From: Sasha Levin <sashal@kernel.org>
To: stable@vger.kernel.org, linux-kernel@vger.kernel.org
Cc: Martin Schwidefsky <schwidefsky@de.ibm.com>,
Sasha Levin <sashal@kernel.org>,
linux-s390@vger.kernel.org, linux-arch@vger.kernel.org,
linux-mm@kvack.org
Subject: [PATCH AUTOSEL 4.18 08/59] s390/mm: fix mis-accounting of pgtable_bytes
Date: Wed, 14 Nov 2018 17:22:40 -0500 [thread overview]
Message-ID: <20181114222335.99339-8-sashal@kernel.org> (raw)
In-Reply-To: <20181114222335.99339-1-sashal@kernel.org>
From: Martin Schwidefsky <schwidefsky@de.ibm.com>
[ Upstream commit e12e4044aede97974f2222eb7f0ed726a5179a32 ]
In case a fork or a clone system fails in copy_process and the error
handling does the mmput() at the bad_fork_cleanup_mm label, the
following warning messages will appear on the console:
BUG: non-zero pgtables_bytes on freeing mm: 16384
The reason for that is the tricks we play with mm_inc_nr_puds() and
mm_inc_nr_pmds() in init_new_context().
A normal 64-bit process has 3 levels of page table, the p4d level and
the pud level are folded. On process termination the free_pud_range()
function in mm/memory.c will subtract 16KB from pgtable_bytes with a
mm_dec_nr_puds() call, but there actually is not really a pud table.
One issue with this is the fact that pgtable_bytes is usually off
by a few kilobytes, but the more severe problem is that for a failed
fork or clone the free_pgtables() function is not called. In this case
there is no mm_dec_nr_puds() or mm_dec_nr_pmds() that go together with
the mm_inc_nr_puds() and mm_inc_nr_pmds in init_new_context().
The pgtable_bytes will be off by 16384 or 32768 bytes and we get the
BUG message. The message itself is purely cosmetic, but annoying.
To fix this override the mm_pmd_folded, mm_pud_folded and mm_p4d_folded
function to check for the true size of the address space.
Reported-by: Li Wang <liwang@redhat.com>
Tested-by: Li Wang <liwang@redhat.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
---
arch/s390/include/asm/mmu_context.h | 5 -----
arch/s390/include/asm/pgalloc.h | 6 +++---
arch/s390/include/asm/pgtable.h | 18 ++++++++++++++++++
arch/s390/include/asm/tlb.h | 6 +++---
arch/s390/mm/pgalloc.c | 1 +
5 files changed, 25 insertions(+), 11 deletions(-)
diff --git a/arch/s390/include/asm/mmu_context.h b/arch/s390/include/asm/mmu_context.h
index d16bc79c30bb..02331ce22bf4 100644
--- a/arch/s390/include/asm/mmu_context.h
+++ b/arch/s390/include/asm/mmu_context.h
@@ -44,8 +44,6 @@ static inline int init_new_context(struct task_struct *tsk,
mm->context.asce_limit = STACK_TOP_MAX;
mm->context.asce = __pa(mm->pgd) | _ASCE_TABLE_LENGTH |
_ASCE_USER_BITS | _ASCE_TYPE_REGION3;
- /* pgd_alloc() did not account this pud */
- mm_inc_nr_puds(mm);
break;
case -PAGE_SIZE:
/* forked 5-level task, set new asce with new_mm->pgd */
@@ -61,9 +59,6 @@ static inline int init_new_context(struct task_struct *tsk,
/* forked 2-level compat task, set new asce with new mm->pgd */
mm->context.asce = __pa(mm->pgd) | _ASCE_TABLE_LENGTH |
_ASCE_USER_BITS | _ASCE_TYPE_SEGMENT;
- /* pgd_alloc() did not account this pmd */
- mm_inc_nr_pmds(mm);
- mm_inc_nr_puds(mm);
}
crst_table_init((unsigned long *) mm->pgd, pgd_entry_type(mm));
return 0;
diff --git a/arch/s390/include/asm/pgalloc.h b/arch/s390/include/asm/pgalloc.h
index f0f9bcf94c03..5ee733720a57 100644
--- a/arch/s390/include/asm/pgalloc.h
+++ b/arch/s390/include/asm/pgalloc.h
@@ -36,11 +36,11 @@ static inline void crst_table_init(unsigned long *crst, unsigned long entry)
static inline unsigned long pgd_entry_type(struct mm_struct *mm)
{
- if (mm->context.asce_limit <= _REGION3_SIZE)
+ if (mm_pmd_folded(mm))
return _SEGMENT_ENTRY_EMPTY;
- if (mm->context.asce_limit <= _REGION2_SIZE)
+ if (mm_pud_folded(mm))
return _REGION3_ENTRY_EMPTY;
- if (mm->context.asce_limit <= _REGION1_SIZE)
+ if (mm_p4d_folded(mm))
return _REGION2_ENTRY_EMPTY;
return _REGION1_ENTRY_EMPTY;
}
diff --git a/arch/s390/include/asm/pgtable.h b/arch/s390/include/asm/pgtable.h
index 5ab636089c60..960cf51e9d43 100644
--- a/arch/s390/include/asm/pgtable.h
+++ b/arch/s390/include/asm/pgtable.h
@@ -483,6 +483,24 @@ static inline int is_module_addr(void *addr)
_REGION_ENTRY_PROTECT | \
_REGION_ENTRY_NOEXEC)
+static inline bool mm_p4d_folded(struct mm_struct *mm)
+{
+ return mm->context.asce_limit <= _REGION1_SIZE;
+}
+#define mm_p4d_folded(mm) mm_p4d_folded(mm)
+
+static inline bool mm_pud_folded(struct mm_struct *mm)
+{
+ return mm->context.asce_limit <= _REGION2_SIZE;
+}
+#define mm_pud_folded(mm) mm_pud_folded(mm)
+
+static inline bool mm_pmd_folded(struct mm_struct *mm)
+{
+ return mm->context.asce_limit <= _REGION3_SIZE;
+}
+#define mm_pmd_folded(mm) mm_pmd_folded(mm)
+
static inline int mm_has_pgste(struct mm_struct *mm)
{
#ifdef CONFIG_PGSTE
diff --git a/arch/s390/include/asm/tlb.h b/arch/s390/include/asm/tlb.h
index 457b7ba0fbb6..b31c779cf581 100644
--- a/arch/s390/include/asm/tlb.h
+++ b/arch/s390/include/asm/tlb.h
@@ -136,7 +136,7 @@ static inline void pte_free_tlb(struct mmu_gather *tlb, pgtable_t pte,
static inline void pmd_free_tlb(struct mmu_gather *tlb, pmd_t *pmd,
unsigned long address)
{
- if (tlb->mm->context.asce_limit <= _REGION3_SIZE)
+ if (mm_pmd_folded(tlb->mm))
return;
pgtable_pmd_page_dtor(virt_to_page(pmd));
tlb_remove_table(tlb, pmd);
@@ -152,7 +152,7 @@ static inline void pmd_free_tlb(struct mmu_gather *tlb, pmd_t *pmd,
static inline void p4d_free_tlb(struct mmu_gather *tlb, p4d_t *p4d,
unsigned long address)
{
- if (tlb->mm->context.asce_limit <= _REGION1_SIZE)
+ if (mm_p4d_folded(tlb->mm))
return;
tlb_remove_table(tlb, p4d);
}
@@ -167,7 +167,7 @@ static inline void p4d_free_tlb(struct mmu_gather *tlb, p4d_t *p4d,
static inline void pud_free_tlb(struct mmu_gather *tlb, pud_t *pud,
unsigned long address)
{
- if (tlb->mm->context.asce_limit <= _REGION2_SIZE)
+ if (mm_pud_folded(tlb->mm))
return;
tlb_remove_table(tlb, pud);
}
diff --git a/arch/s390/mm/pgalloc.c b/arch/s390/mm/pgalloc.c
index 76d89ee8b428..814f26520aa2 100644
--- a/arch/s390/mm/pgalloc.c
+++ b/arch/s390/mm/pgalloc.c
@@ -101,6 +101,7 @@ int crst_table_upgrade(struct mm_struct *mm, unsigned long end)
mm->context.asce_limit = _REGION1_SIZE;
mm->context.asce = __pa(mm->pgd) | _ASCE_TABLE_LENGTH |
_ASCE_USER_BITS | _ASCE_TYPE_REGION2;
+ mm_inc_nr_puds(mm);
} else {
crst_table_init(table, _REGION1_ENTRY_EMPTY);
pgd_populate(mm, (pgd_t *) table, (p4d_t *) pgd);
--
2.17.1
next prev parent reply other threads:[~2018-11-14 22:24 UTC|newest]
Thread overview: 72+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-11-14 22:22 [PATCH AUTOSEL 4.18 01/59] s390/vdso: add missing FORCE to build targets Sasha Levin
2018-11-14 22:22 ` [PATCH AUTOSEL 4.18 02/59] HID: i2c-hid: Add a small delay after sleep command for Raydium touchpanel Sasha Levin
2018-11-14 22:22 ` [PATCH AUTOSEL 4.18 03/59] Revert "HID: add NOGET quirk for Eaton Ellipse MAX UPS" Sasha Levin
2018-11-14 22:22 ` [PATCH AUTOSEL 4.18 04/59] HID: alps: allow incoming reports when only the trackstick is opened Sasha Levin
2018-11-14 22:22 ` [PATCH AUTOSEL 4.18 05/59] netfilter: ipset: list:set: Decrease refcount synchronously on deletion and replace Sasha Levin
2018-11-14 22:22 ` [PATCH AUTOSEL 4.18 06/59] netfilter: ipset: actually allow allowable CIDR 0 in hash:net,port,net Sasha Levin
2018-11-14 22:22 ` [PATCH AUTOSEL 4.18 07/59] netfilter: ipset: fix ip_set_list allocation failure Sasha Levin
2018-11-14 22:22 ` Sasha Levin [this message]
2018-11-14 22:22 ` [PATCH AUTOSEL 4.18 09/59] s390/mm: Fix ERROR: "__node_distance" undefined! Sasha Levin
2018-11-14 22:22 ` [PATCH AUTOSEL 4.18 10/59] bpf: fix bpf_prog_get_info_by_fd to return 0 func_lens for unpriv Sasha Levin
2018-11-14 22:22 ` [PATCH AUTOSEL 4.18 11/59] usbnet: smsc95xx: disable carrier check while suspending Sasha Levin
2018-11-14 22:22 ` [AUTOSEL,4.18,11/59] " Sasha Levin
2018-11-14 22:22 ` [PATCH AUTOSEL 4.18 12/59] net: dsa: microchip: initialize mutex before use Sasha Levin
2018-11-14 22:22 ` [PATCH AUTOSEL 4.18 13/59] net: bcmgenet: protect stop from timeout Sasha Levin
2018-11-14 22:22 ` [PATCH AUTOSEL 4.18 14/59] net: systemport: Protect " Sasha Levin
2018-11-14 22:22 ` [PATCH AUTOSEL 4.18 15/59] netfilter: ipset: Correct rcu_dereference() call in ip_set_put_comment() Sasha Levin
2018-11-14 22:22 ` [PATCH AUTOSEL 4.18 16/59] netfilter: xt_IDLETIMER: add sysfs filename checking routine Sasha Levin
2018-11-14 22:22 ` [PATCH AUTOSEL 4.18 17/59] netfilter: ipset: Fix calling ip_set() macro at dumping Sasha Levin
2018-11-14 22:22 ` [PATCH AUTOSEL 4.18 18/59] netfilter: nft_compat: ebtables 'nat' table is normal chain type Sasha Levin
2018-11-14 22:22 ` [PATCH AUTOSEL 4.18 19/59] s390/qeth: fix HiperSockets sniffer Sasha Levin
2018-11-14 22:22 ` [PATCH AUTOSEL 4.18 20/59] net: hns3: Fix for out-of-bounds access when setting pfc back pressure Sasha Levin
2018-11-14 22:22 ` [PATCH AUTOSEL 4.18 21/59] mlxsw: spectrum: Fix IP2ME CPU policer configuration Sasha Levin
2018-11-14 22:22 ` [PATCH AUTOSEL 4.18 22/59] hwmon: (ibmpowernv) Remove bogus __init annotations Sasha Levin
2018-11-14 22:22 ` Sasha Levin
2018-11-14 22:22 ` [PATCH AUTOSEL 4.18 23/59] net: phy: realtek: fix RTL8201F sysfs name Sasha Levin
2018-11-14 22:22 ` [PATCH AUTOSEL 4.18 24/59] ARM: dts: fsl: Fix improperly quoted stdout-path values Sasha Levin
2018-11-14 22:22 ` [PATCH AUTOSEL 4.18 25/59] ARM: dts: imx6sx-sdb: Fix enet phy regulator Sasha Levin
2018-11-14 22:22 ` [PATCH AUTOSEL 4.18 26/59] Revert "drm/exynos/decon5433: implement frame counter" Sasha Levin
2018-11-14 22:22 ` Sasha Levin
2018-11-14 22:22 ` [PATCH AUTOSEL 4.18 27/59] arm64: dts: renesas: r8a7795: add missing dma-names on hscif2 Sasha Levin
2018-11-14 22:23 ` [PATCH AUTOSEL 4.18 28/59] clk: fixed-factor: fix of_node_get-put imbalance Sasha Levin
2018-11-14 22:23 ` [PATCH AUTOSEL 4.18 29/59] mtd: nand: Fix nanddev_pos_next_page() kernel-doc header Sasha Levin
2018-11-14 22:23 ` [PATCH AUTOSEL 4.18 30/59] lib/raid6: Fix arm64 test build Sasha Levin
2018-11-14 22:23 ` [PATCH AUTOSEL 4.18 31/59] drm/amd/display: Stop leaking planes Sasha Levin
2018-11-14 22:23 ` Sasha Levin
2018-11-14 22:23 ` [PATCH AUTOSEL 4.18 32/59] block: Clear kernel memory before copying to user Sasha Levin
2018-11-14 22:23 ` [PATCH AUTOSEL 4.18 33/59] drm/amd/amdgpu/dm: Fix dm_dp_create_fake_mst_encoder() Sasha Levin
2018-11-14 22:23 ` Sasha Levin
2018-11-14 22:23 ` [PATCH AUTOSEL 4.18 34/59] s390/perf: Change CPUM_CF return code in event init function Sasha Levin
2018-11-14 22:23 ` [PATCH AUTOSEL 4.18 35/59] ceph: quota: fix null pointer dereference in quota check Sasha Levin
2018-11-14 22:23 ` [PATCH AUTOSEL 4.18 36/59] clk: meson-gxbb: set fclk_div3 as CLK_IS_CRITICAL Sasha Levin
2018-11-14 22:23 ` Sasha Levin
2018-11-14 22:23 ` [PATCH AUTOSEL 4.18 37/59] clk: meson: axg: mark fdiv2 and fdiv3 as critical Sasha Levin
2018-11-14 22:23 ` Sasha Levin
2018-11-14 22:23 ` [PATCH AUTOSEL 4.18 38/59] nvme: make sure ns head inherits underlying device limits Sasha Levin
2018-11-14 22:23 ` Sasha Levin
2018-11-14 22:23 ` [PATCH AUTOSEL 4.18 39/59] i2c: omap: Enable for ARCH_K3 Sasha Levin
2018-11-15 4:35 ` Vignesh R
2018-11-22 19:31 ` Sasha Levin
2018-11-22 19:31 ` Sasha Levin
2018-11-14 22:23 ` [PATCH AUTOSEL 4.18 40/59] sched/core: Take the hotplug lock in sched_init_smp() Sasha Levin
2018-11-14 22:23 ` [PATCH AUTOSEL 4.18 41/59] perf tools: Fix undefined symbol scnprintf in libperf-jvmti.so Sasha Levin
2018-11-14 22:23 ` [PATCH AUTOSEL 4.18 42/59] perf tools: Do not zero sample_id_all for group members Sasha Levin
2018-11-14 22:23 ` [PATCH AUTOSEL 4.18 43/59] ice: Fix dead device link issue with flow control Sasha Levin
2018-11-14 22:23 ` [PATCH AUTOSEL 4.18 44/59] ice: Fix the bytecount sent to netdev_tx_sent_queue Sasha Levin
2018-11-14 22:23 ` [PATCH AUTOSEL 4.18 45/59] i40e: restore NETIF_F_GSO_IPXIP[46] to netdev features Sasha Levin
2018-11-14 22:23 ` [PATCH AUTOSEL 4.18 46/59] ibmvnic: fix accelerated VLAN handling Sasha Levin
2018-11-14 22:23 ` Sasha Levin
2018-11-14 22:23 ` [PATCH AUTOSEL 4.18 47/59] qed: Fix memory/entry leak in qed_init_sp_request() Sasha Levin
2018-11-14 22:23 ` [PATCH AUTOSEL 4.18 48/59] qed: Fix blocking/unlimited SPQ entries leak Sasha Levin
2018-11-14 22:23 ` [PATCH AUTOSEL 4.18 49/59] qed: Fix SPQ entries not returned to pool in error flows Sasha Levin
2018-11-14 22:23 ` [PATCH AUTOSEL 4.18 50/59] qed: Fix potential memory corruption Sasha Levin
2018-11-14 22:23 ` [PATCH AUTOSEL 4.18 51/59] net: stmmac: Fix RX packet size > 8191 Sasha Levin
2018-11-14 22:23 ` [PATCH AUTOSEL 4.18 52/59] net: smsc95xx: Fix MTU range Sasha Levin
2018-11-14 22:23 ` [AUTOSEL,4.18,52/59] " Sasha Levin
2018-11-14 22:23 ` [PATCH AUTOSEL 4.18 53/59] ext4: missing !bh check in ext4_xattr_inode_write() Sasha Levin
2018-11-14 22:23 ` [PATCH AUTOSEL 4.18 54/59] net: aquantia: fix potential IOMMU fault after driver unbind Sasha Levin
2018-11-14 22:23 ` [PATCH AUTOSEL 4.18 55/59] net: aquantia: fixed enable unicast on 32 macvlan Sasha Levin
2018-11-14 22:23 ` [PATCH AUTOSEL 4.18 56/59] net: aquantia: invalid checksumm offload implementation Sasha Levin
2018-11-14 22:23 ` [PATCH AUTOSEL 4.18 57/59] net: qualcomm: rmnet: Fix incorrect assignment of real_dev Sasha Levin
2018-11-14 22:23 ` [PATCH AUTOSEL 4.18 58/59] kbuild: deb-pkg: fix too low build version number Sasha Levin
2018-11-14 22:23 ` [PATCH AUTOSEL 4.18 59/59] net: dsa: mv88e6xxx: Fix clearing of stats counters Sasha Levin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20181114222335.99339-8-sashal@kernel.org \
--to=sashal@kernel.org \
--cc=linux-arch@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=linux-s390@vger.kernel.org \
--cc=schwidefsky@de.ibm.com \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.