drop queue-4.19/mm-page_io.c-do-not-free-shared-swap-slots.patch

diff --git a/queue-4.19/mm-page_io.c-do-not-free-shared-swap-slots.patch b/queue-4.19/mm-page_io.c-do-not-free-shared-swap-slots.patch
deleted file mode 100644 (file)
index 08a6f75..0000000
--- a/queue-4.19/mm-page_io.c-do-not-free-shared-swap-slots.patch
+++ /dev/null
@@ -1,75 +0,0 @@
-From 5df373e95689b9519b8557da7c5bd0db0856d776 Mon Sep 17 00:00:00 2001
-From: Vinayak Menon <vinmenon@codeaurora.org>
-Date: Fri, 15 Nov 2019 17:35:00 -0800
-Subject: mm/page_io.c: do not free shared swap slots
-
-From: Vinayak Menon <vinmenon@codeaurora.org>
-
-commit 5df373e95689b9519b8557da7c5bd0db0856d776 upstream.
-
-The following race is observed due to which a processes faulting on a
-swap entry, finds the page neither in swapcache nor swap.  This causes
-zram to give a zero filled page that gets mapped to the process,
-resulting in a user space crash later.
-
-Consider parent and child processes Pa and Pb sharing the same swap slot
-with swap_count 2.  Swap is on zram with SWP_SYNCHRONOUS_IO set.
-Virtual address 'VA' of Pa and Pb points to the shared swap entry.
-
-Pa                                       Pb
-
-fault on VA                              fault on VA
-do_swap_page                             do_swap_page
-lookup_swap_cache fails                  lookup_swap_cache fails
-                                         Pb scheduled out
-swapin_readahead (deletes zram entry)
-swap_free (makes swap_count 1)
-                                         Pb scheduled in
-                                         swap_readpage (swap_count == 1)
-                                         Takes SWP_SYNCHRONOUS_IO path
-                                         zram enrty absent
-                                         zram gives a zero filled page
-
-Fix this by making sure that swap slot is freed only when swap count
-drops down to one.
-
-Link: http://lkml.kernel.org/r/1571743294-14285-1-git-send-email-vinmenon@codeaurora.org
-Fixes: aa8d22a11da9 ("mm: swap: SWP_SYNCHRONOUS_IO: skip swapcache only if swapped page has no other reference")
-Signed-off-by: Vinayak Menon <vinmenon@codeaurora.org>
-Suggested-by: Minchan Kim <minchan@google.com>
-Acked-by: Minchan Kim <minchan@kernel.org>
-Cc: Michal Hocko <mhocko@suse.com>
-Cc: Hugh Dickins <hughd@google.com>
-Cc: <stable@vger.kernel.org>
-Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
-Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
-Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
-
----
- mm/page_io.c |    6 +++---
- 1 file changed, 3 insertions(+), 3 deletions(-)
-
---- a/mm/page_io.c
-+++ b/mm/page_io.c
-@@ -76,6 +76,7 @@ static void swap_slot_free_notify(struct
- {
-       struct swap_info_struct *sis;
-       struct gendisk *disk;
-+      swp_entry_t entry;
- 
-       /*
-        * There is no guarantee that the page is in swap cache - the software
-@@ -107,11 +108,10 @@ static void swap_slot_free_notify(struct
-        * we again wish to reclaim it.
-        */
-       disk = sis->bdev->bd_disk;
--      if (disk->fops->swap_slot_free_notify) {
--              swp_entry_t entry;
-+      entry.val = page_private(page);
-+      if (disk->fops->swap_slot_free_notify && __swap_count(entry) == 1) {
-               unsigned long offset;
- 
--              entry.val = page_private(page);
-               offset = swp_offset(entry);
- 
-               SetPageDirty(page);

diff --git a/queue-4.19/series b/queue-4.19/series
index 3ab1699fd5a6ee585e7257b3e3ff07e9f3a956b4..08d3ed66894791daa7296b7ea25ce692f3bfcb5a 100644 (file)
--- a/queue-4.19/series
+++ b/queue-4.19/series
@@ -29,5 +29,4 @@ iommu-vt-d-fix-qi_dev_iotlb_pfsid-and-qi_dev_eiotlb_pfsid-macros.patch
 mm-mempolicy-fix-the-wrong-return-value-and-potential-pages-leak-of-mbind.patch
 mm-memcg-switch-to-css_tryget-in-get_mem_cgroup_from_mm.patch
 mm-hugetlb-switch-to-css_tryget-in-hugetlb_cgroup_charge_cgroup.patch
-mm-page_io.c-do-not-free-shared-swap-slots.patch
 mmc-sdhci-of-at91-fix-quirk2-overwrite.patch