Browse files

MFC r253554:

  Fix a panic in the racct code when munlock(2) is called with incorrect values.

  The racct code in sys_munlock() assumed that the boundaries provided by
  the userland were correct as long as vm_map_unwire() returned
  successfully.  However the latter contains its own logic and sometimes
  manages to do something out of those boundaries, even if they are buggy.
  This change makes the racct code to use the accounting done by the vm
  layer, as it is done in other places such as vm_mlock().

  Despite fixing the panic, Alan Cox pointed that this code is still
  race-y though: two simultaneous callers will produce incorrect values.

  Reviewed by:  alc

MFC r253556:
  Fix previous commit when option RACCT is not used.

Approved by:	re (kib)
  • Loading branch information...
1 parent d05c0d1 commit c93266e57fde07bdc0ea6e97a40b47442ba22dfd jlh committed Jul 30, 2013
Showing with 6 additions and 1 deletion.
  1. +6 −1 sys/vm/vm_mmap.c
@@ -1221,6 +1221,9 @@ sys_munlock(td, uap)
vm_offset_t addr, end, last, start;
vm_size_t size;
+#ifdef RACCT
+ vm_map_t map;
int error;
error = priv_check(td, PRIV_VM_MUNLOCK);
@@ -1238,7 +1241,9 @@ sys_munlock(td, uap)
#ifdef RACCT
if (error == KERN_SUCCESS) {
- racct_sub(td->td_proc, RACCT_MEMLOCK, ptoa(end - start));
+ map = &td->td_proc->p_vmspace->vm_map;
+ racct_set(td->td_proc, RACCT_MEMLOCK,
+ ptoa(pmap_wired_count(map->pmap)));

0 comments on commit c93266e

Please sign in to comment.