Skip to content

Commit fd1102f

Browse files
npiggintorvalds
npiggin
authored and
torvalds
committed
mm: mmu_notifier fix for tlb_end_vma
The generic tlb_end_vma does not call invalidate_range mmu notifier, and it resets resets the mmu_gather range, which means the notifier won't be called on part of the range in case of an unmap that spans multiple vmas. ARM64 seems to be the only arch I could see that has notifiers and uses the generic tlb_end_vma. I have not actually tested it. [ Catalin and Will point out that ARM64 currently only uses the notifiers for KVM, which doesn't use the ->invalidate_range() callback right now, so it's a bug, but one that happens to not affect them. So not necessary for stable. - Linus ] Signed-off-by: Nicholas Piggin <npiggin@gmail.com> Acked-by: Catalin Marinas <catalin.marinas@arm.com> Acked-by: Will Deacon <will.deacon@arm.com> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
1 parent d86564a commit fd1102f

File tree

2 files changed

+13
-14
lines changed

2 files changed

+13
-14
lines changed

include/asm-generic/tlb.h

Lines changed: 13 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -15,6 +15,7 @@
1515
#ifndef _ASM_GENERIC__TLB_H
1616
#define _ASM_GENERIC__TLB_H
1717

18+
#include <linux/mmu_notifier.h>
1819
#include <linux/swap.h>
1920
#include <asm/pgalloc.h>
2021
#include <asm/tlbflush.h>
@@ -138,6 +139,16 @@ static inline void __tlb_reset_range(struct mmu_gather *tlb)
138139
}
139140
}
140141

142+
static inline void tlb_flush_mmu_tlbonly(struct mmu_gather *tlb)
143+
{
144+
if (!tlb->end)
145+
return;
146+
147+
tlb_flush(tlb);
148+
mmu_notifier_invalidate_range(tlb->mm, tlb->start, tlb->end);
149+
__tlb_reset_range(tlb);
150+
}
151+
141152
static inline void tlb_remove_page_size(struct mmu_gather *tlb,
142153
struct page *page, int page_size)
143154
{
@@ -186,10 +197,8 @@ static inline void tlb_remove_check_page_size_change(struct mmu_gather *tlb,
186197

187198
#define __tlb_end_vma(tlb, vma) \
188199
do { \
189-
if (!tlb->fullmm && tlb->end) { \
190-
tlb_flush(tlb); \
191-
__tlb_reset_range(tlb); \
192-
} \
200+
if (!tlb->fullmm) \
201+
tlb_flush_mmu_tlbonly(tlb); \
193202
} while (0)
194203

195204
#ifndef tlb_end_vma

mm/memory.c

Lines changed: 0 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -238,16 +238,6 @@ void arch_tlb_gather_mmu(struct mmu_gather *tlb, struct mm_struct *mm,
238238
__tlb_reset_range(tlb);
239239
}
240240

241-
static void tlb_flush_mmu_tlbonly(struct mmu_gather *tlb)
242-
{
243-
if (!tlb->end)
244-
return;
245-
246-
tlb_flush(tlb);
247-
mmu_notifier_invalidate_range(tlb->mm, tlb->start, tlb->end);
248-
__tlb_reset_range(tlb);
249-
}
250-
251241
static void tlb_flush_mmu_free(struct mmu_gather *tlb)
252242
{
253243
struct mmu_gather_batch *batch;

0 commit comments

Comments
 (0)