From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id DE2B626286; Wed, 1 May 2024 10:04:49 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1714557889; cv=none; b=aYr5fJ7JvuYc2H0MeWBK33x1aBl7BXFe+Ozf5cqW6D5KXek4qdZCWvvAd4e8IahSpq+RtpmsojO1JdWMZ3aWhRfA7qBYr2Gy4kQMnp+mAqdpW45ls5QQIxds6+weakLXumKliNi8gY/RhJXUJ6FhoIvkb9VHtdFKRCku/Gu/GoY= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1714557889; c=relaxed/simple; bh=6acgbOkRAMHlRghsM7KyV6HLqiinUNzYGGeLgespLvY=; h=Date:From:To:Cc:Subject:Message-ID:References:MIME-Version: Content-Type:Content-Disposition:In-Reply-To; b=p0umhST4EeRZv+LsXE2fsZFQt8e8YtZySkDQ2qQnDNS9FHIv75Usgf2FgyZg4GaK3DQowa2LQtEsza0cfbnoEVgyxla8xStN4AHVCwAmP8LL4nPgPwoJZhlEku2W9IhRkUrqYELTPLWB55oYn8fpkfQ/9tC+Nu4E3JwLFF79yrU= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 Received: by smtp.kernel.org (Postfix) with ESMTPSA id 3DA12C113CC; Wed, 1 May 2024 10:04:47 +0000 (UTC) Date: Wed, 1 May 2024 11:04:44 +0100 From: Catalin Marinas To: Ryan Roberts Cc: Will Deacon , Mark Rutland , Anshuman Khandual , Andrew Morton , Zi Yan , "Aneesh Kumar K.V" , linux-arm-kernel@lists.infradead.org, linux-mm@kvack.org, linux-kernel@vger.kernel.org, stable@vger.kernel.org Subject: Re: [PATCH v2] arm64/mm: pmd_mkinvalid() must handle swap pmds Message-ID: References: <20240430133138.732088-1-ryan.roberts@arm.com> <171449974870.639201.3165060270571039049.b4-ty@arm.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: On Wed, May 01, 2024 at 09:05:17AM +0100, Ryan Roberts wrote: > On 30/04/2024 18:57, Catalin Marinas wrote: > > On Tue, 30 Apr 2024 14:31:38 +0100, Ryan Roberts wrote: > >> __split_huge_pmd_locked() can be called for a present THP, devmap or > >> (non-present) migration entry. It calls pmdp_invalidate() > >> unconditionally on the pmdp and only determines if it is present or not > >> based on the returned old pmd. > >> > >> But arm64's pmd_mkinvalid(), called by pmdp_invalidate(), > >> unconditionally sets the PMD_PRESENT_INVALID flag, which causes future > >> pmd_present() calls to return true - even for a swap pmd. Therefore any > >> lockless pgtable walker could see the migration entry pmd in this state > >> and start interpretting the fields (e.g. pmd_pfn()) as if it were > >> present, leading to BadThings (TM). GUP-fast appears to be one such > >> lockless pgtable walker. > >> > >> [...] > > > > Applied to arm64 (for-next/fixes), thanks! It should land in 6.9-rc7. I > > removed the debug/test code, please send it as a separate patch for > > 6.10. > > Thanks Catalin! I'm guessing this will turn up in today's linux-next, so if I > send the tests today and Andrew puts them straight in mm-unstable (which will > goto linux-next) there is no risk that the tests are there without the fix? Or > do I need to hold off until the fix is in v6.9-rc7? It looks like we don't push for-next/fixes to linux-next, it's short-lived usually, it ends up upstream quickly. I can send the pull request later today, should turn up in mainline by tomorrow. You can add a note to your patch for Andrew that it will fail on arm64 until the fix ends up upstream. It's a matter of a couple of days anyway. -- Catalin