From 3e15787d225531efd8e6c998e7fd3974c4eadea0 Mon Sep 17 00:00:00 2001
From: Michel Lespinasse <michel@lespinasse.org>
Date: Mon, 24 Jan 2022 17:43:55 -0800
Subject: [PATCH] FROMLIST: mm: write lock mmu_notifier_lock when registering
 mmu notifiers

Change mm_take_all_locks to also take the mmu_notifier_lock.
Note that mm_take_all_locks is called from mmu_notifier_register() only.

Signed-off-by: Michel Lespinasse <michel@lespinasse.org>
Link: https://lore.kernel.org/all/20220128131006.67712-25-michel@lespinasse.org/
Bug: 161210518
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
Change-Id: I7ad82c6bc66f8f59a718dc4bf030674d9306a53d
---
 mm/mmap.c | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/mm/mmap.c b/mm/mmap.c
index f70ec7d61f89..3ba0dd208869 100644
--- a/mm/mmap.c
+++ b/mm/mmap.c
@@ -3594,6 +3594,10 @@ int mm_take_all_locks(struct mm_struct *mm)
 
 	mutex_lock(&mm_all_locks_mutex);
 
+#if defined(CONFIG_MMU_NOTIFIER) && defined(CONFIG_SPECULATIVE_PAGE_FAULT)
+	percpu_down_write(mm->mmu_notifier_lock);
+#endif
+
 	for (vma = mm->mmap; vma; vma = vma->vm_next) {
 		if (signal_pending(current))
 			goto out_unlock;
@@ -3681,6 +3685,10 @@ void mm_drop_all_locks(struct mm_struct *mm)
 			vm_unlock_mapping(vma->vm_file->f_mapping);
 	}
 
+#if defined(CONFIG_MMU_NOTIFIER) && defined(CONFIG_SPECULATIVE_PAGE_FAULT)
+	percpu_up_write(mm->mmu_notifier_lock);
+#endif
+
 	mutex_unlock(&mm_all_locks_mutex);
 }