On Wed, Nov 09, 2022 at 11:37:34PM +0800, Dawei Li wrote:
> pin_user_pages() is unsafe without protection of mmap_lock,
> fix it by calling pin_user_pages_fast().
>
> Fixes: 7a7a933edd6c ("drm/vmwgfx: Introduce VMware mks-guest-stats")
> Signed-off-by: Dawei Li <set_pte_at@xxxxxxxxxxx>
> ---
> v1:
> https://lore.kernel.org/all/TYCP286MB23235C9A9FCF85C045F95EA7CA4F9@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx/
>
> v1->v2:
> Rebased to latest vmwgfx/drm-misc-fixes.
>
> v2->v3
> Replace pin_user_pages() with pin_user_pages_fast().
Gentle ping
> ---
> drivers/gpu/drm/vmwgfx/vmwgfx_msg.c | 6 +++---
> 1 file changed, 3 insertions(+), 3 deletions(-)
>
> diff --git a/drivers/gpu/drm/vmwgfx/vmwgfx_msg.c b/drivers/gpu/drm/vmwgfx/vmwgfx_msg.c
> index 089046fa21be..50fa3df0bc0c 100644
> --- a/drivers/gpu/drm/vmwgfx/vmwgfx_msg.c
> +++ b/drivers/gpu/drm/vmwgfx/vmwgfx_msg.c
> @@ -1085,21 +1085,21 @@ int vmw_mksstat_add_ioctl(struct drm_device *dev, void *data,
> reset_ppn_array(pdesc->strsPPNs, ARRAY_SIZE(pdesc->strsPPNs));
>
> /* Pin mksGuestStat user pages and store those in the instance descriptor */
> - nr_pinned_stat = pin_user_pages(arg->stat, num_pages_stat, FOLL_LONGTERM, pages_stat, NULL);
> + nr_pinned_stat = pin_user_pages_fast(arg->stat, num_pages_stat, FOLL_LONGTERM, pages_stat);
> if (num_pages_stat != nr_pinned_stat)
> goto err_pin_stat;
>
> for (i = 0; i < num_pages_stat; ++i)
> pdesc->statPPNs[i] = page_to_pfn(pages_stat[i]);
>
> - nr_pinned_info = pin_user_pages(arg->info, num_pages_info, FOLL_LONGTERM, pages_info, NULL);
> + nr_pinned_info = pin_user_pages_fast(arg->info, num_pages_info, FOLL_LONGTERM, pages_info);
> if (num_pages_info != nr_pinned_info)
> goto err_pin_info;
>
> for (i = 0; i < num_pages_info; ++i)
> pdesc->infoPPNs[i] = page_to_pfn(pages_info[i]);
>
> - nr_pinned_strs = pin_user_pages(arg->strs, num_pages_strs, FOLL_LONGTERM, pages_strs, NULL);
> + nr_pinned_strs = pin_user_pages_fast(arg->strs, num_pages_strs, FOLL_LONGTERM, pages_strs);
> if (num_pages_strs != nr_pinned_strs)
> goto err_pin_strs;
>
> --
> 2.25.1
>
