Home Explore Help
Sign In
GfA
/
linux_kernel
5
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

x86/hibernate/64: Mask off CR3's PCID bits in the saved CR3

Jiri reported a resume-from-hibernation failure triggered by PCID.
The root cause appears to be rather odd.  The hibernation asm
restores a CR3 value that comes from the image header.  If the image
kernel has PCID on, it's entirely reasonable for this CR3 value to
have one of the low 12 bits set.  The restore code restores it with
CR4.PCIDE=0, which means that those low 12 bits are accepted by the
CPU but are either ignored or interpreted as a caching mode.  This
is odd, but still works.  We blow up later when the image kernel
restores CR4, though, since changing CR4.PCIDE with CR3[11:0] != 0
is illegal.  Boom!

FWIW, it's entirely unclear to me what's supposed to happen if a PAE
kernel restores a non-PAE image or vice versa.  Ditto for LA57.

Reported-by: Jiri Kosina <jikos@kernel.org>
Tested-by: Jiri Kosina <jkosina@suse.cz>
Signed-off-by: Andy Lutomirski <luto@kernel.org>
Cc: Borislav Petkov <bpetkov@suse.de>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Fixes: 660da7c9228f ("x86/mm: Enable CR4.PCIDE on supported systems")
Link: http://lkml.kernel.org/r/18ca57090651a6341e97083883f9e814c4f14684.1504847163.git.luto@kernel.org
Signed-off-by: Ingo Molnar <mingo@kernel.org>
Andy Lutomirski 8 years ago
parent
a376e7f99b
commit
f34902c5c6
1 changed files with 20 additions and 1 deletions
Unified View Show Diff Stats
  1. 20 1
      arch/x86/power/hibernate_64.c

+ 20 - 1
arch/x86/power/hibernate_64.c
View File 

@@ -295,7 +295,26 @@ int arch_hibernation_header_save(void *addr, unsigned int max_size)
 
 		return -EOVERFLOW;
 
 		return -EOVERFLOW;
 
 	rdr->jump_address = (unsigned long)restore_registers;
 
 	rdr->jump_address = (unsigned long)restore_registers;
 
 	rdr->jump_address_phys = __pa_symbol(restore_registers);
 
 	rdr->jump_address_phys = __pa_symbol(restore_registers);
 
-	rdr->cr3 = restore_cr3;
 
+
 
+	/*
 
+	 * The restore code fixes up CR3 and CR4 in the following sequence:
 
+	 *
 
+	 * [in hibernation asm]
 
+	 * 1. CR3 <= temporary page tables
 
+	 * 2. CR4 <= mmu_cr4_features (from the kernel that restores us)
 
+	 * 3. CR3 <= rdr->cr3
 
+	 * 4. CR4 <= mmu_cr4_features (from us, i.e. the image kernel)
 
+	 * [in restore_processor_state()]
 
+	 * 5. CR4 <= saved CR4
 
+	 * 6. CR3 <= saved CR3
 
+	 *
 
+	 * Our mmu_cr4_features has CR4.PCIDE=0, and toggling
 
+	 * CR4.PCIDE while CR3's PCID bits are nonzero is illegal, so
 
+	 * rdr->cr3 needs to point to valid page tables but must not
 
+	 * have any of the PCID bits set.
 
+	 */
 
+	rdr->cr3 = restore_cr3 & ~CR3_PCID_MASK;
 
+
 
 	rdr->magic = RESTORE_MAGIC;
 
 	rdr->magic = RESTORE_MAGIC;
 
 
 
 	hibernation_e820_save(rdr->e820_digest);
 
 	hibernation_e820_save(rdr->e820_digest);