aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAndrew Morton <akpm@linux-foundation.org>2008-07-05 04:02:01 -0400
committerLinus Torvalds <torvalds@linux-foundation.org>2008-07-05 16:13:44 -0400
commit5d7e0d2bd98ef4f5a16ac9da1987ae655368dd6a (patch)
treea910f821c544bba353324c63e2783852a1b95b11
parentca31e146d5c2fe51498e619eb3a64782d02e310a (diff)
Fix pagemap_read() use of struct mm_walk
Fix some issues in pagemap_read noted by Alexey: - initialize pagemap_walk.mm to "mm" , so the code starts working as advertised - initialize ->private to "&pm" so it wouldn't immediately oops in pagemap_pte_hole() - unstatic struct pagemap_walk, so two threads won't fsckup each other (including those started by root, including flipping ->mm when you don't have permissions) - pagemap_read() contains two calls to ptrace_may_attach(), second one looks unneeded. - avoid possible kmalloc(0) and integer wraparound. Cc: Alexey Dobriyan <adobriyan@gmail.com> Cc: Matt Mackall <mpm@selenic.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> [ Personally, I'd just remove the functionality entirely - Linus ] Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
-rw-r--r--fs/proc/task_mmu.c72
1 files changed, 38 insertions, 34 deletions
diff --git a/fs/proc/task_mmu.c b/fs/proc/task_mmu.c
index 05053d701ac5..c492449f3b45 100644
--- a/fs/proc/task_mmu.c
+++ b/fs/proc/task_mmu.c
@@ -602,11 +602,6 @@ static int pagemap_pte_range(pmd_t *pmd, unsigned long addr, unsigned long end,
602 return err; 602 return err;
603} 603}
604 604
605static struct mm_walk pagemap_walk = {
606 .pmd_entry = pagemap_pte_range,
607 .pte_hole = pagemap_pte_hole
608};
609
610/* 605/*
611 * /proc/pid/pagemap - an array mapping virtual pages to pfns 606 * /proc/pid/pagemap - an array mapping virtual pages to pfns
612 * 607 *
@@ -641,6 +636,11 @@ static ssize_t pagemap_read(struct file *file, char __user *buf,
641 struct pagemapread pm; 636 struct pagemapread pm;
642 int pagecount; 637 int pagecount;
643 int ret = -ESRCH; 638 int ret = -ESRCH;
639 struct mm_walk pagemap_walk;
640 unsigned long src;
641 unsigned long svpfn;
642 unsigned long start_vaddr;
643 unsigned long end_vaddr;
644 644
645 if (!task) 645 if (!task)
646 goto out; 646 goto out;
@@ -659,11 +659,15 @@ static ssize_t pagemap_read(struct file *file, char __user *buf,
659 if (!mm) 659 if (!mm)
660 goto out_task; 660 goto out_task;
661 661
662 ret = -ENOMEM; 662
663 uaddr = (unsigned long)buf & PAGE_MASK; 663 uaddr = (unsigned long)buf & PAGE_MASK;
664 uend = (unsigned long)(buf + count); 664 uend = (unsigned long)(buf + count);
665 pagecount = (PAGE_ALIGN(uend) - uaddr) / PAGE_SIZE; 665 pagecount = (PAGE_ALIGN(uend) - uaddr) / PAGE_SIZE;
666 pages = kmalloc(pagecount * sizeof(struct page *), GFP_KERNEL); 666 ret = 0;
667 if (pagecount == 0)
668 goto out_mm;
669 pages = kcalloc(pagecount, sizeof(struct page *), GFP_KERNEL);
670 ret = -ENOMEM;
667 if (!pages) 671 if (!pages)
668 goto out_mm; 672 goto out_mm;
669 673
@@ -684,33 +688,33 @@ static ssize_t pagemap_read(struct file *file, char __user *buf,
684 pm.out = (u64 *)buf; 688 pm.out = (u64 *)buf;
685 pm.end = (u64 *)(buf + count); 689 pm.end = (u64 *)(buf + count);
686 690
687 if (!ptrace_may_attach(task)) { 691 pagemap_walk.pmd_entry = pagemap_pte_range;
688 ret = -EIO; 692 pagemap_walk.pte_hole = pagemap_pte_hole;
689 } else { 693 pagemap_walk.mm = mm;
690 unsigned long src = *ppos; 694 pagemap_walk.private = &pm;
691 unsigned long svpfn = src / PM_ENTRY_BYTES; 695
692 unsigned long start_vaddr = svpfn << PAGE_SHIFT; 696 src = *ppos;
693 unsigned long end_vaddr = TASK_SIZE_OF(task); 697 svpfn = src / PM_ENTRY_BYTES;
694 698 start_vaddr = svpfn << PAGE_SHIFT;
695 /* watch out for wraparound */ 699 end_vaddr = TASK_SIZE_OF(task);
696 if (svpfn > TASK_SIZE_OF(task) >> PAGE_SHIFT) 700
697 start_vaddr = end_vaddr; 701 /* watch out for wraparound */
698 702 if (svpfn > TASK_SIZE_OF(task) >> PAGE_SHIFT)
699 /* 703 start_vaddr = end_vaddr;
700 * The odds are that this will stop walking way 704
701 * before end_vaddr, because the length of the 705 /*
702 * user buffer is tracked in "pm", and the walk 706 * The odds are that this will stop walking way
703 * will stop when we hit the end of the buffer. 707 * before end_vaddr, because the length of the
704 */ 708 * user buffer is tracked in "pm", and the walk
705 ret = walk_page_range(start_vaddr, end_vaddr, 709 * will stop when we hit the end of the buffer.
706 &pagemap_walk); 710 */
707 if (ret == PM_END_OF_BUFFER) 711 ret = walk_page_range(start_vaddr, end_vaddr, &pagemap_walk);
708 ret = 0; 712 if (ret == PM_END_OF_BUFFER)
709 /* don't need mmap_sem for these, but this looks cleaner */ 713 ret = 0;
710 *ppos += (char *)pm.out - buf; 714 /* don't need mmap_sem for these, but this looks cleaner */
711 if (!ret) 715 *ppos += (char *)pm.out - buf;
712 ret = (char *)pm.out - buf; 716 if (!ret)
713 } 717 ret = (char *)pm.out - buf;
714 718
715out_pages: 719out_pages:
716 for (; pagecount; pagecount--) { 720 for (; pagecount; pagecount--) {