From: Nicholas Piggin <npiggin@gmail.com>
To: Andrew Morton <akpm@linux-foundation.org>
Cc: Nicholas Piggin <npiggin@gmail.com>,
linuxppc-dev@lists.ozlabs.org, linux-mm@kvack.org,
Sachin Sant <sachinp@linux.ibm.com>
Subject: [PATCH] lazy tlb: consolidate lazy tlb mm switching fix
Date: Wed, 7 Jun 2023 10:56:22 +1000 [thread overview]
Message-ID: <20230607005622.583318-1-npiggin@gmail.com> (raw)
Fix an upstream powerpc bug that was discovered with a WARN_ON added in
"lazy tlb: consolidate lazy tlb mm switching":
Switching mm and tinkering with current->active_mm should be done with
irqs disabled. There is a path where exit_lazy_flush_tlb can be called
with irqs enabled:
exit_lazy_flush_tlb
flush_type_needed
__flush_all_mm
tlb_finish_mmu
exit_mmap
Which results in the switching being incorrectly with irqs enabled.
Link: https://lore.kernel.org/linuxppc-dev/87a5xcgopc.fsf@mail.lhotse/T/#m105488939d0cd9f980978ed2fdeeb89bf731e673
Fixes: a665eec0a22e1 ("powerpc/64s/radix: Fix mm_cpumask trimming race vs k>
I will send that fix upstream, which will end up conflicting with these.
The resolution will be to take akpm's side of the merge (with this patch).
Or drop the patch when it conflicts and I'll resend it rebased on the fix.
Signed-off-by: Nicholas Piggin <npiggin@gmail.com>
---
arch/powerpc/mm/book3s64/radix_tlb.c | 10 +++++++++-
1 file changed, 9 insertions(+), 1 deletion(-)
diff --git a/arch/powerpc/mm/book3s64/radix_tlb.c b/arch/powerpc/mm/book3s64/radix_tlb.c
index 90953cf9f648..8d71fe8f5cdb 100644
--- a/arch/powerpc/mm/book3s64/radix_tlb.c
+++ b/arch/powerpc/mm/book3s64/radix_tlb.c
@@ -795,8 +795,16 @@ void exit_lazy_flush_tlb(struct mm_struct *mm, bool always_flush)
goto out;
if (current->active_mm == mm) {
- /* Is a kernel thread and is using mm as the lazy tlb */
+ unsigned long flags;
+
+ /*
+ * It is a kernel thread and is using mm as the lazy tlb, so
+ * switch it to init_mm. This is not always called from IPI
+ * (e.g., flush_type_needed), so must disable irqs.
+ */
+ local_irq_save(flags);
kthread_end_lazy_tlb_mm();
+ local_irq_restore(flags);
}
/*
--
2.40.1
WARNING: multiple messages have this Message-ID (diff)
From: Nicholas Piggin <npiggin@gmail.com>
To: Andrew Morton <akpm@linux-foundation.org>
Cc: linux-mm@kvack.org, linuxppc-dev@lists.ozlabs.org,
Sachin Sant <sachinp@linux.ibm.com>,
Nicholas Piggin <npiggin@gmail.com>
Subject: [PATCH] lazy tlb: consolidate lazy tlb mm switching fix
Date: Wed, 7 Jun 2023 10:56:22 +1000 [thread overview]
Message-ID: <20230607005622.583318-1-npiggin@gmail.com> (raw)
Fix an upstream powerpc bug that was discovered with a WARN_ON added in
"lazy tlb: consolidate lazy tlb mm switching":
Switching mm and tinkering with current->active_mm should be done with
irqs disabled. There is a path where exit_lazy_flush_tlb can be called
with irqs enabled:
exit_lazy_flush_tlb
flush_type_needed
__flush_all_mm
tlb_finish_mmu
exit_mmap
Which results in the switching being incorrectly with irqs enabled.
Link: https://lore.kernel.org/linuxppc-dev/87a5xcgopc.fsf@mail.lhotse/T/#m105488939d0cd9f980978ed2fdeeb89bf731e673
Fixes: a665eec0a22e1 ("powerpc/64s/radix: Fix mm_cpumask trimming race vs k>
I will send that fix upstream, which will end up conflicting with these.
The resolution will be to take akpm's side of the merge (with this patch).
Or drop the patch when it conflicts and I'll resend it rebased on the fix.
Signed-off-by: Nicholas Piggin <npiggin@gmail.com>
---
arch/powerpc/mm/book3s64/radix_tlb.c | 10 +++++++++-
1 file changed, 9 insertions(+), 1 deletion(-)
diff --git a/arch/powerpc/mm/book3s64/radix_tlb.c b/arch/powerpc/mm/book3s64/radix_tlb.c
index 90953cf9f648..8d71fe8f5cdb 100644
--- a/arch/powerpc/mm/book3s64/radix_tlb.c
+++ b/arch/powerpc/mm/book3s64/radix_tlb.c
@@ -795,8 +795,16 @@ void exit_lazy_flush_tlb(struct mm_struct *mm, bool always_flush)
goto out;
if (current->active_mm == mm) {
- /* Is a kernel thread and is using mm as the lazy tlb */
+ unsigned long flags;
+
+ /*
+ * It is a kernel thread and is using mm as the lazy tlb, so
+ * switch it to init_mm. This is not always called from IPI
+ * (e.g., flush_type_needed), so must disable irqs.
+ */
+ local_irq_save(flags);
kthread_end_lazy_tlb_mm();
+ local_irq_restore(flags);
}
/*
--
2.40.1
next reply other threads:[~2023-06-07 0:56 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-06-07 0:56 Nicholas Piggin [this message]
2023-06-07 0:56 ` [PATCH] lazy tlb: consolidate lazy tlb mm switching fix Nicholas Piggin
2023-10-13 13:12 ` Christophe Leroy
2023-10-13 13:12 ` Christophe Leroy
2023-11-15 3:25 ` Nicholas Piggin
2023-11-15 3:25 ` Nicholas Piggin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20230607005622.583318-1-npiggin@gmail.com \
--to=npiggin@gmail.com \
--cc=akpm@linux-foundation.org \
--cc=linux-mm@kvack.org \
--cc=linuxppc-dev@lists.ozlabs.org \
--cc=sachinp@linux.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.