| Message ID | 20190212025632.28946-25-peterx@redhat.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | userfaultfd: write protection support | expand |
On Tue, Feb 12, 2019 at 10:56:30AM +0800, Peter Xu wrote: > From: Martin Cracauer <cracauer@cons.org> > > Adds documentation about the write protection support. > > Signed-off-by: Andrea Arcangeli <aarcange@redhat.com> > [peterx: rewrite in rst format; fixups here and there] > Signed-off-by: Peter Xu <peterx@redhat.com> Reviewed-by: Jérôme Glisse <jglisse@redhat.com> > --- > Documentation/admin-guide/mm/userfaultfd.rst | 51 ++++++++++++++++++++ > 1 file changed, 51 insertions(+) > > diff --git a/Documentation/admin-guide/mm/userfaultfd.rst b/Documentation/admin-guide/mm/userfaultfd.rst > index 5048cf661a8a..c30176e67900 100644 > --- a/Documentation/admin-guide/mm/userfaultfd.rst > +++ b/Documentation/admin-guide/mm/userfaultfd.rst > @@ -108,6 +108,57 @@ UFFDIO_COPY. They're atomic as in guaranteeing that nothing can see an > half copied page since it'll keep userfaulting until the copy has > finished. > > +Notes: > + > +- If you requested UFFDIO_REGISTER_MODE_MISSING when registering then > + you must provide some kind of page in your thread after reading from > + the uffd. You must provide either UFFDIO_COPY or UFFDIO_ZEROPAGE. > + The normal behavior of the OS automatically providing a zero page on > + an annonymous mmaping is not in place. > + > +- None of the page-delivering ioctls default to the range that you > + registered with. You must fill in all fields for the appropriate > + ioctl struct including the range. > + > +- You get the address of the access that triggered the missing page > + event out of a struct uffd_msg that you read in the thread from the > + uffd. You can supply as many pages as you want with UFFDIO_COPY or > + UFFDIO_ZEROPAGE. Keep in mind that unless you used DONTWAKE then > + the first of any of those IOCTLs wakes up the faulting thread. > + > +- Be sure to test for all errors including (pollfd[0].revents & > + POLLERR). This can happen, e.g. when ranges supplied were > + incorrect. > + > +Write Protect Notifications > +--------------------------- > + > +This is equivalent to (but faster than) using mprotect and a SIGSEGV > +signal handler. > + > +Firstly you need to register a range with UFFDIO_REGISTER_MODE_WP. > +Instead of using mprotect(2) you use ioctl(uffd, UFFDIO_WRITEPROTECT, > +struct *uffdio_writeprotect) while mode = UFFDIO_WRITEPROTECT_MODE_WP > +in the struct passed in. The range does not default to and does not > +have to be identical to the range you registered with. You can write > +protect as many ranges as you like (inside the registered range). > +Then, in the thread reading from uffd the struct will have > +msg.arg.pagefault.flags & UFFD_PAGEFAULT_FLAG_WP set. Now you send > +ioctl(uffd, UFFDIO_WRITEPROTECT, struct *uffdio_writeprotect) again > +while pagefault.mode does not have UFFDIO_WRITEPROTECT_MODE_WP set. > +This wakes up the thread which will continue to run with writes. This > +allows you to do the bookkeeping about the write in the uffd reading > +thread before the ioctl. > + > +If you registered with both UFFDIO_REGISTER_MODE_MISSING and > +UFFDIO_REGISTER_MODE_WP then you need to think about the sequence in > +which you supply a page and undo write protect. Note that there is a > +difference between writes into a WP area and into a !WP area. The > +former will have UFFD_PAGEFAULT_FLAG_WP set, the latter > +UFFD_PAGEFAULT_FLAG_WRITE. The latter did not fail on protection but > +you still need to supply a page when UFFDIO_REGISTER_MODE_MISSING was > +used. > + > QEMU/KVM > ======== > > -- > 2.17.1 >
On Tue, Feb 12, 2019 at 10:56:30AM +0800, Peter Xu wrote: > From: Martin Cracauer <cracauer@cons.org> > > Adds documentation about the write protection support. > > Signed-off-by: Andrea Arcangeli <aarcange@redhat.com> > [peterx: rewrite in rst format; fixups here and there] > Signed-off-by: Peter Xu <peterx@redhat.com> Reviewed-by: Mike Rapoport <rppt@linux.ibm.com> Peter, can you please also update the man pages (1, 2)? [1] http://man7.org/linux/man-pages/man2/userfaultfd.2.html [2] http://man7.org/linux/man-pages/man2/ioctl_userfaultfd.2.html > --- > Documentation/admin-guide/mm/userfaultfd.rst | 51 ++++++++++++++++++++ > 1 file changed, 51 insertions(+) > > diff --git a/Documentation/admin-guide/mm/userfaultfd.rst b/Documentation/admin-guide/mm/userfaultfd.rst > index 5048cf661a8a..c30176e67900 100644 > --- a/Documentation/admin-guide/mm/userfaultfd.rst > +++ b/Documentation/admin-guide/mm/userfaultfd.rst > @@ -108,6 +108,57 @@ UFFDIO_COPY. They're atomic as in guaranteeing that nothing can see an > half copied page since it'll keep userfaulting until the copy has > finished. > > +Notes: > + > +- If you requested UFFDIO_REGISTER_MODE_MISSING when registering then > + you must provide some kind of page in your thread after reading from > + the uffd. You must provide either UFFDIO_COPY or UFFDIO_ZEROPAGE. > + The normal behavior of the OS automatically providing a zero page on > + an annonymous mmaping is not in place. > + > +- None of the page-delivering ioctls default to the range that you > + registered with. You must fill in all fields for the appropriate > + ioctl struct including the range. > + > +- You get the address of the access that triggered the missing page > + event out of a struct uffd_msg that you read in the thread from the > + uffd. You can supply as many pages as you want with UFFDIO_COPY or > + UFFDIO_ZEROPAGE. Keep in mind that unless you used DONTWAKE then > + the first of any of those IOCTLs wakes up the faulting thread. > + > +- Be sure to test for all errors including (pollfd[0].revents & > + POLLERR). This can happen, e.g. when ranges supplied were > + incorrect. > + > +Write Protect Notifications > +--------------------------- > + > +This is equivalent to (but faster than) using mprotect and a SIGSEGV > +signal handler. > + > +Firstly you need to register a range with UFFDIO_REGISTER_MODE_WP. > +Instead of using mprotect(2) you use ioctl(uffd, UFFDIO_WRITEPROTECT, > +struct *uffdio_writeprotect) while mode = UFFDIO_WRITEPROTECT_MODE_WP > +in the struct passed in. The range does not default to and does not > +have to be identical to the range you registered with. You can write > +protect as many ranges as you like (inside the registered range). > +Then, in the thread reading from uffd the struct will have > +msg.arg.pagefault.flags & UFFD_PAGEFAULT_FLAG_WP set. Now you send > +ioctl(uffd, UFFDIO_WRITEPROTECT, struct *uffdio_writeprotect) again > +while pagefault.mode does not have UFFDIO_WRITEPROTECT_MODE_WP set. > +This wakes up the thread which will continue to run with writes. This > +allows you to do the bookkeeping about the write in the uffd reading > +thread before the ioctl. > + > +If you registered with both UFFDIO_REGISTER_MODE_MISSING and > +UFFDIO_REGISTER_MODE_WP then you need to think about the sequence in > +which you supply a page and undo write protect. Note that there is a > +difference between writes into a WP area and into a !WP area. The > +former will have UFFD_PAGEFAULT_FLAG_WP set, the latter > +UFFD_PAGEFAULT_FLAG_WRITE. The latter did not fail on protection but > +you still need to supply a page when UFFDIO_REGISTER_MODE_MISSING was > +used. > + > QEMU/KVM > ======== > > -- > 2.17.1 >
On Mon, Feb 25, 2019 at 11:19:32PM +0200, Mike Rapoport wrote: > On Tue, Feb 12, 2019 at 10:56:30AM +0800, Peter Xu wrote: > > From: Martin Cracauer <cracauer@cons.org> > > > > Adds documentation about the write protection support. > > > > Signed-off-by: Andrea Arcangeli <aarcange@redhat.com> > > [peterx: rewrite in rst format; fixups here and there] > > Signed-off-by: Peter Xu <peterx@redhat.com> > > Reviewed-by: Mike Rapoport <rppt@linux.ibm.com> > > Peter, can you please also update the man pages (1, 2)? > > [1] http://man7.org/linux/man-pages/man2/userfaultfd.2.html > [2] http://man7.org/linux/man-pages/man2/ioctl_userfaultfd.2.html Sure. Should I post the man patches after the kernel part is merged? Thanks,
On Tue, Feb 26, 2019 at 02:53:42PM +0800, Peter Xu wrote: > On Mon, Feb 25, 2019 at 11:19:32PM +0200, Mike Rapoport wrote: > > On Tue, Feb 12, 2019 at 10:56:30AM +0800, Peter Xu wrote: > > > From: Martin Cracauer <cracauer@cons.org> > > > > > > Adds documentation about the write protection support. > > > > > > Signed-off-by: Andrea Arcangeli <aarcange@redhat.com> > > > [peterx: rewrite in rst format; fixups here and there] > > > Signed-off-by: Peter Xu <peterx@redhat.com> > > > > Reviewed-by: Mike Rapoport <rppt@linux.ibm.com> > > > > Peter, can you please also update the man pages (1, 2)? > > > > [1] http://man7.org/linux/man-pages/man2/userfaultfd.2.html > > [2] http://man7.org/linux/man-pages/man2/ioctl_userfaultfd.2.html > > Sure. Should I post the man patches after the kernel part is merged? Yep, once we know for sure what's the API kernel will expose. > Thanks, > > -- > Peter Xu >
On Tue, Feb 26, 2019 at 09:04:25AM +0200, Mike Rapoport wrote: > On Tue, Feb 26, 2019 at 02:53:42PM +0800, Peter Xu wrote: > > On Mon, Feb 25, 2019 at 11:19:32PM +0200, Mike Rapoport wrote: > > > On Tue, Feb 12, 2019 at 10:56:30AM +0800, Peter Xu wrote: > > > > From: Martin Cracauer <cracauer@cons.org> > > > > > > > > Adds documentation about the write protection support. > > > > > > > > Signed-off-by: Andrea Arcangeli <aarcange@redhat.com> > > > > [peterx: rewrite in rst format; fixups here and there] > > > > Signed-off-by: Peter Xu <peterx@redhat.com> > > > > > > Reviewed-by: Mike Rapoport <rppt@linux.ibm.com> > > > > > > Peter, can you please also update the man pages (1, 2)? > > > > > > [1] http://man7.org/linux/man-pages/man2/userfaultfd.2.html > > > [2] http://man7.org/linux/man-pages/man2/ioctl_userfaultfd.2.html > > > > Sure. Should I post the man patches after the kernel part is merged? > > Yep, once we know for sure what's the API kernel will expose. I see, thanks. Then I'll probably wait until the series got merged to be safe since so far we still have discussion on the interfaces (especially the DONTWAKE flags).
diff --git a/Documentation/admin-guide/mm/userfaultfd.rst b/Documentation/admin-guide/mm/userfaultfd.rst index 5048cf661a8a..c30176e67900 100644 --- a/Documentation/admin-guide/mm/userfaultfd.rst +++ b/Documentation/admin-guide/mm/userfaultfd.rst @@ -108,6 +108,57 @@ UFFDIO_COPY. They're atomic as in guaranteeing that nothing can see an half copied page since it'll keep userfaulting until the copy has finished. +Notes: + +- If you requested UFFDIO_REGISTER_MODE_MISSING when registering then + you must provide some kind of page in your thread after reading from + the uffd. You must provide either UFFDIO_COPY or UFFDIO_ZEROPAGE. + The normal behavior of the OS automatically providing a zero page on + an annonymous mmaping is not in place. + +- None of the page-delivering ioctls default to the range that you + registered with. You must fill in all fields for the appropriate + ioctl struct including the range. + +- You get the address of the access that triggered the missing page + event out of a struct uffd_msg that you read in the thread from the + uffd. You can supply as many pages as you want with UFFDIO_COPY or + UFFDIO_ZEROPAGE. Keep in mind that unless you used DONTWAKE then + the first of any of those IOCTLs wakes up the faulting thread. + +- Be sure to test for all errors including (pollfd[0].revents & + POLLERR). This can happen, e.g. when ranges supplied were + incorrect. + +Write Protect Notifications +--------------------------- + +This is equivalent to (but faster than) using mprotect and a SIGSEGV +signal handler. + +Firstly you need to register a range with UFFDIO_REGISTER_MODE_WP. +Instead of using mprotect(2) you use ioctl(uffd, UFFDIO_WRITEPROTECT, +struct *uffdio_writeprotect) while mode = UFFDIO_WRITEPROTECT_MODE_WP +in the struct passed in. The range does not default to and does not +have to be identical to the range you registered with. You can write +protect as many ranges as you like (inside the registered range). +Then, in the thread reading from uffd the struct will have +msg.arg.pagefault.flags & UFFD_PAGEFAULT_FLAG_WP set. Now you send +ioctl(uffd, UFFDIO_WRITEPROTECT, struct *uffdio_writeprotect) again +while pagefault.mode does not have UFFDIO_WRITEPROTECT_MODE_WP set. +This wakes up the thread which will continue to run with writes. This +allows you to do the bookkeeping about the write in the uffd reading +thread before the ioctl. + +If you registered with both UFFDIO_REGISTER_MODE_MISSING and +UFFDIO_REGISTER_MODE_WP then you need to think about the sequence in +which you supply a page and undo write protect. Note that there is a +difference between writes into a WP area and into a !WP area. The +former will have UFFD_PAGEFAULT_FLAG_WP set, the latter +UFFD_PAGEFAULT_FLAG_WRITE. The latter did not fail on protection but +you still need to supply a page when UFFDIO_REGISTER_MODE_MISSING was +used. + QEMU/KVM ========