From: Scott Wood <scottwood@freescale.com>
To: Arseny Solokha <asolokha@kb.kras.ru>
Cc: Paul Mackerras <paulus@samba.org>,
linuxppc-dev@lists.ozlabs.org, linux-kernel@vger.kernel.org
Subject: Re: [PATCH] powerpc/mm: bail out early when flushing TLB page
Date: Fri, 30 Jan 2015 15:53:01 -0600 [thread overview]
Message-ID: <1422654781.10544.173.camel@freescale.com> (raw)
In-Reply-To: <1422619707-30864-1-git-send-email-asolokha@kb.kras.ru>
On Fri, 2015-01-30 at 19:08 +0700, Arseny Solokha wrote:
> MMU_NO_CONTEXT is conditionally defined as 0 or (unsigned int)-1.
For nohash it is specifically -1.
> However, in __flush_tlb_page() a corresponding variable is only tested
> for open coded 0, which can cause NULL pointer dereference if `mm'
> argument was legitimately passed as such.
>
> Bail out early in case the first argument is NULL, thus eliminate confusion
> between different values of MMU_NO_CONTEXT and avoid disabling and then
> re-enabling preemption unnecessarily.
How did you notice this? Did you see an oops, or was it code
inspection? I'm wondering what codepath gets here with mm == NULL.
-Scott
WARNING: multiple messages have this Message-ID (diff)
From: Scott Wood <scottwood@freescale.com>
To: Arseny Solokha <asolokha@kb.kras.ru>
Cc: Benjamin Herrenschmidt <benh@kernel.crashing.org>,
Paul Mackerras <paulus@samba.org>,
Michael Ellerman <mpe@ellerman.id.au>,
<linuxppc-dev@lists.ozlabs.org>, <linux-kernel@vger.kernel.org>
Subject: Re: [PATCH] powerpc/mm: bail out early when flushing TLB page
Date: Fri, 30 Jan 2015 15:53:01 -0600 [thread overview]
Message-ID: <1422654781.10544.173.camel@freescale.com> (raw)
In-Reply-To: <1422619707-30864-1-git-send-email-asolokha@kb.kras.ru>
On Fri, 2015-01-30 at 19:08 +0700, Arseny Solokha wrote:
> MMU_NO_CONTEXT is conditionally defined as 0 or (unsigned int)-1.
For nohash it is specifically -1.
> However, in __flush_tlb_page() a corresponding variable is only tested
> for open coded 0, which can cause NULL pointer dereference if `mm'
> argument was legitimately passed as such.
>
> Bail out early in case the first argument is NULL, thus eliminate confusion
> between different values of MMU_NO_CONTEXT and avoid disabling and then
> re-enabling preemption unnecessarily.
How did you notice this? Did you see an oops, or was it code
inspection? I'm wondering what codepath gets here with mm == NULL.
-Scott
next prev parent reply other threads:[~2015-01-30 21:53 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-01-30 12:08 [PATCH] powerpc/mm: bail out early when flushing TLB page Arseny Solokha
2015-01-30 12:08 ` Arseny Solokha
2015-01-30 21:53 ` Scott Wood [this message]
2015-01-30 21:53 ` Scott Wood
2015-01-31 4:18 ` Arseny Solokha
2015-01-31 4:18 ` Arseny Solokha
2015-01-31 20:27 ` Benjamin Herrenschmidt
2015-01-31 20:27 ` Benjamin Herrenschmidt
2015-02-02 5:07 ` Arseny Solokha
2015-02-02 5:07 ` Arseny Solokha
2015-02-02 5:28 ` [PATCH] powerpc/mm: warn on flushing tlb page in kernel context Arseny Solokha
2015-02-02 5:28 ` Arseny Solokha
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1422654781.10544.173.camel@freescale.com \
--to=scottwood@freescale.com \
--cc=asolokha@kb.kras.ru \
--cc=linux-kernel@vger.kernel.org \
--cc=linuxppc-dev@lists.ozlabs.org \
--cc=paulus@samba.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.