From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 20FC0C433FE for ; Tue, 18 Oct 2022 19:27:18 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 62B956B0072; Tue, 18 Oct 2022 15:27:17 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 5DB4F6B0075; Tue, 18 Oct 2022 15:27:17 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 4CA0C6B0078; Tue, 18 Oct 2022 15:27:17 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0016.hostedemail.com [216.40.44.16]) by kanga.kvack.org (Postfix) with ESMTP id 3C27D6B0072 for ; Tue, 18 Oct 2022 15:27:17 -0400 (EDT) Received: from smtpin25.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay03.hostedemail.com (Postfix) with ESMTP id 1B0E2A10A0 for ; Tue, 18 Oct 2022 19:27:17 +0000 (UTC) X-FDA: 80035053714.25.729C887 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by imf16.hostedemail.com (Postfix) with ESMTP id B18BD18002A for ; Tue, 18 Oct 2022 19:27:16 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1666121236; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=LxL/Bf6SKLrPegywa5mvZbcg0E3DOZjONDs0erbS/Hc=; b=OK4Q6lcz465NpkqC7Orrex8uWrZbs9NLwQfWU4oSDlix3q0BQPSSRiFwtdDn3wLjHLv5CE PJsiD6OerzhTG/Utu1/Nfi72cj897rsff/AtFjq1rraFQjGMBV17gDNGBLvb4iEv3hg0tO OmIwjn5jIhAy2VcY9cqHy4fCZETCla8= Received: from mail-wr1-f69.google.com (mail-wr1-f69.google.com [209.85.221.69]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_128_GCM_SHA256) id us-mta-644-82ZngDAeNhGsFtbuIKn_Tg-1; Tue, 18 Oct 2022 15:27:14 -0400 X-MC-Unique: 82ZngDAeNhGsFtbuIKn_Tg-1 Received: by mail-wr1-f69.google.com with SMTP id e14-20020adf9bce000000b0022d18139c79so4862459wrc.5 for ; Tue, 18 Oct 2022 12:27:14 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:in-reply-to:organization:from:references :cc:to:content-language:subject:user-agent:mime-version:date :message-id:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=LxL/Bf6SKLrPegywa5mvZbcg0E3DOZjONDs0erbS/Hc=; b=dsuKkeTgIukTcTiSCyN2HjoMnPZUYRWEBMCLwTOk6TccSj9FLXj2mo0LCHHJ+b4SSx 864l2/TAxP/9EPtDc/+Mkd3uX1U0PtIXLulay9t3R86RgqNuPBXOsOAv2pcpbGstCA1S 37hKEorj5YyIGdH8sgGiEaQZJKGnQvjkJGNd9PC2FP073w4CQrvhy8dAe8B+wodyUVKB s19+fG0hLBqQf7D/qacqpOdQifnvI76f4Aacz16AulWPN+qZDJFLTBKwdLUl415jjJT6 QyBG6lGxm4jv9zktDxyRzNE5aE3sFv9JfBE/OQj28+DQCgH7A/xfDOnT1e7eK7ph1Wku anMQ== X-Gm-Message-State: ACrzQf172Hn6NFn+UISfhO+ox5a2zDBi+Qi7arEEYIWxqfT4MqPGY6eV xFzMtvoANX3oj3pVb8WTSZ3ttIrHI2gcuVn4mafilysuftnZRi8zToV6pddIa9QrSMrH/7YgLgh J2B21J55gfsE= X-Received: by 2002:a05:6000:4c:b0:22e:48e0:1a0b with SMTP id k12-20020a056000004c00b0022e48e01a0bmr2942726wrx.618.1666121233644; Tue, 18 Oct 2022 12:27:13 -0700 (PDT) X-Google-Smtp-Source: AMsMyM7mSDG/naAfJSJ0Df9p2KGCONJVOnJqCKiClyICizisHUwGeukLCbSuy2fmrf7+95kcJ8RoxQ== X-Received: by 2002:a05:6000:4c:b0:22e:48e0:1a0b with SMTP id k12-20020a056000004c00b0022e48e01a0bmr2942713wrx.618.1666121233339; Tue, 18 Oct 2022 12:27:13 -0700 (PDT) Received: from ?IPV6:2003:cb:c705:8900:d1f:5430:86b1:31ba? (p200300cbc70589000d1f543086b131ba.dip0.t-ipconnect.de. [2003:cb:c705:8900:d1f:5430:86b1:31ba]) by smtp.gmail.com with ESMTPSA id t18-20020a5d6912000000b00226dedf1ab7sm11489114wru.76.2022.10.18.12.27.12 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Tue, 18 Oct 2022 12:27:12 -0700 (PDT) Message-ID: <3da4244a-5a1b-cf34-bf5c-22c199b15cb6@redhat.com> Date: Tue, 18 Oct 2022 21:27:11 +0200 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.3.1 Subject: Re: [PATCH] mm/mmap: Fix MAP_FIXED address return on VMA merge To: Liam Howlett , "maple-tree@lists.infradead.org" , "linux-mm@kvack.org" , "linux-kernel@vger.kernel.org" , Andrew Morton Cc: Liu Zixian , Jason Gunthorpe , Matthew Wilcox , Mark Rutland References: <20221018191613.4133459-1-Liam.Howlett@oracle.com> From: David Hildenbrand Organization: Red Hat In-Reply-To: <20221018191613.4133459-1-Liam.Howlett@oracle.com> X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Language: en-US Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1666121236; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=LxL/Bf6SKLrPegywa5mvZbcg0E3DOZjONDs0erbS/Hc=; b=NPFkwzd86pPmceXlJyssAemmzvJkHFAAtwg5YPPNRXTm+SAkytQmpzSO6jttdg51WgJktF n/U+86oyIDBmDQr7ujO6T7R7Pi42HjUyOLddbAjnc37euaMlE6DtemYGEwVjgtnGn4Vb6b yicrdgzqnZ8mpWF+cxZScK79/bQ3T9M= ARC-Authentication-Results: i=1; imf16.hostedemail.com; dkim=pass header.d=redhat.com header.s=mimecast20190719 header.b=OK4Q6lcz; dmarc=pass (policy=none) header.from=redhat.com; spf=pass (imf16.hostedemail.com: domain of david@redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=david@redhat.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1666121236; a=rsa-sha256; cv=none; b=PHD2GlxqzF0NAHgO4SBIdvPOfraH0TUCNc0FMMk40Dp78E7c3gRG4IQlY+Fxst8HHQ6ogK JQgboK+tmjA9f42fWnnV6CCOefw47M8ZnfF25uwmJd2RgErGBDH49SHeXrK9TXL8D8UWKN H/eD60dFdg0kdL57ZqwugXBnvMs882E= Authentication-Results: imf16.hostedemail.com; dkim=pass header.d=redhat.com header.s=mimecast20190719 header.b=OK4Q6lcz; dmarc=pass (policy=none) header.from=redhat.com; spf=pass (imf16.hostedemail.com: domain of david@redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=david@redhat.com X-Rspamd-Server: rspam02 X-Rspamd-Queue-Id: B18BD18002A X-Rspam-User: X-Stat-Signature: fj1pghu8z4agauxts6hsagkjgi3j6g8d X-HE-Tag: 1666121236-383521 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: On 18.10.22 21:17, Liam Howlett wrote: > mmap should return the start address of newly mapped area when > successful. On a successful merge of a VMA, the return address was > changed and thus was violating that expectation from userspace. > Just wondering, do we have a simple user space reproducer / test? Do we want to add some more tests for such scenarios? > This is a restoration of functionality provided by 309d08d9b3a3 > (mm/mmap.c: fix mmap return value when vma is merged after call_mmap()). > For completeness of fixing MAP_FIXED, implement the comments from the > previous discussion to never update the address and fail if the address > changes. Leaving the error as a WARN_ON() to avoid crashing the kernel. > > Cc: Liu Zixian > Cc: David Hildenbrand > Cc: Jason Gunthorpe > Cc: Matthew Wilcox > Link: https://lore.kernel.org/all/Y06yk66SKxlrwwfb@lakrids/ > Link: https://lore.kernel.org/all/20201203085350.22624-1-liuzixian4@huawei.com/ > Fixes: 4dd1b84140c1 (mm/mmap: use advanced maple tree API for mmap_region()) > Reported-by: Mark Rutland > Signed-off-by: Liam R. Howlett > --- > mm/mmap.c | 15 +++++++-------- > 1 file changed, 7 insertions(+), 8 deletions(-) > > diff --git a/mm/mmap.c b/mm/mmap.c > index 42cd2c260898..22010e13f1a1 100644 > --- a/mm/mmap.c > +++ b/mm/mmap.c > @@ -2625,14 +2625,14 @@ unsigned long mmap_region(struct file *file, unsigned long addr, > if (error) > goto unmap_and_free_vma; > > - /* Can addr have changed?? > - * > - * Answer: Yes, several device drivers can do it in their > - * f_op->mmap method. -DaveM > + /* > + * Expansion is handled above, merging is handled below. > + * Drivers should not alter the address of the VMA. > */ > - WARN_ON_ONCE(addr != vma->vm_start); > - > - addr = vma->vm_start; > + if (WARN_ON((addr != vma->vm_start))) { > + error = -EINVAL; > + goto close_and_free_vma; > + } If this is something that user space can trigger, WARN_* is the wrong choice. But what I understand from the comment change is that this must not happen at that point unless there is a real issue. Why not "if (WARN_ON_ONCE)" ? -- Thanks, David / dhildenb