[BUG][PATCH] resend, /dev/zero vs hugetlb mappings.

From: Oleg Nesterov
Date: Fri Jul 09 2004 - 09:10:11 EST


Hello.

Hugetlbfs mmap with MAP_PRIVATE becomes MAP_SHARED
silently, but vma->vm_flags have no VM_SHARED bit.
Reading from /dev/zero into hugetlb area will do:

read_zero()
read_zero_pagealigned()
if (vma->vm_flags & VM_SHARED)
break; // fallback to clear_user()
zap_page_range();
zeromap_page_range();

It will hit BUG_ON() in unmap_hugepage_range() if
region is not huge page aligned, or silently convert
it into the private anonymous mapping.

Patch against mm7.

Oleg.

Signed-off-by: Oleg Nesterov <oleg@xxxxxxxxxx>

--- 2.6.7-mm7/drivers/char/mem.c.orig 2004-07-09 16:41:03.000000000 +0400
+++ 2.6.7-mm7/drivers/char/mem.c 2004-07-09 17:00:20.000000000 +0400
@@ -415,7 +415,7 @@ static inline size_t read_zero_pagealign

if (vma->vm_start > addr || (vma->vm_flags & VM_WRITE) == 0)
goto out_up;
- if (vma->vm_flags & VM_SHARED)
+ if (vma->vm_flags & (VM_SHARED | VM_HUGETLB))
break;
count = vma->vm_end - addr;
if (count > size)
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/