brain-hackers_pepepper-mirror
/
linux-brain
mirror of https://github.com/brain-hackers/linux-brain.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
linux-brain/drivers
History
Alex Williamson 01be55fb26 vfio/pci: Handle concurrent vma faults 
[ Upstream commit 6a45ece4c9af473555f01f0f8b97eba56e3c7d0d ]

io_remap_pfn_range() will trigger a BUG_ON if it encounters a
populated pte within the mapping range.  This can occur because we map
the entire vma on fault and multiple faults can be blocked behind the
vma_lock.  This leads to traces like the one reported below.

We can use our vma_list to test whether a given vma is mapped to avoid
this issue.

[ 1591.733256] kernel BUG at mm/memory.c:2177!
[ 1591.739515] Internal error: Oops - BUG: 0 [#1] PREEMPT SMP
[ 1591.747381] Modules linked in: vfio_iommu_type1 vfio_pci vfio_virqfd vfio pv680_mii(O)
[ 1591.760536] CPU: 2 PID: 227 Comm: lcore-worker-2 Tainted: G O 5.11.0-rc3+ #1
[ 1591.770735] Hardware name:  , BIOS HixxxxFPGA 1P B600 V121-1
[ 1591.778872] pstate: 40400009 (nZcv daif +PAN -UAO -TCO BTYPE=--)
[ 1591.786134] pc : remap_pfn_range+0x214/0x340
[ 1591.793564] lr : remap_pfn_range+0x1b8/0x340
[ 1591.799117] sp : ffff80001068bbd0
[ 1591.803476] x29: ffff80001068bbd0 x28: 0000042eff6f0000
[ 1591.810404] x27: 0000001100910000 x26: 0000001300910000
[ 1591.817457] x25: 0068000000000fd3 x24: ffffa92f1338e358
[ 1591.825144] x23: 0000001140000000 x22: 0000000000000041
[ 1591.832506] x21: 0000001300910000 x20: ffffa92f141a4000
[ 1591.839520] x19: 0000001100a00000 x18: 0000000000000000
[ 1591.846108] x17: 0000000000000000 x16: ffffa92f11844540
[ 1591.853570] x15: 0000000000000000 x14: 0000000000000000
[ 1591.860768] x13: fffffc0000000000 x12: 0000000000000880
[ 1591.868053] x11: ffff0821bf3d01d0 x10: ffff5ef2abd89000
[ 1591.875932] x9 : ffffa92f12ab0064 x8 : ffffa92f136471c0
[ 1591.883208] x7 : 0000001140910000 x6 : 0000000200000000
[ 1591.890177] x5 : 0000000000000001 x4 : 0000000000000001
[ 1591.896656] x3 : 0000000000000000 x2 : 0168044000000fd3
[ 1591.903215] x1 : ffff082126261880 x0 : fffffc2084989868
[ 1591.910234] Call trace:
[ 1591.914837]  remap_pfn_range+0x214/0x340
[ 1591.921765]  vfio_pci_mmap_fault+0xac/0x130 [vfio_pci]
[ 1591.931200]  __do_fault+0x44/0x12c
[ 1591.937031]  handle_mm_fault+0xcc8/0x1230
[ 1591.942475]  do_page_fault+0x16c/0x484
[ 1591.948635]  do_translation_fault+0xbc/0xd8
[ 1591.954171]  do_mem_abort+0x4c/0xc0
[ 1591.960316]  el0_da+0x40/0x80
[ 1591.965585]  el0_sync_handler+0x168/0x1b0
[ 1591.971608]  el0_sync+0x174/0x180
[ 1591.978312] Code: eb1b027f 540000c0 f9400022 b4fffe02 (d4210000)

Fixes: 11c4cd07ba11 ("vfio-pci: Fault mmaps to enable vma tracking")
Reported-by: Zeng Tao <prime.zeng@hisilicon.com>
Suggested-by: Zeng Tao <prime.zeng@hisilicon.com>
Link: https://lore.kernel.org/r/162497742783.3883260.3282953006487785034.stgit@omen
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
 		2021-07-14 16:53:47 +02:00
..
accessibility
acpi ACPI: bgrt: Fix CFI violation 2021-07-14 16:53:25 +02:00
amba amba: Fix resource leak for drivers without .remove 2021-03-04 10:26:32 +01:00
android binder: add flag to clear buffer on txn complete 2020-12-30 11:51:35 +01:00
ata pata_ep93xx: fix deferred probing 2021-07-14 16:53:21 +02:00
atm atm: idt77252: fix null-ptr-dereference 2021-03-30 14:35:21 +02:00
auxdisplay auxdisplay: ht16k33: Fix refresh rate handling 2021-03-04 10:26:30 +01:00
base PM: runtime: Fix unpaired parent child_count for force_resume 2021-05-19 10:08:20 +02:00
bcma
block nbd: Fix NULL pointer in flush_workqueue 2021-05-19 10:08:30 +02:00
bluetooth Bluetooth: hci_h5: Set HCI_QUIRK_SIMULTANEOUS_DISCOVERY for btrtl 2021-03-07 12:20:44 +01:00
bus bus: ti-sysc: Fix flakey idling of uarts and stop using swsup_sidle_act 2021-06-10 13:37:08 +02:00
cdrom cdrom: gdrom: initialize global variable at init time 2021-05-26 12:05:19 +02:00
char char: pcmcia: error out if 'num_bytes_read' is greater than 4 in set_protocol() 2021-07-14 16:53:40 +02:00
clk clk: si5341: Update initialization magic 2021-07-14 16:53:35 +02:00
clocksource clocksource/drivers/mxs_timer: Add missing semicolon when DEBUG is defined 2021-03-04 10:26:29 +01:00
connector
counter counter: stm32-timer-cnt: fix ceiling miss-alignment with reload register 2021-04-14 08:24:09 +02:00
cpufreq cpufreq: Make cpufreq_online() call driver->offline() on errors 2021-07-14 16:53:25 +02:00
cpuidle
crypto crypto: nx - Fix RCU warning in nx842_OF_upd_status 2021-07-14 16:53:24 +02:00
dax device-dax/core: Fix memory leak when rmmod dax.ko 2020-12-30 11:51:46 +01:00
dca
devfreq PM / devfreq: Use more accurate returned new_freq as resume_freq 2021-05-14 09:44:20 +02:00
dio
dma dmaengine: mediatek: use GFP_NOWAIT instead of GFP_ATOMIC in prep_dma 2021-06-30 08:47:46 -04:00
dma-buf dmabuf: fix use-after-free of dmabuf's file->f_inode 2021-01-12 20:16:23 +01:00
edac EDAC/Intel: Do not load EDAC driver when running as a guest 2021-07-14 16:53:18 +02:00
eisa
extcon extcon: max8997: Add missing modalias string 2021-07-14 16:53:46 +02:00
firewire firewire: nosy: Fix a use-after-free bug in nosy_ioctl() 2021-04-07 14:47:43 +02:00
firmware firmware: stratix10-svc: Fix a resource leak in an error handling path 2021-07-14 16:53:40 +02:00
fpga
fsi fsi/sbefifo: Fix reset timeout 2021-07-14 16:53:42 +02:00
gnss
gpio gpio: AMD8111 and TQMX86 require HAS_IOPORT_MAP 2021-07-07 08:22:58 -04:00
gpu drm: qxl: ensure surf.data is ininitialized 2021-07-14 16:53:28 +02:00
greybus
hid HID: wacom: Correct base usage for capacitive ExpressKey status bits 2021-07-14 16:53:19 +02:00
hsi HSI: core: fix resource leaks in hsi_add_client_from_dt() 2021-05-14 09:44:25 +02:00
hv hv_utils: Fix passing zero to 'PTR_ERR' warning 2021-07-14 16:53:16 +02:00
hwmon hwmon: (max31790) Fix fan speed reporting for fan7..12 2021-07-14 16:53:23 +02:00
hwspinlock
hwtracing intel_th: pci: Add Alder Lake-M support 2021-05-11 14:04:15 +02:00
i2c i2c: robotfuzz-osif: fix control-request directions 2021-06-30 08:47:50 -04:00
i3c Revert "i3c master: fix missing destroy_workqueue() on error in i3c_master_register" 2021-05-14 09:44:15 +02:00
ide scsi: ide: Do not set the RQF_PREEMPT flag for sense requests 2021-01-12 20:16:09 +01:00
idle
iio iio: prox: isl29501: Fix buffer alignment in iio_push_to_buffers_with_timestamp() 2021-07-14 16:53:45 +02:00
infiniband RDMA/mlx5: Don't access NULL-cleared mpi pointer 2021-07-14 16:53:35 +02:00
input Input: hil_kbd - fix error return code in hil_dev_connect() 2021-07-14 16:53:40 +02:00
interconnect interconnect: core: fix error return code of icc_link_destroy() 2021-04-16 11:46:37 +02:00
iommu iommu/dma: Fix IOVA reserve dma ranges 2021-07-14 16:53:42 +02:00
ipack
irqchip irqchip/gic-v3: Fix OF_BAD_ADDR error handling 2021-05-14 09:44:20 +02:00
isdn isdn: mISDN: netjet: Fix crash in nj_probe: 2021-06-16 11:59:34 +02:00
leds leds: ktd2692: Fix an error handling path 2021-07-14 16:53:47 +02:00
lightnvm lightnvm: fix memory leak when submit fails 2021-01-27 11:47:53 +01:00
macintosh
mailbox mailbox: avoid timer start from callback 2020-10-29 09:57:53 +01:00
mcb
md dm verity: fix require_signatures module_param permissions 2021-06-16 11:59:37 +02:00
media media: s5p-g2d: Fix a memory leak on ctx->fh.m2m_ctx 2021-07-14 16:53:23 +02:00
memory memory: pl353: fix mask of ECC page_size config register 2021-05-14 09:44:19 +02:00
memstick memstick: rtsx_usb_ms: fix UAF 2021-07-14 16:53:13 +02:00
message scsi: mptfusion: Fix null pointer dereferences in mptscsih_remove() 2020-11-05 11:43:25 +01:00
mfd mfd: stm32-timers: Avoid clearing auto reload register 2021-05-14 09:44:25 +02:00
misc eeprom: idt_89hpesx: Restore printing the unsupported fwnode name 2021-07-14 16:53:43 +02:00
mmc mmc: usdhi6rol0: fix error return code in usdhi6_probe() 2021-07-14 16:53:22 +02:00
mtd mtd: rawnand: marvell: add missing clk_disable_unprepare() on error in marvell_nfc_resume() 2021-07-14 16:53:45 +02:00
mux
net mwifiex: re-fix for unaligned accesses 2021-07-14 16:53:36 +02:00
nfc nfc: pn533: prevent potential memory corruption 2021-05-14 09:44:27 +02:00
ntb NTB: hw: amd: fix an issue about leak system resources 2020-10-29 09:58:00 +01:00
nubus
nvdimm libnvdimm/region: Fix nvdimm_has_flush() to handle ND_REGION_ASYNC 2021-04-21 12:56:16 +02:00
nvme nvmet-fc: do not check for invalid target port in nvmet_fc_handle_fcp_rqst() 2021-07-14 16:53:18 +02:00
nvmem nvmem: core: skip child nodes not matching binding 2021-03-04 10:26:37 +01:00
of of: Fix truncation of memory sizes on 32-bit platforms 2021-07-14 16:53:45 +02:00
opp opp: Reduce the size of critical section in _opp_table_kref_release() 2020-11-18 19:20:21 +01:00
oprofile
parisc
parport
pci PCI: hv: Add check for hyperv_initialized in init_hv_pci_drv() 2021-07-14 16:53:18 +02:00
pcmcia
perf drivers/perf: fix the missed ida_simple_remove() in ddr_perf_probe() 2021-07-14 16:53:14 +02:00
phy phy: ti: dm816x: Fix the error handling path in 'dm816x_usb_phy_probe() 2021-07-14 16:53:46 +02:00
pinctrl pinctrl: renesas: r8a77990: JTAG pins do not have pull-down capabilities 2021-07-14 16:53:26 +02:00
platform platform/x86: toshiba_acpi: Fix missing error code in toshiba_acpi_setup_keyboard() 2021-07-14 16:53:18 +02:00
pnp
power power: supply: s3c_adc_battery: fix possible use-after-free in s3c_adc_bat_remove() 2021-05-11 14:04:11 +02:00
powercap powercap: restrict energy meter to root access 2020-11-10 21:13:20 +01:00
pps
ps3 powerpc/ps3: use dma_mapping_error() 2020-12-30 11:51:26 +01:00
ptp ptp: improve max_adj check against unreasonable values 2021-06-23 14:41:26 +02:00
pwm pwm: rockchip: rockchip_pwm_probe(): Remove superfluous clk_unprepare() 2021-03-04 10:26:36 +01:00
rapidio rapidio: handle create_workqueue() failure 2021-05-26 12:05:17 +02:00
ras RAS/CEC: Correct ce_add_elem()'s returned values 2021-04-14 08:24:18 +02:00
regulator regulator: hi655x: Fix pass wrong pointer to config.driver_data 2021-07-14 16:53:23 +02:00
remoteproc remoteproc: qcom: Fix potential NULL dereference in adsp_init_mmio() 2020-12-30 11:51:24 +01:00
reset
rpmsg rpmsg: qcom_glink_native: fix error return code of qcom_glink_rx_data() 2021-05-19 10:08:25 +02:00
rtc rtc: stm32: Fix unbalanced clk_disable_unprepare() on probe error path 2021-07-14 16:53:05 +02:00
s390 s390/cio: dont call css_wait_for_slow_path() inside a lock 2021-07-14 16:53:05 +02:00
sbus
scsi scsi: mpt3sas: Fix error return value in _scsih_expander_add() 2021-07-14 16:53:45 +02:00
sfi
sh
siox
slimbus slimbus: qcom-ngd-ctrl: Avoid sending power requests without QMI 2020-12-30 11:51:13 +01:00
soc soc: aspeed: fix a ternary sign expansion bug 2021-05-14 09:44:23 +02:00
soundwire soundwire: stream: Fix test for DP prepare complete 2021-07-14 16:53:45 +02:00
spi spi: spi-sun6i: Fix chipselect/clock bug 2021-07-14 16:53:24 +02:00
spmi spmi: spmi-pmic-arb: Fix hw_irq overflow 2021-03-04 10:26:49 +01:00
ssb ssb: Fix error return code in ssb_bus_scan() 2021-07-14 16:53:29 +02:00
staging staging: mt7621-dts: fix pci address for PCI memory range 2021-07-14 16:53:44 +02:00
target scsi: target: core: Fix warning on realtime kernels 2021-06-18 09:58:59 +02:00
tc
tee tee: optee: do not check memref size on return from Secure World 2021-05-11 14:04:06 +02:00
thermal thermal/drivers/intel: Initialize RW trip to THERMAL_TEMP_INVALID 2021-06-03 08:59:05 +02:00
thunderbolt thunderbolt: dma_port: Fix NVM read buffer bounds and offset issue 2021-06-03 08:59:03 +02:00
tty serial: mvebu-uart: correctly calculate minimal possible baudrate 2021-07-14 16:53:47 +02:00
uio uio_hv_generic: Fix a memory leak in error handling paths 2021-05-26 12:05:17 +02:00
usb usb: dwc2: Don't reset the core after setting turnaround time 2021-07-14 16:53:42 +02:00
vfio vfio/pci: Handle concurrent vma faults 2021-07-14 16:53:47 +02:00
vhost vhost: Fix vhost_vq_reset() 2021-04-07 14:47:39 +02:00
video backlight: lm3630a_bl: Put fwnode in error case during ->probe() 2021-07-14 16:53:40 +02:00
virt virt: vbox: Do not use wait_event_interruptible when called from kernel context 2021-03-04 10:26:10 +01:00
virtio virtio_ring: Fix two use after free bugs 2020-12-30 11:51:29 +01:00
visorbus visorbus: fix error return code in visorchipset_init() 2021-07-14 16:53:42 +02:00
vlynq
vme
w1 w1: mxc_w1: Fix timeout resolution problem leading to bus error 2020-11-05 11:43:25 +01:00
watchdog watchdog: mei_wdt: request stop on unregister 2021-03-04 10:26:47 +01:00
xen xen/events: reset active flag for lateeoi events later 2021-07-11 12:52:08 +02:00
zorro
Kconfig
Makefile