Re: [PATCH] arm64: Fix race condition on PG_dcache_clean in __sync_icache_dcache()
From: Catalin Marinas <catalin.marinas@arm.com>
Date: 2021-05-14 16:21:43
Also in:
stable
On Fri, 14 May 2021 10:50:01 +0100, Catalin Marinas wrote:
To ensure that instructions are observable in a new mapping, the arm64 set_pte_at() implementation cleans the D-cache and invalidates the I-cache to the PoU. As an optimisation, this is only done on executable mappings and the PG_dcache_clean page flag is set to avoid future cache maintenance on the same page. When two different processes map the same page (e.g. private executable file or shared mapping) there's a potential race on checking and setting PG_dcache_clean via set_pte_at() -> __sync_icache_dcache(). While on the fault paths the page is locked (PG_locked), mprotect() does not take the page lock. The result is that one process may see the PG_dcache_clean flag set but the I/D cache maintenance not yet performed. [...]
Applied to arm64 (for-next/fixes), thanks!
[1/1] arm64: Fix race condition on PG_dcache_clean in __sync_icache_dcache()
https://git.kernel.org/arm64/c/588a513d3425
--
Catalin
_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel