From patchwork Sat Dec 14 09:02:53 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Qi Zheng X-Patchwork-Id: 13908432 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 958A7E7716A for ; Sat, 14 Dec 2024 09:04:45 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 285346B009B; Sat, 14 Dec 2024 04:04:45 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 23E6D6B009C; Sat, 14 Dec 2024 04:04:45 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 0FE6F6B009D; Sat, 14 Dec 2024 04:04:45 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0017.hostedemail.com [216.40.44.17]) by kanga.kvack.org (Postfix) with ESMTP id DDBC16B009B for ; Sat, 14 Dec 2024 04:04:44 -0500 (EST) Received: from smtpin16.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay06.hostedemail.com (Postfix) with ESMTP id A3824B0F9F for ; Sat, 14 Dec 2024 09:04:44 +0000 (UTC) X-FDA: 82892978784.16.F0B6DC4 Received: from mail-pl1-f171.google.com (mail-pl1-f171.google.com [209.85.214.171]) by imf03.hostedemail.com (Postfix) with ESMTP id BB0A82000C for ; Sat, 14 Dec 2024 09:04:30 +0000 (UTC) Authentication-Results: imf03.hostedemail.com; dkim=pass header.d=bytedance.com header.s=google header.b=ERDOtL5M; spf=pass (imf03.hostedemail.com: domain of zhengqi.arch@bytedance.com designates 209.85.214.171 as permitted sender) smtp.mailfrom=zhengqi.arch@bytedance.com; dmarc=pass (policy=quarantine) header.from=bytedance.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1734167070; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=+CB+suh8vMLKY78fggEtIk5gD9ivloFZvOHbrupXaAs=; b=cI/XL3clMP3gG4q5IFuOP0BJl2fdloecV1f3vU5bQSmTduQhZ1Z53yxI776yfvWnfDwpdY wKsraMSs1uqaG//CRqPfo1tREo0MQZNcPsVDKqQmw4Im9mVV/F990MLlfLEfojLAH4zYKw P/r8PYnvwXONrR3cwuQb64dkpBsH+ks= ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1734167070; a=rsa-sha256; cv=none; b=l8Fev3/Mj+fAIkUGAI2XidzeGnghJ5twE3bNHbEFH6ukfi2/vkm4jrYOs/dl7DXD7lmWc2 sYVw1FFJfvh0YkYCCrJWO3VshPHjfBoR432Rrh/eTzr0cYyi1GzymYH0XVI8Fr+BlNzkuW DYzkA1rkKgZqjtMIdd5UJZKVuV+yWYg= ARC-Authentication-Results: i=1; imf03.hostedemail.com; dkim=pass header.d=bytedance.com header.s=google header.b=ERDOtL5M; spf=pass (imf03.hostedemail.com: domain of zhengqi.arch@bytedance.com designates 209.85.214.171 as permitted sender) smtp.mailfrom=zhengqi.arch@bytedance.com; dmarc=pass (policy=quarantine) header.from=bytedance.com Received: by mail-pl1-f171.google.com with SMTP id d9443c01a7336-2164b662090so20836925ad.1 for ; Sat, 14 Dec 2024 01:04:42 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=bytedance.com; s=google; t=1734167081; x=1734771881; darn=kvack.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=+CB+suh8vMLKY78fggEtIk5gD9ivloFZvOHbrupXaAs=; b=ERDOtL5MbyH/mxE4JMNpszg5DRzhii4CDFbYJfUJiFiQQD42UFTyezu/nAQ0/rNMpQ NevV2meabLnGPct+qEoQrtrsGOD8Dw7XDLfVks4lbxNLRuyYekTytX8nrE7ETseotjJo 5+IdhwJ0cW8kszhGp+UoSjvFcpNqocu1P0/0EzgL4N0oHhm4NxUOIi+ydmamQHyY41jg bUoX3lUmIyPjN5E0e1QadG0VhxTFr3JMwZqnGt9O6cid8YEuNphxl6jJk7e5IMRTBEfM uL8d37fEiJwnyY4OR/lsbtosVsm4VGrJyWmCGfnTMk37UdkObETScpmuA5upEZaHOLHA Lk+Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1734167081; x=1734771881; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=+CB+suh8vMLKY78fggEtIk5gD9ivloFZvOHbrupXaAs=; b=djK1DiyduZKvVU+g+BSU9mxeQ3ibXUp5He7znVPwukndlStNF3jet1ihprxt2RkcHl 5g7jN59miKcdHWiP8LteyWwx5AJtYLwzwJFSbIMG+BWVWDvUkJH/tQ8C9j/Uz8tNzr1C 4jJNArcJmg4jJfz9PBf8UZyAFNCIb594Ocp832n0QfcTEjPEa7N0QoksSvQHpoel9u2I GH8Vqk3aZ/qxn2GSCaRorfvVi6mZllth7yfHLfGRLgMbivb25jY1hY2mNa7a1RspIIJQ Um4i1CyeRrAYJs0fOn/U2EmX1kZHL1LDGQG64M/WrOpeOiptLvMSveh6QdElQXap9H5M F8Ow== X-Gm-Message-State: AOJu0Yxkjt+itrFIgH+9mi/7zmGb8uotrQQPtjBFIIGEW0Lxrwdq+VAs +cjY/f/yscX/mJLuaRmMwibiN9X1gtgDJlSEp9P2CBL6iMby+dzcLwyLpewCObI= X-Gm-Gg: ASbGncsLqiDEBFKHlD+MKK6nGkoSJyAkJOMMql2NdrhhnTFa6mpOt/vV+rFGHL1+5MM wJ4yHx6zMFxLePMp/wYx5e0fKNNN4t/LXFXpxDgJi4wV26OJ0++uKwE49FegY/VKlOdcqQSkZlH DFYknwUHCyYOc28BEXY3RoLUMg+205OF+mweJgIs3/h5ptrPUEpf2K8V0PPYbNo3AHCsLXOqCPZ g/mqSY2NNd6UhMl6buIgQUca6RSDbnlEA6mgxnjaTVXGzwTe/94wQC+RKiAiArA1hjId0Jd1WB4 +GNKQ+G4u9SCQMPm/zn16bEvooKm6g== X-Google-Smtp-Source: AGHT+IE0QPwbAOQZHxlo/n3+wbqMrZuKXsuKTSsN4acRfuabgW+JUZvSc3827znPlMKVF1C6eV/6aw== X-Received: by 2002:a17:902:dac6:b0:215:8847:435c with SMTP id d9443c01a7336-21892982123mr70599045ad.12.1734167081724; Sat, 14 Dec 2024 01:04:41 -0800 (PST) Received: from C02DW0BEMD6R.bytedance.net ([2409:8a28:f4f:a9a4:5d46:4ef0:daa9:1db8]) by smtp.gmail.com with ESMTPSA id 41be03b00d2f7-801d5a90ba0sm905731a12.16.2024.12.14.01.04.32 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 14 Dec 2024 01:04:40 -0800 (PST) From: Qi Zheng To: peterz@infradead.org, tglx@linutronix.de, david@redhat.com, jannh@google.com, hughd@google.com, yuzhao@google.com, willy@infradead.org, muchun.song@linux.dev, vbabka@kernel.org, lorenzo.stoakes@oracle.com, akpm@linux-foundation.org, rientjes@google.com Cc: linux-mm@kvack.org, linux-kernel@vger.kernel.org, Qi Zheng , linux-arm-kernel@lists.infradead.org Subject: [PATCH 07/12] arm64: pgtable: move pagetable_dtor() to __tlb_remove_table() Date: Sat, 14 Dec 2024 17:02:53 +0800 Message-Id: <1781d3bab60aade7d64fbeb6682b9e73bd673d3c.1734164094.git.zhengqi.arch@bytedance.com> X-Mailer: git-send-email 2.24.3 (Apple Git-128) In-Reply-To: References: MIME-Version: 1.0 X-Rspamd-Server: rspam10 X-Rspamd-Queue-Id: BB0A82000C X-Stat-Signature: s46nicnuyi1m5kn5zpgdwtkfg4ef3p1s X-Rspam-User: X-HE-Tag: 1734167070-597027 X-HE-Meta: U2FsdGVkX1/zEXalu8Slr55I1DzSb/cIanm67t6QdPnxhBjxiVA5QVHWLBTEsj/NAsSx0USMeOf/cvWNz62B/7Yxy6ZhGdLpUdWxxmBBawaxX3nHsXwfR9N/v0i74x2VIVlqwu5WyZMqbrvtnewCEHJvJswN0EESbI7iiMZiV2yJAmETV8jNmJv8CwJDYq/2BCX2FhyF5BM2E9tKOz7cBCe6RjT9GCksr3XYytjXBA2x2b8IwwKEN17VFpwWEXhYUFFZKu9RboT9Y7BsaxwRlDCJHhXj+ZkE9bmR4SZtmcP5dZvdsLIudUh+qeJEHIpI6cDoht+RNyKVuBlWAS3rYzfvt/OIdsIf7BOzEPkw9oslnQK2edRy6VzNmKnYjvkM8ckB+zi4XdPkl3e8aW32LLffO3XftKi0UedXWgpogQygfbScrCif3anLlfh2N0pRzotMUdRDeqFIj4em1lvLm80bfP6tTtlm7wa8A4fwIp4lJeokcGJXoUQwwX4vAnvT8Pv6rgRZSNIuPY6kz6/V124yC6PenqVEYsMBkub+YhAnRp8lV5L5+GcTudkpqbcJe61hNfHhMWMw3kMaQI0G3K3hpPM3McNnr+ck07swdO7FPoe1o9mcwqTWISIR0S7ncBgl6iT7gF4OKr7bG009mtoVYf6G8K/2X8d88BUtthEekX0Ko3egPZ7DnnjnlK35sWpq7joolf8f+g21G2D8KaOBGqciVccKZgBqIM/E5OaYKtKVugxUwaO82n17edJsp1o+ZmTuH0GY9ol87msvagiUDWDZPtEfCp3mX9SxaSpWePBLju9s0QWqWrCHHqgJ1Kma6crEwIqfMYyDr0P9GrddhLR/sx7qBuAdsl30ovQKuDMe1BLpUQp7aC8+JMjPqnSbeP0XC0yKFEspyW0c2yXPIc+jpGQ5DXBJKQTICq7WcyNhkB1uz/kT59iwnUPd49SdYbVXe4Drt2HlsML UcgzskkY D/Kv0geOHNzGRyqHx8uSMc1i6uPfNVV7CRtWHOOBsfjf5yWJJkbD7Gh8Skt2btM3goTwWQZgpxbKGHuVNsXsExsSJxuUVeESQ7WMHgMlDLWyNHXGEciG/4+AK6LR/Gtq9khEOJnH0i/JadB7zK6Jvay5xRTaD91j6agGma8ZdkUuuCv1cXRqG8cv7h9jMrMm81lKNpZu7UMez2/w8l1DXu1xRs5K5WzG6I8D15rkLisok1HqWUT+CxLWkX06X0G3QL4JvwxcPeia9gTIGHTTJDGQQSilaSD4Qhcd/RUduRwxq793czsDbKuoQvOD4AHRrga3A5ujg77sAkyXnSiAKS/985XRgTMejI3kFkj576E/nXv8G0HMxRGuVe8nE8LVa9/Bq44SoPztBJ5T2Nsm1wHLlhYRQVTyVYkGbbHdQVzjjcLw= X-Bogosity: Ham, tests=bogofilter, spamicity=0.001425, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: Move pagetable_dtor() to __tlb_remove_table(), so that ptlock and page table pages can be freed together (regardless of whether RCU is used). This prevents the use-after-free problem where the ptlock is freed immediately but the page table pages is freed later via RCU. Page tables shouldn't have swap cache, so use pagetable_free() instead of free_page_and_swap_cache() to free page table pages. Signed-off-by: Qi Zheng Cc: linux-arm-kernel@lists.infradead.org --- arch/arm64/include/asm/tlb.h | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/arch/arm64/include/asm/tlb.h b/arch/arm64/include/asm/tlb.h index 408d0f36a8a8f..93591a80b5bfb 100644 --- a/arch/arm64/include/asm/tlb.h +++ b/arch/arm64/include/asm/tlb.h @@ -9,11 +9,13 @@ #define __ASM_TLB_H #include -#include static inline void __tlb_remove_table(void *_table) { - free_page_and_swap_cache((struct page *)_table); + struct ptdesc *ptdesc = (struct ptdesc *)_table; + + pagetable_dtor(ptdesc); + pagetable_free(ptdesc); } #define tlb_flush tlb_flush @@ -82,7 +84,6 @@ static inline void __pte_free_tlb(struct mmu_gather *tlb, pgtable_t pte, { struct ptdesc *ptdesc = page_ptdesc(pte); - pagetable_dtor(ptdesc); tlb_remove_ptdesc(tlb, ptdesc); } @@ -92,7 +93,6 @@ static inline void __pmd_free_tlb(struct mmu_gather *tlb, pmd_t *pmdp, { struct ptdesc *ptdesc = virt_to_ptdesc(pmdp); - pagetable_dtor(ptdesc); tlb_remove_ptdesc(tlb, ptdesc); } #endif @@ -106,7 +106,6 @@ static inline void __pud_free_tlb(struct mmu_gather *tlb, pud_t *pudp, if (!pgtable_l4_enabled()) return; - pagetable_dtor(ptdesc); tlb_remove_ptdesc(tlb, ptdesc); } #endif @@ -120,7 +119,6 @@ static inline void __p4d_free_tlb(struct mmu_gather *tlb, p4d_t *p4dp, if (!pgtable_l5_enabled()) return; - pagetable_dtor(ptdesc); tlb_remove_ptdesc(tlb, ptdesc); } #endif