diff options
author | Matthew Wilcox (Oracle) <willy@infradead.org> | 2023-07-27 04:58:17 +0200 |
---|---|---|
committer | Matthew Wilcox (Oracle) <willy@infradead.org> | 2023-07-28 21:37:45 +0200 |
commit | cbc02854331edc6dc22d8b77b6e22e38ebc7dd51 (patch) | |
tree | cb7dd322d9626e8dbd8c47eb7f7094fa748dc576 /lib | |
parent | Merge tag 'arm64-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/arm6... (diff) | |
download | linux-cbc02854331edc6dc22d8b77b6e22e38ebc7dd51.tar.xz linux-cbc02854331edc6dc22d8b77b6e22e38ebc7dd51.zip |
XArray: Do not return sibling entries from xa_load()
It is possible for xa_load() to observe a sibling entry pointing to
another sibling entry. An example:
Thread A: Thread B:
xa_store_range(xa, entry, 188, 191, gfp);
xa_load(xa, 191);
entry = xa_entry(xa, node, 63);
[entry is a sibling of 188]
xa_store_range(xa, entry, 184, 191, gfp);
if (xa_is_sibling(entry))
offset = xa_to_sibling(entry);
entry = xa_entry(xas->xa, node, offset);
[entry is now a sibling of 184]
It is sufficient to go around this loop until we hit a non-sibling entry.
Sibling entries always point earlier in the node, so we are guaranteed
to terminate this search.
Signed-off-by: Matthew Wilcox (Oracle) <willy@infradead.org>
Fixes: 6b24ca4a1a8d ("mm: Use multi-index entries in the page cache")
Cc: stable@vger.kernel.org
Diffstat (limited to 'lib')
-rw-r--r-- | lib/xarray.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/lib/xarray.c b/lib/xarray.c index 2071a3718f4e..142e36f9dfda 100644 --- a/lib/xarray.c +++ b/lib/xarray.c @@ -206,7 +206,7 @@ static void *xas_descend(struct xa_state *xas, struct xa_node *node) void *entry = xa_entry(xas->xa, node, offset); xas->xa_node = node; - if (xa_is_sibling(entry)) { + while (xa_is_sibling(entry)) { offset = xa_to_sibling(entry); entry = xa_entry(xas->xa, node, offset); if (node->shift && xa_is_node(entry)) |