On Mon, 7 Mar 2016 22:12:30 +1100 Paul Mackerras <paulus@xxxxxxxxxx> wrote: > Thomas Huth discovered that a guest could cause a hard hang of a > host CPU by setting the Instruction Authority Mask Register (IAMR) > to a suitable value. It turns out that this is because when the > code was added to context-switch the new special-purpose registers > (SPRs) that were added in POWER8, we forgot to add code to ensure > that they were restored to a sane value on guest exit. > > This adds code to set the those registers where a bad value could > compromise the execution of the host kernel to a suitable neutral > value on guest exit. > > Cc: stable@xxxxxxxxxxxxxxx # v3.14+ > Fixes: b73117c49364 > Reported-by: Thomas Huth <thuth@xxxxxxxxxx> > Signed-off-by: Paul Mackerras <paulus@xxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> > --- > Paolo, since this fixes a bug where a guest can cause a hard hang > of a host CPU, I'd like it to go in 4.5 if possible. > > arch/powerpc/kvm/book3s_hv_rmhandlers.S | 15 +++++++++++++++ > 1 file changed, 15 insertions(+) > > diff --git a/arch/powerpc/kvm/book3s_hv_rmhandlers.S b/arch/powerpc/kvm/book3s_hv_rmhandlers.S > index ed16182..752e915 100644 > --- a/arch/powerpc/kvm/book3s_hv_rmhandlers.S > +++ b/arch/powerpc/kvm/book3s_hv_rmhandlers.S > @@ -1370,6 +1370,20 @@ END_FTR_SECTION_IFCLR(CPU_FTR_ARCH_207S) > std r6, VCPU_ACOP(r9) > stw r7, VCPU_GUEST_PID(r9) > std r8, VCPU_WORT(r9) > + /* > + * Restore various registers to 0, where non-zero values > + * set by the guest could disrupt the host. > + */ > + li r0, 0 > + mtspr SPRN_IAMR, r0 > + mtspr SPRN_CIABR, r0 > + mtspr SPRN_DAWRX, r0 > + mtspr SPRN_TCSCR, r0 > + mtspr SPRN_WORT, r0 > + /* Set MMCRS to 1<<31 to freeze and disable the SPMC counters */ > + li r0, 1 > + sldi r0, r0, 31 > + mtspr SPRN_MMCRS, r0 > 8: > > /* Save and reset AMR and UAMOR before turning on the MMU */ > -- > 2.5.0 > -- David Gibson <dgibson@xxxxxxxxxx> Senior Software Engineer, Virtualization, Red Hat
Attachment:
pgpkUCtIfmSZC.pgp
Description: OpenPGP digital signature