diff options
author | Thomas Gleixner <tglx@linutronix.de> | 2007-04-13 20:45:17 +0200 |
---|---|---|
committer | Adrian Bunk <bunk@stusta.de> | 2007-04-13 22:58:22 +0200 |
commit | 0243ef462fbe940dafde1f47d3ea29dbf5146b21 (patch) | |
tree | 44cf4ad4bf8680f325c1c1f096d49f45aff962d3 | |
parent | 1ee709383b60148263f139af790c8b5a22c2e586 (diff) | |
download | lwn-0243ef462fbe940dafde1f47d3ea29dbf5146b21.tar.gz lwn-0243ef462fbe940dafde1f47d3ea29dbf5146b21.zip |
i386: fix file_read_actor() and pipe_read() for original i386 systems
The __copy_to_user_inatomic() calls in file_read_actor() and pipe_read()
are broken on original i386 machines, where WP-works-ok == false, as
__copy_to_user_inatomic() on such systems calls functions which might
sleep and/or contain cond_resched() calls inside of a kmap_atomic()
region.
The original check for WP-works-ok was in access_ok(), but got moved
during the 2.5 series to fix a race vs. swap.
Return the number of bytes to copy in the case where we are in an atomic
region, so the non atomic code pathes in file_read_actor() and
pipe_read() are taken.
This could be optimized to avoid the kmap_atomicby moving the check for
WP-works-ok into fault_in_pages_writeable(), but this is more intrusive
and can be done later.
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Acked-by: Ingo Molnar <mingo@elte.hu>
Signed-off-by: Adrian Bunk <bunk@stusta.de>
-rw-r--r-- | arch/i386/lib/usercopy.c | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/arch/i386/lib/usercopy.c b/arch/i386/lib/usercopy.c index 4cf981d70f45..20910daa53af 100644 --- a/arch/i386/lib/usercopy.c +++ b/arch/i386/lib/usercopy.c @@ -10,6 +10,7 @@ #include <linux/highmem.h> #include <linux/blkdev.h> #include <linux/module.h> +#include <linux/interrupt.h> #include <asm/uaccess.h> #include <asm/mmx.h> @@ -522,6 +523,14 @@ unsigned long __copy_to_user_ll(void __user *to, const void *from, unsigned long #ifndef CONFIG_X86_WP_WORKS_OK if (unlikely(boot_cpu_data.wp_works_ok == 0) && ((unsigned long )to) < TASK_SIZE) { + /* + * When we are in an atomic section (see + * mm/filemap.c:file_read_actor), return the full + * length to take the slow path. + */ + if (in_atomic()) + return n; + /* * CPU does not honor the WP bit when writing * from supervisory mode, and due to preemption or SMP, |