mm: Force TLB flush for PFNMAP mappings before unlink_file_vma()
From jannh@google.com Wed Aug 31 21:19:43 2022
To: stable@vger.kernel.org
Cc: Peter Zijlstra <peterz@infradead.org>, Will Deacon <will@kernel.org>, Linus Torvalds <torvalds@linuxfoundation.org>
Message-ID: <
20220831191348.
3388208-1-jannh@google.com>
commit
b67fbebd4cf980aecbcc750e1462128bffe8ae15 upstream.
Some drivers rely on having all VMAs through which a PFN might be
accessible listed in the rmap for correctness.
However, on X86, it was possible for a VMA with stale TLB entries
to not be listed in the rmap.
This was fixed in mainline with
commit
b67fbebd4cf9 ("mmu_gather: Force tlb-flush VM_PFNMAP vmas"),
but that commit relies on preceding refactoring in
commit
18ba064e42df3 ("mmu_gather: Let there be one tlb_{start,end}_vma()
implementation") and commit
1e9fdf21a4339 ("mmu_gather: Remove per arch
tlb_{start,end}_vma()").
This patch provides equivalent protection without needing that
refactoring, by forcing a TLB flush between removing PTEs in
unmap_vmas() and the call to unlink_file_vma() in free_pgtables().
[This is a stable-specific rewrite of the upstream commit!]
Signed-off-by: Jann Horn <jannh@google.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Gbp-Pq: Topic bugfix/all
Gbp-Pq: Name mm-force-tlb-flush-for-pfnmap-mappings-before-unlink_file_vma.patch
projects / linux.git / commit