The hugetlbfs fallocate hole punch code can race with page faults. The
result is that after a hole punch operation, pages may remain within the
hole. No other side effects of this race were observed.
In preparation for adding userfaultfd support to hugetlbfs, it is desirable
to close the window of this race. This patch set starts by using the same
mechanism employed in shmem (see commit f00cdc6df7). This greatly reduces
the race window. However, it is still possible for the race to occur.
The current hugetlbfs code to remove pages did not deal with pages that
were mapped (because of such a race). This patch set also adds code to
unmap pages in this rare case. This unmapping of a single page happens
under the hugetlb_fault_mutex, so it can not be faulted again until the
end of the operation.
v2:
Incorporated Andrew Morton's cleanups and added suggested comments
Added patch 4/4 to unmap single pages in remove_inode_hugepages
Mike Kravetz (4):
mm/hugetlb: Define hugetlb_falloc structure for hole punch race
mm/hugetlb: Setup hugetlb_falloc during fallocate hole punch
mm/hugetlb: page faults check for fallocate hole punch in progress and
wait
mm/hugetlb: Unmap pages to remove if page fault raced with hole punch
fs/hugetlbfs/inode.c | 155 ++++++++++++++++++++++++++++--------------------
include/linux/hugetlb.h | 10 ++++
mm/hugetlb.c | 39 ++++++++++++
3 files changed, 141 insertions(+), 63 deletions(-)
--
2.4.3
--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@xxxxxxxxx. For more info on Linux MM,
see: http://www.linux-mm.org/ .
Don't email: <a href=mailto:"dont@xxxxxxxxx";> email@xxxxxxxxx </a>