diff options
| author | Simon Guo <[email protected]> | 2016-10-07 16:59:40 -0700 |
|---|---|---|
| committer | Linus Torvalds <[email protected]> | 2016-10-07 18:46:28 -0700 |
| commit | b155b4fde5bdde9fed439cd1f5ea07173df2ed31 (patch) | |
| tree | 168d57e3b8433db296e92e11427369b1503f5635 | |
| parent | 0cf2f6f6dc605e587d2c1120f295934c77e810e8 (diff) | |
mm: mlock: avoid increase mm->locked_vm on mlock() when already mlock2(,MLOCK_ONFAULT)
When one vma was with flag VM_LOCKED|VM_LOCKONFAULT (by invoking
mlock2(,MLOCK_ONFAULT)), it can again be populated with mlock() with
VM_LOCKED flag only.
There is a hole in mlock_fixup() which increase mm->locked_vm twice even
the two operations are on the same vma and both with VM_LOCKED flags.
The issue can be reproduced by following code:
mlock2(p, 1024 * 64, MLOCK_ONFAULT); //VM_LOCKED|VM_LOCKONFAULT
mlock(p, 1024 * 64); //VM_LOCKED
Then check the increase VmLck field in /proc/pid/status(to 128k).
When vma is set with different vm_flags, and the new vm_flags is with
VM_LOCKED, it is not necessarily be a "new locked" vma. This patch
corrects this bug by prevent mm->locked_vm from increment when old
vm_flags is already VM_LOCKED.
Link: http://lkml.kernel.org/r/[email protected]
Signed-off-by: Simon Guo <[email protected]>
Acked-by: Kirill A. Shutemov <[email protected]>
Cc: Alexey Klimov <[email protected]>
Cc: Eric B Munson <[email protected]>
Cc: Geert Uytterhoeven <[email protected]>
Cc: Mel Gorman <[email protected]>
Cc: Michal Hocko <[email protected]>
Cc: Shuah Khan <[email protected]>
Cc: Simon Guo <[email protected]>
Cc: Thierry Reding <[email protected]>
Cc: Vlastimil Babka <[email protected]>
Cc: David Rientjes <[email protected]>
Signed-off-by: Andrew Morton <[email protected]>
Signed-off-by: Linus Torvalds <[email protected]>
| -rw-r--r-- | mm/mlock.c | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/mm/mlock.c b/mm/mlock.c index b1fec89bd1c5..145a4258ddbc 100644 --- a/mm/mlock.c +++ b/mm/mlock.c @@ -516,6 +516,7 @@ static int mlock_fixup(struct vm_area_struct *vma, struct vm_area_struct **prev, int nr_pages; int ret = 0; int lock = !!(newflags & VM_LOCKED); + vm_flags_t old_flags = vma->vm_flags; if (newflags == vma->vm_flags || (vma->vm_flags & VM_SPECIAL) || is_vm_hugetlb_page(vma) || vma == get_gate_vma(current->mm)) @@ -550,6 +551,8 @@ success: nr_pages = (end - start) >> PAGE_SHIFT; if (!lock) nr_pages = -nr_pages; + else if (old_flags & VM_LOCKED) + nr_pages = 0; mm->locked_vm += nr_pages; /* |