From patchwork Fri Jul 17 11:10:05 2020
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Peter Zijlstra <peterz@infradead.org>
X-Patchwork-Id: 11669887
Return-Path: <SRS0=4F7u=A4=kvack.org=owner-linux-mm@kernel.org>
Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org
 [172.30.200.123])
	by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id DA66D1392
	for <patchwork-linux-mm@patchwork.kernel.org>;
 Fri, 17 Jul 2020 11:14:30 +0000 (UTC)
Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17])
	by mail.kernel.org (Postfix) with ESMTP id A78082070E
	for <patchwork-linux-mm@patchwork.kernel.org>;
 Fri, 17 Jul 2020 11:14:30 +0000 (UTC)
Authentication-Results: mail.kernel.org;
	dkim=fail reason="signature verification failed" (2048-bit key)
 header.d=infradead.org header.i=@infradead.org header.b="CVu1uSlr"
DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org A78082070E
Authentication-Results: mail.kernel.org;
 dmarc=none (p=none dis=none) header.from=infradead.org
Authentication-Results: mail.kernel.org;
 spf=pass smtp.mailfrom=owner-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix)
	id 3E7DF8D0035; Fri, 17 Jul 2020 07:14:26 -0400 (EDT)
Delivered-To: linux-mm-outgoing@kvack.org
Received: by kanga.kvack.org (Postfix, from userid 40)
	id 2ABC28D0030; Fri, 17 Jul 2020 07:14:26 -0400 (EDT)
X-Original-To: int-list-linux-mm@kvack.org
X-Delivered-To: int-list-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix, from userid 63042)
	id 174BB8D0035; Fri, 17 Jul 2020 07:14:26 -0400 (EDT)
X-Original-To: linux-mm@kvack.org
X-Delivered-To: linux-mm@kvack.org
Received: from forelay.hostedemail.com (smtprelay0114.hostedemail.com
 [216.40.44.114])
	by kanga.kvack.org (Postfix) with ESMTP id EE6EF8D0030
	for <linux-mm@kvack.org>; Fri, 17 Jul 2020 07:14:25 -0400 (EDT)
Received: from smtpin26.hostedemail.com (10.5.19.251.rfc1918.com
 [10.5.19.251])
	by forelay03.hostedemail.com (Postfix) with ESMTP id AF5908248047
	for <linux-mm@kvack.org>; Fri, 17 Jul 2020 11:14:25 +0000 (UTC)
X-FDA: 77047309290.26.lace14_360122e26f0a
Received: from filter.hostedemail.com (10.5.16.251.rfc1918.com [10.5.16.251])
	by smtpin26.hostedemail.com (Postfix) with ESMTP id 8844A181BA175
	for <linux-mm@kvack.org>; Fri, 17 Jul 2020 11:14:25 +0000 (UTC)
X-Spam-Summary: 
 1,0,0,fab48d26bdcb7bc1,d41d8cd98f00b204,peterz@infradead.org,,RULES_HIT:41:355:379:800:965:966:967:973:988:989:1042:1183:1260:1261:1345:1437:1534:1541:1711:1730:1747:1777:1792:2196:2198:2199:2200:2393:2525:2559:2563:2682:2685:2731:2859:2904:2933:2937:2939:2942:2945:2947:2951:2954:3022:3138:3139:3140:3141:3142:3352:3622:3865:3867:3868:3871:3872:3873:3874:3934:3936:3938:3941:3944:3947:3950:3953:3956:3959:4250:4321:4385:4390:4395:5007:6119:6261:6653:6742:7903:8634:9025:10004:11026:11473:11658:11914:12043:12048:12050:12296:12297:12517:12519:12555:12986:13069:13161:13229:13311:13357:13846:14096:14180:14181:14384:14394:14721:21060:21080:21433:21451:21627:21772:21795:30012:30051:30054:30069,0,RBL:205.233.59.134:@infradead.org:.lbl8.mailshell.net-62.8.55.100
 64.201.201.201;04y8po73w6dc7umriceza5yn96u1wopwsf6399ggj64m54t9fbp5q466qpuriow.a7sc41i58xrc1y8acfbzswbpismkoyqbwbgigx1abdw3ehb4n1m7uhjzxf47rgy.o-lbl8.mailshell.net-223.238.255.100,CacheIP:none,Bayesian:0.5,0.5,0.5
 ,Netchec
X-HE-Tag: lace14_360122e26f0a
X-Filterd-Recvd-Size: 3879
Received: from merlin.infradead.org (merlin.infradead.org [205.233.59.134])
	by imf47.hostedemail.com (Postfix) with ESMTP
	for <linux-mm@kvack.org>; Fri, 17 Jul 2020 11:14:25 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
	d=infradead.org; s=merlin.20170209; h=Subject:Cc:To:From:Date:Message-ID:
	Sender:Reply-To:MIME-Version:Content-Type:Content-Transfer-Encoding:
	Content-ID:Content-Description:In-Reply-To:References;
	bh=jcoWM7ruH7eRB3PvnOjpOP2zq5Lo72OqQAXdvnfygY4=; b=CVu1uSlrWcaqMdSONPZ0wh2J+m
	9XU1Nm+rdNYESJYcv5gA6OgeeydBg6oKgG4NWLLnbt/BpUc7+futNOAtyi9tD0JhoyXaGKHnjBlmy
	Ckg87kJx7AebIIuKkRlkHis3qytr55CA10v6X9caZ5FjMrxcHF3XVbQCpXGRvaSsWZAFp+cHUrsRB
	mEUTllpu1D0t0z1LNuJ0qdu3yjauQPG7I45Ku09dNCKr08eYQJ3jxYbEI2eFsoU9IMuLRUp1YrgOV
	MNoNkpIfT0v9KMf3T2nGxsVjkveem+tlXoeroXQuzLM80lZH2RHTWPAaKLa/uxnKEv6BMPnmhymOn
	jzZv19iw==;
Received: from j217100.upc-j.chello.nl ([24.132.217.100]
 helo=noisy.programming.kicks-ass.net)
	by merlin.infradead.org with esmtpsa (Exim 4.92.3 #3 (Red Hat Linux))
	id 1jwOJb-0001dZ-1F; Fri, 17 Jul 2020 11:14:07 +0000
Received: from hirez.programming.kicks-ass.net
 (hirez.programming.kicks-ass.net [192.168.1.225])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(Client did not present a certificate)
	by noisy.programming.kicks-ass.net (Postfix) with ESMTPS id 0F2D8304D58;
	Fri, 17 Jul 2020 13:14:02 +0200 (CEST)
Received: by hirez.programming.kicks-ass.net (Postfix, from userid 0)
	id A6840203D408F; Fri, 17 Jul 2020 13:14:02 +0200 (CEST)
Message-ID: <20200717111005.024867618@infradead.org>
User-Agent: quilt/0.66
Date: Fri, 17 Jul 2020 13:10:05 +0200
From: Peter Zijlstra <peterz@infradead.org>
To: Will Deacon <will@kernel.org>,
 "Aneesh Kumar K.V" <aneesh.kumar@linux.ibm.com>,
 Andrew Morton <akpm@linux-foundation.org>,
 Nick Piggin <npiggin@gmail.com>,
 Peter Zijlstra <peterz@infradead.org>
Cc: linux-arch@vger.kernel.org,
 linux-sh@vger.kernel.org,
 linux-mm@kvack.org,
 linux-kernel@vger.kernel.org,
 Yoshinori Sato <ysato@users.sourceforge.jp>,
 Rich Felker <dalias@libc.org>,
 "David S. Miller" <davem@davemloft.net>,
 Helge Deller <deller@gmx.de>,
 Geert Uytterhoeven <geert@linux-m68k.org>,
 Paul Burton <paulburton@kernel.org>,
 Tony Luck <tony.luck@intel.com>,
 Richard Henderson <rth@twiddle.net>,
 Nick Hu <nickhu@andestech.com>,
 Paul Walmsley <paul.walmsley@sifive.com>,
 John Paul Adrian Glaubitz <glaubitz@physik.fu-berlin.de>,
 Christoph Hellwig <hch@lst.de>
Subject: [PATCH v2 00/11] Fixup page directory freeing
X-Rspamd-Queue-Id: 8844A181BA175
X-Spamd-Result: default: False [0.00 / 100.00]
X-Rspamd-Server: rspam05
X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4
Sender: owner-linux-mm@kvack.org
Precedence: bulk
X-Loop: owner-majordomo@kvack.org
List-ID: <linux-mm.kvack.org>

Hi All,

While fixing a silly bug on SH (patch #1), I realized that even with the
trivial patch to restore prior behaviour, page directory freeing was still
broken.

The thing is, on anything SMP, freeing page directories should observe the
exact same order as normal page freeing:

 1) unhook page/directory
 2) TLB invalidate
 3) free page/directory

Without this any concurrent page-table walk could end up with a Use-after-Free.
This is esp. trivial for anything that has software page-table walkers
(HAVE_FAST_GUP / software TLB fill) or the hardware caches partial page-walks
(ie. caches page directories).

Even on UP this might give issues, since mmu_gather is preemptible these days.
An interrupt or preempted task accessing user pages might stumble into the free
page if the hardware caches page directories.

So I've converted everything to always observe the above order, simply so we
don't have to worry about it.

If however I've been over zealous and your arch/mmu really doesn't need this
and you're offended by this potentially superfluous code, please let me know
and I'll replace the patch with one that adds a comment describing your
rationale for why it is not needed.


v1: https://lkml.kernel.org/r/20191211120713.360281197@infradead.org