From 4cffce21cfb7401df615af4c98115d22c2782ebf Mon Sep 17 00:00:00 2001
From: Scott Wood <scottwood@freescale.com>
Date: Wed, 16 Jan 2013 07:52:29 +0000
Subject: powerpc/e6500: TID must be zero for vmalloc mappings

The bolted TLB miss handler clears TID for vmalloc mappings, but this
gets overwritten in the SMT-capable case (threads do not actually have to
be enabled) by the tlbsx.  This isn't just a performance problem --
flush_tlb_kernel_range() invalidates vmalloc mappings by shooting
down PID zero, which means that TID non-zero mappings will not get
invalidated.  Crashes have been observed as a result.

Signed-off-by: Scott Wood <scottwood@freescale.com>
Reported-by: Lei Xu <B33228@freescale.com>
Signed-off-by: Andy Fleming <afleming@freescale.com>

diff --git a/arch/powerpc/mm/tlb_low_64e.S b/arch/powerpc/mm/tlb_low_64e.S
index 1e47dd5..9e390bf 100644
--- a/arch/powerpc/mm/tlb_low_64e.S
+++ b/arch/powerpc/mm/tlb_low_64e.S
@@ -160,6 +160,13 @@ END_FTR_SECTION_IFSET(CPU_FTR_SMT)
 
 	ldx	r14,r14,r15		/* grab pgd entry */
 BEGIN_FTR_SECTION
+	cmpdi	cr0,r16,0		/* Check for vmalloc region */
+	bge	1f
+	mfspr	r10,SPRN_MAS6
+	rlwinm	r15,r15,0,16,1		/* Clear SPID */
+	mtspr	SPRN_MAS6,r10
+1:
+
 	mfspr	r10,SPRN_MAS2
 	tlbsx	0,r16
 	mfspr	r15,SPRN_MAS1
@@ -169,6 +176,12 @@ BEGIN_FTR_SECTION
 	/* Undo MAS-damage from the tlbsx */
 	mfspr	r15,SPRN_MAS1
 	oris	r15,r15,MAS1_VALID@h
+
+	cmpdi	cr0,r16,0		/* Check for vmalloc region */
+	bge	1f
+	rlwinm	r15,r15,0,16,1		/* Clear TID */
+1:
+
 	mtspr	SPRN_MAS1,r15
 	mtspr	SPRN_MAS2,r10
 END_FTR_SECTION_IFSET(CPU_FTR_SMT)
-- 
cgit v0.10.2