[S390] pgtable_list corruption

After page_table_free_rcu removed a page from the pgtable_list page_table_free better not add it again. Otherwise a page_table_alloc can reuse a page table fragment that is still in the rcu process. Signed-off-by: N Martin Schwidefsky <schwidefsky@de.ibm.com>

[S390] pgtable_list corruption
After page_table_free_rcu removed a page from the pgtable_list page_table_free better not add it again. Otherwise a page_table_alloc can reuse a page table fragment that is still in the rcu process. Signed-off-by: N Martin Schwidefsky <schwidefsky@de.ibm.com>
f1be77bb · Martin Schwidefsky · Martin Schwidefsky · f602f6d6 · f1be77bb
隐藏空白更改
内联并排

Showing with 2 addition and 1 deletion

arch/s390/mm/pgtable.c arch/s390/mm/pgtable.c +2 -1

未找到文件。
--- a/arch/s390/mm/pgtable.c
+++ b/arch/s390/mm/pgtable.c
@@ -336,7 +336,8 @@ void page_table_free(struct mm_struct *mm, unsigned long *table)
 	page->flags ^= bits;
 	if (page->flags & FRAG_MASK) {
 		/* Page now has some free pgtable fragments. */
-		list_move(&page->lru, &mm->context.pgtable_list);
+		if (!list_empty(&page->lru))
+			list_move(&page->lru, &mm->context.pgtable_list);
 		page = NULL;
 	} else
 		/* All fragments of the 4K page have been freed. */