[PATCH 0/2] page munlock issues when breaking up COW

From: Michel Lespinasse
Date: Mon Feb 07 2011 - 19:48:06 EST

Next message: Michel Lespinasse: "[PATCH 1/2] mlock: fix race when munlocking pages in do_wp_page()"
Previous message: James Morris: "Re: [SECURITY] /proc/$pid/ leaks contents across setuid exec"
Next in thread: Michel Lespinasse: "[PATCH 1/2] mlock: fix race when munlocking pages in do_wp_page()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

It looks like there is a race in the do_wp_page() code that munlocks the
old page after breaking up COW. The pte still points to that old page,
so I don't see that we are protected against vmscan mlocking back the
page right away. This can be easily worked around by moving that code to
the end of do_wp_page(), after the pte has been pointed to the new page.

Also, the corresponding code in __do_fault() seems entirely unnecessary,
since there was never a pte pointing to the old page in our vma.

Michel Lespinasse (2):
mlock: fix race when munlocking pages in do_wp_page()
mlock: do not munlock pages in __do_fault()

mm/memory.c | 32 ++++++++++++--------------------
1 files changed, 12 insertions(+), 20 deletions(-)

--
1.7.3.1
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Michel Lespinasse: "[PATCH 1/2] mlock: fix race when munlocking pages in do_wp_page()"
Previous message: James Morris: "Re: [SECURITY] /proc/$pid/ leaks contents across setuid exec"
Next in thread: Michel Lespinasse: "[PATCH 1/2] mlock: fix race when munlocking pages in do_wp_page()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]