Blaster4385/linux-IllusionX
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
linux-IllusionX/mm
History
Jan Kara cd656375f9 mm: fix data corruption due to stale mmap reads 
Currently, we didn't invalidate page tables during invalidate_inode_pages2()
for DAX.  That could result in e.g. 2MiB zero page being mapped into
page tables while there were already underlying blocks allocated and
thus data seen through mmap were different from data seen by read(2).
The following sequence reproduces the problem:

 - open an mmap over a 2MiB hole

 - read from a 2MiB hole, faulting in a 2MiB zero page

 - write to the hole with write(3p). The write succeeds but we
   incorrectly leave the 2MiB zero page mapping intact.

 - via the mmap, read the data that was just written. Since the zero
   page mapping is still intact we read back zeroes instead of the new
   data.

Fix the problem by unconditionally calling invalidate_inode_pages2_range()
in dax_iomap_actor() for new block allocations and by properly
invalidating page tables in invalidate_inode_pages2_range() for DAX
mappings.

Fixes: c6dcf52c23
Link: http://lkml.kernel.org/r/20170510085419.27601-3-jack@suse.cz
Signed-off-by: Jan Kara <jack@suse.cz>
Signed-off-by: Ross Zwisler <ross.zwisler@linux.intel.com>
Cc: Dan Williams <dan.j.williams@intel.com>
Cc: <stable@vger.kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2017-05-12 15:57:15 -07:00
..
kasan Merge branch 'core-rcu-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2017-05-10 10:30:46 -07:00
backing-dev.c bdi: Drop 'parent' argument from bdi_register[_va]() 2017-04-20 12:09:55 -06:00
balloon_compaction.c
bootmem.c
cleancache.c
cma.c cma: Introduce cma_for_each_area 2017-04-18 20:41:12 +02:00
cma.h cma: Store a name in the cma structure 2017-04-18 20:41:12 +02:00
cma_debug.c cma: Store a name in the cma structure 2017-04-18 20:41:12 +02:00
compaction.c mm, compaction: finish whole pageblock to reduce fragmentation 2017-05-08 17:15:10 -07:00
debug.c
debug_page_ref.c
dmapool.c
early_ioremap.c
fadvise.c
failslab.c
filemap.c Merge branch 'work.iov_iter' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2017-05-09 09:01:21 -07:00
frame_vector.c treewide: use kv[mz]alloc* rather than opencoded variants 2017-05-08 17:15:13 -07:00
frontswap.c
gup.c mm/gup.c: fix access_ok() argument type 2017-05-03 15:52:12 -07:00
highmem.c
huge_memory.c mm/huge_memory.c: deposit a pgtable for DAX PMD faults when required 2017-05-08 17:15:15 -07:00
hugetlb.c
hugetlb_cgroup.c
hwpoison-inject.c mm: hwpoison: call shake_page() unconditionally 2017-05-03 15:52:12 -07:00
init-mm.c
internal.h mm, compaction: finish whole pageblock to reduce fragmentation 2017-05-08 17:15:10 -07:00
interval_tree.c
Kconfig mm: remove AVR32 arch special handling in mm/Kconfig 2017-05-01 09:36:31 +02:00
Kconfig.debug mm: enable page poisoning early at boot 2017-05-03 15:52:10 -07:00
khugepaged.c mm/khugepaged: add missed tracepoint for collapse_huge_page_swapin 2017-05-12 15:57:15 -07:00
kmemcheck.c mm: Rename SLAB_DESTROY_BY_RCU to SLAB_TYPESAFE_BY_RCU 2017-04-18 11:42:36 -07:00
kmemleak-test.c
kmemleak.c
ksm.c mm: make rmap_one boolean function 2017-05-03 15:52:10 -07:00
list_lru.c
maccess.c
madvise.c mm/madvise: move up the behavior parameter validation 2017-05-03 15:52:11 -07:00
Makefile
memblock.c memblock: add memblock_cap_memory_range() 2017-04-05 18:26:50 +01:00
memcontrol.c hwpoison, memcg: forcibly uncharge LRU pages 2017-05-12 15:57:15 -07:00
memory-failure.c hwpoison, memcg: forcibly uncharge LRU pages 2017-05-12 15:57:15 -07:00
memory.c
memory_hotplug.c mm, vmscan: prevent kswapd sleeping prematurely due to mismatched classzone_idx 2017-05-03 15:52:09 -07:00
mempolicy.c mm/mempolicy.c: fix error handling in set_mempolicy and mbind. 2017-04-08 10:57:55 -07:00
mempool.c
memtest.c
migrate.c mm: make rmap_one boolean function 2017-05-03 15:52:10 -07:00
mincore.c
mlock.c mm: make try_to_munlock() return void 2017-05-03 15:52:10 -07:00
mm_init.c
mmap.c mm/mmap: replace SHM_HUGE_MASK with MAP_HUGE_MASK inside mmap_pgoff 2017-05-03 15:52:10 -07:00
mmu_context.c
mmu_notifier.c mm: Use static initialization for "srcu" 2017-04-18 11:38:22 -07:00
mmzone.c
mprotect.c
mremap.c
msync.c
nobootmem.c
nommu.c mm, vmalloc: use __GFP_HIGHMEM implicitly 2017-05-08 17:15:13 -07:00
oom_kill.c oom: improve oom disable handling 2017-05-03 15:52:10 -07:00
page-writeback.c Add GETFSMAP support; some performance improvements for very large 2017-05-08 11:30:05 -07:00
page_alloc.c mm: introduce memalloc_noreclaim_{save,restore} 2017-05-08 17:15:15 -07:00
page_counter.c
page_ext.c mm: enable page poisoning early at boot 2017-05-03 15:52:10 -07:00
page_idle.c mm: make rmap_one boolean function 2017-05-03 15:52:10 -07:00
page_io.c
page_isolation.c mm, page_alloc: count movable pages when stealing from pageblock 2017-05-08 17:15:10 -07:00
page_owner.c
page_poison.c mm: enable page poisoning early at boot 2017-05-03 15:52:10 -07:00
page_vma_mapped.c mm: fix page_vma_mapped_walk() for ksm pages 2017-04-08 00:47:48 -07:00
pagewalk.c
percpu-km.c
percpu-vm.c
percpu.c Merge branch 'sched/core' into locking/core 2017-04-04 11:31:12 +02:00
pgtable-generic.c
process_vm_access.c
quicklist.c
readahead.c
rmap.c Merge branch 'core-rcu-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2017-05-10 10:30:46 -07:00
rodata_test.c mm: remove rodata_test_data export, add pr_fmt 2017-05-03 15:52:09 -07:00
shmem.c
slab.c Merge branch 'core-rcu-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2017-05-10 10:30:46 -07:00
slab.h mm: Rename SLAB_DESTROY_BY_RCU to SLAB_TYPESAFE_BY_RCU 2017-04-18 11:42:36 -07:00
slab_common.c mm: Rename SLAB_DESTROY_BY_RCU to SLAB_TYPESAFE_BY_RCU 2017-04-18 11:42:36 -07:00
slob.c mm: Rename SLAB_DESTROY_BY_RCU to SLAB_TYPESAFE_BY_RCU 2017-04-18 11:42:36 -07:00
slub.c mm: Rename SLAB_DESTROY_BY_RCU to SLAB_TYPESAFE_BY_RCU 2017-04-18 11:42:36 -07:00
sparse-vmemmap.c
sparse.c mm/sparse: refine usemap_size() a little 2017-05-03 15:52:09 -07:00
swap.c mm: move MADV_FREE pages into LRU_INACTIVE_FILE list 2017-05-03 15:52:08 -07:00
swap_cgroup.c mm, swap_cgroup: reschedule when neeed in swap_cgroup_swapoff() 2017-04-08 00:47:49 -07:00
swap_slots.c mm, swap: use kvzalloc to allocate some swap data structures 2017-05-08 17:15:13 -07:00
swap_state.c mm, swap: use kvzalloc to allocate some swap data structures 2017-05-08 17:15:13 -07:00
swapfile.c mm, swap: use kvzalloc to allocate some swap data structures 2017-05-08 17:15:13 -07:00
truncate.c mm: fix data corruption due to stale mmap reads 2017-05-12 15:57:15 -07:00
usercopy.c mm/usercopy: Drop extra is_vmalloc_or_module() check 2017-04-05 12:30:18 -07:00
userfaultfd.c
util.c mm, vmalloc: fix vmalloc users tracking properly 2017-05-12 15:57:15 -07:00
vmacache.c
vmalloc.c mm, vmalloc: fix vmalloc users tracking properly 2017-05-12 15:57:15 -07:00
vmpressure.c
vmscan.c mm: introduce memalloc_noreclaim_{save,restore} 2017-05-08 17:15:15 -07:00
vmstat.c mm, vmstat: Remove spurious WARN() during zoneinfo print 2017-05-12 15:57:15 -07:00
workingset.c mm: memcontrol: use node page state naming scheme for memcg 2017-05-03 15:52:11 -07:00
z3fold.c z3fold: fix page locking in z3fold_alloc() 2017-04-13 18:24:20 -07:00
zbud.c
zpool.c
zsmalloc.c zsmalloc: expand class bit 2017-04-13 18:24:21 -07:00
zswap.c