When block layer fails to map iov, it calls bio_unmap_user to undo · 53cc0b2948 - Gogs

When block layer fails to map iov, it calls bio_unmap_user to undo
mapping. Which is good if pages were mapped - but if they were provided
by someone else and just copied then bad things happen - pages are
released once here, and once by caller, leading to user triggerable BUG
at include/linux/mm.h:246.

Signed-off-by: Petr Vandrovec <petr@vandrovec.name>
Signed-off-by: Jens Axboe <jens.axboe@oracle.com>

Petr Vandrovec 16 years ago

parent

f6f7b52e2f

commit

53cc0b2948

1 changed files with 1 additions and 1 deletions

Split View Show Diff Stats

						
							+ 1
							
							- 1
						
block/blk-map.c
							 
								View File
							
				@@ -224,7 +224,7 @@ int blk_rq_map_user_iov(struct request_queue *q, struct request *rq,
			
				 		 */
			
				 		bio_get(bio);
			
				 		bio_endio(bio, 0);
			
				-		bio_unmap_user(bio);
			
				+		__blk_rq_unmap_user(bio);
			
				 		return -EINVAL;
			
				 	}