[{"id":1766929,"web_url":"http://patchwork.ozlabs.org/comment/1766929/","msgid":"<489d77d3-53b0-655d-a77a-7843219a0dbd@canonical.com>","list_archive_url":null,"date":"2017-09-12T12:02:07","subject":"ACK: [Zesty PATCH 2/2] s390/mm: fix race on mm->context.flush_mm","submitter":{"id":2900,"url":"http://patchwork.ozlabs.org/api/people/2900/","name":"Colin Ian King","email":"colin.king@canonical.com"},"content":"On 12/09/17 10:45, Stefan Bader wrote:\n> From: Martin Schwidefsky \n> \n> BugLink: http://bugs.launchpad.net/bugs/1708399\n> \n> The order in __tlb_flush_mm_lazy is to flush TLB first and then clear\n> the mm->context.flush_mm bit. This can lead to missed flushes as the\n> bit can be set anytime, the order needs to be the other way aronud.\n> \n> But this leads to a different race, __tlb_flush_mm_lazy may be called\n> on two CPUs concurrently. If mm->context.flush_mm is cleared first then\n> another CPU can bypass __tlb_flush_mm_lazy although the first CPU has\n> not done the flush yet. In a virtualized environment the time until the\n> flush is finally completed can be arbitrarily long.\n> \n> Add a spinlock to serialize __tlb_flush_mm_lazy and use the function\n> in finish_arch_post_lock_switch as well.\n> \n> Cc: \n> Reviewed-by: Heiko Carstens \n> Signed-off-by: Martin Schwidefsky \n> (cherry-picked from commit 60f07c8ec5fae06c23e9fd7bab67dabce92b3414 linux-next)\n> Signed-off-by: Stefan Bader \n> ---\n> arch/s390/include/asm/mmu.h | 2 ++\n> arch/s390/include/asm/mmu_context.h | 4 ++--\n> arch/s390/include/asm/tlbflush.h | 4 +++-\n> 3 files changed, 7 insertions(+), 3 deletions(-)\n> \n> diff --git a/arch/s390/include/asm/mmu.h b/arch/s390/include/asm/mmu.h\n> index bd6f303..3525fe6 100644\n> --- a/arch/s390/include/asm/mmu.h\n> +++ b/arch/s390/include/asm/mmu.h\n> @@ -5,6 +5,7 @@\n> #include \n> \n> typedef struct {\n> +\tspinlock_t lock;\n> \tcpumask_t cpu_attach_mask;\n> \tatomic_t flush_count;\n> \tunsigned int flush_mm;\n> @@ -27,6 +28,7 @@ typedef struct {\n> } mm_context_t;\n> \n> #define INIT_MM_CONTEXT(name)\t\t\t\t\t\t \\\n> +\t.context.lock =\t__SPIN_LOCK_UNLOCKED(name.context.lock),\t \\\n> \t.context.pgtable_lock =\t\t\t\t\t\t \\\n> \t\t\t__SPIN_LOCK_UNLOCKED(name.context.pgtable_lock), \\\n> \t.context.pgtable_list = LIST_HEAD_INIT(name.context.pgtable_list), \\\n> diff --git a/arch/s390/include/asm/mmu_context.h b/arch/s390/include/asm/mmu_context.h\n> index 8823e35..484efe8 100644\n> --- a/arch/s390/include/asm/mmu_context.h\n> +++ b/arch/s390/include/asm/mmu_context.h\n> @@ -17,6 +17,7 @@\n> static inline int init_new_context(struct task_struct *tsk,\n> \t\t\t\t struct mm_struct *mm)\n> {\n> +\tspin_lock_init(&mm->context.lock);\n> \tspin_lock_init(&mm->context.pgtable_lock);\n> \tINIT_LIST_HEAD(&mm->context.pgtable_list);\n> \tspin_lock_init(&mm->context.gmap_lock);\n> @@ -121,8 +122,7 @@ static inline void finish_arch_post_lock_switch(void)\n> \t\twhile (atomic_read(&mm->context.flush_count))\n> \t\t\tcpu_relax();\n> \t\tcpumask_set_cpu(smp_processor_id(), mm_cpumask(mm));\n> -\t\tif (mm->context.flush_mm)\n> -\t\t\t__tlb_flush_mm(mm);\n> +\t\t__tlb_flush_mm_lazy(mm);\n> \t\tpreempt_enable();\n> \t}\n> \tset_fs(current->thread.mm_segment);\n> diff --git a/arch/s390/include/asm/tlbflush.h b/arch/s390/include/asm/tlbflush.h\n> index 16fe2a3..b08d5bc 100644\n> --- a/arch/s390/include/asm/tlbflush.h\n> +++ b/arch/s390/include/asm/tlbflush.h\n> @@ -101,10 +101,12 @@ static inline void __tlb_flush_kernel(void)\n> \n> static inline void __tlb_flush_mm_lazy(struct mm_struct * mm)\n> {\n> +\tspin_lock(&mm->context.lock);\n> \tif (mm->context.flush_mm) {\n> -\t\t__tlb_flush_mm(mm);\n> \t\tmm->context.flush_mm = 0;\n> +\t\t__tlb_flush_mm(mm);\n> \t}\n> +\tspin_unlock(&mm->context.lock);\n> }\n> \n> /*\n> \nAcked-by: Colin Ian King ","headers":{"Return-Path":"","X-Original-To":"incoming@patchwork.ozlabs.org","Delivered-To":"patchwork-incoming@bilbo.ozlabs.org","Authentication-Results":"ozlabs.org;\n\tspf=none (mailfrom) smtp.mailfrom=lists.ubuntu.com\n\t(client-ip=91.189.94.19; helo=huckleberry.canonical.com;\n\tenvelope-from=kernel-team-bounces@lists.ubuntu.com;\n\treceiver=)","Received":["from huckleberry.canonical.com (huckleberry.canonical.com\n\t[91.189.94.19])\n\tby ozlabs.org (Postfix) with ESMTP id 3xs3MC6hV6z9s7M;\n\tTue, 12 Sep 2017 22:02:12 +1000 (AEST)","from localhost ([127.0.0.1] helo=huckleberry.canonical.com)\n\tby huckleberry.canonical.com with esmtp (Exim 4.86_2)\n\t(envelope-from )\n\tid 1drjtJ-00031w-QI; Tue, 12 Sep 2017 12:02:09 +0000","from youngberry.canonical.com ([91.189.89.112])\n\tby huckleberry.canonical.com with esmtps\n\t(TLS1.0:DHE_RSA_AES_128_CBC_SHA1:128)\n\t(Exim 4.86_2) (envelope-from )\n\tid 1drjtI-00031J-9m\n\tfor kernel-team@lists.ubuntu.com; Tue, 12 Sep 2017 12:02:08 +0000","from 1.general.cking.uk.vpn ([10.172.193.212])\n\tby youngberry.canonical.com with esmtpsa\n\t(TLS1.0:DHE_RSA_AES_128_CBC_SHA1:16)\n\t(Exim 4.76) (envelope-from )\n\tid 1drjtI-00005t-10; Tue, 12 Sep 2017 12:02:08 +0000"],"Subject":"ACK: [Zesty PATCH 2/2] s390/mm: fix race on mm->context.flush_mm","To":"kernel-team@lists.ubuntu.com","References":"<1505209542-17445-1-git-send-email-stefan.bader@canonical.com>\n\t<1505209542-17445-6-git-send-email-stefan.bader@canonical.com>","From":"Colin Ian King ","Message-ID":"<489d77d3-53b0-655d-a77a-7843219a0dbd@canonical.com>","Date":"Tue, 12 Sep 2017 13:02:07 +0100","User-Agent":"Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101\n\tThunderbird/45.8.0","MIME-Version":"1.0","In-Reply-To":"<1505209542-17445-6-git-send-email-stefan.bader@canonical.com>","X-BeenThere":"kernel-team@lists.ubuntu.com","X-Mailman-Version":"2.1.20","Precedence":"list","List-Id":"Kernel team discussions ","List-Unsubscribe":",\n\t","List-Archive":"","List-Post":"","List-Help":"","List-Subscribe":",\n\t","Content-Type":"text/plain; charset=\"utf-8\"","Content-Transfer-Encoding":"base64","Errors-To":"kernel-team-bounces@lists.ubuntu.com","Sender":"\"kernel-team\" "}}]