David Hildenbrand dda201759e s390/smp: Fix calling smp_call_ipl_cpu() from ipl CPU ... commit 60f1bf29c0b2519989927cae640cd1f50f59dc7f upstream. When calling smp_call_ipl_cpu() from the IPL CPU, we will try to read from pcpu_devices->lowcore. However, due to prefixing, that will result in reading from absolute address 0 on that CPU. We have to go via the actual lowcore instead. This means that right now, we will read lc->nodat_stack == 0 and therfore work on a very wrong stack. This BUG essentially broke rebooting under QEMU TCG (which will report a low address protection exception). And checking under KVM, it is also broken under KVM. With 1 VCPU it can be easily triggered. :/# echo 1 > /proc/sys/kernel/sysrq :/# echo b > /proc/sysrq-trigger [ 28.476745] sysrq: SysRq : Resetting [ 28.476793] Kernel stack overflow. [ 28.476817] CPU: 0 PID: 424 Comm: sh Not tainted 5.0.0-rc1+ #13 [ 28.476820] Hardware name: IBM 2964 NE1 716 (KVM/Linux) [ 28.476826] Krnl PSW : 0400c00180000000 0000000000115c0c (pcpu_delegate+0x12c/0x140) [ 28.476861] R:0 T:1 IO:0 EX:0 Key:0 M:0 W:0 P:0 AS:3 CC:0 PM:0 RI:0 EA:3 [ 28.476863] Krnl GPRS: ffffffffffffffff 0000000000000000 000000000010dff8 0000000000000000 [ 28.476864] 0000000000000000 0000000000000000 0000000000ab7090 000003e0006efbf0 [ 28.476864] 000000000010dff8 0000000000000000 0000000000000000 0000000000000000 [ 28.476865] 000000007fffc000 0000000000730408 000003e0006efc58 0000000000000000 [ 28.476887] Krnl Code: 0000000000115bfe: 4170f000 la %r7,0(%r15) [ 28.476887] 0000000000115c02: 41f0a000 la %r15,0(%r10) [ 28.476887] #0000000000115c06: e370f0980024 stg %r7,152(%r15) [ 28.476887] >0000000000115c0c: c0e5fffff86e brasl %r14,114ce8 [ 28.476887] 0000000000115c12: 41f07000 la %r15,0(%r7) [ 28.476887] 0000000000115c16: a7f4ffa8 brc 15,115b66 [ 28.476887] 0000000000115c1a: 0707 bcr 0,%r7 [ 28.476887] 0000000000115c1c: 0707 bcr 0,%r7 [ 28.476901] Call Trace: [ 28.476902] Last Breaking-Event-Address: [ 28.476920] [<0000000000a01c4a>] arch_call_rest_init+0x22/0x80 [ 28.476927] Kernel panic - not syncing: Corrupt kernel stack, can't continue. [ 28.476930] CPU: 0 PID: 424 Comm: sh Not tainted 5.0.0-rc1+ #13 [ 28.476932] Hardware name: IBM 2964 NE1 716 (KVM/Linux) [ 28.476932] Call Trace: Fixes: 2f859d0dad ("s390/smp: reduce size of struct pcpu") Cc: stable@vger.kernel.org # 4.0+ Reported-by: Cornelia Huck <cohuck@redhat.com> Signed-off-by: David Hildenbrand <david@redhat.com> Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>		2019-02-06 19:43:05 +01:00
..
vdso32	s390/vdso: add missing FORCE to build targets	2018-11-27 16:08:00 +01:00
vdso64	s390/vdso: add missing FORCE to build targets	2018-11-27 16:08:00 +01:00
.gitignore
alternative.c	s390: add automatic detection of the spectre defense	2018-04-29 07:50:04 +02:00
asm-offsets.c	s390/ftrace: use expoline for indirect branches	2018-05-30 07:49:17 +02:00
audit.c
audit.h
base.S	s390/kernel: use expoline for indirect branches	2018-05-26 08:48:59 +02:00
cache.c	s390/cachinfo: add missing facility check to init_cache_level()	2015-07-28 08:54:42 +02:00
compat_audit.c
compat_linux.c	s390: fix handling of -1 in set{,fs}[gu]id16 syscalls	2018-02-22 15:44:58 +01:00
compat_linux.h
compat_ptrace.h
compat_signal.c	s390/compat: correct restore of high gprs on signal return	2016-03-03 15:07:12 -08:00
compat_wrapper.c	s390: wire up mlock2 system call	2015-11-16 12:51:07 +01:00
cpcmd.c	s390/diag: add a statistic for diagnose calls	2015-10-14 14:32:06 +02:00
crash_dump.c	s390/kdump: Add final note	2017-05-25 14:30:09 +02:00
debug.c	s390: time: Provide read_boot_clock64() and read_persistent_clock64()	2015-05-22 10:36:29 -07:00
diag.c	s390/diag: add a s390 prefix to the diagnose trace point	2015-11-09 09:10:47 +01:00
dis.c	s390/disassembler: increase show_code buffer size	2017-11-30 08:37:18 +00:00
dumpstack.c	s390: remove 31 bit support	2015-03-25 11:49:33 +01:00
early.c	s390/early: improve machine detection	2019-02-06 19:43:03 +01:00
ebcdic.c
entry.h	s390/udelay: make udelay have busy loop semantics	2015-10-14 14:32:13 +02:00
entry.S	s390: Correct register corruption in critical section cleanup	2018-07-11 16:03:48 +02:00
ftrace.c	s390/maccess: remove potentially broken probe_kernel_write()	2015-03-25 11:49:43 +01:00
head.S	s390: remove SALIPL loader	2015-11-16 12:51:11 +01:00
head64.S	s390/cpumf: Fix lpp detection	2016-04-12 09:08:31 -07:00
head_kdump.S	s390: remove 31 bit support	2015-03-25 11:49:33 +01:00
idle.c
ipl.c	s390: add options to change branch prediction behaviour for the kernel	2018-04-29 07:50:03 +02:00
irq.c	s390: remove indirect branch from do_softirq_own_stack	2018-05-26 08:48:56 +02:00
jump_label.c	Merge branch 'locking-core-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip	2015-09-03 15:46:07 -07:00
kprobes.c	s390/maccess: remove potentially broken probe_kernel_write()	2015-03-25 11:49:43 +01:00
lgr.c
machine_kexec.c	s390: add SMT support	2015-01-22 12:16:01 +01:00
Makefile	s390: move spectre sysfs attribute code	2018-05-26 08:48:59 +02:00
mcount.S	s390/ftrace: use expoline for indirect branches	2018-05-30 07:49:17 +02:00
module.c	s390: correct module section names for expoline code revert	2018-04-29 07:50:04 +02:00
nmi.c	s390/nmi: reduce size of percpu variable	2015-10-27 09:33:57 +01:00
nospec-branch.c	s390: extend expoline to BC instructions	2018-05-26 08:48:59 +02:00
nospec-sysfs.c	s390: move spectre sysfs attribute code	2018-05-26 08:48:59 +02:00
os_info.c
perf_cpum_cf.c	s390/cpum_cf: Reject request for sampling in event initialization	2018-12-17 21:55:09 +01:00
perf_cpum_cf_events.c
perf_cpum_sf.c	s390/cpum_sf: ensure sample frequency of perf event attributes is non-zero	2018-05-26 08:48:55 +02:00
perf_event.c
pgm_check.S	s390: remove 31 bit support	2015-03-25 11:49:33 +01:00
process.c	s390/runtime instrumentation: simplify task exit handling	2017-12-09 18:42:38 +01:00
processor.c	s390: run user space and KVM guests with modified branch prediction	2018-04-29 07:50:03 +02:00
ptrace.c	s390/ptrace: Preserve previous registers for short regset write	2017-02-01 08:30:52 +01:00
reipl.S	s390/kernel: use expoline for indirect branches	2018-05-26 08:48:59 +02:00
relocate_kernel.S	s390: remove "64" suffix from a couple of files	2015-03-25 11:49:34 +01:00
runtime_instr.c	s390/runtime instrumentation: simplify task exit handling	2017-12-09 18:42:38 +01:00
s390_ksyms.c	s390/fpu: split fpu-internal.h into fpu internals, api, and type headers	2015-10-16 09:41:12 +02:00
sclp.c	s390/sclp: _sclp_wait_int(): retain full PSW mask	2015-11-12 13:08:00 +01:00
setup.c	s390/early: improve machine detection	2019-02-06 19:43:03 +01:00
signal.c	s390/fpu: always enable the vector facility if it is available	2015-10-14 14:32:08 +02:00
smp.c	s390/smp: Fix calling smp_call_ipl_cpu() from ipl CPU	2019-02-06 19:43:05 +01:00
stacktrace.c
suspend.c	PCI: Include <linux/pci.h>, not <asm/pci.h>	2015-06-08 07:55:03 -05:00
swsusp.S	s390/kernel: use expoline for indirect branches	2018-05-26 08:48:59 +02:00
sys_s390.c	s390: remove 31 bit support	2015-03-25 11:49:33 +01:00
syscalls.S	s390: fix compat system call table	2017-12-16 10:33:49 +01:00
sysinfo.c	Fairly small update, but there are some interesting new features.	2015-02-13 09:55:09 -08:00
time.c	s390/etr,stp: fix possible deadlock on machine check	2015-10-14 14:32:18 +02:00
topology.c	s390/topology: reduce per_cpu() invocations	2015-10-27 09:34:39 +01:00
trace.c	s390/diag: add a s390 prefix to the diagnose trace point	2015-11-09 09:10:47 +01:00
traps.c	s390/fpu: split fpu-internal.h into fpu internals, api, and type headers	2015-10-16 09:41:12 +02:00
uprobes.c	s390/uprobes: implement arch_uretprobe_is_alive()	2018-04-29 07:50:07 +02:00
vdso.c	s390/vdso: use correct memory barrier	2015-10-14 14:32:01 +02:00
vmlinux.lds.S	s390: introduce execute-trampolines for branches	2018-04-29 07:50:03 +02:00
vtime.c	s390/vtime: correct scaled cputime of partially idle CPUs	2015-09-30 16:22:38 +02:00