mirror of
https://github.com/AuxXxilium/linux_dsm_epyc7002.git
synced 2024-12-28 11:18:45 +07:00
3fb66a70a4
On 32-bit book-e machines, hugepd_ok() no longer takes into account null
hugepd values, causing this crash at boot:
Unable to handle kernel paging request for data at address 0x80000000
...
NIP [c0018378] follow_huge_addr+0x38/0xf0
LR [c001836c] follow_huge_addr+0x2c/0xf0
Call Trace:
follow_huge_addr+0x2c/0xf0 (unreliable)
follow_page_mask+0x40/0x3e0
__get_user_pages+0xc8/0x450
get_user_pages_remote+0x8c/0x250
copy_strings+0x110/0x390
copy_strings_kernel+0x2c/0x50
do_execveat_common+0x478/0x630
do_execve+0x2c/0x40
try_to_run_init_process+0x18/0x60
kernel_init+0xbc/0x110
ret_from_kernel_thread+0x5c/0x64
This impacts all nxp (ex-freescale) 32-bit booke platforms.
This was caused by the change of hugepd_t.pd from signed to unsigned,
and the update to the nohash version of hugepd_ok(). Previously
hugepd_ok() could exclude all non-huge and NULL pgds using > 0, whereas
now we need to explicitly check that the value is not zero and also that
PD_HUGE is *clear*.
This isn't protected by the pgd_none() check in __find_linux_pte_or_hugepte()
because on 32-bit we use pgtable-nopud.h, which causes the pgd_none()
check to be always false.
Fixes: 20717e1ff5 ("powerpc/mm: Fix little-endian 4K hugetlb")
Cc: stable@vger.kernel.org # v4.7+
Reported-by: Madalin-Cristian Bucur <madalin.bucur@nxp.com>
Signed-off-by: Laurentiu Tudor <laurentiu.tudor@nxp.com>
[mpe: Flesh out change log details.]
Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
258 lines
7.3 KiB
C
258 lines
7.3 KiB
C
#ifndef _ASM_POWERPC_NOHASH_PGTABLE_H
|
|
#define _ASM_POWERPC_NOHASH_PGTABLE_H
|
|
|
|
#if defined(CONFIG_PPC64)
|
|
#include <asm/nohash/64/pgtable.h>
|
|
#else
|
|
#include <asm/nohash/32/pgtable.h>
|
|
#endif
|
|
|
|
#ifndef __ASSEMBLY__
|
|
|
|
/* Generic accessors to PTE bits */
|
|
static inline int pte_write(pte_t pte)
|
|
{
|
|
return (pte_val(pte) & (_PAGE_RW | _PAGE_RO)) != _PAGE_RO;
|
|
}
|
|
static inline int pte_dirty(pte_t pte) { return pte_val(pte) & _PAGE_DIRTY; }
|
|
static inline int pte_young(pte_t pte) { return pte_val(pte) & _PAGE_ACCESSED; }
|
|
static inline int pte_special(pte_t pte) { return pte_val(pte) & _PAGE_SPECIAL; }
|
|
static inline int pte_none(pte_t pte) { return (pte_val(pte) & ~_PTE_NONE_MASK) == 0; }
|
|
static inline pgprot_t pte_pgprot(pte_t pte) { return __pgprot(pte_val(pte) & PAGE_PROT_BITS); }
|
|
|
|
#ifdef CONFIG_NUMA_BALANCING
|
|
/*
|
|
* These work without NUMA balancing but the kernel does not care. See the
|
|
* comment in include/asm-generic/pgtable.h . On powerpc, this will only
|
|
* work for user pages and always return true for kernel pages.
|
|
*/
|
|
static inline int pte_protnone(pte_t pte)
|
|
{
|
|
return (pte_val(pte) &
|
|
(_PAGE_PRESENT | _PAGE_USER)) == _PAGE_PRESENT;
|
|
}
|
|
|
|
static inline int pmd_protnone(pmd_t pmd)
|
|
{
|
|
return pte_protnone(pmd_pte(pmd));
|
|
}
|
|
#endif /* CONFIG_NUMA_BALANCING */
|
|
|
|
static inline int pte_present(pte_t pte)
|
|
{
|
|
return pte_val(pte) & _PAGE_PRESENT;
|
|
}
|
|
|
|
/* Conversion functions: convert a page and protection to a page entry,
|
|
* and a page entry and page directory to the page they refer to.
|
|
*
|
|
* Even if PTEs can be unsigned long long, a PFN is always an unsigned
|
|
* long for now.
|
|
*/
|
|
static inline pte_t pfn_pte(unsigned long pfn, pgprot_t pgprot) {
|
|
return __pte(((pte_basic_t)(pfn) << PTE_RPN_SHIFT) |
|
|
pgprot_val(pgprot)); }
|
|
static inline unsigned long pte_pfn(pte_t pte) {
|
|
return pte_val(pte) >> PTE_RPN_SHIFT; }
|
|
|
|
/* Generic modifiers for PTE bits */
|
|
static inline pte_t pte_wrprotect(pte_t pte)
|
|
{
|
|
pte_basic_t ptev;
|
|
|
|
ptev = pte_val(pte) & ~(_PAGE_RW | _PAGE_HWWRITE);
|
|
ptev |= _PAGE_RO;
|
|
return __pte(ptev);
|
|
}
|
|
|
|
static inline pte_t pte_mkclean(pte_t pte)
|
|
{
|
|
return __pte(pte_val(pte) & ~(_PAGE_DIRTY | _PAGE_HWWRITE));
|
|
}
|
|
|
|
static inline pte_t pte_mkold(pte_t pte)
|
|
{
|
|
return __pte(pte_val(pte) & ~_PAGE_ACCESSED);
|
|
}
|
|
|
|
static inline pte_t pte_mkwrite(pte_t pte)
|
|
{
|
|
pte_basic_t ptev;
|
|
|
|
ptev = pte_val(pte) & ~_PAGE_RO;
|
|
ptev |= _PAGE_RW;
|
|
return __pte(ptev);
|
|
}
|
|
|
|
static inline pte_t pte_mkdirty(pte_t pte)
|
|
{
|
|
return __pte(pte_val(pte) | _PAGE_DIRTY);
|
|
}
|
|
|
|
static inline pte_t pte_mkyoung(pte_t pte)
|
|
{
|
|
return __pte(pte_val(pte) | _PAGE_ACCESSED);
|
|
}
|
|
|
|
static inline pte_t pte_mkspecial(pte_t pte)
|
|
{
|
|
return __pte(pte_val(pte) | _PAGE_SPECIAL);
|
|
}
|
|
|
|
static inline pte_t pte_mkhuge(pte_t pte)
|
|
{
|
|
return pte;
|
|
}
|
|
|
|
static inline pte_t pte_modify(pte_t pte, pgprot_t newprot)
|
|
{
|
|
return __pte((pte_val(pte) & _PAGE_CHG_MASK) | pgprot_val(newprot));
|
|
}
|
|
|
|
/* Insert a PTE, top-level function is out of line. It uses an inline
|
|
* low level function in the respective pgtable-* files
|
|
*/
|
|
extern void set_pte_at(struct mm_struct *mm, unsigned long addr, pte_t *ptep,
|
|
pte_t pte);
|
|
|
|
/* This low level function performs the actual PTE insertion
|
|
* Setting the PTE depends on the MMU type and other factors. It's
|
|
* an horrible mess that I'm not going to try to clean up now but
|
|
* I'm keeping it in one place rather than spread around
|
|
*/
|
|
static inline void __set_pte_at(struct mm_struct *mm, unsigned long addr,
|
|
pte_t *ptep, pte_t pte, int percpu)
|
|
{
|
|
#if defined(CONFIG_PPC_STD_MMU_32) && defined(CONFIG_SMP) && !defined(CONFIG_PTE_64BIT)
|
|
/* First case is 32-bit Hash MMU in SMP mode with 32-bit PTEs. We use the
|
|
* helper pte_update() which does an atomic update. We need to do that
|
|
* because a concurrent invalidation can clear _PAGE_HASHPTE. If it's a
|
|
* per-CPU PTE such as a kmap_atomic, we do a simple update preserving
|
|
* the hash bits instead (ie, same as the non-SMP case)
|
|
*/
|
|
if (percpu)
|
|
*ptep = __pte((pte_val(*ptep) & _PAGE_HASHPTE)
|
|
| (pte_val(pte) & ~_PAGE_HASHPTE));
|
|
else
|
|
pte_update(ptep, ~_PAGE_HASHPTE, pte_val(pte));
|
|
|
|
#elif defined(CONFIG_PPC32) && defined(CONFIG_PTE_64BIT)
|
|
/* Second case is 32-bit with 64-bit PTE. In this case, we
|
|
* can just store as long as we do the two halves in the right order
|
|
* with a barrier in between. This is possible because we take care,
|
|
* in the hash code, to pre-invalidate if the PTE was already hashed,
|
|
* which synchronizes us with any concurrent invalidation.
|
|
* In the percpu case, we also fallback to the simple update preserving
|
|
* the hash bits
|
|
*/
|
|
if (percpu) {
|
|
*ptep = __pte((pte_val(*ptep) & _PAGE_HASHPTE)
|
|
| (pte_val(pte) & ~_PAGE_HASHPTE));
|
|
return;
|
|
}
|
|
#if _PAGE_HASHPTE != 0
|
|
if (pte_val(*ptep) & _PAGE_HASHPTE)
|
|
flush_hash_entry(mm, ptep, addr);
|
|
#endif
|
|
__asm__ __volatile__("\
|
|
stw%U0%X0 %2,%0\n\
|
|
eieio\n\
|
|
stw%U0%X0 %L2,%1"
|
|
: "=m" (*ptep), "=m" (*((unsigned char *)ptep+4))
|
|
: "r" (pte) : "memory");
|
|
|
|
#elif defined(CONFIG_PPC_STD_MMU_32)
|
|
/* Third case is 32-bit hash table in UP mode, we need to preserve
|
|
* the _PAGE_HASHPTE bit since we may not have invalidated the previous
|
|
* translation in the hash yet (done in a subsequent flush_tlb_xxx())
|
|
* and see we need to keep track that this PTE needs invalidating
|
|
*/
|
|
*ptep = __pte((pte_val(*ptep) & _PAGE_HASHPTE)
|
|
| (pte_val(pte) & ~_PAGE_HASHPTE));
|
|
|
|
#else
|
|
/* Anything else just stores the PTE normally. That covers all 64-bit
|
|
* cases, and 32-bit non-hash with 32-bit PTEs.
|
|
*/
|
|
*ptep = pte;
|
|
|
|
#ifdef CONFIG_PPC_BOOK3E_64
|
|
/*
|
|
* With hardware tablewalk, a sync is needed to ensure that
|
|
* subsequent accesses see the PTE we just wrote. Unlike userspace
|
|
* mappings, we can't tolerate spurious faults, so make sure
|
|
* the new PTE will be seen the first time.
|
|
*/
|
|
if (is_kernel_addr(addr))
|
|
mb();
|
|
#endif
|
|
#endif
|
|
}
|
|
|
|
|
|
#define __HAVE_ARCH_PTEP_SET_ACCESS_FLAGS
|
|
extern int ptep_set_access_flags(struct vm_area_struct *vma, unsigned long address,
|
|
pte_t *ptep, pte_t entry, int dirty);
|
|
|
|
/*
|
|
* Macro to mark a page protection value as "uncacheable".
|
|
*/
|
|
|
|
#define _PAGE_CACHE_CTL (_PAGE_COHERENT | _PAGE_GUARDED | _PAGE_NO_CACHE | \
|
|
_PAGE_WRITETHRU)
|
|
|
|
#define pgprot_noncached(prot) (__pgprot((pgprot_val(prot) & ~_PAGE_CACHE_CTL) | \
|
|
_PAGE_NO_CACHE | _PAGE_GUARDED))
|
|
|
|
#define pgprot_noncached_wc(prot) (__pgprot((pgprot_val(prot) & ~_PAGE_CACHE_CTL) | \
|
|
_PAGE_NO_CACHE))
|
|
|
|
#define pgprot_cached(prot) (__pgprot((pgprot_val(prot) & ~_PAGE_CACHE_CTL) | \
|
|
_PAGE_COHERENT))
|
|
|
|
#define pgprot_cached_wthru(prot) (__pgprot((pgprot_val(prot) & ~_PAGE_CACHE_CTL) | \
|
|
_PAGE_COHERENT | _PAGE_WRITETHRU))
|
|
|
|
#define pgprot_cached_noncoherent(prot) \
|
|
(__pgprot(pgprot_val(prot) & ~_PAGE_CACHE_CTL))
|
|
|
|
#define pgprot_writecombine pgprot_noncached_wc
|
|
|
|
struct file;
|
|
extern pgprot_t phys_mem_access_prot(struct file *file, unsigned long pfn,
|
|
unsigned long size, pgprot_t vma_prot);
|
|
#define __HAVE_PHYS_MEM_ACCESS_PROT
|
|
|
|
#ifdef CONFIG_HUGETLB_PAGE
|
|
static inline int hugepd_ok(hugepd_t hpd)
|
|
{
|
|
#ifdef CONFIG_PPC_8xx
|
|
return ((hpd_val(hpd) & 0x4) != 0);
|
|
#else
|
|
/* We clear the top bit to indicate hugepd */
|
|
return (hpd_val(hpd) && (hpd_val(hpd) & PD_HUGE) == 0);
|
|
#endif
|
|
}
|
|
|
|
static inline int pmd_huge(pmd_t pmd)
|
|
{
|
|
return 0;
|
|
}
|
|
|
|
static inline int pud_huge(pud_t pud)
|
|
{
|
|
return 0;
|
|
}
|
|
|
|
static inline int pgd_huge(pgd_t pgd)
|
|
{
|
|
return 0;
|
|
}
|
|
#define pgd_huge pgd_huge
|
|
|
|
#define is_hugepd(hpd) (hugepd_ok(hpd))
|
|
#endif
|
|
|
|
#endif /* __ASSEMBLY__ */
|
|
#endif
|