From: will.deacon@arm.com (Will Deacon)
To: linux-arm-kernel@lists.infradead.org
Subject: [PATCH 0/2] Fixes for SW PAN
Date: Wed, 6 Dec 2017 17:56:42 +0000 [thread overview]
Message-ID: <20171206175641.GA26554@arm.com> (raw)
In-Reply-To: <5ee0b1f1-c7fc-af92-2b34-4555e59d7a20@codeaurora.org>
On Wed, Dec 06, 2017 at 11:01:46PM +0530, Vinayak Menon wrote:
> On 12/6/2017 4:46 PM, Will Deacon wrote:
> > Hi all,
> >
> > After lots of collective head scratching in response to Vinayak's mail
> > here:
> >
> > http://lists.infradead.org/pipermail/linux-arm-kernel/2017-December/545641.html
> >
> > It turns out that we have a problem with SW PAN and kernel threads, where
> > the saved ttbr0 value for a kernel thread can be stale and subsequently
> > inherited by other kernel threads over a fork.
> >
> > These two patches attempt to fix that. We've not be able to reproduce
> > the exact failure reported above, but I added some assertions to the
> > uaccess routines to check for discrepancies between the active_mm pgd
> > and the saved ttbr0 value (ignoring the zero page) and these no longer
> > fire with these changes, but do fire without them if EFI runtime services
> > are enabled on my Seattle board.
>
> Thanks Will. So these 2 patches fix the case of kthreads having a stale saved ttbr0. The callstack I had shared
> in the original issue description was not of a kthread (its user task with PF_KTHREAD not set. The tsk->mm was
> set to NULL by exit_mm I think). So do you think this could be a different problem ?
> I had a look at the dumps again and what I see is that, the PA part of the saved ttbr0
> (from thread_info) is not the same as the pa(tsk->active_mm->pgd). The PA derived from saved ttbr0 actually
> points to a page which is "now" owned by slab.
Having not been able to reproduce the failure you described, I can't give
you a good answer to this. How much information do you have about the task
that crashes?
Will
next prev parent reply other threads:[~2017-12-06 17:56 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-12-06 11:16 [PATCH 0/2] Fixes for SW PAN Will Deacon
2017-12-06 11:16 ` [PATCH 1/2] arm64: SW PAN: Point saved ttbr0 at the zero page when switching to init_mm Will Deacon
2017-12-06 12:09 ` Mark Rutland
2017-12-06 12:15 ` Catalin Marinas
2017-12-06 11:16 ` [PATCH 2/2] arm64: SW PAN: Update saved ttbr0 value on enter_lazy_tlb Will Deacon
2017-12-06 12:10 ` Mark Rutland
2017-12-06 12:17 ` Catalin Marinas
2017-12-06 12:19 ` [PATCH 0/2] Fixes for SW PAN Mark Rutland
2017-12-06 13:37 ` Will Deacon
2017-12-06 17:31 ` Vinayak Menon
2017-12-06 17:56 ` Will Deacon [this message]
2017-12-06 18:01 ` Catalin Marinas
2017-12-06 18:07 ` Will Deacon
2017-12-06 18:18 ` Catalin Marinas
2017-12-06 18:26 ` Will Deacon
2017-12-07 8:55 ` Vinayak Menon
2017-12-12 3:30 ` Vinayak Menon
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20171206175641.GA26554@arm.com \
--to=will.deacon@arm.com \
--cc=linux-arm-kernel@lists.infradead.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).