ANDROID: disable page table moves when speculative page faults are enabled

move_page_tables() can move entire pmd or pud without locking individual ptes. This is problematic for speculative page faults which do not take mmap_lock because they rely on ptl lock when writing new pte value. To avoid possible race, disable move_page_tables() optimization when CONFIG_SPECULATIVE_PAGE_FAULT is enabled. Bug: 257443051 Change-Id: Ib48dda08ecad1abc60d08fc089a6566a63393c13 Signed-off-by: Suren Baghdasaryan <surenb@google.com> Git-commit: 0f43357d37e4451cdc12a60895b6e4929a87adf7 Git-repo: https://android.googlesource.com/kernel/common/ [quic_c_spathi@quicinc.com: resolve trivial merge conflicts] Signed-off-by: Srinivasarao Pathipati <quic_c_spathi@quicinc.com>
2022-11-18 17:06:03 -08:00 · 2022-11-18 17:06:03 -08:00 · 78035f7a50
commit 78035f7a50
parent 51cfccaecd
1 changed files with 5 additions and 1 deletions
--- a/mm/mremap.c
+++ b/mm/mremap.c
@ -191,7 +191,11 @@ static void move_ptes(struct vm_area_struct *vma, pmd_t *old_pmd,
 		drop_rmap_locks(vma);
 }

-#ifdef CONFIG_HAVE_MOVE_PMD
+/*
+ * Speculative page fault handlers will not detect page table changes done
+ * without ptl locking.
+ */
+#if defined(CONFIG_HAVE_MOVE_PMD) && !defined(CONFIG_SPECULATIVE_PAGE_FAULT)
 static bool move_normal_pmd(struct vm_area_struct *vma, unsigned long old_addr,
 		  unsigned long new_addr, unsigned long old_end,
 		  pmd_t *old_pmd, pmd_t *new_pmd)