From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <owner-linux-mm@kvack.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 2C767E7716D
	for <linux-mm@archiver.kernel.org>; Wed,  4 Dec 2024 10:42:11 +0000 (UTC)
Received: by kanga.kvack.org (Postfix)
	id AB0E86B0082; Wed,  4 Dec 2024 05:42:10 -0500 (EST)
Received: by kanga.kvack.org (Postfix, from userid 40)
	id A610C6B0089; Wed,  4 Dec 2024 05:42:10 -0500 (EST)
X-Delivered-To: int-list-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix, from userid 63042)
	id 9287C6B008A; Wed,  4 Dec 2024 05:42:10 -0500 (EST)
X-Delivered-To: linux-mm@kvack.org
Received: from relay.hostedemail.com (smtprelay0012.hostedemail.com [216.40.44.12])
	by kanga.kvack.org (Postfix) with ESMTP id 737D26B0082
	for <linux-mm@kvack.org>; Wed,  4 Dec 2024 05:42:10 -0500 (EST)
Received: from smtpin17.hostedemail.com (a10.router.float.18 [10.200.18.1])
	by unirelay07.hostedemail.com (Postfix) with ESMTP id 2FA2D1607E5
	for <linux-mm@kvack.org>; Wed,  4 Dec 2024 10:42:10 +0000 (UTC)
X-FDA: 82856935770.17.AA0A913
Received: from mail-ua1-f43.google.com (mail-ua1-f43.google.com [209.85.222.43])
	by imf06.hostedemail.com (Postfix) with ESMTP id 35EEA180017
	for <linux-mm@kvack.org>; Wed,  4 Dec 2024 10:41:58 +0000 (UTC)
Authentication-Results: imf06.hostedemail.com;
	dkim=none;
	dmarc=none;
	spf=pass (imf06.hostedemail.com: domain of geert.uytterhoeven@gmail.com designates 209.85.222.43 as permitted sender) smtp.mailfrom=geert.uytterhoeven@gmail.com
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com;
	s=arc-20220608; t=1733308913;
	h=from:from:sender:reply-to:subject:subject:date:date:
	 message-id:message-id:to:to:cc:cc:mime-version:mime-version:
	 content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references;
	bh=vX2WH4n+GCNlvwADoU6DFdzKV/JxC1BRNEGUr+yTDEw=;
	b=ALmbiQyCLGPLXI0gOuNGPlIyDUByjCuEvBkE8fnqNwkeWtmauNgaAXoeow6CC5RUWYaI+d
	UxW2lX+XP2UfaNnhtzRt8E0WtnTNDvO5h3AG1ER0h6npXRl+6T0U4yH+Jo2ZHWQqWJX2t9
	oJpHblETqRw+ipY8mjW0ALtteK9Hs8g=
ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1733308913; a=rsa-sha256;
	cv=none;
	b=MbPGCwohxBOslJWAW/tFpRiuDgsWvtL8TMPYuA1It72J5t0XDX8dZVlMp7WCN21Q+v7TZg
	TKjq+Wkbi78EbmbVW/CFMeCM5xZgrHg4hhTvvv14pHFm5kTmc2ur+1zLdoJQoHgnTs6QHW
	AQckYV0FpqEc/D2ExlQnMV+1C7HeusA=
ARC-Authentication-Results: i=1;
	imf06.hostedemail.com;
	dkim=none;
	dmarc=none;
	spf=pass (imf06.hostedemail.com: domain of geert.uytterhoeven@gmail.com designates 209.85.222.43 as permitted sender) smtp.mailfrom=geert.uytterhoeven@gmail.com
Received: by mail-ua1-f43.google.com with SMTP id a1e0cc1a2514c-85ba9c6eecdso683136241.3
        for <linux-mm@kvack.org>; Wed, 04 Dec 2024 02:42:07 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1733308925; x=1733913725;
        h=content-transfer-encoding:cc:to:subject:message-id:date:from
         :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=vX2WH4n+GCNlvwADoU6DFdzKV/JxC1BRNEGUr+yTDEw=;
        b=inyOHYywtHSlA2YGSWi7LcolgzcS02dzk2B1LCoIQMT71F/kY0LV4nAc7E9+5pdAOx
         LTJ2xH2zy/52ddZfpl3JnMBYOc2lnUja6gLwkal4aBOAHJ2hi0V1Y6f/V734RLcvHfrA
         2WTvCJM4q3vzy1V+kjFCkAvVDxiiDa6His/o8jMcTrbJv2jDEcrV4kIQe/4wP5Af2V71
         GoagTC89A3KSPOKqD7a3RoU7Uq3d/FN/IZ5m3DjYcmsNIUwpZ0a0quPoe6kT6RwmYWGj
         cE4W+okxyL/2fVrtzWFXGvkeQKilCN18nHXIL455nQVwEaLdgNAmg6Yp7X7yD2CDaawj
         cbwQ==
X-Gm-Message-State: AOJu0YyXQOFMPYqd4FA3L5dk7AUBY4yguELg5eXw7Z9XEi/BjnkXA7gd
	IwO7avfFB+n+ARi+E/lM5hzRL668WWahTA099l9eZ7Ahmti4Kl3VJ7bBGZfS
X-Gm-Gg: ASbGnctvFbZQmu876fkgmMw4X1yfgTTotOhbzug7uThlNHsDMQkxAWeyMnvsoNv3VFR
	eyDGKwWvprfFReCcds6FxlUdLiu/tABJvhuUmIUiDFziCDgf6MmyHzEhy9KqazBZodZJiRGtCQt
	M10u6mgYRk01bJAUXr65Y/oz39a+tdlQrCBeDHmaAPjTyRl7xJ/hz46AKmvx1y2WKF4y92lSRBF
	UG6GR/yHmsyAor85vgvCffVC0r5JVVdCJVvQtanXqOXT3u4C9+St9jRobTamtm/vqP1WLa5RYCf
	O/f4hsfYHmTc
X-Google-Smtp-Source: AGHT+IGFpIIqoWKoPrRDf+b8yhciRwPeOc0tGo4Nr8CtnXX9pXQjAZbXNbTcVTRaNWpu9OomZWfQrg==
X-Received: by 2002:a05:6102:511e:b0:4af:48a5:1ac1 with SMTP id ada2fe7eead31-4af96e7e079mr8768299137.0.1733308925441;
        Wed, 04 Dec 2024 02:42:05 -0800 (PST)
Received: from mail-vs1-f51.google.com (mail-vs1-f51.google.com. [209.85.217.51])
        by smtp.gmail.com with ESMTPSA id ada2fe7eead31-4af59213500sm2391665137.21.2024.12.04.02.42.04
        for <linux-mm@kvack.org>
        (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128);
        Wed, 04 Dec 2024 02:42:04 -0800 (PST)
Received: by mail-vs1-f51.google.com with SMTP id ada2fe7eead31-4adcd7e153bso1909537137.0
        for <linux-mm@kvack.org>; Wed, 04 Dec 2024 02:42:04 -0800 (PST)
X-Received: by 2002:a05:6102:c92:b0:4af:56c:1cb5 with SMTP id
 ada2fe7eead31-4af973adffdmr7164816137.19.1733308924354; Wed, 04 Dec 2024
 02:42:04 -0800 (PST)
MIME-Version: 1.0
References: <20241011150304.709590-1-ziy@nvidia.com>
In-Reply-To: <20241011150304.709590-1-ziy@nvidia.com>
From: Geert Uytterhoeven <geert@linux-m68k.org>
Date: Wed, 4 Dec 2024 11:41:52 +0100
X-Gmail-Original-Message-ID: <CAMuHMdV1hRp_NtR5YnJo=HsfgKQeH91J537Gh4gKk3PFZhSkbA@mail.gmail.com>
Message-ID: <CAMuHMdV1hRp_NtR5YnJo=HsfgKQeH91J537Gh4gKk3PFZhSkbA@mail.gmail.com>
Subject: Re: [PATCH] mm: avoid zeroing user movable page twice with init_on_alloc=1
To: Zi Yan <ziy@nvidia.com>
Cc: linux-mm@kvack.org, Andrew Morton <akpm@linux-foundation.org>, 
	David Hildenbrand <david@redhat.com>, "Matthew Wilcox (Oracle)" <willy@infradead.org>, 
	Miaohe Lin <linmiaohe@huawei.com>, Kefeng Wang <wangkefeng.wang@huawei.com>, 
	John Hubbard <jhubbard@nvidia.com>, "Huang, Ying" <ying.huang@intel.com>, 
	Ryan Roberts <ryan.roberts@arm.com>, Alexander Potapenko <glider@google.com>, 
	Kees Cook <keescook@chromium.org>, linux-kernel@vger.kernel.org, 
	linux-mips@vger.kernel.org
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Rspamd-Queue-Id: 35EEA180017
X-Rspam-User: 
X-Rspamd-Server: rspam07
X-Stat-Signature: gng34y3czaoatttrwqryojgd7i5jschk
X-HE-Tag: 1733308918-306727
X-HE-Meta: U2FsdGVkX19Tt9BYQuujc+rp66vHosMEiNn1w+GeFBYHXTGuVtG9b0dbUJPswQc06E/epE4qGF2TDJlnfXxCehumigIJ1pgBei/7MPxps9xCv0M8M4emhrlMKxKq91r7+mVjVvr6QVaBWmh04Bo9BUcpLqLH9ldPZgIreT1y8hIKguj696BxMEgOcKRzd+IqPICQ9mi56TlNfaoD/fVGbKnh+LhE/O0TqwOyh+A5a/JLNBLCIOd3F7MqKZGoVLEyyDOXe13FG8Ep67y/jsevGZIW5uZ9gQjjLKkNx5TdSceJ2Byn6oSwDNxASyxgFYey7wZbsIb0lfcoy72dy0aIiKGhyU03zzwx9pgBRPWzXAW4yS2wKHiRHpRokx4EJ8ImV4RaGtIUihZMD1WIXcqActDlrvNe9iUKvCx8SOR9koquVyCNJMb8D3HIrSpt/t+AkJ9U8J3yHEhpfU3ZzedgKLWF1aYLvfMRwLS6ewDP6oBKJcZRd2QqsG2jIEeUnvGrw09+Z/gc186DUqyJVJjDp6xL4Ug3KzMskDvwA8dJRRrTMWY324yWhjUgLZ5h0MrHZx80PvVC8ZR4LHsmlGlAq/JdvKcGYNKPnbEWVX55+4PNh4WR6vfPK6VDdBIMqIgWxFT3v9vKz0Q2nafyrKF00Zl/4TWqd9z+9Q1CkoRRJuQIopifCNJBbbVMiDPyRa9LEJx/D09uVafle40yur1OHtDaeqs/Vf5Dn7kx7gff1nt1DmT7Lk4Wb6NbPJ94vui5BbzTdpPyLh2u0wGCt9kLKjMNtXK8Bte6n/RI+K+eDOVEPypWbacMfCQN1/TSb14pzv4FtX62/3SNppEmsCY7l5N2b1j0IDlyLexEQykHIGn9dzPHAb/POy1Y+7crrkhhX19mwRcy64AQb+A1InPJbHUjQsQJughSPcilYsaJKfL9GQ1IRd02I9iA0sMZnBZnd5xU3VVocdHr351iCNu
 ryd6kDvs
 q5fDzWItGnXGoSR3Kj1wgrRt+Ryq0pKvtx+kjAJLs1ErZ8z0B2sNbuxD0bPXdsC2wBWE/8ChnORj+uLo4iBazdCGQxbNDkBXv+NKGMrjmj8jcjWuV9iBrconfnf84FW46mXjPKPTipHH01ara2wQS4s6sNB8hK998vprtpEUY4MIZSWHffdZ/B6annfk75Sfd0WythFwq38F+DMk53oBJlgBgs+9GCaiZ/FnXW1bDNXR8hKac4xNqp6DCeBVVI6R6SQBocjtdy5EJ5MrPhVbLBzKrcBAYluxTgGfYM5ARjdyk9qPFhW5Bcxh+xAsr/0e5QPN5UlgO6QRrpMaySlE78ZhNz3jqgIsbduPsl+q5/v5s5IQ7gqqkWGSt0gJdjEGq6zjphaRyQl4l2Ol9RFiA5mhsJcXeWzcIY7JcU9iuV6OiwTOCJb8dZFbWIGqTpki5v3nEiwnl/cg6R0wpJ6nHQqkZ6Y7pT/kxKfhP
X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4
Sender: owner-linux-mm@kvack.org
Precedence: bulk
X-Loop: owner-majordomo@kvack.org
List-ID: <linux-mm.kvack.org>
List-Subscribe: <mailto:majordomo@kvack.org>
List-Unsubscribe: <mailto:majordomo@kvack.org>

Hi Zi,

On Fri, Oct 11, 2024 at 5:13=E2=80=AFPM Zi Yan <ziy@nvidia.com> wrote:
> Commit 6471384af2a6 ("mm: security: introduce init_on_alloc=3D1 and
> init_on_free=3D1 boot options") forces allocated page to be zeroed in
> post_alloc_hook() when init_on_alloc=3D1.
>
> For order-0 folios, if arch does not define
> vma_alloc_zeroed_movable_folio(), the default implementation again zeros
> the page return from the buddy allocator. So the page is zeroed twice.
> Fix it by passing __GFP_ZERO instead to avoid double page zeroing.
> At the moment, s390,arm64,x86,alpha,m68k are not impacted since they
> define their own vma_alloc_zeroed_movable_folio().
>
> For >0 order folios (mTHP and PMD THP), folio_zero_user() is called to
> zero the folio again. Fix it by calling folio_zero_user() only if
> init_on_alloc is set. All arch are impacted.
>
> Added alloc_zeroed() helper to encapsulate the init_on_alloc check.
>
> Signed-off-by: Zi Yan <ziy@nvidia.com>

Thanks for your patch, which is now commit 5708d96da20b99b4 ("mm:
avoid zeroing user movable page twice with init_on_alloc=3D1")
in v6.13-rc1.

This causing a panic when starting userspace on MIPS64 RBTX4927:

    Run /sbin/init as init process
    process '/lib/systemd/systemd' started with executable stack
    Kernel panic - not syncing: Attempted to kill init! exitcode=3D0x000000=
0b
    ---[ end Kernel panic - not syncing: Attempted to kill init!
exitcode=3D0x0000000b ]---

or

    Run /sbin/init as init process
    process '/lib/systemd/systemd' started with executable stack
    do_page_fault(): sending SIGSEGV to init for invalid read access
from 00000000583399f8
    epc =3D 0000000077e2b094 in ld-2.19.so[3094,77e28000+22000]
    ra  =3D 0000000077e2afcc in ld-2.19.so[2fcc,77e28000+22000]
    Kernel panic - not syncing: Attempted to kill init! exitcode=3D0x000000=
0b
    ---[ end Kernel panic - not syncing: Attempted to kill init!
exitcode=3D0x0000000b ]---

or

    Run /sbin/init as init process
    process '/lib/systemd/systemd' started with executable stack
    /sbin/inKernel panic - not syncing: Attempted to kill init!
exitcode=3D0x00007f00
    ---[ end Kernel panic - not syncing: Attempted to kill init!
exitcode=3D0x00007f00 ]---
    it: error while loading shared libraries: libpthread.so.0: object
file has no dynamic section

Reverting the commit (and fixing the trivial conflict) fixes the issue.

> --- a/include/linux/highmem.h
> +++ b/include/linux/highmem.h
> @@ -224,13 +224,7 @@ static inline
>  struct folio *vma_alloc_zeroed_movable_folio(struct vm_area_struct *vma,
>                                    unsigned long vaddr)
>  {
> -       struct folio *folio;
> -
> -       folio =3D vma_alloc_folio(GFP_HIGHUSER_MOVABLE, 0, vma, vaddr);
> -       if (folio)
> -               clear_user_highpage(&folio->page, vaddr);
> -
> -       return folio;
> +       return vma_alloc_folio(GFP_HIGHUSER_MOVABLE | __GFP_ZERO, 0, vma,=
 vaddr);
>  }
>  #endif
>
> diff --git a/mm/huge_memory.c b/mm/huge_memory.c
> index 82f464865570..5dcbea96edb7 100644
> --- a/mm/huge_memory.c
> +++ b/mm/huge_memory.c
> @@ -1176,7 +1176,8 @@ static struct folio *vma_alloc_anon_folio_pmd(struc=
t vm_area_struct *vma,
>         }
>         folio_throttle_swaprate(folio, gfp);
>
> -       folio_zero_user(folio, addr);
> +       if (!alloc_zeroed())
> +               folio_zero_user(folio, addr);
>         /*
>          * The memory barrier inside __folio_mark_uptodate makes sure tha=
t
>          * folio_zero_user writes become visible before the set_pmd_at()
> diff --git a/mm/internal.h b/mm/internal.h
> index 906da6280c2d..508f7802dd2b 100644
> --- a/mm/internal.h
> +++ b/mm/internal.h
> @@ -1233,6 +1233,12 @@ void touch_pud(struct vm_area_struct *vma, unsigne=
d long addr,
>  void touch_pmd(struct vm_area_struct *vma, unsigned long addr,
>                pmd_t *pmd, bool write);
>
> +static inline bool alloc_zeroed(void)
> +{
> +       return static_branch_maybe(CONFIG_INIT_ON_ALLOC_DEFAULT_ON,
> +                       &init_on_alloc);
> +}
> +
>  enum {
>         /* mark page accessed */
>         FOLL_TOUCH =3D 1 << 16,
> diff --git a/mm/memory.c b/mm/memory.c
> index c67359ddb61a..88252f0e06d0 100644
> --- a/mm/memory.c
> +++ b/mm/memory.c
> @@ -4719,7 +4719,8 @@ static struct folio *alloc_anon_folio(struct vm_fau=
lt *vmf)
>                                 goto next;
>                         }
>                         folio_throttle_swaprate(folio, gfp);
> -                       folio_zero_user(folio, vmf->address);
> +                       if (!alloc_zeroed())
> +                               folio_zero_user(folio, vmf->address);
>                         return folio;
>                 }
>  next:

Gr{oetje,eeting}s,

                        Geert

--=20
Geert Uytterhoeven -- There's lots of Linux beyond ia32 -- geert@linux-m68k=
.org

In personal conversations with technical people, I call myself a hacker. Bu=
t
when I'm talking to journalists I just say "programmer" or something like t=
hat.
                                -- Linus Torvalds