, it creates a frame on entry, and also stores CR/LR into its -callers frame (per the ABI). The problem is that there is no caller -frame on the emergency stack. - -The emergency stack for a given CPU is allocated with: - - paca_ptrs[i]->emergency_sp = alloc_stack(limit, i) + THREAD_SIZE; - -So emergency_sp actually points to the first address above the emergency -stack allocation for a given CPU, we must not store above it without -first decrementing it to create a frame. This is different to the -regular kernel stack, paca->kstack, which is initialised to point at an -initial frame that is ready to use. - -idle_kvm_start_guest() stores the backchain, CR and LR all of which -write outside the allocation for the emergency stack. It then creates a -stack frame and saves the non-volatile registers. Unfortunately the -frame it creates is not large enough to fit the non-volatiles, and so -the saving of the non-volatile registers also writes outside the -emergency stack allocation. - -The end result is that we corrupt whatever is at 0-24 bytes, and 112-248 -bytes above the emergency stack allocation. - -In practice this has gone unnoticed because the memory immediately above -the emergency stack happens to be used for other stack allocations, -either another CPUs mc_emergency_sp or an IRQ stack. See the order of -calls to irqstack_early_init() and emergency_stack_init(). - -The low addresses of another stack are the top of that stack, and so are -only used if that stack is under extreme pressue, which essentially -never happens in practice - and if it did there's a high likelyhood we'd -crash due to that stack overflowing. - -Still, we shouldn't be corrupting someone else's stack, and it is purely -luck that we aren't corrupting something else. - -To fix it we save CR/LR into the caller's frame using the existing r1 on -entry, we then create a SWITCH_FRAME_SIZE frame (which has space for -pt_regs) on the emergency stack with the backchain pointing to the -existing stack, and then finally we switch to the new frame on the -emergency stack. - -Fixes: 10d91611f426 ("powerpc/64s: Reimplement book3s idle code in C") -Cc: stable@vger.kernel.org # v5.2+ -Signed-off-by: Michael Ellerman -Link: https://lore.kernel.org/r/20211015133929.832061-1-mpe@ellerman.id.au -Signed-off-by: Greg Kroah-Hartman ---- - arch/powerpc/kvm/book3s_hv_rmhandlers.S | 19 ++++++++++--------- - 1 file changed, 10 insertions(+), 9 deletions(-) - ---- a/arch/powerpc/kvm/book3s_hv_rmhandlers.S -+++ b/arch/powerpc/kvm/book3s_hv_rmhandlers.S -@@ -292,13 +292,15 @@ kvm_novcpu_exit: - * r3 contains the SRR1 wakeup value, SRR1 is trashed. - */ - _GLOBAL(idle_kvm_start_guest) -- ld r4,PACAEMERGSP(r13) - mfcr r5 - mflr r0 -- std r1,0(r4) -- std r5,8(r4) -- std r0,16(r4) -- subi r1,r4,STACK_FRAME_OVERHEAD -+ std r5, 8(r1) // Save CR in caller's frame -+ std r0, 16(r1) // Save LR in caller's frame -+ // Create frame on emergency stack -+ ld r4, PACAEMERGSP(r13) -+ stdu r1, -SWITCH_FRAME_SIZE(r4) -+ // Switch to new frame on emergency stack -+ mr r1, r4 - SAVE_NVGPRS(r1) - - /* -@@ -444,10 +446,9 @@ kvm_no_guest: - /* set up r3 for return */ - mfspr r3,SPRN_SRR1 - REST_NVGPRS(r1) -- addi r1, r1, STACK_FRAME_OVERHEAD -- ld r0, 16(r1) -- ld r5, 8(r1) -- ld r1, 0(r1) -+ ld r1, 0(r1) // Switch back to caller stack -+ ld r0, 16(r1) // Reload LR -+ ld r5, 8(r1) // Reload CR - mtlr r0 - mtcr r5 - blr diff --git a/queue-5.10/kvm-ppc-book3s-hv-make-idle_kvm_start_guest-return-0-if-it-went-to-guest.patch b/queue-5.10/kvm-ppc-book3s-hv-make-idle_kvm_start_guest-return-0-if-it-went-to-guest.patch deleted file mode 100644 index c23921e2936..00000000000 --- a/queue-5.10/kvm-ppc-book3s-hv-make-idle_kvm_start_guest-return-0-if-it-went-to-guest.patch +++ /dev/null @@ -1,71 +0,0 @@ -From cdeb5d7d890e14f3b70e8087e745c4a6a7d9f337 Mon Sep 17 00:00:00 2001 -From: Michael Ellerman -Date: Fri, 15 Oct 2021 23:02:08 +1100 -Subject: KVM: PPC: Book3S HV: Make idle_kvm_start_guest() return 0 if it went to guest - -From: Michael Ellerman - -commit cdeb5d7d890e14f3b70e8087e745c4a6a7d9f337 upstream. - -We call idle_kvm_start_guest() from power7_offline() if the thread has -been requested to enter KVM. We pass it the SRR1 value that was returned -from power7_idle_insn() which tells us what sort of wakeup we're -processing. - -Depending on the SRR1 value we pass in, the KVM code might enter the -guest, or it might return to us to do some host action if the wakeup -requires it. - -If idle_kvm_start_guest() is able to handle the wakeup, and enter the -guest it is supposed to indicate that by returning a zero SRR1 value to -us. - -That was the behaviour prior to commit 10d91611f426 ("powerpc/64s: -Reimplement book3s idle code in C"), however in that commit the -handling of SRR1 was reworked, and the zeroing behaviour was lost. - -Returning from idle_kvm_start_guest() without zeroing the SRR1 value can -confuse the host offline code, causing the guest to crash and other -weirdness. - -Fixes: 10d91611f426 ("powerpc/64s: Reimplement book3s idle code in C") -Cc: stable@vger.kernel.org # v5.2+ -Signed-off-by: Michael Ellerman -Link: https://lore.kernel.org/r/20211015133929.832061-2-mpe@ellerman.id.au -Signed-off-by: Greg Kroah-Hartman ---- - arch/powerpc/kvm/book3s_hv_rmhandlers.S | 9 +++++++-- - 1 file changed, 7 insertions(+), 2 deletions(-) - ---- a/arch/powerpc/kvm/book3s_hv_rmhandlers.S -+++ b/arch/powerpc/kvm/book3s_hv_rmhandlers.S -@@ -301,6 +301,7 @@ _GLOBAL(idle_kvm_start_guest) - stdu r1, -SWITCH_FRAME_SIZE(r4) - // Switch to new frame on emergency stack - mr r1, r4 -+ std r3, 32(r1) // Save SRR1 wakeup value - SAVE_NVGPRS(r1) - - /* -@@ -352,6 +353,10 @@ kvm_unsplit_wakeup: - - kvm_secondary_got_guest: - -+ // About to go to guest, clear saved SRR1 -+ li r0, 0 -+ std r0, 32(r1) -+ - /* Set HSTATE_DSCR(r13) to something sensible */ - ld r6, PACA_DSCR_DEFAULT(r13) - std r6, HSTATE_DSCR(r13) -@@ -443,8 +448,8 @@ kvm_no_guest: - mfspr r4, SPRN_LPCR - rlwimi r4, r3, 0, LPCR_PECE0 | LPCR_PECE1 - mtspr SPRN_LPCR, r4 -- /* set up r3 for return */ -- mfspr r3,SPRN_SRR1 -+ // Return SRR1 wakeup value, or 0 if we went into the guest -+ ld r3, 32(r1) - REST_NVGPRS(r1) - ld r1, 0(r1) // Switch back to caller stack - ld r0, 16(r1) // Reload LR diff --git a/queue-5.10/series b/queue-5.10/series index 0a95da08b86..245766b8ef2 100644 --- a/queue-5.10/series +++ b/queue-5.10/series @@ -41,8 +41,6 @@ misc-fastrpc-add-missing-lock-before-accessing-find_vma.patch virtio-write-back-f_version_1-before-validate.patch edac-armada-xp-fix-output-of-uncorrectable-error-counter.patch nvmem-fix-shift-out-of-bound-ubsan-with-byte-size-cells.patch -kvm-ppc-book3s-hv-fix-stack-handling-in-idle_kvm_start_guest.patch -kvm-ppc-book3s-hv-make-idle_kvm_start_guest-return-0-if-it-went-to-guest.patch x86-kconfig-do-not-enable-amd_mem_encrypt_active_by_default-automatically.patch powerpc-xive-discard-disabled-interrupts-in-get_irqchip_state.patch iio-adc-aspeed-set-driver-data-when-adc-probe.patch diff --git a/queue-5.14/kvm-ppc-book3s-hv-fix-stack-handling-in-idle_kvm_start_guest.patch b/queue-5.14/kvm-ppc-book3s-hv-fix-stack-handling-in-idle_kvm_start_guest.patch deleted file mode 100644 index 97daa84afdd..00000000000 --- a/queue-5.14/kvm-ppc-book3s-hv-fix-stack-handling-in-idle_kvm_start_guest.patch +++ /dev/null @@ -1,105 +0,0 @@ -From 9b4416c5095c20e110c82ae602c254099b83b72f Mon Sep 17 00:00:00 2001 -From: Michael Ellerman -Date: Fri, 15 Oct 2021 23:01:48 +1100 -Subject: KVM: PPC: Book3S HV: Fix stack handling in idle_kvm_start_guest() - -From: Michael Ellerman - -commit 9b4416c5095c20e110c82ae602c254099b83b72f upstream. - -In commit 10d91611f426 ("powerpc/64s: Reimplement book3s idle code in -C") kvm_start_guest() became idle_kvm_start_guest(). The old code -allocated a stack frame on the emergency stack, but didn't use the -frame to store anything, and also didn't store anything in its caller's -frame. - -idle_kvm_start_guest() on the other hand is written more like a normal C -function, it creates a frame on entry, and also stores CR/LR into its -callers frame (per the ABI). The problem is that there is no caller -frame on the emergency stack. - -The emergency stack for a given CPU is allocated with: - - paca_ptrs[i]->emergency_sp = alloc_stack(limit, i) + THREAD_SIZE; - -So emergency_sp actually points to the first address above the emergency -stack allocation for a given CPU, we must not store above it without -first decrementing it to create a frame. This is different to the -regular kernel stack, paca->kstack, which is initialised to point at an -initial frame that is ready to use. - -idle_kvm_start_guest() stores the backchain, CR and LR all of which -write outside the allocation for the emergency stack. It then creates a -stack frame and saves the non-volatile registers. Unfortunately the -frame it creates is not large enough to fit the non-volatiles, and so -the saving of the non-volatile registers also writes outside the -emergency stack allocation. - -The end result is that we corrupt whatever is at 0-24 bytes, and 112-248 -bytes above the emergency stack allocation. - -In practice this has gone unnoticed because the memory immediately above -the emergency stack happens to be used for other stack allocations, -either another CPUs mc_emergency_sp or an IRQ stack. See the order of -calls to irqstack_early_init() and emergency_stack_init(). - -The low addresses of another stack are the top of that stack, and so are -only used if that stack is under extreme pressue, which essentially -never happens in practice - and if it did there's a high likelyhood we'd -crash due to that stack overflowing. - -Still, we shouldn't be corrupting someone else's stack, and it is purely -luck that we aren't corrupting something else. - -To fix it we save CR/LR into the caller's frame using the existing r1 on -entry, we then create a SWITCH_FRAME_SIZE frame (which has space for -pt_regs) on the emergency stack with the backchain pointing to the -existing stack, and then finally we switch to the new frame on the -emergency stack. - -Fixes: 10d91611f426 ("powerpc/64s: Reimplement book3s idle code in C") -Cc: stable@vger.kernel.org # v5.2+ -Signed-off-by: Michael Ellerman -Link: https://lore.kernel.org/r/20211015133929.832061-1-mpe@ellerman.id.au -Signed-off-by: Greg Kroah-Hartman ---- - arch/powerpc/kvm/book3s_hv_rmhandlers.S | 19 ++++++++++--------- - 1 file changed, 10 insertions(+), 9 deletions(-) - ---- a/arch/powerpc/kvm/book3s_hv_rmhandlers.S -+++ b/arch/powerpc/kvm/book3s_hv_rmhandlers.S -@@ -255,13 +255,15 @@ kvm_novcpu_exit: - * r3 contains the SRR1 wakeup value, SRR1 is trashed. - */ - _GLOBAL(idle_kvm_start_guest) -- ld r4,PACAEMERGSP(r13) - mfcr r5 - mflr r0 -- std r1,0(r4) -- std r5,8(r4) -- std r0,16(r4) -- subi r1,r4,STACK_FRAME_OVERHEAD -+ std r5, 8(r1) // Save CR in caller's frame -+ std r0, 16(r1) // Save LR in caller's frame -+ // Create frame on emergency stack -+ ld r4, PACAEMERGSP(r13) -+ stdu r1, -SWITCH_FRAME_SIZE(r4) -+ // Switch to new frame on emergency stack -+ mr r1, r4 - SAVE_NVGPRS(r1) - - /* -@@ -395,10 +397,9 @@ kvm_no_guest: - /* set up r3 for return */ - mfspr r3,SPRN_SRR1 - REST_NVGPRS(r1) -- addi r1, r1, STACK_FRAME_OVERHEAD -- ld r0, 16(r1) -- ld r5, 8(r1) -- ld r1, 0(r1) -+ ld r1, 0(r1) // Switch back to caller stack -+ ld r0, 16(r1) // Reload LR -+ ld r5, 8(r1) // Reload CR - mtlr r0 - mtcr r5 - blr diff --git a/queue-5.14/kvm-ppc-book3s-hv-make-idle_kvm_start_guest-return-0-if-it-went-to-guest.patch b/queue-5.14/kvm-ppc-book3s-hv-make-idle_kvm_start_guest-return-0-if-it-went-to-guest.patch deleted file mode 100644 index 2417d86c435..00000000000 --- a/queue-5.14/kvm-ppc-book3s-hv-make-idle_kvm_start_guest-return-0-if-it-went-to-guest.patch +++ /dev/null @@ -1,71 +0,0 @@ -From cdeb5d7d890e14f3b70e8087e745c4a6a7d9f337 Mon Sep 17 00:00:00 2001 -From: Michael Ellerman -Date: Fri, 15 Oct 2021 23:02:08 +1100 -Subject: KVM: PPC: Book3S HV: Make idle_kvm_start_guest() return 0 if it went to guest - -From: Michael Ellerman - -commit cdeb5d7d890e14f3b70e8087e745c4a6a7d9f337 upstream. - -We call idle_kvm_start_guest() from power7_offline() if the thread has -been requested to enter KVM. We pass it the SRR1 value that was returned -from power7_idle_insn() which tells us what sort of wakeup we're -processing. - -Depending on the SRR1 value we pass in, the KVM code might enter the -guest, or it might return to us to do some host action if the wakeup -requires it. - -If idle_kvm_start_guest() is able to handle the wakeup, and enter the -guest it is supposed to indicate that by returning a zero SRR1 value to -us. - -That was the behaviour prior to commit 10d91611f426 ("powerpc/64s: -Reimplement book3s idle code in C"), however in that commit the -handling of SRR1 was reworked, and the zeroing behaviour was lost. - -Returning from idle_kvm_start_guest() without zeroing the SRR1 value can -confuse the host offline code, causing the guest to crash and other -weirdness. - -Fixes: 10d91611f426 ("powerpc/64s: Reimplement book3s idle code in C") -Cc: stable@vger.kernel.org # v5.2+ -Signed-off-by: Michael Ellerman -Link: https://lore.kernel.org/r/20211015133929.832061-2-mpe@ellerman.id.au -Signed-off-by: Greg Kroah-Hartman ---- - arch/powerpc/kvm/book3s_hv_rmhandlers.S | 9 +++++++-- - 1 file changed, 7 insertions(+), 2 deletions(-) - ---- a/arch/powerpc/kvm/book3s_hv_rmhandlers.S -+++ b/arch/powerpc/kvm/book3s_hv_rmhandlers.S -@@ -264,6 +264,7 @@ _GLOBAL(idle_kvm_start_guest) - stdu r1, -SWITCH_FRAME_SIZE(r4) - // Switch to new frame on emergency stack - mr r1, r4 -+ std r3, 32(r1) // Save SRR1 wakeup value - SAVE_NVGPRS(r1) - - /* -@@ -315,6 +316,10 @@ kvm_unsplit_wakeup: - - kvm_secondary_got_guest: - -+ // About to go to guest, clear saved SRR1 -+ li r0, 0 -+ std r0, 32(r1) -+ - /* Set HSTATE_DSCR(r13) to something sensible */ - ld r6, PACA_DSCR_DEFAULT(r13) - std r6, HSTATE_DSCR(r13) -@@ -394,8 +399,8 @@ kvm_no_guest: - mfspr r4, SPRN_LPCR - rlwimi r4, r3, 0, LPCR_PECE0 | LPCR_PECE1 - mtspr SPRN_LPCR, r4 -- /* set up r3 for return */ -- mfspr r3,SPRN_SRR1 -+ // Return SRR1 wakeup value, or 0 if we went into the guest -+ ld r3, 32(r1) - REST_NVGPRS(r1) - ld r1, 0(r1) // Switch back to caller stack - ld r0, 16(r1) // Reload LR diff --git a/queue-5.14/series b/queue-5.14/series index 00f3414a9f3..fc46ad29968 100644 --- a/queue-5.14/series +++ b/queue-5.14/series @@ -57,8 +57,6 @@ edac-armada-xp-fix-output-of-uncorrectable-error-counter.patch nvmem-fix-shift-out-of-bound-ubsan-with-byte-size-cells.patch virtio-blk-remove-unneeded-likely-statements.patch revert-virtio-blk-add-validation-for-block-size-in-config-space.patch -kvm-ppc-book3s-hv-fix-stack-handling-in-idle_kvm_start_guest.patch -kvm-ppc-book3s-hv-make-idle_kvm_start_guest-return-0-if-it-went-to-guest.patch x86-fpu-mask-out-the-invalid-mxcsr-bits-properly.patch x86-kconfig-do-not-enable-amd_mem_encrypt_active_by_default-automatically.patch powerpc-xive-discard-disabled-interrupts-in-get_irqchip_state.patch diff --git a/queue-5.4/kvm-ppc-book3s-hv-fix-stack-handling-in-idle_kvm_start_guest.patch b/queue-5.4/kvm-ppc-book3s-hv-fix-stack-handling-in-idle_kvm_start_guest.patch deleted file mode 100644 index 26345499222..00000000000 --- a/queue-5.4/kvm-ppc-book3s-hv-fix-stack-handling-in-idle_kvm_start_guest.patch +++ /dev/null @@ -1,105 +0,0 @@ -From 9b4416c5095c20e110c82ae602c254099b83b72f Mon Sep 17 00:00:00 2001 -From: Michael Ellerman -Date: Fri, 15 Oct 2021 23:01:48 +1100 -Subject: KVM: PPC: Book3S HV: Fix stack handling in idle_kvm_start_guest() - -From: Michael Ellerman - -commit 9b4416c5095c20e110c82ae602c254099b83b72f upstream. - -In commit 10d91611f426 ("powerpc/64s: Reimplement book3s idle code in -C") kvm_start_guest() became idle_kvm_start_guest(). The old code -allocated a stack frame on the emergency stack, but didn't use the -frame to store anything, and also didn't store anything in its caller's -frame. - -idle_kvm_start_guest() on the other hand is written more like a normal C -function, it creates a frame on entry, and also stores CR/LR into its -callers frame (per the ABI). The problem is that there is no caller -frame on the emergency stack. - -The emergency stack for a given CPU is allocated with: - - paca_ptrs[i]->emergency_sp = alloc_stack(limit, i) + THREAD_SIZE; - -So emergency_sp actually points to the first address above the emergency -stack allocation for a given CPU, we must not store above it without -first decrementing it to create a frame. This is different to the -regular kernel stack, paca->kstack, which is initialised to point at an -initial frame that is ready to use. - -idle_kvm_start_guest() stores the backchain, CR and LR all of which -write outside the allocation for the emergency stack. It then creates a -stack frame and saves the non-volatile registers. Unfortunately the -frame it creates is not large enough to fit the non-volatiles, and so -the saving of the non-volatile registers also writes outside the -emergency stack allocation. - -The end result is that we corrupt whatever is at 0-24 bytes, and 112-248 -bytes above the emergency stack allocation. - -In practice this has gone unnoticed because the memory immediately above -the emergency stack happens to be used for other stack allocations, -either another CPUs mc_emergency_sp or an IRQ stack. See the order of -calls to irqstack_early_init() and emergency_stack_init(). - -The low addresses of another stack are the top of that stack, and so are -only used if that stack is under extreme pressue, which essentially -never happens in practice - and if it did there's a high likelyhood we'd -crash due to that stack overflowing. - -Still, we shouldn't be corrupting someone else's stack, and it is purely -luck that we aren't corrupting something else. - -To fix it we save CR/LR into the caller's frame using the existing r1 on -entry, we then create a SWITCH_FRAME_SIZE frame (which has space for -pt_regs) on the emergency stack with the backchain pointing to the -existing stack, and then finally we switch to the new frame on the -emergency stack. - -Fixes: 10d91611f426 ("powerpc/64s: Reimplement book3s idle code in C") -Cc: stable@vger.kernel.org # v5.2+ -Signed-off-by: Michael Ellerman -Link: https://lore.kernel.org/r/20211015133929.832061-1-mpe@ellerman.id.au -Signed-off-by: Greg Kroah-Hartman ---- - arch/powerpc/kvm/book3s_hv_rmhandlers.S | 19 ++++++++++--------- - 1 file changed, 10 insertions(+), 9 deletions(-) - ---- a/arch/powerpc/kvm/book3s_hv_rmhandlers.S -+++ b/arch/powerpc/kvm/book3s_hv_rmhandlers.S -@@ -292,13 +292,15 @@ kvm_novcpu_exit: - * r3 contains the SRR1 wakeup value, SRR1 is trashed. - */ - _GLOBAL(idle_kvm_start_guest) -- ld r4,PACAEMERGSP(r13) - mfcr r5 - mflr r0 -- std r1,0(r4) -- std r5,8(r4) -- std r0,16(r4) -- subi r1,r4,STACK_FRAME_OVERHEAD -+ std r5, 8(r1) // Save CR in caller's frame -+ std r0, 16(r1) // Save LR in caller's frame -+ // Create frame on emergency stack -+ ld r4, PACAEMERGSP(r13) -+ stdu r1, -SWITCH_FRAME_SIZE(r4) -+ // Switch to new frame on emergency stack -+ mr r1, r4 - SAVE_NVGPRS(r1) - - /* -@@ -444,10 +446,9 @@ kvm_no_guest: - /* set up r3 for return */ - mfspr r3,SPRN_SRR1 - REST_NVGPRS(r1) -- addi r1, r1, STACK_FRAME_OVERHEAD -- ld r0, 16(r1) -- ld r5, 8(r1) -- ld r1, 0(r1) -+ ld r1, 0(r1) // Switch back to caller stack -+ ld r0, 16(r1) // Reload LR -+ ld r5, 8(r1) // Reload CR - mtlr r0 - mtcr r5 - blr diff --git a/queue-5.4/kvm-ppc-book3s-hv-make-idle_kvm_start_guest-return-0-if-it-went-to-guest.patch b/queue-5.4/kvm-ppc-book3s-hv-make-idle_kvm_start_guest-return-0-if-it-went-to-guest.patch deleted file mode 100644 index c23921e2936..00000000000 --- a/queue-5.4/kvm-ppc-book3s-hv-make-idle_kvm_start_guest-return-0-if-it-went-to-guest.patch +++ /dev/null @@ -1,71 +0,0 @@ -From cdeb5d7d890e14f3b70e8087e745c4a6a7d9f337 Mon Sep 17 00:00:00 2001 -From: Michael Ellerman -Date: Fri, 15 Oct 2021 23:02:08 +1100 -Subject: KVM: PPC: Book3S HV: Make idle_kvm_start_guest() return 0 if it went to guest - -From: Michael Ellerman - -commit cdeb5d7d890e14f3b70e8087e745c4a6a7d9f337 upstream. - -We call idle_kvm_start_guest() from power7_offline() if the thread has -been requested to enter KVM. We pass it the SRR1 value that was returned -from power7_idle_insn() which tells us what sort of wakeup we're -processing. - -Depending on the SRR1 value we pass in, the KVM code might enter the -guest, or it might return to us to do some host action if the wakeup -requires it. - -If idle_kvm_start_guest() is able to handle the wakeup, and enter the -guest it is supposed to indicate that by returning a zero SRR1 value to -us. - -That was the behaviour prior to commit 10d91611f426 ("powerpc/64s: -Reimplement book3s idle code in C"), however in that commit the -handling of SRR1 was reworked, and the zeroing behaviour was lost. - -Returning from idle_kvm_start_guest() without zeroing the SRR1 value can -confuse the host offline code, causing the guest to crash and other -weirdness. - -Fixes: 10d91611f426 ("powerpc/64s: Reimplement book3s idle code in C") -Cc: stable@vger.kernel.org # v5.2+ -Signed-off-by: Michael Ellerman -Link: https://lore.kernel.org/r/20211015133929.832061-2-mpe@ellerman.id.au -Signed-off-by: Greg Kroah-Hartman ---- - arch/powerpc/kvm/book3s_hv_rmhandlers.S | 9 +++++++-- - 1 file changed, 7 insertions(+), 2 deletions(-) - ---- a/arch/powerpc/kvm/book3s_hv_rmhandlers.S -+++ b/arch/powerpc/kvm/book3s_hv_rmhandlers.S -@@ -301,6 +301,7 @@ _GLOBAL(idle_kvm_start_guest) - stdu r1, -SWITCH_FRAME_SIZE(r4) - // Switch to new frame on emergency stack - mr r1, r4 -+ std r3, 32(r1) // Save SRR1 wakeup value - SAVE_NVGPRS(r1) - - /* -@@ -352,6 +353,10 @@ kvm_unsplit_wakeup: - - kvm_secondary_got_guest: - -+ // About to go to guest, clear saved SRR1 -+ li r0, 0 -+ std r0, 32(r1) -+ - /* Set HSTATE_DSCR(r13) to something sensible */ - ld r6, PACA_DSCR_DEFAULT(r13) - std r6, HSTATE_DSCR(r13) -@@ -443,8 +448,8 @@ kvm_no_guest: - mfspr r4, SPRN_LPCR - rlwimi r4, r3, 0, LPCR_PECE0 | LPCR_PECE1 - mtspr SPRN_LPCR, r4 -- /* set up r3 for return */ -- mfspr r3,SPRN_SRR1 -+ // Return SRR1 wakeup value, or 0 if we went into the guest -+ ld r3, 32(r1) - REST_NVGPRS(r1) - ld r1, 0(r1) // Switch back to caller stack - ld r0, 16(r1) // Reload LR diff --git a/queue-5.4/series b/queue-5.4/series index b528505921d..d85ad8ee1da 100644 --- a/queue-5.4/series +++ b/queue-5.4/series @@ -31,8 +31,6 @@ usb-serial-option-add-prod.-id-for-quectel-eg91.patch virtio-write-back-f_version_1-before-validate.patch edac-armada-xp-fix-output-of-uncorrectable-error-counter.patch nvmem-fix-shift-out-of-bound-ubsan-with-byte-size-cells.patch -kvm-ppc-book3s-hv-fix-stack-handling-in-idle_kvm_start_guest.patch -kvm-ppc-book3s-hv-make-idle_kvm_start_guest-return-0-if-it-went-to-guest.patch x86-kconfig-do-not-enable-amd_mem_encrypt_active_by_default-automatically.patch powerpc-xive-discard-disabled-interrupts-in-get_irqchip_state.patch iio-adc-aspeed-set-driver-data-when-adc-probe.patch