From patchwork Mon Nov 26 17:34:52 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrea Arcangeli X-Patchwork-Id: 10698867 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 13ED613BF for ; Mon, 26 Nov 2018 17:35:15 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 0136029F76 for ; Mon, 26 Nov 2018 17:35:15 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id E9FF229FD7; Mon, 26 Nov 2018 17:35:14 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,MAILING_LIST_MULTI, RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 8AA6029F76 for ; Mon, 26 Nov 2018 17:35:14 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 0FDAC6B42D1; Mon, 26 Nov 2018 12:35:02 -0500 (EST) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id 02B866B42D3; Mon, 26 Nov 2018 12:35:01 -0500 (EST) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id D05186B42D4; Mon, 26 Nov 2018 12:35:01 -0500 (EST) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-qt1-f199.google.com (mail-qt1-f199.google.com [209.85.160.199]) by kanga.kvack.org (Postfix) with ESMTP id A1C2D6B42D1 for ; Mon, 26 Nov 2018 12:35:01 -0500 (EST) Received: by mail-qt1-f199.google.com with SMTP id w1so5145441qta.12 for ; Mon, 26 Nov 2018 09:35:01 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-original-authentication-results:x-gm-message-state:from:to:cc :subject:date:message-id:in-reply-to:references; bh=rdn8X4fdbwOWmWDhsswjLhcYSPpV/bWEy+t2pqaKdjo=; b=HA7mjic5cQLlGtqCp/Swz0hGivfGq5zC8zLTfAGb+LJEPhgs4T54wLztwJojp9I6WX nY61W3tTQ8PERSgWMlKUPb6a0gbfbg88fCfUy/JEtMO4KhymlM/40wFuBuQKLy+C0q9Z RmD/r0amnrqbGT7CX+hTjgvQ/rAV2RBbC1VGk1GgSzusykhmUxyComCppg00lObMiCR2 0ftF9LJ8uN7iabVSxgh90nc/51ZdUQdi4yvGgBAzxNTq/40L0LeVAnU/xwAW39c4rL4d GY0+AsuyvziBZYcBysHNdVAVOMM2sP6/L5C8DLomyJ4slSPJ9zqVU6VG86MN3cJufWMW BFPQ== X-Original-Authentication-Results: mx.google.com; spf=pass (google.com: domain of aarcange@redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=aarcange@redhat.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com X-Gm-Message-State: AA+aEWZty/wTc+96OGx0xxgdEmZg7OHezBfMLsFnmSpxX6F5evhFm4D5 jZJtvPp1eaSo6+e5PFo4Qv+++ZZmfe+Ku1nZiC5gSovdZbWFUg5CeHY7Rvzndt/vdImnqsR7ngd QIngGgbX6PualUifjo/BDfrxVpn1bAH41ipggdRIVNppF8DmSkEWqzV2APmsCu/Dt/Q== X-Received: by 2002:a37:848:: with SMTP id 69mr25967643qki.351.1543253701400; Mon, 26 Nov 2018 09:35:01 -0800 (PST) X-Google-Smtp-Source: AFSGD/WhY0Samh9YIwBZ7H0rbVDd0vGkiojhbAingrBYsnZYEWbDXs9ZD0C0Dx7J1kqOKQvfnQCW X-Received: by 2002:a37:848:: with SMTP id 69mr25967587qki.351.1543253700648; Mon, 26 Nov 2018 09:35:00 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1543253700; cv=none; d=google.com; s=arc-20160816; b=WSBp5C4EnSQ7qyx7WHM8xK7DhF90V9ei4+EGy0xO5TS7JC7HxYILwOgjsMMS1T7asG PK25YGGBX4D/x6Fpa7X3wgWmMX0+q39wjIoyPImVrxSVjHDVNIbWshMSQtNWYhh/9mAu kaAIbgdqupNI8CdPvEGEFHOan5iK9L1x4puNkz8t6Ck/1gc667KcbnNFr7xsAb3HlwUm W6fvYyBsoED7iTvIS3/tHUp2RoSUepNot3Q1RCIbTUWRvhhk1WLxrxCyWm+uhBMggprz UhaHLJXUTuoqv45ngc/65HrnLcwu/R+nEKR07OiaspCovnqqd56y117GsfVdabGoxqS0 rSIw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=references:in-reply-to:message-id:date:subject:cc:to:from; bh=rdn8X4fdbwOWmWDhsswjLhcYSPpV/bWEy+t2pqaKdjo=; b=GHrPIuB5d4Y+qRZp6ozmEcdLslQCFglykZNW1EQKrmeCzxThwNnu1Wxv1kI3jcLa9Y Ra22ymp3cQkKDUJa35B55G/g5QNk1Y3Or/oJLduVvDpHJax6VcFIXqoIw1aU913eRJZq WwdTDTyP1YIRka+YV/oh3o7FfQj5AZG+ofv92ADFa5RZUhOJCjHW5Txpf1kQsVFn4Qhs adcayuMNvB7JbJ38NmWq4ueYU/yPEve/CWYDZlGb9NwXH1rS6HAnevupFAYqhgplbQIr K2eue1gtNNdQCzwHE1KHZUxODCUCu92rcg11hYxXaeLpqm31kxtDxq3jnVjZjFe2UG9f yflA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of aarcange@redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=aarcange@redhat.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: from mx1.redhat.com (mx1.redhat.com. [209.132.183.28]) by mx.google.com with ESMTPS id e24si690728qtp.141.2018.11.26.09.35.00 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 26 Nov 2018 09:35:00 -0800 (PST) Received-SPF: pass (google.com: domain of aarcange@redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; Authentication-Results: mx.google.com; spf=pass (google.com: domain of aarcange@redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=aarcange@redhat.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com [10.5.11.15]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id CA8F580F8D; Mon, 26 Nov 2018 17:34:59 +0000 (UTC) Received: from sky.random (ovpn-120-160.rdu2.redhat.com [10.10.120.160]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 7B942173DF; Mon, 26 Nov 2018 17:34:56 +0000 (UTC) From: Andrea Arcangeli To: Andrew Morton Cc: linux-mm@kvack.org, linux-kernel@vger.kernel.org, Hugh Dickins , Mike Rapoport , Mike Kravetz , Jann Horn , Peter Xu , "Dr. David Alan Gilbert" Subject: [PATCH 5/5] userfaultfd: shmem: UFFDIO_COPY: set the page dirty if VM_WRITE is not set Date: Mon, 26 Nov 2018 12:34:52 -0500 Message-Id: <20181126173452.26955-6-aarcange@redhat.com> In-Reply-To: <20181126173452.26955-1-aarcange@redhat.com> References: <20181126173452.26955-1-aarcange@redhat.com> X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.27]); Mon, 26 Nov 2018 17:34:59 +0000 (UTC) X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP Set the page dirty if VM_WRITE is not set because in such case the pte won't be marked dirty and the page would be reclaimed without writepage (i.e. swapout in the shmem case). This was found by source review. Most apps (certainly including QEMU) only use UFFDIO_COPY on PROT_READ|PROT_WRITE mappings or the app can't modify the memory in the first place. This is for correctness and it could help the non cooperative use case to avoid unexpected data loss. Reviewed-by: Hugh Dickins Cc: stable@vger.kernel.org Fixes: 4c27fe4c4c84 ("userfaultfd: shmem: add shmem_mcopy_atomic_pte for userfaultfd support") Reported-by: Hugh Dickins Signed-off-by: Andrea Arcangeli --- mm/shmem.c | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/mm/shmem.c b/mm/shmem.c index c3ece7a51949..82a381d463bc 100644 --- a/mm/shmem.c +++ b/mm/shmem.c @@ -2272,6 +2272,16 @@ static int shmem_mfill_atomic_pte(struct mm_struct *dst_mm, _dst_pte = mk_pte(page, dst_vma->vm_page_prot); if (dst_vma->vm_flags & VM_WRITE) _dst_pte = pte_mkwrite(pte_mkdirty(_dst_pte)); + else { + /* + * We don't set the pte dirty if the vma has no + * VM_WRITE permission, so mark the page dirty or it + * could be freed from under us. We could do it + * unconditionally before unlock_page(), but doing it + * only if VM_WRITE is not set is faster. + */ + set_page_dirty(page); + } dst_pte = pte_offset_map_lock(dst_mm, dst_pmd, dst_addr, &ptl); @@ -2305,6 +2315,7 @@ static int shmem_mfill_atomic_pte(struct mm_struct *dst_mm, return ret; out_release_uncharge_unlock: pte_unmap_unlock(dst_pte, ptl); + ClearPageDirty(page); delete_from_page_cache(page); out_release_uncharge: mem_cgroup_cancel_charge(page, memcg, false);