On Fri, May 26, 2023 at 09:10:33AM +0100, Lorenzo Stoakes wrote: > On Thu, May 25, 2023 at 11:39:51PM +0100, David Howells wrote: > > Make pin_user_pages*() leave a ZERO_PAGE unpinned if it extracts a pointer > > to it from the page tables and make unpin_user_page*() correspondingly > > ignore a ZERO_PAGE when unpinning. We don't want to risk overrunning a > > zero page's refcount as we're only allowed ~2 million pins on it - > > something that userspace can conceivably trigger. > > I guess we're not quite as concerned about FOLL_GET because FOLL_GET should > be ephemeral and FOLL_PIN (horrifically) adds GUP_PIN_COUNTING_BIAS each > time? I think FOLL_GET would be just as useful. But given that we have a few places that release pins while gets just do a put_page it would be a lot more effort to audit all of them. Maybe it's better do only do this once we've converted all the places that should do pin and have very few FOLL_GET users left.
