From: Kamal Mostafa <kamal@canonical.com> To: linux-kernel@vger.kernel.org, stable@vger.kernel.org, kernel-team@lists.ubuntu.com Cc: Andrew Cooper <andrew.cooper3@citrix.com>, Rusty Russell <rusty@rustcorp.com.au>, Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>, Boris Ostrovsky <boris.ostrovsky@oracle.com>, <lguest@lists.ozlabs.org>, Xen-devel <xen-devel@lists.xen.org>, Thomas Gleixner <tglx@linutronix.de>, Kamal Mostafa <kamal@canonical.com> Subject: [PATCH 3.13.y-ckt 24/78] x86/cpu: Fix SMAP check in PVOPS environments Date: Wed, 16 Dec 2015 16:39:08 -0800 [thread overview] Message-ID: <1450312802-4938-25-git-send-email-kamal@canonical.com> (raw) In-Reply-To: <1450312802-4938-1-git-send-email-kamal@canonical.com> 3.13.11-ckt32 -stable review patch. If anyone has any objections, please let me know. ------------------ From: Andrew Cooper <andrew.cooper3@citrix.com> commit 581b7f158fe0383b492acd1ce3fb4e99d4e57808 upstream. There appears to be no formal statement of what pv_irq_ops.save_fl() is supposed to return precisely. Native returns the full flags, while lguest and Xen only return the Interrupt Flag, and both have comments by the implementations stating that only the Interrupt Flag is looked at. This may have been true when initially implemented, but no longer is. To make matters worse, the Xen PVOP leaves the upper bits undefined, making the BUG_ON() undefined behaviour. Experimentally, this now trips for 32bit PV guests on Broadwell hardware. The BUG_ON() is consistent for an individual build, but not consistent for all builds. It has also been a sitting timebomb since SMAP support was introduced. Use native_save_fl() instead, which will obtain an accurate view of the AC flag. Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com> Reviewed-by: David Vrabel <david.vrabel@citrix.com> Tested-by: Rusty Russell <rusty@rustcorp.com.au> Cc: Rusty Russell <rusty@rustcorp.com.au> Cc: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com> Cc: Boris Ostrovsky <boris.ostrovsky@oracle.com> Cc: <lguest@lists.ozlabs.org> Cc: Xen-devel <xen-devel@lists.xen.org> Link: http://lkml.kernel.org/r/1433323874-6927-1-git-send-email-andrew.cooper3@citrix.com Signed-off-by: Thomas Gleixner <tglx@linutronix.de> Signed-off-by: Kamal Mostafa <kamal@canonical.com> --- arch/x86/kernel/cpu/common.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/arch/x86/kernel/cpu/common.c b/arch/x86/kernel/cpu/common.c index 37c4f31..a1f7c91 100644 --- a/arch/x86/kernel/cpu/common.c +++ b/arch/x86/kernel/cpu/common.c @@ -280,10 +280,9 @@ __setup("nosmap", setup_disable_smap); static __always_inline void setup_smap(struct cpuinfo_x86 *c) { - unsigned long eflags; + unsigned long eflags = native_save_fl(); /* This should have been cleared long ago */ - raw_local_save_flags(eflags); BUG_ON(eflags & X86_EFLAGS_AC); if (cpu_has(c, X86_FEATURE_SMAP)) { -- 1.9.1
WARNING: multiple messages have this Message-ID (diff)
From: Kamal Mostafa <kamal@canonical.com> To: linux-kernel@vger.kernel.org, stable@vger.kernel.org, kernel-team@lists.ubuntu.com Cc: lguest@lists.ozlabs.org, Andrew Cooper <andrew.cooper3@citrix.com>, Kamal Mostafa <kamal@canonical.com>, Rusty Russell <rusty@rustcorp.com.au>, Xen-devel <xen-devel@lists.xen.org>, Boris Ostrovsky <boris.ostrovsky@oracle.com>, Thomas Gleixner <tglx@linutronix.de> Subject: [PATCH 3.13.y-ckt 24/78] x86/cpu: Fix SMAP check in PVOPS environments Date: Wed, 16 Dec 2015 16:39:08 -0800 [thread overview] Message-ID: <1450312802-4938-25-git-send-email-kamal@canonical.com> (raw) In-Reply-To: <1450312802-4938-1-git-send-email-kamal@canonical.com> 3.13.11-ckt32 -stable review patch. If anyone has any objections, please let me know. ------------------ From: Andrew Cooper <andrew.cooper3@citrix.com> commit 581b7f158fe0383b492acd1ce3fb4e99d4e57808 upstream. There appears to be no formal statement of what pv_irq_ops.save_fl() is supposed to return precisely. Native returns the full flags, while lguest and Xen only return the Interrupt Flag, and both have comments by the implementations stating that only the Interrupt Flag is looked at. This may have been true when initially implemented, but no longer is. To make matters worse, the Xen PVOP leaves the upper bits undefined, making the BUG_ON() undefined behaviour. Experimentally, this now trips for 32bit PV guests on Broadwell hardware. The BUG_ON() is consistent for an individual build, but not consistent for all builds. It has also been a sitting timebomb since SMAP support was introduced. Use native_save_fl() instead, which will obtain an accurate view of the AC flag. Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com> Reviewed-by: David Vrabel <david.vrabel@citrix.com> Tested-by: Rusty Russell <rusty@rustcorp.com.au> Cc: Rusty Russell <rusty@rustcorp.com.au> Cc: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com> Cc: Boris Ostrovsky <boris.ostrovsky@oracle.com> Cc: <lguest@lists.ozlabs.org> Cc: Xen-devel <xen-devel@lists.xen.org> Link: http://lkml.kernel.org/r/1433323874-6927-1-git-send-email-andrew.cooper3@citrix.com Signed-off-by: Thomas Gleixner <tglx@linutronix.de> Signed-off-by: Kamal Mostafa <kamal@canonical.com> --- arch/x86/kernel/cpu/common.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/arch/x86/kernel/cpu/common.c b/arch/x86/kernel/cpu/common.c index 37c4f31..a1f7c91 100644 --- a/arch/x86/kernel/cpu/common.c +++ b/arch/x86/kernel/cpu/common.c @@ -280,10 +280,9 @@ __setup("nosmap", setup_disable_smap); static __always_inline void setup_smap(struct cpuinfo_x86 *c) { - unsigned long eflags; + unsigned long eflags = native_save_fl(); /* This should have been cleared long ago */ - raw_local_save_flags(eflags); BUG_ON(eflags & X86_EFLAGS_AC); if (cpu_has(c, X86_FEATURE_SMAP)) { -- 1.9.1
next prev parent reply other threads:[~2015-12-17 1:02 UTC|newest] Thread overview: 84+ messages / expand[flat|nested] mbox.gz Atom feed top 2015-12-17 0:38 [3.13.y-ckt stable] Linux 3.13.11-ckt32 stable review Kamal Mostafa 2015-12-17 0:38 ` [PATCH 3.13.y-ckt 01/78] tty: fix stall caused by missing memory barrier in drivers/tty/n_tty.c Kamal Mostafa 2015-12-17 0:38 ` [PATCH 3.13.y-ckt 02/78] stackprotector: Unify the HAVE_CC_STACKPROTECTOR logic between architectures Kamal Mostafa 2015-12-17 0:38 ` Kamal Mostafa 2015-12-17 0:38 ` Kamal Mostafa 2015-12-17 0:38 ` [PATCH 3.13.y-ckt 03/78] stackprotector: Introduce CONFIG_CC_STACKPROTECTOR_STRONG Kamal Mostafa 2015-12-17 0:38 ` Kamal Mostafa 2015-12-17 0:38 ` Kamal Mostafa 2015-12-17 0:38 ` [PATCH 3.13.y-ckt 04/78] iio: lpc32xx_adc: fix warnings caused by enabling unprepared clock Kamal Mostafa 2015-12-17 0:38 ` [PATCH 3.13.y-ckt 05/78] iio:ad5064: Make sure ad5064_i2c_write() returns 0 on success Kamal Mostafa 2015-12-17 0:38 ` [PATCH 3.13.y-ckt 06/78] iio: ad5064: Fix ad5629/ad5669 shift Kamal Mostafa 2015-12-17 0:38 ` [PATCH 3.13.y-ckt 07/78] iio:ad7793: Fix ad7785 product ID Kamal Mostafa 2015-12-17 0:38 ` [PATCH 3.13.y-ckt 08/78] x86/fpu: Fix 32-bit signal frame handling Kamal Mostafa 2015-12-17 0:38 ` [PATCH 3.13.y-ckt 09/78] ALSA: usb-audio: add packet size quirk for the Medeli DD305 Kamal Mostafa 2015-12-17 0:38 ` [PATCH 3.13.y-ckt 10/78] ALSA: usb-audio: prevent CH345 multiport output SysEx corruption Kamal Mostafa 2015-12-17 0:38 ` [PATCH 3.13.y-ckt 11/78] ALSA: usb-audio: work around CH345 input " Kamal Mostafa 2015-12-17 0:38 ` [PATCH 3.13.y-ckt 12/78] USB: serial: option: add support for Novatel MiFi USB620L Kamal Mostafa 2015-12-17 0:38 ` [PATCH 3.13.y-ckt 13/78] USB: ti_usb_3410_5052: Add Honeywell HGI80 ID Kamal Mostafa 2015-12-17 0:38 ` [PATCH 3.13.y-ckt 14/78] ASoC: wm8962: correct addresses for HPF_C_0/1 Kamal Mostafa 2015-12-17 0:38 ` [PATCH 3.13.y-ckt 15/78] mac80211: mesh: fix call_rcu() usage Kamal Mostafa 2015-12-17 0:39 ` [PATCH 3.13.y-ckt 16/78] usb: dwc3: gadget: let us set lower max_speed Kamal Mostafa 2015-12-17 0:39 ` [PATCH 3.13.y-ckt 17/78] dm: fix ioctl retry termination with signal Kamal Mostafa 2015-12-17 0:39 ` [PATCH 3.13.y-ckt 18/78] usb: chipidea: debug: disable usb irq while role switch Kamal Mostafa 2015-12-17 0:39 ` [PATCH 3.13.y-ckt 19/78] MIPS: KVM: Fix ASID restoration logic Kamal Mostafa 2015-12-17 0:39 ` [PATCH 3.13.y-ckt 20/78] MIPS: KVM: Fix CACHE immediate offset sign extension Kamal Mostafa 2015-12-17 0:39 ` [PATCH 3.13.y-ckt 21/78] MIPS: KVM: Uninit VCPU in vcpu_create error path Kamal Mostafa 2015-12-17 0:39 ` [PATCH 3.13.y-ckt 22/78] xhci: Workaround to get Intel xHCI reset working more reliably Kamal Mostafa 2015-12-17 0:39 ` [PATCH 3.13.y-ckt 23/78] xhci: Fix a race in usb2 LPM resume, blocking U3 for usb2 devices Kamal Mostafa 2015-12-17 0:39 ` Kamal Mostafa [this message] 2015-12-17 0:39 ` [PATCH 3.13.y-ckt 24/78] x86/cpu: Fix SMAP check in PVOPS environments Kamal Mostafa 2015-12-17 0:39 ` [PATCH 3.13.y-ckt 25/78] ALSA: hda - Add fixup for Acer Aspire One Cloudbook 14 Kamal Mostafa 2015-12-17 0:39 ` [PATCH 3.13.y-ckt 26/78] arm64: restore bogomips information in /proc/cpuinfo Kamal Mostafa 2015-12-17 0:39 ` [PATCH 3.13.y-ckt 27/78] USB: option: add XS Stick W100-2 from 4G Systems Kamal Mostafa 2015-12-17 0:39 ` [PATCH 3.13.y-ckt 28/78] usblp: do not set TASK_INTERRUPTIBLE before lock Kamal Mostafa 2015-12-17 0:39 ` [PATCH 3.13.y-ckt 29/78] mac: validate mac_partition is within sector Kamal Mostafa 2015-12-17 0:39 ` [PATCH 3.13.y-ckt 30/78] ALSA: hda - Apply HP headphone fixups more generically Kamal Mostafa 2015-12-17 0:39 ` [PATCH 3.13.y-ckt 31/78] fat: fix fake_offset handling on error path Kamal Mostafa 2015-12-17 0:39 ` [PATCH 3.13.y-ckt 32/78] kernel/signal.c: unexport sigsuspend() Kamal Mostafa 2015-12-17 0:39 ` [PATCH 3.13.y-ckt 33/78] parisc: Drop unused MADV_xxxK_PAGES flags from asm/mman.h Kamal Mostafa 2015-12-17 0:39 ` [PATCH 3.13.y-ckt 34/78] can: sja1000: clear interrupts on start Kamal Mostafa 2015-12-17 0:39 ` [PATCH 3.13.y-ckt 35/78] powerpc/tm: Block signal return setting invalid MSR state Kamal Mostafa 2015-12-17 0:39 ` [PATCH 3.13.y-ckt 36/78] ARC: dw2 unwind: Remove falllback linear search thru FDE entries Kamal Mostafa 2015-12-17 0:39 ` [PATCH 3.13.y-ckt 37/78] fix sysvfs symlinks Kamal Mostafa 2015-12-17 0:39 ` [PATCH 3.13.y-ckt 38/78] vfs: Make sendfile(2) killable even better Kamal Mostafa 2015-12-17 0:39 ` [PATCH 3.13.y-ckt 39/78] vfs: Avoid softlockups with sendfile(2) Kamal Mostafa 2015-12-17 0:39 ` [PATCH 3.13.y-ckt 40/78] nfs4: start callback_ident at idr 1 Kamal Mostafa 2015-12-17 0:39 ` [PATCH 3.13.y-ckt 41/78] ALSA: hda - Fix headphone noise after Dell XPS 13 resume back from S3 Kamal Mostafa 2015-12-17 0:39 ` [PATCH 3.13.y-ckt 42/78] ring-buffer: Update read stamp with first real commit on page Kamal Mostafa 2015-12-17 0:39 ` [PATCH 3.13.y-ckt 43/78] arm64: KVM: Fix AArch32 to AArch64 register mapping Kamal Mostafa 2015-12-17 0:39 ` [PATCH 3.13.y-ckt 44/78] drm/radeon: make rv770_set_sw_state failures non-fatal Kamal Mostafa 2015-12-17 0:39 ` [PATCH 3.13.y-ckt 45/78] RDS: fix race condition when sending a message on unbound socket Kamal Mostafa 2015-12-17 0:39 ` [PATCH 3.13.y-ckt 46/78] btrfs: fix signed overflows in btrfs_sync_file Kamal Mostafa 2015-12-17 0:39 ` [PATCH 3.13.y-ckt 47/78] drm/radeon: make some dpm errors debug only Kamal Mostafa 2015-12-17 0:39 ` [PATCH 3.13.y-ckt 48/78] nfs: if we have no valid attrs, then don't declare the attribute cache valid Kamal Mostafa 2015-12-17 0:39 ` [PATCH 3.13.y-ckt 49/78] xen/gntdev: Grant maps should not be subject to NUMA balancing Kamal Mostafa 2015-12-17 0:39 ` [PATCH 3.13.y-ckt 50/78] iscsi-target: Fix rx_login_comp hang after login failure Kamal Mostafa 2015-12-17 0:39 ` [PATCH 3.13.y-ckt 51/78] target: Fix race for SCF_COMPARE_AND_WRITE_POST checking Kamal Mostafa 2015-12-17 0:39 ` [PATCH 3.13.y-ckt 52/78] target: fix COMPARE_AND_WRITE non zero SGL offset data corruption Kamal Mostafa 2015-12-17 0:39 ` [PATCH 3.13.y-ckt 53/78] block: Always check queue limits for cloned requests Kamal Mostafa 2015-12-17 0:39 ` [PATCH 3.13.y-ckt 54/78] Fix a memory leak in scsi_host_dev_release() Kamal Mostafa 2015-12-17 0:39 ` [PATCH 3.13.y-ckt 55/78] wan/x25: Fix use-after-free in x25_asy_open_tty() Kamal Mostafa 2015-12-17 0:39 ` [PATCH 3.13.y-ckt 56/78] sched/core: Clear the root_domain cpumasks in init_rootdomain() Kamal Mostafa 2015-12-17 0:39 ` [PATCH 3.13.y-ckt 57/78] x86/signal: Fix restart_syscall number for x32 tasks Kamal Mostafa 2015-12-17 0:39 ` [PATCH 3.13.y-ckt 58/78] mmc: remove bondage between REQ_META and reliable write Kamal Mostafa 2015-12-17 0:39 ` [PATCH 3.13.y-ckt 59/78] sctp: translate host order to network order when setting a hmacid Kamal Mostafa 2015-12-17 0:39 ` [PATCH 3.13.y-ckt 60/78] usb: musb: core: fix order of arguments to ulpi write callback Kamal Mostafa 2015-12-17 0:39 ` [PATCH 3.13.y-ckt 61/78] FS-Cache: Add missing initialization of ret in cachefiles_write_page() Kamal Mostafa 2015-12-17 0:39 ` [PATCH 3.13.y-ckt 62/78] tcp: md5: fix lockdep annotation Kamal Mostafa 2015-12-17 0:39 ` [PATCH 3.13.y-ckt 63/78] ARM: dts: Kirkwood: Fix QNAP TS219 power-off Kamal Mostafa 2015-12-17 0:39 ` [PATCH 3.13.y-ckt 64/78] isdn: Partially revert debug format string usage clean up Kamal Mostafa 2015-12-17 0:39 ` [PATCH 3.13.y-ckt 65/78] remoteproc: avoid stack overflow in debugfs file Kamal Mostafa 2015-12-17 0:39 ` [PATCH 3.13.y-ckt 66/78] net: mvneta: add configuration for MBUS windows access protection Kamal Mostafa 2015-12-17 0:39 ` [PATCH 3.13.y-ckt 67/78] net: mvneta: fix bit assignment in MVNETA_RXQ_CONFIG_REG Kamal Mostafa 2015-12-17 0:39 ` [PATCH 3.13.y-ckt 68/78] net: mvneta: fix bit assignment for RX packet irq enable Kamal Mostafa 2015-12-17 0:39 ` [PATCH 3.13.y-ckt 69/78] sched/core: Remove false-positive warning from wake_up_process() Kamal Mostafa 2015-12-17 0:39 ` [PATCH 3.13.y-ckt 70/78] packet: allow to transmit +4 byte in TX_RING slot for VLAN case Kamal Mostafa 2015-12-17 0:39 ` [PATCH 3.13.y-ckt 71/78] packet: tpacket_snd(): fix signed/unsigned comparison Kamal Mostafa 2015-12-17 0:39 ` [PATCH 3.13.y-ckt 72/78] packet: only allow extra vlan len on ethernet devices Kamal Mostafa 2015-12-17 0:39 ` [PATCH 3.13.y-ckt 73/78] packet: fix tpacket_snd max frame len Kamal Mostafa 2015-12-17 0:39 ` [PATCH 3.13.y-ckt 74/78] net/mlx4_core: Avoid returning success in case of an error flow Kamal Mostafa 2015-12-17 0:39 ` [PATCH 3.13.y-ckt 75/78] net: ip6mr: fix static mfc/dev leaks on table destruction Kamal Mostafa 2015-12-17 0:40 ` [PATCH 3.13.y-ckt 76/78] unix: avoid use-after-free in ep_remove_wait_queue Kamal Mostafa 2015-12-17 0:40 ` [PATCH 3.13.y-ckt 77/78] broadcom: fix PHY_ID_BCM5481 entry in the id table Kamal Mostafa 2015-12-17 0:40 ` [PATCH 3.13.y-ckt 78/78] net/neighbour: fix crash at dumping device-agnostic proxy entries Kamal Mostafa
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=1450312802-4938-25-git-send-email-kamal@canonical.com \ --to=kamal@canonical.com \ --cc=andrew.cooper3@citrix.com \ --cc=boris.ostrovsky@oracle.com \ --cc=kernel-team@lists.ubuntu.com \ --cc=konrad.wilk@oracle.com \ --cc=lguest@lists.ozlabs.org \ --cc=linux-kernel@vger.kernel.org \ --cc=rusty@rustcorp.com.au \ --cc=stable@vger.kernel.org \ --cc=tglx@linutronix.de \ --cc=xen-devel@lists.xen.org \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.