Re: [PATCH v2 3/3] riscv: Fix crash when flushing executable ioremap regions

From: Alex Ghiti
Date: Sun Feb 16 2020 - 09:43:45 EST

Hi Jan,

On 2/15/20 6:49 AM, Jan Kiszka wrote:
From: Jan Kiszka <jan.kiszka@xxxxxxxxxxx>

Those are not backed by page structs, and pte_page is returning an
invalid pointer.

Signed-off-by: Jan Kiszka <jan.kiszka@xxxxxxxxxxx>
arch/riscv/mm/cacheflush.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/arch/riscv/mm/cacheflush.c b/arch/riscv/mm/cacheflush.c
index 8930ab7278e6..9ee2c1a387cc 100644
=2D-- a/arch/riscv/mm/cacheflush.c
+++ b/arch/riscv/mm/cacheflush.c
@@ -84,7 +84,8 @@ void flush_icache_pte(pte_t pte)
struct page *page =3D pte_page(pte);

- if (!test_and_set_bit(PG_dcache_clean, &page->flags))
+ if (!pfn_valid(pte_pfn(pte)) ||
+ !test_and_set_bit(PG_dcache_clean, &page->flags))
#endif /* CONFIG_MMU */

When did you encounter such a situation ? i.e. executable code that is not backed by struct page ?

Riscv uses the generic implementation of ioremap and the way _PAGE_IOREMAP is defined does not allow to map executable memory region using ioremap, so I'm interested to understand how we end up in flush_icache_pte for an executable region not backed by any struct page.