On Wed, Mar 13, 2019 at 02:20:20PM +1100, David Gibson wrote: > 176dccee "target/ppc/spapr: Clear partition table entry when allocating > hash table" reworked the H_REGISTER_PROCESS_TABLE hypercall, but > unfortunately due to a small error no longer correctly sets the LPCR[GTSE] > bit which allows the guest to directly execute (some types of) tlbie (TLB > flush) instructions without involving the hypervisor. > > We got away with this, initially, because POWER9 did not have hypervisor > mode enabled in its msr_mask, which meant we didn't actually run hypervisor > privilege checks in TCG at all. However, da874d90 "target/ppc: add HV > support for POWER9" turned on HV support on POWER9 for the benefit of the > powernv machine type. > > This exposed the earlier bug in H_REGISTER_PROCESS_TABLE, and causes guests > which rely on LPCR[GTSE] (i.e. basically all of them) to crash during early > boot when their first tlbie instruction causes an unexpected trap. > > Fixes: 176dccee target/ppc/spapr: Clear partition table entry when allocating > hash table > Signed-off-by: David Gibson <[email protected]>
Tested-by: Cleber Rosa <[email protected]>
