On 9/18/20 12:37 PM, Christoph Hellwig wrote: > > +static int gnttab_apply(pte_t *pte, unsigned long addr, void *data) > +{ > + pte_t ***p = data; > + > + **p = pte; > + (*p)++; > + return 0; > +} > + > static int arch_gnttab_valloc(struct gnttab_vm_area *area, unsigned nr_frames) > { > area->ptes = kmalloc_array(nr_frames, sizeof(*area->ptes), GFP_KERNEL); > if (area->ptes == NULL) > return -ENOMEM; > - > - area->area = alloc_vm_area(PAGE_SIZE * nr_frames, area->ptes); > - if (area->area == NULL) { > - kfree(area->ptes); > - return -ENOMEM; > - } > - > + area->area = get_vm_area(PAGE_SIZE * nr_frames, VM_IOREMAP); > + if (!area->area) > + goto out_free_ptes; > + if (apply_to_page_range(&init_mm, (unsigned long)area->area->addr, > + PAGE_SIZE * nr_frames, gnttab_apply, &area->ptes)) This will end up incrementing area->ptes pointer. So perhaps something like pte_t **ptes = area->ptes; if (apply_to_page_range(&init_mm, (unsigned long)area->area->addr, PAGE_SIZE * nr_frames, gnttab_apply, &ptes)) { ... } -boris