From: Martin Schwidefsky Date: Mon, 17 Dec 2007 15:25:48 +0000 (+0100) Subject: [S390] pud_present/pmd_present bug. X-Git-Tag: firefly_0821_release~24005^2 X-Git-Url: http://demsky.eecs.uci.edu/git/?a=commitdiff_plain;h=0d01792300c4d7425eabac9095c603cdb411d2a5;p=firefly-linux-kernel-4.4.55.git [S390] pud_present/pmd_present bug. Git commit 3610cce87af0693603db171d5b6f6735f5e3dc5b (yeah my own :-/) introduced a bug in regard to pud/pmd table entries. If the address of the page table refered to by a pud/pmd value happens to have zeroes in the lower 32 bits, pud_present and pmd_present return false. The obvious effect is that this triggers the BUG_ON in exit_mmap because some ptes will not get released on process end. Worse is that the next fault for memory covered by that pud/pmd will allocate another pmd/pte table and populate the pud/pmd entry. The old page table entries hanging below this entry are lost! The fix is simple, properly check against 0. The check is added for pud_none/pmd_none as well even if these two functions work because the invalid bit is in the lower 32 bits. Signed-off-by: Martin Schwidefsky --- diff --git a/include/asm-s390/pgtable.h b/include/asm-s390/pgtable.h index f2cc25b74adf..1f530f8a6280 100644 --- a/include/asm-s390/pgtable.h +++ b/include/asm-s390/pgtable.h @@ -453,12 +453,12 @@ static inline int pgd_bad(pgd_t pgd) { return 0; } static inline int pud_present(pud_t pud) { - return pud_val(pud) & _REGION_ENTRY_ORIGIN; + return (pud_val(pud) & _REGION_ENTRY_ORIGIN) != 0UL; } static inline int pud_none(pud_t pud) { - return pud_val(pud) & _REGION_ENTRY_INV; + return (pud_val(pud) & _REGION_ENTRY_INV) != 0UL; } static inline int pud_bad(pud_t pud) @@ -471,12 +471,12 @@ static inline int pud_bad(pud_t pud) static inline int pmd_present(pmd_t pmd) { - return pmd_val(pmd) & _SEGMENT_ENTRY_ORIGIN; + return (pmd_val(pmd) & _SEGMENT_ENTRY_ORIGIN) != 0UL; } static inline int pmd_none(pmd_t pmd) { - return pmd_val(pmd) & _SEGMENT_ENTRY_INV; + return (pmd_val(pmd) & _SEGMENT_ENTRY_INV) != 0UL; } static inline int pmd_bad(pmd_t pmd)