Commit a2ae1b50 authored by Lorenzo Stoakes's avatar Lorenzo Stoakes Committed by Juerg Haefliger

mm: replace __access_remote_vm() write parameter with gup_flags

BugLink: https://bugs.launchpad.net/bugs/1811080

commit 442486ec upstream.

This removes the 'write' argument from __access_remote_vm() and replaces
it with 'gup_flags' as use of this function previously silently implied
FOLL_FORCE, whereas after this patch callers explicitly pass this flag.

We make this explicit as use of FOLL_FORCE can result in surprising
behaviour (and hence bugs) within the mm subsystem.
Signed-off-by: default avatarLorenzo Stoakes <lstoakes@gmail.com>
Acked-by: default avatarMichal Hocko <mhocko@suse.com>
Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
[bwh: Backported to 4.4: adjust context]
Signed-off-by: default avatarBen Hutchings <ben.hutchings@codethink.co.uk>
Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: default avatarJuerg Haefliger <juergh@canonical.com>
Signed-off-by: default avatarStefan Bader <stefan.bader@canonical.com>
parent 9c72ad08
...@@ -3712,14 +3712,11 @@ EXPORT_SYMBOL_GPL(generic_access_phys); ...@@ -3712,14 +3712,11 @@ EXPORT_SYMBOL_GPL(generic_access_phys);
* given task for page fault accounting. * given task for page fault accounting.
*/ */
static int __access_remote_vm(struct task_struct *tsk, struct mm_struct *mm, static int __access_remote_vm(struct task_struct *tsk, struct mm_struct *mm,
unsigned long addr, void *buf, int len, int write) unsigned long addr, void *buf, int len, unsigned int gup_flags)
{ {
struct vm_area_struct *vma; struct vm_area_struct *vma;
void *old_buf = buf; void *old_buf = buf;
unsigned int flags = FOLL_FORCE; int write = gup_flags & FOLL_WRITE;
if (write)
flags |= FOLL_WRITE;
down_read(&mm->mmap_sem); down_read(&mm->mmap_sem);
/* ignore errors, just check how much was successfully transferred */ /* ignore errors, just check how much was successfully transferred */
...@@ -3729,7 +3726,7 @@ static int __access_remote_vm(struct task_struct *tsk, struct mm_struct *mm, ...@@ -3729,7 +3726,7 @@ static int __access_remote_vm(struct task_struct *tsk, struct mm_struct *mm,
struct page *page = NULL; struct page *page = NULL;
ret = get_user_pages(tsk, mm, addr, 1, ret = get_user_pages(tsk, mm, addr, 1,
flags, &page, &vma); gup_flags, &page, &vma);
if (ret <= 0) { if (ret <= 0) {
#ifndef CONFIG_HAVE_IOREMAP_PROT #ifndef CONFIG_HAVE_IOREMAP_PROT
break; break;
...@@ -3788,7 +3785,12 @@ static int __access_remote_vm(struct task_struct *tsk, struct mm_struct *mm, ...@@ -3788,7 +3785,12 @@ static int __access_remote_vm(struct task_struct *tsk, struct mm_struct *mm,
int access_remote_vm(struct mm_struct *mm, unsigned long addr, int access_remote_vm(struct mm_struct *mm, unsigned long addr,
void *buf, int len, int write) void *buf, int len, int write)
{ {
return __access_remote_vm(NULL, mm, addr, buf, len, write); unsigned int flags = FOLL_FORCE;
if (write)
flags |= FOLL_WRITE;
return __access_remote_vm(NULL, mm, addr, buf, len, flags);
} }
/* /*
...@@ -3801,12 +3803,17 @@ int access_process_vm(struct task_struct *tsk, unsigned long addr, ...@@ -3801,12 +3803,17 @@ int access_process_vm(struct task_struct *tsk, unsigned long addr,
{ {
struct mm_struct *mm; struct mm_struct *mm;
int ret; int ret;
unsigned int flags = FOLL_FORCE;
mm = get_task_mm(tsk); mm = get_task_mm(tsk);
if (!mm) if (!mm)
return 0; return 0;
ret = __access_remote_vm(tsk, mm, addr, buf, len, write); if (write)
flags |= FOLL_WRITE;
ret = __access_remote_vm(tsk, mm, addr, buf, len, flags);
mmput(mm); mmput(mm);
return ret; return ret;
......
...@@ -1929,9 +1929,10 @@ void filemap_map_pages(struct vm_area_struct *vma, struct vm_fault *vmf) ...@@ -1929,9 +1929,10 @@ void filemap_map_pages(struct vm_area_struct *vma, struct vm_fault *vmf)
EXPORT_SYMBOL(filemap_map_pages); EXPORT_SYMBOL(filemap_map_pages);
static int __access_remote_vm(struct task_struct *tsk, struct mm_struct *mm, static int __access_remote_vm(struct task_struct *tsk, struct mm_struct *mm,
unsigned long addr, void *buf, int len, int write) unsigned long addr, void *buf, int len, unsigned int gup_flags)
{ {
struct vm_area_struct *vma; struct vm_area_struct *vma;
int write = gup_flags & FOLL_WRITE;
down_read(&mm->mmap_sem); down_read(&mm->mmap_sem);
...@@ -1973,7 +1974,8 @@ static int __access_remote_vm(struct task_struct *tsk, struct mm_struct *mm, ...@@ -1973,7 +1974,8 @@ static int __access_remote_vm(struct task_struct *tsk, struct mm_struct *mm,
int access_remote_vm(struct mm_struct *mm, unsigned long addr, int access_remote_vm(struct mm_struct *mm, unsigned long addr,
void *buf, int len, int write) void *buf, int len, int write)
{ {
return __access_remote_vm(NULL, mm, addr, buf, len, write); return __access_remote_vm(NULL, mm, addr, buf, len,
write ? FOLL_WRITE : 0);
} }
/* /*
...@@ -1991,7 +1993,8 @@ int access_process_vm(struct task_struct *tsk, unsigned long addr, void *buf, in ...@@ -1991,7 +1993,8 @@ int access_process_vm(struct task_struct *tsk, unsigned long addr, void *buf, in
if (!mm) if (!mm)
return 0; return 0;
len = __access_remote_vm(tsk, mm, addr, buf, len, write); len = __access_remote_vm(tsk, mm, addr, buf, len,
write ? FOLL_WRITE : 0);
mmput(mm); mmput(mm);
return len; return len;
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment