Received: by 2002:ac0:a5a7:0:0:0:0:0 with SMTP id m36-v6csp1377803imm; Sat, 4 Aug 2018 02:08:53 -0700 (PDT) X-Google-Smtp-Source: AAOMgpcdEdqh2bfhPOxq8MydhDlSxrq1ERif06973CSnST9HPhXfUNLBfYA/7qFO7HUTe8JNrw8q X-Received: by 2002:a63:ff21:: with SMTP id k33-v6mr6872491pgi.38.1533373733343; Sat, 04 Aug 2018 02:08:53 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1533373733; cv=none; d=google.com; s=arc-20160816; b=k1/ZYnQa9l1LhF99PAYVmuekPeaeiVHRF5WCfe/MHT5fRac8eQS7qzrEtLYIBH+W2g VwqRBhy8LTHKSzYyr2YgA7TOcgHq2ruDCXAokCQ3L4CajWCrpih9KwV+X/0LxCT/Xzqf 1GaZCMJjNaPIQ3Tk5ioSIANQcrjctDDNvyox5trvLX15HI4zTVRU/kSVX91cogWiJzyB PzGoYEWodhQOgrp5nPjp4W5XLAKQLnRxlwqmop6VbxgJtoDnIX4an0vpgTC3JFa0Tdb0 ZOqPLrMiyVs8Hxs4+bIn/9r+jsosEZsnwy8CPGwTzSxMsr3XiH0evJ1sdrCM8o/8q6LC 8byw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:mime-version:user-agent:references :in-reply-to:message-id:date:subject:cc:to:from :arc-authentication-results; bh=+Dc/CBQZP93rtYYBNncx966Fzsy/cz+P5QqFoO86wAY=; b=VmHJo/WQK7hw5sjG6fAguaT/os1jiGBpO0ShnKExlMKe67XIkUY9j3ozXVDQrE6AqG OudJQV0hGJz5iCHXAH1Kl2FF34ZCcuenpE/lHxiDUuaROaATrs/y2VsHV32DuXO6yZZs vpmlU2F2QPtwNz5aUc3ZAxZQtw/IckTMo50qsUZbQmc268JAFyhuZbGB45OQhiujGUNZ hB5OrDhycAvQCjJO7sPjwF6hdDuNF/WGY6eeCk1A28EkC1tzstFnwFhYAGx00r+GQPl0 n5QFVqkj4vXWqc6ZXQV+1VPjJYwhvUHX/VkG07SWXXUinxdd1CKXgK0lwtOsbvH4wQrg ZomA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id x6-v6si5338326plv.315.2018.08.04.02.08.39; Sat, 04 Aug 2018 02:08:53 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2387483AbeHDLHL (ORCPT + 99 others); Sat, 4 Aug 2018 07:07:11 -0400 Received: from mail.linuxfoundation.org ([140.211.169.12]:49330 "EHLO mail.linuxfoundation.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726754AbeHDLHL (ORCPT ); Sat, 4 Aug 2018 07:07:11 -0400 Received: from localhost (D57E6652.static.ziggozakelijk.nl [213.126.102.82]) by mail.linuxfoundation.org (Postfix) with ESMTPSA id C0A6EBBF; Sat, 4 Aug 2018 09:07:11 +0000 (UTC) From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Nicholas Piggin , Michael Ellerman , Sasha Levin Subject: [PATCH 4.4 019/124] powerpc/64s: Fix compiler store ordering to SLB shadow area Date: Sat, 4 Aug 2018 11:00:08 +0200 Message-Id: <20180804082703.160566814@linuxfoundation.org> X-Mailer: git-send-email 2.18.0 In-Reply-To: <20180804082702.434482435@linuxfoundation.org> References: <20180804082702.434482435@linuxfoundation.org> User-Agent: quilt/0.65 X-stable: review MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org 4.4-stable review patch. If anyone has any objections, please let me know. ------------------ From: Nicholas Piggin [ Upstream commit 926bc2f100c24d4842b3064b5af44ae964c1d81c ] The stores to update the SLB shadow area must be made as they appear in the C code, so that the hypervisor does not see an entry with mismatched vsid and esid. Use WRITE_ONCE for this. GCC has been observed to elide the first store to esid in the update, which means that if the hypervisor interrupts the guest after storing to vsid, it could see an entry with old esid and new vsid, which may possibly result in memory corruption. Signed-off-by: Nicholas Piggin Signed-off-by: Michael Ellerman Signed-off-by: Sasha Levin Signed-off-by: Greg Kroah-Hartman --- arch/powerpc/mm/slb.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) --- a/arch/powerpc/mm/slb.c +++ b/arch/powerpc/mm/slb.c @@ -69,14 +69,14 @@ static inline void slb_shadow_update(uns * updating it. No write barriers are needed here, provided * we only update the current CPU's SLB shadow buffer. */ - p->save_area[index].esid = 0; - p->save_area[index].vsid = cpu_to_be64(mk_vsid_data(ea, ssize, flags)); - p->save_area[index].esid = cpu_to_be64(mk_esid_data(ea, ssize, index)); + WRITE_ONCE(p->save_area[index].esid, 0); + WRITE_ONCE(p->save_area[index].vsid, cpu_to_be64(mk_vsid_data(ea, ssize, flags))); + WRITE_ONCE(p->save_area[index].esid, cpu_to_be64(mk_esid_data(ea, ssize, index))); } static inline void slb_shadow_clear(enum slb_index index) { - get_slb_shadow()->save_area[index].esid = 0; + WRITE_ONCE(get_slb_shadow()->save_area[index].esid, 0); } static inline void create_shadowed_slbe(unsigned long ea, int ssize,