From: Jiri Slaby <jslaby@suse.cz>
To: stable@vger.kernel.org
Cc: linux-kernel@vger.kernel.org,
Boris Ostrovsky <boris.ostrovsky@oracle.com>,
"H. Peter Anvin" <hpa@linux.intel.com>,
Jiri Slaby <jslaby@suse.cz>
Subject: [PATCH 3.12 031/104] x86/espfix/xen: Fix allocation of pages for paravirt page tables
Date: Wed, 20 Aug 2014 13:42:54 +0200 [thread overview]
Message-ID: <9377a0c19fd479731713fca0e653d9d0d55f4415.1408535000.git.jslaby@suse.cz> (raw)
In-Reply-To: <cbcbb4c4826ff594b091e143b0f049f13ab7a64e.1408535000.git.jslaby@suse.cz>
In-Reply-To: <cover.1408535000.git.jslaby@suse.cz>
From: Boris Ostrovsky <boris.ostrovsky@oracle.com>
3.12-stable review patch. If anyone has any objections, please let me know.
===============
commit 8762e5092828c4dc0f49da5a47a644c670df77f3 upstream.
init_espfix_ap() is currently off by one level when informing hypervisor
that allocated pages will be used for ministacks' page tables.
The most immediate effect of this on a PV guest is that if
'stack_page = __get_free_page()' returns a non-zeroed-out page the hypervisor
will refuse to use it for a page table (which it shouldn't be anyway). This will
result in warnings by both Xen and Linux.
More importantly, a subsequent write to that page (again, by a PV guest) is
likely to result in fatal page fault.
Signed-off-by: Boris Ostrovsky <boris.ostrovsky@oracle.com>
Link: http://lkml.kernel.org/r/1404926298-5565-1-git-send-email-boris.ostrovsky@oracle.com
Reviewed-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Signed-off-by: H. Peter Anvin <hpa@linux.intel.com>
Signed-off-by: Jiri Slaby <jslaby@suse.cz>
---
arch/x86/kernel/espfix_64.c | 5 ++---
1 file changed, 2 insertions(+), 3 deletions(-)
diff --git a/arch/x86/kernel/espfix_64.c b/arch/x86/kernel/espfix_64.c
index 6afbb16e9b79..94d857fb1033 100644
--- a/arch/x86/kernel/espfix_64.c
+++ b/arch/x86/kernel/espfix_64.c
@@ -175,7 +175,7 @@ void init_espfix_ap(void)
if (!pud_present(pud)) {
pmd_p = (pmd_t *)__get_free_page(PGALLOC_GFP);
pud = __pud(__pa(pmd_p) | (PGTABLE_PROT & ptemask));
- paravirt_alloc_pud(&init_mm, __pa(pmd_p) >> PAGE_SHIFT);
+ paravirt_alloc_pmd(&init_mm, __pa(pmd_p) >> PAGE_SHIFT);
for (n = 0; n < ESPFIX_PUD_CLONES; n++)
set_pud(&pud_p[n], pud);
}
@@ -185,7 +185,7 @@ void init_espfix_ap(void)
if (!pmd_present(pmd)) {
pte_p = (pte_t *)__get_free_page(PGALLOC_GFP);
pmd = __pmd(__pa(pte_p) | (PGTABLE_PROT & ptemask));
- paravirt_alloc_pmd(&init_mm, __pa(pte_p) >> PAGE_SHIFT);
+ paravirt_alloc_pte(&init_mm, __pa(pte_p) >> PAGE_SHIFT);
for (n = 0; n < ESPFIX_PMD_CLONES; n++)
set_pmd(&pmd_p[n], pmd);
}
@@ -193,7 +193,6 @@ void init_espfix_ap(void)
pte_p = pte_offset_kernel(&pmd, addr);
stack_page = (void *)__get_free_page(GFP_KERNEL);
pte = __pte(__pa(stack_page) | (__PAGE_KERNEL_RO & ptemask));
- paravirt_alloc_pte(&init_mm, __pa(stack_page) >> PAGE_SHIFT);
for (n = 0; n < ESPFIX_PTE_CLONES; n++)
set_pte(&pte_p[n*PTE_STRIDE], pte);
--
2.0.4
next prev parent reply other threads:[~2014-08-20 12:08 UTC|newest]
Thread overview: 119+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-08-20 11:43 [PATCH 3.12 000/104] 3.12.27-stable review Jiri Slaby
2014-08-20 11:42 ` [PATCH 3.12 001/104] s390/ptrace: fix PSW mask check Jiri Slaby
2014-08-20 11:42 ` [PATCH 3.12 002/104] crypto: af_alg - properly label AF_ALG socket Jiri Slaby
2014-08-20 11:42 ` [PATCH 3.12 003/104] ARM: 8115/1: LPAE: reduce damage caused by idmap to virtual memory layout Jiri Slaby
2014-08-20 11:42 ` [PATCH 3.12 004/104] ath9k: fix aggregation session lockup Jiri Slaby
2014-08-20 11:42 ` [PATCH 3.12 005/104] cfg80211: fix mic_failure tracing Jiri Slaby
2014-08-20 11:42 ` [PATCH 3.12 006/104] rapidio/tsi721_dma: fix failure to obtain transaction descriptor Jiri Slaby
2014-08-20 11:42 ` [PATCH 3.12 007/104] scsi: handle flush errors properly Jiri Slaby
2014-08-20 11:42 ` [PATCH 3.12 008/104] mm/page-writeback.c: fix divide by zero in bdi_dirty_limits() Jiri Slaby
2014-08-20 11:42 ` [PATCH 3.12 009/104] mm, thp: do not allow thp faults to avoid cpuset restrictions Jiri Slaby
2014-08-20 11:42 ` [PATCH 3.12 010/104] memcg: oom_notify use-after-free fix Jiri Slaby
2014-08-20 11:42 ` [PATCH 3.12 011/104] staging: vt6655: Fix disassociated messages every 10 seconds Jiri Slaby
2014-08-20 11:42 ` [PATCH 3.12 012/104] iio:bma180: Fix scale factors to report correct acceleration units Jiri Slaby
2014-08-20 11:42 ` [PATCH 3.12 013/104] iio:bma180: Missing check for frequency fractional part Jiri Slaby
2014-08-20 11:42 ` [PATCH 3.12 014/104] iio: buffer: Fix demux table creation Jiri Slaby
2014-08-20 11:42 ` [PATCH 3.12 015/104] dm bufio: fully initialize shrinker Jiri Slaby
2014-08-20 11:42 ` [PATCH 3.12 016/104] dm cache: fix race affecting dirty block count Jiri Slaby
2014-08-20 11:42 ` [PATCH 3.12 017/104] printk: rename printk_sched to printk_deferred Jiri Slaby
2014-08-20 11:42 ` [PATCH 3.12 018/104] timer: Fix lock inversion between hrtimer_bases.lock and scheduler locks Jiri Slaby
2014-08-20 11:42 ` [PATCH 3.12 019/104] Revert "x86-64, modify_ldt: Make support for 16-bit segments a runtime option" Jiri Slaby
2014-08-20 11:42 ` [PATCH 3.12 020/104] x86-64, espfix: Don't leak bits 31:16 of %esp returning to 16-bit stack Jiri Slaby
2014-08-20 11:42 ` [PATCH 3.12 021/104] x86, espfix: Move espfix definitions into a separate header file Jiri Slaby
2014-08-20 11:42 ` [PATCH 3.12 022/104] x86, espfix: Fix broken header guard Jiri Slaby
2014-08-20 11:42 ` [PATCH 3.12 023/104] x86, espfix: Make espfix64 a Kconfig option, fix UML Jiri Slaby
2014-08-20 11:42 ` [PATCH 3.12 024/104] x86, espfix: Make it possible to disable 16-bit support Jiri Slaby
2014-08-20 11:42 ` [PATCH 3.12 025/104] x86_64/entry/xen: Do not invoke espfix64 on Xen Jiri Slaby
2014-08-20 11:42 ` [PATCH 3.12 026/104] staging: vt6655: Fix Warning on boot handle_irq_event_percpu Jiri Slaby
2014-08-20 11:42 ` [PATCH 3.12 027/104] Revert "mac80211: move "bufferable MMPDU" check to fix AP mode scan" Jiri Slaby
2014-08-20 11:42 ` [PATCH 3.12 028/104] xtensa: add fixup for double exception raised in window overflow Jiri Slaby
2014-08-20 11:42 ` [PATCH 3.12 029/104] net/l2tp: don't fall back on UDP [get|set]sockopt Jiri Slaby
2014-08-20 11:42 ` [PATCH 3.12 030/104] lib/btree.c: fix leak of whole btree nodes Jiri Slaby
2014-08-20 11:42 ` Jiri Slaby [this message]
2014-08-20 11:42 ` [PATCH 3.12 032/104] bnx2x: fix crash during TSO tunneling Jiri Slaby
2014-08-20 11:42 ` [PATCH 3.12 033/104] inetpeer: get rid of ip_id_count Jiri Slaby
2014-08-20 11:42 ` [PATCH 3.12 034/104] ip: make IP identifiers less predictable Jiri Slaby
2014-08-20 11:42 ` [PATCH 3.12 035/104] net: sendmsg: fix NULL pointer dereference Jiri Slaby
2014-08-20 11:42 ` [PATCH 3.12 036/104] tcp: Fix integer-overflows in TCP veno Jiri Slaby
2014-08-20 11:43 ` [PATCH 3.12 037/104] tcp: Fix integer-overflow in TCP vegas Jiri Slaby
2014-08-20 11:43 ` [PATCH 3.12 038/104] net: sctp: inherit auth_capable on INIT collisions Jiri Slaby
2014-08-20 11:43 ` [PATCH 3.12 039/104] macvlan: Initialize vlan_features to turn on offload support Jiri Slaby
2014-08-20 11:43 ` [PATCH 3.12 040/104] net: Correctly set segment mac_len in skb_segment() Jiri Slaby
2014-08-20 11:43 ` [PATCH 3.12 041/104] iovec: make sure the caller actually wants anything in memcpy_fromiovecend Jiri Slaby
2014-08-20 11:43 ` [PATCH 3.12 042/104] sctp: fix possible seqlock seadlock in sctp_packet_transmit() Jiri Slaby
2014-08-20 11:43 ` [PATCH 3.12 043/104] sparc64: Fix argument sign extension for compat_sys_futex() Jiri Slaby
2014-08-20 11:43 ` [PATCH 3.12 044/104] sparc64: Make itc_sync_lock raw Jiri Slaby
2014-08-20 11:43 ` [PATCH 3.12 045/104] sparc64: Fix executable bit testing in set_pmd_at() paths Jiri Slaby
2014-08-20 11:43 ` [PATCH 3.12 046/104] sparc64: Handle 32-bit tasks properly in compute_effective_address() Jiri Slaby
2014-08-20 11:43 ` [PATCH 3.12 047/104] sparc64: Fix top-level fault handling bugs Jiri Slaby
2014-08-20 11:43 ` [PATCH 3.12 048/104] sparc64: Add basic validations to {pud,pmd}_bad() Jiri Slaby
2014-08-20 11:43 ` [PATCH 3.12 049/104] sparc64: Give more detailed information in {pgd,pmd}_ERROR() and kill pte_ERROR() Jiri Slaby
2014-08-20 11:43 ` [PATCH 3.12 050/104] sparc64: Don't bark so loudly about 32-bit tasks generating 64-bit fault addresses Jiri Slaby
2014-08-20 11:43 ` [PATCH 3.12 051/104] sparc64: Fix huge TSB mapping on pre-UltraSPARC-III cpus Jiri Slaby
2014-08-20 11:43 ` [PATCH 3.12 052/104] sparc64: Add membar to Niagara2 memcpy code Jiri Slaby
2014-08-20 11:43 ` [PATCH 3.12 053/104] sparc64: Do not insert non-valid PTEs into the TSB hash table Jiri Slaby
2014-08-20 11:43 ` [PATCH 3.12 054/104] sparc64: Guard against flushing openfirmware mappings Jiri Slaby
2014-08-20 11:43 ` [PATCH 3.12 055/104] bbc-i2c: Fix BBC I2C envctrl on SunBlade 2000 Jiri Slaby
2014-08-20 11:43 ` Jiri Slaby
2014-08-20 11:43 ` [PATCH 3.12 056/104] sunsab: Fix detection of BREAK on sunsab serial console Jiri Slaby
2014-08-20 11:43 ` Jiri Slaby
2014-08-20 11:43 ` [PATCH 3.12 057/104] sparc64: ldc_connect() should not return EINVAL when handshake is in progress Jiri Slaby
2014-08-20 11:43 ` [PATCH 3.12 058/104] arch/sparc/math-emu/math_32.c: drop stray break operator Jiri Slaby
2014-08-20 11:43 ` [PATCH 3.12 059/104] iwlwifi: mvm: Add a missed beacons threshold Jiri Slaby
2014-08-20 11:43 ` [PATCH 3.12 060/104] mac80211: reset probe_send_count also in HW_CONNECTION_MONITOR case Jiri Slaby
2014-08-20 11:43 ` [PATCH 3.12 061/104] hugetlb: fix copy_hugetlb_page_range() to handle migration/hwpoisoned entry Jiri Slaby
2014-08-20 11:43 ` [PATCH 3.12 062/104] mm: hugetlb: fix copy_hugetlb_page_range() Jiri Slaby
2014-08-20 11:43 ` [PATCH 3.12 063/104] mnt: Only change user settable mount flags in remount Jiri Slaby
2014-08-20 11:43 ` [PATCH 3.12 064/104] mnt: Move the test for MNT_LOCK_READONLY from change_mount_flags into do_remount Jiri Slaby
2014-08-20 11:43 ` [PATCH 3.12 065/104] mnt: Correct permission checks in do_remount Jiri Slaby
2014-08-20 11:43 ` [PATCH 3.12 066/104] ext4: Fix block zeroing when punching holes in indirect block files Jiri Slaby
2014-08-20 11:43 ` [PATCH 3.12 067/104] offb: Little endian fixes Jiri Slaby
2014-08-20 11:43 ` [PATCH 3.12 068/104] fbcon: Clean up fbcon data in fb_info on FB_EVENT_FB_UNBIND with 0 fbs Jiri Slaby
2014-08-20 11:43 ` [PATCH 3.12 069/104] DMA-API: provide a helper to set both DMA and coherent DMA masks Jiri Slaby
2014-08-20 11:43 ` [PATCH 3.12 070/104] DMA-API: net: intel/e1000e: fix 32-bit DMA mask handling Jiri Slaby
2014-08-20 11:43 ` [PATCH 3.12 071/104] e1000e: Fix a compile flag mis-match for suspend/resume Jiri Slaby
2014-08-20 11:43 ` [PATCH 3.12 072/104] e1000e: Fix compilation warning when !CONFIG_PM_SLEEP Jiri Slaby
2014-08-20 11:43 ` [PATCH 3.12 073/104] e1000: fix wrong queue idx calculation Jiri Slaby
2014-08-20 11:43 ` [PATCH 3.12 074/104] e1000: prevent oops when adapter is being closed and reset simultaneously Jiri Slaby
2014-08-20 11:43 ` [PATCH 3.12 075/104] e1000: fix possible reset_task running after adapter down Jiri Slaby
2014-08-20 11:43 ` [PATCH 3.12 076/104] DMA-API: net: intel/ixgbe: fix 32-bit DMA mask handling Jiri Slaby
2014-08-20 11:43 ` [PATCH 3.12 077/104] ixgbe: fix rx-usecs range checks for BQL Jiri Slaby
2014-08-20 11:43 ` [PATCH 3.12 078/104] ixgbe: fix qv_lock_napi call in ixgbe_napi_disable_all Jiri Slaby
2014-08-21 10:03 ` Eliezer Tamir
2014-08-21 14:55 ` Keller, Jacob E
2014-08-21 14:55 ` Keller, Jacob E
2014-08-20 11:43 ` [PATCH 3.12 079/104] ixgbe: fix inconsistent clearing of the multicast table Jiri Slaby
2014-08-20 11:43 ` [PATCH 3.12 080/104] DMA-API: net: intel/ixgbevf: fix 32-bit DMA mask handling Jiri Slaby
2014-08-20 11:43 ` [PATCH 3.12 081/104] ixgbevf: cleanup redundant mailbox read failure check Jiri Slaby
2014-08-20 11:43 ` [PATCH 3.12 082/104] DMA-API: net: intel/igb: fix 32-bit DMA mask handling Jiri Slaby
2014-08-20 11:43 ` [PATCH 3.12 083/104] igb: Add ethtool offline tests for i354 Jiri Slaby
2014-08-20 11:43 ` [PATCH 3.12 084/104] igb: Fix master/slave mode for all m88 i354 PHY's Jiri Slaby
2014-08-20 11:43 ` [PATCH 3.12 085/104] igb: fix driver reload with VF assigned to guest Jiri Slaby
2014-08-20 11:43 ` [PATCH 3.12 086/104] igb: Don't let ethtool try to write to iNVM in i210/i211 Jiri Slaby
2014-08-20 11:43 ` [PATCH 3.12 087/104] igb: Fixed Wake On LAN support Jiri Slaby
2014-08-20 11:43 ` [PATCH 3.12 088/104] DMA-API: net: intel/igbvf: fix 32-bit DMA mask handling Jiri Slaby
2014-08-20 11:43 ` [PATCH 3.12 089/104] igbvf: integer wrapping bug setting the mtu Jiri Slaby
2014-08-20 11:43 ` [PATCH 3.12 090/104] igbvf: add missing iounmap() on error in igbvf_probe() Jiri Slaby
2014-08-20 11:43 ` [PATCH 3.12 091/104] DMA-API: net: brocade/bna/bnad.c: fix 32-bit DMA mask handling Jiri Slaby
2014-08-20 11:43 ` [PATCH 3.12 092/104] netxen: Correct off-by-one errors in bounds checks Jiri Slaby
2014-08-20 11:43 ` [PATCH 3.12 093/104] RDMA/cxgb3: Fix information leak in send_abort() Jiri Slaby
2014-08-20 11:43 ` [PATCH 3.12 094/104] bnx2x: Test nvram when interface is down Jiri Slaby
2014-08-20 11:43 ` [PATCH 3.12 095/104] bnx2fc: fix memory leak in bnx2fc_allocate_hash_table() Jiri Slaby
2014-08-20 11:43 ` [PATCH 3.12 096/104] tg3: Add support for new 577xx device ids Jiri Slaby
2014-08-20 11:44 ` [PATCH 3.12 097/104] tipc: don't use memcpy to copy from user space Jiri Slaby
2014-08-20 11:44 ` [PATCH 3.12 098/104] PCI: rphahp: Fix endianess issues Jiri Slaby
2014-08-20 11:44 ` [PATCH 3.12 099/104] Input: i8042 - add Acer Aspire 5710 to nomux blacklist Jiri Slaby
2014-08-20 11:44 ` [PATCH 3.12 100/104] HID: logitech-dj: Fix USB 3.0 issue Jiri Slaby
2014-08-20 11:44 ` [PATCH 3.12 101/104] ALSA: hda - load EQ params into IDT codec on HP bNB13 systems Jiri Slaby
2014-08-20 11:44 ` [PATCH 3.12 102/104] drivers/rtc/rtc-efi.c: avoid subtracting day twice when computing year days Jiri Slaby
2014-08-20 11:44 ` [PATCH 3.12 103/104] drivers/rtc/rtc-efi.c: check for invalid data coming back from UEFI Jiri Slaby
2014-08-20 11:44 ` [PATCH 3.12 104/104] drivers/rtc/interface.c: fix infinite loop in initializing the alarm Jiri Slaby
2014-08-20 16:54 ` [PATCH 3.12 000/104] 3.12.27-stable review Guenter Roeck
2014-08-20 19:54 ` Guenter Roeck
2014-08-21 8:05 ` Jiri Slaby
2014-08-21 15:08 ` Guenter Roeck
2014-08-21 16:31 ` Guenter Roeck
2014-08-23 15:14 ` Guenter Roeck
2014-08-23 18:10 ` David Miller
2014-08-26 11:32 ` Jiri Slaby
2014-08-22 19:38 ` Shuah Khan
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=9377a0c19fd479731713fca0e653d9d0d55f4415.1408535000.git.jslaby@suse.cz \
--to=jslaby@suse.cz \
--cc=boris.ostrovsky@oracle.com \
--cc=hpa@linux.intel.com \
--cc=linux-kernel@vger.kernel.org \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.