From: Benjamin Herrenschmidt <benh@kernel.crashing.org>
To: Arseny Solokha <asolokha@kb.kras.ru>
Cc: Scott Wood <scottwood@freescale.com>,
Paul Mackerras <paulus@samba.org>,
linuxppc-dev@lists.ozlabs.org, linux-kernel@vger.kernel.org
Subject: Re: [PATCH] powerpc/mm: bail out early when flushing TLB page
Date: Sun, 01 Feb 2015 07:27:06 +1100 [thread overview]
Message-ID: <1422736026.6200.14.camel@kernel.crashing.org> (raw)
In-Reply-To: <1422619707-30864-1-git-send-email-asolokha@kb.kras.ru>
On Fri, 2015-01-30 at 19:08 +0700, Arseny Solokha wrote:
> MMU_NO_CONTEXT is conditionally defined as 0 or (unsigned int)-1. However,
> in __flush_tlb_page() a corresponding variable is only tested for open
> coded 0, which can cause NULL pointer dereference if `mm' argument was
> legitimately passed as such.
>
> Bail out early in case the first argument is NULL, thus eliminate confusion
> between different values of MMU_NO_CONTEXT and avoid disabling and then
> re-enabling preemption unnecessarily.
So the comment above isn't quite right... we don't *test* it for open
coded 0, we test it for MMU_NO_CONTEXT, however we *set* it to 0 for
NULL mm.
This is actually correct... on all except 8xx :-) 0 *is* the PID of the
kernel context, and NULL mm usually means kernel context.
However, it's correct that this function will not deal properly with a
NULL mm for other reasons. It must only be called for user contexts.
Instead of just returning, I would WARN_ON, because if it's ever called
for a kernel page, then it will not do what's expected and that will
need fixing. Just a silent return isn't right.
This is different from returning on MMU_NO_CONTEXT, in this case, we
know there's no active TLB entries for the process, and thus nothing to
flush.
Cheers,
Ben.
> Signed-off-by: Arseny Solokha <asolokha@kb.kras.ru>
> ---
> arch/powerpc/mm/tlb_nohash.c | 5 ++++-
> 1 file changed, 4 insertions(+), 1 deletion(-)
>
> diff --git a/arch/powerpc/mm/tlb_nohash.c b/arch/powerpc/mm/tlb_nohash.c
> index f38ea4d..ab0616b 100644
> --- a/arch/powerpc/mm/tlb_nohash.c
> +++ b/arch/powerpc/mm/tlb_nohash.c
> @@ -284,8 +284,11 @@ void __flush_tlb_page(struct mm_struct *mm, unsigned long vmaddr,
> struct cpumask *cpu_mask;
> unsigned int pid;
>
> + if (unlikely(!mm))
> + return;
> +
> preempt_disable();
> - pid = mm ? mm->context.id : 0
Here we test mm, if we pass NULL, that means the kernel mm which has PID
0, which is not MMU_NO_CONTEXT
> ;
> + pid = mm->context.id;
> if (unlikely(pid == MMU_NO_CONTEXT))
> goto bail;
> cpu_mask = mm_cpumask(mm);
next prev parent reply other threads:[~2015-01-31 20:27 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-01-30 12:08 [PATCH] powerpc/mm: bail out early when flushing TLB page Arseny Solokha
2015-01-30 21:53 ` Scott Wood
2015-01-31 4:18 ` Arseny Solokha
2015-01-31 20:27 ` Benjamin Herrenschmidt [this message]
2015-02-02 5:07 ` Arseny Solokha
2015-02-02 5:28 ` [PATCH] powerpc/mm: warn on flushing tlb page in kernel context Arseny Solokha
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1422736026.6200.14.camel@kernel.crashing.org \
--to=benh@kernel.crashing.org \
--cc=asolokha@kb.kras.ru \
--cc=linux-kernel@vger.kernel.org \
--cc=linuxppc-dev@lists.ozlabs.org \
--cc=paulus@samba.org \
--cc=scottwood@freescale.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).