On Wed, 31 Oct 2018 07:46:47 +0100
Martin Schwidefsky <schwidefsky@xxxxxxxxxx> wrote:
> On Wed, 31 Oct 2018 14:43:38 +0800
> Li Wang <liwang@xxxxxxxxxx> wrote:
>
> > On Wed, Oct 31, 2018 at 2:31 PM, Martin Schwidefsky <schwidefsky@xxxxxxxxxx>
> > wrote:
> >
> > > BUG: non-zero pgtables_bytes on freeing mm: -16384
> > >
> >
> > Okay, the problem is still triggered by LTP/cve-2017-17052.c?
>
> No, unfortunately we do not have a simple testcase to trigger this new bug.
> It happened once with one of our test kernels, the path that leads to this
> is completely unclear.
Ok, got it. There is a mm_inc_nr_puds(mm) missing in the s390 code:
diff --git a/arch/s390/mm/pgalloc.c b/arch/s390/mm/pgalloc.c
index 76d89ee8b428..814f26520aa2 100644
--- a/arch/s390/mm/pgalloc.c
+++ b/arch/s390/mm/pgalloc.c
@@ -101,6 +101,7 @@ int crst_table_upgrade(struct mm_struct *mm, unsigned long end)
mm->context.asce_limit = _REGION1_SIZE;
mm->context.asce = __pa(mm->pgd) | _ASCE_TABLE_LENGTH |
_ASCE_USER_BITS | _ASCE_TYPE_REGION2;
+ mm_inc_nr_puds(mm);
} else {
crst_table_init(table, _REGION1_ENTRY_EMPTY);
pgd_populate(mm, (pgd_t *) table, (p4d_t *) pgd);
One of our test-cases did an upgrade of a 3-level page table.
I'll update the patch and send a v3.
--
blue skies,
Martin.
"Reality continues to ruin my life." - Calvin.
