On Fri, Jul 25 2014 at 4:29:12 pm BST, Will Deacon <will.deacon@xxxxxxx> wrote: > If the physical address of GICV isn't page-aligned, then we end up > creating a stage-2 mapping of the page containing it, which causes us to > map neighbouring memory locations directly into the guest. > > As an example, consider a platform with GICV at physical 0x2c02f000 > running a 64k-page host kernel. If qemu maps this into the guest at > 0x80010000, then guest physical addresses 0x80010000 - 0x8001efff will > map host physical region 0x2c020000 - 0x2c02efff. Accesses to these > physical regions may cause UNPREDICTABLE behaviour, for example, on the > Juno platform this will cause an SError exception to EL3, which brings > down the entire physical CPU resulting in RCU stalls / HYP panics / host > crashing / wasted weeks of debugging. > > SBSA recommends that systems alias the 4k GICV across the bounding 64k > region, in which case GICV physical could be described as 0x2c020000 in > the above scenario. > > This patch fixes the problem by failing the vgic probe if the physical > base address or the size of GICV aren't page-aligned. Note that this > generated a warning in dmesg about freeing enabled IRQs, so I had to > move the IRQ enabling later in the probe. > > Cc: Christoffer Dall <christoffer.dall@xxxxxxxxxx> > Cc: Marc Zyngier <marc.zyngier@xxxxxxx> > Cc: Gleb Natapov <gleb@xxxxxxxxxx> > Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx> > Cc: Joel Schopp <joel.schopp@xxxxxxx> > Cc: Don Dutile <ddutile@xxxxxxxxxx> > Acked-by: Peter Maydell <peter.maydell@xxxxxxxxxx> > Signed-off-by: Will Deacon <will.deacon@xxxxxxx> Looks good to me: Acked-by: Marc Zyngier <marc.zyngier@xxxxxxx> Christoffer, can you please take this as an urgent fix? Thanks, M. -- Jazz is not dead. It just smells funny. -- To unsubscribe from this list: send the line "unsubscribe kvm" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
