From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id E8C01C6FD18 for ; Tue, 18 Apr 2023 15:14:45 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 45D268E0002; Tue, 18 Apr 2023 11:14:45 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 40D108E0001; Tue, 18 Apr 2023 11:14:45 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 2AE588E0002; Tue, 18 Apr 2023 11:14:45 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0013.hostedemail.com [216.40.44.13]) by kanga.kvack.org (Postfix) with ESMTP id 195E68E0001 for ; Tue, 18 Apr 2023 11:14:45 -0400 (EDT) Received: from smtpin26.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay05.hostedemail.com (Postfix) with ESMTP id E483040307 for ; Tue, 18 Apr 2023 15:14:44 +0000 (UTC) X-FDA: 80694858888.26.C0EFA52 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by imf11.hostedemail.com (Postfix) with ESMTP id B312D40021 for ; Tue, 18 Apr 2023 15:14:41 +0000 (UTC) Authentication-Results: imf11.hostedemail.com; dkim=pass header.d=redhat.com header.s=mimecast20190719 header.b="c8znl/9/"; spf=pass (imf11.hostedemail.com: domain of peterx@redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=peterx@redhat.com; dmarc=pass (policy=none) header.from=redhat.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1681830881; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=uEbLiIoDuJvtlF8aE44HZGzs1BH3gYE48UCaK8yzhWk=; b=HSKj5zZkcX70+zebzaRThUinI8/cU1IJ/M8jdO93+HZCRanCBp72g5jpYMVxBLGbHeEv9H nZorZe15PE6pzvASi01IP4bRFDTrmPY1oQdtG7YIvsm5Ao1BV1HzAf9M5K0+r+7/C1xNbV eq0sx+yn1UVXB9XtL911dFna4oR/AhM= ARC-Authentication-Results: i=1; imf11.hostedemail.com; dkim=pass header.d=redhat.com header.s=mimecast20190719 header.b="c8znl/9/"; spf=pass (imf11.hostedemail.com: domain of peterx@redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=peterx@redhat.com; dmarc=pass (policy=none) header.from=redhat.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1681830881; a=rsa-sha256; cv=none; b=FN8ucwhGIrOyncGnsCzPcRg8sjQoCnLPuT3nXAyKfe2nM0yrSYg7Kk4dF7ya+bbQV0JOYV Mrs1f7NtFuhGRLaM43yTyidoYYGs8LTo3saPpQhNzOACaDOyLhx+98HDuynqYevKvlRnOr 2TWsbYhOJVTUwHnm8QYlWfD5MOwJ2tA= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1681830880; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=uEbLiIoDuJvtlF8aE44HZGzs1BH3gYE48UCaK8yzhWk=; b=c8znl/9/zq3vvCcDpscxJbAHbYgnj2ayvalj56fqQG9kNHBVymq1iE12CIrf1/bvIDOF9i ELKgcpPFcZtrLp5BHHyZ53MEcjqizvd+45jmG2WGLKISFAp5zoGGFhbxjn6VLz/Bgrx+rt LV7/pyfcXnhzrBpzhc9/WsBD6EFEXPc= Received: from mail-qk1-f199.google.com (mail-qk1-f199.google.com [209.85.222.199]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-313-7z9FvS-ZM9-F8EJbsnNCRQ-1; Tue, 18 Apr 2023 11:14:39 -0400 X-MC-Unique: 7z9FvS-ZM9-F8EJbsnNCRQ-1 Received: by mail-qk1-f199.google.com with SMTP id af79cd13be357-74cf009f476so61654185a.0 for ; Tue, 18 Apr 2023 08:14:39 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1681830879; x=1684422879; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=uEbLiIoDuJvtlF8aE44HZGzs1BH3gYE48UCaK8yzhWk=; b=JmhcbEliCBLuDPo3TJ5/vcacHvNIuJM7/cy2T8ibIxz6a0A5c/5BoNgYzXQe+GR7VH XmZyfcan7Z4G/Zd6mVtep6Hg5ZctkBvQHNKWZEpKxb+sg/rSkoxJWUCsVCFt514MSGgk zMvYkhXCsTJdcHEPcJIn/5PO7PbzR2bfSIX2gfO8K2gNyZkT8hulQ++w+aUUlY/d4MRL HsI5MJT4aRmPaM3OSLMTjm4pnFbZ/8cTQR8dG+6wobAWoguc/0I66xe19SjsjwTx558q mm+tMA7hZsDUK/P4htmdCocnyzMSNDh1zOOtHGIoJBOU99gaE7icuzLABse34Z9ukksO +vwQ== X-Gm-Message-State: AAQBX9cdBKoXvYb1vQd43eCrl/d2SzB3fjXMvyO+abPB3Nj3oNFd9C4M tAP5aaevAW2TN0pYg/TSOQX2bKzF4gbrPE1uFuNUG1dtEesBQ2XEwqPhWeMfMeDjJVd/L9VQ/dF UYko6p9M9CkM= X-Received: by 2002:a05:6214:5083:b0:5df:4d41:9560 with SMTP id kk3-20020a056214508300b005df4d419560mr22254091qvb.0.1681830879164; Tue, 18 Apr 2023 08:14:39 -0700 (PDT) X-Google-Smtp-Source: AKy350YD3hvqu4HP1QYUapVVZAP70gpGlHotyWRVct/+loHGkFxeWCZKiFOvGtf3pTAp4HTKgbicLw== X-Received: by 2002:a05:6214:5083:b0:5df:4d41:9560 with SMTP id kk3-20020a056214508300b005df4d419560mr22254071qvb.0.1681830878851; Tue, 18 Apr 2023 08:14:38 -0700 (PDT) Received: from x1n (bras-base-aurron9127w-grc-40-70-52-229-124.dsl.bell.ca. [70.52.229.124]) by smtp.gmail.com with ESMTPSA id mf10-20020a0562145d8a00b005dd8b9345d2sm3730109qvb.106.2023.04.18.08.14.36 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 18 Apr 2023 08:14:37 -0700 (PDT) Date: Tue, 18 Apr 2023 11:14:36 -0400 From: Peter Xu To: Andrew Morton Cc: linux-kernel@vger.kernel.org, linux-mm@kvack.org, Mike Kravetz , Andrea Arcangeli , Mika =?utf-8?B?UGVudHRpbMOk?= , Axel Rasmussen , Nadav Amit , David Hildenbrand , linux-stable Subject: Re: [PATCH v2 2/6] mm/hugetlb: Fix uffd-wp bit lost when unsharing happens Message-ID: References: <20230417195317.898696-1-peterx@redhat.com> <20230417195317.898696-3-peterx@redhat.com> <20230417164822.d1f5d162115c53aab4c85e85@linux-foundation.org> MIME-Version: 1.0 In-Reply-To: <20230417164822.d1f5d162115c53aab4c85e85@linux-foundation.org> X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Type: text/plain; charset=utf-8 Content-Disposition: inline X-Rspamd-Server: rspam05 X-Rspamd-Queue-Id: B312D40021 X-Stat-Signature: 568t7y8hbb99i63rsxs5o1cgbmt78ky4 X-Rspam-User: X-HE-Tag: 1681830881-640505 X-HE-Meta: U2FsdGVkX19mhXCpN99TLst3EflXW9tAab0AENBKGoctA9sHI6sxlkuhUjgCRbgmPZ2J5pQs79/Uln63mEwntOwXMyALAYlnkNOrLDuj+ewhID/CjAILhXnhUL6xgcWJsFuWl7UibLIGhMlUpXVB9n8exazzkrJLW04ZEqCFFmTy8JR1UE9D9ZpyB4xmqoLNY/bCOTTQQcsD4mRjfjxcO/J7BraIqY9EEIhE8v4Mgc+inAuEw5fWoe1VRGoUrL9QLOVRwFE1kxRfaTnqd8Q5RXLH6Xu8BWSXZzHMcdY+EYDjkpZdgjNux0a3sQlMeXzWzPK5j0M8MHbH2UvrzvuxHrqwYPGgw2wGIs9uaUuqB24NR1JtwS6AKUmN2ZVaZc7dXsYAE6XUkwRhEHN1zKWIH7+AVTmZUbsY/V2hwp+IuR/KgmWsPkocS0s8X6/08cJA8DwC8N823T414nqNzBBdjgxIAImas39/LHS2sLuFjpP8f6jwCU5ZZWW86+kB+Rku2GQzBOVUbFurhQgD1Ou4PIgEG+H2zgw+g+grBwLt12qdqdg6uvsbhUJJ0QgVmgPoUwRQCRi8nRB3J7gZB1EEQYmaSW6gpt4vvv3znT+26zKDWIDKVxQOENl/9qSM7Y9BFFzor5EElhO7oxYfpmykyXGiWOiBTHFL1mI2cSe3pJKdg3xeJ/VYndKUYNvEBwNBWb/f1EfkKmjj5fcs34JTQozmtdxVQpcFrEqQbTZcWP2NMRCm1NXy9n+ZLTdaNR9Emv8m5tjmZRTl2rf8jLVyl1RL7arAqS0ndGl2P+MdokQpVtXFJ2FIaWuImWTo4dS8x/14iD/pc5MIBg0Zsv97baftfpBTtJnWxtAybdyoPMXdYX/xAMJFi85LFD+fWtEFsjfeJvWMGHuw3W4LiwpOMbWrfL/gffq0ScocgjpTvTRN9kiRegYL5MyHRFDuG+n09oAOBckwOsId1rqG3/b r2L5CRuk hbXpxQfXCbAJoDDt7Aox3pcrGx0tcyJSIFcvG79ilocPc4VDSBwAHN5dQeEZOpRwNo1RRVDvSLoOQterc+CKJRKiQWSeS2EmGlqbYyQhyaVr6JCz2Pr9IhsylMrD023Bs1EZMcS7OS/MrTcVjvMU6kPBPbmw1mOYIPniJp0WjUiWV1F2pAFNy1RVfl9FEshvw4NsZiKQLx3tBH52j3utHShlYMBAFwtNg0DfHATSyBlHu4WSUdxUATrbccQVSTqDNCAikAMkQU51H2kyxA/6YBkwHpGDJzpyZA2JF89gjuIFy3nRITF9LPTGNU+l9qNgeQ7ba0j2E9CeZoe2wVgPr+pzLp0wSvM+1hACHJPvFwuZQO5eW1sJnCWDOMCQCfL6GPSlYP+bqO69QDjw+o3H8l/l9RlQdHramd4u/HwbMrsVrXKFp/d2UACNXikP5VuGyEjTi+DD7Qe2S1SRT0SqK+ly0Fe3T7mqE9ef/wLg/BQFxQO7SVp7YzjglPvWGEBC0WtknXeNeYOAm0k4GnCGIKWlwfg== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: Hi, Andrew, On Mon, Apr 17, 2023 at 04:48:22PM -0700, Andrew Morton wrote: > On Mon, 17 Apr 2023 15:53:13 -0400 Peter Xu wrote: > > > When we try to unshare a pinned page for a private hugetlb, uffd-wp bit can > > get lost during unsharing. Fix it by carrying it over. > > > > This should be very rare, only if an unsharing happened on a private > > hugetlb page with uffd-wp protected (e.g. in a child which shares the same > > page with parent with UFFD_FEATURE_EVENT_FORK enabled). > > What are the user-visible consequences of the bug? When above condition met, one can lose uffd-wp bit on the privately mapped hugetlb page. It allows the page to be writable even if it should still be wr-protected. I assume it can mean data loss. However it's very hard to trigger. When I wrote the reproducer (provided in the last patch) I needed to use the newest gup_test cmd introduced by David to trigger it because I don't even know another way to do a proper RO longerm pin. Besides that, it needs a bunch of other conditions all met: (1) hugetlb being mapped privately, (2) userfaultfd registered with WP and EVENT_FORK, (3) the user app fork()s, then, (4) RO longterm pin onto a wr-protected anonymous page. If it's not impossible to hit in production I'd say extremely rare. > > > Cc: linux-stable > > When proposing a backport, it's better to present the patch as a > standalone thing, against current -linus. I'll then queue it in > mm-hotfixes and shall send it upstream during this -rc cycle. > > As presented, this patch won't go upstream until after 6.3 is released, > and as it comes later in time, more backporting effort might be needed. > > I can rework things if this fix is reasonably urgent (the "user-visible > consequences" info is the guide). If not urgent, we can leave things > as they are. IMHO it's not urgent so suitable for mm-unstable (current base of this set; sorry if I forgot to mention it explicitly). I'll post (and remember to post) patches on top of mm-stable if they're urgent, or e.g. bugs introduced in current release. I copied stable for the pure logic of fixing a bug in old kernels. The consequence of hitting the bug is very bad but chance to hit is very low. Thanks, -- Peter Xu