On Fri, May 11, 2018 at 04:35:34PM +1000, Paul Mackerras wrote: > commit a8b48a4dccea77e29462e59f1dbf0d5aa1ff167c upstream. > > This fixes a bug where the trap number that is returned by > __kvmppc_vcore_entry gets corrupted. The effect of the corruption > is that IPIs get ignored on POWER9 systems when the IPI is sent via > a doorbell interrupt to a CPU which is executing in a KVM guest. > The effect of the IPI being ignored is often that another CPU locks > up inside smp_call_function_many() (and if that CPU is holding a > spinlock, other CPUs then lock up inside raw_spin_lock()). > > The trap number is currently held in register r12 for most of the > assembly-language part of the guest exit path. In that path, we > call kvmppc_subcore_exit_guest(), which is a C function, without > restoring r12 afterwards. Depending on the kernel config and the > compiler, it may modify r12 or it may not, so some config/compiler > combinations see the bug and others don't. > > To fix this, we arrange for the trap number to be stored on the > stack from the point where kvmhv_commence_exit is called until the > end of the function, then the trap number is loaded and returned in > r12 as before. > > Cc: stable@xxxxxxxxxxxxxxx # v4.8+ > Fixes: fd7bacbca47a ("KVM: PPC: Book3S HV: Fix TB corruption in guest exit path on HMI interrupt") > Signed-off-by: Paul Mackerras <paulus@xxxxxxxxxx> > --- > arch/powerpc/kvm/book3s_hv_rmhandlers.S | 8 +++++--- > 1 file changed, 5 insertions(+), 3 deletions(-) Now applied, thanks. greg k-h