• David Hildenbrand's avatar
    s390/smp: Fix calling smp_call_ipl_cpu() from ipl CPU · dda20175
    David Hildenbrand authored
    commit 60f1bf29c0b2519989927cae640cd1f50f59dc7f upstream.
    
    When calling smp_call_ipl_cpu() from the IPL CPU, we will try to read
    from pcpu_devices->lowcore. However, due to prefixing, that will result
    in reading from absolute address 0 on that CPU. We have to go via the
    actual lowcore instead.
    
    This means that right now, we will read lc->nodat_stack == 0 and
    therfore work on a very wrong stack.
    
    This BUG essentially broke rebooting under QEMU TCG (which will report
    a low address protection exception). And checking under KVM, it is
    also broken under KVM. With 1 VCPU it can be easily triggered.
    
    :/# echo 1 > /proc/sys/kernel/sysrq
    :/# echo b > /proc/sysrq-trigger
    [   28.476745] sysrq: SysRq : Resetting
    [   28.476793] Kernel stack overflow.
    [   28.476817] CPU: 0 PID: 424 Comm: sh Not tainted 5.0.0-rc1+ #13
    [   28.476820] Hardware name: IBM 2964 NE1 716 (KVM/Linux)
    [   28.476826] Krnl PSW : 0400c00180000000 0000000000115c0c (pcpu_delegate+0x12c/0x140)
    [   28.476861]            R:0 T:1 IO:0 EX:0 Key:0 M:0 W:0 P:0 AS:3 CC:0 PM:0 RI:0 EA:3
    [   28.476863] Krnl GPRS: ffffffffffffffff 0000000000000000 000000000010dff8 0000000000000000
    [   28.476864]            0000000000000000 0000000000000000 0000000000ab7090 000003e0006efbf0
    [   28.476864]            000000000010dff8 0000000000000000 0000000000000000 0000000000000000
    [   28.476865]            000000007fffc000 0000000000730408 000003e0006efc58 0000000000000000
    [   28.476887] Krnl Code: 0000000000115bfe: 4170f000            la      %r7,0(%r15)
    [   28.476887]            0000000000115c02: 41f0a000            la      %r15,0(%r10)
    [   28.476887]           #0000000000115c06: e370f0980024        stg     %r7,152(%r15)
    [   28.476887]           >0000000000115c0c: c0e5fffff86e        brasl   %r14,114ce8
    [   28.476887]            0000000000115c12: 41f07000            la      %r15,0(%r7)
    [   28.476887]            0000000000115c16: a7f4ffa8            brc     15,115b66
    [   28.476887]            0000000000115c1a: 0707                bcr     0,%r7
    [   28.476887]            0000000000115c1c: 0707                bcr     0,%r7
    [   28.476901] Call Trace:
    [   28.476902] Last Breaking-Event-Address:
    [   28.476920]  [<0000000000a01c4a>] arch_call_rest_init+0x22/0x80
    [   28.476927] Kernel panic - not syncing: Corrupt kernel stack, can't continue.
    [   28.476930] CPU: 0 PID: 424 Comm: sh Not tainted 5.0.0-rc1+ #13
    [   28.476932] Hardware name: IBM 2964 NE1 716 (KVM/Linux)
    [   28.476932] Call Trace:
    
    Fixes: 2f859d0d ("s390/smp: reduce size of struct pcpu")
    Cc: stable@vger.kernel.org # 4.0+
    Reported-by: default avatarCornelia Huck <cohuck@redhat.com>
    Signed-off-by: default avatarDavid Hildenbrand <david@redhat.com>
    Signed-off-by: default avatarMartin Schwidefsky <schwidefsky@de.ibm.com>
    Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
    dda20175
Name
Last commit
Last update
Documentation Loading commit data...
arch Loading commit data...
block Loading commit data...
certs Loading commit data...
crypto Loading commit data...
drivers Loading commit data...
firmware Loading commit data...
fs Loading commit data...
include Loading commit data...
init Loading commit data...
ipc Loading commit data...
kernel Loading commit data...
lib Loading commit data...
mm Loading commit data...
net Loading commit data...
samples Loading commit data...
scripts Loading commit data...
security Loading commit data...
sound Loading commit data...
tools Loading commit data...
usr Loading commit data...
virt Loading commit data...
.get_maintainer.ignore Loading commit data...
.gitignore Loading commit data...
.mailmap Loading commit data...
COPYING Loading commit data...
CREDITS Loading commit data...
Kbuild Loading commit data...
Kconfig Loading commit data...
MAINTAINERS Loading commit data...
Makefile Loading commit data...
README Loading commit data...
REPORTING-BUGS Loading commit data...