From: Vivek Kasireddy <vivek.kasireddy@intel.com>
To: linux-mm@kvack.org
Cc: Vivek Kasireddy <vivek.kasireddy@intel.com>,
Andrew Morton <akpm@linux-foundation.org>,
"Liam R. Howlett" <Liam.Howlett@oracle.com>,
Lorenzo Stoakes <lorenzo.stoakes@oracle.com>,
Vlastimil Babka <vbabka@suse.cz>, Jann Horn <jannh@google.com>,
Pedro Falcato <pfalcato@suse.de>,
David Hildenbrand <david@kernel.org>,
Akihiko Odaki <odaki@rsg.ci.i.u-tokyo.ac.jp>
Subject: [PATCH] mm/mremap: allow VMAs with VM_DONTEXPAND|VM_PFNMAP when creating new mapping
Date: Wed, 19 Nov 2025 21:35:46 -0800 [thread overview]
Message-ID: <20251120053546.2885836-1-vivek.kasireddy@intel.com> (raw)
When mremap is used to create a new mapping, we should not return
-EFAULT for VMAs with VM_DONTEXPAND or VM_PFNMAP flags set because
the old VMA would neither be expanded nor shrunk in this case. This
is particularly useful when trying to create a new VMA using other
existing VMAs that have these flags set, such as the ones associated
with VFIO devices.
Specifically, there are use-cases where a VMM such as Qemu would
want to map a non-contiguous buffer associated with a VFIO device
in the following way:
void *start, *cur;
int i;
start = mmap(NULL, size, PROT_NONE, MAP_SHARED, -1, 0);
if (start == MAP_FAILED) {
return start;
}
cur = start;
for (i = 0; i < iov_cnt; i++) {
if (mremap(iov[i].iov_base, 0, iov[i].iov_len,
MREMAP_FIXED | MREMAP_MAYMOVE, cur) == MAP_FAILED) {
goto err;
}
cur += iov[i].iov_len;
}
return start;
The above code currently works when mapping buffers backed by
shmem (memfd) but fails with -EFAULT when mapping VFIO backed
buffers because the VMAs associated with iov[i].iov_base addresses
have VM_DONTEXPAND and VM_PFNMAP flags set. Therefore, fix this
issue by not returning -EFAULT when a new mapping is being created.
Cc: Andrew Morton <akpm@linux-foundation.org>
Cc: Liam R. Howlett <Liam.Howlett@oracle.com>
Cc: Lorenzo Stoakes <lorenzo.stoakes@oracle.com>
Cc: Vlastimil Babka <vbabka@suse.cz>
Cc: Jann Horn <jannh@google.com>
Cc: Pedro Falcato <pfalcato@suse.de>
Cc: David Hildenbrand <david@kernel.org>
Cc: Akihiko Odaki <odaki@rsg.ci.i.u-tokyo.ac.jp>
Signed-off-by: Vivek Kasireddy <vivek.kasireddy@intel.com>
---
mm/mremap.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/mm/mremap.c b/mm/mremap.c
index fdb0485ede74..d3868d941f72 100644
--- a/mm/mremap.c
+++ b/mm/mremap.c
@@ -1736,7 +1736,8 @@ static int check_prep_vma(struct vma_remap_struct *vrm)
if (pgoff + (new_len >> PAGE_SHIFT) < pgoff)
return -EINVAL;
- if (vma->vm_flags & (VM_DONTEXPAND | VM_PFNMAP))
+ if (vma->vm_flags & (VM_DONTEXPAND | VM_PFNMAP) &&
+ !vrm_implies_new_addr(vrm))
return -EFAULT;
if (!mlock_future_ok(mm, vma->vm_flags, vrm->delta))
--
2.50.1
next reply other threads:[~2025-11-20 5:36 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-11-20 5:35 Vivek Kasireddy [this message]
2025-11-20 9:04 ` Lorenzo Stoakes
2025-11-20 9:16 ` David Hildenbrand (Red Hat)
2025-11-20 9:35 ` Lorenzo Stoakes
2025-11-20 9:49 ` David Hildenbrand (Red Hat)
2025-11-20 9:58 ` Lorenzo Stoakes
2025-11-21 3:05 ` Akihiko Odaki
2025-11-21 8:03 ` Lorenzo Stoakes
2025-11-21 8:48 ` Akihiko Odaki
2025-11-21 9:10 ` Lorenzo Stoakes
2025-11-21 10:16 ` Akihiko Odaki
2025-11-21 10:52 ` Lorenzo Stoakes
2025-11-21 7:26 ` David Hildenbrand (Red Hat)
2025-11-21 6:51 ` Kasireddy, Vivek
2025-11-21 7:52 ` Lorenzo Stoakes
2025-11-21 8:13 ` David Hildenbrand (Red Hat)
2025-11-21 15:03 ` Liam R. Howlett
2025-11-22 6:56 ` Kasireddy, Vivek
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20251120053546.2885836-1-vivek.kasireddy@intel.com \
--to=vivek.kasireddy@intel.com \
--cc=Liam.Howlett@oracle.com \
--cc=akpm@linux-foundation.org \
--cc=david@kernel.org \
--cc=jannh@google.com \
--cc=linux-mm@kvack.org \
--cc=lorenzo.stoakes@oracle.com \
--cc=odaki@rsg.ci.i.u-tokyo.ac.jp \
--cc=pfalcato@suse.de \
--cc=vbabka@suse.cz \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox