git.samba.org - sfrench/cifs-2.6.git/commit

author	Jason Gunthorpe <jgg@mellanox.com>
	Tue, 16 Apr 2019 11:07:28 +0000 (14:07 +0300)
committer	Jason Gunthorpe <jgg@mellanox.com>
	Wed, 24 Apr 2019 16:32:25 +0000 (13:32 -0300)
commit	67f269b37f9b4d52c5e7f97acea26c0852e9b8a1
tree	58f359e2dca30490e6962ae1c1933f05dab97a97	tree
parent	d5e560d3f72382ac4e3bfe4e0f0420e6a220b039	commit \| diff

RDMA/ucontext: Fix regression with disassociate

When this code was consolidated the intention was that the VMA would
become backed by anonymous zero pages after the zap_vma_pte - however this
very subtly relied on setting the vm_ops = NULL and clearing the VM_SHARED
bits to transform the VMA into an anonymous VMA. Since the vm_ops was
removed this broke.

Now userspace gets a SIGBUS if it touches the vma after disassociation.

Instead of converting the VMA to anonymous provide a fault handler that
puts a zero'd page into the VMA when user-space touches it after
disassociation.

Cc: stable@vger.kernel.org
Suggested-by: Andrea Arcangeli <aarcange@redhat.com>
Fixes: 5f9794dc94f5 ("RDMA/ucontext: Add a core API for mmaping driver IO memory")
Signed-off-by: Jason Gunthorpe <jgg@mellanox.com>
Signed-off-by: Leon Romanovsky <leonro@mellanox.com>
Signed-off-by: Jason Gunthorpe <jgg@mellanox.com>

drivers/infiniband/core/uverbs.h		diff \| blob \| history
drivers/infiniband/core/uverbs_main.c		diff \| blob \| history