On Sat, Jan 18, 2014 at 08:10:31PM +0000, Al Viro wrote:
> On Sat, Jan 18, 2014 at 11:59:56AM -0800, Linus Torvalds wrote:
> > On Fri, Jan 17, 2014 at 11:46 PM, Al Viro <viro@xxxxxxxxxxxxxxxxxx> wrote:
> > > On Fri, Jan 17, 2014 at 11:22:04PM -0800, Linus Torvalds wrote:
> > >> On Fri, Jan 17, 2014 at 10:40 PM, Al Viro <viro@xxxxxxxxxxxxxxxxxx>
> > >> wrote:
> > >> >
> > >> > Objections, comments?
> > >>
> > >> I certainly object to the "map, then unmap" approach. No VM games.
> > >
> > > Um...
> > >
> > > If we are going to copy that data (and all users of
> > > generic_file_splice_write()
> > > do that memcpy() to page cache), we have to kmap the source ;-/
> > Yeah, the kmap/kunmap we have to do. But that's a no-op on 64-bit, and
> > has to be done one page at a time (well, I guess you could do a
> > couple).
> > But you can't do that *around* the default_file_splice_write(), so I
> > thought you meant some kind of "map into user space". And I absolutely
> > *detest* that kind of approach.
> Ouch... No, I hadn't meant that kind of insanity, but I'd missed the
> problem with scarcity of mappings completely...
Ouch^2: default_file_write_splice_write() keeps calling write_pipe_buf(),
which does this:
data = buf->ops->map(pipe, buf, 0);
ret = __kernel_write(sd->u.file, data + buf->offset, sd->len, &tmp);
buf->ops->unmap(pipe, buf, data);
IOW, ->write() (with whatever locks there might be) wrapped into
kmap_atomic()/kunmap_atomic(). And anybody can do that - just a splice to
file on procfs will hit that codepath... Or on 9p, for that matter, or
fat, or afs, or cifs, etc.