From patchwork Thu Apr 4 17:17:26 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Lokesh Gidra X-Patchwork-Id: 13618092 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id E8A88CD1292 for ; Thu, 4 Apr 2024 17:17:39 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 626F16B008C; Thu, 4 Apr 2024 13:17:39 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 5D7B86B0092; Thu, 4 Apr 2024 13:17:39 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 49F3D6B0095; Thu, 4 Apr 2024 13:17:39 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0010.hostedemail.com [216.40.44.10]) by kanga.kvack.org (Postfix) with ESMTP id 2A62D6B008C for ; Thu, 4 Apr 2024 13:17:39 -0400 (EDT) Received: from smtpin26.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay09.hostedemail.com (Postfix) with ESMTP id 6F04E80E74 for ; Thu, 4 Apr 2024 17:17:38 +0000 (UTC) X-FDA: 81972506196.26.BF157E1 Received: from mail-yw1-f202.google.com (mail-yw1-f202.google.com [209.85.128.202]) by imf28.hostedemail.com (Postfix) with ESMTP id C1B63C0007 for ; Thu, 4 Apr 2024 17:17:36 +0000 (UTC) Authentication-Results: imf28.hostedemail.com; dkim=pass header.d=google.com header.s=20230601 header.b=JrTUmiXi; spf=pass (imf28.hostedemail.com: domain of 3r-AOZgsKCOIPSOIWLKMHVEKSSKPI.GSQPMRYb-QQOZEGO.SVK@flex--lokeshgidra.bounces.google.com designates 209.85.128.202 as permitted sender) smtp.mailfrom=3r-AOZgsKCOIPSOIWLKMHVEKSSKPI.GSQPMRYb-QQOZEGO.SVK@flex--lokeshgidra.bounces.google.com; dmarc=pass (policy=reject) header.from=google.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1712251056; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding:in-reply-to: references:dkim-signature; bh=2HQDqzTFjNbgMV4giF4EAYbuZ4iKPL9b9RZ9WT7F6E4=; b=4sMQ5sw3jgnwKMW0RDsjG2f47Feb/x9kgo/H8xg7bZ/DOLx8++9uGCntq1aujOqxJVmRyk PfUhBldv4cqunBOFtCpJWtferAsjeC+Ze0rkyvBGvhVtciYfD0e6ERolJetI/FzVQuZRO/ o05IuWvXf3iraCPN1DZGXgeKxOfTQkk= ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1712251056; a=rsa-sha256; cv=none; b=fNQteyezJsqA7kSDl/Bpyz7VUT5vh7yHRX6FxtQLNoh7gCyjLRUGUQrna2QdLwWgFdrLQV LBRlrErt0E4ovFCoSCY7323CX3maQwuh6hQoZLIIUf4O5N4cxn27XwBRTD4B05XUh3+hMm 68t9pOH45N/E5WHmvE1ehY5iLAnUlcg= ARC-Authentication-Results: i=1; imf28.hostedemail.com; dkim=pass header.d=google.com header.s=20230601 header.b=JrTUmiXi; spf=pass (imf28.hostedemail.com: domain of 3r-AOZgsKCOIPSOIWLKMHVEKSSKPI.GSQPMRYb-QQOZEGO.SVK@flex--lokeshgidra.bounces.google.com designates 209.85.128.202 as permitted sender) smtp.mailfrom=3r-AOZgsKCOIPSOIWLKMHVEKSSKPI.GSQPMRYb-QQOZEGO.SVK@flex--lokeshgidra.bounces.google.com; dmarc=pass (policy=reject) header.from=google.com Received: by mail-yw1-f202.google.com with SMTP id 00721157ae682-60a61b31993so21651857b3.1 for ; Thu, 04 Apr 2024 10:17:36 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1712251056; x=1712855856; darn=kvack.org; h=cc:to:from:subject:message-id:mime-version:date:from:to:cc:subject :date:message-id:reply-to; bh=2HQDqzTFjNbgMV4giF4EAYbuZ4iKPL9b9RZ9WT7F6E4=; b=JrTUmiXinTPRi3dLF9H/x6aFZAeG9nIbo437IoKeDUgRSlmb+PAZHZ6ENDa3xTn+Z2 owf/x795/6jQbZoRJiXBM2jBITXoA5/dOF2j80Sl+4UxC44LPHPcubbY4a/UOwb0XmZ7 hjwUC6e29tvAOfzIuVaIAvkaP930Rsm1FgrGo8KVB3F4HqM758ifx5Im1pRlpzaKvd2Z rhlaPRa5lUQn4i7jLsOT/VSo329ZqXghMV2bEFJtoKoz+TGSDKwc8Ir6vr2IDtrfMKb5 rIxpPS2e6tQRPa18RT0jsjVTB8FII1BYjomm4KEmX3MDwBxS83KKuzZLBBAK5Use1Hfb 3VhQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1712251056; x=1712855856; h=cc:to:from:subject:message-id:mime-version:date:x-gm-message-state :from:to:cc:subject:date:message-id:reply-to; bh=2HQDqzTFjNbgMV4giF4EAYbuZ4iKPL9b9RZ9WT7F6E4=; b=tbZUydDm1CBRjsAnM+4g95igOD4mzW5VZIvqDUpSYPlzxB93Z4fQWRlcp4zgjVRdOc 9BKdY4Qb0QOHlnRB0WAhY8oe9/NGnz0SrwqYN1vQsbRcYEjbekqui2TrrJnkaD72cm6F ev1p+K416sBb5EXq3+6mRGfGelzqPVTtaHObuJj9FeOocvcFQ7PyQ1pZuD2iMG9oqGmZ 7ke6+aWBo7qUFj5aMmp8GNBs0eR8H73+7NuVI1PiIW4/48BcAwrhpTowN7SERNhB4fYI Njazvd5JzOFGZxc3CTMNgB0H4FHQ86ej4l1Z3X9lQ6ZD/1Khp5fw+55pPPXW10QHBLst ADUA== X-Gm-Message-State: AOJu0Ywlx7s9YRo8mQQL9v29LSTTm+2ExllzxNUfPPlvbTG1CMrY2xrQ /iyMfI36o9+naXV7QgeIaodz+WpuasAhuD6sr0lDx4gLMVumkPvAME28HtLWZnjUGomEEiVCMC2 ZXqpXSsvVnfpUDUDerTb9xQ== X-Google-Smtp-Source: AGHT+IEj+hRLWesrgPpJFC7CIVqj9Dom65rQyl8Tl8TbY/1KOeBAJ8t7Hc5dczRRpk4ua4tLB0Z7mXt0bzzzGkbIxw== X-Received: from lg.mtv.corp.google.com ([2620:15c:211:202:b773:c760:3ce4:2d5c]) (user=lokeshgidra job=sendgmr) by 2002:a0d:cac7:0:b0:615:e53:1c1 with SMTP id m190-20020a0dcac7000000b006150e5301c1mr42846ywd.7.1712251055864; Thu, 04 Apr 2024 10:17:35 -0700 (PDT) Date: Thu, 4 Apr 2024 10:17:26 -0700 Mime-Version: 1.0 X-Mailer: git-send-email 2.44.0.478.gd926399ef9-goog Message-ID: <20240404171726.2302435-1-lokeshgidra@google.com> Subject: [PATCH] userfaultfd: change src_folio after ensuring it's unpinned in UFFDIO_MOVE From: Lokesh Gidra To: akpm@linux-foundation.org Cc: linux-mm@kvack.org, linux-kernel@vger.kernel.org, surenb@google.com, kernel-team@android.com, aarcange@redhat.com, peterx@redhat.com, david@redhat.com, zhengqi.arch@bytedance.com, kaleshsingh@google.com, ngeoffray@google.com, Lokesh Gidra X-Rspamd-Queue-Id: C1B63C0007 X-Rspam-User: X-Stat-Signature: fp3sb4wdomx6hpth4pmo8b5idwysctty X-Rspamd-Server: rspam03 X-HE-Tag: 1712251056-454006 X-HE-Meta: U2FsdGVkX19BXpHOjaET1QYySVXaD6kqn2TsXybKWVTZsc82m1ngXismGvGE71Lqqv90ZFJ2S8YP2Ey+VG8LOCze1lCcN9CAr8hrwMfX5to/9KlgrOlvSGIJyQBNriUyeV0dAm2d5tLqH8Xt4EfNQkDzq0jXFIRtYJUaYCFAnk1T+dj97/kp+uZB9l+7EkNMAax8kAkzbuZNmmZ36YO15FYOZYoJObZT2XDMVHDgK59dS93CgM9eL4kTZhWzj/OwQc7VAiWgY4dUi+lOP2jdy+Qi7/YciWM5nImSoNbcMraydJaO8jBgS772EVO0OugI2FmYZep8lUrCq2sErnh8Z1PNjCuoUqhCq38yoS8VHFVLnhwO/LZGidQWgVnxFqwLRusnevvvLlicUG6ga/HDA/bTginDO+OrakPaUq+4auopqv01j6KuXEaIpvTsMQf8CdGy579zHxRLI2nushGheUQnWPNOREOb+FVCWNmHbQdok0JsUXRexQeWtA42ZnzYrZInVY0Zm6AM4h4CyYFD4+8OPj3CymUgUBo0n5d13MuVhQlJWQxX9j992qZ1YjiwtIoBW/qJOCdyReWKhjod0EufEyESsm9j0E9tb+xpsgP8tJlLW8FPAtxvswPiVAUb8nAisjmLstgnvYFKXg01shTGewqIvVNCBvHMMJU0tg0O8Nv8l6h7YpaQCpffj2YgGPIwqEyjLU0WvFep5xto16iRoehICCVf1l139Pz+aTZ8iEVw/1LrkV+VOJqmvjKBnLqhkFsP5dsE51Z+zYlX+KZ8j8Hecy64tvreFmTT4QnTvsMNHRQlzhLxm/qiPBIOX7Ca1TSSDA+F5/IJ+4oFhGPrySLo1wfDx6Tj8MciHt07cnR/P01ok7wuLU0fU/F8KzEAUrU9OO9fsp/bx+xnrosMBFHlGP7xGJxFeeZiqRwGItYM33BBi6BcsM+ro8nepQAD25yUd3T2JRWLYcz oOAIRg3y ZJCbZG7lvBX9vQQDJhnMou72PdQQ6pMUOwWH1J+knkUi+1o+YAJ64+iJ1NVVkNvpr9CZxtf+1BINsH9PfHjqMwQ5ereaCP4aHposBfBBWUqSkxpWuHQsp3DaqW2MfP/S+wvktqhvJgkWWMiI92X1QXiuvtQhujFTkWkanxRCtFjU1B2iMRweCnVoSRReaLJiyN6L8O+YwKQEL8Vt1+zsb1cl16AEfDtS0vlWK3DyhmEv4X4hqmp30U3WEXrb0oG+KcopSg7C6Y91LcLKXZej+WXxmYxenCB+YmgtoJUH6/nWktZAzDHXSP+qqlzaGlUhsOR0gV7VlmupFfc1fFOacd6YPWF6KpSb9AqXxB1myXVZIvplZLRe7zkaEyz4BQ9og0p4oJ4967CWxYjHuIn9pJSp83Pt7qITriS71rfpRBQCTfuu7rVnwiKAR/m+rmGJc2FO0tgRzttUpW8TY1WecgZ/5ucviJh11+li0gbl81ZnRN3P0jm+nRHtpbh4SheknpsoQrVvSSTf/hgf1Dvpn4p/MRZJLcqxr77M1d5axNIJiboHXO1u21MIWV+ypx+Yw6kSPMoo6Qh2DJTBVE6KUHv3qXjiZRAT581NwDotAb8anvp6qu6fVb3l4jf2/2mnUH6LwVs8CKDRAw0aW7inD3ZXDCm5IAEqj2+lBVBiu3G4kcyFD9cc6QUOB7oEO2T3J2prJ X-Bogosity: Ham, tests=bogofilter, spamicity=0.010627, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: Commit d7a08838ab74 ("mm: userfaultfd: fix unexpected change to src_folio when UFFDIO_MOVE fails") moved the src_folio->{mapping, index} changing to after clearing the page-table and ensuring that it's not pinned. This avoids failure of swapout+migration and possibly memory corruption. However, the commit missed fixing it in the huge-page case. Fixes: adef440691ba ("userfaultfd: UFFDIO_MOVE uABI") Signed-off-by: Lokesh Gidra --- mm/huge_memory.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/mm/huge_memory.c b/mm/huge_memory.c index 9859aa4f7553..89f58c7603b2 100644 --- a/mm/huge_memory.c +++ b/mm/huge_memory.c @@ -2259,9 +2259,6 @@ int move_pages_huge_pmd(struct mm_struct *mm, pmd_t *dst_pmd, pmd_t *src_pmd, pm goto unlock_ptls; } - folio_move_anon_rmap(src_folio, dst_vma); - WRITE_ONCE(src_folio->index, linear_page_index(dst_vma, dst_addr)); - src_pmdval = pmdp_huge_clear_flush(src_vma, src_addr, src_pmd); /* Folio got pinned from under us. Put it back and fail the move. */ if (folio_maybe_dma_pinned(src_folio)) { @@ -2270,6 +2267,9 @@ int move_pages_huge_pmd(struct mm_struct *mm, pmd_t *dst_pmd, pmd_t *src_pmd, pm goto unlock_ptls; } + folio_move_anon_rmap(src_folio, dst_vma); + WRITE_ONCE(src_folio->index, linear_page_index(dst_vma, dst_addr)); + _dst_pmd = mk_huge_pmd(&src_folio->page, dst_vma->vm_page_prot); /* Follow mremap() behavior and treat the entry dirty after the move */ _dst_pmd = pmd_mkwrite(pmd_mkdirty(_dst_pmd), dst_vma);