Re: flush_tlb_page in unuse_pte

Bill Hawes (whawes@star.net)
Wed, 27 Aug 1997 09:33:24 -0400

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Darren Reed: "Re: Timings for optimised poll(2) (fwd)"
Previous message: Bill Hawes: "Re: flush_tlb_page in unuse_pte"
Maybe in reply to: Bill Hawes: "flush_tlb_page in unuse_pte"
Next in thread: David S. Miller: "Re: flush_tlb_page in unuse_pte"

David S. Miller wrote:
>
> Really, the whole swapping mechanism is full of sick races.
>
> They all eminate from the fact that the swapping out of vma's within
> an mm occur with no locking, and thus no guarentees of safety, of that
> address space.
>
> The real fix is the make swapping grab the mmap semaphore, or at least
> do _something_ which prevents:
>
> kswapd process
>
> choose vma
> pick page to swap out
> rw_swap_page()
> sleep
> munmap(vma);
>
> flush_tlb_page(vma, page);
> OOPS vma no longer exists!

I had been wondering about what keeps swapping safe from such problems,
because it sure looked like a race.

Anyway, I'm working on a mmget/mmput pair to make it safe to grab
another task's mm semaphore, and will see if that can help make swapping
safer.

There may be some problems with kswapd holding the mmap semaphore
though, because of its low process priority. We may end up needing some
finer granularity locks to make swapping safe without holding up other
mmap operations.

Regards,
Bill

Next message: Darren Reed: "Re: Timings for optimised poll(2) (fwd)"
Previous message: Bill Hawes: "Re: flush_tlb_page in unuse_pte"
Maybe in reply to: Bill Hawes: "flush_tlb_page in unuse_pte"
Next in thread: David S. Miller: "Re: flush_tlb_page in unuse_pte"