Re: [RFC][PATCHES] iov_iter.c rewrite

From: Al Viro
Date: Mon Dec 08 2014 - 13:14:13 EST

Next message: Linus Torvalds: "Re: [RFC][PATCHES] iov_iter.c rewrite"
Previous message: David Hildenbrand: "[PATCH v1] CPU hotplug: active_reader not woken up in some cases - deadlock"
In reply to: Linus Torvalds: "Re: [RFC][PATCHES] iov_iter.c rewrite"
Next in thread: Linus Torvalds: "Re: [RFC][PATCHES] iov_iter.c rewrite"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, Dec 08, 2014 at 10:07:55AM -0800, Linus Torvalds wrote:

> Which is in the vmalloc address space. So somebody used a vmalloc'ed
> address and tried to convert it to a physical address in order to look
> up the page.
>
> Which is not a valid operation, and the BUG_ON() is definitely proper.
>
> Now *why* something tried to do a virt_to_page() on a vmalloc'ed
> address, that I leave to others.

iov_iter_get_pages() in ITER_KVEC case, trying to avoid get_user_pages_fast()
and getting it wrong. FWIW, the reproducer is finit_module(fd, ....)
where fd has been opened with O_DIRECT. In that case we get kernel_read()
on O_DIRECT and the buffer has just been vmalloc'ed.

What's the sane way to grab struct page * for a vmalloc'ed address?
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Linus Torvalds: "Re: [RFC][PATCHES] iov_iter.c rewrite"
Previous message: David Hildenbrand: "[PATCH v1] CPU hotplug: active_reader not woken up in some cases - deadlock"
In reply to: Linus Torvalds: "Re: [RFC][PATCHES] iov_iter.c rewrite"
Next in thread: Linus Torvalds: "Re: [RFC][PATCHES] iov_iter.c rewrite"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]