RE: x86_64: potential critical issue with quicklists and page tablepages

[Christoph Lameter]

On Fri, 21 Sep 2007, Luck, Tony wrote:

> > The quicklists have a long history and this bug has therefore also been in 
> > IA64 for a long time and it also likely exists on sparc64, sh and sh64. We 
> > need the patch that I posted to fix the other platforms. And with this fix 
> > there would be nothing amiss on x86_64 either.
> 
> IA64 doesn't do a pgd>pud>pmd>pte table walk in h/w.  The VHPT leaps
> straight to the pte page (through the virtual mapping of the VHPT). So
> this wasn't a problem for IA64.

But this is concerning a page being freed before the TLB flush has been 
performed. Another process may then reuse the page and may rely on the 
fact that there is no TLB entry installed for the page that was just 
allocated. But there is still one there. The issues that result from this 
may be depend on the nature of each MMU.

Granted we usually install another TLB entry for the page mapping the page 
into a different address space and never use the old TLB. Which is likely 
the reason why we have never seen an issue before and also why this is 
probably difficult to cause any issues in the first place.

Plus this can only occur for off node pages, meaning this must involve a 
remote processor and the other processor is likely to have a completely 
different set of TLB entries.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/