Received: by 2002:ad5:474a:0:0:0:0:0 with SMTP id i10csp3007333imu;
        Sun, 9 Dec 2018 14:59:25 -0800 (PST)
X-Google-Smtp-Source: AFSGD/WbZSE0BnEscglgudTm5IZZPtmtqChx9PCEe+m9AWuFoBFjBTbFx+MqJ9SUFZ3XT96Zt1QN
X-Received: by 2002:a17:902:6a8c:: with SMTP id n12mr10014838plk.85.1544396365576;
        Sun, 09 Dec 2018 14:59:25 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1544396365; cv=none;
        d=google.com; s=arc-20160816;
        b=O2uFQ+HVvGPrIQ42KqRr94Dase3OJ4nwy7viVjI2Dzfwx9DHS0s/nww7EUcZb3rmdg
         4YOktMbdFtoj9bE/8skjxokHo1bX7LTrNZK62UuOTzq87HfB+usLIZc6ZQuwtleR3qkh
         26pBimyQrYOfEF7JFklAOO6YY/Jq5RU0an6RBDX0sJqyXkgm3+l/fZetMPUj+F1fgvrC
         nmg045D6hRDx5hOdcPPYpE8RlKbf4TFZxb//+ZrEUZNbCET2LgDzTi5k/boBmhKUxk6v
         tGb5sg5Q/JcA5eiKkAeo6ouG/0Q3PAtSt0ZOgLHxqCfRB++qQCgrQJwjl3uspXDXHMNF
         XtuA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:in-reply-to:subject:message-id:date:cc:to
         :from:mime-version:content-transfer-encoding:content-disposition;
        bh=OtoU9FysXv5wInPIzIMouCffBPAT49Qf1uHNliQ+Cu8=;
        b=woP9RfVoWAVNQTHjgdBNlcajsPMkiMskIl0g4AWmwP9NA5zyPu9IcjVlBu2FKbyez2
         5EBaguG4aiF4WuGkgC1kUB9PYkIX5PEn0zjKMA1DAe8zbEq+sSEeIlOiBFrBaDg0t6Ce
         cE8eYnsIjWe5CHjBeNAzX+piTfJCFNKs662Y7sPv++oSHVC53LbPeE6Urf9KeNECch+A
         l++nVZeXNCfzF+qUo/b6a20RdK6ELw21FfZnP+h5iY9qqje9/skStOikQSHRW3I8VlOl
         EmZDIBIZpdwxQsUolgFc7k+bwSFvCxiX+bqvhMlW8t5s98HQtr2iqsrWQij0naElEsY9
         SUNQ==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id 2si8811467pfd.154.2018.12.09.14.59.09;
        Sun, 09 Dec 2018 14:59:25 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1728339AbeLIWNR (ORCPT <rfc822;atom.tux.beastie@gmail.com>
        + 99 others); Sun, 9 Dec 2018 17:13:17 -0500
Received: from shadbolt.e.decadent.org.uk ([88.96.1.126]:37880 "EHLO
        shadbolt.e.decadent.org.uk" rhost-flags-OK-OK-OK-OK)
        by vger.kernel.org with ESMTP id S1728393AbeLIWNO (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Sun, 9 Dec 2018 17:13:14 -0500
Received: from pub.yeoldevic.com ([81.174.156.145] helo=deadeye)
        by shadbolt.decadent.org.uk with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
        (Exim 4.89)
        (envelope-from <ben@decadent.org.uk>)
        id 1gW73Q-0002ih-9f; Sun, 09 Dec 2018 21:56:00 +0000
Received: from ben by deadeye with local (Exim 4.91)
        (envelope-from <ben@decadent.org.uk>)
        id 1gW72Z-0003FO-FM; Sun, 09 Dec 2018 21:55:07 +0000
Content-Type: text/plain; charset="UTF-8"
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
MIME-Version: 1.0
From:   Ben Hutchings <ben@decadent.org.uk>
To:     linux-kernel@vger.kernel.org, stable@vger.kernel.org
CC:     akpm@linux-foundation.org,
        "Claudio Imbrenda" <imbrenda@linux.vnet.ibm.com>,
        "Martin Schwidefsky" <schwidefsky@de.ibm.com>
Date:   Sun, 09 Dec 2018 21:50:33 +0000
Message-ID: <lsq.1544392233.299090949@decadent.org.uk>
X-Mailer: LinuxStableQueue (scripts by bwh)
X-Patchwork-Hint: ignore
Subject: [PATCH 3.16 041/328] s390/kvm: fix deadlock when killed by oom
In-Reply-To: <lsq.1544392232.713909046@decadent.org.uk>
X-SA-Exim-Connect-IP: 81.174.156.145
X-SA-Exim-Mail-From: ben@decadent.org.uk
X-SA-Exim-Scanned: No (on shadbolt.decadent.org.uk); SAEximRunCond expanded to false
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

3.16.62-rc1 review patch.  If anyone has any objections, please let me know.

------------------

From: Claudio Imbrenda <imbrenda@linux.vnet.ibm.com>

commit 306d6c49ac9ded11114cb53b0925da52f2c2ada1 upstream.

When the oom killer kills a userspace process in the page fault handler
while in guest context, the fault handler fails to release the mm_sem
if the FAULT_FLAG_RETRY_NOWAIT option is set. This leads to a deadlock
when tearing down the mm when the process terminates. This bug can only
happen when pfault is enabled, so only KVM clients are affected.

The problem arises in the rare cases in which handle_mm_fault does not
release the mm_sem. This patch fixes the issue by manually releasing
the mm_sem when needed.

Fixes: 24eb3a824c4f3 ("KVM: s390: Add FAULT_FLAG_RETRY_NOWAIT for guest fault")
Signed-off-by: Claudio Imbrenda <imbrenda@linux.vnet.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
---
 arch/s390/mm/fault.c | 2 ++
 1 file changed, 2 insertions(+)

--- a/arch/s390/mm/fault.c
+++ b/arch/s390/mm/fault.c
@@ -497,6 +497,8 @@ retry:
 	/* No reason to continue if interrupted by SIGKILL. */
 	if ((fault & VM_FAULT_RETRY) && fatal_signal_pending(current)) {
 		fault = VM_FAULT_SIGNAL;
+		if (flags & FAULT_FLAG_RETRY_NOWAIT)
+			goto out_up;
 		goto out;
 	}
 	if (unlikely(fault & VM_FAULT_ERROR))