git.alex.org.uk - linux-flexiantxendom0-natty.git/commit

author	Hugh Dickins <hughd@google.com>
	Sat, 14 May 2011 19:06:42 +0000 (12:06 -0700)
committer	Steve Conklin <sconklin@canonical.com>
	Thu, 2 Jun 2011 19:23:27 +0000 (14:23 -0500)
commit	d9574e86a28741b417d0f6b8210a8e5c8b699738
tree	10d993cd641db86a058001007de6f1f22d1ca6b8	tree \| snapshot
parent	38b7672a649b7598c12a61f9c93cd8c2c1945b3d	commit \| diff

tmpfs: fix race between swapoff and writepage

BugLink: http://bugs.launchpad.net/bugs/788691

commit 05bf86b4ccfd0f197da61c67bd372111d15a6620 upstream.

Shame on me! Commit b1dea800ac39 "tmpfs: fix race between umount and
writepage" fixed the advertized race, but introduced another: as even
its comment makes clear, we cannot safely rely on a peek at list_empty()
while holding no lock - until info->swapped is set, shmem_unuse_inode()
may delete any formerly-swapped inode from the shmem_swaplist, which
in this case would leave a swap area impossible to swapoff.

Although I don't relish taking the mutex every time, I don't care much
for the alternatives either; and at least the peek at list_empty() in
shmem_evict_inode() (a hotter path since most inodes would never have
been swapped) remains safe, because we already truncated the whole file.

Signed-off-by: Hugh Dickins <hughd@google.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
Signed-off-by: Steve Conklin <sconklin@canonical.com>