# git rev-parse -q --verify 75b49620267c700f0a07fec7f27f69852db70e46^{commit} 75b49620267c700f0a07fec7f27f69852db70e46 already have revision, skipping fetch # git checkout -q -f -B kisskb 75b49620267c700f0a07fec7f27f69852db70e46 # git clean -qxdf # < git log -1 # commit 75b49620267c700f0a07fec7f27f69852db70e46 # Author: Cédric Le Goater # Date: Thu Nov 5 14:47:13 2020 +0100 # # KVM: PPC: Book3S HV: XIVE: Fix possible oops when accessing ESB page # # When accessing the ESB page of a source interrupt, the fault handler # will retrieve the page address from the XIVE interrupt 'xive_irq_data' # structure. If the associated KVM XIVE interrupt is not valid, that is # not allocated at the HW level for some reason, the fault handler will # dereference a NULL pointer leading to the oops below : # # WARNING: CPU: 40 PID: 59101 at arch/powerpc/kvm/book3s_xive_native.c:259 xive_native_esb_fault+0xe4/0x240 [kvm] # CPU: 40 PID: 59101 Comm: qemu-system-ppc Kdump: loaded Tainted: G W --------- - - 4.18.0-240.el8.ppc64le #1 # NIP: c00800000e949fac LR: c00000000044b164 CTR: c00800000e949ec8 # REGS: c000001f69617840 TRAP: 0700 Tainted: G W --------- - - (4.18.0-240.el8.ppc64le) # MSR: 9000000000029033 CR: 44044282 XER: 00000000 # CFAR: c00000000044b160 IRQMASK: 0 # GPR00: c00000000044b164 c000001f69617ac0 c00800000e96e000 c000001f69617c10 # GPR04: 05faa2b21e000080 0000000000000000 0000000000000005 ffffffffffffffff # GPR08: 0000000000000000 0000000000000001 0000000000000000 0000000000000001 # GPR12: c00800000e949ec8 c000001ffffd3400 0000000000000000 0000000000000000 # GPR16: 0000000000000000 0000000000000000 0000000000000000 0000000000000000 # GPR20: 0000000000000000 0000000000000000 c000001f5c065160 c000000001c76f90 # GPR24: c000001f06f20000 c000001f5c065100 0000000000000008 c000001f0eb98c78 # GPR28: c000001dcab40000 c000001dcab403d8 c000001f69617c10 0000000000000011 # NIP [c00800000e949fac] xive_native_esb_fault+0xe4/0x240 [kvm] # LR [c00000000044b164] __do_fault+0x64/0x220 # Call Trace: # [c000001f69617ac0] [0000000137a5dc20] 0x137a5dc20 (unreliable) # [c000001f69617b50] [c00000000044b164] __do_fault+0x64/0x220 # [c000001f69617b90] [c000000000453838] do_fault+0x218/0x930 # [c000001f69617bf0] [c000000000456f50] __handle_mm_fault+0x350/0xdf0 # [c000001f69617cd0] [c000000000457b1c] handle_mm_fault+0x12c/0x310 # [c000001f69617d10] [c00000000007ef44] __do_page_fault+0x264/0xbb0 # [c000001f69617df0] [c00000000007f8c8] do_page_fault+0x38/0xd0 # [c000001f69617e30] [c00000000000a714] handle_page_fault+0x18/0x38 # Instruction dump: # 40c2fff0 7c2004ac 2fa90000 409e0118 73e90001 41820080 e8bd0008 7c2004ac # 7ca90074 39400000 915c0000 7929d182 <0b090000> 2fa50000 419e0080 e89e0018 # ---[ end trace 66c6ff034c53f64f ]--- # xive-kvm: xive_native_esb_fault: accessing invalid ESB page for source 8 ! # # Fix that by checking the validity of the KVM XIVE interrupt structure. # # Fixes: 6520ca64cde7 ("KVM: PPC: Book3S HV: XIVE: Add a mapping for the source ESB pages") # Cc: stable@vger.kernel.org # v5.2+ # Reported-by: Greg Kurz # Signed-off-by: Cédric Le Goater # Tested-by: Greg Kurz # Signed-off-by: Michael Ellerman # Link: https://lore.kernel.org/r/20201105134713.656160-1-clg@kaod.org # < /opt/cross/kisskb/korg/gcc-8.1.0-nolibc/m68k-linux/bin/m68k-linux-gcc --version # < /opt/cross/kisskb/korg/gcc-8.1.0-nolibc/m68k-linux/bin/m68k-linux-ld --version # < git log --format=%s --max-count=1 75b49620267c700f0a07fec7f27f69852db70e46 # < make -s -j 48 ARCH=m68k O=/kisskb/build/powerpc-fixes_m68k-defconfig_m68k-gcc8 CROSS_COMPILE=/opt/cross/kisskb/korg/gcc-8.1.0-nolibc/m68k-linux/bin/m68k-linux- defconfig # < make -s -j 48 ARCH=m68k O=/kisskb/build/powerpc-fixes_m68k-defconfig_m68k-gcc8 CROSS_COMPILE=/opt/cross/kisskb/korg/gcc-8.1.0-nolibc/m68k-linux/bin/m68k-linux- help # make -s -j 48 ARCH=m68k O=/kisskb/build/powerpc-fixes_m68k-defconfig_m68k-gcc8 CROSS_COMPILE=/opt/cross/kisskb/korg/gcc-8.1.0-nolibc/m68k-linux/bin/m68k-linux- olddefconfig # make -s -j 48 ARCH=m68k O=/kisskb/build/powerpc-fixes_m68k-defconfig_m68k-gcc8 CROSS_COMPILE=/opt/cross/kisskb/korg/gcc-8.1.0-nolibc/m68k-linux/bin/m68k-linux- /kisskb/src/arch/m68k/mvme16x/config.c: In function 'mvme16x_hwclk': /kisskb/src/arch/m68k/mvme16x/config.c:439:2: warning: #warning check me! [-Wcpp] #warning check me! ^~~~~~~ /kisskb/src/arch/m68k/mvme147/config.c: In function 'mvme147_hwclk': /kisskb/src/arch/m68k/mvme147/config.c:174:2: warning: #warning check me! [-Wcpp] #warning check me! ^~~~~~~ In file included from /kisskb/src/kernel/rcu/update.c:578: /kisskb/src/kernel/rcu/tasks.h:710:13: warning: 'show_rcu_tasks_rude_gp_kthread' defined but not used [-Wunused-function] static void show_rcu_tasks_rude_gp_kthread(void) {} ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ In file included from /kisskb/src/drivers/net/ethernet/8390/xsurf100.c:48: /kisskb/src/drivers/net/ethernet/8390/lib8390.c:995:27: warning: '____alloc_ei_netdev' defined but not used [-Wunused-function] static struct net_device *____alloc_ei_netdev(int size) ^~~~~~~~~~~~~~~~~~~ /kisskb/src/drivers/net/ethernet/8390/lib8390.c:957:13: warning: '__ei_set_multicast_list' defined but not used [-Wunused-function] static void __ei_set_multicast_list(struct net_device *dev) ^~~~~~~~~~~~~~~~~~~~~~~ /kisskb/src/drivers/net/ethernet/8390/lib8390.c:857:33: warning: '__ei_get_stats' defined but not used [-Wunused-function] static struct net_device_stats *__ei_get_stats(struct net_device *dev) ^~~~~~~~~~~~~~ /kisskb/src/drivers/net/ethernet/8390/lib8390.c:512:13: warning: '__ei_poll' defined but not used [-Wunused-function] static void __ei_poll(struct net_device *dev) ^~~~~~~~~ /kisskb/src/drivers/net/ethernet/8390/lib8390.c:303:20: warning: '__ei_start_xmit' defined but not used [-Wunused-function] static netdev_tx_t __ei_start_xmit(struct sk_buff *skb, ^~~~~~~~~~~~~~~ /kisskb/src/drivers/net/ethernet/8390/lib8390.c:257:13: warning: '__ei_tx_timeout' defined but not used [-Wunused-function] static void __ei_tx_timeout(struct net_device *dev, unsigned int txqueue) ^~~~~~~~~~~~~~~ /kisskb/src/drivers/net/ethernet/8390/lib8390.c:233:12: warning: '__ei_close' defined but not used [-Wunused-function] static int __ei_close(struct net_device *dev) ^~~~~~~~~~ /kisskb/src/drivers/net/ethernet/8390/lib8390.c:204:12: warning: '__ei_open' defined but not used [-Wunused-function] static int __ei_open(struct net_device *dev) ^~~~~~~~~ In file included from /kisskb/src/arch/m68k/include/asm/atomic.h:7, from /kisskb/src/include/linux/atomic.h:7, from /kisskb/src/include/linux/cpumask.h:13, from /kisskb/src/include/linux/smp.h:13, from /kisskb/src/include/linux/lockdep.h:14, from /kisskb/src/include/linux/spinlock.h:59, from /kisskb/src/include/linux/wait.h:9, from /kisskb/src/include/linux/wait_bit.h:8, from /kisskb/src/include/linux/fs.h:6, from /kisskb/src/fs/ocfs2/file.c:13: /kisskb/src/fs/ocfs2/file.c: In function 'ocfs2_file_write_iter': /kisskb/src/arch/m68k/include/asm/cmpxchg.h:79:22: warning: value computed is not used [-Wunused-value] #define xchg(ptr,x) ((__typeof__(*(ptr)))__xchg((unsigned long)(x),(ptr),sizeof(*(ptr)))) ~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ /kisskb/src/fs/ocfs2/file.c:2419:3: note: in expansion of macro 'xchg' xchg(&iocb->ki_complete, saved_ki_complete); ^~~~ Completed OK # rm -rf /kisskb/build/powerpc-fixes_m68k-defconfig_m68k-gcc8 # Build took: 0:02:08.875252