From patchwork Wed Dec 14 20:04:52 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Peter Xu <peterx@redhat.com>
X-Patchwork-Id: 13073492
Return-Path: <owner-linux-mm@kvack.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17])
	by smtp.lore.kernel.org (Postfix) with ESMTP id DC9C0C001B2
	for <linux-mm@archiver.kernel.org>; Wed, 14 Dec 2022 20:05:05 +0000 (UTC)
Received: by kanga.kvack.org (Postfix)
	id 7E36E8E0014; Wed, 14 Dec 2022 15:05:05 -0500 (EST)
Received: by kanga.kvack.org (Postfix, from userid 40)
	id 76DCA8E0002; Wed, 14 Dec 2022 15:05:05 -0500 (EST)
X-Delivered-To: int-list-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix, from userid 63042)
	id 5737E8E0014; Wed, 14 Dec 2022 15:05:05 -0500 (EST)
X-Delivered-To: linux-mm@kvack.org
Received: from relay.hostedemail.com (smtprelay0013.hostedemail.com
 [216.40.44.13])
	by kanga.kvack.org (Postfix) with ESMTP id 3B3F38E0002
	for <linux-mm@kvack.org>; Wed, 14 Dec 2022 15:05:05 -0500 (EST)
Received: from smtpin14.hostedemail.com (a10.router.float.18 [10.200.18.1])
	by unirelay07.hostedemail.com (Postfix) with ESMTP id B910C160F5E
	for <linux-mm@kvack.org>; Wed, 14 Dec 2022 20:05:02 +0000 (UTC)
X-FDA: 80241990444.14.F05030B
Received: from us-smtp-delivery-124.mimecast.com
 (us-smtp-delivery-124.mimecast.com [170.10.133.124])
	by imf02.hostedemail.com (Postfix) with ESMTP id C67EB80009
	for <linux-mm@kvack.org>; Wed, 14 Dec 2022 20:05:00 +0000 (UTC)
Authentication-Results: imf02.hostedemail.com;
	dkim=pass header.d=redhat.com header.s=mimecast20190719 header.b="evzzPs/W";
	spf=pass (imf02.hostedemail.com: domain of peterx@redhat.com designates
 170.10.133.124 as permitted sender) smtp.mailfrom=peterx@redhat.com;
	dmarc=pass (policy=none) header.from=redhat.com
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed;
 d=hostedemail.com;
	s=arc-20220608; t=1671048300;
	h=from:from:sender:reply-to:subject:subject:date:date:
	 message-id:message-id:to:to:cc:cc:mime-version:mime-version:
	 content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references:dkim-signature;
	bh=OjnVrIvGwtoddEojvu7v3r8jpkJLbQV8Ta0gkZnxU7g=;
	b=6x9XDHX08FGQ0c8kbCSZTB4l881fu4Cg9bjxhx/jPKQ7HlHWNKHriP1sUAwzA6JnvXmCoD
	G7YL6HV2pUA/Mbnj1GaBI322GoS/FvXO5vGGkvY9oMnifx5+knL0/jNAluvFpbMHyq6ARP
	qpF3fTJ2J4AoQB3Nfq7qLzb3s7mQFAw=
ARC-Authentication-Results: i=1;
	imf02.hostedemail.com;
	dkim=pass header.d=redhat.com header.s=mimecast20190719 header.b="evzzPs/W";
	spf=pass (imf02.hostedemail.com: domain of peterx@redhat.com designates
 170.10.133.124 as permitted sender) smtp.mailfrom=peterx@redhat.com;
	dmarc=pass (policy=none) header.from=redhat.com
ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1671048300; a=rsa-sha256;
	cv=none;
	b=MgOehYGghVsjLOtbXMzAn5CREfjDVOifIKVSqzViSeW0LqCy4VEkYxpI0Ads63a2hNO9iT
	1bhrYOpFhIYDyII1AAYJlgA2mkpgp7BX44AEgsi6D2ohB5EXNdW9oIuuFinfHnN3ZFbxVu
	V1vgz5r252xMoUa6jQPI+NA4VLgTy9U=
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
	s=mimecast20190719; t=1671048300;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references;
	bh=OjnVrIvGwtoddEojvu7v3r8jpkJLbQV8Ta0gkZnxU7g=;
	b=evzzPs/WKBueagFhMrOu8+U594VoiwTwypnbb8GDIT/N71YFMYUTEdiVI9LgVu2zLfbsWu
	RxSIRLfuRoRM79PSaIKGiOQQRPSQxp0oQbj6CugdMKSDnmmdOq142PEjXN9sHRJEuQIoe2
	on2kBsoz8eri41nLFxeYkAl1u260cUU=
Received: from mail-qt1-f199.google.com (mail-qt1-f199.google.com
 [209.85.160.199]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.3, cipher=TLS_AES_128_GCM_SHA256) id
 us-mta-638-yMXl1ScgO7GbbPCGol_8zg-1; Wed, 14 Dec 2022 15:04:58 -0500
X-MC-Unique: yMXl1ScgO7GbbPCGol_8zg-1
Received: by mail-qt1-f199.google.com with SMTP id
 i3-20020ac87643000000b003a816421776so3094884qtr.22
        for <linux-mm@kvack.org>; Wed, 14 Dec 2022 12:04:58 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=OjnVrIvGwtoddEojvu7v3r8jpkJLbQV8Ta0gkZnxU7g=;
        b=k9tEHTvBRbiLWBgDd15i4jsyZ4QFmeUaAw361c461w3JKAA4OLXKVK3lGQTqntKDuJ
         LQdkk6Dcl7hmgza/r1JOLReEiWlGtwXuQSyeq8Ia5WLsf5/FS5EwfNlDa4PP377LbGxy
         rHnPEn2vVAhnca+YQkLsesN0/Vpyq1nCNSyqwXFG8anKv08T0nLmaRRkbcBrjfa7LjaQ
         V9FkV+DS+cHGEwMybURYd+zkN/DVxa05I6iV3XT21vR3FN53hhRQHsXj4XIrqVu38UVL
         X3lMWjY0nsNYqB0JIUKe+9JWIcDeydQ4i0o4mGe4uUZdzXdEKMtOjc1pQzOWk4h7sVM6
         AppA==
X-Gm-Message-State: ANoB5pkYDfdOk/IwSSPJJ67GXnTLSuM5HwnZtUyohjPncTOnL5y+PNUp
	JRVobUfABfQM1gbcFya8Q+srYXNA6E9GkO00aw16M9ivuOmRyxWlYJuZnbP5eFdzL+MQn523rBx
	aLla0uzeHXyI=
X-Received: by 2002:ac8:7a92:0:b0:3a8:234a:3204 with SMTP id
 x18-20020ac87a92000000b003a8234a3204mr11410971qtr.23.1671048298360;
        Wed, 14 Dec 2022 12:04:58 -0800 (PST)
X-Google-Smtp-Source: 
 AA0mqf6Nke0YvpERN8PSGIEPS7iAy63OPrfTbIIMSElRjL9bJJczmgiRGIt2KezRj+ugUt12mbA1aQ==
X-Received: by 2002:ac8:7a92:0:b0:3a8:234a:3204 with SMTP id
 x18-20020ac87a92000000b003a8234a3204mr11410949qtr.23.1671048298123;
        Wed, 14 Dec 2022 12:04:58 -0800 (PST)
Received: from x1n.redhat.com
 (bras-base-aurron9127w-grc-45-70-31-26-132.dsl.bell.ca. [70.31.26.132])
        by smtp.gmail.com with ESMTPSA id
 l11-20020ac848cb000000b003a689a5b177sm2199352qtr.8.2022.12.14.12.04.56
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Wed, 14 Dec 2022 12:04:57 -0800 (PST)
From: Peter Xu <peterx@redhat.com>
To: linux-kernel@vger.kernel.org,
	linux-mm@kvack.org
Cc: Andrea Arcangeli <aarcange@redhat.com>,
	Pengfei Xu <pengfei.xu@intel.com>,
	peterx@redhat.com,
	Nadav Amit <nadav.amit@gmail.com>,
	David Hildenbrand <david@redhat.com>,
	Andrew Morton <akpm@linux-foundation.org>,
	Miaohe Lin <linmiaohe@huawei.com>,
	Huang Ying <ying.huang@intel.com>,
	stable@vger.kernel.org
Subject: [PATCH 1/2] mm/uffd: Fix pte marker when fork() without fork event
Date: Wed, 14 Dec 2022 15:04:52 -0500
Message-Id: <20221214200453.1772655-2-peterx@redhat.com>
X-Mailer: git-send-email 2.37.3
In-Reply-To: <20221214200453.1772655-1-peterx@redhat.com>
References: <20221214200453.1772655-1-peterx@redhat.com>
MIME-Version: 1.0
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Content-type: text/plain
X-Rspamd-Server: rspam07
X-Rspamd-Queue-Id: C67EB80009
X-Rspam-User: 
X-Stat-Signature: yn9pe36udn7do93k1ne1e9g5zronzds9
X-HE-Tag: 1671048300-95277
X-HE-Meta: 
 U2FsdGVkX19qPpqu079QoTvVeVwCvVEs/xtyQLg2E6Mh0BTMYFzQ0/HpAU9W5jn1UBYIU6D0eusRUEPiUS+M2lGNB9A1xJamxj1yi/zJuUIC3Ep0A91NRHE0NR0SOWOFaP7A+5VKjjJc8fDMcnrGbVonhZkjGlY4cl1OSoldbu6WtZLcyvxlZqqTtZYco3+3mvRCCWJdqewIi4JsboLOcICMQ6qm6ALlKrd5qk2hYNRvretenaHw2pRDmH+tg0NVWFrTZUTEadgVeit2gYxj6G6/eYVqlCYHrU1XW4BEQHKYQnbB9x1Nux2XhjNGqmNoJnM105/JV2d6OVPkwWBLG5HTpzAC4xje/MQZo/kfLxoAI/3Op0/lED4jzTPVx2FYGMp6xzjS3gH7JMCBRa6Jz1bQHKHRWL/j996dwhzRnehXfhTZkhIQu/dQ1ef8XDXJPwQabkoi7smAM+dZ0B5n3YLhQ/1lQqiB3a/Z6HAhYn3sE/mjFVzYIW/5DDEMzPhA7hSKSAcIw29qTNWarLiLbmhFGWna34TovMewqfQUray/4qGSDYASzSSe7QbC9V4tJ0Ux570xgz+NAQPN4weE8zQPxce2zVEwr0F4wQShm5l6J+emSky2zJvRtFQYyzYBWvH4bmy+6srqh8Qqz8AC0bX3NAiY0s1I+0OP3we5suM2SNY+cO/MWTqoRHJtEg4xV3wbaYgnovVCjvPOcIgevROdKPt79qcdBSCIZfDk+Z1bxFeC96aQ0ERBKXV9Upp4oi5l+ofO4tZeJll7mqtWub4oXfTtbAewPsLc1RO7ThflkUClGbVyS/5OiFrwZijroZDuj24d30njg8e5aY87YpB+5RLmN110K097wcXZoKz7uTn23GbwJLGfvADjR21YzaRx3NYWT8srLo0MFLiHISiJY9gV4/35n+X5pXIUVaeHsFMedCCkfc2TrdlRhAwzHGYKMXj+yOZLV6ergNH
 DJ8u+SsC
 vLCvM5J+J1JZWuTfVTf9tvKkIc2YN9MBVGWziH7I0cwB8m2TjBZI3pSzTJR+92EEwpOl3EiAk/aDugtabhrKazgUX4R2VuRKPjKqGzJ49Ur/rZYU5L8Mva6uLLHqO+8bVCOOZ0iMZZps3f20VKa8Pqtv+sMKiGwS3bQ+xcLh2vE5UOIFCTv4GHrLXnuyZEv7cd5AXEsS7h7WUlURHF7b4g9uH5w==
X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4
Sender: owner-linux-mm@kvack.org
Precedence: bulk
X-Loop: owner-majordomo@kvack.org
List-ID: <linux-mm.kvack.org>

When fork(), dst_vma is not guaranteed to have VM_UFFD_WP even if src may
have it and has pte marker installed.  The warning is improper along with
the comment.  The right thing is to inherit the pte marker when needed, or
keep the dst pte empty.

A vague guess is this happened by an accident when there's the prior patch
to introduce src/dst vma into this helper during the uffd-wp feature got
developed and I probably messed up in the rebase, since if we replace
dst_vma with src_vma the warning & comment it all makes sense too.

Hugetlb did exactly the right here (copy_hugetlb_page_range()).  Fix the
general path.

Reproducer:

https://github.com/xupengfe/syzkaller_logs/blob/main/221208_115556_copy_page_range/repro.c

Cc: <stable@vger.kernel.org> # 5.19+
Fixes: c56d1b62cce8 ("mm/shmem: handle uffd-wp during fork()")
Bugzilla: https://bugzilla.kernel.org/show_bug.cgi?id=216808
Reported-by: Pengfei Xu <pengfei.xu@intel.com>
Signed-off-by: Peter Xu <peterx@redhat.com>
Acked-by: David Hildenbrand <david@redhat.com>
Reviewed-by: Miaohe Lin <linmiaohe@huawei.com>
---
 mm/memory.c | 8 ++------
 1 file changed, 2 insertions(+), 6 deletions(-)

diff --git a/mm/memory.c b/mm/memory.c
index aad226daf41b..032ef700c3e8 100644
--- a/mm/memory.c
+++ b/mm/memory.c
@@ -828,12 +828,8 @@ copy_nonpresent_pte(struct mm_struct *dst_mm, struct mm_struct *src_mm,
 			return -EBUSY;
 		return -ENOENT;
 	} else if (is_pte_marker_entry(entry)) {
-		/*
-		 * We're copying the pgtable should only because dst_vma has
-		 * uffd-wp enabled, do sanity check.
-		 */
-		WARN_ON_ONCE(!userfaultfd_wp(dst_vma));
-		set_pte_at(dst_mm, addr, dst_pte, pte);
+		if (userfaultfd_wp(dst_vma))
+			set_pte_at(dst_mm, addr, dst_pte, pte);
 		return 0;
 	}
 	if (!userfaultfd_wp(dst_vma))

From patchwork Wed Dec 14 20:04:53 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Peter Xu <peterx@redhat.com>
X-Patchwork-Id: 13073493
Return-Path: <owner-linux-mm@kvack.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17])
	by smtp.lore.kernel.org (Postfix) with ESMTP id CD110C4332F
	for <linux-mm@archiver.kernel.org>; Wed, 14 Dec 2022 20:05:06 +0000 (UTC)
Received: by kanga.kvack.org (Postfix)
	id 65E9F8E0015; Wed, 14 Dec 2022 15:05:06 -0500 (EST)
Received: by kanga.kvack.org (Postfix, from userid 40)
	id 5E64D8E0002; Wed, 14 Dec 2022 15:05:06 -0500 (EST)
X-Delivered-To: int-list-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix, from userid 63042)
	id 327578E0015; Wed, 14 Dec 2022 15:05:06 -0500 (EST)
X-Delivered-To: linux-mm@kvack.org
Received: from relay.hostedemail.com (smtprelay0017.hostedemail.com
 [216.40.44.17])
	by kanga.kvack.org (Postfix) with ESMTP id 22A358E0002
	for <linux-mm@kvack.org>; Wed, 14 Dec 2022 15:05:06 -0500 (EST)
Received: from smtpin02.hostedemail.com (a10.router.float.18 [10.200.18.1])
	by unirelay10.hostedemail.com (Postfix) with ESMTP id E91F6C0C76
	for <linux-mm@kvack.org>; Wed, 14 Dec 2022 20:05:05 +0000 (UTC)
X-FDA: 80241990570.02.DB1909D
Received: from us-smtp-delivery-124.mimecast.com
 (us-smtp-delivery-124.mimecast.com [170.10.129.124])
	by imf09.hostedemail.com (Postfix) with ESMTP id F16EA140015
	for <linux-mm@kvack.org>; Wed, 14 Dec 2022 20:05:03 +0000 (UTC)
Authentication-Results: imf09.hostedemail.com;
	dkim=pass header.d=redhat.com header.s=mimecast20190719 header.b=bpDL1wa1;
	dmarc=pass (policy=none) header.from=redhat.com;
	spf=pass (imf09.hostedemail.com: domain of peterx@redhat.com designates
 170.10.129.124 as permitted sender) smtp.mailfrom=peterx@redhat.com
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed;
 d=hostedemail.com;
	s=arc-20220608; t=1671048304;
	h=from:from:sender:reply-to:subject:subject:date:date:
	 message-id:message-id:to:to:cc:cc:mime-version:mime-version:
	 content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references:dkim-signature;
	bh=MJ7e/1DcKV7t12TWKKrFJ7YtUmiSHu7Oz11prJXIio4=;
	b=B/QyeMtkKR5TcQdYDsxAAiR7eUMOm2qmS2GRo/Uf4oFzxBDkT2NpWwjxLVEIWywHG5oS9E
	IdfJDS5CK8IJEdV6EliW/ZCGKiSUYLwdPzcH/KQ1hJVEhpCl95jwP8Ldw4KewECtDaF/Py
	QOGqvRzj4ftTXMRxWMp4PPl8WT7PDbA=
ARC-Authentication-Results: i=1;
	imf09.hostedemail.com;
	dkim=pass header.d=redhat.com header.s=mimecast20190719 header.b=bpDL1wa1;
	dmarc=pass (policy=none) header.from=redhat.com;
	spf=pass (imf09.hostedemail.com: domain of peterx@redhat.com designates
 170.10.129.124 as permitted sender) smtp.mailfrom=peterx@redhat.com
ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1671048304; a=rsa-sha256;
	cv=none;
	b=FlABcsSVsjkEitBeoo0A6NYEibYqLE6VeUbgI/MFYlReeEa4ga5tAuULF3y9LVZj5mY6Fn
	VBnZc4rWuldacJgFHOxIABDcETgUPh45Xn+xO5Qaw6vqoHQF2iXYwsE6fuaIFGevmVeOrm
	5Gi5u02cVendLgmZ/ICleFWVSJo5sow=
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
	s=mimecast20190719; t=1671048303;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references;
	bh=MJ7e/1DcKV7t12TWKKrFJ7YtUmiSHu7Oz11prJXIio4=;
	b=bpDL1wa11qHlXn58kVczHjUdNid0aXNYhUgeffZXfeLp42z0A7bp8DPW3ymJ6pKFwaTRUF
	FtaywWh3z4H32IdXKYIzwqcySf/rcZp0Quanqv/3dbZ+Rca/pHj8+8XtSDkxvcZtjF/3dF
	BEahBLza6wr6lsXO/V8pJW8mIMswyGY=
Received: from mail-qk1-f199.google.com (mail-qk1-f199.google.com
 [209.85.222.199]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.3, cipher=TLS_AES_128_GCM_SHA256) id
 us-mta-313-Bmh7kDonMgWtn1AEclgeAw-1; Wed, 14 Dec 2022 15:05:02 -0500
X-MC-Unique: Bmh7kDonMgWtn1AEclgeAw-1
Received: by mail-qk1-f199.google.com with SMTP id
 bq39-20020a05620a46a700b006ffd5db9fe9so1579302qkb.2
        for <linux-mm@kvack.org>; Wed, 14 Dec 2022 12:05:01 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=MJ7e/1DcKV7t12TWKKrFJ7YtUmiSHu7Oz11prJXIio4=;
        b=4CU4gIR3a1O6MJUeCoC+B5KW+sUVKfhsWxk1TZ4Ti62mrMeHrZLzGStAZ0XH5kwHBk
         erE8TkGDljPj8GgmfSpT/ZToZVrWeLTJYacmyGUmJm+7WpnMyg0wjPfV/TNWzKcTafzD
         8Sbqu/pBL4HU1qI7AFY/IGRRvVKfyH1WtorLhkRswBqYLBLBespkKT+h3FfUnZ6nf7ch
         eaiuH5SsyVbm66LC5P7sL1nKAQBYK7XRdEB4aVDLG755S/FxcEgo+4w3GmaY+/nXxmWj
         SQ7JPkZxxtHV/mop0j3vycSzsqJhfyuHv3d6kUlj1yGuXnuZsJY6TNa2LjHvWbiiHgQc
         yNTQ==
X-Gm-Message-State: ANoB5plACmoWy8fFKS3lUcemlZJimKqDZ3jtybyU5/65Xpdo4Utw6Kb6
	eO3JKt5ZM/EwEd8axASNKoV9E/Fzo3VZbf5jA1sHI0vCLC5uFd84/I9yfzHyQImZNKcVNhojEcg
	6QF9KbKT2/CY=
X-Received: by 2002:a05:622a:1b89:b0:39c:da21:6c13 with SMTP id
 bp9-20020a05622a1b8900b0039cda216c13mr44170150qtb.21.1671048301428;
        Wed, 14 Dec 2022 12:05:01 -0800 (PST)
X-Google-Smtp-Source: 
 AA0mqf61WATzn512XRe0RoNlnRHQ4R3JYnKWst4qaILG5dFlGhU5Ah2KHA1S4XcD4i6m0KU+szKXiQ==
X-Received: by 2002:a05:622a:1b89:b0:39c:da21:6c13 with SMTP id
 bp9-20020a05622a1b8900b0039cda216c13mr44170118qtb.21.1671048301045;
        Wed, 14 Dec 2022 12:05:01 -0800 (PST)
Received: from x1n.redhat.com
 (bras-base-aurron9127w-grc-45-70-31-26-132.dsl.bell.ca. [70.31.26.132])
        by smtp.gmail.com with ESMTPSA id
 l11-20020ac848cb000000b003a689a5b177sm2199352qtr.8.2022.12.14.12.04.58
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Wed, 14 Dec 2022 12:05:00 -0800 (PST)
From: Peter Xu <peterx@redhat.com>
To: linux-kernel@vger.kernel.org,
	linux-mm@kvack.org
Cc: Andrea Arcangeli <aarcange@redhat.com>,
	Pengfei Xu <pengfei.xu@intel.com>,
	peterx@redhat.com,
	Nadav Amit <nadav.amit@gmail.com>,
	David Hildenbrand <david@redhat.com>,
	Andrew Morton <akpm@linux-foundation.org>,
	Miaohe Lin <linmiaohe@huawei.com>,
	Huang Ying <ying.huang@intel.com>
Subject: [PATCH 2/2] mm: Fix a few rare cases of using swapin error pte marker
Date: Wed, 14 Dec 2022 15:04:53 -0500
Message-Id: <20221214200453.1772655-3-peterx@redhat.com>
X-Mailer: git-send-email 2.37.3
In-Reply-To: <20221214200453.1772655-1-peterx@redhat.com>
References: <20221214200453.1772655-1-peterx@redhat.com>
MIME-Version: 1.0
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Content-type: text/plain
X-Rspamd-Queue-Id: F16EA140015
X-Rspamd-Server: rspam09
X-Rspam-User: 
X-Stat-Signature: r86sgh4kdchfyxcg6kgzhaoxc6nqdh7m
X-HE-Tag: 1671048303-532101
X-HE-Meta: 
 U2FsdGVkX1/KW2arCw8ayY1j+HOILX3aVcHh1UjQkILTWy3HFYzgLUamx/utk1Fl2M623qAsH/UH2rO+njiS3otHvp8eaBvrTN24Fpr58z260sJx/YKW5rIw0EMUNPPNRnUKijog5ZwyDsYXOkqIHm1UezCMv050Ja+Zeum4SMQB+clZOMbKeOG15TWggyOhQC0wHbSJvgd6kmjJk+I/JN/0/IFQT/imzPgAIyAcs/Vx5JHa9yw+LNzaXX7y9O6dwi+uRRKCO7lfA+GNBs8LNJ9gAwyjlUd7L4YVXQKlz5og5K+lN13CGvCnege4g24hJhkbtz57Vvp4G/ev+5bk81ZZ7CyggD/7QzIifJNuxa+QaObpmvaKSGHn0bcoPdqverjXIeU0eLdMCYnrSVlBRGalbGqdc/Tn+del4TIRO8W95UxB5SOT4pJO/v8PzVcjfE6ux/EQ3mGM1ai8FlBsIO9ups57x50kgApvQeDuEez5AugWK/3TBust1bbALlFicWUn1p8jr4YYLXnSHMQgHUSkOa5/ziHSC2DC3LdNtlslXUIKo5pMa9WNc6HBUswgFBzbA5qEpgiNzL6djzg5RmlicOtVbE6AajVY/4+N9uGVeO73fJCbpNEQ/4QBXQ7f9h6SWOLUJUcw3tf5FddUx0tm7tZypv9SXO6ogIqrjT20FW6Eoc7aMCQJgvK9ZEUujMpbOm948+sbqXZQIYrLhLYTEqSC8rYXPYu5ToQBScvr0uVxhF4oiOh9ivYLYVuCBJB4whwpmZ0YAW2eNh60V30CflNYe6NK5BhhmrK8w3C8sYaWjAACAplPodOU6IupAIBXEv+qA4zMPzcXBF/THY1jt4nflIeR3pbETTYAHzC6ZzVqTn7eri/N5CU0jWsUpJPfa7xuOhP88BoM9b5WnZQuTbcLG5vtlgxuxK2GqeftAxkOXGSNeS+Yqbyki46RCpLC3C8p9z3nbkR4MNN
 nytx/Ssz
 lyacsm/kdW8tfuss8kChgEnan6QDAQjFcw6sKoD9MI50goNgGPn8TJ1O9o8Zn11kdA6fq+mr3B1sJKLYYViUhHddngI+sODkyxO2xDErkcq2UdxxumaqASMkpEWsKtxRaCgkbZ+BVm3uykpzvnDY0lQGHs6VnJZtt9O85gYDtZm7BEvCzTrdo3n5NiUdgUEN9IZy052SvO3CgCr1lMTrNuNtiG0botBWGyjpB
X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4
Sender: owner-linux-mm@kvack.org
Precedence: bulk
X-Loop: owner-majordomo@kvack.org
List-ID: <linux-mm.kvack.org>

This patch should harden commit 15520a3f0469 ("mm: use pte markers for swap
errors") on using pte markers for swapin errors on a few corner cases.

1. Propagate swapin errors across fork()s: if there're swapin errors in
   the parent mm, after fork()s the child should sigbus too when an error
   page is accessed.

2. Fix a rare condition race in pte_marker_clear() where a uffd-wp pte
   marker can be quickly switched to a swapin error.

3. Explicitly ignore swapin error pte markers in change_protection().

I mostly don't worry on (2) or (3) at all, but we should still have them.
Case (1) is special because it can potentially cause silent data corrupt on
child when parent has swapin error triggered with swapoff, but since swapin
error is rare itself already it's probably not easy to trigger either.

Currently there is a priority difference between the uffd-wp bit and the
swapin error entry, in which the swapin error always has higher
priority (e.g. we don't need to wr-protect a swapin error pte marker).

If there will be a 3rd bit introduced, we'll probably need to consider a
more involved approach so we may need to start operate on the bits.  Let's
leave that for later.

This patch is tested with case (1) explicitly where we'll get corrupted
data before in the child if there's existing swapin error pte markers, and
after patch applied the child can be rightfully killed.

We don't need to copy stable for this one since 15520a3f0469 just landed as
part of v6.2-rc1, only "Fixes" applied.

Fixes: 15520a3f0469 ("mm: use pte markers for swap errors")
Signed-off-by: Peter Xu <peterx@redhat.com>
Acked-by: David Hildenbrand <david@redhat.com>
Reviewed-by: Miaohe Lin <linmiaohe@huawei.com>
---
 mm/hugetlb.c  | 3 +++
 mm/memory.c   | 8 ++++++--
 mm/mprotect.c | 8 +++++++-
 3 files changed, 16 insertions(+), 3 deletions(-)

diff --git a/mm/hugetlb.c b/mm/hugetlb.c
index f5f445c39dbc..1e8e4eb10328 100644
--- a/mm/hugetlb.c
+++ b/mm/hugetlb.c
@@ -4884,6 +4884,9 @@ int copy_hugetlb_page_range(struct mm_struct *dst, struct mm_struct *src,
 				entry = huge_pte_clear_uffd_wp(entry);
 			set_huge_pte_at(dst, addr, dst_pte, entry);
 		} else if (unlikely(is_pte_marker(entry))) {
+			/* No swap on hugetlb */
+			WARN_ON_ONCE(
+			    is_swapin_error_entry(pte_to_swp_entry(entry)));
 			/*
 			 * We copy the pte marker only if the dst vma has
 			 * uffd-wp enabled.
diff --git a/mm/memory.c b/mm/memory.c
index 032ef700c3e8..3e836fecd035 100644
--- a/mm/memory.c
+++ b/mm/memory.c
@@ -828,7 +828,7 @@ copy_nonpresent_pte(struct mm_struct *dst_mm, struct mm_struct *src_mm,
 			return -EBUSY;
 		return -ENOENT;
 	} else if (is_pte_marker_entry(entry)) {
-		if (userfaultfd_wp(dst_vma))
+		if (is_swapin_error_entry(entry) || userfaultfd_wp(dst_vma))
 			set_pte_at(dst_mm, addr, dst_pte, pte);
 		return 0;
 	}
@@ -3625,8 +3625,12 @@ static vm_fault_t pte_marker_clear(struct vm_fault *vmf)
 	/*
 	 * Be careful so that we will only recover a special uffd-wp pte into a
 	 * none pte.  Otherwise it means the pte could have changed, so retry.
+	 *
+	 * This should also cover the case where e.g. the pte changed
+	 * quickly from a PTE_MARKER_UFFD_WP into PTE_MARKER_SWAPIN_ERROR.
+	 * So is_pte_marker() check is not enough to safely drop the pte.
 	 */
-	if (is_pte_marker(*vmf->pte))
+	if (pte_same(vmf->orig_pte, *vmf->pte))
 		pte_clear(vmf->vma->vm_mm, vmf->address, vmf->pte);
 	pte_unmap_unlock(vmf->pte, vmf->ptl);
 	return 0;
diff --git a/mm/mprotect.c b/mm/mprotect.c
index 093cb50f2fc4..a6f905211327 100644
--- a/mm/mprotect.c
+++ b/mm/mprotect.c
@@ -245,7 +245,13 @@ static unsigned long change_pte_range(struct mmu_gather *tlb,
 					newpte = pte_swp_mksoft_dirty(newpte);
 				if (pte_swp_uffd_wp(oldpte))
 					newpte = pte_swp_mkuffd_wp(newpte);
-			} else if (pte_marker_entry_uffd_wp(entry)) {
+			} else if (is_pte_marker_entry(entry)) {
+				/*
+				 * Ignore swapin errors unconditionally,
+				 * because any access should sigbus anyway.
+				 */
+				if (is_swapin_error_entry(entry))
+					continue;
 				/*
 				 * If this is uffd-wp pte marker and we'd like
 				 * to unprotect it, drop it; the next page