[PATCH] mremap move ZERO_PAGE fix

[PATCH] mremap move ZERO_PAGE fix

[Hugh Dickins]

Fix nasty little bug we've missed in Nick's mremap move ZERO_PAGE patch.
The "pte" at that point may be a swap entry or a pte_file entry: we must
check pte_present before perhaps corrupting such an entry.

Patch below against 2.6.14-rc2-mm1, but the same bug is in 2.6.14-rc2's
mm/mremap.c, and more dangerous there since it's affecting all arches:
I think the safest course is to send Nick's patch and Yoichi's build fix
and this fix (build tested) on to Linus - so only MIPS can be affected.

Signed-off-by: Hugh Dickins <hugh@veritas.com>

--- 2.6.14-rc2-mm1/include/asm-generic/pgtable.h	2005-09-22 12:32:00.000000000 +0100
+++ linux/include/asm-generic/pgtable.h	2005-09-24 10:51:41.000000000 +0100
@@ -164,7 +164,8 @@ static inline void ptep_set_wrprotect(st
 #define move_pte(pte, prot, old_addr, new_addr)				\
 ({									\
  	pte_t newpte = (pte);						\
-	if (pfn_valid(pte_pfn(pte)) && pte_page(pte) == ZERO_PAGE(old_addr)) \
+	if (pte_present(pte) && pfn_valid(pte_pfn(pte)) &&		\
+			pte_page(pte) == ZERO_PAGE(old_addr))		\
 		newpte = mk_pte(ZERO_PAGE(new_addr), (prot));		\
 	newpte;								\
 })

Re: [PATCH] mremap move ZERO_PAGE fix

[Nick Piggin]

Hugh Dickins wrote:
> Fix nasty little bug we've missed in Nick's mremap move ZERO_PAGE patch.
> The "pte" at that point may be a swap entry or a pte_file entry: we must
> check pte_present before perhaps corrupting such an entry.
> 
> Patch below against 2.6.14-rc2-mm1, but the same bug is in 2.6.14-rc2's
> mm/mremap.c, and more dangerous there since it's affecting all arches:
> I think the safest course is to send Nick's patch and Yoichi's build fix
> and this fix (build tested) on to Linus - so only MIPS can be affected.
> 

Thanks Hugh. I agree with your proposed merge plan.

-- 
SUSE Labs, Novell Inc.

Send instant messages to your online friends http://au.messenger.yahoo.com