On Fri, 13 Jan 2017 16:02:37 -0800 (PST) Hugh Dickins <hughd@xxxxxxxxxx> wrote:
> On Fri, 13 Jan 2017, Dan Carpenter wrote:
>
> > kunmap_atomic() and kunmap() take different pointers. People often get
> > these mixed up.
> >
> > Fixes: 16374db2e9a0 ("userfaultfd: hugetlbfs: fix __mcopy_atomic_hugetlb retry/error processing")
> > Signed-off-by: Dan Carpenter <dan.carpenter@xxxxxxxxxx>
> > ---
> > v2: I was also unmapping the wrong pointer because I had a typo.
> >
> > diff --git a/mm/memory.c b/mm/memory.c
> > index 6012a05..aca8ef6 100644
> > --- a/mm/memory.c
> > +++ b/mm/memory.c
> > @@ -4172,7 +4172,7 @@ long copy_huge_page_from_user(struct page *dst_page,
> > (const void __user *)(src + i * PAGE_SIZE),
> > PAGE_SIZE);
> > if (allow_pagefault)
> > - kunmap(page_kaddr);
> > + kunmap(page_kaddr + i);
> > else
> > kunmap_atomic(page_kaddr);
>
> I think you need to look at that again.
>
um, yup.
--- a/mm/memory.c~userfaultfd-hugetlbfs-fix-__mcopy_atomic_hugetlb-retry-error-processing-fix-fix
+++ a/mm/memory.c
@@ -4172,7 +4172,7 @@ long copy_huge_page_from_user(struct pag
(const void __user *)(src + i * PAGE_SIZE),
PAGE_SIZE);
if (allow_pagefault)
- kunmap(page_kaddr + i);
+ kunmap(dst_page + i);
else
kunmap_atomic(page_kaddr);
_
--
To unsubscribe from this list: send the line "unsubscribe kernel-janitors" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
