On 01/27/2016 03:30 AM, Vlastimil Babka wrote:
>> >  long __get_user_pages_unlocked(struct task_struct *tsk, struct mm_struct *mm,
>> >  			       unsigned long start, unsigned long nr_pages,
>> >  			       int write, int force, struct page **pages,
>> >  			       unsigned int gup_flags)
>> >  {
>> >  	long ret;
>> > -	down_read(&mm->mmap_sem);
>> > -	ret = get_user_pages(tsk, mm, start, nr_pages, write, force,
>> > -			     pages, NULL);
>> > -	up_read(&mm->mmap_sem);
>> > +	down_read(&current->mm->mmap_sem);
>> > +	ret = get_user_pages(start, nr_pages, write, force, pages, NULL);
>> > +	up_read(&current->mm->mmap_sem);
> I understand your reply to lkp report also means that this no longer locks
> current's mmap_sem? :)

Ahhh, good point.  Now that we're passing them in again, we've got to
use them.  That also makes it wrong to call get_user_pages() directly.
We should be using the __ variant so we can pass in the tsk/mm that came
into __get_user_pages_unlocked().

Updated version is attached.