[PATCH] ppc32: fix destroy_context() race condition

Fix for a race condition when a task gets preempted by another task while
executing the destroy_context(...) in a FEW_CONTEXTS environment.
mm->context == NO_CONTEXT but the context_map may indicate all contexts are
in use.

The solution to this problem is to disable kernel preemption while
destroying a MMU context.

Signed-off-by: Guillaume Autran <gautran@mrv.com>
Acked-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>

diff --git a/include/asm-ppc/mmu_context.h b/include/asm-ppc/mmu_context.h
index ccabbce39d8538702683e0fd51e30680018607f7..afe26ffc2e2d0f6942642ee31a001234dcdfd793 100644 (file)
--- a/include/asm-ppc/mmu_context.h
+++ b/include/asm-ppc/mmu_context.h
@@ -149,6 +149,7 @@ static inline void get_mmu_context(struct mm_struct *mm)
  */
 static inline void destroy_context(struct mm_struct *mm)
 {
+       preempt_disable();
        if (mm->context != NO_CONTEXT) {
                clear_bit(mm->context, context_map);
                mm->context = NO_CONTEXT;
@@ -156,6 +157,7 @@ static inline void destroy_context(struct mm_struct *mm)
                atomic_inc(&nr_free_contexts);
 #endif
        }
+       preempt_enable();
 }
 
 static inline void switch_mm(struct mm_struct *prev, struct mm_struct *next,