next 3.18

diff --git a/next-3.18/s390-mm-fix-cmma-vs-ksm-vs-others.patch b/next-3.18/s390-mm-fix-cmma-vs-ksm-vs-others.patch
new file mode 100644 (file)
index 0000000..4563563
--- /dev/null
+++ b/next-3.18/s390-mm-fix-cmma-vs-ksm-vs-others.patch
@@ -0,0 +1,37 @@
+From a8f60d1fadf7b8b54449fcc9d6b15248917478ba Mon Sep 17 00:00:00 2001
+From: Christian Borntraeger <borntraeger@de.ibm.com>
+Date: Sun, 9 Apr 2017 22:09:38 +0200
+Subject: s390/mm: fix CMMA vs KSM vs others
+
+From: Christian Borntraeger <borntraeger@de.ibm.com>
+
+commit a8f60d1fadf7b8b54449fcc9d6b15248917478ba upstream.
+
+On heavy paging with KSM I see guest data corruption. Turns out that
+KSM will add pages to its tree, where the mapping return true for
+pte_unused (or might become as such later).  KSM will unmap such pages
+and reinstantiate with different attributes (e.g. write protected or
+special, e.g. in replace_page or write_protect_page)). This uncovered
+a bug in our pagetable handling: We must remove the unused flag as
+soon as an entry becomes present again.
+
+Signed-of-by: Christian Borntraeger <borntraeger@de.ibm.com>
+Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+
+diff --git a/arch/s390/include/asm/pgtable.h b/arch/s390/include/asm/pgtable.h
+index 024f85f..e2c0e4e 100644
+--- a/arch/s390/include/asm/pgtable.h
++++ b/arch/s390/include/asm/pgtable.h
+@@ -829,6 +829,8 @@ static inline void set_pte_at(struct mm_struct *mm, unsigned long addr,
+ {
+       pgste_t pgste;
+ 
++      if (pte_present(entry))
++              pte_val(entry) &= ~_PAGE_UNUSED;
+       if (mm_has_pgste(mm)) {
+               pgste = pgste_get_lock(ptep);
+               pgste_val(pgste) &= ~_PGSTE_GPS_ZERO;
+-- 
+2.7.4

diff --git a/next-3.18/series b/next-3.18/series
index 4426dd39b50c7402c244cfce64b2b9c43ae51e7a..f0a511378e1a1459229ad2482bd01b1f7d920e76 100644 (file)
--- a/next-3.18/series
+++ b/next-3.18/series
@@ -5,4 +5,5 @@ tracing-allocate-the-snapshot-buffer-before-enabling-probe.patch
 ring-buffer-have-ring_buffer_iter_empty-return-true-when-empty.patch
 cifs-do-not-send-echoes-before-negotiate-is-complete.patch
 cifs-remove-bad_network_name-flag.patch
+s390-mm-fix-cmma-vs-ksm-vs-others.patch
 

diff --git a/queue-4.10/series b/queue-4.10/series
index 34d90324940a1823c36fc2637e454bdf4b93141a..cb8ff9ae24f5af5bfc0a9fe382132ee6d7280e1f 100644 (file)
--- a/queue-4.10/series
+++ b/queue-4.10/series
@@ -8,3 +8,4 @@ mm-prevent-nr_isolate_-stats-from-going-negative.patch
 cifs-do-not-send-echoes-before-negotiate-is-complete.patch
 cifs-remove-bad_network_name-flag.patch
 mmc-dw_mmc-silent-verbose-log-when-calling-from-pm-context.patch
+s390-mm-fix-cmma-vs-ksm-vs-others.patch

diff --git a/queue-4.9/series b/queue-4.9/series
index 56b0c4f2adc76c69872d077116f192bec528cc36..dbaceba090aa8ad06da3ee18d41d9e357ba5e773 100644 (file)
--- a/queue-4.9/series
+++ b/queue-4.9/series
@@ -6,3 +6,4 @@ ring-buffer-have-ring_buffer_iter_empty-return-true-when-empty.patch
 mm-prevent-nr_isolate_-stats-from-going-negative.patch
 cifs-do-not-send-echoes-before-negotiate-is-complete.patch
 cifs-remove-bad_network_name-flag.patch
+s390-mm-fix-cmma-vs-ksm-vs-others.patch