From patchwork Tue Apr 18 08:40:31 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: David Stevens X-Patchwork-Id: 13215244 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 00FB8C77B78 for ; Tue, 18 Apr 2023 08:40:58 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 05C316B0071; Tue, 18 Apr 2023 04:40:58 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 00CF66B0072; Tue, 18 Apr 2023 04:40:57 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id E164F8E0001; Tue, 18 Apr 2023 04:40:57 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0016.hostedemail.com [216.40.44.16]) by kanga.kvack.org (Postfix) with ESMTP id CF2FD6B0071 for ; Tue, 18 Apr 2023 04:40:57 -0400 (EDT) Received: from smtpin22.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay09.hostedemail.com (Postfix) with ESMTP id 9538B801FE for ; Tue, 18 Apr 2023 08:40:57 +0000 (UTC) X-FDA: 80693866554.22.199C425 Received: from mail-pf1-f179.google.com (mail-pf1-f179.google.com [209.85.210.179]) by imf30.hostedemail.com (Postfix) with ESMTP id A5A6A80006 for ; Tue, 18 Apr 2023 08:40:55 +0000 (UTC) Authentication-Results: imf30.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b=ageKEel5; spf=pass (imf30.hostedemail.com: domain of stevensd@chromium.org designates 209.85.210.179 as permitted sender) smtp.mailfrom=stevensd@chromium.org; dmarc=pass (policy=none) header.from=chromium.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1681807255; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-transfer-encoding:content-transfer-encoding: in-reply-to:references:dkim-signature; bh=olmN5gzlqP0NhrI47T0CCa7149+yb2ZCju0LTQmGI+4=; b=M67mjN1Z8VedN4VNsU4AExtNuxoWsbaMO8mZL5tJx8uSIEjFPC/TVTu0v3fVF43zTWIQFZ B3kCkCo8PvmZXLyergexj83a6iVPkR7Dg8VdH1IojqNVbFG1PLMb13fpYw3IFkNxyzF/59 JqRsV7vhFDmIw0yzuXfNrmHWXRgLXJI= ARC-Authentication-Results: i=1; imf30.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b=ageKEel5; spf=pass (imf30.hostedemail.com: domain of stevensd@chromium.org designates 209.85.210.179 as permitted sender) smtp.mailfrom=stevensd@chromium.org; dmarc=pass (policy=none) header.from=chromium.org ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1681807255; a=rsa-sha256; cv=none; b=eOv/JQEXr4JKfvgrlmW+Kuf1XnV57gJn/YcYuQ4IQK4yL5Y1N92xPSUvB6A5/BEeIzHX3l jJ+ieCm8729vc3zDIe34QxhlTCPFZhEmH6vLQAiYEfuYQCIuxBNs5yDLoUUvo7qRpcDCTV emy0gMGKDnr49rcf/ftl7n3K+w50aZI= Received: by mail-pf1-f179.google.com with SMTP id d2e1a72fcca58-63b4dfead1bso1661694b3a.3 for ; Tue, 18 Apr 2023 01:40:55 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; t=1681807253; x=1684399253; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:from:to:cc:subject:date:message-id:reply-to; bh=olmN5gzlqP0NhrI47T0CCa7149+yb2ZCju0LTQmGI+4=; b=ageKEel5fyZv58tT025n8lqnZUiQ+cxCGVdQkICI1dh7J7VmSwxtTivqmdjU79I/Qo vpCBbkdrkJTlMQgLIbzVqr3aFjxx1zPt56ImFdKa4upwf3xN3L+p3gif4WHtLXkkG+t3 Qx0i5U3/lCXRFCZn4698WdTVFJFunG2ubvagU= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1681807253; x=1684399253; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=olmN5gzlqP0NhrI47T0CCa7149+yb2ZCju0LTQmGI+4=; b=NSjivpC798AgBupK+c5z7KhYjGJwATO2mmZR9eXnTVQD1wO9tekYe/sPnkYTGeUBA/ uxL//Ce27H+ai5+A7+8X6oDHQs82mYbSxCbvj8mErsDdXKNp2zNMY8AGPBpqB+ePHHoT rGIlJo09yNpcvCE+jOeraeZ25vNthGJq6la6PTCNnPQd0vheE/UvwIiLw/FNBYeqmJT+ v5S/+sDrYSaaYESb1HZ/y3Hl/A7N6gfCo5/jbZI8IbUsdUJmDFNtg5r0dA+rlQEcpKK7 VmglaY8RRhiZx0KCw+JVOu8bDUbJ+G62vexX8HXodA4xdAwM7cYFlggN2fMMZsuBYpM5 912g== X-Gm-Message-State: AAQBX9ejOIuQjDrN+XklGuDyE5MGpldyIMgR+rO+ENPYGd+QhCcRq9qb cyMG756d59B+DXOI3mdoI36tWceW5F3M9+wytQA= X-Google-Smtp-Source: AKy350ZxonPvBGz2w+q2ydfxziDS0CMMutHh8UVXMlDu7WQu9HDpm3Lk0fD6oTQLzVjEnx6nyC+jCA== X-Received: by 2002:a05:6a00:2390:b0:636:e0fb:8c44 with SMTP id f16-20020a056a00239000b00636e0fb8c44mr26317272pfc.12.1681807253493; Tue, 18 Apr 2023 01:40:53 -0700 (PDT) Received: from localhost ([2401:fa00:8f:203:7254:8270:74ed:755b]) by smtp.gmail.com with UTF8SMTPSA id y3-20020a62b503000000b00625b9e625fdsm9007639pfe.179.2023.04.18.01.40.51 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Tue, 18 Apr 2023 01:40:53 -0700 (PDT) From: David Stevens X-Google-Original-From: David Stevens To: linux-mm@kvack.org Cc: Andrew Morton , "Matthew Wilcox (Oracle)" , Suleiman Souhlal , linux-kernel@vger.kernel.org, David Stevens , stable@vger.kernel.org Subject: [PATCH v2] mm/shmem: Fix race in shmem_undo_range w/THP Date: Tue, 18 Apr 2023 17:40:31 +0900 Message-ID: <20230418084031.3439795-1-stevensd@google.com> X-Mailer: git-send-email 2.40.0.634.g4ca3ef3211-goog MIME-Version: 1.0 X-Rspamd-Queue-Id: A5A6A80006 X-Stat-Signature: gy9i7kjutqrjj8g6fx9r4cg8onrt3ae4 X-Rspam-User: X-Rspamd-Server: rspam08 X-HE-Tag: 1681807255-627515 X-HE-Meta: U2FsdGVkX19pZ+1oThWBjaMEbF5I6gON0jfDE+w6pDiANRLoaX7wmJMHKXj6q3FCgCqPdUBRjoSzAkewRPBsnDFF/RpkTqk3CmZglpFw8MZcFS4EBudnvbb3uD3C0BywIbqS1DUhpOAJYS36wRnshXgP6Y88PA8ryqXi1BsSbUBVZn5CsxII59Ew4X0XPhn5/r3H5T4Z4iCbSQFF2oWY0tg16DjT1VZkhMHP4uiYNqi78YxMWYxyMB0/jH4hIUI0lPKSP1BVKhJUTdhUGrwjrLVyICn5D66HXhM7xOYg7vuLORDPIDOtzcSzGSWc+mEc36wS+kTsqfbupe2nc1Ai4PARlsYxourwLUwkrkWezX5FYmS8zAOhxHJ8SzBA7j11MIPYlaMGW2d6xIY8PKbA1gNpfkkxPVrvPLplx4dQGz+59wdhzEaQJzM/HEf06u7moG3mNGR1cKnHPyB13Y3rpNeL+8yfIC41nzEyS08Wy89WCH4yilZyzivjpIeuwMwqFC1KqXcZNz4QXjBTuavddfCReq5yZsaUzujlYefChvonfJxQ/2T5FAggRajOGm9afcakeJo+R/ksEVOglx16+VvYiEWC46wKsOwOA+/y+Dk0k5/9BIqACVokbn++jEPsQ2g7iOjGKzyrae+7a3KuCrXrfTJoyIPSlxuGtS8Z+7YMraoCVGavb0fwQCPwRGnK0TbPR+zDiquQL5WTuBwe6O8OgfMxCr4+H0FLO0QtcOMK67u/5pqiEVUZiUWidU2x9G7DKt2jdQzil/5eT3+DmLO2KLKdzMVeRQ+4orq3+w0Ag+AqnQE+YRG0a7i/CvmCQPn2a8Mi6OPSyf8RWhinRN7NuQnbwvdggW7VAVlsUNhWUwUSidbqDJ0NgM5YsK/gBVowLXuuYz4Z4N4edowzgNeOmq8XFEMjGb1Cbx62pmUWK7wI2ks6pejZA+WLrwJ6GAlFLmbPnGU8Wy3kaYO JdB8Yp3V bkvrnKZbAB1JMgCfB7/IxdQt8To1RHuwFuTbM4m9+sCMa13fYOAtwhAxx++HZNm4JHT6I8Ku/t65E6vl0fqRnFjuEjzga5YsUcYaN1RLr0aVy4vqXwTXqUn6XGa4ZkdHvRwvY2b3DZ+cZVMc5e2BAEOKyJqu1XSutxvGXFs/q+Lxo9n5QpVCkK/0S44SWiaUODwCyjIDlBVaRY7PYh4Lq4gQSBzBQF3HJSwq0I+kLKjF9Z43BVF/3EaOSECdvPFFYH1GS6W0hS/hKdCcfH2wpMDgh8a32G41sY69l/I81FlmjhuxuHkkdkwN4ODFc0cY67GW6qOUSnoCL/oKFusrBZavqltNpxEm5JvBkF3HemFe5WozSGqK+hWsPwU+CqFzQphhIfALJaQov4LN60vCRZXT+bd0O/6rxDqzSkxydQfx7gBfIq8AsL/PN87bETMsvCQGGMle65DIrh9s= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: From: David Stevens Split folios during the second loop of shmem_undo_range. It's not sufficient to only split folios when dealing with partial pages, since it's possible for a THP to be faulted in after that point. Calling truncate_inode_folio in that situation can result in throwing away data outside of the range being targeted. Fixes: b9a8a4195c7d ("truncate,shmem: Handle truncates that split large folios") Cc: stable@vger.kernel.org Signed-off-by: David Stevens --- v1 -> v2: - Actually drop pages after splitting a THP mm/shmem.c | 17 ++++++++++++++++- 1 file changed, 16 insertions(+), 1 deletion(-) diff --git a/mm/shmem.c b/mm/shmem.c index 9218c955f482..226c94a257b1 100644 --- a/mm/shmem.c +++ b/mm/shmem.c @@ -1033,7 +1033,22 @@ static void shmem_undo_range(struct inode *inode, loff_t lstart, loff_t lend, } VM_BUG_ON_FOLIO(folio_test_writeback(folio), folio); - truncate_inode_folio(mapping, folio); + + if (!folio_test_large(folio)) { + truncate_inode_folio(mapping, folio); + } else if (truncate_inode_partial_folio(folio, lstart, lend)) { + /* + * If we split a page, reset the loop so that we + * pick up the new sub pages. Otherwise the THP + * was entirely dropped or the target range was + * zeroed, so just continue the loop as is. + */ + if (!folio_test_large(folio)) { + folio_unlock(folio); + index = start; + break; + } + } } folio_unlock(folio); }