From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 2926DC433EF for ; Thu, 9 Jun 2022 21:44:07 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 4F1B48D004C; Thu, 9 Jun 2022 17:44:07 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 47AC28D0034; Thu, 9 Jun 2022 17:44:07 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 2CF918D004C; Thu, 9 Jun 2022 17:44:07 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0014.hostedemail.com [216.40.44.14]) by kanga.kvack.org (Postfix) with ESMTP id 17BC18D0034 for ; Thu, 9 Jun 2022 17:44:07 -0400 (EDT) Received: from smtpin03.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay13.hostedemail.com (Postfix) with ESMTP id E673A60F3C for ; Thu, 9 Jun 2022 21:44:06 +0000 (UTC) X-FDA: 79560025692.03.0E328DE Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by imf08.hostedemail.com (Postfix) with ESMTP id 45E13160067 for ; Thu, 9 Jun 2022 21:44:06 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1654811045; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=fagLn1QORtw1CmMdNHS/I/NOn/mH/sycRvPzvG14xuw=; b=QF+oTifpw2n/RsokUwBX/jHFPt31dZTyq7+fIrvkOeiEUNSJvBtWeHW/Be+E/0Xk9eJVLA ISD9GhTbJIHbzOsQJNorMipx1docD2r3h/mQcEPxQqmbF/JQdTXXSD00cycUP/J7rz8vyZ t7ldJEo25x1eiCaIyVv40nSVFuNjO6k= Received: from mail-io1-f71.google.com (mail-io1-f71.google.com [209.85.166.71]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-182-3JmC7UdLOLSrYh1CK7ToPA-1; Thu, 09 Jun 2022 17:44:02 -0400 X-MC-Unique: 3JmC7UdLOLSrYh1CK7ToPA-1 Received: by mail-io1-f71.google.com with SMTP id r26-20020a5d96da000000b006699181eb7dso3488094iol.14 for ; Thu, 09 Jun 2022 14:44:02 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:in-reply-to; bh=fagLn1QORtw1CmMdNHS/I/NOn/mH/sycRvPzvG14xuw=; b=nU0Xc1LndHbecNDRHdMHX/GXnBBGOgGvfSN7OoqNVyO4ZRdEho5O9Te1HNdNAAotzG RnTAtHiUcmsKw2Up9ZwOiwggJmZuo296ZkJTWv1DQNzU3+ZANtehSA77QvTH+vm9y9F8 9ojhiel7AdUtpJPUUavdKce5S5KyD4jizHQQUcpwE+FBw8nWByISo1ui1nYJmaVtu2bh qUKjfOQoZztOrg3sfS2CKT2SQWdtXzo+0FgpFX8QeFEVg0hDblxa2JwYuCzaTPE2p2Ei nIuv+u3F3RY3PN83lmK8sk32BjcXTmw6b5xeFI3h4bOd/DW+MshdDz3zPPWdhjPkeVhJ rmqw== X-Gm-Message-State: AOAM531+nw3VWW0ojWlDNFy2+ChVWbftzzUy+FRLklp7ntMz+fXT9Pfa TsKcl72aRMxvqWSUExGCNhdQJt0zjKFuABlDSY+rNiFdaHQ9pVkIV22GXNde/KB/W3SZqyY3dUV KEcy8PVtFSbM= X-Received: by 2002:a05:6638:2481:b0:331:e12a:5e32 with SMTP id x1-20020a056638248100b00331e12a5e32mr6646718jat.90.1654811041620; Thu, 09 Jun 2022 14:44:01 -0700 (PDT) X-Google-Smtp-Source: ABdhPJyXpLojQTJVnS0FPF/WE2W5OAqAKBEdOtdJTiKvakBu2zBlPA0HwTGpzdUEAFTkkUhX7Qtmbw== X-Received: by 2002:a05:6638:2481:b0:331:e12a:5e32 with SMTP id x1-20020a056638248100b00331e12a5e32mr6646712jat.90.1654811041399; Thu, 09 Jun 2022 14:44:01 -0700 (PDT) Received: from xz-m1.local (cpec09435e3e0ee-cmc09435e3e0ec.cpe.net.cable.rogers.com. [99.241.198.116]) by smtp.gmail.com with ESMTPSA id g2-20020a92c7c2000000b002d0fb2aab24sm11032990ilk.8.2022.06.09.14.44.00 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 09 Jun 2022 14:44:00 -0700 (PDT) Date: Thu, 9 Jun 2022 17:43:59 -0400 From: Peter Xu To: Axel Rasmussen Cc: Andrew Morton , Hugh Dickins , linux-mm@kvack.org, linux-kernel@vger.kernel.org, stable@vger.kernel.org Subject: Re: [PATCH] mm: userfaultfd: fix UFFDIO_CONTINUE on fallocated shmem pages Message-ID: References: <20220603205741.12888-1-axelrasmussen@google.com> MIME-Version: 1.0 In-Reply-To: <20220603205741.12888-1-axelrasmussen@google.com> X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Type: text/plain; charset=utf-8 Content-Disposition: inline ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1654811046; a=rsa-sha256; cv=none; b=hnagTuw0sQ6kWI+HMutqgREItLR8OEi8t0jLbWnhWJCi3AiP/sxLSLHv5RiQVRkhu+7Hdz hJgD3c9aAQVCO6A5+87kZcnkbg1+aPJ8kO3wKJCjAVq/L7vRir70kcpJwUeLy5opc34Wb8 LhlVLSgoEc3EFZDZOs7wgGSAWDUmtQs= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1654811046; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=fagLn1QORtw1CmMdNHS/I/NOn/mH/sycRvPzvG14xuw=; b=ITltzXJhlCcRlId2u4EgGV8jtAq9OsseIFcHp8z+pPVl2u9DEFQ9FP2dCwrN/SiAAxJDhO xhWARMPCPKv1pt1mm2DQ6LgfQ+5nZiO7y+9yYKQpGWmdoO4NCE2TAxFf6YKS3PLqmXc5y7 zRZcjfFtc5UblExZpBedDCdF3EiUbGw= ARC-Authentication-Results: i=1; imf08.hostedemail.com; dkim=pass header.d=redhat.com header.s=mimecast20190719 header.b=QF+oTifp; dmarc=pass (policy=none) header.from=redhat.com; spf=none (imf08.hostedemail.com: domain of peterx@redhat.com has no SPF policy when checking 170.10.133.124) smtp.mailfrom=peterx@redhat.com Authentication-Results: imf08.hostedemail.com; dkim=pass header.d=redhat.com header.s=mimecast20190719 header.b=QF+oTifp; dmarc=pass (policy=none) header.from=redhat.com; spf=none (imf08.hostedemail.com: domain of peterx@redhat.com has no SPF policy when checking 170.10.133.124) smtp.mailfrom=peterx@redhat.com X-Stat-Signature: di8gbujzen893tao164spxxrtbepcmr9 X-Rspamd-Queue-Id: 45E13160067 X-Rspamd-Server: rspam12 X-Rspam-User: X-HE-Tag: 1654811046-567388 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: Hi, Axel, Sorry to read this late. On Fri, Jun 03, 2022 at 01:57:41PM -0700, Axel Rasmussen wrote: > When fallocate() is used on a shmem file, the pages we allocate can end > up with !PageUptodate. > > Since UFFDIO_CONTINUE tries to find the existing page the user wants to > map with SGP_READ, we would fail to find such a page, since > shmem_getpage_gfp returns with a "NULL" pagep for SGP_READ if it > discovers !PageUptodate. As a result, UFFDIO_CONTINUE returns -EFAULT, > as it would do if the page wasn't found in the page cache at all. > > This isn't the intended behavior. UFFDIO_CONTINUE is just trying to find > if a page exists, and doesn't care whether it still needs to be cleared > or not. So, instead of SGP_READ, pass in SGP_NOALLOC. This is the same, > except for one critical difference: in the !PageUptodate case, > SGP_NOALLOC will clear the page and then return it. With this change, > UFFDIO_CONTINUE works properly (succeeds) on a shmem file which has been > fallocated, but otherwise not modified. > > Fixes: 153132571f02 ("userfaultfd/shmem: support UFFDIO_CONTINUE for shmem") > Cc: stable@vger.kernel.org > Signed-off-by: Axel Rasmussen > --- > mm/userfaultfd.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/mm/userfaultfd.c b/mm/userfaultfd.c > index 4f4892a5f767..c156f7f5b854 100644 > --- a/mm/userfaultfd.c > +++ b/mm/userfaultfd.c > @@ -246,7 +246,7 @@ static int mcontinue_atomic_pte(struct mm_struct *dst_mm, > struct page *page; > int ret; > > - ret = shmem_getpage(inode, pgoff, &page, SGP_READ); > + ret = shmem_getpage(inode, pgoff, &page, SGP_NOALLOC); > if (ret) > goto out; > if (!page) { It all looks sane if the page is !uptodate as you described. Though I've a question on what'll happen if the page is actually missing rather than just !PageUptodate(). My reading is previously it'll keep returning 0 on shmem_getpage_gfp() for both cases, but now for the missing page shmem_getpage_gfp() will return -ENOENT instead. This reminded me on whether this will errornously let __mcopy_atomic() go into the special path to copy the page without mmap lock, please see this commit: b6ebaedb4cb1 ("userfaultfd: avoid mmap_sem read recursion in mcopy_atomic", 2015-09-04) Would that be a problem? Or could I read it wrong? This also reminded me that whether we'd better need some protection in the -ENOENT handling in __mcopy_atomic() to be always safe. Thanks, -- Peter Xu