From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 9B46AE77188 for ; Tue, 14 Jan 2025 18:33:32 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 3011028000C; Tue, 14 Jan 2025 13:33:32 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 28997280006; Tue, 14 Jan 2025 13:33:32 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 0DCB628000C; Tue, 14 Jan 2025 13:33:32 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0011.hostedemail.com [216.40.44.11]) by kanga.kvack.org (Postfix) with ESMTP id DF6EC280006 for ; Tue, 14 Jan 2025 13:33:31 -0500 (EST) Received: from smtpin12.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay07.hostedemail.com (Postfix) with ESMTP id 921EB160C36 for ; Tue, 14 Jan 2025 18:33:31 +0000 (UTC) X-FDA: 83006905422.12.2492062 Received: from mail-ed1-f49.google.com (mail-ed1-f49.google.com [209.85.208.49]) by imf02.hostedemail.com (Postfix) with ESMTP id A284780002 for ; Tue, 14 Jan 2025 18:33:29 +0000 (UTC) Authentication-Results: imf02.hostedemail.com; dkim=pass header.d=google.com header.s=20230601 header.b=IPega3XA; spf=pass (imf02.hostedemail.com: domain of jannh@google.com designates 209.85.208.49 as permitted sender) smtp.mailfrom=jannh@google.com; dmarc=pass (policy=reject) header.from=google.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1736879609; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=A9uP4V09zrcGT9tRiylSheQaRUsMLEYYHbNDEWsRBXQ=; b=rAJYxeRvQl26XIisnSccT754gYy805njiFzcHNcFB75fuvQeWKMBFh7ZKx98TrJ7BWQUSf hXhzBkPnOzp+4I0jCpJIJ7lIht3pV25OLMpV9P9te9RgP4V1Ytan4v1M8OHy6JWjwThjf/ ZJy6BQBKXwAu/okZwACla/PO4ZRlm2c= ARC-Authentication-Results: i=1; imf02.hostedemail.com; dkim=pass header.d=google.com header.s=20230601 header.b=IPega3XA; spf=pass (imf02.hostedemail.com: domain of jannh@google.com designates 209.85.208.49 as permitted sender) smtp.mailfrom=jannh@google.com; dmarc=pass (policy=reject) header.from=google.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1736879609; a=rsa-sha256; cv=none; b=scw9NGDvE8lbafv6907yA5eHvRflrPEy+T767wmZo4qJPkHaWl45c1f2QdsdpXX3k2QLp5 vKJAz/ryMUmE5UueUGm4WQjSYL0LEsKMsC9tF/YV6THXsOs68nr/XcOuCczxTFGhNgdRbb xHDlUCgxLqH186akqg8REs4HtoZI2ZE= Received: by mail-ed1-f49.google.com with SMTP id 4fb4d7f45d1cf-5d0c939ab78so10849a12.0 for ; Tue, 14 Jan 2025 10:33:29 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1736879608; x=1737484408; darn=kvack.org; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=A9uP4V09zrcGT9tRiylSheQaRUsMLEYYHbNDEWsRBXQ=; b=IPega3XAvWEMHUU2nCpWvp1nQOFax6nqNWEc9/ZCSVRP03Dq2y5NGNnyf0NCMO2qsd GGYA0nqkMg4/tEgArDmoKlxWaJGGMphrCHpsOSM5RomFxfNVZAQ1PW84pcuFQKpWNH3Q JkqNLJbTgIg5N3P3wOr9tWXxU+ZCDxGASWWT3N3YriWZX5IFay4I+CNuCQ/i+hDS9K6J r9LuVB06Crw886n3m8maA5NOgGYLc7l9OMr1SKp7nW1u0ng0qGoNvYoCRHxw/ju87sts 9m/a2OtkbnmkQ0zM1MrmTURVqLPR9RCemJYhqpoQiawliCIt0Xcj6H7sMps8+o9QOm8v wWJg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1736879608; x=1737484408; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=A9uP4V09zrcGT9tRiylSheQaRUsMLEYYHbNDEWsRBXQ=; b=eN8a6GdN70Ef4BQYuFSRLeHnu/uBiGyYkdWpIq1ZbTImXPFA/lPpk46uVh02f5eVMZ 4CkJZyaOFqoo6xMdYWxZa7f4vEdwC6yZFCgVZkPOwKRHS9IWGrAt/DQ5aaAtiHH6lZDI +DRajIOkXqQFjkT7XSevj55vwrqcDPB022fS2fFBE9LsQnupx0BTs7INsGl/flgNN/Pm 1ocbBlztkCDiYZ7SL4XWQ19TO4UVO5lZf8wj39kjpqTWXf6kiNUByu3GfW7sqHIEbPer z9GLK4yJjpCL+ujUvv7UKE3LfB4vbZ0Aag+oAMBSa5/YD/W2RQNhgQWxmkkw5O5xKTh1 IOMg== X-Forwarded-Encrypted: i=1; AJvYcCUM8xeSqoJXtv5Ujdj68COZVAtfTuD/lhnRHAa5NSHEspnUZkXmzaJfoFm6kfuZLIedVFerdt+aIA==@kvack.org X-Gm-Message-State: AOJu0Yydmq7VxYa8WVSfKVOVPdxMzsWfFkrwUIpc/XqCoucoD6qJki+t cjjFNDYZC8FdVdQrF5tUFgipUrRRBVKwYtmApWCvHwWwIHkRmG/BGliSij9EtxvRG2rYbQTdQfo 7Chx5kWXsAfcfeIjfa7jFn60hFEsi33Hd7WJn X-Gm-Gg: ASbGncud3WB9azH0AIfw9v4JVHWarrpQ7dm8W20m3EVX9K9si16UlxdmSHbHWd8o/lq 7LFAAmBnujxQJ4OU0hOYyI5LlEn3wlDZRsz9BfJZNWyQa9etC+xkNyNAtKLtQHnasxA== X-Google-Smtp-Source: AGHT+IEb4YSsKSdaMTbjPVz7gSgsB0UEB8Le02jqvuEJZc3kDirJjkgdOKmZVkCH+Ejqh63hjOYBre1vH7I8f88Ub34= X-Received: by 2002:a50:8d56:0:b0:5d9:5a5c:f2f9 with SMTP id 4fb4d7f45d1cf-5d9f8b0d54fmr101159a12.7.1736879607605; Tue, 14 Jan 2025 10:33:27 -0800 (PST) MIME-Version: 1.0 References: <20250113223033.4054534-1-yang@os.amperecomputing.com> <2dda50aa-e4a1-4664-b8fa-56ba975db329@lucifer.local> <65691afc-615a-4716-8a2e-1f43bc65111c@os.amperecomputing.com> <3fdcd6a5-27fe-411b-923c-b7410e4cbda9@lucifer.local> In-Reply-To: <3fdcd6a5-27fe-411b-923c-b7410e4cbda9@lucifer.local> From: Jann Horn Date: Tue, 14 Jan 2025 19:32:51 +0100 X-Gm-Features: AbW1kvbGwDcWJ7FsawJTxfx4jkCpzMwu6or8XouB2Oq9j18hjV1IxSMvf9JV6KE Message-ID: Subject: Re: [PATCH] /dev/zero: make private mapping full anonymous mapping To: Lorenzo Stoakes Cc: Yang Shi , arnd@arndb.de, gregkh@linuxfoundation.org, Liam.Howlett@oracle.com, vbabka@suse.cz, willy@infradead.org, liushixin2@huawei.com, akpm@linux-foundation.org, linux-mm@kvack.org, linux-kernel@vger.kernel.org Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Rspamd-Queue-Id: A284780002 X-Stat-Signature: hisq5xfqkxzqhmt1emx8pdd1xjdywix9 X-Rspam-User: X-Rspamd-Server: rspam11 X-HE-Tag: 1736879609-814477 X-HE-Meta: U2FsdGVkX1//6eJH+l6iaEenDKzsGWyuidLO/GknmXCOY1eBVungyWVQ84KrqDyOXOJAtXdKKv36aIyENHAgqwH3hvOyJRznG3DWOIyTgSRClFMJ6z1k1L57Agd/fTiZqoCKTE6wqzGIF/nlizl8VCy+5Lm4PWYx/lylC9ukwc2MvpVVJXSxPCe6VT8HzgZ5VnkZKKPCQ4JmRtwe+oOJZ077YTDide2UjJJ2FtYQB+TdERjzVuWHu+yL0hGN9tBFJFuxda3tQp/jinLqyW5PmoJMDDV/JT9/gahvMwxrh7gpSxPlmcJdK8pud0LHUksINBl8wQ2GY/zKuqPjtU0kys9bcKt+/kn/4Ybtj6o8WjaJ7IFJYv7h3TLpvK9xH2KZhU405UufPNhsnPm01XRadboSyn1N0cpgf12sRe9NT5QkaxKkSD7jI3qyW5fGwxyKig6JU2ItgUwPMkIJ1fovSJSuw8e7qNCLlLe5szecg8S/eB+d7hlEfvfZ9+aPgn9lWsQ0mzvGOXs71PgZjoXVasuz9M5lzXomWCEo8lyX6x74BLYqbgV3YG+rEW7CsTK7bP37jVYBsM/7w4plfIFVUqnjW/nWP0RXnQ8yggS8UGFYc46ZwoVAFTMiUpdIRybAsNnigNboLuOWJWm9Dw5RSPHM74d5KmkczBie0joZNThez4OKrcuLgo3MdgDp3UAICUp8UMnSBfs3PDFoewmmHTTkHTcxGyewn8Ndt6y489Y2F6oWVyJlK6itG1SXGSn2EgExQ66qFpHAD58NLWDjE1aii99OICBQLo3QYTvh1fNpLQaAjJdjsY/5Mh/xwK2SbPbciq23uKdzL0Zxwdy0iEIrIb2FJFlitoMuZo5RJQ1EZZzC90zMZouhROeU5gCHTxOMLH53lbk8zik9eudivceYCz6NAfmn9F6UX23/RgVbJmmmtvo+NYCa2nMgt6qyqWdhkB4FjA3pvlYhCSh Qr9SwXPQ j05EiPliJ93r9ow/40L3aCMM7EGpbPBTZuBLsL5LoY9hZRvOX0zzTo/10OxBm/lGjijAvGeHGm6YzTb7sRiO8DtDklqDcdQ5FdMSMmyMGvzzoL5smirK2Equ8Vo6Ri/vRPsh37d3Nu9N1B6xJE3ft2seXu2oUDxW9sli4u5l83ssTmCpmzO5QX9NFEXg/7U58xbxv3BG6DbgGNa7My8LdEcq6Yg== X-Bogosity: Unsure, tests=bogofilter, spamicity=0.492875, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On Tue, Jan 14, 2025 at 7:15=E2=80=AFPM Lorenzo Stoakes wrote: > On Tue, Jan 14, 2025 at 08:53:01AM -0800, Yang Shi wrote: > > On 1/14/25 4:05 AM, Lorenzo Stoakes wrote: > > > On Mon, Jan 13, 2025 at 02:30:33PM -0800, Yang Shi wrote: > > > > + fput(vma->vm_file); > > > > + vma->vm_file =3D NULL; > > > > + vma->vm_pgoff =3D vma->vm_start >> PAGE_SHIFT; > > This is just not permitted. We maintain mmap state which contains the fil= e > and pgoff state which gets threaded through the mapping operation, and > simply do not expect you to change these fields. > > In future we will assert on this or preferably, restrict users to only > changing VMA flags, the private field and vm_ops. > > > > Hmm, this might have been mremap()'d _potentially_ though? And then n= ow > > > this will be wrong? But then we'd have no way of tracking it correctl= y... > > > > I'm not quite familiar with the subtle details and corner cases of > > meremap(). But mmap_zero() should be called by mmap(), so the VMA has n= ot > > been visible to user yet at this point IIUC. How come mremap() could mo= ve > > it? > > Ah OK, in that case fine on that front. > > But you are not permitted to touch this field (we need to enforce this...= ) Sidenote: I think the GPU DRM subsystem relies on changing pgoff in some of their mmap handlers; maybe talk to them about this if you haven't already. See for example drm_gem_prime_mmap() and dma_buf_mmap().