On Wed, 10 Sep 2025 21:22:06 +0100 Lorenzo Stoakes <lorenzo.stoa...@oracle.com>
wrote:
> Update the mem char driver (backing /dev/mem and /dev/zero) to use
> f_op->mmap_prepare hook rather than the deprecated f_op->mmap.
>
> The /dev/zero implementation has a very unique and rather concerning
> characteristic in that it converts MAP_PRIVATE mmap() mappings anonymous
> when they are, in fact, not.
>
> The new f_op->mmap_prepare() can support this, but rather than introducing
> a helper function to perform this hack (and risk introducing other users),
> simply set desc->vm_op to NULL here and add a comment describing what's
> going on.
>
> We also introduce shmem_zero_setup_desc() to allow for the shared mapping
> case via an f_op->mmap_prepare() hook, and generalise the code between this
> and shmem_zero_setup().
>
> We also use the desc->action_error_hook to filter the remap error to
> -EAGAIN to keep behaviour consistent.
>
> Signed-off-by: Lorenzo Stoakes <lorenzo.stoa...@oracle.com>
> ---
> drivers/char/mem.c | 75 ++++++++++++++++++++++------------------
> include/linux/shmem_fs.h | 3 +-
> mm/shmem.c | 40 ++++++++++++++++-----
> 3 files changed, 76 insertions(+), 42 deletions(-)
>
[ ... ]
> diff --git a/mm/shmem.c b/mm/shmem.c
> index 990e33c6a776..cb6ff00eb4cb 100644
> --- a/mm/shmem.c
> +++ b/mm/shmem.c
[ ... ]
> @@ -5920,6 +5925,25 @@ int shmem_zero_setup(struct vm_area_struct *vma)
> return 0;
> }
>
> +/**
> + * shmem_zero_setup_desc - same as shmem_zero_setup, but determined by VMA
> + * descriptor for convenience.
> + * @desc: Describes VMA
> + * Returns: 0 on success, or error
> + */
> +int shmem_zero_setup_desc(struct vm_area_desc *desc)
> +{
> + struct file *file = __shmem_zero_setup(desc->start, desc->end,
> desc->vm_flags);
> +
> + if (IS_ERR(file))
> + return PTR_ERR(file);
> +
> + desc->vm_file = file;
> + desc->vm_ops = &shmem_anon_vm_ops;
> +
> + return 0;
> +}
> +
Hi Lorenzo,
shmem_zero_setup() does a if (vma->vm_file) fput(vma->vm_file) dance.
It looks like we need one here too?
-chris
