Unionfs: prevent races in unionfs_fault

Unionfs: prevent races in unionfs_fault

vm_ops->fault may be called in parallel.  Because we have to resort to
temporarily changing the vma->vm_file to point to the lower file, a
concurrent invocation of unionfs_fault could see a different value.  In this
workaround, we keep a different copy of the vma structure in our stack, so
we never expose a different value of the vma->vm_file called to us, even
temporarily.  A better fix would be to change the calling semantics of
->fault to take an explicit file pointer.

Signed-off-by: Erez Zadok <ezk@cs.sunysb.edu>