5a27124271
commit 046eca5018f8a5dd1dc2cedf87fb5843b9ea3026 upstream.
When a vfio container is preserved across exec, the task does not change,
but it gets a new mm with locked_vm=0, and loses the count from existing
dma mappings. If the user later unmaps a dma mapping, locked_vm underflows
to a large unsigned value, and a subsequent dma map request fails with
ENOMEM in __account_locked_vm.
To avoid underflow, grab and save the mm at the time a dma is mapped.
Use that mm when adjusting locked_vm, rather than re-acquiring the saved
task's mm, which may have changed. If the saved mm is dead, do nothing.
locked_vm is incremented for existing mappings in a subsequent patch.
Fixes:
|
||
|---|---|---|
| .. | ||
| fsl-mc | ||
| mdev | ||
| pci | ||
| platform | ||
| Kconfig | ||
| Makefile | ||
| vfio_iommu_spapr_tce.c | ||
| vfio_iommu_type1.c | ||
| vfio_spapr_eeh.c | ||
| vfio.c | ||
| virqfd.c | ||