rk: revert 20f3d0b+v3.0.66 to v3.0

[firefly-linux-kernel-4.4.55.git] / mm / mmu_notifier.c

diff --git a/mm/mmu_notifier.c b/mm/mmu_notifier.c
index 71c78115c4537ecd23573d50d0368e7c6c4361b9..8d032de4088e0a55d3f9a4d733dc530e2962a678 100644 (file)
--- a/mm/mmu_notifier.c
+++ b/mm/mmu_notifier.c
@@ -33,24 +33,6 @@
 void __mmu_notifier_release(struct mm_struct *mm)
 {
        struct mmu_notifier *mn;
-       struct hlist_node *n;
-
-       /*
-        * RCU here will block mmu_notifier_unregister until
-        * ->release returns.
-        */
-       rcu_read_lock();
-       hlist_for_each_entry_rcu(mn, n, &mm->mmu_notifier_mm->list, hlist)
-               /*
-                * if ->release runs before mmu_notifier_unregister it
-                * must be handled as it's the only way for the driver
-                * to flush all existing sptes and stop the driver
-                * from establishing any more sptes before all the
-                * pages in the mm are freed.
-                */
-               if (mn->ops->release)
-                       mn->ops->release(mn, mm);
-       rcu_read_unlock();
 
        spin_lock(&mm->mmu_notifier_mm->lock);
        while (unlikely(!hlist_empty(&mm->mmu_notifier_mm->list))) {
@@ -64,6 +46,23 @@ void __mmu_notifier_release(struct mm_struct *mm)
                 * mmu_notifier_unregister to return.
                 */
                hlist_del_init_rcu(&mn->hlist);
+               /*
+                * RCU here will block mmu_notifier_unregister until
+                * ->release returns.
+                */
+               rcu_read_lock();
+               spin_unlock(&mm->mmu_notifier_mm->lock);
+               /*
+                * if ->release runs before mmu_notifier_unregister it
+                * must be handled as it's the only way for the driver
+                * to flush all existing sptes and stop the driver
+                * from establishing any more sptes before all the
+                * pages in the mm are freed.
+                */
+               if (mn->ops->release)
+                       mn->ops->release(mn, mm);
+               rcu_read_unlock();
+               spin_lock(&mm->mmu_notifier_mm->lock);
        }
        spin_unlock(&mm->mmu_notifier_mm->lock);
 
@@ -285,13 +284,16 @@ void mmu_notifier_unregister(struct mmu_notifier *mn, struct mm_struct *mm)
 {
        BUG_ON(atomic_read(&mm->mm_count) <= 0);
 
+       spin_lock(&mm->mmu_notifier_mm->lock);
        if (!hlist_unhashed(&mn->hlist)) {
+               hlist_del_rcu(&mn->hlist);
+
                /*
                 * RCU here will force exit_mmap to wait ->release to finish
                 * before freeing the pages.
                 */
                rcu_read_lock();
-
+               spin_unlock(&mm->mmu_notifier_mm->lock);
                /*
                 * exit_mmap will block in mmu_notifier_release to
                 * guarantee ->release is called before freeing the
@@ -300,11 +302,8 @@ void mmu_notifier_unregister(struct mmu_notifier *mn, struct mm_struct *mm)
                if (mn->ops->release)
                        mn->ops->release(mn, mm);
                rcu_read_unlock();
-
-               spin_lock(&mm->mmu_notifier_mm->lock);
-               hlist_del_rcu(&mn->hlist);
+       } else
                spin_unlock(&mm->mmu_notifier_mm->lock);
-       }
 
        /*
         * Wait any running method to finish, of course including