On Mon 13-06-16 22:52:43, Tetsuo Handa wrote:

Michal Hocko wrote:

quoted

I have checked the vnet code and it doesn't seem to rely on
copy_from_user/get_user AFAICS. Other users of use_mm() need to copy to
the userspace only as well. So we should be perfectly safe to OOM reap
address space even when it is shared by the kthread [1] so this is
not really needed for the OOM correctness purpose. It would be much
nicer if the kthread didn't pin the mm for two long outside of the OOM
handling as well of course but that lowers the priority of the change.

[1] http://lkml.kernel.org/r/20160613112348.GC6518@dhcp22.suse.cz

It seems to me that vhost code relies on copy from the userspace.

use_mm(dev->mm) and unuse_mm(dev->mm) are used inside vhost_worker().
work->fn(work) is initialized by vhost_work_init().
vhost_scsi_open() passes vhost_scsi_complete_cmd_work() and
vhost_scsi_evt_work() as ->fn, and both functions call __get_user().

vhost_scsi_complete_cmd_work() {
  vhost_signal() {
    vhost_notify() {
      __get_user()
    }
  }
}

vhost_scsi_evt_work() {
  vhost_scsi_do_evt_work() {
    vhost_get_vq_desc() {
      __get_user() / __copy_from_user()
      get_indirect() {
        copy_from_iter()
      }
    }
  }
}

Ahh, I've missed those. Thanks for pointing this out! Let me try to find
out whether the code is robust to see unexpected 0 when reading from the
userspace.

-- 
Michal Hocko
SUSE Labs

--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@kvack.org.  For more info on Linux MM,
see: http://www.linux-mm.org/ .
Don't email: <a href=mailto:"dont@kvack.org"> email@kvack.org </a>