I was about to answer this by pointing out that, although the pte may
change and the old_page be reused for some other purpose while we drop
the lock, the old_page won't actually "disappear". It will remain
physically present, just containing irrelevant data: there won't be
any danger from copying the wrong data, we just notice further down
that the pte changed and discard this copy and fault again (or not).
But in writing, I realize (perhaps it's your very point, understated)
that it's conceivable (though *very* unlikely) that the old_page is
reused for some other purpose while we do the copy, then freed from
that use and reused for its original purpose by the time we regain the
lock: so that the pte_same() test succeeds yet the copied data is wrong.
Either do_wp_page() needs page_cache_get(old_page) before dropping
page_table_lock, page_cache_release(old_page) after reacquiring it;
or the kmap()s done while the lock is dropped, but copy_user_page()
and kunmap()s left until the lock has been reacquired. Ingo?
Hugh
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/