Commit 4bc4a912 authored by Jens Axboe's avatar Jens Axboe
Browse files

io_uring: hold mmap_sem for mm->locked_vm manipulation 



The kernel doesn't seem to have clear rules around this, but various
spots are using the mmap_sem to serialize access to modifying the
locked_vm count. Play it safe and lock the mm for write when accounting
or unaccounting locked memory.

Signed-off-by: default avatarJens Axboe <axboe@kernel.dk>
parent a146468d

fs/io_uring.c

+10 −4
Original line number Diff line number Diff line
@@ -8157,12 +8157,15 @@ static void io_unaccount_mem(struct io_ring_ctx *ctx, unsigned long nr_pages, 
		__io_unaccount_mem(ctx->user, nr_pages);



	if (ctx->mm_account) {

		if (acct == ACCT_LOCKED)

		if (acct == ACCT_LOCKED) {

			mmap_write_lock(ctx->mm_account);

			ctx->mm_account->locked_vm -= nr_pages;

		else if (acct == ACCT_PINNED)

			mmap_write_unlock(ctx->mm_account);

		}else if (acct == ACCT_PINNED) {

			atomic64_sub(nr_pages, &ctx->mm_account->pinned_vm);

		}

	}

}



static int io_account_mem(struct io_ring_ctx *ctx, unsigned long nr_pages,

			  enum io_mem_account acct)
@@ -8176,11 +8179,14 @@ static int io_account_mem(struct io_ring_ctx *ctx, unsigned long nr_pages, 
	}



	if (ctx->mm_account) {

		if (acct == ACCT_LOCKED)

		if (acct == ACCT_LOCKED) {

			mmap_write_lock(ctx->mm_account);

			ctx->mm_account->locked_vm += nr_pages;

		else if (acct == ACCT_PINNED)

			mmap_write_unlock(ctx->mm_account);

		} else if (acct == ACCT_PINNED) {

			atomic64_add(nr_pages, &ctx->mm_account->pinned_vm);

		}

	}



	return 0;

}

CRA Git | Maintained and supported by SUSTech CRA and CCSE