From d4a5296efacf1c0028740190dadd0467cdafd8b4 Mon Sep 17 00:00:00 2001 From: Suren Baghdasaryan Date: Fri, 11 Nov 2022 12:48:58 -0800 Subject: [PATCH] Revert "ANDROID: powerpc/mm: protect vm_file during speculative page fault handling" This reverts commit 6551a55c4dc5492dcae3dc340c376ed160ab9928. File refcounting implemented in this patch is broken and needs to be redone. Bug: 258731892 Change-Id: I425517a07d1fdcf5cd1842733a4c6c70ef0608b4 Signed-off-by: Suren Baghdasaryan --- arch/powerpc/mm/fault.c | 16 +--------------- 1 file changed, 1 insertion(+), 15 deletions(-) diff --git a/arch/powerpc/mm/fault.c b/arch/powerpc/mm/fault.c index ad356a998a10..c395042da5a4 100644 --- a/arch/powerpc/mm/fault.c +++ b/arch/powerpc/mm/fault.c @@ -395,7 +395,6 @@ static int ___do_page_fault(struct pt_regs *regs, unsigned long address, vm_fault_t fault, major = 0; bool kprobe_fault = kprobe_page_fault(regs, 11); #ifdef CONFIG_SPECULATIVE_PAGE_FAULT - struct vm_area_struct *orig_vma = NULL; struct vm_area_struct pvma; unsigned long seq; #endif @@ -481,37 +480,24 @@ static int ___do_page_fault(struct pt_regs *regs, unsigned long address, count_vm_spf_event(SPF_ABORT_NO_SPECULATE); goto spf_abort; } - if (vma->vm_file) { - if (!vma_get_file_ref(vma)) { - rcu_read_unlock(); - count_vm_spf_event(SPF_ABORT_UNMAPPED); - goto spf_abort; - } - orig_vma = vma; - } pvma = *vma; rcu_read_unlock(); - if (!mmap_seq_read_check(mm, seq, SPF_ABORT_VMA_COPY)) { - vma_put_file_ref(orig_vma); + if (!mmap_seq_read_check(mm, seq, SPF_ABORT_VMA_COPY)) goto spf_abort; - } vma = &pvma; #ifdef CONFIG_PPC_MEM_KEYS if (unlikely(access_pkey_error(is_write, is_exec, (error_code & DSISR_KEYFAULT), vma))) { count_vm_spf_event(SPF_ABORT_ACCESS_ERROR); - vma_put_file_ref(orig_vma); goto spf_abort; } #endif /* CONFIG_PPC_MEM_KEYS */ if (unlikely(access_error(is_write, is_exec, vma))) { count_vm_spf_event(SPF_ABORT_ACCESS_ERROR); - vma_put_file_ref(orig_vma); goto spf_abort; } fault = do_handle_mm_fault(vma, address, flags | FAULT_FLAG_SPECULATIVE, seq, regs); - vma_put_file_ref(orig_vma); major |= fault & VM_FAULT_MAJOR; if (fault_signal_pending(fault, regs))