[PATCH 4.16 07/47] x86/MCE/AMD: Cache SMCA MISC block addresses

From: Greg Kroah-Hartman
Date: Mon Jun 04 2018 - 03:16:33 EST

Next message: bigeasy@xxxxxxxxxxxxx: "Re: [PATCH 1/2] target: drop spin_lock_assert() + irqs_disabled() combo checks"
Previous message: Geert Uytterhoeven: "Re: [PATCH v3 01/10] mfd: da9063: Fix failpath in core"
In reply to: Greg Kroah-Hartman: "[PATCH 4.16 05/47] objtool: Fix "noreturn" detection for recursive sibling calls"
Next in thread: Greg Kroah-Hartman: "[PATCH 4.16 02/47] objtool: Support GCC 8 switch tables"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

4.16-stable review patch. If anyone has any objections, please let me know.

------------------

From: Borislav Petkov <bp@xxxxxxx>

commit 78ce241099bb363b19dbd0245442e66c8de8f567 upstream.

... into a global, two-dimensional array and service subsequent reads from
that cache to avoid rdmsr_on_cpu() calls during CPU hotplug (IPIs with IRQs
disabled).

In addition, this fixes a KASAN slab-out-of-bounds read due to wrong usage
of the bank->blocks pointer.

Fixes: 27bd59502702 ("x86/mce/AMD: Get address from already initialized block")
Reported-by: Johannes Hirte <johannes.hirte@xxxxxxxxxxxxx>
Tested-by: Johannes Hirte <johannes.hirte@xxxxxxxxxxxxx>
Signed-off-by: Borislav Petkov <bp@xxxxxxx>
Signed-off-by: Thomas Gleixner <tglx@xxxxxxxxxxxxx>
Cc: Yazen Ghannam <yazen.ghannam@xxxxxxx>
Link: http://lkml.kernel.org/r/20180414004230.GA2033@probook
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>

---
arch/x86/kernel/cpu/mcheck/mce_amd.c | 29 ++++++++++++++---------------
1 file changed, 14 insertions(+), 15 deletions(-)

--- a/arch/x86/kernel/cpu/mcheck/mce_amd.c
+++ b/arch/x86/kernel/cpu/mcheck/mce_amd.c
@@ -94,6 +94,11 @@ static struct smca_bank_name smca_names[
[SMCA_SMU] = { "smu", "System Management Unit" },
};

+static u32 smca_bank_addrs[MAX_NR_BANKS][NR_BLOCKS] __ro_after_init =
+{
+ [0 ... MAX_NR_BANKS - 1] = { [0 ... NR_BLOCKS - 1] = -1 }
+};
+
const char *smca_get_name(enum smca_bank_types t)
{
if (t >= N_SMCA_BANK_TYPES)
@@ -443,20 +448,26 @@ static u32 smca_get_block_address(unsign
if (!block)
return MSR_AMD64_SMCA_MCx_MISC(bank);

+ /* Check our cache first: */
+ if (smca_bank_addrs[bank][block] != -1)
+ return smca_bank_addrs[bank][block];
+
/*
* For SMCA enabled processors, BLKPTR field of the first MISC register
* (MCx_MISC0) indicates presence of additional MISC regs set (MISC1-4).
*/
if (rdmsr_safe_on_cpu(cpu, MSR_AMD64_SMCA_MCx_CONFIG(bank), &low, &high))
- return addr;
+ goto out;

if (!(low & MCI_CONFIG_MCAX))
- return addr;
+ goto out;

if (!rdmsr_safe_on_cpu(cpu, MSR_AMD64_SMCA_MCx_MISC(bank), &low, &high) &&
(low & MASK_BLKPTR_LO))
- return MSR_AMD64_SMCA_MCx_MISCy(bank, block - 1);
+ addr = MSR_AMD64_SMCA_MCx_MISCy(bank, block - 1);

+out:
+ smca_bank_addrs[bank][block] = addr;
return addr;
}

@@ -468,18 +479,6 @@ static u32 get_block_address(unsigned in
if ((bank >= mca_cfg.banks) || (block >= NR_BLOCKS))
return addr;

- /* Get address from already initialized block. */
- if (per_cpu(threshold_banks, cpu)) {
- struct threshold_bank *bankp = per_cpu(threshold_banks, cpu)[bank];
-
- if (bankp && bankp->blocks) {
- struct threshold_block *blockp = &bankp->blocks[block];
-
- if (blockp)
- return blockp->address;
- }
- }
-
if (mce_flags.smca)
return smca_get_block_address(cpu, bank, block);

Next message: bigeasy@xxxxxxxxxxxxx: "Re: [PATCH 1/2] target: drop spin_lock_assert() + irqs_disabled() combo checks"
Previous message: Geert Uytterhoeven: "Re: [PATCH v3 01/10] mfd: da9063: Fix failpath in core"
In reply to: Greg Kroah-Hartman: "[PATCH 4.16 05/47] objtool: Fix "noreturn" detection for recursive sibling calls"
Next in thread: Greg Kroah-Hartman: "[PATCH 4.16 02/47] objtool: Support GCC 8 switch tables"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]