On 7/9/20 4:48 AM, robbieko wrote: > From: Robbie Ko <robbieko@xxxxxxxxxxxx> > > When a migrate page occurs, we first create a migration entry > to replace the original pte, and then go to fallback_migrate_page > to execute a writeout if the migratepage is not supported. > > In the writeout, we will clear the dirty bit of the page and use > page_mkclean to clear the dirty bit along with the corresponding pte, > but page_mkclean does not support migration entry. > > The page ditry bit is cleared, but the dirty bit of the pte still exists, > so if mmap continues to write, it will result in data loss. Curious, did you observe this data loss? What filesystem? If yes, it seems serious enough to CC stable and determine a Fixes: tag? > We fix the by first remove the migration entry and then clearing > the dirty bits of the page, which also clears the pte's dirty bits. > > Signed-off-by: Robbie Ko <robbieko@xxxxxxxxxxxx> > --- > mm/migrate.c | 8 ++++---- > 1 file changed, 4 insertions(+), 4 deletions(-) > > diff --git a/mm/migrate.c b/mm/migrate.c > index f37729673558..5c407434b9ba 100644 > --- a/mm/migrate.c > +++ b/mm/migrate.c > @@ -875,10 +875,6 @@ static int writeout(struct address_space *mapping, struct page *page) > /* No write method for the address space */ > return -EINVAL; > > - if (!clear_page_dirty_for_io(page)) > - /* Someone else already triggered a write */ > - return -EAGAIN; > - > /* > * A dirty page may imply that the underlying filesystem has > * the page on some queue. So the page must be clean for > @@ -889,6 +885,10 @@ static int writeout(struct address_space *mapping, struct page *page) > */ > remove_migration_ptes(page, page, false); > > + if (!clear_page_dirty_for_io(page)) > + /* Someone else already triggered a write */ > + return -EAGAIN; > + > rc = mapping->a_ops->writepage(page, &wbc); > > if (rc != AOP_WRITEPAGE_ACTIVATE) >
