mirror
/
openwrt
mirror of https://git.openwrt.org/openwrt/openwrt.git
1
0
Fork 0
Code Releases Activity

mpc85xx: backport "fix oops when CONFIG_FSL_PMC=n" 

Martin Kennedy reported:
|Presently, I get this kernel panic on mpc85xx (Aerohive HiveAP 370)
|on OpenWrt 'master' which occurs right as the second processor is
|initialized:
|
|[    0.478804] rcu: Hierarchical SRCU implementation.
|[    0.535569] dyndbg: Ignore empty _ddebug table in a CONFIG_DYNAMIC_DEBUG_CORE build
|[    0.627233] smp: Bringing up secondary CPUs ...
|[    0.681659] kernel tried to execute user page (0) - exploit attempt? (uid: 0)
|[    0.766618] BUG: Unable to handle kernel instruction fetch (NULL pointer?)
|[    0.848899] Faulting instruction address: 0x00000000
|[    0.908273] Oops: Kernel access of bad area, sig: 11 [#1]
|[    0.972851] BE PAGE_SIZE=4K SMP NR_CPUS=2 P1020 RDB
|[    1.031179] Modules linked in:
|[    1.067640] CPU: 0 PID: 1 Comm: swapper/0 Not tainted 5.10.80 #0
|[    1.139507] NIP:  00000000 LR: c0021d2c CTR: 00000000
|[    1.199921] REGS: c1051cf0 TRAP: 0400   Not tainted  (5.10.80)
|[...]
|[    1.758220] NIP [00000000] 0x0
|[    1.794688] LR [c0021d2c] smp_85xx_kick_cpu+0xe8/0x568
|[    1.856126] Call Trace:
|[    1.885295] [c1051da8] [c0021cb8] smp_85xx_kick_cpu+0x74/0x568 (unreliable)
|[    1.968633] [c1051de8] [c0011460] __cpu_up+0xc0/0x228
|[    2.029038] [c1051e18] [c0031bbc] bringup_cpu+0x30/0x224
|[    2.092572] [c1051e48] [c0031f3c] cpu_up.constprop.0+0x180/0x33c
|[..]
|[    2.727952] ---[ end trace 9b796a4bafb6bc14 ]---
|[    3.800879] Kernel panic - not syncing: Fatal exception
|[    3.862353] Rebooting in 1 seconds..
|[    5.905097] System Halted, OK to turn off power
|
|I bisected this down to commit 3ae5da5adc ("kernel: bump 5.10 to 5.10.80");
|that is, I don't get the panic right before this commit, but I do after.

He reported the issue upstream and Xiaoming Ni from huawei came up with
the patch (that is on it's way to upstream). While the AP370 is not in
Openwrt, this will likely affect other SMP P1020 devices OpenWrt ships
with: like the AP330, Enterasys WS-AP3710i, etc.

Reported-by: Martin Kennedy <hurricos@gmail.com>
Tested-by: Martin Kennedy <hurricos@gmail.com>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
This commit is contained in:
Christian Lamparter 2021-11-26 09:35:45 +01:00
parent a5b80dd487
commit dd7d4703e9
1 changed files with 55 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

55
target/linux/mpc85xx/patches-5.10/002-powerpc-85xx-fix-oops-when-CONFIG_FSL_PMC-n.patch Normal file
View File

@ -0,0 +1,55 @@
From e7757563e621522f5cd862b3aff473aedf8b66c0 Mon Sep 17 00:00:00 2001
From: Xiaoming Ni <nixiaoming@huawei.com>
Date: Fri, 26 Nov 2021 12:11:53 +0800
Subject: [PATCH] powerpc/85xx: fix oops when CONFIG_FSL_PMC=n
When CONFIG_FSL_PMC is set to n, no value is assigned to cpu_up_prepare
in the mpc85xx_pm_ops structure. As a result, oops is triggered in
smp_85xx_start_cpu().
[ 0.627233] smp: Bringing up secondary CPUs ...
[ 0.681659] kernel tried to execute user page (0) - exploit attempt? (uid: 0)
[ 0.766618] BUG: Unable to handle kernel instruction fetch (NULL pointer?)
[ 0.848899] Faulting instruction address: 0x00000000
[ 0.908273] Oops: Kernel access of bad area, sig: 11 [#1]
...
[ 1.758220] NIP [00000000] 0x0
[ 1.794688] LR [c0021d2c] smp_85xx_kick_cpu+0xe8/0x568
[ 1.856126] Call Trace:
[ 1.885295] [c1051da8] [c0021cb8] smp_85xx_kick_cpu+0x74/0x568 (unreliable)
[ 1.968633] [c1051de8] [c0011460] __cpu_up+0xc0/0x228
[ 2.029038] [c1051e18] [c0031bbc] bringup_cpu+0x30/0x224
[ 2.092572] [c1051e48] [c0031f3c] cpu_up.constprop.0+0x180/0x33c
[ 2.164443] [c1051e88] [c00322e8] bringup_nonboot_cpus+0x88/0xc8
[ 2.236326] [c1051eb8] [c07e67bc] smp_init+0x30/0x78
[ 2.295698] [c1051ed8] [c07d9e28] kernel_init_freeable+0x118/0x2a8
[ 2.369641] [c1051f18] [c00032d8] kernel_init+0x14/0x124
[ 2.433176] [c1051f38] [c0010278] ret_from_kernel_thread+0x14/0x1c
Fixes: c45361abb9185b ("powerpc/85xx: fix timebase sync issue when
CONFIG_HOTPLUG_CPU=n")
Link: https://lore.kernel.org/lkml/CANA18Uyba4kMJQrbCSZVTFep2Exe5izE45whNJgwwUvNSEcNLg@mail.gmail.com/
Reported-by: Martin Kennedy <hurricos@gmail.com>
Signed-off-by: Xiaoming Ni <nixiaoming@huawei.com>
Tested-by: Martin Kennedy <hurricos@gmail.com>
Cc: stable@vger.kernel.org
--- a/arch/powerpc/platforms/85xx/smp.c
+++ b/arch/powerpc/platforms/85xx/smp.c
@@ -220,7 +220,7 @@ static int smp_85xx_start_cpu(int cpu)
local_irq_save(flags);
hard_irq_disable();
- if (qoriq_pm_ops)
+ if (qoriq_pm_ops && qoriq_pm_ops->cpu_up_prepare)
qoriq_pm_ops->cpu_up_prepare(cpu);
/* if cpu is not spinning, reset it */
@@ -292,7 +292,7 @@ static int smp_85xx_kick_cpu(int nr)
booting_thread_hwid = cpu_thread_in_core(nr);
primary = cpu_first_thread_sibling(nr);
- if (qoriq_pm_ops)
+ if (qoriq_pm_ops && qoriq_pm_ops->cpu_up_prepare)
qoriq_pm_ops->cpu_up_prepare(nr);
/*