From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <owner-linux-mm@kvack.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17])
	by smtp.lore.kernel.org (Postfix) with ESMTP id E5529C3DA7D
	for <linux-mm@archiver.kernel.org>; Tue,  3 Jan 2023 20:26:16 +0000 (UTC)
Received: by kanga.kvack.org (Postfix)
	id 788C08E0002; Tue,  3 Jan 2023 15:26:16 -0500 (EST)
Received: by kanga.kvack.org (Postfix, from userid 40)
	id 711B48E0001; Tue,  3 Jan 2023 15:26:16 -0500 (EST)
X-Delivered-To: int-list-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix, from userid 63042)
	id 5B2388E0002; Tue,  3 Jan 2023 15:26:16 -0500 (EST)
X-Delivered-To: linux-mm@kvack.org
Received: from relay.hostedemail.com (smtprelay0011.hostedemail.com [216.40.44.11])
	by kanga.kvack.org (Postfix) with ESMTP id 473688E0001
	for <linux-mm@kvack.org>; Tue,  3 Jan 2023 15:26:16 -0500 (EST)
Received: from smtpin22.hostedemail.com (a10.router.float.18 [10.200.18.1])
	by unirelay02.hostedemail.com (Postfix) with ESMTP id 1A30A1205E4
	for <linux-mm@kvack.org>; Tue,  3 Jan 2023 20:26:16 +0000 (UTC)
X-FDA: 80314619952.22.02B4D91
Received: from mail-wr1-f53.google.com (mail-wr1-f53.google.com [209.85.221.53])
	by imf03.hostedemail.com (Postfix) with ESMTP id 6F42420009
	for <linux-mm@kvack.org>; Tue,  3 Jan 2023 20:26:14 +0000 (UTC)
Authentication-Results: imf03.hostedemail.com;
	dkim=pass header.d=google.com header.s=20210112 header.b=QKadA8SE;
	spf=pass (imf03.hostedemail.com: domain of jthoughton@google.com designates 209.85.221.53 as permitted sender) smtp.mailfrom=jthoughton@google.com;
	dmarc=pass (policy=reject) header.from=google.com
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com;
	s=arc-20220608; t=1672777574;
	h=from:from:sender:reply-to:subject:subject:date:date:
	 message-id:message-id:to:to:cc:cc:mime-version:mime-version:
	 content-type:content-type:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references:dkim-signature;
	bh=xJd3NQqdohX/EjLJYnI3IKupf1n8/BBvgnGo9sOOFuU=;
	b=wE+8nFJh/CP4dZcqk4uFEG2MKn/F9L7AtT+nncejaDAlKnQIAcT5jD/UopKatX8uuVPPhx
	lrO9fjvvzz+E4GiaOkD3DJwho7zO+ePIanMNCyeE5RUiamR+1wyXESVysYh7IeMz4FbPPj
	YYTviBlR3w844m6dcGdAz5H4cOd6B1M=
ARC-Authentication-Results: i=1;
	imf03.hostedemail.com;
	dkim=pass header.d=google.com header.s=20210112 header.b=QKadA8SE;
	spf=pass (imf03.hostedemail.com: domain of jthoughton@google.com designates 209.85.221.53 as permitted sender) smtp.mailfrom=jthoughton@google.com;
	dmarc=pass (policy=reject) header.from=google.com
ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1672777574; a=rsa-sha256;
	cv=none;
	b=xj7+z5GRBqSrX/Qr6pwUa0bDLKBBS7dgHgiGYf17UFClY/qahHqmnUJItBeWLeIA2SN7D+
	f0lURfnQC/2Dgzzb+JbDhZnZBGgM5ovMYxJ+buv+GgUp8HEznjaYy1ko4v0przhONfYzF3
	mZSnDIp3iu/P9NUBFfSnX/VNMrZBKL4=
Received: by mail-wr1-f53.google.com with SMTP id bn26so11435835wrb.0
        for <linux-mm@kvack.org>; Tue, 03 Jan 2023 12:26:14 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20210112;
        h=cc:to:subject:message-id:date:from:in-reply-to:references
         :mime-version:from:to:cc:subject:date:message-id:reply-to;
        bh=xJd3NQqdohX/EjLJYnI3IKupf1n8/BBvgnGo9sOOFuU=;
        b=QKadA8SEB2rBW3p0Mjuz98wZqz1uT1OnIlZs/1KnyFTSSM0QXaldHo1cIxM0MQ0shL
         KIZZDQXrkzrF3EKxOjUeBTWOW0ZUuhmrttIh2zjx2Y1gMmGqlZIhrTkgLhP+uijD7HGf
         0gr/J3l0D/Gppwqi8GW6669GsS7TKz0CdKLif/v2c9++Fj7tLCWsJ2QNtmRNXrcZEdJ6
         SrOGdbH6zocjmWePebaODxB1FvZp0nKIbC9gGHK/tJbM77mu1M/Buw16mY6UMPte60+i
         IYTtO8waZd2zPN6bAqwK3El3qf2K2We2l1hhdwU9E9l0PIFBva6Mmj2fpHCFEbCiz8eq
         rGfw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=cc:to:subject:message-id:date:from:in-reply-to:references
         :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id
         :reply-to;
        bh=xJd3NQqdohX/EjLJYnI3IKupf1n8/BBvgnGo9sOOFuU=;
        b=OPrJcgW6Dh/etOywNWji/3SONJsDS1Puz/dfrZ7x7k131Le3BCx2fjXBcbEzpSKTyY
         qxkfS2jYbXyZ4oCHQOpZzR5Vtu4uMTyAeTNhk68argkRKDZhLuP0W6i1X6cZbgbl2Xb4
         hhuS1KSc4WgWQ7rRV5wd7rqgmiPUsoEhEMb9eBgnwYJLDeNwQx5AZ0ovg2llCYrGUdlf
         ZAEtROjhy0CK1a1ATro73iwL3tF7BNgzw8cYyRTJKzq57FJbxpKHbTPHAdPDmNzMP88g
         Rm379R4d3vlQmhz31FgqeFwzWQAyjeS08/nEU1FKLWS3sz8W0e5mzOgVB+IyAhYDffUl
         ln9Q==
X-Gm-Message-State: AFqh2ko0Djqmu4dVtj0RXDwMKfIU/k7o+VlW1C3xfLeUbrFp4t7DySj0
	jXmYYsmr3IMsk5gepmcwBDaBpcLk3JuZYhiA5tYsBg==
X-Google-Smtp-Source: AMrXdXvi1jl5stzvILraZWn9snll5YYZJX300dAamfZiCHex7vC72EwkN0b8PcfYx2NG2iPdOnjZGIkqWZAw8UJkdVw=
X-Received: by 2002:a5d:6148:0:b0:280:91ea:29b7 with SMTP id
 y8-20020a5d6148000000b0028091ea29b7mr886765wrt.98.1672777573057; Tue, 03 Jan
 2023 12:26:13 -0800 (PST)
MIME-Version: 1.0
References: <20230101230042.244286-1-jthoughton@google.com> <Y7SA839SDcpf+Ll0@monkey>
In-Reply-To: <Y7SA839SDcpf+Ll0@monkey>
From: James Houghton <jthoughton@google.com>
Date: Tue, 3 Jan 2023 20:26:01 +0000
Message-ID: <CADrL8HVeOkj0QH5VZZbRzybNE8CG-tEGFshnA+bG9nMgcWtBSg@mail.gmail.com>
Subject: Re: [PATCH] hugetlb: unshare some PMDs when splitting VMAs
To: Mike Kravetz <mike.kravetz@oracle.com>
Cc: Muchun Song <songmuchun@bytedance.com>, Peter Xu <peterx@redhat.com>, 
	Axel Rasmussen <axelrasmussen@google.com>, Andrew Morton <akpm@linux-foundation.org>, linux-mm@kvack.org, 
	linux-kernel@vger.kernel.org
Content-Type: text/plain; charset="UTF-8"
X-Rspam-User: 
X-Rspamd-Server: rspam04
X-Rspamd-Queue-Id: 6F42420009
X-Stat-Signature: isxp9e9fq9wbj4ojtam1t7npbks5ksdf
X-HE-Tag: 1672777574-279684
X-HE-Meta: U2FsdGVkX19OCBGzH3YkdRcarGsA+WEZOiuKUuDB9363B1xP06FsilzwmzsC8BUIvzdIT2fd+dW8MoWWPlLQ/WkgNxgF3PrPH7Fqd7qBdmu6xwYWCVndzf/1c4aVHBM7udSI6VODScBKfHTOz/Wg44g7In4iLULAMdw+ZwwFO+2VjuJSR/yVPJtc4VeEg3b4kzgIXlCophDHDSPFfdVTydoJxmGOO4wO5BCvotMNjYXCPipk/qdGI7fk7235bYsUDWqY0ud2nfVbPziV6ui6WRa5SU7eUG7Cr22DmX3+daQGaN8evmaOLHhXa0z3OeqABlyK2Mfk1TQfNV+QcwyLtPT1qB/FqptpoQ3TVmg55PcULZE/4ogXyW2Ug+XcIgh38gw0NsuFMpOs84XqNdyQkKMWLypAysDqYSi2rVxtbGGAHSSjzurRx4XSAaslvzT89LOkMRKfWAHGhgwCFeN3gr2dKVPm1nFNHhInOa3LD4ojtYvdQ4vuoWj4V791uGXvkuzzw1tdcAuX6cp1kPUeGc0O3yT+A/J0qFIKhZO2uRh/tov1Z85TkQF2jXdvHviJm5CmbMFLjzRfOs80OI9RJA89LifNxGt1ncW6A1U0ck3JrOTC1J6F8zO8Sv4uhtTTqLfM/im8KnrOvbxReYG+nPjefhyXw9Wb9nr1hGbsrP7BG8yATcaZZZkmK7hsb8FKgaaw5+h4M7spDI8DvjXfTppczUEnHR/8bpSQwoxt5/UOWcGnf23IAmGjW9Gs+S3tJM61asusaAQ7Z5vB9T/BhY11NtqLzGl65kvQWiE0WICs04XJecVjbTkYMBeKRNZ3JoCrikZVz5HyhtMCTmb/itVQf5hfM17PTIl7rBJkIOZWgHXZAFpjf9TR8cSaz1x3oKbfxjsTsogjZd/ocbSVMKMLd4uP2UFDIbDXEVE5O4B0imGAVVCzZoAMb4shyzK/H+xIjWQCTsFncANY28G
 BJkGPAwn
 1aWEPCwQ9as3VLNg=
X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4
Sender: owner-linux-mm@kvack.org
Precedence: bulk
X-Loop: owner-majordomo@kvack.org
List-ID: <linux-mm.kvack.org>

> Thanks James.  I am just trying to determine if we may have any issues/bugs/
> undesired behavior based on this today.  Consider the cases mentioned above:
> mbind - I do not think this would cause any user visible issues.  mbind is
>         only dealing with newly allocated pages.  We do not unshare as the
>         result of a mbind call today.
> madvise(MADV_DONTDUMP) - It looks like this results in a flag (VM_DONTDUMP)
>         being set on the vma.  So, I do not believe sharing page tables
>         would cause any user visible issue.
>
> One somewhat strange things about two vmas after split sharing a PMD is
> that operations on one VMA can impact the other.  For example, suppose
> A VMA split via mbind happens.  Then later, mprotect is done on one of
> the VMAs in the range that is shared.  That would result in the area being
> unshared in both VMAs.  So, the 'other' vma could see minor faults after
> the mprotect.
>
> Just curious if you (or anyone) knows of a user visible issue caused by this
> today.  Trying to determine if we need a Fixes: tag.

I think I've come up with one... :) It only took many many hours of
staring at code to come up with:

1. Fault in PUD_SIZE-aligned hugetlb mapping
2. fork() (to actually share the PMDs)
3. Split VMA with MADV_DONTDUMP
4. Register the lower piece of the newly split VMA with
UFFDIO_REGISTER_MODE_WRITEPROTECT (this will call
hugetlb_unshare_all_pmds, but it will not attempt to unshare in the
unaligned bits now)
5. Now calling UFFDIO_WRITEPROTECT will drop into
hugetlb_change_protection and succeed in unsharing. That will hit the
WARN_ON_ONCE and *not write-protect anything*.

I'll see if I can confirm that this is indeed possible and send a
repro if it is.

60dfaad65a ("mm/hugetlb: allow uffd wr-protect none ptes") is the
commit that introduced the WARN_ON_ONCE; perhaps it's a good choice
for a Fixes: tag (if above is indeed true).

>
> Code changes look fine to me.

Thanks Mike!
- James