On 06.08.2013, at 06:14, Paul Mackerras wrote: > Currently the code assumes that once we load up guest FP/VSX or VMX > state into the CPU, it stays valid in the CPU registers until we > explicitly flush it to the thread_struct. However, on POWER7, > copy_page() and memcpy() can use VMX. These functions do flush the > VMX state to the thread_struct before using VMX instructions, but if > this happens while we have guest state in the VMX registers, and we > then re-enter the guest, we don't reload the VMX state from the > thread_struct, leading to guest corruption. This has been observed > to cause guest processes to segfault. > > To fix this, we check before re-entering the guest that all of the > bits corresponding to facilities owned by the guest, as expressed > in vcpu->arch.guest_owned_ext, are set in current->thread.regs->msr. > Any bits that have been cleared correspond to facilities that have > been used by kernel code and thus flushed to the thread_struct, so > for them we reload the state from the thread_struct. > > We also need to check current->thread.regs->msr before calling > giveup_fpu() or giveup_altivec(), since if the relevant bit is > clear, the state has already been flushed to the thread_struct and > to flush it again would corrupt it. > > Signed-off-by: Paul Mackerras <paulus@xxxxxxxxx> Thanks, applied to kvm-ppc-queue. Alex -- To unsubscribe from this list: send the line "unsubscribe kvm" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
