forked fromtorvalds/linux
- Notifications
You must be signed in to change notification settings - Fork1
Commit58ceeb6
thp: fix MADV_DONTNEED vs. MADV_FREE race
Both MADV_DONTNEED and MADV_FREE handled with down_read(mmap_sem).It's critical to not clear pmd intermittently while handling MADV_FREEto avoid race with MADV_DONTNEED:CPU0:CPU1:madvise_free_huge_pmd() pmdp_huge_get_and_clear_full()madvise_dontneed() zap_pmd_range() pmd_trans_huge(*pmd) == 0 (without ptl) // skip the pmd set_pmd_at(); // pmd is re-establishedIt results in MADV_DONTNEED skipping the pmd, leaving it not cleared.It violates MADV_DONTNEED interface and can result is userspacemisbehaviour.Basically it's the same race as with numa balancing inchange_huge_pmd(), but a bit simpler to mitigate: we don't need topreserve dirty/young flags here due to MADV_FREE functionality.[kirill.shutemov@linux.intel.com: Urgh... Power is special again] Link:http://lkml.kernel.org/r/20170303102636.bhd2zhtpds4mt62a@black.fi.intel.comLink:http://lkml.kernel.org/r/20170302151034.27829-4-kirill.shutemov@linux.intel.comSigned-off-by: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>Acked-by: Minchan Kim <minchan@kernel.org>Cc: Minchan Kim <minchan@kernel.org>Cc: Andrea Arcangeli <aarcange@redhat.com>Cc: Hillf Danton <hillf.zj@alibaba-inc.com>Cc: <stable@vger.kernel.org>Signed-off-by: Andrew Morton <akpm@linux-foundation.org>Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>1 parentc0c379e commit58ceeb6
1 file changed
+1
-2
lines changed| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
1568 | 1568 | | |
1569 | 1569 | | |
1570 | 1570 | | |
1571 | | - | |
1572 | | - | |
| 1571 | + | |
1573 | 1572 | | |
1574 | 1573 | | |
1575 | 1574 | | |
| |||
0 commit comments
Comments
(0)