From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 02ACCC4345F for ; Sat, 27 Apr 2024 04:41:47 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id E290E6B0082; Sat, 27 Apr 2024 00:41:46 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id DD98B6B0083; Sat, 27 Apr 2024 00:41:46 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id C52886B0085; Sat, 27 Apr 2024 00:41:46 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0012.hostedemail.com [216.40.44.12]) by kanga.kvack.org (Postfix) with ESMTP id A81366B0082 for ; Sat, 27 Apr 2024 00:41:46 -0400 (EDT) Received: from smtpin24.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay05.hostedemail.com (Postfix) with ESMTP id 1424F409BC for ; Sat, 27 Apr 2024 04:41:46 +0000 (UTC) X-FDA: 82054063812.24.9D6F9F1 Received: from NAM11-CO1-obe.outbound.protection.outlook.com (mail-co1nam11on2072.outbound.protection.outlook.com [40.107.220.72]) by imf11.hostedemail.com (Postfix) with ESMTP id EC6114000D for ; Sat, 27 Apr 2024 04:41:42 +0000 (UTC) Authentication-Results: imf11.hostedemail.com; dkim=pass header.d=Nvidia.com header.s=selector2 header.b=njE7WV8g; arc=pass ("microsoft.com:s=arcselector9901:i=1"); spf=pass (imf11.hostedemail.com: domain of jhubbard@nvidia.com designates 40.107.220.72 as permitted sender) smtp.mailfrom=jhubbard@nvidia.com; dmarc=pass (policy=reject) header.from=nvidia.com ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1714192903; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=ElTx/LKfP28sQfI7FAMFlutDLNBwSAo3aJVgBepTgtg=; b=50fVbAynnIUC8ACE5EwdqxbzfuCW571uiC60bnI07PSRwpcbscqemRvWRh3nfNENzVHoHA RabcrMPv+0mCCQ8CvbRlWhs/f3CF+m1ecNsqL8g9VsUjQIKccGU4dWzLpsvp8BR+7DIT+N DrOw3xebVaKIDtJg6pSPtlMPke75wBE= ARC-Authentication-Results: i=2; imf11.hostedemail.com; dkim=pass header.d=Nvidia.com header.s=selector2 header.b=njE7WV8g; arc=pass ("microsoft.com:s=arcselector9901:i=1"); spf=pass (imf11.hostedemail.com: domain of jhubbard@nvidia.com designates 40.107.220.72 as permitted sender) smtp.mailfrom=jhubbard@nvidia.com; dmarc=pass (policy=reject) header.from=nvidia.com ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1714192903; a=rsa-sha256; cv=pass; b=I5mULHPQu0o/7HwSf4XJTC/xsnEmioh3QvPE1w82YFAmCB6jRrsBkDNZRseK30ZHcWT/Vo GCifs7lgrfrxGz17i9Si0t1bGSlqIKPkNGnMjm+IuA5dw6RwT03ZpTkipUUk8WsgbEkYQk otjVTSFB9rnW/hyOLEqpQ6YJi7KpqjI= ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Sak1ViFEZlsMAKH4iCW1vjVZ7hz2F/eD3mK2qKzeDDxn3YoOqAwJzvKXjfLRtHYey4/TFmna079aBd1lHbA6TAwk3s8VZvhgbkD9lQ7H2cUjHXW8fe522mhOH/M53gz3qJ4eePRkZMx/YWexZlw0OfUByxDbfs4pXhnbkznoSRHjnPwlp72VP2gTFmHIm74+GnN/eksqgys1DeRUJqCK56s74ZzKLAa1eut+hSKKfFrIFKd5D6vK4qwxCfg8wwReLjPv8/VzM82Wpp5U8qbVUn0nddA1b5b2nmMpGzDdENlUv4st/Tkka+aGalo5vrOV4P2mxc/NoseUhnbftPfQdQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=ElTx/LKfP28sQfI7FAMFlutDLNBwSAo3aJVgBepTgtg=; b=IN3LORnhIsIm97kL2bx5qZPJ2jfQ9om6Q5FPdzNWKrmwMzs54oZG7X/J9+IHhpIxbP4sA9k33xVMJ/+U/TU7pD/W/WFGon0nlBMx4YR7VvU2/ednqCoLupEXHr0H2VbVTJaVnbU0/p84mCy0X542Y1MzCPcFkqWfl0jy4OIq1u8Qps1nv2ZnVNOm/ZXuNd/k053RZBUL9V8rZ8LnrTGQzr/SPTzmqwq0TH82gqyAqizhtP8kdYsA6hXXHKJGeEJT4z8gUuQt98vUMcmS+vFOsBjuV2AQnkHEQHyeOBQZDra9p3OPa7DEEmJHTziJ7ipHtjHlLyhxkT15QwrDao96PA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 216.228.117.161) smtp.rcpttodomain=arm.com smtp.mailfrom=nvidia.com; dmarc=pass (p=reject sp=reject pct=100) action=none header.from=nvidia.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Nvidia.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=ElTx/LKfP28sQfI7FAMFlutDLNBwSAo3aJVgBepTgtg=; b=njE7WV8g33hTK5nQJwJ39/3zmxr/EiLeBr7Q1LY8cDRdVklHYdYzRirgt19IlfjtMH+raHd0zFlteH6zTkegPySIOPTko5pP0ylCeKChM8JUTzAC0HmmywQ29XQyBrMFbxwEwEfN21TxW1I0aeo8kLAhpCs3/i8GSuC4kIL+i0N+4SWkjeimx26Z93YvmmRqqsUHkfkhMLRbTYrMW+xdRBAL3AvLUlyuIQ+EgbxmjoS5XbJSHrGVQipFJYRnDL1UvSfTTUgg1QhYfzS/zJq35fsidXgVbCOtGtrR8Tyl9B5Fy6f4JzfiFSmWm4lrR6DxcSLAv9NlcjG2BkXNLh2XnA== Received: from SN6PR01CA0005.prod.exchangelabs.com (2603:10b6:805:b6::18) by MW4PR12MB6897.namprd12.prod.outlook.com (2603:10b6:303:20a::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7519.24; Sat, 27 Apr 2024 04:41:39 +0000 Received: from SA2PEPF000015C9.namprd03.prod.outlook.com (2603:10b6:805:b6:cafe::7c) by SN6PR01CA0005.outlook.office365.com (2603:10b6:805:b6::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7519.31 via Frontend Transport; Sat, 27 Apr 2024 04:41:39 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 216.228.117.161) smtp.mailfrom=nvidia.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=nvidia.com; Received-SPF: Pass (protection.outlook.com: domain of nvidia.com designates 216.228.117.161 as permitted sender) receiver=protection.outlook.com; client-ip=216.228.117.161; helo=mail.nvidia.com; pr=C Received: from mail.nvidia.com (216.228.117.161) by SA2PEPF000015C9.mail.protection.outlook.com (10.167.241.199) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7519.19 via Frontend Transport; Sat, 27 Apr 2024 04:41:39 +0000 Received: from rnnvmail201.nvidia.com (10.129.68.8) by mail.nvidia.com (10.129.200.67) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1544.4; Fri, 26 Apr 2024 21:41:31 -0700 Received: from [10.110.48.28] (10.126.231.35) by rnnvmail201.nvidia.com (10.129.68.8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1544.4; Fri, 26 Apr 2024 21:41:30 -0700 Message-ID: <17956e0f-1101-42d7-9cba-87e196312484@nvidia.com> Date: Fri, 26 Apr 2024 21:41:30 -0700 MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: [PATCH v1] mm: Fix race between __split_huge_pmd_locked() and GUP-fast To: Ryan Roberts , Andrew Morton , Zi Yan , Aneesh Kumar K.V CC: , References: <20240425170704.3379492-1-ryan.roberts@arm.com> Content-Language: en-US From: John Hubbard In-Reply-To: <20240425170704.3379492-1-ryan.roberts@arm.com> Content-Type: text/plain; charset="UTF-8"; format=flowed Content-Transfer-Encoding: 7bit X-Originating-IP: [10.126.231.35] X-ClientProxiedBy: rnnvmail203.nvidia.com (10.129.68.9) To rnnvmail201.nvidia.com (10.129.68.8) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: SA2PEPF000015C9:EE_|MW4PR12MB6897:EE_ X-MS-Office365-Filtering-Correlation-Id: f0c4962c-1fad-4b91-e0e9-08dc66745427 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230031|36860700004|82310400014|1800799015|376005; X-Microsoft-Antispam-Message-Info: =?utf-8?B?eDZPcjMyWGF0UXgzNkQyaEZWR3dZKzVOR3V6a1dFTTRXQnV5NW1RTVFXTVQ5?= =?utf-8?B?ZkJQNUNDcVhBNGR0WFpaMGNrcmNCSWQvN282cGFQTWhidTRabnFNV01mZzFI?= =?utf-8?B?ZHJ5c1dEWlFhY2xUVGpvaFFrZExSbEx4Ri8xR29JZUc5d3FJS1l4WjdUN1V1?= =?utf-8?B?ZEkxM1RkSGJWUUVOd051WFdNT0NIWkNhdGtTT2M4aEM5aUhVYXd1M2tDSFN4?= =?utf-8?B?SmhnWTJrL3I4T29HVXBMZjhkTkM1blpSRDFpMTkxSEdZWjRXcXFFdDdjZmpE?= =?utf-8?B?WWs1aVRzZlZzUGRHSm5NWFFmQjNwV2J1YUFBT3UxUEc4OExUMlFkN29TOUtB?= =?utf-8?B?TEVOUVc5MWxDR0xHeDhXc1BLSFVWVWNhN0xRdWZYaEhLemc5SFRiTTNoeHJS?= =?utf-8?B?MWRlMGdoNGMzOGlJSHUyaDM1NmpEYTJrRmpKOS81V2xOWEtia1V0bkNZZlRx?= =?utf-8?B?Y01NWm1UR3NxZm1RcXlhMGgxNUFjZStMS0F1QmhqZ2U3RnNScHFjSDdNWFIv?= =?utf-8?B?VzVqWFduTlN5MnRqS1htS001aW82OFJRQVRmYmRDVkdKeVR0SXhYbVZIL1pN?= =?utf-8?B?WTRpaWNZMzdsSlJ5U01SU0E1YVQzT0orazExdTN6RUJTNjE5WnJZQ3VXeUJm?= =?utf-8?B?QjRQMDlqNldZT3NkN1M2ZUV2MWZaTVFIU3BHTkpZdVFZVVJ2NmZGTVRCbWVo?= =?utf-8?B?RnVyUFNzOXE4KzhEcWJzd1NlOWc5VVhZTHBZN2xYZFFUWXRvN0hPTjVETGxV?= =?utf-8?B?RTZ3U0xiWkRVQ3MxT0ZqNDN3RlNJWHBHaUZNYk5RTGxXdGh3QmVxUHNpT2E0?= =?utf-8?B?ODhlWHF1bThXL0VwVXdjV1VTV3dvTExLOVVUdHVUQTRKRG5JbDZLaWVPck82?= =?utf-8?B?VG9hQThnVzcyN1M1TC9xL2Y3V3dqSmswYkNENHhZZjJuQmdCdUlsNWlaYmdU?= =?utf-8?B?S3RGak1SbXBWb0JLWXE5V1F5R2g3SEZEN292ZUFzMkNHSmhoeld6VDJHVEY3?= =?utf-8?B?bFIwVEhVWEx5ZW04QkxpUDR5YmlvazZBOTFEcDh1cjd6QXkxU3JFdllndTJp?= =?utf-8?B?NmI3dm9EMnhxenVkTEEyYlU2QXBtcWpkeEdzVi90OWpjcStNcUVpbUQxZTd0?= =?utf-8?B?eE1GdkdyaXQzZytVcm55aW11U3BOcFc1MEZyMjIzRjdzM2s1Tk9pSWNVOTNW?= =?utf-8?B?c2x5RWpwaVA5YjVXTGh6ZmdlT1Q2bllFbmJqcjBCNEpWK2oxNWtLUTc2a3pL?= =?utf-8?B?U0h1WkhWT3E1WURGMkFDZTRDM0JBYXNHdm5NREMwRHJZN0RueldoS05sWWlh?= =?utf-8?B?Zk5BTXRpbDJJeFdvSFZHaE5kTXBCeEZuNTNNekxvS04wMEU5NmFxbVBMQk1P?= =?utf-8?B?WUZsaFh0azA0QkIxZTZOTnNYOGI3THRJeFdyVEVTNW56SXl1WDhqVXhYWXB6?= =?utf-8?B?c3lFMDJDa3Yrckw4ejdzTzlZMjBvbXRTeGsyUmlBb1c2N1pkSkEzWkx2Y2VN?= =?utf-8?B?dzRLMzJVMmtVNG9LQ1RmQ0gySkdGczNGck45Z3dUeG9sSmtsSWxzbEtrdzhl?= =?utf-8?B?cG9XZFdncFB1R1B3SnErUG1xdUw4QUNkRDBWaW5Eenkzcko0VmVQbE52eUV6?= =?utf-8?B?OFdhK0hLZEkvR0pUN29HM3BURlZBUW1vZm5LMDFQVEpta21lMkpWWkFUZ0FH?= =?utf-8?B?YkVGK09ZUlV1ejlkM2NxWHErMkJ2K3JxKzZlWml5WW5uZVpDVmZaUEVKQkl6?= =?utf-8?B?cHY5WGw1RG00T2N4MjFzeklnb3cxYXMrWlNZNzBZUU9iSUovdTBBd0FYY3I5?= =?utf-8?Q?OlkN/YYZF0DyKCBgxzm/+wn8tcHz38ICjao60=3D?= X-Forefront-Antispam-Report: CIP:216.228.117.161;CTRY:US;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:mail.nvidia.com;PTR:dc6edge2.nvidia.com;CAT:NONE;SFS:(13230031)(36860700004)(82310400014)(1800799015)(376005);DIR:OUT;SFP:1101; X-OriginatorOrg: Nvidia.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 27 Apr 2024 04:41:39.2500 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: f0c4962c-1fad-4b91-e0e9-08dc66745427 X-MS-Exchange-CrossTenant-Id: 43083d15-7273-40c1-b7db-39efd9ccc17a X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=43083d15-7273-40c1-b7db-39efd9ccc17a;Ip=[216.228.117.161];Helo=[mail.nvidia.com] X-MS-Exchange-CrossTenant-AuthSource: SA2PEPF000015C9.namprd03.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: MW4PR12MB6897 X-Stat-Signature: e51pybtsai97t7a7ywdwgxx8bcztbdz1 X-Rspamd-Queue-Id: EC6114000D X-Rspamd-Server: rspam10 X-Rspam-User: X-HE-Tag: 1714192902-436781 X-HE-Meta: U2FsdGVkX193KCzdjALPj3jRS29Bi5UqzHIYOySriGyfTermp8G7eireFzrVgMHcjTe3/WbtDD0Kjm1sJSxgKjEQ2nR1RC+vLb66T7iRnanemI7BZnRPMqXXGcK5cxqudvVPe0vzYvEGPiPZORjJ9fke8DT/jMAHzWQ1ViEWlrcGyR5yxxWfUMRd3lXeYzO5otDkZvlK/qYfc2Q1eknT2DQ4mw5+ZztGi+6CSqcBdfFnKY0qrBfPj2O/F5UoDYFLoEg+X4VeeHjKZvwLh3Nry/FgxiLmCg+gyPQHlrUfoWn+ZePY4NRosktsAo1ZeYDDJ/akOuI2BZawebO/S221oVjMSqGG4gxyJ6p93lQ8aPefv4r5d6wQpd7UocmgZUXSIIxU4OX6c80Pn5MwW9FLOcY1VeLEhDDUDEwmx3hgewl7KIGue+n5+SKu9oxeVDf52EwJQvub7CkDwLnpZxaeIVxOPs2r4Txi78bm+M1JnvDRNJVR99Cn51XtpKli/NTjNvbmGOOjCTY8DFW0yAd22kKpIdsa2tU5cObIMZhcCmlcyNUyqIO4KOst7ew5IjZsvBDxrW4WeSA01A/98/owzEIr0sZX7u1DdqcWOJM+Q5OkexF/gI/Sm64y/woPsoz5ixJSL1qXFs/p5Rd4e4EgxMtvPvZISZMv3uMnu5DIKCc39w0eblbsFbRK8q1ysFArdUwOyCDPzzAGpJ5uRgVuJyDhjAALHOjFGc1YKsyOh96kCIOpVflgH1MNKS/4sX3MqzhnjUv1SsRayvTrPI9m8zeSF5RVEcPJlK+R29XCrnzGBXXJlNfx6oss60EsP/copRUMUBguCGu1md4u72OL5FEEXr+g4LRvIYNAOLhnQK2IdkJjlugPsm2CW/DLD9IUpW4Wc83daWhGonDZUilnKS6b+7qlgSXTfUicCSYhfqBCgsTJNm355NjBrz+s9m2wU6/byF6q0/u1IVZm63z hXydrZ/s YsILu8mc94byTCfE+WWPREyR5iKFBFPcM1Zhr5vks05vcEYYfzqglL/z0djLa3+IVy9czcpIvid8SWZkJydA1c8bpMZaUwtTt46WG+tIKHegx/QmofONuLw127832vkoCjrkPuWpwQTgQWAciIrAiEsTXolmvSghEfywfzoj/CuJtpBmNSVBsmdoii5WLzkUq32NGccdMJZDqR0moUykJX4MYFOwNW13jwRkHOz6Nx9X/W52G5KXLT9SHPos7MwDQkwhXGu2DdlCHEslgGdkQvGrMBnvmf/pX6Jd5EYrbqZvIJz+Hzslaf44R5tiZ0ZRPpDTgTLES1SFi3NX8kRO85LyeqME0zD/knF03l5fJd/zN2kMWbMHKxjRx11gxzrrOhD9mShOF34e5YaUbTIaMZE79qkO4JTQhiquY0oWIb0xjqrqnHxgjJFeqjJGE7pt87T+nQtG2WxbRY0MAfPYKADCwT2aqihta13Y0 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On 4/25/24 10:07 AM, Ryan Roberts wrote: > __split_huge_pmd_locked() can be called for a present THP, devmap or > (non-present) migration entry. It calls pmdp_invalidate() > unconditionally on the pmdp and only determines if it is present or not > based on the returned old pmd. This is a problem for the migration entry > case because pmd_mkinvalid(), called by pmdp_invalidate() must only be > called for a present pmd. > > On arm64 at least, pmd_mkinvalid() will mark the pmd such that any > future call to pmd_present() will return true. And therefore any > lockless pgtable walker could see the migration entry pmd in this state > and start interpretting the fields as if it were present, leading to > BadThings (TM). GUP-fast appears to be one such lockless pgtable walker. > I suspect the same is possible on other architectures. > > Fix this by only calling pmdp_invalidate() for a present pmd. And for Yes, this seems like a good design decision (after reading through the discussion that you all had in the other threads). > good measure let's add a warning to the generic implementation of > pmdp_invalidate(). I've manually reviewed all other > pmdp_invalidate[_ad]() call sites and believe all others to be > conformant. > > This is a theoretical bug found during code review. I don't have any > test case to trigger it in practice. > > Fixes: 84c3fc4e9c56 ("mm: thp: check pmd migration entry in common path") > Signed-off-by: Ryan Roberts > --- > > Applies on top of v6.9-rc5. Passes all the mm selftests on arm64. > > Thanks, > Ryan > > > mm/huge_memory.c | 5 +++-- > mm/pgtable-generic.c | 2 ++ > 2 files changed, 5 insertions(+), 2 deletions(-) > > diff --git a/mm/huge_memory.c b/mm/huge_memory.c > index 89f58c7603b2..80939ad00718 100644 > --- a/mm/huge_memory.c > +++ b/mm/huge_memory.c > @@ -2513,12 +2513,12 @@ static void __split_huge_pmd_locked(struct vm_area_struct *vma, pmd_t *pmd, > * for this pmd), then we flush the SMP TLB and finally we write the > * non-huge version of the pmd entry with pmd_populate. > */ > - old_pmd = pmdp_invalidate(vma, haddr, pmd); > > - pmd_migration = is_pmd_migration_entry(old_pmd); > + pmd_migration = is_pmd_migration_entry(*pmd); > if (unlikely(pmd_migration)) { > swp_entry_t entry; > > + old_pmd = *pmd; > entry = pmd_to_swp_entry(old_pmd); > page = pfn_swap_entry_to_page(entry); > write = is_writable_migration_entry(entry); > @@ -2529,6 +2529,7 @@ static void __split_huge_pmd_locked(struct vm_area_struct *vma, pmd_t *pmd, > soft_dirty = pmd_swp_soft_dirty(old_pmd); > uffd_wp = pmd_swp_uffd_wp(old_pmd); > } else { > + old_pmd = pmdp_invalidate(vma, haddr, pmd); This looks good, except that now I am deeply confused about the pre-existing logic. I thought that migration entries were a subset of swap entries, but this code seems to be treating is_pmd_migration_entry() as a synonym for "is a swap entry". Can you shed any light on this for me? > page = pmd_page(old_pmd); > folio = page_folio(page); > if (pmd_dirty(old_pmd)) { > diff --git a/mm/pgtable-generic.c b/mm/pgtable-generic.c > index 4fcd959dcc4d..74e34ea90656 100644 > --- a/mm/pgtable-generic.c > +++ b/mm/pgtable-generic.c > @@ -198,6 +198,7 @@ pgtable_t pgtable_trans_huge_withdraw(struct mm_struct *mm, pmd_t *pmdp) > pmd_t pmdp_invalidate(struct vm_area_struct *vma, unsigned long address, > pmd_t *pmdp) > { > + VM_WARN_ON(!pmd_present(*pmdp)); > pmd_t old = pmdp_establish(vma, address, pmdp, pmd_mkinvalid(*pmdp)); > flush_pmd_tlb_range(vma, address, address + HPAGE_PMD_SIZE); > return old; > @@ -208,6 +209,7 @@ pmd_t pmdp_invalidate(struct vm_area_struct *vma, unsigned long address, > pmd_t pmdp_invalidate_ad(struct vm_area_struct *vma, unsigned long address, > pmd_t *pmdp) > { > + VM_WARN_ON(!pmd_present(*pmdp)); Should these be VM_WARN_ON_ONCE(), instead? Also, this seems like a good place to put a little comment in, to mark the new design constraint. Something like "Only present entries are allowed to be invalidated", perhaps. > return pmdp_invalidate(vma, address, pmdp); > } > #endif > -- > 2.25.1 > > thanks, -- John Hubbard NVIDIA