x86/cpa: make sure cpa is safe to call in lazy mmu mode

Impact: fix race leading to crash under KVM and Xen

The CPA code may be called while we're in lazy mmu update mode - for
example, when using DEBUG_PAGE_ALLOC and doing a slab allocation
in an interrupt handler which interrupted a lazy mmu update.  In this
case, the in-memory pagetable state may be out of date due to pending
queued updates.  We need to flush any pending updates before inspecting
the page table.  Similarly, we must explicitly flush any modifications
CPA may have made (which comes down to flushing queued operations when
flushing the TLB).

Signed-off-by: Jeremy Fitzhardinge <jeremy.fitzhardinge@citrix.com>
Acked-by: Marcelo Tosatti <mtosatti@redhat.com>
Cc: Stable Kernel <stable@kernel.org>
Signed-off-by: Ingo Molnar <mingo@elte.hu>

1 files changed, 14 insertions, 0 deletions

diff --git a/arch/x86/mm/pageattr.c b/arch/x86/mm/pageattr.c
index 84ba74820ad6..f664bc1c4093 100644
--- a/arch/x86/mm/pageattr.c
+++ b/arch/x86/mm/pageattr.c
@@ -576,6 +576,13 @@ static int __change_page_attr(struct cpa_data *cpa, int primary)
         else
                 address = *cpa->vaddr;
 
+        /*
+         * If we're called with lazy mmu updates enabled, the
+         * in-memory pte state may be stale.  Flush pending updates to
+         * bring them up to date.
+         */
+        arch_flush_lazy_mmu_mode();
+
 repeat:
         kpte = lookup_address(address, &level);
         if (!kpte)
@@ -854,6 +861,13 @@ static int change_page_attr_set_clr(unsigned long *addr, int numpages,
         } else
                 cpa_flush_all(cache);
 
+        /*
+         * If we've been called with lazy mmu updates enabled, then
+         * make sure that everything gets flushed out before we
+         * return.
+         */
+        arch_flush_lazy_mmu_mode();
+
 out:
         return ret;
 }