From patchwork Tue Jul 24 12:11:37 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Kirill A . Shutemov" X-Patchwork-Id: 10541997 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 966D6112B for ; Tue, 24 Jul 2018 12:11:48 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 860FD2886F for ; Tue, 24 Jul 2018 12:11:48 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 79E4B28872; Tue, 24 Jul 2018 12:11:48 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,MAILING_LIST_MULTI, RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id DE6112886F for ; Tue, 24 Jul 2018 12:11:47 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 386296B0266; Tue, 24 Jul 2018 08:11:44 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id 3629F6B0006; Tue, 24 Jul 2018 08:11:44 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 1FDAD6B026E; Tue, 24 Jul 2018 08:11:44 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-pg1-f199.google.com (mail-pg1-f199.google.com [209.85.215.199]) by kanga.kvack.org (Postfix) with ESMTP id D2D9E6B0006 for ; Tue, 24 Jul 2018 08:11:43 -0400 (EDT) Received: by mail-pg1-f199.google.com with SMTP id m25-v6so2441761pgv.22 for ; Tue, 24 Jul 2018 05:11:43 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-original-authentication-results:x-gm-message-state:from:to:cc :subject:date:message-id:in-reply-to:references; bh=TLDTiIqR8ohtTrrRP/zrFI9n6UPkXIbfbErHONiQSqM=; b=N3FEbGfV+DNfy7rRulSQB2h7jW9rptn0Id7UUcvzrN4tOk7q9Mvsoz4+xa4/TqEjC+ pt7dLEiNW4EhV2PZhsXpiLcbQuPmYsCEboJs0DlfQ9jmX6TWlTOeTc0HusIdsfzsVdae S6iAnOdbD8oe4mQyRU5bP6WfPZ3P1Xiwn93sprw8gk2pZIO0knCALEthCyiy4Moko/Xz QbhWVEPndGCagLnrO8XD1oQV0/O0qWBdXJBFzrMRK2QX8F5AH5YWkiPFegbPpv6oz1u+ Kwm96uuRpPNS+QXNtw8Ck76XBpo8rtTWrfn2b1iJ2r72kImi+Pvr3K2uli9WdYnAoLLN 0I7A== X-Original-Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of kirill.shutemov@linux.intel.com designates 192.55.52.43 as permitted sender) smtp.mailfrom=kirill.shutemov@linux.intel.com; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com X-Gm-Message-State: AOUpUlFEZYHTpstdsoq+nZcxDD8Q03xxGMDtQ4HWwxXXlrr8ADOPNb01 L2VSakVGcRb1BmublNg3E7+NFyVG90b7yVf6gh/D4cxRcyTogp81mvEYOYUoKzKUNsbce1qfMsQ lZvx/R21aWCr1fvPDfsj5r8d/xtHPYBSIDiUKnYwZDps5rZsetU1izqzUv0ZUVWdfuQ== X-Received: by 2002:a63:2b89:: with SMTP id r131-v6mr15723360pgr.39.1532434303547; Tue, 24 Jul 2018 05:11:43 -0700 (PDT) X-Google-Smtp-Source: AAOMgpf23dL0tY3EA7U5oGsWl4p1rI10YEEX1imbuiAGcSIUdCQVz6f3ggS9uT1mCc7Yl1wvOLJS X-Received: by 2002:a63:2b89:: with SMTP id r131-v6mr15723321pgr.39.1532434302895; Tue, 24 Jul 2018 05:11:42 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1532434302; cv=none; d=google.com; s=arc-20160816; b=zktF0wB8ljAJVt/8sOlHAxFOsoOnLDoFhV2VP1XKrqaNIzjeOzWWrQX7xcuItofz8a fdhTffEHWMMATEvY1Jn278yu5v3UehZo0NBvkS5dySNndqdoXNAs9Oa3KB8odiHaWVZW DPKUqrsu0tBsUan7FpMcAkfMnkId5F1h5G8RhPbt7SXTWvEasup/jrnObiT8BiGFOiFL UkZlg/4yuObjjViHKQHvH2Ghr/XbY1kfExUh6iSJsfEhQ43YuXnCdOfQ4m8T5vzWbm2d 5h2KyDr+jKmWrdaXBrLIpLgyOr4theLpog5IObYLecvwG+CCRKnS52uM8I5JTbC06/jJ uDkA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=references:in-reply-to:message-id:date:subject:cc:to:from :arc-authentication-results; bh=TLDTiIqR8ohtTrrRP/zrFI9n6UPkXIbfbErHONiQSqM=; b=yiVIWty5ksEnzMDegnKTytH7mo8SlkbgLLZ9QtR8blpkd937SaPo/ctRP/7waTvnLz 7GCg/FDQRig9rmoFTDfyuc8GBtbVybLWqtnYH76ZCCuxi68Z9P+ULLGOka9XKXvfhDm6 EmorObeWAVyVlUWMiVvNUvmqZOqBTjIgKPN+e6R/vJ6xY1QCkMbNPu4XBMc+dSNUbKfa Q34HVASfx2WIcgErIOnt3WHT8JUWXmWgG+VqiX6bY6WNeWW0iRf9rD7qJVIfD42r8jLt tXcZcU+9dPMEagTkOiLMZtF1msrOGioWwWfmMl8Wnr4gMtYiRQefgf9sHR9jcwiTKWDT njxw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of kirill.shutemov@linux.intel.com designates 192.55.52.43 as permitted sender) smtp.mailfrom=kirill.shutemov@linux.intel.com; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from mga05.intel.com (mga05.intel.com. [192.55.52.43]) by mx.google.com with ESMTPS id a1-v6si9557891pgq.387.2018.07.24.05.11.42 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 24 Jul 2018 05:11:42 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of kirill.shutemov@linux.intel.com designates 192.55.52.43 as permitted sender) client-ip=192.55.52.43; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of kirill.shutemov@linux.intel.com designates 192.55.52.43 as permitted sender) smtp.mailfrom=kirill.shutemov@linux.intel.com; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga007.jf.intel.com ([10.7.209.58]) by fmsmga105.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 24 Jul 2018 05:11:42 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.51,397,1526367600"; d="scan'208";a="59028635" Received: from black.fi.intel.com ([10.237.72.28]) by orsmga007.jf.intel.com with ESMTP; 24 Jul 2018 05:11:39 -0700 Received: by black.fi.intel.com (Postfix, from userid 1000) id D0C0C5A; Tue, 24 Jul 2018 15:11:47 +0300 (EEST) From: "Kirill A. Shutemov" To: Andrew Morton , Linus Torvalds Cc: Dmitry Vyukov , Oleg Nesterov , Andrea Arcangeli , linux-mm@kvack.org, linux-kernel@vger.kernel.org, "Kirill A. Shutemov" Subject: [PATCHv3 1/3] mm: Introduce vma_init() Date: Tue, 24 Jul 2018 15:11:37 +0300 Message-Id: <20180724121139.62570-2-kirill.shutemov@linux.intel.com> X-Mailer: git-send-email 2.18.0 In-Reply-To: <20180724121139.62570-1-kirill.shutemov@linux.intel.com> References: <20180724121139.62570-1-kirill.shutemov@linux.intel.com> X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP Not all VMAs allocated with vm_area_alloc(). Some of them allocated on stack or in data segment. The new helper can be use to initialize VMA properly regardless where it was allocated. Signed-off-by: Kirill A. Shutemov Signed-off-by: Andrew Morton --- include/linux/mm.h | 6 ++++++ kernel/fork.c | 6 ++---- 2 files changed, 8 insertions(+), 4 deletions(-) diff --git a/include/linux/mm.h b/include/linux/mm.h index d3a3842316b8..31540f166987 100644 --- a/include/linux/mm.h +++ b/include/linux/mm.h @@ -452,6 +452,12 @@ struct vm_operations_struct { unsigned long addr); }; +static inline void vma_init(struct vm_area_struct *vma, struct mm_struct *mm) +{ + vma->vm_mm = mm; + INIT_LIST_HEAD(&vma->anon_vma_chain); +} + struct mmu_gather; struct inode; diff --git a/kernel/fork.c b/kernel/fork.c index a191c05e757d..1b27babc4c78 100644 --- a/kernel/fork.c +++ b/kernel/fork.c @@ -312,10 +312,8 @@ struct vm_area_struct *vm_area_alloc(struct mm_struct *mm) { struct vm_area_struct *vma = kmem_cache_zalloc(vm_area_cachep, GFP_KERNEL); - if (vma) { - vma->vm_mm = mm; - INIT_LIST_HEAD(&vma->anon_vma_chain); - } + if (vma) + vma_init(vma, mm); return vma; } From patchwork Tue Jul 24 12:11:38 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Kirill A . Shutemov" X-Patchwork-Id: 10541999 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 98DEC1822 for ; Tue, 24 Jul 2018 12:11:51 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 874462886F for ; Tue, 24 Jul 2018 12:11:51 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 7B78C28872; Tue, 24 Jul 2018 12:11:51 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,MAILING_LIST_MULTI, RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id D10422886F for ; Tue, 24 Jul 2018 12:11:50 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 65F966B0006; Tue, 24 Jul 2018 08:11:44 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id 496926B026E; Tue, 24 Jul 2018 08:11:44 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 30EB46B0272; Tue, 24 Jul 2018 08:11:44 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-pl0-f72.google.com (mail-pl0-f72.google.com [209.85.160.72]) by kanga.kvack.org (Postfix) with ESMTP id E259D6B0269 for ; Tue, 24 Jul 2018 08:11:43 -0400 (EDT) Received: by mail-pl0-f72.google.com with SMTP id 31-v6so2803988pld.6 for ; Tue, 24 Jul 2018 05:11:43 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-original-authentication-results:x-gm-message-state:from:to:cc :subject:date:message-id:in-reply-to:references; bh=5670FhVTofMg5faHkDRKCzP81yphjlNKizqLvy2hkZ8=; b=L6uBfSMMld+hptEVXX/EtCwDuddzs+1KsYADuTCwzl+3xbntJWzW1/+b8DHkBhjc8L J5zbe1EhuNEYzn0v1JsFLnS9plNPyiTwO8+HDsyquGbJ6sIPvXgYxZGBg4cDOLcZZpY0 lJ4H+aXmTUc5auIdSMuucswoinDwjSbfFjIdMQmlm6whyVqHXV8r214AaSusjrIB6vqE JSULqg/UJUY5FNfHluON55UmRFJ/LeDsnrxKvkdKdUGZp5GJQkIKm++eaKC4P74MrRzk 2mnrE0C4jYBRebarJDyhODZOCQfBSW7B5Af8SehCNRCjixXatMikpZSOF/03j85vI9w+ KSwA== X-Original-Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of kirill.shutemov@linux.intel.com designates 134.134.136.100 as permitted sender) smtp.mailfrom=kirill.shutemov@linux.intel.com; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com X-Gm-Message-State: AOUpUlFsiEQUBG7SeK2w6AS+QtiJxztI8Ma6vvZcYCqyXA8PqMCOBwKV bAehepmsLVnx4heTN66/oiyWyeg9aeURcSHfqKfKS5eXobCsg7ucbTZVTyFPGi+wVXd4MHsBss1 CpQzV1d9WjralWvztrFPLgPPfiBHikLLbs23HQB9NRVo3GksUDR7zaRz/zoSo5KOVTA== X-Received: by 2002:a65:6551:: with SMTP id a17-v6mr16167899pgw.132.1532434303574; Tue, 24 Jul 2018 05:11:43 -0700 (PDT) X-Google-Smtp-Source: AAOMgpexsdoRRZDlXE//z2QS5knJc4Ow5/bBHbTGmMJcYc80CIsehLUrGA1IrIimbt4d4zFg5YFb X-Received: by 2002:a65:6551:: with SMTP id a17-v6mr16167851pgw.132.1532434302656; Tue, 24 Jul 2018 05:11:42 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1532434302; cv=none; d=google.com; s=arc-20160816; b=J6DgpJ55+UEFsnmUVZk3R2w1TgxwkrczvXTTWQUWd2wfdruyYTjo7Eb4i8G0GylIbg 2Zq+nPaukYBM79MyI4vECbkSEaa6IVXUXFMC7WxEvRkFOMd5u/zJIFhSbkIhoFShJ8gT fXvuq0L1T+4l0AOwW5MdaKHtx4ZxFZupEBBH2rIAmablM79cHAxjXn3Yn2OdN0iPiTai bYfu74c0RjaZaehTMRSZXmls4Z9dsob52Cxd5g6mEl7qsqpsqfq+0PyzU6tk019jV/tL eR/MaFNE1YglPPPsX+uNjkhJzAogfcvGjNCpKyHkEjQexQsCxEb8SMaOFDIQUyioJlLB Lsxg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=references:in-reply-to:message-id:date:subject:cc:to:from :arc-authentication-results; bh=5670FhVTofMg5faHkDRKCzP81yphjlNKizqLvy2hkZ8=; b=j1T1tNmlkPU22UjJEFawKPRGwnkYODrlnd81EJfso9lB60Qaxzb/M1XJgKRPvrEoqh 2rnv4msXjCtgu9qjGdh/Ri7JYR9C2sdW/bGmz4oUecxdnTYmwN262MFCRkaqpIOt2Wv/ syEWmOeFQJkq4iUFFY2RNWleKRc2MVzzo5cMC7NNC7Y09ljPqqfmoVEizcldLHZPujD2 QHRESubKlrp1qP8wXEksc66e2MTHttwsDakS6aP9jQiO5L9TcFNaCOZZYgUfAmyPD+e4 dJOmzOaeiBLLEPiA95aowtk1XpcpN0UokXHXntKB1kUKj/Yb73fWqJa0H0Veloizp9Vk e5IQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of kirill.shutemov@linux.intel.com designates 134.134.136.100 as permitted sender) smtp.mailfrom=kirill.shutemov@linux.intel.com; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from mga07.intel.com (mga07.intel.com. [134.134.136.100]) by mx.google.com with ESMTPS id x3-v6si12443279pfj.289.2018.07.24.05.11.42 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 24 Jul 2018 05:11:42 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of kirill.shutemov@linux.intel.com designates 134.134.136.100 as permitted sender) client-ip=134.134.136.100; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of kirill.shutemov@linux.intel.com designates 134.134.136.100 as permitted sender) smtp.mailfrom=kirill.shutemov@linux.intel.com; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga004.jf.intel.com ([10.7.209.38]) by orsmga105.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 24 Jul 2018 05:11:42 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.51,397,1526367600"; d="scan'208";a="218637834" Received: from black.fi.intel.com ([10.237.72.28]) by orsmga004.jf.intel.com with ESMTP; 24 Jul 2018 05:11:39 -0700 Received: by black.fi.intel.com (Postfix, from userid 1000) id E38F122B; Tue, 24 Jul 2018 15:11:47 +0300 (EEST) From: "Kirill A. Shutemov" To: Andrew Morton , Linus Torvalds Cc: Dmitry Vyukov , Oleg Nesterov , Andrea Arcangeli , linux-mm@kvack.org, linux-kernel@vger.kernel.org, "Kirill A. Shutemov" Subject: [PATCHv3 2/3] mm: Use vma_init() to initialize VMAs on stack and data segments Date: Tue, 24 Jul 2018 15:11:38 +0300 Message-Id: <20180724121139.62570-3-kirill.shutemov@linux.intel.com> X-Mailer: git-send-email 2.18.0 In-Reply-To: <20180724121139.62570-1-kirill.shutemov@linux.intel.com> References: <20180724121139.62570-1-kirill.shutemov@linux.intel.com> X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP Make sure to initialize all VMAs properly, not only which comes from vm_area_cachep. Signed-off-by: Kirill A. Shutemov --- arch/arm/kernel/process.c | 1 + arch/arm/mach-rpc/ecard.c | 2 +- arch/arm64/include/asm/tlb.h | 4 +++- arch/arm64/mm/hugetlbpage.c | 7 +++++-- arch/ia64/include/asm/tlb.h | 2 +- arch/ia64/mm/init.c | 2 +- arch/x86/um/mem_32.c | 2 +- fs/hugetlbfs/inode.c | 2 ++ mm/mempolicy.c | 1 + mm/shmem.c | 1 + 10 files changed, 17 insertions(+), 7 deletions(-) diff --git a/arch/arm/kernel/process.c b/arch/arm/kernel/process.c index 225d1c58d2de..d9c299133111 100644 --- a/arch/arm/kernel/process.c +++ b/arch/arm/kernel/process.c @@ -338,6 +338,7 @@ static struct vm_area_struct gate_vma = { static int __init gate_vma_init(void) { + vma_init(&gate_vma, NULL); gate_vma.vm_page_prot = PAGE_READONLY_EXEC; return 0; } diff --git a/arch/arm/mach-rpc/ecard.c b/arch/arm/mach-rpc/ecard.c index 39aef4876ed4..8db62cc54a6a 100644 --- a/arch/arm/mach-rpc/ecard.c +++ b/arch/arm/mach-rpc/ecard.c @@ -237,8 +237,8 @@ static void ecard_init_pgtables(struct mm_struct *mm) memcpy(dst_pgd, src_pgd, sizeof(pgd_t) * (EASI_SIZE / PGDIR_SIZE)); + vma_init(&vma, mm); vma.vm_flags = VM_EXEC; - vma.vm_mm = mm; flush_tlb_range(&vma, IO_START, IO_START + IO_SIZE); flush_tlb_range(&vma, EASI_START, EASI_START + EASI_SIZE); diff --git a/arch/arm64/include/asm/tlb.h b/arch/arm64/include/asm/tlb.h index ffdaea7954bb..d87f2d646caa 100644 --- a/arch/arm64/include/asm/tlb.h +++ b/arch/arm64/include/asm/tlb.h @@ -37,7 +37,9 @@ static inline void __tlb_remove_table(void *_table) static inline void tlb_flush(struct mmu_gather *tlb) { - struct vm_area_struct vma = { .vm_mm = tlb->mm, }; + struct vm_area_struct vma; + + vma_init(&vma, tlb->mm); /* * The ASID allocator will either invalidate the ASID or mark diff --git a/arch/arm64/mm/hugetlbpage.c b/arch/arm64/mm/hugetlbpage.c index ecc6818191df..1854e49aa18a 100644 --- a/arch/arm64/mm/hugetlbpage.c +++ b/arch/arm64/mm/hugetlbpage.c @@ -108,11 +108,13 @@ static pte_t get_clear_flush(struct mm_struct *mm, unsigned long pgsize, unsigned long ncontig) { - struct vm_area_struct vma = { .vm_mm = mm }; + struct vm_area_struct vma; pte_t orig_pte = huge_ptep_get(ptep); bool valid = pte_valid(orig_pte); unsigned long i, saddr = addr; + vma_init(&vma, mm); + for (i = 0; i < ncontig; i++, addr += pgsize, ptep++) { pte_t pte = ptep_get_and_clear(mm, addr, ptep); @@ -145,9 +147,10 @@ static void clear_flush(struct mm_struct *mm, unsigned long pgsize, unsigned long ncontig) { - struct vm_area_struct vma = { .vm_mm = mm }; + struct vm_area_struct vma; unsigned long i, saddr = addr; + vma_init(&vma, mm); for (i = 0; i < ncontig; i++, addr += pgsize, ptep++) pte_clear(mm, addr, ptep); diff --git a/arch/ia64/include/asm/tlb.h b/arch/ia64/include/asm/tlb.h index 44f0ac0df308..db89e7306081 100644 --- a/arch/ia64/include/asm/tlb.h +++ b/arch/ia64/include/asm/tlb.h @@ -120,7 +120,7 @@ ia64_tlb_flush_mmu_tlbonly(struct mmu_gather *tlb, unsigned long start, unsigned */ struct vm_area_struct vma; - vma.vm_mm = tlb->mm; + vma_init(&vma, tlb->mm); /* flush the address range from the tlb: */ flush_tlb_range(&vma, start, end); /* now flush the virt. page-table area mapping the address range: */ diff --git a/arch/ia64/mm/init.c b/arch/ia64/mm/init.c index bdb14a369137..e6c6dfd98de2 100644 --- a/arch/ia64/mm/init.c +++ b/arch/ia64/mm/init.c @@ -273,7 +273,7 @@ static struct vm_area_struct gate_vma; static int __init gate_vma_init(void) { - gate_vma.vm_mm = NULL; + vma_init(&gate_vma, NULL); gate_vma.vm_start = FIXADDR_USER_START; gate_vma.vm_end = FIXADDR_USER_END; gate_vma.vm_flags = VM_READ | VM_MAYREAD | VM_EXEC | VM_MAYEXEC; diff --git a/arch/x86/um/mem_32.c b/arch/x86/um/mem_32.c index 744afdc18cf3..56c44d865f7b 100644 --- a/arch/x86/um/mem_32.c +++ b/arch/x86/um/mem_32.c @@ -16,7 +16,7 @@ static int __init gate_vma_init(void) if (!FIXADDR_USER_START) return 0; - gate_vma.vm_mm = NULL; + vma_init(&gate_vma, NULL); gate_vma.vm_start = FIXADDR_USER_START; gate_vma.vm_end = FIXADDR_USER_END; gate_vma.vm_flags = VM_READ | VM_MAYREAD | VM_EXEC | VM_MAYEXEC; diff --git a/fs/hugetlbfs/inode.c b/fs/hugetlbfs/inode.c index d508c7844681..40d4c66c7751 100644 --- a/fs/hugetlbfs/inode.c +++ b/fs/hugetlbfs/inode.c @@ -411,6 +411,7 @@ static void remove_inode_hugepages(struct inode *inode, loff_t lstart, bool truncate_op = (lend == LLONG_MAX); memset(&pseudo_vma, 0, sizeof(struct vm_area_struct)); + vma_init(&pseudo_vma, current->mm); pseudo_vma.vm_flags = (VM_HUGETLB | VM_MAYSHARE | VM_SHARED); pagevec_init(&pvec); next = start; @@ -595,6 +596,7 @@ static long hugetlbfs_fallocate(struct file *file, int mode, loff_t offset, * as input to create an allocation policy. */ memset(&pseudo_vma, 0, sizeof(struct vm_area_struct)); + vma_init(&pseudo_vma, mm); pseudo_vma.vm_flags = (VM_HUGETLB | VM_MAYSHARE | VM_SHARED); pseudo_vma.vm_file = file; diff --git a/mm/mempolicy.c b/mm/mempolicy.c index 9ac49ef17b4e..01f1a14facc4 100644 --- a/mm/mempolicy.c +++ b/mm/mempolicy.c @@ -2505,6 +2505,7 @@ void mpol_shared_policy_init(struct shared_policy *sp, struct mempolicy *mpol) /* Create pseudo-vma that contains just the policy */ memset(&pvma, 0, sizeof(struct vm_area_struct)); + vma_init(&pvma, NULL); pvma.vm_end = TASK_SIZE; /* policy covers entire file */ mpol_set_shared_policy(sp, &pvma, new); /* adds ref */ diff --git a/mm/shmem.c b/mm/shmem.c index 2cab84403055..41b9bbf24e16 100644 --- a/mm/shmem.c +++ b/mm/shmem.c @@ -1421,6 +1421,7 @@ static void shmem_pseudo_vma_init(struct vm_area_struct *vma, { /* Create a pseudo vma that just contains the policy */ memset(vma, 0, sizeof(*vma)); + vma_init(vma, NULL); /* Bias interleave by inode number to distribute better across nodes */ vma->vm_pgoff = index + info->vfs_inode.i_ino; vma->vm_policy = mpol_shared_policy_lookup(&info->policy, index); From patchwork Tue Jul 24 12:11:39 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Kirill A . Shutemov" X-Patchwork-Id: 10542001 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 06C501822 for ; Tue, 24 Jul 2018 12:12:05 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id E9EEB2886F for ; Tue, 24 Jul 2018 12:12:04 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id DE06028872; Tue, 24 Jul 2018 12:12:04 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,MAILING_LIST_MULTI, RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 30BD52886F for ; Tue, 24 Jul 2018 12:12:03 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id DC15F6B0275; Tue, 24 Jul 2018 08:12:02 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id D98066B0277; Tue, 24 Jul 2018 08:12:02 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id CAE036B027B; Tue, 24 Jul 2018 08:12:02 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-pg1-f200.google.com (mail-pg1-f200.google.com [209.85.215.200]) by kanga.kvack.org (Postfix) with ESMTP id 8C6B46B0275 for ; Tue, 24 Jul 2018 08:12:02 -0400 (EDT) Received: by mail-pg1-f200.google.com with SMTP id r20-v6so1828309pgv.20 for ; Tue, 24 Jul 2018 05:12:02 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-original-authentication-results:x-gm-message-state:from:to:cc :subject:date:message-id:in-reply-to:references; bh=lEHLhN5ntxxbD2sQmKw4DmvfKtoS6GHsHDuBaqFIk34=; b=NtOaYp8wecYxov9m8Rbj8ng2fonVMLEbrXnVnIsOhqdOrp54QFwllp+P3oQkOGESIX 4Mhg1GVgb+RsLmMGpSA61gU96iMKlPdkmcltDvJctI84JgGlYy9xfd+1gwqVo/t35NuX zcZYp516ZLDD3Y3t4WqfzXVzSJHJY7rPaKz1+ob1zc8jjJM3fXu1LQYv3FlPwgd6oAm/ moawTevxU+/MRKHuFWSyHpezYctK6k4b0r9RRSUEPweAi7I9fW26w0v+3lUYI0cbSRJr gevrph1LFhZomsQ+3fTyBiVyjL0JIPAa4EDvkb9W54RfIhRw3/VvNF891DhMSCxXrka/ D0Ww== X-Original-Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of kirill.shutemov@linux.intel.com designates 192.55.52.120 as permitted sender) smtp.mailfrom=kirill.shutemov@linux.intel.com; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com X-Gm-Message-State: AOUpUlEshooitFQLzkuo0pnf7zPk8dHA2+ECQm7xf0fr0jk1SFBygnai Gm6EM36ZG7rBYLFUa6M95QgDXCprizbQqAFsYKpF1BStICQPELXMvbcWJdBsWzx2F0C5WEP2WIS EIr9jY0o1ZOs0FO0q/oB1zKV4mpfbI5R5DSJuEjqemQ/QQPq/Jl1o1nV8ZKuXlOkxTA== X-Received: by 2002:a63:1513:: with SMTP id v19-v6mr16518974pgl.358.1532434322249; Tue, 24 Jul 2018 05:12:02 -0700 (PDT) X-Google-Smtp-Source: AAOMgpcqHStoAlipLCR5dDsE2ASSqZ155AtNt7Ox8Da8+GBOiRgkvo92ujnGqA+kYNBP1UMqFBfW X-Received: by 2002:a63:1513:: with SMTP id v19-v6mr16518926pgl.358.1532434321347; Tue, 24 Jul 2018 05:12:01 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1532434321; cv=none; d=google.com; s=arc-20160816; b=uZZEgm49Hm1B//g9SJuzFBB849SLFri8Da7FpOmkBoMc+8vxo7ryjUHjNXZNBslimb rOdDomru7w5DKorXImkKXR271/xNYSD2Se7/oRnR69ueeS5nEJs1AytSLdp+fJW/8ZaF Ij41kWhqiK+5ovEMctkcMBsTIJxKjJxy9WnQD11BRhwZFYqBxJdH5MIePK3/VtqK8vMr F0H8d58Xnzwl/0bzG7aLp5+swf0l7sTcK68BA2YrSxXq0+sBe/jHPnm3urh29w1VefM5 q17G0G4P1E+zllI2w+G4u+S0BQD3y9BKt2KdGOdS611tA8GjF/83r5TzB4vTRjuW5IDy EG4A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=references:in-reply-to:message-id:date:subject:cc:to:from :arc-authentication-results; bh=lEHLhN5ntxxbD2sQmKw4DmvfKtoS6GHsHDuBaqFIk34=; b=dojMC5Ksp00EcutIGjEoOTtKo3/ACYsCCnvkKJngiWUDfBYyqZQO7XAwAOraSRla26 KL0GBZb5m7BGHHgG7EFEFiHmW3vUY35CLaZ/Bm2f9eoWdxDDQopBCNTwYYeJ9fw/5mHr mb6HoR+u4D+4vWafzSYIxaB1eXSv4/6T3JDfm3PORL9CY6m/7uG1Ve1ph7VMvGkB0bls B6LGKUvGdAtmv4rfPo/jtTFsuHE+9pXNfuGu5HVUNJyT7s8mdTRwix+/77j12GufoK7m /e5ZQpOJN99BGRv5Lsbp2dKTCe3s47bJTwSeiAGaCXRURDZPYPcJZzo+4pqoDxQD85OS 0gBg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of kirill.shutemov@linux.intel.com designates 192.55.52.120 as permitted sender) smtp.mailfrom=kirill.shutemov@linux.intel.com; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from mga04.intel.com (mga04.intel.com. [192.55.52.120]) by mx.google.com with ESMTPS id z17-v6si10868083pgk.183.2018.07.24.05.12.01 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 24 Jul 2018 05:12:01 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of kirill.shutemov@linux.intel.com designates 192.55.52.120 as permitted sender) client-ip=192.55.52.120; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of kirill.shutemov@linux.intel.com designates 192.55.52.120 as permitted sender) smtp.mailfrom=kirill.shutemov@linux.intel.com; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga005.fm.intel.com ([10.253.24.32]) by fmsmga104.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 24 Jul 2018 05:12:00 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.51,397,1526367600"; d="scan'208";a="247898779" Received: from black.fi.intel.com ([10.237.72.28]) by fmsmga005.fm.intel.com with ESMTP; 24 Jul 2018 05:11:39 -0700 Received: by black.fi.intel.com (Postfix, from userid 1000) id EF941235; Tue, 24 Jul 2018 15:11:47 +0300 (EEST) From: "Kirill A. Shutemov" To: Andrew Morton , Linus Torvalds Cc: Dmitry Vyukov , Oleg Nesterov , Andrea Arcangeli , linux-mm@kvack.org, linux-kernel@vger.kernel.org, "Kirill A. Shutemov" , stable@vger.kernel.org Subject: [PATCHv3 3/3] mm: Fix vma_is_anonymous() false-positives Date: Tue, 24 Jul 2018 15:11:39 +0300 Message-Id: <20180724121139.62570-4-kirill.shutemov@linux.intel.com> X-Mailer: git-send-email 2.18.0 In-Reply-To: <20180724121139.62570-1-kirill.shutemov@linux.intel.com> References: <20180724121139.62570-1-kirill.shutemov@linux.intel.com> X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP vma_is_anonymous() relies on ->vm_ops being NULL to detect anonymous VMA. This is unreliable as ->mmap may not set ->vm_ops. False-positive vma_is_anonymous() may lead to crashes: next ffff8801ce5e7040 prev ffff8801d20eca50 mm ffff88019c1e13c0 prot 27 anon_vma ffff88019680cdd8 vm_ops 0000000000000000 pgoff 0 file ffff8801b2ec2d00 private_data 0000000000000000 flags: 0xff(read|write|exec|shared|mayread|maywrite|mayexec|mayshare) ------------[ cut here ]------------ kernel BUG at mm/memory.c:1422! invalid opcode: 0000 [#1] SMP KASAN CPU: 0 PID: 18486 Comm: syz-executor3 Not tainted 4.18.0-rc3+ #136 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 RIP: 0010:zap_pmd_range mm/memory.c:1421 [inline] RIP: 0010:zap_pud_range mm/memory.c:1466 [inline] RIP: 0010:zap_p4d_range mm/memory.c:1487 [inline] RIP: 0010:unmap_page_range+0x1c18/0x2220 mm/memory.c:1508 Code: ff 31 ff 4c 89 e6 42 c6 04 33 f8 e8 92 dd d0 ff 4d 85 e4 0f 85 4a eb ff ff e8 54 dc d0 ff 48 8b bd 10 fc ff ff e8 82 95 fe ff <0f> 0b e8 41 dc d0 ff 0f 0b 4c 89 ad 18 fc ff ff c7 85 7c fb ff ff RSP: 0018:ffff8801b0587330 EFLAGS: 00010286 RAX: 000000000000013c RBX: 1ffff100360b0e9c RCX: ffffc90002620000 RDX: 0000000000000000 RSI: ffffffff81631851 RDI: 0000000000000001 RBP: ffff8801b05877c8 R08: ffff880199d40300 R09: ffffed003b5c4fc0 R10: ffffed003b5c4fc0 R11: ffff8801dae27e07 R12: 0000000000000000 R13: ffff88019c1e13c0 R14: dffffc0000000000 R15: 0000000020e01000 FS: 00007fca32251700(0000) GS:ffff8801dae00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007f04c540d000 CR3: 00000001ac1f0000 CR4: 00000000001426f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: unmap_single_vma+0x1a0/0x310 mm/memory.c:1553 zap_page_range_single+0x3cc/0x580 mm/memory.c:1644 unmap_mapping_range_vma mm/memory.c:2792 [inline] unmap_mapping_range_tree mm/memory.c:2813 [inline] unmap_mapping_pages+0x3a7/0x5b0 mm/memory.c:2845 unmap_mapping_range+0x48/0x60 mm/memory.c:2880 truncate_pagecache+0x54/0x90 mm/truncate.c:800 truncate_setsize+0x70/0xb0 mm/truncate.c:826 simple_setattr+0xe9/0x110 fs/libfs.c:409 notify_change+0xf13/0x10f0 fs/attr.c:335 do_truncate+0x1ac/0x2b0 fs/open.c:63 do_sys_ftruncate+0x492/0x560 fs/open.c:205 __do_sys_ftruncate fs/open.c:215 [inline] __se_sys_ftruncate fs/open.c:213 [inline] __x64_sys_ftruncate+0x59/0x80 fs/open.c:213 do_syscall_64+0x1b9/0x820 arch/x86/entry/common.c:290 entry_SYSCALL_64_after_hwframe+0x49/0xbe Reproducer: #include #include #include #include #include #include #include #include #include #include #include #define KCOV_INIT_TRACE _IOR('c', 1, unsigned long) #define KCOV_ENABLE _IO('c', 100) #define KCOV_DISABLE _IO('c', 101) #define COVER_SIZE (1024<<10) #define KCOV_TRACE_PC 0 #define KCOV_TRACE_CMP 1 int main(int argc, char **argv) { int fd; unsigned long *cover; system("mount -t debugfs none /sys/kernel/debug"); fd = open("/sys/kernel/debug/kcov", O_RDWR); ioctl(fd, KCOV_INIT_TRACE, COVER_SIZE); cover = mmap(NULL, COVER_SIZE * sizeof(unsigned long), PROT_READ | PROT_WRITE, MAP_SHARED, fd, 0); munmap(cover, COVER_SIZE * sizeof(unsigned long)); cover = mmap(NULL, COVER_SIZE * sizeof(unsigned long), PROT_READ | PROT_WRITE, MAP_PRIVATE, fd, 0); memset(cover, 0, COVER_SIZE * sizeof(unsigned long)); ftruncate(fd, 3UL << 20); return 0; } This can be fixed by assigning anonymous VMAs own vm_ops and not relying on it being NULL. If ->mmap() failed to set ->vm_ops, mmap_region() will set it to dummy_vm_ops. This way we will have non-NULL ->vm_ops for all VMAs. Signed-off-by: Kirill A. Shutemov Reported-by: syzbot+3f84280d52be9b7083cc@syzkaller.appspotmail.com Cc: stable@vger.kernel.org Cc: Dmitry Vyukov Cc: Oleg Nesterov Cc: Andrea Arcangeli --- drivers/char/mem.c | 1 + fs/exec.c | 1 + include/linux/mm.h | 8 ++++++++ mm/mmap.c | 3 +++ mm/nommu.c | 2 ++ 5 files changed, 15 insertions(+) diff --git a/drivers/char/mem.c b/drivers/char/mem.c index ffeb60d3434c..df66a9dd0aae 100644 --- a/drivers/char/mem.c +++ b/drivers/char/mem.c @@ -708,6 +708,7 @@ static int mmap_zero(struct file *file, struct vm_area_struct *vma) #endif if (vma->vm_flags & VM_SHARED) return shmem_zero_setup(vma); + vma_set_anonymous(vma); return 0; } diff --git a/fs/exec.c b/fs/exec.c index 72e961a62adb..bdd0eacefdf5 100644 --- a/fs/exec.c +++ b/fs/exec.c @@ -293,6 +293,7 @@ static int __bprm_mm_init(struct linux_binprm *bprm) bprm->vma = vma = vm_area_alloc(mm); if (!vma) return -ENOMEM; + vma_set_anonymous(vma); if (down_write_killable(&mm->mmap_sem)) { err = -EINTR; diff --git a/include/linux/mm.h b/include/linux/mm.h index 31540f166987..7ba6d356d18f 100644 --- a/include/linux/mm.h +++ b/include/linux/mm.h @@ -454,10 +454,18 @@ struct vm_operations_struct { static inline void vma_init(struct vm_area_struct *vma, struct mm_struct *mm) { + static const struct vm_operations_struct dummy_vm_ops = {}; + vma->vm_mm = mm; + vma->vm_ops = &dummy_vm_ops; INIT_LIST_HEAD(&vma->anon_vma_chain); } +static inline void vma_set_anonymous(struct vm_area_struct *vma) +{ + vma->vm_ops = NULL; +} + struct mmu_gather; struct inode; diff --git a/mm/mmap.c b/mm/mmap.c index ff1944d8d458..17bbf4d3e24f 100644 --- a/mm/mmap.c +++ b/mm/mmap.c @@ -1778,6 +1778,8 @@ unsigned long mmap_region(struct file *file, unsigned long addr, error = shmem_zero_setup(vma); if (error) goto free_vma; + } else { + vma_set_anonymous(vma); } vma_link(mm, vma, prev, rb_link, rb_parent); @@ -2983,6 +2985,7 @@ static int do_brk_flags(unsigned long addr, unsigned long len, unsigned long fla return -ENOMEM; } + vma_set_anonymous(vma); vma->vm_start = addr; vma->vm_end = addr + len; vma->vm_pgoff = pgoff; diff --git a/mm/nommu.c b/mm/nommu.c index 1d22fdbf7d7c..9fc9e43335b6 100644 --- a/mm/nommu.c +++ b/mm/nommu.c @@ -1145,6 +1145,8 @@ static int do_mmap_private(struct vm_area_struct *vma, if (ret < len) memset(base + ret, 0, len - ret); + } else { + vma_set_anonymous(vma); } return 0;