[RFC][PATCH v3 6/6] fix wrong get_user_pages usage in iovlock.c
From: KOSAKI Motohiro
Date: Tue Apr 14 2009 - 02:23:42 EST
I don't have NET-DMA usable device. I hope to get expert review.
=========================
Subject: [Untested][RFC][PATCH] fix wrong get_user_pages usage in iovlock.c
down_read(mmap_sem)
get_user_pages()
up_read(mmap_sem)
is fork unsafe.
fix it.
Signed-off-by: KOSAKI Motohiro <kosaki.motohiro@xxxxxxxxxxxxxx>
Cc: Maciej Sosnowski <maciej.sosnowski@xxxxxxxxx>
Cc: David S. Miller <davem@xxxxxxxxxxxxx>
Cc: Chris Leech <christopher.leech@xxxxxxxxx>
Cc: netdev@xxxxxxxxxxxxxxx
---
drivers/dma/iovlock.c | 18 ++++++------------
1 file changed, 6 insertions(+), 12 deletions(-)
Index: b/drivers/dma/iovlock.c
===================================================================
--- a/drivers/dma/iovlock.c 2009-02-21 16:53:23.000000000 +0900
+++ b/drivers/dma/iovlock.c 2009-04-13 04:46:02.000000000 +0900
@@ -94,18 +94,10 @@ struct dma_pinned_list *dma_pin_iovec_pa
pages += page_list->nr_pages;
/* pin pages down */
- down_read(¤t->mm->mmap_sem);
- ret = get_user_pages(
- current,
- current->mm,
- (unsigned long) iov[i].iov_base,
- page_list->nr_pages,
- 1, /* write */
- 0, /* force */
- page_list->pages,
- NULL);
- up_read(¤t->mm->mmap_sem);
-
+ down_read(¤t->mm->mm_pinned_sem);
+ ret = get_user_pages_fast((unsigned long) iov[i].iov_base,
+ page_list->nr_pages, 1,
+ page_list->pages);
if (ret != page_list->nr_pages)
goto unpin;
@@ -127,6 +119,8 @@ void dma_unpin_iovec_pages(struct dma_pi
if (!pinned_list)
return;
+ up_read(¤t->mm->mm_pinned_sem);
+
for (i = 0; i < pinned_list->nr_iovecs; i++) {
struct dma_page_list *page_list = &pinned_list->page_list[i];
for (j = 0; j < page_list->nr_pages; j++) {
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/