This change fixes an anon_vma locking issue in the following situation:
- vma has no anon_vma
- next has an anon_vma
- vma is being shrunk / next is being expanded, due to an mprotect call
We need to take next's anon_vma lock to avoid races with rmap users
(such as page migration) while next is being expanded.
Signed-off-by: Michel Lespinasse <walken@xxxxxxxxxx>
---
mm/mmap.c | 6 +++++-
1 files changed, 5 insertions(+), 1 deletions(-)
diff --git a/mm/mmap.c b/mm/mmap.c
index 3edfcdfa42d9..6fd7afa0e651 100644
--- a/mm/mmap.c
+++ b/mm/mmap.c
@@ -578,8 +578,12 @@ again: remove_next = 1 + (end > next->vm_end);
*/
if (vma->anon_vma && (importer || start != vma->vm_start)) {
anon_vma = vma->anon_vma;
+ VM_BUG_ON(adjust_next && next->anon_vma &&
+ anon_vma != next->anon_vma);
+ } else if (adjust_next && next->anon_vma)
+ anon_vma = next->anon_vma;
+ if (anon_vma)
anon_vma_lock(anon_vma);
- }
if (root) {
flush_dcache_mmap_lock(mapping);
--
1.7.7.3
--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@xxxxxxxxx. For more info on Linux MM,
see: http://www.linux-mm.org/ .
Don't email: <a href=mailto:"dont@xxxxxxxxx";> email@xxxxxxxxx </a>