From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 0D461CDD0EA for ; Tue, 22 Oct 2024 21:15:51 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 8A3086B00B0; Tue, 22 Oct 2024 17:15:50 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 84F4E6B00B1; Tue, 22 Oct 2024 17:15:50 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 6C8716B00B2; Tue, 22 Oct 2024 17:15:50 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0013.hostedemail.com [216.40.44.13]) by kanga.kvack.org (Postfix) with ESMTP id 4AEE76B00B0 for ; Tue, 22 Oct 2024 17:15:50 -0400 (EDT) Received: from smtpin27.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay09.hostedemail.com (Postfix) with ESMTP id 817068053E for ; Tue, 22 Oct 2024 21:15:35 +0000 (UTC) X-FDA: 82702494588.27.57F26F9 Received: from mail-wm1-f47.google.com (mail-wm1-f47.google.com [209.85.128.47]) by imf23.hostedemail.com (Postfix) with ESMTP id 7B80F14001A for ; Tue, 22 Oct 2024 21:15:37 +0000 (UTC) Authentication-Results: imf23.hostedemail.com; dkim=pass header.d=google.com header.s=20230601 header.b=BOFWMCrj; spf=pass (imf23.hostedemail.com: domain of jannh@google.com designates 209.85.128.47 as permitted sender) smtp.mailfrom=jannh@google.com; dmarc=pass (policy=reject) header.from=google.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1729631671; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=4pGesWSt7Pp+Gh6T3OlF5sBLVYn/BSEEnVUNyN8fpN4=; b=Is5nj5k7F/DwYmZkIBzGzBmEKzSCHmgY6lln580A5kOeFvMaEa9eMqGWbxSo3AfbAfxoxr 33r54dsqZtAgld3d/qyooTJ6CyFYNq5uN0XadqcsFYeedVGKZGENT7WUk/PEyvoqoXih0e O6OjGPxTp+Z4cDJS3a0HPWFaAeff7X4= ARC-Authentication-Results: i=1; imf23.hostedemail.com; dkim=pass header.d=google.com header.s=20230601 header.b=BOFWMCrj; spf=pass (imf23.hostedemail.com: domain of jannh@google.com designates 209.85.128.47 as permitted sender) smtp.mailfrom=jannh@google.com; dmarc=pass (policy=reject) header.from=google.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1729631671; a=rsa-sha256; cv=none; b=y24xaI8JisL3/9IQfiMGPs/3ZiM9oQgftW5t7fEDFUtD8IwBzCJdae67+Z4oqUZDCZI9G6 nC3uUDaLO0qKX5wlgJ38iP2vT1/qad93wKPQb/sXZAeIi7X9pwQQydt/0uRWQPFulxVN74 myHFbuJZF5frwZQ5zz5NMb0sfDfTzBU= Received: by mail-wm1-f47.google.com with SMTP id 5b1f17b1804b1-43150ea2db6so78885e9.0 for ; Tue, 22 Oct 2024 14:15:47 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1729631747; x=1730236547; darn=kvack.org; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=4pGesWSt7Pp+Gh6T3OlF5sBLVYn/BSEEnVUNyN8fpN4=; b=BOFWMCrj7XxGK3irV43tQn6tog4RKMtUd0wVz1VNjB7UmuSE/AK55AWbaCDOhVjbfP 07QpNF9R8ZdcL4o68Atf7i+Z4iEfZvujyx4PgChk78QUHfSzoMoRskcvBkuMsYjHM3/E gIbd0Xmf3DA0FySvhvr9qcZlXNLzHUnOdu5+vQi7fyX5NbxiPff6ZLAJrSKWeyhiNbP4 Bt1SO9FjA/TxvUSPQJP0QEYpPbv3LJSTd/JDe0SGfEL3PXU1kPJuRTPMHDfmbkCI+fZV E4Ruty+5w2r1cWqpoTLIFN1j0ly1bJlwsmSgDg+Qepak3STo2Wa3ZpxqexRlPg95Q9T1 1+Ug== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1729631747; x=1730236547; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=4pGesWSt7Pp+Gh6T3OlF5sBLVYn/BSEEnVUNyN8fpN4=; b=JDurMYSrGvtl0GyUHn98zlDMsUv6z6ABCuplXvGj5cyQP2oSK/Y/+Jz0U+0zpmn4ID WsuDnWry/oAZyfsY/ZMPlE3879569LrgBc/32uqxsNT1pE/Dw25/LS8sLgko+GHjBPLQ cbE1SyYE7mcF7SB7i3jBG9CNfEjcZTjenQZfpVn3OaZfTRo6Yu0sFQ46GypQxnjbjmmk wyIG6k9lDoRxiy7jPFtVMm2ABXoq/saQVDLdm630XlZzteepilagNvkwqM7Gebl6E5dX 6k1zouhr4MkgqpEzalQB0a8HBj+1sr+flA9ZIEcgj0H21XXRLQfuKt61uxPJWUEbYdt3 KK2g== X-Forwarded-Encrypted: i=1; AJvYcCWcUhXsc0snkKF89620lUzhTkb417t7SEz10WzibsyF3sYZwoKhlL9Q18wz5KDlokljlBwzzNJ3Ng==@kvack.org X-Gm-Message-State: AOJu0YyJGe8xfULVh8iGAW2qnikCKzeqIalh+KPVjqzmJW36kR8qfRjP TUfsDUwL0rZN422GmRls+jJnDB+d+un8N5us0OtHgVmOvst9236KRQD7Py7Y1dVPqbdfgklqYN3 iN1yp2vVYFgRdXEJx1CPaUzFKeFHgBYE8mEZV X-Google-Smtp-Source: AGHT+IEXgBJmrtTqt6j5PCdaoj4Mf33BrPYLoS8pUb01lfqzY8RTGBIzteKmWHqlsXwmR4pgwf434k+lz9cleHblJRw= X-Received: by 2002:a05:600c:1d97:b0:42c:b0b0:513a with SMTP id 5b1f17b1804b1-431851ffd98mr70835e9.2.1729631746274; Tue, 22 Oct 2024 14:15:46 -0700 (PDT) MIME-Version: 1.0 References: <9a84bad9fdebbdb0adca2b5b43ed63afceb5bacc.1729628198.git.lorenzo.stoakes@oracle.com> In-Reply-To: <9a84bad9fdebbdb0adca2b5b43ed63afceb5bacc.1729628198.git.lorenzo.stoakes@oracle.com> From: Jann Horn Date: Tue, 22 Oct 2024 23:15:10 +0200 Message-ID: Subject: Re: [PATCH hotfix 6.12 2/8] mm: unconditionally close VMAs on error To: Lorenzo Stoakes Cc: Andrew Morton , "Liam R . Howlett" , Vlastimil Babka , linux-kernel@vger.kernel.org, linux-mm@kvack.org, Linus Torvalds , Peter Xu Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Rspamd-Server: rspam03 X-Rspam-User: X-Rspamd-Queue-Id: 7B80F14001A X-Stat-Signature: zude9biiscrh9h78snnoeqz3g1imwd1y X-HE-Tag: 1729631737-698466 X-HE-Meta: U2FsdGVkX1+3Z2QzkcezbU7SpCJvIX7yiXEGtgcmO7dzeYTUQDECcmqE3N0qJL26W6eK8xMmp4Nnna41Zj3uwgzB03RX+VzR3Fg2SIa7XiXCIemWEkIy+nwrUC3j4zxfnrD3RQLB0+k2lpxEPJHmLnbEyqrown76qsc8KOTX0EdXkGHgZ+Jeh8CrCfhLaoLSE4ju4oviLaqm9hN5bHiVQom8VZBaHN91gopvV4ihKB9iix5pfNowLIahdAyavphIGRO8ZON36PtG2RIla1G79IEX0OwSvcJueW5xXVH/kz6AhUWQFxyI3Yr6hEJVRW8qXUV0xxwJxysVUbPRlxfWgzvSudG24xQMC5A77ezO2F0QK67hFL43luc9OgaybY7J71wcrs1yf4/opwgFu8tpPpW4GWh71TrlPv6/+7Wjg6FbyihqlYW8TMD90t1ura2MG1xlViZaXF9wp1l2nTS+1w35FQQiGQ72BaYSbFohXmQFBqdas4x84yznZzmXyv5eFmJ2wGVGvHyARxKOiUgwENTW6jMllWnkuk+yCatA+iE8ZtW98ZBOFFzUAKvH8zN5pjkdklR3aKgI79bZsA4WyCcMSbOsuaKID9eMwsKIGTpKRTZO1S0cSb1wbRF4jfWqRSaZWKdIq55U+A2BbEsq0JFbFTK9pQ1PTGlHi40a2/W4B9kAWGvhei7dgmFimLpDrtaIx2Kv4koo0Evitf/eO6awKSX/ttQZCmcVbxMRvRbRSMW/fiUfFVfo2hxboAQB/fk7mAbc8UXGlNgdsRwhIZ/N6B68UBVeaI4BOWiKTXlCVheEkJa3efIV1nXtLchsWnK9nUtpHRJYM7SwmktF+ITnmx89RDM2b+6ApEcBDtydufgzFoa1inkVZpmLdTVU9jCbVu8Tz2Yukq9YvPSjLpT8bcrFe8FG7GNrZTngaSZCgbE5fBjE6gvoE0b3J9lDfwCHDkepr0kd3ILNJy7 27O+y2Zm r8UxTbaK0ud5dm1VssQikr/BkqGjvGpqZEgLzerkxzo1oj6cItz8L5Drzv9SxHBXa+Gb7lp1hpqCeWb7ma7vL8fPgXS0R6TQ55bPYJD7sDCGRqfzwL0qGanNrebuuvOZZlLIlNpKaN0zSPSGxleNUsZxNwNHhV9adfiMmNGmH4T2eqtdUpq0aYnk0huRjpf4Wh0n5ZNbejIMwlvvFTxOUBLCukDbFk+qzzhyle/ZM0OjLosppxfLXmgQBioW+LcSISISdLv5bC15LsG0= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On Tue, Oct 22, 2024 at 10:41=E2=80=AFPM Lorenzo Stoakes wrote: > Incorrect invocation of VMA callbacks when the VMA is no longer in a > consistent state is bug prone and risky to perform. > > With regards to the important vm_ops->close() callback We have gone to > great lengths to try to track whether or not we ought to close VMAs. > > Rather than doing so and risking making a mistake somewhere, instead > unconditionally close and reset vma->vm_ops to an empty dummy operations > set with a NULL .close operator. > > We introduce a new function to do so - vma_close() - and simplify existin= g > vms logic which tracked whether we needed to close or not. > > This simplifies the logic, avoids incorrect double-calling of the .close(= ) > callback and allows us to update error paths to simply call vma_close() > unconditionally - making VMA closure idempotent. > > Reported-by: Jann Horn > Fixes: deb0f6562884 ("mm/mmap: undo ->mmap() when arch_validate_flags() f= ails") > Cc: stable > Signed-off-by: Lorenzo Stoakes Reviewed-by: Jann Horn [...] > diff --git a/mm/vma.h b/mm/vma.h > index 55457cb68200..75558b5e9c8c 100644 > --- a/mm/vma.h > +++ b/mm/vma.h > @@ -42,7 +42,6 @@ struct vma_munmap_struct { > int vma_count; /* Number of vmas that will be re= moved */ > bool unlock; /* Unlock after the munmap */ > bool clear_ptes; /* If there are outstanding PTE t= o be cleared */ > - bool closed_vm_ops; /* call_mmap() was encountered, s= o vmas may be closed */ > /* 1 byte hole */ nit: outdated comment, this hole is 2 bytes now > unsigned long nr_pages; /* Number of pages being removed = */ > unsigned long locked_vm; /* Number of locked pages */