Anton Altaparmakov <[email protected]> wrote:
>
> mm/filemap.c::file_buffered_write():
>
> - It calls fault_in_pages_readable() which is completely bogus if
> @nr_segs > 1. It needs to be replaced by a to be written
> "fault_in_pages_readable_iovec()".
>
> - It increments @buf even in the iovec case thus @buf can point to
> random memory really quickly (in the iovec case) and then it calls
> fault_in_pages_readable() on this random memory. Ouch...
hmm, yes. Like this?
diff -puN mm/filemap.c~generic_file_buffered_write-fixes mm/filemap.c
--- 25/mm/filemap.c~generic_file_buffered_write-fixes 2005-04-24 14:18:58.445943000 -0700
+++ 25-akpm/mm/filemap.c 2005-04-24 14:20:21.995241576 -0700
@@ -1944,7 +1944,7 @@ generic_file_buffered_write(struct kiocb
buf = iov->iov_base + written;
else {
filemap_set_next_iovec(&cur_iov, &iov_base, written);
- buf = iov->iov_base + iov_base;
+ buf = cur_iov->iov_base + iov_base;
}
do {
@@ -2002,9 +2002,11 @@ generic_file_buffered_write(struct kiocb
count -= status;
pos += status;
buf += status;
- if (unlikely(nr_segs > 1))
+ if (unlikely(nr_segs > 1)) {
filemap_set_next_iovec(&cur_iov,
&iov_base, status);
+ buf = cur_iov->iov_base + iov_base;
+ }
}
}
if (unlikely(copied != bytes))
_
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Stuff]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
[Linux Resources]
