Home Home > GIT Browse
summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJiri Slaby <jslaby@suse.cz>2019-05-17 06:38:43 +0200
committerJiri Slaby <jslaby@suse.cz>2019-05-17 06:38:52 +0200
commit64be51d08624dd18de498a0d34cb916db972a7a9 (patch)
treec963da6c8531b9692c81243e1a8d575b39924deb
parentbc073a4a89f27bfdb579740dc88551cbc08ffbd2 (diff)
powerpc/powernv/idle: Restore IAMR after idle (bnc#1012628).
-rw-r--r--patches.kernel.org/5.1.3-037-powerpc-powernv-idle-Restore-IAMR-after-idle.patch84
-rw-r--r--series.conf1
2 files changed, 85 insertions, 0 deletions
diff --git a/patches.kernel.org/5.1.3-037-powerpc-powernv-idle-Restore-IAMR-after-idle.patch b/patches.kernel.org/5.1.3-037-powerpc-powernv-idle-Restore-IAMR-after-idle.patch
new file mode 100644
index 0000000000..3d6c8e0fa7
--- /dev/null
+++ b/patches.kernel.org/5.1.3-037-powerpc-powernv-idle-Restore-IAMR-after-idle.patch
@@ -0,0 +1,84 @@
+From: Russell Currey <ruscur@russell.cc>
+Date: Thu, 18 Apr 2019 16:51:16 +1000
+Subject: [PATCH] powerpc/powernv/idle: Restore IAMR after idle
+References: bnc#1012628
+Patch-mainline: 5.1.3
+Git-commit: a3f3072db6cad40895c585dce65e36aab997f042
+
+commit a3f3072db6cad40895c585dce65e36aab997f042 upstream.
+
+Without restoring the IAMR after idle, execution prevention on POWER9
+with Radix MMU is overwritten and the kernel can freely execute
+userspace without faulting.
+
+This is necessary when returning from any stop state that modifies
+user state, as well as hypervisor state.
+
+To test how this fails without this patch, load the lkdtm driver and
+do the following:
+
+ $ echo EXEC_USERSPACE > /sys/kernel/debug/provoke-crash/DIRECT
+
+which won't fault, then boot the kernel with powersave=off, where it
+will fault. Applying this patch will fix this.
+
+Fixes: 3b10d0095a1e ("powerpc/mm/radix: Prevent kernel execution of user space")
+Cc: stable@vger.kernel.org # v4.10+
+Signed-off-by: Russell Currey <ruscur@russell.cc>
+Reviewed-by: Akshay Adiga <akshay.adiga@linux.vnet.ibm.com>
+Reviewed-by: Nicholas Piggin <npiggin@gmail.com>
+Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+Signed-off-by: Jiri Slaby <jslaby@suse.cz>
+---
+ arch/powerpc/kernel/idle_book3s.S | 20 ++++++++++++++++++++
+ 1 file changed, 20 insertions(+)
+
+diff --git a/arch/powerpc/kernel/idle_book3s.S b/arch/powerpc/kernel/idle_book3s.S
+index 7f5ac2e8581b..36178000a2f2 100644
+--- a/arch/powerpc/kernel/idle_book3s.S
++++ b/arch/powerpc/kernel/idle_book3s.S
+@@ -170,6 +170,9 @@ core_idle_lock_held:
+ bne- core_idle_lock_held
+ blr
+
++/* Reuse an unused pt_regs slot for IAMR */
++#define PNV_POWERSAVE_IAMR _DAR
++
+ /*
+ * Pass requested state in r3:
+ * r3 - PNV_THREAD_NAP/SLEEP/WINKLE in POWER8
+@@ -200,6 +203,12 @@ pnv_powersave_common:
+ /* Continue saving state */
+ SAVE_GPR(2, r1)
+ SAVE_NVGPRS(r1)
++
++BEGIN_FTR_SECTION
++ mfspr r5, SPRN_IAMR
++ std r5, PNV_POWERSAVE_IAMR(r1)
++END_FTR_SECTION_IFSET(CPU_FTR_ARCH_207S)
++
+ mfcr r5
+ std r5,_CCR(r1)
+ std r1,PACAR1(r13)
+@@ -924,6 +933,17 @@ BEGIN_FTR_SECTION
+ END_FTR_SECTION_IFSET(CPU_FTR_HVMODE)
+ REST_NVGPRS(r1)
+ REST_GPR(2, r1)
++
++BEGIN_FTR_SECTION
++ /* IAMR was saved in pnv_powersave_common() */
++ ld r5, PNV_POWERSAVE_IAMR(r1)
++ mtspr SPRN_IAMR, r5
++ /*
++ * We don't need an isync here because the upcoming mtmsrd is
++ * execution synchronizing.
++ */
++END_FTR_SECTION_IFSET(CPU_FTR_ARCH_207S)
++
+ ld r4,PACAKMSR(r13)
+ ld r5,_LINK(r1)
+ ld r6,_CCR(r1)
+--
+2.21.0
+
diff --git a/series.conf b/series.conf
index a03564e358..6a3d794eb7 100644
--- a/series.conf
+++ b/series.conf
@@ -122,6 +122,7 @@
patches.kernel.org/5.1.3-034-drivers-virt-fsl_hypervisor.c-dereferencing-err.patch
patches.kernel.org/5.1.3-035-drivers-virt-fsl_hypervisor.c-prevent-integer-o.patch
patches.kernel.org/5.1.3-036-powerpc-book3s-64-check-for-NULL-pointer-in-pgd.patch
+ patches.kernel.org/5.1.3-037-powerpc-powernv-idle-Restore-IAMR-after-idle.patch
########################################################
# Build fixes that apply to the vanilla kernel too.