summaryrefslogtreecommitdiff
path: root/arch/x86
diff options
context:
space:
mode:
authorJeremy Fitzhardinge <jeremy@goop.org>2009-02-11 09:32:19 -0800
committerGreg Kroah-Hartman <gregkh@suse.de>2009-02-20 14:36:58 -0800
commitf0bc833ff5ca8f4dba884b2eb95116e0da36185b (patch)
treecbb34c489151fff4d5323c7a8a10a72e3776267f /arch/x86
parentf5d4c866a840c054c7561caee0d77980c993a118 (diff)
x86/cpa: make sure cpa is safe to call in lazy mmu mode
commit 4f06b0436b2ddbd3b67b10e77098a6862787b3eb upstream. Impact: fix race leading to crash under KVM and Xen The CPA code may be called while we're in lazy mmu update mode - for example, when using DEBUG_PAGE_ALLOC and doing a slab allocation in an interrupt handler which interrupted a lazy mmu update. In this case, the in-memory pagetable state may be out of date due to pending queued updates. We need to flush any pending updates before inspecting the page table. Similarly, we must explicitly flush any modifications CPA may have made (which comes down to flushing queued operations when flushing the TLB). Signed-off-by: Jeremy Fitzhardinge <jeremy.fitzhardinge@citrix.com> Acked-by: Marcelo Tosatti <mtosatti@redhat.com> Signed-off-by: Ingo Molnar <mingo@elte.hu> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
Diffstat (limited to 'arch/x86')
-rw-r--r--arch/x86/mm/pageattr.c14
1 files changed, 14 insertions, 0 deletions
diff --git a/arch/x86/mm/pageattr.c b/arch/x86/mm/pageattr.c
index 5b719a08a243..7c3b8dc52dc8 100644
--- a/arch/x86/mm/pageattr.c
+++ b/arch/x86/mm/pageattr.c
@@ -619,6 +619,13 @@ static int __change_page_attr(struct cpa_data *cpa, int primary)
unsigned int level;
pte_t *kpte, old_pte;
+ /*
+ * If we're called with lazy mmu updates enabled, the
+ * in-memory pte state may be stale. Flush pending updates to
+ * bring them up to date.
+ */
+ arch_flush_lazy_mmu_mode();
+
repeat:
kpte = lookup_address(address, &level);
if (!kpte)
@@ -836,6 +843,13 @@ static int change_page_attr_set_clr(unsigned long addr, int numpages,
else
cpa_flush_all(cache);
+ /*
+ * If we've been called with lazy mmu updates enabled, then
+ * make sure that everything gets flushed out before we
+ * return.
+ */
+ arch_flush_lazy_mmu_mode();
+
out:
cpa_fill_pool(NULL);