Patch "sparc64: Guard against flushing openfirmware mappings." has been added to the 3.4-stable tree

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

This is a note to let you know that I've just added the patch titled

    sparc64: Guard against flushing openfirmware mappings.

to the 3.4-stable tree which can be found at:
    http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary

The filename of the patch is:
     sparc64-guard-against-flushing-openfirmware-mappings.patch
and it can be found in the queue-3.4 subdirectory.

If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.


>From foo@baz Thu Aug  7 22:33:35 PDT 2014
From: "David S. Miller" <davem@xxxxxxxxxxxxx>
Date: Mon, 4 Aug 2014 20:07:37 -0700
Subject: sparc64: Guard against flushing openfirmware mappings.

From: "David S. Miller" <davem@xxxxxxxxxxxxx>

[ Upstream commit 4ca9a23765da3260058db3431faf5b4efd8cf926 ]

Based almost entirely upon a patch by Christopher Alexander Tobias
Schulze.

In commit db64fe02258f1507e13fe5212a989922323685ce ("mm: rewrite vmap
layer") lazy VMAP tlb flushing was added to the vmalloc layer.  This
causes problems on sparc64.

Sparc64 has two VMAP mapped regions and they are not contiguous with
eachother.  First we have the malloc mapping area, then another
unrelated region, then the vmalloc region.

This "another unrelated region" is where the firmware is mapped.

If the lazy TLB flushing logic in the vmalloc code triggers after
we've had both a module unload and a vfree or similar, it will pass an
address range that goes from somewhere inside the malloc region to
somewhere inside the vmalloc region, and thus covering the
openfirmware area entirely.

The sparc64 kernel learns about openfirmware's dynamic mappings in
this region early in the boot, and then services TLB misses in this
area.  But openfirmware has some locked TLB entries which are not
mentioned in those dynamic mappings and we should thus not disturb
them.

These huge lazy TLB flush ranges causes those openfirmware locked TLB
entries to be removed, resulting in all kinds of problems including
hard hangs and crashes during reboot/reset.

Besides causing problems like this, such huge TLB flush ranges are
also incredibly inefficient.  A plea has been made with the author of
the VMAP lazy TLB flushing code, but for now we'll put a safety guard
into our flush_tlb_kernel_range() implementation.

Since the implementation has become non-trivial, stop defining it as a
macro and instead make it a function in a C source file.

Signed-off-by: David S. Miller <davem@xxxxxxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
---
 arch/sparc/include/asm/tlbflush_64.h |   12 ++----------
 arch/sparc/mm/init_64.c              |   23 +++++++++++++++++++++++
 2 files changed, 25 insertions(+), 10 deletions(-)

--- a/arch/sparc/include/asm/tlbflush_64.h
+++ b/arch/sparc/include/asm/tlbflush_64.h
@@ -35,6 +35,8 @@ static inline void flush_tlb_range(struc
 {
 }
 
+void flush_tlb_kernel_range(unsigned long start, unsigned long end);
+
 #define __HAVE_ARCH_ENTER_LAZY_MMU_MODE
 
 extern void flush_tlb_pending(void);
@@ -49,11 +51,6 @@ extern void __flush_tlb_kernel_range(uns
 
 #ifndef CONFIG_SMP
 
-#define flush_tlb_kernel_range(start,end) \
-do {	flush_tsb_kernel_range(start,end); \
-	__flush_tlb_kernel_range(start,end); \
-} while (0)
-
 static inline void global_flush_tlb_page(struct mm_struct *mm, unsigned long vaddr)
 {
 	__flush_tlb_page(CTX_HWBITS(mm->context), vaddr);
@@ -64,11 +61,6 @@ static inline void global_flush_tlb_page
 extern void smp_flush_tlb_kernel_range(unsigned long start, unsigned long end);
 extern void smp_flush_tlb_page(struct mm_struct *mm, unsigned long vaddr);
 
-#define flush_tlb_kernel_range(start, end) \
-do {	flush_tsb_kernel_range(start,end); \
-	smp_flush_tlb_kernel_range(start, end); \
-} while (0)
-
 #define global_flush_tlb_page(mm, vaddr) \
 	smp_flush_tlb_page(mm, vaddr)
 
--- a/arch/sparc/mm/init_64.c
+++ b/arch/sparc/mm/init_64.c
@@ -2421,3 +2421,26 @@ void __flush_tlb_all(void)
 	__asm__ __volatile__("wrpr	%0, 0, %%pstate"
 			     : : "r" (pstate));
 }
+
+#ifdef CONFIG_SMP
+#define do_flush_tlb_kernel_range	smp_flush_tlb_kernel_range
+#else
+#define do_flush_tlb_kernel_range	__flush_tlb_kernel_range
+#endif
+
+void flush_tlb_kernel_range(unsigned long start, unsigned long end)
+{
+	if (start < HI_OBP_ADDRESS && end > LOW_OBP_ADDRESS) {
+		if (start < LOW_OBP_ADDRESS) {
+			flush_tsb_kernel_range(start, LOW_OBP_ADDRESS);
+			do_flush_tlb_kernel_range(start, LOW_OBP_ADDRESS);
+		}
+		if (end > HI_OBP_ADDRESS) {
+			flush_tsb_kernel_range(end, HI_OBP_ADDRESS);
+			do_flush_tlb_kernel_range(end, HI_OBP_ADDRESS);
+		}
+	} else {
+		flush_tsb_kernel_range(start, end);
+		do_flush_tlb_kernel_range(start, end);
+	}
+}


Patches currently in stable-queue which might be from davem@xxxxxxxxxxxxx are

queue-3.4/sparc64-add-membar-to-niagara2-memcpy-code.patch
queue-3.4/ip-make-ip-identifiers-less-predictable.patch
queue-3.4/sunsab-fix-detection-of-break-on-sunsab-serial-console.patch
queue-3.4/tcp-fix-integer-overflow-in-tcp-vegas.patch
queue-3.4/tcp-fix-integer-overflows-in-tcp-veno.patch
queue-3.4/sparc64-fix-huge-tsb-mapping-on-pre-ultrasparc-iii-cpus.patch
queue-3.4/sparc64-handle-32-bit-tasks-properly-in-compute_effective_address.patch
queue-3.4/macvlan-initialize-vlan_features-to-turn-on-offload-support.patch
queue-3.4/inetpeer-get-rid-of-ip_id_count.patch
queue-3.4/arch-sparc-math-emu-math_32.c-drop-stray-break-operator.patch
queue-3.4/sparc64-do-not-insert-non-valid-ptes-into-the-tsb-hash-table.patch
queue-3.4/sparc64-fix-argument-sign-extension-for-compat_sys_futex.patch
queue-3.4/bbc-i2c-fix-bbc-i2c-envctrl-on-sunblade-2000.patch
queue-3.4/sparc64-guard-against-flushing-openfirmware-mappings.patch
queue-3.4/sparc64-ldc_connect-should-not-return-einval-when-handshake-is-in-progress.patch
queue-3.4/sparc64-fix-top-level-fault-handling-bugs.patch
queue-3.4/sparc64-don-t-bark-so-loudly-about-32-bit-tasks-generating-64-bit-fault-addresses.patch
queue-3.4/net-sendmsg-fix-null-pointer-dereference.patch
queue-3.4/net-sctp-inherit-auth_capable-on-init-collisions.patch
queue-3.4/sparc64-make-itc_sync_lock-raw.patch
queue-3.4/sctp-fix-possible-seqlock-seadlock-in-sctp_packet_transmit.patch
queue-3.4/iovec-make-sure-the-caller-actually-wants-anything-in-memcpy_fromiovecend.patch
queue-3.4/net-correctly-set-segment-mac_len-in-skb_segment.patch
--
To unsubscribe from this list: send the line "unsubscribe stable" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
[Index of Archives]     [Linux Kernel]     [Kernel Development Newbies]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite Hiking]     [Linux Kernel]     [Linux SCSI]