From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-13.8 required=3.0 tests=BAYES_00, HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER,INCLUDES_PATCH, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 8553DC636C9 for ; Sat, 17 Jul 2021 15:56:29 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 5E7906115A for ; Sat, 17 Jul 2021 15:56:29 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234952AbhGQP7Y convert rfc822-to-8bit (ORCPT ); Sat, 17 Jul 2021 11:59:24 -0400 Received: from pegase1.c-s.fr ([93.17.236.30]:31541 "EHLO pegase1.c-s.fr" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232146AbhGQP7O (ORCPT ); Sat, 17 Jul 2021 11:59:14 -0400 Received: from localhost (mailhub3.si.c-s.fr [192.168.12.233]) by localhost (Postfix) with ESMTP id 4GRt4w5lXbzB6Pg; Sat, 17 Jul 2021 17:56:16 +0200 (CEST) X-Virus-Scanned: amavisd-new at c-s.fr Received: from pegase1.c-s.fr ([192.168.12.234]) by localhost (pegase1.c-s.fr [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xxSANAge3v1t; Sat, 17 Jul 2021 17:56:16 +0200 (CEST) Received: from vm-hermes.si.c-s.fr (vm-hermes.si.c-s.fr [192.168.25.253]) by pegase1.c-s.fr (Postfix) with ESMTP id 4GRt4w4cPPzB6Pf; Sat, 17 Jul 2021 17:56:16 +0200 (CEST) Received: by vm-hermes.si.c-s.fr (Postfix, from userid 33) id 248B6560; Sat, 17 Jul 2021 18:01:27 +0200 (CEST) Received: from 37-171-38-5.coucou-networks.fr (37-171-38-5.coucou-networks.fr [37.171.38.5]) by messagerie.c-s.fr (Horde Framework) with HTTP; Sat, 17 Jul 2021 18:01:27 +0200 Date: Sat, 17 Jul 2021 18:01:27 +0200 Message-ID: <20210717180127.Horde.OIjMJnVEEfP_oAQkDsg2IA1@messagerie.c-s.fr> From: Christophe Leroy To: Guenter Roeck Cc: linuxppc-dev@lists.ozlabs.org, Oliver O'Halloran , Paul Mackerras , Geert Uytterhoeven , linux-kernel@vger.kernel.org Subject: Re: [PATCH] powerpc/chrp: Revert "Move PHB discovery" and "Make hydra_init() static" References: <20210716221159.3587039-1-linux@roeck-us.net> <20210717175750.Horde.TLZWyADKWFGAyFWIYtmglA2@messagerie.c-s.fr> In-Reply-To: <20210717175750.Horde.TLZWyADKWFGAyFWIYtmglA2@messagerie.c-s.fr> User-Agent: Internet Messaging Program (IMP) H5 (6.2.3) Content-Type: text/plain; charset=UTF-8; format=flowed; DelSp=Yes MIME-Version: 1.0 Content-Disposition: inline Content-Transfer-Encoding: 8BIT Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Christophe Leroy a écrit : > Guenter Roeck a écrit : > >> This patch reverts commit 407d418f2fd4 ("powerpc/chrp: Move PHB >> discovery") and commit 9634afa67bfd ("powerpc/chrp: Make hydra_init() >> static"). >> >> Running the upstream kernel on Qemu's brand new "pegasos2" emulation >> results in a variety of backtraces such as >> >> Kernel attempted to write user page (a1) - exploit attempt? (uid: 0) >> ------------[ cut here ]------------ >> Bug: Write fault blocked by KUAP! >> WARNING: CPU: 0 PID: 0 at arch/powerpc/mm/fault.c:230 >> do_page_fault+0x4f4/0x920 >> CPU: 0 PID: 0 Comm: swapper Not tainted 5.13.2 #40 >> NIP: c0021824 LR: c0021824 CTR: 00000000 >> REGS: c1085d50 TRAP: 0700 Not tainted (5.13.2) >> MSR: 00021032 CR: 24042254 XER: 00000000 >> >> GPR00: c0021824 c1085e10 c0f8c520 00000021 3fffefff c1085c60 >> c1085c58 00000000 >> GPR08: 00001032 00000000 00000000 c0ffb3ec 44042254 00000000 >> 00000000 00000004 >> GPR16: 00000000 ffffffff 000000c4 000000d0 0188c6e0 01006000 >> 00000001 40b14000 >> GPR24: c0ec000c 00000300 02000000 00000000 42000000 000000a1 >> 00000000 c1085e60 >> NIP [c0021824] do_page_fault+0x4f4/0x920 >> LR [c0021824] do_page_fault+0x4f4/0x920 >> Call Trace: >> [c1085e10] [c0021824] do_page_fault+0x4f4/0x920 (unreliable) >> [c1085e50] [c0004254] DataAccess_virt+0xd4/0xe4 >> >> and the system fails to boot. Bisect points to commit 407d418f2fd4 >> ("powerpc/chrp: Move PHB discovery"). Reverting this patch together with >> commit 9634afa67bfd ("powerpc/chrp: Make hydra_init() static") fixes >> the problem. > > Isn't there more than that in the backtrace ? If there is a fault > blocked by Kuap, it means there is a fault. It should be visible in > the traces. > > Should we fix the problem instead of reverting the commit that made > the problem visible ? > Also, as it is a KUAP fault, did you test without CONFIG_PPC_KUAP ? Does it boot ? > >> >> Cc: Oliver O'Halloran >> Cc: Geert Uytterhoeven >> Fixes: 407d418f2fd4 ("powerpc/chrp: Move PHB discovery") >> Signed-off-by: Guenter Roeck >> --- >> arch/powerpc/include/asm/hydra.h | 2 ++ >> arch/powerpc/platforms/chrp/pci.c | 11 ++--------- >> arch/powerpc/platforms/chrp/setup.c | 12 +++++++++++- >> 3 files changed, 15 insertions(+), 10 deletions(-) >> >> diff --git a/arch/powerpc/include/asm/hydra.h >> b/arch/powerpc/include/asm/hydra.h >> index d024447283a0..ae02eb53d6ef 100644 >> --- a/arch/powerpc/include/asm/hydra.h >> +++ b/arch/powerpc/include/asm/hydra.h >> @@ -94,6 +94,8 @@ extern volatile struct Hydra __iomem *Hydra; >> #define HYDRA_INT_EXT7 18 /* Power Off Request */ >> #define HYDRA_INT_SPARE 19 >> >> +extern int hydra_init(void); >> + >> #endif /* __KERNEL__ */ >> >> #endif /* _ASMPPC_HYDRA_H */ >> diff --git a/arch/powerpc/platforms/chrp/pci.c >> b/arch/powerpc/platforms/chrp/pci.c >> index 76e6256cb0a7..b2c2bf35b76c 100644 >> --- a/arch/powerpc/platforms/chrp/pci.c >> +++ b/arch/powerpc/platforms/chrp/pci.c >> @@ -131,7 +131,8 @@ static struct pci_ops rtas_pci_ops = >> >> volatile struct Hydra __iomem *Hydra = NULL; >> >> -static int __init hydra_init(void) >> +int __init >> +hydra_init(void) >> { >> struct device_node *np; >> struct resource r; >> @@ -313,14 +314,6 @@ chrp_find_bridges(void) >> } >> } >> of_node_put(root); >> - >> - /* >> - * "Temporary" fixes for PCI devices. >> - * -- Geert >> - */ >> - hydra_init(); /* Mac I/O */ >> - >> - pci_create_OF_bus_map(); >> } >> >> /* SL82C105 IDE Control/Status Register */ >> diff --git a/arch/powerpc/platforms/chrp/setup.c >> b/arch/powerpc/platforms/chrp/setup.c >> index 3cfc382841e5..c45435aa5e36 100644 >> --- a/arch/powerpc/platforms/chrp/setup.c >> +++ b/arch/powerpc/platforms/chrp/setup.c >> @@ -334,11 +334,22 @@ static void __init chrp_setup_arch(void) >> /* On pegasos, enable the L2 cache if not already done by OF */ >> pegasos_set_l2cr(); >> >> + /* Lookup PCI host bridges */ >> + chrp_find_bridges(); >> + >> + /* >> + * Temporary fixes for PCI devices. >> + * -- Geert >> + */ >> + hydra_init(); /* Mac I/O */ >> + >> /* >> * Fix the Super I/O configuration >> */ >> sio_init(); >> >> + pci_create_OF_bus_map(); >> + >> /* >> * Print the banner, then scroll down so boot progress >> * can be printed. -- Cort >> @@ -571,7 +582,6 @@ define_machine(chrp) { >> .name = "CHRP", >> .probe = chrp_probe, >> .setup_arch = chrp_setup_arch, >> - .discover_phbs = chrp_find_bridges, >> .init = chrp_init2, >> .show_cpuinfo = chrp_show_cpuinfo, >> .init_IRQ = chrp_init_IRQ, >> -- >> 2.25.1