From: Evgeniy Polyakov <johnpol@2ka.mipt.ru>
Date: Fri, 28 Mar 2008 12:20:36 +0300

quoted text
> There is a race between ->sendpage() and block layer, when the latter
> can override the page while it is queued in hardware, qdisk or tcp
> queue. Although page's reference counter is handled correctly, and page
> will not be freed until fully transferred, block layer can reuse it,
> since it assumes that after ->sendpage() returns, page is no longer
> used. It is invalid assumption, but there is no way currently to
> determine when page is no longer used by network except invoke a
> callback during skb freeing.

It is well known that between when a page is given to sendfile path
and it is actually transmitted to the network the kernel can write
into that page multiple times.

That's why we only allow sendfile over device paths that support
checksum offloading, since the page contents can change freely at any
moment in time.

The refrence counting is to prevent leaks, rather than to protect
the integrity of the contents.

If content protection is desired, higher level things are needed.
For example, SAMBA only uses sendfile() if the remote client
has an OP lock on the file in question.
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html