104871 – bcl+8 in arch/powerpc/kernel/vdso64/datapage.S causes branch prediction issues

Bug 104871 - bcl+8 in arch/powerpc/kernel/vdso64/datapage.S causes branch prediction issues

Summary: bcl+8 in arch/powerpc/kernel/vdso64/datapage.S causes branch prediction issues

Status:	CLOSED CODE_FIX

Alias:	None

Product:	Platform Specific/Hardware
Classification:	Unclassified
Component:	PPC-64 (show other bugs)
Hardware:	PPC-64 Linux

Importance:	P1 high
Assignee:	platform_ppc-64

URL:
Keywords:

Depends on:
Blocks:

Reported:	2015-09-22 20:09 UTC by Aaron Sawdey
Modified:	2020-04-28 03:17 UTC (History)
CC List:	2 users (show)

See Also:
Kernel Version:	all recent (3.11.10 through 4.3-rc2 at least)
Subsystem:
Regression:	No
Bisected commit-id:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description Aaron Sawdey 2015-09-22 20:09:14 UTC

The code in both 32 and 64 bit versions of datapage.S for vdso use a bcl+8 to capture the instruction address in the link register. On recent powerpc processors (i.e Power8) you will corrupt the link stack on-chip if you do a branch and link and then do not return. bcl+4 is a special case and is ok.

This code causes subsequent mispredicts of blr because the link stack is no longer correct.

Comment 1 Michael Neuling 2015-09-23 06:06:31 UTC

Thanks Aaron.  I've posted a patch to address this here:
  http://patchwork.ozlabs.org/patch/521590/

Comment 2 Michael Ellerman 2020-04-28 03:17:24 UTC

Fixed in:

c974809a26a1 ("powerpc/vdso: Avoid link stack corruption in __get_datapage()")

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c974809a26a13e40254dbe3cf46f49aa32acca11

Note You need to log in before you can comment on or make changes to this bug.