Home Home > GIT Browse > stable
summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJiri Slaby <jslaby@suse.cz>2019-02-15 10:23:48 +0100
committerJiri Slaby <jslaby@suse.cz>2019-02-15 10:24:09 +0100
commit3979484757f3a289fa083bf10daa40c36ad36734 (patch)
tree92dc3c0667c6bd7342b1498ff3d68b5e34abe845
parent1c49681b9127aeb652ab4945c7d14818e9f04777 (diff)
powerpc/radix: Fix kernel crash with mremap() (bnc#1012628).
-rw-r--r--patches.kernel.org/4.20.9-034-powerpc-radix-Fix-kernel-crash-with-mremap.patch103
-rw-r--r--series.conf1
2 files changed, 104 insertions, 0 deletions
diff --git a/patches.kernel.org/4.20.9-034-powerpc-radix-Fix-kernel-crash-with-mremap.patch b/patches.kernel.org/4.20.9-034-powerpc-radix-Fix-kernel-crash-with-mremap.patch
new file mode 100644
index 0000000000..b6cd83094f
--- /dev/null
+++ b/patches.kernel.org/4.20.9-034-powerpc-radix-Fix-kernel-crash-with-mremap.patch
@@ -0,0 +1,103 @@
+From: "Aneesh Kumar K.V" <aneesh.kumar@linux.ibm.com>
+Date: Wed, 23 Jan 2019 11:51:38 +0530
+Subject: [PATCH] powerpc/radix: Fix kernel crash with mremap()
+References: bnc#1012628
+Patch-mainline: 4.20.9
+Git-commit: 579b9239c1f38665b21e8d0e6ee83ecc96dbd6bb
+
+commit 579b9239c1f38665b21e8d0e6ee83ecc96dbd6bb upstream.
+
+With support for split pmd lock, we use pmd page pmd_huge_pte pointer
+to store the deposited page table. In those config when we move page
+tables we need to make sure we move the deposited page table to the
+correct pmd page. Otherwise this can result in crash when we withdraw
+of deposited page table because we can find the pmd_huge_pte NULL.
+
+eg:
+
+ __split_huge_pmd+0x1070/0x1940
+ __split_huge_pmd+0xe34/0x1940 (unreliable)
+ vma_adjust_trans_huge+0x110/0x1c0
+ __vma_adjust+0x2b4/0x9b0
+ __split_vma+0x1b8/0x280
+ __do_munmap+0x13c/0x550
+ sys_mremap+0x220/0x7e0
+ system_call+0x5c/0x70
+
+Fixes: 675d995297d4 ("powerpc/book3s64: Enable split pmd ptlock.")
+Cc: stable@vger.kernel.org # v4.18+
+Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.ibm.com>
+Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+Signed-off-by: Jiri Slaby <jslaby@suse.cz>
+---
+ arch/powerpc/include/asm/book3s/64/pgtable.h | 22 +++++++-------------
+ arch/powerpc/mm/pgtable-book3s64.c | 22 ++++++++++++++++++++
+ 2 files changed, 29 insertions(+), 15 deletions(-)
+
+diff --git a/arch/powerpc/include/asm/book3s/64/pgtable.h b/arch/powerpc/include/asm/book3s/64/pgtable.h
+index 6c99e846a8c9..db706ffc4ca9 100644
+--- a/arch/powerpc/include/asm/book3s/64/pgtable.h
++++ b/arch/powerpc/include/asm/book3s/64/pgtable.h
+@@ -1258,21 +1258,13 @@ extern pmd_t pmdp_invalidate(struct vm_area_struct *vma, unsigned long address,
+
+ #define pmd_move_must_withdraw pmd_move_must_withdraw
+ struct spinlock;
+-static inline int pmd_move_must_withdraw(struct spinlock *new_pmd_ptl,
+- struct spinlock *old_pmd_ptl,
+- struct vm_area_struct *vma)
+-{
+- if (radix_enabled())
+- return false;
+- /*
+- * Archs like ppc64 use pgtable to store per pmd
+- * specific information. So when we switch the pmd,
+- * we should also withdraw and deposit the pgtable
+- */
+- return true;
+-}
+-
+-
++extern int pmd_move_must_withdraw(struct spinlock *new_pmd_ptl,
++ struct spinlock *old_pmd_ptl,
++ struct vm_area_struct *vma);
++/*
++ * Hash translation mode use the deposited table to store hash pte
++ * slot information.
++ */
+ #define arch_needs_pgtable_deposit arch_needs_pgtable_deposit
+ static inline bool arch_needs_pgtable_deposit(void)
+ {
+diff --git a/arch/powerpc/mm/pgtable-book3s64.c b/arch/powerpc/mm/pgtable-book3s64.c
+index 9f93c9f985c5..30d89a37fe62 100644
+--- a/arch/powerpc/mm/pgtable-book3s64.c
++++ b/arch/powerpc/mm/pgtable-book3s64.c
+@@ -482,3 +482,25 @@ void arch_report_meminfo(struct seq_file *m)
+ atomic_long_read(&direct_pages_count[MMU_PAGE_1G]) << 20);
+ }
+ #endif /* CONFIG_PROC_FS */
++
++/*
++ * For hash translation mode, we use the deposited table to store hash slot
++ * information and they are stored at PTRS_PER_PMD offset from related pmd
++ * location. Hence a pmd move requires deposit and withdraw.
++ *
++ * For radix translation with split pmd ptl, we store the deposited table in the
++ * pmd page. Hence if we have different pmd page we need to withdraw during pmd
++ * move.
++ *
++ * With hash we use deposited table always irrespective of anon or not.
++ * With radix we use deposited table only for anonymous mapping.
++ */
++int pmd_move_must_withdraw(struct spinlock *new_pmd_ptl,
++ struct spinlock *old_pmd_ptl,
++ struct vm_area_struct *vma)
++{
++ if (radix_enabled())
++ return (new_pmd_ptl != old_pmd_ptl) && vma_is_anonymous(vma);
++
++ return true;
++}
+--
+2.20.1
+
diff --git a/series.conf b/series.conf
index 217cdb2202..8c591129a5 100644
--- a/series.conf
+++ b/series.conf
@@ -1116,6 +1116,7 @@
patches.kernel.org/4.20.9-031-ARM-dts-da850-fix-interrupt-numbers-for-clocks.patch
patches.kernel.org/4.20.9-032-firmware-arm_scmi-provide-the-mandatory-device.patch
patches.kernel.org/4.20.9-033-powerpc-papr_scm-Use-the-correct-bind-address.patch
+ patches.kernel.org/4.20.9-034-powerpc-radix-Fix-kernel-crash-with-mremap.patch
########################################################
# Build fixes that apply to the vanilla kernel too.