From: "Aneesh Kumar K.V" <aneesh.kumar@linux.ibm.com>
To: paulus@ozlabs.org, kvm-ppc@vger.kernel.org
Cc: "Aneesh Kumar K.V" <aneesh.kumar@linux.ibm.com>,
linuxppc-dev@lists.ozlabs.org
Subject: [PATCH] powerpc/kvm/book3s64/nested: Fix kernel crash with nested kvm
Date: Thu, 11 Jun 2020 17:31:59 +0530 [thread overview]
Message-ID: <20200611120159.680284-1-aneesh.kumar@linux.ibm.com> (raw)
__pa() do check for addr value passed and if < PAGE_OFFSET
results in BUG.
#define __pa(x) \
({ \
VIRTUAL_BUG_ON((unsigned long)(x) < PAGE_OFFSET); \
(unsigned long)(x) & 0x0fffffffffffffffUL; \
})
kvmhv_copy_tofrom_guest_radix() use a NULL value for
to/from to indicate direction of copy. Avoid calling __pa() if the
value is NULL
kernel BUG at arch/powerpc/kvm/book3s_64_mmu_radix.c:43!
cpu 0x70: Vector: 700 (Program Check) at [c0000018a2187360]
pc: c000000000161b30: __kvmhv_copy_tofrom_guest_radix+0x130/0x1f0
lr: c000000000161d5c: kvmhv_copy_from_guest_radix+0x3c/0x80
....
[c0000018a2187670] c000000000161d5c kvmhv_copy_from_guest_radix+0x3c/0x80
[c0000018a21876b0] c00000000014feb8 kvmhv_load_from_eaddr+0x48/0xc0
[c0000018a21876e0] c000000000135828 kvmppc_ld+0x98/0x1e0
[c0000018a2187780] c00000000013bc20 kvmppc_load_last_inst+0x50/0x90
[c0000018a21877b0] c00000000015e9e8 kvmppc_hv_emulate_mmio+0x288/0x2b0
[c0000018a2187810] c000000000164888 kvmppc_book3s_radix_page_fault+0xd8/0x2b0
[c0000018a21878c0] c00000000015ed8c kvmppc_book3s_hv_page_fault+0x37c/0x1050
[c0000018a2187a00] c00000000015a518 kvmppc_vcpu_run_hv+0xbb8/0x1080
[c0000018a2187b20] c00000000013d204 kvmppc_vcpu_run+0x34/0x50
[c0000018a2187b40] c00000000013949c kvm_arch_vcpu_ioctl_run+0x2fc/0x410
[c0000018a2187bd0] c00000000012a2a4 kvm_vcpu_ioctl+0x2b4/0x8f0
[c0000018a2187d50] c0000000005b12a4 ksys_ioctl+0xf4/0x150
[c0000018a2187da0] c0000000005b1328 sys_ioctl+0x28/0x80
[c0000018a2187dc0] c000000000030584 system_call_exception+0x104/0x1d0
[c0000018a2187e20] c00000000000ca68 system_call_common+0xe8/0x214
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.ibm.com>
---
arch/powerpc/kvm/book3s_64_mmu_radix.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/arch/powerpc/kvm/book3s_64_mmu_radix.c b/arch/powerpc/kvm/book3s_64_mmu_radix.c
index 02219e28b1e4..84acb4769487 100644
--- a/arch/powerpc/kvm/book3s_64_mmu_radix.c
+++ b/arch/powerpc/kvm/book3s_64_mmu_radix.c
@@ -40,7 +40,8 @@ unsigned long __kvmhv_copy_tofrom_guest_radix(int lpid, int pid,
/* Can't access quadrants 1 or 2 in non-HV mode, call the HV to do it */
if (kvmhv_on_pseries())
return plpar_hcall_norets(H_COPY_TOFROM_GUEST, lpid, pid, eaddr,
- __pa(to), __pa(from), n);
+ (to != NULL) ? __pa(to): 0,
+ (from != NULL) ? __pa(from): 0, n);
quadrant = 1;
if (!pid)
--
2.26.2
WARNING: multiple messages have this Message-ID (diff)
From: "Aneesh Kumar K.V" <aneesh.kumar@linux.ibm.com>
To: paulus@ozlabs.org, kvm-ppc@vger.kernel.org
Cc: "Aneesh Kumar K.V" <aneesh.kumar@linux.ibm.com>,
linuxppc-dev@lists.ozlabs.org
Subject: [PATCH] powerpc/kvm/book3s64/nested: Fix kernel crash with nested kvm
Date: Thu, 11 Jun 2020 12:13:59 +0000 [thread overview]
Message-ID: <20200611120159.680284-1-aneesh.kumar@linux.ibm.com> (raw)
__pa() do check for addr value passed and if < PAGE_OFFSET
results in BUG.
#define __pa(x) \
({ \
VIRTUAL_BUG_ON((unsigned long)(x) < PAGE_OFFSET); \
(unsigned long)(x) & 0x0fffffffffffffffUL; \
})
kvmhv_copy_tofrom_guest_radix() use a NULL value for
to/from to indicate direction of copy. Avoid calling __pa() if the
value is NULL
kernel BUG at arch/powerpc/kvm/book3s_64_mmu_radix.c:43!
cpu 0x70: Vector: 700 (Program Check) at [c0000018a2187360]
pc: c000000000161b30: __kvmhv_copy_tofrom_guest_radix+0x130/0x1f0
lr: c000000000161d5c: kvmhv_copy_from_guest_radix+0x3c/0x80
....
[c0000018a2187670] c000000000161d5c kvmhv_copy_from_guest_radix+0x3c/0x80
[c0000018a21876b0] c00000000014feb8 kvmhv_load_from_eaddr+0x48/0xc0
[c0000018a21876e0] c000000000135828 kvmppc_ld+0x98/0x1e0
[c0000018a2187780] c00000000013bc20 kvmppc_load_last_inst+0x50/0x90
[c0000018a21877b0] c00000000015e9e8 kvmppc_hv_emulate_mmio+0x288/0x2b0
[c0000018a2187810] c000000000164888 kvmppc_book3s_radix_page_fault+0xd8/0x2b0
[c0000018a21878c0] c00000000015ed8c kvmppc_book3s_hv_page_fault+0x37c/0x1050
[c0000018a2187a00] c00000000015a518 kvmppc_vcpu_run_hv+0xbb8/0x1080
[c0000018a2187b20] c00000000013d204 kvmppc_vcpu_run+0x34/0x50
[c0000018a2187b40] c00000000013949c kvm_arch_vcpu_ioctl_run+0x2fc/0x410
[c0000018a2187bd0] c00000000012a2a4 kvm_vcpu_ioctl+0x2b4/0x8f0
[c0000018a2187d50] c0000000005b12a4 ksys_ioctl+0xf4/0x150
[c0000018a2187da0] c0000000005b1328 sys_ioctl+0x28/0x80
[c0000018a2187dc0] c000000000030584 system_call_exception+0x104/0x1d0
[c0000018a2187e20] c00000000000ca68 system_call_common+0xe8/0x214
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.ibm.com>
---
arch/powerpc/kvm/book3s_64_mmu_radix.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/arch/powerpc/kvm/book3s_64_mmu_radix.c b/arch/powerpc/kvm/book3s_64_mmu_radix.c
index 02219e28b1e4..84acb4769487 100644
--- a/arch/powerpc/kvm/book3s_64_mmu_radix.c
+++ b/arch/powerpc/kvm/book3s_64_mmu_radix.c
@@ -40,7 +40,8 @@ unsigned long __kvmhv_copy_tofrom_guest_radix(int lpid, int pid,
/* Can't access quadrants 1 or 2 in non-HV mode, call the HV to do it */
if (kvmhv_on_pseries())
return plpar_hcall_norets(H_COPY_TOFROM_GUEST, lpid, pid, eaddr,
- __pa(to), __pa(from), n);
+ (to != NULL) ? __pa(to): 0,
+ (from != NULL) ? __pa(from): 0, n);
quadrant = 1;
if (!pid)
--
2.26.2
next reply other threads:[~2020-06-11 12:05 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-06-11 12:01 Aneesh Kumar K.V [this message]
2020-06-11 12:13 ` [PATCH] powerpc/kvm/book3s64/nested: Fix kernel crash with nested kvm Aneesh Kumar K.V
2020-06-26 4:44 ` Michael Ellerman
2020-06-26 4:44 ` Michael Ellerman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200611120159.680284-1-aneesh.kumar@linux.ibm.com \
--to=aneesh.kumar@linux.ibm.com \
--cc=kvm-ppc@vger.kernel.org \
--cc=linuxppc-dev@lists.ozlabs.org \
--cc=paulus@ozlabs.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.