[PATCH 0/2] s390/mm: stable backports for fix CMMA vs KSM vs others

[PATCH 0/2] s390/mm: stable backports for fix CMMA vs KSM vs others

[Christian Borntraeger]

Greg, stable team,

here are the backports for 4.4,4.9 and 4.10 of 
upstream commit id: a8f60d1fadf7b8b54449fcc9d6b15248917478ba

The patch for 4.9 and 4.10 is identical.
The patch for 4.4 also fits for 4.1

[PATCH 1/2] s390/mm: fix CMMA vs KSM vs others backport for 4.4

[Christian Borntraeger]

On heavy paging with KSM I see guest data corruption. Turns out that
KSM will add pages to its tree, where the mapping return true for
pte_unused (or might become as such later).  KSM will unmap such pages
and reinstantiate with different attributes (e.g. write protected or
special, e.g. in replace_page or write_protect_page)). This uncovered
a bug in our pagetable handling: We must remove the unused flag as
soon as an entry becomes present again.

upstream commit id: a8f60d1fadf7b8b54449fcc9d6b15248917478ba
Cc: stable@vger.kernel.org
Signed-of-by: Christian Borntraeger <borntraeger@de.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
(cherry picked from commit a8f60d1fadf7b8b54449fcc9d6b15248917478ba)
Signed-of-by: Christian Borntraeger <borntraeger@de.ibm.com>
[backport for 4.4]
---
 arch/s390/include/asm/pgtable.h | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/arch/s390/include/asm/pgtable.h b/arch/s390/include/asm/pgtable.h
index 024f85f..e2c0e4e 100644
--- a/arch/s390/include/asm/pgtable.h
+++ b/arch/s390/include/asm/pgtable.h
@@ -829,6 +829,8 @@ static inline void set_pte_at(struct mm_struct *mm, unsigned long addr,
 {
 	pgste_t pgste;
 
+	if (pte_present(entry))
+		pte_val(entry) &= ~_PAGE_UNUSED;
 	if (mm_has_pgste(mm)) {
 		pgste = pgste_get_lock(ptep);
 		pgste_val(pgste) &= ~_PGSTE_GPS_ZERO;
-- 
2.7.4

[PATCH 2/2] s390/mm: fix CMMA vs KSM vs others backport for 4.9/4.10

[Christian Borntraeger]

On heavy paging with KSM I see guest data corruption. Turns out that
KSM will add pages to its tree, where the mapping return true for
pte_unused (or might become as such later).  KSM will unmap such pages
and reinstantiate with different attributes (e.g. write protected or
special, e.g. in replace_page or write_protect_page)). This uncovered
a bug in our pagetable handling: We must remove the unused flag as
soon as an entry becomes present again.

upstream commit id: a8f60d1fadf7b8b54449fcc9d6b15248917478ba
Cc: stable@vger.kernel.org
Signed-of-by: Christian Borntraeger <borntraeger@de.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
(cherry picked from commit a8f60d1fadf7b8b54449fcc9d6b15248917478ba)
Signed-of-by: Christian Borntraeger <borntraeger@de.ibm.com>
[backport for 4.9 and 4.10]
---
 arch/s390/include/asm/pgtable.h | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/arch/s390/include/asm/pgtable.h b/arch/s390/include/asm/pgtable.h
index 0362cd5..0cea702 100644
--- a/arch/s390/include/asm/pgtable.h
+++ b/arch/s390/include/asm/pgtable.h
@@ -1029,6 +1029,8 @@ int get_guest_storage_key(struct mm_struct *mm, unsigned long addr,
 static inline void set_pte_at(struct mm_struct *mm, unsigned long addr,
 			      pte_t *ptep, pte_t entry)
 {
+	if (pte_present(entry))
+		pte_val(entry) &= ~_PAGE_UNUSED;
 	if (mm_has_pgste(mm))
 		ptep_set_pte_at(mm, addr, ptep, entry);
 	else
-- 
2.7.4

Re: [PATCH 0/2] s390/mm: stable backports for fix CMMA vs KSM vs others

[Greg KH]

On Fri, Apr 21, 2017 at 11:06:51AM +0200, Christian Borntraeger wrote:
> Greg, stable team,
> 
> here are the backports for 4.4,4.9 and 4.10 of 
> upstream commit id: a8f60d1fadf7b8b54449fcc9d6b15248917478ba
> 
> The patch for 4.9 and 4.10 is identical.
> The patch for 4.4 also fits for 4.1

Does this need to go farther back than 4.1?  Specifically 3.18 and/or
3.16?

thanks,

greg k-h

Re: [PATCH 0/2] s390/mm: stable backports for fix CMMA vs KSM vs others

[Christian Borntraeger]

On 04/21/2017 11:14 AM, Greg KH wrote:
> On Fri, Apr 21, 2017 at 11:06:51AM +0200, Christian Borntraeger wrote:
>> Greg, stable team,
>>
>> here are the backports for 4.4,4.9 and 4.10 of 
>> upstream commit id: a8f60d1fadf7b8b54449fcc9d6b15248917478ba
>>
>> The patch for 4.9 and 4.10 is identical.
>> The patch for 4.4 also fits for 4.1
> 
> Does this need to go farther back than 4.1?  Specifically 3.18 and/or
> 3.16?

The original problem (unused bit not deleted on set_pte_at for present
ptes) was introduced with 3.15 with

commit b31288fa83b2bcc8834e1e208e9526b8bd5ce361
    s390/kvm: support collaborative memory management

Looks like the 4.4 patch also fits on top of 3.16 it compiles and boots
but I have not done any bigger testing.

Re: [PATCH 0/2] s390/mm: stable backports for fix CMMA vs KSM vs others

[Greg KH]

On Fri, Apr 21, 2017 at 11:20:43AM +0200, Christian Borntraeger wrote:
> On 04/21/2017 11:14 AM, Greg KH wrote:
> > On Fri, Apr 21, 2017 at 11:06:51AM +0200, Christian Borntraeger wrote:
> >> Greg, stable team,
> >>
> >> here are the backports for 4.4,4.9 and 4.10 of 
> >> upstream commit id: a8f60d1fadf7b8b54449fcc9d6b15248917478ba
> >>
> >> The patch for 4.9 and 4.10 is identical.
> >> The patch for 4.4 also fits for 4.1
> > 
> > Does this need to go farther back than 4.1?  Specifically 3.18 and/or
> > 3.16?
> 
> The original problem (unused bit not deleted on set_pte_at for present
> ptes) was introduced with 3.15 with
> 
> commit b31288fa83b2bcc8834e1e208e9526b8bd5ce361
>     s390/kvm: support collaborative memory management
> 
> Looks like the 4.4 patch also fits on top of 3.16 it compiles and boots
> but I have not done any bigger testing.

Ok, thanks for the info, and the patches, queued up now.

greg k-h

Re: [PATCH 0/2] s390/mm: stable backports for fix CMMA vs KSM vs others

[Christian Borntraeger]

On 04/21/2017 11:41 AM, Greg KH wrote:
> On Fri, Apr 21, 2017 at 11:20:43AM +0200, Christian Borntraeger wrote:
>> On 04/21/2017 11:14 AM, Greg KH wrote:
>>> On Fri, Apr 21, 2017 at 11:06:51AM +0200, Christian Borntraeger wrote:
>>>> Greg, stable team,
>>>>
>>>> here are the backports for 4.4,4.9 and 4.10 of 
>>>> upstream commit id: a8f60d1fadf7b8b54449fcc9d6b15248917478ba
>>>>
>>>> The patch for 4.9 and 4.10 is identical.
>>>> The patch for 4.4 also fits for 4.1
>>>
>>> Does this need to go farther back than 4.1?  Specifically 3.18 and/or
>>> 3.16?
>>
>> The original problem (unused bit not deleted on set_pte_at for present
>> ptes) was introduced with 3.15 with
>>
>> commit b31288fa83b2bcc8834e1e208e9526b8bd5ce361
>>     s390/kvm: support collaborative memory management
>>
>> Looks like the 4.4 patch also fits on top of 3.16 it compiles and boots
>> but I have not done any bigger testing.
> 
> Ok, thanks for the info, and the patches, queued up now.
> 
> greg k-h

I gave 3.16.43 + the 4.4 patch a spin.
The problem seems to be fixed as far as I can tell, so the 4.4 patch should
be fine for 3.16 and 3.18 as well.