diff options
| author | Michael Neuling <mikey@neuling.org> | 2010-05-13 15:40:11 -0400 |
|---|---|---|
| committer | Benjamin Herrenschmidt <benh@kernel.crashing.org> | 2010-05-21 03:31:11 -0400 |
| commit | 1fc711f7ffb01089efc58042cfdbac8573d1b59a (patch) | |
| tree | 7c057a32c140e8d617a9cff34ca5d2227e9acdb8 /arch/powerpc/kernel/misc_64.S | |
| parent | d504bed676caad29a3dba3d3727298c560628f5c (diff) | |
powerpc/kexec: Fix race in kexec shutdown
In kexec_prepare_cpus, the primary CPU IPIs the secondary CPUs to
kexec_smp_down(). kexec_smp_down() calls kexec_smp_wait() which sets
the hw_cpu_id() to -1. The primary does this while leaving IRQs on
which means the primary can take a timer interrupt which can lead to
the IPIing one of the secondary CPUs (say, for a scheduler re-balance)
but since the secondary CPU now has a hw_cpu_id = -1, we IPI CPU
-1... Kaboom!
We are hitting this case regularly on POWER7 machines.
There is also a second race, where the primary will tear down the MMU
mappings before knowing the secondaries have entered real mode.
Also, the secondaries are clearing out any pending IPIs before
guaranteeing that no more will be received.
This changes kexec_prepare_cpus() so that we turn off IRQs in the
primary CPU much earlier. It adds a paca flag to say that the
secondaries have entered the kexec_smp_down() IPI and turned off IRQs,
rather than overloading hw_cpu_id with -1. This new paca flag is
again used to in indicate when the secondaries has entered real mode.
It also ensures that all CPUs have their IRQs off before we clear out
any pending IPI requests (in kexec_cpu_down()) to ensure there are no
trailing IPIs left unacknowledged.
Signed-off-by: Michael Neuling <mikey@neuling.org>
Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Diffstat (limited to 'arch/powerpc/kernel/misc_64.S')
| -rw-r--r-- | arch/powerpc/kernel/misc_64.S | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/arch/powerpc/kernel/misc_64.S b/arch/powerpc/kernel/misc_64.S index a5cf9c1356a6..a2b18dffa03e 100644 --- a/arch/powerpc/kernel/misc_64.S +++ b/arch/powerpc/kernel/misc_64.S | |||
| @@ -24,6 +24,7 @@ | |||
| 24 | #include <asm/asm-offsets.h> | 24 | #include <asm/asm-offsets.h> |
| 25 | #include <asm/cputable.h> | 25 | #include <asm/cputable.h> |
| 26 | #include <asm/thread_info.h> | 26 | #include <asm/thread_info.h> |
| 27 | #include <asm/kexec.h> | ||
| 27 | 28 | ||
| 28 | .text | 29 | .text |
| 29 | 30 | ||
| @@ -471,6 +472,10 @@ _GLOBAL(kexec_wait) | |||
| 471 | 1: mflr r5 | 472 | 1: mflr r5 |
| 472 | addi r5,r5,kexec_flag-1b | 473 | addi r5,r5,kexec_flag-1b |
| 473 | 474 | ||
| 475 | li r4,KEXEC_STATE_REAL_MODE | ||
| 476 | stb r4,PACAKEXECSTATE(r13) | ||
| 477 | SYNC | ||
| 478 | |||
| 474 | 99: HMT_LOW | 479 | 99: HMT_LOW |
| 475 | #ifdef CONFIG_KEXEC /* use no memory without kexec */ | 480 | #ifdef CONFIG_KEXEC /* use no memory without kexec */ |
| 476 | lwz r4,0(r5) | 481 | lwz r4,0(r5) |
| @@ -494,14 +499,11 @@ kexec_flag: | |||
| 494 | * note: this is a terminal routine, it does not save lr | 499 | * note: this is a terminal routine, it does not save lr |
| 495 | * | 500 | * |
| 496 | * get phys id from paca | 501 | * get phys id from paca |
| 497 | * set paca id to -1 to say we got here | ||
| 498 | * switch to real mode | 502 | * switch to real mode |
| 499 | * join other cpus in kexec_wait(phys_id) | 503 | * join other cpus in kexec_wait(phys_id) |
| 500 | */ | 504 | */ |
| 501 | _GLOBAL(kexec_smp_wait) | 505 | _GLOBAL(kexec_smp_wait) |
| 502 | lhz r3,PACAHWCPUID(r13) | 506 | lhz r3,PACAHWCPUID(r13) |
| 503 | li r4,-1 | ||
| 504 | sth r4,PACAHWCPUID(r13) /* let others know we left */ | ||
| 505 | bl real_mode | 507 | bl real_mode |
| 506 | b .kexec_wait | 508 | b .kexec_wait |
| 507 | 509 | ||