From patchwork Wed Jul 14 19:54:36 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Peter Collingbourne X-Patchwork-Id: 12378063 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-17.4 required=3.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_ADSP_CUSTOM_MED,DKIM_SIGNED,DKIM_VALID,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER,INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS, URIBL_BLOCKED,USER_AGENT_GIT autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id E3B35C12002 for ; Wed, 14 Jul 2021 23:25:49 +0000 (UTC) Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id A7C33613CC for ; Wed, 14 Jul 2021 23:25:49 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org A7C33613CC Authentication-Results: mail.kernel.org; dmarc=fail (p=reject dis=none) header.from=google.com Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:Cc:To:From:Subject:References: Mime-Version:Message-Id:In-Reply-To:Date:Reply-To:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Owner; bh=ywCqSAfWza7kIXvTk3bo3Ce2y8o527nmB4sj9omm1Ts=; b=sd1XAtMwrlkNy023IMj+HdzkBK DLw/jocv76fEzjN6GL5rLJqkXEiGOlPMNO4jw9+zlPFrehKaoXh4PEf12Kkn9+eqxyaEYS6jEZSO/ aKStGQmVe8IpVnJRmSsLtc0MHPVmjyMAOmtvTMASrmn9Zi1OhmeSMijrZaWO+lgTU8zJPRmLDAxTH d6ezhYN2JN3Afw/RM0CRJgw4+UcpGIAJC6+70HxfSWZvYFaOb2FxRX7MCQzZ894cT0ReqIL3OAgWK zmAKluQRn0EPJZm+IMaLhm1/1X/HIVbcAajKPkMbd+/+uDc7Q03NN3IX2I2wP/jKAQGOAhH22LyyU Agnn+Mzg==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1m3oDj-00GFZm-Rx; Wed, 14 Jul 2021 23:23:16 +0000 Received: from mail-yb1-xb49.google.com ([2607:f8b0:4864:20::b49]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1m3kxx-00EkH8-PE for linux-arm-kernel@lists.infradead.org; Wed, 14 Jul 2021 19:54:48 +0000 Received: by mail-yb1-xb49.google.com with SMTP id x15-20020a25ce0f0000b029055bb0981111so4283889ybe.7 for ; Wed, 14 Jul 2021 12:54:44 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=axd96HeUtfGiNNDc4+8bXR4zfLF/a1N1P7vPgyys2ck=; b=p0vUAEtFCHedfgBB/Kda4a4RnaFFHv+bAdP7zQkydaQqFJx9jJ761a49mseG2bVI15 3/D0XqnIiC603txnmi2FTRRUbfgLl+HHXAnr13m5UXl8YxhSQ0QKTClJAd6KxsdbhIjY H4uqzIug1QZYlQxVf6fA5pBoAd0TQ2E7xuLcYR1fA/0WE+8QHYBN104j/7w873zJ9f5R erZZhdqihUawTCLCxeEF7uBfsApsp9OC9lfm9TXvJtU7muVOuN8BOm/Xxxav379CT8uU 72uTaCNLuwhs7amGPytjqUpRYx0g9hEkBfx4521VwumSmKiVfYBd0QqKZjhVeY5nDNk8 IbtQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=axd96HeUtfGiNNDc4+8bXR4zfLF/a1N1P7vPgyys2ck=; b=gZZvPoadRS2/8lE9ofKHI4joeS6Rq0UG4btdFviEbYOqi26kqULVswNQ557R2+q1VV xttF09xUOUNgmP2WwI9zphcsDBRT6S7eHRYS8Tfl5eMwuA8UJYgEiE1+GLooTLtGjsBp eESheGIyTjf+RhZmq1rx8Xt6KbeHXGF6m8GDU75VQOi5AX34bmx1nE+asWcrwsrtAvJE 5klevY9T4VKrl9PuuS3vdg5EhMJEW1h/+LEb+h+8Rw4hyLOja/ftWMpoIS65H7J6dJic dMwNtQAY5kGemigzr0iBYWjLlgvqzVrBJI7wS1eb5m3tHkq5MCABRkU7Yqz5z15l5Z21 nZxA== X-Gm-Message-State: AOAM530DgiBo9iTr22eK6WLJA3InDEj5ybxX1WjmRibcThAHsEN1ODCO H5pifXmHuYGKQlt+svJIHy0bk/U= X-Google-Smtp-Source: ABdhPJzCSoT4cnlfhquYyGkYjUxSwK0AckAU98nTGcfrWZ+O9TeCPlaYKRZ1anh2UHEhaqBsESsDqHo= X-Received: from pcc-desktop.svl.corp.google.com ([2620:15c:2ce:200:a993:4290:ae1e:51db]) (user=pcc job=sendgmr) by 2002:a25:e803:: with SMTP id k3mr15145419ybd.268.1626292483379; Wed, 14 Jul 2021 12:54:43 -0700 (PDT) Date: Wed, 14 Jul 2021 12:54:36 -0700 In-Reply-To: <20210714195437.118982-1-pcc@google.com> Message-Id: <20210714195437.118982-2-pcc@google.com> Mime-Version: 1.0 References: <20210714195437.118982-1-pcc@google.com> X-Mailer: git-send-email 2.32.0.93.g670b81a890-goog Subject: [PATCH v5 1/2] userfaultfd: do not untag user pointers From: Peter Collingbourne To: Catalin Marinas , Vincenzo Frascino , Dave Martin , Will Deacon , Andrew Morton , Andrea Arcangeli Cc: Peter Collingbourne , Alistair Delva , Lokesh Gidra , William McVicker , Evgenii Stepanov , Mitch Phillips , Linux ARM , linux-mm@kvack.org, Andrey Konovalov , stable@vger.kernel.org X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20210714_125445_876112_83630C95 X-CRM114-Status: GOOD ( 25.48 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org If a user program uses userfaultfd on ranges of heap memory, it may end up passing a tagged pointer to the kernel in the range.start field of the UFFDIO_REGISTER ioctl. This can happen when using an MTE-capable allocator, or on Android if using the Tagged Pointers feature for MTE readiness [1]. When a fault subsequently occurs, the tag is stripped from the fault address returned to the application in the fault.address field of struct uffd_msg. However, from the application's perspective, the tagged address *is* the memory address, so if the application is unaware of memory tags, it may get confused by receiving an address that is, from its point of view, outside of the bounds of the allocation. We observed this behavior in the kselftest for userfaultfd [2] but other applications could have the same problem. Address this by not untagging pointers passed to the userfaultfd ioctls. Instead, let the system call fail. This will provide an early indication of problems with tag-unaware userspace code instead of letting the code get confused later, and is consistent with how we decided to handle brk/mmap/mremap in commit dcde237319e6 ("mm: Avoid creating virtual address aliases in brk()/mmap()/mremap()"), as well as being consistent with the existing tagged address ABI documentation relating to how ioctl arguments are handled. The code change is a revert of commit 7d0325749a6c ("userfaultfd: untag user pointers") plus some fixups to some additional calls to validate_range that have appeared since then. [1] https://source.android.com/devices/tech/debug/tagged-pointers [2] tools/testing/selftests/vm/userfaultfd.c Signed-off-by: Peter Collingbourne Reviewed-by: Andrey Konovalov Reviewed-by: Catalin Marinas Link: https://linux-review.googlesource.com/id/I761aa9f0344454c482b83fcfcce547db0a25501b Fixes: 63f0c6037965 ("arm64: Introduce prctl() options to control the tagged user addresses ABI") Cc: # 5.4 --- v4: - document the changes more accurately - fix new calls to validate_range Documentation/arm64/tagged-address-abi.rst | 26 +++++++++++++++------- fs/userfaultfd.c | 26 ++++++++++------------ 2 files changed, 30 insertions(+), 22 deletions(-) diff --git a/Documentation/arm64/tagged-address-abi.rst b/Documentation/arm64/tagged-address-abi.rst index 459e6b66ff68..0c9120ec58ae 100644 --- a/Documentation/arm64/tagged-address-abi.rst +++ b/Documentation/arm64/tagged-address-abi.rst @@ -45,14 +45,24 @@ how the user addresses are used by the kernel: 1. User addresses not accessed by the kernel but used for address space management (e.g. ``mprotect()``, ``madvise()``). The use of valid - tagged pointers in this context is allowed with the exception of - ``brk()``, ``mmap()`` and the ``new_address`` argument to - ``mremap()`` as these have the potential to alias with existing - user addresses. - - NOTE: This behaviour changed in v5.6 and so some earlier kernels may - incorrectly accept valid tagged pointers for the ``brk()``, - ``mmap()`` and ``mremap()`` system calls. + tagged pointers in this context is allowed with these exceptions: + + - ``brk()``, ``mmap()`` and the ``new_address`` argument to + ``mremap()`` as these have the potential to alias with existing + user addresses. + + NOTE: This behaviour changed in v5.6 and so some earlier kernels may + incorrectly accept valid tagged pointers for the ``brk()``, + ``mmap()`` and ``mremap()`` system calls. + + - The ``range.start``, ``start`` and ``dst`` arguments to the + ``UFFDIO_*`` ``ioctl()``s used on a file descriptor obtained from + ``userfaultfd()``, as fault addresses subsequently obtained by reading + the file descriptor will be untagged, which may otherwise confuse + tag-unaware programs. + + NOTE: This behaviour changed in v5.14 and so some earlier kernels may + incorrectly accept valid tagged pointers for this system call. 2. User addresses accessed by the kernel (e.g. ``write()``). This ABI relaxation is disabled by default and the application thread needs to diff --git a/fs/userfaultfd.c b/fs/userfaultfd.c index f6e0f0c0d0e5..5c2d806e6ae5 100644 --- a/fs/userfaultfd.c +++ b/fs/userfaultfd.c @@ -1236,23 +1236,21 @@ static __always_inline void wake_userfault(struct userfaultfd_ctx *ctx, } static __always_inline int validate_range(struct mm_struct *mm, - __u64 *start, __u64 len) + __u64 start, __u64 len) { __u64 task_size = mm->task_size; - *start = untagged_addr(*start); - - if (*start & ~PAGE_MASK) + if (start & ~PAGE_MASK) return -EINVAL; if (len & ~PAGE_MASK) return -EINVAL; if (!len) return -EINVAL; - if (*start < mmap_min_addr) + if (start < mmap_min_addr) return -EINVAL; - if (*start >= task_size) + if (start >= task_size) return -EINVAL; - if (len > task_size - *start) + if (len > task_size - start) return -EINVAL; return 0; } @@ -1316,7 +1314,7 @@ static int userfaultfd_register(struct userfaultfd_ctx *ctx, vm_flags |= VM_UFFD_MINOR; } - ret = validate_range(mm, &uffdio_register.range.start, + ret = validate_range(mm, uffdio_register.range.start, uffdio_register.range.len); if (ret) goto out; @@ -1522,7 +1520,7 @@ static int userfaultfd_unregister(struct userfaultfd_ctx *ctx, if (copy_from_user(&uffdio_unregister, buf, sizeof(uffdio_unregister))) goto out; - ret = validate_range(mm, &uffdio_unregister.start, + ret = validate_range(mm, uffdio_unregister.start, uffdio_unregister.len); if (ret) goto out; @@ -1671,7 +1669,7 @@ static int userfaultfd_wake(struct userfaultfd_ctx *ctx, if (copy_from_user(&uffdio_wake, buf, sizeof(uffdio_wake))) goto out; - ret = validate_range(ctx->mm, &uffdio_wake.start, uffdio_wake.len); + ret = validate_range(ctx->mm, uffdio_wake.start, uffdio_wake.len); if (ret) goto out; @@ -1711,7 +1709,7 @@ static int userfaultfd_copy(struct userfaultfd_ctx *ctx, sizeof(uffdio_copy)-sizeof(__s64))) goto out; - ret = validate_range(ctx->mm, &uffdio_copy.dst, uffdio_copy.len); + ret = validate_range(ctx->mm, uffdio_copy.dst, uffdio_copy.len); if (ret) goto out; /* @@ -1768,7 +1766,7 @@ static int userfaultfd_zeropage(struct userfaultfd_ctx *ctx, sizeof(uffdio_zeropage)-sizeof(__s64))) goto out; - ret = validate_range(ctx->mm, &uffdio_zeropage.range.start, + ret = validate_range(ctx->mm, uffdio_zeropage.range.start, uffdio_zeropage.range.len); if (ret) goto out; @@ -1818,7 +1816,7 @@ static int userfaultfd_writeprotect(struct userfaultfd_ctx *ctx, sizeof(struct uffdio_writeprotect))) return -EFAULT; - ret = validate_range(ctx->mm, &uffdio_wp.range.start, + ret = validate_range(ctx->mm, uffdio_wp.range.start, uffdio_wp.range.len); if (ret) return ret; @@ -1866,7 +1864,7 @@ static int userfaultfd_continue(struct userfaultfd_ctx *ctx, unsigned long arg) sizeof(uffdio_continue) - (sizeof(__s64)))) goto out; - ret = validate_range(ctx->mm, &uffdio_continue.range.start, + ret = validate_range(ctx->mm, uffdio_continue.range.start, uffdio_continue.range.len); if (ret) goto out; From patchwork Wed Jul 14 19:54:37 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Peter Collingbourne X-Patchwork-Id: 12378065 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-17.4 required=3.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_ADSP_CUSTOM_MED,DKIM_SIGNED,DKIM_VALID,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER,INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS, URIBL_BLOCKED,USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 5D416C12002 for ; Wed, 14 Jul 2021 23:26:47 +0000 (UTC) Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 2D057613CF for ; Wed, 14 Jul 2021 23:26:47 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 2D057613CF Authentication-Results: mail.kernel.org; dmarc=fail (p=reject dis=none) header.from=google.com Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:Cc:To:From:Subject:References: Mime-Version:Message-Id:In-Reply-To:Date:Reply-To:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Owner; bh=esXfqCn9JT7CcJ5Ar5vACdQ8QcGAot3aKqXmTSMKmT4=; b=HTMUNUp1txQT3RGe53h+IurJP1 BUnj5+tt3vr9qre2zpCB56NIvkMs8/5b8fzbsz0nuvXDf5ZpOlZuKDS9xwrZgqUarTAzyTmaMSAno WCg/Xvo1asxmKxfWc33gSCcz0XzHAycum7OYxBw1w0HYVbBqmORcRpiZiFR7cAZ3yU+vzs6nT2ibN GfETVCg0YEv24uIJ3iIeMg2CpRD52uFqriZRLXPdhPZnW/Inewes2G4JjWHUJcSOw8IxO6j4c9SsF ZiL6Z7fdPO5o/tR03JV2TT5FYCHpeZvwThg71Jcxm6P8NbHFpZT7EykV1Og/+btmwi+u1VV7pVaYd yGaxfz/A==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1m3oEo-00GG0x-9n; Wed, 14 Jul 2021 23:24:22 +0000 Received: from mail-yb1-xb4a.google.com ([2607:f8b0:4864:20::b4a]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1m3ky0-00EkIV-Jc for linux-arm-kernel@lists.infradead.org; Wed, 14 Jul 2021 19:54:50 +0000 Received: by mail-yb1-xb4a.google.com with SMTP id a4-20020a25f5040000b029054df41d5cceso4227040ybe.18 for ; Wed, 14 Jul 2021 12:54:46 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=B2T/QoILMvWNJwGEC8KUZ3dRqSE7FSHo/f6R3sq7KQ0=; b=XZsShrzrStmjVySs21Gzk2A2FMCDoAPRdGrEO2gWNOpRoYsuDg8nW1yTSHBtW/k5lr qtwJsxcGpiaqdZLPzbgcwOuod9AVtpIpJ9JGbyVnZ7C85SNBdB7CRkXBY442pdSdx3Ji VjTkW53yAnDvSJUGrSRXLw2zrOgNRXsMHn9lkeEl+tjAw9jAz/6DhNvgBEarrZybI8gr bk8n1dUNlf9vKF27JWWt7aMSl7rZf3fZaVz2+7l/HMtvjCKTYIkGw/jQBryZQYpaAmSH UKvID81ySSnv9WulZYDkG3dWXTWeQsexbhyMo3JKuIlM6nSuE4Mtgkh0icAlJ4k/OurB 9dXQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=B2T/QoILMvWNJwGEC8KUZ3dRqSE7FSHo/f6R3sq7KQ0=; b=D0JWeWXBOHlVd5VBpCIyPBGIfeScdTNH2x2AfyUKb7JYIeS2Dg7f4ppKVxw4mmWBGA aEOawByFM89XUWGsJGaOuOPYSeHdS4VIZ0r8rLF+MkCD1EBsurA514sJfs86fbkk/TZh +Qhwx+yzoquVnIS18apQQn394hPefiGoBQvnJQLZkkkdhbOdPd8KF0YFWZsvmESVn6dU HHinRm3tIZu860BMmDaF8jqpDmR3BMTM2x0XFv43snsiOlEP27WicgzvFckJ0k8iOUS3 GZRTy8R5EQ524oKPOE89uiZvvoknfo+PSCzxbUV4d1KeeJ5PpezGemFCMyMQDbr8t68u ZW0Q== X-Gm-Message-State: AOAM533qdMeutQ8jVz1X/ZluNbdEIFUrFxOVaoybi1QW36vXgPfrFn+1 6kMQ/HsesQfQ0EWnVxRDM8LzqgA= X-Google-Smtp-Source: ABdhPJxHHuofGRrNpyWOKcdgFFhfd4tvNc6mNmwkGOkCIjfVdw6REnbEpqsPyP88Cl2HzCm8oQINk34= X-Received: from pcc-desktop.svl.corp.google.com ([2620:15c:2ce:200:a993:4290:ae1e:51db]) (user=pcc job=sendgmr) by 2002:a25:2651:: with SMTP id m78mr15159674ybm.372.1626292485613; Wed, 14 Jul 2021 12:54:45 -0700 (PDT) Date: Wed, 14 Jul 2021 12:54:37 -0700 In-Reply-To: <20210714195437.118982-1-pcc@google.com> Message-Id: <20210714195437.118982-3-pcc@google.com> Mime-Version: 1.0 References: <20210714195437.118982-1-pcc@google.com> X-Mailer: git-send-email 2.32.0.93.g670b81a890-goog Subject: [PATCH v5 2/2] selftest: use mmap instead of posix_memalign to allocate memory From: Peter Collingbourne To: Catalin Marinas , Vincenzo Frascino , Dave Martin , Will Deacon , Andrew Morton , Andrea Arcangeli Cc: Peter Collingbourne , Alistair Delva , Lokesh Gidra , William McVicker , Evgenii Stepanov , Mitch Phillips , Linux ARM , linux-mm@kvack.org, Andrey Konovalov , stable@vger.kernel.org X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20210714_125448_684412_D531D3BF X-CRM114-Status: GOOD ( 13.08 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org This test passes pointers obtained from anon_allocate_area to the userfaultfd and mremap APIs. This causes a problem if the system allocator returns tagged pointers because with the tagged address ABI the kernel rejects tagged addresses passed to these APIs, which would end up causing the test to fail. To make this test compatible with such system allocators, stop using the system allocator to allocate memory in anon_allocate_area, and instead just use mmap. Co-developed-by: Lokesh Gidra Signed-off-by: Lokesh Gidra Signed-off-by: Peter Collingbourne Reviewed-by: Catalin Marinas Fixes: c47174fc362a ("userfaultfd: selftest") Cc: # 5.4 Link: https://linux-review.googlesource.com/id/Icac91064fcd923f77a83e8e133f8631c5b8fc241 --- v5: - rebase to 5.14rc1 N.B. when backporting to stable branches, please use the v4 of this patch: https://lore.kernel.org/linux-mm/20210707184313.3697385-3-pcc@google.com/ tools/testing/selftests/vm/userfaultfd.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/tools/testing/selftests/vm/userfaultfd.c b/tools/testing/selftests/vm/userfaultfd.c index e363bdaff59d..2ea438e6b8b1 100644 --- a/tools/testing/selftests/vm/userfaultfd.c +++ b/tools/testing/selftests/vm/userfaultfd.c @@ -210,8 +210,10 @@ static void anon_release_pages(char *rel_area) static void anon_allocate_area(void **alloc_area) { - if (posix_memalign(alloc_area, page_size, nr_pages * page_size)) - err("posix_memalign() failed"); + *alloc_area = mmap(NULL, nr_pages * page_size, PROT_READ | PROT_WRITE, + MAP_ANONYMOUS | MAP_PRIVATE, -1, 0); + if (*alloc_area == MAP_FAILED) + err("mmap of anonymous memory failed"); } static void noop_alias_mapping(__u64 *start, size_t len, unsigned long offset)