Reservations for must-succeed memory allocations
Reservations for must-succeed memory allocations
Posted Mar 19, 2015 0:32 UTC (Thu) by neilbrown (subscriber, #359)In reply to: Reservations for must-succeed memory allocations by Cyberax
Parent article: Reservations for must-succeed memory allocations
So either they will have called get_user_pages() and will hold references to the pages which will keep them safe, or it will be calling copy_{to,from}_user which is designed to handle missing
addresses and will return an appropriate error status if the memory isn't there.
Is there some other way to access user memory that I have missed? Or is one of those racy in a way that I cannot see?
Posted Mar 19, 2015 18:45 UTC (Thu)
by Cyberax (✭ supporter ✭, #52523)
[Link]
> Is there some other way to access user memory that I have missed? Or is one of those racy in a way that I cannot see?
Reservations for must-succeed memory allocations
Wouldn't this require splitting the victim's VMA to free pages that are not pinned (requiring more RAM to do it)? On the other hand, in most cases only a couple of pages are going to be pinned at any given moment.
Other than weird zero-copy scenarios I think you're not missing anything.