(10/2/13 10:27 AM), Jan Kara wrote:
> Signed-off-by: Jan Kara <j...@suse.cz>
> ---
> mm/process_vm_access.c | 8 ++------
> 1 file changed, 2 insertions(+), 6 deletions(-)
>
> diff --git a/mm/process_vm_access.c b/mm/process_vm_access.c
> index fd26d0433509..c1bc47d8ed90 100644
> --- a/mm/process_vm_access.c
> +++ b/mm/process_vm_access.c
> @@ -64,12 +64,8 @@ static int process_vm_rw_pages(struct task_struct *task,
> *bytes_copied = 0;
>
> /* Get the pages we're interested in */
> - down_read(&mm->mmap_sem);
> - pages_pinned = get_user_pages(task, mm, pa,
> - nr_pages_to_copy,
> - vm_write, 0, process_pages, NULL);
> - up_read(&mm->mmap_sem);
> -
> + pages_pinned = get_user_pages_unlocked(task, mm, pa, nr_pages_to_copy,
> + vm_write, 0, process_pages);
> if (pages_pinned != nr_pages_to_copy) {
> rc = -EFAULT;
> goto end;
This is wrong because original code is wrong. In this function, page may be
pointed to
anon pages. Then, you should keep to take mmap_sem until finish to copying.
Otherwise
concurrent fork() makes nasty COW issue.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
