# git rev-parse -q --verify 8a17ea07703f5f41e8c96b123f63be4eac107374^{commit}
8a17ea07703f5f41e8c96b123f63be4eac107374
already have revision, skipping fetch
# git checkout -q -f -B kisskb 8a17ea07703f5f41e8c96b123f63be4eac107374
# git clean -qxdf
# < git log -1
# commit 8a17ea07703f5f41e8c96b123f63be4eac107374
# Author: Aneesh Kumar K.V <aneesh.kumar@linux.ibm.com>
# Date:   Wed Jan 8 11:14:22 2020 +0530
# 
#     powerpc/mm/hash: Fix sharing context ids between kernel & userspace
#     
#     Commit 0034d395f89d ("powerpc/mm/hash64: Map all the kernel regions in
#     the same 0xc range") has a bug in the definition of MIN_USER_CONTEXT.
#     
#     The result is that the context id used for the vmemmap and the lowest
#     context id handed out to userspace are the same. The context id is
#     essentially the process identifier as far as the first stage of the
#     MMU translation is concerned.
#     
#     This can result in multiple SLB entries with the same VSID (Virtual
#     Segment ID), accessible to the kernel and some random userspace
#     process that happens to get the overlapping id, which is not expected
#     eg:
#     
#       07 c00c000008000000 40066bdea7000500  1T  ESID=   c00c00  VSID=      66bdea7 LLP:100
#       12 0002000008000000 40066bdea7000d80  1T  ESID=      200  VSID=      66bdea7 LLP:100
#     
#     Even though the user process and the kernel use the same VSID, the
#     permissions in the hash page table prevent the user process from
#     reading or writing to any kernel mappings.
#     
#     It can also lead to SLB entries with different base page size
#     encodings (LLP), eg:
#     
#       05 c00c000008000000 00006bde0053b500 256M ESID=c00c00000  VSID=    6bde0053b LLP:100
#       09 0000000008000000 00006bde0053bc80 256M ESID=        0  VSID=    6bde0053b LLP:  0
#     
#     Such SLB entries can result in machine checks, eg. as seen on a G5:
#     
#       Oops: Machine check, sig: 7 [#1]
#       BE PAGE SIZE=64K MU-Hash SMP NR_CPUS=4 NUMA Power Mac
#       NIP: c00000000026f248 LR: c000000000295e58 CTR: 0000000000000000
#       REGS: c0000000erfd3d70 TRAP: 0200 Tainted: G M (5.5.0-rcl-gcc-8.2.0-00010-g228b667d8ea1)
#       MSR: 9000000000109032 <SF,HV,EE,ME,IR,DR,RI> CR: 24282048 XER: 00000000
#       DAR: c00c000000612c80 DSISR: 00000400 IRQMASK: 0
#       ...
#       NIP [c00000000026f248] .kmem_cache_free+0x58/0x140
#       LR  [c088000008295e58] .putname 8x88/0xa
#       Call Trace:
#         .putname+0xB8/0xa
#         .filename_lookup.part.76+0xbe/0x160
#         .do_faccessat+0xe0/0x380
#         system_call+0x5c/ex68
#     
#     This happens with 256MB segments and 64K pages, as the duplicate VSID
#     is hit with the first vmemmap segment and the first user segment, and
#     older 32-bit userspace maps things in the first user segment.
#     
#     On other CPUs a machine check is not seen. Instead the userspace
#     process can get stuck continuously faulting, with the fault never
#     properly serviced, due to the kernel not understanding that there is
#     already a HPTE for the address but with inaccessible permissions.
#     
#     On machines with 1T segments we've not seen the bug hit other than by
#     deliberately exercising it. That seems to be just a matter of luck
#     though, due to the typical layout of the user virtual address space
#     and the ranges of vmemmap that are typically populated.
#     
#     To fix it we add 2 to MIN_USER_CONTEXT. This ensures the lowest
#     context given to userspace doesn't overlap with the VMEMMAP context,
#     or with the context for INVALID_REGION_ID. Also add some
#     BUILD_BUG_ON()'s to check the values.
#     
#     Fixes: 0034d395f89d ("powerpc/mm/hash64: Map all the kernel regions in the same 0xc range")
#     Cc: stable@vger.kernel.org # v5.2+
#     Reported-by: Christian Marillat <marillat@debian.org>
#     Reported-by: Romain Dolbeau <romain@dolbeau.org>
#     Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.ibm.com>
#     [mpe: Account for INVALID_REGION_ID, mostly rewrite change log]
#     Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
# < /opt/cross/kisskb/korg/gcc-8.1.0-nolibc/powerpc64-linux/bin/powerpc64-linux-gcc --version
# < /opt/cross/kisskb/korg/gcc-8.1.0-nolibc/powerpc64-linux/bin/powerpc64-linux-ld --version
# < git log --format=%s --max-count=1 8a17ea07703f5f41e8c96b123f63be4eac107374
# < make -s -j 24 ARCH=powerpc O=/kisskb/build/powerpc-fixes_mpc85xx_defconfig+KVM_powerpc-gcc8 CROSS_COMPILE=/opt/cross/kisskb/korg/gcc-8.1.0-nolibc/powerpc64-linux/bin/powerpc64-linux-  mpc85xx_defconfig
# Added to kconfig CONFIG_PPC_E500MC=y
# Added to kconfig CONFIG_VIRTUALIZATION=y
# Added to kconfig CONFIG_KVM_E500MC=y
# Added to kconfig 
# yes \n | make -s -j 24 ARCH=powerpc O=/kisskb/build/powerpc-fixes_mpc85xx_defconfig+KVM_powerpc-gcc8 CROSS_COMPILE=/opt/cross/kisskb/korg/gcc-8.1.0-nolibc/powerpc64-linux/bin/powerpc64-linux-  oldconfig
yes: standard output: Broken pipe
# make -s -j 24 ARCH=powerpc O=/kisskb/build/powerpc-fixes_mpc85xx_defconfig+KVM_powerpc-gcc8 CROSS_COMPILE=/opt/cross/kisskb/korg/gcc-8.1.0-nolibc/powerpc64-linux/bin/powerpc64-linux-  
In file included from /kisskb/src/include/linux/kernel.h:11,
                 from /kisskb/src/include/linux/list.h:9,
                 from /kisskb/src/include/linux/module.h:12,
                 from /kisskb/src/drivers/net/ethernet/freescale/fs_enet/mac-scc.c:15:
/kisskb/src/drivers/net/ethernet/freescale/fs_enet/mac-scc.c: In function 'allocate_bd':
/kisskb/src/include/linux/err.h:22:49: warning: cast to pointer from integer of different size [-Wint-to-pointer-cast]
 #define IS_ERR_VALUE(x) unlikely((unsigned long)(void *)(x) >= (unsigned long)-MAX_ERRNO)
                                                 ^
/kisskb/src/include/linux/compiler.h:78:42: note: in definition of macro 'unlikely'
 # define unlikely(x) __builtin_expect(!!(x), 0)
                                          ^
/kisskb/src/drivers/net/ethernet/freescale/fs_enet/mac-scc.c:139:6: note: in expansion of macro 'IS_ERR_VALUE'
  if (IS_ERR_VALUE(fep->ring_mem_addr))
      ^~~~~~~~~~~~
In file included from /kisskb/src/include/linux/acpi.h:15,
                 from /kisskb/src/include/linux/i2c.h:13,
                 from /kisskb/src/include/uapi/linux/fb.h:6,
                 from /kisskb/src/include/linux/fb.h:6,
                 from /kisskb/src/drivers/video/fbdev/fsl-diu-fb.c:20:
/kisskb/src/drivers/video/fbdev/fsl-diu-fb.c: In function 'fsl_diu_ioctl':
/kisskb/src/include/linux/device.h:1776:2: warning: this statement may fall through [-Wimplicit-fallthrough=]
  _dev_warn(dev, dev_fmt(fmt), ##__VA_ARGS__)
  ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/kisskb/src/drivers/video/fbdev/fsl-diu-fb.c:1287:3: note: in expansion of macro 'dev_warn'
   dev_warn(info->dev,
   ^~~~~~~~
/kisskb/src/drivers/video/fbdev/fsl-diu-fb.c:1290:2: note: here
  case MFB_SET_PIXFMT:
  ^~~~
In file included from /kisskb/src/include/linux/acpi.h:15,
                 from /kisskb/src/include/linux/i2c.h:13,
                 from /kisskb/src/include/uapi/linux/fb.h:6,
                 from /kisskb/src/include/linux/fb.h:6,
                 from /kisskb/src/drivers/video/fbdev/fsl-diu-fb.c:20:
/kisskb/src/include/linux/device.h:1776:2: warning: this statement may fall through [-Wimplicit-fallthrough=]
  _dev_warn(dev, dev_fmt(fmt), ##__VA_ARGS__)
  ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/kisskb/src/drivers/video/fbdev/fsl-diu-fb.c:1296:3: note: in expansion of macro 'dev_warn'
   dev_warn(info->dev,
   ^~~~~~~~
/kisskb/src/drivers/video/fbdev/fsl-diu-fb.c:1299:2: note: here
  case MFB_GET_PIXFMT:
  ^~~~
/kisskb/src/arch/powerpc/boot/dts/fsl/mpc8541cds.dts:330.3-21: Warning (pci_device_bus_num): /pci@e0008000/i8259@19000:bus-range: PCI bus number 1 out of range, expected (0 - 0)
/kisskb/src/arch/powerpc/boot/dts/fsl/mpc8555cds.dts:330.3-21: Warning (pci_device_bus_num): /pci@e0008000/i8259@19000:bus-range: PCI bus number 1 out of range, expected (0 - 0)
INFO: Uncompressed kernel (size 0xe5f804) overlaps the address of the wrapper(0x400000)
INFO: Fixing the link_address of wrapper to (0xf00000)
INFO: Uncompressed kernel (size 0xe5f804) overlaps the address of the wrapper(0x400000)
INFO: Fixing the link_address of wrapper to (0xf00000)
INFO: Uncompressed kernel (size 0xe5f804) overlaps the address of the wrapper(0x400000)
INFO: Fixing the link_address of wrapper to (0xf00000)
INFO: Uncompressed kernel (size 0xe5f804) overlaps the address of the wrapper(0x400000)
INFO: Fixing the link_address of wrapper to (0xf00000)
INFO: Uncompressed kernel (size 0xe5f804) overlaps the address of the wrapper(0x400000)
INFO: Fixing the link_address of wrapper to (0xf00000)
INFO: Uncompressed kernel (size 0xe5f804) overlaps the address of the wrapper(0x400000)
INFO: Fixing the link_address of wrapper to (0xf00000)
INFO: Uncompressed kernel (size 0xe5f804) overlaps the address of the wrapper(0x400000)
INFO: Fixing the link_address of wrapper to (0xf00000)
INFO: Uncompressed kernel (size 0xe5f804) overlaps the address of the wrapper(0x400000)
INFO: Fixing the link_address of wrapper to (0xf00000)
INFO: Uncompressed kernel (size 0xe5f804) overlaps the address of the wrapper(0x400000)
INFO: Fixing the link_address of wrapper to (0xf00000)
INFO: Uncompressed kernel (size 0xe5f804) overlaps the address of the wrapper(0x400000)
INFO: Fixing the link_address of wrapper to (0xf00000)
INFO: Uncompressed kernel (size 0xe5f804) overlaps the address of the wrapper(0x400000)
INFO: Fixing the link_address of wrapper to (0xf00000)
INFO: Uncompressed kernel (size 0xe5f804) overlaps the address of the wrapper(0x400000)
INFO: Fixing the link_address of wrapper to (0xf00000)
INFO: Uncompressed kernel (size 0xe5f804) overlaps the address of the wrapper(0x400000)
INFO: Fixing the link_address of wrapper to (0xf00000)
INFO: Uncompressed kernel (size 0xe5f804) overlaps the address of the wrapper(0x400000)
INFO: Fixing the link_address of wrapper to (0xf00000)
INFO: Uncompressed kernel (size 0xe5f804) overlaps the address of the wrapper(0x400000)
INFO: Fixing the link_address of wrapper to (0xf00000)
INFO: Uncompressed kernel (size 0xe4f000) overlaps the address of the wrapper(0x400000)
INFO: Fixing the link_address of wrapper to (0xf00000)
Image Name:   Linux-5.5.0-rc3-g8a17ea07703f
Created:      Thu Jan 23 17:23:07 2020
Image Type:   PowerPC Linux Kernel Image (gzip compressed)
Data Size:    6760867 Bytes = 6602.41 KiB = 6.45 MiB
Load Address: 00f00000
Entry Point:  00f002b4
Image Name:   Linux-5.5.0-rc3-g8a17ea07703f
Created:      Thu Jan 23 17:23:07 2020
Image Type:   PowerPC Linux Kernel Image (gzip compressed)
Data Size:    6759686 Bytes = 6601.26 KiB = 6.45 MiB
Load Address: 00f00000
Entry Point:  00f002b4
Image Name:   Linux-5.5.0-rc3-g8a17ea07703f
Created:      Thu Jan 23 17:23:08 2020
Image Type:   PowerPC Linux Kernel Image (gzip compressed)
Data Size:    6724253 Bytes = 6566.65 KiB = 6.41 MiB
Load Address: 00000000
Entry Point:  00000000
Image Name:   Linux-5.5.0-rc3-g8a17ea07703f
Created:      Thu Jan 23 17:23:08 2020
Image Type:   PowerPC Linux Kernel Image (gzip compressed)
Data Size:    6759677 Bytes = 6601.25 KiB = 6.45 MiB
Load Address: 00f00000
Entry Point:  00f002b4
Image Name:   Linux-5.5.0-rc3-g8a17ea07703f
Created:      Thu Jan 23 17:23:08 2020
Image Type:   PowerPC Linux Kernel Image (gzip compressed)
Data Size:    6759598 Bytes = 6601.17 KiB = 6.45 MiB
Load Address: 00f00000
Entry Point:  00f00314
Image Name:   Linux-5.5.0-rc3-g8a17ea07703f
Created:      Thu Jan 23 17:23:08 2020
Image Type:   PowerPC Linux Kernel Image (gzip compressed)
Data Size:    6760934 Bytes = 6602.47 KiB = 6.45 MiB
Load Address: 00f00000
Entry Point:  00f002b4
Image Name:   Linux-5.5.0-rc3-g8a17ea07703f
Created:      Thu Jan 23 17:23:08 2020
Image Type:   PowerPC Linux Kernel Image (gzip compressed)
Data Size:    6759630 Bytes = 6601.20 KiB = 6.45 MiB
Load Address: 00f00000
Entry Point:  00f00314
Image Name:   Linux-5.5.0-rc3-g8a17ea07703f
Created:      Thu Jan 23 17:23:08 2020
Image Type:   PowerPC Linux Kernel Image (gzip compressed)
Data Size:    6760020 Bytes = 6601.58 KiB = 6.45 MiB
Load Address: 00f00000
Entry Point:  00f002b4
Image Name:   Linux-5.5.0-rc3-g8a17ea07703f
Created:      Thu Jan 23 17:23:08 2020
Image Type:   PowerPC Linux Kernel Image (gzip compressed)
Data Size:    6759620 Bytes = 6601.19 KiB = 6.45 MiB
Load Address: 00f00000
Entry Point:  00f00314
Image Name:   Linux-5.5.0-rc3-g8a17ea07703f
Created:      Thu Jan 23 17:23:09 2020
Image Type:   PowerPC Linux Kernel Image (gzip compressed)
Data Size:    6759482 Bytes = 6601.06 KiB = 6.45 MiB
Load Address: 00f00000
Entry Point:  00f002b4
Image Name:   Linux-5.5.0-rc3-g8a17ea07703f
Created:      Thu Jan 23 17:23:09 2020
Image Type:   PowerPC Linux Kernel Image (gzip compressed)
Data Size:    6759744 Bytes = 6601.31 KiB = 6.45 MiB
Load Address: 00f00000
Entry Point:  00f00314
Image Name:   Linux-5.5.0-rc3-g8a17ea07703f
Created:      Thu Jan 23 17:23:09 2020
Image Type:   PowerPC Linux Kernel Image (gzip compressed)
Data Size:    6759625 Bytes = 6601.20 KiB = 6.45 MiB
Load Address: 00f00000
Entry Point:  00f002b4
Image Name:   Linux-5.5.0-rc3-g8a17ea07703f
Created:      Thu Jan 23 17:23:09 2020
Image Type:   PowerPC Linux Kernel Image (gzip compressed)
Data Size:    6759482 Bytes = 6601.06 KiB = 6.45 MiB
Load Address: 00f00000
Entry Point:  00f002b4
Image Name:   Linux-5.5.0-rc3-g8a17ea07703f
Created:      Thu Jan 23 17:23:09 2020
Image Type:   PowerPC Linux Kernel Image (gzip compressed)
Data Size:    6760136 Bytes = 6601.70 KiB = 6.45 MiB
Load Address: 00f00000
Entry Point:  00f002b4
Image Name:   Linux-5.5.0-rc3-g8a17ea07703f
Created:      Thu Jan 23 17:23:09 2020
Image Type:   PowerPC Linux Kernel Image (gzip compressed)
Data Size:    6759717 Bytes = 6601.29 KiB = 6.45 MiB
Load Address: 00f00000
Entry Point:  00f002b4
Image Name:   Linux-5.5.0-rc3-g8a17ea07703f
Created:      Thu Jan 23 17:23:09 2020
Image Type:   PowerPC Linux Kernel Image (gzip compressed)
Data Size:    6759628 Bytes = 6601.20 KiB = 6.45 MiB
Load Address: 00f00000
Entry Point:  00f00314
Completed OK
# rm -rf /kisskb/build/powerpc-fixes_mpc85xx_defconfig+KVM_powerpc-gcc8
# Build took: 0:03:03.784822