* Patch "iommu/arm-smmu: Fix CMDQ error handling" has been added to the 4.4-stable tree
@ 2016-09-05 13:36 gregkh
0 siblings, 0 replies; only message in thread
From: gregkh @ 2016-09-05 13:36 UTC (permalink / raw)
To: will.deacon, Diwakar.Subraveti, gregkh; +Cc: stable, stable-commits
This is a note to let you know that I've just added the patch titled
iommu/arm-smmu: Fix CMDQ error handling
to the 4.4-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
iommu-arm-smmu-fix-cmdq-error-handling.patch
and it can be found in the queue-4.4 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@vger.kernel.org> know about it.
>From aea2037e0d3e23c3be1498feae29f71ca997d9e6 Mon Sep 17 00:00:00 2001
From: Will Deacon <will.deacon@arm.com>
Date: Fri, 29 Jul 2016 11:15:37 +0100
Subject: iommu/arm-smmu: Fix CMDQ error handling
From: Will Deacon <will.deacon@arm.com>
commit aea2037e0d3e23c3be1498feae29f71ca997d9e6 upstream.
In the unlikely event of a global command queue error, the ARM SMMUv3
driver attempts to convert the problematic command into a CMD_SYNC and
resume the command queue. Unfortunately, this code is pretty badly
broken:
1. It uses the index into the error string table as the CMDQ index,
so we probably read the wrong entry out of the queue
2. The arguments to queue_write are the wrong way round, so we end up
writing from the queue onto the stack.
These happily cancel out, so the kernel is likely to stay alive, but
the command queue will probably fault again when we resume.
This patch fixes the error handling code to use the correct queue index
and write back the CMD_SYNC to the faulting entry.
Fixes: 48ec83bcbcf5 ("iommu/arm-smmu: Add initial driver support for ARM SMMUv3 devices")
Reported-by: Diwakar Subraveti <Diwakar.Subraveti@arm.com>
Signed-off-by: Will Deacon <will.deacon@arm.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
drivers/iommu/arm-smmu-v3.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
--- a/drivers/iommu/arm-smmu-v3.c
+++ b/drivers/iommu/arm-smmu-v3.c
@@ -870,7 +870,7 @@ static void arm_smmu_cmdq_skip_err(struc
* We may have concurrent producers, so we need to be careful
* not to touch any of the shadow cmdq state.
*/
- queue_read(cmd, Q_ENT(q, idx), q->ent_dwords);
+ queue_read(cmd, Q_ENT(q, cons), q->ent_dwords);
dev_err(smmu->dev, "skipping command in error state:\n");
for (i = 0; i < ARRAY_SIZE(cmd); ++i)
dev_err(smmu->dev, "\t0x%016llx\n", (unsigned long long)cmd[i]);
@@ -881,7 +881,7 @@ static void arm_smmu_cmdq_skip_err(struc
return;
}
- queue_write(cmd, Q_ENT(q, idx), q->ent_dwords);
+ queue_write(Q_ENT(q, cons), cmd, q->ent_dwords);
}
static void arm_smmu_cmdq_issue_cmd(struct arm_smmu_device *smmu,
Patches currently in stable-queue which might be from will.deacon@arm.com are
queue-4.4/arm64-define-at_vector_size_arch-for-arch_dlinfo.patch
queue-4.4/iommu-arm-smmu-don-t-bug-if-we-find-aborting-stes-with-disable_bypass.patch
queue-4.4/iommu-arm-smmu-fix-cmdq-error-handling.patch
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2016-09-05 13:36 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2016-09-05 13:36 Patch "iommu/arm-smmu: Fix CMDQ error handling" has been added to the 4.4-stable tree gregkh
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.