Andy Lutomirski wrote:
On 04/10/2014 05:22 PM, David Herrmann wrote:
Hi
On Thu, Apr 10, 2014 at 11:33 PM, Tony Battersby tonyb@cybernetics.com wrote:
For O_DIRECT the kernel pins the submitted pages in memory for DMA by incrementing the page reference counts when the I/O is submitted, allowing the pages to be modified by DMA even if they are no longer mapped in the address space of the process. This is different from a regular read(), which uses the CPU to copy the data and will fail if the pages are not mapped.
Can you please provide an example code-path? For instance, file_read_actor() does not pin any pages but only keeps the user-space address and resolves it once it has data to write.
This may be an issue for anything in the kernel that calls get_user_pages and holds onto the result at any time that mmap_sem isn't held.
Exactly. For O_DIRECT, that would be the call to get_user_pages_fast() from dio_refill_pages() in fs/direct-io.c, which is ultimately called from blkdev_direct_IO().
From the comment for get_user_pages_fast(): "Attempt to pin user pages
in memory..."
Tony