From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 13683C4345F for ; Mon, 22 Apr 2024 21:08:22 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 8A51B6B0085; Mon, 22 Apr 2024 17:08:21 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 806DC6B0088; Mon, 22 Apr 2024 17:08:21 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 680336B0089; Mon, 22 Apr 2024 17:08:21 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0012.hostedemail.com [216.40.44.12]) by kanga.kvack.org (Postfix) with ESMTP id 467566B0085 for ; Mon, 22 Apr 2024 17:08:21 -0400 (EDT) Received: from smtpin30.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay08.hostedemail.com (Postfix) with ESMTP id BB4B9140DC9 for ; Mon, 22 Apr 2024 21:08:20 +0000 (UTC) X-FDA: 82038405960.30.AA1986C Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by imf30.hostedemail.com (Postfix) with ESMTP id C276E80004 for ; Mon, 22 Apr 2024 21:08:18 +0000 (UTC) Authentication-Results: imf30.hostedemail.com; dkim=pass header.d=redhat.com header.s=mimecast20190719 header.b=hHOSrDfM; spf=pass (imf30.hostedemail.com: domain of peterx@redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=peterx@redhat.com; dmarc=pass (policy=none) header.from=redhat.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1713820098; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=ekiFdY7KdKIVeACK1SW6wWvdTyknybnOlNtI4Ls9b00=; b=8Imz4AkroWpp9nyJF2VXB81Zy0O2RcNP9MqSzqTyD0hHyvQgOBpaH5c0n336w4ngWsEny2 Oi06y/OffhK47+YcZH4y6neB3BSpAP97etQJDJjy1CBB2ZL2lenVZerY2ZJ1Y6eJe0Ntfu AboK0FDReWCD/m5akqfIFDEeT9+QFw4= ARC-Authentication-Results: i=1; imf30.hostedemail.com; dkim=pass header.d=redhat.com header.s=mimecast20190719 header.b=hHOSrDfM; spf=pass (imf30.hostedemail.com: domain of peterx@redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=peterx@redhat.com; dmarc=pass (policy=none) header.from=redhat.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1713820098; a=rsa-sha256; cv=none; b=A0jehshN6n14drIIRUUZB2DGw5RkWvnS7N0vlonEm6u3H5s2CRhz3NPMXEJPBTvqaBNaS4 IjIBx5Ke5hs8rXGXFRv4bt/078QpT2sSalVXmG3ECEYIq4MapzeCRasCMeGtYqlakLZARJ wj8el+A44M6vAMvZtew3Dp9noAm07Ng= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1713820098; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=ekiFdY7KdKIVeACK1SW6wWvdTyknybnOlNtI4Ls9b00=; b=hHOSrDfMUGaGcWivRxoo91gkJ5FepwEzemvuz0J0/wAb8YpOTM9gz3aFmnaPfFlKs49EWM 49MRXXp9yXFPWykeEwYsudpVpEp9po1DINipXjPz0C1uIx4qTE4D0Hbn6EMxfNtZPeaeHa PCHJ0QNGg4OMmbjcvYBT/AgrpYYEorE= Received: from mail-pf1-f198.google.com (mail-pf1-f198.google.com [209.85.210.198]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-578-AUajzwJ_OQO7s2vImIRnaw-1; Mon, 22 Apr 2024 17:08:15 -0400 X-MC-Unique: AUajzwJ_OQO7s2vImIRnaw-1 Received: by mail-pf1-f198.google.com with SMTP id d2e1a72fcca58-6f05561060aso1973564b3a.3 for ; Mon, 22 Apr 2024 14:08:15 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1713820095; x=1714424895; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=ekiFdY7KdKIVeACK1SW6wWvdTyknybnOlNtI4Ls9b00=; b=HeEJd1izYo5DPsY3H7lYO1538ubUZdJ6ZWH7yOKnO8WbfthfHxvxvgmDSy1ub6c8Rf rs4XCoFB6AIEA+kAasr8NnEpcStMvkwXeVbK6A/lgLkOpqC0rVO24ARaxorkS5bsPjQ2 Ya1gnSjj/gdUZXTpksElEIQq6rNDucRpXv7Gh5uCOaG3dy4PPozskZhZVz2OoA/emFrG 0vE1BLbPjoF8+zf4TRtP8z/9dc+Nl0JRSlXPx38qtI4plfhnGpywnHE/k5gor3S7QM0m RP5k7OZTC50tX09EXwRifrR62beAgqsKSfyzCAfjFrqGoxBewrE+5HiCVfuOK/irHi/m 1jrQ== X-Forwarded-Encrypted: i=1; AJvYcCUK52X9tUFglh58AbPs6rtck5/+iCN2V5Ia45kxNUTEpzBm4yAhHQdi4rQdzPTw7q5h3YRXlfdP0ky//eRbaaSCIHw= X-Gm-Message-State: AOJu0YzugwXiVqRE6JpBL9mtp4bmVwJX5wl/5rfER7fb3AOl/8yZZSjr gfhniHpeWqGKl6tLOHlYF25WJHxqM35PP3WF+/75rUu+oVyxM/8OlYoDMGIcKNK1pBGJW9McAgo /h/x9OtwH6m63AXbb02i2KmNZ8D10nbQLiX5cAQrjgOr9Vg7Q X-Received: by 2002:aa7:9f4d:0:b0:6ec:ee44:17bb with SMTP id h13-20020aa79f4d000000b006ecee4417bbmr12183568pfr.2.1713820093955; Mon, 22 Apr 2024 14:08:13 -0700 (PDT) X-Google-Smtp-Source: AGHT+IE+um4rmUwhSDUv3JUmF9L1QUqtLXHFWP93cOe73DJBTQrIZbZR7KhE8RPP+ljNoQaPsAsxnw== X-Received: by 2002:aa7:9f4d:0:b0:6ec:ee44:17bb with SMTP id h13-20020aa79f4d000000b006ecee4417bbmr12183536pfr.2.1713820093131; Mon, 22 Apr 2024 14:08:13 -0700 (PDT) Received: from x1n (pool-99-254-121-117.cpe.net.cable.rogers.com. [99.254.121.117]) by smtp.gmail.com with ESMTPSA id fc4-20020a056a002e0400b006eb058b2703sm6655857pfb.187.2024.04.22.14.08.11 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 22 Apr 2024 14:08:12 -0700 (PDT) Date: Mon, 22 Apr 2024 17:08:09 -0400 From: Peter Xu To: Andrew Morton Cc: linux-kernel@vger.kernel.org, linux-mm@kvack.org, Nadav Amit , David Hildenbrand , syzbot+d8426b591c36b21c750e@syzkaller.appspotmail.com Subject: Re: [PATCH] mm/userfaultfd: Reset ptes when close() for wr-protected ones Message-ID: References: <20240422133311.2987675-1-peterx@redhat.com> <20240422124719.5097e42a736403d306ba7cf0@linux-foundation.org> MIME-Version: 1.0 In-Reply-To: <20240422124719.5097e42a736403d306ba7cf0@linux-foundation.org> X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Type: text/plain; charset=utf-8 Content-Disposition: inline X-Rspamd-Queue-Id: C276E80004 X-Stat-Signature: 1g3778zfew4c5hqj3xnyjhxzef8bjfrd X-Rspam-User: X-Rspamd-Server: rspam07 X-HE-Tag: 1713820098-634178 X-HE-Meta: U2FsdGVkX1+G4f8+RDymCxFgISJHWbz91PB2abLeRB3RVuBtC0sntI9eaaLkDQuvHOMTVaa0Afw11zD0H8N79mt7d/DzKvWpY/1VxZBgsHgvxcZICU/QRv5p7Eq/y+2fsi+XbPFs/3namosh8AXFv+XLAF+zmDAMbPrJNB0pnB46nE4E6RtQAW5xtRWbBq/XoQ1CTIfxCSPKm6wsd8QQ9cBmZtIamHFFDDpVj7JCXLTC5w5XsN8vopo7GzuFAZw5G0VPhBktiFV6MZOAlraqjZQuhfVRqcDM9gp24ivYNSNBCPf1bor4xJ6x/tpf7KUnNeD0yFKOjbxk1ST0dzQxNvtYXOtg+qyBu54ziDWeywN0QZfoentoC5UVGCyAmOhCFLuNiDXH7+sdAJeZf6XRJN0GQq6tM+Yb2I3cxBQQioWLVbWNvRCxRVcfCrkkX8Xonveis6WOUL19BSH9S+6X3yHlewQmOzymO+AbEvHGKYxG2W3yVXKYxPUrqmbtlOtOLIQKaQ8tMaIPc2lSSSNdQHP5S+SeBABSz2kZWF8QEEKeTShc/6jTPmivXzotU7sOqgkgASpjm2a08SWXNPXlt6QaiEvS+LASTZ/+dZPiXbLZcQYOJ/fqG7qwpLg077AA0Ikcb/wQm6H8p1zFJECguYLThN9HEARCWbk/w2VfL+mpso7ymbhkHGKT1s2TwHPRObyi4zBRz34VpHsu9tIAAEJQxUxDWPlWmgIwq2SOK95WyMP7hm9DJRlO+adsaLuEc9pPxS4wI6ITgU++8m60DPOH4zdc5vY3gYdnKdI04CGQMd9fnHxJIu8lBh6c+TfBXZ0loMPk4566kGoczCQ6VWCP7dlY3qHYDnrp16+3/wNMEWLt2Dno+qqk1vCUTIa2wwOCBKcBFlj1izTtCWyPvL1kvXmT8XjSEfOiytPWB/NRB3KuZUKfzxCHowFqr/pCOj06lZ/o/hDe9tToVH6 Kl1+9HCs lzU5rJuOmeHx0cTgqZS7QMBkRgg1n7py5Rx7uZhkQREUMC10n+o8by9TZqQRbDEbmidzSDogZ55TN1UGPCEiTy8nJ00esECIWRd8T+5CF3Xg0vip43n9RVcGqOU3p+FWntreaR2AJD5XVQBGe7knlch1y1oYPjrkcfWoznj10m5XLNrNOdQnkoscI0A== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On Mon, Apr 22, 2024 at 12:47:19PM -0700, Andrew Morton wrote: > On Mon, 22 Apr 2024 09:33:11 -0400 Peter Xu wrote: > > > Userfaultfd unregister includes a step to remove wr-protect bits from all > > the relevant pgtable entries, but that only covered an explicit > > UFFDIO_UNREGISTER ioctl, not a close() on the userfaultfd itself. Cover > > that too. > > We should include a description of the userspace-visible effects of the > bug, please. Always. Ah, this one is a bit special so I didn't consider copying stable at all, but I'll be more verbose next time.. The only user visible side effect is the user can observe leftover wr-protect bits even if the user close()ed on an userfaultfd when releasing the last reference of it. However hopefully that should be harmless, and nothing bad should happen even if so. This change is now more important after the recent page-table-check patch we merged in mm-unstable (446dd9ad37d0 ("mm/page_table_check: support userfault wr-protect entries")), as we'll do sanity check on uffd-wp bits without vma context. So it's better if we can 100% guarantee no uffd-wp bit leftovers, to make sure each report will be valid. > > I see it triggers a WARN, but so what - why ca't we simply delete the > WARN statement if that's the only effect? Presumably there are other > consequences - what are they? Because that's newly added and we want to keep using those WARNINGs to trap real bugs (and I'd expect new reports coming after this one.. we at least have one real bug to fix somewhere..). > > Also, a WARN-triggering bug should be fixed in -stable kernels so we'll > need a FIXES:, please? This only triggers due to the most recently added WARNING, so I assume it shouldn't trigger in any old kernels, even Linus's tree shouldn't trigger because the WARNING isn't there. Though maybe it's indeed better to also pick this one up for stable, as it does similar thing as what below commit does, however just to cover close() too which was overlooked: commit f369b07c861435bd812a9d14493f71b34132ed6f Author: Peter Xu Date: Thu Aug 11 16:13:40 2022 -0400 mm/uffd: reset write protection when unregister with wp-mode So I think that Fixes should be: Fixes: f369b07c8614 ("mm/uffd: reset write protection when unregister with wp-mode") Thanks, -- Peter Xu