From patchwork Thu Nov 10 20:31:32 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Peter Xu X-Patchwork-Id: 13039317 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id A2AF9C4332F for ; Thu, 10 Nov 2022 20:31:41 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 11CB28E0001; Thu, 10 Nov 2022 15:31:41 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 0CCD76B007E; Thu, 10 Nov 2022 15:31:41 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id EB1028E0001; Thu, 10 Nov 2022 15:31:40 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0016.hostedemail.com [216.40.44.16]) by kanga.kvack.org (Postfix) with ESMTP id DA4506B007D for ; Thu, 10 Nov 2022 15:31:40 -0500 (EST) Received: from smtpin28.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay01.hostedemail.com (Postfix) with ESMTP id AA50D1C7179 for ; Thu, 10 Nov 2022 20:31:40 +0000 (UTC) X-FDA: 80118678360.28.69F8164 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by imf25.hostedemail.com (Postfix) with ESMTP id 475A6A0004 for ; Thu, 10 Nov 2022 20:31:40 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1668112299; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=WQpC1KJZxfuI3Xd3ROAIVllQOpnyDtGxdSkS8bhzCN0=; b=iULCPP+Vzi5lsF2gFdMDK+IzHfo//1rajxUdi6gwfmsRSHPby7nJKCvJGlO729sCO1Mc33 DiS1iEyuvq9Ce3xL8IQOv8FG2r5gA9w6GfahWyhxLJJku2NXEqkc1Ac20JGluBhHn5Y2LX sbyq90wC1dymOlJDofqrPw9ndLeD21M= Received: from mail-qk1-f200.google.com (mail-qk1-f200.google.com [209.85.222.200]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_128_GCM_SHA256) id us-mta-561-UXWpc3TFOZ-WHtP5mCwB3A-1; Thu, 10 Nov 2022 15:31:38 -0500 X-MC-Unique: UXWpc3TFOZ-WHtP5mCwB3A-1 Received: by mail-qk1-f200.google.com with SMTP id de43-20020a05620a372b00b006fae7e5117fso3052385qkb.6 for ; Thu, 10 Nov 2022 12:31:38 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=WQpC1KJZxfuI3Xd3ROAIVllQOpnyDtGxdSkS8bhzCN0=; b=3DJxn+Rrm6ZGjCgbJTtmv17mB8AqDW8MZiqUofLHdN68W3HCjfDP3EeLE3D27OH6NI tONLDMMGGPPyVs4Rr/ylkhxJjky8CJzmNeueVmmam0OgUp69SNNSe9BkwXgyd6porO7G PBdFxkJUrTVDSsoOI+r16tDDD1vO7E/dxplxX/XIUycuNtkP6wRF71uL6XRuYJ5e2TLu d7sDDUoRptb6ZZp6xu+CvJxxQuei0hmKnX/jeyhSH0Nj0LEmLvUXPSNR4VN7QxMlwR33 7uLU17H9pSgO6KNbDvMz45r7ov4q+WrTTlMw/8/cf+2+b/q6rVjDdNUUZSGCMW7OUILx HbIg== X-Gm-Message-State: ACrzQf1v6C5pY6PLxA5Hwms/9XyPcrw4W1LwYKtdMxttFEw+uUUOBKww kEdvF6j2BaL76ixmlr5Eo33u+/8dQC9vEZIcWRQ9CMERhZVAeeLkGob8LT5jwu9P+Y3uFjNYMql 8XL/wfeNZ/pI= X-Received: by 2002:a05:6214:c47:b0:4bb:85b4:fd8e with SMTP id r7-20020a0562140c4700b004bb85b4fd8emr60020947qvj.25.1668112298051; Thu, 10 Nov 2022 12:31:38 -0800 (PST) X-Google-Smtp-Source: AMsMyM6a4bYEEfrparCjbxn+5nTpkS1ttlH0u8PymDLSxp/42P4cYuyUmwamqmx1eFIRs1TCSmTebg== X-Received: by 2002:a05:6214:c47:b0:4bb:85b4:fd8e with SMTP id r7-20020a0562140c4700b004bb85b4fd8emr60020935qvj.25.1668112297792; Thu, 10 Nov 2022 12:31:37 -0800 (PST) Received: from x1n.redhat.com (bras-base-aurron9127w-grc-46-70-31-27-79.dsl.bell.ca. [70.31.27.79]) by smtp.gmail.com with ESMTPSA id i1-20020ac860c1000000b00399edda03dfsm123588qtm.67.2022.11.10.12.31.36 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 10 Nov 2022 12:31:37 -0800 (PST) From: Peter Xu To: linux-kernel@vger.kernel.org, linux-mm@kvack.org Cc: peterx@redhat.com, Andrea Arcangeli , Axel Rasmussen , Ives van Hoorne , Nadav Amit , Andrew Morton , Mike Rapoport Subject: [PATCH v2 2/2] mm/uffd: Sanity check write bit for uffd-wp protected ptes Date: Thu, 10 Nov 2022 15:31:32 -0500 Message-Id: <20221110203132.1498183-3-peterx@redhat.com> X-Mailer: git-send-email 2.37.3 In-Reply-To: <20221110203132.1498183-1-peterx@redhat.com> References: <20221110203132.1498183-1-peterx@redhat.com> MIME-Version: 1.0 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-type: text/plain ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1668112300; a=rsa-sha256; cv=none; b=sWTUGgJ6dG5kZy620m1SXmTEcwXminNr3p5NDlF+DMzXQrZXHm3hQmtWcEPw1QZC+Ou35e 1Cj1TQkENSpYfBDG4MRJ/7InW4IgpVm6I6NLkSVce3xY9OE2VTMpbKE/gb4cnB3pRJP4mj MPZSfq/Ch/Lql+VkirLjIFfesBb0IEM= ARC-Authentication-Results: i=1; imf25.hostedemail.com; dkim=pass header.d=redhat.com header.s=mimecast20190719 header.b=iULCPP+V; dmarc=pass (policy=none) header.from=redhat.com; spf=pass (imf25.hostedemail.com: domain of peterx@redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=peterx@redhat.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1668112300; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=WQpC1KJZxfuI3Xd3ROAIVllQOpnyDtGxdSkS8bhzCN0=; b=bGY9AMg2CzqrDEhnkj09F6SmmsdHLYaUK95o5MTTQPx2ytYsPbKJArp7+Io2cf8smyPYBP jVrKGe2ocJL+2TADNVqkWMq195v7HmEGGYV0oPB8K9iV4EA7xxD52XjQAGP/LW1ixYTptX Z6yaHw1TTd61g9/YXxIa7ordtWUDdXc= Authentication-Results: imf25.hostedemail.com; dkim=pass header.d=redhat.com header.s=mimecast20190719 header.b=iULCPP+V; dmarc=pass (policy=none) header.from=redhat.com; spf=pass (imf25.hostedemail.com: domain of peterx@redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=peterx@redhat.com X-Rspam-User: X-Stat-Signature: rpd4c5wb471hksebxb6de6n59ghzt867 X-Rspamd-Queue-Id: 475A6A0004 X-Rspamd-Server: rspam05 X-HE-Tag: 1668112300-167828 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: Let's add one sanity check for CONFIG_DEBUG_VM on the write bit in whatever chance we have when walking through the pgtables. It can bring the error earlier even before the app notices the data was corrupted on the snapshot. Also it helps us to identify this is a wrong pgtable setup, so hopefully a great information to have for debugging too. Cc: Andrea Arcangeli Signed-off-by: Peter Xu --- arch/x86/include/asm/pgtable.h | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) diff --git a/arch/x86/include/asm/pgtable.h b/arch/x86/include/asm/pgtable.h index 5059799bebe3..64141acf70c8 100644 --- a/arch/x86/include/asm/pgtable.h +++ b/arch/x86/include/asm/pgtable.h @@ -291,7 +291,21 @@ static inline pte_t pte_clear_flags(pte_t pte, pteval_t clear) #ifdef CONFIG_HAVE_ARCH_USERFAULTFD_WP static inline int pte_uffd_wp(pte_t pte) { - return pte_flags(pte) & _PAGE_UFFD_WP; + bool wp = pte_flags(pte) & _PAGE_UFFD_WP; + + /* + * Having write bit for wr-protect-marked present ptes is fatal, + * because it means the uffd-wp bit will be ignored and write will + * just go through. + * + * Use any chance of pgtable walking to verify this (e.g., when + * page swapped out or being migrated for all purposes). It means + * something is already wrong. Tell the admin even before the + * process crashes. We also nail it with wrong pgtable setup. + */ + VM_WARN_ON_ONCE(wp && pte_write(pte)); + + return wp; } static inline pte_t pte_mkuffd_wp(pte_t pte)