linux/arch/powerpc
Michael Ellerman 78ee994637 powerpc/64s: Make rfi_flush_fallback a little more robust
Because rfi_flush_fallback runs immediately before the return to
userspace it currently runs with the user r1 (stack pointer). This
means if we oops in there we will report a bad kernel stack pointer in
the exception entry path, eg:

  Bad kernel stack pointer 7ffff7150e40 at c0000000000023b4
  Oops: Bad kernel stack pointer, sig: 6 [#1]
  LE SMP NR_CPUS=32 NUMA PowerNV
  Modules linked in:
  CPU: 0 PID: 1246 Comm: klogd Not tainted 4.18.0-rc2-gcc-7.3.1-00175-g0443f8a69ba3 #7
  NIP:  c0000000000023b4 LR: 0000000010053e00 CTR: 0000000000000040
  REGS: c0000000fffe7d40 TRAP: 4100   Not tainted  (4.18.0-rc2-gcc-7.3.1-00175-g0443f8a69ba3)
  MSR:  9000000002803031 <SF,HV,VEC,VSX,FP,ME,IR,DR,LE>  CR: 44000442  XER: 20000000
  CFAR: c00000000000bac8 IRQMASK: c0000000f1e66a80
  GPR00: 0000000002000000 00007ffff7150e40 00007fff93a99900 0000000000000020
  ...
  NIP [c0000000000023b4] rfi_flush_fallback+0x34/0x80
  LR [0000000010053e00] 0x10053e00

Although the NIP tells us where we were, and the TRAP number tells us
what happened, it would still be nicer if we could report the actual
exception rather than barfing about the stack pointer.

We an do that fairly simply by loading the kernel stack pointer on
entry and restoring the user value before returning. That way we see a
regular oops such as:

  Unrecoverable exception 4100 at c00000000000239c
  Oops: Unrecoverable exception, sig: 6 [#1]
  LE SMP NR_CPUS=32 NUMA PowerNV
  Modules linked in:
  CPU: 0 PID: 1251 Comm: klogd Not tainted 4.18.0-rc3-gcc-7.3.1-00097-g4ebfcac65acd-dirty #40
  NIP:  c00000000000239c LR: 0000000010053e00 CTR: 0000000000000040
  REGS: c0000000f1e17bb0 TRAP: 4100   Not tainted  (4.18.0-rc3-gcc-7.3.1-00097-g4ebfcac65acd-dirty)
  MSR:  9000000002803031 <SF,HV,VEC,VSX,FP,ME,IR,DR,LE>  CR: 44000442  XER: 20000000
  CFAR: c00000000000bac8 IRQMASK: 0
  ...
  NIP [c00000000000239c] rfi_flush_fallback+0x3c/0x80
  LR [0000000010053e00] 0x10053e00
  Call Trace:
  [c0000000f1e17e30] [c00000000000b9e4] system_call+0x5c/0x70 (unreliable)

Note this shouldn't make the kernel stack pointer vulnerable to a
meltdown attack, because it should be flushed from the cache before we
return to userspace. The user r1 value will be in the cache, because
we load it in the return path, but that is harmless.

Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
Reviewed-by: Nicholas Piggin <npiggin@gmail.com>
2018-08-08 00:32:27 +10:00
..
boot powerpc/dts: Use a correct at24 compatible fallback in ac14xx 2018-07-10 10:58:40 +10:00
configs powerpc: Add ppc32_allmodconfig defconfig target 2018-07-24 22:03:15 +10:00
crypto powerpc: move ASM_CONST and stringify_in_c() into asm-const.h 2018-07-30 22:48:16 +10:00
include powerpc/pseries: Query hypervisor for count cache flush settings 2018-08-08 00:32:26 +10:00
kernel powerpc/64s: Make rfi_flush_fallback a little more robust 2018-08-08 00:32:27 +10:00
kvm powerpc: remove unnecessary inclusion of asm/tlbflush.h 2018-07-30 22:48:20 +10:00
lib powerpc/asm: Add a patch_site macro & helpers for patching instructions 2018-08-08 00:32:25 +10:00
math-emu License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
mm powerpc/64s: free page table caches at exit_mmap time 2018-08-07 21:49:27 +10:00
net powerpc: move ASM_CONST and stringify_in_c() into asm-const.h 2018-07-30 22:48:16 +10:00
oprofile treewide: kzalloc() -> kcalloc() 2018-06-12 16:19:22 -07:00
perf powerpc: clean the inclusion of stringify.h 2018-07-30 22:48:17 +10:00
platforms powerpc/powernv: Query firmware for count cache flush settings 2018-08-08 00:32:27 +10:00
purgatory powerpc: move ASM_CONST and stringify_in_c() into asm-const.h 2018-07-30 22:48:16 +10:00
sysdev powerpc/xive: Remove xive_kexec_teardown_cpu() 2018-08-07 21:49:28 +10:00
tools powerpc: Add a checkpatch wrapper with our preferred settings 2018-08-07 21:49:25 +10:00
xmon powerpc: move ASM_CONST and stringify_in_c() into asm-const.h 2018-07-30 22:48:16 +10:00
Kconfig powerpc/fsl: Add barrier_nospec implementation for NXP PowerPC Book3E 2018-08-08 00:32:24 +10:00
Kconfig.debug powerpc: Add new kconfig CONFIG_PPC_IRQ_SOFT_MASK_DEBUG 2018-01-19 22:37:03 +11:00
Makefile powerpc: Add ppc64le and ppc64_book3e allmodconfig targets 2018-07-24 22:03:16 +10:00
Makefile.postlink License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00