From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
stable@vger.kernel.org,
Naoya Horiguchi <n-horiguchi@ah.jp.nec.com>,
Johannes Weiner <hannes@cmpxchg.org>,
iceman_dvd@yahoo.com,
Steven Truelove <steven.truelove@utoronto.ca>,
Jianguo Wu <wujianguo@huawei.com>,
Hugh Dickins <hughd@google.com>,
Andrew Morton <akpm@linux-foundation.org>,
Linus Torvalds <torvalds@linux-foundation.org>
Subject: [ 06/73] hugetlbfs: fix mmap failure in unaligned size request
Date: Thu, 9 May 2013 15:31:29 -0700 [thread overview]
Message-ID: <20130509222758.639137983@linuxfoundation.org> (raw)
In-Reply-To: <20130509222757.917088509@linuxfoundation.org>
3.8-stable review patch. If anyone has any objections, please let me know.
------------------
From: Naoya Horiguchi <n-horiguchi@ah.jp.nec.com>
commit af73e4d9506d3b797509f3c030e7dcd554f7d9c4 upstream.
The current kernel returns -EINVAL unless a given mmap length is
"almost" hugepage aligned. This is because in sys_mmap_pgoff() the
given length is passed to vm_mmap_pgoff() as it is without being aligned
with hugepage boundary.
This is a regression introduced in commit 40716e29243d ("hugetlbfs: fix
alignment of huge page requests"), where alignment code is pushed into
hugetlb_file_setup() and the variable len in caller side is not changed.
To fix this, this patch partially reverts that commit, and adds
alignment code in caller side. And it also introduces hstate_sizelog()
in order to get proper hstate to specified hugepage size.
Addresses https://bugzilla.kernel.org/show_bug.cgi?id=56881
[akpm@linux-foundation.org: fix warning when CONFIG_HUGETLB_PAGE=n]
Signed-off-by: Naoya Horiguchi <n-horiguchi@ah.jp.nec.com>
Signed-off-by: Johannes Weiner <hannes@cmpxchg.org>
Reported-by: <iceman_dvd@yahoo.com>
Cc: Steven Truelove <steven.truelove@utoronto.ca>
Cc: Jianguo Wu <wujianguo@huawei.com>
Cc: Hugh Dickins <hughd@google.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
fs/hugetlbfs/inode.c | 24 ++++++++++--------------
include/linux/hugetlb.h | 19 +++++++++++++------
ipc/shm.c | 6 +++++-
mm/mmap.c | 7 ++++++-
4 files changed, 34 insertions(+), 22 deletions(-)
--- a/fs/hugetlbfs/inode.c
+++ b/fs/hugetlbfs/inode.c
@@ -908,19 +908,19 @@ static int can_do_hugetlb_shm(void)
static int get_hstate_idx(int page_size_log)
{
- struct hstate *h;
+ struct hstate *h = hstate_sizelog(page_size_log);
- if (!page_size_log)
- return default_hstate_idx;
- h = size_to_hstate(1 << page_size_log);
if (!h)
return -1;
return h - hstates;
}
-struct file *hugetlb_file_setup(const char *name, unsigned long addr,
- size_t size, vm_flags_t acctflag,
- struct user_struct **user,
+/*
+ * Note that size should be aligned to proper hugepage size in caller side,
+ * otherwise hugetlb_reserve_pages reserves one less hugepages than intended.
+ */
+struct file *hugetlb_file_setup(const char *name, size_t size,
+ vm_flags_t acctflag, struct user_struct **user,
int creat_flags, int page_size_log)
{
int error = -ENOMEM;
@@ -929,8 +929,6 @@ struct file *hugetlb_file_setup(const ch
struct path path;
struct dentry *root;
struct qstr quick_string;
- struct hstate *hstate;
- unsigned long num_pages;
int hstate_idx;
hstate_idx = get_hstate_idx(page_size_log);
@@ -969,12 +967,10 @@ struct file *hugetlb_file_setup(const ch
if (!inode)
goto out_dentry;
- hstate = hstate_inode(inode);
- size += addr & ~huge_page_mask(hstate);
- num_pages = ALIGN(size, huge_page_size(hstate)) >>
- huge_page_shift(hstate);
error = -ENOMEM;
- if (hugetlb_reserve_pages(inode, 0, num_pages, NULL, acctflag))
+ if (hugetlb_reserve_pages(inode, 0,
+ size >> huge_page_shift(hstate_inode(inode)), NULL,
+ acctflag))
goto out_inode;
d_instantiate(path.dentry, inode);
--- a/include/linux/hugetlb.h
+++ b/include/linux/hugetlb.h
@@ -185,8 +185,7 @@ static inline struct hugetlbfs_sb_info *
extern const struct file_operations hugetlbfs_file_operations;
extern const struct vm_operations_struct hugetlb_vm_ops;
-struct file *hugetlb_file_setup(const char *name, unsigned long addr,
- size_t size, vm_flags_t acct,
+struct file *hugetlb_file_setup(const char *name, size_t size, vm_flags_t acct,
struct user_struct **user, int creat_flags,
int page_size_log);
@@ -205,8 +204,8 @@ static inline int is_file_hugepages(stru
#define is_file_hugepages(file) 0
static inline struct file *
-hugetlb_file_setup(const char *name, unsigned long addr, size_t size,
- vm_flags_t acctflag, struct user_struct **user, int creat_flags,
+hugetlb_file_setup(const char *name, size_t size, vm_flags_t acctflag,
+ struct user_struct **user, int creat_flags,
int page_size_log)
{
return ERR_PTR(-ENOSYS);
@@ -284,6 +283,13 @@ static inline struct hstate *hstate_file
return hstate_inode(f->f_dentry->d_inode);
}
+static inline struct hstate *hstate_sizelog(int page_size_log)
+{
+ if (!page_size_log)
+ return &default_hstate;
+ return size_to_hstate(1 << page_size_log);
+}
+
static inline struct hstate *hstate_vma(struct vm_area_struct *vma)
{
return hstate_file(vma->vm_file);
@@ -348,11 +354,12 @@ static inline int hstate_index(struct hs
return h - hstates;
}
-#else
+#else /* CONFIG_HUGETLB_PAGE */
struct hstate {};
#define alloc_huge_page_node(h, nid) NULL
#define alloc_bootmem_huge_page(h) NULL
#define hstate_file(f) NULL
+#define hstate_sizelog(s) NULL
#define hstate_vma(v) NULL
#define hstate_inode(i) NULL
#define huge_page_size(h) PAGE_SIZE
@@ -367,6 +374,6 @@ static inline unsigned int pages_per_hug
}
#define hstate_index_to_shift(index) 0
#define hstate_index(h) 0
-#endif
+#endif /* CONFIG_HUGETLB_PAGE */
#endif /* _LINUX_HUGETLB_H */
--- a/ipc/shm.c
+++ b/ipc/shm.c
@@ -491,10 +491,14 @@ static int newseg(struct ipc_namespace *
sprintf (name, "SYSV%08x", key);
if (shmflg & SHM_HUGETLB) {
+ struct hstate *hs = hstate_sizelog((shmflg >> SHM_HUGE_SHIFT)
+ & SHM_HUGE_MASK);
+ size_t hugesize = ALIGN(size, huge_page_size(hs));
+
/* hugetlb_file_setup applies strict accounting */
if (shmflg & SHM_NORESERVE)
acctflag = VM_NORESERVE;
- file = hugetlb_file_setup(name, 0, size, acctflag,
+ file = hugetlb_file_setup(name, hugesize, acctflag,
&shp->mlock_user, HUGETLB_SHMFS_INODE,
(shmflg >> SHM_HUGE_SHIFT) & SHM_HUGE_MASK);
} else {
--- a/mm/mmap.c
+++ b/mm/mmap.c
@@ -1296,15 +1296,20 @@ SYSCALL_DEFINE6(mmap_pgoff, unsigned lon
file = fget(fd);
if (!file)
goto out;
+ if (is_file_hugepages(file))
+ len = ALIGN(len, huge_page_size(hstate_file(file)));
} else if (flags & MAP_HUGETLB) {
struct user_struct *user = NULL;
+
+ len = ALIGN(len, huge_page_size(hstate_sizelog(
+ (flags >> MAP_HUGE_SHIFT) & MAP_HUGE_MASK)));
/*
* VM_NORESERVE is used because the reservations will be
* taken when vm_ops->mmap() is called
* A dummy user value is used because we are not locking
* memory so no accounting is necessary
*/
- file = hugetlb_file_setup(HUGETLB_ANON_FILE, addr, len,
+ file = hugetlb_file_setup(HUGETLB_ANON_FILE, len,
VM_NORESERVE,
&user, HUGETLB_ANONHUGE_INODE,
(flags >> MAP_HUGE_SHIFT) & MAP_HUGE_MASK);
next prev parent reply other threads:[~2013-05-09 23:02 UTC|newest]
Thread overview: 82+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-05-09 22:31 [ 00/73] 3.8.13-stable review Greg Kroah-Hartman
2013-05-09 22:31 ` [ 01/73] xen/arm: actually pass a non-NULL percpu pointer to request_percpu_irq Greg Kroah-Hartman
2013-05-09 22:31 ` [ 02/73] powerpc: Emulate non privileged DSCR read and write Greg Kroah-Hartman
2013-05-09 22:31 ` [ 03/73] powerpc: fix numa distance for form0 device tree Greg Kroah-Hartman
2013-05-09 22:31 ` [ 04/73] pwm: spear: Fix checking return value of clk_enable() and clk_prepare() Greg Kroah-Hartman
2013-05-09 22:31 ` [ 05/73] autofs - remove autofs dentry mount check Greg Kroah-Hartman
2013-05-09 22:31 ` Greg Kroah-Hartman [this message]
2013-05-09 22:31 ` [ 07/73] iommu/amd: Properly initialize irq-table lock Greg Kroah-Hartman
2013-05-09 22:31 ` [ 08/73] net/eth/ibmveth: Fixup retrieval of MAC address Greg Kroah-Hartman
2013-05-09 22:31 ` [ 09/73] perf/x86/intel: Add support for IvyBridge model 58 Uncore Greg Kroah-Hartman
2013-05-09 22:31 ` [ 10/73] perf/x86/intel: Fix unintended variable name reuse Greg Kroah-Hartman
2013-05-09 22:31 ` [ 11/73] perf/x86/intel/lbr: Fix LBR filter Greg Kroah-Hartman
2013-05-09 22:31 ` [ 12/73] perf/x86/intel/lbr: Demand proper privileges for PERF_SAMPLE_BRANCH_KERNEL Greg Kroah-Hartman
2013-05-09 22:31 ` [ 13/73] PCI/PM: Clear state_saved during suspend Greg Kroah-Hartman
2013-05-09 22:31 ` [ 14/73] e1000e: fix runtime power management transitions Greg Kroah-Hartman
2013-05-09 22:31 ` [ 15/73] e1000e: fix accessing to suspended device Greg Kroah-Hartman
2013-05-09 22:31 ` [ 16/73] xhci: Dont warn on empty ring for suspended devices Greg Kroah-Hartman
2013-05-09 22:31 ` [ 17/73] ipvs: ip_vs_sip_fill_param() BUG: bad check of return value Greg Kroah-Hartman
2013-05-09 22:31 ` [ 18/73] netfilter: nf_nat: fix race when unloading protocol modules Greg Kroah-Hartman
2013-05-09 22:31 ` [ 19/73] netfilter: ipset: list:set: fix reference counter update Greg Kroah-Hartman
2013-05-09 22:31 ` [ 20/73] netfilter: nf_ct_sip: dont drop packets with offsets pointing outside the packet Greg Kroah-Hartman
2013-05-09 22:31 ` [ 21/73] netfilter: ipset: "Directory not empty" error message Greg Kroah-Hartman
2013-05-09 22:31 ` [ 22/73] netfilter: nf_ct_helper: dont discard helper if it is actually the same Greg Kroah-Hartman
2013-05-09 22:31 ` [ 23/73] netfilter: ctnetlink: dont permit ct creation with random tuple Greg Kroah-Hartman
2013-05-09 22:31 ` [ 24/73] netfilter: xt_rpfilter: skip locally generated broadcast/multicast, too Greg Kroah-Hartman
2013-05-09 22:31 ` [ 25/73] netfilter: ip6t_NPT: Fix translation for non-multiple of 32 prefix lengths Greg Kroah-Hartman
2013-05-09 22:31 ` [ 26/73] ext4: add check for inodes_count overflow in new resize ioctl Greg Kroah-Hartman
2013-05-09 22:31 ` [ 27/73] r8169: fix 8168evl frame padding Greg Kroah-Hartman
2013-05-09 22:31 ` [ 28/73] RDMA/cxgb4: Fix SQ allocation when on-chip SQ is disabled Greg Kroah-Hartman
2013-05-09 22:31 ` [ 29/73] arm64: Ignore the write ESR flag on cache maintenance faults Greg Kroah-Hartman
2013-05-09 22:31 ` [ 30/73] block: fix max discard sectors limit Greg Kroah-Hartman
2013-05-09 22:31 ` [ 31/73] drm/cirrus: deal with bo reserve fail in dirty update path Greg Kroah-Hartman
2013-05-09 22:31 ` [ 32/73] drm/mgag200: " Greg Kroah-Hartman
2013-05-09 22:31 ` [ 33/73] drm/gma500: fix backlight hotkeys behaviour on netbooks Greg Kroah-Hartman
2013-05-09 22:31 ` [ 34/73] drm/prime: keep a reference from the handle to exported dma-buf (v6) Greg Kroah-Hartman
2013-05-09 22:31 ` [ 35/73] drm/ast: deal with bo reserve fail in dirty update path Greg Kroah-Hartman
2013-05-09 22:31 ` [ 36/73] drm/i915: Fix detection of base of stolen memory Greg Kroah-Hartman
2013-05-09 22:32 ` [ 37/73] drm/i915: Fix sdvo connector get_hw_state function Greg Kroah-Hartman
2013-05-09 22:32 ` [ 38/73] drm/i915: Add no-lvds quirk for Fujitsu Esprimo Q900 Greg Kroah-Hartman
2013-05-09 22:32 ` [ 39/73] drm/i915: Fix SDVO connector and encoder get_hw_state functions Greg Kroah-Hartman
2013-05-09 22:32 ` [ 40/73] drm/i915: Workaround incoherence between fences and LLC across multiple CPUs Greg Kroah-Hartman
2013-05-09 22:32 ` [ 41/73] drm/i915: Use MLC (l3$) for context objects Greg Kroah-Hartman
2013-05-09 22:32 ` [ 42/73] drm/i915: set CPT FDI RX polarity bits based on VBT Greg Kroah-Hartman
2013-05-09 22:32 ` [ 43/73] drm/i915: ensure single initialization and cleanup of backlight device Greg Kroah-Hartman
2013-05-09 22:32 ` [ 44/73] drm/i915: Fixup Oops in the pipe config computation Greg Kroah-Hartman
2013-05-09 22:32 ` [ 45/73] drm/i915: Fall back to bit banging mode for DVO transmitter detection Greg Kroah-Hartman
2013-05-09 22:32 ` [ 46/73] drm/radeon: dont use get_engine_clock() on APUs Greg Kroah-Hartman
2013-05-09 22:32 ` [ 47/73] drm/radeon: use frac fb div on RS780/RS880 Greg Kroah-Hartman
2013-05-09 22:32 ` [ 48/73] drm/radeon: fix typo in rv515_mc_resume() Greg Kroah-Hartman
2013-05-09 22:32 ` [ 49/73] drm/radeon/dce6: add missing display reg for tiling setup Greg Kroah-Hartman
2013-05-09 22:32 ` [ 50/73] drm/radeon: update wait_for_vblank for r5xx-r7xx Greg Kroah-Hartman
2013-05-09 22:32 ` [ 51/73] drm/radeon: update wait_for_vblank for evergreen+ Greg Kroah-Hartman
2013-05-09 22:32 ` [ 52/73] drm/radeon: properly lock disp in mc_stop/resume " Greg Kroah-Hartman
2013-05-09 22:32 ` [ 53/73] drm/radeon: properly lock disp in mc_stop/resume for r5xx-r7xx Greg Kroah-Hartman
2013-05-09 22:32 ` [ 54/73] drm/radeon: update wait_for_vblank for r1xx-r4xx Greg Kroah-Hartman
2013-05-09 22:32 ` [ 55/73] drm/radeon: disable the crtcs in mc_stop (evergreen+) (v2) Greg Kroah-Hartman
2013-05-09 22:32 ` [ 56/73] drm/radeon: add some new SI PCI ids Greg Kroah-Hartman
2013-05-09 22:32 ` [ 57/73] drm/radeon/evergreen+: dont enable HPD interrupts on eDP/LVDS Greg Kroah-Hartman
2013-05-09 22:32 ` [ 58/73] drm/radeon: cleanup properly if mmio mapping fails Greg Kroah-Hartman
2013-05-09 22:32 ` [ 59/73] drm/radeon: fix hdmi mode enable on RS600/RS690/RS740 Greg Kroah-Hartman
2013-05-09 22:32 ` [ 60/73] drm/radeon: fix typo in si_select_se_sh() Greg Kroah-Hartman
2013-05-09 22:32 ` [ 61/73] drm/radeon: Always flush the VM Greg Kroah-Hartman
2013-05-09 22:32 ` [ 62/73] drm/radeon: disable the crtcs in mc_stop (r5xx-r7xx) (v2) Greg Kroah-Hartman
2013-05-09 22:32 ` [ 63/73] drm/radeon: fix endian bugs in atom_allocate_fb_scratch() Greg Kroah-Hartman
2013-05-09 22:32 ` [ 64/73] drm/radeon: fix possible segfault when parsing pm tables Greg Kroah-Hartman
2013-05-09 22:32 ` [ 65/73] drm/radeon: add new richland pci ids Greg Kroah-Hartman
2013-05-09 22:32 ` [ 66/73] drm/radeon: fix handling of v6 power tables Greg Kroah-Hartman
2013-05-09 22:32 ` [ 67/73] tracing: Fix ftrace_dump() Greg Kroah-Hartman
2013-05-09 22:32 ` [ 68/73] Btrfs: compare relevant parts of delayed tree refs Greg Kroah-Hartman
2013-05-09 22:32 ` [ 69/73] Btrfs: fix extent logging with O_DIRECT into prealloc Greg Kroah-Hartman
2013-05-09 22:32 ` [ 70/73] EDAC: Dont give write permission to read-only files Greg Kroah-Hartman
2013-05-09 22:32 ` [ 71/73] NFSv4.x: Fix handling of partially delegated locks Greg Kroah-Hartman
2013-05-09 22:32 ` [ 72/73] kernel/audit_tree.c: tree will leak memory when failure occurs in audit_trim_trees() Greg Kroah-Hartman
2013-05-09 22:32 ` [ 73/73] x86/mm: account for PGDIR_SIZE alignment Greg Kroah-Hartman
2013-05-10 10:54 ` [ 00/73] 3.8.13-stable review Holger Hoffstaette
2013-05-15 0:07 ` r8169 on 3.8.13, 3.9.2, 3.10-rc1, was " Ken Moffat
2013-05-15 6:14 ` Francois Romieu
2013-05-15 17:09 ` Ken Moffat
2013-05-15 20:39 ` David Miller
2013-05-15 23:15 ` David Miller
2013-05-10 15:24 ` Shuah Khan
2013-05-11 6:03 ` Satoru Takeuchi
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20130509222758.639137983@linuxfoundation.org \
--to=gregkh@linuxfoundation.org \
--cc=akpm@linux-foundation.org \
--cc=hannes@cmpxchg.org \
--cc=hughd@google.com \
--cc=iceman_dvd@yahoo.com \
--cc=linux-kernel@vger.kernel.org \
--cc=n-horiguchi@ah.jp.nec.com \
--cc=stable@vger.kernel.org \
--cc=steven.truelove@utoronto.ca \
--cc=torvalds@linux-foundation.org \
--cc=wujianguo@huawei.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox