mirros/rockchip-kernel
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Revert "ARM: Initialize split page table locks for vector page"

Browse Source 
[ Upstream commit 247074c44d8c3e619dfde6404a52295d8d671d38 ]

I'm dropping this patch, with its original description:

|ARM: Initialize split page table locks for vector page
|
|Without this patch, ARM can not use SPLIT_PTLOCK_CPUS if
|PREEMPT_RT_FULL=y because vectors_user_mapping() creates a
|VM_ALWAYSDUMP mapping of the vector page (address 0xffff0000), but no
|ptl->lock has been allocated for the page.  An attempt to coredump
|that page will result in a kernel NULL pointer dereference when
|follow_page() attempts to lock the page.
|
|The call tree to the NULL pointer dereference is:
|
|   do_notify_resume()
|      get_signal_to_deliver()
|         do_coredump()
|            elf_core_dump()
|               get_dump_page()
|                  __get_user_pages()
|                     follow_page()
|                        pte_offset_map_lock() <----- a #define
|                           ...
|                              rt_spin_lock()
|
|The underlying problem is exposed by mm-shrink-the-page-frame-to-rt-size.patch.

The patch named mm-shrink-the-page-frame-to-rt-size.patch was dropped
from the RT queue once the SPLIT_PTLOCK_CPUS feature (in a slightly
different shape) went upstream (somewhere between v3.12 and v3.14).

I can see that the patch still allocates a lock which wasn't there
before. However I can't trigger a kernel oops like described in the
patch by triggering a coredump.

Signed-off-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de>
Signed-off-by: Steven Rostedt (VMware) <rostedt@goodmis.org>
This commit is contained in:
Sebastian Andrzej Siewior
2019-10-18 13:04:15 +02:00
committed by jianlong.wang
parent 3f68960283
commit 08eee97865
1 changed files with 0 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
arch/arm/kernel/process.c
View File

@@ -399,30 +399,6 @@ unsigned long arch_randomize_brk(struct mm_struct *mm)
}
#ifdef CONFIG_MMU
/*
* CONFIG_SPLIT_PTLOCK_CPUS results in a page->ptl lock. If the lock is not
* initialized by pgtable_page_ctor() then a coredump of the vector page will
* fail.
*/
static int __init vectors_user_mapping_init_page(void)
{
struct page *page;
unsigned long addr = 0xffff0000;
pgd_t *pgd;
pud_t *pud;
pmd_t *pmd;
pgd = pgd_offset_k(addr);
pud = pud_offset(pgd, addr);
pmd = pmd_offset(pud, addr);
page = pmd_page(*(pmd));
pgtable_page_ctor(page);
return 0;
}
late_initcall(vectors_user_mapping_init_page);
#ifdef CONFIG_KUSER_HELPERS
/*
* The vectors page is always readable from user space for the