From patchwork Mon Nov 26 16:57:15 2012 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Subject: [145/270] libceph: only kunmap kmapped pages Date: Mon, 26 Nov 2012 06:57:15 -0000 From: Herton Ronaldo Krzesinski X-Patchwork-Id: 201879 Message-Id: <1353949160-26803-146-git-send-email-herton.krzesinski@canonical.com> To: linux-kernel@vger.kernel.org, stable@vger.kernel.org, kernel-team@lists.ubuntu.com Cc: Alex Elder 3.5.7u1 -stable review patch. If anyone has any objections, please let me know. ------------------ From: Alex Elder commit 5ce765a540f34d1e2005e1210f49f67fdf11e997 upstream. In write_partial_msg_pages(), pages need to be kmapped in order to perform a CRC-32c calculation on them. As an artifact of the way this code used to be structured, the kunmap() call was separated from the kmap() call and both were done conditionally. But the conditions under which the kmap() and kunmap() calls were made differed, so there was a chance a kunmap() call would be done on a page that had not been mapped. The symptom of this was tripping a BUG() in kunmap_high() when pkmap_count[nr] became 0. Reported-by: Bryan K. Wright Signed-off-by: Alex Elder Reviewed-by: Sage Weil Signed-off-by: Herton Ronaldo Krzesinski --- net/ceph/messenger.c | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/net/ceph/messenger.c b/net/ceph/messenger.c index b141c86..8ba0eee 100644 --- a/net/ceph/messenger.c +++ b/net/ceph/messenger.c @@ -1069,16 +1069,13 @@ static int write_partial_msg_pages(struct ceph_connection *con) BUG_ON(kaddr == NULL); base = kaddr + con->out_msg_pos.page_pos + bio_offset; crc = crc32c(crc, base, len); + kunmap(page); msg->footer.data_crc = cpu_to_le32(crc); con->out_msg_pos.did_page_crc = true; } ret = ceph_tcp_sendpage(con->sock, page, con->out_msg_pos.page_pos + bio_offset, len, 1); - - if (do_datacrc) - kunmap(page); - if (ret <= 0) goto out;