git.samba.org - sfrench/cifs-2.6.git/commit

author	Nicholas Piggin <npiggin@gmail.com>
	Fri, 27 Jul 2018 11:48:17 +0000 (21:48 +1000)
committer	Michael Ellerman <mpe@ellerman.id.au>
	Tue, 7 Aug 2018 14:32:32 +0000 (00:32 +1000)
commit	4231aba000f5a4583dd9f67057aadb68c3eca99d
tree	d504bc547bb05060595d02e96710a20795707518	tree
parent	a0ac3687fb404d59296ecba4642071424d153569	commit \| diff

powerpc/64s: Fix page table fragment refcount race vs speculative references

The page table fragment allocator uses the main page refcount racily
with respect to speculative references. A customer observed a BUG due
to page table page refcount underflow in the fragment allocator. This
can be caused by the fragment allocator set_page_count stomping on a
speculative reference, and then the speculative failure handler
decrements the new reference, and the underflow eventually pops when
the page tables are freed.

Fix this by using a dedicated field in the struct page for the page
table fragment allocator.

Fixes: 5c1f6ee9a31c ("powerpc: Reduce PTE table memory wastage")
Cc: stable@vger.kernel.org # v3.10+
Reviewed-by: Aneesh Kumar K.V <aneesh.kumar@linux.ibm.com>
Signed-off-by: Nicholas Piggin <npiggin@gmail.com>
Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>

arch/powerpc/mm/mmu_context_book3s64.c		diff \| blob \| history
arch/powerpc/mm/pgtable-book3s64.c		diff \| blob \| history
include/linux/mm_types.h		diff \| blob \| history