From: Eric B Munson <emunson@akamai.com>
To: Michal Hocko <miso@dhcp22.suse.cz>
Cc: Michael Kerrisk <mtk.manpages@gmail.com>,
Andrew Morton <akpm@linux-foundation.org>,
Linus Torvalds <torvalds@linux-foundation.org>,
David Rientjes <rientjes@google.com>,
LKML <linux-kernel@vger.kernel.org>,
Linux API <linux-api@vger.kernel.org>,
linux-mm@kvack.org, Michal Hocko <mhocko@suse.cz>
Subject: Re: [PATCH 1/2] mmap.2: clarify MAP_LOCKED semantic
Date: Wed, 13 May 2015 10:48:30 -0400 [thread overview]
Message-ID: <20150513144830.GF1227@akamai.com> (raw)
In-Reply-To: <20150513144506.GD1227@akamai.com>
[-- Attachment #1: Type: text/plain, Size: 1729 bytes --]
On Wed, 13 May 2015, Eric B Munson wrote:
> On Wed, 13 May 2015, Michal Hocko wrote:
>
> > From: Michal Hocko <mhocko@suse.cz>
> >
> > MAP_LOCKED had a subtly different semantic from mmap(2)+mlock(2) since
> > it has been introduced.
> > mlock(2) fails if the memory range cannot get populated to guarantee
> > that no future major faults will happen on the range. mmap(MAP_LOCKED) on
> > the other hand silently succeeds even if the range was populated only
> > partially.
> >
> > Fixing this subtle difference in the kernel is rather awkward because
> > the memory population happens after mm locks have been dropped and so
> > the cleanup before returning failure (munlock) could operate on something
> > else than the originally mapped area.
> >
> > E.g. speculative userspace page fault handler catching SEGV and doing
> > mmap(fault_addr, MAP_FIXED|MAP_LOCKED) might discard portion of a racing
> > mmap and lead to lost data. Although it is not clear whether such a
> > usage would be valid, mmap page doesn't explicitly describe requirements
> > for threaded applications so we cannot exclude this possibility.
> >
> > This patch makes the semantic of MAP_LOCKED explicit and suggest using
> > mmap + mlock as the only way to guarantee no later major page faults.
> >
> > Signed-off-by: Michal Hocko <mhocko@suse.cz>
>
> Does the problem still happend when MAP_POPULATE | MAP_LOCKED is used
> (AFAICT MAP_POPULATE will cause the mmap to fail if all the pages cannot
> be made present).
>
> Either way this is a good catch.
>
> Acked-by: Eric B Munson <emunson@akamai.com>
>
Sorry for the noise, this should have been a
Reviewed-by: Eric B Munson <emunson@akamai.com>
[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 819 bytes --]
WARNING: multiple messages have this Message-ID (diff)
From: Eric B Munson <emunson-JqFfY2XvxFXQT0dZR+AlfA@public.gmane.org>
To: Michal Hocko <miso-2MMpYkNvuYDjFM9bn6wA6Q@public.gmane.org>
Cc: Michael Kerrisk
<mtk.manpages-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>,
Andrew Morton
<akpm-de/tnXTf+JLsfHDXvbKv3WD2FQJk+8+b@public.gmane.org>,
Linus Torvalds
<torvalds-de/tnXTf+JLsfHDXvbKv3WD2FQJk+8+b@public.gmane.org>,
David Rientjes <rientjes-hpIqsD4AKlfQT0dZR+AlfA@public.gmane.org>,
LKML <linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org>,
Linux API <linux-api-u79uwXL29TY76Z2rM5mHXA@public.gmane.org>,
linux-mm-Bw31MaZKKs3YtjvyW6yDsg@public.gmane.org,
Michal Hocko <mhocko-AlSwsSmVLrQ@public.gmane.org>
Subject: Re: [PATCH 1/2] mmap.2: clarify MAP_LOCKED semantic
Date: Wed, 13 May 2015 10:48:30 -0400 [thread overview]
Message-ID: <20150513144830.GF1227@akamai.com> (raw)
In-Reply-To: <20150513144506.GD1227-JqFfY2XvxFXQT0dZR+AlfA@public.gmane.org>
[-- Attachment #1: Type: text/plain, Size: 1829 bytes --]
On Wed, 13 May 2015, Eric B Munson wrote:
> On Wed, 13 May 2015, Michal Hocko wrote:
>
> > From: Michal Hocko <mhocko-AlSwsSmVLrQ@public.gmane.org>
> >
> > MAP_LOCKED had a subtly different semantic from mmap(2)+mlock(2) since
> > it has been introduced.
> > mlock(2) fails if the memory range cannot get populated to guarantee
> > that no future major faults will happen on the range. mmap(MAP_LOCKED) on
> > the other hand silently succeeds even if the range was populated only
> > partially.
> >
> > Fixing this subtle difference in the kernel is rather awkward because
> > the memory population happens after mm locks have been dropped and so
> > the cleanup before returning failure (munlock) could operate on something
> > else than the originally mapped area.
> >
> > E.g. speculative userspace page fault handler catching SEGV and doing
> > mmap(fault_addr, MAP_FIXED|MAP_LOCKED) might discard portion of a racing
> > mmap and lead to lost data. Although it is not clear whether such a
> > usage would be valid, mmap page doesn't explicitly describe requirements
> > for threaded applications so we cannot exclude this possibility.
> >
> > This patch makes the semantic of MAP_LOCKED explicit and suggest using
> > mmap + mlock as the only way to guarantee no later major page faults.
> >
> > Signed-off-by: Michal Hocko <mhocko-AlSwsSmVLrQ@public.gmane.org>
>
> Does the problem still happend when MAP_POPULATE | MAP_LOCKED is used
> (AFAICT MAP_POPULATE will cause the mmap to fail if all the pages cannot
> be made present).
>
> Either way this is a good catch.
>
> Acked-by: Eric B Munson <emunson-JqFfY2XvxFXQT0dZR+AlfA@public.gmane.org>
>
Sorry for the noise, this should have been a
Reviewed-by: Eric B Munson <emunson-JqFfY2XvxFXQT0dZR+AlfA@public.gmane.org>
[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 819 bytes --]
next prev parent reply other threads:[~2015-05-13 14:48 UTC|newest]
Thread overview: 32+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-05-13 14:38 [PATCH 0/2] man-pages: clarify MAP_LOCKED semantic Michal Hocko
2015-05-13 14:38 ` Michal Hocko
2015-05-13 14:38 ` [PATCH 1/2] mmap.2: " Michal Hocko
2015-05-13 14:38 ` Michal Hocko
2015-05-13 14:38 ` Michal Hocko
2015-05-13 14:45 ` Eric B Munson
2015-05-13 14:48 ` Eric B Munson [this message]
2015-05-13 14:48 ` Eric B Munson
2015-05-14 8:01 ` Michal Hocko
2015-05-14 8:01 ` Michal Hocko
2015-05-14 8:01 ` Michal Hocko
2015-05-14 13:36 ` Michael Kerrisk (man-pages)
2015-05-14 13:36 ` Michael Kerrisk (man-pages)
2016-05-11 11:07 ` Peter Zijlstra
2016-05-11 11:07 ` Peter Zijlstra
2016-05-11 11:07 ` Peter Zijlstra
2016-05-11 11:18 ` Peter Zijlstra
2016-05-11 11:18 ` Peter Zijlstra
2016-05-11 11:32 ` Michal Hocko
2016-05-11 11:32 ` Michal Hocko
2016-05-11 11:32 ` Michal Hocko
2015-05-13 14:38 ` [PATCH 2/2] mmap2: clarify MAP_POPULATE Michal Hocko
2015-05-13 14:38 ` Michal Hocko
2015-05-13 14:47 ` Eric B Munson
2015-05-13 14:47 ` Eric B Munson
2015-05-14 13:36 ` Michael Kerrisk (man-pages)
2015-05-14 13:36 ` Michael Kerrisk (man-pages)
2015-05-15 0:13 ` David Rientjes
2015-05-15 0:13 ` David Rientjes
2015-05-18 9:12 ` [PATCH 0/2] man-pages: clarify MAP_LOCKED semantic Michal Hocko
2015-05-18 9:12 ` Michal Hocko
2015-05-18 9:12 ` Michal Hocko
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20150513144830.GF1227@akamai.com \
--to=emunson@akamai.com \
--cc=akpm@linux-foundation.org \
--cc=linux-api@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=mhocko@suse.cz \
--cc=miso@dhcp22.suse.cz \
--cc=mtk.manpages@gmail.com \
--cc=rientjes@google.com \
--cc=torvalds@linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.