leandrof/linux
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
582605a429
linux/arch/powerpc/platforms/powernv
History
Nicholas Piggin e7bde88cdb powerpc/powernv: IMC fix out of bounds memory access at shutdown 
The OPAL IMC driver's shutdown handler disables nest PMU counters by
walking nodes and taking the first CPU out of their cpumask, which is
used to index into the paca (get_hard_smp_processor_id()). This does
not always do the right thing, and in particular for CPU-less nodes it
returns NR_CPUS and that overruns the paca and dereferences random
memory.

Fix it by being more careful about checking returned CPU, and only
using online CPUs. It's not clear this shutdown code makes sense after
commit 885dcd709b ("powerpc/perf: Add nest IMC PMU support"), but this
should not make things worse

Currently the bug causes us to call OPAL with a junk CPU number. A
separate patch in development to change the way pacas are allocated
escalates this bug into a crash:

  Unable to handle kernel paging request for data at address 0x2a21af1eeb000076
  Faulting instruction address: 0xc0000000000a5468
  Oops: Kernel access of bad area, sig: 11 [#1]
  ...
  NIP opal_imc_counters_shutdown+0x148/0x1d0
  LR  opal_imc_counters_shutdown+0x134/0x1d0
  Call Trace:
   opal_imc_counters_shutdown+0x134/0x1d0 (unreliable)
   platform_drv_shutdown+0x44/0x60
   device_shutdown+0x1f8/0x350
   kernel_restart_prepare+0x54/0x70
   kernel_restart+0x28/0xc0
   SyS_reboot+0x1d0/0x2c0
   system_call+0x58/0x6c

Signed-off-by: Nicholas Piggin <npiggin@gmail.com>
Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
2018-02-15 09:54:45 +11:00
..
copy-paste.h powerpc/powernv/vas: Define copy/paste interfaces 2017-08-31 14:26:38 +10:00
eeh-powernv.c powerpc/eeh: Add EEH operations to notify resume 2018-01-27 20:02:52 +11:00
idle.c powerpc/powernv: Clear LPCR[PECE1] via stop-api only for deep state offline 2017-09-20 13:30:09 +10:00
Kconfig License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
Makefile powerpc/powernv: Add platform-specific services for opencapi 2018-01-24 11:42:57 +11:00
memtrace.c powerpc/powernv: Enable removal of memory for in memory tracing 2017-08-24 22:14:38 +10:00
npu-dma.c powerpc/powernv/idoa: Remove unnecessary pcidev from pci_dn 2018-01-27 20:39:01 +11:00
ocxl.c ocxl: Add AFU interrupt support 2018-01-24 11:42:58 +11:00
opal-async.c powerpc/opal: Add opal_async_wait_response_interruptible() to opal-async 2017-11-06 20:39:28 +11:00
opal-dump.c powerpc: Use octal numbers for file permissions 2018-01-22 05:48:33 +11:00
opal-elog.c powerpc: Use octal numbers for file permissions 2018-01-22 05:48:33 +11:00
opal-flash.c powerpc: Add const to bin_attribute structures 2017-08-17 21:56:26 +10:00
opal-hmi.c powerpc-opal: Fix a typo in a comment line of two file headers 2017-10-22 12:16:36 +02:00
opal-imc.c powerpc/powernv: IMC fix out of bounds memory access at shutdown 2018-02-15 09:54:45 +11:00
opal-irqchip.c powerpc/powernv: Make opal_event_shutdown() callable from IRQ context 2017-10-06 20:03:08 +11:00
opal-kmsg.c powerpc/powernv: Fix OPAL_CONSOLE_FLUSH prototype and usages 2016-01-13 12:35:17 +11:00
opal-lpc.c powerpc: Create asm/debugfs.h and move powerpc_debugfs_root there 2017-04-11 07:46:03 +10:00
opal-memory-errors.c mm/memory_failure: Remove unused trapno from memory_failure 2018-01-23 12:17:42 -06:00
opal-msglog.c locking/atomics: COCCINELLE/treewide: Convert trivial ACCESS_ONCE() patterns to READ_ONCE()/WRITE_ONCE() 2017-10-25 11:01:08 +02:00
opal-nvram.c powerpc/powernv: Add pstore support on powernv 2015-03-23 14:06:10 +11:00
opal-power.c powerpc/powernv: Add poweroff (EPOW, DPO) events support for PowerNV platform 2015-07-16 13:34:36 +10:00
opal-powercap.c powerpc/powernv: Add support for powercap framework 2017-08-10 22:39:53 +10:00
opal-prd.c vfs: do bulk POLL* -> EPOLL* replacement 2018-02-11 14:34:03 -08:00
opal-psr.c powerpc/powernv: Add support to set power-shifting-ratio 2017-08-10 22:40:01 +10:00
opal-rtc.c powerpc/powernv: Only delay opal_rtc_read() retry when necessary 2015-12-27 19:12:40 +11:00
opal-sensor-groups.c powerpc/powernv: Add support to clear sensor groups data 2017-08-10 22:40:05 +10:00
opal-sensor.c powernv/opal-sensor: remove not needed lock 2017-11-06 20:33:56 +11:00
opal-sysparam.c powerpc: Use octal numbers for file permissions 2018-01-22 05:48:33 +11:00
opal-tracepoints.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
opal-wrappers.S powerpc/powernv: Add opal calls for opencapi 2018-01-24 11:42:56 +11:00
opal-xscom.c powerpc: Convert to using %pOF instead of full_name 2017-08-23 22:27:04 +10:00
opal.c powerpc/pseries, ps3: panic flush kernel messages before halting system 2018-01-22 11:44:24 +11:00
pci-cxl.c powerpc: Remove all usages of NO_IRQ 2016-09-20 20:57:12 +10:00
pci-ioda.c powerpc updates for 4.16 2018-02-02 10:01:04 -08:00
pci.c powerpc/powernv: Introduce new PHB type for opencapi links 2018-01-24 11:42:56 +11:00
pci.h powerpc/powernv: Introduce new PHB type for opencapi links 2018-01-24 11:42:56 +11:00
powernv.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
rng.c powerpc: Convert to using %pOF instead of full_name 2017-08-23 22:27:04 +10:00
setup.c powerpc/powernv: Check device-tree for RFI flush settings 2018-01-10 21:27:16 +11:00
smp.c powernv/kdump: Fix cases where the kdump kernel can get HMI's 2018-01-16 23:47:11 +11:00
subcore-asm.S powerpc/powernv: Add support for POWER8 split core on powernv 2014-05-28 13:35:37 +10:00
subcore.c powerpc updates for 4.13 2017-07-07 13:55:45 -07:00
subcore.h powernv/powerpc: Add winkle support for offline cpus 2014-12-15 10:46:41 +11:00
vas-debug.c powerpc/vas: Export HVWC to debugfs 2017-11-12 09:03:09 +11:00
vas-window.c powerpc/vas: Don't set uses_vas for kernel windows 2018-02-13 22:37:46 +11:00
vas.c powerpc/vas: Export chip_to_vas_id() 2017-11-21 21:02:26 +11:00
vas.h powerpc/vas: Define vas_win_id() 2017-11-12 09:03:10 +11:00