svn commit: r186719 - in head/sys: kern vm

Sat, 03 Jan 2009 05:24:39 -0800 

Author: kib
Date: Sat Jan  3 13:24:08 2009
New Revision: 186719
URL: http://svn.freebsd.org/changeset/base/186719

Log:
  Extend the struct vm_page wire_count to u_int to avoid the overflow
  of the counter, that may happen when too many sendfile(2) calls are
  being executed with this vnode [1].
  
  To keep the size of the struct vm_page and offsets of the fields
  accessed by out-of-tree modules, swap the types and locations
  of the wire_count and cow fields. Add safety checks to detect cow
  overflow and force fallback to the normal copy code for zero-copy
  sockets. [2]
  
  Reported by:  Anton Yuzhaninov <citrin citrin ru> [1]
  Suggested by: alc [2]
  Reviewed by:  alc
  MFC after:    2 weeks

Modified:
  head/sys/kern/uipc_cow.c
  head/sys/vm/vm_page.c
  head/sys/vm/vm_page.h

Modified: head/sys/kern/uipc_cow.c
==============================================================================
--- head/sys/kern/uipc_cow.c    Sat Jan  3 12:09:18 2009        (r186718)
+++ head/sys/kern/uipc_cow.c    Sat Jan  3 13:24:08 2009        (r186719)
@@ -129,7 +129,11 @@ socow_setup(struct mbuf *m0, struct uio 
         * set up COW
         */
        vm_page_lock_queues();
-       vm_page_cowsetup(pp);
+       if (vm_page_cowsetup(pp) != 0) {
+               vm_page_unhold(pp);
+               vm_page_unlock_queues();
+               return (0);
+       }
 
        /*
         * wire the page for I/O

Modified: head/sys/vm/vm_page.c
==============================================================================
--- head/sys/vm/vm_page.c       Sat Jan  3 12:09:18 2009        (r186718)
+++ head/sys/vm/vm_page.c       Sat Jan  3 13:24:08 2009        (r186719)
@@ -106,6 +106,7 @@ __FBSDID("$FreeBSD$");
 #include <sys/systm.h>
 #include <sys/lock.h>
 #include <sys/kernel.h>
+#include <sys/limits.h>
 #include <sys/malloc.h>
 #include <sys/mutex.h>
 #include <sys/proc.h>
@@ -2112,13 +2113,16 @@ vm_page_cowclear(vm_page_t m)
         */ 
 }
 
-void
+int
 vm_page_cowsetup(vm_page_t m)
 {
 
        mtx_assert(&vm_page_queue_mtx, MA_OWNED);
+       if (m->cow == USHRT_MAX - 1)
+               return (EBUSY);
        m->cow++;
        pmap_remove_write(m);
+       return (0);
 }
 
 #include "opt_ddb.h"

Modified: head/sys/vm/vm_page.h
==============================================================================
--- head/sys/vm/vm_page.h       Sat Jan  3 12:09:18 2009        (r186718)
+++ head/sys/vm/vm_page.h       Sat Jan  3 13:24:08 2009        (r186719)
@@ -111,12 +111,12 @@ struct vm_page {
        vm_paddr_t phys_addr;           /* physical address of page */
        struct md_page md;              /* machine dependant stuff */
        uint8_t queue;                  /* page queue index */
-       int8_t segind;  
+       int8_t segind;
        u_short flags;                  /* see below */
        uint8_t order;                  /* index of the buddy queue */
        uint8_t pool;
-       u_short wire_count;             /* wired down maps refs (P) */
-       u_int cow;                      /* page cow mapping count */
+       u_short cow;                    /* page cow mapping count */
+       u_int wire_count;               /* wired down maps refs (P) */
        short hold_count;               /* page hold count */
        u_short oflags;                 /* page flags (O) */
        u_char  act_count;              /* page usage count */
@@ -336,7 +336,7 @@ void vm_page_zero_invalid(vm_page_t m, b
 void vm_page_free_toq(vm_page_t m);
 void vm_page_zero_idle_wakeup(void);
 void vm_page_cowfault (vm_page_t);
-void vm_page_cowsetup (vm_page_t);
+int vm_page_cowsetup(vm_page_t);
 void vm_page_cowclear (vm_page_t);
 
 /*
_______________________________________________
svn-src-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

Reply via email to