linux/arch/powerpc/mm
Aneesh Kumar K.V c777e2a8b6 powerpc/mm: Fix Multi hit ERAT cause by recent THP update
With ppc64 we use the deposited pgtable_t to store the hash pte slot
information. We should not withdraw the deposited pgtable_t without
marking the pmd none. This ensure that low level hash fault handling
will skip this huge pte and we will handle them at upper levels.

Recent change to pmd splitting changed the above in order to handle the
race between pmd split and exit_mmap. The race is explained below.

Consider following race:

		CPU0				CPU1
shrink_page_list()
  add_to_swap()
    split_huge_page_to_list()
      __split_huge_pmd_locked()
        pmdp_huge_clear_flush_notify()
	// pmd_none() == true
					exit_mmap()
					  unmap_vmas()
					    zap_pmd_range()
					      // no action on pmd since pmd_none() == true
	pmd_populate()

As result the THP will not be freed. The leak is detected by check_mm():

	BUG: Bad rss-counter state mm:ffff880058d2e580 idx:1 val:512

The above required us to not mark pmd none during a pmd split.

The fix for ppc is to clear the huge pte of _PAGE_USER, so that low
level fault handling code skip this pte. At higher level we do take ptl
lock. That should serialze us against the pmd split. Once the lock is
acquired we do check the pmd again using pmd_same. That should always
return false for us and hence we should retry the access. We do the
pmd_same check in all case after taking plt with
THP (do_huge_pmd_wp_page, do_huge_pmd_numa_page and
huge_pmd_set_accessed)

Also make sure we wait for irq disable section in other cpus to finish
before flipping a huge pte entry with a regular pmd entry. Code paths
like find_linux_pte_or_hugepte depend on irq disable to get
a stable pte_t pointer. A parallel thp split need to make sure we
don't convert a pmd pte to a regular pmd entry without waiting for the
irq disable section to finish.

Fixes: eef1b3ba05 ("thp: implement split_huge_pmd()")
Acked-by: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
2016-02-15 21:10:04 +11:00
..
40x_mmu.c powerpc/mm: Don't use pmd_val, pud_val and pgd_val as lvalue 2015-12-14 15:19:07 +11:00
44x_mmu.c powerpc: Delete __cpuinit usage from all users 2013-07-01 11:10:36 +10:00
Makefile powerpc/mm: Convert 4k insert from asm to C 2015-12-14 15:19:12 +11:00
copro_fault.c cxl: Move include file cxl.h -> cxl-base.h 2015-06-03 13:27:19 +10:00
dma-noncoherent.c powerpc: Fix compile errors with STRICT_MM_TYPECHECKS enabled 2015-04-10 20:02:47 +10:00
fault.c powerpc: Add plain English description for alignment exception oopses 2015-07-06 20:24:35 +10:00
fsl_booke_mmu.c powerpc/fsl-booke-64: Don't limit ppc64_rma_size to one TLB entry 2015-10-27 18:13:22 -05:00
hash64_4k.c powerpc/mm: Move WIMG update to helper. 2015-12-14 15:19:13 +11:00
hash64_64k.c powerpc/mm: Move WIMG update to helper. 2015-12-14 15:19:13 +11:00
hash_low_32.S powerpc: Use CURRENT_THREAD_INFO instead of open coded assembly 2012-07-11 14:18:22 +10:00
hash_native_64.c powerpc/mm: Move THP headers around 2015-12-14 15:19:14 +11:00
hash_utils_64.c powerpc: Fix build break due to paca mm_context_t changes 2016-01-09 08:28:44 +11:00
highmem.c sched/preempt, mm/kmap: Explicitly disable/enable preemption in kmap_atomic_* 2015-05-19 08:39:14 +02:00
hugepage-hash64.c powerpc, thp: remove infrastructure for handling splitting PMDs 2016-01-15 17:56:32 -08:00
hugetlbpage-book3e.c powerpc/e6500: add locking to hugetlb 2015-12-22 18:23:22 -06:00
hugetlbpage-hash64.c powerpc/mm: Move hugetlb related headers 2015-12-14 15:19:13 +11:00
hugetlbpage.c powerpc, thp: remove infrastructure for handling splitting PMDs 2016-01-15 17:56:32 -08:00
icswx.c powerpc: Fix typo "CONFIG_ICSWX_PID" 2013-04-18 13:03:54 +10:00
icswx.h powerpc/icswx: Fix race condition with IPI setting ACOP 2012-03-07 17:06:09 +11:00
icswx_pid.c powerpc: Split ICSWX ACOP and PID processing 2011-11-25 14:11:27 +11:00
init_32.c powerpc: Remove superfluous bootmem includes 2014-11-10 09:59:26 +11:00
init_64.c powerpc/mm: Don't hardcode page table size 2015-12-14 15:19:15 +11:00
mem.c powerpc/mm: Allow user space to map rtas_rmo_buf 2016-01-25 16:31:13 +11:00
mmap.c mm: expose arch_mmap_rnd when available 2015-04-14 16:49:05 -07:00
mmu_context_hash32.c powerpc: Remove power3 from comments 2014-07-28 14:10:26 +10:00
mmu_context_hash64.c powerpc/mmu: Add userspace-to-physical addresses translation cache 2015-06-11 15:16:54 +10:00
mmu_context_iommu.c powerpc/mmu: Add userspace-to-physical addresses translation cache 2015-06-11 15:16:54 +10:00
mmu_context_nohash.c powerpc/8xx: reduce pressure on TLB due to context switches 2015-01-29 21:51:06 -06:00
mmu_decl.h powerpc/fsl-booke-64: Don't limit ppc64_rma_size to one TLB entry 2015-10-27 18:13:22 -05:00
numa.c powerpc updates for 4.4 2015-11-05 23:38:43 -08:00
pgtable.c powerpc/mm: Add a _PAGE_PTE bit 2015-12-14 15:19:14 +11:00
pgtable_32.c powerpc: Replace mem_init_done with slab_is_available() 2015-04-10 20:02:48 +10:00
pgtable_64.c powerpc/mm: Fix Multi hit ERAT cause by recent THP update 2016-02-15 21:10:04 +11:00
ppc_mmu_32.c powerpc/mm: Change setbat() to take a pgprot_t rather than flags 2015-04-07 17:15:13 +10:00
slb.c powerpc: Add function to copy mm_context_t to the paca 2015-12-19 22:13:12 +11:00
slb_low.S Merge remote-tracking branch 'anton/abiv2' into next 2014-05-05 20:57:12 +10:00
slice.c powerpc: Add function to copy mm_context_t to the paca 2015-12-19 22:13:12 +11:00
subpage-prot.c thp: rename split_huge_page_pmd() to split_huge_pmd() 2016-01-15 17:56:32 -08:00
tlb_hash32.c powerpc: include export.h for files using EXPORT_SYMBOL/THIS_MODULE 2011-10-31 19:30:38 -04:00
tlb_hash64.c powerpc/mm: Differentiate between hugetlb and THP during page walk 2015-10-12 15:30:09 +11:00
tlb_low_64e.S powerpc/e6500: hw tablewalk: make sure we invalidate and write to the same tlb entry 2015-10-27 18:14:40 -05:00
tlb_nohash.c powerpc/fsl-booke-64: Don't limit ppc64_rma_size to one TLB entry 2015-10-27 18:13:22 -05:00
tlb_nohash_low.S powerpc/85xx: Load all early TLB entries at once 2015-10-22 22:50:46 -05:00
vphn.c powerpc/vphn: parsing code rewrite 2015-03-18 10:48:59 +11:00
vphn.h powerpc/vphn: parsing code rewrite 2015-03-18 10:48:59 +11:00