aboutsummaryrefslogtreecommitdiffstats
path: root/mm
diff options
context:
space:
mode:
authorTrond Myklebust <Trond.Myklebust@netapp.com>2007-01-11 02:15:39 -0500
committerLinus Torvalds <torvalds@woody.osdl.org>2007-01-11 21:18:21 -0500
commite3db7691e9f3dff3289f64e3d98583e28afe03db (patch)
treee05542d8d8bb545545c5b535381a8c1fcb369a03 /mm
parent07031e14c1127fc7e1a5b98dfcc59f434e025104 (diff)
[PATCH] NFS: Fix race in nfs_release_page()
NFS: Fix race in nfs_release_page() invalidate_inode_pages2() may find the dirty bit has been set on a page owing to the fact that the page may still be mapped after it was locked. Only after the call to unmap_mapping_range() are we sure that the page can no longer be dirtied. In order to fix this, NFS has hooked the releasepage() method and tries to write the page out between the call to unmap_mapping_range() and the call to remove_mapping(). This, however leads to deadlocks in the page reclaim code, where the page may be locked without holding a reference to the inode or dentry. Fix is to add a new address_space_operation, launder_page(), which will attempt to write out a dirty page without releasing the page lock. Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com> Also, the bare SetPageDirty() can skew all sort of accounting leading to other nasties. [akpm@osdl.org: cleanup] Signed-off-by: Peter Zijlstra <a.p.zijlstra@chello.nl> Cc: Trond Myklebust <Trond.Myklebust@netapp.com> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Diffstat (limited to 'mm')
-rw-r--r--mm/truncate.c12
1 files changed, 11 insertions, 1 deletions
diff --git a/mm/truncate.c b/mm/truncate.c
index ecdfdcc50522..6c79ca4a1ca7 100644
--- a/mm/truncate.c
+++ b/mm/truncate.c
@@ -341,6 +341,15 @@ failed:
341 return 0; 341 return 0;
342} 342}
343 343
344static int do_launder_page(struct address_space *mapping, struct page *page)
345{
346 if (!PageDirty(page))
347 return 0;
348 if (page->mapping != mapping || mapping->a_ops->launder_page == NULL)
349 return 0;
350 return mapping->a_ops->launder_page(page);
351}
352
344/** 353/**
345 * invalidate_inode_pages2_range - remove range of pages from an address_space 354 * invalidate_inode_pages2_range - remove range of pages from an address_space
346 * @mapping: the address_space 355 * @mapping: the address_space
@@ -405,7 +414,8 @@ int invalidate_inode_pages2_range(struct address_space *mapping,
405 PAGE_CACHE_SIZE, 0); 414 PAGE_CACHE_SIZE, 0);
406 } 415 }
407 } 416 }
408 if (!invalidate_complete_page2(mapping, page)) 417 ret = do_launder_page(mapping, page);
418 if (ret == 0 && !invalidate_complete_page2(mapping, page))
409 ret = -EIO; 419 ret = -EIO;
410 unlock_page(page); 420 unlock_page(page);
411 } 421 }