From patchwork Mon Dec 3 20:08:49 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Mike Kravetz X-Patchwork-Id: 10710499 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 3377115A6 for ; Mon, 3 Dec 2018 20:09:20 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 255162B2E0 for ; Mon, 3 Dec 2018 20:09:20 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 19B9E2B32D; Mon, 3 Dec 2018 20:09:20 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-3.0 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE, UNPARSEABLE_RELAY autolearn=ham version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 9D6342B2E0 for ; Mon, 3 Dec 2018 20:09:19 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 25B826B6ADA; Mon, 3 Dec 2018 15:09:16 -0500 (EST) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id 235DC6B6ADC; Mon, 3 Dec 2018 15:09:16 -0500 (EST) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 0B1566B6ADD; Mon, 3 Dec 2018 15:09:16 -0500 (EST) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-yb1-f198.google.com (mail-yb1-f198.google.com [209.85.219.198]) by kanga.kvack.org (Postfix) with ESMTP id CCD0F6B6ADA for ; Mon, 3 Dec 2018 15:09:15 -0500 (EST) Received: by mail-yb1-f198.google.com with SMTP id i15-v6so8794771ybp.7 for ; Mon, 03 Dec 2018 12:09:15 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:dkim-signature:from:to:cc:subject:date :message-id:in-reply-to:references; bh=0t52fLgngXHEH1UGn44+Uw2HE3xbOfQ4NJc5Y8fZs1w=; b=Jx/+04xJpxHKStAup71qYJxpamiTh/NJpcXZ0Q2spZc6sgw7KEo1j3txs02P8FEz7M 7U5QIt8xkIcc5I/d0N+k2+VK9BiV+7WlY8WE7+pWpFvhpMsxAWPgmumFvAgV7NMqqOiU R9dCOcS1zyV1WALcqj08L8gGJfp3OQwvJHqfEf3c1TBtGwCNnDFoxRVkVCiWWHpUXLKT 5u4kR5DBFVSwXiTpJtixrcQa1zb3DjdwPOsKnxTP9uXr2QpLXP9dKZeQiqkX3hlk2biX +qSUF8NLpfK2dGgcw+yo8yICapDXCiLW1RyNfZCCT9FP+7ejL4qW+Z4rCvBkJxuUkZEf 0LWQ== X-Gm-Message-State: AA+aEWaTTwYrFaHvpvO4GOxpfxe+21O6ePNoBT1sjGNtv3/BOhB/GInn b4EBdhNjcrY7wd3NhaOO3NTtGz1+J7labScM7QL+xhR6aSdxG+/weTbyoX3qsRBGgCfEQobL4/M 9jNfkGLAElGsfQqJ/ohu1uIOMd+xNfGW7YTkOZUWSeeRxdg/BaLopmbiAyAodAeUOJg== X-Received: by 2002:a25:3fc5:: with SMTP id m188-v6mr17182740yba.359.1543867755521; Mon, 03 Dec 2018 12:09:15 -0800 (PST) X-Google-Smtp-Source: AFSGD/VZ/vm3jBU9cMBkc8QoHFYbgm67P5fGvp/ELCyIWeazPKztTbWQXs7j8uU2Zj8sqLPRY9j4 X-Received: by 2002:a25:3fc5:: with SMTP id m188-v6mr17182685yba.359.1543867754792; Mon, 03 Dec 2018 12:09:14 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1543867754; cv=none; d=google.com; s=arc-20160816; b=bCdw9nuQr9S1+mHUGqRMDTydqe5sADzQ0Sig75XsrHLvkXI0ihKG78ysLUZ5yFIGmO iPtkyiZjwYw6gZJGUXVrx85BVSm8Te6K/CoslVjmUHq3waaTP0Qa8ti0Xb1J5UNsla5q vTy4BT+bt3D7Vn2ACHFFyBMLy/uTb6ySTzgMaSGAVfO/+vsAZy94Vd6eUN9UR16XbBfL Kz5JzNZLb6fUfrS1MW+nMyQ0mKJQaq/hX27DJf9TRYrrMLa6G6eopDzcxIR0JXIw6vJG BWLoMcaq477vKLExXYbknpdJkg+64eDMxuusQgqA0eUd7cUvJtpO4vvDZjkNrxXeEhq4 YlHw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=0t52fLgngXHEH1UGn44+Uw2HE3xbOfQ4NJc5Y8fZs1w=; b=JN0JW3N7jcfr8I1p5FmgFLyCZRgr2++rjTaGCT+NnLOIfVXOsO2Or5wCnW84XODJpJ credRPLaYNLNyXYUjwWxXj7Wtw2grJ4hf7l2BvhSk23MNpmETmrj8LqgHPLPAkKQhTYC aTeWc6R/ADD9BviNznMBXNGii0aBqC6rgLCbu9i8/jD6JsdH2h/nLYdGsjDxIQX8sQ/7 jzn0n4UAo3jq7GsNq0B9aVRrklQaixZXUTvz7+JwxYvilcRiUhce2hfZLV78knrovMAr QtyCP7cruzEGi2L60bHVjyxv20H27gusimzZPMmySiBTYRhZwAYjXcQduyn0Mz3yn8u+ GjfQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@oracle.com header.s=corp-2018-07-02 header.b=BRqp1y5Z; spf=pass (google.com: domain of mike.kravetz@oracle.com designates 141.146.126.78 as permitted sender) smtp.mailfrom=mike.kravetz@oracle.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=oracle.com Received: from aserp2120.oracle.com (aserp2120.oracle.com. [141.146.126.78]) by mx.google.com with ESMTPS id c26-v6si8289868ybe.442.2018.12.03.12.09.14 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 03 Dec 2018 12:09:14 -0800 (PST) Received-SPF: pass (google.com: domain of mike.kravetz@oracle.com designates 141.146.126.78 as permitted sender) client-ip=141.146.126.78; Authentication-Results: mx.google.com; dkim=pass header.i=@oracle.com header.s=corp-2018-07-02 header.b=BRqp1y5Z; spf=pass (google.com: domain of mike.kravetz@oracle.com designates 141.146.126.78 as permitted sender) smtp.mailfrom=mike.kravetz@oracle.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=oracle.com Received: from pps.filterd (aserp2120.oracle.com [127.0.0.1]) by aserp2120.oracle.com (8.16.0.22/8.16.0.22) with SMTP id wB3JwaRr086200; Mon, 3 Dec 2018 20:09:08 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.com; h=from : to : cc : subject : date : message-id : in-reply-to : references; s=corp-2018-07-02; bh=0t52fLgngXHEH1UGn44+Uw2HE3xbOfQ4NJc5Y8fZs1w=; b=BRqp1y5ZfntM59ay9BfDE/kWnTDhTBqYvoosUr7//8dE9WKWqHmYgIiajfJOFo54VCSt iVOiU4WLSSZ5Uyl8wJcql+ebxSO5atKnVKgOUKtwnIGfHI4h7GNQN74uClNF3196BUol GVOTueNl6HVPPZ7aVOIc3E+pdjyvg+pSoXP8Q1rcalcCMfzPg8EBlMr6Dj7Rzt3tv8v+ j6GPjivj0pS6qiFlPYy+2nYc3Wm3s8LoaRMmgN7/YL64+hQVDhvNMG8laHvh5h7b/xDE cxcLRJmTqxyewMoutlpgnQGb/FyMjmbARu7S73GoFTMV81+UdzQ50WEbINkBtK+ksW9m rg== Received: from userv0022.oracle.com (userv0022.oracle.com [156.151.31.74]) by aserp2120.oracle.com with ESMTP id 2p3j8q8kqn-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Mon, 03 Dec 2018 20:09:07 +0000 Received: from userv0122.oracle.com (userv0122.oracle.com [156.151.31.75]) by userv0022.oracle.com (8.14.4/8.14.4) with ESMTP id wB3K91Kp024324 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Mon, 3 Dec 2018 20:09:02 GMT Received: from abhmp0012.oracle.com (abhmp0012.oracle.com [141.146.116.18]) by userv0122.oracle.com (8.14.4/8.14.4) with ESMTP id wB3K91ph006920; Mon, 3 Dec 2018 20:09:01 GMT Received: from monkey.oracle.com (/50.38.38.67) by default (Oracle Beehive Gateway v4.0) with ESMTP ; Mon, 03 Dec 2018 12:09:01 -0800 From: Mike Kravetz To: linux-mm@kvack.org, linux-kernel@vger.kernel.org Cc: Michal Hocko , Hugh Dickins , Naoya Horiguchi , "Aneesh Kumar K . V" , Andrea Arcangeli , "Kirill A . Shutemov" , Davidlohr Bueso , Prakash Sangappa , Andrew Morton , Mike Kravetz , stable@vger.kernel.org Subject: [PATCH 2/3] hugetlbfs: Use i_mmap_rwsem to fix page fault/truncate race Date: Mon, 3 Dec 2018 12:08:49 -0800 Message-Id: <20181203200850.6460-3-mike.kravetz@oracle.com> X-Mailer: git-send-email 2.17.2 In-Reply-To: <20181203200850.6460-1-mike.kravetz@oracle.com> References: <20181203200850.6460-1-mike.kravetz@oracle.com> X-Proofpoint-Virus-Version: vendor=nai engine=5900 definitions=9096 signatures=668686 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 suspectscore=0 malwarescore=0 phishscore=0 bulkscore=0 spamscore=0 mlxscore=0 mlxlogscore=999 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1810050000 definitions=main-1812030183 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP hugetlbfs page faults can race with truncate and hole punch operations. Current code in the page fault path attempts to handle this by 'backing out' operations if we encounter the race. One obvious omission in the current code is removing a page newly added to the page cache. This is pretty straight forward to address, but there is a more subtle and difficult issue of backing out hugetlb reservations. To handle this correctly, the 'reservation state' before page allocation needs to be noted so that it can be properly backed out. There are four distinct possibilities for reservation state: shared/reserved, shared/no-resv, private/reserved and private/no-resv. Backing out a reservation may require memory allocation which could fail so that needs to be taken into account as well. Instead of writing the required complicated code for this rare occurrence, just eliminate the race. i_mmap_rwsem is now held in read mode for the duration of page fault processing. Hold i_mmap_rwsem longer in truncation and hold punch code to cover the call to remove_inode_hugepages. Cc: Fixes: ebed4bfc8da8 ("hugetlb: fix absurd HugePages_Rsvd") Signed-off-by: Mike Kravetz Signed-off-by: Mike Kravetz --- fs/hugetlbfs/inode.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/fs/hugetlbfs/inode.c b/fs/hugetlbfs/inode.c index 32920a10100e..3244147fc42b 100644 --- a/fs/hugetlbfs/inode.c +++ b/fs/hugetlbfs/inode.c @@ -505,8 +505,8 @@ static int hugetlb_vmtruncate(struct inode *inode, loff_t offset) i_mmap_lock_write(mapping); if (!RB_EMPTY_ROOT(&mapping->i_mmap.rb_root)) hugetlb_vmdelete_list(&mapping->i_mmap, pgoff, 0); - i_mmap_unlock_write(mapping); remove_inode_hugepages(inode, offset, LLONG_MAX); + i_mmap_unlock_write(mapping); return 0; } @@ -540,8 +540,8 @@ static long hugetlbfs_punch_hole(struct inode *inode, loff_t offset, loff_t len) hugetlb_vmdelete_list(&mapping->i_mmap, hole_start >> PAGE_SHIFT, hole_end >> PAGE_SHIFT); - i_mmap_unlock_write(mapping); remove_inode_hugepages(inode, hole_start, hole_end); + i_mmap_unlock_write(mapping); inode_unlock(inode); }