summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJoe Jin <joe.jin@oracle.com>2007-07-16 08:38:12 +0200
committerLinus Torvalds <torvalds@woody.linux-foundation.org>2007-07-16 18:05:35 +0200
commitf96efd585b8d847181f81bf16721f96ded18d9fe (patch)
tree10821321b4f501e3126606ef2b54eb356ec8ef77
parentvmscan: fix comments related to shrink_list() (diff)
downloadlinux-f96efd585b8d847181f81bf16721f96ded18d9fe.tar.xz
linux-f96efd585b8d847181f81bf16721f96ded18d9fe.zip
hugetlb: fix race in alloc_fresh_huge_page()
That static `nid' index needs locking. Without it we can end up calling alloc_pages_node() with an illegal node ID and the kernel crashes. Acked-by: gurudas pai <gurudas.pai@oracle.com> Cc: <stable@kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
-rw-r--r--mm/hugetlb.c15
1 files changed, 11 insertions, 4 deletions
diff --git a/mm/hugetlb.c b/mm/hugetlb.c
index eaba7d6b25a0..acc0fb3cf067 100644
--- a/mm/hugetlb.c
+++ b/mm/hugetlb.c
@@ -101,13 +101,20 @@ static void free_huge_page(struct page *page)
static int alloc_fresh_huge_page(void)
{
- static int nid = 0;
+ static int prev_nid;
struct page *page;
- page = alloc_pages_node(nid, GFP_HIGHUSER|__GFP_COMP|__GFP_NOWARN,
- HUGETLB_PAGE_ORDER);
- nid = next_node(nid, node_online_map);
+ static DEFINE_SPINLOCK(nid_lock);
+ int nid;
+
+ spin_lock(&nid_lock);
+ nid = next_node(prev_nid, node_online_map);
if (nid == MAX_NUMNODES)
nid = first_node(node_online_map);
+ prev_nid = nid;
+ spin_unlock(&nid_lock);
+
+ page = alloc_pages_node(nid, GFP_HIGHUSER|__GFP_COMP|__GFP_NOWARN,
+ HUGETLB_PAGE_ORDER);
if (page) {
set_compound_page_dtor(page, free_huge_page);
spin_lock(&hugetlb_lock);