Re: [PATCH 1/1] mm: implement ->map_pages for shmem/tmpfs

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Thanks for the updates!
Best wishes,
-- 
Ning Qu (曲宁) | Software Engineer | quning@xxxxxxxxxx | +1-408-418-6066


On Mon, Mar 3, 2014 at 3:07 AM, Kirill A. Shutemov
<kirill.shutemov@xxxxxxxxxxxxxxx> wrote:
> Ning Qu wrote:
>> Btw, should we first check if page returned by radix_tree_deref_slot is NULL?
>
> Yes, we should. I don't know how I missed that. :(
>
> The patch below should address both issues.
>
> From dca24c9a1f31ee1599fe81e9a60d4f87a4eaf0ea Mon Sep 17 00:00:00 2001
> From: "Kirill A. Shutemov" <kirill.shutemov@xxxxxxxxxxxxxxx>
> Date: Mon, 3 Mar 2014 12:07:03 +0200
> Subject: [PATCH] mm: filemap_map_pages() avoid dereference NULL/exception
>  slots
>
> radix_tree_deref_slot() can return NULL: add missed check.
>
> Do no dereference 'page': we can get there as result of
> radix_tree_exception(page) check.
>
> Reported-by: Hugh Dickins <hughd@xxxxxxxxxx>
> Reported-by: Ning Qu <quning@xxxxxxxxxx>
> Signed-off-by: Kirill A. Shutemov <kirill.shutemov@xxxxxxxxxxxxxxx>
> ---
>  mm/filemap.c | 4 +++-
>  1 file changed, 3 insertions(+), 1 deletion(-)
>
> diff --git a/mm/filemap.c b/mm/filemap.c
> index 5f4fe7f0c258..e48624634927 100644
> --- a/mm/filemap.c
> +++ b/mm/filemap.c
> @@ -1745,6 +1745,8 @@ void filemap_map_pages(struct vm_area_struct *vma, struct vm_fault *vmf)
>                         break;
>  repeat:
>                 page = radix_tree_deref_slot(slot);
> +               if (unlikely(!page))
> +                       goto next;
>                 if (radix_tree_exception(page)) {
>                         if (radix_tree_deref_retry(page))
>                                 break;
> @@ -1790,7 +1792,7 @@ unlock:
>  skip:
>                 page_cache_release(page);
>  next:
> -               if (page->index == vmf->max_pgoff)
> +               if (iter.index == vmf->max_pgoff)
>                         break;
>         }
>         rcu_read_unlock();
> --
>  Kirill A. Shutemov
>
> --
> To unsubscribe, send a message with 'unsubscribe linux-mm' in
> the body to majordomo@xxxxxxxxx.  For more info on Linux MM,
> see: http://www.linux-mm.org/ .
> Don't email: <a href=mailto:"dont@xxxxxxxxx";> email@xxxxxxxxx </a>

--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@xxxxxxxxx.  For more info on Linux MM,
see: http://www.linux-mm.org/ .
Don't email: <a href
[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]