1 files changed, 30 insertions, 7 deletions
diff --git a/mm/mprotect.c b/mm/mprotect.c
index 4c14d4289b61..638edabaff71 100644
--- a/mm/mprotect.c
+++ b/mm/mprotect.c
@@ -19,7 +19,8 @@
 #include <linux/mempolicy.h>
 #include <linux/personality.h>
 #include <linux/syscalls.h>
+#include <linux/swap.h>
+#include <linux/swapops.h>
 #include <asm/uaccess.h>
 #include <asm/pgtable.h>
 #include <asm/cacheflush.h>
@@ -28,12 +29,13 @@
 static void change_pte_range(struct mm_struct *mm, pmd_t *pmd,
                unsigned long addr, unsigned long end, pgprot_t newprot)
 {
-        pte_t *pte;
+        pte_t *pte, oldpte;
        spinlock_t *ptl;
        pte = pte_offset_map_lock(mm, pmd, addr, &ptl);
        do {
-                if (pte_present(*pte)) {
+                oldpte = *pte;
+                if (pte_present(oldpte)) {
                        pte_t ptent;
                        /* Avoid an SMP race with hardware updated dirty/clean
@@ -43,7 +45,22 @@ static void change_pte_range(struct mm_struct *mm, pmd_t *pmd,
                        ptent = pte_modify(ptep_get_and_clear(mm, addr, pte), newprot);
                        set_pte_at(mm, addr, pte, ptent);
                        lazy_mmu_prot_update(ptent);
+#ifdef CONFIG_MIGRATION
+                } else if (!pte_file(oldpte)) {
+                        swp_entry_t entry = pte_to_swp_entry(oldpte);
+                        if (is_write_migration_entry(entry)) {
+                                /*
+                                 * A protection check is difficult so
+                                 * just be safe and disable write
+                                 */
+                                make_migration_entry_read(&entry);
+                                set_pte_at(mm, addr, pte,
+                                        swp_entry_to_pte(entry));
+                        }
+#endif
                }
        } while (pte++, addr += PAGE_SIZE, addr != end);
        pte_unmap_unlock(pte - 1, ptl);
 }
@@ -106,6 +123,7 @@ mprotect_fixup(struct vm_area_struct *vma, struct vm_area_struct **pprev,
        unsigned long oldflags = vma->vm_flags;
        long nrpages = (end - start) >> PAGE_SHIFT;
        unsigned long charged = 0;
+        unsigned int mask;
        pgprot_t newprot;
        pgoff_t pgoff;
        int error;
@@ -132,8 +150,6 @@ mprotect_fixup(struct vm_area_struct *vma, struct vm_area_struct **pprev,
                }
        }
-        newprot = protection_map[newflags & 0xf];
        /*
         * First try to merge with previous and/or next vma.
         */
@@ -160,6 +176,14 @@ mprotect_fixup(struct vm_area_struct *vma, struct vm_area_struct **pprev,
        }
 success:
+        /* Don't make the VMA automatically writable if it's shared, but the
+         * backer wishes to know when pages are first written to */
+        mask = VM_READ|VM_WRITE|VM_EXEC|VM_SHARED;
+        if (vma->vm_ops && vma->vm_ops->page_mkwrite)
+                mask &= ~VM_SHARED;
+        newprot = protection_map[newflags & mask];
        /*
         * vm_flags and vm_page_prot are protected by the mmap_sem
         * held in write mode.
@@ -205,8 +229,7 @@ sys_mprotect(unsigned long start, size_t len, unsigned long prot)
        /*
         * Does the application expect PROT_READ to imply PROT_EXEC:
         */
-        if (unlikely((prot & PROT_READ) &&
+        if ((prot & PROT_READ) && (current->personality & READ_IMPLIES_EXEC))
-                        (current->personality & READ_IMPLIES_EXEC)))
                prot |= PROT_EXEC;
        vm_flags = calc_vm_prot_bits(prot);

diff --git a/mm/mprotect.c b/mm/mprotect.c index 4c14d4289b61..638edabaff71 100644 --- a/mm/mprotect.c +++ b/mm/mprotect.c
@@ -19,7 +19,8 @@
19	#include <linux/mempolicy.h>	19	#include <linux/mempolicy.h>
20	#include <linux/personality.h>	20	#include <linux/personality.h>
21	#include <linux/syscalls.h>	21	#include <linux/syscalls.h>
22		22	#include <linux/swap.h>
		23	#include <linux/swapops.h>
23	#include <asm/uaccess.h>	24	#include <asm/uaccess.h>
24	#include <asm/pgtable.h>	25	#include <asm/pgtable.h>
25	#include <asm/cacheflush.h>	26	#include <asm/cacheflush.h>
@@ -28,12 +29,13 @@
28	static void change_pte_range(struct mm_struct mm, pmd_t pmd,	29	static void change_pte_range(struct mm_struct mm, pmd_t pmd,
29	unsigned long addr, unsigned long end, pgprot_t newprot)	30	unsigned long addr, unsigned long end, pgprot_t newprot)
30	{	31	{
31	pte_t *pte;	32	pte_t *pte, oldpte;
32	spinlock_t *ptl;	33	spinlock_t *ptl;
33		34
34	pte = pte_offset_map_lock(mm, pmd, addr, &ptl);	35	pte = pte_offset_map_lock(mm, pmd, addr, &ptl);
35	do {	36	do {
36	if (pte_present(*pte)) {	37	oldpte = *pte;
		38	if (pte_present(oldpte)) {
37	pte_t ptent;	39	pte_t ptent;
38		40
39	/* Avoid an SMP race with hardware updated dirty/clean	41	/* Avoid an SMP race with hardware updated dirty/clean
@@ -43,7 +45,22 @@ static void change_pte_range(struct mm_struct mm, pmd_t pmd,
43	ptent = pte_modify(ptep_get_and_clear(mm, addr, pte), newprot);	45	ptent = pte_modify(ptep_get_and_clear(mm, addr, pte), newprot);
44	set_pte_at(mm, addr, pte, ptent);	46	set_pte_at(mm, addr, pte, ptent);
45	lazy_mmu_prot_update(ptent);	47	lazy_mmu_prot_update(ptent);
		48	#ifdef CONFIG_MIGRATION
		49	} else if (!pte_file(oldpte)) {
		50	swp_entry_t entry = pte_to_swp_entry(oldpte);
		51
		52	if (is_write_migration_entry(entry)) {
		53	/*
		54	* A protection check is difficult so
		55	* just be safe and disable write
		56	*/
		57	make_migration_entry_read(&entry);
		58	set_pte_at(mm, addr, pte,
		59	swp_entry_to_pte(entry));
		60	}
		61	#endif
46	}	62	}
		63
47	} while (pte++, addr += PAGE_SIZE, addr != end);	64	} while (pte++, addr += PAGE_SIZE, addr != end);
48	pte_unmap_unlock(pte - 1, ptl);	65	pte_unmap_unlock(pte - 1, ptl);
49	}	66	}
@@ -106,6 +123,7 @@ mprotect_fixup(struct vm_area_struct vma, struct vm_area_struct *pprev,
106	unsigned long oldflags = vma->vm_flags;	123	unsigned long oldflags = vma->vm_flags;
107	long nrpages = (end - start) >> PAGE_SHIFT;	124	long nrpages = (end - start) >> PAGE_SHIFT;
108	unsigned long charged = 0;	125	unsigned long charged = 0;
		126	unsigned int mask;
109	pgprot_t newprot;	127	pgprot_t newprot;
110	pgoff_t pgoff;	128	pgoff_t pgoff;
111	int error;	129	int error;
@@ -132,8 +150,6 @@ mprotect_fixup(struct vm_area_struct vma, struct vm_area_struct *pprev,
132	}	150	}
133	}	151	}
134		152
135	newprot = protection_map[newflags & 0xf];
136
137	/*	153	/*
138	* First try to merge with previous and/or next vma.	154	* First try to merge with previous and/or next vma.
139	*/	155	*/
@@ -160,6 +176,14 @@ mprotect_fixup(struct vm_area_struct vma, struct vm_area_struct *pprev,
160	}	176	}
161		177
162	success:	178	success:
		179	/* Don't make the VMA automatically writable if it's shared, but the
		180	* backer wishes to know when pages are first written to */
		181	mask = VM_READ\|VM_WRITE\|VM_EXEC\|VM_SHARED;
		182	if (vma->vm_ops && vma->vm_ops->page_mkwrite)
		183	mask &= ~VM_SHARED;
		184
		185	newprot = protection_map[newflags & mask];
		186
163	/*	187	/*
164	* vm_flags and vm_page_prot are protected by the mmap_sem	188	* vm_flags and vm_page_prot are protected by the mmap_sem
165	* held in write mode.	189	* held in write mode.
@@ -205,8 +229,7 @@ sys_mprotect(unsigned long start, size_t len, unsigned long prot)
205	/*	229	/*
206	* Does the application expect PROT_READ to imply PROT_EXEC:	230	* Does the application expect PROT_READ to imply PROT_EXEC:
207	*/	231	*/
208	if (unlikely((prot & PROT_READ) &&	232	if ((prot & PROT_READ) && (current->personality & READ_IMPLIES_EXEC))
209	(current->personality & READ_IMPLIES_EXEC)))
210	prot \|= PROT_EXEC;	233	prot \|= PROT_EXEC;
211		234
212	vm_flags = calc_vm_prot_bits(prot);	235	vm_flags = calc_vm_prot_bits(prot);