From 6c00f56b2591522e374adcdfa1b3ac3b2fb5a9f0 Mon Sep 17 00:00:00 2001
From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Date: Thu, 20 Jun 2019 18:24:54 +0200
Subject: [PATCH] drop 4.9 coredump patch that didn't work

---
 ...-collapse_huge_page-and-core-dumping.patch | 83 -------------------
 queue-4.9/series                              |  1 -
 2 files changed, 84 deletions(-)
 delete mode 100644 queue-4.9/coredump-fix-race-condition-between-collapse_huge_page-and-core-dumping.patch

diff --git a/queue-4.9/coredump-fix-race-condition-between-collapse_huge_page-and-core-dumping.patch b/queue-4.9/coredump-fix-race-condition-between-collapse_huge_page-and-core-dumping.patch
deleted file mode 100644
index 7e82b1e1cf0..00000000000
--- a/queue-4.9/coredump-fix-race-condition-between-collapse_huge_page-and-core-dumping.patch
+++ /dev/null
@@ -1,83 +0,0 @@
-From 59ea6d06cfa9247b586a695c21f94afa7183af74 Mon Sep 17 00:00:00 2001
-From: Andrea Arcangeli <aarcange@redhat.com>
-Date: Thu, 13 Jun 2019 15:56:11 -0700
-Subject: coredump: fix race condition between collapse_huge_page() and core dumping
-
-From: Andrea Arcangeli <aarcange@redhat.com>
-
-commit 59ea6d06cfa9247b586a695c21f94afa7183af74 upstream.
-
-When fixing the race conditions between the coredump and the mmap_sem
-holders outside the context of the process, we focused on
-mmget_not_zero()/get_task_mm() callers in 04f5866e41fb70 ("coredump: fix
-race condition between mmget_not_zero()/get_task_mm() and core
-dumping"), but those aren't the only cases where the mmap_sem can be
-taken outside of the context of the process as Michal Hocko noticed
-while backporting that commit to older -stable kernels.
-
-If mmgrab() is called in the context of the process, but then the
-mm_count reference is transferred outside the context of the process,
-that can also be a problem if the mmap_sem has to be taken for writing
-through that mm_count reference.
-
-khugepaged registration calls mmgrab() in the context of the process,
-but the mmap_sem for writing is taken later in the context of the
-khugepaged kernel thread.
-
-collapse_huge_page() after taking the mmap_sem for writing doesn't
-modify any vma, so it's not obvious that it could cause a problem to the
-coredump, but it happens to modify the pmd in a way that breaks an
-invariant that pmd_trans_huge_lock() relies upon.  collapse_huge_page()
-needs the mmap_sem for writing just to block concurrent page faults that
-call pmd_trans_huge_lock().
-
-Specifically the invariant that "!pmd_trans_huge()" cannot become a
-"pmd_trans_huge()" doesn't hold while collapse_huge_page() runs.
-
-The coredump will call __get_user_pages() without mmap_sem for reading,
-which eventually can invoke a lockless page fault which will need a
-functional pmd_trans_huge_lock().
-
-So collapse_huge_page() needs to use mmget_still_valid() to check it's
-not running concurrently with the coredump...  as long as the coredump
-can invoke page faults without holding the mmap_sem for reading.
-
-This has "Fixes: khugepaged" to facilitate backporting, but in my view
-it's more a bug in the coredump code that will eventually have to be
-rewritten to stop invoking page faults without the mmap_sem for reading.
-So the long term plan is still to drop all mmget_still_valid().
-
-Link: http://lkml.kernel.org/r/20190607161558.32104-1-aarcange@redhat.com
-Fixes: ba76149f47d8 ("thp: khugepaged")
-Signed-off-by: Andrea Arcangeli <aarcange@redhat.com>
-Reported-by: Michal Hocko <mhocko@suse.com>
-Acked-by: Michal Hocko <mhocko@suse.com>
-Acked-by: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
-Cc: Oleg Nesterov <oleg@redhat.com>
-Cc: Jann Horn <jannh@google.com>
-Cc: Hugh Dickins <hughd@google.com>
-Cc: Mike Rapoport <rppt@linux.vnet.ibm.com>
-Cc: Mike Kravetz <mike.kravetz@oracle.com>
-Cc: Peter Xu <peterx@redhat.com>
-Cc: Jason Gunthorpe <jgg@mellanox.com>
-Cc: <stable@vger.kernel.org>
-Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
-Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
-Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
-
----
- mm/khugepaged.c |    3 +++
- 1 file changed, 3 insertions(+)
-
---- a/mm/khugepaged.c
-+++ b/mm/khugepaged.c
-@@ -1004,6 +1004,9 @@ static void collapse_huge_page(struct mm
- 	 * handled by the anon_vma lock + PG_lock.
- 	 */
- 	down_write(&mm->mmap_sem);
-+	result = SCAN_ANY_PROCESS;
-+	if (!mmget_still_valid(mm))
-+		goto out;
- 	result = hugepage_vma_revalidate(mm, address, &vma);
- 	if (result)
- 		goto out;
diff --git a/queue-4.9/series b/queue-4.9/series
index a5268b59bd0..df40140be8d 100644
--- a/queue-4.9/series
+++ b/queue-4.9/series
@@ -114,4 +114,3 @@ scsi-libcxgbi-add-a-check-for-null-pointer-in-cxgbi_.patch
 scsi-smartpqi-properly-set-both-the-dma-mask-and-the.patch
 scsi-libsas-delete-sas-port-if-expander-discover-fai.patch
 mlxsw-spectrum-prevent-force-of-56g.patch
-coredump-fix-race-condition-between-collapse_huge_page-and-core-dumping.patch
-- 
2.47.3