mbox series

[0/3] RISC-V: mm: correct mmap behavior in sv48 address space

Message ID tencent_F3B3B5AB1C9D704763CA423E1A41F8BE0509@qq.com (mailing list archive)
Headers show
Series RISC-V: mm: correct mmap behavior in sv48 address space | expand

Message

Yangyu Chen Jan. 14, 2024, 7:55 p.m. UTC
Previous patch series [1] violates the principle of mmap syscall as it uses
hint address as the largest address space to use rather than where to
create the mapping, thus broke the possibility to mmap in sv48, sv57
address space without a MAP_FIXED flag. This patchset corrects the behavior
of mmap syscall and use the behavior of x86 5-stage-paging as a reference.

I first noticed this issue when I was trying to run box64 on a sv48 system
with commit previous than [2]. Then I reported this through private
communication, then a box64 contributor did some investigation and found
that trying to mmap in sv48 address space without MAP_FIXED flag will
always return a random address in sv39. I review the changelog with some
tests on qemu and found this issue was introduced from [1]. After reviewing
the code, tests and docs, I think the original author might misunderstand
the meaning of hint address in mmap syscall. Then I did some investigation
on other ISAs like x86 which has 5-stage-paging and found that it has
addressed the same issue if some userspace software assumes the pointer
size should smaller than 47 bits and also solved in kernel by limiting the
mmap in maximum 47 bits address space by default.

Finally I correct the behavior of mmap syscall as x86 5-stage-paging does,
and migreate the documentation from x86-64 kernel to riscv kernel.


[1]. https://lore.kernel.org/linux-riscv/20230809232218.849726-1-charlie@rivosinc.com/
[2]. https://github.com/ptitSeb/box64/commit/5b700cb6e6f397d2074c49659f7f9915f4a33c5f

Yangyu Chen (3):
  RISC-V: mm: fix mmap behavior in sv48 address space
  RISC-V: mm: only test mmap without hint
  Documentation: riscv: correct sv57 kernel behavior

 Documentation/arch/riscv/vm-layout.rst        | 48 +++++++++++--------
 arch/riscv/include/asm/processor.h            | 39 ++++-----------
 .../selftests/riscv/mm/mmap_bottomup.c        | 12 -----
 .../testing/selftests/riscv/mm/mmap_default.c | 12 -----
 tools/testing/selftests/riscv/mm/mmap_test.h  | 30 ------------
 5 files changed, 36 insertions(+), 105 deletions(-)

Comments

Yangyu Chen Jan. 19, 2024, 4:42 p.m. UTC | #1
Friendly ping. There are already 5 days since this patch was submitted 
but there are no comments now. The previous buggy patch has already been 
in the mainline kernel since the v6.6 release and breaks some userspace 
software that relies on mmap to create mapping on the hint address 
without MAP_FIXED set. I think this fix should go to the kernel ASAP.

Thanks,
Yangyu Chen

On 1/15/24 03:55, Yangyu Chen wrote:
> Previous patch series [1] violates the principle of mmap syscall as it uses
> hint address as the largest address space to use rather than where to
> create the mapping, thus broke the possibility to mmap in sv48, sv57
> address space without a MAP_FIXED flag. This patchset corrects the behavior
> of mmap syscall and use the behavior of x86 5-stage-paging as a reference.
> 
> I first noticed this issue when I was trying to run box64 on a sv48 system
> with commit previous than [2]. Then I reported this through private
> communication, then a box64 contributor did some investigation and found
> that trying to mmap in sv48 address space without MAP_FIXED flag will
> always return a random address in sv39. I review the changelog with some
> tests on qemu and found this issue was introduced from [1]. After reviewing
> the code, tests and docs, I think the original author might misunderstand
> the meaning of hint address in mmap syscall. Then I did some investigation
> on other ISAs like x86 which has 5-stage-paging and found that it has
> addressed the same issue if some userspace software assumes the pointer
> size should smaller than 47 bits and also solved in kernel by limiting the
> mmap in maximum 47 bits address space by default.
> 
> Finally I correct the behavior of mmap syscall as x86 5-stage-paging does,
> and migreate the documentation from x86-64 kernel to riscv kernel.
> 
> 
> [1]. https://lore.kernel.org/linux-riscv/20230809232218.849726-1-charlie@rivosinc.com/
> [2]. https://github.com/ptitSeb/box64/commit/5b700cb6e6f397d2074c49659f7f9915f4a33c5f
> 
> Yangyu Chen (3):
>    RISC-V: mm: fix mmap behavior in sv48 address space
>    RISC-V: mm: only test mmap without hint
>    Documentation: riscv: correct sv57 kernel behavior
> 
>   Documentation/arch/riscv/vm-layout.rst        | 48 +++++++++++--------
>   arch/riscv/include/asm/processor.h            | 39 ++++-----------
>   .../selftests/riscv/mm/mmap_bottomup.c        | 12 -----
>   .../testing/selftests/riscv/mm/mmap_default.c | 12 -----
>   tools/testing/selftests/riscv/mm/mmap_test.h  | 30 ------------
>   5 files changed, 36 insertions(+), 105 deletions(-)
>