On Fri, 2019-06-07 at 03:56:35 UTC, Nicholas Piggin wrote: > Commit 1b2443a547f9 ("powerpc/book3s64: Avoid multiple endian conversion > in pte helpers") changed the actual bitwise tests in pte_access_permitted > by using pte_write() and pte_present() helpers rather than raw bitwise > testing _PAGE_WRITE and _PAGE_PRESENT bits. > > The pte_present change now returns true for ptes which are !_PAGE_PRESENT > and _PAGE_INVALID, which is the combination used by pmdp_invalidate to > synchronize access from lock-free lookups. pte_access_permitted is used by > pmd_access_permitted, so allowing GUP lock free access to proceed with > such PTEs breaks this synchronisation. > > This bug has been observed on HPT host, with random crashes and corruption > in guests, usually together with bad PMD messages in the host. > > Fix this by adding an explicit check in pmd_access_permitted, and > documenting the condition explicitly. > > The pte_write() change should be okay, and would prevent GUP from falling > back to the slow path when encountering savedwrite ptes, which matches > what x86 (that does not implement savedwrite) does. > > Fixes: 1b2443a547f9 ("powerpc/book3s64: Avoid multiple endian conversion in > pte helpers") > Cc: Aneesh Kumar K.V <aneesh.ku...@linux.ibm.com> > Cc: Christophe Leroy <christophe.le...@c-s.fr> > Signed-off-by: Nicholas Piggin <npig...@gmail.com> > Reviewed-by: Aneesh Kumar K.V <aneesh.ku...@linux.ibm.com>
Applied to powerpc fixes, thanks. https://git.kernel.org/powerpc/c/33258a1db165cf43a9e6382587ad06e9 cheers