Andrea Arcangeli's fix to an ironic weakness with get_user_pages. 

try_to_unmap_one must check page_count against page->mapcount before unmapping
a swapcache page: because the raised pagecount by which get_user_pages ensures
the page cannot be freed, will cause any write fault to see that page as not
exclusively owned, and therefore a copy page will be substituted for it - the
reverse of what's intended.

rmap.c was entirely free of such page_count heuristics before, I tried hard to
avoid putting this in.  But Andrea's fix rarely gives a false positive; and
although it might be nicer to change exclusive_swap_page etc.  to rely on
page->mapcount instead, it seems likely that we'll want to get rid of
page->mapcount later, so better not to entrench its use.
Signed-off-by: Hugh Dickins <hugh@veritas.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>