linux/arch/x86/xen
Konrad Rzeszutek Wilk b22227944b xen/mmu: On early bootup, flush the TLB when changing RO->RW bits Xen provided pagetables.
Occassionaly on a DL380 G4 the guest would crash quite early with this:

(XEN) d244:v0: unhandled page fault (ec=0003)
(XEN) Pagetable walk from ffffffff84dc7000:
(XEN)  L4[0x1ff] = 00000000c3f18067 0000000000001789
(XEN)  L3[0x1fe] = 00000000c3f14067 000000000000178d
(XEN)  L2[0x026] = 00000000dc8b2067 0000000000004def
(XEN)  L1[0x1c7] = 00100000dc8da067 0000000000004dc7
(XEN) domain_crash_sync called from entry.S
(XEN) Domain 244 (vcpu#0) crashed on cpu#3:
(XEN) ----[ Xen-4.1.3OVM  x86_64  debug=n  Not tainted ]----
(XEN) CPU:    3
(XEN) RIP:    e033:[<ffffffff81263f22>]
(XEN) RFLAGS: 0000000000000216   EM: 1   CONTEXT: pv guest
(XEN) rax: 0000000000000000   rbx: ffffffff81785f88   rcx: 000000000000003f
(XEN) rdx: 0000000000000000   rsi: 00000000dc8da063   rdi: ffffffff84dc7000

The offending code shows it to be a loop writting the value zero
(%rax) in the %rdi (the L4 provided by Xen) register:

   0: 44 00 00             add    %r8b,(%rax)
   3: 31 c0                 xor    %eax,%eax
   5: b9 40 00 00 00       mov    $0x40,%ecx
   a: 66 0f 1f 84 00 00 00 nopw   0x0(%rax,%rax,1)
  11: 00 00
  13: ff c9                 dec    %ecx
  15:* 48 89 07             mov    %rax,(%rdi)     <-- trapping instruction
  18: 48 89 47 08           mov    %rax,0x8(%rdi)
  1c: 48 89 47 10           mov    %rax,0x10(%rdi)

which fails. xen_setup_kernel_pagetable recycles some of the Xen's
page-table entries when it has switched over to its Linux page-tables.

Right before try to clear the page, we  make a hypercall to change
it from _RO to  _RW and that works (otherwise we would hit an BUG()).
And the _RW flag is set for that page:
(XEN)  L1[0x1c7] = 001000004885f067 0000000000004dc7

The error code is 3, so PFEC_page_present and PFEC_write_access, so page is
present (correct), and we tried to write to the page, but a violation
occurred. The one theory is that the the page entries in hardware
(which are cached) are not up to date with what we just set. Especially
as we have just done an CR3 write and flushed the multicalls.

This patch does solve the problem by flusing out the TLB page
entry after changing it from _RO to _RW and we don't hit this
issue anymore.

Fixed-Oracle-Bug: 16243091 [ON OCCASIONS VM START GOES INTO
'CRASH' STATE: CLEAR_PAGE+0X12 ON HP DL380 G4]
Reported-and-Tested-by: Saar Maoz <Saar.Maoz@oracle.com>
Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
2013-04-02 14:02:23 -04:00
..
apic.c xen/apic/xenbus/swiotlb/pcifront/grant/tmem: Make functions or variables static. 2012-08-21 14:50:03 -04:00
debugfs.c debugfs: Add support to print u32 array in debugfs 2012-04-17 00:18:36 -04:00
debugfs.h debugfs: Add support to print u32 array in debugfs 2012-04-17 00:18:36 -04:00
enlighten.c xen/pat: Disable PAT using pat_enabled value. 2013-02-28 09:03:00 -05:00
grant-table.c Merge commit 'v3.2-rc3' into stable/for-linus-3.3 2011-12-20 17:01:18 -05:00
irq.c xen/arm: receive Xen events on ARM 2012-09-14 13:37:32 +00:00
Kconfig Features: 2012-12-13 14:29:16 -08:00
Makefile xen/x86: Implement x86_apic_ops 2012-05-01 14:50:33 -04:00
mmu.c xen/mmu: On early bootup, flush the TLB when changing RO->RW bits Xen provided pagetables. 2013-04-02 14:02:23 -04:00
mmu.h xen: make a pile of mmu pvop functions static 2011-05-20 14:25:24 -07:00
multicalls.c xen/multicall: move *idx fields to start of mc_buffer 2011-07-18 15:43:46 -07:00
multicalls.h xen: use this_cpu_xxx replace percpu_xxx funcs 2012-01-24 12:20:24 -05:00
p2m.c Features: 2012-10-02 22:09:10 -07:00
pci-swiotlb-xen.c Merge branch 'stable/late-swiotlb.v3.3' into stable/for-linus-3.7 2012-09-22 20:01:24 -04:00
platform-pci-unplug.c xen/apic/xenbus/swiotlb/pcifront/grant/tmem: Make functions or variables static. 2012-08-21 14:50:03 -04:00
setup.c x86 idle: remove 32-bit-only "no-hlt" parameter, hlt_works_ok flag 2013-02-10 03:32:22 -05:00
smp.c xen/smp: Move the common CPU init code a bit to prep for PVH patch. 2013-02-19 21:59:47 -05:00
smp.h xen: implement apic ipi interface 2012-05-07 15:33:15 -04:00
spinlock.c xen: Send spinlock IPI to all waiters 2013-02-19 22:03:29 -05:00
suspend.c Revert "xen PVonHVM: use E820_Reserved area for shared_info" 2013-02-14 21:29:31 -05:00
time.c Merge branch 'upstream/xen-settime' of git://git.kernel.org/pub/scm/linux/kernel/git/jeremy/xen 2011-11-06 20:15:05 -08:00
trace.c xen/trace: Fix compile error when CONFIG_XEN_PRIVILEGED_GUEST is not set 2011-08-05 09:43:02 -04:00
vdso.h
vga.c xen/vga: add the xen EFI video mode support 2012-09-24 09:28:57 -04:00
xen-asm_32.S x86/xen: don't assume %ds is usable in xen_iret for 32-bit PVOPS. 2013-02-13 15:40:30 -05:00
xen-asm_64.S xen: use iret for return from 64b kernel to 32b usermode 2009-12-03 11:14:54 -08:00
xen-asm.h xen: make direct versions of irq_enable/disable/save/restore to common code 2009-02-04 16:59:04 -08:00
xen-asm.S xen: correctly check for pending events when restoring irq flags 2012-04-27 16:04:21 -04:00
xen-head.S xen/perf: Define .glob for the different hypercalls. 2012-07-30 14:27:48 -04:00
xen-ops.h Revert "xen PVonHVM: use E820_Reserved area for shared_info" 2013-02-14 21:29:31 -05:00