[PATCH 0/2] couple of sparc 32 mm fixes

[PATCH 0/2] couple of sparc 32 mm fixes

[Nicholas Piggin]

I was able to test patch 2 in SMP qemu and verify there were cases
where a cpu's active_mm does not have that CPU set in the mm_cpumask
before the patch, and do not observe it afterwards.

I haven't observed any actual corruption from the bugs, but I didn't
stress it much, and only what qemu can do.

Thanks,
Nick

Nicholas Piggin (2):
  sparc32: remove mm_cpumask clearing to fix kthread_use_mm race
  sparc32: fix mm_cpumask maintenance causing missing TLB flushing

 arch/sparc/include/asm/switch_to_32.h | 1 -
 arch/sparc/mm/srmmu.c                 | 9 ++++-----
 2 files changed, 4 insertions(+), 6 deletions(-)

-- 
2.23.0

[PATCH 1/2] sparc32: remove mm_cpumask clearing to fix kthread_use_mm race

[Nicholas Piggin]

Commit bafb056ce279 ("sparc64: remove mm_cpumask clearing to fix
kthread_use_mm race") fixed this for sparc64, but missed the same bug in
sparc32. Fix it similarly.

Signed-off-by: Nicholas Piggin <npiggin@gmail.com>
---
 arch/sparc/mm/srmmu.c | 6 +-----
 1 file changed, 1 insertion(+), 5 deletions(-)

diff --git a/arch/sparc/mm/srmmu.c b/arch/sparc/mm/srmmu.c
index a9aa6a92c7fe..fefbd08bdc91 100644
--- a/arch/sparc/mm/srmmu.c
+++ b/arch/sparc/mm/srmmu.c
@@ -1670,12 +1670,8 @@ static void smp_flush_tlb_mm(struct mm_struct *mm)
 		cpumask_t cpu_mask;
 		cpumask_copy(&cpu_mask, mm_cpumask(mm));
 		cpumask_clear_cpu(smp_processor_id(), &cpu_mask);
-		if (!cpumask_empty(&cpu_mask)) {
+		if (!cpumask_empty(&cpu_mask))
 			xc1((smpfunc_t) local_ops->tlb_mm, (unsigned long) mm);
-			if (atomic_read(&mm->mm_users) == 1 && current->active_mm == mm)
-				cpumask_copy(mm_cpumask(mm),
-					     cpumask_of(smp_processor_id()));
-		}
 		local_ops->tlb_mm(mm);
 	}
 }
-- 
2.23.0

[PATCH 2/2] sparc32: fix mm_cpumask maintenance causing missing TLB flushing

[Nicholas Piggin]

Fix a bug in mm_cpumask maintenance where a CPU can have switched to an
mm but it's not present in the cpumask, resulting in possible lost TLB
flushes. switch_mm() can be called without switching thread (exec(2),
kthread_use_mm()). Move mm_cpumask setting there, matching sparc64.

Signed-off-by: Nicholas Piggin <npiggin@gmail.com>
---
 arch/sparc/include/asm/switch_to_32.h | 1 -
 arch/sparc/mm/srmmu.c                 | 3 +++
 2 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/arch/sparc/include/asm/switch_to_32.h b/arch/sparc/include/asm/switch_to_32.h
index 42eeafcb8a41..1d9855abbc00 100644
--- a/arch/sparc/include/asm/switch_to_32.h
+++ b/arch/sparc/include/asm/switch_to_32.h
@@ -58,7 +58,6 @@ extern struct thread_info *current_set[NR_CPUS];
 #define switch_to(prev, next, last) do {						\
 	SWITCH_ENTER(prev);								\
 	SWITCH_DO_LAZY_FPU(next);							\
-	cpumask_set_cpu(smp_processor_id(), mm_cpumask(next->active_mm));		\
 	__asm__ __volatile__(								\
 	"sethi	%%hi(here - 0x8), %%o7\n\t"						\
 	"mov	%%g6, %%g3\n\t"								\
diff --git a/arch/sparc/mm/srmmu.c b/arch/sparc/mm/srmmu.c
index fefbd08bdc91..dc07b3d68fc1 100644
--- a/arch/sparc/mm/srmmu.c
+++ b/arch/sparc/mm/srmmu.c
@@ -473,6 +473,9 @@ void switch_mm(struct mm_struct *old_mm, struct mm_struct *mm,
 {
 	unsigned long flags;
 
+	if (!cpumask_test_cpu(smp_processor_id(), mm_cpumask(mm)))
+		cpumask_set_cpu(smp_processor_id(), mm_cpumask(mm));
+
 	if (mm->context == NO_CONTEXT) {
 		spin_lock_irqsave(&srmmu_context_spinlock, flags);
 		alloc_context(old_mm, mm);
-- 
2.23.0