On Fri, Sep 27, 2013 at 10:42:14PM +0200, Jan Kara wrote:
> Hello,
>
> so recently I've spent some time rummaging in get_user_pages(), fault
> code etc. The use of mmap_sem is really messy in some places (like V4L
> drivers, infiniband,...). It is held over a deep & wide call chains and
> it's not clear what's protected by it, just in the middle of that is a call
> to get_user_pages(). Anyway that's mostly a side note.
>
> The main issue I found is with the range locking itself. Consider someone
> doing:
> fd = open("foo", O_RDWR);
> base = mmap(NULL, 4096, PROT_READ | PROT_WRITE, MAP_SHARED, fd, 0);
> write(fd, base, 4096);
>
> The write() is an interesting way to do nothing but if the mapping range
> lock will be acquired early (like in generic_file_aio_write()), then this
> would deadlock because generic_perform_write() will try to fault in
> destination buffer and that will try to get the range lock for the same
> range again.
Quite frankly, I'd like to see EFAULT or EDEADLOCK returned to the
caller doing something like this. It's a stupid thing to do, and
while I beleive in giving people enough rope to hang themselves,
the contortions we are going through here to provide that rope
doesn't seem worthwhile at all.
Cheers,
Dave.
--
Dave Chinner
david@xxxxxxxxxxxxx
--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@xxxxxxxxx. For more info on Linux MM,
see: http://www.linux-mm.org/ .
Don't email: <a href=mailto:"dont@xxxxxxxxx";> email@xxxxxxxxx </a>