ANDROID: mm: fix incorrect unlock mmap_lock for speculative swap fault

In a20b68c396127cd6387f37845c5bc05e44e2fd0e, SPF is supported for swap fault. But in __lock_page_or_retry(), it will unlock mmap_lock unconditionally. That will cause unpaired lock release in handling SPF. Bug: 333508035 Change-Id: Ia1da66c85e0d58883cf518f10cd33fc5cad387b8 Signed-off-by: Oven <liyangouwen1@oppo.com> (cherry picked from commit 63070883166ae63620a87d958319deba86f236ae)
author: Oven <liyangouwen1@oppo.com> 2024-04-10 19:23:08 +0800
committer: Suren Baghdasaryan <surenb@google.com> 2024-04-16 16:44:22 +0000
commit: 25ebc0917814352a3a25edb0b1c0a1725d4cae55 (patch)
tree: 398ca9b80bf17e1f1ba871106b4b1416aceebfc2
parent: 264477e0d844ee272cbf7d1bc277705b2f7232ad (diff)
download: common-25ebc0917814352a3a25edb0b1c0a1725d4cae55.tar.gz
1 files changed, 4 insertions, 2 deletions
diff --git a/mm/filemap.c b/mm/filemap.c
index c659d7bf7a81..7b17a22943aa 100644
--- a/mm/filemap.c
+++ b/mm/filemap.c
@@ -1710,7 +1710,8 @@ __sched int __lock_page_or_retry(struct page *page, struct mm_struct *mm,
 		if (flags & FAULT_FLAG_RETRY_NOWAIT)
 			return 0;
 
-		mmap_read_unlock(mm);
+		if (!(flags & FAULT_FLAG_SPECULATIVE))
+			mmap_read_unlock(mm);
 		if (flags & FAULT_FLAG_KILLABLE)
 			wait_on_page_locked_killable(page);
 		else
@@ -1722,7 +1723,8 @@ __sched int __lock_page_or_retry(struct page *page, struct mm_struct *mm,
 
 		ret = __lock_page_killable(page);
 		if (ret) {
-			mmap_read_unlock(mm);
+			if (!(flags & FAULT_FLAG_SPECULATIVE))
+				mmap_read_unlock(mm);
 			return 0;
 		}
 	} else {
author	Oven <liyangouwen1@oppo.com>	2024-04-10 19:23:08 +0800
committer	Suren Baghdasaryan <surenb@google.com>	2024-04-16 16:44:22 +0000
commit	25ebc0917814352a3a25edb0b1c0a1725d4cae55 (patch)
tree	398ca9b80bf17e1f1ba871106b4b1416aceebfc2
parent	264477e0d844ee272cbf7d1bc277705b2f7232ad (diff)
download	common-25ebc0917814352a3a25edb0b1c0a1725d4cae55.tar.gz