oprofile: use KM_NMI slot for kmap_atomic

If one kernel path is using KM_USER0 slot and is interrupted by
the oprofile nmi, then in copy_from_user_nmi(), the KM_USER0 slot
will be overwrite and cleared to zero at last, when the control
return to the original kernel path, it will access an invalid
virtual address and trigger a crash.

Cc: Robert Richter <robert.richter@amd.com>
Cc: Greg KH <gregkh@linuxfoundation.org>
Cc: stable@vger.kernel.org
Signed-off-by: Junxiao Bi <junxiao.bi@oracle.com>
[WT: According to Junxiao and Robert, this patch is needed for stable kernels
 which include a backport of a0e3e70243f5b270bc3eca718f0a9fa5e6b8262e without
 3e4d3af501cccdc8a8cca41bdbe57d54ad7e7e73, but there is no exact equivalent in
 mainline]
Signed-off-by: Willy Tarreau <w@1wt.eu>

diff --git a/arch/x86/oprofile/backtrace.c b/arch/x86/oprofile/backtrace.c
index 829edf0642c4fc747f62015da50502b176957bcc..b50a2802e31ff2aa87a650697c5e33f49278b705 100644 (file)
--- a/arch/x86/oprofile/backtrace.c
+++ b/arch/x86/oprofile/backtrace.c
@@ -71,9 +71,9 @@ copy_from_user_nmi(void *to, const void __user *from, unsigned long n)
                offset = addr & (PAGE_SIZE - 1);
                size = min(PAGE_SIZE - offset, n - len);
 
-               map = kmap_atomic(page, KM_USER0);
+               map = kmap_atomic(page, KM_NMI);
                memcpy(to, map+offset, size);
-               kunmap_atomic(map, KM_USER0);
+               kunmap_atomic(map, KM_NMI);
                put_page(page);
 
                len  += size;