linux-stable/arch/parisc/kernel
John David Anglin 72d95924ee parisc: Try to fix random segmentation faults in package builds
PA-RISC systems with PA8800 and PA8900 processors have had problems
with random segmentation faults for many years.  Systems with earlier
processors are much more stable.

Systems with PA8800 and PA8900 processors have a large L2 cache which
needs per page flushing for decent performance when a large range is
flushed. The combined cache in these systems is also more sensitive to
non-equivalent aliases than the caches in earlier systems.

The majority of random segmentation faults that I have looked at
appear to be memory corruption in memory allocated using mmap and
malloc.

My first attempt at fixing the random faults didn't work. On
reviewing the cache code, I realized that there were two issues
which the existing code didn't handle correctly. Both relate
to cache move-in. Another issue is that the present bit in PTEs
is racy.

1) PA-RISC caches have a mind of their own and they can speculatively
load data and instructions for a page as long as there is a entry in
the TLB for the page which allows move-in. TLBs are local to each
CPU. Thus, the TLB entry for a page must be purged before flushing
the page. This is particularly important on SMP systems.

In some of the flush routines, the flush routine would be called
and then the TLB entry would be purged. This was because the flush
routine needed the TLB entry to do the flush.

2) My initial approach to trying the fix the random faults was to
try and use flush_cache_page_if_present for all flush operations.
This actually made things worse and led to a couple of hardware
lockups. It finally dawned on me that some lines weren't being
flushed because the pte check code was racy. This resulted in
random inequivalent mappings to physical pages.

The __flush_cache_page tmpalias flush sets up its own TLB entry
and it doesn't need the existing TLB entry. As long as we can find
the pte pointer for the vm page, we can get the pfn and physical
address of the page. We can also purge the TLB entry for the page
before doing the flush. Further, __flush_cache_page uses a special
TLB entry that inhibits cache move-in.

When switching page mappings, we need to ensure that lines are
removed from the cache.  It is not sufficient to just flush the
lines to memory as they may come back.

This made it clear that we needed to implement all the required
flush operations using tmpalias routines. This includes flushes
for user and kernel pages.

After modifying the code to use tmpalias flushes, it became clear
that the random segmentation faults were not fully resolved. The
frequency of faults was worse on systems with a 64 MB L2 (PA8900)
and systems with more CPUs (rp4440).

The warning that I added to flush_cache_page_if_present to detect
pages that couldn't be flushed triggered frequently on some systems.

Helge and I looked at the pages that couldn't be flushed and found
that the PTE was either cleared or for a swap page. Ignoring pages
that were swapped out seemed okay but pages with cleared PTEs seemed
problematic.

I looked at routines related to pte_clear and noticed ptep_clear_flush.
The default implementation just flushes the TLB entry. However, it was
obvious that on parisc we need to flush the cache page as well. If
we don't flush the cache page, stale lines will be left in the cache
and cause random corruption. Once a PTE is cleared, there is no way
to find the physical address associated with the PTE and flush the
associated page at a later time.

I implemented an updated change with a parisc specific version of
ptep_clear_flush. It fixed the random data corruption on Helge's rp4440
and rp3440, as well as on my c8000.

At this point, I realized that I could restore the code where we only
flush in flush_cache_page_if_present if the page has been accessed.
However, for this, we also need to flush the cache when the accessed
bit is cleared in ptep_clear_flush_young to keep things synchronized.
The default implementation only flushes the TLB entry.

Other changes in this version are:

1) Implement parisc specific version of ptep_get. It's identical to
default but needed in arch/parisc/include/asm/pgtable.h.
2) Revise parisc implementation of ptep_test_and_clear_young to use
ptep_get (READ_ONCE).
3) Drop parisc implementation of ptep_get_and_clear. We can use default.
4) Revise flush_kernel_vmap_range and invalidate_kernel_vmap_range to
use full data cache flush.
5) Move flush_cache_vmap and flush_cache_vunmap to cache.c. Handle
VM_IOREMAP case in flush_cache_vmap.

At this time, I don't know whether it is better to always flush when
the PTE present bit is set or when both the accessed and present bits
are set. The later saves flushing pages that haven't been accessed,
but we need to flush in ptep_clear_flush_young. It also needs a page
table lookup to find the PTE pointer. The lpa instruction only needs
a page table lookup when the PTE entry isn't in the TLB.

We don't atomically handle setting and clearing the _PAGE_ACCESSED bit.
If we miss an update, we may miss a flush and the cache may get corrupted.
Whether the current code is effectively atomic depends on process control.

When CONFIG_FLUSH_PAGE_ACCESSED is set to zero, the page will eventually
be flushed when the PTE is cleared or in flush_cache_page_if_present. The
_PAGE_ACCESSED bit is not used, so the problem is avoided.

The flush method can be selected using the CONFIG_FLUSH_PAGE_ACCESSED
define in cache.c. The default is 0. I didn't see a large difference
in performance.

Signed-off-by: John David Anglin <dave.anglin@bell.net>
Cc: <stable@vger.kernel.org> # v6.6+
Signed-off-by: Helge Deller <deller@gmx.de>
2024-06-12 01:57:05 +02:00
..
syscalls mseal: wire up mseal syscall 2024-05-23 19:40:26 -07:00
vdso32 kbuild: use $(src) instead of $(srctree)/$(src) for source directory 2024-05-10 04:34:52 +09:00
vdso64 kbuild: use $(src) instead of $(srctree)/$(src) for source directory 2024-05-10 04:34:52 +09:00
.gitignore .gitignore: add SPDX License Identifier 2020-03-25 11:50:48 +01:00
alternative.c parisc: Use num_present_cpus() in alternative patching code 2023-05-23 18:17:32 +02:00
asm-offsets.c parisc: Prepare for Block-TLB support on 32-bit kernel 2023-09-07 09:12:19 +02:00
audit.c parisc: Fold 32-bit compat code into audit_classify_syscall() 2023-06-30 17:14:14 +02:00
cache.c parisc: Try to fix random segmentation faults in package builds 2024-06-12 01:57:05 +02:00
compat_audit.c parisc: Fold 32-bit compat code into audit_classify_syscall() 2023-06-30 17:14:14 +02:00
drivers.c parisc: make parisc_bus_type const 2024-02-27 22:51:44 +01:00
entry.S parisc/pgtable: Do not drop upper 5 address bits of physical address 2023-11-07 19:48:30 +01:00
firmware.c parisc/firmware: Fix F-extend for PDC addresses 2024-01-07 22:59:16 +01:00
ftrace.c kprobe/ftrace: bail out if ftrace was killed 2024-05-16 07:23:30 +09:00
hardware.c parisc: Clean up names in hardware database 2022-08-01 18:43:23 +02:00
head.S parisc: Prevent booting 64-bit kernels on PA1.x machines 2023-11-10 16:17:32 +01:00
hpmc.S parisc: Re-use toc_stack as hpmc_stack 2022-01-11 11:57:37 +01:00
inventory.c parisc: Add qemu fw_cfg interface 2020-10-15 08:10:37 +02:00
irq.c parisc: Use irq_enter_rcu() to fix warning at kernel/context_tracking.c:367 2024-02-27 22:51:44 +01:00
jump_label.c jump_label: make initial NOP patching the special case 2022-06-24 09:48:55 +02:00
kexec_file.c kexec_file, parisc: print out debugging message if required 2023-12-20 15:02:57 -08:00
kexec.c parisc: kexec: include reboot.h 2023-05-09 14:04:56 +02:00
kgdb.c parisc: Drop duplicate kgdb_pdc console 2022-12-18 22:18:49 +01:00
kprobes.c parisc: Fix typos in comments 2022-05-08 20:01:12 +02:00
Makefile parisc: Drop the pa7300lc LPMC handler 2023-08-20 20:23:46 +02:00
module.c arch: make execmem setup available regardless of CONFIG_MODULES 2024-05-14 00:31:44 -07:00
pacache.S parisc: Ensure page alignment in flush functions 2023-05-03 17:43:26 +02:00
parisc_ksyms.c parisc: add u16 support to cmpxchg() 2024-04-09 22:06:00 -07:00
patch.c parisc: Fix patch code locking and flushing 2022-05-17 21:52:59 +02:00
pci-dma.c parisc: Move proc_mckinley_root and proc_runway_root to sba_iommu 2023-08-10 22:22:03 +02:00
pci.c parisc: Drop comments which are already in pci.h 2019-09-05 16:41:11 +02:00
pdc_chassis.c parisc: chassis: Do not overwrite string on LCD display 2023-08-28 17:58:14 +02:00
pdc_cons.c parisc: Drop locking in pdc console code 2022-12-18 22:18:49 +01:00
pdt.c parisc: pdt: Use PTR_ERR_OR_ZERO() to simplify code 2023-08-10 17:32:09 +02:00
perf_asm.S treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156 2019-05-30 11:26:35 -07:00
perf_images.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156 2019-05-30 11:26:35 -07:00
perf.c parisc: perf: Make cpu_device variable static 2023-08-10 23:00:18 +02:00
process.c parisc: Use generic mmap top-down layout and brk randomization 2023-08-22 10:24:46 +02:00
processor.c Revert "parisc: Only list existing CPUs in cpu_possible_mask" 2024-02-07 00:13:21 +01:00
ptrace.c parisc: Wire up PTRACE_GETREGS/PTRACE_SETREGS for compat case 2023-02-01 21:42:37 +01:00
real2.S parisc: Fix argument pointer in real64_call_asm() 2023-05-03 17:43:26 +02:00
relocate_kernel.S parisc: add kexec syscall support 2019-09-08 15:37:04 +02:00
setup.c parisc: Move parisc_narrow_firmware variable to header file 2023-10-30 14:54:40 +01:00
signal32.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156 2019-05-30 11:26:35 -07:00
signal32.h parisc: Add vDSO support 2022-03-11 19:49:30 +01:00
signal.c parisc: signal: Fix sparse incorrect type in assignment warning 2023-08-10 17:32:10 +02:00
smp.c genirq: Convert kstat_irqs to a struct 2024-04-12 17:08:05 +02:00
stacktrace.c parisc: Fix implicit declaration of function '__kernel_text_address' 2021-11-13 22:10:56 +01:00
sys_parisc32.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
sys_parisc.c parisc: use initializer for struct vm_unmapped_area_info 2024-04-25 20:56:27 -07:00
syscall.S parisc: Fix lightweight spinlock checks to not break futexes 2023-08-10 17:32:09 +02:00
time.c parisc: Mark cr16 clock unstable on all SMP machines 2022-05-08 20:01:12 +02:00
toc_asm.S parisc: Enable TOC (transfer of contents) feature unconditionally 2022-01-11 11:57:37 +01:00
toc.c parisc: Fix missing prototype for 'toc_intr' warning in toc.c 2022-01-20 20:39:19 +01:00
topology.c parisc: fix a crash with multicore scheduler 2022-06-03 09:54:01 +02:00
traps.c parisc: traps: Drop cpu_lpmc function pointer 2023-08-20 20:23:46 +02:00
unaligned.c parisc/unaligned: Rewrite 64-bit inline assembly of emulate_ldd() 2024-02-27 22:51:44 +01:00
unwind.c parisc: Fix stack unwinder 2024-02-19 21:55:22 +01:00
vdso.c treewide: use get_random_u32_below() instead of deprecated function 2022-11-18 02:15:15 +01:00
vmlinux.lds.S parisc: Make RO_DATA page aligned in vmlinux.lds.S 2024-01-28 09:49:46 +01:00