vmalloc: unmap vmalloc area after hiding it

vmap area should be purged after vm_struct is removed from the list because vread/vwrite etc...believes the range is valid while it's on vm_struct list. Signed-off-by: KAMEZAWA Hiroyuki <kamezawa.hiroyu@jp.fujitsu.com> Reviewed-by: WANG Cong <xiyou.wangcong@gmail.com> Cc: Mike Smith <scgtrp@gmail.com> Cc: Nick Piggin <nickpiggin@yahoo.com.au> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>

vmalloc: unmap vmalloc area after hiding it
vmap area should be purged after vm_struct is removed from the list because vread/vwrite etc...believes the range is valid while it's on vm_struct list. Signed-off-by: KAMEZAWA Hiroyuki <kamezawa.hiroyu@jp.fujitsu.com> Reviewed-by: WANG Cong <xiyou.wangcong@gmail.com> Cc: Mike Smith <scgtrp@gmail.com> Cc: Nick Piggin <nickpiggin@yahoo.com.au> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
KAMEZAWA Hiroyuki · Linus Torvalds
1 parent 2f66a68f3f
Showing 1 changed file with 9 additions and 5 deletions Side-by-side Diff
mm/vmalloc.c
@@ -1270,16 +1270,20 @@
 	if (va && va->flags & VM_VM_AREA) {
 		struct vm_struct *vm = va->private;
 		struct vm_struct *tmp, **p;
-
-		vmap_debug_free_range(va->va_start, va->va_end);
-		free_unmap_vmap_area(va);
-		vm->size -= PAGE_SIZE;
-
+		/*
+		 * remove from list and disallow access to this vm_struct
+		 * before unmap. (address range confliction is maintained by
+		 * vmap.)
+		 */
 		write_lock(&vmlist_lock);
 		for (p = &vmlist; (tmp = *p) != vm; p = &tmp->next)
 			;
 		*p = tmp->next;
 		write_unlock(&vmlist_lock);
+
+		vmap_debug_free_range(va->va_start, va->va_end);
+		free_unmap_vmap_area(va);
+		vm->size -= PAGE_SIZE;
  
 		return vm;
 	}
...	...	@@ -1270,16 +1270,20 @@
1270	1270	if (va && va->flags & VM_VM_AREA) {
1271	1271	struct vm_struct *vm = va->private;
1272	1272	struct vm_struct tmp, *p;
1273		-
1274		- vmap_debug_free_range(va->va_start, va->va_end);
1275		- free_unmap_vmap_area(va);
1276		- vm->size -= PAGE_SIZE;
1277		-
	1273	+ /*
	1274	+ * remove from list and disallow access to this vm_struct
	1275	+ * before unmap. (address range confliction is maintained by
	1276	+ * vmap.)
	1277	+ */
1278	1278	write_lock(&vmlist_lock);
1279	1279	for (p = &vmlist; (tmp = *p) != vm; p = &tmp->next)
1280	1280	;
1281	1281	*p = tmp->next;
1282	1282	write_unlock(&vmlist_lock);
	1283	+
	1284	+ vmap_debug_free_range(va->va_start, va->va_end);
	1285	+ free_unmap_vmap_area(va);
	1286	+ vm->size -= PAGE_SIZE;
1283	1287
1284	1288	return vm;
1285	1289	}