Home Home > GIT Browse > SLE12-SP4
summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorVlastimil Babka <vbabka@suse.cz>2019-01-14 10:07:57 +0100
committerVlastimil Babka <vbabka@suse.cz>2019-01-14 10:08:14 +0100
commit4c4ed8764a8ba015076ab56947727776dd4366ed (patch)
treeaf887c857ce1789f091f99e6f6737979de402388
parent8abf09c7b00f5fd52c38e31046eb19c402a38db0 (diff)
mm/huge_memory: splitting set mapping+index before unfreeze
(VM Functionality, bsc#1121599).
-rw-r--r--patches.fixes/mm-huge_memory-splitting-set-mapping-index-before-unfreeze.patch66
-rw-r--r--series.conf1
2 files changed, 67 insertions, 0 deletions
diff --git a/patches.fixes/mm-huge_memory-splitting-set-mapping-index-before-unfreeze.patch b/patches.fixes/mm-huge_memory-splitting-set-mapping-index-before-unfreeze.patch
new file mode 100644
index 0000000000..acd1c39b60
--- /dev/null
+++ b/patches.fixes/mm-huge_memory-splitting-set-mapping-index-before-unfreeze.patch
@@ -0,0 +1,66 @@
+From: Hugh Dickins <hughd@google.com>
+Date: Fri, 30 Nov 2018 14:10:16 -0800
+Subject: mm/huge_memory: splitting set mapping+index before unfreeze
+Git-commit: 173d9d9fd3ddae84c110fea8aedf1f26af6be9ec
+Patch-mainline: v4.20-rc5
+References: VM Functionality, bsc#1121599
+
+Huge tmpfs stress testing has occasionally hit shmem_undo_range()'s
+VM_BUG_ON_PAGE(page_to_pgoff(page) != index, page).
+
+Move the setting of mapping and index up before the page_ref_unfreeze()
+in __split_huge_page_tail() to fix this: so that a page cache lookup
+cannot get a reference while the tail's mapping and index are unstable.
+
+In fact, might as well move them up before the smp_wmb(): I don't see an
+actual need for that, but if I'm missing something, this way round is
+safer than the other, and no less efficient.
+
+You might argue that VM_BUG_ON_PAGE(page_to_pgoff(page) != index, page) is
+misplaced, and should be left until after the trylock_page(); but left as
+is has not crashed since, and gives more stringent assurance.
+
+Link: http://lkml.kernel.org/r/alpine.LSU.2.11.1811261516380.2275@eggly.anvils
+Fixes: e9b61f19858a5 ("thp: reintroduce split_huge_page()")
+Requires: 605ca5ede764 ("mm/huge_memory.c: reorder operations in __split_huge_page_tail()")
+Signed-off-by: Hugh Dickins <hughd@google.com>
+Acked-by: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
+Cc: Konstantin Khlebnikov <khlebnikov@yandex-team.ru>
+Cc: Jerome Glisse <jglisse@redhat.com>
+Cc: Matthew Wilcox <willy@infradead.org>
+Cc: <stable@vger.kernel.org> [4.8+]
+Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
+Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
+Signed-off-by: Vlastimil Babka <vbabka@suse.cz>
+---
+ mm/huge_memory.c | 12 ++++++------
+ 1 file changed, 6 insertions(+), 6 deletions(-)
+
+--- a/mm/huge_memory.c
++++ b/mm/huge_memory.c
+@@ -2229,6 +2229,12 @@ static void __split_huge_page_tail(struc
+ (1L << PG_unevictable) |
+ (1L << PG_dirty)));
+
++ /* ->mapping in first tail page is compound_mapcount */
++ VM_BUG_ON_PAGE(tail > 2 && page_tail->mapping != TAIL_MAPPING,
++ page_tail);
++ page_tail->mapping = head->mapping;
++ page_tail->index = head->index + tail;
++
+ /* Page flags must be visible before we make the page non-compound. */
+ smp_wmb();
+
+@@ -2249,12 +2255,6 @@ static void __split_huge_page_tail(struc
+ if (page_is_idle(head))
+ set_page_idle(page_tail);
+
+- /* ->mapping in first tail page is compound_mapcount */
+- VM_BUG_ON_PAGE(tail > 2 && page_tail->mapping != TAIL_MAPPING,
+- page_tail);
+- page_tail->mapping = head->mapping;
+-
+- page_tail->index = head->index + tail;
+ page_cpupid_xchg_last(page_tail, page_cpupid_last(head));
+ lru_add_page_tail(head, page_tail, lruvec, list);
+ }
diff --git a/series.conf b/series.conf
index 71894aa6c9..5d98eb82dd 100644
--- a/series.conf
+++ b/series.conf
@@ -19364,6 +19364,7 @@
patches.fixes/userfaultfd-shmem-add-i_size-checks.patch
patches.fixes/userfaultfd-shmem-uffdio_copy-set-the-page-dirty-if-vm_write-is-not-set.patch
patches.fixes/mm-huge_memory-rename-freeze_page-to-unmap_page.patch
+ patches.fixes/mm-huge_memory-splitting-set-mapping-index-before-unfreeze.patch
patches.drivers/pci-imx6-fix-link-training-status-detection-in-link-up-check
patches.fixes/fs-fix-lost-error-code-in-dio_complete.patch
patches.fixes/nvme-free-ctrl-device-name-on-init-failure.patch