Re: [PATCH 2/7] x86,tlb: leave lazy TLB mode at page table free time

On Wed, 2018-08-15 at 18:54 -0700, Andy Lutomirski wrote: > On Mon, Jul 16, 2018 at 12:03 PM, Rik van Riel > wrote: > Hi Rik- > > I was looking through this, and I see: > > > -static void tlb_remove_table_one(void *table) > > +static void tlb_remove_table_one(void *table, struct mmu_gather > >

Re: [PATCH 2/7] x86,tlb: leave lazy TLB mode at page table free time

On Wed, 2018-08-15 at 18:54 -0700, Andy Lutomirski wrote: > On Mon, Jul 16, 2018 at 12:03 PM, Rik van Riel > wrote: > Hi Rik- > > I was looking through this, and I see: > > > -static void tlb_remove_table_one(void *table) > > +static void tlb_remove_table_one(void *table, struct mmu_gather > >

Re: [PATCH 2/7] x86,tlb: leave lazy TLB mode at page table free time

On Mon, Jul 16, 2018 at 12:03 PM, Rik van Riel wrote: > Andy discovered that speculative memory accesses while in lazy > TLB mode can crash a system, when a CPU tries to dereference a > speculative access using memory contents that used to be valid > page table memory, but have since been reused

Re: [PATCH 2/7] x86,tlb: leave lazy TLB mode at page table free time

On Mon, Jul 16, 2018 at 12:03 PM, Rik van Riel wrote: > Andy discovered that speculative memory accesses while in lazy > TLB mode can crash a system, when a CPU tries to dereference a > speculative access using memory contents that used to be valid > page table memory, but have since been reused

[PATCH 2/7] x86,tlb: leave lazy TLB mode at page table free time

Andy discovered that speculative memory accesses while in lazy TLB mode can crash a system, when a CPU tries to dereference a speculative access using memory contents that used to be valid page table memory, but have since been reused for something else and point into la-la land. The latter

[PATCH 2/7] x86,tlb: leave lazy TLB mode at page table free time

Andy discovered that speculative memory accesses while in lazy TLB mode can crash a system, when a CPU tries to dereference a speculative access using memory contents that used to be valid page table memory, but have since been reused for something else and point into la-la land. The latter

[PATCH 2/7] x86,tlb: leave lazy TLB mode at page table free time

Andy discovered that speculative memory accesses while in lazy TLB mode can crash a system, when a CPU tries to dereference a speculative access using memory contents that used to be valid page table memory, but have since been reused for something else and point into la-la land. The latter

[PATCH 2/7] x86,tlb: leave lazy TLB mode at page table free time

Andy discovered that speculative memory accesses while in lazy TLB mode can crash a system, when a CPU tries to dereference a speculative access using memory contents that used to be valid page table memory, but have since been reused for something else and point into la-la land. The latter

[PATCH 2/7] x86,tlb: leave lazy TLB mode at page table free time

Andy discovered that speculative memory accesses while in lazy TLB mode can crash a system, when a CPU tries to dereference a speculative access using memory contents that used to be valid page table memory, but have since been reused for something else and point into la-la land. The latter

[PATCH 2/7] x86,tlb: leave lazy TLB mode at page table free time

Andy discovered that speculative memory accesses while in lazy TLB mode can crash a system, when a CPU tries to dereference a speculative access using memory contents that used to be valid page table memory, but have since been reused for something else and point into la-la land. The latter

Re: [PATCH 2/7] x86,tlb: leave lazy TLB mode at page table free time

On Fri, 2018-06-29 at 09:39 -0700, Dave Hansen wrote: > On 06/29/2018 07:29 AM, Rik van Riel wrote: > > The latter problem can be prevented in two ways. The first is to > > always send a TLB shootdown IPI to CPUs in lazy TLB mode, while > > the second one is to only send the TLB shootdown at page

Re: [PATCH 2/7] x86,tlb: leave lazy TLB mode at page table free time

On Fri, 2018-06-29 at 09:39 -0700, Dave Hansen wrote: > On 06/29/2018 07:29 AM, Rik van Riel wrote: > > The latter problem can be prevented in two ways. The first is to > > always send a TLB shootdown IPI to CPUs in lazy TLB mode, while > > the second one is to only send the TLB shootdown at page

Re: [PATCH 2/7] x86,tlb: leave lazy TLB mode at page table free time

On 06/29/2018 07:29 AM, Rik van Riel wrote: > The latter problem can be prevented in two ways. The first is to > always send a TLB shootdown IPI to CPUs in lazy TLB mode, while > the second one is to only send the TLB shootdown at page table > freeing time. I've read this a few times, and I keep

Re: [PATCH 2/7] x86,tlb: leave lazy TLB mode at page table free time

On 06/29/2018 07:29 AM, Rik van Riel wrote: > The latter problem can be prevented in two ways. The first is to > always send a TLB shootdown IPI to CPUs in lazy TLB mode, while > the second one is to only send the TLB shootdown at page table > freeing time. I've read this a few times, and I keep

[PATCH 2/7] x86,tlb: leave lazy TLB mode at page table free time

Andy discovered that speculative memory accesses while in lazy TLB mode can crash a system, when a CPU tries to dereference a speculative access using memory contents that used to be valid page table memory, but have since been reused for something else and point into la-la land. The latter

[PATCH 2/7] x86,tlb: leave lazy TLB mode at page table free time

Andy discovered that speculative memory accesses while in lazy TLB mode can crash a system, when a CPU tries to dereference a speculative access using memory contents that used to be valid page table memory, but have since been reused for something else and point into la-la land. The latter

Re: [PATCH 2/7] x86,tlb: leave lazy TLB mode at page table free time

On Fri, 2018-06-22 at 07:58 -0700, Andy Lutomirski wrote: > On Wed, Jun 20, 2018 at 12:57 PM Rik van Riel > wrote: > > > > +++ b/arch/x86/mm/tlb.c > > @@ -646,6 +646,30 @@ void flush_tlb_mm_range(struct mm_struct *mm, > > unsigned long start, > > put_cpu(); > > } > > > > +void

Re: [PATCH 2/7] x86,tlb: leave lazy TLB mode at page table free time

On Fri, 2018-06-22 at 07:58 -0700, Andy Lutomirski wrote: > On Wed, Jun 20, 2018 at 12:57 PM Rik van Riel > wrote: > > > > +++ b/arch/x86/mm/tlb.c > > @@ -646,6 +646,30 @@ void flush_tlb_mm_range(struct mm_struct *mm, > > unsigned long start, > > put_cpu(); > > } > > > > +void

Re: [PATCH 2/7] x86,tlb: leave lazy TLB mode at page table free time

On Wed, Jun 20, 2018 at 12:57 PM Rik van Riel wrote: > > Andy discovered that speculative memory accesses while in lazy > TLB mode can crash a system, when a CPU tries to dereference a > speculative access using memory contents that used to be valid > page table memory, but have since been reused

Re: [PATCH 2/7] x86,tlb: leave lazy TLB mode at page table free time

On Wed, Jun 20, 2018 at 12:57 PM Rik van Riel wrote: > > Andy discovered that speculative memory accesses while in lazy > TLB mode can crash a system, when a CPU tries to dereference a > speculative access using memory contents that used to be valid > page table memory, but have since been reused

Re: [PATCH 2/7] x86,tlb: leave lazy TLB mode at page table free time

On Wed, 2018-06-20 at 15:56 -0400, Rik van Riel wrote: > > +void tlb_flush_remove_tables(struct mm_struct *mm) > +{ > + int cpu = get_cpu(); > + /* > + * XXX: this really only needs to be called for CPUs in lazy > TLB mode. > + */ > + if (cpumask_any_but(mm_cpumask(mm), cpu)

Re: [PATCH 2/7] x86,tlb: leave lazy TLB mode at page table free time

On Wed, 2018-06-20 at 15:56 -0400, Rik van Riel wrote: > > +void tlb_flush_remove_tables(struct mm_struct *mm) > +{ > + int cpu = get_cpu(); > + /* > + * XXX: this really only needs to be called for CPUs in lazy > TLB mode. > + */ > + if (cpumask_any_but(mm_cpumask(mm), cpu)

[PATCH 2/7] x86,tlb: leave lazy TLB mode at page table free time

Andy discovered that speculative memory accesses while in lazy TLB mode can crash a system, when a CPU tries to dereference a speculative access using memory contents that used to be valid page table memory, but have since been reused for something else and point into la-la land. The latter

[PATCH 2/7] x86,tlb: leave lazy TLB mode at page table free time

Andy discovered that speculative memory accesses while in lazy TLB mode can crash a system, when a CPU tries to dereference a speculative access using memory contents that used to be valid page table memory, but have since been reused for something else and point into la-la land. The latter