4.9-stable review patch. If anyone has any objections, please let me know.
------------------
From: Shanker Donthineni <shank...@codeaurora.org>
commit 90922a2d03d84de36bf8a9979d62580102f31a92 upstream.
On Qualcomm Datacenter Technologies QDF2400 SoCs, the ITS hardware
implementation uses 16Bytes for Interrupt Translation Entry (ITE),
but reports an incorrect value of 8Bytes in GITS_TYPER.ITTE_size.
It might cause kernel memory corruption depending on the number
of MSI(x) that are configured and the amount of memory that has
been allocated for ITEs in its_create_device().
This patch fixes the potential memory corruption by setting the
correct ITE size to 16Bytes.
Cc: sta...@vger.kernel.org
Signed-off-by: Shanker Donthineni <shank...@codeaurora.org>
Signed-off-by: Marc Zyngier <marc.zyng...@arm.com>
Signed-off-by: Greg Kroah-Hartman <gre...@linuxfoundation.org>
---
Documentation/arm64/silicon-errata.txt | 44 +++++++++++++++++----------------
arch/arm64/Kconfig | 10 +++++++
drivers/irqchip/irq-gic-v3-its.c | 16 ++++++++++++
3 files changed, 49 insertions(+), 21 deletions(-)
--- a/Documentation/arm64/silicon-errata.txt
+++ b/Documentation/arm64/silicon-errata.txt
@@ -42,24 +42,26 @@ file acts as a registry of software work
will be updated when new workarounds are committed and backported to
stable kernels.
-| Implementor | Component | Erratum ID | Kconfig
|
-+----------------+-----------------+-----------------+-------------------------+
-| ARM | Cortex-A53 | #826319 | ARM64_ERRATUM_826319
|
-| ARM | Cortex-A53 | #827319 | ARM64_ERRATUM_827319
|
-| ARM | Cortex-A53 | #824069 | ARM64_ERRATUM_824069
|
-| ARM | Cortex-A53 | #819472 | ARM64_ERRATUM_819472
|
-| ARM | Cortex-A53 | #845719 | ARM64_ERRATUM_845719
|
-| ARM | Cortex-A53 | #843419 | ARM64_ERRATUM_843419
|
-| ARM | Cortex-A57 | #832075 | ARM64_ERRATUM_832075
|
-| ARM | Cortex-A57 | #852523 | N/A
|
-| ARM | Cortex-A57 | #834220 | ARM64_ERRATUM_834220
|
-| ARM | Cortex-A72 | #853709 | N/A
|
-| ARM | MMU-500 | #841119,#826419 | N/A
|
-| | | |
|
-| Cavium | ThunderX ITS | #22375, #24313 | CAVIUM_ERRATUM_22375
|
-| Cavium | ThunderX ITS | #23144 | CAVIUM_ERRATUM_23144
|
-| Cavium | ThunderX GICv3 | #23154 | CAVIUM_ERRATUM_23154
|
-| Cavium | ThunderX Core | #27456 | CAVIUM_ERRATUM_27456
|
-| Cavium | ThunderX SMMUv2 | #27704 | N/A |
-| | | |
|
-| Freescale/NXP | LS2080A/LS1043A | A-008585 | FSL_ERRATUM_A008585
|
+| Implementor | Component | Erratum ID | Kconfig
|
++----------------+-----------------+-----------------+-----------------------------+
+| ARM | Cortex-A53 | #826319 | ARM64_ERRATUM_826319
|
+| ARM | Cortex-A53 | #827319 | ARM64_ERRATUM_827319
|
+| ARM | Cortex-A53 | #824069 | ARM64_ERRATUM_824069
|
+| ARM | Cortex-A53 | #819472 | ARM64_ERRATUM_819472
|
+| ARM | Cortex-A53 | #845719 | ARM64_ERRATUM_845719
|
+| ARM | Cortex-A53 | #843419 | ARM64_ERRATUM_843419
|
+| ARM | Cortex-A57 | #832075 | ARM64_ERRATUM_832075
|
+| ARM | Cortex-A57 | #852523 | N/A
|
+| ARM | Cortex-A57 | #834220 | ARM64_ERRATUM_834220
|
+| ARM | Cortex-A72 | #853709 | N/A
|
+| ARM | MMU-500 | #841119,#826419 | N/A
|
+| | | |
|
+| Cavium | ThunderX ITS | #22375, #24313 | CAVIUM_ERRATUM_22375
|
+| Cavium | ThunderX ITS | #23144 | CAVIUM_ERRATUM_23144
|
+| Cavium | ThunderX GICv3 | #23154 | CAVIUM_ERRATUM_23154
|
+| Cavium | ThunderX Core | #27456 | CAVIUM_ERRATUM_27456
|
+| Cavium | ThunderX SMMUv2 | #27704 | N/A
|
+| | | |
|
+| Freescale/NXP | LS2080A/LS1043A | A-008585 | FSL_ERRATUM_A008585
|
+| | | |
|
+| Qualcomm Tech. | QDF2400 ITS | E0065 |
QCOM_QDF2400_ERRATUM_0065 |
--- a/arch/arm64/Kconfig
+++ b/arch/arm64/Kconfig
@@ -474,6 +474,16 @@ config CAVIUM_ERRATUM_27456
If unsure, say Y.
+config QCOM_QDF2400_ERRATUM_0065
+ bool "QDF2400 E0065: Incorrect GITS_TYPER.ITT_Entry_size"
+ default y
+ help
+ On Qualcomm Datacenter Technologies QDF2400 SoC, ITS hardware reports
+ ITE size incorrectly. The GITS_TYPER.ITT_Entry_size field should have
+ been indicated as 16Bytes (0xf), not 8Bytes (0x7).
+
+ If unsure, say Y.
+
endmenu
--- a/drivers/irqchip/irq-gic-v3-its.c
+++ b/drivers/irqchip/irq-gic-v3-its.c
@@ -1598,6 +1598,14 @@ static void __maybe_unused its_enable_qu
its->flags |= ITS_FLAGS_WORKAROUND_CAVIUM_23144;
}
+static void __maybe_unused its_enable_quirk_qdf2400_e0065(void *data)
+{
+ struct its_node *its = data;
+
+ /* On QDF2400, the size of the ITE is 16Bytes */
+ its->ite_size = 16;
+}
+
static const struct gic_quirk its_quirks[] = {
#ifdef CONFIG_CAVIUM_ERRATUM_22375
{
@@ -1615,6 +1623,14 @@ static const struct gic_quirk its_quirks
.init = its_enable_quirk_cavium_23144,
},
#endif
+#ifdef CONFIG_QCOM_QDF2400_ERRATUM_0065
+ {
+ .desc = "ITS: QDF2400 erratum 0065",
+ .iidr = 0x00001070, /* QDF2400 ITS rev 1.x */
+ .mask = 0xffffffff,
+ .init = its_enable_quirk_qdf2400_e0065,
+ },
+#endif
{
}
};
