From: Kamal Mostafa <kamal@canonical.com>
To: linux-kernel@vger.kernel.org, stable@vger.kernel.org,
kernel-team@lists.ubuntu.com
Cc: Andrew Cooper <andrew.cooper3@citrix.com>,
Rusty Russell <rusty@rustcorp.com.au>,
Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>,
Boris Ostrovsky <boris.ostrovsky@oracle.com>,
<lguest@lists.ozlabs.org>, Xen-devel <xen-devel@lists.xen.org>,
Thomas Gleixner <tglx@linutronix.de>,
Kamal Mostafa <kamal@canonical.com>
Subject: [PATCH 3.13.y-ckt 24/78] x86/cpu: Fix SMAP check in PVOPS environments
Date: Wed, 16 Dec 2015 16:39:08 -0800 [thread overview]
Message-ID: <1450312802-4938-25-git-send-email-kamal@canonical.com> (raw)
In-Reply-To: <1450312802-4938-1-git-send-email-kamal@canonical.com>
3.13.11-ckt32 -stable review patch. If anyone has any objections, please let me know.
------------------
From: Andrew Cooper <andrew.cooper3@citrix.com>
commit 581b7f158fe0383b492acd1ce3fb4e99d4e57808 upstream.
There appears to be no formal statement of what pv_irq_ops.save_fl() is
supposed to return precisely. Native returns the full flags, while lguest and
Xen only return the Interrupt Flag, and both have comments by the
implementations stating that only the Interrupt Flag is looked at. This may
have been true when initially implemented, but no longer is.
To make matters worse, the Xen PVOP leaves the upper bits undefined, making
the BUG_ON() undefined behaviour. Experimentally, this now trips for 32bit PV
guests on Broadwell hardware. The BUG_ON() is consistent for an individual
build, but not consistent for all builds. It has also been a sitting timebomb
since SMAP support was introduced.
Use native_save_fl() instead, which will obtain an accurate view of the AC
flag.
Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
Reviewed-by: David Vrabel <david.vrabel@citrix.com>
Tested-by: Rusty Russell <rusty@rustcorp.com.au>
Cc: Rusty Russell <rusty@rustcorp.com.au>
Cc: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Cc: Boris Ostrovsky <boris.ostrovsky@oracle.com>
Cc: <lguest@lists.ozlabs.org>
Cc: Xen-devel <xen-devel@lists.xen.org>
Link: http://lkml.kernel.org/r/1433323874-6927-1-git-send-email-andrew.cooper3@citrix.com
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: Kamal Mostafa <kamal@canonical.com>
---
arch/x86/kernel/cpu/common.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/arch/x86/kernel/cpu/common.c b/arch/x86/kernel/cpu/common.c
index 37c4f31..a1f7c91 100644
--- a/arch/x86/kernel/cpu/common.c
+++ b/arch/x86/kernel/cpu/common.c
@@ -280,10 +280,9 @@ __setup("nosmap", setup_disable_smap);
static __always_inline void setup_smap(struct cpuinfo_x86 *c)
{
- unsigned long eflags;
+ unsigned long eflags = native_save_fl();
/* This should have been cleared long ago */
- raw_local_save_flags(eflags);
BUG_ON(eflags & X86_EFLAGS_AC);
if (cpu_has(c, X86_FEATURE_SMAP)) {
--
1.9.1
WARNING: multiple messages have this Message-ID (diff)
From: Kamal Mostafa <kamal@canonical.com>
To: linux-kernel@vger.kernel.org, stable@vger.kernel.org,
kernel-team@lists.ubuntu.com
Cc: lguest@lists.ozlabs.org,
Andrew Cooper <andrew.cooper3@citrix.com>,
Kamal Mostafa <kamal@canonical.com>,
Rusty Russell <rusty@rustcorp.com.au>,
Xen-devel <xen-devel@lists.xen.org>,
Boris Ostrovsky <boris.ostrovsky@oracle.com>,
Thomas Gleixner <tglx@linutronix.de>
Subject: [PATCH 3.13.y-ckt 24/78] x86/cpu: Fix SMAP check in PVOPS environments
Date: Wed, 16 Dec 2015 16:39:08 -0800 [thread overview]
Message-ID: <1450312802-4938-25-git-send-email-kamal@canonical.com> (raw)
In-Reply-To: <1450312802-4938-1-git-send-email-kamal@canonical.com>
3.13.11-ckt32 -stable review patch. If anyone has any objections, please let me know.
------------------
From: Andrew Cooper <andrew.cooper3@citrix.com>
commit 581b7f158fe0383b492acd1ce3fb4e99d4e57808 upstream.
There appears to be no formal statement of what pv_irq_ops.save_fl() is
supposed to return precisely. Native returns the full flags, while lguest and
Xen only return the Interrupt Flag, and both have comments by the
implementations stating that only the Interrupt Flag is looked at. This may
have been true when initially implemented, but no longer is.
To make matters worse, the Xen PVOP leaves the upper bits undefined, making
the BUG_ON() undefined behaviour. Experimentally, this now trips for 32bit PV
guests on Broadwell hardware. The BUG_ON() is consistent for an individual
build, but not consistent for all builds. It has also been a sitting timebomb
since SMAP support was introduced.
Use native_save_fl() instead, which will obtain an accurate view of the AC
flag.
Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
Reviewed-by: David Vrabel <david.vrabel@citrix.com>
Tested-by: Rusty Russell <rusty@rustcorp.com.au>
Cc: Rusty Russell <rusty@rustcorp.com.au>
Cc: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Cc: Boris Ostrovsky <boris.ostrovsky@oracle.com>
Cc: <lguest@lists.ozlabs.org>
Cc: Xen-devel <xen-devel@lists.xen.org>
Link: http://lkml.kernel.org/r/1433323874-6927-1-git-send-email-andrew.cooper3@citrix.com
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: Kamal Mostafa <kamal@canonical.com>
---
arch/x86/kernel/cpu/common.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/arch/x86/kernel/cpu/common.c b/arch/x86/kernel/cpu/common.c
index 37c4f31..a1f7c91 100644
--- a/arch/x86/kernel/cpu/common.c
+++ b/arch/x86/kernel/cpu/common.c
@@ -280,10 +280,9 @@ __setup("nosmap", setup_disable_smap);
static __always_inline void setup_smap(struct cpuinfo_x86 *c)
{
- unsigned long eflags;
+ unsigned long eflags = native_save_fl();
/* This should have been cleared long ago */
- raw_local_save_flags(eflags);
BUG_ON(eflags & X86_EFLAGS_AC);
if (cpu_has(c, X86_FEATURE_SMAP)) {
--
1.9.1
next prev parent reply other threads:[~2015-12-17 1:02 UTC|newest]
Thread overview: 84+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-12-17 0:38 [3.13.y-ckt stable] Linux 3.13.11-ckt32 stable review Kamal Mostafa
2015-12-17 0:38 ` [PATCH 3.13.y-ckt 01/78] tty: fix stall caused by missing memory barrier in drivers/tty/n_tty.c Kamal Mostafa
2015-12-17 0:38 ` [PATCH 3.13.y-ckt 02/78] stackprotector: Unify the HAVE_CC_STACKPROTECTOR logic between architectures Kamal Mostafa
2015-12-17 0:38 ` Kamal Mostafa
2015-12-17 0:38 ` Kamal Mostafa
2015-12-17 0:38 ` [PATCH 3.13.y-ckt 03/78] stackprotector: Introduce CONFIG_CC_STACKPROTECTOR_STRONG Kamal Mostafa
2015-12-17 0:38 ` Kamal Mostafa
2015-12-17 0:38 ` Kamal Mostafa
2015-12-17 0:38 ` [PATCH 3.13.y-ckt 04/78] iio: lpc32xx_adc: fix warnings caused by enabling unprepared clock Kamal Mostafa
2015-12-17 0:38 ` [PATCH 3.13.y-ckt 05/78] iio:ad5064: Make sure ad5064_i2c_write() returns 0 on success Kamal Mostafa
2015-12-17 0:38 ` [PATCH 3.13.y-ckt 06/78] iio: ad5064: Fix ad5629/ad5669 shift Kamal Mostafa
2015-12-17 0:38 ` [PATCH 3.13.y-ckt 07/78] iio:ad7793: Fix ad7785 product ID Kamal Mostafa
2015-12-17 0:38 ` [PATCH 3.13.y-ckt 08/78] x86/fpu: Fix 32-bit signal frame handling Kamal Mostafa
2015-12-17 0:38 ` [PATCH 3.13.y-ckt 09/78] ALSA: usb-audio: add packet size quirk for the Medeli DD305 Kamal Mostafa
2015-12-17 0:38 ` [PATCH 3.13.y-ckt 10/78] ALSA: usb-audio: prevent CH345 multiport output SysEx corruption Kamal Mostafa
2015-12-17 0:38 ` [PATCH 3.13.y-ckt 11/78] ALSA: usb-audio: work around CH345 input " Kamal Mostafa
2015-12-17 0:38 ` [PATCH 3.13.y-ckt 12/78] USB: serial: option: add support for Novatel MiFi USB620L Kamal Mostafa
2015-12-17 0:38 ` [PATCH 3.13.y-ckt 13/78] USB: ti_usb_3410_5052: Add Honeywell HGI80 ID Kamal Mostafa
2015-12-17 0:38 ` [PATCH 3.13.y-ckt 14/78] ASoC: wm8962: correct addresses for HPF_C_0/1 Kamal Mostafa
2015-12-17 0:38 ` [PATCH 3.13.y-ckt 15/78] mac80211: mesh: fix call_rcu() usage Kamal Mostafa
2015-12-17 0:39 ` [PATCH 3.13.y-ckt 16/78] usb: dwc3: gadget: let us set lower max_speed Kamal Mostafa
2015-12-17 0:39 ` [PATCH 3.13.y-ckt 17/78] dm: fix ioctl retry termination with signal Kamal Mostafa
2015-12-17 0:39 ` [PATCH 3.13.y-ckt 18/78] usb: chipidea: debug: disable usb irq while role switch Kamal Mostafa
2015-12-17 0:39 ` [PATCH 3.13.y-ckt 19/78] MIPS: KVM: Fix ASID restoration logic Kamal Mostafa
2015-12-17 0:39 ` [PATCH 3.13.y-ckt 20/78] MIPS: KVM: Fix CACHE immediate offset sign extension Kamal Mostafa
2015-12-17 0:39 ` [PATCH 3.13.y-ckt 21/78] MIPS: KVM: Uninit VCPU in vcpu_create error path Kamal Mostafa
2015-12-17 0:39 ` [PATCH 3.13.y-ckt 22/78] xhci: Workaround to get Intel xHCI reset working more reliably Kamal Mostafa
2015-12-17 0:39 ` [PATCH 3.13.y-ckt 23/78] xhci: Fix a race in usb2 LPM resume, blocking U3 for usb2 devices Kamal Mostafa
2015-12-17 0:39 ` Kamal Mostafa [this message]
2015-12-17 0:39 ` [PATCH 3.13.y-ckt 24/78] x86/cpu: Fix SMAP check in PVOPS environments Kamal Mostafa
2015-12-17 0:39 ` [PATCH 3.13.y-ckt 25/78] ALSA: hda - Add fixup for Acer Aspire One Cloudbook 14 Kamal Mostafa
2015-12-17 0:39 ` [PATCH 3.13.y-ckt 26/78] arm64: restore bogomips information in /proc/cpuinfo Kamal Mostafa
2015-12-17 0:39 ` [PATCH 3.13.y-ckt 27/78] USB: option: add XS Stick W100-2 from 4G Systems Kamal Mostafa
2015-12-17 0:39 ` [PATCH 3.13.y-ckt 28/78] usblp: do not set TASK_INTERRUPTIBLE before lock Kamal Mostafa
2015-12-17 0:39 ` [PATCH 3.13.y-ckt 29/78] mac: validate mac_partition is within sector Kamal Mostafa
2015-12-17 0:39 ` [PATCH 3.13.y-ckt 30/78] ALSA: hda - Apply HP headphone fixups more generically Kamal Mostafa
2015-12-17 0:39 ` [PATCH 3.13.y-ckt 31/78] fat: fix fake_offset handling on error path Kamal Mostafa
2015-12-17 0:39 ` [PATCH 3.13.y-ckt 32/78] kernel/signal.c: unexport sigsuspend() Kamal Mostafa
2015-12-17 0:39 ` [PATCH 3.13.y-ckt 33/78] parisc: Drop unused MADV_xxxK_PAGES flags from asm/mman.h Kamal Mostafa
2015-12-17 0:39 ` [PATCH 3.13.y-ckt 34/78] can: sja1000: clear interrupts on start Kamal Mostafa
2015-12-17 0:39 ` [PATCH 3.13.y-ckt 35/78] powerpc/tm: Block signal return setting invalid MSR state Kamal Mostafa
2015-12-17 0:39 ` [PATCH 3.13.y-ckt 36/78] ARC: dw2 unwind: Remove falllback linear search thru FDE entries Kamal Mostafa
2015-12-17 0:39 ` [PATCH 3.13.y-ckt 37/78] fix sysvfs symlinks Kamal Mostafa
2015-12-17 0:39 ` [PATCH 3.13.y-ckt 38/78] vfs: Make sendfile(2) killable even better Kamal Mostafa
2015-12-17 0:39 ` [PATCH 3.13.y-ckt 39/78] vfs: Avoid softlockups with sendfile(2) Kamal Mostafa
2015-12-17 0:39 ` [PATCH 3.13.y-ckt 40/78] nfs4: start callback_ident at idr 1 Kamal Mostafa
2015-12-17 0:39 ` [PATCH 3.13.y-ckt 41/78] ALSA: hda - Fix headphone noise after Dell XPS 13 resume back from S3 Kamal Mostafa
2015-12-17 0:39 ` [PATCH 3.13.y-ckt 42/78] ring-buffer: Update read stamp with first real commit on page Kamal Mostafa
2015-12-17 0:39 ` [PATCH 3.13.y-ckt 43/78] arm64: KVM: Fix AArch32 to AArch64 register mapping Kamal Mostafa
2015-12-17 0:39 ` [PATCH 3.13.y-ckt 44/78] drm/radeon: make rv770_set_sw_state failures non-fatal Kamal Mostafa
2015-12-17 0:39 ` [PATCH 3.13.y-ckt 45/78] RDS: fix race condition when sending a message on unbound socket Kamal Mostafa
2015-12-17 0:39 ` [PATCH 3.13.y-ckt 46/78] btrfs: fix signed overflows in btrfs_sync_file Kamal Mostafa
2015-12-17 0:39 ` [PATCH 3.13.y-ckt 47/78] drm/radeon: make some dpm errors debug only Kamal Mostafa
2015-12-17 0:39 ` [PATCH 3.13.y-ckt 48/78] nfs: if we have no valid attrs, then don't declare the attribute cache valid Kamal Mostafa
2015-12-17 0:39 ` [PATCH 3.13.y-ckt 49/78] xen/gntdev: Grant maps should not be subject to NUMA balancing Kamal Mostafa
2015-12-17 0:39 ` [PATCH 3.13.y-ckt 50/78] iscsi-target: Fix rx_login_comp hang after login failure Kamal Mostafa
2015-12-17 0:39 ` [PATCH 3.13.y-ckt 51/78] target: Fix race for SCF_COMPARE_AND_WRITE_POST checking Kamal Mostafa
2015-12-17 0:39 ` [PATCH 3.13.y-ckt 52/78] target: fix COMPARE_AND_WRITE non zero SGL offset data corruption Kamal Mostafa
2015-12-17 0:39 ` [PATCH 3.13.y-ckt 53/78] block: Always check queue limits for cloned requests Kamal Mostafa
2015-12-17 0:39 ` [PATCH 3.13.y-ckt 54/78] Fix a memory leak in scsi_host_dev_release() Kamal Mostafa
2015-12-17 0:39 ` [PATCH 3.13.y-ckt 55/78] wan/x25: Fix use-after-free in x25_asy_open_tty() Kamal Mostafa
2015-12-17 0:39 ` [PATCH 3.13.y-ckt 56/78] sched/core: Clear the root_domain cpumasks in init_rootdomain() Kamal Mostafa
2015-12-17 0:39 ` [PATCH 3.13.y-ckt 57/78] x86/signal: Fix restart_syscall number for x32 tasks Kamal Mostafa
2015-12-17 0:39 ` [PATCH 3.13.y-ckt 58/78] mmc: remove bondage between REQ_META and reliable write Kamal Mostafa
2015-12-17 0:39 ` [PATCH 3.13.y-ckt 59/78] sctp: translate host order to network order when setting a hmacid Kamal Mostafa
2015-12-17 0:39 ` [PATCH 3.13.y-ckt 60/78] usb: musb: core: fix order of arguments to ulpi write callback Kamal Mostafa
2015-12-17 0:39 ` [PATCH 3.13.y-ckt 61/78] FS-Cache: Add missing initialization of ret in cachefiles_write_page() Kamal Mostafa
2015-12-17 0:39 ` [PATCH 3.13.y-ckt 62/78] tcp: md5: fix lockdep annotation Kamal Mostafa
2015-12-17 0:39 ` [PATCH 3.13.y-ckt 63/78] ARM: dts: Kirkwood: Fix QNAP TS219 power-off Kamal Mostafa
2015-12-17 0:39 ` [PATCH 3.13.y-ckt 64/78] isdn: Partially revert debug format string usage clean up Kamal Mostafa
2015-12-17 0:39 ` [PATCH 3.13.y-ckt 65/78] remoteproc: avoid stack overflow in debugfs file Kamal Mostafa
2015-12-17 0:39 ` [PATCH 3.13.y-ckt 66/78] net: mvneta: add configuration for MBUS windows access protection Kamal Mostafa
2015-12-17 0:39 ` [PATCH 3.13.y-ckt 67/78] net: mvneta: fix bit assignment in MVNETA_RXQ_CONFIG_REG Kamal Mostafa
2015-12-17 0:39 ` [PATCH 3.13.y-ckt 68/78] net: mvneta: fix bit assignment for RX packet irq enable Kamal Mostafa
2015-12-17 0:39 ` [PATCH 3.13.y-ckt 69/78] sched/core: Remove false-positive warning from wake_up_process() Kamal Mostafa
2015-12-17 0:39 ` [PATCH 3.13.y-ckt 70/78] packet: allow to transmit +4 byte in TX_RING slot for VLAN case Kamal Mostafa
2015-12-17 0:39 ` [PATCH 3.13.y-ckt 71/78] packet: tpacket_snd(): fix signed/unsigned comparison Kamal Mostafa
2015-12-17 0:39 ` [PATCH 3.13.y-ckt 72/78] packet: only allow extra vlan len on ethernet devices Kamal Mostafa
2015-12-17 0:39 ` [PATCH 3.13.y-ckt 73/78] packet: fix tpacket_snd max frame len Kamal Mostafa
2015-12-17 0:39 ` [PATCH 3.13.y-ckt 74/78] net/mlx4_core: Avoid returning success in case of an error flow Kamal Mostafa
2015-12-17 0:39 ` [PATCH 3.13.y-ckt 75/78] net: ip6mr: fix static mfc/dev leaks on table destruction Kamal Mostafa
2015-12-17 0:40 ` [PATCH 3.13.y-ckt 76/78] unix: avoid use-after-free in ep_remove_wait_queue Kamal Mostafa
2015-12-17 0:40 ` [PATCH 3.13.y-ckt 77/78] broadcom: fix PHY_ID_BCM5481 entry in the id table Kamal Mostafa
2015-12-17 0:40 ` [PATCH 3.13.y-ckt 78/78] net/neighbour: fix crash at dumping device-agnostic proxy entries Kamal Mostafa
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1450312802-4938-25-git-send-email-kamal@canonical.com \
--to=kamal@canonical.com \
--cc=andrew.cooper3@citrix.com \
--cc=boris.ostrovsky@oracle.com \
--cc=kernel-team@lists.ubuntu.com \
--cc=konrad.wilk@oracle.com \
--cc=lguest@lists.ozlabs.org \
--cc=linux-kernel@vger.kernel.org \
--cc=rusty@rustcorp.com.au \
--cc=stable@vger.kernel.org \
--cc=tglx@linutronix.de \
--cc=xen-devel@lists.xen.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.