tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork atom

powerpc/fixmap: Fix VM debug warning on unmap

Unmapping a fixmap entry is done by calling __set_fixmap()
with FIXMAP_PAGE_CLEAR as flags.

Today, powerpc __set_fixmap() calls map_kernel_page().

map_kernel_page() is not happy when called a second time
for the same page.

WARNING: CPU: 0 PID: 1 at arch/powerpc/mm/pgtable.c:194 set_pte_at+0xc/0x1e8
CPU: 0 PID: 1 Comm: swapper Not tainted 5.16.0-rc3-s3k-dev-01993-g350ff07feb7d-dirty #682
NIP: c0017cd4 LR: c00187f0 CTR: 00000010
REGS: e1011d50 TRAP: 0700 Not tainted (5.16.0-rc3-s3k-dev-01993-g350ff07feb7d-dirty)
MSR: 00029032 <EE,ME,IR,DR,RI> CR: 42000208 XER: 00000000

GPR00: c0165fec e1011e10 c14c0000 c0ee2550 ff800000 c0f3d000 00000000 c001686c
GPR08: 00001000 b00045a9 00000001 c0f58460 c0f50000 00000000 c0007e10 00000000
GPR16: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
GPR24: 00000000 00000000 c0ee2550 00000000 c0f57000 00000ff8 00000000 ff800000
NIP [c0017cd4] set_pte_at+0xc/0x1e8
LR [c00187f0] map_kernel_page+0x9c/0x100
Call Trace:
[e1011e10] [c0736c68] vsnprintf+0x358/0x6c8 (unreliable)
[e1011e30] [c0165fec] __set_fixmap+0x30/0x44
[e1011e40] [c0c13bdc] early_iounmap+0x11c/0x170
[e1011e70] [c0c06cb0] ioremap_legacy_serial_console+0x88/0xc0
[e1011e90] [c0c03634] do_one_initcall+0x80/0x178
[e1011ef0] [c0c0385c] kernel_init_freeable+0xb4/0x250
[e1011f20] [c0007e34] kernel_init+0x24/0x140
[e1011f30] [c0016268] ret_from_kernel_thread+0x5c/0x64
Instruction dump:
7fe3fb78 48019689 80010014 7c630034 83e1000c 5463d97e 7c0803a6 38210010
4e800020 81250000 712a0001 41820008 <0fe00000> 9421ffe0 93e1001c 48000030

Implement unmap_kernel_page() which clears an existing pte.

Reported-by: Maxime Bizon <mbizon@freebox.fr>
Signed-off-by: Christophe Leroy <christophe.leroy@csgroup.eu>
Tested-by: Maxime Bizon <mbizon@freebox.fr>
Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
Link: https://lore.kernel.org/r/b0b752f6f6ecc60653e873f385c6f0dce4e9ab6a.1638789098.git.christophe.leroy@csgroup.eu

authored by

Christophe Leroy and committed by
Michael Ellerman aec98260 dd81e1c7

+18 -2
+1
arch/powerpc/include/asm/book3s/32/pgtable.h
··· 178 178 #ifndef __ASSEMBLY__ 179 179 180 180 int map_kernel_page(unsigned long va, phys_addr_t pa, pgprot_t prot); 181 + void unmap_kernel_page(unsigned long va); 181 182 182 183 #endif /* !__ASSEMBLY__ */ 183 184
+2
arch/powerpc/include/asm/book3s/64/pgtable.h
··· 1082 1082 return hash__map_kernel_page(ea, pa, prot); 1083 1083 } 1084 1084 1085 + void unmap_kernel_page(unsigned long va); 1086 + 1085 1087 static inline int __meminit vmemmap_create_mapping(unsigned long start, 1086 1088 unsigned long page_size, 1087 1089 unsigned long phys)
+4 -2
arch/powerpc/include/asm/fixmap.h
··· 111 111 BUILD_BUG_ON(idx >= __end_of_fixed_addresses); 112 112 else if (WARN_ON(idx >= __end_of_fixed_addresses)) 113 113 return; 114 - 115 - map_kernel_page(__fix_to_virt(idx), phys, flags); 114 + if (pgprot_val(flags)) 115 + map_kernel_page(__fix_to_virt(idx), phys, flags); 116 + else 117 + unmap_kernel_page(__fix_to_virt(idx)); 116 118 } 117 119 118 120 #define __early_set_fixmap __set_fixmap
+1
arch/powerpc/include/asm/nohash/32/pgtable.h
··· 64 64 #ifndef __ASSEMBLY__ 65 65 66 66 int map_kernel_page(unsigned long va, phys_addr_t pa, pgprot_t prot); 67 + void unmap_kernel_page(unsigned long va); 67 68 68 69 #endif /* !__ASSEMBLY__ */ 69 70
+1
arch/powerpc/include/asm/nohash/64/pgtable.h
··· 308 308 #define __swp_entry_to_pte(x) __pte((x).val) 309 309 310 310 int map_kernel_page(unsigned long ea, unsigned long pa, pgprot_t prot); 311 + void unmap_kernel_page(unsigned long va); 311 312 extern int __meminit vmemmap_create_mapping(unsigned long start, 312 313 unsigned long page_size, 313 314 unsigned long phys);
+9
arch/powerpc/mm/pgtable.c
··· 206 206 __set_pte_at(mm, addr, ptep, pte, 0); 207 207 } 208 208 209 + void unmap_kernel_page(unsigned long va) 210 + { 211 + pmd_t *pmdp = pmd_off_k(va); 212 + pte_t *ptep = pte_offset_kernel(pmdp, va); 213 + 214 + pte_clear(&init_mm, va, ptep); 215 + flush_tlb_kernel_range(va, va + PAGE_SIZE); 216 + } 217 + 209 218 /* 210 219 * This is called when relaxing access to a PTE. It's also called in the page 211 220 * fault path when we don't hit any of the major fault cases, ie, a minor