Patch "hugetlb: clear huge pte during flush function on mips platform" has been added to the 5.4-stable tree

Sasha Levin <sashal@xxxxxxxxxx> · Wed, 14 Jul 2021 16:15:53 -0400

This is a note to let you know that I've just added the patch titled

    hugetlb: clear huge pte during flush function on mips platform

to the 5.4-stable tree which can be found at:
    http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary

The filename of the patch is:
     hugetlb-clear-huge-pte-during-flush-function-on-mips.patch
and it can be found in the queue-5.4 subdirectory.

If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.



commit 81bb3fb8c7686a99f0add4e9e183d86530968db8
Author: Bibo Mao <maobibo@xxxxxxxxxxx>
Date:   Mon Jun 29 21:15:32 2020 +0800

    hugetlb: clear huge pte during flush function on mips platform
    
    [ Upstream commit 33ae8f801ad8bec48e886d368739feb2816478f2 ]
    
    If multiple threads are accessing the same huge page at the same
    time, hugetlb_cow will be called if one thread write the COW huge
    page. And function huge_ptep_clear_flush is called to notify other
    threads to clear the huge pte tlb entry. The other threads clear
    the huge pte tlb entry and reload it from page table, the reload
    huge pte entry may be old.
    
    This patch fixes this issue on mips platform, and it clears huge
    pte entry before notifying other threads to flush current huge
    page entry, it is similar with other architectures.
    
    Signed-off-by: Bibo Mao <maobibo@xxxxxxxxxxx>
    Signed-off-by: Thomas Bogendoerfer <tsbogend@xxxxxxxxxxxxxxxx>
    Signed-off-by: Sasha Levin <sashal@xxxxxxxxxx>

diff --git a/arch/mips/include/asm/hugetlb.h b/arch/mips/include/asm/hugetlb.h
index 425bb6fc3bda..bf1bf8c7c332 100644
--- a/arch/mips/include/asm/hugetlb.h
+++ b/arch/mips/include/asm/hugetlb.h
@@ -53,7 +53,13 @@ static inline pte_t huge_ptep_get_and_clear(struct mm_struct *mm,
 static inline void huge_ptep_clear_flush(struct vm_area_struct *vma,
 					 unsigned long addr, pte_t *ptep)
 {
-	flush_tlb_page(vma, addr & huge_page_mask(hstate_vma(vma)));
+	/*
+	 * clear the huge pte entry firstly, so that the other smp threads will
+	 * not get old pte entry after finishing flush_tlb_page and before
+	 * setting new huge pte entry
+	 */
+	huge_ptep_get_and_clear(vma->vm_mm, addr, ptep);
+	flush_tlb_page(vma, addr);
 }
 
 #define __HAVE_ARCH_HUGE_PTE_NONE






