On Thu, Feb 23, 2017 at 04:25:26PM +0000, Ard Biesheuvel wrote: > On 23 February 2017 at 16:22, Mark Rutland <mark.rutland@xxxxxxx> wrote: > > This reverts commit 0bfc445dec9dd8130d22c9f4476eed7598524129. > > > > When we change the permissions of regions mapped using contiguous > > entries, the architecture requires us to follow a Break-Before-Make > > strategy, breaking *all* associated entries before we can change any of > > the following properties from the entries: > > > > - presence of the contiguous bit > > - output address > > - attributes > > - permissiones > > > > Failure to do so can result in a number of problems (e.g. TLB conflict > > aborts and/or erroneous results from TLB lookups). > > > > See ARM DDI 0487A.k_iss10775, "Misprogramming of the Contiguous bit", > > page D4-1762. > > > > We do not take this into account when altering the permissions of kernel > > segments in mark_rodata_ro(), where we change the permissions of live > > contiguous entires one-by-one, leaving them transiently inconsistent. > > This has been observed to result in failures on some fast model > > configurations. > > > > Unfortunately, we cannot follow Break-Before-Make here as we'd have to > > unmap kernel text and data used to perform the sequence. > > > > For the timebeing, revert commit 0bfc445dec9dd813 so as to avoid issues > > resulting from this misuse of the contiguous bit. > > > > Signed-off-by: Mark Rutland <mark.rutland@xxxxxxx> > > Reported-by: Jean-Philippe Brucker <jean-philippe.brucker@xxxxxxx> > > Cc: Ard Biesheuvel <ard.biesheuvel@xxxxxxxxxx> > > Cc: Catalin Marinas <catalin.marinas@xxxxxxx> > > Cc: Will Deacon <Will.Deacon@xxxxxxx> > > Cc: stable@xxxxxxxxxxxxxxx # v4.10 > > Acked-by: Ard Biesheuvel <ard.biesheuvel@xxxxxxxxxx> Cheers. > > --- > > arch/arm64/mm/mmu.c | 34 ++++------------------------------ > > 1 file changed, 4 insertions(+), 30 deletions(-) > > > > I'm aware that our hugtlbpage code has a similar issue. I'm looking into that > > now, and will address that with separate patches. It should be possible to use > > BBM there as it's a userspace mapping. > > Are you looking into this issue as well? I'm looking into it now. Thanks, Mark.