1 files changed, 112 insertions, 0 deletions
diff --git a/recipes-kernel/linux/linux-ti33x-psp-3.2/3.2.6/0028-mm-compaction-check-pfn_valid-when-entering-a-new-MA.patch b/recipes-kernel/linux/linux-ti33x-psp-3.2/3.2.6/0028-mm-compaction-check-pfn_valid-when-entering-a-new-MA.patch
new file mode 100644
index 00000000..8862a782
--- /dev/null
+++ b/recipes-kernel/linux/linux-ti33x-psp-3.2/3.2.6/0028-mm-compaction-check-pfn_valid-when-entering-a-new-MA.patch
@@ -0,0 +1,112 @@
+From 9da11afefb6f8ccc0f7731831f7ad73106fc87f3 Mon Sep 17 00:00:00 2001
+From: Mel Gorman <mgorman@suse.de>
+Date: Fri, 3 Feb 2012 15:37:18 -0800
+Subject: [PATCH 28/87] mm: compaction: check pfn_valid when entering a new
+ MAX_ORDER_NR_PAGES block during isolation for
+ migration
+commit 0bf380bc70ecba68cb4d74dc656cc2fa8c4d801a upstream.
+When isolating for migration, migration starts at the start of a zone
+which is not necessarily pageblock aligned.  Further, it stops isolating
+when COMPACT_CLUSTER_MAX pages are isolated so migrate_pfn is generally
+not aligned.  This allows isolate_migratepages() to call pfn_to_page() on
+an invalid PFN which can result in a crash.  This was originally reported
+against a 3.0-based kernel with the following trace in a crash dump.
+PID: 9902   TASK: d47aecd0  CPU: 0   COMMAND: "memcg_process_s"
+ #0 [d72d3ad0] crash_kexec at c028cfdb
+ #1 [d72d3b24] oops_end at c05c5322
+ #2 [d72d3b38] __bad_area_nosemaphore at c0227e60
+ #3 [d72d3bec] bad_area at c0227fb6
+ #4 [d72d3c00] do_page_fault at c05c72ec
+ #5 [d72d3c80] error_code (via page_fault) at c05c47a4
+    EAX: 00000000  EBX: 000c0000  ECX: 00000001  EDX: 00000807  EBP: 000c0000
+    DS:  007b      ESI: 00000001  ES:  007b      EDI: f3000a80  GS:  6f50
+    CS:  0060      EIP: c030b15a  ERR: ffffffff  EFLAGS: 00010002
+ #6 [d72d3cb4] isolate_migratepages at c030b15a
+ #7 [d72d3d14] zone_watermark_ok at c02d26cb
+ #8 [d72d3d2c] compact_zone at c030b8de
+ #9 [d72d3d68] compact_zone_order at c030bba1
+#10 [d72d3db4] try_to_compact_pages at c030bc84
+#11 [d72d3ddc] __alloc_pages_direct_compact at c02d61e7
+#12 [d72d3e08] __alloc_pages_slowpath at c02d66c7
+#13 [d72d3e78] __alloc_pages_nodemask at c02d6a97
+#14 [d72d3eb8] alloc_pages_vma at c030a845
+#15 [d72d3ed4] do_huge_pmd_anonymous_page at c03178eb
+#16 [d72d3f00] handle_mm_fault at c02f36c6
+#17 [d72d3f30] do_page_fault at c05c70ed
+#18 [d72d3fb0] error_code (via page_fault) at c05c47a4
+    EAX: b71ff000  EBX: 00000001  ECX: 00001600  EDX: 00000431
+    DS:  007b      ESI: 08048950  ES:  007b      EDI: bfaa3788
+    SS:  007b      ESP: bfaa36e0  EBP: bfaa3828  GS:  6f50
+    CS:  0073      EIP: 080487c8  ERR: ffffffff  EFLAGS: 00010202
+It was also reported by Herbert van den Bergh against 3.1-based kernel
+with the following snippet from the console log.
+BUG: unable to handle kernel paging request at 01c00008
+IP: [<c0522399>] isolate_migratepages+0x119/0x390
+*pdpt = 000000002f7ce001 *pde = 0000000000000000
+It is expected that it also affects 3.2.x and current mainline.
+The problem is that pfn_valid is only called on the first PFN being
+checked and that PFN is not necessarily aligned.  Lets say we have a case
+like this
+H = MAX_ORDER_NR_PAGES boundary
+| = pageblock boundary
+m = cc->migrate_pfn
+f = cc->free_pfn
+o = memory hole
+H------|------H------|----m-Hoooooo|ooooooH-f----|------H
+The migrate_pfn is just below a memory hole and the free scanner is beyond
+the hole.  When isolate_migratepages started, it scans from migrate_pfn to
+migrate_pfn+pageblock_nr_pages which is now in a memory hole.  It checks
+pfn_valid() on the first PFN but then scans into the hole where there are
+not necessarily valid struct pages.
+This patch ensures that isolate_migratepages calls pfn_valid when
+necessary.
+Reported-by: Herbert van den Bergh <herbert.van.den.bergh@oracle.com>
+Tested-by: Herbert van den Bergh <herbert.van.den.bergh@oracle.com>
+Signed-off-by: Mel Gorman <mgorman@suse.de>
+Acked-by: Michal Nazarewicz <mina86@mina86.com>
+Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
+Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ mm/compaction.c |   13 +++++++++++++
+ 1 files changed, 13 insertions(+), 0 deletions(-)
+diff --git a/mm/compaction.c b/mm/compaction.c
+index 899d956..edc1e26 100644
+--- a/mm/compaction.c
+++ b/mm/compaction.c
+@@ -313,6 +313,19 @@ static isolate_migrate_t isolate_migratepages(struct zone *zone,
+                } else if (!locked)
+                        spin_lock_irq(&zone->lru_lock);
+ 
+               /*
+                * migrate_pfn does not necessarily start aligned to a
+                * pageblock. Ensure that pfn_valid is called when moving
+                * into a new MAX_ORDER_NR_PAGES range in case of large
+                * memory holes within the zone
+                */
+               if ((low_pfn & (MAX_ORDER_NR_PAGES - 1)) == 0) {
+                       if (!pfn_valid(low_pfn)) {
+                               low_pfn += MAX_ORDER_NR_PAGES - 1;
+                               continue;
+                       }
+               }
+
+                if (!pfn_valid_within(low_pfn))
+                        continue;
+                nr_scanned++;
+-- 
+1.7.7.4

diff --git a/recipes-kernel/linux/linux-ti33x-psp-3.2/3.2.6/0028-mm-compaction-check-pfn_valid-when-entering-a-new-MA.patch b/recipes-kernel/linux/linux-ti33x-psp-3.2/3.2.6/0028-mm-compaction-check-pfn_valid-when-entering-a-new-MA.patch new file mode 100644 index 00000000..8862a782 --- /dev/null +++ b/recipes-kernel/linux/linux-ti33x-psp-3.2/3.2.6/0028-mm-compaction-check-pfn_valid-when-entering-a-new-MA.patch
@@ -0,0 +1,112 @@
	1	From 9da11afefb6f8ccc0f7731831f7ad73106fc87f3 Mon Sep 17 00:00:00 2001
	2	From: Mel Gorman <mgorman@suse.de>
	3	Date: Fri, 3 Feb 2012 15:37:18 -0800
	4	Subject: [PATCH 28/87] mm: compaction: check pfn_valid when entering a new
	5	MAX_ORDER_NR_PAGES block during isolation for
	6	migration
	7
	8	commit 0bf380bc70ecba68cb4d74dc656cc2fa8c4d801a upstream.
	9
	10	When isolating for migration, migration starts at the start of a zone
	11	which is not necessarily pageblock aligned. Further, it stops isolating
	12	when COMPACT_CLUSTER_MAX pages are isolated so migrate_pfn is generally
	13	not aligned. This allows isolate_migratepages() to call pfn_to_page() on
	14	an invalid PFN which can result in a crash. This was originally reported
	15	against a 3.0-based kernel with the following trace in a crash dump.
	16
	17	PID: 9902 TASK: d47aecd0 CPU: 0 COMMAND: "memcg_process_s"
	18	#0 [d72d3ad0] crash_kexec at c028cfdb
	19	#1 [d72d3b24] oops_end at c05c5322
	20	#2 [d72d3b38] __bad_area_nosemaphore at c0227e60
	21	#3 [d72d3bec] bad_area at c0227fb6
	22	#4 [d72d3c00] do_page_fault at c05c72ec
	23	#5 [d72d3c80] error_code (via page_fault) at c05c47a4
	24	EAX: 00000000 EBX: 000c0000 ECX: 00000001 EDX: 00000807 EBP: 000c0000
	25	DS: 007b ESI: 00000001 ES: 007b EDI: f3000a80 GS: 6f50
	26	CS: 0060 EIP: c030b15a ERR: ffffffff EFLAGS: 00010002
	27	#6 [d72d3cb4] isolate_migratepages at c030b15a
	28	#7 [d72d3d14] zone_watermark_ok at c02d26cb
	29	#8 [d72d3d2c] compact_zone at c030b8de
	30	#9 [d72d3d68] compact_zone_order at c030bba1
	31	#10 [d72d3db4] try_to_compact_pages at c030bc84
	32	#11 [d72d3ddc] __alloc_pages_direct_compact at c02d61e7
	33	#12 [d72d3e08] __alloc_pages_slowpath at c02d66c7
	34	#13 [d72d3e78] __alloc_pages_nodemask at c02d6a97
	35	#14 [d72d3eb8] alloc_pages_vma at c030a845
	36	#15 [d72d3ed4] do_huge_pmd_anonymous_page at c03178eb
	37	#16 [d72d3f00] handle_mm_fault at c02f36c6
	38	#17 [d72d3f30] do_page_fault at c05c70ed
	39	#18 [d72d3fb0] error_code (via page_fault) at c05c47a4
	40	EAX: b71ff000 EBX: 00000001 ECX: 00001600 EDX: 00000431
	41	DS: 007b ESI: 08048950 ES: 007b EDI: bfaa3788
	42	SS: 007b ESP: bfaa36e0 EBP: bfaa3828 GS: 6f50
	43	CS: 0073 EIP: 080487c8 ERR: ffffffff EFLAGS: 00010202
	44
	45	It was also reported by Herbert van den Bergh against 3.1-based kernel
	46	with the following snippet from the console log.
	47
	48	BUG: unable to handle kernel paging request at 01c00008
	49	IP: [<c0522399>] isolate_migratepages+0x119/0x390
	50	pdpt = 000000002f7ce001 pde = 0000000000000000
	51
	52	It is expected that it also affects 3.2.x and current mainline.
	53
	54	The problem is that pfn_valid is only called on the first PFN being
	55	checked and that PFN is not necessarily aligned. Lets say we have a case
	56	like this
	57
	58	H = MAX_ORDER_NR_PAGES boundary
	59	\| = pageblock boundary
	60	m = cc->migrate_pfn
	61	f = cc->free_pfn
	62	o = memory hole
	63
	64	H------\|------H------\|----m-Hoooooo\|ooooooH-f----\|------H
	65
	66	The migrate_pfn is just below a memory hole and the free scanner is beyond
	67	the hole. When isolate_migratepages started, it scans from migrate_pfn to
	68	migrate_pfn+pageblock_nr_pages which is now in a memory hole. It checks
	69	pfn_valid() on the first PFN but then scans into the hole where there are
	70	not necessarily valid struct pages.
	71
	72	This patch ensures that isolate_migratepages calls pfn_valid when
	73	necessary.
	74
	75	Reported-by: Herbert van den Bergh <herbert.van.den.bergh@oracle.com>
	76	Tested-by: Herbert van den Bergh <herbert.van.den.bergh@oracle.com>
	77	Signed-off-by: Mel Gorman <mgorman@suse.de>
	78	Acked-by: Michal Nazarewicz <mina86@mina86.com>
	79	Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
	80	Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
	81	Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	82	---
	83	mm/compaction.c \| 13 +++++++++++++
	84	1 files changed, 13 insertions(+), 0 deletions(-)
	85
	86	diff --git a/mm/compaction.c b/mm/compaction.c
	87	index 899d956..edc1e26 100644
	88	--- a/mm/compaction.c
	89	+++ b/mm/compaction.c
	90	@@ -313,6 +313,19 @@ static isolate_migrate_t isolate_migratepages(struct zone *zone,
	91	} else if (!locked)
	92	spin_lock_irq(&zone->lru_lock);
	93
	94	+ /*
	95	+ * migrate_pfn does not necessarily start aligned to a
	96	+ * pageblock. Ensure that pfn_valid is called when moving
	97	+ * into a new MAX_ORDER_NR_PAGES range in case of large
	98	+ * memory holes within the zone
	99	+ */
	100	+ if ((low_pfn & (MAX_ORDER_NR_PAGES - 1)) == 0) {
	101	+ if (!pfn_valid(low_pfn)) {
	102	+ low_pfn += MAX_ORDER_NR_PAGES - 1;
	103	+ continue;
	104	+ }
	105	+ }
	106	+
	107	if (!pfn_valid_within(low_pfn))
	108	continue;
	109	nr_scanned++;
	110	--
	111	1.7.7.4
	112