From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 76B7DC2BD09 for ; Mon, 24 Jun 2024 15:30:44 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id E06F86B0114; Mon, 24 Jun 2024 11:30:43 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id D8F9E6B03CF; Mon, 24 Jun 2024 11:30:43 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id BE2D46B03CD; Mon, 24 Jun 2024 11:30:43 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0015.hostedemail.com [216.40.44.15]) by kanga.kvack.org (Postfix) with ESMTP id 9C4146B010E for ; Mon, 24 Jun 2024 11:30:43 -0400 (EDT) Received: from smtpin12.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay08.hostedemail.com (Postfix) with ESMTP id 3CF1A14107B for ; Mon, 24 Jun 2024 15:30:43 +0000 (UTC) X-FDA: 82266169566.12.3811364 Received: from casper.infradead.org (casper.infradead.org [90.155.50.34]) by imf14.hostedemail.com (Postfix) with ESMTP id DD2AB10000C for ; Mon, 24 Jun 2024 15:30:40 +0000 (UTC) Authentication-Results: imf14.hostedemail.com; dkim=pass header.d=infradead.org header.s=casper.20170209 header.b=oTDMZlN4; dmarc=none; spf=none (imf14.hostedemail.com: domain of willy@infradead.org has no SPF policy when checking 90.155.50.34) smtp.mailfrom=willy@infradead.org ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1719243031; a=rsa-sha256; cv=none; b=3CAMs7KfZGR2LPa4MmJikCJ2v8lhalnJ2zpIZIIIK1flKouK04OLOL/8mBKiu2mz+7Zw57 eiGn2EbRMfWLiYjJkrZr5r3vsLdH+j7+BjO8+40RjijBMMRiZL8jRijZ7I/LdV5vVmwFIp 6YEWyLrDdYwssujzHM8Dy1mHNGI/MpM= ARC-Authentication-Results: i=1; imf14.hostedemail.com; dkim=pass header.d=infradead.org header.s=casper.20170209 header.b=oTDMZlN4; dmarc=none; spf=none (imf14.hostedemail.com: domain of willy@infradead.org has no SPF policy when checking 90.155.50.34) smtp.mailfrom=willy@infradead.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1719243031; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=ibOseP3v+dBm3ryF8qHTc4kO0U1WTtO4bLBS/mcVu34=; b=K6Mskjhkw9IMkPRxfJn5sjbLeIcs/vuwM2pj06Lr9YVcvPKflrby4EGSxedY7RRYrjiKZq AduAg9B93NCwx9rQGYAJgARGFcTNUVxzehZY2TaFXqLbA3LoYDXxR+6BQLv32EbrirfToC X55O2p3fh1nGZZogwbU8GsrsYYM5VGU= DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=infradead.org; s=casper.20170209; h=In-Reply-To:Content-Type:MIME-Version: References:Message-ID:Subject:Cc:To:From:Date:Sender:Reply-To: Content-Transfer-Encoding:Content-ID:Content-Description; bh=ibOseP3v+dBm3ryF8qHTc4kO0U1WTtO4bLBS/mcVu34=; b=oTDMZlN4SXslRY4K7g3pCQbGMD qsQfoMhI7YcQdflI7frvY7DJgaYzXxOaWibqzG6uc5Tk0XaPw7hpthbydXCkPWid9i1LM6i3DM70O tVGdEkKpNjmUaCi1AFIyvQ4gayZE3VzExPtj0+6X1+S+buOV8PjD7DNDqBnJIJwCt4y4cznv3XzUv gppbQlBZQWKJ6N0xlzAklb69xw+NFgMTMq95gPTeXMVK0CYuC28uPkIX5+eW2IiPG/ttMySf9X1pl 56A4Yhnr4i2nBoObwCBbKkhSN6RJryWtvDqIGWTJvPuoJeYjyibwp0ybu94RNtpbC24EAo1bXsdaf c1HBWJBQ==; Received: from willy by casper.infradead.org with local (Exim 4.97.1 #2 (Red Hat Linux)) id 1sLleN-0000000ABa2-439g; Mon, 24 Jun 2024 15:30:36 +0000 Date: Mon, 24 Jun 2024 16:30:35 +0100 From: Matthew Wilcox To: David Howells Cc: Christian Brauner , Jeff Layton , netfs@lists.linux.dev, v9fs@lists.linux.dev, linux-afs@lists.infradead.org, linux-cifs@vger.kernel.org, linux-mm@kvack.org, linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org Subject: Re: [PATCH] netfs: Fix netfs_page_mkwrite() to check folio->mapping is valid Message-ID: References: <614257.1719228181@warthog.procyon.org.uk> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <614257.1719228181@warthog.procyon.org.uk> X-Rspamd-Queue-Id: DD2AB10000C X-Rspam-User: X-Rspamd-Server: rspam05 X-Stat-Signature: aimo7byqmy3jmhsfrmcdpyi4yyyefnie X-HE-Tag: 1719243040-206425 X-HE-Meta: U2FsdGVkX18qsDz8uWJBoEJwuDYTA+jpUmFpsgmqVRjMYR7837q9lsHSTbHEsqCQFMty08uwGsjFd5mNIbCkCWsN0uBgRSW7z8aeQ1HWwIzFYEVnFNfSSZNcBCHllz6mLhMyxeDsbSWWRhQ26FMCQa3DuFaBW1IlyvbtG7GN5c8v0sbMiXdps0aiXc25WEnnF51qvTJFj07wpYbrwYkiI0Q3xX6k8AZQisK0JJn+/jrJR+LszP6pxYbd8Fz4dHooqMC4oJzynTWb9gLMNRhXXqcGXfa137CK6/Pbz3xEr6//0t9/lW6WJ/MKeW35LLOW6oDVNSia5NsatS7rkKurmuKJwsZxm7JirUzQ1ZDYN17Y/P2hohHdcFirEfiOyjeKJ6K0470HzaErD6VnqfnIhCVn6nPI3vHdW/T4suRAVFkb3K2XSaLugyKe1yO+jznvKE1KmJIXl72qxEJKHeolctSLsYZ29jdb9e8vRl2tfLztmFb4grp1z8iUvOcu1tEDle31Vowy+Dig1+JQ0yi43gelDA36yvyYtXXFFLHzmyP0OfoOXIq3w10KpI5z1xDSi6dsmtwMFEK3ztUCvASDkKzXRPYzTZs+RrO6DhAwLEMG8wq5/RZIPllM6supjmCuFHBOTQ8t+oHNDkbNkVEQaf4sKTOasCIh0uGSwkCqCj+gBY1K4S6KW+RmaU+woPTZex0a1mEpLhCI1BI6fQdSKPgt+50USXgtUoAdkDG1xXKuNVth6pThIqkcfe81W3IJg73ZMrltIyCwQ5lNajQ7jnQb+jqK2vovho0xunetItVVn4UCpzuN4bS0eabFY5cdfLg8iwrH/qlTFq4BeDt6Hg6FtAhYWhnrlm0039wjek/8B8IKeKkKSKMcql97AkxmtTg5LoAk2PyBhs/hyPliuog+/piJ8mjUa+XTQPqVszOte683jYUJurpnqL3T2tHzhCDfS/gC4y+zcLTjFpW OyRby/JR 0upERpv9RAx1SPR/JKf4KtCCyhErLm4eeB56ek8ms36gghHtCwzj3oExeWtnSpQm5U1fNKhnXpXsZuCxchqSR5u+3VM8/fWuu8uKHZxwFsOZwLExfp6t1BulUp/+/ji8FdzKc6vdcueVF1TuXPv4/RXi+4yd64LKhKSmzxV+SwOOl/pSX3ZkbX89IKj9R7jWucJyYrC0xnZZiCJbr8nFb56VLYdnXzv94jZpmcyyCpRBnVUrurOXPI8Mc3OznYsjn4wXvd5Zgt7ISwF3ntvyDwUpqwA== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On Mon, Jun 24, 2024 at 12:23:01PM +0100, David Howells wrote: > @@ -508,6 +509,10 @@ vm_fault_t netfs_page_mkwrite(struct vm_fault *vmf, struct netfs_group *netfs_gr > > if (folio_lock_killable(folio) < 0) > goto out; > + if (folio->mapping != mapping) { > + ret = VM_FAULT_NOPAGE | VM_FAULT_LOCKED; > + goto out; > + } Have you tested this? I'd expect it to throw some VM assertions. ret = vmf->vma->vm_ops->page_mkwrite(vmf); /* Restore original flags so that caller is not surprised */ vmf->flags = old_flags; if (unlikely(ret & (VM_FAULT_ERROR | VM_FAULT_NOPAGE))) return ret; ... if (unlikely(!tmp || (tmp & (VM_FAULT_ERROR | VM_FAULT_NOPAGE)))) { folio_put(folio); return tmp; } So you locked the folio, then called folio_put() without unlocking it. Usually the VM complains noisily if you free a locked folio.