diff options
| author | Mauro Carvalho Chehab <mchehab@redhat.com> | 2012-01-06 12:18:43 (GMT) |
|---|---|---|
| committer | Mauro Carvalho Chehab <mchehab@redhat.com> | 2012-01-06 12:18:43 (GMT) |
| commit | b35009a9a7e44fd009717b6e3f29e7043dfb29ca (patch) | |
| tree | 5d2e7f27f0620f8a54d12b8d051d04032852115a /kernel/futex.c | |
| parent | 194ed21925032b366e693373ba9bde62fbbf16ed (diff) | |
| parent | 805a6af8dba5dfdd35ec35dc52ec0122400b2610 (diff) | |
| download | linux-b35009a9a7e44fd009717b6e3f29e7043dfb29ca.tar.xz | |
Merge tag 'v3.2' into staging/for_v3.3
* tag 'v3.2': (83 commits)
Linux 3.2
minixfs: misplaced checks lead to dentry leak
ptrace: ensure JOBCTL_STOP_SIGMASK is not zero after detach
ptrace: partially fix the do_wait(WEXITED) vs EXIT_DEAD->EXIT_ZOMBIE race
Revert "rtc: Expire alarms after the time is set."
[CIFS] default ntlmv2 for cifs mount delayed to 3.3
cifs: fix bad buffer length check in coalesce_t2
Revert "rtc: Disable the alarm in the hardware"
hung_task: fix false positive during vfork
security: Fix security_old_inode_init_security() when CONFIG_SECURITY is not set
fix CAN MAINTAINERS SCM tree type
mwifiex: fix crash during simultaneous scan and connect
b43: fix regression in PIO case
ath9k: Fix kernel panic in AR2427 in AP mode
CAN MAINTAINERS update
net: fsl: fec: fix build for mx23-only kernel
sch_qfq: fix overflow in qfq_update_start()
drm/radeon/kms/atom: fix possible segfault in pm setup
gspca: Fix falling back to lower isoc alt settings
futex: Fix uninterruptible loop due to gate_area
...
Diffstat (limited to 'kernel/futex.c')
| -rw-r--r-- | kernel/futex.c | 28 |
1 files changed, 20 insertions, 8 deletions
diff --git a/kernel/futex.c b/kernel/futex.c index ea87f4d..1614be2 100644 --- a/kernel/futex.c +++ b/kernel/futex.c @@ -314,17 +314,29 @@ again: #endif lock_page(page_head); + + /* + * If page_head->mapping is NULL, then it cannot be a PageAnon + * page; but it might be the ZERO_PAGE or in the gate area or + * in a special mapping (all cases which we are happy to fail); + * or it may have been a good file page when get_user_pages_fast + * found it, but truncated or holepunched or subjected to + * invalidate_complete_page2 before we got the page lock (also + * cases which we are happy to fail). And we hold a reference, + * so refcount care in invalidate_complete_page's remove_mapping + * prevents drop_caches from setting mapping to NULL beneath us. + * + * The case we do have to guard against is when memory pressure made + * shmem_writepage move it from filecache to swapcache beneath us: + * an unlikely race, but we do need to retry for page_head->mapping. + */ if (!page_head->mapping) { + int shmem_swizzled = PageSwapCache(page_head); unlock_page(page_head); put_page(page_head); - /* - * ZERO_PAGE pages don't have a mapping. Avoid a busy loop - * trying to find one. RW mapping would have COW'd (and thus - * have a mapping) so this page is RO and won't ever change. - */ - if ((page_head == ZERO_PAGE(address))) - return -EFAULT; - goto again; + if (shmem_swizzled) + goto again; + return -EFAULT; } /* |