AcoSail/kernel_optimize_test
8
0
Fork 0
forked from luck/tmp_suning_uos_patched
Code Pull Requests Activity
45b69848a2
kernel_optimize_test/arch/arm/mm
History
Zhen Lei d6cab2e06c ARM: 9210/1: Mark the FDT_FIXED sections as shareable 
[ Upstream commit 598f0a99fa8a35be44b27106b43ddc66417af3b1 ]

commit 7a1be318f579 ("ARM: 9012/1: move device tree mapping out of linear
region") use FDT_FIXED_BASE to map the whole FDT_FIXED_SIZE memory area
which contains fdt. But it only reserves the exact physical memory that
fdt occupied. Unfortunately, this mapping is non-shareable. An illegal or
speculative read access can bring the RAM content from non-fdt zone into
cache, PIPT makes it to be hit by subsequently read access through
shareable mapping(such as linear mapping), and the cache consistency
between cores is lost due to non-shareable property.

|<---------FDT_FIXED_SIZE------>|
|                               |
 -------------------------------
| <non-fdt> | <fdt> | <non-fdt> |
 -------------------------------

1. CoreA read <non-fdt> through MT_ROM mapping, the old data is loaded
   into the cache.
2. CoreB write <non-fdt> to update data through linear mapping. CoreA
   received the notification to invalid the corresponding cachelines, but
   the property non-shareable makes it to be ignored.
3. CoreA read <non-fdt> through linear mapping, cache hit, the old data
   is read.

To eliminate this risk, add a new memory type MT_MEMORY_RO. Compared to
MT_ROM, it is shareable and non-executable.

Here's an example:
  list_del corruption. prev->next should be c0ecbf74, but was c08410dc
  kernel BUG at lib/list_debug.c:53!
  ... ...
  PC is at __list_del_entry_valid+0x58/0x98
  LR is at __list_del_entry_valid+0x58/0x98
  psr: 60000093
  sp : c0ecbf30  ip : 00000000  fp : 00000001
  r10: c08410d0  r9 : 00000001  r8 : c0825e0c
  r7 : 20000013  r6 : c08410d0  r5 : c0ecbf74  r4 : c0ecbf74
  r3 : c0825d08  r2 : 00000000  r1 : df7ce6f4  r0 : 00000044
  ... ...
  Stack: (0xc0ecbf30 to 0xc0ecc000)
  bf20:                                     c0ecbf74 c0164fd0 c0ecbf70 c0165170
  bf40: c0eca000 c0840c00 c0840c00 c0824500 c0825e0c c0189bbc c088f404 60000013
  bf60: 60000013 c0e85100 000004ec 00000000 c0ebcdc0 c0ecbf74 c0ecbf74 c0825d08
  ... ...                                           <  next     prev  >
  (__list_del_entry_valid) from (__list_del_entry+0xc/0x20)
  (__list_del_entry) from (finish_swait+0x60/0x7c)
  (finish_swait) from (rcu_gp_kthread+0x560/0xa20)
  (rcu_gp_kthread) from (kthread+0x14c/0x15c)
  (kthread) from (ret_from_fork+0x14/0x24)

The faulty list node to be deleted is a local variable, its address is
c0ecbf74. The dumped stack shows that 'prev' = c0ecbf74, but its value
before lib/list_debug.c:53 is c08410dc. A large amount of printing results
in swapping out the cacheline containing the old data(MT_ROM mapping is
read only, so the cacheline cannot be dirty), and the subsequent dump
operation obtains new data from the DDR.

Fixes: 7a1be318f579 ("ARM: 9012/1: move device tree mapping out of linear region")
Suggested-by: Ard Biesheuvel <ardb@kernel.org>
Signed-off-by: Zhen Lei <thunder.leizhen@huawei.com>
Reviewed-by: Ard Biesheuvel <ardb@kernel.org>
Reviewed-by: Kefeng Wang <wangkefeng.wang@huawei.com>
Signed-off-by: Russell King (Oracle) <rmk+kernel@armlinux.org.uk>
Signed-off-by: Sasha Levin <sashal@kernel.org>
2022-07-21 21:20:03 +02:00
..
abort-ev4.S
abort-ev4t.S
abort-ev5t.S
abort-ev5tj.S
abort-ev6.S
abort-ev7.S
abort-lv4t.S
abort-macro.S
abort-nommu.S
alignment.c ARM: 9214/1: alignment: advance IT state after emulating Thumb instruction 2022-07-21 21:20:00 +02:00
cache-b15-rac.c ARM: mm: Remove virtual address print from B15 RAC driver 2020-05-06 11:12:12 -07:00
cache-fa.S
cache-feroceon-l2.c
cache-l2x0-pmu.c
cache-l2x0.c ARM: 9007/1: l2c: fix prefetch bits init in L2X0_AUX_CTRL using DT values 2020-09-15 14:35:53 +01:00
cache-nop.S
cache-tauros2.c
cache-tauros3.h
cache-uniphier.c
cache-v4.S
cache-v4wb.S
cache-v4wt.S
cache-v6.S
cache-v7.S sched/rt, ARM: Use CONFIG_PREEMPTION 2019-12-08 14:37:32 +01:00
cache-v7m.S sched/rt, ARM: Use CONFIG_PREEMPTION 2019-12-08 14:37:32 +01:00
cache-xsc3l2.c
context.c
copypage-fa.c
copypage-feroceon.c
copypage-v4mc.c mm: don't include asm/pgtable.h if linux/mm.h is already included 2020-06-09 09:39:13 -07:00
copypage-v4wb.c
copypage-v4wt.c
copypage-v6.c mm: don't include asm/pgtable.h if linux/mm.h is already included 2020-06-09 09:39:13 -07:00
copypage-xsc3.c
copypage-xscale.c mm: don't include asm/pgtable.h if linux/mm.h is already included 2020-06-09 09:39:13 -07:00
dma-mapping-nommu.c dma-mapping: split <linux/dma-mapping.h> 2020-10-06 07:07:03 +02:00
dma-mapping.c dma-mapping: merge <linux/dma-noncoherent.h> into <linux/dma-map-ops.h> 2020-10-06 07:07:06 +02:00
dma.h
dump.c mm: don't include asm/pgtable.h if linux/mm.h is already included 2020-06-09 09:39:13 -07:00
extable.c
fault-armv.c mm: don't include asm/pgtable.h if linux/mm.h is already included 2020-06-09 09:39:13 -07:00
fault.c mm/arm: use general page fault accounting 2020-08-12 10:58:03 -07:00
fault.h
flush.c mm: introduce compound_nr() 2019-09-24 15:54:08 -07:00
fsr-2level.c
fsr-3level.c
highmem.c mm: pgtable: add shortcuts for accessing kernel PMD and PTE 2020-06-09 09:39:13 -07:00
hugetlbpage.c mm: remove unneeded includes of <asm/pgalloc.h> 2020-08-07 11:33:26 -07:00
idmap.c mm: reorder includes after introduction of linux/pgtable.h 2020-06-09 09:39:13 -07:00
init.c arm: extend pfn_valid to take into account freed memory map alignment 2021-12-17 10:14:42 +01:00
iomap.c ARM: 8923/1: mm: include <asm/vga.h> for vga_base 2019-10-31 16:58:54 +00:00
ioremap.c arm[64]/memremap: don't abuse pfn_valid() to ensure presence of linear map 2022-05-18 10:23:48 +02:00
Kconfig ARM: Spectre-BHB workaround 2022-03-11 12:11:50 +01:00
l2c-common.c
l2c-l2x0-resume.S
Makefile
mm.h mm: pgtable: add shortcuts for accessing kernel PMD and PTE 2020-06-09 09:39:13 -07:00
mmap.c arm: use generic mmap top-down layout and brk randomization 2019-09-24 15:54:12 -07:00
mmu.c ARM: 9210/1: Mark the FDT_FIXED sections as shareable 2022-07-21 21:20:03 +02:00
nommu.c arm: remove ioremap_cached 2019-11-11 17:19:40 +01:00
pabort-legacy.S
pabort-v6.S
pabort-v7.S
pageattr.c mm: don't include asm/pgtable.h if linux/mm.h is already included 2020-06-09 09:39:13 -07:00
pgd.c arm: add support for folded p4d page tables 2020-06-04 19:06:21 -07:00
physaddr.c
pmsa-v7.c ARM: 9069/1: NOMMU: Fix conversion for_each_membock() to for_each_mem_range() 2021-04-21 13:00:58 +02:00
pmsa-v8.c ARM: 9069/1: NOMMU: Fix conversion for_each_membock() to for_each_mem_range() 2021-04-21 13:00:58 +02:00
proc-arm7tdmi.S mm: reorder includes after introduction of linux/pgtable.h 2020-06-09 09:39:13 -07:00
proc-arm9tdmi.S mm: reorder includes after introduction of linux/pgtable.h 2020-06-09 09:39:13 -07:00
proc-arm720.S mm: reorder includes after introduction of linux/pgtable.h 2020-06-09 09:39:13 -07:00
proc-arm740.S mm: reorder includes after introduction of linux/pgtable.h 2020-06-09 09:39:13 -07:00
proc-arm920.S mm: reorder includes after introduction of linux/pgtable.h 2020-06-09 09:39:13 -07:00
proc-arm922.S mm: reorder includes after introduction of linux/pgtable.h 2020-06-09 09:39:13 -07:00
proc-arm925.S mm: reorder includes after introduction of linux/pgtable.h 2020-06-09 09:39:13 -07:00
proc-arm926.S mm: reorder includes after introduction of linux/pgtable.h 2020-06-09 09:39:13 -07:00
proc-arm940.S mm: reorder includes after introduction of linux/pgtable.h 2020-06-09 09:39:13 -07:00
proc-arm946.S mm: reorder includes after introduction of linux/pgtable.h 2020-06-09 09:39:13 -07:00
proc-arm1020.S mm: reorder includes after introduction of linux/pgtable.h 2020-06-09 09:39:13 -07:00
proc-arm1020e.S mm: reorder includes after introduction of linux/pgtable.h 2020-06-09 09:39:13 -07:00
proc-arm1022.S mm: reorder includes after introduction of linux/pgtable.h 2020-06-09 09:39:13 -07:00
proc-arm1026.S mm: reorder includes after introduction of linux/pgtable.h 2020-06-09 09:39:13 -07:00
proc-fa526.S mm: reorder includes after introduction of linux/pgtable.h 2020-06-09 09:39:13 -07:00
proc-feroceon.S mm: reorder includes after introduction of linux/pgtable.h 2020-06-09 09:39:13 -07:00
proc-macros.S ARM: 9133/1: mm: proc-macros: ensure *_tlb_fns are 4B aligned 2021-11-02 19:48:18 +01:00
proc-mohawk.S mm: reorder includes after introduction of linux/pgtable.h 2020-06-09 09:39:13 -07:00
proc-sa110.S mm: reorder includes after introduction of linux/pgtable.h 2020-06-09 09:39:13 -07:00
proc-sa1100.S mm: reorder includes after introduction of linux/pgtable.h 2020-06-09 09:39:13 -07:00
proc-syms.c
proc-v6.S mm: reorder includes after introduction of linux/pgtable.h 2020-06-09 09:39:13 -07:00
proc-v7-2level.S
proc-v7-3level.S
proc-v7-bugs.c ARM: 9209/1: Spectre-BHB: avoid pr_info() every time a CPU comes out of idle 2022-07-21 21:20:03 +02:00
proc-v7.S mm: reorder includes after introduction of linux/pgtable.h 2020-06-09 09:39:13 -07:00
proc-v7m.S ARM: 8933/1: replace Sun/Solaris style flag on section directive 2019-11-15 22:21:19 +00:00
proc-xsc3.S mm: reorder includes after introduction of linux/pgtable.h 2020-06-09 09:39:13 -07:00
proc-xscale.S mm: reorder includes after introduction of linux/pgtable.h 2020-06-09 09:39:13 -07:00
ptdump_debugfs.c
pv-fixup-asm.S ARM: 9012/1: move device tree mapping out of linear region 2021-05-19 10:13:18 +02:00
tcm.h
tlb-fa.S
tlb-v4.S
tlb-v4wb.S
tlb-v4wbi.S
tlb-v6.S
tlb-v7.S