From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-11.2 required=3.0 tests=BAYES_00, HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_PATCH,MAILING_LIST_MULTI,SIGNED_OFF_BY, SPF_HELO_NONE,SPF_PASS,USER_AGENT_SANE_1 autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 9B215C388F9 for ; Mon, 2 Nov 2020 19:04:38 +0000 (UTC) Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.kernel.org (Postfix) with ESMTP id 342BA22280 for ; Mon, 2 Nov 2020 19:04:38 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 342BA22280 Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=intel.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=owner-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix) id AE62A6B0068; Mon, 2 Nov 2020 14:04:37 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id A6ED16B006C; Mon, 2 Nov 2020 14:04:37 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 90FB76B006E; Mon, 2 Nov 2020 14:04:37 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from forelay.hostedemail.com (smtprelay0221.hostedemail.com [216.40.44.221]) by kanga.kvack.org (Postfix) with ESMTP id 6025B6B0068 for ; Mon, 2 Nov 2020 14:04:37 -0500 (EST) Received: from smtpin28.hostedemail.com (10.5.19.251.rfc1918.com [10.5.19.251]) by forelay02.hostedemail.com (Postfix) with ESMTP id D326F362D for ; Mon, 2 Nov 2020 19:04:36 +0000 (UTC) X-FDA: 77440404552.28.gun18_151191f272b2 Received: from filter.hostedemail.com (10.5.16.251.rfc1918.com [10.5.16.251]) by smtpin28.hostedemail.com (Postfix) with ESMTP id AE21D6C05 for ; Mon, 2 Nov 2020 19:04:36 +0000 (UTC) X-HE-Tag: gun18_151191f272b2 X-Filterd-Recvd-Size: 4055 Received: from mga03.intel.com (mga03.intel.com [134.134.136.65]) by imf10.hostedemail.com (Postfix) with ESMTP for ; Mon, 2 Nov 2020 19:04:35 +0000 (UTC) IronPort-SDR: y4cqkWUUYBG2J0D2vtIE78GqiGV+ZzTD4OEL0ZDrfEOl+UbcKdjgrAf5LIhovpxoEUSOB+Ji1d m/D1aykkyEKQ== X-IronPort-AV: E=McAfee;i="6000,8403,9793"; a="169038108" X-IronPort-AV: E=Sophos;i="5.77,445,1596524400"; d="scan'208";a="169038108" X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga002.jf.intel.com ([10.7.209.21]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 02 Nov 2020 11:04:34 -0800 IronPort-SDR: 0HSxvIqoHmpfdSUuy1PgIxuSJrdxsP4yRTybMIUL78OfAkZkykOVKx/aPRgNLfpb72k+D53F+4 3WHqMNH9a0MA== X-IronPort-AV: E=Sophos;i="5.77,445,1596524400"; d="scan'208";a="336265090" Received: from iweiny-desk2.sc.intel.com (HELO localhost) ([10.3.52.147]) by orsmga002-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 02 Nov 2020 11:04:33 -0800 Date: Mon, 2 Nov 2020 11:04:33 -0800 From: Ira Weiny To: Jason Gunthorpe Cc: Andrew Morton , linux-mm@kvack.org, "Aneesh Kumar K.V" , Dan Williams , John Hubbard Subject: Re: [PATCH rc v2] mm/gup: use unpin_user_pages() in __gup_longterm_locked() Message-ID: <20201102190433.GG971338@iweiny-DESK2.sc.intel.com> References: <0-v2-3ae7d9d162e2+2a7-gup_cma_fix_jgg@nvidia.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <0-v2-3ae7d9d162e2+2a7-gup_cma_fix_jgg@nvidia.com> User-Agent: Mutt/1.11.1 (2018-12-01) X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: On Mon, Nov 02, 2020 at 02:19:59PM -0400, Jason Gunthorpe wrote: > When FOLL_PIN is passed to __get_user_pages() the page list must be put > back using unpin_user_pages() otherwise the page pin reference persists in > a corrupted state. > > There are two places in the unwind of __gup_longterm_locked() that put the > pages back without checking. Normally on error this function would return > the partial page list making this the caller's responsibility, but in > these two cases the caller is not allowed to see these pages at all. > > Cc: > Cc: Aneesh Kumar K.V > Fixes: 3faa52c03f44 ("mm/gup: track FOLL_PIN pages") > Reported-by: Ira Weiny Reviewed-by: Ira Weiny > Signed-off-by: Jason Gunthorpe > --- > mm/gup.c | 14 ++++++++++---- > 1 file changed, 10 insertions(+), 4 deletions(-) > > v2: > - Catch the DAX related case as well (Ira) > v1: https://lore.kernel.org/r/0-v1-976effcd4468+d4-gup_cma_fix_jgg@nvidia.com > > Andrew, this version with a modified commit message and extra hunk replaces: > mm-gup-use-unpin_user_pages-in-check_and_migrate_cma_pages.patch > > Thanks, > Jason > > diff --git a/mm/gup.c b/mm/gup.c > index 102877ed77a4b4..98eb8e6d2609c3 100644 > --- a/mm/gup.c > +++ b/mm/gup.c > @@ -1647,8 +1647,11 @@ static long check_and_migrate_cma_pages(struct mm_struct *mm, > /* > * drop the above get_user_pages reference. > */ > - for (i = 0; i < nr_pages; i++) > - put_page(pages[i]); > + if (gup_flags & FOLL_PIN) > + unpin_user_pages(pages, nr_pages); > + else > + for (i = 0; i < nr_pages; i++) > + put_page(pages[i]); > > if (migrate_pages(&cma_page_list, alloc_migration_target, NULL, > (unsigned long)&mtc, MIGRATE_SYNC, MR_CONTIG_RANGE)) { > @@ -1728,8 +1731,11 @@ static long __gup_longterm_locked(struct mm_struct *mm, > goto out; > > if (check_dax_vmas(vmas_tmp, rc)) { > - for (i = 0; i < rc; i++) > - put_page(pages[i]); > + if (gup_flags & FOLL_PIN) > + unpin_user_pages(pages, rc); > + else > + for (i = 0; i < rc; i++) > + put_page(pages[i]); > rc = -EOPNOTSUPP; > goto out; > } > -- > 2.28.0 >