2005-03-25 21:19:15

by linux-os (Dick Johnson)

[permalink] [raw]
Subject: mmap/munmap on linux-2.6.11

Memory gurus,

We have an application where a driver allocates DMA-able memory.
This DMA-able memory is mmap()ed to user-space. To conserve
DMA memory only single pages are obtained using
__get_dma_pages(GFP_KERNEL, 1) (one page at a time). These
pages, that may be scattered all about, are mmap()ed into contiguous
user data-space. The DMA engine uses a scatter-list so we can
write DMA pages anywhere. They don't have to be contiguous.

Here's a catch. It would be nice to release those DMA pages
when we don't need them. However, there doesn't appear to
be any way for driver code to know when munmap() has been
called and those DMA pages are available to be released.

How do I know that munmap() has been called? It turns out
that if I release those pages before unmapping the user-mode,
the system will crash. Therefore this could be a DOS attack
if my driver ever allowed the DMA pages to be released.

Cheers,
Dick Johnson
Penguin : Linux version 2.6.11 on an i686 machine (5537.79 BogoMips).
Notice : All mail here is now cached for review by Dictator Bush.
98.36% of all statistics are fiction.


2005-03-28 17:36:12

by Aleksey Gorelov

[permalink] [raw]
Subject: RE: mmap/munmap on linux-2.6.11

>-----Original Message-----
>From: [email protected]
>[mailto:[email protected]] On Behalf Of linux-os
>Sent: Friday, March 25, 2005 1:19 PM
>To: Linux kernel
>Subject: mmap/munmap on linux-2.6.11
>
>Memory gurus,
>
>We have an application where a driver allocates DMA-able memory.
>This DMA-able memory is mmap()ed to user-space. To conserve
>DMA memory only single pages are obtained using
> __get_dma_pages(GFP_KERNEL, 1) (one page at a time). These
>pages, that may be scattered all about, are mmap()ed into contiguous
>user data-space. The DMA engine uses a scatter-list so we can
>write DMA pages anywhere. They don't have to be contiguous.
>
>Here's a catch. It would be nice to release those DMA pages
>when we don't need them. However, there doesn't appear to
>be any way for driver code to know when munmap() has been
>called and those DMA pages are available to be released.
>
>How do I know that munmap() has been called? It turns out
>that if I release those pages before unmapping the user-mode,
>the system will crash. Therefore this could be a DOS attack
>if my driver ever allowed the DMA pages to be released.

munmap() should do the job for you and release those automatically.

Aleks.