diff options
author | Sebastian Andrzej Siewior <bigeasy@linutronix.de> | 2016-08-05 18:43:29 +0200 |
---|---|---|
committer | Sebastian Andrzej Siewior <bigeasy@linutronix.de> | 2016-08-05 18:43:29 +0200 |
commit | dfa5ee5e044c4cfaef3e3f944df765e3625195f2 (patch) | |
tree | d17319df1d2772cacd80bfd5e2442c4e002b72c7 | |
parent | cb5f946a5c8a7798151822cc0f4e16c5e21ed03f (diff) | |
download | 4.9-rt-patches-dfa5ee5e044c4cfaef3e3f944df765e3625195f2.tar.gz |
[ANNOUNCE] 4.6.5-rt10
Dear RT folks!
I'm pleased to announce the v4.6.5-rt10 patch set.
Changes since v4.6.5-rt9:
- Added missing cpu_light_get() in the scsi fcoe driver. Patch by Mike
Galbraith.
- Under a special a condition (a preempted TLB flush in do_exit()) it
was possible on x86-UP to enter endless pagefaults. The pagefaults
stopped after a context switch.
Known issues
- CPU hotplug got a little better but can deadlock.
The delta patch against 4.6.5-rt9 is appended below and can be found here:
https://cdn.kernel.org/pub/linux/kernel/projects/rt/4.6/incr/patch-4.6.5-rt9-rt10.patch.xz
You can get this release via the git tree at:
git://git.kernel.org/pub/scm/linux/kernel/git/rt/linux-rt-devel.git v4.6.5-rt10
The RT patch against 4.6.5 can be found here:
https://cdn.kernel.org/pub/linux/kernel/projects/rt/4.6/patch-4.6.5-rt10.patch.xz
The split quilt queue is available at:
https://cdn.kernel.org/pub/linux/kernel/projects/rt/4.6/patches-4.6.5-rt10.tar.xz
Sebastian
Signed-off-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de>
-rw-r--r-- | patches/localversion.patch | 2 | ||||
-rw-r--r-- | patches/scsi-fcoe-Fix-get_cpu-put_cpu_light-imbalance-in-fco.patch | 27 | ||||
-rw-r--r-- | patches/series | 2 | ||||
-rw-r--r-- | patches/x86-mm-disable-preemption-during-CR3-read-write.patch | 67 |
4 files changed, 97 insertions, 1 deletions
diff --git a/patches/localversion.patch b/patches/localversion.patch index 02952cda4bfa2..e16fb07c0a7d6 100644 --- a/patches/localversion.patch +++ b/patches/localversion.patch @@ -10,4 +10,4 @@ Signed-off-by: Thomas Gleixner <tglx@linutronix.de> --- /dev/null +++ b/localversion-rt @@ -0,0 +1 @@ -+-rt9 ++-rt10 diff --git a/patches/scsi-fcoe-Fix-get_cpu-put_cpu_light-imbalance-in-fco.patch b/patches/scsi-fcoe-Fix-get_cpu-put_cpu_light-imbalance-in-fco.patch new file mode 100644 index 0000000000000..e2a663d98256d --- /dev/null +++ b/patches/scsi-fcoe-Fix-get_cpu-put_cpu_light-imbalance-in-fco.patch @@ -0,0 +1,27 @@ +From: Mike Galbraith <umgwanakikbuti@gmail.com> +Date: Thu, 28 Jul 2016 06:04:49 +0200 +Subject: [PATCH] scsi/fcoe: Fix get_cpu()/put_cpu_light() imbalance in + fcoe_recv_frame() + +During master->rt merge, I stumbled across the buglet below. + +Fix get_cpu()/put_cpu_light() imbalance. + +Cc: stable-rt@vger.kernel.org +Signed-off-by: Mike Gabraith <umgwanakikbuti@gmail.com> +Signed-off-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de> +--- + drivers/scsi/fcoe/fcoe.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/drivers/scsi/fcoe/fcoe.c ++++ b/drivers/scsi/fcoe/fcoe.c +@@ -1814,7 +1814,7 @@ static void fcoe_recv_frame(struct sk_bu + */ + hp = (struct fcoe_hdr *) skb_network_header(skb); + +- stats = per_cpu_ptr(lport->stats, get_cpu()); ++ stats = per_cpu_ptr(lport->stats, get_cpu_light()); + if (unlikely(FC_FCOE_DECAPS_VER(hp) != FC_FCOE_VER)) { + if (stats->ErrorFrames < 5) + printk(KERN_WARNING "fcoe: FCoE version " diff --git a/patches/series b/patches/series index 1ba1075f1418b..e071b8854ad18 100644 --- a/patches/series +++ b/patches/series @@ -48,6 +48,7 @@ sc16is7xx_Drop_bogus_use_of_IRQF_ONESHOT.patch crypto-ccp-remove-rwlocks_types.h.patch infiniband-ulp-ipoib-remove-pkey_mutex.patch sched-preempt-Fix-preempt_count-manipulations.patch +x86-mm-disable-preemption-during-CR3-read-write.patch # Those two should vanish soon (not use PIT during bootup) at91_dont_enable_disable_clock.patch @@ -517,6 +518,7 @@ KVM-lapic-mark-LAPIC-timer-handler-as-irqsafe.patch # SCSI/FCOE scsi-fcoe-rt-aware.patch +scsi-fcoe-Fix-get_cpu-put_cpu_light-imbalance-in-fco.patch sas-ata-isci-dont-t-disable-interrupts-in-qc_issue-h.patch # X86 crypto diff --git a/patches/x86-mm-disable-preemption-during-CR3-read-write.patch b/patches/x86-mm-disable-preemption-during-CR3-read-write.patch new file mode 100644 index 0000000000000..e667a0c36aa48 --- /dev/null +++ b/patches/x86-mm-disable-preemption-during-CR3-read-write.patch @@ -0,0 +1,67 @@ +From: Sebastian Andrzej Siewior <bigeasy@linutronix.de> +Date: Fri, 5 Aug 2016 13:51:17 +0200 +Subject: [PATCH] x86/mm: disable preemption during CR3 read+write +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Usually current->mm (and therefore mm->pgd) stays the same during the +lifetime of a task so it does not matter if a task gets preempted during +the read and write of the CR3. + +But then, there is this scenario on x86-UP: +TaskA is in do_exit() and exit_mm() sets current->mm = NULL followed by +mmput() -> exit_mmap() -> tlb_finish_mmu() -> tlb_flush_mmu() -> +tlb_flush_mmu_tlbonly() -> tlb_flush() -> flush_tlb_mm_range() -> +__flush_tlb_up() -> __flush_tlb() -> __native_flush_tlb(). + +At this point current->mm is NULL but current->active_mm still points to +the "old" mm. +Let's preempt taskA _after_ native_read_cr3() by taskB. TaskB has its +own mm so CR3 has changed. +Now preempt back to taskA. TaskA has no ->mm set so it borrows taskB's +mm and so CR3 remains unchanged. Once taskA gets active it continues +where it was interrupted and that means it writes its old CR3 value +back. Everything is fine because userland won't need its memory +anymore. + +Now the fun part. Let's preempt taskA one more time and get back to +taskB. This time switch_mm() won't do a thing because oldmm +(->active_mm) is the same as mm (as per context_switch()). So we remain +with a bad CR3 / pgd and return to userland. +The next thing that happens is handle_mm_fault() with an address for the +execution of its code in userland. handle_mm_fault() realizes that it +has a PTE with proper rights so it returns doing nothing. But the CPU +looks at the wrong pgd and insists that something is wrong and faults +again. And again. And one more timeā¦ + +This pagefault circle continues until the scheduler gets tired of it and +puts another task on the CPU. It gets little difficult if the task is a +RT task with a high priority. The system will either freeze or it gets +fixed by the software watchdog thread which usually runs at RT-max prio. +But waiting for the watchdog will increase the latency of the RT task +which is no good. + +Cc: stable@vger.kernel.org +Signed-off-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de> +--- + arch/x86/include/asm/tlbflush.h | 7 +++++++ + 1 file changed, 7 insertions(+) + +--- a/arch/x86/include/asm/tlbflush.h ++++ b/arch/x86/include/asm/tlbflush.h +@@ -135,7 +135,14 @@ static inline void cr4_set_bits_and_upda + + static inline void __native_flush_tlb(void) + { ++ /* ++ * if current->mm == NULL then we borrow a mm which may change during a ++ * task switch and therefore we must not be preempted while we write CR3 ++ * back. ++ */ ++ preempt_disable(); + native_write_cr3(native_read_cr3()); ++ preempt_enable(); + } + + static inline void __native_flush_tlb_global_irq_disabled(void) |