[to-be-updated] mm-z3foldc-lock-z3fold-page-before-__setpagemovable.patch removed from -mm tree

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



The patch titled
     Subject: mm/z3fold.c: lock z3fold page before __SetPageMovable()
has been removed from the -mm tree.  Its filename was
     mm-z3foldc-lock-z3fold-page-before-__setpagemovable.patch

This patch was dropped because an updated version will be merged

------------------------------------------------------
From: Henry Burns <henryburns@xxxxxxxxxx>
Subject: mm/z3fold.c: lock z3fold page before __SetPageMovable()

__SetPageMovable() expects its page to be locked, but z3fold.c doesn't
lock the page.  This triggers the VM_BUG_ON_PAGE(!PageLocked(page), page)
in __SetPageMovable().

Following zsmalloc.c's example we call trylock_page() and unlock_page(). 
Also make z3fold_page_migrate() assert that newpage is passed in locked,
as per the documentation.

Link: http://lkml.kernel.org/r/20190702005122.41036-1-henryburns@xxxxxxxxxx
Signed-off-by: Henry Burns <henryburns@xxxxxxxxxx>
Suggested-by: Vitaly Wool <vitalywool@xxxxxxxxx>
Acked-by: Vitaly Wool <vitalywool@xxxxxxxxx>
Acked-by: David Rientjes <rientjes@xxxxxxxxxx>
Cc: Shakeel Butt <shakeelb@xxxxxxxxxx>
Cc: Vitaly Vul <vitaly.vul@xxxxxxxx>
Cc: Mike Rapoport <rppt@xxxxxxxxxxxxxxxxxx>
Cc: Xidong Wang <wangxidong_97@xxxxxxx>
Cc: Jonathan Adams <jwadams@xxxxxxxxxx>
Cc: <stable@xxxxxxxxxxxxxxx>
Signed-off-by: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx>
---

 mm/z3fold.c |    6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

--- a/mm/z3fold.c~mm-z3foldc-lock-z3fold-page-before-__setpagemovable
+++ a/mm/z3fold.c
@@ -919,7 +919,10 @@ retry:
 		set_bit(PAGE_HEADLESS, &page->private);
 		goto headless;
 	}
-	__SetPageMovable(page, pool->inode->i_mapping);
+	if (!WARN_ON(!trylock_page(page))) {
+		__SetPageMovable(page, pool->inode->i_mapping);
+		unlock_page(page);
+	}
 	z3fold_page_lock(zhdr);
 
 found:
@@ -1326,6 +1329,7 @@ static int z3fold_page_migrate(struct ad
 
 	VM_BUG_ON_PAGE(!PageMovable(page), page);
 	VM_BUG_ON_PAGE(!PageIsolated(page), page);
+	VM_BUG_ON_PAGE(!PageLocked(newpage), newpage);
 
 	zhdr = page_address(page);
 	pool = zhdr_to_pool(zhdr);
_

Patches currently in -mm which might be from henryburns@xxxxxxxxxx are

mm-z3fold-fix-z3fold_buddy_slots-use-after-free.patch




[Index of Archives]     [Kernel Archive]     [IETF Annouce]     [DCCP]     [Netdev]     [Networking]     [Security]     [Bugtraq]     [Yosemite]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux SCSI]

  Powered by Linux