[PATCH v2] powerpc/mm: Fix pmd/pte_devmap() on non-leaf entries

Fri Jul 28 13:03:47 AEST 2017

Michael Ellerman <mpe at ellerman.id.au> writes:

> From: Oliver O'Halloran <oohall at gmail.com>
>
> The Radix MMU translation tree as defined in ISA v3.0 contains two
> different types of entry, directories and leaves. Leaves are
> identified by _PAGE_PTE being set.
>
> The formats of the two entries are different, with the directory
> entries containing no spare bits for use by software. In particular
> the bit we use for _PAGE_DEVMAP is not reserved for software, and is
> part of the NLB (Next Level Base) field, essentially the address of
> the next level in the tree.
>
> Note that the Linux pte_t is not == _PAGE_PTE. A huge page pmd
> entry (or devmap!) is also a leaf and so has _PAGE_PTE set, even
> though we use a pmd_t for it in Linux.
>
> The fix is to ensure that the pmd/pte_devmap() confirm they are
> looking at a leaf entry (_PAGE_PTE) as well as checking _PAGE_DEVMAP.
>

Reviewed-by: Aneesh Kumar K.V <aneesh.kumar at linux.vnet.ibm.com>

> Signed-off-by: Oliver O'Halloran <oohall at gmail.com>
> Tested-by: Laurent Vivier <lvivier at redhat.com>
> Tested-by: Jose Ricardo Ziviani <joserz at linux.vnet.ibm.com>
> Reviewed-by: Suraj Jitindar Singh <sjitindarsingh at gmail.com>
> [mpe: Add a comment in the code and flesh out change log]
> Signed-off-by: Michael Ellerman <mpe at ellerman.id.au>
> ---
>  arch/powerpc/include/asm/book3s/64/pgtable.h | 10 +++++++++-
>  1 file changed, 9 insertions(+), 1 deletion(-)
>
> v2: Add a comment in the code and flesh out change log
>
> diff --git a/arch/powerpc/include/asm/book3s/64/pgtable.h b/arch/powerpc/include/asm/book3s/64/pgtable.h
> index d1da415e283c..818a58fc3f4f 100644
> --- a/arch/powerpc/include/asm/book3s/64/pgtable.h
> +++ b/arch/powerpc/include/asm/book3s/64/pgtable.h
> @@ -608,9 +608,17 @@ static inline pte_t pte_mkdevmap(pte_t pte)
>  	return __pte(pte_val(pte) | _PAGE_SPECIAL|_PAGE_DEVMAP);
>  }
>  
> +/*
> + * This is potentially called with a pmd as the argument, in which case it's not
> + * safe to check _PAGE_DEVMAP unless we also confirm that _PAGE_PTE is set.
> + * That's because the bit we use for _PAGE_DEVMAP is not reserved for software
> + * use in page directory entries (ie. non-ptes).
> + */
>  static inline int pte_devmap(pte_t pte)
>  {
> -	return !!(pte_raw(pte) & cpu_to_be64(_PAGE_DEVMAP));
> +	u64 mask = cpu_to_be64(_PAGE_DEVMAP | _PAGE_PTE);
> +
> +	return (pte_raw(pte) & mask) == mask;
>  }
>  
>  static inline pte_t pte_modify(pte_t pte, pgprot_t newprot)
> -- 
> 2.7.4