linux-kernel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: Mark Rutland <mark.rutland@arm.com>
To: Giancarlo Ferrari <giancarlo.ferrari89@gmail.com>
Cc: linux-arm-kernel@lists.infradead.org, linux@armlinux.org.uk,
	linux-kernel@vger.kernel.org, akpm@linux-foundation.org,
	rppt@kernel.org, penberg@kernel.org, geert@linux-m68k.org,
	giancarlo.ferrari@nokia.com
Subject: Re: [PATCH] ARM: kexec: Fix panic after TLB are invalidated
Date: Mon, 1 Feb 2021 12:47:20 +0000	[thread overview]
Message-ID: <20210201124720.GA66060@C02TD0UTHF1T.local> (raw)
In-Reply-To: <1612140296-12546-1-git-send-email-giancarlo.ferrari89@gmail.com>

On Mon, Feb 01, 2021 at 12:44:56AM +0000, Giancarlo Ferrari wrote:
> machine_kexec() need to set rw permission in text and rodata sections
> to assign some variables (e.g. kexec_start_address). To do that at
> the end (after flushing pdm in memory, etc.) it needs to invalidate
> TLB [section] entries.

It'd be worth noting explicitly that set_kernel_text_rw() alters
current->active_mm...

> If during the TLB invalidation an interrupt occours, which might cause
> a context switch, there is the risk to inject invalid TLBs, with ro
> permissions.

... which is why if there's a context switch things can go wrong, since
active_mm isn't stable, and so it's possible that set_kernel_text_rw()
updates multiple tables, none of which might be the active table at the
point we try to make an access.

It would be nice to spell that out rather than saying "invalid TLBs".

We could disable preemption to prevent that, which is possibly better
than disabling interrupts.

Overall, it would be much better to avoid having to mess with the kernel
page tables. So rather than going:

1. mark kernel RW
2. alter variables in reloc code
3. copy reloc code into buffer
4. branch to buffer

... we should be able to go:

1. copy reloc code into buffer
2. alter variables in copy of reloc code
3. branch to buffer

... which would avoid this class of problem too.

Thanks,
Mark.

> When trying to assign .text labels, this lead to the following:
> 
>  Unable to handle kernel paging request at virtual address 80112f38
>  pgd = fd7ef03e
>  [80112f38] *pgd=0001141e(bad)
>  Internal error: Oops: 80d [#1] PREEMPT SMP ARM
>  ...
> 
> Signed-off-by: Giancarlo Ferrari <giancarlo.ferrari89@gmail.com>
> ---
>  arch/arm/kernel/machine_kexec.c | 10 ++++++++++
>  1 file changed, 10 insertions(+)
> 
> diff --git a/arch/arm/kernel/machine_kexec.c b/arch/arm/kernel/machine_kexec.c
> index 5d84ad3..23e8816 100644
> --- a/arch/arm/kernel/machine_kexec.c
> +++ b/arch/arm/kernel/machine_kexec.c
> @@ -174,6 +174,13 @@ void machine_kexec(struct kimage *image)
>  
>  	reboot_code_buffer = page_address(image->control_code_page);
>  
> +	/*
> +	 * If below part is not atomic TLB entries might be corrupted after TLB
> +	 * invalidation, which leads to Data Abort in .text variable assignment
> +	 */
> +	raw_local_irq_disable();
> +	local_fiq_disable();
> +
>  	/* Prepare parameters for reboot_code_buffer*/
>  	set_kernel_text_rw();
>  	kexec_start_address = image->start;
> @@ -181,6 +188,9 @@ void machine_kexec(struct kimage *image)
>  	kexec_mach_type = machine_arch_type;
>  	kexec_boot_atags = image->arch.kernel_r2;
>  
> +	local_fiq_enable();
> +	raw_local_irq_enable();
> +
>  	/* copy our kernel relocation code to the control code page */
>  	reboot_entry = fncpy(reboot_code_buffer,
>  			     &relocate_new_kernel,
> -- 
> 2.7.4
> 

  parent reply	other threads:[~2021-02-01 12:48 UTC|newest]

Thread overview: 22+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-02-01  0:44 [PATCH] ARM: kexec: Fix panic after TLB are invalidated Giancarlo Ferrari
2021-02-01 11:34 ` Russell King - ARM Linux admin
2021-02-01 12:47 ` Mark Rutland [this message]
2021-02-01 13:03   ` Russell King - ARM Linux admin
2021-02-01 13:57     ` Mark Rutland
2021-02-01 16:08       ` Russell King - ARM Linux admin
2021-02-01 16:32         ` Mark Rutland
2021-02-01 16:37           ` Russell King - ARM Linux admin
2021-02-01 20:07         ` Giancarlo Ferrari
2021-02-01 20:16           ` Russell King - ARM Linux admin
2021-02-01 22:18             ` Giancarlo Ferrari
2021-02-04 23:48               ` Giancarlo Ferrari
2021-02-05  0:18                 ` Russell King - ARM Linux admin
2021-02-05  0:40                   ` Giancarlo Ferrari
2021-02-05  0:45                     ` Giancarlo Ferrari
2021-02-05  9:44                     ` Russell King - ARM Linux admin
2021-02-05 14:36                       ` Giancarlo Ferrari
2021-02-01 14:39   ` Giancarlo Ferrari
2021-02-01 15:30     ` Mark Rutland
2021-02-01 19:09       ` Giancarlo Ferrari
  -- strict thread matches above, loose matches on Subject: below --
2021-01-12 16:49 Giancarlo Ferrari
2021-02-01 10:10 ` Giancarlo Ferrari

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20210201124720.GA66060@C02TD0UTHF1T.local \
    --to=mark.rutland@arm.com \
    --cc=akpm@linux-foundation.org \
    --cc=geert@linux-m68k.org \
    --cc=giancarlo.ferrari89@gmail.com \
    --cc=giancarlo.ferrari@nokia.com \
    --cc=linux-arm-kernel@lists.infradead.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux@armlinux.org.uk \
    --cc=penberg@kernel.org \
    --cc=rppt@kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).