OpenCloudOS-Kernel/arch/arm64/mm
Will Deacon 760bfb47c3 arm64: fault: Route pte translation faults via do_translation_fault
We currently route pte translation faults via do_page_fault, which elides
the address check against TASK_SIZE before invoking the mm fault handling
code. However, this can cause issues with the path walking code in
conjunction with our word-at-a-time implementation because
load_unaligned_zeropad can end up faulting in kernel space if it reads
across a page boundary and runs into a page fault (e.g. by attempting to
read from a guard region).

In the case of such a fault, load_unaligned_zeropad has registered a
fixup to shift the valid data and pad with zeroes, however the abort is
reported as a level 3 translation fault and we dispatch it straight to
do_page_fault, despite it being a kernel address. This results in calling
a sleeping function from atomic context:

  BUG: sleeping function called from invalid context at arch/arm64/mm/fault.c:313
  in_atomic(): 0, irqs_disabled(): 0, pid: 10290
  Internal error: Oops - BUG: 0 [#1] PREEMPT SMP
  [...]
  [<ffffff8e016cd0cc>] ___might_sleep+0x134/0x144
  [<ffffff8e016cd158>] __might_sleep+0x7c/0x8c
  [<ffffff8e016977f0>] do_page_fault+0x140/0x330
  [<ffffff8e01681328>] do_mem_abort+0x54/0xb0
  Exception stack(0xfffffffb20247a70 to 0xfffffffb20247ba0)
  [...]
  [<ffffff8e016844fc>] el1_da+0x18/0x78
  [<ffffff8e017f399c>] path_parentat+0x44/0x88
  [<ffffff8e017f4c9c>] filename_parentat+0x5c/0xd8
  [<ffffff8e017f5044>] filename_create+0x4c/0x128
  [<ffffff8e017f59e4>] SyS_mkdirat+0x50/0xc8
  [<ffffff8e01684e30>] el0_svc_naked+0x24/0x28
  Code: 36380080 d5384100 f9400800 9402566d (d4210000)
  ---[ end trace 2d01889f2bca9b9f ]---

Fix this by dispatching all translation faults to do_translation_faults,
which avoids invoking the page fault logic for faults on kernel addresses.

Cc: <stable@vger.kernel.org>
Reported-by: Ankit Jain <ankijain@codeaurora.org>
Signed-off-by: Will Deacon <will.deacon@arm.com>
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
2017-09-29 16:47:40 +01:00
..
Makefile arm64: Add support for CONFIG_DEBUG_VIRTUAL 2017-01-12 15:05:39 +00:00
cache.S arm64: Implement pmem API support 2017-08-09 12:15:45 +01:00
context.c arm64: cache: Remove support for ASID-tagged VIVT I-caches 2017-03-20 16:16:57 +00:00
copypage.c arm64: Defer dcache flush in __cpu_copy_user_page 2015-12-17 11:07:13 +00:00
dma-mapping.c arm64: dma-mapping: Mark atomic_pool as __ro_after_init 2017-08-21 16:24:53 +01:00
dump.c arm64: dump: Add checking for writable and exectuable pages 2016-11-07 18:15:04 +00:00
extable.c arm64: migrate exception table users off module.h and onto extable.h 2016-09-20 09:36:21 +01:00
fault.c arm64: fault: Route pte translation faults via do_translation_fault 2017-09-29 16:47:40 +01:00
flush.c arm64: fix pmem interface definition 2017-08-10 18:13:59 +01:00
hugetlbpage.c arm64: hugetlb: Cleanup setup_hugepagesz 2017-08-22 17:47:12 +01:00
init.c arm64: kdump: provide /proc/vmcore file 2017-04-05 18:31:38 +01:00
ioremap.c arm64: use is_vmalloc_addr 2017-02-09 13:47:56 +00:00
kasan_init.c arm64/kasan: don't allocate extra shadow memory 2017-07-10 16:32:33 -07:00
mmap.c arm64/mmap: properly account for stack randomization in mmap_base 2017-07-12 16:26:03 -07:00
mmu.c arm64: mmu: Place guard page after mapping of kernel image 2017-07-28 10:32:14 +01:00
numa.c arm64/numa: Drop duplicate message 2017-07-20 17:03:53 +01:00
pageattr.c arm64: use set_memory.h header 2017-05-08 17:15:13 -07:00
pgd.c arm64: mm: drop fixup_init() and mm.h 2016-09-06 19:09:38 +01:00
physaddr.c arm64: Add support for CONFIG_DEBUG_VIRTUAL 2017-01-12 15:05:39 +00:00
proc.S arm64: Avoid clobbering mm in erratum workaround on QDF2400 2017-02-24 10:55:31 +00:00
ptdump_debugfs.c arm64: dump: Make ptdump debugfs a separate option 2016-11-07 18:15:04 +00:00