From patchwork Wed Sep 4 08:40:17 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Qi Zheng X-Patchwork-Id: 13790199 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id ADC5FCD3431 for ; Wed, 4 Sep 2024 09:14:52 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Transfer-Encoding: MIME-Version:References:In-Reply-To:Message-Id:Date:Subject:Cc:To:From: Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=vHfOyy55HFvG/XxGZW1ra6nqYg449VLN9cHJI9/IEBs=; b=PueaqdfeMRBivRflD69kSFKQsw U4O9gch6tBDG3zt9UnMCGlp4caKQ+4elgHSs5xlUlQWKjQ7Vh4xPdn8j7KrzTT6DnbwUuBS5gYH+e DlX8I7ZuFYPdJn1Z8zUc9QzdfU11B7f7yb4FHL42XenjRGRcxlfLO7dt4Ulr3NNV8mPIyxthM7k5o 1bq+d9CSBcQxCsOhtZMP81Mdy3lds43bUEjbXWcLpDm/kY0+dUh98rNYz5dZZbvY7I2UHTEv0XgvS pA8bniWZjPJqJ2Zq7xmok1rFzMUqKqMwUFBU9zsbs6aNzrd/4wVURQpNBCPlSEluz5fJ+Jzr6ldfH G1eD25WQ==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.97.1 #2 (Red Hat Linux)) id 1slm65-00000003cxF-1UNi; Wed, 04 Sep 2024 09:14:41 +0000 Received: from mail-pl1-x636.google.com ([2607:f8b0:4864:20::636]) by bombadil.infradead.org with esmtps (Exim 4.97.1 #2 (Red Hat Linux)) id 1sllaB-00000003TSR-23cB for linux-arm-kernel@lists.infradead.org; Wed, 04 Sep 2024 08:41:45 +0000 Received: by mail-pl1-x636.google.com with SMTP id d9443c01a7336-20536dcc6e9so30417805ad.2 for ; Wed, 04 Sep 2024 01:41:43 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=bytedance.com; s=google; t=1725439302; x=1726044102; darn=lists.infradead.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=vHfOyy55HFvG/XxGZW1ra6nqYg449VLN9cHJI9/IEBs=; b=ZuEtgJwfuNqKb65wO2tWX2bqPzR8IZyNtqx3LObsIE4uwnm2hntUwVztj8XE5vwwQk iw/V27leT6/rXNC0mjTMkshARr2WiqwsZoFrpsyHuRqWoZxveFmvRlVOrXiHUqoF+jYZ Sza7kARpykIjyXlnny6KwEGpICIM2chCSfyHDWnwXr590LsgFQfDmqyiAJOc7Ds5Nd8h lrb8JqFCJjCaevb3fn7VXMvVrJVZF2aHwmesTjx145a4L4hTtEhBPLd7S+/c/x4CRdZ5 XqdvbSm4705GFdS3PHPwOr9tziZsXtjouxBfZXmNCFUTjrbt3tRjeg4bqSdY3ogImlJl 5z2w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1725439302; x=1726044102; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=vHfOyy55HFvG/XxGZW1ra6nqYg449VLN9cHJI9/IEBs=; b=R5E4qlefr0j7WU4JqqyaavfhfZyFZ7Vt9dKHSKBOqcmq2Gu4KiKR9BUu+wqwBoHvTl cY1HnciGXNCZTgy9PKTJtg0WGbnwc4EODzH+MjyHbZ3l/6Y/GJy9/wn3TgAdQHbH1Dn4 vVXJvuOBTK4UAfXROdQBQ66DdTmgPPh00ctYC9cIhKizI50r+yolxXif3aM+I4yNnrCA 9Tqah7Cl4Befk6BO9PPTv9SZH8e4Pqdb0iqM2BuWX1w2E7pJVfTkwVyVn4h0oMWhFRmX 0UCaVBFglwueMYfQzIy+qhzHKpeesU+ubRt+vN8I/WWJV8snteFAJFpuZnYkvii81q9Y xuXA== X-Forwarded-Encrypted: i=1; AJvYcCUFMJoIJvoRR6Zj5Qe7icF5RK1YodxhZJa6W+DVS/LpxEpYEhuOsqljv09PMjQjxM44b/eEzaDnAo4B1ZCIbqX4@lists.infradead.org X-Gm-Message-State: AOJu0YyC5ZUXsS3rSijIltU6acQdph4TjzKl+muTgMqih9hs5PNqefcj ssMcuAhG9SdgWDksFr8RYe8E27EJtKDTryfQHPPlPq9zJv/ES4zAhYcgD4lXkIs= X-Google-Smtp-Source: AGHT+IGlDE+bZkJMe3LtnR3dMefm4RFnOsn/qpiRzdld3O/wCPCkO6r/LjjSl6iGWtDIKmNPthI/eg== X-Received: by 2002:a17:902:b68b:b0:202:4a24:ee with SMTP id d9443c01a7336-2050c45e710mr147539585ad.55.1725439302519; Wed, 04 Sep 2024 01:41:42 -0700 (PDT) Received: from C02DW0BEMD6R.bytedance.net ([139.177.225.242]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-206ae95a51csm9414045ad.117.2024.09.04.01.41.36 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 04 Sep 2024 01:41:42 -0700 (PDT) From: Qi Zheng To: david@redhat.com, hughd@google.com, willy@infradead.org, muchun.song@linux.dev, vbabka@kernel.org, akpm@linux-foundation.org, rppt@kernel.org, vishal.moola@gmail.com, peterx@redhat.com, ryan.roberts@arm.com, christophe.leroy2@cs-soprasteria.com Cc: linux-kernel@vger.kernel.org, linux-mm@kvack.org, linux-arm-kernel@lists.infradead.org, linuxppc-dev@lists.ozlabs.org, Qi Zheng Subject: [PATCH v3 09/14] mm: mremap: move_ptes() use pte_offset_map_rw_nolock() Date: Wed, 4 Sep 2024 16:40:17 +0800 Message-Id: <20240904084022.32728-10-zhengqi.arch@bytedance.com> X-Mailer: git-send-email 2.24.3 (Apple Git-128) In-Reply-To: <20240904084022.32728-1-zhengqi.arch@bytedance.com> References: <20240904084022.32728-1-zhengqi.arch@bytedance.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20240904_014143_534173_AFEAC0F2 X-CRM114-Status: GOOD ( 14.52 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org In move_ptes(), we may modify the new_pte after acquiring the new_ptl, so convert it to using pte_offset_map_rw_nolock(). Since we may free the PTE page in retract_page_tables() without holding the read lock of mmap_lock, so we still need to do a pmd_same() check after holding the PTL. Signed-off-by: Qi Zheng --- mm/mremap.c | 20 ++++++++++++++++++-- 1 file changed, 18 insertions(+), 2 deletions(-) diff --git a/mm/mremap.c b/mm/mremap.c index 24712f8dbb6b5..16e54151395ad 100644 --- a/mm/mremap.c +++ b/mm/mremap.c @@ -143,6 +143,7 @@ static int move_ptes(struct vm_area_struct *vma, pmd_t *old_pmd, spinlock_t *old_ptl, *new_ptl; bool force_flush = false; unsigned long len = old_end - old_addr; + pmd_t pmdval; int err = 0; /* @@ -175,14 +176,29 @@ static int move_ptes(struct vm_area_struct *vma, pmd_t *old_pmd, err = -EAGAIN; goto out; } - new_pte = pte_offset_map_nolock(mm, new_pmd, new_addr, &new_ptl); + /* + * Since we may free the PTE page in retract_page_tables() without + * holding the read lock of mmap_lock, so we still need to do a + * pmd_same() check after holding the PTL. + */ + new_pte = pte_offset_map_rw_nolock(mm, new_pmd, new_addr, &pmdval, + &new_ptl); if (!new_pte) { pte_unmap_unlock(old_pte, old_ptl); err = -EAGAIN; goto out; } - if (new_ptl != old_ptl) + if (new_ptl != old_ptl) { spin_lock_nested(new_ptl, SINGLE_DEPTH_NESTING); + + if (unlikely(!pmd_same(pmdval, pmdp_get_lockless(new_pmd)))) { + pte_unmap_unlock(new_pte, new_ptl); + pte_unmap_unlock(old_pte, old_ptl); + err = -EAGAIN; + goto out; + } + } + flush_tlb_batched_pending(vma->vm_mm); arch_enter_lazy_mmu_mode();