Techwizz/kernel-fxtec-pro1x
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

[PATCH] readahead: ->prev_page can overrun the ahead window

Browse source 
If get_next_ra_size() does not grow fast enough, ->prev_page can overrun
the ahead window.  This means the caller will read the pages from
->ahead_start + ->ahead_size to ->prev_page synchronously.

Signed-off-by: Oleg Nesterov <oleg@tv-sign.ru>
Cc: Steven Pratt <slpratt@austin.ibm.com>
Cc: Ram Pai <linuxram@us.ibm.com>
Cc: Trond Myklebust <trond.myklebust@fys.uio.no>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
This commit is contained in:
Oleg Nesterov 2006-03-22 00:08:47 -08:00 committed by Linus Torvalds
parent d15c023b44
commit a564da3964
1 changed files with 20 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

26
mm/readahead.c
View file

@ -52,13 +52,24 @@ static inline unsigned long get_min_readahead(struct file_ra_state *ra)
return (VM_MIN_READAHEAD * 1024) / PAGE_CACHE_SIZE; return (VM_MIN_READAHEAD * 1024) / PAGE_CACHE_SIZE;
} }
static inline void reset_ahead_window(struct file_ra_state *ra)
{
/*
* ... but preserve ahead_start + ahead_size value,
* see 'recheck:' label in page_cache_readahead().
* Note: We never use ->ahead_size as rvalue without
* checking ->ahead_start != 0 first.
*/
ra->ahead_size += ra->ahead_start;
ra->ahead_start = 0;
}
static inline void ra_off(struct file_ra_state *ra) static inline void ra_off(struct file_ra_state *ra)
{ {
ra->start = 0; ra->start = 0;
ra->flags = 0; ra->flags = 0;
ra->size = 0; ra->size = 0;
ra->ahead_start = 0; reset_ahead_window(ra);
ra->ahead_size = 0;
return; return;
} }
@ -426,8 +437,7 @@ static int make_ahead_window(struct address_space *mapping, struct file *filp,
* congestion. The ahead window will any way be closed * congestion. The ahead window will any way be closed
* in case we failed due to excessive page cache hits. * in case we failed due to excessive page cache hits.
*/ */
ra->ahead_start = 0; reset_ahead_window(ra);
ra->ahead_size = 0;
} }
return ret; return ret;
@ -520,11 +530,11 @@ page_cache_readahead(struct address_space *mapping, struct file_ra_state *ra,
* If we get here we are doing sequential IO and this was not the first * If we get here we are doing sequential IO and this was not the first
* occurence (ie we have an existing window) * occurence (ie we have an existing window)
*/ */
if (ra->ahead_start == 0) { /* no ahead window yet */ if (ra->ahead_start == 0) { /* no ahead window yet */
if (!make_ahead_window(mapping, filp, ra, 0)) if (!make_ahead_window(mapping, filp, ra, 0))
goto out; goto recheck;
} }
/* /*
* Already have an ahead window, check if we crossed into it. * Already have an ahead window, check if we crossed into it.
* If so, shift windows and issue a new ahead window. * If so, shift windows and issue a new ahead window.
@ -536,6 +546,10 @@ page_cache_readahead(struct address_space *mapping, struct file_ra_state *ra,
ra->start = ra->ahead_start; ra->start = ra->ahead_start;
ra->size = ra->ahead_size; ra->size = ra->ahead_size;
make_ahead_window(mapping, filp, ra, 0); make_ahead_window(mapping, filp, ra, 0);
recheck:
/* prev_page shouldn't overrun the ahead window */
ra->prev_page = min(ra->prev_page,
ra->ahead_start + ra->ahead_size - 1);
} }
out: out: