[PATCH 4.5 015/124] s390/mm: handle PTE-mapped tail pages in fast gup

From: Greg Kroah-Hartman
Date: Sun Apr 17 2016 - 23:42:55 EST

Next message: Greg Kroah-Hartman: "[PATCH 4.5 013/124] mm: fix invalid node in alloc_migrate_target()"
Previous message: Greg Kroah-Hartman: "[PATCH 4.5 018/124] powerpc/process: Fix altivec SPR not being saved"
In reply to: Greg Kroah-Hartman: "[PATCH 4.5 018/124] powerpc/process: Fix altivec SPR not being saved"
Next in thread: Greg Kroah-Hartman: "[PATCH 4.5 013/124] mm: fix invalid node in alloc_migrate_target()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

4.5-stable review patch. If anyone has any objections, please let me know.

------------------

From: Gerald Schaefer <gerald.schaefer@xxxxxxxxxx>

commit fc897c95e91451271cd707ee0f71022b9b201ce9 upstream.

With the THP refcounting rework it is possible to see THP compound tail
pages mapped with PTEs during a THP split. This needs to be considered
when using page_cache_get_speculative(), which will always fail on tail
pages because ->_count is always zero. commit 7aef4172 "mm: handle
PTE-mapped tail pages in gerneric fast gup implementaiton" fixed it for
the generic fast gup code by using compound_head(page) instead of page,
but not for s390.

This patch is a 1:1 adaption of commit 7aef4172 for the s390 fast gup
code. Without this fix, gup will fall back to the slow path or fail
in the unlikely scenario that we hit a THP under splitting in-between
the page table split and the compound page split.

Signed-off-by: Gerald Schaefer <gerald.schaefer@xxxxxxxxxx>
Signed-off-by: Martin Schwidefsky <schwidefsky@xxxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>

---
arch/s390/mm/gup.c | 8 +++++---
1 file changed, 5 insertions(+), 3 deletions(-)

--- a/arch/s390/mm/gup.c
+++ b/arch/s390/mm/gup.c
@@ -20,9 +20,9 @@
static inline int gup_pte_range(pmd_t *pmdp, pmd_t pmd, unsigned long addr,
unsigned long end, int write, struct page **pages, int *nr)
{
+ struct page *head, *page;
unsigned long mask;
pte_t *ptep, pte;
- struct page *page;

mask = (write ? _PAGE_PROTECT : 0) | _PAGE_INVALID | _PAGE_SPECIAL;

@@ -37,12 +37,14 @@ static inline int gup_pte_range(pmd_t *p
return 0;
VM_BUG_ON(!pfn_valid(pte_pfn(pte)));
page = pte_page(pte);
- if (!page_cache_get_speculative(page))
+ head = compound_head(page);
+ if (!page_cache_get_speculative(head))
return 0;
if (unlikely(pte_val(pte) != pte_val(*ptep))) {
- put_page(page);
+ put_page(head);
return 0;
}
+ VM_BUG_ON_PAGE(compound_head(page) != head, page);
pages[*nr] = page;
(*nr)++;

Next message: Greg Kroah-Hartman: "[PATCH 4.5 013/124] mm: fix invalid node in alloc_migrate_target()"
Previous message: Greg Kroah-Hartman: "[PATCH 4.5 018/124] powerpc/process: Fix altivec SPR not being saved"
In reply to: Greg Kroah-Hartman: "[PATCH 4.5 018/124] powerpc/process: Fix altivec SPR not being saved"
Next in thread: Greg Kroah-Hartman: "[PATCH 4.5 013/124] mm: fix invalid node in alloc_migrate_target()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]