mm/gup: Fix the lockless PMD access

On architectures where the PTE/PMD is larger than the native word size
(i386-PAE for example), READ_ONCE() can do the wrong thing. Use
pmdp_get_lockless() just like we use ptep_get_lockless().

Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Link: https://lkml.kernel.org/r/20221022114424.906110403%40infradead.org

diff --git a/kernel/events/core.c b/kernel/events/core.c
index 4ec3717003d5519f1a86f0c9f82ea93d2bb5f900..b0d38424f3f7705661851ce05eca006f71c78013 100644 (file)
--- a/kernel/events/core.c
+++ b/kernel/events/core.c
@@ -7306,7 +7306,7 @@ static u64 perf_get_pgtable_size(struct mm_struct *mm, unsigned long addr)
                return pud_leaf_size(pud);
 
        pmdp = pmd_offset_lockless(pudp, pud, addr);
-       pmd = READ_ONCE(*pmdp);
+       pmd = pmdp_get_lockless(pmdp);
        if (!pmd_present(pmd))
                return 0;
 

diff --git a/mm/gup.c b/mm/gup.c
index fe195d47de74a74259cb10729b184ed4ee887ad8..ff8b22327e165aba6efc76b5853ce12a859d0793 100644 (file)
--- a/mm/gup.c
+++ b/mm/gup.c
@@ -2808,7 +2808,7 @@ static int gup_pmd_range(pud_t *pudp, pud_t pud, unsigned long addr, unsigned lo
 
        pmdp = pmd_offset_lockless(pudp, pud, addr);
        do {
-               pmd_t pmd = READ_ONCE(*pmdp);
+               pmd_t pmd = pmdp_get_lockless(pmdp);
 
                next = pmd_addr_end(addr, end);
                if (!pmd_present(pmd))