Re: [git pull] changes for tip, and a nasty x86 page table bug
From: Linus Torvalds
Date: Thu Feb 19 2009 - 22:45:45 EST
On Thu, 19 Feb 2009, Steven Rostedt wrote:
> >
> > How do we ever have a PMD that is read-only? That sounds like a bug to
> > begin with. There's no reason to ever do that.
>
> Patch 2/6 explains how this happened, and supplies the fix.
I think your fix is for a real bug, but I think it's still bogus.
That whole "ref_prot" code is SH*T. When we do a set_pmd(), the old
huge-page protections do not matter AT ALL for the new pmd. It matters for
the new _leaf_ entries (the "ref_prot" 20 lines higher up), but not for
the upper level. That should have all bits set.
So the whole
ref_prot = pte_pgprot(pte_mkexec(pte_clrhuge(*kpte)));
pgprot_val(ref_prot) |= _PAGE_PRESENT;
__set_pmd_pte(kpte, address, mk_pte(base, ref_prot));
sequence is utter crap, I think. The whole "ref_prot" there should be just
_pgprot(_KERNPG_TABLE), I think. I don't think there is any other valid
value.
So I would argue that the comment above that piece of code is total and
utter crap (all the protection info _and_ all the PAT bits are now in the
pte, and trying to move them into the pmd is *buggy*), and the three lines
should basically be
__set_pmd_pte(kpte, address, mk_pte(base, _pgprot(_KERNPG_TABLE)));
but let's see if somebody can tell me why I'm wrong.
"git blame" attributes this all to Ying Huang and Thomas. And looking at
the commit that introduced the pte_mkexec(), I really think the code was
confused and people never thought about it deeply.
Comments?
Linus
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/