From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 37FD9C3064D for ; Tue, 25 Jun 2024 14:54:52 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id A83446B0082; Tue, 25 Jun 2024 10:54:51 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id A0C126B0083; Tue, 25 Jun 2024 10:54:51 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 8861E6B0085; Tue, 25 Jun 2024 10:54:51 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0011.hostedemail.com [216.40.44.11]) by kanga.kvack.org (Postfix) with ESMTP id 654B76B0082 for ; Tue, 25 Jun 2024 10:54:51 -0400 (EDT) Received: from smtpin10.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay05.hostedemail.com (Postfix) with ESMTP id EECFE401BA for ; Tue, 25 Jun 2024 14:54:50 +0000 (UTC) X-FDA: 82269707940.10.6163D4C Received: from sin.source.kernel.org (sin.source.kernel.org [145.40.73.55]) by imf08.hostedemail.com (Postfix) with ESMTP id 8BB11160016 for ; Tue, 25 Jun 2024 14:54:47 +0000 (UTC) Authentication-Results: imf08.hostedemail.com; dkim=pass header.d=kernel.org header.s=k20201202 header.b=gJDWR5Eh; dmarc=pass (policy=none) header.from=kernel.org; spf=pass (imf08.hostedemail.com: domain of jlayton@kernel.org designates 145.40.73.55 as permitted sender) smtp.mailfrom=jlayton@kernel.org ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1719327276; a=rsa-sha256; cv=none; b=Jicoaf7awM3DsI56io4kaLQnanDfGCv4yahPCtnsSblyNltc+AirND8Ixuvwv+txeB1DUg FiOrWbqiYHWHARvV/Ni1COr/Qq4XCbruACMpru+eEnpXnojeKmMcOBXtPd0qPio6Hcs6/r l+3YPZ348g4RDG/mvwLuAiHKWoq0Mo4= ARC-Authentication-Results: i=1; imf08.hostedemail.com; dkim=pass header.d=kernel.org header.s=k20201202 header.b=gJDWR5Eh; dmarc=pass (policy=none) header.from=kernel.org; spf=pass (imf08.hostedemail.com: domain of jlayton@kernel.org designates 145.40.73.55 as permitted sender) smtp.mailfrom=jlayton@kernel.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1719327276; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=PNb7zrdy1EJMeEs+/UWPytSm5bSql0qy/eSjoCQzueI=; b=BZ99J31i9qUOlmBZ7/HBIKdwS+Ohz7hU8yvxgNGjewICfjbz3nuHqqVa6QI1rwd+UE43gg YoB9b3z0rm0ZBmsxiH/t72qFOZhld0cX/szo7M7eok8/V9iF9Kgh1jInscTuPzW+Zd+lny dMBd3CwOW/8ZKCWfC5TJnJXXj3yHLuE= Received: from smtp.kernel.org (transwarp.subspace.kernel.org [100.75.92.58]) by sin.source.kernel.org (Postfix) with ESMTP id 15D61CE1AC4; Tue, 25 Jun 2024 14:54:44 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 21CDBC32786; Tue, 25 Jun 2024 14:54:42 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1719327283; bh=OnlecF0L+WuiOOe//vNstn8JovvMxwxc6c0feuDVQJs=; h=Subject:From:To:Cc:Date:In-Reply-To:References:From; b=gJDWR5EhbVC6GZbZadZAFf7L+GhlVlKDhry5FwnN+wa0K8mmi1Qcuvtz6zbKkZK3i bF0f/9w9yGTBMz0ii0BiyL6eM9eDIS6sH+eSeN2Zjx65DPLW9qKCKhz0an3vvLkQNq QTumE9xPp4cAh26FRje2V0IX4r4J6GLzDHYdfs2u5FFR+/AEiTEijIs5nSrFvMgGTs Jer9upuIHAseZVGwnXJ7rEuwCrs2CH33/dGvrlSm9257uirjGJ634gsSAYSQXU+Kwt WQJRSGrctibMhPZ0Xlkh6EWDc5PMNIyWx6p0/cyJF8zw9yycJdQWW7craS0UrNhAOC MhEppcMevufFg== Message-ID: <2545edf023b2a364672f73d3ae6d90c702310b3f.camel@kernel.org> Subject: Re: [PATCH v2] netfs: Fix netfs_page_mkwrite() to check folio->mapping is valid From: Jeff Layton To: David Howells Cc: Christian Brauner , Matthew Wilcox , netfs@lists.linux.dev, v9fs@lists.linux.dev, linux-afs@lists.infradead.org, linux-cifs@vger.kernel.org, linux-mm@kvack.org, linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org Date: Tue, 25 Jun 2024 10:54:40 -0400 In-Reply-To: <780211.1719318546@warthog.procyon.org.uk> References: <614257.1719228181@warthog.procyon.org.uk> <780211.1719318546@warthog.procyon.org.uk> Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable User-Agent: Evolution 3.50.4 (3.50.4-1.fc39) MIME-Version: 1.0 X-Rspamd-Server: rspam12 X-Rspamd-Queue-Id: 8BB11160016 X-Stat-Signature: eby6ioxf3pcy6bwpwtw494xht6d71ikm X-Rspam-User: X-HE-Tag: 1719327287-73427 X-HE-Meta: U2FsdGVkX18uwE40k3AQ/ktftROmdKN+3cu8W1WG6jHgBFuq1i5XjeXVz+TFLS95djUvRRFmMkl7Q48m0sBPXyJC65R6tOPb7Y5El06t7BebUajq41UPMB0knK2ppn0fEoKid/BK0ge5KDiVJV1PlWmvQC757NUqwp0yYPz9D5tzinmpmZV6smdqcsa8FKV60NPTbQBkr1V66woT1K5e1A6+4rB3B0a3H9rNg1m0+h2mlLv3+RAJgQcn+CPH26P8jeKp7W0XJPUhKKzRhBW+FirndwhntWS6zOjbvL99EXc01BEakNmAD8BAS4T1ZEoY4qn8Vo4E2PIw1rImcNY1LJlsaWTXzpgSyPr64Nh9ND2Esn02AhhDg1tdoRuz7eKrnOj3U1zxGkEpSHUnD+dHDMjjLEFzp1QgGxzCnZ/ZBoXis65Q5d7EcRxm//nVLNU+f2b5Ba3idzEUFN21xhz8q1f3yEedCvrCv5mNrhoj+SFJ4OXNKWS2X26w1/DUKmOomi+jzLeHjdR6YRbrFgmmhH3vF4mqBhbMjyzbaajQrKIIyAjzMHMa2wWLUf31tE7EGZ5hh/+5Me6uz3EeBRobLnMb1qt0LOyE7V19c0zF6NkR92KTnkAm6O0DlNFZl+b+cym+gLVyMybRa19VJPjNFS5uQk08X8Ay16DQNAdZTW3b4hFDjQky9bpSJ97nN7yHJnYHL86KciFkTwfifzOcUIL/EXhtBbboTu7W8tDuOU/Y8/HvtOvbwZ4bEMaCcOU8UT+fnH5IjOgAQlUOkWMsHDLBmkbXbT7McPDZlCQqhaA9TuzRv2DHSpug+SmAWKc0WVQDDJm990poQNgp6qMVTkHOSAc8pAk6vwSDjKTrV5rmnC2aHpMBbdnxBaebhABGhkpVcpeDbLIkWbwSf8ELPc16DfWz3Y0d9sEIIU9cH2ZBr+f5dfR5phI6GoPgyaWOW7Z2Bmz6mSTrYRD1X1y PG3DwH/o TX8hPoipvnXGelgWC0Zxv3oZoONQhaav7wr3Y1mhlfqOp1Eo/0MCtNRV6JOQdv84Z+QLoZvfHHoJnigOriyVDprSZ+9sYegIIojNwgJraRcYx5tZJT5uzJu2vzf9nxII5c5OdEbvhm/H2DQOK3dZWilmWv9G/nfd7N6yrnHiSGIY/JnRcKM3ElS33XrPpjfZLO7lBJHG+xqObADUv94eVsLvMrMV0MAP5EOATQarPWqf6Yjh9x+3R3KDYA8XYZrO803f5/1obglQjpm0Dblq2+ua4E5xzLJ17BrWGqcw3ZefuArm1AKmac+MtaCKSDNDpuCW5DMkd0IjD4Hb1q1EdFK6HM0wtMJD5v+FVJ9xUBDTs+93ujccuHjiwowRjCgRzqaLZ+O+WmuQO8d+10rR5SYNodi5rQT9ukoasJhmTuxVag14Bpyiy38VmEA== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On Tue, 2024-06-25 at 13:29 +0100, David Howells wrote: > =C2=A0=C2=A0=C2=A0=20 > Fix netfs_page_mkwrite() to check that folio->mapping is valid once > it has > taken the folio lock (as filemap_page_mkwrite() does).=C2=A0 Without this= , > generic/247 occasionally oopses with something like the following: >=20 > =C2=A0=C2=A0=C2=A0 BUG: kernel NULL pointer dereference, address: 0000000= 000000000 > =C2=A0=C2=A0=C2=A0 #PF: supervisor read access in kernel mode > =C2=A0=C2=A0=C2=A0 #PF: error_code(0x0000) - not-present page >=20 > =C2=A0=C2=A0=C2=A0 RIP: 0010:trace_event_raw_event_netfs_folio+0x61/0xc0 > =C2=A0=C2=A0=C2=A0 ... > =C2=A0=C2=A0=C2=A0 Call Trace: > =C2=A0=C2=A0=C2=A0=C2=A0 > =C2=A0=C2=A0=C2=A0=C2=A0 ? __die_body+0x1a/0x60 > =C2=A0=C2=A0=C2=A0=C2=A0 ? page_fault_oops+0x6e/0xa0 > =C2=A0=C2=A0=C2=A0=C2=A0 ? exc_page_fault+0xc2/0xe0 > =C2=A0=C2=A0=C2=A0=C2=A0 ? asm_exc_page_fault+0x22/0x30 > =C2=A0=C2=A0=C2=A0=C2=A0 ? trace_event_raw_event_netfs_folio+0x61/0xc0 > =C2=A0=C2=A0=C2=A0=C2=A0 trace_netfs_folio+0x39/0x40 > =C2=A0=C2=A0=C2=A0=C2=A0 netfs_page_mkwrite+0x14c/0x1d0 > =C2=A0=C2=A0=C2=A0=C2=A0 do_page_mkwrite+0x50/0x90 > =C2=A0=C2=A0=C2=A0=C2=A0 do_pte_missing+0x184/0x200 > =C2=A0=C2=A0=C2=A0=C2=A0 __handle_mm_fault+0x42d/0x500 > =C2=A0=C2=A0=C2=A0=C2=A0 handle_mm_fault+0x121/0x1f0 > =C2=A0=C2=A0=C2=A0=C2=A0 do_user_addr_fault+0x23e/0x3c0 > =C2=A0=C2=A0=C2=A0=C2=A0 exc_page_fault+0xc2/0xe0 > =C2=A0=C2=A0=C2=A0=C2=A0 asm_exc_page_fault+0x22/0x30 >=20 > This is due to the invalidate_inode_pages2_range() issued at the end > of the > DIO write interfering with the mmap'd writes. >=20 > Fixes: 102a7e2c598c ("netfs: Allow buffered shared-writeable mmap > through netfs_page_mkwrite()") > Signed-off-by: David Howells > cc: Matthew Wilcox > cc: Jeff Layton > cc: netfs@lists.linux.dev > cc: v9fs@lists.linux.dev > cc: linux-afs@lists.infradead.org > cc: linux-cifs@vger.kernel.org > cc: linux-mm@kvack.org > cc: linux-fsdevel@vger.kernel.org > --- > Changes > =3D=3D=3D=3D=3D=3D=3D > ver #2) > =C2=A0- Actually unlock the folio rather than returning VM_FAULT_LOCKED > with > =C2=A0=C2=A0 VM_FAULT_NOPAGE. >=20 > =C2=A0fs/netfs/buffered_write.c |=C2=A0=C2=A0=C2=A0 8 +++++++- > =C2=A01 file changed, 7 insertions(+), 1 deletion(-) >=20 > diff --git a/fs/netfs/buffered_write.c b/fs/netfs/buffered_write.c > index 07bc1fd43530..270f8ebf8328 100644 > --- a/fs/netfs/buffered_write.c > +++ b/fs/netfs/buffered_write.c > @@ -523,6 +523,7 @@ vm_fault_t netfs_page_mkwrite(struct vm_fault > *vmf, struct netfs_group *netfs_gr > =C2=A0 struct netfs_group *group; > =C2=A0 struct folio *folio =3D page_folio(vmf->page); > =C2=A0 struct file *file =3D vmf->vma->vm_file; > + struct address_space *mapping =3D file->f_mapping; > =C2=A0 struct inode *inode =3D file_inode(file); > =C2=A0 struct netfs_inode *ictx =3D netfs_inode(inode); > =C2=A0 vm_fault_t ret =3D VM_FAULT_RETRY; > @@ -534,6 +535,11 @@ vm_fault_t netfs_page_mkwrite(struct vm_fault > *vmf, struct netfs_group *netfs_gr > =C2=A0 > =C2=A0 if (folio_lock_killable(folio) < 0) > =C2=A0 goto out; > + if (folio->mapping !=3D mapping) { > + folio_unlock(folio); > + ret =3D VM_FAULT_NOPAGE; > + goto out; > + } > =C2=A0 > =C2=A0 if (folio_wait_writeback_killable(folio)) { > =C2=A0 ret =3D VM_FAULT_LOCKED; > @@ -549,7 +555,7 @@ vm_fault_t netfs_page_mkwrite(struct vm_fault > *vmf, struct netfs_group *netfs_gr > =C2=A0 group =3D netfs_folio_group(folio); > =C2=A0 if (group !=3D netfs_group && group !=3D > NETFS_FOLIO_COPY_TO_CACHE) { > =C2=A0 folio_unlock(folio); > - err =3D filemap_fdatawait_range(inode->i_mapping, > + err =3D filemap_fdatawait_range(mapping, > =C2=A0 =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 folio_pos(folio), > =C2=A0 =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 folio_pos(folio) + > folio_size(folio)); > =C2=A0 switch (err) { >=20 >=20 Reviewed-by: Jeff Layton