1. 11 6月, 2014 2 次提交
    • M
      powerpc/book3s: Add stack overflow check in machine check handler. · e75ad93a
      Mahesh Salgaonkar 提交于
      Currently machine check handler does not check for stack overflow for
      nested machine check. If we hit another MCE while inside the machine check
      handler repeatedly from same address then we get into risk of stack
      overflow which can cause huge memory corruption. This patch limits the
      nested MCE level to 4 and panic when we cross level 4.
      Signed-off-by: NMahesh Salgaonkar <mahesh@linux.vnet.ibm.com>
      Signed-off-by: NBenjamin Herrenschmidt <benh@kernel.crashing.org>
      e75ad93a
    • M
      powerpc/book3s: Fix machine check handling for unhandled errors · 2749a2f2
      Mahesh Salgaonkar 提交于
      Current code does not check for unhandled/unrecovered errors and return from
      interrupt if it is recoverable exception which in-turn triggers same machine
      check exception in a loop causing hypervisor to be unresponsive.
      
      This patch fixes this situation and forces hypervisor to panic for
      unhandled/unrecovered errors.
      
      This patch also fixes another issue where unrecoverable_exception routine
      was called in real mode in case of unrecoverable exception (MSR_RI = 0).
      This causes another exception vector 0x300 (data access) during system crash
      leading to confusion while debugging cause of the system crash.
      
      Also turn ME bit off while going down, so that when another MCE is hit during
      panic path, system will checkstop and hypervisor will get restarted cleanly
      by SP.
      
      With the above fixes we now throw correct console messages (see below) while
      crashing the system in case of unhandled/unrecoverable machine checks.
      
      --------------
      Severe Machine check interrupt [[Not recovered]
        Initiator: CPU
        Error type: UE [Instruction fetch]
          Effective address: 0000000030002864
      Oops: Machine check, sig: 7 [#1]
      SMP NR_CPUS=2048 NUMA PowerNV
      Modules linked in: bork(O) bridge stp llc kvm [last unloaded: bork]
      CPU: 36 PID: 55162 Comm: bash Tainted: G           O 3.14.0mce #1
      task: c000002d72d022d0 ti: c000000007ec0000 task.ti: c000002d72de4000
      NIP: 0000000030002864 LR: 00000000300151a4 CTR: 000000003001518c
      REGS: c000000007ec3d80 TRAP: 0200   Tainted: G           O  (3.14.0mce)
      MSR: 9000000000041002 <SF,HV,ME,RI>  CR: 28222848  XER: 20000000
      CFAR: 0000000030002838 DAR: d0000000004d0000 DSISR: 00000000 SOFTE: 1
      GPR00: 000000003001512c 0000000031f92cb0 0000000030078af0 0000000030002864
      GPR04: d0000000004d0000 0000000000000000 0000000030002864 ffffffffffffffc9
      GPR08: 0000000000000024 0000000030008af0 000000000000002c c00000000150e728
      GPR12: 9000000000041002 0000000031f90000 0000000010142550 0000000040000000
      GPR16: 0000000010143cdc 0000000000000000 00000000101306fc 00000000101424dc
      GPR20: 00000000101424e0 000000001013c6f0 0000000000000000 0000000000000000
      GPR24: 0000000010143ce0 00000000100f6440 c000002d72de7e00 c000002d72860250
      GPR28: c000002d72860240 c000002d72ac0038 0000000000000008 0000000000040000
      NIP [0000000030002864] 0x30002864
      LR [00000000300151a4] 0x300151a4
      Call Trace:
      Instruction dump:
      XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX
      XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX
      ---[ end trace 7285f0beac1e29d3 ]---
      
      Sending IPI to other CPUs
      IPI complete
      OPAL V3 detected !
      --------------
      Signed-off-by: NMahesh Salgaonkar <mahesh@linux.vnet.ibm.com>
      Signed-off-by: NBenjamin Herrenschmidt <benh@kernel.crashing.org>
      2749a2f2
  2. 23 4月, 2014 4 次提交
  3. 09 4月, 2014 1 次提交
  4. 24 3月, 2014 1 次提交
  5. 05 3月, 2014 2 次提交
  6. 30 12月, 2013 1 次提交
    • M
      powerpc: Fix "attempt to move .org backwards" error · 4e243b79
      Mahesh Salgaonkar 提交于
      With recent machine check patch series changes, The exception vectors
      starting from 0x4300 are now overflowing with allyesconfig. Fix that by
      moving machine_check_common and machine_check_handle_early code out of
      that region to make enough room for exception vector area.
      
      Fixes this build error reportes by Stephen:
      
      arch/powerpc/kernel/exceptions-64s.S: Assembler messages:
      arch/powerpc/kernel/exceptions-64s.S:958: Error: attempt to move .org backwards
      arch/powerpc/kernel/exceptions-64s.S:959: Error: attempt to move .org backwards
      arch/powerpc/kernel/exceptions-64s.S:983: Error: attempt to move .org backwards
      arch/powerpc/kernel/exceptions-64s.S:984: Error: attempt to move .org backwards
      arch/powerpc/kernel/exceptions-64s.S:1003: Error: attempt to move .org backwards
      arch/powerpc/kernel/exceptions-64s.S:1013: Error: attempt to move .org backwards
      arch/powerpc/kernel/exceptions-64s.S:1014: Error: attempt to move .org backwards
      arch/powerpc/kernel/exceptions-64s.S:1015: Error: attempt to move .org backwards
      arch/powerpc/kernel/exceptions-64s.S:1016: Error: attempt to move .org backwards
      arch/powerpc/kernel/exceptions-64s.S:1017: Error: attempt to move .org backwards
      arch/powerpc/kernel/exceptions-64s.S:1018: Error: attempt to move .org backwards
      
      [Moved the code further down as it introduced link errors due to too long
       relative branches to the masked interrupts handlers from the exception
       prologs. Also removed the useless feature section --BenH
      ]
      Signed-off-by: NMahesh Salgaonkar <mahesh@linux.vnet.ibm.com>
      Reported-by: NStephen Rothwell <sfr@canb.auug.org.au>
      Tested-by: NStephen Rothwell <sfr@canb.auug.org.au>
      Signed-off-by: NBenjamin Herrenschmidt <benh@kernel.crashing.org>
      4e243b79
  7. 05 12月, 2013 3 次提交
    • M
      powerpc/book3s: Queue up and process delayed MCE events. · b5ff4211
      Mahesh Salgaonkar 提交于
      When machine check real mode handler can not continue into host kernel
      in V mode, it returns from the interrupt and we loose MCE event which
      never gets logged. In such a situation queue up the MCE event so that
      we can log it later when we get back into host kernel with r1 pointing to
      kernel stack e.g. during syscall exit.
      Signed-off-by: NMahesh Salgaonkar <mahesh@linux.vnet.ibm.com>
      Signed-off-by: NBenjamin Herrenschmidt <benh@kernel.crashing.org>
      b5ff4211
    • M
      powerpc/book3s: Return from interrupt if coming from evil context. · 1c51089f
      Mahesh Salgaonkar 提交于
      We can get machine checks from any context. We need to make sure that
      we handle all of them correctly. If we are coming from hypervisor user-space,
      we can continue in host kernel in virtual mode to deliver the MC event.
      If we got woken up from power-saving mode then we may come in with one of
      the following state:
       a. No state loss
       b. Supervisor state loss
       c. Hypervisor state loss
      For (a) and (b), we go back to nap again. State (c) is fatal, keep spinning.
      
      For all other context which we not sure of queue up the MCE event and return
      from the interrupt.
      Signed-off-by: NMahesh Salgaonkar <mahesh@linux.vnet.ibm.com>
      Signed-off-by: NBenjamin Herrenschmidt <benh@kernel.crashing.org>
      1c51089f
    • M
      powerpc/book3s: handle machine check in Linux host. · 1e9b4507
      Mahesh Salgaonkar 提交于
      Move machine check entry point into Linux. So far we were dependent on
      firmware to decode MCE error details and handover the high level info to OS.
      
      This patch introduces early machine check routine that saves the MCE
      information (srr1, srr0, dar and dsisr) to the emergency stack. We allocate
      stack frame on emergency stack and set the r1 accordingly. This allows us to be
      prepared to take another exception without loosing context. One thing to note
      here that, if we get another machine check while ME bit is off then we risk a
      checkstop. Hence we restrict ourselves to save only MCE information and
      register saved on PACA_EXMC save are before we turn the ME bit on. We use
      paca->in_mce flag to differentiate between first entry and nested machine check
      entry which helps proper use of emergency stack. We increment paca->in_mce
      every time we enter in early machine check handler and decrement it while
      leaving. When we enter machine check early handler first time (paca->in_mce ==
      0), we are sure nobody is using MC emergency stack and allocate a stack frame
      at the start of the emergency stack. During subsequent entry (paca->in_mce >
      0), we know that r1 points inside emergency stack and we allocate separate
      stack frame accordingly. This prevents us from clobbering MCE information
      during nested machine checks.
      
      The early machine check handler changes are placed under CPU_FTR_HVMODE
      section. This makes sure that the early machine check handler will get executed
      only in hypervisor kernel.
      
      This is the code flow:
      
      		Machine Check Interrupt
      			|
      			V
      		   0x200 vector				  ME=0, IR=0, DR=0
      			|
      			V
      	+-----------------------------------------------+
      	|machine_check_pSeries_early:			| ME=0, IR=0, DR=0
      	|	Alloc frame on emergency stack		|
      	|	Save srr1, srr0, dar and dsisr on stack |
      	+-----------------------------------------------+
      			|
      		(ME=1, IR=0, DR=0, RFID)
      			|
      			V
      		machine_check_handle_early		  ME=1, IR=0, DR=0
      			|
      			V
      	+-----------------------------------------------+
      	|	machine_check_early (r3=pt_regs)	| ME=1, IR=0, DR=0
      	|	Things to do: (in next patches)		|
      	|		Flush SLB for SLB errors	|
      	|		Flush TLB for TLB errors	|
      	|		Decode and save MCE info	|
      	+-----------------------------------------------+
      			|
      	(Fall through existing exception handler routine.)
      			|
      			V
      		machine_check_pSerie			  ME=1, IR=0, DR=0
      			|
      		(ME=1, IR=1, DR=1, RFID)
      			|
      			V
      		machine_check_common			  ME=1, IR=1, DR=1
      			.
      			.
      			.
      Signed-off-by: NMahesh Salgaonkar <mahesh@linux.vnet.ibm.com>
      Signed-off-by: NBenjamin Herrenschmidt <benh@kernel.crashing.org>
      1e9b4507
  8. 17 10月, 2013 3 次提交
  9. 27 8月, 2013 2 次提交
  10. 14 8月, 2013 1 次提交
    • P
      powerpc: Fix denormalized exception handler · 630573c1
      Paul Mackerras 提交于
      The denormalized exception handler (denorm_exception_hv) has a couple
      of bugs.  If the CONFIG_PPC_DENORMALISATION option is not selected,
      or the HSRR1_DENORM bit is not set in HSRR1, we don't test whether the
      interrupt occurred within a KVM guest.  On the other hand, if the
      HSRR1_DENORM bit is set and CONFIG_PPC_DENORMALISATION is enabled,
      we corrupt the CFAR and PPR.
      
      To correct these problems, this replaces the open-coded version of
      EXCEPTION_PROLOG_1 that is there currently, and that is missing the
      saving of PPR and CFAR values to the PACA, with an instance of
      EXCEPTION_PROLOG_1.  This adds an explicit KVMTEST after testing
      whether the exception is one we can handle, and adds code to restore
      the CFAR on exit.
      Signed-off-by: NPaul Mackerras <paulus@samba.org>
      Signed-off-by: NBenjamin Herrenschmidt <benh@kernel.crashing.org>
      630573c1
  11. 09 8月, 2013 1 次提交
  12. 01 7月, 2013 4 次提交
  13. 15 6月, 2013 1 次提交
    • P
      powerpc: Fix emulation of illegal instructions on PowerNV platform · bf593907
      Paul Mackerras 提交于
      Normally, the kernel emulates a few instructions that are unimplemented
      on some processors (e.g. the old dcba instruction), or privileged (e.g.
      mfpvr).  The emulation of unimplemented instructions is currently not
      working on the PowerNV platform.  The reason is that on these machines,
      unimplemented and illegal instructions cause a hypervisor emulation
      assist interrupt, rather than a program interrupt as on older CPUs.
      Our vector for the emulation assist interrupt just calls
      program_check_exception() directly, without setting the bit in SRR1
      that indicates an illegal instruction interrupt.  This fixes it by
      making the emulation assist interrupt set that bit before calling
      program_check_interrupt().  With this, old programs that use no-longer
      implemented instructions such as dcba now work again.
      
      CC: <stable@vger.kernel.org>
      Signed-off-by: NPaul Mackerras <paulus@samba.org>
      Signed-off-by: NBenjamin Herrenschmidt <benh@kernel.crashing.org>
      bf593907
  14. 10 6月, 2013 2 次提交
  15. 30 4月, 2013 1 次提交
  16. 26 4月, 2013 2 次提交
    • P
      powerpc: Fix "attempt to move .org backwards" error · a485c709
      Paul Mackerras 提交于
      Building a 64-bit powerpc kernel with PR KVM enabled currently gives
      this error:
      
        AS      arch/powerpc/kernel/head_64.o
      arch/powerpc/kernel/exceptions-64s.S: Assembler messages:
      arch/powerpc/kernel/exceptions-64s.S:258: Error: attempt to move .org backwards
      make[2]: *** [arch/powerpc/kernel/head_64.o] Error 1
      
      This happens because the MASKABLE_EXCEPTION_PSERIES macro turns into
      33 instructions, but we only have space for 32 at the decrementer
      interrupt vector (from 0x900 to 0x980).
      
      In the code generated by the MASKABLE_EXCEPTION_PSERIES macro, we
      currently have two instances of the HMT_MEDIUM macro, which has the
      effect of setting the SMT thread priority to medium.  One is the
      first instruction, and is overwritten by a no-op on processors where
      we save the PPR (processor priority register), that is, POWER7 or
      later.  The other is after we have saved the PPR.
      
      In order to reduce the code at 0x900 by one instruction, we omit the
      first HMT_MEDIUM.  On processors without SMT this will have no effect
      since HMT_MEDIUM is a no-op there.  On POWER5 and RS64 machines this
      will mean that the first few instructions take a little longer in the
      case where a decrementer interrupt occurs when the hardware thread is
      running at low SMT priority.  On POWER6 and later machines, the
      hardware automatically boosts the thread priority when a decrementer
      interrupt is taken if the thread priority was below medium, so this
      change won't make any difference.
      
      The alternative would be to branch out of line after saving the CFAR.
      However, that would incur an extra overhead on all processors, whereas
      the approach adopted here only adds overhead on older threaded processors.
      Signed-off-by: NPaul Mackerras <paulus@samba.org>
      Signed-off-by: NBenjamin Herrenschmidt <benh@kernel.crashing.org>
      a485c709
    • M
      powerpc: Fix hardware IRQs with MMU on exceptions when HV=0 · 3e96ca7f
      Michael Neuling 提交于
      POWER8 allows us to take interrupts with the MMU on.  This gives us a
      second set of vectors offset at 0x4000.
      
      Unfortunately when coping these vectors we missed checking for MSR HV
      for hardware interrupts (0x500).  This results in us trying to use
      HSRR0/1 when HV=0, rather than SRR0/1 on HW IRQs
      
      The below fixes this to check CPU_FTR_HVMODE when patching the code at
      0x4500.
      
      Also we remove the check for CPU_FTR_ARCH_206 since relocation on IRQs
      are only available in arch 2.07 and beyond.
      
      Thanks to benh for helping find this.
      Signed-off-by: NMichael Neuling <mikey@neuling.org>
      CC: <stable@vger.kernel.org>
      Signed-off-by: NBenjamin Herrenschmidt <benh@kernel.crashing.org>
      3e96ca7f
  17. 18 4月, 2013 1 次提交
  18. 25 3月, 2013 1 次提交
  19. 17 3月, 2013 2 次提交
  20. 05 3月, 2013 1 次提交
  21. 15 2月, 2013 4 次提交
    • M
      powerpc: Hook in new transactional memory code · bc2a9408
      Michael Neuling 提交于
      This hooks the new transactional memory code into context switching, FP/VMX/VMX
      unavailable and exception return.
      Signed-off-by: NMatt Evans <matt@ozlabs.org>
      Signed-off-by: NMichael Neuling <mikey@neuling.org>
      Signed-off-by: NBenjamin Herrenschmidt <benh@kernel.crashing.org>
      bc2a9408
    • M
      powerpc: Add transactional memory unavaliable execption handler · d0c0c9a1
      Michael Neuling 提交于
      These should never happen since we always turn on MSR TM when in userspace. We
      don't do lazy TM.
      
      Hence if we hit this, we barf and kill the task as something's gone horribly
      wrong.
      Signed-off-by: NMatt Evans <matt@ozlabs.org>
      Signed-off-by: NMichael Neuling <mikey@neuling.org>
      Signed-off-by: NBenjamin Herrenschmidt <benh@kernel.crashing.org>
      d0c0c9a1
    • P
      powerpc: Save CFAR before branching in interrupt entry paths · 1707dd16
      Paul Mackerras 提交于
      Some of the interrupt vectors on 64-bit POWER server processors are
      only 32 bytes long, which is not enough for the full first-level
      interrupt handler.  For these we currently just have a branch to an
      out-of-line handler.  However, this means that we corrupt the CFAR
      (come-from address register) on POWER7 and later processors.
      
      To fix this, we split the EXCEPTION_PROLOG_1 macro into two pieces:
      EXCEPTION_PROLOG_0 contains the part up to the point where the CFAR
      is saved in the PACA, and EXCEPTION_PROLOG_1 contains the rest.  We
      then put EXCEPTION_PROLOG_0 in the short interrupt vectors before
      we branch to the out-of-line handler, which contains the rest of the
      first-level interrupt handler.  To facilitate this, we define new
      _OOL (out of line) variants of STD_EXCEPTION_PSERIES, etc.
      
      In order to get EXCEPTION_PROLOG_0 to be short enough, i.e., no more
      than 6 instructions, it was necessary to move the stores that move
      the PPR and CFAR values into the PACA into __EXCEPTION_PROLOG_1 and
      to get rid of one of the two HMT_MEDIUM instructions.  Previously
      there was a HMT_MEDIUM_PPR_DISCARD before the prolog, which was
      nop'd out on processors with the PPR (POWER7 and later), and then
      another HMT_MEDIUM inside the HMT_MEDIUM_PPR_SAVE macro call inside
      __EXCEPTION_PROLOG_1, which was nop'd out on processors without PPR.
      Now the HMT_MEDIUM inside EXCEPTION_PROLOG_0 is there unconditionally
      and the HMT_MEDIUM_PPR_DISCARD is not strictly necessary, although
      this leaves it in for the interrupt vectors where there is room for
      it.
      
      Previously we had a handler for hypervisor maintenance interrupts at
      0xe50, which doesn't leave enough room for the vector for hypervisor
      emulation assist interrupts at 0xe40, since we need 8 instructions.
      The 0xe50 vector was only used on POWER6, as the HMI vector was moved
      to 0xe60 on POWER7.  Since we don't support running in hypervisor mode
      on POWER6, we just remove the handler at 0xe50.
      
      This also changes denorm_exception_hv to use EXCEPTION_PROLOG_0
      instead of open-coding it, and removes the HMT_MEDIUM_PPR_DISCARD
      from the relocation-on vectors (since any CPU that supports
      relocation-on interrupts also has the PPR).
      Signed-off-by: NPaul Mackerras <paulus@samba.org>
      Signed-off-by: NBenjamin Herrenschmidt <benh@kernel.crashing.org>
      1707dd16
    • P
      powerpc: Remove Cell-specific relocation-on interrupt vector code · 6100209b
      Paul Mackerras 提交于
      The Cell processor doesn't support relocation-on interrupts, so we
      don't need relocation-on versions of the interrupt vectors that are
      purely Cell-specific.  This removes them.
      Signed-off-by: NPaul Mackerras <paulus@samba.org>
      Signed-off-by: NBenjamin Herrenschmidt <benh@kernel.crashing.org>
      6100209b