From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id DC26CC0219C for ; Fri, 7 Feb 2025 11:00:14 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id D65C46B008A; Fri, 7 Feb 2025 06:00:12 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id CFCE56B0093; Fri, 7 Feb 2025 06:00:12 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id AC7376B0095; Fri, 7 Feb 2025 06:00:12 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0014.hostedemail.com [216.40.44.14]) by kanga.kvack.org (Postfix) with ESMTP id 651846B008A for ; Fri, 7 Feb 2025 06:00:12 -0500 (EST) Received: from smtpin07.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay04.hostedemail.com (Postfix) with ESMTP id 0EFBD1A180F for ; Fri, 7 Feb 2025 11:00:05 +0000 (UTC) X-FDA: 83092853970.07.FBB356E Received: from foss.arm.com (foss.arm.com [217.140.110.172]) by imf01.hostedemail.com (Postfix) with ESMTP id 5CF604002E for ; Fri, 7 Feb 2025 10:59:59 +0000 (UTC) Authentication-Results: imf01.hostedemail.com; dkim=none; dmarc=pass (policy=none) header.from=arm.com; spf=pass (imf01.hostedemail.com: domain of ryan.roberts@arm.com designates 217.140.110.172 as permitted sender) smtp.mailfrom=ryan.roberts@arm.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1738925999; a=rsa-sha256; cv=none; b=DkBrbjlq1wJQmEKgMODSmTgN8n0FfOV9XSTPLXmnixjGvBFy9V8tWdkScKdFgzxBxKDT8o FRZmOuReAEC/xBDaNC9gUywBm7eGPo5vFob3W7YbiOMszWNrZ6gx7scvJ3RNEsPBWcItxa hlP2y3hD6ivXJvAnAYdnlARUEFIBJaI= ARC-Authentication-Results: i=1; imf01.hostedemail.com; dkim=none; dmarc=pass (policy=none) header.from=arm.com; spf=pass (imf01.hostedemail.com: domain of ryan.roberts@arm.com designates 217.140.110.172 as permitted sender) smtp.mailfrom=ryan.roberts@arm.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1738925999; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=bEyqjleM/WRbKW1ebONSnQcH9I0/t61hK4xp+wMk12w=; b=BJR4yBEcbtqBBFDA2HeYCEjD2aNCRQVkCmn+8KkPFo1KWvbfn95/EH5v7y2FjDV1VbIrwG 0gLq3wn8QC/RwxIwZE9LxoXy3thrKZLQCqEvdm05clX1VP9gGzHIpMB8LLFmgXCJ4dIJbY 9Q40wo6yBo6mmPRoVhdbPioqY8lzEA8= Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 9E81B113E; Fri, 7 Feb 2025 03:00:21 -0800 (PST) Received: from [10.57.81.111] (unknown [10.57.81.111]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id AED2C3F63F; Fri, 7 Feb 2025 02:59:55 -0800 (PST) Message-ID: Date: Fri, 7 Feb 2025 10:59:53 +0000 MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: [PATCH v1 10/16] mm/vmalloc: Warn on improper use of vunmap_range() Content-Language: en-GB To: Anshuman Khandual , Catalin Marinas , Will Deacon , Muchun Song , Pasha Tatashin , Andrew Morton , Uladzislau Rezki , Christoph Hellwig , Mark Rutland , Ard Biesheuvel , Dev Jain , Alexandre Ghiti , Steve Capper , Kevin Brodsky Cc: linux-arm-kernel@lists.infradead.org, linux-mm@kvack.org, linux-kernel@vger.kernel.org References: <20250205151003.88959-1-ryan.roberts@arm.com> <20250205151003.88959-11-ryan.roberts@arm.com> <3bbae070-1ae3-4f5d-86ab-b3221425a1cb@arm.com> From: Ryan Roberts In-Reply-To: <3bbae070-1ae3-4f5d-86ab-b3221425a1cb@arm.com> Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-Rspam-User: X-Rspamd-Queue-Id: 5CF604002E X-Rspamd-Server: rspam12 X-Stat-Signature: tpqf9p97aja4497hair4amfea1t8pnco X-HE-Tag: 1738925999-16816 X-HE-Meta: U2FsdGVkX1+e645WA6NmV3AuvrMBHJWGUJ2rcfqXuGvZuYepiDzTrGrkSwB3Kn2FsVodSzJXkcXF+s2VnKMf/TqVXSesiwq74HNYkP02Xt28E22o9FvGuV5x97uIzq/FYKJlv5arU2+b6FSTI2Z9oT3nokL4MwE0o3SSitZx8GukRQnwc09fiupdpt7tAEZIC+v8tGVBs3Z1wKk2arj/y3UVJdPI9dWodxDgbdoPT7s/GBjPFahuQ6e94zaVDtLmzaWD3uGTgmOvJKMO6xuB8EKISzr4wF2zgrjIUZsmqfeDjoKREeH08h+yb3ZJS8hr0Fu2sGOLyHH9n/jm4NrK9WzP6x/cDp6CWEhLJ3VPRg5ZYqKz40gnFmI7MK5KRlfqgWOcVqPZ9IocIFymuhUW2zdGLOlp5Ph/5HBld00XKmQ70Afb5HZybTYLuwdUvIRV0RyQKTwR9HMorocuKiY5z5hIji+iT7uD58mABFzxZ4KNCP8EdmzQSklD/ir/BAPf9dy25EaaID+Up8WmptO/pA7KhkvECNDPaRmQ4baQayYQPi/FcDvRcxVHbeHJm1SN/RnlqkfmUEqw0o3qlakXozPgnQ5BdFhwji9Bn2BTejkrnejldLuNUZ1mQWtk/vqg5laTxKcrAk8dZ2OAxLeJbgxY444yrAaQEgOAI56LcxZfCWHn2oVw+6yj/g3SFfDkPzjAwJ2dFRVGB8DGWG9fVInWbM2gTcXRctktbhFt82FD/Qp+tdGYWdUb6Vn1N2Pm71mON9Sf6xcVK9ClM9nQJLO0ViO6rNF8pN+M5Rm0WIV88MvVN9f+R0LEzZZ2Vp64dEiatz12ecCLrcIvVM8PV3CeP5oiMBLIlKaPAxCvJTNr8+3+MrgaeZDDU+d0CH05/aMIHu2dLVl1xSs02R3w4FaSexTrTGBVvwZ1OCkt/dzwdJe8ojOjMzsTpj8vDHsk+ldIkWXAdGLKzFEH39H mt+yvY++ JoUmpo+zJWEgDgV+WLHydvlYeU/ePrHlToPwDv2CSfirWzbBUYsxoQlTPa8+DLmWlImFBf4v9gnr/pe6zwsHaMzgq8ZNSaWGvRVMX6bA2weCiAeFA0LHq8E/XOBiENXT7jIEaLElhp6KEBVSuOBgTaDBSUlKVr4AI7V0GXLSqiGmihrtU5UoayWJsn67FsSX+PnfokJpLRAzojRKZSGkEw+yF+N0lN6fr85fcuyyjtTXjGm4u6jH5UutDZA== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On 07/02/2025 08:41, Anshuman Khandual wrote: > On 2/5/25 20:39, Ryan Roberts wrote: >> A call to vmalloc_huge() may cause memory blocks to be mapped at pmd or >> pud level. But it is possible to subsquently call vunmap_range() on a > > s/subsquently/subsequently > >> sub-range of the mapped memory, which partially overlaps a pmd or pud. >> In this case, vmalloc unmaps the entire pmd or pud so that the >> no-overlapping portion is also unmapped. Clearly that would have a bad >> outcome, but it's not something that any callers do today as far as I >> can tell. So I guess it's jsut expected that callers will not do this. > > s/jsut/just > >> >> However, it would be useful to know if this happened in future; let's >> add a warning to cover the eventuality. > > This is a reasonable check to prevent bad outcomes later. > >> >> Signed-off-by: Ryan Roberts >> --- >> mm/vmalloc.c | 8 ++++++-- >> 1 file changed, 6 insertions(+), 2 deletions(-) >> >> diff --git a/mm/vmalloc.c b/mm/vmalloc.c >> index a6e7acebe9ad..fcdf67d5177a 100644 >> --- a/mm/vmalloc.c >> +++ b/mm/vmalloc.c >> @@ -374,8 +374,10 @@ static void vunmap_pmd_range(pud_t *pud, unsigned long addr, unsigned long end, >> if (cleared || pmd_bad(*pmd)) >> *mask |= PGTBL_PMD_MODIFIED; >> >> - if (cleared) >> + if (cleared) { >> + WARN_ON(next - addr < PMD_SIZE); >> continue; >> + } >> if (pmd_none_or_clear_bad(pmd)) >> continue; >> vunmap_pte_range(pmd, addr, next, mask); >> @@ -399,8 +401,10 @@ static void vunmap_pud_range(p4d_t *p4d, unsigned long addr, unsigned long end, >> if (cleared || pud_bad(*pud)) >> *mask |= PGTBL_PUD_MODIFIED; >> >> - if (cleared) >> + if (cleared) { >> + WARN_ON(next - addr < PUD_SIZE); >> continue; >> + } >> if (pud_none_or_clear_bad(pud)) >> continue; >> vunmap_pmd_range(pud, addr, next, mask); > Why not also include such checks in vunmap_p4d_range() and __vunmap_range_noflush() > for corresponding P4D and PGD levels as well ? The kernel does not support p4d or pgd leaf entries so there is nothing to check. Although vunmap_p4d_range() does call p4d_clear_huge(). The function is a stub and returns void (unlike p[mu]d_clear_huge()). I suspect we could just remove p4d_clear_huge() entirely. But that would be a separate patch to mm tree I think. For pgd, there isn't even an equivalent looking function. Basically at those 2 levels, it's always a table. Thanks, Ryan