[patch 04/60] rd: fix data corruption on memory pressure Future ofLinux 2.6.22.y series

From: Greg KH
Date: Thu Dec 13 2007 - 01:57:09 EST

Next message: Greg KH: "[patch 05/60] sched: some proc entries are missed in sched_domainsys_ctl debug code"
Previous message: Greg KH: "[patch 03/60] NETFILTER: Fix NULL pointer dereference innf_nat_move_storage()"
In reply to: Greg KH: "[patch 03/60] NETFILTER: Fix NULL pointer dereference innf_nat_move_storage()"
Next in thread: Greg KH: "[patch 05/60] sched: some proc entries are missed in sched_domainsys_ctl debug code"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

2.6.23-stable review patch. If anyone has any objections, please let us
know.

------------------
From: Christian Borntraeger <borntraeger@xxxxxxxxxx>

commit 5d0360ee96a5ef953dbea45873c2a8c87e77d59b upstream.

We have seen ramdisk based install systems, where some pages of mapped
libraries and programs were suddendly zeroed under memory pressure. This
should not happen, as the ramdisk avoids freeing its pages by keeping
them dirty all the time.

It turns out that there is a case, where the VM makes a ramdisk page
clean, without telling the ramdisk driver. On memory pressure
shrink_zone runs and it starts to run shrink_active_list. There is a
check for buffer_heads_over_limit, and if true, pagevec_strip is called.
pagevec_strip calls try_to_release_page. If the mapping has no
releasepage callback, try_to_free_buffers is called. try_to_free_buffers
has now a special logic for some file systems to make a dirty page
clean, if all buffers are clean. Thats what happened in our test case.

The simplest solution is to provide a noop-releasepage callback for the
ramdisk driver. This avoids try_to_free_buffers for ramdisk pages.

Signed-off-by: Christian Borntraeger <borntraeger@xxxxxxxxxx>
Signed-off-by: Jan Kara <jack@xxxxxxx>
Acked-by: Nick Piggin <npiggin@xxxxxxx>
Cc: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
Signed-off-by: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx>
Signed-off-by: Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxx>

---
drivers/block/rd.c | 13 +++++++++++++
1 file changed, 13 insertions(+)

--- a/drivers/block/rd.c
+++ b/drivers/block/rd.c
@@ -189,6 +189,18 @@ static int ramdisk_set_page_dirty(struct
return 0;
}

+/*
+ * releasepage is called by pagevec_strip/try_to_release_page if
+ * buffers_heads_over_limit is true. Without a releasepage function
+ * try_to_free_buffers is called instead. That can unset the dirty
+ * bit of our ram disk pages, which will be eventually freed, even
+ * if the page is still in use.
+ */
+static int ramdisk_releasepage(struct page *page, gfp_t dummy)
+{
+ return 0;
+}
+
static const struct address_space_operations ramdisk_aops = {
.readpage = ramdisk_readpage,
.prepare_write = ramdisk_prepare_write,
@@ -196,6 +208,7 @@ static const struct address_space_operat
.writepage = ramdisk_writepage,
.set_page_dirty = ramdisk_set_page_dirty,
.writepages = ramdisk_writepages,
+ .releasepage = ramdisk_releasepage,
};

static int rd_blkdev_pagecache_IO(int rw, struct bio_vec *vec, sector_t sector,

--
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Greg KH: "[patch 05/60] sched: some proc entries are missed in sched_domainsys_ctl debug code"
Previous message: Greg KH: "[patch 03/60] NETFILTER: Fix NULL pointer dereference innf_nat_move_storage()"
In reply to: Greg KH: "[patch 03/60] NETFILTER: Fix NULL pointer dereference innf_nat_move_storage()"
Next in thread: Greg KH: "[patch 05/60] sched: some proc entries are missed in sched_domainsys_ctl debug code"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]