On 04/11/2014 02:31 PM, David Herrmann wrote: > Hi > > On Fri, Apr 11, 2014 at 3:43 PM, Tony Battersby <tonyb@xxxxxxxxxxxxxxx> wrote: >> Exactly. For O_DIRECT, that would be the call to get_user_pages_fast() >> from dio_refill_pages() in fs/direct-io.c, which is ultimately called >> from blkdev_direct_IO(). > > If you drop mmap_sem after pinning a page without taking a write-ref, > you break i_mmap_writable / VM_DENYWRITE. In memfd I rely on > i_mmap_writable to work, same thing is done by exec() (and the old, > now disabled, MAP_DENYWRITE). > > I don't know whether I should care. I mean, everyone pinning pages and > writing to it without holding the mmap_sem has to take a write-ref for > each page or it breaks i_mmap_writable. So this seems to be a bug in > direct-IO, not in anyone relying on it, right? A quick grep of the kernel tree finds exactly zero code paths incrementing i_mmap_writable outside of mmap and fork. Or do you mean a different kind of write ref? What am I missing here? --Andy -- To unsubscribe, send a message with 'unsubscribe linux-mm' in the body to majordomo@xxxxxxxxx. For more info on Linux MM, see: http://www.linux-mm.org/ . Don't email: <a href=mailto:"dont@xxxxxxxxx";> email@xxxxxxxxx </a>