lazy-pages: don't try to uffd_copy to removed memory regions

It is possible that when pages request from the remove source arrive, part of the memory range covered by the request would be already gone because of madvise(MADV_DONTNEED), mremap() etc. Ensure we are not trying to uffd_copy more than we are allowed. Signed-off-by: Mike Rapoport <rppt@linux.vnet.ibm.com> Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>

lazy-pages: don't try to uffd_copy to removed memory regions
It is possible that when pages request from the remove source arrive, part of the memory range covered by the request would be already gone because of madvise(MADV_DONTNEED), mremap() etc. Ensure we are not trying to uffd_copy more than we are allowed. Signed-off-by: Mike Rapoport <rppt@linux.vnet.ibm.com> Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
fb7873c9 · Mike Rapoport · Andrei Vagin · 312e97f1 · fb7873c9
Commit fb7873c9 authored Apr 16, 2018 by Mike Rapoport Committed by Andrei Vagin May 12, 2018
Hide whitespace changes
Inline Side-by-side

Showing with 9 additions and 0 deletions

uffd.c criu/uffd.c +9 -0

No files found.
--- a/criu/uffd.c
+++ b/criu/uffd.c
@@ -839,6 +839,7 @@ static int uffd_io_complete(struct page_read *pr, unsigned long img_addr, int nr
 {
 	struct lazy_pages_info *lpi;
 	unsigned long addr = 0;
+	int req_pages;
 	struct lazy_iov *req;

 	lpi = container_of(pr, struct lazy_pages_info, pr);
@@ -864,6 +865,14 @@ static int uffd_io_complete(struct page_read *pr, unsigned long img_addr, int nr
 	if (!addr)
 		return 0;

+	/*
+	 * by the time we get the pages from the remote source, parts
+	 * of the request may already be gone because of
+	 * UFFD_EVENT_{REMAP,REMOVE,UNMAP}
+	 */
+	req_pages = (req->end - req->start) / PAGE_SIZE;
+	nr = min(nr, req_pages);
+
 	return uffd_copy(lpi, addr, nr);
 }