On Thu, Jun 22, 2017 at 12:24 AM, Borislav Petkov <b...@alien8.de> wrote: > On Wed, Jun 21, 2017 at 07:46:05PM -0700, Andy Lutomirski wrote: >> > I'm certainly still missing something here: >> > >> > We have f->new_tlb_gen and mm_tlb_gen to control the flushing, i.e., we >> > do once >> > >> > bump_mm_tlb_gen(mm); >> > >> > and once >> > >> > info.new_tlb_gen = bump_mm_tlb_gen(mm); >> > >> > and in both cases, the bumping is done on mm->context.tlb_gen. >> > >> > So why isn't that enough to do the flushing and we have to consult >> > info.new_tlb_gen too? >> >> The issue is a possible race. Suppose we start at tlb_gen == 1 and >> then two concurrent flushes happen. The first flush is a full flush >> and sets tlb_gen to 2. The second is a partial flush and sets tlb_gen >> to 3. If the second flush gets propagated to a given CPU first and it > > Maybe I'm still missing something, which is likely... > > but if the second flush gets propagated to the CPU first, the CPU will > have local tlb_gen 1 and thus enforce a full flush anyway because we > will go 1 -> 3 on that particular CPU. Or? >
Yes, exactly. Which means I'm probably just misunderstanding your original question. Can you re-ask it? --Andy
