• Steve Capper's avatar
    arm64: Fix copy-on-write referencing in HugeTLB · 747a70e6
    Steve Capper authored
    set_pte_at(.) will set or unset the PTE_RDONLY hardware bit before
    writing the entry to the table.
    
    This can cause problems with the copy-on-write logic in hugetlb_cow:
     *) hugetlb_cow(.) called to handle a write fault on read only pte,
     *) Before the copy-on-write updates the new page table a call is
        made to pte_same(huge_ptep_get(ptep), pte)), to check for a race,
     *) Because set_pte_at(.) changed the pte, *ptep != pte, and the
        hugetlb_cow(.) code erroneously assumes that it lost the race,
     *) The new page is subsequently freed without being used.
    
    On arm64 this problem only becomes apparent when we apply:
    67961f9d mm/hugetlb: fix huge page reserve accounting for private
    mappings
    
    When one runs the libhugetlbfs test suite, there are allocation errors
    and hugetlbfs pages become erroneously locked in memory as reserved.
    (There is a high HugePages_Rsvd: count).
    
    In this patch we introduce pte_same which ignores the PTE_RDONLY bit,
    allowing for the libhugetlbfs test suite to pass as expected and
    without leaking any reserved HugeTLB pages.
    Reported-by: default avatarHuang Shijie <shijie.huang@arm.com>
    Signed-off-by: default avatarSteve Capper <steve.capper@arm.com>
    Signed-off-by: default avatarWill Deacon <will.deacon@arm.com>
    747a70e6
pgtable.h 21 KB