From patchwork Thu Jul 21 18:33:36 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Peter Xu X-Patchwork-Id: 12925684 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 3E605C433EF for ; Thu, 21 Jul 2022 18:33:46 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 669B86B0071; Thu, 21 Jul 2022 14:33:45 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 619798E0002; Thu, 21 Jul 2022 14:33:45 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 4BBE58E0001; Thu, 21 Jul 2022 14:33:45 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0013.hostedemail.com [216.40.44.13]) by kanga.kvack.org (Postfix) with ESMTP id 3CA676B0071 for ; Thu, 21 Jul 2022 14:33:45 -0400 (EDT) Received: from smtpin27.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay10.hostedemail.com (Postfix) with ESMTP id EDE76C08FB for ; Thu, 21 Jul 2022 18:33:44 +0000 (UTC) X-FDA: 79711955568.27.159C398 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by imf12.hostedemail.com (Postfix) with ESMTP id 73D244009E for ; Thu, 21 Jul 2022 18:33:44 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1658428423; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=KH2IQ7lvNvosAuw/khX6+zs8dl9iHbPrciywy6iP5nM=; b=MieiINYS0EHwEBlDe1QL9c6vRj7Gfk5z44ToFfGRb8XNpdPgidf8AfVvSAnafUN3p0Eu9x C+9a987qOmTRF1povMN0MsmtpxN+Wzpzy9ux2cN+UTSAxjq+CGu3R53+lLUvKwykuJg8qo bf7gNtkxx41yJB+mqj1gi0DzZNCKrTA= Received: from mail-qv1-f69.google.com (mail-qv1-f69.google.com [209.85.219.69]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-60-ZfYjoijEO06-JBTQwANcjQ-1; Thu, 21 Jul 2022 14:33:42 -0400 X-MC-Unique: ZfYjoijEO06-JBTQwANcjQ-1 Received: by mail-qv1-f69.google.com with SMTP id m11-20020a0cfbab000000b004738181b474so1556651qvp.6 for ; Thu, 21 Jul 2022 11:33:42 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=KH2IQ7lvNvosAuw/khX6+zs8dl9iHbPrciywy6iP5nM=; b=Ek9M1azODclN3OIsBWpj1l5poNt6RPrZj5d4makbvLBopA/nIz4k2uXV8X4hzriLhw G4OfUz2GzCa929klW9X5h26En1ieTGEVOYdyxwntm2Y8QRIk5X7eyPNAl8srUpRMvGUQ cxEhJC65Pl181Rk7K8yZ1gRyxnVitN43yqYJO58wa880SAHwfdcFXheSheTFNSjpesNu Bmoh472f5Uzmtfyiex5mCQOePyZZuUF7dIAde7KdmpmR7HWVbKtRt0uGvk6piP4zk5DD z9FGjGk6yri1IGAAlOGs07SxOMu46YLxGNOtuKEab9MloMV8HZDFVNIUESQWiVtbCt8T WRJw== X-Gm-Message-State: AJIora+51Aeu4YYqmxTvwndFDaS2btIXWg8zs8AcAxU5YqgndXwvDZ7L T78RvfL7SaP5CWxd41eJSDzgj6SSdgxNtCS4p0hvwf2mMPl+E13H3RHBTluAJMP2ZgzCO8r3JTG 1Dr8KezeGATQ= X-Received: by 2002:a05:622a:3d1:b0:31e:f837:6a9f with SMTP id k17-20020a05622a03d100b0031ef8376a9fmr13960523qtx.226.1658428422368; Thu, 21 Jul 2022 11:33:42 -0700 (PDT) X-Google-Smtp-Source: AGRyM1sZ7wKbfXKinHSsJeIWKE6bOHV+sPExv1NjPbvw/3nqalaZMxK+iiLytgOcjEV/BxghohjA8A== X-Received: by 2002:a05:622a:3d1:b0:31e:f837:6a9f with SMTP id k17-20020a05622a03d100b0031ef8376a9fmr13960499qtx.226.1658428422068; Thu, 21 Jul 2022 11:33:42 -0700 (PDT) Received: from localhost.localdomain (bras-base-aurron9127w-grc-35-70-27-3-10.dsl.bell.ca. [70.27.3.10]) by smtp.gmail.com with ESMTPSA id bj9-20020a05620a190900b006a6a7b4e7besm1878519qkb.109.2022.07.21.11.33.40 (version=TLS1_3 cipher=TLS_CHACHA20_POLY1305_SHA256 bits=256/256); Thu, 21 Jul 2022 11:33:41 -0700 (PDT) From: Peter Xu To: linux-kernel@vger.kernel.org, linux-mm@kvack.org Cc: Nadav Amit , peterx@redhat.com, Andrew Morton , David Hildenbrand , Andrea Arcangeli Subject: [PATCH v3 1/3] mm/mprotect: Fix soft-dirty check in can_change_pte_writable() Date: Thu, 21 Jul 2022 14:33:36 -0400 Message-Id: <20220721183338.27871-2-peterx@redhat.com> X-Mailer: git-send-email 2.32.0 In-Reply-To: <20220721183338.27871-1-peterx@redhat.com> References: <20220721183338.27871-1-peterx@redhat.com> MIME-Version: 1.0 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-type: text/plain ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1658428424; a=rsa-sha256; cv=none; b=0Jqlb2fW8iSyWjdGLM9Mn+KJ3UkEFXRStrIul8j12akijuC5PEuX0TKWOp0hZHgU6QjSu6 n6Nne0qKFPfWG0g6VuEAi5fYXHaEmewfWQXd5W8NV3/rEJSZ05tpfMn5jWkCfINTeD0IwH p2x8H3vkd4Wy0Np9iIxtv1XFTOHayIk= ARC-Authentication-Results: i=1; imf12.hostedemail.com; dkim=pass header.d=redhat.com header.s=mimecast20190719 header.b=MieiINYS; dmarc=pass (policy=none) header.from=redhat.com; spf=none (imf12.hostedemail.com: domain of peterx@redhat.com has no SPF policy when checking 170.10.133.124) smtp.mailfrom=peterx@redhat.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1658428424; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=KH2IQ7lvNvosAuw/khX6+zs8dl9iHbPrciywy6iP5nM=; b=gc+BzUzDrnjWgf3ceokdBKj8ICfbxGl2JtiXD7tRUOPhcRbqu2FHtTRd4bYdxCjzZ9y5fv QfS1wXoCsGcFkFHdDDWo6wXhxIMFa/nxN/5W7ZcJY3BHYLD1ykkpADHcOWEmBWP26wk4so PgQk3RTVb/HmNDaYc5IiTzbPOC5c8E4= X-Rspam-User: X-Rspamd-Server: rspam05 X-Rspamd-Queue-Id: 73D244009E X-Stat-Signature: sszsun7yuazn1jowm6y4jokww6w73oyk Authentication-Results: imf12.hostedemail.com; dkim=pass header.d=redhat.com header.s=mimecast20190719 header.b=MieiINYS; dmarc=pass (policy=none) header.from=redhat.com; spf=none (imf12.hostedemail.com: domain of peterx@redhat.com has no SPF policy when checking 170.10.133.124) smtp.mailfrom=peterx@redhat.com X-HE-Tag: 1658428424-741539 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: The check wanted to make sure when soft-dirty tracking is enabled we won't grant write bit by accident, as a page fault is needed for dirty tracking. The intention is correct but we didn't check it right because VM_SOFTDIRTY set actually means soft-dirty tracking disabled. Fix it. There's another thing tricky about soft-dirty is that, we can't check the vma flag !(vma_flags & VM_SOFTDIRTY) directly but only check it after we checked CONFIG_MEM_SOFT_DIRTY because otherwise VM_SOFTDIRTY will be defined as zero, and !(vma_flags & VM_SOFTDIRTY) will constantly return true. To avoid misuse, introduce a helper for checking whether vma has soft-dirty tracking enabled. We can easily verify this with any exclusive anonymous page, like program below: =======8<====== #include #include #include #include #include #include #include #include #include #include #include #include #include #define BIT_ULL(nr) (1ULL << (nr)) #define PM_SOFT_DIRTY BIT_ULL(55) unsigned int psize; char *page; uint64_t pagemap_read_vaddr(int fd, void *vaddr) { uint64_t value; int ret; ret = pread(fd, &value, sizeof(uint64_t), ((uint64_t)vaddr >> 12) * sizeof(uint64_t)); assert(ret == sizeof(uint64_t)); return value; } void clear_refs_write(void) { int fd = open("/proc/self/clear_refs", O_RDWR); assert(fd >= 0); write(fd, "4", 2); close(fd); } #define check_soft_dirty(str, expect) do { \ bool dirty = pagemap_read_vaddr(fd, page) & PM_SOFT_DIRTY; \ if (dirty != expect) { \ printf("ERROR: %s, soft-dirty=%d (expect: %d)\n", str, dirty, expect); \ exit(-1); \ } \ } while (0) int main(void) { int fd = open("/proc/self/pagemap", O_RDONLY); assert(fd >= 0); psize = getpagesize(); page = mmap(NULL, psize, PROT_READ|PROT_WRITE, MAP_ANONYMOUS|MAP_PRIVATE, -1, 0); assert(page != MAP_FAILED); *page = 1; check_soft_dirty("Just faulted in page", 1); clear_refs_write(); check_soft_dirty("Clear_refs written", 0); mprotect(page, psize, PROT_READ); check_soft_dirty("Marked RO", 0); mprotect(page, psize, PROT_READ|PROT_WRITE); check_soft_dirty("Marked RW", 0); *page = 2; check_soft_dirty("Wrote page again", 1); munmap(page, psize); close(fd); printf("Test passed.\n"); return 0; } =======8<====== Here we attach a Fixes to commit 64fe24a3e05e only for easy tracking, as this patch won't apply to a tree before that point. However the commit wasn't the source of problem, it's just that then anonymous memory will also suffer from this problem with mprotect(). Fixes: 64fe24a3e05e ("mm/mprotect: try avoiding write faults for exclusive anonymous pages when changing protection") Signed-off-by: Peter Xu Reviewed-by: David Hildenbrand --- mm/internal.h | 18 ++++++++++++++++++ mm/mmap.c | 2 +- mm/mprotect.c | 2 +- 3 files changed, 20 insertions(+), 2 deletions(-) diff --git a/mm/internal.h b/mm/internal.h index 15e8cb118832..e2d442e3c0b2 100644 --- a/mm/internal.h +++ b/mm/internal.h @@ -860,4 +860,22 @@ struct folio *try_grab_folio(struct page *page, int refs, unsigned int flags); DECLARE_PER_CPU(struct per_cpu_nodestat, boot_nodestats); +static inline bool vma_soft_dirty_enabled(struct vm_area_struct *vma) +{ + /* + * NOTE: we must check this before VM_SOFTDIRTY on soft-dirty + * enablements, because when without soft-dirty being compiled in, + * VM_SOFTDIRTY is defined as 0x0, then !(vm_flags & VM_SOFTDIRTY) + * will be constantly true. + */ + if (!IS_ENABLED(CONFIG_MEM_SOFT_DIRTY)) + return false; + + /* + * Soft-dirty is kind of special: its tracking is enabled when the + * vma flags not set. + */ + return !(vma->vm_flags & VM_SOFTDIRTY); +} + #endif /* __MM_INTERNAL_H */ diff --git a/mm/mmap.c b/mm/mmap.c index 125e8903c93c..93f9913409ea 100644 --- a/mm/mmap.c +++ b/mm/mmap.c @@ -1518,7 +1518,7 @@ int vma_wants_writenotify(struct vm_area_struct *vma, pgprot_t vm_page_prot) return 0; /* Do we need to track softdirty? */ - if (IS_ENABLED(CONFIG_MEM_SOFT_DIRTY) && !(vm_flags & VM_SOFTDIRTY)) + if (vma_soft_dirty_enabled(vma)) return 1; /* Specialty mapping? */ diff --git a/mm/mprotect.c b/mm/mprotect.c index 0420c3ed936c..c403e84129d4 100644 --- a/mm/mprotect.c +++ b/mm/mprotect.c @@ -49,7 +49,7 @@ static inline bool can_change_pte_writable(struct vm_area_struct *vma, return false; /* Do we need write faults for softdirty tracking? */ - if ((vma->vm_flags & VM_SOFTDIRTY) && !pte_soft_dirty(pte)) + if (vma_soft_dirty_enabled(vma) && !pte_soft_dirty(pte)) return false; /* Do we need write faults for uffd-wp tracking? */