Josh Boyer 1830f97
From patchwork Wed Sep 14 19:43:15 2011
Josh Boyer 1830f97
Content-Type: text/plain; charset="utf-8"
Josh Boyer 1830f97
MIME-Version: 1.0
Josh Boyer 1830f97
Content-Transfer-Encoding: 7bit
Josh Boyer 1830f97
Subject: powerpc: Fix deadlock in icswx code
Josh Boyer 1830f97
Date: Wed, 14 Sep 2011 09:43:15 -0000
Josh Boyer 1830f97
From: Anton Blanchard <anton@samba.org>
Josh Boyer 1830f97
X-Patchwork-Id: 114701
Josh Boyer 1830f97
Message-Id: <20110915054315.5e5ae062@kryten>
Josh Boyer 1830f97
To: benh@kernel.crashing.org, paulus@samba.org
Josh Boyer 1830f97
Cc: linuxppc-dev@lists.ozlabs.org
Josh Boyer 1830f97
Josh Boyer 1830f97
The icswx code introduced an A-B B-A deadlock:
Josh Boyer 1830f97
Josh Boyer 1830f97
     CPU0                    CPU1
Josh Boyer 1830f97
     ----                    ----
Josh Boyer 1830f97
lock(&anon_vma->mutex);
Josh Boyer 1830f97
                             lock(&mm->mmap_sem);
Josh Boyer 1830f97
                             lock(&anon_vma->mutex);
Josh Boyer 1830f97
lock(&mm->mmap_sem);
Josh Boyer 1830f97
Josh Boyer 1830f97
Instead of using the mmap_sem to keep mm_users constant, take the
Josh Boyer 1830f97
page table spinlock.
Josh Boyer 1830f97
Josh Boyer 1830f97
Signed-off-by: Anton Blanchard <anton@samba.org>
Josh Boyer 1830f97
Cc: <stable@kernel.org>
Josh Boyer 1830f97
Josh Boyer 1830f97
---
Josh Boyer 1830f97
Josh Boyer 1830f97
Josh Boyer 1830f97
diff --git a/arch/powerpc/mm/mmu_context_hash64.c b/arch/powerpc/mm/mmu_context_hash64.c
Josh Boyer 1830f97
index 3bafc3d..4ff587e 100644
Josh Boyer 1830f97
--- a/arch/powerpc/mm/mmu_context_hash64.c
Josh Boyer 1830f97
+++ b/arch/powerpc/mm/mmu_context_hash64.c
Josh Boyer 1830f97
@@ -136,8 +136,8 @@ int use_cop(unsigned long acop, struct mm_struct *mm)
Josh Boyer 1830f97
 	if (!mm || !acop)
Josh Boyer 1830f97
 		return -EINVAL;
Josh Boyer 1830f97
 
Josh Boyer 1830f97
-	/* We need to make sure mm_users doesn't change */
Josh Boyer 1830f97
-	down_read(&mm->mmap_sem);
Josh Boyer 1830f97
+	/* The page_table_lock ensures mm_users won't change under us */
Josh Boyer 1830f97
+	spin_lock(&mm->page_table_lock);
Josh Boyer 1830f97
 	spin_lock(mm->context.cop_lockp);
Josh Boyer 1830f97
 
Josh Boyer 1830f97
 	if (mm->context.cop_pid == COP_PID_NONE) {
Josh Boyer 1830f97
@@ -164,7 +164,7 @@ int use_cop(unsigned long acop, struct mm_struct *mm)
Josh Boyer 1830f97
 
Josh Boyer 1830f97
 out:
Josh Boyer 1830f97
 	spin_unlock(mm->context.cop_lockp);
Josh Boyer 1830f97
-	up_read(&mm->mmap_sem);
Josh Boyer 1830f97
+	spin_unlock(&mm->page_table_lock);
Josh Boyer 1830f97
 
Josh Boyer 1830f97
 	return ret;
Josh Boyer 1830f97
 }
Josh Boyer 1830f97
@@ -185,8 +185,8 @@ void drop_cop(unsigned long acop, struct mm_struct *mm)
Josh Boyer 1830f97
 	if (WARN_ON_ONCE(!mm))
Josh Boyer 1830f97
 		return;
Josh Boyer 1830f97
 
Josh Boyer 1830f97
-	/* We need to make sure mm_users doesn't change */
Josh Boyer 1830f97
-	down_read(&mm->mmap_sem);
Josh Boyer 1830f97
+	/* The page_table_lock ensures mm_users won't change under us */
Josh Boyer 1830f97
+	spin_lock(&mm->page_table_lock);
Josh Boyer 1830f97
 	spin_lock(mm->context.cop_lockp);
Josh Boyer 1830f97
 
Josh Boyer 1830f97
 	mm->context.acop &= ~acop;
Josh Boyer 1830f97
@@ -213,7 +213,7 @@ void drop_cop(unsigned long acop, struct mm_struct *mm)
Josh Boyer 1830f97
 	}
Josh Boyer 1830f97
 
Josh Boyer 1830f97
 	spin_unlock(mm->context.cop_lockp);
Josh Boyer 1830f97
-	up_read(&mm->mmap_sem);
Josh Boyer 1830f97
+	spin_unlock(&mm->page_table_lock);
Josh Boyer 1830f97
 }
Josh Boyer 1830f97
 EXPORT_SYMBOL_GPL(drop_cop);
Josh Boyer 1830f97