From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Date: Tue, 29 Jul 2014 18:13:30 +0000 (-0700)
Subject: 3.15-stable patches
X-Git-Tag: v3.15.8~6
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=26dcb402181eed00929bb92aa1c57f7d98434900;p=thirdparty%2Fkernel%2Fstable-queue.git

3.15-stable patches

added patches:
	mm-do-not-call-do_fault_around-for-non-linear-fault.patch
---

diff --git a/queue-3.15/mm-do-not-call-do_fault_around-for-non-linear-fault.patch b/queue-3.15/mm-do-not-call-do_fault_around-for-non-linear-fault.patch
new file mode 100644
index 00000000000..43348681b82
--- /dev/null
+++ b/queue-3.15/mm-do-not-call-do_fault_around-for-non-linear-fault.patch
@@ -0,0 +1,52 @@
+From c118678bc79e8241f9d3434d9324c6400d72f48a Mon Sep 17 00:00:00 2001
+From: Konstantin Khlebnikov <koct9i@gmail.com>
+Date: Wed, 23 Jul 2014 14:00:08 -0700
+Subject: mm: do not call do_fault_around for non-linear fault
+
+From: Konstantin Khlebnikov <koct9i@gmail.com>
+
+commit c118678bc79e8241f9d3434d9324c6400d72f48a upstream.
+
+Ingo Korb reported that "repeated mapping of the same file on tmpfs
+using remap_file_pages sometimes triggers a BUG at mm/filemap.c:202 when
+the process exits".
+
+He bisected the bug to d7c1755179b8 ("mm: implement ->map_pages for
+shmem/tmpfs"), although the bug was actually added by commit
+8c6e50b0290c ("mm: introduce vm_ops->map_pages()").
+
+The problem is caused by calling do_fault_around for a _non-linear_
+fault.  In this case pgoff is shifted and might become negative during
+calculation.
+
+Faulting around non-linear page-fault makes no sense and breaks the
+logic in do_fault_around because pgoff is shifted.
+
+Signed-off-by: Konstantin Khlebnikov <koct9i@gmail.com>
+Reported-by: Ingo Korb <ingo.korb@tu-dortmund.de>
+Tested-by: Ingo Korb <ingo.korb@tu-dortmund.de>
+Cc: Hugh Dickins <hughd@google.com>
+Cc: Sasha Levin <sasha.levin@oracle.com>
+Cc: Dave Jones <davej@redhat.com>
+Cc: Ning Qu <quning@google.com>
+Cc: "Kirill A. Shutemov" <kirill.shutemov@linux.intel.com>
+Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
+Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+
+---
+ mm/memory.c |    2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/mm/memory.c
++++ b/mm/memory.c
+@@ -3515,7 +3515,7 @@ static int do_read_fault(struct mm_struc
+ 	 * if page by the offset is not ready to be mapped (cold cache or
+ 	 * something).
+ 	 */
+-	if (vma->vm_ops->map_pages) {
++	if (vma->vm_ops->map_pages && !(flags & FAULT_FLAG_NONLINEAR)) {
+ 		pte = pte_offset_map_lock(mm, pmd, address, &ptl);
+ 		do_fault_around(vma, address, pte, pgoff, flags);
+ 		if (!pte_same(*pte, orig_pte))
diff --git a/queue-3.15/series b/queue-3.15/series
index e3e52179294..4a6b8c73a89 100644
--- a/queue-3.15/series
+++ b/queue-3.15/series
@@ -32,3 +32,4 @@ drm-radeon-fix-cut-and-paste-issue-for-hawaii.patch
 mm-hugetlb-fix-copy_hugetlb_page_range.patch
 fix-gcc-4.9.0-miscompilation-of-load_balance-in-scheduler.patch
 hwrng-virtio-ensure-reads-happen-after-successful-probe.patch
+mm-do-not-call-do_fault_around-for-non-linear-fault.patch