asm/head: set skiboot TOC in interrupt handler entry

Some code runs with r2 not set to the skiboot TOC, for example the
secureboot CVC (see call_rom_entry). If a system reset or machine
check is taken at this time, the skiboot interrupt handler will
crash badly rather than report it.

So set the skiboot TOC into r2 in the interrupt entry code. r2 is
already saved and restored, so in the case of recoverable exceptions,
this will restore the correct r2 when returning to such code.

This issue was found by Stewart, and this patch is based on his
initial fix, with some modification.

Cc: Stewart Smith <stewart@linux.ibm.com>
Signed-off-by: Nicholas Piggin <npiggin@gmail.com>
Signed-off-by: Oliver O'Halloran <oohall@gmail.com>

1 files changed, 5 insertions, 3 deletions

diff --git a/asm/head.S b/asm/head.S
index ff88a74..e78dc52 100644
--- a/asm/head.S
+++ b/asm/head.S
@@ -226,10 +226,12 @@ _exception:
 	stw	%r4,STACK_XER(%r1)
 	std	%r5,STACK_CTR(%r1)
 	std	%r6,STACK_LR(%r1)
-	mr	%r3,%r1
 	LOAD_IMM64(%r4, SKIBOOT_BASE)
-	LOAD_IMM32(%r5, exception_entry_foo - __head)
-	add	%r4,%r4,%r5
+	LOAD_IMM32(%r5,__toc_start - __head)
+	LOAD_IMM32(%r6, exception_entry_foo - __head)
+	add	%r2,%r4,%r5
+	mr	%r3,%r1
+	add	%r4,%r4,%r6
 	mtctr	%r4
 	bctr
 exception_entry_foo: