commit: 1393d9a1857471f816d0be1ccc1d6433a86050f6 From: Christoph Lameter <[email protected]> Date: Mon, 16 May 2011 15:26:08 -0500 Subject: [PATCH] slub: Make CONFIG_DEBUG_PAGE_ALLOC work with new fastpath
Fastpath can do a speculative access to a page that CONFIG_DEBUG_PAGE_ALLOC may have marked as invalid to retrieve the pointer to the next free object. Use probe_kernel_read in that case in order not to cause a page fault. Cc: <[email protected]> # 38.x Reported-by: Eric Dumazet <[email protected]> Signed-off-by: Christoph Lameter <[email protected]> Signed-off-by: Eric Dumazet <[email protected]> Signed-off-by: Pekka Enberg <[email protected]> --- mm/slub.c | 14 +++++++++++++- 1 files changed, 13 insertions(+), 1 deletions(-) diff --git a/mm/slub.c b/mm/slub.c index 8657ab8..97bb5b8 100644 --- a/mm/slub.c +++ b/mm/slub.c @@ -261,6 +261,18 @@ static inline void *get_freepointer(struct kmem_cache *s, void *object) return *(void **)(object + s->offset); } +static inline void *get_freepointer_safe(struct kmem_cache *s, void *object) +{ + void *p; + +#ifdef CONFIG_DEBUG_PAGEALLOC + probe_kernel_read(&p, (void **)(object + s->offset), sizeof(p)); +#else + p = get_freepointer(s, object); +#endif + return p; +} + static inline void set_freepointer(struct kmem_cache *s, void *object, void *fp) { *(void **)(object + s->offset) = fp; @@ -1933,7 +1945,7 @@ redo: if (unlikely(!this_cpu_cmpxchg_double( s->cpu_slab->freelist, s->cpu_slab->tid, object, tid, - get_freepointer(s, object), next_tid(tid)))) { + get_freepointer_safe(s, object), next_tid(tid)))) { note_cmpxchg_failure("slab_alloc", s, tid); goto redo; _______________________________________________ stable mailing list [email protected] http://linux.kernel.org/mailman/listinfo/stable
