From patchwork Fri Nov 22 15:40:31 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Alice Ryhl X-Patchwork-Id: 13883307 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id DB959E6916D for ; Fri, 22 Nov 2024 15:41:22 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 09D638D000C; Fri, 22 Nov 2024 10:41:22 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id ECE548D0007; Fri, 22 Nov 2024 10:41:21 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id D460C8D000C; Fri, 22 Nov 2024 10:41:21 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0010.hostedemail.com [216.40.44.10]) by kanga.kvack.org (Postfix) with ESMTP id AFF4E8D0007 for ; Fri, 22 Nov 2024 10:41:21 -0500 (EST) Received: from smtpin17.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay02.hostedemail.com (Postfix) with ESMTP id 6B66B121929 for ; Fri, 22 Nov 2024 15:41:21 +0000 (UTC) X-FDA: 82814141340.17.DABF9F6 Received: from mail-yw1-f201.google.com (mail-yw1-f201.google.com [209.85.128.201]) by imf14.hostedemail.com (Postfix) with ESMTP id 07463100004 for ; Fri, 22 Nov 2024 15:40:16 +0000 (UTC) Authentication-Results: imf14.hostedemail.com; dkim=pass header.d=google.com header.s=20230601 header.b="Qz/tDIxH"; dmarc=pass (policy=reject) header.from=google.com; spf=pass (imf14.hostedemail.com: domain of 3HKZAZwkKCKsLWTNPcjSWRZZRWP.NZXWTYfi-XXVgLNV.ZcR@flex--aliceryhl.bounces.google.com designates 209.85.128.201 as permitted sender) smtp.mailfrom=3HKZAZwkKCKsLWTNPcjSWRZZRWP.NZXWTYfi-XXVgLNV.ZcR@flex--aliceryhl.bounces.google.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1732289939; a=rsa-sha256; cv=none; b=Eo2ABd4dvsxzcBRd/NEwhZAHA27/vNdYuT21Q36z5xpm1vTRb9E3A0UEw+vm44Rq7gqjOo VZJ92meALJxtNU3SaWGDNSbJwmFTlhAfTk5lyClEbIzJ6A/rjMMFHFOSfkFbvmWwyOU+Pr asFxEIM1SnQ6icHjGsGRcnEb/9ggeRE= ARC-Authentication-Results: i=1; imf14.hostedemail.com; dkim=pass header.d=google.com header.s=20230601 header.b="Qz/tDIxH"; dmarc=pass (policy=reject) header.from=google.com; spf=pass (imf14.hostedemail.com: domain of 3HKZAZwkKCKsLWTNPcjSWRZZRWP.NZXWTYfi-XXVgLNV.ZcR@flex--aliceryhl.bounces.google.com designates 209.85.128.201 as permitted sender) smtp.mailfrom=3HKZAZwkKCKsLWTNPcjSWRZZRWP.NZXWTYfi-XXVgLNV.ZcR@flex--aliceryhl.bounces.google.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1732289939; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=L4qSVcgbBLdeeMk9S8eo1cKOTa/uPhWh7RI1+zhYfKE=; b=KewzLiGLwHBFCSZX26fxCAUVwuC4h4EtnsxFAfUvoNeLH+c3dHbuIiylB/wudyHu2aa96E fH1yfGn/q2y9tqleAsS5Sbt/l4z7SfYb1zGJKfRN7EzF+CNp5qwO4Q/CIMo5aCl4PAsF7v s1ekg/dl051ZdVDIJCH20+Hu8aDjiXg= Received: by mail-yw1-f201.google.com with SMTP id 00721157ae682-6eeb5ee73f0so35145487b3.3 for ; Fri, 22 Nov 2024 07:41:16 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1732290076; x=1732894876; darn=kvack.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=L4qSVcgbBLdeeMk9S8eo1cKOTa/uPhWh7RI1+zhYfKE=; b=Qz/tDIxHF6gL0pzPVIBA2qbi42wyBN7Uw+fZzV8a70OZTxnd9LRl57CXxWWC5EZ7d9 r5pleRaKlfVb597y0e5n9l3OqKDnp/hCXBre1ZTmA+yT6WKzGH6Qi8da0TqXXeb71iDw g4P4jCjJuqfRU4zO6qpOzXVGcmGpRzeKlEfLdH3FouBBD/LxWlbhxLP8OqJof/AAiPWh RAeH7ym60u6/eOpwRPjUpOusJidTmsAxZKv4osFQFiMdQJ3ttN3y/sfBhxoE+cDh3akW SoxhXJQL/WfQwu+0qRcUo2ngz/oJ3I78PMhj0voTCek+CWzZ6IZOKBRbGTMJGt3KT/uV U3EQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1732290076; x=1732894876; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=L4qSVcgbBLdeeMk9S8eo1cKOTa/uPhWh7RI1+zhYfKE=; b=ahcvZsO0tmUHX6uRzZHhzRfERPWzJFGVI/Eo5ultU6L48Wf73Y/vZKth9wlp7zbz0W IuRXZNDqm/40Krn3Qb4aUVXCTN4fncZ7ysl12Diva4RUgDzrQkFO7cE8MjzrwklpjDwW fthflorFAH7TjW0nmQfJysltBIPbFmPsLrnAX10Jsxx+1Iggen8mU8joGgcSZVeezRPP /W8Guqs6LGUF+O8iAupR94WajoMkbW7/pohdtI7DIfl79qqeDBUuEucUF+mkRx2qUvCb Ln3B5Idav3MLDrEen/Us80SVUDjYZGq0SiaiV61DhEXkHkKrDZ3rpe9w+eXJ2VLkzUh2 qm8g== X-Forwarded-Encrypted: i=1; AJvYcCXGuP6iaBgoaM3ZvR7gZPnXZLNCt6VRWIjB7wqSNm6eqwBNZUm3HlbLGlTBsznVsRnjdgPJziR1fA==@kvack.org X-Gm-Message-State: AOJu0YzmIT/Aiiu/1NRu7Pjd+2hsQtMuCsNyn/MVu+PPak3L93Xhne7F dOeZ/QiVHLfYcfe+d3snJ62FFkzW6MrmBRJ0Ge9Zp8RgmGoOIy9fhSP3B+2Q9HC9+Y269gbj7ay IQ0x6QxoYUdjPbw== X-Google-Smtp-Source: AGHT+IEzCJ8qWwWmshtRsITg+icfUQjN5P4TA8fmdquEW+McT4r0JS2lWAyQ7jrcDuQUs5kS2JoVK2CCYBJKDgo= X-Received: from aliceryhl.c.googlers.com ([fda3:e722:ac3:cc00:68:fe9:ac10:f29e]) (user=aliceryhl job=sendgmr) by 2002:a81:d809:0:b0:6e2:12e5:356f with SMTP id 00721157ae682-6eee0a3cd59mr78657b3.3.1732290076176; Fri, 22 Nov 2024 07:41:16 -0800 (PST) Date: Fri, 22 Nov 2024 15:40:31 +0000 In-Reply-To: <20241122-vma-v9-0-7127bfcdd54e@google.com> Mime-Version: 1.0 References: <20241122-vma-v9-0-7127bfcdd54e@google.com> X-Developer-Key: i=aliceryhl@google.com; a=openpgp; fpr=49F6C1FAA74960F43A5B86A1EE7A392FDE96209F X-Developer-Signature: v=1; a=openpgp-sha256; l=7936; i=aliceryhl@google.com; h=from:subject:message-id; bh=8XMIdsAyhjsVKz2sE1Ods0Tz2Vq4I2NxznUSr3oMZoc=; b=owEBbQKS/ZANAwAKAQRYvu5YxjlGAcsmYgBnQKYKwgMhFK1o/1aUXbls2k8sejghL5FzITqk6 S2R7cFzIkiJAjMEAAEKAB0WIQSDkqKUTWQHCvFIvbIEWL7uWMY5RgUCZ0CmCgAKCRAEWL7uWMY5 RgGdD/4iPoTTUbdLe33P5pBqMrDOdAKUntngkTdsYYX2OucalMMc62TwR9LizWRDXfNwM/sGDD/ 87pFB785Ie1GL1dBGmpBpL8gr8XP08IDdKU9PYdiWkrcl1M857BBrRZr5fvznourPha8Ge75nMF fUYwl16MYhoFseaPFlUXgdpty952Hj07bkZ3cbr/Dqaj+MHqd00kbuW3EhwLxiFieJRIA45bot+ ZUe+itpME+XKjA5eahHCbDq1h0yvWglatQsdgDi85VQesQtdZ0Awk9bWnS5n07udlTTvnqt2St0 HO74zVpaB/N+ERz3pBpj2ArIj5C8yo37m8gDSFiUsZ8cCkvBRYY8c9xia19JKX/pX4/kiSn74yu u5Wd9SN2cX/FGXGn1EXcbY8cmy242VYZ4LuF9ZKeUqA7YaKml4fBbSdYumBnHnsJhc1ZrBhPDpi rlqY2MgjKdUrO0KgIyDT0TdHU8Xcd4Q1cyRFQgg9AajEuLT9XLsKvhjNOqRnoKiVEO7xFvj19OP kQZOMqGPIuNlKhMPOGFMEVzwsGrJL3Qg2ViTs051E9a7EMgY/P0F+4ruzh3mNn1FTwrKAbYAKzo r0tx5ODyv4xYh6z0aAkpluZ/ILnd980jLVIk7IXf9lncUD+K9DFxBjBnN7MjDpOMjwaoYQwvsUE V+xrKnZ7t1hXKuQ== X-Mailer: b4 0.13.0 Message-ID: <20241122-vma-v9-6-7127bfcdd54e@google.com> Subject: [PATCH v9 6/8] mm: rust: add VmAreaNew for f_ops->mmap() From: Alice Ryhl To: Miguel Ojeda , Matthew Wilcox , Lorenzo Stoakes , Vlastimil Babka , John Hubbard , "Liam R. Howlett" , Andrew Morton , Greg Kroah-Hartman , Arnd Bergmann , Christian Brauner , Jann Horn , Suren Baghdasaryan Cc: Alex Gaynor , Boqun Feng , Gary Guo , " =?utf-8?q?Bj=C3=B6rn_Roy_Baron?= " , Benno Lossin , linux-kernel@vger.kernel.org, linux-mm@kvack.org, rust-for-linux@vger.kernel.org, Alice Ryhl , Andreas Hindborg X-Rspamd-Queue-Id: 07463100004 X-Stat-Signature: pmy5xfxunoiaf79u8tt3nyo6xzbpbbzg X-Rspam-User: X-Rspamd-Server: rspam05 X-HE-Tag: 1732290016-90178 X-HE-Meta: U2FsdGVkX1/UehagwQw7Si9CO631X3cR3XO/hEptkO3tdyARhV7vUk42kaQlg8osulz0H0hWeDykVtXEasYn0Z2RUUikN+Y8MIhvRTZU5oCsGsGaKr8I0TO3X+r+tPZ6pZIM5p6hrDN7Re5SmR7Wyn1S2sLEFf+nNMGfUFZHw/jEuUO8/1aH+Lx2YLq3SEmNKUzbjX/j8klwnwWsTSq+R0djVpluo85Vhw2+tWoj8y8Ek8+vUBMu94iYW0aQYD56nrTupoZw66NU95fi2Gqv5ct17cPfD37zdAgC+lA2COO6vMZLm1EKZ6euzEM8kp6Bb3Ps3dzSvLDg51eGY0cte5tXVcQIYsZPOj2swRvknN4kr+0NXoL1EL8OnnKWbAy271pMfPW/vEqw70YvSZ8lBCxkEgCWwqSecHnNV1zGNL7dlQow33BWKSNqGuOGOBHLKSsviPhzhx4cz9lqVSd6u8Ls5YN294BrBK2d9IAXM7nCMWks+smPB/2lmkNfec9TNeui8g6yIONxWm13FwMtvkLhGDdZYsFowtl1PM6BRk1VTrMbzewetrp9lAx28rtixqqkXhyyzFn+F7LPJohyhCnMtQUhT0PEDpioAPsJc5gBxfkOL1StQrKx+c3q6MXccfeXPY0FRvZpuq8ug4rX6emNGUBCswlaDfBPi8ULpcITIXGTIe7LKzKjEAkLOfjR7NaE8ok5CG9X6t+XzMKeUwv5BkDrNP75Pp+DGWshzJi+J8KqNPLYpkGqKLB68GEYKCtJpVcgfl0C6g9OKtQoUqkiHXtb9UwGV/cOtFCGjb1Zzo4RVtBnEYMwH8OO9eJ5Uk6aZ91OsvRFVSp9C9d3zA9Y0snnzeUBW8b03w96MqVTJDOCh8ge1BUc5EJW4opHbJkF/YR5ItCCtNGiwxsCUjq8QcQQ8YitWIumhxNuNqGsSC7SPTGym7EupquAkvEntVKfnrNzARClyt8mo5E wJFNu2Sa LyqCpMYJG30AW2h5wu/dcny/MIlTGk5JvnqsqWNFkLbtukA352DnJMavGzyZCdl9LXqqE2LwfQIh13ahYS9sDz18kXJ7V9ZE7dPmmn93I+Q1tvvi11PKt0zLANdbDaqCgnySgr1iBIsl5D9JHzc8kR7n8I9UiAmSubMZmZiJpbj6Y7llP+kixVhc16mChW41VIFMwPhXp3oisXebuTrk4Sw7eNQ7G++e3S0F7cjTZSGEKrm0Oz4HZZJ0B09wp8heeVJwyqwadj8VgEn00vMzOZ6u+sJ1bmzENGi8rWxTE6V+xl2IsjrPXahzWtdei7Zel0rv37Ds3cpOBNlgqv4tY/87IGaz0F98qbCw0DV8WeVak6QrH+LUJI0uJEEecMpWQSg5fJ0dWdjqYs5J5x/y1DT0tLbqa3cUAxANBZ/SdlZocTmKhOOU2z6tu5F+l3VixJ3TsLIEUzMmaetkpBxIrw3HX526mLUMfR3jEdoSayfnGx3olD3WH0AsLwhwrd/0Tbc4YcLIC322snAJWP/KaTEmqhCci0ePLmjL0OIKXViPBAt2mpb/bsuoPWjSbMDfAL573KYyU0tu3Wd0mZU1zcRkBqOCz4MKnM49zfLRe91tDwOaZtuySVV/Wmq0CuJDaM3H3ItUWAz6gzdKEN9p+9QCYMf8tkmpLWdEIJo3SXfGr2fWycWf1B8wxng== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: This type will be used when setting up a new vma in an f_ops->mmap() hook. Using a separate type from VmAreaRef allows us to have a separate set of operations that you are only able to use during the mmap() hook. For example, the VM_MIXEDMAP flag must not be changed after the initial setup that happens during the f_ops->mmap() hook. To avoid setting invalid flag values, the methods for clearing VM_MAYWRITE and similar involve a check of VM_WRITE, and return an error if VM_WRITE is set. Trying to use `try_clear_maywrite` without checking the return value results in a compilation error because the `Result` type is marked #[must_use]. For now, there's only a method for VM_MIXEDMAP and not VM_PFNMAP. When we add a VM_PFNMAP method, we will need some way to prevent you from setting both VM_MIXEDMAP and VM_PFNMAP on the same vma. Signed-off-by: Alice Ryhl Acked-by: Lorenzo Stoakes (for mm bits) --- rust/kernel/mm/virt.rs | 179 ++++++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 178 insertions(+), 1 deletion(-) diff --git a/rust/kernel/mm/virt.rs b/rust/kernel/mm/virt.rs index 3e494e40b530..2a49c29a49c7 100644 --- a/rust/kernel/mm/virt.rs +++ b/rust/kernel/mm/virt.rs @@ -6,7 +6,7 @@ use crate::{ bindings, - error::{to_result, Result}, + error::{code::EINVAL, to_result, Result}, page::Page, types::Opaque, }; @@ -155,6 +155,183 @@ pub fn vm_insert_page(&self, address: usize, page: &Page) -> Result { } } +/// A builder for setting up a vma in an `f_ops->mmap()` hook. +/// +/// # Invariants +/// +/// For the duration of 'a, the referenced vma must be undergoing initialization in an +/// `f_ops->mmap()` hook. +pub struct VmAreaNew { + vma: VmAreaRef, +} + +// Make all `VmAreaRef` methods available on `VmAreaNew`. +impl Deref for VmAreaNew { + type Target = VmAreaRef; + + #[inline] + fn deref(&self) -> &VmAreaRef { + &self.vma + } +} + +impl VmAreaNew { + /// Access a virtual memory area given a raw pointer. + /// + /// # Safety + /// + /// Callers must ensure that `vma` is undergoing initial vma setup for the duration of 'a. + #[inline] + pub unsafe fn from_raw<'a>(vma: *const bindings::vm_area_struct) -> &'a Self { + // SAFETY: The caller ensures that the invariants are satisfied for the duration of 'a. + unsafe { &*vma.cast() } + } + + /// Internal method for updating the vma flags. + /// + /// # Safety + /// + /// This must not be used to set the flags to an invalid value. + #[inline] + unsafe fn update_flags(&self, set: vm_flags_t, unset: vm_flags_t) { + let mut flags = self.flags(); + flags |= set; + flags &= !unset; + + // SAFETY: This is not a data race: the vma is undergoing initial setup, so it's not yet + // shared. Additionally, `VmAreaNew` is `!Sync`, so it cannot be used to write in parallel. + // The caller promises that this does not set the flags to an invalid value. + unsafe { (*self.as_ptr()).__bindgen_anon_2.__vm_flags = flags }; + } + + /// Set the `VM_MIXEDMAP` flag on this vma. + /// + /// This enables the vma to contain both `struct page` and pure PFN pages. Returns a reference + /// that can be used to call `vm_insert_page` on the vma. + #[inline] + pub fn set_mixedmap(&self) -> &VmAreaMixedMap { + // SAFETY: We don't yet provide a way to set VM_PFNMAP, so this cannot put the flags in an + // invalid state. + unsafe { self.update_flags(flags::MIXEDMAP, 0) }; + + // SAFETY: We just set `VM_MIXEDMAP` on the vma. + unsafe { VmAreaMixedMap::from_raw(self.vma.as_ptr()) } + } + + /// Set the `VM_IO` flag on this vma. + /// + /// This marks the vma as being a memory-mapped I/O region. + #[inline] + pub fn set_io(&self) { + // SAFETY: Setting the VM_IO flag is always okay. + unsafe { self.update_flags(flags::IO, 0) }; + } + + /// Set the `VM_DONTEXPAND` flag on this vma. + /// + /// This prevents the vma from being expanded with `mremap()`. + #[inline] + pub fn set_dontexpand(&self) { + // SAFETY: Setting the VM_DONTEXPAND flag is always okay. + unsafe { self.update_flags(flags::DONTEXPAND, 0) }; + } + + /// Set the `VM_DONTCOPY` flag on this vma. + /// + /// This prevents the vma from being copied on fork. This option is only permanent if `VM_IO` + /// is set. + #[inline] + pub fn set_dontcopy(&self) { + // SAFETY: Setting the VM_DONTCOPY flag is always okay. + unsafe { self.update_flags(flags::DONTCOPY, 0) }; + } + + /// Set the `VM_DONTDUMP` flag on this vma. + /// + /// This prevents the vma from being included in core dumps. This option is only permanent if + /// `VM_IO` is set. + #[inline] + pub fn set_dontdump(&self) { + // SAFETY: Setting the VM_DONTDUMP flag is always okay. + unsafe { self.update_flags(flags::DONTDUMP, 0) }; + } + + /// Returns whether `VM_READ` is set. + /// + /// This flag indicates whether userspace is mapping this vma as readable. + #[inline] + pub fn get_read(&self) -> bool { + (self.flags() & flags::READ) != 0 + } + + /// Try to clear the `VM_MAYREAD` flag, failing if `VM_READ` is set. + /// + /// This flag indicates whether userspace is allowed to make this vma readable with + /// `mprotect()`. + /// + /// Note that this operation is irreversible. Once `VM_MAYREAD` has been cleared, it can never + /// be set again. + #[inline] + pub fn try_clear_mayread(&self) -> Result { + if self.get_read() { + return Err(EINVAL); + } + // SAFETY: Clearing `VM_MAYREAD` is okay when `VM_READ` is not set. + unsafe { self.update_flags(0, flags::MAYREAD) }; + Ok(()) + } + + /// Returns whether `VM_WRITE` is set. + /// + /// This flag indicates whether userspace is mapping this vma as writable. + #[inline] + pub fn get_write(&self) -> bool { + (self.flags() & flags::WRITE) != 0 + } + + /// Try to clear the `VM_MAYWRITE` flag, failing if `VM_WRITE` is set. + /// + /// This flag indicates whether userspace is allowed to make this vma writable with + /// `mprotect()`. + /// + /// Note that this operation is irreversible. Once `VM_MAYWRITE` has been cleared, it can never + /// be set again. + #[inline] + pub fn try_clear_maywrite(&self) -> Result { + if self.get_write() { + return Err(EINVAL); + } + // SAFETY: Clearing `VM_MAYWRITE` is okay when `VM_WRITE` is not set. + unsafe { self.update_flags(0, flags::MAYWRITE) }; + Ok(()) + } + + /// Returns whether `VM_EXEC` is set. + /// + /// This flag indicates whether userspace is mapping this vma as executable. + #[inline] + pub fn get_exec(&self) -> bool { + (self.flags() & flags::EXEC) != 0 + } + + /// Try to clear the `VM_MAYEXEC` flag, failing if `VM_EXEC` is set. + /// + /// This flag indicates whether userspace is allowed to make this vma executable with + /// `mprotect()`. + /// + /// Note that this operation is irreversible. Once `VM_MAYEXEC` has been cleared, it can never + /// be set again. + #[inline] + pub fn try_clear_mayexec(&self) -> Result { + if self.get_exec() { + return Err(EINVAL); + } + // SAFETY: Clearing `VM_MAYEXEC` is okay when `VM_EXEC` is not set. + unsafe { self.update_flags(0, flags::MAYEXEC) }; + Ok(()) + } +} + /// The integer type used for vma flags. #[doc(inline)] pub use bindings::vm_flags_t;