Fix a VM bug introduced in 2.6.38.4
This commit is contained in:
Chuck Ebbert
parent
5c3a39fd9a
commit
ac4b917a22
|
|
@ -51,7 +51,7 @@ Summary: The Linux kernel
|
|||
# For non-released -rc kernels, this will be prepended with "0.", so
|
||||
# for example a 3 here will become 0.3
|
||||
#
|
||||
%global baserelease 25
|
||||
%global baserelease 26
|
||||
%global fedora_build %{baserelease}
|
||||
|
||||
# base_sublevel is the kernel version we're starting with and patching
|
||||
|
|
@ -745,6 +745,8 @@ Patch12410: scsi-fix-oops-in-scsi_run_queue.patch
|
|||
|
||||
Patch12420: can-add-missing-socket-check-in-can_raw_release.patch
|
||||
|
||||
Patch12430: vm-skip-the-stack-guard-page-lookup-in-get_user_pages-only-for-mlock.patch
|
||||
|
||||
%endif
|
||||
|
||||
BuildRoot: %{_tmppath}/kernel-%{KVERREL}-root
|
||||
|
|
@ -1379,8 +1381,10 @@ ApplyPatch linux-2.6-netconsole-deadlock.patch
|
|||
# CVE-2011-1581
|
||||
ApplyPatch bonding-incorrect-tx-queue-offset.patch
|
||||
|
||||
# 2.6.38.6-rc1 fixes requested for final
|
||||
ApplyPatch can-add-missing-socket-check-in-can_raw_release.patch
|
||||
ApplyPatch scsi-fix-oops-in-scsi_run_queue.patch
|
||||
ApplyPatch vm-skip-the-stack-guard-page-lookup-in-get_user_pages-only-for-mlock.patch
|
||||
|
||||
# END OF PATCH APPLICATIONS
|
||||
|
||||
|
|
@ -1990,6 +1994,9 @@ fi
|
|||
# and build.
|
||||
|
||||
%changelog
|
||||
* Mon May 09 2011 Chuck Ebbert <cebbert@redhat.com> 2.6.38.6-26.rc1
|
||||
- Fix a VM bug introduced in 2.6.38.4
|
||||
|
||||
* Mon May 09 2011 Kyle McMartin <kmcmartin@redhat.com>
|
||||
- Update to stable review 2.6.38.6-rc1
|
||||
- Revert DRM patch duplicated in drm-radeon-update rollup.
|
||||
|
|
|
|||
|
|
@ -0,0 +1,78 @@
|
|||
From: Linus Torvalds <torvalds@linux-foundation.org>
|
||||
Date: Thu, 5 May 2011 04:30:28 +0000 (-0700)
|
||||
Subject: VM: skip the stack guard page lookup in get_user_pages only for mlock
|
||||
X-Git-Url: http://git.kernel.org/?p=linux%2Fkernel%2Fgit%2Ftorvalds%2Flinux-2.6.git;a=commitdiff_plain;h=a1fde08c74e90accd62d4cfdbf580d2ede938fe7
|
||||
|
||||
VM: skip the stack guard page lookup in get_user_pages only for mlock
|
||||
|
||||
The logic in __get_user_pages() used to skip the stack guard page lookup
|
||||
whenever the caller wasn't interested in seeing what the actual page
|
||||
was. But Michel Lespinasse points out that there are cases where we
|
||||
don't care about the physical page itself (so 'pages' may be NULL), but
|
||||
do want to make sure a page is mapped into the virtual address space.
|
||||
|
||||
So using the existence of the "pages" array as an indication of whether
|
||||
to look up the guard page or not isn't actually so great, and we really
|
||||
should just use the FOLL_MLOCK bit. But because that bit was only set
|
||||
for the VM_LOCKED case (and not all vma's necessarily have it, even for
|
||||
mlock()), we couldn't do that originally.
|
||||
|
||||
Fix that by moving the VM_LOCKED check deeper into the call-chain, which
|
||||
actually simplifies many things. Now mlock() gets simpler, and we can
|
||||
also check for FOLL_MLOCK in __get_user_pages() and the code ends up
|
||||
much more straightforward.
|
||||
|
||||
Reported-and-reviewed-by: Michel Lespinasse <walken@google.com>
|
||||
Cc: stable@kernel.org
|
||||
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
|
||||
---
|
||||
|
||||
diff --git a/mm/memory.c b/mm/memory.c
|
||||
index 607098d4..27f4253 100644
|
||||
--- a/mm/memory.c
|
||||
+++ b/mm/memory.c
|
||||
@@ -1359,7 +1359,7 @@ split_fallthrough:
|
||||
*/
|
||||
mark_page_accessed(page);
|
||||
}
|
||||
- if (flags & FOLL_MLOCK) {
|
||||
+ if ((flags & FOLL_MLOCK) && (vma->vm_flags & VM_LOCKED)) {
|
||||
/*
|
||||
* The preliminary mapping check is mainly to avoid the
|
||||
* pointless overhead of lock_page on the ZERO_PAGE
|
||||
@@ -1552,10 +1552,9 @@ int __get_user_pages(struct task_struct *tsk, struct mm_struct *mm,
|
||||
}
|
||||
|
||||
/*
|
||||
- * If we don't actually want the page itself,
|
||||
- * and it's the stack guard page, just skip it.
|
||||
+ * For mlock, just skip the stack guard page.
|
||||
*/
|
||||
- if (!pages && stack_guard_page(vma, start))
|
||||
+ if ((gup_flags & FOLL_MLOCK) && stack_guard_page(vma, start))
|
||||
goto next_page;
|
||||
|
||||
do {
|
||||
diff --git a/mm/mlock.c b/mm/mlock.c
|
||||
index 6b55e3e..516b2c2 100644
|
||||
--- a/mm/mlock.c
|
||||
+++ b/mm/mlock.c
|
||||
@@ -162,7 +162,7 @@ static long __mlock_vma_pages_range(struct vm_area_struct *vma,
|
||||
VM_BUG_ON(end > vma->vm_end);
|
||||
VM_BUG_ON(!rwsem_is_locked(&mm->mmap_sem));
|
||||
|
||||
- gup_flags = FOLL_TOUCH;
|
||||
+ gup_flags = FOLL_TOUCH | FOLL_MLOCK;
|
||||
/*
|
||||
* We want to touch writable mappings with a write fault in order
|
||||
* to break COW, except for shared mappings because these don't COW
|
||||
@@ -178,9 +178,6 @@ static long __mlock_vma_pages_range(struct vm_area_struct *vma,
|
||||
if (vma->vm_flags & (VM_READ | VM_WRITE | VM_EXEC))
|
||||
gup_flags |= FOLL_FORCE;
|
||||
|
||||
- if (vma->vm_flags & VM_LOCKED)
|
||||
- gup_flags |= FOLL_MLOCK;
|
||||
-
|
||||
return __get_user_pages(current, mm, addr, nr_pages, gup_flags,
|
||||
NULL, NULL, nonblocking);
|
||||
}
|
||||
Loading…
Reference in New Issue