git.baikalelectronics.ru Git - kernel.git/commit

author	Andrea Arcangeli <aarcange@redhat.com>
	Thu, 9 Sep 2010 23:37:52 +0000 (16:37 -0700)
committer	Linus Torvalds <torvalds@linux-foundation.org>
	Fri, 10 Sep 2010 01:57:24 +0000 (18:57 -0700)
commit	0edf7010fae10d023b11e4449a4d3f90c86c491e
tree	abe560c8f293191be65488c49f4db3f3a626e63c	tree \| snapshot
parent	3362ded9cdf3d50d870510e73cd778775e21162f	commit \| diff

mm: fix swapin race condition

The pte_same check is reliable only if the swap entry remains pinned (by
the page lock on swapcache). We've also to ensure the swapcache isn't
removed before we take the lock as try_to_free_swap won't care about the
page pin.

One of the possible impacts of this patch is that a KSM-shared page can
point to the anon_vma of another process, which could exit before the page
is freed.

This can leave a page with a pointer to a recycled anon_vma object, or
worse, a pointer to something that is no longer an anon_vma.

[riel@redhat.com: changelog help]
Signed-off-by: Andrea Arcangeli <aarcange@redhat.com>
Acked-by: Hugh Dickins <hughd@google.com>
Reviewed-by: Rik van Riel <riel@redhat.com>
Cc: <stable@kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>

include/linux/ksm.h		diff \| blob \| history
mm/ksm.c		diff \| blob \| history
mm/memory.c		diff \| blob \| history