From: David Hildenbrand <david@redhat.com>
To: Peter Xu <peterx@redhat.com>
Cc: linux-kernel@vger.kernel.org, linux-mm@kvack.org,
Andrew Morton <akpm@linux-foundation.org>,
Mike Rapoport <rppt@linux.vnet.ibm.com>,
Andrea Arcangeli <aarcange@redhat.com>,
Jerome Glisse <jglisse@redhat.com>, Shaohua Li <shli@fb.com>
Subject: Re: [PATCH v1] mm/userfaultfd: propagate uffd-wp bit when PTE-mapping the huge zeropage
Date: Fri, 3 Mar 2023 10:12:26 +0100 [thread overview]
Message-ID: <95b0a3dd-b6f9-0305-759c-b715359b0cab@redhat.com> (raw)
In-Reply-To: <ZAEjXqNH+U8p9fOG@x1n>
On 02.03.23 23:29, Peter Xu wrote:
> On Thu, Mar 02, 2023 at 06:54:23PM +0100, David Hildenbrand wrote:
>> Currently, we'd lose the userfaultfd-wp marker when PTE-mapping a huge
>> zeropage, resulting in the next write faults in the PMD range
>> not triggering uffd-wp events.
>>
>> Various actions (partial MADV_DONTNEED, partial mremap, partial munmap,
>> partial mprotect) could trigger this. However, most importantly,
>> un-protecting a single sub-page from the userfaultfd-wp handler when
>> processing a uffd-wp event will PTE-map the shared huge zeropage and
>> lose the uffd-wp bit for the remainder of the PMD.
>>
>> Let's properly propagate the uffd-wp bit to the PMDs.
>
> Ouch.. I thought this was reported once, probably it fell through the
> cracks.
Yes, I reported it a while ago, but our understanding back then was that
primarily MADV_DONTNEED would trigger it (which my reproducer back then
did), and e.g., QEMU would make sure to not have concurrent
MADV_DONTNEED while doing background snapshots.
I realized only yesterday when retesting my patch that that a simple
unprotect is already sufficient to mess it up.
>
> Acked-by: Peter Xu <peterx@redhat.com>
Thanks!
--
Thanks,
David / dhildenb
next prev parent reply other threads:[~2023-03-03 9:13 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-03-02 17:54 [PATCH v1] mm/userfaultfd: propagate uffd-wp bit when PTE-mapping the huge zeropage David Hildenbrand
2023-03-02 22:29 ` Peter Xu
2023-03-03 9:12 ` David Hildenbrand [this message]
2023-03-03 14:32 ` Peter Xu
2023-03-03 1:57 ` Andrew Morton
2023-03-03 9:12 ` David Hildenbrand
2023-03-03 1:11 kernel test robot
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=95b0a3dd-b6f9-0305-759c-b715359b0cab@redhat.com \
--to=david@redhat.com \
--cc=aarcange@redhat.com \
--cc=akpm@linux-foundation.org \
--cc=jglisse@redhat.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=peterx@redhat.com \
--cc=rppt@linux.vnet.ibm.com \
--cc=shli@fb.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.