mirror of
https://github.com/AuxXxilium/linux_dsm_epyc7002.git
synced 2024-11-25 05:40:53 +07:00
[POWERPC] Fix possible access to free pages
I think we have a subtle race on ppc64 with the tlb batching. The common code expects tlb_flush() to actually flush any pending TLB batch. It does that because it delays all page freeing until after tlb_flush() is called, in order to ensure no stale reference to those pages exist in any TLB, thus causing potential access to the freed pages. However, our tlb_flush only triggers the RCU for freeing page table pages, it does not currently trigger a flush of a pending TLB/hash batch, which is, I think, an error. This fixes it. Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org> Signed-off-by: Paul Mackerras <paulus@samba.org>
This commit is contained in:
parent
988519acb3
commit
6ad8d010b2
@ -38,6 +38,15 @@ extern void pte_free_finish(void);
|
|||||||
|
|
||||||
static inline void tlb_flush(struct mmu_gather *tlb)
|
static inline void tlb_flush(struct mmu_gather *tlb)
|
||||||
{
|
{
|
||||||
|
struct ppc64_tlb_batch *tlbbatch = &__get_cpu_var(ppc64_tlb_batch);
|
||||||
|
|
||||||
|
/* If there's a TLB batch pending, then we must flush it because the
|
||||||
|
* pages are going to be freed and we really don't want to have a CPU
|
||||||
|
* access a freed page because it has a stale TLB
|
||||||
|
*/
|
||||||
|
if (tlbbatch->index)
|
||||||
|
__flush_tlb_pending(tlbbatch);
|
||||||
|
|
||||||
pte_free_finish();
|
pte_free_finish();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user