Skip to content

Commit

Permalink
mm: pagewalk: call pte_hole() for VM_PFNMAP during walk_page_range
Browse files Browse the repository at this point in the history
walk_page_range() silently skips vma having VM_PFNMAP set, which leads
to undesirable behaviour at client end (who called walk_page_range).
Userspace applications get the wrong data, so the effect is like just
confusing users (if the applications just display the data) or sometimes
killing the processes (if the applications do something with
misunderstanding virtual addresses due to the wrong data.)

For example for pagemap_read, when no callbacks are called against
VM_PFNMAP vma, pagemap_read may prepare pagemap data for next virtual
address range at wrong index.

Eventually userspace may get wrong pagemap data for a task.
Corresponding to a VM_PFNMAP marked vma region, kernel may report
mappings from subsequent vma regions.  User space in turn may account
more pages (than really are) to the task.

In my case I was using procmem, procrack (Android utility) which uses
pagemap interface to account RSS pages of a task.  Due to this bug it
was giving a wrong picture for vmas (with VM_PFNMAP set).

Fixes: a9ff785 ("mm/pagewalk.c: walk_page_range should avoid VM_PFNMAP areas")
Signed-off-by: Shiraz Hashim <[email protected]>
Acked-by: Naoya Horiguchi <[email protected]>
Cc: <[email protected]>	[3.10+]
Signed-off-by: Andrew Morton <[email protected]>
Signed-off-by: Linus Torvalds <[email protected]>
  • Loading branch information
Shiraz Hashim authored and torvalds committed Feb 5, 2015
1 parent 9d82f5e commit 23aaed6
Showing 1 changed file with 4 additions and 1 deletion.
5 changes: 4 additions & 1 deletion mm/pagewalk.c
Original file line number Diff line number Diff line change
Expand Up @@ -199,7 +199,10 @@ int walk_page_range(unsigned long addr, unsigned long end,
*/
if ((vma->vm_start <= addr) &&
(vma->vm_flags & VM_PFNMAP)) {
next = vma->vm_end;
if (walk->pte_hole)
err = walk->pte_hole(addr, next, walk);
if (err)
break;
pgd = pgd_offset(walk->mm, next);
continue;
}
Expand Down

0 comments on commit 23aaed6

Please sign in to comment.