• Mel Gorman's avatar
    mm: migrate: Close race between migration completion and mprotect · d3cb8bf6
    Mel Gorman authored
    A migration entry is marked as write if pte_write was true at the time the
    entry was created. The VMA protections are not double checked when migration
    entries are being removed as mprotect marks write-migration-entries as
    read. It means that potentially we take a spurious fault to mark PTEs write
    again but it's straight-forward. However, there is a race between write
    migrations being marked read and migrations finishing. This potentially
    allows a PTE to be write that should have been read. Close this race by
    double checking the VMA permissions using maybe_mkwrite when migration
    completes.
    
    [torvalds@linux-foundation.org: use maybe_mkwrite]
    Cc: stable@vger.kernel.org
    Signed-off-by: default avatarMel Gorman <mgorman@suse.de>
    Acked-by: default avatarRik van Riel <riel@redhat.com>
    Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
    d3cb8bf6
migrate.c 49.2 KB