On Fri, 2025-01-03 at 19:40 +0100, Jann Horn wrote:
> On Mon, Dec 30, 2024 at 6:53 PM Rik van Riel <riel@xxxxxxxxxxx>
> wrote:
> >
> > +++ b/arch/x86/include/asm/invlpgb.h
> > @@ -51,7 +51,7 @@ static inline void invlpgb_flush_user(unsigned
> > long pcid,
> > static inline void invlpgb_flush_user_nr(unsigned long pcid,
> > unsigned long addr,
> > int nr, bool pmd_stride)
> > {
> > - __invlpgb(0, pcid, addr, nr - 1, pmd_stride, INVLPGB_PCID |
> > INVLPGB_VA);
> > + __invlpgb(0, pcid, addr, nr - 1, pmd_stride, INVLPGB_PCID |
> > INVLPGB_VA | INVLPGB_FINAL_ONLY);
> > }
>
> Please note this final-only behavior in a comment above the function
> and/or rename the function to make this clear.
>
> I think this currently interacts badly with pmdp_collapse_flush(),
> which is used by retract_page_tables(). pmdp_collapse_flush() removes
I've added a freed_tables argument to invlpgb_flush_user_nr_nosync
> a PMD entry pointing to a page table with pmdp_huge_get_and_clear(),
> then calls flush_tlb_range(), which on x86 calls flush_tlb_mm_range()
> with the "freed_tables" parameter set to false. But that's really a
> preexisting bug, not something introduced by your series. I've sent a
> patch for that, see
> <
> https://lore.kernel.org/r/20250103-x86-collapse-flush-fix-v1-1-3c521856cfa6@xxxxxxxxxx
> >.
>
With your change, I believe the next version of my patch
series should handle this case correctly, too.
--
All Rights Reversed.
